@venturekit/runtime 0.0.0-dev.20260307234057

package/dist/middleware.js

@@ -0,0 +1,147 @@
+"use strict";
+/**
+ * VentureKit Middleware
+ *
+ * Composable middleware for request processing.
+ * Extensible for auth, tenancy, rate limiting, etc.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.compose = compose;
+exports.loggingMiddleware = loggingMiddleware;
+exports.corsMiddleware = corsMiddleware;
+exports.timeoutMiddleware = timeoutMiddleware;
+exports.errorBoundaryMiddleware = errorBoundaryMiddleware;
+/**
+ * Compose multiple middleware into a single function
+ */
+function compose(middlewares) {
+    return async (ctx, finalHandler) => {
+        let index = -1;
+        const dispatch = async (i) => {
+            if (i <= index) {
+                throw new Error('next() called multiple times');
+            }
+            index = i;
+            if (i >= middlewares.length) {
+                return finalHandler();
+            }
+            const middleware = middlewares[i];
+            return middleware.fn(ctx, () => dispatch(i + 1));
+        };
+        return dispatch(0);
+    };
+}
+/**
+ * Logging middleware - logs request/response
+ */
+function loggingMiddleware(logger) {
+    return {
+        name: 'logging',
+        fn: async (ctx, next) => {
+            const start = Date.now();
+            logger.info('Request started', {
+                method: ctx.method,
+                path: ctx.path,
+                sourceIp: ctx.sourceIp,
+            });
+            try {
+                const response = await next();
+                const duration = Date.now() - start;
+                logger.info('Request completed', {
+                    method: ctx.method,
+                    path: ctx.path,
+                    statusCode: typeof response === 'object' ? response.statusCode : undefined,
+                    duration,
+                });
+                return response;
+            }
+            catch (error) {
+                const duration = Date.now() - start;
+                logger.error('Request failed', {
+                    method: ctx.method,
+                    path: ctx.path,
+                    duration,
+                    error: error instanceof Error ? error.message : 'Unknown error',
+                });
+                throw error;
+            }
+        },
+    };
+}
+/**
+ * CORS middleware - adds CORS headers
+ */
+function corsMiddleware(options) {
+    return {
+        name: 'cors',
+        fn: async (ctx, next) => {
+            const origin = ctx.rawEvent.headers?.origin || '';
+            const allowedOrigin = options.allowOrigins.includes('*')
+                ? '*'
+                : options.allowOrigins.includes(origin)
+                    ? origin
+                    : '';
+            // Handle preflight
+            if (ctx.method === 'OPTIONS') {
+                return {
+                    statusCode: 204,
+                    headers: {
+                        'Access-Control-Allow-Origin': allowedOrigin,
+                        'Access-Control-Allow-Methods': options.allowMethods.join(', '),
+                        'Access-Control-Allow-Headers': options.allowHeaders.join(', '),
+                        'Access-Control-Allow-Credentials': String(options.allowCredentials),
+                        'Access-Control-Max-Age': String(options.maxAge),
+                    },
+                    body: '',
+                };
+            }
+            const response = await next();
+            // Add CORS headers to response
+            if (typeof response !== 'object' || response === null) {
+                return response;
+            }
+            const resp = response;
+            const corsHeaders = {
+                'Access-Control-Allow-Origin': allowedOrigin,
+            };
+            if (options.allowCredentials) {
+                corsHeaders['Access-Control-Allow-Credentials'] = 'true';
+            }
+            resp.headers = { ...resp.headers, ...corsHeaders };
+            return resp;
+        },
+    };
+}
+/**
+ * Timeout middleware - enforces request timeout
+ */
+function timeoutMiddleware(timeoutMs) {
+    return {
+        name: 'timeout',
+        fn: async (ctx, next) => {
+            const timeoutPromise = new Promise((_, reject) => {
+                setTimeout(() => {
+                    reject(new Error(`Request timeout after ${timeoutMs}ms`));
+                }, timeoutMs);
+            });
+            return Promise.race([next(), timeoutPromise]);
+        },
+    };
+}
+/**
+ * Error boundary middleware - catches and formats errors
+ */
+function errorBoundaryMiddleware(errorHandler) {
+    return {
+        name: 'errorBoundary',
+        fn: async (ctx, next) => {
+            try {
+                return await next();
+            }
+            catch (error) {
+                return errorHandler(error, ctx);
+            }
+        },
+    };
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibWlkZGxld2FyZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy9taWRkbGV3YXJlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7Ozs7R0FLRzs7QUF5QkgsMEJBb0JDO0FBS0QsOENBc0NDO0FBS0Qsd0NBaURDO0FBS0QsOENBYUM7QUFLRCwwREFhQztBQTVKRDs7R0FFRztBQUNILFNBQWdCLE9BQU8sQ0FBQyxXQUF5QjtJQUMvQyxPQUFPLEtBQUssRUFBRSxHQUFtQixFQUFFLFlBQW9ELEVBQUUsRUFBRTtRQUN6RixJQUFJLEtBQUssR0FBRyxDQUFDLENBQUMsQ0FBQztRQUVmLE1BQU0sUUFBUSxHQUFHLEtBQUssRUFBRSxDQUFTLEVBQW9DLEVBQUU7WUFDckUsSUFBSSxDQUFDLElBQUksS0FBSyxFQUFFLENBQUM7Z0JBQ2YsTUFBTSxJQUFJLEtBQUssQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO1lBQ2xELENBQUM7WUFDRCxLQUFLLEdBQUcsQ0FBQyxDQUFDO1lBRVYsSUFBSSxDQUFDLElBQUksV0FBVyxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUM1QixPQUFPLFlBQVksRUFBRSxDQUFDO1lBQ3hCLENBQUM7WUFFRCxNQUFNLFVBQVUsR0FBRyxXQUFXLENBQUMsQ0FBQyxDQUFDLENBQUM7WUFDbEMsT0FBTyxVQUFVLENBQUMsRUFBRSxDQUFDLEdBQUcsRUFBRSxHQUFHLEVBQUUsQ0FBQyxRQUFRLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDbkQsQ0FBQyxDQUFDO1FBRUYsT0FBTyxRQUFRLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDckIsQ0FBQyxDQUFDO0FBQ0osQ0FBQztBQUVEOztHQUVHO0FBQ0gsU0FBZ0IsaUJBQWlCLENBQUMsTUFBYztJQUM5QyxPQUFPO1FBQ0wsSUFBSSxFQUFFLFNBQVM7UUFDZixFQUFFLEVBQUUsS0FBSyxFQUFFLEdBQUcsRUFBRSxJQUFJLEVBQUUsRUFBRTtZQUN0QixNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsR0FBRyxFQUFFLENBQUM7WUFFekIsTUFBTSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsRUFBRTtnQkFDN0IsTUFBTSxFQUFFLEdBQUcsQ0FBQyxNQUFNO2dCQUNsQixJQUFJLEVBQUUsR0FBRyxDQUFDLElBQUk7Z0JBQ2QsUUFBUSxFQUFFLEdBQUcsQ0FBQyxRQUFRO2FBQ3ZCLENBQUMsQ0FBQztZQUVILElBQUksQ0FBQztnQkFDSCxNQUFNLFFBQVEsR0FBRyxNQUFNLElBQUksRUFBRSxDQUFDO2dCQUM5QixNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsR0FBRyxFQUFFLEdBQUcsS0FBSyxDQUFDO2dCQUVwQyxNQUFNLENBQUMsSUFBSSxDQUFDLG1CQUFtQixFQUFFO29CQUMvQixNQUFNLEVBQUUsR0FBRyxDQUFDLE1BQU07b0JBQ2xCLElBQUksRUFBRSxHQUFHLENBQUMsSUFBSTtvQkFDZCxVQUFVLEVBQUUsT0FBTyxRQUFRLEtBQUssUUFBUSxDQUFDLENBQUMsQ0FBRSxRQUFnQixDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUMsU0FBUztvQkFDbkYsUUFBUTtpQkFDVCxDQUFDLENBQUM7Z0JBRUgsT0FBTyxRQUFRLENBQUM7WUFDbEIsQ0FBQztZQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7Z0JBQ2YsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxHQUFHLEtBQUssQ0FBQztnQkFFcEMsTUFBTSxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsRUFBRTtvQkFDN0IsTUFBTSxFQUFFLEdBQUcsQ0FBQyxNQUFNO29CQUNsQixJQUFJLEVBQUUsR0FBRyxDQUFDLElBQUk7b0JBQ2QsUUFBUTtvQkFDUixLQUFLLEVBQUUsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsZUFBZTtpQkFDaEUsQ0FBQyxDQUFDO2dCQUVILE1BQU0sS0FBSyxDQUFDO1lBQ2QsQ0FBQztRQUNILENBQUM7S0FDRixDQUFDO0FBQ0osQ0FBQztBQUVEOztHQUVHO0FBQ0gsU0FBZ0IsY0FBYyxDQUFDLE9BTTlCO0lBQ0MsT0FBTztRQUNMLElBQUksRUFBRSxNQUFNO1FBQ1osRUFBRSxFQUFFLEtBQUssRUFBRSxHQUFHLEVBQUUsSUFBSSxFQUFFLEVBQUU7WUFDdEIsTUFBTSxNQUFNLEdBQUcsR0FBRyxDQUFDLFFBQVEsQ0FBQyxPQUFPLEVBQUUsTUFBTSxJQUFJLEVBQUUsQ0FBQztZQUNsRCxNQUFNLGFBQWEsR0FBRyxPQUFPLENBQUMsWUFBWSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUM7Z0JBQ3RELENBQUMsQ0FBQyxHQUFHO2dCQUNMLENBQUMsQ0FBQyxPQUFPLENBQUMsWUFBWSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUM7b0JBQ3JDLENBQUMsQ0FBQyxNQUFNO29CQUNSLENBQUMsQ0FBQyxFQUFFLENBQUM7WUFFVCxtQkFBbUI7WUFDbkIsSUFBSSxHQUFHLENBQUMsTUFBTSxLQUFLLFNBQVMsRUFBRSxDQUFDO2dCQUM3QixPQUFPO29CQUNMLFVBQVUsRUFBRSxHQUFHO29CQUNmLE9BQU8sRUFBRTt3QkFDUCw2QkFBNkIsRUFBRSxhQUFhO3dCQUM1Qyw4QkFBOEIsRUFBRSxPQUFPLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUM7d0JBQy9ELDhCQUE4QixFQUFFLE9BQU8sQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQzt3QkFDL0Qsa0NBQWtDLEVBQUUsTUFBTSxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQzt3QkFDcEUsd0JBQXdCLEVBQUUsTUFBTSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUM7cUJBQ2pEO29CQUNELElBQUksRUFBRSxFQUFFO2lCQUNULENBQUM7WUFDSixDQUFDO1lBRUQsTUFBTSxRQUFRLEdBQUcsTUFBTSxJQUFJLEVBQUUsQ0FBQztZQUU5QiwrQkFBK0I7WUFDL0IsSUFBSSxPQUFPLFFBQVEsS0FBSyxRQUFRLElBQUksUUFBUSxLQUFLLElBQUksRUFBRSxDQUFDO2dCQUN0RCxPQUFPLFFBQVEsQ0FBQztZQUNsQixDQUFDO1lBQ0QsTUFBTSxJQUFJLEdBQUcsUUFBNkMsQ0FBQztZQUMzRCxNQUFNLFdBQVcsR0FBMkI7Z0JBQzFDLDZCQUE2QixFQUFFLGFBQWE7YUFDN0MsQ0FBQztZQUNGLElBQUksT0FBTyxDQUFDLGdCQUFnQixFQUFFLENBQUM7Z0JBQzdCLFdBQVcsQ0FBQyxrQ0FBa0MsQ0FBQyxHQUFHLE1BQU0sQ0FBQztZQUMzRCxDQUFDO1lBQ0QsSUFBSSxDQUFDLE9BQU8sR0FBRyxFQUFFLEdBQUcsSUFBSSxDQUFDLE9BQU8sRUFBRSxHQUFHLFdBQVcsRUFBRSxDQUFDO1lBQ25ELE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztLQUNGLENBQUM7QUFDSixDQUFDO0FBRUQ7O0dBRUc7QUFDSCxTQUFnQixpQkFBaUIsQ0FBQyxTQUFpQjtJQUNqRCxPQUFPO1FBQ0wsSUFBSSxFQUFFLFNBQVM7UUFDZixFQUFFLEVBQUUsS0FBSyxFQUFFLEdBQUcsRUFBRSxJQUFJLEVBQUUsRUFBRTtZQUN0QixNQUFNLGNBQWMsR0FBRyxJQUFJLE9BQU8sQ0FBUSxDQUFDLENBQUMsRUFBRSxNQUFNLEVBQUUsRUFBRTtnQkFDdEQsVUFBVSxDQUFDLEdBQUcsRUFBRTtvQkFDZCxNQUFNLENBQUMsSUFBSSxLQUFLLENBQUMseUJBQXlCLFNBQVMsSUFBSSxDQUFDLENBQUMsQ0FBQztnQkFDNUQsQ0FBQyxFQUFFLFNBQVMsQ0FBQyxDQUFDO1lBQ2hCLENBQUMsQ0FBQyxDQUFDO1lBRUgsT0FBTyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsY0FBYyxDQUFDLENBQUMsQ0FBQztRQUNoRCxDQUFDO0tBQ0YsQ0FBQztBQUNKLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQWdCLHVCQUF1QixDQUNyQyxZQUE4RTtJQUU5RSxPQUFPO1FBQ0wsSUFBSSxFQUFFLGVBQWU7UUFDckIsRUFBRSxFQUFFLEtBQUssRUFBRSxHQUFHLEVBQUUsSUFBSSxFQUFFLEVBQUU7WUFDdEIsSUFBSSxDQUFDO2dCQUNILE9BQU8sTUFBTSxJQUFJLEVBQUUsQ0FBQztZQUN0QixDQUFDO1lBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztnQkFDZixPQUFPLFlBQVksQ0FBQyxLQUFLLEVBQUUsR0FBRyxDQUFDLENBQUM7WUFDbEMsQ0FBQztRQUNILENBQUM7S0FDRixDQUFDO0FBQ0osQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qKlxuICogVmVudHVyZUtpdCBNaWRkbGV3YXJlXG4gKiBcbiAqIENvbXBvc2FibGUgbWlkZGxld2FyZSBmb3IgcmVxdWVzdCBwcm9jZXNzaW5nLlxuICogRXh0ZW5zaWJsZSBmb3IgYXV0aCwgdGVuYW5jeSwgcmF0ZSBsaW1pdGluZywgZXRjLlxuICovXG5cbmltcG9ydCB0eXBlIHsgQVBJR2F0ZXdheVByb3h5RXZlbnRWMiwgQVBJR2F0ZXdheVByb3h5UmVzdWx0VjIsIEFQSUdhdGV3YXlQcm94eVN0cnVjdHVyZWRSZXN1bHRWMiB9IGZyb20gJ2F3cy1sYW1iZGEnO1xuaW1wb3J0IHsgUmVxdWVzdENvbnRleHQgfSBmcm9tICcuL2NvbnRleHQnO1xuaW1wb3J0IHsgTG9nZ2VyIH0gZnJvbSAnLi9sb2dnZXInO1xuXG4vKipcbiAqIE1pZGRsZXdhcmUgZnVuY3Rpb24gc2lnbmF0dXJlXG4gKi9cbmV4cG9ydCB0eXBlIE1pZGRsZXdhcmVGbiA9IChcbiAgY3R4OiBSZXF1ZXN0Q29udGV4dCxcbiAgbmV4dDogKCkgPT4gUHJvbWlzZTxBUElHYXRld2F5UHJveHlSZXN1bHRWMj5cbikgPT4gUHJvbWlzZTxBUElHYXRld2F5UHJveHlSZXN1bHRWMj47XG5cbi8qKlxuICogTWlkZGxld2FyZSB3aXRoIGNvbmZpZ3VyYXRpb25cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBNaWRkbGV3YXJlIHtcbiAgbmFtZTogc3RyaW5nO1xuICBmbjogTWlkZGxld2FyZUZuO1xufVxuXG4vKipcbiAqIENvbXBvc2UgbXVsdGlwbGUgbWlkZGxld2FyZSBpbnRvIGEgc2luZ2xlIGZ1bmN0aW9uXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBjb21wb3NlKG1pZGRsZXdhcmVzOiBNaWRkbGV3YXJlW10pOiBNaWRkbGV3YXJlRm4ge1xuICByZXR1cm4gYXN5bmMgKGN0eDogUmVxdWVzdENvbnRleHQsIGZpbmFsSGFuZGxlcjogKCkgPT4gUHJvbWlzZTxBUElHYXRld2F5UHJveHlSZXN1bHRWMj4pID0+IHtcbiAgICBsZXQgaW5kZXggPSAtMTtcblxuICAgIGNvbnN0IGRpc3BhdGNoID0gYXN5bmMgKGk6IG51bWJlcik6IFByb21pc2U8QVBJR2F0ZXdheVByb3h5UmVzdWx0VjI+ID0+IHtcbiAgICAgIGlmIChpIDw9IGluZGV4KSB7XG4gICAgICAgIHRocm93IG5ldyBFcnJvcignbmV4dCgpIGNhbGxlZCBtdWx0aXBsZSB0aW1lcycpO1xuICAgICAgfVxuICAgICAgaW5kZXggPSBpO1xuXG4gICAgICBpZiAoaSA+PSBtaWRkbGV3YXJlcy5sZW5ndGgpIHtcbiAgICAgICAgcmV0dXJuIGZpbmFsSGFuZGxlcigpO1xuICAgICAgfVxuXG4gICAgICBjb25zdCBtaWRkbGV3YXJlID0gbWlkZGxld2FyZXNbaV07XG4gICAgICByZXR1cm4gbWlkZGxld2FyZS5mbihjdHgsICgpID0+IGRpc3BhdGNoKGkgKyAxKSk7XG4gICAgfTtcblxuICAgIHJldHVybiBkaXNwYXRjaCgwKTtcbiAgfTtcbn1cblxuLyoqXG4gKiBMb2dnaW5nIG1pZGRsZXdhcmUgLSBsb2dzIHJlcXVlc3QvcmVzcG9uc2VcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGxvZ2dpbmdNaWRkbGV3YXJlKGxvZ2dlcjogTG9nZ2VyKTogTWlkZGxld2FyZSB7XG4gIHJldHVybiB7XG4gICAgbmFtZTogJ2xvZ2dpbmcnLFxuICAgIGZuOiBhc3luYyAoY3R4LCBuZXh0KSA9PiB7XG4gICAgICBjb25zdCBzdGFydCA9IERhdGUubm93KCk7XG4gICAgICBcbiAgICAgIGxvZ2dlci5pbmZvKCdSZXF1ZXN0IHN0YXJ0ZWQnLCB7XG4gICAgICAgIG1ldGhvZDogY3R4Lm1ldGhvZCxcbiAgICAgICAgcGF0aDogY3R4LnBhdGgsXG4gICAgICAgIHNvdXJjZUlwOiBjdHguc291cmNlSXAsXG4gICAgICB9KTtcblxuICAgICAgdHJ5IHtcbiAgICAgICAgY29uc3QgcmVzcG9uc2UgPSBhd2FpdCBuZXh0KCk7XG4gICAgICAgIGNvbnN0IGR1cmF0aW9uID0gRGF0ZS5ub3coKSAtIHN0YXJ0O1xuXG4gICAgICAgIGxvZ2dlci5pbmZvKCdSZXF1ZXN0IGNvbXBsZXRlZCcsIHtcbiAgICAgICAgICBtZXRob2Q6IGN0eC5tZXRob2QsXG4gICAgICAgICAgcGF0aDogY3R4LnBhdGgsXG4gICAgICAgICAgc3RhdHVzQ29kZTogdHlwZW9mIHJlc3BvbnNlID09PSAnb2JqZWN0JyA/IChyZXNwb25zZSBhcyBhbnkpLnN0YXR1c0NvZGUgOiB1bmRlZmluZWQsXG4gICAgICAgICAgZHVyYXRpb24sXG4gICAgICAgIH0pO1xuXG4gICAgICAgIHJldHVybiByZXNwb25zZTtcbiAgICAgIH0gY2F0Y2ggKGVycm9yKSB7XG4gICAgICAgIGNvbnN0IGR1cmF0aW9uID0gRGF0ZS5ub3coKSAtIHN0YXJ0O1xuXG4gICAgICAgIGxvZ2dlci5lcnJvcignUmVxdWVzdCBmYWlsZWQnLCB7XG4gICAgICAgICAgbWV0aG9kOiBjdHgubWV0aG9kLFxuICAgICAgICAgIHBhdGg6IGN0eC5wYXRoLFxuICAgICAgICAgIGR1cmF0aW9uLFxuICAgICAgICAgIGVycm9yOiBlcnJvciBpbnN0YW5jZW9mIEVycm9yID8gZXJyb3IubWVzc2FnZSA6ICdVbmtub3duIGVycm9yJyxcbiAgICAgICAgfSk7XG5cbiAgICAgICAgdGhyb3cgZXJyb3I7XG4gICAgICB9XG4gICAgfSxcbiAgfTtcbn1cblxuLyoqXG4gKiBDT1JTIG1pZGRsZXdhcmUgLSBhZGRzIENPUlMgaGVhZGVyc1xuICovXG5leHBvcnQgZnVuY3Rpb24gY29yc01pZGRsZXdhcmUob3B0aW9uczoge1xuICBhbGxvd09yaWdpbnM6IHN0cmluZ1tdO1xuICBhbGxvd01ldGhvZHM6IHN0cmluZ1tdO1xuICBhbGxvd0hlYWRlcnM6IHN0cmluZ1tdO1xuICBhbGxvd0NyZWRlbnRpYWxzOiBib29sZWFuO1xuICBtYXhBZ2U6IG51bWJlcjtcbn0pOiBNaWRkbGV3YXJlIHtcbiAgcmV0dXJuIHtcbiAgICBuYW1lOiAnY29ycycsXG4gICAgZm46IGFzeW5jIChjdHgsIG5leHQpID0+IHtcbiAgICAgIGNvbnN0IG9yaWdpbiA9IGN0eC5yYXdFdmVudC5oZWFkZXJzPy5vcmlnaW4gfHwgJyc7XG4gICAgICBjb25zdCBhbGxvd2VkT3JpZ2luID0gb3B0aW9ucy5hbGxvd09yaWdpbnMuaW5jbHVkZXMoJyonKVxuICAgICAgICA/ICcqJ1xuICAgICAgICA6IG9wdGlvbnMuYWxsb3dPcmlnaW5zLmluY2x1ZGVzKG9yaWdpbilcbiAgICAgICAgICA/IG9yaWdpblxuICAgICAgICAgIDogJyc7XG5cbiAgICAgIC8vIEhhbmRsZSBwcmVmbGlnaHRcbiAgICAgIGlmIChjdHgubWV0aG9kID09PSAnT1BUSU9OUycpIHtcbiAgICAgICAgcmV0dXJuIHtcbiAgICAgICAgICBzdGF0dXNDb2RlOiAyMDQsXG4gICAgICAgICAgaGVhZGVyczoge1xuICAgICAgICAgICAgJ0FjY2Vzcy1Db250cm9sLUFsbG93LU9yaWdpbic6IGFsbG93ZWRPcmlnaW4sXG4gICAgICAgICAgICAnQWNjZXNzLUNvbnRyb2wtQWxsb3ctTWV0aG9kcyc6IG9wdGlvbnMuYWxsb3dNZXRob2RzLmpvaW4oJywgJyksXG4gICAgICAgICAgICAnQWNjZXNzLUNvbnRyb2wtQWxsb3ctSGVhZGVycyc6IG9wdGlvbnMuYWxsb3dIZWFkZXJzLmpvaW4oJywgJyksXG4gICAgICAgICAgICAnQWNjZXNzLUNvbnRyb2wtQWxsb3ctQ3JlZGVudGlhbHMnOiBTdHJpbmcob3B0aW9ucy5hbGxvd0NyZWRlbnRpYWxzKSxcbiAgICAgICAgICAgICdBY2Nlc3MtQ29udHJvbC1NYXgtQWdlJzogU3RyaW5nKG9wdGlvbnMubWF4QWdlKSxcbiAgICAgICAgICB9LFxuICAgICAgICAgIGJvZHk6ICcnLFxuICAgICAgICB9O1xuICAgICAgfVxuXG4gICAgICBjb25zdCByZXNwb25zZSA9IGF3YWl0IG5leHQoKTtcblxuICAgICAgLy8gQWRkIENPUlMgaGVhZGVycyB0byByZXNwb25zZVxuICAgICAgaWYgKHR5cGVvZiByZXNwb25zZSAhPT0gJ29iamVjdCcgfHwgcmVzcG9uc2UgPT09IG51bGwpIHtcbiAgICAgICAgcmV0dXJuIHJlc3BvbnNlO1xuICAgICAgfVxuICAgICAgY29uc3QgcmVzcCA9IHJlc3BvbnNlIGFzIEFQSUdhdGV3YXlQcm94eVN0cnVjdHVyZWRSZXN1bHRWMjtcbiAgICAgIGNvbnN0IGNvcnNIZWFkZXJzOiBSZWNvcmQ8c3RyaW5nLCBzdHJpbmc+ID0ge1xuICAgICAgICAnQWNjZXNzLUNvbnRyb2wtQWxsb3ctT3JpZ2luJzogYWxsb3dlZE9yaWdpbixcbiAgICAgIH07XG4gICAgICBpZiAob3B0aW9ucy5hbGxvd0NyZWRlbnRpYWxzKSB7XG4gICAgICAgIGNvcnNIZWFkZXJzWydBY2Nlc3MtQ29udHJvbC1BbGxvdy1DcmVkZW50aWFscyddID0gJ3RydWUnO1xuICAgICAgfVxuICAgICAgcmVzcC5oZWFkZXJzID0geyAuLi5yZXNwLmhlYWRlcnMsIC4uLmNvcnNIZWFkZXJzIH07XG4gICAgICByZXR1cm4gcmVzcDtcbiAgICB9LFxuICB9O1xufVxuXG4vKipcbiAqIFRpbWVvdXQgbWlkZGxld2FyZSAtIGVuZm9yY2VzIHJlcXVlc3QgdGltZW91dFxuICovXG5leHBvcnQgZnVuY3Rpb24gdGltZW91dE1pZGRsZXdhcmUodGltZW91dE1zOiBudW1iZXIpOiBNaWRkbGV3YXJlIHtcbiAgcmV0dXJuIHtcbiAgICBuYW1lOiAndGltZW91dCcsXG4gICAgZm46IGFzeW5jIChjdHgsIG5leHQpID0+IHtcbiAgICAgIGNvbnN0IHRpbWVvdXRQcm9taXNlID0gbmV3IFByb21pc2U8bmV2ZXI+KChfLCByZWplY3QpID0+IHtcbiAgICAgICAgc2V0VGltZW91dCgoKSA9PiB7XG4gICAgICAgICAgcmVqZWN0KG5ldyBFcnJvcihgUmVxdWVzdCB0aW1lb3V0IGFmdGVyICR7dGltZW91dE1zfW1zYCkpO1xuICAgICAgICB9LCB0aW1lb3V0TXMpO1xuICAgICAgfSk7XG5cbiAgICAgIHJldHVybiBQcm9taXNlLnJhY2UoW25leHQoKSwgdGltZW91dFByb21pc2VdKTtcbiAgICB9LFxuICB9O1xufVxuXG4vKipcbiAqIEVycm9yIGJvdW5kYXJ5IG1pZGRsZXdhcmUgLSBjYXRjaGVzIGFuZCBmb3JtYXRzIGVycm9yc1xuICovXG5leHBvcnQgZnVuY3Rpb24gZXJyb3JCb3VuZGFyeU1pZGRsZXdhcmUoXG4gIGVycm9ySGFuZGxlcjogKGVycm9yOiB1bmtub3duLCBjdHg6IFJlcXVlc3RDb250ZXh0KSA9PiBBUElHYXRld2F5UHJveHlSZXN1bHRWMlxuKTogTWlkZGxld2FyZSB7XG4gIHJldHVybiB7XG4gICAgbmFtZTogJ2Vycm9yQm91bmRhcnknLFxuICAgIGZuOiBhc3luYyAoY3R4LCBuZXh0KSA9PiB7XG4gICAgICB0cnkge1xuICAgICAgICByZXR1cm4gYXdhaXQgbmV4dCgpO1xuICAgICAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAgICAgcmV0dXJuIGVycm9ySGFuZGxlcihlcnJvciwgY3R4KTtcbiAgICAgIH1cbiAgICB9LFxuICB9O1xufVxuIl19

package/dist/response.d.ts

@@ -0,0 +1,75 @@
+/**
+ * VentureKit Response Utilities
+ *
+ * Standardized response formatting for API Gateway.
+ */
+import type { APIGatewayProxyResultV2 } from 'aws-lambda';
+import { VentureError } from './errors';
+/**
+ * Standard success response
+ */
+export interface SuccessResponse<T = unknown> {
+    data: T;
+    meta?: {
+        requestId?: string;
+        timestamp?: string;
+        pagination?: {
+            page: number;
+            pageSize: number;
+            total: number;
+            totalPages: number;
+        };
+    };
+}
+/**
+ * Standard error response
+ */
+export interface ErrorResponse {
+    error: {
+        code: string;
+        message: string;
+        details?: Record<string, unknown>;
+    };
+    meta?: {
+        requestId?: string;
+        timestamp?: string;
+    };
+}
+/**
+ * Create a success response
+ */
+export declare function success<T>(data: T, options?: {
+    statusCode?: number;
+    headers?: Record<string, string>;
+    requestId?: string;
+}): APIGatewayProxyResultV2;
+/**
+ * Create a created response (201)
+ */
+export declare function created<T>(data: T, options?: {
+    headers?: Record<string, string>;
+    requestId?: string;
+}): APIGatewayProxyResultV2;
+/**
+ * Create a no content response (204)
+ */
+export declare function noContent(options?: {
+    requestId?: string;
+}): APIGatewayProxyResultV2;
+/**
+ * Create an error response from a VentureError
+ */
+export declare function error(err: VentureError, options?: {
+    requestId?: string;
+}): APIGatewayProxyResultV2;
+/**
+ * Convert any error to an API Gateway response
+ */
+export declare function errorResponse(err: unknown, options?: {
+    requestId?: string;
+    logError?: boolean;
+}): APIGatewayProxyResultV2;
+/**
+ * Create a redirect response
+ */
+export declare function redirect(location: string, permanent?: boolean): APIGatewayProxyResultV2;

package/dist/response.js

@@ -0,0 +1,107 @@
+"use strict";
+/**
+ * VentureKit Response Utilities
+ *
+ * Standardized response formatting for API Gateway.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.success = success;
+exports.created = created;
+exports.noContent = noContent;
+exports.error = error;
+exports.errorResponse = errorResponse;
+exports.redirect = redirect;
+const errors_1 = require("./errors");
+/**
+ * Create a success response
+ */
+function success(data, options = {}) {
+    const { statusCode = 200, headers = {}, requestId } = options;
+    const body = {
+        data,
+        ...(requestId && {
+            meta: {
+                requestId,
+                timestamp: new Date().toISOString(),
+            },
+        }),
+    };
+    return {
+        statusCode,
+        headers: {
+            'Content-Type': 'application/json',
+            ...headers,
+        },
+        body: JSON.stringify(body),
+    };
+}
+/**
+ * Create a created response (201)
+ */
+function created(data, options = {}) {
+    return success(data, { ...options, statusCode: 201 });
+}
+/**
+ * Create a no content response (204)
+ */
+function noContent(options = {}) {
+    return {
+        statusCode: 204,
+        body: '',
+        headers: options.requestId ? { 'x-request-id': options.requestId } : undefined,
+    };
+}
+/**
+ * Create an error response from a VentureError
+ */
+function error(err, options = {}) {
+    const { requestId } = options;
+    const body = {
+        error: {
+            code: err.code,
+            message: err.message,
+            ...(err.details && { details: err.details }),
+        },
+        ...(requestId && {
+            meta: {
+                requestId,
+                timestamp: new Date().toISOString(),
+            },
+        }),
+    };
+    return {
+        statusCode: err.statusCode,
+        headers: {
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify(body),
+    };
+}
+/**
+ * Convert any error to an API Gateway response
+ */
+function errorResponse(err, options = {}) {
+    const { requestId, logError = true } = options;
+    if ((0, errors_1.isVentureError)(err)) {
+        return error(err, { requestId });
+    }
+    // Log unexpected errors
+    if (logError) {
+        console.error('Unexpected error:', err);
+    }
+    // Wrap in InternalError for consistent response
+    return error(new errors_1.InternalError(), { requestId });
+}
+/**
+ * Create a redirect response
+ */
+function redirect(location, permanent = false) {
+    return {
+        statusCode: permanent ? 301 : 302,
+        headers: {
+            Location: location,
+        },
+        body: '',
+    };
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmVzcG9uc2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvcmVzcG9uc2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBOzs7O0dBSUc7O0FBd0NILDBCQTRCQztBQUtELDBCQUtDO0FBS0QsOEJBTUM7QUFLRCxzQkEyQkM7QUFLRCxzQ0FpQkM7QUFLRCw0QkFXQztBQTVKRCxxQ0FBdUU7QUFrQ3ZFOztHQUVHO0FBQ0gsU0FBZ0IsT0FBTyxDQUNyQixJQUFPLEVBQ1AsVUFJSSxFQUFFO0lBRU4sTUFBTSxFQUFFLFVBQVUsR0FBRyxHQUFHLEVBQUUsT0FBTyxHQUFHLEVBQUUsRUFBRSxTQUFTLEVBQUUsR0FBRyxPQUFPLENBQUM7SUFFOUQsTUFBTSxJQUFJLEdBQXVCO1FBQy9CLElBQUk7UUFDSixHQUFHLENBQUMsU0FBUyxJQUFJO1lBQ2YsSUFBSSxFQUFFO2dCQUNKLFNBQVM7Z0JBQ1QsU0FBUyxFQUFFLElBQUksSUFBSSxFQUFFLENBQUMsV0FBVyxFQUFFO2FBQ3BDO1NBQ0YsQ0FBQztLQUNILENBQUM7SUFFRixPQUFPO1FBQ0wsVUFBVTtRQUNWLE9BQU8sRUFBRTtZQUNQLGNBQWMsRUFBRSxrQkFBa0I7WUFDbEMsR0FBRyxPQUFPO1NBQ1g7UUFDRCxJQUFJLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUM7S0FDM0IsQ0FBQztBQUNKLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQWdCLE9BQU8sQ0FDckIsSUFBTyxFQUNQLFVBQW9FLEVBQUU7SUFFdEUsT0FBTyxPQUFPLENBQUMsSUFBSSxFQUFFLEVBQUUsR0FBRyxPQUFPLEVBQUUsVUFBVSxFQUFFLEdBQUcsRUFBRSxDQUFDLENBQUM7QUFDeEQsQ0FBQztBQUVEOztHQUVHO0FBQ0gsU0FBZ0IsU0FBUyxDQUFDLFVBQWtDLEVBQUU7SUFDNUQsT0FBTztRQUNMLFVBQVUsRUFBRSxHQUFHO1FBQ2YsSUFBSSxFQUFFLEVBQUU7UUFDUixPQUFPLEVBQUUsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsRUFBRSxjQUFjLEVBQUUsT0FBTyxDQUFDLFNBQVMsRUFBRSxDQUFDLENBQUMsQ0FBQyxTQUFTO0tBQy9FLENBQUM7QUFDSixDQUFDO0FBRUQ7O0dBRUc7QUFDSCxTQUFnQixLQUFLLENBQ25CLEdBQWlCLEVBQ2pCLFVBQWtDLEVBQUU7SUFFcEMsTUFBTSxFQUFFLFNBQVMsRUFBRSxHQUFHLE9BQU8sQ0FBQztJQUU5QixNQUFNLElBQUksR0FBa0I7UUFDMUIsS0FBSyxFQUFFO1lBQ0wsSUFBSSxFQUFFLEdBQUcsQ0FBQyxJQUFJO1lBQ2QsT0FBTyxFQUFFLEdBQUcsQ0FBQyxPQUFPO1lBQ3BCLEdBQUcsQ0FBQyxHQUFHLENBQUMsT0FBTyxJQUFJLEVBQUUsT0FBTyxFQUFFLEdBQUcsQ0FBQyxPQUFPLEVBQUUsQ0FBQztTQUM3QztRQUNELEdBQUcsQ0FBQyxTQUFTLElBQUk7WUFDZixJQUFJLEVBQUU7Z0JBQ0osU0FBUztnQkFDVCxTQUFTLEVBQUUsSUFBSSxJQUFJLEVBQUUsQ0FBQyxXQUFXLEVBQUU7YUFDcEM7U0FDRixDQUFDO0tBQ0gsQ0FBQztJQUVGLE9BQU87UUFDTCxVQUFVLEVBQUUsR0FBRyxDQUFDLFVBQVU7UUFDMUIsT0FBTyxFQUFFO1lBQ1AsY0FBYyxFQUFFLGtCQUFrQjtTQUNuQztRQUNELElBQUksRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQztLQUMzQixDQUFDO0FBQ0osQ0FBQztBQUVEOztHQUVHO0FBQ0gsU0FBZ0IsYUFBYSxDQUMzQixHQUFZLEVBQ1osVUFBc0QsRUFBRTtJQUV4RCxNQUFNLEVBQUUsU0FBUyxFQUFFLFFBQVEsR0FBRyxJQUFJLEVBQUUsR0FBRyxPQUFPLENBQUM7SUFFL0MsSUFBSSxJQUFBLHVCQUFjLEVBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztRQUN4QixPQUFPLEtBQUssQ0FBQyxHQUFHLEVBQUUsRUFBRSxTQUFTLEVBQUUsQ0FBQyxDQUFDO0lBQ25DLENBQUM7SUFFRCx3QkFBd0I7SUFDeEIsSUFBSSxRQUFRLEVBQUUsQ0FBQztRQUNiLE9BQU8sQ0FBQyxLQUFLLENBQUMsbUJBQW1CLEVBQUUsR0FBRyxDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVELGdEQUFnRDtJQUNoRCxPQUFPLEtBQUssQ0FBQyxJQUFJLHNCQUFhLEVBQUUsRUFBRSxFQUFFLFNBQVMsRUFBRSxDQUFDLENBQUM7QUFDbkQsQ0FBQztBQUVEOztHQUVHO0FBQ0gsU0FBZ0IsUUFBUSxDQUN0QixRQUFnQixFQUNoQixZQUFxQixLQUFLO0lBRTFCLE9BQU87UUFDTCxVQUFVLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEdBQUc7UUFDakMsT0FBTyxFQUFFO1lBQ1AsUUFBUSxFQUFFLFFBQVE7U0FDbkI7UUFDRCxJQUFJLEVBQUUsRUFBRTtLQUNULENBQUM7QUFDSixDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyoqXG4gKiBWZW50dXJlS2l0IFJlc3BvbnNlIFV0aWxpdGllc1xuICogXG4gKiBTdGFuZGFyZGl6ZWQgcmVzcG9uc2UgZm9ybWF0dGluZyBmb3IgQVBJIEdhdGV3YXkuXG4gKi9cblxuaW1wb3J0IHR5cGUgeyBBUElHYXRld2F5UHJveHlSZXN1bHRWMiB9IGZyb20gJ2F3cy1sYW1iZGEnO1xuaW1wb3J0IHsgVmVudHVyZUVycm9yLCBpc1ZlbnR1cmVFcnJvciwgSW50ZXJuYWxFcnJvciB9IGZyb20gJy4vZXJyb3JzJztcblxuLyoqXG4gKiBTdGFuZGFyZCBzdWNjZXNzIHJlc3BvbnNlXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgU3VjY2Vzc1Jlc3BvbnNlPFQgPSB1bmtub3duPiB7XG4gIGRhdGE6IFQ7XG4gIG1ldGE/OiB7XG4gICAgcmVxdWVzdElkPzogc3RyaW5nO1xuICAgIHRpbWVzdGFtcD86IHN0cmluZztcbiAgICBwYWdpbmF0aW9uPzoge1xuICAgICAgcGFnZTogbnVtYmVyO1xuICAgICAgcGFnZVNpemU6IG51bWJlcjtcbiAgICAgIHRvdGFsOiBudW1iZXI7XG4gICAgICB0b3RhbFBhZ2VzOiBudW1iZXI7XG4gICAgfTtcbiAgfTtcbn1cblxuLyoqXG4gKiBTdGFuZGFyZCBlcnJvciByZXNwb25zZVxuICovXG5leHBvcnQgaW50ZXJmYWNlIEVycm9yUmVzcG9uc2Uge1xuICBlcnJvcjoge1xuICAgIGNvZGU6IHN0cmluZztcbiAgICBtZXNzYWdlOiBzdHJpbmc7XG4gICAgZGV0YWlscz86IFJlY29yZDxzdHJpbmcsIHVua25vd24+O1xuICB9O1xuICBtZXRhPzoge1xuICAgIHJlcXVlc3RJZD86IHN0cmluZztcbiAgICB0aW1lc3RhbXA/OiBzdHJpbmc7XG4gIH07XG59XG5cbi8qKlxuICogQ3JlYXRlIGEgc3VjY2VzcyByZXNwb25zZVxuICovXG5leHBvcnQgZnVuY3Rpb24gc3VjY2VzczxUPihcbiAgZGF0YTogVCxcbiAgb3B0aW9uczoge1xuICAgIHN0YXR1c0NvZGU/OiBudW1iZXI7XG4gICAgaGVhZGVycz86IFJlY29yZDxzdHJpbmcsIHN0cmluZz47XG4gICAgcmVxdWVzdElkPzogc3RyaW5nO1xuICB9ID0ge31cbik6IEFQSUdhdGV3YXlQcm94eVJlc3VsdFYyIHtcbiAgY29uc3QgeyBzdGF0dXNDb2RlID0gMjAwLCBoZWFkZXJzID0ge30sIHJlcXVlc3RJZCB9ID0gb3B0aW9ucztcbiAgXG4gIGNvbnN0IGJvZHk6IFN1Y2Nlc3NSZXNwb25zZTxUPiA9IHtcbiAgICBkYXRhLFxuICAgIC4uLihyZXF1ZXN0SWQgJiYge1xuICAgICAgbWV0YToge1xuICAgICAgICByZXF1ZXN0SWQsXG4gICAgICAgIHRpbWVzdGFtcDogbmV3IERhdGUoKS50b0lTT1N0cmluZygpLFxuICAgICAgfSxcbiAgICB9KSxcbiAgfTtcbiAgXG4gIHJldHVybiB7XG4gICAgc3RhdHVzQ29kZSxcbiAgICBoZWFkZXJzOiB7XG4gICAgICAnQ29udGVudC1UeXBlJzogJ2FwcGxpY2F0aW9uL2pzb24nLFxuICAgICAgLi4uaGVhZGVycyxcbiAgICB9LFxuICAgIGJvZHk6IEpTT04uc3RyaW5naWZ5KGJvZHkpLFxuICB9O1xufVxuXG4vKipcbiAqIENyZWF0ZSBhIGNyZWF0ZWQgcmVzcG9uc2UgKDIwMSlcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGNyZWF0ZWQ8VD4oXG4gIGRhdGE6IFQsXG4gIG9wdGlvbnM6IHsgaGVhZGVycz86IFJlY29yZDxzdHJpbmcsIHN0cmluZz47IHJlcXVlc3RJZD86IHN0cmluZyB9ID0ge31cbik6IEFQSUdhdGV3YXlQcm94eVJlc3VsdFYyIHtcbiAgcmV0dXJuIHN1Y2Nlc3MoZGF0YSwgeyAuLi5vcHRpb25zLCBzdGF0dXNDb2RlOiAyMDEgfSk7XG59XG5cbi8qKlxuICogQ3JlYXRlIGEgbm8gY29udGVudCByZXNwb25zZSAoMjA0KVxuICovXG5leHBvcnQgZnVuY3Rpb24gbm9Db250ZW50KG9wdGlvbnM6IHsgcmVxdWVzdElkPzogc3RyaW5nIH0gPSB7fSk6IEFQSUdhdGV3YXlQcm94eVJlc3VsdFYyIHtcbiAgcmV0dXJuIHtcbiAgICBzdGF0dXNDb2RlOiAyMDQsXG4gICAgYm9keTogJycsXG4gICAgaGVhZGVyczogb3B0aW9ucy5yZXF1ZXN0SWQgPyB7ICd4LXJlcXVlc3QtaWQnOiBvcHRpb25zLnJlcXVlc3RJZCB9IDogdW5kZWZpbmVkLFxuICB9O1xufVxuXG4vKipcbiAqIENyZWF0ZSBhbiBlcnJvciByZXNwb25zZSBmcm9tIGEgVmVudHVyZUVycm9yXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBlcnJvcihcbiAgZXJyOiBWZW50dXJlRXJyb3IsXG4gIG9wdGlvbnM6IHsgcmVxdWVzdElkPzogc3RyaW5nIH0gPSB7fVxuKTogQVBJR2F0ZXdheVByb3h5UmVzdWx0VjIge1xuICBjb25zdCB7IHJlcXVlc3RJZCB9ID0gb3B0aW9ucztcbiAgXG4gIGNvbnN0IGJvZHk6IEVycm9yUmVzcG9uc2UgPSB7XG4gICAgZXJyb3I6IHtcbiAgICAgIGNvZGU6IGVyci5jb2RlLFxuICAgICAgbWVzc2FnZTogZXJyLm1lc3NhZ2UsXG4gICAgICAuLi4oZXJyLmRldGFpbHMgJiYgeyBkZXRhaWxzOiBlcnIuZGV0YWlscyB9KSxcbiAgICB9LFxuICAgIC4uLihyZXF1ZXN0SWQgJiYge1xuICAgICAgbWV0YToge1xuICAgICAgICByZXF1ZXN0SWQsXG4gICAgICAgIHRpbWVzdGFtcDogbmV3IERhdGUoKS50b0lTT1N0cmluZygpLFxuICAgICAgfSxcbiAgICB9KSxcbiAgfTtcbiAgXG4gIHJldHVybiB7XG4gICAgc3RhdHVzQ29kZTogZXJyLnN0YXR1c0NvZGUsXG4gICAgaGVhZGVyczoge1xuICAgICAgJ0NvbnRlbnQtVHlwZSc6ICdhcHBsaWNhdGlvbi9qc29uJyxcbiAgICB9LFxuICAgIGJvZHk6IEpTT04uc3RyaW5naWZ5KGJvZHkpLFxuICB9O1xufVxuXG4vKipcbiAqIENvbnZlcnQgYW55IGVycm9yIHRvIGFuIEFQSSBHYXRld2F5IHJlc3BvbnNlXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBlcnJvclJlc3BvbnNlKFxuICBlcnI6IHVua25vd24sXG4gIG9wdGlvbnM6IHsgcmVxdWVzdElkPzogc3RyaW5nOyBsb2dFcnJvcj86IGJvb2xlYW4gfSA9IHt9XG4pOiBBUElHYXRld2F5UHJveHlSZXN1bHRWMiB7XG4gIGNvbnN0IHsgcmVxdWVzdElkLCBsb2dFcnJvciA9IHRydWUgfSA9IG9wdGlvbnM7XG4gIFxuICBpZiAoaXNWZW50dXJlRXJyb3IoZXJyKSkge1xuICAgIHJldHVybiBlcnJvcihlcnIsIHsgcmVxdWVzdElkIH0pO1xuICB9XG4gIFxuICAvLyBMb2cgdW5leHBlY3RlZCBlcnJvcnNcbiAgaWYgKGxvZ0Vycm9yKSB7XG4gICAgY29uc29sZS5lcnJvcignVW5leHBlY3RlZCBlcnJvcjonLCBlcnIpO1xuICB9XG4gIFxuICAvLyBXcmFwIGluIEludGVybmFsRXJyb3IgZm9yIGNvbnNpc3RlbnQgcmVzcG9uc2VcbiAgcmV0dXJuIGVycm9yKG5ldyBJbnRlcm5hbEVycm9yKCksIHsgcmVxdWVzdElkIH0pO1xufVxuXG4vKipcbiAqIENyZWF0ZSBhIHJlZGlyZWN0IHJlc3BvbnNlXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiByZWRpcmVjdChcbiAgbG9jYXRpb246IHN0cmluZyxcbiAgcGVybWFuZW50OiBib29sZWFuID0gZmFsc2Vcbik6IEFQSUdhdGV3YXlQcm94eVJlc3VsdFYyIHtcbiAgcmV0dXJuIHtcbiAgICBzdGF0dXNDb2RlOiBwZXJtYW5lbnQgPyAzMDEgOiAzMDIsXG4gICAgaGVhZGVyczoge1xuICAgICAgTG9jYXRpb246IGxvY2F0aW9uLFxuICAgIH0sXG4gICAgYm9keTogJycsXG4gIH07XG59XG4iXX0=

package/dist/ws.d.ts

@@ -0,0 +1,138 @@
+/**
+ * WebSocket Connection Store
+ *
+ * DynamoDB-backed connection management for API Gateway WebSocket APIs.
+ *
+ * Authentication:
+ *   Two-phase auth — the client connects without credentials, then sends
+ *   an { action: "auth", token: "<jwt>" } message over the encrypted channel.
+ *   The connection is stored as unauthenticated on $connect and upgraded
+ *   to authenticated via connectionStore.authenticate().
+ *   This avoids leaking JWTs in query strings, server logs, and access logs.
+ *
+ * Multi-tenancy:
+ *   If enabled, each connection stores a tenantId alongside userId.
+ *   Use sendToTenant() to broadcast within a tenant boundary.
+ *
+ * API:
+ *   connectionStore.save(connectionId)                        — $connect (unauthenticated)
+ *   connectionStore.authenticate(connectionId, metadata)      — after JWT verification
+ *   connectionStore.remove(connectionId)                      — $disconnect
+ *   connectionStore.get(connectionId)                         — single connection
+ *   connectionStore.getAll()                                  — all connections
+ *   connectionStore.getByUser(userId)                         — by user (GSI)
+ *   connectionStore.getByTenant(tenantId)                     — by tenant (GSI)
+ *   connectionStore.postToConnection(domain, stage, id, data) — send to one
+ *   connectionStore.sendToUser(domain, stage, userId, data)   — send to all user sessions
+ *   connectionStore.sendToTenant(domain, stage, tenantId, data) — broadcast within tenant
+ *   connectionStore.broadcast(domain, stage, data)            — broadcast to all
+ *
+ * Environment variables:
+ *   CONNECTIONS_TABLE — DynamoDB table name (required)
+ *
+ * DynamoDB table schema:
+ *   Partition key: connectionId (String)
+ *   TTL attribute: ttl
+ *   GSI: userId-index  (partition key: userId)
+ *   GSI: tenantId-index (partition key: tenantId) — only if multi-tenancy enabled
+ */
+export interface ConnectionRecord {
+    connectionId: string;
+    authenticated: boolean;
+    userId?: string;
+    tenantId?: string;
+    email?: string;
+    connectedAt: number;
+    authenticatedAt?: number;
+    ttl: number;
+    [key: string]: unknown;
+}
+export interface ConnectionMetadata {
+    userId: string;
+    tenantId?: string;
+    email?: string;
+    [key: string]: unknown;
+}
+/**
+ * WebSocket connection store backed by DynamoDB.
+ *
+ * Two-phase authentication flow:
+ *
+ * 1. $connect handler:
+ * ```typescript
+ * await connectionStore.save(connectionId);
+ * // Connection is unauthenticated, TTL = 30s
+ * ```
+ *
+ * 2. Client sends auth message over the encrypted WebSocket:
+ * ```json
+ * { "action": "auth", "token": "<jwt>" }
+ * ```
+ *
+ * 3. $default handler verifies JWT, then:
+ * ```typescript
+ * await connectionStore.authenticate(connectionId, { userId, tenantId, email });
+ * // Connection is now authenticated, TTL extended to 2h
+ * ```
+ */
+export declare const connectionStore: {
+    /**
+     * Save a new connection on $connect.
+     * The connection is unauthenticated with a short TTL.
+     * The client must send an auth message to upgrade.
+     */
+    save(connectionId: string): Promise<void>;
+    /**
+     * Authenticate a connection after JWT verification.
+     * Updates the record with user metadata and extends the TTL.
+     *
+     * @param connectionId — the connection to authenticate
+     * @param metadata — must include userId, optionally tenantId, email, etc.
+     */
+    authenticate(connectionId: string, metadata: ConnectionMetadata): Promise<void>;
+    /**
+     * Remove a connection on $disconnect.
+     */
+    remove(connectionId: string): Promise<void>;
+    /**
+     * Get a single connection record.
+     */
+    get(connectionId: string): Promise<ConnectionRecord | null>;
+    /**
+     * Get all authenticated connections.
+     * For large-scale apps, prefer getByUser() or getByTenant().
+     */
+    getAll(): Promise<ConnectionRecord[]>;
+    /**
+     * Get all connections for a specific user.
+     * A user can have multiple active connections (e.g. multiple tabs/devices).
+     * Requires GSI: userId-index (partition key: userId).
+     */
+    getByUser(userId: string): Promise<ConnectionRecord[]>;
+    /**
+     * Get all connections for a specific tenant.
+     * Requires GSI: tenantId-index (partition key: tenantId).
+     */
+    getByTenant(tenantId: string): Promise<ConnectionRecord[]>;
+    /**
+     * Send data to a specific connection via API Gateway Management API.
+     * Automatically cleans up stale connections (GoneException).
+     * Returns true if sent, false if the connection was stale and removed.
+     */
+    postToConnection(domainName: string, stage: string, connectionId: string, data: unknown): Promise<boolean>;
+    /**
+     * Send data to all connections belonging to a specific user.
+     * Returns the number of connections that received the message.
+     */
+    sendToUser(domainName: string, stage: string, userId: string, data: unknown): Promise<number>;
+    /**
+     * Send data to all connections within a specific tenant.
+     * Returns the number of connections that received the message.
+     */
+    sendToTenant(domainName: string, stage: string, tenantId: string, data: unknown): Promise<number>;
+    /**
+     * Broadcast data to all authenticated connections.
+     * Returns the number of clients that received the message.
+     */
+    broadcast(domainName: string, stage: string, data: unknown): Promise<number>;
+};