@sourceregistry/node-webserver 1.5.0 → 1.6.0

package/dist/index.es.js

@@ -31,7 +31,7 @@ function T(e) {
 }
 //#endregion
 //#region src/middlewares/ratelimiter/InMemory.ts
-var ee = class {
+var E = class {
 	constructor(e) {
 		this.data = /* @__PURE__ */ new Map(), this.windowMs = e.windowMs, this.startCleanup();
 	}
@@ -57,19 +57,105 @@ var ee = class {
 	async resetAll() {
 		this.data.clear();
 	}
-}, E = /* @__PURE__ */ S({ fixedWindowLimit: () => D });
-function D(e) {
-	let { windowMs: t = 6e4, max: n, key: r = (e) => e.getClientAddress(), message: i = "Too many requests, please try again later.", statusCode: a = 429, headers: o = "include", onRateLimit: s, store: c = new ee({ windowMs: t }) } = e;
+}, D = class {
+	constructor(e) {
+		this.data = /* @__PURE__ */ new Map(), this.windowMs = e.windowMs, this.startCleanup();
+	}
+	async incr(e) {
+		let t = Date.now(), n = t - this.windowMs, r = this.data.get(e) || [];
+		r = r.filter((e) => e > n), r.push(t), this.data.set(e, r);
+		let i = t + this.windowMs;
+		return {
+			current: r.length,
+			reset: i
+		};
+	}
+	startCleanup() {
+		this.cleanupInterval = setInterval(() => {
+			let e = Date.now();
+			for (let [t, n] of this.data) {
+				let r = e - this.windowMs, i = n.filter((e) => e > r);
+				i.length === 0 ? this.data.delete(t) : this.data.set(t, i);
+			}
+		}, Math.min(this.windowMs, 3e5));
+	}
+	stop() {
+		this.cleanupInterval && clearInterval(this.cleanupInterval);
+	}
+	async resetAll() {
+		this.data.clear();
+	}
+}, ee = /* @__PURE__ */ S({
+	MemoryStore: () => E,
+	SlidingWindowStore: () => D,
+	fixedWindowLimit: () => te,
+	slidingWindowLimit: () => O
+});
+function O(e) {
+	let { windowMs: t = 6e4, max: n, key: r = (e) => e.getClientAddress(), message: i = "Too many requests, please try again later.", statusCode: a = 429, headers: o = "include", onRateLimit: s, store: c = new D({ windowMs: t }) } = e;
 	return async (e, t) => {
 		let l = r(e);
 		if (typeof l != "string" || !/^[a-zA-Z0-9_.-]+$/.test(l)) throw Error("Invalid rate limit key: only alphanumeric, underscore, dot, and hyphen allowed");
 		let u = `rl:${l}`, { current: d, reset: f } = await c.incr(u), p = Math.ceil((f - Date.now()) / 1e3);
 		if (d > n) {
-			s && s(e, {
-				current: d,
-				max: n,
-				key: u
-			});
+			if (s) {
+				let t = f - Date.now();
+				s(e, {
+					current: d,
+					max: n,
+					key: u,
+					reset: Math.floor(f / 1e3),
+					remaining: 0,
+					resetTimeMs: t
+				});
+			}
+			let t = {
+				status: a,
+				headers: new Headers()
+			}, r = t.headers;
+			o === "include" && (r.set("X-RateLimit-Limit", String(n)), r.set("X-RateLimit-Remaining", "0"), r.set("X-RateLimit-Reset", String(Math.floor(f / 1e3))), r.set("Retry-After", String(p)));
+			let c;
+			return typeof i == "string" ? (c = i, r.set("Content-Type", "text/plain")) : (c = JSON.stringify(i), r.set("Content-Type", "application/json")), new Response(c, t);
+		}
+		if (e.rateLimit = {
+			current: d,
+			limit: n,
+			reset: new Date(f),
+			remaining: n - d
+		}, o === "include") {
+			let t = {
+				"X-RateLimit-Limit": String(n),
+				"X-RateLimit-Remaining": String(n - d),
+				"X-RateLimit-Reset": String(Math.floor(f / 1e3))
+			}, r = e.setHeaders;
+			e.setHeaders = (e) => {
+				r({
+					...t,
+					...e
+				});
+			}, r(t);
+		}
+		return t();
+	};
+}
+function te(e) {
+	let { windowMs: t = 6e4, max: n, key: r = (e) => e.getClientAddress(), message: i = "Too many requests, please try again later.", statusCode: a = 429, headers: o = "include", onRateLimit: s, store: c = new E({ windowMs: t }) } = e;
+	return async (e, t) => {
+		let l = r(e);
+		if (typeof l != "string" || !/^[a-zA-Z0-9_.-]+$/.test(l)) throw Error("Invalid rate limit key: only alphanumeric, underscore, dot, and hyphen allowed");
+		let u = `rl:${l}`, { current: d, reset: f } = await c.incr(u), p = Math.ceil((f - Date.now()) / 1e3);
+		if (d > n) {
+			if (s) {
+				let t = f - Date.now();
+				s(e, {
+					current: d,
+					max: n,
+					key: u,
+					reset: Math.floor(f / 1e3),
+					remaining: 0,
+					resetTimeMs: t
+				});
+			}
 			let t = {
 				status: a,
 				headers: new Headers()
@@ -101,7 +187,7 @@ function D(e) {
 }
 //#endregion
 //#region src/middlewares/cros/index.ts
-var te = /* @__PURE__ */ S({ policy: () => j }), ne = [
+var ne = /* @__PURE__ */ S({ policy: () => M }), re = [
 	"GET",
 	"POST",
 	"PUT",
@@ -109,13 +195,13 @@ var te = /* @__PURE__ */ S({ policy: () => j }), ne = [
 	"PATCH",
 	"HEAD",
 	"OPTIONS"
-], re = [
+], ie = [
 	"Accept",
 	"Accept-Language",
 	"Content-Language",
 	"Content-Type",
 	"Range"
-], O = [
+], k = [
 	"Authorization",
 	"X-Auth-Token",
 	"X-Requested-With",
@@ -125,21 +211,21 @@ var te = /* @__PURE__ */ S({ policy: () => j }), ne = [
 	"X-Real-IP",
 	"X-Custom-Header"
 ];
-function k(e, t) {
-	return !e || !t ? !1 : t === "*" ? !0 : t === "null" ? e === "null" : Array.isArray(t) ? t.some((t) => k(e, t)) : typeof t == "function" ? t(e) : t instanceof RegExp ? t.test(e) : e === t;
-}
 function A(e, t) {
+	return !e || !t ? !1 : t === "*" ? !0 : t === "null" ? e === "null" : Array.isArray(t) ? t.some((t) => A(e, t)) : typeof t == "function" ? t(e) : t instanceof RegExp ? t.test(e) : e === t;
+}
+function j(e, t) {
 	let { origin: n = "*" } = t;
-	return e ? n === "*" ? t.credentials ? e : "*" : k(e, n) ? e : null : n === "*" ? "*" : null;
+	return e ? n === "*" ? t.credentials ? e : "*" : A(e, n) ? e : null : n === "*" ? "*" : null;
 }
-function j(e = {}) {
-	let { methods: t = ne, allowedHeaders: n = O, exposedHeaders: r, credentials: i = !1, maxAge: a = 86400, onResponse: o } = e, s = t.join(","), c = [...re, ...n].join(","), l = [
+function M(e = {}) {
+	let { methods: t = re, allowedHeaders: n = k, exposedHeaders: r, credentials: i = !1, maxAge: a = 86400, onResponse: o } = e, s = t.join(","), c = [...ie, ...n].join(","), l = [
 		["Vary", "Origin,Access-Control-Request-Method,Access-Control-Request-Headers"],
 		["Access-Control-Allow-Methods", s],
 		["Access-Control-Allow-Headers", c]
 	];
 	return r && l.push(["Access-Control-Expose-Headers", r.join(",")]), i && l.push(["Access-Control-Allow-Credentials", "true"]), a && l.push(["Access-Control-Max-Age", a.toString()]), async (t, n) => {
-		let r = t.request, i = r.headers.get("Origin"), a = r.method === "OPTIONS" && i !== null && r.headers.has("Access-Control-Request-Method"), s = A(i, e);
+		let r = t.request, i = r.headers.get("Origin"), a = r.method === "OPTIONS" && i !== null && r.headers.has("Access-Control-Request-Method"), s = j(i, e);
 		if (a) {
 			if (!s) return new Response(null, { status: 403 });
 			let e = new Response(null, { status: 204 });
@@ -162,7 +248,7 @@ function j(e = {}) {
 }
 //#endregion
 //#region src/middlewares/security/index.ts
-var M = /* @__PURE__ */ S({ headers: () => P }), N = {
+var N = /* @__PURE__ */ S({ headers: () => F }), P = {
 	contentSecurityPolicy: "default-src 'self'; base-uri 'self'; frame-ancestors 'none'; object-src 'none'",
 	frameOptions: "DENY",
 	referrerPolicy: "no-referrer",
@@ -171,36 +257,36 @@ var M = /* @__PURE__ */ S({ headers: () => P }), N = {
 	crossOriginResourcePolicy: "same-origin",
 	strictTransportSecurity: !1
 };
-function P(e = {}) {
+function F(e = {}) {
 	let t = {
-		...N,
+		...P,
 		...e
 	};
 	return async (e, n) => {
 		let r = await n();
 		if (!r) return;
 		let i = new Headers(r.headers);
-		return F(i, "content-security-policy", t.contentSecurityPolicy), F(i, "x-frame-options", t.frameOptions), F(i, "referrer-policy", t.referrerPolicy), F(i, "permissions-policy", t.permissionsPolicy), F(i, "cross-origin-opener-policy", t.crossOriginOpenerPolicy), F(i, "cross-origin-resource-policy", t.crossOriginResourcePolicy), F(i, "strict-transport-security", t.strictTransportSecurity), new Response(r.body, {
+		return I(i, "content-security-policy", t.contentSecurityPolicy), I(i, "x-frame-options", t.frameOptions), I(i, "referrer-policy", t.referrerPolicy), I(i, "permissions-policy", t.permissionsPolicy), I(i, "cross-origin-opener-policy", t.crossOriginOpenerPolicy), I(i, "cross-origin-resource-policy", t.crossOriginResourcePolicy), I(i, "strict-transport-security", t.strictTransportSecurity), new Response(r.body, {
 			status: r.status,
 			statusText: r.statusText,
 			headers: i
 		});
 	};
 }
-function F(e, t, n) {
+function I(e, t, n) {
 	!n || e.has(t) || e.set(t, n);
 }
 //#endregion
 //#region src/middlewares/requestid/index.ts
-var I = /* @__PURE__ */ S({ assign: () => L });
-function L(t = {}) {
+var L = /* @__PURE__ */ S({ assign: () => R });
+function R(t = {}) {
 	let n = t.headerName?.toLowerCase() ?? "x-request-id", r = t.generate ?? e, i = t.clientRequestId ?? !1;
 	return async (e, t) => {
 		let a = e.request.headers.get(n) ?? r();
 		if (i) {
 			let t = e.request.headers.get("x-client-request-id");
 			if (t !== null) {
-				if (!R(t) || t.length > 512) return new Response("Invalid X-Client-Request-Id header", { status: 400 });
+				if (!z(t) || t.length > 512) return new Response("Invalid X-Client-Request-Id header", { status: 400 });
 				a = t;
 			}
 		}
@@ -216,13 +302,13 @@ function L(t = {}) {
 		});
 	};
 }
-function R(e) {
+function z(e) {
 	return /^[\x00-\x7F]*$/.test(e);
 }
 //#endregion
 //#region src/middlewares/timeout/index.ts
-var z = /* @__PURE__ */ S({ deadline: () => B });
-function B(e) {
+var B = /* @__PURE__ */ S({ deadline: () => V });
+function V(e) {
 	let { ms: t, status: n = 504, body: r = "Gateway Timeout", onTimeout: i } = e;
 	if (!Number.isFinite(t) || t <= 0) throw TypeError("Timeout.deadline requires a positive ms value");
 	return async (e, a) => {
@@ -247,7 +333,7 @@ function B(e) {
 }
 //#endregion
 //#region src/types/RequestMethod.ts
-var V = [
+var H = [
 	"GET",
 	"PUT",
 	"POST",
@@ -255,7 +341,7 @@ var V = [
 	"PATCH",
 	"HEAD",
 	"OPTIONS"
-], H = class {
+], U = class {
 	static {
 		this.cache = /* @__PURE__ */ new Map();
 	}
@@ -265,7 +351,7 @@ var V = [
 	static set(e, t) {
 		this.cache.set(e, t);
 	}
-}, U = class {
+}, W = class {
 	constructor() {
 		this._routes = [], this._wsRoutes = [], this._nestedRouters = [], this._middlewares = [], this._preHandlers = [], this._postHandlers = [], this.routesSorted = !1, this.wsRoutesSorted = !1;
 	}
@@ -297,7 +383,7 @@ var V = [
 		return this.addHandler("OPTIONS", e, t, n);
 	}
 	USE(e, t, ...n) {
-		return V.forEach((r) => this.addHandler(r, e, t, n)), this;
+		return H.forEach((r) => this.addHandler(r, e, t, n)), this;
 	}
 	action(e, t, ...n) {
 		return this.addHandler("POST", e, async (e) => {
@@ -453,7 +539,7 @@ var V = [
 		}), this.routesSorted = !1, this;
 	}
 	createPathRegex(e) {
-		let t = H.get(e);
+		let t = U.get(e);
 		if (t) return t;
 		let n = [], r = !1, i, a = e.split("/").filter(Boolean);
 		i = a.reduce((e, t) => t.startsWith("[...") ? e - 10 : t.startsWith("[[") ? e - 5 : t.startsWith("[") ? e - 1 : e + 1, 0);
@@ -476,7 +562,7 @@ var V = [
 			isCatchAll: r,
 			priority: i
 		};
-		return H.set(e, s), s;
+		return U.set(e, s), s;
 	}
 	createPrefixRegex(e) {
 		let t = [], n = !1, r, i = e.split("/").filter(Boolean);
@@ -569,17 +655,17 @@ var V = [
 		this._wsRoutes.sort((e, t) => t.priority - e.priority), this.wsRoutesSorted = !0;
 	}
 	formatActionResult(e) {
-		return e instanceof Response ? e : e?.type === "failure" && "status" in e ? W.fail(e.status, e.data) : W.success(200, e ?? void 0);
+		return e instanceof Response ? e : e?.type === "failure" && "status" in e ? G.fail(e.status, e.data) : G.success(200, e ?? void 0);
 	}
 	handleActionError(e) {
-		if (C(e)) return W.error(e.status, { message: e.statusText || "Error" });
+		if (C(e)) return G.error(e.status, { message: e.statusText || "Error" });
 		if (w(e)) {
 			let t = e.headers.get("Location") || "/";
-			return W.redirect(e.status, t);
+			return G.redirect(e.status, t);
 		}
-		return console.error(e), W.error(500, { message: "Internal Server Error" });
+		return console.error(e), G.error(500, { message: "Internal Server Error" });
 	}
-}, W = {
+}, G = {
 	success: (e = 200, t) => new Response(JSON.stringify({
 		data: t,
 		type: "success",
@@ -612,7 +698,7 @@ var V = [
 		status: e,
 		headers: { "Content-Type": "application/json" }
 	})
-}, G = class {
+}, K = class {
 	constructor(e, t) {
 		this.raw = e.headers.get("cookie") ?? "", this.setCookieHeader = t;
 	}
@@ -634,11 +720,11 @@ var V = [
 			maxAge: 0
 		});
 	}
-}, K = class extends Error {
+}, q = class extends Error {
 	constructor(e = "Payload Too Large") {
 		super(e), this.status = 413, this.name = "PayloadTooLargeError";
 	}
-}, q = class extends U {
+}, J = class extends W {
 	constructor(e) {
 		super(), this.upgradeHandlerInstalled = !1, this.config = e ?? {
 			type: "http",
@@ -748,7 +834,7 @@ var V = [
 		if (!t) return e;
 		let n = 0, r = new a({ transform(e, r, i) {
 			if (n += Buffer.byteLength(e), n > t) {
-				i(new K());
+				i(new q());
 				return;
 			}
 			i(null, e);
@@ -855,7 +941,7 @@ var V = [
 		return Number.isFinite(r) && r <= t;
 	}
 	handleError(e) {
-		if (e instanceof K) return new Response(e.message, { status: e.status });
+		if (e instanceof q) return new Response(e.message, { status: e.status });
 		if (C(e)) return new Response(JSON.stringify({
 			error: e.statusText || "Error",
 			status: e.status
@@ -953,7 +1039,7 @@ var V = [
 		r && t.set(n, r);
 	}
 	toRequestEvent(e, t, n) {
-		let r = new G(e, n.pushSetCookie), i = this.config, a = {}, o = {
+		let r = new K(e, n.pushSetCookie), i = this.config, a = {}, o = {
 			name: "node-webserver",
 			dev: this.isDevelopment()
 		}, s = /* @__PURE__ */ new Set(), c = {
@@ -981,7 +1067,7 @@ var V = [
 		}, l = this.createEventFetch(c, n);
 		return i.locals && Object.assign(a, i.locals(c)), i.platform && Object.assign(o, i.platform(c)), c;
 	}
-}, J = {
+}, Y = {
 	".avif": "image/avif",
 	".css": "text/css; charset=utf-8",
 	".gif": "image/gif",
@@ -999,24 +1085,24 @@ var V = [
 	".wasm": "application/wasm",
 	".webp": "image/webp",
 	".xml": "application/xml; charset=utf-8"
-}, Y = {
+}, ae = {
 	index: "index.html",
 	cacheControl: "public, max-age=0",
 	dotFiles: "ignore"
 };
 async function X(e, t, n = {}) {
-	let r = se(t), i = {
-		...Y,
+	let r = ue(t), i = {
+		...ae,
 		...n
-	}, a = await ie(e), o = ae(r, i.dotFiles);
+	}, a = await oe(e), o = se(r, i.dotFiles);
 	if (o instanceof Response) return o;
 	let s = v(a, o.length > 0 ? o.join(y) : "");
 	if (!Q(a, s)) return new Response("Forbidden", { status: 403 });
-	let c = await oe(s, a, i.index);
+	let c = await ce(s, a, i.index);
 	if (c instanceof Response) return c;
 	let l = await m(c), u = new Headers({
 		"content-length": String(l.size),
-		"content-type": $(c),
+		"content-type": le(c),
 		"cache-control": i.cacheControl,
 		"last-modified": l.mtime.toUTCString(),
 		"x-content-type-options": "nosniff"
@@ -1032,10 +1118,10 @@ async function X(e, t, n = {}) {
 		headers: u
 	});
 }
-async function ie(e) {
+async function oe(e) {
 	return p(e);
 }
-function ae(e, t) {
+function se(e, t) {
 	if (e.includes("\0")) return new Response("Bad Request", { status: 400 });
 	let n = e.replace(/\\/g, "/").split("/").filter(Boolean), r = [];
 	for (let e of n) {
@@ -1056,7 +1142,7 @@ function ae(e, t) {
 	}
 	return r;
 }
-async function oe(e, t, n) {
+async function ce(e, t, n) {
 	try {
 		return (await f(e)).isDirectory() ? Z(v(e, n), t) : Z(e, t);
 	} catch {
@@ -1075,13 +1161,13 @@ function Q(e, t) {
 	let n = _(e, t);
 	return n === "" || !n.startsWith("..") && !g(n);
 }
-function $(e) {
-	return J[h(e).toLowerCase()] ?? "application/octet-stream";
+function le(e) {
+	return Y[h(e).toLowerCase()] ?? "application/octet-stream";
 }
-function se(e) {
+function ue(e) {
 	return typeof e.params.path == "string" ? e.params.path : e.url.pathname.replace(/^\/+/, "");
 }
-var ce = (e, t = {}) => (n) => X(e, n, t), le = (e, ...t) => async (n) => {
+var de = (e, t = {}) => (n) => X(e, n, t), fe = (e, ...t) => async (n) => {
 	let r = {};
 	for (let e of t) {
 		let t = await e(n);
@@ -1092,7 +1178,7 @@ var ce = (e, t = {}) => (n) => X(e, n, t), le = (e, ...t) => async (n) => {
 };
 //#endregion
 //#region src/helpers/sse.ts
-function ue(e, t = {}) {
+function pe(e, t = {}) {
 	let n = [];
 	if (t.comment) {
 		let e = t.comment.replace(/\r\n/g, " ").replace(/\r/g, " ").replace(/\n/g, " ");
@@ -1104,7 +1190,7 @@ function ue(e, t = {}) {
 	}
 	return `${n.join("\n")}\n\n`;
 }
-var de = (e, t = {}) => (n) => {
+var $ = (e, t = {}) => (n) => {
 	let r = new TextEncoder(), i = null, a = !1, o, s = async () => {
 		if (!a) {
 			a = !0;
@@ -1120,7 +1206,7 @@ var de = (e, t = {}) => (n) => {
 		async start(t) {
 			i = t;
 			let c = (e, n = {}) => {
-				a || t.enqueue(r.encode(ue(e, n)));
+				a || t.enqueue(r.encode(pe(e, n)));
 			};
 			n.request.signal.addEventListener("abort", () => {
 				s();
@@ -1148,7 +1234,7 @@ var de = (e, t = {}) => (n) => {
 			...t.headers
 		}
 	});
-}, fe = async (e, t) => {
+}, me = async (e, t) => {
 	let n = JSON.stringify(await e);
 	return new Response(n, {
 		...t,
@@ -1159,19 +1245,19 @@ var de = (e, t = {}) => (n) => {
 		}
 	});
 };
-function pe(e, t) {
+function he(e, t) {
 	throw new Response(null, {
 		status: e,
 		headers: { location: t.toString() }
 	});
 }
-function me(e, t) {
+function ge(e, t) {
 	throw new Response(JSON.stringify(typeof t == "string" ? { message: t } : t), {
 		status: e,
 		headers: { "content-type": "application/json" }
 	});
 }
-var he = async (e, t) => {
+var _e = async (e, t) => {
 	let n = await e;
 	return new Response(n, {
 		...t,
@@ -1181,7 +1267,7 @@ var he = async (e, t) => {
 			...t?.headers
 		}
 	});
-}, ge = async (e, t) => {
+}, ve = async (e, t) => {
 	let n = await e;
 	return new Response(n, {
 		...t,
@@ -1193,6 +1279,6 @@ var he = async (e, t) => {
 	});
 };
 //#endregion
-export { W as Action, te as CORS, E as RateLimiter, I as RequestId, V as RequestMethods, U as Router, M as Security, z as Timeout, q as WebServer, ce as dir, le as enhance, me as error, ge as html, C as isHttpError, w as isRedirect, T as isResponse, fe as json, pe as redirect, X as serveStatic, de as sse, he as text };
+export { G as Action, ne as CORS, ee as RateLimiter, L as RequestId, H as RequestMethods, W as Router, N as Security, B as Timeout, J as WebServer, de as dir, fe as enhance, ge as error, ve as html, C as isHttpError, w as isRedirect, T as isResponse, me as json, he as redirect, X as serveStatic, $ as sse, _e as text };
 
 //# sourceMappingURL=index.es.js.map