npm - @technomoron/api-server-base - Versions diffs - 1.0.37 → 1.0.39 - Mend

@technomoron/api-server-base 1.0.37 → 1.0.39

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.txt ADDED Viewed

@@ -0,0 +1,131 @@
+API Server Base
+================
+Toolkit for building authenticated Express APIs in TypeScript. ApiServer wraps Express with sensible defaults for JSON parsing, cookie handling, CORS, JWT helpers, and a predictable module system.
+- Easy setup of a Node Express based API server with all the basics covered.
+- The server can be extended and methods related to user authentication, API keys and more can be overridden in the derived class.
+- Create API endpoints that are either public, protected or open API calls that may or may not have an authenticated session for dual behaviour.
+- Standardized request handling (POST, GET, file uploads if enabled and more).
+- Authentication system using JWT or simple API bearer keys, fully customizable by overriding class methods.
+- Unified error handling. Just throw new ApiError(...) in any API callback in order ot emit the correct API response.
+- Create structured, standardized API response as JSON data, containing typed return data, response codes and more.
+Highlights
+----------
+Strongly typed base classes for servers (ApiServer) and feature modules (ApiModule).
+Consistent request lifecycle with centralized authentication, authorization hook, and tuple based handler responses.
+JWT, cookie, and API key support with overridable extension points.
+No runtime dependencies beyond the Express ecosystem; required packages install automatically.
+Ships ESM and CommonJS builds plus TypeScript declarations for any Node runtime.
+Installation
+------------
+pnpm add @technomoron/api-server-base
+All runtime dependencies and `@types/*` packages are bundled with the distribution. The library exports ES modules by default. Consumers that rely on CommonJS can import via the require entry exposed in package.json.
+Quick Start
+-----------
+import { ApiServer, ApiModule, ApiError } from '@technomoron/api-server-base';
+class AppServer extends ApiServer {
+	async getUser(uid: unknown) {
+		return { id: uid, email: 'demo@example.com' };
+	}
+	filterUser(user: any) {
+		return { id: user.id, email: user.email };
+	}
+}
+class UserModule extends ApiModule<AppServer> {
+	constructor() {
+		super({ namespace: '/users' });
+	}
+	defineRoutes() {
+		return [
+			{
+				method: 'get',
+				path: '/',
+				auth: { type: 'yes', req: 'any' },
+				handler: async ({ server, tokenData }) => {
+					const user = await server.getUser(tokenData?.uid);
+					if (!user) {
+						throw new ApiError({ code: 404, message: 'User not found' });
+					}
+					return [200, server.filterUser(user)];
+				},
+			},
+		];
+	}
+}
+const server = new AppServer({
+	apiPort: 3101,
+	apiHost: '127.0.0.1',
+	accessSecret: 'replace-me',
+});
+server.api(new UserModule()).start();
+Handlers must return a tuple: [statusCode], [statusCode, data], or [statusCode, data, message]. Throw ApiError for predictable failures.
+Configuration Reference
+-----------------------
+Pass a partial config object to the ApiServer constructor. Defaults cover most values so you can opt in to what you need.
+apiPort (number, default 3101) Port the Express app listens on.
+apiHost (string, default 'localhost') Bind address.
+apiBasePath (string, default '/api') Prefix applied to every module namespace.
+origins (string array, default empty array) CORS allowlist; empty allows all origins.
+uploadPath (string, default empty string) Enables multer.any() when provided.
+uploadMax (number, default 30 * 1024 * 1024) Maximum upload size in bytes.
+accessSecret (string, default empty string) Required for JWT signing and verification.
+refreshSecret (string, default empty string) Used for refresh tokens if you implement them.
+cookieDomain (string, default '.somewhere-over-the-rainbow.com') Domain applied to auth cookies.
+accessCookie (string, default 'dat') Access token cookie name.
+refreshCookie (string, default 'drt') Refresh token cookie name.
+accessExpiry (number, default 60 * 15) Access token lifetime in seconds.
+refreshExpiry (number, default 30 * 24 * 60 * 60 * 1000) Refresh token lifetime in milliseconds.
+authApi (boolean, default false) Toggle you can use when mounting auth routes.
+devMode (boolean, default false) Custom hook for development only features.
+debug (boolean, default false) When true the server logs inbound requests via dumpRequest.
+Tip: If you add new configuration fields in downstream projects, extend ApiServerConf and update fillConfig so defaults stay aligned.
+Request Lifecycle
+-----------------
+1. Express middlewares (express.json, cookie-parser, optional multer) run before your handler.
+2. ApiServer wraps the route inside handle_request, setting currReq and logging when debug is enabled.
+3. authenticate enforces the ApiRoute auth type: none, maybe, or yes. Bearer tokens and the dat cookie are accepted. API key tokens prefixed with apikey- delegate to getApiKey.
+4. authorize runs with the requested auth class (any or admin in the base implementation). Override to connect to your role system.
+5. The handler executes and returns its tuple. Responses are normalized to { code, message, data } JSON.
+6. Errors bubble into the wrapper. ApiError instances respect the provided status codes; other exceptions result in a 500 with text derived from guessExceptionText.
+Extending the Base Classes
+--------------------------
+Override getApiKey, getUser, authenticateUser, storeToken, getToken, updateToken, deleteToken, and verifyPassword to integrate with your persistence layer.
+Customize filterUser to trim sensitive data before sending it to the client.
+Provide your own authorize method to enforce role based access control using the ApiAuthClass enum.
+Create feature modules by extending ApiModule. Use the optional checkConfig hook to validate prerequisites before routes mount.
+Tooling and Scripts
+-------------------
+npm run build       Build CommonJS and ESM outputs (dist/cjs, dist/esm).
+npm run build:cjs   Compile using tsconfig/tsconfig.cjs.json.
+npm run build:esm   Compile using tsconfig/tsconfig.esm.json.
+npm run lint        Run ESLint with the flat config (eslint.config.mjs).
+npm run lintfix     Lint and apply autofixes.
+npm run pretty      Run Prettier over common source and documentation files.
+npm run cleanbuild  Remove dist/, format, lint, and rebuild.
+Documentation
+-------------
+See docs/ folder.
+License
+-------
+MIT License (see LICENSE). Copyright 2025 Bjorn Erik Jacobsen / Technomoron

package/dist/cjs/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export { default as ApiServer } from './api-server-base.js';
+export { ApiModule, ApiError } from './api-server-base.js';
+export type { ApiRequest, ApiRoute, ApiAuthType, ApiAuthClass, ApiTokenData, RequestWithStuff } from './api-server-base.js';

package/dist/cjs/index.js ADDED Viewed

@@ -0,0 +1,11 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ApiError = exports.ApiModule = exports.ApiServer = void 0;
+var api_server_base_js_1 = require("./api-server-base.js");
+Object.defineProperty(exports, "ApiServer", { enumerable: true, get: function () { return __importDefault(api_server_base_js_1).default; } });
+var api_server_base_js_2 = require("./api-server-base.js");
+Object.defineProperty(exports, "ApiModule", { enumerable: true, get: function () { return api_server_base_js_2.ApiModule; } });
+Object.defineProperty(exports, "ApiError", { enumerable: true, get: function () { return api_server_base_js_2.ApiError; } });

package/dist/esm/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export { default as ApiServer } from './api-server-base.js';
+export { ApiModule, ApiError } from './api-server-base.js';
+export type { ApiRequest, ApiRoute, ApiAuthType, ApiAuthClass, ApiTokenData, RequestWithStuff } from './api-server-base.js';

package/dist/esm/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { default as ApiServer } from './api-server-base.js';
2	+ export { ApiModule, ApiError } from './api-server-base.js';

package/package.json CHANGED Viewed

@@ -1,13 +1,17 @@
 {
 	"name": "@technomoron/api-server-base",
-	"version": "1.0.37",
+	"version": "1.0.39",
 	"description": "Api Server Skeleton / Base Class",
-	"main": "dist/cjs/api-server-base.js",
-	"module": "dist/esm/api-server-base.js",
-	"types": "dist/cjs/api-server-base.d.ts",
+	"type": "module",
+	"main": "./dist/cjs/index.js",
+	"module": "./dist/esm/index.js",
+	"types": "./dist/esm/index.d.ts",
 	"exports": {
-		"require": "./dist/cjs/api-server-base.js",
-		"import": "./dist/esm/api-server-base.js"
+		".": {
+			"types": "./dist/esm/index.d.ts",
+			"import": "./dist/esm/index.js",
+			"require": "./dist/cjs/index.js"
+		}
 	},
 	"repository": {
 		"type": "git",
@@ -24,30 +28,31 @@
 		"scrub": "rm -rf ./node_modules/ pnpm-lock.yaml ./dist/",
 		"build:cjs": "tsc --project tsconfig/tsconfig.cjs.json",
 		"build:esm": "tsc --project tsconfig/tsconfig.esm.json",
-		"build": "npm run build:cjs && npm run build:esm",
-		"test": "echo \"Error: no test specified\" && exit 1",
-		"prepublishOnly": "npm run build",
+		"build": "tsc --project tsconfig/tsconfig.cjs.json && tsc --project tsconfig/tsconfig.esm.json",
+		"test": "vitest run",
+		"test:watch": "vitest --watch",
+		"prepublishOnly": "tsc --project tsconfig/tsconfig.cjs.json && tsc --project tsconfig/tsconfig.esm.json",
 		"lint": "eslint --ext .js,.ts,.vue ./",
 		"lintfix": "eslint --fix --ext .js,.ts,.vue ./",
-		"format": "npm run lintfix && npm run pretty",
-		"cleanbuild": "rm -rf ./dist/ && npm run lintfix && npm run format && npm run build",
+		"format": "eslint --fix --ext .js,.ts,.vue ./ && prettier --write \"**/*.{js,jsx,ts,tsx,vue,json,css,scss,md}\"",
+		"cleanbuild": "rm -rf ./dist/ && eslint --fix --ext .js,.ts,.vue ./ && prettier --write \"**/*.{js,jsx,ts,tsx,vue,json,css,scss,md}\" && tsc --project tsconfig/tsconfig.cjs.json && tsc --project tsconfig/tsconfig.esm.json",
 		"pretty": "prettier --write \"**/*.{js,jsx,ts,tsx,vue,json,css,scss,md}\""
 	},
-	"peerDependencies": {
-		"cookie-parser": "^1.4.7",
-		"cors": "^2.8.5",
-		"express": "^4.21.2",
-		"jsonwebtoken": "^9.0.2",
-		"multer": "^2.0.1",
+	"dependencies": {
 		"@types/cookie-parser": "^1.4.9",
 		"@types/cors": "^2.8.19",
 		"@types/express": "^4 || ^5",
 		"@types/jsonwebtoken": "^9.0.9",
-		"@types/multer": "^1.4.13"
+		"@types/multer": "^1.4.13",
+		"cookie-parser": "^1.4.7",
+		"cors": "^2.8.5",
+		"express": "^4.21.2",
+		"jsonwebtoken": "^9.0.2",
+		"multer": "^2.0.1"
 	},
-	"dependencies": {},
 	"devDependencies": {
 		"@types/express-serve-static-core": "^5.0.6",
+		"@types/supertest": "^6.0.3",
 		"@typescript-eslint/eslint-plugin": "^8.33.0",
 		"@typescript-eslint/parser": "^8.33.0",
 		"@vue/eslint-config-prettier": "10.2.0",
@@ -56,7 +61,9 @@
 		"eslint-plugin-import": "^2.31.0",
 		"eslint-plugin-vue": "^10.1.0",
 		"prettier": "^3.5.3",
-		"typescript": "^5.8.3"
+		"supertest": "^7.1.4",
+		"typescript": "^5.8.3",
+		"vitest": "^3.2.4"
 	},
 	"files": [
 		"dist/",