@moostjs/event-http 0.5.33 → 0.6.0

package/dist/index.mjs

@@ -1,41 +1,202 @@
-import { Intercept, Resolve, TInterceptorPriority, defineInterceptorFn, defineMoostEventHandler, getMoostMate } from "moost";
-import { attachHook } from "@wooksjs/event-core";
-import { HttpError, HttpError as HttpError$1, HttpErrorRenderer, WooksHttp, createHttpApp, useAuthorization, useCookies, useHeaders, useHttpContext, useRequest, useResponse, useSearchParams, useSetCookie, useSetCookies, useSetHeader, useStatus } from "@wooksjs/event-http";
+import { current } from "@wooksjs/event-core";
+import { HttpError, HttpError as HttpError$1, WooksHttp, WooksHttpResponse, createHttpApp, httpKind, useAuthorization, useCookies, useHeaders, useHttpContext, useRequest, useResponse, useUrlParams } from "@wooksjs/event-http";
+import { Before, Intercept, Interceptor, Overtake, Resolve, TInterceptorPriority, defineBeforeInterceptor, defineMoostEventHandler, getMoostMate } from "moost";
 import { useBody } from "@wooksjs/http-body";
 import { createProvideRegistry } from "@prostojs/infact";
 import { Server } from "http";
 import { Server as Server$1 } from "https";
 
+//#region packages/event-http/src/auth-guard.ts
+function _define_property$1(obj, key, value) {
+	if (key in obj) Object.defineProperty(obj, key, {
+		value,
+		enumerable: true,
+		configurable: true,
+		writable: true
+	});
+	else obj[key] = value;
+	return obj;
+}
+function _ts_decorate(decorators, target, key, desc) {
+	var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+	if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+	else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+	return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+function _ts_metadata(k, v) {
+	if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+}
+function _ts_param(paramIndex, decorator) {
+	return function(target, key) {
+		decorator(target, key, paramIndex);
+	};
+}
+/** Extracts auth credentials from the current request based on transport declarations. Throws 401 if none found. */ function extractTransports(declaration) {
+	const ctx = current();
+	const result = {};
+	let found = false;
+	if (declaration.bearer) {
+		const auth = useAuthorization(ctx);
+		if (auth.is("bearer")) {
+			result.bearer = auth.credentials();
+			found = true;
+		}
+	}
+	if (declaration.basic) {
+		const auth = useAuthorization(ctx);
+		if (auth.is("basic")) {
+			result.basic = auth.basicCredentials();
+			found = true;
+		}
+	}
+	if (declaration.cookie) {
+		const { getCookie } = useCookies(ctx);
+		const val = getCookie(declaration.cookie.name);
+		if (val) {
+			result.cookie = val;
+			found = true;
+		}
+	}
+	if (declaration.apiKey) {
+		const { name, in: location } = declaration.apiKey;
+		if (location === "header") {
+			const headers = useHeaders(ctx);
+			if (headers[name.toLowerCase()]) {
+				result.apiKey = headers[name.toLowerCase()];
+				found = true;
+			}
+		} else if (location === "query") {
+			const { params } = useUrlParams(ctx);
+			const val = params().get(name);
+			if (val) {
+				result.apiKey = String(val);
+				found = true;
+			}
+		} else if (location === "cookie") {
+			const { getCookie } = useCookies(ctx);
+			const val = getCookie(name);
+			if (val) {
+				result.apiKey = val;
+				found = true;
+			}
+		}
+	}
+	if (!found) throw new HttpError$1(401, "No authentication credentials provided");
+	return result;
+}
+/**
+* Creates a functional auth guard interceptor.
+* Extracts credentials from declared transports and passes them to the handler.
+* Return a value from the handler to short-circuit with that response.
+*/ function defineAuthGuard(transports, handler) {
+	const def = defineBeforeInterceptor((reply) => {
+		const extracted = extractTransports(transports);
+		const result = handler(extracted);
+		if (result !== null && result !== void 0 && typeof result.then === "function") return result.then((r) => {
+			if (r !== void 0) reply(r);
+			return void 0;
+		});
+		if (result !== void 0) reply(result);
+	}, TInterceptorPriority.GUARD);
+	return Object.assign(def, { __authTransports: transports });
+}
+var AuthGuard = class {
+	__intercept(reply) {
+		const ctor = this.constructor;
+		const extracted = extractTransports(ctor.transports);
+		const result = this.handle(extracted);
+		if (result !== null && result !== void 0 && typeof result.then === "function") return result.then((r) => {
+			if (r !== void 0) reply(r);
+			return void 0;
+		});
+		if (result !== void 0) reply(result);
+	}
+};
+_define_property$1(AuthGuard, "transports", void 0);
+_define_property$1(AuthGuard, "priority", TInterceptorPriority.GUARD);
+_ts_decorate([
+	Before(),
+	_ts_param(0, Overtake()),
+	_ts_metadata("design:type", Function),
+	_ts_metadata("design:paramtypes", [typeof TOvertakeFn === "undefined" ? Object : TOvertakeFn]),
+	_ts_metadata("design:returntype", void 0)
+], AuthGuard.prototype, "__intercept", null);
+AuthGuard = _ts_decorate([Interceptor(TInterceptorPriority.GUARD)], AuthGuard);
+/**
+* Registers an auth guard as an interceptor and stores its transport
+* declarations in metadata for swagger auto-discovery.
+*
+* Accepts either a functional guard from `defineAuthGuard()` or a
+* class-based guard extending `AuthGuard`.
+*/ function Authenticate(handler) {
+	const mate = getMoostMate();
+	const isClass = typeof handler === "function";
+	const transports = isClass ? handler.transports : handler.__authTransports;
+	const priority = isClass ? handler.priority : handler.priority || TInterceptorPriority.GUARD;
+	const name = isClass ? handler.name : "AuthGuard";
+	return mate.apply(mate.decorate("interceptors", {
+		handler,
+		priority,
+		name
+	}, true), mate.decorate("authTransports", transports));
+}
+
+//#endregion
 //#region packages/event-http/src/decorators/http-method.decorator.ts
-function HttpMethod(method, path) {
+/** Base decorator for registering an HTTP route handler with an explicit method. */ function HttpMethod(method, path) {
 	return getMoostMate().decorate("handlers", {
 		method,
 		path,
 		type: "HTTP"
 	}, true);
 }
-const All = (path) => HttpMethod("*", path);
-const Get = (path) => HttpMethod("GET", path);
-const Post = (path) => HttpMethod("POST", path);
-const Put = (path) => HttpMethod("PUT", path);
-const Delete = (path) => HttpMethod("DELETE", path);
-const Patch = (path) => HttpMethod("PATCH", path);
+/** Register a catch-all route handler matching any HTTP method. */ const All = (path) => HttpMethod("*", path);
+/** Register a GET route handler. */ const Get = (path) => HttpMethod("GET", path);
+/** Register a POST route handler. */ const Post = (path) => HttpMethod("POST", path);
+/** Register a PUT route handler. */ const Put = (path) => HttpMethod("PUT", path);
+/** Register a DELETE route handler. */ const Delete = (path) => HttpMethod("DELETE", path);
+/** Register a PATCH route handler. */ const Patch = (path) => HttpMethod("PATCH", path);
+/**
+* Register an UPGRADE route handler for WebSocket upgrade requests.
+*
+* Use together with `WooksWs` (injected via DI) to complete the handshake:
+* ```ts
+* @Upgrade('/ws')
+* handleUpgrade(ws: WooksWs) {
+*   return ws.upgrade()
+* }
+* ```
+*/ const Upgrade = (path) => HttpMethod("UPGRADE", path);
 
 //#endregion
 //#region packages/event-http/src/decorators/resolve.decorator.ts
+function createHook(getter, setter) {
+	return new Proxy({}, {
+		get: (_target, prop) => prop === "value" ? getter() : void 0,
+		set: (_target, prop, v) => {
+			if (prop === "value") setter(v);
+			return true;
+		}
+	});
+}
 /**
 * Hook to the Response Status
 * @decorator
 * @paramType TStatusHook
 */ const StatusHook = () => Resolve((metas, level) => {
-	const hook = useStatus();
-	if (level === "PARAM") return hook;
+	const response = useResponse();
+	if (level === "PARAM") return createHook(() => response.status, (v) => {
+		response.status = v;
+	});
 	if (level === "PROP" && metas.instance && metas.key) {
 		const initialValue = metas.instance[metas.key];
-		attachHook(metas.instance, {
-			get: () => hook.value,
-			set: (v) => hook.value = v
-		}, metas.key);
+		Object.defineProperty(metas.instance, metas.key, {
+			get: () => response.status,
+			set: (v) => {
+				response.status = v;
+			},
+			configurable: true
+		});
 		return typeof initialValue === "number" ? initialValue : 200;
 	}
 }, "statusCode");
@@ -45,14 +206,15 @@ const Patch = (path) => HttpMethod("PATCH", path);
 * @param name - header name
 * @paramType THeaderHook
 */ const HeaderHook = (name) => Resolve((metas, level) => {
-	const hook = useSetHeader(name);
-	if (level === "PARAM") return hook;
+	const response = useResponse();
+	if (level === "PARAM") return createHook(() => response.getHeader(name), (v) => response.setHeader(name, v));
 	if (level === "PROP" && metas.instance && metas.key) {
 		const initialValue = metas.instance[metas.key];
-		attachHook(metas.instance, {
-			get: () => hook.value,
-			set: (v) => hook.value = v
-		}, metas.key);
+		Object.defineProperty(metas.instance, metas.key, {
+			get: () => response.getHeader(name),
+			set: (v) => response.setHeader(name, v),
+			configurable: true
+		});
 		return typeof initialValue === "string" ? initialValue : "";
 	}
 }, name);
@@ -62,14 +224,15 @@ const Patch = (path) => HttpMethod("PATCH", path);
 * @param name - cookie name
 * @paramType TCookieHook
 */ const CookieHook = (name) => Resolve((metas, level) => {
-	const hook = useSetCookie(name);
-	if (level === "PARAM") return hook;
+	const response = useResponse();
+	if (level === "PARAM") return createHook(() => response.getCookie(name)?.value, (v) => response.setCookie(name, v ?? ""));
 	if (level === "PROP" && metas.instance && metas.key) {
 		const initialValue = metas.instance[metas.key];
-		attachHook(metas.instance, {
-			get: () => hook.value,
-			set: (v) => hook.value = v
-		}, metas.key);
+		Object.defineProperty(metas.instance, metas.key, {
+			get: () => response.getCookie(name)?.value,
+			set: (v) => response.setCookie(name, v ?? ""),
+			configurable: true
+		});
 		return typeof initialValue === "string" ? initialValue : "";
 	}
 }, name);
@@ -79,17 +242,20 @@ const Patch = (path) => HttpMethod("PATCH", path);
 * @param name - cookie name
 * @paramType TCookieAttributes
 */ const CookieAttrsHook = (name) => Resolve((metas, level) => {
-	const hook = useSetCookie(name);
-	if (level === "PARAM") return attachHook({}, {
-		get: () => hook.attrs,
-		set: (v) => hook.attrs = v
-	});
+	const response = useResponse();
+	const getAttrs = () => response.getCookie(name)?.attrs;
+	const setAttrs = (v) => {
+		const existing = response.getCookie(name);
+		response.setCookie(name, existing?.value ?? "", v);
+	};
+	if (level === "PARAM") return createHook(getAttrs, setAttrs);
 	if (level === "PROP" && metas.instance && metas.key) {
 		const initialValue = metas.instance[metas.key];
-		attachHook(metas.instance, {
-			get: () => hook.attrs,
-			set: (v) => hook.attrs = v
-		}, metas.key);
+		Object.defineProperty(metas.instance, metas.key, {
+			get: getAttrs,
+			set: setAttrs,
+			configurable: true
+		});
 		return typeof initialValue === "object" ? initialValue : {};
 	}
 }, name);
@@ -102,11 +268,11 @@ const Patch = (path) => HttpMethod("PATCH", path);
 	return Resolve(() => {
 		const auth = useAuthorization();
 		switch (name) {
-			case "username": return auth.isBasic() ? auth.basicCredentials()?.username : void 0;
-			case "password": return auth.isBasic() ? auth.basicCredentials()?.password : void 0;
-			case "bearer": return auth.isBearer() ? auth.authorization : void 0;
-			case "raw": return auth.authRawCredentials();
-			case "type": return auth.authType();
+			case "username": return auth.is("basic") ? auth.basicCredentials()?.username : void 0;
+			case "password": return auth.is("basic") ? auth.basicCredentials()?.password : void 0;
+			case "bearer": return auth.is("bearer") ? auth.authorization : void 0;
+			case "raw": return auth.credentials();
+			case "type": return auth.type();
 			default: return void 0;
 		}
 	}, "authorization");
@@ -139,13 +305,13 @@ const Patch = (path) => HttpMethod("PATCH", path);
 	const isItem = !!name;
 	const _name = isItem ? name : "Query";
 	return getMoostMate().apply(getMoostMate().decorate("paramSource", isItem ? "QUERY_ITEM" : "QUERY"), getMoostMate().decorate("paramName", _name), Resolve(() => {
-		const { jsonSearchParams, urlSearchParams } = useSearchParams();
+		const { toJson, params } = useUrlParams();
 		if (isItem) {
-			const p = urlSearchParams();
+			const p = params();
 			const value = p.get(name);
 			return value === null ? void 0 : value;
 		}
-		const json = jsonSearchParams();
+		const json = toJson();
 		return Object.keys(json).length > 0 ? json : void 0;
 	}, _name));
 }
@@ -168,7 +334,7 @@ const Patch = (path) => HttpMethod("PATCH", path);
 * @decorator
 * @paramType IncomingMessage
 */ function Req() {
-	return Resolve(() => useRequest().rawRequest, "request");
+	return Resolve(() => useRequest().raw, "request");
 }
 /**
 * Get Raw Response Instance
@@ -176,7 +342,7 @@ const Patch = (path) => HttpMethod("PATCH", path);
 * @param opts (optional) { passthrough: boolean }
 * @paramType ServerResponse
 */ function Res(opts) {
-	return Resolve(() => useResponse().rawResponse(opts), "response");
+	return Resolve(() => useResponse().getRawRes(opts?.passthrough), "response");
 }
 /**
 * Get Request Unique Identificator (UUID)
@@ -217,17 +383,14 @@ const Patch = (path) => HttpMethod("PATCH", path);
 //#endregion
 //#region packages/event-http/src/decorators/set.decorator.ts
 const setHeaderInterceptor = (name, value, opts) => {
-	const fn = (_before, after, onError) => {
-		const h = useSetHeader(name);
-		const status = useStatus();
-		const cb = () => {
-			if ((!h.value || opts?.force) && (!opts?.status || opts.status === status.value)) h.value = value;
-		};
-		if (opts?.when !== "error") after(cb);
-		if (opts?.when === "always" || opts?.when === "error") onError(cb);
+	const cb = () => {
+		const response = useResponse();
+		if ((!response.getHeader(name) || opts?.force) && (!opts?.status || opts.status === response.status)) response.setHeader(name, value);
 	};
-	fn.priority = TInterceptorPriority.AFTER_ALL;
-	return fn;
+	const def = { priority: TInterceptorPriority.AFTER_ALL };
+	if (opts?.when !== "error") def.after = cb;
+	if (opts?.when === "always" || opts?.when === "error") def.error = cb;
+	return def;
 };
 /**
 * Set Header for Request Handler
@@ -268,16 +431,13 @@ const setHeaderInterceptor = (name, value, opts) => {
 */ function SetHeader(...args) {
 	return Intercept(setHeaderInterceptor(...args));
 }
-const setCookieInterceptor = (name, value, attrs) => {
-	const fn = (before, after) => {
-		const { setCookie, getCookie } = useSetCookies();
-		after(() => {
-			if (!getCookie(name)) setCookie(name, value, attrs);
-		});
-	};
-	fn.priority = TInterceptorPriority.AFTER_ALL;
-	return fn;
-};
+const setCookieInterceptor = (name, value, attrs) => ({
+	after() {
+		const response = useResponse();
+		if (!response.getCookie(name)) response.setCookie(name, value, attrs);
+	},
+	priority: TInterceptorPriority.AFTER_ALL
+});
 /**
 * Set Cookie for Request Handler
 * ```ts
@@ -301,11 +461,12 @@ const setCookieInterceptor = (name, value, attrs) => {
 */ function SetCookie(...args) {
 	return Intercept(setCookieInterceptor(...args));
 }
-const setStatusInterceptor = (code, opts) => defineInterceptorFn((before, after) => {
-	const status = useStatus();
-	after(() => {
-		if (!status.isDefined || opts?.force) status.value = code;
-	});
+const setStatusInterceptor = (code, opts) => ({
+	after() {
+		const response = useResponse();
+		if (!response.status || opts?.force) response.status = code;
+	},
+	priority: TInterceptorPriority.AFTER_ALL
 });
 /**
 * Set Response Status for Request Handler
@@ -335,24 +496,24 @@ const setStatusInterceptor = (code, opts) => defineInterceptorFn((before, after)
 * Creates an interceptor that sets the maximum allowed inflated body size in bytes.
 *
 * @param n - Maximum body size in bytes after decompression.
-* @returns Interceptor function to enforce the limit.
-*/ const globalBodySizeLimit = (n) => defineInterceptorFn(() => {
+* @returns Interceptor def to enforce the limit.
+*/ const globalBodySizeLimit = (n) => defineBeforeInterceptor(() => {
 	useRequest().setMaxInflated(n);
 }, TInterceptorPriority.BEFORE_ALL);
 /**
 * Creates an interceptor that sets the maximum allowed compressed body size in bytes.
 *
 * @param n - Maximum body size in bytes before decompression.
-* @returns Interceptor function to enforce the limit.
-*/ const globalCompressedBodySizeLimit = (n) => defineInterceptorFn(() => {
+* @returns Interceptor def to enforce the limit.
+*/ const globalCompressedBodySizeLimit = (n) => defineBeforeInterceptor(() => {
 	useRequest().setMaxCompressed(n);
 }, TInterceptorPriority.BEFORE_ALL);
 /**
 * Creates an interceptor that sets the timeout for reading the request body.
 *
 * @param n - Timeout in milliseconds.
-* @returns Interceptor function to enforce the timeout.
-*/ const globalBodyReadTimeoutMs = (n) => defineInterceptorFn(() => {
+* @returns Interceptor def to enforce the timeout.
+*/ const globalBodyReadTimeoutMs = (n) => defineBeforeInterceptor(() => {
 	useRequest().setReadTimeoutMs(n);
 }, TInterceptorPriority.BEFORE_ALL);
 /**
@@ -444,23 +605,24 @@ const CONTEXT_TYPE = "HTTP";
 			if (handler.type !== "HTTP") continue;
 			const httpPath = handler.path;
 			const path = typeof httpPath === "string" ? httpPath : typeof opts.method === "string" ? opts.method : "";
-			const targetPath = `${`${opts.prefix || ""}/${path}`.replace(/\/\/+/g, "/")}${path.endsWith("//") ? "/" : ""}`;
+			const targetPath = `${`${opts.prefix || ""}/${path}`.replaceAll(/\/\/+/g, "/")}${path.endsWith("//") ? "/" : ""}`;
 			fn = defineMoostEventHandler({
 				contextType: CONTEXT_TYPE,
 				loggerTitle: LOGGER_TITLE,
 				getIterceptorHandler: opts.getIterceptorHandler,
 				getControllerInstance: opts.getInstance,
 				controllerMethod: opts.method,
+				controllerName: opts.controllerName,
 				resolveArgs: opts.resolveArgs,
 				manualUnscope: true,
 				hooks: { init: ({ unscope }) => {
-					const { rawRequest } = useRequest();
-					rawRequest.on("end", unscope);
+					const { raw } = useRequest();
+					raw.on("end", unscope);
 				} },
 				targetPath,
 				handlerType: handler.type
 			});
-			const routerBinding = this.httpApp.on(handler.method, targetPath, fn);
+			const routerBinding = handler.method === "UPGRADE" ? this.httpApp.upgrade(targetPath, fn) : this.httpApp.on(handler.method, targetPath, fn);
 			const { getPath: pathBuilder } = routerBinding;
 			const methodMeta = getMoostMate().read(opts.fakeInstance, opts.method) || {};
 			const id = methodMeta.id || opts.method;
@@ -486,11 +648,11 @@ const CONTEXT_TYPE = "HTTP";
 		_define_property(this, "httpApp", void 0);
 		_define_property(this, "pathBuilders", {});
 		_define_property(this, "moost", void 0);
-		HttpErrorRenderer.registerFramework({
-			image: "https://moost.org/moost-full-logo.png",
+		WooksHttpResponse.registerFramework({
+			image: "https://moost.org/moost-full-logo.svg",
 			link: "https://moost.org/",
 			poweredBy: "moostjs",
-			version: "0.5.32"
+			version: "0.5.33"
 		});
 		if (httpApp && httpApp instanceof WooksHttp) this.httpApp = httpApp;
 		else if (httpApp) this.httpApp = createHttpApp({
@@ -502,4 +664,4 @@ const CONTEXT_TYPE = "HTTP";
 };
 
 //#endregion
-export { All, Authorization, Body, BodyReadTimeoutMs, BodySizeLimit, CompressedBodySizeLimit, Cookie, CookieAttrsHook, CookieHook, Delete, Get, Header, HeaderHook, HttpError, HttpMethod, Ip, IpList, Method, MoostHttp, Patch, Post, Put, Query, RawBody, Req, ReqId, Res, SetCookie, SetHeader, SetStatus, StatusHook, Url, globalBodyReadTimeoutMs, globalBodySizeLimit, globalCompressedBodySizeLimit, useHttpContext };
+export { All, AuthGuard, Authenticate, Authorization, Body, BodyReadTimeoutMs, BodySizeLimit, CompressedBodySizeLimit, Cookie, CookieAttrsHook, CookieHook, Delete, Get, Header, HeaderHook, HttpError, HttpMethod, Ip, IpList, Method, MoostHttp, Patch, Post, Put, Query, RawBody, Req, ReqId, Res, SetCookie, SetHeader, SetStatus, StatusHook, Upgrade, Url, defineAuthGuard, extractTransports, globalBodyReadTimeoutMs, globalBodySizeLimit, globalCompressedBodySizeLimit, httpKind, useHttpContext };

package/package.json

@@ -1,12 +1,39 @@
 {
   "name": "@moostjs/event-http",
-  "version": "0.5.33",
+  "version": "0.6.0",
   "description": "@moostjs/event-http",
+  "keywords": [
+    "composables",
+    "framework",
+    "moost",
+    "moostjs",
+    "prostojs",
+    "wooksjs"
+  ],
+  "homepage": "https://github.com/moostjs/moostjs/tree/main/packages/event-http#readme",
+  "bugs": {
+    "url": "https://github.com/moostjs/moostjs/issues"
+  },
+  "license": "MIT",
+  "author": "Artem Maltsev",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/moostjs/moostjs.git",
+    "directory": "packages/event-http"
+  },
+  "bin": {
+    "moostjs-event-http-skill": "./scripts/setup-skills.js"
+  },
+  "files": [
+    "dist",
+    "skills",
+    "scripts/setup-skills.js"
+  ],
+  "type": "module",
+  "sideEffects": false,
   "main": "dist/index.cjs",
   "module": "dist/index.mjs",
   "types": "dist/index.d.ts",
-  "sideEffects": false,
-  "type": "module",
   "exports": {
     "./package.json": "./package.json",
     ".": {
@@ -15,43 +42,22 @@
       "require": "./dist/index.cjs"
     }
   },
-  "files": [
-    "dist"
-  ],
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/moostjs/moostjs.git",
-    "directory": "packages/event-http"
-  },
-  "keywords": [
-    "moost",
-    "moostjs",
-    "composables",
-    "framework",
-    "wooksjs",
-    "prostojs"
-  ],
-  "author": "Artem Maltsev",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/moostjs/moostjs/issues"
-  },
-  "homepage": "https://github.com/moostjs/moostjs/tree/main/packages/event-http#readme",
-  "peerDependencies": {
-    "@wooksjs/event-core": "^0.6.2",
-    "@prostojs/infact": "^0.3.3",
-    "@prostojs/router": "^0.2.1",
-    "moost": "^0.5.33"
-  },
   "dependencies": {
-    "@wooksjs/event-http": "^0.6.2",
-    "@wooksjs/http-body": "^0.6.2"
+    "@wooksjs/event-http": "^0.7.3",
+    "@wooksjs/http-body": "^0.7.3"
   },
   "devDependencies": {
     "vitest": "3.2.4"
   },
+  "peerDependencies": {
+    "@prostojs/infact": "^0.4.1",
+    "@prostojs/router": "^0.3.2",
+    "@wooksjs/event-core": "^0.7.3",
+    "moost": "^0.6.0"
+  },
   "scripts": {
     "pub": "pnpm publish --access public",
-    "test": "vitest"
+    "test": "vitest",
+    "setup-skills": "node ./scripts/setup-skills.js"
   }
 }

package/scripts/setup-skills.js

@@ -0,0 +1,76 @@
+#!/usr/bin/env node
+/* prettier-ignore */
+import fs from 'fs'
+import path from 'path'
+import os from 'os'
+import { fileURLToPath } from 'url'
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url))
+
+const SKILL_NAME = 'moostjs-event-http'
+const SKILL_SRC = path.join(__dirname, '..', 'skills', SKILL_NAME)
+
+if (!fs.existsSync(SKILL_SRC)) {
+  console.error(`No skills found at ${SKILL_SRC}`)
+  console.error('Add your SKILL.md files to the skills/' + SKILL_NAME + '/ directory first.')
+  process.exit(1)
+}
+
+const AGENTS = {
+  'Claude Code': { dir: '.claude/skills',   global: path.join(os.homedir(), '.claude', 'skills') },
+  'Cursor':      { dir: '.cursor/skills',   global: path.join(os.homedir(), '.cursor', 'skills') },
+  'Windsurf':    { dir: '.windsurf/skills', global: path.join(os.homedir(), '.windsurf', 'skills') },
+  'Codex':       { dir: '.codex/skills',    global: path.join(os.homedir(), '.codex', 'skills') },
+  'OpenCode':    { dir: '.opencode/skills', global: path.join(os.homedir(), '.opencode', 'skills') },
+}
+
+const args = process.argv.slice(2)
+const isGlobal = args.includes('--global') || args.includes('-g')
+const isPostinstall = args.includes('--postinstall')
+let installed = 0, skipped = 0
+const installedDirs = []
+
+for (const [agentName, cfg] of Object.entries(AGENTS)) {
+  const targetBase = isGlobal ? cfg.global : path.join(process.cwd(), cfg.dir)
+  const agentRootDir = path.dirname(cfg.global)
+
+  if (isPostinstall || isGlobal) {
+    if (!fs.existsSync(agentRootDir)) { skipped++; continue }
+  }
+
+  const dest = path.join(targetBase, SKILL_NAME)
+  try {
+    fs.mkdirSync(dest, { recursive: true })
+    fs.cpSync(SKILL_SRC, dest, { recursive: true })
+    console.log(`[${SKILL_NAME}] installed to ${dest}`)
+    installed++
+    if (!isGlobal) installedDirs.push(cfg.dir + '/' + SKILL_NAME)
+  } catch (err) {
+    console.warn(`[${SKILL_NAME}] failed — ${err.message}`)
+  }
+}
+
+if (!isGlobal && installedDirs.length > 0) {
+  const gitignorePath = path.join(process.cwd(), '.gitignore')
+  let gitignoreContent = ''
+  try { gitignoreContent = fs.readFileSync(gitignorePath, 'utf8') } catch {}
+  const linesToAdd = installedDirs.filter(d => !gitignoreContent.includes(d))
+  if (linesToAdd.length > 0) {
+    const hasHeader = gitignoreContent.includes('# AI agent skills')
+    const block = (gitignoreContent && !gitignoreContent.endsWith('\n') ? '\n' : '')
+      + (hasHeader ? '' : '\n# AI agent skills (auto-generated by setup-skills)\n')
+      + linesToAdd.join('\n') + '\n'
+    fs.appendFileSync(gitignorePath, block)
+    console.log(`[${SKILL_NAME}] added entries to .gitignore`)
+  }
+}
+
+if (installed === 0 && isPostinstall) {
+  // Silence is fine — no agents present, nothing to do
+} else if (installed === 0 && skipped === Object.keys(AGENTS).length) {
+  console.log('No agent directories detected. Try --global or run without it for project-local install.')
+} else if (installed === 0) {
+  console.log('Nothing installed. Run without --global to install project-locally.')
+} else {
+  console.log(`Done! Restart your AI agent to pick up the "${SKILL_NAME}" skill.`)
+}