@strav/http 0.2.4 → 0.2.8

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@strav/http",
-  "version": "0.2.4",
+  "version": "0.2.8",
   "type": "module",
   "description": "HTTP layer for the Strav framework — router, server, middleware, authentication, sessions, validation, and views",
   "license": "MIT",
@@ -19,6 +19,7 @@
   ],
   "exports": {
     ".": "./src/index.ts",
+    "./client": "./src/client/index.ts",
     "./http": "./src/http/index.ts",
     "./http/*": "./src/http/*.ts",
     "./view": "./src/view/index.ts",
@@ -35,8 +36,8 @@
     "./providers/*": "./src/providers/*.ts"
   },
   "peerDependencies": {
-    "@strav/kernel": "0.1.4",
-    "@strav/database": "0.1.4"
+    "@strav/kernel": "0.2.6",
+    "@strav/database": "0.2.6"
   },
   "dependencies": {
     "@vue/compiler-sfc": "^3.5.28",

package/src/auth/middleware/guest.ts

@@ -27,7 +27,7 @@ export function guest(redirectTo?: string): Middleware {
 
     if (guardName === 'session') {
       const session = ctx.get<Session>('session')
-      isAuthenticated = session !== null && session.isAuthenticated && !session.isExpired()
+      isAuthenticated = session && session.isAuthenticated && !session.isExpired()
     } else if (guardName === 'token') {
       const header = ctx.header('authorization')
       if (header?.startsWith('Bearer ')) {

package/src/client/index.ts

@@ -0,0 +1,41 @@
+/**
+ * Browser-safe HTTP utilities from @strav/http
+ *
+ * This module exports only browser-compatible functionality,
+ * avoiding Node.js dependencies that cause bundling issues.
+ *
+ * @example
+ * ```typescript
+ * import { route, routeUrl } from '@strav/http/client'
+ *
+ * // Use route helpers on the client-side
+ * const response = await route('users.show', { params: { id: 123 } })
+ * const profileUrl = routeUrl('users.profile', { id: 456 })
+ * ```
+ */
+
+// Re-export browser-safe route helpers (no Node.js dependencies)
+export { route, routeUrl, registerRoutes } from './route_helper.ts'
+export type { RouteOptions } from './route_helper.ts'
+
+// Re-export browser-safe types
+export type {
+  Handler,
+  Middleware,
+  Next
+} from '../http/middleware.ts'
+
+export type {
+  CorsOptions
+} from '../http/cors.ts'
+
+export type {
+  CookieOptions
+} from '../http/cookie.ts'
+
+export type {
+  RouteDefinition,
+  GroupOptions,
+  WebSocketHandlers,
+  WebSocketData
+} from '../http/router.ts'

package/src/client/route_helper.ts

@@ -0,0 +1,181 @@
+/**
+ * Browser-safe route helpers that work without the server-side router instance.
+ *
+ * These functions maintain the same API as the server-side route helpers but
+ * require route definitions to be provided at runtime or fallback to URL construction.
+ */
+
+export interface RouteOptions extends Omit<RequestInit, 'body'> {
+  params?: Record<string, any>
+  body?: any
+}
+
+// Global registry for client-side route definitions
+const clientRoutes = new Map<string, { method: string; pattern: string }>()
+
+/**
+ * Register route definitions for client-side use.
+ * This should be called during app initialization with route data from the server.
+ */
+export function registerRoutes(routes: Record<string, { method: string; pattern: string }>) {
+  Object.entries(routes).forEach(([name, def]) => {
+    clientRoutes.set(name, def)
+  })
+}
+
+/**
+ * Generate a URL for a named route with optional parameters.
+ *
+ * @example
+ * const profileUrl = routeUrl('users.profile', { id: 456 })
+ * // Returns '/users/456'
+ */
+export function routeUrl(name: string, params?: Record<string, any>): string {
+  const routeDef = clientRoutes.get(name)
+  if (!routeDef) {
+    throw new Error(`Route '${name}' not found. Make sure to call registerRoutes() with route definitions.`)
+  }
+
+  return generateUrl(routeDef.pattern, params)
+}
+
+/**
+ * Invoke a named route with automatic method detection and smart defaults.
+ *
+ * @example
+ * // Simple POST with JSON body
+ * await route('auth.register', {
+ *   name: 'John',
+ *   email: 'john@example.com',
+ *   password: 'secret'
+ * })
+ *
+ * // GET with URL parameters
+ * await route('users.show', { params: { id: 123 } })
+ */
+export async function route(
+  name: string,
+  data?: any,
+  options?: RouteOptions
+): Promise<Response> {
+  const routeDef = clientRoutes.get(name)
+  if (!routeDef) {
+    throw new Error(`Route '${name}' not found. Make sure to call registerRoutes() with route definitions.`)
+  }
+
+  // Determine if data is the body or options
+  let body: any
+  let opts: RouteOptions = {}
+
+  if (data !== undefined) {
+    // If data has params, body, or any RequestInit properties, treat it as options
+    if (
+      typeof data === 'object' &&
+      !Array.isArray(data) &&
+      !(data instanceof FormData) &&
+      !(data instanceof Blob) &&
+      !(data instanceof ArrayBuffer) &&
+      !(data instanceof URLSearchParams) &&
+      ('params' in data || 'body' in data || 'headers' in data || 'cache' in data ||
+       'credentials' in data || 'mode' in data || 'redirect' in data || 'referrer' in data)
+    ) {
+      opts = data
+      body = opts.body
+    } else {
+      // Otherwise, treat data as the body
+      body = data
+      opts = options || {}
+    }
+  } else {
+    opts = options || {}
+  }
+
+  // Generate URL with parameters
+  const generatedUrl = generateUrl(routeDef.pattern, opts.params)
+
+  // Determine method from route definition
+  const method = opts.method || routeDef.method
+
+  // Build headers with smart defaults
+  const headers = new Headers(opts.headers)
+
+  // Set default Accept header if not provided
+  if (!headers.has('Accept')) {
+    headers.set('Accept', 'application/json')
+  }
+
+  // Handle body and Content-Type
+  let requestBody: string | FormData | Blob | ArrayBuffer | URLSearchParams | undefined
+  if (body !== undefined && method !== 'GET' && method !== 'HEAD') {
+    if (body instanceof FormData || body instanceof Blob || body instanceof ArrayBuffer || body instanceof URLSearchParams) {
+      // Let fetch set the Content-Type for FormData, or use the existing type for Blob/ArrayBuffer
+      requestBody = body
+    } else if (typeof body === 'object') {
+      // JSON body
+      if (!headers.has('Content-Type')) {
+        headers.set('Content-Type', 'application/json')
+      }
+      requestBody = JSON.stringify(body)
+    } else {
+      // String or other primitive
+      requestBody = String(body)
+      if (!headers.has('Content-Type')) {
+        headers.set('Content-Type', 'text/plain')
+      }
+    }
+  }
+
+  // Set default credentials if not provided
+  const credentials = opts.credentials || 'same-origin'
+
+  // Build final fetch options
+  const fetchOptions: RequestInit = {
+    ...opts,
+    method,
+    headers,
+    credentials,
+    ...(requestBody !== undefined && { body: requestBody })
+  }
+
+  // Remove our custom properties
+  delete (fetchOptions as any).params
+
+  return fetch(generatedUrl, fetchOptions)
+}
+
+/**
+ * Generate URL from pattern and parameters (browser-safe version)
+ */
+function generateUrl(pattern: string, params?: Record<string, any>): string {
+  let url = pattern
+  const queryParams: Record<string, string> = {}
+
+  if (params) {
+    Object.entries(params).forEach(([key, value]) => {
+      const paramPattern = `:${key}`
+      const wildcardPattern = `*${key}`
+
+      if (url.includes(paramPattern)) {
+        // Replace route parameter
+        url = url.replace(paramPattern, encodeURIComponent(String(value)))
+      } else if (url.includes(wildcardPattern)) {
+        // Replace wildcard parameter
+        url = url.replace(`/${wildcardPattern}`, `/${encodeURIComponent(String(value))}`)
+      } else {
+        // Add as query parameter
+        queryParams[key] = String(value)
+      }
+    })
+  }
+
+  // Append query parameters
+  const queryString = Object.keys(queryParams)
+    .map(key => `${encodeURIComponent(key)}=${encodeURIComponent(queryParams[key] ?? '')}`)
+    .join('&')
+
+  if (queryString) {
+    url += (url.includes('?') ? '&' : '?') + queryString
+  }
+
+  return url
+}

package/src/http/context.ts

@@ -67,6 +67,22 @@ export default class Context {
     return this._subdomain
   }
 
+  /**
+   * Get the full origin (protocol + host) of the current request.
+   * Uses the X-Forwarded-Proto header if present (common behind proxies),
+   * otherwise determines from the request URL.
+   */
+  getOrigin(): string {
+    // Check for forwarded protocol (when behind proxy/load balancer)
+    const forwardedProto = this.headers.get('x-forwarded-proto')
+    const protocol = forwardedProto ? `${forwardedProto}:` : this.url.protocol
+
+    // Get host from header (includes port if non-standard)
+    const host = this.headers.get('host') || this.url.host
+
+    return `${protocol}//${host}`
+  }
+
   /** Shorthand for reading a single request header. */
   header(name: string): string | null {
     return this.headers.get(name)

package/src/http/index.ts

@@ -8,7 +8,7 @@ export { compose } from './middleware.ts'
 export { serializeCookie, parseCookies, withCookie, clearCookie } from './cookie.ts'
 export { rateLimit, MemoryStore } from './rate_limit.ts'
 export { Resource } from './resource.ts'
-export { route, routeUrl } from './route_helper.ts'
+export { route, routeUrl, routeFullUrl } from './route_helper.ts'
 export type { Handler, Middleware, Next } from './middleware.ts'
 export type { GroupOptions, WebSocketHandlers, WebSocketData, RouteDefinition } from './router.ts'
 export type { CookieOptions } from './cookie.ts'

package/src/http/route_helper.ts

@@ -1,5 +1,7 @@
 import { router } from './index.ts'
 import type { RouteDefinition } from './router.ts'
+import { app } from '@strav/kernel/core/application'
+import Configuration from '@strav/kernel/config/configuration'
 
 export interface RouteOptions extends Omit<RequestInit, 'body'> {
   params?: Record<string, any>
@@ -131,4 +133,62 @@ export async function route(
  */
 export function routeUrl(name: string, params?: Record<string, any>): string {
   return router.generateUrl(name, params)
+}
+
+/**
+ * Generate a full URL (with protocol and domain) for a named route.
+ *
+ * Uses the APP_URL from configuration if set, otherwise constructs from
+ * the current request context (requires passing the context).
+ *
+ * @example
+ * // With APP_URL configured
+ * const resetUrl = routeFullUrl('auth.password.reset', { token: 'abc123' })
+ * // Returns 'https://example.com/auth/password-reset?token=abc123'
+ *
+ * // With request context
+ * const profileUrl = routeFullUrl('users.profile', { id: 456 }, ctx)
+ * // Returns 'https://example.com/users/456'
+ *
+ * // Override the base URL
+ * const apiUrl = routeFullUrl('api.users', {}, null, 'https://api.example.com')
+ * // Returns 'https://api.example.com/api/users'
+ */
+export function routeFullUrl(
+  name: string,
+  params?: Record<string, any>,
+  context?: { getOrigin(): string } | null,
+  baseUrl?: string
+): string {
+  const path = routeUrl(name, params)
+
+  // Use provided base URL if given
+  if (baseUrl) {
+    return baseUrl.replace(/\/$/, '') + path
+  }
+
+  // Try to get app_url from config
+  const config = app.resolve(Configuration)
+  const appUrl = config.get('http.app_url') as string | undefined
+
+  if (appUrl) {
+    return appUrl.replace(/\/$/, '') + path
+  }
+
+  // Fall back to context origin
+  if (context) {
+    return context.getOrigin() + path
+  }
+
+  // If no context and no config, construct from http config
+  const protocol = config.get('http.secure', false) ? 'https' : 'http'
+  const domain = config.get('http.domain', 'localhost') as string
+  const port = config.get('http.port', 3000) as number
+
+  // Only include port if non-standard
+  const includePort = (protocol === 'http' && port !== 80) ||
+                      (protocol === 'https' && port !== 443)
+  const host = includePort ? `${domain}:${port}` : domain
+
+  return `${protocol}://${host}${path}`
 }

package/src/http/router.ts

@@ -446,6 +446,17 @@ export default class Router {
     return this.routes.find(route => route.name === name)
   }
 
+  /**
+   * Get all registered routes.
+   *
+   * @example
+   * const routes = router.getAllRoutes()
+   * // Returns array of all route definitions
+   */
+  getAllRoutes(): readonly RouteDefinition[] {
+    return this.routes
+  }
+
   /**
    * Generate a URL for a named route with optional parameters.
    *

package/src/index.ts

@@ -1,5 +1,4 @@
 export * from './http/index.ts'
-export * from './view/index.ts'
 export * from './session/index.ts'
 export * from './validation/index.ts'
 export * from './policy/index.ts'
@@ -7,4 +6,4 @@ export * from './auth/index.ts'
 export * from './providers/index.ts'
 
 // Route helpers for named route invocation
-export { route, routeUrl } from './http/route_helper.ts'
+export { route, routeUrl, routeFullUrl } from './http/route_helper.ts'

package/src/view/cache.ts

@@ -1,47 +0,0 @@
-export interface RenderResult {
-  output: string
-  blocks: Record<string, string>
-}
-
-export type RenderFunction = (
-  data: Record<string, unknown>,
-  includeFn: IncludeFn
-) => Promise<RenderResult>
-
-export type IncludeFn = (name: string, data: Record<string, unknown>) => Promise<string>
-
-export interface CacheEntry {
-  fn: RenderFunction
-  layout?: string
-  mtime: number
-  filePath: string
-}
-
-export default class TemplateCache {
-  private entries = new Map<string, CacheEntry>()
-
-  get(name: string): CacheEntry | undefined {
-    return this.entries.get(name)
-  }
-
-  set(name: string, entry: CacheEntry): void {
-    this.entries.set(name, entry)
-  }
-
-  async isStale(name: string): Promise<boolean> {
-    const entry = this.entries.get(name)
-    if (!entry) return true
-    const file = Bun.file(entry.filePath)
-    const exists = await file.exists()
-    if (!exists) return true
-    return file.lastModified > entry.mtime
-  }
-
-  delete(name: string): void {
-    this.entries.delete(name)
-  }
-
-  clear(): void {
-    this.entries.clear()
-  }
-}

package/src/view/client/islands.ts

@@ -1,84 +0,0 @@
-// @ts-nocheck — Client-side script; requires DOM types provided by the app's bundler config.
-/**
- * Vue Islands Bootstrap
- *
- * Auto-discovers elements with [data-vue] attributes and mounts
- * Vue components on them via a single shared Vue app instance.
- * All islands share the same app context (plugins, provide/inject,
- * global components), connected to their marker elements via Teleport.
- *
- * Register your components on the window before this script runs:
- *
- *   import Counter from './components/Counter.vue'
- *   window.__vue_components = { counter: Counter }
- *
- * Optionally provide a setup function to install plugins:
- *
- *   window.__vue_setup = (app) => {
- *     app.use(somePlugin)
- *     app.provide('key', value)
- *   }
- *
- * Then in your .strav templates:
- *   <vue:counter :initial="{{ count }}" label="Click me" />
- */
-
-import { createApp, defineComponent, h, Teleport } from 'vue'
-
-declare global {
-  interface Window {
-    __vue_components?: Record<string, any>
-    __vue_setup?: (app: any) => void
-  }
-}
-
-function toPascalCase(str: string): string {
-  return str.replace(/(^|-)(\w)/g, (_match, _sep, char) => char.toUpperCase())
-}
-
-function mountIslands(): void {
-  const components = window.__vue_components ?? {}
-
-  const islands: { Component: any; props: Record<string, any>; el: HTMLElement }[] = []
-
-  document.querySelectorAll<HTMLElement>('[data-vue]').forEach(el => {
-    const name = el.dataset.vue
-    if (!name) return
-
-    const Component = components[name] ?? components[toPascalCase(name)]
-    if (!Component) {
-      console.warn(`[islands] Unknown component: ${name}`)
-      return
-    }
-
-    const props = JSON.parse(el.dataset.props ?? '{}')
-    islands.push({ Component, props, el })
-  })
-
-  if (islands.length === 0) return
-
-  const Root = defineComponent({
-    render() {
-      return islands.map(island =>
-        h(Teleport, { to: island.el }, [h(island.Component, island.props)])
-      )
-    },
-  })
-
-  const app = createApp(Root)
-
-  if (typeof window.__vue_setup === 'function') {
-    window.__vue_setup(app)
-  }
-
-  const root = document.createElement('div')
-  root.style.display = 'contents'
-  document.body.appendChild(root)
-  app.mount(root)
-}
-
-if (document.readyState === 'loading') {
-  document.addEventListener('DOMContentLoaded', mountIslands)
-} else {
-  mountIslands()
-}