bxo 0.0.5-dev.7 → 0.0.5-dev.71

package/example/cors-example.ts

@@ -0,0 +1,49 @@
+import BXO from "../src/index";
+import { cors } from "../plugins";
+
+const app = new BXO();
+
+// Use the CORS plugin
+app.use(cors({
+  origin: ["http://localhost:3000", "http://localhost:3001"],
+  methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
+  allowedHeaders: ["Content-Type", "Authorization"],
+  credentials: true
+}));
+
+// Add some routes
+app.get("/api/users", async (ctx) => {
+  return ctx.json([
+    { id: 1, name: "John Doe" },
+    { id: 2, name: "Jane Smith" }
+  ]);
+});
+
+app.post("/api/users", async (ctx) => {
+  const user = ctx.body as { name: string };
+  return ctx.json({ id: 3, name: user.name }, 201);
+});
+
+// Custom beforeRequest hook example
+app.beforeRequest(async (req) => {
+  console.log(`[${new Date().toISOString()}] ${req.method} ${req.url}`);
+  return req; // Continue with the request
+});
+
+// Custom afterRequest hook example
+app.afterRequest(async (req, res) => {
+  console.log(`[${new Date().toISOString()}] Response: ${res.status}`);
+  return res; // Return the modified response
+});
+
+// Custom error handler
+app.onError(async (error, req) => {
+  console.error(`Error handling ${req.method} ${req.url}:`, error);
+  return new Response("Something went wrong", { status: 500 });
+});
+
+// Start the server
+app.start();
+
+console.log("Server running on http://localhost:3000");
+console.log("Try making a CORS request from another origin!");

package/example/index.html

@@ -0,0 +1,5 @@
+<html>
+    <body>
+        <h1>Hello, world!</h1>
+    </body>
+</html>

package/example/index.ts

@@ -0,0 +1,191 @@
+import BXO, { z } from "../src";
+import index from "./index.html";
+import { openapi } from "../plugins/openapi";
+
+async function main() {
+    const bxo = new BXO();
+
+    bxo.default("/", index);
+    bxo.default("/*", index);
+
+    // API routes with comprehensive metadata
+    bxo.get("/api/get/:id", (ctx) => {
+        return new Response(ctx.params.id + ctx.query.name, {
+            headers: {
+                "Content-Type": "text/html"
+            }
+        });
+    }, {
+        query: z.object({
+            name: z.number()
+        }),
+        response: {
+            200: z.object({
+                name: z.string()
+            })
+        },
+        detail: {
+            tags: ["API"],
+            summary: "Get data by ID",
+            description: "Retrieve data using an ID and name query parameter",
+            params: {
+                id: z.string().describe("Unique identifier for the data")
+            }
+        }
+    });
+
+    bxo.post("/api/post", (ctx) => {
+        console.log(ctx.body)
+        return new Response("Hello" + ctx.body.name, {
+            headers: {
+                "Content-Type": "text/html"
+            }
+        });
+    }, {
+        detail: {
+            tags: ["API"],
+            summary: "Create new data",
+            description: "Submit new data with name and avatar file",
+            defaultContentType: "multipart/form-data"
+        },
+        body: z.object({
+            name: z.string(),
+            avatar: z.file()
+        }),
+        response: {
+            200: z.object({
+                name: z.string()
+            }),
+            400: z.object({
+                error: z.string()
+            })
+        }
+    });
+
+    // Additional routes to showcase different features
+    bxo.get("/api/users", (ctx) => {
+        return ctx.json({ users: ["John", "Jane", "Bob"] });
+    }, {
+        detail: {
+            tags: ["Users"],
+            summary: "Get all users",
+            description: "Retrieve a list of all users in the system"
+        },
+        response: {
+            200: z.object({
+                users: z.array(z.string())
+            })
+        }
+    });
+
+    bxo.get("/api/users/:id", (ctx) => {
+        const id = ctx.params.id;
+        return ctx.json({ user: { id, name: "John Doe", email: "john@example.com" } });
+    }, {
+        detail: {
+            tags: ["Users"],
+            summary: "Get user by ID",
+            description: "Retrieve a specific user by their unique identifier",
+            params: {
+                id: z.string().describe("User's unique identifier")
+            }
+        },
+        response: {
+            200: z.object({
+                user: z.object({
+                    id: z.string(),
+                    name: z.string(),
+                    email: z.string()
+                })
+            }),
+            404: z.object({
+                error: z.string()
+            })
+        }
+    });
+
+    bxo.post("/api/users", (ctx) => {
+        const userData = ctx.body;
+        return ctx.json({ message: "User created", user: userData });
+    }, {
+        detail: {
+            tags: ["Users"],
+            summary: "Create new user",
+            description: "Create a new user account with the provided information"
+        },
+        body: z.object({
+            name: z.string().min(1, "Name is required"),
+            email: z.string().email("Invalid email format"),
+            age: z.number().min(18, "Must be at least 18 years old").optional()
+        }),
+        response: {
+            201: z.object({
+                message: z.string(),
+                user: z.object({
+                    name: z.string(),
+                    email: z.string(),
+                    age: z.number().optional()
+                })
+            }),
+            400: z.object({
+                error: z.string(),
+                issues: z.array(z.any()).optional()
+            })
+        }
+    });
+
+    // Health check route
+    bxo.get("/health", (ctx) => {
+        return ctx.json({ 
+            status: "ok", 
+            timestamp: new Date().toISOString(),
+            uptime: process.uptime()
+        });
+    }, {
+        detail: {
+            tags: ["System"],
+            summary: "Health check",
+            description: "Check the health status of the API server"
+        },
+        response: {
+            200: z.object({
+                status: z.string(),
+                timestamp: z.string(),
+                uptime: z.number()
+            })
+        }
+    });
+
+    // Use OpenAPI plugin with enhanced configuration
+    bxo.use(openapi({
+        path: "/docs",
+        jsonPath: "/openapi.json",
+        defaultTags: ["API"],
+        securitySchemes: {
+            bearerAuth: {
+                type: "http",
+                scheme: "bearer",
+                bearerFormat: "JWT",
+                description: "JWT token for authentication"
+            },
+            apiKeyAuth: {
+                type: "apiKey",
+                in: "header",
+                name: "X-API-Key",
+                description: "API key for authentication"
+            }
+        },
+        globalSecurity: [
+            { bearerAuth: [] },
+            { apiKeyAuth: [] }
+        ],
+        openapiConfig: {}
+    }));
+
+    bxo.start();
+    console.log(`Server is running on http://localhost:${bxo.server?.port}`);
+    console.log(`OpenAPI documentation available at http://localhost:${bxo.server?.port}/docs`);
+    console.log(`OpenAPI JSON available at http://localhost:${bxo.server?.port}/openapi.json`);
+}
+
+main();

package/example/openapi-example.ts

@@ -0,0 +1,132 @@
+import BXO, { z } from "../src";
+import { openapi } from "../plugins/openapi";
+
+// Create a BXO app with OpenAPI plugin
+const app = new BXO()
+    .use(openapi({
+        path: "/docs",
+        jsonPath: "/openapi.json",
+        defaultTags: ["API"],
+        securitySchemes: {
+            bearerAuth: {
+                type: "http",
+                scheme: "bearer",
+                bearerFormat: "JWT",
+                description: "JWT token for authentication"
+            },
+            apiKeyAuth: {
+                type: "apiKey",
+                in: "header",
+                name: "X-API-Key",
+                description: "API key for authentication"
+            }
+        },
+        globalSecurity: [
+            { bearerAuth: [] },
+            { apiKeyAuth: [] }
+        ],
+        openapiConfig: {
+            info: {
+                title: "My API with Security",
+                version: "1.0.0",
+                description: "An example API with OpenAPI documentation, tags, and security"
+            }
+        }
+    }))
+
+// Example routes with tags and security
+app.get("/users", (ctx) => {
+    return { users: [] }
+}, {
+    detail: {
+        tags: ["Users"],
+        summary: "Get all users",
+        description: "Retrieve a list of all users",
+        security: [{ bearerAuth: [] }]
+    }
+})
+
+app.get("/users/:id", (ctx) => {
+    const id = ctx.params.id
+    return { user: { id, name: "John Doe" } }
+}, {
+    detail: {
+        tags: ["Users"],
+        summary: "Get user by ID",
+        description: "Retrieve a specific user by their ID",
+        params: {
+            id: z.string().describe("User ID")
+        },
+        security: [{ apiKeyAuth: [] }]
+    }
+})
+
+app.post("/users", (ctx) => {
+    const body = ctx.body
+    return { message: "User created", user: body }
+}, {
+    body: z.object({
+        name: z.string(),
+        email: z.string().email()
+    }),
+    detail: {
+        tags: ["Users"],
+        summary: "Create a new user",
+        description: "Create a new user with the provided information",
+        security: [{ bearerAuth: [] }]
+    }
+})
+
+app.get("/products", (ctx) => {
+    return { products: [] }
+}, {
+    detail: {
+        tags: ["Products"],
+        summary: "Get all products",
+        description: "Retrieve a list of all products"
+    }
+})
+
+app.get("/products/:id", (ctx) => {
+    const id = ctx.params.id
+    return { product: { id, name: "Sample Product" } }
+}, {
+    detail: {
+        tags: ["Products"],
+        summary: "Get product by ID",
+        description: "Retrieve a specific product by its ID",
+        params: {
+            id: z.string().describe("Product ID")
+        }
+    }
+})
+
+// Admin routes with different security
+app.get("/admin/users", (ctx) => {
+    return { adminUsers: [] }
+}, {
+    detail: {
+        tags: ["Admin"],
+        summary: "Get all users (Admin)",
+        description: "Admin-only endpoint to retrieve all users",
+        security: [{ bearerAuth: [] }, { apiKeyAuth: [] }]
+    }
+})
+
+// Health check route (no security required)
+app.get("/health", (ctx) => {
+    return { status: "ok", timestamp: new Date().toISOString() }
+}, {
+    detail: {
+        tags: ["System"],
+        summary: "Health check",
+        description: "Check if the API is running"
+    }
+})
+
+// Start the server
+app.listen(3000, () => {
+    console.log("Server running on http://localhost:3000")
+    console.log("OpenAPI docs available at http://localhost:3000/docs")
+    console.log("OpenAPI JSON available at http://localhost:3000/openapi.json")
+})

package/package.json

@@ -1,20 +1,20 @@
 {
   "name": "bxo",
-  "module": "index.ts",
-  "version": "0.0.5-dev.7",
-  "description": "A simple and lightweight web framework for Bun",
+  "module": "./src/index.ts",
+  "exports": {
+    ".": "./src/index.ts",
+    "./plugins": "./plugins/index.ts"
+  },
+  "version": "0.0.5-dev.71",
   "type": "module",
   "devDependencies": {
     "@types/bun": "latest"
   },
-  "exports": {
-    ".": "./index.ts",
-    "./plugins": "./plugins/index.ts"
-  },
   "peerDependencies": {
     "typescript": "^5"
   },
   "dependencies": {
-    "zod": "^4.0.5"
+    "zod": "^4.1.5",
+    "zod-openapi": "^5.4.0"
   }
 }

package/plugins/cors.ts

@@ -1,83 +1,133 @@
-import BXO from '../index';
-
-interface CORSOptions {
-  origin?: string | string[] | boolean;
-  methods?: string[];
-  allowedHeaders?: string[];
-  credentials?: boolean;
-  maxAge?: number;
+import BXO from "../src/index";
+
+export interface CorsOptions {
+    origin?: string | string[] | boolean | ((origin: string) => boolean);
+    methods?: string[];
+    allowedHeaders?: string[];
+    exposedHeaders?: string[];
+    credentials?: boolean;
+    maxAge?: number;
+    preflightContinue?: boolean;
 }
 
-export function cors(options: CORSOptions = {}): BXO {
-  const {
-    origin = '*',
-    methods = ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
-    allowedHeaders = ['Content-Type', 'Authorization'],
-    credentials = false,
-    maxAge = 86400
-  } = options;
-
-  const corsInstance = new BXO();
-
-  corsInstance.onRequest(async (ctx: any) => {
-    // Handle preflight OPTIONS request
-    if (ctx.request.method === 'OPTIONS') {
-      const headers: Record<string, string> = {};
-
-      // Handle origin
-      if (typeof origin === 'boolean') {
-        if (origin) {
-          headers['Access-Control-Allow-Origin'] = ctx.request.headers.get('origin') || '*';
+export function cors(options: CorsOptions = {}): BXO {
+    const {
+        origin = "*",
+        methods = ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS", "HEAD"],
+        allowedHeaders = ["Content-Type", "Authorization"],
+        exposedHeaders = [],
+        credentials = false,
+        maxAge = 86400,
+        preflightContinue = false
+    } = options;
+
+    const plugin = new BXO();
+
+    // Handle CORS preflight requests
+    plugin.beforeRequest(async (req) => {
+        const requestOrigin = req.headers.get("origin");
+        const requestMethod = req.method;
+
+        // Handle preflight OPTIONS request
+        if (requestMethod === "OPTIONS") {
+            const response = new Response(null, { status: 204 });
+
+            // Set CORS headers
+            setCorsHeaders(response, {
+                origin,
+                methods,
+                allowedHeaders,
+                exposedHeaders,
+                credentials,
+                maxAge,
+                requestOrigin
+            });
+
+            if (!preflightContinue) {
+                return response;
+            }
         }
-      } else if (typeof origin === 'string') {
-        headers['Access-Control-Allow-Origin'] = origin;
-      } else if (Array.isArray(origin)) {
-        const requestOrigin = ctx.request.headers.get('origin');
-        if (requestOrigin && origin.includes(requestOrigin)) {
-          headers['Access-Control-Allow-Origin'] = requestOrigin;
+
+        // Continue with normal request processing
+        return req;
+    });
+
+    // Add CORS headers to all responses
+    plugin.afterRequest(async (req, res) => {
+        const requestOrigin = req.headers.get("origin");
+
+        // Set CORS headers on the response
+        setCorsHeaders(res, {
+            origin,
+            methods,
+            allowedHeaders,
+            exposedHeaders,
+            credentials,
+            maxAge,
+            requestOrigin
+        });
+
+        return res;
+    });
+
+    return plugin;
+}
+
+function setCorsHeaders(
+    response: Response,
+    options: {
+        origin: string | string[] | boolean | ((origin: string) => boolean);
+        methods: string[];
+        allowedHeaders: string[];
+        exposedHeaders: string[];
+        credentials: boolean;
+        maxAge: number;
+        requestOrigin?: string | null;
+    }
+) {
+    const { origin, methods, allowedHeaders, exposedHeaders, credentials, maxAge, requestOrigin } = options;
+
+    // Set Access-Control-Allow-Origin
+    if (origin) {
+        if (typeof origin === "string") {
+            if (origin === "*") {
+                response.headers.set("Access-Control-Allow-Origin", "*");
+            } else {
+                response.headers.set("Access-Control-Allow-Origin", origin);
+            }
+        } else if (Array.isArray(origin)) {
+            // For array of origins, we need to check if the request origin is in the list
+            // This is handled in the beforeRequest hook where we have access to the request origin
+            if (options.requestOrigin && origin.includes(options.requestOrigin)) {
+                response.headers.set("Access-Control-Allow-Origin", options.requestOrigin);
+            }
+        } else if (origin === true) {
+            response.headers.set("Access-Control-Allow-Origin", "*");
         }
-      }
-
-      headers['Access-Control-Allow-Methods'] = methods.join(', ');
-      headers['Access-Control-Allow-Headers'] = allowedHeaders.join(', ');
-      
-      if (credentials) {
-        headers['Access-Control-Allow-Credentials'] = 'true';
-      }
-      
-      headers['Access-Control-Max-Age'] = maxAge.toString();
-
-      ctx.set.status = 204;
-      ctx.set.headers = { ...ctx.set.headers, ...headers };
-      
-      throw new Response(null, { status: 204, headers });
     }
-  });
-
-  corsInstance.onResponse(async (ctx: any, response: any) => {
-    const headers: Record<string, string> = {};
-
-    // Handle origin for actual requests
-    if (typeof origin === 'boolean') {
-      if (origin) {
-        headers['Access-Control-Allow-Origin'] = ctx.request.headers.get('origin') || '*';
-      }
-    } else if (typeof origin === 'string') {
-      headers['Access-Control-Allow-Origin'] = origin;
-    } else if (Array.isArray(origin)) {
-      const requestOrigin = ctx.request.headers.get('origin');
-      if (requestOrigin && origin.includes(requestOrigin)) {
-        headers['Access-Control-Allow-Origin'] = requestOrigin;
-      }
+
+    // Set Access-Control-Allow-Methods
+    if (methods.length > 0) {
+        response.headers.set("Access-Control-Allow-Methods", methods.join(", "));
     }
 
-    if (credentials) {
-      headers['Access-Control-Allow-Credentials'] = 'true';
+    // Set Access-Control-Allow-Headers
+    if (allowedHeaders.length > 0) {
+        response.headers.set("Access-Control-Allow-Headers", allowedHeaders.join(", "));
     }
 
-    ctx.set.headers = { ...ctx.set.headers, ...headers };
-    return response;
-  });
+    // Set Access-Control-Expose-Headers
+    if (exposedHeaders.length > 0) {
+        response.headers.set("Access-Control-Expose-Headers", exposedHeaders.join(", "));
+    }
 
-  return corsInstance;
-} 
+    // Set Access-Control-Allow-Credentials
+    if (credentials) {
+        response.headers.set("Access-Control-Allow-Credentials", "true");
+    }
+
+    // Set Access-Control-Max-Age
+    if (maxAge) {
+        response.headers.set("Access-Control-Max-Age", maxAge.toString());
+    }
+}

package/plugins/index.ts

@@ -1,11 +1,2 @@
-// Export all plugins
-export { cors } from './cors';
-export { logger } from './logger';
-export { auth, createJWT } from './auth';
-export { rateLimit } from './ratelimit';
-
-// Import BXO for plugin typing
-import BXO from '../index';
-
-// Plugin functions now return BXO instances
-export type PluginFactory<T = any> = (options?: T) => BXO;
+export * from "./openapi";
+export * from "./cors";