@topgunbuild/server 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +97 -0
- package/dist/index.d.mts +311 -0
- package/dist/index.d.ts +311 -0
- package/dist/index.js +2915 -0
- package/dist/index.js.map +1 -0
- package/dist/index.mjs +2872 -0
- package/dist/index.mjs.map +1 -0
- package/package.json +45 -0
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,311 @@
|
|
|
1
|
+
import { LWWRecord, ORMapRecord, Principal, PermissionPolicy, LWWMap, ORMap, PermissionType } from '@topgunbuild/core';
|
|
2
|
+
import { WebSocket } from 'ws';
|
|
3
|
+
import { PoolConfig, Pool } from 'pg';
|
|
4
|
+
import pino from 'pino';
|
|
5
|
+
|
|
6
|
+
type ORMapValue<V> = {
|
|
7
|
+
type: 'OR';
|
|
8
|
+
records: ORMapRecord<V>[];
|
|
9
|
+
};
|
|
10
|
+
type ORMapTombstones = {
|
|
11
|
+
type: 'OR_TOMBSTONES';
|
|
12
|
+
tags: string[];
|
|
13
|
+
};
|
|
14
|
+
type StorageValue<V> = LWWRecord<V> | ORMapValue<V> | ORMapTombstones;
|
|
15
|
+
/**
|
|
16
|
+
* Server Persistence Interface (MapStore).
|
|
17
|
+
* Aligned with specifications/06_SERVER_INTEGRATIONS.md
|
|
18
|
+
*
|
|
19
|
+
* Note: We include mapName in all methods because a single storage adapter
|
|
20
|
+
* instance typically handles multiple maps in the system (e.g. single DB connection).
|
|
21
|
+
*/
|
|
22
|
+
interface IServerStorage {
|
|
23
|
+
/**
|
|
24
|
+
* Initialize the storage connection.
|
|
25
|
+
*/
|
|
26
|
+
initialize(): Promise<void>;
|
|
27
|
+
/**
|
|
28
|
+
* Close the storage connection.
|
|
29
|
+
*/
|
|
30
|
+
close(): Promise<void>;
|
|
31
|
+
/**
|
|
32
|
+
* Loads the value of a given key.
|
|
33
|
+
* Called when a client requests a key that is not in the Server RAM (if using partial loading),
|
|
34
|
+
* or during sync.
|
|
35
|
+
*/
|
|
36
|
+
load(mapName: string, key: string): Promise<StorageValue<any> | undefined>;
|
|
37
|
+
/**
|
|
38
|
+
* Loads multiple keys.
|
|
39
|
+
* Optimization for batch requests.
|
|
40
|
+
*/
|
|
41
|
+
loadAll(mapName: string, keys: string[]): Promise<Map<string, StorageValue<any>>>;
|
|
42
|
+
/**
|
|
43
|
+
* Loads all keys from the store for a specific map.
|
|
44
|
+
* Used for pre-loading the cache on startup or understanding dataset size.
|
|
45
|
+
*/
|
|
46
|
+
loadAllKeys(mapName: string): Promise<string[]>;
|
|
47
|
+
/**
|
|
48
|
+
* Stores the key-value pair.
|
|
49
|
+
*/
|
|
50
|
+
store(mapName: string, key: string, record: StorageValue<any>): Promise<void>;
|
|
51
|
+
/**
|
|
52
|
+
* Stores multiple entries.
|
|
53
|
+
* Used for efficient batch writes to the DB.
|
|
54
|
+
*/
|
|
55
|
+
storeAll(mapName: string, records: Map<string, StorageValue<any>>): Promise<void>;
|
|
56
|
+
/**
|
|
57
|
+
* Deletes the entry with the given key.
|
|
58
|
+
*/
|
|
59
|
+
delete(mapName: string, key: string): Promise<void>;
|
|
60
|
+
/**
|
|
61
|
+
* Deletes multiple entries.
|
|
62
|
+
*/
|
|
63
|
+
deleteAll(mapName: string, keys: string[]): Promise<void>;
|
|
64
|
+
}
|
|
65
|
+
|
|
66
|
+
interface ServerOp {
|
|
67
|
+
mapName: string;
|
|
68
|
+
key: string;
|
|
69
|
+
opType: 'PUT' | 'REMOVE' | 'OR_ADD' | 'OR_REMOVE';
|
|
70
|
+
record?: LWWRecord<any>;
|
|
71
|
+
orRecord?: ORMapRecord<any>;
|
|
72
|
+
orTag?: string;
|
|
73
|
+
id?: string;
|
|
74
|
+
}
|
|
75
|
+
interface ConnectionContext {
|
|
76
|
+
clientId: string;
|
|
77
|
+
socket?: WebSocket;
|
|
78
|
+
principal?: Principal;
|
|
79
|
+
isAuthenticated: boolean;
|
|
80
|
+
}
|
|
81
|
+
interface OpContext extends ConnectionContext {
|
|
82
|
+
fromCluster: boolean;
|
|
83
|
+
originalSenderId?: string;
|
|
84
|
+
}
|
|
85
|
+
interface IInterceptor {
|
|
86
|
+
/**
|
|
87
|
+
* Name of the interceptor for logging and debugging.
|
|
88
|
+
*/
|
|
89
|
+
name: string;
|
|
90
|
+
/**
|
|
91
|
+
* Called when a new client connects.
|
|
92
|
+
* Throwing an error here will reject the connection.
|
|
93
|
+
*/
|
|
94
|
+
onConnection?(context: ConnectionContext): Promise<void>;
|
|
95
|
+
/**
|
|
96
|
+
* Called when a client disconnects.
|
|
97
|
+
*/
|
|
98
|
+
onDisconnect?(context: ConnectionContext): Promise<void>;
|
|
99
|
+
/**
|
|
100
|
+
* Called before an operation is applied to the local map/storage.
|
|
101
|
+
* Return the (possibly modified) op.
|
|
102
|
+
* Return null to silently drop the operation (no error sent to client, no persistence).
|
|
103
|
+
* Throwing an error will reject the operation and notify the client.
|
|
104
|
+
*/
|
|
105
|
+
onBeforeOp?(op: ServerOp, context: OpContext): Promise<ServerOp | null>;
|
|
106
|
+
/**
|
|
107
|
+
* Called after an operation has been successfully applied and stored.
|
|
108
|
+
*/
|
|
109
|
+
onAfterOp?(op: ServerOp, context: OpContext): Promise<void>;
|
|
110
|
+
}
|
|
111
|
+
|
|
112
|
+
interface TLSConfig {
|
|
113
|
+
/**
|
|
114
|
+
* Enable TLS for client-facing server (HTTPS + WSS)
|
|
115
|
+
* @default false
|
|
116
|
+
*/
|
|
117
|
+
enabled: boolean;
|
|
118
|
+
/**
|
|
119
|
+
* Path to certificate file (PEM format)
|
|
120
|
+
* Supports chain certificates
|
|
121
|
+
*/
|
|
122
|
+
certPath: string;
|
|
123
|
+
/**
|
|
124
|
+
* Path to private key file (PEM format)
|
|
125
|
+
*/
|
|
126
|
+
keyPath: string;
|
|
127
|
+
/**
|
|
128
|
+
* Path to CA certificate for verifying client certificates
|
|
129
|
+
* Required for mTLS
|
|
130
|
+
* @optional
|
|
131
|
+
*/
|
|
132
|
+
caCertPath?: string;
|
|
133
|
+
/**
|
|
134
|
+
* Minimum TLS version
|
|
135
|
+
* @default 'TLSv1.2'
|
|
136
|
+
*/
|
|
137
|
+
minVersion?: 'TLSv1.2' | 'TLSv1.3';
|
|
138
|
+
/**
|
|
139
|
+
* List of allowed cipher suites
|
|
140
|
+
* @optional - use Node.js defaults if not specified
|
|
141
|
+
*/
|
|
142
|
+
ciphers?: string;
|
|
143
|
+
/**
|
|
144
|
+
* Passphrase for encrypted private key
|
|
145
|
+
* @optional
|
|
146
|
+
*/
|
|
147
|
+
passphrase?: string;
|
|
148
|
+
}
|
|
149
|
+
interface ClusterTLSConfig extends TLSConfig {
|
|
150
|
+
/**
|
|
151
|
+
* Require client certificate (mTLS)
|
|
152
|
+
* @default false
|
|
153
|
+
*/
|
|
154
|
+
requireClientCert?: boolean;
|
|
155
|
+
/**
|
|
156
|
+
* Verify peer certificates
|
|
157
|
+
* Can be disabled in development for self-signed certs
|
|
158
|
+
* @default true
|
|
159
|
+
*/
|
|
160
|
+
rejectUnauthorized?: boolean;
|
|
161
|
+
}
|
|
162
|
+
|
|
163
|
+
interface ServerCoordinatorConfig {
|
|
164
|
+
port: number;
|
|
165
|
+
nodeId: string;
|
|
166
|
+
storage?: IServerStorage;
|
|
167
|
+
jwtSecret?: string;
|
|
168
|
+
host?: string;
|
|
169
|
+
clusterPort?: number;
|
|
170
|
+
peers?: string[];
|
|
171
|
+
securityPolicies?: PermissionPolicy[];
|
|
172
|
+
/** Callback to resolve dynamic peer addresses after ports are known */
|
|
173
|
+
resolvePeers?: () => string[];
|
|
174
|
+
interceptors?: IInterceptor[];
|
|
175
|
+
metricsPort?: number;
|
|
176
|
+
discovery?: 'manual' | 'kubernetes';
|
|
177
|
+
serviceName?: string;
|
|
178
|
+
discoveryInterval?: number;
|
|
179
|
+
tls?: TLSConfig;
|
|
180
|
+
clusterTls?: ClusterTLSConfig;
|
|
181
|
+
}
|
|
182
|
+
declare class ServerCoordinator {
|
|
183
|
+
private httpServer;
|
|
184
|
+
private metricsServer?;
|
|
185
|
+
private metricsService;
|
|
186
|
+
private wss;
|
|
187
|
+
private clients;
|
|
188
|
+
private interceptors;
|
|
189
|
+
private maps;
|
|
190
|
+
private hlc;
|
|
191
|
+
private storage?;
|
|
192
|
+
private jwtSecret;
|
|
193
|
+
private queryRegistry;
|
|
194
|
+
private cluster;
|
|
195
|
+
private partitionService;
|
|
196
|
+
private lockManager;
|
|
197
|
+
private topicManager;
|
|
198
|
+
private securityManager;
|
|
199
|
+
private systemManager;
|
|
200
|
+
private pendingClusterQueries;
|
|
201
|
+
private gcInterval?;
|
|
202
|
+
private gcReports;
|
|
203
|
+
private mapLoadingPromises;
|
|
204
|
+
private _actualPort;
|
|
205
|
+
private _actualClusterPort;
|
|
206
|
+
private _readyPromise;
|
|
207
|
+
private _readyResolve;
|
|
208
|
+
constructor(config: ServerCoordinatorConfig);
|
|
209
|
+
/** Wait for server to be fully ready (ports assigned) */
|
|
210
|
+
ready(): Promise<void>;
|
|
211
|
+
/** Get the actual port the server is listening on */
|
|
212
|
+
get port(): number;
|
|
213
|
+
/** Get the actual cluster port */
|
|
214
|
+
get clusterPort(): number;
|
|
215
|
+
shutdown(): Promise<void>;
|
|
216
|
+
private handleConnection;
|
|
217
|
+
private handleMessage;
|
|
218
|
+
private updateClientHlc;
|
|
219
|
+
private broadcast;
|
|
220
|
+
private setupClusterListeners;
|
|
221
|
+
private executeLocalQuery;
|
|
222
|
+
private finalizeClusterQuery;
|
|
223
|
+
private handleLockGranted;
|
|
224
|
+
private processLocalOp;
|
|
225
|
+
private handleClusterEvent;
|
|
226
|
+
getMap(name: string, typeHint?: 'LWW' | 'OR'): LWWMap<string, any> | ORMap<string, any>;
|
|
227
|
+
/**
|
|
228
|
+
* Returns map after ensuring it's fully loaded from storage.
|
|
229
|
+
* Use this for queries to avoid returning empty results during initial load.
|
|
230
|
+
*/
|
|
231
|
+
getMapAsync(name: string, typeHint?: 'LWW' | 'OR'): Promise<LWWMap<string, any> | ORMap<string, any>>;
|
|
232
|
+
private loadMapFromStorage;
|
|
233
|
+
private startGarbageCollection;
|
|
234
|
+
private reportLocalHlc;
|
|
235
|
+
private handleGcReport;
|
|
236
|
+
private performGarbageCollection;
|
|
237
|
+
private buildTLSOptions;
|
|
238
|
+
}
|
|
239
|
+
|
|
240
|
+
interface PostgresAdapterOptions {
|
|
241
|
+
tableName?: string;
|
|
242
|
+
}
|
|
243
|
+
declare class PostgresAdapter implements IServerStorage {
|
|
244
|
+
private pool;
|
|
245
|
+
private tableName;
|
|
246
|
+
constructor(configOrPool: PoolConfig | Pool, options?: PostgresAdapterOptions);
|
|
247
|
+
initialize(): Promise<void>;
|
|
248
|
+
close(): Promise<void>;
|
|
249
|
+
load(mapName: string, key: string): Promise<StorageValue<any> | undefined>;
|
|
250
|
+
loadAll(mapName: string, keys: string[]): Promise<Map<string, StorageValue<any>>>;
|
|
251
|
+
loadAllKeys(mapName: string): Promise<string[]>;
|
|
252
|
+
store(mapName: string, key: string, record: StorageValue<any>): Promise<void>;
|
|
253
|
+
storeAll(mapName: string, records: Map<string, StorageValue<any>>): Promise<void>;
|
|
254
|
+
delete(mapName: string, key: string): Promise<void>;
|
|
255
|
+
deleteAll(mapName: string, keys: string[]): Promise<void>;
|
|
256
|
+
private mapRowToRecord;
|
|
257
|
+
private isORMapValue;
|
|
258
|
+
}
|
|
259
|
+
|
|
260
|
+
/**
|
|
261
|
+
* In-memory implementation of IServerStorage.
|
|
262
|
+
* Useful for development, testing, and demos without requiring a database.
|
|
263
|
+
*
|
|
264
|
+
* Note: Data is lost when the server restarts.
|
|
265
|
+
*/
|
|
266
|
+
declare class MemoryServerAdapter implements IServerStorage {
|
|
267
|
+
private storage;
|
|
268
|
+
initialize(): Promise<void>;
|
|
269
|
+
close(): Promise<void>;
|
|
270
|
+
private getMap;
|
|
271
|
+
load(mapName: string, key: string): Promise<StorageValue<any> | undefined>;
|
|
272
|
+
loadAll(mapName: string, keys: string[]): Promise<Map<string, StorageValue<any>>>;
|
|
273
|
+
loadAllKeys(mapName: string): Promise<string[]>;
|
|
274
|
+
store(mapName: string, key: string, record: StorageValue<any>): Promise<void>;
|
|
275
|
+
storeAll(mapName: string, records: Map<string, StorageValue<any>>): Promise<void>;
|
|
276
|
+
delete(mapName: string, key: string): Promise<void>;
|
|
277
|
+
deleteAll(mapName: string, keys: string[]): Promise<void>;
|
|
278
|
+
}
|
|
279
|
+
|
|
280
|
+
declare class SecurityManager {
|
|
281
|
+
private policies;
|
|
282
|
+
constructor(policies?: PermissionPolicy[]);
|
|
283
|
+
addPolicy(policy: PermissionPolicy): void;
|
|
284
|
+
checkPermission(principal: Principal, mapName: string, action: PermissionType): boolean;
|
|
285
|
+
filterObject(object: any, principal: Principal, mapName: string): any;
|
|
286
|
+
private hasRole;
|
|
287
|
+
private matchesMap;
|
|
288
|
+
}
|
|
289
|
+
|
|
290
|
+
declare const logger: pino.Logger<never, boolean>;
|
|
291
|
+
type Logger = typeof logger;
|
|
292
|
+
|
|
293
|
+
declare class TimestampInterceptor implements IInterceptor {
|
|
294
|
+
name: string;
|
|
295
|
+
onBeforeOp(op: ServerOp, context: OpContext): Promise<ServerOp>;
|
|
296
|
+
}
|
|
297
|
+
|
|
298
|
+
interface RateLimitConfig {
|
|
299
|
+
windowMs: number;
|
|
300
|
+
maxOps: number;
|
|
301
|
+
}
|
|
302
|
+
declare class RateLimitInterceptor implements IInterceptor {
|
|
303
|
+
name: string;
|
|
304
|
+
private limits;
|
|
305
|
+
private config;
|
|
306
|
+
constructor(config?: RateLimitConfig);
|
|
307
|
+
onBeforeOp(op: ServerOp, context: OpContext): Promise<ServerOp | null>;
|
|
308
|
+
onDisconnect(context: any): Promise<void>;
|
|
309
|
+
}
|
|
310
|
+
|
|
311
|
+
export { type ConnectionContext, type IInterceptor, type IServerStorage, type Logger, MemoryServerAdapter, type ORMapTombstones, type ORMapValue, type OpContext, PostgresAdapter, type PostgresAdapterOptions, RateLimitInterceptor, SecurityManager, ServerCoordinator, type ServerCoordinatorConfig, type ServerOp, type StorageValue, TimestampInterceptor, logger };
|