@innet/server 2.0.0-alpha.7 → 2.0.0-alpha.9

package/README.md

@@ -317,7 +317,9 @@ This section contains elements of utils.
 
 [\<swagger>](#swagger)  
 [\<dev>](#dev)  
+[\<prod>](#prod)  
 [\<dts>](#dts)
+[\<protection>](#protection)
 
 ---
 
@@ -374,6 +376,25 @@ export default (
 )
 ```
 
+### \<prod>
+
+[← back](#utils)
+
+Everything inside <prod> will work when `NODE_ENV` equals `production`.
+
+*src/app.tsx*
+```typescript jsx
+export default (
+  <server>
+    <api>
+      <prod>
+        <swagger />
+      </prod>
+    </api>
+  </server>
+)
+```
+
 ### \<dts>
 
 [← back](#utils)
@@ -419,6 +440,149 @@ export function DeleteTodo () {
 }
 ```
 
+### \<protection>
+
+[← back](#utils)
+
+This element adds protection page.
+You can use it when you want to protect your application.
+This element MUST be placed in `<api>` element.
+
+#### html
+
+`<protection>` has a required prop of `html`.
+This is a `string` of HTML a user will see if they have no protection.
+
+*src/app.tsx*
+```typescript jsx
+import html from './protection.html'
+
+export default (
+  <server>
+    <api>
+      <protection
+        html={html}
+      />
+    </api>
+  </server>
+)
+```
+
+#### value
+
+This prop is a secret string of protection value.
+User must provide a protection query param equals the `value`.
+
+By default, the value is `undefined` and protection does not work.
+You can use `PROTECTION` env to set default protection `value`.
+
+*src/app.tsx*
+```typescript jsx
+import html from './protection.html'
+
+export default (
+  <server>
+    <api>
+      <protection
+        value='secret'
+        html={html}
+      />
+    </api>
+  </server>
+)
+```
+
+#### maxAge
+
+This prop sets how much time protection is qualified.
+
+By default, the prop equals a year.
+You can use `PROTECTION_MAX_AGE` env to set default `maxAge`.
+
+*src/app.tsx*
+```typescript jsx
+import html from './protection.html'
+
+export default (
+  <server>
+    <api>
+      <protection
+        maxAge={24 * 60 * 60}
+        html={html}
+      />
+    </api>
+  </server>
+)
+```
+
+#### excludeIp
+
+This prop sets a list of IP addresses (split by `,`) to ignore the protection.
+
+You can use `PROTECTED_IP` env to set default `excludeIp`.
+
+*src/app.tsx*
+```typescript jsx
+import html from './protection.html'
+
+export default (
+  <server>
+    <api>
+      <protection
+        excludeIp='0.0.0.0,127.0.0.0'
+        html={html}
+      />
+    </api>
+  </server>
+)
+```
+
+#### cookieKey
+
+This prop sets a cookie field name used to store protection of a user.
+
+By default, it equals `protection`.
+You can use `PROTECTION_COOKIE_KEY` env to set default `cookieKey`.
+
+*src/app.tsx*
+```typescript jsx
+import html from './protection.html'
+
+export default (
+  <server>
+    <api>
+      <protection
+        cookieKey='secret'
+        html={html}
+      />
+    </api>
+  </server>
+)
+```
+
+#### searchKey
+
+This prop sets a search query field name used to check protection.
+
+By default, it equals `protection`.
+You can use `PROTECTION_SEARCH_KEY` env to set default `searchKey`.
+
+*src/app.tsx*
+```typescript jsx
+import html from './protection.html'
+
+export default (
+  <server>
+    <api>
+      <protection
+        searchKey='secret'
+        html={html}
+      />
+    </api>
+  </server>
+)
+```
+
 ## API Info
 
 The API information elements are here.
@@ -3317,7 +3481,7 @@ Hook functions give you all features to control parent element functionality.
 
 [← back](#index)
 
-[useServer](#useserver)  
+Real-time  
 [useRequest](#userequest)  
 [useResponse](#useresponse)  
 [useHeaders](#useheaders)  
@@ -3326,31 +3490,16 @@ Hook functions give you all features to control parent element functionality.
 [useParams](#useparams)  
 [useSearch](#usesearch)  
 [useBody](#usebody)  
-[useComponentName](#usecomponentname)  
-[useRequestPlugin](#userequestplugin)  
+[useClientIp](#useclientip)  
 
----
+Server start  
+[useRequestPlugin](#userequestplugin)
 
-### useServer
-
-[← back](#hooks)
-
-This hook MUST be used in a component placed in `<server>`.
-This hook returns current http(s) server instance.
-
-*src/Component.tsx*
-
-```typescript jsx
-import { useServer } from '@innet/sever'
-
-export function Component () {
-  const server = useServer()
-
-  console.log(server)
+Both  
+[useServer](#useserver)  
+[useComponentName](#usecomponentname)
 
-  return <success />
-}
-```
+---
 
 ### useRequest
 
@@ -3505,21 +3654,21 @@ export function Component () {
 }
 ```
 
-### useComponentName
+### useClientIp
 
 [← back](#hooks)
 
-This hook returns name of current component.
+This hook returns request user IP.
+This hook MUST be used in a component placed in [\<request>](#request) or [\<fallback>](#fallback).
 
 *src/Component.tsx*
 ```typescript jsx
-import { useComponentName } from '@innet/sever'
+import { useClientIp } from '@innet/sever'
 
 export function Component () {
-// returns this ^-------^
-  const name = useComponentName()
-
-  return <success>{{ name }}</success>
+  const ip = useClientIp()
+  
+  return <success>{{ ip }}</success>
 }
 ```
 
@@ -3531,6 +3680,8 @@ This hook adds a request plugin function.
 The function runs before check endpoints.
 If the function returns `true` the request handling stops, and you get full control over the request.
 
+This hook MUST be used in a component placed in [\<api>](#api).
+
 *src/SecretEndpoint.tsx*
 ```typescript jsx
 import { useRequestPlugin } from '@innet/sever'
@@ -3568,6 +3719,44 @@ export default (
 Any endpoint returns an error except for `/secret-endpoint`.
 Elements order does not matter.
 
+### useServer
+
+[← back](#hooks)
+
+This hook MUST be used in a component placed in [\<server>](#server).
+This hook returns current http(s) server instance.
+
+*src/Component.tsx*
+```typescript jsx
+import { useServer } from '@innet/sever'
+
+export function Component () {
+  const server = useServer()
+
+  console.log(server)
+
+  return <success />
+}
+```
+
+### useComponentName
+
+[← back](#hooks)
+
+This hook returns name of current component.
+
+*src/Component.tsx*
+```typescript jsx
+import { useComponentName } from '@innet/sever'
+
+export function Component () {
+// returns this ^-------^
+  const name = useComponentName()
+
+  return <success>{{ name }}</success>
+}
+```
+
 ## Issues
 If you find a bug or have a suggestion, please file an issue on [GitHub](https://github.com/d8corp/innet-server/issues).
 

package/handler/handler.d.ts

@@ -1,6 +1,6 @@
 import { context, type ContextProps, slot, type SlotProps, slots, type SlotsProps } from '@innet/jsx';
 import { arraySync, async } from '@innet/utils';
-import { type ApiProps, type ArrayProps, type BinaryProps, type BodyProps, type BooleanProps, cms, type CmsProps, type ContactProps, type CookieProps, type DateProps, type DevProps, type DtsProps, type EndpointProps, type ErrorProps, type FallbackProps, type FieldProps, file, type FileProps, type HeaderProps, type HostProps, type IntegerProps, type LicenseProps, type NullProps, type NumberProps, type ObjectProps, type ParamProps, type ProdProps, type ProxyProps, type RedirectProps, type RequestProps, type ResponseProps, type ServerProps, type StringProps, type SuccessProps, type SwaggerProps, type TagProps, type TupleProps, type UuidProps, type VariableProps } from '../plugins';
+import { type ApiProps, type ArrayProps, type BinaryProps, type BodyProps, type BooleanProps, cms, type CmsProps, type ContactProps, type CookieProps, type DateProps, type DevProps, type DtsProps, type EndpointProps, type ErrorProps, type FallbackProps, type FieldProps, file, type FileProps, type HeaderProps, type HostProps, type IntegerProps, type LicenseProps, type NullProps, type NumberProps, type ObjectProps, type ParamProps, type ProdProps, protection, type ProtectionProps, type ProxyProps, type RedirectProps, type RequestProps, type ResponseProps, type ServerProps, type StringProps, type SuccessProps, type SwaggerProps, type TagProps, type TupleProps, type UuidProps, type VariableProps } from '../plugins';
 export declare const arrayPlugins: (typeof arraySync)[];
 export declare const JSXPlugins: {
     api: import("innet").HandlerPlugin;
@@ -29,6 +29,7 @@ export declare const JSXPlugins: {
     object: import("innet").HandlerPlugin;
     param: import("innet").HandlerPlugin;
     prod: import("innet").HandlerPlugin;
+    protection: typeof protection;
     proxy: import("innet").HandlerPlugin;
     redirect: import("innet").HandlerPlugin;
     request: import("innet").HandlerPlugin;
@@ -77,6 +78,7 @@ declare global {
             object: ObjectProps;
             param: ParamProps;
             prod: ProdProps;
+            protection: ProtectionProps;
             proxy: ProxyProps;
             redirect: RedirectProps;
             request: RequestProps;

package/handler/handler.es6.js

@@ -27,6 +27,7 @@ import { number } from '../plugins/schema/number/number.es6.js';
 import { object } from '../plugins/schema/object/object.es6.js';
 import { param } from '../plugins/main/param/param.es6.js';
 import { prod } from '../plugins/utils/prod/prod.es6.js';
+import { protection } from '../plugins/utils/protection/protection.es6.js';
 import { proxy } from '../plugins/request/proxy/proxy.es6.js';
 import { redirect } from '../plugins/request/redirect/redirect.es6.js';
 import { request } from '../plugins/main/request/request.es6.js';
@@ -71,6 +72,7 @@ const JSXPlugins = {
     object,
     param,
     prod,
+    protection,
     proxy,
     redirect,
     request,

package/handler/handler.js

@@ -31,6 +31,7 @@ var number = require('../plugins/schema/number/number.js');
 var object = require('../plugins/schema/object/object.js');
 var param = require('../plugins/main/param/param.js');
 var prod = require('../plugins/utils/prod/prod.js');
+var protection = require('../plugins/utils/protection/protection.js');
 var proxy = require('../plugins/request/proxy/proxy.js');
 var redirect = require('../plugins/request/redirect/redirect.js');
 var request = require('../plugins/main/request/request.js');
@@ -75,6 +76,7 @@ const JSXPlugins = {
     object: object.object,
     param: param.param,
     prod: prod.prod,
+    protection: protection.protection,
     proxy: proxy.proxy,
     redirect: redirect.redirect,
     request: request.request,

package/hooks/index.d.ts

@@ -24,3 +24,4 @@ export * from './useObjectRule';
 export * from './useBodyFile';
 export * from './usePath';
 export * from './useRequestPlugin';
+export * from './useClientIp';

package/hooks/index.es6.js

@@ -24,3 +24,4 @@ import './useObjectRule/index.es6.js';
 import './useBodyFile/index.es6.js';
 import './usePath/index.es6.js';
 import './useRequestPlugin/index.es6.js';
+import './useClientIp/index.es6.js';

package/hooks/index.js

@@ -26,4 +26,5 @@ require('./useObjectRule/index.js');
 require('./useBodyFile/index.js');
 require('./usePath/index.js');
 require('./useRequestPlugin/index.js');
+require('./useClientIp/index.js');
 

package/hooks/useClientIp/index.d.ts

@@ -0,0 +1 @@
+export * from './useClientIp';

package/hooks/useClientIp/index.es6.js

@@ -0,0 +1 @@
+export { useClientIp } from './useClientIp.es6.js';

package/hooks/useClientIp/index.js

@@ -0,0 +1,9 @@
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var useClientIp = require('./useClientIp.js');
+
+
+
+exports.useClientIp = useClientIp.useClientIp;

package/hooks/useClientIp/useClientIp.d.ts

@@ -0,0 +1 @@
+export declare function useClientIp(): string | null;

package/hooks/useClientIp/useClientIp.es6.js

@@ -0,0 +1,9 @@
+import '../useAction/index.es6.js';
+import { useAction } from '../useAction/useAction.es6.js';
+
+function useClientIp() {
+    const action = useAction();
+    return action.clientIp;
+}
+
+export { useClientIp };

package/hooks/useClientIp/useClientIp.js

@@ -0,0 +1,13 @@
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+require('../useAction/index.js');
+var useAction = require('../useAction/useAction.js');
+
+function useClientIp() {
+    const action = useAction.useAction();
+    return action.clientIp;
+}
+
+exports.useClientIp = useClientIp;

package/index.es6.js

@@ -41,6 +41,7 @@ export { swagger } from './plugins/utils/swagger/swagger.es6.js';
 export { dts } from './plugins/utils/dts/dts.es6.js';
 export { dev } from './plugins/utils/dev/dev.es6.js';
 export { prod } from './plugins/utils/prod/prod.es6.js';
+export { protection } from './plugins/utils/protection/protection.es6.js';
 export { serverFn } from './plugins/handler/serverFn/serverFn.es6.js';
 export { EMPTY_SEARCH, parseSearch } from './utils/parseSearch/parseSearch.es6.js';
 export { stringifySearch } from './utils/stringifySearch/stringifySearch.es6.js';
@@ -108,3 +109,4 @@ export { objectRuleContext, useObjectRule } from './hooks/useObjectRule/useObjec
 export { bodyFileContext, useBodyFile } from './hooks/useBodyFile/useBodyFile.es6.js';
 export { usePath } from './hooks/usePath/usePath.es6.js';
 export { useRequestPlugin } from './hooks/useRequestPlugin/useRequestPlugin.es6.js';
+export { useClientIp } from './hooks/useClientIp/useClientIp.es6.js';

package/index.js

@@ -45,6 +45,7 @@ var swagger = require('./plugins/utils/swagger/swagger.js');
 var dts = require('./plugins/utils/dts/dts.js');
 var dev = require('./plugins/utils/dev/dev.js');
 var prod = require('./plugins/utils/prod/prod.js');
+var protection = require('./plugins/utils/protection/protection.js');
 var serverFn = require('./plugins/handler/serverFn/serverFn.js');
 var parseSearch = require('./utils/parseSearch/parseSearch.js');
 var stringifySearch = require('./utils/stringifySearch/stringifySearch.js');
@@ -112,6 +113,7 @@ var useObjectRule = require('./hooks/useObjectRule/useObjectRule.js');
 var useBodyFile = require('./hooks/useBodyFile/useBodyFile.js');
 var usePath = require('./hooks/usePath/usePath.js');
 var useRequestPlugin = require('./hooks/useRequestPlugin/useRequestPlugin.js');
+var useClientIp = require('./hooks/useClientIp/useClientIp.js');
 
 
 
@@ -162,6 +164,7 @@ exports.swagger = swagger.swagger;
 exports.dts = dts.dts;
 exports.dev = dev.dev;
 exports.prod = prod.prod;
+exports.protection = protection.protection;
 exports.serverFn = serverFn.serverFn;
 exports.EMPTY_SEARCH = parseSearch.EMPTY_SEARCH;
 exports.parseSearch = parseSearch.parseSearch;
@@ -248,3 +251,4 @@ exports.bodyFileContext = useBodyFile.bodyFileContext;
 exports.useBodyFile = useBodyFile.useBodyFile;
 exports.usePath = usePath.usePath;
 exports.useRequestPlugin = useRequestPlugin.useRequestPlugin;
+exports.useClientIp = useClientIp.useClientIp;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@innet/server",
-  "version": "2.0.0-alpha.7",
+  "version": "2.0.0-alpha.9",
   "description": "Create server-side application with innet",
   "main": "index.js",
   "module": "index.es6.js",
@@ -49,6 +49,7 @@
     "multiparty": "^4.2.3",
     "openapi-types": "^12.1.3",
     "qs": "^6.11.2",
+    "request-ip": "^3.3.0",
     "string_decoder": "^1.3.0",
     "tslib": "^2.6.1",
     "uuid": "^9.0.0",

package/plugins/main/api/api.es6.js

@@ -34,7 +34,7 @@ const api = () => {
         var _b, _c, _d, _e, _f, _g;
         if (res.writableEnded)
             return;
-        const action = new Action(req);
+        const action = new Action(req, res);
         const path = action.parsedUrl.path;
         const url = path.endsWith('/') ? path.slice(0, -1) : path;
         if (url === (prefix || '')) {
@@ -47,7 +47,7 @@ const api = () => {
             return;
         }
         for (const requestPlugin of requestPlugins) {
-            if (requestPlugin(req, res))
+            if (requestPlugin(action))
                 return;
         }
         const method = ((_c = (_b = req.method) === null || _b === void 0 ? void 0 : _b.toLowerCase()) !== null && _c !== void 0 ? _c : 'get');

package/plugins/main/api/api.js

@@ -42,7 +42,7 @@ const api = () => {
         var _b, _c, _d, _e, _f, _g;
         if (res.writableEnded)
             return;
-        const action = new Action.Action(req);
+        const action = new Action.Action(req, res);
         const path = action.parsedUrl.path;
         const url = path.endsWith('/') ? path.slice(0, -1) : path;
         if (url === (prefix || '')) {
@@ -55,7 +55,7 @@ const api = () => {
             return;
         }
         for (const requestPlugin of requestPlugins) {
-            if (requestPlugin(req, res))
+            if (requestPlugin(action))
                 return;
         }
         const method = ((_c = (_b = req.method) === null || _b === void 0 ? void 0 : _b.toLowerCase()) !== null && _c !== void 0 ? _c : 'get');

package/plugins/request/cookie/cookie.es6.js

@@ -1,28 +1,12 @@
 import { __rest } from 'tslib';
 import { useProps } from '@innet/jsx';
-import cookie$1 from 'cookie';
 import '../../../hooks/index.es6.js';
-import { useResponse } from '../../../hooks/useResponse/useResponse.es6.js';
-import { useThrow } from '../../../hooks/useThrow/useThrow.es6.js';
+import { useAction } from '../../../hooks/useAction/useAction.es6.js';
 
 const cookie = () => {
-    const res = useResponse();
-    if (!res) {
-        useThrow('<{type}> MUST be in <request> or <fallback>');
-    }
+    const action = useAction();
     const _a = useProps(), { key, value } = _a, opt = __rest(_a, ["key", "value"]);
-    let cookies = res.getHeader('Set-Cookie');
-    if (typeof cookies === 'string') {
-        cookies = [cookies];
-    }
-    const normValue = typeof value === 'string' ? cookie$1.serialize(key, value, opt) : `${key}=; max-age=0`;
-    if (cookies) {
-        cookies.push(normValue);
-    }
-    else {
-        cookies = normValue;
-    }
-    res.setHeader('Set-Cookie', cookies);
+    action.setCookie(key, value, opt);
 };
 
 export { cookie };

package/plugins/request/cookie/cookie.js

@@ -4,33 +4,13 @@ Object.defineProperty(exports, '__esModule', { value: true });
 
 var tslib = require('tslib');
 var jsx = require('@innet/jsx');
-var cookie$1 = require('cookie');
 require('../../../hooks/index.js');
-var useResponse = require('../../../hooks/useResponse/useResponse.js');
-var useThrow = require('../../../hooks/useThrow/useThrow.js');
-
-function _interopDefaultLegacy (e) { return e && typeof e === 'object' && 'default' in e ? e : { 'default': e }; }
-
-var cookie__default = /*#__PURE__*/_interopDefaultLegacy(cookie$1);
+var useAction = require('../../../hooks/useAction/useAction.js');
 
 const cookie = () => {
-    const res = useResponse.useResponse();
-    if (!res) {
-        useThrow.useThrow('<{type}> MUST be in <request> or <fallback>');
-    }
+    const action = useAction.useAction();
     const _a = jsx.useProps(), { key, value } = _a, opt = tslib.__rest(_a, ["key", "value"]);
-    let cookies = res.getHeader('Set-Cookie');
-    if (typeof cookies === 'string') {
-        cookies = [cookies];
-    }
-    const normValue = typeof value === 'string' ? cookie__default["default"].serialize(key, value, opt) : `${key}=; max-age=0`;
-    if (cookies) {
-        cookies.push(normValue);
-    }
-    else {
-        cookies = normValue;
-    }
-    res.setHeader('Set-Cookie', cookies);
+    action.setCookie(key, value, opt);
 };
 
 exports.cookie = cookie;

package/plugins/utils/index.d.ts

@@ -2,3 +2,4 @@ export * from './swagger';
 export * from './dts';
 export * from './dev';
 export * from './prod';
+export * from './protection';

package/plugins/utils/index.es6.js

@@ -2,3 +2,4 @@ import './swagger/index.es6.js';
 import './dts/index.es6.js';
 import './dev/index.es6.js';
 import './prod/index.es6.js';
+import './protection/index.es6.js';

package/plugins/utils/index.js

@@ -4,4 +4,5 @@ require('./swagger/index.js');
 require('./dts/index.js');
 require('./dev/index.js');
 require('./prod/index.js');
+require('./protection/index.js');
 

package/plugins/utils/protection/index.d.ts

@@ -0,0 +1 @@
+export * from './protection';

package/plugins/utils/protection/index.es6.js

@@ -0,0 +1 @@
+export { protection } from './protection.es6.js';

package/plugins/utils/protection/index.js

@@ -0,0 +1,9 @@
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var protection = require('./protection.js');
+
+
+
+exports.protection = protection.protection;

package/plugins/utils/protection/protection.d.ts

@@ -0,0 +1,9 @@
+export interface ProtectionProps {
+    html: string;
+    value?: string;
+    maxAge?: number;
+    excludeIp?: string | string[];
+    cookieKey?: string;
+    searchKey?: string;
+}
+export declare function protection(): void;

package/plugins/utils/protection/protection.es6.js

@@ -0,0 +1,38 @@
+import { useProps } from '@innet/jsx';
+import '../../../hooks/index.es6.js';
+import { useRequestPlugin } from '../../../hooks/useRequestPlugin/useRequestPlugin.es6.js';
+
+function protection() {
+    const { html, maxAge = Number(process.env.PROTECTION_MAX_AGE) || 365 * 24 * 60 * 60, value = process.env.PROTECTION, excludeIp = process.env.PROTECTED_IP, cookieKey = process.env.PROTECTION_COOKIE_KEY || 'protection', searchKey = process.env.PROTECTION_SEARCH_KEY || 'protection', } = useProps();
+    if (!value)
+        return;
+    const excludeIps = Array.isArray(excludeIp) ? excludeIp : excludeIp === null || excludeIp === void 0 ? void 0 : excludeIp.split(',');
+    useRequestPlugin(action => {
+        if (!action.clientIp) {
+            action.res.write(html);
+            action.res.end();
+            return true;
+        }
+        if (excludeIps === null || excludeIps === void 0 ? void 0 : excludeIps.includes(action.clientIp))
+            return false;
+        const { [cookieKey]: cookieProtection } = action.cookies;
+        if (cookieProtection && cookieProtection === value)
+            return false;
+        const { [searchKey]: searchProtection } = action.search;
+        if (searchProtection && searchProtection === value) {
+            action.setCookie(cookieKey, value, {
+                maxAge,
+                httpOnly: true,
+                secure: true,
+                path: '/',
+            });
+            return false;
+        }
+        action.setCookie(cookieKey);
+        action.res.write(html);
+        action.res.end();
+        return true;
+    });
+}
+
+export { protection };

package/plugins/utils/protection/protection.js

@@ -0,0 +1,42 @@
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var jsx = require('@innet/jsx');
+require('../../../hooks/index.js');
+var useRequestPlugin = require('../../../hooks/useRequestPlugin/useRequestPlugin.js');
+
+function protection() {
+    const { html, maxAge = Number(process.env.PROTECTION_MAX_AGE) || 365 * 24 * 60 * 60, value = process.env.PROTECTION, excludeIp = process.env.PROTECTED_IP, cookieKey = process.env.PROTECTION_COOKIE_KEY || 'protection', searchKey = process.env.PROTECTION_SEARCH_KEY || 'protection', } = jsx.useProps();
+    if (!value)
+        return;
+    const excludeIps = Array.isArray(excludeIp) ? excludeIp : excludeIp === null || excludeIp === void 0 ? void 0 : excludeIp.split(',');
+    useRequestPlugin.useRequestPlugin(action => {
+        if (!action.clientIp) {
+            action.res.write(html);
+            action.res.end();
+            return true;
+        }
+        if (excludeIps === null || excludeIps === void 0 ? void 0 : excludeIps.includes(action.clientIp))
+            return false;
+        const { [cookieKey]: cookieProtection } = action.cookies;
+        if (cookieProtection && cookieProtection === value)
+            return false;
+        const { [searchKey]: searchProtection } = action.search;
+        if (searchProtection && searchProtection === value) {
+            action.setCookie(cookieKey, value, {
+                maxAge,
+                httpOnly: true,
+                secure: true,
+                path: '/',
+            });
+            return false;
+        }
+        action.setCookie(cookieKey);
+        action.res.write(html);
+        action.res.end();
+        return true;
+    });
+}
+
+exports.protection = protection;

package/plugins/utils/swagger/swagger.es6.js

@@ -8,14 +8,14 @@ const swagger = () => {
     const { path = '/swagger-ui' } = useProps() || {};
     const { docs, prefix } = useApi();
     let swaggerResponse;
-    useRequestPlugin((req, res) => {
-        if (req.url === prefix + path) {
+    useRequestPlugin(action => {
+        if (action.req.url === prefix + path) {
             if (!swaggerResponse) {
                 swaggerResponse = html.replace('spec: {},', `spec: ${JSON.stringify(docs)},`);
             }
-            res.statusCode = 200;
-            res.write(swaggerResponse);
-            res.end();
+            action.res.statusCode = 200;
+            action.res.write(swaggerResponse);
+            action.res.end();
             return true;
         }
     });

package/plugins/utils/swagger/swagger.js

@@ -12,14 +12,14 @@ const swagger = () => {
     const { path = '/swagger-ui' } = jsx.useProps() || {};
     const { docs, prefix } = useApi.useApi();
     let swaggerResponse;
-    useRequestPlugin.useRequestPlugin((req, res) => {
-        if (req.url === prefix + path) {
+    useRequestPlugin.useRequestPlugin(action => {
+        if (action.req.url === prefix + path) {
             if (!swaggerResponse) {
                 swaggerResponse = swagger$1["default"].replace('spec: {},', `spec: ${JSON.stringify(docs)},`);
             }
-            res.statusCode = 200;
-            res.write(swaggerResponse);
-            res.end();
+            action.res.statusCode = 200;
+            action.res.write(swaggerResponse);
+            action.res.end();
             return true;
         }
     });

package/types.d.ts

@@ -1,8 +1,7 @@
-/// <reference types="node" />
-import type { IncomingMessage, ServerResponse } from 'http';
 import type { Handler } from 'innet';
 import type { OpenAPIV3_1 as API } from 'openapi-types';
 import type { ApiErrorValue } from './constants';
+import { type Action } from './utils';
 import { type Rule, type RulesErrors } from './utils/rules';
 export type TagObject = API.TagObject;
 export type Document = API.Document;
@@ -73,4 +72,4 @@ export interface Fallback {
     children: any;
     handler: Handler;
 }
-export type RequestPlugin = (req: IncomingMessage, res: ServerResponse) => boolean | undefined;
+export type RequestPlugin = (action: Action) => boolean | undefined;

package/utils/action/Action.d.ts

@@ -1,6 +1,6 @@
 /// <reference types="node" />
-import type http from 'http';
-import { type IncomingHttpHeaders } from 'http';
+import { type CookieSerializeOptions } from 'cookie';
+import { type IncomingHttpHeaders, type IncomingMessage, type ServerResponse } from 'http';
 import { type ParsedQs } from 'qs';
 import { type BodyType } from '../../types';
 export declare const URL_PARSER: RegExp;
@@ -10,8 +10,9 @@ export interface ParsedUrl {
 }
 export declare class Action {
     #private;
-    private readonly req;
-    constructor(req: http.IncomingMessage);
+    readonly req: IncomingMessage;
+    readonly res: ServerResponse;
+    constructor(req: IncomingMessage, res: ServerResponse);
     get parsedUrl(): ParsedUrl;
     get path(): string;
     get originSearch(): ParsedQs;
@@ -26,4 +27,6 @@ export declare class Action {
     get bodyType(): BodyType | undefined;
     body?: object;
     parseBody(): Promise<void>;
+    setCookie(name: string, value?: string, options?: CookieSerializeOptions): void;
+    get clientIp(): string | null;
 }

package/utils/action/Action.es6.js

@@ -1,5 +1,6 @@
 import { __runInitializers, __classPrivateFieldGet, __classPrivateFieldSet, __awaiter, __esDecorate } from 'tslib';
-import cookie from 'cookie';
+import cookieLib from 'cookie';
+import { getClientIp } from 'request-ip';
 import '../decorators/index.es6.js';
 import '../parseBody/index.es6.js';
 import '../parseFormBody/index.es6.js';
@@ -19,9 +20,11 @@ let Action = (() => {
     let _get_originCookies_decorators;
     let _get_bodyType_decorators;
     let _parseBody_decorators;
+    let _get_clientIp_decorators;
     return _a = class Action {
-            constructor(req) {
+            constructor(req, res) {
                 this.req = (__runInitializers(this, _instanceExtraInitializers), req);
+                this.res = res;
                 _Action_search.set(this, void 0);
                 _Action_headers.set(this, {});
                 _Action_cookie.set(this, {});
@@ -66,7 +69,7 @@ let Action = (() => {
             }
             get originCookies() {
                 var _a;
-                return cookie.parse((_a = this.req.headers.cookie) !== null && _a !== void 0 ? _a : '');
+                return cookieLib.parse((_a = this.req.headers.cookie) !== null && _a !== void 0 ? _a : '');
             }
             get cookies() {
                 if (__classPrivateFieldGet(this, _Action_cookie, "f"))
@@ -103,6 +106,23 @@ let Action = (() => {
                     }
                 });
             }
+            setCookie(name, value, options) {
+                let cookies = this.res.getHeader('Set-Cookie');
+                if (typeof cookies === 'string') {
+                    cookies = [cookies];
+                }
+                const normValue = typeof value === 'string' ? cookieLib.serialize(name, value, options) : `${name}=; max-age=0`;
+                if (cookies) {
+                    cookies.push(normValue);
+                }
+                else {
+                    cookies = normValue;
+                }
+                this.res.setHeader('Set-Cookie', cookies);
+            }
+            get clientIp() {
+                return getClientIp(this.req);
+            }
         },
         _Action_search = new WeakMap(),
         _Action_headers = new WeakMap(),
@@ -113,11 +133,13 @@ let Action = (() => {
             _get_originCookies_decorators = [once];
             _get_bodyType_decorators = [once];
             _parseBody_decorators = [once];
+            _get_clientIp_decorators = [once];
             __esDecorate(_a, null, _get_parsedUrl_decorators, { kind: "getter", name: "parsedUrl", static: false, private: false, access: { has: obj => "parsedUrl" in obj, get: obj => obj.parsedUrl } }, null, _instanceExtraInitializers);
             __esDecorate(_a, null, _get_originSearch_decorators, { kind: "getter", name: "originSearch", static: false, private: false, access: { has: obj => "originSearch" in obj, get: obj => obj.originSearch } }, null, _instanceExtraInitializers);
             __esDecorate(_a, null, _get_originCookies_decorators, { kind: "getter", name: "originCookies", static: false, private: false, access: { has: obj => "originCookies" in obj, get: obj => obj.originCookies } }, null, _instanceExtraInitializers);
             __esDecorate(_a, null, _get_bodyType_decorators, { kind: "getter", name: "bodyType", static: false, private: false, access: { has: obj => "bodyType" in obj, get: obj => obj.bodyType } }, null, _instanceExtraInitializers);
             __esDecorate(_a, null, _parseBody_decorators, { kind: "method", name: "parseBody", static: false, private: false, access: { has: obj => "parseBody" in obj, get: obj => obj.parseBody } }, null, _instanceExtraInitializers);
+            __esDecorate(_a, null, _get_clientIp_decorators, { kind: "getter", name: "clientIp", static: false, private: false, access: { has: obj => "clientIp" in obj, get: obj => obj.clientIp } }, null, _instanceExtraInitializers);
         })(),
         _a;
 })();

package/utils/action/Action.js

@@ -3,7 +3,8 @@
 Object.defineProperty(exports, '__esModule', { value: true });
 
 var tslib = require('tslib');
-var cookie = require('cookie');
+var cookieLib = require('cookie');
+var requestIp = require('request-ip');
 require('../decorators/index.js');
 require('../parseBody/index.js');
 require('../parseFormBody/index.js');
@@ -16,7 +17,7 @@ var once = require('../decorators/once/once.js');
 
 function _interopDefaultLegacy (e) { return e && typeof e === 'object' && 'default' in e ? e : { 'default': e }; }
 
-var cookie__default = /*#__PURE__*/_interopDefaultLegacy(cookie);
+var cookieLib__default = /*#__PURE__*/_interopDefaultLegacy(cookieLib);
 
 const URL_PARSER = /^(?<path>[^?]+)(\?(?<search>.*))?/;
 let Action = (() => {
@@ -27,9 +28,11 @@ let Action = (() => {
     let _get_originCookies_decorators;
     let _get_bodyType_decorators;
     let _parseBody_decorators;
+    let _get_clientIp_decorators;
     return _a = class Action {
-            constructor(req) {
+            constructor(req, res) {
                 this.req = (tslib.__runInitializers(this, _instanceExtraInitializers), req);
+                this.res = res;
                 _Action_search.set(this, void 0);
                 _Action_headers.set(this, {});
                 _Action_cookie.set(this, {});
@@ -74,7 +77,7 @@ let Action = (() => {
             }
             get originCookies() {
                 var _a;
-                return cookie__default["default"].parse((_a = this.req.headers.cookie) !== null && _a !== void 0 ? _a : '');
+                return cookieLib__default["default"].parse((_a = this.req.headers.cookie) !== null && _a !== void 0 ? _a : '');
             }
             get cookies() {
                 if (tslib.__classPrivateFieldGet(this, _Action_cookie, "f"))
@@ -111,6 +114,23 @@ let Action = (() => {
                     }
                 });
             }
+            setCookie(name, value, options) {
+                let cookies = this.res.getHeader('Set-Cookie');
+                if (typeof cookies === 'string') {
+                    cookies = [cookies];
+                }
+                const normValue = typeof value === 'string' ? cookieLib__default["default"].serialize(name, value, options) : `${name}=; max-age=0`;
+                if (cookies) {
+                    cookies.push(normValue);
+                }
+                else {
+                    cookies = normValue;
+                }
+                this.res.setHeader('Set-Cookie', cookies);
+            }
+            get clientIp() {
+                return requestIp.getClientIp(this.req);
+            }
         },
         _Action_search = new WeakMap(),
         _Action_headers = new WeakMap(),
@@ -121,11 +141,13 @@ let Action = (() => {
             _get_originCookies_decorators = [once.once];
             _get_bodyType_decorators = [once.once];
             _parseBody_decorators = [once.once];
+            _get_clientIp_decorators = [once.once];
             tslib.__esDecorate(_a, null, _get_parsedUrl_decorators, { kind: "getter", name: "parsedUrl", static: false, private: false, access: { has: obj => "parsedUrl" in obj, get: obj => obj.parsedUrl } }, null, _instanceExtraInitializers);
             tslib.__esDecorate(_a, null, _get_originSearch_decorators, { kind: "getter", name: "originSearch", static: false, private: false, access: { has: obj => "originSearch" in obj, get: obj => obj.originSearch } }, null, _instanceExtraInitializers);
             tslib.__esDecorate(_a, null, _get_originCookies_decorators, { kind: "getter", name: "originCookies", static: false, private: false, access: { has: obj => "originCookies" in obj, get: obj => obj.originCookies } }, null, _instanceExtraInitializers);
             tslib.__esDecorate(_a, null, _get_bodyType_decorators, { kind: "getter", name: "bodyType", static: false, private: false, access: { has: obj => "bodyType" in obj, get: obj => obj.bodyType } }, null, _instanceExtraInitializers);
             tslib.__esDecorate(_a, null, _parseBody_decorators, { kind: "method", name: "parseBody", static: false, private: false, access: { has: obj => "parseBody" in obj, get: obj => obj.parseBody } }, null, _instanceExtraInitializers);
+            tslib.__esDecorate(_a, null, _get_clientIp_decorators, { kind: "getter", name: "clientIp", static: false, private: false, access: { has: obj => "clientIp" in obj, get: obj => obj.clientIp } }, null, _instanceExtraInitializers);
         })(),
         _a;
 })();