rajt 0.0.16 → 0.0.18

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "rajt",
   "description": "A serverless bundler layer, fully typed for AWS Lambda (Node.js and LLRT) and Cloudflare Workers.",
-  "version": "0.0.16",
+  "version": "0.0.18",
   "type": "module",
   "main": "dist/index.js",
   "exports": {
@@ -11,15 +11,13 @@
     "./http": "./src/http.ts",
     "./types": "./src/types.ts"
   },
-  "files": [
-    "src"
-  ],
+  "files": ["src"],
   "scripts": {
     "dev": "tsx watch src/dev.ts",
     "local": "bun run --silent build && bun run --silent sam:local",
     "build": "bun run --silent cache:routes && bun run --silent export && bun run --silent clean:temp",
     "build:watch": "chokidar \"../../{actions,configs,models,utils}/**/*.ts\" -c \"bun run --silent build\" --initial",
-    "export": "esbuild --bundle --minify --outfile=../../dist/index.js --platform=node --target=node20 --format=esm --tree-shaking=true --legal-comments=none src/prod.ts",
+    "export": "esbuild --bundle --minify --outfile=../../dist/index.js --platform=node --target=node20 --format=esm --tree-shaking=true --legal-comments=none --external:@aws-sdk --external:@smithy src/prod.ts",
     "package": "bun run --silent build && bun run --silent sam:package",
     "deploy": "bun run --silent build && bun run --silent sam:package && bun run --silent sam:deploy",
     "update": "bun run --silent build && bun run --silent zip && bun run --silent sam:update",
@@ -36,13 +34,13 @@
     "start": "node ../../dist/index.js"
   },
   "dependencies": {
-    "@aws-lite/client": "^0.23.2",
-    "@aws-lite/dynamodb": "^0.3.9",
-    "@aws-lite/dynamodb-types": "^0.3.11",
+    "@aws-sdk/client-dynamodb": "3.817.0",
+    "@aws-sdk/lib-dynamodb": "3.817.0",
     "@hono/node-server": "^1.14.1",
     "@hono/zod-validator": "^0.4.3",
     "@types/node": "^20.11.0",
     "chokidar-cli": "^3.0.0",
+    "cripta": "^0.1.6",
     "dotenv": "^16.5.0",
     "esbuild": "^0.25.2",
     "hono": "^4.7.6",
@@ -51,10 +49,14 @@
     "tsx": "^4.19.3",
     "typescript": "^5.8.3"
   },
+  "resolutions": {
+    "@smithy/types": "^4.3.0"
+  },
   "publishConfig": {
     "registry": "https://registry.npmjs.org"
   },
   "author": "Zunq <open-source@zunq.com>",
+  "license": "MIT",
   "homepage": "https://zunq.dev",
   "repository": "git://github.com/attla/rajt",
   "bugs": "https://github.com/attla/rajt/issues",

package/src/action.ts

@@ -2,7 +2,6 @@ import { Context, Handler, HonoRequest, MiddlewareHandler, Next, ValidationTarge
 import { z, ZodObject, ZodRawShape } from 'zod'
 import { zValidator } from '@hono/zod-validator'
 // import { JSONValue } from 'hono/utils/types'
-import json from './response'
 import JsonResponse from './response'
 import { bufferToFormData } from 'hono/utils/buffer'
 import { HTTPException } from 'hono/http-exception'
@@ -26,7 +25,7 @@ export default abstract class Action {
   rule<T extends keyof ValidationTargets>(target: T): { schema: (schema: ZodObject<any>) => RuleDefinition }
   rule<T extends keyof ValidationTargets>(target: T, schema: ZodObject<any>): RuleDefinition
 
-  public rule<T extends keyof ValidationTargets>(target: T, schema?: ZodObject<any>):
+  rule<T extends keyof ValidationTargets>(target: T, schema?: ZodObject<any>):
     | { schema: (schema: ZodObject<any>) => RuleDefinition }
     | RuleDefinition
   {
@@ -47,15 +46,15 @@ export default abstract class Action {
     }
   }
 
-  public param(key: string) {
+  param(key: string) {
     return this.context.req.param(key)
   }
 
-  public query() {
+  query() {
     return this.context.req.query()
   }
 
-  public async form(cType?: string) {
+  async form(cType?: string) {
     cType ??= this.context.req.header('Content-Type')
     if (!cType) return {}
 
@@ -92,7 +91,7 @@ export default abstract class Action {
     return form
   }
 
-  public async json<E>() {
+  async json<E>() {
     try {
       return await this.context.req.json<E>()
     } catch {
@@ -100,7 +99,7 @@ export default abstract class Action {
     }
   }
 
-  public async body<E>() {
+  async body<E>() {
     const cType = this.context.req.header('Content-Type')
     if (!cType) return {}
 
@@ -118,11 +117,11 @@ export default abstract class Action {
     return {}
   }
 
-  public get response() {
+  get response() {
     return this.context ? JsonResponse.setContext(this.context) : JsonResponse
   }
 
-  public validate() {
+  validate() {
     const rules = this.rules()
     const h = async (c: Context) => {
       this.context = c
@@ -134,7 +133,7 @@ export default abstract class Action {
       .map(rule => zValidator(rule.target, rule.schema, (result, c) => {
         if (!result.success) {
           // @ts-ignore
-          return json.badRequest({ ...result.error.flatten()[rule.eTarget] })
+          return JsonResponse.badRequest({ ...result.error.flatten()[rule.eTarget] })
         }
       }))
 
@@ -143,7 +142,26 @@ export default abstract class Action {
     return rulesArray
   }
 
-  public run() {
+  get auth() {
+    const auth = this.context.get('#auth')
+    return auth ? auth?.data : null
+  }
+
+  can(...abilities: string[]): boolean {
+    const auth = this.context.get('#auth')
+    return auth ? auth.can(...abilities) : false
+  }
+
+  cant(...abilities: string[]): boolean {
+    return !this.can(...abilities)
+  }
+
+  hasRole(...roles: string[]): boolean {
+    const auth = this.context.get('#auth')
+    return auth ? auth.hasRole(...roles) : false
+  }
+
+  run() {
     return this.validate()
   }
 

package/src/auth/ability.ts

@@ -0,0 +1,51 @@
+import { Routes } from '../types'
+import { Roles, Abilities } from './types'
+
+export class Ability {
+  static #roles: Roles = {}
+  static #abilities: Abilities = []
+
+  static empty() {
+    this.#roles = {}
+    this.#abilities = []
+  }
+
+  static fromRoutes(actions: Routes) {
+    if (!actions?.length) return
+
+    const paths = actions?.map(a => Array.isArray(a) ? a[1] : a.path) ?? []
+    const items = new Set(paths)
+
+    if (items.size !== actions.length)
+      throw new Error(`Duplicate routes detected: "${paths.filter((path, index) => paths.indexOf(path) !== index).join('", "')}"`)
+
+    this.#abilities = Array.from(items).map(a => this.format(a)).filter(Boolean)
+  }
+
+  static fromAction(target: any): string | null {
+    return !target || !target?.p ? null : this.format(target.p)
+  }
+
+  static format(path: string) {
+    return path.normalize('NFD')
+      .replace(/[\u0300-\u036f]/g, '')
+      .replace(/^\/*/, '')
+      .replace(/[^a-zA-Z0-9/]|[\s_.]/g, '-')
+      .replace(/([a-z])([A-Z])/g, '$1-$2')
+      .replace(/\//g, '.')
+      .replace(/-+/g, '-')
+      .toLowerCase()
+  }
+
+  static get abilities() {
+    return this.#abilities
+  }
+
+  static get roles() {
+    return this.#roles
+  }
+
+  static set roles(roles: Roles) {
+    this.#roles = roles
+  }
+}

package/src/auth/auth.ts

@@ -0,0 +1,72 @@
+import { Ability } from './ability'
+
+type Authenticatable = {
+  role?: string,
+  roles?: string[],
+  perms?: string[],
+}
+
+export class Authnz<T extends object> {
+  #abilities: string[]
+  #roles: string[]
+  #data: T
+
+  constructor(data: T, abilities: string[], roles: string[]) {
+    this.#abilities = abilities
+    this.#roles = roles
+    this.#data = data
+  }
+
+  can(...abilities: string[]): boolean {
+    if (this.#abilities.includes('*')) return true
+
+    return abilities.flat().every(ability => {
+      if (this.#roles.includes(ability)) return true
+      return this.#abilities.some(rule => this.#match(rule, ability))
+    })
+  }
+  cant(...abilities: string[]): boolean {
+    return !this.can(...abilities)
+  }
+
+  hasRole(...roles: string[]): boolean {
+    return roles.flat().every(role => this.#roles.includes(role))
+  }
+
+  static fromToken<T extends object>(user: any): Authnz<T> | null {
+    if (!user || user?.isInvalid()) return null
+    user = user.get()
+    const roles = [...(user?.role ? [user.role] : []), ...(user?.roles ?? [])]
+
+    const combined = [...(user?.perms ?? []), ...roles.flatMap(role => {
+      const perms = Ability.roles[role]
+      if (!perms) return []
+      return perms === '*' ? ['*'] : perms;
+    })]
+
+    const abilities = combined.includes('*') ? ['*'] : Array.from(new Set(combined))
+
+    return new Authnz(user as T, abilities, roles)
+  }
+
+  #match(rule: string, ability: string): boolean {
+    if (rule === ability) return true
+    if (rule.endsWith('.*')) {
+      const prefix = rule.slice(0, -2)
+      return ability.startsWith(`${prefix}.`) || ability === prefix
+    }
+    return false
+  }
+
+  get abilities() {
+    return this.#abilities
+  }
+
+  get roles() {
+    return this.#roles
+  }
+
+  get data() {
+    return this.#data
+  }
+}

package/src/auth/index.ts

@@ -0,0 +1,5 @@
+export { Ability } from './ability'
+export { Authnz } from './auth'
+export { Token } from './token'
+
+export * from './types'

package/src/auth/token.ts

@@ -0,0 +1,80 @@
+import { Envir } from 't0n'
+import { Token as Factory } from 'cripta'
+import type { Context, HonoRequest, Next } from 'hono'
+
+export class Token {
+  static #name: string = 'Authorization'
+  static #prefix: string = 'bearer'
+
+  static fromRequest(c: Context) {
+    // const token = this.fromHeader(c.req)
+    // Mock user
+    const token = this.create(c.req, {
+      name: 'Nicolau',
+      email: 'nicolau@zunq.com',
+      role: 'user',
+    }).get()
+
+    return token ? this.parse(c.req, token) : null
+  }
+
+  static fromHeader(req: HonoRequest): string | null {
+    const header = req.header(this.#name) || req.header('HTTP_AUTHORIZATION') || req.header('REDIRECT_HTTP_AUTHORIZATION') || null
+
+    if (header) {
+      const position = header.toLowerCase().indexOf(this.#prefix.toLowerCase())
+      if (position !== -1) {
+        let token = header.slice(position + this.#prefix.length).trim()
+        const commaPos = token.indexOf(',')
+        if (commaPos !== -1) token = token.slice(0, commaPos).trim()
+
+        return token
+      }
+    }
+
+    return null
+  }
+
+  static parse(req: HonoRequest, token: string) {
+    const host = this.host(Envir.get('FLOW_SERVER') || req.header('host') || '')
+
+    return Factory.parse(token)
+      .issuedBy(host)
+      .permittedFor(host)
+  }
+
+  static create(req: HonoRequest, user: any, exp: number = 7200) {
+    const time = Math.floor(Date.now() / 1000)
+    const host = this.host(req.header('host') || '')
+
+    return Factory.create()
+      .issuedBy(host)
+      .permittedFor(host)
+      .issuedAt(time)
+      .expiresAt(time + exp)
+      .body(user)
+  }
+
+  static setPrefix(prefix: string): void {
+    this.#prefix = prefix
+  }
+
+  static setName(name: string): void {
+    this.#name = name
+  }
+
+  static host(url: string | null | undefined): string {
+    if (!url) return ''
+
+    let formattedUrl = String(url)
+    if (!formattedUrl.startsWith('http'))
+      formattedUrl = 'http://' + formattedUrl
+
+    try {
+      const parsedUrl = new URL(formattedUrl)
+      return parsedUrl.host
+    } catch (e) {
+      return ''
+    }
+  }
+}

package/src/auth/types.ts

@@ -0,0 +1,2 @@
+export type Roles = Record<string, string[] | '*'>
+export type Abilities = string[]

package/src/create-app.ts

@@ -1,15 +1,15 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 import { Hono } from 'hono'
 import type { Env, Context, ErrorHandler, NotFoundHandler, Next } from 'hono'
-// import type { Env, Context, ErrorHandler, MiddlewareHandler, NotFoundHandler, Next } from 'hono'
+// import type { MiddlewareHandler } from 'hono'
 // import { createMiddleware } from 'hono/factory'
 // import type { H, Handler, HandlerResponse } from 'hono/types'
 import { HTTPResponseError } from 'hono/types'
 import { Routes } from './types'
 import { BadRequest, Unauthorized } from './exceptions'
 import response from './response'
-import resolve from './utils/resolve'
-import { getHandler } from './register'
+import { resolve, resolveMiddleware } from './utils/resolve'
+import { getGlobalMiddlewares, getHandler } from './register'
 import env from './utils/environment'
 
 type InitFunction<E extends Env = Env> = (app: Hono<E>) => void
@@ -90,8 +90,14 @@ export const createApp = <E extends Env>(options?: ServerOptions<E>) => {
       response.setContext(c)
       await next()
     },
+    ...getGlobalMiddlewares()
   ]
-  middlewares.forEach(middleware => app.use(middleware))
+  middlewares.forEach(mw => {
+    // @ts-ignore
+    const h = resolveMiddleware(mw)
+    // @ts-ignore
+    mw?.p ? app.use(String(mw.p), h) : app.use(h)
+  })
 
   app.onError(options?.onError || EHandler)
   app.notFound(options?.notFound || NFHandler)

package/src/dev.ts

@@ -2,18 +2,23 @@ import { config } from 'dotenv'
 import { serve } from '@hono/node-server'
 import createApp from './create-app'
 import getRoutes from './routes'
+import { Ability } from './auth'
 import { getAvailablePort } from './utils/port'
+import jsonImport from './utils/json-import'
 
 config({ path: '../../.env.dev' })
 
 const routes = await getRoutes()
+Ability.fromRoutes(routes)
+Ability.roles = jsonImport('../../../../.rolefile')
+
 const fetch = createApp({ routes }).fetch
 
 const desiredPort = process.env?.PORT ? Number(process.env.PORT) : 3000
 getAvailablePort(desiredPort)
   .then(port => {
     if (port != desiredPort)
-      console.log(`🟨 Port ${desiredPort} was in use, using ${port} as a fallback`)
+      console.warn(`🟨 Port ${desiredPort} was in use, using ${port} as a fallback`)
 
     console.log(`🚀 API running on http://localhost:${port}`)
     serve({ fetch, port })

package/src/dynamodb/client.ts

@@ -1,17 +1,20 @@
-import awsLite from '@aws-lite/client'
-import dynamodbLite from '@aws-lite/dynamodb'
+import { DynamoDBClient } from '@aws-sdk/client-dynamodb'
+import { DynamoDBDocumentClient } from '@aws-sdk/lib-dynamodb'
 import AbstractModel from './model'
 
-export const aws = await awsLite({
-  plugins: [dynamodbLite],
-  // https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-lib-dynamodb/#configuration
-  // @ts-ignore
-  awsjsonMarshall: {convertClassInstanceToMap: true},
-  awsjsonUnmarshall: {convertClassInstanceToMap: true}
-})
+const client = new DynamoDBClient(process.env?.AWS_SAM_LOCAL ? {
+  region: process.env.AWS_REGION || "us-east-1",
+  endpoint: process.env.AWS_ENDPOINT_URL || undefined,
+  credentials: {
+    accessKeyId: process.env.AWS_ACCESS_KEY_ID || "DUMMYIDEXAMPLE",
+    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY || "DUMMYEXAMPLEKEY",
+  },
+} : {})
+
+export const ddb = DynamoDBDocumentClient.from(client)
 
 export class Dynamodb {
   static model<T extends object>(cls: new (...args: any[]) => T) {
-    return new AbstractModel<T>(cls, aws.DynamoDB)
+    return new AbstractModel<T>(cls, ddb)
   }
 }

package/src/dynamodb/compact.ts

@@ -2,7 +2,7 @@ import type { SchemaStructure } from './types'
 import getLength from '../utils/lenght'
 
 export default class Compact {
-  private static typeMap: Record<string, string> = {
+  static #typeMap: Record<string, string> = {
     // Null
     'null,': 'N,',
     ',null': ',N',
@@ -33,7 +33,7 @@ export default class Compact {
         .replace(/'/g, '"')
         .replace(/~TDQ~/g, "'")
         .replace(/\\'/g, "^'"),
-      this.typeMap
+      this.#typeMap
     )
   }
 
@@ -49,7 +49,7 @@ export default class Compact {
   static decode<T = any>(val: string, schema: SchemaStructure): T {
     if (!val) return val as T
 
-    val = this.replaceTypes(val, this.reverseMap(this.typeMap))
+    val = this.replaceTypes(val, this.reverseMap(this.#typeMap))
       .replace(/"/g, '~TSQ~')
       .replace(/'/g, '"')
       .replace(/~TSQ~/g, "'")