npm - alepha - Versions diffs - 0.14.3 → 0.15.0 - Mend

alepha 0.14.3 → 0.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (317) hide show

package/README.md +2 -5
package/dist/api/audits/index.d.ts +620 -811
package/dist/api/audits/index.d.ts.map +1 -1
package/dist/api/files/index.d.ts +185 -377
package/dist/api/files/index.d.ts.map +1 -1
package/dist/api/files/index.js +0 -1
package/dist/api/files/index.js.map +1 -1
package/dist/api/jobs/index.d.ts +245 -435
package/dist/api/jobs/index.d.ts.map +1 -1
package/dist/api/notifications/index.d.ts +238 -429
package/dist/api/notifications/index.d.ts.map +1 -1
package/dist/api/parameters/index.d.ts +236 -427
package/dist/api/parameters/index.d.ts.map +1 -1
package/dist/api/users/index.browser.js +1 -2
package/dist/api/users/index.browser.js.map +1 -1
package/dist/api/users/index.d.ts +1010 -1196
package/dist/api/users/index.d.ts.map +1 -1
package/dist/api/users/index.js +178 -151
package/dist/api/users/index.js.map +1 -1
package/dist/api/verifications/index.d.ts +17 -17
package/dist/api/verifications/index.d.ts.map +1 -1
package/dist/batch/index.d.ts +122 -122
package/dist/batch/index.d.ts.map +1 -1
package/dist/batch/index.js +1 -2
package/dist/batch/index.js.map +1 -1
package/dist/bucket/index.d.ts +163 -163
package/dist/bucket/index.d.ts.map +1 -1
package/dist/cache/core/index.d.ts +46 -46
package/dist/cache/core/index.d.ts.map +1 -1
package/dist/cache/redis/index.d.ts.map +1 -1
package/dist/cli/index.d.ts +384 -285
package/dist/cli/index.d.ts.map +1 -1
package/dist/cli/index.js +1113 -623
package/dist/cli/index.js.map +1 -1
package/dist/command/index.d.ts +299 -300
package/dist/command/index.d.ts.map +1 -1
package/dist/command/index.js +13 -9
package/dist/command/index.js.map +1 -1
package/dist/core/index.browser.js +445 -103
package/dist/core/index.browser.js.map +1 -1
package/dist/core/index.d.ts +733 -625
package/dist/core/index.d.ts.map +1 -1
package/dist/core/index.js +446 -103
package/dist/core/index.js.map +1 -1
package/dist/core/index.native.js +445 -103
package/dist/core/index.native.js.map +1 -1
package/dist/datetime/index.d.ts +44 -44
package/dist/datetime/index.d.ts.map +1 -1
package/dist/datetime/index.js +4 -4
package/dist/datetime/index.js.map +1 -1
package/dist/email/index.d.ts +97 -50
package/dist/email/index.d.ts.map +1 -1
package/dist/email/index.js +129 -33
package/dist/email/index.js.map +1 -1
package/dist/fake/index.d.ts +7981 -14
package/dist/fake/index.d.ts.map +1 -1
package/dist/file/index.d.ts +523 -390
package/dist/file/index.d.ts.map +1 -1
package/dist/file/index.js +253 -1
package/dist/file/index.js.map +1 -1
package/dist/lock/core/index.d.ts +208 -208
package/dist/lock/core/index.d.ts.map +1 -1
package/dist/lock/redis/index.d.ts.map +1 -1
package/dist/logger/index.d.ts +25 -26
package/dist/logger/index.d.ts.map +1 -1
package/dist/logger/index.js +12 -2
package/dist/logger/index.js.map +1 -1
package/dist/mcp/index.d.ts +197 -197
package/dist/mcp/index.d.ts.map +1 -1
package/dist/mcp/index.js +1 -1
package/dist/mcp/index.js.map +1 -1
package/dist/orm/chunk-DtkW-qnP.js +38 -0
package/dist/orm/index.browser.js.map +1 -1
package/dist/orm/index.bun.js +2814 -0
package/dist/orm/index.bun.js.map +1 -0
package/dist/orm/index.d.ts +1228 -1216
package/dist/orm/index.d.ts.map +1 -1
package/dist/orm/index.js +2041 -1967
package/dist/orm/index.js.map +1 -1
package/dist/queue/core/index.d.ts +248 -248
package/dist/queue/core/index.d.ts.map +1 -1
package/dist/queue/redis/index.d.ts.map +1 -1
package/dist/redis/index.bun.js +285 -0
package/dist/redis/index.bun.js.map +1 -0
package/dist/redis/index.d.ts +118 -136
package/dist/redis/index.d.ts.map +1 -1
package/dist/redis/index.js +18 -38
package/dist/redis/index.js.map +1 -1
package/dist/retry/index.d.ts +69 -69
package/dist/retry/index.d.ts.map +1 -1
package/dist/router/index.d.ts +6 -6
package/dist/router/index.d.ts.map +1 -1
package/dist/scheduler/index.d.ts +25 -25
package/dist/scheduler/index.d.ts.map +1 -1
package/dist/security/index.browser.js +5 -1
package/dist/security/index.browser.js.map +1 -1
package/dist/security/index.d.ts +417 -254
package/dist/security/index.d.ts.map +1 -1
package/dist/security/index.js +386 -86
package/dist/security/index.js.map +1 -1
package/dist/server/auth/index.d.ts +110 -110
package/dist/server/auth/index.d.ts.map +1 -1
package/dist/server/auth/index.js +20 -20
package/dist/server/auth/index.js.map +1 -1
package/dist/server/cache/index.d.ts +62 -47
package/dist/server/cache/index.d.ts.map +1 -1
package/dist/server/cache/index.js +56 -3
package/dist/server/cache/index.js.map +1 -1
package/dist/server/compress/index.d.ts +6 -0
package/dist/server/compress/index.d.ts.map +1 -1
package/dist/server/compress/index.js +36 -1
package/dist/server/compress/index.js.map +1 -1
package/dist/server/cookies/index.d.ts +6 -6
package/dist/server/cookies/index.d.ts.map +1 -1
package/dist/server/cookies/index.js +3 -3
package/dist/server/cookies/index.js.map +1 -1
package/dist/server/core/index.browser.js +2 -2
package/dist/server/core/index.browser.js.map +1 -1
package/dist/server/core/index.d.ts +242 -150
package/dist/server/core/index.d.ts.map +1 -1
package/dist/server/core/index.js +294 -125
package/dist/server/core/index.js.map +1 -1
package/dist/server/cors/index.d.ts +11 -12
package/dist/server/cors/index.d.ts.map +1 -1
package/dist/server/health/index.d.ts +0 -1
package/dist/server/health/index.d.ts.map +1 -1
package/dist/server/helmet/index.d.ts +2 -2
package/dist/server/helmet/index.d.ts.map +1 -1
package/dist/server/links/index.browser.js.map +1 -1
package/dist/server/links/index.d.ts +123 -124
package/dist/server/links/index.d.ts.map +1 -1
package/dist/server/links/index.js +1 -2
package/dist/server/links/index.js.map +1 -1
package/dist/server/metrics/index.d.ts.map +1 -1
package/dist/server/multipart/index.d.ts +6 -6
package/dist/server/multipart/index.d.ts.map +1 -1
package/dist/server/proxy/index.d.ts +102 -103
package/dist/server/proxy/index.d.ts.map +1 -1
package/dist/server/rate-limit/index.d.ts +16 -16
package/dist/server/rate-limit/index.d.ts.map +1 -1
package/dist/server/static/index.d.ts +44 -44
package/dist/server/static/index.d.ts.map +1 -1
package/dist/server/static/index.js +4 -0
package/dist/server/static/index.js.map +1 -1
package/dist/server/swagger/index.d.ts +48 -49
package/dist/server/swagger/index.d.ts.map +1 -1
package/dist/server/swagger/index.js +3 -5
package/dist/server/swagger/index.js.map +1 -1
package/dist/sms/index.d.ts +13 -11
package/dist/sms/index.d.ts.map +1 -1
package/dist/sms/index.js +7 -7
package/dist/sms/index.js.map +1 -1
package/dist/thread/index.d.ts +71 -72
package/dist/thread/index.d.ts.map +1 -1
package/dist/topic/core/index.d.ts +318 -318
package/dist/topic/core/index.d.ts.map +1 -1
package/dist/topic/redis/index.d.ts +6 -6
package/dist/topic/redis/index.d.ts.map +1 -1
package/dist/vite/index.d.ts +5805 -249
package/dist/vite/index.d.ts.map +1 -1
package/dist/vite/index.js +599 -513
package/dist/vite/index.js.map +1 -1
package/dist/websocket/index.browser.js +6 -6
package/dist/websocket/index.browser.js.map +1 -1
package/dist/websocket/index.d.ts +247 -247
package/dist/websocket/index.d.ts.map +1 -1
package/dist/websocket/index.js +6 -6
package/dist/websocket/index.js.map +1 -1
package/package.json +9 -14
package/src/api/files/controllers/AdminFileStatsController.ts +0 -1
package/src/api/users/atoms/realmAuthSettingsAtom.ts +5 -0
package/src/api/users/controllers/{UserRealmController.ts → RealmController.ts} +11 -11
package/src/api/users/entities/users.ts +1 -1
package/src/api/users/index.ts +8 -8
package/src/api/users/primitives/{$userRealm.ts → $realm.ts} +17 -19
package/src/api/users/providers/{UserRealmProvider.ts → RealmProvider.ts} +26 -30
package/src/api/users/schemas/{userRealmConfigSchema.ts → realmConfigSchema.ts} +2 -2
package/src/api/users/services/CredentialService.ts +7 -7
package/src/api/users/services/IdentityService.ts +4 -4
package/src/api/users/services/RegistrationService.spec.ts +25 -27
package/src/api/users/services/RegistrationService.ts +38 -27
package/src/api/users/services/SessionCrudService.ts +3 -3
package/src/api/users/services/SessionService.spec.ts +3 -3
package/src/api/users/services/SessionService.ts +28 -9
package/src/api/users/services/UserService.ts +7 -7
package/src/batch/providers/BatchProvider.ts +1 -2
package/src/cli/apps/AlephaCli.ts +0 -2
package/src/cli/apps/AlephaPackageBuilderCli.ts +38 -19
package/src/cli/assets/apiHelloControllerTs.ts +18 -0
package/src/cli/assets/apiIndexTs.ts +16 -0
package/src/cli/assets/claudeMd.ts +303 -0
package/src/cli/assets/mainBrowserTs.ts +2 -2
package/src/cli/assets/mainServerTs.ts +24 -0
package/src/cli/assets/webAppRouterTs.ts +15 -0
package/src/cli/assets/webHelloComponentTsx.ts +16 -0
package/src/cli/assets/webIndexTs.ts +16 -0
package/src/cli/atoms/buildOptions.ts +88 -0
package/src/cli/commands/build.ts +70 -87
package/src/cli/commands/db.ts +21 -22
package/src/cli/commands/deploy.ts +17 -5
package/src/cli/commands/dev.ts +22 -14
package/src/cli/commands/format.ts +8 -2
package/src/cli/commands/gen/env.ts +53 -0
package/src/cli/commands/gen/openapi.ts +1 -1
package/src/cli/commands/gen/resource.ts +15 -0
package/src/cli/commands/gen.ts +7 -1
package/src/cli/commands/init.ts +74 -30
package/src/cli/commands/lint.ts +8 -2
package/src/cli/commands/test.ts +8 -3
package/src/cli/commands/typecheck.ts +5 -1
package/src/cli/commands/verify.ts +5 -3
package/src/cli/defineConfig.ts +49 -7
package/src/cli/index.ts +0 -1
package/src/cli/services/AlephaCliUtils.ts +39 -589
package/src/cli/services/PackageManagerUtils.ts +301 -0
package/src/cli/services/ProjectScaffolder.ts +306 -0
package/src/command/helpers/Runner.spec.ts +2 -2
package/src/command/helpers/Runner.ts +16 -4
package/src/command/primitives/$command.ts +0 -6
package/src/command/providers/CliProvider.ts +1 -3
package/src/core/Alepha.ts +42 -0
package/src/core/__tests__/Alepha-graph.spec.ts +4 -0
package/src/core/index.shared.ts +1 -0
package/src/core/index.ts +2 -0
package/src/core/primitives/$hook.ts +6 -2
package/src/core/primitives/$module.spec.ts +4 -0
package/src/core/providers/AlsProvider.ts +1 -1
package/src/core/providers/CodecManager.spec.ts +12 -6
package/src/core/providers/CodecManager.ts +26 -6
package/src/core/providers/EventManager.ts +169 -13
package/src/core/providers/KeylessJsonSchemaCodec.spec.ts +621 -0
package/src/core/providers/KeylessJsonSchemaCodec.ts +407 -0
package/src/core/providers/StateManager.spec.ts +27 -16
package/src/email/providers/LocalEmailProvider.spec.ts +111 -87
package/src/email/providers/LocalEmailProvider.ts +52 -15
package/src/email/providers/NodemailerEmailProvider.ts +167 -56
package/src/file/errors/FileError.ts +7 -0
package/src/file/index.ts +9 -1
package/src/file/providers/MemoryFileSystemProvider.ts +393 -0
package/src/logger/index.ts +15 -3
package/src/mcp/transports/StdioMcpTransport.ts +1 -1
package/src/orm/index.browser.ts +1 -19
package/src/orm/index.bun.ts +77 -0
package/src/orm/index.shared-server.ts +22 -0
package/src/orm/index.shared.ts +15 -0
package/src/orm/index.ts +13 -39
package/src/orm/providers/drivers/BunPostgresProvider.ts +3 -5
package/src/orm/providers/drivers/BunSqliteProvider.ts +1 -1
package/src/orm/providers/drivers/CloudflareD1Provider.ts +4 -0
package/src/orm/providers/drivers/DatabaseProvider.ts +4 -0
package/src/orm/providers/drivers/PglitePostgresProvider.ts +4 -0
package/src/orm/services/Repository.ts +8 -0
package/src/queue/core/providers/WorkerProvider.spec.ts +48 -32
package/src/redis/index.bun.ts +35 -0
package/src/redis/providers/BunRedisProvider.ts +12 -43
package/src/redis/providers/BunRedisSubscriberProvider.ts +2 -3
package/src/redis/providers/NodeRedisProvider.ts +16 -34
package/src/{server/security → security}/__tests__/BasicAuth.spec.ts +11 -11
package/src/{server/security → security}/__tests__/ServerSecurityProvider-realm.spec.ts +21 -16
package/src/{server/security/providers → security/__tests__}/ServerSecurityProvider.spec.ts +5 -5
package/src/security/index.browser.ts +5 -0
package/src/security/index.ts +90 -7
package/src/security/primitives/{$realm.spec.ts → $issuer.spec.ts} +11 -11
package/src/security/primitives/{$realm.ts → $issuer.ts} +20 -17
package/src/security/primitives/$role.ts +5 -5
package/src/security/primitives/$serviceAccount.spec.ts +5 -5
package/src/security/primitives/$serviceAccount.ts +3 -3
package/src/{server/security → security}/providers/ServerSecurityProvider.ts +5 -7
package/src/server/auth/primitives/$auth.ts +10 -10
package/src/server/auth/primitives/$authCredentials.ts +3 -3
package/src/server/auth/primitives/$authGithub.ts +3 -3
package/src/server/auth/primitives/$authGoogle.ts +3 -3
package/src/server/auth/providers/ServerAuthProvider.ts +13 -13
package/src/server/cache/providers/ServerCacheProvider.spec.ts +183 -0
package/src/server/cache/providers/ServerCacheProvider.ts +95 -10
package/src/server/compress/providers/ServerCompressProvider.ts +61 -2
package/src/server/cookies/providers/ServerCookiesProvider.ts +3 -3
package/src/server/core/helpers/ServerReply.ts +2 -2
package/src/server/core/providers/NodeHttpServerProvider.ts +25 -6
package/src/server/core/providers/ServerBodyParserProvider.ts +19 -23
package/src/server/core/providers/ServerLoggerProvider.ts +23 -19
package/src/server/core/providers/ServerProvider.ts +155 -22
package/src/server/core/providers/ServerRouterProvider.ts +259 -115
package/src/server/core/providers/ServerTimingProvider.ts +2 -2
package/src/server/links/index.ts +1 -1
package/src/server/links/providers/LinkProvider.ts +1 -1
package/src/server/static/providers/ServerStaticProvider.ts +10 -0
package/src/server/swagger/index.ts +1 -1
package/src/server/swagger/providers/ServerSwaggerProvider.ts +5 -8
package/src/sms/providers/LocalSmsProvider.spec.ts +153 -111
package/src/sms/providers/LocalSmsProvider.ts +8 -7
package/src/vite/helpers/boot.ts +28 -17
package/src/vite/helpers/importViteReact.ts +13 -0
package/src/vite/index.ts +1 -21
package/src/vite/plugins/viteAlephaDev.ts +16 -1
package/src/vite/plugins/viteAlephaSsrPreload.ts +222 -0
package/src/vite/tasks/buildClient.ts +11 -0
package/src/vite/tasks/buildServer.ts +59 -4
package/src/vite/tasks/devServer.ts +71 -0
package/src/vite/tasks/generateCloudflare.ts +7 -0
package/src/vite/tasks/index.ts +2 -1
package/dist/server/security/index.browser.js +0 -13
package/dist/server/security/index.browser.js.map +0 -1
package/dist/server/security/index.d.ts +0 -173
package/dist/server/security/index.d.ts.map +0 -1
package/dist/server/security/index.js +0 -311
package/dist/server/security/index.js.map +0 -1
package/src/cli/assets/appRouterTs.ts +0 -9
package/src/cli/assets/mainTs.ts +0 -13
package/src/cli/assets/viteConfigTs.ts +0 -14
package/src/cli/commands/run.ts +0 -24
package/src/server/security/index.browser.ts +0 -10
package/src/server/security/index.ts +0 -94
package/src/vite/plugins/viteAlepha.ts +0 -37
package/src/vite/plugins/viteAlephaBuild.ts +0 -281
/package/src/{server/security → security}/primitives/$basicAuth.ts +0 -0
/package/src/{server/security → security}/providers/ServerBasicAuthProvider.ts +0 -0

package/src/redis/providers/NodeRedisProvider.ts CHANGED Viewed

@@ -4,19 +4,23 @@ import {
   type RedisClientType,
   type SetOptions,
 } from "@redis/client";
-import { $env, $hook, $inject, Alepha, type Static, t } from "alepha";
+import {
+  $env,
+  $hook,
+  $inject,
+  Alepha,
+  AlephaError,
+  type Static,
+  t,
+} from "alepha";
 import { $logger } from "alepha/logger";
 import { RedisProvider, type RedisSetOptions } from "./RedisProvider.ts";
 const envSchema = t.object({
-  REDIS_URL: t.optional(t.text()),
-  REDIS_PORT: t.integer({
-    default: "6379",
-  }),
-  REDIS_HOST: t.text({
-    default: "localhost",
+  REDIS_URL: t.text({
+    default: "redis://localhost:6379",
+    description: "Redis connection URL",
   }),
-  REDIS_PASSWORD: t.optional(t.text()),
 });
 declare module "alepha" {
@@ -39,10 +43,8 @@ export type NodeRedisClientOptions = Parameters<typeof createClient>[0];
  *
  * @example
  * ```ts
- * // Set REDIS_URL environment variable
- * // REDIS_URL=redis://localhost:6379
- *
- * // Or configure via REDIS_HOST, REDIS_PORT, REDIS_PASSWORD
+ * // Set REDIS_URL environment variable (default: redis://localhost:6379)
+ * // REDIS_URL=redis://:password@myredis.example.com:6379
  *
  * // Or configure programmatically
  * alepha.with({
@@ -59,7 +61,7 @@ export class NodeRedisProvider extends RedisProvider {
   public get publisher(): NodeRedisClient {
     if (!this.client.isReady) {
-      throw new Error("Redis client is not ready");
+      throw new AlephaError("Redis client is not ready");
     }
     return this.client;
@@ -235,27 +237,7 @@ export class NodeRedisProvider extends RedisProvider {
    * Get the Redis connection URL.
    */
   protected getUrl(): string {
-    // Prefer REDIS_URL if set
-    if (this.env.REDIS_URL) {
-      return this.env.REDIS_URL;
-    }
-    // Build URL from components
-    const url = new URL("redis://127.0.0.1:6379");
-    if (this.env.REDIS_PASSWORD) {
-      url.password = this.env.REDIS_PASSWORD;
-    }
-    if (this.env.REDIS_HOST) {
-      url.hostname = this.env.REDIS_HOST;
-    }
-    if (this.env.REDIS_PORT) {
-      url.port = String(this.env.REDIS_PORT);
-    }
-    return url.toString();
+    return this.env.REDIS_URL;
   }
   /**

package/src/{server/security → security}/__tests__/BasicAuth.spec.ts RENAMED Viewed

@@ -3,7 +3,7 @@ import { $action, AlephaServer } from "alepha/server";
 import { afterEach, beforeEach, describe, expect, it } from "vitest";
 import {
   $basicAuth,
-  AlephaServerSecurity,
+  AlephaSecurity,
   ServerBasicAuthProvider,
 } from "../index.ts";
@@ -58,7 +58,7 @@ describe("Basic Authentication", () => {
   beforeEach(async () => {
     alepha = Alepha.create()
       .with(AlephaServer)
-      .with(AlephaServerSecurity)
+      .with(AlephaSecurity)
       .with(TestApp);
     await alepha.start();
@@ -269,7 +269,7 @@ describe("Basic Authentication", () => {
       const edgeAlepha = Alepha.create()
         .with(AlephaServer)
-        .with(AlephaServerSecurity)
+        .with(AlephaSecurity)
         .with(EdgeCaseApp);
       await edgeAlepha.start();
@@ -301,7 +301,7 @@ describe("Basic Authentication", () => {
       const emptyAlepha = Alepha.create()
         .with(AlephaServer)
-        .with(AlephaServerSecurity)
+        .with(AlephaSecurity)
         .with(EmptyPasswordApp);
       await emptyAlepha.start();
@@ -333,7 +333,7 @@ describe("Basic Authentication", () => {
       const specialAlepha = Alepha.create()
         .with(AlephaServer)
-        .with(AlephaServerSecurity)
+        .with(AlephaSecurity)
         .with(SpecialCharsApp);
       await specialAlepha.start();
@@ -365,7 +365,7 @@ describe("Basic Authentication", () => {
       const unicodeAlepha = Alepha.create()
         .with(AlephaServer)
-        .with(AlephaServerSecurity)
+        .with(AlephaSecurity)
         .with(UnicodeApp);
       await unicodeAlepha.start();
@@ -397,7 +397,7 @@ describe("Basic Authentication", () => {
       const unicodeAlepha = Alepha.create()
         .with(AlephaServer)
-        .with(AlephaServerSecurity)
+        .with(AlephaSecurity)
         .with(UnicodeApp);
       await unicodeAlepha.start();
@@ -434,7 +434,7 @@ describe("Basic Authentication", () => {
       const longAlepha = Alepha.create()
         .with(AlephaServer)
-        .with(AlephaServerSecurity)
+        .with(AlephaSecurity)
         .with(LongCredsApp);
       await longAlepha.start();
@@ -466,7 +466,7 @@ describe("Basic Authentication", () => {
       const emptyUserAlepha = Alepha.create()
         .with(AlephaServer)
-        .with(AlephaServerSecurity)
+        .with(AlephaSecurity)
         .with(EmptyUsernameApp);
       await emptyUserAlepha.start();
@@ -549,7 +549,7 @@ describe("Basic Authentication", () => {
       const wsAlepha = Alepha.create()
         .with(AlephaServer)
-        .with(AlephaServerSecurity)
+        .with(AlephaSecurity)
         .with(WhitespaceApp);
       await wsAlepha.start();
@@ -582,7 +582,7 @@ describe("Basic Authentication", () => {
       const wsAlepha = Alepha.create()
         .with(AlephaServer)
-        .with(AlephaServerSecurity)
+        .with(AlephaSecurity)
         .with(WhitespaceApp);
       await wsAlepha.start();

package/src/{server/security → security}/__tests__/ServerSecurityProvider-realm.spec.ts RENAMED Viewed

@@ -1,14 +1,19 @@
 import { randomUUID } from "node:crypto";
 import { Alepha } from "alepha";
-import { $realm } from "alepha/security";
-import { $action, $route, ForbiddenError, ServerProvider } from "alepha/server";
+import {
+  $action,
+  $route,
+  AlephaServer,
+  ForbiddenError,
+  ServerProvider,
+} from "alepha/server";
 import { describe, expect, it } from "vitest";
-import { AlephaServerSecurity } from "../index.ts";
+import { $issuer, AlephaSecurity } from "../index.ts";
 describe("ServerSecurityProvider - Realm Protection", () => {
   it("should allow access when user belongs to the required realm", async () => {
     class TestApp {
-      realmA = $realm({
+      realmA = $issuer({
         secret: "test-realm-a",
         roles: [
           {
@@ -18,7 +23,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
         ],
       });
-      realmB = $realm({
+      realmB = $issuer({
         secret: "test-realm-b",
         roles: [
           {
@@ -43,7 +48,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
       });
     }
-    const alepha = Alepha.create().with(AlephaServerSecurity);
+    const alepha = Alepha.create().with(AlephaServer).with(AlephaSecurity);
     const app = alepha.inject(TestApp);
     await alepha.start();
@@ -85,7 +90,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
   it("should deny access when user does not belong to the required realm", async () => {
     class TestApp {
-      realmA = $realm({
+      realmA = $issuer({
         secret: "test-realm-a",
         roles: [
           {
@@ -95,7 +100,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
         ],
       });
-      realmB = $realm({
+      realmB = $issuer({
         secret: "test-realm-b",
         roles: [
           {
@@ -120,7 +125,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
       });
     }
-    const alepha = Alepha.create().with(AlephaServerSecurity);
+    const alepha = Alepha.create().with(AlephaServer).with(AlephaSecurity);
     const app = alepha.inject(TestApp);
     await alepha.start();
@@ -172,7 +177,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
   it("should work with actions when user has no realm attribute", async () => {
     class TestApp {
-      realmA = $realm({
+      realmA = $issuer({
         secret: "test-realm-a",
         roles: [
           {
@@ -188,7 +193,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
       });
     }
-    const alepha = Alepha.create().with(AlephaServerSecurity);
+    const alepha = Alepha.create().with(AlephaServer).with(AlephaSecurity);
     const app = alepha.inject(TestApp);
     await alepha.start();
@@ -215,7 +220,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
   it("should combine realm and permission checks", async () => {
     class TestApp {
-      realmA = $realm({
+      realmA = $issuer({
         secret: "test-realm-a",
         roles: [
           {
@@ -229,7 +234,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
         ],
       });
-      realmB = $realm({
+      realmB = $issuer({
         secret: "test-realm-b",
       });
@@ -248,7 +253,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
       });
     }
-    const alepha = Alepha.create().with(AlephaServerSecurity);
+    const alepha = Alepha.create().with(AlephaServer).with(AlephaSecurity);
     const app = alepha.inject(TestApp);
     await alepha.start();
@@ -336,7 +341,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
   it("should work with fetch requests when realm is valid", async () => {
     class TestApp {
-      realmA = $realm({
+      realmA = $issuer({
         secret: "test-realm-a",
         roles: [
           {
@@ -352,7 +357,7 @@ describe("ServerSecurityProvider - Realm Protection", () => {
       });
     }
-    const alepha = Alepha.create().with(AlephaServerSecurity);
+    const alepha = Alepha.create().with(AlephaServer).with(AlephaSecurity);
     const app = alepha.inject(TestApp);
     await alepha.start();

package/src/{server/security/providers → security/__tests__}/ServerSecurityProvider.spec.ts RENAMED Viewed

@@ -1,15 +1,15 @@
 import { randomUUID } from "node:crypto";
 import { Alepha } from "alepha";
-import { $realm } from "alepha/security";
 import {
   $action,
+  AlephaServer,
   ForbiddenError,
   HttpError,
   ServerProvider,
   UnauthorizedError,
 } from "alepha/server";
 import { describe, expect, it } from "vitest";
-import { AlephaServerSecurity } from "../index.ts";
+import { $issuer, AlephaSecurity } from "../index.ts";
 describe("ServerSecurityProvider", () => {
   it("should protect action from unauthorized users", async () => {
@@ -19,7 +19,7 @@ describe("ServerSecurityProvider", () => {
       });
     }
-    const alepha = Alepha.create().with(AlephaServerSecurity);
+    const alepha = Alepha.create().with(AlephaServer).with(AlephaSecurity);
     const app = alepha.inject(TestApp);
     await alepha.start();
@@ -62,7 +62,7 @@ describe("ServerSecurityProvider", () => {
         group: "read",
         handler: () => "USER",
       });
-      realm = $realm({
+      issuer = $issuer({
         secret: "test",
         roles: [
           {
@@ -77,7 +77,7 @@ describe("ServerSecurityProvider", () => {
       });
     }
-    const alepha = Alepha.create().with(AlephaServerSecurity);
+    const alepha = Alepha.create().with(AlephaServer).with(AlephaSecurity);
     const app = alepha.inject(TestApp);
     await alepha.start();

package/src/security/index.browser.ts CHANGED Viewed

@@ -11,3 +11,8 @@ export * from "./schemas/userAccountInfoSchema.ts";
 export const AlephaSecurity = $module({
   name: "alepha.security",
 });
+/**
+ * @deprecated Use `AlephaSecurity` instead. Server security providers are automatically registered when `AlephaServer` is available.
+ */
+export const AlephaServerSecurity = AlephaSecurity;

package/src/security/index.ts CHANGED Viewed

@@ -1,27 +1,37 @@
-import { $module } from "alepha";
+import { $module, type Alepha } from "alepha";
+import { AlephaServer, type FetchOptions } from "alepha/server";
+import type { UserAccountToken } from "./interfaces/UserAccountToken.ts";
+import { $basicAuth } from "./primitives/$basicAuth.ts";
+import { $issuer } from "./primitives/$issuer.ts";
 import { $permission } from "./primitives/$permission.ts";
-import { $realm } from "./primitives/$realm.ts";
 import { $role } from "./primitives/$role.ts";
 import { CryptoProvider } from "./providers/CryptoProvider.ts";
 import { JwtProvider } from "./providers/JwtProvider.ts";
 import { SecurityProvider } from "./providers/SecurityProvider.ts";
+import { ServerBasicAuthProvider } from "./providers/ServerBasicAuthProvider.ts";
+import { ServerSecurityProvider } from "./providers/ServerSecurityProvider.ts";
 import type { UserAccount } from "./schemas/userAccountInfoSchema.ts";
 export * from "./errors/InvalidCredentialsError.ts";
 export * from "./errors/InvalidPermissionError.ts";
 export * from "./errors/SecurityError.ts";
 export * from "./interfaces/UserAccountToken.ts";
+export * from "./primitives/$basicAuth.ts";
+export * from "./primitives/$issuer.ts";
 export * from "./primitives/$permission.ts";
-export * from "./primitives/$realm.ts";
 export * from "./primitives/$role.ts";
 export * from "./primitives/$serviceAccount.ts";
 export * from "./providers/CryptoProvider.ts";
 export * from "./providers/JwtProvider.ts";
 export * from "./providers/SecurityProvider.ts";
+export * from "./providers/ServerBasicAuthProvider.ts";
+export * from "./providers/ServerSecurityProvider.ts";
 export * from "./schemas/permissionSchema.ts";
 export * from "./schemas/roleSchema.ts";
 export * from "./schemas/userAccountInfoSchema.ts";
+import type { ServerRouteSecure } from "./providers/ServerSecurityProvider.ts";
 declare module "alepha" {
   interface Hooks {
     "security:user:created": {
@@ -29,22 +39,95 @@ declare module "alepha" {
       user: UserAccount;
     };
   }
+  interface State {
+    /**
+     * Real (or fake) user account, used for internal actions.
+     *
+     * If you define this, you assume that all actions are executed by this user by default.
+     * > To force a different user, you need to pass it explicitly in the options.
+     */
+    "alepha.server.security.system.user"?: UserAccountToken;
+    /**
+     * The authenticated user account attached to the server request state.
+     *
+     * @internal
+     */
+    "alepha.server.request.user"?: UserAccount;
+  }
+}
+declare module "alepha/server" {
+  interface ServerRequest<TConfig> {
+    user?: UserAccountToken; // for all routes, user is maybe present
+  }
+  interface ServerActionRequest<TConfig> {
+    user: UserAccountToken; // for actions, user is always present
+  }
+  interface ServerRoute {
+    /**
+     * If true, the route will be protected by the security provider.
+     * All actions are secure by default, but you can disable it for specific actions.
+     */
+    secure?: boolean | ServerRouteSecure;
+  }
+  interface ClientRequestOptions extends FetchOptions {
+    /**
+     * Forward user from the previous request.
+     * If "system", use system user. @see {ServerSecurityProvider.localSystemUser}
+     * If "context", use the user from the current context (e.g. request).
+     *
+     * @default "system" if provided, else "context" if available.
+     */
+    user?: UserAccountToken | "system" | "context";
+  }
 }
 /**
  * Provides comprehensive authentication and authorization capabilities with JWT tokens, role-based access control, and user management.
  *
- * The security module enables building secure applications using primitives like `$realm`, `$role`, and `$permission`
+ * The security module enables building secure applications using primitives like `$issuer`, `$role`, and `$permission`
  * on class properties. It offers JWT-based authentication, fine-grained permissions, service accounts, and seamless
  * integration with various authentication providers and user management systems.
  *
- * @see {@link $realm}
+ * When used with `AlephaServer`, this module automatically registers `ServerSecurityProvider` and `ServerBasicAuthProvider`
+ * to protect HTTP routes and actions with JWT and Basic Auth.
+ *
+ * @see {@link $issuer}
  * @see {@link $role}
  * @see {@link $permission}
+ * @see {@link $basicAuth}
  * @module alepha.security
  */
 export const AlephaSecurity = $module({
   name: "alepha.security",
-  primitives: [$realm, $role, $permission],
-  services: [SecurityProvider, JwtProvider, CryptoProvider],
+  primitives: [$issuer, $role, $permission, $basicAuth],
+  services: [
+    SecurityProvider,
+    JwtProvider,
+    CryptoProvider,
+    ServerSecurityProvider,
+    ServerBasicAuthProvider,
+  ],
+  register: (alepha: Alepha) => {
+    // Always register core security providers
+    alepha.with(SecurityProvider);
+    alepha.with(JwtProvider);
+    alepha.with(CryptoProvider);
+    // Register server security providers only if AlephaServer is available
+    if (alepha.has(AlephaServer)) {
+      alepha.with(ServerSecurityProvider);
+      alepha.with(ServerBasicAuthProvider);
+    }
+  },
 });
+/**
+ * @deprecated Use `AlephaSecurity` instead. Server security providers are automatically registered when `AlephaServer` is available.
+ */
+export const AlephaServerSecurity = AlephaSecurity;

package/src/security/primitives/{$realm.spec.ts → $issuer.spec.ts} RENAMED Viewed

@@ -2,9 +2,9 @@ import { randomUUID } from "node:crypto";
 import { Alepha } from "alepha";
 import { DateTimeProvider } from "alepha/datetime";
 import { describe, test } from "vitest";
-import { $realm } from "../index.ts";
+import { $issuer } from "../index.ts";
-describe("$realm", () => {
+describe("$issuer", () => {
   const roles = [
     {
       name: "admin",
@@ -18,7 +18,7 @@ describe("$realm", () => {
   test("should create token (access & refresh)", async ({ expect }) => {
     class App {
-      realm = $realm({
+      issuer = $issuer({
         secret: "test",
         roles,
       });
@@ -37,15 +37,15 @@ describe("$realm", () => {
     const now = dt.pause();
-    const token = await app.realm.createToken(user);
+    const token = await app.issuer.createToken(user);
     expect(token).toEqual({
       access_token: expect.any(String),
-      expires_in: app.realm.accessTokenExpiration.asSeconds(),
+      expires_in: app.issuer.accessTokenExpiration.asSeconds(),
       refresh_token: expect.any(String),
       token_type: "Bearer",
       issued_at: now.unix(),
-      refresh_token_expires_in: app.realm.refreshTokenExpiration.asSeconds(),
+      refresh_token_expires_in: app.issuer.refreshTokenExpiration.asSeconds(),
     });
     expect(
@@ -54,9 +54,9 @@ describe("$realm", () => {
       ),
     ).toEqual({
       sub: user.id,
-      aud: app.realm.name,
+      aud: app.issuer.name,
       iat: now.unix(),
-      exp: now.unix() + app.realm.accessTokenExpiration.asSeconds(),
+      exp: now.unix() + app.issuer.accessTokenExpiration.asSeconds(),
       name: user.name,
       roles: ["admin", "user"],
       sid: expect.any(String),
@@ -71,9 +71,9 @@ describe("$realm", () => {
       ),
     ).toEqual({
       sub: user.id,
-      aud: app.realm.name,
+      aud: app.issuer.name,
       iat: now.unix(),
-      exp: now.unix() + app.realm.refreshTokenExpiration.asSeconds(),
+      exp: now.unix() + app.issuer.refreshTokenExpiration.asSeconds(),
     });
     expect(
@@ -88,7 +88,7 @@ describe("$realm", () => {
       typ: "refresh",
     });
-    const newToken = await app.realm.createToken(user, token);
+    const newToken = await app.issuer.createToken(user, token);
     expect(newToken).toEqual({
       access_token: expect.any(String),
       issued_at: now.unix(),

package/src/security/primitives/{$realm.ts → $issuer.ts} RENAMED Viewed

@@ -13,43 +13,46 @@ import type { Role } from "../schemas/roleSchema.ts";
 import type { UserAccount } from "../schemas/userAccountInfoSchema.ts";
 /**
- * Create a new realm.
+ * Create a new issuer.
+ *
+ * An issuer is responsible for creating and verifying JWT tokens.
+ * It can be internal (with a secret) or external (with a JWKS).
  */
-export const $realm = (options: RealmPrimitiveOptions): RealmPrimitive => {
-  return createPrimitive(RealmPrimitive, options);
+export const $issuer = (options: IssuerPrimitiveOptions): IssuerPrimitive => {
+  return createPrimitive(IssuerPrimitive, options);
 };
 // ---------------------------------------------------------------------------------------------------------------------
-export type RealmPrimitiveOptions = {
+export type IssuerPrimitiveOptions = {
   /**
-   * Define the realm name.
+   * Define the issuer name.
    * If not provided, it will use the property key.
    */
   name?: string;
   /**
-   * Short description about the realm.
+   * Short description about the issuer.
    */
   description?: string;
   /**
-   * All roles available in the realm. Role is a string (role name) or a Role object (embedded role).
+   * All roles available in the issuer. Role is a string (role name) or a Role object (embedded role).
    */
   roles?: Array<string | Role>;
   /**
-   * Realm settings.
+   * Issuer settings.
    */
-  settings?: RealmSettings;
+  settings?: IssuerSettings;
   /**
    * Parse the JWT payload to create a user account info.
    */
   profile?: (jwtPayload: Record<string, any>) => UserAccount;
-} & (RealmInternal | RealmExternal);
+} & (IssuerInternal | IssuerExternal);
-export interface RealmSettings {
+export interface IssuerSettings {
   accessToken?: {
     /**
      * Lifetime of the access token.
@@ -87,14 +90,14 @@ export interface RealmSettings {
   onDeleteSession?: (refreshToken: string) => Promise<void>;
 }
-export type RealmInternal = {
+export type IssuerInternal = {
   /**
    * Internal secret to sign JWT tokens and verify them.
    */
   secret: string;
 };
-export interface RealmExternal {
+export interface IssuerExternal {
   /**
    * URL to the JWKS (JSON Web Key Set) to verify JWT tokens from external providers.
    */
@@ -103,7 +106,7 @@ export interface RealmExternal {
 // ---------------------------------------------------------------------------------------------------------------------
-export class RealmPrimitive extends Primitive<RealmPrimitiveOptions> {
+export class IssuerPrimitive extends Primitive<IssuerPrimitiveOptions> {
   protected readonly securityProvider = $inject(SecurityProvider);
   protected readonly dateTimeProvider = $inject(DateTimeProvider);
   protected readonly jwt = $inject(JwtProvider);
@@ -148,14 +151,14 @@ export class RealmPrimitive extends Primitive<RealmPrimitiveOptions> {
   }
   /**
-   * Get all roles in the realm.
+   * Get all roles in the issuer.
    */
   public getRoles(): Role[] {
     return this.securityProvider.getRoles(this.name);
   }
   /**
-   * Set all roles in the realm.
+   * Set all roles in the issuer.
    */
   public async setRoles(roles: Role[]): Promise<void> {
     await this.securityProvider.updateRealm(this.name, roles);
@@ -336,7 +339,7 @@ export class RealmPrimitive extends Primitive<RealmPrimitiveOptions> {
   }
 }
-$realm[KIND] = RealmPrimitive;
+$issuer[KIND] = IssuerPrimitive;
 // ---------------------------------------------------------------------------------------------------------------------