toiljs 0.0.40 → 0.0.42

package/src/compiler/emails.ts

@@ -291,8 +291,15 @@ export async function renderEmails(cfg: ResolvedToilConfig): Promise<void> {
     }
 
     if (rendered.length === 0) return;
+    // Only (re)write when the output actually changed: an unconditional write
+    // bumps the file's mtime every rebuild, which under `dev` would re-trigger
+    // the watcher. (The watcher also ignores this file by name; this is belt-and-
+    // suspenders and avoids needless work.)
+    const next = renderModuleSource(rendered);
+    const prev = fs.existsSync(generatedPath) ? fs.readFileSync(generatedPath, 'utf8') : null;
+    if (prev === next) return;
     fs.mkdirSync(path.dirname(generatedPath), { recursive: true });
-    fs.writeFileSync(generatedPath, renderModuleSource(rendered));
+    fs.writeFileSync(generatedPath, next);
     process.stdout.write(
         `  ✓ emails: generated ${String(rendered.length)} template${rendered.length === 1 ? '' : 's'} (${rendered
             .map((r) => r.name)

package/src/compiler/generate.ts

@@ -107,7 +107,19 @@ export const TOIL_SERVER_ENV_DTS =
     `declare const Cookies: typeof import('toiljs/server/runtime/http/cookies').Cookies;\n` +
     `type Cookies = import('toiljs/server/runtime/http/cookies').Cookies;\n` +
     `declare const SecureCookies: typeof import('toiljs/server/runtime/http/securecookies').SecureCookies;\n` +
-    `type SecureCookies = import('toiljs/server/runtime/http/securecookies').SecureCookies;\n`;
+    `type SecureCookies = import('toiljs/server/runtime/http/securecookies').SecureCookies;\n` +
+    `declare const Time: typeof import('toiljs/server/runtime/time').Time;\n` +
+    `// Email, rate-limit, 2FA, and auth globals (server/globals/*), hand-declared\n` +
+    `// because their AssemblyScript source can't be type-aliased from tsc.\n` +
+    `declare enum EmailStatus { Sent, Disabled, Budget, RecipientCapped, Deduped, TryLater, BadRecipient, ProviderError }\n` +
+    `declare namespace EmailService { function send(to: string, subject: string, body: string, purpose?: string, html?: string): EmailStatus; }\n` +
+    `declare class RenderedEmail { subject: string; body: string; html: string; constructor(subject: string, body: string, html: string); }\n` +
+    `declare class EmailTemplate { constructor(subject: string, body: string, html?: string); render(vars: Map<string, string>): RenderedEmail; send(to: string, vars: Map<string, string>, purpose?: string): EmailStatus; }\n` +
+    `declare enum RateLimit { FixedWindow, SlidingWindow, TokenBucket }\n` +
+    `declare class TwoFactorIssue { code: string; token: string; constructor(code: string, token: string); }\n` +
+    `declare class TwoFactorChallenge { token: string; status: EmailStatus; constructor(token: string, status: EmailStatus); }\n` +
+    `declare namespace TwoFactor { function setSecret(secret: Uint8Array): void; function issue(recipient: string, purpose: string, ttlSecs?: u64, digits?: i32): TwoFactorIssue; function send(recipient: string, purpose: string, ttlSecs?: u64, digits?: i32): TwoFactorChallenge; function verify(token: string, recipient: string, code: string): bool; }\n` +
+    `declare namespace AuthService { const SESSION_COOKIE: string; const USER_COOKIE: string; const LOGIN_CONTEXT: string; const PUBLIC_KEY_LEN: i32; const SIGNATURE_LEN: i32; const DEFAULT_SESSION_TTL_SECS: u64; function setSecret(secret: Uint8Array): void; function hasSession(): bool; function getSessionBytes(): Uint8Array | null; function mintSession(userData: Uint8Array, ttlSecs?: u64): Cookie; function clearSession(): Cookie; function userCookie(userData: Uint8Array, ttlSecs?: u64): Cookie; function clearUserCookie(): Cookie; function buildLoginMessage(sub: string, aud: string, cid: Uint8Array, nonce: Uint8Array, iat: u64, exp: u64): Uint8Array; function verifyLogin(publicKey: Uint8Array, message: Uint8Array, signature: Uint8Array): bool; }\n`;
 
 /**
  * Returns a `./`-prefixed, **extensionless** POSIX module specifier from `.toil` to `abs`, for use

package/src/compiler/index.ts

@@ -143,7 +143,19 @@ async function buildServer(root: string): Promise<void> {
     // Explicit entries (every server file) override the toilconfig entries; the target options
     // (optimization, features, runtime) still come from the toilconfig's `release` target.
     const files = serverEntryFiles(root);
-    const args = [binJs, ...files, '--target', 'release', '--rpcModule', 'shared/server.ts'];
+    // Suppress AS235 ("only variables/functions/enums become wasm exports"): a
+    // `@data`/`@rest` class is intentionally `export class` (so other server
+    // files import it), but never a wasm export — the warning is pure noise here.
+    const args = [
+        binJs,
+        ...files,
+        '--target',
+        'release',
+        '--rpcModule',
+        'shared/server.ts',
+        '--disableWarning',
+        '235',
+    ];
 
     await new Promise<void>((resolve, reject) => {
         const child = spawn(process.execPath, args, { cwd: root, stdio: 'inherit' });
@@ -202,6 +214,9 @@ function watchServer(cfg: ResolvedToilConfig, watcher: ViteDevServer['watcher'])
     const isServerSource = (file: string): boolean =>
         file.endsWith('.ts') &&
         !file.endsWith('.d.ts') &&
+        // `_emails.ts` is GENERATED by renderEmails on every rebuild; reacting to
+        // our own output would loop forever (rebuild -> write -> rebuild -> ...).
+        path.basename(file) !== '_emails.ts' &&
         dirs.some((dir) => file === dir || file.startsWith(dir + path.sep));
     const isEmailSource = (file: string): boolean =>
         /\.(tsx|jsx)$/.test(file) && (file === emailsDir || file.startsWith(emailsDir + path.sep));

package/examples/basic/server/AuthTestHandler.ts

@@ -1,15 +0,0 @@
-import { Request, Response, ToilHandler } from 'toiljs/server/runtime';
-
-// AuthService is used with NO import (a global via toilscript --lib).
-export class AuthTestHandler extends ToilHandler {
-    public handle(req: Request): Response {
-        const cid = new Uint8Array(16);
-        const nonce = new Uint8Array(32);
-        const msg = AuthService.buildLoginMessage('alice', 'toil-demo', cid, nonce, 1000, 2000);
-        // Dummy pk/sig -> verify must be false (also exercises the host import binding).
-        const pk = new Uint8Array(AuthService.PUBLIC_KEY_LEN);
-        const sig = new Uint8Array(AuthService.SIGNATURE_LEN);
-        const ok = AuthService.verifyLogin(pk, msg, sig);
-        return Response.text('msglen=' + msg.length.toString() + ' verify=' + (ok ? '1' : '0') + '\n');
-    }
-}

package/examples/basic/server/AuthVerifyHandler.ts

@@ -1,23 +0,0 @@
-import { Method, Request, Response, ToilHandler } from 'toiljs/server/runtime';
-import { DataReader } from 'data';
-
-// Reads {sub, aud, cid, nonce, iat, exp, pk, sig} as a binary body, rebuilds
-// the login message with the AS AuthService (server-authoritative encoding),
-// and verifies the client signature. Proves the full client->edge chain.
-export class AuthVerifyHandler extends ToilHandler {
-    public handle(req: Request): Response {
-        if (req.method != Method.POST) return Response.empty(405);
-        const r = new DataReader(req.body);
-        const sub = r.readString();
-        const aud = r.readString();
-        const cid = r.readBytes();
-        const nonce = r.readBytes();
-        const iat = r.readU64();
-        const exp = r.readU64();
-        const pk = r.readBytes();
-        const sig = r.readBytes();
-        const msg = AuthService.buildLoginMessage(sub, aud, cid, nonce, iat, exp);
-        const ok = AuthService.verifyLogin(pk, msg, sig);
-        return Response.text((ok ? '1' : '0') + '\n');
-    }
-}

package/examples/basic/server/CacheHandler.ts

@@ -1,25 +0,0 @@
-import { Method, Request, Response, ToilHandler } from 'toiljs/server/runtime';
-
-// Exercises the tenant-directed cache. Detection is via the host's
-// `Toil-Cache` response header (MISS on first compute+store, HIT on reuse,
-// DYNAMIC when not cached), so the body need not vary.
-export class CacheHandler extends ToilHandler {
-    public handle(req: Request): Response {
-        if (req.method == Method.GET && req.path == '/cacheable') {
-            // edge-cache 5 min + browser Cache-Control max-age=60
-            return Response.json('{"cached":true}').cache(5, 60);
-        }
-        if (req.method == Method.GET && req.path == '/auth-ok') {
-            // edge-cache even when the request carries auth (allowAuth)
-            return Response.json('{"authok":true}').cache(5, 0, false, true);
-        }
-        if (req.method == Method.GET && req.path == '/uncacheable') {
-            return Response.json('{"cached":false}');
-        }
-        if (req.method == Method.POST && req.path == '/echo') {
-            // cache per (path, body): same body hits, different body misses
-            return Response.bytes(req.body).cache(5);
-        }
-        return Response.notFound();
-    }
-}

package/examples/basic/server/DecoCache.ts

@@ -1,18 +0,0 @@
-import { Response, RouteContext } from 'toiljs/server/runtime';
-
-// @rest controller exercising the new compile-time @cache decorator.
-@rest('deco')
-class DecoCache {
-    // edge-cache 5 min + browser Cache-Control max-age=60, via the decorator
-    @get('/cached')
-    @cache(5, 60)
-    public cached(ctx: RouteContext): Response {
-        return Response.json('{"deco":"cached"}');
-    }
-
-    // no @cache -> never cached
-    @get('/plain')
-    public plain(ctx: RouteContext): Response {
-        return Response.json('{"deco":"plain"}');
-    }
-}

package/examples/basic/server/FastTrapHandler.ts

@@ -1,8 +0,0 @@
-import { Request, Response, ToilHandler } from 'toiljs/server/runtime';
-
-export class FastTrapHandler extends ToilHandler {
-    public handle(req: Request): Response {
-        unreachable();          // wasm `unreachable` -> instant trap, ~0 gas
-        return Response.text('x');
-    }
-}

package/examples/basic/server/SpinHandler.ts

@@ -1,18 +0,0 @@
-import { Request, Response, ToilHandler } from 'toiljs/server/runtime';
-
-// Module-level counter so the loop body has an observable side effect the
-// optimizer cannot remove (and even a bare loop would still be gas-metered).
-let counter: i64 = 0;
-
-export class SpinHandler extends ToilHandler {
-    public handle(req: Request): Response {
-        // Infinite CPU burn on EVERY request. The edge's per-request gas
-        // budget (MAX_GAS_WASM_INIT) must trap this and 502 instead of
-        // freezing the worker.
-        while (true) {
-            counter = counter + 1;
-        }
-        // unreachable
-        return Response.text('unreachable\n');
-    }
-}

package/examples/basic/server/SsrGreetingRender.ts

@@ -1,27 +0,0 @@
-/**
- * A hand-written edge-SSR `render` for the `/hello` route, authored against the
- * generated typed `Slot` enum + `HASH`. It derives its data from the request
- * and fills the holes; the host splices these values into the precompiled
- * template. Registers itself with the `Ssr` router (compiler-injected in a real
- * build; explicit here).
- */
-import { Request } from 'toiljs/server/runtime';
-import { HtmlBuilder, SlotValues, Ssr } from 'toiljs/server/runtime';
-import { HASH, Slot } from './ssr/greeting.slots';
-
-function renderGreeting(req: Request): SlotValues | null {
-    if (req.path != '/hello') return null;
-    const v = new SlotValues(HASH);
-    // A text hole: React-escaped (note the `&` and `<>` get entities).
-    v.setText(Slot.greeting, 'world & <friends>');
-    // A repeat region: three stamped rows.
-    const rows = new HtmlBuilder();
-    const items: string[] = ['a & b', '<c>', 'd'];
-    for (let i = 0; i < items.length; i++) {
-        rows.raw('<li>').text(items[i]).raw('</li>');
-    }
-    v.setRepeat(Slot.count, rows);
-    return v;
-}
-
-Ssr.register(renderGreeting);

package/examples/basic/server/authexample-main.ts

@@ -1,8 +0,0 @@
-import { Server } from 'toiljs/server/runtime';
-import { revertOnError } from 'toiljs/server/runtime/abort/abort';
-import { Request, Response, Rest, ToilHandler } from 'toiljs/server/runtime';
-import './routes/Auth';
-class H extends ToilHandler { public handle(req: Request): Response { const h = Rest.dispatch(req); return h != null ? h : Response.notFound(); } }
-Server.handler = () => { return new H(); };
-export * from 'toiljs/server/runtime/exports';
-export function abort(m: string, f: string, l: u32, c: u32): void { revertOnError(m, f, l, c); }

package/examples/basic/server/authtest-main.ts

@@ -1,8 +0,0 @@
-import { Server } from 'toiljs/server/runtime';
-import { revertOnError } from 'toiljs/server/runtime/abort/abort';
-import { AuthTestHandler } from './AuthTestHandler';
-Server.handler = () => { return new AuthTestHandler(); };
-export * from 'toiljs/server/runtime/exports';
-export function abort(message: string, fileName: string, line: u32, column: u32): void {
-    revertOnError(message, fileName, line, column);
-}

package/examples/basic/server/authverify-main.ts

@@ -1,8 +0,0 @@
-import { Server } from 'toiljs/server/runtime';
-import { revertOnError } from 'toiljs/server/runtime/abort/abort';
-import { AuthVerifyHandler } from './AuthVerifyHandler';
-Server.handler = () => { return new AuthVerifyHandler(); };
-export * from 'toiljs/server/runtime/exports';
-export function abort(message: string, fileName: string, line: u32, column: u32): void {
-    revertOnError(message, fileName, line, column);
-}

package/examples/basic/server/cache-main.ts

@@ -1,8 +0,0 @@
-import { Server } from 'toiljs/server/runtime';
-import { revertOnError } from 'toiljs/server/runtime/abort/abort';
-import { CacheHandler } from './CacheHandler';
-Server.handler = () => { return new CacheHandler(); };
-export * from 'toiljs/server/runtime/exports';
-export function abort(message: string, fileName: string, line: u32, column: u32): void {
-    revertOnError(message, fileName, line, column);
-}

package/examples/basic/server/deco-main.ts

@@ -1,18 +0,0 @@
-import { Server } from 'toiljs/server/runtime';
-import { revertOnError } from 'toiljs/server/runtime/abort/abort';
-import { Request, Response, Rest, ToilHandler } from 'toiljs/server/runtime';
-import './DecoCache';
-
-class DecoHandler extends ToilHandler {
-    public handle(req: Request): Response {
-        const hit = Rest.dispatch(req);
-        if (hit != null) return hit;
-        return Response.notFound();
-    }
-}
-
-Server.handler = () => { return new DecoHandler(); };
-export * from 'toiljs/server/runtime/exports';
-export function abort(message: string, fileName: string, line: u32, column: u32): void {
-    revertOnError(message, fileName, line, column);
-}

package/examples/basic/server/spin-main.ts

@@ -1,13 +0,0 @@
-import { Server } from 'toiljs/server/runtime';
-import { revertOnError } from 'toiljs/server/runtime/abort/abort';
-import { SpinHandler } from './SpinHandler';
-
-Server.handler = () => {
-    return new SpinHandler();
-};
-
-export * from 'toiljs/server/runtime/exports';
-
-export function abort(message: string, fileName: string, line: u32, column: u32): void {
-    revertOnError(message, fileName, line, column);
-}

package/examples/basic/server/ssr/greeting.slots.ts

@@ -1,19 +0,0 @@
-// AUTO-GENERATED by toil (edge SSR). Do not edit.
-// Route: greeting. Slot ids match the deployed .slots manifest; HASH is the
-// coherence hash the host checks against the template (deploy-skew guard).
-//
-// (For this example the values are hand-fixed; in a real build `template.ts`
-// computes them from the route's rendered template.)
-
-/** Stable hole ids for this route's template. */
-export enum Slot {
-    greeting = 0,
-    count = 1,
-}
-
-/** Coherence hash (32 bytes) baked into the guest and echoed in every values
- * envelope; the host rejects a response whose hash != the deployed template. */
-export const HASH: StaticArray<u8> = [
-    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
-    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
-];

package/examples/basic/server/ssr-main.ts

@@ -1,18 +0,0 @@
-/**
- * Edge-SSR example entry. Registers the `/hello` render (side-effect import),
- * sets a no-op HTTP handler (so the `handle` export is well-formed), and
- * surfaces the wasm exports — including `render(i32, i32) -> i64`.
- */
-import { Server, ToilHandler } from 'toiljs/server/runtime';
-import { revertOnError } from 'toiljs/server/runtime/abort/abort';
-import './SsrGreetingRender';
-
-Server.handler = () => {
-    return new ToilHandler();
-};
-
-export * from 'toiljs/server/runtime/exports';
-
-export function abort(message: string, fileName: string, line: u32, column: u32): void {
-    revertOnError(message, fileName, line, column);
-}

package/examples/basic/server/trap-main.ts

@@ -1,8 +0,0 @@
-import { Server } from 'toiljs/server/runtime';
-import { revertOnError } from 'toiljs/server/runtime/abort/abort';
-import { FastTrapHandler } from './FastTrapHandler';
-Server.handler = () => { return new FastTrapHandler(); };
-export * from 'toiljs/server/runtime/exports';
-export function abort(message: string, fileName: string, line: u32, column: u32): void {
-    revertOnError(message, fileName, line, column);
-}