@bunary/http 0.2.0 → 0.3.0

package/CHANGELOG.md

@@ -5,6 +5,26 @@ All notable changes to `@bunary/http` will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.3.0] - 2026-02-17
+
+### Added
+
+- Built-in CORS middleware via `cors()` factory (#47)
+  - `cors()` with no arguments allows all origins (default `Access-Control-Allow-Origin: *`)
+  - Configurable `origin` (string, string array, or `"*"`), `methods`, `allowHeaders`, `exposeHeaders`, `credentials`, `maxAge`
+  - Handles preflight `OPTIONS` requests automatically — returns 204 with CORS headers
+  - Reflects `Access-Control-Request-Headers` by default, or uses explicit `allowHeaders`
+  - Adds `Vary: Origin` when origin is not `"*"` for correct cache behavior
+  - Works as global middleware (`app.use(cors())`) or per-group (`middleware: [cors()]`)
+  - `CorsOptions` type exported for TypeScript consumers
+
+- Body parsing helpers on `RequestContext` — `ctx.json()`, `ctx.text()`, `ctx.formData()` (#51)
+  - `ctx.json<T>()` — parse JSON body with type inference, throws `BodyParseError` on malformed input
+  - `ctx.text()` — get request body as string
+  - `ctx.formData()` — parse multipart/URL-encoded form data, throws `BodyParseError` on malformed input
+  - `BodyParseError` class exported for catch-based error handling in handlers
+  - Thin wrappers around `Request` methods — no parsing framework, no validation, zero new dependencies
+
 ## [0.2.0] - 2026-02-15
 
 ### Added

package/dist/app.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAWA,OAAO,KAAK,EACX,UAAU,EACV,SAAS,EAWT,MAAM,kBAAkB,CAAC;AAE1B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsDG;AACH,wBAAgB,SAAS,CAAC,OAAO,SAAS,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACzE,OAAO,CAAC,EAAE,UAAU,CAAC,OAAO,CAAC,GAC3B,SAAS,CAAC,OAAO,CAAC,CAyQpB"}
+{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAkBA,OAAO,KAAK,EACX,UAAU,EACV,SAAS,EAYT,MAAM,kBAAkB,CAAC;AAE1B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsDG;AACH,wBAAgB,SAAS,CAAC,OAAO,SAAS,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACzE,OAAO,CAAC,EAAE,UAAU,CAAC,OAAO,CAAC,GAC3B,SAAS,CAAC,OAAO,CAAC,CAkSpB"}

package/dist/context.d.ts

@@ -0,0 +1,13 @@
+import type { PathParams } from "./types/pathParams.js";
+import type { RequestContext } from "./types/requestContext.js";
+/**
+ * Create a RequestContext for a given request and params.
+ *
+ * Centralises context construction so that body helpers (`json`, `text`,
+ * `formData`) are available everywhere a `RequestContext` is built —
+ * including 404/405 handler contexts.
+ *
+ * @internal
+ */
+export declare function createRequestContext(request: Request, params: PathParams, query: URLSearchParams): RequestContext;
+//# sourceMappingURL=context.d.ts.map

package/dist/context.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAEhE;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CACnC,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,UAAU,EAClB,KAAK,EAAE,eAAe,GACpB,cAAc,CAsBhB"}

package/dist/cors.d.ts

@@ -0,0 +1,82 @@
+import type { Middleware } from "./types/index.js";
+/**
+ * CORS configuration options.
+ *
+ * @example
+ * ```ts
+ * const options: CorsOptions = {
+ *   origin: "https://myapp.com",
+ *   methods: ["GET", "POST"],
+ *   credentials: true,
+ *   maxAge: 86400,
+ * };
+ * ```
+ */
+export interface CorsOptions {
+    /**
+     * Allowed origin(s). Use `"*"` (default) for any origin,
+     * a single string for one origin, or an array for multiple.
+     *
+     * @default "*"
+     */
+    origin?: string | string[];
+    /**
+     * HTTP methods to advertise in `Access-Control-Allow-Methods`.
+     *
+     * @default ["GET", "HEAD", "PUT", "POST", "DELETE", "PATCH"]
+     */
+    methods?: string[];
+    /**
+     * Headers the client is allowed to send.
+     * When omitted, the value of `Access-Control-Request-Headers` is reflected.
+     */
+    allowHeaders?: string[];
+    /**
+     * Response headers the browser may expose to client-side JavaScript.
+     */
+    exposeHeaders?: string[];
+    /**
+     * Whether to include `Access-Control-Allow-Credentials: true`.
+     *
+     * @default false
+     */
+    credentials?: boolean;
+    /**
+     * How long (in seconds) the browser may cache preflight results.
+     * Omitted from the response when `undefined`.
+     */
+    maxAge?: number;
+}
+/**
+ * Create a CORS middleware.
+ *
+ * Handles preflight `OPTIONS` requests (returns 204) and
+ * adds CORS headers to actual responses.
+ *
+ * @param options - CORS configuration (defaults allow all origins)
+ * @returns Middleware function
+ *
+ * @example
+ * ```ts
+ * import { createApp, cors } from "@bunary/http";
+ *
+ * // Allow any origin
+ * const app = createApp();
+ * app.use(cors());
+ *
+ * // Restrict to a single origin with credentials
+ * app.use(cors({
+ *   origin: "https://myapp.com",
+ *   credentials: true,
+ *   maxAge: 86400,
+ * }));
+ *
+ * // Multiple allowed origins
+ * app.use(cors({
+ *   origin: ["https://app1.com", "https://app2.com"],
+ *   methods: ["GET", "POST"],
+ * }));
+ * ```
+ */
+export declare function cors(options?: CorsOptions): Middleware;
+//# sourceMappingURL=cors.d.ts.map

package/dist/cors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../src/cors.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAEnD;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,WAAW;IAC3B;;;;;OAKG;IACH,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAE3B;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IAEnB;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IAExB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzB;;;;OAIG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;CAChB;AA0BD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,wBAAgB,IAAI,CAAC,OAAO,GAAE,WAAgB,GAAG,UAAU,CAwF1D"}

package/dist/errors.d.ts

@@ -0,0 +1,33 @@
+/**
+ * Error thrown when request body parsing fails.
+ *
+ * Thrown by `ctx.json()` and `ctx.formData()` when the request body
+ * cannot be parsed. Handlers can catch this to return a custom 400 response.
+ *
+ * @example
+ * ```ts
+ * import { BodyParseError } from "@bunary/http";
+ *
+ * app.post("/users", async (ctx) => {
+ *   try {
+ *     const body = await ctx.json();
+ *     return { received: body };
+ *   } catch (error) {
+ *     if (error instanceof BodyParseError) {
+ *       return new Response(JSON.stringify({ error: error.message }), {
+ *         status: 400,
+ *         headers: { "Content-Type": "application/json" },
+ *       });
+ *     }
+ *     throw error;
+ *   }
+ * });
+ * ```
+ */
+export declare class BodyParseError extends Error {
+    readonly name = "BodyParseError";
+    /** The underlying parse error, if available */
+    readonly cause?: unknown;
+    constructor(message: string, cause?: unknown);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,qBAAa,cAAe,SAAQ,KAAK;IACxC,SAAkB,IAAI,oBAAoB;IAE1C,+CAA+C;IAC/C,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,CAAC;gBAEb,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,OAAO;CAI5C"}

package/dist/handlers/methodNotAllowed.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"methodNotAllowed.d.ts","sourceRoot":"","sources":["../../src/handlers/methodNotAllowed.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAkB,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAE3E;;;;;;;GAOG;AACH,wBAAsB,sBAAsB,CAC3C,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,KAAK,EAAE,EACf,OAAO,CAAC,EAAE,UAAU,EACpB,WAAW,CAAC,EAAE,MAAM,EAAE,GACpB,OAAO,CAAC,QAAQ,CAAC,CAgCnB"}
+{"version":3,"file":"methodNotAllowed.d.ts","sourceRoot":"","sources":["../../src/handlers/methodNotAllowed.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,UAAU,EAAkB,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAE3E;;;;;;;GAOG;AACH,wBAAsB,sBAAsB,CAC3C,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,KAAK,EAAE,EACf,OAAO,CAAC,EAAE,UAAU,EACpB,WAAW,CAAC,EAAE,MAAM,EAAE,GACpB,OAAO,CAAC,QAAQ,CAAC,CA2BnB"}

package/dist/handlers/notFound.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"notFound.d.ts","sourceRoot":"","sources":["../../src/handlers/notFound.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAkB,MAAM,mBAAmB,CAAC;AAEpE;;;GAGG;AACH,wBAAsB,cAAc,CACnC,OAAO,EAAE,OAAO,EAChB,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,UAAU,GAClB,OAAO,CAAC,QAAQ,CAAC,CAgBnB"}
+{"version":3,"file":"notFound.d.ts","sourceRoot":"","sources":["../../src/handlers/notFound.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAkB,MAAM,mBAAmB,CAAC;AAEpE;;;GAGG;AACH,wBAAsB,cAAc,CACnC,OAAO,EAAE,OAAO,EAChB,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,UAAU,GAClB,OAAO,CAAC,QAAQ,CAAC,CAWnB"}

package/dist/index.d.ts

@@ -19,5 +19,8 @@
  * @packageDocumentation
  */
 export { createApp } from "./app.js";
+export type { CorsOptions } from "./cors.js";
+export { cors } from "./cors.js";
+export { BodyParseError } from "./errors.js";
 export type { AppOptions, BunaryApp, BunaryServer, GroupCallback, GroupOptions, GroupRouter, HandlerResponse, HttpMethod, ListenOptions, Middleware, PathParams, RequestContext, RouteBuilder, RouteHandler, RouteInfo, } from "./types/index.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC,YAAY,EACX,UAAU,EACV,SAAS,EACT,YAAY,EACZ,aAAa,EACb,YAAY,EACZ,WAAW,EACX,eAAe,EACf,UAAU,EACV,aAAa,EACb,UAAU,EACV,UAAU,EACV,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,SAAS,GACT,MAAM,kBAAkB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AACrC,YAAY,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAE7C,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAE7C,YAAY,EACX,UAAU,EACV,SAAS,EACT,YAAY,EACZ,aAAa,EACb,YAAY,EACZ,WAAW,EACX,eAAe,EACf,UAAU,EACV,aAAa,EACb,UAAU,EACV,UAAU,EACV,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,SAAS,GACT,MAAM,kBAAkB,CAAC"}

package/dist/index.js

@@ -1,4 +1,39 @@
 // @bun
+// src/errors.ts
+class BodyParseError extends Error {
+  name = "BodyParseError";
+  cause;
+  constructor(message, cause) {
+    super(message);
+    this.cause = cause;
+  }
+}
+
+// src/context.ts
+function createRequestContext(request, params, query) {
+  return {
+    request,
+    params,
+    query,
+    locals: {},
+    json: async () => {
+      try {
+        return await request.json();
+      } catch (error) {
+        throw new BodyParseError("Failed to parse JSON body", error);
+      }
+    },
+    text: () => request.text(),
+    formData: async () => {
+      try {
+        return await request.formData();
+      } catch (error) {
+        throw new BodyParseError("Failed to parse form data", error);
+      }
+    }
+  };
+}
+
 // src/response.ts
 function toResponse(result) {
   if (result instanceof Response) {
@@ -259,6 +294,17 @@ function resolveRoute(routes, method, path) {
     allowedMethods: Array.from(allowedMethods).sort()
   };
 }
+function findRouteByPath(routes, path) {
+  for (const route of routes) {
+    if (!route.pattern.test(path))
+      continue;
+    const params = extractParams(path, route);
+    if (!checkConstraints(params, route.constraints))
+      continue;
+    return { route, params };
+  }
+  return null;
+}
 function getAllowedMethods(routes, path) {
   const methods = new Set;
   for (const route of routes) {
@@ -345,12 +391,7 @@ function toHeadResponse(response) {
 async function handleMethodNotAllowed(request, path, routes, options, precomputed) {
   const url = new URL(request.url);
   const allowedMethods = precomputed ?? getAllowedMethods(routes, path);
-  const methodNotAllowedCtx = {
-    request,
-    params: {},
-    query: url.searchParams,
-    locals: {}
-  };
+  const methodNotAllowedCtx = createRequestContext(request, {}, url.searchParams);
   if (options?.onMethodNotAllowed) {
     const result = await options.onMethodNotAllowed(methodNotAllowedCtx, allowedMethods);
     const response = toResponse(result);
@@ -377,12 +418,7 @@ async function handleMethodNotAllowed(request, path, routes, options, precompute
 // src/handlers/notFound.ts
 async function handleNotFound(request, _path, options) {
   const url = new URL(request.url);
-  const notFoundCtx = {
-    request,
-    params: {},
-    query: url.searchParams,
-    locals: {}
-  };
+  const notFoundCtx = createRequestContext(request, {}, url.searchParams);
   if (options?.onNotFound) {
     const result = await options.onNotFound(notFoundCtx);
     return toResponse(result);
@@ -457,6 +493,24 @@ function createApp(options) {
     const path = url.pathname;
     const method = request.method;
     if (method === "OPTIONS") {
+      if (request.headers.get("Origin")) {
+        const routeMatch = findRouteByPath(routes, path);
+        const chain = routeMatch ? getMiddlewareChain(routeMatch.route) : middlewares.length > 0 ? [...middlewares] : [];
+        if (chain.length > 0) {
+          const params = routeMatch?.params ?? {};
+          const ctx2 = createRequestContext(request, params, url.searchParams);
+          let index = 0;
+          const next = async () => {
+            if (index < chain.length) {
+              const mw = chain[index++];
+              return await mw(ctx2, next);
+            }
+            return await handleOptions(request, path, routes, internalOpts);
+          };
+          const result = await next();
+          return toResponse(result);
+        }
+      }
       return await handleOptions(request, path, routes, internalOpts);
     }
     const { match, allowedMethods } = resolveRoute(routes, method, path);
@@ -466,12 +520,7 @@ function createApp(options) {
       }
       return await handleNotFound(request, path, internalOpts);
     }
-    const ctx = {
-      request,
-      params: match.params,
-      query: url.searchParams,
-      locals: {}
-    };
+    const ctx = createRequestContext(request, match.params, url.searchParams);
     try {
       const response = await executeRoute(match, ctx, getMiddlewareChain);
       if (method === "HEAD") {
@@ -589,6 +638,81 @@ function createApp(options) {
   };
   return app;
 }
+// src/cors.ts
+var DEFAULT_METHODS = ["GET", "HEAD", "PUT", "POST", "DELETE", "PATCH"];
+function resolveOrigin(allowed, requestOrigin, credentials) {
+  if (allowed === "*") {
+    return credentials ? requestOrigin : "*";
+  }
+  if (typeof allowed === "string") {
+    return allowed === requestOrigin ? allowed : null;
+  }
+  return allowed.includes(requestOrigin) ? requestOrigin : null;
+}
+function cors(options = {}) {
+  const {
+    origin = "*",
+    methods = DEFAULT_METHODS,
+    allowHeaders,
+    exposeHeaders,
+    credentials = false,
+    maxAge
+  } = options;
+  return async (ctx, next) => {
+    const requestOrigin = ctx.request.headers.get("Origin");
+    if (!requestOrigin) {
+      return await next();
+    }
+    const allowedOrigin = resolveOrigin(origin, requestOrigin, credentials);
+    if (!allowedOrigin) {
+      return await next();
+    }
+    const needsVary = origin !== "*" || credentials;
+    if (ctx.request.method === "OPTIONS") {
+      const headers = new Headers;
+      headers.set("Access-Control-Allow-Origin", allowedOrigin);
+      if (needsVary) {
+        headers.append("Vary", "Origin");
+      }
+      headers.set("Access-Control-Allow-Methods", methods.join(", "));
+      if (allowHeaders) {
+        headers.set("Access-Control-Allow-Headers", allowHeaders.join(", "));
+      } else {
+        const requested = ctx.request.headers.get("Access-Control-Request-Headers");
+        if (requested) {
+          headers.set("Access-Control-Allow-Headers", requested);
+        }
+      }
+      if (credentials) {
+        headers.set("Access-Control-Allow-Credentials", "true");
+      }
+      if (maxAge !== undefined) {
+        headers.set("Access-Control-Max-Age", String(maxAge));
+      }
+      return new Response(null, { status: 204, headers });
+    }
+    const result = await next();
+    const response = toResponse(result);
+    const newHeaders = new Headers(response.headers);
+    newHeaders.set("Access-Control-Allow-Origin", allowedOrigin);
+    if (needsVary) {
+      newHeaders.append("Vary", "Origin");
+    }
+    if (exposeHeaders && exposeHeaders.length > 0) {
+      newHeaders.set("Access-Control-Expose-Headers", exposeHeaders.join(", "));
+    }
+    if (credentials) {
+      newHeaders.set("Access-Control-Allow-Credentials", "true");
+    }
+    return new Response(response.body, {
+      status: response.status,
+      statusText: response.statusText,
+      headers: newHeaders
+    });
+  };
+}
 export {
-  createApp
+  createApp,
+  cors,
+  BodyParseError
 };

package/dist/routes/find.d.ts

@@ -47,6 +47,13 @@ export declare function findRoute(routes: Route[], method: string, path: string)
  * Check if any route matches the path (regardless of method).
  */
 export declare function hasMatchingPath(routes: Route[], path: string): boolean;
+/**
+ * Find the first route whose path matches, regardless of HTTP method.
+ *
+ * Used by the OPTIONS/CORS preflight handler to locate group middleware
+ * attached to a route at this path.
+ */
+export declare function findRouteByPath(routes: Route[], path: string): RouteMatch | null;
 /**
  * Get all allowed HTTP methods for a given path.
  * Respects route constraints when determining matches.

package/dist/routes/find.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"find.d.ts","sourceRoot":"","sources":["../../src/routes/find.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAE/C,MAAM,WAAW,UAAU;IAC1B,KAAK,EAAE,KAAK,CAAC;IACb,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;CAC3C;AAED;;;;;GAKG;AACH,MAAM,WAAW,eAAe;IAC/B,kEAAkE;IAClE,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;IACzB,oGAAoG;IACpG,cAAc,EAAE,MAAM,EAAE,CAAC;CACzB;AAED;;;;;;;;;GASG;AACH,wBAAgB,YAAY,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,eAAe,CAiC3F;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,SAAS,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,IAAI,CAc1F;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAMtE;AAED;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,CAYzE"}
+{"version":3,"file":"find.d.ts","sourceRoot":"","sources":["../../src/routes/find.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAE/C,MAAM,WAAW,UAAU;IAC1B,KAAK,EAAE,KAAK,CAAC;IACb,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;CAC3C;AAED;;;;;GAKG;AACH,MAAM,WAAW,eAAe;IAC/B,kEAAkE;IAClE,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;IACzB,oGAAoG;IACpG,cAAc,EAAE,MAAM,EAAE,CAAC;CACzB;AAED;;;;;;;;;GASG;AACH,wBAAgB,YAAY,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,eAAe,CAiC3F;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,SAAS,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,IAAI,CAc1F;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAMtE;AAED;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,IAAI,CAQhF;AAED;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,CAYzE"}

package/dist/routes/index.d.ts

@@ -1,4 +1,4 @@
 export { compilePattern, createRouteBuilder, wrapBuilderWithNamePrefix } from "./builder.js";
-export { findRoute, getAllowedMethods, hasMatchingPath, type RouteMatch, type RouteResolution, resolveRoute, } from "./find.js";
+export { findRoute, findRouteByPath, getAllowedMethods, hasMatchingPath, type RouteMatch, type RouteResolution, resolveRoute, } from "./find.js";
 export { type AddRouteFn, createGroupRouter } from "./group.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/routes/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/routes/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAC;AAC7F,OAAO,EACN,SAAS,EACT,iBAAiB,EACjB,eAAe,EACf,KAAK,UAAU,EACf,KAAK,eAAe,EACpB,YAAY,GACZ,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,KAAK,UAAU,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/routes/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAC;AAC7F,OAAO,EACN,SAAS,EACT,eAAe,EACf,iBAAiB,EACjB,eAAe,EACf,KAAK,UAAU,EACf,KAAK,eAAe,EACpB,YAAY,GACZ,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,KAAK,UAAU,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC"}

package/dist/types/requestContext.d.ts

@@ -43,5 +43,59 @@ export interface RequestContext<TLocals extends object = Record<string, unknown>
      * ```
      */
     locals: TLocals;
+    /**
+     * Parse the request body as JSON.
+     *
+     * Thin wrapper around `request.json()` with error handling.
+     * Throws `BodyParseError` if the body is not valid JSON.
+     *
+     * @typeParam T — Expected shape of the parsed JSON body
+     * @returns The parsed JSON body
+     * @throws {BodyParseError} If the body cannot be parsed as JSON
+     *
+     * @example
+     * ```ts
+     * app.post("/users", async (ctx) => {
+     *   const body = await ctx.json<{ name: string }>();
+     *   return { id: 1, name: body.name };
+     * });
+     * ```
+     */
+    json: <T = unknown>() => Promise<T>;
+    /**
+     * Get the request body as a string.
+     *
+     * Thin wrapper around `request.text()`.
+     *
+     * @returns The request body as text
+     *
+     * @example
+     * ```ts
+     * app.post("/echo", async (ctx) => {
+     *   const text = await ctx.text();
+     *   return { echo: text };
+     * });
+     * ```
+     */
+    text: () => Promise<string>;
+    /**
+     * Parse the request body as FormData.
+     *
+     * Thin wrapper around `request.formData()` with error handling.
+     * Throws `BodyParseError` if the body cannot be parsed as form data.
+     *
+     * @returns The parsed FormData
+     * @throws {BodyParseError} If the body cannot be parsed as form data
+     *
+     * @example
+     * ```ts
+     * app.post("/upload", async (ctx) => {
+     *   const form = await ctx.formData();
+     *   const name = form.get("name");
+     *   return { name };
+     * });
+     * ```
+     */
+    formData: () => ReturnType<Request["formData"]>;
 }
 //# sourceMappingURL=requestContext.d.ts.map

package/dist/types/requestContext.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"requestContext.d.ts","sourceRoot":"","sources":["../../src/types/requestContext.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAElD;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,WAAW,cAAc,CAC9B,OAAO,SAAS,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChD,OAAO,SAAS,UAAU,GAAG,UAAU;IAEvC,sCAAsC;IACtC,OAAO,EAAE,OAAO,CAAC;IACjB,uDAAuD;IACvD,MAAM,EAAE,OAAO,CAAC;IAChB,kDAAkD;IAClD,KAAK,EAAE,eAAe,CAAC;IACvB;;;;;;;;;;;;OAYG;IACH,MAAM,EAAE,OAAO,CAAC;CAChB"}
+{"version":3,"file":"requestContext.d.ts","sourceRoot":"","sources":["../../src/types/requestContext.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAElD;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,WAAW,cAAc,CAC9B,OAAO,SAAS,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChD,OAAO,SAAS,UAAU,GAAG,UAAU;IAEvC,sCAAsC;IACtC,OAAO,EAAE,OAAO,CAAC;IACjB,uDAAuD;IACvD,MAAM,EAAE,OAAO,CAAC;IAChB,kDAAkD;IAClD,KAAK,EAAE,eAAe,CAAC;IACvB;;;;;;;;;;;;OAYG;IACH,MAAM,EAAE,OAAO,CAAC;IAEhB;;;;;;;;;;;;;;;;;OAiBG;IACH,IAAI,EAAE,CAAC,CAAC,GAAG,OAAO,OAAO,OAAO,CAAC,CAAC,CAAC,CAAC;IAEpC;;;;;;;;;;;;;;OAcG;IACH,IAAI,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;IAE5B;;;;;;;;;;;;;;;;;OAiBG;IACH,QAAQ,EAAE,MAAM,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC;CAChD"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bunary/http",
-  "version": "0.2.0",
+  "version": "0.3.0",
   "description": "HTTP routing and middleware for Bunary - a Bun-first backend framework inspired by Laravel",
   "type": "module",
   "main": "./dist/index.js",