mktcms 0.3.7 → 0.3.9

package/dist/module.json

@@ -1,7 +1,7 @@
 {
   "name": "mktcms",
   "configKey": "mktcms",
-  "version": "0.3.7",
+  "version": "0.3.9",
   "builder": {
     "@nuxt/module-builder": "1.0.2",
     "unbuild": "3.6.1"

package/dist/module.mjs

@@ -193,6 +193,10 @@ const module$1 = defineNuxtModule({
       route: "/api/content/:path",
       handler: resolver.resolve("./runtime/server/api/content/[path]")
     });
+    addServerHandler({
+      route: "/api/health",
+      handler: resolver.resolve("./runtime/server/api/health")
+    });
     extendPages((pages) => {
       pages.push({
         name: "Admin Dashboard",

package/dist/runtime/server/api/admin/storage-usage.js

@@ -1,87 +1,9 @@
-import { access, readdir, lstat } from "node:fs/promises";
-import { resolve } from "node:path";
-import { execFile } from "node:child_process";
-import { promisify } from "node:util";
 import { createError, defineEventHandler } from "h3";
-const execFileAsync = promisify(execFile);
-const CACHE_TTL_MS = 6e4;
-let cachedBytes = null;
-let inFlight = null;
-async function getDirectorySizeBytes(dirPath) {
-  const dirsToVisit = [dirPath];
-  let totalBytes = 0;
-  while (dirsToVisit.length > 0) {
-    const currentDir = dirsToVisit.pop();
-    let entries;
-    try {
-      entries = await readdir(currentDir, { withFileTypes: true });
-    } catch (error) {
-      if (error?.code === "ENOENT") {
-        continue;
-      }
-      throw error;
-    }
-    for (const entry of entries) {
-      const entryPath = resolve(currentDir, entry.name);
-      let stats;
-      try {
-        stats = await lstat(entryPath);
-      } catch (error) {
-        if (error?.code === "ENOENT") {
-          continue;
-        }
-        throw error;
-      }
-      if (stats.isDirectory()) {
-        dirsToVisit.push(entryPath);
-        continue;
-      }
-      totalBytes += stats.size;
-    }
-  }
-  return totalBytes;
-}
+import { getStorageUsageBytes } from "../../utils/storageUsage.js";
 export default defineEventHandler(async () => {
   try {
-    const now = Date.now();
-    if (cachedBytes && now - cachedBytes.at < CACHE_TTL_MS) {
-      return { bytes: cachedBytes.value };
-    }
-    const storageDir = resolve(process.cwd(), ".storage");
-    try {
-      await access(storageDir);
-    } catch {
-      cachedBytes = { value: 0, at: now };
-      return { bytes: 0 };
-    }
-    try {
-      if (!inFlight) {
-        inFlight = (async () => {
-          try {
-            const { stdout } = await execFileAsync("du", ["-sb", storageDir], {
-              timeout: 15e3,
-              maxBuffer: 1024 * 1024
-            });
-            const bytesString = stdout.trim().split(/\s+/)[0];
-            const bytes2 = Number.parseInt(bytesString || "", 10);
-            if (!Number.isFinite(bytes2) || bytes2 < 0) {
-              throw new Error("Unexpected du output");
-            }
-            return bytes2;
-          } catch {
-            return await getDirectorySizeBytes(storageDir);
-          }
-        })();
-      }
-      const bytes = await inFlight;
-      cachedBytes = { value: bytes, at: Date.now() };
-      return { bytes };
-    } catch {
-      inFlight = null;
-      throw new Error("Failed to calculate storage usage");
-    } finally {
-      inFlight = null;
-    }
+    const bytes = await getStorageUsageBytes();
+    return { bytes };
   } catch (error) {
     throw createError({
       statusCode: 500,

package/dist/runtime/server/api/health.d.ts

@@ -0,0 +1,2 @@
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<string>>;
+export default _default;

package/dist/runtime/server/api/health.js

@@ -0,0 +1,21 @@
+import { createError, defineEventHandler, setHeader } from "h3";
+import { getStorageUsageBytes } from "../utils/storageUsage.js";
+export default defineEventHandler(async (event) => {
+  try {
+    const storageUsageBytes = await getStorageUsageBytes();
+    setHeader(event, "Content-Type", "text/plain; version=0.0.4; charset=utf-8");
+    return [
+      "# HELP mktcms_up Whether the mktcms API is healthy (1 = healthy).",
+      "# TYPE mktcms_up gauge",
+      "mktcms_up 1",
+      "# HELP mktcms_storage_usage_bytes Current .storage directory size in bytes.",
+      "# TYPE mktcms_storage_usage_bytes gauge",
+      `mktcms_storage_usage_bytes ${storageUsageBytes}`
+    ].join("\n") + "\n";
+  } catch (error) {
+    throw createError({
+      statusCode: 500,
+      statusMessage: error?.message || "Failed to build health metrics"
+    });
+  }
+});

package/dist/runtime/server/utils/loginRateLimit.js

@@ -1,14 +1,58 @@
 import { createError, getRequestIP } from "h3";
 import { useRuntimeConfig } from "nitropack/runtime";
 const attempts = /* @__PURE__ */ new Map();
-function getState(clientId) {
+const SWEEP_EVERY_ACCESSES = 64;
+const INACTIVE_GRACE_MS = 60 * 60 * 1e3;
+const MAX_TRACKED_CLIENTS = 1e4;
+let accessCount = 0;
+function isInactiveState(state, now) {
+  return state.blockedUntil <= now && now - state.lastSeenAt > INACTIVE_GRACE_MS;
+}
+function evictInactiveClients(now) {
+  const toDelete = [];
+  attempts.forEach((state, clientId) => {
+    if (isInactiveState(state, now)) {
+      toDelete.push(clientId);
+    }
+  });
+  for (const clientId of toDelete) {
+    attempts.delete(clientId);
+  }
+}
+function enforceTrackedClientsCap() {
+  while (attempts.size > MAX_TRACKED_CLIENTS) {
+    let oldestClientId;
+    attempts.forEach((_state, clientId) => {
+      if (!oldestClientId) {
+        oldestClientId = clientId;
+      }
+    });
+    if (!oldestClientId) {
+      return;
+    }
+    attempts.delete(oldestClientId);
+  }
+}
+function maybeSweep(now) {
+  accessCount += 1;
+  if (accessCount % SWEEP_EVERY_ACCESSES !== 0) {
+    return;
+  }
+  evictInactiveClients(now);
+  enforceTrackedClientsCap();
+}
+function getState(clientId, now) {
   const state = attempts.get(clientId);
   if (state) {
+    state.lastSeenAt = now;
+    attempts.delete(clientId);
+    attempts.set(clientId, state);
     return state;
   }
   const next = {
     failedAt: [],
-    blockedUntil: 0
+    blockedUntil: 0,
+    lastSeenAt: now
   };
   attempts.set(clientId, next);
   return next;
@@ -41,7 +85,8 @@ export function assertLoginNotRateLimited(event) {
   const { windowMs } = getRateLimitSettings(event);
   const clientId = getClientId(event);
   const now = Date.now();
-  const state = getState(clientId);
+  maybeSweep(now);
+  const state = getState(clientId, now);
   clearStaleAttempts(state, now, windowMs);
   if (state.blockedUntil > now) {
     const retryAfterSeconds = Math.ceil((state.blockedUntil - now) / 1e3);
@@ -58,7 +103,8 @@ export function recordFailedLoginAttempt(event) {
   const { maxAttempts, windowMs, blockMs } = getRateLimitSettings(event);
   const clientId = getClientId(event);
   const now = Date.now();
-  const state = getState(clientId);
+  maybeSweep(now);
+  const state = getState(clientId, now);
   clearStaleAttempts(state, now, windowMs);
   state.failedAt.push(now);
   if (state.failedAt.length >= maxAttempts) {
@@ -67,6 +113,8 @@ export function recordFailedLoginAttempt(event) {
   }
 }
 export function clearFailedLoginAttempts(event) {
+  const now = Date.now();
+  maybeSweep(now);
   const clientId = getClientId(event);
   attempts.delete(clientId);
 }

package/dist/runtime/server/utils/storageUsage.d.ts

@@ -0,0 +1 @@
+export declare function getStorageUsageBytes(): Promise<number>;

package/dist/runtime/server/utils/storageUsage.js

@@ -0,0 +1,44 @@
+import { access } from "node:fs/promises";
+import { resolve } from "node:path";
+import { execFile } from "node:child_process";
+import { promisify } from "node:util";
+const execFileAsync = promisify(execFile);
+const CACHE_TTL_MS = 9e5;
+let cachedBytes = null;
+let inFlight = null;
+export async function getStorageUsageBytes() {
+  const now = Date.now();
+  if (cachedBytes && now - cachedBytes.at < CACHE_TTL_MS) {
+    return cachedBytes.value;
+  }
+  const storageDir = resolve(process.cwd(), ".storage");
+  try {
+    await access(storageDir);
+  } catch {
+    cachedBytes = { value: 0, at: now };
+    return 0;
+  }
+  try {
+    if (!inFlight) {
+      inFlight = (async () => {
+        const { stdout } = await execFileAsync("du", ["-sb", storageDir], {
+          timeout: 15e3,
+          maxBuffer: 1024 * 1024
+        });
+        const bytesString = stdout.trim().split(/\s+/)[0];
+        const bytes2 = Number.parseInt(bytesString || "", 10);
+        if (!Number.isFinite(bytes2) || bytes2 < 0) {
+          throw new Error("Unexpected du output");
+        }
+        return bytes2;
+      })();
+    }
+    const bytes = await inFlight;
+    cachedBytes = { value: bytes, at: Date.now() };
+    return bytes;
+  } catch {
+    throw new Error("Failed to calculate storage usage");
+  } finally {
+    inFlight = null;
+  }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mktcms",
-  "version": "0.3.7",
+  "version": "0.3.9",
   "description": "Simple CMS module for Nuxt",
   "repository": "mktcode/mktcms",
   "license": "MIT",