@takaro/http 0.0.1

package/README.md

@@ -0,0 +1,7 @@
+# @takaro/http
+
+## TODO
+
+- [ ] Middlewares
+  - [ ] Validation middleware (celebrate?)
+  - [ ]

package/dist/app.d.ts

@@ -0,0 +1,21 @@
+/// <reference types="node" resolution-mode="require"/>
+import 'reflect-metadata';
+import express from 'express';
+import { Server } from 'http';
+import { RoutingControllersOptions } from 'routing-controllers';
+interface IHTTPOptions {
+    port?: number;
+    allowedOrigins?: string[];
+}
+export declare class HTTP {
+    private httpOptions;
+    private app;
+    private httpServer;
+    private logger;
+    constructor(options?: RoutingControllersOptions, httpOptions?: IHTTPOptions);
+    get expressInstance(): express.Application;
+    get server(): Server<typeof import("http").IncomingMessage, typeof import("http").ServerResponse>;
+    start(): Promise<void>;
+    stop(): Promise<void>;
+}
+export {};

package/dist/app.js

@@ -0,0 +1,87 @@
+import 'reflect-metadata';
+import express from 'express';
+import { logger, errors, Sentry } from '@takaro/util';
+import { getBullBoard } from '@takaro/queues';
+import { createServer } from 'http';
+import { useExpressServer } from 'routing-controllers';
+import { Meta } from './controllers/meta.js';
+import { LoggingMiddleware } from './middleware/logger.js';
+import { ErrorHandler } from './middleware/errorHandler.js';
+import bodyParser from 'body-parser';
+import cors from 'cors';
+import cookieParser from 'cookie-parser';
+import { metricsMiddleware } from './main.js';
+import { paginationMiddleware } from './middleware/paginationMiddleware.js';
+export class HTTP {
+    constructor(options = {}, httpOptions = {}) {
+        this.httpOptions = httpOptions;
+        this.logger = logger('http');
+        this.app = express();
+        this.httpServer = createServer(this.app);
+        this.app.use(Sentry.Handlers.requestHandler());
+        this.app.use(bodyParser.json({
+            verify: (req, res, buf) => {
+                req.rawBody = buf.toString();
+            },
+        }));
+        this.app.use(LoggingMiddleware);
+        this.app.use(metricsMiddleware);
+        this.app.use(paginationMiddleware);
+        this.app.set('x-powered-by', false);
+        this.app.use(cors({
+            credentials: true,
+            exposedHeaders: ['X-Trace-Id'],
+            origin: (origin, callback) => {
+                if (!origin)
+                    return callback(null, true);
+                const allowedOrigins = this.httpOptions.allowedOrigins ?? [];
+                if (!origin || allowedOrigins.includes(origin)) {
+                    callback(null, true);
+                }
+                else {
+                    this.logger.warn(`Origin ${origin} not allowed by CORS`);
+                    callback(new errors.BadRequestError('Not allowed by CORS'));
+                }
+            },
+        }));
+        this.app.use(cookieParser());
+        if (options.controllers) {
+            useExpressServer(this.app, {
+                ...options,
+                defaultErrorHandler: false,
+                validation: { whitelist: true, forbidNonWhitelisted: true },
+                // eslint-disable-next-line @typescript-eslint/ban-types
+                controllers: [Meta, ...options.controllers],
+            });
+        }
+        else {
+            useExpressServer(this.app, {
+                ...options,
+                defaultErrorHandler: false,
+                controllers: [Meta],
+                validation: { whitelist: true, forbidNonWhitelisted: true },
+            });
+        }
+        this.app.use('/queues', getBullBoard());
+        this.app.use(Sentry.Handlers.errorHandler());
+        this.app.use(ErrorHandler);
+    }
+    get expressInstance() {
+        return this.app;
+    }
+    get server() {
+        return this.httpServer;
+    }
+    async start() {
+        this.httpServer = this.httpServer.listen(this.httpOptions.port, () => {
+            this.logger.info(`HTTP server listening on port ${this.httpOptions.port}`);
+        });
+    }
+    async stop() {
+        if (this.httpServer) {
+            this.httpServer.close();
+            this.logger.info('HTTP server stopped');
+        }
+    }
+}
+//# sourceMappingURL=app.js.map

package/dist/app.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"app.js","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAAA,OAAO,kBAAkB,CAAC;AAC1B,OAAO,OAAwB,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAU,YAAY,EAAE,MAAM,MAAM,CAAC;AAC5C,OAAO,EAA6B,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAClF,OAAO,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AAC7C,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,UAAU,MAAM,aAAa,CAAC;AACrC,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,YAAY,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,oBAAoB,EAAE,MAAM,sCAAsC,CAAC;AAO5E,MAAM,OAAO,IAAI;IAKf,YAAY,UAAqC,EAAE,EAAU,cAA4B,EAAE;QAA9B,gBAAW,GAAX,WAAW,CAAmB;QACzF,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,GAAG,OAAO,EAAE,CAAC;QACrB,IAAI,CAAC,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACzC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,EAAE,CAAC,CAAC;QAC/C,IAAI,CAAC,GAAG,CAAC,GAAG,CACV,UAAU,CAAC,IAAI,CAAC;YACd,MAAM,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;gBACvB,GAAW,CAAC,OAAO,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;YACxC,CAAC;SACF,CAAC,CACH,CAAC;QACF,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAChC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAChC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QACnC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;QACpC,IAAI,CAAC,GAAG,CAAC,GAAG,CACV,IAAI,CAAC;YACH,WAAW,EAAE,IAAI;YACjB,cAAc,EAAE,CAAC,YAAY,CAAC;YAC9B,MAAM,EAAE,CAAC,MAA0B,EAAE,QAA0B,EAAE,EAAE;gBACjE,IAAI,CAAC,MAAM;oBAAE,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;gBACzC,MAAM,cAAc,GAAG,IAAI,CAAC,WAAW,CAAC,cAAc,IAAI,EAAE,CAAC;gBAC7D,IAAI,CAAC,MAAM,IAAI,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC/C,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;gBACvB,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,MAAM,sBAAsB,CAAC,CAAC;oBACzD,QAAQ,CAAC,IAAI,MAAM,CAAC,eAAe,CAAC,qBAAqB,CAAC,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC;SACF,CAAC,CACH,CAAC;QACF,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC;QAE7B,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxB,gBAAgB,CAAC,IAAI,CAAC,GAAG,EAAE;gBACzB,GAAG,OAAO;gBACV,mBAAmB,EAAE,KAAK;gBAC1B,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,oBAAoB,EAAE,IAAI,EAAE;gBAC3D,wDAAwD;gBACxD,WAAW,EAAE,CAAC,IAAI,EAAE,GAAI,OAAO,CAAC,WAA0B,CAAC;aAC5D,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,gBAAgB,CAAC,IAAI,CAAC,GAAG,EAAE;gBACzB,GAAG,OAAO;gBACV,mBAAmB,EAAE,KAAK;gBAC1B,WAAW,EAAE,CAAC,IAAI,CAAC;gBACnB,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,oBAAoB,EAAE,IAAI,EAAE;aAC5D,CAAC,CAAC;QACL,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,YAAY,EAAE,CAAC,CAAC;QAExC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC,CAAC;QAE7C,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC7B,CAAC;IAED,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB,CAAC;IAED,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,GAAG,EAAE;YACnE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iCAAiC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC;QAC7E,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACxB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;CACF"}

package/dist/controllers/meta.d.ts

@@ -0,0 +1,15 @@
+import { OpenAPIObject } from 'openapi3-ts';
+export declare class HealthOutputDTO {
+    healthy: boolean;
+}
+export declare class Meta {
+    getHealth(): Promise<{
+        healthy: boolean;
+    }>;
+    getReadiness(): Promise<{
+        healthy: boolean;
+    }>;
+    getOpenApi(): Promise<OpenAPIObject>;
+    getOpenApiHtml(): string;
+    getMetrics(): Promise<string>;
+}

package/dist/controllers/meta.js

@@ -0,0 +1,186 @@
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+import { Controller, Get } from 'routing-controllers';
+import { getMetadataArgsStorage } from 'routing-controllers';
+import { routingControllersToSpec } from 'routing-controllers-openapi';
+import { validationMetadatasToSchemas } from 'class-validator-jsonschema';
+import { ResponseSchema } from 'routing-controllers-openapi';
+import { IsBoolean } from 'class-validator';
+import { getMetrics, health } from '@takaro/util';
+import { PERMISSIONS } from '@takaro/auth';
+import { EventMapping } from '@takaro/modules';
+let spec;
+export class HealthOutputDTO {
+}
+__decorate([
+    IsBoolean(),
+    __metadata("design:type", Boolean)
+], HealthOutputDTO.prototype, "healthy", void 0);
+let Meta = class Meta {
+    async getHealth() {
+        return { healthy: true };
+    }
+    async getReadiness() {
+        const healthy = await health.check();
+        return { healthy };
+    }
+    async getOpenApi() {
+        if (spec)
+            return spec;
+        const { getMetadataStorage } = await import('class-validator');
+        const classTransformerStorage = await import(
+        // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+        // @ts-ignore were doing an import of internal code and ts doesnt like that
+        // But this does work, trust me bro...
+        'class-transformer/cjs/storage.js');
+        const storage = getMetadataArgsStorage();
+        const schemas = validationMetadatasToSchemas({
+            refPointerPrefix: '#/components/schemas/',
+            classTransformerMetadataStorage: classTransformerStorage.defaultMetadataStorage,
+            classValidatorMetadataStorage: getMetadataStorage(),
+            forbidNonWhitelisted: true,
+        });
+        spec = routingControllersToSpec(storage, {}, {
+            components: {
+                schemas,
+                securitySchemes: {
+                    adminAuth: {
+                        description: 'Used for system administration, like creating or deleting domains',
+                        type: 'http',
+                        scheme: 'bearer',
+                        bearerFormat: 'JWT',
+                    },
+                    domainAuth: {
+                        description: 'Used for anything inside a domain. Players, GameServers, etc.',
+                        type: 'apiKey',
+                        in: 'cookie',
+                        name: 'takaro-token',
+                    },
+                },
+            },
+        });
+        // Add required permissions to operation descriptions
+        const requiredPermsRegex = /authMiddleware\((.+)\)/;
+        storage.uses.forEach((use) => {
+            const requiredPerms = use.middleware.name
+                .match(requiredPermsRegex)?.[1]
+                .split(',')
+                .map((p) => `\`${p}\``)
+                .join(', ') || [];
+            const operationId = `${use.target.name}.${use.method}`;
+            if (!requiredPerms.length)
+                return;
+            // Find the corresponding path and method in spec
+            Object.keys(spec?.paths ?? []).forEach((pathKey) => {
+                const pathItem = spec?.paths[pathKey];
+                Object.keys(pathItem).forEach((method) => {
+                    const operation = pathItem[method];
+                    if (operation.operationId === operationId) {
+                        // Update the description with required permissions
+                        operation.description = (operation.description || '') + ` Required permissions: ${requiredPerms}`;
+                    }
+                });
+            });
+        });
+        if (spec.components?.schemas) {
+            spec.components.schemas.PERMISSIONS = {
+                enum: Object.values(PERMISSIONS),
+            };
+        }
+        // Force event meta to be the correct types
+        // TODO: figure out how to do this 'properly' with class-validator
+        const allEvents = Object.values(EventMapping).map((e) => e.name);
+        const eventOutputMetaSchema = spec.components?.schemas?.EventOutputDTO;
+        if (eventOutputMetaSchema && 'properties' in eventOutputMetaSchema && eventOutputMetaSchema.properties) {
+            eventOutputMetaSchema.properties.meta = {
+                oneOf: [...allEvents.map((e) => ({ $ref: `#/components/schemas/${e}` }))],
+            };
+        }
+        return spec;
+    }
+    getOpenApiHtml() {
+        return `<!DOCTYPE html>
+    <html>
+      <head>
+        <meta charset="utf-8" />
+        <script
+          type="module"
+          src="https://unpkg.com/rapidoc/dist/rapidoc-min.js"
+        ></script>
+      </head>
+      <body>
+        <rapi-doc
+          spec-url="/openapi.json"
+          render-style="read"
+          fill-request-fields-with-example="false"
+          persist-auth="true"
+
+          sort-tags="true"
+          sort-endpoints-by="method"
+
+          show-method-in-nav-bar="as-colored-block"
+          show-header="false"
+          allow-authentication="false"
+          allow-server-selection="false"
+
+          schema-style="table"
+          schema-expand-level="1"
+          default-schema-tab="schema"
+
+          primary-color="#664de5"
+          bg-color="#151515"
+          text-color="#c2c2c2"
+          header-color="#353535"
+        />
+      </body>
+    </html>
+    `;
+    }
+    getMetrics() {
+        return getMetrics();
+    }
+};
+__decorate([
+    Get('/healthz'),
+    ResponseSchema(HealthOutputDTO),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", []),
+    __metadata("design:returntype", Promise)
+], Meta.prototype, "getHealth", null);
+__decorate([
+    Get('/readyz'),
+    ResponseSchema(HealthOutputDTO),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", []),
+    __metadata("design:returntype", Promise)
+], Meta.prototype, "getReadiness", null);
+__decorate([
+    Get('/openapi.json'),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", []),
+    __metadata("design:returntype", Promise)
+], Meta.prototype, "getOpenApi", null);
+__decorate([
+    Get('/api.html'),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", []),
+    __metadata("design:returntype", void 0)
+], Meta.prototype, "getOpenApiHtml", null);
+__decorate([
+    Get('/metrics'),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", []),
+    __metadata("design:returntype", void 0)
+], Meta.prototype, "getMetrics", null);
+Meta = __decorate([
+    Controller()
+], Meta);
+export { Meta };
+//# sourceMappingURL=meta.js.map

package/dist/controllers/meta.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"meta.js","sourceRoot":"","sources":["../../src/controllers/meta.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAC7D,OAAO,EAAE,wBAAwB,EAAE,MAAM,6BAA6B,CAAC;AACvE,OAAO,EAAE,4BAA4B,EAAE,MAAM,4BAA4B,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAElD,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAE/C,IAAI,IAA+B,CAAC;AAEpC,MAAM,OAAO,eAAe;CAG3B;AADC;IADC,SAAS,EAAE;;gDACM;AAGb,IAAM,IAAI,GAAV,MAAM,IAAI;IAGT,AAAN,KAAK,CAAC,SAAS;QACb,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAIK,AAAN,KAAK,CAAC,YAAY;QAChB,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;QACrC,OAAO,EAAE,OAAO,EAAE,CAAC;IACrB,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU;QACd,IAAI,IAAI;YAAE,OAAO,IAAI,CAAC;QAEtB,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAC/D,MAAM,uBAAuB,GAAG,MAAM,MAAM;QAC1C,6DAA6D;QAC7D,2EAA2E;QAC3E,sCAAsC;QACtC,kCAAkC,CACnC,CAAC;QAEF,MAAM,OAAO,GAAG,sBAAsB,EAAE,CAAC;QACzC,MAAM,OAAO,GAAG,4BAA4B,CAAC;YAC3C,gBAAgB,EAAE,uBAAuB;YACzC,+BAA+B,EAAE,uBAAuB,CAAC,sBAAsB;YAC/E,6BAA6B,EAAE,kBAAkB,EAAE;YACnD,oBAAoB,EAAE,IAAI;SAC3B,CAAC,CAAC;QAEH,IAAI,GAAG,wBAAwB,CAC7B,OAAO,EACP,EAAE,EACF;YACE,UAAU,EAAE;gBACV,OAAO;gBACP,eAAe,EAAE;oBACf,SAAS,EAAE;wBACT,WAAW,EAAE,mEAAmE;wBAChF,IAAI,EAAE,MAAM;wBACZ,MAAM,EAAE,QAAQ;wBAChB,YAAY,EAAE,KAAK;qBACpB;oBACD,UAAU,EAAE;wBACV,WAAW,EAAE,+DAA+D;wBAC5E,IAAI,EAAE,QAAQ;wBACd,EAAE,EAAE,QAAQ;wBACZ,IAAI,EAAE,cAAc;qBACrB;iBACF;aACF;SACF,CACF,CAAC;QAEF,qDAAqD;QAErD,MAAM,kBAAkB,GAAG,wBAAwB,CAAC;QAEpD,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YAC3B,MAAM,aAAa,GACjB,GAAG,CAAC,UAAU,CAAC,IAAI;iBAChB,KAAK,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC,CAAC;iBAC9B,KAAK,CAAC,GAAG,CAAC;iBACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC;iBACtB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YAEtB,MAAM,WAAW,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;YAEvD,IAAI,CAAC,aAAa,CAAC,MAAM;gBAAE,OAAO;YAElC,iDAAiD;YACjD,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBACjD,MAAM,QAAQ,GAAG,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;gBACtC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;oBACvC,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;oBACnC,IAAI,SAAS,CAAC,WAAW,KAAK,WAAW,EAAE,CAAC;wBAC1C,mDAAmD;wBACnD,SAAS,CAAC,WAAW,GAAG,CAAC,SAAS,CAAC,WAAW,IAAI,EAAE,CAAC,GAAG,0BAA0B,aAAa,EAAE,CAAC;oBACpG,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,UAAU,EAAE,OAAO,EAAE,CAAC;YAC7B,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,WAAW,GAAG;gBACpC,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC;aACjC,CAAC;QACJ,CAAC;QAED,2CAA2C;QAC3C,kEAAkE;QAClE,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAEjE,MAAM,qBAAqB,GAAG,IAAI,CAAC,UAAU,EAAE,OAAO,EAAE,cAAc,CAAC;QACvE,IAAI,qBAAqB,IAAI,YAAY,IAAI,qBAAqB,IAAI,qBAAqB,CAAC,UAAU,EAAE,CAAC;YACvG,qBAAqB,CAAC,UAAU,CAAC,IAAI,GAAG;gBACtC,KAAK,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,wBAAwB,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;aAC1E,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAGD,cAAc;QACZ,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAmCN,CAAC;IACJ,CAAC;IAGD,UAAU;QACR,OAAO,UAAU,EAAE,CAAC;IACtB,CAAC;CACF,CAAA;AApJO;IAFL,GAAG,CAAC,UAAU,CAAC;IACf,cAAc,CAAC,eAAe,CAAC;;;;qCAG/B;AAIK;IAFL,GAAG,CAAC,SAAS,CAAC;IACd,cAAc,CAAC,eAAe,CAAC;;;;wCAI/B;AAGK;IADL,GAAG,CAAC,eAAe,CAAC;;;;sCA2FpB;AAGD;IADC,GAAG,CAAC,WAAW,CAAC;;;;0CAsChB;AAGD;IADC,GAAG,CAAC,UAAU,CAAC;;;;sCAGf;AAtJU,IAAI;IADhB,UAAU,EAAE;GACA,IAAI,CAuJhB"}

package/dist/main.d.ts

@@ -0,0 +1,6 @@
+export { HTTP } from './app.js';
+export * from './middleware/metrics.js';
+export { createRateLimitMiddleware } from './middleware/rateLimit.js';
+export { adminAuthMiddleware } from './middleware/adminAuth.js';
+export { paginationMiddleware } from './middleware/paginationMiddleware.js';
+export { apiResponse, APIOutput } from './util/apiResponse.js';

package/dist/main.js

@@ -0,0 +1,7 @@
+export { HTTP } from './app.js';
+export * from './middleware/metrics.js';
+export { createRateLimitMiddleware } from './middleware/rateLimit.js';
+export { adminAuthMiddleware } from './middleware/adminAuth.js';
+export { paginationMiddleware } from './middleware/paginationMiddleware.js';
+export { apiResponse, APIOutput } from './util/apiResponse.js';
+//# sourceMappingURL=main.js.map

package/dist/main.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,UAAU,CAAC;AAEhC,cAAc,yBAAyB,CAAC;AACxC,OAAO,EAAE,yBAAyB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAChE,OAAO,EAAE,oBAAoB,EAAE,MAAM,sCAAsC,CAAC;AAC5E,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC"}

package/dist/middleware/adminAuth.d.ts

@@ -0,0 +1,2 @@
+import { Request, Response, NextFunction } from 'express';
+export declare function adminAuthMiddleware(request: Request, response: Response, next: NextFunction): Promise<void>;

package/dist/middleware/adminAuth.js

@@ -0,0 +1,27 @@
+import { errors, logger } from '@takaro/util';
+import { ory, AUDIENCES } from '@takaro/auth';
+const log = logger('http:middleware:adminAuth');
+export async function adminAuthMiddleware(request, response, next) {
+    try {
+        const rawToken = request.headers['authorization']?.replace('Bearer ', '');
+        if (!rawToken) {
+            log.warn('No token provided');
+            return next(new errors.UnauthorizedError());
+        }
+        const token = await ory.introspectToken(rawToken);
+        if (!token.active) {
+            log.warn('Token is not active');
+            return next(new errors.ForbiddenError());
+        }
+        if (!token.aud.includes(AUDIENCES.TAKARO_API_ADMIN)) {
+            log.warn('Token is not for admin API', { token });
+            return next(new errors.ForbiddenError());
+        }
+        return next();
+    }
+    catch (error) {
+        log.error('Unexpected error', { error });
+        next(new errors.ForbiddenError());
+    }
+}
+//# sourceMappingURL=adminAuth.js.map

package/dist/middleware/adminAuth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"adminAuth.js","sourceRoot":"","sources":["../../src/middleware/adminAuth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C,MAAM,GAAG,GAAG,MAAM,CAAC,2BAA2B,CAAC,CAAC;AAEhD,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,OAAgB,EAAE,QAAkB,EAAE,IAAkB;IAChG,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAE1E,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,GAAG,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAC9B,OAAO,IAAI,CAAC,IAAI,MAAM,CAAC,iBAAiB,EAAE,CAAC,CAAC;QAC9C,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QAElD,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YAClB,GAAG,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;YAChC,OAAO,IAAI,CAAC,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC;QAC3C,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpD,GAAG,CAAC,IAAI,CAAC,4BAA4B,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAClD,OAAO,IAAI,CAAC,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC;QAC3C,CAAC;QAED,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,KAAK,CAAC,kBAAkB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QACzC,IAAI,CAAC,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC;IACpC,CAAC;AACH,CAAC"}

package/dist/middleware/errorHandler.d.ts

@@ -0,0 +1,2 @@
+import { Request, Response, NextFunction } from 'express';
+export declare function ErrorHandler(originalError: Error, req: Request, res: Response, _next: NextFunction): Promise<Response<any, Record<string, any>>>;

package/dist/middleware/errorHandler.js

@@ -0,0 +1,51 @@
+import { HttpError } from 'routing-controllers';
+import { logger, errors } from '@takaro/util';
+import { apiResponse } from '../util/apiResponse.js';
+const log = logger('errorHandler');
+export async function ErrorHandler(originalError, req, res, 
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+_next) {
+    let status = 500;
+    let parsedError = new errors.InternalServerError();
+    if (originalError.name === 'BadRequestError') {
+        if (originalError.hasOwnProperty('errors')) {
+            // @ts-expect-error Error typing is weird in ts... but we validate during runtime so should be OK
+            const validationErrors = originalError['errors'];
+            parsedError = new errors.ValidationError('Validation error', validationErrors);
+            log.warn('⚠️ Validation errror', { details: validationErrors.map((e) => JSON.stringify(e.target, null, 2)) });
+        }
+    }
+    if (originalError instanceof HttpError) {
+        status = originalError.httpCode;
+    }
+    if (originalError.name === 'UniqueViolationError') {
+        status = 409;
+        parsedError = new errors.ConflictError('Unique constraint violation');
+    }
+    if (originalError.name === 'NotNullViolationError') {
+        status = 400;
+        parsedError = new errors.BadRequestError('Missing required field');
+    }
+    if (originalError instanceof errors.TakaroError) {
+        status = originalError.http;
+        parsedError = originalError;
+    }
+    // If error is a JSON.parse error
+    if (originalError instanceof SyntaxError) {
+        if (originalError.message.includes('Unexpected token') ||
+            originalError.message.includes('Unexpected end of JSON input')) {
+            status = 400;
+            parsedError = new errors.BadRequestError('Invalid JSON');
+        }
+    }
+    log.error(originalError);
+    if (status >= 500) {
+        log.error(`🔴 FAIL ${req.method} ${req.originalUrl}`, parsedError);
+    }
+    else {
+        log.warn(`⚠️ FAIL ${req.method} ${req.originalUrl}`, parsedError);
+    }
+    res.status(status).json(apiResponse({}, { error: parsedError, req, res }));
+    return res.end();
+}
+//# sourceMappingURL=errorHandler.js.map

package/dist/middleware/errorHandler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errorHandler.js","sourceRoot":"","sources":["../../src/middleware/errorHandler.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAGrD,MAAM,GAAG,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC;AAEnC,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,aAAoB,EACpB,GAAY,EACZ,GAAa;AACb,6DAA6D;AAC7D,KAAmB;IAEnB,IAAI,MAAM,GAAG,GAAG,CAAC;IACjB,IAAI,WAAW,GAAG,IAAI,MAAM,CAAC,mBAAmB,EAAE,CAAC;IAEnD,IAAI,aAAa,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;QAC7C,IAAI,aAAa,CAAC,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3C,iGAAiG;YACjG,MAAM,gBAAgB,GAAG,aAAa,CAAC,QAAQ,CAAsB,CAAC;YACtE,WAAW,GAAG,IAAI,MAAM,CAAC,eAAe,CAAC,kBAAkB,EAAE,gBAAgB,CAAC,CAAC;YAC/E,GAAG,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,OAAO,EAAE,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAChH,CAAC;IACH,CAAC;IAED,IAAI,aAAa,YAAY,SAAS,EAAE,CAAC;QACvC,MAAM,GAAG,aAAa,CAAC,QAAQ,CAAC;IAClC,CAAC;IAED,IAAI,aAAa,CAAC,IAAI,KAAK,sBAAsB,EAAE,CAAC;QAClD,MAAM,GAAG,GAAG,CAAC;QACb,WAAW,GAAG,IAAI,MAAM,CAAC,aAAa,CAAC,6BAA6B,CAAC,CAAC;IACxE,CAAC;IAED,IAAI,aAAa,CAAC,IAAI,KAAK,uBAAuB,EAAE,CAAC;QACnD,MAAM,GAAG,GAAG,CAAC;QACb,WAAW,GAAG,IAAI,MAAM,CAAC,eAAe,CAAC,wBAAwB,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,aAAa,YAAY,MAAM,CAAC,WAAW,EAAE,CAAC;QAChD,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC;QAC5B,WAAW,GAAG,aAAa,CAAC;IAC9B,CAAC;IAED,iCAAiC;IACjC,IAAI,aAAa,YAAY,WAAW,EAAE,CAAC;QACzC,IACE,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAC;YAClD,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,8BAA8B,CAAC,EAC9D,CAAC;YACD,MAAM,GAAG,GAAG,CAAC;YACb,WAAW,GAAG,IAAI,MAAM,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAED,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IACzB,IAAI,MAAM,IAAI,GAAG,EAAE,CAAC;QAClB,GAAG,CAAC,KAAK,CAAC,WAAW,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,WAAW,EAAE,EAAE,WAAW,CAAC,CAAC;IACrE,CAAC;SAAM,CAAC;QACN,GAAG,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,WAAW,EAAE,EAAE,WAAW,CAAC,CAAC;IACpE,CAAC;IAED,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;IAC3E,OAAO,GAAG,CAAC,GAAG,EAAE,CAAC;AACnB,CAAC"}

package/dist/middleware/logger.d.ts

@@ -0,0 +1,5 @@
+/**
+ * This middleware is called very early in the request lifecycle, so it's
+ * we leverage this fact to inject the context tracking at this stage
+ */
+export declare const LoggingMiddleware: (...args: any[]) => unknown;

package/dist/middleware/logger.js

@@ -0,0 +1,51 @@
+import { logger, ctx } from '@takaro/util';
+const SUPPRESS_BODY_KEYWORDS = ['password', 'newPassword'];
+const HIDDEN_ROUTES = ['/metrics', '/health', '/healthz', '/ready', '/readyz', '/queues/api/queues'];
+import { context, trace } from '@opentelemetry/api';
+const log = logger('http');
+/**
+ * This middleware is called very early in the request lifecycle, so it's
+ * we leverage this fact to inject the context tracking at this stage
+ */
+export const LoggingMiddleware = ctx.wrap('HTTP', loggingMiddleware);
+async function loggingMiddleware(req, res, next) {
+    if (HIDDEN_ROUTES.some((route) => req.originalUrl.startsWith(route))) {
+        return next();
+    }
+    const requestStartMs = Date.now();
+    const hideData = SUPPRESS_BODY_KEYWORDS.some((keyword) => (JSON.stringify(req.body) || '').includes(keyword));
+    log.debug(`⬇️ ${req.method} ${req.originalUrl}`, {
+        ip: req.ip,
+        method: req.method,
+        path: req.originalUrl,
+        body: hideData ? { suppressed_output: true } : req.body,
+    });
+    const span = trace.getSpan(context.active());
+    if (span) {
+        // get the trace ID from the span and set it in the headers
+        const traceId = span.spanContext().traceId;
+        res.header('X-Trace-Id', traceId);
+    }
+    // Log on API Call Finish to add responseTime
+    res.once('finish', () => {
+        const responseTime = Date.now() - requestStartMs;
+        log.info(`⬆️ ${req.method} ${req.originalUrl}`, {
+            responseTime,
+            requestMethod: req.method,
+            requestUrl: req.originalUrl,
+            requestSize: req.headers['content-length'],
+            status: res.statusCode,
+            responseSize: res.getHeader('Content-Length'),
+            userAgent: req.get('User-Agent'),
+            remoteIp: req.ip,
+            serverIp: '127.0.0.1',
+            referer: req.get('Referer'),
+            cacheLookup: false,
+            cacheHit: false,
+            cacheValidatedWithOriginServer: false,
+            protocol: req.protocol,
+        });
+    });
+    next();
+}
+//# sourceMappingURL=logger.js.map

package/dist/middleware/logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.js","sourceRoot":"","sources":["../../src/middleware/logger.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AAE3C,MAAM,sBAAsB,GAAG,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;AAC3D,MAAM,aAAa,GAAG,CAAC,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,oBAAoB,CAAC,CAAC;AACrG,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AACpD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;AAE3B;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;AAErE,KAAK,UAAU,iBAAiB,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;IAC9E,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;QACrE,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAElC,MAAM,QAAQ,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;IAE9G,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,WAAW,EAAE,EAAE;QAC/C,EAAE,EAAE,GAAG,CAAC,EAAE;QACV,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,IAAI,EAAE,GAAG,CAAC,WAAW;QACrB,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI;KACxD,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAE7C,IAAI,IAAI,EAAE,CAAC;QACT,2DAA2D;QAC3D,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC;QAC3C,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,6CAA6C;IAC7C,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE;QACtB,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,cAAc,CAAC;QAEjD,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,WAAW,EAAE,EAAE;YAC9C,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,MAAM;YACzB,UAAU,EAAE,GAAG,CAAC,WAAW;YAC3B,WAAW,EAAE,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC;YAC1C,MAAM,EAAE,GAAG,CAAC,UAAU;YACtB,YAAY,EAAE,GAAG,CAAC,SAAS,CAAC,gBAAgB,CAAC;YAC7C,SAAS,EAAE,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC;YAChC,QAAQ,EAAE,GAAG,CAAC,EAAE;YAChB,QAAQ,EAAE,WAAW;YACrB,OAAO,EAAE,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC;YAC3B,WAAW,EAAE,KAAK;YAClB,QAAQ,EAAE,KAAK;YACf,8BAA8B,EAAE,KAAK;YACrC,QAAQ,EAAE,GAAG,CAAC,QAAQ;SACvB,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAI,EAAE,CAAC;AACT,CAAC"}

package/dist/middleware/metrics.d.ts

@@ -0,0 +1,2 @@
+import { Request, Response, NextFunction } from 'express';
+export declare function metricsMiddleware(req: Request, res: Response, next: NextFunction): Promise<void>;

package/dist/middleware/metrics.js

@@ -0,0 +1,38 @@
+import { Counter, Histogram } from 'prom-client';
+const counter = new Counter({
+    name: 'http_requests_total',
+    help: 'Total number of HTTP requests made',
+    labelNames: ['path', 'method', 'status'],
+});
+const histogram = new Histogram({
+    name: 'http_request_duration_seconds',
+    help: 'Duration of HTTP requests in seconds',
+    labelNames: ['path', 'method', 'status'],
+    buckets: [0.1, 0.5, 1, 2, 5, 10],
+});
+export async function metricsMiddleware(req, res, next) {
+    const rawPath = req.path;
+    const method = req.method;
+    // Filter out anything that looks like a UUID from path
+    const path = rawPath.replace(/\/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}/g, '/:id');
+    const start = Date.now();
+    try {
+        await next();
+    }
+    catch (error) {
+        throw error;
+    }
+    finally {
+        counter.inc({
+            path,
+            method,
+            status: res.statusCode.toString(),
+        });
+        histogram.observe({
+            path,
+            method,
+            status: res.statusCode.toString(),
+        }, (Date.now() - start) / 1000);
+    }
+}
+//# sourceMappingURL=metrics.js.map

package/dist/middleware/metrics.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"metrics.js","sourceRoot":"","sources":["../../src/middleware/metrics.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAEjD,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC;IAC1B,IAAI,EAAE,qBAAqB;IAC3B,IAAI,EAAE,oCAAoC;IAC1C,UAAU,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,CAAC;CACzC,CAAC,CAAC;AAEH,MAAM,SAAS,GAAG,IAAI,SAAS,CAAC;IAC9B,IAAI,EAAE,+BAA+B;IACrC,IAAI,EAAE,sCAAsC;IAC5C,UAAU,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,CAAC;IACxC,OAAO,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;CACjC,CAAC,CAAC;AAEH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;IACrF,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC;IACzB,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;IAC1B,uDAAuD;IACvD,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,iEAAiE,EAAE,MAAM,CAAC,CAAC;IAExG,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzB,IAAI,CAAC;QACH,MAAM,IAAI,EAAE,CAAC;IACf,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,KAAK,CAAC;IACd,CAAC;YAAS,CAAC;QACT,OAAO,CAAC,GAAG,CAAC;YACV,IAAI;YACJ,MAAM;YACN,MAAM,EAAE,GAAG,CAAC,UAAU,CAAC,QAAQ,EAAE;SAClC,CAAC,CAAC;QACH,SAAS,CAAC,OAAO,CACf;YACE,IAAI;YACJ,MAAM;YACN,MAAM,EAAE,GAAG,CAAC,UAAU,CAAC,QAAQ,EAAE;SAClC,EACD,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,GAAG,IAAI,CAC5B,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/middleware/paginationMiddleware.d.ts

@@ -0,0 +1,2 @@
+import { NextFunction, Request, Response } from 'express';
+export declare function paginationMiddleware(req: Request, res: Response, next: NextFunction): Promise<void>;

package/dist/middleware/paginationMiddleware.js

@@ -0,0 +1,26 @@
+import * as yup from 'yup';
+import { errors, logger } from '@takaro/util';
+const log = logger('http:pagination');
+const paginationSchema = yup.object({
+    page: yup.number().default(0).min(0),
+    limit: yup.number().default(100).min(1).max(1000),
+});
+export async function paginationMiddleware(req, res, next) {
+    const merged = { ...req.query, ...req.body };
+    try {
+        const result = await paginationSchema.validate(merged);
+        res.locals.page = result.page;
+        res.locals.limit = result.limit;
+        next();
+    }
+    catch (error) {
+        if (error instanceof yup.ValidationError) {
+            next(new errors.ValidationError('Invalid pagination', [error]));
+        }
+        else {
+            log.error('Unexpected error', error);
+            next(new errors.InternalServerError());
+        }
+    }
+}
+//# sourceMappingURL=paginationMiddleware.js.map

package/dist/middleware/paginationMiddleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"paginationMiddleware.js","sourceRoot":"","sources":["../../src/middleware/paginationMiddleware.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,KAAK,CAAC;AAC3B,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAE9C,MAAM,GAAG,GAAG,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAEtC,MAAM,gBAAgB,GAAG,GAAG,CAAC,MAAM,CAAC;IAClC,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACpC,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;CAClD,CAAC,CAAC;AAEH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;IACxF,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IAC7C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAEvD,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;QAC9B,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QAEhC,IAAI,EAAE,CAAC;IACT,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,GAAG,CAAC,eAAe,EAAE,CAAC;YACzC,IAAI,CAAC,IAAI,MAAM,CAAC,eAAe,CAAC,oBAAoB,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAClE,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,KAAK,CAAC,kBAAkB,EAAE,KAAK,CAAC,CAAC;YACrC,IAAI,CAAC,IAAI,MAAM,CAAC,mBAAmB,EAAE,CAAC,CAAC;QACzC,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/middleware/rateLimit.d.ts

@@ -0,0 +1,8 @@
+import { Request, Response, NextFunction } from 'express';
+export interface IRateLimitMiddlewareOptions {
+    max: number;
+    windowSeconds: number;
+    keyPrefix?: string;
+    useInMemory?: boolean;
+}
+export declare function createRateLimitMiddleware(opts: IRateLimitMiddlewareOptions): Promise<(req: Request, res: Response, next: NextFunction) => Promise<void>>;