@spfn/core 0.2.0-beta.12 → 0.2.0-beta.14

package/dist/server/index.js

@@ -1,13 +1,14 @@
 import { env } from '@spfn/core/config';
-import { config } from 'dotenv';
-import { existsSync } from 'fs';
+import { existsSync, readFileSync } from 'fs';
 import { resolve, join } from 'path';
+import { parse } from 'dotenv';
+import { logger } from '@spfn/core/logger';
 import { Hono } from 'hono';
 import { cors } from 'hono/cors';
 import { registerRoutes } from '@spfn/core/route';
 import { ErrorHandler, RequestLogger } from '@spfn/core/middleware';
 import { streamSSE } from 'hono/streaming';
-import { logger } from '@spfn/core/logger';
+import { randomBytes } from 'crypto';
 import { initDatabase, getDatabase, closeDatabase } from '@spfn/core/db';
 import { initCache, getCache, closeCache } from '@spfn/core/cache';
 import { serve } from '@hono/node-server';
@@ -314,36 +315,96 @@ var init_formatters = __esm({
     };
   }
 });
-function loadEnvFiles() {
-  const cwd = process.cwd();
-  const nodeEnv = process.env.NODE_ENV || "development";
-  const envFiles = [
-    ".env.server.local",
-    ".env.server",
-    `.env.${nodeEnv}.local`,
-    nodeEnv !== "test" ? ".env.local" : null,
-    `.env.${nodeEnv}`,
-    ".env"
-  ].filter((file) => file !== null);
-  for (const file of envFiles) {
-    const filePath = resolve(cwd, file);
-    if (existsSync(filePath)) {
-      config({ path: filePath });
+var envLogger = logger.child("@spfn/core:env-loader");
+function getEnvFiles(nodeEnv, server) {
+  const files = [
+    ".env",
+    `.env.${nodeEnv}`
+  ];
+  if (nodeEnv !== "test") {
+    files.push(".env.local");
+  }
+  files.push(`.env.${nodeEnv}.local`);
+  if (server) {
+    files.push(".env.server");
+    files.push(".env.server.local");
+  }
+  return files;
+}
+function parseEnvFile(filePath) {
+  if (!existsSync(filePath)) {
+    return null;
+  }
+  return parse(readFileSync(filePath, "utf-8"));
+}
+function loadEnv(options = {}) {
+  const {
+    cwd = process.cwd(),
+    nodeEnv = process.env.NODE_ENV || "local",
+    server = true,
+    debug = false,
+    override = false
+  } = options;
+  const envFiles = getEnvFiles(nodeEnv, server);
+  const loadedFiles = [];
+  const existingKeys = new Set(Object.keys(process.env));
+  const merged = {};
+  for (const fileName of envFiles) {
+    const filePath = resolve(cwd, fileName);
+    const parsed = parseEnvFile(filePath);
+    if (parsed === null) {
+      continue;
+    }
+    loadedFiles.push(fileName);
+    Object.assign(merged, parsed);
+  }
+  const loadedKeys = [];
+  for (const [key, value] of Object.entries(merged)) {
+    if (!override && existingKeys.has(key)) {
+      continue;
     }
+    process.env[key] = value;
+    loadedKeys.push(key);
+  }
+  if (debug && loadedFiles.length > 0) {
+    envLogger.debug(`Loaded env files: ${loadedFiles.join(", ")}`);
+    envLogger.debug(`Loaded ${loadedKeys.length} environment variables`);
+  }
+  return { loadedFiles, loadedKeys };
+}
+
+// src/server/dotenv-loader.ts
+var warned = false;
+function loadEnvFiles() {
+  if (!warned) {
+    warned = true;
+    console.warn(
+      '[SPFN] loadEnvFiles() is deprecated. Use loadEnv() from "@spfn/core/env/loader" instead.'
+    );
   }
+  loadEnv();
 }
 var sseLogger = logger.child("@spfn/core:sse");
-function createSSEHandler(router, config2 = {}) {
+function createSSEHandler(router, config = {}, tokenManager) {
   const {
-    pingInterval = 3e4
-    // headers: customHeaders = {},  // Reserved for future use
-  } = config2;
+    pingInterval = 3e4,
+    auth: authConfig
+  } = config;
   return async (c) => {
-    const eventsParam = c.req.query("events");
-    if (!eventsParam) {
+    const subject = await authenticateToken(c, tokenManager);
+    if (subject === false) {
+      return c.json({ error: "Missing token parameter" }, 401);
+    }
+    if (subject === null) {
+      return c.json({ error: "Invalid or expired token" }, 401);
+    }
+    if (subject) {
+      c.set("sseSubject", subject);
+    }
+    const requestedEvents = parseRequestedEvents(c);
+    if (!requestedEvents) {
       return c.json({ error: "Missing events parameter" }, 400);
     }
-    const requestedEvents = eventsParam.split(",").map((e) => e.trim());
     const validEventNames = router.eventNames;
     const invalidEvents = requestedEvents.filter((e) => !validEventNames.includes(e));
     if (invalidEvents.length > 0) {
@@ -353,19 +414,29 @@ function createSSEHandler(router, config2 = {}) {
         validEvents: validEventNames
       }, 400);
     }
+    const allowedEvents = await authorizeEvents(subject, requestedEvents, authConfig);
+    if (allowedEvents === null) {
+      return c.json({ error: "Not authorized for any requested events" }, 403);
+    }
     sseLogger.debug("SSE connection requested", {
-      events: requestedEvents,
+      events: allowedEvents,
+      subject: subject || void 0,
       clientIp: c.req.header("x-forwarded-for") || c.req.header("x-real-ip")
     });
     return streamSSE(c, async (stream) => {
       const unsubscribes = [];
       let messageId = 0;
-      for (const eventName of requestedEvents) {
+      for (const eventName of allowedEvents) {
         const eventDef = router.events[eventName];
         if (!eventDef) {
           continue;
         }
         const unsubscribe = eventDef.subscribe((payload) => {
+          if (subject && authConfig?.filter?.[eventName]) {
+            if (!authConfig.filter[eventName](subject, payload)) {
+              return;
+            }
+          }
           messageId++;
           const message = {
             event: eventName,
@@ -384,13 +455,13 @@ function createSSEHandler(router, config2 = {}) {
         unsubscribes.push(unsubscribe);
       }
       sseLogger.info("SSE connection established", {
-        events: requestedEvents,
+        events: allowedEvents,
         subscriptionCount: unsubscribes.length
       });
       await stream.writeSSE({
         event: "connected",
         data: JSON.stringify({
-          subscribedEvents: requestedEvents,
+          subscribedEvents: allowedEvents,
           timestamp: Date.now()
         })
       });
@@ -407,7 +478,7 @@ function createSSEHandler(router, config2 = {}) {
       clearInterval(pingTimer);
       unsubscribes.forEach((fn) => fn());
       sseLogger.info("SSE connection closed", {
-        events: requestedEvents
+        events: allowedEvents
       });
     }, async (err) => {
       sseLogger.error("SSE stream error", {
@@ -416,6 +487,99 @@ function createSSEHandler(router, config2 = {}) {
     });
   };
 }
+async function authenticateToken(c, tokenManager) {
+  if (!tokenManager) {
+    return void 0;
+  }
+  const token = c.req.query("token");
+  if (!token) {
+    return false;
+  }
+  return await tokenManager.verify(token);
+}
+function parseRequestedEvents(c) {
+  const eventsParam = c.req.query("events");
+  if (!eventsParam) {
+    return null;
+  }
+  return eventsParam.split(",").map((e) => e.trim());
+}
+async function authorizeEvents(subject, requestedEvents, authConfig) {
+  if (!subject || !authConfig?.authorize) {
+    return requestedEvents;
+  }
+  const allowed = await authConfig.authorize(subject, requestedEvents);
+  if (allowed.length === 0) {
+    return null;
+  }
+  return allowed;
+}
+var InMemoryTokenStore = class {
+  tokens = /* @__PURE__ */ new Map();
+  async set(token, data) {
+    this.tokens.set(token, data);
+  }
+  async consume(token) {
+    const data = this.tokens.get(token);
+    if (!data) {
+      return null;
+    }
+    this.tokens.delete(token);
+    return data;
+  }
+  async cleanup() {
+    const now = Date.now();
+    for (const [token, data] of this.tokens) {
+      if (data.expiresAt <= now) {
+        this.tokens.delete(token);
+      }
+    }
+  }
+};
+var SSETokenManager = class {
+  store;
+  ttl;
+  cleanupTimer = null;
+  constructor(config) {
+    this.ttl = config?.ttl ?? 3e4;
+    this.store = config?.store ?? new InMemoryTokenStore();
+    const cleanupInterval = config?.cleanupInterval ?? 6e4;
+    this.cleanupTimer = setInterval(() => void this.store.cleanup(), cleanupInterval);
+    this.cleanupTimer.unref();
+  }
+  /**
+   * Issue a new one-time-use token for the given subject
+   */
+  async issue(subject) {
+    const token = randomBytes(32).toString("hex");
+    await this.store.set(token, {
+      token,
+      subject,
+      expiresAt: Date.now() + this.ttl
+    });
+    return token;
+  }
+  /**
+   * Verify and consume a token
+   * @returns subject string if valid, null if invalid/expired/already consumed
+   */
+  async verify(token) {
+    const data = await this.store.consume(token);
+    if (!data || data.expiresAt <= Date.now()) {
+      return null;
+    }
+    return data.subject;
+  }
+  /**
+   * Cleanup timer and resources
+   */
+  destroy() {
+    if (this.cleanupTimer) {
+      clearInterval(this.cleanupTimer);
+      this.cleanupTimer = null;
+    }
+  }
+};
 function createHealthCheckHandler(detailed) {
   return async (c) => {
     const response = {
@@ -474,34 +638,34 @@ function applyServerTimeouts(server, timeouts) {
     server.headersTimeout = timeouts.headers;
   }
 }
-function getTimeoutConfig(config2) {
+function getTimeoutConfig(config) {
   return {
-    request: config2?.request ?? env.SERVER_TIMEOUT,
-    keepAlive: config2?.keepAlive ?? env.SERVER_KEEPALIVE_TIMEOUT,
-    headers: config2?.headers ?? env.SERVER_HEADERS_TIMEOUT
+    request: config?.request ?? env.SERVER_TIMEOUT,
+    keepAlive: config?.keepAlive ?? env.SERVER_KEEPALIVE_TIMEOUT,
+    headers: config?.headers ?? env.SERVER_HEADERS_TIMEOUT
   };
 }
-function getShutdownTimeout(config2) {
-  return config2?.timeout ?? env.SHUTDOWN_TIMEOUT;
+function getShutdownTimeout(config) {
+  return config?.timeout ?? env.SHUTDOWN_TIMEOUT;
 }
-function buildMiddlewareOrder(config2) {
+function buildMiddlewareOrder(config) {
   const order = [];
-  const middlewareConfig = config2.middleware ?? {};
+  const middlewareConfig = config.middleware ?? {};
   const enableLogger = middlewareConfig.logger !== false;
   const enableCors = middlewareConfig.cors !== false;
   const enableErrorHandler = middlewareConfig.errorHandler !== false;
   if (enableLogger) order.push("RequestLogger");
   if (enableCors) order.push("CORS");
-  config2.use?.forEach((_, i) => order.push(`Custom[${i}]`));
-  if (config2.beforeRoutes) order.push("beforeRoutes hook");
+  config.use?.forEach((_, i) => order.push(`Custom[${i}]`));
+  if (config.beforeRoutes) order.push("beforeRoutes hook");
   order.push("Routes");
-  if (config2.afterRoutes) order.push("afterRoutes hook");
+  if (config.afterRoutes) order.push("afterRoutes hook");
   if (enableErrorHandler) order.push("ErrorHandler");
   return order;
 }
-function buildStartupConfig(config2, timeouts) {
-  const middlewareConfig = config2.middleware ?? {};
-  const healthCheckConfig = config2.healthCheck ?? {};
+function buildStartupConfig(config, timeouts) {
+  const middlewareConfig = config.middleware ?? {};
+  const healthCheckConfig = config.healthCheck ?? {};
   const healthCheckEnabled = healthCheckConfig.enabled !== false;
   const healthCheckPath = healthCheckConfig.path ?? "/health";
   const healthCheckDetailed = healthCheckConfig.detailed ?? env.NODE_ENV === "development";
@@ -510,7 +674,7 @@ function buildStartupConfig(config2, timeouts) {
       logger: middlewareConfig.logger !== false,
       cors: middlewareConfig.cors !== false,
       errorHandler: middlewareConfig.errorHandler !== false,
-      custom: config2.use?.length ?? 0
+      custom: config.use?.length ?? 0
     },
     healthCheck: healthCheckEnabled ? {
       enabled: true,
@@ -518,8 +682,8 @@ function buildStartupConfig(config2, timeouts) {
       detailed: healthCheckDetailed
     } : { enabled: false },
     hooks: {
-      beforeRoutes: !!config2.beforeRoutes,
-      afterRoutes: !!config2.afterRoutes
+      beforeRoutes: !!config.beforeRoutes,
+      afterRoutes: !!config.afterRoutes
     },
     timeout: {
       request: `${timeouts.request}ms`,
@@ -527,23 +691,23 @@ function buildStartupConfig(config2, timeouts) {
       headers: `${timeouts.headers}ms`
     },
     shutdown: {
-      timeout: `${config2.shutdown?.timeout ?? env.SHUTDOWN_TIMEOUT}ms`
+      timeout: `${config.shutdown?.timeout ?? env.SHUTDOWN_TIMEOUT}ms`
     }
   };
 }
 var serverLogger = logger.child("@spfn/core:server");
 
 // src/server/create-server.ts
-async function createServer(config2) {
+async function createServer(config) {
   const cwd = process.cwd();
   const appPath = join(cwd, "src", "server", "app.ts");
   const appJsPath = join(cwd, "src", "server", "app");
   if (existsSync(appPath) || existsSync(appJsPath)) {
-    return await loadCustomApp(appPath, appJsPath, config2);
+    return await loadCustomApp(appPath, appJsPath, config);
   }
-  return await createAutoConfiguredApp(config2);
+  return await createAutoConfiguredApp(config);
 }
-async function loadCustomApp(appPath, appJsPath, config2) {
+async function loadCustomApp(appPath, appJsPath, config) {
   const actualPath = existsSync(appPath) ? appPath : appJsPath;
   const appModule = await import(actualPath);
   const appFactory = appModule.default;
@@ -551,15 +715,15 @@ async function loadCustomApp(appPath, appJsPath, config2) {
     throw new Error("app.ts must export a default function that returns a Hono app");
   }
   const app = await appFactory();
-  if (config2?.routes) {
-    const routes = registerRoutes(app, config2.routes, config2.middlewares);
-    logRegisteredRoutes(routes, config2?.debug ?? false);
+  if (config?.routes) {
+    const routes = registerRoutes(app, config.routes, config.middlewares);
+    logRegisteredRoutes(routes, config?.debug ?? false);
   }
   return app;
 }
-async function createAutoConfiguredApp(config2) {
+async function createAutoConfiguredApp(config) {
   const app = new Hono();
-  const middlewareConfig = config2?.middleware ?? {};
+  const middlewareConfig = config?.middleware ?? {};
   const enableLogger = middlewareConfig.logger !== false;
   const enableCors = middlewareConfig.cors !== false;
   const enableErrorHandler = middlewareConfig.errorHandler !== false;
@@ -569,31 +733,31 @@ async function createAutoConfiguredApp(config2) {
       await next();
     });
   }
-  applyDefaultMiddleware(app, config2, enableLogger, enableCors);
-  if (Array.isArray(config2?.use)) {
-    config2.use.forEach((mw) => app.use("*", mw));
+  applyDefaultMiddleware(app, config, enableLogger, enableCors);
+  if (Array.isArray(config?.use)) {
+    config.use.forEach((mw) => app.use("*", mw));
   }
-  registerHealthCheckEndpoint(app, config2);
-  await executeBeforeRoutesHook(app, config2);
-  await loadAppRoutes(app, config2);
-  registerSSEEndpoint(app, config2);
-  await executeAfterRoutesHook(app, config2);
+  registerHealthCheckEndpoint(app, config);
+  await executeBeforeRoutesHook(app, config);
+  await loadAppRoutes(app, config);
+  registerSSEEndpoint(app, config);
+  await executeAfterRoutesHook(app, config);
   if (enableErrorHandler) {
     app.onError(ErrorHandler());
   }
   return app;
 }
-function applyDefaultMiddleware(app, config2, enableLogger, enableCors) {
+function applyDefaultMiddleware(app, config, enableLogger, enableCors) {
   if (enableLogger) {
     app.use("*", RequestLogger());
   }
   if (enableCors) {
-    const corsOptions = config2?.cors !== false ? config2?.cors : void 0;
+    const corsOptions = config?.cors !== false ? config?.cors : void 0;
     app.use("*", cors(corsOptions));
   }
 }
-function registerHealthCheckEndpoint(app, config2) {
-  const healthCheckConfig = config2?.healthCheck ?? {};
+function registerHealthCheckEndpoint(app, config) {
+  const healthCheckConfig = config?.healthCheck ?? {};
   const healthCheckEnabled = healthCheckConfig.enabled !== false;
   const healthCheckPath = healthCheckConfig.path ?? "/health";
   const healthCheckDetailed = healthCheckConfig.detailed ?? process.env.NODE_ENV === "development";
@@ -602,15 +766,15 @@ function registerHealthCheckEndpoint(app, config2) {
     serverLogger.debug(`Health check endpoint enabled at ${healthCheckPath}`);
   }
 }
-async function executeBeforeRoutesHook(app, config2) {
-  if (config2?.lifecycle?.beforeRoutes) {
-    await config2.lifecycle.beforeRoutes(app);
+async function executeBeforeRoutesHook(app, config) {
+  if (config?.lifecycle?.beforeRoutes) {
+    await config.lifecycle.beforeRoutes(app);
   }
 }
-async function loadAppRoutes(app, config2) {
-  const debug = isDebugMode(config2);
-  if (config2?.routes) {
-    const routes = registerRoutes(app, config2.routes, config2.middlewares);
+async function loadAppRoutes(app, config) {
+  const debug = isDebugMode(config);
+  if (config?.routes) {
+    const routes = registerRoutes(app, config.routes, config.middlewares);
     logRegisteredRoutes(routes, debug);
   } else if (debug) {
     serverLogger.warn("\u26A0\uFE0F  No routes configured. Use defineServerConfig().routes() to register routes.");
@@ -631,28 +795,51 @@ function logRegisteredRoutes(routes, debug) {
   serverLogger.info(`\u2713 Routes registered (${routes.length}):
 ${routeLines}`);
 }
-async function executeAfterRoutesHook(app, config2) {
-  if (config2?.lifecycle?.afterRoutes) {
-    await config2.lifecycle.afterRoutes(app);
+async function executeAfterRoutesHook(app, config) {
+  if (config?.lifecycle?.afterRoutes) {
+    await config.lifecycle.afterRoutes(app);
   }
 }
-function registerSSEEndpoint(app, config2) {
-  if (!config2?.events) {
+function registerSSEEndpoint(app, config) {
+  if (!config?.events) {
     return;
   }
-  const eventsConfig = config2.eventsConfig ?? {};
-  const path = eventsConfig.path ?? "/events/stream";
-  const debug = isDebugMode(config2);
-  app.get(path, createSSEHandler(config2.events, eventsConfig));
+  const eventsConfig = config.eventsConfig ?? {};
+  const streamPath = eventsConfig.path ?? "/events/stream";
+  const authConfig = eventsConfig.auth;
+  const debug = isDebugMode(config);
+  let tokenManager;
+  if (authConfig?.enabled) {
+    tokenManager = new SSETokenManager({
+      ttl: authConfig.tokenTtl,
+      store: authConfig.store
+    });
+    const tokenPath = streamPath.replace(/\/[^/]+$/, "/token");
+    const mwHandlers = (config.middlewares ?? []).map((mw) => mw.handler);
+    const getSubject = authConfig.getSubject ?? ((c) => c.get("auth")?.userId ?? null);
+    app.post(tokenPath, ...mwHandlers, async (c) => {
+      const subject = getSubject(c);
+      if (!subject) {
+        return c.json({ error: "Unable to identify subject" }, 401);
+      }
+      const token = await tokenManager.issue(subject);
+      return c.json({ token });
+    });
+    if (debug) {
+      serverLogger.info(`\u2713 SSE token endpoint registered at POST ${tokenPath}`);
+    }
+  }
+  app.get(streamPath, createSSEHandler(config.events, eventsConfig, tokenManager));
   if (debug) {
-    const eventNames = config2.events.eventNames;
-    serverLogger.info(`\u2713 SSE endpoint registered at ${path}`, {
-      events: eventNames
+    const eventNames = config.events.eventNames;
+    serverLogger.info(`\u2713 SSE endpoint registered at ${streamPath}`, {
+      events: eventNames,
+      auth: !!authConfig?.enabled
     });
   }
 }
-function isDebugMode(config2) {
-  return config2?.debug ?? process.env.NODE_ENV === "development";
+function isDebugMode(config) {
+  return config?.debug ?? process.env.NODE_ENV === "development";
 }
 var jobLogger = logger.child("@spfn/core:job");
 var bossInstance = null;
@@ -888,16 +1075,16 @@ function printBanner(options) {
 }
 
 // src/server/validation.ts
-function validateServerConfig(config2) {
-  if (config2.port !== void 0) {
-    if (!Number.isInteger(config2.port) || config2.port < 0 || config2.port > 65535) {
+function validateServerConfig(config) {
+  if (config.port !== void 0) {
+    if (!Number.isInteger(config.port) || config.port < 0 || config.port > 65535) {
       throw new Error(
-        `Invalid port: ${config2.port}. Port must be an integer between 0 and 65535.`
+        `Invalid port: ${config.port}. Port must be an integer between 0 and 65535.`
       );
     }
   }
-  if (config2.timeout) {
-    const { request, keepAlive, headers } = config2.timeout;
+  if (config.timeout) {
+    const { request, keepAlive, headers } = config.timeout;
     if (request !== void 0 && (request < 0 || !Number.isFinite(request))) {
       throw new Error(`Invalid timeout.request: ${request}. Must be a positive number.`);
     }
@@ -913,16 +1100,16 @@ function validateServerConfig(config2) {
       );
     }
   }
-  if (config2.shutdown?.timeout !== void 0) {
-    const timeout = config2.shutdown.timeout;
+  if (config.shutdown?.timeout !== void 0) {
+    const timeout = config.shutdown.timeout;
     if (timeout < 0 || !Number.isFinite(timeout)) {
       throw new Error(`Invalid shutdown.timeout: ${timeout}. Must be a positive number.`);
     }
   }
-  if (config2.healthCheck?.path) {
-    if (!config2.healthCheck.path.startsWith("/")) {
+  if (config.healthCheck?.path) {
+    if (!config.healthCheck.path.startsWith("/")) {
       throw new Error(
-        `Invalid healthCheck.path: "${config2.healthCheck.path}". Must start with "/".`
+        `Invalid healthCheck.path: "${config.healthCheck.path}". Must start with "/".`
       );
     }
   }
@@ -939,9 +1126,9 @@ var CONFIG_FILE_PATHS = [
   "src/server/server.config.ts"
 ];
 var processHandlersRegistered = false;
-async function startServer(config2) {
-  loadEnvFiles();
-  const finalConfig = await loadAndMergeConfig(config2);
+async function startServer(config) {
+  loadEnv();
+  const finalConfig = await loadAndMergeConfig(config);
   const { host, port, debug } = finalConfig;
   validateServerConfig(finalConfig);
   if (!host || !port) {
@@ -999,7 +1186,7 @@ async function startServer(config2) {
     throw error;
   }
 }
-async function loadAndMergeConfig(config2) {
+async function loadAndMergeConfig(config) {
   const cwd = process.cwd();
   let fileConfig = {};
   let loadedConfigPath = null;
@@ -1023,26 +1210,26 @@ async function loadAndMergeConfig(config2) {
   }
   return {
     ...fileConfig,
-    ...config2,
-    port: config2?.port ?? fileConfig?.port ?? env.PORT,
-    host: config2?.host ?? fileConfig?.host ?? env.HOST
+    ...config,
+    port: config?.port ?? fileConfig?.port ?? env.PORT,
+    host: config?.host ?? fileConfig?.host ?? env.HOST
   };
 }
-function getInfrastructureConfig(config2) {
+function getInfrastructureConfig(config) {
   return {
-    database: config2.infrastructure?.database !== false,
-    redis: config2.infrastructure?.redis !== false
+    database: config.infrastructure?.database !== false,
+    redis: config.infrastructure?.redis !== false
   };
 }
-async function initializeInfrastructure(config2) {
-  if (config2.lifecycle?.beforeInfrastructure) {
+async function initializeInfrastructure(config) {
+  if (config.lifecycle?.beforeInfrastructure) {
     serverLogger.debug("Executing beforeInfrastructure hook...");
-    await config2.lifecycle.beforeInfrastructure(config2);
+    await config.lifecycle.beforeInfrastructure(config);
   }
-  const infraConfig = getInfrastructureConfig(config2);
+  const infraConfig = getInfrastructureConfig(config);
   if (infraConfig.database) {
     serverLogger.debug("Initializing database...");
-    await initDatabase(config2.database);
+    await initDatabase(config.database);
   } else {
     serverLogger.debug("Database initialization disabled");
   }
@@ -1052,11 +1239,11 @@ async function initializeInfrastructure(config2) {
   } else {
     serverLogger.debug("Redis initialization disabled");
   }
-  if (config2.lifecycle?.afterInfrastructure) {
+  if (config.lifecycle?.afterInfrastructure) {
     serverLogger.debug("Executing afterInfrastructure hook...");
-    await config2.lifecycle.afterInfrastructure();
+    await config.lifecycle.afterInfrastructure();
   }
-  if (config2.jobs) {
+  if (config.jobs) {
     const dbUrl = env.DATABASE_URL;
     if (!dbUrl) {
       throw new Error(
@@ -1066,22 +1253,22 @@ async function initializeInfrastructure(config2) {
     serverLogger.debug("Initializing pg-boss...");
     await initBoss({
       connectionString: dbUrl,
-      ...config2.jobsConfig
+      ...config.jobsConfig
     });
     serverLogger.debug("Registering jobs...");
-    await registerJobs(config2.jobs);
+    await registerJobs(config.jobs);
   }
-  if (config2.workflows) {
-    const infraConfig2 = getInfrastructureConfig(config2);
+  if (config.workflows) {
+    const infraConfig2 = getInfrastructureConfig(config);
     if (!infraConfig2.database) {
       throw new Error(
         "Workflows require database connection. Ensure database is enabled in infrastructure config."
       );
     }
     serverLogger.debug("Initializing workflow engine...");
-    config2.workflows._init(
+    config.workflows._init(
       getDatabase(),
-      config2.workflowsConfig
+      config.workflowsConfig
     );
     serverLogger.info("Workflow engine initialized");
   }
@@ -1094,8 +1281,8 @@ function startHttpServer(app, host, port) {
     hostname: host
   });
 }
-function logMiddlewareOrder(config2) {
-  const middlewareOrder = buildMiddlewareOrder(config2);
+function logMiddlewareOrder(config) {
+  const middlewareOrder = buildMiddlewareOrder(config);
   serverLogger.debug("Middleware execution order", {
     order: middlewareOrder
   });
@@ -1107,8 +1294,8 @@ function logServerTimeouts(timeouts) {
     headers: `${timeouts.headers}ms`
   });
 }
-function logServerStarted(debug, host, port, config2, timeouts) {
-  const startupConfig = buildStartupConfig(config2, timeouts);
+function logServerStarted(debug, host, port, config, timeouts) {
+  const startupConfig = buildStartupConfig(config, timeouts);
   serverLogger.info("Server started successfully", {
     mode: debug ? "development" : "production",
     host,
@@ -1116,7 +1303,7 @@ function logServerStarted(debug, host, port, config2, timeouts) {
     config: startupConfig
   });
 }
-function createShutdownHandler(server, config2, shutdownState) {
+function createShutdownHandler(server, config, shutdownState) {
   return async () => {
     if (shutdownState.isShuttingDown) {
       serverLogger.debug("Shutdown already in progress for this instance, skipping");
@@ -1147,7 +1334,7 @@ function createShutdownHandler(server, config2, shutdownState) {
       if (timeoutId) clearTimeout(timeoutId);
       serverLogger.warn("HTTP server close timeout, forcing shutdown", error);
     });
-    if (config2.jobs) {
+    if (config.jobs) {
       serverLogger.debug("Stopping pg-boss...");
       try {
         await stopBoss();
@@ -1155,15 +1342,15 @@ function createShutdownHandler(server, config2, shutdownState) {
         serverLogger.error("pg-boss stop failed", error);
       }
     }
-    if (config2.lifecycle?.beforeShutdown) {
+    if (config.lifecycle?.beforeShutdown) {
       serverLogger.debug("Executing beforeShutdown hook...");
       try {
-        await config2.lifecycle.beforeShutdown();
+        await config.lifecycle.beforeShutdown();
       } catch (error) {
         serverLogger.error("beforeShutdown hook failed", error);
       }
     }
-    const infraConfig = getInfrastructureConfig(config2);
+    const infraConfig = getInfrastructureConfig(config);
     if (infraConfig.database) {
       serverLogger.debug("Closing database connections...");
       await closeInfrastructure(closeDatabase, "Database", TIMEOUTS.DATABASE_CLOSE);
@@ -1194,14 +1381,14 @@ async function closeInfrastructure(closeFn, name, timeout) {
     serverLogger.error(`${name} close failed or timed out`, error);
   }
 }
-function createGracefulShutdown(shutdownServer, config2, shutdownState) {
+function createGracefulShutdown(shutdownServer, config, shutdownState) {
   return async (signal) => {
     if (shutdownState.isShuttingDown) {
       serverLogger.warn(`${signal} received but shutdown already in progress, ignoring`);
       return;
     }
     serverLogger.info(`${signal} received, starting graceful shutdown...`);
-    const shutdownTimeout = getShutdownTimeout(config2.shutdown);
+    const shutdownTimeout = getShutdownTimeout(config.shutdown);
     let timeoutId;
     try {
       await Promise.race([
@@ -1287,10 +1474,10 @@ function registerProcessHandlers(shutdown) {
   });
   serverLogger.debug("Process-level shutdown handlers registered successfully");
 }
-async function cleanupOnFailure(config2) {
+async function cleanupOnFailure(config) {
   try {
     serverLogger.debug("Cleaning up after initialization failure...");
-    const infraConfig = getInfrastructureConfig(config2);
+    const infraConfig = getInfrastructureConfig(config);
     if (infraConfig.database) {
       await closeInfrastructure(closeDatabase, "Database", TIMEOUTS.DATABASE_CLOSE);
     }
@@ -1422,10 +1609,10 @@ var ServerConfigBuilder = class {
    *   .build();
    * ```
    */
-  jobs(router, config2) {
+  jobs(router, config) {
     this.config.jobs = router;
-    if (config2) {
-      this.config.jobsConfig = config2;
+    if (config) {
+      this.config.jobsConfig = config;
     }
     return this;
   }
@@ -1457,10 +1644,10 @@ var ServerConfigBuilder = class {
    * .events(eventRouter, { path: '/sse' })
    * ```
    */
-  events(router, config2) {
+  events(router, config) {
     this.config.events = router;
-    if (config2) {
-      this.config.eventsConfig = config2;
+    if (config) {
+      this.config.eventsConfig = config;
     }
     return this;
   }
@@ -1526,10 +1713,10 @@ var ServerConfigBuilder = class {
    *     .build();
    * ```
    */
-  workflows(router, config2) {
+  workflows(router, config) {
     this.config.workflows = router;
-    if (config2) {
-      this.config.workflowsConfig = config2;
+    if (config) {
+      this.config.workflowsConfig = config;
     }
     return this;
   }
@@ -1580,6 +1767,6 @@ function defineServerConfig() {
   return new ServerConfigBuilder();
 }
 
-export { createServer, defineServerConfig, loadEnvFiles, startServer };
+export { createServer, defineServerConfig, loadEnv, loadEnvFiles, startServer };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map