claude-flow-novice 1.6.1 → 1.6.2

package/.claude-flow-novice/dist/src/web/api/config/api-config.js

@@ -0,0 +1,186 @@
+/**
+ * API Server Configuration
+ *
+ * Configuration settings for the transparency API server
+ * including security, CORS, rate limiting, and other options.
+ *
+ * @module web/api/config/api-config
+ */ /**
+ * Create default API configuration
+ */ export function createApiConfig() {
+    const env = process.env.NODE_ENV || 'development';
+    return {
+        port: parseInt(process.env.API_PORT || '3001', 10),
+        host: process.env.API_HOST || 'localhost',
+        environment: env,
+        // CORS configuration
+        corsOrigins: env === 'production' ? process.env.CORS_ORIGINS?.split(',') || [
+            'https://localhost:3000'
+        ] : [
+            'http://localhost:3000',
+            'http://localhost:3001',
+            'http://127.0.0.1:3000'
+        ],
+        // Rate limiting
+        rateLimitWindowMs: parseInt(process.env.RATE_LIMIT_WINDOW_MS || '900000', 10),
+        rateLimitMax: parseInt(process.env.RATE_LIMIT_MAX || '100', 10),
+        // Security
+        sessionSecret: process.env.SESSION_SECRET || 'change-me-in-production',
+        jwtSecret: process.env.JWT_SECRET || 'change-me-in-production',
+        jwtExpiration: process.env.JWT_EXPIRATION || '24h',
+        apiKey: process.env.API_KEY || 'change-me-in-production',
+        // Logging
+        logLevel: process.env.LOG_LEVEL || 'info',
+        // Performance
+        cacheTtl: parseInt(process.env.CACHE_TTL || '5000', 10),
+        enableCompression: process.env.ENABLE_COMPRESSION !== 'false',
+        // HTTPS
+        enableHttps: process.env.ENABLE_HTTPS === 'true',
+        sslCertPath: process.env.SSL_CERT_PATH,
+        sslKeyPath: process.env.SSL_KEY_PATH,
+        // Metrics
+        enableMetrics: process.env.ENABLE_METRICS !== 'false',
+        metricsIntervalMs: parseInt(process.env.METRICS_INTERVAL_MS || '60000', 10),
+        // Request handling
+        maxRequestBodySize: process.env.MAX_REQUEST_BODY_SIZE || '10mb',
+        requestTimeoutMs: parseInt(process.env.REQUEST_TIMEOUT_MS || '30000', 10),
+        // WebSocket
+        websocketPingTimeoutMs: parseInt(process.env.WS_PING_TIMEOUT_MS || '60000', 10),
+        websocketPingIntervalMs: parseInt(process.env.WS_PING_INTERVAL_MS || '25000', 10),
+        maxWebSocketConnections: parseInt(process.env.MAX_WS_CONNECTIONS || '100', 10),
+        // Features
+        enableRequestLogging: process.env.ENABLE_REQUEST_LOGGING !== 'false',
+        enableDetailedErrors: env === 'development',
+        // API info
+        apiVersion: process.env.API_VERSION || '1.0.0',
+        serverName: process.env.SERVER_NAME || 'Transparency API Server'
+    };
+}
+/**
+ * Validate API configuration
+ */ export function validateApiConfig(config) {
+    const errors = [];
+    if (config.port < 1 || config.port > 65535) {
+        errors.push('Port must be between 1 and 65535');
+    }
+    if (config.rateLimitWindowMs < 1000) {
+        errors.push('Rate limit window must be at least 1000ms');
+    }
+    if (config.rateLimitMax < 1) {
+        errors.push('Rate limit max must be at least 1');
+    }
+    if (config.cacheTtl < 0) {
+        errors.push('Cache TTL cannot be negative');
+    }
+    if (config.requestTimeoutMs < 1000) {
+        errors.push('Request timeout must be at least 1000ms');
+    }
+    if (config.websocketPingTimeoutMs < 5000) {
+        errors.push('WebSocket ping timeout must be at least 5000ms');
+    }
+    if (config.websocketPingIntervalMs < 1000) {
+        errors.push('WebSocket ping interval must be at least 1000ms');
+    }
+    if (config.maxWebSocketConnections < 1) {
+        errors.push('Max WebSocket connections must be at least 1');
+    }
+    if (config.enableHttps && (!config.sslCertPath || !config.sslKeyPath)) {
+        errors.push('SSL certificate and key paths are required when HTTPS is enabled');
+    }
+    // In production, check for proper security settings
+    if (config.environment === 'production') {
+        const insecureDefaults = [
+            config.sessionSecret === 'change-me-in-production',
+            config.jwtSecret === 'change-me-in-production',
+            config.apiKey === 'change-me-in-production'
+        ];
+        if (insecureDefaults.some(Boolean)) {
+            errors.push('Production environment requires secure secrets and API keys');
+        }
+        if (config.corsOrigins.includes('*') || config.corsOrigins.includes('http://localhost:*')) {
+            errors.push('Production environment should not use wildcard or localhost CORS origins');
+        }
+        if (config.enableDetailedErrors) {
+            errors.push('Detailed errors should be disabled in production');
+        }
+    }
+    return errors;
+}
+/**
+ * Create CORS options from configuration
+ */ export function createCorsOptions(config) {
+    return {
+        origin: (origin, callback)=>{
+            // Allow requests with no origin (like mobile apps or curl requests)
+            if (!origin) return callback(null, true);
+            if (config.corsOrigins.includes('*') || config.corsOrigins.includes(origin) || config.corsOrigins.some((allowed)=>{
+                // Support wildcard patterns like http://localhost:*
+                if (allowed.includes('*')) {
+                    const pattern = allowed.replace('*', '.*');
+                    const regex = new RegExp(`^${pattern}$`);
+                    return regex.test(origin);
+                }
+                return false;
+            })) {
+                callback(null, true);
+            } else {
+                callback(new Error('Not allowed by CORS'), false);
+            }
+        },
+        methods: [
+            'GET',
+            'POST',
+            'PUT',
+            'DELETE',
+            'PATCH',
+            'OPTIONS'
+        ],
+        allowedHeaders: [
+            'Content-Type',
+            'Authorization',
+            'X-Requested-With',
+            'X-API-Key'
+        ],
+        credentials: true,
+        preflightContinue: false,
+        optionsSuccessStatus: 204
+    };
+}
+/**
+ * Get environment-specific configuration overrides
+ */ export function getEnvironmentOverrides(env) {
+    switch(env){
+        case 'production':
+            return {
+                logLevel: 'warn',
+                enableDetailedErrors: false,
+                enableRequestLogging: false,
+                cacheTtl: 30000,
+                rateLimitMax: 1000,
+                requestTimeoutMs: 60000
+            };
+        case 'test':
+            return {
+                port: 0,
+                host: '127.0.0.1',
+                logLevel: 'error',
+                enableRequestLogging: false,
+                enableMetrics: false,
+                cacheTtl: 100,
+                rateLimitMax: 1000,
+                maxWebSocketConnections: 10
+            };
+        case 'development':
+        default:
+            return {
+                logLevel: 'debug',
+                enableDetailedErrors: true,
+                enableRequestLogging: true,
+                enableMetrics: true,
+                cacheTtl: 5000,
+                rateLimitMax: 1000
+            };
+    }
+}
+
+//# sourceMappingURL=api-config.js.map

package/.claude-flow-novice/dist/src/web/api/config/api-config.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../../../src/web/api/config/api-config.ts"],"names":["createApiConfig","env","process","NODE_ENV","port","parseInt","API_PORT","host","API_HOST","environment","corsOrigins","CORS_ORIGINS","split","rateLimitWindowMs","RATE_LIMIT_WINDOW_MS","rateLimitMax","RATE_LIMIT_MAX","sessionSecret","SESSION_SECRET","jwtSecret","JWT_SECRET","jwtExpiration","JWT_EXPIRATION","apiKey","API_KEY","logLevel","LOG_LEVEL","cacheTtl","CACHE_TTL","enableCompression","ENABLE_COMPRESSION","enableHttps","ENABLE_HTTPS","sslCertPath","SSL_CERT_PATH","sslKeyPath","SSL_KEY_PATH","enableMetrics","ENABLE_METRICS","metricsIntervalMs","METRICS_INTERVAL_MS","maxRequestBodySize","MAX_REQUEST_BODY_SIZE","requestTimeoutMs","REQUEST_TIMEOUT_MS","websocketPingTimeoutMs","WS_PING_TIMEOUT_MS","websocketPingIntervalMs","WS_PING_INTERVAL_MS","maxWebSocketConnections","MAX_WS_CONNECTIONS","enableRequestLogging","ENABLE_REQUEST_LOGGING","enableDetailedErrors","apiVersion","API_VERSION","serverName","SERVER_NAME","validateApiConfig","config","errors","push","insecureDefaults","some","Boolean","includes","createCorsOptions","origin","callback","allowed","pattern","replace","regex","RegExp","test","Error","methods","allowedHeaders","credentials","preflightContinue","optionsSuccessStatus","getEnvironmentOverrides"],"mappings":"AAAA;;;;;;;CAOC,GA0FD;;CAEC,GACD,OAAO,SAASA;IACd,MAAMC,MAAMC,QAAQD,GAAG,CAACE,QAAQ,IAAI;IAEpC,OAAO;QACLC,MAAMC,SAASH,QAAQD,GAAG,CAACK,QAAQ,IAAI,QAAQ;QAC/CC,MAAML,QAAQD,GAAG,CAACO,QAAQ,IAAI;QAC9BC,aAAaR;QAEb,qBAAqB;QACrBS,aAAaT,QAAQ,eAChBC,QAAQD,GAAG,CAACU,YAAY,EAAEC,MAAM,QAAQ;YAAC;SAAyB,GACnE;YAAC;YAAyB;YAAyB;SAAwB;QAE/E,gBAAgB;QAChBC,mBAAmBR,SAASH,QAAQD,GAAG,CAACa,oBAAoB,IAAI,UAAU;QAC1EC,cAAcV,SAASH,QAAQD,GAAG,CAACe,cAAc,IAAI,OAAO;QAE5D,WAAW;QACXC,eAAef,QAAQD,GAAG,CAACiB,cAAc,IAAI;QAC7CC,WAAWjB,QAAQD,GAAG,CAACmB,UAAU,IAAI;QACrCC,eAAenB,QAAQD,GAAG,CAACqB,cAAc,IAAI;QAC7CC,QAAQrB,QAAQD,GAAG,CAACuB,OAAO,IAAI;QAE/B,UAAU;QACVC,UAAU,AAACvB,QAAQD,GAAG,CAACyB,SAAS,IAA4C;QAE5E,cAAc;QACdC,UAAUtB,SAASH,QAAQD,GAAG,CAAC2B,SAAS,IAAI,QAAQ;QACpDC,mBAAmB3B,QAAQD,GAAG,CAAC6B,kBAAkB,KAAK;QAEtD,QAAQ;QACRC,aAAa7B,QAAQD,GAAG,CAAC+B,YAAY,KAAK;QAC1CC,aAAa/B,QAAQD,GAAG,CAACiC,aAAa;QACtCC,YAAYjC,QAAQD,GAAG,CAACmC,YAAY;QAEpC,UAAU;QACVC,eAAenC,QAAQD,GAAG,CAACqC,cAAc,KAAK;QAC9CC,mBAAmBlC,SAASH,QAAQD,GAAG,CAACuC,mBAAmB,IAAI,SAAS;QAExE,mBAAmB;QACnBC,oBAAoBvC,QAAQD,GAAG,CAACyC,qBAAqB,IAAI;QACzDC,kBAAkBtC,SAASH,QAAQD,GAAG,CAAC2C,kBAAkB,IAAI,SAAS;QAEtE,YAAY;QACZC,wBAAwBxC,SAASH,QAAQD,GAAG,CAAC6C,kBAAkB,IAAI,SAAS;QAC5EC,yBAAyB1C,SAASH,QAAQD,GAAG,CAAC+C,mBAAmB,IAAI,SAAS;QAC9EC,yBAAyB5C,SAASH,QAAQD,GAAG,CAACiD,kBAAkB,IAAI,OAAO;QAE3E,WAAW;QACXC,sBAAsBjD,QAAQD,GAAG,CAACmD,sBAAsB,KAAK;QAC7DC,sBAAsBpD,QAAQ;QAE9B,WAAW;QACXqD,YAAYpD,QAAQD,GAAG,CAACsD,WAAW,IAAI;QACvCC,YAAYtD,QAAQD,GAAG,CAACwD,WAAW,IAAI;IACzC;AACF;AAEA;;CAEC,GACD,OAAO,SAASC,kBAAkBC,MAAiB;IACjD,MAAMC,SAAmB,EAAE;IAE3B,IAAID,OAAOvD,IAAI,GAAG,KAAKuD,OAAOvD,IAAI,GAAG,OAAO;QAC1CwD,OAAOC,IAAI,CAAC;IACd;IAEA,IAAIF,OAAO9C,iBAAiB,GAAG,MAAM;QACnC+C,OAAOC,IAAI,CAAC;IACd;IAEA,IAAIF,OAAO5C,YAAY,GAAG,GAAG;QAC3B6C,OAAOC,IAAI,CAAC;IACd;IAEA,IAAIF,OAAOhC,QAAQ,GAAG,GAAG;QACvBiC,OAAOC,IAAI,CAAC;IACd;IAEA,IAAIF,OAAOhB,gBAAgB,GAAG,MAAM;QAClCiB,OAAOC,IAAI,CAAC;IACd;IAEA,IAAIF,OAAOd,sBAAsB,GAAG,MAAM;QACxCe,OAAOC,IAAI,CAAC;IACd;IAEA,IAAIF,OAAOZ,uBAAuB,GAAG,MAAM;QACzCa,OAAOC,IAAI,CAAC;IACd;IAEA,IAAIF,OAAOV,uBAAuB,GAAG,GAAG;QACtCW,OAAOC,IAAI,CAAC;IACd;IAEA,IAAIF,OAAO5B,WAAW,IAAK,CAAA,CAAC4B,OAAO1B,WAAW,IAAI,CAAC0B,OAAOxB,UAAU,AAAD,GAAI;QACrEyB,OAAOC,IAAI,CAAC;IACd;IAEA,oDAAoD;IACpD,IAAIF,OAAOlD,WAAW,KAAK,cAAc;QACvC,MAAMqD,mBAAmB;YACvBH,OAAO1C,aAAa,KAAK;YACzB0C,OAAOxC,SAAS,KAAK;YACrBwC,OAAOpC,MAAM,KAAK;SACnB;QAED,IAAIuC,iBAAiBC,IAAI,CAACC,UAAU;YAClCJ,OAAOC,IAAI,CAAC;QACd;QAEA,IAAIF,OAAOjD,WAAW,CAACuD,QAAQ,CAAC,QAAQN,OAAOjD,WAAW,CAACuD,QAAQ,CAAC,uBAAuB;YACzFL,OAAOC,IAAI,CAAC;QACd;QAEA,IAAIF,OAAON,oBAAoB,EAAE;YAC/BO,OAAOC,IAAI,CAAC;QACd;IACF;IAEA,OAAOD;AACT;AAEA;;CAEC,GACD,OAAO,SAASM,kBAAkBP,MAAiB;IACjD,OAAO;QACLQ,QAAQ,CAACA,QAAQC;YACf,oEAAoE;YACpE,IAAI,CAACD,QAAQ,OAAOC,SAAS,MAAM;YAEnC,IAAIT,OAAOjD,WAAW,CAACuD,QAAQ,CAAC,QAC5BN,OAAOjD,WAAW,CAACuD,QAAQ,CAACE,WAC5BR,OAAOjD,WAAW,CAACqD,IAAI,CAACM,CAAAA;gBACtB,oDAAoD;gBACpD,IAAIA,QAAQJ,QAAQ,CAAC,MAAM;oBACzB,MAAMK,UAAUD,QAAQE,OAAO,CAAC,KAAK;oBACrC,MAAMC,QAAQ,IAAIC,OAAO,CAAC,CAAC,EAAEH,QAAQ,CAAC,CAAC;oBACvC,OAAOE,MAAME,IAAI,CAACP;gBACpB;gBACA,OAAO;YACT,IAAI;gBACNC,SAAS,MAAM;YACjB,OAAO;gBACLA,SAAS,IAAIO,MAAM,wBAAwB;YAC7C;QACF;QACAC,SAAS;YAAC;YAAO;YAAQ;YAAO;YAAU;YAAS;SAAU;QAC7DC,gBAAgB;YAAC;YAAgB;YAAiB;YAAoB;SAAY;QAClFC,aAAa;QACbC,mBAAmB;QACnBC,sBAAsB;IACxB;AACF;AAEA;;CAEC,GACD,OAAO,SAASC,wBAAwBhF,GAAW;IACjD,OAAQA;QACN,KAAK;YACH,OAAO;gBACLwB,UAAU;gBACV4B,sBAAsB;gBACtBF,sBAAsB;gBACtBxB,UAAU;gBACVZ,cAAc;gBACd4B,kBAAkB;YACpB;QAEF,KAAK;YACH,OAAO;gBACLvC,MAAM;gBACNG,MAAM;gBACNkB,UAAU;gBACV0B,sBAAsB;gBACtBd,eAAe;gBACfV,UAAU;gBACVZ,cAAc;gBACdkC,yBAAyB;YAC3B;QAEF,KAAK;QACL;YACE,OAAO;gBACLxB,UAAU;gBACV4B,sBAAsB;gBACtBF,sBAAsB;gBACtBd,eAAe;gBACfV,UAAU;gBACVZ,cAAc;YAChB;IACJ;AACF"}

package/.claude-flow-novice/dist/src/web/api/middleware/auth.js

@@ -0,0 +1,205 @@
+/**
+ * Authentication Middleware
+ *
+ * JWT and API key authentication for the transparency API server
+ *
+ * @module web/api/middleware/auth
+ */ import jwt from 'jsonwebtoken';
+/**
+ * JWT Authentication Middleware
+ */ export function authMiddleware(config) {
+    return (req, res, next)=>{
+        // Skip authentication for health check and API documentation
+        if (req.path === '/health' || req.path === '/api') {
+            return next();
+        }
+        // Try JWT authentication first
+        const authHeader = req.headers.authorization;
+        if (authHeader && authHeader.startsWith('Bearer ')) {
+            const token = authHeader.substring(7);
+            try {
+                const decoded = jwt.verify(token, config.jwtSecret);
+                req.user = {
+                    id: decoded.sub || decoded.id,
+                    username: decoded.username,
+                    role: decoded.role || 'user',
+                    permissions: decoded.permissions || []
+                };
+                return next();
+            } catch (error) {
+            // Invalid JWT, try API key authentication
+            }
+        }
+        // Try API key authentication
+        const apiKey = req.headers['x-api-key'];
+        if (apiKey && apiKey === config.apiKey) {
+            req.apiKey = apiKey;
+            return next();
+        }
+        // Check for basic auth (for development/testing)
+        const basicAuth = req.headers.authorization;
+        if (basicAuth && basicAuth.startsWith('Basic ')) {
+            try {
+                const credentials = Buffer.from(basicAuth.substring(6), 'base64').toString();
+                const [username, password] = credentials.split(':');
+                // Simple development authentication (replace with proper auth in production)
+                if (config.environment === 'development' && username === 'admin' && password === 'admin') {
+                    req.user = {
+                        id: 'dev-admin',
+                        username: 'admin',
+                        role: 'admin',
+                        permissions: [
+                            'read',
+                            'write',
+                            'admin'
+                        ]
+                    };
+                    return next();
+                }
+            } catch (error) {
+            // Invalid basic auth
+            }
+        }
+        // No valid authentication found
+        if (config.environment === 'development') {
+            // Allow unauthenticated access in development with warning
+            console.warn('Unauthenticated request in development mode:', req.method, req.path);
+            req.user = {
+                id: 'dev-anonymous',
+                username: 'anonymous',
+                role: 'user',
+                permissions: [
+                    'read'
+                ]
+            };
+            return next();
+        }
+        return res.status(401).json({
+            error: 'Unauthorized',
+            message: 'Authentication required',
+            timestamp: new Date().toISOString()
+        });
+    };
+}
+/**
+ * Role-based authorization middleware
+ */ export function requireRole(requiredRole) {
+    return (req, res, next)=>{
+        if (!req.user) {
+            return res.status(401).json({
+                error: 'Unauthorized',
+                message: 'Authentication required',
+                timestamp: new Date().toISOString()
+            });
+        }
+        if (req.user.role !== requiredRole && req.user.role !== 'admin') {
+            return res.status(403).json({
+                error: 'Forbidden',
+                message: `Requires ${requiredRole} role`,
+                timestamp: new Date().toISOString()
+            });
+        }
+        next();
+    };
+}
+/**
+ * Permission-based authorization middleware
+ */ export function requirePermission(permission) {
+    return (req, res, next)=>{
+        if (!req.user) {
+            return res.status(401).json({
+                error: 'Unauthorized',
+                message: 'Authentication required',
+                timestamp: new Date().toISOString()
+            });
+        }
+        const hasPermission = req.user.permissions?.includes(permission) || req.user.role === 'admin' || req.user.permissions?.includes('*');
+        if (!hasPermission) {
+            return res.status(403).json({
+                error: 'Forbidden',
+                message: `Requires ${permission} permission`,
+                timestamp: new Date().toISOString()
+            });
+        }
+        next();
+    };
+}
+/**
+ * Optional authentication middleware (doesn't fail if no auth)
+ */ export function optionalAuth(config) {
+    return (req, res, next)=>{
+        // Try JWT authentication
+        const authHeader = req.headers.authorization;
+        if (authHeader && authHeader.startsWith('Bearer ')) {
+            const token = authHeader.substring(7);
+            try {
+                const decoded = jwt.verify(token, config.jwtSecret);
+                req.user = {
+                    id: decoded.sub || decoded.id,
+                    username: decoded.username,
+                    role: decoded.role || 'user',
+                    permissions: decoded.permissions || []
+                };
+            } catch (error) {
+            // Invalid JWT, ignore
+            }
+        }
+        // Try API key authentication
+        const apiKey = req.headers['x-api-key'];
+        if (apiKey && apiKey === config.apiKey) {
+            req.apiKey = apiKey;
+        }
+        next();
+    };
+}
+/**
+ * WebSocket authentication helper
+ */ export function authenticateWebSocket(socket, config) {
+    const token = socket.handshake.auth.token || socket.handshake.headers.authorization?.replace('Bearer ', '');
+    if (!token) {
+        return false;
+    }
+    try {
+        // JWT authentication
+        const decoded = jwt.verify(token, config.jwtSecret);
+        socket.data.user = {
+            id: decoded.sub || decoded.id,
+            username: decoded.username,
+            role: decoded.role || 'user',
+            permissions: decoded.permissions || []
+        };
+        return true;
+    } catch (error) {
+        // API key authentication
+        if (token === config.apiKey) {
+            socket.data.apiKey = token;
+            socket.data.user = {
+                id: 'api-key-user',
+                username: 'api-key',
+                role: 'service',
+                permissions: [
+                    'read',
+                    'write'
+                ]
+            };
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Generate JWT token for user
+ */ export function generateToken(user, config) {
+    return jwt.sign({
+        sub: user.id,
+        username: user.username,
+        role: user.role,
+        permissions: user.permissions
+    }, config.jwtSecret, {
+        expiresIn: config.jwtExpiration,
+        issuer: 'transparency-api',
+        audience: 'transparency-dashboard'
+    });
+}
+
+//# sourceMappingURL=auth.js.map

package/.claude-flow-novice/dist/src/web/api/middleware/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../../../src/web/api/middleware/auth.ts"],"names":["jwt","authMiddleware","config","req","res","next","path","authHeader","headers","authorization","startsWith","token","substring","decoded","verify","jwtSecret","user","id","sub","username","role","permissions","error","apiKey","basicAuth","credentials","Buffer","from","toString","password","split","environment","console","warn","method","status","json","message","timestamp","Date","toISOString","requireRole","requiredRole","requirePermission","permission","hasPermission","includes","optionalAuth","authenticateWebSocket","socket","handshake","auth","replace","data","generateToken","sign","expiresIn","jwtExpiration","issuer","audience"],"mappings":"AAAA;;;;;;CAMC,GAGD,OAAOA,SAAS,eAAe;AAgB/B;;CAEC,GACD,OAAO,SAASC,eAAeC,MAAiB;IAC9C,OAAO,CAACC,KAA2BC,KAAeC;QAChD,6DAA6D;QAC7D,IAAIF,IAAIG,IAAI,KAAK,aAAaH,IAAIG,IAAI,KAAK,QAAQ;YACjD,OAAOD;QACT;QAEA,+BAA+B;QAC/B,MAAME,aAAaJ,IAAIK,OAAO,CAACC,aAAa;QAC5C,IAAIF,cAAcA,WAAWG,UAAU,CAAC,YAAY;YAClD,MAAMC,QAAQJ,WAAWK,SAAS,CAAC;YAEnC,IAAI;gBACF,MAAMC,UAAUb,IAAIc,MAAM,CAACH,OAAOT,OAAOa,SAAS;gBAClDZ,IAAIa,IAAI,GAAG;oBACTC,IAAIJ,QAAQK,GAAG,IAAIL,QAAQI,EAAE;oBAC7BE,UAAUN,QAAQM,QAAQ;oBAC1BC,MAAMP,QAAQO,IAAI,IAAI;oBACtBC,aAAaR,QAAQQ,WAAW,IAAI,EAAE;gBACxC;gBACA,OAAOhB;YACT,EAAE,OAAOiB,OAAO;YACd,0CAA0C;YAC5C;QACF;QAEA,6BAA6B;QAC7B,MAAMC,SAASpB,IAAIK,OAAO,CAAC,YAAY;QACvC,IAAIe,UAAUA,WAAWrB,OAAOqB,MAAM,EAAE;YACtCpB,IAAIoB,MAAM,GAAGA;YACb,OAAOlB;QACT;QAEA,iDAAiD;QACjD,MAAMmB,YAAYrB,IAAIK,OAAO,CAACC,aAAa;QAC3C,IAAIe,aAAaA,UAAUd,UAAU,CAAC,WAAW;YAC/C,IAAI;gBACF,MAAMe,cAAcC,OAAOC,IAAI,CAACH,UAAUZ,SAAS,CAAC,IAAI,UAAUgB,QAAQ;gBAC1E,MAAM,CAACT,UAAUU,SAAS,GAAGJ,YAAYK,KAAK,CAAC;gBAE/C,6EAA6E;gBAC7E,IAAI5B,OAAO6B,WAAW,KAAK,iBAAiBZ,aAAa,WAAWU,aAAa,SAAS;oBACxF1B,IAAIa,IAAI,GAAG;wBACTC,IAAI;wBACJE,UAAU;wBACVC,MAAM;wBACNC,aAAa;4BAAC;4BAAQ;4BAAS;yBAAQ;oBACzC;oBACA,OAAOhB;gBACT;YACF,EAAE,OAAOiB,OAAO;YACd,qBAAqB;YACvB;QACF;QAEA,gCAAgC;QAChC,IAAIpB,OAAO6B,WAAW,KAAK,eAAe;YACxC,2DAA2D;YAC3DC,QAAQC,IAAI,CAAC,gDAAgD9B,IAAI+B,MAAM,EAAE/B,IAAIG,IAAI;YACjFH,IAAIa,IAAI,GAAG;gBACTC,IAAI;gBACJE,UAAU;gBACVC,MAAM;gBACNC,aAAa;oBAAC;iBAAO;YACvB;YACA,OAAOhB;QACT;QAEA,OAAOD,IAAI+B,MAAM,CAAC,KAAKC,IAAI,CAAC;YAC1Bd,OAAO;YACPe,SAAS;YACTC,WAAW,IAAIC,OAAOC,WAAW;QACnC;IACF;AACF;AAEA;;CAEC,GACD,OAAO,SAASC,YAAYC,YAAoB;IAC9C,OAAO,CAACvC,KAA2BC,KAAeC;QAChD,IAAI,CAACF,IAAIa,IAAI,EAAE;YACb,OAAOZ,IAAI+B,MAAM,CAAC,KAAKC,IAAI,CAAC;gBAC1Bd,OAAO;gBACPe,SAAS;gBACTC,WAAW,IAAIC,OAAOC,WAAW;YACnC;QACF;QAEA,IAAIrC,IAAIa,IAAI,CAACI,IAAI,KAAKsB,gBAAgBvC,IAAIa,IAAI,CAACI,IAAI,KAAK,SAAS;YAC/D,OAAOhB,IAAI+B,MAAM,CAAC,KAAKC,IAAI,CAAC;gBAC1Bd,OAAO;gBACPe,SAAS,CAAC,SAAS,EAAEK,aAAa,KAAK,CAAC;gBACxCJ,WAAW,IAAIC,OAAOC,WAAW;YACnC;QACF;QAEAnC;IACF;AACF;AAEA;;CAEC,GACD,OAAO,SAASsC,kBAAkBC,UAAkB;IAClD,OAAO,CAACzC,KAA2BC,KAAeC;QAChD,IAAI,CAACF,IAAIa,IAAI,EAAE;YACb,OAAOZ,IAAI+B,MAAM,CAAC,KAAKC,IAAI,CAAC;gBAC1Bd,OAAO;gBACPe,SAAS;gBACTC,WAAW,IAAIC,OAAOC,WAAW;YACnC;QACF;QAEA,MAAMK,gBAAgB1C,IAAIa,IAAI,CAACK,WAAW,EAAEyB,SAASF,eAChCzC,IAAIa,IAAI,CAACI,IAAI,KAAK,WAClBjB,IAAIa,IAAI,CAACK,WAAW,EAAEyB,SAAS;QAEpD,IAAI,CAACD,eAAe;YAClB,OAAOzC,IAAI+B,MAAM,CAAC,KAAKC,IAAI,CAAC;gBAC1Bd,OAAO;gBACPe,SAAS,CAAC,SAAS,EAAEO,WAAW,WAAW,CAAC;gBAC5CN,WAAW,IAAIC,OAAOC,WAAW;YACnC;QACF;QAEAnC;IACF;AACF;AAEA;;CAEC,GACD,OAAO,SAAS0C,aAAa7C,MAAiB;IAC5C,OAAO,CAACC,KAA2BC,KAAeC;QAChD,yBAAyB;QACzB,MAAME,aAAaJ,IAAIK,OAAO,CAACC,aAAa;QAC5C,IAAIF,cAAcA,WAAWG,UAAU,CAAC,YAAY;YAClD,MAAMC,QAAQJ,WAAWK,SAAS,CAAC;YAEnC,IAAI;gBACF,MAAMC,UAAUb,IAAIc,MAAM,CAACH,OAAOT,OAAOa,SAAS;gBAClDZ,IAAIa,IAAI,GAAG;oBACTC,IAAIJ,QAAQK,GAAG,IAAIL,QAAQI,EAAE;oBAC7BE,UAAUN,QAAQM,QAAQ;oBAC1BC,MAAMP,QAAQO,IAAI,IAAI;oBACtBC,aAAaR,QAAQQ,WAAW,IAAI,EAAE;gBACxC;YACF,EAAE,OAAOC,OAAO;YACd,sBAAsB;YACxB;QACF;QAEA,6BAA6B;QAC7B,MAAMC,SAASpB,IAAIK,OAAO,CAAC,YAAY;QACvC,IAAIe,UAAUA,WAAWrB,OAAOqB,MAAM,EAAE;YACtCpB,IAAIoB,MAAM,GAAGA;QACf;QAEAlB;IACF;AACF;AAEA;;CAEC,GACD,OAAO,SAAS2C,sBAAsBC,MAAW,EAAE/C,MAAiB;IAClE,MAAMS,QAAQsC,OAAOC,SAAS,CAACC,IAAI,CAACxC,KAAK,IAAIsC,OAAOC,SAAS,CAAC1C,OAAO,CAACC,aAAa,EAAE2C,QAAQ,WAAW;IAExG,IAAI,CAACzC,OAAO;QACV,OAAO;IACT;IAEA,IAAI;QACF,qBAAqB;QACrB,MAAME,UAAUb,IAAIc,MAAM,CAACH,OAAOT,OAAOa,SAAS;QAClDkC,OAAOI,IAAI,CAACrC,IAAI,GAAG;YACjBC,IAAIJ,QAAQK,GAAG,IAAIL,QAAQI,EAAE;YAC7BE,UAAUN,QAAQM,QAAQ;YAC1BC,MAAMP,QAAQO,IAAI,IAAI;YACtBC,aAAaR,QAAQQ,WAAW,IAAI,EAAE;QACxC;QACA,OAAO;IACT,EAAE,OAAOC,OAAO;QACd,yBAAyB;QACzB,IAAIX,UAAUT,OAAOqB,MAAM,EAAE;YAC3B0B,OAAOI,IAAI,CAAC9B,MAAM,GAAGZ;YACrBsC,OAAOI,IAAI,CAACrC,IAAI,GAAG;gBACjBC,IAAI;gBACJE,UAAU;gBACVC,MAAM;gBACNC,aAAa;oBAAC;oBAAQ;iBAAQ;YAChC;YACA,OAAO;QACT;IACF;IAEA,OAAO;AACT;AAEA;;CAEC,GACD,OAAO,SAASiC,cAActC,IAAS,EAAEd,MAAiB;IACxD,OAAOF,IAAIuD,IAAI,CACb;QACErC,KAAKF,KAAKC,EAAE;QACZE,UAAUH,KAAKG,QAAQ;QACvBC,MAAMJ,KAAKI,IAAI;QACfC,aAAaL,KAAKK,WAAW;IAC/B,GACAnB,OAAOa,SAAS,EAChB;QACEyC,WAAWtD,OAAOuD,aAAa;QAC/BC,QAAQ;QACRC,UAAU;IACZ;AAEJ"}

package/.claude-flow-novice/dist/src/web/api/middleware/cache.js

@@ -0,0 +1,262 @@
+/**
+ * Cache Middleware
+ *
+ * Response caching middleware for the transparency API server
+ *
+ * @module web/api/middleware/cache
+ */ /**
+ * Cache middleware factory
+ */ export function cacheMiddleware(cache, defaultTtl = 5000 // 5 seconds
+) {
+    return (req, res, next)=>{
+        // Only cache GET requests
+        if (req.method !== 'GET') {
+            return next();
+        }
+        // Generate cache key
+        const cacheKey = generateCacheKey(req);
+        // Check if we have a valid cached response
+        const cached = cache.get(cacheKey);
+        if (cached && Date.now() - cached.timestamp < cached.ttl) {
+            // Add cache headers
+            res.setHeader('X-Cache', 'HIT');
+            res.setHeader('X-Cache-Age', Math.floor((Date.now() - cached.timestamp) / 1000));
+            if (cached.etag) {
+                res.setHeader('ETag', cached.etag);
+            }
+            return res.json(cached.data);
+        }
+        // Intercept res.json to cache the response
+        const originalJson = res.json;
+        res.json = function(data) {
+            // Only cache successful responses
+            if (res.statusCode >= 200 && res.statusCode < 300) {
+                const ttl = getCacheTtl(req, defaultTtl);
+                const etag = generateETag(data);
+                // Cache the response
+                cache.set(cacheKey, {
+                    data,
+                    timestamp: Date.now(),
+                    ttl,
+                    etag
+                });
+                // Add cache headers
+                res.setHeader('X-Cache', 'MISS');
+                res.setHeader('X-Cache-TTL', Math.floor(ttl / 1000));
+                res.setHeader('Cache-Control', `public, max-age=${Math.floor(ttl / 1000)}`);
+                if (etag) {
+                    res.setHeader('ETag', etag);
+                }
+            }
+            return originalJson.call(this, data);
+        };
+        next();
+    };
+}
+/**
+ * Generate cache key from request
+ */ function generateCacheKey(req) {
+    const url = new URL(req.originalUrl, `http://${req.headers.host}`);
+    // Include query parameters in cache key
+    const queryParams = new URLSearchParams(url.search);
+    queryParams.sort(); // Sort for consistent keys
+    const queryString = queryParams.toString();
+    const path = url.pathname;
+    // Include user ID if authenticated (for user-specific caching)
+    const userId = req.user?.id || 'anonymous';
+    return `${req.method}:${path}:${queryString}:${userId}`;
+}
+/**
+ * Get cache TTL based on request characteristics
+ */ function getCacheTtl(req, defaultTtl) {
+    // Different TTLs for different endpoints
+    const path = req.path;
+    if (path.includes('/metrics')) {
+        return 10000; // 10 seconds for metrics
+    }
+    if (path.includes('/status')) {
+        return 2000; // 2 seconds for status
+    }
+    if (path.includes('/events')) {
+        return 5000; // 5 seconds for events
+    }
+    if (path.includes('/hierarchy')) {
+        return 30000; // 30 seconds for hierarchy (changes less frequently)
+    }
+    if (path.includes('/analytics')) {
+        return 60000; // 1 minute for analytics
+    }
+    return defaultTtl;
+}
+/**
+ * Generate ETag for response data
+ */ function generateETag(data) {
+    const crypto = require('crypto');
+    const hash = crypto.createHash('md5');
+    hash.update(JSON.stringify(data));
+    return `"${hash.digest('hex')}"`;
+}
+/**
+ * Conditional request middleware (ETag support)
+ */ export function conditionalRequest() {
+    return (req, res, next)=>{
+        const ifNoneMatch = req.get('If-None-Match');
+        // This will be checked in the cache middleware
+        if (ifNoneMatch) {
+            req.ifNoneMatch = ifNoneMatch;
+        }
+        next();
+    };
+}
+/**
+ * Cache invalidation middleware
+ */ export function invalidateCache(cache) {
+    return (req, res, next)=>{
+        // Invalidate cache for POST, PUT, DELETE, PATCH requests
+        if ([
+            'POST',
+            'PUT',
+            'DELETE',
+            'PATCH'
+        ].includes(req.method)) {
+            const pattern = getInvalidationPattern(req);
+            // Remove matching cache entries
+            for (const key of cache.keys()){
+                if (key.includes(pattern)) {
+                    cache.delete(key);
+                }
+            }
+        }
+        next();
+    };
+}
+/**
+ * Get cache invalidation pattern for request
+ */ function getInvalidationPattern(req) {
+    const path = req.path;
+    if (path.includes('/agents')) {
+        return '/agents';
+    }
+    if (path.includes('/status')) {
+        return '/status';
+    }
+    if (path.includes('/events')) {
+        return '/events';
+    }
+    if (path.includes('/metrics')) {
+        return '/metrics';
+    }
+    if (path.includes('/hierarchy')) {
+        return '/hierarchy';
+    }
+    return path;
+}
+/**
+ * Cache warming middleware
+ */ export function warmCache(cache, warmupFn) {
+    return async (req, res, next)=>{
+        // Run cache warmup on first request
+        if (cache.size === 0 && req.path === '/health') {
+            try {
+                await warmupFn();
+            } catch (error) {
+                console.error('Cache warmup failed:', error);
+            }
+        }
+        next();
+    };
+}
+/**
+ * Memory-based cache store
+ */ export class MemoryCache {
+    cache = new Map();
+    maxSize;
+    cleanupInterval;
+    constructor(maxSize = 1000, cleanupIntervalMs = 60000){
+        this.maxSize = maxSize;
+        // Clean up expired entries periodically
+        this.cleanupInterval = setInterval(()=>{
+            this.cleanup();
+        }, cleanupIntervalMs);
+    }
+    /**
+   * Get cache entry
+   */ get(key) {
+        const entry = this.cache.get(key);
+        if (entry && Date.now() - entry.timestamp < entry.ttl) {
+            return entry;
+        }
+        if (entry) {
+            this.cache.delete(key);
+        }
+        return undefined;
+    }
+    /**
+   * Set cache entry
+   */ set(key, data, ttl = 5000) {
+        // Remove oldest entries if cache is full
+        if (this.cache.size >= this.maxSize) {
+            const oldestKey = this.cache.keys().next().value;
+            this.cache.delete(oldestKey);
+        }
+        this.cache.set(key, {
+            data,
+            timestamp: Date.now(),
+            ttl
+        });
+    }
+    /**
+   * Delete cache entry
+   */ delete(key) {
+        return this.cache.delete(key);
+    }
+    /**
+   * Clear cache
+   */ clear() {
+        this.cache.clear();
+    }
+    /**
+   * Get cache size
+   */ size() {
+        return this.cache.size;
+    }
+    /**
+   * Get cache statistics
+   */ getStats() {
+        const entries = Array.from(this.cache.entries()).map(([key, entry])=>({
+                key,
+                age: Date.now() - entry.timestamp,
+                ttl: entry.ttl,
+                size: JSON.stringify(entry.data).length
+            }));
+        return {
+            size: this.cache.size,
+            maxSize: this.maxSize,
+            entries
+        };
+    }
+    /**
+   * Clean up expired entries
+   */ cleanup() {
+        const now = Date.now();
+        const keysToDelete = [];
+        for (const [key, entry] of this.cache.entries()){
+            if (now - entry.timestamp >= entry.ttl) {
+                keysToDelete.push(key);
+            }
+        }
+        for (const key of keysToDelete){
+            this.cache.delete(key);
+        }
+    }
+    /**
+   * Destroy cache store
+   */ destroy() {
+        if (this.cleanupInterval) {
+            clearInterval(this.cleanupInterval);
+        }
+        this.clear();
+    }
+}
+
+//# sourceMappingURL=cache.js.map