@willbooster/shared-lib-blitz-next 3.1.1 → 3.1.3

package/dist/middleware.cjs.map

@@ -1 +1 @@
-{"version":3,"file":"middleware.cjs","sources":["../src/middleware.ts"],"sourcesContent":["import type { RequestMiddleware } from 'blitz';\n\ntype BasicAuthMiddlewareOptions = {\n  password: string;\n  realm?: string;\n  username: string;\n};\n\n/**\n * Timing-safe comparison of two buffers to prevent timing attacks.\n * This implementation works in all JavaScript environments (Node.js, Edge, Browser).\n */\nfunction timingSafeEqual(a: Buffer, b: Buffer): boolean {\n  if (a.length !== b.length) {\n    return false;\n  }\n\n  let result = 0;\n  for (const [i, element] of a.entries()) {\n    result |= element ^ (b[i] ?? 0);\n  }\n  return result === 0;\n}\n\nexport function BasicAuthMiddleware(options: BasicAuthMiddlewareOptions): RequestMiddleware {\n  return async (request, response, next) => {\n    const authorizationHeader = request.headers.authorization ?? '';\n    const [type, encodedCredentials] = authorizationHeader.split(' ');\n    const expected = Buffer.from(`${options.username}:${options.password}`);\n    const provided = Buffer.from(encodedCredentials ?? '', 'base64');\n\n    if (\n      type?.toLowerCase() !== 'basic' ||\n      provided.length === 0 ||\n      expected.length !== provided.length ||\n      !timingSafeEqual(provided, expected)\n    ) {\n      response.setHeader('WWW-Authenticate', `Basic realm='${options.realm || 'Secure Area'}'`);\n      response.statusCode = 401;\n      response.end('Unauthorized');\n      return;\n    }\n\n    await next();\n  };\n}\n"],"names":["options","async","request","response","next","_request$headers$auth","authorizationHeader","headers","authorization","type","encodedCredentials","split","expected","Buffer","from","username","password","provided","toLowerCase","length","a","b","result","i","element","entries","_b$i","timingSafeEqual","setHeader","realm","statusCode","end"],"mappings":"yCAwBO,SAA6BA,GAClC,OAAOC,MAAOC,EAASC,EAAUC,KAAS,IAAAC,EACxC,MAAMC,EAAmD,OAAhCD,EAAGH,EAAQK,QAAQC,eAAaH,EAAI,IACtDI,EAAMC,GAAsBJ,EAAoBK,MAAM,KACvDC,EAAWC,OAAOC,KAAK,GAAGd,EAAQe,YAAYf,EAAQgB,YACtDC,EAAWJ,OAAOC,KAAuB,MAAlBJ,EAAAA,EAAsB,GAAI,UAEvD,GAC0B,WAApB,MAAJD,OAAI,EAAJA,EAAMS,gBACc,IAApBD,EAASE,QACTP,EAASO,SAAWF,EAASE,SAtBnC,SAAyBC,EAAWC,GAClC,GAAID,EAAED,SAAWE,EAAEF,OACjB,OAAO,EAGT,IAAIG,EAAS,EACb,IAAK,MAAOC,EAAGC,KAAYJ,EAAEK,UAAW,CAAA,IAAAC,EACtCJ,GAAUE,GAAe,OAARE,EAAIL,EAAEE,IAAEG,EAAI,EAC/B,CACA,OAAkB,IAAXJ,CACT,CAaOK,CAAgBV,EAAUL,GAK3B,OAHAT,EAASyB,UAAU,mBAAoB,gBAAgB5B,EAAQ6B,OAAS,kBACxE1B,EAAS2B,WAAa,SACtB3B,EAAS4B,IAAI,sBAIT3B,IAEV"}
+{"version":3,"file":"middleware.cjs","sources":["../src/middleware.ts"],"sourcesContent":["import type { RequestMiddleware } from 'blitz';\n\ninterface BasicAuthMiddlewareOptions {\n  password: string;\n  realm?: string;\n  username: string;\n}\n\n/**\n * Timing-safe comparison of two buffers to prevent timing attacks.\n * This implementation works in all JavaScript environments (Node.js, Edge, Browser).\n */\nfunction timingSafeEqual(a: Buffer, b: Buffer): boolean {\n  if (a.length !== b.length) {\n    return false;\n  }\n\n  let result = 0;\n  for (const [i, element] of a.entries()) {\n    result |= element ^ (b[i] ?? 0);\n  }\n  return result === 0;\n}\n\nexport function BasicAuthMiddleware(options: BasicAuthMiddlewareOptions): RequestMiddleware {\n  return async (request, response, next) => {\n    const authorizationHeader = request.headers.authorization ?? '';\n    const [type, encodedCredentials] = authorizationHeader.split(' ');\n    const expected = Buffer.from(`${options.username}:${options.password}`);\n    const provided = Buffer.from(encodedCredentials ?? '', 'base64');\n\n    if (\n      type?.toLowerCase() !== 'basic' ||\n      provided.length === 0 ||\n      expected.length !== provided.length ||\n      !timingSafeEqual(provided, expected)\n    ) {\n      response.setHeader('WWW-Authenticate', `Basic realm='${options.realm || 'Secure Area'}'`);\n      response.statusCode = 401;\n      response.end('Unauthorized');\n      return;\n    }\n\n    await next();\n  };\n}\n"],"names":["options","async","request","response","next","_request$headers$auth","authorizationHeader","headers","authorization","type","encodedCredentials","split","expected","Buffer","from","username","password","provided","toLowerCase","length","a","b","result","i","element","entries","_b$i","timingSafeEqual","setHeader","realm","statusCode","end"],"mappings":"yCAwBO,SAA6BA,GAClC,OAAOC,MAAOC,EAASC,EAAUC,KAAS,IAAAC,EACxC,MAAMC,EAAmD,OAAhCD,EAAGH,EAAQK,QAAQC,eAAaH,EAAI,IACtDI,EAAMC,GAAsBJ,EAAoBK,MAAM,KACvDC,EAAWC,OAAOC,KAAK,GAAGd,EAAQe,YAAYf,EAAQgB,YACtDC,EAAWJ,OAAOC,KAAuB,MAAlBJ,EAAAA,EAAsB,GAAI,UAEvD,GAC0B,WAApB,MAAJD,OAAI,EAAJA,EAAMS,gBACc,IAApBD,EAASE,QACTP,EAASO,SAAWF,EAASE,SAtBnC,SAAyBC,EAAWC,GAClC,GAAID,EAAED,SAAWE,EAAEF,OACjB,OAAO,EAGT,IAAIG,EAAS,EACb,IAAK,MAAOC,EAAGC,KAAYJ,EAAEK,UAAW,CAAA,IAAAC,EACtCJ,GAAUE,GAAe,OAARE,EAAIL,EAAEE,IAAEG,EAAI,EAC/B,CACA,OAAkB,IAAXJ,CACT,CAaOK,CAAgBV,EAAUL,GAK3B,OAHAT,EAASyB,UAAU,mBAAoB,gBAAgB5B,EAAQ6B,OAAS,kBACxE1B,EAAS2B,WAAa,SACtB3B,EAAS4B,IAAI,sBAIT3B,IAEV"}

package/dist/middleware.d.ts

@@ -1,8 +1,8 @@
 import type { RequestMiddleware } from 'blitz';
-type BasicAuthMiddlewareOptions = {
+interface BasicAuthMiddlewareOptions {
     password: string;
     realm?: string;
     username: string;
-};
+}
 export declare function BasicAuthMiddleware(options: BasicAuthMiddlewareOptions): RequestMiddleware;
 export {};

package/dist/middleware.js.map

@@ -1 +1 @@
-{"version":3,"file":"middleware.js","sources":["../src/middleware.ts"],"sourcesContent":["import type { RequestMiddleware } from 'blitz';\n\ntype BasicAuthMiddlewareOptions = {\n  password: string;\n  realm?: string;\n  username: string;\n};\n\n/**\n * Timing-safe comparison of two buffers to prevent timing attacks.\n * This implementation works in all JavaScript environments (Node.js, Edge, Browser).\n */\nfunction timingSafeEqual(a: Buffer, b: Buffer): boolean {\n  if (a.length !== b.length) {\n    return false;\n  }\n\n  let result = 0;\n  for (const [i, element] of a.entries()) {\n    result |= element ^ (b[i] ?? 0);\n  }\n  return result === 0;\n}\n\nexport function BasicAuthMiddleware(options: BasicAuthMiddlewareOptions): RequestMiddleware {\n  return async (request, response, next) => {\n    const authorizationHeader = request.headers.authorization ?? '';\n    const [type, encodedCredentials] = authorizationHeader.split(' ');\n    const expected = Buffer.from(`${options.username}:${options.password}`);\n    const provided = Buffer.from(encodedCredentials ?? '', 'base64');\n\n    if (\n      type?.toLowerCase() !== 'basic' ||\n      provided.length === 0 ||\n      expected.length !== provided.length ||\n      !timingSafeEqual(provided, expected)\n    ) {\n      response.setHeader('WWW-Authenticate', `Basic realm='${options.realm || 'Secure Area'}'`);\n      response.statusCode = 401;\n      response.end('Unauthorized');\n      return;\n    }\n\n    await next();\n  };\n}\n"],"names":["BasicAuthMiddleware","options","async","request","response","next","_request$headers$auth","authorizationHeader","headers","authorization","type","encodedCredentials","split","expected","Buffer","from","username","password","provided","toLowerCase","length","a","b","result","i","element","entries","_b$i","timingSafeEqual","setHeader","realm","statusCode","end"],"mappings":"AAwBO,SAASA,EAAoBC,GAClC,OAAOC,MAAOC,EAASC,EAAUC,KAAS,IAAAC,EACxC,MAAMC,EAAmD,OAAhCD,EAAGH,EAAQK,QAAQC,eAAaH,EAAI,IACtDI,EAAMC,GAAsBJ,EAAoBK,MAAM,KACvDC,EAAWC,OAAOC,KAAK,GAAGd,EAAQe,YAAYf,EAAQgB,YACtDC,EAAWJ,OAAOC,KAAuB,MAAlBJ,EAAAA,EAAsB,GAAI,UAEvD,GAC0B,WAApB,MAAJD,OAAI,EAAJA,EAAMS,gBACc,IAApBD,EAASE,QACTP,EAASO,SAAWF,EAASE,SAtBnC,SAAyBC,EAAWC,GAClC,GAAID,EAAED,SAAWE,EAAEF,OACjB,OAAO,EAGT,IAAIG,EAAS,EACb,IAAK,MAAOC,EAAGC,KAAYJ,EAAEK,UAAW,CAAA,IAAAC,EACtCJ,GAAUE,GAAe,OAARE,EAAIL,EAAEE,IAAEG,EAAI,EAC/B,CACA,OAAkB,IAAXJ,CACT,CAaOK,CAAgBV,EAAUL,GAK3B,OAHAT,EAASyB,UAAU,mBAAoB,gBAAgB5B,EAAQ6B,OAAS,kBACxE1B,EAAS2B,WAAa,SACtB3B,EAAS4B,IAAI,sBAIT3B,IAEV"}
+{"version":3,"file":"middleware.js","sources":["../src/middleware.ts"],"sourcesContent":["import type { RequestMiddleware } from 'blitz';\n\ninterface BasicAuthMiddlewareOptions {\n  password: string;\n  realm?: string;\n  username: string;\n}\n\n/**\n * Timing-safe comparison of two buffers to prevent timing attacks.\n * This implementation works in all JavaScript environments (Node.js, Edge, Browser).\n */\nfunction timingSafeEqual(a: Buffer, b: Buffer): boolean {\n  if (a.length !== b.length) {\n    return false;\n  }\n\n  let result = 0;\n  for (const [i, element] of a.entries()) {\n    result |= element ^ (b[i] ?? 0);\n  }\n  return result === 0;\n}\n\nexport function BasicAuthMiddleware(options: BasicAuthMiddlewareOptions): RequestMiddleware {\n  return async (request, response, next) => {\n    const authorizationHeader = request.headers.authorization ?? '';\n    const [type, encodedCredentials] = authorizationHeader.split(' ');\n    const expected = Buffer.from(`${options.username}:${options.password}`);\n    const provided = Buffer.from(encodedCredentials ?? '', 'base64');\n\n    if (\n      type?.toLowerCase() !== 'basic' ||\n      provided.length === 0 ||\n      expected.length !== provided.length ||\n      !timingSafeEqual(provided, expected)\n    ) {\n      response.setHeader('WWW-Authenticate', `Basic realm='${options.realm || 'Secure Area'}'`);\n      response.statusCode = 401;\n      response.end('Unauthorized');\n      return;\n    }\n\n    await next();\n  };\n}\n"],"names":["BasicAuthMiddleware","options","async","request","response","next","_request$headers$auth","authorizationHeader","headers","authorization","type","encodedCredentials","split","expected","Buffer","from","username","password","provided","toLowerCase","length","a","b","result","i","element","entries","_b$i","timingSafeEqual","setHeader","realm","statusCode","end"],"mappings":"AAwBO,SAASA,EAAoBC,GAClC,OAAOC,MAAOC,EAASC,EAAUC,KAAS,IAAAC,EACxC,MAAMC,EAAmD,OAAhCD,EAAGH,EAAQK,QAAQC,eAAaH,EAAI,IACtDI,EAAMC,GAAsBJ,EAAoBK,MAAM,KACvDC,EAAWC,OAAOC,KAAK,GAAGd,EAAQe,YAAYf,EAAQgB,YACtDC,EAAWJ,OAAOC,KAAuB,MAAlBJ,EAAAA,EAAsB,GAAI,UAEvD,GAC0B,WAApB,MAAJD,OAAI,EAAJA,EAAMS,gBACc,IAApBD,EAASE,QACTP,EAASO,SAAWF,EAASE,SAtBnC,SAAyBC,EAAWC,GAClC,GAAID,EAAED,SAAWE,EAAEF,OACjB,OAAO,EAGT,IAAIG,EAAS,EACb,IAAK,MAAOC,EAAGC,KAAYJ,EAAEK,UAAW,CAAA,IAAAC,EACtCJ,GAAUE,GAAe,OAARE,EAAIL,EAAEE,IAAEG,EAAI,EAC/B,CACA,OAAkB,IAAXJ,CACT,CAaOK,CAAgBV,EAAUL,GAK3B,OAHAT,EAASyB,UAAU,mBAAoB,gBAAgB5B,EAAQ6B,OAAS,kBACxE1B,EAAS2B,WAAa,SACtB3B,EAAS4B,IAAI,sBAIT3B,IAEV"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@willbooster/shared-lib-blitz-next",
-  "version": "3.1.1",
+  "version": "3.1.3",
   "license": "Apache-2.0",
   "author": "WillBooster Inc.",
   "sideEffects": false,
@@ -39,29 +39,29 @@
   "prettier": "@willbooster/prettier-config",
   "devDependencies": {
     "@types/eslint": "9.6.1",
-    "@types/micromatch": "4.0.9",
-    "@willbooster/eslint-config-ts": "11.4.7",
-    "@willbooster/prettier-config": "10.2.0",
+    "@types/micromatch": "4.0.10",
+    "@willbooster/eslint-config-ts": "11.4.10",
+    "@willbooster/prettier-config": "10.2.1",
     "blitz": "3.0.2",
-    "build-ts": "16.0.8",
-    "eslint": "9.37.0",
+    "build-ts": "16.0.12",
+    "eslint": "9.39.1",
     "eslint-config-flat-gitignore": "2.1.0",
     "eslint-config-prettier": "10.1.8",
     "eslint-import-resolver-typescript": "4.4.4",
     "eslint-plugin-import-x": "4.16.1",
     "eslint-plugin-sort-class-members": "1.21.0",
     "eslint-plugin-sort-destructure-keys": "2.0.0",
-    "eslint-plugin-unicorn": "61.0.2",
-    "eslint-plugin-unused-imports": "4.2.0",
-    "globals": "16.4.0",
-    "lint-staged": "16.2.3",
+    "eslint-plugin-unicorn": "62.0.0",
+    "eslint-plugin-unused-imports": "4.3.0",
+    "globals": "16.5.0",
+    "lint-staged": "16.2.6",
     "micromatch": "4.0.8",
     "prettier": "3.6.2",
-    "prettier-plugin-java": "2.7.5",
+    "prettier-plugin-java": "2.7.7",
     "sort-package-json": "3.4.0",
     "typescript": "5.9.3",
-    "typescript-eslint": "8.45.0",
-    "vitest": "3.2.4"
+    "typescript-eslint": "8.46.3",
+    "vitest": "4.0.3"
   },
   "publishConfig": {
     "access": "public"