@visgate-ai/server-proxy 0.1.0

package/README.md

@@ -0,0 +1,77 @@
+# @visgate-ai/server-proxy
+
+Server-side proxy for the [Visgate API](https://visgateai.com). Keeps your API key on the server so the client never sees it.
+
+- **Framework-agnostic core:** `proxyToVisgate(request, options)` — use with any Node server.
+- **Next.js:** Drop-in route handlers; one line to mount the proxy.
+
+## Install
+
+```bash
+npm install @visgate-ai/server-proxy
+```
+
+## Environment
+
+On the server, set:
+
+- **VISGATE_API_KEY** (required) — your Visgate API key (`vg-...`).
+- **VISGATE_BASE_URL** (optional) — defaults to `https://visgateai.com/api/v1`.
+
+**BYOK (Bring Your Own Key):** To use provider keys on the server (so the client never sends them), set:
+
+- **VISGATE_FAL_KEY** or **FAL_KEY** — Fal API key.
+- **VISGATE_REPLICATE_KEY** or **REPLICATE_API_TOKEN** — Replicate API token.
+- **VISGATE_RUNWAY_KEY** or **RUNWAY_API_KEY** — Runway API key.
+
+The proxy injects these headers when the client does not send them.
+
+## Next.js (App Router)
+
+1. Create the route file:
+
+**`app/api/visgate/[...path]/route.ts`**
+
+```ts
+// Video generation can take several minutes; set maxDuration to avoid 502 Bad Gateway.
+export const maxDuration = 300;
+
+export { GET, POST, PUT, DELETE, OPTIONS } from "@visgate-ai/server-proxy/next";
+```
+
+2. In your client (browser), use the Visgate SDK with `proxyUrl`:
+
+```ts
+import { Client } from "@visgate-ai/client";
+
+const client = new Client({ proxyUrl: "/api/visgate" });
+const result = await client.generate("a sunset");
+```
+
+No API key in the client — the proxy adds it on the server.
+
+For **video generation**, use a longer client timeout (e.g. 5 minutes) so the request does not abort before the API responds:
+
+```ts
+const client = new Client({ proxyUrl: "/api/visgate", timeout: 300_000 });
+const result = await client.videos.generate("fal-ai/veo3", "a sunset");
+```
+
+## Core API (any framework)
+
+```ts
+import { proxyToVisgate } from "@visgate-ai/server-proxy";
+
+// In your handler (e.g. Express, Hono, etc.):
+const response = await proxyToVisgate(request, {
+  pathSegments: ["health"], // or ["videos", "generate"], ["images", "generate"], etc.
+  // apiKey: process.env.VISGATE_API_KEY (default)
+  // baseUrl: process.env.VISGATE_BASE_URL (default)
+  // timeoutMs: 300000 (default 5 min; increase for very long video jobs)
+});
+// Return response to the client
+```
+
+## License
+
+MIT

package/dist/index.d.mts

@@ -0,0 +1,23 @@
+/**
+ * Framework-agnostic proxy: forward Request to Visgate and return Response.
+ * Uses VISGATE_API_KEY (or options.apiKey) on the server; no key is sent from the client.
+ */
+/** Default upstream request timeout (5 min). Use for long-running calls like video generation. */
+declare const DEFAULT_UPSTREAM_TIMEOUT_MS = 300000;
+interface ProxyOptions {
+    /** API key (default: process.env.VISGATE_API_KEY) */
+    apiKey?: string;
+    /** Visgate API base URL (default: https://visgateai.com/api/v1) */
+    baseUrl?: string;
+    /** Path segments to append to baseUrl (e.g. ["health"] or ["images", "generate"]) */
+    pathSegments: string[];
+    /** Timeout in ms for the request to Visgate (default: 300000). Set higher for very long video jobs. */
+    timeoutMs?: number;
+}
+/**
+ * Forward the incoming request to Visgate and return the response.
+ * Call this from your framework (Next.js, Express, etc.) with the request and path.
+ */
+declare function proxyToVisgate(request: Request, options: ProxyOptions): Promise<Response>;
+
+export { DEFAULT_UPSTREAM_TIMEOUT_MS, type ProxyOptions, proxyToVisgate };

package/dist/index.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Framework-agnostic proxy: forward Request to Visgate and return Response.
+ * Uses VISGATE_API_KEY (or options.apiKey) on the server; no key is sent from the client.
+ */
+/** Default upstream request timeout (5 min). Use for long-running calls like video generation. */
+declare const DEFAULT_UPSTREAM_TIMEOUT_MS = 300000;
+interface ProxyOptions {
+    /** API key (default: process.env.VISGATE_API_KEY) */
+    apiKey?: string;
+    /** Visgate API base URL (default: https://visgateai.com/api/v1) */
+    baseUrl?: string;
+    /** Path segments to append to baseUrl (e.g. ["health"] or ["images", "generate"]) */
+    pathSegments: string[];
+    /** Timeout in ms for the request to Visgate (default: 300000). Set higher for very long video jobs. */
+    timeoutMs?: number;
+}
+/**
+ * Forward the incoming request to Visgate and return the response.
+ * Call this from your framework (Next.js, Express, etc.) with the request and path.
+ */
+declare function proxyToVisgate(request: Request, options: ProxyOptions): Promise<Response>;
+
+export { DEFAULT_UPSTREAM_TIMEOUT_MS, type ProxyOptions, proxyToVisgate };

package/dist/index.js

@@ -0,0 +1,118 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  DEFAULT_UPSTREAM_TIMEOUT_MS: () => DEFAULT_UPSTREAM_TIMEOUT_MS,
+  proxyToVisgate: () => proxyToVisgate
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/proxy.ts
+var DEFAULT_BASE_URL = "https://visgateai.com/api/v1";
+var DEFAULT_UPSTREAM_TIMEOUT_MS = 3e5;
+function corsHeaders(request) {
+  const origin = request.headers.get("origin");
+  return {
+    "Access-Control-Allow-Origin": origin || "*",
+    "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
+    "Access-Control-Allow-Headers": "Content-Type, Authorization"
+  };
+}
+async function proxyToVisgate(request, options) {
+  const authHeader = request.headers.get("Authorization");
+  const keyFromRequest = authHeader && /^Bearer\s+/i.test(authHeader) ? authHeader.replace(/^Bearer\s+/i, "").trim() : null;
+  const apiKey = keyFromRequest ?? options.apiKey ?? process.env.VISGATE_API_KEY;
+  if (!apiKey) {
+    return new Response(
+      JSON.stringify({ error: "VISGATE_API_KEY not set on server and no API key in request" }),
+      {
+        status: 500,
+        headers: { "Content-Type": "application/json", ...corsHeaders(request) }
+      }
+    );
+  }
+  const baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\/$/, "");
+  const pathStr = options.pathSegments.join("/");
+  const url = `${baseUrl}/${pathStr}`;
+  const search = request.url.includes("?") ? request.url.slice(request.url.indexOf("?")) : "";
+  const headers = new Headers();
+  request.headers.forEach((value, key) => {
+    const lower = key.toLowerCase();
+    if (lower === "authorization" || lower === "host") return;
+    headers.set(key, value);
+  });
+  headers.set("Authorization", `Bearer ${apiKey}`);
+  if (!headers.has("X-Fal-Key")) {
+    const falKey = process.env.VISGATE_FAL_KEY ?? process.env.FAL_KEY;
+    if (falKey) headers.set("X-Fal-Key", falKey);
+  }
+  if (!headers.has("X-Replicate-Key")) {
+    const replicateKey = process.env.VISGATE_REPLICATE_KEY ?? process.env.REPLICATE_API_TOKEN;
+    if (replicateKey) headers.set("X-Replicate-Key", replicateKey);
+  }
+  if (!headers.has("X-Runway-Key")) {
+    const runwayKey = process.env.VISGATE_RUNWAY_KEY ?? process.env.RUNWAY_API_KEY;
+    if (runwayKey) headers.set("X-Runway-Key", runwayKey);
+  }
+  const body = request.method !== "GET" && request.method !== "HEAD" ? await request.text() : void 0;
+  const timeoutMs = options.timeoutMs ?? DEFAULT_UPSTREAM_TIMEOUT_MS;
+  const controller = new AbortController();
+  const timeoutId = setTimeout(() => controller.abort(), timeoutMs);
+  let res;
+  try {
+    res = await fetch(url + search, {
+      method: request.method,
+      headers,
+      body,
+      signal: controller.signal
+    });
+  } catch (err) {
+    clearTimeout(timeoutId);
+    const message = err instanceof Error ? err.message : String(err);
+    const isTimeout = err instanceof Error && err.name === "AbortError";
+    return new Response(
+      JSON.stringify({
+        error: isTimeout ? "GATEWAY_TIMEOUT" : "BAD_GATEWAY",
+        message: isTimeout ? `Upstream request timed out after ${timeoutMs}ms` : `Upstream request failed: ${message}`
+      }),
+      {
+        status: isTimeout ? 504 : 502,
+        headers: { "Content-Type": "application/json", ...corsHeaders(request) }
+      }
+    );
+  }
+  clearTimeout(timeoutId);
+  const text = await res.text();
+  const resHeaders = new Headers();
+  res.headers.forEach((value, key) => {
+    const lower = key.toLowerCase();
+    if (lower === "transfer-encoding" || lower === "content-encoding" || lower === "content-length") return;
+    resHeaders.set(key, value);
+  });
+  Object.entries(corsHeaders(request)).forEach(([k, v]) => resHeaders.set(k, v));
+  return new Response(text, { status: res.status, headers: resHeaders });
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  DEFAULT_UPSTREAM_TIMEOUT_MS,
+  proxyToVisgate
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts","../src/proxy.ts"],"sourcesContent":["export {\n  proxyToVisgate,\n  DEFAULT_UPSTREAM_TIMEOUT_MS,\n  type ProxyOptions,\n} from \"./proxy\";\n","/**\n * Framework-agnostic proxy: forward Request to Visgate and return Response.\n * Uses VISGATE_API_KEY (or options.apiKey) on the server; no key is sent from the client.\n */\n\nconst DEFAULT_BASE_URL = \"https://visgateai.com/api/v1\";\n\n/** Default upstream request timeout (5 min). Use for long-running calls like video generation. */\nexport const DEFAULT_UPSTREAM_TIMEOUT_MS = 300_000;\n\nexport interface ProxyOptions {\n  /** API key (default: process.env.VISGATE_API_KEY) */\n  apiKey?: string;\n  /** Visgate API base URL (default: https://visgateai.com/api/v1) */\n  baseUrl?: string;\n  /** Path segments to append to baseUrl (e.g. [\"health\"] or [\"images\", \"generate\"]) */\n  pathSegments: string[];\n  /** Timeout in ms for the request to Visgate (default: 300000). Set higher for very long video jobs. */\n  timeoutMs?: number;\n}\n\nfunction corsHeaders(request: Request): Record<string, string> {\n  const origin = request.headers.get(\"origin\");\n  return {\n    \"Access-Control-Allow-Origin\": origin || \"*\",\n    \"Access-Control-Allow-Methods\": \"GET, POST, PUT, DELETE, OPTIONS\",\n    \"Access-Control-Allow-Headers\": \"Content-Type, Authorization\",\n  };\n}\n\n/**\n * Forward the incoming request to Visgate and return the response.\n * Call this from your framework (Next.js, Express, etc.) with the request and path.\n */\nexport async function proxyToVisgate(request: Request, options: ProxyOptions): Promise<Response> {\n  // Use API key from request (client sends it when using proxy + apiKey), then options, then env\n  const authHeader = request.headers.get(\"Authorization\");\n  const keyFromRequest =\n    authHeader && /^Bearer\\s+/i.test(authHeader) ? authHeader.replace(/^Bearer\\s+/i, \"\").trim() : null;\n  const apiKey = keyFromRequest ?? options.apiKey ?? process.env.VISGATE_API_KEY;\n  if (!apiKey) {\n    return new Response(\n      JSON.stringify({ error: \"VISGATE_API_KEY not set on server and no API key in request\" }),\n      {\n        status: 500,\n        headers: { \"Content-Type\": \"application/json\", ...corsHeaders(request) },\n      }\n    );\n  }\n\n  const baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\\/$/, \"\");\n  const pathStr = options.pathSegments.join(\"/\");\n  const url = `${baseUrl}/${pathStr}`;\n  const search = request.url.includes(\"?\") ? request.url.slice(request.url.indexOf(\"?\")) : \"\";\n\n  const headers = new Headers();\n  request.headers.forEach((value, key) => {\n    const lower = key.toLowerCase();\n    if (lower === \"authorization\" || lower === \"host\") return;\n    headers.set(key, value);\n  });\n  headers.set(\"Authorization\", `Bearer ${apiKey}`);\n\n  // Add provider keys from server env when not sent by client (BYOK for video/image)\n  if (!headers.has(\"X-Fal-Key\")) {\n    const falKey = process.env.VISGATE_FAL_KEY ?? process.env.FAL_KEY;\n    if (falKey) headers.set(\"X-Fal-Key\", falKey);\n  }\n  if (!headers.has(\"X-Replicate-Key\")) {\n    const replicateKey = process.env.VISGATE_REPLICATE_KEY ?? process.env.REPLICATE_API_TOKEN;\n    if (replicateKey) headers.set(\"X-Replicate-Key\", replicateKey);\n  }\n  if (!headers.has(\"X-Runway-Key\")) {\n    const runwayKey = process.env.VISGATE_RUNWAY_KEY ?? process.env.RUNWAY_API_KEY;\n    if (runwayKey) headers.set(\"X-Runway-Key\", runwayKey);\n  }\n\n  const body =\n    request.method !== \"GET\" && request.method !== \"HEAD\" ? await request.text() : undefined;\n  const timeoutMs = options.timeoutMs ?? DEFAULT_UPSTREAM_TIMEOUT_MS;\n  const controller = new AbortController();\n  const timeoutId = setTimeout(() => controller.abort(), timeoutMs);\n\n  let res: Response;\n  try {\n    res = await fetch(url + search, {\n      method: request.method,\n      headers,\n      body,\n      signal: controller.signal,\n    });\n  } catch (err) {\n    clearTimeout(timeoutId);\n    const message = err instanceof Error ? err.message : String(err);\n    const isTimeout = err instanceof Error && err.name === \"AbortError\";\n    return new Response(\n      JSON.stringify({\n        error: isTimeout ? \"GATEWAY_TIMEOUT\" : \"BAD_GATEWAY\",\n        message: isTimeout\n          ? `Upstream request timed out after ${timeoutMs}ms`\n          : `Upstream request failed: ${message}`,\n      }),\n      {\n        status: isTimeout ? 504 : 502,\n        headers: { \"Content-Type\": \"application/json\", ...corsHeaders(request) },\n      }\n    );\n  }\n  clearTimeout(timeoutId);\n\n  // res.text() decompresses automatically; do not forward Content-Encoding or\n  // the browser will try to decode again and fail with ERR_CONTENT_DECODING_FAILED.\n  const text = await res.text();\n  const resHeaders = new Headers();\n  res.headers.forEach((value, key) => {\n    const lower = key.toLowerCase();\n    if (lower === \"transfer-encoding\" || lower === \"content-encoding\" || lower === \"content-length\") return;\n    resHeaders.set(key, value);\n  });\n  Object.entries(corsHeaders(request)).forEach(([k, v]) => resHeaders.set(k, v));\n\n  return new Response(text, { status: res.status, headers: resHeaders });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACKA,IAAM,mBAAmB;AAGlB,IAAM,8BAA8B;AAa3C,SAAS,YAAY,SAA0C;AAC7D,QAAM,SAAS,QAAQ,QAAQ,IAAI,QAAQ;AAC3C,SAAO;AAAA,IACL,+BAA+B,UAAU;AAAA,IACzC,gCAAgC;AAAA,IAChC,gCAAgC;AAAA,EAClC;AACF;AAMA,eAAsB,eAAe,SAAkB,SAA0C;AAE/F,QAAM,aAAa,QAAQ,QAAQ,IAAI,eAAe;AACtD,QAAM,iBACJ,cAAc,cAAc,KAAK,UAAU,IAAI,WAAW,QAAQ,eAAe,EAAE,EAAE,KAAK,IAAI;AAChG,QAAM,SAAS,kBAAkB,QAAQ,UAAU,QAAQ,IAAI;AAC/D,MAAI,CAAC,QAAQ;AACX,WAAO,IAAI;AAAA,MACT,KAAK,UAAU,EAAE,OAAO,8DAA8D,CAAC;AAAA,MACvF;AAAA,QACE,QAAQ;AAAA,QACR,SAAS,EAAE,gBAAgB,oBAAoB,GAAG,YAAY,OAAO,EAAE;AAAA,MACzE;AAAA,IACF;AAAA,EACF;AAEA,QAAM,WAAW,QAAQ,WAAW,kBAAkB,QAAQ,OAAO,EAAE;AACvE,QAAM,UAAU,QAAQ,aAAa,KAAK,GAAG;AAC7C,QAAM,MAAM,GAAG,OAAO,IAAI,OAAO;AACjC,QAAM,SAAS,QAAQ,IAAI,SAAS,GAAG,IAAI,QAAQ,IAAI,MAAM,QAAQ,IAAI,QAAQ,GAAG,CAAC,IAAI;AAEzF,QAAM,UAAU,IAAI,QAAQ;AAC5B,UAAQ,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AACtC,UAAM,QAAQ,IAAI,YAAY;AAC9B,QAAI,UAAU,mBAAmB,UAAU,OAAQ;AACnD,YAAQ,IAAI,KAAK,KAAK;AAAA,EACxB,CAAC;AACD,UAAQ,IAAI,iBAAiB,UAAU,MAAM,EAAE;AAG/C,MAAI,CAAC,QAAQ,IAAI,WAAW,GAAG;AAC7B,UAAM,SAAS,QAAQ,IAAI,mBAAmB,QAAQ,IAAI;AAC1D,QAAI,OAAQ,SAAQ,IAAI,aAAa,MAAM;AAAA,EAC7C;AACA,MAAI,CAAC,QAAQ,IAAI,iBAAiB,GAAG;AACnC,UAAM,eAAe,QAAQ,IAAI,yBAAyB,QAAQ,IAAI;AACtE,QAAI,aAAc,SAAQ,IAAI,mBAAmB,YAAY;AAAA,EAC/D;AACA,MAAI,CAAC,QAAQ,IAAI,cAAc,GAAG;AAChC,UAAM,YAAY,QAAQ,IAAI,sBAAsB,QAAQ,IAAI;AAChE,QAAI,UAAW,SAAQ,IAAI,gBAAgB,SAAS;AAAA,EACtD;AAEA,QAAM,OACJ,QAAQ,WAAW,SAAS,QAAQ,WAAW,SAAS,MAAM,QAAQ,KAAK,IAAI;AACjF,QAAM,YAAY,QAAQ,aAAa;AACvC,QAAM,aAAa,IAAI,gBAAgB;AACvC,QAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,SAAS;AAEhE,MAAI;AACJ,MAAI;AACF,UAAM,MAAM,MAAM,MAAM,QAAQ;AAAA,MAC9B,QAAQ,QAAQ;AAAA,MAChB;AAAA,MACA;AAAA,MACA,QAAQ,WAAW;AAAA,IACrB,CAAC;AAAA,EACH,SAAS,KAAK;AACZ,iBAAa,SAAS;AACtB,UAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAC/D,UAAM,YAAY,eAAe,SAAS,IAAI,SAAS;AACvD,WAAO,IAAI;AAAA,MACT,KAAK,UAAU;AAAA,QACb,OAAO,YAAY,oBAAoB;AAAA,QACvC,SAAS,YACL,oCAAoC,SAAS,OAC7C,4BAA4B,OAAO;AAAA,MACzC,CAAC;AAAA,MACD;AAAA,QACE,QAAQ,YAAY,MAAM;AAAA,QAC1B,SAAS,EAAE,gBAAgB,oBAAoB,GAAG,YAAY,OAAO,EAAE;AAAA,MACzE;AAAA,IACF;AAAA,EACF;AACA,eAAa,SAAS;AAItB,QAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,QAAM,aAAa,IAAI,QAAQ;AAC/B,MAAI,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AAClC,UAAM,QAAQ,IAAI,YAAY;AAC9B,QAAI,UAAU,uBAAuB,UAAU,sBAAsB,UAAU,iBAAkB;AACjG,eAAW,IAAI,KAAK,KAAK;AAAA,EAC3B,CAAC;AACD,SAAO,QAAQ,YAAY,OAAO,CAAC,EAAE,QAAQ,CAAC,CAAC,GAAG,CAAC,MAAM,WAAW,IAAI,GAAG,CAAC,CAAC;AAE7E,SAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,QAAQ,SAAS,WAAW,CAAC;AACvE;","names":[]}

package/dist/index.mjs

@@ -0,0 +1,90 @@
+// src/proxy.ts
+var DEFAULT_BASE_URL = "https://visgateai.com/api/v1";
+var DEFAULT_UPSTREAM_TIMEOUT_MS = 3e5;
+function corsHeaders(request) {
+  const origin = request.headers.get("origin");
+  return {
+    "Access-Control-Allow-Origin": origin || "*",
+    "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
+    "Access-Control-Allow-Headers": "Content-Type, Authorization"
+  };
+}
+async function proxyToVisgate(request, options) {
+  const authHeader = request.headers.get("Authorization");
+  const keyFromRequest = authHeader && /^Bearer\s+/i.test(authHeader) ? authHeader.replace(/^Bearer\s+/i, "").trim() : null;
+  const apiKey = keyFromRequest ?? options.apiKey ?? process.env.VISGATE_API_KEY;
+  if (!apiKey) {
+    return new Response(
+      JSON.stringify({ error: "VISGATE_API_KEY not set on server and no API key in request" }),
+      {
+        status: 500,
+        headers: { "Content-Type": "application/json", ...corsHeaders(request) }
+      }
+    );
+  }
+  const baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\/$/, "");
+  const pathStr = options.pathSegments.join("/");
+  const url = `${baseUrl}/${pathStr}`;
+  const search = request.url.includes("?") ? request.url.slice(request.url.indexOf("?")) : "";
+  const headers = new Headers();
+  request.headers.forEach((value, key) => {
+    const lower = key.toLowerCase();
+    if (lower === "authorization" || lower === "host") return;
+    headers.set(key, value);
+  });
+  headers.set("Authorization", `Bearer ${apiKey}`);
+  if (!headers.has("X-Fal-Key")) {
+    const falKey = process.env.VISGATE_FAL_KEY ?? process.env.FAL_KEY;
+    if (falKey) headers.set("X-Fal-Key", falKey);
+  }
+  if (!headers.has("X-Replicate-Key")) {
+    const replicateKey = process.env.VISGATE_REPLICATE_KEY ?? process.env.REPLICATE_API_TOKEN;
+    if (replicateKey) headers.set("X-Replicate-Key", replicateKey);
+  }
+  if (!headers.has("X-Runway-Key")) {
+    const runwayKey = process.env.VISGATE_RUNWAY_KEY ?? process.env.RUNWAY_API_KEY;
+    if (runwayKey) headers.set("X-Runway-Key", runwayKey);
+  }
+  const body = request.method !== "GET" && request.method !== "HEAD" ? await request.text() : void 0;
+  const timeoutMs = options.timeoutMs ?? DEFAULT_UPSTREAM_TIMEOUT_MS;
+  const controller = new AbortController();
+  const timeoutId = setTimeout(() => controller.abort(), timeoutMs);
+  let res;
+  try {
+    res = await fetch(url + search, {
+      method: request.method,
+      headers,
+      body,
+      signal: controller.signal
+    });
+  } catch (err) {
+    clearTimeout(timeoutId);
+    const message = err instanceof Error ? err.message : String(err);
+    const isTimeout = err instanceof Error && err.name === "AbortError";
+    return new Response(
+      JSON.stringify({
+        error: isTimeout ? "GATEWAY_TIMEOUT" : "BAD_GATEWAY",
+        message: isTimeout ? `Upstream request timed out after ${timeoutMs}ms` : `Upstream request failed: ${message}`
+      }),
+      {
+        status: isTimeout ? 504 : 502,
+        headers: { "Content-Type": "application/json", ...corsHeaders(request) }
+      }
+    );
+  }
+  clearTimeout(timeoutId);
+  const text = await res.text();
+  const resHeaders = new Headers();
+  res.headers.forEach((value, key) => {
+    const lower = key.toLowerCase();
+    if (lower === "transfer-encoding" || lower === "content-encoding" || lower === "content-length") return;
+    resHeaders.set(key, value);
+  });
+  Object.entries(corsHeaders(request)).forEach(([k, v]) => resHeaders.set(k, v));
+  return new Response(text, { status: res.status, headers: resHeaders });
+}
+export {
+  DEFAULT_UPSTREAM_TIMEOUT_MS,
+  proxyToVisgate
+};
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/proxy.ts"],"sourcesContent":["/**\n * Framework-agnostic proxy: forward Request to Visgate and return Response.\n * Uses VISGATE_API_KEY (or options.apiKey) on the server; no key is sent from the client.\n */\n\nconst DEFAULT_BASE_URL = \"https://visgateai.com/api/v1\";\n\n/** Default upstream request timeout (5 min). Use for long-running calls like video generation. */\nexport const DEFAULT_UPSTREAM_TIMEOUT_MS = 300_000;\n\nexport interface ProxyOptions {\n  /** API key (default: process.env.VISGATE_API_KEY) */\n  apiKey?: string;\n  /** Visgate API base URL (default: https://visgateai.com/api/v1) */\n  baseUrl?: string;\n  /** Path segments to append to baseUrl (e.g. [\"health\"] or [\"images\", \"generate\"]) */\n  pathSegments: string[];\n  /** Timeout in ms for the request to Visgate (default: 300000). Set higher for very long video jobs. */\n  timeoutMs?: number;\n}\n\nfunction corsHeaders(request: Request): Record<string, string> {\n  const origin = request.headers.get(\"origin\");\n  return {\n    \"Access-Control-Allow-Origin\": origin || \"*\",\n    \"Access-Control-Allow-Methods\": \"GET, POST, PUT, DELETE, OPTIONS\",\n    \"Access-Control-Allow-Headers\": \"Content-Type, Authorization\",\n  };\n}\n\n/**\n * Forward the incoming request to Visgate and return the response.\n * Call this from your framework (Next.js, Express, etc.) with the request and path.\n */\nexport async function proxyToVisgate(request: Request, options: ProxyOptions): Promise<Response> {\n  // Use API key from request (client sends it when using proxy + apiKey), then options, then env\n  const authHeader = request.headers.get(\"Authorization\");\n  const keyFromRequest =\n    authHeader && /^Bearer\\s+/i.test(authHeader) ? authHeader.replace(/^Bearer\\s+/i, \"\").trim() : null;\n  const apiKey = keyFromRequest ?? options.apiKey ?? process.env.VISGATE_API_KEY;\n  if (!apiKey) {\n    return new Response(\n      JSON.stringify({ error: \"VISGATE_API_KEY not set on server and no API key in request\" }),\n      {\n        status: 500,\n        headers: { \"Content-Type\": \"application/json\", ...corsHeaders(request) },\n      }\n    );\n  }\n\n  const baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\\/$/, \"\");\n  const pathStr = options.pathSegments.join(\"/\");\n  const url = `${baseUrl}/${pathStr}`;\n  const search = request.url.includes(\"?\") ? request.url.slice(request.url.indexOf(\"?\")) : \"\";\n\n  const headers = new Headers();\n  request.headers.forEach((value, key) => {\n    const lower = key.toLowerCase();\n    if (lower === \"authorization\" || lower === \"host\") return;\n    headers.set(key, value);\n  });\n  headers.set(\"Authorization\", `Bearer ${apiKey}`);\n\n  // Add provider keys from server env when not sent by client (BYOK for video/image)\n  if (!headers.has(\"X-Fal-Key\")) {\n    const falKey = process.env.VISGATE_FAL_KEY ?? process.env.FAL_KEY;\n    if (falKey) headers.set(\"X-Fal-Key\", falKey);\n  }\n  if (!headers.has(\"X-Replicate-Key\")) {\n    const replicateKey = process.env.VISGATE_REPLICATE_KEY ?? process.env.REPLICATE_API_TOKEN;\n    if (replicateKey) headers.set(\"X-Replicate-Key\", replicateKey);\n  }\n  if (!headers.has(\"X-Runway-Key\")) {\n    const runwayKey = process.env.VISGATE_RUNWAY_KEY ?? process.env.RUNWAY_API_KEY;\n    if (runwayKey) headers.set(\"X-Runway-Key\", runwayKey);\n  }\n\n  const body =\n    request.method !== \"GET\" && request.method !== \"HEAD\" ? await request.text() : undefined;\n  const timeoutMs = options.timeoutMs ?? DEFAULT_UPSTREAM_TIMEOUT_MS;\n  const controller = new AbortController();\n  const timeoutId = setTimeout(() => controller.abort(), timeoutMs);\n\n  let res: Response;\n  try {\n    res = await fetch(url + search, {\n      method: request.method,\n      headers,\n      body,\n      signal: controller.signal,\n    });\n  } catch (err) {\n    clearTimeout(timeoutId);\n    const message = err instanceof Error ? err.message : String(err);\n    const isTimeout = err instanceof Error && err.name === \"AbortError\";\n    return new Response(\n      JSON.stringify({\n        error: isTimeout ? \"GATEWAY_TIMEOUT\" : \"BAD_GATEWAY\",\n        message: isTimeout\n          ? `Upstream request timed out after ${timeoutMs}ms`\n          : `Upstream request failed: ${message}`,\n      }),\n      {\n        status: isTimeout ? 504 : 502,\n        headers: { \"Content-Type\": \"application/json\", ...corsHeaders(request) },\n      }\n    );\n  }\n  clearTimeout(timeoutId);\n\n  // res.text() decompresses automatically; do not forward Content-Encoding or\n  // the browser will try to decode again and fail with ERR_CONTENT_DECODING_FAILED.\n  const text = await res.text();\n  const resHeaders = new Headers();\n  res.headers.forEach((value, key) => {\n    const lower = key.toLowerCase();\n    if (lower === \"transfer-encoding\" || lower === \"content-encoding\" || lower === \"content-length\") return;\n    resHeaders.set(key, value);\n  });\n  Object.entries(corsHeaders(request)).forEach(([k, v]) => resHeaders.set(k, v));\n\n  return new Response(text, { status: res.status, headers: resHeaders });\n}\n"],"mappings":";AAKA,IAAM,mBAAmB;AAGlB,IAAM,8BAA8B;AAa3C,SAAS,YAAY,SAA0C;AAC7D,QAAM,SAAS,QAAQ,QAAQ,IAAI,QAAQ;AAC3C,SAAO;AAAA,IACL,+BAA+B,UAAU;AAAA,IACzC,gCAAgC;AAAA,IAChC,gCAAgC;AAAA,EAClC;AACF;AAMA,eAAsB,eAAe,SAAkB,SAA0C;AAE/F,QAAM,aAAa,QAAQ,QAAQ,IAAI,eAAe;AACtD,QAAM,iBACJ,cAAc,cAAc,KAAK,UAAU,IAAI,WAAW,QAAQ,eAAe,EAAE,EAAE,KAAK,IAAI;AAChG,QAAM,SAAS,kBAAkB,QAAQ,UAAU,QAAQ,IAAI;AAC/D,MAAI,CAAC,QAAQ;AACX,WAAO,IAAI;AAAA,MACT,KAAK,UAAU,EAAE,OAAO,8DAA8D,CAAC;AAAA,MACvF;AAAA,QACE,QAAQ;AAAA,QACR,SAAS,EAAE,gBAAgB,oBAAoB,GAAG,YAAY,OAAO,EAAE;AAAA,MACzE;AAAA,IACF;AAAA,EACF;AAEA,QAAM,WAAW,QAAQ,WAAW,kBAAkB,QAAQ,OAAO,EAAE;AACvE,QAAM,UAAU,QAAQ,aAAa,KAAK,GAAG;AAC7C,QAAM,MAAM,GAAG,OAAO,IAAI,OAAO;AACjC,QAAM,SAAS,QAAQ,IAAI,SAAS,GAAG,IAAI,QAAQ,IAAI,MAAM,QAAQ,IAAI,QAAQ,GAAG,CAAC,IAAI;AAEzF,QAAM,UAAU,IAAI,QAAQ;AAC5B,UAAQ,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AACtC,UAAM,QAAQ,IAAI,YAAY;AAC9B,QAAI,UAAU,mBAAmB,UAAU,OAAQ;AACnD,YAAQ,IAAI,KAAK,KAAK;AAAA,EACxB,CAAC;AACD,UAAQ,IAAI,iBAAiB,UAAU,MAAM,EAAE;AAG/C,MAAI,CAAC,QAAQ,IAAI,WAAW,GAAG;AAC7B,UAAM,SAAS,QAAQ,IAAI,mBAAmB,QAAQ,IAAI;AAC1D,QAAI,OAAQ,SAAQ,IAAI,aAAa,MAAM;AAAA,EAC7C;AACA,MAAI,CAAC,QAAQ,IAAI,iBAAiB,GAAG;AACnC,UAAM,eAAe,QAAQ,IAAI,yBAAyB,QAAQ,IAAI;AACtE,QAAI,aAAc,SAAQ,IAAI,mBAAmB,YAAY;AAAA,EAC/D;AACA,MAAI,CAAC,QAAQ,IAAI,cAAc,GAAG;AAChC,UAAM,YAAY,QAAQ,IAAI,sBAAsB,QAAQ,IAAI;AAChE,QAAI,UAAW,SAAQ,IAAI,gBAAgB,SAAS;AAAA,EACtD;AAEA,QAAM,OACJ,QAAQ,WAAW,SAAS,QAAQ,WAAW,SAAS,MAAM,QAAQ,KAAK,IAAI;AACjF,QAAM,YAAY,QAAQ,aAAa;AACvC,QAAM,aAAa,IAAI,gBAAgB;AACvC,QAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,SAAS;AAEhE,MAAI;AACJ,MAAI;AACF,UAAM,MAAM,MAAM,MAAM,QAAQ;AAAA,MAC9B,QAAQ,QAAQ;AAAA,MAChB;AAAA,MACA;AAAA,MACA,QAAQ,WAAW;AAAA,IACrB,CAAC;AAAA,EACH,SAAS,KAAK;AACZ,iBAAa,SAAS;AACtB,UAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAC/D,UAAM,YAAY,eAAe,SAAS,IAAI,SAAS;AACvD,WAAO,IAAI;AAAA,MACT,KAAK,UAAU;AAAA,QACb,OAAO,YAAY,oBAAoB;AAAA,QACvC,SAAS,YACL,oCAAoC,SAAS,OAC7C,4BAA4B,OAAO;AAAA,MACzC,CAAC;AAAA,MACD;AAAA,QACE,QAAQ,YAAY,MAAM;AAAA,QAC1B,SAAS,EAAE,gBAAgB,oBAAoB,GAAG,YAAY,OAAO,EAAE;AAAA,MACzE;AAAA,IACF;AAAA,EACF;AACA,eAAa,SAAS;AAItB,QAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,QAAM,aAAa,IAAI,QAAQ;AAC/B,MAAI,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AAClC,UAAM,QAAQ,IAAI,YAAY;AAC9B,QAAI,UAAU,uBAAuB,UAAU,sBAAsB,UAAU,iBAAkB;AACjG,eAAW,IAAI,KAAK,KAAK;AAAA,EAC3B,CAAC;AACD,SAAO,QAAQ,YAAY,OAAO,CAAC,EAAE,QAAQ,CAAC,CAAC,GAAG,CAAC,MAAM,WAAW,IAAI,GAAG,CAAC,CAAC;AAE7E,SAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,QAAQ,SAAS,WAAW,CAAC;AACvE;","names":[]}

package/dist/next.d.mts

@@ -0,0 +1,17 @@
+/**
+ * Next.js App Router handlers for Visgate proxy.
+ * Use in app/api/visgate/[...path]/route.ts:
+ *   export { GET, POST, PUT, DELETE, OPTIONS } from "@visgate-ai/server-proxy/next";
+ */
+type NextContext = {
+    params: Promise<{
+        path: string[];
+    }>;
+};
+declare function GET(request: Request, context: NextContext): Promise<Response>;
+declare function POST(request: Request, context: NextContext): Promise<Response>;
+declare function PUT(request: Request, context: NextContext): Promise<Response>;
+declare function DELETE(request: Request, context: NextContext): Promise<Response>;
+declare function OPTIONS(): Response;
+
+export { DELETE, GET, OPTIONS, POST, PUT };

package/dist/next.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Next.js App Router handlers for Visgate proxy.
+ * Use in app/api/visgate/[...path]/route.ts:
+ *   export { GET, POST, PUT, DELETE, OPTIONS } from "@visgate-ai/server-proxy/next";
+ */
+type NextContext = {
+    params: Promise<{
+        path: string[];
+    }>;
+};
+declare function GET(request: Request, context: NextContext): Promise<Response>;
+declare function POST(request: Request, context: NextContext): Promise<Response>;
+declare function PUT(request: Request, context: NextContext): Promise<Response>;
+declare function DELETE(request: Request, context: NextContext): Promise<Response>;
+declare function OPTIONS(): Response;
+
+export { DELETE, GET, OPTIONS, POST, PUT };

package/dist/next.js

@@ -0,0 +1,150 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/next.ts
+var next_exports = {};
+__export(next_exports, {
+  DELETE: () => DELETE,
+  GET: () => GET,
+  OPTIONS: () => OPTIONS,
+  POST: () => POST,
+  PUT: () => PUT
+});
+module.exports = __toCommonJS(next_exports);
+
+// src/proxy.ts
+var DEFAULT_BASE_URL = "https://visgateai.com/api/v1";
+var DEFAULT_UPSTREAM_TIMEOUT_MS = 3e5;
+function corsHeaders(request) {
+  const origin = request.headers.get("origin");
+  return {
+    "Access-Control-Allow-Origin": origin || "*",
+    "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
+    "Access-Control-Allow-Headers": "Content-Type, Authorization"
+  };
+}
+async function proxyToVisgate(request, options) {
+  const authHeader = request.headers.get("Authorization");
+  const keyFromRequest = authHeader && /^Bearer\s+/i.test(authHeader) ? authHeader.replace(/^Bearer\s+/i, "").trim() : null;
+  const apiKey = keyFromRequest ?? options.apiKey ?? process.env.VISGATE_API_KEY;
+  if (!apiKey) {
+    return new Response(
+      JSON.stringify({ error: "VISGATE_API_KEY not set on server and no API key in request" }),
+      {
+        status: 500,
+        headers: { "Content-Type": "application/json", ...corsHeaders(request) }
+      }
+    );
+  }
+  const baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\/$/, "");
+  const pathStr = options.pathSegments.join("/");
+  const url = `${baseUrl}/${pathStr}`;
+  const search = request.url.includes("?") ? request.url.slice(request.url.indexOf("?")) : "";
+  const headers = new Headers();
+  request.headers.forEach((value, key) => {
+    const lower = key.toLowerCase();
+    if (lower === "authorization" || lower === "host") return;
+    headers.set(key, value);
+  });
+  headers.set("Authorization", `Bearer ${apiKey}`);
+  if (!headers.has("X-Fal-Key")) {
+    const falKey = process.env.VISGATE_FAL_KEY ?? process.env.FAL_KEY;
+    if (falKey) headers.set("X-Fal-Key", falKey);
+  }
+  if (!headers.has("X-Replicate-Key")) {
+    const replicateKey = process.env.VISGATE_REPLICATE_KEY ?? process.env.REPLICATE_API_TOKEN;
+    if (replicateKey) headers.set("X-Replicate-Key", replicateKey);
+  }
+  if (!headers.has("X-Runway-Key")) {
+    const runwayKey = process.env.VISGATE_RUNWAY_KEY ?? process.env.RUNWAY_API_KEY;
+    if (runwayKey) headers.set("X-Runway-Key", runwayKey);
+  }
+  const body = request.method !== "GET" && request.method !== "HEAD" ? await request.text() : void 0;
+  const timeoutMs = options.timeoutMs ?? DEFAULT_UPSTREAM_TIMEOUT_MS;
+  const controller = new AbortController();
+  const timeoutId = setTimeout(() => controller.abort(), timeoutMs);
+  let res;
+  try {
+    res = await fetch(url + search, {
+      method: request.method,
+      headers,
+      body,
+      signal: controller.signal
+    });
+  } catch (err) {
+    clearTimeout(timeoutId);
+    const message = err instanceof Error ? err.message : String(err);
+    const isTimeout = err instanceof Error && err.name === "AbortError";
+    return new Response(
+      JSON.stringify({
+        error: isTimeout ? "GATEWAY_TIMEOUT" : "BAD_GATEWAY",
+        message: isTimeout ? `Upstream request timed out after ${timeoutMs}ms` : `Upstream request failed: ${message}`
+      }),
+      {
+        status: isTimeout ? 504 : 502,
+        headers: { "Content-Type": "application/json", ...corsHeaders(request) }
+      }
+    );
+  }
+  clearTimeout(timeoutId);
+  const text = await res.text();
+  const resHeaders = new Headers();
+  res.headers.forEach((value, key) => {
+    const lower = key.toLowerCase();
+    if (lower === "transfer-encoding" || lower === "content-encoding" || lower === "content-length") return;
+    resHeaders.set(key, value);
+  });
+  Object.entries(corsHeaders(request)).forEach(([k, v]) => resHeaders.set(k, v));
+  return new Response(text, { status: res.status, headers: resHeaders });
+}
+
+// src/next.ts
+async function handle(request, context) {
+  const { path } = await context.params;
+  return proxyToVisgate(request, { pathSegments: path });
+}
+var CORS_HEADERS = {
+  "Access-Control-Allow-Origin": "*",
+  "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
+  "Access-Control-Allow-Headers": "Content-Type, Authorization"
+};
+function GET(request, context) {
+  return handle(request, context);
+}
+function POST(request, context) {
+  return handle(request, context);
+}
+function PUT(request, context) {
+  return handle(request, context);
+}
+function DELETE(request, context) {
+  return handle(request, context);
+}
+function OPTIONS() {
+  return new Response(null, { status: 204, headers: CORS_HEADERS });
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  DELETE,
+  GET,
+  OPTIONS,
+  POST,
+  PUT
+});
+//# sourceMappingURL=next.js.map

package/dist/next.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/next.ts","../src/proxy.ts"],"sourcesContent":["/**\n * Next.js App Router handlers for Visgate proxy.\n * Use in app/api/visgate/[...path]/route.ts:\n *   export { GET, POST, PUT, DELETE, OPTIONS } from \"@visgate-ai/server-proxy/next\";\n */\n\nimport { proxyToVisgate } from \"./proxy\";\n\ntype NextContext = { params: Promise<{ path: string[] }> };\n\nasync function handle(request: Request, context: NextContext): Promise<Response> {\n  const { path } = await context.params;\n  return proxyToVisgate(request, { pathSegments: path });\n}\n\nconst CORS_HEADERS = {\n  \"Access-Control-Allow-Origin\": \"*\",\n  \"Access-Control-Allow-Methods\": \"GET, POST, PUT, DELETE, OPTIONS\",\n  \"Access-Control-Allow-Headers\": \"Content-Type, Authorization\",\n};\n\nexport function GET(request: Request, context: NextContext): Promise<Response> {\n  return handle(request, context);\n}\n\nexport function POST(request: Request, context: NextContext): Promise<Response> {\n  return handle(request, context);\n}\n\nexport function PUT(request: Request, context: NextContext): Promise<Response> {\n  return handle(request, context);\n}\n\nexport function DELETE(request: Request, context: NextContext): Promise<Response> {\n  return handle(request, context);\n}\n\nexport function OPTIONS(): Response {\n  return new Response(null, { status: 204, headers: CORS_HEADERS });\n}\n","/**\n * Framework-agnostic proxy: forward Request to Visgate and return Response.\n * Uses VISGATE_API_KEY (or options.apiKey) on the server; no key is sent from the client.\n */\n\nconst DEFAULT_BASE_URL = \"https://visgateai.com/api/v1\";\n\n/** Default upstream request timeout (5 min). Use for long-running calls like video generation. */\nexport const DEFAULT_UPSTREAM_TIMEOUT_MS = 300_000;\n\nexport interface ProxyOptions {\n  /** API key (default: process.env.VISGATE_API_KEY) */\n  apiKey?: string;\n  /** Visgate API base URL (default: https://visgateai.com/api/v1) */\n  baseUrl?: string;\n  /** Path segments to append to baseUrl (e.g. [\"health\"] or [\"images\", \"generate\"]) */\n  pathSegments: string[];\n  /** Timeout in ms for the request to Visgate (default: 300000). Set higher for very long video jobs. */\n  timeoutMs?: number;\n}\n\nfunction corsHeaders(request: Request): Record<string, string> {\n  const origin = request.headers.get(\"origin\");\n  return {\n    \"Access-Control-Allow-Origin\": origin || \"*\",\n    \"Access-Control-Allow-Methods\": \"GET, POST, PUT, DELETE, OPTIONS\",\n    \"Access-Control-Allow-Headers\": \"Content-Type, Authorization\",\n  };\n}\n\n/**\n * Forward the incoming request to Visgate and return the response.\n * Call this from your framework (Next.js, Express, etc.) with the request and path.\n */\nexport async function proxyToVisgate(request: Request, options: ProxyOptions): Promise<Response> {\n  // Use API key from request (client sends it when using proxy + apiKey), then options, then env\n  const authHeader = request.headers.get(\"Authorization\");\n  const keyFromRequest =\n    authHeader && /^Bearer\\s+/i.test(authHeader) ? authHeader.replace(/^Bearer\\s+/i, \"\").trim() : null;\n  const apiKey = keyFromRequest ?? options.apiKey ?? process.env.VISGATE_API_KEY;\n  if (!apiKey) {\n    return new Response(\n      JSON.stringify({ error: \"VISGATE_API_KEY not set on server and no API key in request\" }),\n      {\n        status: 500,\n        headers: { \"Content-Type\": \"application/json\", ...corsHeaders(request) },\n      }\n    );\n  }\n\n  const baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\\/$/, \"\");\n  const pathStr = options.pathSegments.join(\"/\");\n  const url = `${baseUrl}/${pathStr}`;\n  const search = request.url.includes(\"?\") ? request.url.slice(request.url.indexOf(\"?\")) : \"\";\n\n  const headers = new Headers();\n  request.headers.forEach((value, key) => {\n    const lower = key.toLowerCase();\n    if (lower === \"authorization\" || lower === \"host\") return;\n    headers.set(key, value);\n  });\n  headers.set(\"Authorization\", `Bearer ${apiKey}`);\n\n  // Add provider keys from server env when not sent by client (BYOK for video/image)\n  if (!headers.has(\"X-Fal-Key\")) {\n    const falKey = process.env.VISGATE_FAL_KEY ?? process.env.FAL_KEY;\n    if (falKey) headers.set(\"X-Fal-Key\", falKey);\n  }\n  if (!headers.has(\"X-Replicate-Key\")) {\n    const replicateKey = process.env.VISGATE_REPLICATE_KEY ?? process.env.REPLICATE_API_TOKEN;\n    if (replicateKey) headers.set(\"X-Replicate-Key\", replicateKey);\n  }\n  if (!headers.has(\"X-Runway-Key\")) {\n    const runwayKey = process.env.VISGATE_RUNWAY_KEY ?? process.env.RUNWAY_API_KEY;\n    if (runwayKey) headers.set(\"X-Runway-Key\", runwayKey);\n  }\n\n  const body =\n    request.method !== \"GET\" && request.method !== \"HEAD\" ? await request.text() : undefined;\n  const timeoutMs = options.timeoutMs ?? DEFAULT_UPSTREAM_TIMEOUT_MS;\n  const controller = new AbortController();\n  const timeoutId = setTimeout(() => controller.abort(), timeoutMs);\n\n  let res: Response;\n  try {\n    res = await fetch(url + search, {\n      method: request.method,\n      headers,\n      body,\n      signal: controller.signal,\n    });\n  } catch (err) {\n    clearTimeout(timeoutId);\n    const message = err instanceof Error ? err.message : String(err);\n    const isTimeout = err instanceof Error && err.name === \"AbortError\";\n    return new Response(\n      JSON.stringify({\n        error: isTimeout ? \"GATEWAY_TIMEOUT\" : \"BAD_GATEWAY\",\n        message: isTimeout\n          ? `Upstream request timed out after ${timeoutMs}ms`\n          : `Upstream request failed: ${message}`,\n      }),\n      {\n        status: isTimeout ? 504 : 502,\n        headers: { \"Content-Type\": \"application/json\", ...corsHeaders(request) },\n      }\n    );\n  }\n  clearTimeout(timeoutId);\n\n  // res.text() decompresses automatically; do not forward Content-Encoding or\n  // the browser will try to decode again and fail with ERR_CONTENT_DECODING_FAILED.\n  const text = await res.text();\n  const resHeaders = new Headers();\n  res.headers.forEach((value, key) => {\n    const lower = key.toLowerCase();\n    if (lower === \"transfer-encoding\" || lower === \"content-encoding\" || lower === \"content-length\") return;\n    resHeaders.set(key, value);\n  });\n  Object.entries(corsHeaders(request)).forEach(([k, v]) => resHeaders.set(k, v));\n\n  return new Response(text, { status: res.status, headers: resHeaders });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACKA,IAAM,mBAAmB;AAGlB,IAAM,8BAA8B;AAa3C,SAAS,YAAY,SAA0C;AAC7D,QAAM,SAAS,QAAQ,QAAQ,IAAI,QAAQ;AAC3C,SAAO;AAAA,IACL,+BAA+B,UAAU;AAAA,IACzC,gCAAgC;AAAA,IAChC,gCAAgC;AAAA,EAClC;AACF;AAMA,eAAsB,eAAe,SAAkB,SAA0C;AAE/F,QAAM,aAAa,QAAQ,QAAQ,IAAI,eAAe;AACtD,QAAM,iBACJ,cAAc,cAAc,KAAK,UAAU,IAAI,WAAW,QAAQ,eAAe,EAAE,EAAE,KAAK,IAAI;AAChG,QAAM,SAAS,kBAAkB,QAAQ,UAAU,QAAQ,IAAI;AAC/D,MAAI,CAAC,QAAQ;AACX,WAAO,IAAI;AAAA,MACT,KAAK,UAAU,EAAE,OAAO,8DAA8D,CAAC;AAAA,MACvF;AAAA,QACE,QAAQ;AAAA,QACR,SAAS,EAAE,gBAAgB,oBAAoB,GAAG,YAAY,OAAO,EAAE;AAAA,MACzE;AAAA,IACF;AAAA,EACF;AAEA,QAAM,WAAW,QAAQ,WAAW,kBAAkB,QAAQ,OAAO,EAAE;AACvE,QAAM,UAAU,QAAQ,aAAa,KAAK,GAAG;AAC7C,QAAM,MAAM,GAAG,OAAO,IAAI,OAAO;AACjC,QAAM,SAAS,QAAQ,IAAI,SAAS,GAAG,IAAI,QAAQ,IAAI,MAAM,QAAQ,IAAI,QAAQ,GAAG,CAAC,IAAI;AAEzF,QAAM,UAAU,IAAI,QAAQ;AAC5B,UAAQ,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AACtC,UAAM,QAAQ,IAAI,YAAY;AAC9B,QAAI,UAAU,mBAAmB,UAAU,OAAQ;AACnD,YAAQ,IAAI,KAAK,KAAK;AAAA,EACxB,CAAC;AACD,UAAQ,IAAI,iBAAiB,UAAU,MAAM,EAAE;AAG/C,MAAI,CAAC,QAAQ,IAAI,WAAW,GAAG;AAC7B,UAAM,SAAS,QAAQ,IAAI,mBAAmB,QAAQ,IAAI;AAC1D,QAAI,OAAQ,SAAQ,IAAI,aAAa,MAAM;AAAA,EAC7C;AACA,MAAI,CAAC,QAAQ,IAAI,iBAAiB,GAAG;AACnC,UAAM,eAAe,QAAQ,IAAI,yBAAyB,QAAQ,IAAI;AACtE,QAAI,aAAc,SAAQ,IAAI,mBAAmB,YAAY;AAAA,EAC/D;AACA,MAAI,CAAC,QAAQ,IAAI,cAAc,GAAG;AAChC,UAAM,YAAY,QAAQ,IAAI,sBAAsB,QAAQ,IAAI;AAChE,QAAI,UAAW,SAAQ,IAAI,gBAAgB,SAAS;AAAA,EACtD;AAEA,QAAM,OACJ,QAAQ,WAAW,SAAS,QAAQ,WAAW,SAAS,MAAM,QAAQ,KAAK,IAAI;AACjF,QAAM,YAAY,QAAQ,aAAa;AACvC,QAAM,aAAa,IAAI,gBAAgB;AACvC,QAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,SAAS;AAEhE,MAAI;AACJ,MAAI;AACF,UAAM,MAAM,MAAM,MAAM,QAAQ;AAAA,MAC9B,QAAQ,QAAQ;AAAA,MAChB;AAAA,MACA;AAAA,MACA,QAAQ,WAAW;AAAA,IACrB,CAAC;AAAA,EACH,SAAS,KAAK;AACZ,iBAAa,SAAS;AACtB,UAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAC/D,UAAM,YAAY,eAAe,SAAS,IAAI,SAAS;AACvD,WAAO,IAAI;AAAA,MACT,KAAK,UAAU;AAAA,QACb,OAAO,YAAY,oBAAoB;AAAA,QACvC,SAAS,YACL,oCAAoC,SAAS,OAC7C,4BAA4B,OAAO;AAAA,MACzC,CAAC;AAAA,MACD;AAAA,QACE,QAAQ,YAAY,MAAM;AAAA,QAC1B,SAAS,EAAE,gBAAgB,oBAAoB,GAAG,YAAY,OAAO,EAAE;AAAA,MACzE;AAAA,IACF;AAAA,EACF;AACA,eAAa,SAAS;AAItB,QAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,QAAM,aAAa,IAAI,QAAQ;AAC/B,MAAI,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AAClC,UAAM,QAAQ,IAAI,YAAY;AAC9B,QAAI,UAAU,uBAAuB,UAAU,sBAAsB,UAAU,iBAAkB;AACjG,eAAW,IAAI,KAAK,KAAK;AAAA,EAC3B,CAAC;AACD,SAAO,QAAQ,YAAY,OAAO,CAAC,EAAE,QAAQ,CAAC,CAAC,GAAG,CAAC,MAAM,WAAW,IAAI,GAAG,CAAC,CAAC;AAE7E,SAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,QAAQ,SAAS,WAAW,CAAC;AACvE;;;ADhHA,eAAe,OAAO,SAAkB,SAAyC;AAC/E,QAAM,EAAE,KAAK,IAAI,MAAM,QAAQ;AAC/B,SAAO,eAAe,SAAS,EAAE,cAAc,KAAK,CAAC;AACvD;AAEA,IAAM,eAAe;AAAA,EACnB,+BAA+B;AAAA,EAC/B,gCAAgC;AAAA,EAChC,gCAAgC;AAClC;AAEO,SAAS,IAAI,SAAkB,SAAyC;AAC7E,SAAO,OAAO,SAAS,OAAO;AAChC;AAEO,SAAS,KAAK,SAAkB,SAAyC;AAC9E,SAAO,OAAO,SAAS,OAAO;AAChC;AAEO,SAAS,IAAI,SAAkB,SAAyC;AAC7E,SAAO,OAAO,SAAS,OAAO;AAChC;AAEO,SAAS,OAAO,SAAkB,SAAyC;AAChF,SAAO,OAAO,SAAS,OAAO;AAChC;AAEO,SAAS,UAAoB;AAClC,SAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAS,aAAa,CAAC;AAClE;","names":[]}

package/dist/next.mjs

@@ -0,0 +1,119 @@
+// src/proxy.ts
+var DEFAULT_BASE_URL = "https://visgateai.com/api/v1";
+var DEFAULT_UPSTREAM_TIMEOUT_MS = 3e5;
+function corsHeaders(request) {
+  const origin = request.headers.get("origin");
+  return {
+    "Access-Control-Allow-Origin": origin || "*",
+    "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
+    "Access-Control-Allow-Headers": "Content-Type, Authorization"
+  };
+}
+async function proxyToVisgate(request, options) {
+  const authHeader = request.headers.get("Authorization");
+  const keyFromRequest = authHeader && /^Bearer\s+/i.test(authHeader) ? authHeader.replace(/^Bearer\s+/i, "").trim() : null;
+  const apiKey = keyFromRequest ?? options.apiKey ?? process.env.VISGATE_API_KEY;
+  if (!apiKey) {
+    return new Response(
+      JSON.stringify({ error: "VISGATE_API_KEY not set on server and no API key in request" }),
+      {
+        status: 500,
+        headers: { "Content-Type": "application/json", ...corsHeaders(request) }
+      }
+    );
+  }
+  const baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\/$/, "");
+  const pathStr = options.pathSegments.join("/");
+  const url = `${baseUrl}/${pathStr}`;
+  const search = request.url.includes("?") ? request.url.slice(request.url.indexOf("?")) : "";
+  const headers = new Headers();
+  request.headers.forEach((value, key) => {
+    const lower = key.toLowerCase();
+    if (lower === "authorization" || lower === "host") return;
+    headers.set(key, value);
+  });
+  headers.set("Authorization", `Bearer ${apiKey}`);
+  if (!headers.has("X-Fal-Key")) {
+    const falKey = process.env.VISGATE_FAL_KEY ?? process.env.FAL_KEY;
+    if (falKey) headers.set("X-Fal-Key", falKey);
+  }
+  if (!headers.has("X-Replicate-Key")) {
+    const replicateKey = process.env.VISGATE_REPLICATE_KEY ?? process.env.REPLICATE_API_TOKEN;
+    if (replicateKey) headers.set("X-Replicate-Key", replicateKey);
+  }
+  if (!headers.has("X-Runway-Key")) {
+    const runwayKey = process.env.VISGATE_RUNWAY_KEY ?? process.env.RUNWAY_API_KEY;
+    if (runwayKey) headers.set("X-Runway-Key", runwayKey);
+  }
+  const body = request.method !== "GET" && request.method !== "HEAD" ? await request.text() : void 0;
+  const timeoutMs = options.timeoutMs ?? DEFAULT_UPSTREAM_TIMEOUT_MS;
+  const controller = new AbortController();
+  const timeoutId = setTimeout(() => controller.abort(), timeoutMs);
+  let res;
+  try {
+    res = await fetch(url + search, {
+      method: request.method,
+      headers,
+      body,
+      signal: controller.signal
+    });
+  } catch (err) {
+    clearTimeout(timeoutId);
+    const message = err instanceof Error ? err.message : String(err);
+    const isTimeout = err instanceof Error && err.name === "AbortError";
+    return new Response(
+      JSON.stringify({
+        error: isTimeout ? "GATEWAY_TIMEOUT" : "BAD_GATEWAY",
+        message: isTimeout ? `Upstream request timed out after ${timeoutMs}ms` : `Upstream request failed: ${message}`
+      }),
+      {
+        status: isTimeout ? 504 : 502,
+        headers: { "Content-Type": "application/json", ...corsHeaders(request) }
+      }
+    );
+  }
+  clearTimeout(timeoutId);
+  const text = await res.text();
+  const resHeaders = new Headers();
+  res.headers.forEach((value, key) => {
+    const lower = key.toLowerCase();
+    if (lower === "transfer-encoding" || lower === "content-encoding" || lower === "content-length") return;
+    resHeaders.set(key, value);
+  });
+  Object.entries(corsHeaders(request)).forEach(([k, v]) => resHeaders.set(k, v));
+  return new Response(text, { status: res.status, headers: resHeaders });
+}
+
+// src/next.ts
+async function handle(request, context) {
+  const { path } = await context.params;
+  return proxyToVisgate(request, { pathSegments: path });
+}
+var CORS_HEADERS = {
+  "Access-Control-Allow-Origin": "*",
+  "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
+  "Access-Control-Allow-Headers": "Content-Type, Authorization"
+};
+function GET(request, context) {
+  return handle(request, context);
+}
+function POST(request, context) {
+  return handle(request, context);
+}
+function PUT(request, context) {
+  return handle(request, context);
+}
+function DELETE(request, context) {
+  return handle(request, context);
+}
+function OPTIONS() {
+  return new Response(null, { status: 204, headers: CORS_HEADERS });
+}
+export {
+  DELETE,
+  GET,
+  OPTIONS,
+  POST,
+  PUT
+};
+//# sourceMappingURL=next.mjs.map

package/dist/next.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/proxy.ts","../src/next.ts"],"sourcesContent":["/**\n * Framework-agnostic proxy: forward Request to Visgate and return Response.\n * Uses VISGATE_API_KEY (or options.apiKey) on the server; no key is sent from the client.\n */\n\nconst DEFAULT_BASE_URL = \"https://visgateai.com/api/v1\";\n\n/** Default upstream request timeout (5 min). Use for long-running calls like video generation. */\nexport const DEFAULT_UPSTREAM_TIMEOUT_MS = 300_000;\n\nexport interface ProxyOptions {\n  /** API key (default: process.env.VISGATE_API_KEY) */\n  apiKey?: string;\n  /** Visgate API base URL (default: https://visgateai.com/api/v1) */\n  baseUrl?: string;\n  /** Path segments to append to baseUrl (e.g. [\"health\"] or [\"images\", \"generate\"]) */\n  pathSegments: string[];\n  /** Timeout in ms for the request to Visgate (default: 300000). Set higher for very long video jobs. */\n  timeoutMs?: number;\n}\n\nfunction corsHeaders(request: Request): Record<string, string> {\n  const origin = request.headers.get(\"origin\");\n  return {\n    \"Access-Control-Allow-Origin\": origin || \"*\",\n    \"Access-Control-Allow-Methods\": \"GET, POST, PUT, DELETE, OPTIONS\",\n    \"Access-Control-Allow-Headers\": \"Content-Type, Authorization\",\n  };\n}\n\n/**\n * Forward the incoming request to Visgate and return the response.\n * Call this from your framework (Next.js, Express, etc.) with the request and path.\n */\nexport async function proxyToVisgate(request: Request, options: ProxyOptions): Promise<Response> {\n  // Use API key from request (client sends it when using proxy + apiKey), then options, then env\n  const authHeader = request.headers.get(\"Authorization\");\n  const keyFromRequest =\n    authHeader && /^Bearer\\s+/i.test(authHeader) ? authHeader.replace(/^Bearer\\s+/i, \"\").trim() : null;\n  const apiKey = keyFromRequest ?? options.apiKey ?? process.env.VISGATE_API_KEY;\n  if (!apiKey) {\n    return new Response(\n      JSON.stringify({ error: \"VISGATE_API_KEY not set on server and no API key in request\" }),\n      {\n        status: 500,\n        headers: { \"Content-Type\": \"application/json\", ...corsHeaders(request) },\n      }\n    );\n  }\n\n  const baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\\/$/, \"\");\n  const pathStr = options.pathSegments.join(\"/\");\n  const url = `${baseUrl}/${pathStr}`;\n  const search = request.url.includes(\"?\") ? request.url.slice(request.url.indexOf(\"?\")) : \"\";\n\n  const headers = new Headers();\n  request.headers.forEach((value, key) => {\n    const lower = key.toLowerCase();\n    if (lower === \"authorization\" || lower === \"host\") return;\n    headers.set(key, value);\n  });\n  headers.set(\"Authorization\", `Bearer ${apiKey}`);\n\n  // Add provider keys from server env when not sent by client (BYOK for video/image)\n  if (!headers.has(\"X-Fal-Key\")) {\n    const falKey = process.env.VISGATE_FAL_KEY ?? process.env.FAL_KEY;\n    if (falKey) headers.set(\"X-Fal-Key\", falKey);\n  }\n  if (!headers.has(\"X-Replicate-Key\")) {\n    const replicateKey = process.env.VISGATE_REPLICATE_KEY ?? process.env.REPLICATE_API_TOKEN;\n    if (replicateKey) headers.set(\"X-Replicate-Key\", replicateKey);\n  }\n  if (!headers.has(\"X-Runway-Key\")) {\n    const runwayKey = process.env.VISGATE_RUNWAY_KEY ?? process.env.RUNWAY_API_KEY;\n    if (runwayKey) headers.set(\"X-Runway-Key\", runwayKey);\n  }\n\n  const body =\n    request.method !== \"GET\" && request.method !== \"HEAD\" ? await request.text() : undefined;\n  const timeoutMs = options.timeoutMs ?? DEFAULT_UPSTREAM_TIMEOUT_MS;\n  const controller = new AbortController();\n  const timeoutId = setTimeout(() => controller.abort(), timeoutMs);\n\n  let res: Response;\n  try {\n    res = await fetch(url + search, {\n      method: request.method,\n      headers,\n      body,\n      signal: controller.signal,\n    });\n  } catch (err) {\n    clearTimeout(timeoutId);\n    const message = err instanceof Error ? err.message : String(err);\n    const isTimeout = err instanceof Error && err.name === \"AbortError\";\n    return new Response(\n      JSON.stringify({\n        error: isTimeout ? \"GATEWAY_TIMEOUT\" : \"BAD_GATEWAY\",\n        message: isTimeout\n          ? `Upstream request timed out after ${timeoutMs}ms`\n          : `Upstream request failed: ${message}`,\n      }),\n      {\n        status: isTimeout ? 504 : 502,\n        headers: { \"Content-Type\": \"application/json\", ...corsHeaders(request) },\n      }\n    );\n  }\n  clearTimeout(timeoutId);\n\n  // res.text() decompresses automatically; do not forward Content-Encoding or\n  // the browser will try to decode again and fail with ERR_CONTENT_DECODING_FAILED.\n  const text = await res.text();\n  const resHeaders = new Headers();\n  res.headers.forEach((value, key) => {\n    const lower = key.toLowerCase();\n    if (lower === \"transfer-encoding\" || lower === \"content-encoding\" || lower === \"content-length\") return;\n    resHeaders.set(key, value);\n  });\n  Object.entries(corsHeaders(request)).forEach(([k, v]) => resHeaders.set(k, v));\n\n  return new Response(text, { status: res.status, headers: resHeaders });\n}\n","/**\n * Next.js App Router handlers for Visgate proxy.\n * Use in app/api/visgate/[...path]/route.ts:\n *   export { GET, POST, PUT, DELETE, OPTIONS } from \"@visgate-ai/server-proxy/next\";\n */\n\nimport { proxyToVisgate } from \"./proxy\";\n\ntype NextContext = { params: Promise<{ path: string[] }> };\n\nasync function handle(request: Request, context: NextContext): Promise<Response> {\n  const { path } = await context.params;\n  return proxyToVisgate(request, { pathSegments: path });\n}\n\nconst CORS_HEADERS = {\n  \"Access-Control-Allow-Origin\": \"*\",\n  \"Access-Control-Allow-Methods\": \"GET, POST, PUT, DELETE, OPTIONS\",\n  \"Access-Control-Allow-Headers\": \"Content-Type, Authorization\",\n};\n\nexport function GET(request: Request, context: NextContext): Promise<Response> {\n  return handle(request, context);\n}\n\nexport function POST(request: Request, context: NextContext): Promise<Response> {\n  return handle(request, context);\n}\n\nexport function PUT(request: Request, context: NextContext): Promise<Response> {\n  return handle(request, context);\n}\n\nexport function DELETE(request: Request, context: NextContext): Promise<Response> {\n  return handle(request, context);\n}\n\nexport function OPTIONS(): Response {\n  return new Response(null, { status: 204, headers: CORS_HEADERS });\n}\n"],"mappings":";AAKA,IAAM,mBAAmB;AAGlB,IAAM,8BAA8B;AAa3C,SAAS,YAAY,SAA0C;AAC7D,QAAM,SAAS,QAAQ,QAAQ,IAAI,QAAQ;AAC3C,SAAO;AAAA,IACL,+BAA+B,UAAU;AAAA,IACzC,gCAAgC;AAAA,IAChC,gCAAgC;AAAA,EAClC;AACF;AAMA,eAAsB,eAAe,SAAkB,SAA0C;AAE/F,QAAM,aAAa,QAAQ,QAAQ,IAAI,eAAe;AACtD,QAAM,iBACJ,cAAc,cAAc,KAAK,UAAU,IAAI,WAAW,QAAQ,eAAe,EAAE,EAAE,KAAK,IAAI;AAChG,QAAM,SAAS,kBAAkB,QAAQ,UAAU,QAAQ,IAAI;AAC/D,MAAI,CAAC,QAAQ;AACX,WAAO,IAAI;AAAA,MACT,KAAK,UAAU,EAAE,OAAO,8DAA8D,CAAC;AAAA,MACvF;AAAA,QACE,QAAQ;AAAA,QACR,SAAS,EAAE,gBAAgB,oBAAoB,GAAG,YAAY,OAAO,EAAE;AAAA,MACzE;AAAA,IACF;AAAA,EACF;AAEA,QAAM,WAAW,QAAQ,WAAW,kBAAkB,QAAQ,OAAO,EAAE;AACvE,QAAM,UAAU,QAAQ,aAAa,KAAK,GAAG;AAC7C,QAAM,MAAM,GAAG,OAAO,IAAI,OAAO;AACjC,QAAM,SAAS,QAAQ,IAAI,SAAS,GAAG,IAAI,QAAQ,IAAI,MAAM,QAAQ,IAAI,QAAQ,GAAG,CAAC,IAAI;AAEzF,QAAM,UAAU,IAAI,QAAQ;AAC5B,UAAQ,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AACtC,UAAM,QAAQ,IAAI,YAAY;AAC9B,QAAI,UAAU,mBAAmB,UAAU,OAAQ;AACnD,YAAQ,IAAI,KAAK,KAAK;AAAA,EACxB,CAAC;AACD,UAAQ,IAAI,iBAAiB,UAAU,MAAM,EAAE;AAG/C,MAAI,CAAC,QAAQ,IAAI,WAAW,GAAG;AAC7B,UAAM,SAAS,QAAQ,IAAI,mBAAmB,QAAQ,IAAI;AAC1D,QAAI,OAAQ,SAAQ,IAAI,aAAa,MAAM;AAAA,EAC7C;AACA,MAAI,CAAC,QAAQ,IAAI,iBAAiB,GAAG;AACnC,UAAM,eAAe,QAAQ,IAAI,yBAAyB,QAAQ,IAAI;AACtE,QAAI,aAAc,SAAQ,IAAI,mBAAmB,YAAY;AAAA,EAC/D;AACA,MAAI,CAAC,QAAQ,IAAI,cAAc,GAAG;AAChC,UAAM,YAAY,QAAQ,IAAI,sBAAsB,QAAQ,IAAI;AAChE,QAAI,UAAW,SAAQ,IAAI,gBAAgB,SAAS;AAAA,EACtD;AAEA,QAAM,OACJ,QAAQ,WAAW,SAAS,QAAQ,WAAW,SAAS,MAAM,QAAQ,KAAK,IAAI;AACjF,QAAM,YAAY,QAAQ,aAAa;AACvC,QAAM,aAAa,IAAI,gBAAgB;AACvC,QAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,SAAS;AAEhE,MAAI;AACJ,MAAI;AACF,UAAM,MAAM,MAAM,MAAM,QAAQ;AAAA,MAC9B,QAAQ,QAAQ;AAAA,MAChB;AAAA,MACA;AAAA,MACA,QAAQ,WAAW;AAAA,IACrB,CAAC;AAAA,EACH,SAAS,KAAK;AACZ,iBAAa,SAAS;AACtB,UAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAC/D,UAAM,YAAY,eAAe,SAAS,IAAI,SAAS;AACvD,WAAO,IAAI;AAAA,MACT,KAAK,UAAU;AAAA,QACb,OAAO,YAAY,oBAAoB;AAAA,QACvC,SAAS,YACL,oCAAoC,SAAS,OAC7C,4BAA4B,OAAO;AAAA,MACzC,CAAC;AAAA,MACD;AAAA,QACE,QAAQ,YAAY,MAAM;AAAA,QAC1B,SAAS,EAAE,gBAAgB,oBAAoB,GAAG,YAAY,OAAO,EAAE;AAAA,MACzE;AAAA,IACF;AAAA,EACF;AACA,eAAa,SAAS;AAItB,QAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,QAAM,aAAa,IAAI,QAAQ;AAC/B,MAAI,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AAClC,UAAM,QAAQ,IAAI,YAAY;AAC9B,QAAI,UAAU,uBAAuB,UAAU,sBAAsB,UAAU,iBAAkB;AACjG,eAAW,IAAI,KAAK,KAAK;AAAA,EAC3B,CAAC;AACD,SAAO,QAAQ,YAAY,OAAO,CAAC,EAAE,QAAQ,CAAC,CAAC,GAAG,CAAC,MAAM,WAAW,IAAI,GAAG,CAAC,CAAC;AAE7E,SAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,QAAQ,SAAS,WAAW,CAAC;AACvE;;;AChHA,eAAe,OAAO,SAAkB,SAAyC;AAC/E,QAAM,EAAE,KAAK,IAAI,MAAM,QAAQ;AAC/B,SAAO,eAAe,SAAS,EAAE,cAAc,KAAK,CAAC;AACvD;AAEA,IAAM,eAAe;AAAA,EACnB,+BAA+B;AAAA,EAC/B,gCAAgC;AAAA,EAChC,gCAAgC;AAClC;AAEO,SAAS,IAAI,SAAkB,SAAyC;AAC7E,SAAO,OAAO,SAAS,OAAO;AAChC;AAEO,SAAS,KAAK,SAAkB,SAAyC;AAC9E,SAAO,OAAO,SAAS,OAAO;AAChC;AAEO,SAAS,IAAI,SAAkB,SAAyC;AAC7E,SAAO,OAAO,SAAS,OAAO;AAChC;AAEO,SAAS,OAAO,SAAkB,SAAyC;AAChF,SAAO,OAAO,SAAS,OAAO;AAChC;AAEO,SAAS,UAAoB;AAClC,SAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAS,aAAa,CAAC;AAClE;","names":[]}

package/package.json

@@ -0,0 +1,36 @@
+{
+  "name": "@visgate-ai/server-proxy",
+  "version": "0.1.0",
+  "description": "Framework-agnostic server proxy for Visgate API — add your API key on the server, keep it out of the client.",
+  "license": "MIT",
+  "repository": { "type": "git", "url": "git+https://github.com/visgate-ai/visgate-js.git", "directory": "server-proxy" },
+  "publishConfig": { "access": "public" },
+  "files": ["dist"],
+  "main": "dist/index.js",
+  "module": "dist/index.mjs",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
+    },
+    "./next": {
+      "types": "./dist/next.d.ts",
+      "import": "./dist/next.mjs",
+      "require": "./dist/next.js"  
+    }
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch"
+  },
+  "devDependencies": {
+    "@types/node": "^20",
+    "tsup": "^8.3.5",
+    "typescript": "^5.7.0"
+  },
+  "engines": {
+    "node": ">=18"
+  }
+}