http

10 modules

  • http/common_routes.ts

    Common route spec factories for fuz_app consumers.

    Generic HTTP route factories with no auth-domain dependencies. Auth-aware route factories (account status) live in auth/account_routes.ts.

  • http/db_routes.ts

    API route specs for database administration.

    Generic PostgreSQL table browser using information_schema. Provides: list tables, view columns/rows (paginated), delete rows by PK, health check.

  • http/error_schemas.ts

    Standard error response schemas and error code constants for fuz_app routes.

    Defines ERROR_* constants (single source of truth for machine-parseable error codes), Zod schemas for error response shapes, a type for error schema maps, and derive_error_schemas to auto-populate middleware-produced errors from a route's auth requirement and input schema.

    Used in RouteSpec.errors and MiddlewareSpec.errors for surface introspection and DEV-mode validation.

  • http/middleware_spec.ts

    Middleware spec type — named middleware layer definition.

    Separated from route_spec.ts so middleware modules can import this type without creating an upward dependency on routes.

  • http/origin.ts

    Request source verification middleware for API protection.

    Verifies requests are coming from expected origins/referers. CSRF protection is provided by SameSite: strict on session cookies (see session_middleware.ts). This module provides origin allowlisting for locally-running services — preventing untrusted websites from making requests as the user browses the web.

  • http/proxy.ts

    Trusted proxy configuration and middleware.

    Resolves the client IP from X-Forwarded-For only when the TCP connection originates from a configured trusted proxy. Without this middleware, get_client_ip returns 'unknown'.

  • http/route_spec.ts

    Introspectable route spec system for Hono apps.

    Routes are defined as data (method, path, auth, input/output schemas, handler), then applied to Hono. The attack surface is generated from the specs — always accurate, always complete.

    Input/output schemas align with SAES ActionSpec conventions: - input: Zod schema for the request body (z.null() for no body) - output: Zod schema for the success response body - z.strictObject() for inputs (reject unknown keys)

  • http/schema_helpers.ts

    Shared pure helpers for schema introspection and middleware matching.

    Used by both route_spec.ts (input validation) and surface.ts (attack surface generation). Extracted to avoid circular dependencies between routes and middleware.

  • http/surface_query.ts

    Pure query functions over AppSurface data.

    Usable in tests, the adversarial auth runner, and future surface explorer UI. Replaces duplicated inline .filter() patterns.

    TODO @surface-explorer Used by test utilities (test_auth_surface, adversarial_input, surface_invariants) and SurfaceExplorer.svelte (surface_auth_summary, format_route_key). Several query functions (filter_authenticated_routes, filter_keeper_routes, routes_by_auth_type, filter_routes_by_prefix) are pre-built for richer surface explorer features and consumer test suites — leverage more as the surface UI matures.

  • http/surface.ts

    App surface generation — JSON-serializable attack surface from route and middleware specs.

    Pure schema helpers (is_null_schema, schema_to_surface, middleware_applies, merge_error_schemas) live in schema_helpers.ts.