surrge 0.11.4 → 0.11.6

package/dist/dashboard/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/dashboard/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AA6B5B,KAAK,SAAS,GAAG;IACf,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC;AAEF,eAAO,MAAM,eAAe,GAC1B,UAAU,MAAM,KACf,IAAI,CAAC;IAAE,SAAS,EAAE,SAAS,CAAA;CAAE,CA0c/B,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/dashboard/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AA2C5B,KAAK,SAAS,GAAG;IACf,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC;AAEF,eAAO,MAAM,eAAe,GAC1B,UAAU,MAAM,KACf,IAAI,CAAC;IAAE,SAAS,EAAE,SAAS,CAAA;CAAE,CA8c/B,CAAC"}

package/dist/index.js

@@ -399,7 +399,7 @@ var require_sqlite_error = __commonJS((exports, module) => {
 
 // node_modules/libsql/index.js
 var require_libsql = __commonJS((exports, module) => {
-  var __dirname = "/Users/eduardosasso/moonshot/surrge/node_modules/libsql";
+  var __dirname = "/home/blakbelt78/Work/surrge/node_modules/libsql";
   var { load, currentTarget } = require_dist();
   var { familySync, GLIBC } = require_detect_libc();
   function requireNative() {
@@ -14857,7 +14857,7 @@ var require_cjs5 = __commonJS((exports) => {
 // package.json
 var package_default = {
   name: "surrge",
-  version: "0.11.4",
+  version: "0.11.6",
   description: "One-line observability + analytics for Node.js/Bun",
   type: "module",
   exports: {
@@ -26134,9 +26134,18 @@ Please change the parent <Route path="\${E}"> to <Route path="\${E==="/"?"*":\`\
 
 // src/dashboard/index.ts
 var SESSION_MAX_AGE = 30 * 24 * 60 * 60;
+var decodeBase64URL = (str) => {
+  const padding = "=".repeat((4 - str.length % 4) % 4);
+  const base642 = str.replace(/-/g, "+").replace(/_/g, "/") + padding;
+  return Buffer.from(base642, "base64").toString("utf-8");
+};
 var origin = (c) => {
+  const originHeader = c.req.header("Origin");
+  if (originHeader)
+    return originHeader;
   const url = new URL(c.req.url);
-  return url.origin;
+  const proto = c.req.header("X-Forwarded-Proto") || url.protocol.replace(":", "");
+  return `${proto}://${url.host}`;
 };
 var hostname = (c) => {
   const url = new URL(c.req.url);
@@ -26310,20 +26319,23 @@ var createDashboard = (basePath) => {
     if (!user) {
       return c.json({ error: "Unknown credential" }, 401);
     }
-    const challenge2 = challenges.get(cred.id) || challenges.get(cred.response?.authenticatorData);
-    let foundChallenge;
-    for (const [key, value] of challenges.entries()) {
-      if (key === value) {
-        foundChallenge = value;
-        challenges.delete(key);
-        break;
-      }
+    let expectedChallenge;
+    if (cred.response?.clientDataJSON) {
+      try {
+        const clientDataStr = decodeBase64URL(cred.response.clientDataJSON);
+        const clientData = JSON.parse(clientDataStr);
+        expectedChallenge = clientData.challenge;
+      } catch {}
     }
-    if (!challenge2 && !foundChallenge) {
+    const challenge2 = expectedChallenge && challenges.get(expectedChallenge);
+    if (!challenge2) {
       return c.json({ error: "Challenge expired" }, 400);
     }
+    if (expectedChallenge) {
+      challenges.delete(expectedChallenge);
+    }
     try {
-      const auth2 = await authenticate(user, credential, challenge2 || foundChallenge, origin(c), hostname(c));
+      const auth2 = await authenticate(user, credential, challenge2, origin(c), hostname(c));
       await touch(user.username, auth2.counter);
       const token = create(user.username);
       setCookie(c, "session", token, {

package/dist/loader.js

@@ -399,7 +399,7 @@ var require_sqlite_error = __commonJS((exports, module) => {
 
 // node_modules/libsql/index.js
 var require_libsql = __commonJS((exports, module) => {
-  var __dirname = "/Users/eduardosasso/moonshot/surrge/node_modules/libsql";
+  var __dirname = "/home/blakbelt78/Work/surrge/node_modules/libsql";
   var { load, currentTarget } = require_dist();
   var { familySync, GLIBC } = require_detect_libc();
   function requireNative() {
@@ -14857,7 +14857,7 @@ var require_cjs5 = __commonJS((exports) => {
 // package.json
 var package_default = {
   name: "surrge",
-  version: "0.11.4",
+  version: "0.11.6",
   description: "One-line observability + analytics for Node.js/Bun",
   type: "module",
   exports: {
@@ -26134,9 +26134,18 @@ Please change the parent <Route path="\${E}"> to <Route path="\${E==="/"?"*":\`\
 
 // src/dashboard/index.ts
 var SESSION_MAX_AGE = 30 * 24 * 60 * 60;
+var decodeBase64URL = (str) => {
+  const padding = "=".repeat((4 - str.length % 4) % 4);
+  const base642 = str.replace(/-/g, "+").replace(/_/g, "/") + padding;
+  return Buffer.from(base642, "base64").toString("utf-8");
+};
 var origin = (c) => {
+  const originHeader = c.req.header("Origin");
+  if (originHeader)
+    return originHeader;
   const url = new URL(c.req.url);
-  return url.origin;
+  const proto = c.req.header("X-Forwarded-Proto") || url.protocol.replace(":", "");
+  return `${proto}://${url.host}`;
 };
 var hostname = (c) => {
   const url = new URL(c.req.url);
@@ -26310,20 +26319,23 @@ var createDashboard = (basePath) => {
     if (!user) {
       return c.json({ error: "Unknown credential" }, 401);
     }
-    const challenge2 = challenges.get(cred.id) || challenges.get(cred.response?.authenticatorData);
-    let foundChallenge;
-    for (const [key, value] of challenges.entries()) {
-      if (key === value) {
-        foundChallenge = value;
-        challenges.delete(key);
-        break;
-      }
+    let expectedChallenge;
+    if (cred.response?.clientDataJSON) {
+      try {
+        const clientDataStr = decodeBase64URL(cred.response.clientDataJSON);
+        const clientData = JSON.parse(clientDataStr);
+        expectedChallenge = clientData.challenge;
+      } catch {}
     }
-    if (!challenge2 && !foundChallenge) {
+    const challenge2 = expectedChallenge && challenges.get(expectedChallenge);
+    if (!challenge2) {
       return c.json({ error: "Challenge expired" }, 400);
     }
+    if (expectedChallenge) {
+      challenges.delete(expectedChallenge);
+    }
     try {
-      const auth2 = await authenticate(user, credential, challenge2 || foundChallenge, origin(c), hostname(c));
+      const auth2 = await authenticate(user, credential, challenge2, origin(c), hostname(c));
       await touch(user.username, auth2.counter);
       const token = create(user.username);
       setCookie(c, "session", token, {

package/dist/register.js

@@ -399,7 +399,7 @@ var require_sqlite_error = __commonJS((exports, module) => {
 
 // node_modules/libsql/index.js
 var require_libsql = __commonJS((exports, module) => {
-  var __dirname = "/Users/eduardosasso/moonshot/surrge/node_modules/libsql";
+  var __dirname = "/home/blakbelt78/Work/surrge/node_modules/libsql";
   var { load, currentTarget } = require_dist();
   var { familySync, GLIBC } = require_detect_libc();
   function requireNative() {
@@ -14857,7 +14857,7 @@ var require_cjs5 = __commonJS((exports) => {
 // package.json
 var package_default = {
   name: "surrge",
-  version: "0.11.4",
+  version: "0.11.6",
   description: "One-line observability + analytics for Node.js/Bun",
   type: "module",
   exports: {
@@ -26134,9 +26134,18 @@ Please change the parent <Route path="\${E}"> to <Route path="\${E==="/"?"*":\`\
 
 // src/dashboard/index.ts
 var SESSION_MAX_AGE = 30 * 24 * 60 * 60;
+var decodeBase64URL = (str) => {
+  const padding = "=".repeat((4 - str.length % 4) % 4);
+  const base642 = str.replace(/-/g, "+").replace(/_/g, "/") + padding;
+  return Buffer.from(base642, "base64").toString("utf-8");
+};
 var origin = (c) => {
+  const originHeader = c.req.header("Origin");
+  if (originHeader)
+    return originHeader;
   const url = new URL(c.req.url);
-  return url.origin;
+  const proto = c.req.header("X-Forwarded-Proto") || url.protocol.replace(":", "");
+  return `${proto}://${url.host}`;
 };
 var hostname = (c) => {
   const url = new URL(c.req.url);
@@ -26310,20 +26319,23 @@ var createDashboard = (basePath) => {
     if (!user) {
       return c.json({ error: "Unknown credential" }, 401);
     }
-    const challenge2 = challenges.get(cred.id) || challenges.get(cred.response?.authenticatorData);
-    let foundChallenge;
-    for (const [key, value] of challenges.entries()) {
-      if (key === value) {
-        foundChallenge = value;
-        challenges.delete(key);
-        break;
-      }
+    let expectedChallenge;
+    if (cred.response?.clientDataJSON) {
+      try {
+        const clientDataStr = decodeBase64URL(cred.response.clientDataJSON);
+        const clientData = JSON.parse(clientDataStr);
+        expectedChallenge = clientData.challenge;
+      } catch {}
     }
-    if (!challenge2 && !foundChallenge) {
+    const challenge2 = expectedChallenge && challenges.get(expectedChallenge);
+    if (!challenge2) {
       return c.json({ error: "Challenge expired" }, 400);
     }
+    if (expectedChallenge) {
+      challenges.delete(expectedChallenge);
+    }
     try {
-      const auth2 = await authenticate(user, credential, challenge2 || foundChallenge, origin(c), hostname(c));
+      const auth2 = await authenticate(user, credential, challenge2, origin(c), hostname(c));
       await touch(user.username, auth2.counter);
       const token = create(user.username);
       setCookie(c, "session", token, {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "surrge",
-  "version": "0.11.4",
+  "version": "0.11.6",
   "description": "One-line observability + analytics for Node.js/Bun",
   "type": "module",
   "exports": {

package/dist/scripts/postinstall.js

@@ -1,38 +0,0 @@
-// scripts/postinstall.ts
-import { scryptSync, randomBytes } from "node:crypto";
-import { readFileSync, writeFileSync, existsSync } from "node:fs";
-import { join } from "node:path";
-var projectRoot = process.env.INIT_CWD;
-if (!projectRoot) {
-  process.exit(0);
-}
-var pkgPath = join(projectRoot, "package.json");
-if (!existsSync(pkgPath)) {
-  process.exit(0);
-}
-var pkg = JSON.parse(readFileSync(pkgPath, "utf-8"));
-if (pkg.surrge?.setup) {
-  console.log("[surrge] Setup code already exists in package.json");
-  process.exit(0);
-}
-var code = String(Math.floor(1e5 + Math.random() * 900000));
-var salt = randomBytes(16).toString("hex");
-var hash = scryptSync(code, salt, 64).toString("hex");
-var stored = `${salt}:${hash}`;
-pkg.surrge = { ...pkg.surrge, setup: stored };
-writeFileSync(pkgPath, JSON.stringify(pkg, null, 2) + `
-`);
-console.log(`
-┌───────────────────────────────────────┐
-│  SURRGE SETUP CODE                    │
-├───────────────────────────────────────┤
-│                                       │
-│           ${code}                     │
-│                                       │
-│  Save this 6-digit code!              │
-│  You'll need it to create your        │
-│  admin account on first login.        │
-│                                       │
-│  This code will not be shown again.   │
-└───────────────────────────────────────┘
-`);

package/dist/src/cli.js

@@ -1,53 +0,0 @@
-#!/usr/bin/env node
-
-// src/cli.ts
-import { spawn, spawnSync } from "node:child_process";
-import { dirname, resolve } from "node:path";
-import { fileURLToPath } from "node:url";
-var args = process.argv.slice(2);
-if (args.length === 0) {
-  console.log("Usage: surrge [options] <script> [args...]");
-  console.log("       surrge node [options] <script> [args...]");
-  console.log("       surrge bun [options] <script> [args...]");
-  console.log("");
-  console.log("Options are passed through to the runtime (e.g., --hot, --watch)");
-  process.exit(1);
-}
-var loaderPath = resolve(dirname(fileURLToPath(import.meta.url)), "loader.js");
-var hasBun = () => {
-  const result = spawnSync("bun", ["--version"], { stdio: "ignore" });
-  return result.status === 0;
-};
-var runtime;
-var remaining;
-if (args[0] === "node" || args[0] === "bun") {
-  runtime = args[0];
-  remaining = args.slice(1);
-} else {
-  runtime = hasBun() ? "bun" : "node";
-  remaining = args;
-}
-var runtimeFlags = [];
-var scriptIndex = 0;
-for (let i = 0;i < remaining.length; i++) {
-  if (remaining[i].startsWith("-")) {
-    runtimeFlags.push(remaining[i]);
-  } else {
-    scriptIndex = i;
-    break;
-  }
-}
-var scriptArgs = remaining.slice(scriptIndex);
-if (scriptArgs.length === 0) {
-  console.log("Error: No script specified");
-  process.exit(1);
-}
-var flag = runtime === "bun" ? "--preload" : "--import";
-var child = spawn(runtime, [flag, loaderPath, ...runtimeFlags, ...scriptArgs], {
-  stdio: "inherit",
-  cwd: process.cwd(),
-  env: process.env
-});
-child.on("close", (code) => {
-  process.exit(code ?? 0);
-});

package/dist/src/hooks.js

@@ -1,148 +0,0 @@
-import { createRequire } from "node:module";
-var __create = Object.create;
-var __getProtoOf = Object.getPrototypeOf;
-var __defProp = Object.defineProperty;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __toESM = (mod, isNodeMode, target) => {
-  target = mod != null ? __create(__getProtoOf(mod)) : {};
-  const to = isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target;
-  for (let key of __getOwnPropNames(mod))
-    if (!__hasOwnProp.call(to, key))
-      __defProp(to, key, {
-        get: () => mod[key],
-        enumerable: true
-      });
-  return to;
-};
-var __commonJS = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, {
-      get: all[name],
-      enumerable: true,
-      configurable: true,
-      set: (newValue) => all[name] = () => newValue
-    });
-};
-var __require = /* @__PURE__ */ createRequire(import.meta.url);
-
-// src/hooks.ts
-import fs from "node:fs";
-import { createRequire as createRequire2 } from "node:module";
-var STDOUT_FD = 1;
-var buffer = "";
-var originalWriteSync = fs.writeSync;
-var originalWrite = fs.write;
-var logQueue = [];
-globalThis.__surrge_log_queue = logQueue;
-var normalizeLevel = (level) => {
-  if (typeof level === "number") {
-    if (level >= 50)
-      return "error";
-    if (level >= 40)
-      return "warn";
-    if (level >= 30)
-      return "info";
-    return "debug";
-  }
-  if (typeof level === "string") {
-    const lower = level.toLowerCase();
-    if (["error", "err"].includes(lower))
-      return "error";
-    if (["warn", "warning"].includes(lower))
-      return "warn";
-    return lower;
-  }
-  return "info";
-};
-var captureOutput = (chunk) => {
-  const text = typeof chunk === "string" ? chunk : Buffer.isBuffer(chunk) ? chunk.toString() : new TextDecoder().decode(chunk);
-  buffer += text;
-  const lines = buffer.split(`
-`);
-  buffer = lines.pop() ?? "";
-  for (const line of lines) {
-    if (!line.trim() || !line.startsWith("{"))
-      continue;
-    try {
-      const parsed = JSON.parse(line);
-      const level = normalizeLevel(parsed.level ?? parsed.severity ?? "info");
-      const message = String(parsed.msg ?? parsed.message ?? line);
-      const { level: _, msg: __, message: ___, ...metadata } = parsed;
-      logQueue.push({
-        level,
-        message,
-        metadata: Object.keys(metadata).length > 0 ? metadata : undefined
-      });
-    } catch {}
-  }
-};
-var require2 = createRequire2(import.meta.url);
-var cjsFs = require2("node:fs");
-fs.writeSync = (fd, data, ...args) => {
-  if (fd === STDOUT_FD && (typeof data === "string" || Buffer.isBuffer(data))) {
-    captureOutput(data);
-  }
-  return originalWriteSync(fd, data, ...args);
-};
-fs.write = (fd, data, ...args) => {
-  if (fd === STDOUT_FD && (typeof data === "string" || Buffer.isBuffer(data))) {
-    captureOutput(data);
-  }
-  return originalWrite(fd, data, ...args);
-};
-var cjsOriginalWriteSync = cjsFs.writeSync;
-var cjsOriginalWrite = cjsFs.write;
-cjsFs.writeSync = (fd, data, ...args) => {
-  if (fd === STDOUT_FD && (typeof data === "string" || Buffer.isBuffer(data))) {
-    captureOutput(data);
-  }
-  return cjsOriginalWriteSync(fd, data, ...args);
-};
-cjsFs.write = (fd, data, ...args) => {
-  if (fd === STDOUT_FD && (typeof data === "string" || Buffer.isBuffer(data))) {
-    captureOutput(data);
-  }
-  return cjsOriginalWrite(fd, data, ...args);
-};
-var originalStdoutWrite = process.stdout.write.bind(process.stdout);
-process.stdout.write = (chunk, encodingOrCallback, callback) => {
-  if (typeof chunk === "string" || chunk instanceof Uint8Array) {
-    captureOutput(chunk);
-  }
-  if (typeof encodingOrCallback === "function") {
-    return originalStdoutWrite(chunk, encodingOrCallback);
-  }
-  return originalStdoutWrite(chunk, encodingOrCallback, callback);
-};
-var Bun = globalThis.Bun;
-var BunStdout = Bun?.stdout;
-if (Bun?.write) {
-  const originalBunWrite = Bun.write;
-  Bun.write = (dest, data, ...args) => {
-    const isStdout = dest === STDOUT_FD || dest === process.stdout || dest === BunStdout;
-    if (isStdout && (typeof data === "string" || data instanceof Uint8Array)) {
-      captureOutput(data);
-    }
-    return originalBunWrite(dest, data, ...args);
-  };
-}
-var bunStdout = BunStdout;
-if (bunStdout?.write) {
-  const originalBunStdoutWrite = bunStdout.write.bind(bunStdout);
-  bunStdout.write = (data) => {
-    captureOutput(data);
-    return originalBunStdoutWrite(data);
-  };
-}
-var resolve = async (specifier, context, nextResolve) => {
-  return nextResolve(specifier, context);
-};
-var load = async (url, context, nextLoad) => {
-  return nextLoad(url, context);
-};
-export {
-  resolve,
-  load
-};