astro-sessionkit 0.1.19 → 0.1.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/guardMiddleware.d.ts.map +1 -1
- package/dist/core/guardMiddleware.js +1 -0
- package/dist/core/guardMiddleware.js.map +1 -1
- package/dist/index.d.ts +3 -3
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +3 -24
- package/dist/index.js.map +1 -1
- package/dist/integration.d.ts +1 -1
- package/dist/integration.d.ts.map +1 -1
- package/dist/integration.js +12 -4
- package/dist/integration.js.map +1 -1
- package/package.json +1 -1
- package/src/core/guardMiddleware.ts +1 -0
- package/src/index.ts +3 -52
- package/src/integration.ts +18 -3
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guardMiddleware.d.ts","sourceRoot":"","sources":["../../src/core/guardMiddleware.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAa,iBAAiB,EAAC,MAAM,OAAO,CAAC;AAsEzD,wBAAgB,qBAAqB,IAAI,iBAAiB,
|
|
1
|
+
{"version":3,"file":"guardMiddleware.d.ts","sourceRoot":"","sources":["../../src/core/guardMiddleware.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAa,iBAAiB,EAAC,MAAM,OAAO,CAAC;AAsEzD,wBAAgB,qBAAqB,IAAI,iBAAiB,CAoEzD"}
|
|
@@ -57,6 +57,7 @@ function createGuardMiddleware() {
|
|
|
57
57
|
}
|
|
58
58
|
debug(`[Guard] Pathname: ${pathname}, GlobalProtect: ${globalProtect}, Rules: ${protect.length}`);
|
|
59
59
|
if (protect.length === 0 && !globalProtect) {
|
|
60
|
+
debug(`[Guard] Skipping ${pathname} because no rules are configured and globalProtect is false`);
|
|
60
61
|
return next();
|
|
61
62
|
}
|
|
62
63
|
const sessionContext = getContextStore();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guardMiddleware.js","sources":["../../src/core/guardMiddleware.ts"],"sourcesContent":["// ============================================================================\n// Route Guard Middleware - Enforces protection rules\n// ============================================================================\n\nimport type {APIContext, MiddlewareHandler} from \"astro\";\nimport { getContextStore } from \"./context\";\nimport { getConfig } from \"./config\";\nimport { matchesPattern } from \"./matcher\";\nimport type { ProtectionRule, Session } from \"./types\";\nimport { isValidSessionStructure } from \"./validation\";\nimport * as logger from \"./logger\";\n\n/**\n * Check if session satisfies a protection rule\n */\nasync function checkRule(rule: ProtectionRule, session: Session | null): Promise<boolean> {\n const { access } = getConfig();\n\n // Custom check overrides everything\n if (access.check) {\n try {\n return await access.check(rule, session);\n } catch (error) {\n logger.error('Error in custom access check hook:', error);\n return false;\n }\n }\n\n // Custom allow function\n if (\"allow\" in rule) {\n try {\n return await rule.allow(session);\n } catch (error) {\n logger.error('Error in custom rule allow function:', error);\n return false;\n }\n }\n\n // Must be authenticated and have a valid session structure for all other checks\n if (!session || !isValidSessionStructure(session)) {\n return false;\n }\n\n // Single role check\n if (\"role\" in rule) {\n const userRole = access.getRole(session);\n return userRole === rule.role;\n }\n\n // Multiple roles check (user must have ONE of these)\n if (\"roles\" in rule) {\n const userRole = access.getRole(session);\n return userRole !== null && rule.roles.includes(userRole);\n }\n\n // Single permission check\n if (\"permission\" in rule) {\n const userPermissions = access.getPermissions(session);\n return userPermissions.includes(rule.permission);\n }\n\n // Multiple permissions check (user must have ALL of these)\n if (\"permissions\" in rule) {\n const userPermissions = access.getPermissions(session);\n return rule.permissions.every((p) => userPermissions.includes(p));\n }\n\n // No specific rule matched - allow by default\n return true;\n}\n\n/**\n * Create route guard middleware\n */\nexport function createGuardMiddleware(): MiddlewareHandler {\n return async (context : APIContext, next) => {\n const { protect, loginPath, globalProtect, exclude } = getConfig();\n \n let pathname: string;\n try {\n pathname = new URL(context.request.url).pathname;\n } catch {\n // Fallback if URL is invalid (unlikely in Astro)\n pathname = \"/\";\n }\n\n logger.debug(`[Guard] Pathname: ${pathname}, GlobalProtect: ${globalProtect}, Rules: ${protect.length}`);\n\n // No rules configured and no global protect - skip\n if (protect.length === 0 && !globalProtect) {\n return next();\n }\n\n const sessionContext = getContextStore();\n const session = sessionContext?.session ?? null;\n\n // Find matching rule\n const rule = protect.find((r) => matchesPattern(r.pattern, pathname));\n \n if (rule) {\n logger.debug(`[Guard] Found matching rule for ${pathname}:`, rule);\n }\n\n // No matching rule - check global protection\n if (!rule) {\n if (globalProtect) {\n // Skip if path is in exclude list\n if (exclude.some((pattern) => matchesPattern(pattern, pathname))) {\n logger.debug(`[GlobalProtect] Skipping ${pathname} because it matches an exclude pattern`);\n return next();\n }\n \n // Skip if it's the login page itself (to avoid redirect loops)\n if (pathname === loginPath) {\n logger.debug(`[GlobalProtect] Skipping ${pathname} because it is the loginPath`);\n return next();\n }\n\n // Require valid session\n if (!session || !isValidSessionStructure(session)) {\n logger.debug(`[GlobalProtect] Redirecting to ${loginPath} because session is ${session ? 'invalid' : 'missing'}`);\n return context.redirect(loginPath);\n }\n }\n \n logger.debug(`[GlobalProtect] Allowing ${pathname} because session is valid or globalProtect is false`);\n return next();\n }\n\n // Check if access is allowed\n const allowed = await checkRule(rule, session);\n\n if (!allowed) {\n const redirectTo = rule.redirectTo ?? loginPath;\n logger.debug(`[Guard] Redirecting to ${redirectTo} because access was denied by rule:`, rule);\n return context.redirect(redirectTo);\n }\n\n logger.debug(`[Guard] Allowing ${pathname} because access was granted by rule:`, rule);\n return next();\n };\n}\n"],"names":["error","logger.error","logger.debug"],"mappings":";;;;;;AAeA,eAAe,SAAS,CAAC,IAAoB,EAAE,OAAuB,EAAA;AACpE,IAAA,MAAM,EAAE,MAAM,EAAE,GAAG,SAAS,EAAE;AAG9B,IAAA,IAAI,MAAM,CAAC,KAAK,EAAE;AAChB,QAAA,IAAI;YACF,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,CAAC;QAC1C;QAAE,OAAOA,OAAK,EAAE;AACd,YAAAC,KAAY,CAAC,oCAAoC,EAAED,OAAK,CAAC;AACzD,YAAA,OAAO,KAAK;QACd;IACF;AAGA,IAAA,IAAI,OAAO,IAAI,IAAI,EAAE;AACnB,QAAA,IAAI;AACF,YAAA,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;QAClC;QAAE,OAAOA,OAAK,EAAE;AACd,YAAAC,KAAY,CAAC,sCAAsC,EAAED,OAAK,CAAC;AAC3D,YAAA,OAAO,KAAK;QACd;IACF;IAGA,IAAI,CAAC,OAAO,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,EAAE;AACjD,QAAA,OAAO,KAAK;IACd;AAGA,IAAA,IAAI,MAAM,IAAI,IAAI,EAAE;QAClB,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;AACxC,QAAA,OAAO,QAAQ,KAAK,IAAI,CAAC,IAAI;IAC/B;AAGA,IAAA,IAAI,OAAO,IAAI,IAAI,EAAE;QACnB,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;AACxC,QAAA,OAAO,QAAQ,KAAK,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;IAC3D;AAGA,IAAA,IAAI,YAAY,IAAI,IAAI,EAAE;QACxB,MAAM,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC;QACtD,OAAO,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC;IAClD;AAGA,IAAA,IAAI,aAAa,IAAI,IAAI,EAAE;QACzB,MAAM,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC;AACtD,QAAA,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACnE;AAGA,IAAA,OAAO,IAAI;AACb;SAKgB,qBAAqB,GAAA;AACnC,IAAA,OAAO,OAAO,OAAoB,EAAE,IAAI,KAAI;AAC1C,QAAA,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,OAAO,EAAE,GAAG,SAAS,EAAE;AAElE,QAAA,IAAI,QAAgB;AACpB,QAAA,IAAI;AACF,YAAA,QAAQ,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,QAAQ;QAClD;AAAE,QAAA,MAAM;YAEN,QAAQ,GAAG,GAAG;QAChB;AAEA,QAAAE,KAAY,CAAC,CAAA,kBAAA,EAAqB,QAAQ,CAAA,iBAAA,EAAoB,aAAa,CAAA,SAAA,EAAY,OAAO,CAAC,MAAM,CAAA,CAAE,CAAC;QAGxG,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE;
|
|
1
|
+
{"version":3,"file":"guardMiddleware.js","sources":["../../src/core/guardMiddleware.ts"],"sourcesContent":["// ============================================================================\n// Route Guard Middleware - Enforces protection rules\n// ============================================================================\n\nimport type {APIContext, MiddlewareHandler} from \"astro\";\nimport { getContextStore } from \"./context\";\nimport { getConfig } from \"./config\";\nimport { matchesPattern } from \"./matcher\";\nimport type { ProtectionRule, Session } from \"./types\";\nimport { isValidSessionStructure } from \"./validation\";\nimport * as logger from \"./logger\";\n\n/**\n * Check if session satisfies a protection rule\n */\nasync function checkRule(rule: ProtectionRule, session: Session | null): Promise<boolean> {\n const { access } = getConfig();\n\n // Custom check overrides everything\n if (access.check) {\n try {\n return await access.check(rule, session);\n } catch (error) {\n logger.error('Error in custom access check hook:', error);\n return false;\n }\n }\n\n // Custom allow function\n if (\"allow\" in rule) {\n try {\n return await rule.allow(session);\n } catch (error) {\n logger.error('Error in custom rule allow function:', error);\n return false;\n }\n }\n\n // Must be authenticated and have a valid session structure for all other checks\n if (!session || !isValidSessionStructure(session)) {\n return false;\n }\n\n // Single role check\n if (\"role\" in rule) {\n const userRole = access.getRole(session);\n return userRole === rule.role;\n }\n\n // Multiple roles check (user must have ONE of these)\n if (\"roles\" in rule) {\n const userRole = access.getRole(session);\n return userRole !== null && rule.roles.includes(userRole);\n }\n\n // Single permission check\n if (\"permission\" in rule) {\n const userPermissions = access.getPermissions(session);\n return userPermissions.includes(rule.permission);\n }\n\n // Multiple permissions check (user must have ALL of these)\n if (\"permissions\" in rule) {\n const userPermissions = access.getPermissions(session);\n return rule.permissions.every((p) => userPermissions.includes(p));\n }\n\n // No specific rule matched - allow by default\n return true;\n}\n\n/**\n * Create route guard middleware\n */\nexport function createGuardMiddleware(): MiddlewareHandler {\n return async (context : APIContext, next) => {\n const { protect, loginPath, globalProtect, exclude } = getConfig();\n \n let pathname: string;\n try {\n pathname = new URL(context.request.url).pathname;\n } catch {\n // Fallback if URL is invalid (unlikely in Astro)\n pathname = \"/\";\n }\n\n logger.debug(`[Guard] Pathname: ${pathname}, GlobalProtect: ${globalProtect}, Rules: ${protect.length}`);\n\n // No rules configured and no global protect - skip\n if (protect.length === 0 && !globalProtect) {\n logger.debug(`[Guard] Skipping ${pathname} because no rules are configured and globalProtect is false`);\n return next();\n }\n\n const sessionContext = getContextStore();\n const session = sessionContext?.session ?? null;\n\n // Find matching rule\n const rule = protect.find((r) => matchesPattern(r.pattern, pathname));\n \n if (rule) {\n logger.debug(`[Guard] Found matching rule for ${pathname}:`, rule);\n }\n\n // No matching rule - check global protection\n if (!rule) {\n if (globalProtect) {\n // Skip if path is in exclude list\n if (exclude.some((pattern) => matchesPattern(pattern, pathname))) {\n logger.debug(`[GlobalProtect] Skipping ${pathname} because it matches an exclude pattern`);\n return next();\n }\n \n // Skip if it's the login page itself (to avoid redirect loops)\n if (pathname === loginPath) {\n logger.debug(`[GlobalProtect] Skipping ${pathname} because it is the loginPath`);\n return next();\n }\n\n // Require valid session\n if (!session || !isValidSessionStructure(session)) {\n logger.debug(`[GlobalProtect] Redirecting to ${loginPath} because session is ${session ? 'invalid' : 'missing'}`);\n return context.redirect(loginPath);\n }\n }\n \n logger.debug(`[GlobalProtect] Allowing ${pathname} because session is valid or globalProtect is false`);\n return next();\n }\n\n // Check if access is allowed\n const allowed = await checkRule(rule, session);\n\n if (!allowed) {\n const redirectTo = rule.redirectTo ?? loginPath;\n logger.debug(`[Guard] Redirecting to ${redirectTo} because access was denied by rule:`, rule);\n return context.redirect(redirectTo);\n }\n\n logger.debug(`[Guard] Allowing ${pathname} because access was granted by rule:`, rule);\n return next();\n };\n}\n"],"names":["error","logger.error","logger.debug"],"mappings":";;;;;;AAeA,eAAe,SAAS,CAAC,IAAoB,EAAE,OAAuB,EAAA;AACpE,IAAA,MAAM,EAAE,MAAM,EAAE,GAAG,SAAS,EAAE;AAG9B,IAAA,IAAI,MAAM,CAAC,KAAK,EAAE;AAChB,QAAA,IAAI;YACF,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,CAAC;QAC1C;QAAE,OAAOA,OAAK,EAAE;AACd,YAAAC,KAAY,CAAC,oCAAoC,EAAED,OAAK,CAAC;AACzD,YAAA,OAAO,KAAK;QACd;IACF;AAGA,IAAA,IAAI,OAAO,IAAI,IAAI,EAAE;AACnB,QAAA,IAAI;AACF,YAAA,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;QAClC;QAAE,OAAOA,OAAK,EAAE;AACd,YAAAC,KAAY,CAAC,sCAAsC,EAAED,OAAK,CAAC;AAC3D,YAAA,OAAO,KAAK;QACd;IACF;IAGA,IAAI,CAAC,OAAO,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,EAAE;AACjD,QAAA,OAAO,KAAK;IACd;AAGA,IAAA,IAAI,MAAM,IAAI,IAAI,EAAE;QAClB,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;AACxC,QAAA,OAAO,QAAQ,KAAK,IAAI,CAAC,IAAI;IAC/B;AAGA,IAAA,IAAI,OAAO,IAAI,IAAI,EAAE;QACnB,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;AACxC,QAAA,OAAO,QAAQ,KAAK,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;IAC3D;AAGA,IAAA,IAAI,YAAY,IAAI,IAAI,EAAE;QACxB,MAAM,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC;QACtD,OAAO,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC;IAClD;AAGA,IAAA,IAAI,aAAa,IAAI,IAAI,EAAE;QACzB,MAAM,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC;AACtD,QAAA,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACnE;AAGA,IAAA,OAAO,IAAI;AACb;SAKgB,qBAAqB,GAAA;AACnC,IAAA,OAAO,OAAO,OAAoB,EAAE,IAAI,KAAI;AAC1C,QAAA,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,OAAO,EAAE,GAAG,SAAS,EAAE;AAElE,QAAA,IAAI,QAAgB;AACpB,QAAA,IAAI;AACF,YAAA,QAAQ,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,QAAQ;QAClD;AAAE,QAAA,MAAM;YAEN,QAAQ,GAAG,GAAG;QAChB;AAEA,QAAAE,KAAY,CAAC,CAAA,kBAAA,EAAqB,QAAQ,CAAA,iBAAA,EAAoB,aAAa,CAAA,SAAA,EAAY,OAAO,CAAC,MAAM,CAAA,CAAE,CAAC;QAGxG,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE;AAC1C,YAAAA,KAAY,CAAC,oBAAoB,QAAQ,CAAA,2DAAA,CAA6D,CAAC;YACvG,OAAO,IAAI,EAAE;QACf;AAEA,QAAA,MAAM,cAAc,GAAG,eAAe,EAAE;AACxC,QAAA,MAAM,OAAO,GAAG,cAAc,EAAE,OAAO,IAAI,IAAI;QAG/C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,cAAc,CAAC,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAErE,IAAI,IAAI,EAAE;YACRA,KAAY,CAAC,CAAA,gCAAA,EAAmC,QAAQ,CAAA,CAAA,CAAG,EAAE,IAAI,CAAC;QACpE;QAGA,IAAI,CAAC,IAAI,EAAE;YACT,IAAI,aAAa,EAAE;AAEjB,gBAAA,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,KAAK,cAAc,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,EAAE;AAChE,oBAAAA,KAAY,CAAC,4BAA4B,QAAQ,CAAA,sCAAA,CAAwC,CAAC;oBAC1F,OAAO,IAAI,EAAE;gBACf;AAGA,gBAAA,IAAI,QAAQ,KAAK,SAAS,EAAE;AAC1B,oBAAAA,KAAY,CAAC,4BAA4B,QAAQ,CAAA,4BAAA,CAA8B,CAAC;oBAChF,OAAO,IAAI,EAAE;gBACf;gBAGA,IAAI,CAAC,OAAO,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,EAAE;AACjD,oBAAAA,KAAY,CAAC,CAAA,+BAAA,EAAkC,SAAS,uBAAuB,OAAO,GAAG,SAAS,GAAG,SAAS,CAAA,CAAE,CAAC;AACjH,oBAAA,OAAO,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;gBACpC;YACF;AAEA,YAAAA,KAAY,CAAC,4BAA4B,QAAQ,CAAA,mDAAA,CAAqD,CAAC;YACvG,OAAO,IAAI,EAAE;QACf;QAGA,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,IAAI,EAAE,OAAO,CAAC;QAE9C,IAAI,CAAC,OAAO,EAAE;AACZ,YAAA,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,SAAS;YAC/CA,KAAY,CAAC,CAAA,uBAAA,EAA0B,UAAU,CAAA,mCAAA,CAAqC,EAAE,IAAI,CAAC;AAC7F,YAAA,OAAO,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;QACrC;QAEAA,KAAY,CAAC,CAAA,iBAAA,EAAoB,QAAQ,CAAA,oCAAA,CAAsC,EAAE,IAAI,CAAC;QACtF,OAAO,IAAI,EAAE;AACf,IAAA,CAAC;AACH;;;;"}
|
package/dist/index.d.ts
CHANGED
|
@@ -48,9 +48,9 @@ interface SessionKitConfig {
|
|
|
48
48
|
debug?: boolean;
|
|
49
49
|
}
|
|
50
50
|
|
|
51
|
-
declare function
|
|
51
|
+
declare function sessionKit(config?: SessionKitConfig): AstroIntegration;
|
|
52
52
|
|
|
53
|
-
declare const version = "0.1.
|
|
53
|
+
declare const version = "0.1.20";
|
|
54
54
|
|
|
55
|
-
export {
|
|
55
|
+
export { sessionKit as default, version };
|
|
56
56
|
export type { AccessHooks, CustomProtectionRule, PermissionProtectionRule, PermissionsProtectionRule, ProtectionRule, RoleProtectionRule, RolesProtectionRule, Session, SessionContext, SessionKitConfig };
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAIA,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAIA,OAAO,UAAU,MAAM,eAAe,CAAC;AAEvC,eAAe,UAAU,CAAC;AAM1B,YAAY,EACR,OAAO,EACP,cAAc,EACd,kBAAkB,EAClB,mBAAmB,EACnB,wBAAwB,EACxB,yBAAyB,EACzB,oBAAoB,EACpB,gBAAgB,EAChB,WAAW,EACX,cAAc,EACjB,MAAM,cAAc,CAAC;AAMtB,eAAO,MAAM,OAAO,WAAW,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1,27 +1,6 @@
|
|
|
1
|
-
import
|
|
1
|
+
import sessionKit from './integration.js';
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
setConfig(config);
|
|
5
|
-
const resolvedConfig = getConfig();
|
|
6
|
-
return {
|
|
7
|
-
name: "astro-sessionkit",
|
|
8
|
-
hooks: {
|
|
9
|
-
"astro:config:setup": ({ addMiddleware }) => {
|
|
10
|
-
addMiddleware({
|
|
11
|
-
entrypoint: "astro-sessionkit/middleware",
|
|
12
|
-
order: "pre",
|
|
13
|
-
});
|
|
14
|
-
if ((resolvedConfig.protect && resolvedConfig.protect.length > 0) || resolvedConfig.globalProtect) {
|
|
15
|
-
addMiddleware({
|
|
16
|
-
entrypoint: "astro-sessionkit/guard",
|
|
17
|
-
order: "pre",
|
|
18
|
-
});
|
|
19
|
-
}
|
|
20
|
-
},
|
|
21
|
-
},
|
|
22
|
-
};
|
|
23
|
-
}
|
|
24
|
-
const version = "0.1.0";
|
|
3
|
+
const version = "0.1.20";
|
|
25
4
|
|
|
26
|
-
export {
|
|
5
|
+
export { sessionKit as default, version };
|
|
27
6
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../src/index.ts"],"sourcesContent":["// ============================================================================\n// Astro SessionKit - Main Integration Entry Point\n// ============================================================================\n\nimport
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../src/index.ts"],"sourcesContent":["// ============================================================================\n// Astro SessionKit - Main Integration Entry Point\n// ============================================================================\n\nimport sessionkit from \"./integration\";\n\nexport default sessionkit;\n\n// ============================================================================\n// Re-export types for convenience\n// ============================================================================\n\nexport type {\n Session,\n ProtectionRule,\n RoleProtectionRule,\n RolesProtectionRule,\n PermissionProtectionRule,\n PermissionsProtectionRule,\n CustomProtectionRule,\n SessionKitConfig,\n AccessHooks,\n SessionContext\n} from \"./core/types\";\n\n// ============================================================================\n// Version export\n// ============================================================================\n\nexport const version = \"0.1.20\";\n"],"names":[],"mappings":";;AA6BO,MAAM,OAAO,GAAG;;;;"}
|
package/dist/integration.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import type { AstroIntegration } from "astro";
|
|
2
2
|
import type { SessionKitConfig } from "./core/types";
|
|
3
3
|
export default function sessionKit(config?: SessionKitConfig): AstroIntegration;
|
|
4
|
-
export type { Session, ProtectionRule, SessionKitConfig } from "./core/types";
|
|
4
|
+
export type { Session, ProtectionRule, RoleProtectionRule, RolesProtectionRule, PermissionProtectionRule, PermissionsProtectionRule, CustomProtectionRule, SessionKitConfig, AccessHooks, SessionContext } from "./core/types";
|
|
5
5
|
//# sourceMappingURL=integration.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"integration.d.ts","sourceRoot":"","sources":["../src/integration.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,OAAO,CAAC;AAE9C,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAwBrD,MAAM,CAAC,OAAO,UAAU,UAAU,CAAC,MAAM,GAAE,gBAAqB,GAAG,gBAAgB,
|
|
1
|
+
{"version":3,"file":"integration.d.ts","sourceRoot":"","sources":["../src/integration.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,OAAO,CAAC;AAE9C,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAwBrD,MAAM,CAAC,OAAO,UAAU,UAAU,CAAC,MAAM,GAAE,gBAAqB,GAAG,gBAAgB,CA8BlF;AAED,YAAY,EACV,OAAO,EACP,cAAc,EACd,kBAAkB,EAClB,mBAAmB,EACnB,wBAAwB,EACxB,yBAAyB,EACzB,oBAAoB,EACpB,gBAAgB,EAChB,WAAW,EACX,cAAc,EACf,MAAM,cAAc,CAAC"}
|
package/dist/integration.js
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
import {
|
|
2
|
-
|
|
1
|
+
import { setConfig, getConfig } from './core/config.js';
|
|
2
|
+
|
|
3
|
+
function sessionKit(config = {}) {
|
|
3
4
|
setConfig(config);
|
|
4
5
|
const resolvedConfig = getConfig();
|
|
5
6
|
return {
|
|
@@ -10,14 +11,21 @@ export default function sessionKit(config = {}) {
|
|
|
10
11
|
entrypoint: "astro-sessionkit/middleware",
|
|
11
12
|
order: "pre",
|
|
12
13
|
});
|
|
13
|
-
|
|
14
|
+
const hasRules = (resolvedConfig.protect && resolvedConfig.protect.length > 0);
|
|
15
|
+
const isGlobal = !!resolvedConfig.globalProtect;
|
|
16
|
+
if (hasRules || isGlobal) {
|
|
14
17
|
addMiddleware({
|
|
15
18
|
entrypoint: "astro-sessionkit/guard",
|
|
16
19
|
order: "pre",
|
|
17
20
|
});
|
|
18
21
|
}
|
|
22
|
+
else if (resolvedConfig.debug) {
|
|
23
|
+
console.log("[SessionKit] Route guard NOT registered: no rules and globalProtect is false.");
|
|
24
|
+
}
|
|
19
25
|
},
|
|
20
26
|
},
|
|
21
27
|
};
|
|
22
28
|
}
|
|
23
|
-
|
|
29
|
+
|
|
30
|
+
export { sessionKit as default };
|
|
31
|
+
//# sourceMappingURL=integration.js.map
|
package/dist/integration.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"integration.js","
|
|
1
|
+
{"version":3,"file":"integration.js","sources":["../src/integration.ts"],"sourcesContent":["// ============================================================================\n// Astro Integration\n// ============================================================================\n\nimport type { AstroIntegration } from \"astro\";\nimport {getConfig, setConfig} from \"./core/config\";\nimport type { SessionKitConfig } from \"./core/types\";\n\n/**\n * SessionKit - Simple session access and route protection for Astro\n * \n * @example\n * ```ts\n * // astro.config.mjs\n * import sessionkit from 'astro-sessionkit';\n * \n * export default defineConfig({\n * integrations: [\n * sessionkit({\n * loginPath: '/login',\n * protect: [\n * { pattern: '/admin/**', role: 'admin' },\n * { pattern: '/dashboard', roles: ['user', 'admin'] },\n * { pattern: '/settings', permissions: ['settings:write'] }\n * ]\n * })\n * ]\n * });\n * ```\n */\nexport default function sessionKit(config: SessionKitConfig = {}): AstroIntegration {\n // Store configuration\n setConfig(config);\n const resolvedConfig = getConfig();\n\n return {\n name: \"astro-sessionkit\",\n hooks: {\n \"astro:config:setup\": ({ addMiddleware }) => {\n // 1. Always add session context middleware first\n addMiddleware({\n entrypoint: \"astro-sessionkit/middleware\",\n order: \"pre\",\n });\n\n // 2. Add route guard if there are protection rules or global protection is enabled\n const hasRules = (resolvedConfig.protect && resolvedConfig.protect.length > 0);\n const isGlobal = !!resolvedConfig.globalProtect;\n\n if (hasRules || isGlobal) {\n addMiddleware({\n entrypoint: \"astro-sessionkit/guard\",\n order: \"pre\",\n });\n } else if (resolvedConfig.debug) {\n console.log(\"[SessionKit] Route guard NOT registered: no rules and globalProtect is false.\");\n }\n },\n },\n };\n}\n\nexport type {\n Session,\n ProtectionRule,\n RoleProtectionRule,\n RolesProtectionRule,\n PermissionProtectionRule,\n PermissionsProtectionRule,\n CustomProtectionRule,\n SessionKitConfig,\n AccessHooks,\n SessionContext\n} from \"./core/types\";\n"],"names":[],"mappings":";;AA8Bc,SAAU,UAAU,CAAC,SAA2B,EAAE,EAAA;IAE9D,SAAS,CAAC,MAAM,CAAC;AACjB,IAAA,MAAM,cAAc,GAAG,SAAS,EAAE;IAElC,OAAO;AACL,QAAA,IAAI,EAAE,kBAAkB;AACxB,QAAA,KAAK,EAAE;AACL,YAAA,oBAAoB,EAAE,CAAC,EAAE,aAAa,EAAE,KAAI;AAE1C,gBAAA,aAAa,CAAC;AACZ,oBAAA,UAAU,EAAE,6BAA6B;AACzC,oBAAA,KAAK,EAAE,KAAK;AACb,iBAAA,CAAC;AAGF,gBAAA,MAAM,QAAQ,IAAI,cAAc,CAAC,OAAO,IAAI,cAAc,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;AAC9E,gBAAA,MAAM,QAAQ,GAAG,CAAC,CAAC,cAAc,CAAC,aAAa;AAE/C,gBAAA,IAAI,QAAQ,IAAI,QAAQ,EAAE;AACxB,oBAAA,aAAa,CAAC;AACZ,wBAAA,UAAU,EAAE,wBAAwB;AACpC,wBAAA,KAAK,EAAE,KAAK;AACb,qBAAA,CAAC;gBACJ;AAAO,qBAAA,IAAI,cAAc,CAAC,KAAK,EAAE;AAC/B,oBAAA,OAAO,CAAC,GAAG,CAAC,+EAA+E,CAAC;gBAC9F;YACF,CAAC;AACF,SAAA;KACF;AACH;;;;"}
|
package/package.json
CHANGED
|
@@ -88,6 +88,7 @@ export function createGuardMiddleware(): MiddlewareHandler {
|
|
|
88
88
|
|
|
89
89
|
// No rules configured and no global protect - skip
|
|
90
90
|
if (protect.length === 0 && !globalProtect) {
|
|
91
|
+
logger.debug(`[Guard] Skipping ${pathname} because no rules are configured and globalProtect is false`);
|
|
91
92
|
return next();
|
|
92
93
|
}
|
|
93
94
|
|
package/src/index.ts
CHANGED
|
@@ -2,58 +2,9 @@
|
|
|
2
2
|
// Astro SessionKit - Main Integration Entry Point
|
|
3
3
|
// ============================================================================
|
|
4
4
|
|
|
5
|
-
import
|
|
6
|
-
import {getConfig, setConfig} from "./core/config";
|
|
7
|
-
import type { SessionKitConfig } from "./core/types";
|
|
5
|
+
import sessionkit from "./integration";
|
|
8
6
|
|
|
9
|
-
|
|
10
|
-
* SessionKit - Simple session access and route protection for Astro
|
|
11
|
-
*
|
|
12
|
-
* @example
|
|
13
|
-
* ```ts
|
|
14
|
-
* // astro.config.mjs
|
|
15
|
-
* import sessionkit from 'astro-sessionkit';
|
|
16
|
-
*
|
|
17
|
-
* export default defineConfig({
|
|
18
|
-
* integrations: [
|
|
19
|
-
* sessionkit({
|
|
20
|
-
* loginPath: '/login',
|
|
21
|
-
* protect: [
|
|
22
|
-
* { pattern: '/admin/**', role: 'admin' },
|
|
23
|
-
* { pattern: '/dashboard', roles: ['user', 'admin'] },
|
|
24
|
-
* { pattern: '/settings', permissions: ['settings:write'] }
|
|
25
|
-
* ]
|
|
26
|
-
* })
|
|
27
|
-
* ]
|
|
28
|
-
* });
|
|
29
|
-
* ```
|
|
30
|
-
*/
|
|
31
|
-
export default function sessionkit(config: SessionKitConfig = {}): AstroIntegration {
|
|
32
|
-
// Store configuration
|
|
33
|
-
setConfig(config);
|
|
34
|
-
const resolvedConfig = getConfig();
|
|
35
|
-
|
|
36
|
-
return {
|
|
37
|
-
name: "astro-sessionkit",
|
|
38
|
-
hooks: {
|
|
39
|
-
"astro:config:setup": ({ addMiddleware }) => {
|
|
40
|
-
// 1. Always add session context middleware first
|
|
41
|
-
addMiddleware({
|
|
42
|
-
entrypoint: "astro-sessionkit/middleware",
|
|
43
|
-
order: "pre",
|
|
44
|
-
});
|
|
45
|
-
|
|
46
|
-
// 2. Add route guard if there are protection rules or global protection is enabled
|
|
47
|
-
if ((resolvedConfig.protect && resolvedConfig.protect.length > 0) || resolvedConfig.globalProtect) {
|
|
48
|
-
addMiddleware({
|
|
49
|
-
entrypoint: "astro-sessionkit/guard",
|
|
50
|
-
order: "pre",
|
|
51
|
-
});
|
|
52
|
-
}
|
|
53
|
-
},
|
|
54
|
-
},
|
|
55
|
-
};
|
|
56
|
-
}
|
|
7
|
+
export default sessionkit;
|
|
57
8
|
|
|
58
9
|
// ============================================================================
|
|
59
10
|
// Re-export types for convenience
|
|
@@ -76,4 +27,4 @@ export type {
|
|
|
76
27
|
// Version export
|
|
77
28
|
// ============================================================================
|
|
78
29
|
|
|
79
|
-
export const version = "0.1.
|
|
30
|
+
export const version = "0.1.20";
|
package/src/integration.ts
CHANGED
|
@@ -44,16 +44,31 @@ export default function sessionKit(config: SessionKitConfig = {}): AstroIntegrat
|
|
|
44
44
|
});
|
|
45
45
|
|
|
46
46
|
// 2. Add route guard if there are protection rules or global protection is enabled
|
|
47
|
-
|
|
47
|
+
const hasRules = (resolvedConfig.protect && resolvedConfig.protect.length > 0);
|
|
48
|
+
const isGlobal = !!resolvedConfig.globalProtect;
|
|
49
|
+
|
|
50
|
+
if (hasRules || isGlobal) {
|
|
48
51
|
addMiddleware({
|
|
49
52
|
entrypoint: "astro-sessionkit/guard",
|
|
50
53
|
order: "pre",
|
|
51
54
|
});
|
|
55
|
+
} else if (resolvedConfig.debug) {
|
|
56
|
+
console.log("[SessionKit] Route guard NOT registered: no rules and globalProtect is false.");
|
|
52
57
|
}
|
|
53
58
|
},
|
|
54
59
|
},
|
|
55
60
|
};
|
|
56
61
|
}
|
|
57
62
|
|
|
58
|
-
|
|
59
|
-
|
|
63
|
+
export type {
|
|
64
|
+
Session,
|
|
65
|
+
ProtectionRule,
|
|
66
|
+
RoleProtectionRule,
|
|
67
|
+
RolesProtectionRule,
|
|
68
|
+
PermissionProtectionRule,
|
|
69
|
+
PermissionsProtectionRule,
|
|
70
|
+
CustomProtectionRule,
|
|
71
|
+
SessionKitConfig,
|
|
72
|
+
AccessHooks,
|
|
73
|
+
SessionContext
|
|
74
|
+
} from "./core/types";
|