@technomoron/api-server-base 1.1.6 → 1.1.8

package/README.txt

@@ -109,6 +109,7 @@ accessCookie (string, default 'dat') Access token cookie name.
 refreshCookie (string, default 'drt') Refresh token cookie name.
 accessExpiry (number, default 60 * 15) Access token lifetime in seconds.
 refreshExpiry (number, default 30 * 24 * 60 * 60 * 1000) Refresh token lifetime in milliseconds.
+sessionRefreshExpiry (number, default 24 * 60 * 60) Session token lifetime in seconds when clients opt out of "remember me" cookies.
 authApi (boolean, default false) Toggle you can use when mounting auth routes.
 devMode (boolean, default false) Custom hook for development only features.
 debug (boolean, default false) When true the server logs inbound requests via dumpRequest.

package/dist/cjs/api-server-base.cjs

@@ -326,6 +326,7 @@ function fillConfig(config) {
         refreshCookie: config.refreshCookie ?? 'drt',
         accessExpiry: config.accessExpiry ?? 60 * 15,
         refreshExpiry: config.refreshExpiry ?? 30 * 24 * 60 * 60,
+        sessionRefreshExpiry: config.sessionRefreshExpiry ?? 24 * 60 * 60,
         authApi: config.authApi ?? false,
         devMode: config.devMode ?? false,
         hydrateGetBody: config.hydrateGetBody ?? true,
@@ -335,7 +336,9 @@ function fillConfig(config) {
 class ApiServer {
     constructor(config = {}) {
         this.currReq = null;
+        this.apiNotFoundHandler = null;
         this.config = fillConfig(config);
+        this.apiBasePath = this.normalizeApiBasePath(this.config.apiBasePath);
         this.storageAdapter = auth_storage_js_1.nullAuthStorage;
         this.moduleAdapter = auth_module_js_1.nullAuthModule;
         this.app = (0, express_1.default)();
@@ -345,6 +348,7 @@ class ApiServer {
         }
         this.middlewares();
         // addSwaggerUi(this.app);
+        this.installApiNotFoundHandler();
     }
     authStorage(storage) {
         this.storageAdapter = storage;
@@ -493,6 +497,56 @@ class ApiServer {
         };
         this.app.use((0, cors_1.default)(corsOptions));
     }
+    normalizeApiBasePath(path) {
+        if (!path || typeof path !== 'string') {
+            return '/api';
+        }
+        const trimmed = path.trim();
+        if (!trimmed) {
+            return '/api';
+        }
+        const withLeadingSlash = trimmed.startsWith('/') ? trimmed : `/${trimmed}`;
+        if (withLeadingSlash.length === 1) {
+            return withLeadingSlash;
+        }
+        return withLeadingSlash.replace(/\/+$/, '') || '/api';
+    }
+    installApiNotFoundHandler() {
+        if (this.apiNotFoundHandler) {
+            return;
+        }
+        this.apiNotFoundHandler = (req, res) => {
+            const payload = {
+                code: 404,
+                message: this.describeMissingEndpoint(req),
+                data: null,
+                errors: {}
+            };
+            res.status(404).json(payload);
+        };
+        this.app.use(this.apiBasePath, this.apiNotFoundHandler);
+    }
+    ensureApiNotFoundOrdering() {
+        this.installApiNotFoundHandler();
+        if (!this.apiNotFoundHandler) {
+            return;
+        }
+        const stack = this.app?._router?.stack;
+        if (!stack) {
+            return;
+        }
+        const index = stack.findIndex((layer) => layer.handle === this.apiNotFoundHandler);
+        if (index === -1 || index === stack.length - 1) {
+            return;
+        }
+        const [layer] = stack.splice(index, 1);
+        stack.push(layer);
+    }
+    describeMissingEndpoint(req) {
+        const method = typeof req.method === 'string' ? req.method.toUpperCase() : 'GET';
+        const target = req.originalUrl || req.url || this.apiBasePath;
+        return `No such endpoint: ${method} ${target}`;
+    }
     start() {
         this.app
             .listen({
@@ -705,7 +759,7 @@ class ApiServer {
             this.authModule(module);
         }
         module.checkConfig();
-        const base = this.config.apiBasePath ?? '/api';
+        const base = this.apiBasePath;
         const ns = module.namespace;
         const mountPath = `${base}${ns}`;
         module.mountpath = mountPath;
@@ -717,6 +771,7 @@ class ApiServer {
             }
         });
         this.app.use(mountPath, router);
+        this.ensureApiNotFoundOrdering();
         return this;
     }
     dumpRequest(apiReq) {

package/dist/cjs/api-server-base.d.ts

@@ -92,6 +92,7 @@ export interface ApiServerConf {
     refreshCookie: string;
     accessExpiry: number;
     refreshExpiry: number;
+    sessionRefreshExpiry: number;
     authApi: boolean;
     devMode: boolean;
     hydrateGetBody: boolean;
@@ -101,8 +102,10 @@ export declare class ApiServer {
     app: Application;
     currReq: ApiRequest | null;
     readonly config: ApiServerConf;
+    private readonly apiBasePath;
     private storageAdapter;
     private moduleAdapter;
+    private apiNotFoundHandler;
     constructor(config?: Partial<ApiServerConf>);
     authStorage<UserRow, SafeUser>(storage: AuthStorage<UserRow, SafeUser>): this;
     /**
@@ -134,6 +137,10 @@ export declare class ApiServer {
     guessExceptionText(error: any, defMsg?: string): string;
     protected authorize(apiReq: ApiRequest, requiredClass: ApiAuthClass): Promise<void>;
     private middlewares;
+    private normalizeApiBasePath;
+    private installApiNotFoundHandler;
+    private ensureApiNotFoundOrdering;
+    private describeMissingEndpoint;
     start(): this;
     private verifyJWT;
     private authenticate;

package/dist/cjs/auth-storage.d.ts

@@ -10,6 +10,8 @@ export interface AuthTokenMetadata {
     os?: string;
     scope?: string | string[];
     loginType?: string;
+    refreshTtlSeconds?: number;
+    sessionCookie?: boolean;
     revokeSessions?: 'device' | 'domain' | 'client' | 'user';
 }
 export interface AuthTokenData extends AuthTokenMetadata {

package/dist/esm/api-server-base.d.ts

@@ -92,6 +92,7 @@ export interface ApiServerConf {
     refreshCookie: string;
     accessExpiry: number;
     refreshExpiry: number;
+    sessionRefreshExpiry: number;
     authApi: boolean;
     devMode: boolean;
     hydrateGetBody: boolean;
@@ -101,8 +102,10 @@ export declare class ApiServer {
     app: Application;
     currReq: ApiRequest | null;
     readonly config: ApiServerConf;
+    private readonly apiBasePath;
     private storageAdapter;
     private moduleAdapter;
+    private apiNotFoundHandler;
     constructor(config?: Partial<ApiServerConf>);
     authStorage<UserRow, SafeUser>(storage: AuthStorage<UserRow, SafeUser>): this;
     /**
@@ -134,6 +137,10 @@ export declare class ApiServer {
     guessExceptionText(error: any, defMsg?: string): string;
     protected authorize(apiReq: ApiRequest, requiredClass: ApiAuthClass): Promise<void>;
     private middlewares;
+    private normalizeApiBasePath;
+    private installApiNotFoundHandler;
+    private ensureApiNotFoundOrdering;
+    private describeMissingEndpoint;
     start(): this;
     private verifyJWT;
     private authenticate;

package/dist/esm/api-server-base.js

@@ -318,6 +318,7 @@ function fillConfig(config) {
         refreshCookie: config.refreshCookie ?? 'drt',
         accessExpiry: config.accessExpiry ?? 60 * 15,
         refreshExpiry: config.refreshExpiry ?? 30 * 24 * 60 * 60,
+        sessionRefreshExpiry: config.sessionRefreshExpiry ?? 24 * 60 * 60,
         authApi: config.authApi ?? false,
         devMode: config.devMode ?? false,
         hydrateGetBody: config.hydrateGetBody ?? true,
@@ -327,7 +328,9 @@ function fillConfig(config) {
 export class ApiServer {
     constructor(config = {}) {
         this.currReq = null;
+        this.apiNotFoundHandler = null;
         this.config = fillConfig(config);
+        this.apiBasePath = this.normalizeApiBasePath(this.config.apiBasePath);
         this.storageAdapter = nullAuthStorage;
         this.moduleAdapter = nullAuthModule;
         this.app = express();
@@ -337,6 +340,7 @@ export class ApiServer {
         }
         this.middlewares();
         // addSwaggerUi(this.app);
+        this.installApiNotFoundHandler();
     }
     authStorage(storage) {
         this.storageAdapter = storage;
@@ -485,6 +489,56 @@ export class ApiServer {
         };
         this.app.use(cors(corsOptions));
     }
+    normalizeApiBasePath(path) {
+        if (!path || typeof path !== 'string') {
+            return '/api';
+        }
+        const trimmed = path.trim();
+        if (!trimmed) {
+            return '/api';
+        }
+        const withLeadingSlash = trimmed.startsWith('/') ? trimmed : `/${trimmed}`;
+        if (withLeadingSlash.length === 1) {
+            return withLeadingSlash;
+        }
+        return withLeadingSlash.replace(/\/+$/, '') || '/api';
+    }
+    installApiNotFoundHandler() {
+        if (this.apiNotFoundHandler) {
+            return;
+        }
+        this.apiNotFoundHandler = (req, res) => {
+            const payload = {
+                code: 404,
+                message: this.describeMissingEndpoint(req),
+                data: null,
+                errors: {}
+            };
+            res.status(404).json(payload);
+        };
+        this.app.use(this.apiBasePath, this.apiNotFoundHandler);
+    }
+    ensureApiNotFoundOrdering() {
+        this.installApiNotFoundHandler();
+        if (!this.apiNotFoundHandler) {
+            return;
+        }
+        const stack = this.app?._router?.stack;
+        if (!stack) {
+            return;
+        }
+        const index = stack.findIndex((layer) => layer.handle === this.apiNotFoundHandler);
+        if (index === -1 || index === stack.length - 1) {
+            return;
+        }
+        const [layer] = stack.splice(index, 1);
+        stack.push(layer);
+    }
+    describeMissingEndpoint(req) {
+        const method = typeof req.method === 'string' ? req.method.toUpperCase() : 'GET';
+        const target = req.originalUrl || req.url || this.apiBasePath;
+        return `No such endpoint: ${method} ${target}`;
+    }
     start() {
         this.app
             .listen({
@@ -697,7 +751,7 @@ export class ApiServer {
             this.authModule(module);
         }
         module.checkConfig();
-        const base = this.config.apiBasePath ?? '/api';
+        const base = this.apiBasePath;
         const ns = module.namespace;
         const mountPath = `${base}${ns}`;
         module.mountpath = mountPath;
@@ -709,6 +763,7 @@ export class ApiServer {
             }
         });
         this.app.use(mountPath, router);
+        this.ensureApiNotFoundOrdering();
         return this;
     }
     dumpRequest(apiReq) {

package/dist/esm/auth-storage.d.ts

@@ -10,6 +10,8 @@ export interface AuthTokenMetadata {
     os?: string;
     scope?: string | string[];
     loginType?: string;
+    refreshTtlSeconds?: number;
+    sessionCookie?: boolean;
     revokeSessions?: 'device' | 'domain' | 'client' | 'user';
 }
 export interface AuthTokenData extends AuthTokenMetadata {

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@technomoron/api-server-base",
-	"version": "1.1.6",
+	"version": "1.1.8",
 	"description": "Api Server Skeleton / Base Class",
 	"type": "module",
 	"main": "./dist/cjs/index.cjs",
@@ -28,14 +28,14 @@
 		"scrub": "rm -rf ./node_modules/ pnpm-lock.yaml ./dist/",
 		"build:cjs": "tsc --project tsconfig/tsconfig.cjs.json && node scripts/prepare-cjs.cjs",
 		"build:esm": "tsc --project tsconfig/tsconfig.esm.json",
-		"build": "npm run build:cjs && npm run build:esm",
+		"build": "node scripts/run-builds.cjs",
 		"test": "vitest run",
 		"test:watch": "vitest --watch",
-		"prepublishOnly": "npm run build:cjs && npm run build:esm",
+		"prepublishOnly": "node scripts/run-builds.cjs",
 		"lint": "eslint --ext .js,.ts,.vue ./",
 		"lintfix": "eslint --fix --ext .js,.ts,.vue ./",
 		"format": "eslint --fix --ext .js,.ts,.vue ./ && prettier --write \"**/*.{js,jsx,ts,tsx,vue,json,css,scss,md}\"",
-		"cleanbuild": "rm -rf ./dist/ && eslint --fix --ext .js,.ts,.vue ./ && prettier --write \"**/*.{js,jsx,ts,tsx,vue,json,css,scss,md}\" && npm run build",
+		"cleanbuild": "rm -rf ./dist/ && eslint --fix --ext .js,.ts,.vue ./ && prettier --log-level warn --write \"**/*.{js,jsx,ts,tsx,vue,json,css,scss,md}\" && node scripts/run-builds.cjs",
 		"pretty": "prettier --write \"**/*.{js,jsx,ts,tsx,vue,json,css,scss,md}\""
 	},
 	"dependencies": {
@@ -65,6 +65,11 @@
 		"typescript": "^5.9.3",
 		"vitest": "^3.2.4"
 	},
+	"pnpm": {
+		"onlyBuiltDependencies": [
+			"esbuild"
+		]
+	},
 	"files": [
 		"dist/",
 		"package.json"