arcway 0.1.9 → 0.1.10

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "arcway",
-  "version": "0.1.9",
+  "version": "0.1.10",
   "description": "A convention-based framework for building modular monoliths with strict domain boundaries.",
   "license": "MIT",
   "type": "module",

package/server/bin/cli.js

@@ -11,6 +11,7 @@ import registerLint from './commands/lint.js';
 import registerGraphQLSchema from './commands/graphql-schema.js';
 import registerSchema from './commands/schema.js';
 import registerMigrate from './commands/migrate.js';
+import registerBootstrap from './commands/bootstrap.js';
 
 function getPackageVersion() {
   try {
@@ -36,6 +37,7 @@ function createProgram() {
   registerGraphQLSchema(program);
   registerSchema(program);
   registerMigrate(program);
+  registerBootstrap(program);
   return program;
 }
 

package/server/bin/commands/bootstrap.js

@@ -0,0 +1,147 @@
+import { existsSync, mkdirSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+
+const FILES = {
+  'arcway.config.js': `export default {
+  database: {
+    client: 'better-sqlite3',
+    connection: { filename: './data.db' },
+  },
+};
+`,
+
+  'api/index.js': `export const GET = {
+  handler: async (ctx) => {
+    return { data: { message: 'Hello from Arcway!' } };
+  },
+};
+`,
+
+  'api/users/index.js': `export const GET = {
+  handler: async (ctx) => {
+    const { db } = ctx;
+    const users = await db('users').select('*');
+    return { data: users };
+  },
+};
+
+export const POST = {
+  schema: {
+    body: { name: 'string', email: 'string.email' },
+  },
+  handler: async (ctx) => {
+    const { req, db, events } = ctx;
+    const [id] = await db('users').insert(req.body);
+    await events.emit('users/created', { id, ...req.body });
+    return { status: 201, data: { id } };
+  },
+};
+`,
+
+  'api/users/[id].js': `export const GET = {
+  handler: async (ctx) => {
+    const { req, db } = ctx;
+    const user = await db('users').where('id', req.query.id).first();
+    if (!user) return { status: 404, error: 'User not found' };
+    return { data: user };
+  },
+};
+`,
+
+  'listeners/users/created.js': `export default async (ctx) => {
+  const { event, log } = ctx;
+  log.info('New user created', { userId: event.payload.id });
+};
+`,
+
+  'jobs/cleanup-sessions.js': `export default {
+  schedule: '0 3 * * *', // Every day at 3 AM
+  handler: async (ctx) => {
+    const { db, log } = ctx;
+    const deleted = await db('sessions')
+      .where('expires_at', '<', new Date().toISOString())
+      .delete();
+    log.info('Cleaned up expired sessions', { deleted });
+  },
+};
+`,
+
+  'migrations/202601010000-create-users.js': `export async function up(knex) {
+  await knex.schema.createTable('users', (table) => {
+    table.increments('id').primary();
+    table.string('name').notNullable();
+    table.string('email').notNullable().unique();
+    table.timestamps(true, true);
+  });
+}
+
+export async function down(knex) {
+  await knex.schema.dropTableIfExists('users');
+}
+`,
+
+  'pages/index.jsx': `export default function Home() {
+  return (
+    <div style={{ padding: '2rem', fontFamily: 'system-ui' }}>
+      <h1>Welcome to Arcway</h1>
+      <p>Edit <code>pages/index.jsx</code> to get started.</p>
+    </div>
+  );
+}
+`,
+
+  '.env': `# NODE_ENV=development
+# SESSION_PASSWORD=change-me-to-a-random-32-char-string
+`,
+
+  '.gitignore': `node_modules/
+.build/
+data.db
+.env.local
+.env.*.local
+`,
+};
+
+function bootstrap(rootDir) {
+  let created = 0;
+  let skipped = 0;
+
+  for (const [relativePath, content] of Object.entries(FILES)) {
+    const fullPath = join(rootDir, relativePath);
+    if (existsSync(fullPath)) {
+      console.log(`  skip  ${relativePath} (already exists)`);
+      skipped++;
+      continue;
+    }
+    const dir = join(fullPath, '..');
+    mkdirSync(dir, { recursive: true });
+    writeFileSync(fullPath, content);
+    console.log(`  create  ${relativePath}`);
+    created++;
+  }
+
+  return { created, skipped };
+}
+
+function register(program) {
+  program
+    .command('bootstrap')
+    .description('Scaffold a new Arcway project in the current directory')
+    .action(() => {
+      const rootDir = process.cwd();
+      console.log(`\nBootstrapping Arcway project in ${rootDir}\n`);
+
+      const { created, skipped } = bootstrap(rootDir);
+
+      console.log(`\n  ${created} file(s) created, ${skipped} skipped\n`);
+
+      if (created > 0) {
+        console.log('Next steps:');
+        console.log('  npm install arcway better-sqlite3');
+        console.log('  npx arcway dev\n');
+      }
+    });
+}
+
+export default register;
+export { bootstrap };

package/server/config/modules/server.js

@@ -3,6 +3,7 @@ const DEFAULTS = {
   port: 3000,
   maxBodySize: 1024 * 1024,
   shutdownTimeoutMs: 10000,
+  trustProxy: false,
 };
 
 const DEFAULT_CORS = {

package/server/graphql/handler.js

@@ -17,14 +17,14 @@ function createGraphQLHandler(options) {
     cors: false,
     context: async ({ request }) => {
       const loaders = makeLoaders();
-      const requestId = request.headers.get('x-request-id') ?? randomUUID();
+      const id = request.headers.get('x-request-id') ?? randomUUID();
       const headers = {};
       request.headers.forEach((value, key) => {
         headers[key] = value;
       });
       const cookies = parseCookiesFromHeader(request.headers.get('cookie') ?? '');
       const session = await resolveSession(cookies, sessionConfig);
-      return { loaders, session, requestId, headers, cookies };
+      return { loaders, session, id, headers, cookies };
     },
     logging: log
       ? {

package/server/router/api-router.js

@@ -140,7 +140,7 @@ class ApiRouter {
     return buildContext(
       {
         ...this._appContext,
-        log: this._log.extend({ requestId: reqInfo.requestId }),
+        log: this._log.extend({ requestId: reqInfo.id }),
       },
       { req: reqInfo },
     );
@@ -197,7 +197,8 @@ class ApiRouter {
   async handle(req, res) {
     const method = req.method ?? 'GET';
     const pathname = (req.url ?? '/').split('?')[0];
-    const requestId = req.requestId;
+    const id = req.id;
+    const ip = req.ip;
     const startTime = Date.now();
 
     const matched = matchRoute(this._routes, method, pathname);
@@ -205,20 +206,25 @@ class ApiRouter {
 
     const { route, params } = matched;
 
+    // ── Body parsing control ──
+    const body = route.config.parseBody === false ? req.rawBody : req.body;
+
     // ── Validation ──
     const mergedQuery = { ...(req.query ?? {}), ...params };
-    const validated = validateRequest(route.config.schema, mergedQuery, req.body);
+    const validated = validateRequest(route.config.schema, mergedQuery, body);
     if (validated.error) {
       sendJson(res, 400, { error: validated.error });
       return true;
     }
 
     const reqInfo = {
-      requestId,
+      id,
+      ip,
       method,
       path: pathname,
       query: validated.query,
       body: validated.body,
+      rawBody: req.rawBody,
       headers: req.flatHeaders ?? flattenHeaders(req.headers),
       cookies: req.cookies ?? {},
       session: req.session,

package/server/web-server.js

@@ -83,12 +83,23 @@ class WebServer {
       }
     }
 
+    const trustProxy = config.server?.trustProxy ?? false;
+
     const requestHandler = (req, res) => {
       // ── Request ID ──
       const incomingId = req.headers['x-request-id'];
-      const requestId = (Array.isArray(incomingId) ? incomingId[0] : incomingId) ?? randomUUID();
-      res.setHeader('X-Request-Id', requestId);
-      req.requestId = requestId;
+      req.id = (Array.isArray(incomingId) ? incomingId[0] : incomingId) ?? randomUUID();
+      res.setHeader('X-Request-Id', req.id);
+
+      // ── Client IP ──
+      if (trustProxy) {
+        const forwarded = req.headers['x-forwarded-for'];
+        req.ip = forwarded
+          ? String(forwarded).split(',')[0].trim()
+          : req.headers['x-real-ip'] ?? req.socket?.remoteAddress ?? '127.0.0.1';
+      } else {
+        req.ip = req.socket?.remoteAddress ?? '127.0.0.1';
+      }
 
       // ── CORS ──
       if (corsConfig) {
@@ -124,7 +135,7 @@ class WebServer {
             res.end(JSON.stringify({ error: { code: ErrorCodes.INVALID_JSON, message: 'Request body is not valid JSON' } }));
             return;
           }
-          log.error('Unhandled error in request handler', { error: msg, requestId });
+          log.error('Unhandled error in request handler', { error: msg, requestId: req.id });
           res.writeHead(500, { 'Content-Type': 'application/json' });
           res.end(JSON.stringify({ error: { code: 'INTERNAL_ERROR', message: 'An unexpected error occurred' } }));
         });
@@ -177,6 +188,7 @@ class WebServer {
     // Body (POST/PUT/PATCH only)
     if (method === 'POST' || method === 'PUT' || method === 'PATCH') {
       const rawBody = await readBody(req, maxBodySize);
+      req.rawBody = rawBody;
       if (rawBody.length > 0) {
         const contentType = req.headers['content-type'] ?? '';
         if (contentType.includes('application/json')) {

package/server/ws/realtime.js

@@ -22,16 +22,16 @@ function createRealtimeServer(options) {
   function buildCtx(reqInfo) {
     const requestLog = {
       debug(message, data) {
-        appContext.log.debug(message, { ...data, requestId: reqInfo.requestId });
+        appContext.log.debug(message, { ...data, requestId: reqInfo.id });
       },
       info(message, data) {
-        appContext.log.info(message, { ...data, requestId: reqInfo.requestId });
+        appContext.log.info(message, { ...data, requestId: reqInfo.id });
       },
       warn(message, data) {
-        appContext.log.warn(message, { ...data, requestId: reqInfo.requestId });
+        appContext.log.warn(message, { ...data, requestId: reqInfo.id });
       },
       error(message, data) {
-        appContext.log.error(message, { ...data, requestId: reqInfo.requestId });
+        appContext.log.error(message, { ...data, requestId: reqInfo.id });
       },
     };
     return buildContext({ ...appContext, log: requestLog }, { req: reqInfo });
@@ -70,7 +70,7 @@ function createRealtimeServer(options) {
       ...params,
     };
     return {
-      requestId: randomUUID(),
+      id: randomUUID(),
       method: wsMsg.method,
       path: wsMsg.path,
       query: mergedQuery,

package/server/ws/ws-router.js

@@ -270,7 +270,7 @@ class WsRouter {
 
   _buildRequestInfo(client, wsMsg, params) {
     return {
-      requestId: randomUUID(),
+      id: randomUUID(),
       method: wsMsg.method,
       path: wsMsg.path,
       query: { ...(wsMsg.query ?? {}), ...params },