RubyGems - tina4ruby - Versions diffs - 3.11.13 → 3.11.15 - Mend

tina4ruby 3.11.13 → 3.11.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (132) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +80 -80
data/LICENSE.txt +21 -21
data/README.md +137 -137
data/exe/tina4ruby +5 -5
data/lib/tina4/ai.rb +696 -696
data/lib/tina4/api.rb +189 -189
data/lib/tina4/auth.rb +305 -305
data/lib/tina4/auto_crud.rb +244 -244
data/lib/tina4/cache.rb +154 -154
data/lib/tina4/cli.rb +1449 -1449
data/lib/tina4/constants.rb +46 -46
data/lib/tina4/container.rb +74 -74
data/lib/tina4/cors.rb +74 -74
data/lib/tina4/crud.rb +692 -692
data/lib/tina4/database/sqlite3_adapter.rb +165 -165
data/lib/tina4/database.rb +625 -625
data/lib/tina4/database_result.rb +208 -208
data/lib/tina4/debug.rb +8 -8
data/lib/tina4/dev.rb +14 -14
data/lib/tina4/dev_admin.rb +935 -935
data/lib/tina4/dev_mailbox.rb +191 -191
data/lib/tina4/drivers/firebird_driver.rb +124 -110
data/lib/tina4/drivers/mongodb_driver.rb +561 -561
data/lib/tina4/drivers/mssql_driver.rb +112 -112
data/lib/tina4/drivers/mysql_driver.rb +90 -90
data/lib/tina4/drivers/odbc_driver.rb +191 -191
data/lib/tina4/drivers/postgres_driver.rb +116 -106
data/lib/tina4/drivers/sqlite_driver.rb +122 -122
data/lib/tina4/env.rb +95 -95
data/lib/tina4/error_overlay.rb +252 -252
data/lib/tina4/events.rb +109 -109
data/lib/tina4/field_types.rb +154 -154
data/lib/tina4/frond.rb +2025 -2025
data/lib/tina4/gallery/auth/meta.json +1 -1
data/lib/tina4/gallery/auth/src/routes/api/gallery_auth.rb +114 -114
data/lib/tina4/gallery/database/meta.json +1 -1
data/lib/tina4/gallery/database/src/routes/api/gallery_db.rb +43 -43
data/lib/tina4/gallery/error-overlay/meta.json +1 -1
data/lib/tina4/gallery/error-overlay/src/routes/api/gallery_crash.rb +17 -17
data/lib/tina4/gallery/orm/meta.json +1 -1
data/lib/tina4/gallery/orm/src/routes/api/gallery_products.rb +16 -16
data/lib/tina4/gallery/queue/meta.json +1 -1
data/lib/tina4/gallery/queue/src/routes/api/gallery_queue.rb +325 -325
data/lib/tina4/gallery/rest-api/meta.json +1 -1
data/lib/tina4/gallery/rest-api/src/routes/api/gallery_hello.rb +14 -14
data/lib/tina4/gallery/templates/meta.json +1 -1
data/lib/tina4/gallery/templates/src/routes/gallery_page.rb +12 -12
data/lib/tina4/gallery/templates/src/templates/gallery_page.twig +257 -257
data/lib/tina4/graphql.rb +966 -966
data/lib/tina4/health.rb +39 -39
data/lib/tina4/html_element.rb +170 -170
data/lib/tina4/job.rb +80 -80
data/lib/tina4/localization.rb +168 -168
data/lib/tina4/log.rb +203 -203
data/lib/tina4/mcp.rb +696 -696
data/lib/tina4/messenger.rb +587 -587
data/lib/tina4/metrics.rb +793 -793
data/lib/tina4/middleware.rb +445 -445
data/lib/tina4/migration.rb +451 -451
data/lib/tina4/orm.rb +790 -790
data/lib/tina4/public/css/tina4.css +2463 -2463
data/lib/tina4/public/css/tina4.min.css +1 -1
data/lib/tina4/public/images/logo.svg +5 -5
data/lib/tina4/public/js/frond.min.js +2 -2
data/lib/tina4/public/js/tina4-dev-admin.js +565 -565
data/lib/tina4/public/js/tina4-dev-admin.min.js +480 -480
data/lib/tina4/public/js/tina4.min.js +92 -92
data/lib/tina4/public/js/tina4js.min.js +48 -48
data/lib/tina4/public/swagger/index.html +90 -90
data/lib/tina4/public/swagger/oauth2-redirect.html +63 -63
data/lib/tina4/query_builder.rb +380 -380
data/lib/tina4/queue.rb +366 -366
data/lib/tina4/queue_backends/kafka_backend.rb +80 -80
data/lib/tina4/queue_backends/lite_backend.rb +298 -298
data/lib/tina4/queue_backends/mongo_backend.rb +126 -126
data/lib/tina4/queue_backends/rabbitmq_backend.rb +73 -73
data/lib/tina4/rack_app.rb +817 -817
data/lib/tina4/rate_limiter.rb +130 -130
data/lib/tina4/request.rb +268 -255
data/lib/tina4/response.rb +346 -346
data/lib/tina4/response_cache.rb +551 -551
data/lib/tina4/router.rb +406 -406
data/lib/tina4/scss/tina4css/_alerts.scss +34 -34
data/lib/tina4/scss/tina4css/_badges.scss +22 -22
data/lib/tina4/scss/tina4css/_buttons.scss +69 -69
data/lib/tina4/scss/tina4css/_cards.scss +49 -49
data/lib/tina4/scss/tina4css/_forms.scss +156 -156
data/lib/tina4/scss/tina4css/_grid.scss +81 -81
data/lib/tina4/scss/tina4css/_modals.scss +84 -84
data/lib/tina4/scss/tina4css/_nav.scss +149 -149
data/lib/tina4/scss/tina4css/_reset.scss +94 -94
data/lib/tina4/scss/tina4css/_tables.scss +54 -54
data/lib/tina4/scss/tina4css/_typography.scss +55 -55
data/lib/tina4/scss/tina4css/_utilities.scss +197 -197
data/lib/tina4/scss/tina4css/_variables.scss +117 -117
data/lib/tina4/scss/tina4css/base.scss +1 -1
data/lib/tina4/scss/tina4css/colors.scss +48 -48
data/lib/tina4/scss/tina4css/tina4.scss +17 -17
data/lib/tina4/scss_compiler.rb +178 -178
data/lib/tina4/seeder.rb +567 -567
data/lib/tina4/service_runner.rb +303 -303
data/lib/tina4/session.rb +297 -297
data/lib/tina4/session_handlers/database_handler.rb +72 -72
data/lib/tina4/session_handlers/file_handler.rb +67 -67
data/lib/tina4/session_handlers/mongo_handler.rb +49 -49
data/lib/tina4/session_handlers/redis_handler.rb +43 -43
data/lib/tina4/session_handlers/valkey_handler.rb +43 -43
data/lib/tina4/shutdown.rb +84 -84
data/lib/tina4/sql_translation.rb +158 -158
data/lib/tina4/swagger.rb +124 -124
data/lib/tina4/template.rb +894 -894
data/lib/tina4/templates/base.twig +26 -26
data/lib/tina4/templates/errors/302.twig +14 -14
data/lib/tina4/templates/errors/401.twig +9 -9
data/lib/tina4/templates/errors/403.twig +29 -29
data/lib/tina4/templates/errors/404.twig +29 -29
data/lib/tina4/templates/errors/500.twig +38 -38
data/lib/tina4/templates/errors/502.twig +9 -9
data/lib/tina4/templates/errors/503.twig +12 -12
data/lib/tina4/templates/errors/base.twig +37 -37
data/lib/tina4/test_client.rb +159 -159
data/lib/tina4/testing.rb +340 -340
data/lib/tina4/validator.rb +174 -174
data/lib/tina4/version.rb +1 -1
data/lib/tina4/webserver.rb +312 -312
data/lib/tina4/websocket.rb +343 -343
data/lib/tina4/websocket_backplane.rb +190 -190
data/lib/tina4/wsdl.rb +564 -564
data/lib/tina4.rb +458 -458
data/lib/tina4ruby.rb +4 -4
metadata +3 -3

data/lib/tina4/router.rb CHANGED Viewed

@@ -1,406 +1,406 @@
-# frozen_string_literal: true
-module Tina4
-  class Route
-    attr_reader :method, :path, :handler, :auth_handler, :swagger_meta,
-                :path_regex, :param_names, :template
-    attr_accessor :auth_required, :cached
-    def initialize(method, path, handler, auth_handler: nil, swagger_meta: {}, middleware: [], template: nil)
-      @method = method.to_s.upcase.freeze
-      @path = normalize_path(path).freeze
-      @handler = handler
-      @auth_handler = auth_handler
-      @swagger_meta = swagger_meta
-      @middleware = middleware.freeze
-      @template = template&.freeze
-      # Write routes are secure by default, unless custom middleware is registered
-      # (developer handles auth themselves via middleware)
-      @auth_required = %w[POST PUT PATCH DELETE].include?(@method) && middleware.empty?
-      @cached = false
-      @param_names = []
-      @path_regex = compile_pattern(@path)
-      @param_names.freeze
-    end
-    # Mark this route as requiring bearer-token authentication.
-    # Returns self for chaining: Router.get("/path") { ... }.secure
-    def secure
-      @auth_required = true
-      self
-    end
-    # Opt out of the secure-by-default auth on write routes.
-    # Returns self for chaining: Router.post("/login") { ... }.no_auth
-    def no_auth
-      @auth_required = false
-      self
-    end
-    # Mark this route as cacheable.
-    # Returns self for chaining: Router.get("/path") { ... }.cache
-    def cache
-      @cached = true
-      self
-    end
-    # Dual-mode: getter (no args) returns the middleware array;
-    # setter (with args) appends middleware and returns self for chaining.
-    # Router.post("/api") { ... }.middleware(AuthMiddleware)
-    def middleware(*middleware_classes)
-      return @middleware if middleware_classes.empty?
-      @middleware = @middleware.dup + middleware_classes
-      # Custom middleware means developer handles auth — disable built-in gate
-      # unless .secure was explicitly called.
-      @auth_required = false unless @auth_required
-      self
-    end
-    # Returns params hash if matched, false otherwise
-    def match?(request_path, request_method = nil)
-      return false if request_method && @method != "ANY" && @method != request_method.to_s.upcase
-      match_path(request_path)
-    end
-    # Returns params hash if matched, false otherwise
-    def match_path(request_path)
-      match = @path_regex.match(request_path)
-      return false unless match
-      if @param_names.empty?
-        {}
-      else
-        params = {}
-        @param_names.each_with_index do |param_def, i|
-          raw_value = match[i + 1]
-          params[param_def[:name]] = cast_param(raw_value, param_def[:type])
-        end
-        params
-      end
-    end
-    # Run per-route middleware chain; returns true if all pass
-    def run_middleware(request, response)
-      @middleware.each do |mw|
-        result = mw.call(request, response)
-        return false if result == false
-      end
-      true
-    end
-    private
-    def normalize_path(path)
-      p = path.to_s.gsub("\\", "/")
-      p = "/#{p}" unless p.start_with?("/")
-      p = p.chomp("/") unless p == "/"
-      p
-    end
-    # Supported typed-parameter constraints. Mirrored verbatim in
-    # tina4-python / tina4-php / tina4-nodejs for cross-framework parity.
-    #
-    # Any type name not in this table raises ``ArgumentError`` at route
-    # registration — we never silently fall through to the default matcher,
-    # because a typo like ``{id:inetger}`` would otherwise match anything
-    # and create a security footgun (see tina4-book#125).
-    PARAM_TYPE_PATTERNS = {
-      "string"  => "[^/]+",                                            # default, any non-slash segment
-      "int"     => '\d+',
-      "integer" => '\d+',
-      "float"   => '[\d.]+',
-      "number"  => '[\d.]+',
-      "alpha"   => "[A-Za-z]+",                                        # letters only
-      "alnum"   => "[A-Za-z0-9]+",                                     # letters + digits
-      "slug"    => "[a-z0-9-]+",                                       # URL slug
-      "uuid"    => "[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}",
-      "path"    => ".+",                                               # greedy
-      ".*"      => ".+",
-    }.freeze
-    def compile_pattern(path)
-      return Regexp.new("\\A/\\z") if path == "/"
-      parts = path.split("/").reject(&:empty?)
-      regex_parts = parts.map do |part|
-        if part =~ /\A\*(\w+)\z/
-          # Named catch-all splat parameter: *path captures everything after
-          name = Regexp.last_match(1)
-          @param_names << { name: name.to_sym, type: "path" }
-          '(.+)'
-        elsif part == "*"
-          # Bare catch-all wildcard: captures everything after under the "*" key
-          # to match Python/PHP/Node parity (docs say `request.params["*"]`).
-          @param_names << { name: :"*", type: "path" }
-          '(.+)'
-        elsif part =~ /\A\{(\w+)(?::([\w.*]+))?\}\z/
-          # Tina4/Python-style brace params: {id} or {id:int}
-          # This is the ONLY supported param syntax, matching Python exactly.
-          # Do NOT add :id (colon) style params.
-          name = Regexp.last_match(1)
-          type = Regexp.last_match(2) || "string"
-          unless PARAM_TYPE_PATTERNS.key?(type)
-            valid = PARAM_TYPE_PATTERNS.keys.reject { |k| k == ".*" }.sort.join(", ")
-            raise ArgumentError,
-                  "Unknown param type '#{type}' in route '#{path}'. Valid types: #{valid}."
-          end
-          @param_names << { name: name.to_sym, type: type }
-          "(#{PARAM_TYPE_PATTERNS[type]})"
-        else
-          Regexp.escape(part)
-        end
-      end
-      Regexp.new("\\A/#{regex_parts.join("/")}\\z")
-    end
-    def cast_param(value, type)
-      case type
-      when "int", "integer"
-        value.to_i
-      when "float", "number"
-        value.to_f
-      else
-        value
-      end
-    end
-  end
-  # A registered WebSocket route with path pattern matching (reuses Route's compile logic)
-  class WebSocketRoute
-    attr_reader :path, :handler, :path_regex, :param_names
-    def initialize(path, handler)
-      @path = normalize_path(path).freeze
-      @handler = handler
-      @param_names = []
-      @path_regex = compile_pattern(@path)
-      @param_names.freeze
-    end
-    # Returns params hash if matched, false otherwise
-    def match?(request_path)
-      match = @path_regex.match(request_path)
-      return false unless match
-      if @param_names.empty?
-        {}
-      else
-        params = {}
-        @param_names.each_with_index do |param_def, i|
-          raw_value = match[i + 1]
-          params[param_def[:name]] = raw_value
-        end
-        params
-      end
-    end
-    private
-    def normalize_path(path)
-      p = path.to_s.gsub("\\", "/")
-      p = "/#{p}" unless p.start_with?("/")
-      p = p.chomp("/") unless p == "/"
-      p
-    end
-    def compile_pattern(path)
-      return Regexp.new("\\A/\\z") if path == "/"
-      parts = path.split("/").reject(&:empty?)
-      regex_parts = parts.map do |part|
-        if part =~ /\A\{(\w+)\}\z/
-          name = Regexp.last_match(1)
-          @param_names << { name: name.to_sym }
-          '([^/]+)'
-        else
-          Regexp.escape(part)
-        end
-      end
-      Regexp.new("\\A/#{regex_parts.join("/")}\\z")
-    end
-  end
-  module Router
-    class << self
-      def routes
-        @routes ||= []
-      end
-      def get_routes
-        routes
-      end
-      def list_routes
-        routes
-      end
-      # Registered WebSocket routes
-      def ws_routes
-        @ws_routes ||= []
-      end
-      # Parity alias — returns all registered WebSocket routes.
-      def get_web_socket_routes
-        ws_routes
-      end
-      # Register a WebSocket route.
-      # The handler block receives (connection, event, data) where:
-      #   connection — WebSocketConnection with #send, #broadcast, #close, #params
-      #   event      — :open, :message, or :close
-      #   data       — String payload for :message, nil for :open/:close
-      def websocket(path, &block)
-        ws_route = WebSocketRoute.new(path, block)
-        ws_routes << ws_route
-        Tina4::Log.debug("WebSocket route registered: #{path}")
-        ws_route
-      end
-      # Find a matching WebSocket route for a given path.
-      # Returns [ws_route, params] or nil.
-      def find_ws_route(path)
-        normalized = path.gsub("\\", "/")
-        normalized = "/#{normalized}" unless normalized.start_with?("/")
-        normalized = normalized.chomp("/") unless normalized == "/"
-        ws_routes.each do |ws_route|
-          params = ws_route.match?(normalized)
-          return [ws_route, params] if params
-        end
-        nil
-      end
-      # Routes indexed by HTTP method for O(1) method lookup
-      def method_index
-        @method_index ||= Hash.new { |h, k| h[k] = [] }
-      end
-      def add(method, path, handler, auth_handler: nil, swagger_meta: {}, middleware: [], template: nil)
-        route = Route.new(method, path, handler,
-                          auth_handler: auth_handler,
-                          swagger_meta: swagger_meta,
-                          middleware: middleware,
-                          template: template)
-        routes << route
-        method_index[route.method] << route
-        Tina4::Log.debug("Route registered: #{method.upcase} #{path}")
-        route
-      end
-      # Convenience registration methods
-      def get(path, middleware: [], swagger_meta: {}, template: nil, &block)
-        add("GET", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
-      end
-      def post(path, middleware: [], swagger_meta: {}, template: nil, &block)
-        add("POST", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
-      end
-      def put(path, middleware: [], swagger_meta: {}, template: nil, &block)
-        add("PUT", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
-      end
-      def patch(path, middleware: [], swagger_meta: {}, template: nil, &block)
-        add("PATCH", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
-      end
-      def delete(path, middleware: [], swagger_meta: {}, template: nil, &block)
-        add("DELETE", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
-      end
-      def any(path, middleware: [], swagger_meta: {}, template: nil, &block)
-        add("ANY", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
-      end
-      def find_route(method, path)
-        normalized_method = method.upcase
-        # Normalize path once (not per-route)
-        normalized_path = path.gsub("\\", "/")
-        normalized_path = "/#{normalized_path}" unless normalized_path.start_with?("/")
-        normalized_path = normalized_path.chomp("/") unless normalized_path == "/"
-        # Check ANY routes first, then method-specific routes
-        candidates = (method_index["ANY"] || []) + (method_index[normalized_method] || [])
-        candidates.each do |route|
-          params = route.match_path(normalized_path)
-          return [route, params] if params
-        end
-        nil
-      end
-      # Find a route matching method + path. Returns [route, params] or nil.
-      # match(method, path) — consistent with Python, PHP, and Node.
-      def match(method, path)
-        find_route(method, path)
-      end
-      # Register a class-based middleware globally.
-      # The class should define static before_* and/or after_* methods.
-      # Example:
-      #   class AuthMiddleware
-      #     def self.before_auth(request, response)
-      #       unless request.headers["authorization"]
-      #         return [request, response.json({ error: "Unauthorized" }, 401)]
-      #       end
-      #       [request, response]
-      #     end
-      #   end
-      #   Tina4::Router.use(AuthMiddleware)
-      def use(klass)
-        Tina4::Middleware.use(klass)
-      end
-      def clear!
-        @routes = []
-        @method_index = Hash.new { |h, k| h[k] = [] }
-        @ws_routes = []
-      end
-      alias clear clear!
-      def group(prefix, auth_handler: nil, middleware: [], &block)
-        GroupContext.new(prefix, auth_handler, middleware).instance_eval(&block)
-      end
-      # Load route files from a directory (file-based route discovery)
-      def load_routes(directory)
-        return unless Dir.exist?(directory)
-        Dir.glob(File.join(directory, "**/*.rb")).sort.each do |file|
-          begin
-            load file
-            Tina4::Log.debug("Route loaded: #{file}")
-          rescue => e
-            Tina4::Log.error("Failed to load route #{file}: #{e.message}")
-          end
-        end
-      end
-    end
-    class GroupContext
-      def initialize(prefix, auth_handler = nil, middleware = [])
-        @prefix = prefix.chomp("/")
-        @auth_handler = auth_handler
-        @middleware = middleware
-      end
-      %w[get post put patch delete any].each do |m|
-        define_method(m) do |path, middleware: [], swagger_meta: {}, template: nil, &handler|
-          full_path = "#{@prefix}#{path}"
-          combined_middleware = @middleware + middleware
-          Tina4::Router.add(m, full_path, handler,
-                                  auth_handler: @auth_handler,
-                                  swagger_meta: swagger_meta,
-                                  middleware: combined_middleware,
-                                  template: template)
-        end
-      end
-      # Nested groups
-      def group(prefix, auth_handler: nil, middleware: [], &block)
-        full_prefix = "#{@prefix}#{prefix}"
-        combined_middleware = @middleware + middleware
-        nested_auth = auth_handler || @auth_handler
-        GroupContext.new(full_prefix, nested_auth, combined_middleware).instance_eval(&block)
-      end
-    end
-  end
-end
+# frozen_string_literal: true
+module Tina4
+  class Route
+    attr_reader :method, :path, :handler, :auth_handler, :swagger_meta,
+                :path_regex, :param_names, :template
+    attr_accessor :auth_required, :cached
+    def initialize(method, path, handler, auth_handler: nil, swagger_meta: {}, middleware: [], template: nil)
+      @method = method.to_s.upcase.freeze
+      @path = normalize_path(path).freeze
+      @handler = handler
+      @auth_handler = auth_handler
+      @swagger_meta = swagger_meta
+      @middleware = middleware.freeze
+      @template = template&.freeze
+      # Write routes are secure by default, unless custom middleware is registered
+      # (developer handles auth themselves via middleware)
+      @auth_required = %w[POST PUT PATCH DELETE].include?(@method) && middleware.empty?
+      @cached = false
+      @param_names = []
+      @path_regex = compile_pattern(@path)
+      @param_names.freeze
+    end
+    # Mark this route as requiring bearer-token authentication.
+    # Returns self for chaining: Router.get("/path") { ... }.secure
+    def secure
+      @auth_required = true
+      self
+    end
+    # Opt out of the secure-by-default auth on write routes.
+    # Returns self for chaining: Router.post("/login") { ... }.no_auth
+    def no_auth
+      @auth_required = false
+      self
+    end
+    # Mark this route as cacheable.
+    # Returns self for chaining: Router.get("/path") { ... }.cache
+    def cache
+      @cached = true
+      self
+    end
+    # Dual-mode: getter (no args) returns the middleware array;
+    # setter (with args) appends middleware and returns self for chaining.
+    # Router.post("/api") { ... }.middleware(AuthMiddleware)
+    def middleware(*middleware_classes)
+      return @middleware if middleware_classes.empty?
+      @middleware = @middleware.dup + middleware_classes
+      # Custom middleware means developer handles auth — disable built-in gate
+      # unless .secure was explicitly called.
+      @auth_required = false unless @auth_required
+      self
+    end
+    # Returns params hash if matched, false otherwise
+    def match?(request_path, request_method = nil)
+      return false if request_method && @method != "ANY" && @method != request_method.to_s.upcase
+      match_path(request_path)
+    end
+    # Returns params hash if matched, false otherwise
+    def match_path(request_path)
+      match = @path_regex.match(request_path)
+      return false unless match
+      if @param_names.empty?
+        {}
+      else
+        params = {}
+        @param_names.each_with_index do |param_def, i|
+          raw_value = match[i + 1]
+          params[param_def[:name]] = cast_param(raw_value, param_def[:type])
+        end
+        params
+      end
+    end
+    # Run per-route middleware chain; returns true if all pass
+    def run_middleware(request, response)
+      @middleware.each do |mw|
+        result = mw.call(request, response)
+        return false if result == false
+      end
+      true
+    end
+    private
+    def normalize_path(path)
+      p = path.to_s.gsub("\\", "/")
+      p = "/#{p}" unless p.start_with?("/")
+      p = p.chomp("/") unless p == "/"
+      p
+    end
+    # Supported typed-parameter constraints. Mirrored verbatim in
+    # tina4-python / tina4-php / tina4-nodejs for cross-framework parity.
+    #
+    # Any type name not in this table raises ``ArgumentError`` at route
+    # registration — we never silently fall through to the default matcher,
+    # because a typo like ``{id:inetger}`` would otherwise match anything
+    # and create a security footgun (see tina4-book#125).
+    PARAM_TYPE_PATTERNS = {
+      "string"  => "[^/]+",                                            # default, any non-slash segment
+      "int"     => '\d+',
+      "integer" => '\d+',
+      "float"   => '[\d.]+',
+      "number"  => '[\d.]+',
+      "alpha"   => "[A-Za-z]+",                                        # letters only
+      "alnum"   => "[A-Za-z0-9]+",                                     # letters + digits
+      "slug"    => "[a-z0-9-]+",                                       # URL slug
+      "uuid"    => "[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}",
+      "path"    => ".+",                                               # greedy
+      ".*"      => ".+",
+    }.freeze
+    def compile_pattern(path)
+      return Regexp.new("\\A/\\z") if path == "/"
+      parts = path.split("/").reject(&:empty?)
+      regex_parts = parts.map do |part|
+        if part =~ /\A\*(\w+)\z/
+          # Named catch-all splat parameter: *path captures everything after
+          name = Regexp.last_match(1)
+          @param_names << { name: name.to_sym, type: "path" }
+          '(.+)'
+        elsif part == "*"
+          # Bare catch-all wildcard: captures everything after under the "*" key
+          # to match Python/PHP/Node parity (docs say `request.params["*"]`).
+          @param_names << { name: :"*", type: "path" }
+          '(.+)'
+        elsif part =~ /\A\{(\w+)(?::([\w.*]+))?\}\z/
+          # Tina4/Python-style brace params: {id} or {id:int}
+          # This is the ONLY supported param syntax, matching Python exactly.
+          # Do NOT add :id (colon) style params.
+          name = Regexp.last_match(1)
+          type = Regexp.last_match(2) || "string"
+          unless PARAM_TYPE_PATTERNS.key?(type)
+            valid = PARAM_TYPE_PATTERNS.keys.reject { |k| k == ".*" }.sort.join(", ")
+            raise ArgumentError,
+                  "Unknown param type '#{type}' in route '#{path}'. Valid types: #{valid}."
+          end
+          @param_names << { name: name.to_sym, type: type }
+          "(#{PARAM_TYPE_PATTERNS[type]})"
+        else
+          Regexp.escape(part)
+        end
+      end
+      Regexp.new("\\A/#{regex_parts.join("/")}\\z")
+    end
+    def cast_param(value, type)
+      case type
+      when "int", "integer"
+        value.to_i
+      when "float", "number"
+        value.to_f
+      else
+        value
+      end
+    end
+  end
+  # A registered WebSocket route with path pattern matching (reuses Route's compile logic)
+  class WebSocketRoute
+    attr_reader :path, :handler, :path_regex, :param_names
+    def initialize(path, handler)
+      @path = normalize_path(path).freeze
+      @handler = handler
+      @param_names = []
+      @path_regex = compile_pattern(@path)
+      @param_names.freeze
+    end
+    # Returns params hash if matched, false otherwise
+    def match?(request_path)
+      match = @path_regex.match(request_path)
+      return false unless match
+      if @param_names.empty?
+        {}
+      else
+        params = {}
+        @param_names.each_with_index do |param_def, i|
+          raw_value = match[i + 1]
+          params[param_def[:name]] = raw_value
+        end
+        params
+      end
+    end
+    private
+    def normalize_path(path)
+      p = path.to_s.gsub("\\", "/")
+      p = "/#{p}" unless p.start_with?("/")
+      p = p.chomp("/") unless p == "/"
+      p
+    end
+    def compile_pattern(path)
+      return Regexp.new("\\A/\\z") if path == "/"
+      parts = path.split("/").reject(&:empty?)
+      regex_parts = parts.map do |part|
+        if part =~ /\A\{(\w+)\}\z/
+          name = Regexp.last_match(1)
+          @param_names << { name: name.to_sym }
+          '([^/]+)'
+        else
+          Regexp.escape(part)
+        end
+      end
+      Regexp.new("\\A/#{regex_parts.join("/")}\\z")
+    end
+  end
+  module Router
+    class << self
+      def routes
+        @routes ||= []
+      end
+      def get_routes
+        routes
+      end
+      def list_routes
+        routes
+      end
+      # Registered WebSocket routes
+      def ws_routes
+        @ws_routes ||= []
+      end
+      # Parity alias — returns all registered WebSocket routes.
+      def get_web_socket_routes
+        ws_routes
+      end
+      # Register a WebSocket route.
+      # The handler block receives (connection, event, data) where:
+      #   connection — WebSocketConnection with #send, #broadcast, #close, #params
+      #   event      — :open, :message, or :close
+      #   data       — String payload for :message, nil for :open/:close
+      def websocket(path, &block)
+        ws_route = WebSocketRoute.new(path, block)
+        ws_routes << ws_route
+        Tina4::Log.debug("WebSocket route registered: #{path}")
+        ws_route
+      end
+      # Find a matching WebSocket route for a given path.
+      # Returns [ws_route, params] or nil.
+      def find_ws_route(path)
+        normalized = path.gsub("\\", "/")
+        normalized = "/#{normalized}" unless normalized.start_with?("/")
+        normalized = normalized.chomp("/") unless normalized == "/"
+        ws_routes.each do |ws_route|
+          params = ws_route.match?(normalized)
+          return [ws_route, params] if params
+        end
+        nil
+      end
+      # Routes indexed by HTTP method for O(1) method lookup
+      def method_index
+        @method_index ||= Hash.new { |h, k| h[k] = [] }
+      end
+      def add(method, path, handler, auth_handler: nil, swagger_meta: {}, middleware: [], template: nil)
+        route = Route.new(method, path, handler,
+                          auth_handler: auth_handler,
+                          swagger_meta: swagger_meta,
+                          middleware: middleware,
+                          template: template)
+        routes << route
+        method_index[route.method] << route
+        Tina4::Log.debug("Route registered: #{method.upcase} #{path}")
+        route
+      end
+      # Convenience registration methods
+      def get(path, middleware: [], swagger_meta: {}, template: nil, &block)
+        add("GET", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
+      end
+      def post(path, middleware: [], swagger_meta: {}, template: nil, &block)
+        add("POST", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
+      end
+      def put(path, middleware: [], swagger_meta: {}, template: nil, &block)
+        add("PUT", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
+      end
+      def patch(path, middleware: [], swagger_meta: {}, template: nil, &block)
+        add("PATCH", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
+      end
+      def delete(path, middleware: [], swagger_meta: {}, template: nil, &block)
+        add("DELETE", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
+      end
+      def any(path, middleware: [], swagger_meta: {}, template: nil, &block)
+        add("ANY", path, block, middleware: middleware, swagger_meta: swagger_meta, template: template)
+      end
+      def find_route(method, path)
+        normalized_method = method.upcase
+        # Normalize path once (not per-route)
+        normalized_path = path.gsub("\\", "/")
+        normalized_path = "/#{normalized_path}" unless normalized_path.start_with?("/")
+        normalized_path = normalized_path.chomp("/") unless normalized_path == "/"
+        # Check ANY routes first, then method-specific routes
+        candidates = (method_index["ANY"] || []) + (method_index[normalized_method] || [])
+        candidates.each do |route|
+          params = route.match_path(normalized_path)
+          return [route, params] if params
+        end
+        nil
+      end
+      # Find a route matching method + path. Returns [route, params] or nil.
+      # match(method, path) — consistent with Python, PHP, and Node.
+      def match(method, path)
+        find_route(method, path)
+      end
+      # Register a class-based middleware globally.
+      # The class should define static before_* and/or after_* methods.
+      # Example:
+      #   class AuthMiddleware
+      #     def self.before_auth(request, response)
+      #       unless request.headers["authorization"]
+      #         return [request, response.json({ error: "Unauthorized" }, 401)]
+      #       end
+      #       [request, response]
+      #     end
+      #   end
+      #   Tina4::Router.use(AuthMiddleware)
+      def use(klass)
+        Tina4::Middleware.use(klass)
+      end
+      def clear!
+        @routes = []
+        @method_index = Hash.new { |h, k| h[k] = [] }
+        @ws_routes = []
+      end
+      alias clear clear!
+      def group(prefix, auth_handler: nil, middleware: [], &block)
+        GroupContext.new(prefix, auth_handler, middleware).instance_eval(&block)
+      end
+      # Load route files from a directory (file-based route discovery)
+      def load_routes(directory)
+        return unless Dir.exist?(directory)
+        Dir.glob(File.join(directory, "**/*.rb")).sort.each do |file|
+          begin
+            load file
+            Tina4::Log.debug("Route loaded: #{file}")
+          rescue => e
+            Tina4::Log.error("Failed to load route #{file}: #{e.message}")
+          end
+        end
+      end
+    end
+    class GroupContext
+      def initialize(prefix, auth_handler = nil, middleware = [])
+        @prefix = prefix.chomp("/")
+        @auth_handler = auth_handler
+        @middleware = middleware
+      end
+      %w[get post put patch delete any].each do |m|
+        define_method(m) do |path, middleware: [], swagger_meta: {}, template: nil, &handler|
+          full_path = "#{@prefix}#{path}"
+          combined_middleware = @middleware + middleware
+          Tina4::Router.add(m, full_path, handler,
+                                  auth_handler: @auth_handler,
+                                  swagger_meta: swagger_meta,
+                                  middleware: combined_middleware,
+                                  template: template)
+        end
+      end
+      # Nested groups
+      def group(prefix, auth_handler: nil, middleware: [], &block)
+        full_prefix = "#{@prefix}#{prefix}"
+        combined_middleware = @middleware + middleware
+        nested_auth = auth_handler || @auth_handler
+        GroupContext.new(full_prefix, nested_auth, combined_middleware).instance_eval(&block)
+      end
+    end
+  end
+end