npm - @superdangerous/app-framework - Versions diffs - 4.9.0 - Mend

@superdangerous/app-framework 4.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (239) hide show

package/LICENSE +21 -0
package/README.md +652 -0
package/dist/api/logsRouter.d.ts +20 -0
package/dist/api/logsRouter.d.ts.map +1 -0
package/dist/api/logsRouter.js +515 -0
package/dist/api/logsRouter.js.map +1 -0
package/dist/cli/dev-server.d.ts +7 -0
package/dist/cli/dev-server.d.ts.map +1 -0
package/dist/cli/dev-server.js +640 -0
package/dist/cli/dev-server.js.map +1 -0
package/dist/cli/index.d.ts +7 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +26 -0
package/dist/cli/index.js.map +1 -0
package/dist/core/StandardServer.d.ts +129 -0
package/dist/core/StandardServer.d.ts.map +1 -0
package/dist/core/StandardServer.js +453 -0
package/dist/core/StandardServer.js.map +1 -0
package/dist/core/apiResponse.d.ts +69 -0
package/dist/core/apiResponse.d.ts.map +1 -0
package/dist/core/apiResponse.js +127 -0
package/dist/core/apiResponse.js.map +1 -0
package/dist/core/healthCheck.d.ts +160 -0
package/dist/core/healthCheck.d.ts.map +1 -0
package/dist/core/healthCheck.js +398 -0
package/dist/core/healthCheck.js.map +1 -0
package/dist/core/index.d.ts +40 -0
package/dist/core/index.d.ts.map +1 -0
package/dist/core/index.js +40 -0
package/dist/core/index.js.map +1 -0
package/dist/core/logger.d.ts +117 -0
package/dist/core/logger.d.ts.map +1 -0
package/dist/core/logger.js +826 -0
package/dist/core/logger.js.map +1 -0
package/dist/core/portUtils.d.ts +71 -0
package/dist/core/portUtils.d.ts.map +1 -0
package/dist/core/portUtils.js +240 -0
package/dist/core/portUtils.js.map +1 -0
package/dist/core/storageService.d.ts +119 -0
package/dist/core/storageService.d.ts.map +1 -0
package/dist/core/storageService.js +405 -0
package/dist/core/storageService.js.map +1 -0
package/dist/desktop/bundler.d.ts +40 -0
package/dist/desktop/bundler.d.ts.map +1 -0
package/dist/desktop/bundler.js +176 -0
package/dist/desktop/bundler.js.map +1 -0
package/dist/desktop/index.d.ts +25 -0
package/dist/desktop/index.d.ts.map +1 -0
package/dist/desktop/index.js +15 -0
package/dist/desktop/index.js.map +1 -0
package/dist/desktop/native-modules.d.ts +66 -0
package/dist/desktop/native-modules.d.ts.map +1 -0
package/dist/desktop/native-modules.js +200 -0
package/dist/desktop/native-modules.js.map +1 -0
package/dist/index.d.ts +29 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +39 -0
package/dist/index.js.map +1 -0
package/dist/logging/LogCategories.d.ts +87 -0
package/dist/logging/LogCategories.d.ts.map +1 -0
package/dist/logging/LogCategories.js +205 -0
package/dist/logging/LogCategories.js.map +1 -0
package/dist/middleware/aiErrorHandler.d.ts +31 -0
package/dist/middleware/aiErrorHandler.d.ts.map +1 -0
package/dist/middleware/aiErrorHandler.js +181 -0
package/dist/middleware/aiErrorHandler.js.map +1 -0
package/dist/middleware/auth.d.ts +101 -0
package/dist/middleware/auth.d.ts.map +1 -0
package/dist/middleware/auth.js +230 -0
package/dist/middleware/auth.js.map +1 -0
package/dist/middleware/cors.d.ts +56 -0
package/dist/middleware/cors.d.ts.map +1 -0
package/dist/middleware/cors.js +123 -0
package/dist/middleware/cors.js.map +1 -0
package/dist/middleware/errorHandler.d.ts +13 -0
package/dist/middleware/errorHandler.d.ts.map +1 -0
package/dist/middleware/errorHandler.js +85 -0
package/dist/middleware/errorHandler.js.map +1 -0
package/dist/middleware/fileUpload.d.ts +62 -0
package/dist/middleware/fileUpload.d.ts.map +1 -0
package/dist/middleware/fileUpload.js +175 -0
package/dist/middleware/fileUpload.js.map +1 -0
package/dist/middleware/health.d.ts +48 -0
package/dist/middleware/health.d.ts.map +1 -0
package/dist/middleware/health.js +143 -0
package/dist/middleware/health.js.map +1 -0
package/dist/middleware/index.d.ts +20 -0
package/dist/middleware/index.d.ts.map +1 -0
package/dist/middleware/index.js +18 -0
package/dist/middleware/index.js.map +1 -0
package/dist/middleware/openapi.d.ts +64 -0
package/dist/middleware/openapi.d.ts.map +1 -0
package/dist/middleware/openapi.js +258 -0
package/dist/middleware/openapi.js.map +1 -0
package/dist/middleware/requestLogging.d.ts +22 -0
package/dist/middleware/requestLogging.d.ts.map +1 -0
package/dist/middleware/requestLogging.js +61 -0
package/dist/middleware/requestLogging.js.map +1 -0
package/dist/middleware/session.d.ts +84 -0
package/dist/middleware/session.d.ts.map +1 -0
package/dist/middleware/session.js +189 -0
package/dist/middleware/session.js.map +1 -0
package/dist/middleware/validation.d.ts +1337 -0
package/dist/middleware/validation.d.ts.map +1 -0
package/dist/middleware/validation.js +483 -0
package/dist/middleware/validation.js.map +1 -0
package/dist/services/aiService.d.ts +180 -0
package/dist/services/aiService.d.ts.map +1 -0
package/dist/services/aiService.js +547 -0
package/dist/services/aiService.js.map +1 -0
package/dist/services/conversationStorage.d.ts +38 -0
package/dist/services/conversationStorage.d.ts.map +1 -0
package/dist/services/conversationStorage.js +158 -0
package/dist/services/conversationStorage.js.map +1 -0
package/dist/services/crossPlatformBuffer.d.ts +84 -0
package/dist/services/crossPlatformBuffer.d.ts.map +1 -0
package/dist/services/crossPlatformBuffer.js +246 -0
package/dist/services/crossPlatformBuffer.js.map +1 -0
package/dist/services/index.d.ts +17 -0
package/dist/services/index.d.ts.map +1 -0
package/dist/services/index.js +18 -0
package/dist/services/index.js.map +1 -0
package/dist/services/networkService.d.ts +81 -0
package/dist/services/networkService.d.ts.map +1 -0
package/dist/services/networkService.js +268 -0
package/dist/services/networkService.js.map +1 -0
package/dist/services/queueService.d.ts +112 -0
package/dist/services/queueService.d.ts.map +1 -0
package/dist/services/queueService.js +338 -0
package/dist/services/queueService.js.map +1 -0
package/dist/services/settingsService.d.ts +135 -0
package/dist/services/settingsService.d.ts.map +1 -0
package/dist/services/settingsService.js +425 -0
package/dist/services/settingsService.js.map +1 -0
package/dist/services/systemMonitor.d.ts +208 -0
package/dist/services/systemMonitor.d.ts.map +1 -0
package/dist/services/systemMonitor.js +693 -0
package/dist/services/systemMonitor.js.map +1 -0
package/dist/services/updateService.d.ts +78 -0
package/dist/services/updateService.d.ts.map +1 -0
package/dist/services/updateService.js +252 -0
package/dist/services/updateService.js.map +1 -0
package/dist/services/websocketEvents.d.ts +372 -0
package/dist/services/websocketEvents.d.ts.map +1 -0
package/dist/services/websocketEvents.js +338 -0
package/dist/services/websocketEvents.js.map +1 -0
package/dist/services/websocketServer.d.ts +80 -0
package/dist/services/websocketServer.d.ts.map +1 -0
package/dist/services/websocketServer.js +299 -0
package/dist/services/websocketServer.js.map +1 -0
package/dist/settings/SettingsSchema.d.ts +151 -0
package/dist/settings/SettingsSchema.d.ts.map +1 -0
package/dist/settings/SettingsSchema.js +424 -0
package/dist/settings/SettingsSchema.js.map +1 -0
package/dist/testing/TestServer.d.ts +69 -0
package/dist/testing/TestServer.d.ts.map +1 -0
package/dist/testing/TestServer.js +250 -0
package/dist/testing/TestServer.js.map +1 -0
package/dist/types/index.d.ts +137 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +5 -0
package/dist/types/index.js.map +1 -0
package/dist/utils/appPaths.d.ts +74 -0
package/dist/utils/appPaths.d.ts.map +1 -0
package/dist/utils/appPaths.js +162 -0
package/dist/utils/appPaths.js.map +1 -0
package/dist/utils/fs-utils.d.ts +50 -0
package/dist/utils/fs-utils.d.ts.map +1 -0
package/dist/utils/fs-utils.js +114 -0
package/dist/utils/fs-utils.js.map +1 -0
package/dist/utils/index.d.ts +12 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +10 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/standardConfig.d.ts +61 -0
package/dist/utils/standardConfig.d.ts.map +1 -0
package/dist/utils/standardConfig.js +109 -0
package/dist/utils/standardConfig.js.map +1 -0
package/dist/utils/startupBanner.d.ts +34 -0
package/dist/utils/startupBanner.d.ts.map +1 -0
package/dist/utils/startupBanner.js +169 -0
package/dist/utils/startupBanner.js.map +1 -0
package/dist/utils/startupLogger.d.ts +45 -0
package/dist/utils/startupLogger.d.ts.map +1 -0
package/dist/utils/startupLogger.js +200 -0
package/dist/utils/startupLogger.js.map +1 -0
package/package.json +151 -0
package/src/api/logsRouter.ts +600 -0
package/src/cli/dev-server.ts +803 -0
package/src/cli/index.ts +31 -0
package/src/core/StandardServer.ts +587 -0
package/src/core/apiResponse.ts +202 -0
package/src/core/healthCheck.ts +565 -0
package/src/core/index.ts +80 -0
package/src/core/logger.ts +1092 -0
package/src/core/portUtils.ts +319 -0
package/src/core/storageService.ts +595 -0
package/src/desktop/bundler.ts +271 -0
package/src/desktop/index.ts +18 -0
package/src/desktop/native-modules.ts +289 -0
package/src/index.ts +142 -0
package/src/logging/LogCategories.ts +302 -0
package/src/middleware/aiErrorHandler.ts +278 -0
package/src/middleware/auth.ts +329 -0
package/src/middleware/cors.ts +187 -0
package/src/middleware/errorHandler.ts +103 -0
package/src/middleware/fileUpload.ts +252 -0
package/src/middleware/health.ts +206 -0
package/src/middleware/index.ts +71 -0
package/src/middleware/openapi.ts +305 -0
package/src/middleware/requestLogging.ts +92 -0
package/src/middleware/session.ts +238 -0
package/src/middleware/validation.ts +603 -0
package/src/services/aiService.ts +789 -0
package/src/services/conversationStorage.ts +232 -0
package/src/services/crossPlatformBuffer.ts +341 -0
package/src/services/index.ts +47 -0
package/src/services/networkService.ts +351 -0
package/src/services/queueService.ts +446 -0
package/src/services/settingsService.ts +549 -0
package/src/services/systemMonitor.ts +936 -0
package/src/services/updateService.ts +334 -0
package/src/services/websocketEvents.ts +409 -0
package/src/services/websocketServer.ts +394 -0
package/src/settings/SettingsSchema.ts +664 -0
package/src/testing/TestServer.ts +312 -0
package/src/types/index.ts +154 -0
package/src/utils/appPaths.ts +196 -0
package/src/utils/fs-utils.ts +130 -0
package/src/utils/index.ts +15 -0
package/src/utils/standardConfig.ts +178 -0
package/src/utils/startupBanner.ts +287 -0
package/src/utils/startupLogger.ts +268 -0
package/ui/dist/index.d.mts +1221 -0
package/ui/dist/index.d.ts +1221 -0
package/ui/dist/index.js +73 -0
package/ui/dist/index.js.map +1 -0
package/ui/dist/index.mjs +73 -0
package/ui/dist/index.mjs.map +1 -0

package/src/middleware/openapi.ts ADDED Viewed

@@ -0,0 +1,305 @@
+/**
+ * OpenAPI Documentation Middleware
+ * Provides automatic API documentation generation
+ */
+import swaggerJsdoc from "swagger-jsdoc";
+import swaggerUi from "swagger-ui-express";
+import { Express } from "express";
+export interface OpenAPIConfig {
+  title: string;
+  version: string;
+  description?: string;
+  servers?: Array<{
+    url: string;
+    description?: string;
+  }>;
+  contact?: {
+    name?: string;
+    email?: string;
+    url?: string;
+  };
+  license?: {
+    name: string;
+    url?: string;
+  };
+  tags?: Array<{
+    name: string;
+    description?: string;
+  }>;
+}
+/**
+ * Generate OpenAPI specification
+ * @param config OpenAPI configuration
+ * @param apis Array of file patterns for API routes
+ */
+export function generateOpenAPISpec(
+  config: OpenAPIConfig,
+  apis: string[],
+): object {
+  const options: swaggerJsdoc.Options = {
+    definition: {
+      openapi: "3.0.0",
+      info: {
+        title: config.title,
+        version: config.version,
+        description: config.description,
+        contact: config.contact,
+        license: config.license,
+      },
+      servers: config.servers || [
+        {
+          url: "http://localhost:3000",
+          description: "Development server",
+        },
+      ],
+      tags: config.tags,
+      components: {
+        schemas: {
+          ApiResponse: {
+            type: "object",
+            properties: {
+              success: {
+                type: "boolean",
+                description: "Indicates if the request was successful",
+              },
+              data: {
+                type: "object",
+                description: "Response data payload",
+              },
+              error: {
+                type: "object",
+                properties: {
+                  code: {
+                    type: "string",
+                    description: "Error code",
+                  },
+                  message: {
+                    type: "string",
+                    description: "Error message",
+                  },
+                  details: {
+                    type: "object",
+                    description: "Additional error details",
+                  },
+                },
+              },
+              message: {
+                type: "string",
+                description: "Optional success message",
+              },
+              metadata: {
+                type: "object",
+                properties: {
+                  timestamp: {
+                    type: "string",
+                    format: "date-time",
+                    description: "Response timestamp",
+                  },
+                  version: {
+                    type: "string",
+                    description: "API version",
+                  },
+                  pagination: {
+                    type: "object",
+                    properties: {
+                      page: { type: "integer" },
+                      limit: { type: "integer" },
+                      total: { type: "integer" },
+                      hasMore: { type: "boolean" },
+                    },
+                  },
+                },
+              },
+            },
+          },
+          ValidationError: {
+            type: "object",
+            properties: {
+              field: {
+                type: "string",
+                description: "Field that failed validation",
+              },
+              message: {
+                type: "string",
+                description: "Validation error message",
+              },
+            },
+          },
+          ErrorResponse: {
+            type: "object",
+            properties: {
+              success: {
+                type: "boolean",
+                enum: [false],
+              },
+              error: {
+                type: "object",
+                properties: {
+                  code: { type: "string" },
+                  message: { type: "string" },
+                  details: { type: "object" },
+                },
+                required: ["code", "message"],
+              },
+            },
+            required: ["success", "error"],
+          },
+        },
+        securitySchemes: {
+          sessionAuth: {
+            type: "apiKey",
+            in: "cookie",
+            name: "connect.sid",
+            description: "Session-based authentication",
+          },
+          bearerAuth: {
+            type: "http",
+            scheme: "bearer",
+            bearerFormat: "JWT",
+            description: "JWT bearer token authentication",
+          },
+        },
+        responses: {
+          BadRequest: {
+            description: "Bad request",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: "#/components/schemas/ErrorResponse",
+                },
+              },
+            },
+          },
+          Unauthorized: {
+            description: "Authentication required",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: "#/components/schemas/ErrorResponse",
+                },
+              },
+            },
+          },
+          Forbidden: {
+            description: "Access denied",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: "#/components/schemas/ErrorResponse",
+                },
+              },
+            },
+          },
+          NotFound: {
+            description: "Resource not found",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: "#/components/schemas/ErrorResponse",
+                },
+              },
+            },
+          },
+          InternalError: {
+            description: "Internal server error",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: "#/components/schemas/ErrorResponse",
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+    apis,
+  };
+  return swaggerJsdoc(options);
+}
+/**
+ * Setup OpenAPI documentation UI
+ * @param app Express application
+ * @param config OpenAPI configuration
+ * @param apis Array of file patterns for API routes
+ * @param path Path to serve documentation (default: /api-docs)
+ */
+export function setupOpenAPIDocumentation(
+  app: Express,
+  config: OpenAPIConfig,
+  apis: string[],
+  path: string = "/api-docs",
+): void {
+  const swaggerSpec = generateOpenAPISpec(config, apis);
+  // Serve OpenAPI spec as JSON
+  app.get(`${path}/spec.json`, (_req, res) => {
+    res.json(swaggerSpec);
+  });
+  // Serve Swagger UI
+  app.use(
+    path,
+    swaggerUi.serve,
+    swaggerUi.setup(swaggerSpec, {
+      customSiteTitle: `${config.title} - API Documentation`,
+      customfavIcon: "/favicon.ico",
+      customCss: `
+        .swagger-ui .topbar { display: none }
+        .swagger-ui .info { margin-bottom: 40px }
+        .swagger-ui .scheme-container { display: none }
+      `,
+      swaggerOptions: {
+        persistAuthorization: true,
+        displayRequestDuration: true,
+        docExpansion: "none",
+        filter: true,
+        showExtensions: true,
+        showCommonExtensions: true,
+        displayOperationId: false,
+      },
+    }),
+  );
+}
+/**
+ * Example JSDoc annotation for OpenAPI
+ *
+ * @swagger
+ * /api/resource:
+ *   get:
+ *     summary: Get all resources
+ *     tags: [Resources]
+ *     responses:
+ *       200:
+ *         description: Successful response
+ *         content:
+ *           application/json:
+ *             schema:
+ *               $ref: '#/components/schemas/ApiResponse'
+ *       500:
+ *         $ref: '#/components/responses/InternalError'
+ */
+/**
+ * OpenAPI operation decorator (for future TypeScript decorator support)
+ */
+export function ApiOperation(operation: any) {
+  return function (
+    target: any,
+    propertyKey: string,
+    descriptor: PropertyDescriptor,
+  ) {
+    // Store OpenAPI metadata for later processing
+    if (!target._openapi) {
+      target._openapi = {};
+    }
+    target._openapi[propertyKey] = operation;
+    return descriptor;
+  };
+}

package/src/middleware/requestLogging.ts ADDED Viewed

@@ -0,0 +1,92 @@
+import type { NextFunction, Request, Response } from "express";
+import { randomUUID } from "crypto";
+import { createLogger } from "../core/logger.js";
+export interface RequestLoggingOptions {
+  logger?: any;
+  /**
+   * Paths to skip logging for (commonly health checks or metrics)
+   */
+  skipPaths?: Array<string | RegExp>;
+  /**
+   * Whether to log the request payload (truncated)
+   */
+  logPayload?: boolean;
+  /**
+   * Maximum number of characters from the payload to log
+   */
+  maxPayloadLength?: number;
+}
+const defaultSkips = [/^\/health/, /^\/api\/health/];
+function shouldSkip(path: string, patterns: Array<string | RegExp>) {
+  return patterns.some((pattern) => {
+    if (pattern instanceof RegExp) {
+      return pattern.test(path);
+    }
+    return path.startsWith(pattern);
+  });
+}
+function safePayload(body: unknown, maxLength: number): string | undefined {
+  if (!body || typeof body !== "object") return undefined;
+  const serialized = JSON.stringify(body);
+  if (serialized.length <= maxLength) return serialized;
+  return `${serialized.slice(0, maxLength)}…`;
+}
+/**
+ * Express middleware that assigns a request ID and logs completion.
+ * Uses the framework logger so request logs land in the same files as the app.
+ */
+export function createRequestLoggingMiddleware(
+  options: RequestLoggingOptions = {},
+) {
+  const logger =
+    options.logger ||
+    // Avoid forcing the consumer to initialize logging before use
+    createLogger("http");
+  const skipPatterns = options.skipPaths || defaultSkips;
+  const logPayload = options.logPayload ?? false;
+  const maxPayloadLength = options.maxPayloadLength ?? 2000;
+  return function requestLogging(
+    req: Request,
+    res: Response,
+    next: NextFunction,
+  ) {
+    const startedAt = process.hrtime.bigint();
+    const requestId = (req as any).requestId || randomUUID();
+    (req as any).requestId = requestId;
+    res.locals.requestId = requestId;
+    res.setHeader("x-request-id", requestId);
+    res.on("finish", () => {
+      if (shouldSkip(req.path, skipPatterns)) return;
+      const durationMs =
+        Number(process.hrtime.bigint() - startedAt) / 1_000_000;
+      // Prefer the richer logRequest helper if available
+      if (typeof logger.logRequest === "function") {
+        logger.logRequest(req, res, Number(durationMs.toFixed(2)));
+        return;
+      }
+      logger.info("Request completed", {
+        method: req.method,
+        path: req.originalUrl || req.url,
+        status: res.statusCode,
+        durationMs: Number(durationMs.toFixed(2)),
+        requestId,
+        userAgent: req.get("user-agent"),
+        payload: logPayload
+          ? safePayload(req.body, maxPayloadLength)
+          : undefined,
+      });
+    });
+    next();
+  };
+}

package/src/middleware/session.ts ADDED Viewed

@@ -0,0 +1,238 @@
+/**
+ * Session Configuration Middleware
+ * Standardized session management for Express applications
+ */
+import session from "express-session";
+import { Express } from "express";
+import { createLogger } from "../core/index.js";
+let logger: any; // Will be initialized when needed
+function ensureLogger() {
+  if (!logger) {
+    logger = createLogger("SessionMiddleware");
+  }
+  return logger;
+}
+export interface SessionConfig {
+  secret?: string;
+  name?: string;
+  maxAge?: number;
+  secure?: boolean;
+  sameSite?: "lax" | "strict" | "none";
+  trustProxy?: boolean;
+  resave?: boolean;
+  saveUninitialized?: boolean;
+  rolling?: boolean;
+  store?: "memory" | session.Store;
+}
+/**
+ * Configure session middleware with sensible defaults
+ */
+export function configureSession(app: Express, config: SessionConfig = {}) {
+  const {
+    secret = process.env.SESSION_SECRET || "change-this-secret-in-production",
+    name = "app.sid",
+    maxAge = 3600000, // 1 hour
+    secure = process.env.NODE_ENV === "production",
+    sameSite = "lax",
+    trustProxy = true,
+    resave = false,
+    saveUninitialized = false,
+    rolling = true,
+    store = "memory",
+  } = config;
+  // Warn about insecure settings in production
+  if (process.env.NODE_ENV === "production") {
+    if (secret === "change-this-secret-in-production") {
+      ensureLogger().warn(
+        "Using default session secret in production! Set SESSION_SECRET environment variable.",
+      );
+    }
+    if (store === "memory") {
+      ensureLogger().warn(
+        "Using memory session store in production! Consider using Redis or another persistent store.",
+      );
+    }
+    if (!secure) {
+      ensureLogger().warn(
+        "Session cookies are not secure in production! Consider enabling secure cookies.",
+      );
+    }
+  }
+  // Trust proxy if configured
+  if (trustProxy) {
+    app.set("trust proxy", 1);
+  }
+  // Suppress MemoryStore warning in production
+  let originalWarn: typeof console.warn | undefined;
+  if (process.env.NODE_ENV === "production" && store === "memory") {
+    originalWarn = console.warn;
+    console.warn = (msg: string, ...args: any[]) => {
+      if (typeof msg === "string" && !msg.includes("MemoryStore")) {
+        originalWarn!(msg, ...args);
+      }
+    };
+  }
+  const sessionConfig: session.SessionOptions = {
+    secret,
+    name,
+    resave,
+    saveUninitialized,
+    rolling,
+    cookie: {
+      secure,
+      httpOnly: true,
+      maxAge,
+      sameSite,
+      path: "/",
+    },
+  };
+  // Add store if provided
+  if (store !== "memory") {
+    sessionConfig.store = store;
+  }
+  // Apply middleware
+  app.use(session(sessionConfig));
+  // Restore console.warn if it was modified
+  if (originalWarn) {
+    // Restore after a brief delay to ensure session is initialized
+    setTimeout(() => {
+      console.warn = originalWarn!;
+    }, 100);
+  }
+  if (
+    process.env.NODE_ENV === "development" &&
+    process.env.LOG_LEVEL?.toLowerCase() === "debug"
+  ) {
+    ensureLogger().debug("Session middleware configured", {
+      name,
+      secure,
+      sameSite,
+      maxAge: `${maxAge / 1000}s`,
+      store: store === "memory" ? "memory" : "custom",
+    });
+  }
+}
+/**
+ * Create a Redis session store (OPTIONAL)
+ *
+ * Redis is an optional dependency for persistent session storage in production.
+ * If Redis packages are not installed, the framework gracefully falls back to memory store.
+ *
+ * To enable Redis sessions:
+ * 1. Install optional dependencies: `npm install connect-redis redis`
+ * 2. Set REDIS_URL environment variable (optional, defaults to redis://localhost:6379)
+ * 3. Use createRedisStore() in your session configuration
+ *
+ * For desktop applications with single users, memory store is usually sufficient.
+ *
+ * @param redisUrl - Optional Redis connection URL (defaults to REDIS_URL env var or redis://localhost:6379)
+ * @returns Redis store instance or 'memory' string on failure
+ */
+export async function createRedisStore(redisUrl?: string) {
+  try {
+    // @ts-expect-error - Optional dependency
+    const RedisStore = (await import(/* @vite-ignore */ "connect-redis"))
+      .default;
+    // @ts-expect-error - Optional dependency
+    const { createClient } = await import(/* @vite-ignore */ "redis");
+    const redisClient = createClient({
+      url: redisUrl || process.env.REDIS_URL || "redis://localhost:6379",
+    });
+    await redisClient.connect();
+    ensureLogger().info("Redis session store connected");
+    return new RedisStore({
+      client: redisClient,
+      prefix: "session:",
+    });
+  } catch (_error: any) {
+    ensureLogger().error("Failed to create Redis store:", _error.message);
+    ensureLogger().warn("Falling back to memory store");
+    return "memory" as const;
+  }
+}
+/**
+ * Session utilities
+ */
+export const sessionUtils = {
+  /**
+   * Regenerate session ID (for security after login)
+   */
+  regenerateSession(req: any): Promise<void> {
+    return new Promise((resolve, reject) => {
+      req.session.regenerate((err: any) => {
+        if (err) {
+          ensureLogger().error("Failed to regenerate session:", err);
+          reject(err);
+        } else {
+          resolve();
+        }
+      });
+    });
+  },
+  /**
+   * Save session explicitly
+   */
+  saveSession(req: any): Promise<void> {
+    return new Promise((resolve, reject) => {
+      req.session.save((err: any) => {
+        if (err) {
+          ensureLogger().error("Failed to save session:", err);
+          reject(err);
+        } else {
+          resolve();
+        }
+      });
+    });
+  },
+  /**
+   * Destroy session
+   */
+  destroySession(req: any): Promise<void> {
+    return new Promise((resolve, reject) => {
+      req.session.destroy((err: any) => {
+        if (err) {
+          ensureLogger().error("Failed to destroy session:", err);
+          reject(err);
+        } else {
+          resolve();
+        }
+      });
+    });
+  },
+  /**
+   * Touch session to extend expiry
+   */
+  touchSession(req: any): void {
+    if (req.session) {
+      req.session.touch();
+    }
+  },
+};
+export default {
+  configureSession,
+  createRedisStore,
+  sessionUtils,
+};