alepha 0.13.0 → 0.13.1

package/dist/server-swagger/index.cjs

@@ -1,1021 +0,0 @@
-let alepha = require("alepha");
-let alepha_security = require("alepha/security");
-let alepha_server = require("alepha/server");
-let node_crypto = require("node:crypto");
-let alepha_logger = require("alepha/logger");
-let alepha_cache = require("alepha/cache");
-let alepha_datetime = require("alepha/datetime");
-let node_fs = require("node:fs");
-let node_fs_promises = require("node:fs/promises");
-let node_path = require("node:path");
-let alepha_file = require("alepha/file");
-let node_url = require("node:url");
-
-//#region src/server-security/providers/ServerBasicAuthProvider.ts
-var ServerBasicAuthProvider = class {
-	alepha = (0, alepha.$inject)(alepha.Alepha);
-	log = (0, alepha_logger.$logger)();
-	routerProvider = (0, alepha.$inject)(alepha_server.ServerRouterProvider);
-	realm = "Secure Area";
-	/**
-	* Registered basic auth descriptors with their configurations
-	*/
-	registeredAuths = [];
-	/**
-	* Register a basic auth configuration (called by descriptors)
-	*/
-	registerAuth(config) {
-		this.registeredAuths.push(config);
-	}
-	onStart = (0, alepha.$hook)({
-		on: "start",
-		handler: async () => {
-			for (const auth of this.registeredAuths) if (auth.paths) for (const pattern of auth.paths) {
-				const matchedRoutes = this.routerProvider.getRoutes(pattern);
-				for (const route of matchedRoutes) route.secure = { basic: {
-					username: auth.username,
-					password: auth.password
-				} };
-			}
-			if (this.registeredAuths.length > 0) this.log.info(`Initialized with ${this.registeredAuths.length} registered basic-auth configurations.`);
-		}
-	});
-	/**
-	* Hook into server:onRequest to check basic auth
-	*/
-	onRequest = (0, alepha.$hook)({
-		on: "server:onRequest",
-		handler: async ({ route, request }) => {
-			const routeAuth = route.secure;
-			if (typeof routeAuth === "object" && "basic" in routeAuth && routeAuth.basic) this.checkAuth(request, routeAuth.basic);
-		}
-	});
-	/**
-	* Hook into action:onRequest to check basic auth for actions
-	*/
-	onActionRequest = (0, alepha.$hook)({
-		on: "action:onRequest",
-		handler: async ({ action, request }) => {
-			const routeAuth = action.route.secure;
-			if (isBasicAuth(routeAuth)) this.checkAuth(request, routeAuth.basic);
-		}
-	});
-	/**
-	* Check basic authentication
-	*/
-	checkAuth(request, options) {
-		const authHeader = request.headers?.authorization;
-		if (!authHeader || !authHeader.startsWith("Basic ")) {
-			this.sendAuthRequired(request);
-			throw new alepha_server.HttpError({
-				status: 401,
-				message: "Authentication required"
-			});
-		}
-		const base64Credentials = authHeader.slice(6);
-		const credentials = Buffer.from(base64Credentials, "base64").toString("utf-8");
-		const colonIndex = credentials.indexOf(":");
-		const username = colonIndex !== -1 ? credentials.slice(0, colonIndex) : credentials;
-		const password = colonIndex !== -1 ? credentials.slice(colonIndex + 1) : "";
-		if (!this.timingSafeCredentialCheck(username, password, options.username, options.password)) {
-			this.sendAuthRequired(request);
-			this.log.warn(`Failed basic auth attempt for user`, { username });
-			throw new alepha_server.HttpError({
-				status: 401,
-				message: "Invalid credentials"
-			});
-		}
-	}
-	/**
-	* Performs a timing-safe comparison of credentials to prevent timing attacks.
-	* Always compares both username and password to avoid leaking which one is wrong.
-	*/
-	timingSafeCredentialCheck(inputUsername, inputPassword, expectedUsername, expectedPassword) {
-		const inputUserBuf = Buffer.from(inputUsername, "utf-8");
-		const expectedUserBuf = Buffer.from(expectedUsername, "utf-8");
-		const inputPassBuf = Buffer.from(inputPassword, "utf-8");
-		const expectedPassBuf = Buffer.from(expectedPassword, "utf-8");
-		return (this.safeCompare(inputUserBuf, expectedUserBuf) & this.safeCompare(inputPassBuf, expectedPassBuf)) === 1;
-	}
-	/**
-	* Compares two buffers in constant time, handling different lengths safely.
-	* Returns 1 if equal, 0 if not equal.
-	*/
-	safeCompare(input, expected) {
-		if (input.length !== expected.length) {
-			(0, node_crypto.timingSafeEqual)(input, input);
-			return 0;
-		}
-		return (0, node_crypto.timingSafeEqual)(input, expected) ? 1 : 0;
-	}
-	/**
-	* Send WWW-Authenticate header
-	*/
-	sendAuthRequired(request) {
-		request.reply.setHeader("WWW-Authenticate", `Basic realm="${this.realm}"`);
-	}
-};
-const isBasicAuth = (value) => {
-	return typeof value === "object" && !!value && "basic" in value && !!value.basic;
-};
-
-//#endregion
-//#region src/server-security/descriptors/$basicAuth.ts
-/**
-* Declares HTTP Basic Authentication for server routes.
-* This descriptor provides methods to protect routes with username/password authentication.
-*/
-const $basicAuth = (options) => {
-	return (0, alepha.createDescriptor)(BasicAuthDescriptor, options);
-};
-var BasicAuthDescriptor = class extends alepha.Descriptor {
-	serverBasicAuthProvider = (0, alepha.$inject)(ServerBasicAuthProvider);
-	get name() {
-		return this.options.name ?? `${this.config.propertyKey}`;
-	}
-	onInit() {
-		this.serverBasicAuthProvider.registerAuth(this.options);
-	}
-	/**
-	* Checks basic auth for the given request using this descriptor's configuration.
-	*/
-	check(request, options) {
-		const mergedOptions = {
-			...this.options,
-			...options
-		};
-		this.serverBasicAuthProvider.checkAuth(request, mergedOptions);
-	}
-};
-$basicAuth[alepha.KIND] = BasicAuthDescriptor;
-
-//#endregion
-//#region src/server-security/providers/ServerSecurityProvider.ts
-var ServerSecurityProvider = class {
-	log = (0, alepha_logger.$logger)();
-	securityProvider = (0, alepha.$inject)(alepha_security.SecurityProvider);
-	jwtProvider = (0, alepha.$inject)(alepha_security.JwtProvider);
-	alepha = (0, alepha.$inject)(alepha.Alepha);
-	onConfigure = (0, alepha.$hook)({
-		on: "configure",
-		handler: async () => {
-			for (const action of this.alepha.descriptors(alepha_server.$action)) {
-				if (action.options.disabled || action.options.secure === false || this.securityProvider.getRealms().length === 0) continue;
-				if (typeof action.options.secure !== "object") this.securityProvider.createPermission({
-					name: action.name,
-					group: action.group,
-					method: action.route.method,
-					path: action.route.path
-				});
-			}
-		}
-	});
-	onActionRequest = (0, alepha.$hook)({
-		on: "action:onRequest",
-		handler: async ({ action, request, options }) => {
-			if (action.options.secure === false && !options.user) {
-				this.log.trace("Skipping security check for route");
-				return;
-			}
-			if (isBasicAuth(action.route.secure)) return;
-			const permission = this.securityProvider.getPermissions().find((it) => it.path === action.route.path && it.method === action.route.method);
-			try {
-				request.user = this.createUserFromLocalFunctionContext(options, permission);
-				const route = action.route;
-				if (typeof route.secure === "object") this.check(request.user, route.secure);
-				this.alepha.state.set("alepha.server.request.user", this.alepha.codec.decode(alepha_security.userAccountInfoSchema, request.user));
-			} catch (error) {
-				if (action.options.secure || permission) throw error;
-				this.log.trace("Skipping security check for action");
-			}
-		}
-	});
-	onRequest = (0, alepha.$hook)({
-		on: "server:onRequest",
-		priority: "last",
-		handler: async ({ request, route }) => {
-			if (route.secure === false) {
-				this.log.trace("Skipping security check for route - explicitly disabled");
-				return;
-			}
-			if (isBasicAuth(route.secure)) return;
-			const permission = this.securityProvider.getPermissions().find((it) => it.path === route.path && it.method === route.method);
-			if (!request.headers.authorization && !route.secure && !permission) {
-				this.log.trace("Skipping security check for route - no authorization header and not secure");
-				return;
-			}
-			try {
-				request.user = await this.securityProvider.createUserFromToken(request.headers.authorization, { permission });
-				if (typeof route.secure === "object") this.check(request.user, route.secure);
-				this.alepha.state.set("alepha.server.request.user", this.alepha.codec.decode(alepha_security.userAccountInfoSchema, request.user));
-				this.log.trace("User set from request token", {
-					user: request.user,
-					permission
-				});
-			} catch (error) {
-				if (route.secure || permission) throw error;
-				this.log.trace("Skipping security check for route - error occurred", error);
-			}
-		}
-	});
-	check(user, secure) {
-		if (secure.realm) {
-			if (user.realm !== secure.realm) throw new alepha_server.ForbiddenError(`User must belong to realm '${secure.realm}' to access this route`);
-		}
-	}
-	/**
-	* Get the user account token for a local action call.
-	* There are three possible sources for the user:
-	* - `options.user`: the user passed in the options
-	* - `"system"`: the system user from the state (you MUST set state `server.security.system.user`)
-	* - `"context"`: the user from the request context (you MUST be in an HTTP request context)
-	*
-	* Priority order: `options.user` > `"system"` > `"context"`.
-	*
-	* In testing environment, if no user is provided, a test user is created based on the SecurityProvider's roles.
-	*/
-	createUserFromLocalFunctionContext(options, permission) {
-		const fromOptions = typeof options.user === "object" ? options.user : void 0;
-		const type = typeof options.user === "string" ? options.user : void 0;
-		let user;
-		const fromContext = this.alepha.context.get("request")?.user;
-		const fromSystem = this.alepha.state.get("alepha.server.security.system.user");
-		if (type === "system") user = fromSystem;
-		else if (type === "context") user = fromContext;
-		else user = fromOptions ?? fromContext ?? fromSystem;
-		if (!user) {
-			if (this.alepha.isTest() && !("user" in options)) return this.createTestUser();
-			throw new alepha_server.UnauthorizedError("User is required for calling this action");
-		}
-		const roles = user.roles ?? (this.alepha.isTest() ? this.securityProvider.getRoles().map((role) => role.name) : []);
-		let ownership;
-		if (permission) {
-			const result = this.securityProvider.checkPermission(permission, ...roles);
-			if (!result.isAuthorized) throw new alepha_server.ForbiddenError(`Permission '${this.securityProvider.permissionToString(permission)}' is required for this route`);
-			ownership = result.ownership;
-		}
-		return {
-			...user,
-			ownership
-		};
-	}
-	createTestUser() {
-		return {
-			id: (0, node_crypto.randomUUID)(),
-			name: "Test",
-			roles: this.securityProvider.getRoles().map((role) => role.name)
-		};
-	}
-	onClientRequest = (0, alepha.$hook)({
-		on: "client:onRequest",
-		handler: async ({ request, options }) => {
-			if (!this.alepha.isTest()) return;
-			if ("user" in options && options.user === void 0) return;
-			request.headers = new Headers(request.headers);
-			if (!request.headers.has("authorization")) {
-				const test = this.createTestUser();
-				const user = typeof options?.user === "object" ? options.user : void 0;
-				const sub = user?.id ?? test.id;
-				const roles = user?.roles ?? test.roles;
-				const token = await this.jwtProvider.create({
-					sub,
-					roles
-				}, user?.realm ?? this.securityProvider.getRealms()[0]?.name);
-				request.headers.set("authorization", `Bearer ${token}`);
-			}
-		}
-	});
-};
-
-//#endregion
-//#region src/server-security/index.ts
-/**
-* Plugin for Alepha Server that provides security features. Based on the Alepha Security module.
-*
-* By default, all $action will be guarded by a permission check.
-*
-* @see {@link ServerSecurityProvider}
-* @module alepha.server.security
-*/
-const AlephaServerSecurity = (0, alepha.$module)({
-	name: "alepha.server.security",
-	descriptors: [
-		alepha_security.$realm,
-		alepha_security.$role,
-		alepha_security.$permission,
-		$basicAuth
-	],
-	services: [
-		alepha_server.AlephaServer,
-		alepha_security.AlephaSecurity,
-		ServerSecurityProvider,
-		ServerBasicAuthProvider
-	]
-});
-
-//#endregion
-//#region src/server-cache/providers/ServerCacheProvider.ts
-alepha_server.ActionDescriptor.prototype.invalidate = async function() {
-	await this.alepha.inject(ServerCacheProvider).invalidate(this.route);
-};
-var ServerCacheProvider = class {
-	log = (0, alepha_logger.$logger)();
-	alepha = (0, alepha.$inject)(alepha.Alepha);
-	time = (0, alepha.$inject)(alepha_datetime.DateTimeProvider);
-	cache = (0, alepha_cache.$cache)({ provider: "memory" });
-	generateETag(content) {
-		return `"${(0, node_crypto.createHash)("md5").update(content).digest("hex")}"`;
-	}
-	async invalidate(route) {
-		if (!route.cache) return;
-		await this.cache.invalidate(this.createCacheKey(route));
-	}
-	onActionRequest = (0, alepha.$hook)({
-		on: "action:onRequest",
-		handler: async ({ action, request }) => {
-			const cache = action.route.cache;
-			if (this.shouldStore(cache)) {
-				const key = this.createCacheKey(action.route, request);
-				const cached = await this.cache.get(key);
-				if (cached) {
-					const body = cached.contentType === "application/json" ? JSON.parse(cached.body) : cached.body;
-					this.log.trace("Cache hit for action", {
-						key,
-						action: action.name
-					});
-					request.reply.body = body;
-				} else this.log.trace("Cache miss for action", {
-					key,
-					action: action.name
-				});
-			}
-		}
-	});
-	onActionResponse = (0, alepha.$hook)({
-		on: "action:onResponse",
-		handler: async ({ action, request, response }) => {
-			const cache = action.route.cache;
-			if (!this.shouldStore(cache) || !response) return;
-			if (request.reply.status && request.reply.status >= 400) return;
-			const contentType = typeof response === "string" ? "text/plain" : "application/json";
-			const body = contentType === "text/plain" ? response : JSON.stringify(response);
-			const generatedEtag = this.generateETag(body);
-			const lastModified = this.time.toISOString();
-			const key = this.createCacheKey(action.route, request);
-			this.log.trace("Storing response", {
-				key,
-				action: action.name
-			});
-			await this.cache.set(key, {
-				body,
-				lastModified,
-				contentType,
-				hash: generatedEtag
-			});
-			const cacheControl = this.buildCacheControlHeader(cache);
-			if (cacheControl) request.reply.setHeader("cache-control", cacheControl);
-		}
-	});
-	onRequest = (0, alepha.$hook)({
-		on: "server:onRequest",
-		handler: async ({ route, request }) => {
-			const cache = route.cache;
-			const shouldStore = this.shouldStore(cache);
-			const shouldUseEtag = this.shouldUseEtag(cache);
-			if (!shouldStore && !shouldUseEtag) return;
-			const key = this.createCacheKey(route, request);
-			const cached = await this.cache.get(key);
-			if (cached) {
-				if (request.headers["if-none-match"] === cached.hash || request.headers["if-modified-since"] === cached.lastModified) {
-					request.reply.status = 304;
-					request.reply.setHeader("etag", cached.hash);
-					request.reply.setHeader("last-modified", cached.lastModified);
-					this.log.trace("ETag match, returning 304", {
-						route: route.path,
-						etag: cached.hash
-					});
-					return;
-				}
-				if (shouldStore) {
-					this.log.trace("Cache hit for route", {
-						key,
-						route: route.path
-					});
-					request.reply.body = cached.body;
-					request.reply.status = cached.status ?? 200;
-					if (cached.contentType) request.reply.setHeader("Content-Type", cached.contentType);
-					request.reply.setHeader("etag", cached.hash);
-					request.reply.setHeader("last-modified", cached.lastModified);
-				}
-			} else if (shouldStore) this.log.trace("Cache miss for route", {
-				key,
-				route: route.path
-			});
-		}
-	});
-	onSend = (0, alepha.$hook)({
-		on: "server:onSend",
-		handler: async ({ route, request }) => {
-			const cache = route.cache;
-			const shouldStore = this.shouldStore(cache);
-			const shouldUseEtag = this.shouldUseEtag(cache);
-			if (request.reply.headers.etag) return;
-			if (!shouldStore && shouldUseEtag && request.reply.body != null && (typeof request.reply.body === "string" || Buffer.isBuffer(request.reply.body))) {
-				const generatedEtag = this.generateETag(request.reply.body);
-				if (request.headers["if-none-match"] === generatedEtag) {
-					request.reply.status = 304;
-					request.reply.body = void 0;
-					request.reply.setHeader("etag", generatedEtag);
-					this.log.trace("ETag match on send, returning 304", {
-						route: route.path,
-						etag: generatedEtag
-					});
-					return;
-				}
-			}
-		}
-	});
-	onResponse = (0, alepha.$hook)({
-		on: "server:onResponse",
-		priority: "first",
-		handler: async ({ route, request, response }) => {
-			const cache = route.cache;
-			const cacheControl = this.buildCacheControlHeader(cache);
-			if (cacheControl) response.headers["cache-control"] = cacheControl;
-			const shouldStore = this.shouldStore(cache);
-			const shouldUseEtag = this.shouldUseEtag(cache);
-			if (!shouldStore && !shouldUseEtag) return;
-			if (typeof response.body !== "string") return;
-			if (response.status && response.status >= 400) return;
-			const key = this.createCacheKey(route, request);
-			const generatedEtag = this.generateETag(response.body);
-			const lastModified = this.time.toISOString();
-			response.headers ??= {};
-			if (shouldStore) {
-				this.log.trace("Storing response", {
-					key,
-					route: route.path,
-					cache: !!cache,
-					etag: shouldUseEtag
-				});
-				await this.cache.set(key, {
-					body: response.body,
-					status: response.status,
-					contentType: response.headers?.["content-type"],
-					lastModified,
-					hash: generatedEtag
-				});
-			}
-			if (shouldUseEtag) {
-				response.headers.etag = generatedEtag;
-				response.headers["last-modified"] = lastModified;
-			}
-		}
-	});
-	buildCacheControlHeader(cache) {
-		if (!cache) return;
-		if (cache === true || typeof cache === "string" || typeof cache === "number") return;
-		const control = cache.control;
-		if (!control) return;
-		if (typeof control === "string") return control;
-		if (control === true) return "public, max-age=300";
-		const directives = [];
-		if (control.public) directives.push("public");
-		if (control.private) directives.push("private");
-		if (control.noCache) directives.push("no-cache");
-		if (control.noStore) directives.push("no-store");
-		if (control.maxAge !== void 0) {
-			const maxAgeSeconds = this.durationToSeconds(control.maxAge);
-			directives.push(`max-age=${maxAgeSeconds}`);
-		}
-		if (control.sMaxAge !== void 0) {
-			const sMaxAgeSeconds = this.durationToSeconds(control.sMaxAge);
-			directives.push(`s-maxage=${sMaxAgeSeconds}`);
-		}
-		if (control.mustRevalidate) directives.push("must-revalidate");
-		if (control.proxyRevalidate) directives.push("proxy-revalidate");
-		if (control.immutable) directives.push("immutable");
-		return directives.length > 0 ? directives.join(", ") : void 0;
-	}
-	durationToSeconds(duration) {
-		if (typeof duration === "number") return duration;
-		return this.time.duration(duration).asSeconds();
-	}
-	shouldStore(cache) {
-		if (!cache) return false;
-		if (cache === true) return true;
-		if (typeof cache === "object" && cache.store) return true;
-		return false;
-	}
-	shouldUseEtag(cache) {
-		if (cache === true) return true;
-		if (typeof cache === "object" && cache.etag) return true;
-		return false;
-	}
-	createCacheKey(route, config) {
-		const params = [];
-		for (const [key, value] of Object.entries(config?.params ?? {})) params.push(`${key}=${value}`);
-		for (const [key, value] of Object.entries(config?.query ?? {})) params.push(`${key}=${value}`);
-		return `${route.method}:${route.path.replaceAll(":", "")}:${params.join(",").replaceAll(":", "")}`;
-	}
-};
-
-//#endregion
-//#region src/server-cache/index.ts
-/**
-* Plugin for Alepha Server that provides server-side caching capabilities.
-* It uses the Alepha Cache module to cache responses from server actions ($action).
-* It also provides a ETag-based cache invalidation mechanism.
-*
-* @example
-* ```ts
-* import { Alepha } from "alepha";
-* import { $action } from "alepha/server";
-* import { AlephaServerCache } from "alepha/server/cache";
-*
-* class ApiServer {
-*   hello = $action({
-*     cache: true,
-*     handler: () => "Hello, World!",
-*   });
-* }
-*
-* const alepha = Alepha.create()
-*   .with(AlephaServerCache)
-*   .with(ApiServer);
-*
-* run(alepha);
-* ```
-*
-* @see {@link ServerCacheProvider}
-* @module alepha.server.cache
-*/
-const AlephaServerCache = (0, alepha.$module)({
-	name: "alepha.server.cache",
-	services: [alepha_cache.AlephaCache, ServerCacheProvider]
-});
-
-//#endregion
-//#region src/server-static/descriptors/$serve.ts
-/**
-* Create a new static file handler.
-*/
-const $serve = (options = {}) => {
-	return (0, alepha.createDescriptor)(ServeDescriptor, options);
-};
-var ServeDescriptor = class extends alepha.Descriptor {};
-$serve[alepha.KIND] = ServeDescriptor;
-
-//#endregion
-//#region src/server-static/providers/ServerStaticProvider.ts
-var ServerStaticProvider = class {
-	alepha = (0, alepha.$inject)(alepha.Alepha);
-	routerProvider = (0, alepha.$inject)(alepha_server.ServerRouterProvider);
-	dateTimeProvider = (0, alepha.$inject)(alepha_datetime.DateTimeProvider);
-	fileDetector = (0, alepha.$inject)(alepha_file.FileDetector);
-	log = (0, alepha_logger.$logger)();
-	directories = [];
-	configure = (0, alepha.$hook)({
-		on: "configure",
-		handler: async () => {
-			await Promise.all(this.alepha.descriptors($serve).map((it) => this.createStaticServer(it.options)));
-		}
-	});
-	async createStaticServer(options) {
-		const prefix = options.path ?? "/";
-		let root = options.root ?? process.cwd();
-		if (!(0, node_path.isAbsolute)(root)) root = (0, node_path.join)(process.cwd(), root);
-		this.log.debug("Serve static files", {
-			prefix,
-			root
-		});
-		await (0, node_fs_promises.stat)(root);
-		const files = await this.getAllFiles(root, options.ignoreDotEnvFiles);
-		const routes = await Promise.all(files.map(async (file) => {
-			const path = file.replace(root, "").replace(/\\/g, "/");
-			this.log.trace(`Mount ${(0, node_path.join)(prefix, path)} -> ${(0, node_path.join)(root, path)}`);
-			return {
-				path: (0, node_path.join)(prefix, encodeURI(path)),
-				handler: await this.createFileHandler((0, node_path.join)(root, path), options)
-			};
-		}));
-		for (const route of routes) {
-			this.routerProvider.createRoute(route);
-			if (options.indexFallback !== false && route.path.endsWith("index.html")) this.routerProvider.createRoute({
-				path: route.path.replace(/index\.html$/, ""),
-				handler: route.handler
-			});
-		}
-		this.directories.push({
-			options,
-			files: files.map((file) => file.replace(root, "").replace(/\\/g, "/"))
-		});
-		if (options.historyApiFallback) this.routerProvider.createRoute({
-			path: (0, node_path.join)(prefix, "*").replace(/\\/g, "/"),
-			handler: async (request) => {
-				const { reply } = request;
-				if (request.url.pathname.includes(".")) {
-					reply.headers["content-type"] = "text/plain";
-					reply.body = "Not Found";
-					reply.status = 404;
-					return;
-				}
-				reply.headers["content-type"] = "text/html";
-				reply.status = 200;
-				return (0, node_fs.createReadStream)((0, node_path.join)(root, "index.html"));
-			}
-		});
-	}
-	async createFileHandler(filepath, options) {
-		const filename = (0, node_path.basename)(filepath);
-		const hasGzip = await (0, node_fs_promises.access)(`${filepath}.gz`).then(() => true).catch(() => false);
-		const hasBr = await (0, node_fs_promises.access)(`${filepath}.br`).then(() => true).catch(() => false);
-		const fileStat = await (0, node_fs_promises.stat)(filepath);
-		const lastModified = fileStat.mtime.toUTCString();
-		const etag = `"${fileStat.size}-${fileStat.mtime.getTime()}"`;
-		const contentType = this.fileDetector.getContentType(filename);
-		const cacheControl = this.getCacheControl(filename, options);
-		return async (request) => {
-			const { headers, reply } = request;
-			let path = filepath;
-			const encoding = headers["accept-encoding"];
-			if (encoding) {
-				if (hasBr && encoding.includes("br")) {
-					reply.headers["content-encoding"] = "br";
-					path += ".br";
-				} else if (hasGzip && encoding.includes("gzip")) {
-					reply.headers["content-encoding"] = "gzip";
-					path += ".gz";
-				}
-			}
-			reply.headers["content-type"] = contentType;
-			reply.headers["accept-ranges"] = "bytes";
-			reply.headers["last-modified"] = lastModified;
-			if (cacheControl) {
-				reply.headers["cache-control"] = `public, max-age=${cacheControl.maxAge}`;
-				if (cacheControl.immutable) reply.headers["cache-control"] += ", immutable";
-			}
-			reply.headers.etag = etag;
-			if (headers["if-none-match"] === etag || headers["if-modified-since"] === lastModified) {
-				reply.status = 304;
-				return;
-			}
-			return (0, node_fs.createReadStream)(path);
-		};
-	}
-	getCacheFileTypes() {
-		return [
-			".js",
-			".css",
-			".woff",
-			".woff2",
-			".ttf",
-			".eot",
-			".otf",
-			".jpg",
-			".jpeg",
-			".png",
-			".svg",
-			".gif"
-		];
-	}
-	getCacheControl(filename, options) {
-		if (!options.cacheControl) return;
-		const fileTypes = options.cacheControl.fileTypes ?? this.getCacheFileTypes();
-		for (const type of fileTypes) if (filename.endsWith(type)) return {
-			immutable: options.cacheControl.immutable ?? true,
-			maxAge: this.dateTimeProvider.duration(options.cacheControl.maxAge ?? [30, "days"]).as("seconds")
-		};
-	}
-	async getAllFiles(dir, ignoreDotEnvFiles = true) {
-		const entries = await (0, node_fs_promises.readdir)(dir, { withFileTypes: true });
-		return (await Promise.all(entries.map((dirent) => {
-			if (ignoreDotEnvFiles && dirent.name.startsWith(".")) return [];
-			const fullPath = (0, node_path.join)(dir, dirent.name);
-			return dirent.isDirectory() ? this.getAllFiles(fullPath) : fullPath;
-		}))).flat();
-	}
-};
-
-//#endregion
-//#region src/server-static/index.ts
-/**
-* Create static file server with `$static()`.
-*
-* @see {@link ServerStaticProvider}
-* @module alepha.server.static
-*/
-const AlephaServerStatic = (0, alepha.$module)({
-	name: "alepha.server.static",
-	descriptors: [$serve],
-	services: [alepha_server.AlephaServer, ServerStaticProvider]
-});
-
-//#endregion
-//#region src/server-swagger/descriptors/$swagger.ts
-/**
-* Creates an OpenAPI/Swagger documentation descriptor with interactive UI.
-*
-* Automatically generates API documentation from your $action descriptors and serves
-* an interactive Swagger UI for testing endpoints. Supports customization, tag filtering,
-* and OAuth configuration.
-*
-* @example
-* ```ts
-* class App {
-*   docs = $swagger({
-*     prefix: "/api-docs",
-*     info: {
-*       title: "My API",
-*       version: "1.0.0",
-*       description: "REST API documentation"
-*     },
-*     excludeTags: ["internal"],
-*     ui: { root: "/swagger" }
-*   });
-* }
-* ```
-*/
-const $swagger = (options = {}) => {
-	return (0, alepha.createDescriptor)(SwaggerDescriptor, options);
-};
-var SwaggerDescriptor = class extends alepha.Descriptor {};
-$swagger[alepha.KIND] = SwaggerDescriptor;
-
-//#endregion
-//#region src/server-swagger/providers/ServerSwaggerProvider.ts
-/**
-* Swagger provider configuration atom
-*/
-const swaggerOptions = (0, alepha.$atom)({
-	name: "alepha.server.swagger.options",
-	schema: alepha.t.object({ excludeKeys: alepha.t.optional(alepha.t.array(alepha.t.string(), { description: "Keys to exclude from swagger schema" })) }),
-	default: { excludeKeys: [] }
-});
-var ServerSwaggerProvider = class {
-	serverStaticProvider = (0, alepha.$inject)(ServerStaticProvider);
-	serverRouterProvider = (0, alepha.$inject)(alepha_server.ServerRouterProvider);
-	serverProvider = (0, alepha.$inject)(alepha_server.ServerProvider);
-	alepha = (0, alepha.$inject)(alepha.Alepha);
-	log = (0, alepha_logger.$logger)();
-	options = (0, alepha.$use)(swaggerOptions);
-	fs = (0, alepha.$inject)(alepha_file.FileSystemProvider);
-	json;
-	configure = (0, alepha.$hook)({
-		on: "configure",
-		priority: "last",
-		handler: async (alepha$1) => {
-			const options = alepha$1.descriptors($swagger)?.[0]?.options;
-			if (!options) return;
-			this.json = await this.createSwagger(options);
-		}
-	});
-	async createSwagger(options) {
-		if (options.disabled) return;
-		const json = this.configureOpenApi(this.alepha.descriptors(alepha_server.$action), options);
-		if (options.rewrite) options.rewrite(json);
-		const prefix = options.prefix ?? "/docs";
-		this.configureSwaggerApi(prefix, json);
-		if (options.ui !== false) await this.configureSwaggerUi(prefix, options);
-		return json;
-	}
-	configureOpenApi(actions, doc) {
-		const openApi = {
-			openapi: "3.0.0",
-			info: doc.info ?? {
-				title: "API Documentation",
-				version: "1.0.0"
-			},
-			paths: {},
-			components: {}
-		};
-		const hasSecurity = this.alepha.has(alepha_security.AlephaSecurity);
-		if (hasSecurity && openApi.components) openApi.components.securitySchemes = { bearerAuth: {
-			type: "http",
-			scheme: "bearer",
-			bearerFormat: "JWT"
-		} };
-		const excludeTags = doc.excludeTags ?? [];
-		const schemas = {};
-		const schema = (source) => {
-			if ("title" in source && typeof source.title === "string") {
-				schemas[source.title] = copy(source);
-				return { $ref: `#/components/schemas/${source.title}` };
-			}
-			return copy(source);
-		};
-		const copy = (obj) => {
-			const newValue = JSON.parse(JSON.stringify(obj));
-			this.removePrivateFields(newValue, [...this.options.excludeKeys || [], "~options"]);
-			return newValue;
-		};
-		for (const route of actions) {
-			if (!route.options.schema) continue;
-			const response = this.getResponseSchema(route);
-			if (!response) continue;
-			if (excludeTags.includes(route.group)) continue;
-			if (route.options.hide) continue;
-			const operation = {
-				operationId: route.name,
-				summary: route.options.summary,
-				description: route.options.description,
-				tags: [route.group.replaceAll(":", " / ")],
-				responses: { [response.status]: {
-					description: "",
-					content: response.type ? { [response.type]: { schema: schema(response.schema) } } : void 0
-				} }
-			};
-			if (route.options.secure !== false && hasSecurity) operation.security = [{ bearerAuth: [] }];
-			const g = alepha.t.raw;
-			if (g.IsObject(route.options.schema.body) || g.IsArray(route.options.schema.body)) if (g.IsObject(route.options.schema.body) && this.isBodyMultipart(route.options.schema.body)) operation.requestBody = {
-				required: true,
-				content: { "multipart/form-data": { schema: schema(route.options.schema.body) } }
-			};
-			else operation.requestBody = {
-				required: true,
-				content: { "application/json": { schema: schema(route.options.schema.body) } }
-			};
-			if (g.IsObject(route.options.schema.query)) {
-				operation.parameters ??= [];
-				for (const [key, value] of Object.entries(route.options.schema.query.properties)) operation.parameters.push({
-					name: key,
-					in: "query",
-					required: false,
-					schema: schema(value)
-				});
-			}
-			if (g.IsObject(route.options.schema.params)) {
-				operation.parameters ??= [];
-				for (const [key, value] of Object.entries(route.options.schema.params.properties)) {
-					const description = "description" in value && typeof value.description === "string" ? value.description : void 0;
-					const ref = schema(value);
-					delete ref.description;
-					operation.parameters.push({
-						name: key,
-						in: "path",
-						required: true,
-						description,
-						schema: ref
-					});
-				}
-			}
-			const url = route.prefix + this.replacePathParams(route.path);
-			openApi.paths[url] = {
-				...openApi.paths[url],
-				[route.method.toLowerCase()]: operation
-			};
-		}
-		if (openApi.components) openApi.components.schemas = schemas;
-		return JSON.parse(JSON.stringify(openApi));
-	}
-	isBodyMultipart(schema) {
-		for (const key in schema.properties) if ((0, alepha.isTypeFile)(schema.properties[key])) return true;
-		return false;
-	}
-	replacePathParams(url) {
-		return url.replace(/:\w+/g, (match) => {
-			return `{${match.slice(1)}}`;
-		});
-	}
-	getResponseSchema(route) {
-		const schema = route.options.schema?.response;
-		if (!schema) return { status: 204 };
-		if (alepha.t.schema.isObject(schema) || alepha.t.schema.isArray(schema)) return {
-			schema,
-			status: 200,
-			type: "application/json"
-		};
-		if (alepha.t.schema.isString(schema)) return {
-			schema,
-			status: 200,
-			type: "text/plain"
-		};
-		if ((0, alepha.isTypeFile)(schema)) return {
-			schema,
-			status: 200,
-			type: "application/octet-stream"
-		};
-		const status = Object.keys(schema)[0];
-		if (alepha.t.schema.isObject(schema[status]) || (0, alepha.isTypeFile)(schema[status])) return {
-			schema,
-			type: alepha.t.schema.isObject(schema[status]) ? "application/json" : "application/octet-stream",
-			status: Number(status)
-		};
-	}
-	configureSwaggerApi(prefix, json) {
-		this.serverRouterProvider.createRoute({
-			method: "GET",
-			path: `${prefix}/json`,
-			cache: { etag: true },
-			schema: { response: alepha.t.json() },
-			handler: () => json
-		});
-		this.log.info(`Swagger API available at ${prefix}/json`);
-	}
-	async configureSwaggerUi(prefix, options) {
-		const ui = typeof options.ui === "object" ? options.ui : {};
-		const initializer = `
-window.onload = function() {
-	window.ui = SwaggerUIBundle({
-		url: "/docs/json",
-		dom_id: '#swagger-ui',
-		deepLinking: true,
-		presets: [
-			SwaggerUIBundle.presets.apis,
-			SwaggerUIStandalonePreset
-		],
-		plugins: [
-			SwaggerUIBundle.plugins.DownloadUrl
-		],
-		layout: "BaseLayout"
-	});
-
-  document.body.style.backgroundColor = "#f2f2f2";
-
-	const options = ${JSON.stringify(ui)};
-
-	if (options.initOAuth) {
-		ui.initOAuth(options.initOAuth);
-	}
-};
-		`.trim();
-		const dirname = (0, node_url.fileURLToPath)(require("url").pathToFileURL(__filename).href);
-		const root = await this.getAssetPath(ui.root, (0, node_path.join)(dirname, "../../assets/swagger-ui"), (0, node_path.join)(dirname, "../../../../assets/swagger-ui"));
-		if (!root) {
-			this.log.warn(`Failed to locate Swagger UI assets for path ${prefix}`);
-			return;
-		}
-		await this.serverStaticProvider.createStaticServer({
-			path: prefix,
-			root
-		});
-		this.serverRouterProvider.createRoute({
-			method: "GET",
-			path: `${prefix}/swagger-initializer.js`,
-			cache: { etag: true },
-			handler: ({ reply }) => {
-				reply.headers["content-type"] = "application/javascript; charset=utf-8";
-				return initializer;
-			}
-		});
-		this.log.info(`Swagger UI available at ${this.serverProvider.hostname}${prefix}/`);
-	}
-	async getAssetPath(...paths) {
-		for (const path of paths) {
-			if (!path) continue;
-			if (await this.fs.exists(path)) return path;
-		}
-	}
-	removePrivateFields(obj, excludeList) {
-		if (obj === null || typeof obj !== "object") return obj;
-		const visited = /* @__PURE__ */ new WeakSet();
-		const traverse = (o) => {
-			if (visited.has(o)) return;
-			visited.add(o);
-			if (Array.isArray(o)) for (let i = 0; i < o.length; i++) {
-				const item = o[i];
-				if (item !== null && typeof item === "object") traverse(item);
-			}
-			else {
-				for (const excludeKey of excludeList) if (excludeKey in o) delete o[excludeKey];
-				for (const key in o) {
-					const item = o[key];
-					if (item !== null && typeof item === "object") traverse(item);
-				}
-			}
-		};
-		traverse(obj);
-		return obj;
-	}
-};
-
-//#endregion
-//#region src/server-swagger/index.ts
-/**
-* Plugin for Alepha Server that provides Swagger documentation capabilities.
-* It generates OpenAPI v3 documentation for the server's endpoints ($action).
-* It also provides a Swagger UI for interactive API documentation.
-*
-* @see {@link ServerSwaggerProvider}
-* @module alepha.server.swagger
-*/
-const AlephaServerSwagger = (0, alepha.$module)({
-	name: "alepha.server.swagger",
-	descriptors: [$swagger],
-	services: [ServerSwaggerProvider],
-	register: (alepha$1) => {
-		alepha$1.with(alepha_server.AlephaServer);
-		alepha$1.with(AlephaServerCache);
-		alepha$1.with(AlephaServerStatic);
-		alepha$1.with(ServerSwaggerProvider);
-		alepha$1.state.push("alepha.build.assets", "alepha");
-	}
-});
-
-//#endregion
-exports.$swagger = $swagger;
-exports.AlephaServerSwagger = AlephaServerSwagger;
-exports.ServerSwaggerProvider = ServerSwaggerProvider;
-exports.SwaggerDescriptor = SwaggerDescriptor;
-exports.swaggerOptions = swaggerOptions;
-//# sourceMappingURL=index.cjs.map