jsgui3-server 0.0.151 → 0.0.155

package/server.js

@@ -30,6 +30,7 @@ const Process_Resource = require('./resources/process-resource');
 const Remote_Process_Resource = require('./resources/remote-process-resource');
 
 const Static_Route_HTTP_Responder = require('./http/responders/static/Static_Route_HTTP_Responder');
+const { get_port_or_free } = require('./port-utils');
 
 const Publishers = require('./publishers/Publishers');
 
@@ -39,6 +40,8 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 	}, __type_name) {
 		super();
 		this.http_servers = [];
+		this.listening_endpoints = [];
+		this._api_registry = [];
 		let disk_path_client_js;
 		if (spec.disk_path_client_js) {
 			disk_path_client_js = spec.disk_path_client_js;
@@ -151,35 +154,35 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 
 		const Admin_Module_V1 = require('./admin-ui/v1/server');
 		if (admin_enabled) {
-		this.admin_v1 = new Admin_Module_V1(typeof admin_config === 'object' ? admin_config : {});
-		this.admin_v1.init(this);
+			this.admin_v1 = new Admin_Module_V1(typeof admin_config === 'object' ? admin_config : {});
+			this.admin_v1.init(this);
 
-		// Register Admin V1 Page Route
-		let Admin_Shell_Control;
-		try {
-			Admin_Shell_Control = require('./admin-ui/v1/client').controls.Admin_Shell;
-		} catch (e) {
-			console.warn('Failed to load Admin_Shell control:', e.message || e);
-		}
+			// Register Admin V1 Page Route
+			let Admin_Shell_Control;
+			try {
+				Admin_Shell_Control = require('./admin-ui/v1/client').controls.Admin_Shell;
+			} catch (e) {
+				console.warn('Failed to load Admin_Shell control:', e.message || e);
+			}
 
-		if (Admin_Shell_Control) {
-			const admin_v1_app = new Webpage({
-				content: Admin_Shell_Control,
-				title: 'jsgui3 Admin Dashboard'
-			});
+			if (Admin_Shell_Control) {
+				const admin_v1_app = new Webpage({
+					content: Admin_Shell_Control,
+					title: 'jsgui3 Admin Dashboard'
+				});
 
-			const admin_v1_publisher = new HTTP_Webpage_Publisher({
-				name: 'Admin_V1_Publisher',
-				webpage: admin_v1_app,
-				src_path_client_js: lib_path.join(__dirname, 'admin-ui/v1/client.js')
-			});
-			admin_v1_publisher.name = 'Admin_V1_Publisher';
+				const admin_v1_publisher = new HTTP_Webpage_Publisher({
+					name: 'Admin_V1_Publisher',
+					webpage: admin_v1_app,
+					src_path_client_js: lib_path.join(__dirname, 'admin-ui/v1/client.js')
+				});
+				admin_v1_publisher.name = 'Admin_V1_Publisher';
 
-			const is_dev_defaults = !process.env.ADMIN_V1_PASSWORD && process.env.NODE_ENV !== 'production';
-			const login_hint = is_dev_defaults
-				? '<div class="hint dev-creds">Dev defaults active — username: <code>admin</code> password: <code>admin</code></div><div class="hint">Set ADMIN_V1_USER / ADMIN_V1_PASSWORD env vars for production.</div>'
-				: '<div class="hint">Sign in with your configured credentials.</div>';
-			const login_html = `<!doctype html>
+				const is_dev_defaults = !process.env.ADMIN_V1_PASSWORD && process.env.NODE_ENV !== 'production';
+				const login_hint = is_dev_defaults
+					? '<div class="hint dev-creds">Dev defaults active — username: <code>admin</code> password: <code>admin</code></div><div class="hint">Set ADMIN_V1_USER / ADMIN_V1_PASSWORD env vars for production.</div>'
+					: '<div class="hint">Sign in with your configured credentials.</div>';
+				const login_html = `<!doctype html>
 <html>
 <head>
 	<meta charset="utf-8" />
@@ -250,82 +253,82 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 </body>
 </html>`;
 
-			const serve_admin_v1_page = (req, res) => {
-				if (req && typeof req.url === 'string' && req.url.startsWith('/admin/v1/login')) {
-					res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
-					res.end(login_html);
-					return;
-				}
-
-				if (!this.admin_v1 || !this.admin_v1.is_admin_read_request(req)) {
-					res.writeHead(302, { Location: '/admin/v1/login' });
-					res.end();
-					return;
-				}
-				if (admin_v1_cached_html) {
-					res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
-					res.end(admin_v1_cached_html);
-				} else {
-					res.writeHead(503, { 'Content-Type': 'text/plain' });
-					res.end('Admin UI v1 is loading, please retry...');
-				}
-			};
+				const serve_admin_v1_page = (req, res) => {
+					if (req && typeof req.url === 'string' && req.url.startsWith('/admin/v1/login')) {
+						res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
+						res.end(login_html);
+						return;
+					}
 
-			server_router.set_route('/admin/v1/login', null, (req, res) => {
-				res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
-				res.end(login_html);
-			});
+					if (!this.admin_v1 || !this.admin_v1.is_admin_read_request(req)) {
+						res.writeHead(302, { Location: '/admin/v1/login' });
+						res.end();
+						return;
+					}
+					if (admin_v1_cached_html) {
+						res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
+						res.end(admin_v1_cached_html);
+					} else {
+						res.writeHead(503, { 'Content-Type': 'text/plain' });
+						res.end('Admin UI v1 is loading, please retry...');
+					}
+				};
 
-			// Namespace admin v1 assets under /admin/v1/ to avoid
-			// colliding with the main app's /js/js.js and /css/css.css.
-			let admin_v1_cached_html = null;
+				server_router.set_route('/admin/v1/login', null, (req, res) => {
+					res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
+					res.end(login_html);
+				});
 
-			admin_v1_publisher.on('ready', (res_ready) => {
-				if (res_ready && res_ready._arr) {
-					for (const bundle_item of res_ready._arr) {
-						const { type } = bundle_item;
-						if (type === 'HTML') {
-							// Rewrite asset references so browser fetches
-							// the admin-specific JS/CSS, not the main app's.
-							let html = bundle_item.text || '';
-							html = html.replace(
-								/href="\/css\/css\.css"/g,
-								'href="/admin/v1/css/css.css"'
-							);
-							html = html.replace(
-								/src="\/js\/js\.js"/g,
-								'src="/admin/v1/js/js.js"'
-							);
-							// Inject viewport meta for mobile rendering
-							if (!html.includes('name="viewport"')) {
+				// Namespace admin v1 assets under /admin/v1/ to avoid
+				// colliding with the main app's /js/js.js and /css/css.css.
+				let admin_v1_cached_html = null;
+
+				admin_v1_publisher.on('ready', (res_ready) => {
+					if (res_ready && res_ready._arr) {
+						for (const bundle_item of res_ready._arr) {
+							const { type } = bundle_item;
+							if (type === 'HTML') {
+								// Rewrite asset references so browser fetches
+								// the admin-specific JS/CSS, not the main app's.
+								let html = bundle_item.text || '';
+								html = html.replace(
+									/href="\/css\/css\.css"/g,
+									'href="/admin/v1/css/css.css"'
+								);
 								html = html.replace(
-									/<head([^>]*)>/i,
-									'<head$1><meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover">'
+									/src="\/js\/js\.js"/g,
+									'src="/admin/v1/js/js.js"'
 								);
+								// Inject viewport meta for mobile rendering
+								if (!html.includes('name="viewport"')) {
+									html = html.replace(
+										/<head([^>]*)>/i,
+										'<head$1><meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover">'
+									);
+								}
+								admin_v1_cached_html = html;
+							} else {
+								// JS → /admin/v1/js/js.js, CSS → /admin/v1/css/css.css
+								const namespaced_route =
+									type === 'JavaScript' ? '/admin/v1/js/js.js' :
+										type === 'CSS' ? '/admin/v1/css/css.css' :
+											'/admin/v1' + bundle_item.route;
+								const responder = new Static_Route_HTTP_Responder(bundle_item);
+								server_router.set_route(namespaced_route, responder, responder.handle_http);
 							}
-							admin_v1_cached_html = html;
-						} else {
-							// JS → /admin/v1/js/js.js, CSS → /admin/v1/css/css.css
-							const namespaced_route =
-								type === 'JavaScript' ? '/admin/v1/js/js.js' :
-								type === 'CSS'        ? '/admin/v1/css/css.css' :
-								'/admin/v1' + bundle_item.route;
-							const responder = new Static_Route_HTTP_Responder(bundle_item);
-							server_router.set_route(namespaced_route, responder, responder.handle_http);
 						}
-					}
 
-					// Serve authenticated admin page at /admin/v1
-					server_router.set_route('/admin/v1', null, serve_admin_v1_page);
-				}
-			});
+						// Serve authenticated admin page at /admin/v1
+						server_router.set_route('/admin/v1', null, serve_admin_v1_page);
+					}
+				});
 
-			// Temporary handler until the publisher finishes bundling
-			server_router.set_route('/admin/v1', null, serve_admin_v1_page);
-			resource_pool.add(admin_v1_publisher);
-		} else {
-			console.warn('Skipping /admin/v1 route registration due to missing Admin_Shell control.');
-		}
+				// Temporary handler until the publisher finishes bundling
+				server_router.set_route('/admin/v1', null, serve_admin_v1_page);
+				resource_pool.add(admin_v1_publisher);
+			} else {
+				console.warn('Skipping /admin/v1 route registration due to missing Admin_Shell control.');
+			}
 		} else {
 			// admin_enabled === false
 			this.admin_v1 = null;
@@ -371,10 +374,11 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 			// Specific options for when that publisher is in debug mode.
 
 
-			console.log('waiting for wp_publisher ready');
-			wp_publisher.on('ready', (wp_ready_res) => {
-				//console.log('wp publisher is ready');
-				if (wp_ready_res._arr) {
+			console.log('waiting for wp_publisher ready');
+			wp_publisher.on('ready', (wp_ready_res) => {
+				this.latest_wp_bundle = wp_ready_res;
+				//console.log('wp publisher is ready');
+				if (wp_ready_res._arr) {
 
 
 					for (const bundle_item of wp_ready_res._arr) {
@@ -456,20 +460,196 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 		Object.defineProperty(this, 'router', { get: () => server_router })
 	}
 
-	publish(name, fn) {
-		// Get the function publisher.
-		//   Possibly ensure it exists.
-		//const fn_publisher = this.function_publisher;
-		//fn_publisher.add(name, fn);
-		const fpub = new HTTP_Function_Publisher({ name, fn });
+	/**
+	 * Publish a JavaScript function as an HTTP API endpoint.
+	 *
+	 * The function is wrapped in a {@link Function_Publisher} and
+	 * registered with the server's router.  An entry is also added to
+	 * `this._api_registry` so the OpenAPI spec generator can discover it.
+	 *
+	 * ### Route resolution
+	 *
+	 * - If `name` starts with `'/'`, it is used as-is (e.g. `'/health'`).
+	 * - Otherwise it is auto-prefixed with `'/api/'` (e.g. `'users/list'` → `'/api/users/list'`).
+	 *
+	 * ### Metadata for Swagger
+	 *
+	 * The `meta` argument feeds the OpenAPI spec generator.  All fields
+	 * are optional — endpoints without metadata still work but produce
+	 * a minimal Swagger entry.
+	 *
+	 * | Field               | Type     | Purpose                                      |
+	 * |---------------------|----------|----------------------------------------------|
+	 * | `meta.method`       | string   | HTTP method (`'GET'`, `'POST'`, etc.)        |
+	 * | `meta.summary`      | string   | One-line summary displayed in Swagger UI     |
+	 * | `meta.description`  | string   | Multi-line Markdown description              |
+	 * | `meta.tags`         | string[] | Grouping tags in Swagger UI                  |
+	 * | `meta.params`       | Object   | Request body schema (`{key: {type, ...}}`)   |
+	 * | `meta.returns`      | Object   | Response body schema (`{key: {type, ...}}`)  |
+	 * | `meta.deprecated`   | boolean  | Mark endpoint as deprecated                  |
+	 * | `meta.operationId`  | string   | Custom OpenAPI operationId                   |
+	 * | `meta.raw`          | boolean  | Raw `(req, res)` handler — skip Function_Publisher |
+	 *
+	 * @param {string}   name - Endpoint name or route path.
+	 * @param {Function} fn   - Handler function `(input) => result`, or `(req, res)` when `meta.raw` is `true`.
+	 * @param {Object}   [meta={}] - API metadata for routing and Swagger.
+	 *
+	 * @example
+	 * // Minimal — just a name and function:
+	 * server.publish('ping', () => ({ pong: true }));
+	 * // → POST /api/ping
+	 *
+	 * @example
+	 * // With full metadata for Swagger:
+	 * server.publish('users/list', listUsers, {
+	 *     method: 'POST',
+	 *     summary: 'List all users',
+	 *     description: 'Returns paginated user list with filtering.',
+	 *     tags: ['Users'],
+	 *     params: {
+	 *         page: { type: 'integer', description: 'Page number', default: 1 },
+	 *         page_size: { type: 'integer', description: 'Items per page', default: 25 }
+	 *     },
+	 *     returns: {
+	 *         rows: { type: 'array', items: { type: 'object' } },
+	 *         total_count: { type: 'integer' }
+	 *     }
+	 * });
+	 * // → POST /api/users/list  (documented in Swagger UI)
+	 *
+	 * @example
+	 * // Raw handler for streaming NDJSON:
+	 * server.publish('events/stream', (req, res) => {
+	 *     res.writeHead(200, { 'Content-Type': 'application/x-ndjson' });
+	 *     res.write(JSON.stringify({ event: 'start' }) + '\n');
+	 *     res.end();
+	 * }, { method: 'GET', raw: true, summary: 'Stream events' });
+	 */
+	publish(name, fn, meta = {}) {
+		// Auto-prefix /api/ for simple names.
+		// If name already starts with '/', use as-is for full route control.
+		const full_route = name.startsWith('/') ? name : '/api/' + name;
+
+		// ── Raw handler passthrough ──
+		// When meta.raw is true, fn receives (req, res) directly.
+		// Useful for streaming, SSE, gzip, or custom response control.
+		if (meta.raw) {
+			this._api_registry = this._api_registry || [];
+			this._api_registry.push({
+				path: full_route,
+				method: (meta.method && meta.method !== 'ANY') ? meta.method.toUpperCase() : 'GET',
+				meta,
+				schema: {}
+			});
+
+			if (meta.method && meta.method !== 'ANY') {
+				const method = meta.method.toUpperCase();
+				this.server_router.set_route(full_route, null, (req, res) => {
+					if (req.method.toUpperCase() !== method && req.method.toUpperCase() !== 'HEAD') {
+						res.writeHead(405, { 'Allow': method });
+						res.end('Method Not Allowed');
+						return;
+					}
+					return fn(req, res);
+				});
+			} else {
+				this.server_router.set_route(full_route, null, fn);
+			}
+			return;
+		}
+
+		// ── Standard function publisher ──
+		const fpub = new HTTP_Function_Publisher({ name, fn, meta });
 
 		this.function_publishers = this.function_publishers || [];
 		this.function_publishers.push(fpub);
 
-		// Auto-prefix /api/ for simple names
-		// If name already starts with '/', use as-is for full route control
-		const full_route = name.startsWith('/') ? name : '/api/' + name;
-		this.server_router.set_route(full_route, fpub, fpub.handle_http);
+		// Register in API registry for OpenAPI spec generation.
+		this._api_registry = this._api_registry || [];
+		this._api_registry.push({
+			path: full_route,
+			method: (meta.method && meta.method !== 'ANY') ? meta.method.toUpperCase() : 'POST',
+			meta,
+			schema: fpub.schema
+		});
+
+		if (meta.method && meta.method !== 'ANY') {
+			const method = meta.method.toUpperCase();
+			this.server_router.set_route(full_route, fpub, (req, res) => {
+				if (req.method.toUpperCase() !== method) {
+					res.writeHead(405, { 'Allow': method });
+					res.end('Method Not Allowed');
+					return;
+				}
+				return fpub.handle_http(req, res);
+			});
+		} else {
+			this.server_router.set_route(full_route, fpub, fpub.handle_http);
+		}
+	}
+
+	/**
+	 * Register the built-in Swagger / OpenAPI routes on this server.
+	 *
+	 * Creates two endpoints:
+	 *
+	 * | Route                | Method | Content-Type       | Purpose                          |
+	 * |----------------------|--------|--------------------|----------------------------------|
+	 * | `/api/openapi.json`  | GET    | `application/json` | OpenAPI 3.0.3 spec (JSON)        |
+	 * | `/api/docs`          | GET    | `text/html`        | Interactive Swagger UI page      |
+	 *
+	 * The Swagger UI page loads its JS and CSS from the unpkg CDN at
+	 * runtime, so zero npm dependencies are required.  The page is
+	 * styled to match jsgui3's dark aesthetic.
+	 *
+	 * ### Automatic registration
+	 *
+	 * When using `Server.serve()`, this method is called automatically
+	 * after all endpoints are registered — unless `swagger: false` is
+	 * set in the options.  The default is:
+	 *
+	 * - **Development** (`NODE_ENV !== 'production'`): Swagger enabled.
+	 * - **Production** (`NODE_ENV === 'production'`): Swagger disabled.
+	 *
+	 * ### Manual registration
+	 *
+	 * For servers created directly via `new Server(...)`, call this
+	 * method after all `publish()` calls:
+	 *
+	 * ```js
+	 * server._register_swagger_routes({ title: 'My API', version: '2.0.0' });
+	 * ```
+	 *
+	 * This method is idempotent — calling it multiple times has no
+	 * effect after the first call.
+	 *
+	 * @param {Object} [options] - Override options passed to the spec generator.
+	 * @param {string} [options.title]       - Override API title (default: server.name).
+	 * @param {string} [options.version]     - Override API version (default: '1.0.0').
+	 * @param {string} [options.description] - Override API description.
+	 */
+	_register_swagger_routes(options = {}) {
+		if (this._swagger_registered) return;
+		this._swagger_registered = true;
+
+		const Swagger_Publisher = require('./publishers/swagger-publisher');
+
+		const swagger_pub = new Swagger_Publisher({
+			server: this,
+			title: options.title || this.name || 'API Documentation',
+			version: options.version,
+			description: options.description
+		});
+
+		/**
+		 * The Swagger_Publisher instance, stored for introspection.
+		 * @type {Swagger_Publisher}
+		 */
+		this._swagger_publisher = swagger_pub;
+
+		// Register both routes pointing to the same publisher.
+		this.server_router.set_route('/api/openapi.json', swagger_pub, swagger_pub.handle_http.bind(swagger_pub));
+		this.server_router.set_route('/api/docs', swagger_pub, swagger_pub.handle_http.bind(swagger_pub));
 	}
 
 	publish_observable(route, obs, options = {}) {
@@ -513,7 +693,71 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 	get resource_names() {
 		return this.resource_pool.resource_names;
 	}
+
+	get_listening_endpoints() {
+		if (!this.listening_endpoints || !this.listening_endpoints.length) {
+			return [];
+		}
+		return this.listening_endpoints.map(endpoint => ({ ...endpoint }));
+	}
+
+	get_primary_endpoint() {
+		const endpoints = this.get_listening_endpoints();
+		if (!endpoints.length) return null;
+		return endpoints[0].url;
+	}
+
+	get_startup_diagnostics() {
+		if (!this.startup_diagnostics) {
+			return null;
+		}
+		return {
+			...this.startup_diagnostics,
+			addresses_attempted: Array.isArray(this.startup_diagnostics.addresses_attempted)
+				? [...this.startup_diagnostics.addresses_attempted]
+				: [],
+			errors_by_address: this.startup_diagnostics.errors_by_address
+				? { ...this.startup_diagnostics.errors_by_address }
+				: {}
+		};
+	}
+
+	print_endpoints(options = {}) {
+		const endpoints = this.get_listening_endpoints();
+		const logger = typeof options.logger === 'function' ? options.logger : console.log;
+		const include_index = !!options.include_index;
+		const prefix = typeof options.prefix === 'string' ? options.prefix : 'listening endpoint';
+
+		if (!endpoints.length) {
+			logger('no listening endpoints');
+			return [];
+		}
+
+		const lines = endpoints.map((endpoint, index) => {
+			if (include_index) {
+				return `${prefix} [${index}]: ${endpoint.url}`;
+			}
+			return `${prefix}: ${endpoint.url}`;
+		});
+
+		lines.forEach((line) => logger(line));
+		return lines;
+	}
+
+	_record_listening_endpoint(protocol, host, port) {
+		this.listening_endpoints = this.listening_endpoints || [];
+		this.listening_endpoints.push({
+			protocol,
+			host,
+			port,
+			url: `${protocol}://${host}:${port}/`
+		});
+	}
+
 	'start'(port, callback, fnProcessRequest) {
+		const start_options = (fnProcessRequest && typeof fnProcessRequest === 'object') ? fnProcessRequest : {};
+		const fallback_on_port_conflict = start_options.on_port_conflict === 'auto-loopback';
+
 		// Guard against double-start which causes EADDRINUSE
 		if (this._started) {
 			console.warn('Server.start() called but server already started. Ignoring duplicate call.');
@@ -521,6 +765,7 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 			return;
 		}
 		this._started = true;
+		this.listening_endpoints = [];
 
 		if (tof(port) !== 'number') {
 			console.log('Invalid port:', port);
@@ -534,12 +779,14 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 		this.raise('starting');
 		rp.start(err => {
 			if (err) {
+				this._started = false;
 				throw err;
 			} else {
 				const lsi = rp.get_resource('Local Server Info');
 				const server_router = rp.get_resource('Server Router');
 				lsi.getters.net((err, net) => {
 					if (err) {
+						this._started = false;
 						callback(err);
 					} else {
 						// NEW: Filter addresses by allowed_addresses if specified.
@@ -559,11 +806,47 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 						let num_to_start = arr_ipv4_addresses.length;
 						let started_count = 0;
 						let last_error = null;
+						const errors_by_address = {};
 						let ready_raised = false;
+						let fallback_attempted = false;
 						if (num_to_start === 0) {
-							callback('No allowed network interfaces found.');
+							const no_interface_error = new Error('No allowed network interfaces found.');
+							no_interface_error.code = 'ENOINTERFACES';
+							this._started = false;
+							if (callback) callback(no_interface_error);
 							return;
 						}
+
+						const start_loopback_fallback = async (process_request) => {
+							const fallback_host = '127.0.0.1';
+							const fallback_port = await get_port_or_free(0, fallback_host);
+							const fallback_protocol = this.https_options ? 'https' : 'http';
+							const fallback_server = this.https_options
+								? https.createServer(this.https_options, (req, res) => process_request(req, res))
+								: http.createServer((req, res) => process_request(req, res));
+							this.http_servers.push(fallback_server);
+							fallback_server.timeout = 10800000;
+							await new Promise((resolve, reject) => {
+								fallback_server.once('error', reject);
+								fallback_server.listen(fallback_port, fallback_host, resolve);
+							});
+							this._record_listening_endpoint(fallback_protocol, fallback_host, fallback_port);
+							if (!ready_raised) {
+								console.warn(`[server.start] Port conflict fallback engaged. Listening on ${fallback_host}:${fallback_port}`);
+								this.raise('listening');
+								ready_raised = true;
+							}
+							this.port = fallback_port;
+							this.startup_diagnostics = {
+								requested_port: port,
+								fallback_port,
+								fallback_host,
+								addresses_attempted: arr_ipv4_addresses,
+								errors_by_address
+							};
+							if (callback) callback(null, true);
+						};
+
 						const finalize_start = (err) => {
 							if (num_to_start !== 0) return;
 							if (started_count > 0) {
@@ -572,10 +855,32 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 									this.raise('listening'); // Changed from 'ready' to avoid double-fire
 									ready_raised = true;
 								}
+								this.port = port;
+								this.startup_diagnostics = {
+									requested_port: port,
+									addresses_attempted: arr_ipv4_addresses,
+									errors_by_address
+								};
 								if (callback) callback(null, true);
 								return;
 							}
 							const final_error = err || last_error || new Error('No servers started.');
+							final_error.startup_diagnostics = {
+								requested_port: port,
+								addresses_attempted: arr_ipv4_addresses,
+								errors_by_address
+							};
+
+							if (fallback_on_port_conflict && !fallback_attempted && final_error && final_error.code === 'EADDRINUSE') {
+								fallback_attempted = true;
+								start_loopback_fallback(process_request).catch((fallback_err) => {
+									this._started = false;
+									if (callback) callback(fallback_err);
+								});
+								return;
+							}
+
+							this._started = false;
 							if (callback) callback(final_error);
 						};
 						const respond_not_found = (res) => {
@@ -662,15 +967,27 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 							next();
 						};
 
-						if (this.https_options) {
-							each(arr_ipv4_addresses, (ipv4_address) => {
-								try {
-									var https_server = https.createServer(this.https_options, function (req, res) {
-										process_request(req, res);
-									});
-									this.http_servers.push(https_server);
-									https_server.on('error', (err) => {
-										last_error = err;
+							if (this.https_options) {
+								each(arr_ipv4_addresses, (ipv4_address) => {
+									try {
+										var https_server = https.createServer(this.https_options, function (req, res) {
+											process_request(req, res);
+										});
+										const open_sockets = new Set();
+										https_server._open_sockets = open_sockets;
+										https_server.on('connection', (socket) => {
+											open_sockets.add(socket);
+											socket.on('close', () => {
+												open_sockets.delete(socket);
+											});
+										});
+										this.http_servers.push(https_server);
+										https_server.on('error', (err) => {
+											last_error = err;
+										errors_by_address[ipv4_address] = {
+											code: err.code,
+											message: err.message
+										};
 										if (err.code === 'EACCES') {
 											console.error('Permission denied:', err.message);
 										} else if (err.code === 'EADDRINUSE') {
@@ -683,6 +1000,7 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 									});
 									https_server.timeout = 10800000;
 									https_server.listen(port, ipv4_address, () => {
+										this._record_listening_endpoint('https', ipv4_address, port);
 										console.log('* Server running at https://' + ipv4_address + ':' + port + '/');
 										started_count++;
 										num_to_start--;
@@ -694,15 +1012,27 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 									finalize_start(err);
 								}
 							});
-						} else {
-							each(arr_ipv4_addresses, (ipv4_address) => {
-								try {
-									var http_server = http.createServer(function (req, res) {
-										process_request(req, res);
-									});
-									this.http_servers.push(http_server);
-									http_server.on('error', (err) => {
-										last_error = err;
+							} else {
+								each(arr_ipv4_addresses, (ipv4_address) => {
+									try {
+										var http_server = http.createServer(function (req, res) {
+											process_request(req, res);
+										});
+										const open_sockets = new Set();
+										http_server._open_sockets = open_sockets;
+										http_server.on('connection', (socket) => {
+											open_sockets.add(socket);
+											socket.on('close', () => {
+												open_sockets.delete(socket);
+											});
+										});
+										this.http_servers.push(http_server);
+										http_server.on('error', (err) => {
+											last_error = err;
+										errors_by_address[ipv4_address] = {
+											code: err.code,
+											message: err.message
+										};
 										if (err.code === 'EACCES') {
 											console.error('Permission denied:', err.message);
 										} else if (err.code === 'EADDRINUSE') {
@@ -715,6 +1045,7 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 									});
 									http_server.timeout = 10800000;
 									http_server.listen(port, ipv4_address, () => {
+										this._record_listening_endpoint('http', ipv4_address, port);
 										console.log('* Server running at http://' + ipv4_address + ':' + port + '/');
 										started_count++;
 										num_to_start--;
@@ -733,48 +1064,135 @@ class JSGUI_Single_Process_Server extends Evented_Class {
 		});
 	}
 
-	close(callback) {
-		const invoke_stop = (target, done) => {
-			if (!target || typeof target.stop !== 'function') {
-				done(null);
-				return;
-			}
-
-			if (target.stop.length >= 1) {
-				target.stop((error) => done(error || null));
-				return;
-			}
-
-			try {
-				const stop_result = target.stop();
-				if (stop_result && typeof stop_result.then === 'function') {
-					stop_result.then(() => done(null), (error) => done(error || null));
-					return;
-				}
-				done(null);
-			} catch (error) {
-				done(error);
-			}
-		};
-
-		const close_http_servers = (done) => {
-			let count = this.http_servers.length;
-			if (count === 0) {
-				this.http_servers = [];
-				done();
-				return;
-			}
-
-			this.http_servers.forEach(server => {
-				server.close(() => {
-					count--;
-					if (count === 0) {
-						this.http_servers = [];
-						done();
-					}
-				});
-			});
-		};
+	close(callback) {
+		const invoke_stop = (target, done) => {
+			const stop_timeout_ms = 5000;
+			let did_finish = false;
+			const stop_timeout_handle = setTimeout(() => {
+				const target_name = (target && (target.name || target.__type_name || (target.constructor && target.constructor.name)))
+					|| 'unknown_target';
+				console.warn(`Timed out waiting for stop() on ${target_name}; continuing shutdown.`);
+				finish_stop(null);
+			}, stop_timeout_ms);
+			stop_timeout_handle.unref?.();
+
+			const finish_stop = (error) => {
+				if (did_finish) {
+					return;
+				}
+				did_finish = true;
+				clearTimeout(stop_timeout_handle);
+				done(error || null);
+			};
+
+			if (!target || typeof target.stop !== 'function') {
+				finish_stop(null);
+				return;
+			}
+
+			if (target.stop.length >= 1) {
+				try {
+					target.stop((error) => finish_stop(error || null));
+				} catch (error) {
+					finish_stop(error);
+				}
+				return;
+			}
+
+			try {
+				const stop_result = target.stop();
+				if (stop_result && typeof stop_result.then === 'function') {
+					stop_result.then(() => finish_stop(null), (error) => finish_stop(error || null));
+					return;
+				}
+				finish_stop(null);
+			} catch (error) {
+				finish_stop(error);
+			}
+		};
+
+		const force_close_server_connections = (server_instance) => {
+			if (!server_instance) {
+				return;
+			}
+			if (typeof server_instance.closeIdleConnections === 'function') {
+				try {
+					server_instance.closeIdleConnections();
+				} catch (error) {
+					// Ignore best-effort close idle connection errors.
+				}
+			}
+			if (typeof server_instance.closeAllConnections === 'function') {
+				try {
+					server_instance.closeAllConnections();
+				} catch (error) {
+					// Ignore best-effort close all connection errors.
+				}
+			}
+			if (server_instance._open_sockets && typeof server_instance._open_sockets.forEach === 'function') {
+				server_instance._open_sockets.forEach((socket) => {
+					try {
+						socket.destroy();
+					} catch (error) {
+						// Ignore socket destroy errors during shutdown.
+					}
+				});
+				server_instance._open_sockets.clear?.();
+			}
+		};
+
+		const close_http_servers = (done) => {
+			const http_server_list = Array.isArray(this.http_servers) ? [...this.http_servers] : [];
+			let pending_server_count = http_server_list.length;
+			const complete_http_server_close = () => {
+				this.http_servers = [];
+				this.listening_endpoints = [];
+				this.startup_diagnostics = null;
+				this._started = false;
+				done();
+			};
+			if (pending_server_count === 0) {
+				complete_http_server_close();
+				return;
+			}
+
+			http_server_list.forEach((server_instance) => {
+				let did_close_server = false;
+				const mark_server_closed = () => {
+					if (did_close_server) {
+						return;
+					}
+					did_close_server = true;
+					pending_server_count--;
+					if (pending_server_count === 0) {
+						complete_http_server_close();
+					}
+				};
+
+				const close_timeout_ms = 5000;
+				const close_timeout_handle = setTimeout(() => {
+					force_close_server_connections(server_instance);
+					mark_server_closed();
+				}, close_timeout_ms);
+				close_timeout_handle.unref?.();
+
+				try {
+					force_close_server_connections(server_instance);
+					server_instance.close((error) => {
+						clearTimeout(close_timeout_handle);
+						if (error && error.code !== 'ERR_SERVER_NOT_RUNNING') {
+							console.error('Error while closing HTTP server:', error);
+						}
+						force_close_server_connections(server_instance);
+						mark_server_closed();
+					});
+				} catch (error) {
+					clearTimeout(close_timeout_handle);
+					force_close_server_connections(server_instance);
+					mark_server_closed();
+				}
+			});
+		};
 
 		const finalize_close = (error) => {
 			if (callback) callback(error || null);