alepha 0.14.4 → 0.15.0

package/dist/server/cache/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","names":[],"sources":["../../../src/server/cache/providers/ServerCacheProvider.ts","../../../src/server/cache/index.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;;AAWuB;;;;IAgBqB,KAAA,CAAA,EAHhC,gBAGgC;EACtB;EAAO,UAAA,eAAA,CAAA,gBADe,mBACf,CAAA,CAAA;IAAA,UAAA,EAAA,GAAA,GAAP,OAAO,CAAA,IAAA,CAAA;EAAA;AAY7B;AAAgC,cAAnB,mBAAA,CACW;EACG,mBAAA,GAAA,EAFK,cAAA,CACR,MACG;EACF,mBAAA,MAAA,EADE,MACF;EACC,mBAAA,IAAA,EADD,gBACC;EAAA,mBAAA,KAAA,EAAA,aAAA,CAAA,gBAAA,CAAA,eAAA,EAAA,GAAA,EAAA,CAAA;EAIK,YAAA,CAAA,OAAA,EAAA,UAAA,CAAA,EAAA,MAAA;EAIE,UAAA,CAAA,KAAA,EAAA,WAAA,CAAA,EAAW,OAAX,CAAA,IAAA,CAAA;EAAW,mBAAA,eAAA,EAAA,OAAA,CASR,aATQ,CAAA,kBAAA,CAAA;EAAA,mBASR,gBAAA,EAAA,OAAA,CAkCC,aAlCD,CAAA,mBAAA,CAAA;EAAA,mBAkCC,SAAA,EAAA,OAAA,CAiDP,aAjDO,CAAA,kBAAA,CAAA;EAAA,mBAiDP,MAAA,EAAA,OAAA,CA4DH,aA5DG,CAAA,eAAA,CAAA;EAAA,mBA4DH,UAAA,EAAA,OAAA,CAuCI,aAvCJ,CAAA,mBAAA,CAAA;EAAA,uBAuCI,CAAA,KAAA,CAAA,EA+FU,gBA/FV,CAAA,EAAA,MAAA,GAAA,SAAA;EA+FU,UAAA,iBAAA,CAAA,QAAA,EAAA,MAAA,GAiEQ,YAjER,CAAA,EAAA,MAAA;EAiEQ,UAAA,WAAA,CAAA,KAAA,CAAA,EAQjB,gBARiB,CAAA,EAAA,OAAA;EAQjB,UAAA,aAAA,CAAA,KAAA,CAAA,EAOE,gBAPF,CAAA,EAAA,OAAA;EAOE,UAAA,cAAA,CAAA,KAAA,EAQA,WARA,EAAA,MAAA,CAAA,EAQsB,aARtB,CAAA,EAAA,MAAA;EAQA;;;;;;AAmElC;;;;;EAuE2C,UAAA,qBAAA,CAAA,MAAA,EAlH/B,cAkH+B,CAlHhB,UAkHgB,CAAA,EAAA,GAAA,EAAA,MAAA,EAAA,MAAA,EAAA,MAAA,GAAA,SAAA,EAAA,WAAA,EAAA,MAAA,GAAA,SAAA,EAAA,YAAA,EAAA,OAAA,CAAA,EA7GtC,OA6GsC,CAAA,MAAA,GAAA,SAAA,CAAA;AAcrC;KArFM,gBAAA;;;ACvcZ;;;;;;;;;;;;;;;;iBD2dqB,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;sBA8CN;;;;;uBAKC;;;;;;;;;;;;;;;UAgBrB,eAAA;;;;;;;;;;;;;;;;;;AAzjBa;;;;;;;;;AA6BvB;;;;;;;;;;AAqBoC,cCvBvB,iBDyDwB,ECzDP,OAAA,CAAA,ODyDO,CCtDnC,OAAA,CAH4B,MAAA,CDyDO"}
+{"version":3,"file":"index.d.ts","names":[],"sources":["../../../src/server/cache/providers/ServerCacheProvider.ts","../../../src/server/cache/index.ts"],"mappings":";;;;;;;;;;;;;AAWuB;;;;;;YAaX,gBAAA;EAAA;EAAA,UAAA,eAAA,iBAGgC,mBAAA;IAAA,UAAA,QACtB,OAAA;EAAA;AAAA;AAAA,cAYT,mBAAA;EAAA,mBAAA,GAAA,EAAmB,cAAA,CACR,MAAA;EAAA,mBAAA,MAAA,EACG,MAAA;EAAA,mBAAA,IAAA,EACF,gBAAA;EAAA,mBAAA,KAAA,EACC,aAAA,CAAA,gBAAA,CAAA,eAAA;EAAA,aAAA,OAAA,EAIK,UAAA;EAAA,WAAA,KAAA,EAIE,WAAA,GAAW,OAAA;EAAA,mBAAA,eAAA,EAAA,OAAA,CASR,aAAA;EAAA,mBAAA,gBAAA,EAAA,OAAA,CAkCC,aAAA;EAAA,mBAAA,SAAA,EAAA,OAAA,CAiDP,aAAA;EAAA,mBAAA,MAAA,EAAA,OAAA,CA4DH,aAAA;EAAA,mBAAA,UAAA,EAAA,OAAA,CAuCI,aAAA;EAAA,wBAAA,KAAA,GA+FU,gBAAA;EAAA,UAAA,kBAAA,QAAA,WAiEQ,YAAA;EAAA,UAAA,YAAA,KAAA,GAQjB,gBAAA;EAAA,UAAA,cAAA,KAAA,GAOE,gBAAA;EAAA,UAAA,eAAA,KAAA,EAQA,WAAA,EAAA,MAAA,GAAsB,aAAA;EAAA;;;;;AAmExD;;;;;;EAnEwD,UAAA,sBAAA,MAAA,EAwB5C,cAAA,CAAe,UAAA,GAAA,GAAA,UAAA,MAAA,sBAAA,WAAA,sBAAA,YAAA,YAKtB,OAAA;AAAA;AAAA,KAsCO,gBAAA;AAAA;;;;;AAAA;AAAA;;;;;AAAA;EAAA;;;;;;AAqFN;EArFM,KAAA,UAoBS,YAAA,GAAe,qBAAA;EAAA;;;EAAA,IAAA;EAAA;;;;AAiE9B;EAjE8B,OAAA;EAAA;;;EAAA;EAAA;;;EAAA;IAAA;;;IAAA,MAAA;IAAA;;;IAAA,OAAA;IAAA;;;IAAA,OAAA;IAAA;;;IAAA,OAAA;IAAA;;;;AAiE9B;;;;IAjE8B,MAAA,YA8CN,YAAA;IAAA;;;AAmBxB;IAnBwB,OAAA,YAKC,YAAA;IAAA;;AAczB;IAdyB,cAAA;IAAA;;AAczB;IAdyB,eAAA;IAAA;;AAczB;IAdyB,SAAA;EAAA;AAAA;AAAA,UAgBrB,eAAA;EAAA,WAAA;EAAA,IAAA;EAAA,MAAA;EAAA,YAAA;EAAA,IAAA;AAAA;;;;AC9hBV;;;;;;;;;;;;;;;;;;;;;;;;;;;cAAa,iBAAA,EAAiB,OAAA,CAAA,OAAA,CAG5B,OAAA,CAH4B,MAAA"}

package/dist/server/cache/index.js

@@ -106,7 +106,7 @@ var ServerCacheProvider = class {
 	});
 	onSend = $hook({
 		on: "server:onSend",
-		handler: async ({ route, request }) => {
+		handler: ({ route, request }) => {
 			const cache = route.cache;
 			const shouldStore = this.shouldStore(cache);
 			const shouldUseEtag = this.shouldUseEtag(cache);

package/dist/server/cache/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","names":[],"sources":["../../../src/server/cache/providers/ServerCacheProvider.ts","../../../src/server/cache/index.ts"],"sourcesContent":["import type { BinaryLike } from \"node:crypto\";\nimport { createHash } from \"node:crypto\";\nimport { $hook, $inject, Alepha } from \"alepha\";\nimport { $cache, type CachePrimitiveOptions } from \"alepha/cache\";\nimport { DateTimeProvider, type DurationLike } from \"alepha/datetime\";\nimport { $logger } from \"alepha/logger\";\nimport {\n  ActionPrimitive,\n  type RequestConfigSchema,\n  type ServerRequest,\n  type ServerRoute,\n} from \"alepha/server\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\ndeclare module \"alepha/server\" {\n  interface ServerRoute {\n    /**\n     * Enable caching for this route.\n     * - If true: enables both store and etag\n     * - If object: fine-grained control over store, etag, and cache-control headers\n     *\n     * @default false\n     */\n    cache?: ServerRouteCache;\n  }\n\n  interface ActionPrimitive<TConfig extends RequestConfigSchema> {\n    invalidate: () => Promise<void>;\n  }\n}\n\nActionPrimitive.prototype.invalidate = async function (\n  this: ActionPrimitive<RequestConfigSchema>,\n) {\n  await this.alepha.inject(ServerCacheProvider).invalidate(this.route);\n};\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport class ServerCacheProvider {\n  protected readonly log = $logger();\n  protected readonly alepha = $inject(Alepha);\n  protected readonly time = $inject(DateTimeProvider);\n  protected readonly cache = $cache<RouteCacheEntry>({\n    provider: \"memory\",\n  });\n\n  public generateETag(content: BinaryLike): string {\n    return `\"${createHash(\"md5\").update(content).digest(\"hex\")}\"`;\n  }\n\n  public async invalidate(route: ServerRoute) {\n    const cache = route.cache;\n    if (!cache) {\n      return;\n    }\n\n    await this.cache.invalidate(this.createCacheKey(route));\n  }\n\n  protected readonly onActionRequest = $hook({\n    on: \"action:onRequest\",\n    handler: async ({ action, request }) => {\n      const cache = action.route.cache;\n\n      const shouldStore = this.shouldStore(cache);\n\n      // Only check cache if storing is enabled\n      if (shouldStore) {\n        const key = this.createCacheKey(action.route, request);\n        const cached = await this.cache.get(key);\n\n        if (cached) {\n          const body =\n            cached.contentType === \"application/json\"\n              ? JSON.parse(cached.body)\n              : cached.body;\n\n          this.log.trace(\"Cache hit for action\", {\n            key,\n            action: action.name,\n          });\n\n          request.reply.body = body; // just re-use, full trust\n        } else {\n          this.log.trace(\"Cache miss for action\", {\n            key,\n            action: action.name,\n          });\n        }\n      }\n    },\n  });\n\n  protected readonly onActionResponse = $hook({\n    on: \"action:onResponse\",\n    handler: async ({ action, request, response }) => {\n      const cache = action.route.cache;\n\n      const shouldStore = this.shouldStore(cache);\n\n      if (!shouldStore || !response) {\n        return;\n      }\n\n      // Don't cache error responses (status >= 400)\n      if (request.reply.status && request.reply.status >= 400) {\n        return;\n      }\n\n      // TODO: serialize the response body, exactly like in the server response hook\n      // this is bad\n      const contentType =\n        typeof response === \"string\" ? \"text/plain\" : \"application/json\";\n      const body =\n        contentType === \"text/plain\" ? response : JSON.stringify(response);\n\n      const generatedEtag = this.generateETag(body);\n      const lastModified = this.time.toISOString();\n\n      // Store response for cached actions\n      const key = this.createCacheKey(action.route, request);\n\n      this.log.trace(\"Storing response\", {\n        key,\n        action: action.name,\n      });\n\n      await this.cache.set(key, {\n        body: body,\n        lastModified,\n        contentType: contentType,\n        hash: generatedEtag,\n      });\n\n      // Set Cache-Control header if configured (for HTTP responses)\n      const cacheControl = this.buildCacheControlHeader(cache);\n      if (cacheControl) {\n        request.reply.setHeader(\"cache-control\", cacheControl);\n      }\n    },\n  });\n\n  protected readonly onRequest = $hook({\n    on: \"server:onRequest\",\n    handler: async ({ route, request }) => {\n      const cache = route.cache;\n\n      const shouldStore = this.shouldStore(cache);\n      const shouldUseEtag = this.shouldUseEtag(cache);\n\n      // Check for cached response or ETag\n      if (!shouldStore && !shouldUseEtag) {\n        return;\n      }\n\n      const key = this.createCacheKey(route, request);\n      const cached = await this.cache.get(key);\n\n      if (cached) {\n        // Check if client has matching ETag - return 304 for both cached and etag-only routes\n        if (\n          request.headers[\"if-none-match\"] === cached.hash ||\n          request.headers[\"if-modified-since\"] === cached.lastModified\n        ) {\n          request.reply.status = 304;\n          request.reply.setHeader(\"etag\", cached.hash);\n          request.reply.setHeader(\"last-modified\", cached.lastModified);\n          this.log.trace(\"ETag match, returning 304\", {\n            route: route.path,\n            etag: cached.hash,\n          });\n          return;\n        }\n\n        // Only serve cached content if storing is enabled (not for etag-only routes)\n        if (shouldStore) {\n          this.log.trace(\"Cache hit for route\", {\n            key,\n            route: route.path,\n          });\n\n          // if the cache is found, we can skip the request processing\n          // and return the cached response\n          request.reply.body = cached.body;\n          request.reply.status = cached.status ?? 200;\n\n          if (cached.contentType) {\n            request.reply.setHeader(\"Content-Type\", cached.contentType);\n          }\n\n          request.reply.setHeader(\"etag\", cached.hash);\n          request.reply.setHeader(\"last-modified\", cached.lastModified);\n        }\n      } else if (shouldStore) {\n        this.log.trace(\"Cache miss for route\", {\n          key,\n          route: route.path,\n        });\n      }\n    },\n  });\n\n  protected readonly onSend = $hook({\n    on: \"server:onSend\",\n    handler: async ({ route, request }) => {\n      // before sending the response, check if the ETag matches\n      // and if so, return a 304 Not Modified response\n      // -> this is only relevant for etag-only routes, not cached routes <-\n      const cache = route.cache;\n\n      const shouldStore = this.shouldStore(cache);\n      const shouldUseEtag = this.shouldUseEtag(cache);\n\n      if (request.reply.headers.etag) {\n        // ETag already set, skip\n        return;\n      }\n\n      if (\n        !shouldStore &&\n        shouldUseEtag &&\n        request.reply.body != null &&\n        (typeof request.reply.body === \"string\" ||\n          Buffer.isBuffer(request.reply.body))\n      ) {\n        const generatedEtag = this.generateETag(request.reply.body);\n\n        if (request.headers[\"if-none-match\"] === generatedEtag) {\n          request.reply.status = 304;\n          request.reply.body = undefined;\n          request.reply.setHeader(\"etag\", generatedEtag);\n          this.log.trace(\"ETag match on send, returning 304\", {\n            route: route.path,\n            etag: generatedEtag,\n          });\n          return;\n        }\n      }\n    },\n  });\n\n  protected readonly onResponse = $hook({\n    on: \"server:onResponse\",\n    priority: \"first\",\n    handler: async ({ route, request, response }) => {\n      const cache = route.cache;\n\n      // Set Cache-Control header if configured\n      const cacheControl = this.buildCacheControlHeader(cache);\n      if (cacheControl) {\n        response.headers[\"cache-control\"] = cacheControl;\n      }\n\n      const shouldStore = this.shouldStore(cache);\n      const shouldUseEtag = this.shouldUseEtag(cache);\n\n      // Skip if neither cache nor etag is enabled\n      if (!shouldStore && !shouldUseEtag) {\n        return;\n      }\n\n      // Don't cache error responses (status >= 400)\n      if (response.status && response.status >= 400) {\n        return;\n      }\n\n      // Initialize headers if not present\n      response.headers ??= {};\n\n      const key = this.createCacheKey(route, request);\n\n      // Handle ReadableStream responses (e.g., SSR streaming)\n      if (response.body instanceof ReadableStream && shouldStore) {\n        // Tee the stream: one for client, one for cache collection\n        const [clientStream, cacheStream] = (\n          response.body as ReadableStream<Uint8Array>\n        ).tee();\n\n        // Replace response body with client stream (continues streaming to client)\n        response.body = clientStream as typeof response.body;\n\n        // Collect cache stream in background (non-blocking)\n        this.collectStreamForCache(\n          cacheStream,\n          key,\n          response.status,\n          response.headers?.[\"content-type\"],\n          shouldUseEtag,\n        )\n          .then((hash) => {\n            if (shouldUseEtag && hash) {\n              // Note: headers already sent for streaming, etag only useful for future requests\n              this.log.trace(\"Stream cached with hash\", { key, hash });\n            }\n          })\n          .catch((err) => {\n            this.log.warn(\"Failed to cache stream\", { key, error: err });\n          });\n\n        return;\n      }\n\n      // Only process string responses (text, html, json, etc.)\n      if (typeof response.body !== \"string\") {\n        return;\n      }\n\n      const generatedEtag = this.generateETag(response.body);\n      const lastModified = this.time.toISOString();\n\n      // Store response if storing is enabled\n      if (shouldStore) {\n        this.log.trace(\"Storing response\", {\n          key,\n          route: route.path,\n          cache: !!cache,\n          etag: shouldUseEtag,\n        });\n\n        await this.cache.set(key, {\n          body: response.body,\n          status: response.status,\n          contentType: response.headers?.[\"content-type\"],\n          lastModified,\n          hash: generatedEtag,\n        });\n      }\n\n      // Set ETag headers if etag is enabled\n      if (shouldUseEtag) {\n        response.headers.etag = generatedEtag;\n        response.headers[\"last-modified\"] = lastModified;\n      }\n    },\n  });\n\n  public buildCacheControlHeader(cache?: ServerRouteCache): string | undefined {\n    if (!cache) {\n      return undefined;\n    }\n\n    // If cache is true or a DurationLike, no Cache-Control header is set\n    if (\n      cache === true ||\n      typeof cache === \"string\" ||\n      typeof cache === \"number\"\n    ) {\n      return undefined;\n    }\n\n    const control = cache.control;\n    if (!control) {\n      return undefined;\n    }\n\n    // If control is a string, return it directly\n    if (typeof control === \"string\") {\n      return control;\n    }\n\n    // If control is true, return default Cache-Control\n    if (control === true) {\n      return \"public, max-age=300\";\n    }\n\n    // Build Cache-Control from object directives\n    const directives: string[] = [];\n\n    if (control.public) {\n      directives.push(\"public\");\n    }\n    if (control.private) {\n      directives.push(\"private\");\n    }\n    if (control.noCache) {\n      directives.push(\"no-cache\");\n    }\n    if (control.noStore) {\n      directives.push(\"no-store\");\n    }\n    if (control.maxAge !== undefined) {\n      const maxAgeSeconds = this.durationToSeconds(control.maxAge);\n      directives.push(`max-age=${maxAgeSeconds}`);\n    }\n    if (control.sMaxAge !== undefined) {\n      const sMaxAgeSeconds = this.durationToSeconds(control.sMaxAge);\n      directives.push(`s-maxage=${sMaxAgeSeconds}`);\n    }\n    if (control.mustRevalidate) {\n      directives.push(\"must-revalidate\");\n    }\n    if (control.proxyRevalidate) {\n      directives.push(\"proxy-revalidate\");\n    }\n    if (control.immutable) {\n      directives.push(\"immutable\");\n    }\n\n    return directives.length > 0 ? directives.join(\", \") : undefined;\n  }\n\n  protected durationToSeconds(duration: number | DurationLike): number {\n    if (typeof duration === \"number\") {\n      return duration;\n    }\n\n    return this.time.duration(duration).asSeconds();\n  }\n\n  protected shouldStore(cache?: ServerRouteCache): boolean {\n    if (!cache) return false;\n    if (cache === true) return true;\n    if (typeof cache === \"object\" && cache.store) return true;\n    return false;\n  }\n\n  protected shouldUseEtag(cache?: ServerRouteCache): boolean {\n    // cache: true enables etag\n    if (cache === true) return true;\n    // Check object form\n    if (typeof cache === \"object\" && cache.etag) return true;\n    return false;\n  }\n\n  protected createCacheKey(route: ServerRoute, config?: ServerRequest): string {\n    const params: string[] = [];\n    for (const [key, value] of Object.entries(config?.params ?? {})) {\n      params.push(`${key}=${value}`);\n    }\n    for (const [key, value] of Object.entries(config?.query ?? {})) {\n      params.push(`${key}=${value}`);\n    }\n\n    return `${route.method}:${route.path.replaceAll(\":\", \"\")}:${params.join(\",\").replaceAll(\":\", \"\")}`;\n  }\n\n  /**\n   * Collect a ReadableStream into a string and store it in the cache.\n   * This runs in the background while the original stream is sent to the client.\n   *\n   * @param stream - The stream to collect\n   * @param key - Cache key\n   * @param status - HTTP status code\n   * @param contentType - Content-Type header\n   * @param generateEtag - Whether to generate and return an ETag\n   * @returns The generated ETag hash, or undefined\n   */\n  protected async collectStreamForCache(\n    stream: ReadableStream<Uint8Array>,\n    key: string,\n    status: number | undefined,\n    contentType: string | undefined,\n    generateEtag: boolean,\n  ): Promise<string | undefined> {\n    const chunks: Uint8Array[] = [];\n    const reader = stream.getReader();\n\n    try {\n      while (true) {\n        const { done, value } = await reader.read();\n        if (done) break;\n        chunks.push(value);\n      }\n\n      // Combine chunks into a single string\n      const decoder = new TextDecoder();\n      const body =\n        chunks\n          .map((chunk) => decoder.decode(chunk, { stream: true }))\n          .join(\"\") + decoder.decode(); // Flush remaining\n\n      const hash = this.generateETag(body);\n      const lastModified = this.time.toISOString();\n\n      this.log.trace(\"Storing streamed response\", { key });\n\n      await this.cache.set(key, {\n        body,\n        status,\n        contentType,\n        lastModified,\n        hash,\n      });\n\n      return generateEtag ? hash : undefined;\n    } finally {\n      reader.releaseLock();\n    }\n  }\n}\n\nexport type ServerRouteCache =\n  /**\n   * If true, enables caching with:\n   * - store: true\n   * - etag: true\n   */\n  | boolean\n  /**\n   * Object configuration for fine-grained cache control.\n   *\n   * If empty, no caching will be applied.\n   */\n  | {\n      /**\n       * If true, enables storing cached responses. (in-memory, Redis, @see alepha/cache for other providers)\n       * If a DurationLike is provided, it will be used as the TTL for the cache.\n       * If CachePrimitiveOptions is provided, it will be used to configure the cache storage.\n       *\n       * @default false\n       */\n      store?: true | DurationLike | CachePrimitiveOptions;\n      /**\n       * If true, enables ETag support for the cached responses.\n       */\n      etag?: true;\n      /**\n       * - If true, sets Cache-Control to \"public, max-age=300\" (5 minutes).\n       * - If string, sets Cache-Control to the provided value directly.\n       * - If object, configures Cache-Control directives.\n       */\n      control?: /**\n       * If true, sets Cache-Control to \"public, max-age=300\" (5 minutes).\n       */\n        | true\n        /**\n         * If string, sets Cache-Control to the provided value directly.\n         */\n        | string\n        /**\n         * If object, configures Cache-Control directives.\n         */\n        | {\n            /**\n             * Indicates that the response may be cached by any cache.\n             */\n            public?: boolean;\n            /**\n             * Indicates that the response is intended for a single user and must not be stored by a shared cache.\n             */\n            private?: boolean;\n            /**\n             * Forces caches to submit the request to the origin server for validation before releasing a cached copy.\n             */\n            noCache?: boolean;\n            /**\n             * Instructs caches not to store the response.\n             */\n            noStore?: boolean;\n            /**\n             * Maximum amount of time a resource is considered fresh.\n             * Can be specified as a number (seconds) or as a DurationLike object.\n             *\n             * @example 300 // 5 minutes in seconds\n             * @example { minutes: 5 } // 5 minutes\n             * @example { hours: 1 } // 1 hour\n             */\n            maxAge?: number | DurationLike;\n            /**\n             * Overrides max-age for shared caches (e.g., CDNs).\n             * Can be specified as a number (seconds) or as a DurationLike object.\n             */\n            sMaxAge?: number | DurationLike;\n            /**\n             * Indicates that once a resource becomes stale, caches must not use it without successful validation.\n             */\n            mustRevalidate?: boolean;\n            /**\n             * Similar to must-revalidate, but only for shared caches.\n             */\n            proxyRevalidate?: boolean;\n            /**\n             * Indicates that the response can be stored but must be revalidated before each use.\n             */\n            immutable?: boolean;\n          };\n    };\n\ninterface RouteCacheEntry {\n  contentType?: string;\n  body: any;\n  status?: number;\n  lastModified: string;\n  hash: string;\n}\n","import { $module } from \"alepha\";\nimport { AlephaCache } from \"alepha/cache\";\nimport { ServerCacheProvider } from \"./providers/ServerCacheProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./providers/ServerCacheProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\n/**\n * Plugin for Alepha Server that provides server-side caching capabilities.\n * It uses the Alepha Cache module to cache responses from server actions ($action).\n * It also provides a ETag-based cache invalidation mechanism.\n *\n * @example\n * ```ts\n * import { Alepha } from \"alepha\";\n * import { $action } from \"alepha/server\";\n * import { AlephaServerCache } from \"alepha/server/cache\";\n *\n * class ApiServer {\n *   hello = $action({\n *     cache: true,\n *     handler: () => \"Hello, World!\",\n *   });\n * }\n *\n * const alepha = Alepha.create()\n *   .with(AlephaServerCache)\n *   .with(ApiServer);\n *\n * run(alepha);\n * ```\n *\n * @see {@link ServerCacheProvider}\n * @module alepha.server.cache\n */\nexport const AlephaServerCache = $module({\n  name: \"alepha.server.cache\",\n  services: [AlephaCache, ServerCacheProvider],\n});\n"],"mappings":";;;;;;;;AAgCA,gBAAgB,UAAU,aAAa,iBAErC;AACA,OAAM,KAAK,OAAO,OAAO,oBAAoB,CAAC,WAAW,KAAK,MAAM;;AAKtE,IAAa,sBAAb,MAAiC;CAC/B,AAAmB,MAAM,SAAS;CAClC,AAAmB,SAAS,QAAQ,OAAO;CAC3C,AAAmB,OAAO,QAAQ,iBAAiB;CACnD,AAAmB,QAAQ,OAAwB,EACjD,UAAU,UACX,CAAC;CAEF,AAAO,aAAa,SAA6B;AAC/C,SAAO,IAAI,WAAW,MAAM,CAAC,OAAO,QAAQ,CAAC,OAAO,MAAM,CAAC;;CAG7D,MAAa,WAAW,OAAoB;AAE1C,MAAI,CADU,MAAM,MAElB;AAGF,QAAM,KAAK,MAAM,WAAW,KAAK,eAAe,MAAM,CAAC;;CAGzD,AAAmB,kBAAkB,MAAM;EACzC,IAAI;EACJ,SAAS,OAAO,EAAE,QAAQ,cAAc;GACtC,MAAM,QAAQ,OAAO,MAAM;AAK3B,OAHoB,KAAK,YAAY,MAAM,EAG1B;IACf,MAAM,MAAM,KAAK,eAAe,OAAO,OAAO,QAAQ;IACtD,MAAM,SAAS,MAAM,KAAK,MAAM,IAAI,IAAI;AAExC,QAAI,QAAQ;KACV,MAAM,OACJ,OAAO,gBAAgB,qBACnB,KAAK,MAAM,OAAO,KAAK,GACvB,OAAO;AAEb,UAAK,IAAI,MAAM,wBAAwB;MACrC;MACA,QAAQ,OAAO;MAChB,CAAC;AAEF,aAAQ,MAAM,OAAO;UAErB,MAAK,IAAI,MAAM,yBAAyB;KACtC;KACA,QAAQ,OAAO;KAChB,CAAC;;;EAIT,CAAC;CAEF,AAAmB,mBAAmB,MAAM;EAC1C,IAAI;EACJ,SAAS,OAAO,EAAE,QAAQ,SAAS,eAAe;GAChD,MAAM,QAAQ,OAAO,MAAM;AAI3B,OAAI,CAFgB,KAAK,YAAY,MAAM,IAEvB,CAAC,SACnB;AAIF,OAAI,QAAQ,MAAM,UAAU,QAAQ,MAAM,UAAU,IAClD;GAKF,MAAM,cACJ,OAAO,aAAa,WAAW,eAAe;GAChD,MAAM,OACJ,gBAAgB,eAAe,WAAW,KAAK,UAAU,SAAS;GAEpE,MAAM,gBAAgB,KAAK,aAAa,KAAK;GAC7C,MAAM,eAAe,KAAK,KAAK,aAAa;GAG5C,MAAM,MAAM,KAAK,eAAe,OAAO,OAAO,QAAQ;AAEtD,QAAK,IAAI,MAAM,oBAAoB;IACjC;IACA,QAAQ,OAAO;IAChB,CAAC;AAEF,SAAM,KAAK,MAAM,IAAI,KAAK;IAClB;IACN;IACa;IACb,MAAM;IACP,CAAC;GAGF,MAAM,eAAe,KAAK,wBAAwB,MAAM;AACxD,OAAI,aACF,SAAQ,MAAM,UAAU,iBAAiB,aAAa;;EAG3D,CAAC;CAEF,AAAmB,YAAY,MAAM;EACnC,IAAI;EACJ,SAAS,OAAO,EAAE,OAAO,cAAc;GACrC,MAAM,QAAQ,MAAM;GAEpB,MAAM,cAAc,KAAK,YAAY,MAAM;GAC3C,MAAM,gBAAgB,KAAK,cAAc,MAAM;AAG/C,OAAI,CAAC,eAAe,CAAC,cACnB;GAGF,MAAM,MAAM,KAAK,eAAe,OAAO,QAAQ;GAC/C,MAAM,SAAS,MAAM,KAAK,MAAM,IAAI,IAAI;AAExC,OAAI,QAAQ;AAEV,QACE,QAAQ,QAAQ,qBAAqB,OAAO,QAC5C,QAAQ,QAAQ,yBAAyB,OAAO,cAChD;AACA,aAAQ,MAAM,SAAS;AACvB,aAAQ,MAAM,UAAU,QAAQ,OAAO,KAAK;AAC5C,aAAQ,MAAM,UAAU,iBAAiB,OAAO,aAAa;AAC7D,UAAK,IAAI,MAAM,6BAA6B;MAC1C,OAAO,MAAM;MACb,MAAM,OAAO;MACd,CAAC;AACF;;AAIF,QAAI,aAAa;AACf,UAAK,IAAI,MAAM,uBAAuB;MACpC;MACA,OAAO,MAAM;MACd,CAAC;AAIF,aAAQ,MAAM,OAAO,OAAO;AAC5B,aAAQ,MAAM,SAAS,OAAO,UAAU;AAExC,SAAI,OAAO,YACT,SAAQ,MAAM,UAAU,gBAAgB,OAAO,YAAY;AAG7D,aAAQ,MAAM,UAAU,QAAQ,OAAO,KAAK;AAC5C,aAAQ,MAAM,UAAU,iBAAiB,OAAO,aAAa;;cAEtD,YACT,MAAK,IAAI,MAAM,wBAAwB;IACrC;IACA,OAAO,MAAM;IACd,CAAC;;EAGP,CAAC;CAEF,AAAmB,SAAS,MAAM;EAChC,IAAI;EACJ,SAAS,OAAO,EAAE,OAAO,cAAc;GAIrC,MAAM,QAAQ,MAAM;GAEpB,MAAM,cAAc,KAAK,YAAY,MAAM;GAC3C,MAAM,gBAAgB,KAAK,cAAc,MAAM;AAE/C,OAAI,QAAQ,MAAM,QAAQ,KAExB;AAGF,OACE,CAAC,eACD,iBACA,QAAQ,MAAM,QAAQ,SACrB,OAAO,QAAQ,MAAM,SAAS,YAC7B,OAAO,SAAS,QAAQ,MAAM,KAAK,GACrC;IACA,MAAM,gBAAgB,KAAK,aAAa,QAAQ,MAAM,KAAK;AAE3D,QAAI,QAAQ,QAAQ,qBAAqB,eAAe;AACtD,aAAQ,MAAM,SAAS;AACvB,aAAQ,MAAM,OAAO;AACrB,aAAQ,MAAM,UAAU,QAAQ,cAAc;AAC9C,UAAK,IAAI,MAAM,qCAAqC;MAClD,OAAO,MAAM;MACb,MAAM;MACP,CAAC;AACF;;;;EAIP,CAAC;CAEF,AAAmB,aAAa,MAAM;EACpC,IAAI;EACJ,UAAU;EACV,SAAS,OAAO,EAAE,OAAO,SAAS,eAAe;GAC/C,MAAM,QAAQ,MAAM;GAGpB,MAAM,eAAe,KAAK,wBAAwB,MAAM;AACxD,OAAI,aACF,UAAS,QAAQ,mBAAmB;GAGtC,MAAM,cAAc,KAAK,YAAY,MAAM;GAC3C,MAAM,gBAAgB,KAAK,cAAc,MAAM;AAG/C,OAAI,CAAC,eAAe,CAAC,cACnB;AAIF,OAAI,SAAS,UAAU,SAAS,UAAU,IACxC;AAIF,YAAS,YAAY,EAAE;GAEvB,MAAM,MAAM,KAAK,eAAe,OAAO,QAAQ;AAG/C,OAAI,SAAS,gBAAgB,kBAAkB,aAAa;IAE1D,MAAM,CAAC,cAAc,eACnB,SAAS,KACT,KAAK;AAGP,aAAS,OAAO;AAGhB,SAAK,sBACH,aACA,KACA,SAAS,QACT,SAAS,UAAU,iBACnB,cACD,CACE,MAAM,SAAS;AACd,SAAI,iBAAiB,KAEnB,MAAK,IAAI,MAAM,2BAA2B;MAAE;MAAK;MAAM,CAAC;MAE1D,CACD,OAAO,QAAQ;AACd,UAAK,IAAI,KAAK,0BAA0B;MAAE;MAAK,OAAO;MAAK,CAAC;MAC5D;AAEJ;;AAIF,OAAI,OAAO,SAAS,SAAS,SAC3B;GAGF,MAAM,gBAAgB,KAAK,aAAa,SAAS,KAAK;GACtD,MAAM,eAAe,KAAK,KAAK,aAAa;AAG5C,OAAI,aAAa;AACf,SAAK,IAAI,MAAM,oBAAoB;KACjC;KACA,OAAO,MAAM;KACb,OAAO,CAAC,CAAC;KACT,MAAM;KACP,CAAC;AAEF,UAAM,KAAK,MAAM,IAAI,KAAK;KACxB,MAAM,SAAS;KACf,QAAQ,SAAS;KACjB,aAAa,SAAS,UAAU;KAChC;KACA,MAAM;KACP,CAAC;;AAIJ,OAAI,eAAe;AACjB,aAAS,QAAQ,OAAO;AACxB,aAAS,QAAQ,mBAAmB;;;EAGzC,CAAC;CAEF,AAAO,wBAAwB,OAA8C;AAC3E,MAAI,CAAC,MACH;AAIF,MACE,UAAU,QACV,OAAO,UAAU,YACjB,OAAO,UAAU,SAEjB;EAGF,MAAM,UAAU,MAAM;AACtB,MAAI,CAAC,QACH;AAIF,MAAI,OAAO,YAAY,SACrB,QAAO;AAIT,MAAI,YAAY,KACd,QAAO;EAIT,MAAM,aAAuB,EAAE;AAE/B,MAAI,QAAQ,OACV,YAAW,KAAK,SAAS;AAE3B,MAAI,QAAQ,QACV,YAAW,KAAK,UAAU;AAE5B,MAAI,QAAQ,QACV,YAAW,KAAK,WAAW;AAE7B,MAAI,QAAQ,QACV,YAAW,KAAK,WAAW;AAE7B,MAAI,QAAQ,WAAW,QAAW;GAChC,MAAM,gBAAgB,KAAK,kBAAkB,QAAQ,OAAO;AAC5D,cAAW,KAAK,WAAW,gBAAgB;;AAE7C,MAAI,QAAQ,YAAY,QAAW;GACjC,MAAM,iBAAiB,KAAK,kBAAkB,QAAQ,QAAQ;AAC9D,cAAW,KAAK,YAAY,iBAAiB;;AAE/C,MAAI,QAAQ,eACV,YAAW,KAAK,kBAAkB;AAEpC,MAAI,QAAQ,gBACV,YAAW,KAAK,mBAAmB;AAErC,MAAI,QAAQ,UACV,YAAW,KAAK,YAAY;AAG9B,SAAO,WAAW,SAAS,IAAI,WAAW,KAAK,KAAK,GAAG;;CAGzD,AAAU,kBAAkB,UAAyC;AACnE,MAAI,OAAO,aAAa,SACtB,QAAO;AAGT,SAAO,KAAK,KAAK,SAAS,SAAS,CAAC,WAAW;;CAGjD,AAAU,YAAY,OAAmC;AACvD,MAAI,CAAC,MAAO,QAAO;AACnB,MAAI,UAAU,KAAM,QAAO;AAC3B,MAAI,OAAO,UAAU,YAAY,MAAM,MAAO,QAAO;AACrD,SAAO;;CAGT,AAAU,cAAc,OAAmC;AAEzD,MAAI,UAAU,KAAM,QAAO;AAE3B,MAAI,OAAO,UAAU,YAAY,MAAM,KAAM,QAAO;AACpD,SAAO;;CAGT,AAAU,eAAe,OAAoB,QAAgC;EAC3E,MAAM,SAAmB,EAAE;AAC3B,OAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,QAAQ,UAAU,EAAE,CAAC,CAC7D,QAAO,KAAK,GAAG,IAAI,GAAG,QAAQ;AAEhC,OAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,QAAQ,SAAS,EAAE,CAAC,CAC5D,QAAO,KAAK,GAAG,IAAI,GAAG,QAAQ;AAGhC,SAAO,GAAG,MAAM,OAAO,GAAG,MAAM,KAAK,WAAW,KAAK,GAAG,CAAC,GAAG,OAAO,KAAK,IAAI,CAAC,WAAW,KAAK,GAAG;;;;;;;;;;;;;CAclG,MAAgB,sBACd,QACA,KACA,QACA,aACA,cAC6B;EAC7B,MAAM,SAAuB,EAAE;EAC/B,MAAM,SAAS,OAAO,WAAW;AAEjC,MAAI;AACF,UAAO,MAAM;IACX,MAAM,EAAE,MAAM,UAAU,MAAM,OAAO,MAAM;AAC3C,QAAI,KAAM;AACV,WAAO,KAAK,MAAM;;GAIpB,MAAM,UAAU,IAAI,aAAa;GACjC,MAAM,OACJ,OACG,KAAK,UAAU,QAAQ,OAAO,OAAO,EAAE,QAAQ,MAAM,CAAC,CAAC,CACvD,KAAK,GAAG,GAAG,QAAQ,QAAQ;GAEhC,MAAM,OAAO,KAAK,aAAa,KAAK;GACpC,MAAM,eAAe,KAAK,KAAK,aAAa;AAE5C,QAAK,IAAI,MAAM,6BAA6B,EAAE,KAAK,CAAC;AAEpD,SAAM,KAAK,MAAM,IAAI,KAAK;IACxB;IACA;IACA;IACA;IACA;IACD,CAAC;AAEF,UAAO,eAAe,OAAO;YACrB;AACR,UAAO,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AClc1B,MAAa,oBAAoB,QAAQ;CACvC,MAAM;CACN,UAAU,CAAC,aAAa,oBAAoB;CAC7C,CAAC"}
+{"version":3,"file":"index.js","names":[],"sources":["../../../src/server/cache/providers/ServerCacheProvider.ts","../../../src/server/cache/index.ts"],"sourcesContent":["import type { BinaryLike } from \"node:crypto\";\nimport { createHash } from \"node:crypto\";\nimport { $hook, $inject, Alepha } from \"alepha\";\nimport { $cache, type CachePrimitiveOptions } from \"alepha/cache\";\nimport { DateTimeProvider, type DurationLike } from \"alepha/datetime\";\nimport { $logger } from \"alepha/logger\";\nimport {\n  ActionPrimitive,\n  type RequestConfigSchema,\n  type ServerRequest,\n  type ServerRoute,\n} from \"alepha/server\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\ndeclare module \"alepha/server\" {\n  interface ServerRoute {\n    /**\n     * Enable caching for this route.\n     * - If true: enables both store and etag\n     * - If object: fine-grained control over store, etag, and cache-control headers\n     *\n     * @default false\n     */\n    cache?: ServerRouteCache;\n  }\n\n  interface ActionPrimitive<TConfig extends RequestConfigSchema> {\n    invalidate: () => Promise<void>;\n  }\n}\n\nActionPrimitive.prototype.invalidate = async function (\n  this: ActionPrimitive<RequestConfigSchema>,\n) {\n  await this.alepha.inject(ServerCacheProvider).invalidate(this.route);\n};\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport class ServerCacheProvider {\n  protected readonly log = $logger();\n  protected readonly alepha = $inject(Alepha);\n  protected readonly time = $inject(DateTimeProvider);\n  protected readonly cache = $cache<RouteCacheEntry>({\n    provider: \"memory\",\n  });\n\n  public generateETag(content: BinaryLike): string {\n    return `\"${createHash(\"md5\").update(content).digest(\"hex\")}\"`;\n  }\n\n  public async invalidate(route: ServerRoute) {\n    const cache = route.cache;\n    if (!cache) {\n      return;\n    }\n\n    await this.cache.invalidate(this.createCacheKey(route));\n  }\n\n  protected readonly onActionRequest = $hook({\n    on: \"action:onRequest\",\n    handler: async ({ action, request }) => {\n      const cache = action.route.cache;\n\n      const shouldStore = this.shouldStore(cache);\n\n      // Only check cache if storing is enabled\n      if (shouldStore) {\n        const key = this.createCacheKey(action.route, request);\n        const cached = await this.cache.get(key);\n\n        if (cached) {\n          const body =\n            cached.contentType === \"application/json\"\n              ? JSON.parse(cached.body)\n              : cached.body;\n\n          this.log.trace(\"Cache hit for action\", {\n            key,\n            action: action.name,\n          });\n\n          request.reply.body = body; // just re-use, full trust\n        } else {\n          this.log.trace(\"Cache miss for action\", {\n            key,\n            action: action.name,\n          });\n        }\n      }\n    },\n  });\n\n  protected readonly onActionResponse = $hook({\n    on: \"action:onResponse\",\n    handler: async ({ action, request, response }) => {\n      const cache = action.route.cache;\n\n      const shouldStore = this.shouldStore(cache);\n\n      if (!shouldStore || !response) {\n        return;\n      }\n\n      // Don't cache error responses (status >= 400)\n      if (request.reply.status && request.reply.status >= 400) {\n        return;\n      }\n\n      // TODO: serialize the response body, exactly like in the server response hook\n      // this is bad\n      const contentType =\n        typeof response === \"string\" ? \"text/plain\" : \"application/json\";\n      const body =\n        contentType === \"text/plain\" ? response : JSON.stringify(response);\n\n      const generatedEtag = this.generateETag(body);\n      const lastModified = this.time.toISOString();\n\n      // Store response for cached actions\n      const key = this.createCacheKey(action.route, request);\n\n      this.log.trace(\"Storing response\", {\n        key,\n        action: action.name,\n      });\n\n      await this.cache.set(key, {\n        body: body,\n        lastModified,\n        contentType: contentType,\n        hash: generatedEtag,\n      });\n\n      // Set Cache-Control header if configured (for HTTP responses)\n      const cacheControl = this.buildCacheControlHeader(cache);\n      if (cacheControl) {\n        request.reply.setHeader(\"cache-control\", cacheControl);\n      }\n    },\n  });\n\n  protected readonly onRequest = $hook({\n    on: \"server:onRequest\",\n    handler: async ({ route, request }) => {\n      const cache = route.cache;\n\n      const shouldStore = this.shouldStore(cache);\n      const shouldUseEtag = this.shouldUseEtag(cache);\n\n      // Check for cached response or ETag\n      if (!shouldStore && !shouldUseEtag) {\n        return;\n      }\n\n      const key = this.createCacheKey(route, request);\n      const cached = await this.cache.get(key);\n\n      if (cached) {\n        // Check if client has matching ETag - return 304 for both cached and etag-only routes\n        if (\n          request.headers[\"if-none-match\"] === cached.hash ||\n          request.headers[\"if-modified-since\"] === cached.lastModified\n        ) {\n          request.reply.status = 304;\n          request.reply.setHeader(\"etag\", cached.hash);\n          request.reply.setHeader(\"last-modified\", cached.lastModified);\n          this.log.trace(\"ETag match, returning 304\", {\n            route: route.path,\n            etag: cached.hash,\n          });\n          return;\n        }\n\n        // Only serve cached content if storing is enabled (not for etag-only routes)\n        if (shouldStore) {\n          this.log.trace(\"Cache hit for route\", {\n            key,\n            route: route.path,\n          });\n\n          // if the cache is found, we can skip the request processing\n          // and return the cached response\n          request.reply.body = cached.body;\n          request.reply.status = cached.status ?? 200;\n\n          if (cached.contentType) {\n            request.reply.setHeader(\"Content-Type\", cached.contentType);\n          }\n\n          request.reply.setHeader(\"etag\", cached.hash);\n          request.reply.setHeader(\"last-modified\", cached.lastModified);\n        }\n      } else if (shouldStore) {\n        this.log.trace(\"Cache miss for route\", {\n          key,\n          route: route.path,\n        });\n      }\n    },\n  });\n\n  protected readonly onSend = $hook({\n    on: \"server:onSend\",\n    handler: ({ route, request }) => {\n      // before sending the response, check if the ETag matches\n      // and if so, return a 304 Not Modified response\n      // -> this is only relevant for etag-only routes, not cached routes <-\n      const cache = route.cache;\n\n      const shouldStore = this.shouldStore(cache);\n      const shouldUseEtag = this.shouldUseEtag(cache);\n\n      if (request.reply.headers.etag) {\n        // ETag already set, skip\n        return;\n      }\n\n      if (\n        !shouldStore &&\n        shouldUseEtag &&\n        request.reply.body != null &&\n        (typeof request.reply.body === \"string\" ||\n          Buffer.isBuffer(request.reply.body))\n      ) {\n        const generatedEtag = this.generateETag(request.reply.body);\n\n        if (request.headers[\"if-none-match\"] === generatedEtag) {\n          request.reply.status = 304;\n          request.reply.body = undefined;\n          request.reply.setHeader(\"etag\", generatedEtag);\n          this.log.trace(\"ETag match on send, returning 304\", {\n            route: route.path,\n            etag: generatedEtag,\n          });\n          return;\n        }\n      }\n    },\n  });\n\n  protected readonly onResponse = $hook({\n    on: \"server:onResponse\",\n    priority: \"first\",\n    handler: async ({ route, request, response }) => {\n      const cache = route.cache;\n\n      // Set Cache-Control header if configured\n      const cacheControl = this.buildCacheControlHeader(cache);\n      if (cacheControl) {\n        response.headers[\"cache-control\"] = cacheControl;\n      }\n\n      const shouldStore = this.shouldStore(cache);\n      const shouldUseEtag = this.shouldUseEtag(cache);\n\n      // Skip if neither cache nor etag is enabled\n      if (!shouldStore && !shouldUseEtag) {\n        return;\n      }\n\n      // Don't cache error responses (status >= 400)\n      if (response.status && response.status >= 400) {\n        return;\n      }\n\n      // Initialize headers if not present\n      response.headers ??= {};\n\n      const key = this.createCacheKey(route, request);\n\n      // Handle ReadableStream responses (e.g., SSR streaming)\n      if (response.body instanceof ReadableStream && shouldStore) {\n        // Tee the stream: one for client, one for cache collection\n        const [clientStream, cacheStream] = (\n          response.body as ReadableStream<Uint8Array>\n        ).tee();\n\n        // Replace response body with client stream (continues streaming to client)\n        response.body = clientStream as typeof response.body;\n\n        // Collect cache stream in background (non-blocking)\n        this.collectStreamForCache(\n          cacheStream,\n          key,\n          response.status,\n          response.headers?.[\"content-type\"],\n          shouldUseEtag,\n        )\n          .then((hash) => {\n            if (shouldUseEtag && hash) {\n              // Note: headers already sent for streaming, etag only useful for future requests\n              this.log.trace(\"Stream cached with hash\", { key, hash });\n            }\n          })\n          .catch((err) => {\n            this.log.warn(\"Failed to cache stream\", { key, error: err });\n          });\n\n        return;\n      }\n\n      // Only process string responses (text, html, json, etc.)\n      if (typeof response.body !== \"string\") {\n        return;\n      }\n\n      const generatedEtag = this.generateETag(response.body);\n      const lastModified = this.time.toISOString();\n\n      // Store response if storing is enabled\n      if (shouldStore) {\n        this.log.trace(\"Storing response\", {\n          key,\n          route: route.path,\n          cache: !!cache,\n          etag: shouldUseEtag,\n        });\n\n        await this.cache.set(key, {\n          body: response.body,\n          status: response.status,\n          contentType: response.headers?.[\"content-type\"],\n          lastModified,\n          hash: generatedEtag,\n        });\n      }\n\n      // Set ETag headers if etag is enabled\n      if (shouldUseEtag) {\n        response.headers.etag = generatedEtag;\n        response.headers[\"last-modified\"] = lastModified;\n      }\n    },\n  });\n\n  public buildCacheControlHeader(cache?: ServerRouteCache): string | undefined {\n    if (!cache) {\n      return undefined;\n    }\n\n    // If cache is true or a DurationLike, no Cache-Control header is set\n    if (\n      cache === true ||\n      typeof cache === \"string\" ||\n      typeof cache === \"number\"\n    ) {\n      return undefined;\n    }\n\n    const control = cache.control;\n    if (!control) {\n      return undefined;\n    }\n\n    // If control is a string, return it directly\n    if (typeof control === \"string\") {\n      return control;\n    }\n\n    // If control is true, return default Cache-Control\n    if (control === true) {\n      return \"public, max-age=300\";\n    }\n\n    // Build Cache-Control from object directives\n    const directives: string[] = [];\n\n    if (control.public) {\n      directives.push(\"public\");\n    }\n    if (control.private) {\n      directives.push(\"private\");\n    }\n    if (control.noCache) {\n      directives.push(\"no-cache\");\n    }\n    if (control.noStore) {\n      directives.push(\"no-store\");\n    }\n    if (control.maxAge !== undefined) {\n      const maxAgeSeconds = this.durationToSeconds(control.maxAge);\n      directives.push(`max-age=${maxAgeSeconds}`);\n    }\n    if (control.sMaxAge !== undefined) {\n      const sMaxAgeSeconds = this.durationToSeconds(control.sMaxAge);\n      directives.push(`s-maxage=${sMaxAgeSeconds}`);\n    }\n    if (control.mustRevalidate) {\n      directives.push(\"must-revalidate\");\n    }\n    if (control.proxyRevalidate) {\n      directives.push(\"proxy-revalidate\");\n    }\n    if (control.immutable) {\n      directives.push(\"immutable\");\n    }\n\n    return directives.length > 0 ? directives.join(\", \") : undefined;\n  }\n\n  protected durationToSeconds(duration: number | DurationLike): number {\n    if (typeof duration === \"number\") {\n      return duration;\n    }\n\n    return this.time.duration(duration).asSeconds();\n  }\n\n  protected shouldStore(cache?: ServerRouteCache): boolean {\n    if (!cache) return false;\n    if (cache === true) return true;\n    if (typeof cache === \"object\" && cache.store) return true;\n    return false;\n  }\n\n  protected shouldUseEtag(cache?: ServerRouteCache): boolean {\n    // cache: true enables etag\n    if (cache === true) return true;\n    // Check object form\n    if (typeof cache === \"object\" && cache.etag) return true;\n    return false;\n  }\n\n  protected createCacheKey(route: ServerRoute, config?: ServerRequest): string {\n    const params: string[] = [];\n    for (const [key, value] of Object.entries(config?.params ?? {})) {\n      params.push(`${key}=${value}`);\n    }\n    for (const [key, value] of Object.entries(config?.query ?? {})) {\n      params.push(`${key}=${value}`);\n    }\n\n    return `${route.method}:${route.path.replaceAll(\":\", \"\")}:${params.join(\",\").replaceAll(\":\", \"\")}`;\n  }\n\n  /**\n   * Collect a ReadableStream into a string and store it in the cache.\n   * This runs in the background while the original stream is sent to the client.\n   *\n   * @param stream - The stream to collect\n   * @param key - Cache key\n   * @param status - HTTP status code\n   * @param contentType - Content-Type header\n   * @param generateEtag - Whether to generate and return an ETag\n   * @returns The generated ETag hash, or undefined\n   */\n  protected async collectStreamForCache(\n    stream: ReadableStream<Uint8Array>,\n    key: string,\n    status: number | undefined,\n    contentType: string | undefined,\n    generateEtag: boolean,\n  ): Promise<string | undefined> {\n    const chunks: Uint8Array[] = [];\n    const reader = stream.getReader();\n\n    try {\n      while (true) {\n        const { done, value } = await reader.read();\n        if (done) break;\n        chunks.push(value);\n      }\n\n      // Combine chunks into a single string\n      const decoder = new TextDecoder();\n      const body =\n        chunks\n          .map((chunk) => decoder.decode(chunk, { stream: true }))\n          .join(\"\") + decoder.decode(); // Flush remaining\n\n      const hash = this.generateETag(body);\n      const lastModified = this.time.toISOString();\n\n      this.log.trace(\"Storing streamed response\", { key });\n\n      await this.cache.set(key, {\n        body,\n        status,\n        contentType,\n        lastModified,\n        hash,\n      });\n\n      return generateEtag ? hash : undefined;\n    } finally {\n      reader.releaseLock();\n    }\n  }\n}\n\nexport type ServerRouteCache =\n  /**\n   * If true, enables caching with:\n   * - store: true\n   * - etag: true\n   */\n  | boolean\n  /**\n   * Object configuration for fine-grained cache control.\n   *\n   * If empty, no caching will be applied.\n   */\n  | {\n      /**\n       * If true, enables storing cached responses. (in-memory, Redis, @see alepha/cache for other providers)\n       * If a DurationLike is provided, it will be used as the TTL for the cache.\n       * If CachePrimitiveOptions is provided, it will be used to configure the cache storage.\n       *\n       * @default false\n       */\n      store?: true | DurationLike | CachePrimitiveOptions;\n      /**\n       * If true, enables ETag support for the cached responses.\n       */\n      etag?: true;\n      /**\n       * - If true, sets Cache-Control to \"public, max-age=300\" (5 minutes).\n       * - If string, sets Cache-Control to the provided value directly.\n       * - If object, configures Cache-Control directives.\n       */\n      control?: /**\n       * If true, sets Cache-Control to \"public, max-age=300\" (5 minutes).\n       */\n        | true\n        /**\n         * If string, sets Cache-Control to the provided value directly.\n         */\n        | string\n        /**\n         * If object, configures Cache-Control directives.\n         */\n        | {\n            /**\n             * Indicates that the response may be cached by any cache.\n             */\n            public?: boolean;\n            /**\n             * Indicates that the response is intended for a single user and must not be stored by a shared cache.\n             */\n            private?: boolean;\n            /**\n             * Forces caches to submit the request to the origin server for validation before releasing a cached copy.\n             */\n            noCache?: boolean;\n            /**\n             * Instructs caches not to store the response.\n             */\n            noStore?: boolean;\n            /**\n             * Maximum amount of time a resource is considered fresh.\n             * Can be specified as a number (seconds) or as a DurationLike object.\n             *\n             * @example 300 // 5 minutes in seconds\n             * @example { minutes: 5 } // 5 minutes\n             * @example { hours: 1 } // 1 hour\n             */\n            maxAge?: number | DurationLike;\n            /**\n             * Overrides max-age for shared caches (e.g., CDNs).\n             * Can be specified as a number (seconds) or as a DurationLike object.\n             */\n            sMaxAge?: number | DurationLike;\n            /**\n             * Indicates that once a resource becomes stale, caches must not use it without successful validation.\n             */\n            mustRevalidate?: boolean;\n            /**\n             * Similar to must-revalidate, but only for shared caches.\n             */\n            proxyRevalidate?: boolean;\n            /**\n             * Indicates that the response can be stored but must be revalidated before each use.\n             */\n            immutable?: boolean;\n          };\n    };\n\ninterface RouteCacheEntry {\n  contentType?: string;\n  body: any;\n  status?: number;\n  lastModified: string;\n  hash: string;\n}\n","import { $module } from \"alepha\";\nimport { AlephaCache } from \"alepha/cache\";\nimport { ServerCacheProvider } from \"./providers/ServerCacheProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./providers/ServerCacheProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\n/**\n * Plugin for Alepha Server that provides server-side caching capabilities.\n * It uses the Alepha Cache module to cache responses from server actions ($action).\n * It also provides a ETag-based cache invalidation mechanism.\n *\n * @example\n * ```ts\n * import { Alepha } from \"alepha\";\n * import { $action } from \"alepha/server\";\n * import { AlephaServerCache } from \"alepha/server/cache\";\n *\n * class ApiServer {\n *   hello = $action({\n *     cache: true,\n *     handler: () => \"Hello, World!\",\n *   });\n * }\n *\n * const alepha = Alepha.create()\n *   .with(AlephaServerCache)\n *   .with(ApiServer);\n *\n * run(alepha);\n * ```\n *\n * @see {@link ServerCacheProvider}\n * @module alepha.server.cache\n */\nexport const AlephaServerCache = $module({\n  name: \"alepha.server.cache\",\n  services: [AlephaCache, ServerCacheProvider],\n});\n"],"mappings":";;;;;;;;AAgCA,gBAAgB,UAAU,aAAa,iBAErC;AACA,OAAM,KAAK,OAAO,OAAO,oBAAoB,CAAC,WAAW,KAAK,MAAM;;AAKtE,IAAa,sBAAb,MAAiC;CAC/B,AAAmB,MAAM,SAAS;CAClC,AAAmB,SAAS,QAAQ,OAAO;CAC3C,AAAmB,OAAO,QAAQ,iBAAiB;CACnD,AAAmB,QAAQ,OAAwB,EACjD,UAAU,UACX,CAAC;CAEF,AAAO,aAAa,SAA6B;AAC/C,SAAO,IAAI,WAAW,MAAM,CAAC,OAAO,QAAQ,CAAC,OAAO,MAAM,CAAC;;CAG7D,MAAa,WAAW,OAAoB;AAE1C,MAAI,CADU,MAAM,MAElB;AAGF,QAAM,KAAK,MAAM,WAAW,KAAK,eAAe,MAAM,CAAC;;CAGzD,AAAmB,kBAAkB,MAAM;EACzC,IAAI;EACJ,SAAS,OAAO,EAAE,QAAQ,cAAc;GACtC,MAAM,QAAQ,OAAO,MAAM;AAK3B,OAHoB,KAAK,YAAY,MAAM,EAG1B;IACf,MAAM,MAAM,KAAK,eAAe,OAAO,OAAO,QAAQ;IACtD,MAAM,SAAS,MAAM,KAAK,MAAM,IAAI,IAAI;AAExC,QAAI,QAAQ;KACV,MAAM,OACJ,OAAO,gBAAgB,qBACnB,KAAK,MAAM,OAAO,KAAK,GACvB,OAAO;AAEb,UAAK,IAAI,MAAM,wBAAwB;MACrC;MACA,QAAQ,OAAO;MAChB,CAAC;AAEF,aAAQ,MAAM,OAAO;UAErB,MAAK,IAAI,MAAM,yBAAyB;KACtC;KACA,QAAQ,OAAO;KAChB,CAAC;;;EAIT,CAAC;CAEF,AAAmB,mBAAmB,MAAM;EAC1C,IAAI;EACJ,SAAS,OAAO,EAAE,QAAQ,SAAS,eAAe;GAChD,MAAM,QAAQ,OAAO,MAAM;AAI3B,OAAI,CAFgB,KAAK,YAAY,MAAM,IAEvB,CAAC,SACnB;AAIF,OAAI,QAAQ,MAAM,UAAU,QAAQ,MAAM,UAAU,IAClD;GAKF,MAAM,cACJ,OAAO,aAAa,WAAW,eAAe;GAChD,MAAM,OACJ,gBAAgB,eAAe,WAAW,KAAK,UAAU,SAAS;GAEpE,MAAM,gBAAgB,KAAK,aAAa,KAAK;GAC7C,MAAM,eAAe,KAAK,KAAK,aAAa;GAG5C,MAAM,MAAM,KAAK,eAAe,OAAO,OAAO,QAAQ;AAEtD,QAAK,IAAI,MAAM,oBAAoB;IACjC;IACA,QAAQ,OAAO;IAChB,CAAC;AAEF,SAAM,KAAK,MAAM,IAAI,KAAK;IAClB;IACN;IACa;IACb,MAAM;IACP,CAAC;GAGF,MAAM,eAAe,KAAK,wBAAwB,MAAM;AACxD,OAAI,aACF,SAAQ,MAAM,UAAU,iBAAiB,aAAa;;EAG3D,CAAC;CAEF,AAAmB,YAAY,MAAM;EACnC,IAAI;EACJ,SAAS,OAAO,EAAE,OAAO,cAAc;GACrC,MAAM,QAAQ,MAAM;GAEpB,MAAM,cAAc,KAAK,YAAY,MAAM;GAC3C,MAAM,gBAAgB,KAAK,cAAc,MAAM;AAG/C,OAAI,CAAC,eAAe,CAAC,cACnB;GAGF,MAAM,MAAM,KAAK,eAAe,OAAO,QAAQ;GAC/C,MAAM,SAAS,MAAM,KAAK,MAAM,IAAI,IAAI;AAExC,OAAI,QAAQ;AAEV,QACE,QAAQ,QAAQ,qBAAqB,OAAO,QAC5C,QAAQ,QAAQ,yBAAyB,OAAO,cAChD;AACA,aAAQ,MAAM,SAAS;AACvB,aAAQ,MAAM,UAAU,QAAQ,OAAO,KAAK;AAC5C,aAAQ,MAAM,UAAU,iBAAiB,OAAO,aAAa;AAC7D,UAAK,IAAI,MAAM,6BAA6B;MAC1C,OAAO,MAAM;MACb,MAAM,OAAO;MACd,CAAC;AACF;;AAIF,QAAI,aAAa;AACf,UAAK,IAAI,MAAM,uBAAuB;MACpC;MACA,OAAO,MAAM;MACd,CAAC;AAIF,aAAQ,MAAM,OAAO,OAAO;AAC5B,aAAQ,MAAM,SAAS,OAAO,UAAU;AAExC,SAAI,OAAO,YACT,SAAQ,MAAM,UAAU,gBAAgB,OAAO,YAAY;AAG7D,aAAQ,MAAM,UAAU,QAAQ,OAAO,KAAK;AAC5C,aAAQ,MAAM,UAAU,iBAAiB,OAAO,aAAa;;cAEtD,YACT,MAAK,IAAI,MAAM,wBAAwB;IACrC;IACA,OAAO,MAAM;IACd,CAAC;;EAGP,CAAC;CAEF,AAAmB,SAAS,MAAM;EAChC,IAAI;EACJ,UAAU,EAAE,OAAO,cAAc;GAI/B,MAAM,QAAQ,MAAM;GAEpB,MAAM,cAAc,KAAK,YAAY,MAAM;GAC3C,MAAM,gBAAgB,KAAK,cAAc,MAAM;AAE/C,OAAI,QAAQ,MAAM,QAAQ,KAExB;AAGF,OACE,CAAC,eACD,iBACA,QAAQ,MAAM,QAAQ,SACrB,OAAO,QAAQ,MAAM,SAAS,YAC7B,OAAO,SAAS,QAAQ,MAAM,KAAK,GACrC;IACA,MAAM,gBAAgB,KAAK,aAAa,QAAQ,MAAM,KAAK;AAE3D,QAAI,QAAQ,QAAQ,qBAAqB,eAAe;AACtD,aAAQ,MAAM,SAAS;AACvB,aAAQ,MAAM,OAAO;AACrB,aAAQ,MAAM,UAAU,QAAQ,cAAc;AAC9C,UAAK,IAAI,MAAM,qCAAqC;MAClD,OAAO,MAAM;MACb,MAAM;MACP,CAAC;AACF;;;;EAIP,CAAC;CAEF,AAAmB,aAAa,MAAM;EACpC,IAAI;EACJ,UAAU;EACV,SAAS,OAAO,EAAE,OAAO,SAAS,eAAe;GAC/C,MAAM,QAAQ,MAAM;GAGpB,MAAM,eAAe,KAAK,wBAAwB,MAAM;AACxD,OAAI,aACF,UAAS,QAAQ,mBAAmB;GAGtC,MAAM,cAAc,KAAK,YAAY,MAAM;GAC3C,MAAM,gBAAgB,KAAK,cAAc,MAAM;AAG/C,OAAI,CAAC,eAAe,CAAC,cACnB;AAIF,OAAI,SAAS,UAAU,SAAS,UAAU,IACxC;AAIF,YAAS,YAAY,EAAE;GAEvB,MAAM,MAAM,KAAK,eAAe,OAAO,QAAQ;AAG/C,OAAI,SAAS,gBAAgB,kBAAkB,aAAa;IAE1D,MAAM,CAAC,cAAc,eACnB,SAAS,KACT,KAAK;AAGP,aAAS,OAAO;AAGhB,SAAK,sBACH,aACA,KACA,SAAS,QACT,SAAS,UAAU,iBACnB,cACD,CACE,MAAM,SAAS;AACd,SAAI,iBAAiB,KAEnB,MAAK,IAAI,MAAM,2BAA2B;MAAE;MAAK;MAAM,CAAC;MAE1D,CACD,OAAO,QAAQ;AACd,UAAK,IAAI,KAAK,0BAA0B;MAAE;MAAK,OAAO;MAAK,CAAC;MAC5D;AAEJ;;AAIF,OAAI,OAAO,SAAS,SAAS,SAC3B;GAGF,MAAM,gBAAgB,KAAK,aAAa,SAAS,KAAK;GACtD,MAAM,eAAe,KAAK,KAAK,aAAa;AAG5C,OAAI,aAAa;AACf,SAAK,IAAI,MAAM,oBAAoB;KACjC;KACA,OAAO,MAAM;KACb,OAAO,CAAC,CAAC;KACT,MAAM;KACP,CAAC;AAEF,UAAM,KAAK,MAAM,IAAI,KAAK;KACxB,MAAM,SAAS;KACf,QAAQ,SAAS;KACjB,aAAa,SAAS,UAAU;KAChC;KACA,MAAM;KACP,CAAC;;AAIJ,OAAI,eAAe;AACjB,aAAS,QAAQ,OAAO;AACxB,aAAS,QAAQ,mBAAmB;;;EAGzC,CAAC;CAEF,AAAO,wBAAwB,OAA8C;AAC3E,MAAI,CAAC,MACH;AAIF,MACE,UAAU,QACV,OAAO,UAAU,YACjB,OAAO,UAAU,SAEjB;EAGF,MAAM,UAAU,MAAM;AACtB,MAAI,CAAC,QACH;AAIF,MAAI,OAAO,YAAY,SACrB,QAAO;AAIT,MAAI,YAAY,KACd,QAAO;EAIT,MAAM,aAAuB,EAAE;AAE/B,MAAI,QAAQ,OACV,YAAW,KAAK,SAAS;AAE3B,MAAI,QAAQ,QACV,YAAW,KAAK,UAAU;AAE5B,MAAI,QAAQ,QACV,YAAW,KAAK,WAAW;AAE7B,MAAI,QAAQ,QACV,YAAW,KAAK,WAAW;AAE7B,MAAI,QAAQ,WAAW,QAAW;GAChC,MAAM,gBAAgB,KAAK,kBAAkB,QAAQ,OAAO;AAC5D,cAAW,KAAK,WAAW,gBAAgB;;AAE7C,MAAI,QAAQ,YAAY,QAAW;GACjC,MAAM,iBAAiB,KAAK,kBAAkB,QAAQ,QAAQ;AAC9D,cAAW,KAAK,YAAY,iBAAiB;;AAE/C,MAAI,QAAQ,eACV,YAAW,KAAK,kBAAkB;AAEpC,MAAI,QAAQ,gBACV,YAAW,KAAK,mBAAmB;AAErC,MAAI,QAAQ,UACV,YAAW,KAAK,YAAY;AAG9B,SAAO,WAAW,SAAS,IAAI,WAAW,KAAK,KAAK,GAAG;;CAGzD,AAAU,kBAAkB,UAAyC;AACnE,MAAI,OAAO,aAAa,SACtB,QAAO;AAGT,SAAO,KAAK,KAAK,SAAS,SAAS,CAAC,WAAW;;CAGjD,AAAU,YAAY,OAAmC;AACvD,MAAI,CAAC,MAAO,QAAO;AACnB,MAAI,UAAU,KAAM,QAAO;AAC3B,MAAI,OAAO,UAAU,YAAY,MAAM,MAAO,QAAO;AACrD,SAAO;;CAGT,AAAU,cAAc,OAAmC;AAEzD,MAAI,UAAU,KAAM,QAAO;AAE3B,MAAI,OAAO,UAAU,YAAY,MAAM,KAAM,QAAO;AACpD,SAAO;;CAGT,AAAU,eAAe,OAAoB,QAAgC;EAC3E,MAAM,SAAmB,EAAE;AAC3B,OAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,QAAQ,UAAU,EAAE,CAAC,CAC7D,QAAO,KAAK,GAAG,IAAI,GAAG,QAAQ;AAEhC,OAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,QAAQ,SAAS,EAAE,CAAC,CAC5D,QAAO,KAAK,GAAG,IAAI,GAAG,QAAQ;AAGhC,SAAO,GAAG,MAAM,OAAO,GAAG,MAAM,KAAK,WAAW,KAAK,GAAG,CAAC,GAAG,OAAO,KAAK,IAAI,CAAC,WAAW,KAAK,GAAG;;;;;;;;;;;;;CAclG,MAAgB,sBACd,QACA,KACA,QACA,aACA,cAC6B;EAC7B,MAAM,SAAuB,EAAE;EAC/B,MAAM,SAAS,OAAO,WAAW;AAEjC,MAAI;AACF,UAAO,MAAM;IACX,MAAM,EAAE,MAAM,UAAU,MAAM,OAAO,MAAM;AAC3C,QAAI,KAAM;AACV,WAAO,KAAK,MAAM;;GAIpB,MAAM,UAAU,IAAI,aAAa;GACjC,MAAM,OACJ,OACG,KAAK,UAAU,QAAQ,OAAO,OAAO,EAAE,QAAQ,MAAM,CAAC,CAAC,CACvD,KAAK,GAAG,GAAG,QAAQ,QAAQ;GAEhC,MAAM,OAAO,KAAK,aAAa,KAAK;GACpC,MAAM,eAAe,KAAK,KAAK,aAAa;AAE5C,QAAK,IAAI,MAAM,6BAA6B,EAAE,KAAK,CAAC;AAEpD,SAAM,KAAK,MAAM,IAAI,KAAK;IACxB;IACA;IACA;IACA;IACA;IACD,CAAC;AAEF,UAAO,eAAe,OAAO;YACrB;AACR,UAAO,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AClc1B,MAAa,oBAAoB,QAAQ;CACvC,MAAM;CACN,UAAU,CAAC,aAAa,oBAAoB;CAC7C,CAAC"}

package/dist/server/compress/index.d.ts

@@ -21,9 +21,9 @@ declare class ServerCompressProvider {
   protected isAllowedContentType(contentType: string | undefined): boolean;
   protected compress(encoding: keyof typeof ServerCompressProvider.compressors, response: ServerResponse): Promise<void>;
   /**
-   * Create a compressed stream that flushes after each chunk.
-   * This is essential for streaming SSR - ensures each chunk is sent immediately.
-   */
+       * Create a compressed stream that flushes after each chunk.
+       * This is essential for streaming SSR - ensures each chunk is sent immediately.
+       */
   protected createFlushingCompressStream(input: ReadableStream, createCompressor: (options?: any) => Transform, encoding: string, params: Record<number, any>): ReadableStream<Uint8Array>;
   protected getParams(encoding: keyof typeof ServerCompressProvider.compressors): Record<number, any>;
   protected setHeaders(response: ServerResponse, encoding: keyof typeof ServerCompressProvider.compressors): void;

package/dist/server/compress/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","names":[],"sources":["../../../src/server/compress/providers/ServerCompressProvider.ts","../../../src/server/compress/index.ts"],"sourcesContent":[],"mappings":";;;;;;;;;uCAgBuC;EAXa;;AAAA,cAevC,sBAAA,CAJuD;EAAA,OAAA,WAAA,EAK9C,MAL8C,CAAA,MAAA,EAAA;IAAA,QAAA,EAAA,CAAA,GAAA,IAAA,EAAA,GAAA,EAAA,EAAA,GAQ9B,OAR8B,CAQtB,MARsB,CAAA;IAIvD,MAAA,EAAA,CAAA,OAAsB,CAAtB,EAAA,GAAsB,EAAA,GAKA,SALA;EAIW,CAAA,GAAA,SAAA,CAAA;EAAR,mBAAA,MAAA,EAsBX,MAtBW;EACH,cAAA,OAAA,CAAA,CAAA,EAuBR,6BAvBQ;EAJb,SAAA,UAAA,EA2BkC,OAAA,CAa5B,aAxCN,CAAA,mBAAA,CAAA;EAyBK,UAAA,oBAAA,CAAA,WAAA,EAAA,MAAA,GAAA,SAAA,CAAA,EAAA,OAAA;EAEA,UAAA,QAAA,CAAA,QAAA,EAAA,MAAA,OAwDA,sBAAA,CAAuB,WAxDvB,EAAA,QAAA,EAyDb,cAzDa,CAAA,EA0DtB,OA1DsB,CAAA,IAAA,CAAA;EAA6B;;;;EAyG7C,UAAA,4BAAA,CAAA,KAAA,EAAA,cAAA,EAAA,gBAAA,EAAA,CAAA,OAAA,CAAA,EAAA,GAAA,EAAA,GAC8B,SAD9B,EAAA,QAAA,EAAA,MAAA,EAAA,MAAA,EAGC,MAHD,CAAA,MAAA,EAAA,GAAA,CAAA,CAAA,EAIN,cAJM,CAIS,UAJT,CAAA;EAC8B,UAAA,SAAA,CAAA,QAAA,EAAA,MAAA,OAkDd,sBAAA,CAAuB,WAlDT,CAAA,EAmDpC,MAnDoC,CAAA,MAAA,EAAA,GAAA,CAAA;EAE7B,UAAA,UAAA,CAAA,QAAA,EAiEE,cAjEF,EAAA,QAAA,EAAA,MAAA,OAkEe,sBAAA,CAAuB,WAlEtC,CAAA,EAAA,IAAA;;AACP,UAyEY,6BAAA,CAzEZ;EA+CsB,mBAAA,EAAuB,MAAA,EAAA;;;;;;;;;cC7LrC,sBAAoB,OAAA,CAAA,QAG/B,OAAA,CAH+B,MAAA"}
+{"version":3,"file":"index.d.ts","names":[],"sources":["../../../src/server/compress/providers/ServerCompressProvider.ts","../../../src/server/compress/index.ts"],"mappings":";;;;;;;;;uCAgBuC,6BAAA;EAAA;AAAA;AAAA,cAI1B,sBAAA;EAAA,OAAA,WAAA,EACS,MAAA;IAAA,QAAA,MAAA,IAAA,YAGgB,OAAA,CAAQ,MAAA;IAAA,MAAA,GAAA,OAAA,WACX,SAAA;EAAA;EAAA,mBAAA,MAAA,EAqBR,MAAA;EAAA,cAAA,QAAA,GAEA,6BAAA;EAAA,SAAA,UAAA,EAA6B,OAAA,CAa5B,aAAA;EAAA,UAAA,qBAAA,WAAA;EAAA,UAAA,SAAA,QAAA,eA2CD,sBAAA,CAAuB,WAAA,EAAA,QAAA,EACpC,cAAA,GACT,OAAA;EAAA;;;;EAAA,UAAA,6BAAA,KAAA,EA+CM,cAAA,EAAA,gBAAA,GAAA,OAAA,WAC8B,SAAA,EAAA,QAAA,UAAA,MAAA,EAE7B,MAAA,gBACP,cAAA,CAAe,UAAA;EAAA,UAAA,UAAA,QAAA,eA+CO,sBAAA,CAAuB,WAAA,GAC7C,MAAA;EAAA,UAAA,WAAA,QAAA,EAgBS,cAAA,EAAA,QAAA,eACa,sBAAA,CAAuB,WAAA;AAAA;AAAA,UAQjC,6BAAA;EAAA,mBAAA;AAAA;;;;ACvNjB;;;;cAAa,oBAAA,EAAoB,OAAA,CAAA,OAAA,CAG/B,OAAA,CAH+B,MAAA"}

package/dist/server/cookies/index.d.ts

@@ -89,21 +89,21 @@ declare class CookiePrimitive<T extends TSchema> extends Primitive<CookiePrimiti
   get schema(): T;
   get name(): string;
   /**
-   * Sets the cookie with the given value in the current request's response.
-   */
+       * Sets the cookie with the given value in the current request's response.
+       */
   set(value: Static<T>, options?: {
     cookies?: Cookies;
     ttl?: DurationLike;
   }): void;
   /**
-   * Gets the cookie value from the current request. Returns undefined if not found or invalid.
-   */
+       * Gets the cookie value from the current request. Returns undefined if not found or invalid.
+       */
   get(options?: {
     cookies?: Cookies;
   }): Static<T> | undefined;
   /**
-   * Deletes the cookie in the current request's response.
-   */
+       * Deletes the cookie in the current request's response.
+       */
   del(options?: {
     cookies?: Cookies;
   }): void;

package/dist/server/cookies/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","names":[],"sources":["../../../src/server/cookies/services/CookieParser.ts","../../../src/server/cookies/providers/ServerCookiesProvider.ts","../../../src/server/cookies/primitives/$cookie.ts","../../../src/server/cookies/index.ts"],"sourcesContent":[],"mappings":";;;;;;cAEa,YAAA;uCACiC;oCAgBjC,eAAe;uCAwBhB;;;;cCRC,qBAAA;6BACc;EDlCd,mBAAY,GAAA,ECkCE,cAAA,CACH,MDnCC;EACqB,mBAAA,YAAA,ECmCb,YDnCa;EAgBlB,mBAAA,gBAAA,ECoBS,gBDpBT;EAAf,mBAAA,GAAA,EAAA;IAwBD,UAAA,EAAA,MAAA;EAAM,CAAA;;;;ECRL,mBAAA,gBAAqB,GAAA,EAAA;EACP,SAAA,SAAA,EAGU,OAAA,CASV,aAZA,CAAA,kBAAA,CAAA;EAAA,SAAA,QACH,EAWG,OAAA,CAYD,aAvBF,CAAA,kBAAA,CAAA;EACS,SAAA,MAAA,EAsBP,OAAA,CAYF,aAlCS,CAAA,eAAA,CAAA;EACI,UAAA,qBAAA,CAAA,OAAA,CAAA,EAgDO,OAhDP,CAAA,EAgDiB,OAhDjB;EAAA,SASV,CAAA,UAiDE,OAjDF,CAAA,CAAA,IAAA,EAAA,MAAA,EAAA,OAAA,EAmDd,sBAnDc,CAmDS,CAnDT,CAAA,EAAA,cAAA,CAAA,EAoDN,OApDM,CAAA,EAqDtB,MArDsB,CAqDf,CArDe,CAAA,GAAA,SAAA;EAAA,SAYD,CAAA,UAsFG,OAtFH,CAAA,CAAA,IAAA,EAAA,MAAA,EAAA,OAAA,EAwFb,sBAxFa,CAwFU,CAxFV,CAAA,EAAA,IAAA,EAyFhB,MAzFgB,CAyFT,CAzFS,CAAA,EAAA,cAAA,CAAA,EA0FL,OA1FK,CAAA,EAAA,IAAA;EAAA,YAYF,CAAA,UA+GQ,OA/GR,CAAA,CAAA,IAAA,EAAA,MAAA,EAAA,cAAA,CAAA,EAiHH,OAjHG,CAAA,EAAA,IAAA;EAeoB,UAAA,OAAA,CAAA,IAAA,EAAA,MAAA,CAAA,EAAA,MAAA;EAAU,UAAA,OAAA,CAAA,aAAA,EAAA,MAAA,CAAA,EAAA,MAAA;EAUzB,SAAA,CAAA,CAAA,EAAA,MAAA;EAEO,UAAA,IAAA,CAAA,IAAA,EAAA,MAAA,CAAA,EAAA,MAAA;;;;;;;ADjGpC;;AAiB4B,cEHf,OFGe,EAAA;EAAf,CAAA,UEHqB,OFGrB,CAAA,CAAA,OAAA,EEFF,sBFEE,CEFqB,CFErB,CAAA,CAAA,EEDV,uBFCU,CEDc,CFCd,CAAA;EAwBD,MAAA,EAAA,sBAAA;CAAM;UEnBD,iCAAiC;;UAExC;EDSG;EACc,IAAA,CAAA,EAAA,MAAA;EAAA;EAEM,IAAA,CAAA,EAAA,MAAA;EACI;EAAA,GAAA,CAAA,ECJ7B,YDamB;EAAA;EAYD,MAYF,CAAA,EAAA,OAAA;EAeoB;EAAU,QAAA,CAAA,EAAA,OAAA;EAUzB;EAEO,QAAA,CAAA,EAAA,QAAA,GAAA,KAAA,GAAA,MAAA;EAAvB;EACQ,MAAA,CAAA,EAAA,MAAA;EACT;EAAP,QAAA,CAAA,EAAA,OAAA;EA6CwB;EAEO,OAAA,CAAA,EAAA,OAAA;EAAvB;EACI,IAAA,CAAA,EAAA,OAAA;;AACI,UC3FJ,uBD2FI,CAAA,UC3F8B,OD2F9B,CAAA,CAAA;EAiCW,SAAA,IAAA,EAAA,MAAA;EAEX,SAAA,OAAA,EC5HD,sBD4HC,CC5HsB,CD4HtB,CAAA;EAAO,GAAA,CAAA,KAAA,EC1HjB,MD0HiB,CC1HV,CD0HU,CAAA,EAAA,QAAA,EAAA;cCzHF;UAAe;;EAhD5B,GAAA,CAAA,OACqB,CAGjC,EAAA;IAJiC,OAAA,CAAA,EAkDN,OAlDM;EACA,CAAA,CAAA,EAiDM,MAjDN,CAiDa,CAjDb,CAAA,GAAA,SAAA;EAAvB,GAAA,CAAA,OACR,CADQ,EAAA;IACgB,OAAA,CAAA,EAiDC,OAjDD;EAAxB,CAAA,CAAA,EAAA,IAAA;;cAoDU,0BAA0B,iBAC7B,UAAU,uBAAuB,eAC9B,wBAAwB;4CAEK;EAlDzB,IAAA,MAAA,CAAA,CAAA,EAoDM,CApDN;EAAiC,IAAA,IAAA,CAAA,CAAA,EAAA,MAAA;EAExC;;;EAiCO,GAAA,CAAA,KAAA,EA6BN,MA7BM,CA6BC,CA7BD,CAAA,EAAA,OAEG,CAFoB,EAAA;IAAW,OAAA,CAAA,EA8BzB,OA9ByB;IAER,GAAA,CAAA,EA4BF,YA5BE;EAAvB,CAAA,CAAA,EAAA,IAAA;EAEF;;;EACuB,GAAA,CAAA,OAEM,CAFN,EAAA;IAEb,OAAA,CAAA,EAuCO,OAvCP;EAAmB,CAAA,CAAA,EAuCA,MAvCA,CAuCO,CAvCP,CAAA,GAAA,SAAA;EAAP;;;EAI3B,GAAA,CAAA,OAC8B,CAD9B,EAAA;IAA0B,OAAA,CAAA,EA8CJ,OA9CI;EACI,CAAA,CAAA,EAAA,IAAA;;AACN,UAqDpB,OAAA,CArDoB;EAEK,GAAA,EAoDnC,MApDmC,CAAA,MAAA,EAAA,MAAA,CAAA;EAEnB,GAAA,EAmDhB,MAnDgB,CAAA,MAAA,EAmDD,MAnDC,GAAA,IAAA,CAAA;;AAYZ,UA0CM,MAAA,CA1CN;EACe,KAAA,EAAA,MAAA;EAAe,IAAA,CAAA,EAAA,MAAA;EAgBN,MAAA,CAAA,EAAA,MAAA;EAAmB,MAAA,CAAA,EAAA,OAAA;EAAP,QAAA,CAAA,EAAA,OAAA;EAWZ,QAAA,CAAA,EAAA,QAAA,GAAA,KAAA,GAAA,MAAA;EA7CzB,MAAA,CAAA,EAAA,MAAA;;;;;;aCxDG;EHbA;;;;;;;;;ACiCb;;;AAGiC,cETpB,mBFSoB,EETD,OAAA,CAAA,OFSC,CEL/B,OAAA,CAJ8B,MAAA,CFSC"}
+{"version":3,"file":"index.d.ts","names":[],"sources":["../../../src/server/cookies/services/CookieParser.ts","../../../src/server/cookies/providers/ServerCookiesProvider.ts","../../../src/server/cookies/primitives/$cookie.ts","../../../src/server/cookies/index.ts"],"mappings":";;;;;;cAEa,YAAA;EAAA,oBAAA,MAAA,WACiC,MAAA;EAAA,yBAAA,OAAA,EAgBjC,MAAA,SAAe,MAAA,UAAA,OAAA;EAAA,eAAA,IAAA,UAAA,MAAA,EAwBhB,MAAA,EAAA,OAAA;AAAA;;;cCRC,qBAAA;EAAA,mBAAA,MAAA,EACc,MAAA;EAAA,mBAAA,GAAA,EAAA,cAAA,CACH,MAAA;EAAA,mBAAA,YAAA,EACS,YAAA;EAAA,mBAAA,gBAAA,EACI,gBAAA;EAAA,mBAAA,GAAA;IAAA,UAAA;EAAA;EAAA,mBAAA,SAAA;EAAA,mBAAA,SAAA;EAAA,mBAAA,eAAA;EAAA,mBAAA,gBAAA;EAAA,SAAA,SAAA,EAAA,OAAA,CASV,aAAA;EAAA,SAAA,QAAA,EAAA,OAAA,CAYD,aAAA;EAAA,SAAA,MAAA,EAAA,OAAA,CAYF,aAAA;EAAA,UAAA,sBAAA,OAAA,GAeoB,OAAA,GAAU,OAAA;EAAA,SAAA,WAUzB,OAAA,CAAA,CAAA,IAAA,UAAA,OAAA,EAEhB,sBAAA,CAAuB,CAAA,GAAA,cAAA,GACf,OAAA,GAChB,MAAA,CAAO,CAAA;EAAA,SAAA,WA6CiB,OAAA,CAAA,CAAA,IAAA,UAAA,OAAA,EAEhB,sBAAA,CAAuB,CAAA,GAAA,IAAA,EAC1B,MAAA,CAAO,CAAA,GAAA,cAAA,GACI,OAAA;EAAA,YAAA,WAiCW,OAAA,CAAA,CAAA,IAAA,UAAA,cAAA,GAEX,OAAA;EAAA,UAAA,QAAA,IAAA;EAAA,UAAA,QAAA,aAAA;EAAA,UAAA;EAAA,UAAA,KAAA,IAAA;AAAA;;;;ACzKrB;;;;cAAa,OAAA;EAAA,WAAqB,OAAA,EAAA,OAAA,EACvB,sBAAA,CAAuB,CAAA,IAC/B,uBAAA,CAAwB,CAAA;EAAA;;UAMV,sBAAA,WAAiC,OAAA;EAAA;EAAA,MAAA,EAExC,CAAA;EAAA;EAAA,IAAA;EAAA;EAAA,IAAA;EAAA;EAAA,GAAA,GASF,YAAA;EAAA;EAAA,MAAA;EAAA;EAAA,QAAA;EAAA;EAAA,QAAA;EAAA;EAAA,MAAA;EAAA;EAAA,QAAA;EAAA;EAAA,OAAA;EAAA;EAAA,IAAA;AAAA;AAAA,UAwBS,uBAAA,WAAkC,OAAA;EAAA,SAAA,IAAA;EAAA,SAAA,OAAA,EAE/B,sBAAA,CAAuB,CAAA;EAAA,GAAA,CAAA,KAAA,EAEhC,MAAA,CAAO,CAAA,GAAA,OAAA;IAAA,OAAA,GACQ,OAAA;IAAA,GAAA,GAAe,YAAA;EAAA;EAAA,GAAA,CAAA,OAAA;IAAA,OAAA,GAEb,OAAA;EAAA,IAAY,MAAA,CAAO,CAAA;EAAA,GAAA,CAAA,OAAA;IAAA,OAAA,GACnB,OAAA;EAAA;AAAA;AAAA,cAGf,eAAA,WAA0B,OAAA,UAC7B,SAAA,CAAU,sBAAA,CAAuB,CAAA,cAC9B,uBAAA,CAAwB,CAAA;EAAA,mBAAA,qBAAA,EAEK,qBAAA;EAAA,IAAA,OAAA,GAEnB,CAAA;EAAA,IAAA,KAAA;EAAA;;;EAAA,IAAA,KAAA,EAYZ,MAAA,CAAO,CAAA,GAAA,OAAA;IAAA,OAAA,GACQ,OAAA;IAAA,GAAA,GAAe,YAAA;EAAA;EAAA;;;EAAA,IAAA,OAAA;IAAA,OAAA,GAgBN,OAAA;EAAA,IAAY,MAAA,CAAO,CAAA;EAAA;;;EAAA,IAAA,OAAA;IAAA,OAAA,GAWnB,OAAA;EAAA;AAAA;AAAA,UASlB,OAAA;EAAA,GAAA,EACV,MAAA;EAAA,GAAA,EACA,MAAA,SAAe,MAAA;AAAA;AAAA,UAGL,MAAA;EAAA,KAAA;EAAA,IAAA;EAAA,MAAA;EAAA,MAAA;EAAA,QAAA;EAAA,QAAA;EAAA,MAAA;AAAA;;;;;aCnHJ,OAAA;EAAA;AAAA;AAAA;;;AAcb;;;;;;;AAda,cAcA,mBAAA,EAAmB,OAAA,CAAA,OAAA,CAI9B,OAAA,CAJ8B,MAAA"}

package/dist/server/cookies/index.js

@@ -58,7 +58,7 @@ var ServerCookiesProvider = class {
 	SIGNATURE_LENGTH = 32;
 	onRequest = $hook({
 		on: "server:onRequest",
-		handler: async ({ request }) => {
+		handler: ({ request }) => {
 			request.cookies = {
 				req: this.cookieParser.parseRequestCookies(request.headers.cookie ?? ""),
 				res: {}
@@ -67,7 +67,7 @@ var ServerCookiesProvider = class {
 	});
 	onAction = $hook({
 		on: "action:onRequest",
-		handler: async ({ request }) => {
+		handler: ({ request }) => {
 			request.cookies = {
 				req: this.cookieParser.parseRequestCookies(request.headers.cookie ?? ""),
 				res: {}
@@ -76,7 +76,7 @@ var ServerCookiesProvider = class {
 	});
 	onSend = $hook({
 		on: "server:onSend",
-		handler: async ({ request }) => {
+		handler: ({ request }) => {
 			if (request.cookies && Object.keys(request.cookies.res).length > 0) {
 				const setCookieHeaders = this.cookieParser.serializeResponseCookies(request.cookies.res, request.url.protocol === "https:");
 				if (setCookieHeaders.length > 0) request.reply.headers["set-cookie"] = setCookieHeaders;

package/dist/server/cookies/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","names":[],"sources":["../../../src/server/cookies/services/CookieParser.ts","../../../src/server/cookies/providers/ServerCookiesProvider.ts","../../../src/server/cookies/primitives/$cookie.ts","../../../src/server/cookies/index.ts"],"sourcesContent":["import type { Cookie } from \"../primitives/$cookie.ts\";\n\nexport class CookieParser {\n  public parseRequestCookies(header: string): Record<string, string> {\n    const cookies: Record<string, string> = {};\n    const parts = header.split(\";\");\n    for (const part of parts) {\n      const [key, value] = part.split(\"=\");\n      if (!key || !value) {\n        continue;\n      }\n\n      cookies[key.trim()] = value.trim();\n    }\n\n    return cookies;\n  }\n\n  public serializeResponseCookies(\n    cookies: Record<string, Cookie | null>,\n    isHttps: boolean,\n  ): string[] {\n    const headers = [];\n\n    for (const [name, cookie] of Object.entries(cookies)) {\n      // If the cookie is null, we need to delete it\n      if (cookie == null) {\n        headers.push(`${name}=; Path=/; Max-Age=0`);\n        continue;\n      }\n\n      if (!cookie.value) {\n        continue;\n      }\n\n      headers.push(this.cookieToString(name, cookie, isHttps));\n    }\n\n    return headers;\n  }\n\n  public cookieToString(\n    name: string,\n    cookie: Cookie,\n    isHttps?: boolean,\n  ): string {\n    const parts: string[] = [];\n\n    parts.push(`${name}=${cookie.value}`);\n\n    if (cookie.path) {\n      parts.push(`Path=${cookie.path}`);\n    }\n    if (cookie.maxAge) {\n      parts.push(`Max-Age=${cookie.maxAge}`);\n    }\n    if (cookie.secure !== false && isHttps) {\n      parts.push(\"Secure\");\n    }\n    if (cookie.httpOnly) {\n      parts.push(\"HttpOnly\");\n    }\n    if (cookie.sameSite) {\n      parts.push(`SameSite=${cookie.sameSite}`);\n    }\n    if (cookie.domain) {\n      parts.push(`Domain=${cookie.domain}`);\n    }\n\n    return parts.join(\"; \");\n  }\n}\n","import {\n  createCipheriv,\n  createDecipheriv,\n  createHmac,\n  randomBytes,\n  timingSafeEqual,\n} from \"node:crypto\";\nimport { deflateRawSync, inflateRawSync } from \"node:zlib\";\nimport {\n  $env,\n  $hook,\n  $inject,\n  Alepha,\n  AlephaError,\n  type Static,\n  type TSchema,\n  t,\n} from \"alepha\";\nimport { DateTimeProvider } from \"alepha/datetime\";\nimport { $logger } from \"alepha/logger\";\nimport { DEFAULT_APP_SECRET } from \"alepha/security\";\nimport type { ServerRequest } from \"alepha/server\";\nimport type {\n  Cookie,\n  CookiePrimitiveOptions,\n  Cookies,\n} from \"../primitives/$cookie.ts\";\nimport { CookieParser } from \"../services/CookieParser.ts\";\n\nconst envSchema = t.object({\n  APP_SECRET: t.text({\n    default: DEFAULT_APP_SECRET,\n  }),\n});\n\nexport class ServerCookiesProvider {\n  protected readonly alepha = $inject(Alepha);\n  protected readonly log = $logger();\n  protected readonly cookieParser = $inject(CookieParser);\n  protected readonly dateTimeProvider = $inject(DateTimeProvider);\n  protected readonly env = $env(envSchema);\n\n  // crypto constants\n  protected readonly ALGORITHM = \"aes-256-gcm\";\n  protected readonly IV_LENGTH = 16; // For GCM\n  protected readonly AUTH_TAG_LENGTH = 16;\n  protected readonly SIGNATURE_LENGTH = 32; // For SHA256\n\n  public readonly onRequest = $hook({\n    on: \"server:onRequest\",\n    handler: async ({ request }) => {\n      request.cookies = {\n        req: this.cookieParser.parseRequestCookies(\n          request.headers.cookie ?? \"\",\n        ),\n        res: {},\n      };\n    },\n  });\n\n  public readonly onAction = $hook({\n    on: \"action:onRequest\",\n    handler: async ({ request }) => {\n      request.cookies = {\n        req: this.cookieParser.parseRequestCookies(\n          request.headers.cookie ?? \"\",\n        ),\n        res: {},\n      };\n    },\n  });\n\n  public readonly onSend = $hook({\n    on: \"server:onSend\",\n    handler: async ({ request }) => {\n      if (request.cookies && Object.keys(request.cookies.res).length > 0) {\n        const setCookieHeaders = this.cookieParser.serializeResponseCookies(\n          request.cookies.res,\n          request.url.protocol === \"https:\",\n        );\n        if (setCookieHeaders.length > 0) {\n          request.reply.headers[\"set-cookie\"] = setCookieHeaders;\n        }\n      }\n    },\n  });\n\n  protected getCookiesFromContext(cookies?: Cookies): Cookies {\n    const contextCookies =\n      this.alepha.context.get<ServerRequest>(\"request\")?.cookies;\n    if (cookies) return cookies;\n    if (contextCookies) return contextCookies;\n    throw new AlephaError(\n      \"Cookie context is not available. This method must be called within a server request cycle.\",\n    );\n  }\n\n  public getCookie<T extends TSchema>(\n    name: string,\n    options: CookiePrimitiveOptions<T>,\n    contextCookies?: Cookies,\n  ): Static<T> | undefined {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    let rawValue = cookies.req[name];\n\n    if (!rawValue) return undefined;\n\n    try {\n      rawValue = decodeURIComponent(rawValue);\n\n      if (options.sign) {\n        const signature = rawValue.substring(0, this.SIGNATURE_LENGTH * 2);\n        const value = rawValue.substring(this.SIGNATURE_LENGTH * 2);\n        const expectedSignature = this.sign(value);\n\n        if (\n          !timingSafeEqual(\n            Buffer.from(signature, \"hex\"),\n            Buffer.from(expectedSignature, \"hex\"),\n          )\n        ) {\n          this.log.warn(`Invalid signature for cookie \"${name}\".`);\n          return undefined;\n        }\n        rawValue = value;\n      }\n\n      if (options.encrypt) {\n        rawValue = this.decrypt(rawValue);\n      }\n\n      if (options.compress) {\n        rawValue = inflateRawSync(Buffer.from(rawValue, \"base64\")).toString(\n          \"utf8\",\n        );\n      }\n\n      return this.alepha.codec.decode(options.schema, JSON.parse(rawValue));\n    } catch (error) {\n      this.log.warn(`Failed to parse cookie \"${name}\"`, error);\n      // corrupted or invalid cookie, instruct browser to delete it on next response\n      this.deleteCookie(name, cookies);\n      return undefined;\n    }\n  }\n\n  public setCookie<T extends TSchema>(\n    name: string,\n    options: CookiePrimitiveOptions<T>,\n    data: Static<T>,\n    contextCookies?: Cookies,\n  ): void {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    let value = JSON.stringify(this.alepha.codec.decode(options.schema, data));\n\n    if (options.compress) {\n      value = deflateRawSync(value).toString(\"base64\");\n    }\n\n    if (options.encrypt) {\n      value = this.encrypt(value);\n    }\n\n    if (options.sign) {\n      value = this.sign(value) + value;\n    }\n\n    const cookie: Cookie = {\n      value: encodeURIComponent(value),\n      path: options.path ?? \"/\",\n      sameSite: options.sameSite ?? \"lax\",\n      secure: options.secure ?? this.alepha.isProduction(),\n      httpOnly: options.httpOnly,\n      domain: options.domain,\n    };\n\n    if (options.ttl) {\n      cookie.maxAge = this.dateTimeProvider.duration(options.ttl).as(\"seconds\");\n    }\n\n    cookies.res[name] = cookie;\n  }\n\n  public deleteCookie<T extends TSchema>(\n    name: string,\n    contextCookies?: Cookies,\n  ): void {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    cookies.res[name] = null;\n  }\n\n  // --- Crypto & Parsing ---\n\n  protected encrypt(text: string): string {\n    const iv = randomBytes(this.IV_LENGTH);\n    const cipher = createCipheriv(\n      this.ALGORITHM,\n      Buffer.from(this.secretKey()),\n      iv,\n    );\n    const encrypted = Buffer.concat([\n      cipher.update(text, \"utf8\"),\n      cipher.final(),\n    ]);\n    const authTag = cipher.getAuthTag();\n    return Buffer.concat([iv, authTag, encrypted]).toString(\"base64\");\n  }\n\n  protected decrypt(encryptedText: string): string {\n    const data = Buffer.from(encryptedText, \"base64\");\n    const iv = data.subarray(0, this.IV_LENGTH);\n    const authTag = data.subarray(\n      this.IV_LENGTH,\n      this.IV_LENGTH + this.AUTH_TAG_LENGTH,\n    );\n\n    const encrypted = data.subarray(this.IV_LENGTH + this.AUTH_TAG_LENGTH);\n    const decipher = createDecipheriv(\n      this.ALGORITHM,\n      Buffer.from(this.secretKey()),\n      iv,\n    );\n\n    decipher.setAuthTag(authTag);\n\n    const decrypted = Buffer.concat([\n      decipher.update(encrypted),\n      decipher.final(),\n    ]);\n\n    return decrypted.toString(\"utf8\");\n  }\n\n  public secretKey(): string {\n    let secret = this.env.APP_SECRET;\n    if (secret.length < 32) {\n      // pad secret to 32 bytes\n      secret = secret.padEnd(32, \"0\");\n    } else if (secret.length > 32) {\n      // truncate secret to 32 bytes\n      secret = secret.substring(0, 32);\n    }\n    return secret;\n  }\n\n  protected sign(data: string): string {\n    return createHmac(\"sha256\", this.secretKey()).update(data).digest(\"hex\");\n  }\n}\n","import {\n  $inject,\n  createPrimitive,\n  KIND,\n  Primitive,\n  type Static,\n  type TSchema,\n} from \"alepha\";\nimport type { DurationLike } from \"alepha/datetime\";\nimport { ServerCookiesProvider } from \"../providers/ServerCookiesProvider.ts\";\n\n/**\n * Declares a type-safe, configurable HTTP cookie.\n * This primitive provides methods to get, set, and delete the cookie\n * within the server request/response cycle.\n */\nexport const $cookie = <T extends TSchema>(\n  options: CookiePrimitiveOptions<T>,\n): AbstractCookiePrimitive<T> => {\n  return createPrimitive(CookiePrimitive<T>, options);\n};\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport interface CookiePrimitiveOptions<T extends TSchema> {\n  /** The schema for the cookie's value, used for validation and type safety. */\n  schema: T;\n\n  /** The name of the cookie. */\n  name?: string;\n\n  /** The cookie's path. Defaults to \"/\". */\n  path?: string;\n\n  /** Time-to-live for the cookie. Maps to `Max-Age`. */\n  ttl?: DurationLike;\n\n  /** If true, the cookie is only sent over HTTPS. Defaults to true in production. */\n  secure?: boolean;\n\n  /** If true, the cookie cannot be accessed by client-side scripts. */\n  httpOnly?: boolean;\n\n  /** SameSite policy for the cookie. Defaults to \"lax\". */\n  sameSite?: \"strict\" | \"lax\" | \"none\";\n\n  /** The domain for the cookie. */\n  domain?: string;\n\n  /** If true, the cookie value will be compressed using zlib. */\n  compress?: boolean;\n\n  /** If true, the cookie value will be encrypted. Requires `COOKIE_SECRET` env var. */\n  encrypt?: boolean;\n\n  /** If true, the cookie will be signed to prevent tampering. Requires `COOKIE_SECRET` env var. */\n  sign?: boolean;\n}\n\nexport interface AbstractCookiePrimitive<T extends TSchema> {\n  readonly name: string;\n  readonly options: CookiePrimitiveOptions<T>;\n  set(\n    value: Static<T>,\n    options?: { cookies?: Cookies; ttl?: DurationLike },\n  ): void;\n  get(options?: { cookies?: Cookies }): Static<T> | undefined;\n  del(options?: { cookies?: Cookies }): void;\n}\n\nexport class CookiePrimitive<T extends TSchema>\n  extends Primitive<CookiePrimitiveOptions<T>>\n  implements AbstractCookiePrimitive<T>\n{\n  protected readonly serverCookiesProvider = $inject(ServerCookiesProvider);\n\n  public get schema(): T {\n    return this.options.schema;\n  }\n\n  public get name(): string {\n    return this.options.name ?? `${this.config.propertyKey}`;\n  }\n\n  /**\n   * Sets the cookie with the given value in the current request's response.\n   */\n  public set(\n    value: Static<T>,\n    options?: { cookies?: Cookies; ttl?: DurationLike },\n  ): void {\n    this.serverCookiesProvider.setCookie(\n      this.name,\n      {\n        ...this.options,\n        ttl: options?.ttl ?? this.options.ttl,\n      },\n      value,\n      options?.cookies,\n    );\n  }\n\n  /**\n   * Gets the cookie value from the current request. Returns undefined if not found or invalid.\n   */\n  public get(options?: { cookies?: Cookies }): Static<T> | undefined {\n    return this.serverCookiesProvider.getCookie(\n      this.name,\n      this.options,\n      options?.cookies,\n    );\n  }\n\n  /**\n   * Deletes the cookie in the current request's response.\n   */\n  public del(options?: { cookies?: Cookies }): void {\n    this.serverCookiesProvider.deleteCookie(this.name, options?.cookies);\n  }\n}\n\n$cookie[KIND] = CookiePrimitive;\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport interface Cookies {\n  req: Record<string, string>;\n  res: Record<string, Cookie | null>;\n}\n\nexport interface Cookie {\n  value: string;\n  path?: string;\n  maxAge?: number;\n  secure?: boolean;\n  httpOnly?: boolean;\n  sameSite?: \"strict\" | \"lax\" | \"none\";\n  domain?: string;\n}\n","import { $module } from \"alepha\";\nimport { AlephaServer } from \"alepha/server\";\nimport { $cookie, type Cookies } from \"./primitives/$cookie.ts\";\nimport { ServerCookiesProvider } from \"./providers/ServerCookiesProvider.ts\";\nimport { CookieParser } from \"./services/CookieParser.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./primitives/$cookie.ts\";\nexport * from \"./providers/ServerCookiesProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\ndeclare module \"alepha/server\" {\n  interface ServerRequest {\n    cookies: Cookies;\n  }\n}\n\n/**\n * Provides HTTP cookie management capabilities for server requests and responses with type-safe cookie primitives.\n *\n * The server-cookies module enables declarative cookie handling using the `$cookie` primitive on class properties.\n * It offers automatic cookie parsing, secure cookie configuration, and seamless integration with server routes\n * for managing user sessions, preferences, and authentication tokens.\n *\n * @see {@link $cookie}\n * @module alepha.server.cookies\n */\nexport const AlephaServerCookies = $module({\n  name: \"alepha.server.cookies\",\n  primitives: [$cookie],\n  services: [AlephaServer, ServerCookiesProvider, CookieParser],\n});\n"],"mappings":";;;;;;;;;AAEA,IAAa,eAAb,MAA0B;CACxB,AAAO,oBAAoB,QAAwC;EACjE,MAAM,UAAkC,EAAE;EAC1C,MAAM,QAAQ,OAAO,MAAM,IAAI;AAC/B,OAAK,MAAM,QAAQ,OAAO;GACxB,MAAM,CAAC,KAAK,SAAS,KAAK,MAAM,IAAI;AACpC,OAAI,CAAC,OAAO,CAAC,MACX;AAGF,WAAQ,IAAI,MAAM,IAAI,MAAM,MAAM;;AAGpC,SAAO;;CAGT,AAAO,yBACL,SACA,SACU;EACV,MAAM,UAAU,EAAE;AAElB,OAAK,MAAM,CAAC,MAAM,WAAW,OAAO,QAAQ,QAAQ,EAAE;AAEpD,OAAI,UAAU,MAAM;AAClB,YAAQ,KAAK,GAAG,KAAK,sBAAsB;AAC3C;;AAGF,OAAI,CAAC,OAAO,MACV;AAGF,WAAQ,KAAK,KAAK,eAAe,MAAM,QAAQ,QAAQ,CAAC;;AAG1D,SAAO;;CAGT,AAAO,eACL,MACA,QACA,SACQ;EACR,MAAM,QAAkB,EAAE;AAE1B,QAAM,KAAK,GAAG,KAAK,GAAG,OAAO,QAAQ;AAErC,MAAI,OAAO,KACT,OAAM,KAAK,QAAQ,OAAO,OAAO;AAEnC,MAAI,OAAO,OACT,OAAM,KAAK,WAAW,OAAO,SAAS;AAExC,MAAI,OAAO,WAAW,SAAS,QAC7B,OAAM,KAAK,SAAS;AAEtB,MAAI,OAAO,SACT,OAAM,KAAK,WAAW;AAExB,MAAI,OAAO,SACT,OAAM,KAAK,YAAY,OAAO,WAAW;AAE3C,MAAI,OAAO,OACT,OAAM,KAAK,UAAU,OAAO,SAAS;AAGvC,SAAO,MAAM,KAAK,KAAK;;;;;;ACxC3B,MAAM,YAAY,EAAE,OAAO,EACzB,YAAY,EAAE,KAAK,EACjB,SAAS,oBACV,CAAC,EACH,CAAC;AAEF,IAAa,wBAAb,MAAmC;CACjC,AAAmB,SAAS,QAAQ,OAAO;CAC3C,AAAmB,MAAM,SAAS;CAClC,AAAmB,eAAe,QAAQ,aAAa;CACvD,AAAmB,mBAAmB,QAAQ,iBAAiB;CAC/D,AAAmB,MAAM,KAAK,UAAU;CAGxC,AAAmB,YAAY;CAC/B,AAAmB,YAAY;CAC/B,AAAmB,kBAAkB;CACrC,AAAmB,mBAAmB;CAEtC,AAAgB,YAAY,MAAM;EAChC,IAAI;EACJ,SAAS,OAAO,EAAE,cAAc;AAC9B,WAAQ,UAAU;IAChB,KAAK,KAAK,aAAa,oBACrB,QAAQ,QAAQ,UAAU,GAC3B;IACD,KAAK,EAAE;IACR;;EAEJ,CAAC;CAEF,AAAgB,WAAW,MAAM;EAC/B,IAAI;EACJ,SAAS,OAAO,EAAE,cAAc;AAC9B,WAAQ,UAAU;IAChB,KAAK,KAAK,aAAa,oBACrB,QAAQ,QAAQ,UAAU,GAC3B;IACD,KAAK,EAAE;IACR;;EAEJ,CAAC;CAEF,AAAgB,SAAS,MAAM;EAC7B,IAAI;EACJ,SAAS,OAAO,EAAE,cAAc;AAC9B,OAAI,QAAQ,WAAW,OAAO,KAAK,QAAQ,QAAQ,IAAI,CAAC,SAAS,GAAG;IAClE,MAAM,mBAAmB,KAAK,aAAa,yBACzC,QAAQ,QAAQ,KAChB,QAAQ,IAAI,aAAa,SAC1B;AACD,QAAI,iBAAiB,SAAS,EAC5B,SAAQ,MAAM,QAAQ,gBAAgB;;;EAI7C,CAAC;CAEF,AAAU,sBAAsB,SAA4B;EAC1D,MAAM,iBACJ,KAAK,OAAO,QAAQ,IAAmB,UAAU,EAAE;AACrD,MAAI,QAAS,QAAO;AACpB,MAAI,eAAgB,QAAO;AAC3B,QAAM,IAAI,YACR,6FACD;;CAGH,AAAO,UACL,MACA,SACA,gBACuB;EACvB,MAAM,UAAU,KAAK,sBAAsB,eAAe;EAC1D,IAAI,WAAW,QAAQ,IAAI;AAE3B,MAAI,CAAC,SAAU,QAAO;AAEtB,MAAI;AACF,cAAW,mBAAmB,SAAS;AAEvC,OAAI,QAAQ,MAAM;IAChB,MAAM,YAAY,SAAS,UAAU,GAAG,KAAK,mBAAmB,EAAE;IAClE,MAAM,QAAQ,SAAS,UAAU,KAAK,mBAAmB,EAAE;IAC3D,MAAM,oBAAoB,KAAK,KAAK,MAAM;AAE1C,QACE,CAAC,gBACC,OAAO,KAAK,WAAW,MAAM,EAC7B,OAAO,KAAK,mBAAmB,MAAM,CACtC,EACD;AACA,UAAK,IAAI,KAAK,iCAAiC,KAAK,IAAI;AACxD;;AAEF,eAAW;;AAGb,OAAI,QAAQ,QACV,YAAW,KAAK,QAAQ,SAAS;AAGnC,OAAI,QAAQ,SACV,YAAW,eAAe,OAAO,KAAK,UAAU,SAAS,CAAC,CAAC,SACzD,OACD;AAGH,UAAO,KAAK,OAAO,MAAM,OAAO,QAAQ,QAAQ,KAAK,MAAM,SAAS,CAAC;WAC9D,OAAO;AACd,QAAK,IAAI,KAAK,2BAA2B,KAAK,IAAI,MAAM;AAExD,QAAK,aAAa,MAAM,QAAQ;AAChC;;;CAIJ,AAAO,UACL,MACA,SACA,MACA,gBACM;EACN,MAAM,UAAU,KAAK,sBAAsB,eAAe;EAC1D,IAAI,QAAQ,KAAK,UAAU,KAAK,OAAO,MAAM,OAAO,QAAQ,QAAQ,KAAK,CAAC;AAE1E,MAAI,QAAQ,SACV,SAAQ,eAAe,MAAM,CAAC,SAAS,SAAS;AAGlD,MAAI,QAAQ,QACV,SAAQ,KAAK,QAAQ,MAAM;AAG7B,MAAI,QAAQ,KACV,SAAQ,KAAK,KAAK,MAAM,GAAG;EAG7B,MAAM,SAAiB;GACrB,OAAO,mBAAmB,MAAM;GAChC,MAAM,QAAQ,QAAQ;GACtB,UAAU,QAAQ,YAAY;GAC9B,QAAQ,QAAQ,UAAU,KAAK,OAAO,cAAc;GACpD,UAAU,QAAQ;GAClB,QAAQ,QAAQ;GACjB;AAED,MAAI,QAAQ,IACV,QAAO,SAAS,KAAK,iBAAiB,SAAS,QAAQ,IAAI,CAAC,GAAG,UAAU;AAG3E,UAAQ,IAAI,QAAQ;;CAGtB,AAAO,aACL,MACA,gBACM;EACN,MAAM,UAAU,KAAK,sBAAsB,eAAe;AAC1D,UAAQ,IAAI,QAAQ;;CAKtB,AAAU,QAAQ,MAAsB;EACtC,MAAM,KAAK,YAAY,KAAK,UAAU;EACtC,MAAM,SAAS,eACb,KAAK,WACL,OAAO,KAAK,KAAK,WAAW,CAAC,EAC7B,GACD;EACD,MAAM,YAAY,OAAO,OAAO,CAC9B,OAAO,OAAO,MAAM,OAAO,EAC3B,OAAO,OAAO,CACf,CAAC;EACF,MAAM,UAAU,OAAO,YAAY;AACnC,SAAO,OAAO,OAAO;GAAC;GAAI;GAAS;GAAU,CAAC,CAAC,SAAS,SAAS;;CAGnE,AAAU,QAAQ,eAA+B;EAC/C,MAAM,OAAO,OAAO,KAAK,eAAe,SAAS;EACjD,MAAM,KAAK,KAAK,SAAS,GAAG,KAAK,UAAU;EAC3C,MAAM,UAAU,KAAK,SACnB,KAAK,WACL,KAAK,YAAY,KAAK,gBACvB;EAED,MAAM,YAAY,KAAK,SAAS,KAAK,YAAY,KAAK,gBAAgB;EACtE,MAAM,WAAW,iBACf,KAAK,WACL,OAAO,KAAK,KAAK,WAAW,CAAC,EAC7B,GACD;AAED,WAAS,WAAW,QAAQ;AAO5B,SALkB,OAAO,OAAO,CAC9B,SAAS,OAAO,UAAU,EAC1B,SAAS,OAAO,CACjB,CAAC,CAEe,SAAS,OAAO;;CAGnC,AAAO,YAAoB;EACzB,IAAI,SAAS,KAAK,IAAI;AACtB,MAAI,OAAO,SAAS,GAElB,UAAS,OAAO,OAAO,IAAI,IAAI;WACtB,OAAO,SAAS,GAEzB,UAAS,OAAO,UAAU,GAAG,GAAG;AAElC,SAAO;;CAGT,AAAU,KAAK,MAAsB;AACnC,SAAO,WAAW,UAAU,KAAK,WAAW,CAAC,CAAC,OAAO,KAAK,CAAC,OAAO,MAAM;;;;;;;;;;;ACtO5E,MAAa,WACX,YAC+B;AAC/B,QAAO,gBAAgB,iBAAoB,QAAQ;;AAmDrD,IAAa,kBAAb,cACU,UAEV;CACE,AAAmB,wBAAwB,QAAQ,sBAAsB;CAEzE,IAAW,SAAY;AACrB,SAAO,KAAK,QAAQ;;CAGtB,IAAW,OAAe;AACxB,SAAO,KAAK,QAAQ,QAAQ,GAAG,KAAK,OAAO;;;;;CAM7C,AAAO,IACL,OACA,SACM;AACN,OAAK,sBAAsB,UACzB,KAAK,MACL;GACE,GAAG,KAAK;GACR,KAAK,SAAS,OAAO,KAAK,QAAQ;GACnC,EACD,OACA,SAAS,QACV;;;;;CAMH,AAAO,IAAI,SAAwD;AACjE,SAAO,KAAK,sBAAsB,UAChC,KAAK,MACL,KAAK,SACL,SAAS,QACV;;;;;CAMH,AAAO,IAAI,SAAuC;AAChD,OAAK,sBAAsB,aAAa,KAAK,MAAM,SAAS,QAAQ;;;AAIxE,QAAQ,QAAQ;;;;;;;;;;;;;;AC5FhB,MAAa,sBAAsB,QAAQ;CACzC,MAAM;CACN,YAAY,CAAC,QAAQ;CACrB,UAAU;EAAC;EAAc;EAAuB;EAAa;CAC9D,CAAC"}
+{"version":3,"file":"index.js","names":[],"sources":["../../../src/server/cookies/services/CookieParser.ts","../../../src/server/cookies/providers/ServerCookiesProvider.ts","../../../src/server/cookies/primitives/$cookie.ts","../../../src/server/cookies/index.ts"],"sourcesContent":["import type { Cookie } from \"../primitives/$cookie.ts\";\n\nexport class CookieParser {\n  public parseRequestCookies(header: string): Record<string, string> {\n    const cookies: Record<string, string> = {};\n    const parts = header.split(\";\");\n    for (const part of parts) {\n      const [key, value] = part.split(\"=\");\n      if (!key || !value) {\n        continue;\n      }\n\n      cookies[key.trim()] = value.trim();\n    }\n\n    return cookies;\n  }\n\n  public serializeResponseCookies(\n    cookies: Record<string, Cookie | null>,\n    isHttps: boolean,\n  ): string[] {\n    const headers = [];\n\n    for (const [name, cookie] of Object.entries(cookies)) {\n      // If the cookie is null, we need to delete it\n      if (cookie == null) {\n        headers.push(`${name}=; Path=/; Max-Age=0`);\n        continue;\n      }\n\n      if (!cookie.value) {\n        continue;\n      }\n\n      headers.push(this.cookieToString(name, cookie, isHttps));\n    }\n\n    return headers;\n  }\n\n  public cookieToString(\n    name: string,\n    cookie: Cookie,\n    isHttps?: boolean,\n  ): string {\n    const parts: string[] = [];\n\n    parts.push(`${name}=${cookie.value}`);\n\n    if (cookie.path) {\n      parts.push(`Path=${cookie.path}`);\n    }\n    if (cookie.maxAge) {\n      parts.push(`Max-Age=${cookie.maxAge}`);\n    }\n    if (cookie.secure !== false && isHttps) {\n      parts.push(\"Secure\");\n    }\n    if (cookie.httpOnly) {\n      parts.push(\"HttpOnly\");\n    }\n    if (cookie.sameSite) {\n      parts.push(`SameSite=${cookie.sameSite}`);\n    }\n    if (cookie.domain) {\n      parts.push(`Domain=${cookie.domain}`);\n    }\n\n    return parts.join(\"; \");\n  }\n}\n","import {\n  createCipheriv,\n  createDecipheriv,\n  createHmac,\n  randomBytes,\n  timingSafeEqual,\n} from \"node:crypto\";\nimport { deflateRawSync, inflateRawSync } from \"node:zlib\";\nimport {\n  $env,\n  $hook,\n  $inject,\n  Alepha,\n  AlephaError,\n  type Static,\n  type TSchema,\n  t,\n} from \"alepha\";\nimport { DateTimeProvider } from \"alepha/datetime\";\nimport { $logger } from \"alepha/logger\";\nimport { DEFAULT_APP_SECRET } from \"alepha/security\";\nimport type { ServerRequest } from \"alepha/server\";\nimport type {\n  Cookie,\n  CookiePrimitiveOptions,\n  Cookies,\n} from \"../primitives/$cookie.ts\";\nimport { CookieParser } from \"../services/CookieParser.ts\";\n\nconst envSchema = t.object({\n  APP_SECRET: t.text({\n    default: DEFAULT_APP_SECRET,\n  }),\n});\n\nexport class ServerCookiesProvider {\n  protected readonly alepha = $inject(Alepha);\n  protected readonly log = $logger();\n  protected readonly cookieParser = $inject(CookieParser);\n  protected readonly dateTimeProvider = $inject(DateTimeProvider);\n  protected readonly env = $env(envSchema);\n\n  // crypto constants\n  protected readonly ALGORITHM = \"aes-256-gcm\";\n  protected readonly IV_LENGTH = 16; // For GCM\n  protected readonly AUTH_TAG_LENGTH = 16;\n  protected readonly SIGNATURE_LENGTH = 32; // For SHA256\n\n  public readonly onRequest = $hook({\n    on: \"server:onRequest\",\n    handler: ({ request }) => {\n      request.cookies = {\n        req: this.cookieParser.parseRequestCookies(\n          request.headers.cookie ?? \"\",\n        ),\n        res: {},\n      };\n    },\n  });\n\n  public readonly onAction = $hook({\n    on: \"action:onRequest\",\n    handler: ({ request }) => {\n      request.cookies = {\n        req: this.cookieParser.parseRequestCookies(\n          request.headers.cookie ?? \"\",\n        ),\n        res: {},\n      };\n    },\n  });\n\n  public readonly onSend = $hook({\n    on: \"server:onSend\",\n    handler: ({ request }) => {\n      if (request.cookies && Object.keys(request.cookies.res).length > 0) {\n        const setCookieHeaders = this.cookieParser.serializeResponseCookies(\n          request.cookies.res,\n          request.url.protocol === \"https:\",\n        );\n        if (setCookieHeaders.length > 0) {\n          request.reply.headers[\"set-cookie\"] = setCookieHeaders;\n        }\n      }\n    },\n  });\n\n  protected getCookiesFromContext(cookies?: Cookies): Cookies {\n    const contextCookies =\n      this.alepha.context.get<ServerRequest>(\"request\")?.cookies;\n    if (cookies) return cookies;\n    if (contextCookies) return contextCookies;\n    throw new AlephaError(\n      \"Cookie context is not available. This method must be called within a server request cycle.\",\n    );\n  }\n\n  public getCookie<T extends TSchema>(\n    name: string,\n    options: CookiePrimitiveOptions<T>,\n    contextCookies?: Cookies,\n  ): Static<T> | undefined {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    let rawValue = cookies.req[name];\n\n    if (!rawValue) return undefined;\n\n    try {\n      rawValue = decodeURIComponent(rawValue);\n\n      if (options.sign) {\n        const signature = rawValue.substring(0, this.SIGNATURE_LENGTH * 2);\n        const value = rawValue.substring(this.SIGNATURE_LENGTH * 2);\n        const expectedSignature = this.sign(value);\n\n        if (\n          !timingSafeEqual(\n            Buffer.from(signature, \"hex\"),\n            Buffer.from(expectedSignature, \"hex\"),\n          )\n        ) {\n          this.log.warn(`Invalid signature for cookie \"${name}\".`);\n          return undefined;\n        }\n        rawValue = value;\n      }\n\n      if (options.encrypt) {\n        rawValue = this.decrypt(rawValue);\n      }\n\n      if (options.compress) {\n        rawValue = inflateRawSync(Buffer.from(rawValue, \"base64\")).toString(\n          \"utf8\",\n        );\n      }\n\n      return this.alepha.codec.decode(options.schema, JSON.parse(rawValue));\n    } catch (error) {\n      this.log.warn(`Failed to parse cookie \"${name}\"`, error);\n      // corrupted or invalid cookie, instruct browser to delete it on next response\n      this.deleteCookie(name, cookies);\n      return undefined;\n    }\n  }\n\n  public setCookie<T extends TSchema>(\n    name: string,\n    options: CookiePrimitiveOptions<T>,\n    data: Static<T>,\n    contextCookies?: Cookies,\n  ): void {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    let value = JSON.stringify(this.alepha.codec.decode(options.schema, data));\n\n    if (options.compress) {\n      value = deflateRawSync(value).toString(\"base64\");\n    }\n\n    if (options.encrypt) {\n      value = this.encrypt(value);\n    }\n\n    if (options.sign) {\n      value = this.sign(value) + value;\n    }\n\n    const cookie: Cookie = {\n      value: encodeURIComponent(value),\n      path: options.path ?? \"/\",\n      sameSite: options.sameSite ?? \"lax\",\n      secure: options.secure ?? this.alepha.isProduction(),\n      httpOnly: options.httpOnly,\n      domain: options.domain,\n    };\n\n    if (options.ttl) {\n      cookie.maxAge = this.dateTimeProvider.duration(options.ttl).as(\"seconds\");\n    }\n\n    cookies.res[name] = cookie;\n  }\n\n  public deleteCookie<T extends TSchema>(\n    name: string,\n    contextCookies?: Cookies,\n  ): void {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    cookies.res[name] = null;\n  }\n\n  // --- Crypto & Parsing ---\n\n  protected encrypt(text: string): string {\n    const iv = randomBytes(this.IV_LENGTH);\n    const cipher = createCipheriv(\n      this.ALGORITHM,\n      Buffer.from(this.secretKey()),\n      iv,\n    );\n    const encrypted = Buffer.concat([\n      cipher.update(text, \"utf8\"),\n      cipher.final(),\n    ]);\n    const authTag = cipher.getAuthTag();\n    return Buffer.concat([iv, authTag, encrypted]).toString(\"base64\");\n  }\n\n  protected decrypt(encryptedText: string): string {\n    const data = Buffer.from(encryptedText, \"base64\");\n    const iv = data.subarray(0, this.IV_LENGTH);\n    const authTag = data.subarray(\n      this.IV_LENGTH,\n      this.IV_LENGTH + this.AUTH_TAG_LENGTH,\n    );\n\n    const encrypted = data.subarray(this.IV_LENGTH + this.AUTH_TAG_LENGTH);\n    const decipher = createDecipheriv(\n      this.ALGORITHM,\n      Buffer.from(this.secretKey()),\n      iv,\n    );\n\n    decipher.setAuthTag(authTag);\n\n    const decrypted = Buffer.concat([\n      decipher.update(encrypted),\n      decipher.final(),\n    ]);\n\n    return decrypted.toString(\"utf8\");\n  }\n\n  public secretKey(): string {\n    let secret = this.env.APP_SECRET;\n    if (secret.length < 32) {\n      // pad secret to 32 bytes\n      secret = secret.padEnd(32, \"0\");\n    } else if (secret.length > 32) {\n      // truncate secret to 32 bytes\n      secret = secret.substring(0, 32);\n    }\n    return secret;\n  }\n\n  protected sign(data: string): string {\n    return createHmac(\"sha256\", this.secretKey()).update(data).digest(\"hex\");\n  }\n}\n","import {\n  $inject,\n  createPrimitive,\n  KIND,\n  Primitive,\n  type Static,\n  type TSchema,\n} from \"alepha\";\nimport type { DurationLike } from \"alepha/datetime\";\nimport { ServerCookiesProvider } from \"../providers/ServerCookiesProvider.ts\";\n\n/**\n * Declares a type-safe, configurable HTTP cookie.\n * This primitive provides methods to get, set, and delete the cookie\n * within the server request/response cycle.\n */\nexport const $cookie = <T extends TSchema>(\n  options: CookiePrimitiveOptions<T>,\n): AbstractCookiePrimitive<T> => {\n  return createPrimitive(CookiePrimitive<T>, options);\n};\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport interface CookiePrimitiveOptions<T extends TSchema> {\n  /** The schema for the cookie's value, used for validation and type safety. */\n  schema: T;\n\n  /** The name of the cookie. */\n  name?: string;\n\n  /** The cookie's path. Defaults to \"/\". */\n  path?: string;\n\n  /** Time-to-live for the cookie. Maps to `Max-Age`. */\n  ttl?: DurationLike;\n\n  /** If true, the cookie is only sent over HTTPS. Defaults to true in production. */\n  secure?: boolean;\n\n  /** If true, the cookie cannot be accessed by client-side scripts. */\n  httpOnly?: boolean;\n\n  /** SameSite policy for the cookie. Defaults to \"lax\". */\n  sameSite?: \"strict\" | \"lax\" | \"none\";\n\n  /** The domain for the cookie. */\n  domain?: string;\n\n  /** If true, the cookie value will be compressed using zlib. */\n  compress?: boolean;\n\n  /** If true, the cookie value will be encrypted. Requires `COOKIE_SECRET` env var. */\n  encrypt?: boolean;\n\n  /** If true, the cookie will be signed to prevent tampering. Requires `COOKIE_SECRET` env var. */\n  sign?: boolean;\n}\n\nexport interface AbstractCookiePrimitive<T extends TSchema> {\n  readonly name: string;\n  readonly options: CookiePrimitiveOptions<T>;\n  set(\n    value: Static<T>,\n    options?: { cookies?: Cookies; ttl?: DurationLike },\n  ): void;\n  get(options?: { cookies?: Cookies }): Static<T> | undefined;\n  del(options?: { cookies?: Cookies }): void;\n}\n\nexport class CookiePrimitive<T extends TSchema>\n  extends Primitive<CookiePrimitiveOptions<T>>\n  implements AbstractCookiePrimitive<T>\n{\n  protected readonly serverCookiesProvider = $inject(ServerCookiesProvider);\n\n  public get schema(): T {\n    return this.options.schema;\n  }\n\n  public get name(): string {\n    return this.options.name ?? `${this.config.propertyKey}`;\n  }\n\n  /**\n   * Sets the cookie with the given value in the current request's response.\n   */\n  public set(\n    value: Static<T>,\n    options?: { cookies?: Cookies; ttl?: DurationLike },\n  ): void {\n    this.serverCookiesProvider.setCookie(\n      this.name,\n      {\n        ...this.options,\n        ttl: options?.ttl ?? this.options.ttl,\n      },\n      value,\n      options?.cookies,\n    );\n  }\n\n  /**\n   * Gets the cookie value from the current request. Returns undefined if not found or invalid.\n   */\n  public get(options?: { cookies?: Cookies }): Static<T> | undefined {\n    return this.serverCookiesProvider.getCookie(\n      this.name,\n      this.options,\n      options?.cookies,\n    );\n  }\n\n  /**\n   * Deletes the cookie in the current request's response.\n   */\n  public del(options?: { cookies?: Cookies }): void {\n    this.serverCookiesProvider.deleteCookie(this.name, options?.cookies);\n  }\n}\n\n$cookie[KIND] = CookiePrimitive;\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport interface Cookies {\n  req: Record<string, string>;\n  res: Record<string, Cookie | null>;\n}\n\nexport interface Cookie {\n  value: string;\n  path?: string;\n  maxAge?: number;\n  secure?: boolean;\n  httpOnly?: boolean;\n  sameSite?: \"strict\" | \"lax\" | \"none\";\n  domain?: string;\n}\n","import { $module } from \"alepha\";\nimport { AlephaServer } from \"alepha/server\";\nimport { $cookie, type Cookies } from \"./primitives/$cookie.ts\";\nimport { ServerCookiesProvider } from \"./providers/ServerCookiesProvider.ts\";\nimport { CookieParser } from \"./services/CookieParser.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./primitives/$cookie.ts\";\nexport * from \"./providers/ServerCookiesProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\ndeclare module \"alepha/server\" {\n  interface ServerRequest {\n    cookies: Cookies;\n  }\n}\n\n/**\n * Provides HTTP cookie management capabilities for server requests and responses with type-safe cookie primitives.\n *\n * The server-cookies module enables declarative cookie handling using the `$cookie` primitive on class properties.\n * It offers automatic cookie parsing, secure cookie configuration, and seamless integration with server routes\n * for managing user sessions, preferences, and authentication tokens.\n *\n * @see {@link $cookie}\n * @module alepha.server.cookies\n */\nexport const AlephaServerCookies = $module({\n  name: \"alepha.server.cookies\",\n  primitives: [$cookie],\n  services: [AlephaServer, ServerCookiesProvider, CookieParser],\n});\n"],"mappings":";;;;;;;;;AAEA,IAAa,eAAb,MAA0B;CACxB,AAAO,oBAAoB,QAAwC;EACjE,MAAM,UAAkC,EAAE;EAC1C,MAAM,QAAQ,OAAO,MAAM,IAAI;AAC/B,OAAK,MAAM,QAAQ,OAAO;GACxB,MAAM,CAAC,KAAK,SAAS,KAAK,MAAM,IAAI;AACpC,OAAI,CAAC,OAAO,CAAC,MACX;AAGF,WAAQ,IAAI,MAAM,IAAI,MAAM,MAAM;;AAGpC,SAAO;;CAGT,AAAO,yBACL,SACA,SACU;EACV,MAAM,UAAU,EAAE;AAElB,OAAK,MAAM,CAAC,MAAM,WAAW,OAAO,QAAQ,QAAQ,EAAE;AAEpD,OAAI,UAAU,MAAM;AAClB,YAAQ,KAAK,GAAG,KAAK,sBAAsB;AAC3C;;AAGF,OAAI,CAAC,OAAO,MACV;AAGF,WAAQ,KAAK,KAAK,eAAe,MAAM,QAAQ,QAAQ,CAAC;;AAG1D,SAAO;;CAGT,AAAO,eACL,MACA,QACA,SACQ;EACR,MAAM,QAAkB,EAAE;AAE1B,QAAM,KAAK,GAAG,KAAK,GAAG,OAAO,QAAQ;AAErC,MAAI,OAAO,KACT,OAAM,KAAK,QAAQ,OAAO,OAAO;AAEnC,MAAI,OAAO,OACT,OAAM,KAAK,WAAW,OAAO,SAAS;AAExC,MAAI,OAAO,WAAW,SAAS,QAC7B,OAAM,KAAK,SAAS;AAEtB,MAAI,OAAO,SACT,OAAM,KAAK,WAAW;AAExB,MAAI,OAAO,SACT,OAAM,KAAK,YAAY,OAAO,WAAW;AAE3C,MAAI,OAAO,OACT,OAAM,KAAK,UAAU,OAAO,SAAS;AAGvC,SAAO,MAAM,KAAK,KAAK;;;;;;ACxC3B,MAAM,YAAY,EAAE,OAAO,EACzB,YAAY,EAAE,KAAK,EACjB,SAAS,oBACV,CAAC,EACH,CAAC;AAEF,IAAa,wBAAb,MAAmC;CACjC,AAAmB,SAAS,QAAQ,OAAO;CAC3C,AAAmB,MAAM,SAAS;CAClC,AAAmB,eAAe,QAAQ,aAAa;CACvD,AAAmB,mBAAmB,QAAQ,iBAAiB;CAC/D,AAAmB,MAAM,KAAK,UAAU;CAGxC,AAAmB,YAAY;CAC/B,AAAmB,YAAY;CAC/B,AAAmB,kBAAkB;CACrC,AAAmB,mBAAmB;CAEtC,AAAgB,YAAY,MAAM;EAChC,IAAI;EACJ,UAAU,EAAE,cAAc;AACxB,WAAQ,UAAU;IAChB,KAAK,KAAK,aAAa,oBACrB,QAAQ,QAAQ,UAAU,GAC3B;IACD,KAAK,EAAE;IACR;;EAEJ,CAAC;CAEF,AAAgB,WAAW,MAAM;EAC/B,IAAI;EACJ,UAAU,EAAE,cAAc;AACxB,WAAQ,UAAU;IAChB,KAAK,KAAK,aAAa,oBACrB,QAAQ,QAAQ,UAAU,GAC3B;IACD,KAAK,EAAE;IACR;;EAEJ,CAAC;CAEF,AAAgB,SAAS,MAAM;EAC7B,IAAI;EACJ,UAAU,EAAE,cAAc;AACxB,OAAI,QAAQ,WAAW,OAAO,KAAK,QAAQ,QAAQ,IAAI,CAAC,SAAS,GAAG;IAClE,MAAM,mBAAmB,KAAK,aAAa,yBACzC,QAAQ,QAAQ,KAChB,QAAQ,IAAI,aAAa,SAC1B;AACD,QAAI,iBAAiB,SAAS,EAC5B,SAAQ,MAAM,QAAQ,gBAAgB;;;EAI7C,CAAC;CAEF,AAAU,sBAAsB,SAA4B;EAC1D,MAAM,iBACJ,KAAK,OAAO,QAAQ,IAAmB,UAAU,EAAE;AACrD,MAAI,QAAS,QAAO;AACpB,MAAI,eAAgB,QAAO;AAC3B,QAAM,IAAI,YACR,6FACD;;CAGH,AAAO,UACL,MACA,SACA,gBACuB;EACvB,MAAM,UAAU,KAAK,sBAAsB,eAAe;EAC1D,IAAI,WAAW,QAAQ,IAAI;AAE3B,MAAI,CAAC,SAAU,QAAO;AAEtB,MAAI;AACF,cAAW,mBAAmB,SAAS;AAEvC,OAAI,QAAQ,MAAM;IAChB,MAAM,YAAY,SAAS,UAAU,GAAG,KAAK,mBAAmB,EAAE;IAClE,MAAM,QAAQ,SAAS,UAAU,KAAK,mBAAmB,EAAE;IAC3D,MAAM,oBAAoB,KAAK,KAAK,MAAM;AAE1C,QACE,CAAC,gBACC,OAAO,KAAK,WAAW,MAAM,EAC7B,OAAO,KAAK,mBAAmB,MAAM,CACtC,EACD;AACA,UAAK,IAAI,KAAK,iCAAiC,KAAK,IAAI;AACxD;;AAEF,eAAW;;AAGb,OAAI,QAAQ,QACV,YAAW,KAAK,QAAQ,SAAS;AAGnC,OAAI,QAAQ,SACV,YAAW,eAAe,OAAO,KAAK,UAAU,SAAS,CAAC,CAAC,SACzD,OACD;AAGH,UAAO,KAAK,OAAO,MAAM,OAAO,QAAQ,QAAQ,KAAK,MAAM,SAAS,CAAC;WAC9D,OAAO;AACd,QAAK,IAAI,KAAK,2BAA2B,KAAK,IAAI,MAAM;AAExD,QAAK,aAAa,MAAM,QAAQ;AAChC;;;CAIJ,AAAO,UACL,MACA,SACA,MACA,gBACM;EACN,MAAM,UAAU,KAAK,sBAAsB,eAAe;EAC1D,IAAI,QAAQ,KAAK,UAAU,KAAK,OAAO,MAAM,OAAO,QAAQ,QAAQ,KAAK,CAAC;AAE1E,MAAI,QAAQ,SACV,SAAQ,eAAe,MAAM,CAAC,SAAS,SAAS;AAGlD,MAAI,QAAQ,QACV,SAAQ,KAAK,QAAQ,MAAM;AAG7B,MAAI,QAAQ,KACV,SAAQ,KAAK,KAAK,MAAM,GAAG;EAG7B,MAAM,SAAiB;GACrB,OAAO,mBAAmB,MAAM;GAChC,MAAM,QAAQ,QAAQ;GACtB,UAAU,QAAQ,YAAY;GAC9B,QAAQ,QAAQ,UAAU,KAAK,OAAO,cAAc;GACpD,UAAU,QAAQ;GAClB,QAAQ,QAAQ;GACjB;AAED,MAAI,QAAQ,IACV,QAAO,SAAS,KAAK,iBAAiB,SAAS,QAAQ,IAAI,CAAC,GAAG,UAAU;AAG3E,UAAQ,IAAI,QAAQ;;CAGtB,AAAO,aACL,MACA,gBACM;EACN,MAAM,UAAU,KAAK,sBAAsB,eAAe;AAC1D,UAAQ,IAAI,QAAQ;;CAKtB,AAAU,QAAQ,MAAsB;EACtC,MAAM,KAAK,YAAY,KAAK,UAAU;EACtC,MAAM,SAAS,eACb,KAAK,WACL,OAAO,KAAK,KAAK,WAAW,CAAC,EAC7B,GACD;EACD,MAAM,YAAY,OAAO,OAAO,CAC9B,OAAO,OAAO,MAAM,OAAO,EAC3B,OAAO,OAAO,CACf,CAAC;EACF,MAAM,UAAU,OAAO,YAAY;AACnC,SAAO,OAAO,OAAO;GAAC;GAAI;GAAS;GAAU,CAAC,CAAC,SAAS,SAAS;;CAGnE,AAAU,QAAQ,eAA+B;EAC/C,MAAM,OAAO,OAAO,KAAK,eAAe,SAAS;EACjD,MAAM,KAAK,KAAK,SAAS,GAAG,KAAK,UAAU;EAC3C,MAAM,UAAU,KAAK,SACnB,KAAK,WACL,KAAK,YAAY,KAAK,gBACvB;EAED,MAAM,YAAY,KAAK,SAAS,KAAK,YAAY,KAAK,gBAAgB;EACtE,MAAM,WAAW,iBACf,KAAK,WACL,OAAO,KAAK,KAAK,WAAW,CAAC,EAC7B,GACD;AAED,WAAS,WAAW,QAAQ;AAO5B,SALkB,OAAO,OAAO,CAC9B,SAAS,OAAO,UAAU,EAC1B,SAAS,OAAO,CACjB,CAAC,CAEe,SAAS,OAAO;;CAGnC,AAAO,YAAoB;EACzB,IAAI,SAAS,KAAK,IAAI;AACtB,MAAI,OAAO,SAAS,GAElB,UAAS,OAAO,OAAO,IAAI,IAAI;WACtB,OAAO,SAAS,GAEzB,UAAS,OAAO,UAAU,GAAG,GAAG;AAElC,SAAO;;CAGT,AAAU,KAAK,MAAsB;AACnC,SAAO,WAAW,UAAU,KAAK,WAAW,CAAC,CAAC,OAAO,KAAK,CAAC,OAAO,MAAM;;;;;;;;;;;ACtO5E,MAAa,WACX,YAC+B;AAC/B,QAAO,gBAAgB,iBAAoB,QAAQ;;AAmDrD,IAAa,kBAAb,cACU,UAEV;CACE,AAAmB,wBAAwB,QAAQ,sBAAsB;CAEzE,IAAW,SAAY;AACrB,SAAO,KAAK,QAAQ;;CAGtB,IAAW,OAAe;AACxB,SAAO,KAAK,QAAQ,QAAQ,GAAG,KAAK,OAAO;;;;;CAM7C,AAAO,IACL,OACA,SACM;AACN,OAAK,sBAAsB,UACzB,KAAK,MACL;GACE,GAAG,KAAK;GACR,KAAK,SAAS,OAAO,KAAK,QAAQ;GACnC,EACD,OACA,SAAS,QACV;;;;;CAMH,AAAO,IAAI,SAAwD;AACjE,SAAO,KAAK,sBAAsB,UAChC,KAAK,MACL,KAAK,SACL,SAAS,QACV;;;;;CAMH,AAAO,IAAI,SAAuC;AAChD,OAAK,sBAAsB,aAAa,KAAK,MAAM,SAAS,QAAQ;;;AAIxE,QAAQ,QAAQ;;;;;;;;;;;;;;AC5FhB,MAAa,sBAAsB,QAAQ;CACzC,MAAM;CACN,YAAY,CAAC,QAAQ;CACrB,UAAU;EAAC;EAAc;EAAuB;EAAa;CAC9D,CAAC"}