request-scope-api 1.0.0

package/dist/esm/config.js

@@ -0,0 +1,117 @@
+/**
+ * RequestScope — Configuration validation, defaults, and sensitive-field set.
+ *
+ * All validation errors are thrown synchronously so that `requestscope()` fails
+ * fast at startup before any middleware is registered.
+ */
+// ---------------------------------------------------------------------------
+// Constants
+// ---------------------------------------------------------------------------
+const SUPPORTED_STORAGE_TYPES = ['mongodb', 'mysql', 'postgresql'];
+const SQL_REQUIRED_FIELDS = [
+    'host',
+    'database',
+    'username',
+    'password',
+];
+/** Built-in sensitive field names (all compared case-insensitively). */
+const DEFAULT_SENSITIVE_FIELDS = [
+    'password',
+    'token',
+    'authorization',
+    'apiKey',
+    'secret',
+];
+// ---------------------------------------------------------------------------
+// applyDefaults
+// ---------------------------------------------------------------------------
+/**
+ * Fills in missing optional fields with their documented default values.
+ * Mutates the config object in place and returns it for chaining.
+ *
+ * Defaults applied:
+ *   retentionDays  → 30
+ *   ignore         → []
+ *   maskFields     → []
+ *   storage.poolSize → 5
+ *   storage.ssl    → false
+ */
+export function applyDefaults(config) {
+    if (config.retentionDays === undefined) {
+        config.retentionDays = 30;
+    }
+    if (config.ignore === undefined) {
+        config.ignore = ['/requestscope/api', '/requestscope/assets'];
+    }
+    if (config.maskFields === undefined) {
+        config.maskFields = [];
+    }
+    if (config.storage.poolSize === undefined) {
+        config.storage.poolSize = 5;
+    }
+    if (config.storage.ssl === undefined) {
+        config.storage.ssl = false;
+    }
+    return config;
+}
+// ---------------------------------------------------------------------------
+// validateConfig
+// ---------------------------------------------------------------------------
+/**
+ * Validates the configuration object and throws a synchronous `Error` for
+ * any invalid value.
+ *
+ * Checks (in order):
+ *   1. `storage.type` must be one of the supported values.
+ *   2. MongoDB requires `storage.uri`.
+ *   3. MySQL / PostgreSQL require `host`, `database`, `username`, `password`.
+ *   4. `retentionDays` (when provided) must be a positive integer in [1, 365].
+ */
+export function validateConfig(config) {
+    const { storage, retentionDays } = config;
+    // 1. Validate storage.type
+    if (!SUPPORTED_STORAGE_TYPES.includes(storage.type)) {
+        throw new Error(`Invalid storage type: '${storage.type}'. Supported values are: mongodb, mysql, postgresql`);
+    }
+    // 2. MongoDB: uri is required
+    if (storage.type === 'mongodb') {
+        if (!storage.uri) {
+            throw new Error("storage.uri is required when storage.type is 'mongodb'");
+        }
+    }
+    // 3. MySQL / PostgreSQL: all SQL required fields must be present
+    if (storage.type === 'mysql' || storage.type === 'postgresql') {
+        const missing = SQL_REQUIRED_FIELDS.filter((field) => storage[field] === undefined || storage[field] === null);
+        if (missing.length > 0) {
+            throw new Error(`Missing required storage fields: ${missing.join(', ')}`);
+        }
+    }
+    // 4. retentionDays: must be a positive integer in [1, 365] when provided
+    if (retentionDays !== undefined) {
+        const isValidInteger = typeof retentionDays === 'number' &&
+            Number.isInteger(retentionDays) &&
+            retentionDays >= 1 &&
+            retentionDays <= 365;
+        if (!isValidInteger) {
+            throw new Error(`retentionDays must be a positive integer between 1 and 365, received: ${retentionDays}`);
+        }
+    }
+}
+// ---------------------------------------------------------------------------
+// buildSensitiveFieldSet
+// ---------------------------------------------------------------------------
+/**
+ * Constructs the `Set<string>` of sensitive field names by forming the union
+ * of the built-in defaults and any user-supplied `maskFields`.
+ *
+ * All names are lowercased so that lookups from `maskObject()` can compare
+ * case-insensitively by lowercasing the inspected key.
+ */
+export function buildSensitiveFieldSet(config) {
+    const names = [
+        ...DEFAULT_SENSITIVE_FIELDS,
+        ...(config.maskFields ?? []),
+    ];
+    return new Set(names.map((n) => n.toLowerCase()));
+}
+//# sourceMappingURL=config.js.map

package/dist/esm/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,8EAA8E;AAC9E,YAAY;AACZ,8EAA8E;AAE9E,MAAM,uBAAuB,GAAG,CAAC,SAAS,EAAE,OAAO,EAAE,YAAY,CAAU,CAAC;AAC5E,MAAM,mBAAmB,GAAuC;IAC9D,MAAM;IACN,UAAU;IACV,UAAU;IACV,UAAU;CACX,CAAC;AAEF,wEAAwE;AACxE,MAAM,wBAAwB,GAA0B;IACtD,UAAU;IACV,OAAO;IACP,eAAe;IACf,QAAQ;IACR,QAAQ;CACT,CAAC;AAEF,8EAA8E;AAC9E,gBAAgB;AAChB,8EAA8E;AAE9E;;;;;;;;;;GAUG;AACH,MAAM,UAAU,aAAa,CAAC,MAA0B;IACtD,IAAI,MAAM,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;QACvC,MAAM,CAAC,aAAa,GAAG,EAAE,CAAC;IAC5B,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QAChC,MAAM,CAAC,MAAM,GAAG,CAAC,mBAAmB,EAAE,sBAAsB,CAAC,CAAC;IAChE,CAAC;IAED,IAAI,MAAM,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACpC,MAAM,CAAC,UAAU,GAAG,EAAE,CAAC;IACzB,CAAC;IAED,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC1C,MAAM,CAAC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IAC9B,CAAC;IAED,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;QACrC,MAAM,CAAC,OAAO,CAAC,GAAG,GAAG,KAAK,CAAC;IAC7B,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,8EAA8E;AAC9E,iBAAiB;AACjB,8EAA8E;AAE9E;;;;;;;;;GASG;AACH,MAAM,UAAU,cAAc,CAAC,MAA0B;IACvD,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,MAAM,CAAC;IAE1C,2BAA2B;IAC3B,IAAI,CAAC,uBAAuB,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAgD,CAAC,EAAE,CAAC;QAChG,MAAM,IAAI,KAAK,CACb,0BAA0B,OAAO,CAAC,IAAI,qDAAqD,CAC5F,CAAC;IACJ,CAAC;IAED,8BAA8B;IAC9B,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC/B,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IAED,iEAAiE;IACjE,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,IAAI,OAAO,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QAC9D,MAAM,OAAO,GAAG,mBAAmB,CAAC,MAAM,CACxC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,SAAS,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,IAAI,CACnE,CAAC;QAEF,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IAED,yEAAyE;IACzE,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;QAChC,MAAM,cAAc,GAClB,OAAO,aAAa,KAAK,QAAQ;YACjC,MAAM,CAAC,SAAS,CAAC,aAAa,CAAC;YAC/B,aAAa,IAAI,CAAC;YAClB,aAAa,IAAI,GAAG,CAAC;QAEvB,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CACb,yEAAyE,aAAa,EAAE,CACzF,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,yBAAyB;AACzB,8EAA8E;AAE9E;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAA0B;IAC/D,MAAM,KAAK,GAAa;QACtB,GAAG,wBAAwB;QAC3B,GAAG,CAAC,MAAM,CAAC,UAAU,IAAI,EAAE,CAAC;KAC7B,CAAC;IACF,OAAO,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;AACpD,CAAC"}

package/dist/esm/dashboard/api.js

@@ -0,0 +1,168 @@
+/**
+ * RequestScope — Dashboard API handlers.
+ *
+ * Provides Express route handlers for the dashboard:
+ *   - GET /api/records — List records with filtering, sorting, and pagination
+ *   - GET /api/records/:id — Get a single record by ID
+ *
+ * Requirements: 9.1, 9.2, 9.3, 9.4, 9.5, 9.6
+ */
+// ---------------------------------------------------------------------------
+// Helper functions
+// ---------------------------------------------------------------------------
+/**
+ * Parses a query parameter as an integer with a default value.
+ */
+function parseIntParam(value, defaultValue, min = 1) {
+    if (value === undefined) {
+        return defaultValue;
+    }
+    const parsed = parseInt(value, 10);
+    if (isNaN(parsed) || parsed < min) {
+        return defaultValue;
+    }
+    return parsed;
+}
+/**
+ * Validates that a value is one of the allowed options.
+ */
+function validateOption(value, allowed, defaultValue) {
+    if (value === undefined) {
+        return defaultValue;
+    }
+    return allowed.includes(value) ? value : defaultValue;
+}
+// ---------------------------------------------------------------------------
+// Route handlers
+// ---------------------------------------------------------------------------
+/**
+ * GET /api/records handler.
+ *
+ * Query parameters:
+ *   - search: string (optional) — case-insensitive substring match on url
+ *   - startDate: string (optional) — ISO 8601 timestamp, inclusive lower bound
+ *   - endDate: string (optional) — ISO 8601 timestamp, inclusive upper bound
+ *   - statusCodeGroup: string (optional) — '2xx', '3xx', '4xx', or '5xx'
+ *   - statusCode: number (optional) — exact status code match
+ *   - method: string (optional) — exact HTTP method match (case-insensitive)
+ *   - sortBy: string (optional) — 'timestamp', 'responseTime', or 'statusCode'
+ *   - sortOrder: string (optional) — 'asc' or 'desc'
+ *   - page: number (optional) — page number, default 1
+ *   - pageSize: number (optional) — page size, default 25
+ *
+ * Returns:
+ *   - 200 with { records: RequestRecord[], total: number }
+ *   - 400 for malformed query parameters
+ */
+export async function getRecords(req, res) {
+    try {
+        const adapter = req.app.get('requestscopeAdapter');
+        if (!adapter) {
+            res.status(500).json({ error: 'Storage adapter not configured' });
+            return;
+        }
+        // Parse and validate query parameters
+        const page = parseIntParam(req.query.page, 1);
+        const pageSize = parseIntParam(req.query.pageSize, 25);
+        const sortBy = validateOption(req.query.sortBy, ['timestamp', 'responseTime', 'statusCode'], 'timestamp');
+        const sortOrder = validateOption(req.query.sortOrder, ['asc', 'desc'], 'desc');
+        // Build QueryFilters
+        const filters = {
+            search: req.query.search,
+            startDate: req.query.startDate,
+            endDate: req.query.endDate,
+            statusCodeGroup: (() => {
+                const value = req.query.statusCodeGroup;
+                if (!value)
+                    return undefined;
+                if (['2xx', '3xx', '4xx', '5xx'].includes(value)) {
+                    return value;
+                }
+                return undefined;
+            })(),
+            statusCode: req.query.statusCode
+                ? parseIntParam(req.query.statusCode, 0)
+                : undefined,
+            method: req.query.method,
+            sortBy,
+            sortOrder,
+            page,
+            pageSize,
+        };
+        // Query the adapter
+        const result = await adapter.query(filters, { page, pageSize });
+        res.status(200).json(result);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        res.status(400).json({ error: message });
+    }
+}
+/**
+ * GET /api/records/:id handler.
+ *
+ * Returns:
+ *   - 200 with the RequestRecord
+ *   - 404 if the record is not found
+ *   - 400 for malformed ID
+ */
+export async function getRecordById(req, res) {
+    try {
+        const adapter = req.app.get('requestscopeAdapter');
+        if (!adapter) {
+            res.status(500).json({ error: 'Storage adapter not configured' });
+            return;
+        }
+        const id = req.params.id;
+        if (!id) {
+            res.status(400).json({ error: 'Record ID is required' });
+            return;
+        }
+        // Query for the specific record using id filter
+        const filters = {
+            id,
+            page: 1,
+            pageSize: 1,
+        };
+        const result = await adapter.query(filters, { page: 1, pageSize: 1 });
+        const record = result.records[0];
+        if (!record) {
+            res.status(404).json({ error: 'Record not found' });
+            return;
+        }
+        res.status(200).json(record);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        res.status(400).json({ error: message });
+    }
+}
+/**
+ * DELETE /api/records handler.
+ *
+ * Deletes all records from the database.
+ *
+ * Returns:
+ *   - 200 with { deleted: number }
+ *   - 500 for server errors
+ */
+export async function deleteAllRecords(req, res) {
+    try {
+        const adapter = req.app.get('requestscopeAdapter');
+        if (!adapter) {
+            res.status(500).json({ error: 'Storage adapter not configured' });
+            return;
+        }
+        // Query to get total count before deletion
+        const allRecords = await adapter.query({ page: 1, pageSize: 1000000 }, { page: 1, pageSize: 1000000 });
+        const totalToDelete = allRecords.total;
+        // Delete all records by setting retention to a future date
+        await adapter.deleteOlderThan(new Date(Date.now() + 86400000));
+        res.status(200).json({ deleted: totalToDelete });
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        res.status(500).json({ error: message });
+    }
+}
+//# sourceMappingURL=api.js.map

package/dist/esm/dashboard/api.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.js","sourceRoot":"","sources":["../../../src/dashboard/api.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E;;GAEG;AACH,SAAS,aAAa,CACpB,KAAyB,EACzB,YAAoB,EACpB,MAAc,CAAC;IAEf,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACxB,OAAO,YAAY,CAAC;IACtB,CAAC;IACD,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACnC,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,GAAG,EAAE,CAAC;QAClC,OAAO,YAAY,CAAC;IACtB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CACrB,KAAyB,EACzB,OAAqB,EACrB,YAAe;IAEf,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACxB,OAAO,YAAY,CAAC;IACtB,CAAC;IACD,OAAQ,OAA6B,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAE,KAAW,CAAC,CAAC,CAAC,YAAY,CAAC;AACtF,CAAC;AAED,8EAA8E;AAC9E,iBAAiB;AACjB,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,GAAY,EAAE,GAAa;IAC1D,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,qBAAqB,CAAmB,CAAC;QACrE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gCAAgC,EAAE,CAAC,CAAC;YAClE,OAAO;QACT,CAAC;QAED,sCAAsC;QACtC,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,IAAc,EAAE,CAAC,CAAC,CAAC;QACxD,MAAM,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,QAAkB,EAAE,EAAE,CAAC,CAAC;QACjE,MAAM,MAAM,GAAG,cAAc,CAC3B,GAAG,CAAC,KAAK,CAAC,MAAgB,EAC1B,CAAC,WAAW,EAAE,cAAc,EAAE,YAAY,CAAU,EACpD,WAAW,CACZ,CAAC;QACF,MAAM,SAAS,GAAG,cAAc,CAC9B,GAAG,CAAC,KAAK,CAAC,SAAmB,EAC7B,CAAC,KAAK,EAAE,MAAM,CAAU,EACxB,MAAM,CACP,CAAC;QAEF,qBAAqB;QACrB,MAAM,OAAO,GAAiB;YAC5B,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,MAA4B;YAC9C,SAAS,EAAE,GAAG,CAAC,KAAK,CAAC,SAA+B;YACpD,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,OAA6B;YAChD,eAAe,EAAE,CAAC,GAA8C,EAAE;gBAChE,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,eAAqC,CAAC;gBAC9D,IAAI,CAAC,KAAK;oBAAE,OAAO,SAAS,CAAC;gBAC7B,IAAI,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;oBACjD,OAAO,KAAsC,CAAC;gBAChD,CAAC;gBACD,OAAO,SAAS,CAAC;YACnB,CAAC,CAAC,EAAE;YACJ,UAAU,EAAE,GAAG,CAAC,KAAK,CAAC,UAAU;gBAC9B,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,UAAoB,EAAE,CAAC,CAAC;gBAClD,CAAC,CAAC,SAAS;YACb,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,MAA4B;YAC9C,MAAM;YACN,SAAS;YACT,IAAI;YACJ,QAAQ;SACT,CAAC;QAEF,oBAAoB;QACpB,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;QAEhE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC/B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,GAAY,EAAE,GAAa;IAC7D,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,qBAAqB,CAAmB,CAAC;QACrE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gCAAgC,EAAE,CAAC,CAAC;YAClE,OAAO;QACT,CAAC;QAED,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACzB,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,CAAC;YACzD,OAAO;QACT,CAAC;QAED,gDAAgD;QAChD,MAAM,OAAO,GAAiB;YAC5B,EAAE;YACF,IAAI,EAAE,CAAC;YACP,QAAQ,EAAE,CAAC;SACZ,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC,CAAC;QACtE,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QAEjC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC,CAAC;YACpD,OAAO;QACT,CAAC;QAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC/B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,GAAY,EAAE,GAAa;IAChE,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,qBAAqB,CAAmB,CAAC;QACrE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gCAAgC,EAAE,CAAC,CAAC;YAClE,OAAO;QACT,CAAC;QAED,2CAA2C;QAC3C,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QACvG,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC;QAEvC,2DAA2D;QAC3D,MAAM,OAAO,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC;QAE/D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,CAAC;IACnD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC"}

package/dist/esm/dashboard/router.js

@@ -0,0 +1,90 @@
+/**
+ * RequestScope — Dashboard router.
+ *
+ * Provides an Express router with:
+ *   - Optional BasicAuth middleware
+ *   - API routes for querying records
+ *   - Static file serving for the React SPA
+ *   - SPA fallback for client-side routing
+ *
+ * Requirements: 8.1, 8.2, 8.3, 8.4
+ */
+import { Router, static as expressStatic } from 'express';
+import path from 'path';
+import { getRecords, getRecordById, deleteAllRecords } from './api';
+// ---------------------------------------------------------------------------
+// BasicAuth middleware
+// ---------------------------------------------------------------------------
+/**
+ * Creates a BasicAuth middleware if auth config is provided.
+ *
+ * Checks the Authorization header for Basic auth credentials.
+ * If credentials are missing or don't match, responds with 401 and
+ * WWW-Authenticate header.
+ */
+function createBasicAuthMiddleware(auth) {
+    if (!auth) {
+        return (_req, _res, next) => next();
+    }
+    const { username, password } = auth;
+    const expectedAuth = `Basic ${Buffer.from(`${username}:${password}`).toString('base64')}`;
+    return (req, res, next) => {
+        const authHeader = req.headers.authorization;
+        if (!authHeader || authHeader !== expectedAuth) {
+            res.setHeader('WWW-Authenticate', 'Basic realm="RequestScope"');
+            res.status(401).json({ error: 'Unauthorized' });
+            return;
+        }
+        next();
+    };
+}
+// ---------------------------------------------------------------------------
+// Dashboard router factory
+// ---------------------------------------------------------------------------
+/**
+ * Creates and returns an Express router for the RequestScope dashboard.
+ *
+ * The router includes:
+ *   - BasicAuth middleware (if auth config is provided)
+ *   - GET /api/records — List records with filtering and pagination
+ *   - GET /api/records/:id — Get a single record by ID
+ *   - Static file serving for the React SPA
+ *   - SPA fallback for client-side routing
+ *
+ * @param config - Optional dashboard configuration
+ * @param adapter - Storage adapter instance (must be set on the app)
+ * @returns Express Router
+ */
+export function createDashboardRouter(config, adapter) {
+    const router = Router();
+    // Install BasicAuth middleware if auth config is present
+    const authMiddleware = createBasicAuthMiddleware(config?.auth);
+    router.use(authMiddleware);
+    // Set the adapter on the app for API handlers to access
+    router.use((req, res, next) => {
+        if (adapter) {
+            req.app.set('requestscopeAdapter', adapter);
+        }
+        next();
+    });
+    // Mount API routes
+    router.get('/api/records', getRecords);
+    router.get('/api/records/:id', getRecordById);
+    router.delete('/api/records', deleteAllRecords);
+    // Serve static files from the dashboard bundle
+    // The dashboard is built to dist/dashboard
+    // Resolve from project root regardless of where this file is
+    const dashboardPath = path.resolve(process.cwd(), 'dist/dashboard');
+    // Serve static files from the built dashboard
+    router.use(expressStatic(dashboardPath));
+    // Explicitly serve index.html for the root path
+    router.get('/', (req, res) => {
+        res.sendFile(path.join(dashboardPath, 'index.html'));
+    });
+    // SPA fallback for client-side routing (must be after static files)
+    router.get('*', (req, res) => {
+        res.sendFile(path.join(dashboardPath, 'index.html'));
+    });
+    return router;
+}
+//# sourceMappingURL=router.js.map

package/dist/esm/dashboard/router.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"router.js","sourceRoot":"","sources":["../../../src/dashboard/router.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,MAAM,EAAmC,MAAM,IAAI,aAAa,EAAE,MAAM,SAAS,CAAC;AAC3F,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,OAAO,CAAC;AAEpE,8EAA8E;AAC9E,uBAAuB;AACvB,8EAA8E;AAE9E;;;;;;GAMG;AACH,SAAS,yBAAyB,CAAC,IAA6C;IAC9E,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,CAAC,IAAa,EAAE,IAAc,EAAE,IAAkB,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC;IACvE,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;IACpC,MAAM,YAAY,GAAG,SAAS,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,IAAI,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;IAE1F,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QACzD,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAE7C,IAAI,CAAC,UAAU,IAAI,UAAU,KAAK,YAAY,EAAE,CAAC;YAC/C,GAAG,CAAC,SAAS,CAAC,kBAAkB,EAAE,4BAA4B,CAAC,CAAC;YAChE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,2BAA2B;AAC3B,8EAA8E;AAE9E;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,qBAAqB,CACnC,MAAwB,EACxB,OAAwB;IAExB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC;IAExB,yDAAyD;IACzD,MAAM,cAAc,GAAG,yBAAyB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC/D,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAE3B,wDAAwD;IACxD,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC5B,IAAI,OAAO,EAAE,CAAC;YACZ,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,qBAAqB,EAAE,OAAO,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,EAAE,CAAC;IACT,CAAC,CAAC,CAAC;IAEH,mBAAmB;IACnB,MAAM,CAAC,GAAG,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;IACvC,MAAM,CAAC,GAAG,CAAC,kBAAkB,EAAE,aAAa,CAAC,CAAC;IAC9C,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,gBAAgB,CAAC,CAAC;IAEhD,+CAA+C;IAC/C,2CAA2C;IAC3C,6DAA6D;IAC7D,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,gBAAgB,CAAC,CAAC;IAEpE,8CAA8C;IAC9C,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC,CAAC;IAEzC,gDAAgD;IAChD,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;QAC9C,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;IAEH,oEAAoE;IACpE,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;QAC9C,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/esm/index.js

@@ -0,0 +1,50 @@
+/**
+ * RequestScope — Public API entry point.
+ *
+ * Exports:
+ *   - Default export: requestscope(config) middleware factory
+ *   - requestscope.dashboard: dashboard router factory
+ *   - All public TypeScript interfaces
+ *
+ * Requirements: 1.1, 12.1, 12.2, 12.3, 12.4
+ */
+import { requestscope as requestscopeMiddleware, errorHandler, setup } from './middleware';
+import { createDashboardRouter } from './dashboard/router';
+// ---------------------------------------------------------------------------
+// Main middleware factory
+// ---------------------------------------------------------------------------
+/**
+ * Creates and returns an Express middleware that captures HTTP requests.
+ *
+ * @param config - RequestScope configuration object
+ * @returns Express RequestHandler middleware
+ */
+export default requestscopeMiddleware;
+// ---------------------------------------------------------------------------
+// Dashboard router factory
+// ---------------------------------------------------------------------------
+/**
+ * Creates and returns an Express router for the RequestScope dashboard.
+ *
+ * @param config - Optional dashboard configuration
+ * @param adapter - Optional storage adapter instance
+ * @returns Express Router
+ */
+export function dashboard(config, adapter) {
+    return createDashboardRouter(config, adapter);
+}
+// Attach dashboard as a named property on the default export for convenience
+requestscopeMiddleware.dashboard = dashboard;
+// ---------------------------------------------------------------------------
+// Setup function
+// ---------------------------------------------------------------------------
+export { setup };
+// ---------------------------------------------------------------------------
+// Error middleware
+// ---------------------------------------------------------------------------
+export { errorHandler };
+// ---------------------------------------------------------------------------
+// Named exports for convenience
+// ---------------------------------------------------------------------------
+export { requestscope as requestscopeMiddleware } from './middleware';
+//# sourceMappingURL=index.js.map

package/dist/esm/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EAAE,YAAY,IAAI,sBAAsB,EAAE,YAAY,EAAE,KAAK,EAAE,MAAM,cAAc,CAAC;AAC3F,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAW3D,8EAA8E;AAC9E,0BAA0B;AAC1B,8EAA8E;AAE9E;;;;;GAKG;AACH,eAAe,sBAAsB,CAAC;AAEtC,8EAA8E;AAC9E,2BAA2B;AAC3B,8EAA8E;AAE9E;;;;;;GAMG;AACH,MAAM,UAAU,SAAS,CAAC,MAAwB,EAAE,OAAwB;IAC1E,OAAO,qBAAqB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAChD,CAAC;AAED,6EAA6E;AAC5E,sBAA8B,CAAC,SAAS,GAAG,SAAS,CAAC;AAEtD,8EAA8E;AAC9E,iBAAiB;AACjB,8EAA8E;AAE9E,OAAO,EAAE,KAAK,EAAE,CAAC;AAEjB,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E,OAAO,EAAE,YAAY,EAAE,CAAC;AAgBxB,8EAA8E;AAC9E,gCAAgC;AAChC,8EAA8E;AAE9E,OAAO,EAAE,YAAY,IAAI,sBAAsB,EAAE,MAAM,cAAc,CAAC"}

package/dist/esm/masker.js

@@ -0,0 +1,70 @@
+/**
+ * masker.ts — Recursive sensitive field masking
+ *
+ * Provides a pure function that recursively replaces sensitive field values
+ * with "******" at any nesting depth.
+ */
+/**
+ * Checks if a value is a plain object (not an Array, Date, or class instance).
+ *
+ * @param val - The value to check
+ * @returns True if val is a plain object
+ */
+function isPlainObject(val) {
+    if (val === null || typeof val !== 'object') {
+        return false;
+    }
+    // Reject arrays
+    if (Array.isArray(val)) {
+        return false;
+    }
+    // Check if it's a plain object (created by {} or Object.create(null))
+    // using Object.prototype.toString
+    const proto = Object.getPrototypeOf(val);
+    return proto === null || proto === Object.prototype;
+}
+/**
+ * Recursively masks sensitive fields in an object.
+ *
+ * @param obj - The object to mask
+ * @param sensitiveFields - Set of field names to mask (stored in lowercase)
+ * @param depth - Current recursion depth (default: 0)
+ * @returns A new object with sensitive fields replaced by "******"
+ */
+export function maskObject(obj, sensitiveFields, depth = 0) {
+    // Prevent infinite recursion
+    if (depth > 10) {
+        return obj;
+    }
+    const result = {};
+    for (const key in obj) {
+        if (!Object.prototype.hasOwnProperty.call(obj, key)) {
+            continue;
+        }
+        const value = obj[key];
+        // Check if this key is sensitive (case-insensitive comparison)
+        if (sensitiveFields.has(key.toLowerCase())) {
+            result[key] = '******';
+            continue;
+        }
+        // Recurse into plain objects
+        if (isPlainObject(value)) {
+            result[key] = maskObject(value, sensitiveFields, depth + 1);
+            continue;
+        }
+        // Map over arrays: recurse on plain objects, pass primitives through
+        if (Array.isArray(value)) {
+            result[key] = value.map((element) => {
+                if (isPlainObject(element)) {
+                    return maskObject(element, sensitiveFields, depth + 1);
+                }
+                return element;
+            });
+            continue;
+        }
+        // Pass through all other values (primitives, dates, etc.)
+        result[key] = value;
+    }
+    return result;
+}
+//# sourceMappingURL=masker.js.map

package/dist/esm/masker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"masker.js","sourceRoot":"","sources":["../../src/masker.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;;;;GAKG;AACH,SAAS,aAAa,CAAC,GAAY;IACjC,IAAI,GAAG,KAAK,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gBAAgB;IAChB,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,sEAAsE;IACtE,kCAAkC;IAClC,MAAM,KAAK,GAAG,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;IACzC,OAAO,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,MAAM,CAAC,SAAS,CAAC;AACtD,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,UAAU,CACxB,GAA4B,EAC5B,eAA4B,EAC5B,QAAgB,CAAC;IAEjB,6BAA6B;IAC7B,IAAI,KAAK,GAAG,EAAE,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IAED,MAAM,MAAM,GAA4B,EAAE,CAAC;IAE3C,KAAK,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;QACtB,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC;YACpD,SAAS;QACX,CAAC;QAED,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAEvB,+DAA+D;QAC/D,IAAI,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;YAC3C,MAAM,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC;YACvB,SAAS;QACX,CAAC;QAED,6BAA6B;QAC7B,IAAI,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,KAAK,EAAE,eAAe,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;YAC5D,SAAS;QACX,CAAC;QAED,qEAAqE;QACrE,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;gBAClC,IAAI,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC3B,OAAO,UAAU,CAAC,OAAO,EAAE,eAAe,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;gBACzD,CAAC;gBACD,OAAO,OAAO,CAAC;YACjB,CAAC,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QAED,0DAA0D;QAC1D,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;IACtB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}