mikroserve 1.0.1 → 1.1.0

package/lib/index.js

@@ -76,7 +76,8 @@ var RateLimiter = class {
     const now = Date.now();
     const key = ip || "unknown";
     const entry = this.requests.get(key);
-    if (!entry || entry.resetTime < now) return Math.floor((now + this.windowMs) / 1e3);
+    if (!entry || entry.resetTime < now)
+      return Math.floor((now + this.windowMs) / 1e3);
     return Math.floor(entry.resetTime / 1e3);
   }
   cleanup() {
@@ -193,7 +194,7 @@ var Router = class {
       res,
       params,
       query,
-      // @ts-ignore
+      // @ts-expect-error
       body: req.body || {},
       headers: req.headers,
       path,
@@ -334,6 +335,10 @@ var configDefaults = () => {
     sslKey: "",
     sslCa: "",
     debug: getTruthyValue(process.env.DEBUG) || false,
+    maxBodySize: 1024 * 1024,
+    // 1MB
+    requestTimeout: 3e4,
+    // 30 seconds
     rateLimit: {
       enabled: true,
       requestsPerMinute: 100
@@ -354,8 +359,18 @@ var baseConfig = (options) => ({
   options: [
     { flag: "--port", path: "port", defaultValue: defaults.port },
     { flag: "--host", path: "host", defaultValue: defaults.host },
-    { flag: "--https", path: "useHttps", defaultValue: defaults.useHttps, isFlag: true },
-    { flag: "--http2", path: "useHttp2", defaultValue: defaults.useHttp2, isFlag: true },
+    {
+      flag: "--https",
+      path: "useHttps",
+      defaultValue: defaults.useHttps,
+      isFlag: true
+    },
+    {
+      flag: "--http2",
+      path: "useHttp2",
+      defaultValue: defaults.useHttp2,
+      isFlag: true
+    },
     { flag: "--cert", path: "sslCert", defaultValue: defaults.sslCert },
     { flag: "--key", path: "sslKey", defaultValue: defaults.sslKey },
     { flag: "--ca", path: "sslCa", defaultValue: defaults.sslCa },
@@ -376,27 +391,148 @@ var baseConfig = (options) => ({
       defaultValue: defaults.allowedDomains,
       parser: import_mikroconf.parsers.array
     },
-    { flag: "--debug", path: "debug", defaultValue: defaults.debug, isFlag: true }
+    {
+      flag: "--debug",
+      path: "debug",
+      defaultValue: defaults.debug,
+      isFlag: true
+    },
+    {
+      flag: "--max-body-size",
+      path: "maxBodySize",
+      defaultValue: defaults.maxBodySize
+    },
+    {
+      flag: "--request-timeout",
+      path: "requestTimeout",
+      defaultValue: defaults.requestTimeout
+    }
   ],
   config: options
 });
 
+// src/utils/multipartParser.ts
+function parseMultipartFormData(body, contentType) {
+  const boundaryMatch = contentType.match(/boundary=(?:"([^"]+)"|([^;]+))/i);
+  if (!boundaryMatch) {
+    throw new Error("Invalid multipart/form-data: missing boundary");
+  }
+  const boundary = boundaryMatch[1] || boundaryMatch[2];
+  const boundaryBuffer = Buffer.from(`--${boundary}`);
+  const endBoundaryBuffer = Buffer.from(`--${boundary}--`);
+  const fields = {};
+  const files = {};
+  const parts = splitByBoundary(body, boundaryBuffer);
+  for (const part of parts) {
+    if (part.length === 0) continue;
+    if (part.equals(endBoundaryBuffer.subarray(boundaryBuffer.length)))
+      continue;
+    const parsed = parsePart(part);
+    if (!parsed) continue;
+    const { name, filename, contentType: partContentType, data } = parsed;
+    if (filename) {
+      const file = {
+        filename,
+        contentType: partContentType || "application/octet-stream",
+        data,
+        size: data.length
+      };
+      if (files[name]) {
+        if (Array.isArray(files[name])) {
+          files[name].push(file);
+        } else {
+          files[name] = [files[name], file];
+        }
+      } else {
+        files[name] = file;
+      }
+    } else {
+      const value = data.toString("utf8");
+      if (fields[name]) {
+        if (Array.isArray(fields[name])) {
+          fields[name].push(value);
+        } else {
+          fields[name] = [fields[name], value];
+        }
+      } else {
+        fields[name] = value;
+      }
+    }
+  }
+  return { fields, files };
+}
+function splitByBoundary(buffer, boundary) {
+  const parts = [];
+  let start = 0;
+  while (start < buffer.length) {
+    const index = buffer.indexOf(boundary, start);
+    if (index === -1) break;
+    if (start !== index) {
+      parts.push(buffer.subarray(start, index));
+    }
+    start = index + boundary.length;
+    if (start < buffer.length && buffer[start] === 13 && buffer[start + 1] === 10) {
+      start += 2;
+    }
+  }
+  return parts;
+}
+function parsePart(part) {
+  const doubleCRLF = Buffer.from("\r\n\r\n");
+  const headerEndIndex = part.indexOf(doubleCRLF);
+  if (headerEndIndex === -1) return null;
+  const headersBuffer = part.subarray(0, headerEndIndex);
+  const dataBuffer = part.subarray(headerEndIndex + 4);
+  const headers = headersBuffer.toString("utf8");
+  const headerLines = headers.split("\r\n");
+  let disposition = "";
+  let name = "";
+  let filename;
+  let contentType;
+  for (const line of headerLines) {
+    const lowerLine = line.toLowerCase();
+    if (lowerLine.startsWith("content-disposition:")) {
+      disposition = line.substring("content-disposition:".length).trim();
+      const nameMatch = disposition.match(/name="([^"]+)"/);
+      if (nameMatch) {
+        name = nameMatch[1];
+      }
+      const filenameMatch = disposition.match(/filename="([^"]+)"/);
+      if (filenameMatch) {
+        filename = filenameMatch[1];
+      }
+    } else if (lowerLine.startsWith("content-type:")) {
+      contentType = line.substring("content-type:".length).trim();
+    }
+  }
+  if (!name) return null;
+  let data = dataBuffer;
+  if (data.length >= 2 && data[data.length - 2] === 13 && data[data.length - 1] === 10) {
+    data = data.subarray(0, data.length - 2);
+  }
+  return { disposition, name, filename, contentType, data };
+}
+
 // src/MikroServe.ts
 var MikroServe = class {
   config;
   rateLimiter;
   router;
+  shutdownHandlers = [];
   /**
    * @description Creates a new MikroServe instance.
    */
   constructor(options) {
-    const config = new import_mikroconf2.MikroConf(baseConfig(options || {})).get();
+    const config = new import_mikroconf2.MikroConf(
+      baseConfig(options || {})
+    ).get();
     if (config.debug) console.log("Using configuration:", config);
     this.config = config;
     this.router = new Router();
     const requestsPerMinute = config.rateLimit.requestsPerMinute || configDefaults().rateLimit.requestsPerMinute;
     this.rateLimiter = new RateLimiter(requestsPerMinute, 60);
-    if (config.rateLimit.enabled === true) this.use(this.rateLimitMiddleware.bind(this));
+    if (config.rateLimit.enabled === true)
+      this.use(this.rateLimitMiddleware.bind(this));
   }
   /**
    * @description Register a global middleware.
@@ -477,7 +613,9 @@ var MikroServe = class {
     const boundRequestHandler = this.requestHandler.bind(this);
     if (this.config.useHttp2) {
       if (!this.config.sslCert || !this.config.sslKey)
-        throw new Error("SSL certificate and key paths are required when useHttp2 is true");
+        throw new Error(
+          "SSL certificate and key paths are required when useHttp2 is true"
+        );
       try {
         const httpsOptions = {
           key: (0, import_node_fs.readFileSync)(this.config.sslKey),
@@ -487,12 +625,16 @@ var MikroServe = class {
         return import_node_http2.default.createSecureServer(httpsOptions, boundRequestHandler);
       } catch (error) {
         if (error.message.includes("key values mismatch"))
-          throw new Error(`SSL certificate and key do not match: ${error.message}`);
+          throw new Error(
+            `SSL certificate and key do not match: ${error.message}`
+          );
         throw error;
       }
     } else if (this.config.useHttps) {
       if (!this.config.sslCert || !this.config.sslKey)
-        throw new Error("SSL certificate and key paths are required when useHttps is true");
+        throw new Error(
+          "SSL certificate and key paths are required when useHttps is true"
+        );
       try {
         const httpsOptions = {
           key: (0, import_node_fs.readFileSync)(this.config.sslKey),
@@ -502,7 +644,9 @@ var MikroServe = class {
         return import_node_https.default.createServer(httpsOptions, boundRequestHandler);
       } catch (error) {
         if (error.message.includes("key values mismatch"))
-          throw new Error(`SSL certificate and key do not match: ${error.message}`);
+          throw new Error(
+            `SSL certificate and key do not match: ${error.message}`
+          );
         throw error;
       }
     }
@@ -513,12 +657,18 @@ var MikroServe = class {
    */
   async rateLimitMiddleware(context, next) {
     const ip = context.req.socket.remoteAddress || "unknown";
-    context.res.setHeader("X-RateLimit-Limit", this.rateLimiter.getLimit().toString());
+    context.res.setHeader(
+      "X-RateLimit-Limit",
+      this.rateLimiter.getLimit().toString()
+    );
     context.res.setHeader(
       "X-RateLimit-Remaining",
       this.rateLimiter.getRemainingRequests(ip).toString()
     );
-    context.res.setHeader("X-RateLimit-Reset", this.rateLimiter.getResetTime(ip).toString());
+    context.res.setHeader(
+      "X-RateLimit-Reset",
+      this.rateLimiter.getResetTime(ip).toString()
+    );
     if (!this.rateLimiter.isAllowed(ip)) {
       return {
         statusCode: 429,
@@ -605,44 +755,87 @@ var MikroServe = class {
     return new Promise((resolve, reject) => {
       const bodyChunks = [];
       let bodySize = 0;
-      const MAX_BODY_SIZE = 1024 * 1024;
-      let rejected = false;
+      const maxBodySize = this.config.maxBodySize;
+      let settled = false;
+      let timeoutId = null;
       const isDebug = this.config.debug;
       const contentType = req.headers["content-type"] || "";
       if (isDebug) {
         console.log("Content-Type:", contentType);
       }
+      if (this.config.requestTimeout > 0) {
+        timeoutId = setTimeout(() => {
+          if (!settled) {
+            settled = true;
+            if (isDebug) console.log("Request timeout exceeded");
+            reject(new Error("Request timeout"));
+          }
+        }, this.config.requestTimeout);
+      }
+      const cleanup = () => {
+        if (timeoutId) {
+          clearTimeout(timeoutId);
+          timeoutId = null;
+        }
+      };
       req.on("data", (chunk) => {
+        if (settled) {
+          return;
+        }
         bodySize += chunk.length;
-        if (isDebug) console.log(`Received chunk: ${chunk.length} bytes, total size: ${bodySize}`);
-        if (bodySize > MAX_BODY_SIZE && !rejected) {
-          rejected = true;
-          if (isDebug) console.log(`Body size exceeded limit: ${bodySize} > ${MAX_BODY_SIZE}`);
+        if (isDebug)
+          console.log(
+            `Received chunk: ${chunk.length} bytes, total size: ${bodySize}`
+          );
+        if (bodySize > maxBodySize) {
+          settled = true;
+          cleanup();
+          if (isDebug)
+            console.log(
+              `Body size exceeded limit: ${bodySize} > ${maxBodySize}`
+            );
           reject(new Error("Request body too large"));
           return;
         }
-        if (!rejected) bodyChunks.push(chunk);
+        bodyChunks.push(chunk);
       });
       req.on("end", () => {
-        if (rejected) return;
+        if (settled) return;
+        settled = true;
+        cleanup();
         if (isDebug) console.log(`Request body complete: ${bodySize} bytes`);
         try {
           if (bodyChunks.length > 0) {
-            const bodyString = Buffer.concat(bodyChunks).toString("utf8");
+            const bodyBuffer = Buffer.concat(bodyChunks);
             if (contentType.includes("application/json")) {
               try {
+                const bodyString = bodyBuffer.toString("utf8");
                 resolve(JSON.parse(bodyString));
               } catch (error) {
-                reject(new Error(`Invalid JSON in request body: ${error.message}`));
+                reject(
+                  new Error(`Invalid JSON in request body: ${error.message}`)
+                );
               }
             } else if (contentType.includes("application/x-www-form-urlencoded")) {
+              const bodyString = bodyBuffer.toString("utf8");
               const formData = {};
               new URLSearchParams(bodyString).forEach((value, key) => {
                 formData[key] = value;
               });
               resolve(formData);
+            } else if (contentType.includes("multipart/form-data")) {
+              try {
+                const parsed = parseMultipartFormData(bodyBuffer, contentType);
+                resolve(parsed);
+              } catch (error) {
+                reject(
+                  new Error(`Invalid multipart form data: ${error.message}`)
+                );
+              }
+            } else if (this.isBinaryContentType(contentType)) {
+              resolve(bodyBuffer);
             } else {
-              resolve(bodyString);
+              resolve(bodyBuffer.toString("utf8"));
             }
           } else {
             resolve({});
@@ -652,24 +845,61 @@ var MikroServe = class {
         }
       });
       req.on("error", (error) => {
-        if (!rejected) reject(new Error(`Error reading request body: ${error.message}`));
+        if (!settled) {
+          settled = true;
+          cleanup();
+          reject(new Error(`Error reading request body: ${error.message}`));
+        }
+      });
+      req.on("close", () => {
+        cleanup();
       });
     });
   }
+  /**
+   * @description Checks if a content type is binary.
+   */
+  isBinaryContentType(contentType) {
+    const binaryTypes = [
+      "application/octet-stream",
+      "application/pdf",
+      "application/zip",
+      "application/gzip",
+      "application/x-tar",
+      "application/x-rar-compressed",
+      "application/x-7z-compressed",
+      "image/",
+      "video/",
+      "audio/",
+      "application/vnd.ms-excel",
+      "application/vnd.openxmlformats-officedocument",
+      "application/msword",
+      "application/vnd.ms-powerpoint"
+    ];
+    return binaryTypes.some((type) => contentType.includes(type));
+  }
   /**
    * @description CORS middleware.
    */
   setCorsHeaders(res, req) {
     const origin = req.headers.origin;
     const { allowedDomains = ["*"] } = this.config;
-    if (!origin || allowedDomains.length === 0) res.setHeader("Access-Control-Allow-Origin", "*");
-    else if (allowedDomains.includes("*")) res.setHeader("Access-Control-Allow-Origin", "*");
+    if (!origin || allowedDomains.length === 0)
+      res.setHeader("Access-Control-Allow-Origin", "*");
+    else if (allowedDomains.includes("*"))
+      res.setHeader("Access-Control-Allow-Origin", "*");
     else if (allowedDomains.includes(origin)) {
       res.setHeader("Access-Control-Allow-Origin", origin);
       res.setHeader("Vary", "Origin");
     }
-    res.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, PATCH, OPTIONS");
-    res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
+    res.setHeader(
+      "Access-Control-Allow-Methods",
+      "GET, POST, PUT, DELETE, PATCH, OPTIONS"
+    );
+    res.setHeader(
+      "Access-Control-Allow-Headers",
+      "Content-Type, Authorization"
+    );
     res.setHeader("Access-Control-Max-Age", "86400");
   }
   /**
@@ -712,11 +942,15 @@ var MikroServe = class {
       else if (typeof response.body === "string") res.end(response.body);
       else res.end(JSON.stringify(response.body));
     } else {
-      console.warn("Unexpected response object type without writeHead/end methods");
+      console.warn(
+        "Unexpected response object type without writeHead/end methods"
+      );
       res.writeHead?.(response.statusCode, headers);
-      if (response.body === null || response.body === void 0) res.end?.();
+      if (response.body === null || response.body === void 0)
+        res.end?.();
       else if (response.isRaw) res.end?.(response.body);
-      else if (typeof response.body === "string") res.end?.(response.body);
+      else if (typeof response.body === "string")
+        res.end?.(response.body);
       else res.end?.(JSON.stringify(response.body));
     }
   }
@@ -727,15 +961,46 @@ var MikroServe = class {
     const shutdown = (error) => {
       console.log("Shutting down MikroServe server...");
       if (error) console.error("Error:", error);
+      this.cleanupShutdownHandlers();
       server.close(() => {
         console.log("Server closed successfully");
-        setImmediate(() => process.exit(error ? 1 : 0));
+        if (process.env.NODE_ENV !== "test" && process.env.VITEST !== "true") {
+          setImmediate(() => process.exit(error ? 1 : 0));
+        }
       });
     };
-    process.on("SIGINT", () => shutdown());
-    process.on("SIGTERM", () => shutdown());
-    process.on("uncaughtException", shutdown);
-    process.on("unhandledRejection", shutdown);
+    const sigintHandler = () => shutdown();
+    const sigtermHandler = () => shutdown();
+    const uncaughtExceptionHandler = (error) => shutdown(error);
+    const unhandledRejectionHandler = (error) => shutdown(error);
+    this.shutdownHandlers = [
+      sigintHandler,
+      sigtermHandler,
+      uncaughtExceptionHandler,
+      unhandledRejectionHandler
+    ];
+    process.on("SIGINT", sigintHandler);
+    process.on("SIGTERM", sigtermHandler);
+    process.on("uncaughtException", uncaughtExceptionHandler);
+    process.on("unhandledRejection", unhandledRejectionHandler);
+  }
+  /**
+   * @description Cleans up shutdown event listeners to prevent memory leaks.
+   */
+  cleanupShutdownHandlers() {
+    if (this.shutdownHandlers.length > 0) {
+      const [
+        sigintHandler,
+        sigtermHandler,
+        uncaughtExceptionHandler,
+        unhandledRejectionHandler
+      ] = this.shutdownHandlers;
+      process.removeListener("SIGINT", sigintHandler);
+      process.removeListener("SIGTERM", sigtermHandler);
+      process.removeListener("uncaughtException", uncaughtExceptionHandler);
+      process.removeListener("unhandledRejection", unhandledRejectionHandler);
+      this.shutdownHandlers = [];
+    }
   }
 };
 // Annotate the CommonJS export names for ESM import in node:

package/lib/index.mjs

@@ -1,10 +1,11 @@
 import {
   MikroServe
-} from "./chunk-N5ZQZGGT.mjs";
-import "./chunk-ZFBBESGU.mjs";
-import "./chunk-YKRH6T5M.mjs";
-import "./chunk-YOHL3T54.mjs";
-import "./chunk-JJX5XRNB.mjs";
+} from "./chunk-C4IW4XUH.mjs";
+import "./chunk-OF5DEOIU.mjs";
+import "./chunk-7LU765PG.mjs";
+import "./chunk-ZT2UGCN5.mjs";
+import "./chunk-DMNHVQTU.mjs";
+import "./chunk-VLQ7ZZIU.mjs";
 export {
   MikroServe
 };

package/lib/interfaces/index.d.mts

@@ -49,6 +49,16 @@ type MikroServeConfiguration = {
      * @default false
      */
     debug: boolean;
+    /**
+     * Maximum request body size in bytes.
+     * @default 1048576 (1MB)
+     */
+    maxBodySize: number;
+    /**
+     * Request timeout in milliseconds. Set to 0 to disable.
+     * @default 30000 (30 seconds)
+     */
+    requestTimeout: number;
     /**
      * Rate limiter settings.
      */

package/lib/interfaces/index.d.ts

@@ -49,6 +49,16 @@ type MikroServeConfiguration = {
      * @default false
      */
     debug: boolean;
+    /**
+     * Maximum request body size in bytes.
+     * @default 1048576 (1MB)
+     */
+    maxBodySize: number;
+    /**
+     * Request timeout in milliseconds. Set to 0 to disable.
+     * @default 30000 (30 seconds)
+     */
+    requestTimeout: number;
     /**
      * Rate limiter settings.
      */

package/lib/utils/configDefaults.d.mts

@@ -13,6 +13,8 @@ declare const getDefaultConfig: () => {
     sslKey: string;
     sslCa: string;
     debug: boolean;
+    maxBodySize: number;
+    requestTimeout: number;
     rateLimit: {
         enabled: boolean;
         requestsPerMinute: number;

package/lib/utils/configDefaults.d.ts

@@ -13,6 +13,8 @@ declare const getDefaultConfig: () => {
     sslKey: string;
     sslCa: string;
     debug: boolean;
+    maxBodySize: number;
+    requestTimeout: number;
     rateLimit: {
         enabled: boolean;
         requestsPerMinute: number;

package/lib/utils/configDefaults.js

@@ -34,6 +34,10 @@ var configDefaults = () => {
     sslKey: "",
     sslCa: "",
     debug: getTruthyValue(process.env.DEBUG) || false,
+    maxBodySize: 1024 * 1024,
+    // 1MB
+    requestTimeout: 3e4,
+    // 30 seconds
     rateLimit: {
       enabled: true,
       requestsPerMinute: 100
@@ -52,6 +56,8 @@ var getDefaultConfig = () => {
     sslKey: defaults.sslKey,
     sslCa: defaults.sslCa,
     debug: defaults.debug,
+    maxBodySize: defaults.maxBodySize,
+    requestTimeout: defaults.requestTimeout,
     rateLimit: {
       enabled: defaults.rateLimit.enabled,
       requestsPerMinute: defaults.rateLimit.requestsPerMinute

package/lib/utils/configDefaults.mjs

@@ -1,7 +1,7 @@
 import {
   configDefaults,
   getDefaultConfig
-} from "../chunk-JJX5XRNB.mjs";
+} from "../chunk-DMNHVQTU.mjs";
 export {
   configDefaults,
   getDefaultConfig

package/lib/utils/multipartParser.d.mts

@@ -0,0 +1,19 @@
+/**
+ * @description Multipart form-data parser for file uploads and form fields.
+ */
+interface MultipartFile {
+    filename: string;
+    contentType: string;
+    data: Buffer;
+    size: number;
+}
+interface MultipartFormData {
+    fields: Record<string, string | string[]>;
+    files: Record<string, MultipartFile | MultipartFile[]>;
+}
+/**
+ * @description Parses multipart/form-data from a Buffer.
+ */
+declare function parseMultipartFormData(body: Buffer, contentType: string): MultipartFormData;
+
+export { type MultipartFile, type MultipartFormData, parseMultipartFormData };

package/lib/utils/multipartParser.d.ts

@@ -0,0 +1,19 @@
+/**
+ * @description Multipart form-data parser for file uploads and form fields.
+ */
+interface MultipartFile {
+    filename: string;
+    contentType: string;
+    data: Buffer;
+    size: number;
+}
+interface MultipartFormData {
+    fields: Record<string, string | string[]>;
+    files: Record<string, MultipartFile | MultipartFile[]>;
+}
+/**
+ * @description Parses multipart/form-data from a Buffer.
+ */
+declare function parseMultipartFormData(body: Buffer, contentType: string): MultipartFormData;
+
+export { type MultipartFile, type MultipartFormData, parseMultipartFormData };