codeweaver 3.1.3 → 4.0.1

package/src/{utilities → core}/parallel/parallel.ts

@@ -1,5 +1,15 @@
 import { WorkerPool } from "./worker-pool";
 
+/**
+ * Checks if a given function is an async function.
+ *
+ * @param {(...args: any[]) => any} fn - The function to check.
+ * @returns {boolean} True if the function is an async function, false otherwise.
+ */
+export function isAsync(fn: (...args: any[]) => any) {
+  return typeof fn === "function" && fn.constructor.name === "AsyncFunction";
+}
+
 /**
  * Creates a setter function that, when invoked, rebinds the captured
  * destination binding to the provided source value.
@@ -10,7 +20,7 @@ import { WorkerPool } from "./worker-pool";
  * @returns {() => void} A function that, when called, rebinds the captured `destination` to `source`.
  */
 export function set<T>(destination: T, source: T): () => void {
-  return () => {
+  return async () => {
     destination = source;
   };
 }

package/src/core/rate-limit/basic-types.ts

@@ -0,0 +1,43 @@
+/**
+ * Rate limit bucket.
+ */
+export type RateLimitRecord = {
+  bucketId: string;
+  rateLimitAllowedCalls: number;
+  rateLimitTimeSpan: number;
+  tokens: number;
+  resetTime: number;
+  lastUpdated: number;
+};
+
+/**
+ * Abstract store interface for rate limit buckets.
+ * Implementations can be in-memory (single instance) or Redis-backed
+ * (shared across multiple instances).
+ */
+export interface RateLimitStore {
+  /**
+   * Retrieve the bucket. If it doesn't exist, initialize it
+   * with the provided capacity and window.
+   * @param bucketId- identifier for the bucket
+   * @param rateLimitAllowedCalls - bucket capacity (max tokens)
+   * @param rateLimitTimeSpan - refill window in milliseconds
+   * @returns A promise that resolves to the bucket record
+   */
+  getBucket(
+    bucketId: string,
+    rateLimitAllowedCalls: number,
+    rateLimitTimeSpan: number
+  ): Promise<RateLimitRecord>;
+
+  /**
+   * Remove a bucket
+   * @param bucketId - bucket identifier
+   */
+  remove(bucketId: string): Promise<void>;
+
+  /**
+   * Remove all buckets
+   */
+  removeAll(): Promise<void>;
+}

package/src/core/rate-limit/index.ts

@@ -0,0 +1,4 @@
+export * from "./basic-types";
+export * from "./memory-store";
+export * from "./redis-store";
+export * from "./rate-limit";

package/src/core/rate-limit/memory-store.ts

@@ -0,0 +1,65 @@
+import { RateLimitStore, RateLimitRecord } from "./basic-types";
+
+/**
+ * In-memory rate limit store (per-process).
+ * Suitable for single-instance deployments or local testing.
+ */
+export class MemoryRateLimitStore implements RateLimitStore {
+  private store: Map<string, RateLimitRecord> = new Map();
+
+  /**
+   * Retrieve (or initialize) the bucket.
+   * If there is no existing bucket, create one with full capacity.
+   * @param userId - user identifier
+   * @param rateLimitAllowedCalls - bucket capacity
+   * @param rateLimitTimeSpan - refill window
+   * @returns Promise resolving to the bucket
+   */
+  async getBucket(
+    bucketId: string,
+    rateLimitAllowedCalls: number,
+    rateLimitTimeSpan: number
+  ): Promise<RateLimitRecord> {
+    let bucket = this.store.get(bucketId);
+    const now = Date.now();
+    if (bucket == null) {
+      bucket = {
+        bucketId,
+        rateLimitAllowedCalls,
+        tokens: rateLimitAllowedCalls,
+        resetTime: now,
+        lastUpdated: now,
+        rateLimitTimeSpan,
+      };
+      this.store.set(bucketId, bucket);
+      return bucket;
+    }
+
+    const elapsed = now - bucket.resetTime;
+    if (elapsed > bucket.rateLimitTimeSpan) {
+      bucket.resetTime = now;
+      bucket.tokens = bucket.rateLimitAllowedCalls;
+    } else if (bucket.tokens > 0) {
+      bucket.tokens--;
+    }
+    bucket.lastUpdated = now;
+
+    this.store.set(bucketId, bucket);
+    return bucket;
+  }
+
+  /**
+   * Remove a bucket
+   * @param bucketId - bucket identifier
+   */
+  async remove(bucketId: string): Promise<void> {
+    this.store.delete(bucketId);
+  }
+
+  /**
+   * Remove all buckets
+   */
+  async removeAll(): Promise<void> {
+    this.store.clear();
+  }
+}

package/src/core/rate-limit/rate-limit.ts

@@ -0,0 +1,134 @@
+import { Response, NextFunction } from "express";
+import { RateLimitStore } from "./basic-types";
+import { MemoryRateLimitStore } from "./memory-store";
+import { ResponseError } from "@/core/error";
+import { config } from "@/config";
+import { resolve } from "@/core/container";
+import { UserRequest } from "@/core/middlewares";
+import { createMethodDecorator } from "../helpers";
+
+const globalBucketId = "[global]";
+
+/**
+ * Rate limiter factory for per-user (or global) limits.
+ *
+ * @param rateLimitTimeSpan - window duration in milliseconds
+ * @param rateLimitAllowedCalls - bucket capacity (max tokens)
+ * @param bucketName - true for a global bucket, false for per-user buckets
+ * @param store - optional RateLimitStore instance; if omitted, defaults to in-memory
+ * @returns Express middleware function
+ */
+export function rateLimitMiddleware<UserIdType = string>(
+  rateLimitTimeSpan: number = config.rateLimitTimeSpan,
+  rateLimitAllowedCalls: number = config.rateLimitAllowedCalls,
+  exceedHandler?: (next: NextFunction) => Promise<void>,
+  bucketName: string = globalBucketId,
+  store: RateLimitStore = resolve(MemoryRateLimitStore)
+) {
+  return async (
+    req: UserRequest<UserIdType>,
+    _res: Response,
+    next: NextFunction
+  ) => {
+    let bucketId: string;
+    if (bucketName == globalBucketId) {
+      bucketId = `${bucketName}."${req.baseUrl}${req.path}:${req.method}`;
+    } else {
+      const user = req.user?.id ?? "[anonymous]";
+      bucketId = `${bucketName}."${req.baseUrl}${req.path}:${req.method}."${user}`; // per-user (anonymous if no user)
+    }
+
+    const now = Date.now();
+
+    const bucket = await store.getBucket(
+      bucketId,
+      rateLimitAllowedCalls,
+      rateLimitTimeSpan
+    );
+
+    if (bucket.tokens >= 1) {
+      next();
+    }
+
+    if (exceedHandler != null) {
+      return await exceedHandler(next);
+    } else {
+      throw new ResponseError(
+        "Too many requests, please try again later.",
+        429
+      );
+    }
+  };
+}
+
+/**
+ * Rate limit decorator for controller methods.
+ * @param rateLimitTimeSpan - window duration in milliseconds
+ * @param rateLimitAllowedCalls - bucket capacity (max tokens)
+ * @param bucketName
+ * @param store - optional RateLimitStore instance; if omitted, defaults to in-memory
+ *
+ * Example usage:
+ *   class UserController {
+ *     @tokenBucketRateLimit(60000, 20, false) // 20 calls per minute per user
+ *     async create(...) { ... }
+ *   }
+ */
+export function RateLimit(
+  rateLimitTimeSpan: number = config.rateLimitTimeSpan,
+  rateLimitAllowedCalls: number = config.rateLimitAllowedCalls,
+  exceedHandler?: () => Promise<any>,
+  bucketName: string = globalBucketId,
+  store: RateLimitStore = resolve(MemoryRateLimitStore)
+) {
+  return createMethodDecorator<
+    [number, number, (() => Promise<any>) | undefined, string, RateLimitStore],
+    [UserRequest]
+  >(
+    async (
+      [
+        rateLimitTimeSpan,
+        rateLimitAllowedCalls,
+        exceedHandler,
+        bucketName,
+        store,
+      ],
+      [],
+      method,
+      args,
+      classInstance
+    ) => {
+      let bucketId: string;
+      if (bucketName == globalBucketId) {
+        bucketId = `${bucketName}."${classInstance.constructor.name}:${method.name}"`;
+      } else {
+        // Try to locate a real Express Request object in arguments
+        const reqCandidate = args[0] ?? null;
+        const userFromReq: any = reqCandidate?.user;
+        const userId = userFromReq?.id ? String(userFromReq.id) : "[anonymous]";
+
+        // Bucket identity
+        bucketId = `${bucketName}."${classInstance.constructor.name}:${method.name}".${userId}`; // per-user (anonymous if no user)
+      }
+
+      const bucket = await store.getBucket(
+        bucketId,
+        rateLimitAllowedCalls,
+        rateLimitTimeSpan
+      );
+
+      if (bucket.tokens >= 1) {
+        return await method.apply(classInstance, args);
+      }
+
+      if (exceedHandler != null) {
+        return await exceedHandler();
+      } else {
+        throw new ResponseError(
+          "Too many requests, please try again later.",
+          429
+        );
+      }
+    }
+  )(rateLimitTimeSpan, rateLimitAllowedCalls, exceedHandler, bucketName, store);
+}

package/src/core/rate-limit/redis-store.ts

@@ -0,0 +1,141 @@
+import { RateLimitStore, RateLimitRecord } from "./basic-types";
+import { Redis } from "ioredis";
+
+/**
+ * Redis-backed rate limit store.
+ * Uses a Lua script to perform atomic refill + consume operations.
+ */
+export class RedisRateLimitStore implements RateLimitStore {
+  private redis: Redis;
+  private keyPrefix = "rl:bucket:";
+
+  // Lua script for atomic refill + consume
+  // KEYS[1] = bucketKey
+  // ARGV[1] = rateLimitAllowedCalls
+  // ARGV[2] = rateLimitTimeSpan
+  // ARGV[3] = now (ms)
+  private luaScript = `
+    local key = KEYS[1]
+    local rateLimitAllowedCalls = tonumber(ARGV[1])
+    local rateLimitTimeSpan = tonumber(ARGV[2])
+    local now = tonumber(ARGV[3])
+
+    local bucket = redis.call("HMGET", key, "tokens", "resetTime", "lastUpdated", "rateLimitAllowedCalls", "rateLimitTimeSpan")
+    local tokens = tonumber(bucket[1] or rateLimitAllowedCalls)
+    local resetTime = tonumber(bucket[2] or now)
+    local lastUpdated = tonumber(bucket[3] or now)
+    rateLimitAllowedCalls = tonumber(bucket[4] or rateLimitAllowedCalls)
+    rateLimitTimeSpan = tonumber(bucket[5] or rateLimitTimeSpan)
+
+    local elapsed = now - resetTime
+    if elapsed > rateLimitTimeSpan then
+      resetTime = now
+      tokens = rateLimitAllowedCalls
+    end if tokens > 0 then
+      tokens = tokens - 1 // consume
+    end
+    lastUpdated = now
+    
+    redis.call("HMSET", key, "tokens", tokens, "resetTime", resetTime, "lastUpdated", lastUpdated, "rateLimitAllowedCalls", rateLimitAllowedCalls, "rateLimitTimeSpan", rateLimitTimeSpan)
+    return {1, tokens, resetTime, lastUpdated }
+  `;
+
+  constructor(
+    options: {
+      host?: string;
+      port?: number;
+      password?: string;
+      db?: number;
+    } = {}
+  ) {
+    this.redis = new Redis(options);
+  }
+
+  /**
+   * Remove a rate limit bucket.
+   * @param bucketId - rate limit bucket identifier
+   * @returns A promise that resolves when the bucket is removed
+   */
+  remove(bucketId: string): Promise<void> {
+    this.redis.del(this.bucketKey(bucketId));
+    return Promise.resolve();
+  }
+
+  /**
+   * Remove all rate limit buckets.
+   * Flushes the entire Redis database.
+   * Use with caution in a shared Redis instance.
+   * @returns A promise that resolves when all buckets are removed
+   */
+  removeAll(): Promise<void> {
+    this.redis.flushdb();
+    return Promise.resolve();
+  }
+
+  /**
+   * Generate a Redis key for the given rate limit bucket.
+   * @param bucketId - rate limit bucket identifier
+   * @returns Redis key for the bucket
+   */
+  private bucketKey(bucketId: string) {
+    return this.keyPrefix + encodeURIComponent(bucketId);
+  }
+
+  async getBucket(
+    bucketId: string,
+    rateLimitAllowedCalls: number,
+    rateLimitTimeSpan: number
+  ): Promise<RateLimitRecord> {
+    const key = this.bucketKey(bucketId);
+    const now = Date.now();
+
+    const result = await this.redis.eval(
+      this.luaScript,
+      key,
+      rateLimitAllowedCalls,
+      rateLimitTimeSpan,
+      now
+    );
+
+    const [ok, tokens, resetTime, lastUpdated] = result as [
+      number,
+      number,
+      number,
+      number
+    ];
+    if (ok !== 1) {
+      // Fallback: reset bucket
+      const bucket: RateLimitRecord = {
+        bucketId,
+        rateLimitAllowedCalls,
+        tokens: rateLimitAllowedCalls,
+        resetTime: now,
+        lastUpdated: now,
+        rateLimitTimeSpan,
+      };
+      await this.redis.hmset(key, {
+        tokens: String(bucket.tokens),
+        resetTime: String(bucket.resetTime),
+        lastUpdated: String(bucket.lastUpdated),
+        rateLimitAllowedCalls: String(bucket.rateLimitAllowedCalls),
+        rateLimitTimeSpan: String(bucket.rateLimitTimeSpan),
+      });
+      return bucket;
+    }
+    return {
+      bucketId,
+      rateLimitAllowedCalls,
+      rateLimitTimeSpan,
+      tokens,
+      resetTime,
+      lastUpdated,
+    };
+  }
+
+  /**
+   * Optional: cleanly close Redis connection.
+   */
+  quit() {
+    return this.redis.quit();
+  }
+}

package/src/core/retry/basic-types.ts

@@ -0,0 +1,21 @@
+/**
+ * Options for retry decorator
+ */
+export type RetryOptions = {
+  /** number of total attempts (initial try + retries) */
+  retries?: number;
+  /**  delay between attempts in ms. */
+  delay?: number;
+  /** whether to use exponential backoff. */
+  backoff?: boolean;
+  /** maximum delay when using backoff (ms). */
+  maxDelay?: number;
+  /** add randomness to delay. */
+  jitter?: boolean;
+  /** optional callback invoked before each retry attempt (except for the first). */
+  onRetry?: (attempt: number, error: any) => void;
+  /** optional AbortSignal to cancel retries */
+  signal?: AbortSignal;
+  /** optional timeout for the whole operation (in ms). If provided, cancels after timeout */
+  timeoutMs?: number;
+};

package/src/core/retry/decorator.ts

@@ -0,0 +1,139 @@
+import { RetryOptions } from "./basic-types";
+import { createMethodDecorator } from "../helpers";
+
+/**
+ * Sleep for a given number of milliseconds, aborting if the signal is aborted.
+ * @param ms The number of milliseconds to sleep.
+ * @param signal An optional AbortSignal to abort the sleep.
+ * @returns A Promise that resolves when the sleep is complete.
+ * @throws An error if the signal is aborted.
+ */
+export function sleep(ms: number, signal?: AbortSignal): Promise<void> {
+  return new Promise((resolve, reject) => {
+    if (signal?.aborted) return reject(new Error("Aborted"));
+    const t = setTimeout(() => resolve(), ms);
+    signal?.addEventListener("abort", () => {
+      clearTimeout(t);
+      reject(new Error("Aborted"));
+    });
+  });
+}
+
+/**
+ * Introduce randomness into a delay to prevent multiple requests from being
+ * sent at the same time.
+ * @param delay The base delay in milliseconds.
+ * @param jitter If true, introduce a random jitter of up to 50% of the delay.
+ * @returns The jittered delay in milliseconds, or the original delay if jitter is false.
+ */
+export function jitterDelay(delay: number, jitter = true) {
+  if (!jitter) return delay;
+  // +/- 50% jitter
+  const deviation = Math.floor(Math.random() * delay * 0.5);
+  const sign = Math.random() < 0.5 ? -1 : 1;
+  return Math.max(0, delay + sign * deviation);
+}
+
+/**
+ * Retry decorator
+ * Retry a method with exponential backoff and jitter.
+ * @param options RetryOptions
+ * @returns MethodDecorator
+ */
+export const Retry = createMethodDecorator<[RetryOptions], []>(
+  async ([options], [], method, methodArgs) => {
+    const {
+      retries = 2,
+      delay = 1000,
+      backoff = false,
+      maxDelay = 30000,
+      jitter: useJitter = true,
+      onRetry,
+      signal,
+      timeoutMs,
+    } = options;
+    let attempts = 0;
+    let currentDelay = delay;
+    let lastError: any;
+
+    // If the user provided a per-call AbortSignal, respect it; otherwise use a local one
+    const abortController = new AbortController();
+    const combinedSignal = signal as AbortSignal | undefined;
+
+    // If an external signal is provided, wire it to abort this operation when it aborts
+    if (combinedSignal) {
+      if (combinedSignal.aborted) {
+        throw new Error("Operation aborted");
+      }
+
+      const onAbort = () => abortController.abort();
+      combinedSignal.addEventListener("abort", onAbort);
+    }
+
+    // Optional per-call timeout
+    let timeoutHandle: any;
+    let timeoutReached = false;
+    await new Promise<void>((_resolve, reject) => {
+      if (timeoutMs != null) {
+        timeoutHandle = setTimeout(() => {
+          timeoutReached = true;
+          reject(new Error("Operation timed out"));
+        }, timeoutMs);
+      }
+    });
+
+    // Run retries
+    while (true) {
+      // If timeout configured, race the call with timeout
+      const attemptPromise = (async () => {
+        attempts++;
+        try {
+          const result = await method.apply(this, methodArgs);
+          if (timeoutHandle) clearTimeout(timeoutHandle);
+          return result;
+        } catch (err) {
+          lastError = err;
+          // If this was the last allowed attempt, rethrow
+          if (attempts > retries) {
+            if (timeoutHandle) clearTimeout(timeoutHandle);
+            throw err;
+          }
+          // notify onRetry
+          if (onRetry != null) {
+            onRetry(attempts, err);
+          }
+          // compute next delay
+          let nextDelay = currentDelay;
+          if (backoff) {
+            nextDelay = Math.min(currentDelay * 2, maxDelay);
+            currentDelay = nextDelay;
+          } else {
+            nextDelay = currentDelay;
+          }
+          // apply jitter
+          nextDelay = jitterDelay(nextDelay, useJitter);
+          await sleep(nextDelay, combinedSignal);
+          // then retry
+          throw new Error("Retry"); // control flow not ideal; we re-enter loop
+        }
+      })();
+
+      // We need to break out correctly; instead, handle with catch:
+      try {
+        const result = await attemptPromise;
+        if (timeoutHandle) clearTimeout(timeoutHandle);
+        return result;
+      } catch (err) {
+        if (timeoutReached) throw err;
+        // if we caught a non-retryable error or exhausted retries, rethrow
+        // We signal by checking if lastError and attempts > retries
+        if (attempts > retries) {
+          if (timeoutHandle) clearTimeout(timeoutHandle);
+          throw lastError ?? err;
+        }
+        // otherwise loop to retry
+        continue;
+      }
+    }
+  }
+);

package/src/core/retry/index.ts

@@ -0,0 +1,2 @@
+export * from "./basic-types";
+export * from "./decorator";

package/src/main.ts

@@ -1,17 +1,16 @@
 import express, { NextFunction, Request, Response } from "express";
 import fs from "fs";
 import path from "path";
-import { config } from "./config";
-import { ResponseError } from "./utilities/error-handling";
-import { resolve } from "./utilities/container";
-import { WinstonLoggerService } from "./utilities/logger/winston-logger.service";
 import "dotenv/config";
 import {
   defaultRouter,
   routerDir,
   routerExtension,
   swaggerPath,
-} from "./constants";
+} from "@/constants";
+import { config } from "@/config";
+import { ResponseError } from "@/core/error";
+import { logger } from "@/core/logger";
 //import cors from "cors";
 
 /**
@@ -68,7 +67,7 @@ const app = express();
 app.use(express.json());
 app.use(express.urlencoded({ extended: true }));
 
-// Automatically import all routers from the /src/routers directory
+//Automatically import all routers from the /src/routers directory
 const routersPath = path.join(__dirname, routerDir);
 loadRouters(routersPath);
 
@@ -82,8 +81,7 @@ if (config.swagger) {
 
 // General error handler
 app.use(
-  (error: ResponseError, req: Request, res: Response, next: NextFunction) => {
-    const logger = resolve(WinstonLoggerService);
+  (error: ResponseError, _req: Request, res: Response, _next: NextFunction) => {
     const status = error.status ?? 500;
     const errorObject = {
       status,

package/src/routers/orders/index.router.ts

@@ -1,7 +1,7 @@
 import { Router, Request, Response } from "express";
 import asyncHandler from "express-async-handler";
 import OrderController from "./order.controller";
-import { resolve } from "@/utilities/container";
+import { resolve } from "@/core/container";
 
 const router = Router();
 const orderController = resolve(OrderController);
@@ -97,6 +97,8 @@ router.get(
  *     responses:
  *       200:
  *         description: Order details
+ *       404:
+ *         description: Order not found
  */
 router.get(
   "/:id",
@@ -122,6 +124,8 @@ router.get(
  *     responses:
  *       200:
  *         description: Order canceled successfully
+ *       400:
+ *         description: Cancellation is only available when the order is in processing status.
  */
 router.patch(
   "/:id/cancel",