@moostjs/event-http 0.6.1 → 0.6.3

package/README.md

@@ -76,6 +76,49 @@ class UsersController { ... }
 
 Supported transports: `bearer`, `basic`, `apiKey` (header/query/cookie), `cookie`.
 
+## Programmatic Fetch (SSR)
+
+`MoostHttp` exposes `fetch()` and `request()` methods for in-process route invocation with the full Moost pipeline (DI, interceptors, pipes, validation) — no TCP round-trip.
+
+```ts
+const http = new MoostHttp()
+app.adapter(http)
+await app.init()
+
+// Web Standard fetch API
+const response = await http.fetch(new Request('http://localhost/api/hello/world'))
+
+// Convenience form
+const response = await http.request('/api/hello/world')
+const response = await http.request('/api/users', {
+  method: 'POST',
+  body: JSON.stringify({ name: 'Alice' }),
+  headers: { 'content-type': 'application/json' },
+})
+```
+
+Returns `Response | null` — `null` means no route matched.
+
+When called from within an existing HTTP context (e.g. during SSR), identity headers (`authorization`, `cookie`) are automatically forwarded.
+
+### `enableLocalFetch`
+
+Patches `globalThis.fetch` so that local paths are routed in-process through Moost. External URLs pass through to the original `fetch`. Falls back to original `fetch` if no route matches.
+
+```ts
+import { enableLocalFetch } from '@moostjs/event-http'
+
+const teardown = enableLocalFetch(http)
+
+// Now any fetch('/api/...') goes through Moost in-process
+const res = await fetch('/api/hello/world')
+
+// Restore original fetch
+teardown()
+```
+
+This is wired up automatically by `@moostjs/vite` (see `ssrFetch` option).
+
 ## [Official Documentation](https://moost.org/webapp/)
 
 ## AI Agent Skills

package/dist/index.cjs

@@ -193,7 +193,7 @@ AuthGuard = _ts_decorate([(0, moost.Interceptor)(moost.TInterceptorPriority.GUAR
 
 //#endregion
 //#region packages/event-http/src/decorators/resolve.decorator.ts
-function createHook(getter, setter) {
+function createRef(getter, setter) {
 	return new Proxy({}, {
 		get: (_target, prop) => prop === "value" ? getter() : void 0,
 		set: (_target, prop, v) => {
@@ -203,12 +203,12 @@ function createHook(getter, setter) {
 	});
 }
 /**
-* Hook to the Response Status
+* Ref to the Response Status
 * @decorator
-* @paramType TStatusHook
-*/ const StatusHook = () => (0, moost.Resolve)((metas, level) => {
+* @paramType TStatusRef
+*/ const StatusRef = () => (0, moost.Resolve)((metas, level) => {
 	const response = (0, __wooksjs_event_http.useResponse)();
-	if (level === "PARAM") return createHook(() => response.status, (v) => {
+	if (level === "PARAM") return createRef(() => response.status, (v) => {
 		response.status = v;
 	});
 	if (level === "PROP" && metas.instance && metas.key) {
@@ -224,13 +224,13 @@ function createHook(getter, setter) {
 	}
 }, "statusCode");
 /**
-* Hook to the Response Header
+* Ref to the Response Header
 * @decorator
 * @param name - header name
-* @paramType THeaderHook
-*/ const HeaderHook = (name) => (0, moost.Resolve)((metas, level) => {
+* @paramType THeaderRef
+*/ const HeaderRef = (name) => (0, moost.Resolve)((metas, level) => {
 	const response = (0, __wooksjs_event_http.useResponse)();
-	if (level === "PARAM") return createHook(() => response.getHeader(name), (v) => response.setHeader(name, v));
+	if (level === "PARAM") return createRef(() => response.getHeader(name), (v) => response.setHeader(name, v));
 	if (level === "PROP" && metas.instance && metas.key) {
 		const initialValue = metas.instance[metas.key];
 		Object.defineProperty(metas.instance, metas.key, {
@@ -242,13 +242,13 @@ function createHook(getter, setter) {
 	}
 }, name);
 /**
-* Hook to the Response Cookie
+* Ref to the Response Cookie
 * @decorator
 * @param name - cookie name
-* @paramType TCookieHook
-*/ const CookieHook = (name) => (0, moost.Resolve)((metas, level) => {
+* @paramType TCookieRef
+*/ const CookieRef = (name) => (0, moost.Resolve)((metas, level) => {
 	const response = (0, __wooksjs_event_http.useResponse)();
-	if (level === "PARAM") return createHook(() => response.getCookie(name)?.value, (v) => response.setCookie(name, v ?? ""));
+	if (level === "PARAM") return createRef(() => response.getCookie(name)?.value, (v) => response.setCookie(name, v ?? ""));
 	if (level === "PROP" && metas.instance && metas.key) {
 		const initialValue = metas.instance[metas.key];
 		Object.defineProperty(metas.instance, metas.key, {
@@ -260,18 +260,18 @@ function createHook(getter, setter) {
 	}
 }, name);
 /**
-* Hook to the Response Cookie Attributes
+* Ref to the Response Cookie Attributes
 * @decorator
 * @param name - cookie name
 * @paramType TCookieAttributes
-*/ const CookieAttrsHook = (name) => (0, moost.Resolve)((metas, level) => {
+*/ const CookieAttrsRef = (name) => (0, moost.Resolve)((metas, level) => {
 	const response = (0, __wooksjs_event_http.useResponse)();
-	const getAttrs = () => response.getCookie(name)?.attrs;
+	const getAttrs = () => response.getCookie(name)?.attrs ?? {};
 	const setAttrs = (v) => {
 		const existing = response.getCookie(name);
 		response.setCookie(name, existing?.value ?? "", v);
 	};
-	if (level === "PARAM") return createHook(getAttrs, setAttrs);
+	if (level === "PARAM") return createRef(getAttrs, setAttrs);
 	if (level === "PROP" && metas.instance && metas.key) {
 		const initialValue = metas.instance[metas.key];
 		Object.defineProperty(metas.instance, metas.key, {
@@ -597,8 +597,27 @@ const CONTEXT_TYPE = "HTTP";
 	getHttpApp() {
 		return this.httpApp;
 	}
-	getServerCb() {
-		return this.httpApp.getServerCb();
+	getServerCb(onNoMatch) {
+		return this.httpApp.getServerCb(onNoMatch);
+	}
+	/**
+	* Programmatic route invocation using the Web Standard fetch API.
+	* Goes through the full Moost pipeline: DI scoping, interceptors,
+	* argument resolution, pipes, validation, and handler execution.
+	*
+	* When called from within an existing HTTP context (e.g. during SSR),
+	* identity headers (authorization, cookie) are automatically forwarded.
+	*/ fetch(request) {
+		return this.httpApp.fetch(request);
+	}
+	/**
+	* Convenience wrapper for programmatic route invocation.
+	* Accepts a URL string (relative paths auto-prefixed with `http://localhost`),
+	* URL object, or Request, plus optional `RequestInit`.
+	*
+	* Returns `null` when no route matches the request.
+	*/ request(input, init) {
+		return this.httpApp.request(input, init);
 	}
 	listen(port, hostname, backlog, listeningListener) {
 		return this.httpApp.listen(port, hostname, backlog, listeningListener);
@@ -675,7 +694,7 @@ const CONTEXT_TYPE = "HTTP";
 			image: "https://moost.org/moost-full-logo.svg",
 			link: "https://moost.org/",
 			poweredBy: "moostjs",
-			version: "0.6.0"
+			version: "0.6.2"
 		});
 		if (httpApp && httpApp instanceof __wooksjs_event_http.WooksHttp) this.httpApp = httpApp;
 		else if (httpApp) this.httpApp = (0, __wooksjs_event_http.createHttpApp)({
@@ -686,6 +705,47 @@ const CONTEXT_TYPE = "HTTP";
 	}
 };
 
+//#endregion
+//#region packages/event-http/src/local-fetch.ts
+/**
+* Patches `globalThis.fetch` so that requests to local paths (starting with `/`)
+* are routed through `MoostHttp` in-process instead of making a network request.
+* Falls back to the original `fetch` when no Moost route matches.
+*
+* Useful for SSR scenarios where server-side code needs to call its own API endpoints
+* without the overhead of a TCP round-trip.
+*
+* @returns A teardown function that restores the original `globalThis.fetch`.
+*/ function enableLocalFetch(http$1) {
+	const originalFetch = globalThis.fetch;
+	globalThis.fetch = async (input, init) => {
+		if (typeof input === "string") {
+			if (input.startsWith("/")) {
+				const response = await http$1.request(input, init);
+				if (response) return response;
+			}
+		} else if (input instanceof URL) {
+			if (isLocalOrigin(input)) {
+				const response = await http$1.request(input, init);
+				if (response) return response;
+			}
+		} else {
+			const url = new URL(input.url);
+			if (isLocalOrigin(url)) {
+				const response = await http$1.fetch(input);
+				if (response) return response;
+			}
+		}
+		return originalFetch(input, init);
+	};
+	return () => {
+		globalThis.fetch = originalFetch;
+	};
+}
+function isLocalOrigin(url) {
+	return url.hostname === "localhost" || url.hostname === "127.0.0.1";
+}
+
 //#endregion
 exports.All = All;
 Object.defineProperty(exports, 'AuthGuard', {
@@ -701,12 +761,12 @@ exports.BodyReadTimeoutMs = BodyReadTimeoutMs;
 exports.BodySizeLimit = BodySizeLimit;
 exports.CompressedBodySizeLimit = CompressedBodySizeLimit;
 exports.Cookie = Cookie;
-exports.CookieAttrsHook = CookieAttrsHook;
-exports.CookieHook = CookieHook;
+exports.CookieAttrsRef = CookieAttrsRef;
+exports.CookieRef = CookieRef;
 exports.Delete = Delete;
 exports.Get = Get;
 exports.Header = Header;
-exports.HeaderHook = HeaderHook;
+exports.HeaderRef = HeaderRef;
 Object.defineProperty(exports, 'HttpError', {
   enumerable: true,
   get: function () {
@@ -729,10 +789,11 @@ exports.Res = Res;
 exports.SetCookie = SetCookie;
 exports.SetHeader = SetHeader;
 exports.SetStatus = SetStatus;
-exports.StatusHook = StatusHook;
+exports.StatusRef = StatusRef;
 exports.Upgrade = Upgrade;
 exports.Url = Url;
 exports.defineAuthGuard = defineAuthGuard;
+exports.enableLocalFetch = enableLocalFetch;
 exports.extractTransports = extractTransports;
 exports.globalBodyReadTimeoutMs = globalBodyReadTimeoutMs;
 exports.globalBodySizeLimit = globalBodySizeLimit;

package/dist/index.d.ts

@@ -106,32 +106,32 @@ declare const Patch: (path?: string) => MethodDecorator;
 declare const Upgrade: (path?: string) => MethodDecorator;
 
 /**
- * Hook to the Response Status
+ * Ref to the Response Status
  * @decorator
- * @paramType TStatusHook
+ * @paramType TStatusRef
  */
-declare const StatusHook: () => ParameterDecorator & PropertyDecorator;
+declare const StatusRef: () => ParameterDecorator & PropertyDecorator;
 /**
- * Hook to the Response Header
+ * Ref to the Response Header
  * @decorator
  * @param name - header name
- * @paramType THeaderHook
+ * @paramType THeaderRef
  */
-declare const HeaderHook: (name: string) => ParameterDecorator & PropertyDecorator;
+declare const HeaderRef: (name: string) => ParameterDecorator & PropertyDecorator;
 /**
- * Hook to the Response Cookie
+ * Ref to the Response Cookie
  * @decorator
  * @param name - cookie name
- * @paramType TCookieHook
+ * @paramType TCookieRef
  */
-declare const CookieHook: (name: string) => ParameterDecorator & PropertyDecorator;
+declare const CookieRef: (name: string) => ParameterDecorator & PropertyDecorator;
 /**
- * Hook to the Response Cookie Attributes
+ * Ref to the Response Cookie Attributes
  * @decorator
  * @param name - cookie name
  * @paramType TCookieAttributes
  */
-declare const CookieAttrsHook: (name: string) => ParameterDecorator & PropertyDecorator;
+declare const CookieAttrsRef: (name: string) => ParameterDecorator & PropertyDecorator;
 /**
  * Parse Authorisation Header
  * @decorator
@@ -219,18 +219,18 @@ declare function Body(): MethodDecorator & ClassDecorator & ParameterDecorator &
  * @paramType Promise<Buffer>
  */
 declare function RawBody(): ParameterDecorator & PropertyDecorator;
-/** Reactive hook for reading/writing the response status code. */
-interface TStatusHook {
+/** Reactive ref for reading/writing the response status code. */
+interface TStatusRef {
     value: number;
 }
-/** Reactive hook for reading/writing a response header value. */
-interface THeaderHook {
+/** Reactive ref for reading/writing a response header value. */
+interface THeaderRef {
     value: string | string[] | undefined;
 }
 /** Partial cookie attributes (all optional). */
 type TCookieAttributes = Partial<TCookieAttributes$1>;
-/** Reactive hook for reading/writing a response cookie. */
-interface TCookieHook {
+/** Reactive ref for reading/writing a response cookie. */
+interface TCookieRef {
     value: string;
     attrs?: TCookieAttributes;
 }
@@ -400,7 +400,24 @@ declare class MoostHttp implements TMoostAdapter<THttpHandlerMeta> {
     protected httpApp: WooksHttp;
     constructor(httpApp?: WooksHttp | TWooksHttpOptions);
     getHttpApp(): WooksHttp;
-    getServerCb(): (req: http.IncomingMessage, res: http.ServerResponse) => void;
+    getServerCb(onNoMatch?: (req: http.IncomingMessage, res: http.ServerResponse) => void): (req: http.IncomingMessage, res: http.ServerResponse) => void;
+    /**
+     * Programmatic route invocation using the Web Standard fetch API.
+     * Goes through the full Moost pipeline: DI scoping, interceptors,
+     * argument resolution, pipes, validation, and handler execution.
+     *
+     * When called from within an existing HTTP context (e.g. during SSR),
+     * identity headers (authorization, cookie) are automatically forwarded.
+     */
+    fetch(request: Request): Promise<Response | null>;
+    /**
+     * Convenience wrapper for programmatic route invocation.
+     * Accepts a URL string (relative paths auto-prefixed with `http://localhost`),
+     * URL object, or Request, plus optional `RequestInit`.
+     *
+     * Returns `null` when no route matches the request.
+     */
+    request(input: string | URL | Request, init?: RequestInit): Promise<Response | null>;
     listen(port?: number, hostname?: string, backlog?: number, listeningListener?: () => void): Promise<void>;
     listen(port?: number, hostname?: string, listeningListener?: () => void): Promise<void>;
     listen(port?: number, backlog?: number, listeningListener?: () => void): Promise<void>;
@@ -425,5 +442,17 @@ declare class MoostHttp implements TMoostAdapter<THttpHandlerMeta> {
     bindHandler<T extends object = object>(opts: TMoostAdapterOptions<THttpHandlerMeta, T>): void;
 }
 
-export { All, AuthGuard, Authenticate, Authorization, Body, BodyReadTimeoutMs, BodySizeLimit, CompressedBodySizeLimit, Cookie, CookieAttrsHook, CookieHook, Delete, Get, Header, HeaderHook, HttpMethod, Ip, IpList, Method, MoostHttp, Patch, Post, Put, Query, RawBody, Req, ReqId, Res, SetCookie, SetHeader, SetStatus, StatusHook, Upgrade, Url, defineAuthGuard, extractTransports, globalBodyReadTimeoutMs, globalBodySizeLimit, globalCompressedBodySizeLimit };
-export type { TAuthGuardClass, TAuthGuardDef, TAuthGuardHandler, TAuthTransportApiKey, TAuthTransportBasic, TAuthTransportBearer, TAuthTransportCookie, TAuthTransportDeclaration, TAuthTransportValues, TCookieAttributes, TCookieHook, THeaderHook, THttpHandlerMeta, TStatusHook };
+/**
+ * Patches `globalThis.fetch` so that requests to local paths (starting with `/`)
+ * are routed through `MoostHttp` in-process instead of making a network request.
+ * Falls back to the original `fetch` when no Moost route matches.
+ *
+ * Useful for SSR scenarios where server-side code needs to call its own API endpoints
+ * without the overhead of a TCP round-trip.
+ *
+ * @returns A teardown function that restores the original `globalThis.fetch`.
+ */
+declare function enableLocalFetch(http: MoostHttp): () => void;
+
+export { All, AuthGuard, Authenticate, Authorization, Body, BodyReadTimeoutMs, BodySizeLimit, CompressedBodySizeLimit, Cookie, CookieAttrsRef, CookieRef, Delete, Get, Header, HeaderRef, HttpMethod, Ip, IpList, Method, MoostHttp, Patch, Post, Put, Query, RawBody, Req, ReqId, Res, SetCookie, SetHeader, SetStatus, StatusRef, Upgrade, Url, defineAuthGuard, enableLocalFetch, extractTransports, globalBodyReadTimeoutMs, globalBodySizeLimit, globalCompressedBodySizeLimit };
+export type { TAuthGuardClass, TAuthGuardDef, TAuthGuardHandler, TAuthTransportApiKey, TAuthTransportBasic, TAuthTransportBearer, TAuthTransportCookie, TAuthTransportDeclaration, TAuthTransportValues, TCookieAttributes, TCookieRef, THeaderRef, THttpHandlerMeta, TStatusRef };

package/dist/index.mjs

@@ -170,7 +170,7 @@ AuthGuard = _ts_decorate([Interceptor(TInterceptorPriority.GUARD)], AuthGuard);
 
 //#endregion
 //#region packages/event-http/src/decorators/resolve.decorator.ts
-function createHook(getter, setter) {
+function createRef(getter, setter) {
 	return new Proxy({}, {
 		get: (_target, prop) => prop === "value" ? getter() : void 0,
 		set: (_target, prop, v) => {
@@ -180,12 +180,12 @@ function createHook(getter, setter) {
 	});
 }
 /**
-* Hook to the Response Status
+* Ref to the Response Status
 * @decorator
-* @paramType TStatusHook
-*/ const StatusHook = () => Resolve((metas, level) => {
+* @paramType TStatusRef
+*/ const StatusRef = () => Resolve((metas, level) => {
 	const response = useResponse();
-	if (level === "PARAM") return createHook(() => response.status, (v) => {
+	if (level === "PARAM") return createRef(() => response.status, (v) => {
 		response.status = v;
 	});
 	if (level === "PROP" && metas.instance && metas.key) {
@@ -201,13 +201,13 @@ function createHook(getter, setter) {
 	}
 }, "statusCode");
 /**
-* Hook to the Response Header
+* Ref to the Response Header
 * @decorator
 * @param name - header name
-* @paramType THeaderHook
-*/ const HeaderHook = (name) => Resolve((metas, level) => {
+* @paramType THeaderRef
+*/ const HeaderRef = (name) => Resolve((metas, level) => {
 	const response = useResponse();
-	if (level === "PARAM") return createHook(() => response.getHeader(name), (v) => response.setHeader(name, v));
+	if (level === "PARAM") return createRef(() => response.getHeader(name), (v) => response.setHeader(name, v));
 	if (level === "PROP" && metas.instance && metas.key) {
 		const initialValue = metas.instance[metas.key];
 		Object.defineProperty(metas.instance, metas.key, {
@@ -219,13 +219,13 @@ function createHook(getter, setter) {
 	}
 }, name);
 /**
-* Hook to the Response Cookie
+* Ref to the Response Cookie
 * @decorator
 * @param name - cookie name
-* @paramType TCookieHook
-*/ const CookieHook = (name) => Resolve((metas, level) => {
+* @paramType TCookieRef
+*/ const CookieRef = (name) => Resolve((metas, level) => {
 	const response = useResponse();
-	if (level === "PARAM") return createHook(() => response.getCookie(name)?.value, (v) => response.setCookie(name, v ?? ""));
+	if (level === "PARAM") return createRef(() => response.getCookie(name)?.value, (v) => response.setCookie(name, v ?? ""));
 	if (level === "PROP" && metas.instance && metas.key) {
 		const initialValue = metas.instance[metas.key];
 		Object.defineProperty(metas.instance, metas.key, {
@@ -237,18 +237,18 @@ function createHook(getter, setter) {
 	}
 }, name);
 /**
-* Hook to the Response Cookie Attributes
+* Ref to the Response Cookie Attributes
 * @decorator
 * @param name - cookie name
 * @paramType TCookieAttributes
-*/ const CookieAttrsHook = (name) => Resolve((metas, level) => {
+*/ const CookieAttrsRef = (name) => Resolve((metas, level) => {
 	const response = useResponse();
-	const getAttrs = () => response.getCookie(name)?.attrs;
+	const getAttrs = () => response.getCookie(name)?.attrs ?? {};
 	const setAttrs = (v) => {
 		const existing = response.getCookie(name);
 		response.setCookie(name, existing?.value ?? "", v);
 	};
-	if (level === "PARAM") return createHook(getAttrs, setAttrs);
+	if (level === "PARAM") return createRef(getAttrs, setAttrs);
 	if (level === "PROP" && metas.instance && metas.key) {
 		const initialValue = metas.instance[metas.key];
 		Object.defineProperty(metas.instance, metas.key, {
@@ -574,8 +574,27 @@ const CONTEXT_TYPE = "HTTP";
 	getHttpApp() {
 		return this.httpApp;
 	}
-	getServerCb() {
-		return this.httpApp.getServerCb();
+	getServerCb(onNoMatch) {
+		return this.httpApp.getServerCb(onNoMatch);
+	}
+	/**
+	* Programmatic route invocation using the Web Standard fetch API.
+	* Goes through the full Moost pipeline: DI scoping, interceptors,
+	* argument resolution, pipes, validation, and handler execution.
+	*
+	* When called from within an existing HTTP context (e.g. during SSR),
+	* identity headers (authorization, cookie) are automatically forwarded.
+	*/ fetch(request) {
+		return this.httpApp.fetch(request);
+	}
+	/**
+	* Convenience wrapper for programmatic route invocation.
+	* Accepts a URL string (relative paths auto-prefixed with `http://localhost`),
+	* URL object, or Request, plus optional `RequestInit`.
+	*
+	* Returns `null` when no route matches the request.
+	*/ request(input, init) {
+		return this.httpApp.request(input, init);
 	}
 	listen(port, hostname, backlog, listeningListener) {
 		return this.httpApp.listen(port, hostname, backlog, listeningListener);
@@ -652,7 +671,7 @@ const CONTEXT_TYPE = "HTTP";
 			image: "https://moost.org/moost-full-logo.svg",
 			link: "https://moost.org/",
 			poweredBy: "moostjs",
-			version: "0.6.0"
+			version: "0.6.2"
 		});
 		if (httpApp && httpApp instanceof WooksHttp) this.httpApp = httpApp;
 		else if (httpApp) this.httpApp = createHttpApp({
@@ -664,4 +683,45 @@ const CONTEXT_TYPE = "HTTP";
 };
 
 //#endregion
-export { All, AuthGuard, Authenticate, Authorization, Body, BodyReadTimeoutMs, BodySizeLimit, CompressedBodySizeLimit, Cookie, CookieAttrsHook, CookieHook, Delete, Get, Header, HeaderHook, HttpError, HttpMethod, Ip, IpList, Method, MoostHttp, Patch, Post, Put, Query, RawBody, Req, ReqId, Res, SetCookie, SetHeader, SetStatus, StatusHook, Upgrade, Url, defineAuthGuard, extractTransports, globalBodyReadTimeoutMs, globalBodySizeLimit, globalCompressedBodySizeLimit, httpKind, useHttpContext };
+//#region packages/event-http/src/local-fetch.ts
+/**
+* Patches `globalThis.fetch` so that requests to local paths (starting with `/`)
+* are routed through `MoostHttp` in-process instead of making a network request.
+* Falls back to the original `fetch` when no Moost route matches.
+*
+* Useful for SSR scenarios where server-side code needs to call its own API endpoints
+* without the overhead of a TCP round-trip.
+*
+* @returns A teardown function that restores the original `globalThis.fetch`.
+*/ function enableLocalFetch(http) {
+	const originalFetch = globalThis.fetch;
+	globalThis.fetch = async (input, init) => {
+		if (typeof input === "string") {
+			if (input.startsWith("/")) {
+				const response = await http.request(input, init);
+				if (response) return response;
+			}
+		} else if (input instanceof URL) {
+			if (isLocalOrigin(input)) {
+				const response = await http.request(input, init);
+				if (response) return response;
+			}
+		} else {
+			const url = new URL(input.url);
+			if (isLocalOrigin(url)) {
+				const response = await http.fetch(input);
+				if (response) return response;
+			}
+		}
+		return originalFetch(input, init);
+	};
+	return () => {
+		globalThis.fetch = originalFetch;
+	};
+}
+function isLocalOrigin(url) {
+	return url.hostname === "localhost" || url.hostname === "127.0.0.1";
+}
+
+//#endregion
+export { All, AuthGuard, Authenticate, Authorization, Body, BodyReadTimeoutMs, BodySizeLimit, CompressedBodySizeLimit, Cookie, CookieAttrsRef, CookieRef, Delete, Get, Header, HeaderRef, HttpError, HttpMethod, Ip, IpList, Method, MoostHttp, Patch, Post, Put, Query, RawBody, Req, ReqId, Res, SetCookie, SetHeader, SetStatus, StatusRef, Upgrade, Url, defineAuthGuard, enableLocalFetch, extractTransports, globalBodyReadTimeoutMs, globalBodySizeLimit, globalCompressedBodySizeLimit, httpKind, useHttpContext };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@moostjs/event-http",
-  "version": "0.6.1",
+  "version": "0.6.3",
   "description": "@moostjs/event-http",
   "keywords": [
     "composables",
@@ -43,17 +43,16 @@
     }
   },
   "dependencies": {
-    "@wooksjs/event-http": "^0.7.3",
-    "@wooksjs/http-body": "^0.7.3"
+    "@wooksjs/event-http": "^0.7.7",
+    "@wooksjs/http-body": "^0.7.7"
   },
   "devDependencies": {
     "vitest": "3.2.4"
   },
   "peerDependencies": {
     "@prostojs/infact": "^0.4.1",
-    "@prostojs/router": "^0.3.2",
-    "@wooksjs/event-core": "^0.7.3",
-    "moost": "^0.6.1"
+    "@wooksjs/event-core": "^0.7.7",
+    "moost": "^0.6.3"
   },
   "scripts": {
     "pub": "pnpm publish --access public",

package/skills/moostjs-event-http/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: moostjs-event-http
-description: Use this skill when working with @moostjs/event-http — to create an HTTP server with MoostHttp adapter, register route handlers with @Get()/@Post()/@Put()/@Delete()/@Patch()/@All(), extract request data with @Query(), @Header(), @Cookie(), @Body(), @RawBody(), @Authorization(), @Url(), @Method(), @Req(), @Res(), @ReqId(), @Ip(), @IpList(), control responses with @SetHeader(), @SetCookie(), @SetStatus(), @StatusHook(), @HeaderHook(), @CookieHook(), @CookieAttrsHook(), throw HTTP errors with HttpError, enforce body limits with @BodySizeLimit()/@CompressedBodySizeLimit()/@BodyReadTimeoutMs(), define auth guards with defineAuthGuard()/AuthGuard/Authenticate, or handle WebSocket upgrades with @Upgrade().
+description: Use this skill when working with @moostjs/event-http — to create an HTTP server with MoostHttp adapter, register route handlers with @Get()/@Post()/@Put()/@Delete()/@Patch()/@All(), extract request data with @Query(), @Header(), @Cookie(), @Body(), @RawBody(), @Authorization(), @Url(), @Method(), @Req(), @Res(), @ReqId(), @Ip(), @IpList(), control responses with @SetHeader(), @SetCookie(), @SetStatus(), @StatusRef(), @HeaderRef(), @CookieRef(), @CookieAttrsRef(), throw HTTP errors with HttpError, enforce body limits with @BodySizeLimit()/@CompressedBodySizeLimit()/@BodyReadTimeoutMs(), define auth guards with defineAuthGuard()/AuthGuard/Authenticate, or handle WebSocket upgrades with @Upgrade().
 ---
 
 # @moostjs/event-http
@@ -25,7 +25,7 @@ Read the domain file that matches the task. Do not load all files — only what
 // Imports
 import { MoostHttp, Get, Post, Put, Delete, Patch, All, HttpMethod, Upgrade } from '@moostjs/event-http'
 import { Query, Header, Cookie, Body, RawBody, Authorization, Url, Method, Req, Res, ReqId, Ip, IpList } from '@moostjs/event-http'
-import { SetHeader, SetCookie, SetStatus, StatusHook, HeaderHook, CookieHook, CookieAttrsHook } from '@moostjs/event-http'
+import { SetHeader, SetCookie, SetStatus, StatusRef, HeaderRef, CookieRef, CookieAttrsRef } from '@moostjs/event-http'
 import { BodySizeLimit, CompressedBodySizeLimit, BodyReadTimeoutMs } from '@moostjs/event-http'
 import { Authenticate, AuthGuard, defineAuthGuard, HttpError } from '@moostjs/event-http'
 import { Controller, Param, Params } from 'moost'

package/skills/moostjs-event-http/response.md

@@ -7,9 +7,9 @@
 Moost provides two styles for response control:
 
 1. **Static decorators** (`@SetStatus`, `@SetHeader`, `@SetCookie`) — applied via interceptors at `AFTER_ALL` priority, declarative and fixed
-2. **Dynamic hooks** (`@StatusHook`, `@HeaderHook`, `@CookieHook`, `@CookieAttrsHook`) — Proxy-based reactive bindings, set values programmatically at runtime
+2. **Dynamic refs** (`@StatusRef`, `@HeaderRef`, `@CookieRef`, `@CookieAttrsRef`) — Proxy-based reactive bindings, set values programmatically at runtime
 
-Both work as method decorators. Hook decorators also work as parameter decorators and property decorators (on `FOR_EVENT`-scoped controllers).
+Both work as method decorators. Ref decorators also work as parameter decorators and property decorators (on `FOR_EVENT`-scoped controllers).
 
 ## API Reference
 
@@ -28,16 +28,16 @@ create() { return { created: true } }
 @SetStatus(200, { force: true })
 ```
 
-### `@StatusHook()`
+### `@StatusRef()`
 
 Dynamic status code control via a `{ value: number }` proxy object.
 
 ```ts
-import { Get, StatusHook } from '@moostjs/event-http'
-import type { TStatusHook } from '@moostjs/event-http'
+import { Get, StatusRef } from '@moostjs/event-http'
+import type { TStatusRef } from '@moostjs/event-http'
 
 @Get('process')
-process(@StatusHook() status: TStatusHook) {
+process(@StatusRef() status: TStatusRef) {
   if (someCondition) {
     status.value = 202
     return { status: 'processing' }
@@ -52,7 +52,7 @@ Works as a property decorator too:
 @Injectable('FOR_EVENT')
 @Controller()
 class MyController {
-  @StatusHook()
+  @StatusRef()
   status = 200  // initial value
 
   @Get('test')
@@ -90,16 +90,16 @@ Options:
 @SetHeader('x-error', 'true', { when: 'error' })
 ```
 
-### `@HeaderHook(name)`
+### `@HeaderRef(name)`
 
 Dynamic header control via a `{ value: string | string[] | undefined }` proxy.
 
 ```ts
-import { Get, HeaderHook } from '@moostjs/event-http'
-import type { THeaderHook } from '@moostjs/event-http'
+import { Get, HeaderRef } from '@moostjs/event-http'
+import type { THeaderRef } from '@moostjs/event-http'
 
 @Get('test')
-test(@HeaderHook('x-custom') header: THeaderHook) {
+test(@HeaderRef('x-custom') header: THeaderRef) {
   header.value = `generated-${Date.now()}`
   return 'ok'
 }
@@ -119,31 +119,31 @@ login() { return { ok: true } }
 
 Cookie attributes (`TCookieAttributesInput`): `maxAge`, `expires`, `domain`, `path`, `secure`, `httpOnly`, `sameSite`, etc.
 
-### `@CookieHook(name)`
+### `@CookieRef(name)`
 
 Dynamic cookie value control.
 
 ```ts
-import { Post, CookieHook } from '@moostjs/event-http'
-import type { TCookieHook } from '@moostjs/event-http'
+import { Post, CookieRef } from '@moostjs/event-http'
+import type { TCookieRef } from '@moostjs/event-http'
 
 @Post('login')
-login(@CookieHook('session') cookie: TCookieHook) {
+login(@CookieRef('session') cookie: TCookieRef) {
   cookie.value = generateToken()
   return { ok: true }
 }
 ```
 
-### `@CookieAttrsHook(name)`
+### `@CookieAttrsRef(name)`
 
 Dynamic cookie attributes control.
 
 ```ts
-import { Post, CookieAttrsHook } from '@moostjs/event-http'
+import { Post, CookieAttrsRef } from '@moostjs/event-http'
 import type { TCookieAttributes } from '@moostjs/event-http'
 
 @Post('login')
-login(@CookieAttrsHook('session') attrs: { value: TCookieAttributes }) {
+login(@CookieAttrsRef('session') attrs: { value: TCookieAttributes }) {
   attrs.value = { maxAge: '1h', httpOnly: true, secure: true }
   return { ok: true }
 }
@@ -252,7 +252,7 @@ class ItemController {
 ```ts
 @Get('data')
 @SetHeader('x-cache', 'miss', { when: 'always' })
-getData(@HeaderHook('x-cache') cache: THeaderHook) {
+getData(@HeaderRef('x-cache') cache: THeaderRef) {
   const cached = getFromCache()
   if (cached) {
     cache.value = 'hit'
@@ -265,17 +265,17 @@ getData(@HeaderHook('x-cache') cache: THeaderHook) {
 ## Types
 
 ```ts
-export interface TStatusHook { value: number }
-export interface THeaderHook { value: string | string[] | undefined }
-export interface TCookieHook { value: string; attrs?: TCookieAttributes }
+export interface TStatusRef { value: number }
+export interface THeaderRef { value: string | string[] | undefined }
+export interface TCookieRef { value: string; attrs?: TCookieAttributes }
 export type TCookieAttributes = Partial<TCookieAttributesRequired>
 ```
 
 ## Best Practices
 
 - Use `@SetStatus` for fixed status codes (201 for creation, 204 for deletion)
-- Use `@StatusHook` when the status depends on runtime logic
-- Use `@SetHeader` for static headers, `@HeaderHook` for dynamic ones
+- Use `@StatusRef` when the status depends on runtime logic
+- Use `@SetHeader` for static headers, `@HeaderRef` for dynamic ones
 - Apply body limits on upload endpoints to prevent abuse
 - Use global limit interceptors for application-wide defaults
 
@@ -284,4 +284,4 @@ export type TCookieAttributes = Partial<TCookieAttributesRequired>
 - `@SetStatus` won't override a status already set (e.g., by an error) unless `{ force: true }` is passed
 - `@SetCookie` won't overwrite a cookie already set in the response — this prevents accidental overwrites
 - `@SetHeader` defaults to success-only (`after` interceptor); use `{ when: 'always' }` to include error responses
-- Hook decorators use Proxy objects — the `.value` property is reactive, not a plain field
+- Ref decorators use Proxy objects — the `.value` property is reactive, not a plain field