@maroonedsoftware/koa 1.0.0 → 1.1.0

package/README.md

@@ -1,91 +1,138 @@
-# @maroonedsoftware/logger
+# @maroonedsoftware/koa
 
-A simple, dependency injection friendly logging abstraction with multiple log levels.
+Koa utilities and middleware for ServerKit: typed context, router, CORS, error handling, rate limiting, body parsing, and request-scoped DI via [injectkit](https://www.npmjs.com/package/injectkit).
 
 ## Installation
 
 ```bash
-pnpm add @maroonedsoftware/logger
+pnpm add @maroonedsoftware/koa koa @koa/router @koa/cors
 ```
 
-## Usage
-
-### Basic Usage
-
-```typescript
-import { ConsoleLogger } from '@maroonedsoftware/logger';
+Peer dependencies: `koa`, `@koa/router`, `@koa/cors`.
 
-const logger = new ConsoleLogger();
+## Features
 
-logger.error('Something went wrong', { details: 'error context' });
-logger.warn('This might be a problem');
-logger.info('Application started');
-logger.debug('Processing request', requestData);
-logger.trace('Entering function');
-```
+- **ServerKitContext** — Koa context extended with `container`, `logger`, `requestId`, `correlationId`, and related request metadata
+- **ServerKitRouter** — Router typed for `ServerKitContext`
+- **ServerKitMiddleware** — Middleware type bound to `ServerKitContext`
+- **serverKitContextMiddleware** — Populates context with scoped container, logger, and request/correlation IDs
+- **corsMiddleware** — CORS headers with `'*'`, string, or RegExp origin matching
+- **errorMiddleware** — Central error handler; maps HTTP errors to status/body, 404 for unmatched routes, 500 for unknown errors
+- **rateLimiterMiddleware** — Per-IP rate limiting via `rate-limiter-flexible` (429 when exceeded)
+- **bodyParserMiddleware** — Parses JSON, form, text, multipart, or raw body by allowed content types
 
-### With Dependency Injection
+## Usage
 
-The `Logger` abstract class is decorated with `@Injectable()` from [injectkit](https://www.npmjs.com/package/injectkit), making it easy to use with DI containers:
+### Basic setup
 
 ```typescript
-import 'reflect-metadata';
+import Koa from 'koa';
 import { InjectKitRegistry } from 'injectkit';
 import { Logger, ConsoleLogger } from '@maroonedsoftware/logger';
+import { ServerKitRouter, serverKitContextMiddleware, corsMiddleware, errorMiddleware, bodyParserMiddleware } from '@maroonedsoftware/koa';
 
-// Set up dependency injection registry
 const diRegistry = new InjectKitRegistry();
 diRegistry.register(Logger).useClass(ConsoleLogger).asSingleton();
-
-// Build the container
 const container = diRegistry.build();
 
-// Resolve the logger
-const logger = container.get(Logger);
-logger.info('Application started');
-```
+const app = new Koa();
+const router = new ServerKitRouter();
 
-In your services, use constructor injection:
+app.use(errorMiddleware());
+app.use(serverKitContextMiddleware(container));
+app.use(corsMiddleware({ origin: ['*'] }));
 
-```typescript
-import { Injectable } from 'injectkit';
-import { Logger } from '@maroonedsoftware/logger';
+router.post('/api/echo', bodyParserMiddleware(['application/json']), async ctx => {
+  ctx.body = { echoed: ctx.body, requestId: ctx.requestId };
+});
 
-@Injectable()
-class MyService {
-  constructor(private logger: Logger) {}
+app.use(router.routes()).use(router.allowedMethods());
 
-  doSomething() {
-    this.logger.info('Doing something');
-  }
-}
+app.listen(3000);
 ```
 
-## API
+### Route handlers with ServerKitContext
+
+Handlers receive `ctx` as `ServerKitContext` with `ctx.container`, `ctx.logger`, `ctx.requestId`, `ctx.correlationId`, and `ctx.userAgent`:
 
-### Logger Interface
+```typescript
+router.get('/api/users/:id', async ctx => {
+  ctx.logger.info('Fetching user', { id: ctx.params.id });
+  const user = await ctx.container.get(UserService).findById(ctx.params.id);
+  if (!user) throw httpError(404);
+  ctx.body = user;
+});
+```
 
-| Method                      | Description                   |
-| --------------------------- | ----------------------------- |
-| `error(message, ...params)` | Logs an error message         |
-| `warn(message, ...params)`  | Logs a warning message        |
-| `info(message, ...params)`  | Logs an informational message |
-| `debug(message, ...params)` | Logs a debug message          |
-| `trace(message, ...params)` | Logs a trace message          |
+### CORS
 
-### ConsoleLogger
+```typescript
+// Allow all origins
+app.use(corsMiddleware({ origin: ['*'] }));
+
+// Single origin
+app.use(corsMiddleware({ origin: ['https://app.example.com'] }));
+
+// Multiple origins or RegExps
+app.use(
+  corsMiddleware({
+    origin: ['https://app.example.com', /^https:\/\/.*\.example\.com$/],
+  }),
+);
+```
 
-A concrete implementation that outputs to the standard console. Accepts an optional `Console` instance in the constructor for custom console implementations.
+### Rate limiting
 
 ```typescript
-// Use global console (default)
-const logger = new ConsoleLogger();
+import { RateLimiterMemory } from 'rate-limiter-flexible';
+import { rateLimiterMiddleware } from '@maroonedsoftware/koa';
+
+const rateLimiter = new RateLimiterMemory({
+  points: 100,
+  duration: 60,
+});
+app.use(rateLimiterMiddleware(rateLimiter));
+```
+
+### Body parser
 
-// Use custom console
-const customConsole = { ... };
-const logger = new ConsoleLogger(customConsole);
+Allow specific content types; empty array disallows any body. Supports JSON, urlencoded, text, multipart, and raw (e.g. PDF).
+
+```typescript
+router.post('/api/upload', bodyParserMiddleware(['multipart/form-data']), async ctx => {
+  const body = ctx.body as MultipartBody;
+  // ...
+});
+
+router.post('/api/json', bodyParserMiddleware(['application/json']), async ctx => {
+  const data = ctx.body as Record<string, unknown>;
+  // ...
+});
 ```
 
+## API
+
+### ServerKitContext
+
+| Property        | Type        | Description                          |
+| --------------- | ----------- | ------------------------------------ |
+| `container`     | `Container` | Request-scoped injectkit container   |
+| `logger`        | `Logger`    | Request-scoped logger                |
+| `loggerName`    | `string`    | Logger name (e.g. request path)      |
+| `userAgent`     | `string`    | `User-Agent` header value            |
+| `correlationId` | `string`    | From `X-Correlation-Id` or generated |
+| `requestId`     | `string`    | From `X-Request-Id` or generated     |
+
+### Middleware
+
+| Middleware                              | Description                                                                                       |
+| --------------------------------------- | ------------------------------------------------------------------------------------------------- |
+| `serverKitContextMiddleware(container)` | Sets `ctx.container`, `ctx.logger`, IDs; sets `X-Correlation-Id`, `X-Request-Id` response headers |
+| `corsMiddleware(options?)`              | CORS via `@koa/cors`; `origin`: `'*'`, string, or `(string \| RegExp)[]`                          |
+| `errorMiddleware()`                     | Catches errors, maps HTTP errors to status/body, 404/500, emits app events                        |
+| `rateLimiterMiddleware(rateLimiter)`    | Consumes one token per request by IP; throws 429 when exceeded                                    |
+| `bodyParserMiddleware(contentTypes)`    | Parses body by allowed MIME types; throws 400/411/415/422 on invalid input                        |
+
 ## License
 
 MIT

package/dist/index.d.ts

@@ -1,7 +1,9 @@
 export * from './serverkit.context.js';
 export * from './serverkit.middleware.js';
 export * from './serverkit.router.js';
+export * from './middleware/server/cors.middleware.js';
 export * from './middleware/server/error.middleware.js';
-export * from './middleware/server/injectkit.middleware.js';
+export * from './middleware/server/rate.limiter.middleware.js';
+export * from './middleware/server/serverkit.context.middleware.js';
 export * from './middleware/router/body.parser.middleware.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,uBAAuB,CAAC;AACtC,cAAc,yCAAyC,CAAC;AACxD,cAAc,6CAA6C,CAAC;AAC5D,cAAc,+CAA+C,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,uBAAuB,CAAC;AACtC,cAAc,wCAAwC,CAAC;AACvD,cAAc,yCAAyC,CAAC;AACxD,cAAc,gDAAgD,CAAC;AAC/D,cAAc,qDAAqD,CAAC;AACpE,cAAc,+CAA+C,CAAC"}

package/dist/index.js

@@ -5,6 +5,40 @@ var __name = (target, value) => __defProp(target, "name", { value, configurable:
 import Router from "@koa/router";
 var ServerKitRouter = /* @__PURE__ */ __name(() => new Router(), "ServerKitRouter");
 
+// src/middleware/server/cors.middleware.ts
+import cors from "@koa/cors";
+var corsMiddleware = /* @__PURE__ */ __name((options) => {
+  const originMatcher = /* @__PURE__ */ __name((ctx) => {
+    const origin = ctx.get("origin");
+    const matchers = options?.origin ?? [
+      "*"
+    ];
+    for (const matcher of matchers) {
+      if (matcher === "*") {
+        return origin;
+      }
+      if (typeof matcher === "string") {
+        if (matcher === origin) {
+          return origin;
+        }
+        continue;
+      }
+      if (matcher.test(origin)) {
+        return origin;
+      }
+    }
+    return "";
+  }, "originMatcher");
+  return cors({
+    ...options,
+    origin: originMatcher,
+    allowMethods: options?.allowMethods ?? "GET,HEAD,PUT,POST,DELETE,PATCH",
+    secureContext: options?.secureContext ?? false,
+    keepHeadersOnError: options?.keepHeadersOnError ?? false,
+    privateNetworkAccess: options?.privateNetworkAccess ?? false
+  });
+}, "corsMiddleware");
+
 // src/middleware/server/error.middleware.ts
 import { IsHttpError } from "@maroonedsoftware/errors";
 var errorMiddleware = /* @__PURE__ */ __name(() => {
@@ -48,33 +82,55 @@ var errorMiddleware = /* @__PURE__ */ __name(() => {
   };
 }, "errorMiddleware");
 
-// src/middleware/server/injectkit.middleware.ts
+// src/middleware/server/rate.limiter.middleware.ts
+import { httpError } from "@maroonedsoftware/errors";
+var rateLimiterMiddleware = /* @__PURE__ */ __name((rateLimiter) => {
+  return async (ctx, next) => {
+    try {
+      await rateLimiter.consume(ctx.ip);
+    } catch (error) {
+      throw httpError(429).withCause(error);
+    }
+    await next();
+  };
+}, "rateLimiterMiddleware");
+
+// src/middleware/server/serverkit.context.middleware.ts
+import crypto from "crypto";
 import { Logger } from "@maroonedsoftware/logger";
-var injectkitMiddleware = /* @__PURE__ */ __name((container) => {
+var serverKitContextMiddleware = /* @__PURE__ */ __name((container) => {
   return async (ctx, next) => {
     ctx.container = container.createScopedContainer();
     ctx.logger = container.get(Logger);
+    ctx.loggerName = ctx.path;
+    ctx.userAgent = ctx.get("user-agent") ?? "";
+    ctx.correlationId = ctx.get("x-correlation-id") ?? crypto.randomUUID();
+    ctx.requestId = ctx.get("x-request-id") ?? crypto.randomUUID();
+    ctx.headers["x-correlation-id"] = ctx.correlationId;
+    ctx.set("x-correlation-id", ctx.correlationId);
+    ctx.headers["x-request-id"] = ctx.requestId;
+    ctx.set("x-request-id", ctx.requestId);
     await next();
   };
-}, "injectkitMiddleware");
+}, "serverKitContextMiddleware");
 
 // src/middleware/router/body.parser.middleware.ts
 import coBody from "co-body";
-import { httpError, IsHttpError as IsHttpError2 } from "@maroonedsoftware/errors";
+import { httpError as httpError2, IsHttpError as IsHttpError2 } from "@maroonedsoftware/errors";
 import { MultipartBody } from "@maroonedsoftware/multipart";
 import rawBody from "raw-body";
 var bodyParserMiddleware = /* @__PURE__ */ __name((contentTypes) => {
   return async (ctx, next) => {
     if (contentTypes.length === 0) {
       if (ctx.request.length > 0) {
-        throw httpError(400).withErrors({
+        throw httpError2(400).withDetails({
           body: "Unexpected body"
         });
       }
     } else {
       if (ctx.request.length > 0) {
         if (!ctx.request.is(contentTypes)) {
-          throw httpError(415).withErrors({
+          throw httpError2(415).withDetails({
             "content-type": `must be ${contentTypes.length > 1 ? "one of " : ""}${contentTypes.join(", ")}`,
             value: ctx.request.type
           });
@@ -91,7 +147,7 @@ var bodyParserMiddleware = /* @__PURE__ */ __name((contentTypes) => {
           } else if (ctx.request.is("pdf")) {
             ctx.body = await rawBody(ctx.req);
           } else {
-            throw httpError(422).withErrors({
+            throw httpError2(422).withDetails({
               body: "Unsupported media type"
             });
           }
@@ -99,12 +155,12 @@ var bodyParserMiddleware = /* @__PURE__ */ __name((contentTypes) => {
           if (IsHttpError2(error)) {
             throw error;
           }
-          throw httpError(422).withCause(error).withErrors({
+          throw httpError2(422).withCause(error).withDetails({
             body: "Invalid request body format"
           });
         }
       } else {
-        throw httpError(411);
+        throw httpError2(411);
       }
     }
     await next();
@@ -113,7 +169,9 @@ var bodyParserMiddleware = /* @__PURE__ */ __name((contentTypes) => {
 export {
   ServerKitRouter,
   bodyParserMiddleware,
+  corsMiddleware,
   errorMiddleware,
-  injectkitMiddleware
+  rateLimiterMiddleware,
+  serverKitContextMiddleware
 };
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/serverkit.router.ts","../src/middleware/server/error.middleware.ts","../src/middleware/server/injectkit.middleware.ts","../src/middleware/router/body.parser.middleware.ts"],"sourcesContent":["import { DefaultState } from 'koa';\nimport Router from '@koa/router';\nimport { ServerKitContext } from './serverkit.context.js';\n\nexport const ServerKitRouter = <StateT = DefaultState, ContextT = ServerKitContext>() => new Router<StateT, ContextT>();\n","import { ServerKitMiddleware } from '../../serverkit.middleware.js';\nimport { IsHttpError } from '@maroonedsoftware/errors';\n\nexport const errorMiddleware = (): ServerKitMiddleware => {\n  return async (ctx, next) => {\n    try {\n      await next();\n      if (ctx.status === 404 && !ctx.body) {\n        const body = {\n          statusCode: 404,\n          message: 'Not Found',\n          details: { url: ctx.URL.toString() },\n        };\n        ctx.status = 404;\n        ctx.body = body;\n        ctx.app.emit('warn', body, ctx);\n      }\n    } catch (error) {\n      if (IsHttpError(error)) {\n        ctx.status = error.statusCode;\n        ctx.body = {\n          statusCode: error.statusCode,\n          message: error.message,\n          details: error.details,\n        };\n        if (error.headers) {\n          for (const entry of Object.entries(error.headers)) {\n            ctx.set(entry[0], entry[1]);\n          }\n        }\n      } else {\n        ctx.status = 500;\n        ctx.body = {\n          statusCode: 500,\n          message: 'Internal Server Error',\n        };\n      }\n\n      ctx.app.emit('error', error, ctx);\n    }\n  };\n};\n","import { Container } from 'injectkit';\nimport { Logger } from '@maroonedsoftware/logger';\nimport { ServerKitMiddleware } from '../../serverkit.middleware.js';\n\nexport const injectkitMiddleware = (container: Container): ServerKitMiddleware => {\n  return async (ctx, next) => {\n    ctx.container = container.createScopedContainer();\n    ctx.logger = container.get(Logger);\n    await next();\n  };\n};\n","import coBody from 'co-body';\nimport { httpError, IsHttpError } from '@maroonedsoftware/errors';\nimport { MultipartBody } from '@maroonedsoftware/multipart';\nimport rawBody from 'raw-body';\nimport { ServerKitMiddleware } from '../../serverkit.middleware.js';\n\nexport const bodyParserMiddleware = (contentTypes: string[]): ServerKitMiddleware => {\n  return async (ctx, next) => {\n    if (contentTypes.length === 0) {\n      if (ctx.request.length > 0) {\n        throw httpError(400).withErrors({ body: 'Unexpected body' });\n      }\n    } else {\n      if (ctx.request.length > 0) {\n        if (!ctx.request.is(contentTypes)) {\n          throw httpError(415).withErrors({\n            'content-type': `must be ${contentTypes.length > 1 ? 'one of ' : ''}${contentTypes.join(', ')}`,\n            value: ctx.request.type,\n          });\n        }\n\n        try {\n          if (ctx.request.is('json', 'application/*+json')) {\n            ctx.body = await coBody.json(ctx);\n          } else if (ctx.request.is('urlencoded')) {\n            ctx.body = await coBody.form(ctx);\n          } else if (ctx.request.is('text/*')) {\n            ctx.body = await coBody.text(ctx);\n          } else if (ctx.request.is('multipart')) {\n            ctx.body = new MultipartBody(ctx.req);\n          } else if (ctx.request.is('pdf')) {\n            ctx.body = await rawBody(ctx.req);\n          } else {\n            throw httpError(422).withErrors({ body: 'Unsupported media type' });\n          }\n        } catch (error) {\n          if (IsHttpError(error)) {\n            throw error;\n          }\n          throw httpError(422)\n            .withCause(error as Error)\n            .withErrors({ body: 'Invalid request body format' });\n        }\n      } else {\n        throw httpError(411);\n      }\n    }\n    await next();\n  };\n};\n"],"mappings":";;;;AACA,OAAOA,YAAY;AAGZ,IAAMC,kBAAkB,6BAA0D,IAAIC,OAAAA,GAA9D;;;ACH/B,SAASC,mBAAmB;AAErB,IAAMC,kBAAkB,6BAAA;AAC7B,SAAO,OAAOC,KAAKC,SAAAA;AACjB,QAAI;AACF,YAAMA,KAAAA;AACN,UAAID,IAAIE,WAAW,OAAO,CAACF,IAAIG,MAAM;AACnC,cAAMA,OAAO;UACXC,YAAY;UACZC,SAAS;UACTC,SAAS;YAAEC,KAAKP,IAAIQ,IAAIC,SAAQ;UAAG;QACrC;AACAT,YAAIE,SAAS;AACbF,YAAIG,OAAOA;AACXH,YAAIU,IAAIC,KAAK,QAAQR,MAAMH,GAAAA;MAC7B;IACF,SAASY,OAAO;AACd,UAAIC,YAAYD,KAAAA,GAAQ;AACtBZ,YAAIE,SAASU,MAAMR;AACnBJ,YAAIG,OAAO;UACTC,YAAYQ,MAAMR;UAClBC,SAASO,MAAMP;UACfC,SAASM,MAAMN;QACjB;AACA,YAAIM,MAAME,SAAS;AACjB,qBAAWC,SAASC,OAAOC,QAAQL,MAAME,OAAO,GAAG;AACjDd,gBAAIkB,IAAIH,MAAM,CAAA,GAAIA,MAAM,CAAA,CAAE;UAC5B;QACF;MACF,OAAO;AACLf,YAAIE,SAAS;AACbF,YAAIG,OAAO;UACTC,YAAY;UACZC,SAAS;QACX;MACF;AAEAL,UAAIU,IAAIC,KAAK,SAASC,OAAOZ,GAAAA;IAC/B;EACF;AACF,GAtC+B;;;ACF/B,SAASmB,cAAc;AAGhB,IAAMC,sBAAsB,wBAACC,cAAAA;AAClC,SAAO,OAAOC,KAAKC,SAAAA;AACjBD,QAAID,YAAYA,UAAUG,sBAAqB;AAC/CF,QAAIG,SAASJ,UAAUK,IAAIC,MAAAA;AAC3B,UAAMJ,KAAAA;EACR;AACF,GANmC;;;ACJnC,OAAOK,YAAY;AACnB,SAASC,WAAWC,eAAAA,oBAAmB;AACvC,SAASC,qBAAqB;AAC9B,OAAOC,aAAa;AAGb,IAAMC,uBAAuB,wBAACC,iBAAAA;AACnC,SAAO,OAAOC,KAAKC,SAAAA;AACjB,QAAIF,aAAaG,WAAW,GAAG;AAC7B,UAAIF,IAAIG,QAAQD,SAAS,GAAG;AAC1B,cAAME,UAAU,GAAA,EAAKC,WAAW;UAAEC,MAAM;QAAkB,CAAA;MAC5D;IACF,OAAO;AACL,UAAIN,IAAIG,QAAQD,SAAS,GAAG;AAC1B,YAAI,CAACF,IAAIG,QAAQI,GAAGR,YAAAA,GAAe;AACjC,gBAAMK,UAAU,GAAA,EAAKC,WAAW;YAC9B,gBAAgB,WAAWN,aAAaG,SAAS,IAAI,YAAY,EAAA,GAAKH,aAAaS,KAAK,IAAA,CAAA;YACxFC,OAAOT,IAAIG,QAAQO;UACrB,CAAA;QACF;AAEA,YAAI;AACF,cAAIV,IAAIG,QAAQI,GAAG,QAAQ,oBAAA,GAAuB;AAChDP,gBAAIM,OAAO,MAAMK,OAAOC,KAAKZ,GAAAA;UAC/B,WAAWA,IAAIG,QAAQI,GAAG,YAAA,GAAe;AACvCP,gBAAIM,OAAO,MAAMK,OAAOE,KAAKb,GAAAA;UAC/B,WAAWA,IAAIG,QAAQI,GAAG,QAAA,GAAW;AACnCP,gBAAIM,OAAO,MAAMK,OAAOG,KAAKd,GAAAA;UAC/B,WAAWA,IAAIG,QAAQI,GAAG,WAAA,GAAc;AACtCP,gBAAIM,OAAO,IAAIS,cAAcf,IAAIgB,GAAG;UACtC,WAAWhB,IAAIG,QAAQI,GAAG,KAAA,GAAQ;AAChCP,gBAAIM,OAAO,MAAMW,QAAQjB,IAAIgB,GAAG;UAClC,OAAO;AACL,kBAAMZ,UAAU,GAAA,EAAKC,WAAW;cAAEC,MAAM;YAAyB,CAAA;UACnE;QACF,SAASY,OAAO;AACd,cAAIC,aAAYD,KAAAA,GAAQ;AACtB,kBAAMA;UACR;AACA,gBAAMd,UAAU,GAAA,EACbgB,UAAUF,KAAAA,EACVb,WAAW;YAAEC,MAAM;UAA8B,CAAA;QACtD;MACF,OAAO;AACL,cAAMF,UAAU,GAAA;MAClB;IACF;AACA,UAAMH,KAAAA;EACR;AACF,GA3CoC;","names":["Router","ServerKitRouter","Router","IsHttpError","errorMiddleware","ctx","next","status","body","statusCode","message","details","url","URL","toString","app","emit","error","IsHttpError","headers","entry","Object","entries","set","Logger","injectkitMiddleware","container","ctx","next","createScopedContainer","logger","get","Logger","coBody","httpError","IsHttpError","MultipartBody","rawBody","bodyParserMiddleware","contentTypes","ctx","next","length","request","httpError","withErrors","body","is","join","value","type","coBody","json","form","text","MultipartBody","req","rawBody","error","IsHttpError","withCause"]}
+{"version":3,"sources":["../src/serverkit.router.ts","../src/middleware/server/cors.middleware.ts","../src/middleware/server/error.middleware.ts","../src/middleware/server/rate.limiter.middleware.ts","../src/middleware/server/serverkit.context.middleware.ts","../src/middleware/router/body.parser.middleware.ts"],"sourcesContent":["import { DefaultState } from 'koa';\nimport Router from '@koa/router';\nimport { ServerKitContext } from './serverkit.context.js';\n\n/**\n * Creates a new Koa router typed for ServerKit state and context.\n * Use with {@link ServerKitContext} for full typing of `ctx` in route handlers.\n *\n * @typeParam StateT - Koa state type (defaults to `DefaultState`).\n * @typeParam ContextT - Context type (defaults to `ServerKitContext`).\n * @returns A new {@link Router} instance.\n */\nexport const ServerKitRouter = <StateT = DefaultState, ContextT = ServerKitContext>() => new Router<StateT, ContextT>();\n","import cors from '@koa/cors';\nimport { ServerKitMiddleware } from '../../serverkit.middleware.js';\nimport { Context } from 'koa';\n\n/**\n * CORS options for {@link corsMiddleware}.\n * Extends `@koa/cors` options with an `origin` that may be a string or array of strings/RegExps.\n */\nexport interface CorsOptions extends Omit<cors.Options, 'origin'> {\n  /** Allowed origin(s): `'*'`, a single origin string, or an array of strings/RegExps to match. */\n  origin?: string | (string | RegExp)[];\n}\n\n/**\n * Adds CORS headers to responses using `@koa/cors` with ServerKit-compatible origin matching.\n * Supports `'*'`, exact string origins, and RegExp patterns.\n *\n * @param options - Optional {@link CorsOptions}; defaults to `GET,HEAD,PUT,POST,DELETE,PATCH` methods.\n * @returns {@link ServerKitMiddleware} that applies CORS headers.\n */\nexport const corsMiddleware = (options?: CorsOptions): ServerKitMiddleware => {\n  // return the request origin as its own matcher to support RegExp\n  const originMatcher = (ctx: Context): string => {\n    const origin = ctx.get('origin');\n    const matchers = options?.origin ?? ['*'];\n    for (const matcher of matchers) {\n      if (matcher === '*') {\n        return origin;\n      }\n\n      if (typeof matcher === 'string') {\n        if (matcher === origin) {\n          return origin;\n        }\n        continue;\n      }\n\n      if (matcher.test(origin)) {\n        return origin;\n      }\n    }\n\n    // return the zero value to prevent matches\n    return '';\n  };\n\n  return cors({\n    ...options,\n    origin: originMatcher,\n    allowMethods: options?.allowMethods ?? 'GET,HEAD,PUT,POST,DELETE,PATCH',\n    secureContext: options?.secureContext ?? false,\n    keepHeadersOnError: options?.keepHeadersOnError ?? false,\n    privateNetworkAccess: options?.privateNetworkAccess ?? false,\n  });\n};\n","import { ServerKitMiddleware } from '../../serverkit.middleware.js';\nimport { IsHttpError } from '@maroonedsoftware/errors';\n\n/**\n * Central error handler: catches thrown errors, sets status/body from HTTP errors,\n * returns 404 for unmatched routes, and 500 for unknown errors.\n * Emits `error` or `warn` on the app for logging.\n *\n * @returns {@link ServerKitMiddleware} that wraps the stack in try/catch and normalizes responses.\n */\nexport const errorMiddleware = (): ServerKitMiddleware => {\n  return async (ctx, next) => {\n    try {\n      await next();\n      if (ctx.status === 404 && !ctx.body) {\n        const body = {\n          statusCode: 404,\n          message: 'Not Found',\n          details: { url: ctx.URL.toString() },\n        };\n        ctx.status = 404;\n        ctx.body = body;\n        ctx.app.emit('warn', body, ctx);\n      }\n    } catch (error) {\n      if (IsHttpError(error)) {\n        ctx.status = error.statusCode;\n        ctx.body = {\n          statusCode: error.statusCode,\n          message: error.message,\n          details: error.details,\n        };\n        if (error.headers) {\n          for (const entry of Object.entries(error.headers)) {\n            ctx.set(entry[0], entry[1]);\n          }\n        }\n      } else {\n        ctx.status = 500;\n        ctx.body = {\n          statusCode: 500,\n          message: 'Internal Server Error',\n        };\n      }\n\n      ctx.app.emit('error', error, ctx);\n    }\n  };\n};\n","import { RateLimiterAbstract } from 'rate-limiter-flexible';\nimport { ServerKitMiddleware } from '../../serverkit.middleware.js';\nimport { httpError } from '@maroonedsoftware/errors';\n\n/**\n * Enforces rate limiting per client IP using a `rate-limiter-flexible` instance.\n * Consumes one token per request; throws HTTP 429 when the limit is exceeded.\n *\n * @param rateLimiter - A {@link RateLimiterAbstract} instance (e.g. `RateLimiterMemory`, `RateLimiterRedis`).\n * @returns {@link ServerKitMiddleware} that consumes a token and continues or throws 429.\n */\nexport const rateLimiterMiddleware = (rateLimiter: RateLimiterAbstract): ServerKitMiddleware => {\n  return async (ctx, next) => {\n    try {\n      await rateLimiter.consume(ctx.ip);\n    } catch (error) {\n      throw httpError(429).withCause(error as Error);\n    }\n\n    await next();\n  };\n};\n","import crypto from 'crypto';\nimport { Container } from 'injectkit';\nimport { Logger } from '@maroonedsoftware/logger';\nimport { ServerKitMiddleware } from '../../serverkit.middleware.js';\n\n/**\n * Populates {@link ServerKitContext} for each request: scoped container, logger,\n * logger name, user-agent, correlation ID, and request ID.\n * Reads or generates `X-Correlation-Id` and `X-Request-Id` and sets response headers.\n * Should be applied early so downstream middleware and routes can use `ctx.container` and `ctx.logger`.\n *\n * @param container - Root injectkit {@link Container} used to create a scoped container and resolve {@link Logger}.\n * @returns {@link ServerKitMiddleware} that attaches ServerKit context to `ctx`.\n */\nexport const serverKitContextMiddleware = (container: Container): ServerKitMiddleware => {\n  return async (ctx, next) => {\n    ctx.container = container.createScopedContainer();\n    ctx.logger = container.get(Logger);\n    ctx.loggerName = ctx.path;\n\n    ctx.userAgent = ctx.get('user-agent') ?? '';\n    ctx.correlationId = ctx.get('x-correlation-id') ?? crypto.randomUUID();\n    ctx.requestId = ctx.get('x-request-id') ?? crypto.randomUUID();\n\n    ctx.headers['x-correlation-id'] = ctx.correlationId;\n    ctx.set('x-correlation-id', ctx.correlationId);\n\n    ctx.headers['x-request-id'] = ctx.requestId;\n    ctx.set('x-request-id', ctx.requestId);\n\n    await next();\n  };\n};\n","import coBody from 'co-body';\nimport { httpError, IsHttpError } from '@maroonedsoftware/errors';\nimport { MultipartBody } from '@maroonedsoftware/multipart';\nimport rawBody from 'raw-body';\nimport { ServerKitMiddleware } from '../../serverkit.middleware.js';\n\n/**\n * Parses the request body based on `Content-Type` and assigns it to `ctx.body`.\n * Rejects requests with unexpected or unsupported content types.\n *\n * Supported types: JSON, URL-encoded form, text, multipart, PDF (raw buffer).\n * Requires a body when `contentTypes` is non-empty; otherwise rejects bodies.\n *\n * @param contentTypes - Allowed MIME types (e.g. `['application/json', 'application/x-www-form-urlencoded']`).\n *   Use an empty array to disallow any request body.\n * @returns {@link ServerKitMiddleware} that parses the body and sets `ctx.body`.\n * @throws HTTP 400 if body is present when no content types are allowed.\n * @throws HTTP 411 if body is required but missing.\n * @throws HTTP 415 if `Content-Type` is not in `contentTypes`.\n * @throws HTTP 422 if body is invalid or media type is unsupported.\n */\nexport const bodyParserMiddleware = (contentTypes: string[]): ServerKitMiddleware => {\n  return async (ctx, next) => {\n    if (contentTypes.length === 0) {\n      if (ctx.request.length > 0) {\n        throw httpError(400).withDetails({ body: 'Unexpected body' });\n      }\n    } else {\n      if (ctx.request.length > 0) {\n        if (!ctx.request.is(contentTypes)) {\n          throw httpError(415).withDetails({\n            'content-type': `must be ${contentTypes.length > 1 ? 'one of ' : ''}${contentTypes.join(', ')}`,\n            value: ctx.request.type,\n          });\n        }\n\n        try {\n          if (ctx.request.is('json', 'application/*+json')) {\n            ctx.body = await coBody.json(ctx);\n          } else if (ctx.request.is('urlencoded')) {\n            ctx.body = await coBody.form(ctx);\n          } else if (ctx.request.is('text/*')) {\n            ctx.body = await coBody.text(ctx);\n          } else if (ctx.request.is('multipart')) {\n            ctx.body = new MultipartBody(ctx.req);\n          } else if (ctx.request.is('pdf')) {\n            ctx.body = await rawBody(ctx.req);\n          } else {\n            throw httpError(422).withDetails({ body: 'Unsupported media type' });\n          }\n        } catch (error) {\n          if (IsHttpError(error)) {\n            throw error;\n          }\n          throw httpError(422)\n            .withCause(error as Error)\n            .withDetails({ body: 'Invalid request body format' });\n        }\n      } else {\n        throw httpError(411);\n      }\n    }\n    await next();\n  };\n};\n"],"mappings":";;;;AACA,OAAOA,YAAY;AAWZ,IAAMC,kBAAkB,6BAA0D,IAAIC,OAAAA,GAA9D;;;ACZ/B,OAAOC,UAAU;AAoBV,IAAMC,iBAAiB,wBAACC,YAAAA;AAE7B,QAAMC,gBAAgB,wBAACC,QAAAA;AACrB,UAAMC,SAASD,IAAIE,IAAI,QAAA;AACvB,UAAMC,WAAWL,SAASG,UAAU;MAAC;;AACrC,eAAWG,WAAWD,UAAU;AAC9B,UAAIC,YAAY,KAAK;AACnB,eAAOH;MACT;AAEA,UAAI,OAAOG,YAAY,UAAU;AAC/B,YAAIA,YAAYH,QAAQ;AACtB,iBAAOA;QACT;AACA;MACF;AAEA,UAAIG,QAAQC,KAAKJ,MAAAA,GAAS;AACxB,eAAOA;MACT;IACF;AAGA,WAAO;EACT,GAtBsB;AAwBtB,SAAOK,KAAK;IACV,GAAGR;IACHG,QAAQF;IACRQ,cAAcT,SAASS,gBAAgB;IACvCC,eAAeV,SAASU,iBAAiB;IACzCC,oBAAoBX,SAASW,sBAAsB;IACnDC,sBAAsBZ,SAASY,wBAAwB;EACzD,CAAA;AACF,GAlC8B;;;ACnB9B,SAASC,mBAAmB;AASrB,IAAMC,kBAAkB,6BAAA;AAC7B,SAAO,OAAOC,KAAKC,SAAAA;AACjB,QAAI;AACF,YAAMA,KAAAA;AACN,UAAID,IAAIE,WAAW,OAAO,CAACF,IAAIG,MAAM;AACnC,cAAMA,OAAO;UACXC,YAAY;UACZC,SAAS;UACTC,SAAS;YAAEC,KAAKP,IAAIQ,IAAIC,SAAQ;UAAG;QACrC;AACAT,YAAIE,SAAS;AACbF,YAAIG,OAAOA;AACXH,YAAIU,IAAIC,KAAK,QAAQR,MAAMH,GAAAA;MAC7B;IACF,SAASY,OAAO;AACd,UAAIC,YAAYD,KAAAA,GAAQ;AACtBZ,YAAIE,SAASU,MAAMR;AACnBJ,YAAIG,OAAO;UACTC,YAAYQ,MAAMR;UAClBC,SAASO,MAAMP;UACfC,SAASM,MAAMN;QACjB;AACA,YAAIM,MAAME,SAAS;AACjB,qBAAWC,SAASC,OAAOC,QAAQL,MAAME,OAAO,GAAG;AACjDd,gBAAIkB,IAAIH,MAAM,CAAA,GAAIA,MAAM,CAAA,CAAE;UAC5B;QACF;MACF,OAAO;AACLf,YAAIE,SAAS;AACbF,YAAIG,OAAO;UACTC,YAAY;UACZC,SAAS;QACX;MACF;AAEAL,UAAIU,IAAIC,KAAK,SAASC,OAAOZ,GAAAA;IAC/B;EACF;AACF,GAtC+B;;;ACR/B,SAASmB,iBAAiB;AASnB,IAAMC,wBAAwB,wBAACC,gBAAAA;AACpC,SAAO,OAAOC,KAAKC,SAAAA;AACjB,QAAI;AACF,YAAMF,YAAYG,QAAQF,IAAIG,EAAE;IAClC,SAASC,OAAO;AACd,YAAMC,UAAU,GAAA,EAAKC,UAAUF,KAAAA;IACjC;AAEA,UAAMH,KAAAA;EACR;AACF,GAVqC;;;ACXrC,OAAOM,YAAY;AAEnB,SAASC,cAAc;AAYhB,IAAMC,6BAA6B,wBAACC,cAAAA;AACzC,SAAO,OAAOC,KAAKC,SAAAA;AACjBD,QAAID,YAAYA,UAAUG,sBAAqB;AAC/CF,QAAIG,SAASJ,UAAUK,IAAIC,MAAAA;AAC3BL,QAAIM,aAAaN,IAAIO;AAErBP,QAAIQ,YAAYR,IAAII,IAAI,YAAA,KAAiB;AACzCJ,QAAIS,gBAAgBT,IAAII,IAAI,kBAAA,KAAuBM,OAAOC,WAAU;AACpEX,QAAIY,YAAYZ,IAAII,IAAI,cAAA,KAAmBM,OAAOC,WAAU;AAE5DX,QAAIa,QAAQ,kBAAA,IAAsBb,IAAIS;AACtCT,QAAIc,IAAI,oBAAoBd,IAAIS,aAAa;AAE7CT,QAAIa,QAAQ,cAAA,IAAkBb,IAAIY;AAClCZ,QAAIc,IAAI,gBAAgBd,IAAIY,SAAS;AAErC,UAAMX,KAAAA;EACR;AACF,GAlB0C;;;ACd1C,OAAOc,YAAY;AACnB,SAASC,aAAAA,YAAWC,eAAAA,oBAAmB;AACvC,SAASC,qBAAqB;AAC9B,OAAOC,aAAa;AAkBb,IAAMC,uBAAuB,wBAACC,iBAAAA;AACnC,SAAO,OAAOC,KAAKC,SAAAA;AACjB,QAAIF,aAAaG,WAAW,GAAG;AAC7B,UAAIF,IAAIG,QAAQD,SAAS,GAAG;AAC1B,cAAME,WAAU,GAAA,EAAKC,YAAY;UAAEC,MAAM;QAAkB,CAAA;MAC7D;IACF,OAAO;AACL,UAAIN,IAAIG,QAAQD,SAAS,GAAG;AAC1B,YAAI,CAACF,IAAIG,QAAQI,GAAGR,YAAAA,GAAe;AACjC,gBAAMK,WAAU,GAAA,EAAKC,YAAY;YAC/B,gBAAgB,WAAWN,aAAaG,SAAS,IAAI,YAAY,EAAA,GAAKH,aAAaS,KAAK,IAAA,CAAA;YACxFC,OAAOT,IAAIG,QAAQO;UACrB,CAAA;QACF;AAEA,YAAI;AACF,cAAIV,IAAIG,QAAQI,GAAG,QAAQ,oBAAA,GAAuB;AAChDP,gBAAIM,OAAO,MAAMK,OAAOC,KAAKZ,GAAAA;UAC/B,WAAWA,IAAIG,QAAQI,GAAG,YAAA,GAAe;AACvCP,gBAAIM,OAAO,MAAMK,OAAOE,KAAKb,GAAAA;UAC/B,WAAWA,IAAIG,QAAQI,GAAG,QAAA,GAAW;AACnCP,gBAAIM,OAAO,MAAMK,OAAOG,KAAKd,GAAAA;UAC/B,WAAWA,IAAIG,QAAQI,GAAG,WAAA,GAAc;AACtCP,gBAAIM,OAAO,IAAIS,cAAcf,IAAIgB,GAAG;UACtC,WAAWhB,IAAIG,QAAQI,GAAG,KAAA,GAAQ;AAChCP,gBAAIM,OAAO,MAAMW,QAAQjB,IAAIgB,GAAG;UAClC,OAAO;AACL,kBAAMZ,WAAU,GAAA,EAAKC,YAAY;cAAEC,MAAM;YAAyB,CAAA;UACpE;QACF,SAASY,OAAO;AACd,cAAIC,aAAYD,KAAAA,GAAQ;AACtB,kBAAMA;UACR;AACA,gBAAMd,WAAU,GAAA,EACbgB,UAAUF,KAAAA,EACVb,YAAY;YAAEC,MAAM;UAA8B,CAAA;QACvD;MACF,OAAO;AACL,cAAMF,WAAU,GAAA;MAClB;IACF;AACA,UAAMH,KAAAA;EACR;AACF,GA3CoC;","names":["Router","ServerKitRouter","Router","cors","corsMiddleware","options","originMatcher","ctx","origin","get","matchers","matcher","test","cors","allowMethods","secureContext","keepHeadersOnError","privateNetworkAccess","IsHttpError","errorMiddleware","ctx","next","status","body","statusCode","message","details","url","URL","toString","app","emit","error","IsHttpError","headers","entry","Object","entries","set","httpError","rateLimiterMiddleware","rateLimiter","ctx","next","consume","ip","error","httpError","withCause","crypto","Logger","serverKitContextMiddleware","container","ctx","next","createScopedContainer","logger","get","Logger","loggerName","path","userAgent","correlationId","crypto","randomUUID","requestId","headers","set","coBody","httpError","IsHttpError","MultipartBody","rawBody","bodyParserMiddleware","contentTypes","ctx","next","length","request","httpError","withDetails","body","is","join","value","type","coBody","json","form","text","MultipartBody","req","rawBody","error","IsHttpError","withCause"]}

package/dist/middleware/router/body.parser.middleware.d.ts

@@ -1,3 +1,18 @@
 import { ServerKitMiddleware } from '../../serverkit.middleware.js';
+/**
+ * Parses the request body based on `Content-Type` and assigns it to `ctx.body`.
+ * Rejects requests with unexpected or unsupported content types.
+ *
+ * Supported types: JSON, URL-encoded form, text, multipart, PDF (raw buffer).
+ * Requires a body when `contentTypes` is non-empty; otherwise rejects bodies.
+ *
+ * @param contentTypes - Allowed MIME types (e.g. `['application/json', 'application/x-www-form-urlencoded']`).
+ *   Use an empty array to disallow any request body.
+ * @returns {@link ServerKitMiddleware} that parses the body and sets `ctx.body`.
+ * @throws HTTP 400 if body is present when no content types are allowed.
+ * @throws HTTP 411 if body is required but missing.
+ * @throws HTTP 415 if `Content-Type` is not in `contentTypes`.
+ * @throws HTTP 422 if body is invalid or media type is unsupported.
+ */
 export declare const bodyParserMiddleware: (contentTypes: string[]) => ServerKitMiddleware;
 //# sourceMappingURL=body.parser.middleware.d.ts.map

package/dist/middleware/router/body.parser.middleware.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"body.parser.middleware.d.ts","sourceRoot":"","sources":["../../../src/middleware/router/body.parser.middleware.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAEpE,eAAO,MAAM,oBAAoB,GAAI,cAAc,MAAM,EAAE,KAAG,mBA2C7D,CAAC"}
+{"version":3,"file":"body.parser.middleware.d.ts","sourceRoot":"","sources":["../../../src/middleware/router/body.parser.middleware.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAEpE;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,oBAAoB,GAAI,cAAc,MAAM,EAAE,KAAG,mBA2C7D,CAAC"}

package/dist/middleware/server/cors.middleware.d.ts

@@ -0,0 +1,19 @@
+import cors from '@koa/cors';
+import { ServerKitMiddleware } from '../../serverkit.middleware.js';
+/**
+ * CORS options for {@link corsMiddleware}.
+ * Extends `@koa/cors` options with an `origin` that may be a string or array of strings/RegExps.
+ */
+export interface CorsOptions extends Omit<cors.Options, 'origin'> {
+    /** Allowed origin(s): `'*'`, a single origin string, or an array of strings/RegExps to match. */
+    origin?: string | (string | RegExp)[];
+}
+/**
+ * Adds CORS headers to responses using `@koa/cors` with ServerKit-compatible origin matching.
+ * Supports `'*'`, exact string origins, and RegExp patterns.
+ *
+ * @param options - Optional {@link CorsOptions}; defaults to `GET,HEAD,PUT,POST,DELETE,PATCH` methods.
+ * @returns {@link ServerKitMiddleware} that applies CORS headers.
+ */
+export declare const corsMiddleware: (options?: CorsOptions) => ServerKitMiddleware;
+//# sourceMappingURL=cors.middleware.d.ts.map

package/dist/middleware/server/cors.middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cors.middleware.d.ts","sourceRoot":"","sources":["../../../src/middleware/server/cors.middleware.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAGpE;;;GAGG;AACH,MAAM,WAAW,WAAY,SAAQ,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC;IAC/D,iGAAiG;IACjG,MAAM,CAAC,EAAE,MAAM,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;CACvC;AAED;;;;;;GAMG;AACH,eAAO,MAAM,cAAc,GAAI,UAAU,WAAW,KAAG,mBAkCtD,CAAC"}

package/dist/middleware/server/error.middleware.d.ts

@@ -1,3 +1,10 @@
 import { ServerKitMiddleware } from '../../serverkit.middleware.js';
+/**
+ * Central error handler: catches thrown errors, sets status/body from HTTP errors,
+ * returns 404 for unmatched routes, and 500 for unknown errors.
+ * Emits `error` or `warn` on the app for logging.
+ *
+ * @returns {@link ServerKitMiddleware} that wraps the stack in try/catch and normalizes responses.
+ */
 export declare const errorMiddleware: () => ServerKitMiddleware;
 //# sourceMappingURL=error.middleware.d.ts.map

package/dist/middleware/server/error.middleware.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"error.middleware.d.ts","sourceRoot":"","sources":["../../../src/middleware/server/error.middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAGpE,eAAO,MAAM,eAAe,QAAO,mBAsClC,CAAC"}
+{"version":3,"file":"error.middleware.d.ts","sourceRoot":"","sources":["../../../src/middleware/server/error.middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAGpE;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,QAAO,mBAsClC,CAAC"}

package/dist/middleware/server/rate.limiter.middleware.d.ts

@@ -0,0 +1,11 @@
+import { RateLimiterAbstract } from 'rate-limiter-flexible';
+import { ServerKitMiddleware } from '../../serverkit.middleware.js';
+/**
+ * Enforces rate limiting per client IP using a `rate-limiter-flexible` instance.
+ * Consumes one token per request; throws HTTP 429 when the limit is exceeded.
+ *
+ * @param rateLimiter - A {@link RateLimiterAbstract} instance (e.g. `RateLimiterMemory`, `RateLimiterRedis`).
+ * @returns {@link ServerKitMiddleware} that consumes a token and continues or throws 429.
+ */
+export declare const rateLimiterMiddleware: (rateLimiter: RateLimiterAbstract) => ServerKitMiddleware;
+//# sourceMappingURL=rate.limiter.middleware.d.ts.map

package/dist/middleware/server/rate.limiter.middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate.limiter.middleware.d.ts","sourceRoot":"","sources":["../../../src/middleware/server/rate.limiter.middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAGpE;;;;;;GAMG;AACH,eAAO,MAAM,qBAAqB,GAAI,aAAa,mBAAmB,KAAG,mBAUxE,CAAC"}

package/dist/middleware/server/serverkit.context.middleware.d.ts

@@ -0,0 +1,13 @@
+import { Container } from 'injectkit';
+import { ServerKitMiddleware } from '../../serverkit.middleware.js';
+/**
+ * Populates {@link ServerKitContext} for each request: scoped container, logger,
+ * logger name, user-agent, correlation ID, and request ID.
+ * Reads or generates `X-Correlation-Id` and `X-Request-Id` and sets response headers.
+ * Should be applied early so downstream middleware and routes can use `ctx.container` and `ctx.logger`.
+ *
+ * @param container - Root injectkit {@link Container} used to create a scoped container and resolve {@link Logger}.
+ * @returns {@link ServerKitMiddleware} that attaches ServerKit context to `ctx`.
+ */
+export declare const serverKitContextMiddleware: (container: Container) => ServerKitMiddleware;
+//# sourceMappingURL=serverkit.context.middleware.d.ts.map

package/dist/middleware/server/serverkit.context.middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"serverkit.context.middleware.d.ts","sourceRoot":"","sources":["../../../src/middleware/server/serverkit.context.middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAEtC,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAEpE;;;;;;;;GAQG;AACH,eAAO,MAAM,0BAA0B,GAAI,WAAW,SAAS,KAAG,mBAkBjE,CAAC"}

package/dist/serverkit.context.d.ts

@@ -1,8 +1,26 @@
 import { Context } from 'koa';
 import { Container } from 'injectkit';
 import { Logger } from '@maroonedsoftware/logger';
+/**
+ * Koa context extended with ServerKit request-scoped services and metadata.
+ * Populated by {@link serverKitContextMiddleware}.
+ * Use this as the context type for route handlers to get full typing of `ctx.container`, `ctx.logger`, and request IDs.
+ *
+ * @extends Context
+ * @see {@link serverKitContextMiddleware} – middleware that populates this context on each request
+ */
 export interface ServerKitContext extends Context {
+    /** Scoped injectkit container for this request; use for request-scoped DI. */
     container: Container;
+    /** Request-scoped logger instance. */
     logger: Logger;
+    /** Logger name for this request (e.g. request path or route identifier). */
+    loggerName: string;
+    /** Value of the `User-Agent` request header, or empty string if absent. */
+    userAgent: string;
+    /** Correlation ID for tracing; from `X-Correlation-Id` header or generated. */
+    correlationId: string;
+    /** Request ID; from `X-Request-Id` header or generated. */
+    requestId: string;
 }
 //# sourceMappingURL=serverkit.context.d.ts.map

package/dist/serverkit.context.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"serverkit.context.d.ts","sourceRoot":"","sources":["../src/serverkit.context.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,KAAK,CAAC;AAC9B,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,MAAM,EAAE,MAAM,0BAA0B,CAAC;AAElD,MAAM,WAAW,gBAAiB,SAAQ,OAAO;IAC/C,SAAS,EAAE,SAAS,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;CAChB"}
+{"version":3,"file":"serverkit.context.d.ts","sourceRoot":"","sources":["../src/serverkit.context.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,KAAK,CAAC;AAC9B,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,MAAM,EAAE,MAAM,0BAA0B,CAAC;AAElD;;;;;;;GAOG;AACH,MAAM,WAAW,gBAAiB,SAAQ,OAAO;IAC/C,8EAA8E;IAC9E,SAAS,EAAE,SAAS,CAAC;IACrB,sCAAsC;IACtC,MAAM,EAAE,MAAM,CAAC;IACf,4EAA4E;IAC5E,UAAU,EAAE,MAAM,CAAC;IACnB,2EAA2E;IAC3E,SAAS,EAAE,MAAM,CAAC;IAClB,+EAA+E;IAC/E,aAAa,EAAE,MAAM,CAAC;IACtB,2DAA2D;IAC3D,SAAS,EAAE,MAAM,CAAC;CACnB"}

package/dist/serverkit.middleware.d.ts

@@ -1,4 +1,12 @@
 import { DefaultState, Middleware } from 'koa';
 import { ServerKitContext } from './serverkit.context.js';
+/**
+ * Koa middleware type bound to {@link ServerKitContext}.
+ * Use this for middleware that relies on ServerKit context (container, logger, etc.).
+ *
+ * @typeParam ResponseBody - Type of the response body (defaults to `unknown`).
+ * @typeParam State - Koa state type (defaults to `DefaultState`).
+ * @typeParam Context - Context type (defaults to `ServerKitContext`).
+ */
 export type ServerKitMiddleware<ResponseBody = unknown, State = DefaultState, Context extends ServerKitContext = ServerKitContext> = Middleware<State, Context, ResponseBody>;
 //# sourceMappingURL=serverkit.middleware.d.ts.map

package/dist/serverkit.middleware.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"serverkit.middleware.d.ts","sourceRoot":"","sources":["../src/serverkit.middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,KAAK,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D,MAAM,MAAM,mBAAmB,CAAC,YAAY,GAAG,OAAO,EAAE,KAAK,GAAG,YAAY,EAAE,OAAO,SAAS,gBAAgB,GAAG,gBAAgB,IAAI,UAAU,CAC7I,KAAK,EACL,OAAO,EACP,YAAY,CACb,CAAC"}
+{"version":3,"file":"serverkit.middleware.d.ts","sourceRoot":"","sources":["../src/serverkit.middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,KAAK,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D;;;;;;;GAOG;AACH,MAAM,MAAM,mBAAmB,CAAC,YAAY,GAAG,OAAO,EAAE,KAAK,GAAG,YAAY,EAAE,OAAO,SAAS,gBAAgB,GAAG,gBAAgB,IAAI,UAAU,CAC7I,KAAK,EACL,OAAO,EACP,YAAY,CACb,CAAC"}

package/dist/serverkit.router.d.ts

@@ -1,5 +1,13 @@
 import { DefaultState } from 'koa';
 import Router from '@koa/router';
 import { ServerKitContext } from './serverkit.context.js';
+/**
+ * Creates a new Koa router typed for ServerKit state and context.
+ * Use with {@link ServerKitContext} for full typing of `ctx` in route handlers.
+ *
+ * @typeParam StateT - Koa state type (defaults to `DefaultState`).
+ * @typeParam ContextT - Context type (defaults to `ServerKitContext`).
+ * @returns A new {@link Router} instance.
+ */
 export declare const ServerKitRouter: <StateT = DefaultState, ContextT = ServerKitContext>() => Router<StateT, ContextT>;
 //# sourceMappingURL=serverkit.router.d.ts.map

package/dist/serverkit.router.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"serverkit.router.d.ts","sourceRoot":"","sources":["../src/serverkit.router.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,KAAK,CAAC;AACnC,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D,eAAO,MAAM,eAAe,GAAI,MAAM,GAAG,YAAY,EAAE,QAAQ,GAAG,gBAAgB,+BAAqC,CAAC"}
+{"version":3,"file":"serverkit.router.d.ts","sourceRoot":"","sources":["../src/serverkit.router.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,KAAK,CAAC;AACnC,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D;;;;;;;GAOG;AACH,eAAO,MAAM,eAAe,GAAI,MAAM,GAAG,YAAY,EAAE,QAAQ,GAAG,gBAAgB,+BAAqC,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@maroonedsoftware/koa",
-  "version": "1.0.0",
+  "version": "1.1.0",
   "description": "",
   "author": {
     "name": "Marooned Software",
@@ -32,23 +32,26 @@
   "dependencies": {
     "co-body": "^6.2.0",
     "injectkit": "^1.0.3",
+    "rate-limiter-flexible": "^9.0.1",
     "raw-body": "^3.0.2",
+    "@maroonedsoftware/multipart": "1.0.1",
     "@maroonedsoftware/logger": "1.0.0",
-    "@maroonedsoftware/multipart": "1.0.0",
-    "@maroonedsoftware/errors": "1.0.0"
+    "@maroonedsoftware/errors": "1.1.0"
   },
   "peerDependencies": {
-    "koa": "^3.1.1",
-    "@koa/router": "^15.2.0"
+    "@koa/cors": "^5.0.0",
+    "@koa/router": "^15.2.0",
+    "koa": "^3.1.1"
   },
   "devDependencies": {
+    "@koa/cors": "^5.0.0",
+    "@koa/router": "^15.2.0",
     "@types/co-body": "^6.1.3",
     "@types/koa": "^3.0.1",
-    "@types/koa__router": "^12.0.5",
+    "@types/koa__cors": "^5.0.1",
     "koa": "^3.1.1",
-    "@koa/router": "^15.2.0",
-    "@repo/config-eslint": "0.0.0",
-    "@repo/config-typescript": "0.0.0"
+    "@repo/config-typescript": "0.0.0",
+    "@repo/config-eslint": "0.0.0"
   },
   "scripts": {
     "build": "tsup src/index.ts --format esm --sourcemap --dts && tsc --emitDeclarationOnly --declaration",

package/dist/middleware/server/injectkit.middleware.d.ts

@@ -1,4 +0,0 @@
-import { Container } from 'injectkit';
-import { ServerKitMiddleware } from '../../serverkit.middleware.js';
-export declare const injectkitMiddleware: (container: Container) => ServerKitMiddleware;
-//# sourceMappingURL=injectkit.middleware.d.ts.map

package/dist/middleware/server/injectkit.middleware.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"injectkit.middleware.d.ts","sourceRoot":"","sources":["../../../src/middleware/server/injectkit.middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAEtC,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAEpE,eAAO,MAAM,mBAAmB,GAAI,WAAW,SAAS,KAAG,mBAM1D,CAAC"}