npm - @b9g/router - Versions diffs - 0.1.10 → 0.2.0-beta.1 - Mend

@b9g/router 0.1.10 → 0.2.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/src/middleware.d.ts ADDED Viewed

@@ -0,0 +1,101 @@
+/**
+ * Standard middleware utilities for HTTP routing
+ */
+import type { FunctionMiddleware } from "./index.js";
+/**
+ * Mode for trailing slash normalization
+ */
+export type TrailingSlashMode = "strip" | "add";
+/**
+ * Middleware that normalizes trailing slashes via 301 redirect
+ *
+ * @param mode - "strip" removes trailing slash, "add" adds trailing slash
+ * @returns Function middleware that redirects non-canonical URLs
+ *
+ * @example
+ * ```typescript
+ * import {Router} from "@b9g/router";
+ * import {trailingSlash} from "@b9g/router/middleware";
+ *
+ * const router = new Router();
+ * router.use(trailingSlash("strip")); // Redirect /path/ → /path
+ *
+ * // Can also be scoped to specific paths
+ * router.use("/api", trailingSlash("strip"));
+ * ```
+ */
+export declare function trailingSlash(mode: TrailingSlashMode): FunctionMiddleware;
+/**
+ * CORS configuration options
+ */
+export interface CORSOptions {
+    /**
+     * Allowed origins. Can be:
+     * - "*" for any origin (not recommended with credentials)
+     * - A specific origin string: "https://example.com"
+     * - An array of origins: ["https://example.com", "https://app.example.com"]
+     * - A function that receives the origin and returns true/false
+     *
+     * @default "*"
+     */
+    origin?: string | string[] | ((origin: string) => boolean);
+    /**
+     * Allowed HTTP methods
+     * @default ["GET", "HEAD", "PUT", "POST", "DELETE", "PATCH"]
+     */
+    methods?: string[];
+    /**
+     * Allowed request headers
+     * @default ["Content-Type", "Authorization"]
+     */
+    allowedHeaders?: string[];
+    /**
+     * Headers exposed to the browser
+     */
+    exposedHeaders?: string[];
+    /**
+     * Whether to include credentials (cookies, authorization headers)
+     * Note: Cannot be used with origin: "*"
+     * @default false
+     */
+    credentials?: boolean;
+    /**
+     * Max age for preflight cache in seconds
+     * @default 86400 (24 hours)
+     */
+    maxAge?: number;
+}
+/**
+ * CORS middleware factory
+ *
+ * Handles Cross-Origin Resource Sharing headers and preflight requests.
+ * Use as generator middleware to add CORS headers to all responses.
+ *
+ * @example
+ * ```typescript
+ * import {Router} from "@b9g/router";
+ * import {cors} from "@b9g/router/middleware";
+ *
+ * const router = new Router();
+ *
+ * // Allow all origins
+ * router.use(cors());
+ *
+ * // Allow specific origin with credentials
+ * router.use(cors({
+ *   origin: "https://myapp.com",
+ *   credentials: true
+ * }));
+ *
+ * // Allow multiple origins
+ * router.use(cors({
+ *   origin: ["https://app.example.com", "https://admin.example.com"]
+ * }));
+ *
+ * // Dynamic origin validation
+ * router.use(cors({
+ *   origin: (origin) => origin.endsWith(".example.com")
+ * }));
+ * ```
+ */
+export declare function cors(options?: CORSOptions): (request: Request, _context: any) => AsyncGenerator<Request, Response | undefined, Response>;

package/src/middleware.js ADDED Viewed

@@ -0,0 +1,107 @@
+/// <reference types="./middleware.d.ts" />
+// src/middleware.ts
+function trailingSlash(mode) {
+  return (req) => {
+    const url = new URL(req.url);
+    const pathname = url.pathname;
+    if (pathname === "/") return;
+    let newPathname = null;
+    if (mode === "strip" && pathname.endsWith("/")) {
+      newPathname = pathname.slice(0, -1);
+    } else if (mode === "add" && !pathname.endsWith("/")) {
+      newPathname = pathname + "/";
+    }
+    if (newPathname) {
+      url.pathname = newPathname;
+      return new Response(null, {
+        status: 301,
+        headers: { Location: url.toString() }
+      });
+    }
+  };
+}
+var DEFAULT_CORS_METHODS = ["GET", "HEAD", "PUT", "POST", "DELETE", "PATCH"];
+var DEFAULT_CORS_HEADERS = ["Content-Type", "Authorization"];
+var DEFAULT_CORS_MAX_AGE = 86400;
+function getAllowedOrigin(config, requestOrigin) {
+  if (config === "*") {
+    return "*";
+  }
+  if (typeof config === "string") {
+    return config === requestOrigin ? config : null;
+  }
+  if (Array.isArray(config)) {
+    return config.includes(requestOrigin) ? requestOrigin : null;
+  }
+  if (typeof config === "function") {
+    return config(requestOrigin) ? requestOrigin : null;
+  }
+  return null;
+}
+function cors(options = {}) {
+  const {
+    origin = "*",
+    methods = DEFAULT_CORS_METHODS,
+    allowedHeaders = DEFAULT_CORS_HEADERS,
+    exposedHeaders,
+    credentials = false,
+    maxAge = DEFAULT_CORS_MAX_AGE
+  } = options;
+  if (credentials && origin === "*") {
+    throw new Error(
+      'CORS: credentials cannot be used with origin: "*". Specify allowed origins explicitly.'
+    );
+  }
+  return async function* (request, _context) {
+    const requestOrigin = request.headers.get("Origin");
+    if (!requestOrigin) {
+      const response2 = yield request;
+      return response2;
+    }
+    const allowedOrigin = getAllowedOrigin(origin, requestOrigin);
+    if (!allowedOrigin) {
+      if (request.method === "OPTIONS") {
+        return new Response(null, { status: 403 });
+      }
+      const response2 = yield request;
+      return response2;
+    }
+    if (request.method === "OPTIONS") {
+      const headers = new Headers();
+      headers.set("Access-Control-Allow-Origin", allowedOrigin);
+      headers.set("Access-Control-Allow-Methods", methods.join(", "));
+      headers.set("Access-Control-Allow-Headers", allowedHeaders.join(", "));
+      headers.set("Access-Control-Max-Age", String(maxAge));
+      if (credentials) {
+        headers.set("Access-Control-Allow-Credentials", "true");
+      }
+      if (exposedHeaders?.length) {
+        headers.set("Access-Control-Expose-Headers", exposedHeaders.join(", "));
+      }
+      headers.set("Vary", "Origin");
+      return new Response(null, { status: 204, headers });
+    }
+    const response = yield request;
+    const newHeaders = new Headers(response.headers);
+    newHeaders.set("Access-Control-Allow-Origin", allowedOrigin);
+    if (credentials) {
+      newHeaders.set("Access-Control-Allow-Credentials", "true");
+    }
+    if (exposedHeaders?.length) {
+      newHeaders.set(
+        "Access-Control-Expose-Headers",
+        exposedHeaders.join(", ")
+      );
+    }
+    newHeaders.set("Vary", "Origin");
+    return new Response(response.body, {
+      status: response.status,
+      statusText: response.statusText,
+      headers: newHeaders
+    });
+  };
+}
+export {
+  cors,
+  trailingSlash
+};