npm - swallowkit - Versions diffs - 1.0.0-beta.2 → 1.0.0-beta.21 - Mend

swallowkit 1.0.0-beta.2 → 1.0.0-beta.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (191) hide show

package/LICENSE +21 -21
package/README.ja.md +312 -215
package/README.md +369 -216
package/dist/__tests__/fixtures.d.ts +22 -0
package/dist/__tests__/fixtures.d.ts.map +1 -0
package/dist/__tests__/fixtures.js +146 -0
package/dist/__tests__/fixtures.js.map +1 -0
package/dist/cli/commands/add-auth.d.ts +10 -0
package/dist/cli/commands/add-auth.d.ts.map +1 -0
package/dist/cli/commands/add-auth.js +444 -0
package/dist/cli/commands/add-auth.js.map +1 -0
package/dist/cli/commands/add-connector.d.ts +20 -0
package/dist/cli/commands/add-connector.d.ts.map +1 -0
package/dist/cli/commands/add-connector.js +163 -0
package/dist/cli/commands/add-connector.js.map +1 -0
package/dist/cli/commands/create-model.d.ts +1 -4
package/dist/cli/commands/create-model.d.ts.map +1 -1
package/dist/cli/commands/create-model.js +21 -82
package/dist/cli/commands/create-model.js.map +1 -1
package/dist/cli/commands/dev-seeds.d.ts +35 -0
package/dist/cli/commands/dev-seeds.d.ts.map +1 -0
package/dist/cli/commands/dev-seeds.js +292 -0
package/dist/cli/commands/dev-seeds.js.map +1 -0
package/dist/cli/commands/dev.d.ts +19 -0
package/dist/cli/commands/dev.d.ts.map +1 -1
package/dist/cli/commands/dev.js +476 -117
package/dist/cli/commands/dev.js.map +1 -1
package/dist/cli/commands/index.d.ts +1 -0
package/dist/cli/commands/index.d.ts.map +1 -1
package/dist/cli/commands/index.js +3 -1
package/dist/cli/commands/index.js.map +1 -1
package/dist/cli/commands/init.d.ts +13 -0
package/dist/cli/commands/init.d.ts.map +1 -1
package/dist/cli/commands/init.js +2627 -1708
package/dist/cli/commands/init.js.map +1 -1
package/dist/cli/commands/scaffold.d.ts +3 -0
package/dist/cli/commands/scaffold.d.ts.map +1 -1
package/dist/cli/commands/scaffold.js +617 -129
package/dist/cli/commands/scaffold.js.map +1 -1
package/dist/cli/index.d.ts +5 -1
package/dist/cli/index.d.ts.map +1 -1
package/dist/cli/index.js +164 -42
package/dist/cli/index.js.map +1 -1
package/dist/core/config.d.ts +8 -2
package/dist/core/config.d.ts.map +1 -1
package/dist/core/config.js +90 -4
package/dist/core/config.js.map +1 -1
package/dist/core/mock/connector-mock-server.d.ts +101 -0
package/dist/core/mock/connector-mock-server.d.ts.map +1 -0
package/dist/core/mock/connector-mock-server.js +480 -0
package/dist/core/mock/connector-mock-server.js.map +1 -0
package/dist/core/mock/zod-mock-generator.d.ts +14 -0
package/dist/core/mock/zod-mock-generator.d.ts.map +1 -0
package/dist/core/mock/zod-mock-generator.js +163 -0
package/dist/core/mock/zod-mock-generator.js.map +1 -0
package/dist/core/operations/create-model.d.ts +15 -0
package/dist/core/operations/create-model.d.ts.map +1 -0
package/dist/core/operations/create-model.js +171 -0
package/dist/core/operations/create-model.js.map +1 -0
package/dist/core/operations/runtime.d.ts +32 -0
package/dist/core/operations/runtime.d.ts.map +1 -0
package/dist/core/operations/runtime.js +225 -0
package/dist/core/operations/runtime.js.map +1 -0
package/dist/core/operations/scaffold-machine.d.ts +16 -0
package/dist/core/operations/scaffold-machine.d.ts.map +1 -0
package/dist/core/operations/scaffold-machine.js +63 -0
package/dist/core/operations/scaffold-machine.js.map +1 -0
package/dist/core/project/manifest.d.ts +92 -0
package/dist/core/project/manifest.d.ts.map +1 -0
package/dist/core/project/manifest.js +321 -0
package/dist/core/project/manifest.js.map +1 -0
package/dist/core/project/validation.d.ts +20 -0
package/dist/core/project/validation.d.ts.map +1 -0
package/dist/core/project/validation.js +204 -0
package/dist/core/project/validation.js.map +1 -0
package/dist/core/scaffold/auth-generator.d.ts +38 -0
package/dist/core/scaffold/auth-generator.d.ts.map +1 -0
package/dist/core/scaffold/auth-generator.js +1244 -0
package/dist/core/scaffold/auth-generator.js.map +1 -0
package/dist/core/scaffold/connector-functions-generator.d.ts +41 -0
package/dist/core/scaffold/connector-functions-generator.d.ts.map +1 -0
package/dist/core/scaffold/connector-functions-generator.js +1027 -0
package/dist/core/scaffold/connector-functions-generator.js.map +1 -0
package/dist/core/scaffold/functions-generator.d.ts +7 -1
package/dist/core/scaffold/functions-generator.d.ts.map +1 -1
package/dist/core/scaffold/functions-generator.js +920 -213
package/dist/core/scaffold/functions-generator.js.map +1 -1
package/dist/core/scaffold/model-parser.d.ts +20 -1
package/dist/core/scaffold/model-parser.d.ts.map +1 -1
package/dist/core/scaffold/model-parser.js +329 -135
package/dist/core/scaffold/model-parser.js.map +1 -1
package/dist/core/scaffold/nextjs-generator.d.ts +8 -0
package/dist/core/scaffold/nextjs-generator.d.ts.map +1 -1
package/dist/core/scaffold/nextjs-generator.js +314 -182
package/dist/core/scaffold/nextjs-generator.js.map +1 -1
package/dist/core/scaffold/openapi-generator.d.ts +3 -0
package/dist/core/scaffold/openapi-generator.d.ts.map +1 -0
package/dist/core/scaffold/openapi-generator.js +190 -0
package/dist/core/scaffold/openapi-generator.js.map +1 -0
package/dist/core/scaffold/ui-generator.d.ts +10 -4
package/dist/core/scaffold/ui-generator.d.ts.map +1 -1
package/dist/core/scaffold/ui-generator.js +768 -663
package/dist/core/scaffold/ui-generator.js.map +1 -1
package/dist/database/base-model.d.ts +3 -3
package/dist/database/base-model.js +3 -3
package/dist/index.d.ts +2 -2
package/dist/index.d.ts.map +1 -1
package/dist/index.js +2 -1
package/dist/index.js.map +1 -1
package/dist/machine/contracts.d.ts +16 -0
package/dist/machine/contracts.d.ts.map +1 -0
package/dist/machine/contracts.js +3 -0
package/dist/machine/contracts.js.map +1 -0
package/dist/machine/errors.d.ts +11 -0
package/dist/machine/errors.d.ts.map +1 -0
package/dist/machine/errors.js +34 -0
package/dist/machine/errors.js.map +1 -0
package/dist/machine/index.d.ts +3 -0
package/dist/machine/index.d.ts.map +1 -0
package/dist/machine/index.js +156 -0
package/dist/machine/index.js.map +1 -0
package/dist/mcp/index.d.ts +25 -0
package/dist/mcp/index.d.ts.map +1 -0
package/dist/mcp/index.js +184 -0
package/dist/mcp/index.js.map +1 -0
package/dist/types/index.d.ts +65 -0
package/dist/types/index.d.ts.map +1 -1
package/dist/utils/package-manager.d.ts +109 -0
package/dist/utils/package-manager.d.ts.map +1 -0
package/dist/utils/package-manager.js +215 -0
package/dist/utils/package-manager.js.map +1 -0
package/package.json +85 -73
package/src/__tests__/__snapshots__/functions-generator.test.ts.snap +1139 -0
package/src/__tests__/__snapshots__/nextjs-generator.test.ts.snap +194 -0
package/src/__tests__/__snapshots__/ui-generator.test.ts.snap +532 -0
package/src/__tests__/auth.test.ts +654 -0
package/src/__tests__/config.test.ts +263 -0
package/src/__tests__/connector-functions-generator.test.ts +288 -0
package/src/__tests__/connector-mock-server.test.ts +439 -0
package/src/__tests__/connector-model-bff.test.ts +162 -0
package/src/__tests__/dev-seeds.test.ts +112 -0
package/src/__tests__/dev.test.ts +154 -0
package/src/__tests__/fixtures.ts +144 -0
package/src/__tests__/functions-generator.test.ts +237 -0
package/src/__tests__/init.test.ts +80 -0
package/src/__tests__/machine.test.ts +212 -0
package/src/__tests__/mcp.test.ts +56 -0
package/src/__tests__/model-parser.test.ts +72 -0
package/src/__tests__/nextjs-generator.test.ts +97 -0
package/src/__tests__/openapi-generator.test.ts +43 -0
package/src/__tests__/package-manager.test.ts +189 -0
package/src/__tests__/scaffold.test.ts +39 -0
package/src/__tests__/string-utils.test.ts +75 -0
package/src/__tests__/ui-generator.test.ts +144 -0
package/src/__tests__/zod-mock-generator.test.ts +132 -0
package/src/cli/commands/add-auth.ts +500 -0
package/src/cli/commands/add-connector.ts +158 -0
package/src/cli/commands/create-model.ts +62 -0
package/src/cli/commands/dev-seeds.ts +358 -0
package/src/cli/commands/dev.ts +962 -0
package/src/cli/commands/index.ts +9 -0
package/src/cli/commands/init.ts +3371 -0
package/src/cli/commands/provision.ts +193 -0
package/src/cli/commands/scaffold.ts +1211 -0
package/src/cli/index.ts +193 -0
package/src/core/config.ts +308 -0
package/src/core/mock/connector-mock-server.ts +555 -0
package/src/core/mock/zod-mock-generator.ts +205 -0
package/src/core/operations/create-model.ts +174 -0
package/src/core/operations/runtime.ts +235 -0
package/src/core/operations/scaffold-machine.ts +91 -0
package/src/core/project/manifest.ts +402 -0
package/src/core/project/validation.ts +221 -0
package/src/core/scaffold/auth-generator.ts +1284 -0
package/src/core/scaffold/connector-functions-generator.ts +1128 -0
package/src/core/scaffold/functions-generator.ts +970 -0
package/src/core/scaffold/model-parser.ts +841 -0
package/src/core/scaffold/nextjs-generator.ts +370 -0
package/src/core/scaffold/openapi-generator.ts +212 -0
package/src/core/scaffold/ui-generator.ts +1061 -0
package/src/database/base-model.ts +184 -0
package/src/database/client.ts +140 -0
package/src/database/repository.ts +104 -0
package/src/database/runtime-check.ts +25 -0
package/src/index.ts +27 -0
package/src/machine/contracts.ts +17 -0
package/src/machine/errors.ts +34 -0
package/src/machine/index.ts +173 -0
package/src/mcp/index.ts +185 -0
package/src/types/index.ts +134 -0
package/src/utils/package-manager.ts +229 -0

package/src/core/mock/connector-mock-server.ts ADDED Viewed

@@ -0,0 +1,555 @@
+/**
+ * コネクタモデル用モックサーバー
+ * - コネクタモデルへのリクエスト → Zodベースのインメモリ CRUD で応答
+ * - その他のリクエスト → 実Azure Functions へプロキシ
+ */
+import * as http from "http";
+import jwt, { SignOptions } from "jsonwebtoken";
+import { ModelInfo, toCamelCase } from "../scaffold/model-parser";
+import { generateMockDocuments } from "./zod-mock-generator";
+import { loadDevSeedFiles } from "../../cli/commands/dev-seeds";
+export interface ConnectorMockServerOptions {
+  /** モックサーバーのリッスンポート */
+  port: number;
+  /** Azure Functions の転送先ホスト:ポート（例: "localhost:7071"） */
+  functionsTarget: string;
+  /** コネクタモデル一覧 */
+  connectorModels: ModelInfo[];
+  /** 全モデル一覧（dev-seeds 読み込み用） */
+  allModels?: ModelInfo[];
+  /** dev-seeds 環境名（指定時はシードデータを初期データとして読み込む） */
+  seedEnv?: string;
+  /** dev-seeds ディレクトリ */
+  seedsDir?: string;
+  /** 各モデルの初期生成レコード数（デフォルト: 5） */
+  mockCount?: number;
+  /** ホスト名 */
+  host?: string;
+  /** Auth config — auth functions use RDB connector, mocked the same way */
+  authConfig?: {
+    /** JWT secret for mock token generation/verification */
+    jwtSecret: string;
+    /** Token expiry (e.g., '24h') */
+    tokenExpiry?: string;
+    /** Custom JWT config from swallowkit.config.js */
+    customJwt?: {
+      /** RDB table name that holds user records (e.g., "users") */
+      userTable: string;
+      loginIdColumn: string;
+      passwordHashColumn: string;
+      rolesColumn: string;
+    };
+    /** Default auth policy: 'authenticated' = all models need auth, 'anonymous' = only models with authPolicy */
+    defaultPolicy?: "authenticated" | "anonymous";
+  };
+}
+type MockDocument = Record<string, unknown>;
+/**
+ * コネクタモデル用モックサーバー
+ */
+export class ConnectorMockServer {
+  private server: http.Server | null = null;
+  private stores = new Map<string, MockDocument[]>();
+  private routeMap = new Map<string, ModelInfo>(); // route → model
+  private options: ConnectorMockServerOptions;
+  constructor(options: ConnectorMockServerOptions) {
+    this.options = options;
+    // ルートマップを構築: モデル名(camelCase) → ModelInfo
+    for (const model of options.connectorModels) {
+      const route = toCamelCase(model.name);
+      this.routeMap.set(route, model);
+    }
+  }
+  /**
+   * モックデータを初期化し、サーバーを起動
+   */
+  async start(): Promise<void> {
+    await this.initializeStores();
+    return new Promise((resolve, reject) => {
+      this.server = http.createServer((req, res) => {
+        this.handleRequest(req, res);
+      });
+      this.server.on("error", reject);
+      this.server.listen(this.options.port, this.options.host || "localhost", () => {
+        resolve();
+      });
+    });
+  }
+  /**
+   * サーバーを停止
+   */
+  stop(): Promise<void> {
+    return new Promise((resolve) => {
+      if (this.server) {
+        // Force close keep-alive connections (Node.js 18.2+)
+        if (typeof (this.server as any).closeAllConnections === "function") {
+          (this.server as any).closeAllConnections();
+        }
+        this.server.close(() => resolve());
+      } else {
+        resolve();
+      }
+    });
+  }
+  /**
+   * 特定モデルの現在のストアデータを取得（テスト用）
+   */
+  getStore(modelName: string): MockDocument[] {
+    const route = toCamelCase(modelName);
+    return this.stores.get(route) || [];
+  }
+  // ─── Internal ─────────────────────────────────────────────
+  private async initializeStores() {
+    const allModels = this.options.allModels || this.options.connectorModels;
+    const mockCount = this.options.mockCount ?? 5;
+    // まず Zod ベースのモックデータで初期化
+    for (const model of this.options.connectorModels) {
+      const route = toCamelCase(model.name);
+      this.stores.set(route, generateMockDocuments(model, mockCount, allModels));
+    }
+    // dev-seeds があれば上書き
+    if (this.options.seedEnv) {
+      try {
+        const seedFiles = await loadDevSeedFiles(
+          this.options.seedEnv,
+          this.options.connectorModels,
+          this.options.seedsDir
+        );
+        for (const seedFile of seedFiles) {
+          const route = toCamelCase(seedFile.model.name);
+          if (this.stores.has(route)) {
+            this.stores.set(route, seedFile.documents as MockDocument[]);
+            console.log(`  📂 Loaded ${seedFile.documents.length} seed doc(s) for ${seedFile.model.name}`);
+          }
+        }
+      } catch (err) {
+        console.warn(`⚠️  Failed to load dev-seeds for connectors: ${(err as Error).message}`);
+      }
+    }
+  }
+  private handleRequest(req: http.IncomingMessage, res: http.ServerResponse) {
+    const { route, id } = this.parseRoute(req.url || "");
+    // Auth endpoints (when authConfig is set)
+    if (this.options.authConfig && route === "auth") {
+      this.handleAuthRequest(req, res, id);
+      return;
+    }
+    // コネクタモデルのルートか判定
+    if (route && this.routeMap.has(route)) {
+      this.handleMockCrud(req, res, route, id);
+    } else {
+      this.proxyToFunctions(req, res);
+    }
+  }
+  /**
+   * URL パス解析: /api/backlogIssue/123 → { route: "backlogIssue", id: "123" }
+   */
+  private parseRoute(url: string): { route: string | null; id: string | null } {
+    const parsed = new URL(url, "http://localhost");
+    const segments = parsed.pathname.split("/").filter(Boolean);
+    // /api/<route> or /api/<route>/<id>
+    if (segments.length >= 2 && segments[0] === "api") {
+      return {
+        route: segments[1],
+        id: segments.length >= 3 ? segments[2] : null,
+      };
+    }
+    return { route: null, id: null };
+  }
+  private handleMockCrud(
+    req: http.IncomingMessage,
+    res: http.ServerResponse,
+    route: string,
+    id: string | null
+  ) {
+    const method = (req.method || "GET").toUpperCase();
+    const store = this.stores.get(route) || [];
+    const model = this.routeMap.get(route)!;
+    const ops = model.connectorConfig?.operations || [];
+    const isWrite = method === "POST" || method === "PUT" || method === "DELETE";
+    const requiredRoles = this.resolveRequiredRoles(model, isWrite);
+    const authResult = this.checkAuth(req, res, model, requiredRoles);
+    if (authResult === "error") return; // 401/403 already sent
+    switch (method) {
+      case "GET":
+        req.resume();
+        if (id) {
+          if (!ops.includes("getById")) {
+            return this.sendJson(res, 405, { error: "getById not supported" });
+          }
+          const item = store.find((doc) => doc.id === id);
+          return item
+            ? this.sendJson(res, 200, item)
+            : this.sendJson(res, 404, { error: "Item not found" });
+        }
+        if (!ops.includes("getAll")) {
+          return this.sendJson(res, 405, { error: "getAll not supported" });
+        }
+        return this.sendJson(res, 200, store);
+      case "POST":
+        if (!ops.includes("create")) {
+          return this.drainAndRespond(req, res, 405, { error: "create not supported" });
+        }
+        this.readBody(req, (body) => {
+          if (!body.id) {
+            body.id = `${route}-${Date.now()}`;
+          }
+          body.createdAt = body.createdAt || new Date().toISOString();
+          body.updatedAt = body.updatedAt || new Date().toISOString();
+          store.push(body);
+          this.sendJson(res, 201, body);
+        });
+        return;
+      case "PUT":
+        if (!ops.includes("update")) {
+          return this.drainAndRespond(req, res, 405, { error: "update not supported" });
+        }
+        if (!id) return this.drainAndRespond(req, res, 400, { error: "id required" });
+        this.readBody(req, (body) => {
+          const idx = store.findIndex((doc) => doc.id === id);
+          if (idx === -1) return this.sendJson(res, 404, { error: "Item not found" });
+          body.updatedAt = new Date().toISOString();
+          store[idx] = { ...store[idx], ...body, id };
+          this.sendJson(res, 200, store[idx]);
+        });
+        return;
+      case "DELETE":
+        {
+          req.resume();
+          if (!ops.includes("delete")) {
+            return this.sendJson(res, 405, { error: "delete not supported" });
+          }
+          if (!id) return this.sendJson(res, 400, { error: "id required" });
+          const deleteIdx = store.findIndex((doc) => doc.id === id);
+          if (deleteIdx === -1) return this.sendJson(res, 404, { error: "Item not found" });
+          store.splice(deleteIdx, 1);
+          return this.sendJson(res, 204, null);
+        }
+      default:
+        req.resume();
+        return this.sendJson(res, 405, { error: `Method ${method} not allowed` });
+    }
+  }
+  /**
+   * コネクタモデル以外のリクエストをAzure Functionsへプロキシ
+   */
+  private proxyToFunctions(req: http.IncomingMessage, res: http.ServerResponse) {
+    const [targetHost, targetPort] = this.options.functionsTarget.split(":");
+    const proxyOpts: http.RequestOptions = {
+      hostname: targetHost,
+      port: parseInt(targetPort, 10),
+      path: req.url,
+      method: req.method,
+      headers: { ...req.headers, host: this.options.functionsTarget },
+    };
+    const proxyReq = http.request(proxyOpts, (proxyRes) => {
+      res.writeHead(proxyRes.statusCode || 502, proxyRes.headers);
+      proxyRes.pipe(res, { end: true });
+    });
+    proxyReq.on("error", (err) => {
+      // Functions がまだ起動していない場合
+      this.sendJson(res, 502, {
+        error: "Azure Functions not available",
+        detail: err.message,
+      });
+    });
+    req.pipe(proxyReq, { end: true });
+  }
+  // ─── Auth Routes (RDB user queries + JWT generation) ───
+  private handleAuthRequest(
+    req: http.IncomingMessage,
+    res: http.ServerResponse,
+    endpoint: string | null
+  ) {
+    const method = (req.method || "GET").toUpperCase();
+    // Handle CORS preflight
+    if (method === "OPTIONS") {
+      req.resume();
+      res.writeHead(200, {
+        "Access-Control-Allow-Origin": "*",
+        "Access-Control-Allow-Methods": "GET, POST, OPTIONS",
+        "Access-Control-Allow-Headers": "Content-Type, Authorization",
+      });
+      res.end();
+      return;
+    }
+    if (endpoint === "login" && method === "POST") {
+      this.handleLogin(req, res);
+    } else if (endpoint === "me" && method === "GET") {
+      this.handleMe(req, res);
+    } else if (endpoint === "logout" && method === "POST") {
+      req.resume();
+      this.sendJson(res, 200, { message: "Logged out" });
+    } else {
+      req.resume();
+      this.sendJson(res, 404, { error: "Auth endpoint not found" });
+    }
+  }
+  private handleLogin(req: http.IncomingMessage, res: http.ServerResponse) {
+    this.readBody(req, (body) => {
+      const loginId = body.loginId as string;
+      const password = body.password as string;
+      if (!loginId || !password) {
+        return this.sendJson(res, 400, { error: "loginId and password are required" });
+      }
+      const users = this.resolveUserStore();
+      if (!users) {
+        return this.sendJson(res, 500, {
+          error: "No user model found — ensure a connector model with the configured userTable exists",
+        });
+      }
+      const loginField = this.options.authConfig?.customJwt?.loginIdColumn || "loginId";
+      const passwordField = this.options.authConfig?.customJwt?.passwordHashColumn || "password";
+      const rolesField = this.options.authConfig?.customJwt?.rolesColumn || "roles";
+      const user = users.find(
+        (u) => (u[loginField] || u.loginId) === loginId
+      );
+      if (!user) {
+        return this.sendJson(res, 401, { error: "Invalid credentials" });
+      }
+      // Plaintext password comparison (mock mode only)
+      const storedPassword = (user[passwordField] || user.password) as string;
+      if (storedPassword !== password) {
+        return this.sendJson(res, 401, { error: "Invalid credentials" });
+      }
+      // Parse roles
+      let roles: string[] = [];
+      const rolesValue = user[rolesField] || user.roles;
+      if (Array.isArray(rolesValue)) {
+        roles = rolesValue as string[];
+      } else if (typeof rolesValue === "string") {
+        try {
+          roles = JSON.parse(rolesValue);
+        } catch {
+          roles = (rolesValue as string).split(",").map((r: string) => r.trim());
+        }
+      }
+      const authUser = {
+        id: String(user.id),
+        loginId: String(user[loginField] || user.loginId),
+        name: String(user.name || user[loginField] || user.loginId),
+        email: String(user.email || ""),
+        roles,
+      };
+      // Generate JWT
+      const secret = this.options.authConfig!.jwtSecret;
+      const expiry = (this.options.authConfig!.tokenExpiry || "24h") as SignOptions["expiresIn"];
+      const token = jwt.sign(
+        {
+          sub: authUser.id,
+          loginId: authUser.loginId,
+          name: authUser.name,
+          email: authUser.email,
+          roles: authUser.roles,
+        },
+        secret,
+        { expiresIn: expiry }
+      );
+      const expiresAt = new Date(Date.now() + 24 * 60 * 60 * 1000).toISOString();
+      this.sendJson(res, 200, { user: authUser, token, expiresAt });
+    });
+  }
+  private handleMe(req: http.IncomingMessage, res: http.ServerResponse) {
+    req.resume();
+    const authHeader = req.headers["authorization"];
+    if (!authHeader || !authHeader.startsWith("Bearer ")) {
+      return this.sendJson(res, 401, { error: "Missing or invalid Authorization header" });
+    }
+    const token = authHeader.slice(7);
+    try {
+      const secret = this.options.authConfig!.jwtSecret;
+      const payload = jwt.verify(token, secret) as Record<string, unknown>;
+      this.sendJson(res, 200, {
+        sub: payload.sub,
+        loginId: payload.loginId,
+        name: payload.name,
+        email: payload.email,
+        roles: payload.roles,
+      });
+    } catch {
+      this.sendJson(res, 401, { error: "Invalid or expired token" });
+    }
+  }
+  // ─── Utilities ────────────────────────────────────────────
+  /**
+   * authConfig.customJwt.userTable に対応するモデルのストアを返す。
+   * ユーザーテーブルが見つからない場合は null を返す。
+   */
+  private resolveUserStore(): MockDocument[] | null {
+    const userTable = this.options.authConfig?.customJwt?.userTable;
+    if (!userTable) return null;
+    for (const model of this.options.connectorModels) {
+      const cfg = model.connectorConfig;
+      if (cfg && "table" in cfg && cfg.table === userTable) {
+        return this.stores.get(toCamelCase(model.name)) || null;
+      }
+    }
+    return null;
+  }
+  /**
+   * JWT を検証し、ペイロード（roles 含む）を返す。
+   * 認証不要な場合は null を返す。401/403 の場合はレスポンスを送信して 'error' を返す。
+   */
+  private checkAuth(
+    req: http.IncomingMessage,
+    res: http.ServerResponse,
+    model: ModelInfo,
+    requiredRoles: string[] | undefined
+  ): Record<string, unknown> | null | "error" {
+    const authCfg = this.options.authConfig;
+    if (!authCfg) return null; // auth 未設定 → 全スルー
+    const policy = model.authPolicy;
+    const defaultPolicy = authCfg.defaultPolicy || "anonymous";
+    // モデルに authPolicy がなく defaultPolicy が anonymous → 認証不要
+    if (!policy && defaultPolicy === "anonymous") return null;
+    // JWT 検証
+    const authHeader = req.headers["authorization"];
+    if (!authHeader || !authHeader.startsWith("Bearer ")) {
+      this.sendJson(res, 401, { error: "Missing or invalid Authorization header" });
+      return "error";
+    }
+    const token = authHeader.slice(7);
+    try {
+      const payload = jwt.verify(token, authCfg.jwtSecret) as Record<string, unknown>;
+      // ロールチェック
+      if (requiredRoles && requiredRoles.length > 0) {
+        const userRoles = Array.isArray(payload.roles) ? (payload.roles as string[]) : [];
+        const hasRole = requiredRoles.some((r) => userRoles.includes(r));
+        if (!hasRole) {
+          this.sendJson(res, 403, {
+            error: `Requires one of roles: ${requiredRoles.join(", ")}`,
+          });
+          return "error";
+        }
+      }
+      return payload;
+    } catch {
+      this.sendJson(res, 401, { error: "Invalid or expired token" });
+      return "error";
+    }
+  }
+  /**
+   * モデルの authPolicy から read/write に必要なロールを解決
+   */
+  private resolveRequiredRoles(
+    model: ModelInfo,
+    isWrite: boolean
+  ): string[] | undefined {
+    const policy = model.authPolicy;
+    if (!policy) return undefined; // defaultPolicy: authenticated → 認証のみ、ロールチェック不要
+    if (isWrite) {
+      return policy.write || policy.roles;
+    }
+    return policy.read || policy.roles;
+  }
+  private readBody(req: http.IncomingMessage, callback: (body: MockDocument) => void) {
+    let data = "";
+    req.on("data", (chunk) => (data += chunk));
+    req.on("end", () => {
+      try {
+        callback(JSON.parse(data));
+      } catch {
+        callback({});
+      }
+    });
+  }
+  private sendJson(res: http.ServerResponse, status: number, body: unknown) {
+    res.writeHead(status, {
+      "Content-Type": "application/json",
+      "Access-Control-Allow-Origin": "*",
+      "Connection": "close",
+    });
+    if (body !== null && body !== undefined) {
+      res.end(JSON.stringify(body));
+    } else {
+      res.end();
+    }
+  }
+  /**
+   * リクエストボディを完全に読み捨ててからレスポンスを送信
+   * POST/PUT の 405 等で未読ボディがある場合に Linux で RST を防ぐ
+   */
+  private drainAndRespond(
+    req: http.IncomingMessage,
+    res: http.ServerResponse,
+    status: number,
+    body: unknown
+  ) {
+    if (req.readableEnded) {
+      this.sendJson(res, status, body);
+      return;
+    }
+    req.resume();
+    req.on("end", () => {
+      this.sendJson(res, status, body);
+    });
+  }
+}