@basicbenframework/core 0.1.0

package/src/server/body-parser.js

@@ -0,0 +1,159 @@
+/**
+ * Body parser middleware.
+ * Parses JSON and URL-encoded bodies.
+ *
+ * No dependencies - uses native Node.js APIs.
+ */
+
+/**
+ * Parse request body based on content-type
+ */
+export function bodyParser(options = {}) {
+  const limit = options.limit || '1mb'
+  const maxBytes = parseSize(limit)
+
+  return async (req, res, next) => {
+    // Skip if no body expected
+    if (req.method === 'GET' || req.method === 'HEAD') {
+      return next()
+    }
+
+    const contentType = req.headers['content-type'] || ''
+
+    try {
+      const raw = await readBody(req, maxBytes)
+
+      if (contentType.includes('application/json')) {
+        req.body = raw ? JSON.parse(raw) : {}
+      } else if (contentType.includes('application/x-www-form-urlencoded')) {
+        req.body = parseUrlEncoded(raw)
+      } else {
+        req.body = raw
+      }
+
+      next()
+    } catch (err) {
+      if (err.code === 'BODY_TOO_LARGE') {
+        res.statusCode = 413
+        res.end(JSON.stringify({ error: 'Payload too large' }))
+        return
+      }
+
+      if (err instanceof SyntaxError) {
+        res.statusCode = 400
+        res.end(JSON.stringify({ error: 'Invalid JSON' }))
+        return
+      }
+
+      next(err)
+    }
+  }
+}
+
+/**
+ * Read raw body from request stream
+ */
+function readBody(req, maxBytes) {
+  return new Promise((resolve, reject) => {
+    const chunks = []
+    let size = 0
+
+    req.on('data', (chunk) => {
+      size += chunk.length
+      if (size > maxBytes) {
+        const err = new Error('Body too large')
+        err.code = 'BODY_TOO_LARGE'
+        reject(err)
+        req.destroy()
+        return
+      }
+      chunks.push(chunk)
+    })
+
+    req.on('end', () => {
+      resolve(Buffer.concat(chunks).toString('utf8'))
+    })
+
+    req.on('error', reject)
+  })
+}
+
+/**
+ * Parse URL-encoded body
+ */
+function parseUrlEncoded(str) {
+  if (!str) return {}
+
+  const params = new URLSearchParams(str)
+  const result = {}
+
+  for (const [key, value] of params) {
+    // Handle array notation: items[]=a&items[]=b
+    if (key.endsWith('[]')) {
+      const arrayKey = key.slice(0, -2)
+      if (!result[arrayKey]) result[arrayKey] = []
+      result[arrayKey].push(value)
+    } else {
+      result[key] = value
+    }
+  }
+
+  return result
+}
+
+/**
+ * Parse size string to bytes
+ */
+function parseSize(str) {
+  if (typeof str === 'number') return str
+
+  const units = {
+    b: 1,
+    kb: 1024,
+    mb: 1024 * 1024,
+    gb: 1024 * 1024 * 1024
+  }
+
+  const match = str.toLowerCase().match(/^(\d+(?:\.\d+)?)\s*(b|kb|mb|gb)?$/)
+  if (!match) return 1024 * 1024 // default 1mb
+
+  const num = parseFloat(match[1])
+  const unit = match[2] || 'b'
+
+  return Math.floor(num * units[unit])
+}
+
+/**
+ * JSON-only body parser
+ */
+export function json(options = {}) {
+  const limit = options.limit || '1mb'
+  const maxBytes = parseSize(limit)
+
+  return async (req, res, next) => {
+    if (req.method === 'GET' || req.method === 'HEAD') {
+      return next()
+    }
+
+    const contentType = req.headers['content-type'] || ''
+    if (!contentType.includes('application/json')) {
+      req.body = {}
+      return next()
+    }
+
+    try {
+      const raw = await readBody(req, maxBytes)
+      req.body = raw ? JSON.parse(raw) : {}
+      next()
+    } catch (err) {
+      if (err.code === 'BODY_TOO_LARGE') {
+        res.statusCode = 413
+        res.end(JSON.stringify({ error: 'Payload too large' }))
+        return
+      }
+
+      res.statusCode = 400
+      res.end(JSON.stringify({ error: 'Invalid JSON' }))
+    }
+  }
+}

package/src/server/cors.js

@@ -0,0 +1,63 @@
+/**
+ * CORS middleware.
+ * Handles Cross-Origin Resource Sharing headers.
+ */
+
+const defaults = {
+  origin: '*',
+  methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],
+  allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With'],
+  exposedHeaders: [],
+  credentials: false,
+  maxAge: 86400 // 24 hours
+}
+
+export function cors(options = {}) {
+  const config = { ...defaults, ...options }
+
+  return (req, res, next) => {
+    const origin = req.headers.origin
+
+    // Set origin header
+    if (config.origin === '*') {
+      res.setHeader('Access-Control-Allow-Origin', '*')
+    } else if (typeof config.origin === 'string') {
+      res.setHeader('Access-Control-Allow-Origin', config.origin)
+      res.setHeader('Vary', 'Origin')
+    } else if (Array.isArray(config.origin)) {
+      if (origin && config.origin.includes(origin)) {
+        res.setHeader('Access-Control-Allow-Origin', origin)
+        res.setHeader('Vary', 'Origin')
+      }
+    } else if (typeof config.origin === 'function') {
+      const allowed = config.origin(origin, req)
+      if (allowed) {
+        res.setHeader('Access-Control-Allow-Origin', typeof allowed === 'string' ? allowed : origin)
+        res.setHeader('Vary', 'Origin')
+      }
+    }
+
+    // Credentials
+    if (config.credentials) {
+      res.setHeader('Access-Control-Allow-Credentials', 'true')
+    }
+
+    // Exposed headers
+    if (config.exposedHeaders.length > 0) {
+      res.setHeader('Access-Control-Expose-Headers', config.exposedHeaders.join(', '))
+    }
+
+    // Handle preflight
+    if (req.method === 'OPTIONS') {
+      res.setHeader('Access-Control-Allow-Methods', config.methods.join(', '))
+      res.setHeader('Access-Control-Allow-Headers', config.allowedHeaders.join(', '))
+      res.setHeader('Access-Control-Max-Age', String(config.maxAge))
+
+      res.statusCode = 204
+      res.end()
+      return
+    }
+
+    next()
+  }
+}

package/src/server/default-entry.js

@@ -0,0 +1,13 @@
+/**
+ * Default server entry point
+ * Used when no custom src/server/index.js exists
+ */
+
+import { createServer } from './index.js'
+
+const app = await createServer()
+const port = process.env.PORT || 3001
+
+app.listen(port, () => {
+  console.log(`Server running at http://localhost:${port}`)
+})

package/src/server/http.js

@@ -0,0 +1,221 @@
+/**
+ * Minimal HTTP Server
+ *
+ * Zero-dependency HTTP server using Node's built-in http module.
+ * Express/Polka-compatible middleware API.
+ */
+
+import { createServer as createHttpServer } from 'node:http'
+
+/**
+ * Create a minimal HTTP server instance
+ */
+export function createApp(options = {}) {
+  const middleware = []
+  const routes = new Map()  // method -> [{pattern, params, handlers}]
+  const onError = options.onError || defaultErrorHandler
+  const onNoMatch = options.onNoMatch || defaultNotFoundHandler
+
+  // Initialize route maps for each method
+  const methods = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS']
+  for (const method of methods) {
+    routes.set(method, [])
+  }
+
+  /**
+   * Add global middleware
+   */
+  function use(...handlers) {
+    for (const handler of handlers) {
+      if (typeof handler === 'function') {
+        middleware.push(handler)
+      }
+    }
+    return app
+  }
+
+  /**
+   * Register a route
+   */
+  function addRoute(method, path, ...handlers) {
+    const { pattern, paramNames } = pathToPattern(path)
+    routes.get(method.toUpperCase()).push({
+      path,
+      pattern,
+      paramNames,
+      handlers
+    })
+    return app
+  }
+
+  /**
+   * Convert path with params to regex
+   * /users/:id -> /^\/users\/([^/]+)$/
+   */
+  function pathToPattern(path) {
+    const paramNames = []
+
+    let pattern = path
+      // Handle catch-all
+      .replace(/\/\*$/, '/(?<_catchAll>.*)')
+      // Handle :params
+      .replace(/:(\w+)/g, (_, name) => {
+        paramNames.push(name)
+        return '([^/]+)'
+      })
+      // Escape slashes
+      .replace(/\//g, '\\/')
+
+    return {
+      pattern: new RegExp(`^${pattern}$`),
+      paramNames
+    }
+  }
+
+  /**
+   * Match a request to a route
+   */
+  function matchRoute(method, pathname) {
+    const routeList = routes.get(method.toUpperCase()) || []
+
+    for (const route of routeList) {
+      const match = pathname.match(route.pattern)
+      if (match) {
+        // Extract params
+        const params = {}
+        route.paramNames.forEach((name, i) => {
+          params[name] = match[i + 1]
+        })
+        // Handle catch-all
+        if (match.groups?._catchAll !== undefined) {
+          params._catchAll = match.groups._catchAll
+        }
+        return { route, params }
+      }
+    }
+
+    return null
+  }
+
+  /**
+   * Run middleware chain
+   */
+  async function runMiddleware(handlers, req, res) {
+    let index = 0
+
+    const next = async (err) => {
+      if (err) {
+        return onError(err, req, res)
+      }
+
+      if (index >= handlers.length) {
+        return
+      }
+
+      const handler = handlers[index++]
+
+      try {
+        await handler(req, res, next)
+      } catch (error) {
+        onError(error, req, res)
+      }
+    }
+
+    await next()
+  }
+
+  /**
+   * Handle incoming request
+   */
+  async function handleRequest(req, res) {
+    // Parse URL using WHATWG URL API
+    const url = new URL(req.url, `http://${req.headers.host || 'localhost'}`)
+    req.path = url.pathname || '/'
+    req.query = Object.fromEntries(url.searchParams)
+    req.params = {}
+
+    // Find matching route
+    const matched = matchRoute(req.method, req.path)
+
+    if (matched) {
+      req.params = matched.params
+
+      // Combine global middleware + route handlers
+      const handlers = [...middleware, ...matched.route.handlers]
+      await runMiddleware(handlers, req, res)
+    } else {
+      // Run global middleware first, then 404
+      await runMiddleware([...middleware, () => onNoMatch(req, res)], req, res)
+    }
+  }
+
+  /**
+   * Create the HTTP server
+   */
+  const server = createHttpServer((req, res) => {
+    handleRequest(req, res).catch(err => onError(err, req, res))
+  })
+
+  /**
+   * The app object
+   */
+  const app = {
+    use,
+    server,
+
+    // HTTP method shortcuts
+    get: (path, ...handlers) => addRoute('GET', path, ...handlers),
+    post: (path, ...handlers) => addRoute('POST', path, ...handlers),
+    put: (path, ...handlers) => addRoute('PUT', path, ...handlers),
+    patch: (path, ...handlers) => addRoute('PATCH', path, ...handlers),
+    delete: (path, ...handlers) => addRoute('DELETE', path, ...handlers),
+    head: (path, ...handlers) => addRoute('HEAD', path, ...handlers),
+    options: (path, ...handlers) => addRoute('OPTIONS', path, ...handlers),
+
+    /**
+     * Start listening
+     */
+    listen(port, callback) {
+      server.listen(port, callback)
+      return app
+    },
+
+    /**
+     * Close the server
+     */
+    close(callback) {
+      server.close(callback)
+    }
+  }
+
+  return app
+}
+
+/**
+ * Default error handler
+ */
+function defaultErrorHandler(err, req, res) {
+  console.error('Server error:', err)
+
+  if (res.headersSent) return
+
+  const statusCode = err.statusCode || err.status || 500
+  const message = process.env.NODE_ENV === 'production'
+    ? 'Internal Server Error'
+    : err.message
+
+  res.statusCode = statusCode
+  res.setHeader('Content-Type', 'application/json')
+  res.end(JSON.stringify({ error: message }))
+}
+
+/**
+ * Default 404 handler
+ */
+function defaultNotFoundHandler(req, res) {
+  if (res.headersSent) return
+
+  res.statusCode = 404
+  res.setHeader('Content-Type', 'application/json')
+  res.end(JSON.stringify({ error: 'Not Found' }))
+}

package/src/server/index.js

@@ -0,0 +1,168 @@
+/**
+ * BasicBen Server
+ *
+ * Zero-dependency HTTP server with custom router, middleware, and auto-loading.
+ */
+
+import { createApp } from './http.js'
+import { Router, createRouter } from './router.js'
+import { bodyParser, json } from './body-parser.js'
+import { cors } from './cors.js'
+import { serveStatic } from './static.js'
+import { loadRoutes, loadMiddleware, loadConfig } from './loader.js'
+
+/**
+ * Create a BasicBen server instance
+ */
+export async function createServer(options = {}) {
+  const config = await loadConfig()
+  const mergedConfig = { ...defaultConfig, ...config, ...options }
+
+  const app = createApp({
+    onError: mergedConfig.onError || defaultErrorHandler,
+    onNoMatch: mergedConfig.onNoMatch || defaultNotFoundHandler
+  })
+
+  // Core middleware
+  app.use(addResponseHelpers)
+
+  if (mergedConfig.cors) {
+    app.use(cors(mergedConfig.cors === true ? {} : mergedConfig.cors))
+  }
+
+  if (mergedConfig.bodyParser !== false) {
+    app.use(bodyParser(mergedConfig.bodyParser || {}))
+  }
+
+  if (mergedConfig.static) {
+    app.use(serveStatic(mergedConfig.static === true ? {} : mergedConfig.static))
+  }
+
+  // Load user middleware
+  if (mergedConfig.autoloadMiddleware !== false) {
+    const userMiddleware = await loadMiddleware(mergedConfig.middlewareDir)
+    for (const mw of userMiddleware) {
+      app.use(mw)
+    }
+  }
+
+  // Load routes
+  if (mergedConfig.autoloadRoutes !== false) {
+    const router = await loadRoutes(mergedConfig.routesDir)
+    router.applyTo(app)
+  }
+
+  // Add helper methods
+  app.router = createRouter()
+
+  /**
+   * Start the server
+   */
+  app.start = (port, callback) => {
+    const listenPort = port || mergedConfig.port || 3001
+
+    return new Promise((resolve, reject) => {
+      app.listen(listenPort, (err) => {
+        if (err) {
+          reject(err)
+          return
+        }
+
+        if (callback) callback()
+        resolve(app)
+      })
+    })
+  }
+
+  return app
+}
+
+/**
+ * Default configuration
+ */
+const defaultConfig = {
+  port: 3001,
+  cors: true,
+  bodyParser: { limit: '1mb' },
+  static: { dir: 'public' },
+  routesDir: 'src/routes',
+  middlewareDir: 'src/middleware',
+  autoloadRoutes: true,
+  autoloadMiddleware: true
+}
+
+/**
+ * Default error handler
+ */
+function defaultErrorHandler(err, req, res) {
+  console.error('Server error:', err)
+
+  const statusCode = err.statusCode || err.status || 500
+  const message = process.env.NODE_ENV === 'production'
+    ? 'Internal Server Error'
+    : err.message
+
+  res.statusCode = statusCode
+  res.setHeader('Content-Type', 'application/json')
+  res.end(JSON.stringify({ error: message }))
+}
+
+/**
+ * Default 404 handler
+ */
+function defaultNotFoundHandler(req, res) {
+  res.statusCode = 404
+  res.setHeader('Content-Type', 'application/json')
+  res.end(JSON.stringify({ error: 'Not Found' }))
+}
+
+/**
+ * Response helpers - added to res object
+ */
+export function addResponseHelpers(req, res, next) {
+  /**
+   * Send JSON response
+   */
+  res.json = (data, statusCode = 200) => {
+    res.statusCode = statusCode
+    res.setHeader('Content-Type', 'application/json')
+    res.end(JSON.stringify(data))
+  }
+
+  /**
+   * Send response with status code
+   */
+  res.status = (code) => {
+    res.statusCode = code
+    return res
+  }
+
+  /**
+   * Send text response
+   */
+  res.send = (data) => {
+    if (typeof data === 'object') {
+      return res.json(data)
+    }
+    res.end(String(data))
+  }
+
+  /**
+   * Redirect to URL
+   */
+  res.redirect = (url, statusCode = 302) => {
+    res.statusCode = statusCode
+    res.setHeader('Location', url)
+    res.end()
+  }
+
+  next()
+}
+
+// Re-export components
+export { createApp } from './http.js'
+export { Router, createRouter } from './router.js'
+export { bodyParser, json } from './body-parser.js'
+export { cors } from './cors.js'
+export { serveStatic } from './static.js'
+export { loadRoutes, loadMiddleware, loadConfig } from './loader.js'