alabjs 0.1.0

package/dist/server/image.js

@@ -0,0 +1,97 @@
+import { readFile, access } from "node:fs/promises";
+import { resolve } from "node:path";
+/**
+ * Handle `/_alabjs/image` requests using the Rust image optimiser (alab-napi).
+ *
+ * Node.js reads the source file from `public/` then passes the raw bytes to
+ * Rust — same pattern as snapbolt-cli. Rust decodes, resizes, and encodes to
+ * WebP (libwebp-sys with `native` feature, or pure-Rust fallback).
+ *
+ * Query params:
+ *   src    — path relative to the project's `public/` directory (required)
+ *   w      — target width in pixels (required)
+ *   q      — quality 1–100 (default: 80)
+ *   fmt    — "webp" (default) | "jpeg" | "png"
+ *
+ * Cache-Control is set to 1 year / immutable for optimised responses.
+ */
+export async function handleImageRequest(req, res, publicDir) {
+    const url = new URL(req.url ?? "/", "http://localhost");
+    const src = url.searchParams.get("src");
+    const wParam = url.searchParams.get("w");
+    const quality = Math.max(1, Math.min(100, parseInt(url.searchParams.get("q") ?? "80", 10)));
+    const fmt = url.searchParams.get("fmt") ?? "webp";
+    if (!src || !wParam) {
+        res.statusCode = 400;
+        res.end("[alabjs] Missing src or w parameter");
+        return;
+    }
+    const width = parseInt(wParam, 10);
+    if (!Number.isFinite(width) || width < 1 || width > 4096) {
+        res.statusCode = 400;
+        res.end("[alabjs] Invalid width — must be 1–4096");
+        return;
+    }
+    // Prevent path traversal
+    const safeSrc = src.replace(/\.\./g, "").replace(/^\/+/, "");
+    const filePath = resolve(publicDir, safeSrc);
+    if (!filePath.startsWith(publicDir)) {
+        res.statusCode = 403;
+        res.end("[alabjs] Forbidden");
+        return;
+    }
+    try {
+        await access(filePath);
+    }
+    catch {
+        res.statusCode = 404;
+        res.end("[alabjs] Image not found");
+        return;
+    }
+    const input = await readFile(filePath);
+    // Load napi binding (built by `cargo build --release -p alab-napi`).
+    // Fall back to serving the raw file when the binary isn't available so that
+    // images still load during development without the Rust toolchain.
+    let napi = null;
+    try {
+        const mod = await import("@alabjs/compiler");
+        napi = (mod.default ?? mod);
+    }
+    catch {
+        // napi not built — will serve raw file below.
+    }
+    if (!napi) {
+        const ext = safeSrc.split(".").pop()?.toLowerCase() ?? "";
+        const mime = ext === "jpg" || ext === "jpeg" ? "image/jpeg"
+            : ext === "png" ? "image/png"
+                : ext === "gif" ? "image/gif"
+                    : ext === "webp" ? "image/webp"
+                        : ext === "avif" ? "image/avif"
+                            : "application/octet-stream";
+        res.statusCode = 200;
+        res.setHeader("content-type", mime);
+        res.setHeader("cache-control", "no-store");
+        res.setHeader("content-length", input.length);
+        res.end(input);
+        return;
+    }
+    try {
+        // Pass raw bytes to Rust — decode + resize + encode on a blocking thread pool.
+        const optimised = await napi.optimizeImage(input, quality, width, undefined, fmt);
+        const mime = fmt === "jpeg" || fmt === "jpg" ? "image/jpeg"
+            : fmt === "png" ? "image/png"
+                : "image/webp";
+        res.statusCode = 200;
+        res.setHeader("content-type", mime);
+        res.setHeader("cache-control", "public, max-age=31536000, immutable");
+        res.setHeader("content-length", optimised.length);
+        res.end(optimised);
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        console.error(`[alabjs] image optimisation failed — src=${safeSrc} w=${width} fmt=${fmt}: ${msg}`);
+        res.statusCode = 500;
+        res.end("[alabjs] Image optimisation failed — check server logs");
+    }
+}
+//# sourceMappingURL=image.js.map

package/dist/server/image.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"image.js","sourceRoot":"","sources":["../../src/server/image.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAIpC;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,GAAoB,EACpB,GAAmB,EACnB,SAAiB;IAEjB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,kBAAkB,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACxC,MAAM,MAAM,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACzC,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IAC5F,MAAM,GAAG,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC;IAElD,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QACpB,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;QAC/C,OAAO;IACT,CAAC;IAED,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,GAAG,IAAI,EAAE,CAAC;QACzD,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;QACnD,OAAO;IACT,CAAC;IAED,yBAAyB;IACzB,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC7D,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC7C,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAC9B,OAAO;IACT,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;QACpC,OAAO;IACT,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAEvC,qEAAqE;IACrE,4EAA4E;IAC5E,mEAAmE;IACnE,IAAI,IAAI,GAAoB,IAAI,CAAC;IACjC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAsC,CAAC;QAClF,IAAI,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAa,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;IAChD,CAAC;IAED,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;QAC1D,MAAM,IAAI,GACR,GAAG,KAAK,KAAK,IAAI,GAAG,KAAK,MAAM,CAAC,CAAC,CAAC,YAAY;YAC9C,CAAC,CAAC,GAAG,KAAK,KAAK,CAAkB,CAAC,CAAC,WAAW;gBAC9C,CAAC,CAAC,GAAG,KAAK,KAAK,CAAkB,CAAC,CAAC,WAAW;oBAC9C,CAAC,CAAC,GAAG,KAAK,MAAM,CAAiB,CAAC,CAAC,YAAY;wBAC/C,CAAC,CAAC,GAAG,KAAK,MAAM,CAAiB,CAAC,CAAC,YAAY;4BAC/C,CAAC,CAAkC,0BAA0B,CAAC;QAChE,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;QACpC,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAC3C,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;QAC9C,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACf,OAAO;IACT,CAAC;IAED,IAAI,CAAC;QACH,+EAA+E;QAC/E,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;QAElF,MAAM,IAAI,GACR,GAAG,KAAK,MAAM,IAAI,GAAG,KAAK,KAAK,CAAC,CAAC,CAAC,YAAY;YAC9C,CAAC,CAAC,GAAG,KAAK,KAAK,CAAiB,CAAC,CAAC,WAAW;gBAC7C,CAAC,CAAiC,YAAY,CAAC;QAEjD,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;QACpC,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,qCAAqC,CAAC,CAAC;QACtE,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;QAClD,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACrB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,KAAK,CAAC,4CAA4C,OAAO,MAAM,KAAK,QAAQ,GAAG,KAAK,GAAG,EAAE,CAAC,CAAC;QACnG,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;IACpE,CAAC;AACH,CAAC"}

package/dist/server/index.d.ts

@@ -0,0 +1,57 @@
+import type { ServerFn, ServerFnContext } from "../types/index.js";
+export interface ServerFnCacheOptions<Input> {
+    /** How long to keep the result in seconds. Required when `cache` is set. */
+    ttl: number;
+    /**
+     * Tags for group invalidation via `invalidateCache({ tags })`.
+     * Can be a static array or a function that receives the input and returns tags,
+     * allowing per-argument granularity like `post:${input.id}`.
+     */
+    tags?: string[] | ((input: Input) => string[]);
+}
+export interface DefineServerFnOptions<Input> {
+    /** Opt-in result caching. Nothing is cached unless this is specified. */
+    cache?: ServerFnCacheOptions<Input>;
+}
+interface ZodLike<T> {
+    safeParse(input: unknown): {
+        success: true;
+        data: T;
+    } | {
+        success: false;
+        error: unknown;
+    };
+}
+/**
+ * Define a server-only function (no input schema).
+ *
+ * @example
+ * ```ts
+ * export const getPosts = defineServerFn(async () => db.posts.findAll());
+ * ```
+ */
+export declare function defineServerFn<Input = undefined, Output = unknown>(handler: (ctx: ServerFnContext, input: Input) => Promise<Output>, options?: DefineServerFnOptions<Input>): ServerFn<Input, Output>;
+/**
+ * Define a server-only function with **Zod input validation**.
+ *
+ * If validation fails, an HTTP 422 response with the Zod error is returned
+ * automatically — the handler is never called with invalid data.
+ *
+ * The client's `useMutation` / `useServerData` will receive
+ * `{ zodError: ZodError }` instead of throwing an untyped error.
+ *
+ * @example
+ * ```ts
+ * import { z } from "zod";
+ *
+ * export const createPost = defineServerFn(
+ *   z.object({ title: z.string().min(1), body: z.string() }),
+ *   async ({ params }, input) => db.posts.create(input),
+ *   { cache: { ttl: 0, tags: ["posts"] } },
+ * );
+ * ```
+ */
+export declare function defineServerFn<Schema extends ZodLike<unknown>, Output = unknown>(schema: Schema, handler: (ctx: ServerFnContext, input: Schema extends ZodLike<infer T> ? T : never) => Promise<Output>, options?: DefineServerFnOptions<Schema extends ZodLike<infer T> ? T : never>): ServerFn<Schema extends ZodLike<infer T> ? T : never, Output>;
+export { defineSSEHandler } from "./sse.js";
+export type { SSEEvent } from "./sse.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/server/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAKnE,MAAM,WAAW,oBAAoB,CAAC,KAAK;IACzC,4EAA4E;IAC5E,GAAG,EAAE,MAAM,CAAC;IACZ;;;;OAIG;IACH,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,KAAK,KAAK,MAAM,EAAE,CAAC,CAAC;CAChD;AAED,MAAM,WAAW,qBAAqB,CAAC,KAAK;IAC1C,yEAAyE;IACzE,KAAK,CAAC,EAAE,oBAAoB,CAAC,KAAK,CAAC,CAAC;CACrC;AAID,UAAU,OAAO,CAAC,CAAC;IACjB,SAAS,CAAC,KAAK,EAAE,OAAO,GAAG;QAAE,OAAO,EAAE,IAAI,CAAC;QAAC,IAAI,EAAE,CAAC,CAAA;KAAE,GAAG;QAAE,OAAO,EAAE,KAAK,CAAC;QAAC,KAAK,EAAE,OAAO,CAAA;KAAE,CAAC;CAC5F;AAaD;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAAC,KAAK,GAAG,SAAS,EAAE,MAAM,GAAG,OAAO,EAChE,OAAO,EAAE,CAAC,GAAG,EAAE,eAAe,EAAE,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,MAAM,CAAC,EAChE,OAAO,CAAC,EAAE,qBAAqB,CAAC,KAAK,CAAC,GACrC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;AAE3B;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,cAAc,CAAC,MAAM,SAAS,OAAO,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,EAC9E,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,CACP,GAAG,EAAE,eAAe,EACpB,KAAK,EAAE,MAAM,SAAS,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,KAC/C,OAAO,CAAC,MAAM,CAAC,EACpB,OAAO,CAAC,EAAE,qBAAqB,CAAC,MAAM,SAAS,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,GAC3E,QAAQ,CAAC,MAAM,SAAS,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,EAAE,MAAM,CAAC,CAAC;AAgEjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAC5C,YAAY,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC"}

package/dist/server/index.js

@@ -0,0 +1,58 @@
+import { getCached, setCache, CACHE_MISS } from "./cache.js";
+function isZodSchema(v) {
+    return (v !== null &&
+        typeof v === "object" &&
+        "safeParse" in v &&
+        typeof v["safeParse"] === "function");
+}
+// ─── Implementation ───────────────────────────────────────────────────────────
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+export function defineServerFn(...args) {
+    const [schemaOrHandler, handlerOrOptions, maybeOptions] = args;
+    let schema = null;
+    let handler;
+    let options;
+    if (isZodSchema(schemaOrHandler)) {
+        schema = schemaOrHandler;
+        handler = handlerOrOptions;
+        options = maybeOptions;
+    }
+    else {
+        handler = schemaOrHandler;
+        options = handlerOrOptions;
+    }
+    const cacheOpts = options?.cache;
+    const wrapped = async (ctx, input) => {
+        // ── Zod validation ───────────────────────────────────────────────────────
+        let validatedInput = input;
+        if (schema) {
+            const result = schema.safeParse(input);
+            if (!result.success) {
+                // Throw a structured validation error that the dev/prod server will
+                // serialise as { zodError: ... } with HTTP 422.
+                const err = new Error("[alabjs] Validation failed");
+                err.zodError = result.error;
+                throw err;
+            }
+            validatedInput = result.data;
+        }
+        // ── Cache lookup ─────────────────────────────────────────────────────────
+        if (cacheOpts) {
+            const cacheKey = `${handler.name}:${JSON.stringify(validatedInput)}`;
+            const cached = getCached(cacheKey);
+            if (cached !== CACHE_MISS)
+                return cached;
+            const data = await handler(ctx, validatedInput);
+            const tags = typeof cacheOpts.tags === "function"
+                ? cacheOpts.tags(validatedInput)
+                : (cacheOpts.tags ?? []);
+            setCache(cacheKey, data, { ttl: cacheOpts.ttl, tags });
+            return data;
+        }
+        return handler(ctx, validatedInput);
+    };
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    return wrapped;
+}
+export { defineSSEHandler } from "./sse.js";
+//# sourceMappingURL=index.js.map

package/dist/server/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AA0B7D,SAAS,WAAW,CAAC,CAAU;IAC7B,OAAO,CACL,CAAC,KAAK,IAAI;QACV,OAAO,CAAC,KAAK,QAAQ;QACrB,WAAW,IAAI,CAAC;QAChB,OAAQ,CAA6B,CAAC,WAAW,CAAC,KAAK,UAAU,CAClE,CAAC;AACJ,CAAC;AA8CD,iFAAiF;AAEjF,8DAA8D;AAC9D,MAAM,UAAU,cAAc,CAAC,GAAG,IAAW;IAC3C,MAAM,CAAC,eAAe,EAAE,gBAAgB,EAAE,YAAY,CAAC,GAAG,IAIzD,CAAC;IACF,IAAI,MAAM,GAA4B,IAAI,CAAC;IAC3C,IAAI,OAAiD,CAAC;IACtD,IAAI,OAAmD,CAAC;IAExD,IAAI,WAAW,CAAC,eAAe,CAAC,EAAE,CAAC;QACjC,MAAM,GAAG,eAAe,CAAC;QACzB,OAAO,GAAG,gBAA4D,CAAC;QACvE,OAAO,GAAG,YAAY,CAAC;IACzB,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,eAA2D,CAAC;QACtE,OAAO,GAAG,gBAA8D,CAAC;IAC3E,CAAC;IAED,MAAM,SAAS,GAAG,OAAO,EAAE,KAAK,CAAC;IAEjC,MAAM,OAAO,GAAG,KAAK,EAAE,GAAoB,EAAE,KAAc,EAAoB,EAAE;QAC/E,4EAA4E;QAC5E,IAAI,cAAc,GAAG,KAAK,CAAC;QAC3B,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;YACvC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,oEAAoE;gBACpE,gDAAgD;gBAChD,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,4BAA4B,CAAkC,CAAC;gBACrF,GAAG,CAAC,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC;gBAC5B,MAAM,GAAG,CAAC;YACZ,CAAC;YACD,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC;QAC/B,CAAC;QAED,4EAA4E;QAC5E,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,EAAE,CAAC;YACrE,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;YACnC,IAAI,MAAM,KAAK,UAAU;gBAAE,OAAO,MAAM,CAAC;YAEzC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;YAEhD,MAAM,IAAI,GACR,OAAO,SAAS,CAAC,IAAI,KAAK,UAAU;gBAClC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC;gBAChC,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;YAC7B,QAAQ,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;YACvD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,OAAO,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IACtC,CAAC,CAAC;IAEF,8DAA8D;IAC9D,OAAO,OAA6B,CAAC;AACvC,CAAC;AAED,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC"}

package/dist/server/middleware.d.ts

@@ -0,0 +1,53 @@
+/**
+ * Middleware runner — loads and executes the user's `middleware.ts` file.
+ *
+ * Convention (mirrors Next.js):
+ * ```ts
+ * // middleware.ts (project root)
+ * export async function middleware(req: Request): Promise<Response | void> {
+ *   if (!isAuthed(req)) return Response.redirect(new URL("/login", req.url));
+ *   // return nothing (or return NextResponse.next()) to continue
+ * }
+ *
+ * // Optional — restrict which paths the middleware runs on.
+ * // Patterns support * and ** wildcards (like path-to-regexp lite).
+ * export const config = {
+ *   matcher: ["/dashboard/:path*", "/api/:path*"],
+ * };
+ * ```
+ */
+/** Redirect the request to a new URL (defaults to 307 Temporary Redirect). */
+export declare function redirect(url: string, status?: 301 | 302 | 307 | 308): Response;
+/**
+ * Pass the request through to the next handler (no-op).
+ * Return the result of `next()` from your middleware to signal "continue".
+ */
+export declare function next(): null;
+export interface MiddlewareModule {
+    middleware: (req: Request) => Promise<Response | null | void> | Response | null | void;
+    config?: {
+        matcher?: string[];
+    };
+}
+/**
+ * Convert a matcher pattern like `/dashboard/:path*` or `/api/*` to a RegExp.
+ *
+ * Supported syntax:
+ * - `:param`   — one path segment (any chars except `/`)
+ * - `*`        — one path segment wildcard
+ * - `**`       — zero or more segments (greedy)
+ * - `:param*`  — zero or more remaining segments (Next.js `:path*` style)
+ */
+export declare function matcherToRegex(pattern: string): RegExp;
+/**
+ * Test whether a pathname matches any of the given matcher patterns.
+ * If no patterns are provided, the middleware runs on every request.
+ */
+export declare function matchesMiddleware(pathname: string, matchers?: string[]): boolean;
+/**
+ * Run the user middleware against the current request.
+ * Returns a `Response` if the middleware handled the request (redirect, early
+ * return, etc.) or `null` if it passed through (return nothing / undefined).
+ */
+export declare function runMiddleware(mod: MiddlewareModule, req: Request): Promise<Response | null>;
+//# sourceMappingURL=middleware.d.ts.map

package/dist/server/middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/server/middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAIH,8EAA8E;AAC9E,wBAAgB,QAAQ,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAS,GAAG,QAAQ,CAEnF;AAED;;;GAGG;AACH,wBAAgB,IAAI,IAAI,IAAI,CAE3B;AAID,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,OAAO,CAAC,QAAQ,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,QAAQ,GAAG,IAAI,GAAG,IAAI,CAAC;IACvF,MAAM,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;CACjC;AAED;;;;;;;;GAQG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAgBtD;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,GAAG,OAAO,CAGhF;AAED;;;;GAIG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,gBAAgB,EACrB,GAAG,EAAE,OAAO,GACX,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAS1B"}

package/dist/server/middleware.js

@@ -0,0 +1,80 @@
+/**
+ * Middleware runner — loads and executes the user's `middleware.ts` file.
+ *
+ * Convention (mirrors Next.js):
+ * ```ts
+ * // middleware.ts (project root)
+ * export async function middleware(req: Request): Promise<Response | void> {
+ *   if (!isAuthed(req)) return Response.redirect(new URL("/login", req.url));
+ *   // return nothing (or return NextResponse.next()) to continue
+ * }
+ *
+ * // Optional — restrict which paths the middleware runs on.
+ * // Patterns support * and ** wildcards (like path-to-regexp lite).
+ * export const config = {
+ *   matcher: ["/dashboard/:path*", "/api/:path*"],
+ * };
+ * ```
+ */
+// ─── Public helpers (importable from "alabjs/middleware") ───────────────────────
+/** Redirect the request to a new URL (defaults to 307 Temporary Redirect). */
+export function redirect(url, status = 307) {
+    return Response.redirect(url, status);
+}
+/**
+ * Pass the request through to the next handler (no-op).
+ * Return the result of `next()` from your middleware to signal "continue".
+ */
+export function next() {
+    return null;
+}
+/**
+ * Convert a matcher pattern like `/dashboard/:path*` or `/api/*` to a RegExp.
+ *
+ * Supported syntax:
+ * - `:param`   — one path segment (any chars except `/`)
+ * - `*`        — one path segment wildcard
+ * - `**`       — zero or more segments (greedy)
+ * - `:param*`  — zero or more remaining segments (Next.js `:path*` style)
+ */
+export function matcherToRegex(pattern) {
+    // Escape regex special chars except the ones we handle manually
+    const escaped = pattern
+        .replace(/[.+*^${}()|[\]\\]/g, "\\$&")
+        // :param* → zero-or-more segments (greedy, optional slash)
+        .replace(/\/:[a-zA-Z_][a-zA-Z0-9_]*\\\*/g, "(?:/.*)?")
+        .replace(/:[a-zA-Z_][a-zA-Z0-9_]*\\\*/g, "(?:/.*)?")
+        // :param  → single segment
+        .replace(/:[a-zA-Z_][a-zA-Z0-9_]*/g, "[^/]+")
+        // ** → zero-or-more segments (greedy, optional slash)
+        .replace(/\/\*\*\\\*/g, "(?:/.*)?")
+        .replace(/\\\*\\\*/g, ".*")
+        // * → single segment
+        .replace(/\\\*/g, "[^/]+");
+    return new RegExp(`^${escaped}\\/?$`);
+}
+/**
+ * Test whether a pathname matches any of the given matcher patterns.
+ * If no patterns are provided, the middleware runs on every request.
+ */
+export function matchesMiddleware(pathname, matchers) {
+    if (!matchers || matchers.length === 0)
+        return true;
+    return matchers.some((pattern) => matcherToRegex(pattern).test(pathname));
+}
+/**
+ * Run the user middleware against the current request.
+ * Returns a `Response` if the middleware handled the request (redirect, early
+ * return, etc.) or `null` if it passed through (return nothing / undefined).
+ */
+export async function runMiddleware(mod, req) {
+    const { middleware, config } = mod;
+    const pathname = new URL(req.url).pathname;
+    if (!matchesMiddleware(pathname, config?.matcher))
+        return null;
+    const result = await middleware(req);
+    if (result instanceof Response)
+        return result;
+    return null;
+}
+//# sourceMappingURL=middleware.js.map

package/dist/server/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/server/middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,mFAAmF;AAEnF,8EAA8E;AAC9E,MAAM,UAAU,QAAQ,CAAC,GAAW,EAAE,SAAgC,GAAG;IACvE,OAAO,QAAQ,CAAC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;AACxC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,IAAI;IAClB,OAAO,IAAI,CAAC;AACd,CAAC;AASD;;;;;;;;GAQG;AACH,MAAM,UAAU,cAAc,CAAC,OAAe;IAC5C,gEAAgE;IAChE,MAAM,OAAO,GAAG,OAAO;SACpB,OAAO,CAAC,oBAAoB,EAAE,MAAM,CAAC;QACtC,2DAA2D;SAC1D,OAAO,CAAC,gCAAgC,EAAE,UAAU,CAAC;SACrD,OAAO,CAAC,8BAA8B,EAAE,UAAU,CAAC;QACpD,2BAA2B;SAC1B,OAAO,CAAC,0BAA0B,EAAE,OAAO,CAAC;QAC7C,sDAAsD;SACrD,OAAO,CAAC,aAAa,EAAE,UAAU,CAAC;SAClC,OAAO,CAAC,WAAW,EAAE,IAAI,CAAC;QAC3B,qBAAqB;SACpB,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAE7B,OAAO,IAAI,MAAM,CAAC,IAAI,OAAO,OAAO,CAAC,CAAC;AACxC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,QAAgB,EAAE,QAAmB;IACrE,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACpD,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,GAAqB,EACrB,GAAY;IAEZ,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IACnC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;IAE3C,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC;IAE/D,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,MAAM,YAAY,QAAQ;QAAE,OAAO,MAAM,CAAC;IAC9C,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/server/middleware.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=middleware.test.d.ts.map

package/dist/server/middleware.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.test.d.ts","sourceRoot":"","sources":["../../src/server/middleware.test.ts"],"names":[],"mappings":""}

package/dist/server/middleware.test.js

@@ -0,0 +1,125 @@
+import { describe, it, expect } from "vitest";
+import { matcherToRegex, matchesMiddleware, runMiddleware, redirect, next, } from "./middleware.js";
+// ─── matcherToRegex ───────────────────────────────────────────────────────────
+describe("matcherToRegex", () => {
+    it("matches exact static path", () => {
+        const re = matcherToRegex("/dashboard");
+        expect(re.test("/dashboard")).toBe(true);
+        expect(re.test("/dashboard/")).toBe(true);
+        expect(re.test("/other")).toBe(false);
+    });
+    it("handles :param as single segment", () => {
+        const re = matcherToRegex("/users/:id");
+        expect(re.test("/users/123")).toBe(true);
+        expect(re.test("/users/abc")).toBe(true);
+        expect(re.test("/users/")).toBe(false);
+        expect(re.test("/users/123/extra")).toBe(false);
+    });
+    it("handles * as single segment wildcard", () => {
+        const re = matcherToRegex("/api/*");
+        expect(re.test("/api/health")).toBe(true);
+        expect(re.test("/api/users")).toBe(true);
+        expect(re.test("/api/")).toBe(false);
+        expect(re.test("/api/a/b")).toBe(false);
+    });
+    it("handles ** as zero-or-more segments", () => {
+        const re = matcherToRegex("/docs/**");
+        expect(re.test("/docs/")).toBe(true);
+        expect(re.test("/docs/intro")).toBe(true);
+        expect(re.test("/docs/guides/auth")).toBe(true);
+    });
+    it("handles :param* (Next.js :path* style)", () => {
+        const re = matcherToRegex("/dashboard/:path*");
+        expect(re.test("/dashboard")).toBe(true);
+        expect(re.test("/dashboard/")).toBe(true);
+        expect(re.test("/dashboard/settings")).toBe(true);
+        expect(re.test("/dashboard/users/42")).toBe(true);
+    });
+    it("escapes special regex characters in static segments", () => {
+        const re = matcherToRegex("/search.html");
+        expect(re.test("/search.html")).toBe(true);
+        expect(re.test("/searchXhtml")).toBe(false);
+    });
+});
+// ─── matchesMiddleware ────────────────────────────────────────────────────────
+describe("matchesMiddleware", () => {
+    it("matches all paths when no matchers provided", () => {
+        expect(matchesMiddleware("/anything")).toBe(true);
+        expect(matchesMiddleware("/anything", undefined)).toBe(true);
+        expect(matchesMiddleware("/anything", [])).toBe(true);
+    });
+    it("matches when pathname fits a pattern", () => {
+        const matchers = ["/dashboard/:path*", "/api/*"];
+        expect(matchesMiddleware("/dashboard/settings", matchers)).toBe(true);
+        expect(matchesMiddleware("/api/health", matchers)).toBe(true);
+        expect(matchesMiddleware("/login", matchers)).toBe(false);
+    });
+});
+// ─── redirect and next helpers ────────────────────────────────────────────────
+describe("redirect", () => {
+    it("returns a Response with redirect status", () => {
+        const res = redirect("https://example.com/login");
+        expect(res).toBeInstanceOf(Response);
+        expect(res.status).toBe(307);
+    });
+    it("supports custom status codes", () => {
+        const res = redirect("https://example.com/login", 301);
+        expect(res.status).toBe(301);
+    });
+});
+describe("next", () => {
+    it("returns null", () => {
+        expect(next()).toBe(null);
+    });
+});
+// ─── runMiddleware ────────────────────────────────────────────────────────────
+describe("runMiddleware", () => {
+    it("returns null if pathname does not match the matcher", async () => {
+        const mod = {
+            middleware: () => redirect("https://example.com/login"),
+            config: { matcher: ["/dashboard/:path*"] },
+        };
+        const req = new Request("http://localhost/login");
+        const result = await runMiddleware(mod, req);
+        expect(result).toBe(null);
+    });
+    it("returns Response when middleware redirects", async () => {
+        const mod = {
+            middleware: () => redirect("https://example.com/login"),
+            config: { matcher: ["/dashboard/:path*"] },
+        };
+        const req = new Request("http://localhost/dashboard/settings");
+        const result = await runMiddleware(mod, req);
+        expect(result).toBeInstanceOf(Response);
+        expect(result.status).toBe(307);
+    });
+    it("returns null when middleware passes through", async () => {
+        const mod = {
+            middleware: () => undefined,
+        };
+        const req = new Request("http://localhost/anything");
+        const result = await runMiddleware(mod, req);
+        expect(result).toBe(null);
+    });
+    it("returns null when middleware returns null (via next())", async () => {
+        const mod = {
+            middleware: () => next(),
+        };
+        const req = new Request("http://localhost/anything");
+        const result = await runMiddleware(mod, req);
+        expect(result).toBe(null);
+    });
+    it("runs on all paths when no config.matcher is set", async () => {
+        let called = false;
+        const mod = {
+            middleware: () => {
+                called = true;
+                return null;
+            },
+        };
+        const req = new Request("http://localhost/random/path");
+        await runMiddleware(mod, req);
+        expect(called).toBe(true);
+    });
+});
+//# sourceMappingURL=middleware.test.js.map

package/dist/server/middleware.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.test.js","sourceRoot":"","sources":["../../src/server/middleware.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,cAAc,EACd,iBAAiB,EACjB,aAAa,EACb,QAAQ,EACR,IAAI,GAEL,MAAM,iBAAiB,CAAC;AAEzB,iFAAiF;AAEjF,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;IAC9B,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,MAAM,EAAE,GAAG,cAAc,CAAC,YAAY,CAAC,CAAC;QACxC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,EAAE,GAAG,cAAc,CAAC,YAAY,CAAC,CAAC;QACxC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACvC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,EAAE,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;QACpC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;QAC7C,MAAM,EAAE,GAAG,cAAc,CAAC,UAAU,CAAC,CAAC;QACtC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,EAAE,GAAG,cAAc,CAAC,mBAAmB,CAAC,CAAC;QAC/C,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,EAAE,GAAG,cAAc,CAAC,cAAc,CAAC,CAAC;QAC1C,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3C,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,iFAAiF;AAEjF,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,CAAC,iBAAiB,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7D,MAAM,CAAC,iBAAiB,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,QAAQ,GAAG,CAAC,mBAAmB,EAAE,QAAQ,CAAC,CAAC;QACjD,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtE,MAAM,CAAC,iBAAiB,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9D,MAAM,CAAC,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,iFAAiF;AAEjF,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE;IACxB,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,GAAG,GAAG,QAAQ,CAAC,2BAA2B,CAAC,CAAC;QAClD,MAAM,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,GAAG,GAAG,QAAQ,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;QACvD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,MAAM,EAAE,GAAG,EAAE;IACpB,EAAE,CAAC,cAAc,EAAE,GAAG,EAAE;QACtB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,iFAAiF;AAEjF,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;QACnE,MAAM,GAAG,GAAqB;YAC5B,UAAU,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,2BAA2B,CAAC;YACvD,MAAM,EAAE,EAAE,OAAO,EAAE,CAAC,mBAAmB,CAAC,EAAE;SAC3C,CAAC;QACF,MAAM,GAAG,GAAG,IAAI,OAAO,CAAC,wBAAwB,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC7C,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,KAAK,IAAI,EAAE;QAC1D,MAAM,GAAG,GAAqB;YAC5B,UAAU,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,2BAA2B,CAAC;YACvD,MAAM,EAAE,EAAE,OAAO,EAAE,CAAC,mBAAmB,CAAC,EAAE;SAC3C,CAAC;QACF,MAAM,GAAG,GAAG,IAAI,OAAO,CAAC,qCAAqC,CAAC,CAAC;QAC/D,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC7C,MAAM,CAAC,MAAM,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QACxC,MAAM,CAAC,MAAO,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,KAAK,IAAI,EAAE;QAC3D,MAAM,GAAG,GAAqB;YAC5B,UAAU,EAAE,GAAG,EAAE,CAAC,SAAS;SAC5B,CAAC;QACF,MAAM,GAAG,GAAG,IAAI,OAAO,CAAC,2BAA2B,CAAC,CAAC;QACrD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC7C,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,GAAG,GAAqB;YAC5B,UAAU,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE;SACzB,CAAC;QACF,MAAM,GAAG,GAAG,IAAI,OAAO,CAAC,2BAA2B,CAAC,CAAC;QACrD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC7C,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,IAAI,MAAM,GAAG,KAAK,CAAC;QACnB,MAAM,GAAG,GAAqB;YAC5B,UAAU,EAAE,GAAG,EAAE;gBACf,MAAM,GAAG,IAAI,CAAC;gBACd,OAAO,IAAI,CAAC;YACd,CAAC;SACF,CAAC;QACF,MAAM,GAAG,GAAG,IAAI,OAAO,CAAC,8BAA8B,CAAC,CAAC;QACxD,MAAM,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC9B,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/server/revalidate.d.ts

@@ -0,0 +1,49 @@
+/**
+ * On-demand ISR revalidation handler.
+ *
+ * Exposes `POST /_alabjs/revalidate` so CMS webhooks, deploy scripts, or
+ * API routes can purge the page HTML and/or server-function data cache
+ * without restarting the server.
+ *
+ * Authentication
+ * --------------
+ * Set `ALAB_REVALIDATE_SECRET` in your environment. Every request must then
+ * include `Authorization: Bearer <secret>`. If the env var is not set the
+ * endpoint is open — useful in development, unsafe in production.
+ *
+ * Request body (JSON) — supply one or more fields:
+ * ```json
+ * { "path": "/posts/1" }            // purge a single page
+ * { "prefix": "/posts" }            // purge /posts, /posts/1, /posts/2, …
+ * { "tags": ["posts", "post:1"] }   // purge all entries tagged with any tag
+ * ```
+ *
+ * Response (200):
+ * ```json
+ * { "revalidated": true, "path": "/posts/1" }
+ * ```
+ */
+export interface RevalidateBody {
+    /** Purge a single cached page path. */
+    path?: string;
+    /** Purge all cached pages whose path starts with this prefix. */
+    prefix?: string;
+    /** Purge all server-function and page cache entries carrying any of these tags. */
+    tags?: string[];
+}
+/** Returns `true` when the request is authorised to call the revalidate endpoint. */
+export declare function checkRevalidateAuth(authorizationHeader: string | null | undefined): boolean;
+/**
+ * Apply a revalidation request. Returns a result object on success or an
+ * `{ error }` object (with an HTTP status hint) on failure.
+ */
+export declare function applyRevalidate(body: unknown): {
+    revalidated: true;
+    path?: string;
+    prefix?: string;
+    tags?: string[];
+} | {
+    status: number;
+    error: string;
+};
+//# sourceMappingURL=revalidate.d.ts.map

package/dist/server/revalidate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"revalidate.d.ts","sourceRoot":"","sources":["../../src/server/revalidate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAIH,MAAM,WAAW,cAAc;IAC7B,uCAAuC;IACvC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,iEAAiE;IACjE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,mFAAmF;IACnF,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,qFAAqF;AACrF,wBAAgB,mBAAmB,CAAC,mBAAmB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,CAO3F;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAC7B,IAAI,EAAE,OAAO,GACZ;IAAE,WAAW,EAAE,IAAI,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;CAAE,GAAG;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAqB5G"}

package/dist/server/revalidate.js

@@ -0,0 +1,62 @@
+/**
+ * On-demand ISR revalidation handler.
+ *
+ * Exposes `POST /_alabjs/revalidate` so CMS webhooks, deploy scripts, or
+ * API routes can purge the page HTML and/or server-function data cache
+ * without restarting the server.
+ *
+ * Authentication
+ * --------------
+ * Set `ALAB_REVALIDATE_SECRET` in your environment. Every request must then
+ * include `Authorization: Bearer <secret>`. If the env var is not set the
+ * endpoint is open — useful in development, unsafe in production.
+ *
+ * Request body (JSON) — supply one or more fields:
+ * ```json
+ * { "path": "/posts/1" }            // purge a single page
+ * { "prefix": "/posts" }            // purge /posts, /posts/1, /posts/2, …
+ * { "tags": ["posts", "post:1"] }   // purge all entries tagged with any tag
+ * ```
+ *
+ * Response (200):
+ * ```json
+ * { "revalidated": true, "path": "/posts/1" }
+ * ```
+ */
+import { revalidatePath, revalidatePathPrefix, revalidateTag } from "./cache.js";
+/** Returns `true` when the request is authorised to call the revalidate endpoint. */
+export function checkRevalidateAuth(authorizationHeader) {
+    const secret = process.env["ALAB_REVALIDATE_SECRET"];
+    if (!secret)
+        return true; // no secret configured — open endpoint
+    const provided = authorizationHeader?.startsWith("Bearer ")
+        ? authorizationHeader.slice(7)
+        : null;
+    return provided === secret;
+}
+/**
+ * Apply a revalidation request. Returns a result object on success or an
+ * `{ error }` object (with an HTTP status hint) on failure.
+ */
+export function applyRevalidate(body) {
+    if (typeof body !== "object" || body === null) {
+        return { status: 400, error: "Request body must be a JSON object." };
+    }
+    const { path, prefix, tags } = body;
+    if (!path && !prefix && (!tags || tags.length === 0)) {
+        return { status: 400, error: "Provide at least one of: path, prefix, tags." };
+    }
+    if (path)
+        revalidatePath(path);
+    if (prefix)
+        revalidatePathPrefix(prefix);
+    if (tags?.length)
+        revalidateTag({ tags });
+    return {
+        revalidated: true,
+        ...(path !== undefined && { path }),
+        ...(prefix !== undefined && { prefix }),
+        ...(tags !== undefined && { tags }),
+    };
+}
+//# sourceMappingURL=revalidate.js.map

package/dist/server/revalidate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"revalidate.js","sourceRoot":"","sources":["../../src/server/revalidate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAWjF,qFAAqF;AACrF,MAAM,UAAU,mBAAmB,CAAC,mBAA8C;IAChF,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;IACrD,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC,CAAC,uCAAuC;IACjE,MAAM,QAAQ,GAAG,mBAAmB,EAAE,UAAU,CAAC,SAAS,CAAC;QACzD,CAAC,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC;QAC9B,CAAC,CAAC,IAAI,CAAC;IACT,OAAO,QAAQ,KAAK,MAAM,CAAC;AAC7B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAC7B,IAAa;IAEb,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;QAC9C,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,qCAAqC,EAAE,CAAC;IACvE,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,IAAsB,CAAC;IAEtD,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QACrD,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,8CAA8C,EAAE,CAAC;IAChF,CAAC;IAED,IAAI,IAAI;QAAE,cAAc,CAAC,IAAI,CAAC,CAAC;IAC/B,IAAI,MAAM;QAAE,oBAAoB,CAAC,MAAM,CAAC,CAAC;IACzC,IAAI,IAAI,EAAE,MAAM;QAAE,aAAa,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,OAAO;QACL,WAAW,EAAE,IAAI;QACjB,GAAG,CAAC,IAAI,KAAK,SAAS,IAAI,EAAE,IAAI,EAAE,CAAC;QACnC,GAAG,CAAC,MAAM,KAAK,SAAS,IAAI,EAAE,MAAM,EAAE,CAAC;QACvC,GAAG,CAAC,IAAI,KAAK,SAAS,IAAI,EAAE,IAAI,EAAE,CAAC;KACpC,CAAC;AACJ,CAAC"}

package/dist/server/revalidate.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=revalidate.test.d.ts.map