@stackmemoryai/stackmemory 0.5.59 → 0.5.62

package/dist/middleware/exponential-rate-limiter.js

@@ -1,289 +0,0 @@
-import { fileURLToPath as __fileURLToPath } from 'url';
-import { dirname as __pathDirname } from 'path';
-const __filename = __fileURLToPath(import.meta.url);
-const __dirname = __pathDirname(__filename);
-import { logger } from "../core/monitoring/logger.js";
-import { metrics } from "../core/monitoring/metrics.js";
-class ExponentialRateLimiter {
-  redis;
-  localCache = /* @__PURE__ */ new Map();
-  localCacheOrder = [];
-  config;
-  constructor(redis, config = {}) {
-    this.redis = redis;
-    this.config = {
-      baseLimit: 10,
-      windowMs: 60 * 1e3,
-      // 1 minute
-      maxBackoff: 32,
-      backoffMultiplier: 2,
-      localCacheSize: 1e4,
-      localCacheTTL: 5 * 60 * 1e3,
-      // 5 minutes
-      whitelistIPs: [],
-      blacklistIPs: [],
-      customKeyGenerator: (req) => this.getClientIdentifier(req),
-      ...config
-    };
-    setInterval(() => this.cleanupLocalCache(), this.config.localCacheTTL);
-  }
-  /**
-   * Main middleware function with exponential backoff
-   */
-  middleware() {
-    return async (req, res, next) => {
-      const clientId = this.config.customKeyGenerator(req);
-      if (this.isWhitelisted(clientId)) {
-        return next();
-      }
-      if (this.isBlacklisted(clientId)) {
-        metrics.increment("rate_limit.blacklisted", { ip: clientId });
-        res.status(403).json({
-          error: "Access denied",
-          code: "BLACKLISTED_IP"
-        });
-        return;
-      }
-      try {
-        let entry = this.getFromLocalCache(clientId);
-        if (!entry) {
-          entry = await this.getFromRedis(clientId);
-        }
-        const now = Date.now();
-        if (entry.blockedUntil && entry.blockedUntil > now) {
-          const retryAfter = Math.ceil((entry.blockedUntil - now) / 1e3);
-          metrics.increment("rate_limit.blocked", {
-            ip: clientId,
-            backoffLevel: String(entry.backoffLevel)
-          });
-          res.status(429).json({
-            error: "Too many requests - exponential backoff applied",
-            code: "RATE_LIMIT_BACKOFF",
-            retryAfter,
-            backoffLevel: entry.backoffLevel
-          });
-          res.setHeader("Retry-After", String(retryAfter));
-          res.setHeader("X-RateLimit-BackoffLevel", String(entry.backoffLevel));
-          return;
-        }
-        if (now - entry.firstRequest > this.config.windowMs) {
-          entry = {
-            requests: 1,
-            violations: Math.max(0, entry.violations - 1),
-            // Decay violations
-            backoffLevel: Math.max(0, entry.backoffLevel - 1),
-            // Decay backoff
-            firstRequest: now,
-            lastRequest: now
-          };
-        } else {
-          entry.requests++;
-          entry.lastRequest = now;
-        }
-        const currentLimit = Math.max(
-          1,
-          Math.floor(
-            this.config.baseLimit / Math.pow(this.config.backoffMultiplier, entry.backoffLevel)
-          )
-        );
-        if (entry.requests > currentLimit) {
-          entry.violations++;
-          if (entry.backoffLevel < Math.log2(this.config.maxBackoff)) {
-            entry.backoffLevel++;
-          }
-          const backoffDuration = this.config.windowMs * Math.pow(this.config.backoffMultiplier, entry.backoffLevel);
-          entry.blockedUntil = now + backoffDuration;
-          await this.updateCaches(clientId, entry);
-          const retryAfter = Math.ceil(backoffDuration / 1e3);
-          metrics.increment("rate_limit.exceeded", {
-            ip: clientId,
-            violations: String(entry.violations),
-            backoffLevel: String(entry.backoffLevel)
-          });
-          res.status(429).json({
-            error: "Rate limit exceeded - entering exponential backoff",
-            code: "RATE_LIMIT_EXCEEDED",
-            retryAfter,
-            violations: entry.violations,
-            backoffLevel: entry.backoffLevel,
-            currentLimit
-          });
-          res.setHeader("Retry-After", String(retryAfter));
-          res.setHeader("X-RateLimit-Limit", String(currentLimit));
-          res.setHeader("X-RateLimit-Remaining", "0");
-          res.setHeader("X-RateLimit-BackoffLevel", String(entry.backoffLevel));
-          return;
-        }
-        await this.updateCaches(clientId, entry);
-        res.setHeader("X-RateLimit-Limit", String(currentLimit));
-        res.setHeader(
-          "X-RateLimit-Remaining",
-          String(currentLimit - entry.requests)
-        );
-        res.setHeader(
-          "X-RateLimit-Reset",
-          String(new Date(entry.firstRequest + this.config.windowMs).getTime())
-        );
-        if (entry.backoffLevel > 0) {
-          res.setHeader("X-RateLimit-BackoffLevel", String(entry.backoffLevel));
-        }
-        next();
-      } catch (error) {
-        logger.error(
-          "Rate limiter error",
-          error instanceof Error ? error : new Error(String(error))
-        );
-        next();
-      }
-    };
-  }
-  /**
-   * Get client identifier from request
-   */
-  getClientIdentifier(req) {
-    const forwarded = req.headers["x-forwarded-for"];
-    const realIp = req.headers["x-real-ip"];
-    const cfIp = req.headers["cf-connecting-ip"];
-    if (typeof forwarded === "string") {
-      return forwarded.split(",")[0].trim();
-    }
-    if (typeof realIp === "string") {
-      return realIp;
-    }
-    if (typeof cfIp === "string") {
-      return cfIp;
-    }
-    return req.ip || req.socket.remoteAddress || "unknown";
-  }
-  /**
-   * Check if IP is whitelisted
-   */
-  isWhitelisted(ip) {
-    return this.config.whitelistIPs.includes(ip) || ip === "127.0.0.1" || ip === "::1" || ip.startsWith("192.168.") || ip.startsWith("10.");
-  }
-  /**
-   * Check if IP is blacklisted
-   */
-  isBlacklisted(ip) {
-    return this.config.blacklistIPs.includes(ip);
-  }
-  /**
-   * Get rate limit entry from local cache
-   */
-  getFromLocalCache(clientId) {
-    const cached = this.localCache.get(clientId);
-    if (cached) {
-      const now = Date.now();
-      if (now - cached.lastRequest < this.config.localCacheTTL) {
-        return cached;
-      }
-      this.localCache.delete(clientId);
-      const index = this.localCacheOrder.indexOf(clientId);
-      if (index > -1) {
-        this.localCacheOrder.splice(index, 1);
-      }
-    }
-    return null;
-  }
-  /**
-   * Get rate limit entry from Redis
-   */
-  async getFromRedis(clientId) {
-    const key = `rate_limit:${clientId}`;
-    const data = await this.redis.get(key);
-    if (data) {
-      return JSON.parse(data);
-    }
-    return {
-      requests: 0,
-      violations: 0,
-      backoffLevel: 0,
-      firstRequest: Date.now(),
-      lastRequest: Date.now()
-    };
-  }
-  /**
-   * Update both local cache and Redis
-   */
-  async updateCaches(clientId, entry) {
-    if (!this.localCache.has(clientId)) {
-      if (this.localCache.size >= this.config.localCacheSize) {
-        const oldest = this.localCacheOrder.shift();
-        if (oldest) {
-          this.localCache.delete(oldest);
-        }
-      }
-      this.localCacheOrder.push(clientId);
-    }
-    this.localCache.set(clientId, entry);
-    const key = `rate_limit:${clientId}`;
-    const ttl = Math.ceil(
-      this.config.windowMs * Math.pow(2, entry.backoffLevel) / 1e3
-    );
-    await this.redis.setex(key, ttl, JSON.stringify(entry));
-  }
-  /**
-   * Clean up stale entries from local cache
-   */
-  cleanupLocalCache() {
-    const now = Date.now();
-    const staleThreshold = now - this.config.localCacheTTL;
-    for (const [clientId, entry] of this.localCache.entries()) {
-      if (entry.lastRequest < staleThreshold) {
-        this.localCache.delete(clientId);
-        const index = this.localCacheOrder.indexOf(clientId);
-        if (index > -1) {
-          this.localCacheOrder.splice(index, 1);
-        }
-      }
-    }
-    metrics.record("rate_limit.local_cache_size", this.localCache.size);
-  }
-  /**
-   * Reset rate limit for a specific client
-   */
-  async reset(clientId) {
-    this.localCache.delete(clientId);
-    const index = this.localCacheOrder.indexOf(clientId);
-    if (index > -1) {
-      this.localCacheOrder.splice(index, 1);
-    }
-    await this.redis.del(`rate_limit:${clientId}`);
-  }
-  /**
-   * Get current rate limit status for a client
-   */
-  async getStatus(clientId) {
-    let entry = this.getFromLocalCache(clientId);
-    if (!entry) {
-      const data = await this.redis.get(`rate_limit:${clientId}`);
-      if (data) {
-        entry = JSON.parse(data);
-      }
-    }
-    return entry;
-  }
-  /**
-   * Add IP to blacklist
-   */
-  blacklistIP(ip) {
-    if (!this.config.blacklistIPs.includes(ip)) {
-      this.config.blacklistIPs.push(ip);
-      logger.warn("IP blacklisted", { ip });
-    }
-  }
-  /**
-   * Remove IP from blacklist
-   */
-  unblacklistIP(ip) {
-    const index = this.config.blacklistIPs.indexOf(ip);
-    if (index > -1) {
-      this.config.blacklistIPs.splice(index, 1);
-      logger.info("IP unblacklisted", { ip });
-    }
-  }
-}
-export {
-  ExponentialRateLimiter
-};
-//# sourceMappingURL=exponential-rate-limiter.js.map

package/dist/middleware/exponential-rate-limiter.js.map

@@ -1,7 +0,0 @@
-{
-  "version": 3,
-  "sources": ["../../src/middleware/exponential-rate-limiter.ts"],
-  "sourcesContent": ["import { Request, Response, NextFunction } from 'express';\nimport Redis from 'ioredis';\nimport { logger } from '../core/monitoring/logger.js';\nimport { metrics } from '../core/monitoring/metrics.js';\n\ninterface RateLimitConfig {\n  baseLimit: number; // Initial requests allowed\n  windowMs: number; // Time window in milliseconds\n  maxBackoff: number; // Maximum backoff multiplier (e.g., 32 = 2^5)\n  backoffMultiplier: number; // Multiplier for each violation (typically 2)\n  localCacheSize: number; // Max IPs to cache locally\n  localCacheTTL: number; // Local cache TTL in ms\n  whitelistIPs?: string[]; // IPs to bypass rate limiting\n  blacklistIPs?: string[]; // IPs to block immediately\n  customKeyGenerator?: (req: Request) => string;\n}\n\ninterface RateLimitEntry {\n  requests: number;\n  violations: number;\n  backoffLevel: number;\n  firstRequest: number;\n  lastRequest: number;\n  blockedUntil?: number;\n}\n\nexport class ExponentialRateLimiter {\n  private redis: Redis;\n  private localCache: Map<string, RateLimitEntry> = new Map();\n  private localCacheOrder: string[] = [];\n  private config: Required<RateLimitConfig>;\n\n  constructor(redis: Redis, config: Partial<RateLimitConfig> = {}) {\n    this.redis = redis;\n    this.config = {\n      baseLimit: 10,\n      windowMs: 60 * 1000, // 1 minute\n      maxBackoff: 32,\n      backoffMultiplier: 2,\n      localCacheSize: 10000,\n      localCacheTTL: 5 * 60 * 1000, // 5 minutes\n      whitelistIPs: [],\n      blacklistIPs: [],\n      customKeyGenerator: (req) => this.getClientIdentifier(req),\n      ...config,\n    };\n\n    // Clean up local cache periodically\n    setInterval(() => this.cleanupLocalCache(), this.config.localCacheTTL);\n  }\n\n  /**\n   * Main middleware function with exponential backoff\n   */\n  middleware() {\n    return async (\n      req: Request,\n      res: Response,\n      next: NextFunction\n    ): Promise<void> => {\n      const clientId = this.config.customKeyGenerator(req);\n\n      // Check whitelist/blacklist\n      if (this.isWhitelisted(clientId)) {\n        return next();\n      }\n\n      if (this.isBlacklisted(clientId)) {\n        metrics.increment('rate_limit.blacklisted', { ip: clientId });\n        res.status(403).json({\n          error: 'Access denied',\n          code: 'BLACKLISTED_IP',\n        });\n        return;\n      }\n\n      try {\n        // Try local cache first for performance\n        let entry = this.getFromLocalCache(clientId);\n\n        if (!entry) {\n          // Fallback to Redis\n          entry = await this.getFromRedis(clientId);\n        }\n\n        const now = Date.now();\n\n        // Check if client is in backoff period\n        if (entry.blockedUntil && entry.blockedUntil > now) {\n          const retryAfter = Math.ceil((entry.blockedUntil - now) / 1000);\n          metrics.increment('rate_limit.blocked', {\n            ip: clientId,\n            backoffLevel: String(entry.backoffLevel),\n          });\n\n          res.status(429).json({\n            error: 'Too many requests - exponential backoff applied',\n            code: 'RATE_LIMIT_BACKOFF',\n            retryAfter,\n            backoffLevel: entry.backoffLevel,\n          });\n          res.setHeader('Retry-After', String(retryAfter));\n          res.setHeader('X-RateLimit-BackoffLevel', String(entry.backoffLevel));\n          return;\n        }\n\n        // Check if window has expired\n        if (now - entry.firstRequest > this.config.windowMs) {\n          // Reset window\n          entry = {\n            requests: 1,\n            violations: Math.max(0, entry.violations - 1), // Decay violations\n            backoffLevel: Math.max(0, entry.backoffLevel - 1), // Decay backoff\n            firstRequest: now,\n            lastRequest: now,\n          };\n        } else {\n          entry.requests++;\n          entry.lastRequest = now;\n        }\n\n        // Calculate current limit with exponential backoff reduction\n        const currentLimit = Math.max(\n          1,\n          Math.floor(\n            this.config.baseLimit /\n              Math.pow(this.config.backoffMultiplier, entry.backoffLevel)\n          )\n        );\n\n        // Check if limit exceeded\n        if (entry.requests > currentLimit) {\n          entry.violations++;\n\n          // Increase backoff level\n          if (entry.backoffLevel < Math.log2(this.config.maxBackoff)) {\n            entry.backoffLevel++;\n          }\n\n          // Calculate backoff duration with exponential increase\n          const backoffDuration =\n            this.config.windowMs *\n            Math.pow(this.config.backoffMultiplier, entry.backoffLevel);\n          entry.blockedUntil = now + backoffDuration;\n\n          // Update caches\n          await this.updateCaches(clientId, entry);\n\n          const retryAfter = Math.ceil(backoffDuration / 1000);\n          metrics.increment('rate_limit.exceeded', {\n            ip: clientId,\n            violations: String(entry.violations),\n            backoffLevel: String(entry.backoffLevel),\n          });\n\n          res.status(429).json({\n            error: 'Rate limit exceeded - entering exponential backoff',\n            code: 'RATE_LIMIT_EXCEEDED',\n            retryAfter,\n            violations: entry.violations,\n            backoffLevel: entry.backoffLevel,\n            currentLimit,\n          });\n          res.setHeader('Retry-After', String(retryAfter));\n          res.setHeader('X-RateLimit-Limit', String(currentLimit));\n          res.setHeader('X-RateLimit-Remaining', '0');\n          res.setHeader('X-RateLimit-BackoffLevel', String(entry.backoffLevel));\n          return;\n        }\n\n        // Update successful request\n        await this.updateCaches(clientId, entry);\n\n        // Add rate limit headers\n        res.setHeader('X-RateLimit-Limit', String(currentLimit));\n        res.setHeader(\n          'X-RateLimit-Remaining',\n          String(currentLimit - entry.requests)\n        );\n        res.setHeader(\n          'X-RateLimit-Reset',\n          String(new Date(entry.firstRequest + this.config.windowMs).getTime())\n        );\n\n        if (entry.backoffLevel > 0) {\n          res.setHeader('X-RateLimit-BackoffLevel', String(entry.backoffLevel));\n        }\n\n        next();\n      } catch (error: unknown) {\n        logger.error(\n          'Rate limiter error',\n          error instanceof Error ? error : new Error(String(error))\n        );\n        // Fail open - allow request on error\n        next();\n      }\n    };\n  }\n\n  /**\n   * Get client identifier from request\n   */\n  private getClientIdentifier(req: Request): string {\n    // Try various methods to identify the client\n    const forwarded = req.headers['x-forwarded-for'];\n    const realIp = req.headers['x-real-ip'];\n    const cfIp = req.headers['cf-connecting-ip']; // Cloudflare\n\n    if (typeof forwarded === 'string') {\n      return forwarded.split(',')[0].trim();\n    }\n    if (typeof realIp === 'string') {\n      return realIp;\n    }\n    if (typeof cfIp === 'string') {\n      return cfIp;\n    }\n\n    return req.ip || req.socket.remoteAddress || 'unknown';\n  }\n\n  /**\n   * Check if IP is whitelisted\n   */\n  private isWhitelisted(ip: string): boolean {\n    return (\n      this.config.whitelistIPs.includes(ip) ||\n      ip === '127.0.0.1' ||\n      ip === '::1' ||\n      ip.startsWith('192.168.') ||\n      ip.startsWith('10.')\n    );\n  }\n\n  /**\n   * Check if IP is blacklisted\n   */\n  private isBlacklisted(ip: string): boolean {\n    return this.config.blacklistIPs.includes(ip);\n  }\n\n  /**\n   * Get rate limit entry from local cache\n   */\n  private getFromLocalCache(clientId: string): RateLimitEntry | null {\n    const cached = this.localCache.get(clientId);\n    if (cached) {\n      const now = Date.now();\n      // Check if cache entry is still valid\n      if (now - cached.lastRequest < this.config.localCacheTTL) {\n        return cached;\n      }\n      // Remove stale entry\n      this.localCache.delete(clientId);\n      const index = this.localCacheOrder.indexOf(clientId);\n      if (index > -1) {\n        this.localCacheOrder.splice(index, 1);\n      }\n    }\n    return null;\n  }\n\n  /**\n   * Get rate limit entry from Redis\n   */\n  private async getFromRedis(clientId: string): Promise<RateLimitEntry> {\n    const key = `rate_limit:${clientId}`;\n    const data = await this.redis.get(key);\n\n    if (data) {\n      return JSON.parse(data);\n    }\n\n    // Return new entry\n    return {\n      requests: 0,\n      violations: 0,\n      backoffLevel: 0,\n      firstRequest: Date.now(),\n      lastRequest: Date.now(),\n    };\n  }\n\n  /**\n   * Update both local cache and Redis\n   */\n  private async updateCaches(\n    clientId: string,\n    entry: RateLimitEntry\n  ): Promise<void> {\n    // Update local cache with LRU eviction\n    if (!this.localCache.has(clientId)) {\n      // Check cache size limit\n      if (this.localCache.size >= this.config.localCacheSize) {\n        // Remove oldest entry\n        const oldest = this.localCacheOrder.shift();\n        if (oldest) {\n          this.localCache.delete(oldest);\n        }\n      }\n      this.localCacheOrder.push(clientId);\n    }\n    this.localCache.set(clientId, entry);\n\n    // Update Redis with TTL\n    const key = `rate_limit:${clientId}`;\n    const ttl = Math.ceil(\n      (this.config.windowMs * Math.pow(2, entry.backoffLevel)) / 1000\n    );\n    await this.redis.setex(key, ttl, JSON.stringify(entry));\n  }\n\n  /**\n   * Clean up stale entries from local cache\n   */\n  private cleanupLocalCache(): void {\n    const now = Date.now();\n    const staleThreshold = now - this.config.localCacheTTL;\n\n    for (const [clientId, entry] of this.localCache.entries()) {\n      if (entry.lastRequest < staleThreshold) {\n        this.localCache.delete(clientId);\n        const index = this.localCacheOrder.indexOf(clientId);\n        if (index > -1) {\n          this.localCacheOrder.splice(index, 1);\n        }\n      }\n    }\n\n    metrics.record('rate_limit.local_cache_size', this.localCache.size);\n  }\n\n  /**\n   * Reset rate limit for a specific client\n   */\n  async reset(clientId: string): Promise<void> {\n    this.localCache.delete(clientId);\n    const index = this.localCacheOrder.indexOf(clientId);\n    if (index > -1) {\n      this.localCacheOrder.splice(index, 1);\n    }\n    await this.redis.del(`rate_limit:${clientId}`);\n  }\n\n  /**\n   * Get current rate limit status for a client\n   */\n  async getStatus(clientId: string): Promise<RateLimitEntry | null> {\n    let entry = this.getFromLocalCache(clientId);\n    if (!entry) {\n      const data = await this.redis.get(`rate_limit:${clientId}`);\n      if (data) {\n        entry = JSON.parse(data);\n      }\n    }\n    return entry;\n  }\n\n  /**\n   * Add IP to blacklist\n   */\n  blacklistIP(ip: string): void {\n    if (!this.config.blacklistIPs.includes(ip)) {\n      this.config.blacklistIPs.push(ip);\n      logger.warn('IP blacklisted', { ip });\n    }\n  }\n\n  /**\n   * Remove IP from blacklist\n   */\n  unblacklistIP(ip: string): void {\n    const index = this.config.blacklistIPs.indexOf(ip);\n    if (index > -1) {\n      this.config.blacklistIPs.splice(index, 1);\n      logger.info('IP unblacklisted', { ip });\n    }\n  }\n}\n"],
-  "mappings": ";;;;AAEA,SAAS,cAAc;AACvB,SAAS,eAAe;AAuBjB,MAAM,uBAAuB;AAAA,EAC1B;AAAA,EACA,aAA0C,oBAAI,IAAI;AAAA,EAClD,kBAA4B,CAAC;AAAA,EAC7B;AAAA,EAER,YAAY,OAAc,SAAmC,CAAC,GAAG;AAC/D,SAAK,QAAQ;AACb,SAAK,SAAS;AAAA,MACZ,WAAW;AAAA,MACX,UAAU,KAAK;AAAA;AAAA,MACf,YAAY;AAAA,MACZ,mBAAmB;AAAA,MACnB,gBAAgB;AAAA,MAChB,eAAe,IAAI,KAAK;AAAA;AAAA,MACxB,cAAc,CAAC;AAAA,MACf,cAAc,CAAC;AAAA,MACf,oBAAoB,CAAC,QAAQ,KAAK,oBAAoB,GAAG;AAAA,MACzD,GAAG;AAAA,IACL;AAGA,gBAAY,MAAM,KAAK,kBAAkB,GAAG,KAAK,OAAO,aAAa;AAAA,EACvE;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa;AACX,WAAO,OACL,KACA,KACA,SACkB;AAClB,YAAM,WAAW,KAAK,OAAO,mBAAmB,GAAG;AAGnD,UAAI,KAAK,cAAc,QAAQ,GAAG;AAChC,eAAO,KAAK;AAAA,MACd;AAEA,UAAI,KAAK,cAAc,QAAQ,GAAG;AAChC,gBAAQ,UAAU,0BAA0B,EAAE,IAAI,SAAS,CAAC;AAC5D,YAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UACnB,OAAO;AAAA,UACP,MAAM;AAAA,QACR,CAAC;AACD;AAAA,MACF;AAEA,UAAI;AAEF,YAAI,QAAQ,KAAK,kBAAkB,QAAQ;AAE3C,YAAI,CAAC,OAAO;AAEV,kBAAQ,MAAM,KAAK,aAAa,QAAQ;AAAA,QAC1C;AAEA,cAAM,MAAM,KAAK,IAAI;AAGrB,YAAI,MAAM,gBAAgB,MAAM,eAAe,KAAK;AAClD,gBAAM,aAAa,KAAK,MAAM,MAAM,eAAe,OAAO,GAAI;AAC9D,kBAAQ,UAAU,sBAAsB;AAAA,YACtC,IAAI;AAAA,YACJ,cAAc,OAAO,MAAM,YAAY;AAAA,UACzC,CAAC;AAED,cAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YACnB,OAAO;AAAA,YACP,MAAM;AAAA,YACN;AAAA,YACA,cAAc,MAAM;AAAA,UACtB,CAAC;AACD,cAAI,UAAU,eAAe,OAAO,UAAU,CAAC;AAC/C,cAAI,UAAU,4BAA4B,OAAO,MAAM,YAAY,CAAC;AACpE;AAAA,QACF;AAGA,YAAI,MAAM,MAAM,eAAe,KAAK,OAAO,UAAU;AAEnD,kBAAQ;AAAA,YACN,UAAU;AAAA,YACV,YAAY,KAAK,IAAI,GAAG,MAAM,aAAa,CAAC;AAAA;AAAA,YAC5C,cAAc,KAAK,IAAI,GAAG,MAAM,eAAe,CAAC;AAAA;AAAA,YAChD,cAAc;AAAA,YACd,aAAa;AAAA,UACf;AAAA,QACF,OAAO;AACL,gBAAM;AACN,gBAAM,cAAc;AAAA,QACtB;AAGA,cAAM,eAAe,KAAK;AAAA,UACxB;AAAA,UACA,KAAK;AAAA,YACH,KAAK,OAAO,YACV,KAAK,IAAI,KAAK,OAAO,mBAAmB,MAAM,YAAY;AAAA,UAC9D;AAAA,QACF;AAGA,YAAI,MAAM,WAAW,cAAc;AACjC,gBAAM;AAGN,cAAI,MAAM,eAAe,KAAK,KAAK,KAAK,OAAO,UAAU,GAAG;AAC1D,kBAAM;AAAA,UACR;AAGA,gBAAM,kBACJ,KAAK,OAAO,WACZ,KAAK,IAAI,KAAK,OAAO,mBAAmB,MAAM,YAAY;AAC5D,gBAAM,eAAe,MAAM;AAG3B,gBAAM,KAAK,aAAa,UAAU,KAAK;AAEvC,gBAAM,aAAa,KAAK,KAAK,kBAAkB,GAAI;AACnD,kBAAQ,UAAU,uBAAuB;AAAA,YACvC,IAAI;AAAA,YACJ,YAAY,OAAO,MAAM,UAAU;AAAA,YACnC,cAAc,OAAO,MAAM,YAAY;AAAA,UACzC,CAAC;AAED,cAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YACnB,OAAO;AAAA,YACP,MAAM;AAAA,YACN;AAAA,YACA,YAAY,MAAM;AAAA,YAClB,cAAc,MAAM;AAAA,YACpB;AAAA,UACF,CAAC;AACD,cAAI,UAAU,eAAe,OAAO,UAAU,CAAC;AAC/C,cAAI,UAAU,qBAAqB,OAAO,YAAY,CAAC;AACvD,cAAI,UAAU,yBAAyB,GAAG;AAC1C,cAAI,UAAU,4BAA4B,OAAO,MAAM,YAAY,CAAC;AACpE;AAAA,QACF;AAGA,cAAM,KAAK,aAAa,UAAU,KAAK;AAGvC,YAAI,UAAU,qBAAqB,OAAO,YAAY,CAAC;AACvD,YAAI;AAAA,UACF;AAAA,UACA,OAAO,eAAe,MAAM,QAAQ;AAAA,QACtC;AACA,YAAI;AAAA,UACF;AAAA,UACA,OAAO,IAAI,KAAK,MAAM,eAAe,KAAK,OAAO,QAAQ,EAAE,QAAQ,CAAC;AAAA,QACtE;AAEA,YAAI,MAAM,eAAe,GAAG;AAC1B,cAAI,UAAU,4BAA4B,OAAO,MAAM,YAAY,CAAC;AAAA,QACtE;AAEA,aAAK;AAAA,MACP,SAAS,OAAgB;AACvB,eAAO;AAAA,UACL;AAAA,UACA,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,OAAO,KAAK,CAAC;AAAA,QAC1D;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,oBAAoB,KAAsB;AAEhD,UAAM,YAAY,IAAI,QAAQ,iBAAiB;AAC/C,UAAM,SAAS,IAAI,QAAQ,WAAW;AACtC,UAAM,OAAO,IAAI,QAAQ,kBAAkB;AAE3C,QAAI,OAAO,cAAc,UAAU;AACjC,aAAO,UAAU,MAAM,GAAG,EAAE,CAAC,EAAE,KAAK;AAAA,IACtC;AACA,QAAI,OAAO,WAAW,UAAU;AAC9B,aAAO;AAAA,IACT;AACA,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO;AAAA,IACT;AAEA,WAAO,IAAI,MAAM,IAAI,OAAO,iBAAiB;AAAA,EAC/C;AAAA;AAAA;AAAA;AAAA,EAKQ,cAAc,IAAqB;AACzC,WACE,KAAK,OAAO,aAAa,SAAS,EAAE,KACpC,OAAO,eACP,OAAO,SACP,GAAG,WAAW,UAAU,KACxB,GAAG,WAAW,KAAK;AAAA,EAEvB;AAAA;AAAA;AAAA;AAAA,EAKQ,cAAc,IAAqB;AACzC,WAAO,KAAK,OAAO,aAAa,SAAS,EAAE;AAAA,EAC7C;AAAA;AAAA;AAAA;AAAA,EAKQ,kBAAkB,UAAyC;AACjE,UAAM,SAAS,KAAK,WAAW,IAAI,QAAQ;AAC3C,QAAI,QAAQ;AACV,YAAM,MAAM,KAAK,IAAI;AAErB,UAAI,MAAM,OAAO,cAAc,KAAK,OAAO,eAAe;AACxD,eAAO;AAAA,MACT;AAEA,WAAK,WAAW,OAAO,QAAQ;AAC/B,YAAM,QAAQ,KAAK,gBAAgB,QAAQ,QAAQ;AACnD,UAAI,QAAQ,IAAI;AACd,aAAK,gBAAgB,OAAO,OAAO,CAAC;AAAA,MACtC;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,aAAa,UAA2C;AACpE,UAAM,MAAM,cAAc,QAAQ;AAClC,UAAM,OAAO,MAAM,KAAK,MAAM,IAAI,GAAG;AAErC,QAAI,MAAM;AACR,aAAO,KAAK,MAAM,IAAI;AAAA,IACxB;AAGA,WAAO;AAAA,MACL,UAAU;AAAA,MACV,YAAY;AAAA,MACZ,cAAc;AAAA,MACd,cAAc,KAAK,IAAI;AAAA,MACvB,aAAa,KAAK,IAAI;AAAA,IACxB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,aACZ,UACA,OACe;AAEf,QAAI,CAAC,KAAK,WAAW,IAAI,QAAQ,GAAG;AAElC,UAAI,KAAK,WAAW,QAAQ,KAAK,OAAO,gBAAgB;AAEtD,cAAM,SAAS,KAAK,gBAAgB,MAAM;AAC1C,YAAI,QAAQ;AACV,eAAK,WAAW,OAAO,MAAM;AAAA,QAC/B;AAAA,MACF;AACA,WAAK,gBAAgB,KAAK,QAAQ;AAAA,IACpC;AACA,SAAK,WAAW,IAAI,UAAU,KAAK;AAGnC,UAAM,MAAM,cAAc,QAAQ;AAClC,UAAM,MAAM,KAAK;AAAA,MACd,KAAK,OAAO,WAAW,KAAK,IAAI,GAAG,MAAM,YAAY,IAAK;AAAA,IAC7D;AACA,UAAM,KAAK,MAAM,MAAM,KAAK,KAAK,KAAK,UAAU,KAAK,CAAC;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA,EAKQ,oBAA0B;AAChC,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,iBAAiB,MAAM,KAAK,OAAO;AAEzC,eAAW,CAAC,UAAU,KAAK,KAAK,KAAK,WAAW,QAAQ,GAAG;AACzD,UAAI,MAAM,cAAc,gBAAgB;AACtC,aAAK,WAAW,OAAO,QAAQ;AAC/B,cAAM,QAAQ,KAAK,gBAAgB,QAAQ,QAAQ;AACnD,YAAI,QAAQ,IAAI;AACd,eAAK,gBAAgB,OAAO,OAAO,CAAC;AAAA,QACtC;AAAA,MACF;AAAA,IACF;AAEA,YAAQ,OAAO,+BAA+B,KAAK,WAAW,IAAI;AAAA,EACpE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MAAM,UAAiC;AAC3C,SAAK,WAAW,OAAO,QAAQ;AAC/B,UAAM,QAAQ,KAAK,gBAAgB,QAAQ,QAAQ;AACnD,QAAI,QAAQ,IAAI;AACd,WAAK,gBAAgB,OAAO,OAAO,CAAC;AAAA,IACtC;AACA,UAAM,KAAK,MAAM,IAAI,cAAc,QAAQ,EAAE;AAAA,EAC/C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,UAAU,UAAkD;AAChE,QAAI,QAAQ,KAAK,kBAAkB,QAAQ;AAC3C,QAAI,CAAC,OAAO;AACV,YAAM,OAAO,MAAM,KAAK,MAAM,IAAI,cAAc,QAAQ,EAAE;AAC1D,UAAI,MAAM;AACR,gBAAQ,KAAK,MAAM,IAAI;AAAA,MACzB;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY,IAAkB;AAC5B,QAAI,CAAC,KAAK,OAAO,aAAa,SAAS,EAAE,GAAG;AAC1C,WAAK,OAAO,aAAa,KAAK,EAAE;AAChC,aAAO,KAAK,kBAAkB,EAAE,GAAG,CAAC;AAAA,IACtC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc,IAAkB;AAC9B,UAAM,QAAQ,KAAK,OAAO,aAAa,QAAQ,EAAE;AACjD,QAAI,QAAQ,IAAI;AACd,WAAK,OAAO,aAAa,OAAO,OAAO,CAAC;AACxC,aAAO,KAAK,oBAAoB,EAAE,GAAG,CAAC;AAAA,IACxC;AAAA,EACF;AACF;",
-  "names": []
-}

package/dist/models/user.model.js

@@ -1,358 +0,0 @@
-import { fileURLToPath as __fileURLToPath } from 'url';
-import { dirname as __pathDirname } from 'path';
-const __filename = __fileURLToPath(import.meta.url);
-const __dirname = __pathDirname(__filename);
-import { v4 as uuidv4 } from "uuid";
-import * as bcrypt from "bcryptjs";
-import { logger } from "../core/monitoring/logger.js";
-class UserModel {
-  db;
-  constructor(db) {
-    this.db = db;
-    this.initialize();
-  }
-  initialize() {
-    this.db.exec(`
-      CREATE TABLE IF NOT EXISTS users (
-        id TEXT PRIMARY KEY,
-        sub TEXT UNIQUE NOT NULL,
-        email TEXT UNIQUE NOT NULL,
-        name TEXT,
-        avatar TEXT,
-        tier TEXT DEFAULT 'free',
-        permissions TEXT DEFAULT '["read", "write"]',
-        organizations TEXT DEFAULT '[]',
-        api_keys TEXT DEFAULT '[]',
-        created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
-        updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
-        last_login_at DATETIME,
-        metadata TEXT DEFAULT '{}'
-      )
-    `);
-    this.db.exec(`
-      CREATE TABLE IF NOT EXISTS user_sessions (
-        id TEXT PRIMARY KEY,
-        user_id TEXT NOT NULL,
-        token TEXT UNIQUE NOT NULL,
-        expires_at DATETIME NOT NULL,
-        created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
-        metadata TEXT DEFAULT '{}',
-        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
-      )
-    `);
-    this.db.exec(`
-      CREATE TABLE IF NOT EXISTS api_keys (
-        id TEXT PRIMARY KEY,
-        user_id TEXT NOT NULL,
-        key_hash TEXT UNIQUE NOT NULL,
-        name TEXT,
-        last_used_at DATETIME,
-        created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
-        expires_at DATETIME,
-        metadata TEXT DEFAULT '{}',
-        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
-      )
-    `);
-    this.db.exec(`
-      CREATE INDEX IF NOT EXISTS idx_users_sub ON users(sub);
-      CREATE INDEX IF NOT EXISTS idx_users_email ON users(email);
-      CREATE INDEX IF NOT EXISTS idx_sessions_token ON user_sessions(token);
-      CREATE INDEX IF NOT EXISTS idx_sessions_user ON user_sessions(user_id);
-      CREATE INDEX IF NOT EXISTS idx_sessions_expires ON user_sessions(expires_at);
-      CREATE INDEX IF NOT EXISTS idx_api_keys_hash ON api_keys(key_hash);
-      CREATE INDEX IF NOT EXISTS idx_api_keys_user ON api_keys(user_id);
-    `);
-    logger.info("User database schema initialized");
-  }
-  async createUser(userData) {
-    if (!userData.sub || !userData.email) {
-      throw new Error("User sub and email are required");
-    }
-    const user = {
-      id: userData.id || uuidv4(),
-      sub: userData.sub,
-      email: userData.email,
-      name: userData.name,
-      avatar: userData.avatar,
-      tier: userData.tier || "free",
-      permissions: userData.permissions || ["read", "write"],
-      organizations: userData.organizations || [],
-      apiKeys: userData.apiKeys || [],
-      createdAt: /* @__PURE__ */ new Date(),
-      updatedAt: /* @__PURE__ */ new Date(),
-      metadata: userData.metadata || {}
-    };
-    const stmt = this.db.prepare(`
-      INSERT INTO users (
-        id, sub, email, name, avatar, tier, permissions, 
-        organizations, api_keys, created_at, updated_at, metadata
-      ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-    `);
-    stmt.run(
-      user.id,
-      user.sub,
-      user.email,
-      user.name,
-      user.avatar,
-      user.tier,
-      JSON.stringify(user.permissions),
-      JSON.stringify(user.organizations),
-      JSON.stringify(user.apiKeys),
-      user.createdAt.toISOString(),
-      user.updatedAt.toISOString(),
-      JSON.stringify(user.metadata)
-    );
-    logger.info("User created", { userId: user.id, email: user.email });
-    return user;
-  }
-  async findUserBySub(sub) {
-    const stmt = this.db.prepare("SELECT * FROM users WHERE sub = ?");
-    const row = stmt.get(sub);
-    if (!row) {
-      return null;
-    }
-    return this.rowToUser(row);
-  }
-  async findUserByEmail(email) {
-    const stmt = this.db.prepare("SELECT * FROM users WHERE email = ?");
-    const row = stmt.get(email);
-    if (!row) {
-      return null;
-    }
-    return this.rowToUser(row);
-  }
-  async findUserById(id) {
-    const stmt = this.db.prepare("SELECT * FROM users WHERE id = ?");
-    const row = stmt.get(id);
-    if (!row) {
-      return null;
-    }
-    return this.rowToUser(row);
-  }
-  async updateUser(id, updates) {
-    const user = await this.findUserById(id);
-    if (!user) {
-      return null;
-    }
-    const updatedUser = {
-      ...user,
-      ...updates,
-      updatedAt: /* @__PURE__ */ new Date()
-    };
-    const stmt = this.db.prepare(`
-      UPDATE users SET
-        email = ?, name = ?, avatar = ?, tier = ?, 
-        permissions = ?, organizations = ?, api_keys = ?,
-        updated_at = ?, last_login_at = ?, metadata = ?
-      WHERE id = ?
-    `);
-    stmt.run(
-      updatedUser.email,
-      updatedUser.name,
-      updatedUser.avatar,
-      updatedUser.tier,
-      JSON.stringify(updatedUser.permissions),
-      JSON.stringify(updatedUser.organizations),
-      JSON.stringify(updatedUser.apiKeys),
-      updatedUser.updatedAt.toISOString(),
-      updatedUser.lastLoginAt?.toISOString(),
-      JSON.stringify(updatedUser.metadata),
-      id
-    );
-    logger.info("User updated", { userId: id });
-    return updatedUser;
-  }
-  async deleteUser(id) {
-    const stmt = this.db.prepare("DELETE FROM users WHERE id = ?");
-    const result = stmt.run(id);
-    if (result.changes > 0) {
-      logger.info("User deleted", { userId: id });
-      return true;
-    }
-    return false;
-  }
-  async updateLastLogin(id) {
-    const stmt = this.db.prepare(
-      "UPDATE users SET last_login_at = ? WHERE id = ?"
-    );
-    stmt.run((/* @__PURE__ */ new Date()).toISOString(), id);
-  }
-  // Session management
-  async createSession(userId, expiresIn = 86400) {
-    const session = {
-      id: uuidv4(),
-      userId,
-      token: this.generateSessionToken(),
-      expiresAt: new Date(Date.now() + expiresIn * 1e3),
-      createdAt: /* @__PURE__ */ new Date(),
-      metadata: {}
-    };
-    const stmt = this.db.prepare(`
-      INSERT INTO user_sessions (id, user_id, token, expires_at, created_at, metadata)
-      VALUES (?, ?, ?, ?, ?, ?)
-    `);
-    stmt.run(
-      session.id,
-      session.userId,
-      session.token,
-      session.expiresAt.toISOString(),
-      session.createdAt.toISOString(),
-      JSON.stringify(session.metadata)
-    );
-    logger.info("Session created", { sessionId: session.id, userId });
-    return session;
-  }
-  async findSessionByToken(token) {
-    const stmt = this.db.prepare("SELECT * FROM user_sessions WHERE token = ?");
-    const row = stmt.get(token);
-    if (!row) {
-      return null;
-    }
-    return this.rowToSession(row);
-  }
-  async validateSession(token) {
-    const session = await this.findSessionByToken(token);
-    if (!session) {
-      return null;
-    }
-    if (new Date(session.expiresAt) < /* @__PURE__ */ new Date()) {
-      await this.deleteSession(session.id);
-      return null;
-    }
-    return await this.findUserById(session.userId);
-  }
-  async deleteSession(id) {
-    const stmt = this.db.prepare("DELETE FROM user_sessions WHERE id = ?");
-    const result = stmt.run(id);
-    return result.changes > 0;
-  }
-  async deleteExpiredSessions() {
-    const stmt = this.db.prepare(
-      "DELETE FROM user_sessions WHERE expires_at < ?"
-    );
-    const result = stmt.run((/* @__PURE__ */ new Date()).toISOString());
-    if (result.changes > 0) {
-      logger.info("Expired sessions deleted", { count: result.changes });
-    }
-    return result.changes;
-  }
-  // API Key management
-  async generateApiKey(userId, name) {
-    const user = await this.findUserById(userId);
-    if (!user) {
-      throw new Error("User not found");
-    }
-    const apiKey = `sk-${this.generateToken(32)}`;
-    const hashedKey = await bcrypt.hash(apiKey, 10);
-    const stmt = this.db.prepare(`
-      INSERT INTO api_keys (id, user_id, key_hash, name, created_at)
-      VALUES (?, ?, ?, ?, ?)
-    `);
-    const apiKeyId = uuidv4();
-    stmt.run(
-      apiKeyId,
-      userId,
-      hashedKey,
-      name || "API Key",
-      (/* @__PURE__ */ new Date()).toISOString()
-    );
-    logger.info("API key generated", { userId, apiKeyId });
-    return apiKey;
-  }
-  async validateApiKey(apiKey) {
-    const stmt = this.db.prepare(`
-      SELECT u.*, ak.id as api_key_id, ak.key_hash
-      FROM api_keys ak
-      JOIN users u ON ak.user_id = u.id
-      WHERE (ak.expires_at IS NULL OR ak.expires_at > datetime('now'))
-    `);
-    const rows = stmt.all();
-    for (const row of rows) {
-      if (await bcrypt.compare(apiKey, row.key_hash)) {
-        const updateStmt = this.db.prepare(
-          "UPDATE api_keys SET last_used_at = ? WHERE id = ?"
-        );
-        updateStmt.run((/* @__PURE__ */ new Date()).toISOString(), row.api_key_id);
-        return this.rowToUser(row);
-      }
-    }
-    return null;
-  }
-  async revokeApiKey(userId, apiKeyId) {
-    const stmt = this.db.prepare(
-      "DELETE FROM api_keys WHERE id = ? AND user_id = ?"
-    );
-    const result = stmt.run(apiKeyId, userId);
-    if (result.changes > 0) {
-      logger.info("API key revoked", { userId, apiKeyId });
-      return true;
-    }
-    return false;
-  }
-  async listApiKeys(userId) {
-    const stmt = this.db.prepare(`
-      SELECT id, name, last_used_at, created_at
-      FROM api_keys
-      WHERE user_id = ?
-      ORDER BY created_at DESC
-    `);
-    const rows = stmt.all(userId);
-    return rows.map((row) => ({
-      id: row.id,
-      name: row.name,
-      lastUsed: row.last_used_at ? new Date(row.last_used_at) : void 0,
-      createdAt: new Date(row.created_at)
-    }));
-  }
-  // Helper methods
-  rowToUser(row) {
-    return {
-      id: row.id,
-      sub: row.sub,
-      email: row.email,
-      name: row.name,
-      avatar: row.avatar,
-      tier: row.tier,
-      permissions: JSON.parse(row.permissions),
-      organizations: JSON.parse(row.organizations),
-      apiKeys: JSON.parse(row.api_keys || "[]"),
-      createdAt: new Date(row.created_at),
-      updatedAt: new Date(row.updated_at),
-      lastLoginAt: row.last_login_at ? new Date(row.last_login_at) : void 0,
-      metadata: JSON.parse(row.metadata || "{}")
-    };
-  }
-  rowToSession(row) {
-    return {
-      id: row.id,
-      userId: row.user_id,
-      token: row.token,
-      expiresAt: new Date(row.expires_at),
-      createdAt: new Date(row.created_at),
-      metadata: JSON.parse(row.metadata || "{}")
-    };
-  }
-  generateSessionToken() {
-    return this.generateToken(48);
-  }
-  generateToken(length) {
-    const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-    let token = "";
-    for (let i = 0; i < length; i++) {
-      token += chars.charAt(Math.floor(Math.random() * chars.length));
-    }
-    return token;
-  }
-}
-let userModelInstance = null;
-function getUserModel(db) {
-  if (!userModelInstance) {
-    userModelInstance = new UserModel(db);
-  }
-  return userModelInstance;
-}
-export {
-  UserModel,
-  getUserModel
-};
-//# sourceMappingURL=user.model.js.map