@radatek/microserver 3.0.5 → 3.0.7

package/microserver.d.ts

@@ -1,6 +1,6 @@
 /**
  * MicroServer
- * @version 3.0.5
+ * @version 3.0.7
  * @package @radatek/microserver
  * @copyright Darius Kisonas 2022
  * @license MIT
@@ -44,7 +44,6 @@ export declare abstract class Plugin {
     priority?: number;
     handler?(req: ServerRequest, res: ServerResponse, next: Function): Promise<string | object | void> | string | object | void;
     routes?(): Promise<RoutesSet | void> | RoutesSet | void;
-    constructor();
 }
 interface PluginClass {
     new (options: any, server: MicroServer): Plugin;
@@ -86,7 +85,7 @@ export declare class ServerRequest<T = any> extends http.IncomingMessage {
     rawBody: Buffer[];
     /** Request raw body size */
     rawBodySize: number;
-    private constructor();
+    protected constructor(res: http.ServerResponse, server: MicroServer);
     /** Extend http.IncomingMessage */
     static extend(req: http.IncomingMessage, res: http.ServerResponse, server: MicroServer): ServerRequest;
     /** Check if request is ready */
@@ -115,7 +114,7 @@ export declare class ServerResponse<T = any> extends http.ServerResponse {
     readonly req: ServerRequest<T>;
     /** Should response be json */
     isJson: boolean;
-    private constructor();
+    protected constructor(server: MicroServer);
     /** Extends http.ServerResponse */
     static extend(res: http.ServerResponse): void;
     /** Send error reponse */
@@ -164,7 +163,7 @@ export interface MicroServerConfig extends ListenConfig {
     /** extra options for plugins */
     [key: string]: any;
 }
-interface MicroServerEvents {
+export interface MicroServerEvents {
     ready: () => void;
     close: () => void;
     listen: (port: number, address: string, server: http.Server) => void;
@@ -260,6 +259,7 @@ export interface CorsOptions {
     /** Max age */
     maxAge?: number;
 }
+/** CORS plugin. Config may be: true - allow all, string - allow specific origin, or CorsOptions */
 export declare class CorsPlugin extends Plugin {
     priority: number;
     name: string;
@@ -267,6 +267,7 @@ export declare class CorsPlugin extends Plugin {
     constructor(options?: CorsOptions | string | true);
     handler?(req: ServerRequest, res: ServerResponse, next: Function): Promise<string | object | void> | string | object | void;
 }
+/** Methods plugin to support OPTIONS method, and restrict allowed methods. Configuration is comma separated string  */
 export declare class MethodsPlugin extends Plugin {
     priority: number;
     name: string;
@@ -276,6 +277,7 @@ export declare class MethodsPlugin extends Plugin {
 export interface BodyOptions {
     maxBodySize?: number;
 }
+/** Body parser plugin */
 export declare class BodyPlugin extends Plugin {
     priority: number;
     name: string;
@@ -293,6 +295,7 @@ export interface UploadFile {
     size: number;
     filePath?: string;
 }
+/** Upload plugin, At least uploadDir option is required */
 export declare class UploadPlugin extends Plugin {
     priority: number;
     name: string;
@@ -323,14 +326,12 @@ interface WebSocketEvents {
     message: (data: string | Buffer | ArrayBuffer | Blob) => void;
     open: () => void;
 }
-/** WebSocket class */
+/** WebSocket class used in upgrade handler */
 export declare class WebSocket extends EventEmitter {
     ready: boolean;
     constructor(req: ServerRequest, options?: WebSocketOptions);
     /** Close connection */
     close(reason?: number, data?: Buffer): void;
-    /** Generate WebSocket frame from data */
-    static getFrame(data: number | string | Buffer | undefined, options?: any): Buffer;
     /** Send data */
     send(data: string | Buffer): void;
     /** Send ping frame */
@@ -343,11 +344,11 @@ export declare class WebSocket extends EventEmitter {
     off<K extends keyof WebSocketEvents>(event: K, listener: WebSocketEvents[K]): this;
     removeListener<K extends keyof WebSocketEvents>(event: K, listener: WebSocketEvents[K]): this;
 }
+/** WebSocket plugin to support `WEBSOCKET /url` routes */
 export declare class WebSocketPlugin extends Plugin {
     name: string;
     constructor(options?: any, server?: MicroServer);
-    private addUpgradeHandler;
-    upgradeHandler(server: MicroServer, req: ServerRequest, socket: net.Socket, head: any): void;
+    upgradeHandler(server: MicroServer, req: ServerRequest, socket: net.Socket, head: any): any;
 }
 /** Trust proxy plugin, adds `req.ip` and `req.localip` */
 export declare class TrustProxyPlugin extends Plugin {
@@ -390,6 +391,8 @@ export interface StaticFilesOptions {
     maxAge?: number;
     /** static errors file for status code, '*' - default */
     errors?: Record<string, string>;
+    /** check precompressed file */
+    precompressedGzip?: boolean;
 }
 export interface ServeFileOptions {
     /** path */
@@ -411,11 +414,7 @@ export interface ServeFileOptions {
     /** stat */
     stats?: fs.Stats;
 }
-/**
- * Static files middleware plugin
- * Usage: server.use('static', '/public')
- * Usage: server.use('static', { root: 'public', path: '/static' })
- */
+/** Static files plugin. At least must be path to public folder as string or StaticFilesOptions */
 export declare class StaticFilesPlugin extends Plugin {
     priority: number;
     /** Default mime types */
@@ -444,6 +443,7 @@ export declare class StaticFilesPlugin extends Plugin {
     maxAge?: number;
     prefix: string;
     errors?: Record<string, string>;
+    checkPrecompressedGzip?: boolean;
     constructor(options?: StaticFilesOptions | string, server?: MicroServer);
     /** Default static files handler */
     handler(req: ServerRequest, res: ServerResponse, next: Function): any;
@@ -467,9 +467,9 @@ export interface ProxyOptions {
         [key: string]: boolean;
     };
 }
+/** Reverse proxy plugin, At least remote url as string or in ProxyOptions is required */
 export declare class ProxyPlugin extends Plugin {
     priority: number;
-    name: string;
     /** Default valid headers */
     static validHeaders: {
         [key: string]: boolean;
@@ -584,22 +584,11 @@ export declare class Auth {
     };
     /** Encode token */
     encode(data: string, expire?: number): string;
-    /**
-     * Check acl over authenticated user with: `id`, `group/*`, `*`
-     * @param {string} id - to authenticate: `id`, `group/id`, `model/action`, comma separated best: true => false => def
-     * @param {boolean} [def=false] - default access
-     */
+    /** Check acl over authenticated user with: `id`, `group/*`, `*` */
     acl(id: string, def?: boolean): boolean;
-    /**
-       * Authenticate user and setup cookie
-       * @param {string|UserInfo} usr - user id used with options.users to retrieve user object. User object must contain `id` and `acl` object (Ex. usr = {id:'usr', acl:{'users/*':true}})
-       * @param {string} [psw] - user password (if used for user authentication with options.users)
-       * @param {number} [expire] - expire time in seconds (default: options.expire)
-       */
+    /** Generate token from user info */
     token(usr: string | UserInfo | undefined, psw: string | undefined, expire?: number): Promise<string | undefined>;
-    /**
-     * Authenticate user and setup cookie
-     */
+    /** Authenticate user and setup cookie */
     login(usr: string | UserInfo | undefined, psw?: string, options?: {
         expire?: number;
         salt?: string;
@@ -626,6 +615,7 @@ export declare class AuthPlugin extends Plugin {
     /** Authentication middleware */
     handler(req: ServerRequest, res: ServerResponse, next: Function): Promise<any>;
 }
+/** Load standard plugins with predefined configs: MethodsPlugin, CorsPlugin, TrustProxyPlugin, BodyPlugin, AuthPlugin, StaticFilesPlugin */
 export declare class StandardPlugins extends Plugin {
     constructor(options?: any, server?: MicroServer);
 }
@@ -722,7 +712,7 @@ export declare class FileStore {
     observe(data: object, cb: (data: object, key: string, value: any) => void): object;
 }
 /** Model validation options */
-interface ModelContextOptions {
+export interface ModelContextOptions {
     /** User info */
     user?: UserInfo;
     /** Request params */
@@ -741,12 +731,12 @@ interface ModelContextOptions {
     projection?: Record<string, 0 | 1 | true | false>;
 }
 /** Model field validation options */
-interface ModelValidateFieldOptions extends ModelContextOptions {
+export interface ModelValidateFieldOptions extends ModelContextOptions {
     name: string;
     field: ResolvedFieldSchema;
     model: Model<any>;
 }
-export interface ModelCallbackFunc {
+interface ModelCallbackFunc {
     (options: any): any;
 }
 type ModelBasicCtorType = typeof String | typeof Number | typeof Boolean | typeof Date;
@@ -780,7 +770,7 @@ export interface ModelFieldSchema {
     /** Regex validation or 'email', 'url', 'date', 'time', 'date-time' */
     format?: string;
 }
-interface ResolvedFieldSchema {
+export interface ResolvedFieldSchema {
     type: string;
     model?: Model<any>;
     primaryKey?: boolean;
@@ -937,4 +927,4 @@ export declare class MicroCollection<TSchema extends ModelSchema = any> {
         modifiedCount: number;
     }>;
 }
-
+export {};

package/microserver.js

@@ -1,6 +1,6 @@
 /**
  * MicroServer
- * @version 3.0.5
+ * @version 3.0.7
  * @package @radatek/microserver
  * @copyright Darius Kisonas 2022
  * @license MIT
@@ -77,7 +77,6 @@ function deferPromise(cb) {
 export class Plugin {
     name;
     priority;
-    constructor() { }
 }
 // #region ServerRequest/ServerResponse
 /** Extended http.IncomingMessage */
@@ -116,7 +115,9 @@ export class ServerRequest extends http.IncomingMessage {
     rawBody;
     /** Request raw body size */
     rawBodySize;
+    // @internal
     _body;
+    // @internal
     _isReady;
     constructor(res, server) {
         super(new net.Socket());
@@ -365,9 +366,13 @@ export class MicroServer extends EventEmitter {
     config;
     /** Authorization object */
     auth;
+    // @internal
     _plugins = {};
+    // @internal
     _stack = [];
+    // @internal
     _router = new RouterPlugin();
+    // @internal
     _worker = new Worker();
     /** All sockets */
     sockets;
@@ -499,6 +504,7 @@ export class MicroServer extends EventEmitter {
         return this._worker.wait('listen');
     }
     /* bind middleware or create one from string like: 'redirect:302,https://redirect.to', 'error:422', 'param:name=value', 'acl:users/get', 'model:User', 'group:Users', 'user:admin' */
+    // @internal
     _bind(fn) {
         if (typeof fn === 'string') {
             let name = fn;
@@ -683,6 +689,7 @@ export class MicroServer extends EventEmitter {
         this._router.add(method, url, args.filter(o => o).map((o) => this._bind(o)), true);
         return this._worker.endJob();
     }
+    // @internal
     async _plugin(plugin) {
         if (plugin.handler) {
             const middleware = plugin.handler.bind(plugin);
@@ -793,16 +800,24 @@ export class MicroServer extends EventEmitter {
 }
 // #region RouterPlugin
 class RouterItem {
+    // @internal
     _stack; // add if middlewares added if not last
+    // @internal
     _next; // next middlewares
+    // @internal
     _paramName; // param name if param is used
+    // @internal
     _paramWild;
+    // @internal
     _withParam; // next middlewares if param is used
+    // @internal
     _last;
 }
+/** Router plugin */
 class RouterPlugin extends Plugin {
     priority = 100;
     name = 'router';
+    // @internal
     _tree = {};
     constructor() {
         super();
@@ -852,6 +867,7 @@ class RouterPlugin extends Plugin {
             node._stack.push(...middlewares);
         }
     }
+    // @internal
     _getStack(path, treeItems) {
         const out = [];
         const segments = path.split('/').filter(s => s);
@@ -929,6 +945,7 @@ class RouterPlugin extends Plugin {
         this.walk(this._getStack(req.pathname, ['hook', method, '*']), req, res, next);
     }
 }
+/** CORS plugin. Config may be: true - allow all, string - allow specific origin, or CorsOptions */
 export class CorsPlugin extends Plugin {
     priority = -100;
     name = 'cors';
@@ -962,10 +979,13 @@ export class CorsPlugin extends Plugin {
 }
 // #enregion CorsPlugin
 // #region MethodsPlugin
+/** Methods plugin to support OPTIONS method, and restrict allowed methods. Configuration is comma separated string  */
 export class MethodsPlugin extends Plugin {
     priority = -90;
     name = 'methods';
+    // @internal
     _methods;
+    // @internal
     _methodsIdx;
     constructor(methods) {
         super();
@@ -986,9 +1006,11 @@ export class MethodsPlugin extends Plugin {
         return next();
     }
 }
+/** Body parser plugin */
 export class BodyPlugin extends Plugin {
     priority = -80;
     name = 'body';
+    // @internal
     _maxBodySize;
     constructor(options) {
         super();
@@ -1040,10 +1062,13 @@ export class BodyPlugin extends Plugin {
         });
     }
 }
+/** Upload plugin, At least uploadDir option is required */
 export class UploadPlugin extends Plugin {
     priority = -70;
     name = 'upload';
+    // @internal
     _maxFileSize;
+    // @internal
     _uploadDir;
     constructor(options) {
         super();
@@ -1133,6 +1158,10 @@ export class UploadPlugin extends Plugin {
                         const safeWriteLength = buffer.length - lookahead;
                         if (safeWriteLength > 0) {
                             lastFile.size += safeWriteLength;
+                            if (lastFile.size > this._maxFileSize) {
+                                req.setReady(new ResponseError("file too big", 413));
+                                return;
+                            }
                             fileStream.write(buffer.subarray(0, safeWriteLength));
                             buffer = buffer.subarray(safeWriteLength);
                         }
@@ -1167,12 +1196,17 @@ export class UploadPlugin extends Plugin {
 }
 const EMPTY_BUFFER = Buffer.alloc(0);
 const DEFLATE_TRAILER = Buffer.from([0x00, 0x00, 0xff, 0xff]);
-/** WebSocket class */
+/** WebSocket class used in upgrade handler */
 export class WebSocket extends EventEmitter {
+    // @internal
     _socket;
+    // @internal
     _frame;
+    // @internal
     _buffers = [EMPTY_BUFFER];
+    // @internal
     _buffersLength = 0;
+    // @internal
     _options;
     ready = false;
     constructor(req, options) {
@@ -1191,7 +1225,7 @@ export class WebSocket extends EventEmitter {
         const version = +(req.headers['sec-websocket-version'] || 0);
         const extensions = req.headers['sec-websocket-extensions'];
         const headers = [];
-        if (!key || !upgrade || upgrade.toLocaleLowerCase() !== 'websocket' || version !== 13 || req.method !== 'GET') {
+        if (!key || upgrade?.toLocaleLowerCase() !== 'websocket' || version !== 13) {
             this._abort('Invalid WebSocket request', 400);
             return;
         }
@@ -1202,12 +1236,12 @@ export class WebSocket extends EventEmitter {
             headers.push(header);
             this._options.deflate = true;
         }
-        this.ready = true;
         this._upgrade(key, headers, () => {
-            req.setReady();
+            this.ready = true;
             this.emit('open');
         });
     }
+    // @internal
     _upgrade(key, headers = [], cb) {
         const digest = crypto.createHash('sha1')
             .update(key + '258EAFA5-E914-47DA-95CA-C5AB0DC85B11')
@@ -1238,45 +1272,6 @@ export class WebSocket extends EventEmitter {
         }
         return this._sendFrame(0x88, data || EMPTY_BUFFER, () => this._socket.destroy());
     }
-    /** Generate WebSocket frame from data */
-    static getFrame(data, options) {
-        let msgType = 8;
-        let dataLength = 0;
-        if (typeof data === 'string') {
-            msgType = 1;
-            dataLength = Buffer.byteLength(data, 'utf8');
-        }
-        else if (data instanceof Buffer) {
-            msgType = 2;
-            dataLength = data.length;
-        }
-        else if (typeof data === 'number') {
-            msgType = data;
-        }
-        const headerSize = 2 + (dataLength < 126 ? 0 : dataLength < 65536 ? 2 : 8) + (dataLength && options?.mask ? 4 : 0);
-        const frame = Buffer.allocUnsafe(headerSize + dataLength);
-        frame[0] = 0x80 | msgType;
-        frame[1] = dataLength > 65535 ? 127 : dataLength > 125 ? 126 : dataLength;
-        if (dataLength > 65535)
-            frame.writeBigUInt64BE(dataLength, 2);
-        else if (dataLength > 125)
-            frame.writeUInt16BE(dataLength, 2);
-        if (dataLength && frame.length > dataLength) {
-            if (typeof data === 'string')
-                frame.write(data, headerSize, 'utf8');
-            else
-                data.copy(frame, headerSize);
-        }
-        if (dataLength && options?.mask) {
-            let i = headerSize, h = headerSize - 4;
-            for (let i = 0; i < 4; i++)
-                frame[h + i] = Math.floor(Math.random() * 256);
-            for (let j = 0; j < dataLength; j++, i++) {
-                frame[i] ^= frame[h + (j & 3)];
-            }
-        }
-        return frame;
-    }
     /** Send data */
     send(data) {
         let msgType = typeof data === 'string' ? 1 : 2;
@@ -1298,6 +1293,7 @@ export class WebSocket extends EventEmitter {
         else
             return this._sendFrame(0x80 | msgType, data);
     }
+    // @internal
     _errorHandler(error) {
         this.emit('error', error);
         if (this.ready)
@@ -1306,6 +1302,7 @@ export class WebSocket extends EventEmitter {
             this._socket.destroy();
         this.ready = false;
     }
+    // @internal
     _headerLength(buffer) {
         if (this._frame)
             return 0;
@@ -1314,6 +1311,7 @@ export class WebSocket extends EventEmitter {
         let hederInfo = buffer[1];
         return 2 + (hederInfo & 0x80 ? 4 : 0) + ((hederInfo & 0x7F) === 126 ? 2 : 0) + ((hederInfo & 0x7F) === 127 ? 8 : 0);
     }
+    // @internal
     _dataHandler(data) {
         while (data.length) {
             let frame = this._frame;
@@ -1420,6 +1418,7 @@ export class WebSocket extends EventEmitter {
             this._buffers.push(EMPTY_BUFFER);
         }
     }
+    // @internal
     _abort(message, code, headers) {
         code = code || 400;
         message = message || http.STATUS_CODES[code] || 'Closed';
@@ -1446,6 +1445,7 @@ export class WebSocket extends EventEmitter {
     pong(buffer) {
         this._sendFrame(0x8A, buffer || EMPTY_BUFFER);
     }
+    // @internal
     _sendFrame(opcode, data, cb) {
         if (!this.ready)
             return;
@@ -1465,32 +1465,27 @@ export class WebSocket extends EventEmitter {
         else
             this._socket.write(frame, () => this._socket.write(data, cb));
     }
-    on(event, listener) { return super.on(event, listener); }
-    addListener(event, listener) { return super.addListener(event, listener); }
-    once(event, listener) { return super.once(event, listener); }
-    off(event, listener) { return super.off(event, listener); }
-    removeListener(event, listener) { return super.removeListener(event, listener); }
 }
+/** WebSocket plugin to support `WEBSOCKET /url` routes */
 export class WebSocketPlugin extends Plugin {
     name = 'websocket';
+    // @internal
     _handler;
     constructor(options, server) {
         super();
         if (!server)
             throw new Error('Server instance is required');
         this._handler = this.upgradeHandler.bind(this, server);
-        server.servers?.forEach(srv => this.addUpgradeHandler(srv));
-        server.on('listen', (port, address, srv) => this.addUpgradeHandler(srv));
+        server.servers?.forEach(srv => this._addUpgradeHandler(srv));
+        server.on('listen', (port, address, srv) => this._addUpgradeHandler(srv));
     }
-    addUpgradeHandler(srv) {
+    // @internal
+    _addUpgradeHandler(srv) {
         if (!srv.listeners('upgrade').includes(this._handler))
             srv.on('upgrade', this._handler);
     }
     upgradeHandler(server, req, socket, head) {
         const host = req.headers.host || '';
-        const vhostPlugin = server.getPlugin('vhost');
-        const vserver = vhostPlugin?.vhosts?.[host] || server;
-        req.method = 'WEBSOCKET';
         const res = {
             req,
             get headersSent() {
@@ -1521,7 +1516,9 @@ export class WebSocketPlugin extends Plugin {
                 socket.write(headers.join('\r\n'), () => { socket.destroy(); });
             },
             error(code) {
-                res.statusCode = code || 403;
+                if (typeof code !== 'number')
+                    code = 405;
+                res.statusCode = code || 405;
                 res.end();
             },
             send(data) {
@@ -1531,16 +1528,19 @@ export class WebSocketPlugin extends Plugin {
             setHeader() { }
         };
         ServerRequest.extend(req, res, server);
-        let _ws;
+        let ws;
         Object.defineProperty(req, 'websocket', {
             get: () => {
-                if (!_ws)
-                    _ws = new WebSocket(req, server.config.websocket);
-                return _ws;
+                if (!ws)
+                    ws = new WebSocket(req, server.config.websocket);
+                return ws;
             },
             enumerable: true
         });
-        vserver.handler(req, res);
+        if (req.method !== 'GET' || req.headers.upgrade?.toLowerCase() !== 'websocket')
+            return res.error(400);
+        req.method = 'WEBSOCKET';
+        server.handler(req, res);
     }
 }
 // #endregion WebSocket
@@ -1549,6 +1549,7 @@ export class WebSocketPlugin extends Plugin {
 export class TrustProxyPlugin extends Plugin {
     priority = -60;
     name = 'trustproxy';
+    // @internal
     _trustProxy = [];
     constructor(options) {
         super();
@@ -1618,13 +1619,7 @@ export class VHostPlugin extends Plugin {
     }
 }
 const etagPrefix = crypto.randomBytes(4).toString('hex');
-//TODO: add precompressed .gz support
-//TODO: add unknown file extension handler
-/**
- * Static files middleware plugin
- * Usage: server.use('static', '/public')
- * Usage: server.use('static', { root: 'public', path: '/static' })
- */
+/** Static files plugin. At least must be path to public folder as string or StaticFilesOptions */
 export class StaticFilesPlugin extends Plugin {
     priority = 110;
     /** Default mime types */
@@ -1668,6 +1663,7 @@ export class StaticFilesPlugin extends Plugin {
     maxAge;
     prefix;
     errors;
+    checkPrecompressedGzip;
     constructor(options, server) {
         super();
         if (!options)
@@ -1683,8 +1679,8 @@ export class StaticFilesPlugin extends Plugin {
         this.etag = options.etag !== false;
         this.maxAge = options.maxAge;
         this.errors = options.errors;
+        this.checkPrecompressedGzip = options.precompressedGzip;
         this.prefix = ('/' + (options.path?.replace(/^[.\/]*/, '') || '').replace(/\/$/, '')).replace(/\/$/, '');
-        const defSend = ServerResponse.prototype.send;
         if (server && !server.getPlugin('static')) {
             this.name = 'static'; // only first plugin instance is registered as
             const defSend = ServerResponse.prototype.send;
@@ -1744,11 +1740,27 @@ export class StaticFilesPlugin extends Plugin {
                 req.filename = filename;
                 return handler.call(this, req, res, next);
             }
-            this.serveFile(req, res, {
-                path: filename,
-                mimeType,
-                stats
-            });
+            if (this.checkPrecompressedGzip && (req.headers['accept-encoding'] || '').includes('gzip')) {
+                const gzipped = filename + '.gz';
+                fs.stat(gzipped, (err, statsGz) => {
+                    if (!err && statsGz.isFile()) {
+                        res.setHeader('Content-Encoding', 'gzip');
+                        filename = gzipped;
+                        stats = statsGz;
+                    }
+                    this.serveFile(req, res, {
+                        path: filename,
+                        mimeType,
+                        stats
+                    });
+                });
+            }
+            else
+                this.serveFile(req, res, {
+                    path: filename,
+                    mimeType,
+                    stats
+                });
         });
     }
     /** Send static file */
@@ -1802,9 +1814,9 @@ export class StaticFilesPlugin extends Plugin {
             statRes(null, options.stats);
     }
 }
+/** Reverse proxy plugin, At least remote url as string or in ProxyOptions is required */
 export class ProxyPlugin extends Plugin {
     priority = 120;
-    name = 'proxy';
     /** Default valid headers */
     static validHeaders = {
         authorization: true,
@@ -1838,6 +1850,8 @@ export class ProxyPlugin extends Plugin {
             options = { remote: options };
         if (!options.remote)
             throw new Error('Invalid param');
+        if (server && !server.getPlugin('proxy'))
+            this.name = 'proxy';
         this.remoteUrl = new URL(options.remote);
         this.regex = options.match ? new RegExp(options.match) : undefined;
         this.headers = options.headers;
@@ -1965,11 +1979,7 @@ export class Auth {
         encrypted = iv.toString('base64').slice(0, 22) + cipher.getAuthTag().toString('base64').slice(0, 22) + encrypted;
         return encrypted.replace(/==?/, '').replace(/\//g, '.').replace(/\+/g, '-');
     }
-    /**
-     * Check acl over authenticated user with: `id`, `group/*`, `*`
-     * @param {string} id - to authenticate: `id`, `group/id`, `model/action`, comma separated best: true => false => def
-     * @param {boolean} [def=false] - default access
-     */
+    /** Check acl over authenticated user with: `id`, `group/*`, `*` */
     acl(id, def = false) {
         if (!this.req?.user)
             return false;
@@ -1991,12 +2001,7 @@ export class Auth {
             access = reqAcl['*'];
         return access ?? def;
     }
-    /**
-       * Authenticate user and setup cookie
-       * @param {string|UserInfo} usr - user id used with options.users to retrieve user object. User object must contain `id` and `acl` object (Ex. usr = {id:'usr', acl:{'users/*':true}})
-       * @param {string} [psw] - user password (if used for user authentication with options.users)
-       * @param {number} [expire] - expire time in seconds (default: options.expire)
-       */
+    /** Generate token from user info */
     async token(usr, psw, expire) {
         let data;
         if (typeof usr === 'object' && usr && (usr.id || usr._id))
@@ -2012,9 +2017,7 @@ export class Auth {
         if (data)
             return this.encode(data, expire);
     }
-    /**
-     * Authenticate user and setup cookie
-     */
+    /** Authenticate user and setup cookie */
     async login(usr, psw, options) {
         let usrInfo;
         if (typeof usr === 'object')
@@ -2289,6 +2292,7 @@ export class AuthPlugin extends Plugin {
     }
 }
 // #endregion AuthPlugin
+/** Load standard plugins with predefined configs: MethodsPlugin, CorsPlugin, TrustProxyPlugin, BodyPlugin, AuthPlugin, StaticFilesPlugin */
 export class StandardPlugins extends Plugin {
     constructor(options, server) {
         super();
@@ -2304,9 +2308,9 @@ export class StandardPlugins extends Plugin {
         use(MethodsPlugin);
         use(CorsPlugin, 'cors');
         use(TrustProxyPlugin, 'trustproxy');
+        use(AuthPlugin, 'auth');
         use(BodyPlugin);
         use(StaticFilesPlugin, 'static');
-        use(AuthPlugin, 'auth');
     }
 }
 /**
@@ -2487,7 +2491,9 @@ export class Controller {
 // #endregion Controller
 // #region Worker
 class WorkerJob {
+    // @internal
     _promises = [];
+    // @internal
     _busy = 0;
     start() {
         this._busy++;
@@ -2505,7 +2511,9 @@ class WorkerJob {
     }
 }
 class Worker {
+    // @internal
     _id = 0;
+    // @internal
     _jobs = {};
     isBusy(id) {
         const job = this._jobs[id || 'ready'];
@@ -2534,11 +2542,17 @@ class Worker {
 }
 /** JSON File store */
 export class FileStore {
+    // @internal
     _cache;
+    // @internal
     _dir;
+    // @internal
     _cacheTimeout;
+    // @internal
     _cacheItems;
+    // @internal
     _debounceTimeout;
+    // @internal
     _iter;
     constructor(options) {
         this._cache = {};
@@ -2562,7 +2576,9 @@ export class FileStore {
             }
         }
     }
+    // @internal
     _queue = Promise.resolve();
+    // @internal
     async _sync(cb) {
         let r;
         let p = new Promise(resolve => r = resolve);
@@ -2741,8 +2757,11 @@ function newObjectId() {
     return (new Date().getTime() / 1000 | 0).toString(16) + globalObjectId.toString('hex');
 }
 class ModelCollectionsInternal {
+    // @internal
     _ready;
+    // @internal
     _wait = new Promise(resolve => this._ready = resolve);
+    // @internal
     _db;
     set db(db) {
         Promise.resolve(db).then(db => this._ready(this._db = db));
@@ -2759,7 +2778,7 @@ export class Models {
 }
 export class Model {
     static collections = new ModelCollectionsInternal();
-    static models = {};
+    static models = new Models();
     static set db(db) {
         this.collections.db = db;
     }
@@ -3045,6 +3064,7 @@ export class Model {
         }
         return res;
     }
+    // @internal
     _fieldFunction(value, def) {
         if (typeof value === 'string' && value.startsWith('${') && value.endsWith('}')) {
             const names = value.slice(2, -1).split('.');
@@ -3062,6 +3082,7 @@ export class Model {
             return () => def;
         return () => value;
     }
+    // @internal
     _validateField(value, options) {
         const field = options.field;
         if (value == null) {
@@ -3189,7 +3210,9 @@ export class Model {
 }
 /** Collection factory */
 export class MicroCollectionStore {
+    // @internal
     _collections = new Map();
+    // @internal
     _store;
     constructor(dataPath, storeTimeDelay) {
         if (dataPath)
@@ -3212,6 +3235,7 @@ export class MicroCollection {
     name;
     /** Collection data */
     data;
+    // @internal
     _save;
     constructor(options = {}) {
         this.name = options.name || this.constructor.name;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@radatek/microserver",
-  "version": "3.0.5",
+  "version": "3.0.7",
   "description": "HTTP MicroServer",
   "author": "Darius Kisonas",
   "license": "MIT",