@carno.js/core 1.1.1 → 1.2.0

package/src/context/Context.ts

@@ -1,130 +1,130 @@
-/**
- * Request Context for Turbo.
- * 
- * Lazy initialization for maximum performance:
- * - Query parsed only when accessed
- * - Body parsed only when needed
- * - Minimal allocations in hot path
- */
-
-import { parseQueryFromURL } from '../utils/parseQuery';
-
-const EMPTY_PARAMS: Record<string, string> = Object.freeze({}) as Record<string, string>;
-
-export class Context {
-    readonly req: Request;
-    params: Record<string, string>;
-    locals: Record<string, any> = {};
-
-    // Lazy fields - only allocated when accessed
-    private _query: Record<string, string> | null = null;
-    private _body: any;
-    private _bodyParsed = false;
-    private _url: URL | null = null;
-    private _status = 0;
-
-    constructor(req: Request, params: Record<string, string> = EMPTY_PARAMS) {
-        this.req = req;
-        this.params = params;
-    }
-
-    get status(): number {
-        return this._status || 200;
-    }
-
-    set status(value: number) {
-        this._status = value;
-    }
-
-    get url(): URL {
-        if (!this._url) {
-            this._url = new URL(this.req.url);
-        }
-
-        return this._url;
-    }
-
-    get query(): Record<string, string> {
-        if (!this._query) {
-            this._query = parseQueryFromURL(this.req.url);
-        }
-
-        return this._query;
-    }
-
-    get body(): any {
-        return this._body;
-    }
-
-    async parseBody(): Promise<any> {
-        if (this._bodyParsed) {
-            return this._body;
-        }
-
-        this._bodyParsed = true;
-        const contentType = this.req.headers.get('content-type') || '';
-
-        if (contentType.includes('application/json')) {
-            this._body = await this.req.json();
-        } else if (contentType.includes('form')) {
-            const formData = await this.req.formData();
-            this._body = Object.fromEntries(formData);
-        } else if (contentType.includes('text')) {
-            this._body = await this.req.text();
-        } else {
-            this._body = await this.req.arrayBuffer();
-        }
-
-        return this._body;
-    }
-
-    get method(): string {
-        return this.req.method;
-    }
-
-    get headers(): Headers {
-        return this.req.headers;
-    }
-
-    get path(): string {
-        return this.url.pathname;
-    }
-
-    json(data: any, status?: number): Response {
-        if (status) this.status = status;
-
-        return Response.json(data, { status: this.status });
-    }
-
-    text(data: string, status?: number): Response {
-        if (status) this.status = status;
-
-        return new Response(data, {
-            status: this.status,
-            headers: { 'Content-Type': 'text/plain' }
-        });
-    }
-
-    html(data: string, status?: number): Response {
-        if (status) this.status = status;
-
-        return new Response(data, {
-            status: this.status,
-            headers: { 'Content-Type': 'text/html' }
-        });
-    }
-
-    redirect(url: string, status: number = 302): Response {
-        return Response.redirect(url, status);
-    }
-
-    /**
-     * Creates a Context from a job (for queue processing).
-     */
-    static createFromJob(job: any): Context {
-        const fakeRequest = new Request('http://localhost/job');
-        const ctx = new Context(fakeRequest);
-        ctx.locals.job = job;
-        return ctx;
-    }
-}
+/**
+ * Request Context for Turbo.
+ * 
+ * Lazy initialization for maximum performance:
+ * - Query parsed only when accessed
+ * - Body parsed only when needed
+ * - Minimal allocations in hot path
+ */
+
+import { parseQueryFromURL } from '../utils/parseQuery';
+
+const EMPTY_PARAMS: Record<string, string> = Object.freeze({}) as Record<string, string>;
+
+export class Context {
+    readonly req: Request;
+    params: Record<string, string>;
+    locals: Record<string, any> = {};
+
+    // Lazy fields - only allocated when accessed
+    private _query: Record<string, string> | null = null;
+    private _body: any;
+    private _bodyParsed = false;
+    private _url: URL | null = null;
+    private _status = 0;
+
+    constructor(req: Request, params: Record<string, string> = EMPTY_PARAMS) {
+        this.req = req;
+        this.params = params;
+    }
+
+    get status(): number {
+        return this._status || 200;
+    }
+
+    set status(value: number) {
+        this._status = value;
+    }
+
+    get url(): URL {
+        if (!this._url) {
+            this._url = new URL(this.req.url);
+        }
+
+        return this._url;
+    }
+
+    get query(): Record<string, string> {
+        if (!this._query) {
+            this._query = parseQueryFromURL(this.req.url);
+        }
+
+        return this._query;
+    }
+
+    get body(): any {
+        return this._body;
+    }
+
+    async parseBody(): Promise<any> {
+        if (this._bodyParsed) {
+            return this._body;
+        }
+
+        this._bodyParsed = true;
+        const contentType = this.req.headers.get('content-type') || '';
+
+        if (contentType.includes('application/json')) {
+            this._body = await this.req.json();
+        } else if (contentType.includes('form')) {
+            const formData = await this.req.formData();
+            this._body = Object.fromEntries(formData);
+        } else if (contentType.includes('text')) {
+            this._body = await this.req.text();
+        } else {
+            this._body = await this.req.arrayBuffer();
+        }
+
+        return this._body;
+    }
+
+    get method(): string {
+        return this.req.method;
+    }
+
+    get headers(): Headers {
+        return this.req.headers;
+    }
+
+    get path(): string {
+        return this.url.pathname;
+    }
+
+    json(data: any, status?: number): Response {
+        if (status) this.status = status;
+
+        return Response.json(data, { status: this.status });
+    }
+
+    text(data: string, status?: number): Response {
+        if (status) this.status = status;
+
+        return new Response(data, {
+            status: this.status,
+            headers: { 'Content-Type': 'text/plain' }
+        });
+    }
+
+    html(data: string, status?: number): Response {
+        if (status) this.status = status;
+
+        return new Response(data, {
+            status: this.status,
+            headers: { 'Content-Type': 'text/html' }
+        });
+    }
+
+    redirect(url: string, status: number = 302): Response {
+        return Response.redirect(url, status);
+    }
+
+    /**
+     * Creates a Context from a job (for queue processing).
+     */
+    static createFromJob(job: any): Context {
+        const fakeRequest = new Request('http://localhost/job');
+        const ctx = new Context(fakeRequest);
+        ctx.locals.job = job;
+        return ctx;
+    }
+}

package/src/cors/CorsHandler.ts

@@ -1,145 +1,145 @@
-/**
- * CORS Configuration types.
- */
-export type CorsOrigin =
-    | string
-    | string[]
-    | RegExp
-    | ((origin: string) => boolean);
-
-export interface CorsConfig {
-    origins: CorsOrigin;
-    methods?: string[];
-    allowedHeaders?: string[];
-    exposedHeaders?: string[];
-    credentials?: boolean;
-    maxAge?: number;
-}
-
-export const DEFAULT_CORS_METHODS = ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE'];
-export const DEFAULT_CORS_HEADERS = ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept', 'Origin'];
-
-type OriginMatcher = (origin: string) => boolean;
-
-/**
- * CORS Handler - Pre-computes headers at startup for maximum performance.
- */
-export class CorsHandler {
-    private readonly cache = new Map<string, Record<string, string>>();
-    private readonly methodsStr: string;
-    private readonly headersStr: string;
-    private readonly exposedStr: string | null;
-    private readonly maxAgeStr: string | null;
-    private readonly hasCredentials: boolean;
-    private readonly isWildcard: boolean;
-    private readonly matcher: OriginMatcher;
-
-    // Pre-created preflight response for wildcard CORS
-    private readonly preflightResponse: Response | null = null;
-
-    constructor(config: CorsConfig) {
-        this.methodsStr = (config.methods || DEFAULT_CORS_METHODS).join(', ');
-        this.headersStr = (config.allowedHeaders || DEFAULT_CORS_HEADERS).join(', ');
-        this.exposedStr = config.exposedHeaders?.join(', ') || null;
-        this.maxAgeStr = config.maxAge?.toString() || null;
-        this.hasCredentials = !!config.credentials;
-        this.isWildcard = config.origins === '*';
-        this.matcher = this.buildMatcher(config.origins);
-
-        // Pre-create preflight response for wildcard
-        if (this.isWildcard) {
-            this.preflightResponse = new Response(null, {
-                status: 204,
-                headers: this.buildHeaders('*')
-            });
-        }
-    }
-
-    /**
-     * Handle preflight (OPTIONS) request.
-     */
-    preflight(origin: string): Response {
-        if (this.isWildcard && this.preflightResponse) {
-            return this.preflightResponse.clone();
-        }
-
-        if (!this.isAllowed(origin)) {
-            return new Response(null, { status: 403 });
-        }
-
-        return new Response(null, {
-            status: 204,
-            headers: this.getHeaders(origin)
-        });
-    }
-
-    /**
-     * Apply CORS headers to a response.
-     */
-    apply(response: Response, origin: string): Response {
-        if (!this.isAllowed(origin)) {
-            return response;
-        }
-
-        const headers = this.getHeaders(origin);
-        for (const [key, value] of Object.entries(headers)) {
-            response.headers.set(key, value);
-        }
-
-        return response;
-    }
-
-    /**
-     * Check if origin is allowed.
-     */
-    isAllowed(origin: string): boolean {
-        return this.matcher(origin);
-    }
-
-    /**
-     * Get cached CORS headers for origin.
-     */
-    private getHeaders(origin: string): Record<string, string> {
-        const key = this.isWildcard ? '*' : origin;
-        let headers = this.cache.get(key);
-
-        if (!headers) {
-            headers = this.buildHeaders(origin);
-            this.cache.set(key, headers);
-        }
-
-        return headers;
-    }
-
-    private buildHeaders(origin: string): Record<string, string> {
-        const headers: Record<string, string> = {
-            'Access-Control-Allow-Origin': this.isWildcard ? '*' : origin,
-            'Access-Control-Allow-Methods': this.methodsStr,
-            'Access-Control-Allow-Headers': this.headersStr
-        };
-
-        if (this.hasCredentials) {
-            headers['Access-Control-Allow-Credentials'] = 'true';
-        }
-        if (this.exposedStr) {
-            headers['Access-Control-Expose-Headers'] = this.exposedStr;
-        }
-        if (this.maxAgeStr) {
-            headers['Access-Control-Max-Age'] = this.maxAgeStr;
-        }
-
-        return headers;
-    }
-
-    private buildMatcher(origins: CorsOrigin): OriginMatcher {
-        if (origins === '*') return () => true;
-        if (typeof origins === 'string') return (o) => o === origins;
-        if (Array.isArray(origins)) {
-            const set = new Set(origins);
-            return (o) => set.has(o);
-        }
-        if (origins instanceof RegExp) return (o) => origins.test(o);
-        if (typeof origins === 'function') return origins;
-        return () => false;
-    }
-}
+/**
+ * CORS Configuration types.
+ */
+export type CorsOrigin =
+    | string
+    | string[]
+    | RegExp
+    | ((origin: string) => boolean);
+
+export interface CorsConfig {
+    origins: CorsOrigin;
+    methods?: string[];
+    allowedHeaders?: string[];
+    exposedHeaders?: string[];
+    credentials?: boolean;
+    maxAge?: number;
+}
+
+export const DEFAULT_CORS_METHODS = ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE'];
+export const DEFAULT_CORS_HEADERS = ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept', 'Origin'];
+
+type OriginMatcher = (origin: string) => boolean;
+
+/**
+ * CORS Handler - Pre-computes headers at startup for maximum performance.
+ */
+export class CorsHandler {
+    private readonly cache = new Map<string, Record<string, string>>();
+    private readonly methodsStr: string;
+    private readonly headersStr: string;
+    private readonly exposedStr: string | null;
+    private readonly maxAgeStr: string | null;
+    private readonly hasCredentials: boolean;
+    private readonly isWildcard: boolean;
+    private readonly matcher: OriginMatcher;
+
+    // Pre-created preflight response for wildcard CORS
+    private readonly preflightResponse: Response | null = null;
+
+    constructor(config: CorsConfig) {
+        this.methodsStr = (config.methods || DEFAULT_CORS_METHODS).join(', ');
+        this.headersStr = (config.allowedHeaders || DEFAULT_CORS_HEADERS).join(', ');
+        this.exposedStr = config.exposedHeaders?.join(', ') || null;
+        this.maxAgeStr = config.maxAge?.toString() || null;
+        this.hasCredentials = !!config.credentials;
+        this.isWildcard = config.origins === '*';
+        this.matcher = this.buildMatcher(config.origins);
+
+        // Pre-create preflight response for wildcard
+        if (this.isWildcard) {
+            this.preflightResponse = new Response(null, {
+                status: 204,
+                headers: this.buildHeaders('*')
+            });
+        }
+    }
+
+    /**
+     * Handle preflight (OPTIONS) request.
+     */
+    preflight(origin: string): Response {
+        if (this.isWildcard && this.preflightResponse) {
+            return this.preflightResponse.clone();
+        }
+
+        if (!this.isAllowed(origin)) {
+            return new Response(null, { status: 403 });
+        }
+
+        return new Response(null, {
+            status: 204,
+            headers: this.getHeaders(origin)
+        });
+    }
+
+    /**
+     * Apply CORS headers to a response.
+     */
+    apply(response: Response, origin: string): Response {
+        if (!this.isAllowed(origin)) {
+            return response;
+        }
+
+        const headers = this.getHeaders(origin);
+        for (const [key, value] of Object.entries(headers)) {
+            response.headers.set(key, value);
+        }
+
+        return response;
+    }
+
+    /**
+     * Check if origin is allowed.
+     */
+    isAllowed(origin: string): boolean {
+        return this.matcher(origin);
+    }
+
+    /**
+     * Get cached CORS headers for origin.
+     */
+    private getHeaders(origin: string): Record<string, string> {
+        const key = this.isWildcard ? '*' : origin;
+        let headers = this.cache.get(key);
+
+        if (!headers) {
+            headers = this.buildHeaders(origin);
+            this.cache.set(key, headers);
+        }
+
+        return headers;
+    }
+
+    private buildHeaders(origin: string): Record<string, string> {
+        const headers: Record<string, string> = {
+            'Access-Control-Allow-Origin': this.isWildcard ? '*' : origin,
+            'Access-Control-Allow-Methods': this.methodsStr,
+            'Access-Control-Allow-Headers': this.headersStr
+        };
+
+        if (this.hasCredentials) {
+            headers['Access-Control-Allow-Credentials'] = 'true';
+        }
+        if (this.exposedStr) {
+            headers['Access-Control-Expose-Headers'] = this.exposedStr;
+        }
+        if (this.maxAgeStr) {
+            headers['Access-Control-Max-Age'] = this.maxAgeStr;
+        }
+
+        return headers;
+    }
+
+    private buildMatcher(origins: CorsOrigin): OriginMatcher {
+        if (origins === '*') return () => true;
+        if (typeof origins === 'string') return (o) => o === origins;
+        if (Array.isArray(origins)) {
+            const set = new Set(origins);
+            return (o) => set.has(o);
+        }
+        if (origins instanceof RegExp) return (o) => origins.test(o);
+        if (typeof origins === 'function') return origins;
+        return () => false;
+    }
+}

package/src/decorators/Controller.ts

@@ -1,63 +1,63 @@
-import { CONTROLLER_META, ROUTES_META } from '../metadata';
-import type { ControllerOptions, ControllerMeta } from '../metadata';
-
-/**
- * Normalizes path or options to ControllerOptions.
- */
-function normalizeOptions(pathOrOptions?: string | ControllerOptions): ControllerOptions {
-    if (!pathOrOptions) {
-        return {};
-    }
-
-    if (typeof pathOrOptions === 'string') {
-        return { path: pathOrOptions };
-    }
-
-    return pathOrOptions;
-}
-
-/**
- * Normalizes a path to start with / and not end with /.
- */
-function normalizePath(path: string): string {
-    if (!path) return '';
-
-    let normalized = path.startsWith('/') ? path : '/' + path;
-
-    if (normalized !== '/' && normalized.endsWith('/')) {
-        normalized = normalized.slice(0, -1);
-    }
-
-    return normalized;
-}
-
-/**
- * Marks a class as a controller with a base path.
- *
- * @example
- * // Simple path
- * @Controller('/users')
- *
- * @example
- * // With options
- * @Controller({ path: '/users', children: [ProfileController] })
- */
-export function Controller(pathOrOptions?: string | ControllerOptions): ClassDecorator {
-    return (target) => {
-        const options = normalizeOptions(pathOrOptions);
-        const path = normalizePath(options.path || '');
-
-        const meta: ControllerMeta = {
-            path,
-            scope: options.scope,
-            children: options.children
-        };
-
-        Reflect.defineMetadata(CONTROLLER_META, meta, target);
-
-        // Ensure routes array exists
-        if (!Reflect.hasMetadata(ROUTES_META, target)) {
-            Reflect.defineMetadata(ROUTES_META, [], target);
-        }
-    };
-}
+import { CONTROLLER_META, ROUTES_META } from '../metadata';
+import type { ControllerOptions, ControllerMeta } from '../metadata';
+
+/**
+ * Normalizes path or options to ControllerOptions.
+ */
+function normalizeOptions(pathOrOptions?: string | ControllerOptions): ControllerOptions {
+    if (!pathOrOptions) {
+        return {};
+    }
+
+    if (typeof pathOrOptions === 'string') {
+        return { path: pathOrOptions };
+    }
+
+    return pathOrOptions;
+}
+
+/**
+ * Normalizes a path to start with / and not end with /.
+ */
+function normalizePath(path: string): string {
+    if (!path) return '';
+
+    let normalized = path.startsWith('/') ? path : '/' + path;
+
+    if (normalized !== '/' && normalized.endsWith('/')) {
+        normalized = normalized.slice(0, -1);
+    }
+
+    return normalized;
+}
+
+/**
+ * Marks a class as a controller with a base path.
+ *
+ * @example
+ * // Simple path
+ * @Controller('/users')
+ *
+ * @example
+ * // With options
+ * @Controller({ path: '/users', children: [ProfileController] })
+ */
+export function Controller(pathOrOptions?: string | ControllerOptions): ClassDecorator {
+    return (target) => {
+        const options = normalizeOptions(pathOrOptions);
+        const path = normalizePath(options.path || '');
+
+        const meta: ControllerMeta = {
+            path,
+            scope: options.scope,
+            children: options.children
+        };
+
+        Reflect.defineMetadata(CONTROLLER_META, meta, target);
+
+        // Ensure routes array exists
+        if (!Reflect.hasMetadata(ROUTES_META, target)) {
+            Reflect.defineMetadata(ROUTES_META, [], target);
+        }
+    };
+}