@hazeljs/core 0.2.0-beta.1

package/dist/__tests__/middleware/global-middleware.test.js

@@ -0,0 +1,259 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const global_middleware_1 = require("../../middleware/global-middleware");
+// Mock logger
+jest.mock('../../logger', () => ({
+    info: jest.fn(),
+    debug: jest.fn(),
+    warn: jest.fn(),
+    error: jest.fn(),
+}));
+describe('GlobalMiddlewareManager', () => {
+    let manager;
+    let mockReq;
+    let mockRes;
+    beforeEach(() => {
+        manager = new global_middleware_1.GlobalMiddlewareManager();
+        mockReq = {
+            method: 'GET',
+            url: '/test',
+            headers: {},
+        };
+        mockRes = {
+            setHeader: jest.fn(),
+            status: jest.fn().mockReturnThis(),
+            json: jest.fn(),
+        };
+    });
+    describe('use', () => {
+        it('should register global middleware function', () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.use(middleware);
+            expect(manager).toBeDefined();
+        });
+        it('should register global middleware class', () => {
+            class TestMiddleware {
+                use(req, res, next) {
+                    next();
+                }
+            }
+            manager.use(new TestMiddleware());
+            expect(manager).toBeDefined();
+        });
+    });
+    describe('useFor', () => {
+        it('should register middleware for specific routes', () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useFor(middleware, ['/users', '/posts']);
+            expect(manager).toBeDefined();
+        });
+        it('should register middleware for route with method', () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useFor(middleware, [{ path: '/users', method: 'POST' }]);
+            expect(manager).toBeDefined();
+        });
+        it('should register middleware for mixed route types', () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useFor(middleware, ['/users', { path: '/posts', method: 'GET' }]);
+            expect(manager).toBeDefined();
+        });
+    });
+    describe('useExcept', () => {
+        it('should register middleware with exclusions', () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useExcept(middleware, ['/health', '/metrics']);
+            expect(manager).toBeDefined();
+        });
+        it('should register middleware excluding specific methods', () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useExcept(middleware, [{ path: '/admin', method: 'DELETE' }]);
+            expect(manager).toBeDefined();
+        });
+    });
+    describe('execute', () => {
+        it('should execute global middleware', async () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.use(middleware);
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).toHaveBeenCalled();
+        });
+        it('should execute middleware in order', async () => {
+            const order = [];
+            const middleware1 = jest.fn((req, res, next) => {
+                order.push(1);
+                next();
+            });
+            const middleware2 = jest.fn((req, res, next) => {
+                order.push(2);
+                next();
+            });
+            manager.use(middleware1);
+            manager.use(middleware2);
+            await manager.execute(mockReq, mockRes);
+            expect(order).toEqual([1, 2]);
+        });
+        it('should execute route-specific middleware only for matching routes', async () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useFor(middleware, ['/test']);
+            mockReq.url = '/test';
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).toHaveBeenCalled();
+        });
+        it('should not execute middleware for non-matching routes', async () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useFor(middleware, ['/users']);
+            mockReq.url = '/posts';
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).not.toHaveBeenCalled();
+        });
+        it('should not execute middleware for excluded routes', async () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useExcept(middleware, ['/health']);
+            mockReq.url = '/health';
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).not.toHaveBeenCalled();
+        });
+        it('should execute middleware for non-excluded routes', async () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useExcept(middleware, ['/health']);
+            mockReq.url = '/users';
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).toHaveBeenCalled();
+        });
+        it('should execute class-based middleware', async () => {
+            class TestMiddleware {
+                use(req, res, next) {
+                    next();
+                }
+            }
+            const instance = new TestMiddleware();
+            const spy = jest.spyOn(instance, 'use');
+            manager.use(instance);
+            await manager.execute(mockReq, mockRes);
+            expect(spy).toHaveBeenCalled();
+        });
+        it('should handle middleware errors', async () => {
+            const middleware = jest.fn(() => {
+                throw new Error('Middleware error');
+            });
+            manager.use(middleware);
+            await expect(manager.execute(mockReq, mockRes)).rejects.toThrow('Middleware error');
+        });
+        it('should stop execution if middleware does not call next', async () => {
+            const middleware1 = jest.fn((_req, _res, _next) => {
+                // Don't call next
+            });
+            const middleware2 = jest.fn((req, res, next) => next());
+            manager.use(middleware1);
+            manager.use(middleware2);
+            await manager.execute(mockReq, mockRes);
+            expect(middleware1).toHaveBeenCalled();
+            expect(middleware2).not.toHaveBeenCalled();
+        });
+        it('should handle async middleware', async () => {
+            const middleware = jest.fn(async (req, res, next) => {
+                await new Promise(resolve => setTimeout(resolve, 10));
+                next();
+            });
+            manager.use(middleware);
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).toHaveBeenCalled();
+        });
+    });
+    describe('route matching', () => {
+        it('should match exact paths', async () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useFor(middleware, ['/users']);
+            mockReq.url = '/users';
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).toHaveBeenCalled();
+        });
+        it('should match paths with query strings', async () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useFor(middleware, ['/users']);
+            mockReq.url = '/users?page=1';
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).toHaveBeenCalled();
+        });
+        it('should match method-specific routes', async () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useFor(middleware, [{ path: '/users', method: 'POST' }]);
+            mockReq.url = '/users';
+            mockReq.method = 'POST';
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).toHaveBeenCalled();
+        });
+        it('should not match different methods', async () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useFor(middleware, [{ path: '/users', method: 'POST' }]);
+            mockReq.url = '/users';
+            mockReq.method = 'GET';
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).not.toHaveBeenCalled();
+        });
+        it('should match wildcard routes', async () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.useFor(middleware, ['/api/*']);
+            mockReq.url = '/api/users';
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).toHaveBeenCalled();
+        });
+    });
+    describe('edge cases', () => {
+        it('should handle empty middleware list', async () => {
+            await expect(manager.execute(mockReq, mockRes)).resolves.not.toThrow();
+        });
+        it('should handle undefined URL', async () => {
+            mockReq.url = undefined;
+            await expect(manager.execute(mockReq, mockRes)).resolves.not.toThrow();
+        });
+        it('should handle undefined method', async () => {
+            mockReq.method = undefined;
+            const middleware = jest.fn((req, res, next) => next());
+            manager.use(middleware);
+            await manager.execute(mockReq, mockRes);
+            expect(middleware).toHaveBeenCalled();
+        });
+        it('should handle multiple middleware with same route', async () => {
+            const middleware1 = jest.fn((req, res, next) => next());
+            const middleware2 = jest.fn((req, res, next) => next());
+            manager.useFor(middleware1, ['/users']);
+            manager.useFor(middleware2, ['/users']);
+            mockReq.url = '/users';
+            await manager.execute(mockReq, mockRes);
+            expect(middleware1).toHaveBeenCalled();
+            expect(middleware2).toHaveBeenCalled();
+        });
+    });
+    describe('clear', () => {
+        it('should clear all middleware', () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.use(middleware);
+            manager.clear();
+            const allMiddleware = manager.getMiddleware();
+            expect(allMiddleware).toHaveLength(0);
+        });
+    });
+    describe('getMiddleware', () => {
+        it('should return all registered middleware', () => {
+            const middleware1 = jest.fn((req, res, next) => next());
+            const middleware2 = jest.fn((req, res, next) => next());
+            manager.use(middleware1);
+            manager.use(middleware2);
+            const allMiddleware = manager.getMiddleware();
+            expect(allMiddleware).toHaveLength(2);
+        });
+        it('should return copy of middleware array', () => {
+            const middleware = jest.fn((req, res, next) => next());
+            manager.use(middleware);
+            const allMiddleware = manager.getMiddleware();
+            allMiddleware.push({
+                handler: jest.fn(),
+                routes: [],
+                excludedRoutes: [],
+            });
+            // Original should not be affected
+            expect(manager.getMiddleware()).toHaveLength(1);
+        });
+    });
+});

package/dist/__tests__/middleware/rate-limit.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=rate-limit.test.d.ts.map

package/dist/__tests__/middleware/rate-limit.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limit.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/middleware/rate-limit.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/middleware/rate-limit.test.js

@@ -0,0 +1,264 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const rate_limit_middleware_1 = require("../../middleware/rate-limit.middleware");
+const http_error_1 = require("../../errors/http.error");
+// Mock logger
+jest.mock('../../logger', () => ({
+    warn: jest.fn(),
+    error: jest.fn(),
+}));
+describe('RateLimitMiddleware', () => {
+    let mockReq;
+    let mockRes;
+    let nextFn;
+    beforeEach(() => {
+        jest.useFakeTimers();
+        mockReq = {
+            method: 'GET',
+            url: '/test',
+            headers: {},
+        };
+        mockReq.socket = { remoteAddress: '127.0.0.1' };
+        mockRes = {
+            setHeader: jest.fn(),
+            status: jest.fn().mockReturnThis(),
+            json: jest.fn(),
+        };
+        nextFn = jest.fn().mockResolvedValue(undefined);
+    });
+    afterEach(() => {
+        jest.useRealTimers();
+    });
+    describe('constructor', () => {
+        it('should create middleware with default options', () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 10,
+                windowMs: 60,
+            });
+            expect(middleware).toBeDefined();
+        });
+        it('should use custom key generator', () => {
+            const customKeyGen = jest.fn().mockReturnValue('custom-key');
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 10,
+                windowMs: 60,
+                keyGenerator: customKeyGen,
+            });
+            expect(middleware).toBeDefined();
+        });
+    });
+    describe('use', () => {
+        it('should allow requests within limit', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 5,
+                windowMs: 60,
+            });
+            await middleware.use(mockReq, mockRes, nextFn);
+            expect(nextFn).toHaveBeenCalled();
+            expect(mockRes.setHeader).toHaveBeenCalledWith('RateLimit-Limit', '5');
+            expect(mockRes.setHeader).toHaveBeenCalledWith('RateLimit-Remaining', '4');
+        });
+        it('should set standard rate limit headers', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 10,
+                windowMs: 60,
+                standardHeaders: true,
+            });
+            await middleware.use(mockReq, mockRes, nextFn);
+            expect(mockRes.setHeader).toHaveBeenCalledWith('RateLimit-Limit', '10');
+            expect(mockRes.setHeader).toHaveBeenCalledWith('RateLimit-Remaining', '9');
+            expect(mockRes.setHeader).toHaveBeenCalledWith('RateLimit-Reset', expect.any(String));
+        });
+        it('should set legacy rate limit headers', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 10,
+                windowMs: 60,
+                legacyHeaders: true,
+            });
+            await middleware.use(mockReq, mockRes, nextFn);
+            expect(mockRes.setHeader).toHaveBeenCalledWith('X-RateLimit-Limit', '10');
+            expect(mockRes.setHeader).toHaveBeenCalledWith('X-RateLimit-Remaining', '9');
+            expect(mockRes.setHeader).toHaveBeenCalledWith('X-RateLimit-Reset', expect.any(String));
+        });
+        it('should throw error when limit exceeded', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 2,
+                windowMs: 60,
+            });
+            // Make 3 requests
+            await middleware.use(mockReq, mockRes, nextFn);
+            await middleware.use(mockReq, mockRes, nextFn);
+            await expect(middleware.use(mockReq, mockRes, nextFn)).rejects.toThrow(http_error_1.HttpError);
+        });
+        it('should use custom error message', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 1,
+                windowMs: 60,
+                message: 'Custom rate limit message',
+            });
+            await middleware.use(mockReq, mockRes, nextFn);
+            try {
+                await middleware.use(mockReq, mockRes, nextFn);
+            }
+            catch (error) {
+                expect(error).toBeInstanceOf(http_error_1.HttpError);
+                expect(error.message).toBe('Custom rate limit message');
+            }
+        });
+        it('should use custom status code', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 1,
+                windowMs: 60,
+                statusCode: 503,
+            });
+            await middleware.use(mockReq, mockRes, nextFn);
+            try {
+                await middleware.use(mockReq, mockRes, nextFn);
+            }
+            catch (error) {
+                expect(error.statusCode).toBe(503);
+            }
+        });
+        it('should use custom key generator', async () => {
+            const customKeyGen = jest.fn().mockReturnValue('user-123');
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 5,
+                windowMs: 60,
+                keyGenerator: customKeyGen,
+            });
+            await middleware.use(mockReq, mockRes, nextFn);
+            expect(customKeyGen).toHaveBeenCalledWith(mockReq);
+        });
+        it('should handle x-forwarded-for header', async () => {
+            mockReq.headers = {
+                'x-forwarded-for': '192.168.1.1, 10.0.0.1',
+            };
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 5,
+                windowMs: 60,
+            });
+            await middleware.use(mockReq, mockRes, nextFn);
+            expect(nextFn).toHaveBeenCalled();
+        });
+        it('should handle x-forwarded-for as array', async () => {
+            mockReq.headers = {
+                'x-forwarded-for': ['192.168.1.1', '10.0.0.1'],
+            };
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 5,
+                windowMs: 60,
+            });
+            await middleware.use(mockReq, mockRes, nextFn);
+            expect(nextFn).toHaveBeenCalled();
+        });
+        it('should reset count after window expires', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 2,
+                windowMs: 1, // 1 second
+            });
+            // First request
+            await middleware.use(mockReq, mockRes, nextFn);
+            await middleware.use(mockReq, mockRes, nextFn);
+            // Advance time past window
+            jest.advanceTimersByTime(2000);
+            // Should allow new requests
+            await middleware.use(mockReq, mockRes, nextFn);
+            expect(nextFn).toHaveBeenCalledTimes(3);
+        });
+        it('should show remaining count decreasing', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 3,
+                windowMs: 60,
+            });
+            await middleware.use(mockReq, mockRes, nextFn);
+            expect(mockRes.setHeader).toHaveBeenCalledWith('RateLimit-Remaining', '2');
+            jest.clearAllMocks();
+            await middleware.use(mockReq, mockRes, nextFn);
+            expect(mockRes.setHeader).toHaveBeenCalledWith('RateLimit-Remaining', '1');
+            jest.clearAllMocks();
+            await middleware.use(mockReq, mockRes, nextFn);
+            expect(mockRes.setHeader).toHaveBeenCalledWith('RateLimit-Remaining', '0');
+        });
+    });
+    describe('destroy', () => {
+        it('should cleanup resources', () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 10,
+                windowMs: 60,
+            });
+            middleware.destroy();
+            // Should not throw
+            expect(true).toBe(true);
+        });
+    });
+    describe('edge cases', () => {
+        it('should handle missing socket', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 10,
+                windowMs: 60,
+            });
+            const reqWithoutSocket = {
+                method: 'GET',
+                url: '/test',
+                headers: {},
+            };
+            await middleware.use(reqWithoutSocket, mockRes, nextFn);
+            expect(nextFn).toHaveBeenCalled();
+        });
+        it('should handle missing remote address', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 10,
+                windowMs: 60,
+            });
+            const reqWithoutAddress = {
+                method: 'GET',
+                url: '/test',
+                headers: {},
+                socket: {},
+            };
+            await middleware.use(reqWithoutAddress, mockRes, nextFn);
+            expect(nextFn).toHaveBeenCalled();
+        });
+        it('should use X-Forwarded-For header when available', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 2,
+                windowMs: 60,
+            });
+            const reqWithForwardedFor = {
+                method: 'GET',
+                url: '/test',
+                headers: { 'x-forwarded-for': '192.168.1.1' },
+                socket: { remoteAddress: '127.0.0.1' },
+            };
+            await middleware.use(reqWithForwardedFor, mockRes, nextFn);
+            await middleware.use(reqWithForwardedFor, mockRes, nextFn);
+            // Third request should be rate limited
+            await expect(middleware.use(reqWithForwardedFor, mockRes, nextFn)).rejects.toThrow(http_error_1.HttpError);
+        });
+        it('should handle rate limit exceeded', async () => {
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 1,
+                windowMs: 60,
+            });
+            await middleware.use(mockReq, mockRes, nextFn);
+            // Second request should be rate limited
+            await expect(middleware.use(mockReq, mockRes, nextFn)).rejects.toThrow(http_error_1.HttpError);
+        });
+        it('should use custom message when provided', async () => {
+            const customMessage = 'Custom rate limit message';
+            const middleware = new rate_limit_middleware_1.RateLimitMiddleware({
+                max: 1,
+                windowMs: 60,
+                message: customMessage,
+            });
+            await middleware.use(mockReq, mockRes, nextFn);
+            try {
+                await middleware.use(mockReq, mockRes, nextFn);
+            }
+            catch (error) {
+                expect(error).toBeInstanceOf(http_error_1.HttpError);
+                expect(error.message).toBe(customMessage);
+            }
+        });
+    });
+});

package/dist/__tests__/middleware/security-headers.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=security-headers.test.d.ts.map

package/dist/__tests__/middleware/security-headers.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-headers.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/middleware/security-headers.test.ts"],"names":[],"mappings":""}