npm - alepha - Versions diffs - 0.13.1 → 0.13.2 - Mend

alepha 0.13.1 → 0.13.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (296) hide show

package/README.md +1 -1
package/dist/api-files/index.d.ts +28 -91
package/dist/api-files/index.js +10 -755
package/dist/api-files/index.js.map +1 -1
package/dist/api-jobs/index.d.ts +46 -46
package/dist/api-jobs/index.js +13 -13
package/dist/api-jobs/index.js.map +1 -1
package/dist/api-notifications/index.d.ts +129 -146
package/dist/api-notifications/index.js +17 -39
package/dist/api-notifications/index.js.map +1 -1
package/dist/api-parameters/index.d.ts +21 -22
package/dist/api-parameters/index.js +22 -22
package/dist/api-parameters/index.js.map +1 -1
package/dist/api-users/index.d.ts +223 -2000
package/dist/api-users/index.js +914 -4787
package/dist/api-users/index.js.map +1 -1
package/dist/api-verifications/index.d.ts +96 -96
package/dist/batch/index.d.ts +13 -13
package/dist/batch/index.js +8 -8
package/dist/batch/index.js.map +1 -1
package/dist/bucket/index.d.ts +14 -14
package/dist/bucket/index.js +12 -12
package/dist/bucket/index.js.map +1 -1
package/dist/cache/index.d.ts +11 -11
package/dist/cache/index.js +9 -9
package/dist/cache/index.js.map +1 -1
package/dist/cli/index.d.ts +28 -26
package/dist/cli/index.js +50 -13
package/dist/cli/index.js.map +1 -1
package/dist/command/index.d.ts +19 -19
package/dist/command/index.js +25 -25
package/dist/command/index.js.map +1 -1
package/dist/core/index.browser.js +218 -218
package/dist/core/index.browser.js.map +1 -1
package/dist/core/index.d.ts +232 -232
package/dist/core/index.js +218 -218
package/dist/core/index.js.map +1 -1
package/dist/core/index.native.js +2113 -0
package/dist/core/index.native.js.map +1 -0
package/dist/datetime/index.d.ts +9 -9
package/dist/datetime/index.js +7 -7
package/dist/datetime/index.js.map +1 -1
package/dist/email/index.d.ts +16 -16
package/dist/email/index.js +9 -9
package/dist/email/index.js.map +1 -1
package/dist/file/index.js +1 -1
package/dist/file/index.js.map +1 -1
package/dist/lock/index.d.ts +9 -9
package/dist/lock/index.js +8 -8
package/dist/lock/index.js.map +1 -1
package/dist/lock-redis/index.js +3 -66
package/dist/lock-redis/index.js.map +1 -1
package/dist/logger/index.d.ts +5 -5
package/dist/logger/index.js +8 -8
package/dist/logger/index.js.map +1 -1
package/dist/orm/index.browser.js +114 -114
package/dist/orm/index.browser.js.map +1 -1
package/dist/orm/index.d.ts +218 -218
package/dist/orm/index.js +46 -46
package/dist/orm/index.js.map +1 -1
package/dist/queue/index.d.ts +29 -29
package/dist/queue/index.js +20 -20
package/dist/queue/index.js.map +1 -1
package/dist/queue-redis/index.d.ts +2 -2
package/dist/redis/index.d.ts +10 -10
package/dist/retry/index.d.ts +19 -19
package/dist/retry/index.js +7 -7
package/dist/retry/index.js.map +1 -1
package/dist/scheduler/index.d.ts +16 -16
package/dist/scheduler/index.js +9 -9
package/dist/scheduler/index.js.map +1 -1
package/dist/security/index.d.ts +80 -80
package/dist/security/index.js +32 -32
package/dist/security/index.js.map +1 -1
package/dist/server/index.browser.js +1 -1
package/dist/server/index.browser.js.map +1 -1
package/dist/server/index.d.ts +101 -101
package/dist/server/index.js +16 -16
package/dist/server/index.js.map +1 -1
package/dist/server-auth/index.browser.js +4 -982
package/dist/server-auth/index.browser.js.map +1 -1
package/dist/server-auth/index.d.ts +204 -785
package/dist/server-auth/index.js +47 -1239
package/dist/server-auth/index.js.map +1 -1
package/dist/server-cache/index.d.ts +10 -10
package/dist/server-cache/index.js +2 -2
package/dist/server-cache/index.js.map +1 -1
package/dist/server-compress/index.d.ts +4 -4
package/dist/server-compress/index.js +1 -1
package/dist/server-compress/index.js.map +1 -1
package/dist/server-cookies/index.browser.js +8 -8
package/dist/server-cookies/index.browser.js.map +1 -1
package/dist/server-cookies/index.d.ts +17 -17
package/dist/server-cookies/index.js +10 -10
package/dist/server-cookies/index.js.map +1 -1
package/dist/server-cors/index.d.ts +17 -17
package/dist/server-cors/index.js +9 -9
package/dist/server-cors/index.js.map +1 -1
package/dist/server-health/index.d.ts +19 -19
package/dist/server-helmet/index.d.ts +1 -1
package/dist/server-links/index.browser.js +12 -12
package/dist/server-links/index.browser.js.map +1 -1
package/dist/server-links/index.d.ts +59 -251
package/dist/server-links/index.js +23 -502
package/dist/server-links/index.js.map +1 -1
package/dist/server-metrics/index.d.ts +4 -4
package/dist/server-multipart/index.d.ts +2 -2
package/dist/server-proxy/index.d.ts +12 -12
package/dist/server-proxy/index.js +10 -10
package/dist/server-proxy/index.js.map +1 -1
package/dist/server-rate-limit/index.d.ts +22 -22
package/dist/server-rate-limit/index.js +12 -12
package/dist/server-rate-limit/index.js.map +1 -1
package/dist/server-security/index.d.ts +22 -22
package/dist/server-security/index.js +15 -15
package/dist/server-security/index.js.map +1 -1
package/dist/server-static/index.d.ts +14 -14
package/dist/server-static/index.js +8 -8
package/dist/server-static/index.js.map +1 -1
package/dist/server-swagger/index.d.ts +25 -184
package/dist/server-swagger/index.js +21 -724
package/dist/server-swagger/index.js.map +1 -1
package/dist/sms/index.d.ts +14 -14
package/dist/sms/index.js +9 -9
package/dist/sms/index.js.map +1 -1
package/dist/thread/index.d.ts +11 -11
package/dist/thread/index.js +17 -17
package/dist/thread/index.js.map +1 -1
package/dist/topic/index.d.ts +26 -26
package/dist/topic/index.js +16 -16
package/dist/topic/index.js.map +1 -1
package/dist/topic-redis/index.d.ts +1 -1
package/dist/vite/index.d.ts +3 -3
package/dist/vite/index.js +8 -8
package/dist/vite/index.js.map +1 -1
package/dist/websocket/index.browser.js +11 -11
package/dist/websocket/index.browser.js.map +1 -1
package/dist/websocket/index.d.ts +58 -58
package/dist/websocket/index.js +13 -13
package/dist/websocket/index.js.map +1 -1
package/package.json +113 -52
package/src/api-files/services/FileService.ts +5 -7
package/src/api-jobs/index.ts +1 -1
package/src/api-jobs/{descriptors → primitives}/$job.ts +8 -8
package/src/api-jobs/providers/JobProvider.ts +9 -9
package/src/api-jobs/services/JobService.ts +5 -5
package/src/api-notifications/index.ts +5 -15
package/src/api-notifications/{descriptors → primitives}/$notification.ts +10 -10
package/src/api-notifications/services/NotificationSenderService.ts +3 -3
package/src/api-parameters/index.ts +1 -1
package/src/api-parameters/{descriptors → primitives}/$config.ts +7 -12
package/src/api-users/index.ts +1 -1
package/src/api-users/{descriptors → primitives}/$userRealm.ts +8 -8
package/src/api-users/providers/UserRealmProvider.ts +1 -1
package/src/batch/index.ts +3 -3
package/src/batch/{descriptors → primitives}/$batch.ts +13 -16
package/src/bucket/index.ts +8 -8
package/src/bucket/{descriptors → primitives}/$bucket.ts +8 -8
package/src/bucket/providers/LocalFileStorageProvider.ts +3 -3
package/src/cache/index.ts +4 -4
package/src/cache/{descriptors → primitives}/$cache.ts +15 -15
package/src/cli/apps/AlephaPackageBuilderCli.ts +24 -2
package/src/cli/commands/DrizzleCommands.ts +6 -6
package/src/cli/commands/VerifyCommands.ts +1 -1
package/src/cli/commands/ViteCommands.ts +6 -1
package/src/cli/services/ProjectUtils.ts +34 -3
package/src/command/index.ts +5 -5
package/src/command/{descriptors → primitives}/$command.ts +9 -12
package/src/command/providers/CliProvider.ts +10 -10
package/src/core/Alepha.ts +30 -33
package/src/core/constants/KIND.ts +1 -1
package/src/core/constants/OPTIONS.ts +1 -1
package/src/core/helpers/{descriptor.ts → primitive.ts} +18 -18
package/src/core/helpers/ref.ts +1 -1
package/src/core/index.shared.ts +8 -8
package/src/core/{descriptors → primitives}/$context.ts +5 -5
package/src/core/{descriptors → primitives}/$hook.ts +4 -4
package/src/core/{descriptors → primitives}/$inject.ts +2 -2
package/src/core/{descriptors → primitives}/$module.ts +9 -9
package/src/core/{descriptors → primitives}/$use.ts +2 -2
package/src/core/providers/CodecManager.ts +1 -1
package/src/core/providers/JsonSchemaCodec.ts +1 -1
package/src/core/providers/StateManager.ts +2 -2
package/src/datetime/index.ts +3 -3
package/src/datetime/{descriptors → primitives}/$interval.ts +6 -6
package/src/email/index.ts +4 -4
package/src/email/{descriptors → primitives}/$email.ts +8 -8
package/src/file/index.ts +1 -1
package/src/lock/index.ts +3 -3
package/src/lock/{descriptors → primitives}/$lock.ts +10 -10
package/src/logger/index.ts +8 -8
package/src/logger/{descriptors → primitives}/$logger.ts +2 -2
package/src/logger/services/Logger.ts +1 -1
package/src/orm/constants/PG_SYMBOLS.ts +2 -2
package/src/orm/index.browser.ts +2 -2
package/src/orm/index.ts +8 -8
package/src/orm/{descriptors → primitives}/$entity.ts +11 -11
package/src/orm/{descriptors → primitives}/$repository.ts +2 -2
package/src/orm/{descriptors → primitives}/$sequence.ts +8 -8
package/src/orm/{descriptors → primitives}/$transaction.ts +4 -4
package/src/orm/providers/PostgresTypeProvider.ts +3 -3
package/src/orm/providers/RepositoryProvider.ts +4 -4
package/src/orm/providers/drivers/DatabaseProvider.ts +7 -7
package/src/orm/services/ModelBuilder.ts +9 -9
package/src/orm/services/PgRelationManager.ts +2 -2
package/src/orm/services/PostgresModelBuilder.ts +5 -5
package/src/orm/services/Repository.ts +7 -7
package/src/orm/services/SqliteModelBuilder.ts +5 -5
package/src/queue/index.ts +7 -7
package/src/queue/{descriptors → primitives}/$consumer.ts +15 -15
package/src/queue/{descriptors → primitives}/$queue.ts +12 -12
package/src/queue/providers/WorkerProvider.ts +7 -7
package/src/retry/index.ts +3 -3
package/src/retry/{descriptors → primitives}/$retry.ts +14 -14
package/src/scheduler/index.ts +3 -3
package/src/scheduler/{descriptors → primitives}/$scheduler.ts +9 -9
package/src/scheduler/providers/CronProvider.ts +1 -1
package/src/security/index.ts +9 -9
package/src/security/{descriptors → primitives}/$permission.ts +7 -7
package/src/security/{descriptors → primitives}/$realm.ts +6 -12
package/src/security/{descriptors → primitives}/$role.ts +12 -12
package/src/security/{descriptors → primitives}/$serviceAccount.ts +8 -8
package/src/server/index.browser.ts +1 -1
package/src/server/index.ts +14 -14
package/src/server/{descriptors → primitives}/$action.ts +13 -13
package/src/server/{descriptors → primitives}/$route.ts +9 -9
package/src/server/providers/NodeHttpServerProvider.ts +1 -1
package/src/server/services/HttpClient.ts +1 -1
package/src/server-auth/index.browser.ts +1 -1
package/src/server-auth/index.ts +6 -6
package/src/server-auth/{descriptors → primitives}/$auth.ts +10 -10
package/src/server-auth/{descriptors → primitives}/$authCredentials.ts +4 -4
package/src/server-auth/{descriptors → primitives}/$authGithub.ts +4 -4
package/src/server-auth/{descriptors → primitives}/$authGoogle.ts +4 -4
package/src/server-auth/providers/ServerAuthProvider.ts +4 -4
package/src/server-cache/providers/ServerCacheProvider.ts +7 -7
package/src/server-compress/providers/ServerCompressProvider.ts +3 -3
package/src/server-cookies/index.browser.ts +2 -2
package/src/server-cookies/index.ts +5 -5
package/src/server-cookies/{descriptors → primitives}/$cookie.browser.ts +12 -12
package/src/server-cookies/{descriptors → primitives}/$cookie.ts +13 -13
package/src/server-cookies/providers/ServerCookiesProvider.ts +4 -4
package/src/server-cookies/services/CookieParser.ts +1 -1
package/src/server-cors/index.ts +3 -3
package/src/server-cors/{descriptors → primitives}/$cors.ts +11 -13
package/src/server-cors/providers/ServerCorsProvider.ts +5 -5
package/src/server-links/index.browser.ts +5 -5
package/src/server-links/index.ts +9 -9
package/src/server-links/{descriptors → primitives}/$remote.ts +11 -11
package/src/server-links/providers/LinkProvider.ts +7 -7
package/src/server-links/providers/{RemoteDescriptorProvider.ts → RemotePrimitiveProvider.ts} +6 -6
package/src/server-links/providers/ServerLinksProvider.ts +3 -3
package/src/server-proxy/index.ts +3 -3
package/src/server-proxy/{descriptors → primitives}/$proxy.ts +8 -8
package/src/server-proxy/providers/ServerProxyProvider.ts +4 -4
package/src/server-rate-limit/index.ts +6 -6
package/src/server-rate-limit/{descriptors → primitives}/$rateLimit.ts +13 -13
package/src/server-rate-limit/providers/ServerRateLimitProvider.ts +5 -5
package/src/server-security/index.ts +3 -3
package/src/server-security/{descriptors → primitives}/$basicAuth.ts +13 -13
package/src/server-security/providers/ServerBasicAuthProvider.ts +5 -5
package/src/server-security/providers/ServerSecurityProvider.ts +4 -4
package/src/server-static/index.ts +3 -3
package/src/server-static/{descriptors → primitives}/$serve.ts +8 -10
package/src/server-static/providers/ServerStaticProvider.ts +6 -6
package/src/server-swagger/index.ts +5 -5
package/src/server-swagger/{descriptors → primitives}/$swagger.ts +9 -9
package/src/server-swagger/providers/ServerSwaggerProvider.ts +11 -10
package/src/sms/index.ts +4 -4
package/src/sms/{descriptors → primitives}/$sms.ts +8 -8
package/src/thread/index.ts +3 -3
package/src/thread/{descriptors → primitives}/$thread.ts +13 -13
package/src/thread/providers/ThreadProvider.ts +7 -9
package/src/topic/index.ts +5 -5
package/src/topic/{descriptors → primitives}/$subscriber.ts +14 -14
package/src/topic/{descriptors → primitives}/$topic.ts +10 -10
package/src/topic/providers/TopicProvider.ts +4 -4
package/src/vite/tasks/copyAssets.ts +1 -1
package/src/vite/tasks/generateSitemap.ts +3 -3
package/src/vite/tasks/prerenderPages.ts +2 -2
package/src/vite/tasks/runAlepha.ts +2 -2
package/src/websocket/index.browser.ts +3 -3
package/src/websocket/index.shared.ts +2 -2
package/src/websocket/index.ts +4 -4
package/src/websocket/interfaces/WebSocketInterfaces.ts +3 -3
package/src/websocket/{descriptors → primitives}/$channel.ts +10 -10
package/src/websocket/{descriptors → primitives}/$websocket.ts +8 -8
package/src/websocket/providers/NodeWebSocketServerProvider.ts +7 -7
package/src/websocket/providers/WebSocketServerProvider.ts +3 -3
package/src/websocket/services/WebSocketClient.ts +5 -5
package/src/api-notifications/providers/MemorySmsProvider.ts +0 -20
package/src/api-notifications/providers/SmsProvider.ts +0 -8
/package/src/core/{descriptors → primitives}/$atom.ts +0 -0
/package/src/core/{descriptors → primitives}/$env.ts +0 -0
/package/src/server-auth/{descriptors → primitives}/$authApple.ts +0 -0
/package/src/server-links/{descriptors → primitives}/$client.ts +0 -0

package/dist/server-swagger/index.js CHANGED Viewed

@@ -1,722 +1,19 @@
-import { $atom, $hook, $inject, $module, $use, Alepha, Descriptor, KIND, createDescriptor, isTypeFile, t } from "alepha";
-import { $permission, $realm, $role, AlephaSecurity, JwtProvider, SecurityProvider, userAccountInfoSchema } from "alepha/security";
-import { $action, ActionDescriptor, AlephaServer, ForbiddenError, HttpError, ServerProvider, ServerRouterProvider, UnauthorizedError } from "alepha/server";
-import { createHash, randomUUID, timingSafeEqual } from "node:crypto";
-import { $logger } from "alepha/logger";
-import { $cache, AlephaCache } from "alepha/cache";
-import { DateTimeProvider } from "alepha/datetime";
-import { createReadStream } from "node:fs";
-import { access, readdir, stat } from "node:fs/promises";
-import { basename, isAbsolute, join } from "node:path";
-import { FileDetector, FileSystemProvider } from "alepha/file";
+import "alepha/server/security";
+import { $atom, $hook, $inject, $module, $use, Alepha, KIND, Primitive, createPrimitive, isTypeFile, t } from "alepha";
+import { $action, AlephaServer, ServerProvider, ServerRouterProvider } from "alepha/server";
+import { AlephaServerCache } from "alepha/server/cache";
+import { AlephaServerStatic, ServerStaticProvider } from "alepha/server/static";
+import { join } from "node:path";
 import { fileURLToPath } from "node:url";
+import { FileSystemProvider } from "alepha/file";
+import { $logger } from "alepha/logger";
+import { AlephaSecurity } from "alepha/security";
-//#region src/server-security/providers/ServerBasicAuthProvider.ts
-var ServerBasicAuthProvider = class {
-	alepha = $inject(Alepha);
-	log = $logger();
-	routerProvider = $inject(ServerRouterProvider);
-	realm = "Secure Area";
-	/**
-	* Registered basic auth descriptors with their configurations
-	*/
-	registeredAuths = [];
-	/**
-	* Register a basic auth configuration (called by descriptors)
-	*/
-	registerAuth(config) {
-		this.registeredAuths.push(config);
-	}
-	onStart = $hook({
-		on: "start",
-		handler: async () => {
-			for (const auth of this.registeredAuths) if (auth.paths) for (const pattern of auth.paths) {
-				const matchedRoutes = this.routerProvider.getRoutes(pattern);
-				for (const route of matchedRoutes) route.secure = { basic: {
-					username: auth.username,
-					password: auth.password
-				} };
-			}
-			if (this.registeredAuths.length > 0) this.log.info(`Initialized with ${this.registeredAuths.length} registered basic-auth configurations.`);
-		}
-	});
-	/**
-	* Hook into server:onRequest to check basic auth
-	*/
-	onRequest = $hook({
-		on: "server:onRequest",
-		handler: async ({ route, request }) => {
-			const routeAuth = route.secure;
-			if (typeof routeAuth === "object" && "basic" in routeAuth && routeAuth.basic) this.checkAuth(request, routeAuth.basic);
-		}
-	});
-	/**
-	* Hook into action:onRequest to check basic auth for actions
-	*/
-	onActionRequest = $hook({
-		on: "action:onRequest",
-		handler: async ({ action, request }) => {
-			const routeAuth = action.route.secure;
-			if (isBasicAuth(routeAuth)) this.checkAuth(request, routeAuth.basic);
-		}
-	});
-	/**
-	* Check basic authentication
-	*/
-	checkAuth(request, options) {
-		const authHeader = request.headers?.authorization;
-		if (!authHeader || !authHeader.startsWith("Basic ")) {
-			this.sendAuthRequired(request);
-			throw new HttpError({
-				status: 401,
-				message: "Authentication required"
-			});
-		}
-		const base64Credentials = authHeader.slice(6);
-		const credentials = Buffer.from(base64Credentials, "base64").toString("utf-8");
-		const colonIndex = credentials.indexOf(":");
-		const username = colonIndex !== -1 ? credentials.slice(0, colonIndex) : credentials;
-		const password = colonIndex !== -1 ? credentials.slice(colonIndex + 1) : "";
-		if (!this.timingSafeCredentialCheck(username, password, options.username, options.password)) {
-			this.sendAuthRequired(request);
-			this.log.warn(`Failed basic auth attempt for user`, { username });
-			throw new HttpError({
-				status: 401,
-				message: "Invalid credentials"
-			});
-		}
-	}
-	/**
-	* Performs a timing-safe comparison of credentials to prevent timing attacks.
-	* Always compares both username and password to avoid leaking which one is wrong.
-	*/
-	timingSafeCredentialCheck(inputUsername, inputPassword, expectedUsername, expectedPassword) {
-		const inputUserBuf = Buffer.from(inputUsername, "utf-8");
-		const expectedUserBuf = Buffer.from(expectedUsername, "utf-8");
-		const inputPassBuf = Buffer.from(inputPassword, "utf-8");
-		const expectedPassBuf = Buffer.from(expectedPassword, "utf-8");
-		return (this.safeCompare(inputUserBuf, expectedUserBuf) & this.safeCompare(inputPassBuf, expectedPassBuf)) === 1;
-	}
-	/**
-	* Compares two buffers in constant time, handling different lengths safely.
-	* Returns 1 if equal, 0 if not equal.
-	*/
-	safeCompare(input, expected) {
-		if (input.length !== expected.length) {
-			timingSafeEqual(input, input);
-			return 0;
-		}
-		return timingSafeEqual(input, expected) ? 1 : 0;
-	}
-	/**
-	* Send WWW-Authenticate header
-	*/
-	sendAuthRequired(request) {
-		request.reply.setHeader("WWW-Authenticate", `Basic realm="${this.realm}"`);
-	}
-};
-const isBasicAuth = (value) => {
-	return typeof value === "object" && !!value && "basic" in value && !!value.basic;
-};
-//#endregion
-//#region src/server-security/descriptors/$basicAuth.ts
-/**
-* Declares HTTP Basic Authentication for server routes.
-* This descriptor provides methods to protect routes with username/password authentication.
-*/
-const $basicAuth = (options) => {
-	return createDescriptor(BasicAuthDescriptor, options);
-};
-var BasicAuthDescriptor = class extends Descriptor {
-	serverBasicAuthProvider = $inject(ServerBasicAuthProvider);
-	get name() {
-		return this.options.name ?? `${this.config.propertyKey}`;
-	}
-	onInit() {
-		this.serverBasicAuthProvider.registerAuth(this.options);
-	}
-	/**
-	* Checks basic auth for the given request using this descriptor's configuration.
-	*/
-	check(request, options) {
-		const mergedOptions = {
-			...this.options,
-			...options
-		};
-		this.serverBasicAuthProvider.checkAuth(request, mergedOptions);
-	}
-};
-$basicAuth[KIND] = BasicAuthDescriptor;
-//#endregion
-//#region src/server-security/providers/ServerSecurityProvider.ts
-var ServerSecurityProvider = class {
-	log = $logger();
-	securityProvider = $inject(SecurityProvider);
-	jwtProvider = $inject(JwtProvider);
-	alepha = $inject(Alepha);
-	onConfigure = $hook({
-		on: "configure",
-		handler: async () => {
-			for (const action of this.alepha.descriptors($action)) {
-				if (action.options.disabled || action.options.secure === false || this.securityProvider.getRealms().length === 0) continue;
-				if (typeof action.options.secure !== "object") this.securityProvider.createPermission({
-					name: action.name,
-					group: action.group,
-					method: action.route.method,
-					path: action.route.path
-				});
-			}
-		}
-	});
-	onActionRequest = $hook({
-		on: "action:onRequest",
-		handler: async ({ action, request, options }) => {
-			if (action.options.secure === false && !options.user) {
-				this.log.trace("Skipping security check for route");
-				return;
-			}
-			if (isBasicAuth(action.route.secure)) return;
-			const permission = this.securityProvider.getPermissions().find((it) => it.path === action.route.path && it.method === action.route.method);
-			try {
-				request.user = this.createUserFromLocalFunctionContext(options, permission);
-				const route = action.route;
-				if (typeof route.secure === "object") this.check(request.user, route.secure);
-				this.alepha.state.set("alepha.server.request.user", this.alepha.codec.decode(userAccountInfoSchema, request.user));
-			} catch (error) {
-				if (action.options.secure || permission) throw error;
-				this.log.trace("Skipping security check for action");
-			}
-		}
-	});
-	onRequest = $hook({
-		on: "server:onRequest",
-		priority: "last",
-		handler: async ({ request, route }) => {
-			if (route.secure === false) {
-				this.log.trace("Skipping security check for route - explicitly disabled");
-				return;
-			}
-			if (isBasicAuth(route.secure)) return;
-			const permission = this.securityProvider.getPermissions().find((it) => it.path === route.path && it.method === route.method);
-			if (!request.headers.authorization && !route.secure && !permission) {
-				this.log.trace("Skipping security check for route - no authorization header and not secure");
-				return;
-			}
-			try {
-				request.user = await this.securityProvider.createUserFromToken(request.headers.authorization, { permission });
-				if (typeof route.secure === "object") this.check(request.user, route.secure);
-				this.alepha.state.set("alepha.server.request.user", this.alepha.codec.decode(userAccountInfoSchema, request.user));
-				this.log.trace("User set from request token", {
-					user: request.user,
-					permission
-				});
-			} catch (error) {
-				if (route.secure || permission) throw error;
-				this.log.trace("Skipping security check for route - error occurred", error);
-			}
-		}
-	});
-	check(user, secure) {
-		if (secure.realm) {
-			if (user.realm !== secure.realm) throw new ForbiddenError(`User must belong to realm '${secure.realm}' to access this route`);
-		}
-	}
-	/**
-	* Get the user account token for a local action call.
-	* There are three possible sources for the user:
-	* - `options.user`: the user passed in the options
-	* - `"system"`: the system user from the state (you MUST set state `server.security.system.user`)
-	* - `"context"`: the user from the request context (you MUST be in an HTTP request context)
-	*
-	* Priority order: `options.user` > `"system"` > `"context"`.
-	*
-	* In testing environment, if no user is provided, a test user is created based on the SecurityProvider's roles.
-	*/
-	createUserFromLocalFunctionContext(options, permission) {
-		const fromOptions = typeof options.user === "object" ? options.user : void 0;
-		const type = typeof options.user === "string" ? options.user : void 0;
-		let user;
-		const fromContext = this.alepha.context.get("request")?.user;
-		const fromSystem = this.alepha.state.get("alepha.server.security.system.user");
-		if (type === "system") user = fromSystem;
-		else if (type === "context") user = fromContext;
-		else user = fromOptions ?? fromContext ?? fromSystem;
-		if (!user) {
-			if (this.alepha.isTest() && !("user" in options)) return this.createTestUser();
-			throw new UnauthorizedError("User is required for calling this action");
-		}
-		const roles = user.roles ?? (this.alepha.isTest() ? this.securityProvider.getRoles().map((role) => role.name) : []);
-		let ownership;
-		if (permission) {
-			const result = this.securityProvider.checkPermission(permission, ...roles);
-			if (!result.isAuthorized) throw new ForbiddenError(`Permission '${this.securityProvider.permissionToString(permission)}' is required for this route`);
-			ownership = result.ownership;
-		}
-		return {
-			...user,
-			ownership
-		};
-	}
-	createTestUser() {
-		return {
-			id: randomUUID(),
-			name: "Test",
-			roles: this.securityProvider.getRoles().map((role) => role.name)
-		};
-	}
-	onClientRequest = $hook({
-		on: "client:onRequest",
-		handler: async ({ request, options }) => {
-			if (!this.alepha.isTest()) return;
-			if ("user" in options && options.user === void 0) return;
-			request.headers = new Headers(request.headers);
-			if (!request.headers.has("authorization")) {
-				const test = this.createTestUser();
-				const user = typeof options?.user === "object" ? options.user : void 0;
-				const sub = user?.id ?? test.id;
-				const roles = user?.roles ?? test.roles;
-				const token = await this.jwtProvider.create({
-					sub,
-					roles
-				}, user?.realm ?? this.securityProvider.getRealms()[0]?.name);
-				request.headers.set("authorization", `Bearer ${token}`);
-			}
-		}
-	});
-};
-//#endregion
-//#region src/server-security/index.ts
-/**
-* Plugin for Alepha Server that provides security features. Based on the Alepha Security module.
-*
-* By default, all $action will be guarded by a permission check.
-*
-* @see {@link ServerSecurityProvider}
-* @module alepha.server.security
-*/
-const AlephaServerSecurity = $module({
-	name: "alepha.server.security",
-	descriptors: [
-		$realm,
-		$role,
-		$permission,
-		$basicAuth
-	],
-	services: [
-		AlephaServer,
-		AlephaSecurity,
-		ServerSecurityProvider,
-		ServerBasicAuthProvider
-	]
-});
-//#endregion
-//#region src/server-cache/providers/ServerCacheProvider.ts
-ActionDescriptor.prototype.invalidate = async function() {
-	await this.alepha.inject(ServerCacheProvider).invalidate(this.route);
-};
-var ServerCacheProvider = class {
-	log = $logger();
-	alepha = $inject(Alepha);
-	time = $inject(DateTimeProvider);
-	cache = $cache({ provider: "memory" });
-	generateETag(content) {
-		return `"${createHash("md5").update(content).digest("hex")}"`;
-	}
-	async invalidate(route) {
-		if (!route.cache) return;
-		await this.cache.invalidate(this.createCacheKey(route));
-	}
-	onActionRequest = $hook({
-		on: "action:onRequest",
-		handler: async ({ action, request }) => {
-			const cache = action.route.cache;
-			if (this.shouldStore(cache)) {
-				const key = this.createCacheKey(action.route, request);
-				const cached = await this.cache.get(key);
-				if (cached) {
-					const body = cached.contentType === "application/json" ? JSON.parse(cached.body) : cached.body;
-					this.log.trace("Cache hit for action", {
-						key,
-						action: action.name
-					});
-					request.reply.body = body;
-				} else this.log.trace("Cache miss for action", {
-					key,
-					action: action.name
-				});
-			}
-		}
-	});
-	onActionResponse = $hook({
-		on: "action:onResponse",
-		handler: async ({ action, request, response }) => {
-			const cache = action.route.cache;
-			if (!this.shouldStore(cache) || !response) return;
-			if (request.reply.status && request.reply.status >= 400) return;
-			const contentType = typeof response === "string" ? "text/plain" : "application/json";
-			const body = contentType === "text/plain" ? response : JSON.stringify(response);
-			const generatedEtag = this.generateETag(body);
-			const lastModified = this.time.toISOString();
-			const key = this.createCacheKey(action.route, request);
-			this.log.trace("Storing response", {
-				key,
-				action: action.name
-			});
-			await this.cache.set(key, {
-				body,
-				lastModified,
-				contentType,
-				hash: generatedEtag
-			});
-			const cacheControl = this.buildCacheControlHeader(cache);
-			if (cacheControl) request.reply.setHeader("cache-control", cacheControl);
-		}
-	});
-	onRequest = $hook({
-		on: "server:onRequest",
-		handler: async ({ route, request }) => {
-			const cache = route.cache;
-			const shouldStore = this.shouldStore(cache);
-			const shouldUseEtag = this.shouldUseEtag(cache);
-			if (!shouldStore && !shouldUseEtag) return;
-			const key = this.createCacheKey(route, request);
-			const cached = await this.cache.get(key);
-			if (cached) {
-				if (request.headers["if-none-match"] === cached.hash || request.headers["if-modified-since"] === cached.lastModified) {
-					request.reply.status = 304;
-					request.reply.setHeader("etag", cached.hash);
-					request.reply.setHeader("last-modified", cached.lastModified);
-					this.log.trace("ETag match, returning 304", {
-						route: route.path,
-						etag: cached.hash
-					});
-					return;
-				}
-				if (shouldStore) {
-					this.log.trace("Cache hit for route", {
-						key,
-						route: route.path
-					});
-					request.reply.body = cached.body;
-					request.reply.status = cached.status ?? 200;
-					if (cached.contentType) request.reply.setHeader("Content-Type", cached.contentType);
-					request.reply.setHeader("etag", cached.hash);
-					request.reply.setHeader("last-modified", cached.lastModified);
-				}
-			} else if (shouldStore) this.log.trace("Cache miss for route", {
-				key,
-				route: route.path
-			});
-		}
-	});
-	onSend = $hook({
-		on: "server:onSend",
-		handler: async ({ route, request }) => {
-			const cache = route.cache;
-			const shouldStore = this.shouldStore(cache);
-			const shouldUseEtag = this.shouldUseEtag(cache);
-			if (request.reply.headers.etag) return;
-			if (!shouldStore && shouldUseEtag && request.reply.body != null && (typeof request.reply.body === "string" || Buffer.isBuffer(request.reply.body))) {
-				const generatedEtag = this.generateETag(request.reply.body);
-				if (request.headers["if-none-match"] === generatedEtag) {
-					request.reply.status = 304;
-					request.reply.body = void 0;
-					request.reply.setHeader("etag", generatedEtag);
-					this.log.trace("ETag match on send, returning 304", {
-						route: route.path,
-						etag: generatedEtag
-					});
-					return;
-				}
-			}
-		}
-	});
-	onResponse = $hook({
-		on: "server:onResponse",
-		priority: "first",
-		handler: async ({ route, request, response }) => {
-			const cache = route.cache;
-			const cacheControl = this.buildCacheControlHeader(cache);
-			if (cacheControl) response.headers["cache-control"] = cacheControl;
-			const shouldStore = this.shouldStore(cache);
-			const shouldUseEtag = this.shouldUseEtag(cache);
-			if (!shouldStore && !shouldUseEtag) return;
-			if (typeof response.body !== "string") return;
-			if (response.status && response.status >= 400) return;
-			const key = this.createCacheKey(route, request);
-			const generatedEtag = this.generateETag(response.body);
-			const lastModified = this.time.toISOString();
-			response.headers ??= {};
-			if (shouldStore) {
-				this.log.trace("Storing response", {
-					key,
-					route: route.path,
-					cache: !!cache,
-					etag: shouldUseEtag
-				});
-				await this.cache.set(key, {
-					body: response.body,
-					status: response.status,
-					contentType: response.headers?.["content-type"],
-					lastModified,
-					hash: generatedEtag
-				});
-			}
-			if (shouldUseEtag) {
-				response.headers.etag = generatedEtag;
-				response.headers["last-modified"] = lastModified;
-			}
-		}
-	});
-	buildCacheControlHeader(cache) {
-		if (!cache) return;
-		if (cache === true || typeof cache === "string" || typeof cache === "number") return;
-		const control = cache.control;
-		if (!control) return;
-		if (typeof control === "string") return control;
-		if (control === true) return "public, max-age=300";
-		const directives = [];
-		if (control.public) directives.push("public");
-		if (control.private) directives.push("private");
-		if (control.noCache) directives.push("no-cache");
-		if (control.noStore) directives.push("no-store");
-		if (control.maxAge !== void 0) {
-			const maxAgeSeconds = this.durationToSeconds(control.maxAge);
-			directives.push(`max-age=${maxAgeSeconds}`);
-		}
-		if (control.sMaxAge !== void 0) {
-			const sMaxAgeSeconds = this.durationToSeconds(control.sMaxAge);
-			directives.push(`s-maxage=${sMaxAgeSeconds}`);
-		}
-		if (control.mustRevalidate) directives.push("must-revalidate");
-		if (control.proxyRevalidate) directives.push("proxy-revalidate");
-		if (control.immutable) directives.push("immutable");
-		return directives.length > 0 ? directives.join(", ") : void 0;
-	}
-	durationToSeconds(duration) {
-		if (typeof duration === "number") return duration;
-		return this.time.duration(duration).asSeconds();
-	}
-	shouldStore(cache) {
-		if (!cache) return false;
-		if (cache === true) return true;
-		if (typeof cache === "object" && cache.store) return true;
-		return false;
-	}
-	shouldUseEtag(cache) {
-		if (cache === true) return true;
-		if (typeof cache === "object" && cache.etag) return true;
-		return false;
-	}
-	createCacheKey(route, config) {
-		const params = [];
-		for (const [key, value] of Object.entries(config?.params ?? {})) params.push(`${key}=${value}`);
-		for (const [key, value] of Object.entries(config?.query ?? {})) params.push(`${key}=${value}`);
-		return `${route.method}:${route.path.replaceAll(":", "")}:${params.join(",").replaceAll(":", "")}`;
-	}
-};
-//#endregion
-//#region src/server-cache/index.ts
-/**
-* Plugin for Alepha Server that provides server-side caching capabilities.
-* It uses the Alepha Cache module to cache responses from server actions ($action).
-* It also provides a ETag-based cache invalidation mechanism.
-*
-* @example
-* ```ts
-* import { Alepha } from "alepha";
-* import { $action } from "alepha/server";
-* import { AlephaServerCache } from "alepha/server/cache";
-*
-* class ApiServer {
-*   hello = $action({
-*     cache: true,
-*     handler: () => "Hello, World!",
-*   });
-* }
-*
-* const alepha = Alepha.create()
-*   .with(AlephaServerCache)
-*   .with(ApiServer);
-*
-* run(alepha);
-* ```
-*
-* @see {@link ServerCacheProvider}
-* @module alepha.server.cache
-*/
-const AlephaServerCache = $module({
-	name: "alepha.server.cache",
-	services: [AlephaCache, ServerCacheProvider]
-});
-//#endregion
-//#region src/server-static/descriptors/$serve.ts
-/**
-* Create a new static file handler.
-*/
-const $serve = (options = {}) => {
-	return createDescriptor(ServeDescriptor, options);
-};
-var ServeDescriptor = class extends Descriptor {};
-$serve[KIND] = ServeDescriptor;
-//#endregion
-//#region src/server-static/providers/ServerStaticProvider.ts
-var ServerStaticProvider = class {
-	alepha = $inject(Alepha);
-	routerProvider = $inject(ServerRouterProvider);
-	dateTimeProvider = $inject(DateTimeProvider);
-	fileDetector = $inject(FileDetector);
-	log = $logger();
-	directories = [];
-	configure = $hook({
-		on: "configure",
-		handler: async () => {
-			await Promise.all(this.alepha.descriptors($serve).map((it) => this.createStaticServer(it.options)));
-		}
-	});
-	async createStaticServer(options) {
-		const prefix = options.path ?? "/";
-		let root = options.root ?? process.cwd();
-		if (!isAbsolute(root)) root = join(process.cwd(), root);
-		this.log.debug("Serve static files", {
-			prefix,
-			root
-		});
-		await stat(root);
-		const files = await this.getAllFiles(root, options.ignoreDotEnvFiles);
-		const routes = await Promise.all(files.map(async (file) => {
-			const path = file.replace(root, "").replace(/\\/g, "/");
-			this.log.trace(`Mount ${join(prefix, path)} -> ${join(root, path)}`);
-			return {
-				path: join(prefix, encodeURI(path)),
-				handler: await this.createFileHandler(join(root, path), options)
-			};
-		}));
-		for (const route of routes) {
-			this.routerProvider.createRoute(route);
-			if (options.indexFallback !== false && route.path.endsWith("index.html")) this.routerProvider.createRoute({
-				path: route.path.replace(/index\.html$/, ""),
-				handler: route.handler
-			});
-		}
-		this.directories.push({
-			options,
-			files: files.map((file) => file.replace(root, "").replace(/\\/g, "/"))
-		});
-		if (options.historyApiFallback) this.routerProvider.createRoute({
-			path: join(prefix, "*").replace(/\\/g, "/"),
-			handler: async (request) => {
-				const { reply } = request;
-				if (request.url.pathname.includes(".")) {
-					reply.headers["content-type"] = "text/plain";
-					reply.body = "Not Found";
-					reply.status = 404;
-					return;
-				}
-				reply.headers["content-type"] = "text/html";
-				reply.status = 200;
-				return createReadStream(join(root, "index.html"));
-			}
-		});
-	}
-	async createFileHandler(filepath, options) {
-		const filename = basename(filepath);
-		const hasGzip = await access(`${filepath}.gz`).then(() => true).catch(() => false);
-		const hasBr = await access(`${filepath}.br`).then(() => true).catch(() => false);
-		const fileStat = await stat(filepath);
-		const lastModified = fileStat.mtime.toUTCString();
-		const etag = `"${fileStat.size}-${fileStat.mtime.getTime()}"`;
-		const contentType = this.fileDetector.getContentType(filename);
-		const cacheControl = this.getCacheControl(filename, options);
-		return async (request) => {
-			const { headers, reply } = request;
-			let path = filepath;
-			const encoding = headers["accept-encoding"];
-			if (encoding) {
-				if (hasBr && encoding.includes("br")) {
-					reply.headers["content-encoding"] = "br";
-					path += ".br";
-				} else if (hasGzip && encoding.includes("gzip")) {
-					reply.headers["content-encoding"] = "gzip";
-					path += ".gz";
-				}
-			}
-			reply.headers["content-type"] = contentType;
-			reply.headers["accept-ranges"] = "bytes";
-			reply.headers["last-modified"] = lastModified;
-			if (cacheControl) {
-				reply.headers["cache-control"] = `public, max-age=${cacheControl.maxAge}`;
-				if (cacheControl.immutable) reply.headers["cache-control"] += ", immutable";
-			}
-			reply.headers.etag = etag;
-			if (headers["if-none-match"] === etag || headers["if-modified-since"] === lastModified) {
-				reply.status = 304;
-				return;
-			}
-			return createReadStream(path);
-		};
-	}
-	getCacheFileTypes() {
-		return [
-			".js",
-			".css",
-			".woff",
-			".woff2",
-			".ttf",
-			".eot",
-			".otf",
-			".jpg",
-			".jpeg",
-			".png",
-			".svg",
-			".gif"
-		];
-	}
-	getCacheControl(filename, options) {
-		if (!options.cacheControl) return;
-		const fileTypes = options.cacheControl.fileTypes ?? this.getCacheFileTypes();
-		for (const type of fileTypes) if (filename.endsWith(type)) return {
-			immutable: options.cacheControl.immutable ?? true,
-			maxAge: this.dateTimeProvider.duration(options.cacheControl.maxAge ?? [30, "days"]).as("seconds")
-		};
-	}
-	async getAllFiles(dir, ignoreDotEnvFiles = true) {
-		const entries = await readdir(dir, { withFileTypes: true });
-		return (await Promise.all(entries.map((dirent) => {
-			if (ignoreDotEnvFiles && dirent.name.startsWith(".")) return [];
-			const fullPath = join(dir, dirent.name);
-			return dirent.isDirectory() ? this.getAllFiles(fullPath) : fullPath;
-		}))).flat();
-	}
-};
-//#endregion
-//#region src/server-static/index.ts
-/**
-* Create static file server with `$static()`.
-*
-* @see {@link ServerStaticProvider}
-* @module alepha.server.static
-*/
-const AlephaServerStatic = $module({
-	name: "alepha.server.static",
-	descriptors: [$serve],
-	services: [AlephaServer, ServerStaticProvider]
-});
-//#endregion
-//#region src/server-swagger/descriptors/$swagger.ts
+//#region src/server-swagger/primitives/$swagger.ts
 /**
-* Creates an OpenAPI/Swagger documentation descriptor with interactive UI.
+* Creates an OpenAPI/Swagger documentation primitive with interactive UI.
 *
-* Automatically generates API documentation from your $action descriptors and serves
+* Automatically generates API documentation from your $action primitives and serves
 * an interactive Swagger UI for testing endpoints. Supports customization, tag filtering,
 * and OAuth configuration.
 *
@@ -737,10 +34,10 @@ const AlephaServerStatic = $module({
 * ```
 */
 const $swagger = (options = {}) => {
-	return createDescriptor(SwaggerDescriptor, options);
+	return createPrimitive(SwaggerPrimitive, options);
 };
-var SwaggerDescriptor = class extends Descriptor {};
-$swagger[KIND] = SwaggerDescriptor;
+var SwaggerPrimitive = class extends Primitive {};
+$swagger[KIND] = SwaggerPrimitive;
 //#endregion
 //#region src/server-swagger/providers/ServerSwaggerProvider.ts
@@ -765,14 +62,14 @@ var ServerSwaggerProvider = class {
 		on: "configure",
 		priority: "last",
 		handler: async (alepha) => {
-			const options = alepha.descriptors($swagger)?.[0]?.options;
+			const options = alepha.primitives($swagger)?.[0]?.options;
 			if (!options) return;
 			this.json = await this.createSwagger(options);
 		}
 	});
 	async createSwagger(options) {
 		if (options.disabled) return;
-		const json = this.configureOpenApi(this.alepha.descriptors($action), options);
+		const json = this.configureOpenApi(this.alepha.primitives($action), options);
 		if (options.rewrite) options.rewrite(json);
 		const prefix = options.prefix ?? "/docs";
 		this.configureSwaggerApi(prefix, json);
@@ -940,7 +237,7 @@ window.onload = function() {
 };
 		`.trim();
 		const dirname = fileURLToPath(import.meta.url);
-		const root = await this.getAssetPath(ui.root, join(dirname, "../../assets/swagger-ui"), join(dirname, "../../../../assets/swagger-ui"));
+		const root = await this.getAssetPath(ui.root, join(dirname, "../../assets/swagger-ui"), join(dirname, "../../../assets/swagger-ui"), join(dirname, "../../../../assets/swagger-ui"));
 		if (!root) {
 			this.log.warn(`Failed to locate Swagger UI assets for path ${prefix}`);
 			return;
@@ -1001,17 +298,17 @@ window.onload = function() {
 */
 const AlephaServerSwagger = $module({
 	name: "alepha.server.swagger",
-	descriptors: [$swagger],
+	primitives: [$swagger],
 	services: [ServerSwaggerProvider],
 	register: (alepha) => {
 		alepha.with(AlephaServer);
 		alepha.with(AlephaServerCache);
 		alepha.with(AlephaServerStatic);
 		alepha.with(ServerSwaggerProvider);
-		alepha.state.push("alepha.build.assets", "alepha");
+		alepha.store.push("alepha.build.assets", "alepha");
 	}
 });
 //#endregion
-export { $swagger, AlephaServerSwagger, ServerSwaggerProvider, SwaggerDescriptor, swaggerOptions };
+export { $swagger, AlephaServerSwagger, ServerSwaggerProvider, SwaggerPrimitive, swaggerOptions };
 //# sourceMappingURL=index.js.map