heady-gateway 3.2.0

package/README.md

@@ -0,0 +1,40 @@
+# @heady/gateway
+
+> API gateway with cross-domain auth, rate limiting, and service routing for the Heady™ AI Platform.
+
+## Install
+
+```bash
+npm install @heady/gateway
+```
+
+## Quick Start
+
+```ts
+import { createGateway } from '@heady/gateway';
+
+const gw = createGateway({ rateLimitRpm: 600 });
+
+// Route a domain to a service
+const service = gw.route('headyme.com');  // → 'command-center'
+
+// Check rate limit
+const { allowed, remaining } = gw.checkRateLimit('client-123');
+
+// CORS headers
+const headers = gw.getCorsHeaders('https://headyme.com');
+
+// Status
+const status = gw.getStatus();
+```
+
+## Features
+
+- **9-domain routing** — headyme.com, headyio.com, headymcp.com, and more
+- **Token-bucket rate limiting** per client
+- **CORS management** with configurable origins
+- **Request metrics** tracking
+
+## License
+
+Proprietary — © 2026 HeadySystems Inc.

package/dist/index.d.ts

@@ -0,0 +1,39 @@
+/**
+ * @heady/gateway — API Gateway with Auth + Rate Limiting
+ *
+ * Routes requests across Heady services with:
+ * - Cross-domain authentication (sign in once, roam all sites)
+ * - Token-bucket rate limiting per tenant
+ * - Request routing based on domain → service mapping
+ */
+export interface GatewayConfig {
+    domains: Record<string, string>;
+    rateLimitRpm: number;
+    corsOrigins: string[];
+}
+export interface RateLimitState {
+    tokens: number;
+    lastRefill: number;
+    maxTokens: number;
+    refillRate: number;
+}
+export declare class HeadyGateway {
+    private config;
+    private rateLimits;
+    private routedCount;
+    constructor(config?: Partial<GatewayConfig>);
+    route(hostname: string): string | null;
+    checkRateLimit(clientId: string): {
+        allowed: boolean;
+        remaining: number;
+    };
+    getCorsHeaders(origin: string): Record<string, string>;
+    getStatus(): {
+        ok: boolean;
+        domains: number;
+        routedCount: number;
+        rateLimitClients: number;
+    };
+}
+export declare function createGateway(config?: Partial<GatewayConfig>): HeadyGateway;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,WAAW,aAAa;IAC1B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,EAAE,CAAC;CACzB;AAED,MAAM,WAAW,cAAc;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACtB;AAcD,qBAAa,YAAY;IACrB,OAAO,CAAC,MAAM,CAAgB;IAC9B,OAAO,CAAC,UAAU,CAAqC;IACvD,OAAO,CAAC,WAAW,CAAK;gBAEZ,MAAM,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC;IAQ3C,KAAK,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAKtC,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE;IAwBzE,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAUtD,SAAS;;;;;;CAQZ;AAED,wBAAgB,aAAa,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,GAAG,YAAY,CAE3E"}

package/dist/index.js

@@ -0,0 +1,80 @@
+"use strict";
+/**
+ * @heady/gateway — API Gateway with Auth + Rate Limiting
+ *
+ * Routes requests across Heady services with:
+ * - Cross-domain authentication (sign in once, roam all sites)
+ * - Token-bucket rate limiting per tenant
+ * - Request routing based on domain → service mapping
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HeadyGateway = void 0;
+exports.createGateway = createGateway;
+const DEFAULT_DOMAINS = {
+    'headyme.com': 'command-center',
+    'headyio.com': 'heady-io-docs',
+    'headymcp.com': 'heady-mcp-portal',
+    'headysystems.com': 'heady-systems',
+    'headyconnection.org': 'heady-connection',
+    'headybuddy.org': 'heady-buddy',
+    'headybot.com': 'heady-bot',
+    'headyapi.com': 'heady-api',
+    'headyai.com': 'heady-ai',
+};
+class HeadyGateway {
+    config;
+    rateLimits = new Map();
+    routedCount = 0;
+    constructor(config) {
+        this.config = {
+            domains: config?.domains || DEFAULT_DOMAINS,
+            rateLimitRpm: config?.rateLimitRpm || 600,
+            corsOrigins: config?.corsOrigins || Object.keys(DEFAULT_DOMAINS).map(d => `https://${d}`),
+        };
+    }
+    route(hostname) {
+        this.routedCount++;
+        return this.config.domains[hostname] || null;
+    }
+    checkRateLimit(clientId) {
+        let state = this.rateLimits.get(clientId);
+        const now = Date.now();
+        const maxTokens = this.config.rateLimitRpm;
+        const refillRate = maxTokens / 60000; // tokens per ms
+        if (!state) {
+            state = { tokens: maxTokens, lastRefill: now, maxTokens, refillRate };
+            this.rateLimits.set(clientId, state);
+        }
+        // Refill tokens
+        const elapsed = now - state.lastRefill;
+        state.tokens = Math.min(maxTokens, state.tokens + elapsed * refillRate);
+        state.lastRefill = now;
+        if (state.tokens >= 1) {
+            state.tokens -= 1;
+            return { allowed: true, remaining: Math.floor(state.tokens) };
+        }
+        return { allowed: false, remaining: 0 };
+    }
+    getCorsHeaders(origin) {
+        const allowed = this.config.corsOrigins.includes(origin);
+        return {
+            'Access-Control-Allow-Origin': allowed ? origin : '',
+            'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
+            'Access-Control-Allow-Headers': 'Content-Type, Authorization',
+            'Access-Control-Max-Age': '86400',
+        };
+    }
+    getStatus() {
+        return {
+            ok: true,
+            domains: Object.keys(this.config.domains).length,
+            routedCount: this.routedCount,
+            rateLimitClients: this.rateLimits.size,
+        };
+    }
+}
+exports.HeadyGateway = HeadyGateway;
+function createGateway(config) {
+    return new HeadyGateway(config);
+}
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAyFH,sCAEC;AA5ED,MAAM,eAAe,GAA2B;IAC5C,aAAa,EAAE,gBAAgB;IAC/B,aAAa,EAAE,eAAe;IAC9B,cAAc,EAAE,kBAAkB;IAClC,kBAAkB,EAAE,eAAe;IACnC,qBAAqB,EAAE,kBAAkB;IACzC,gBAAgB,EAAE,aAAa;IAC/B,cAAc,EAAE,WAAW;IAC3B,cAAc,EAAE,WAAW;IAC3B,aAAa,EAAE,UAAU;CAC5B,CAAC;AAEF,MAAa,YAAY;IACb,MAAM,CAAgB;IACtB,UAAU,GAAG,IAAI,GAAG,EAA0B,CAAC;IAC/C,WAAW,GAAG,CAAC,CAAC;IAExB,YAAY,MAA+B;QACvC,IAAI,CAAC,MAAM,GAAG;YACV,OAAO,EAAE,MAAM,EAAE,OAAO,IAAI,eAAe;YAC3C,YAAY,EAAE,MAAM,EAAE,YAAY,IAAI,GAAG;YACzC,WAAW,EAAE,MAAM,EAAE,WAAW,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC;SAC5F,CAAC;IACN,CAAC;IAED,KAAK,CAAC,QAAgB;QAClB,IAAI,CAAC,WAAW,EAAE,CAAC;QACnB,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC;IACjD,CAAC;IAED,cAAc,CAAC,QAAgB;QAC3B,IAAI,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;QAC3C,MAAM,UAAU,GAAG,SAAS,GAAG,KAAK,CAAC,CAAC,gBAAgB;QAEtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,KAAK,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC;YACtE,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACzC,CAAC;QAED,gBAAgB;QAChB,MAAM,OAAO,GAAG,GAAG,GAAG,KAAK,CAAC,UAAU,CAAC;QACvC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,MAAM,GAAG,OAAO,GAAG,UAAU,CAAC,CAAC;QACxE,KAAK,CAAC,UAAU,GAAG,GAAG,CAAC;QAEvB,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACpB,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC;YAClB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;QAClE,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,EAAE,CAAC;IAC5C,CAAC;IAED,cAAc,CAAC,MAAc;QACzB,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QACzD,OAAO;YACH,6BAA6B,EAAE,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;YACpD,8BAA8B,EAAE,oBAAoB;YACpD,8BAA8B,EAAE,6BAA6B;YAC7D,wBAAwB,EAAE,OAAO;SACpC,CAAC;IACN,CAAC;IAED,SAAS;QACL,OAAO;YACH,EAAE,EAAE,IAAI;YACR,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM;YAChD,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,gBAAgB,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI;SACzC,CAAC;IACN,CAAC;CACJ;AA5DD,oCA4DC;AAED,SAAgB,aAAa,CAAC,MAA+B;IACzD,OAAO,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC;AACpC,CAAC"}

package/package.json

@@ -0,0 +1,54 @@
+{
+  "name": "heady-gateway",
+  "version": "3.2.0",
+  "description": "API gateway with cross-domain auth, token-bucket rate limiting, and domain-to-service routing for the Heady AI Platform.",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "require": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "files": [
+    "dist/",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "test": "jest",
+    "clean": "rm -rf dist",
+    "prepublishOnly": "npm run clean && npm run build"
+  },
+  "dependencies": {
+    "heady-core": "^3.2.0"
+  },
+  "license": "UNLICENSED",
+  "author": {
+    "name": "HeadySystems Inc.",
+    "email": "eric@headyconnection.org",
+    "url": "https://headyme.com"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/HeadyMe/heady-production.git",
+    "directory": "packages/gateway"
+  },
+  "homepage": "https://headysystems.com",
+  "bugs": {
+    "url": "https://github.com/HeadyMe/heady-production/issues"
+  },
+  "keywords": [
+    "heady",
+    "ai",
+    "gateway",
+    "api-gateway",
+    "rate-limiting",
+    "auth",
+    "cors"
+  ],
+  "engines": {
+    "node": ">=20.0.0"
+  }
+}