@morojs/moro 1.6.1 → 1.6.2

package/src/core/http/http-server.ts

@@ -1,9 +1,19 @@
 // src/core/http-server.ts
 import { IncomingMessage, ServerResponse, createServer, Server } from 'http';
 import * as zlib from 'zlib';
+import { createReadStream } from 'fs';
+import * as crypto from 'crypto';
 import { promisify } from 'util';
-import { createFrameworkLogger } from '../logger';
-import { HttpRequest, HttpResponse, HttpHandler, Middleware, RouteEntry } from '../../types/http';
+import { createFrameworkLogger } from '../logger/index.js';
+import {
+  HttpRequest,
+  HttpResponse,
+  HttpHandler,
+  Middleware,
+  RouteEntry,
+} from '../../types/http.js';
+import { PathMatcher } from '../routing/path-matcher.js';
+import { ObjectPoolManager } from '../pooling/object-pool-manager.js';
 
 const gzip = promisify(zlib.gzip);
 const deflate = promisify(zlib.deflate);
@@ -14,41 +24,15 @@ export class MoroHttpServer {
   private globalMiddleware: Middleware[] = [];
   private compressionEnabled = true;
   private compressionThreshold = 1024;
+  private requestTrackingEnabled = true; // Generate request IDs
   private logger = createFrameworkLogger('HttpServer');
   private hookManager: any;
   private requestCounter = 0;
 
-  // Efficient object pooling with minimal overhead
-  private paramObjectPool: Record<string, string>[] = [];
-  private bufferPool: Buffer[] = [];
-  private readonly maxPoolSize = 50;
-
-  // Request handler pooling to avoid function creation overhead
-  private middlewareExecutionCache = new Map<string, Function>();
-
-  // String interning for common values (massive memory savings)
-  private static readonly INTERNED_METHODS = new Map([
-    ['GET', 'GET'],
-    ['POST', 'POST'],
-    ['PUT', 'PUT'],
-    ['DELETE', 'DELETE'],
-    ['PATCH', 'PATCH'],
-    ['HEAD', 'HEAD'],
-    ['OPTIONS', 'OPTIONS'],
-  ]);
-
-  private static readonly INTERNED_HEADERS = new Map([
-    ['content-type', 'content-type'],
-    ['content-length', 'content-length'],
-    ['authorization', 'authorization'],
-    ['accept', 'accept'],
-    ['user-agent', 'user-agent'],
-    ['host', 'host'],
-    ['connection', 'connection'],
-    ['cache-control', 'cache-control'],
-  ]);
-
-  // Pre-compiled response templates for ultra-common responses
+  // Use shared object pool manager
+  private poolManager = ObjectPoolManager.getInstance();
+
+  // Pre-compiled response templates for common responses
   private static readonly RESPONSE_TEMPLATES = {
     notFound: Buffer.from('{"success":false,"error":"Not found"}'),
     unauthorized: Buffer.from('{"success":false,"error":"Unauthorized"}'),
@@ -58,7 +42,7 @@ export class MoroHttpServer {
     rateLimited: Buffer.from('{"success":false,"error":"Rate limit exceeded"}'),
   };
 
-  // Ultra-fast buffer pool for zero-copy operations (Rust-level performance)
+  // Buffer pool for zero-copy operations
   private static readonly BUFFER_SIZES = [64, 256, 1024, 4096, 16384];
   private static readonly BUFFER_POOLS = new Map<number, Buffer[]>();
 
@@ -126,6 +110,11 @@ export class MoroHttpServer {
     }
   }
 
+  // Configure request tracking (ID generation)
+  setRequestTracking(enabled: boolean): void {
+    this.requestTrackingEnabled = enabled;
+  }
+
   // Middleware management
   use(middleware: Middleware): void {
     this.globalMiddleware.push(middleware);
@@ -193,45 +182,37 @@ export class MoroHttpServer {
   }
 
   private pathToRegex(path: string): { pattern: RegExp; paramNames: string[] } {
-    const paramNames: string[] = [];
-
-    // Convert parameterized routes to regex
-    const regexPattern = path
-      .replace(/\/:([^/]+)/g, (match, paramName) => {
-        paramNames.push(paramName);
-        return '/([^/]+)';
-      })
-      .replace(/\//g, '\\/');
-
+    // Use shared PathMatcher for consistent path compilation
+    const compiled = PathMatcher.compile(path);
     return {
-      pattern: new RegExp(`^${regexPattern}$`),
-      paramNames,
+      pattern: compiled.pattern || new RegExp(`^${path.replace(/\//g, '\\/')}$`),
+      paramNames: compiled.paramNames,
     };
   }
 
   private async handleRequest(req: IncomingMessage, res: ServerResponse): Promise<void> {
     const httpReq = this.enhanceRequest(req);
-    const httpRes = this.enhanceResponse(res);
+    const httpRes = this.enhanceResponse(res, httpReq);
 
     // Store original params for efficient cleanup
     const originalParams = httpReq.params;
 
     try {
-      // Optimized URL and query parsing
+      // Optimized URL and query parsing with object pooling
       const urlString = req.url!;
       const queryIndex = urlString.indexOf('?');
 
       if (queryIndex === -1) {
-        // No query string - fast path
+        // No query string
         httpReq.path = urlString;
         httpReq.query = {};
       } else {
-        // Has query string - parse efficiently
+        // Has query string - parse efficiently with pooled object
         httpReq.path = urlString.substring(0, queryIndex);
-        httpReq.query = this.parseQueryString(urlString.substring(queryIndex + 1));
+        httpReq.query = this.parseQueryStringPooled(urlString.substring(queryIndex + 1));
       }
 
-      // Ultra-fast method checking - avoid array includes
+      // Method checking - avoid array includes
       const method = req.method!;
       if (method === 'POST' || method === 'PUT' || method === 'PATCH') {
         httpReq.body = await this.parseBody(req);
@@ -256,7 +237,7 @@ export class MoroHttpServer {
       // Find matching route
       const route = this.findRoute(req.method!, httpReq.path);
       if (!route) {
-        // Ultra-fast 404 response with pre-compiled buffer
+        // 404 response with pre-compiled buffer
         httpRes.statusCode = 404;
         httpRes.setHeader('Content-Type', 'application/json; charset=utf-8');
         httpRes.setHeader('Content-Length', MoroHttpServer.RESPONSE_TEMPLATES.notFound.length);
@@ -281,18 +262,13 @@ export class MoroHttpServer {
       await route.handler(httpReq, httpRes);
     } catch (error) {
       // Debug: Log the actual error and where it came from
-      this.logger.debug('🚨 MoroJS Request Error Details:', 'RequestHandler');
-      this.logger.debug(`📍 Error type: ${typeof error}`, 'RequestHandler');
-      this.logger.debug(
-        `📍 Error message: ${error instanceof Error ? error.message : String(error)}`,
-        'RequestHandler'
-      );
-      this.logger.debug(
-        `📍 Error stack: ${error instanceof Error ? error.stack : 'No stack trace'}`,
-        'RequestHandler'
-      );
-      this.logger.debug(`📍 Request path: ${req.url}`, 'RequestHandler');
-      this.logger.debug(`📍 Request method: ${req.method}`, 'RequestHandler');
+      this.logger.debug('Request error details', 'RequestHandler', {
+        errorType: typeof error,
+        errorMessage: error instanceof Error ? error.message : String(error),
+        errorStack: error instanceof Error ? error.stack : 'No stack trace',
+        requestPath: req.url,
+        requestMethod: req.method,
+      });
 
       this.logger.error('Request error', 'RequestHandler', {
         error: error instanceof Error ? error.message : String(error),
@@ -310,20 +286,16 @@ export class MoroHttpServer {
             requestId: httpReq.requestId,
           });
         } else {
-          // Ultra-defensive fallback - check each method individually
+          // Defensive fallback - check each method individually
           if (typeof httpRes.setHeader === 'function') {
             httpRes.statusCode = 500;
             httpRes.setHeader('Content-Type', 'application/json');
           } else {
             // Even setHeader doesn't exist - object is completely wrong
-            this.logger.error(
-              '❌ Response object is not a proper ServerResponse:',
-              'RequestHandler',
-              {
-                responseType: typeof httpRes,
-                responseKeys: Object.keys(httpRes),
-              }
-            );
+            this.logger.error('Response object is not a proper ServerResponse', 'RequestHandler', {
+              responseType: typeof httpRes,
+              responseKeys: Object.keys(httpRes),
+            });
           }
 
           if (typeof httpRes.end === 'function') {
@@ -336,7 +308,7 @@ export class MoroHttpServer {
             );
           } else {
             this.logger.error(
-              '❌ Cannot send error response - end() method missing',
+              'Cannot send error response - end() method missing',
               'RequestHandler'
             );
           }
@@ -372,55 +344,32 @@ export class MoroHttpServer {
     });
   }
 
-  // Efficient object pooling for parameter objects with ES2022 optimizations
+  // Use shared object pool for parameter objects
   private acquireParamObject(): Record<string, string> {
-    const obj = this.paramObjectPool.pop();
-    if (obj) {
-      // ES2022: Use Object.hasOwn for safer property checks and faster clearing
-      // Clear existing properties more efficiently
-      for (const key in obj) {
-        if (Object.hasOwn(obj, key)) {
-          delete obj[key];
-        }
-      }
-      return obj;
-    }
-    return {};
+    return this.poolManager.acquireParams();
   }
 
   private releaseParamObject(params: Record<string, string>): void {
-    if (this.paramObjectPool.length < this.maxPoolSize) {
-      this.paramObjectPool.push(params);
-    }
+    this.poolManager.releaseParams(params);
   }
 
   // Force cleanup of all pooled objects
   private forceCleanupPools(): void {
-    // ES2022: More efficient array clearing
-    this.paramObjectPool.splice(0);
-    this.bufferPool.splice(0);
+    // Use shared pool manager cleanup
+    this.poolManager.clearAll();
 
     // Force garbage collection if available
-    // Use modern globalThis check with optional chaining
     if (globalThis?.gc) {
       globalThis.gc();
     }
   }
 
   private acquireBuffer(size: number): Buffer {
-    // ES2022: Use findIndex for better performance than find + indexOf
-    const index = this.bufferPool.findIndex(b => b.length >= size);
-    if (index !== -1) {
-      const buffer = this.bufferPool.splice(index, 1)[0];
-      return buffer.subarray(0, size);
-    }
-    return Buffer.allocUnsafe(size);
+    return this.poolManager.acquireBuffer(size);
   }
 
   private releaseBuffer(buffer: Buffer): void {
-    if (this.bufferPool.length < this.maxPoolSize && buffer.length <= 8192) {
-      this.bufferPool.push(buffer);
-    }
+    this.poolManager.releaseBuffer(buffer);
   }
 
   private streamLargeResponse(res: any, data: any): void {
@@ -444,7 +393,7 @@ export class MoroHttpServer {
       return this.pathNormalizationCache.get(path)!;
     }
 
-    // Fast normalization: remove trailing slash (except root), decode once
+    // Normalization: remove trailing slash (except root), decode once
     let normalized = path;
     if (normalized.length > 1 && normalized.endsWith('/')) {
       normalized = normalized.slice(0, -1);
@@ -465,8 +414,8 @@ export class MoroHttpServer {
     httpReq.body = null;
     httpReq.path = '';
     httpReq.ip = req.socket.remoteAddress || '';
-    // Faster request ID generation
-    httpReq.requestId = Date.now().toString(36) + (++this.requestCounter).toString(36);
+    // Request ID generation using pool manager (if enabled)
+    httpReq.requestId = this.requestTrackingEnabled ? this.poolManager.generateRequestId() : '';
     httpReq.headers = req.headers as Record<string, string>;
 
     // Parse cookies
@@ -489,9 +438,12 @@ export class MoroHttpServer {
     return cookies;
   }
 
-  private enhanceResponse(res: ServerResponse): HttpResponse {
+  private enhanceResponse(res: ServerResponse, req: HttpRequest): HttpResponse {
     const httpRes = res as HttpResponse;
 
+    // Store request reference for access to headers (needed for compression, logging, etc.)
+    (httpRes as any).req = req;
+
     // BULLETPROOF status method - always works
     httpRes.status = (code: number) => {
       httpRes.statusCode = code;
@@ -501,7 +453,7 @@ export class MoroHttpServer {
     httpRes.json = async (data: any) => {
       if (httpRes.headersSent) return;
 
-      // Ultra-fast JSON serialization with zero-copy buffers
+      // JSON serialization with zero-copy buffers
       let jsonString: string;
 
       // Enhanced JSON optimization for common API patterns
@@ -587,6 +539,7 @@ export class MoroHttpServer {
       });
 
       httpRes.end(finalBuffer);
+
       // Return buffer to pool after response (zero-copy achievement!)
       process.nextTick(() => MoroHttpServer.returnBuffer(buffer));
     };
@@ -615,6 +568,26 @@ export class MoroHttpServer {
     };
 
     httpRes.cookie = (name: string, value: string, options: any = {}) => {
+      if (httpRes.headersSent) {
+        const isCritical =
+          options.critical ||
+          name.includes('session') ||
+          name.includes('auth') ||
+          name.includes('csrf');
+        const message = `Cookie '${name}' could not be set - headers already sent`;
+
+        if (isCritical || options.throwOnLateSet) {
+          throw new Error(`${message}. This may cause authentication or security issues.`);
+        } else {
+          this.logger.warn(message, 'CookieWarning', {
+            cookieName: name,
+            critical: isCritical,
+            stackTrace: new Error().stack,
+          });
+        }
+        return httpRes;
+      }
+
       const cookieValue = encodeURIComponent(value);
       let cookieString = `${name}=${cookieValue}`;
 
@@ -678,6 +651,62 @@ export class MoroHttpServer {
       }
     };
 
+    // Header management utilities
+    httpRes.hasHeader = (name: string): boolean => {
+      return httpRes.getHeader(name) !== undefined;
+    };
+
+    // Note: removeHeader is inherited from ServerResponse, we don't override it
+
+    httpRes.setBulkHeaders = (headers: Record<string, string | number>) => {
+      if (httpRes.headersSent) {
+        this.logger.warn('Cannot set headers - headers already sent', 'HeaderWarning', {
+          attemptedHeaders: Object.keys(headers),
+        });
+        return httpRes;
+      }
+
+      Object.entries(headers).forEach(([key, value]) => {
+        httpRes.setHeader(key, value);
+      });
+      return httpRes;
+    };
+
+    httpRes.appendHeader = (name: string, value: string | string[]) => {
+      if (httpRes.headersSent) {
+        this.logger.warn(
+          `Cannot append to header '${name}' - headers already sent`,
+          'HeaderWarning'
+        );
+        return httpRes;
+      }
+
+      const existing = httpRes.getHeader(name);
+      if (existing) {
+        const values = Array.isArray(existing) ? existing : [existing.toString()];
+        const newValues = Array.isArray(value) ? value : [value];
+        httpRes.setHeader(name, [...values, ...newValues]);
+      } else {
+        httpRes.setHeader(name, value);
+      }
+      return httpRes;
+    };
+
+    // Response state utilities
+    httpRes.canSetHeaders = (): boolean => {
+      return !httpRes.headersSent;
+    };
+
+    httpRes.getResponseState = () => {
+      return {
+        headersSent: httpRes.headersSent,
+        statusCode: httpRes.statusCode,
+        headers: httpRes.getHeaders ? httpRes.getHeaders() : {},
+        finished: httpRes.finished || false,
+        writable: httpRes.writable,
+      };
+    };
+
     return httpRes;
   }
 
@@ -815,12 +844,20 @@ export class MoroHttpServer {
     return result;
   }
 
+  // Legacy method for backward compatibility
   private parseQueryString(queryString: string): Record<string, string> {
-    const result: Record<string, string> = {};
-    if (!queryString) return result;
+    return this.parseQueryStringPooled(queryString);
+  }
+
+  // Optimized query string parser with object pooling
+  private parseQueryStringPooled(queryString: string): Record<string, string> {
+    if (!queryString) return {};
 
+    const result = this.poolManager.acquireQuery();
     const pairs = queryString.split('&');
-    for (const pair of pairs) {
+
+    for (let i = 0; i < pairs.length; i++) {
+      const pair = pairs[i];
       const equalIndex = pair.indexOf('=');
       if (equalIndex === -1) {
         result[decodeURIComponent(pair)] = '';
@@ -840,7 +877,7 @@ export class MoroHttpServer {
   private routesBySegmentCount = new Map<number, RouteEntry[]>();
   private pathNormalizationCache = new Map<string, string>();
 
-  // Ultra-fast CPU cache-friendly optimizations (Rust-level performance)
+  // CPU cache-friendly optimizations
   private routeHitCount = new Map<string, number>(); // Track route popularity for cache optimization
   private static readonly HOT_ROUTE_THRESHOLD = 100; // Routes accessed 100+ times get hot path treatment
 
@@ -896,21 +933,25 @@ export class MoroHttpServer {
     return route;
   }
 
+  // Optimized middleware execution with reduced Promise allocation
   private async executeMiddleware(
     middleware: Middleware[],
     req: HttpRequest,
     res: HttpResponse
   ): Promise<void> {
-    for (const mw of middleware) {
+    for (let i = 0; i < middleware.length; i++) {
       // Short-circuit if response already sent
       if (res.headersSent) return;
 
+      const mw = middleware[i];
+
       await new Promise<void>((resolve, reject) => {
-        let nextCalled = false;
+        let resolved = false;
 
+        // Reuse next function to reduce allocations
         const next = () => {
-          if (nextCalled) return;
-          nextCalled = true;
+          if (resolved) return;
+          resolved = true;
           resolve();
         };
 
@@ -918,15 +959,21 @@ export class MoroHttpServer {
           const result = mw(req, res, next);
 
           // Handle async middleware
-          if (result instanceof Promise) {
-            result
+          if (result && typeof (result as any).then === 'function') {
+            (result as Promise<void>)
               .then(() => {
-                if (!nextCalled) next();
+                if (!resolved) next();
               })
               .catch(reject);
+          } else if (!resolved) {
+            // Sync middleware that didn't call next
+            next();
           }
         } catch (error) {
-          reject(error);
+          if (!resolved) {
+            resolved = true;
+            reject(error);
+          }
         }
       });
     }
@@ -962,6 +1009,17 @@ export class MoroHttpServer {
   getServer(): Server {
     return this.server;
   }
+
+  // Performance statistics
+  getPerformanceStats() {
+    const poolStats = this.poolManager.getStats();
+    return {
+      paramObjectPoolSize: poolStats.paramPool.poolSize,
+      queryObjectPoolSize: poolStats.queryPool.poolSize,
+      headerObjectPoolSize: poolStats.headerPool.poolSize,
+      poolManager: poolStats,
+    };
+  }
 }
 
 // Built-in middleware
@@ -998,7 +1056,6 @@ export const middleware = {
   },
 
   compression: (options: { threshold?: number; level?: number } = {}): Middleware => {
-    const zlib = require('zlib');
     const threshold = options.threshold || 1024;
     const level = options.level || 6;
 
@@ -1018,23 +1075,25 @@ export const middleware = {
         }
 
         if (acceptEncoding.includes('gzip')) {
-          res.setHeader('Content-Encoding', 'gzip');
           zlib.gzip(buffer, { level }, (err: any, compressed: Buffer) => {
             if (err) {
               return isJson ? originalJson.call(res, data) : originalSend.call(res, data);
             }
-            res.setHeader('Content-Length', compressed.length);
-            res.writeHead(res.statusCode || 200, res.getHeaders());
+            if (!res.headersSent) {
+              res.setHeader('Content-Encoding', 'gzip');
+              res.setHeader('Content-Length', compressed.length);
+            }
             res.end(compressed);
           });
         } else if (acceptEncoding.includes('deflate')) {
-          res.setHeader('Content-Encoding', 'deflate');
           zlib.deflate(buffer, { level }, (err: any, compressed: Buffer) => {
             if (err) {
               return isJson ? originalJson.call(res, data) : originalSend.call(res, data);
             }
-            res.setHeader('Content-Length', compressed.length);
-            res.writeHead(res.statusCode || 200, res.getHeaders());
+            if (!res.headersSent) {
+              res.setHeader('Content-Encoding', 'deflate');
+              res.setHeader('Content-Length', compressed.length);
+            }
             res.end(compressed);
           });
         } else {
@@ -1462,13 +1521,15 @@ export const middleware = {
       // Only handle SSE requests
       if (req.headers.accept?.includes('text/event-stream')) {
         // Set SSE headers
-        res.writeHead(200, {
-          'Content-Type': 'text/event-stream',
-          'Cache-Control': 'no-cache',
-          Connection: 'keep-alive',
-          'Access-Control-Allow-Origin': options.cors ? '*' : undefined,
-          'Access-Control-Allow-Headers': options.cors ? 'Cache-Control' : undefined,
-        });
+        if (!res.headersSent) {
+          res.writeHead(200, {
+            'Content-Type': 'text/event-stream',
+            'Cache-Control': 'no-cache',
+            Connection: 'keep-alive',
+            'Access-Control-Allow-Origin': options.cors ? '*' : undefined,
+            'Access-Control-Allow-Headers': options.cors ? 'Cache-Control' : undefined,
+          });
+        }
 
         // Add SSE methods to response
         (res as any).sendEvent = (data: any, event?: string, id?: string) => {
@@ -1569,7 +1630,8 @@ export const middleware = {
             const chunkSize = end - start + 1;
 
             if (start >= fileSize || end >= fileSize) {
-              res.status(416).setHeader('Content-Range', `bytes */${fileSize}`);
+              res.status(416);
+              res.setHeader('Content-Range', `bytes */${fileSize}`);
               res.json({ success: false, error: 'Range not satisfiable' });
               return;
             }
@@ -1579,7 +1641,7 @@ export const middleware = {
             res.setHeader('Content-Length', chunkSize);
 
             // Stream the range
-            const stream = require('fs').createReadStream(filePath, {
+            const stream = createReadStream(filePath, {
               start,
               end,
             });
@@ -1597,12 +1659,12 @@ export const middleware = {
               res.write(`\r\n--${boundary}\r\n`);
               res.write(`Content-Range: bytes ${start}-${end}/${fileSize}\r\n\r\n`);
 
-              const stream = require('fs').createReadStream(filePath, {
+              const stream = createReadStream(filePath, {
                 start,
                 end,
               });
-              await new Promise(resolve => {
-                stream.on('end', resolve);
+              await new Promise<void>(resolve => {
+                stream.on('end', () => resolve());
                 stream.pipe(res, { end: false });
               });
             }
@@ -1636,7 +1698,6 @@ export const middleware = {
     const ignoreMethods = options.ignoreMethods || ['GET', 'HEAD', 'OPTIONS'];
 
     const generateToken = () => {
-      const crypto = require('crypto');
       return crypto.randomBytes(tokenLength).toString('hex');
     };
 
@@ -1725,7 +1786,6 @@ export const middleware = {
       // Generate nonce if requested
       let nonce: string | undefined;
       if (options.nonce) {
-        const crypto = require('crypto');
         nonce = crypto.randomBytes(16).toString('base64');
         (req as any).cspNonce = nonce;
       }

package/src/core/http/index.ts

@@ -1,6 +1,7 @@
 // HTTP System - Centralized Exports
-export { MoroHttpServer, middleware } from './http-server';
-export { Router } from './router';
+export { MoroHttpServer, middleware } from './http-server.js';
+export { UWebSocketsHttpServer } from './uws-http-server.js';
+export { Router } from '../routing/router.js';
 
 // Type exports
-export type { HttpRequest, HttpResponse, HttpHandler, Middleware } from '../../types/http';
+export type { HttpRequest, HttpResponse, HttpHandler, Middleware } from '../../types/http.js';