npm - @technomoron/apicore-server - Versions diffs - 1.0.0-beta.1 - Mend

@technomoron/apicore-server 1.0.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (171) hide show

package/LICENSE +21 -0
package/dist/cjs/api-module.cjs +34 -0
package/dist/cjs/api-module.d.ts +45 -0
package/dist/cjs/apicore-server.cjs +1561 -0
package/dist/cjs/apicore-server.d.ts +288 -0
package/dist/cjs/auth-api/auth-module.cjs +1248 -0
package/dist/cjs/auth-api/auth-module.d.ts +116 -0
package/dist/cjs/auth-api/compat-auth-storage.cjs +128 -0
package/dist/cjs/auth-api/compat-auth-storage.d.ts +57 -0
package/dist/cjs/auth-api/mem-auth-store.cjs +121 -0
package/dist/cjs/auth-api/mem-auth-store.d.ts +68 -0
package/dist/cjs/auth-api/module.cjs +25 -0
package/dist/cjs/auth-api/module.d.ts +20 -0
package/dist/cjs/auth-api/schemas.cjs +171 -0
package/dist/cjs/auth-api/schemas.d.ts +21 -0
package/dist/cjs/auth-api/sql-auth-store.cjs +179 -0
package/dist/cjs/auth-api/sql-auth-store.d.ts +87 -0
package/dist/cjs/auth-api/storage.cjs +102 -0
package/dist/cjs/auth-api/storage.d.ts +38 -0
package/dist/cjs/auth-api/types.cjs +2 -0
package/dist/cjs/auth-api/types.d.ts +34 -0
package/dist/cjs/auth-api/user-id.cjs +47 -0
package/dist/cjs/auth-api/user-id.d.ts +5 -0
package/dist/cjs/auth-cookie-options.cjs +66 -0
package/dist/cjs/auth-cookie-options.d.ts +13 -0
package/dist/cjs/base/client-info.cjs +285 -0
package/dist/cjs/base/client-info.d.ts +27 -0
package/dist/cjs/base/error-utils.cjs +50 -0
package/dist/cjs/base/error-utils.d.ts +16 -0
package/dist/cjs/base/request-utils.cjs +27 -0
package/dist/cjs/base/request-utils.d.ts +8 -0
package/dist/cjs/index.cjs +51 -0
package/dist/cjs/index.d.ts +34 -0
package/dist/cjs/limiter/auth-rate-limiter.cjs +35 -0
package/dist/cjs/limiter/auth-rate-limiter.d.ts +12 -0
package/dist/cjs/limiter/fixed-window.cjs +41 -0
package/dist/cjs/limiter/fixed-window.d.ts +11 -0
package/dist/cjs/oauth/base.cjs +7 -0
package/dist/cjs/oauth/base.d.ts +17 -0
package/dist/cjs/oauth/memory.cjs +135 -0
package/dist/cjs/oauth/memory.d.ts +22 -0
package/dist/cjs/oauth/models.cjs +47 -0
package/dist/cjs/oauth/models.d.ts +50 -0
package/dist/cjs/oauth/sequelize.cjs +159 -0
package/dist/cjs/oauth/sequelize.d.ts +30 -0
package/dist/cjs/oauth/types.cjs +3 -0
package/dist/cjs/oauth/types.d.ts +51 -0
package/dist/cjs/passkey/base.cjs +7 -0
package/dist/cjs/passkey/base.d.ts +28 -0
package/dist/cjs/passkey/config.cjs +26 -0
package/dist/cjs/passkey/config.d.ts +2 -0
package/dist/cjs/passkey/memory.cjs +123 -0
package/dist/cjs/passkey/memory.d.ts +34 -0
package/dist/cjs/passkey/models.cjs +142 -0
package/dist/cjs/passkey/models.d.ts +34 -0
package/dist/cjs/passkey/sequelize.cjs +126 -0
package/dist/cjs/passkey/sequelize.d.ts +42 -0
package/dist/cjs/passkey/service.cjs +413 -0
package/dist/cjs/passkey/service.d.ts +21 -0
package/dist/cjs/passkey/types.cjs +2 -0
package/dist/cjs/passkey/types.d.ts +84 -0
package/dist/cjs/sequelize-utils.cjs +56 -0
package/dist/cjs/sequelize-utils.d.ts +8 -0
package/dist/cjs/token/base.cjs +120 -0
package/dist/cjs/token/base.d.ts +46 -0
package/dist/cjs/token/memory.cjs +234 -0
package/dist/cjs/token/memory.d.ts +29 -0
package/dist/cjs/token/sequelize.cjs +400 -0
package/dist/cjs/token/sequelize.d.ts +58 -0
package/dist/cjs/token/types.cjs +2 -0
package/dist/cjs/token/types.d.ts +34 -0
package/dist/cjs/upload/memory.cjs +92 -0
package/dist/cjs/upload/memory.d.ts +17 -0
package/dist/cjs/upload/tus-module.cjs +270 -0
package/dist/cjs/upload/tus-module.d.ts +38 -0
package/dist/cjs/upload/types.cjs +2 -0
package/dist/cjs/upload/types.d.ts +28 -0
package/dist/cjs/user/base.cjs +53 -0
package/dist/cjs/user/base.d.ts +36 -0
package/dist/cjs/user/memory.cjs +194 -0
package/dist/cjs/user/memory.d.ts +37 -0
package/dist/cjs/user/sequelize.cjs +194 -0
package/dist/cjs/user/sequelize.d.ts +46 -0
package/dist/cjs/user/types.cjs +2 -0
package/dist/cjs/user/types.d.ts +11 -0
package/dist/esm/api-module.d.ts +45 -0
package/dist/esm/api-module.js +30 -0
package/dist/esm/apicore-server.d.ts +288 -0
package/dist/esm/apicore-server.js +1552 -0
package/dist/esm/auth-api/auth-module.d.ts +116 -0
package/dist/esm/auth-api/auth-module.js +1246 -0
package/dist/esm/auth-api/compat-auth-storage.d.ts +57 -0
package/dist/esm/auth-api/compat-auth-storage.js +124 -0
package/dist/esm/auth-api/mem-auth-store.d.ts +68 -0
package/dist/esm/auth-api/mem-auth-store.js +117 -0
package/dist/esm/auth-api/module.d.ts +20 -0
package/dist/esm/auth-api/module.js +21 -0
package/dist/esm/auth-api/schemas.d.ts +21 -0
package/dist/esm/auth-api/schemas.js +168 -0
package/dist/esm/auth-api/sql-auth-store.d.ts +87 -0
package/dist/esm/auth-api/sql-auth-store.js +175 -0
package/dist/esm/auth-api/storage.d.ts +38 -0
package/dist/esm/auth-api/storage.js +98 -0
package/dist/esm/auth-api/types.d.ts +34 -0
package/dist/esm/auth-api/types.js +1 -0
package/dist/esm/auth-api/user-id.d.ts +5 -0
package/dist/esm/auth-api/user-id.js +41 -0
package/dist/esm/auth-cookie-options.d.ts +13 -0
package/dist/esm/auth-cookie-options.js +63 -0
package/dist/esm/base/client-info.d.ts +27 -0
package/dist/esm/base/client-info.js +282 -0
package/dist/esm/base/error-utils.d.ts +16 -0
package/dist/esm/base/error-utils.js +44 -0
package/dist/esm/base/request-utils.d.ts +8 -0
package/dist/esm/base/request-utils.js +23 -0
package/dist/esm/index.d.ts +34 -0
package/dist/esm/index.js +21 -0
package/dist/esm/limiter/auth-rate-limiter.d.ts +12 -0
package/dist/esm/limiter/auth-rate-limiter.js +32 -0
package/dist/esm/limiter/fixed-window.d.ts +11 -0
package/dist/esm/limiter/fixed-window.js +37 -0
package/dist/esm/oauth/base.d.ts +17 -0
package/dist/esm/oauth/base.js +3 -0
package/dist/esm/oauth/memory.d.ts +22 -0
package/dist/esm/oauth/memory.js +128 -0
package/dist/esm/oauth/models.d.ts +50 -0
package/dist/esm/oauth/models.js +38 -0
package/dist/esm/oauth/sequelize.d.ts +30 -0
package/dist/esm/oauth/sequelize.js +148 -0
package/dist/esm/oauth/types.d.ts +51 -0
package/dist/esm/oauth/types.js +2 -0
package/dist/esm/passkey/base.d.ts +28 -0
package/dist/esm/passkey/base.js +3 -0
package/dist/esm/passkey/config.d.ts +2 -0
package/dist/esm/passkey/config.js +23 -0
package/dist/esm/passkey/memory.d.ts +34 -0
package/dist/esm/passkey/memory.js +119 -0
package/dist/esm/passkey/models.d.ts +34 -0
package/dist/esm/passkey/models.js +135 -0
package/dist/esm/passkey/sequelize.d.ts +42 -0
package/dist/esm/passkey/sequelize.js +122 -0
package/dist/esm/passkey/service.d.ts +21 -0
package/dist/esm/passkey/service.js +376 -0
package/dist/esm/passkey/types.d.ts +84 -0
package/dist/esm/passkey/types.js +1 -0
package/dist/esm/sequelize-utils.d.ts +8 -0
package/dist/esm/sequelize-utils.js +47 -0
package/dist/esm/token/base.d.ts +46 -0
package/dist/esm/token/base.js +113 -0
package/dist/esm/token/memory.d.ts +29 -0
package/dist/esm/token/memory.js +230 -0
package/dist/esm/token/sequelize.d.ts +58 -0
package/dist/esm/token/sequelize.js +396 -0
package/dist/esm/token/types.d.ts +34 -0
package/dist/esm/token/types.js +1 -0
package/dist/esm/upload/memory.d.ts +17 -0
package/dist/esm/upload/memory.js +86 -0
package/dist/esm/upload/tus-module.d.ts +38 -0
package/dist/esm/upload/tus-module.js +266 -0
package/dist/esm/upload/types.d.ts +28 -0
package/dist/esm/upload/types.js +1 -0
package/dist/esm/user/base.d.ts +36 -0
package/dist/esm/user/base.js +46 -0
package/dist/esm/user/memory.d.ts +37 -0
package/dist/esm/user/memory.js +190 -0
package/dist/esm/user/sequelize.d.ts +46 -0
package/dist/esm/user/sequelize.js +188 -0
package/dist/esm/user/types.d.ts +11 -0
package/dist/esm/user/types.js +1 -0
package/docs/swagger/openapi.json +2162 -0
package/package.json +131 -0

package/dist/esm/token/sequelize.js ADDED Viewed

@@ -0,0 +1,396 @@
+import { DataTypes, Model, Op } from 'sequelize';
+import { normalizeStringUserId } from '../auth-api/user-id.js';
+import { applyTablePrefix, decodeStringArray, encodeStringArray, integerIdType, tableOptions } from '../sequelize-utils.js';
+import { TokenStore } from './base.js';
+class TokenModel extends Model {
+}
+function initTokenModel(sequelize, options = {}) {
+    const tableName = applyTablePrefix(options.tablePrefix, 'jwttokens');
+    const usePrefixedIndexNames = tableName !== 'jwttokens';
+    const accessIndexName = usePrefixedIndexNames ? `${tableName}_access_unique` : 'jwt_access_unique';
+    const refreshIndexName = usePrefixedIndexNames ? `${tableName}_refresh_unique` : 'jwt_refresh_unique';
+    TokenModel.init({
+        token_id: {
+            type: integerIdType(sequelize),
+            autoIncrement: true,
+            allowNull: false,
+            primaryKey: true
+        },
+        user_id: {
+            type: DataTypes.STRING(191),
+            allowNull: false
+        },
+        real_user_id: {
+            type: DataTypes.STRING(191),
+            allowNull: true,
+            defaultValue: null
+        },
+        expires: {
+            type: DataTypes.DATE,
+            allowNull: false
+        },
+        issued_at: {
+            type: DataTypes.DATE,
+            allowNull: false,
+            defaultValue: DataTypes.NOW
+        },
+        last_seen_at: {
+            type: DataTypes.DATE,
+            allowNull: false,
+            defaultValue: DataTypes.NOW
+        },
+        access: {
+            type: DataTypes.STRING(768),
+            allowNull: false
+        },
+        refresh: {
+            type: DataTypes.STRING(768),
+            allowNull: false
+        },
+        domain: {
+            type: DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        fingerprint: {
+            type: DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        label: {
+            type: DataTypes.STRING(128),
+            allowNull: false,
+            defaultValue: ''
+        },
+        browser: {
+            type: DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        device: {
+            type: DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        ip: {
+            type: DataTypes.STRING(45),
+            allowNull: false,
+            defaultValue: ''
+        },
+        os: {
+            type: DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        login_type: {
+            type: DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        refresh_ttl_seconds: {
+            type: DataTypes.INTEGER,
+            allowNull: true,
+            defaultValue: null
+        },
+        session_cookie: {
+            type: DataTypes.BOOLEAN,
+            allowNull: false,
+            defaultValue: false
+        },
+        client_id: {
+            type: DataTypes.STRING(128),
+            allowNull: true,
+            defaultValue: null
+        },
+        scope: {
+            type: DataTypes.TEXT,
+            allowNull: false,
+            defaultValue: '[]'
+        }
+    }, {
+        ...tableOptions(sequelize, 'jwttokens', options.tablePrefix, { timestamps: false }),
+        indexes: [
+            { name: accessIndexName, unique: true, fields: ['access'] },
+            { name: refreshIndexName, unique: true, fields: ['refresh'] }
+        ]
+    });
+    return TokenModel;
+}
+export class SequelizeTokenStore extends TokenStore {
+    constructor(options) {
+        super();
+        if (!options?.sequelize) {
+            throw new Error('SequelizeTokenStore requires an initialised Sequelize instance');
+        }
+        this.Tokens =
+            options.tokenModel ??
+                (options.tokenModelFactory ?? initTokenModel)(options.sequelize, {
+                    tablePrefix: options.tablePrefix
+                });
+    }
+    async save(record) {
+        const normalized = this.normalizeToken(record);
+        const resolvedUserId = this.normalizeUserId(normalized.userId);
+        const resolvedRealUserId = this.resolveRealUserId(normalized.ruid);
+        const domain = normalized.domain;
+        const fingerprint = normalized.fingerprint;
+        const browser = normalized.browser;
+        const device = normalized.device;
+        const ip = normalized.ip;
+        const os = normalized.os;
+        const label = normalized.label;
+        const loginType = normalized.loginType ?? '';
+        const refreshTtlSeconds = typeof normalized.refreshTtlSeconds === 'number' && normalized.refreshTtlSeconds > 0
+            ? Math.floor(normalized.refreshTtlSeconds)
+            : null;
+        const issuedAt = normalized.issuedAt ?? new Date();
+        const lastSeenAt = normalized.lastSeenAt ?? issuedAt;
+        const sessionCookie = normalized.sessionCookie ?? false;
+        const removalWhere = { user_id: resolvedUserId };
+        if (record.domain !== undefined) {
+            removalWhere.domain = domain;
+        }
+        if (record.fingerprint !== undefined) {
+            removalWhere.fingerprint = fingerprint;
+        }
+        if (normalized.clientId) {
+            removalWhere.client_id = normalized.clientId;
+        }
+        const sequelize = this.Tokens.sequelize;
+        if (!sequelize) {
+            throw new Error('Token model is not bound to a Sequelize instance');
+        }
+        await sequelize.transaction(async (transaction) => {
+            await this.Tokens.destroy({ where: removalWhere, transaction });
+            // Access/refresh columns are unique. Remove stale collisions before insert to avoid
+            // transient uniqueness failures during retries/rotation edge-cases.
+            // Only include non-empty token values to prevent matching unrelated rows.
+            const collisionConditions = [];
+            if (normalized.accessToken) {
+                collisionConditions.push({ access: normalized.accessToken });
+            }
+            if (normalized.refreshToken) {
+                collisionConditions.push({ refresh: normalized.refreshToken });
+            }
+            if (collisionConditions.length > 0) {
+                await this.Tokens.destroy({
+                    where: { [Op.or]: collisionConditions },
+                    transaction
+                });
+            }
+            await this.Tokens.create({
+                user_id: resolvedUserId,
+                real_user_id: resolvedRealUserId,
+                access: normalized.accessToken ?? '',
+                refresh: normalized.refreshToken,
+                expires: normalized.expires,
+                issued_at: issuedAt,
+                last_seen_at: lastSeenAt,
+                domain,
+                fingerprint,
+                label,
+                browser,
+                device,
+                ip,
+                os,
+                client_id: normalized.clientId ?? null,
+                scope: this.encodeScope(normalized.scope),
+                login_type: loginType,
+                refresh_ttl_seconds: refreshTtlSeconds,
+                session_cookie: sessionCookie
+            }, { transaction });
+        });
+    }
+    async get(query, opts) {
+        if (!query.refreshToken && !query.accessToken && query.userId === undefined) {
+            throw new Error('At least one token lookup field must be provided');
+        }
+        const where = {};
+        if (query.refreshToken) {
+            where.refresh = query.refreshToken;
+        }
+        if (query.accessToken) {
+            where.access = query.accessToken;
+        }
+        if (query.userId !== undefined) {
+            where.user_id = this.normalizeUserId(query.userId);
+        }
+        if (query.clientId) {
+            where.client_id = query.clientId;
+        }
+        if (query.domain !== undefined && query.domain !== null) {
+            where.domain = query.domain;
+        }
+        if (query.fingerprint !== undefined && query.fingerprint !== null) {
+            where.fingerprint = query.fingerprint;
+        }
+        if (query.label) {
+            where.label = query.label;
+        }
+        if (!(opts?.includeExpired ?? false)) {
+            where.expires = { [Op.gt]: new Date() };
+        }
+        const model = await this.Tokens.findOne({ where });
+        return model ? this.toTokenRecord(model) : null;
+    }
+    async delete(query) {
+        if (!query.refreshToken && !query.accessToken && query.userId === undefined && !query.clientId) {
+            return 0;
+        }
+        const where = {};
+        if (query.refreshToken) {
+            where.refresh = query.refreshToken;
+        }
+        if (query.accessToken) {
+            where.access = query.accessToken;
+        }
+        if (query.userId !== undefined) {
+            where.user_id = this.normalizeUserId(query.userId);
+        }
+        if (query.clientId) {
+            where.client_id = query.clientId;
+        }
+        if (query.domain !== undefined && query.domain !== null) {
+            where.domain = query.domain;
+        }
+        if (query.fingerprint !== undefined && query.fingerprint !== null) {
+            where.fingerprint = query.fingerprint;
+        }
+        if (query.label) {
+            where.label = query.label;
+        }
+        return this.Tokens.destroy({ where });
+    }
+    async update(params) {
+        const where = { refresh: params.refreshToken };
+        if (params.clientId) {
+            where.client_id = params.clientId;
+        }
+        const updates = {};
+        if (params.accessToken !== undefined && params.accessToken !== null) {
+            updates.access = params.accessToken;
+        }
+        if (params.expires !== undefined && params.expires !== null) {
+            updates.expires = params.expires;
+        }
+        if (params.scope !== undefined) {
+            updates.scope = this.encodeScope(params.scope);
+        }
+        if (params.label !== undefined) {
+            updates.label = params.label ?? '';
+        }
+        if (params.domain !== undefined) {
+            updates.domain = params.domain ?? '';
+        }
+        if (params.fingerprint !== undefined) {
+            updates.fingerprint = params.fingerprint ?? '';
+        }
+        if (params.browser !== undefined) {
+            updates.browser = params.browser ?? '';
+        }
+        if (params.device !== undefined) {
+            updates.device = params.device ?? '';
+        }
+        if (params.ip !== undefined) {
+            updates.ip = params.ip ?? '';
+        }
+        if (params.os !== undefined) {
+            updates.os = params.os ?? '';
+        }
+        if (params.refreshTtlSeconds !== undefined) {
+            updates.refresh_ttl_seconds =
+                typeof params.refreshTtlSeconds === 'number' && params.refreshTtlSeconds > 0
+                    ? Math.floor(params.refreshTtlSeconds)
+                    : null;
+        }
+        if (params.loginType !== undefined) {
+            updates.login_type = params.loginType ?? '';
+        }
+        if (params.sessionCookie !== undefined) {
+            updates.session_cookie = params.sessionCookie;
+        }
+        if (params.issuedAt !== undefined && params.issuedAt !== null) {
+            updates.issued_at = params.issuedAt;
+        }
+        if (params.lastSeenAt !== undefined && params.lastSeenAt !== null) {
+            updates.last_seen_at = params.lastSeenAt;
+        }
+        if (Object.keys(updates).length === 0) {
+            return false;
+        }
+        const sequelize = this.Tokens.sequelize;
+        if (!sequelize) {
+            throw new Error('Token model is not bound to a Sequelize instance');
+        }
+        return sequelize.transaction(async (transaction) => {
+            const [updated] = await this.Tokens.update(updates, { where, transaction });
+            return updated > 0;
+        });
+    }
+    async list(userId, opts = {}) {
+        const where = { user_id: this.normalizeUserId(userId) };
+        if (!(opts.includeExpired ?? false)) {
+            where.expires = { [Op.gt]: new Date() };
+        }
+        const models = await this.Tokens.findAll({
+            where,
+            order: [['issued_at', 'DESC']],
+            limit: opts.limit,
+            offset: opts.offset
+        });
+        return models.map((model) => this.toTokenRecord(model));
+    }
+    async close() {
+        return;
+    }
+    normalizeUserId(identifier) {
+        return normalizeStringUserId(identifier);
+    }
+    resolveRealUserId(ruid) {
+        if (ruid === undefined || ruid === null) {
+            return null;
+        }
+        const value = String(ruid);
+        if (value.length === 0 || value === '0') {
+            return null;
+        }
+        return value;
+    }
+    encodeScope(scope) {
+        if (!scope || (Array.isArray(scope) && scope.length === 0)) {
+            return '[]';
+        }
+        if (Array.isArray(scope)) {
+            return encodeStringArray(scope);
+        }
+        return encodeStringArray(scope.split(/\s+/).filter((entry) => entry.length > 0));
+    }
+    toTokenRecord(model) {
+        const scope = decodeStringArray(model.scope);
+        const normalized = this.normalizeToken({
+            userId: model.user_id,
+            refreshToken: model.refresh,
+            accessToken: model.access,
+            expires: model.expires,
+            issuedAt: model.issued_at,
+            lastSeenAt: model.last_seen_at,
+            domain: model.domain,
+            fingerprint: model.fingerprint,
+            label: model.label,
+            browser: model.browser,
+            device: model.device,
+            ip: model.ip,
+            os: model.os,
+            clientId: model.client_id ?? undefined,
+            scope,
+            loginType: model.login_type || undefined,
+            refreshTtlSeconds: model.refresh_ttl_seconds ?? undefined,
+            ruid: model.real_user_id ?? undefined,
+            sessionCookie: model.session_cookie
+        });
+        return {
+            ...normalized,
+            scope: normalized.scope ? [...normalized.scope] : undefined
+        };
+    }
+}

package/dist/esm/token/types.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+export type TokenStatus = 'active' | 'expired' | 'revoked';
+export interface Token {
+    accessToken: string;
+    refreshToken: string;
+    userId: string;
+    expires?: Date;
+    issuedAt?: Date;
+    lastSeenAt?: Date;
+    status?: TokenStatus;
+    ruid?: string;
+    clientId?: string;
+    /**
+     * Optional session partition key. Token stores may use `domain` and `fingerprint`
+     * to replace previous sessions that match the same bucket.
+     */
+    domain?: string;
+    /**
+     * Optional device/session fingerprint used together with `domain` for session bucketing.
+     */
+    fingerprint?: string;
+    label?: string;
+    browser?: string;
+    device?: string;
+    ip?: string;
+    os?: string;
+    scope?: string[];
+    loginType?: string;
+    refreshTtlSeconds?: number;
+    sessionCookie?: boolean;
+}
+export interface TokenPair {
+    accessToken: string;
+    refreshToken: string;
+}

package/dist/esm/token/types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/esm/upload/memory.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import type { TusAppendInput, TusCreateUploadInput, TusUploadRecord, TusUploadStore } from './types.js';
+export declare class TusUploadOffsetError extends Error {
+    readonly currentOffset: number;
+    constructor(currentOffset: number);
+}
+export declare class TusUploadExceedsLengthError extends Error {
+    constructor();
+}
+export declare class MemoryTusUploadStore implements TusUploadStore {
+    private readonly uploads;
+    private readonly chunks;
+    createUpload(input: TusCreateUploadInput): Promise<TusUploadRecord>;
+    getUpload(uploadId: string): Promise<TusUploadRecord | null>;
+    appendUpload(input: TusAppendInput): Promise<TusUploadRecord>;
+    deleteUpload(uploadId: string): Promise<boolean>;
+    readUpload(uploadId: string): Buffer | null;
+}

package/dist/esm/upload/memory.js ADDED Viewed

@@ -0,0 +1,86 @@
+import { randomUUID } from 'node:crypto';
+function cloneRecord(record) {
+    return {
+        ...record,
+        metadata: { ...record.metadata },
+        createdAt: new Date(record.createdAt),
+        updatedAt: new Date(record.updatedAt),
+        ...(record.completedAt ? { completedAt: new Date(record.completedAt) } : {})
+    };
+}
+export class TusUploadOffsetError extends Error {
+    constructor(currentOffset) {
+        super('Upload offset does not match current offset');
+        this.currentOffset = currentOffset;
+    }
+}
+export class TusUploadExceedsLengthError extends Error {
+    constructor() {
+        super('Upload exceeds declared length');
+    }
+}
+export class MemoryTusUploadStore {
+    constructor() {
+        this.uploads = new Map();
+        this.chunks = new Map();
+    }
+    async createUpload(input) {
+        const id = input.id?.trim() || randomUUID();
+        if (this.uploads.has(id)) {
+            throw new Error(`Upload ${id} already exists`);
+        }
+        const now = new Date();
+        const record = {
+            id,
+            length: Math.max(0, Math.floor(input.length)),
+            offset: 0,
+            metadata: { ...input.metadata },
+            ...(input.userId ? { userId: input.userId } : {}),
+            createdAt: now,
+            updatedAt: now
+        };
+        this.uploads.set(id, record);
+        this.chunks.set(id, []);
+        return cloneRecord(record);
+    }
+    async getUpload(uploadId) {
+        const found = this.uploads.get(uploadId);
+        return found ? cloneRecord(found) : null;
+    }
+    async appendUpload(input) {
+        const current = this.uploads.get(input.uploadId);
+        if (!current) {
+            throw new Error('Upload not found');
+        }
+        if (input.offset !== current.offset) {
+            throw new TusUploadOffsetError(current.offset);
+        }
+        const nextOffset = current.offset + input.chunk.length;
+        if (nextOffset > current.length) {
+            throw new TusUploadExceedsLengthError();
+        }
+        const now = new Date();
+        const updated = {
+            ...current,
+            offset: nextOffset,
+            updatedAt: now,
+            ...(nextOffset === current.length ? { completedAt: now } : {})
+        };
+        this.uploads.set(input.uploadId, updated);
+        if (input.chunk.length > 0) {
+            this.chunks.get(input.uploadId)?.push(Buffer.from(input.chunk));
+        }
+        return cloneRecord(updated);
+    }
+    async deleteUpload(uploadId) {
+        this.chunks.delete(uploadId);
+        return this.uploads.delete(uploadId);
+    }
+    readUpload(uploadId) {
+        const chunks = this.chunks.get(uploadId);
+        if (!chunks) {
+            return null;
+        }
+        return Buffer.concat(chunks);
+    }
+}

package/dist/esm/upload/tus-module.d.ts ADDED Viewed

@@ -0,0 +1,38 @@
+import { ApiModule, type ApiAuthClass, type ApiAuthType, type ApiServer } from '../apicore-server.js';
+import type { TusUploadRecord, TusUploadStore } from './types.js';
+export interface TusUploadModuleOptions {
+    basePath?: string;
+    store?: TusUploadStore;
+    chunkMaxBytes?: number;
+    /** Maximum allowed value for Upload-Length. Defaults to 10 GiB. */
+    uploadMaxBytes?: number;
+    /**
+     * Authentication requirement for all TUS routes.
+     * When omitted, routes are public (no authentication enforced).
+     * Use `{ type: 'yes', req: 'any' }` to require a valid session.
+     */
+    auth?: {
+        type: ApiAuthType;
+        req?: ApiAuthClass;
+    };
+    onUploadComplete?: (upload: TusUploadRecord) => Promise<void> | void;
+}
+export declare class TusUploadModule extends ApiModule<ApiServer> {
+    private readonly basePath;
+    private readonly chunkMaxBytes;
+    private readonly uploadMaxBytes;
+    private readonly store;
+    private readonly auth?;
+    private readonly onUploadComplete?;
+    constructor(options?: TusUploadModuleOptions);
+    onMount(): void;
+    /**
+     * Authenticate the request if an auth config was provided.
+     * Returns false and sends a 401/403 response if auth fails, so the caller
+     * can bail out early with `if (!await this.checkAuth(request, reply)) return`.
+     */
+    private checkAuth;
+    private authFailed;
+    private verifyOwnership;
+    private installTusRoutes;
+}