jason
d53c772dd6
- Node/Express/TypeScript API under /api/v1 with JWT auth (login, refresh, logout, /me) - Prisma schema: vendors, users, roles, products, categories, taxes, transactions - SQLite for local dev; Postgres via docker-compose for production - Full CRUD routes for vendors, users, categories, taxes, products with Zod validation and RBAC - Paginated list endpoints scoped per vendor; refresh token rotation - React/TypeScript admin SPA (Vite): login, protected routing, sidebar layout - Pages: Dashboard, Catalog (tabbed Products/Categories/Taxes), Users, Vendor Settings - Shared UI: Table, Modal, FormField, Btn, PageHeader components - Multi-stage Dockerfile; docker-compose with Postgres healthcheck - Seed script with demo vendor and owner account - INSTRUCTIONS.md, ROADMAP.md, .claude/launch.json for dev server config Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
70 lines
2.6 KiB
JavaScript
70 lines
2.6 KiB
JavaScript
let random = async bytes => crypto.getRandomValues(new Uint8Array(bytes))
|
|
|
|
let customAlphabet = (alphabet, defaultSize = 21) => {
|
|
// First, a bitmask is necessary to generate the ID. The bitmask makes bytes
|
|
// values closer to the alphabet size. The bitmask calculates the closest
|
|
// `2^31 - 1` number, which exceeds the alphabet size.
|
|
// For example, the bitmask for the alphabet size 30 is 31 (00011111).
|
|
// `Math.clz32` is not used, because it is not available in browsers.
|
|
let mask = (2 << (Math.log(alphabet.length - 1) / Math.LN2)) - 1
|
|
// Though, the bitmask solution is not perfect since the bytes exceeding
|
|
// the alphabet size are refused. Therefore, to reliably generate the ID,
|
|
// the random bytes redundancy has to be satisfied.
|
|
|
|
// Note: every hardware random generator call is performance expensive,
|
|
// because the system call for entropy collection takes a lot of time.
|
|
// So, to avoid additional system calls, extra bytes are requested in advance.
|
|
|
|
// Next, a step determines how many random bytes to generate.
|
|
// The number of random bytes gets decided upon the ID size, mask,
|
|
// alphabet size, and magic number 1.6 (using 1.6 peaks at performance
|
|
// according to benchmarks).
|
|
|
|
// `-~f => Math.ceil(f)` if f is a float
|
|
// `-~i => i + 1` if i is an integer
|
|
let step = -~((1.6 * mask * defaultSize) / alphabet.length)
|
|
|
|
return async (size = defaultSize) => {
|
|
let id = ''
|
|
while (true) {
|
|
let bytes = crypto.getRandomValues(new Uint8Array(step))
|
|
// A compact alternative for `for (var i = 0; i < step; i++)`.
|
|
let i = step | 0
|
|
while (i--) {
|
|
// Adding `|| ''` refuses a random byte that exceeds the alphabet size.
|
|
id += alphabet[bytes[i] & mask] || ''
|
|
if (id.length === size) return id
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
let nanoid = async (size = 21) => {
|
|
let id = ''
|
|
let bytes = crypto.getRandomValues(new Uint8Array((size |= 0)))
|
|
|
|
// A compact alternative for `for (var i = 0; i < step; i++)`.
|
|
while (size--) {
|
|
// It is incorrect to use bytes exceeding the alphabet size.
|
|
// The following mask reduces the random byte in the 0-255 value
|
|
// range to the 0-63 value range. Therefore, adding hacks, such
|
|
// as empty string fallback or magic numbers, is unneccessary because
|
|
// the bitmask trims bytes down to the alphabet size.
|
|
let byte = bytes[size] & 63
|
|
if (byte < 36) {
|
|
// `0-9a-z`
|
|
id += byte.toString(36)
|
|
} else if (byte < 62) {
|
|
// `A-Z`
|
|
id += (byte - 26).toString(36).toUpperCase()
|
|
} else if (byte < 63) {
|
|
id += '_'
|
|
} else {
|
|
id += '-'
|
|
}
|
|
}
|
|
return id
|
|
}
|
|
|
|
module.exports = { nanoid, customAlphabet, random }
|