@takaro/http 0.0.0-next.0da151e

package/dist/middleware/logger.js

@@ -0,0 +1,51 @@
+import { logger, ctx } from '@takaro/util';
+import { context, trace } from '@opentelemetry/api';
+const SUPPRESS_BODY_KEYWORDS = ['password', 'newPassword'];
+const HIDDEN_ROUTES = ['/metrics', '/health', '/healthz', '/ready', '/readyz', '/queues/api/queues'];
+const log = logger('http');
+/**
+ * This middleware is called very early in the request lifecycle, so it's
+ * we leverage this fact to inject the context tracking at this stage
+ */
+export const LoggingMiddleware = ctx.wrap('HTTP', loggingMiddleware);
+async function loggingMiddleware(req, res, next) {
+    if (HIDDEN_ROUTES.some((route) => req.originalUrl.startsWith(route))) {
+        return next();
+    }
+    const requestStartMs = Date.now();
+    const hideData = SUPPRESS_BODY_KEYWORDS.some((keyword) => (JSON.stringify(req.body) || '').includes(keyword));
+    log.debug(`⬇️ ${req.method} ${req.originalUrl}`, {
+        ip: req.ip,
+        method: req.method,
+        path: req.originalUrl,
+        body: hideData ? { suppressed_output: true } : req.body,
+    });
+    const span = trace.getSpan(context.active());
+    if (span) {
+        // get the trace ID from the span and set it in the headers
+        const traceId = span.spanContext().traceId;
+        res.header('X-Trace-Id', traceId);
+    }
+    // Log on API Call Finish to add responseTime
+    res.once('finish', () => {
+        const responseTime = Date.now() - requestStartMs;
+        log.info(`⬆️ ${req.method} ${req.originalUrl}`, {
+            responseTime,
+            requestMethod: req.method,
+            requestUrl: req.originalUrl,
+            requestSize: req.headers['content-length'],
+            status: res.statusCode,
+            responseSize: res.getHeader('Content-Length'),
+            userAgent: req.get('User-Agent'),
+            remoteIp: req.ip,
+            serverIp: '127.0.0.1',
+            referer: req.get('Referer'),
+            cacheLookup: false,
+            cacheHit: false,
+            cacheValidatedWithOriginServer: false,
+            protocol: req.protocol,
+        });
+    });
+    next();
+}
+//# sourceMappingURL=logger.js.map

package/dist/middleware/logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.js","sourceRoot":"","sources":["../../src/middleware/logger.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAEpD,MAAM,sBAAsB,GAAG,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;AAC3D,MAAM,aAAa,GAAG,CAAC,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,oBAAoB,CAAC,CAAC;AACrG,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;AAE3B;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,iBAAiB,CAA6B,CAAC;AAEjG,KAAK,UAAU,iBAAiB,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;IAC9E,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;QACrE,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAElC,MAAM,QAAQ,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;IAE9G,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,WAAW,EAAE,EAAE;QAC/C,EAAE,EAAE,GAAG,CAAC,EAAE;QACV,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,IAAI,EAAE,GAAG,CAAC,WAAW;QACrB,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI;KACxD,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAE7C,IAAI,IAAI,EAAE,CAAC;QACT,2DAA2D;QAC3D,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC;QAC3C,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,6CAA6C;IAC7C,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE;QACtB,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,cAAc,CAAC;QAEjD,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,WAAW,EAAE,EAAE;YAC9C,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,MAAM;YACzB,UAAU,EAAE,GAAG,CAAC,WAAW;YAC3B,WAAW,EAAE,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC;YAC1C,MAAM,EAAE,GAAG,CAAC,UAAU;YACtB,YAAY,EAAE,GAAG,CAAC,SAAS,CAAC,gBAAgB,CAAC;YAC7C,SAAS,EAAE,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC;YAChC,QAAQ,EAAE,GAAG,CAAC,EAAE;YAChB,QAAQ,EAAE,WAAW;YACrB,OAAO,EAAE,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC;YAC3B,WAAW,EAAE,KAAK;YAClB,QAAQ,EAAE,KAAK;YACf,8BAA8B,EAAE,KAAK;YACrC,QAAQ,EAAE,GAAG,CAAC,QAAQ;SACvB,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAI,EAAE,CAAC;AACT,CAAC"}

package/dist/middleware/metrics.d.ts

@@ -0,0 +1,3 @@
+import { Request, Response, NextFunction } from 'express';
+export declare function metricsMiddleware(req: Request, res: Response, next: NextFunction): Promise<void>;
+//# sourceMappingURL=metrics.d.ts.map

package/dist/middleware/metrics.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"metrics.d.ts","sourceRoot":"","sources":["../../src/middleware/metrics.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAgB1D,wBAAsB,iBAAiB,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,iBAyBtF"}

package/dist/middleware/metrics.js

@@ -0,0 +1,35 @@
+import { Counter, Histogram } from 'prom-client';
+const counter = new Counter({
+    name: 'http_requests_total',
+    help: 'Total number of HTTP requests made',
+    labelNames: ['path', 'method', 'status'],
+});
+const histogram = new Histogram({
+    name: 'http_request_duration_seconds',
+    help: 'Duration of HTTP requests in seconds',
+    labelNames: ['path', 'method', 'status'],
+    buckets: [0.1, 0.5, 1, 2, 5, 10],
+});
+export async function metricsMiddleware(req, res, next) {
+    const rawPath = req.path;
+    const method = req.method;
+    // Filter out anything that looks like a UUID from path
+    const path = rawPath.replace(/\/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}/g, '/:id');
+    const start = Date.now();
+    try {
+        next();
+    }
+    finally {
+        counter.inc({
+            path,
+            method,
+            status: res.statusCode.toString(),
+        });
+        histogram.observe({
+            path,
+            method,
+            status: res.statusCode.toString(),
+        }, (Date.now() - start) / 1000);
+    }
+}
+//# sourceMappingURL=metrics.js.map

package/dist/middleware/metrics.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"metrics.js","sourceRoot":"","sources":["../../src/middleware/metrics.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAEjD,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC;IAC1B,IAAI,EAAE,qBAAqB;IAC3B,IAAI,EAAE,oCAAoC;IAC1C,UAAU,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,CAAC;CACzC,CAAC,CAAC;AAEH,MAAM,SAAS,GAAG,IAAI,SAAS,CAAC;IAC9B,IAAI,EAAE,+BAA+B;IACrC,IAAI,EAAE,sCAAsC;IAC5C,UAAU,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,CAAC;IACxC,OAAO,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;CACjC,CAAC,CAAC;AAEH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;IACrF,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC;IACzB,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;IAC1B,uDAAuD;IACvD,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,iEAAiE,EAAE,MAAM,CAAC,CAAC;IAExG,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzB,IAAI,CAAC;QACH,IAAI,EAAE,CAAC;IACT,CAAC;YAAS,CAAC;QACT,OAAO,CAAC,GAAG,CAAC;YACV,IAAI;YACJ,MAAM;YACN,MAAM,EAAE,GAAG,CAAC,UAAU,CAAC,QAAQ,EAAE;SAClC,CAAC,CAAC;QACH,SAAS,CAAC,OAAO,CACf;YACE,IAAI;YACJ,MAAM;YACN,MAAM,EAAE,GAAG,CAAC,UAAU,CAAC,QAAQ,EAAE;SAClC,EACD,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,GAAG,IAAI,CAC5B,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/middleware/paginationMiddleware.d.ts

@@ -0,0 +1,3 @@
+import { NextFunction, Request, Response } from 'express';
+export declare function paginationMiddleware(req: Request, res: Response, next: NextFunction): Promise<void>;
+//# sourceMappingURL=paginationMiddleware.d.ts.map

package/dist/middleware/paginationMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"paginationMiddleware.d.ts","sourceRoot":"","sources":["../../src/middleware/paginationMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAW1D,wBAAsB,oBAAoB,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAiBzG"}

package/dist/middleware/paginationMiddleware.js

@@ -0,0 +1,26 @@
+import * as yup from 'yup';
+import { errors, logger } from '@takaro/util';
+const log = logger('http:pagination');
+const paginationSchema = yup.object({
+    page: yup.number().default(0).min(0),
+    limit: yup.number().default(100).min(1).max(1000),
+});
+export async function paginationMiddleware(req, res, next) {
+    const merged = { ...req.query, ...req.body };
+    try {
+        const result = await paginationSchema.validate(merged);
+        res.locals.page = result.page;
+        res.locals.limit = result.limit;
+        next();
+    }
+    catch (error) {
+        if (error instanceof yup.ValidationError) {
+            next(new errors.ValidationError('Invalid pagination', [error]));
+        }
+        else {
+            log.error('Unexpected error', error);
+            next(new errors.InternalServerError());
+        }
+    }
+}
+//# sourceMappingURL=paginationMiddleware.js.map

package/dist/middleware/paginationMiddleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"paginationMiddleware.js","sourceRoot":"","sources":["../../src/middleware/paginationMiddleware.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,KAAK,CAAC;AAC3B,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAE9C,MAAM,GAAG,GAAG,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAEtC,MAAM,gBAAgB,GAAG,GAAG,CAAC,MAAM,CAAC;IAClC,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACpC,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;CAClD,CAAC,CAAC;AAEH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;IACxF,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IAC7C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAEvD,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;QAC9B,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QAEhC,IAAI,EAAE,CAAC;IACT,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,GAAG,CAAC,eAAe,EAAE,CAAC;YACzC,IAAI,CAAC,IAAI,MAAM,CAAC,eAAe,CAAC,oBAAoB,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAClE,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,KAAK,CAAC,kBAAkB,EAAE,KAAK,CAAC,CAAC;YACrC,IAAI,CAAC,IAAI,MAAM,CAAC,mBAAmB,EAAE,CAAC,CAAC;QACzC,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/middleware/rateLimit.d.ts

@@ -0,0 +1,9 @@
+import { Request, Response, NextFunction } from 'express';
+export interface IRateLimitMiddlewareOptions {
+    max: number;
+    windowSeconds: number;
+    keyPrefix?: string;
+    useInMemory?: boolean;
+}
+export declare function createRateLimitMiddleware(opts: IRateLimitMiddlewareOptions): Promise<(req: Request, res: Response, next: NextFunction) => Promise<void>>;
+//# sourceMappingURL=rateLimit.d.ts.map

package/dist/middleware/rateLimit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rateLimit.d.ts","sourceRoot":"","sources":["../../src/middleware/rateLimit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAK1D,MAAM,WAAW,2BAA2B;IAC1C,GAAG,EAAE,MAAM,CAAC;IACZ,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,wBAAsB,yBAAyB,CAAC,IAAI,EAAE,2BAA2B,iBAyB5D,OAAO,OAAO,QAAQ,QAAQ,YAAY,oBAmC9D"}

package/dist/middleware/rateLimit.js

@@ -0,0 +1,60 @@
+import { Redis } from '@takaro/db';
+import { logger, errors, ctx } from '@takaro/util';
+import { RateLimiterRes, RateLimiterRedis, RateLimiterMemory } from 'rate-limiter-flexible';
+export async function createRateLimitMiddleware(opts) {
+    const log = logger('http:rateLimit');
+    const redis = await Redis.getClient('http:rateLimit');
+    // We create a randomHash to use in Redis keys
+    // This makes sure that each endpoint can get different rate limits without too much hassle
+    const randomHash = Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 15);
+    let rateLimiter;
+    if (opts.useInMemory) {
+        rateLimiter = new RateLimiterMemory({
+            points: opts.max,
+            duration: opts.windowSeconds,
+            keyPrefix: `http:rateLimit:${opts.keyPrefix ? opts.keyPrefix : randomHash}`,
+        });
+    }
+    else {
+        rateLimiter = new RateLimiterRedis({
+            points: opts.max,
+            duration: opts.windowSeconds,
+            storeClient: redis,
+            keyPrefix: `http:rateLimit:${opts.keyPrefix ? opts.keyPrefix : randomHash}`,
+        });
+    }
+    return async (req, res, next) => {
+        const ctxData = ctx.data;
+        let limitedKey = null;
+        if (ctxData.user) {
+            limitedKey = ctxData.user;
+        }
+        else {
+            // TODO: should handle case ip is undefined
+            limitedKey = req.ip;
+        }
+        let rateLimiterRes = null;
+        try {
+            rateLimiterRes = await rateLimiter.consume(limitedKey);
+        }
+        catch (err) {
+            if (err instanceof RateLimiterRes) {
+                rateLimiterRes = err;
+                log.warn(`rate limited, try again in ${err.msBeforeNext}ms`);
+            }
+            else {
+                throw err;
+            }
+        }
+        if (rateLimiterRes) {
+            res.set('X-RateLimit-Limit', opts.max.toString());
+            res.set('X-RateLimit-Remaining', rateLimiterRes.remainingPoints.toString());
+            res.set('X-RateLimit-Reset', rateLimiterRes.msBeforeNext.toString());
+            if (rateLimiterRes.remainingPoints === 0) {
+                next(new errors.TooManyRequestsError());
+            }
+        }
+        return next();
+    };
+}
+//# sourceMappingURL=rateLimit.js.map

package/dist/middleware/rateLimit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rateLimit.js","sourceRoot":"","sources":["../../src/middleware/rateLimit.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AACnC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAS5F,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAAC,IAAiC;IAC/E,MAAM,GAAG,GAAG,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACrC,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;IAEtD,8CAA8C;IAC9C,2FAA2F;IAC3F,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAE7G,IAAI,WAAiD,CAAC;IAEtD,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,WAAW,GAAG,IAAI,iBAAiB,CAAC;YAClC,MAAM,EAAE,IAAI,CAAC,GAAG;YAChB,QAAQ,EAAE,IAAI,CAAC,aAAa;YAC5B,SAAS,EAAE,kBAAkB,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE;SAC5E,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QACN,WAAW,GAAG,IAAI,gBAAgB,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,GAAG;YAChB,QAAQ,EAAE,IAAI,CAAC,aAAa;YAC5B,WAAW,EAAE,KAAK;YAClB,SAAS,EAAE,kBAAkB,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE;SAC5E,CAAC,CAAC;IACL,CAAC;IAED,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC/D,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC;QACzB,IAAI,UAAU,GAAG,IAAI,CAAC;QACtB,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;QAC5B,CAAC;aAAM,CAAC;YACN,2CAA2C;YAC3C,UAAU,GAAG,GAAG,CAAC,EAAG,CAAC;QACvB,CAAC;QAED,IAAI,cAAc,GAA0B,IAAI,CAAC;QAEjD,IAAI,CAAC;YACH,cAAc,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACzD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,cAAc,EAAE,CAAC;gBAClC,cAAc,GAAG,GAAG,CAAC;gBACrB,GAAG,CAAC,IAAI,CAAC,8BAA8B,GAAG,CAAC,YAAY,IAAI,CAAC,CAAC;YAC/D,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC;QAED,IAAI,cAAc,EAAE,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;YAClD,GAAG,CAAC,GAAG,CAAC,uBAAuB,EAAE,cAAc,CAAC,eAAe,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC5E,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,cAAc,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErE,IAAI,cAAc,CAAC,eAAe,KAAK,CAAC,EAAE,CAAC;gBACzC,IAAI,CAAC,IAAI,MAAM,CAAC,oBAAoB,EAAE,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;QAED,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC,CAAC;AACJ,CAAC"}

package/dist/util/apiResponse.d.ts

@@ -0,0 +1,37 @@
+import { TakaroDTO } from '@takaro/util';
+import { ValidationError as ClassValidatorError } from 'class-validator';
+import { Request, Response } from 'express';
+declare class ErrorOutput {
+    code?: string;
+    message?: string;
+    details?: string | ClassValidatorError[];
+}
+declare class MetadataOutput {
+    serverTime: string;
+    error?: ErrorOutput;
+    /**
+     * The page number of the response
+     */
+    page?: number;
+    /**
+     * The number of items returned in the response (aka page size)
+     */
+    limit?: number;
+    /**
+     * The total number of items in the collection
+     */
+    total?: number;
+}
+export declare class APIOutput<T> extends TakaroDTO<APIOutput<T>> {
+    meta: MetadataOutput;
+    data: T;
+}
+interface IApiResponseOptions {
+    error?: Error;
+    meta?: Record<string, string | number>;
+    req: Request;
+    res: Response;
+}
+export declare function apiResponse(data?: unknown, opts?: IApiResponseOptions): APIOutput<unknown>;
+export {};
+//# sourceMappingURL=apiResponse.d.ts.map

package/dist/util/apiResponse.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"apiResponse.d.ts","sourceRoot":"","sources":["../../src/util/apiResponse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAuB,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9D,OAAO,EAML,eAAe,IAAI,mBAAmB,EACvC,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAE5C,cAAM,WAAW;IAEf,IAAI,CAAC,EAAE,MAAM,CAAC;IAGd,OAAO,CAAC,EAAE,MAAM,CAAC;IAGjB,OAAO,CAAC,EAAE,MAAM,GAAG,mBAAmB,EAAE,CAAC;CAC1C;AAED,cAAM,cAAc;IAGlB,UAAU,EAAG,MAAM,CAAC;IAIpB,KAAK,CAAC,EAAE,WAAW,CAAC;IAEpB;;OAEG;IAGH,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd;;OAEG;IAGH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IAGH,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AACD,qBAAa,SAAS,CAAC,CAAC,CAAE,SAAQ,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IAGvD,IAAI,EAAG,cAAc,CAAC;IAEtB,IAAI,EAAG,CAAC,CAAC;CACV;AAED,UAAU,mBAAmB;IAC3B,KAAK,CAAC,EAAE,KAAK,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,CAAC;IACvC,GAAG,EAAE,OAAO,CAAC;IACb,GAAG,EAAE,QAAQ,CAAC;CACf;AAED,wBAAgB,WAAW,CAAC,IAAI,GAAE,OAAY,EAAE,IAAI,CAAC,EAAE,mBAAmB,GAAG,SAAS,CAAC,OAAO,CAAC,CA2C9F"}

package/dist/util/apiResponse.js

@@ -0,0 +1,99 @@
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+import { errors, isTakaroDTO, TakaroDTO } from '@takaro/util';
+import { Type } from 'class-transformer';
+import { IsISO8601, IsNumber, IsOptional, ValidateNested, IsString, } from 'class-validator';
+class ErrorOutput {
+}
+__decorate([
+    IsString(),
+    __metadata("design:type", String)
+], ErrorOutput.prototype, "code", void 0);
+__decorate([
+    IsString(),
+    __metadata("design:type", String)
+], ErrorOutput.prototype, "message", void 0);
+__decorate([
+    IsString(),
+    __metadata("design:type", Object)
+], ErrorOutput.prototype, "details", void 0);
+class MetadataOutput {
+}
+__decorate([
+    IsString(),
+    IsISO8601(),
+    __metadata("design:type", String)
+], MetadataOutput.prototype, "serverTime", void 0);
+__decorate([
+    Type(() => ErrorOutput),
+    ValidateNested(),
+    __metadata("design:type", ErrorOutput)
+], MetadataOutput.prototype, "error", void 0);
+__decorate([
+    IsNumber(),
+    IsOptional(),
+    __metadata("design:type", Number)
+], MetadataOutput.prototype, "page", void 0);
+__decorate([
+    IsNumber(),
+    IsOptional(),
+    __metadata("design:type", Number)
+], MetadataOutput.prototype, "limit", void 0);
+__decorate([
+    IsNumber(),
+    IsOptional(),
+    __metadata("design:type", Number)
+], MetadataOutput.prototype, "total", void 0);
+export class APIOutput extends TakaroDTO {
+}
+__decorate([
+    Type(() => MetadataOutput),
+    ValidateNested(),
+    __metadata("design:type", MetadataOutput)
+], APIOutput.prototype, "meta", void 0);
+export function apiResponse(data = {}, opts) {
+    const returnVal = new APIOutput();
+    returnVal.meta = new MetadataOutput();
+    returnVal.data = {};
+    if (opts?.error) {
+        returnVal.meta.error = new ErrorOutput();
+        returnVal.meta.error.code = String(opts.error.name);
+        if ('details' in opts.error) {
+            if (opts.error instanceof errors.ValidationError) {
+                returnVal.meta.error.details = opts.error.details;
+            }
+            else {
+                returnVal.meta.error.details = opts.error.details;
+            }
+        }
+        returnVal.meta.error.message = String(opts.error.message);
+    }
+    if (opts?.meta) {
+        returnVal.meta.page = opts?.res.locals.page;
+        returnVal.meta.limit = opts?.res.locals.limit;
+        returnVal.meta.total = opts?.meta.total;
+    }
+    if (isTakaroDTO(data)) {
+        returnVal.data = data.toJSON();
+    }
+    else if (Array.isArray(data)) {
+        returnVal.data = data.map((item) => {
+            if (isTakaroDTO(item)) {
+                return item.toJSON();
+            }
+            return item;
+        });
+    }
+    else {
+        returnVal.data = data;
+    }
+    return returnVal;
+}
+//# sourceMappingURL=apiResponse.js.map

package/dist/util/apiResponse.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"apiResponse.js","sourceRoot":"","sources":["../../src/util/apiResponse.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC9D,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAC;AACzC,OAAO,EACL,SAAS,EACT,QAAQ,EACR,UAAU,EACV,cAAc,EACd,QAAQ,GAET,MAAM,iBAAiB,CAAC;AAGzB,MAAM,WAAW;CAShB;AAPC;IADC,QAAQ,EAAE;;yCACG;AAGd;IADC,QAAQ,EAAE;;4CACM;AAGjB;IADC,QAAQ,EAAE;;4CAC8B;AAG3C,MAAM,cAAc;CA6BnB;AA1BC;IAFC,QAAQ,EAAE;IACV,SAAS,EAAE;;kDACQ;AAIpB;IAFC,IAAI,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC;IACvB,cAAc,EAAE;8BACT,WAAW;6CAAC;AAOpB;IAFC,QAAQ,EAAE;IACV,UAAU,EAAE;;4CACC;AAOd;IAFC,QAAQ,EAAE;IACV,UAAU,EAAE;;6CACE;AAOf;IAFC,QAAQ,EAAE;IACV,UAAU,EAAE;;6CACE;AAEjB,MAAM,OAAO,SAAa,SAAQ,SAAuB;CAMxD;AAHC;IAFC,IAAI,CAAC,GAAG,EAAE,CAAC,cAAc,CAAC;IAC1B,cAAc,EAAE;8BACV,cAAc;uCAAC;AAYxB,MAAM,UAAU,WAAW,CAAC,OAAgB,EAAE,EAAE,IAA0B;IACxE,MAAM,SAAS,GAAG,IAAI,SAAS,EAAW,CAAC;IAE3C,SAAS,CAAC,IAAI,GAAG,IAAI,cAAc,EAAE,CAAC;IACtC,SAAS,CAAC,IAAI,GAAG,EAAE,CAAC;IAEpB,IAAI,IAAI,EAAE,KAAK,EAAE,CAAC;QAChB,SAAS,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,WAAW,EAAE,CAAC;QAEzC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAEpD,IAAI,SAAS,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC5B,IAAI,IAAI,CAAC,KAAK,YAAY,MAAM,CAAC,eAAe,EAAE,CAAC;gBACjD,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAgC,CAAC;YAC7E,CAAC;iBAAM,CAAC;gBACN,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAiB,CAAC;YAC9D,CAAC;QACH,CAAC;QAED,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC5D,CAAC;IAED,IAAI,IAAI,EAAE,IAAI,EAAE,CAAC;QACf,SAAS,CAAC,IAAI,CAAC,IAAI,GAAG,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;QAC5C,SAAS,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;QAC9C,SAAS,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,EAAE,IAAI,CAAC,KAAe,CAAC;IACpD,CAAC;IAED,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;QACtB,SAAS,CAAC,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;IACjC,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,SAAS,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YACjC,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;gBACtB,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;YACvB,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QACN,SAAS,CAAC,IAAI,GAAG,IAAI,CAAC;IACxB,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/package.json

@@ -0,0 +1,15 @@
+{
+  "name": "@takaro/http",
+  "version": "0.0.0-next.0da151e",
+  "description": "An opinionated http server",
+  "main": "dist/main.js",
+  "types": "dist/main.d.ts",
+  "type": "module",
+  "scripts": {
+    "start:dev": "tsc --watch --preserveWatchOutput -p ./tsconfig.build.json",
+    "build": "tsc -p ./tsconfig.build.json"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC"
+}

package/src/app.ts

@@ -0,0 +1,105 @@
+import 'reflect-metadata';
+import express, { Application } from 'express';
+import { logger, errors, Sentry } from '@takaro/util';
+import { Server, createServer } from 'node:http';
+import { RoutingControllersOptions, useExpressServer } from 'routing-controllers';
+import { Meta } from './controllers/meta.js';
+import { LoggingMiddleware } from './middleware/logger.js';
+import { ErrorHandler } from './middleware/errorHandler.js';
+import bodyParser from 'body-parser';
+import cors from 'cors';
+import cookieParser from 'cookie-parser';
+import { metricsMiddleware } from './main.js';
+import { paginationMiddleware } from './middleware/paginationMiddleware.js';
+
+interface IHTTPOptions {
+  port?: number;
+  allowedOrigins?: string[];
+}
+
+export class HTTP {
+  private app: Application;
+  private httpServer: Server;
+  private logger;
+
+  constructor(
+    options: RoutingControllersOptions = {},
+    private httpOptions: IHTTPOptions = {},
+  ) {
+    this.logger = logger('http');
+    this.app = express();
+    this.httpServer = createServer(this.app);
+    this.app.use(Sentry.Handlers.requestHandler());
+    this.app.use(
+      bodyParser.json({
+        limit: '1mb',
+        verify: (req, res, buf) => {
+          (req as any).rawBody = buf.toString();
+        },
+      }),
+    );
+    this.app.use(LoggingMiddleware);
+    this.app.use(metricsMiddleware);
+    this.app.use(paginationMiddleware);
+    this.app.set('x-powered-by', false);
+    this.app.use(
+      cors({
+        credentials: true,
+        exposedHeaders: ['X-Trace-Id'],
+        origin: (origin: string | undefined, callback: CallableFunction) => {
+          if (!origin) return callback(null, true);
+          const allowedOrigins = this.httpOptions.allowedOrigins ?? [];
+          if (!origin || allowedOrigins.includes(origin)) {
+            callback(null, true);
+          } else {
+            this.logger.warn(`Origin ${origin} not allowed by CORS`);
+            callback(new errors.BadRequestError('Not allowed by CORS'));
+          }
+        },
+      }),
+    );
+    this.app.use(cookieParser());
+
+    if (options.controllers) {
+      useExpressServer(this.app, {
+        ...options,
+        defaultErrorHandler: false,
+        validation: { whitelist: true, forbidNonWhitelisted: true },
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-function-type
+        controllers: [Meta, ...(options.controllers as Function[])],
+      });
+    } else {
+      useExpressServer(this.app, {
+        ...options,
+        defaultErrorHandler: false,
+        controllers: [Meta],
+        validation: { whitelist: true, forbidNonWhitelisted: true },
+      });
+    }
+
+    this.app.use(Sentry.Handlers.errorHandler());
+
+    this.app.use(ErrorHandler);
+  }
+
+  get expressInstance() {
+    return this.app;
+  }
+
+  get server(): Server {
+    return this.httpServer;
+  }
+
+  async start() {
+    this.httpServer = this.httpServer.listen(this.httpOptions.port, () => {
+      this.logger.info(`HTTP server listening on port ${this.httpOptions.port}`);
+    });
+  }
+
+  async stop() {
+    if (this.httpServer) {
+      this.httpServer.close();
+      this.logger.info('HTTP server stopped');
+    }
+  }
+}

package/src/controllers/__tests__/meta.integration.test.ts

@@ -0,0 +1,23 @@
+import { HTTP } from '../../app.js';
+import supertest from 'supertest';
+import { describe, it, before, after } from 'node:test';
+
+describe('app', () => {
+  let http: HTTP;
+  before(async () => {
+    http = new HTTP({}, { port: undefined });
+    await http.start();
+  });
+
+  after(async () => {
+    await http.stop();
+  });
+
+  it('Serves a health status', async () => {
+    await supertest(http.expressInstance).get('/healthz').expect(200);
+  });
+
+  it('Serves a open api spec', async () => {
+    await supertest(http.expressInstance).get('/openapi.json').expect(200);
+  });
+});

package/src/controllers/defaultMetadatastorage.d.ts

@@ -0,0 +1,5 @@
+declare module 'class-transformer/cjs/storage.js' {
+  import type { MetadataStorage } from 'class-transformer/types/MetadataStorage';
+
+  export const defaultMetadataStorage: MetadataStorage;
+}