npm - alepha - Versions diffs - 0.13.1 → 0.13.2 - Mend

alepha 0.13.1 → 0.13.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (296) hide show

package/README.md +1 -1
package/dist/api-files/index.d.ts +28 -91
package/dist/api-files/index.js +10 -755
package/dist/api-files/index.js.map +1 -1
package/dist/api-jobs/index.d.ts +46 -46
package/dist/api-jobs/index.js +13 -13
package/dist/api-jobs/index.js.map +1 -1
package/dist/api-notifications/index.d.ts +129 -146
package/dist/api-notifications/index.js +17 -39
package/dist/api-notifications/index.js.map +1 -1
package/dist/api-parameters/index.d.ts +21 -22
package/dist/api-parameters/index.js +22 -22
package/dist/api-parameters/index.js.map +1 -1
package/dist/api-users/index.d.ts +223 -2000
package/dist/api-users/index.js +914 -4787
package/dist/api-users/index.js.map +1 -1
package/dist/api-verifications/index.d.ts +96 -96
package/dist/batch/index.d.ts +13 -13
package/dist/batch/index.js +8 -8
package/dist/batch/index.js.map +1 -1
package/dist/bucket/index.d.ts +14 -14
package/dist/bucket/index.js +12 -12
package/dist/bucket/index.js.map +1 -1
package/dist/cache/index.d.ts +11 -11
package/dist/cache/index.js +9 -9
package/dist/cache/index.js.map +1 -1
package/dist/cli/index.d.ts +28 -26
package/dist/cli/index.js +50 -13
package/dist/cli/index.js.map +1 -1
package/dist/command/index.d.ts +19 -19
package/dist/command/index.js +25 -25
package/dist/command/index.js.map +1 -1
package/dist/core/index.browser.js +218 -218
package/dist/core/index.browser.js.map +1 -1
package/dist/core/index.d.ts +232 -232
package/dist/core/index.js +218 -218
package/dist/core/index.js.map +1 -1
package/dist/core/index.native.js +2113 -0
package/dist/core/index.native.js.map +1 -0
package/dist/datetime/index.d.ts +9 -9
package/dist/datetime/index.js +7 -7
package/dist/datetime/index.js.map +1 -1
package/dist/email/index.d.ts +16 -16
package/dist/email/index.js +9 -9
package/dist/email/index.js.map +1 -1
package/dist/file/index.js +1 -1
package/dist/file/index.js.map +1 -1
package/dist/lock/index.d.ts +9 -9
package/dist/lock/index.js +8 -8
package/dist/lock/index.js.map +1 -1
package/dist/lock-redis/index.js +3 -66
package/dist/lock-redis/index.js.map +1 -1
package/dist/logger/index.d.ts +5 -5
package/dist/logger/index.js +8 -8
package/dist/logger/index.js.map +1 -1
package/dist/orm/index.browser.js +114 -114
package/dist/orm/index.browser.js.map +1 -1
package/dist/orm/index.d.ts +218 -218
package/dist/orm/index.js +46 -46
package/dist/orm/index.js.map +1 -1
package/dist/queue/index.d.ts +29 -29
package/dist/queue/index.js +20 -20
package/dist/queue/index.js.map +1 -1
package/dist/queue-redis/index.d.ts +2 -2
package/dist/redis/index.d.ts +10 -10
package/dist/retry/index.d.ts +19 -19
package/dist/retry/index.js +7 -7
package/dist/retry/index.js.map +1 -1
package/dist/scheduler/index.d.ts +16 -16
package/dist/scheduler/index.js +9 -9
package/dist/scheduler/index.js.map +1 -1
package/dist/security/index.d.ts +80 -80
package/dist/security/index.js +32 -32
package/dist/security/index.js.map +1 -1
package/dist/server/index.browser.js +1 -1
package/dist/server/index.browser.js.map +1 -1
package/dist/server/index.d.ts +101 -101
package/dist/server/index.js +16 -16
package/dist/server/index.js.map +1 -1
package/dist/server-auth/index.browser.js +4 -982
package/dist/server-auth/index.browser.js.map +1 -1
package/dist/server-auth/index.d.ts +204 -785
package/dist/server-auth/index.js +47 -1239
package/dist/server-auth/index.js.map +1 -1
package/dist/server-cache/index.d.ts +10 -10
package/dist/server-cache/index.js +2 -2
package/dist/server-cache/index.js.map +1 -1
package/dist/server-compress/index.d.ts +4 -4
package/dist/server-compress/index.js +1 -1
package/dist/server-compress/index.js.map +1 -1
package/dist/server-cookies/index.browser.js +8 -8
package/dist/server-cookies/index.browser.js.map +1 -1
package/dist/server-cookies/index.d.ts +17 -17
package/dist/server-cookies/index.js +10 -10
package/dist/server-cookies/index.js.map +1 -1
package/dist/server-cors/index.d.ts +17 -17
package/dist/server-cors/index.js +9 -9
package/dist/server-cors/index.js.map +1 -1
package/dist/server-health/index.d.ts +19 -19
package/dist/server-helmet/index.d.ts +1 -1
package/dist/server-links/index.browser.js +12 -12
package/dist/server-links/index.browser.js.map +1 -1
package/dist/server-links/index.d.ts +59 -251
package/dist/server-links/index.js +23 -502
package/dist/server-links/index.js.map +1 -1
package/dist/server-metrics/index.d.ts +4 -4
package/dist/server-multipart/index.d.ts +2 -2
package/dist/server-proxy/index.d.ts +12 -12
package/dist/server-proxy/index.js +10 -10
package/dist/server-proxy/index.js.map +1 -1
package/dist/server-rate-limit/index.d.ts +22 -22
package/dist/server-rate-limit/index.js +12 -12
package/dist/server-rate-limit/index.js.map +1 -1
package/dist/server-security/index.d.ts +22 -22
package/dist/server-security/index.js +15 -15
package/dist/server-security/index.js.map +1 -1
package/dist/server-static/index.d.ts +14 -14
package/dist/server-static/index.js +8 -8
package/dist/server-static/index.js.map +1 -1
package/dist/server-swagger/index.d.ts +25 -184
package/dist/server-swagger/index.js +21 -724
package/dist/server-swagger/index.js.map +1 -1
package/dist/sms/index.d.ts +14 -14
package/dist/sms/index.js +9 -9
package/dist/sms/index.js.map +1 -1
package/dist/thread/index.d.ts +11 -11
package/dist/thread/index.js +17 -17
package/dist/thread/index.js.map +1 -1
package/dist/topic/index.d.ts +26 -26
package/dist/topic/index.js +16 -16
package/dist/topic/index.js.map +1 -1
package/dist/topic-redis/index.d.ts +1 -1
package/dist/vite/index.d.ts +3 -3
package/dist/vite/index.js +8 -8
package/dist/vite/index.js.map +1 -1
package/dist/websocket/index.browser.js +11 -11
package/dist/websocket/index.browser.js.map +1 -1
package/dist/websocket/index.d.ts +58 -58
package/dist/websocket/index.js +13 -13
package/dist/websocket/index.js.map +1 -1
package/package.json +113 -52
package/src/api-files/services/FileService.ts +5 -7
package/src/api-jobs/index.ts +1 -1
package/src/api-jobs/{descriptors → primitives}/$job.ts +8 -8
package/src/api-jobs/providers/JobProvider.ts +9 -9
package/src/api-jobs/services/JobService.ts +5 -5
package/src/api-notifications/index.ts +5 -15
package/src/api-notifications/{descriptors → primitives}/$notification.ts +10 -10
package/src/api-notifications/services/NotificationSenderService.ts +3 -3
package/src/api-parameters/index.ts +1 -1
package/src/api-parameters/{descriptors → primitives}/$config.ts +7 -12
package/src/api-users/index.ts +1 -1
package/src/api-users/{descriptors → primitives}/$userRealm.ts +8 -8
package/src/api-users/providers/UserRealmProvider.ts +1 -1
package/src/batch/index.ts +3 -3
package/src/batch/{descriptors → primitives}/$batch.ts +13 -16
package/src/bucket/index.ts +8 -8
package/src/bucket/{descriptors → primitives}/$bucket.ts +8 -8
package/src/bucket/providers/LocalFileStorageProvider.ts +3 -3
package/src/cache/index.ts +4 -4
package/src/cache/{descriptors → primitives}/$cache.ts +15 -15
package/src/cli/apps/AlephaPackageBuilderCli.ts +24 -2
package/src/cli/commands/DrizzleCommands.ts +6 -6
package/src/cli/commands/VerifyCommands.ts +1 -1
package/src/cli/commands/ViteCommands.ts +6 -1
package/src/cli/services/ProjectUtils.ts +34 -3
package/src/command/index.ts +5 -5
package/src/command/{descriptors → primitives}/$command.ts +9 -12
package/src/command/providers/CliProvider.ts +10 -10
package/src/core/Alepha.ts +30 -33
package/src/core/constants/KIND.ts +1 -1
package/src/core/constants/OPTIONS.ts +1 -1
package/src/core/helpers/{descriptor.ts → primitive.ts} +18 -18
package/src/core/helpers/ref.ts +1 -1
package/src/core/index.shared.ts +8 -8
package/src/core/{descriptors → primitives}/$context.ts +5 -5
package/src/core/{descriptors → primitives}/$hook.ts +4 -4
package/src/core/{descriptors → primitives}/$inject.ts +2 -2
package/src/core/{descriptors → primitives}/$module.ts +9 -9
package/src/core/{descriptors → primitives}/$use.ts +2 -2
package/src/core/providers/CodecManager.ts +1 -1
package/src/core/providers/JsonSchemaCodec.ts +1 -1
package/src/core/providers/StateManager.ts +2 -2
package/src/datetime/index.ts +3 -3
package/src/datetime/{descriptors → primitives}/$interval.ts +6 -6
package/src/email/index.ts +4 -4
package/src/email/{descriptors → primitives}/$email.ts +8 -8
package/src/file/index.ts +1 -1
package/src/lock/index.ts +3 -3
package/src/lock/{descriptors → primitives}/$lock.ts +10 -10
package/src/logger/index.ts +8 -8
package/src/logger/{descriptors → primitives}/$logger.ts +2 -2
package/src/logger/services/Logger.ts +1 -1
package/src/orm/constants/PG_SYMBOLS.ts +2 -2
package/src/orm/index.browser.ts +2 -2
package/src/orm/index.ts +8 -8
package/src/orm/{descriptors → primitives}/$entity.ts +11 -11
package/src/orm/{descriptors → primitives}/$repository.ts +2 -2
package/src/orm/{descriptors → primitives}/$sequence.ts +8 -8
package/src/orm/{descriptors → primitives}/$transaction.ts +4 -4
package/src/orm/providers/PostgresTypeProvider.ts +3 -3
package/src/orm/providers/RepositoryProvider.ts +4 -4
package/src/orm/providers/drivers/DatabaseProvider.ts +7 -7
package/src/orm/services/ModelBuilder.ts +9 -9
package/src/orm/services/PgRelationManager.ts +2 -2
package/src/orm/services/PostgresModelBuilder.ts +5 -5
package/src/orm/services/Repository.ts +7 -7
package/src/orm/services/SqliteModelBuilder.ts +5 -5
package/src/queue/index.ts +7 -7
package/src/queue/{descriptors → primitives}/$consumer.ts +15 -15
package/src/queue/{descriptors → primitives}/$queue.ts +12 -12
package/src/queue/providers/WorkerProvider.ts +7 -7
package/src/retry/index.ts +3 -3
package/src/retry/{descriptors → primitives}/$retry.ts +14 -14
package/src/scheduler/index.ts +3 -3
package/src/scheduler/{descriptors → primitives}/$scheduler.ts +9 -9
package/src/scheduler/providers/CronProvider.ts +1 -1
package/src/security/index.ts +9 -9
package/src/security/{descriptors → primitives}/$permission.ts +7 -7
package/src/security/{descriptors → primitives}/$realm.ts +6 -12
package/src/security/{descriptors → primitives}/$role.ts +12 -12
package/src/security/{descriptors → primitives}/$serviceAccount.ts +8 -8
package/src/server/index.browser.ts +1 -1
package/src/server/index.ts +14 -14
package/src/server/{descriptors → primitives}/$action.ts +13 -13
package/src/server/{descriptors → primitives}/$route.ts +9 -9
package/src/server/providers/NodeHttpServerProvider.ts +1 -1
package/src/server/services/HttpClient.ts +1 -1
package/src/server-auth/index.browser.ts +1 -1
package/src/server-auth/index.ts +6 -6
package/src/server-auth/{descriptors → primitives}/$auth.ts +10 -10
package/src/server-auth/{descriptors → primitives}/$authCredentials.ts +4 -4
package/src/server-auth/{descriptors → primitives}/$authGithub.ts +4 -4
package/src/server-auth/{descriptors → primitives}/$authGoogle.ts +4 -4
package/src/server-auth/providers/ServerAuthProvider.ts +4 -4
package/src/server-cache/providers/ServerCacheProvider.ts +7 -7
package/src/server-compress/providers/ServerCompressProvider.ts +3 -3
package/src/server-cookies/index.browser.ts +2 -2
package/src/server-cookies/index.ts +5 -5
package/src/server-cookies/{descriptors → primitives}/$cookie.browser.ts +12 -12
package/src/server-cookies/{descriptors → primitives}/$cookie.ts +13 -13
package/src/server-cookies/providers/ServerCookiesProvider.ts +4 -4
package/src/server-cookies/services/CookieParser.ts +1 -1
package/src/server-cors/index.ts +3 -3
package/src/server-cors/{descriptors → primitives}/$cors.ts +11 -13
package/src/server-cors/providers/ServerCorsProvider.ts +5 -5
package/src/server-links/index.browser.ts +5 -5
package/src/server-links/index.ts +9 -9
package/src/server-links/{descriptors → primitives}/$remote.ts +11 -11
package/src/server-links/providers/LinkProvider.ts +7 -7
package/src/server-links/providers/{RemoteDescriptorProvider.ts → RemotePrimitiveProvider.ts} +6 -6
package/src/server-links/providers/ServerLinksProvider.ts +3 -3
package/src/server-proxy/index.ts +3 -3
package/src/server-proxy/{descriptors → primitives}/$proxy.ts +8 -8
package/src/server-proxy/providers/ServerProxyProvider.ts +4 -4
package/src/server-rate-limit/index.ts +6 -6
package/src/server-rate-limit/{descriptors → primitives}/$rateLimit.ts +13 -13
package/src/server-rate-limit/providers/ServerRateLimitProvider.ts +5 -5
package/src/server-security/index.ts +3 -3
package/src/server-security/{descriptors → primitives}/$basicAuth.ts +13 -13
package/src/server-security/providers/ServerBasicAuthProvider.ts +5 -5
package/src/server-security/providers/ServerSecurityProvider.ts +4 -4
package/src/server-static/index.ts +3 -3
package/src/server-static/{descriptors → primitives}/$serve.ts +8 -10
package/src/server-static/providers/ServerStaticProvider.ts +6 -6
package/src/server-swagger/index.ts +5 -5
package/src/server-swagger/{descriptors → primitives}/$swagger.ts +9 -9
package/src/server-swagger/providers/ServerSwaggerProvider.ts +11 -10
package/src/sms/index.ts +4 -4
package/src/sms/{descriptors → primitives}/$sms.ts +8 -8
package/src/thread/index.ts +3 -3
package/src/thread/{descriptors → primitives}/$thread.ts +13 -13
package/src/thread/providers/ThreadProvider.ts +7 -9
package/src/topic/index.ts +5 -5
package/src/topic/{descriptors → primitives}/$subscriber.ts +14 -14
package/src/topic/{descriptors → primitives}/$topic.ts +10 -10
package/src/topic/providers/TopicProvider.ts +4 -4
package/src/vite/tasks/copyAssets.ts +1 -1
package/src/vite/tasks/generateSitemap.ts +3 -3
package/src/vite/tasks/prerenderPages.ts +2 -2
package/src/vite/tasks/runAlepha.ts +2 -2
package/src/websocket/index.browser.ts +3 -3
package/src/websocket/index.shared.ts +2 -2
package/src/websocket/index.ts +4 -4
package/src/websocket/interfaces/WebSocketInterfaces.ts +3 -3
package/src/websocket/{descriptors → primitives}/$channel.ts +10 -10
package/src/websocket/{descriptors → primitives}/$websocket.ts +8 -8
package/src/websocket/providers/NodeWebSocketServerProvider.ts +7 -7
package/src/websocket/providers/WebSocketServerProvider.ts +3 -3
package/src/websocket/services/WebSocketClient.ts +5 -5
package/src/api-notifications/providers/MemorySmsProvider.ts +0 -20
package/src/api-notifications/providers/SmsProvider.ts +0 -8
/package/src/core/{descriptors → primitives}/$atom.ts +0 -0
/package/src/core/{descriptors → primitives}/$env.ts +0 -0
/package/src/server-auth/{descriptors → primitives}/$authApple.ts +0 -0
/package/src/server-links/{descriptors → primitives}/$client.ts +0 -0

package/dist/server-links/index.js CHANGED Viewed

@@ -1,314 +1,11 @@
-import { $env, $hook, $inject, $module, Alepha, AlephaError, Descriptor, KIND, createDescriptor, t } from "alepha";
-import { $permission, $realm, $role, AlephaSecurity, JwtProvider, SecurityProvider, userAccountInfoSchema } from "alepha/security";
-import { $action, $route, AlephaServer, ForbiddenError, HttpClient, HttpError, ServerReply, ServerRouterProvider, ServerTimingProvider, UnauthorizedError, routeMethods } from "alepha/server";
-import { randomUUID, timingSafeEqual } from "node:crypto";
+import "alepha/server/security";
+import { $env, $hook, $inject, $module, Alepha, AlephaError, KIND, Primitive, createPrimitive, t } from "alepha";
+import { $action, $route, AlephaServer, HttpClient, ServerReply, ServerTimingProvider, UnauthorizedError } from "alepha/server";
 import { $logger } from "alepha/logger";
 import { $retry } from "alepha/retry";
-import { ReadableStream } from "node:stream/web";
+import { ServerProxyProvider } from "alepha/server/proxy";
+import { SecurityProvider } from "alepha/security";
-//#region src/server-security/providers/ServerBasicAuthProvider.ts
-var ServerBasicAuthProvider = class {
-	alepha = $inject(Alepha);
-	log = $logger();
-	routerProvider = $inject(ServerRouterProvider);
-	realm = "Secure Area";
-	/**
-	* Registered basic auth descriptors with their configurations
-	*/
-	registeredAuths = [];
-	/**
-	* Register a basic auth configuration (called by descriptors)
-	*/
-	registerAuth(config) {
-		this.registeredAuths.push(config);
-	}
-	onStart = $hook({
-		on: "start",
-		handler: async () => {
-			for (const auth of this.registeredAuths) if (auth.paths) for (const pattern of auth.paths) {
-				const matchedRoutes = this.routerProvider.getRoutes(pattern);
-				for (const route of matchedRoutes) route.secure = { basic: {
-					username: auth.username,
-					password: auth.password
-				} };
-			}
-			if (this.registeredAuths.length > 0) this.log.info(`Initialized with ${this.registeredAuths.length} registered basic-auth configurations.`);
-		}
-	});
-	/**
-	* Hook into server:onRequest to check basic auth
-	*/
-	onRequest = $hook({
-		on: "server:onRequest",
-		handler: async ({ route, request }) => {
-			const routeAuth = route.secure;
-			if (typeof routeAuth === "object" && "basic" in routeAuth && routeAuth.basic) this.checkAuth(request, routeAuth.basic);
-		}
-	});
-	/**
-	* Hook into action:onRequest to check basic auth for actions
-	*/
-	onActionRequest = $hook({
-		on: "action:onRequest",
-		handler: async ({ action, request }) => {
-			const routeAuth = action.route.secure;
-			if (isBasicAuth(routeAuth)) this.checkAuth(request, routeAuth.basic);
-		}
-	});
-	/**
-	* Check basic authentication
-	*/
-	checkAuth(request, options) {
-		const authHeader = request.headers?.authorization;
-		if (!authHeader || !authHeader.startsWith("Basic ")) {
-			this.sendAuthRequired(request);
-			throw new HttpError({
-				status: 401,
-				message: "Authentication required"
-			});
-		}
-		const base64Credentials = authHeader.slice(6);
-		const credentials = Buffer.from(base64Credentials, "base64").toString("utf-8");
-		const colonIndex = credentials.indexOf(":");
-		const username = colonIndex !== -1 ? credentials.slice(0, colonIndex) : credentials;
-		const password = colonIndex !== -1 ? credentials.slice(colonIndex + 1) : "";
-		if (!this.timingSafeCredentialCheck(username, password, options.username, options.password)) {
-			this.sendAuthRequired(request);
-			this.log.warn(`Failed basic auth attempt for user`, { username });
-			throw new HttpError({
-				status: 401,
-				message: "Invalid credentials"
-			});
-		}
-	}
-	/**
-	* Performs a timing-safe comparison of credentials to prevent timing attacks.
-	* Always compares both username and password to avoid leaking which one is wrong.
-	*/
-	timingSafeCredentialCheck(inputUsername, inputPassword, expectedUsername, expectedPassword) {
-		const inputUserBuf = Buffer.from(inputUsername, "utf-8");
-		const expectedUserBuf = Buffer.from(expectedUsername, "utf-8");
-		const inputPassBuf = Buffer.from(inputPassword, "utf-8");
-		const expectedPassBuf = Buffer.from(expectedPassword, "utf-8");
-		return (this.safeCompare(inputUserBuf, expectedUserBuf) & this.safeCompare(inputPassBuf, expectedPassBuf)) === 1;
-	}
-	/**
-	* Compares two buffers in constant time, handling different lengths safely.
-	* Returns 1 if equal, 0 if not equal.
-	*/
-	safeCompare(input, expected) {
-		if (input.length !== expected.length) {
-			timingSafeEqual(input, input);
-			return 0;
-		}
-		return timingSafeEqual(input, expected) ? 1 : 0;
-	}
-	/**
-	* Send WWW-Authenticate header
-	*/
-	sendAuthRequired(request) {
-		request.reply.setHeader("WWW-Authenticate", `Basic realm="${this.realm}"`);
-	}
-};
-const isBasicAuth = (value) => {
-	return typeof value === "object" && !!value && "basic" in value && !!value.basic;
-};
-//#endregion
-//#region src/server-security/descriptors/$basicAuth.ts
-/**
-* Declares HTTP Basic Authentication for server routes.
-* This descriptor provides methods to protect routes with username/password authentication.
-*/
-const $basicAuth = (options) => {
-	return createDescriptor(BasicAuthDescriptor, options);
-};
-var BasicAuthDescriptor = class extends Descriptor {
-	serverBasicAuthProvider = $inject(ServerBasicAuthProvider);
-	get name() {
-		return this.options.name ?? `${this.config.propertyKey}`;
-	}
-	onInit() {
-		this.serverBasicAuthProvider.registerAuth(this.options);
-	}
-	/**
-	* Checks basic auth for the given request using this descriptor's configuration.
-	*/
-	check(request, options) {
-		const mergedOptions = {
-			...this.options,
-			...options
-		};
-		this.serverBasicAuthProvider.checkAuth(request, mergedOptions);
-	}
-};
-$basicAuth[KIND] = BasicAuthDescriptor;
-//#endregion
-//#region src/server-security/providers/ServerSecurityProvider.ts
-var ServerSecurityProvider = class {
-	log = $logger();
-	securityProvider = $inject(SecurityProvider);
-	jwtProvider = $inject(JwtProvider);
-	alepha = $inject(Alepha);
-	onConfigure = $hook({
-		on: "configure",
-		handler: async () => {
-			for (const action of this.alepha.descriptors($action)) {
-				if (action.options.disabled || action.options.secure === false || this.securityProvider.getRealms().length === 0) continue;
-				if (typeof action.options.secure !== "object") this.securityProvider.createPermission({
-					name: action.name,
-					group: action.group,
-					method: action.route.method,
-					path: action.route.path
-				});
-			}
-		}
-	});
-	onActionRequest = $hook({
-		on: "action:onRequest",
-		handler: async ({ action, request, options }) => {
-			if (action.options.secure === false && !options.user) {
-				this.log.trace("Skipping security check for route");
-				return;
-			}
-			if (isBasicAuth(action.route.secure)) return;
-			const permission = this.securityProvider.getPermissions().find((it) => it.path === action.route.path && it.method === action.route.method);
-			try {
-				request.user = this.createUserFromLocalFunctionContext(options, permission);
-				const route = action.route;
-				if (typeof route.secure === "object") this.check(request.user, route.secure);
-				this.alepha.state.set("alepha.server.request.user", this.alepha.codec.decode(userAccountInfoSchema, request.user));
-			} catch (error) {
-				if (action.options.secure || permission) throw error;
-				this.log.trace("Skipping security check for action");
-			}
-		}
-	});
-	onRequest = $hook({
-		on: "server:onRequest",
-		priority: "last",
-		handler: async ({ request, route }) => {
-			if (route.secure === false) {
-				this.log.trace("Skipping security check for route - explicitly disabled");
-				return;
-			}
-			if (isBasicAuth(route.secure)) return;
-			const permission = this.securityProvider.getPermissions().find((it) => it.path === route.path && it.method === route.method);
-			if (!request.headers.authorization && !route.secure && !permission) {
-				this.log.trace("Skipping security check for route - no authorization header and not secure");
-				return;
-			}
-			try {
-				request.user = await this.securityProvider.createUserFromToken(request.headers.authorization, { permission });
-				if (typeof route.secure === "object") this.check(request.user, route.secure);
-				this.alepha.state.set("alepha.server.request.user", this.alepha.codec.decode(userAccountInfoSchema, request.user));
-				this.log.trace("User set from request token", {
-					user: request.user,
-					permission
-				});
-			} catch (error) {
-				if (route.secure || permission) throw error;
-				this.log.trace("Skipping security check for route - error occurred", error);
-			}
-		}
-	});
-	check(user, secure) {
-		if (secure.realm) {
-			if (user.realm !== secure.realm) throw new ForbiddenError(`User must belong to realm '${secure.realm}' to access this route`);
-		}
-	}
-	/**
-	* Get the user account token for a local action call.
-	* There are three possible sources for the user:
-	* - `options.user`: the user passed in the options
-	* - `"system"`: the system user from the state (you MUST set state `server.security.system.user`)
-	* - `"context"`: the user from the request context (you MUST be in an HTTP request context)
-	*
-	* Priority order: `options.user` > `"system"` > `"context"`.
-	*
-	* In testing environment, if no user is provided, a test user is created based on the SecurityProvider's roles.
-	*/
-	createUserFromLocalFunctionContext(options, permission) {
-		const fromOptions = typeof options.user === "object" ? options.user : void 0;
-		const type = typeof options.user === "string" ? options.user : void 0;
-		let user;
-		const fromContext = this.alepha.context.get("request")?.user;
-		const fromSystem = this.alepha.state.get("alepha.server.security.system.user");
-		if (type === "system") user = fromSystem;
-		else if (type === "context") user = fromContext;
-		else user = fromOptions ?? fromContext ?? fromSystem;
-		if (!user) {
-			if (this.alepha.isTest() && !("user" in options)) return this.createTestUser();
-			throw new UnauthorizedError("User is required for calling this action");
-		}
-		const roles = user.roles ?? (this.alepha.isTest() ? this.securityProvider.getRoles().map((role) => role.name) : []);
-		let ownership;
-		if (permission) {
-			const result = this.securityProvider.checkPermission(permission, ...roles);
-			if (!result.isAuthorized) throw new ForbiddenError(`Permission '${this.securityProvider.permissionToString(permission)}' is required for this route`);
-			ownership = result.ownership;
-		}
-		return {
-			...user,
-			ownership
-		};
-	}
-	createTestUser() {
-		return {
-			id: randomUUID(),
-			name: "Test",
-			roles: this.securityProvider.getRoles().map((role) => role.name)
-		};
-	}
-	onClientRequest = $hook({
-		on: "client:onRequest",
-		handler: async ({ request, options }) => {
-			if (!this.alepha.isTest()) return;
-			if ("user" in options && options.user === void 0) return;
-			request.headers = new Headers(request.headers);
-			if (!request.headers.has("authorization")) {
-				const test = this.createTestUser();
-				const user = typeof options?.user === "object" ? options.user : void 0;
-				const sub = user?.id ?? test.id;
-				const roles = user?.roles ?? test.roles;
-				const token = await this.jwtProvider.create({
-					sub,
-					roles
-				}, user?.realm ?? this.securityProvider.getRealms()[0]?.name);
-				request.headers.set("authorization", `Bearer ${token}`);
-			}
-		}
-	});
-};
-//#endregion
-//#region src/server-security/index.ts
-/**
-* Plugin for Alepha Server that provides security features. Based on the Alepha Security module.
-*
-* By default, all $action will be guarded by a permission check.
-*
-* @see {@link ServerSecurityProvider}
-* @module alepha.server.security
-*/
-const AlephaServerSecurity = $module({
-	name: "alepha.server.security",
-	descriptors: [
-		$realm,
-		$role,
-		$permission,
-		$basicAuth
-	],
-	services: [
-		AlephaServer,
-		AlephaSecurity,
-		ServerSecurityProvider,
-		ServerBasicAuthProvider
-	]
-});
-//#endregion
 //#region src/server-links/schemas/apiLinksResponseSchema.ts
 const apiLinkSchema = t.object({
 	name: t.text({ description: "Name of the API link, used for identification." }),
@@ -361,7 +58,7 @@ var LinkProvider = class LinkProvider {
 		this.serverLinks.push(link);
 	}
 	get links() {
-		const apiLinks = this.alepha.state.get("alepha.server.request.apiLinks")?.links;
+		const apiLinks = this.alepha.store.get("alepha.server.request.apiLinks")?.links;
 		if (apiLinks) {
 			if (this.alepha.isBrowser()) return apiLinks;
 			const links = [];
@@ -381,7 +78,7 @@ var LinkProvider = class LinkProvider {
 			method: "GET",
 			schema: { response: apiLinksResponseSchema }
 		});
-		this.alepha.state.set("alepha.server.request.apiLinks", data);
+		this.alepha.store.set("alepha.server.request.apiLinks", data);
 		return data.links;
 	}
 	/**
@@ -485,7 +182,7 @@ var LinkProvider = class LinkProvider {
 		});
 	}
 	async getLinkByName(name, options = {}) {
-		if (this.alepha.isBrowser() && !this.alepha.state.get("alepha.server.request.apiLinks")) await this.fetchLinks();
+		if (this.alepha.isBrowser() && !this.alepha.store.get("alepha.server.request.apiLinks")) await this.fetchLinks();
 		const link = this.links.find((a) => a.name === name && (!options.group || a.group === options.group) && (!options.service || options.service === a.service));
 		if (!link) {
 			const error = new UnauthorizedError(`Action ${name} not found.`);
@@ -504,7 +201,7 @@ var LinkProvider = class LinkProvider {
 };
 //#endregion
-//#region src/server-links/descriptors/$client.ts
+//#region src/server-links/primitives/$client.ts
 /**
 * Create a new client.
 */
@@ -514,9 +211,9 @@ const $client = (scope) => {
 $client[KIND] = "$client";
 //#endregion
-//#region src/server-links/descriptors/$remote.ts
+//#region src/server-links/primitives/$remote.ts
 /**
-* $remote is a descriptor that allows you to define remote service access.
+* $remote is a primitive that allows you to define remote service access.
 *
 * Use it only when you have 2 or more services that need to communicate with each other.
 *
@@ -525,198 +222,22 @@ $client[KIND] = "$client";
 * You can add a service account if you want to use a security layer.
 */
 const $remote = (options) => {
-	return createDescriptor(RemoteDescriptor, options);
+	return createPrimitive(RemotePrimitive, options);
 };
-var RemoteDescriptor = class extends Descriptor {
+var RemotePrimitive = class extends Primitive {
 	get name() {
 		return this.options.name ?? this.config.propertyKey;
 	}
 };
-$remote[KIND] = RemoteDescriptor;
-//#endregion
-//#region src/server-proxy/descriptors/$proxy.ts
-/**
-* Creates a proxy descriptor to forward requests to another server.
-*
-* This descriptor enables you to create reverse proxy functionality, allowing your Alepha server
-* to forward requests to other services while maintaining a unified API surface. It's particularly
-* useful for microservice architectures, API gateways, or when you need to aggregate multiple
-* services behind a single endpoint.
-*
-* **Key Features**
-*
-* - **Path-based routing**: Match specific paths or patterns to proxy
-* - **Dynamic targets**: Support both static and dynamic target resolution
-* - **Request/Response hooks**: Modify requests before forwarding and responses after receiving
-* - **URL rewriting**: Transform URLs before forwarding to the target
-* - **Conditional proxying**: Enable/disable proxies based on environment or conditions
-*
-* @example
-* **Basic proxy setup:**
-* ```ts
-* import { $proxy } from "alepha/server/proxy";
-*
-* class ApiGateway {
-*   // Forward all /api/* requests to external service
-*   api = $proxy({
-*     path: "/api/*",
-*     target: "https://api.example.com"
-*   });
-* }
-* ```
-*
-* @example
-* **Dynamic target with environment-based routing:**
-* ```ts
-* class ApiGateway {
-*   // Route to different environments based on configuration
-*   api = $proxy({
-*     path: "/api/*",
-*     target: () => process.env.NODE_ENV === "production"
-*       ? "https://api.prod.example.com"
-*       : "https://api.dev.example.com"
-*   });
-* }
-* ```
-*
-* @example
-* **Advanced proxy with request/response modification:**
-* ```ts
-* class SecureProxy {
-*   secure = $proxy({
-*     path: "/secure/*",
-*     target: "https://secure-api.example.com",
-*     beforeRequest: async (request, proxyRequest) => {
-*       // Add authentication headers
-*       proxyRequest.headers = {
-*         ...proxyRequest.headers,
-*         'Authorization': `Bearer ${await getServiceToken()}`,
-*         'X-Forwarded-For': request.headers['x-forwarded-for'] || request.ip
-*       };
-*     },
-*     afterResponse: async (request, proxyResponse) => {
-*       // Log response for monitoring
-*       console.log(`Proxied ${request.url} -> ${proxyResponse.status}`);
-*     },
-*     rewrite: (url) => {
-*       // Remove /secure prefix when forwarding
-*       url.pathname = url.pathname.replace('/secure', '');
-*     }
-*   });
-* }
-* ```
-*
-* @example
-* **Conditional proxy based on feature flags:**
-* ```ts
-* class FeatureProxy {
-*   newApi = $proxy({
-*     path: "/v2/*",
-*     target: "https://new-api.example.com",
-*     disabled: !process.env.ENABLE_V2_API // Disable if feature flag is off
-*   });
-* }
-* ```
-*/
-const $proxy = (options) => {
-	return createDescriptor(ProxyDescriptor, options);
-};
-var ProxyDescriptor = class extends Descriptor {};
-$proxy[KIND] = ProxyDescriptor;
-//#endregion
-//#region src/server-proxy/providers/ServerProxyProvider.ts
-var ServerProxyProvider = class {
-	log = $logger();
-	routerProvider = $inject(ServerRouterProvider);
-	alepha = $inject(Alepha);
-	configure = $hook({
-		on: "configure",
-		handler: () => {
-			for (const proxy of this.alepha.descriptors($proxy)) this.createProxy(proxy.options);
-		}
-	});
-	createProxy(options) {
-		if (options.disabled) return;
-		const path = options.path;
-		const target = typeof options.target === "function" ? options.target() : options.target;
-		if (!path.endsWith("/*")) throw new AlephaError("Proxy path should end with '/*'");
-		const handler = this.createProxyHandler(target, options);
-		for (const method of routeMethods) this.routerProvider.createRoute({
-			method,
-			path,
-			handler
-		});
-		this.log.info("Proxying", {
-			path,
-			target
-		});
-	}
-	createProxyHandler(target, options) {
-		return async (request) => {
-			const url = new URL(target + request.url.pathname);
-			if (request.url.search) url.search = request.url.search;
-			options.rewrite?.(url);
-			const requestInit = {
-				url: url.toString(),
-				method: request.method,
-				headers: {
-					...request.headers,
-					"accept-encoding": "identity"
-				},
-				body: this.getRawRequestBody(request)
-			};
-			if (requestInit.body) requestInit.duplex = "half";
-			if (options.beforeRequest) await options.beforeRequest(request, requestInit);
-			this.log.debug("Proxying request", {
-				url: url.toString(),
-				method: request.method,
-				headers: request.headers
-			});
-			const response = await fetch(requestInit.url, requestInit);
-			request.reply.status = response.status;
-			request.reply.headers = Object.fromEntries(response.headers.entries());
-			request.reply.body = response.body;
-			this.log.debug("Received response", {
-				status: request.reply.status,
-				headers: request.reply.headers
-			});
-			if (options.afterResponse) await options.afterResponse(request, response);
-		};
-	}
-	getRawRequestBody(req) {
-		const { method } = req;
-		if (method === "GET" || method === "HEAD" || method === "OPTIONS") return;
-		if (req.raw?.web?.req) return req.raw.web.req.body;
-		if (req.raw?.node?.req) {
-			const nodeReq = req.raw.node.req;
-			return ReadableStream.from(nodeReq);
-		}
-	}
-};
-//#endregion
-//#region src/server-proxy/index.ts
-/**
-* Plugin for Alepha that provides a proxy server functionality.
-*
-* @see {@link $proxy}
-* @module alepha.server.proxy
-*/
-const AlephaServerProxy = $module({
-	name: "alepha.server.proxy",
-	descriptors: [$proxy],
-	services: [AlephaServer, ServerProxyProvider]
-});
+$remote[KIND] = RemotePrimitive;
 //#endregion
-//#region src/server-links/providers/RemoteDescriptorProvider.ts
+//#region src/server-links/providers/RemotePrimitiveProvider.ts
 const envSchema$1 = t.object({ SERVER_API_PREFIX: t.text({
 	description: "Prefix for all API routes (e.g. $action).",
 	default: "/api"
 }) });
-var RemoteDescriptorProvider = class {
+var RemotePrimitiveProvider = class {
 	env = $env(envSchema$1);
 	alepha = $inject(Alepha);
 	proxyProvider = $inject(ServerProxyProvider);
@@ -729,7 +250,7 @@ var RemoteDescriptorProvider = class {
 	configure = $hook({
 		on: "configure",
 		handler: async () => {
-			const remotes = this.alepha.descriptors($remote);
+			const remotes = this.alepha.primitives($remote);
 			for (const remote of remotes) await this.registerRemote(remote);
 		}
 	});
@@ -825,7 +346,7 @@ var ServerLinksProvider = class {
 	env = $env(envSchema);
 	alepha = $inject(Alepha);
 	linkProvider = $inject(LinkProvider);
-	remoteProvider = $inject(RemoteDescriptorProvider);
+	remoteProvider = $inject(RemotePrimitiveProvider);
 	serverTimingProvider = $inject(ServerTimingProvider);
 	get prefix() {
 		return this.env.SERVER_API_PREFIX;
@@ -833,7 +354,7 @@ var ServerLinksProvider = class {
 	onRoute = $hook({
 		on: "configure",
 		handler: () => {
-			for (const action of this.alepha.descriptors($action)) this.linkProvider.registerLink({
+			for (const action of this.alepha.primitives($action)) this.linkProvider.registerLink({
 				name: action.name,
 				group: action.group,
 				schema: action.options.schema,
@@ -960,7 +481,7 @@ var ServerLinksProvider = class {
 /**
 * Provides server-side link management and remote capabilities for client-server interactions.
 *
-* The server-links module enables declarative link definitions using `$remote` and `$client` descriptors,
+* The server-links module enables declarative link definitions using `$remote` and `$client` primitives,
 * facilitating seamless API endpoint management and client-server communication. It integrates with server
 * security features to ensure safe and controlled access to resources.
 *
@@ -970,15 +491,15 @@ var ServerLinksProvider = class {
 */
 const AlephaServerLinks = $module({
 	name: "alepha.server.links",
-	descriptors: [$remote, $client],
+	primitives: [$remote, $client],
 	services: [
 		AlephaServer,
 		ServerLinksProvider,
-		RemoteDescriptorProvider,
+		RemotePrimitiveProvider,
 		LinkProvider
 	]
 });
 //#endregion
-export { $client, $remote, AlephaServerLinks, LinkProvider, RemoteDescriptor, RemoteDescriptorProvider, ServerLinksProvider, apiLinkSchema, apiLinksResponseSchema };
+export { $client, $remote, AlephaServerLinks, LinkProvider, RemotePrimitive, RemotePrimitiveProvider, ServerLinksProvider, apiLinkSchema, apiLinksResponseSchema };
 //# sourceMappingURL=index.js.map