@morojs/moro 1.0.0

package/dist/core/middleware/built-in/cache.js

@@ -0,0 +1,188 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cache = void 0;
+const logger_1 = require("../../logger");
+const cache_1 = require("./adapters/cache");
+const logger = (0, logger_1.createFrameworkLogger)("CacheMiddleware");
+const cache = (options = {}) => ({
+    name: "cache",
+    version: "1.0.0",
+    metadata: {
+        name: "cache",
+        version: "1.0.0",
+        description: "Built-in cache middleware with pluggable storage adapters",
+        author: "MoroJS Team",
+    },
+    install: async (hooks, middlewareOptions = {}) => {
+        logger.debug("Installing cache middleware", "Installation");
+        // Initialize storage adapter
+        let storageAdapter;
+        if (options.adapter &&
+            typeof options.adapter === "object" &&
+            "get" in options.adapter) {
+            storageAdapter = options.adapter;
+        }
+        else if (typeof options.adapter === "string") {
+            storageAdapter = (0, cache_1.createCacheAdapter)(options.adapter, options.adapterOptions);
+        }
+        else {
+            // Default to memory cache
+            storageAdapter = (0, cache_1.createCacheAdapter)("memory");
+        }
+        // Cache key generation
+        const generateCacheKey = (req, strategy) => {
+            const prefix = options.keyPrefix || "moro:cache:";
+            if (strategy?.key) {
+                return `${prefix}${strategy.key(req)}`;
+            }
+            // Default key: method + path + query
+            const query = new URLSearchParams(req.query || {}).toString();
+            return `${prefix}${req.method}:${req.path}${query ? `?${query}` : ""}`;
+        };
+        // Find matching strategy
+        const findStrategy = (req) => {
+            if (!options.strategies)
+                return undefined;
+            for (const [pattern, strategy] of Object.entries(options.strategies)) {
+                const regex = new RegExp(pattern);
+                if (regex.test(req.path)) {
+                    return strategy;
+                }
+            }
+            return undefined;
+        };
+        hooks.before("request", async (context) => {
+            const req = context.request;
+            const res = context.response;
+            // Only cache GET requests by default
+            if (req.method !== "GET") {
+                return;
+            }
+            const strategy = findStrategy(req);
+            const cacheKey = generateCacheKey(req, strategy);
+            // Check if caching is disabled for this request
+            if (strategy?.condition && !strategy.condition(req, res)) {
+                return;
+            }
+            try {
+                // Try to get from cache
+                const cachedResponse = await storageAdapter.get(cacheKey);
+                if (cachedResponse) {
+                    logger.debug(`Cache hit: ${cacheKey}`, "CacheHit");
+                    // Set cache headers
+                    res.setHeader("X-Cache", "HIT");
+                    res.setHeader("X-Cache-Key", cacheKey);
+                    // Set HTTP cache headers
+                    if (options.maxAge) {
+                        res.setHeader("Cache-Control", `public, max-age=${options.maxAge}`);
+                    }
+                    if (options.vary && options.vary.length > 0) {
+                        res.setHeader("Vary", options.vary.join(", "));
+                    }
+                    // Send cached response
+                    res.status(cachedResponse.status || 200);
+                    // Set cached headers
+                    if (cachedResponse.headers) {
+                        Object.entries(cachedResponse.headers).forEach(([key, value]) => {
+                            res.setHeader(key, value);
+                        });
+                    }
+                    if (cachedResponse.contentType) {
+                        res.setHeader("Content-Type", cachedResponse.contentType);
+                    }
+                    res.send(cachedResponse.body);
+                    // Mark as handled
+                    context.handled = true;
+                    return;
+                }
+                logger.debug(`Cache miss: ${cacheKey}`, "CacheMiss");
+                res.setHeader("X-Cache", "MISS");
+                res.setHeader("X-Cache-Key", cacheKey);
+            }
+            catch (error) {
+                logger.error("Cache retrieval error", "CacheError", {
+                    error,
+                    key: cacheKey,
+                });
+            }
+            // Store original response methods
+            const originalJson = res.json;
+            const originalSend = res.send;
+            const originalEnd = res.end;
+            // Wrap response methods to cache the response
+            const cacheResponse = async (body, contentType) => {
+                try {
+                    const ttl = strategy?.ttl || options.defaultTtl || 3600;
+                    const cacheData = {
+                        body,
+                        status: res.statusCode,
+                        headers: res.getHeaders ? res.getHeaders() : {},
+                        contentType: contentType || res.getHeader("Content-Type"),
+                        timestamp: Date.now(),
+                    };
+                    await storageAdapter.set(cacheKey, cacheData, ttl);
+                    logger.debug(`Response cached: ${cacheKey} (TTL: ${ttl}s)`, "CacheSet");
+                }
+                catch (error) {
+                    logger.error("Cache storage error", "CacheError", {
+                        error,
+                        key: cacheKey,
+                    });
+                }
+            };
+            // Override response methods
+            res.json = function (data) {
+                cacheResponse(data, "application/json");
+                return originalJson.call(this, data);
+            };
+            res.send = function (data) {
+                cacheResponse(data);
+                return originalSend.call(this, data);
+            };
+            res.end = function (data) {
+                if (data) {
+                    cacheResponse(data);
+                }
+                return originalEnd.call(this, data);
+            };
+            // Add cache control methods
+            res.cacheControl = (directives) => {
+                const parts = [];
+                if (directives.public)
+                    parts.push("public");
+                if (directives.private)
+                    parts.push("private");
+                if (directives.noCache)
+                    parts.push("no-cache");
+                if (directives.noStore)
+                    parts.push("no-store");
+                if (directives.mustRevalidate)
+                    parts.push("must-revalidate");
+                if (directives.immutable)
+                    parts.push("immutable");
+                if (typeof directives.maxAge === "number")
+                    parts.push(`max-age=${directives.maxAge}`);
+                if (typeof directives.staleWhileRevalidate === "number") {
+                    parts.push(`stale-while-revalidate=${directives.staleWhileRevalidate}`);
+                }
+                res.setHeader("Cache-Control", parts.join(", "));
+                return res;
+            };
+            // Add ETag generation
+            if (options.etag !== false) {
+                res.generateETag = (content) => {
+                    const crypto = require("crypto");
+                    const hash = crypto.createHash("md5").update(content).digest("hex");
+                    const prefix = options.etag === "weak" ? "W/" : "";
+                    return `${prefix}"${hash}"`;
+                };
+            }
+        });
+        logger.info("Cache middleware installed", "Installation", {
+            adapter: typeof options.adapter === "string" ? options.adapter : "custom",
+            strategies: Object.keys(options.strategies || {}).length,
+        });
+    },
+});
+exports.cache = cache;
+//# sourceMappingURL=cache.js.map

package/dist/core/middleware/built-in/cache.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cache.js","sourceRoot":"","sources":["../../../../src/core/middleware/built-in/cache.ts"],"names":[],"mappings":";;;AAOA,yCAAqD;AACrD,4CAAsD;AAEtD,MAAM,MAAM,GAAG,IAAA,8BAAqB,EAAC,iBAAiB,CAAC,CAAC;AAEjD,MAAM,KAAK,GAAG,CAAC,UAAwB,EAAE,EAAuB,EAAE,CAAC,CAAC;IACzE,IAAI,EAAE,OAAO;IACb,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE;QACR,IAAI,EAAE,OAAO;QACb,OAAO,EAAE,OAAO;QAChB,WAAW,EAAE,2DAA2D;QACxE,MAAM,EAAE,aAAa;KACtB;IAED,OAAO,EAAE,KAAK,EAAE,KAAU,EAAE,oBAAyB,EAAE,EAAE,EAAE;QACzD,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE,cAAc,CAAC,CAAC;QAE5D,6BAA6B;QAC7B,IAAI,cAA4B,CAAC;QAEjC,IACE,OAAO,CAAC,OAAO;YACf,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;YACnC,KAAK,IAAI,OAAO,CAAC,OAAO,EACxB,CAAC;YACD,cAAc,GAAG,OAAO,CAAC,OAAuB,CAAC;QACnD,CAAC;aAAM,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YAC/C,cAAc,GAAG,IAAA,0BAAkB,EACjC,OAAO,CAAC,OAAO,EACf,OAAO,CAAC,cAAc,CACvB,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,0BAA0B;YAC1B,cAAc,GAAG,IAAA,0BAAkB,EAAC,QAAQ,CAAC,CAAC;QAChD,CAAC;QAED,uBAAuB;QACvB,MAAM,gBAAgB,GAAG,CAAC,GAAQ,EAAE,QAAc,EAAU,EAAE;YAC5D,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,IAAI,aAAa,CAAC;YAElD,IAAI,QAAQ,EAAE,GAAG,EAAE,CAAC;gBAClB,OAAO,GAAG,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACzC,CAAC;YAED,qCAAqC;YACrC,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC;YAC9D,OAAO,GAAG,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;QACzE,CAAC,CAAC;QAEF,yBAAyB;QACzB,MAAM,YAAY,GAAG,CAAC,GAAQ,EAAmB,EAAE;YACjD,IAAI,CAAC,OAAO,CAAC,UAAU;gBAAE,OAAO,SAAS,CAAC;YAE1C,KAAK,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;gBACrE,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC;gBAClC,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBACzB,OAAO,QAAQ,CAAC;gBAClB,CAAC;YACH,CAAC;YAED,OAAO,SAAS,CAAC;QACnB,CAAC,CAAC;QAEF,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,OAAoB,EAAE,EAAE;YACrD,MAAM,GAAG,GAAG,OAAO,CAAC,OAAc,CAAC;YACnC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAe,CAAC;YAEpC,qCAAqC;YACrC,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;gBACzB,OAAO;YACT,CAAC;YAED,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;YACnC,MAAM,QAAQ,GAAG,gBAAgB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAEjD,gDAAgD;YAChD,IAAI,QAAQ,EAAE,SAAS,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC;gBACzD,OAAO;YACT,CAAC;YAED,IAAI,CAAC;gBACH,wBAAwB;gBACxB,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBAE1D,IAAI,cAAc,EAAE,CAAC;oBACnB,MAAM,CAAC,KAAK,CAAC,cAAc,QAAQ,EAAE,EAAE,UAAU,CAAC,CAAC;oBAEnD,oBAAoB;oBACpB,GAAG,CAAC,SAAS,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;oBAChC,GAAG,CAAC,SAAS,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;oBAEvC,yBAAyB;oBACzB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;wBACnB,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,mBAAmB,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;oBACtE,CAAC;oBAED,IAAI,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBAC5C,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;oBACjD,CAAC;oBAED,uBAAuB;oBACvB,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,IAAI,GAAG,CAAC,CAAC;oBAEzC,qBAAqB;oBACrB,IAAI,cAAc,CAAC,OAAO,EAAE,CAAC;wBAC3B,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;4BAC9D,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,KAAe,CAAC,CAAC;wBACtC,CAAC,CAAC,CAAC;oBACL,CAAC;oBAED,IAAI,cAAc,CAAC,WAAW,EAAE,CAAC;wBAC/B,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,cAAc,CAAC,WAAW,CAAC,CAAC;oBAC5D,CAAC;oBAED,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;oBAE9B,kBAAkB;oBACjB,OAAe,CAAC,OAAO,GAAG,IAAI,CAAC;oBAChC,OAAO;gBACT,CAAC;gBAED,MAAM,CAAC,KAAK,CAAC,eAAe,QAAQ,EAAE,EAAE,WAAW,CAAC,CAAC;gBACrD,GAAG,CAAC,SAAS,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;gBACjC,GAAG,CAAC,SAAS,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;YACzC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE,YAAY,EAAE;oBAClD,KAAK;oBACL,GAAG,EAAE,QAAQ;iBACd,CAAC,CAAC;YACL,CAAC;YAED,kCAAkC;YAClC,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAAC;YAC9B,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAAC;YAC9B,MAAM,WAAW,GAAG,GAAG,CAAC,GAAG,CAAC;YAE5B,8CAA8C;YAC9C,MAAM,aAAa,GAAG,KAAK,EAAE,IAAS,EAAE,WAAoB,EAAE,EAAE;gBAC9D,IAAI,CAAC;oBACH,MAAM,GAAG,GAAG,QAAQ,EAAE,GAAG,IAAI,OAAO,CAAC,UAAU,IAAI,IAAI,CAAC;oBAExD,MAAM,SAAS,GAAmB;wBAChC,IAAI;wBACJ,MAAM,EAAE,GAAG,CAAC,UAAU;wBACtB,OAAO,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE;wBAC/C,WAAW,EAAE,WAAW,IAAI,GAAG,CAAC,SAAS,CAAC,cAAc,CAAC;wBACzD,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;qBACtB,CAAC;oBAEF,MAAM,cAAc,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;oBACnD,MAAM,CAAC,KAAK,CACV,oBAAoB,QAAQ,UAAU,GAAG,IAAI,EAC7C,UAAU,CACX,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,YAAY,EAAE;wBAChD,KAAK;wBACL,GAAG,EAAE,QAAQ;qBACd,CAAC,CAAC;gBACL,CAAC;YACH,CAAC,CAAC;YAEF,4BAA4B;YAC5B,GAAG,CAAC,IAAI,GAAG,UAAU,IAAS;gBAC5B,aAAa,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;gBACxC,OAAO,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACvC,CAAC,CAAC;YAEF,GAAG,CAAC,IAAI,GAAG,UAAU,IAAS;gBAC5B,aAAa,CAAC,IAAI,CAAC,CAAC;gBACpB,OAAO,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACvC,CAAC,CAAC;YAEF,GAAG,CAAC,GAAG,GAAG,UAAU,IAAU;gBAC5B,IAAI,IAAI,EAAE,CAAC;oBACT,aAAa,CAAC,IAAI,CAAC,CAAC;gBACtB,CAAC;gBACD,OAAO,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACtC,CAAC,CAAC;YAEF,4BAA4B;YAC5B,GAAG,CAAC,YAAY,GAAG,CAAC,UAAe,EAAE,EAAE;gBACrC,MAAM,KAAK,GAAa,EAAE,CAAC;gBAE3B,IAAI,UAAU,CAAC,MAAM;oBAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAC5C,IAAI,UAAU,CAAC,OAAO;oBAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAC9C,IAAI,UAAU,CAAC,OAAO;oBAAE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBAC/C,IAAI,UAAU,CAAC,OAAO;oBAAE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBAC/C,IAAI,UAAU,CAAC,cAAc;oBAAE,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAC7D,IAAI,UAAU,CAAC,SAAS;oBAAE,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBAElD,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,QAAQ;oBACvC,KAAK,CAAC,IAAI,CAAC,WAAW,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;gBAC7C,IAAI,OAAO,UAAU,CAAC,oBAAoB,KAAK,QAAQ,EAAE,CAAC;oBACxD,KAAK,CAAC,IAAI,CACR,0BAA0B,UAAU,CAAC,oBAAoB,EAAE,CAC5D,CAAC;gBACJ,CAAC;gBAED,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;gBACjD,OAAO,GAAG,CAAC;YACb,CAAC,CAAC;YAEF,sBAAsB;YACtB,IAAI,OAAO,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBAC3B,GAAG,CAAC,YAAY,GAAG,CAAC,OAAwB,EAAE,EAAE;oBAC9C,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;oBACjC,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;oBACpE,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;oBACnD,OAAO,GAAG,MAAM,IAAI,IAAI,GAAG,CAAC;gBAC9B,CAAC,CAAC;YACJ,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE,cAAc,EAAE;YACxD,OAAO,EAAE,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ;YACzE,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,MAAM;SACzD,CAAC,CAAC;IACL,CAAC;CACF,CAAC,CAAC;AAvNU,QAAA,KAAK,SAuNf"}

package/dist/core/middleware/built-in/cdn.d.ts

@@ -0,0 +1,3 @@
+import { MiddlewareInterface } from "../../../types/hooks";
+import { CDNOptions } from "../../../types/cdn";
+export declare const cdn: (options?: CDNOptions) => MiddlewareInterface;

package/dist/core/middleware/built-in/cdn.js

@@ -0,0 +1,115 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cdn = void 0;
+const logger_1 = require("../../logger");
+const cdn_1 = require("./adapters/cdn");
+const logger = (0, logger_1.createFrameworkLogger)("CDNMiddleware");
+const cdn = (options = {}) => ({
+    name: "cdn",
+    version: "1.0.0",
+    metadata: {
+        name: "cdn",
+        version: "1.0.0",
+        description: "Built-in CDN middleware with pluggable provider adapters",
+        author: "MoroJS Team",
+    },
+    install: async (hooks, middlewareOptions = {}) => {
+        logger.debug("Installing CDN middleware", "Installation");
+        // Initialize CDN adapter
+        let cdnAdapter = null;
+        if (options.adapter &&
+            typeof options.adapter === "object" &&
+            "purge" in options.adapter) {
+            cdnAdapter = options.adapter;
+        }
+        else if (typeof options.adapter === "string") {
+            cdnAdapter = (0, cdn_1.createCDNAdapter)(options.adapter, options.adapterOptions);
+        }
+        if (!cdnAdapter) {
+            logger.warn("No CDN adapter configured, CDN features will be disabled", "Installation");
+            return;
+        }
+        hooks.before("request", async (context) => {
+            const req = context.request;
+            const res = context.response;
+            // Set CDN headers on all responses
+            if (cdnAdapter) {
+                cdnAdapter.setHeaders(res);
+            }
+            // Add CDN methods to response
+            res.purgeCDN = async (urls) => {
+                if (!cdnAdapter) {
+                    logger.warn("CDN purge requested but no adapter configured", "CDNPurge");
+                    return;
+                }
+                try {
+                    const urlsToPurge = urls || [req.path];
+                    await cdnAdapter.purge(urlsToPurge);
+                    logger.info(`CDN cache purged: ${urlsToPurge.join(", ")}`, "CDNPurge");
+                }
+                catch (error) {
+                    logger.error("CDN purge failed", "CDNError", { error, urls });
+                    throw error;
+                }
+            };
+            res.prefetchCDN = async (urls) => {
+                if (!cdnAdapter || !cdnAdapter.prefetch) {
+                    logger.warn("CDN prefetch requested but not supported by adapter", "CDNPrefetch");
+                    return;
+                }
+                try {
+                    await cdnAdapter.prefetch(urls);
+                    logger.info(`CDN prefetch requested: ${urls.join(", ")}`, "CDNPrefetch");
+                }
+                catch (error) {
+                    logger.error("CDN prefetch failed", "CDNError", { error, urls });
+                }
+            };
+            res.getCDNStats = async () => {
+                if (!cdnAdapter || !cdnAdapter.getStats) {
+                    logger.warn("CDN stats requested but not supported by adapter", "CDNStats");
+                    return null;
+                }
+                try {
+                    const stats = await cdnAdapter.getStats();
+                    logger.debug("CDN stats retrieved", "CDNStats");
+                    return stats;
+                }
+                catch (error) {
+                    logger.error("CDN stats retrieval failed", "CDNError", { error });
+                    return null;
+                }
+            };
+        });
+        // Auto-invalidation on certain patterns
+        if (options.autoInvalidate && options.invalidationPatterns) {
+            hooks.after("response", async (context) => {
+                const req = context.request;
+                const res = context.response;
+                // Check if this request matches invalidation patterns
+                const shouldInvalidate = options.invalidationPatterns?.some((pattern) => {
+                    const regex = new RegExp(pattern);
+                    return regex.test(req.path);
+                });
+                if (shouldInvalidate && cdnAdapter) {
+                    try {
+                        await cdnAdapter.purge([req.path]);
+                        logger.debug(`Auto-invalidated CDN cache for: ${req.path}`, "CDNAutoInvalidate");
+                    }
+                    catch (error) {
+                        logger.error("CDN auto-invalidation failed", "CDNError", {
+                            error,
+                            path: req.path,
+                        });
+                    }
+                }
+            });
+        }
+        logger.info("CDN middleware installed", "Installation", {
+            adapter: typeof options.adapter === "string" ? options.adapter : "custom",
+            autoInvalidate: !!options.autoInvalidate,
+        });
+    },
+});
+exports.cdn = cdn;
+//# sourceMappingURL=cdn.js.map

package/dist/core/middleware/built-in/cdn.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cdn.js","sourceRoot":"","sources":["../../../../src/core/middleware/built-in/cdn.ts"],"names":[],"mappings":";;;AAGA,yCAAqD;AACrD,wCAAkD;AAElD,MAAM,MAAM,GAAG,IAAA,8BAAqB,EAAC,eAAe,CAAC,CAAC;AAE/C,MAAM,GAAG,GAAG,CAAC,UAAsB,EAAE,EAAuB,EAAE,CAAC,CAAC;IACrE,IAAI,EAAE,KAAK;IACX,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE;QACR,IAAI,EAAE,KAAK;QACX,OAAO,EAAE,OAAO;QAChB,WAAW,EAAE,0DAA0D;QACvE,MAAM,EAAE,aAAa;KACtB;IAED,OAAO,EAAE,KAAK,EAAE,KAAU,EAAE,oBAAyB,EAAE,EAAE,EAAE;QACzD,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,cAAc,CAAC,CAAC;QAE1D,yBAAyB;QACzB,IAAI,UAAU,GAAsB,IAAI,CAAC;QAEzC,IACE,OAAO,CAAC,OAAO;YACf,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;YACnC,OAAO,IAAI,OAAO,CAAC,OAAO,EAC1B,CAAC;YACD,UAAU,GAAG,OAAO,CAAC,OAAqB,CAAC;QAC7C,CAAC;aAAM,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YAC/C,UAAU,GAAG,IAAA,sBAAgB,EAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;QACzE,CAAC;QAED,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,CAAC,IAAI,CACT,0DAA0D,EAC1D,cAAc,CACf,CAAC;YACF,OAAO;QACT,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,OAAoB,EAAE,EAAE;YACrD,MAAM,GAAG,GAAG,OAAO,CAAC,OAAc,CAAC;YACnC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAe,CAAC;YAEpC,mCAAmC;YACnC,IAAI,UAAU,EAAE,CAAC;gBACf,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YAC7B,CAAC;YAED,8BAA8B;YAC9B,GAAG,CAAC,QAAQ,GAAG,KAAK,EAAE,IAAe,EAAE,EAAE;gBACvC,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,CAAC,IAAI,CACT,+CAA+C,EAC/C,UAAU,CACX,CAAC;oBACF,OAAO;gBACT,CAAC;gBAED,IAAI,CAAC;oBACH,MAAM,WAAW,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;oBACvC,MAAM,UAAU,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;oBACpC,MAAM,CAAC,IAAI,CACT,qBAAqB,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAC7C,UAAU,CACX,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,KAAK,CAAC,kBAAkB,EAAE,UAAU,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;oBAC9D,MAAM,KAAK,CAAC;gBACd,CAAC;YACH,CAAC,CAAC;YAEF,GAAG,CAAC,WAAW,GAAG,KAAK,EAAE,IAAc,EAAE,EAAE;gBACzC,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;oBACxC,MAAM,CAAC,IAAI,CACT,qDAAqD,EACrD,aAAa,CACd,CAAC;oBACF,OAAO;gBACT,CAAC;gBAED,IAAI,CAAC;oBACH,MAAM,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;oBAChC,MAAM,CAAC,IAAI,CACT,2BAA2B,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAC5C,aAAa,CACd,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,UAAU,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;gBACnE,CAAC;YACH,CAAC,CAAC;YAEF,GAAG,CAAC,WAAW,GAAG,KAAK,IAAI,EAAE;gBAC3B,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;oBACxC,MAAM,CAAC,IAAI,CACT,kDAAkD,EAClD,UAAU,CACX,CAAC;oBACF,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,IAAI,CAAC;oBACH,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,CAAC;oBAC1C,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,UAAU,CAAC,CAAC;oBAChD,OAAO,KAAK,CAAC;gBACf,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,UAAU,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;oBAClE,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,wCAAwC;QACxC,IAAI,OAAO,CAAC,cAAc,IAAI,OAAO,CAAC,oBAAoB,EAAE,CAAC;YAC3D,KAAK,CAAC,KAAK,CAAC,UAAU,EAAE,KAAK,EAAE,OAAoB,EAAE,EAAE;gBACrD,MAAM,GAAG,GAAG,OAAO,CAAC,OAAc,CAAC;gBACnC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAe,CAAC;gBAEpC,sDAAsD;gBACtD,MAAM,gBAAgB,GAAG,OAAO,CAAC,oBAAoB,EAAE,IAAI,CACzD,CAAC,OAAO,EAAE,EAAE;oBACV,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC;oBAClC,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBAC9B,CAAC,CACF,CAAC;gBAEF,IAAI,gBAAgB,IAAI,UAAU,EAAE,CAAC;oBACnC,IAAI,CAAC;wBACH,MAAM,UAAU,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC;wBACnC,MAAM,CAAC,KAAK,CACV,mCAAmC,GAAG,CAAC,IAAI,EAAE,EAC7C,mBAAmB,CACpB,CAAC;oBACJ,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,UAAU,EAAE;4BACvD,KAAK;4BACL,IAAI,EAAE,GAAG,CAAC,IAAI;yBACf,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,cAAc,EAAE;YACtD,OAAO,EAAE,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ;YACzE,cAAc,EAAE,CAAC,CAAC,OAAO,CAAC,cAAc;SACzC,CAAC,CAAC;IACL,CAAC;CACF,CAAC,CAAC;AA9IU,QAAA,GAAG,OA8Ib"}

package/dist/core/middleware/built-in/cookie.d.ts

@@ -0,0 +1,14 @@
+import { MiddlewareInterface } from "../../../types/hooks";
+export interface CookieOptions {
+    maxAge?: number;
+    expires?: Date;
+    httpOnly?: boolean;
+    secure?: boolean;
+    sameSite?: "strict" | "lax" | "none";
+    domain?: string;
+    path?: string;
+}
+export declare const cookie: (options?: {
+    secret?: string;
+    signed?: boolean;
+}) => MiddlewareInterface;

package/dist/core/middleware/built-in/cookie.js

@@ -0,0 +1,68 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cookie = void 0;
+const logger_1 = require("../../logger");
+const logger = (0, logger_1.createFrameworkLogger)("CookieMiddleware");
+const cookie = (options = {}) => ({
+    name: "cookie",
+    version: "1.0.0",
+    metadata: {
+        name: "cookie",
+        version: "1.0.0",
+        description: "Cookie parsing and setting middleware with security features",
+        author: "MoroJS Team",
+    },
+    install: async (hooks, options = {}) => {
+        logger.debug("Installing cookie middleware", "Installation");
+        hooks.before("request", async (context) => {
+            const req = context.request;
+            const res = context.response;
+            // Parse cookies from request
+            req.cookies = parseCookies(req.headers.cookie || "");
+            // Add cookie methods to response
+            res.cookie = (name, value, options = {}) => {
+                const cookieValue = encodeURIComponent(value);
+                let cookieString = `${name}=${cookieValue}`;
+                if (options.maxAge)
+                    cookieString += `; Max-Age=${options.maxAge}`;
+                if (options.expires)
+                    cookieString += `; Expires=${options.expires.toUTCString()}`;
+                if (options.httpOnly)
+                    cookieString += "; HttpOnly";
+                if (options.secure)
+                    cookieString += "; Secure";
+                if (options.sameSite)
+                    cookieString += `; SameSite=${options.sameSite}`;
+                if (options.domain)
+                    cookieString += `; Domain=${options.domain}`;
+                if (options.path)
+                    cookieString += `; Path=${options.path}`;
+                const existingCookies = res.getHeader("Set-Cookie") || [];
+                const cookies = Array.isArray(existingCookies)
+                    ? [...existingCookies]
+                    : [existingCookies];
+                cookies.push(cookieString);
+                res.setHeader("Set-Cookie", cookies);
+                return res;
+            };
+            res.clearCookie = (name, options = {}) => {
+                const clearOptions = { ...options, expires: new Date(0), maxAge: 0 };
+                return res.cookie(name, "", clearOptions);
+            };
+        });
+    },
+});
+exports.cookie = cookie;
+function parseCookies(cookieHeader) {
+    const cookies = {};
+    if (!cookieHeader)
+        return cookies;
+    cookieHeader.split(";").forEach((cookie) => {
+        const [name, value] = cookie.trim().split("=");
+        if (name && value) {
+            cookies[name] = decodeURIComponent(value);
+        }
+    });
+    return cookies;
+}
+//# sourceMappingURL=cookie.js.map

package/dist/core/middleware/built-in/cookie.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cookie.js","sourceRoot":"","sources":["../../../../src/core/middleware/built-in/cookie.ts"],"names":[],"mappings":";;;AAEA,yCAAqD;AAErD,MAAM,MAAM,GAAG,IAAA,8BAAqB,EAAC,kBAAkB,CAAC,CAAC;AAYlD,MAAM,MAAM,GAAG,CACpB,UAGI,EAAE,EACe,EAAE,CAAC,CAAC;IACzB,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE;QACR,IAAI,EAAE,QAAQ;QACd,OAAO,EAAE,OAAO;QAChB,WAAW,EAAE,8DAA8D;QAC3E,MAAM,EAAE,aAAa;KACtB;IAED,OAAO,EAAE,KAAK,EAAE,KAAU,EAAE,UAAe,EAAE,EAAE,EAAE;QAC/C,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,cAAc,CAAC,CAAC;QAE7D,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,OAAoB,EAAE,EAAE;YACrD,MAAM,GAAG,GAAG,OAAO,CAAC,OAAc,CAAC;YACnC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAe,CAAC;YAEpC,6BAA6B;YAC7B,GAAG,CAAC,OAAO,GAAG,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;YAErD,iCAAiC;YACjC,GAAG,CAAC,MAAM,GAAG,CACX,IAAY,EACZ,KAAa,EACb,UAAyB,EAAE,EAC3B,EAAE;gBACF,MAAM,WAAW,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;gBAC9C,IAAI,YAAY,GAAG,GAAG,IAAI,IAAI,WAAW,EAAE,CAAC;gBAE5C,IAAI,OAAO,CAAC,MAAM;oBAAE,YAAY,IAAI,aAAa,OAAO,CAAC,MAAM,EAAE,CAAC;gBAClE,IAAI,OAAO,CAAC,OAAO;oBACjB,YAAY,IAAI,aAAa,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC;gBAC/D,IAAI,OAAO,CAAC,QAAQ;oBAAE,YAAY,IAAI,YAAY,CAAC;gBACnD,IAAI,OAAO,CAAC,MAAM;oBAAE,YAAY,IAAI,UAAU,CAAC;gBAC/C,IAAI,OAAO,CAAC,QAAQ;oBAAE,YAAY,IAAI,cAAc,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACvE,IAAI,OAAO,CAAC,MAAM;oBAAE,YAAY,IAAI,YAAY,OAAO,CAAC,MAAM,EAAE,CAAC;gBACjE,IAAI,OAAO,CAAC,IAAI;oBAAE,YAAY,IAAI,UAAU,OAAO,CAAC,IAAI,EAAE,CAAC;gBAE3D,MAAM,eAAe,GAAG,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;gBAC1D,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC;oBAC5C,CAAC,CAAC,CAAC,GAAG,eAAe,CAAC;oBACtB,CAAC,CAAC,CAAC,eAAyB,CAAC,CAAC;gBAChC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;gBAC3B,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;gBAErC,OAAO,GAAG,CAAC;YACb,CAAC,CAAC;YAEF,GAAG,CAAC,WAAW,GAAG,CAAC,IAAY,EAAE,UAAyB,EAAE,EAAE,EAAE;gBAC9D,MAAM,YAAY,GAAG,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;gBACrE,OAAO,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,EAAE,YAAY,CAAC,CAAC;YAC5C,CAAC,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;CACF,CAAC,CAAC;AA3DU,QAAA,MAAM,UA2DhB;AAEH,SAAS,YAAY,CAAC,YAAoB;IACxC,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,IAAI,CAAC,YAAY;QAAE,OAAO,OAAO,CAAC;IAElC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QACzC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/C,IAAI,IAAI,IAAI,KAAK,EAAE,CAAC;YAClB,OAAO,CAAC,IAAI,CAAC,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/core/middleware/built-in/cors.d.ts

@@ -0,0 +1,2 @@
+import { MiddlewareInterface } from "../../../types/hooks";
+export declare const cors: (options?: any) => MiddlewareInterface;

package/dist/core/middleware/built-in/cors.js

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cors = void 0;
+const logger_1 = require("../../logger");
+const logger = (0, logger_1.createFrameworkLogger)("CorsMiddleware");
+const cors = (options = {}) => ({
+    name: "cors",
+    version: "1.0.0",
+    metadata: {
+        name: "cors",
+        version: "1.0.0",
+        description: "Cross-Origin Resource Sharing middleware",
+        author: "MoroJS Team",
+    },
+    install: async (hooks, options = {}) => {
+        logger.debug("Installing CORS middleware", "Installation", { options });
+        hooks.before("request", async (context) => {
+            const response = context.response;
+            response.setHeader("Access-Control-Allow-Origin", options.origin || "*");
+            response.setHeader("Access-Control-Allow-Methods", options.methods || "GET,POST,PUT,DELETE,OPTIONS");
+            response.setHeader("Access-Control-Allow-Headers", options.headers || "Content-Type,Authorization");
+            if (options.credentials) {
+                response.setHeader("Access-Control-Allow-Credentials", "true");
+            }
+        });
+    },
+});
+exports.cors = cors;
+//# sourceMappingURL=cors.js.map

package/dist/core/middleware/built-in/cors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cors.js","sourceRoot":"","sources":["../../../../src/core/middleware/built-in/cors.ts"],"names":[],"mappings":";;;AAEA,yCAAqD;AAErD,MAAM,MAAM,GAAG,IAAA,8BAAqB,EAAC,gBAAgB,CAAC,CAAC;AAEhD,MAAM,IAAI,GAAG,CAAC,UAAe,EAAE,EAAuB,EAAE,CAAC,CAAC;IAC/D,IAAI,EAAE,MAAM;IACZ,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM;QACZ,OAAO,EAAE,OAAO;QAChB,WAAW,EAAE,0CAA0C;QACvD,MAAM,EAAE,aAAa;KACtB;IAED,OAAO,EAAE,KAAK,EAAE,KAAU,EAAE,UAAe,EAAE,EAAE,EAAE;QAC/C,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,cAAc,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;QAExE,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,OAAoB,EAAE,EAAE;YACrD,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAe,CAAC;YAEzC,QAAQ,CAAC,SAAS,CAAC,6BAA6B,EAAE,OAAO,CAAC,MAAM,IAAI,GAAG,CAAC,CAAC;YACzE,QAAQ,CAAC,SAAS,CAChB,8BAA8B,EAC9B,OAAO,CAAC,OAAO,IAAI,6BAA6B,CACjD,CAAC;YACF,QAAQ,CAAC,SAAS,CAChB,8BAA8B,EAC9B,OAAO,CAAC,OAAO,IAAI,4BAA4B,CAChD,CAAC;YAEF,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;gBACxB,QAAQ,CAAC,SAAS,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAC;YACjE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF,CAAC,CAAC;AA/BU,QAAA,IAAI,QA+Bd"}

package/dist/core/middleware/built-in/csp.d.ts

@@ -0,0 +1,22 @@
+import { MiddlewareInterface } from "../../../types/hooks";
+export declare const csp: (options?: {
+    directives?: {
+        defaultSrc?: string[];
+        scriptSrc?: string[];
+        styleSrc?: string[];
+        imgSrc?: string[];
+        connectSrc?: string[];
+        fontSrc?: string[];
+        objectSrc?: string[];
+        mediaSrc?: string[];
+        frameSrc?: string[];
+        childSrc?: string[];
+        workerSrc?: string[];
+        formAction?: string[];
+        upgradeInsecureRequests?: boolean;
+        blockAllMixedContent?: boolean;
+    };
+    reportOnly?: boolean;
+    reportUri?: string;
+    nonce?: boolean;
+}) => MiddlewareInterface;

package/dist/core/middleware/built-in/csp.js

@@ -0,0 +1,74 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.csp = void 0;
+const logger_1 = require("../../logger");
+const logger = (0, logger_1.createFrameworkLogger)("CSPMiddleware");
+const csp = (options = {}) => ({
+    name: "csp",
+    version: "1.0.0",
+    metadata: {
+        name: "csp",
+        version: "1.0.0",
+        description: "Content Security Policy middleware with nonce support and violation reporting",
+        author: "MoroJS Team",
+    },
+    install: async (hooks, middlewareOptions = {}) => {
+        logger.debug("Installing CSP middleware", "Installation");
+        hooks.before("request", async (context) => {
+            const req = context.request;
+            const res = context.response;
+            const directives = options.directives || {
+                defaultSrc: ["'self'"],
+                scriptSrc: ["'self'"],
+                styleSrc: ["'self'", "'unsafe-inline'"],
+                imgSrc: ["'self'", "data:", "https:"],
+                connectSrc: ["'self'"],
+                fontSrc: ["'self'"],
+                objectSrc: ["'none'"],
+                mediaSrc: ["'self'"],
+                frameSrc: ["'none'"],
+            };
+            // Generate nonce if requested
+            let nonce;
+            if (options.nonce) {
+                const crypto = require("crypto");
+                nonce = crypto.randomBytes(16).toString("base64");
+                req.cspNonce = nonce;
+            }
+            // Build CSP header value
+            const cspParts = [];
+            for (const [directive, sources] of Object.entries(directives)) {
+                if (directive === "upgradeInsecureRequests" && sources === true) {
+                    cspParts.push("upgrade-insecure-requests");
+                }
+                else if (directive === "blockAllMixedContent" && sources === true) {
+                    cspParts.push("block-all-mixed-content");
+                }
+                else if (Array.isArray(sources)) {
+                    let sourceList = sources.join(" ");
+                    // Add nonce to script-src and style-src if enabled
+                    if (nonce &&
+                        (directive === "scriptSrc" || directive === "styleSrc")) {
+                        sourceList += ` 'nonce-${nonce}'`;
+                    }
+                    // Convert camelCase to kebab-case
+                    const kebabDirective = directive
+                        .replace(/([A-Z])/g, "-$1")
+                        .toLowerCase();
+                    cspParts.push(`${kebabDirective} ${sourceList}`);
+                }
+            }
+            // Add report-uri if specified
+            if (options.reportUri) {
+                cspParts.push(`report-uri ${options.reportUri}`);
+            }
+            const cspValue = cspParts.join("; ");
+            const headerName = options.reportOnly
+                ? "Content-Security-Policy-Report-Only"
+                : "Content-Security-Policy";
+            res.setHeader(headerName, cspValue);
+        });
+    },
+});
+exports.csp = csp;
+//# sourceMappingURL=csp.js.map

package/dist/core/middleware/built-in/csp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"csp.js","sourceRoot":"","sources":["../../../../src/core/middleware/built-in/csp.ts"],"names":[],"mappings":";;;AAEA,yCAAqD;AAErD,MAAM,MAAM,GAAG,IAAA,8BAAqB,EAAC,eAAe,CAAC,CAAC;AAE/C,MAAM,GAAG,GAAG,CACjB,UAoBI,EAAE,EACe,EAAE,CAAC,CAAC;IACzB,IAAI,EAAE,KAAK;IACX,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE;QACR,IAAI,EAAE,KAAK;QACX,OAAO,EAAE,OAAO;QAChB,WAAW,EACT,+EAA+E;QACjF,MAAM,EAAE,aAAa;KACtB;IAED,OAAO,EAAE,KAAK,EAAE,KAAU,EAAE,oBAAyB,EAAE,EAAE,EAAE;QACzD,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,cAAc,CAAC,CAAC;QAE1D,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,OAAoB,EAAE,EAAE;YACrD,MAAM,GAAG,GAAG,OAAO,CAAC,OAAc,CAAC;YACnC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAe,CAAC;YAEpC,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI;gBACvC,UAAU,EAAE,CAAC,QAAQ,CAAC;gBACtB,SAAS,EAAE,CAAC,QAAQ,CAAC;gBACrB,QAAQ,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;gBACvC,MAAM,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC;gBACrC,UAAU,EAAE,CAAC,QAAQ,CAAC;gBACtB,OAAO,EAAE,CAAC,QAAQ,CAAC;gBACnB,SAAS,EAAE,CAAC,QAAQ,CAAC;gBACrB,QAAQ,EAAE,CAAC,QAAQ,CAAC;gBACpB,QAAQ,EAAE,CAAC,QAAQ,CAAC;aACrB,CAAC;YAEF,8BAA8B;YAC9B,IAAI,KAAyB,CAAC;YAC9B,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;gBAClB,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACjC,KAAK,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAClD,GAAG,CAAC,QAAQ,GAAG,KAAK,CAAC;YACvB,CAAC;YAED,yBAAyB;YACzB,MAAM,QAAQ,GAAa,EAAE,CAAC;YAE9B,KAAK,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC9D,IAAI,SAAS,KAAK,yBAAyB,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;oBAChE,QAAQ,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;gBAC7C,CAAC;qBAAM,IAAI,SAAS,KAAK,sBAAsB,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;oBACpE,QAAQ,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;gBAC3C,CAAC;qBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;oBAClC,IAAI,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBAEnC,mDAAmD;oBACnD,IACE,KAAK;wBACL,CAAC,SAAS,KAAK,WAAW,IAAI,SAAS,KAAK,UAAU,CAAC,EACvD,CAAC;wBACD,UAAU,IAAI,WAAW,KAAK,GAAG,CAAC;oBACpC,CAAC;oBAED,kCAAkC;oBAClC,MAAM,cAAc,GAAG,SAAS;yBAC7B,OAAO,CAAC,UAAU,EAAE,KAAK,CAAC;yBAC1B,WAAW,EAAE,CAAC;oBACjB,QAAQ,CAAC,IAAI,CAAC,GAAG,cAAc,IAAI,UAAU,EAAE,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;YAED,8BAA8B;YAC9B,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;gBACtB,QAAQ,CAAC,IAAI,CAAC,cAAc,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;YACnD,CAAC;YAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU;gBACnC,CAAC,CAAC,qCAAqC;gBACvC,CAAC,CAAC,yBAAyB,CAAC;YAE9B,GAAG,CAAC,SAAS,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;IACL,CAAC;CACF,CAAC,CAAC;AApGU,QAAA,GAAG,OAoGb"}

package/dist/core/middleware/built-in/csrf.d.ts

@@ -0,0 +1,9 @@
+import { MiddlewareInterface } from "../../../types/hooks";
+export declare const csrf: (options?: {
+    secret?: string;
+    tokenLength?: number;
+    cookieName?: string;
+    headerName?: string;
+    ignoreMethods?: string[];
+    sameSite?: boolean;
+}) => MiddlewareInterface;

package/dist/core/middleware/built-in/csrf.js

@@ -0,0 +1,66 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.csrf = void 0;
+const logger_1 = require("../../logger");
+const logger = (0, logger_1.createFrameworkLogger)("CSRFMiddleware");
+const csrf = (options = {}) => ({
+    name: "csrf",
+    version: "1.0.0",
+    metadata: {
+        name: "csrf",
+        version: "1.0.0",
+        description: "CSRF protection middleware with token generation and validation",
+        author: "MoroJS Team",
+    },
+    install: async (hooks, middlewareOptions = {}) => {
+        logger.debug("Installing CSRF middleware", "Installation");
+        const secret = options.secret || "moro-csrf-secret";
+        const tokenLength = options.tokenLength || 32;
+        const cookieName = options.cookieName || "_csrf";
+        const headerName = options.headerName || "x-csrf-token";
+        const ignoreMethods = options.ignoreMethods || ["GET", "HEAD", "OPTIONS"];
+        const generateToken = () => {
+            const crypto = require("crypto");
+            return crypto.randomBytes(tokenLength).toString("hex");
+        };
+        const verifyToken = (token, sessionToken) => {
+            return token && sessionToken && token === sessionToken;
+        };
+        hooks.before("request", async (context) => {
+            const req = context.request;
+            const res = context.response;
+            // Add CSRF token generation method
+            req.csrfToken = () => {
+                if (!req._csrfToken) {
+                    req._csrfToken = generateToken();
+                    // Set token in cookie
+                    res.cookie(cookieName, req._csrfToken, {
+                        httpOnly: true,
+                        sameSite: options.sameSite !== false ? "strict" : undefined,
+                        secure: req.headers["x-forwarded-proto"] === "https" ||
+                            req.socket.encrypted,
+                    });
+                }
+                return req._csrfToken;
+            };
+            // Skip verification for safe methods
+            if (ignoreMethods.includes(req.method)) {
+                return;
+            }
+            // Get token from header or body
+            const token = req.headers[headerName] ||
+                (req.body && req.body._csrf) ||
+                (req.query && req.query._csrf);
+            // Get session token from cookie
+            const sessionToken = req.cookies?.[cookieName];
+            if (!verifyToken(token, sessionToken || "")) {
+                const error = new Error("Invalid CSRF token");
+                error.status = 403;
+                error.code = "CSRF_TOKEN_MISMATCH";
+                throw error;
+            }
+        });
+    },
+});
+exports.csrf = csrf;
+//# sourceMappingURL=csrf.js.map

package/dist/core/middleware/built-in/csrf.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"csrf.js","sourceRoot":"","sources":["../../../../src/core/middleware/built-in/csrf.ts"],"names":[],"mappings":";;;AAEA,yCAAqD;AAErD,MAAM,MAAM,GAAG,IAAA,8BAAqB,EAAC,gBAAgB,CAAC,CAAC;AAEhD,MAAM,IAAI,GAAG,CAClB,UAOI,EAAE,EACe,EAAE,CAAC,CAAC;IACzB,IAAI,EAAE,MAAM;IACZ,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM;QACZ,OAAO,EAAE,OAAO;QAChB,WAAW,EACT,iEAAiE;QACnE,MAAM,EAAE,aAAa;KACtB;IAED,OAAO,EAAE,KAAK,EAAE,KAAU,EAAE,oBAAyB,EAAE,EAAE,EAAE;QACzD,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,cAAc,CAAC,CAAC;QAE3D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,kBAAkB,CAAC;QACpD,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,EAAE,CAAC;QAC9C,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC;QACjD,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,cAAc,CAAC;QACxD,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QAE1E,MAAM,aAAa,GAAG,GAAG,EAAE;YACzB,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;YACjC,OAAO,MAAM,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACzD,CAAC,CAAC;QAEF,MAAM,WAAW,GAAG,CAAC,KAAa,EAAE,YAAoB,EAAE,EAAE;YAC1D,OAAO,KAAK,IAAI,YAAY,IAAI,KAAK,KAAK,YAAY,CAAC;QACzD,CAAC,CAAC;QAEF,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,OAAoB,EAAE,EAAE;YACrD,MAAM,GAAG,GAAG,OAAO,CAAC,OAAc,CAAC;YACnC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAe,CAAC;YAEpC,mCAAmC;YACnC,GAAG,CAAC,SAAS,GAAG,GAAG,EAAE;gBACnB,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC;oBACpB,GAAG,CAAC,UAAU,GAAG,aAAa,EAAE,CAAC;oBACjC,sBAAsB;oBACtB,GAAG,CAAC,MAAM,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,EAAE;wBACrC,QAAQ,EAAE,IAAI;wBACd,QAAQ,EAAE,OAAO,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;wBAC3D,MAAM,EACJ,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,OAAO;4BAC3C,GAAG,CAAC,MAAc,CAAC,SAAS;qBAChC,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO,GAAG,CAAC,UAAU,CAAC;YACxB,CAAC,CAAC;YAEF,qCAAqC;YACrC,IAAI,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAO,CAAC,EAAE,CAAC;gBACxC,OAAO;YACT,CAAC;YAED,gCAAgC;YAChC,MAAM,KAAK,GACT,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC;gBACvB,CAAC,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC;gBAC5B,CAAC,GAAG,CAAC,KAAK,IAAI,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAEjC,gCAAgC;YAChC,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,UAAU,CAAC,CAAC;YAE/C,IAAI,CAAC,WAAW,CAAC,KAAe,EAAE,YAAY,IAAI,EAAE,CAAC,EAAE,CAAC;gBACtD,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;gBAC7C,KAAa,CAAC,MAAM,GAAG,GAAG,CAAC;gBAC3B,KAAa,CAAC,IAAI,GAAG,qBAAqB,CAAC;gBAC5C,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF,CAAC,CAAC;AAhFU,QAAA,IAAI,QAgFd"}