exguard-backend 1.0.23 → 1.0.24

package/dist/index.cjs

@@ -38,6 +38,7 @@ __export(src_exports, {
   cache: () => cache,
   createExGuardExpress: () => createExGuardExpress,
   createExGuardFastify: () => createExGuardFastify,
+  createRealtime: () => createRealtime,
   realtime: () => realtime
 });
 module.exports = __toCommonJS(src_exports);
@@ -286,17 +287,57 @@ var ExGuardRealtime = class {
   handlers = /* @__PURE__ */ new Map();
   websocket = null;
   reconnectAttempts = 0;
-  maxReconnectAttempts = 5;
-  reconnectDelay = 1e3;
+  config;
+  currentUrl = null;
+  currentToken = null;
+  shouldReconnect = true;
+  constructor(config = {}) {
+    this.config = {
+      autoReconnect: config.autoReconnect ?? true,
+      maxReconnectAttempts: config.maxReconnectAttempts ?? 5,
+      reconnectDelay: config.reconnectDelay ?? 1e3,
+      reconnectMaxDelay: config.reconnectMaxDelay ?? 3e4,
+      onConnect: config.onConnect ?? (() => {
+      }),
+      onDisconnect: config.onDisconnect ?? (() => {
+      }),
+      onError: config.onError ?? ((error) => console.error("[ExGuardRealtime] Error:", error))
+    };
+  }
   /**
    * Connect to realtime server
-   * @param url - WebSocket URL
-   * @param token - Optional authentication token
+   * @param url - WebSocket URL (e.g., wss://api.example.com/realtime)
+   * @param auth - Authentication options (accessToken, apiKey, bearerToken) - optional
    */
-  connect(url, token) {
+  connect(url, auth) {
+    let authToken;
+    let authType = null;
+    if (typeof auth === "string") {
+      authToken = auth;
+      authType = "access_token";
+    } else if (auth?.accessToken) {
+      authToken = auth.accessToken;
+      authType = "access_token";
+    } else if (auth?.apiKey) {
+      authToken = auth.apiKey;
+      authType = "api_key";
+    } else if (auth?.bearerToken) {
+      authToken = auth.bearerToken;
+      authType = "bearer";
+    }
     return new Promise((resolve, reject) => {
+      this.shouldReconnect = true;
+      this.currentUrl = url;
+      this.currentToken = authToken ?? null;
       try {
-        const wsUrl = token ? `${url}?token=${token}` : url;
+        let wsUrl = url;
+        if (authToken && authType) {
+          if (authType === "bearer") {
+            wsUrl = `${url}?bearer=${encodeURIComponent(authToken)}`;
+          } else {
+            wsUrl = `${url}?${authType}=${encodeURIComponent(authToken)}`;
+          }
+        }
         this.websocket = new WebSocket(wsUrl);
         const timeout = setTimeout(() => {
           reject(new Error("Connection timeout"));
@@ -305,6 +346,7 @@ var ExGuardRealtime = class {
           clearTimeout(timeout);
           this.reconnectAttempts = 0;
           console.log("[ExGuardRealtime] Connected to realtime server");
+          this.config.onConnect();
           resolve();
         };
         this.websocket.onmessage = (event) => {
@@ -318,12 +360,15 @@ var ExGuardRealtime = class {
         this.websocket.onclose = () => {
           clearTimeout(timeout);
           console.log("[ExGuardRealtime] Disconnected from realtime server");
-          this.handleReconnect(url, token);
+          this.config.onDisconnect();
+          this.handleReconnect();
         };
         this.websocket.onerror = (error) => {
           clearTimeout(timeout);
           console.error("[ExGuardRealtime] WebSocket error:", error);
-          reject(error);
+          const err = new Error("WebSocket connection error");
+          this.config.onError(err);
+          reject(err);
         };
       } catch (error) {
         reject(error);
@@ -334,6 +379,7 @@ var ExGuardRealtime = class {
    * Disconnect from realtime server
    */
   disconnect() {
+    this.shouldReconnect = false;
     if (this.websocket) {
       this.websocket.close();
       this.websocket = null;
@@ -357,6 +403,16 @@ var ExGuardRealtime = class {
       }
     };
   }
+  /**
+   * Subscribe to all realtime events
+   */
+  subscribeAll(handler) {
+    const eventTypes = ["rbac_update", "user_update", "role_update", "permission_update"];
+    const unsubscribes = eventTypes.map((type) => this.subscribe(type, handler));
+    return () => {
+      unsubscribes.forEach((unsub) => unsub());
+    };
+  }
   /**
    * Handle incoming realtime events
    */
@@ -376,13 +432,19 @@ var ExGuardRealtime = class {
   /**
    * Handle reconnection logic
    */
-  handleReconnect(url, token) {
-    if (this.reconnectAttempts < this.maxReconnectAttempts) {
+  handleReconnect() {
+    if (!this.shouldReconnect || !this.config.autoReconnect || !this.currentUrl) {
+      return;
+    }
+    if (this.reconnectAttempts < this.config.maxReconnectAttempts) {
       this.reconnectAttempts++;
-      const delay = this.reconnectDelay * Math.pow(2, this.reconnectAttempts - 1);
+      const delay = Math.min(
+        this.config.reconnectDelay * Math.pow(2, this.reconnectAttempts - 1),
+        this.config.reconnectMaxDelay
+      );
       console.log(`[ExGuardRealtime] Reconnecting in ${delay}ms (attempt ${this.reconnectAttempts})`);
       setTimeout(() => {
-        this.connect(url, token).catch((error) => {
+        this.connect(this.currentUrl, this.currentToken).catch((error) => {
           console.error("[ExGuardRealtime] Reconnection failed:", error);
         });
       }, delay);
@@ -390,13 +452,63 @@ var ExGuardRealtime = class {
       console.error("[ExGuardRealtime] Max reconnection attempts reached");
     }
   }
+  /**
+   * Manually trigger reconnection with current auth
+   */
+  reconnect() {
+    if (this.currentUrl && this.currentToken) {
+      this.reconnectAttempts = 0;
+      return this.connect(this.currentUrl, this.currentToken);
+    } else if (this.currentUrl) {
+      this.reconnectAttempts = 0;
+      return this.connect(this.currentUrl);
+    }
+    return Promise.reject(new Error("No URL configured"));
+  }
   /**
    * Check if connected
    */
   isConnected() {
     return this.websocket?.readyState === WebSocket.OPEN;
   }
+  /**
+   * Get connection status
+   */
+  getStatus() {
+    if (!this.websocket) return "disconnected";
+    switch (this.websocket.readyState) {
+      case WebSocket.CONNECTING:
+        return "connecting";
+      case WebSocket.OPEN:
+        return "connected";
+      case WebSocket.CLOSING:
+      case WebSocket.CLOSED:
+        return "disconnected";
+      default:
+        return "disconnected";
+    }
+  }
+  /**
+   * Send a message to the server
+   */
+  send(event) {
+    if (this.websocket && this.websocket.readyState === WebSocket.OPEN) {
+      this.websocket.send(JSON.stringify(event));
+    }
+  }
+  /**
+   * Update configuration
+   */
+  updateConfig(config) {
+    this.config = {
+      ...this.config,
+      ...config
+    };
+  }
 };
+function createRealtime(config) {
+  return new ExGuardRealtime(config);
+}
 var realtime = new ExGuardRealtime();
 
 // src/exguard-backend-enhanced.ts
@@ -406,21 +518,40 @@ var ExGuardBackendEnhanced = class {
   cache;
   realtime;
   userId = null;
+  _isRealtimeConnected = false;
   constructor(config) {
     this.config = {
       timeout: 1e4,
       cache: {
         enabled: true,
         ttl: 3e5
-        // 5 minutes
       },
       realtime: {
-        enabled: false
+        enabled: false,
+        autoReconnect: true,
+        maxReconnectAttempts: 5,
+        reconnectDelay: 1e3
       },
       ...config
     };
     this.cache = cache;
-    this.realtime = realtime;
+    const realtimeConfig = {
+      autoReconnect: this.config.realtime?.autoReconnect ?? true,
+      maxReconnectAttempts: this.config.realtime?.maxReconnectAttempts ?? 5,
+      reconnectDelay: this.config.realtime?.reconnectDelay ?? 1e3,
+      onConnect: () => {
+        this._isRealtimeConnected = true;
+        this.config.realtime?.onConnect?.();
+      },
+      onDisconnect: () => {
+        this._isRealtimeConnected = false;
+        this.config.realtime?.onDisconnect?.();
+      },
+      onError: (error) => {
+        this.config.realtime?.onError?.(error);
+      }
+    };
+    this.realtime = createRealtime(realtimeConfig);
     this.client = import_axios2.default.create({
       baseURL: this.config.apiUrl,
       timeout: this.config.timeout,
@@ -435,14 +566,15 @@ var ExGuardBackendEnhanced = class {
       this.cache.cleanup();
     }, 6e4);
   }
-  /**
-   * Setup realtime connection and event handlers
-   */
   async setupRealtime() {
     try {
-      await this.realtime.connect(this.config.realtime.url, this.config.realtime.token);
+      await this.realtime.connect(
+        this.config.realtime.url,
+        this.config.realtime.token
+      );
       this.realtime.subscribe("rbac_update", (event) => {
         console.log("[ExGuardBackend] RBAC update received:", event);
+        this.config.realtime?.onRBACUpdate?.(event);
         if (event.userId) {
           this.cache.clearUserCache(event.userId);
         } else {
@@ -451,17 +583,72 @@ var ExGuardBackendEnhanced = class {
       });
       this.realtime.subscribe("user_update", (event) => {
         console.log("[ExGuardBackend] User update received:", event);
+        this.config.realtime?.onUserUpdate?.(event);
         if (event.userId) {
           this.cache.clearUserCache(event.userId);
         }
       });
+      this.realtime.subscribe("role_update", (event) => {
+        console.log("[ExGuardBackend] Role update received:", event);
+        if (event.userId) {
+          this.cache.clearUserCache(event.userId);
+        } else {
+          this.cache.clear();
+        }
+      });
+      this.realtime.subscribe("permission_update", (event) => {
+        console.log("[ExGuardBackend] Permission update received:", event);
+        if (event.userId) {
+          this.cache.clearUserCache(event.userId);
+        } else {
+          this.cache.clear();
+        }
+      });
     } catch (error) {
       console.error("[ExGuardBackend] Failed to setup realtime:", error);
     }
   }
   /**
-   * Extract user ID from JWT token
+   * Manually connect to realtime server
    */
+  async connectRealtime(url, token) {
+    const wsUrl = url || this.config.realtime?.url;
+    const wsToken = token || this.config.realtime?.token;
+    if (!wsUrl) {
+      throw new Error("WebSocket URL is required");
+    }
+    await this.setupRealtime();
+  }
+  /**
+   * Disconnect from realtime server
+   */
+  disconnectRealtime() {
+    this.realtime.disconnect();
+  }
+  /**
+   * Check if realtime is connected
+   */
+  isRealtimeConnected() {
+    return this._isRealtimeConnected || this.realtime.isConnected();
+  }
+  /**
+   * Get realtime connection status
+   */
+  getRealtimeStatus() {
+    return this.realtime.getStatus();
+  }
+  /**
+   * Subscribe to realtime events
+   */
+  subscribeToRealtime(eventType, handler) {
+    return this.realtime.subscribe(eventType, handler);
+  }
+  /**
+   * Subscribe to all realtime events
+   */
+  subscribeToAllRealtime(handler) {
+    return this.realtime.subscribeAll(handler);
+  }
   extractUserIdFromToken(token) {
     try {
       const payload = JSON.parse(atob(token.split(".")[1]));
@@ -470,16 +657,10 @@ var ExGuardBackendEnhanced = class {
       return null;
     }
   }
-  /**
-   * Get cache key for user data
-   */
   getCacheKey(token, suffix = "") {
     const userId = this.extractUserIdFromToken(token) || "unknown";
     return `user:${userId}:${suffix}`;
   }
-  /**
-   * Get user roles and permissions from cache or API
-   */
   async getUserAccess(token) {
     if (!this.config.cache?.enabled) {
       return this.fetchUserAccess(token);
@@ -495,9 +676,6 @@ var ExGuardBackendEnhanced = class {
     this.cache.set(cacheKey, data, this.config.cache.ttl);
     return data;
   }
-  /**
-   * Fetch user access from API (always hits the server)
-   */
   async fetchUserAccess(token) {
     try {
       const response = await this.client.get("/guard/me", {
@@ -519,9 +697,6 @@ var ExGuardBackendEnhanced = class {
       throw error;
     }
   }
-  /**
-   * Check if user has specific permission (cached)
-   */
   async hasPermission(token, permission) {
     if (!this.config.cache?.enabled) {
       const userAccess2 = await this.getUserAccess(token);
@@ -543,9 +718,6 @@ var ExGuardBackendEnhanced = class {
     this.cache.set(cacheKey, hasPermission, this.config.cache.ttl / 2);
     return hasPermission;
   }
-  /**
-   * Check if user has specific role (cached)
-   */
   async hasRole(token, role) {
     if (!this.config.cache?.enabled) {
       const userAccess2 = await this.getUserAccess(token);
@@ -563,9 +735,6 @@ var ExGuardBackendEnhanced = class {
     this.cache.set(cacheKey, hasRole, this.config.cache.ttl / 2);
     return hasRole;
   }
-  /**
-   * Get all permissions for a specific module (cached)
-   */
   async getModulePermissions(token, moduleKey) {
     if (!this.config.cache?.enabled) {
       const userAccess2 = await this.getUserAccess(token);
@@ -585,9 +754,6 @@ var ExGuardBackendEnhanced = class {
     this.cache.set(cacheKey, permissions, this.config.cache.ttl);
     return permissions;
   }
-  /**
-   * Get user roles (cached)
-   */
   async getUserRoles(token) {
     if (!this.config.cache?.enabled) {
       const userAccess2 = await this.getUserAccess(token);
@@ -605,9 +771,6 @@ var ExGuardBackendEnhanced = class {
     this.cache.set(cacheKey, roles, this.config.cache.ttl);
     return roles;
   }
-  /**
-   * Get user field offices (cached)
-   */
   async getUserFieldOffices(token) {
     if (!this.config.cache?.enabled) {
       const userAccess2 = await this.getUserAccess(token);
@@ -625,9 +788,6 @@ var ExGuardBackendEnhanced = class {
     this.cache.set(cacheKey, fieldOffices, this.config.cache.ttl);
     return fieldOffices;
   }
-  /**
-   * Batch check multiple permissions (optimized)
-   */
   async hasPermissions(token, permissions) {
     const results = {};
     const uncachedPermissions = [];
@@ -659,9 +819,6 @@ var ExGuardBackendEnhanced = class {
     }
     return results;
   }
-  /**
-   * Batch check multiple roles (optimized)
-   */
   async hasRoles(token, roles) {
     const results = {};
     const uncachedRoles = [];
@@ -691,9 +848,6 @@ var ExGuardBackendEnhanced = class {
     }
     return results;
   }
-  /**
-   * Clear cache for a specific user
-   */
   clearUserCache(token) {
     const userId = this.extractUserIdFromToken(token);
     if (userId) {
@@ -701,15 +855,13 @@ var ExGuardBackendEnhanced = class {
       console.log(`[ExGuardBackend] Cache cleared for user: ${userId}`);
     }
   }
-  /**
-   * Get cache statistics
-   */
+  clearAllCache() {
+    this.cache.clear();
+    console.log("[ExGuardBackend] All cache cleared");
+  }
   getCacheStats() {
     return this.cache.getStats();
   }
-  /**
-   * Disconnect from realtime server
-   */
   disconnect() {
     this.realtime.disconnect();
   }
@@ -1406,6 +1558,7 @@ function createGuardContext2(req) {
   cache,
   createExGuardExpress,
   createExGuardFastify,
+  createRealtime,
   realtime
 });
 //# sourceMappingURL=index.cjs.map