@trenskow/app 0.9.26 → 0.9.27

package/README.md

@@ -248,6 +248,7 @@ When a request is incoming, the `context` object looks like this.
 | `path.current`   | An array of strings that joined represents the path currently being processed. |       Array of String       |
 | `path.remaining` | An array of strings that joined represents the path that is above the currently processed path. Setting this will rewrite the remaining path (useful when serving single page applications to a browser). |       Array of String       |
 | `query`          | An object holding the URL query parameters as an object ([keys has been converted to camel case](#query-parameters)). |           Object            |
+| `cookies`        | An mutable object with cookie values.                        |           Object            |
 | `state`          | A string indicating the current state of the request – possible values are `'routing'`, `'rendering'`, `'completed'` or `'aborted'`. |           String            |
 | `abort`          | A function that aborts the request. It takes the parameters `(error, brutally)`, where `error` is the error that needs to be handled by the [renderer](#renderer) – and `brutally` which indicates if the connection should also be closed. |        AsyncFunction        |
 | `render`         | A function that tells the application to stop processing the request and jump directly to the [renderer](#renderer). |          Function           |
@@ -276,7 +277,11 @@ The same goes for request headers like `Accept-Language: en` which is accessible
 
 ##### Query parameters
 
-Request with quuries like `?my-parameter=value` is accessible through `context.query.myParameter` .
+Request with queries like `?my-parameter=value` is accessible through `context.query.myParameter` .
+
+##### Cookies
+
+Cookies are available through `context.cookies.myCookieKey` and are passed to the client using `camel` (can be changed using the [`Application` options](#constructor)).
 
 ##### Mount paths
 
@@ -356,11 +361,13 @@ The `Application` class takes an "options" object as it's parameter.
 | `options.port`           | The port at which to listen for incoming connections.        |          Number           |          | `0` (automatically assigned) |
 | `options.RequestType`    | An object that inherits from the [`Request`](#request-2) class (an `http.IncomingMessage` subclass) that is used as the request object in routes. |           class           |          |    [`Request`](#Request)     |
 | `options.ResponseType`   | An object that inherits from the [`Response`](#response-2) class (`http.ServerResponse` subclass) that is used as the response object in routes. |           class           |          |   [`Response`](#Response)    |
-| `path`                   | An object that represents path related options.              |          Object           |          |             `{}`             |
-| `path.matchMode`         | Indicates [how to match requests to mounted paths](#mount-paths) (eg. should the path be converted to camel case). | `'loosely'` or `'strict'` |          |         `'loosely'`          |
+| `options.path`           | An object that represents path related options.              |          Object           |          |             `{}`             |
+| `options.path.matchMode` | Indicates [how to match requests to mounted paths](#mount-paths) (eg. should the path be converted to camel case). | `'loosely'` or `'strict'` |          |         `'loosely'`          |
 | `options.server`         | An object that represents how to instantiate the HTTP server. |          Object           |          |             `{}`             |
 | `options.server.create`  | A function that is able to create a server.                  |         Function          |          |     `http.createServer`      |
 | `options.server.options` | An object to be passed as options when creating a server.    |          Object           |          |             `{}`             |
+| `options.casing`         | An object that represents casing options.                    |          Object           |          |              {}              |
+| `options.casing.cookies` | Client side cookie key value casing (available as in [@trenskow/caseit](https://github.com/trenskow/caseit)). |          String           |          |           `camel`            |
 
 #### Events
 

package/lib/application.js

@@ -16,6 +16,7 @@ import caseit from '@trenskow/caseit';
 import Request from './request.js';
 import Response from './response.js';
 import Endpoint from './endpoint.js';
+import Cookies from './cookies.js';
 
 import { isObject } from './util/index.js';
 
@@ -25,6 +26,7 @@ export default class Application extends EventEmitter {
 	#_path;
 	#_state;
 	#_server;
+	#_casing;
 	#_rootEndpoint;
 	#_renderer;
 
@@ -41,7 +43,10 @@ export default class Application extends EventEmitter {
 			server = Object.assign({
 				create: http.createServer,
 				options: {}
-			}, options.server || {})
+			}, options.server || {}),
+			casing = Object.assign({
+				cookies: 'camel'
+			}, options.casing || {})
 		} = options;
 
 		this.#_port = port;
@@ -62,6 +67,8 @@ export default class Application extends EventEmitter {
 				this.#_onIncomingRequest(req, res);
 			});
 
+		this.#_casing = casing;
+
 		this.#_rootEndpoint = new Endpoint()
 			.use(() => { throw new ApiError.NotFound(); });
 
@@ -314,6 +321,13 @@ export default class Application extends EventEmitter {
 			enumerable: true
 		});
 
+		const cookies = new Cookies(context, this.#_casing.cookies);
+
+		Object.defineProperty(context, 'cookies', {
+			get: () => cookies._proxy,
+			enumerable: true
+		});
+
 		const listeners = {
 			eventEmitters: [
 				[request.socket, ['end', 'error']],
@@ -370,6 +384,8 @@ export default class Application extends EventEmitter {
 
 		}
 
+		cookies._render();
+
 		if (!['routing', 'rendering'].includes(state)) return response.end();
 
 		await render();

package/lib/cookies.js

@@ -0,0 +1,179 @@
+//
+// application.js
+// @trenskow/app
+//
+// Created by Kristian Trenskow on 2021/11/07
+// For license see LICENSE.
+//
+
+import caseit from '@trenskow/caseit';
+import { duration } from '@trenskow/units';
+
+export default class Cookies {
+
+	#_cookies = {
+		current: {},
+		requested: {},
+	};
+
+	#_request;
+	#_response;
+	#_path;
+	#_casing;
+	#_proxy;
+
+	constructor({ request, response, path }, casing = this.#_casing) {
+
+		if (!request || !response) {
+			throw new Error('Cookies must be initialized with a request and response.');
+		}
+
+		this.#_request = request;
+		this.#_response = response;
+		this.#_path = path;
+		this.#_casing = casing;
+
+		(this.#_request.headers?.cookie || '').split(/; ?/)
+			.filter(cookie => cookie)
+			.forEach(cookie => {
+
+				const [name, value] = cookie.split('=')
+					.map(part => decodeURIComponent(part.trim()));
+
+				this.#_cookies.requested[caseit(name)] = (this.#_cookies.current[caseit(name)] = { value }).value;
+
+			});
+
+	}
+
+	get _proxy() {
+		return this.#_proxy || (this.#_proxy = new Proxy(this, {
+			get: (target, prop) => {
+
+				prop = caseit(prop);
+
+				if (Object.hasOwn(target, prop) || Object.hasOwn(Object.getPrototypeOf(target), prop)) {
+					return target[prop];
+				}
+
+				return target.#_cookies.current[prop]?.value;
+
+			},
+			set: (target, prop, value) => {
+
+				prop = caseit(prop);
+
+				if (typeof value === 'undefined') {
+					delete target.#_cookies.current[prop];
+				} else if (typeof value === 'undefined' || typeof value === 'string') {
+					this.#_proxy[prop] = { value };
+				} else if (typeof value === 'object' && value !== null && !Array.isArray(value)) {
+
+					let {
+						value: cookieValue,
+						expires,
+						path = 'current',
+						domain = 'current',
+						secure = true,
+						httpOnly = false
+					} = value;
+
+					if (typeof cookieValue === 'undefined') {
+						this.#_proxy[prop] = undefined;
+						return true;
+					} else if (typeof cookieValue !== 'string') {
+						throw new TypeError('Cookie values must be a string.');
+					}
+
+					if (path === 'current') {
+						path = `${this.#_path.current.join('/')}/`;
+					} else if (path === 'root') {
+						path = '/';
+					}
+
+					if (domain === 'current') {
+						domain = target.#_request.host;
+					} else if (domain === 'root') {
+						domain = target.#_request.host.split('.').slice(-2).join('.');
+					}
+
+					if (typeof expires !== 'undefined' && !(['number', 'string'].includes(typeof expires) || expires instanceof Date)) {
+						throw new TypeError('Expires must be a number, string or Date.');
+					}
+
+					target.#_cookies.current[prop] = {
+						value: cookieValue,
+						expires,
+						path,
+						domain,
+						secure,
+						httpOnly
+					};
+
+				} else {
+					throw new TypeError('Cookie values must be a strings, object or undefined.');
+				}
+
+				return true;
+
+			},
+			deleteProperty: (_, prop) => {
+				this.#_proxy[prop] = undefined;
+				return true;
+			},
+		}));
+	}
+
+	#_format(name, { value, expires, path, domain, secure, httpOnly }) {
+
+		const parts = [`${encodeURIComponent(caseit(name, this.#_casing))}=${encodeURIComponent(value || '')}`];
+
+		if (!value) {
+			parts.push('Max-Age=0');
+		} else if (expires) {
+			if (typeof expires === 'number' || typeof expires === 'string') {
+				parts.push(`Max-Age=${duration.s(expires)}`);
+			} else if (expires instanceof Date) {
+				parts.push(`Expires=${expires.toUTCString()}`);
+			}
+		}
+
+		if (path) {
+			parts.push(`Path=${path}`);
+		}
+
+		if (domain) {
+			parts.push(`Domain=${domain}`);
+		}
+
+		if (secure) {
+			parts.push('Secure');
+		}
+
+		if (httpOnly) {
+			parts.push('HttpOnly');
+		}
+
+		return parts.join('; ');
+
+	}
+
+	_render() {
+
+		const deletedCookies = Object.keys(this.#_cookies.requested)
+			.filter(name => !Object.hasOwn(this.#_cookies.current, name))
+			.map(name => this.#_format(name, { value: undefined }));
+
+		const allCookies = Object.entries(this.#_cookies.current)
+			.map(([name, cookie]) => this.#_format(name, cookie))
+			.concat(deletedCookies);
+
+		if (allCookies.length === 0) {
+			return;
+		}
+
+		this.#_response.headers.setCookie = allCookies;
+
+	}
+
+};

package/lib/request.js

@@ -28,6 +28,18 @@ export default class Request extends IncomingMessage {
 
 	}
 
+	get host() {
+		return this.headers.xForwardedHost || super.host || this.socket.localAddress;
+	}
+
+	get protocol() {
+		return this.headers.xForwardedProto || super.protocol || (this.socket.encrypted ? 'https' : 'http');
+	}
+
+	get port() {
+		return this.headers.xForwardedPort || this.socket.localPort || (super.protocol === 'https' ? 443 : 80);
+	}
+
 	get origin() {
 		return (this.headers.xForwardedFor || this.socket.remoteAddress || '').split(/, ?/);
 	}

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@trenskow/app",
-	"version": "0.9.26",
+	"version": "0.9.27",
 	"description": "A small HTTP router.",
 	"type": "module",
 	"main": "index.js",
@@ -35,6 +35,7 @@
 	},
 	"dependencies": {
 		"@trenskow/api-error": "^2.5.29",
-		"@trenskow/caseit": "^1.4.12"
+		"@trenskow/caseit": "^1.4.12",
+		"@trenskow/units": "^0.2.27"
 	}
 }

package/test/index.js

@@ -439,6 +439,83 @@ describe('Application', () => {
 
 		});
 
+		it ('should come back with header to set cookie.', async () => {
+
+			app.root(
+				new Endpoint()
+					.get(({ cookies }) => {
+						cookies['testValue'] = 'Hello, World!';
+						return 'Hello, World!';
+					})
+			);
+
+			await request
+				.get('/')
+				.expect('Set-Cookie', 'testValue=Hello%2C%20World!; Path=/; Domain=::1; Secure')
+				.expect(200, 'Hello, World!');
+
+		});
+
+		it ('should come back with an updated header to set cookie.', async () => {
+
+			app.root(
+				new Endpoint()
+					.get(({ cookies }) => {
+						cookies['testValue'] = {
+							value: 'Hello, World!',
+							path: '/test',
+							expires: '30d'
+						};
+						return 'Hello, World!';
+					})
+			);
+
+			await request
+				.get('/')
+				.set('Cookie', 'testValue=Hello')
+				.expect('Set-Cookie', 'testValue=Hello%2C%20World!; Max-Age=2592000; Path=/test; Domain=::1; Secure')
+				.expect(200, 'Hello, World!');
+
+		});
+
+		it ('should come back with an updated header to a deleted cookie.', async () => {
+
+			app.root(
+				new Endpoint()
+					.get(({ cookies }) => {
+						delete cookies['testValue'];
+						return 'Hello, World!';
+					})
+			);
+
+			await request
+				.get('/')
+				.set('Cookie', 'testValue=Hello')
+				.expect('Set-Cookie', 'testValue=; Max-Age=0')
+				.expect(200, 'Hello, World!');
+
+		});
+
+		it ('should come back with no new cookies if no cookies are set.', (done) => {
+
+			app.root(
+				new Endpoint()
+					.get(() => 'Hello, World!')
+			);
+
+			request
+				.get('/')
+				.expect(200, 'Hello, World!')
+				.end((error, response) => {
+					if (error) return done(error);
+					if (response.headers['set-cookie']) {
+						return done(new Error('Response should not have set-cookie header.'));
+					}
+					done();
+				});
+
+		});
+
 		after(async () => {
 			await app.close({ awaitAllConnections: true });
 		});