asaihost-nodejs 0.0.9 → 0.0.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. package/dist/InterventionLog-WNVDQFAH.cjs.map +1 -1
  2. package/dist/LogStore-AP4T2CFD.cjs.map +1 -1
  3. package/dist/asaihost-nodejs.cjs +708 -513
  4. package/dist/asaihost-nodejs.cjs.map +1 -1
  5. package/dist/asaihost-nodejs.es.js +319 -124
  6. package/dist/asaihost-nodejs.es.js.map +1 -1
  7. package/dist/chunk-2BCIIKRG.cjs.map +1 -1
  8. package/dist/{chunk-OTL2B4WS.es.js → chunk-3E4Y5ATG.es.js} +2 -2
  9. package/dist/{chunk-ZK4O4Z2O.cjs → chunk-5EWEKXQI.cjs} +20 -20
  10. package/dist/chunk-5EWEKXQI.cjs.map +1 -0
  11. package/dist/chunk-ARHPHWT5.cjs.map +1 -1
  12. package/dist/{chunk-GXOFLFFW.cjs → chunk-FRPN33BY.cjs} +3 -2
  13. package/dist/chunk-FRPN33BY.cjs.map +1 -0
  14. package/dist/{chunk-WXW5DYNU.cjs → chunk-H2QP5J7X.cjs} +9 -9
  15. package/dist/chunk-H2QP5J7X.cjs.map +1 -0
  16. package/dist/chunk-HR5JKN7Y.cjs.map +1 -1
  17. package/dist/{chunk-BOIRAQXE.es.js → chunk-M3NURHGU.es.js} +2 -1
  18. package/dist/chunk-O6LVLSNB.cjs.map +1 -1
  19. package/dist/chunk-OCEBEEP5.cjs.map +1 -1
  20. package/dist/chunk-SMVZ3ZDJ.cjs.map +1 -1
  21. package/dist/chunk-U2YJH2RW.cjs.map +1 -1
  22. package/dist/{chunk-5WJQD4RZ.es.js → chunk-UKZ3DP37.es.js} +3 -3
  23. package/dist/intervention-hooks-4NAAAZK3.cjs.map +1 -1
  24. package/dist/log-alert-LAJ6VSAG.cjs.map +1 -1
  25. package/dist/log-formats-TUXGMCCU.cjs.map +1 -1
  26. package/dist/{password-4P7IZUDQ.es.js → password-2ZBHQQBF.es.js} +3 -3
  27. package/dist/password-T762KJOI.cjs +20 -0
  28. package/dist/password-T762KJOI.cjs.map +1 -0
  29. package/dist/user-store-6QNAL4CK.cjs +12 -0
  30. package/dist/user-store-6QNAL4CK.cjs.map +1 -0
  31. package/dist/{user-store-FXD2N55G.es.js → user-store-ZI67TXSI.es.js} +3 -3
  32. package/package.json +1 -1
  33. package/dist/chunk-GXOFLFFW.cjs.map +0 -1
  34. package/dist/chunk-WXW5DYNU.cjs.map +0 -1
  35. package/dist/chunk-ZK4O4Z2O.cjs.map +0 -1
  36. package/dist/password-MDYRL6ZD.cjs +0 -20
  37. package/dist/password-MDYRL6ZD.cjs.map +0 -1
  38. package/dist/user-store-55HOLHEM.cjs +0 -12
  39. package/dist/user-store-55HOLHEM.cjs.map +0 -1
  40. /package/dist/{chunk-OTL2B4WS.es.js.map → chunk-3E4Y5ATG.es.js.map} +0 -0
  41. /package/dist/{chunk-BOIRAQXE.es.js.map → chunk-M3NURHGU.es.js.map} +0 -0
  42. /package/dist/{chunk-5WJQD4RZ.es.js.map → chunk-UKZ3DP37.es.js.map} +0 -0
  43. /package/dist/{password-4P7IZUDQ.es.js.map → password-2ZBHQQBF.es.js.map} +0 -0
  44. /package/dist/{user-store-FXD2N55G.es.js.map → user-store-ZI67TXSI.es.js.map} +0 -0
@@ -50,7 +50,7 @@ var _chunkO6LVLSNBcjs = require('./chunk-O6LVLSNB.cjs');
50
50
 
51
51
 
52
52
 
53
- var _chunkWXW5DYNUcjs = require('./chunk-WXW5DYNU.cjs');
53
+ var _chunkH2QP5J7Xcjs = require('./chunk-H2QP5J7X.cjs');
54
54
 
55
55
 
56
56
 
@@ -62,7 +62,7 @@ var _chunkWXW5DYNUcjs = require('./chunk-WXW5DYNU.cjs');
62
62
 
63
63
 
64
64
 
65
- var _chunkZK4O4Z2Ocjs = require('./chunk-ZK4O4Z2O.cjs');
65
+ var _chunk5EWEKXQIcjs = require('./chunk-5EWEKXQI.cjs');
66
66
 
67
67
 
68
68
 
@@ -75,7 +75,8 @@ var _chunkZK4O4Z2Ocjs = require('./chunk-ZK4O4Z2O.cjs');
75
75
 
76
76
 
77
77
 
78
- var _chunkGXOFLFFWcjs = require('./chunk-GXOFLFFW.cjs');
78
+
79
+ var _chunkFRPN33BYcjs = require('./chunk-FRPN33BY.cjs');
79
80
 
80
81
 
81
82
  var _chunk2BCIIKRGcjs = require('./chunk-2BCIIKRG.cjs');
@@ -814,8 +815,8 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, checkNtpOffset, "checkNtpOffset");
814
815
 
815
816
  // src/infra/config-integrity.ts
816
817
  var _crypto = require('crypto'); var _crypto2 = _interopRequireDefault(_crypto);
817
- var _fs = require('fs'); var fs3 = _interopRequireWildcard(_fs); var fs6 = _interopRequireWildcard(_fs); var fs4 = _interopRequireWildcard(_fs); var fs5 = _interopRequireWildcard(_fs); var fs8 = _interopRequireWildcard(_fs); var fs10 = _interopRequireWildcard(_fs);
818
- var _path = require('path'); var nodePath2 = _interopRequireWildcard(_path); var path2 = _interopRequireWildcard(_path); var nodePath = _interopRequireWildcard(_path); var nodePath3 = _interopRequireWildcard(_path); var path4 = _interopRequireWildcard(_path); var path6 = _interopRequireWildcard(_path); var path7 = _interopRequireWildcard(_path);
818
+ var _fs = require('fs'); var fs3 = _interopRequireWildcard(_fs); var fs6 = _interopRequireWildcard(_fs); var fs4 = _interopRequireWildcard(_fs); var fs5 = _interopRequireWildcard(_fs); var fs8 = _interopRequireWildcard(_fs); var fs11 = _interopRequireWildcard(_fs);
819
+ var _path = require('path'); var nodePath2 = _interopRequireWildcard(_path); var path2 = _interopRequireWildcard(_path); var nodePath = _interopRequireWildcard(_path); var nodePath3 = _interopRequireWildcard(_path); var path5 = _interopRequireWildcard(_path); var path7 = _interopRequireWildcard(_path); var path8 = _interopRequireWildcard(_path);
819
820
  function computeConfigHash(configPath) {
820
821
  try {
821
822
  const raw = fs3.default.readFileSync(configPath);
@@ -869,7 +870,7 @@ function initAsaiHostNodejs($asai, _opt) {
869
870
  resAES
870
871
  };
871
872
  }
872
- if (_chunkZK4O4Z2Ocjs.isDevDefaultPassword.call(void 0, _optionalChain([$asai, 'access', _102 => _102.hostconfig, 'optionalAccess', _103 => _103.password]) || "")) {
873
+ if (_chunk5EWEKXQIcjs.isDevDefaultPassword.call(void 0, _optionalChain([$asai, 'access', _102 => _102.hostconfig, 'optionalAccess', _103 => _103.password]) || "")) {
873
874
  logSecurityEvent($asai, {
874
875
  type: "CONFIG_WARN",
875
876
  detail: "Using dev-only password; set ASAI_HOST_PASSWORD for production (IEC 62443-4-2 CR 1.7)"
@@ -993,22 +994,27 @@ function terminateWs(wsclient) {
993
994
  }
994
995
  }
995
996
  _chunkSMVZ3ZDJcjs.__name.call(void 0, terminateWs, "terminateWs");
996
- async function clearStaleWsIfDead($asai, hostdir, us, existingWs) {
997
+ async function clearStaleWsIfDead($asai, hostdir, us, existingWs, timeoutMs) {
997
998
  if (!us || us === "asai") return true;
998
999
  const map = _optionalChain([$asai, 'access', _120 => _120.connectionsws, 'optionalAccess', _121 => _121[hostdir]]);
999
1000
  if (!existingWs) {
1000
1001
  if (_optionalChain([map, 'optionalAccess', _122 => _122[us]])) delete map[us];
1001
1002
  return true;
1002
1003
  }
1003
- if (!isWsStillActive(existingWs)) {
1004
+ if (existingWs._asaiKicked) {
1004
1005
  terminateWs(existingWs);
1005
1006
  if (_optionalChain([map, 'optionalAccess', _123 => _123[us]]) === existingWs) delete map[us];
1006
1007
  return true;
1007
1008
  }
1008
- const alive = await probeWsAlive($asai, existingWs);
1009
+ if (!isWsStillActive(existingWs)) {
1010
+ terminateWs(existingWs);
1011
+ if (_optionalChain([map, 'optionalAccess', _124 => _124[us]]) === existingWs) delete map[us];
1012
+ return true;
1013
+ }
1014
+ const alive = await probeWsAlive($asai, existingWs, timeoutMs);
1009
1015
  if (alive) return false;
1010
1016
  terminateWs(existingWs);
1011
- if (_optionalChain([map, 'optionalAccess', _124 => _124[us]]) === existingWs) delete map[us];
1017
+ if (_optionalChain([map, 'optionalAccess', _125 => _125[us]]) === existingWs) delete map[us];
1012
1018
  return true;
1013
1019
  }
1014
1020
  _chunkSMVZ3ZDJcjs.__name.call(void 0, clearStaleWsIfDead, "clearStaleWsIfDead");
@@ -1016,7 +1022,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, clearStaleWsIfDead, "clearStaleWsIfDead");
1016
1022
  // src/ws/auth.ts
1017
1023
  function getWsUserinfo(req, $asai) {
1018
1024
  try {
1019
- const raw = _optionalChain([req, 'access', _125 => _125.headers, 'optionalAccess', _126 => _126["sec-websocket-protocol"]]);
1025
+ const raw = _optionalChain([req, 'access', _126 => _126.headers, 'optionalAccess', _127 => _127["sec-websocket-protocol"]]);
1020
1026
  if (!raw) return null;
1021
1027
  return deUserInfoWithAsai(raw.split("##"), $asai);
1022
1028
  } catch (e20) {
@@ -1025,57 +1031,127 @@ function getWsUserinfo(req, $asai) {
1025
1031
  }
1026
1032
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getWsUserinfo, "getWsUserinfo");
1027
1033
  function listOnlineWsUsers($asai, hostdir) {
1034
+ return listOnlineWsEntries($asai, hostdir).map((e) => e.us);
1035
+ }
1036
+ _chunkSMVZ3ZDJcjs.__name.call(void 0, listOnlineWsUsers, "listOnlineWsUsers");
1037
+ function listOnlineWsEntries($asai, hostdir) {
1028
1038
  const users = [];
1039
+ const seen = /* @__PURE__ */ new Set();
1029
1040
  const map = $asai.connectionsws || {};
1030
1041
  const dirs = hostdir ? [hostdir] : Object.keys(map);
1031
1042
  for (const dir of dirs) {
1032
1043
  for (const [us, ws2] of Object.entries(map[dir] || {})) {
1033
1044
  if (!us || us === "asai") continue;
1034
1045
  if (isWsStillActive(ws2)) {
1035
- users.push(us);
1036
- } else if (_optionalChain([map, 'access', _127 => _127[dir], 'optionalAccess', _128 => _128[us]]) === ws2) {
1046
+ if (seen.has(us)) continue;
1047
+ seen.add(us);
1048
+ const rawLv = _optionalChain([ws2, 'optionalAccess', _128 => _128.Userinfo, 'optionalAccess', _129 => _129[1]]);
1049
+ if (rawLv === "" || rawLv == null) {
1050
+ users.push({ us, lv: null });
1051
+ } else {
1052
+ const lvNum = Number(rawLv);
1053
+ users.push({
1054
+ us,
1055
+ lv: Number.isFinite(lvNum) ? lvNum : null
1056
+ });
1057
+ }
1058
+ } else if (_optionalChain([map, 'access', _130 => _130[dir], 'optionalAccess', _131 => _131[us]]) === ws2) {
1037
1059
  delete map[dir][us];
1038
1060
  }
1039
1061
  }
1040
1062
  }
1041
- return [...new Set(users)];
1063
+ return users;
1042
1064
  }
1043
- _chunkSMVZ3ZDJcjs.__name.call(void 0, listOnlineWsUsers, "listOnlineWsUsers");
1065
+ _chunkSMVZ3ZDJcjs.__name.call(void 0, listOnlineWsEntries, "listOnlineWsEntries");
1044
1066
  function isUserOnlineOnWs($asai, us, hostdir) {
1045
1067
  if (!us || us === "asai") return false;
1046
1068
  const map = $asai.connectionsws || {};
1047
1069
  const dirs = hostdir ? [hostdir] : Object.keys(map);
1048
1070
  for (const dir of dirs) {
1049
- const ws2 = _optionalChain([map, 'access', _129 => _129[dir], 'optionalAccess', _130 => _130[us]]);
1071
+ const ws2 = _optionalChain([map, 'access', _132 => _132[dir], 'optionalAccess', _133 => _133[us]]);
1050
1072
  if (!ws2) continue;
1051
1073
  if (isWsStillActive(ws2)) return true;
1052
- if (_optionalChain([map, 'access', _131 => _131[dir], 'optionalAccess', _132 => _132[us]]) === ws2) delete map[dir][us];
1074
+ if (_optionalChain([map, 'access', _134 => _134[dir], 'optionalAccess', _135 => _135[us]]) === ws2) delete map[dir][us];
1053
1075
  }
1054
1076
  return false;
1055
1077
  }
1056
1078
  _chunkSMVZ3ZDJcjs.__name.call(void 0, isUserOnlineOnWs, "isUserOnlineOnWs");
1057
- function kickUserWs($asai, us, hostdir) {
1079
+ async function kickUserWs($asai, us, hostdir) {
1058
1080
  if (!us || us === "asai") return;
1059
1081
  const map = $asai.connectionsws || {};
1060
1082
  const dirs = hostdir ? [hostdir] : Object.keys(map);
1083
+ const waits = [];
1061
1084
  for (const dir of dirs) {
1062
- const ws2 = _optionalChain([map, 'access', _133 => _133[dir], 'optionalAccess', _134 => _134[us]]);
1085
+ const ws2 = _optionalChain([map, 'access', _136 => _136[dir], 'optionalAccess', _137 => _137[us]]);
1063
1086
  if (!ws2) continue;
1087
+ if (_optionalChain([map, 'access', _138 => _138[dir], 'optionalAccess', _139 => _139[us]]) === ws2) delete map[dir][us];
1064
1088
  try {
1065
- ws2.close();
1089
+ ws2._asaiKicked = Date.now();
1066
1090
  } catch (e21) {
1067
1091
  }
1068
- if (_optionalChain([map, 'access', _135 => _135[dir], 'optionalAccess', _136 => _136[us]]) === ws2) delete map[dir][us];
1092
+ waits.push(
1093
+ new Promise((resolve6) => {
1094
+ let done = false;
1095
+ const finish = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, () => {
1096
+ if (done) return;
1097
+ done = true;
1098
+ try {
1099
+ _optionalChain([ws2, 'access', _140 => _140.off, 'optionalCall', _141 => _141("close", finish)]);
1100
+ } catch (e22) {
1101
+ }
1102
+ resolve6();
1103
+ }, "finish");
1104
+ try {
1105
+ _optionalChain([ws2, 'access', _142 => _142.once, 'optionalCall', _143 => _143("close", finish)]);
1106
+ } catch (e23) {
1107
+ }
1108
+ const payload = JSON.stringify({
1109
+ ty: "publish/web",
1110
+ db: {
1111
+ exit: 1,
1112
+ type: "err",
1113
+ lang: "forcedout",
1114
+ langpm: `${us}`,
1115
+ con: `${us} forced out by another login`
1116
+ }
1117
+ });
1118
+ const hardClose = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, () => {
1119
+ try {
1120
+ if (typeof ws2.terminate === "function") ws2.terminate();
1121
+ else ws2.close();
1122
+ } catch (e24) {
1123
+ try {
1124
+ ws2.close();
1125
+ } catch (e25) {
1126
+ }
1127
+ }
1128
+ }, "hardClose");
1129
+ try {
1130
+ ws2.send(payload, () => {
1131
+ hardClose();
1132
+ finish();
1133
+ });
1134
+ } catch (e26) {
1135
+ hardClose();
1136
+ finish();
1137
+ }
1138
+ setTimeout(() => {
1139
+ hardClose();
1140
+ finish();
1141
+ }, 150);
1142
+ })
1143
+ );
1069
1144
  }
1145
+ if (waits.length) await Promise.all(waits);
1070
1146
  }
1071
1147
  _chunkSMVZ3ZDJcjs.__name.call(void 0, kickUserWs, "kickUserWs");
1072
1148
  async function removeSessionOnWsClose($asai, us, token) {
1073
1149
  try {
1074
- const store = _chunkZK4O4Z2Ocjs.createUserStore.call(void 0, $asai);
1150
+ const store = _chunk5EWEKXQIcjs.createUserStore.call(void 0, $asai);
1075
1151
  const sessions = await store.getSessions();
1076
1152
  const match = sessions.find((s) => s.us === us && s.pub === token);
1077
1153
  if (match) await store.removeSession(match.id);
1078
- } catch (e22) {
1154
+ } catch (e27) {
1079
1155
  }
1080
1156
  }
1081
1157
  _chunkSMVZ3ZDJcjs.__name.call(void 0, removeSessionOnWsClose, "removeSessionOnWsClose");
@@ -1085,13 +1161,13 @@ function rejectIncomingWs(ws2, db) {
1085
1161
  ws2.send(payload, () => {
1086
1162
  try {
1087
1163
  ws2.close();
1088
- } catch (e23) {
1164
+ } catch (e28) {
1089
1165
  }
1090
1166
  });
1091
- } catch (e24) {
1167
+ } catch (e29) {
1092
1168
  try {
1093
1169
  ws2.close();
1094
- } catch (e25) {
1170
+ } catch (e30) {
1095
1171
  }
1096
1172
  }
1097
1173
  }
@@ -1102,30 +1178,34 @@ async function isOkWs($asai, hostdir, ws2, _req, hostcfg) {
1102
1178
  ws2.close();
1103
1179
  return false;
1104
1180
  }
1105
- if (us !== "asai" && _optionalChain([$asai, 'access', _137 => _137.connectionsws, 'access', _138 => _138[hostdir], 'optionalAccess', _139 => _139[us]])) {
1181
+ if (us !== "asai" && _optionalChain([$asai, 'access', _144 => _144.connectionsws, 'access', _145 => _145[hostdir], 'optionalAccess', _146 => _146[us]])) {
1106
1182
  const existingWs = $asai.connectionsws[hostdir][us];
1107
- if (_optionalChain([existingWs, 'optionalAccess', _140 => _140.Userinfo, 'optionalAccess', _141 => _141[2]]) === tk) {
1108
- if (isWsStillActive(existingWs)) {
1109
- rejectIncomingWs(ws2, {
1110
- lang: "pageworking",
1111
- langpm: `${us}`,
1112
- con: `${us} page already running`
1113
- });
1114
- return false;
1115
- }
1116
- try {
1117
- existingWs.close();
1118
- } catch (e26) {
1183
+ if (_optionalChain([existingWs, 'optionalAccess', _147 => _147.Userinfo, 'optionalAccess', _148 => _148[2]]) === tk) {
1184
+ if (!isWsStillActive(existingWs)) {
1185
+ try {
1186
+ existingWs.close();
1187
+ } catch (e31) {
1188
+ }
1189
+ delete $asai.connectionsws[hostdir][us];
1190
+ return true;
1119
1191
  }
1120
- delete $asai.connectionsws[hostdir][us];
1121
- return true;
1192
+ const cleared2 = await clearStaleWsIfDead($asai, hostdir, us, existingWs, 800);
1193
+ if (cleared2) return true;
1194
+ rejectIncomingWs(ws2, {
1195
+ lang: "pageworking",
1196
+ langpm: `${us}`,
1197
+ con: `${us} page already running`,
1198
+ online: listOnlineWsEntries($asai, hostdir)
1199
+ });
1200
+ return false;
1122
1201
  }
1123
1202
  const cleared = await clearStaleWsIfDead($asai, hostdir, us, existingWs);
1124
1203
  if (!cleared) {
1125
1204
  rejectIncomingWs(ws2, {
1126
1205
  lang: "logged",
1127
1206
  langpm: `${us}`,
1128
- con: `${us} logged in!`
1207
+ con: `${us} logged in!`,
1208
+ online: listOnlineWsEntries($asai, hostdir)
1129
1209
  });
1130
1210
  return false;
1131
1211
  }
@@ -1134,22 +1214,25 @@ async function isOkWs($asai, hostdir, ws2, _req, hostcfg) {
1134
1214
  if (us !== "asai") {
1135
1215
  const connections = $asai.connectionsws[hostdir] || {};
1136
1216
  const sameTkWs = Object.values(connections).find(
1137
- (item) => _optionalChain([item, 'access', _142 => _142.Userinfo, 'optionalAccess', _143 => _143[2]]) === tk && _optionalChain([item, 'access', _144 => _144.Userinfo, 'optionalAccess', _145 => _145[0]]) !== us
1217
+ (item) => _optionalChain([item, 'access', _149 => _149.Userinfo, 'optionalAccess', _150 => _150[2]]) === tk && _optionalChain([item, 'access', _151 => _151.Userinfo, 'optionalAccess', _152 => _152[0]]) !== us
1138
1218
  );
1139
1219
  const maxOnline = hostcfg.maxonline || 100;
1220
+ const online = listOnlineWsEntries($asai, hostdir);
1140
1221
  if (sameTkWs) {
1141
1222
  rejectIncomingWs(ws2, {
1142
1223
  lang: "loggedsametk",
1143
1224
  langpm: `${us}(${sameTkWs.Userinfo[0]})`,
1144
- con: `${us}(${sameTkWs.Userinfo[0]}) logged in!`
1225
+ con: `${us}(${sameTkWs.Userinfo[0]}) logged in!`,
1226
+ online
1145
1227
  });
1146
1228
  return false;
1147
1229
  }
1148
- if (Object.keys(connections).length >= maxOnline) {
1230
+ if (online.length >= maxOnline) {
1149
1231
  rejectIncomingWs(ws2, {
1150
1232
  lang: "maxlogged",
1151
1233
  langpm: `${maxOnline}`,
1152
- con: `max ${maxOnline} users online!`
1234
+ con: `max ${maxOnline} users online!`,
1235
+ online
1153
1236
  });
1154
1237
  return false;
1155
1238
  }
@@ -1168,15 +1251,15 @@ function loginWs($asai, hostdir, ws2, req, hostcfg, wsWorkHandler, logWsMessage)
1168
1251
  }
1169
1252
  ws2.on("message", (msg) => {
1170
1253
  if (logWsMessage) $asai.$log("WS", "message", msg.toString());
1171
- _optionalChain([wsWorkHandler, 'optionalCall', _146 => _146(msg, ws2, hostdir, req)]);
1254
+ _optionalChain([wsWorkHandler, 'optionalCall', _153 => _153(msg, ws2, hostdir, req)]);
1172
1255
  });
1173
1256
  ws2.on("close", () => {
1174
- const token = _optionalChain([ws2, 'access', _147 => _147.Userinfo, 'optionalAccess', _148 => _148[2]]);
1257
+ const token = _optionalChain([ws2, 'access', _154 => _154.Userinfo, 'optionalAccess', _155 => _155[2]]);
1175
1258
  if (hostcfg.ckws && ws2.tasksws) {
1176
1259
  Object.values(ws2.tasksws).forEach((el) => el && clearInterval(el));
1177
1260
  ws2.tasksws = void 0;
1178
1261
  }
1179
- if (us && _optionalChain([$asai, 'access', _149 => _149.connectionsws, 'access', _150 => _150[hostdir], 'optionalAccess', _151 => _151[us]]) === ws2) delete $asai.connectionsws[hostdir][us];
1262
+ if (us && _optionalChain([$asai, 'access', _156 => _156.connectionsws, 'access', _157 => _157[hostdir], 'optionalAccess', _158 => _158[us]]) === ws2) delete $asai.connectionsws[hostdir][us];
1180
1263
  if (us && token && !isUserOnlineOnWs($asai, us, hostdir)) {
1181
1264
  void removeSessionOnWsClose($asai, us, String(token));
1182
1265
  }
@@ -1200,7 +1283,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, clearWsServerTasks, "clearWsServerTasks");
1200
1283
  function resWsMsg(msg, $asai) {
1201
1284
  if (msg === "ping" || msg === "pong") return msg;
1202
1285
  if (typeof msg !== "object" || msg === null) return msg;
1203
- if ((_optionalChain([msg, 'optionalAccess', _152 => _152.aes]) || _optionalChain([$asai, 'access', _153 => _153.$lib, 'access', _154 => _154.aesfns, 'optionalAccess', _155 => _155.allaes])) && _optionalChain([msg, 'optionalAccess', _156 => _156.db]) && _optionalChain([$asai, 'access', _157 => _157.$lib, 'optionalAccess', _158 => _158.aesfns, 'optionalAccess', _159 => _159.resAES])) {
1286
+ if ((_optionalChain([msg, 'optionalAccess', _159 => _159.aes]) || _optionalChain([$asai, 'access', _160 => _160.$lib, 'access', _161 => _161.aesfns, 'optionalAccess', _162 => _162.allaes])) && _optionalChain([msg, 'optionalAccess', _163 => _163.db]) && _optionalChain([$asai, 'access', _164 => _164.$lib, 'optionalAccess', _165 => _165.aesfns, 'optionalAccess', _166 => _166.resAES])) {
1204
1287
  msg.db = $asai.$lib.aesfns.resAES(msg.db);
1205
1288
  }
1206
1289
  return JSON.stringify(msg);
@@ -1222,7 +1305,7 @@ function attachWssHelpers(wss, $asai) {
1222
1305
  wss.broadws = (msg) => {
1223
1306
  const data = resWsMsg(msg, $asai);
1224
1307
  wss.clients.forEach((client) => {
1225
- if (_optionalChain([client, 'optionalAccess', _160 => _160.readyState]) === _ws.WebSocket.OPEN) client.send(data);
1308
+ if (_optionalChain([client, 'optionalAccess', _167 => _167.readyState]) === _ws.WebSocket.OPEN) client.send(data);
1226
1309
  });
1227
1310
  };
1228
1311
  }
@@ -1235,7 +1318,7 @@ var apiPerIp = /* @__PURE__ */ new Map();
1235
1318
  var apiRatePerIp = /* @__PURE__ */ new Map();
1236
1319
  var wsPerIp = /* @__PURE__ */ new Map();
1237
1320
  function getQuota($asai) {
1238
- return _optionalChain([$asai, 'optionalAccess', _161 => _161.hostconfig, 'optionalAccess', _162 => _162.security, 'optionalAccess', _163 => _163.quota]) || {};
1321
+ return _optionalChain([$asai, 'optionalAccess', _168 => _168.hostconfig, 'optionalAccess', _169 => _169.security, 'optionalAccess', _170 => _170.quota]) || {};
1239
1322
  }
1240
1323
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getQuota, "getQuota");
1241
1324
  function isEnabled($asai) {
@@ -1325,7 +1408,7 @@ function getMaxWebConnections($asai, hostcfg) {
1325
1408
  const q = getQuota($asai);
1326
1409
  const fromQuota = Number(q.maxWebConnections);
1327
1410
  if (fromQuota > 0) return fromQuota;
1328
- return Number(_optionalChain([hostcfg, 'optionalAccess', _164 => _164.maxws])) > 0 ? Number(hostcfg.maxws) : 100;
1411
+ return Number(_optionalChain([hostcfg, 'optionalAccess', _171 => _171.maxws])) > 0 ? Number(hostcfg.maxws) : 100;
1329
1412
  }
1330
1413
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getMaxWebConnections, "getMaxWebConnections");
1331
1414
  function countActiveWsConnections(wss, incoming, $asai, hostdir, hostcfg, userinfo) {
@@ -1335,12 +1418,12 @@ function countActiveWsConnections(wss, incoming, $asai, hostdir, hostcfg, userin
1335
1418
  if (client === incoming) continue;
1336
1419
  if (client.readyState === _ws.WebSocket.CLOSED || client.readyState === _ws.WebSocket.CLOSING) continue;
1337
1420
  const cInfo = client.Userinfo;
1338
- const cUs = _optionalChain([cInfo, 'optionalAccess', _165 => _165[0]]);
1339
- const cTk = _optionalChain([cInfo, 'optionalAccess', _166 => _166[2]]);
1421
+ const cUs = _optionalChain([cInfo, 'optionalAccess', _172 => _172[0]]);
1422
+ const cTk = _optionalChain([cInfo, 'optionalAccess', _173 => _173[2]]);
1340
1423
  if (us && tk && cUs === us && cTk === tk) continue;
1341
- if (_optionalChain([hostcfg, 'optionalAccess', _167 => _167.ckws]) && us && tk) {
1342
- const existing = _optionalChain([$asai, 'optionalAccess', _168 => _168.connectionsws, 'optionalAccess', _169 => _169[hostdir], 'optionalAccess', _170 => _170[us]]);
1343
- if (existing === client && _optionalChain([existing, 'optionalAccess', _171 => _171.Userinfo, 'optionalAccess', _172 => _172[2]]) === tk) continue;
1424
+ if (_optionalChain([hostcfg, 'optionalAccess', _174 => _174.ckws]) && us && tk) {
1425
+ const existing = _optionalChain([$asai, 'optionalAccess', _175 => _175.connectionsws, 'optionalAccess', _176 => _176[hostdir], 'optionalAccess', _177 => _177[us]]);
1426
+ if (existing === client && _optionalChain([existing, 'optionalAccess', _178 => _178.Userinfo, 'optionalAccess', _179 => _179[2]]) === tk) continue;
1344
1427
  }
1345
1428
  count += 1;
1346
1429
  }
@@ -1352,7 +1435,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, countActiveWsConnections, "countActiveWsCo
1352
1435
  function createWSHost($asai, hostdir) {
1353
1436
  const hostcfg = getHostCFG(hostdir, $asai);
1354
1437
  const wsWorkHandler = getWorkHandler("wsWork");
1355
- const logWsMessage = !!_optionalChain([$asai, 'access', _173 => _173.hostconfig, 'access', _174 => _174.logger, 'optionalAccess', _175 => _175.lv, 'optionalAccess', _176 => _176.view]);
1438
+ const logWsMessage = !!_optionalChain([$asai, 'access', _180 => _180.hostconfig, 'access', _181 => _181.logger, 'optionalAccess', _182 => _182.lv, 'optionalAccess', _183 => _183.view]);
1356
1439
  try {
1357
1440
  if ($asai.serversws[hostdir]) return;
1358
1441
  if (hostcfg.ckws && !$asai.connectionsws[hostdir]) {
@@ -1364,14 +1447,14 @@ function createWSHost($asai, hostdir) {
1364
1447
  wss.on("error", (err) => {
1365
1448
  clearWsServerTasks($asai, hostdir);
1366
1449
  $asai.$log("WS", "WS Server error!", err);
1367
- _optionalChain([wss, 'access', _177 => _177.close, 'optionalCall', _178 => _178(() => {
1450
+ _optionalChain([wss, 'access', _184 => _184.close, 'optionalCall', _185 => _185(() => {
1368
1451
  $asai.$log("WS", "WS Server closed");
1369
1452
  delete $asai.serversws[hostdir];
1370
1453
  })]);
1371
1454
  });
1372
1455
  wss.on("close", (code, reason) => {
1373
1456
  try {
1374
- $asai.$log("WS", `WebSocket closed, server ${hostdir}, code: ${code}, reason: ${_optionalChain([reason, 'optionalAccess', _179 => _179.toString, 'call', _180 => _180()])}`);
1457
+ $asai.$log("WS", `WebSocket closed, server ${hostdir}, code: ${code}, reason: ${_optionalChain([reason, 'optionalAccess', _186 => _186.toString, 'call', _187 => _187()])}`);
1375
1458
  clearWsServerTasks($asai, hostdir);
1376
1459
  } catch (err) {
1377
1460
  $asai.$log("WS", "WS close handler error:", err);
@@ -1461,7 +1544,7 @@ var StaticPathCache = class {
1461
1544
  const stat = fs3.statSync(entry.filePath);
1462
1545
  if (!stat.isFile() || stat.mtimeMs !== entry.mtimeMs) return null;
1463
1546
  return stat;
1464
- } catch (e27) {
1547
+ } catch (e32) {
1465
1548
  return null;
1466
1549
  }
1467
1550
  }
@@ -1480,8 +1563,8 @@ function applySecurityHeaders(res, isHttps = false, hostconfig) {
1480
1563
  if (isHttps) {
1481
1564
  res.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
1482
1565
  }
1483
- const sec = _optionalChain([hostconfig, 'optionalAccess', _181 => _181.security]);
1484
- if (_optionalChain([sec, 'optionalAccess', _182 => _182.csp])) {
1566
+ const sec = _optionalChain([hostconfig, 'optionalAccess', _188 => _188.security]);
1567
+ if (_optionalChain([sec, 'optionalAccess', _189 => _189.csp])) {
1485
1568
  const csp = typeof sec.cspPolicy === "string" && sec.cspPolicy.length > 0 ? sec.cspPolicy : DEFAULT_CSP;
1486
1569
  res.setHeader("Content-Security-Policy", csp);
1487
1570
  }
@@ -1489,9 +1572,9 @@ function applySecurityHeaders(res, isHttps = false, hostconfig) {
1489
1572
  _chunkSMVZ3ZDJcjs.__name.call(void 0, applySecurityHeaders, "applySecurityHeaders");
1490
1573
  function getHttpUserinfo(req, $asai) {
1491
1574
  try {
1492
- const userinfo = _optionalChain([req, 'access', _183 => _183.headers, 'optionalAccess', _184 => _184["userinfo"], 'optionalAccess', _185 => _185.split, 'call', _186 => _186("##")]);
1575
+ const userinfo = _optionalChain([req, 'access', _190 => _190.headers, 'optionalAccess', _191 => _191["userinfo"], 'optionalAccess', _192 => _192.split, 'call', _193 => _193("##")]);
1493
1576
  return deUserInfoWithAsai(userinfo, $asai);
1494
- } catch (e28) {
1577
+ } catch (e33) {
1495
1578
  return "";
1496
1579
  }
1497
1580
  }
@@ -1522,7 +1605,7 @@ function normalizeRequestPath(url) {
1522
1605
  }
1523
1606
  _chunkSMVZ3ZDJcjs.__name.call(void 0, normalizeRequestPath, "normalizeRequestPath");
1524
1607
  function createSkipChecker($asai) {
1525
- const skip = _optionalChain([$asai, 'access', _187 => _187.hostconfig, 'optionalAccess', _188 => _188.logger, 'optionalAccess', _189 => _189.skip]);
1608
+ const skip = _optionalChain([$asai, 'access', _194 => _194.hostconfig, 'optionalAccess', _195 => _195.logger, 'optionalAccess', _196 => _196.skip]);
1526
1609
  if (!Array.isArray(skip) || skip.length === 0) return () => false;
1527
1610
  const exact = /* @__PURE__ */ new Set();
1528
1611
  const prefixes = [];
@@ -1533,11 +1616,11 @@ function createSkipChecker($asai) {
1533
1616
  }
1534
1617
  if (exact.size === 0 && prefixes.length === 0) return () => false;
1535
1618
  return (url) => {
1536
- const path8 = normalizeRequestPath(url);
1537
- if (!path8) return false;
1538
- if (exact.has(path8)) return true;
1619
+ const path9 = normalizeRequestPath(url);
1620
+ if (!path9) return false;
1621
+ if (exact.has(path9)) return true;
1539
1622
  for (let i = 0; i < prefixes.length; i++) {
1540
- if (path8.startsWith(prefixes[i])) return true;
1623
+ if (path9.startsWith(prefixes[i])) return true;
1541
1624
  }
1542
1625
  return false;
1543
1626
  };
@@ -1558,7 +1641,7 @@ function attachAccessLog($asai, req, res, logType) {
1558
1641
  try {
1559
1642
  const entry = _chunkOCEBEEP5cjs.buildAccessEntry.call(void 0, req, res, logType);
1560
1643
  void $asai.appendAccessLog(_chunkOCEBEEP5cjs.formatCLF.call(void 0, entry), _chunkOCEBEEP5cjs.formatW3CAccessRecord.call(void 0, entry));
1561
- } catch (e29) {
1644
+ } catch (e34) {
1562
1645
  }
1563
1646
  }, "onFinish");
1564
1647
  if (res.writableEnded || res.finished) onFinish();
@@ -1617,7 +1700,7 @@ function findExistingFileUnderRoots(requestedPath, allowedRoots) {
1617
1700
  if (stat.isFile()) {
1618
1701
  return { filePath: absTarget, stat };
1619
1702
  }
1620
- } catch (e30) {
1703
+ } catch (e35) {
1621
1704
  }
1622
1705
  }
1623
1706
  return null;
@@ -1630,13 +1713,13 @@ function getHostAllowedRoots(hostconfig) {
1630
1713
  try {
1631
1714
  const abs = path2.resolve("./" + dir.replace(/\\/g, "/"));
1632
1715
  if (fs4.existsSync(abs)) roots.add(abs);
1633
- } catch (e31) {
1716
+ } catch (e36) {
1634
1717
  }
1635
1718
  }, "push");
1636
- for (const dir of _optionalChain([hostconfig, 'optionalAccess', _190 => _190.hostdirs]) || []) push(dir);
1719
+ for (const dir of _optionalChain([hostconfig, 'optionalAccess', _197 => _197.hostdirs]) || []) push(dir);
1637
1720
  push("webdata");
1638
1721
  push("websys");
1639
- if (_optionalChain([hostconfig, 'optionalAccess', _191 => _191.weburls, 'optionalAccess', _192 => _192.webdir])) push(hostconfig.weburls.webdir);
1722
+ if (_optionalChain([hostconfig, 'optionalAccess', _198 => _198.weburls, 'optionalAccess', _199 => _199.webdir])) push(hostconfig.weburls.webdir);
1640
1723
  const result = [];
1641
1724
  roots.forEach((r) => result.push(r));
1642
1725
  return result;
@@ -1667,7 +1750,7 @@ function getStaticBaseDirs($asai) {
1667
1750
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getStaticBaseDirs, "getStaticBaseDirs");
1668
1751
  function shouldForceHostdirs($asai) {
1669
1752
  if ($asai.pkgSnapshotDir) return true;
1670
- return _optionalChain([$asai, 'access', _193 => _193.hostconfig, 'optionalAccess', _194 => _194.pkg, 'optionalAccess', _195 => _195.type]) === 1;
1753
+ return _optionalChain([$asai, 'access', _200 => _200.hostconfig, 'optionalAccess', _201 => _201.pkg, 'optionalAccess', _202 => _202.type]) === 1;
1671
1754
  }
1672
1755
  _chunkSMVZ3ZDJcjs.__name.call(void 0, shouldForceHostdirs, "shouldForceHostdirs");
1673
1756
  function buildStaticSearchDirs(hostcfg, $asai) {
@@ -1688,12 +1771,12 @@ function buildStaticSearchDirs(hostcfg, $asai) {
1688
1771
  ordered.push(dir);
1689
1772
  return;
1690
1773
  }
1691
- } catch (e32) {
1774
+ } catch (e37) {
1692
1775
  }
1693
1776
  }
1694
1777
  }, "pushDir");
1695
1778
  for (const dir of hostcfg.hostdirs || []) pushDir(dir);
1696
- if (_optionalChain([hostcfg, 'access', _196 => _196.weburls, 'optionalAccess', _197 => _197.webdir])) pushDir(hostcfg.weburls.webdir);
1779
+ if (_optionalChain([hostcfg, 'access', _203 => _203.weburls, 'optionalAccess', _204 => _204.webdir])) pushDir(hostcfg.weburls.webdir);
1697
1780
  return ordered;
1698
1781
  }
1699
1782
  _chunkSMVZ3ZDJcjs.__name.call(void 0, buildStaticSearchDirs, "buildStaticSearchDirs");
@@ -1721,7 +1804,7 @@ function parseUrlPath(requrl) {
1721
1804
  if (!requrl) return "/";
1722
1805
  const safeUrl = requrl.startsWith("http") ? requrl : encodeURI(requrl);
1723
1806
  return new URL(safeUrl, "http://localhost").pathname;
1724
- } catch (e33) {
1807
+ } catch (e38) {
1725
1808
  return requrl;
1726
1809
  }
1727
1810
  }
@@ -1820,8 +1903,8 @@ function serveStaticFile(req, res, foundPath, mimeType, stat, $asai, urlPath = "
1820
1903
  _chunkSMVZ3ZDJcjs.__name.call(void 0, serveStaticFile, "serveStaticFile");
1821
1904
  function createStaticHandler(ctx) {
1822
1905
  const { hostcfg, hostdir, indexFile, $asai, staticPathCache } = ctx;
1823
- const hasRewrite = !!(_optionalChain([hostcfg, 'access', _198 => _198.weburls, 'optionalAccess', _199 => _199.rewrite]) && _optionalChain([hostcfg, 'access', _200 => _200.weburls, 'optionalAccess', _201 => _201.webdir]) && _optionalChain([hostcfg, 'access', _202 => _202.weburls, 'optionalAccess', _203 => _203.keys, 'optionalAccess', _204 => _204.length]));
1824
- const rewriteKeys = hasRewrite ? _optionalChain([hostcfg, 'access', _205 => _205.weburls, 'optionalAccess', _206 => _206.keys]) || [] : [];
1906
+ const hasRewrite = !!(_optionalChain([hostcfg, 'access', _205 => _205.weburls, 'optionalAccess', _206 => _206.rewrite]) && _optionalChain([hostcfg, 'access', _207 => _207.weburls, 'optionalAccess', _208 => _208.webdir]) && _optionalChain([hostcfg, 'access', _209 => _209.weburls, 'optionalAccess', _210 => _210.keys, 'optionalAccess', _211 => _211.length]));
1907
+ const rewriteKeys = hasRewrite ? _optionalChain([hostcfg, 'access', _212 => _212.weburls, 'optionalAccess', _213 => _213.keys]) || [] : [];
1825
1908
  const checkWebUrls = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (rurl) => {
1826
1909
  if (!hasRewrite || !rurl) return false;
1827
1910
  for (let i = 0; i < rewriteKeys.length; i++) {
@@ -1836,7 +1919,7 @@ function createStaticHandler(ctx) {
1836
1919
  const roots = rhostdirs.join("|") === primaryDirs.join("|") ? buildStaticRoots(primaryDirs, $asai) : buildStaticRoots(rhostdirs, $asai);
1837
1920
  const findValidFile = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (urlPath) => {
1838
1921
  const hit = staticPathCache.get(cacheKey);
1839
- if (_optionalChain([hit, 'optionalAccess', _207 => _207.is404])) return null;
1922
+ if (_optionalChain([hit, 'optionalAccess', _214 => _214.is404])) return null;
1840
1923
  if (hit && !hit.is404) {
1841
1924
  const verified = staticPathCache.verify(hit);
1842
1925
  if (verified) return { filePath: hit.filePath, stat: verified };
@@ -1860,7 +1943,7 @@ function createStaticHandler(ctx) {
1860
1943
  showHostDirs(req, res, [hostcfg.weburls.webdir], "/" + indexFile, primaryDirs, rtm + 1);
1861
1944
  return;
1862
1945
  }
1863
- const mimeType = _optionalChain([hostcfg, 'access', _208 => _208.mimetypes, 'optionalAccess', _209 => _209[nodePath2.extname(found.filePath)]]) || "application/octet-stream";
1946
+ const mimeType = _optionalChain([hostcfg, 'access', _215 => _215.mimetypes, 'optionalAccess', _216 => _216[nodePath2.extname(found.filePath)]]) || "application/octet-stream";
1864
1947
  serveStaticFile(req, res, found.filePath, mimeType, found.stat, $asai, processedUrl);
1865
1948
  }, "showHostDirs");
1866
1949
  return (req, res, url) => {
@@ -1885,7 +1968,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, createStaticHandler, "createStaticHandler"
1885
1968
  function setupHttpConnectionMonitor($asai, hostdir, server, hostcfg) {
1886
1969
  const maxHttp = hostcfg.maxhttp || 100;
1887
1970
  const monitorInterval = setInterval(() => {
1888
- const connCount = _optionalChain([$asai, 'access', _210 => _210.connectionshttp, 'access', _211 => _211[hostdir], 'optionalAccess', _212 => _212.size]) || 0;
1971
+ const connCount = _optionalChain([$asai, 'access', _217 => _217.connectionshttp, 'access', _218 => _218[hostdir], 'optionalAccess', _219 => _219.size]) || 0;
1889
1972
  if (connCount > maxHttp * 0.8) {
1890
1973
  $asai.$log("HTTP", `HTTP Connection HIGH (${connCount}/${maxHttp})`);
1891
1974
  }
@@ -1956,10 +2039,10 @@ function findListeningPids(port) {
1956
2039
  stdio: ["pipe", "pipe", "ignore"]
1957
2040
  });
1958
2041
  return out.split(/\r?\n/).map((s) => parseInt(s.trim(), 10)).filter((n) => n > 0);
1959
- } catch (e34) {
2042
+ } catch (e39) {
1960
2043
  return [];
1961
2044
  }
1962
- } catch (e35) {
2045
+ } catch (e40) {
1963
2046
  return [];
1964
2047
  }
1965
2048
  }
@@ -1970,10 +2053,10 @@ function formatOccupants(port, exclude) {
1970
2053
  }
1971
2054
  _chunkSMVZ3ZDJcjs.__name.call(void 0, formatOccupants, "formatOccupants");
1972
2055
  function releasePort(port, opts) {
1973
- const exclude = _nullishCoalesce(_optionalChain([opts, 'optionalAccess', _213 => _213.excludePid]), () => ( OWN_PID));
2056
+ const exclude = _nullishCoalesce(_optionalChain([opts, 'optionalAccess', _220 => _220.excludePid]), () => ( OWN_PID));
1974
2057
  const occupants = formatOccupants(port, exclude);
1975
2058
  if (!occupants) return true;
1976
- const label = _optionalChain([opts, 'optionalAccess', _214 => _214.label]) ? `[${opts.label}] ` : "";
2059
+ const label = _optionalChain([opts, 'optionalAccess', _221 => _221.label]) ? `[${opts.label}] ` : "";
1977
2060
  console.warn(
1978
2061
  `[AsaiHostNodejs] ${label}\u7AEF\u53E3 ${port} \u88AB\u5360\u7528\uFF08PID: ${occupants}\uFF09\uFF0C\u8BF7\u624B\u52A8\u7ED3\u675F\u5360\u7528\u8FDB\u7A0B\u540E\u91CD\u8BD5`
1979
2062
  );
@@ -1982,23 +2065,23 @@ function releasePort(port, opts) {
1982
2065
  _chunkSMVZ3ZDJcjs.__name.call(void 0, releasePort, "releasePort");
1983
2066
  function collectStartupPorts($asai) {
1984
2067
  const ports = /* @__PURE__ */ new Set();
1985
- const hosts = _optionalChain([$asai, 'access', _215 => _215.hostconfig, 'optionalAccess', _216 => _216.hosts]);
2068
+ const hosts = _optionalChain([$asai, 'access', _222 => _222.hostconfig, 'optionalAccess', _223 => _223.hosts]);
1986
2069
  if (hosts) {
1987
2070
  for (const el of Object.keys(hosts)) {
1988
2071
  if (el === "default") continue;
1989
2072
  if (el !== "asai" && !validateHostdir(el)) continue;
1990
2073
  const cfg = getHostCFG(el, $asai);
1991
- if (_optionalChain([cfg, 'optionalAccess', _217 => _217.close])) continue;
1992
- if (_optionalChain([cfg, 'optionalAccess', _218 => _218.port])) ports.add(Number(cfg.port));
2074
+ if (_optionalChain([cfg, 'optionalAccess', _224 => _224.close])) continue;
2075
+ if (_optionalChain([cfg, 'optionalAccess', _225 => _225.port])) ports.add(Number(cfg.port));
1993
2076
  }
1994
2077
  }
1995
- const proxyhosts = _optionalChain([$asai, 'access', _219 => _219.hostconfig, 'optionalAccess', _220 => _220.proxyhosts]);
2078
+ const proxyhosts = _optionalChain([$asai, 'access', _226 => _226.hostconfig, 'optionalAccess', _227 => _227.proxyhosts]);
1996
2079
  if (proxyhosts) {
1997
2080
  for (const el of Object.keys(proxyhosts)) {
1998
2081
  if (el === "default") continue;
1999
2082
  if (!validateHostdir(el)) continue;
2000
2083
  const cfg = getProxyHostCFG(el, $asai);
2001
- if (_optionalChain([cfg, 'optionalAccess', _221 => _221.proxyport])) ports.add(Number(cfg.proxyport));
2084
+ if (_optionalChain([cfg, 'optionalAccess', _228 => _228.proxyport])) ports.add(Number(cfg.proxyport));
2002
2085
  }
2003
2086
  }
2004
2087
  return [...ports];
@@ -2023,7 +2106,7 @@ function scheduleHttpRetry($asai, hostdir) {
2023
2106
  clearTimeout($asai.hostconfig.guardtm);
2024
2107
  $asai.hostconfig.guardtm = null;
2025
2108
  }
2026
- }, _optionalChain([$asai, 'access', _222 => _222.hostconfig, 'access', _223 => _223.tm, 'optionalAccess', _224 => _224.d]) || 2e3);
2109
+ }, _optionalChain([$asai, 'access', _229 => _229.hostconfig, 'access', _230 => _230.tm, 'optionalAccess', _231 => _231.d]) || 2e3);
2027
2110
  }
2028
2111
  _chunkSMVZ3ZDJcjs.__name.call(void 0, scheduleHttpRetry, "scheduleHttpRetry");
2029
2112
  function clearFailedHttpHost($asai, hostdir, ws2) {
@@ -2036,7 +2119,7 @@ function getHTTPServer(httptype = "", cfg, $asai) {
2036
2119
  if (httptype.startsWith("https")) {
2037
2120
  return {
2038
2121
  AsCreateServer: /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (callback) => {
2039
- return https.createServer(_optionalChain([cfg, 'optionalAccess', _225 => _225.httpscert]) || $asai.hostconfig.httpscert, callback);
2122
+ return https.createServer(_optionalChain([cfg, 'optionalAccess', _232 => _232.httpscert]) || $asai.hostconfig.httpscert, callback);
2040
2123
  }, "AsCreateServer"),
2041
2124
  Agent: https.Agent,
2042
2125
  request: https.request
@@ -2088,13 +2171,13 @@ function startHTTPServer($asai, hostdir) {
2088
2171
  return;
2089
2172
  }
2090
2173
  applySecurityHeaders(res, isHttps, $asai.hostconfig);
2091
- if (_optionalChain([req, 'access', _226 => _226.url, 'optionalAccess', _227 => _227.startsWith, 'call', _228 => _228("/sys")]) && sysWork) {
2174
+ if (_optionalChain([req, 'access', _233 => _233.url, 'optionalAccess', _234 => _234.startsWith, 'call', _235 => _235("/sys")]) && sysWork) {
2092
2175
  logHttp($asai, "SYS", req.method, req.url, skipChecker, req, res);
2093
2176
  sysWork(req, res, hostdir);
2094
- } else if (_optionalChain([req, 'access', _229 => _229.url, 'optionalAccess', _230 => _230.startsWith, 'call', _231 => _231("/api")]) && apiWork) {
2177
+ } else if (_optionalChain([req, 'access', _236 => _236.url, 'optionalAccess', _237 => _237.startsWith, 'call', _238 => _238("/api")]) && apiWork) {
2095
2178
  logHttp($asai, "API", req.method, req.url, skipChecker, req, res);
2096
2179
  apiWork(req, res, hostdir);
2097
- } else if (_optionalChain([req, 'access', _232 => _232.url, 'optionalAccess', _233 => _233.startsWith, 'call', _234 => _234("/jsonp")]) && jsonpWork) {
2180
+ } else if (_optionalChain([req, 'access', _239 => _239.url, 'optionalAccess', _240 => _240.startsWith, 'call', _241 => _241("/jsonp")]) && jsonpWork) {
2098
2181
  logHttp($asai, "JSONP", req.method, req.url, skipChecker, req, res);
2099
2182
  jsonpWork(req, res, hostdir);
2100
2183
  } else if (handleStatic) {
@@ -2165,7 +2248,7 @@ function findSameProcessPortOwner($asai, port, excludeHostdir) {
2165
2248
  for (const hostdir of Object.keys($asai.servershttp || {})) {
2166
2249
  if (hostdir === excludeHostdir) continue;
2167
2250
  const cfg = getHostCFG(hostdir, $asai);
2168
- if (_optionalChain([cfg, 'optionalAccess', _235 => _235.port]) === port) return hostdir;
2251
+ if (_optionalChain([cfg, 'optionalAccess', _242 => _242.port]) === port) return hostdir;
2169
2252
  }
2170
2253
  return null;
2171
2254
  }
@@ -2173,7 +2256,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, findSameProcessPortOwner, "findSameProcess
2173
2256
  function asaiGuard($asai, failedHostdir = "asai") {
2174
2257
  const conflictPorts = $asai.hostconfig.asaiport || [];
2175
2258
  const hostcfg = getHostCFG(failedHostdir, $asai);
2176
- const port = _optionalChain([hostcfg, 'optionalAccess', _236 => _236.port]);
2259
+ const port = _optionalChain([hostcfg, 'optionalAccess', _243 => _243.port]);
2177
2260
  if (!port || !conflictPorts.includes(port)) {
2178
2261
  scheduleHttpRetry($asai, failedHostdir);
2179
2262
  return;
@@ -2205,7 +2288,7 @@ var PROXY_SKIP_HEADERS = /* @__PURE__ */ new Set([
2205
2288
  function startProxyServer($asai, proxyhostdir) {
2206
2289
  const proxycfg = getProxyHostCFG(proxyhostdir, $asai);
2207
2290
  if (!proxycfg.url) return;
2208
- if (_optionalChain([$asai, 'access', _237 => _237.serversproxy, 'optionalAccess', _238 => _238[proxyhostdir]])) return;
2291
+ if (_optionalChain([$asai, 'access', _244 => _244.serversproxy, 'optionalAccess', _245 => _245[proxyhostdir]])) return;
2209
2292
  try {
2210
2293
  const httpServer = getHTTPServer(proxycfg.proxyhttptype, proxycfg, $asai);
2211
2294
  const targetHttp = getHTTPServer(proxycfg.url, proxycfg, $asai);
@@ -2287,12 +2370,12 @@ function startProxyServer($asai, proxyhostdir) {
2287
2370
  proxyServer.on("error", (err) => {
2288
2371
  if (err.code === "EADDRINUSE") {
2289
2372
  $asai.$log("PROXY", `\x1B[41mPort ${proxycfg.proxyport} is already start!\x1B[0m`);
2290
- _optionalChainDelete([$asai, 'access', _239 => _239.serversproxy, 'optionalAccess', _240 => delete _240[proxyhostdir]]);
2373
+ _optionalChainDelete([$asai, 'access', _246 => _246.serversproxy, 'optionalAccess', _247 => delete _247[proxyhostdir]]);
2291
2374
  releasePort(proxycfg.proxyport, {
2292
2375
  excludePid: process.pid,
2293
2376
  label: proxyhostdir
2294
2377
  });
2295
- setTimeout(() => startProxyServer($asai, proxyhostdir), _optionalChain([$asai, 'access', _241 => _241.hostconfig, 'access', _242 => _242.tm, 'optionalAccess', _243 => _243.d]) || 2e3);
2378
+ setTimeout(() => startProxyServer($asai, proxyhostdir), _optionalChain([$asai, 'access', _248 => _248.hostconfig, 'access', _249 => _249.tm, 'optionalAccess', _250 => _250.d]) || 2e3);
2296
2379
  } else {
2297
2380
  $asai.$log("PROXY", "Proxy server error:", err);
2298
2381
  }
@@ -2332,7 +2415,7 @@ function src_default($asai, opt) {
2332
2415
  initAsaiHostNodejs($asai, opt);
2333
2416
  console.log(`\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B`);
2334
2417
  releaseConfiguredPorts($asai);
2335
- if (_optionalChain([$asai, 'access', _244 => _244.hostconfig, 'optionalAccess', _245 => _245.hosts])) {
2418
+ if (_optionalChain([$asai, 'access', _251 => _251.hostconfig, 'optionalAccess', _252 => _252.hosts])) {
2336
2419
  $asai.startHTTPServer = (hostdir) => startHTTPServer($asai, hostdir);
2337
2420
  Object.keys($asai.hostconfig.hosts).forEach((el) => {
2338
2421
  if (validateHostdir(el)) {
@@ -2343,7 +2426,7 @@ function src_default($asai, opt) {
2343
2426
  startHTTPServer($asai, "asai");
2344
2427
  }
2345
2428
  }
2346
- if (_optionalChain([$asai, 'access', _246 => _246.hostconfig, 'optionalAccess', _247 => _247.proxyhosts])) {
2429
+ if (_optionalChain([$asai, 'access', _253 => _253.hostconfig, 'optionalAccess', _254 => _254.proxyhosts])) {
2347
2430
  Object.keys($asai.hostconfig.proxyhosts).forEach((el) => {
2348
2431
  if (validateHostdir(el)) {
2349
2432
  startProxyServer($asai, el);
@@ -2366,22 +2449,22 @@ _chunkSMVZ3ZDJcjs.__export.call(void 0, utils_exports, {
2366
2449
  // src/utils/ws-mock.ts
2367
2450
  function wsMock($asai) {
2368
2451
  function getKeyByData(reqdata, hostdir) {
2369
- return "_wstask_" + (hostdir || "") + "_" + (_optionalChain([reqdata, 'optionalAccess', _248 => _248.id]) || _optionalChain([reqdata, 'optionalAccess', _249 => _249.ty]) + "." + _optionalChain([reqdata, 'optionalAccess', _250 => _250.ac]));
2452
+ return "_wstask_" + (hostdir || "") + "_" + (_optionalChain([reqdata, 'optionalAccess', _255 => _255.id]) || _optionalChain([reqdata, 'optionalAccess', _256 => _256.ty]) + "." + _optionalChain([reqdata, 'optionalAccess', _257 => _257.ac]));
2370
2453
  }
2371
2454
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getKeyByData, "getKeyByData");
2372
2455
  function getMockDb(workopt) {
2373
2456
  const { reqdata, mockdata } = workopt;
2374
- const wsfn = _optionalChain([mockdata, 'optionalAccess', _251 => _251.fn]) ? _optionalChain([$asai, 'access', _252 => _252.asaimock, 'access', _253 => _253.fn, 'optionalAccess', _254 => _254[mockdata.fn]]) : null;
2457
+ const wsfn = _optionalChain([mockdata, 'optionalAccess', _258 => _258.fn]) ? _optionalChain([$asai, 'access', _259 => _259.asaimock, 'access', _260 => _260.fn, 'optionalAccess', _261 => _261[mockdata.fn]]) : null;
2375
2458
  if (wsfn) return wsfn({ workopt, $asai, mockName: mockdata.fn });
2376
2459
  return { ...reqdata, ...mockdata || {} };
2377
2460
  }
2378
2461
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getMockDb, "getMockDb");
2379
2462
  function wsWorkApi(workopt) {
2380
- _optionalChain([$asai, 'access', _255 => _255.serversws, 'access', _256 => _256[workopt.hostdir], 'optionalAccess', _257 => _257.sendws, 'optionalCall', _258 => _258(workopt.reqdataisobj ? getMockDb(workopt) : workopt.reqdata, 0, workopt.ws)]);
2463
+ _optionalChain([$asai, 'access', _262 => _262.serversws, 'access', _263 => _263[workopt.hostdir], 'optionalAccess', _264 => _264.sendws, 'optionalCall', _265 => _265(workopt.reqdataisobj ? getMockDb(workopt) : workopt.reqdata, 0, workopt.ws)]);
2381
2464
  }
2382
2465
  _chunkSMVZ3ZDJcjs.__name.call(void 0, wsWorkApi, "wsWorkApi");
2383
2466
  function wsWorkListen(workopt, reqkey) {
2384
- if (_optionalChain([workopt, 'access', _259 => _259.reqdata, 'optionalAccess', _260 => _260.off])) {
2467
+ if (_optionalChain([workopt, 'access', _266 => _266.reqdata, 'optionalAccess', _267 => _267.off])) {
2385
2468
  if ($asai.tasksws[workopt.hostdir][reqkey]) {
2386
2469
  clearInterval($asai.tasksws[workopt.hostdir][reqkey]);
2387
2470
  $asai.tasksws[workopt.hostdir][reqkey] = null;
@@ -2396,9 +2479,9 @@ function wsMock($asai) {
2396
2479
  if (!$asai.tasksws[workopt.hostdir][reqkey]) {
2397
2480
  clearInterval($asai.tasksws[workopt.hostdir][reqkey]);
2398
2481
  }
2399
- }, _optionalChain([newDataMock, 'optionalAccess', _261 => _261.tc]) || 2e3);
2400
- _optionalChain([workopt, 'access', _262 => _262.ws, 'optionalAccess', _263 => _263.once, 'optionalCall', _264 => _264("close", () => {
2401
- if (_optionalChain([$asai, 'access', _265 => _265.tasksws, 'access', _266 => _266[workopt.hostdir], 'optionalAccess', _267 => _267[reqkey]])) {
2482
+ }, _optionalChain([newDataMock, 'optionalAccess', _268 => _268.tc]) || 2e3);
2483
+ _optionalChain([workopt, 'access', _269 => _269.ws, 'optionalAccess', _270 => _270.once, 'optionalCall', _271 => _271("close", () => {
2484
+ if (_optionalChain([$asai, 'access', _272 => _272.tasksws, 'access', _273 => _273[workopt.hostdir], 'optionalAccess', _274 => _274[reqkey]])) {
2402
2485
  clearInterval($asai.tasksws[workopt.hostdir][reqkey]);
2403
2486
  delete $asai.tasksws[workopt.hostdir][reqkey];
2404
2487
  }
@@ -2406,8 +2489,8 @@ function wsMock($asai) {
2406
2489
  }
2407
2490
  _chunkSMVZ3ZDJcjs.__name.call(void 0, wsWorkListen, "wsWorkListen");
2408
2491
  function wsWorkMock(workopt) {
2409
- workopt.mockdata = workopt.reqdataisobj && _optionalChain([$asai, 'access', _268 => _268.asaimock, 'optionalAccess', _269 => _269.db, 'optionalAccess', _270 => _270[workopt.hostdir], 'optionalAccess', _271 => _271[_optionalChain([workopt, 'access', _272 => _272.reqdata, 'optionalAccess', _273 => _273.ty])]]) || {};
2410
- if (_optionalChain([workopt, 'access', _274 => _274.mockdata, 'optionalAccess', _275 => _275.wc])) {
2492
+ workopt.mockdata = workopt.reqdataisobj && _optionalChain([$asai, 'access', _275 => _275.asaimock, 'optionalAccess', _276 => _276.db, 'optionalAccess', _277 => _277[workopt.hostdir], 'optionalAccess', _278 => _278[_optionalChain([workopt, 'access', _279 => _279.reqdata, 'optionalAccess', _280 => _280.ty])]]) || {};
2493
+ if (_optionalChain([workopt, 'access', _281 => _281.mockdata, 'optionalAccess', _282 => _282.wc])) {
2411
2494
  wsWorkListen(workopt, getKeyByData(workopt.reqdata, workopt.hostdir));
2412
2495
  } else {
2413
2496
  wsWorkApi(workopt);
@@ -2420,11 +2503,11 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, wsMock, "wsMock");
2420
2503
 
2421
2504
  // src/infra/user-auth.ts
2422
2505
  async function attachServerUserLevel(req, $asai) {
2423
- const userinfo = _optionalChain([req, 'optionalAccess', _276 => _276.Userinfo]);
2506
+ const userinfo = _optionalChain([req, 'optionalAccess', _283 => _283.Userinfo]);
2424
2507
  if (!Array.isArray(userinfo) || !userinfo[0]) return;
2425
2508
  const us = String(userinfo[0]);
2426
2509
  try {
2427
- const { createUserStore: createUserStore2 } = await Promise.resolve().then(() => _interopRequireWildcard(require("./user-store-55HOLHEM.cjs")));
2510
+ const { createUserStore: createUserStore2 } = await Promise.resolve().then(() => _interopRequireWildcard(require("./user-store-6QNAL4CK.cjs")));
2428
2511
  const user = await createUserStore2($asai).findByUsername(us);
2429
2512
  if (user && user.status === "active") {
2430
2513
  req._serverUser = { us: user.us, lv: user.lv, status: user.status };
@@ -2432,34 +2515,34 @@ async function attachServerUserLevel(req, $asai) {
2432
2515
  } else {
2433
2516
  req._serverUser = null;
2434
2517
  }
2435
- } catch (e36) {
2518
+ } catch (e41) {
2436
2519
  req._serverUser = null;
2437
2520
  }
2438
2521
  }
2439
2522
  _chunkSMVZ3ZDJcjs.__name.call(void 0, attachServerUserLevel, "attachServerUserLevel");
2440
2523
  function getRequestUserLevel(req) {
2441
- if (_optionalChain([req, 'optionalAccess', _277 => _277._serverUser, 'optionalAccess', _278 => _278.lv]) != null) return Number(req._serverUser.lv);
2442
- const n = Number(_nullishCoalesce(_optionalChain([req, 'optionalAccess', _279 => _279.Userinfo, 'optionalAccess', _280 => _280[1]]), () => ( -1)));
2524
+ if (_optionalChain([req, 'optionalAccess', _284 => _284._serverUser, 'optionalAccess', _285 => _285.lv]) != null) return Number(req._serverUser.lv);
2525
+ const n = Number(_nullishCoalesce(_optionalChain([req, 'optionalAccess', _286 => _286.Userinfo, 'optionalAccess', _287 => _287[1]]), () => ( -1)));
2443
2526
  return Number.isFinite(n) ? n : -1;
2444
2527
  }
2445
2528
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getRequestUserLevel, "getRequestUserLevel");
2446
2529
  function getRequestUsername(req) {
2447
- if (_optionalChain([req, 'optionalAccess', _281 => _281._serverUser, 'optionalAccess', _282 => _282.us])) return String(req._serverUser.us);
2448
- const us = _optionalChain([req, 'optionalAccess', _283 => _283.Userinfo, 'optionalAccess', _284 => _284[0]]);
2530
+ if (_optionalChain([req, 'optionalAccess', _288 => _288._serverUser, 'optionalAccess', _289 => _289.us])) return String(req._serverUser.us);
2531
+ const us = _optionalChain([req, 'optionalAccess', _290 => _290.Userinfo, 'optionalAccess', _291 => _291[0]]);
2449
2532
  return us ? String(us) : void 0;
2450
2533
  }
2451
2534
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getRequestUsername, "getRequestUsername");
2452
2535
 
2453
2536
  // src/infra/access-control.ts
2454
2537
  function getSecurityConfig($asai) {
2455
- return _optionalChain([$asai, 'optionalAccess', _285 => _285.hostconfig, 'optionalAccess', _286 => _286.security]) || {};
2538
+ return _optionalChain([$asai, 'optionalAccess', _292 => _292.hostconfig, 'optionalAccess', _293 => _293.security]) || {};
2456
2539
  }
2457
2540
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getSecurityConfig, "getSecurityConfig");
2458
- function pathMatchesPattern(path8, pattern) {
2541
+ function pathMatchesPattern(path9, pattern) {
2459
2542
  if (pattern.endsWith("*")) {
2460
- return path8.startsWith(pattern.slice(0, -1));
2543
+ return path9.startsWith(pattern.slice(0, -1));
2461
2544
  }
2462
- return path8 === pattern;
2545
+ return path9 === pattern;
2463
2546
  }
2464
2547
  _chunkSMVZ3ZDJcjs.__name.call(void 0, pathMatchesPattern, "pathMatchesPattern");
2465
2548
  function isAuthSkipped($asai, pathname) {
@@ -2486,13 +2569,13 @@ function validateHttpAuth(req, $asai, pathname) {
2486
2569
  if (!isAuthRequired($asai, pathname)) {
2487
2570
  return { ok: true };
2488
2571
  }
2489
- const userinfo = _optionalChain([req, 'optionalAccess', _287 => _287.Userinfo]);
2572
+ const userinfo = _optionalChain([req, 'optionalAccess', _294 => _294.Userinfo]);
2490
2573
  const ip = getClientIp(req);
2491
2574
  if (!Array.isArray(userinfo) || userinfo.length < 3 || !userinfo[0]) {
2492
2575
  logSecurityEvent($asai, {
2493
2576
  type: "AUTH_MISSING",
2494
2577
  path: pathname,
2495
- method: _optionalChain([req, 'optionalAccess', _288 => _288.method]),
2578
+ method: _optionalChain([req, 'optionalAccess', _295 => _295.method]),
2496
2579
  ip,
2497
2580
  detail: "Userinfo header missing or invalid"
2498
2581
  });
@@ -2506,7 +2589,7 @@ function validateHttpAuth(req, $asai, pathname) {
2506
2589
  logSecurityEvent($asai, {
2507
2590
  type: "ACCESS_DENIED",
2508
2591
  path: pathname,
2509
- method: _optionalChain([req, 'optionalAccess', _289 => _289.method]),
2592
+ method: _optionalChain([req, 'optionalAccess', _296 => _296.method]),
2510
2593
  user: String(us),
2511
2594
  level: userLevel,
2512
2595
  ip,
@@ -2518,13 +2601,13 @@ function validateHttpAuth(req, $asai, pathname) {
2518
2601
  }
2519
2602
  _chunkSMVZ3ZDJcjs.__name.call(void 0, validateHttpAuth, "validateHttpAuth");
2520
2603
  async function validateHttpAuthAsync(req, $asai, pathname) {
2521
- if (Array.isArray(_optionalChain([req, 'optionalAccess', _290 => _290.Userinfo])) && req.Userinfo[0]) {
2604
+ if (Array.isArray(_optionalChain([req, 'optionalAccess', _297 => _297.Userinfo])) && req.Userinfo[0]) {
2522
2605
  await attachServerUserLevel(req, $asai);
2523
2606
  if (!req._serverUser && isAuthRequired($asai, pathname)) {
2524
2607
  logSecurityEvent($asai, {
2525
2608
  type: "ACCESS_DENIED",
2526
2609
  path: pathname,
2527
- method: _optionalChain([req, 'optionalAccess', _291 => _291.method]),
2610
+ method: _optionalChain([req, 'optionalAccess', _298 => _298.method]),
2528
2611
  user: String(req.Userinfo[0]),
2529
2612
  ip: getClientIp(req),
2530
2613
  detail: "User not found or inactive"
@@ -2586,7 +2669,7 @@ function resolveApiCorsOrigin(req, hostcfg, getHeader) {
2586
2669
  if (referer) {
2587
2670
  try {
2588
2671
  origin = new URL(referer).origin;
2589
- } catch (e37) {
2672
+ } catch (e42) {
2590
2673
  const parts = referer.split("/");
2591
2674
  if (parts.length >= 3) origin = `${parts[0]}//${parts[2]}`;
2592
2675
  }
@@ -2598,7 +2681,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, resolveApiCorsOrigin, "resolveApiCorsOrigi
2598
2681
  function isApiCorsAllowed(origin, hostcfg, hostHeader) {
2599
2682
  if (!origin) return false;
2600
2683
  if (origin === "*") return true;
2601
- const corsList = _optionalChain([hostcfg, 'optionalAccess', _292 => _292.cors]);
2684
+ const corsList = _optionalChain([hostcfg, 'optionalAccess', _299 => _299.cors]);
2602
2685
  if (!Array.isArray(corsList) || !corsList.length) return true;
2603
2686
  if (corsList.includes(origin)) return true;
2604
2687
  if (hostHeader && origin.includes(hostHeader)) return true;
@@ -2644,19 +2727,19 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, isPlainSourcePost, "isPlainSourcePost");
2644
2727
  function processPostPayload($asai, req, postdata, pm) {
2645
2728
  let isAes = false;
2646
2729
  let out = postdata;
2647
- if ($asai.$lib.aesfns && _optionalChain([out, 'optionalAccess', _293 => _293.startsWith, 'optionalCall', _294 => _294('{"aes":')])) {
2730
+ if ($asai.$lib.aesfns && _optionalChain([out, 'optionalAccess', _300 => _300.startsWith, 'optionalCall', _301 => _301('{"aes":')])) {
2648
2731
  isAes = true;
2649
2732
  const aesData = JSON.parse(out);
2650
2733
  out = $asai.$lib.aesfns.reqAES({ data: aesData });
2651
- if (_optionalChain([aesData, 'optionalAccess', _295 => _295.aes]) === 2 && typeof out === "string") {
2734
+ if (_optionalChain([aesData, 'optionalAccess', _302 => _302.aes]) === 2 && typeof out === "string") {
2652
2735
  try {
2653
2736
  out = JSON.parse(out);
2654
- } catch (e38) {
2737
+ } catch (e43) {
2655
2738
  }
2656
2739
  }
2657
2740
  }
2658
2741
  const plainJson = typeof out === "string" && out.trimStart().startsWith("{");
2659
- if (_optionalChain([req, 'optionalAccess', _296 => _296.Userinfo, 'optionalAccess', _297 => _297[2]]) && !plainJson && !isRawUploadPost(_optionalChain([req, 'optionalAccess', _298 => _298.url])) && !isPlainSourcePost(_optionalChain([req, 'optionalAccess', _299 => _299.url]))) {
2742
+ if (_optionalChain([req, 'optionalAccess', _303 => _303.Userinfo, 'optionalAccess', _304 => _304[2]]) && !plainJson && !isRawUploadPost(_optionalChain([req, 'optionalAccess', _305 => _305.url])) && !isPlainSourcePost(_optionalChain([req, 'optionalAccess', _306 => _306.url]))) {
2660
2743
  pm = req.Userinfo[2];
2661
2744
  out = $asai.$lib.AsCode.asdecode(out, pm);
2662
2745
  }
@@ -2664,7 +2747,7 @@ function processPostPayload($asai, req, postdata, pm) {
2664
2747
  }
2665
2748
  _chunkSMVZ3ZDJcjs.__name.call(void 0, processPostPayload, "processPostPayload");
2666
2749
  var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, opt = {}) => {
2667
- _optionalChain([opt, 'optionalAccess', _300 => _300.fn, 'optionalCall', _301 => _301($asai)]);
2750
+ _optionalChain([opt, 'optionalAccess', _307 => _307.fn, 'optionalCall', _308 => _308($asai)]);
2668
2751
  function getHeader(req, key) {
2669
2752
  return req.headers[key.toLowerCase()] || "";
2670
2753
  }
@@ -2673,7 +2756,7 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2673
2756
  let apiRouteCacheLen = -1;
2674
2757
  function findApiHandler($asai2, pathname) {
2675
2758
  const apis = $asai2.hostserverapis;
2676
- if (!_optionalChain([apis, 'optionalAccess', _302 => _302.length])) return void 0;
2759
+ if (!_optionalChain([apis, 'optionalAccess', _309 => _309.length])) return void 0;
2677
2760
  if (!apiRouteCache || apiRouteCacheLen !== apis.length) {
2678
2761
  apiRouteCache = apis.map((elp) => ({ key: elp, path: `/api/${elp}` }));
2679
2762
  apiRouteCacheLen = apis.length;
@@ -2721,9 +2804,9 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2721
2804
  pm: decodeURIComponent(urlParse.search.substring(4))
2722
2805
  };
2723
2806
  if (req.url.indexOf("binary") === -1) {
2724
- if (_optionalChain([req, 'optionalAccess', _303 => _303.Userinfo]) && _optionalChain([req, 'optionalAccess', _304 => _304.Userinfo, 'access', _305 => _305[2]]) && _optionalChain([query, 'optionalAccess', _306 => _306.pm])) {
2807
+ if (_optionalChain([req, 'optionalAccess', _310 => _310.Userinfo]) && _optionalChain([req, 'optionalAccess', _311 => _311.Userinfo, 'access', _312 => _312[2]]) && _optionalChain([query, 'optionalAccess', _313 => _313.pm])) {
2725
2808
  pm = req.Userinfo[2];
2726
- query = $asai.$lib.AsCode.asdecode(_optionalChain([query, 'optionalAccess', _307 => _307.pm]), pm);
2809
+ query = $asai.$lib.AsCode.asdecode(_optionalChain([query, 'optionalAccess', _314 => _314.pm]), pm);
2727
2810
  query = Object.fromEntries(new URLSearchParams("?" + query).entries());
2728
2811
  }
2729
2812
  }
@@ -2742,7 +2825,7 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2742
2825
  const releaseSlot = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, () => releaseApiSlot(hostdir, clientIp), "releaseSlot");
2743
2826
  res.once("finish", releaseSlot);
2744
2827
  res.once("close", releaseSlot);
2745
- const maxBody = _optionalChain([$asai, 'access', _308 => _308.hostconfig, 'optionalAccess', _309 => _309.maxbody]) || 100 * 1024 * 1024;
2828
+ const maxBody = _optionalChain([$asai, 'access', _315 => _315.hostconfig, 'optionalAccess', _316 => _316.maxbody]) || 100 * 1024 * 1024;
2746
2829
  const isTextPost = req.method === "POST" && req.url.indexOf("binary") === -1;
2747
2830
  const bodyPromise = isTextPost ? readRequestBody(req, maxBody) : null;
2748
2831
  void (async () => {
@@ -2756,16 +2839,16 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2756
2839
  ]);
2757
2840
  } catch (err) {
2758
2841
  releaseSlot();
2759
- if (_optionalChain([err, 'optionalAccess', _310 => _310.message]) === "PAYLOAD_TOO_LARGE") {
2842
+ if (_optionalChain([err, 'optionalAccess', _317 => _317.message]) === "PAYLOAD_TOO_LARGE") {
2760
2843
  return sendError(res, 413, "Payload Too Large");
2761
2844
  }
2762
- return sendError(res, 400, _optionalChain([err, 'optionalAccess', _311 => _311.message]) || "Bad Request");
2845
+ return sendError(res, 400, _optionalChain([err, 'optionalAccess', _318 => _318.message]) || "Bad Request");
2763
2846
  }
2764
2847
  if (!authResult.ok) {
2765
2848
  releaseSlot();
2766
2849
  return sendAuthError(res, authResult);
2767
2850
  }
2768
- let apiFn = _optionalChain([$asai, 'access', _312 => _312.hostserverapi, 'access', _313 => _313[apiHandlerKey], 'optionalCall', _314 => _314($asai, query)]);
2851
+ let apiFn = _optionalChain([$asai, 'access', _319 => _319.hostserverapi, 'access', _320 => _320[apiHandlerKey], 'optionalCall', _321 => _321($asai, query)]);
2769
2852
  if (!apiFn) {
2770
2853
  return sendError(res, 501, "Not Implemented");
2771
2854
  }
@@ -2781,23 +2864,23 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2781
2864
  postdata = processed.postdata;
2782
2865
  pm = processed.pm;
2783
2866
  isAes = processed.isAes;
2784
- } catch (e39) {
2867
+ } catch (e44) {
2785
2868
  return sendError(res, 400, "AES decrypt failed");
2786
2869
  }
2787
- if (_optionalChain([apiFn, 'optionalAccess', _315 => _315.post]) && typeof _optionalChain([apiFn, 'optionalAccess', _316 => _316.post]) === "function") {
2870
+ if (_optionalChain([apiFn, 'optionalAccess', _322 => _322.post]) && typeof _optionalChain([apiFn, 'optionalAccess', _323 => _323.post]) === "function") {
2788
2871
  const optTmp = { qrdata, data: postdata, pm };
2789
- if (isAes || _optionalChain([$asai, 'access', _317 => _317.$lib, 'access', _318 => _318.aesfns, 'optionalAccess', _319 => _319.allaes])) {
2790
- optTmp.resAES = _optionalChain([$asai, 'access', _320 => _320.$lib, 'access', _321 => _321.aesfns, 'optionalAccess', _322 => _322.resAES]);
2872
+ if (isAes || _optionalChain([$asai, 'access', _324 => _324.$lib, 'access', _325 => _325.aesfns, 'optionalAccess', _326 => _326.allaes])) {
2873
+ optTmp.resAES = _optionalChain([$asai, 'access', _327 => _327.$lib, 'access', _328 => _328.aesfns, 'optionalAccess', _329 => _329.resAES]);
2791
2874
  }
2792
2875
  apiFn.post(req, res, hostdir, optTmp);
2793
2876
  } else {
2794
2877
  res.end(typeof postdata === "string" ? postdata : JSON.stringify(_nullishCoalesce(postdata, () => ( ""))));
2795
2878
  }
2796
2879
  } else if (req.method === "GET") {
2797
- if (_optionalChain([apiFn, 'optionalAccess', _323 => _323.get]) && typeof _optionalChain([apiFn, 'optionalAccess', _324 => _324.get]) === "function") {
2880
+ if (_optionalChain([apiFn, 'optionalAccess', _330 => _330.get]) && typeof _optionalChain([apiFn, 'optionalAccess', _331 => _331.get]) === "function") {
2798
2881
  const optTmp = { qrdata, data: qrdata, pm };
2799
- if (isAes || _optionalChain([$asai, 'access', _325 => _325.$lib, 'access', _326 => _326.aesfns, 'optionalAccess', _327 => _327.allaes])) {
2800
- optTmp.resAES = _optionalChain([$asai, 'access', _328 => _328.$lib, 'access', _329 => _329.aesfns, 'optionalAccess', _330 => _330.resAES]);
2882
+ if (isAes || _optionalChain([$asai, 'access', _332 => _332.$lib, 'access', _333 => _333.aesfns, 'optionalAccess', _334 => _334.allaes])) {
2883
+ optTmp.resAES = _optionalChain([$asai, 'access', _335 => _335.$lib, 'access', _336 => _336.aesfns, 'optionalAccess', _337 => _337.resAES]);
2801
2884
  }
2802
2885
  apiFn.get(req, res, hostdir, optTmp);
2803
2886
  } else {
@@ -2805,12 +2888,12 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2805
2888
  }
2806
2889
  }
2807
2890
  } else {
2808
- if (_optionalChain([Object, 'access', _331 => _331.keys, 'call', _332 => _332(query), 'optionalAccess', _333 => _333.length])) {
2891
+ if (_optionalChain([Object, 'access', _338 => _338.keys, 'call', _339 => _339(query), 'optionalAccess', _340 => _340.length])) {
2809
2892
  qrdata = query;
2810
2893
  }
2811
2894
  if (req.method === "POST") {
2812
2895
  $asai.$lib.AsNodeTool.upBinary(req).then((postdata2) => {
2813
- if (_optionalChain([apiFn, 'optionalAccess', _334 => _334.post]) && typeof _optionalChain([apiFn, 'optionalAccess', _335 => _335.post]) === "function") {
2896
+ if (_optionalChain([apiFn, 'optionalAccess', _341 => _341.post]) && typeof _optionalChain([apiFn, 'optionalAccess', _342 => _342.post]) === "function") {
2814
2897
  apiFn.post(req, res, hostdir, {
2815
2898
  qrdata,
2816
2899
  data: postdata2
@@ -2826,13 +2909,13 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2826
2909
  } catch (err) {
2827
2910
  releaseSlot();
2828
2911
  if (!res.headersSent) {
2829
- return sendError(res, 500, _optionalChain([err, 'optionalAccess', _336 => _336.message]) || "Internal Server Error");
2912
+ return sendError(res, 500, _optionalChain([err, 'optionalAccess', _343 => _343.message]) || "Internal Server Error");
2830
2913
  }
2831
2914
  }
2832
2915
  })().catch((err) => {
2833
2916
  releaseSlot();
2834
2917
  if (!res.headersSent) {
2835
- sendError(res, 500, _optionalChain([err, 'optionalAccess', _337 => _337.message]) || "Internal Server Error");
2918
+ sendError(res, 500, _optionalChain([err, 'optionalAccess', _344 => _344.message]) || "Internal Server Error");
2836
2919
  }
2837
2920
  });
2838
2921
  } else {
@@ -2845,12 +2928,12 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2845
2928
 
2846
2929
  // src/common/server/Ws.ts
2847
2930
  var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, opt = {}) => {
2848
- _optionalChain([opt, 'optionalAccess', _338 => _338.fn, 'optionalCall', _339 => _339($asai)]);
2931
+ _optionalChain([opt, 'optionalAccess', _345 => _345.fn, 'optionalCall', _346 => _346($asai)]);
2849
2932
  const wsHandlerCache = /* @__PURE__ */ new Map();
2850
2933
  const routeIndex = ensureWsRouteIndex($asai);
2851
2934
  function getWsHandler(handlerKey) {
2852
2935
  if (!wsHandlerCache.has(handlerKey)) {
2853
- wsHandlerCache.set(handlerKey, _optionalChain([$asai, 'access', _340 => _340.hostserverws, 'access', _341 => _341[handlerKey], 'optionalCall', _342 => _342($asai)]));
2936
+ wsHandlerCache.set(handlerKey, _optionalChain([$asai, 'access', _347 => _347.hostserverws, 'access', _348 => _348[handlerKey], 'optionalCall', _349 => _349($asai)]));
2854
2937
  }
2855
2938
  return wsHandlerCache.get(handlerKey);
2856
2939
  }
@@ -2874,21 +2957,21 @@ var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, o
2874
2957
  let reqdata = parseMessage(msg);
2875
2958
  let handlerKey;
2876
2959
  if (reqdata === "ping") {
2877
- _optionalChain([ws2, 'access', _343 => _343.send, 'optionalCall', _344 => _344("pong")]);
2960
+ _optionalChain([ws2, 'access', _350 => _350.send, 'optionalCall', _351 => _351("pong")]);
2878
2961
  return;
2879
2962
  } else {
2880
2963
  const reqdataisobj = typeof reqdata === "object" && reqdata !== null;
2881
- handlerKey = reqdataisobj ? routeIndex.matchTy(_optionalChain([reqdata, 'optionalAccess', _345 => _345.ty])) : routeIndex.matchString(reqdata);
2882
- if (!handlerKey && _optionalChain([$asai, 'access', _346 => _346.hostserverwss, 'optionalAccess', _347 => _347.length])) {
2964
+ handlerKey = reqdataisobj ? routeIndex.matchTy(_optionalChain([reqdata, 'optionalAccess', _352 => _352.ty])) : routeIndex.matchString(reqdata);
2965
+ if (!handlerKey && _optionalChain([$asai, 'access', _353 => _353.hostserverwss, 'optionalAccess', _354 => _354.length])) {
2883
2966
  handlerKey = $asai.hostserverwss.find((elp) => {
2884
2967
  if (reqdataisobj) {
2885
- return _optionalChain([reqdata, 'optionalAccess', _348 => _348.ty, 'optionalAccess', _349 => _349.startsWith, 'call', _350 => _350(elp)]);
2968
+ return _optionalChain([reqdata, 'optionalAccess', _355 => _355.ty, 'optionalAccess', _356 => _356.startsWith, 'call', _357 => _357(elp)]);
2886
2969
  }
2887
2970
  return typeof reqdata === "string" && reqdata.startsWith(elp);
2888
2971
  });
2889
2972
  }
2890
2973
  if (!handlerKey) {
2891
- _optionalChain([$asai, 'access', _351 => _351.asaimock, 'optionalAccess', _352 => _352.wsWorkMock, 'call', _353 => _353({
2974
+ _optionalChain([$asai, 'access', _358 => _358.asaimock, 'optionalAccess', _359 => _359.wsWorkMock, 'call', _360 => _360({
2892
2975
  msg,
2893
2976
  ws: ws2,
2894
2977
  hostdir,
@@ -2900,14 +2983,14 @@ var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, o
2900
2983
  }
2901
2984
  }
2902
2985
  if (!handlerKey) return;
2903
- _optionalChain([getWsHandler, 'call', _354 => _354(handlerKey), 'optionalAccess', _355 => _355.work, 'optionalCall', _356 => _356(reqdata, ws2, hostdir, req)]);
2986
+ _optionalChain([getWsHandler, 'call', _361 => _361(handlerKey), 'optionalAccess', _362 => _362.work, 'optionalCall', _363 => _363(reqdata, ws2, hostdir, req)]);
2904
2987
  } catch (err) {
2905
- _optionalChain([($asai.$log || console.error), 'optionalCall', _357 => _357("WS", "handler error", err instanceof Error ? err.message : err)]);
2988
+ _optionalChain([($asai.$log || console.error), 'optionalCall', _364 => _364("WS", "handler error", err instanceof Error ? err.message : err)]);
2906
2989
  }
2907
2990
  }
2908
2991
  _chunkSMVZ3ZDJcjs.__name.call(void 0, wsWork, "wsWork");
2909
2992
  function _getMessage(msg) {
2910
- if (_optionalChain([msg, 'optionalAccess', _358 => _358.db, 'optionalAccess', _359 => _359.aes]) && _optionalChain([$asai, 'access', _360 => _360.$lib, 'optionalAccess', _361 => _361.aesfns, 'optionalAccess', _362 => _362.reqAES])) {
2993
+ if (_optionalChain([msg, 'optionalAccess', _365 => _365.db, 'optionalAccess', _366 => _366.aes]) && _optionalChain([$asai, 'access', _367 => _367.$lib, 'optionalAccess', _368 => _368.aesfns, 'optionalAccess', _369 => _369.reqAES])) {
2911
2994
  msg.db = $asai.$lib.aesfns.reqAES({ data: msg.db });
2912
2995
  }
2913
2996
  return msg;
@@ -2934,12 +3017,12 @@ var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, o
2934
3017
 
2935
3018
  // src/common/server/Sys.ts
2936
3019
  var Sys_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, opt = {}) => {
2937
- _optionalChain([opt, 'optionalAccess', _363 => _363.fn, 'optionalCall', _364 => _364($asai)]);
3020
+ _optionalChain([opt, 'optionalAccess', _370 => _370.fn, 'optionalCall', _371 => _371($asai)]);
2938
3021
  let sysRouteCache = null;
2939
3022
  let sysRouteCacheLen = -1;
2940
3023
  function findSystemHandler(req) {
2941
3024
  const routes = $asai.hostserversyss;
2942
- if (!_optionalChain([routes, 'optionalAccess', _365 => _365.length])) return void 0;
3025
+ if (!_optionalChain([routes, 'optionalAccess', _372 => _372.length])) return void 0;
2943
3026
  if (!sysRouteCache || sysRouteCacheLen !== routes.length) {
2944
3027
  sysRouteCache = routes.map((elp) => ({ key: elp, route: `/${elp}` }));
2945
3028
  sysRouteCacheLen = routes.length;
@@ -2973,21 +3056,21 @@ var Sys_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2973
3056
  if (!authResult.ok) {
2974
3057
  return sendAuthError(res, authResult);
2975
3058
  }
2976
- const handler = _optionalChain([$asai, 'access', _366 => _366.hostserversys, 'access', _367 => _367[handlerKey], 'optionalCall', _368 => _368($asai)]);
3059
+ const handler = _optionalChain([$asai, 'access', _373 => _373.hostserversys, 'access', _374 => _374[handlerKey], 'optionalCall', _375 => _375($asai)]);
2977
3060
  if (!handler) {
2978
3061
  return sendError(res, 500, "Handler Initialization Failed");
2979
3062
  }
2980
- if (_optionalChain([handler, 'optionalAccess', _369 => _369.show]) && typeof _optionalChain([handler, 'optionalAccess', _370 => _370.show]) === "function") {
3063
+ if (_optionalChain([handler, 'optionalAccess', _376 => _376.show]) && typeof _optionalChain([handler, 'optionalAccess', _377 => _377.show]) === "function") {
2981
3064
  handler.show(req, res, hostdir);
2982
3065
  } else {
2983
3066
  res.end("postdata");
2984
3067
  }
2985
3068
  } catch (err) {
2986
- return sendError(res, 500, _optionalChain([err, 'optionalAccess', _371 => _371.message]) || "Internal Server Error");
3069
+ return sendError(res, 500, _optionalChain([err, 'optionalAccess', _378 => _378.message]) || "Internal Server Error");
2987
3070
  }
2988
3071
  })().catch((err) => {
2989
3072
  if (!res.headersSent) {
2990
- sendError(res, 500, _optionalChain([err, 'optionalAccess', _372 => _372.message]) || "Internal Server Error");
3073
+ sendError(res, 500, _optionalChain([err, 'optionalAccess', _379 => _379.message]) || "Internal Server Error");
2991
3074
  }
2992
3075
  });
2993
3076
  }
@@ -2997,14 +3080,14 @@ var Sys_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2997
3080
 
2998
3081
  // src/common/server/WsClient.ts
2999
3082
  var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, wsname) => {
3000
- if (!_optionalChain([$asai, 'optionalAccess', _373 => _373.clientws])) {
3083
+ if (!_optionalChain([$asai, 'optionalAccess', _380 => _380.clientws])) {
3001
3084
  $asai.clientws = {};
3002
3085
  }
3003
3086
  if (!$asai.clientws[wsname]) {
3004
3087
  $asai.clientws[wsname] = { tasks: /* @__PURE__ */ new Map() };
3005
3088
  }
3006
3089
  function getKeyByData(msgdata) {
3007
- return _optionalChain([msgdata, 'optionalAccess', _374 => _374.id]) || _optionalChain([msgdata, 'optionalAccess', _375 => _375.ty]);
3090
+ return _optionalChain([msgdata, 'optionalAccess', _381 => _381.id]) || _optionalChain([msgdata, 'optionalAccess', _382 => _382.ty]);
3008
3091
  }
3009
3092
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getKeyByData, "getKeyByData");
3010
3093
  function clientwsInit() {
@@ -3017,7 +3100,7 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
3017
3100
  };
3018
3101
  $asai.clientws[wsname].socket.on("error", (err) => {
3019
3102
  $asai.clientws[wsname].open = 0;
3020
- _optionalChain([$asai, 'access', _376 => _376.hostconfig, 'access', _377 => _377.logger, 'optionalAccess', _378 => _378.lv, 'optionalAccess', _379 => _379.view]) && console.error(
3103
+ _optionalChain([$asai, 'access', _383 => _383.hostconfig, 'access', _384 => _384.logger, 'optionalAccess', _385 => _385.lv, 'optionalAccess', _386 => _386.view]) && console.error(
3021
3104
  666.2203,
3022
3105
  `${wsname}=${$asai.command.commandconfig.clientws[wsname]} is error.`,
3023
3106
  err
@@ -3026,14 +3109,14 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
3026
3109
  });
3027
3110
  $asai.clientws[wsname].socket.on("close", () => {
3028
3111
  $asai.clientws[wsname].open = 0;
3029
- _optionalChain([$asai, 'access', _380 => _380.hostconfig, 'access', _381 => _381.logger, 'optionalAccess', _382 => _382.lv, 'optionalAccess', _383 => _383.view]) && console.error(
3112
+ _optionalChain([$asai, 'access', _387 => _387.hostconfig, 'access', _388 => _388.logger, 'optionalAccess', _389 => _389.lv, 'optionalAccess', _390 => _390.view]) && console.error(
3030
3113
  666.2205,
3031
3114
  `${wsname}=${$asai.command.commandconfig.clientws[wsname]} is close.`
3032
3115
  );
3033
3116
  reject();
3034
3117
  });
3035
3118
  $asai.clientws[wsname].socket.onopen = () => {
3036
- _optionalChain([$asai, 'access', _384 => _384.hostconfig, 'access', _385 => _385.logger, 'optionalAccess', _386 => _386.lv, 'optionalAccess', _387 => _387.view]) && console.log(
3119
+ _optionalChain([$asai, 'access', _391 => _391.hostconfig, 'access', _392 => _392.logger, 'optionalAccess', _393 => _393.lv, 'optionalAccess', _394 => _394.view]) && console.log(
3037
3120
  666.2201,
3038
3121
  `${wsname}=${$asai.command.commandconfig.clientws[wsname]} is open.`
3039
3122
  );
@@ -3056,7 +3139,7 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
3056
3139
  const key = getKeyByData(messageData);
3057
3140
  const task = $asai.clientws[wsname].tasks.get(key);
3058
3141
  if (task) {
3059
- _optionalChain([task, 'optionalAccess', _388 => _388.callback, 'call', _389 => _389(messageData)]);
3142
+ _optionalChain([task, 'optionalAccess', _395 => _395.callback, 'call', _396 => _396(messageData)]);
3060
3143
  if (messageData.ty && !messageData.id) {
3061
3144
  } else {
3062
3145
  $asai.clientws[wsname].tasks.delete(key);
@@ -3110,7 +3193,7 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
3110
3193
  }
3111
3194
  _chunkSMVZ3ZDJcjs.__name.call(void 0, clientwsWatch, "clientwsWatch");
3112
3195
  function clientwsWatchOff(messageData) {
3113
- if (_optionalChain([messageData, 'optionalAccess', _390 => _390.ty]) === "clear") {
3196
+ if (_optionalChain([messageData, 'optionalAccess', _397 => _397.ty]) === "clear") {
3114
3197
  $asai.clientws[wsname].tasks = /* @__PURE__ */ new Map();
3115
3198
  } else {
3116
3199
  const key = getKeyByData(messageData);
@@ -3151,7 +3234,7 @@ var ping_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai)
3151
3234
  var web_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3152
3235
  function chatBoard(msgdata, ws2, hostdir, req) {
3153
3236
  let room;
3154
- if (_optionalChain([msgdata, 'access', _391 => _391.db, 'optionalAccess', _392 => _392.room]) && typeof msgdata.db.room === "string") {
3237
+ if (_optionalChain([msgdata, 'access', _398 => _398.db, 'optionalAccess', _399 => _399.room]) && typeof msgdata.db.room === "string") {
3155
3238
  room = msgdata.db.room;
3156
3239
  delete msgdata.db.room;
3157
3240
  } else {
@@ -3208,26 +3291,26 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3208
3291
  removeFile: removeFile2,
3209
3292
  resolvePathUnderBase: resolvePathUnderBase2
3210
3293
  } = $asai.$lib.AsFs;
3211
- const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'access', _393 => _393.$lib, 'optionalAccess', _394 => _394.reqWork, 'optionalCall', _395 => _395($asai)]);
3294
+ const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'access', _400 => _400.$lib, 'optionalAccess', _401 => _401.reqWork, 'optionalCall', _402 => _402($asai)]);
3212
3295
  function mgLog(...arg) {
3213
3296
  mnLog("LOG", ...arg);
3214
3297
  }
3215
3298
  _chunkSMVZ3ZDJcjs.__name.call(void 0, mgLog, "mgLog");
3216
3299
  function getDir(opt) {
3217
- let tmpDir = _optionalChain([opt, 'access', _396 => _396.qrdata, 'optionalAccess', _397 => _397.dir]) || _optionalChain([opt, 'access', _398 => _398.data, 'optionalAccess', _399 => _399.dir]);
3300
+ let tmpDir = _optionalChain([opt, 'access', _403 => _403.qrdata, 'optionalAccess', _404 => _404.dir]) || _optionalChain([opt, 'access', _405 => _405.data, 'optionalAccess', _406 => _406.dir]);
3218
3301
  if (tmpDir) {
3219
3302
  tmpDir = decodeURIComponent(tmpDir);
3220
3303
  } else {
3221
- tmpDir = _optionalChain([opt, 'access', _400 => _400.qrdata, 'optionalAccess', _401 => _401.ty]) || _optionalChain([opt, 'access', _402 => _402.data, 'optionalAccess', _403 => _403.ty]);
3304
+ tmpDir = _optionalChain([opt, 'access', _407 => _407.qrdata, 'optionalAccess', _408 => _408.ty]) || _optionalChain([opt, 'access', _409 => _409.data, 'optionalAccess', _410 => _410.ty]);
3222
3305
  if (tmpDir) {
3223
3306
  tmpDir = decodeURIComponent(tmpDir);
3224
3307
  if (tmpDir === "access-clf" || tmpDir === "access-w3c") {
3225
- tmpDir = _optionalChain([$asai, 'access', _404 => _404.hostconfig, 'access', _405 => _405.logger, 'optionalAccess', _406 => _406.path, 'optionalAccess', _407 => _407.access]) || "";
3308
+ tmpDir = _optionalChain([$asai, 'access', _411 => _411.hostconfig, 'access', _412 => _412.logger, 'optionalAccess', _413 => _413.path, 'optionalAccess', _414 => _414.access]) || "";
3226
3309
  } else {
3227
- tmpDir = _optionalChain([$asai, 'access', _408 => _408.hostconfig, 'access', _409 => _409.logger, 'optionalAccess', _410 => _410.path, 'optionalAccess', _411 => _411[tmpDir]]) || "";
3310
+ tmpDir = _optionalChain([$asai, 'access', _415 => _415.hostconfig, 'access', _416 => _416.logger, 'optionalAccess', _417 => _417.path, 'optionalAccess', _418 => _418[tmpDir]]) || "";
3228
3311
  }
3229
3312
  } else {
3230
- tmpDir = _optionalChain([$asai, 'access', _412 => _412.hostconfig, 'access', _413 => _413.logger, 'optionalAccess', _414 => _414.path, 'optionalAccess', _415 => _415.client]) || "";
3313
+ tmpDir = _optionalChain([$asai, 'access', _419 => _419.hostconfig, 'access', _420 => _420.logger, 'optionalAccess', _421 => _421.path, 'optionalAccess', _422 => _422.client]) || "";
3231
3314
  }
3232
3315
  }
3233
3316
  return tmpDir;
@@ -3245,7 +3328,7 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3245
3328
  return;
3246
3329
  }
3247
3330
  if (url.startsWith("/api/asailog/manage/add/")) {
3248
- if (!await ensureLv(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3331
+ if (!await ensureLv(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3249
3332
  try {
3250
3333
  mgLog("add", "server:", opt.data);
3251
3334
  await $asai.$log("LOG", "ADD", opt.data);
@@ -3259,7 +3342,7 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3259
3342
  if (!await ensureLv(req, $asai, 3)) return sendFail(res, "Forbidden", opt);
3260
3343
  try {
3261
3344
  const baseDir = getDir(opt);
3262
- const relPath = decodeURIComponent(_optionalChain([opt, 'access', _416 => _416.qrdata, 'optionalAccess', _417 => _417.path]) || _optionalChain([opt, 'access', _418 => _418.data, 'optionalAccess', _419 => _419.path]));
3345
+ const relPath = decodeURIComponent(_optionalChain([opt, 'access', _423 => _423.qrdata, 'optionalAccess', _424 => _424.path]) || _optionalChain([opt, 'access', _425 => _425.data, 'optionalAccess', _426 => _426.path]));
3263
3346
  const jsonpath = resolvePathUnderBase2(baseDir, relPath);
3264
3347
  await ensureFile2(jsonpath);
3265
3348
  mgLog("ENSURE", jsonpath);
@@ -3278,9 +3361,9 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3278
3361
  async function get(req, res, hostdir, opt) {
3279
3362
  const url = req.url;
3280
3363
  if (url.startsWith("/api/asailog/manage/selectlist/")) {
3281
- if (!await ensureLv(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3364
+ if (!await ensureLv(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3282
3365
  try {
3283
- const ty = decodeURIComponent(_optionalChain([opt, 'access', _420 => _420.qrdata, 'optionalAccess', _421 => _421.ty]) || _optionalChain([opt, 'access', _422 => _422.data, 'optionalAccess', _423 => _423.ty]) || "client");
3366
+ const ty = decodeURIComponent(_optionalChain([opt, 'access', _427 => _427.qrdata, 'optionalAccess', _428 => _428.ty]) || _optionalChain([opt, 'access', _429 => _429.data, 'optionalAccess', _430 => _430.ty]) || "client");
3284
3367
  if (!_chunkHR5JKN7Ycjs.prefersDiskLogAccess.call(void 0, $asai) && _chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai) && (ty === "client" || ty === "server" || ty === "sec")) {
3285
3368
  const kind = ty === "sec" ? "sec" : "web";
3286
3369
  const groups = await _chunkHR5JKN7Ycjs.listUnifiedGroups.call(void 0, $asai, { kind, source: ty === "sec" ? "sec" : ty });
@@ -3306,10 +3389,10 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3306
3389
  return;
3307
3390
  }
3308
3391
  if (url.startsWith("/api/asailog/manage/select/")) {
3309
- if (!await ensureLv(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3392
+ if (!await ensureLv(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3310
3393
  try {
3311
- const ty = decodeURIComponent(_optionalChain([opt, 'access', _424 => _424.qrdata, 'optionalAccess', _425 => _425.ty]) || _optionalChain([opt, 'access', _426 => _426.data, 'optionalAccess', _427 => _427.ty]) || "client");
3312
- const relPath = decodeURIComponent(_optionalChain([opt, 'access', _428 => _428.qrdata, 'optionalAccess', _429 => _429.path]) || _optionalChain([opt, 'access', _430 => _430.data, 'optionalAccess', _431 => _431.path]));
3394
+ const ty = decodeURIComponent(_optionalChain([opt, 'access', _431 => _431.qrdata, 'optionalAccess', _432 => _432.ty]) || _optionalChain([opt, 'access', _433 => _433.data, 'optionalAccess', _434 => _434.ty]) || "client");
3395
+ const relPath = decodeURIComponent(_optionalChain([opt, 'access', _435 => _435.qrdata, 'optionalAccess', _436 => _436.path]) || _optionalChain([opt, 'access', _437 => _437.data, 'optionalAccess', _438 => _438.path]));
3313
3396
  if (!_chunkHR5JKN7Ycjs.prefersDiskLogAccess.call(void 0, $asai) && _chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai) && (ty === "client" || ty === "server" || ty === "sec")) {
3314
3397
  const data2 = await _chunkHR5JKN7Ycjs.readWebLogFromStore.call(void 0, $asai, ty, relPath);
3315
3398
  if (data2) {
@@ -3337,7 +3420,7 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3337
3420
  if (!await ensureLv(req, $asai, 3)) return sendFail(res, "Forbidden", opt);
3338
3421
  try {
3339
3422
  const baseDir = getDir(opt);
3340
- const relPath = decodeURIComponent(_optionalChain([opt, 'access', _432 => _432.qrdata, 'optionalAccess', _433 => _433.path]) || _optionalChain([opt, 'access', _434 => _434.data, 'optionalAccess', _435 => _435.path]));
3423
+ const relPath = decodeURIComponent(_optionalChain([opt, 'access', _439 => _439.qrdata, 'optionalAccess', _440 => _440.path]) || _optionalChain([opt, 'access', _441 => _441.data, 'optionalAccess', _442 => _442.path]));
3341
3424
  const fileName = relPath.split(/[/\\]/).pop() || relPath;
3342
3425
  if (_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) {
3343
3426
  await _chunkHR5JKN7Ycjs.purgeStoreEntriesForFile.call(void 0, $asai, fileName).catch(() => void 0);
@@ -3360,14 +3443,14 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3360
3443
 
3361
3444
  // src/infra/siem-auth.ts
3362
3445
  function isSiemEnabled($asai) {
3363
- const cfg = _optionalChain([$asai, 'optionalAccess', _436 => _436.hostconfig, 'optionalAccess', _437 => _437.logger, 'optionalAccess', _438 => _438.siem]);
3364
- return !!(_optionalChain([cfg, 'optionalAccess', _439 => _439.enabled]) && getSiemToken($asai));
3446
+ const cfg = _optionalChain([$asai, 'optionalAccess', _443 => _443.hostconfig, 'optionalAccess', _444 => _444.logger, 'optionalAccess', _445 => _445.siem]);
3447
+ return !!(_optionalChain([cfg, 'optionalAccess', _446 => _446.enabled]) && getSiemToken($asai));
3365
3448
  }
3366
3449
  _chunkSMVZ3ZDJcjs.__name.call(void 0, isSiemEnabled, "isSiemEnabled");
3367
3450
  function getSiemToken($asai) {
3368
3451
  const fromEnv = process.env.ASAI_SIEM_TOKEN;
3369
3452
  if (typeof fromEnv === "string" && fromEnv.trim()) return fromEnv.trim();
3370
- const fromCfg = _optionalChain([$asai, 'optionalAccess', _440 => _440.hostconfig, 'optionalAccess', _441 => _441.logger, 'optionalAccess', _442 => _442.siem, 'optionalAccess', _443 => _443.token]);
3453
+ const fromCfg = _optionalChain([$asai, 'optionalAccess', _447 => _447.hostconfig, 'optionalAccess', _448 => _448.logger, 'optionalAccess', _449 => _449.siem, 'optionalAccess', _450 => _450.token]);
3371
3454
  return typeof fromCfg === "string" ? fromCfg.trim() : "";
3372
3455
  }
3373
3456
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getSiemToken, "getSiemToken");
@@ -3375,9 +3458,9 @@ function isSiemTokenValid($asai, req) {
3375
3458
  if (!isSiemEnabled($asai)) return false;
3376
3459
  const expected = getSiemToken($asai);
3377
3460
  if (!expected) return false;
3378
- const header = _optionalChain([req, 'optionalAccess', _444 => _444.headers, 'optionalAccess', _445 => _445["x-siem-token"]]) || _optionalChain([req, 'optionalAccess', _446 => _446.headers, 'optionalAccess', _447 => _447["x-api-key"]]);
3461
+ const header = _optionalChain([req, 'optionalAccess', _451 => _451.headers, 'optionalAccess', _452 => _452["x-siem-token"]]) || _optionalChain([req, 'optionalAccess', _453 => _453.headers, 'optionalAccess', _454 => _454["x-api-key"]]);
3379
3462
  if (typeof header === "string" && header === expected) return true;
3380
- const q = _optionalChain([req, 'optionalAccess', _448 => _448.query]) || {};
3463
+ const q = _optionalChain([req, 'optionalAccess', _455 => _455.query]) || {};
3381
3464
  const qToken = q.siem_token || q.token;
3382
3465
  return typeof qToken === "string" && qToken === expected;
3383
3466
  }
@@ -3401,20 +3484,20 @@ function getNs(raw) {
3401
3484
  }
3402
3485
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getNs, "getNs");
3403
3486
  async function ensureServerUser(req, $asai) {
3404
- if (Array.isArray(_optionalChain([req, 'optionalAccess', _449 => _449.Userinfo])) && req.Userinfo[0]) {
3487
+ if (Array.isArray(_optionalChain([req, 'optionalAccess', _456 => _456.Userinfo])) && req.Userinfo[0]) {
3405
3488
  await attachServerUserLevel(req, $asai);
3406
3489
  }
3407
3490
  }
3408
3491
  _chunkSMVZ3ZDJcjs.__name.call(void 0, ensureServerUser, "ensureServerUser");
3409
3492
  var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3410
- const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _450 => _450.$lib, 'optionalAccess', _451 => _451.reqWork, 'optionalCall', _452 => _452($asai)]) || {};
3493
+ const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _457 => _457.$lib, 'optionalAccess', _458 => _458.reqWork, 'optionalCall', _459 => _459($asai)]) || {};
3411
3494
  const IL = $asai.$lib.InterventionLog;
3412
3495
  async function get(req, res, hostdir, opt) {
3413
3496
  const url = req.url || "";
3414
3497
  if (url.startsWith("/api/asailog/intervention/selectlist/")) {
3415
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3498
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3416
3499
  try {
3417
- const ns = getNs(_optionalChain([opt, 'access', _453 => _453.qrdata, 'optionalAccess', _454 => _454.ns]) || _optionalChain([opt, 'access', _455 => _455.data, 'optionalAccess', _456 => _456.ns]));
3500
+ const ns = getNs(_optionalChain([opt, 'access', _460 => _460.qrdata, 'optionalAccess', _461 => _461.ns]) || _optionalChain([opt, 'access', _462 => _462.data, 'optionalAccess', _463 => _463.ns]));
3418
3501
  let list = await IL.listInterventionFiles($asai, ns);
3419
3502
  if (_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai) && !_chunkHR5JKN7Ycjs.prefersDiskLogAccess.call(void 0, $asai)) {
3420
3503
  const groups = await _chunkHR5JKN7Ycjs.listUnifiedGroups.call(void 0, $asai, { kind: "intervention", ns });
@@ -3426,27 +3509,27 @@ var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void
3426
3509
  }
3427
3510
  return sendSuccess(res, { ns, files: list }, opt);
3428
3511
  } catch (err) {
3429
- return sendFail(res, _optionalChain([err, 'optionalAccess', _457 => _457.message]) || err, opt);
3512
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _464 => _464.message]) || err, opt);
3430
3513
  }
3431
3514
  }
3432
3515
  if (url.startsWith("/api/asailog/intervention/select/")) {
3433
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3516
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3434
3517
  try {
3435
- const name = decodeURIComponent(_optionalChain([opt, 'access', _458 => _458.qrdata, 'optionalAccess', _459 => _459.name]) || _optionalChain([opt, 'access', _460 => _460.data, 'optionalAccess', _461 => _461.name]) || "");
3436
- const ns = getNs(_optionalChain([opt, 'access', _462 => _462.qrdata, 'optionalAccess', _463 => _463.ns]) || _optionalChain([opt, 'access', _464 => _464.data, 'optionalAccess', _465 => _465.ns]));
3518
+ const name = decodeURIComponent(_optionalChain([opt, 'access', _465 => _465.qrdata, 'optionalAccess', _466 => _466.name]) || _optionalChain([opt, 'access', _467 => _467.data, 'optionalAccess', _468 => _468.name]) || "");
3519
+ const ns = getNs(_optionalChain([opt, 'access', _469 => _469.qrdata, 'optionalAccess', _470 => _470.ns]) || _optionalChain([opt, 'access', _471 => _471.data, 'optionalAccess', _472 => _472.ns]));
3437
3520
  if (!name) return sendFail(res, "name required", opt);
3438
3521
  const content = await IL.readInterventionFile($asai, name, ns);
3439
3522
  return sendSuccess(res, { ns, ...content }, opt);
3440
3523
  } catch (err) {
3441
- return sendFail(res, _optionalChain([err, 'optionalAccess', _466 => _466.message]) || err, opt);
3524
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _473 => _473.message]) || err, opt);
3442
3525
  }
3443
3526
  }
3444
3527
  if (url.startsWith("/api/asailog/intervention/types/")) {
3445
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3528
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3446
3529
  try {
3447
3530
  return sendSuccess(res, IL.getInterventionTaxonomy($asai), opt);
3448
3531
  } catch (err) {
3449
- return sendFail(res, _optionalChain([err, 'optionalAccess', _467 => _467.message]) || err, opt);
3532
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _474 => _474.message]) || err, opt);
3450
3533
  }
3451
3534
  }
3452
3535
  }
@@ -3454,7 +3537,7 @@ var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void
3454
3537
  async function post(req, res, hostdir, opt) {
3455
3538
  const url = req.url || "";
3456
3539
  if (url.startsWith("/api/asailog/intervention/delete/")) {
3457
- if (!await ensureLogWriteAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) return sendFail(res, "Forbidden", opt);
3540
+ if (!await ensureLogWriteAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) return sendFail(res, "Forbidden", opt);
3458
3541
  await ensureServerUser(req, $asai);
3459
3542
  const lv = getRequestUserLevel(req);
3460
3543
  const us = getRequestUsername(req);
@@ -3476,7 +3559,7 @@ var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void
3476
3559
  );
3477
3560
  return sendSuccess(res, { ns, ...result }, opt);
3478
3561
  } catch (err) {
3479
- return sendFail(res, _optionalChain([err, 'optionalAccess', _468 => _468.message]) || err, opt);
3562
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _475 => _475.message]) || err, opt);
3480
3563
  }
3481
3564
  }
3482
3565
  }
@@ -3495,11 +3578,11 @@ function parseQuery(opt) {
3495
3578
  }
3496
3579
  _chunkSMVZ3ZDJcjs.__name.call(void 0, parseQuery, "parseQuery");
3497
3580
  function parseBody(opt) {
3498
- if (!_optionalChain([opt, 'optionalAccess', _469 => _469.data])) return {};
3581
+ if (!_optionalChain([opt, 'optionalAccess', _476 => _476.data])) return {};
3499
3582
  if (typeof opt.data === "string") {
3500
3583
  try {
3501
3584
  return JSON.parse(opt.data);
3502
- } catch (e40) {
3585
+ } catch (e45) {
3503
3586
  return {};
3504
3587
  }
3505
3588
  }
@@ -3507,21 +3590,21 @@ function parseBody(opt) {
3507
3590
  }
3508
3591
  _chunkSMVZ3ZDJcjs.__name.call(void 0, parseBody, "parseBody");
3509
3592
  var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3510
- const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _470 => _470.$lib, 'optionalAccess', _471 => _471.reqWork, 'optionalCall', _472 => _472($asai)]) || {};
3593
+ const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _477 => _477.$lib, 'optionalAccess', _478 => _478.reqWork, 'optionalCall', _479 => _479($asai)]) || {};
3511
3594
  const IL = $asai.$lib.InterventionLog;
3512
3595
  async function get(req, res, hostdir, opt) {
3513
3596
  const url = req.url || "";
3514
3597
  const q = parseQuery(opt);
3515
3598
  if (url.startsWith("/api/asailog/store/config/")) {
3516
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3599
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3517
3600
  try {
3518
3601
  return sendSuccess(res, _chunkHR5JKN7Ycjs.getLogStoreMeta.call(void 0, $asai), opt);
3519
3602
  } catch (err) {
3520
- return sendFail(res, _optionalChain([err, 'optionalAccess', _473 => _473.message]) || err, opt);
3603
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _480 => _480.message]) || err, opt);
3521
3604
  }
3522
3605
  }
3523
3606
  if (url.startsWith("/api/asailog/store/stats/")) {
3524
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3607
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3525
3608
  if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) {
3526
3609
  return sendSuccess(res, { store: "disabled", message: "logger.store not configured", config: _chunkHR5JKN7Ycjs.getLogStoreMeta.call(void 0, $asai) }, opt);
3527
3610
  }
@@ -3530,21 +3613,21 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3530
3613
  const stats = await _chunkHR5JKN7Ycjs.getUnifiedStats.call(void 0, $asai);
3531
3614
  return sendSuccess(res, { store: storeType, stats, config: _chunkHR5JKN7Ycjs.getLogStoreMeta.call(void 0, $asai) }, opt);
3532
3615
  } catch (err) {
3533
- return sendFail(res, _optionalChain([err, 'optionalAccess', _474 => _474.message]) || err, opt);
3616
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _481 => _481.message]) || err, opt);
3534
3617
  }
3535
3618
  }
3536
3619
  if (url.startsWith("/api/asailog/store/compliance/")) {
3537
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3620
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3538
3621
  try {
3539
3622
  const ns = q.ns === "test" ? "test" : "prod";
3540
3623
  const report = await _chunkHR5JKN7Ycjs.getComplianceReport.call(void 0, $asai, ns);
3541
3624
  return sendSuccess(res, report, opt);
3542
3625
  } catch (err) {
3543
- return sendFail(res, _optionalChain([err, 'optionalAccess', _475 => _475.message]) || err, opt);
3626
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _482 => _482.message]) || err, opt);
3544
3627
  }
3545
3628
  }
3546
3629
  if (url.startsWith("/api/asailog/store/search/")) {
3547
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3630
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3548
3631
  if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) return sendFail(res, "Log store not enabled", opt);
3549
3632
  try {
3550
3633
  const result = await _chunkHR5JKN7Ycjs.searchUnifiedLogs.call(void 0, $asai, {
@@ -3562,11 +3645,11 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3562
3645
  });
3563
3646
  return sendSuccess(res, result, opt);
3564
3647
  } catch (err) {
3565
- return sendFail(res, _optionalChain([err, 'optionalAccess', _476 => _476.message]) || err, opt);
3648
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _483 => _483.message]) || err, opt);
3566
3649
  }
3567
3650
  }
3568
3651
  if (url.startsWith("/api/asailog/store/export/")) {
3569
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3652
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3570
3653
  try {
3571
3654
  const kind = q.kind || "intervention";
3572
3655
  const format = q.format || "raw";
@@ -3583,28 +3666,28 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3583
3666
  });
3584
3667
  return sendSuccess(res, payload, opt);
3585
3668
  } catch (err) {
3586
- return sendFail(res, _optionalChain([err, 'optionalAccess', _477 => _477.message]) || err, opt);
3669
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _484 => _484.message]) || err, opt);
3587
3670
  }
3588
3671
  }
3589
3672
  if (url.startsWith("/api/asailog/store/taxonomy/")) {
3590
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3673
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3591
3674
  try {
3592
3675
  return sendSuccess(res, IL.getInterventionTaxonomy($asai), opt);
3593
3676
  } catch (err) {
3594
- return sendFail(res, _optionalChain([err, 'optionalAccess', _478 => _478.message]) || err, opt);
3677
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _485 => _485.message]) || err, opt);
3595
3678
  }
3596
3679
  }
3597
3680
  if (url.startsWith("/api/asailog/store/formats/")) {
3598
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3681
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3599
3682
  try {
3600
3683
  const { getLogFormatTaxonomy } = await Promise.resolve().then(() => _interopRequireWildcard(require("./log-formats-TUXGMCCU.cjs")));
3601
3684
  return sendSuccess(res, getLogFormatTaxonomy($asai), opt);
3602
3685
  } catch (err) {
3603
- return sendFail(res, _optionalChain([err, 'optionalAccess', _479 => _479.message]) || err, opt);
3686
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _486 => _486.message]) || err, opt);
3604
3687
  }
3605
3688
  }
3606
3689
  if (url.startsWith("/api/asailog/store/selectlist/")) {
3607
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3690
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3608
3691
  if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) return sendFail(res, "Log store not enabled", opt);
3609
3692
  try {
3610
3693
  const kind = q.kind ? String(q.kind) : void 0;
@@ -3627,11 +3710,11 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3627
3710
  }
3628
3711
  return sendSuccess(res, { groups }, opt);
3629
3712
  } catch (err) {
3630
- return sendFail(res, _optionalChain([err, 'optionalAccess', _480 => _480.message]) || err, opt);
3713
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _487 => _487.message]) || err, opt);
3631
3714
  }
3632
3715
  }
3633
3716
  if (url.startsWith("/api/asailog/store/select/")) {
3634
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3717
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3635
3718
  if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) return sendFail(res, "Log store not enabled", opt);
3636
3719
  try {
3637
3720
  const id = q.id;
@@ -3661,7 +3744,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3661
3744
  });
3662
3745
  return sendSuccess(res, { entries: rows }, opt);
3663
3746
  } catch (err) {
3664
- return sendFail(res, _optionalChain([err, 'optionalAccess', _481 => _481.message]) || err, opt);
3747
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _488 => _488.message]) || err, opt);
3665
3748
  }
3666
3749
  }
3667
3750
  }
@@ -3669,7 +3752,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3669
3752
  async function post(req, res, hostdir, opt) {
3670
3753
  const url = req.url || "";
3671
3754
  if (!url.startsWith("/api/asailog/store/archive/")) return;
3672
- if (!await ensureLogWriteAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) return sendFail(res, "Forbidden", opt);
3755
+ if (!await ensureLogWriteAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) return sendFail(res, "Forbidden", opt);
3673
3756
  try {
3674
3757
  const body = parseBody(opt);
3675
3758
  const year = Number(body.year);
@@ -3683,7 +3766,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3683
3766
  });
3684
3767
  return sendSuccess(res, result, opt);
3685
3768
  } catch (err) {
3686
- return sendFail(res, _optionalChain([err, 'optionalAccess', _482 => _482.message]) || err, opt);
3769
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _489 => _489.message]) || err, opt);
3687
3770
  }
3688
3771
  }
3689
3772
  _chunkSMVZ3ZDJcjs.__name.call(void 0, post, "post");
@@ -3695,7 +3778,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3695
3778
 
3696
3779
  var registry = null;
3697
3780
  function resolveFilePath($asai) {
3698
- const root = _optionalChain([$asai, 'optionalAccess', _483 => _483.serverRoot]) || process.cwd();
3781
+ const root = _optionalChain([$asai, 'optionalAccess', _490 => _490.serverRoot]) || process.cwd();
3699
3782
  return nodePath3.join(root, "websys/sys/errorcodes.json");
3700
3783
  }
3701
3784
  _chunkSMVZ3ZDJcjs.__name.call(void 0, resolveFilePath, "resolveFilePath");
@@ -3705,7 +3788,7 @@ function loadErrorCodes($asai) {
3705
3788
  try {
3706
3789
  const raw = fs8.readFileSync(filePath, "utf8");
3707
3790
  registry = JSON.parse(raw);
3708
- } catch (e41) {
3791
+ } catch (e46) {
3709
3792
  registry = { version: "0", errors: {} };
3710
3793
  }
3711
3794
  if ($asai) $asai.errorcodes = registry;
@@ -3713,7 +3796,7 @@ function loadErrorCodes($asai) {
3713
3796
  }
3714
3797
  _chunkSMVZ3ZDJcjs.__name.call(void 0, loadErrorCodes, "loadErrorCodes");
3715
3798
  function getError(ec) {
3716
- return _optionalChain([registry, 'optionalAccess', _484 => _484.errors, 'optionalAccess', _485 => _485[ec]]) || null;
3799
+ return _optionalChain([registry, 'optionalAccess', _491 => _491.errors, 'optionalAccess', _492 => _492[ec]]) || null;
3717
3800
  }
3718
3801
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getError, "getError");
3719
3802
  function hasError(ec) {
@@ -3722,11 +3805,11 @@ function hasError(ec) {
3722
3805
  _chunkSMVZ3ZDJcjs.__name.call(void 0, hasError, "hasError");
3723
3806
  function logError($asai, ec, params) {
3724
3807
  const entry = getError(ec);
3725
- const logFn = _optionalChain([$asai, 'optionalAccess', _486 => _486.$log]) || console.warn;
3808
+ const logFn = _optionalChain([$asai, 'optionalAccess', _493 => _493.$log]) || console.warn;
3726
3809
  if (entry) {
3727
- logFn(`[EC:${ec}]`, entry.id || "", entry.detail || "", _optionalChain([params, 'optionalAccess', _487 => _487.length]) ? params : "");
3810
+ logFn(`[EC:${ec}]`, entry.id || "", entry.detail || "", _optionalChain([params, 'optionalAccess', _494 => _494.length]) ? params : "");
3728
3811
  } else {
3729
- logFn(`[EC:${ec}]`, "(unregistered)", _optionalChain([params, 'optionalAccess', _488 => _488.length]) ? params : "");
3812
+ logFn(`[EC:${ec}]`, "(unregistered)", _optionalChain([params, 'optionalAccess', _495 => _495.length]) ? params : "");
3730
3813
  }
3731
3814
  }
3732
3815
  _chunkSMVZ3ZDJcjs.__name.call(void 0, logError, "logError");
@@ -3754,14 +3837,14 @@ var ErrorCode_default = {
3754
3837
 
3755
3838
  // src/sysserver/api/common/errorcodes.ts
3756
3839
  var errorcodes_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3757
- const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _489 => _489.$lib, 'optionalAccess', _490 => _490.reqWork, 'optionalCall', _491 => _491($asai)]) || {};
3840
+ const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _496 => _496.$lib, 'optionalAccess', _497 => _497.reqWork, 'optionalCall', _498 => _498($asai)]) || {};
3758
3841
  function get(req, res, _hostdir, opt) {
3759
3842
  const url = req.url || "";
3760
3843
  if (url.startsWith("/api/sys/errorcodes/")) {
3761
3844
  try {
3762
3845
  return sendSuccess(res, loadErrorCodes($asai), opt);
3763
3846
  } catch (err) {
3764
- return sendFail(res, _optionalChain([err, 'optionalAccess', _492 => _492.message]) || err, opt);
3847
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _499 => _499.message]) || err, opt);
3765
3848
  }
3766
3849
  }
3767
3850
  }
@@ -3771,9 +3854,9 @@ var errorcodes_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3771
3854
 
3772
3855
  // src/sysserver/api/common/sqlitemanage.ts
3773
3856
  var sqlitemanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3774
- const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'optionalAccess', _493 => _493.$lib, 'optionalAccess', _494 => _494.reqWork, 'optionalCall', _495 => _495($asai)]) || {};
3857
+ const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'optionalAccess', _500 => _500.$lib, 'optionalAccess', _501 => _501.reqWork, 'optionalCall', _502 => _502($asai)]) || {};
3775
3858
  function mgLog(...arg) {
3776
- _optionalChain([mnLog, 'optionalCall', _496 => _496("SQLite", ...arg)]);
3859
+ _optionalChain([mnLog, 'optionalCall', _503 => _503("SQLite", ...arg)]);
3777
3860
  }
3778
3861
  _chunkSMVZ3ZDJcjs.__name.call(void 0, mgLog, "mgLog");
3779
3862
  return $asai.$lib.AsDb($asai, {
@@ -3791,7 +3874,7 @@ var sqlitemanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0,
3791
3874
  if (req.url.startsWith("/api/asaisqlite/manage/post")) {
3792
3875
  try {
3793
3876
  mgLog("POST", "custom handler triggered");
3794
- _optionalChain([sendSuccess, 'optionalCall', _497 => _497(res, { data: "post" }, opt)]);
3877
+ _optionalChain([sendSuccess, 'optionalCall', _504 => _504(res, { data: "post" }, opt)]);
3795
3878
  } catch (err) {
3796
3879
  mgLog("ERROR", "post handler", err);
3797
3880
  }
@@ -3808,10 +3891,10 @@ var sqlitemanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0,
3808
3891
  table: dataObj.table
3809
3892
  });
3810
3893
  mgLog("SELECT", "completed");
3811
- _optionalChain([sendSuccess, 'optionalCall', _498 => _498(res, resdb, opt)]);
3894
+ _optionalChain([sendSuccess, 'optionalCall', _505 => _505(res, resdb, opt)]);
3812
3895
  } catch (errdb) {
3813
3896
  mgLog("ERROR", "select", errdb);
3814
- _optionalChain([sendFail, 'optionalCall', _499 => _499(res, errdb, opt)]);
3897
+ _optionalChain([sendFail, 'optionalCall', _506 => _506(res, errdb, opt)]);
3815
3898
  }
3816
3899
  return "ok";
3817
3900
  }
@@ -3827,7 +3910,7 @@ function promLine(name, value, labels) {
3827
3910
  }
3828
3911
  _chunkSMVZ3ZDJcjs.__name.call(void 0, promLine, "promLine");
3829
3912
  var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3830
- const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _500 => _500.$lib, 'optionalAccess', _501 => _501.reqWork, 'optionalCall', _502 => _502($asai)]) || {};
3913
+ const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _507 => _507.$lib, 'optionalAccess', _508 => _508.reqWork, 'optionalCall', _509 => _509($asai)]) || {};
3831
3914
  async function get(req, res, _hostdir, opt) {
3832
3915
  const url = req.url || "";
3833
3916
  if (url.startsWith("/api/sys/health/metrics/")) {
@@ -3836,10 +3919,10 @@ var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asa
3836
3919
  let httpTotal = 0;
3837
3920
  let wsTotal = 0;
3838
3921
  for (const set of Object.values($asai.connectionshttp || {})) {
3839
- httpTotal += _optionalChain([set, 'optionalAccess', _503 => _503.size]) || 0;
3922
+ httpTotal += _optionalChain([set, 'optionalAccess', _510 => _510.size]) || 0;
3840
3923
  }
3841
3924
  for (const set of Object.values($asai.connectionsws || {})) {
3842
- wsTotal += _optionalChain([set, 'optionalAccess', _504 => _504.size]) || 0;
3925
+ wsTotal += _optionalChain([set, 'optionalAccess', _511 => _511.size]) || 0;
3843
3926
  }
3844
3927
  const lines = [
3845
3928
  "# HELP asai_uptime_seconds Process uptime",
@@ -3861,7 +3944,7 @@ var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asa
3861
3944
  res.writeHead(200, { "Content-Type": "text/plain; charset=utf-8" });
3862
3945
  return res.end(lines.join("\n") + "\n");
3863
3946
  } catch (err) {
3864
- return sendFail(res, _optionalChain([err, 'optionalAccess', _505 => _505.message]) || err, opt);
3947
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _512 => _512.message]) || err, opt);
3865
3948
  }
3866
3949
  }
3867
3950
  if (url.startsWith("/api/sys/health/status/")) {
@@ -3874,10 +3957,10 @@ var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asa
3874
3957
  memory: process.memoryUsage(),
3875
3958
  quota: {
3876
3959
  http: Object.fromEntries(
3877
- Object.entries($asai.connectionshttp || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess', _506 => _506.size]) || 0])
3960
+ Object.entries($asai.connectionshttp || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess', _513 => _513.size]) || 0])
3878
3961
  ),
3879
3962
  ws: Object.fromEntries(
3880
- Object.entries($asai.connectionsws || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess', _507 => _507.size]) || 0])
3963
+ Object.entries($asai.connectionsws || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess', _514 => _514.size]) || 0])
3881
3964
  )
3882
3965
  }
3883
3966
  },
@@ -3918,7 +4001,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, sanitizeString, "sanitizeString");
3918
4001
  // src/sysserver/api/login/service/session.ts
3919
4002
 
3920
4003
  function getSessionTtlMs($asai) {
3921
- const hours = _nullishCoalesce(_optionalChain([$asai, 'optionalAccess', _508 => _508.hostconfig, 'optionalAccess', _509 => _509.security, 'optionalAccess', _510 => _510.sessionTtlHours]), () => ( 24));
4004
+ const hours = _nullishCoalesce(_optionalChain([$asai, 'optionalAccess', _515 => _515.hostconfig, 'optionalAccess', _516 => _516.security, 'optionalAccess', _517 => _517.sessionTtlHours]), () => ( 24));
3922
4005
  return Number(hours) * 3600 * 1e3;
3923
4006
  }
3924
4007
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getSessionTtlMs, "getSessionTtlMs");
@@ -3935,7 +4018,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, generatePriKey, "generatePriKey");
3935
4018
  function createSessionKeys($asai) {
3936
4019
  const sessionId = _crypto.randomUUID.call(void 0, );
3937
4020
  const pri = generatePriKey();
3938
- const sn = _optionalChain([$asai, 'optionalAccess', _511 => _511.hostconfig, 'optionalAccess', _512 => _512.asaisn]);
4021
+ const sn = _optionalChain([$asai, 'optionalAccess', _518 => _518.hostconfig, 'optionalAccess', _519 => _519.asaisn]);
3939
4022
  if (!sn) throw new Error("[session] ASAI_ASAISN \u672A\u914D\u7F6E");
3940
4023
  const pub = $asai.$lib.AsCode.asencode(pri, sn);
3941
4024
  return { pri, pub, sessionId };
@@ -3962,9 +4045,9 @@ var API_ADMIN_PREFIXES = ["/api/user/login/admin/"];
3962
4045
  function getMinLevelForApiPath(pathname, $asai) {
3963
4046
  if (API_ADMIN_PREFIXES.some((p) => pathname.startsWith(p))) {
3964
4047
  if (pathname.includes("/admin/update") || pathname.includes("/admin/kick") || pathname.includes("/admin/delete") || pathname.includes("/admin/resetpass")) {
3965
- return $asai ? _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite") : _chunkZK4O4Z2Ocjs.USER_LV.DEVELOPER;
4048
+ return $asai ? _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite") : _chunk5EWEKXQIcjs.USER_LV.DEVELOPER;
3966
4049
  }
3967
- return $asai ? _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminRead") : _chunkZK4O4Z2Ocjs.USER_LV.ADMIN;
4050
+ return $asai ? _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminRead") : _chunk5EWEKXQIcjs.USER_LV.ADMIN;
3968
4051
  }
3969
4052
  return 0;
3970
4053
  }
@@ -3985,20 +4068,20 @@ function unwrapJsonString(value) {
3985
4068
  if (!text.startsWith("{") && !text.startsWith("[")) return value;
3986
4069
  try {
3987
4070
  return JSON.parse(text);
3988
- } catch (e42) {
4071
+ } catch (e47) {
3989
4072
  return value;
3990
4073
  }
3991
4074
  }
3992
4075
  _chunkSMVZ3ZDJcjs.__name.call(void 0, unwrapJsonString, "unwrapJsonString");
3993
4076
  function parseAuthBody(opt) {
3994
- let raw = _optionalChain([opt, 'optionalAccess', _513 => _513.data]);
4077
+ let raw = _optionalChain([opt, 'optionalAccess', _520 => _520.data]);
3995
4078
  if (raw == null || raw === "") return {};
3996
4079
  if (typeof raw === "string") {
3997
4080
  const text = raw.trim();
3998
4081
  if (!text) return {};
3999
4082
  try {
4000
4083
  raw = JSON.parse(text);
4001
- } catch (e43) {
4084
+ } catch (e48) {
4002
4085
  if (text.includes("=") && !text.startsWith("{") && !text.startsWith("[")) {
4003
4086
  raw = Object.fromEntries(new URLSearchParams(text));
4004
4087
  } else {
@@ -4066,8 +4149,39 @@ async function purgeOfflineSessions($asai, hostdir, store) {
4066
4149
  _chunkSMVZ3ZDJcjs.__name.call(void 0, purgeOfflineSessions, "purgeOfflineSessions");
4067
4150
 
4068
4151
  // src/sysserver/api/login/index.ts
4152
+
4153
+
4154
+ async function resolveUserLv($asai, store, us, wsLv) {
4155
+ if (!us) return null;
4156
+ try {
4157
+ const user = await store.findByUsername(us);
4158
+ if (user && user.lv != null && Number.isFinite(Number(user.lv))) {
4159
+ return Number(user.lv);
4160
+ }
4161
+ } catch (e49) {
4162
+ }
4163
+ try {
4164
+ const cfg = _chunkFRPN33BYcjs.getUserStoreConfig.call(void 0, $asai);
4165
+ const dir = String(_optionalChain([cfg, 'optionalAccess', _521 => _521.opt, 'optionalAccess', _522 => _522.dir]) || "");
4166
+ if (dir) {
4167
+ const base = nodePath2.default.isAbsolute(dir) ? dir : nodePath2.default.join(process.cwd(), dir);
4168
+ const safeUs = us.replace(/[\\/:*?"<>|]/g, "");
4169
+ const file = nodePath2.default.join(base, "json", `${safeUs}.json`);
4170
+ if (safeUs && fs3.default.existsSync(file)) {
4171
+ const raw = JSON.parse(fs3.default.readFileSync(file, "utf8"));
4172
+ const lv = Number(_optionalChain([raw, 'optionalAccess', _523 => _523.lv]));
4173
+ if (Number.isFinite(lv)) return lv;
4174
+ }
4175
+ }
4176
+ } catch (e50) {
4177
+ }
4178
+ if (wsLv === null || wsLv === void 0 || wsLv === "") return null;
4179
+ const n = Number(wsLv);
4180
+ return Number.isFinite(n) ? n : null;
4181
+ }
4182
+ _chunkSMVZ3ZDJcjs.__name.call(void 0, resolveUserLv, "resolveUserLv");
4069
4183
  function getSecurity($asai) {
4070
- return _optionalChain([$asai, 'optionalAccess', _514 => _514.hostconfig, 'optionalAccess', _515 => _515.security]) || {};
4184
+ return _optionalChain([$asai, 'optionalAccess', _524 => _524.hostconfig, 'optionalAccess', _525 => _525.security]) || {};
4071
4185
  }
4072
4186
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getSecurity, "getSecurity");
4073
4187
  function getQuota2($asai) {
@@ -4078,9 +4192,9 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, getQuota2, "getQuota");
4078
4192
  async function canLogin($asai, us, hostdir) {
4079
4193
  const quota = getQuota2($asai);
4080
4194
  if (!quota.enabled) return { ok: true };
4081
- const store = _chunkZK4O4Z2Ocjs.createUserStore.call(void 0, $asai);
4195
+ const store = _chunk5EWEKXQIcjs.createUserStore.call(void 0, $asai);
4082
4196
  const total = await countOnlineSessions($asai, hostdir, store);
4083
- const maxLogin = _nullishCoalesce(_nullishCoalesce(quota.maxLoginSessions, () => ( _optionalChain([$asai, 'optionalAccess', _516 => _516.hostconfig, 'optionalAccess', _517 => _517.hosts, 'optionalAccess', _518 => _518.default, 'optionalAccess', _519 => _519.maxonline]))), () => ( 100));
4197
+ const maxLogin = _nullishCoalesce(_nullishCoalesce(quota.maxLoginSessions, () => ( _optionalChain([$asai, 'optionalAccess', _526 => _526.hostconfig, 'optionalAccess', _527 => _527.hosts, 'optionalAccess', _528 => _528.default, 'optionalAccess', _529 => _529.maxonline]))), () => ( 100));
4084
4198
  if (total >= maxLogin) {
4085
4199
  return { ok: false, message: "LOGIN_QUOTA_FULL" };
4086
4200
  }
@@ -4093,7 +4207,7 @@ async function canLogin($asai, us, hostdir) {
4093
4207
  }
4094
4208
  _chunkSMVZ3ZDJcjs.__name.call(void 0, canLogin, "canLogin");
4095
4209
  function publicUser($asai, user) {
4096
- const role = user.role || _chunkGXOFLFFWcjs.resolveRoleForLevel.call(void 0, $asai, user.lv).name;
4210
+ const role = user.role || _chunkFRPN33BYcjs.resolveRoleForLevel.call(void 0, $asai, user.lv).name;
4097
4211
  return {
4098
4212
  us: user.us,
4099
4213
  lv: user.lv,
@@ -4107,14 +4221,14 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, publicUser, "publicUser");
4107
4221
  var bootstrapPromise = null;
4108
4222
  function ensureReady($asai) {
4109
4223
  if (!bootstrapPromise) {
4110
- bootstrapPromise = Promise.all([_chunkZK4O4Z2Ocjs.ensureBootstrapAdmin.call(void 0, $asai), _chunkGXOFLFFWcjs.loadUserLevelConfig.call(void 0, $asai)]).then(() => void 0);
4224
+ bootstrapPromise = Promise.all([_chunk5EWEKXQIcjs.ensureBootstrapAdmin.call(void 0, $asai), _chunkFRPN33BYcjs.loadUserLevelConfig.call(void 0, $asai)]).then(() => void 0);
4111
4225
  }
4112
4226
  return bootstrapPromise;
4113
4227
  }
4114
4228
  _chunkSMVZ3ZDJcjs.__name.call(void 0, ensureReady, "ensureReady");
4115
4229
  var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
4116
- const { sendSuccess, sendFail, sendErr } = _optionalChain([$asai, 'access', _520 => _520.$lib, 'optionalAccess', _521 => _521.reqWork, 'optionalCall', _522 => _522($asai)]) || {};
4117
- const store = _chunkZK4O4Z2Ocjs.createUserStore.call(void 0, $asai);
4230
+ const { sendSuccess, sendFail, sendErr } = _optionalChain([$asai, 'access', _530 => _530.$lib, 'optionalAccess', _531 => _531.reqWork, 'optionalCall', _532 => _532($asai)]) || {};
4231
+ const store = _chunk5EWEKXQIcjs.createUserStore.call(void 0, $asai);
4118
4232
  async function checkAdmin(req, pathname, minOverride) {
4119
4233
  await attachServerUserLevel(req, $asai);
4120
4234
  const minLv = _nullishCoalesce(minOverride, () => ( getMinLevelForApiPath(pathname, $asai)));
@@ -4133,17 +4247,17 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4133
4247
  const newPass = sanitizeString(pickAuthField(body, "newPass", "newPassword", "newpass"), 128);
4134
4248
  if (!us || !pass || !newPass) return sendErr(res, "AUTH_CREDENTIALS_REQUIRED", void 0, opt);
4135
4249
  const user = await store.findByUsername(us);
4136
- if (!user || !_chunkWXW5DYNUcjs.verifyPassword.call(void 0, pass, user.passHash, user.passSalt)) {
4250
+ if (!user || !_chunkH2QP5J7Xcjs.verifyPassword.call(void 0, pass, user.passHash, user.passSalt)) {
4137
4251
  return sendErr(res, "AUTH_INVALID_CREDENTIALS", void 0, opt);
4138
4252
  }
4139
- const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
4140
- const policyErr = _chunkWXW5DYNUcjs.validatePasswordChange.call(void 0, newPass, $asai, user.passHistory);
4253
+ const policy = _chunkFRPN33BYcjs.getPasswordPolicy.call(void 0, $asai);
4254
+ const policyErr = _chunkH2QP5J7Xcjs.validatePasswordChange.call(void 0, newPass, $asai, user.passHistory);
4141
4255
  if (policyErr === "PASSWORD_TOO_SHORT") {
4142
4256
  return sendErr(res, policyErr, [String(policy.minLength)], opt);
4143
4257
  }
4144
4258
  if (policyErr) return sendErr(res, policyErr, void 0, opt);
4145
- const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, newPass);
4146
- const passHistory = _chunkWXW5DYNUcjs.nextPassHistory.call(void 0, pass, user.passHistory, policy.historyCount);
4259
+ const { passHash, passSalt } = _chunkH2QP5J7Xcjs.hashPassword.call(void 0, newPass);
4260
+ const passHistory = _chunkH2QP5J7Xcjs.nextPassHistory.call(void 0, pass, user.passHistory, policy.historyCount);
4147
4261
  await store.updateUser(us, {
4148
4262
  passHash,
4149
4263
  passSalt,
@@ -4154,7 +4268,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4154
4268
  logSecurityEvent($asai, { type: "AUTH_SUCCESS", path: url, method: "POST", user: us, ip, detail: "password_changed" });
4155
4269
  return sendSuccess(res, { ok: true }, opt);
4156
4270
  } catch (err) {
4157
- return sendFail(res, _optionalChain([err, 'optionalAccess', _523 => _523.message]) || err, opt);
4271
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _533 => _533.message]) || err, opt);
4158
4272
  }
4159
4273
  }
4160
4274
  if (url.startsWith("/api/user/login/register/")) {
@@ -4169,12 +4283,12 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4169
4283
  const emailRaw = pickAuthField(body, "email");
4170
4284
  const email = emailRaw ? sanitizeString(emailRaw, 128) : void 0;
4171
4285
  if (!us || !pass) return sendErr(res, "AUTH_CREDENTIALS_REQUIRED", void 0, opt);
4172
- const policyErr = _chunkWXW5DYNUcjs.validatePasswordChange.call(void 0, pass, $asai);
4286
+ const policyErr = _chunkH2QP5J7Xcjs.validatePasswordChange.call(void 0, pass, $asai);
4173
4287
  if (policyErr === "PASSWORD_TOO_SHORT") {
4174
- return sendErr(res, policyErr, [String(_chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai).minLength)], opt);
4288
+ return sendErr(res, policyErr, [String(_chunkFRPN33BYcjs.getPasswordPolicy.call(void 0, $asai).minLength)], opt);
4175
4289
  }
4176
4290
  if (policyErr) return sendErr(res, policyErr, void 0, opt);
4177
- const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, pass);
4291
+ const { passHash, passSalt } = _chunkH2QP5J7Xcjs.hashPassword.call(void 0, pass);
4178
4292
  const user = await store.createUser({
4179
4293
  us,
4180
4294
  email,
@@ -4187,11 +4301,11 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4187
4301
  logSecurityEvent($asai, { type: "AUTH_SUCCESS", path: url, method: "POST", user: us, ip, detail: "register_ok" });
4188
4302
  return sendSuccess(res, { user: publicUser($asai, user) }, opt);
4189
4303
  } catch (err) {
4190
- const msg = _optionalChain([err, 'optionalAccess', _524 => _524.message]) || String(err);
4304
+ const msg = _optionalChain([err, 'optionalAccess', _534 => _534.message]) || String(err);
4191
4305
  if (msg.includes("exists") || msg.includes("\u5DF2\u5B58\u5728")) {
4192
4306
  return sendErr(res, "USER_ALREADY_EXISTS", void 0, opt);
4193
4307
  }
4194
- return sendFail(res, _optionalChain([err, 'optionalAccess', _525 => _525.message]) || err, opt);
4308
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _535 => _535.message]) || err, opt);
4195
4309
  }
4196
4310
  }
4197
4311
  if (url.startsWith("/api/user/login/auth/")) {
@@ -4201,7 +4315,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4201
4315
  const pass = sanitizeString(pickAuthField(body, "pass", "password", "pwd"), 128);
4202
4316
  if (!us || !pass) return sendErr(res, "AUTH_CREDENTIALS_REQUIRED", void 0, opt);
4203
4317
  const user = await store.findByUsername(us);
4204
- if (!user || !_chunkWXW5DYNUcjs.verifyPassword.call(void 0, pass, user.passHash, user.passSalt)) {
4318
+ if (!user || !_chunkH2QP5J7Xcjs.verifyPassword.call(void 0, pass, user.passHash, user.passSalt)) {
4205
4319
  if (user) {
4206
4320
  const sec = getSecurity($asai);
4207
4321
  const lockoutMax = _nullishCoalesce(sec.lockoutMaxFails, () => ( 5));
@@ -4223,16 +4337,13 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4223
4337
  if (user.status === "locked" && user.lockedUntil && user.lockedUntil > Date.now()) {
4224
4338
  return sendErr(res, "AUTH_ACCOUNT_LOCKED", void 0, opt);
4225
4339
  }
4226
- const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
4227
- const mustChange = !!user.mustChangePassword || _chunkGXOFLFFWcjs.isPasswordExpired.call(void 0, user.passwordChangedAt, policy.maxAgeDays);
4228
- const hostcfg = _optionalChain([$asai, 'access', _526 => _526.getHost, 'optionalCall', _527 => _527(hostdir)]) || {};
4340
+ const policy = _chunkFRPN33BYcjs.getPasswordPolicy.call(void 0, $asai);
4341
+ const mustChange = !!user.mustChangePassword || _chunkFRPN33BYcjs.isPasswordExpired.call(void 0, user.passwordChangedAt, policy.maxAgeDays);
4342
+ const hostcfg = _optionalChain([$asai, 'access', _536 => _536.getHost, 'optionalCall', _537 => _537(hostdir)]) || {};
4229
4343
  if (hostcfg.ckws) {
4230
- const existingWs = _optionalChain([$asai, 'access', _528 => _528.connectionsws, 'optionalAccess', _529 => _529[hostdir], 'optionalAccess', _530 => _530[us]]);
4344
+ const existingWs = _optionalChain([$asai, 'access', _538 => _538.connectionsws, 'optionalAccess', _539 => _539[hostdir], 'optionalAccess', _540 => _540[us]]);
4231
4345
  if (existingWs) {
4232
- const cleared = await clearStaleWsIfDead($asai, hostdir, us, existingWs);
4233
- if (!cleared) {
4234
- kickUserWs($asai, us, hostdir);
4235
- }
4346
+ await clearStaleWsIfDead($asai, hostdir, us, existingWs);
4236
4347
  }
4237
4348
  }
4238
4349
  const quotaCheck = await canLogin($asai, us, hostdir);
@@ -4256,13 +4367,13 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4256
4367
  opt
4257
4368
  );
4258
4369
  } catch (err) {
4259
- return sendFail(res, _optionalChain([err, 'optionalAccess', _531 => _531.message]) || err, opt);
4370
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _541 => _541.message]) || err, opt);
4260
4371
  }
4261
4372
  }
4262
4373
  if (url.startsWith("/api/user/login/logout/")) {
4263
4374
  try {
4264
4375
  const bodySid = body.sessionId ? sanitizeString(body.sessionId, 64) : "";
4265
- const us = _optionalChain([req, 'optionalAccess', _532 => _532.Userinfo, 'optionalAccess', _533 => _533[0]]);
4376
+ const us = _optionalChain([req, 'optionalAccess', _542 => _542.Userinfo, 'optionalAccess', _543 => _543[0]]);
4266
4377
  if (bodySid) {
4267
4378
  if (!us) {
4268
4379
  return sendErr(res, "AUTH_MISSING", void 0, opt);
@@ -4276,11 +4387,61 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4276
4387
  if (us) logSecurityEvent($asai, { type: "AUTH_SUCCESS", path: url, method: "POST", user: String(us), ip, detail: "logout" });
4277
4388
  return sendSuccess(res, "ok", opt);
4278
4389
  } catch (err) {
4279
- return sendFail(res, _optionalChain([err, 'optionalAccess', _534 => _534.message]) || err, opt);
4390
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _544 => _544.message]) || err, opt);
4391
+ }
4392
+ }
4393
+ if (url.startsWith("/api/user/login/force/")) {
4394
+ try {
4395
+ const us = sanitizeString(String(_optionalChain([req, 'optionalAccess', _545 => _545.Userinfo, 'optionalAccess', _546 => _546[0]]) || ""), 64);
4396
+ if (!us) return sendErr(res, "AUTH_MISSING", void 0, opt);
4397
+ const myLv = Number(_nullishCoalesce(_optionalChain([req, 'optionalAccess', _547 => _547.Userinfo, 'optionalAccess', _548 => _548[1]]), () => ( 0)));
4398
+ const targetUs = sanitizeString(String(_optionalChain([body, 'optionalAccess', _549 => _549.targetUs]) || _optionalChain([body, 'optionalAccess', _550 => _550.us]) || ""), 64);
4399
+ const kicked = [];
4400
+ if (isUserOnlineOnWs($asai, us, hostdir)) {
4401
+ await kickUserWs($asai, us, hostdir);
4402
+ kicked.push(us);
4403
+ }
4404
+ const onlineRaw = listOnlineWsEntries($asai, hostdir).filter((e) => e.us !== us);
4405
+ const online = await Promise.all(
4406
+ onlineRaw.map(async (e) => ({
4407
+ us: e.us,
4408
+ lv: await resolveUserLv($asai, store, e.us, e.lv)
4409
+ }))
4410
+ );
4411
+ const candidates = targetUs ? online.filter((e) => e.us === targetUs) : online;
4412
+ for (const entry of candidates) {
4413
+ const entryLv = entry.lv == null ? NaN : Number(entry.lv);
4414
+ if (!Number.isFinite(entryLv) || myLv < entryLv) {
4415
+ if (targetUs) {
4416
+ return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4417
+ }
4418
+ continue;
4419
+ }
4420
+ await kickUserWs($asai, entry.us, hostdir);
4421
+ kicked.push(entry.us);
4422
+ }
4423
+ if (!kicked.length && online.length) {
4424
+ return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4425
+ }
4426
+ logSecurityEvent($asai, {
4427
+ type: "AUTH_SUCCESS",
4428
+ path: url,
4429
+ method: "POST",
4430
+ user: us,
4431
+ ip,
4432
+ detail: `force_login_kick:${kicked.join(",") || "none"}`
4433
+ });
4434
+ return sendSuccess(
4435
+ res,
4436
+ { ok: true, us, kicked, online: listOnlineWsEntries($asai, hostdir) },
4437
+ opt
4438
+ );
4439
+ } catch (err) {
4440
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _551 => _551.message]) || err, opt);
4280
4441
  }
4281
4442
  }
4282
4443
  if (url.startsWith("/api/user/login/admin/kick/")) {
4283
- if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4444
+ if (!await checkAdmin(req, url, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4284
4445
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4285
4446
  }
4286
4447
  try {
@@ -4292,9 +4453,9 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4292
4453
  if (!isSessionUserOnline($asai, target.us, hostdir)) {
4293
4454
  return sendErr(res, "SESSION_NOT_ONLINE", void 0, opt);
4294
4455
  }
4295
- kickUserWs($asai, target.us, hostdir);
4456
+ await kickUserWs($asai, target.us, hostdir);
4296
4457
  await store.removeSession(sessionId);
4297
- const operator = String(_optionalChain([req, 'optionalAccess', _535 => _535.Userinfo, 'optionalAccess', _536 => _536[0]]) || "");
4458
+ const operator = String(_optionalChain([req, 'optionalAccess', _552 => _552.Userinfo, 'optionalAccess', _553 => _553[0]]) || "");
4298
4459
  await _chunkARHPHWT5cjs.logSessionTerminate.call(void 0, $asai, {
4299
4460
  operator,
4300
4461
  sessionId,
@@ -4303,11 +4464,11 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4303
4464
  });
4304
4465
  return sendSuccess(res, { ok: true }, opt);
4305
4466
  } catch (err) {
4306
- return sendFail(res, _optionalChain([err, 'optionalAccess', _537 => _537.message]) || err, opt);
4467
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _554 => _554.message]) || err, opt);
4307
4468
  }
4308
4469
  }
4309
4470
  if (url.startsWith("/api/user/login/admin/delete/")) {
4310
- if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4471
+ if (!await checkAdmin(req, url, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4311
4472
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4312
4473
  }
4313
4474
  try {
@@ -4315,15 +4476,15 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4315
4476
  if (!targetUs || targetUs === "admin") return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4316
4477
  const ok = await store.deleteUser(targetUs);
4317
4478
  if (!ok) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4318
- const operator = String(_optionalChain([req, 'optionalAccess', _538 => _538.Userinfo, 'optionalAccess', _539 => _539[0]]) || "");
4479
+ const operator = String(_optionalChain([req, 'optionalAccess', _555 => _555.Userinfo, 'optionalAccess', _556 => _556[0]]) || "");
4319
4480
  await _chunkARHPHWT5cjs.logAccountPurge.call(void 0, $asai, { operator, targetUs, ip });
4320
4481
  return sendSuccess(res, { ok: true }, opt);
4321
4482
  } catch (err) {
4322
- return sendFail(res, _optionalChain([err, 'optionalAccess', _540 => _540.message]) || err, opt);
4483
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _557 => _557.message]) || err, opt);
4323
4484
  }
4324
4485
  }
4325
4486
  if (url.startsWith("/api/user/login/admin/levels/")) {
4326
- if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4487
+ if (!await checkAdmin(req, url, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4327
4488
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4328
4489
  }
4329
4490
  try {
@@ -4331,8 +4492,8 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4331
4492
  const thresholds = body.thresholds && typeof body.thresholds === "object" ? body.thresholds : void 0;
4332
4493
  const routeRights = Array.isArray(body.routeRights) ? body.routeRights : void 0;
4333
4494
  const defaultResetPassword = typeof body.defaultResetPassword === "string" ? body.defaultResetPassword : void 0;
4334
- const operator = String(_optionalChain([req, 'optionalAccess', _541 => _541.Userinfo, 'optionalAccess', _542 => _542[0]]) || "");
4335
- const cfg = await _chunkGXOFLFFWcjs.saveUserLevelConfig.call(void 0,
4495
+ const operator = String(_optionalChain([req, 'optionalAccess', _558 => _558.Userinfo, 'optionalAccess', _559 => _559[0]]) || "");
4496
+ const cfg = await _chunkFRPN33BYcjs.saveUserLevelConfig.call(void 0,
4336
4497
  $asai,
4337
4498
  {
4338
4499
  levels,
@@ -4344,18 +4505,18 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4344
4505
  );
4345
4506
  await _chunkARHPHWT5cjs.logSecurityConfigIntervention.call(void 0, $asai, {
4346
4507
  section: "user_levels",
4347
- detail: JSON.stringify({ levels: _optionalChain([levels, 'optionalAccess', _543 => _543.length]), thresholds: !!thresholds, routeRights: _optionalChain([routeRights, 'optionalAccess', _544 => _544.length]) }),
4508
+ detail: JSON.stringify({ levels: _optionalChain([levels, 'optionalAccess', _560 => _560.length]), thresholds: !!thresholds, routeRights: _optionalChain([routeRights, 'optionalAccess', _561 => _561.length]) }),
4348
4509
  operator,
4349
4510
  ip
4350
4511
  });
4351
4512
  return sendSuccess(res, cfg, opt);
4352
4513
  } catch (err) {
4353
- return sendFail(res, _optionalChain([err, 'optionalAccess', _545 => _545.message]) || err, opt);
4514
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _562 => _562.message]) || err, opt);
4354
4515
  }
4355
4516
  }
4356
4517
  if (url.startsWith("/api/user/login/admin/resetpass/")) {
4357
4518
  await ensureReady($asai);
4358
- if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4519
+ if (!await checkAdmin(req, url, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4359
4520
  logSecurityEvent($asai, { type: "ACCESS_DENIED", path: url, method: "POST", ip });
4360
4521
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4361
4522
  }
@@ -4363,16 +4524,16 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4363
4524
  const targetUs = sanitizeString(body.us, 64);
4364
4525
  if (!targetUs) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4365
4526
  let newPass = sanitizeString(pickAuthField(body, "newPass", "newPassword", "newpass"), 128);
4366
- if (!newPass) newPass = _chunkGXOFLFFWcjs.getDefaultResetPassword.call(void 0, $asai);
4367
- const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
4368
- const policyErr = _chunkGXOFLFFWcjs.validatePasswordWithPolicy.call(void 0, newPass, policy);
4527
+ if (!newPass) newPass = _chunkFRPN33BYcjs.getDefaultResetPassword.call(void 0, $asai);
4528
+ const policy = _chunkFRPN33BYcjs.getPasswordPolicy.call(void 0, $asai);
4529
+ const policyErr = _chunkFRPN33BYcjs.validatePasswordWithPolicy.call(void 0, newPass, policy);
4369
4530
  if (policyErr === "PASSWORD_TOO_SHORT") {
4370
4531
  return sendErr(res, policyErr, [String(policy.minLength)], opt);
4371
4532
  }
4372
4533
  if (policyErr) return sendErr(res, policyErr, void 0, opt);
4373
4534
  const user = await store.findByUsername(targetUs);
4374
4535
  if (!user) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4375
- const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, newPass);
4536
+ const { passHash, passSalt } = _chunkH2QP5J7Xcjs.hashPassword.call(void 0, newPass);
4376
4537
  const updated = await store.updateUser(targetUs, {
4377
4538
  passHash,
4378
4539
  passSalt,
@@ -4384,7 +4545,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4384
4545
  passHistory: "[]"
4385
4546
  });
4386
4547
  if (!updated) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4387
- const operator = String(_optionalChain([req, 'optionalAccess', _546 => _546.Userinfo, 'optionalAccess', _547 => _547[0]]) || "");
4548
+ const operator = String(_optionalChain([req, 'optionalAccess', _563 => _563.Userinfo, 'optionalAccess', _564 => _564[0]]) || "");
4388
4549
  await _chunkARHPHWT5cjs.logUserRbacChange.call(void 0, $asai, {
4389
4550
  operator,
4390
4551
  targetUs,
@@ -4401,7 +4562,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4401
4562
  });
4402
4563
  return sendSuccess(res, { user: publicUser($asai, updated) }, opt);
4403
4564
  } catch (err) {
4404
- return sendFail(res, _optionalChain([err, 'optionalAccess', _548 => _548.message]) || err, opt);
4565
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _565 => _565.message]) || err, opt);
4405
4566
  }
4406
4567
  }
4407
4568
  if (url.startsWith("/api/user/login/admin/update/")) {
@@ -4415,11 +4576,11 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4415
4576
  const patch = {};
4416
4577
  if (body.lv != null) {
4417
4578
  const newLv = Number(body.lv);
4418
- if (!Number.isFinite(newLv) || !_chunkGXOFLFFWcjs.isValidUserLv.call(void 0, $asai, newLv)) {
4579
+ if (!Number.isFinite(newLv) || !_chunkFRPN33BYcjs.isValidUserLv.call(void 0, $asai, newLv)) {
4419
4580
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4420
4581
  }
4421
4582
  patch.lv = newLv;
4422
- patch.role = _chunkGXOFLFFWcjs.resolveRoleForLevel.call(void 0, $asai, newLv).name;
4583
+ patch.role = _chunkFRPN33BYcjs.resolveRoleForLevel.call(void 0, $asai, newLv).name;
4423
4584
  }
4424
4585
  if (body.status) patch.status = sanitizeString(body.status, 16);
4425
4586
  if (body.resetLock) {
@@ -4432,7 +4593,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4432
4593
  if (!updated) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4433
4594
  if (Object.keys(patch).length) {
4434
4595
  await _chunkARHPHWT5cjs.logUserRbacChange.call(void 0, $asai, {
4435
- operator: String(_optionalChain([req, 'optionalAccess', _549 => _549.Userinfo, 'optionalAccess', _550 => _550[0]]) || ""),
4596
+ operator: String(_optionalChain([req, 'optionalAccess', _566 => _566.Userinfo, 'optionalAccess', _567 => _567[0]]) || ""),
4436
4597
  targetUs,
4437
4598
  patch,
4438
4599
  ip
@@ -4440,33 +4601,33 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4440
4601
  }
4441
4602
  return sendSuccess(res, { user: publicUser($asai, updated) }, opt);
4442
4603
  } catch (err) {
4443
- return sendFail(res, _optionalChain([err, 'optionalAccess', _551 => _551.message]) || err, opt);
4604
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _568 => _568.message]) || err, opt);
4444
4605
  }
4445
4606
  }
4446
4607
  if (url.startsWith("/api/user/login/profile/")) {
4447
- const us = _optionalChain([req, 'optionalAccess', _552 => _552.Userinfo, 'optionalAccess', _553 => _553[0]]);
4608
+ const us = _optionalChain([req, 'optionalAccess', _569 => _569.Userinfo, 'optionalAccess', _570 => _570[0]]);
4448
4609
  if (!us) return sendErr(res, "AUTH_UNAUTHORIZED", void 0, opt);
4449
4610
  try {
4450
4611
  const user = await store.findByUsername(String(us));
4451
4612
  if (!user) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4452
4613
  if (pickAuthField(body, "newPass", "newPassword", "newpass")) {
4453
4614
  const newPass = sanitizeString(pickAuthField(body, "newPass", "newPassword", "newpass"), 128);
4454
- const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
4615
+ const policy = _chunkFRPN33BYcjs.getPasswordPolicy.call(void 0, $asai);
4455
4616
  const oldPass = pickAuthField(body, "pass", "password", "pwd");
4456
4617
  if (oldPass) {
4457
- if (!_chunkWXW5DYNUcjs.verifyPassword.call(void 0, oldPass, user.passHash, user.passSalt)) {
4618
+ if (!_chunkH2QP5J7Xcjs.verifyPassword.call(void 0, oldPass, user.passHash, user.passSalt)) {
4458
4619
  return sendErr(res, "AUTH_INVALID_PASSWORD", void 0, opt);
4459
4620
  }
4460
4621
  } else if (!user.mustChangePassword) {
4461
4622
  return sendErr(res, "AUTH_INVALID_PASSWORD", void 0, opt);
4462
4623
  }
4463
- const policyErr = _chunkWXW5DYNUcjs.validatePasswordChange.call(void 0, newPass, $asai, user.passHistory);
4624
+ const policyErr = _chunkH2QP5J7Xcjs.validatePasswordChange.call(void 0, newPass, $asai, user.passHistory);
4464
4625
  if (policyErr === "PASSWORD_TOO_SHORT") {
4465
4626
  return sendErr(res, policyErr, [String(policy.minLength)], opt);
4466
4627
  }
4467
4628
  if (policyErr) return sendErr(res, policyErr, void 0, opt);
4468
- const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, newPass);
4469
- const passHistory = _chunkWXW5DYNUcjs.nextPassHistory.call(void 0, oldPass || newPass, user.passHistory, policy.historyCount);
4629
+ const { passHash, passSalt } = _chunkH2QP5J7Xcjs.hashPassword.call(void 0, newPass);
4630
+ const passHistory = _chunkH2QP5J7Xcjs.nextPassHistory.call(void 0, oldPass || newPass, user.passHistory, policy.historyCount);
4470
4631
  await store.updateUser(String(us), {
4471
4632
  passHash,
4472
4633
  passSalt,
@@ -4478,7 +4639,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4478
4639
  const fresh = await store.findByUsername(String(us));
4479
4640
  return sendSuccess(res, { user: fresh ? publicUser($asai, fresh) : null }, opt);
4480
4641
  } catch (err) {
4481
- return sendFail(res, _optionalChain([err, 'optionalAccess', _554 => _554.message]) || err, opt);
4642
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _571 => _571.message]) || err, opt);
4482
4643
  }
4483
4644
  }
4484
4645
  }
@@ -4487,16 +4648,49 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4487
4648
  const url = req.url || "";
4488
4649
  const ip = getClientIp(req);
4489
4650
  if (url.startsWith("/api/user/login/config/")) {
4490
- const lang = String(_optionalChain([req, 'optionalAccess', _555 => _555.headers, 'optionalAccess', _556 => _556["accept-language"]]) || _optionalChain([opt, 'optionalAccess', _557 => _557.headers, 'optionalAccess', _558 => _558["accept-language"]]) || "zh-CN").split(",")[0];
4491
- await _chunkGXOFLFFWcjs.loadUserLevelConfig.call(void 0, $asai);
4492
- return sendSuccess(res, _chunkGXOFLFFWcjs.getPublicSecurityConfig.call(void 0, $asai, lang), opt);
4651
+ const lang = String(_optionalChain([req, 'optionalAccess', _572 => _572.headers, 'optionalAccess', _573 => _573["accept-language"]]) || _optionalChain([opt, 'optionalAccess', _574 => _574.headers, 'optionalAccess', _575 => _575["accept-language"]]) || "zh-CN").split(",")[0];
4652
+ await _chunkFRPN33BYcjs.loadUserLevelConfig.call(void 0, $asai);
4653
+ return sendSuccess(res, _chunkFRPN33BYcjs.getPublicSecurityConfig.call(void 0, $asai, lang), opt);
4654
+ }
4655
+ if (url.startsWith("/api/user/login/online/")) {
4656
+ try {
4657
+ const us = sanitizeString(String(_optionalChain([req, 'optionalAccess', _576 => _576.Userinfo, 'optionalAccess', _577 => _577[0]]) || ""), 64);
4658
+ if (!us) return sendErr(res, "AUTH_MISSING", void 0, opt);
4659
+ const rawOnline = listOnlineWsEntries($asai, hostdir);
4660
+ const online = await Promise.all(
4661
+ rawOnline.map(async (e) => ({
4662
+ us: e.us,
4663
+ lv: await resolveUserLv($asai, store, e.us, e.lv)
4664
+ }))
4665
+ );
4666
+ const rawMy = _optionalChain([req, 'optionalAccess', _578 => _578.Userinfo, 'optionalAccess', _579 => _579[1]]);
4667
+ const wsMyLv = rawMy === null || rawMy === void 0 || rawMy === "" ? null : Number(rawMy);
4668
+ const myLvOut = await resolveUserLv(
4669
+ $asai,
4670
+ store,
4671
+ us,
4672
+ Number.isFinite(wsMyLv) ? wsMyLv : null
4673
+ );
4674
+ return sendSuccess(
4675
+ res,
4676
+ {
4677
+ us,
4678
+ lv: myLvOut,
4679
+ online,
4680
+ maxonline: _nullishCoalesce(_optionalChain([$asai, 'access', _580 => _580.getHost, 'optionalCall', _581 => _581(hostdir), 'optionalAccess', _582 => _582.maxonline]), () => ( 100))
4681
+ },
4682
+ opt
4683
+ );
4684
+ } catch (err) {
4685
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _583 => _583.message]) || err, opt);
4686
+ }
4493
4687
  }
4494
4688
  if (url.startsWith("/api/user/login/admin/levels/")) {
4495
- if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminRead"))) {
4689
+ if (!await checkAdmin(req, url, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminRead"))) {
4496
4690
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4497
4691
  }
4498
- await _chunkGXOFLFFWcjs.loadUserLevelConfig.call(void 0, $asai);
4499
- return sendSuccess(res, _chunkGXOFLFFWcjs.getUserLevelConfigSync.call(void 0, $asai), opt);
4692
+ await _chunkFRPN33BYcjs.loadUserLevelConfig.call(void 0, $asai);
4693
+ return sendSuccess(res, _chunkFRPN33BYcjs.getUserLevelConfigSync.call(void 0, $asai), opt);
4500
4694
  }
4501
4695
  if (url.startsWith("/api/user/login/admin/sessions/")) {
4502
4696
  if (!await checkAdmin(req, url)) {
@@ -4548,7 +4742,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4548
4742
  );
4549
4743
  }
4550
4744
  if (url.startsWith("/api/user/login/profile/")) {
4551
- const us = _optionalChain([req, 'optionalAccess', _559 => _559.Userinfo, 'optionalAccess', _560 => _560[0]]);
4745
+ const us = _optionalChain([req, 'optionalAccess', _584 => _584.Userinfo, 'optionalAccess', _585 => _585[0]]);
4552
4746
  if (!us) return sendErr(res, "AUTH_UNAUTHORIZED", void 0, opt);
4553
4747
  const user = await store.findByUsername(String(us));
4554
4748
  return sendSuccess(res, { user: user ? publicUser($asai, user) : null }, opt);
@@ -4590,16 +4784,16 @@ var As_default = {
4590
4784
  return { code: 908, data: val };
4591
4785
  },
4592
4786
  ctxSuccess(val, opt = null) {
4593
- if (typeof _optionalChain([opt, 'optionalAccess', _561 => _561.resAES]) === "function") {
4787
+ if (typeof _optionalChain([opt, 'optionalAccess', _586 => _586.resAES]) === "function") {
4594
4788
  val = opt.resAES(val);
4595
4789
  }
4596
4790
  return { code: 909, data: val };
4597
4791
  },
4598
4792
  getPath(str = "-") {
4599
- return _optionalChain([str, 'optionalAccess', _562 => _562.replace, 'call', _563 => _563(/[^a-zA-Z0-9.\-_\\\/]/g, "")]);
4793
+ return _optionalChain([str, 'optionalAccess', _587 => _587.replace, 'call', _588 => _588(/[^a-zA-Z0-9.\-_\\\/]/g, "")]);
4600
4794
  },
4601
4795
  getName(str = "-") {
4602
- return _optionalChain([str, 'optionalAccess', _564 => _564.replace, 'call', _565 => _565(/[^a-zA-Z0-9.\-_]/g, "")]);
4796
+ return _optionalChain([str, 'optionalAccess', _589 => _589.replace, 'call', _590 => _590(/[^a-zA-Z0-9.\-_]/g, "")]);
4603
4797
  },
4604
4798
  toDirPath(relativePath) {
4605
4799
  const pathArr = relativePath.split("/");
@@ -4613,10 +4807,10 @@ var As_default = {
4613
4807
  return relativePath;
4614
4808
  },
4615
4809
  //创建多层文件夹 同步
4616
- ensureDir(fs11, relativePath) {
4810
+ ensureDir(fs12, relativePath) {
4617
4811
  const absPathDir = this.toDirPath(relativePath);
4618
4812
  const absPath = this.toAbsolutePath(relativePath);
4619
- if (!fs11.existsSync(absPath)) {
4813
+ if (!fs12.existsSync(absPath)) {
4620
4814
  let pathTmp = "";
4621
4815
  absPathDir.split("/").forEach((el) => {
4622
4816
  if (el) {
@@ -4624,8 +4818,8 @@ var As_default = {
4624
4818
  pathTmp += "/";
4625
4819
  }
4626
4820
  pathTmp += el;
4627
- if (!fs11.existsSync(pathTmp)) {
4628
- if (!fs11.mkdirSync(pathTmp, { recursive: true })) {
4821
+ if (!fs12.existsSync(pathTmp)) {
4822
+ if (!fs12.mkdirSync(pathTmp, { recursive: true })) {
4629
4823
  return absPath;
4630
4824
  }
4631
4825
  }
@@ -4634,10 +4828,10 @@ var As_default = {
4634
4828
  }
4635
4829
  return absPath;
4636
4830
  },
4637
- makeDir(fs11, filePaths) {
4831
+ makeDir(fs12, filePaths) {
4638
4832
  return new Promise((resolve6, reject) => {
4639
4833
  try {
4640
- const newPath = this.ensureDir(fs11, filePaths);
4834
+ const newPath = this.ensureDir(fs12, filePaths);
4641
4835
  resolve6(newPath);
4642
4836
  } catch (err) {
4643
4837
  reject(err);
@@ -4670,7 +4864,7 @@ var As_default = {
4670
4864
  // immediate: false,
4671
4865
  // });
4672
4866
  dtImmediate(fn, opt) {
4673
- if (_optionalChain([opt, 'optionalAccess', _566 => _566.immediate])) {
4867
+ if (_optionalChain([opt, 'optionalAccess', _591 => _591.immediate])) {
4674
4868
  fn();
4675
4869
  opt.immediate = false;
4676
4870
  }
@@ -4692,7 +4886,7 @@ var As_default = {
4692
4886
  if (opt.endtime - opt.starttime < opt.wait) {
4693
4887
  this.dtClearTimeout(opt);
4694
4888
  }
4695
- if (!_optionalChain([opt, 'optionalAccess', _567 => _567.timeout])) {
4889
+ if (!_optionalChain([opt, 'optionalAccess', _592 => _592.timeout])) {
4696
4890
  opt.starttime = opt.endtime;
4697
4891
  opt.timeout = this.dtSetTimeout(fn, opt);
4698
4892
  }
@@ -4700,7 +4894,7 @@ var As_default = {
4700
4894
  // 节流:指定长度时间内有多次触发,只fn最后一次触发
4701
4895
  throttle(fn, opt) {
4702
4896
  this.dtImmediate(fn, opt);
4703
- if (!_optionalChain([opt, 'optionalAccess', _568 => _568.timeout])) {
4897
+ if (!_optionalChain([opt, 'optionalAccess', _593 => _593.timeout])) {
4704
4898
  opt.timeout = this.dtSetTimeout(fn, opt);
4705
4899
  }
4706
4900
  },
@@ -4736,8 +4930,8 @@ var As_default = {
4736
4930
  var AsCode_default = {
4737
4931
  // 加密
4738
4932
  asencode(str, keys) {
4739
- const strlen = _optionalChain([str, 'optionalAccess', _569 => _569.length]) || 0;
4740
- const keyslen = _optionalChain([keys, 'optionalAccess', _570 => _570.length]) || 0;
4933
+ const strlen = _optionalChain([str, 'optionalAccess', _594 => _594.length]) || 0;
4934
+ const keyslen = _optionalChain([keys, 'optionalAccess', _595 => _595.length]) || 0;
4741
4935
  let newstr = "";
4742
4936
  for (let i = 0; i < strlen; i++) {
4743
4937
  const rnum = Math.round(Math.random() * 1e3) % keyslen;
@@ -4762,7 +4956,7 @@ var AsCode_default = {
4762
4956
  const rnum = keys.indexOf(str[i + 3]);
4763
4957
  const rnumx = Number(rnum.toString().slice(-1)) + 1;
4764
4958
  const ylen = keyslen - rnumx;
4765
- newstr += _optionalChain([String, 'optionalAccess', _571 => _571.fromCodePoint, 'call', _572 => _572(
4959
+ newstr += _optionalChain([String, 'optionalAccess', _596 => _596.fromCodePoint, 'call', _597 => _597(
4766
4960
  (keys.indexOf(str[i++]) - rnumx) * ylen * ylen + (keys.indexOf(str[i++]) - rnumx) * ylen + (keys.indexOf(str[i++]) - rnumx)
4767
4961
  )]);
4768
4962
  }
@@ -4809,7 +5003,7 @@ var AsAES_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4809
5003
  if (typeof value !== "string") return value;
4810
5004
  try {
4811
5005
  return JSON.parse(value);
4812
- } catch (e44) {
5006
+ } catch (e51) {
4813
5007
  return value;
4814
5008
  }
4815
5009
  }
@@ -4845,7 +5039,7 @@ var AsAES_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4845
5039
  }
4846
5040
  _chunkSMVZ3ZDJcjs.__name.call(void 0, decrypt, "decrypt");
4847
5041
  function validateFields(payload, fields) {
4848
- return fields.every((key) => typeof _optionalChain([payload, 'optionalAccess', _573 => _573[key]]) === "string" && payload[key].length > 0);
5042
+ return fields.every((key) => typeof _optionalChain([payload, 'optionalAccess', _598 => _598[key]]) === "string" && payload[key].length > 0);
4849
5043
  }
4850
5044
  _chunkSMVZ3ZDJcjs.__name.call(void 0, validateFields, "validateFields");
4851
5045
  function reqAES(opt, fn = (data) => data) {
@@ -4853,7 +5047,7 @@ var AsAES_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4853
5047
  try {
4854
5048
  if (validateFields(reqData, ["data", "iv", "auth"])) {
4855
5049
  let aesData = decrypt(reqData);
4856
- if (_optionalChain([reqData, 'optionalAccess', _574 => _574.aes]) === 2) {
5050
+ if (_optionalChain([reqData, 'optionalAccess', _599 => _599.aes]) === 2) {
4857
5051
  aesData = JSON.parse(aesData);
4858
5052
  }
4859
5053
  return fn(aesData);
@@ -4887,24 +5081,24 @@ var AsAES_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4887
5081
  // src/sysserver/lib/common/AsDb.ts
4888
5082
  var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, cfg) => {
4889
5083
  const DataServer = _chunk2BCIIKRGcjs.getDataServerForAsDb.call(void 0, $asai, {
4890
- type: _optionalChain([cfg, 'optionalAccess', _575 => _575.type]) || "sqlite",
5084
+ type: _optionalChain([cfg, 'optionalAccess', _600 => _600.type]) || "sqlite",
4891
5085
  opt: {
4892
- ..._optionalChain([cfg, 'optionalAccess', _576 => _576.opt]) || {
5086
+ ..._optionalChain([cfg, 'optionalAccess', _601 => _601.opt]) || {
4893
5087
  database: "./webdata/webdb/sqlite/asaisqlite.db",
4894
5088
  create: 1
4895
5089
  }
4896
5090
  },
4897
- storeKey: _optionalChain([cfg, 'optionalAccess', _577 => _577.storeKey])
5091
+ storeKey: _optionalChain([cfg, 'optionalAccess', _602 => _602.storeKey])
4898
5092
  });
4899
5093
  function reqwherestr(str) {
4900
- if (_optionalChain([cfg, 'optionalAccess', _578 => _578.type]) === "sqlite" || _optionalChain([cfg, 'optionalAccess', _579 => _579.type]) === "mysql") {
5094
+ if (_optionalChain([cfg, 'optionalAccess', _603 => _603.type]) === "sqlite" || _optionalChain([cfg, 'optionalAccess', _604 => _604.type]) === "mysql") {
4901
5095
  return `'${str}'`;
4902
5096
  }
4903
5097
  return str;
4904
5098
  }
4905
5099
  _chunkSMVZ3ZDJcjs.__name.call(void 0, reqwherestr, "reqwherestr");
4906
5100
  function reqfield(queryData) {
4907
- if (_optionalChain([queryData, 'optionalAccess', _580 => _580.fd])) {
5101
+ if (_optionalChain([queryData, 'optionalAccess', _605 => _605.fd])) {
4908
5102
  return queryData.fd.split("-");
4909
5103
  }
4910
5104
  return cfg.field.data;
@@ -4912,14 +5106,14 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
4912
5106
  _chunkSMVZ3ZDJcjs.__name.call(void 0, reqfield, "reqfield");
4913
5107
  function reqwhere(queryData) {
4914
5108
  const wheretmp = [];
4915
- if ((_optionalChain([cfg, 'optionalAccess', _581 => _581.type]) === "sqlite" || _optionalChain([cfg, 'optionalAccess', _582 => _582.type]) === "mysql") && _optionalChain([queryData, 'optionalAccess', _583 => _583.wlv])) {
5109
+ if ((_optionalChain([cfg, 'optionalAccess', _606 => _606.type]) === "sqlite" || _optionalChain([cfg, 'optionalAccess', _607 => _607.type]) === "mysql") && _optionalChain([queryData, 'optionalAccess', _608 => _608.wlv])) {
4916
5110
  const wlvarr = queryData.wlv.split("-");
4917
5111
  wheretmp.push([wlvarr[0], ">", Number(wlvarr[1] || 0)]);
4918
5112
  }
4919
- if (_optionalChain([queryData, 'optionalAccess', _584 => _584.fl])) {
5113
+ if (_optionalChain([queryData, 'optionalAccess', _609 => _609.fl])) {
4920
5114
  wheretmp.push([cfg.field.class, "LIKE", reqwherestr(`${queryData.fl}%`)]);
4921
5115
  }
4922
- if (_optionalChain([queryData, 'optionalAccess', _585 => _585.ss]) && _optionalChain([queryData, 'optionalAccess', _586 => _586.ssty])) {
5116
+ if (_optionalChain([queryData, 'optionalAccess', _610 => _610.ss]) && _optionalChain([queryData, 'optionalAccess', _611 => _611.ssty])) {
4923
5117
  wheretmp.push([queryData.ssty, "LIKE", reqwherestr(`%${queryData.ss}%`)]);
4924
5118
  }
4925
5119
  if (wheretmp.length > 1) {
@@ -4930,16 +5124,16 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
4930
5124
  _chunkSMVZ3ZDJcjs.__name.call(void 0, reqwhere, "reqwhere");
4931
5125
  function reqorder(queryData) {
4932
5126
  const ordertmp = [];
4933
- if (_optionalChain([queryData, 'optionalAccess', _587 => _587.sx])) {
4934
- ordertmp.push([queryData.sx, _optionalChain([queryData, 'optionalAccess', _588 => _588.sxty]) == 1 ? "DESC" : "ASC"]);
5127
+ if (_optionalChain([queryData, 'optionalAccess', _612 => _612.sx])) {
5128
+ ordertmp.push([queryData.sx, _optionalChain([queryData, 'optionalAccess', _613 => _613.sxty]) == 1 ? "DESC" : "ASC"]);
4935
5129
  }
4936
5130
  return ordertmp;
4937
5131
  }
4938
5132
  _chunkSMVZ3ZDJcjs.__name.call(void 0, reqorder, "reqorder");
4939
5133
  function reqlimit(queryData) {
4940
5134
  let limittmp = "";
4941
- let limitps = _optionalChain([queryData, 'optionalAccess', _589 => _589.ps]);
4942
- if (_optionalChain([queryData, 'optionalAccess', _590 => _590.pg])) {
5135
+ let limitps = _optionalChain([queryData, 'optionalAccess', _614 => _614.ps]);
5136
+ if (_optionalChain([queryData, 'optionalAccess', _615 => _615.pg])) {
4943
5137
  limitps = limitps || 20;
4944
5138
  limittmp = `${(queryData.pg - 1) * limitps},${limitps}`;
4945
5139
  } else if (limitps) {
@@ -4951,7 +5145,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
4951
5145
  function decodePathSegment(seg) {
4952
5146
  try {
4953
5147
  return decodeURIComponent(seg);
4954
- } catch (e45) {
5148
+ } catch (e52) {
4955
5149
  return seg;
4956
5150
  }
4957
5151
  }
@@ -4967,7 +5161,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
4967
5161
  if (typeof body === "string") {
4968
5162
  try {
4969
5163
  body = JSON.parse(body);
4970
- } catch (e46) {
5164
+ } catch (e53) {
4971
5165
  return { content: body };
4972
5166
  }
4973
5167
  }
@@ -4992,8 +5186,8 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
4992
5186
  _chunkSMVZ3ZDJcjs.__name.call(void 0, fileKeyFromSegment, "fileKeyFromSegment");
4993
5187
  function getSqlParamsByUrl(req, opt) {
4994
5188
  let tmpSqlParams;
4995
- const reqArr = _optionalChain([req, 'optionalAccess', _591 => _591.url, 'optionalAccess', _592 => _592.split, 'call', _593 => _593("?"), 'access', _594 => _594[0], 'optionalAccess', _595 => _595.split, 'call', _596 => _596("/")]) || [];
4996
- const table = (_optionalChain([opt, 'optionalAccess', _597 => _597.qrdata, 'optionalAccess', _598 => _598.table]) || _optionalChain([opt, 'optionalAccess', _599 => _599.data, 'optionalAccess', _600 => _600.table]) || reqArr[3]).replaceAll("_", "/");
5189
+ const reqArr = _optionalChain([req, 'optionalAccess', _616 => _616.url, 'optionalAccess', _617 => _617.split, 'call', _618 => _618("?"), 'access', _619 => _619[0], 'optionalAccess', _620 => _620.split, 'call', _621 => _621("/")]) || [];
5190
+ const table = (_optionalChain([opt, 'optionalAccess', _622 => _622.qrdata, 'optionalAccess', _623 => _623.table]) || _optionalChain([opt, 'optionalAccess', _624 => _624.data, 'optionalAccess', _625 => _625.table]) || reqArr[3]).replaceAll("_", "/");
4997
5191
  if (!table) return tmpSqlParams;
4998
5192
  tmpSqlParams = {
4999
5193
  type: "select",
@@ -5002,7 +5196,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5002
5196
  if (reqArr[5]) {
5003
5197
  if (reqArr[4] === "insert") {
5004
5198
  tmpSqlParams.type = reqArr[4];
5005
- if (_optionalChain([cfg, 'optionalAccess', _601 => _601.type]) === "file") {
5199
+ if (_optionalChain([cfg, 'optionalAccess', _626 => _626.type]) === "file") {
5006
5200
  const { name: bodyName, content } = parseFileBody(opt.data);
5007
5201
  const fileKey = fileKeyFromSegment(reqArr[5], bodyName);
5008
5202
  tmpSqlParams.field = cfg.field.data;
@@ -5026,11 +5220,11 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5026
5220
  }
5027
5221
  } else if (reqArr[4] === "update") {
5028
5222
  tmpSqlParams.type = reqArr[4];
5029
- const rowKey = _optionalChain([cfg, 'optionalAccess', _602 => _602.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5223
+ const rowKey = _optionalChain([cfg, 'optionalAccess', _627 => _627.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5030
5224
  tmpSqlParams.where = [[cfg.field.key, "=", reqwherestr(rowKey)]];
5031
- if (_optionalChain([cfg, 'optionalAccess', _603 => _603.type]) === "file") {
5225
+ if (_optionalChain([cfg, 'optionalAccess', _628 => _628.type]) === "file") {
5032
5226
  const { content } = parseFileBody(opt.data);
5033
- const contentField = _optionalChain([cfg, 'access', _604 => _604.field, 'access', _605 => _605.data, 'optionalAccess', _606 => _606[1]]) || "content";
5227
+ const contentField = _optionalChain([cfg, 'access', _629 => _629.field, 'access', _630 => _630.data, 'optionalAccess', _631 => _631[1]]) || "content";
5034
5228
  tmpSqlParams.set = [[contentField, fileContentString(content)]];
5035
5229
  } else {
5036
5230
  tmpSqlParams.set = [];
@@ -5047,18 +5241,18 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5047
5241
  }
5048
5242
  } else if (reqArr[4] === "delete") {
5049
5243
  tmpSqlParams.type = reqArr[4];
5050
- const rowKey = _optionalChain([cfg, 'optionalAccess', _607 => _607.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5244
+ const rowKey = _optionalChain([cfg, 'optionalAccess', _632 => _632.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5051
5245
  tmpSqlParams.where = [[cfg.field.key, "=", reqwherestr(rowKey)]];
5052
5246
  } else {
5053
- if (_optionalChain([cfg, 'optionalAccess', _608 => _608.as]) > 1) {
5247
+ if (_optionalChain([cfg, 'optionalAccess', _633 => _633.as]) > 1) {
5054
5248
  tmpSqlParams.as = +cfg.as - 1;
5055
5249
  }
5056
5250
  tmpSqlParams.field = cfg.field.data;
5057
- const rowKey = _optionalChain([cfg, 'optionalAccess', _609 => _609.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5251
+ const rowKey = _optionalChain([cfg, 'optionalAccess', _634 => _634.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5058
5252
  tmpSqlParams.where = [[cfg.field.key, "=", reqwherestr(rowKey)]];
5059
5253
  }
5060
5254
  } else {
5061
- tmpSqlParams.as = _optionalChain([cfg, 'optionalAccess', _610 => _610.as]);
5255
+ tmpSqlParams.as = _optionalChain([cfg, 'optionalAccess', _635 => _635.as]);
5062
5256
  tmpSqlParams.field = reqfield(opt.data);
5063
5257
  tmpSqlParams.where = reqwhere(opt.data);
5064
5258
  tmpSqlParams.order = reqorder(opt.data);
@@ -5068,8 +5262,8 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5068
5262
  }
5069
5263
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getSqlParamsByUrl, "getSqlParamsByUrl");
5070
5264
  function dbFresh(req, resdb) {
5071
- if (_optionalChain([req, 'optionalAccess', _611 => _611.url, 'optionalAccess', _612 => _612.includes, 'call', _613 => _613("/selectlist/")])) {
5072
- const list = Array.isArray(resdb) ? resdb : _optionalChain([resdb, 'optionalAccess', _614 => _614.data]);
5265
+ if (_optionalChain([req, 'optionalAccess', _636 => _636.url, 'optionalAccess', _637 => _637.includes, 'call', _638 => _638("/selectlist/")])) {
5266
+ const list = Array.isArray(resdb) ? resdb : _optionalChain([resdb, 'optionalAccess', _639 => _639.data]);
5073
5267
  if (Array.isArray(list)) {
5074
5268
  const names = list.map((el) => {
5075
5269
  if (typeof el === "string") {
@@ -5091,8 +5285,8 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5091
5285
  }
5092
5286
  _chunkSMVZ3ZDJcjs.__name.call(void 0, dbFresh, "dbFresh");
5093
5287
  function normalizeFileSelectRow(row) {
5094
- const nameKey = _optionalChain([cfg, 'access', _615 => _615.field, 'optionalAccess', _616 => _616.data, 'optionalAccess', _617 => _617[0]]) || "name";
5095
- const contentKey = _optionalChain([cfg, 'access', _618 => _618.field, 'optionalAccess', _619 => _619.data, 'optionalAccess', _620 => _620[1]]) || "content";
5288
+ const nameKey = _optionalChain([cfg, 'access', _640 => _640.field, 'optionalAccess', _641 => _641.data, 'optionalAccess', _642 => _642[0]]) || "name";
5289
+ const contentKey = _optionalChain([cfg, 'access', _643 => _643.field, 'optionalAccess', _644 => _644.data, 'optionalAccess', _645 => _645[1]]) || "content";
5096
5290
  if (!row || typeof row !== "object") return row;
5097
5291
  const out = { ...row };
5098
5292
  if (out[nameKey] != null) {
@@ -5106,7 +5300,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5106
5300
  }
5107
5301
  _chunkSMVZ3ZDJcjs.__name.call(void 0, normalizeFileSelectRow, "normalizeFileSelectRow");
5108
5302
  function isFileSingleNameSelect(params) {
5109
- return _optionalChain([cfg, 'optionalAccess', _621 => _621.type]) === "file" && _optionalChain([params, 'optionalAccess', _622 => _622.type]) === "select" && !!_optionalChain([params, 'optionalAccess', _623 => _623.where, 'optionalAccess', _624 => _624.length]);
5303
+ return _optionalChain([cfg, 'optionalAccess', _646 => _646.type]) === "file" && _optionalChain([params, 'optionalAccess', _647 => _647.type]) === "select" && !!_optionalChain([params, 'optionalAccess', _648 => _648.where, 'optionalAccess', _649 => _649.length]);
5110
5304
  }
5111
5305
  _chunkSMVZ3ZDJcjs.__name.call(void 0, isFileSingleNameSelect, "isFileSingleNameSelect");
5112
5306
  function normalizeSelectResult(params, resdb) {
@@ -5120,12 +5314,12 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5120
5314
  }
5121
5315
  return data;
5122
5316
  }
5123
- if (_optionalChain([params, 'optionalAccess', _625 => _625.where, 'optionalAccess', _626 => _626.length]) && Array.isArray(data) && data.length === 1) {
5317
+ if (_optionalChain([params, 'optionalAccess', _650 => _650.where, 'optionalAccess', _651 => _651.length]) && Array.isArray(data) && data.length === 1) {
5124
5318
  data = data[0];
5125
5319
  }
5126
- if (_optionalChain([cfg, 'optionalAccess', _627 => _627.type]) === "file" && data && typeof data === "object" && !Array.isArray(data)) {
5127
- const nameKey = _optionalChain([cfg, 'access', _628 => _628.field, 'optionalAccess', _629 => _629.data, 'optionalAccess', _630 => _630[0]]) || "name";
5128
- const contentKey = _optionalChain([cfg, 'access', _631 => _631.field, 'optionalAccess', _632 => _632.data, 'optionalAccess', _633 => _633[1]]) || "content";
5320
+ if (_optionalChain([cfg, 'optionalAccess', _652 => _652.type]) === "file" && data && typeof data === "object" && !Array.isArray(data)) {
5321
+ const nameKey = _optionalChain([cfg, 'access', _653 => _653.field, 'optionalAccess', _654 => _654.data, 'optionalAccess', _655 => _655[0]]) || "name";
5322
+ const contentKey = _optionalChain([cfg, 'access', _656 => _656.field, 'optionalAccess', _657 => _657.data, 'optionalAccess', _658 => _658[1]]) || "content";
5129
5323
  if (data[nameKey] != null) {
5130
5324
  data[nameKey] = bareFileName(String(data[nameKey]));
5131
5325
  }
@@ -5135,7 +5329,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5135
5329
  if (text.startsWith("{") || text.startsWith("[")) {
5136
5330
  try {
5137
5331
  data[contentKey] = JSON.parse(text);
5138
- } catch (e47) {
5332
+ } catch (e54) {
5139
5333
  }
5140
5334
  }
5141
5335
  }
@@ -5144,7 +5338,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5144
5338
  }
5145
5339
  _chunkSMVZ3ZDJcjs.__name.call(void 0, normalizeSelectResult, "normalizeSelectResult");
5146
5340
  function dbCodePm(req, resdb) {
5147
- if (_optionalChain([req, 'optionalAccess', _634 => _634.Userinfo]) && _optionalChain([req, 'optionalAccess', _635 => _635.Userinfo, 'access', _636 => _636[2]])) {
5341
+ if (_optionalChain([req, 'optionalAccess', _659 => _659.Userinfo]) && _optionalChain([req, 'optionalAccess', _660 => _660.Userinfo, 'access', _661 => _661[2]])) {
5148
5342
  if (resdb != null && typeof resdb === "object") {
5149
5343
  resdb.data = $asai.$lib.AsCode.asencode(JSON.stringify(resdb.data), req.Userinfo[2]);
5150
5344
  }
@@ -5158,8 +5352,8 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5158
5352
  DataServer.sqlDb(params).then((resdb) => {
5159
5353
  res.end(JSON.stringify($asai.$lib.As.ctxSuccess(dbCodePm(req, dbFresh(req, resdb)), opt)));
5160
5354
  }).catch((errdb) => {
5161
- const msg = String(_optionalChain([errdb, 'optionalAccess', _637 => _637.message]) || errdb || "");
5162
- if (_optionalChain([params, 'optionalAccess', _638 => _638.type]) === "select" && msg.includes("no such table")) {
5355
+ const msg = String(_optionalChain([errdb, 'optionalAccess', _662 => _662.message]) || errdb || "");
5356
+ if (_optionalChain([params, 'optionalAccess', _663 => _663.type]) === "select" && msg.includes("no such table")) {
5163
5357
  res.end(JSON.stringify($asai.$lib.As.ctxSuccess([], opt)));
5164
5358
  return;
5165
5359
  }
@@ -5176,29 +5370,29 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5176
5370
  try {
5177
5371
  DataServer.sqlDb(params).then((resdb) => {
5178
5372
  let resData = normalizeSelectResult(params, dbFresh(req, resdb));
5179
- if (_optionalChain([params, 'optionalAccess', _639 => _639.as]) === 2 && _optionalChain([params, 'optionalAccess', _640 => _640.field, 'optionalAccess', _641 => _641.length]) > 1) {
5373
+ if (_optionalChain([params, 'optionalAccess', _664 => _664.as]) === 2 && _optionalChain([params, 'optionalAccess', _665 => _665.field, 'optionalAccess', _666 => _666.length]) > 1) {
5180
5374
  let limitArr = [];
5181
- if (_optionalChain([params, 'access', _642 => _642.limit, 'optionalAccess', _643 => _643.split, 'call', _644 => _644(","), 'optionalAccess', _645 => _645.length]) < 2) {
5182
- limitArr = [0, +_optionalChain([params, 'access', _646 => _646.limit, 'optionalAccess', _647 => _647.split, 'call', _648 => _648(","), 'optionalAccess', _649 => _649[0]])];
5375
+ if (_optionalChain([params, 'access', _667 => _667.limit, 'optionalAccess', _668 => _668.split, 'call', _669 => _669(","), 'optionalAccess', _670 => _670.length]) < 2) {
5376
+ limitArr = [0, +_optionalChain([params, 'access', _671 => _671.limit, 'optionalAccess', _672 => _672.split, 'call', _673 => _673(","), 'optionalAccess', _674 => _674[0]])];
5183
5377
  } else {
5184
5378
  limitArr = params.limit.split(",");
5185
5379
  limitArr = [+limitArr[0], +limitArr[0] + +limitArr[1]];
5186
5380
  }
5187
- if (_optionalChain([resData, 'access', _650 => _650.data, 'optionalAccess', _651 => _651.length])) {
5381
+ if (_optionalChain([resData, 'access', _675 => _675.data, 'optionalAccess', _676 => _676.length])) {
5188
5382
  resData.data = resData.data.slice(+limitArr[0], +limitArr[1]);
5189
5383
  }
5190
5384
  }
5191
5385
  resData = dbCodePm(req, resData);
5192
5386
  res.end(JSON.stringify($asai.$lib.As.ctxSuccess(resData, opt)));
5193
5387
  }).catch((errdb) => {
5194
- const msg = String(_optionalChain([errdb, 'optionalAccess', _652 => _652.message]) || errdb || "");
5195
- if (_optionalChain([params, 'optionalAccess', _653 => _653.type]) === "select" && msg.includes("no such table")) {
5388
+ const msg = String(_optionalChain([errdb, 'optionalAccess', _677 => _677.message]) || errdb || "");
5389
+ if (_optionalChain([params, 'optionalAccess', _678 => _678.type]) === "select" && msg.includes("no such table")) {
5196
5390
  res.end(JSON.stringify($asai.$lib.As.ctxSuccess([], opt)));
5197
5391
  return;
5198
5392
  }
5199
5393
  res.end(JSON.stringify($asai.$lib.As.ctxFail(errdb)));
5200
5394
  });
5201
- } catch (e48) {
5395
+ } catch (e55) {
5202
5396
  res.end(JSON.stringify({ code: 901 }));
5203
5397
  }
5204
5398
  } else {
@@ -5207,7 +5401,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5207
5401
  }
5208
5402
  _chunkSMVZ3ZDJcjs.__name.call(void 0, runDefaultGet, "runDefaultGet");
5209
5403
  function post(req, res, hostdir, opt) {
5210
- if (_optionalChain([cfg, 'optionalAccess', _654 => _654.post]) && typeof cfg.post === "function") {
5404
+ if (_optionalChain([cfg, 'optionalAccess', _679 => _679.post]) && typeof cfg.post === "function") {
5211
5405
  Promise.resolve(cfg.post(req, res, hostdir, opt, DataServer)).then((reqstat) => {
5212
5406
  if (!reqstat) runDefaultPost(req, res, opt);
5213
5407
  }).catch((errdb) => {
@@ -5219,7 +5413,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5219
5413
  }
5220
5414
  _chunkSMVZ3ZDJcjs.__name.call(void 0, post, "post");
5221
5415
  function get(req, res, hostdir, opt) {
5222
- if (_optionalChain([cfg, 'optionalAccess', _655 => _655.get]) && typeof cfg.get === "function") {
5416
+ if (_optionalChain([cfg, 'optionalAccess', _680 => _680.get]) && typeof cfg.get === "function") {
5223
5417
  Promise.resolve(cfg.get(req, res, hostdir, opt, DataServer)).then((reqstat) => {
5224
5418
  if (!reqstat) runDefaultGet(req, res, opt);
5225
5419
  }).catch((errdb) => {
@@ -5245,33 +5439,34 @@ var reqWork_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($as
5245
5439
  }
5246
5440
  _chunkSMVZ3ZDJcjs.__name.call(void 0, hostDefault2, "hostDefault");
5247
5441
  function getPathFromOpt(opt) {
5248
- const rawPath = _optionalChain([opt, 'access', _656 => _656.qrdata, 'optionalAccess', _657 => _657.path]) || _optionalChain([opt, 'access', _658 => _658.data, 'optionalAccess', _659 => _659.path]);
5442
+ const rawPath = _optionalChain([opt, 'access', _681 => _681.qrdata, 'optionalAccess', _682 => _682.path]) || _optionalChain([opt, 'access', _683 => _683.data, 'optionalAccess', _684 => _684.path]);
5249
5443
  if (!rawPath) {
5250
5444
  throw new Error("Missing path");
5251
5445
  }
5252
5446
  const decoded = decodeURIComponent(String(rawPath));
5253
- if (path4.isAbsolute(decoded)) {
5254
- return path4.normalize(decoded);
5447
+ if (decoded.includes("\0")) {
5448
+ throw new Error("Invalid path");
5255
5449
  }
5256
- const rel = decoded.replace(/^\.(\/)?/, "");
5257
- const serverRoot = _optionalChain([$asai, 'optionalAccess', _660 => _660.serverRoot]);
5258
- if (serverRoot && rel) {
5259
- const absRoot = path4.resolve(serverRoot);
5260
- const abs = path4.resolve(absRoot, rel);
5261
- const relCheck = path4.relative(absRoot, abs);
5262
- if (relCheck === "" || !relCheck.startsWith("..") && !path4.isAbsolute(relCheck)) {
5263
- return abs;
5264
- }
5450
+ const serverRoot = path5.resolve(_optionalChain([$asai, 'optionalAccess', _685 => _685.serverRoot]) || process.cwd() || ".");
5451
+ const cleaned = String(decoded).replace(/\\/g, "/").trim();
5452
+ if (path5.isAbsolute(cleaned) || /^[a-zA-Z]:/.test(cleaned) || cleaned.startsWith("//")) {
5453
+ return path5.normalize(cleaned);
5265
5454
  }
5266
- const roots = _optionalChain([$asai, 'optionalAccess', _661 => _661.asaihost, 'optionalAccess', _662 => _662.getHostAllowedRoots, 'optionalCall', _663 => _663(_optionalChain([$asai, 'optionalAccess', _664 => _664.hostconfig]))]) || [];
5267
- if (!roots.length) {
5268
- const fallback = _optionalChain([$asai, 'optionalAccess', _665 => _665.serverRoot]) || process.cwd();
5269
- if (fallback) roots.push(fallback);
5455
+ const absTarget = path5.resolve(serverRoot, cleaned.replace(/^\.\//, ""));
5456
+ const roots = _optionalChain([$asai, 'optionalAccess', _686 => _686.asaihost, 'optionalAccess', _687 => _687.getHostAllowedRoots, 'optionalCall', _688 => _688(_optionalChain([$asai, 'optionalAccess', _689 => _689.hostconfig]))]) || [];
5457
+ const allow = /* @__PURE__ */ new Set();
5458
+ for (const r of roots) {
5459
+ if (r) allow.add(path5.resolve(r));
5270
5460
  }
5271
- if (!_optionalChain([$asai, 'optionalAccess', _666 => _666.asaihost, 'optionalAccess', _667 => _667.resolvePathUnderRoots])) {
5272
- throw new Error("Path resolver unavailable");
5461
+ allow.add(serverRoot);
5462
+ allow.add(path5.resolve(serverRoot, ".."));
5463
+ for (const root of allow) {
5464
+ const rel = path5.relative(root, absTarget);
5465
+ if (rel === "" || !rel.startsWith("..") && !path5.isAbsolute(rel)) {
5466
+ return absTarget;
5467
+ }
5273
5468
  }
5274
- return $asai.asaihost.resolvePathUnderRoots(decoded, roots);
5469
+ throw new Error("Path not allowed");
5275
5470
  }
5276
5471
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getPathFromOpt, "getPathFromOpt");
5277
5472
  function sendSuccess(res, data, opt) {
@@ -5280,18 +5475,18 @@ var reqWork_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($as
5280
5475
  }
5281
5476
  _chunkSMVZ3ZDJcjs.__name.call(void 0, sendSuccess, "sendSuccess");
5282
5477
  function sendErr(res, ec, params, opt) {
5283
- const ErrorCode = _optionalChain([$asai, 'access', _668 => _668.$lib, 'optionalAccess', _669 => _669.ErrorCode]);
5284
- _optionalChain([ErrorCode, 'optionalAccess', _670 => _670.loadErrorCodes, 'optionalCall', _671 => _671($asai)]);
5285
- _optionalChain([ErrorCode, 'optionalAccess', _672 => _672.logError, 'optionalCall', _673 => _673($asai, ec, Array.isArray(params) ? params.map(String) : params != null ? [String(params)] : void 0)]);
5478
+ const ErrorCode = _optionalChain([$asai, 'access', _690 => _690.$lib, 'optionalAccess', _691 => _691.ErrorCode]);
5479
+ _optionalChain([ErrorCode, 'optionalAccess', _692 => _692.loadErrorCodes, 'optionalCall', _693 => _693($asai)]);
5480
+ _optionalChain([ErrorCode, 'optionalAccess', _694 => _694.logError, 'optionalCall', _695 => _695($asai, ec, Array.isArray(params) ? params.map(String) : params != null ? [String(params)] : void 0)]);
5286
5481
  const response = $asai.$lib.As.ctxErr(ec, params, opt);
5287
5482
  res.end(JSON.stringify(response));
5288
5483
  }
5289
5484
  _chunkSMVZ3ZDJcjs.__name.call(void 0, sendErr, "sendErr");
5290
5485
  function sendFail(res, err, opt) {
5291
- const ErrorCode = _optionalChain([$asai, 'access', _674 => _674.$lib, 'optionalAccess', _675 => _675.ErrorCode]);
5292
- _optionalChain([ErrorCode, 'optionalAccess', _676 => _676.loadErrorCodes, 'optionalCall', _677 => _677($asai)]);
5293
- const normalized = _optionalChain([ErrorCode, 'optionalAccess', _678 => _678.normalizeErrPayload, 'optionalCall', _679 => _679(err)]);
5294
- if (_optionalChain([normalized, 'optionalAccess', _680 => _680.ec])) {
5486
+ const ErrorCode = _optionalChain([$asai, 'access', _696 => _696.$lib, 'optionalAccess', _697 => _697.ErrorCode]);
5487
+ _optionalChain([ErrorCode, 'optionalAccess', _698 => _698.loadErrorCodes, 'optionalCall', _699 => _699($asai)]);
5488
+ const normalized = _optionalChain([ErrorCode, 'optionalAccess', _700 => _700.normalizeErrPayload, 'optionalCall', _701 => _701(err)]);
5489
+ if (_optionalChain([normalized, 'optionalAccess', _702 => _702.ec])) {
5295
5490
  return sendErr(res, normalized.ec, normalized.pm, opt);
5296
5491
  }
5297
5492
  const response = $asai.$lib.As.ctxFail(err);
@@ -5299,7 +5494,7 @@ var reqWork_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($as
5299
5494
  }
5300
5495
  _chunkSMVZ3ZDJcjs.__name.call(void 0, sendFail, "sendFail");
5301
5496
  function mnLog(...arg) {
5302
- (_optionalChain([$asai, 'optionalAccess', _681 => _681.$log]) || console.log)(...arg);
5497
+ (_optionalChain([$asai, 'optionalAccess', _703 => _703.$log]) || console.log)(...arg);
5303
5498
  }
5304
5499
  _chunkSMVZ3ZDJcjs.__name.call(void 0, mnLog, "mnLog");
5305
5500
  return { hostDefault: hostDefault2, getPathFromOpt, sendSuccess, sendFail, sendErr, mnLog };
@@ -5332,7 +5527,7 @@ async function pathExists(filePath) {
5332
5527
  try {
5333
5528
  await _promises2.default.access(nodePath2.default.normalize(filePath));
5334
5529
  return true;
5335
- } catch (e49) {
5530
+ } catch (e56) {
5336
5531
  return false;
5337
5532
  }
5338
5533
  }
@@ -5399,7 +5594,7 @@ async function removeFile(filePath) {
5399
5594
  try {
5400
5595
  await _promises2.default.unlink(nodePath2.default.normalize(filePath));
5401
5596
  } catch (err) {
5402
- if (_optionalChain([err, 'optionalAccess', _682 => _682.code]) !== "ENOENT") throw err;
5597
+ if (_optionalChain([err, 'optionalAccess', _704 => _704.code]) !== "ENOENT") throw err;
5403
5598
  }
5404
5599
  }
5405
5600
  _chunkSMVZ3ZDJcjs.__name.call(void 0, removeFile, "removeFile");
@@ -5512,11 +5707,11 @@ function toInsertRows(sql) {
5512
5707
  }
5513
5708
  _chunkSMVZ3ZDJcjs.__name.call(void 0, toInsertRows, "toInsertRows");
5514
5709
  function isPathInside(baseDir, targetPath) {
5515
- const base = path6.resolve(baseDir);
5516
- const target = path6.resolve(targetPath);
5517
- const relative5 = path6.relative(base, target);
5710
+ const base = path7.resolve(baseDir);
5711
+ const target = path7.resolve(targetPath);
5712
+ const relative5 = path7.relative(base, target);
5518
5713
  if (!relative5) return true;
5519
- return !relative5.startsWith("..") && !path6.isAbsolute(relative5);
5714
+ return !relative5.startsWith("..") && !path7.isAbsolute(relative5);
5520
5715
  }
5521
5716
  _chunkSMVZ3ZDJcjs.__name.call(void 0, isPathInside, "isPathInside");
5522
5717
  function joinTablePath(table, ...segments) {
@@ -5711,21 +5906,21 @@ function dbDriver(opt = {}) {
5711
5906
  this.fileExt = config.ext === ".*" ? "" : config.ext || "";
5712
5907
  this.fileDel = (config.del || 0) !== 0;
5713
5908
  this.createDir = config.create || false;
5714
- const root = _optionalChain([config, 'access', _683 => _683.$asai, 'optionalAccess', _684 => _684.serverRoot]) || _chunkHR5JKN7Ycjs.getPrimaryServerRoot.call(void 0, );
5715
- this.baseDirAbs = path7.resolve(root, config.dir);
5909
+ const root = _optionalChain([config, 'access', _705 => _705.$asai, 'optionalAccess', _706 => _706.serverRoot]) || _chunkHR5JKN7Ycjs.getPrimaryServerRoot.call(void 0, );
5910
+ this.baseDirAbs = path8.resolve(root, config.dir);
5716
5911
  }
5717
5912
  dbLog(...args) {
5718
- (_optionalChain([this, 'access', _685 => _685.config, 'optionalAccess', _686 => _686.$asai, 'optionalAccess', _687 => _687.$log]) || console.log)("FILE", ...args);
5913
+ (_optionalChain([this, 'access', _707 => _707.config, 'optionalAccess', _708 => _708.$asai, 'optionalAccess', _709 => _709.$log]) || console.log)("FILE", ...args);
5719
5914
  }
5720
5915
  checkFile(file) {
5721
- return fs10.existsSync(this.getAbsPath(file, false));
5916
+ return fs11.existsSync(this.getAbsPath(file, false));
5722
5917
  }
5723
5918
  /** 解析相对路径并限制在数据根目录内,防止路径穿越(跨平台) */
5724
5919
  resolvePath(relPath) {
5725
5920
  if (!relPath) {
5726
5921
  return this.baseDirAbs;
5727
5922
  }
5728
- const abs = path7.isAbsolute(relPath) ? path7.normalize(relPath) : path7.resolve(this.baseDirAbs, relPath);
5923
+ const abs = path8.isAbsolute(relPath) ? path8.normalize(relPath) : path8.resolve(this.baseDirAbs, relPath);
5729
5924
  if (!isPathInside2(this.baseDirAbs, abs)) {
5730
5925
  throw new Error("Path not allowed");
5731
5926
  }
@@ -5739,15 +5934,15 @@ function dbDriver(opt = {}) {
5739
5934
  if (!relPath) {
5740
5935
  return "";
5741
5936
  }
5742
- return path7.isAbsolute(relPath) ? path7.relative(this.baseDirAbs, relPath) : relPath;
5937
+ return path8.isAbsolute(relPath) ? path8.relative(this.baseDirAbs, relPath) : relPath;
5743
5938
  }
5744
5939
  ensureDir(relPath) {
5745
5940
  const relative5 = this.normalizeRelPath(relPath);
5746
- const dirPath = path7.dirname(relative5);
5941
+ const dirPath = path8.dirname(relative5);
5747
5942
  const absDir = this.resolvePath(dirPath === "." ? "" : dirPath);
5748
- if (this.createDir && !fs10.existsSync(absDir)) {
5943
+ if (this.createDir && !fs11.existsSync(absDir)) {
5749
5944
  this.dbLog("mkdir", "[MKDIR]", absDir);
5750
- fs10.mkdirSync(absDir, { recursive: true });
5945
+ fs11.mkdirSync(absDir, { recursive: true });
5751
5946
  }
5752
5947
  return absDir;
5753
5948
  }
@@ -5763,34 +5958,34 @@ function dbDriver(opt = {}) {
5763
5958
  }
5764
5959
  deldir(relativePath) {
5765
5960
  const absPath = this.resolvePath(relativePath);
5766
- if (!fs10.existsSync(absPath)) {
5961
+ if (!fs11.existsSync(absPath)) {
5767
5962
  return;
5768
5963
  }
5769
5964
  this.dbLog("delete", "[RMDIR]", absPath);
5770
- const entries = fs10.readdirSync(absPath, { withFileTypes: true });
5965
+ const entries = fs11.readdirSync(absPath, { withFileTypes: true });
5771
5966
  for (const entry of entries) {
5772
- const current = path7.join(absPath, entry.name);
5967
+ const current = path8.join(absPath, entry.name);
5773
5968
  if (entry.isDirectory()) {
5774
- this.deldir(path7.join(relativePath, entry.name));
5969
+ this.deldir(path8.join(relativePath, entry.name));
5775
5970
  } else {
5776
5971
  this.dbLog("delete", "[UNLINK]", current);
5777
- fs10.unlinkSync(current);
5972
+ fs11.unlinkSync(current);
5778
5973
  }
5779
5974
  }
5780
- fs10.rmdirSync(absPath);
5975
+ fs11.rmdirSync(absPath);
5781
5976
  }
5782
5977
  getReadPath(file, sql) {
5783
5978
  const candidates = [];
5784
- if (_optionalChain([sql, 'optionalAccess', _688 => _688.filename])) {
5785
- candidates.push({ dir: path7.join(file, sql.filename) });
5786
- candidates.push({ dir: path7.join(file + ".delete" + this.fileExt, sql.filename) });
5979
+ if (_optionalChain([sql, 'optionalAccess', _710 => _710.filename])) {
5980
+ candidates.push({ dir: path8.join(file, sql.filename) });
5981
+ candidates.push({ dir: path8.join(file + ".delete" + this.fileExt, sql.filename) });
5787
5982
  } else {
5788
5983
  candidates.push({ dir: file });
5789
5984
  candidates.push({ dir: file + this.fileExt + ".delete" });
5790
5985
  }
5791
5986
  for (const candidate of candidates) {
5792
5987
  const abs = this.getAbsPath(candidate.dir, false);
5793
- if (fs10.existsSync(abs)) {
5988
+ if (fs11.existsSync(abs)) {
5794
5989
  return { path: abs, dir: candidate.dir };
5795
5990
  }
5796
5991
  }
@@ -5801,22 +5996,22 @@ function dbDriver(opt = {}) {
5801
5996
  if (!read2.path) {
5802
5997
  return { path: "", dir: read2.dir };
5803
5998
  }
5804
- if (_optionalChain([sql, 'optionalAccess', _689 => _689.filename])) {
5805
- return { path: path7.dirname(read2.path), dir: path7.dirname(read2.dir) };
5999
+ if (_optionalChain([sql, 'optionalAccess', _711 => _711.filename])) {
6000
+ return { path: path8.dirname(read2.path), dir: path8.dirname(read2.dir) };
5806
6001
  }
5807
6002
  return { path: read2.path, dir: read2.dir };
5808
6003
  }
5809
6004
  getNewPath(file, sql) {
5810
- if (_optionalChain([sql, 'optionalAccess', _690 => _690.filename])) {
5811
- return this.getAbsPath(path7.join(file, sql.filename), true);
6005
+ if (_optionalChain([sql, 'optionalAccess', _712 => _712.filename])) {
6006
+ return this.getAbsPath(path8.join(file, sql.filename), true);
5812
6007
  }
5813
6008
  return this.getAbsPath(file, true);
5814
6009
  }
5815
6010
  write(file, data, sql) {
5816
6011
  try {
5817
- const filePath = _optionalChain([sql, 'optionalAccess', _691 => _691.type]) === "insert" ? this.getNewPath(file, sql) : this.getReadPath(file, sql).path || this.getNewPath(file, sql);
6012
+ const filePath = _optionalChain([sql, 'optionalAccess', _713 => _713.type]) === "insert" ? this.getNewPath(file, sql) : this.getReadPath(file, sql).path || this.getNewPath(file, sql);
5818
6013
  this.dbLog("write", "[WRITE]", filePath);
5819
- fs10.writeFileSync(filePath, data, "utf8");
6014
+ fs11.writeFileSync(filePath, data, "utf8");
5820
6015
  return "ok";
5821
6016
  } catch (e) {
5822
6017
  this.dbLog("write failed", "[WRITE ERROR]", e);
@@ -5830,7 +6025,7 @@ function dbDriver(opt = {}) {
5830
6025
  return { error: "empty" };
5831
6026
  }
5832
6027
  this.dbLog("read", "[READ]", read2.path);
5833
- const data = fs10.readFileSync(read2.path, { encoding }) || "";
6028
+ const data = fs11.readFileSync(read2.path, { encoding }) || "";
5834
6029
  const fileName = this.fileExt && read2.dir.endsWith(this.fileExt) ? read2.dir : read2.dir + this.fileExt;
5835
6030
  return [{ data, file: fileName }];
5836
6031
  } catch (e) {
@@ -5844,15 +6039,15 @@ function dbDriver(opt = {}) {
5844
6039
  if (!del.path) {
5845
6040
  return "";
5846
6041
  }
5847
- if (this.fileDel && _optionalChain([sql, 'optionalAccess', _692 => _692.deltrue])) {
6042
+ if (this.fileDel && _optionalChain([sql, 'optionalAccess', _714 => _714.deltrue])) {
5848
6043
  const target = del.path + ".delete" + this.fileExt;
5849
6044
  this.dbLog("soft delete", "[SOFT DELETE]", `${del.path} -> ${target}`);
5850
- fs10.renameSync(del.path, target);
5851
- } else if (_optionalChain([sql, 'optionalAccess', _693 => _693.filename])) {
6045
+ fs11.renameSync(del.path, target);
6046
+ } else if (_optionalChain([sql, 'optionalAccess', _715 => _715.filename])) {
5852
6047
  this.deldir(del.dir);
5853
6048
  } else {
5854
6049
  this.dbLog("delete", "[DELETE]", del.path);
5855
- fs10.unlinkSync(del.path);
6050
+ fs11.unlinkSync(del.path);
5856
6051
  }
5857
6052
  return "ok";
5858
6053
  } catch (e) {
@@ -5871,11 +6066,11 @@ function dbDriver(opt = {}) {
5871
6066
  const original = del.path.replace(new RegExp(`.delete${extPattern}$`), "");
5872
6067
  if (original !== del.path) {
5873
6068
  this.dbLog("restore", "[RESTORE]", `${del.path} -> ${original}`);
5874
- fs10.renameSync(del.path, original);
6069
+ fs11.renameSync(del.path, original);
5875
6070
  }
5876
6071
  } else {
5877
6072
  this.dbLog("force delete", "[FORCE DELETE]", del.path);
5878
- fs10.unlinkSync(del.path);
6073
+ fs11.unlinkSync(del.path);
5879
6074
  }
5880
6075
  return "ok";
5881
6076
  } catch (e) {
@@ -5889,9 +6084,9 @@ function dbDriver(opt = {}) {
5889
6084
  this.dbLog("list", "[LIST]", absDir);
5890
6085
  let entries;
5891
6086
  try {
5892
- entries = fs10.readdirSync(absDir, { withFileTypes: true });
5893
- } catch (e50) {
5894
- return _optionalChain([sql, 'optionalAccess', _694 => _694.list]) ? { open: [], delete: [] } : [];
6087
+ entries = fs11.readdirSync(absDir, { withFileTypes: true });
6088
+ } catch (e57) {
6089
+ return _optionalChain([sql, 'optionalAccess', _716 => _716.list]) ? { open: [], delete: [] } : [];
5895
6090
  }
5896
6091
  const result = { open: [], delete: [] };
5897
6092
  const deleteSuffix = ".delete" + this.fileExt;
@@ -5901,19 +6096,19 @@ function dbDriver(opt = {}) {
5901
6096
  const isDelete = fileName.endsWith(deleteSuffix);
5902
6097
  const baseName = isDelete ? fileName.slice(0, -deleteSuffix.length) : fileName;
5903
6098
  if (this.fileExt && !baseName.endsWith(this.fileExt)) continue;
5904
- const fullPath = path7.join(absDir, fileName);
6099
+ const fullPath = path8.join(absDir, fileName);
5905
6100
  try {
5906
- const data = fs10.readFileSync(fullPath, "utf8");
6101
+ const data = fs11.readFileSync(fullPath, "utf8");
5907
6102
  const entryData = { data, file: baseName };
5908
6103
  if (isDelete) {
5909
- if (_optionalChain([sql, 'optionalAccess', _695 => _695.list])) result.delete.push(entryData);
6104
+ if (_optionalChain([sql, 'optionalAccess', _717 => _717.list])) result.delete.push(entryData);
5910
6105
  } else {
5911
6106
  result.open.push(entryData);
5912
6107
  }
5913
- } catch (e51) {
6108
+ } catch (e58) {
5914
6109
  }
5915
6110
  }
5916
- return _optionalChain([sql, 'optionalAccess', _696 => _696.list]) ? result : result.open;
6111
+ return _optionalChain([sql, 'optionalAccess', _718 => _718.list]) ? result : result.open;
5917
6112
  } catch (e) {
5918
6113
  this.dbLog("list failed", "[LIST ERROR]", e);
5919
6114
  return e;
@@ -5923,7 +6118,7 @@ function dbDriver(opt = {}) {
5923
6118
  getFileNameFromWhere(where) {
5924
6119
  if (!where || !Array.isArray(where)) return "";
5925
6120
  const first = where.find((item) => Array.isArray(item));
5926
- const raw = _optionalChain([first, 'optionalAccess', _697 => _697[2]]);
6121
+ const raw = _optionalChain([first, 'optionalAccess', _719 => _719[2]]);
5927
6122
  if (typeof raw === "string") {
5928
6123
  return raw.replace(/^'+|'+$/g, "");
5929
6124
  }
@@ -5948,22 +6143,22 @@ function dbDriver(opt = {}) {
5948
6143
  const data = sql.set[0][1];
5949
6144
  result = this.write(this.tableFilePath(sql.table, file), data, sql);
5950
6145
  } else if (sql.type === "select") {
5951
- if (_optionalChain([sql, 'optionalAccess', _698 => _698.where, 'optionalAccess', _699 => _699.length]) && _optionalChain([sql, 'optionalAccess', _700 => _700.as]) !== 2) {
6146
+ if (_optionalChain([sql, 'optionalAccess', _720 => _720.where, 'optionalAccess', _721 => _721.length]) && _optionalChain([sql, 'optionalAccess', _722 => _722.as]) !== 2) {
5952
6147
  const file = this.getFileNameFromWhere(sql.where);
5953
6148
  const readRes = this.read(this.tableFilePath(sql.table, file), sql);
5954
6149
  const resObj = {};
5955
- if (_optionalChain([readRes, 'optionalAccess', _701 => _701[0], 'optionalAccess', _702 => _702.file]) && !readRes.error) {
6150
+ if (_optionalChain([readRes, 'optionalAccess', _723 => _723[0], 'optionalAccess', _724 => _724.file]) && !readRes.error) {
5956
6151
  if (sql.as === 1) {
5957
6152
  try {
5958
6153
  const parsed = JSON.parse(readRes[0].data);
5959
- if (_optionalChain([sql, 'access', _703 => _703.field, 'optionalAccess', _704 => _704.length])) {
6154
+ if (_optionalChain([sql, 'access', _725 => _725.field, 'optionalAccess', _726 => _726.length])) {
5960
6155
  sql.field.forEach((f) => {
5961
6156
  resObj[f] = _nullishCoalesce(parsed[f], () => ( ""));
5962
6157
  });
5963
6158
  } else {
5964
6159
  Object.assign(resObj, parsed);
5965
6160
  }
5966
- } catch (e52) {
6161
+ } catch (e59) {
5967
6162
  }
5968
6163
  } else {
5969
6164
  const fields = sql.field;
@@ -5977,7 +6172,7 @@ function dbDriver(opt = {}) {
5977
6172
  } else {
5978
6173
  const listRes = this.list(tableDir, sql);
5979
6174
  if (listRes && !listRes.error) {
5980
- if (_optionalChain([sql, 'optionalAccess', _705 => _705.list])) {
6175
+ if (_optionalChain([sql, 'optionalAccess', _727 => _727.list])) {
5981
6176
  const mapEntry = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (el) => {
5982
6177
  const fields = sql.field;
5983
6178
  const item = { [fields[0]]: el.file };
@@ -5988,9 +6183,9 @@ function dbDriver(opt = {}) {
5988
6183
  if (listRes.delete) listRes.delete = listRes.delete.map(mapEntry);
5989
6184
  result = listRes;
5990
6185
  } else {
5991
- if (_optionalChain([sql, 'optionalAccess', _706 => _706.as]) === 2) {
6186
+ if (_optionalChain([sql, 'optionalAccess', _728 => _728.as]) === 2) {
5992
6187
  let items = listRes;
5993
- if (_optionalChain([sql, 'access', _707 => _707.where, 'optionalAccess', _708 => _708.length])) {
6188
+ if (_optionalChain([sql, 'access', _729 => _729.where, 'optionalAccess', _730 => _730.length])) {
5994
6189
  const where = sql.where;
5995
6190
  const whereType = typeof where[0] === "string" ? where[0] : "and";
5996
6191
  items = items.filter((el) => {
@@ -6004,7 +6199,7 @@ function dbDriver(opt = {}) {
6004
6199
  let fieldVal = "";
6005
6200
  try {
6006
6201
  fieldVal = _nullishCoalesce(JSON.parse(el.data)[field], () => ( ""));
6007
- } catch (e53) {
6202
+ } catch (e60) {
6008
6203
  }
6009
6204
  const condMatch = String(fieldVal).includes(searchVal);
6010
6205
  if (whereType === "and") {
@@ -6022,18 +6217,18 @@ function dbDriver(opt = {}) {
6022
6217
  const obj = {};
6023
6218
  try {
6024
6219
  const parsed = JSON.parse(el.data);
6025
- if (_optionalChain([sql, 'access', _709 => _709.field, 'optionalAccess', _710 => _710.length])) {
6220
+ if (_optionalChain([sql, 'access', _731 => _731.field, 'optionalAccess', _732 => _732.length])) {
6026
6221
  sql.field.forEach((f) => {
6027
6222
  obj[f] = _nullishCoalesce(parsed[f], () => ( ""));
6028
6223
  });
6029
6224
  } else {
6030
6225
  Object.assign(obj, parsed);
6031
6226
  }
6032
- } catch (e54) {
6227
+ } catch (e61) {
6033
6228
  }
6034
6229
  return obj;
6035
6230
  });
6036
- if (_optionalChain([sql, 'access', _711 => _711.order, 'optionalAccess', _712 => _712.length])) {
6231
+ if (_optionalChain([sql, 'access', _733 => _733.order, 'optionalAccess', _734 => _734.length])) {
6037
6232
  const orderField = sql.order[0];
6038
6233
  const orderFieldName = typeof orderField === "string" ? orderField : orderField[0];
6039
6234
  const direction = typeof orderField === "string" ? "ASC" : String(orderField[1]).toUpperCase();
@@ -6054,7 +6249,7 @@ function dbDriver(opt = {}) {
6054
6249
  }
6055
6250
  }
6056
6251
  } else {
6057
- result = _optionalChain([sql, 'optionalAccess', _713 => _713.list]) ? { open: [], delete: [] } : [];
6252
+ result = _optionalChain([sql, 'optionalAccess', _735 => _735.list]) ? { open: [], delete: [] } : [];
6058
6253
  }
6059
6254
  }
6060
6255
  }
@@ -6110,7 +6305,7 @@ function sysserver($asai, opt = {}) {
6110
6305
  if (!$asai.$lib) $asai.$lib = {};
6111
6306
  $asai.$lib = { ...lib_default, ...$asai.$lib, ...opt || {} };
6112
6307
  $asai.dataserver = db_default;
6113
- _optionalChain([$asai, 'access', _714 => _714.$lib, 'access', _715 => _715.ErrorCode, 'optionalAccess', _716 => _716.loadErrorCodes, 'optionalCall', _717 => _717($asai)]);
6308
+ _optionalChain([$asai, 'access', _736 => _736.$lib, 'access', _737 => _737.ErrorCode, 'optionalAccess', _738 => _738.loadErrorCodes, 'optionalCall', _739 => _739($asai)]);
6114
6309
  if (!$asai.$lib.api) $asai.$lib.api = {};
6115
6310
  $asai.$lib.api = { ...api_default, ...$asai.$lib.api };
6116
6311
  if (!$asai.$lib.ws) $asai.$lib.ws = {};
@@ -6303,7 +6498,7 @@ function normalizeDataStoresConfig(cfg) {
6303
6498
  }
6304
6499
  if (userStore.opt.create == null) userStore.opt.create = 1;
6305
6500
  }
6306
- if (!stores.log && _optionalChain([cfg, 'access', _718 => _718.logger, 'optionalAccess', _719 => _719.store])) {
6501
+ if (!stores.log && _optionalChain([cfg, 'access', _740 => _740.logger, 'optionalAccess', _741 => _741.store])) {
6307
6502
  const s = cfg.logger.store;
6308
6503
  stores.log = {
6309
6504
  type: s.type || "file",
@@ -6367,13 +6562,13 @@ function validateHostConfig(cfg) {
6367
6562
  if (cfg.asaisn != null) {
6368
6563
  errors.push("asaisn \u7981\u6B62\u5199\u5165 asaihost.json\uFF0C\u8BF7\u4F7F\u7528 ASAI_ASAISN");
6369
6564
  }
6370
- if (_optionalChain([cfg, 'access', _720 => _720.aes, 'optionalAccess', _721 => _721.keybase64]) != null) {
6565
+ if (_optionalChain([cfg, 'access', _742 => _742.aes, 'optionalAccess', _743 => _743.keybase64]) != null) {
6371
6566
  errors.push("aes.keybase64 \u7981\u6B62\u5199\u5165 asaihost.json\uFF0C\u8BF7\u4F7F\u7528 ASAI_AES_KEYBASE64");
6372
6567
  }
6373
- if (_optionalChain([cfg, 'access', _722 => _722.httpscert, 'optionalAccess', _723 => _723.key]) != null || _optionalChain([cfg, 'access', _724 => _724.httpscert, 'optionalAccess', _725 => _725.cert]) != null) {
6568
+ if (_optionalChain([cfg, 'access', _744 => _744.httpscert, 'optionalAccess', _745 => _745.key]) != null || _optionalChain([cfg, 'access', _746 => _746.httpscert, 'optionalAccess', _747 => _747.cert]) != null) {
6374
6569
  errors.push("httpscert.key/cert \u7981\u6B62\u5185\u8054\u4E8E asaihost.json\uFF0C\u8BF7\u4F7F\u7528 keyPath/certPath \u6216\u73AF\u5883\u53D8\u91CF");
6375
6570
  }
6376
- if (_optionalChain([cfg, 'access', _726 => _726.security, 'optionalAccess', _727 => _727.sessionSecret]) != null) {
6571
+ if (_optionalChain([cfg, 'access', _748 => _748.security, 'optionalAccess', _749 => _749.sessionSecret]) != null) {
6377
6572
  errors.push("security.sessionSecret \u7981\u6B62\u5199\u5165 asaihost.json\uFF0C\u8BF7\u4F7F\u7528 ASAI_SESSION_SECRET");
6378
6573
  }
6379
6574
  if (Array.isArray(cfg.wssec) && typeof cfg.wssec[0] === "string" && cfg.wssec[0].length > 0) {
@@ -6428,10 +6623,10 @@ function validateHostConfig(cfg) {
6428
6623
  validateHostSiteLimits(name, h, errors);
6429
6624
  }
6430
6625
  }
6431
- if (_optionalChain([cfg, 'access', _728 => _728.logger, 'optionalAccess', _729 => _729.sample]) && typeof cfg.logger.sample !== "object") {
6626
+ if (_optionalChain([cfg, 'access', _750 => _750.logger, 'optionalAccess', _751 => _751.sample]) && typeof cfg.logger.sample !== "object") {
6432
6627
  errors.push('logger.sample \u5FC5\u987B\u4E3A\u5BF9\u8C61\uFF08\u5982 { "REQ_OTHER": 0.1 }\uFF09');
6433
6628
  }
6434
- if (_optionalChain([cfg, 'access', _730 => _730.logger, 'optionalAccess', _731 => _731.skip]) != null && !Array.isArray(cfg.logger.skip)) {
6629
+ if (_optionalChain([cfg, 'access', _752 => _752.logger, 'optionalAccess', _753 => _753.skip]) != null && !Array.isArray(cfg.logger.skip)) {
6435
6630
  errors.push('logger.skip \u5FC5\u987B\u4E3A\u5B57\u7B26\u4E32\u6570\u7EC4\uFF08\u5982 ["/sys/info/metrics"]\uFF09');
6436
6631
  }
6437
6632
  if (cfg.proxyhosts && typeof cfg.proxyhosts === "object") {
@@ -6465,7 +6660,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, validateHostSiteLimits, "validateHostSiteL
6465
6660
  function validateProductionSecurity(cfg) {
6466
6661
  const errors = [];
6467
6662
  if (process.env.NODE_ENV !== "production") return errors;
6468
- const sec = _optionalChain([cfg, 'optionalAccess', _732 => _732.security]);
6663
+ const sec = _optionalChain([cfg, 'optionalAccess', _754 => _754.security]);
6469
6664
  if (!sec || typeof sec !== "object") {
6470
6665
  errors.push("\u751F\u4EA7\u73AF\u5883\u5FC5\u987B\u914D\u7F6E security \u5BF9\u8C61");
6471
6666
  return errors;
@@ -6476,7 +6671,7 @@ function validateProductionSecurity(cfg) {
6476
6671
  if (sec.allowRegister === 1) {
6477
6672
  errors.push("\u751F\u4EA7\u73AF\u5883 security.allowRegister \u5E94\u4E3A 0\uFF08CR 1.3 \u7981\u6B62\u5F00\u653E\u6CE8\u518C\uFF09");
6478
6673
  }
6479
- if (!_optionalChain([sec, 'access', _733 => _733.quota, 'optionalAccess', _734 => _734.enabled])) {
6674
+ if (!_optionalChain([sec, 'access', _755 => _755.quota, 'optionalAccess', _756 => _756.enabled])) {
6480
6675
  errors.push("\u751F\u4EA7\u73AF\u5883 security.quota.enabled \u5E94\u4E3A 1\uFF08CR 7.1 \u8D44\u6E90\u9650\u5236\uFF09");
6481
6676
  }
6482
6677
  if (sec.csp !== 1) {
@@ -6485,7 +6680,7 @@ function validateProductionSecurity(cfg) {
6485
6680
  if (typeof sec.minUserLevel !== "number" || sec.minUserLevel < 0) {
6486
6681
  errors.push("\u751F\u4EA7\u73AF\u5883 security.minUserLevel \u5E94\u663E\u5F0F\u914D\u7F6E");
6487
6682
  }
6488
- if (sec.forceWss === 1 && !_optionalChain([cfg, 'optionalAccess', _735 => _735.httpscert, 'optionalAccess', _736 => _736.keyPath]) && !_optionalChain([cfg, 'optionalAccess', _737 => _737.httpscert, 'optionalAccess', _738 => _738.key])) {
6683
+ if (sec.forceWss === 1 && !_optionalChain([cfg, 'optionalAccess', _757 => _757.httpscert, 'optionalAccess', _758 => _758.keyPath]) && !_optionalChain([cfg, 'optionalAccess', _759 => _759.httpscert, 'optionalAccess', _760 => _760.key])) {
6489
6684
  errors.push("\u751F\u4EA7\u73AF\u5883 security.forceWss=1 \u65F6\u9700\u914D\u7F6E HTTPS \u8BC1\u4E66");
6490
6685
  }
6491
6686
  return errors;
@@ -6504,12 +6699,12 @@ var DEFAULT_RECONNECT = {
6504
6699
  rs485: { enabled: true, maxRetries: 60, initialDelay: 3e3, maxDelay: 3e4, factor: 2 }
6505
6700
  };
6506
6701
  function getTransportBlock(cfg, kind) {
6507
- const block = _optionalChain([cfg, 'optionalAccess', _739 => _739[kind]]);
6702
+ const block = _optionalChain([cfg, 'optionalAccess', _761 => _761[kind]]);
6508
6703
  return block && typeof block === "object" ? block : null;
6509
6704
  }
6510
6705
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getTransportBlock, "getTransportBlock");
6511
6706
  function getTransportDefault(cfg, kind) {
6512
- const def = _optionalChain([getTransportBlock, 'call', _740 => _740(cfg, kind), 'optionalAccess', _741 => _741.default]);
6707
+ const def = _optionalChain([getTransportBlock, 'call', _762 => _762(cfg, kind), 'optionalAccess', _763 => _763.default]);
6513
6708
  return def && typeof def === "object" ? def : null;
6514
6709
  }
6515
6710
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getTransportDefault, "getTransportDefault");
@@ -6519,7 +6714,7 @@ function hasTransportDefault(cfg, kind) {
6519
6714
  _chunkSMVZ3ZDJcjs.__name.call(void 0, hasTransportDefault, "hasTransportDefault");
6520
6715
  function getDefaultConnId(cfg, kind) {
6521
6716
  const def = getTransportDefault(cfg, kind);
6522
- const id = _optionalChain([def, 'optionalAccess', _742 => _742.id]);
6717
+ const id = _optionalChain([def, 'optionalAccess', _764 => _764.id]);
6523
6718
  return typeof id === "string" && id.length > 0 ? id : DEFAULT_CONN_ID[kind];
6524
6719
  }
6525
6720
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getDefaultConnId, "getDefaultConnId");
@@ -6530,14 +6725,14 @@ function shouldAutoConnect(def) {
6530
6725
  _chunkSMVZ3ZDJcjs.__name.call(void 0, shouldAutoConnect, "shouldAutoConnect");
6531
6726
  function resolveReconnectOptions(def, kind, cfg) {
6532
6727
  const base = DEFAULT_RECONNECT[kind];
6533
- const rc = _optionalChain([def, 'optionalAccess', _743 => _743.reconnect]);
6534
- const tmMaxTry = _optionalChain([cfg, 'optionalAccess', _744 => _744.tm, 'optionalAccess', _745 => _745.maxtry]);
6728
+ const rc = _optionalChain([def, 'optionalAccess', _765 => _765.reconnect]);
6729
+ const tmMaxTry = _optionalChain([cfg, 'optionalAccess', _766 => _766.tm, 'optionalAccess', _767 => _767.maxtry]);
6535
6730
  return {
6536
- enabled: _optionalChain([rc, 'optionalAccess', _746 => _746.enabled]) !== false && base.enabled !== false,
6537
- maxRetries: _nullishCoalesce(_nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _747 => _747.maxRetries]), () => ( tmMaxTry)), () => ( base.maxRetries)), () => ( 60)),
6538
- initialDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _748 => _748.initialDelay]), () => ( base.initialDelay)), () => ( 1e3)),
6539
- maxDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _749 => _749.maxDelay]), () => ( base.maxDelay)), () => ( 3e4)),
6540
- factor: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _750 => _750.factor]), () => ( base.factor)), () => ( 2))
6731
+ enabled: _optionalChain([rc, 'optionalAccess', _768 => _768.enabled]) !== false && base.enabled !== false,
6732
+ maxRetries: _nullishCoalesce(_nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _769 => _769.maxRetries]), () => ( tmMaxTry)), () => ( base.maxRetries)), () => ( 60)),
6733
+ initialDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _770 => _770.initialDelay]), () => ( base.initialDelay)), () => ( 1e3)),
6734
+ maxDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _771 => _771.maxDelay]), () => ( base.maxDelay)), () => ( 3e4)),
6735
+ factor: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _772 => _772.factor]), () => ( base.factor)), () => ( 2))
6541
6736
  };
6542
6737
  }
6543
6738
  _chunkSMVZ3ZDJcjs.__name.call(void 0, resolveReconnectOptions, "resolveReconnectOptions");
@@ -6587,17 +6782,17 @@ function createTransportDataHandler($asai, manager) {
6587
6782
  if (typeof event.data === "string") {
6588
6783
  try {
6589
6784
  event.data = JSON.parse(event.data);
6590
- } catch (e55) {
6785
+ } catch (e62) {
6591
6786
  }
6592
6787
  }
6593
- if (_optionalChain([event, 'access', _751 => _751.data, 'optionalAccess', _752 => _752.id])) {
6788
+ if (_optionalChain([event, 'access', _773 => _773.data, 'optionalAccess', _774 => _774.id])) {
6594
6789
  manager.watch(event.id, event.data);
6595
6790
  return;
6596
6791
  }
6597
6792
  try {
6598
- const wsKey = _optionalChain([$asai, 'optionalAccess', _753 => _753.command, 'optionalAccess', _754 => _754.commandconfig, 'optionalAccess', _755 => _755.config, 'optionalAccess', _756 => _756.commandclient]);
6599
- _optionalChain([$asai, 'access', _757 => _757.serversws, 'optionalAccess', _758 => _758[wsKey], 'optionalAccess', _759 => _759.broadws, 'optionalCall', _760 => _760(event.data)]);
6600
- } catch (e56) {
6793
+ const wsKey = _optionalChain([$asai, 'optionalAccess', _775 => _775.command, 'optionalAccess', _776 => _776.commandconfig, 'optionalAccess', _777 => _777.config, 'optionalAccess', _778 => _778.commandclient]);
6794
+ _optionalChain([$asai, 'access', _779 => _779.serversws, 'optionalAccess', _780 => _780[wsKey], 'optionalAccess', _781 => _781.broadws, 'optionalCall', _782 => _782(event.data)]);
6795
+ } catch (e63) {
6601
6796
  }
6602
6797
  };
6603
6798
  }
@@ -6644,20 +6839,20 @@ var initAsaiHostNodejs2 = {
6644
6839
  initHostserverWs,
6645
6840
  syncApiRouteKeys,
6646
6841
  syncWsRouteKeys,
6647
- secureCompare: _chunkWXW5DYNUcjs.secureCompare,
6842
+ secureCompare: _chunkH2QP5J7Xcjs.secureCompare,
6648
6843
  resolvePathUnderRoots,
6649
6844
  getHostAllowedRoots,
6650
6845
  logSecurityEvent,
6651
6846
  sanitizeString,
6652
6847
  validateHttpAuth,
6653
6848
  normalizeSecurityConfig,
6654
- stripForbiddenSecretsFromHostConfig: _chunkZK4O4Z2Ocjs.stripForbiddenSecretsFromHostConfig,
6655
- loadAsaiSecrets: _chunkZK4O4Z2Ocjs.loadAsaiSecrets,
6656
- loadDotEnvFile: _chunkZK4O4Z2Ocjs.loadDotEnvFile,
6657
- applySecretsToHostConfig: _chunkZK4O4Z2Ocjs.applySecretsToHostConfig,
6658
- resolveHttpsCertFromPaths: _chunkZK4O4Z2Ocjs.resolveHttpsCertFromPaths,
6659
- validateAsaiSecrets: _chunkZK4O4Z2Ocjs.validateAsaiSecrets,
6660
- isDevDefaultPassword: _chunkZK4O4Z2Ocjs.isDevDefaultPassword,
6849
+ stripForbiddenSecretsFromHostConfig: _chunk5EWEKXQIcjs.stripForbiddenSecretsFromHostConfig,
6850
+ loadAsaiSecrets: _chunk5EWEKXQIcjs.loadAsaiSecrets,
6851
+ loadDotEnvFile: _chunk5EWEKXQIcjs.loadDotEnvFile,
6852
+ applySecretsToHostConfig: _chunk5EWEKXQIcjs.applySecretsToHostConfig,
6853
+ resolveHttpsCertFromPaths: _chunk5EWEKXQIcjs.resolveHttpsCertFromPaths,
6854
+ validateAsaiSecrets: _chunk5EWEKXQIcjs.validateAsaiSecrets,
6855
+ isDevDefaultPassword: _chunk5EWEKXQIcjs.isDevDefaultPassword,
6661
6856
  getTransportBlock,
6662
6857
  getTransportDefault,
6663
6858
  hasTransportDefault,
@@ -6669,7 +6864,7 @@ var initAsaiHostNodejs2 = {
6669
6864
  createTransportDataHandler,
6670
6865
  wireTransportConnectionLogs
6671
6866
  };
6672
- var PLUGIN_VERSION = true ? "0.0.9" : "0.0.1";
6867
+ var PLUGIN_VERSION = true ? "0.0.11" : "0.0.1";
6673
6868
  var index_default = initAsaiHostNodejs2;
6674
6869
 
6675
6870
 
@@ -6712,5 +6907,5 @@ var index_default = initAsaiHostNodejs2;
6712
6907
 
6713
6908
 
6714
6909
 
6715
- exports.AsaiCommon = Index_default; exports.AsaiUtils = utils_exports; exports.PLUGIN_NAME = PLUGIN_NAME; exports.PLUGIN_VERSION = PLUGIN_VERSION; exports.applySecretsToHostConfig = _chunkZK4O4Z2Ocjs.applySecretsToHostConfig; exports.createTransportDataHandler = createTransportDataHandler; exports.default = index_default; exports.ensureDefaultConnection = ensureDefaultConnection; exports.getDefaultConnId = getDefaultConnId; exports.getHostAllowedRoots = getHostAllowedRoots; exports.getTransportBlock = getTransportBlock; exports.getTransportDefault = getTransportDefault; exports.hasTransportDefault = hasTransportDefault; exports.initAsaiHostNodejs = initAsaiHostNodejs2; exports.initHostserverApi = initHostserverApi; exports.initHostserverWs = initHostserverWs; exports.initTransportBridge = initTransportBridge; exports.isDevDefaultPassword = _chunkZK4O4Z2Ocjs.isDevDefaultPassword; exports.loadAsaiSecrets = _chunkZK4O4Z2Ocjs.loadAsaiSecrets; exports.loadDotEnvFile = _chunkZK4O4Z2Ocjs.loadDotEnvFile; exports.logSecurityEvent = logSecurityEvent; exports.normalizeHostConfig = normalizeHostConfig; exports.normalizeSecurityConfig = normalizeSecurityConfig; exports.registerApi = registerApi; exports.registerWs = registerWs; exports.resolveHttpsCertFromPaths = _chunkZK4O4Z2Ocjs.resolveHttpsCertFromPaths; exports.resolvePathUnderRoots = resolvePathUnderRoots; exports.resolveReconnectOptions = resolveReconnectOptions; exports.sanitizeString = sanitizeString; exports.secureCompare = _chunkWXW5DYNUcjs.secureCompare; exports.shouldAutoConnect = shouldAutoConnect; exports.stripForbiddenSecretsFromHostConfig = _chunkZK4O4Z2Ocjs.stripForbiddenSecretsFromHostConfig; exports.syncApiRouteKeys = syncApiRouteKeys; exports.syncWsRouteKeys = syncWsRouteKeys; exports.sysserver = sysserver; exports.validateAsaiSecrets = _chunkZK4O4Z2Ocjs.validateAsaiSecrets; exports.validateHostConfig = validateHostConfig; exports.validateHttpAuth = validateHttpAuth; exports.validateProductionSecurity = validateProductionSecurity; exports.wireTransportConnectionLogs = wireTransportConnectionLogs;
6910
+ exports.AsaiCommon = Index_default; exports.AsaiUtils = utils_exports; exports.PLUGIN_NAME = PLUGIN_NAME; exports.PLUGIN_VERSION = PLUGIN_VERSION; exports.applySecretsToHostConfig = _chunk5EWEKXQIcjs.applySecretsToHostConfig; exports.createTransportDataHandler = createTransportDataHandler; exports.default = index_default; exports.ensureDefaultConnection = ensureDefaultConnection; exports.getDefaultConnId = getDefaultConnId; exports.getHostAllowedRoots = getHostAllowedRoots; exports.getTransportBlock = getTransportBlock; exports.getTransportDefault = getTransportDefault; exports.hasTransportDefault = hasTransportDefault; exports.initAsaiHostNodejs = initAsaiHostNodejs2; exports.initHostserverApi = initHostserverApi; exports.initHostserverWs = initHostserverWs; exports.initTransportBridge = initTransportBridge; exports.isDevDefaultPassword = _chunk5EWEKXQIcjs.isDevDefaultPassword; exports.loadAsaiSecrets = _chunk5EWEKXQIcjs.loadAsaiSecrets; exports.loadDotEnvFile = _chunk5EWEKXQIcjs.loadDotEnvFile; exports.logSecurityEvent = logSecurityEvent; exports.normalizeHostConfig = normalizeHostConfig; exports.normalizeSecurityConfig = normalizeSecurityConfig; exports.registerApi = registerApi; exports.registerWs = registerWs; exports.resolveHttpsCertFromPaths = _chunk5EWEKXQIcjs.resolveHttpsCertFromPaths; exports.resolvePathUnderRoots = resolvePathUnderRoots; exports.resolveReconnectOptions = resolveReconnectOptions; exports.sanitizeString = sanitizeString; exports.secureCompare = _chunkH2QP5J7Xcjs.secureCompare; exports.shouldAutoConnect = shouldAutoConnect; exports.stripForbiddenSecretsFromHostConfig = _chunk5EWEKXQIcjs.stripForbiddenSecretsFromHostConfig; exports.syncApiRouteKeys = syncApiRouteKeys; exports.syncWsRouteKeys = syncWsRouteKeys; exports.sysserver = sysserver; exports.validateAsaiSecrets = _chunk5EWEKXQIcjs.validateAsaiSecrets; exports.validateHostConfig = validateHostConfig; exports.validateHttpAuth = validateHttpAuth; exports.validateProductionSecurity = validateProductionSecurity; exports.wireTransportConnectionLogs = wireTransportConnectionLogs;
6716
6911
  //# sourceMappingURL=asaihost-nodejs.cjs.map