@fuzionx/framework 0.1.38 → 0.1.41

package/lib/http/Validation.js

@@ -1,124 +1,125 @@
-/**
- * Validation — 간단문법 → Joi 변환 파서
- *
- * 'required|min:2|max:50' → Joi.string().required().min(2).max(50)
- *
- * @see docs/framework/09-validation.md
- */
-import { ValidationError } from '../core/AppError.js';
-
-/**
- * 간단 규칙 문자열을 Joi 스키마로 변환
- * @param {object} rules - { name: 'required|min:2', email: 'required|email' }
- * @param {object} Joi - Joi 모듈 참조
- * @returns {import('joi').ObjectSchema}
- */
-export function parseRules(rules, Joi) {
-    const shape = {};
-
-    for (const [field, rule] of Object.entries(rules)) {
-        const parts = typeof rule === 'string' ? rule.split('|') : [];
-        let schema = Joi.any();
-
-        for (const part of parts) {
-            const [name, ...args] = part.split(':');
-
-            switch (name) {
-                case 'string':
-                    schema = Joi.string(); break;
-                case 'number':
-                    schema = Joi.number(); break;
-                case 'boolean':
-                    schema = Joi.boolean(); break;
-                case 'required':
-                    schema = schema.required(); break;
-                case 'optional':
-                    schema = schema.optional(); break;
-                case 'min':
-                    schema = schema.min(Number(args[0])); break;
-                case 'max':
-                    schema = schema.max(Number(args[0])); break;
-                case 'email':
-                    schema = Joi.string().email(); break;
-                case 'url':
-                    schema = Joi.string().uri(); break;
-                case 'in':
-                    schema = schema.valid(...args[0].split(',')); break;
-                case 'integer':
-                    schema = schema.integer ? schema.integer() : Joi.number().integer(); break;
-                case 'positive':
-                    schema = schema.positive ? schema.positive() : Joi.number().positive(); break;
-                case 'date':
-                    schema = Joi.date(); break;
-                case 'alpha':
-                    schema = Joi.string().alphanum(); break;
-                default:
-                    // 알 수 없는 규칙은 무시
-                    break;
-            }
-        }
-
-        shape[field] = schema;
-    }
-
-    return Joi.object(shape);
-}
-
-/**
- * Validation 클래스 — 라우트 검증 실행기
- */
-export default class Validation {
-    /**
-     * @param {object} Joi - Joi 인스턴스
-     */
-    constructor(Joi) {
-        this._Joi = Joi;
-    }
-
-    /**
-     * 라우트 validate 옵션 실행
-     * @param {object} ctx
-     * @param {object} validateOpts - { body: schema, query: schema, params: schema }
-     * @returns {object} - { body, query, params } 정제된 값
-     */
-    run(ctx, validateOpts) {
-        const result = {};
-
-        if (validateOpts.body) {
-            result.body = this._validate(ctx.body, validateOpts.body);
-        }
-        if (validateOpts.query) {
-            result.query = this._validate(ctx.query, validateOpts.query);
-        }
-        if (validateOpts.params) {
-            result.params = this._validate(ctx.params, validateOpts.params);
-        }
-
-        return result;
-    }
-
-    /**
-     * @private
-     */
-    _validate(data, schema) {
-        // 간단문법 객체 → Joi 변환
-        if (schema && typeof schema === 'object' && !schema.validate) {
-            schema = parseRules(schema, this._Joi);
-        }
-
-        const { error, value } = schema.validate(data, {
-            abortEarly: false,
-            stripUnknown: true,
-        });
-
-        if (error) {
-            const fields = {};
-            for (const detail of error.details) {
-                fields[detail.path.join('.')] = detail.message;
-            }
-            throw new ValidationError('Validation failed', fields);
-        }
-
-        return value;
-    }
-}
+/**
+ * Validation — 간단문법 → Joi 변환 파서
+ *
+ * 'required|min:2|max:50' → Joi.string().required().min(2).max(50)
+ *
+ * @see docs/framework/09-validation.md
+ */
+import { ValidationError } from '../core/AppError.js';
+
+/**
+ * 간단 규칙 문자열을 Joi 스키마로 변환
+ * @param {object} rules - { name: 'required|min:2', email: 'required|email' }
+ * @param {object} Joi - Joi 모듈 참조
+ * @returns {import('joi').ObjectSchema}
+ */
+export function parseRules(rules, Joi) {
+    const shape = {};
+
+    for (const [field, rule] of Object.entries(rules)) {
+        const parts = typeof rule === 'string' ? rule.split('|') : [];
+        let schema = Joi.any();
+
+        for (const part of parts) {
+            const [name, ...args] = part.split(':');
+
+            switch (name) {
+                case 'string':
+                    schema = Joi.string(); break;
+                case 'number':
+                    schema = Joi.number(); break;
+                case 'boolean':
+                    schema = Joi.boolean(); break;
+                case 'required':
+                    schema = schema.required(); break;
+                case 'optional':
+                    schema = schema.optional(); break;
+                case 'min':
+                    schema = schema.min(Number(args[0])); break;
+                case 'max':
+                    schema = schema.max(Number(args[0])); break;
+                case 'email':
+                    // 기존 schema가 Joi.any()면 string()으로 교체, 이미 string()이면 유지
+                    schema = (schema.type === 'any' ? Joi.string() : schema).email(); break;
+                case 'url':
+                    schema = (schema.type === 'any' ? Joi.string() : schema).uri(); break;
+                case 'in':
+                    schema = schema.valid(...args[0].split(',')); break;
+                case 'integer':
+                    schema = schema.integer ? schema.integer() : Joi.number().integer(); break;
+                case 'positive':
+                    schema = schema.positive ? schema.positive() : Joi.number().positive(); break;
+                case 'date':
+                    schema = schema.type === 'any' ? Joi.date() : schema; break;
+                case 'alpha':
+                    schema = (schema.type === 'any' ? Joi.string() : schema).alphanum(); break;
+                default:
+                    // 알 수 없는 규칙은 무시
+                    break;
+            }
+        }
+
+        shape[field] = schema;
+    }
+
+    return Joi.object(shape);
+}
+
+/**
+ * Validation 클래스 — 라우트 검증 실행기
+ */
+export default class Validation {
+    /**
+     * @param {object} Joi - Joi 인스턴스
+     */
+    constructor(Joi) {
+        this._Joi = Joi;
+    }
+
+    /**
+     * 라우트 validate 옵션 실행
+     * @param {object} ctx
+     * @param {object} validateOpts - { body: schema, query: schema, params: schema }
+     * @returns {object} - { body, query, params } 정제된 값
+     */
+    run(ctx, validateOpts) {
+        const result = {};
+
+        if (validateOpts.body) {
+            result.body = this._validate(ctx.body, validateOpts.body);
+        }
+        if (validateOpts.query) {
+            result.query = this._validate(ctx.query, validateOpts.query);
+        }
+        if (validateOpts.params) {
+            result.params = this._validate(ctx.params, validateOpts.params);
+        }
+
+        return result;
+    }
+
+    /**
+     * @private
+     */
+    _validate(data, schema) {
+        // 간단문법 객체 → Joi 변환
+        if (schema && typeof schema === 'object' && !schema.validate) {
+            schema = parseRules(schema, this._Joi);
+        }
+
+        const { error, value } = schema.validate(data, {
+            abortEarly: false,
+            stripUnknown: true,
+        });
+
+        if (error) {
+            const fields = {};
+            for (const detail of error.details) {
+                fields[detail.path.join('.')] = detail.message;
+            }
+            throw new ValidationError('Validation failed', fields);
+        }
+
+        return value;
+    }
+}

package/lib/middleware/apiAuth.js

@@ -1,79 +1,79 @@
-/**
- * apiAuth — JWT Bearer 토큰 인증 미들웨어
- *
- * Authorization: Bearer <token> → 검증 → ctx.user
- *
- * @see docs/framework/14-authentication.md
- *
- * @param {object} [opts]
- * @param {string} [opts.secret] - JWT 시크릿
- * @param {string} [opts.model='User']
- */
-import { createHmac, timingSafeEqual } from 'node:crypto';
-
-export function apiAuth(opts = {}) {
-    const modelName = opts.model || 'User';
-
-    return async (ctx, next) => {
-        const authHeader = ctx.get('authorization') || '';
-
-        if (!authHeader.startsWith('Bearer ')) {
-            ctx.status(401).json({ error: { message: 'Token required', status: 401 } });
-            return;
-        }
-
-        const token = authHeader.slice(7);
-
-        try {
-            const secret = opts.secret || ctx.app?.config?.get('app.auth.secret', 'fuzionx');
-            const payload = decodeJwtPayload(token, secret);
-
-            if (!payload || !payload.sub) {
-                ctx.status(401).json({ error: { message: 'Invalid token', status: 401 } });
-                return;
-            }
-
-            if (ctx.app?.db?.[modelName]) {
-                ctx.user = await ctx.app.db[modelName].find(payload.sub);
-            } else {
-                ctx.user = { id: payload.sub, ...payload };
-            }
-        } catch {
-            ctx.status(401).json({ error: { message: 'Invalid token', status: 401 } });
-            return;
-        }
-
-        await next();
-    };
-}
-
-/**
- * JWT 디코드 + HMAC-SHA256 서명 검증
- * @private
- */
-function decodeJwtPayload(token, secret) {
-    try {
-        const parts = token.split('.');
-        if (parts.length !== 3) return null;
-
-        const [headerB64, payloadB64, signatureB64] = parts;
-
-        const signingInput = `${headerB64}.${payloadB64}`;
-        const expectedSig = createHmac('sha256', secret)
-            .update(signingInput)
-            .digest();
-
-        const actualSig = Buffer.from(signatureB64, 'base64url');
-        if (expectedSig.length !== actualSig.length) return null;
-        if (!timingSafeEqual(expectedSig, actualSig)) return null;
-
-        const payload = JSON.parse(Buffer.from(payloadB64, 'base64url').toString());
-
-        if (payload.exp !== undefined && Date.now() / 1000 > payload.exp) return null;
-        if (payload.nbf !== undefined && Date.now() / 1000 < payload.nbf) return null;
-
-        return payload;
-    } catch {
-        return null;
-    }
-}
+/**
+ * apiAuth — JWT Bearer 토큰 인증 미들웨어
+ *
+ * Authorization: Bearer <token> → 검증 → ctx.user
+ *
+ * @see docs/framework/14-authentication.md
+ *
+ * @param {object} [opts]
+ * @param {string} [opts.secret] - JWT 시크릿
+ * @param {string} [opts.model='User']
+ */
+import { createHmac, timingSafeEqual } from 'node:crypto';
+
+export function apiAuth(opts = {}) {
+    const modelName = opts.model || 'User';
+
+    return async (ctx, next) => {
+        const authHeader = ctx.get('authorization') || '';
+
+        if (!authHeader.startsWith('Bearer ')) {
+            ctx.status(401).json({ error: { message: 'Token required', status: 401 } });
+            return;
+        }
+
+        const token = authHeader.slice(7);
+
+        try {
+            const secret = opts.secret || ctx.app?.config?.get('app.auth.secret', 'fuzionx');
+            const payload = decodeJwtPayload(token, secret);
+
+            if (!payload || !payload.sub) {
+                ctx.status(401).json({ error: { message: 'Invalid token', status: 401 } });
+                return;
+            }
+
+            if (ctx.app?.db?.[modelName]) {
+                ctx.user = await ctx.app.db[modelName].find(payload.sub);
+            } else {
+                ctx.user = { id: payload.sub, ...payload };
+            }
+        } catch {
+            ctx.status(401).json({ error: { message: 'Invalid token', status: 401 } });
+            return;
+        }
+
+        await next();
+    };
+}
+
+/**
+ * JWT 디코드 + HMAC-SHA256 서명 검증
+ * @private
+ */
+function decodeJwtPayload(token, secret) {
+    try {
+        const parts = token.split('.');
+        if (parts.length !== 3) return null;
+
+        const [headerB64, payloadB64, signatureB64] = parts;
+
+        const signingInput = `${headerB64}.${payloadB64}`;
+        const expectedSig = createHmac('sha256', secret)
+            .update(signingInput)
+            .digest();
+
+        const actualSig = Buffer.from(signatureB64, 'base64url');
+        if (expectedSig.length !== actualSig.length) return null;
+        if (!timingSafeEqual(expectedSig, actualSig)) return null;
+
+        const payload = JSON.parse(Buffer.from(payloadB64, 'base64url').toString());
+
+        if (payload.exp !== undefined && Date.now() / 1000 > payload.exp) return null;
+        if (payload.nbf !== undefined && Date.now() / 1000 < payload.nbf) return null;
+
+        return payload;
+    } catch {
+        return null;
+    }
+}

package/lib/middleware/auth.js

@@ -1,42 +1,42 @@
-/**
- * auth — 세션 인증 미들웨어
- *
- * ctx.session.userId → db.User.find() → ctx.user
- *
- * @see docs/framework/14-authentication.md
- *
- * @param {object} [opts]
- * @param {string} [opts.sessionKey='userId']
- * @param {string} [opts.model='User']
- * @param {string} [opts.redirectTo='/login']
- */
-export function auth(opts = {}) {
-    const sessionKey = opts.sessionKey || 'userId';
-    const modelName = opts.model || 'User';
-    const redirectTo = opts.redirectTo || null;
-
-    return async (ctx, next) => {
-        const userId = ctx._rawSession?.[sessionKey] || ctx.get('x-test-user-id');
-
-        if (!userId) {
-            if (redirectTo) {
-                ctx.redirect(redirectTo);
-            } else {
-                ctx.status(401).json({ error: { message: 'Unauthorized', status: 401 } });
-            }
-            return;
-        }
-
-        if (ctx.app?.db?.[modelName]) {
-            try {
-                ctx.user = await ctx.app.db[modelName].find(userId);
-            } catch {
-                ctx.user = { id: userId };
-            }
-        } else {
-            ctx.user = { id: userId };
-        }
-
-        await next();
-    };
-}
+/**
+ * auth — 세션 인증 미들웨어
+ *
+ * ctx.session.userId → db.User.find() → ctx.user
+ *
+ * @see docs/framework/14-authentication.md
+ *
+ * @param {object} [opts]
+ * @param {string} [opts.sessionKey='userId']
+ * @param {string} [opts.model='User']
+ * @param {string} [opts.redirectTo='/login']
+ */
+export function auth(opts = {}) {
+    const sessionKey = opts.sessionKey || 'userId';
+    const modelName = opts.model || 'User';
+    const redirectTo = opts.redirectTo || null;
+
+    return async (ctx, next) => {
+        const userId = ctx._rawSession?.[sessionKey] || ctx.get('x-test-user-id');
+
+        if (!userId) {
+            if (redirectTo) {
+                ctx.redirect(redirectTo);
+            } else {
+                ctx.status(401).json({ error: { message: 'Unauthorized', status: 401 } });
+            }
+            return;
+        }
+
+        if (ctx.app?.db?.[modelName]) {
+            try {
+                ctx.user = await ctx.app.db[modelName].find(userId);
+            } catch {
+                ctx.user = { id: userId };
+            }
+        } else {
+            ctx.user = { id: userId };
+        }
+
+        await next();
+    };
+}

package/lib/middleware/bodyParser.js

@@ -1,19 +1,19 @@
-/**
- * bodyParser — JSON/Form body 파싱 미들웨어
- *
- * Bridge가 이미 파싱한 body를 보장.
- * 추가 파싱이 필요한 경우 처리.
- *
- * @see docs/framework/12-middleware.md
- */
-export function bodyParser() {
-    return async (ctx, next) => {
-        if (typeof ctx.body === 'string' && ctx.body) {
-            const ct = ctx.get('content-type') || '';
-            if (ct.includes('application/json')) {
-                try { ctx.body = JSON.parse(ctx.body); } catch {}
-            }
-        }
-        await next();
-    };
-}
+/**
+ * bodyParser — JSON/Form body 파싱 미들웨어
+ *
+ * Bridge가 이미 파싱한 body를 보장.
+ * 추가 파싱이 필요한 경우 처리.
+ *
+ * @see docs/framework/12-middleware.md
+ */
+export function bodyParser() {
+    return async (ctx, next) => {
+        if (typeof ctx.body === 'string' && ctx.body) {
+            const ct = ctx.get('content-type') || '';
+            if (ct.includes('application/json')) {
+                try { ctx.body = JSON.parse(ctx.body); } catch {}
+            }
+        }
+        await next();
+    };
+}

package/lib/middleware/cors.js

@@ -1,47 +1,47 @@
-/**
- * cors — CORS 미들웨어
- *
- * @see docs/framework/12-middleware.md
- *
- * @param {object} [opts]
- * @param {string|string[]} [opts.origin='*']
- * @param {string} [opts.methods='GET,POST,PUT,PATCH,DELETE,OPTIONS']
- * @param {string} [opts.headers='Content-Type,Authorization']
- * @param {boolean} [opts.credentials=false]
- * @param {number} [opts.maxAge=86400]
- */
-export function cors(opts = {}) {
-    const origin = opts.origin || '*';
-    const methods = opts.methods || 'GET,POST,PUT,PATCH,DELETE,OPTIONS';
-    const headers = opts.headers || 'Content-Type,Authorization';
-    const credentials = opts.credentials || false;
-    const maxAge = opts.maxAge || 86400;
-
-    return async (ctx, next) => {
-        const reqOrigin = ctx.get('origin') || '*';
-        let allowOrigin;
-
-        if (credentials && origin === '*') {
-            allowOrigin = reqOrigin !== '*' ? reqOrigin : '';
-        } else {
-            allowOrigin = origin === '*' ? '*' : (
-                Array.isArray(origin)
-                    ? (origin.includes(reqOrigin) ? reqOrigin : origin[0])
-                    : origin
-            );
-        }
-
-        ctx.header('Access-Control-Allow-Origin', allowOrigin);
-        ctx.header('Access-Control-Allow-Methods', methods);
-        ctx.header('Access-Control-Allow-Headers', headers);
-        if (credentials) ctx.header('Access-Control-Allow-Credentials', 'true');
-
-        if (ctx.method === 'OPTIONS') {
-            ctx.header('Access-Control-Max-Age', String(maxAge));
-            ctx.status(204).end();
-            return;
-        }
-
-        await next();
-    };
-}
+/**
+ * cors — CORS 미들웨어
+ *
+ * @see docs/framework/12-middleware.md
+ *
+ * @param {object} [opts]
+ * @param {string|string[]} [opts.origin='*']
+ * @param {string} [opts.methods='GET,POST,PUT,PATCH,DELETE,OPTIONS']
+ * @param {string} [opts.headers='Content-Type,Authorization']
+ * @param {boolean} [opts.credentials=false]
+ * @param {number} [opts.maxAge=86400]
+ */
+export function cors(opts = {}) {
+    const origin = opts.origin || '*';
+    const methods = opts.methods || 'GET,POST,PUT,PATCH,DELETE,OPTIONS';
+    const headers = opts.headers || 'Content-Type,Authorization';
+    const credentials = opts.credentials || false;
+    const maxAge = opts.maxAge || 86400;
+
+    return async (ctx, next) => {
+        const reqOrigin = ctx.get('origin') || '*';
+        let allowOrigin;
+
+        if (credentials && origin === '*') {
+            allowOrigin = reqOrigin !== '*' ? reqOrigin : '';
+        } else {
+            allowOrigin = origin === '*' ? '*' : (
+                Array.isArray(origin)
+                    ? (origin.includes(reqOrigin) ? reqOrigin : origin[0])
+                    : origin
+            );
+        }
+
+        ctx.header('Access-Control-Allow-Origin', allowOrigin);
+        ctx.header('Access-Control-Allow-Methods', methods);
+        ctx.header('Access-Control-Allow-Headers', headers);
+        if (credentials) ctx.header('Access-Control-Allow-Credentials', 'true');
+
+        if (ctx.method === 'OPTIONS') {
+            ctx.header('Access-Control-Max-Age', String(maxAge));
+            ctx.status(204).end();
+            return;
+        }
+
+        await next();
+    };
+}