@morojs/moro 1.6.2 → 1.6.4

package/dist/core/middleware/built-in/csrf/hook.d.ts

@@ -0,0 +1,17 @@
+import { MiddlewareInterface } from '../../../../types/hooks.js';
+import { type CSRFOptions } from './core.js';
+/**
+ * CSRF hook for global usage
+ * Registers with the hooks system for application-wide CSRF protection
+ *
+ * @example
+ * ```ts
+ * import { csrf } from '@/middleware/built-in/csrf';
+ *
+ * app.use(csrf({
+ *   cookieName: '_csrf',
+ *   ignoreMethods: ['GET', 'HEAD', 'OPTIONS']
+ * }));
+ * ```
+ */
+export declare const csrf: (options?: CSRFOptions) => MiddlewareInterface;

package/dist/core/middleware/built-in/csrf/hook.js

@@ -0,0 +1,45 @@
+import { createFrameworkLogger } from '../../../logger/index.js';
+import { CSRFCore } from './core.js';
+const logger = createFrameworkLogger('CSRFMiddleware');
+/**
+ * CSRF hook for global usage
+ * Registers with the hooks system for application-wide CSRF protection
+ *
+ * @example
+ * ```ts
+ * import { csrf } from '@/middleware/built-in/csrf';
+ *
+ * app.use(csrf({
+ *   cookieName: '_csrf',
+ *   ignoreMethods: ['GET', 'HEAD', 'OPTIONS']
+ * }));
+ * ```
+ */
+export const csrf = (options = {}) => ({
+    name: 'csrf',
+    version: '1.0.0',
+    metadata: {
+        name: 'csrf',
+        version: '1.0.0',
+        description: 'CSRF protection middleware with token generation and validation',
+        author: 'MoroJS Team',
+    },
+    install: async (hooks, middlewareOptions = {}) => {
+        logger.debug('Installing CSRF middleware', 'Installation');
+        const config = {
+            ...options,
+            ...middlewareOptions,
+        };
+        const csrfCore = new CSRFCore(config);
+        hooks.before('request', async (context) => {
+            const req = context.request;
+            const res = context.response;
+            // Add CSRF token generation method
+            req.csrfToken = () => csrfCore.attachToken(req, res);
+            // Validate token for non-safe methods
+            await csrfCore.validateToken(req);
+        });
+        logger.info('CSRF middleware installed', 'Installation');
+    },
+});
+//# sourceMappingURL=hook.js.map

package/dist/core/middleware/built-in/csrf/hook.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hook.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/csrf/hook.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,QAAQ,EAAoB,MAAM,WAAW,CAAC;AAEvD,MAAM,MAAM,GAAG,qBAAqB,CAAC,gBAAgB,CAAC,CAAC;AAEvD;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG,CAAC,UAAuB,EAAE,EAAuB,EAAE,CAAC,CAAC;IACvE,IAAI,EAAE,MAAM;IACZ,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM;QACZ,OAAO,EAAE,OAAO;QAChB,WAAW,EAAE,iEAAiE;QAC9E,MAAM,EAAE,aAAa;KACtB;IAED,OAAO,EAAE,KAAK,EAAE,KAAU,EAAE,oBAAyB,EAAE,EAAE,EAAE;QACzD,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,cAAc,CAAC,CAAC;QAE3D,MAAM,MAAM,GAAgB;YAC1B,GAAG,OAAO;YACV,GAAG,iBAAiB;SACrB,CAAC;QAEF,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,CAAC;QAEtC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,OAAoB,EAAE,EAAE;YACrD,MAAM,GAAG,GAAG,OAAO,CAAC,OAAc,CAAC;YACnC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAe,CAAC;YAEpC,mCAAmC;YACnC,GAAG,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YAErD,sCAAsC;YACtC,MAAM,QAAQ,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE,cAAc,CAAC,CAAC;IAC3D,CAAC;CACF,CAAC,CAAC"}

package/dist/core/middleware/built-in/csrf/index.d.ts

@@ -0,0 +1,3 @@
+export { CSRFCore, type CSRFOptions } from './core.js';
+export { createCSRFMiddleware } from './middleware.js';
+export { csrf } from './hook.js';

package/dist/core/middleware/built-in/csrf/index.js

@@ -0,0 +1,9 @@
+// CSRF - Main entry point
+// Re-exports all public APIs for the CSRF built-in
+// Core (for direct use by router and custom implementations)
+export { CSRFCore } from './core.js';
+// Middleware (for middleware chains)
+export { createCSRFMiddleware } from './middleware.js';
+// Hook (for global registration)
+export { csrf } from './hook.js';
+//# sourceMappingURL=index.js.map

package/dist/core/middleware/built-in/csrf/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/csrf/index.ts"],"names":[],"mappings":"AAAA,0BAA0B;AAC1B,mDAAmD;AAEnD,6DAA6D;AAC7D,OAAO,EAAE,QAAQ,EAAoB,MAAM,WAAW,CAAC;AAEvD,qCAAqC;AACrC,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAEvD,iCAAiC;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC"}

package/dist/core/middleware/built-in/csrf/middleware.d.ts

@@ -0,0 +1,16 @@
+import { StandardMiddleware } from '../../../../types/hooks.js';
+import { type CSRFOptions } from './core.js';
+/**
+ * Create CSRF middleware for use in middleware chains
+ *
+ * @example
+ * ```ts
+ * const csrfMw = createCSRFMiddleware({
+ *   cookieName: '_csrf',
+ *   headerName: 'x-csrf-token'
+ * });
+ *
+ * app.use(csrfMw);
+ * ```
+ */
+export declare function createCSRFMiddleware(options?: CSRFOptions): StandardMiddleware;

package/dist/core/middleware/built-in/csrf/middleware.js

@@ -0,0 +1,34 @@
+import { createFrameworkLogger } from '../../../logger/index.js';
+import { CSRFCore } from './core.js';
+const logger = createFrameworkLogger('CSRFMiddleware');
+/**
+ * Create CSRF middleware for use in middleware chains
+ *
+ * @example
+ * ```ts
+ * const csrfMw = createCSRFMiddleware({
+ *   cookieName: '_csrf',
+ *   headerName: 'x-csrf-token'
+ * });
+ *
+ * app.use(csrfMw);
+ * ```
+ */
+export function createCSRFMiddleware(options = {}) {
+    const csrfCore = new CSRFCore(options);
+    return async (req, res, next) => {
+        try {
+            // Add CSRF token generation method
+            req.csrfToken = () => csrfCore.attachToken(req, res);
+            // Validate token for non-safe methods
+            await csrfCore.validateToken(req);
+            // Execute next middleware
+            await next();
+        }
+        catch (error) {
+            logger.error('CSRF middleware error', 'CSRFError', { error });
+            throw error;
+        }
+    };
+}
+//# sourceMappingURL=middleware.js.map

package/dist/core/middleware/built-in/csrf/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/csrf/middleware.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAEjE,OAAO,EAAE,QAAQ,EAAoB,MAAM,WAAW,CAAC;AAEvD,MAAM,MAAM,GAAG,qBAAqB,CAAC,gBAAgB,CAAC,CAAC;AAEvD;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,oBAAoB,CAAC,UAAuB,EAAE;IAC5D,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,OAAO,CAAC,CAAC;IAEvC,OAAO,KAAK,EAAE,GAAgB,EAAE,GAAiB,EAAE,IAAyB,EAAE,EAAE;QAC9E,IAAI,CAAC;YACH,mCAAmC;YAClC,GAAW,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YAE9D,sCAAsC;YACtC,MAAM,QAAQ,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;YAElC,0BAA0B;YAC1B,MAAM,IAAI,EAAE,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE,WAAW,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAC9D,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}

package/dist/core/middleware/built-in/error-tracker/index.d.ts

@@ -0,0 +1 @@
+export { errorTracker } from './middleware.js';

package/dist/core/middleware/built-in/error-tracker/index.js

@@ -0,0 +1,4 @@
+// Error Tracker - Main entry point
+// Re-exports the error tracker middleware
+export { errorTracker } from './middleware.js';
+//# sourceMappingURL=index.js.map

package/dist/core/middleware/built-in/error-tracker/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/error-tracker/index.ts"],"names":[],"mappings":"AAAA,mCAAmC;AACnC,0CAA0C;AAE1C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/core/middleware/built-in/error-tracker/middleware.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Error tracking middleware
+ * Captures and logs errors that occur during request processing
+ *
+ * @example
+ * ```ts
+ * import { errorTracker } from '@/middleware/built-in/error-tracker';
+ *
+ * app.use(errorTracker);
+ * ```
+ */
+export declare const errorTracker: (context: any) => Promise<void>;

package/dist/core/middleware/built-in/{error-tracker.js → error-tracker/middleware.js}

@@ -1,6 +1,17 @@
-// Error tracking middleware
-import { createFrameworkLogger } from '../../logger/index.js';
+// Error Tracker Middleware
+import { createFrameworkLogger } from '../../../logger/index.js';
 const logger = createFrameworkLogger('ErrorTracker');
+/**
+ * Error tracking middleware
+ * Captures and logs errors that occur during request processing
+ *
+ * @example
+ * ```ts
+ * import { errorTracker } from '@/middleware/built-in/error-tracker';
+ *
+ * app.use(errorTracker);
+ * ```
+ */
 export const errorTracker = async (context) => {
     context.onError = (error) => {
         logger.error('Request error', 'ErrorTracking', {
@@ -12,4 +23,4 @@ export const errorTracker = async (context) => {
         });
     };
 };
-//# sourceMappingURL=error-tracker.js.map
+//# sourceMappingURL=middleware.js.map

package/dist/core/middleware/built-in/error-tracker/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/error-tracker/middleware.ts"],"names":[],"mappings":"AAAA,2BAA2B;AAC3B,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAEjE,MAAM,MAAM,GAAG,qBAAqB,CAAC,cAAc,CAAC,CAAC;AAErD;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAAE,OAAY,EAAiB,EAAE;IAChE,OAAO,CAAC,OAAO,GAAG,CAAC,KAAY,EAAE,EAAE;QACjC,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,eAAe,EAAE;YAC7C,KAAK,EAAE,KAAK,CAAC,OAAO;YACpB,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,GAAG,EAAE,OAAO,CAAC,OAAO,EAAE,GAAG;YACzB,MAAM,EAAE,OAAO,CAAC,OAAO,EAAE,MAAM;YAC/B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;IACL,CAAC,CAAC;AACJ,CAAC,CAAC"}

package/dist/core/middleware/built-in/index.d.ts

@@ -1,70 +1,36 @@
-export { auth } from './auth.js';
-export { rateLimit } from './rate-limit.js';
-export { cors } from './cors.js';
-export { validation } from './validation.js';
-export { requestLogger } from './request-logger.js';
-export { performanceMonitor } from './performance-monitor.js';
-export { errorTracker } from './error-tracker.js';
-export { cookie } from './cookie.js';
-export { csrf } from './csrf.js';
-export { csp } from './csp.js';
-export { sse } from './sse.js';
-export { session } from './session.js';
-export { cache } from './cache.js';
-export { cdn } from './cdn.js';
-export { requireAuth, requireRole, requirePermission, requireAdmin, guestOnly, optionalAuth, withAuth, protectedRoute, authUtils, authResponses, sessionHelpers, } from './auth-helpers.js';
-export { safeVerifyJWT, extractJWTFromHeader, createAuthErrorResponse, type JWTVerificationResult, } from './jwt-helpers.js';
-export { extendedProviders, enterpriseProviders, createCustomOAuthProvider, createCustomOIDCProvider, } from './auth-providers.js';
+export { auth } from './auth/index.js';
+export { rateLimit } from './rate-limit/index.js';
+export { cors } from './cors/index.js';
+export { validation } from './validation/index.js';
+export { requestLogger } from './request-logger/index.js';
+export { performanceMonitor } from './performance-monitor/index.js';
+export { errorTracker } from './error-tracker/index.js';
+export { cookie } from './cookie/index.js';
+export { csrf } from './csrf/index.js';
+export { csp } from './csp/index.js';
+export { sse } from './sse/index.js';
+export { session } from './session/index.js';
+export { cache } from './cache/index.js';
+export { cdn } from './cdn/index.js';
+export { requireAuth, requireRole, requirePermission, requireAdmin, guestOnly, optionalAuth, withAuth, protectedRoute, authUtils, authResponses, sessionHelpers, } from './auth/helpers.js';
+export { safeVerifyJWT, extractJWTFromHeader, createAuthErrorResponse, type JWTVerificationResult, } from './auth/jwt-helpers.js';
+export { extendedProviders, enterpriseProviders, createCustomOAuthProvider, createCustomOIDCProvider, } from './auth/providers.js';
 export declare const builtInMiddleware: {
-    auth: (options: import("../../../index.js").AuthOptions) => import("../index.js").MiddlewareInterface;
+    auth: (options: import("./auth/index.js").AuthOptions) => import("../index.js").MiddlewareInterface;
     rateLimit: (options?: {
         windowMs?: number;
         max?: number;
         message?: string;
     }) => import("../index.js").MiddlewareInterface;
-    cors: (options?: any) => import("../index.js").MiddlewareInterface;
+    cors: (options?: import("./cors/core.js").CORSOptions) => import("../index.js").MiddlewareInterface;
     validation: () => import("../index.js").MiddlewareInterface;
-    cookie: (options?: {
-        secret?: string;
-        signed?: boolean;
-    }) => import("../index.js").MiddlewareInterface;
-    csrf: (options?: {
-        secret?: string;
-        tokenLength?: number;
-        cookieName?: string;
-        headerName?: string;
-        ignoreMethods?: string[];
-        sameSite?: boolean;
-    }) => import("../index.js").MiddlewareInterface;
-    csp: (options?: {
-        directives?: {
-            defaultSrc?: string[];
-            scriptSrc?: string[];
-            styleSrc?: string[];
-            imgSrc?: string[];
-            connectSrc?: string[];
-            fontSrc?: string[];
-            objectSrc?: string[];
-            mediaSrc?: string[];
-            frameSrc?: string[];
-            childSrc?: string[];
-            workerSrc?: string[];
-            formAction?: string[];
-            upgradeInsecureRequests?: boolean;
-            blockAllMixedContent?: boolean;
-        };
-        reportOnly?: boolean;
-        reportUri?: string;
-        nonce?: boolean;
-    }) => import("../index.js").MiddlewareInterface;
-    sse: (options?: {
-        heartbeat?: number;
-        retry?: number;
-        cors?: boolean;
-    }) => import("../index.js").MiddlewareInterface;
-    session: (options?: import("./session.js").SessionOptions) => import("../index.js").MiddlewareInterface;
+    cookie: (config?: import("./cookie/hook.js").CookieConfig) => import("../index.js").MiddlewareInterface;
+    csrf: (options?: import("./csrf/core.js").CSRFOptions) => import("../index.js").MiddlewareInterface;
+    csp: (options?: import("./csp/core.js").CSPOptions) => import("../index.js").MiddlewareInterface;
+    sse: (options?: import("./sse/core.js").SSEOptions) => import("../index.js").MiddlewareInterface;
+    session: (options?: import("./session/core.js").SessionOptions) => import("../index.js").MiddlewareInterface;
     cache: (options?: import("../../../index.js").CacheOptions) => import("../index.js").MiddlewareInterface;
-    cdn: (options?: import("../../../index.js").CDNOptions) => import("../index.js").MiddlewareInterface;
+    cdn: (options?: import("./cdn/index.js").CDNOptions) => import("../index.js").MiddlewareInterface;
 };
 export declare const simpleMiddleware: {
     requestLogger: (context: any) => Promise<void>;

package/dist/core/middleware/built-in/index.js

@@ -1,40 +1,40 @@
 // Built-in Middleware Exports
-export { auth } from './auth.js';
-export { rateLimit } from './rate-limit.js';
-export { cors } from './cors.js';
-export { validation } from './validation.js';
-export { requestLogger } from './request-logger.js';
-export { performanceMonitor } from './performance-monitor.js';
-export { errorTracker } from './error-tracker.js';
+export { auth } from './auth/index.js';
+export { rateLimit } from './rate-limit/index.js';
+export { cors } from './cors/index.js';
+export { validation } from './validation/index.js';
+export { requestLogger } from './request-logger/index.js';
+export { performanceMonitor } from './performance-monitor/index.js';
+export { errorTracker } from './error-tracker/index.js';
 // Advanced Security & Performance Middleware
-export { cookie } from './cookie.js';
-export { csrf } from './csrf.js';
-export { csp } from './csp.js';
-export { sse } from './sse.js';
-export { session } from './session.js';
+export { cookie } from './cookie/index.js';
+export { csrf } from './csrf/index.js';
+export { csp } from './csp/index.js';
+export { sse } from './sse/index.js';
+export { session } from './session/index.js';
 // Clean Architecture Middleware
-export { cache } from './cache.js';
-export { cdn } from './cdn.js';
+export { cache } from './cache/index.js';
+export { cdn } from './cdn/index.js';
 // Auth Helpers and Extended Providers
-export { requireAuth, requireRole, requirePermission, requireAdmin, guestOnly, optionalAuth, withAuth, protectedRoute, authUtils, authResponses, sessionHelpers, } from './auth-helpers.js';
+export { requireAuth, requireRole, requirePermission, requireAdmin, guestOnly, optionalAuth, withAuth, protectedRoute, authUtils, authResponses, sessionHelpers, } from './auth/helpers.js';
 // JWT Utilities for Custom Middleware
-export { safeVerifyJWT, extractJWTFromHeader, createAuthErrorResponse, } from './jwt-helpers.js';
-export { extendedProviders, enterpriseProviders, createCustomOAuthProvider, createCustomOIDCProvider, } from './auth-providers.js';
+export { safeVerifyJWT, extractJWTFromHeader, createAuthErrorResponse, } from './auth/jwt-helpers.js';
+export { extendedProviders, enterpriseProviders, createCustomOAuthProvider, createCustomOIDCProvider, } from './auth/providers.js';
 // Import for collections
-import { auth } from './auth.js';
-import { rateLimit } from './rate-limit.js';
-import { cors } from './cors.js';
-import { validation } from './validation.js';
-import { requestLogger } from './request-logger.js';
-import { performanceMonitor } from './performance-monitor.js';
-import { errorTracker } from './error-tracker.js';
-import { cookie } from './cookie.js';
-import { csrf } from './csrf.js';
-import { csp } from './csp.js';
-import { sse } from './sse.js';
-import { session } from './session.js';
-import { cache } from './cache.js';
-import { cdn } from './cdn.js';
+import { auth } from './auth/index.js';
+import { rateLimit } from './rate-limit/index.js';
+import { cors } from './cors/index.js';
+import { validation } from './validation/index.js';
+import { requestLogger } from './request-logger/index.js';
+import { performanceMonitor } from './performance-monitor/index.js';
+import { errorTracker } from './error-tracker/index.js';
+import { cookie } from './cookie/index.js';
+import { csrf } from './csrf/index.js';
+import { csp } from './csp/index.js';
+import { sse } from './sse/index.js';
+import { session } from './session/index.js';
+import { cache } from './cache/index.js';
+import { cdn } from './cdn/index.js';
 export const builtInMiddleware = {
     auth,
     rateLimit,

package/dist/core/middleware/built-in/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/core/middleware/built-in/index.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAElD,6CAA6C;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEvC,gCAAgC;AAChC,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AACnC,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAE/B,sCAAsC;AACtC,OAAO,EACL,WAAW,EACX,WAAW,EACX,iBAAiB,EACjB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,QAAQ,EACR,cAAc,EACd,SAAS,EACT,aAAa,EACb,cAAc,GACf,MAAM,mBAAmB,CAAC;AAE3B,sCAAsC;AACtC,OAAO,EACL,aAAa,EACb,oBAAoB,EACpB,uBAAuB,GAExB,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EACL,iBAAiB,EACjB,mBAAmB,EACnB,yBAAyB,EACzB,wBAAwB,GACzB,MAAM,qBAAqB,CAAC;AAE7B,yBAAyB;AACzB,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AACnC,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAE/B,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,IAAI;IACJ,SAAS;IACT,IAAI;IACJ,UAAU;IACV,sBAAsB;IACtB,MAAM;IACN,IAAI;IACJ,GAAG;IACH,GAAG;IACH,OAAO;IACP,gCAAgC;IAChC,KAAK;IACL,GAAG;CACJ,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,aAAa;IACb,kBAAkB;IAClB,YAAY;CACb,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/core/middleware/built-in/index.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,6CAA6C;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAE7C,gCAAgC;AAChC,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAErC,sCAAsC;AACtC,OAAO,EACL,WAAW,EACX,WAAW,EACX,iBAAiB,EACjB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,QAAQ,EACR,cAAc,EACd,SAAS,EACT,aAAa,EACb,cAAc,GACf,MAAM,mBAAmB,CAAC;AAE3B,sCAAsC;AACtC,OAAO,EACL,aAAa,EACb,oBAAoB,EACpB,uBAAuB,GAExB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EACL,iBAAiB,EACjB,mBAAmB,EACnB,yBAAyB,EACzB,wBAAwB,GACzB,MAAM,qBAAqB,CAAC;AAE7B,yBAAyB;AACzB,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAErC,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,IAAI;IACJ,SAAS;IACT,IAAI;IACJ,UAAU;IACV,sBAAsB;IACtB,MAAM;IACN,IAAI;IACJ,GAAG;IACH,GAAG;IACH,OAAO;IACP,gCAAgC;IAChC,KAAK;IACL,GAAG;CACJ,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,aAAa;IACb,kBAAkB;IAClB,YAAY;CACb,CAAC"}

package/dist/core/middleware/built-in/performance-monitor/index.d.ts

@@ -0,0 +1 @@
+export { performanceMonitor } from './middleware.js';

package/dist/core/middleware/built-in/performance-monitor/index.js

@@ -0,0 +1,4 @@
+// Performance Monitor - Main entry point
+// Re-exports the performance monitor middleware
+export { performanceMonitor } from './middleware.js';
+//# sourceMappingURL=index.js.map

package/dist/core/middleware/built-in/performance-monitor/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/performance-monitor/index.ts"],"names":[],"mappings":"AAAA,yCAAyC;AACzC,gDAAgD;AAEhD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/core/middleware/built-in/performance-monitor/middleware.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Performance monitoring middleware
+ * Tracks request duration and logs warnings for slow requests
+ *
+ * @example
+ * ```ts
+ * import { performanceMonitor } from '@/middleware/built-in/performance-monitor';
+ *
+ * app.use(performanceMonitor);
+ * ```
+ */
+export declare const performanceMonitor: (context: any) => Promise<void>;

package/dist/core/middleware/built-in/{performance-monitor.js → performance-monitor/middleware.js}

@@ -1,6 +1,17 @@
-// Performance monitoring middleware
-import { createFrameworkLogger } from '../../logger/index.js';
+// Performance Monitor Middleware
+import { createFrameworkLogger } from '../../../logger/index.js';
 const logger = createFrameworkLogger('PerformanceMonitor');
+/**
+ * Performance monitoring middleware
+ * Tracks request duration and logs warnings for slow requests
+ *
+ * @example
+ * ```ts
+ * import { performanceMonitor } from '@/middleware/built-in/performance-monitor';
+ *
+ * app.use(performanceMonitor);
+ * ```
+ */
 export const performanceMonitor = async (context) => {
     const startTime = Date.now();
     context.onComplete = () => {
@@ -15,4 +26,4 @@ export const performanceMonitor = async (context) => {
         }
     };
 };
-//# sourceMappingURL=performance-monitor.js.map
+//# sourceMappingURL=middleware.js.map

package/dist/core/middleware/built-in/performance-monitor/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/performance-monitor/middleware.ts"],"names":[],"mappings":"AAAA,iCAAiC;AACjC,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAEjE,MAAM,MAAM,GAAG,qBAAqB,CAAC,oBAAoB,CAAC,CAAC;AAE3D;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,EAAE,OAAY,EAAiB,EAAE;IACtE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,OAAO,CAAC,UAAU,GAAG,GAAG,EAAE;QACxB,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAExC,oBAAoB;QACpB,IAAI,QAAQ,GAAG,IAAI,EAAE,CAAC;YACpB,MAAM,CAAC,IAAI,CACT,0BAA0B,OAAO,CAAC,OAAO,EAAE,IAAI,SAAS,QAAQ,IAAI,EACpE,aAAa,EACb;gBACE,IAAI,EAAE,OAAO,CAAC,OAAO,EAAE,IAAI;gBAC3B,MAAM,EAAE,OAAO,CAAC,OAAO,EAAE,MAAM;gBAC/B,QAAQ;aACT,CACF,CAAC;QACJ,CAAC;IACH,CAAC,CAAC;AACJ,CAAC,CAAC"}

package/dist/core/middleware/built-in/rate-limit/core.d.ts

@@ -0,0 +1,33 @@
+import { HttpRequest, HttpResponse } from '../../../../types/http.js';
+export interface RateLimitConfig {
+    requests: number;
+    window: number;
+    skipSuccessfulRequests?: boolean;
+}
+/**
+ * RateLimitCore - Core rate limiting logic
+ * Used directly by the router for route-based rate limiting
+ * Can be instantiated for use in middleware or hooks
+ */
+export declare class RateLimitCore {
+    private store;
+    /**
+     * High-level check for router use: checkLimit(req, res, config)
+     * Sends response if rate limit exceeded
+     */
+    checkLimit(req: HttpRequest, res: HttpResponse, config: RateLimitConfig): Promise<void>;
+    /**
+     * Low-level check method
+     * Returns true if request is allowed, false if rate limit exceeded
+     */
+    check(clientId: string, routeKey: string, requests: number, window: number): boolean;
+    /**
+     * Get retry-after time in seconds for a rate-limited client
+     */
+    getRetryAfter(clientId: string, routeKey: string): number;
+    /**
+     * Clear all rate limit data
+     */
+    clear(): void;
+}
+export declare const sharedRateLimitCore: RateLimitCore;

package/dist/core/middleware/built-in/rate-limit/core.js

@@ -0,0 +1,86 @@
+// Rate Limit Core - Reusable rate limiting logic
+import { createFrameworkLogger } from '../../../logger/index.js';
+const logger = createFrameworkLogger('RateLimitCore');
+// ===== Core Logic =====
+/**
+ * RateLimitCore - Core rate limiting logic
+ * Used directly by the router for route-based rate limiting
+ * Can be instantiated for use in middleware or hooks
+ */
+export class RateLimitCore {
+    store = new Map();
+    /**
+     * High-level check for router use: checkLimit(req, res, config)
+     * Sends response if rate limit exceeded
+     */
+    async checkLimit(req, res, config) {
+        // Don't send response if headers already sent
+        if (res.headersSent) {
+            return;
+        }
+        const clientId = req.ip || req.connection?.remoteAddress || 'unknown';
+        const routeKey = `${req.method}:${req.path}`;
+        const allowed = this.check(clientId, routeKey, config.requests, config.window);
+        if (!allowed) {
+            const retryAfter = this.getRetryAfter(clientId, routeKey);
+            res.status(429).json({
+                success: false,
+                error: 'Rate limit exceeded',
+                retryAfter,
+            });
+            return;
+        }
+    }
+    /**
+     * Low-level check method
+     * Returns true if request is allowed, false if rate limit exceeded
+     */
+    check(clientId, routeKey, requests, window) {
+        const key = `${routeKey}:${clientId}`;
+        const now = Date.now();
+        if (!this.store.has(key)) {
+            this.store.set(key, { count: 1, resetTime: now + window });
+            return true;
+        }
+        const limitData = this.store.get(key);
+        if (!limitData) {
+            return true;
+        }
+        if (now > limitData.resetTime) {
+            limitData.count = 1;
+            limitData.resetTime = now + window;
+            return true;
+        }
+        limitData.count++;
+        if (limitData.count > requests) {
+            logger.warn('Rate limit exceeded', 'RateLimit', {
+                clientId,
+                route: routeKey,
+                count: limitData.count,
+                limit: requests,
+            });
+            return false;
+        }
+        return true;
+    }
+    /**
+     * Get retry-after time in seconds for a rate-limited client
+     */
+    getRetryAfter(clientId, routeKey) {
+        const key = `${routeKey}:${clientId}`;
+        const limitData = this.store.get(key);
+        if (limitData) {
+            return Math.ceil((limitData.resetTime - Date.now()) / 1000);
+        }
+        return 0;
+    }
+    /**
+     * Clear all rate limit data
+     */
+    clear() {
+        this.store.clear();
+    }
+}
+// Shared instance for route-based rate limiting
+export const sharedRateLimitCore = new RateLimitCore();
+//# sourceMappingURL=core.js.map

package/dist/core/middleware/built-in/rate-limit/core.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"core.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/rate-limit/core.ts"],"names":[],"mappings":"AAAA,iDAAiD;AACjD,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAGjE,MAAM,MAAM,GAAG,qBAAqB,CAAC,eAAe,CAAC,CAAC;AAetD,yBAAyB;AAEzB;;;;GAIG;AACH,MAAM,OAAO,aAAa;IAChB,KAAK,GAAG,IAAI,GAAG,EAA0B,CAAC;IAElD;;;OAGG;IACH,KAAK,CAAC,UAAU,CAAC,GAAgB,EAAE,GAAiB,EAAE,MAAuB;QAC3E,8CAA8C;QAC9C,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC;YACpB,OAAO;QACT,CAAC;QAED,MAAM,QAAQ,GAAG,GAAG,CAAC,EAAE,IAAK,GAAG,CAAC,UAAkB,EAAE,aAAa,IAAI,SAAS,CAAC;QAC/E,MAAM,QAAQ,GAAG,GAAG,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;QAE7C,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAE/E,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAC1D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,qBAAqB;gBAC5B,UAAU;aACX,CAAC,CAAC;YACH,OAAO;QACT,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,QAAgB,EAAE,QAAgB,EAAE,QAAgB,EAAE,MAAc;QACxE,MAAM,GAAG,GAAG,GAAG,QAAQ,IAAI,QAAQ,EAAE,CAAC;QACtC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,SAAS,EAAE,GAAG,GAAG,MAAM,EAAE,CAAC,CAAC;YAC3D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,GAAG,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC;YAC9B,SAAS,CAAC,KAAK,GAAG,CAAC,CAAC;YACpB,SAAS,CAAC,SAAS,GAAG,GAAG,GAAG,MAAM,CAAC;YACnC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,SAAS,CAAC,KAAK,EAAE,CAAC;QAElB,IAAI,SAAS,CAAC,KAAK,GAAG,QAAQ,EAAE,CAAC;YAC/B,MAAM,CAAC,IAAI,CAAC,qBAAqB,EAAE,WAAW,EAAE;gBAC9C,QAAQ;gBACR,KAAK,EAAE,QAAQ;gBACf,KAAK,EAAE,SAAS,CAAC,KAAK;gBACtB,KAAK,EAAE,QAAQ;aAChB,CAAC,CAAC;YACH,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,QAAgB,EAAE,QAAgB;QAC9C,MAAM,GAAG,GAAG,GAAG,QAAQ,IAAI,QAAQ,EAAE,CAAC;QACtC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;QAC9D,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;CACF;AAED,gDAAgD;AAChD,MAAM,CAAC,MAAM,mBAAmB,GAAG,IAAI,aAAa,EAAE,CAAC"}

package/dist/core/middleware/built-in/rate-limit/hook.d.ts

@@ -0,0 +1,20 @@
+import { MiddlewareInterface } from '../../../../types/hooks.js';
+/**
+ * Rate limit hook for global usage
+ * Registers with the hooks system for application-wide rate limiting
+ *
+ * @example
+ * ```ts
+ * import { rateLimit } from '@/middleware/built-in/rate-limit';
+ *
+ * app.use(rateLimit({
+ *   windowMs: 60000,  // 1 minute
+ *   max: 100          // 100 requests per window
+ * }));
+ * ```
+ */
+export declare const rateLimit: (options?: {
+    windowMs?: number;
+    max?: number;
+    message?: string;
+}) => MiddlewareInterface;