azurajs 3.0.1 → 3.0.2

package/dist/index.mjs

@@ -1,11 +1,2539 @@
-export { AzuraServer, Router } from './chunk-EYAHUNC7.mjs';
-export { CORSPlugin, CircuitBreakerPlugin, CompressionPlugin, ETagPlugin, HealthCheckPlugin, HelmetPlugin, JWTPlugin, MultipartPlugin, ProxyPlugin, RateLimitPlugin, RequestIdPlugin, SSEManager, SSEPlugin, SessionPlugin, StaticPlugin, TimeoutPlugin, signJWT, verifyJWT } from './chunk-NLSZKAPA.mjs';
-export { Body, Controller, Cookies, Delete, Get, Head, Headers, Ip, Meta, NextFunc, Options, Param, Patch, Post, Put, Query, Req, Res, Session, UseMiddleware, applyDecorators } from './chunk-TC6N6TJZ.mjs';
-import './chunk-YPBKY4KY.mjs';
-export { DTOValidator, SchemaValidator } from './chunk-UWIFSGSQ.mjs';
-export { HttpError, Logger, clearCookieHeader, parseBody, parseCookies, parseQueryString, parseUrl, resolveIp, serializeCookie } from './chunk-REJDZUZ5.mjs';
-export { HttpStatus, HttpStatusText } from './chunk-OWUGAI5V.mjs';
-export { ConfigModule } from './chunk-DR254CWJ.mjs';
-export { LoggingMiddleware } from './chunk-HHDQPIJN.mjs';
+import { createServer as createServer$1, request as request$1 } from 'http';
+import { createServer, request } from 'https';
+import { readFileSync, existsSync, statSync, createReadStream, mkdirSync, writeFileSync } from 'fs';
+import { createHmac, createHash, randomUUID, randomBytes } from 'crypto';
+import { createGzip, createDeflate } from 'zlib';
+import { resolve, join, extname } from 'path';
+import { URL } from 'url';
+
+// src/core/server.ts
+
+// src/core/router.ts
+var PARAM_PREFIX = 58;
+function createNode(segment = "") {
+  return {
+    segment,
+    children: /* @__PURE__ */ new Map(),
+    paramChild: null,
+    paramName: "",
+    handlers: /* @__PURE__ */ new Map(),
+    wildcardHandler: null
+  };
+}
+var LRUCache = class {
+  capacity;
+  map;
+  head;
+  tail;
+  constructor(capacity) {
+    this.capacity = capacity;
+    this.map = /* @__PURE__ */ new Map();
+    this.head = { prev: null, next: null };
+    this.tail = { prev: null, next: null };
+    this.head.next = this.tail;
+    this.tail.prev = this.head;
+  }
+  get(key) {
+    const node = this.map.get(key);
+    if (!node) return void 0;
+    this.moveToHead(node);
+    return node.value;
+  }
+  set(key, value) {
+    const existing = this.map.get(key);
+    if (existing) {
+      existing.value = value;
+      this.moveToHead(existing);
+      return;
+    }
+    const node = { value, key, prev: null, next: null };
+    this.map.set(key, node);
+    this.addToHead(node);
+    if (this.map.size > this.capacity) {
+      const removed = this.removeTail();
+      if (removed) this.map.delete(removed.key);
+    }
+  }
+  addToHead(node) {
+    node.prev = this.head;
+    node.next = this.head.next;
+    this.head.next.prev = node;
+    this.head.next = node;
+  }
+  removeNode(node) {
+    node.prev.next = node.next;
+    node.next.prev = node.prev;
+  }
+  moveToHead(node) {
+    this.removeNode(node);
+    this.addToHead(node);
+  }
+  removeTail() {
+    const node = this.tail.prev;
+    if (node === this.head) return null;
+    this.removeNode(node);
+    return node;
+  }
+  clear() {
+    this.map.clear();
+    this.head.next = this.tail;
+    this.tail.prev = this.head;
+  }
+};
+var Router = class {
+  root = createNode();
+  cache;
+  staticRoutes = /* @__PURE__ */ new Map();
+  constructor(cacheSize = 1024) {
+    this.cache = new LRUCache(cacheSize);
+  }
+  add(method, path, handler, middlewares = [], meta) {
+    this.cache.clear();
+    const normalizedPath = this.normalizePath(path);
+    const stored = { handler, middlewares, meta };
+    if (!normalizedPath.includes(":") && !normalizedPath.includes("*")) {
+      const key = `${method}:${normalizedPath}`;
+      this.staticRoutes.set(key, stored);
+      return;
+    }
+    const segments = normalizedPath.split("/").filter(Boolean);
+    let node = this.root;
+    for (let i = 0; i < segments.length; i++) {
+      const seg = segments[i];
+      if (seg === "*") {
+        if (!node.wildcardHandler) {
+          node.wildcardHandler = /* @__PURE__ */ new Map();
+        }
+        node.wildcardHandler.set(method, stored);
+        return;
+      }
+      if (seg.charCodeAt(0) === PARAM_PREFIX) {
+        if (!node.paramChild) {
+          node.paramChild = createNode(seg);
+          node.paramChild.paramName = seg.slice(1);
+        }
+        node = node.paramChild;
+        continue;
+      }
+      let child = node.children.get(seg);
+      if (!child) {
+        child = createNode(seg);
+        node.children.set(seg, child);
+      }
+      node = child;
+    }
+    node.handlers.set(method, stored);
+  }
+  find(method, path) {
+    const normalizedPath = this.normalizePath(path);
+    const staticKey = `${method}:${normalizedPath}`;
+    const staticRoute = this.staticRoutes.get(staticKey);
+    if (staticRoute) {
+      return {
+        handler: staticRoute.handler,
+        params: {},
+        middlewares: staticRoute.middlewares,
+        meta: staticRoute.meta
+      };
+    }
+    const cacheKey = staticKey;
+    const cached = this.cache.get(cacheKey);
+    if (cached !== void 0) {
+      return cached ? { ...cached, params: { ...cached.params } } : null;
+    }
+    const segments = normalizedPath.split("/").filter(Boolean);
+    const params = {};
+    const result = this.matchNode(this.root, segments, 0, params, method);
+    if (result) {
+      const match = {
+        handler: result.handler,
+        params,
+        middlewares: result.middlewares,
+        meta: result.meta
+      };
+      this.cache.set(cacheKey, match);
+      return { ...match, params: { ...params } };
+    }
+    this.cache.set(cacheKey, null);
+    return null;
+  }
+  matchNode(node, segments, idx, params, method) {
+    if (idx === segments.length) {
+      return node.handlers.get(method) ?? null;
+    }
+    const seg = segments[idx];
+    const child = node.children.get(seg);
+    if (child) {
+      const result = this.matchNode(child, segments, idx + 1, params, method);
+      if (result) return result;
+    }
+    if (node.paramChild) {
+      params[node.paramChild.paramName] = seg;
+      const result = this.matchNode(node.paramChild, segments, idx + 1, params, method);
+      if (result) return result;
+      delete params[node.paramChild.paramName];
+    }
+    if (node.wildcardHandler) {
+      const route = node.wildcardHandler.get(method);
+      if (route) return route;
+    }
+    return null;
+  }
+  normalizePath(path) {
+    if (path === "/") return "/";
+    if (path.endsWith("/") && path.length > 1) return path.slice(0, -1);
+    return path;
+  }
+  getAllRoutes() {
+    const routes = [];
+    for (const [key] of this.staticRoutes) {
+      const [method, path] = key.split(":", 2);
+      routes.push({ method, path });
+    }
+    this.collectRoutes(this.root, "", routes);
+    return routes;
+  }
+  collectRoutes(node, prefix, routes) {
+    for (const [method] of node.handlers) {
+      routes.push({ method, path: prefix || "/" });
+    }
+    for (const [seg, child] of node.children) {
+      this.collectRoutes(child, `${prefix}/${seg}`, routes);
+    }
+    if (node.paramChild) {
+      this.collectRoutes(
+        node.paramChild,
+        `${prefix}/:${node.paramChild.paramName}`,
+        routes
+      );
+    }
+    if (node.wildcardHandler) {
+      for (const [method] of node.wildcardHandler) {
+        routes.push({ method, path: `${prefix}/*` });
+      }
+    }
+  }
+};
+
+// src/utils/Logger.ts
+var LEVEL_PRIORITY = {
+  debug: 0,
+  info: 1,
+  warn: 2,
+  error: 3,
+  silent: 4
+};
+var COLORS = {
+  reset: "\x1B[0m",
+  bold: "\x1B[1m",
+  dim: "\x1B[2m",
+  red: "\x1B[31m",
+  green: "\x1B[32m",
+  yellow: "\x1B[33m",
+  blue: "\x1B[34m",
+  magenta: "\x1B[35m",
+  cyan: "\x1B[36m",
+  white: "\x1B[37m",
+  gray: "\x1B[90m"};
+var METHOD_COLORS = {
+  GET: COLORS.green,
+  POST: COLORS.blue,
+  PUT: COLORS.yellow,
+  DELETE: COLORS.red,
+  PATCH: COLORS.magenta,
+  HEAD: COLORS.cyan,
+  OPTIONS: COLORS.gray
+};
+function statusColor(code) {
+  if (code < 200) return COLORS.gray;
+  if (code < 300) return COLORS.green;
+  if (code < 400) return COLORS.cyan;
+  if (code < 500) return COLORS.yellow;
+  return COLORS.red;
+}
+function formatDuration(ns) {
+  const us = Number(ns) / 1e3;
+  if (us < 1e3) return `${us.toFixed(0)}\xB5s`;
+  const ms = us / 1e3;
+  if (ms < 1e3) return `${ms.toFixed(1)}ms`;
+  return `${(ms / 1e3).toFixed(2)}s`;
+}
+var Logger = class {
+  level;
+  useColors;
+  showTimestamp;
+  prefix;
+  constructor(options = {}) {
+    this.level = options.level ?? "info";
+    this.useColors = options.colors ?? process.stdout.isTTY !== false;
+    this.showTimestamp = options.timestamp ?? true;
+    this.prefix = options.prefix ?? "azura";
+  }
+  shouldLog(level) {
+    return LEVEL_PRIORITY[level] >= LEVEL_PRIORITY[this.level];
+  }
+  timestamp() {
+    if (!this.showTimestamp) return "";
+    const now = /* @__PURE__ */ new Date();
+    return `${COLORS.gray}${now.toISOString().slice(11, 23)}${COLORS.reset} `;
+  }
+  tag(level) {
+    if (!this.useColors) return `[${level.toUpperCase()}]`;
+    const colorMap = {
+      debug: COLORS.gray,
+      info: COLORS.blue,
+      warn: COLORS.yellow,
+      error: COLORS.red
+    };
+    return `${colorMap[level] ?? ""}[${level.toUpperCase()}]${COLORS.reset}`;
+  }
+  debug(message, ...args) {
+    if (!this.shouldLog("debug")) return;
+    console.debug(`${this.timestamp()}${this.tag("debug")} ${message}`, ...args);
+  }
+  info(message, ...args) {
+    if (!this.shouldLog("info")) return;
+    console.info(`${this.timestamp()}${this.tag("info")} ${message}`, ...args);
+  }
+  warn(message, ...args) {
+    if (!this.shouldLog("warn")) return;
+    console.warn(`${this.timestamp()}${this.tag("warn")} ${message}`, ...args);
+  }
+  error(message, ...args) {
+    if (!this.shouldLog("error")) return;
+    console.error(`${this.timestamp()}${this.tag("error")} ${message}`, ...args);
+  }
+  request(method, path, statusCode, duration) {
+    if (!this.shouldLog("info")) return;
+    const mc = this.useColors ? METHOD_COLORS[method] ?? COLORS.white : "";
+    const sc = this.useColors ? statusColor(statusCode) : "";
+    const r = this.useColors ? COLORS.reset : "";
+    const dur = formatDuration(duration);
+    console.info(
+      `${this.timestamp()}${mc}${method.padEnd(7)}${r} ${path} ${sc}${statusCode}${r} ${COLORS.dim}${dur}${r}`
+    );
+  }
+  banner(port, host) {
+    if (!this.shouldLog("info")) return;
+    const c = this.useColors;
+    const lines = [
+      "",
+      `${c ? COLORS.bold + COLORS.cyan : ""}  \u26A1 AzuraJS v3.0.0${c ? COLORS.reset : ""}`,
+      "",
+      `${c ? COLORS.green : ""}  \u279C Local:   ${c ? COLORS.bold : ""}http://${host}:${port}/${c ? COLORS.reset : ""}`,
+      `${c ? COLORS.dim : ""}  \u279C Press Ctrl+C to stop${c ? COLORS.reset : ""}`,
+      ""
+    ];
+    console.info(lines.join("\n"));
+  }
+  setLevel(level) {
+    this.level = level;
+  }
+};
+new Logger();
+
+// src/types/http/status.ts
+var HttpStatus = {
+  OK: 200,
+  CREATED: 201,
+  ACCEPTED: 202,
+  NO_CONTENT: 204,
+  MOVED_PERMANENTLY: 301,
+  FOUND: 302,
+  NOT_MODIFIED: 304,
+  BAD_REQUEST: 400,
+  UNAUTHORIZED: 401,
+  FORBIDDEN: 403,
+  NOT_FOUND: 404,
+  METHOD_NOT_ALLOWED: 405,
+  CONFLICT: 409,
+  GONE: 410,
+  UNPROCESSABLE_ENTITY: 422,
+  TOO_MANY_REQUESTS: 429,
+  INTERNAL_SERVER_ERROR: 500,
+  NOT_IMPLEMENTED: 501,
+  BAD_GATEWAY: 502,
+  SERVICE_UNAVAILABLE: 503,
+  GATEWAY_TIMEOUT: 504
+};
+var HttpStatusText = {
+  200: "OK",
+  201: "Created",
+  202: "Accepted",
+  204: "No Content",
+  301: "Moved Permanently",
+  302: "Found",
+  304: "Not Modified",
+  400: "Bad Request",
+  401: "Unauthorized",
+  403: "Forbidden",
+  404: "Not Found",
+  405: "Method Not Allowed",
+  409: "Conflict",
+  410: "Gone",
+  422: "Unprocessable Entity",
+  429: "Too Many Requests",
+  500: "Internal Server Error",
+  501: "Not Implemented",
+  502: "Bad Gateway",
+  503: "Service Unavailable",
+  504: "Gateway Timeout"
+};
+
+// src/utils/HttpError.ts
+var HttpError = class _HttpError extends Error {
+  statusCode;
+  details;
+  isOperational;
+  constructor(statusCode, message, details) {
+    super(message ?? HttpStatusText[statusCode] ?? "Unknown Error");
+    this.statusCode = statusCode;
+    this.details = details;
+    this.isOperational = true;
+    Object.setPrototypeOf(this, _HttpError.prototype);
+  }
+  toJSON() {
+    const obj = {
+      error: {
+        statusCode: this.statusCode,
+        message: this.message
+      }
+    };
+    if (this.details) obj.error.details = this.details;
+    return obj;
+  }
+  static badRequest(message, details) {
+    return new _HttpError(400, message ?? "Bad Request", details);
+  }
+  static unauthorized(message) {
+    return new _HttpError(401, message ?? "Unauthorized");
+  }
+  static forbidden(message) {
+    return new _HttpError(403, message ?? "Forbidden");
+  }
+  static notFound(message) {
+    return new _HttpError(404, message ?? "Not Found");
+  }
+  static methodNotAllowed(message) {
+    return new _HttpError(405, message ?? "Method Not Allowed");
+  }
+  static conflict(message, details) {
+    return new _HttpError(409, message ?? "Conflict", details);
+  }
+  static unprocessableEntity(message, details) {
+    return new _HttpError(422, message ?? "Unprocessable Entity", details);
+  }
+  static tooManyRequests(message) {
+    return new _HttpError(429, message ?? "Too Many Requests");
+  }
+  static internal(message) {
+    return new _HttpError(500, message ?? "Internal Server Error");
+  }
+};
+
+// src/utils/Parser.ts
+function parseQueryString(qs) {
+  const result = /* @__PURE__ */ Object.create(null);
+  if (!qs || qs.length === 0) return result;
+  let key = "";
+  let value = "";
+  let startingKey = true;
+  let i = qs.charCodeAt(0) === 63 ? 1 : 0;
+  for (; i < qs.length; i++) {
+    const ch = qs.charCodeAt(i);
+    if (ch === 61 && startingKey) {
+      startingKey = false;
+      continue;
+    }
+    if (ch === 38) {
+      if (key.length > 0) {
+        const decodedKey = fastDecode(key);
+        const decodedVal = fastDecode(value);
+        const existing = result[decodedKey];
+        if (existing === void 0) {
+          result[decodedKey] = decodedVal;
+        } else if (typeof existing === "string") {
+          result[decodedKey] = [existing, decodedVal];
+        } else {
+          existing.push(decodedVal);
+        }
+      }
+      key = "";
+      value = "";
+      startingKey = true;
+      continue;
+    }
+    if (startingKey) {
+      key += qs[i];
+    } else {
+      value += qs[i];
+    }
+  }
+  if (key.length > 0) {
+    const decodedKey = fastDecode(key);
+    const decodedVal = fastDecode(value);
+    const existing = result[decodedKey];
+    if (existing === void 0) {
+      result[decodedKey] = decodedVal;
+    } else if (typeof existing === "string") {
+      result[decodedKey] = [existing, decodedVal];
+    } else {
+      existing.push(decodedVal);
+    }
+  }
+  return result;
+}
+function fastDecode(str) {
+  if (str.indexOf("%") === -1 && str.indexOf("+") === -1) return str;
+  try {
+    return decodeURIComponent(str.replace(/\+/g, " "));
+  } catch {
+    return str;
+  }
+}
+function parseCookies(header) {
+  const cookies = /* @__PURE__ */ Object.create(null);
+  if (!header) return cookies;
+  let i = 0;
+  const len = header.length;
+  while (i < len) {
+    while (i < len && header.charCodeAt(i) === 32) i++;
+    let eqIdx = -1;
+    let semiIdx = -1;
+    for (let j = i; j < len; j++) {
+      const ch = header.charCodeAt(j);
+      if (ch === 61 && eqIdx === -1) eqIdx = j;
+      if (ch === 59) {
+        semiIdx = j;
+        break;
+      }
+    }
+    if (eqIdx === -1) {
+      i = semiIdx === -1 ? len : semiIdx + 1;
+      continue;
+    }
+    const end = semiIdx === -1 ? len : semiIdx;
+    const name = header.slice(i, eqIdx).trim();
+    let val = header.slice(eqIdx + 1, end).trim();
+    if (val.charCodeAt(0) === 34 && val.charCodeAt(val.length - 1) === 34) {
+      val = val.slice(1, -1);
+    }
+    if (cookies[name] === void 0) {
+      cookies[name] = fastDecode(val);
+    }
+    i = end + 1;
+  }
+  return cookies;
+}
+var CONTENT_TYPE_JSON = "application/json";
+var CONTENT_TYPE_FORM = "application/x-www-form-urlencoded";
+async function parseBody(req) {
+  const contentType = req.headers["content-type"] ?? "";
+  const contentLength = req.headers["content-length"];
+  if (req.method === "GET" || req.method === "HEAD" || req.method === "OPTIONS" || contentLength !== void 0 && contentLength === "0") {
+    return void 0;
+  }
+  const chunks = [];
+  let totalSize = 0;
+  const maxSize = 10 * 1024 * 1024;
+  return new Promise((resolve3, reject) => {
+    req.on("data", (chunk) => {
+      totalSize += chunk.length;
+      if (totalSize > maxSize) {
+        req.destroy();
+        reject(new Error("Request body too large"));
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on("end", () => {
+      if (chunks.length === 0) {
+        resolve3(void 0);
+        return;
+      }
+      const raw = Buffer.concat(chunks).toString("utf-8");
+      if (contentType.startsWith(CONTENT_TYPE_JSON)) {
+        try {
+          resolve3(JSON.parse(raw));
+        } catch {
+          resolve3(raw);
+        }
+      } else if (contentType.startsWith(CONTENT_TYPE_FORM)) {
+        resolve3(parseQueryString(raw));
+      } else {
+        resolve3(raw);
+      }
+    });
+    req.on("error", reject);
+  });
+}
+function parseUrl(url) {
+  let pathname = "";
+  let search = "";
+  let i = 0;
+  for (; i < url.length; i++) {
+    if (url.charCodeAt(i) === 63) {
+      pathname = url.slice(0, i);
+      search = url.slice(i);
+      return { pathname, search };
+    }
+  }
+  return { pathname: url, search: "" };
+}
+
+// src/utils/IpResolver.ts
+var PROXY_HEADERS = [
+  "x-forwarded-for",
+  "x-real-ip",
+  "cf-connecting-ip",
+  "x-client-ip",
+  "x-cluster-client-ip",
+  "fastly-client-ip",
+  "true-client-ip"
+];
+function resolveIp(req) {
+  for (const header of PROXY_HEADERS) {
+    const val = req.headers[header];
+    if (val) {
+      const ip = typeof val === "string" ? val.split(",")[0].trim() : val[0];
+      if (ip && ip.length > 0) return normalizeIp(ip);
+    }
+  }
+  const remoteAddr = req.socket?.remoteAddress ?? "127.0.0.1";
+  return normalizeIp(remoteAddr);
+}
+function normalizeIp(ip) {
+  if (ip === "::1" || ip === "::ffff:127.0.0.1") return "127.0.0.1";
+  if (ip.startsWith("::ffff:")) return ip.slice(7);
+  return ip;
+}
+
+// src/utils/cookies/CookieManager.ts
+function serializeCookie(name, value, options = {}) {
+  let cookie = `${encodeURIComponent(name)}=${encodeURIComponent(value)}`;
+  if (options.maxAge != null) {
+    cookie += `; Max-Age=${Math.floor(options.maxAge)}`;
+  }
+  if (options.expires) {
+    cookie += `; Expires=${options.expires.toUTCString()}`;
+  }
+  if (options.domain) {
+    cookie += `; Domain=${options.domain}`;
+  }
+  cookie += `; Path=${options.path ?? "/"}`;
+  if (options.secure) {
+    cookie += "; Secure";
+  }
+  if (options.httpOnly !== false) {
+    cookie += "; HttpOnly";
+  }
+  if (options.sameSite) {
+    cookie += `; SameSite=${options.sameSite}`;
+  }
+  return cookie;
+}
+function clearCookieHeader(name, options = {}) {
+  return serializeCookie(name, "", {
+    ...options,
+    maxAge: 0,
+    expires: /* @__PURE__ */ new Date(0)
+  });
+}
+
+// src/core/server.ts
+var CONTROLLER_META_KEY = "azura:controller";
+var ROUTES_META_KEY = "azura:routes";
+var PARAMS_META_KEY = "azura:params";
+var AzuraServer = class {
+  server = null;
+  router;
+  logger;
+  middlewares = [];
+  plugins = [];
+  errorHandler = null;
+  config;
+  compiledChain = null;
+  constructor(config = {}) {
+    this.config = {
+      environment: config.environment ?? process.env.NODE_ENV ?? "development",
+      server: {
+        port: config.server?.port ?? 3e3,
+        host: config.server?.host ?? "0.0.0.0",
+        keepAliveTimeout: config.server?.keepAliveTimeout ?? 72e3,
+        headersTimeout: config.server?.headersTimeout ?? 75e3,
+        requestTimeout: config.server?.requestTimeout ?? 3e4,
+        ...config.server
+      },
+      logging: {
+        enabled: config.logging?.enabled ?? true,
+        level: config.logging?.level ?? "info",
+        timestamp: config.logging?.timestamp ?? true,
+        colors: config.logging?.colors ?? true,
+        requestLogging: config.logging?.requestLogging ?? true,
+        ...config.logging
+      },
+      plugins: config.plugins ?? {},
+      debug: config.debug ?? false
+    };
+    this.router = new Router();
+    this.logger = new Logger({
+      level: this.config.logging?.enabled === false ? "silent" : this.config.logging?.level,
+      colors: this.config.logging?.colors,
+      timestamp: this.config.logging?.timestamp
+    });
+  }
+  use(handler) {
+    this.compiledChain = null;
+    if (handler.length <= 2) {
+      this.plugins.push(handler);
+    } else {
+      this.middlewares.push(handler);
+    }
+    return this;
+  }
+  plugin(handler) {
+    this.compiledChain = null;
+    this.plugins.push(handler);
+    return this;
+  }
+  onError(handler) {
+    this.errorHandler = handler;
+    return this;
+  }
+  get(path, ...handlers) {
+    return this.route("GET", path, handlers);
+  }
+  post(path, ...handlers) {
+    return this.route("POST", path, handlers);
+  }
+  put(path, ...handlers) {
+    return this.route("PUT", path, handlers);
+  }
+  delete(path, ...handlers) {
+    return this.route("DELETE", path, handlers);
+  }
+  patch(path, ...handlers) {
+    return this.route("PATCH", path, handlers);
+  }
+  head(path, ...handlers) {
+    return this.route("HEAD", path, handlers);
+  }
+  options(path, ...handlers) {
+    return this.route("OPTIONS", path, handlers);
+  }
+  all(path, ...handlers) {
+    const methods = ["GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS"];
+    for (const method of methods) {
+      this.route(method, path, handlers);
+    }
+    return this;
+  }
+  route(method, path, handlers) {
+    const routeHandler = handlers[handlers.length - 1];
+    const middlewares = handlers.slice(0, -1);
+    this.router.add(method, path, routeHandler, middlewares);
+    return this;
+  }
+  register(...controllers) {
+    for (const Controller2 of controllers) {
+      this.registerController(Controller2);
+    }
+    return this;
+  }
+  registerController(Controller2) {
+    const instance = new Controller2();
+    const prefix = Reflect.getMetadata?.(CONTROLLER_META_KEY, Controller2) ?? "";
+    const controllerMiddlewares = Reflect.getMetadata?.("azura:middlewares", Controller2) ?? [];
+    const prototype = Controller2.prototype;
+    const propertyNames = Object.getOwnPropertyNames(prototype).filter(
+      (p) => p !== "constructor"
+    );
+    for (const propertyKey of propertyNames) {
+      const routeMeta = Reflect.getMetadata?.(
+        ROUTES_META_KEY,
+        prototype,
+        propertyKey
+      );
+      if (!routeMeta) continue;
+      const fullPath = this.joinPaths(prefix, routeMeta.path);
+      const paramsMeta = Reflect.getMetadata?.(PARAMS_META_KEY, prototype, propertyKey) ?? [];
+      const routeMiddlewares = Reflect.getMetadata?.("azura:middlewares", prototype, propertyKey) ?? [];
+      const allMiddlewares = [...controllerMiddlewares, ...routeMiddlewares];
+      const handler = async (req, res) => {
+        const args = this.resolveParams(paramsMeta, req, res);
+        const result = await instance[propertyKey](...args);
+        if (result !== void 0 && !res.sent) {
+          if (typeof result === "object") {
+            res.json(result);
+          } else {
+            res.send(String(result));
+          }
+        }
+      };
+      this.router.add(routeMeta.method, fullPath, handler, allMiddlewares, routeMeta.meta);
+    }
+  }
+  resolveParams(paramsMeta, req, res) {
+    if (!paramsMeta || paramsMeta.length === 0) return [req, res];
+    const sorted = [...paramsMeta].sort((a, b) => a.index - b.index);
+    const args = new Array(sorted.length);
+    for (const meta of sorted) {
+      let value;
+      switch (meta.type) {
+        case "body":
+          value = meta.name ? req.body?.[meta.name] : req.body;
+          break;
+        case "query":
+          value = meta.name ? req.query[meta.name] : req.query;
+          break;
+        case "param":
+          value = meta.name ? req.params[meta.name] : req.params;
+          break;
+        case "header":
+          value = meta.name ? req.headers[meta.name.toLowerCase()] : req.headers;
+          break;
+        case "cookie":
+          value = meta.name ? req.cookies[meta.name] : req.cookies;
+          break;
+        case "req":
+          value = req;
+          break;
+        case "res":
+          value = res;
+          break;
+        case "next":
+          value = () => {
+          };
+          break;
+        case "ip":
+          value = req.ip;
+          break;
+        case "session":
+          value = req.session;
+          break;
+        default:
+          value = void 0;
+      }
+      if (meta.pipes) {
+        for (const pipe of meta.pipes) {
+          value = pipe(value);
+        }
+      }
+      args[meta.index] = value;
+    }
+    return args;
+  }
+  joinPaths(prefix, path) {
+    const p = prefix.endsWith("/") ? prefix.slice(0, -1) : prefix;
+    const s = path.startsWith("/") ? path : `/${path}`;
+    return `${p}${s}`;
+  }
+  extendRequest(req, pathname, query) {
+    const azReq = req;
+    azReq.pathname = pathname;
+    azReq.query = query;
+    azReq.params = {};
+    azReq.cookies = parseCookies(req.headers.cookie);
+    azReq.ip = resolveIp(req);
+    azReq.protocol = req.socket.encrypted ? "https" : "http";
+    azReq.secure = azReq.protocol === "https";
+    azReq.hostname = (req.headers.host ?? "localhost").split(":")[0];
+    azReq.startTime = process.hrtime.bigint();
+    azReq.raw = req;
+    return azReq;
+  }
+  extendResponse(res) {
+    const azRes = res;
+    azRes.locals = {};
+    azRes.sent = false;
+    azRes.status = function(code) {
+      this.statusCode = code;
+      return this;
+    };
+    azRes.json = function(data) {
+      if (this.sent) return;
+      this.sent = true;
+      const body = JSON.stringify(data);
+      this.setHeader("Content-Type", "application/json; charset=utf-8");
+      this.setHeader("Content-Length", Buffer.byteLength(body));
+      this.end(body);
+    };
+    azRes.send = function(body) {
+      if (this.sent) return;
+      this.sent = true;
+      if (!this.getHeader("Content-Type")) {
+        this.setHeader("Content-Type", typeof body === "string" ? "text/plain; charset=utf-8" : "application/octet-stream");
+      }
+      const buf = typeof body === "string" ? Buffer.from(body) : body;
+      this.setHeader("Content-Length", buf.length);
+      this.end(buf);
+    };
+    azRes.html = function(body) {
+      if (this.sent) return;
+      this.sent = true;
+      this.setHeader("Content-Type", "text/html; charset=utf-8");
+      this.setHeader("Content-Length", Buffer.byteLength(body));
+      this.end(body);
+    };
+    azRes.redirect = function(url, code = 302) {
+      if (this.sent) return;
+      this.sent = true;
+      this.statusCode = code;
+      this.setHeader("Location", url);
+      this.end();
+    };
+    azRes.cookie = function(name, value, options) {
+      const header = serializeCookie(name, value, options);
+      const existing = this.getHeader("Set-Cookie");
+      if (existing) {
+        const arr = Array.isArray(existing) ? existing : [String(existing)];
+        arr.push(header);
+        this.setHeader("Set-Cookie", arr);
+      } else {
+        this.setHeader("Set-Cookie", header);
+      }
+      return this;
+    };
+    azRes.clearCookie = function(name, options) {
+      const header = clearCookieHeader(name, options);
+      const existing = this.getHeader("Set-Cookie");
+      if (existing) {
+        const arr = Array.isArray(existing) ? existing : [String(existing)];
+        arr.push(header);
+        this.setHeader("Set-Cookie", arr);
+      } else {
+        this.setHeader("Set-Cookie", header);
+      }
+      return this;
+    };
+    azRes.header = function(name, value) {
+      this.setHeader(name, value);
+      return this;
+    };
+    azRes.type = function(contentType) {
+      this.setHeader("Content-Type", contentType);
+      return this;
+    };
+    azRes.attachment = function(filename) {
+      if (filename) {
+        this.setHeader("Content-Disposition", `attachment; filename="${filename}"`);
+      } else {
+        this.setHeader("Content-Disposition", "attachment");
+      }
+      return this;
+    };
+    azRes.download = function(_path, _filename) {
+    };
+    return azRes;
+  }
+  compileMiddlewareChain() {
+    if (this.compiledChain) return this.compiledChain;
+    const self = this;
+    const globalMiddlewares = [...this.middlewares];
+    this.compiledChain = async (req, res) => {
+      for (const plugin of self.plugins) {
+        if (res.sent) return;
+        await new Promise((resolve3, reject) => {
+          try {
+            const result = plugin({ req, res }, (err) => {
+              if (err) reject(err);
+              else resolve3();
+            });
+            if (result && typeof result.then === "function") {
+              result.then(resolve3, reject);
+            }
+          } catch (e) {
+            reject(e);
+          }
+        });
+      }
+      if (res.sent) return;
+      let idx = 0;
+      const runMiddleware = async () => {
+        if (idx >= globalMiddlewares.length || res.sent) return;
+        const mw = globalMiddlewares[idx++];
+        await new Promise((resolve3, reject) => {
+          try {
+            const result = mw(req, res, (err) => {
+              if (err) reject(err);
+              else resolve3();
+            });
+            if (result && typeof result.then === "function") {
+              result.then(resolve3, reject);
+            }
+          } catch (e) {
+            reject(e);
+          }
+        });
+        await runMiddleware();
+      };
+      await runMiddleware();
+    };
+    return this.compiledChain;
+  }
+  async handleRequest(req, res) {
+    const { pathname, search } = parseUrl(req.url ?? "/");
+    const query = parseQueryString(search);
+    const azReq = this.extendRequest(req, pathname, query);
+    const azRes = this.extendResponse(res);
+    try {
+      const chain = this.compileMiddlewareChain();
+      await chain(azReq, azRes);
+      if (azRes.sent) return;
+      const method = (req.method ?? "GET").toUpperCase();
+      const match = this.router.find(method, pathname);
+      if (!match) {
+        if (pathname === "/favicon.ico") {
+          azRes.status(204).send("");
+          return;
+        }
+        throw HttpError.notFound(`Route ${method} ${pathname} not found`);
+      }
+      azReq.params = match.params;
+      if (method !== "GET" && method !== "HEAD" && method !== "OPTIONS") {
+        azReq.body = await parseBody(req);
+      }
+      for (const mw of match.middlewares) {
+        if (azRes.sent) return;
+        await new Promise((resolve3, reject) => {
+          try {
+            const result2 = mw(azReq, azRes, (err) => {
+              if (err) reject(err);
+              else resolve3();
+            });
+            if (result2 && typeof result2.then === "function") {
+              result2.then(resolve3, reject);
+            }
+          } catch (e) {
+            reject(e);
+          }
+        });
+      }
+      if (azRes.sent) return;
+      const result = await match.handler(azReq, azRes);
+      if (result !== void 0 && !azRes.sent) {
+        if (typeof result === "object" && result !== null) {
+          azRes.json(result);
+        } else {
+          azRes.send(String(result));
+        }
+      }
+    } catch (err) {
+      this.handleError(err, azReq, azRes);
+    } finally {
+      if (this.config.logging?.requestLogging) {
+        const duration = process.hrtime.bigint() - azReq.startTime;
+        this.logger.request(
+          req.method ?? "GET",
+          pathname,
+          res.statusCode,
+          duration
+        );
+      }
+    }
+  }
+  handleError(err, req, res) {
+    if (res.sent) return;
+    if (this.errorHandler) {
+      try {
+        this.errorHandler(err, req, res, () => {
+        });
+        return;
+      } catch (handlerErr) {
+        this.logger.error("Error handler threw:", handlerErr);
+      }
+    }
+    if (err instanceof HttpError) {
+      res.status(err.statusCode).json(err.toJSON());
+      return;
+    }
+    const statusCode = err?.statusCode ?? err?.status ?? 500;
+    const message = this.config.environment === "production" ? "Internal Server Error" : err?.message ?? "Internal Server Error";
+    this.logger.error(`Unhandled error: ${err?.message ?? err}`);
+    if (this.config.debug && err?.stack) {
+      this.logger.error(err.stack);
+    }
+    res.status(statusCode).json({
+      error: {
+        statusCode,
+        message,
+        ...this.config.debug ? { stack: err?.stack } : {}
+      }
+    });
+  }
+  async listen(port, callback) {
+    const serverPort = port ?? this.config.server?.port ?? 3e3;
+    const host = this.config.server?.host ?? "0.0.0.0";
+    const handler = (req, res) => {
+      this.handleRequest(req, res).catch((err) => {
+        this.logger.error("Fatal request error:", err);
+        if (!res.headersSent) {
+          res.statusCode = 500;
+          res.end('{"error":{"statusCode":500,"message":"Internal Server Error"}}');
+        }
+      });
+    };
+    if (this.config.server?.https) {
+      const httpsConfig = this.config.server.https;
+      this.server = createServer(
+        {
+          key: readFileSync(httpsConfig.key),
+          cert: readFileSync(httpsConfig.cert),
+          ...httpsConfig.ca ? { ca: readFileSync(httpsConfig.ca) } : {}
+        },
+        handler
+      );
+    } else {
+      this.server = createServer$1(handler);
+    }
+    if (this.config.server?.keepAliveTimeout) {
+      this.server.keepAliveTimeout = this.config.server.keepAliveTimeout;
+    }
+    if (this.config.server?.headersTimeout) {
+      this.server.headersTimeout = this.config.server.headersTimeout;
+    }
+    return new Promise((resolve3) => {
+      this.server.listen(serverPort, host, () => {
+        this.logger.banner(serverPort, host);
+        callback?.();
+        resolve3(this.server);
+      });
+    });
+  }
+  async close() {
+    return new Promise((resolve3, reject) => {
+      if (!this.server) {
+        resolve3();
+        return;
+      }
+      this.server.close((err) => {
+        if (err) reject(err);
+        else resolve3();
+      });
+    });
+  }
+  getRouter() {
+    return this.router;
+  }
+  getLogger() {
+    return this.logger;
+  }
+  getConfig() {
+    return this.config;
+  }
+  getRoutes() {
+    return this.router.getAllRoutes();
+  }
+};
+
+// src/decorators/Route.ts
+var CONTROLLER_META_KEY2 = "azura:controller";
+var ROUTES_META_KEY2 = "azura:routes";
+var PARAMS_META_KEY2 = "azura:params";
+var MIDDLEWARES_META_KEY = "azura:middlewares";
+function ensureReflect() {
+  if (typeof Reflect === "undefined" || !Reflect.getMetadata) {
+    const store = /* @__PURE__ */ new Map();
+    Reflect.defineMetadata = (key, value, target, prop) => {
+      const k = prop ? `${key}::${prop}` : key;
+      if (!store.has(k)) store.set(k, /* @__PURE__ */ new Map());
+      store.get(k).set(target, value);
+    };
+    Reflect.getMetadata = (key, target, prop) => {
+      const k = prop ? `${key}::${prop}` : key;
+      return store.get(k)?.get(target);
+    };
+  }
+}
+ensureReflect();
+function Controller(prefix = "") {
+  return (target) => {
+    Reflect.defineMetadata(CONTROLLER_META_KEY2, prefix, target);
+  };
+}
+function createMethodDecorator(method) {
+  return (path = "") => {
+    return (target, propertyKey, _descriptor) => {
+      Reflect.defineMetadata(
+        ROUTES_META_KEY2,
+        { method, path, propertyKey: String(propertyKey), middlewares: [], params: [], meta: void 0 },
+        target,
+        String(propertyKey)
+      );
+    };
+  };
+}
+var Get = createMethodDecorator("GET");
+var Post = createMethodDecorator("POST");
+var Put = createMethodDecorator("PUT");
+var Delete = createMethodDecorator("DELETE");
+var Patch = createMethodDecorator("PATCH");
+var Head = createMethodDecorator("HEAD");
+var Options = createMethodDecorator("OPTIONS");
+function createParamDecorator(type) {
+  return (name) => {
+    return (target, propertyKey, parameterIndex) => {
+      const key = String(propertyKey);
+      const existing = Reflect.getMetadata(PARAMS_META_KEY2, target, key) ?? [];
+      existing.push({ index: parameterIndex, type, name });
+      Reflect.defineMetadata(PARAMS_META_KEY2, existing, target, key);
+    };
+  };
+}
+var Body = createParamDecorator("body");
+var Query = createParamDecorator("query");
+var Param = createParamDecorator("param");
+var Headers = createParamDecorator("header");
+var Cookies = createParamDecorator("cookie");
+var Req = createParamDecorator("req");
+var Res = createParamDecorator("res");
+var NextFunc = createParamDecorator("next");
+var Ip = createParamDecorator("ip");
+var Session = createParamDecorator("session");
+function UseMiddleware(...middlewares) {
+  return (target, propertyKey, _descriptor) => {
+    if (propertyKey) {
+      const existing = Reflect.getMetadata(MIDDLEWARES_META_KEY, target, String(propertyKey)) ?? [];
+      Reflect.defineMetadata(MIDDLEWARES_META_KEY, [...existing, ...middlewares], target, String(propertyKey));
+    } else {
+      const existing = Reflect.getMetadata(MIDDLEWARES_META_KEY, target) ?? [];
+      Reflect.defineMetadata(MIDDLEWARES_META_KEY, [...existing, ...middlewares], target);
+    }
+  };
+}
+function applyDecorators(...decorators) {
+  return (target, propertyKey, descriptor) => {
+    for (const decorator of decorators) {
+      if (propertyKey !== void 0) {
+        decorator(target, propertyKey, descriptor);
+      } else {
+        decorator(target);
+      }
+    }
+  };
+}
+function Meta(key, value) {
+  return (target, propertyKey, _descriptor) => {
+    const routeMeta = Reflect.getMetadata(ROUTES_META_KEY2, target, String(propertyKey));
+    if (routeMeta) {
+      if (!routeMeta.meta) routeMeta.meta = {};
+      routeMeta.meta[key] = value;
+      Reflect.defineMetadata(ROUTES_META_KEY2, routeMeta, target, String(propertyKey));
+    }
+  };
+}
+
+// src/plugins/CORSPlugin.ts
+var DEFAULT_METHODS = ["GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS"];
+var DEFAULT_HEADERS = ["Content-Type", "Authorization", "Accept", "X-Requested-With"];
+function CORSPlugin(options = {}) {
+  const {
+    origins = "*",
+    methods = DEFAULT_METHODS,
+    allowedHeaders = DEFAULT_HEADERS,
+    exposedHeaders = [],
+    credentials = false,
+    maxAge = 86400,
+    preflightContinue = false
+  } = options;
+  const methodsStr = methods.join(", ");
+  const headersStr = allowedHeaders.join(", ");
+  const exposedStr = exposedHeaders.length > 0 ? exposedHeaders.join(", ") : "";
+  const isAllowedOrigin = (origin) => {
+    if (origins === "*") return credentials ? origin : "*";
+    if (typeof origins === "function") return origins(origin) ? origin : false;
+    if (typeof origins === "string") return origin === origins ? origin : false;
+    if (Array.isArray(origins)) return origins.includes(origin) ? origin : false;
+    return false;
+  };
+  return (ctx, next) => {
+    const { req, res } = ctx;
+    const origin = req.headers.origin ?? "";
+    const allowedOrigin = isAllowedOrigin(origin);
+    if (allowedOrigin) {
+      res.setHeader("Access-Control-Allow-Origin", allowedOrigin);
+      if (credentials) res.setHeader("Access-Control-Allow-Credentials", "true");
+      if (exposedStr) res.setHeader("Access-Control-Expose-Headers", exposedStr);
+      if (allowedOrigin !== "*") res.setHeader("Vary", "Origin");
+    }
+    if (req.method === "OPTIONS") {
+      res.setHeader("Access-Control-Allow-Methods", methodsStr);
+      res.setHeader("Access-Control-Allow-Headers", headersStr);
+      res.setHeader("Access-Control-Max-Age", String(maxAge));
+      if (!preflightContinue) {
+        res.statusCode = 204;
+        res.end();
+        return;
+      }
+    }
+    next();
+  };
+}
+
+// src/plugins/RateLimitPlugin.ts
+var MemoryStore = class {
+  store = /* @__PURE__ */ new Map();
+  cleanupInterval;
+  constructor(windowMs) {
+    this.cleanupInterval = setInterval(() => {
+      const now = Date.now();
+      for (const [key, entry] of this.store) {
+        if (now >= entry.resetTime) this.store.delete(key);
+      }
+    }, windowMs);
+    if (this.cleanupInterval.unref) this.cleanupInterval.unref();
+  }
+  increment(key, windowMs) {
+    const now = Date.now();
+    const entry = this.store.get(key);
+    if (!entry || now >= entry.resetTime) {
+      const resetTime = now + windowMs;
+      this.store.set(key, { count: 1, resetTime });
+      return { totalHits: 1, resetTime: new Date(resetTime) };
+    }
+    entry.count++;
+    return { totalHits: entry.count, resetTime: new Date(entry.resetTime) };
+  }
+  decrement(key) {
+    const entry = this.store.get(key);
+    if (entry && entry.count > 0) entry.count--;
+  }
+  resetKey(key) {
+    this.store.delete(key);
+  }
+  destroy() {
+    clearInterval(this.cleanupInterval);
+    this.store.clear();
+  }
+};
+function RateLimitPlugin(options = {}) {
+  const {
+    windowMs = 6e4,
+    max = 100,
+    message = { error: { statusCode: 429, message: "Too many requests, please try again later" } },
+    statusCode = 429,
+    keyGenerator = (req) => req.ip,
+    skipSuccessfulRequests = false,
+    skipFailedRequests = false
+  } = options;
+  const memStore = new MemoryStore(windowMs);
+  return (ctx, next) => {
+    const { req, res } = ctx;
+    const key = keyGenerator(req);
+    const { totalHits, resetTime } = memStore.increment(key, windowMs);
+    res.setHeader("X-RateLimit-Limit", String(max));
+    res.setHeader("X-RateLimit-Remaining", String(Math.max(0, max - totalHits)));
+    res.setHeader("X-RateLimit-Reset", String(Math.ceil(resetTime.getTime() / 1e3)));
+    if (totalHits > max) {
+      res.setHeader("Retry-After", String(Math.ceil(windowMs / 1e3)));
+      res.statusCode = statusCode;
+      const body = typeof message === "string" ? message : JSON.stringify(message);
+      res.setHeader("Content-Type", typeof message === "string" ? "text/plain" : "application/json");
+      res.end(body);
+      return;
+    }
+    const origEnd = res.end;
+    res.end = function(...args) {
+      if (skipSuccessfulRequests && res.statusCode < 400) {
+        memStore.decrement(key);
+      }
+      if (skipFailedRequests && res.statusCode >= 400) {
+        memStore.decrement(key);
+      }
+      return origEnd.apply(this, args);
+    };
+    next();
+  };
+}
+
+// src/plugins/HelmetPlugin.ts
+function HelmetPlugin(options = {}) {
+  const headers = [];
+  if (options.noSniff !== false) {
+    headers.push(["X-Content-Type-Options", "nosniff"]);
+  }
+  if (options.xssFilter !== false) {
+    headers.push(["X-XSS-Protection", "0"]);
+  }
+  if (options.ieNoOpen !== false) {
+    headers.push(["X-Download-Options", "noopen"]);
+  }
+  const frameguard = options.frameguard ?? true;
+  if (frameguard !== false) {
+    const action = typeof frameguard === "object" ? frameguard.action : "sameorigin";
+    headers.push(["X-Frame-Options", action.toUpperCase()]);
+  }
+  if (options.dnsPrefetchControl !== false) {
+    const allow = typeof options.dnsPrefetchControl === "object" ? options.dnsPrefetchControl.allow : false;
+    headers.push(["X-DNS-Prefetch-Control", allow ? "on" : "off"]);
+  }
+  const hsts = options.hsts ?? true;
+  if (hsts !== false) {
+    const maxAge = typeof hsts === "object" ? hsts.maxAge : 15552e3;
+    const includeSubDomains = typeof hsts === "object" ? hsts.includeSubDomains !== false : true;
+    const preload = typeof hsts === "object" ? hsts.preload : false;
+    let value = `max-age=${maxAge}`;
+    if (includeSubDomains) value += "; includeSubDomains";
+    if (preload) value += "; preload";
+    headers.push(["Strict-Transport-Security", value]);
+  }
+  if (options.crossOriginEmbedderPolicy !== false) {
+    headers.push(["Cross-Origin-Embedder-Policy", "require-corp"]);
+  }
+  if (options.crossOriginOpenerPolicy !== false) {
+    const policy = typeof options.crossOriginOpenerPolicy === "object" ? options.crossOriginOpenerPolicy.policy : "same-origin";
+    headers.push(["Cross-Origin-Opener-Policy", policy]);
+  }
+  if (options.crossOriginResourcePolicy !== false) {
+    const policy = typeof options.crossOriginResourcePolicy === "object" ? options.crossOriginResourcePolicy.policy : "same-origin";
+    headers.push(["Cross-Origin-Resource-Policy", policy]);
+  }
+  const referrer = options.referrerPolicy ?? true;
+  if (referrer !== false) {
+    const policy = typeof referrer === "object" ? Array.isArray(referrer.policy) ? referrer.policy.join(", ") : referrer.policy : "no-referrer";
+    headers.push(["Referrer-Policy", policy]);
+  }
+  if (options.contentSecurityPolicy !== false && options.contentSecurityPolicy) {
+    const csp = options.contentSecurityPolicy;
+    const directives = Object.entries(csp).map(([key, values]) => `${key} ${values.join(" ")}`).join("; ");
+    headers.push(["Content-Security-Policy", directives]);
+  }
+  if (options.permissionsPolicy) {
+    const pp = Object.entries(options.permissionsPolicy).map(([key, values]) => `${key}=(${values.join(" ")})`).join(", ");
+    headers.push(["Permissions-Policy", pp]);
+  }
+  return (ctx, next) => {
+    for (const [name, value] of headers) {
+      ctx.res.setHeader(name, value);
+    }
+    next();
+  };
+}
+function base64urlEncode(data) {
+  const buf = typeof data === "string" ? Buffer.from(data) : data;
+  return buf.toString("base64url");
+}
+function base64urlDecode(str) {
+  return Buffer.from(str, "base64url").toString("utf-8");
+}
+var ALGO_MAP = {
+  HS256: "sha256",
+  HS384: "sha384",
+  HS512: "sha512"
+};
+function signJWT(payload, secret, options = {}) {
+  const algorithm = options.algorithm ?? "HS256";
+  const header = base64urlEncode(JSON.stringify({ alg: algorithm, typ: "JWT" }));
+  const now = Math.floor(Date.now() / 1e3);
+  const body = { ...payload, iat: now };
+  if (options.expiresIn) {
+    body.exp = now + parseExpiration(options.expiresIn);
+  }
+  const encodedPayload = base64urlEncode(JSON.stringify(body));
+  const signature = createHmac(ALGO_MAP[algorithm] ?? "sha256", secret).update(`${header}.${encodedPayload}`).digest("base64url");
+  return `${header}.${encodedPayload}.${signature}`;
+}
+function verifyJWT(token, secret, options = {}) {
+  const parts = token.split(".");
+  if (parts.length !== 3) throw new Error("Invalid token format");
+  const [header, payload, signature] = parts;
+  const algorithm = options.algorithm ?? "HS256";
+  const expectedSig = createHmac(ALGO_MAP[algorithm] ?? "sha256", secret).update(`${header}.${payload}`).digest("base64url");
+  if (signature !== expectedSig) throw new Error("Invalid token signature");
+  const decoded = JSON.parse(base64urlDecode(payload));
+  if (decoded.exp && decoded.exp < Math.floor(Date.now() / 1e3)) {
+    throw new Error("Token expired");
+  }
+  return decoded;
+}
+function parseExpiration(exp) {
+  if (typeof exp === "number") return exp;
+  const match = exp.match(/^(\d+)(s|m|h|d)$/);
+  if (!match) return 3600;
+  const val = parseInt(match[1], 10);
+  switch (match[2]) {
+    case "s":
+      return val;
+    case "m":
+      return val * 60;
+    case "h":
+      return val * 3600;
+    case "d":
+      return val * 86400;
+    default:
+      return 3600;
+  }
+}
+function extractToken(req) {
+  const auth = req.headers.authorization;
+  if (auth?.startsWith("Bearer ")) return auth.slice(7);
+  return req.query.token ?? req.cookies?.token ?? null;
+}
+function JWTPlugin(options) {
+  const {
+    secret,
+    algorithm = "HS256",
+    paths = [],
+    exclude = [],
+    getToken
+  } = options;
+  return (ctx, next) => {
+    const { req, res } = ctx;
+    const path = req.pathname;
+    if (exclude.some((p) => path.startsWith(p))) {
+      next();
+      return;
+    }
+    if (paths.length > 0 && !paths.some((p) => path.startsWith(p))) {
+      next();
+      return;
+    }
+    const token = getToken ? getToken(req) : extractToken(req);
+    if (!token) {
+      res.statusCode = 401;
+      res.setHeader("Content-Type", "application/json");
+      res.end(JSON.stringify({ error: { statusCode: 401, message: "No token provided" } }));
+      return;
+    }
+    try {
+      const payload = verifyJWT(token, secret, { algorithm });
+      req.user = payload;
+      next();
+    } catch (err) {
+      res.statusCode = 401;
+      res.setHeader("Content-Type", "application/json");
+      res.end(JSON.stringify({ error: { statusCode: 401, message: err.message ?? "Invalid token" } }));
+    }
+  };
+}
+var MemorySessionStore = class {
+  sessions = /* @__PURE__ */ new Map();
+  cleanupTimer;
+  constructor() {
+    this.cleanupTimer = setInterval(() => {
+      const now = Date.now();
+      for (const [id, session] of this.sessions) {
+        if (now >= session.expires) this.sessions.delete(id);
+      }
+    }, 6e4);
+    if (this.cleanupTimer.unref) this.cleanupTimer.unref();
+  }
+  async get(id) {
+    const session = this.sessions.get(id);
+    if (!session) return null;
+    if (Date.now() >= session.expires) {
+      this.sessions.delete(id);
+      return null;
+    }
+    return session.data;
+  }
+  async set(id, data, maxAge) {
+    this.sessions.set(id, { data, expires: Date.now() + maxAge });
+  }
+  async destroy(id) {
+    this.sessions.delete(id);
+  }
+  async touch(id, maxAge) {
+    const session = this.sessions.get(id);
+    if (session) session.expires = Date.now() + maxAge;
+  }
+};
+function generateSessionId() {
+  return randomBytes(24).toString("hex");
+}
+function SessionPlugin(options) {
+  const {
+    secret: _secret,
+    name = "azura.sid",
+    maxAge = 864e5,
+    secure = false,
+    httpOnly = true,
+    sameSite = "Lax",
+    store = new MemorySessionStore()
+  } = options;
+  return async (ctx, next) => {
+    const { req, res } = ctx;
+    let sessionId = req.cookies[name];
+    let sessionData = null;
+    if (sessionId) {
+      sessionData = await store.get(sessionId);
+    }
+    if (!sessionData) {
+      sessionId = generateSessionId();
+      sessionData = {};
+    }
+    req.session = sessionData;
+    const originalEnd = res.end;
+    res.end = async function(...args) {
+      await store.set(sessionId, req.session ?? {}, maxAge);
+      const cookieParts = [
+        `${name}=${sessionId}`,
+        `Path=/`,
+        `Max-Age=${Math.floor(maxAge / 1e3)}`,
+        `SameSite=${sameSite}`
+      ];
+      if (httpOnly) cookieParts.push("HttpOnly");
+      if (secure) cookieParts.push("Secure");
+      const existing = res.getHeader("Set-Cookie");
+      const cookies = existing ? [...Array.isArray(existing) ? existing : [String(existing)], cookieParts.join("; ")] : [cookieParts.join("; ")];
+      res.setHeader("Set-Cookie", cookies);
+      return originalEnd.apply(this, args);
+    };
+    next();
+  };
+}
+var COMPRESSIBLE_TYPES = /^text\/|application\/json|application\/javascript|application\/xml|image\/svg\+xml/;
+function CompressionPlugin(options = {}) {
+  const {
+    threshold = 1024,
+    level = 6,
+    algorithms = ["gzip", "deflate"],
+    filter
+  } = options;
+  return (ctx, next) => {
+    const { req, res } = ctx;
+    if (filter && !filter(req, res)) {
+      next();
+      return;
+    }
+    const acceptEncoding = req.headers["accept-encoding"] ?? "";
+    let encoding = null;
+    for (const algo of algorithms) {
+      if (typeof acceptEncoding === "string" && acceptEncoding.includes(algo)) {
+        encoding = algo;
+        break;
+      }
+    }
+    if (!encoding) {
+      next();
+      return;
+    }
+    const originalEnd = res.end;
+    res.write;
+    res.end = function(chunk, encodingArg, callback) {
+      if (!chunk || typeof chunk !== "string" && !Buffer.isBuffer(chunk)) {
+        return originalEnd.call(this, chunk, encodingArg, callback);
+      }
+      const buf = typeof chunk === "string" ? Buffer.from(chunk) : chunk;
+      if (buf.length < threshold) {
+        return originalEnd.call(this, chunk, encodingArg, callback);
+      }
+      const contentType = String(res.getHeader("Content-Type") ?? "");
+      if (!COMPRESSIBLE_TYPES.test(contentType)) {
+        return originalEnd.call(this, chunk, encodingArg, callback);
+      }
+      res.removeHeader("Content-Length");
+      res.setHeader("Content-Encoding", encoding);
+      res.setHeader("Vary", "Accept-Encoding");
+      let stream;
+      if (encoding === "gzip") {
+        stream = createGzip({ level });
+      } else {
+        stream = createDeflate({ level });
+      }
+      const chunks = [];
+      stream.on("data", (c) => chunks.push(c));
+      stream.on("end", () => {
+        const compressed = Buffer.concat(chunks);
+        res.setHeader("Content-Length", compressed.length);
+        originalEnd.call(res, compressed);
+      });
+      stream.end(buf);
+    };
+    next();
+  };
+}
+var MIME_TYPES = {
+  ".html": "text/html; charset=utf-8",
+  ".htm": "text/html; charset=utf-8",
+  ".css": "text/css; charset=utf-8",
+  ".js": "application/javascript; charset=utf-8",
+  ".mjs": "application/javascript; charset=utf-8",
+  ".json": "application/json; charset=utf-8",
+  ".xml": "application/xml; charset=utf-8",
+  ".txt": "text/plain; charset=utf-8",
+  ".csv": "text/csv; charset=utf-8",
+  ".png": "image/png",
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".gif": "image/gif",
+  ".svg": "image/svg+xml",
+  ".ico": "image/x-icon",
+  ".webp": "image/webp",
+  ".avif": "image/avif",
+  ".woff": "font/woff",
+  ".woff2": "font/woff2",
+  ".ttf": "font/ttf",
+  ".otf": "font/otf",
+  ".eot": "application/vnd.ms-fontobject",
+  ".mp4": "video/mp4",
+  ".webm": "video/webm",
+  ".mp3": "audio/mpeg",
+  ".ogg": "audio/ogg",
+  ".wav": "audio/wav",
+  ".pdf": "application/pdf",
+  ".zip": "application/zip",
+  ".gz": "application/gzip",
+  ".wasm": "application/wasm",
+  ".map": "application/json"
+};
+function StaticPlugin(options) {
+  const {
+    root,
+    prefix = "/",
+    index = ["index.html"],
+    dotfiles = "ignore",
+    maxAge = 0,
+    etag = true,
+    lastModified = true,
+    fallthrough = true,
+    immutable = false
+  } = options;
+  const resolvedRoot = resolve(root);
+  const indexFiles = Array.isArray(index) ? index : [index];
+  const normalizedPrefix = prefix.endsWith("/") ? prefix.slice(0, -1) : prefix;
+  return (ctx, next) => {
+    const { req, res } = ctx;
+    if (req.method !== "GET" && req.method !== "HEAD") {
+      next();
+      return;
+    }
+    const path = req.pathname;
+    if (!path.startsWith(normalizedPrefix)) {
+      next();
+      return;
+    }
+    const relativePath = path.slice(normalizedPrefix.length) || "/";
+    if (relativePath.includes("..")) {
+      next();
+      return;
+    }
+    if (dotfiles !== "allow" && relativePath.split("/").some((s) => s.startsWith("."))) {
+      if (dotfiles === "deny") {
+        res.statusCode = 403;
+        res.end("Forbidden");
+        return;
+      }
+      next();
+      return;
+    }
+    let filePath = join(resolvedRoot, relativePath);
+    if (!existsSync(filePath)) {
+      if (fallthrough) {
+        next();
+        return;
+      }
+      res.statusCode = 404;
+      res.end("Not Found");
+      return;
+    }
+    let stat = statSync(filePath);
+    if (stat.isDirectory()) {
+      let found = false;
+      for (const idx of indexFiles) {
+        const candidate = join(filePath, idx);
+        if (existsSync(candidate)) {
+          filePath = candidate;
+          stat = statSync(filePath);
+          found = true;
+          break;
+        }
+      }
+      if (!found) {
+        if (fallthrough) {
+          next();
+          return;
+        }
+        res.statusCode = 404;
+        res.end("Not Found");
+        return;
+      }
+    }
+    const ext = extname(filePath).toLowerCase();
+    const contentType = MIME_TYPES[ext] ?? "application/octet-stream";
+    res.setHeader("Content-Type", contentType);
+    res.setHeader("Content-Length", stat.size);
+    if (lastModified) {
+      res.setHeader("Last-Modified", stat.mtime.toUTCString());
+    }
+    if (etag) {
+      const etagValue = `W/"${stat.size.toString(16)}-${stat.mtime.getTime().toString(16)}"`;
+      res.setHeader("ETag", etagValue);
+      const ifNoneMatch = req.headers["if-none-match"];
+      if (ifNoneMatch === etagValue) {
+        res.statusCode = 304;
+        res.end();
+        return;
+      }
+    }
+    let cacheControl = `public, max-age=${maxAge}`;
+    if (immutable) cacheControl += ", immutable";
+    res.setHeader("Cache-Control", cacheControl);
+    if (req.method === "HEAD") {
+      res.end();
+      return;
+    }
+    const stream = createReadStream(filePath);
+    stream.pipe(res);
+  };
+}
+function ETagPlugin(options = {}) {
+  const { weak = true } = options;
+  return (ctx, next) => {
+    const { req, res } = ctx;
+    const originalEnd = res.end;
+    res.end = function(chunk, encoding, callback) {
+      if (chunk && (typeof chunk === "string" || Buffer.isBuffer(chunk)) && res.statusCode === 200) {
+        const buf = typeof chunk === "string" ? Buffer.from(chunk) : chunk;
+        const hash = createHash("md5").update(buf).digest("hex").slice(0, 16);
+        const etag = weak ? `W/"${hash}"` : `"${hash}"`;
+        res.setHeader("ETag", etag);
+        const ifNoneMatch = req.headers["if-none-match"];
+        if (ifNoneMatch === etag) {
+          res.statusCode = 304;
+          return originalEnd.call(this);
+        }
+      }
+      return originalEnd.call(this, chunk, encoding, callback);
+    };
+    next();
+  };
+}
+function RequestIdPlugin(options = {}) {
+  const {
+    header = "X-Request-Id",
+    generator = randomUUID
+  } = options;
+  return (ctx, next) => {
+    const { req, res } = ctx;
+    const existingId = req.headers[header.toLowerCase()];
+    const requestId = existingId ?? generator();
+    req.requestId = requestId;
+    res.setHeader(header, requestId);
+    next();
+  };
+}
+
+// src/plugins/TimeoutPlugin.ts
+function TimeoutPlugin(options) {
+  const {
+    timeout,
+    message = { error: { statusCode: 408, message: "Request Timeout" } },
+    statusCode = 408
+  } = options;
+  return (ctx, next) => {
+    const { res } = ctx;
+    let timedOut = false;
+    const timer = setTimeout(() => {
+      timedOut = true;
+      if (!res.headersSent) {
+        res.statusCode = statusCode;
+        res.setHeader("Content-Type", typeof message === "string" ? "text/plain" : "application/json");
+        res.end(typeof message === "string" ? message : JSON.stringify(message));
+      }
+    }, timeout);
+    const originalEnd = res.end;
+    res.end = function(...args) {
+      clearTimeout(timer);
+      if (!timedOut) {
+        return originalEnd.apply(this, args);
+      }
+    };
+    next();
+  };
+}
+
+// src/plugins/HealthCheckPlugin.ts
+function HealthCheckPlugin(options = {}) {
+  const {
+    path = "/health",
+    checks = {},
+    timeout: checkTimeout = 5e3
+  } = options;
+  return async (ctx, next) => {
+    const { req, res } = ctx;
+    if (req.pathname !== path) {
+      next();
+      return;
+    }
+    const results = {};
+    let allHealthy = true;
+    for (const [name, check] of Object.entries(checks)) {
+      const start = Date.now();
+      try {
+        const result = await Promise.race([
+          Promise.resolve(check()),
+          new Promise(
+            (_, reject) => setTimeout(() => reject(new Error("timeout")), checkTimeout)
+          )
+        ]);
+        results[name] = {
+          status: result ? "healthy" : "unhealthy",
+          duration: Date.now() - start
+        };
+        if (!result) allHealthy = false;
+      } catch {
+        results[name] = {
+          status: "unhealthy",
+          duration: Date.now() - start
+        };
+        allHealthy = false;
+      }
+    }
+    const body = JSON.stringify({
+      status: allHealthy ? "healthy" : "unhealthy",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      uptime: process.uptime(),
+      memory: process.memoryUsage(),
+      checks: results
+    });
+    res.statusCode = allHealthy ? 200 : 503;
+    res.setHeader("Content-Type", "application/json");
+    res.setHeader("Cache-Control", "no-cache, no-store");
+    res.end(body);
+  };
+}
+
+// src/plugins/CircuitBreakerPlugin.ts
+function CircuitBreakerPlugin(options = {}) {
+  const {
+    threshold = 5,
+    timeout: breakerTimeout = 3e4,
+    resetTimeout = 6e4,
+    halfOpenRequests = 1,
+    monitor
+  } = options;
+  let state = "CLOSED";
+  let failures = 0;
+  let successes = 0;
+  let lastFailureTime = 0;
+  let halfOpenCount = 0;
+  const transition = (newState) => {
+    if (state !== newState) {
+      state = newState;
+      monitor?.(state);
+    }
+  };
+  return (ctx, next) => {
+    const { res } = ctx;
+    if (state === "OPEN") {
+      if (Date.now() - lastFailureTime >= resetTimeout) {
+        transition("HALF_OPEN");
+        halfOpenCount = 0;
+      } else {
+        res.statusCode = 503;
+        res.setHeader("Content-Type", "application/json");
+        res.setHeader("Retry-After", String(Math.ceil(resetTimeout / 1e3)));
+        res.end(
+          JSON.stringify({
+            error: { statusCode: 503, message: "Service temporarily unavailable (circuit open)" }
+          })
+        );
+        return;
+      }
+    }
+    if (state === "HALF_OPEN" && halfOpenCount >= halfOpenRequests) {
+      res.statusCode = 503;
+      res.setHeader("Content-Type", "application/json");
+      res.end(
+        JSON.stringify({
+          error: { statusCode: 503, message: "Service temporarily unavailable (circuit half-open)" }
+        })
+      );
+      return;
+    }
+    if (state === "HALF_OPEN") halfOpenCount++;
+    const originalEnd = res.end;
+    res.end = function(...args) {
+      if (res.statusCode >= 500) {
+        failures++;
+        lastFailureTime = Date.now();
+        if (state === "HALF_OPEN" || failures >= threshold) {
+          transition("OPEN");
+        }
+      } else {
+        if (state === "HALF_OPEN") {
+          successes++;
+          if (successes >= halfOpenRequests) {
+            failures = 0;
+            successes = 0;
+            transition("CLOSED");
+          }
+        } else {
+          failures = Math.max(0, failures - 1);
+        }
+      }
+      return originalEnd.apply(this, args);
+    };
+    next();
+  };
+}
+
+// src/plugins/SSEPlugin.ts
+var SSEManager = class {
+  clients = /* @__PURE__ */ new Map();
+  clientCounter = 0;
+  addClient(res) {
+    const id = `sse-${++this.clientCounter}-${Date.now()}`;
+    res.setHeader("Content-Type", "text/event-stream");
+    res.setHeader("Cache-Control", "no-cache");
+    res.setHeader("Connection", "keep-alive");
+    res.setHeader("X-Accel-Buffering", "no");
+    res.statusCode = 200;
+    res.flushHeaders();
+    const client = {
+      id,
+      res,
+      send(event, data, eventId) {
+        const serialized = typeof data === "string" ? data : JSON.stringify(data);
+        let message = "";
+        if (eventId) message += `id: ${eventId}
+`;
+        message += `event: ${event}
+`;
+        message += `data: ${serialized}
+
+`;
+        res.write(message);
+      },
+      close() {
+        res.end();
+      }
+    };
+    this.clients.set(id, client);
+    res.on("close", () => {
+      this.clients.delete(id);
+    });
+    return client;
+  }
+  broadcast(event, data, id) {
+    for (const client of this.clients.values()) {
+      client.send(event, data, id);
+    }
+  }
+  getClient(id) {
+    return this.clients.get(id);
+  }
+  getClientCount() {
+    return this.clients.size;
+  }
+  closeAll() {
+    for (const client of this.clients.values()) {
+      client.close();
+    }
+    this.clients.clear();
+  }
+};
+function SSEPlugin(options) {
+  const {
+    path,
+    heartbeatInterval = 3e4,
+    retry = 3e3,
+    maxClients = 1e3
+  } = options;
+  const manager = new SSEManager();
+  let heartbeat = null;
+  if (heartbeatInterval > 0) {
+    heartbeat = setInterval(() => {
+      manager.broadcast("heartbeat", { time: Date.now() });
+    }, heartbeatInterval);
+    if (heartbeat.unref) heartbeat.unref();
+  }
+  const plugin = Object.assign(
+    (ctx, next) => {
+      const { req, res } = ctx;
+      if (req.pathname !== path || req.method !== "GET") {
+        next();
+        return;
+      }
+      if (manager.getClientCount() >= maxClients) {
+        res.statusCode = 503;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: { statusCode: 503, message: "Too many SSE connections" } }));
+        return;
+      }
+      const client = manager.addClient(res);
+      res.write(`retry: ${retry}
+
+`);
+      client.send("connected", { clientId: client.id });
+    },
+    { manager }
+  );
+  return plugin;
+}
+function ProxyPlugin(options) {
+  const {
+    target,
+    pathRewrite = {},
+    changeOrigin = true,
+    timeout = 3e4,
+    headers: extraHeaders = {},
+    onProxyReq,
+    onProxyRes
+  } = options;
+  const targetUrl = new URL(target);
+  const isHttps = targetUrl.protocol === "https:";
+  const requestFn = isHttps ? request : request$1;
+  return (ctx, next) => {
+    const { req, res } = ctx;
+    let targetPath = req.pathname;
+    for (const [from, to] of Object.entries(pathRewrite)) {
+      targetPath = targetPath.replace(new RegExp(from), to);
+    }
+    const search = req.url?.includes("?") ? req.url.slice(req.url.indexOf("?")) : "";
+    const fullPath = targetPath + search;
+    const proxyHeaders = {};
+    for (const [key, val] of Object.entries(req.headers)) {
+      if (val) proxyHeaders[key] = Array.isArray(val) ? val.join(", ") : val;
+    }
+    if (changeOrigin) {
+      proxyHeaders.host = targetUrl.host;
+    }
+    Object.assign(proxyHeaders, extraHeaders);
+    const proxyReq = requestFn(
+      {
+        hostname: targetUrl.hostname,
+        port: targetUrl.port || (isHttps ? 443 : 80),
+        path: fullPath,
+        method: req.method,
+        headers: proxyHeaders,
+        timeout
+      },
+      (proxyRes) => {
+        onProxyRes?.(proxyRes, res);
+        res.statusCode = proxyRes.statusCode ?? 502;
+        for (const [key, val] of Object.entries(proxyRes.headers)) {
+          if (val) res.setHeader(key, val);
+        }
+        proxyRes.pipe(res);
+      }
+    );
+    proxyReq.on("error", (err) => {
+      if (!res.headersSent) {
+        res.statusCode = 502;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: { statusCode: 502, message: "Bad Gateway", details: err.message } }));
+      }
+    });
+    proxyReq.on("timeout", () => {
+      proxyReq.destroy();
+      if (!res.headersSent) {
+        res.statusCode = 504;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: { statusCode: 504, message: "Gateway Timeout" } }));
+      }
+    });
+    onProxyReq?.(proxyReq, req);
+    if (req.method !== "GET" && req.method !== "HEAD") {
+      req.pipe(proxyReq);
+    } else {
+      proxyReq.end();
+    }
+  };
+}
+function MultipartPlugin(options = {}) {
+  const {
+    maxFileSize = 10 * 1024 * 1024,
+    maxFiles = 10,
+    maxFieldSize = 1024 * 1024,
+    maxFields = 50,
+    allowedMimeTypes,
+    uploadDir
+  } = options;
+  if (uploadDir && !existsSync(uploadDir)) {
+    mkdirSync(uploadDir, { recursive: true });
+  }
+  return async (ctx, next) => {
+    const { req } = ctx;
+    const contentType = req.headers["content-type"] ?? "";
+    if (!contentType.startsWith("multipart/form-data")) {
+      next();
+      return;
+    }
+    const boundaryMatch = contentType.match(/boundary=([^\s;]+)/);
+    if (!boundaryMatch) {
+      next();
+      return;
+    }
+    const boundary = boundaryMatch[1];
+    try {
+      const { fields, files } = await parseMultipart(req, boundary, {
+        maxFileSize,
+        maxFiles,
+        maxFieldSize,
+        maxFields,
+        allowedMimeTypes
+      });
+      if (uploadDir) {
+        for (const file of files) {
+          const ext = file.filename.includes(".") ? file.filename.slice(file.filename.lastIndexOf(".")) : "";
+          const savedName = `${randomBytes(16).toString("hex")}${ext}`;
+          const savePath = join(uploadDir, savedName);
+          writeFileSync(savePath, file.buffer);
+          file.path = savePath;
+        }
+      }
+      req.files = files;
+      req.body = { ...req.body ?? {}, ...fields };
+      next();
+    } catch (err) {
+      const { res } = ctx;
+      res.statusCode = 400;
+      res.setHeader("Content-Type", "application/json");
+      res.end(JSON.stringify({ error: { statusCode: 400, message: err.message } }));
+    }
+  };
+}
+async function parseMultipart(req, boundary, opts) {
+  const raw = await collectBody(req);
+  const delimiter = Buffer.from(`--${boundary}`);
+  const endDelimiter = Buffer.from(`--${boundary}--`);
+  const fields = {};
+  const files = [];
+  let fieldCount = 0;
+  let start = bufferIndexOf(raw, delimiter, 0);
+  if (start === -1) return { fields, files };
+  start += delimiter.length + 2;
+  while (start < raw.length) {
+    const end = bufferIndexOf(raw, delimiter, start);
+    if (end === -1) break;
+    const part = raw.subarray(start, end - 2);
+    const headerEnd = bufferIndexOf(part, Buffer.from("\r\n\r\n"), 0);
+    if (headerEnd === -1) {
+      start = end + delimiter.length + 2;
+      continue;
+    }
+    const headerStr = part.subarray(0, headerEnd).toString("utf-8");
+    const body = part.subarray(headerEnd + 4);
+    const nameMatch = headerStr.match(/name="([^"]+)"/);
+    const filenameMatch = headerStr.match(/filename="([^"]*)"/);
+    const typeMatch = headerStr.match(/Content-Type:\s*(.+)/i);
+    if (filenameMatch && nameMatch) {
+      if (files.length >= opts.maxFiles) throw new Error("Too many files");
+      if (body.length > opts.maxFileSize) throw new Error(`File ${filenameMatch[1]} exceeds max size`);
+      const mimetype = typeMatch?.[1]?.trim() ?? "application/octet-stream";
+      if (opts.allowedMimeTypes && !opts.allowedMimeTypes.includes(mimetype)) {
+        throw new Error(`File type ${mimetype} not allowed`);
+      }
+      files.push({
+        fieldname: nameMatch[1],
+        filename: filenameMatch[1],
+        mimetype,
+        size: body.length,
+        buffer: Buffer.from(body)
+      });
+    } else if (nameMatch) {
+      if (++fieldCount > opts.maxFields) throw new Error("Too many fields");
+      if (body.length > opts.maxFieldSize) throw new Error(`Field ${nameMatch[1]} exceeds max size`);
+      fields[nameMatch[1]] = body.toString("utf-8");
+    }
+    start = end + delimiter.length;
+    if (bufferIndexOf(raw, endDelimiter, end) === end) break;
+    start += 2;
+  }
+  return { fields, files };
+}
+function collectBody(stream) {
+  return new Promise((resolve3, reject) => {
+    const chunks = [];
+    stream.on("data", (chunk) => chunks.push(chunk));
+    stream.on("end", () => resolve3(Buffer.concat(chunks)));
+    stream.on("error", reject);
+  });
+}
+function bufferIndexOf(buf, search, offset) {
+  for (let i = offset; i <= buf.length - search.length; i++) {
+    let found = true;
+    for (let j = 0; j < search.length; j++) {
+      if (buf[i + j] !== search[j]) {
+        found = false;
+        break;
+      }
+    }
+    if (found) return i;
+  }
+  return -1;
+}
+
+// src/utils/validators/DTOValidator.ts
+var DTOValidator = class {
+  static validate(data, schema) {
+    const errors = [];
+    if (data == null || typeof data !== "object") {
+      return {
+        valid: false,
+        errors: [{ field: "_root", message: "Request body must be an object" }]
+      };
+    }
+    for (const [field, rule] of Object.entries(schema)) {
+      const value = data[field];
+      if (rule.required && (value === void 0 || value === null || value === "")) {
+        errors.push({
+          field,
+          message: rule.message ?? `${field} is required`,
+          value
+        });
+        continue;
+      }
+      if (value === void 0 || value === null) continue;
+      if (rule.type) {
+        const actualType = Array.isArray(value) ? "array" : typeof value;
+        if (actualType !== rule.type) {
+          errors.push({
+            field,
+            message: rule.message ?? `${field} must be of type ${rule.type}`,
+            value
+          });
+          continue;
+        }
+      }
+      if (rule.type === "string" || typeof value === "string") {
+        if (rule.min !== void 0 && value.length < rule.min) {
+          errors.push({
+            field,
+            message: rule.message ?? `${field} must be at least ${rule.min} characters`,
+            value
+          });
+        }
+        if (rule.max !== void 0 && value.length > rule.max) {
+          errors.push({
+            field,
+            message: rule.message ?? `${field} must be at most ${rule.max} characters`,
+            value
+          });
+        }
+        if (rule.pattern && !rule.pattern.test(value)) {
+          errors.push({
+            field,
+            message: rule.message ?? `${field} has invalid format`,
+            value
+          });
+        }
+      }
+      if (rule.type === "number" || typeof value === "number") {
+        if (rule.min !== void 0 && value < rule.min) {
+          errors.push({
+            field,
+            message: rule.message ?? `${field} must be at least ${rule.min}`,
+            value
+          });
+        }
+        if (rule.max !== void 0 && value > rule.max) {
+          errors.push({
+            field,
+            message: rule.message ?? `${field} must be at most ${rule.max}`,
+            value
+          });
+        }
+      }
+      if (rule.type === "array" && Array.isArray(value)) {
+        if (rule.min !== void 0 && value.length < rule.min) {
+          errors.push({
+            field,
+            message: rule.message ?? `${field} must have at least ${rule.min} items`,
+            value
+          });
+        }
+        if (rule.max !== void 0 && value.length > rule.max) {
+          errors.push({
+            field,
+            message: rule.message ?? `${field} must have at most ${rule.max} items`,
+            value
+          });
+        }
+      }
+      if (rule.enum && !rule.enum.includes(value)) {
+        errors.push({
+          field,
+          message: rule.message ?? `${field} must be one of: ${rule.enum.join(", ")}`,
+          value
+        });
+      }
+      if (rule.custom) {
+        const customError = rule.custom(value);
+        if (customError) {
+          errors.push({ field, message: customError, value });
+        }
+      }
+    }
+    return {
+      valid: errors.length === 0,
+      errors,
+      data: errors.length === 0 ? data : void 0
+    };
+  }
+};
+
+// src/utils/validators/SchemaValidator.ts
+var SchemaValidator = class {
+  static validate(data, schema) {
+    if (typeof schema.safeParse === "function") {
+      const result = schema.safeParse(data);
+      if (result.success) {
+        return { valid: true, data: result.data };
+      }
+      return { valid: false, errors: result.error };
+    }
+    if (typeof schema.parse === "function") {
+      try {
+        const parsed = schema.parse(data);
+        return { valid: true, data: parsed };
+      } catch (err) {
+        return { valid: false, errors: err };
+      }
+    }
+    if (typeof schema.validate === "function") {
+      const result = schema.validate(data);
+      if (result.error) {
+        return { valid: false, errors: result.error };
+      }
+      return { valid: true, data: result.value };
+    }
+    return { valid: true, data };
+  }
+};
+var CONFIG_FILES = [
+  "azura.config.ts",
+  "azura.config.js",
+  "azura.config.mjs",
+  "azura.config.json",
+  "azura.config.yaml",
+  "azura.config.yml"
+];
+var ConfigModule = class _ConfigModule {
+  static instance = null;
+  config = {};
+  constructor() {
+  }
+  static getInstance() {
+    if (!_ConfigModule.instance) {
+      _ConfigModule.instance = new _ConfigModule();
+    }
+    return _ConfigModule.instance;
+  }
+  static async load(cwd) {
+    const instance = _ConfigModule.getInstance();
+    const baseDir = cwd ?? process.cwd();
+    for (const file of CONFIG_FILES) {
+      const fullPath = resolve(baseDir, file);
+      if (!existsSync(fullPath)) continue;
+      if (file.endsWith(".json")) {
+        instance.config = JSON.parse(readFileSync(fullPath, "utf-8"));
+        return instance.config;
+      }
+      if (file.endsWith(".yaml") || file.endsWith(".yml")) {
+        instance.config = parseSimpleYaml(readFileSync(fullPath, "utf-8"));
+        return instance.config;
+      }
+      if (file.endsWith(".ts") || file.endsWith(".js") || file.endsWith(".mjs")) {
+        try {
+          const mod = await import(`file://${fullPath}`);
+          instance.config = mod.default ?? mod;
+          return instance.config;
+        } catch {
+        }
+      }
+    }
+    return instance.config;
+  }
+  static loadSync(cwd) {
+    const instance = _ConfigModule.getInstance();
+    const baseDir = cwd ?? process.cwd();
+    for (const file of CONFIG_FILES) {
+      const fullPath = resolve(baseDir, file);
+      if (!existsSync(fullPath)) continue;
+      if (file.endsWith(".json")) {
+        instance.config = JSON.parse(readFileSync(fullPath, "utf-8"));
+        return instance.config;
+      }
+      if (file.endsWith(".yaml") || file.endsWith(".yml")) {
+        instance.config = parseSimpleYaml(readFileSync(fullPath, "utf-8"));
+        return instance.config;
+      }
+    }
+    return instance.config;
+  }
+  static get() {
+    return _ConfigModule.getInstance().config;
+  }
+  static set(config) {
+    _ConfigModule.getInstance().config = config;
+  }
+  static merge(partial) {
+    const instance = _ConfigModule.getInstance();
+    instance.config = deepMerge(instance.config, partial);
+    return instance.config;
+  }
+};
+function deepMerge(target, source) {
+  const output = { ...target };
+  for (const key of Object.keys(source)) {
+    if (source[key] && typeof source[key] === "object" && !Array.isArray(source[key]) && target[key] && typeof target[key] === "object") {
+      output[key] = deepMerge(target[key], source[key]);
+    } else {
+      output[key] = source[key];
+    }
+  }
+  return output;
+}
+function parseSimpleYaml(content) {
+  const result = {};
+  const lines = content.split("\n");
+  const stack = [{ indent: -1, obj: result }];
+  for (const line of lines) {
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith("#")) continue;
+    const indent = line.search(/\S/);
+    const colonIdx = trimmed.indexOf(":");
+    if (colonIdx === -1) continue;
+    const key = trimmed.slice(0, colonIdx).trim();
+    const rawValue = trimmed.slice(colonIdx + 1).trim();
+    while (stack.length > 1 && stack[stack.length - 1].indent >= indent) {
+      stack.pop();
+    }
+    const parent = stack[stack.length - 1].obj;
+    if (!rawValue) {
+      const newObj = {};
+      parent[key] = newObj;
+      stack.push({ indent, obj: newObj });
+    } else {
+      parent[key] = parseYamlValue(rawValue);
+    }
+  }
+  return result;
+}
+function parseYamlValue(val) {
+  if (val === "true") return true;
+  if (val === "false") return false;
+  if (val === "null") return null;
+  if (/^-?\d+$/.test(val)) return parseInt(val, 10);
+  if (/^-?\d+\.\d+$/.test(val)) return parseFloat(val);
+  if (val.startsWith('"') && val.endsWith('"') || val.startsWith("'") && val.endsWith("'")) {
+    return val.slice(1, -1);
+  }
+  if (val.startsWith("[") && val.endsWith("]")) {
+    return val.slice(1, -1).split(",").map((v) => parseYamlValue(v.trim()));
+  }
+  return val;
+}
+
+// src/middleware/LoggingMiddleware.ts
+function LoggingMiddleware() {
+  return (ctx, next) => {
+    const { req, res } = ctx;
+    const start = process.hrtime.bigint();
+    const originalEnd = res.end;
+    res.end = function(...args) {
+      const duration = process.hrtime.bigint() - start;
+      const ms = Number(duration) / 1e6;
+      res.setHeader("X-Response-Time", `${ms.toFixed(2)}ms`);
+      return originalEnd.apply(this, args);
+    };
+    next();
+  };
+}
+
+export { AzuraServer, Body, CORSPlugin, CircuitBreakerPlugin, CompressionPlugin, ConfigModule, Controller, Cookies, DTOValidator, Delete, ETagPlugin, Get, Head, Headers, HealthCheckPlugin, HelmetPlugin, HttpError, HttpStatus, HttpStatusText, Ip, JWTPlugin, Logger, LoggingMiddleware, Meta, MultipartPlugin, NextFunc, Options, Param, Patch, Post, ProxyPlugin, Put, Query, RateLimitPlugin, Req, RequestIdPlugin, Res, Router, SSEManager, SSEPlugin, SchemaValidator, Session, SessionPlugin, StaticPlugin, TimeoutPlugin, UseMiddleware, applyDecorators, clearCookieHeader, parseBody, parseCookies, parseQueryString, parseUrl, resolveIp, serializeCookie, signJWT, verifyJWT };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map