@tetrascience-npm/request 0.2.0-beta.106.2

package/dist/cli/templates.js

@@ -0,0 +1,165 @@
+"use strict";
+/**
+ * Shared template functions used by init-client and generate-client CLIs.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deriveServiceName = deriveServiceName;
+exports.generateTsConfig = generateTsConfig;
+exports.generateIndexTs = generateIndexTs;
+exports.generateClientPackageJson = generateClientPackageJson;
+exports.generateClientGitIgnore = generateClientGitIgnore;
+exports.generateYarnRc = generateYarnRc;
+/**
+ * Derive a PascalCase service name from the npm package name.
+ * @example "@tetrascience/data-apps-client" -> "DataApps"
+ * @example "@tetrascience/pipeline-client" -> "Pipeline"
+ */
+function deriveServiceName(packageName) {
+    const bare = packageName.replace(/^@[^/]+\//, '').replace(/-client$/, '');
+    return bare
+        .split('-')
+        .map((w) => w.charAt(0).toUpperCase() + w.slice(1))
+        .join('');
+}
+function generateTsConfig() {
+    const config = {
+        compilerOptions: {
+            target: 'ES2020',
+            module: 'node16',
+            moduleResolution: 'node16',
+            lib: ['ES2020'],
+            declaration: true,
+            strict: true,
+            esModuleInterop: true,
+            skipLibCheck: true,
+            outDir: 'dist',
+            rootDir: '.',
+        },
+        include: ['index.ts', 'generated/**/*.ts'],
+        exclude: ['node_modules', 'dist'],
+    };
+    return JSON.stringify(config, null, 2) + '\n';
+}
+/**
+ * PascalCase a variant name for use as a type name.
+ * @example "internal" -> "Internal", "public-api" -> "PublicApi"
+ */
+function pascalCase(s) {
+    return s
+        .split(/[-_]/)
+        .map((w) => w.charAt(0).toUpperCase() + w.slice(1))
+        .join('');
+}
+/**
+ * Generate index.ts for a client package.
+ *
+ * @param serviceName - PascalCase service name (e.g. "DataApps")
+ * @param specVariants - null for single-spec, or an array of variant names (e.g. ["internal", "public"])
+ */
+function generateIndexTs(serviceName, specVariants) {
+    const factoryName = `create${serviceName}Client`;
+    const typeName = `${serviceName}Client`;
+    const optionsName = `${serviceName}ClientOptions`;
+    if (!specVariants || specVariants.length === 0) {
+        // Single-spec template
+        return `import { createClient, applyDefaultMiddleware } from '@tetrascience-npm/request'
+import type { ServiceClientOptions } from '@tetrascience-npm/request'
+import type { paths } from './generated/schema'
+import { requestBodySchemas } from './generated/request-schemas'
+
+export type * from './generated/schema'
+export type { InternalAuth, DirectAuth, ServiceClientOptions } from '@tetrascience-npm/request'
+
+export type ${optionsName} = ServiceClientOptions
+
+export function ${factoryName}(options: ${optionsName}) {
+  const client = createClient<paths>({
+    baseUrl: options.baseUrl,
+    headers: options.headers,
+  })
+
+  applyDefaultMiddleware(client, options, requestBodySchemas)
+
+  return client
+}
+
+export type ${typeName} = ReturnType<typeof ${factoryName}>
+`;
+    }
+    // Multi-spec template
+    const pathImports = specVariants
+        .map((v) => `import type { paths as ${pascalCase(v)}Paths } from './generated/${v}.schema'`)
+        .join('\n');
+    const schemaImports = specVariants
+        .map((v) => `import { requestBodySchemas as ${v}Schemas } from './generated/${v}.request-schemas'`)
+        .join('\n');
+    const pathTypes = specVariants.map((v) => `${pascalCase(v)}Paths`);
+    const pathUnion = pathTypes.join(' | ');
+    const defaultPath = pathTypes[0];
+    const pathExports = specVariants.map((v) => `  ${pascalCase(v)}Paths`).join(',\n');
+    const schemaMerge = specVariants.map((v) => `...${v}Schemas`).join(', ');
+    return `import { createClient, applyDefaultMiddleware } from '@tetrascience-npm/request'
+import type { ServiceClientOptions } from '@tetrascience-npm/request'
+${pathImports}
+${schemaImports}
+
+export type {
+${pathExports},
+}
+export type { InternalAuth, DirectAuth, ServiceClientOptions } from '@tetrascience-npm/request'
+
+const allSchemas = { ${schemaMerge} }
+
+export type ${optionsName} = ServiceClientOptions
+
+export function ${factoryName}<P extends ${pathUnion} = ${defaultPath}>(options: ${optionsName}) {
+  const client = createClient<P>({
+    baseUrl: options.baseUrl,
+    headers: options.headers,
+  })
+
+  applyDefaultMiddleware(client, options, allSchemas)
+
+  return client
+}
+
+export type ${typeName}<P extends ${pathUnion} = ${defaultPath}> = ReturnType<typeof ${factoryName}<P>>
+`;
+}
+function generateClientPackageJson(config) {
+    const pkg = {
+        name: config.packageName,
+        version: config.version,
+        description: config.description || `Typed client for the ${config.serviceName} service API`,
+        main: 'dist/index.js',
+        types: 'dist/index.d.ts',
+        files: ['dist'],
+        scripts: {
+            build: 'tsc --project tsconfig.build.json',
+            prepack: 'yarn build',
+        },
+        dependencies: {
+            '@tetrascience-npm/request': config.middlewareVersion,
+            'openapi-fetch': '^0.17.0',
+            zod: '^3.24.0',
+        },
+        devDependencies: {
+            typescript: '^5.7.3',
+        },
+    };
+    return JSON.stringify(pkg, null, 2) + '\n';
+}
+function generateClientGitIgnore() {
+    return `node_modules/
+dist/
+.yarn/
+`;
+}
+function generateYarnRc() {
+    return `nodeLinker: node-modules
+
+npmScopes:
+  tetrascience:
+    npmRegistryServer: "https://tetrascience.jfrog.io/artifactory/api/npm/ts-npm-virtual/"
+`;
+}

package/dist/client/console-logger.d.ts

@@ -0,0 +1,10 @@
+import type { RequestTrackingLogger } from '../shared/types';
+import type { ConsoleLoggerOptions } from './types';
+/**
+ * Create a structured console logger for request tracking.
+ *
+ * Outputs structured log entries to the browser console, including the
+ * requestId from metadata for correlation with backend logs.
+ */
+export declare function createConsoleLogger(options?: ConsoleLoggerOptions): RequestTrackingLogger;
+//# sourceMappingURL=console-logger.d.ts.map

package/dist/client/console-logger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"console-logger.d.ts","sourceRoot":"","sources":["../../src/client/console-logger.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAC,qBAAqB,EAAC,MAAM,iBAAiB,CAAC;AAC3D,OAAO,KAAK,EAAC,oBAAoB,EAAC,MAAM,SAAS,CAAC;AAKlD;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,CAAC,EAAE,oBAAoB,GAAG,qBAAqB,CA8BzF"}

package/dist/client/console-logger.js

@@ -0,0 +1,42 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createConsoleLogger = createConsoleLogger;
+const LOG_LEVELS = { debug: 0, info: 1, warn: 2, error: 3 };
+/**
+ * Create a structured console logger for request tracking.
+ *
+ * Outputs structured log entries to the browser console, including the
+ * requestId from metadata for correlation with backend logs.
+ */
+function createConsoleLogger(options) {
+    const minLevel = LOG_LEVELS[options?.level ?? 'info'];
+    const prefix = options?.prefix;
+    const formatMessage = (message) => (prefix ? `[${prefix}] ${message}` : message);
+    const shouldLog = (level) => LOG_LEVELS[level] >= minLevel;
+    const log = (method, message, meta) => {
+        if (meta !== undefined) {
+            console[method](formatMessage(message), meta);
+        }
+        else {
+            console[method](formatMessage(message));
+        }
+    };
+    return {
+        debug(message, meta) {
+            if (shouldLog('debug'))
+                log('debug', message, meta);
+        },
+        info(message, meta) {
+            if (shouldLog('info'))
+                log('info', message, meta);
+        },
+        warn(message, meta) {
+            if (shouldLog('warn'))
+                log('warn', message, meta);
+        },
+        error(message, meta) {
+            if (shouldLog('error'))
+                log('error', message, meta);
+        },
+    };
+}

package/dist/client/index.d.ts

@@ -0,0 +1,4 @@
+export * from './types';
+export * from './console-logger';
+export * from './install-middleware';
+//# sourceMappingURL=index.d.ts.map

package/dist/client/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAC;AACxB,cAAc,kBAAkB,CAAC;AACjC,cAAc,sBAAsB,CAAC"}

package/dist/client/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./types"), exports);
+__exportStar(require("./console-logger"), exports);
+__exportStar(require("./install-middleware"), exports);

package/dist/client/install-middleware.d.ts

@@ -0,0 +1,31 @@
+import type { ClientTrackingOptions } from './types';
+/**
+ * Install request middleware on the global `fetch` function.
+ *
+ * Automatically injects `ts-request-id` and `ts-session-id` headers
+ * on every outgoing request. Session ID is persisted in a cookie
+ * with a 30-minute sliding expiry.
+ *
+ * Safe to call multiple times — subsequent calls return the existing
+ * uninstall function without re-patching (important for Module Federation
+ * where multiple micro-frontends share `globalThis`).
+ *
+ * **Limitations:**
+ * - Only patches `fetch()`. Libraries using `XMLHttpRequest` or `axios`
+ *   are not covered.
+ * - Code that captures `window.fetch` before this runs (e.g.
+ *   `const myFetch = window.fetch` at import time) will hold a
+ *   reference to the unpatched fetch.
+ *
+ * @returns An uninstall function that restores the original `fetch`
+ *   and clears the session cookie.
+ *
+ * @example
+ * ```ts
+ * import { installRequestMiddleware } from '@tetrascience-npm/request/client'
+ *
+ * installRequestMiddleware()
+ * ```
+ */
+export declare function installRequestMiddleware(options?: ClientTrackingOptions): () => void;
+//# sourceMappingURL=install-middleware.d.ts.map

package/dist/client/install-middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"install-middleware.d.ts","sourceRoot":"","sources":["../../src/client/install-middleware.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAC,qBAAqB,EAAC,MAAM,SAAS,CAAC;AAqCnD;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,CAAC,EAAE,qBAAqB,GAAG,MAAM,IAAI,CA+DpF"}

package/dist/client/install-middleware.js

@@ -0,0 +1,117 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.installRequestMiddleware = installRequestMiddleware;
+const constants_1 = require("../shared/constants");
+const generate_request_id_1 = require("../shared/generate-request-id");
+const sanitize_url_1 = require("../shared/sanitize-url");
+const SESSION_COOKIE_MAX_AGE = 30 * 60; // 30 minutes, refreshed on each request
+const INSTALLED_KEY = '__ts_request_middleware_installed__';
+/**
+ * Get or create a session ID from cookies.
+ * Creates a new UUID and stores it as a cookie if not already present.
+ * Refreshes the cookie expiry on each call (sliding window).
+ *
+ * The cookie is written without a Domain attribute — the server's
+ * createRequestMiddleware() sets the correct cross-subdomain Domain
+ * (from COOKIE_DOMAIN env var) on the response. The browser-set cookie
+ * is just a fallback for the first request before the server responds.
+ */
+function getOrCreateSessionId() {
+    const match = document.cookie.match(new RegExp(`(?:^|; )${constants_1.SESSION_ID_HEADER}=([^;]*)`));
+    if (match) {
+        // Refresh expiry
+        document.cookie = `${constants_1.SESSION_ID_HEADER}=${match[1]}; path=/; max-age=${SESSION_COOKIE_MAX_AGE}; SameSite=Lax; Secure`;
+        return match[1];
+    }
+    const sessionId = (0, generate_request_id_1.generateRequestId)();
+    document.cookie = `${constants_1.SESSION_ID_HEADER}=${sessionId}; path=/; max-age=${SESSION_COOKIE_MAX_AGE}; SameSite=Lax; Secure`;
+    return sessionId;
+}
+/**
+ * Clear the session cookie.
+ */
+function clearSessionCookie() {
+    if (typeof document !== 'undefined') {
+        document.cookie = `${constants_1.SESSION_ID_HEADER}=; path=/; max-age=0; SameSite=Lax; Secure`;
+    }
+}
+/**
+ * Install request middleware on the global `fetch` function.
+ *
+ * Automatically injects `ts-request-id` and `ts-session-id` headers
+ * on every outgoing request. Session ID is persisted in a cookie
+ * with a 30-minute sliding expiry.
+ *
+ * Safe to call multiple times — subsequent calls return the existing
+ * uninstall function without re-patching (important for Module Federation
+ * where multiple micro-frontends share `globalThis`).
+ *
+ * **Limitations:**
+ * - Only patches `fetch()`. Libraries using `XMLHttpRequest` or `axios`
+ *   are not covered.
+ * - Code that captures `window.fetch` before this runs (e.g.
+ *   `const myFetch = window.fetch` at import time) will hold a
+ *   reference to the unpatched fetch.
+ *
+ * @returns An uninstall function that restores the original `fetch`
+ *   and clears the session cookie.
+ *
+ * @example
+ * ```ts
+ * import { installRequestMiddleware } from '@tetrascience-npm/request/client'
+ *
+ * installRequestMiddleware()
+ * ```
+ */
+function installRequestMiddleware(options) {
+    // Guard against double-install (Module Federation, multiple micro-frontends)
+    const existing = globalThis[INSTALLED_KEY];
+    if (existing) {
+        return existing.uninstall;
+    }
+    const { logger } = options ?? {};
+    const originalFetch = globalThis.fetch;
+    globalThis.fetch = (input, init) => {
+        // Merge headers: start from the Request's headers (if input is a Request),
+        // then layer on init?.headers, then add tracking headers.
+        const inputHeaders = input instanceof Request ? input.headers : undefined;
+        const headers = new Headers(inputHeaders);
+        if (init?.headers) {
+            new Headers(init.headers).forEach((value, key) => headers.set(key, value));
+        }
+        if (!headers.has(constants_1.REQUEST_ID_HEADER)) {
+            headers.set(constants_1.REQUEST_ID_HEADER, (0, generate_request_id_1.generateRequestId)());
+        }
+        const requestId = headers.get(constants_1.REQUEST_ID_HEADER);
+        if (!headers.has(constants_1.SESSION_ID_HEADER) && typeof document !== 'undefined') {
+            headers.set(constants_1.SESSION_ID_HEADER, getOrCreateSessionId());
+        }
+        const url = typeof input === 'string' ? input : input instanceof URL ? input.href : input.url;
+        logger?.debug('Outgoing request', {
+            requestId,
+            path: (0, sanitize_url_1.sanitizeUrl)(url),
+        });
+        return originalFetch(input, { ...init, headers }).then((response) => {
+            logger?.debug('Response received', {
+                requestId,
+                path: (0, sanitize_url_1.sanitizeUrl)(url),
+                status: response.status,
+            });
+            return response;
+        }, (error) => {
+            logger?.error('Request failed', {
+                requestId,
+                path: (0, sanitize_url_1.sanitizeUrl)(url),
+                error: error instanceof Error ? error.message : String(error),
+            });
+            throw error;
+        });
+    };
+    const uninstall = () => {
+        globalThis.fetch = originalFetch;
+        clearSessionCookie();
+        delete globalThis[INSTALLED_KEY];
+    };
+    globalThis[INSTALLED_KEY] = { uninstall };
+    return uninstall;
+}

package/dist/client/types.d.ts

@@ -0,0 +1,13 @@
+import type { RequestTrackingLogger } from '../shared/types';
+export interface ConsoleLoggerOptions {
+    /** Prefix prepended to all log messages. */
+    prefix?: string;
+    /** Minimum log level. Defaults to 'info'. */
+    level?: 'debug' | 'info' | 'warn' | 'error';
+}
+/** Options for installRequestTracking (browser global fetch patching). */
+export interface ClientTrackingOptions {
+    /** If provided, logs each outgoing request/response with the request ID. */
+    logger?: RequestTrackingLogger;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/client/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/client/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAC,qBAAqB,EAAC,MAAM,iBAAiB,CAAC;AAE3D,MAAM,WAAW,oBAAoB;IACpC,4CAA4C;IAC5C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,6CAA6C;IAC7C,KAAK,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;CAC5C;AAED,0EAA0E;AAC1E,MAAM,WAAW,qBAAqB;IACrC,4EAA4E;IAC5E,MAAM,CAAC,EAAE,qBAAqB,CAAC;CAC/B"}

package/dist/client/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+export * from './shared';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC"}

package/dist/index.js

@@ -0,0 +1,17 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./shared"), exports);

package/dist/server/index.d.ts

@@ -0,0 +1,5 @@
+export * from './types';
+export * from './request-context';
+export * from './request-middleware';
+export { REQUEST_ID_HEADER } from '../shared/constants';
+//# sourceMappingURL=index.d.ts.map

package/dist/server/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAC;AACxB,cAAc,mBAAmB,CAAC;AAClC,cAAc,sBAAsB,CAAC;AAIrC,OAAO,EAAC,iBAAiB,EAAC,MAAM,qBAAqB,CAAC"}

package/dist/server/index.js

@@ -0,0 +1,24 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.REQUEST_ID_HEADER = void 0;
+__exportStar(require("./types"), exports);
+__exportStar(require("./request-context"), exports);
+__exportStar(require("./request-middleware"), exports);
+// Constant re-exported for convenience (commonly used with request context)
+// eslint-disable-next-line no-restricted-syntax
+var constants_1 = require("../shared/constants");
+Object.defineProperty(exports, "REQUEST_ID_HEADER", { enumerable: true, get: function () { return constants_1.REQUEST_ID_HEADER; } });

package/dist/server/request-context.d.ts

@@ -0,0 +1,27 @@
+import type { RequestContext } from './types';
+/**
+ * Get the current request context.
+ * Returns an empty object if no context has been set.
+ */
+export declare function getRequestContext(): Partial<RequestContext>;
+/**
+ * Run a function within a request context. The context is scoped to the
+ * callback and its async descendants, providing proper isolation.
+ *
+ * @example
+ * ```ts
+ * app.use((req, res, next) => {
+ *   runWithRequestContext({ requestId }, () => next())
+ * })
+ * ```
+ */
+export declare function runWithRequestContext<T>(context: RequestContext, fn: () => T): T;
+/**
+ * Run a function with no request context. Useful for testing isolation.
+ */
+export declare function runWithoutRequestContext<T>(fn: () => T): T;
+/**
+ * Get the request ID from the current context, or generate a new UUID.
+ */
+export declare function getRequestId(): string;
+//# sourceMappingURL=request-context.d.ts.map

package/dist/server/request-context.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-context.d.ts","sourceRoot":"","sources":["../../src/server/request-context.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,SAAS,CAAC;AAI5C;;;GAGG;AACH,wBAAgB,iBAAiB,IAAI,OAAO,CAAC,cAAc,CAAC,CAE3D;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,qBAAqB,CAAC,CAAC,EAAE,OAAO,EAAE,cAAc,EAAE,EAAE,EAAE,MAAM,CAAC,GAAG,CAAC,CAEhF;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,GAAG,CAAC,CAE1D;AAED;;GAEG;AACH,wBAAgB,YAAY,IAAI,MAAM,CAErC"}

package/dist/server/request-context.js

@@ -0,0 +1,42 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getRequestContext = getRequestContext;
+exports.runWithRequestContext = runWithRequestContext;
+exports.runWithoutRequestContext = runWithoutRequestContext;
+exports.getRequestId = getRequestId;
+const async_hooks_1 = require("async_hooks");
+const crypto_1 = require("crypto");
+const asyncLocalStorage = new async_hooks_1.AsyncLocalStorage();
+/**
+ * Get the current request context.
+ * Returns an empty object if no context has been set.
+ */
+function getRequestContext() {
+    return asyncLocalStorage.getStore() ?? {};
+}
+/**
+ * Run a function within a request context. The context is scoped to the
+ * callback and its async descendants, providing proper isolation.
+ *
+ * @example
+ * ```ts
+ * app.use((req, res, next) => {
+ *   runWithRequestContext({ requestId }, () => next())
+ * })
+ * ```
+ */
+function runWithRequestContext(context, fn) {
+    return asyncLocalStorage.run(context, fn);
+}
+/**
+ * Run a function with no request context. Useful for testing isolation.
+ */
+function runWithoutRequestContext(fn) {
+    return asyncLocalStorage.exit(fn);
+}
+/**
+ * Get the request ID from the current context, or generate a new UUID.
+ */
+function getRequestId() {
+    return getRequestContext().requestId ?? (0, crypto_1.randomUUID)();
+}

package/dist/server/request-middleware.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Minimal Express-compatible types so we don't depend on @types/express.
+ */
+interface IncomingRequest {
+    headers: Record<string, string | string[] | undefined>;
+}
+interface ServerResponse {
+    setHeader?(name: string, value: string): void;
+}
+type NextFunction = () => void;
+type ExpressMiddleware = (req: IncomingRequest, res: ServerResponse, next: NextFunction) => void;
+export declare function createRequestMiddleware(): ExpressMiddleware;
+export {};
+//# sourceMappingURL=request-middleware.d.ts.map

package/dist/server/request-middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-middleware.d.ts","sourceRoot":"","sources":["../../src/server/request-middleware.ts"],"names":[],"mappings":"AAIA;;GAEG;AACH,UAAU,eAAe;IACxB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,CAAC;CACvD;AACD,UAAU,cAAc;IACvB,SAAS,CAAC,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CAC9C;AACD,KAAK,YAAY,GAAG,MAAM,IAAI,CAAC;AAC/B,KAAK,iBAAiB,GAAG,CAAC,GAAG,EAAE,eAAe,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE,YAAY,KAAK,IAAI,CAAC;AAwDjG,wBAAgB,uBAAuB,IAAI,iBAAiB,CAyB3D"}

package/dist/server/request-middleware.js

@@ -0,0 +1,82 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createRequestMiddleware = createRequestMiddleware;
+const crypto_1 = require("crypto");
+const constants_1 = require("../shared/constants");
+const request_context_1 = require("./request-context");
+const SESSION_COOKIE_MAX_AGE = 30 * 60; // 30 minutes, matching the browser cookie
+/**
+ * Parse a named value from the Cookie header.
+ */
+function getCookie(req, name) {
+    const header = req.headers.cookie;
+    if (!header)
+        return undefined;
+    const match = header.match(new RegExp(`(?:^|; )${name}=([^;]*)`));
+    return match?.[1];
+}
+/**
+ * Express middleware that sets up request context for tracing and auth.
+ *
+ * Reads from incoming headers and cookies:
+ * - `ts-request-id` — generates UUID if missing
+ * - `ts-session-id` — generates UUID if missing, sets cookie for persistence
+ * - `x-org-slug` — from header or cookie
+ * - `ts-auth-token` — from header or cookie
+ *
+ * Parses cookies internally — no need for `cookie-parser`.
+ *
+ * All downstream code can access the context via `getRequestContext()`.
+ * Generated clients auto-resolve auth and tracing from this context.
+ *
+ * @example
+ * ```ts
+ * import express from 'express';
+ * import { createRequestMiddleware } from '@tetrascience-npm/request/server';
+ *
+ * const app = express();
+ * app.use(createRequestMiddleware());
+ * ```
+ */
+/**
+ * Derive cookie domain from env vars (same logic as TDP's getCookieDomain).
+ * COOKIE_DOMAIN is set on data apps; SERVICE_URI on the TDP web service.
+ */
+function deriveServerCookieDomain() {
+    const cookieDomain = process.env.COOKIE_DOMAIN;
+    if (cookieDomain)
+        return cookieDomain.startsWith('.') ? cookieDomain : '.' + cookieDomain;
+    const serviceUri = process.env.SERVICE_URI;
+    if (serviceUri) {
+        try {
+            return '.' + new URL(serviceUri).hostname;
+        }
+        catch {
+            // fall through
+        }
+    }
+    return undefined;
+}
+function createRequestMiddleware() {
+    const cookieDomain = deriveServerCookieDomain();
+    return (req, res, next) => {
+        const requestId = req.headers[constants_1.REQUEST_ID_HEADER] || (0, crypto_1.randomUUID)();
+        // Session: header → cookie → generate
+        let sessionId = req.headers[constants_1.SESSION_ID_HEADER]
+            || getCookie(req, constants_1.SESSION_ID_HEADER);
+        if (!sessionId) {
+            sessionId = (0, crypto_1.randomUUID)();
+        }
+        // Always refresh the session cookie (sliding expiry)
+        let setCookie = `${constants_1.SESSION_ID_HEADER}=${sessionId}; Path=/; Max-Age=${SESSION_COOKIE_MAX_AGE}; SameSite=Lax; Secure`;
+        if (cookieDomain)
+            setCookie += `; Domain=${cookieDomain}`;
+        res.setHeader?.('Set-Cookie', setCookie);
+        // Auth: header → cookie (optional, may not be present for background jobs)
+        const orgSlug = req.headers[constants_1.ORG_SLUG_HEADER]
+            || getCookie(req, constants_1.ORG_SLUG_HEADER);
+        const authToken = req.headers[constants_1.AUTH_TOKEN_HEADER]
+            || getCookie(req, constants_1.AUTH_TOKEN_HEADER);
+        (0, request_context_1.runWithRequestContext)({ requestId, sessionId, orgSlug, authToken }, () => next());
+    };
+}