UNPKG

@orpc/server

Version:

<div align="center"> <image align="center" src="https://orpc.unnoq.com/logo.webp" width=280 alt="oRPC logo" /> </div>

orpc.unnoq.com

unnoq/orpc

173 lines (165 loc) 6.93 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
import { Value, Promisable } from '@orpc/shared'; import { StandardRequest, StandardHeaders } from '@orpc/standard-server'; import { BatchResponseBodyItem } from '@orpc/standard-server/batch'; import { d as StandardHandlerInterceptorOptions, g as StandardHandlerPlugin, e as StandardHandlerOptions } from '../shared/server.DBCUJijK.mjs'; import { C as Context, d as ProcedureClientInterceptorOptions } from '../shared/server.B4BGqy3Y.mjs'; import { Meta, ORPCError as ORPCError$1 } from '@orpc/contract'; import { ORPCError } from '@orpc/client'; interface BatchHandlerOptions<T extends Context> { /** * The max size of the batch allowed. * * @default 10 */ maxSize?: Value<Promisable<number>, [StandardHandlerInterceptorOptions<T>]>; /** * Map the request before processing it. * * @default merged back batch request headers into the request */ mapRequestItem?(request: StandardRequest, batchOptions: StandardHandlerInterceptorOptions<T>): StandardRequest; /** * Success batch response status code. * * @default 207 */ successStatus?: Value<Promisable<number>, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>; /** * success batch response headers. * * @default {} */ headers?: Value<Promisable<StandardHeaders>, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>; } /** * The Batch Requests Plugin allows you to combine multiple requests and responses into a single batch, * reducing the overhead of sending each one separately. * * @see {@link https://orpc.unnoq.com/docs/plugins/batch-requests Batch Requests Plugin Docs} */ declare class BatchHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> { private readonly maxSize; private readonly mapRequestItem; private readonly successStatus; private readonly headers; order: number; constructor(options?: BatchHandlerOptions<T>); init(options: StandardHandlerOptions<T>): void; } interface CORSOptions<T extends Context> { origin?: Value<Promisable<string | readonly string[] | null | undefined>, [origin: string, options: StandardHandlerInterceptorOptions<T>]>; timingOrigin?: Value<Promisable<string | readonly string[] | null | undefined>, [origin: string, options: StandardHandlerInterceptorOptions<T>]>; allowMethods?: readonly string[]; allowHeaders?: readonly string[]; maxAge?: number; credentials?: boolean; exposeHeaders?: readonly string[]; } /** * CORSPlugin is a plugin for oRPC that allows you to configure CORS for your API. * * @see {@link https://orpc.unnoq.com/docs/plugins/cors CORS Plugin Docs} */ declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T> { private readonly options; order: number; constructor(options?: CORSOptions<T>); init(options: StandardHandlerOptions<T>): void; } interface RequestHeadersPluginContext { reqHeaders?: Headers; } /** * The Request Headers Plugin injects a `reqHeaders` instance into the context, * allowing access to request headers in oRPC. * * @see {@link https://orpc.unnoq.com/docs/plugins/request-headers Request Headers Plugin Docs} */ declare class RequestHeadersPlugin<T extends RequestHeadersPluginContext> implements StandardHandlerPlugin<T> { init(options: StandardHandlerOptions<T>): void; } interface ResponseHeadersPluginContext { resHeaders?: Headers; } /** * The Response Headers Plugin allows you to set response headers in oRPC. * It injects a resHeaders instance into the context, enabling you to modify response headers easily. * * @see {@link https://orpc.unnoq.com/docs/plugins/response-headers Response Headers Plugin Docs} */ declare class ResponseHeadersPlugin<T extends ResponseHeadersPluginContext> implements StandardHandlerPlugin<T> { init(options: StandardHandlerOptions<T>): void; } interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> { /** * The name of the header to check. * * @default 'x-csrf-token' */ headerName?: Value<Promisable<string>, [options: StandardHandlerInterceptorOptions<T>]>; /** * The value of the header to check. * * @default 'orpc' * */ headerValue?: Value<Promisable<string>, [options: StandardHandlerInterceptorOptions<T>]>; /** * Exclude a procedure from the plugin. * * @default false * */ exclude?: Value<Promisable<boolean>, [options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>]>; /** * The error thrown when the CSRF token is invalid. * * @default new ORPCError('CSRF_TOKEN_MISMATCH', { * status: 403, * message: 'Invalid CSRF token', * }) */ error?: InstanceType<typeof ORPCError>; } /** * This plugin adds basic Cross-Site Request Forgery (CSRF) protection to your oRPC application. * It helps ensure that requests to your procedures originate from JavaScript code, * not from other sources like standard HTML forms or direct browser navigation. * * @see {@link https://orpc.unnoq.com/docs/plugins/simple-csrf-protection Simple CSRF Protection Plugin Docs} */ declare class SimpleCsrfProtectionHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> { private readonly headerName; private readonly headerValue; private readonly exclude; private readonly error; constructor(options?: SimpleCsrfProtectionHandlerPluginOptions<T>); order: number; init(options: StandardHandlerOptions<T>): void; } interface StrictGetMethodPluginOptions { /** * The error thrown when a GET request is made to a procedure that doesn't allow GET. * * @default new ORPCError('METHOD_NOT_SUPPORTED') */ error?: InstanceType<typeof ORPCError$1>; } /** * This plugin enhances security by ensuring only procedures explicitly marked to accept GET requests * can be called using the HTTP GET method for RPC Protocol. This helps prevent certain types of * Cross-Site Request Forgery (CSRF) attacks. * * @see {@link https://orpc.unnoq.com/docs/plugins/strict-get-method Strict Get Method Plugin Docs} */ declare class StrictGetMethodPlugin<T extends Context> implements StandardHandlerPlugin<T> { private readonly error; /** * make sure execute before batch plugin to get real method */ order: number; constructor(options?: StrictGetMethodPluginOptions); init(options: StandardHandlerOptions<T>): void; } export { BatchHandlerPlugin, CORSPlugin, RequestHeadersPlugin, ResponseHeadersPlugin, SimpleCsrfProtectionHandlerPlugin, StrictGetMethodPlugin }; export type { BatchHandlerOptions, CORSOptions, RequestHeadersPluginContext, ResponseHeadersPluginContext, SimpleCsrfProtectionHandlerPluginOptions, StrictGetMethodPluginOptions };