@ruiapp/rapid-core 0.1.6 → 0.1.7

package/dist/core/pluginManager.d.ts

@@ -1,5 +1,6 @@
 import { RpdApplicationConfig } from "~/types";
 import { IRpdServer, RapidPlugin } from "./server";
+import { RouteContext } from "./routeContext";
 declare class PluginManager {
     #private;
     constructor(server: IRpdServer);
@@ -28,5 +29,7 @@ declare class PluginManager {
     onApplicationLoaded(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<void>;
     /** 在应用准备完成后调用。此时服务器已经可以处理网络请求。 */
     onApplicationReady(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<void>;
+    /** 在接收到HTTP请求，准备路由上下文时调用。 */
+    onPrepareRouteContext(server: IRpdServer, routeContext: RouteContext): Promise<void>;
 }
 export default PluginManager;

package/dist/core/request.d.ts

@@ -10,9 +10,10 @@ export declare class RapidRequest {
     #private;
     method: string;
     url: URL;
-    headers: Headers;
     constructor(req: Request);
     parseBody(): Promise<void>;
     get rawRequest(): Request;
+    get headers(): Headers;
+    get cookies(): Record<string, string>;
     get body(): RapidRequestBody;
 }

package/dist/core/server.d.ts

@@ -1,6 +1,6 @@
 import { GetDataAccessorOptions, GetModelOptions, IDatabaseConfig, IQueryBuilder, IRpdDataAccessor, RapidServerConfig, RpdApplicationConfig, RpdDataModel, RpdServerEventTypes } from "~/types";
 import { IPluginActionHandler, ActionHandler } from "./actionHandler";
-import { Next } from "./routeContext";
+import { Next, RouteContext } from "./routeContext";
 export interface IRpdServer {
     config: RapidServerConfig;
     databaseConfig: IDatabaseConfig;
@@ -58,27 +58,29 @@ export interface RapidPlugin {
     /** 插件的全局配置项 */
     get configurations(): RpdConfigurationItemOptions[];
     /** 初始化插件时调用。插件可以在此时进行一些内部对象的初始化工作。 */
-    initPlugin(server: IRpdServer): Promise<any>;
+    initPlugin?: (server: IRpdServer) => Promise<any>;
     /** 注册中间件 */
-    registerMiddlewares(server: IRpdServer): Promise<any>;
+    registerMiddlewares?: (server: IRpdServer) => Promise<any>;
     /** 注册接口动作处理程序 */
-    registerActionHandlers(server: IRpdServer): Promise<any>;
+    registerActionHandlers?: (server: IRpdServer) => Promise<any>;
     /** 注册事件处理程序 */
-    registerEventHandlers(server: IRpdServer): Promise<any>;
+    registerEventHandlers?: (server: IRpdServer) => Promise<any>;
     /** 注册消息处理程序 */
-    registerMessageHandlers(server: IRpdServer): Promise<any>;
+    registerMessageHandlers?: (server: IRpdServer) => Promise<any>;
     /** 注册任务处理程序 */
-    registerTaskProcessors(server: IRpdServer): Promise<any>;
+    registerTaskProcessors?: (server: IRpdServer) => Promise<any>;
     /** 在加载应用前调用。 */
-    onLoadingApplication(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+    onLoadingApplication?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
     /** 配置数据集合 */
-    configureModels(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+    configureModels?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
     /** 配置模型属性 */
-    configureModelProperties(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+    configureModelProperties?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
     /** 配置路由 */
-    configureRoutes(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+    configureRoutes?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
     /** 在应用配置加载完成后调用。此时插件可以进行一些数据的初始化工作。 */
-    onApplicationLoaded(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+    onApplicationLoaded?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
     /** 在应用准备完成后调用。此时服务器已经可以处理网络请求，可以对外广播消息。 */
-    onApplicationReady(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+    onApplicationReady?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
+    /** 在接收到HTTP请求，准备路由上下文时调用。 */
+    onPrepareRouteContext?: (server: IRpdServer, routeContext: RouteContext) => Promise<any>;
 }

package/dist/index.d.ts

@@ -7,9 +7,9 @@ export * from "./core/http-types";
 export * from "./core/actionHandler";
 export * from "./utilities/jwtUtility";
 export * as bootstrapApplicationConfig from "./bootstrapApplicationConfig";
-export { default as MetaManagePlugin } from "./plugins/metaManage/mod";
-export { default as DataManagePlugin } from "./plugins/dataManage/mod";
-export { default as RouteManagePlugin } from "./plugins/routeManage/mod";
-export { default as WebhooksPlugin } from "./plugins/webhooks/mod";
-export { default as AuthPlugin } from "./plugins/auth/mod";
-export { default as FileManagePlugin } from "./plugins/fileManage/mod";
+export { default as MetaManagePlugin } from "./plugins/metaManage/MetaManagePlugin";
+export { default as DataManagePlugin } from "./plugins/dataManage/DataManagePlugin";
+export { default as RouteManagePlugin } from "./plugins/routeManage/RouteManagePlugin";
+export { default as WebhooksPlugin } from "./plugins/webhooks/WebhooksPlugin";
+export { default as AuthPlugin } from "./plugins/auth/AuthPlugin";
+export { default as FileManagePlugin } from "./plugins/fileManage/FileManagePlugin";

package/dist/index.js

@@ -544,6 +544,14 @@ class PluginManager {
             }
         }
     }
+    /** 在接收到HTTP请求，准备路由上下文时调用。 */
+    async onPrepareRouteContext(server, routeContext) {
+        for (const plugin of this.#plugins) {
+            if (plugin.onPrepareRouteContext) {
+                await plugin.onPrepareRouteContext(server, routeContext);
+            }
+        }
+    }
 }
 
 class EventManager {
@@ -769,19 +777,255 @@ const convertToNewArray = (form, key, value) => {
     form[key] = [form[key], value];
 };
 
+// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
+class AssertionError extends Error {
+    name = "AssertionError";
+    constructor(message) {
+        super(message);
+    }
+}
+
+// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
+/** Make an assertion, error will be thrown if `expr` does not have truthy value. */
+function assert(expr, msg = "") {
+    if (!expr) {
+        throw new AssertionError(msg);
+    }
+}
+
+// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
+// This module is browser compatible.
+/**
+ * Formats the given date to IMF date time format. (Reference:
+ * https://tools.ietf.org/html/rfc7231#section-7.1.1.1).
+ * IMF is the time format to use when generating times in HTTP
+ * headers. The time being formatted must be in UTC for Format to
+ * generate the correct format.
+ *
+ * @example
+ * ```ts
+ * import { toIMF } from "https://deno.land/std@$STD_VERSION/datetime/to_imf.ts";
+ *
+ * toIMF(new Date(0)); // => returns "Thu, 01 Jan 1970 00:00:00 GMT"
+ * ```
+ * @param date Date to parse
+ * @return IMF date formatted string
+ */
+function toIMF(date) {
+    function dtPad(v, lPad = 2) {
+        return v.padStart(lPad, "0");
+    }
+    const d = dtPad(date.getUTCDate().toString());
+    const h = dtPad(date.getUTCHours().toString());
+    const min = dtPad(date.getUTCMinutes().toString());
+    const s = dtPad(date.getUTCSeconds().toString());
+    const y = date.getUTCFullYear();
+    const days = ["Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"];
+    const months = [
+        "Jan",
+        "Feb",
+        "Mar",
+        "Apr",
+        "May",
+        "Jun",
+        "Jul",
+        "Aug",
+        "Sep",
+        "Oct",
+        "Nov",
+        "Dec",
+    ];
+    return `${days[date.getUTCDay()]}, ${d} ${months[date.getUTCMonth()]} ${y} ${h}:${min}:${s} GMT`;
+}
+
+// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
+const FIELD_CONTENT_REGEXP = /^(?=[\x20-\x7E]*$)[^()@<>,;:\\"\[\]?={}\s]+$/;
+function toString(cookie) {
+    if (!cookie.name) {
+        return "";
+    }
+    const out = [];
+    validateName(cookie.name);
+    validateValue(cookie.name, cookie.value);
+    out.push(`${cookie.name}=${cookie.value}`);
+    // Fallback for invalid Set-Cookie
+    // ref: https://tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.1
+    if (cookie.name.startsWith("__Secure")) {
+        cookie.secure = true;
+    }
+    if (cookie.name.startsWith("__Host")) {
+        cookie.path = "/";
+        cookie.secure = true;
+        delete cookie.domain;
+    }
+    if (cookie.secure) {
+        out.push("Secure");
+    }
+    if (cookie.httpOnly) {
+        out.push("HttpOnly");
+    }
+    if (typeof cookie.maxAge === "number" && Number.isInteger(cookie.maxAge)) {
+        assert(cookie.maxAge >= 0, "Max-Age must be an integer superior or equal to 0");
+        out.push(`Max-Age=${cookie.maxAge}`);
+    }
+    if (cookie.domain) {
+        validateDomain(cookie.domain);
+        out.push(`Domain=${cookie.domain}`);
+    }
+    if (cookie.sameSite) {
+        out.push(`SameSite=${cookie.sameSite}`);
+    }
+    if (cookie.path) {
+        validatePath(cookie.path);
+        out.push(`Path=${cookie.path}`);
+    }
+    if (cookie.expires) {
+        const { expires } = cookie;
+        const dateString = toIMF(typeof expires === "number" ? new Date(expires) : expires);
+        out.push(`Expires=${dateString}`);
+    }
+    if (cookie.unparsed) {
+        out.push(cookie.unparsed.join("; "));
+    }
+    return out.join("; ");
+}
+/**
+ * Validate Cookie Name.
+ * @param name Cookie name.
+ */
+function validateName(name) {
+    if (name && !FIELD_CONTENT_REGEXP.test(name)) {
+        throw new TypeError(`Invalid cookie name: "${name}".`);
+    }
+}
+/**
+ * Validate Path Value.
+ * See {@link https://tools.ietf.org/html/rfc6265#section-4.1.2.4}.
+ * @param path Path value.
+ */
+function validatePath(path) {
+    if (path == null) {
+        return;
+    }
+    for (let i = 0; i < path.length; i++) {
+        const c = path.charAt(i);
+        if (c < String.fromCharCode(0x20) || c > String.fromCharCode(0x7E) || c == ";") {
+            throw new Error(path + ": Invalid cookie path char '" + c + "'");
+        }
+    }
+}
+/**
+ * Validate Cookie Value.
+ * See {@link https://tools.ietf.org/html/rfc6265#section-4.1}.
+ * @param value Cookie value.
+ */
+function validateValue(name, value) {
+    if (value == null || name == null)
+        return;
+    for (let i = 0; i < value.length; i++) {
+        const c = value.charAt(i);
+        if (c < String.fromCharCode(0x21) || c == String.fromCharCode(0x22) ||
+            c == String.fromCharCode(0x2c) || c == String.fromCharCode(0x3b) ||
+            c == String.fromCharCode(0x5c) || c == String.fromCharCode(0x7f)) {
+            throw new Error("RFC2616 cookie '" + name + "' cannot contain character '" + c + "'");
+        }
+        if (c > String.fromCharCode(0x80)) {
+            throw new Error("RFC2616 cookie '" + name + "' can only have US-ASCII chars as value" +
+                c.charCodeAt(0).toString(16));
+        }
+    }
+}
+/**
+ * Validate Cookie Domain.
+ * See {@link https://datatracker.ietf.org/doc/html/rfc6265#section-4.1.2.3}.
+ * @param domain Cookie domain.
+ */
+function validateDomain(domain) {
+    if (domain == null) {
+        return;
+    }
+    const char1 = domain.charAt(0);
+    const charN = domain.charAt(domain.length - 1);
+    if (char1 == "-" || charN == "." || charN == "-") {
+        throw new Error("Invalid first/last char in cookie domain: " + domain);
+    }
+}
+/**
+ * Parse cookies of a header
+ *
+ * @example
+ * ```ts
+ * import { getCookies } from "https://deno.land/std@$STD_VERSION/http/cookie.ts";
+ *
+ * const headers = new Headers();
+ * headers.set("Cookie", "full=of; tasty=chocolate");
+ *
+ * const cookies = getCookies(headers);
+ * console.log(cookies); // { full: "of", tasty: "chocolate" }
+ * ```
+ *
+ * @param headers The headers instance to get cookies from
+ * @return Object with cookie names as keys
+ */
+function getCookies(headers) {
+    const cookie = headers.get("Cookie");
+    if (cookie != null) {
+        const out = {};
+        const c = cookie.split(";");
+        for (const kv of c) {
+            const [cookieKey, ...cookieVal] = kv.split("=");
+            assert(cookieKey != null);
+            const key = cookieKey.trim();
+            out[key] = cookieVal.join("=");
+        }
+        return out;
+    }
+    return {};
+}
+/**
+ * Set the cookie header properly in the headers
+ *
+ * @example
+ * ```ts
+ * import {
+ *   Cookie,
+ *   setCookie,
+ * } from "https://deno.land/std@$STD_VERSION/http/cookie.ts";
+ *
+ * const headers = new Headers();
+ * const cookie: Cookie = { name: "Space", value: "Cat" };
+ * setCookie(headers, cookie);
+ *
+ * const cookieHeader = headers.get("set-cookie");
+ * console.log(cookieHeader); // Space=Cat
+ * ```
+ *
+ * @param headers The headers instance to set the cookie to
+ * @param cookie Cookie to set
+ */
+function setCookie(headers, cookie) {
+    // Parsing cookie headers to make consistent set-cookie header
+    // ref: https://tools.ietf.org/html/rfc6265#section-4.1.1
+    const v = toString(cookie);
+    if (v) {
+        headers.append("Set-Cookie", v);
+    }
+}
+
 const GlobalRequest = global.Request;
 class RapidRequest {
     #raw;
     #bodyParsed;
     #body;
+    #headers;
+    #parsedCookies;
     method;
     url;
-    headers;
     constructor(req) {
         this.#raw = req;
         this.method = req.method;
         this.url = new URL(req.url);
-        this.headers = req.headers;
+        this.#headers = req.headers;
     }
     async parseBody() {
         if (this.#bodyParsed) {
@@ -791,7 +1035,7 @@ class RapidRequest {
         const requestMethod = this.method;
         if (requestMethod === "POST" || requestMethod === "PUT" || requestMethod === "PATCH") {
             const req = this.#raw;
-            const contentType = this.headers.get("Content-Type");
+            const contentType = this.#headers.get("Content-Type");
             if (contentType.includes("json")) {
                 this.#body = {
                     type: "json",
@@ -820,6 +1064,15 @@ class RapidRequest {
     get rawRequest() {
         return this.#raw;
     }
+    get headers() {
+        return this.#headers;
+    }
+    get cookies() {
+        if (!this.#parsedCookies) {
+            this.#parsedCookies = getCookies(this.#headers);
+        }
+        return this.#parsedCookies;
+    }
     get body() {
         if (!this.#bodyParsed) {
             throw new Error("Request body not parsed, you should call 'parseBody()' method before getting the body.");
@@ -3450,209 +3703,6 @@ class WebhooksPlugin {
     }
 }
 
-// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
-class AssertionError extends Error {
-    name = "AssertionError";
-    constructor(message) {
-        super(message);
-    }
-}
-
-// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
-/** Make an assertion, error will be thrown if `expr` does not have truthy value. */
-function assert(expr, msg = "") {
-    if (!expr) {
-        throw new AssertionError(msg);
-    }
-}
-
-// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
-// This module is browser compatible.
-/**
- * Formats the given date to IMF date time format. (Reference:
- * https://tools.ietf.org/html/rfc7231#section-7.1.1.1).
- * IMF is the time format to use when generating times in HTTP
- * headers. The time being formatted must be in UTC for Format to
- * generate the correct format.
- *
- * @example
- * ```ts
- * import { toIMF } from "https://deno.land/std@$STD_VERSION/datetime/to_imf.ts";
- *
- * toIMF(new Date(0)); // => returns "Thu, 01 Jan 1970 00:00:00 GMT"
- * ```
- * @param date Date to parse
- * @return IMF date formatted string
- */
-function toIMF(date) {
-    function dtPad(v, lPad = 2) {
-        return v.padStart(lPad, "0");
-    }
-    const d = dtPad(date.getUTCDate().toString());
-    const h = dtPad(date.getUTCHours().toString());
-    const min = dtPad(date.getUTCMinutes().toString());
-    const s = dtPad(date.getUTCSeconds().toString());
-    const y = date.getUTCFullYear();
-    const days = ["Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"];
-    const months = [
-        "Jan",
-        "Feb",
-        "Mar",
-        "Apr",
-        "May",
-        "Jun",
-        "Jul",
-        "Aug",
-        "Sep",
-        "Oct",
-        "Nov",
-        "Dec",
-    ];
-    return `${days[date.getUTCDay()]}, ${d} ${months[date.getUTCMonth()]} ${y} ${h}:${min}:${s} GMT`;
-}
-
-// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
-const FIELD_CONTENT_REGEXP = /^(?=[\x20-\x7E]*$)[^()@<>,;:\\"\[\]?={}\s]+$/;
-function toString(cookie) {
-    if (!cookie.name) {
-        return "";
-    }
-    const out = [];
-    validateName(cookie.name);
-    validateValue(cookie.name, cookie.value);
-    out.push(`${cookie.name}=${cookie.value}`);
-    // Fallback for invalid Set-Cookie
-    // ref: https://tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.1
-    if (cookie.name.startsWith("__Secure")) {
-        cookie.secure = true;
-    }
-    if (cookie.name.startsWith("__Host")) {
-        cookie.path = "/";
-        cookie.secure = true;
-        delete cookie.domain;
-    }
-    if (cookie.secure) {
-        out.push("Secure");
-    }
-    if (cookie.httpOnly) {
-        out.push("HttpOnly");
-    }
-    if (typeof cookie.maxAge === "number" && Number.isInteger(cookie.maxAge)) {
-        assert(cookie.maxAge >= 0, "Max-Age must be an integer superior or equal to 0");
-        out.push(`Max-Age=${cookie.maxAge}`);
-    }
-    if (cookie.domain) {
-        validateDomain(cookie.domain);
-        out.push(`Domain=${cookie.domain}`);
-    }
-    if (cookie.sameSite) {
-        out.push(`SameSite=${cookie.sameSite}`);
-    }
-    if (cookie.path) {
-        validatePath(cookie.path);
-        out.push(`Path=${cookie.path}`);
-    }
-    if (cookie.expires) {
-        const { expires } = cookie;
-        const dateString = toIMF(typeof expires === "number" ? new Date(expires) : expires);
-        out.push(`Expires=${dateString}`);
-    }
-    if (cookie.unparsed) {
-        out.push(cookie.unparsed.join("; "));
-    }
-    return out.join("; ");
-}
-/**
- * Validate Cookie Name.
- * @param name Cookie name.
- */
-function validateName(name) {
-    if (name && !FIELD_CONTENT_REGEXP.test(name)) {
-        throw new TypeError(`Invalid cookie name: "${name}".`);
-    }
-}
-/**
- * Validate Path Value.
- * See {@link https://tools.ietf.org/html/rfc6265#section-4.1.2.4}.
- * @param path Path value.
- */
-function validatePath(path) {
-    if (path == null) {
-        return;
-    }
-    for (let i = 0; i < path.length; i++) {
-        const c = path.charAt(i);
-        if (c < String.fromCharCode(0x20) || c > String.fromCharCode(0x7E) || c == ";") {
-            throw new Error(path + ": Invalid cookie path char '" + c + "'");
-        }
-    }
-}
-/**
- * Validate Cookie Value.
- * See {@link https://tools.ietf.org/html/rfc6265#section-4.1}.
- * @param value Cookie value.
- */
-function validateValue(name, value) {
-    if (value == null || name == null)
-        return;
-    for (let i = 0; i < value.length; i++) {
-        const c = value.charAt(i);
-        if (c < String.fromCharCode(0x21) || c == String.fromCharCode(0x22) ||
-            c == String.fromCharCode(0x2c) || c == String.fromCharCode(0x3b) ||
-            c == String.fromCharCode(0x5c) || c == String.fromCharCode(0x7f)) {
-            throw new Error("RFC2616 cookie '" + name + "' cannot contain character '" + c + "'");
-        }
-        if (c > String.fromCharCode(0x80)) {
-            throw new Error("RFC2616 cookie '" + name + "' can only have US-ASCII chars as value" +
-                c.charCodeAt(0).toString(16));
-        }
-    }
-}
-/**
- * Validate Cookie Domain.
- * See {@link https://datatracker.ietf.org/doc/html/rfc6265#section-4.1.2.3}.
- * @param domain Cookie domain.
- */
-function validateDomain(domain) {
-    if (domain == null) {
-        return;
-    }
-    const char1 = domain.charAt(0);
-    const charN = domain.charAt(domain.length - 1);
-    if (char1 == "-" || charN == "." || charN == "-") {
-        throw new Error("Invalid first/last char in cookie domain: " + domain);
-    }
-}
-/**
- * Set the cookie header properly in the headers
- *
- * @example
- * ```ts
- * import {
- *   Cookie,
- *   setCookie,
- * } from "https://deno.land/std@$STD_VERSION/http/cookie.ts";
- *
- * const headers = new Headers();
- * const cookie: Cookie = { name: "Space", value: "Cat" };
- * setCookie(headers, cookie);
- *
- * const cookieHeader = headers.get("set-cookie");
- * console.log(cookieHeader); // Space=Cat
- * ```
- *
- * @param headers The headers instance to set the cookie to
- * @param cookie Cookie to set
- */
-function setCookie(headers, cookie) {
-    // Parsing cookie headers to make consistent set-cookie header
-    // ref: https://tools.ietf.org/html/rfc6265#section-4.1.1
-    const v = toString(cookie);
-    if (v) {
-        headers.append("Set-Cookie", v);
-    }
-}
-
 const code$5 = "createSession";
 async function handler$5(plugin, ctx, options) {
     const { server, input, routerContext } = ctx;
@@ -3868,7 +3918,7 @@ var pluginRoutes = [
 /**
  * Auth manager plugin
  */
-class AuthManager {
+class AuthPlugin {
     get code() {
         return "authManager";
     }
@@ -3914,6 +3964,26 @@ class AuthManager {
     }
     async onApplicationReady(server, applicationConfig) {
     }
+    async onPrepareRouteContext(server, routeContext) {
+        const request = routeContext.request;
+        let token;
+        const headers = request.headers;
+        // No Authorization header
+        if (headers.has("Authorization")) {
+            // Authorization header has no Bearer or no token
+            const authHeader = headers.get("Authorization");
+            if (!authHeader.startsWith("Bearer ") || authHeader.length <= 7) {
+                throw new Error('AUTHORIZATION_HEADER_INVALID');
+            }
+            token = authHeader.slice(7);
+        }
+        else {
+            token = request.cookies[server.config.sessionCookieName];
+        }
+        const tokenPayload = verifyJwt(token, server.config.jwtKey);
+        routeContext.state.userId = tokenPayload.aud;
+        routeContext.state.userLogin = tokenPayload.act;
+    }
 }
 
 async function readFile(path) {
@@ -4076,7 +4146,7 @@ class FileManager {
 
 fixBigIntJSONSerialize();
 
-exports.AuthPlugin = AuthManager;
+exports.AuthPlugin = AuthPlugin;
 exports.DataManagePlugin = DataManager;
 exports.FileManagePlugin = FileManager;
 exports.GlobalRequest = GlobalRequest;

package/dist/plugins/auth/{mod.d.ts → AuthPlugin.d.ts}

@@ -3,7 +3,8 @@
  */
 import { RpdApplicationConfig } from "~/types";
 import { IRpdServer, RapidPlugin, RpdConfigurationItemOptions, RpdServerPluginConfigurableTargetOptions, RpdServerPluginExtendingAbilities } from "~/core/server";
-declare class AuthManager implements RapidPlugin {
+import { RouteContext } from "~/core/routeContext";
+declare class AuthPlugin implements RapidPlugin {
     get code(): string;
     get description(): string;
     get extendingAbilities(): RpdServerPluginExtendingAbilities[];
@@ -21,5 +22,6 @@ declare class AuthManager implements RapidPlugin {
     configureRoutes(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
     onApplicationLoaded(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
     onApplicationReady(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+    onPrepareRouteContext(server: IRpdServer, routeContext: RouteContext): Promise<void>;
 }
-export default AuthManager;
+export default AuthPlugin;

package/dist/plugins/auth/routes/index.d.ts

@@ -5,7 +5,7 @@ declare const _default: ({
     type: "RESTful";
     method: "GET";
     endpoint: string;
-    handlers: {
+    actions: {
         code: string;
     }[];
 } | {
@@ -15,7 +15,7 @@ declare const _default: ({
     type: "RESTful";
     method: "POST";
     endpoint: string;
-    handlers: {
+    actions: {
         code: string;
     }[];
 })[];

package/dist/utilities/jwtUtility.d.ts

@@ -1,5 +1,5 @@
-import { Secret } from "jsonwebtoken";
+import { Secret, JwtPayload } from "jsonwebtoken";
 export declare function createJwt(payload: Record<string, any>, secret: Secret): string;
-export declare function verifyJwt(token: string, secret: Secret): string | import("jsonwebtoken").JwtPayload;
+export declare function verifyJwt(token: string, secret: Secret): JwtPayload;
 export declare function decodeJwt(token: string): import("jsonwebtoken").Jwt;
 export declare function generateJwtSecretKey(): Promise<string>;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ruiapp/rapid-core",
-  "version": "0.1.6",
+  "version": "0.1.7",
   "description": "",
   "main": "dist/index.js",
   "keywords": [],

package/src/core/pluginManager.ts

@@ -1,5 +1,6 @@
 import { RpdApplicationConfig } from "~/types";
 import { IRpdServer, RapidPlugin } from "./server";
+import { RouteContext } from "./routeContext";
 
 class PluginManager {
   #server: IRpdServer;
@@ -139,6 +140,18 @@ class PluginManager {
       }
     }
   }
+
+  /** 在接收到HTTP请求，准备路由上下文时调用。 */
+  async onPrepareRouteContext(
+    server: IRpdServer,
+    routeContext: RouteContext,
+  ) {
+    for (const plugin of this.#plugins) {
+      if (plugin.onPrepareRouteContext) {
+        await plugin.onPrepareRouteContext(server, routeContext);
+      }
+    }
+  }
 }
 
 export default PluginManager;

package/src/core/request.ts

@@ -1,5 +1,6 @@
 import qs from "qs";
 import { parseFormDataBody } from "./http/formDataParser";
+import { getCookies } from "~/deno-std/http/cookie";
 
 export const GlobalRequest = global.Request;
 
@@ -12,15 +13,16 @@ export class RapidRequest {
   #raw: Request;
   #bodyParsed: boolean;
   #body: RapidRequestBody;
+  #headers: Headers;
+  #parsedCookies: Record<string, string>;
   method: string;
   url: URL;
-  headers: Headers;
 
   constructor(req: Request) {
     this.#raw = req;
     this.method = req.method;
     this.url = new URL(req.url);
-    this.headers = req.headers;
+    this.#headers = req.headers;
   }
 
   async parseBody(): Promise<void> {
@@ -32,7 +34,7 @@ export class RapidRequest {
     const requestMethod = this.method;
     if (requestMethod === "POST" || requestMethod === "PUT" || requestMethod === "PATCH") {
       const req = this.#raw;
-      const contentType = this.headers.get("Content-Type");
+      const contentType = this.#headers.get("Content-Type");
       if (contentType.includes("json")) {
         this.#body = {
           type: "json",
@@ -60,6 +62,17 @@ export class RapidRequest {
     return this.#raw;
   }
 
+  get headers(): Headers {
+    return this.#headers;
+  }
+
+  get cookies(): Record<string, string> {
+    if (!this.#parsedCookies) {
+      this.#parsedCookies = getCookies(this.#headers);
+    }
+    return this.#parsedCookies;
+  }
+
   get body(): RapidRequestBody {
     if (!this.#bodyParsed) {
       throw new Error("Request body not parsed, you should call 'parseBody()' method before getting the body.")

package/src/core/server.ts

@@ -1,6 +1,6 @@
 import { GetDataAccessorOptions, GetModelOptions, IDatabaseConfig, IQueryBuilder, IRpdDataAccessor, RapidServerConfig, RpdApplicationConfig, RpdDataModel, RpdServerEventTypes } from "~/types";
 import { IPluginActionHandler, ActionHandler } from "./actionHandler";
-import { Next } from "./routeContext";
+import { Next, RouteContext } from "./routeContext";
 
 export interface IRpdServer {
   config: RapidServerConfig;
@@ -100,28 +100,29 @@ export interface RapidPlugin {
   /** 插件的全局配置项 */
   get configurations(): RpdConfigurationItemOptions[];
   /** 初始化插件时调用。插件可以在此时进行一些内部对象的初始化工作。 */
-  initPlugin(server: IRpdServer): Promise<any>;
+  initPlugin?: (server: IRpdServer) => Promise<any>;
   /** 注册中间件 */
-  registerMiddlewares(server: IRpdServer): Promise<any>;
+  registerMiddlewares?: (server: IRpdServer) => Promise<any>;
   /** 注册接口动作处理程序 */
-  registerActionHandlers(server: IRpdServer): Promise<any>;
+  registerActionHandlers?: (server: IRpdServer) => Promise<any>;
   /** 注册事件处理程序 */
-  registerEventHandlers(server: IRpdServer): Promise<any>;
+  registerEventHandlers?: (server: IRpdServer) => Promise<any>;
   /** 注册消息处理程序 */
-  registerMessageHandlers(server: IRpdServer): Promise<any>;
+  registerMessageHandlers?: (server: IRpdServer) => Promise<any>;
   /** 注册任务处理程序 */
-  registerTaskProcessors(server: IRpdServer): Promise<any>;
+  registerTaskProcessors?: (server: IRpdServer) => Promise<any>;
   /** 在加载应用前调用。 */
-  onLoadingApplication(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+  onLoadingApplication?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
   /** 配置数据集合 */
-  configureModels(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+  configureModels?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
   /** 配置模型属性 */
-  configureModelProperties(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+  configureModelProperties?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
   /** 配置路由 */
-  configureRoutes(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+  configureRoutes?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
   /** 在应用配置加载完成后调用。此时插件可以进行一些数据的初始化工作。 */
-  onApplicationLoaded(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+  onApplicationLoaded?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
   /** 在应用准备完成后调用。此时服务器已经可以处理网络请求，可以对外广播消息。 */
-  onApplicationReady(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+  onApplicationReady?: (server: IRpdServer, applicationConfig: RpdApplicationConfig) => Promise<any>;
+  /** 在接收到HTTP请求，准备路由上下文时调用。 */
+  onPrepareRouteContext?: (server: IRpdServer, routeContext: RouteContext) => Promise<any>;
 }
-

package/src/index.ts

@@ -14,9 +14,9 @@ export * from "./utilities/jwtUtility";
 
 export * as bootstrapApplicationConfig from "./bootstrapApplicationConfig";
 
-export { default as MetaManagePlugin } from "./plugins/metaManage/mod";
-export { default as DataManagePlugin } from "./plugins/dataManage/mod";
-export { default as RouteManagePlugin } from "./plugins/routeManage/mod";
-export { default as WebhooksPlugin } from "./plugins/webhooks/mod";
-export { default as AuthPlugin } from "./plugins/auth/mod";
-export { default as FileManagePlugin } from "./plugins/fileManage/mod";
+export { default as MetaManagePlugin } from "./plugins/metaManage/MetaManagePlugin";
+export { default as DataManagePlugin } from "./plugins/dataManage/DataManagePlugin";
+export { default as RouteManagePlugin } from "./plugins/routeManage/RouteManagePlugin";
+export { default as WebhooksPlugin } from "./plugins/webhooks/WebhooksPlugin";
+export { default as AuthPlugin } from "./plugins/auth/AuthPlugin";
+export { default as FileManagePlugin } from "./plugins/fileManage/FileManagePlugin";

package/src/plugins/auth/{mod.ts → AuthPlugin.ts}

@@ -11,9 +11,11 @@ import { IRpdServer, RapidPlugin, RpdConfigurationItemOptions, RpdServerPluginCo
 import pluginActionHandlers from "./actionHandlers";
 import pluginModels from "./models";
 import pluginRoutes from "./routes";
+import { RouteContext } from "~/core/routeContext";
+import { verifyJwt } from "~/utilities/jwtUtility";
 
 
-class AuthManager implements RapidPlugin {
+class AuthPlugin implements RapidPlugin {
   get code(): string {
     return "authManager";
   }
@@ -75,6 +77,29 @@ class AuthManager implements RapidPlugin {
 
   async onApplicationReady(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any> {
   }
+
+  async onPrepareRouteContext(server: IRpdServer, routeContext: RouteContext) {
+    const request = routeContext.request;
+    let token: string;
+
+    const headers = request.headers;
+    // No Authorization header
+    if (headers.has("Authorization")) {
+      // Authorization header has no Bearer or no token
+      const authHeader = headers.get("Authorization")!;
+      if (!authHeader.startsWith("Bearer ") || authHeader.length <= 7) {
+        throw new Error('AUTHORIZATION_HEADER_INVALID');
+      }
+
+      token = authHeader.slice(7);
+    } else {
+      token = request.cookies[server.config.sessionCookieName];
+    }
+
+    const tokenPayload = verifyJwt(token, server.config.jwtKey);
+    routeContext.state.userId = tokenPayload.aud as string;
+    routeContext.state.userLogin = tokenPayload.act as string;
+  }
 }
 
-export default AuthManager;
+export default AuthPlugin;

package/src/server.ts

@@ -230,6 +230,7 @@ export class RapidServer implements IRpdServer {
     const rapidRequest = new RapidRequest(request);
     await rapidRequest.parseBody();
     const routeContext = new RouteContext(rapidRequest);
+
     await this.#buildedRoutes(routeContext, next);
     return routeContext.response.getResponse();
   }

package/src/utilities/jwtUtility.ts

@@ -1,4 +1,4 @@
-import { sign, verify, decode, Secret } from "jsonwebtoken";
+import { sign, verify, decode, Secret, JwtPayload } from "jsonwebtoken";
 import { encode as base64Encode } from "~/deno-std/encoding/base64";
 import crypto from "crypto";
 
@@ -8,10 +8,10 @@ export function createJwt(payload: Record<string, any>, secret: Secret) {
   });
 }
 
-export function verifyJwt(token: string, secret: Secret) {
+export function verifyJwt(token: string, secret: Secret): JwtPayload {
   return verify(token, secret, {
     algorithms: ['HS512'],
-  });
+  }) as JwtPayload;
 }
 
 export function decodeJwt(token: string) {