@tanakayuto/intmax402-express 0.2.2 → 0.2.4

package/dist/middleware.js

@@ -4,78 +4,67 @@ exports.intmax402 = intmax402;
 const intmax402_core_1 = require("@tanakayuto/intmax402-core");
 const crypto_1 = require("./crypto");
 const verify_payment_1 = require("./verify-payment");
-function buildWWWAuthenticate(nonce, config) {
-    let header = `INTMAX402 realm="intmax402", nonce="${nonce}", mode="${config.mode}"`;
-    if (config.serverAddress) {
-        header += `, serverAddress="${config.serverAddress}"`;
-    }
-    if (config.amount) {
-        header += `, amount="${config.amount}"`;
-    }
-    if (config.tokenAddress) {
-        header += `, tokenAddress="${config.tokenAddress}"`;
-    }
-    if (config.chainId) {
-        header += `, chainId="${config.chainId}"`;
-    }
-    return header;
-}
 function intmax402(config) {
     return async (req, res, next) => {
-        const authHeader = req.headers.authorization;
-        if (!authHeader) {
-            const ip = req.ip || req.socket.remoteAddress || "unknown";
-            const nonce = (0, intmax402_core_1.generateNonce)(config.secret, ip, req.path, config.bindIp ?? false);
-            const statusCode = config.mode === "payment" ? 402 : 401;
-            res.setHeader("WWW-Authenticate", buildWWWAuthenticate(nonce, config));
-            res.status(statusCode).json({
-                error: config.mode === "payment" ? "Payment Required" : "Unauthorized",
-                protocol: "INTMAX402",
-                mode: config.mode,
-            });
-            return;
-        }
-        const credential = (0, intmax402_core_1.parseAuthorization)(authHeader);
-        if (!credential) {
-            res.status(401).json({ error: "Invalid authorization header" });
-            return;
-        }
-        const ip = req.ip || req.socket.remoteAddress || "unknown";
-        if (!(0, intmax402_core_1.verifyNonce)(credential.nonce, config.secret, ip, req.path, config.bindIp ?? false)) {
-            res.status(401).json({ error: "Invalid or expired nonce" });
-            return;
-        }
-        if (config.allowList && config.allowList.length > 0) {
-            if (!config.allowList.includes(credential.address.toLowerCase())) {
-                res.status(403).json({ error: "Address not in allow list" });
+        try {
+            const authHeader = req.headers.authorization;
+            if (!authHeader) {
+                const ip = req.ip || req.socket.remoteAddress || "unknown";
+                const nonce = (0, intmax402_core_1.generateNonce)(config.secret, ip, req.path, config.bindIp ?? false);
+                const statusCode = config.mode === "payment" ? 402 : 401;
+                res.setHeader("WWW-Authenticate", (0, intmax402_core_1.buildWWWAuthenticate)(nonce, config));
+                res.status(statusCode).json({
+                    error: config.mode === "payment" ? "Payment Required" : "Unauthorized",
+                    protocol: "INTMAX402",
+                    mode: config.mode,
+                });
                 return;
             }
-        }
-        const isValidSig = (0, crypto_1.verifySignature)(credential.signature, credential.nonce, credential.address);
-        if (!isValidSig) {
-            res.status(401).json({ error: "Invalid signature" });
-            return;
-        }
-        if (config.mode === "payment") {
-            if (!credential.txHash) {
-                res.status(402).json({ error: "Payment transaction hash required" });
+            const credential = (0, intmax402_core_1.parseAuthorization)(authHeader);
+            if (!credential) {
+                res.status(401).json({ error: "Invalid authorization header" });
                 return;
             }
-            if (!config.serverAddress || !config.amount) {
-                res.status(500).json({ error: "Server misconfigured: serverAddress and amount required for payment mode" });
+            const ip = req.ip || req.socket.remoteAddress || "unknown";
+            if (!(0, intmax402_core_1.verifyNonce)(credential.nonce, config.secret, ip, req.path, config.bindIp ?? false)) {
+                res.status(401).json({ error: "Invalid or expired nonce" });
                 return;
             }
-            const paymentResult = await (0, verify_payment_1.verifyPayment)(credential.txHash, config.amount, config.serverAddress);
-            if (!paymentResult.valid) {
-                res.status(402).json({ error: paymentResult.error || "Payment verification failed" });
+            if (config.allowList && config.allowList.length > 0) {
+                if (!config.allowList.includes(credential.address.toLowerCase())) {
+                    res.status(403).json({ error: "Address not in allow list" });
+                    return;
+                }
+            }
+            const isValidSig = (0, crypto_1.verifySignature)(credential.signature, credential.nonce, credential.address);
+            if (!isValidSig) {
+                res.status(401).json({ error: "Invalid signature" });
                 return;
             }
+            if (config.mode === "payment") {
+                if (!credential.txHash) {
+                    res.status(402).json({ error: "Payment transaction hash required" });
+                    return;
+                }
+                if (!config.serverAddress || !config.amount) {
+                    res.status(500).json({ error: "Server misconfigured: serverAddress and amount required for payment mode" });
+                    return;
+                }
+                const paymentResult = await (0, verify_payment_1.verifyPayment)(credential.txHash, config.amount, config.serverAddress);
+                if (!paymentResult.valid) {
+                    res.status(402).json({ error: paymentResult.error || "Payment verification failed" });
+                    return;
+                }
+            }
+            req.intmax402 = {
+                address: credential.address,
+                verified: true,
+                txHash: credential.txHash,
+            };
+            next();
+        }
+        catch (err) {
+            next(err);
         }
-        req.intmax402 = {
-            address: credential.address,
-            verified: true,
-            txHash: credential.txHash,
-        };
-        next();
     };
 }

package/package.json

@@ -1,12 +1,29 @@
 {
   "name": "@tanakayuto/intmax402-express",
-  "version": "0.2.2",
+  "version": "0.2.4",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "require": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    },
+    "./crypto": {
+      "import": "./dist/crypto.js",
+      "require": "./dist/crypto.js",
+      "types": "./dist/crypto.d.ts"
+    },
+    "./verify-payment": {
+      "import": "./dist/verify-payment.js",
+      "require": "./dist/verify-payment.js",
+      "types": "./dist/verify-payment.d.ts"
+    }
+  },
   "dependencies": {
-    "@tanakayuto/intmax402-core": "0.2.2",
     "ethers": "^6.16.0",
-    "intmax2-server-sdk": "^1.5.2"
+    "intmax2-server-sdk": "^1.5.2",
+    "@tanakayuto/intmax402-core": "0.2.4"
   },
   "peerDependencies": {
     "express": "^4.18.0"