nicola-framework 1.0.0 → 1.0.2

package/README.md

@@ -0,0 +1,274 @@
+# ⚡ Nicola Framework
+
+[![npm version](https://img.shields.io/npm/v/nicola-framework.svg)](https://www.npmjs.com/package/nicola-framework)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+[![Node.js Version](https://img.shields.io/badge/node-%3E%3D16.0.0-brightgreen.svg)](https://nodejs.org)
+
+> Framework HTTP minimalista para Node.js (ESM): servidor, router, middlewares, JWT y una capa ORM sencilla.
+
+Nicola expone un **servidor HTTP nativo** con un **router tipo Express** y utilidades integradas. El proyecto está escrito como **ES Modules** (`"type": "module"`), por lo que los ejemplos usan `import`.
+
+---
+
+## ✅ Estado actual del proyecto (lo que realmente hay)
+
+- **Core/Router**: `Nicola` (default) extiende `Remote`.
+- **Body parsing**: JSON si `Content-Type` incluye `application/json` (límite ~2MB). Si no, `req.body = {}`.
+- **Helpers de response**: `res.json(data)` y `res.send(text)`. (No existe `res.status()`.)
+- **CORS**: `EasyCors` permite `*` y responde `OPTIONS` con `204`.
+- **Security headers**: `Teleforce` aplica headers básicos (no-sniff, frame deny, etc.).
+- **Logger**: `Shadowgraph` loggea al terminar la respuesta.
+- **Errores**: si un handler lanza error o llama `next(err)`, se responde HTML via `BlackBox`.
+- **JWT**: `Coherer` (HS256) funciona vía métodos **estáticos** y requiere `NICOLA_SECRET` en env.
+- **ORM**: `Dynamo` soporta **Postgres** hoy (driver `postgres`). La lib `pg` es **dependencia opcional** (se instala aparte).
+- **Hot reload**: `LiveCurrent` reinicia el proceso Node al detectar cambios en el directorio.
+
+---
+
+## 📦 Instalación
+
+```bash
+npm install nicola-framework
+```
+
+### (Opcional) Postgres
+
+El dialecto Postgres usa `pg` por import dinámico.
+
+```bash
+npm install pg
+```
+
+---
+
+## ⚡ Quickstart
+
+### Servidor HTTP básico
+
+```js
+import Nicola from 'nicola-framework';
+
+const app = new Nicola();
+
+app.get('/', (req, res) => {
+  res.json({ ok: true, message: 'Hello from Nicola!' });
+});
+
+app.listen(3000, () => {
+  console.log('Server running on http://localhost:3000');
+});
+```
+
+### Router anidado y params
+
+```js
+import { Nicola, Remote } from 'nicola-framework';
+
+const app = new Nicola();
+const api = new Remote();
+
+api.get('/users', (req, res) => {
+  res.json({ users: ['Alice', 'Bob'] });
+});
+
+api.get('/users/:id', (req, res) => {
+  res.json({ userId: req.params.id });
+});
+
+app.use('/api', api);
+app.listen(3000);
+```
+
+---
+
+## 🧠 API (resumen fiel al código)
+
+### `Nicola` (Core)
+
+- `new Nicola()`
+- `app.get/post/put/patch/delete(path, ...handlers)`
+- `app.use([path], ...handlers | router)`
+- `app.listen(port, [callback])`
+
+Notas:
+- `Nicola.listen()` ejecuta internamente `Shadowgraph`, `EasyCors` y `Teleforce` en cada request.
+- `req.query` se construye desde querystring.
+
+### `Remote` (Router)
+
+`Remote` es el router base. Soporta middlewares y rutas con params (`/users/:id`).
+
+Ejemplo de middleware simple:
+
+```js
+app.use((req, res, next) => {
+  // No existe res.status(); usa statusCode
+  if (req.url === '/blocked') {
+    res.statusCode = 403;
+    res.end('Forbidden');
+    return;
+  }
+  next();
+});
+```
+
+Errores:
+
+```js
+app.get('/boom', (req, res) => {
+  throw new Error('Boom');
+});
+```
+
+---
+
+## 🔐 Seguridad
+
+### `Regulator` (.env)
+
+Lee `.env` desde el directorio actual (`process.cwd()`) y lo copia a `process.env`.
+
+```js
+import { Regulator } from 'nicola-framework';
+
+Regulator.load();
+```
+
+### `Coherer` (JWT HS256)
+
+`Coherer` es una clase con métodos **estáticos**.
+
+```js
+import { Regulator, Coherer } from 'nicola-framework';
+
+Regulator.load();
+
+const token = Coherer.sign(
+  { userId: 123, role: 'admin' },
+  { expiresIn: '24h' }
+);
+
+const payload = Coherer.verify(token);
+console.log(payload.userId);
+```
+
+`.env` mínimo:
+
+```env
+NICOLA_SECRET=mi-secreto-super-seguro
+```
+
+---
+
+## 🗃️ Dynamo (ORM)
+
+### Configuración
+
+`Dynamo.connect()` **no recibe config**: toma la configuración desde variables de entorno.
+
+```js
+import { Regulator, Dynamo } from 'nicola-framework';
+
+Regulator.load();
+await Dynamo.connect();
+```
+
+`.env` para Postgres:
+
+```env
+DB_DRIVER=postgres
+DB_HOST=localhost
+DB_PORT=5432
+DB_USER=postgres
+DB_PASS=postgres
+DB_NAME=mydb
+```
+
+### Modelos
+
+```js
+import { Dynamo } from 'nicola-framework';
+
+export default class User extends Dynamo.Model {
+  static tableName = 'users';
+
+  static schema = {
+    name: { type: 'string', required: true },
+    email: { type: 'string', required: true },
+    age: { type: 'number', required: false }
+  };
+}
+```
+
+### Queries
+
+```js
+// All
+const users = await User.all();
+
+// Where
+const active = await User.where('active', true).get();
+
+// Insert (valida contra schema)
+const created = await User.create({ name: 'Alice', email: 'a@a.com', age: 20 });
+
+// Update / Delete
+await User.where('id', 1).update({ name: 'Alice 2' });
+await User.where('id', 1).delete();
+
+// Select específico (usa string con coma)
+const names = await User.select('name,email').get();
+
+// Order/limit/offset vía QueryBuilder
+const latest = await User.query().orderBy('id', 'DESC').limit(10).offset(0).get();
+```
+
+---
+
+## 🧩 Middlewares
+
+### `Insulator(schema)`
+
+Valida `req.body` con un esquema **simple** de tipos (`typeof`).
+
+```js
+import { Insulator } from 'nicola-framework';
+
+const schema = {
+  name: 'string',
+  age: 'number'
+};
+
+app.post('/users', Insulator(schema), (req, res) => {
+  res.json({ ok: true });
+});
+```
+
+### `Shadowgraph`, `Teleforce`, `EasyCors`
+
+Se ejecutan automáticamente dentro de `Nicola.listen()`. También puedes llamarlos manualmente si estás usando `Remote` por separado.
+
+---
+
+## 🔥 LiveCurrent (hot reload)
+
+```js
+import { LiveCurrent } from 'nicola-framework';
+
+const dev = new LiveCurrent('app.js');
+dev.boot();
+```
+
+---
+
+## 🤝 Contribuir
+
+1. Fork
+2. Rama feature
+3. PR
+
+---
+
+## 📝 Licencia
+
+MIT © Erick Mauricio Tiznado Rodriguez

package/core/Core.js

@@ -1,84 +1,89 @@
-import http from 'http'
-import Remote from './Remote.js';
-import BlackBox from '../middlewares/BlackBox.js'
-import Shadowgraph from '../middlewares/Shadowgraph.js';
-import Teleforce from '../middlewares/Teleforce.js';
-import EasyCors from '../middlewares/EasyCors.js';
+import http from "http";
+import Remote from "./Remote.js";
+import BlackBox from "../middlewares/BlackBox.js";
+import Shadowgraph from "../middlewares/Shadowgraph.js";
+import Teleforce from "../middlewares/Teleforce.js";
+import EasyCors from "../middlewares/EasyCors.js";
 class Core extends Remote {
-
-    constructor() {
-        super();
-    }
-
-
-
-
-    listen(port, callback) {
-
-        const server = http.createServer((req, res) => {
-            const myURL = new URL(req.url, 'http://' + req.headers.host);
-            const pathURL = myURL.pathname;
-            const urlParams =  Object.fromEntries(myURL.searchParams);
-
-            req.url = pathURL;
-            req.query = urlParams;
-
-            Shadowgraph(req, res, () => {
-                this.__addHelper(res);
-               EasyCors(req, res, () =>{
-                               
-                Teleforce(req, res, () => {
-                    const done = (err) => {
-                        if (!err) {
-                            res.statusCode = 404;
-                            res.end('Not Found')
-                        }
-                        else {
-                            BlackBox.ignite(err, req, res);
-                        }
-                    }
-
-                    let dataString = ''
-                    req.on('data', chunk => {
-                        dataString += chunk;
-
-                    })
-
-                    req.on('end', () => {
-                        try {
-                            if (dataString) {
-                                req.body = JSON.parse(dataString);
-                            }
-                            else {
-                                req.body = {}
-                            }
-                        }
-                        catch (error) {
-                            req.body = {}
-                        }
-                        this.handle(req, res, done);
-
-                    });
-                })
-               })
-            })
-        })
-        server.listen(port, callback);
-    }
-
-    __addHelper(res) {
-        res.json = (data) => {
-            res.setHeader('Content-Type', 'application/json');
-            res.end(JSON.stringify(data));
-        }
-
-        res.send = (data) => {
-            res.setHeader('Content-Type', 'text/plain');
-            res.end(data);
-        }
-    }
-
-
+  constructor() {
+    super();
+  }
+
+  listen(port, callback) {
+    const server = http.createServer((req, res) => {
+      const myURL = new URL(req.url, "http://" + req.headers.host);
+      const pathURL = myURL.pathname;
+      const urlParams = Object.fromEntries(myURL.searchParams);
+
+      req.url = pathURL;
+      req.query = urlParams;
+
+      Shadowgraph(req, res, () => {
+        this.__addHelper(res);
+        EasyCors()(req, res, () => {
+          Teleforce(req, res, () => {
+            const done = (err) => {
+              if (!err) {
+                res.statusCode = 404;
+                res.end("Not Found");
+              } else {
+                BlackBox.ignite(err, req, res);
+              }
+            };
+            if (req.headers["content-type"]?.includes("application/json")) {
+              let dataString = [];
+              let chunklenght = 0;
+              req.on("data", (chunk) => {
+                dataString.push(chunk);
+                chunklenght = chunklenght + chunk.length;
+
+                if (chunklenght > 2e6) {
+                  req.pause();
+                  res.statusCode = 413;
+                  res.end("Request Entity Too Large");
+                  return;
+                }
+              });
+
+              req.on("end", () => {
+                try {
+                  if (dataString.length > 0) {
+                    const buffer = Buffer.concat(dataString).toString();
+                    req.body = JSON.parse(buffer);
+                  } else {
+                    req.body = {};
+                  }
+                } catch (error) {
+                  res.statusCode = 400;
+                  res.end("Bad Request: Invalid JSON");
+                  return;
+                }
+                this.handle(req, res, done);
+              });
+            }
+            else {
+                req.body = {};
+                this.handle(req, res, done);
+            }
+          });
+        });
+      });
+    });
+    server.listen(port, callback);
+    return server;
+  }
+
+  __addHelper(res) {
+    res.json = (data) => {
+      res.setHeader("Content-Type", "application/json");
+      res.end(JSON.stringify(data));
+    };
+
+    res.send = (data) => {
+      res.setHeader("Content-Type", "text/plain");
+      res.end(data);
+    };
+  }
 }
 
 export default Core;

package/core/Remote.js

@@ -1,3 +1,5 @@
+import { isPromise } from "../utils/isPromise.js";
+
 
 class Remote {
 
@@ -29,7 +31,11 @@ class Remote {
                 }
 
                 try {
-                    fn(req, res, internalNext);
+                    let results = fn(req, res, internalNext);
+
+                    if(isPromise(results)){
+                       results.catch(internalNext); 
+                    }
                 }
                 catch (error) {
                     internalNext(error);
@@ -118,7 +124,6 @@ class Remote {
                         }
                         route.handler.handle(req, res, done);
 
-                        console.log('Esto es un sub router')
                     } else {
 
                         route.handler(req, res, next);

package/database/Connection.js

@@ -19,20 +19,15 @@ class Connection {
             await this.client.connect()
             return;
         }
-        if(DB_DRIVER === 'mysql'){
-            await this.__connectMysql()
-            return;
-        }
+
         throw new Error("Driver no soportado" + DB_DRIVER)
     }
 
 
 
-    static async __connectMysql(){
-
-    }
 
     static async query(sql, params){
+        if(!this.client) throw new Error("No hay conexion activa")
         return this.client.query(sql, params);
     }
 }

package/database/Model.js

@@ -34,7 +34,7 @@ class Model {
     }
 
     static orderBy(...params){
-        return this.query().orderby(...params);
+        return this.query().orderBy(...params);
     }
         static limit(...params){
         return this.query().limit(...params);

package/database/dialects/Postgres.js

@@ -40,10 +40,10 @@ class Postgres extends Driver {
         }
         catch (e) {
             if (e.code === 'ERR_MODULE_NOT_FOUND') {
-                console.log('Por favor utiliza el comando npm install pg')
+                throw new Error('Por favor utiliza el comando npm install pg')
             }
             else {
-                console.error(e)
+                throw new Error(e.message)
             }
         }
     }
@@ -51,14 +51,19 @@ class Postgres extends Driver {
 
     async query(sql, params) {
         if (!this.client) {
-            return console.log("Dynamo: No hay ninguna conexion activa")
+            throw new Error("Database not connected")
         }
+        try{
         const result = await this.client.query(sql, params);
         return {
             rows: result.rows,
             count: result.rowCount
         }
     }
+    catch(err){
+        throw new Error(`Database Query Failed:${err.code}: ${err.message}`)
+    }
+    }
 
     compileSelect(builder) {
         const stringColums = builder.columns.join(', ')

package/dev-tools/DevRunner.js

@@ -1,6 +1,6 @@
 
 import LiveCurrent from "./LiveCurrent.js";
 
-const Live =  new LiveCurrent('Server.js')
+const Live =  new LiveCurrent('app.js')
 
 Live.boot()

package/dev-tools/LiveCurrent.js

@@ -1,6 +1,6 @@
 import fs from 'fs/promises'
 import { spawn } from 'child_process'
-import chalk from 'chalk'
+import { green } from '../utils/console.js';
 class LiveCurrent{
     constructor(entryPoint){
         this.entryPoint = entryPoint;
@@ -14,7 +14,7 @@ class LiveCurrent{
 
     ignite(){
         this.process=  spawn('node', [this.entryPoint], {stdio: 'inherit'});
-        console.log(chalk.greenBright(`LiveCurrent: Iniciando Servidor...`));
+        console.log(green(`LiveCurrent: Iniciando Servidor...`));
     }
     reload(){
         if(this.process){

package/index.js

@@ -1,11 +1,11 @@
 /**
- * Tesla Framework - Main Export
+ * Nicola Framework - Main Export
  * 
  * Punto de entrada principal del framework
  */
 
 // Core
-export { default as Tesla } from './core/Core.js';
+export { default as Nicola } from './core/Core.js';
 export { default as Remote } from './core/Remote.js';
 
 // Middlewares
@@ -21,11 +21,10 @@ export { default as Regulator } from './security/Regulator.js';
 
 // Dev Tools
 export { default as LiveCurrent } from './dev-tools/LiveCurrent.js';
-export { default as DevRunner } from './dev-tools/DevRunner.js';
 
 // Database (Dynamo ORM)
 export { default as Dynamo } from './database/index.js';
 
-// Default export (Tesla Core)
-import Tesla from './core/Core.js';
-export default Tesla;
+// Default export (Nicola Core)
+import Nicola from './core/Core.js';
+export default Nicola;

package/middlewares/EasyCors.js

@@ -1,19 +1,38 @@
+const EasyCors = (options = {}) => {
+  const allowedOrigin = options.origin || "*";
 
+  return (req, res, next) => {
+    const whitelist = Array.isArray(allowedOrigin)
+      ? allowedOrigin
+      : [allowedOrigin];
+    const incomingOrigin = req.headers.origin;
+    if ((incomingOrigin && whitelist.includes(incomingOrigin)) || (whitelist.includes('*'))) {
+      if (whitelist.includes("*")) {
+            res.setHeader("Access-Control-Allow-Origin", `*`);
+      }
+      else{
+              res.setHeader("Access-Control-Allow-Origin", `${req.headers.origin}`);
+      }
+      res.setHeader(
+        "Access-Control-Allow-Methods",
+        "GET, POST, PUT, DELETE, OPTIONS, PATCH"
+      );
+      res.setHeader(
+        "Access-Control-Allow-Headers",
+        "Content-Type, Authorization"
+      );
 
-const EasyCors = (req, res, next) =>{
-    res.setHeader('Access-Control-Allow-Origin','*')
-    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS, PATCH')
-    res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization')
-
-    if(req.method === 'OPTIONS'){
-        res.statusCode = 204
-        res.end()
+      if (req.method === "OPTIONS") {
+        res.statusCode = 204;
+        res.end();
         return;
+      } else {
+        next();
+      }
+    } else {
+      next();
     }
-    else{
-        next()
-    }
-}
-
+  };
+};
 
-export default EasyCors;
+export default EasyCors;

package/middlewares/Shadowgraph.js

@@ -1,10 +1,9 @@
-import chalk from 'chalk'
-
+import { green } from "../utils/console.js";
 const Shadowgraph = (req, res, next) =>{
     const inicio = Date.now()
     res.on('finish', () =>{
         const duracion = Date.now() - inicio 
-        console.log(chalk.green(`[${req.method}] ${req.url} - ${res.statusCode} ${res.statusMessage} - ${duracion}ms`))
+        console.log(green(`[${req.method}] ${req.url} - ${res.statusCode} ${res.statusMessage} - ${duracion}ms`))
     })
     next()
 }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "nicola-framework",
-  "version": "1.0.0",
-  "description": "Zero-dependency web framework for Node.js",
+  "version": "1.0.2",
+  "description": "Web framework for Node.js",
   "type": "module",
   "main": "index.js",
   "exports": {
@@ -13,7 +13,7 @@
     "./database": "./database/index.js"
   },
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "test": "node --experimental-vm-modules ./node_modules/jest/bin/jest.js"
   },
   "keywords": [
     "framework",
@@ -22,12 +22,12 @@
     "server",
     "router",
     "middleware",
-    "zero-dependency",
     "orm"
   ],
-  "author": "Your Name",
+  "author": "Erick Mauricio Tiznado Rodriguez",
   "license": "MIT",
-  "dependencies": {
-    "chalk": "^5.6.2"
+  "devDependencies": {
+    "jest": "^30.2.0",
+    "supertest": "^7.2.2"
   }
 }

package/security/Coherer.js

@@ -1,53 +1,78 @@
-import crypto from 'crypto'
-import Regulator from './Regulator.js';
+import crypto from "crypto";
+import Regulator from "./Regulator.js";
+import { getExpTime } from "../utils/expTime.js";
 
-class Coherer{
-    constructor(){
+class Coherer {
+  constructor() {}
 
-    }
-    static SECRET = process.env.TESLA_SECRET || 'tesla_secret_dev_key'
+  static codec(jsonData) {
+    const dataString = JSON.stringify(jsonData);
+    const buffer = Buffer.from(dataString);
+    return buffer.toString("base64url");
+  }
+
+  static sign(Payload, options) {
+    const SECRET = process.env.NICOLA_SECRET
+    if (!SECRET)
+      throw new Error("Please configure, NICOLA_SECRET in the .env file");
+
+    let payloadB64 = "";
 
-    static codec(jsonData){
-        const dataString = JSON.stringify(jsonData);
-        const buffer =  Buffer.from(dataString);
-        return buffer.toString('base64url')
+    if ("expiresIn" in options) {
+      const time = getExpTime(options.expiresIn);
+      const newPayload = { ...Payload, exp: time };
+      payloadB64 = this.codec(newPayload);
+    } else {
+      throw new Error("Expire time invalid");
     }
 
-    static sign(Payload){
-        const payloadB64 = this.codec(Payload);
-        const header = {
-            alg: 'HS256',
-            typ: 'JWT'
-        }
-        const headerB64 = this.codec(header)
+    const header = {
+      alg: "HS256",
+      typ: "JWT",
+    };
+    const headerB64 = this.codec(header);
 
-        const data = headerB64 + '.' + payloadB64
+    const data = headerB64 + "." + payloadB64;
 
-        const signature = crypto.createHmac('sha256', this.SECRET)
-                                .update(data)
-                                .digest('base64url')
+    const signature = crypto
+      .createHmac("sha256", SECRET)
+      .update(data)
+      .digest("base64url");
 
-        return data + '.' + signature
-    }
-    static verify(data){
-       const [headerB64, payloadB64, signature] = data.token.split('.');
+    return data + "." + signature;
+  }
 
-        const dataToCheck =  headerB64 + '.' + payloadB64
+  static verify(token) {
+    const SECRET = process.env.NICOLA_SECRET
+        if (!SECRET)
+      throw new Error("Please configure, NICOLA_SECRET in the .env file");
+    const [headerB64, payloadB64, signature] = token.split(".");
 
-        const signatureToChecks = crypto.createHmac('sha256', this.SECRET)
-                                .update(dataToCheck)
-                                .digest('base64url')
+    const dataToCheck = headerB64 + "." + payloadB64;
 
-        if(signature === signatureToChecks){
-            let decodedPayload = Buffer.from(payloadB64, 'base64url').toString('utf-8')
-            decodedPayload = JSON.parse(decodedPayload)
-            return decodedPayload
-        }
-        else{
-            throw new Error('Token Invalido')
+    const signatureToChecks = crypto
+      .createHmac("sha256", SECRET)
+      .update(dataToCheck)
+      .digest("base64url");
+
+    if (signature === signatureToChecks) {
+      let decodedPayload = Buffer.from(payloadB64, "base64url").toString(
+        "utf-8"
+      );
+
+      decodedPayload = JSON.parse(decodedPayload);
+      if ("exp" in decodedPayload) {
+        const datenow = Date.now() / 1000;
+
+        if (datenow > decodedPayload.exp) {
+          throw new Error("Token Expired");
         }
+      }
+      return decodedPayload;
+    } else {
+      throw new Error("Token Invalido");
     }
+  }
 }
 
-
-export default Coherer;
+export default Coherer;

package/test/Coherer.test.js

@@ -0,0 +1,73 @@
+import Coherer from '../security/Coherer.js'; // Ajusta la ruta según tu estructura
+// Nota: Jest inyecta 'describe', 'test', 'expect' globalmente, no hace falta importarlos.
+
+describe('🛡️ Módulo de Seguridad (Coherer)', () => {
+
+    // Antes de todos los tests, configuramos el entorno
+    beforeAll(() => {
+        process.env.NICOLA_SECRET = 'test_secret_key_123';
+    });
+
+    // Limpiamos después (buena práctica)
+    afterAll(() => {
+        delete process.env.NICOLA_SECRET;
+    });
+
+    describe('Happy Path (Lo que debe salir bien)', () => {
+        
+        test('Debe firmar y verificar un token correctamente', () => {
+            const payload = { userId: 1, role: 'admin' };
+            const options = { expiresIn: '1h' };
+
+            // 1. Firmar
+            const token = Coherer.sign(payload, options);
+            
+            // Verificamos que sea un string y tenga 3 partes (header.payload.signature)
+            expect(typeof token).toBe('string');
+            expect(token.split('.')).toHaveLength(3);
+
+            // 2. Verificar
+            const decoded = Coherer.verify(token);
+
+            // Verificamos que la data sea la misma
+            expect(decoded.userId).toBe(payload.userId);
+            expect(decoded.role).toBe(payload.role);
+            
+            // Verificamos que se haya agregado la expiración
+            expect(decoded).toHaveProperty('exp');
+        });
+    });
+
+    describe('Sad Path (Errores esperados)', () => {
+
+        test('Debe fallar si no se define una expiración', () => {
+            const payload = { userId: 1 };
+            
+            // En Jest, para probar errores, envolvemos la llamada en una función anónima () =>
+            expect(() => {
+                Coherer.sign(payload, {}); 
+
+            }).toThrow('Expire time invalid');
+        });
+
+        test('Debe fallar si el token es basura', () => {
+            const tokenBasura = 'esto.no.es.valido';
+
+            expect(() => {
+                Coherer.verify(tokenBasura);
+            }).toThrow(); // Esperamos cualquier error (Firma inválida, malformado, etc.)
+        });
+
+        test('Debe fallar si la firma ha sido manipulada', () => {
+            const tokenReal = Coherer.sign({ id: 1 }, { expiresIn: '1h' });
+            const partes = tokenReal.split('.');
+            
+            // Hack: Cambiamos la firma (última parte) por otra cosa
+            const tokenFalso = `${partes[0]}.${partes[1]}.FIRMA_FALSA`;
+
+            expect(() => {
+                Coherer.verify(tokenFalso);
+            }).toThrow('Token Invalido');
+        });
+    });
+});

package/test/Core.test.js

@@ -0,0 +1,96 @@
+import request from "supertest";
+import Core from "../core/Core.js";
+
+describe("🧠 Core System (Core.js)", () => {
+  let app;
+  let server;
+
+  beforeAll((done) => {
+    app = new Core();
+
+    app.get("/ping", (req, res) => {
+      res.statusCode = 200;
+      res.end("pong");
+    });
+
+    app.get("/query", (req, res) => {
+      res.json({ query: req.query });
+    });
+
+    app.post("/json", (req, res) => {
+      res.json({ body: req.body });
+    });
+
+    server = app.listen(0, done);
+  });
+
+  afterAll((done) => {
+    server.close(done);
+  });
+
+  test("GET /ping responde 200", async () => {
+    const res = await request(server).get("/ping");
+    expect(res.statusCode).toBe(200);
+    expect(res.text).toBe("pong");
+  });
+
+  test("Aplica headers de Teleforce", async () => {
+    const res = await request(server).get("/ping");
+    expect(res.headers["x-content-type-options"]).toBe("nosniff");
+    expect(res.headers["x-frame-options"]).toBe("Deny");
+    expect(res.headers["x-xss-protection"]).toBe("1");
+  });
+
+  test("Parsea querystring y lo expone en req.query", async () => {
+    const res = await request(server).get("/query?x=1&y=hola");
+    expect(res.statusCode).toBe(200);
+    expect(res.body).toEqual({ query: { x: "1", y: "hola" } });
+  });
+
+  test("POST JSON válido -> req.body parseado", async () => {
+    const res = await request(server)
+      .post("/json")
+      .set("Content-Type", "application/json; charset=utf-8")
+      .send(JSON.stringify({ a: 1 }));
+
+    expect(res.statusCode).toBe(200);
+    expect(res.body).toEqual({ body: { a: 1 } });
+  });
+
+  test("POST JSON inválido -> 400", async () => {
+    const res = await request(server)
+      .post("/json")
+      .set("Content-Type", "application/json")
+      .send("{invalid");
+
+    expect(res.statusCode).toBe(400);
+    expect(res.text).toBe("Bad Request: Invalid JSON");
+  });
+
+  test("Sin Content-Type -> req.body = {}", async () => {
+    const res = await request(server).post("/json").send("no-json");
+    expect(res.statusCode).toBe(200);
+    expect(res.body).toEqual({ body: {} });
+  });
+
+  test("OPTIONS responde 204 y headers CORS", async () => {
+    const res = await request(server).options("/ping");
+    expect(res.statusCode).toBe(204);
+    expect(res.headers["access-control-allow-origin"]).toBe("*");
+    expect(res.headers["access-control-allow-methods"]).toBe(
+      "GET, POST, PUT, DELETE, OPTIONS, PATCH"
+    );
+  });
+
+  test("Body > ~2MB -> 413", async () => {
+    const big = "{\"x\":\"" + "a".repeat(2_000_001) + "\"}";
+
+    const res = await request(server)
+      .post("/json")
+      .set("Content-Type", "application/json")
+      .send(big);
+
+    expect(res.statusCode).toBe(413);
+    expect(res.text).toBe("Request Entity Too Large");
+  });
+});

package/test/Router.test.js

@@ -0,0 +1,76 @@
+import request from 'supertest';
+import { createServer } from 'http';
+import Remote from '../core/Remote.js'; // Ajusta la ruta si es necesario
+
+describe('🚦 Router System (Remote.js)', () => {
+    let router;
+    let server;
+
+    // Antes de todos los tests, configuramos una "App de Mentira"
+    beforeAll(() => {
+        router = new Remote();
+
+        // 1. Ruta Básica
+        router.get('/', (req, res) => {
+            res.statusCode = 200;
+            res.end('Hola Nicola');
+        });
+
+        // 2. Ruta con Parámetros
+        router.get('/user/:id', (req, res) => {
+            res.statusCode = 200;
+            res.setHeader('Content-Type', 'application/json');
+            res.end(JSON.stringify({ id: req.params.id }));
+        });
+
+        // 3. Ruta Suicida (Async Error) - Para probar tu arreglo P0
+        router.get('/crash', async (req, res) => {
+            throw new Error('Boom Async!'); 
+        });
+
+        // Creamos el servidor nativo que usa tu Router
+        server = createServer((req, res) => {
+            // Tu router recibe (req, res, done)
+            router.handle(req, res, (err) => {
+                // Este es el "Final Handler" (lo que sería tu BlackBox o default)
+                if (err) {
+                    res.statusCode = 500;
+                    res.end(err.message); // Devolvemos el error capturado
+                } else {
+                    res.statusCode = 404;
+                    res.end('Not Found');
+                }
+            });
+        });
+    });
+
+    describe('Rutas y Navegación', () => {
+        test('GET / debe responder 200 OK', async () => {
+            const response = await request(server).get('/');
+            expect(response.statusCode).toBe(200);
+            expect(response.text).toBe('Hola Nicola');
+        });
+
+        test('GET /unknown debe responder 404', async () => {
+            const response = await request(server).get('/ruta-que-no-existe');
+            expect(response.statusCode).toBe(404);
+        });
+
+        test('GET /user/123 debe capturar parámetros', async () => {
+            const response = await request(server).get('/user/555');
+            expect(response.statusCode).toBe(200);
+            expect(response.body).toEqual({ id: '555' });
+        });
+    });
+
+    describe('🛡️ Blindaje de Errores (P0 Fix)', () => {
+        test('Debe capturar errores en handlers async y no colgarse', async () => {
+            // Si tu fix del principio funciona, esto devolverá 500.
+            // Si NO funciona, este test dará timeout porque el servidor se quedará colgado.
+            const response = await request(server).get('/crash');
+            
+            expect(response.statusCode).toBe(500);
+            expect(response.text).toBe('Boom Async!');
+        });
+    });
+});

package/utils/console.js

@@ -0,0 +1,31 @@
+const CODE = {
+  reset: "\x1b[0m",
+  negrita: "\x1b[1m",
+  brigth: "\x1b[1m",
+  red: "\x1b[31m",
+  green: "\x1b[32m",
+  yellow: "\x1b[33m",
+  blue: "\x1b[34m",
+  cyan: "\x1b[36m",
+  magent: "\x1b[35m",
+};
+
+
+
+export const paint = (color, text) =>{
+    if(!process.stdout.isTTY) return text;
+
+
+    return `${CODE[color] || ''}${text}${CODE.reset}`
+}
+
+
+
+export const red = (text) => paint('red', text);
+export const green = (text) => paint('green', text);
+export const yellow = (text) => paint('yellow', text);
+export const blue = (text) => paint('blue', text);
+export const cyan = (text) => paint('cyan', text);
+export const magent = (text) => paint('magent', text);
+export const brigth = (text) => paint('brigth', text);
+export const bold = (text) => paint('negrita', text);

package/utils/expTime.js

@@ -0,0 +1,30 @@
+
+export const getExpTime = (durationStr) => {
+
+const nowInSeconds =  Math.floor(Date.now() / 1000);
+
+if (!durationStr || typeof durationStr !== 'string') return null;
+
+const match = durationStr.match(/^(\d+)([smhdy])$/);
+
+if(!match){
+    throw new Error(`Invalid Format, use for example: 10h, 10s, 10m, 10d`)
+}
+
+const value =  parseInt(match[1], 10);
+const unit = match[2];
+
+let multiplier = 1;
+switch(unit){
+    case 'm' : multiplier = 60; break;
+    case 'h' : multiplier = 60 * 60; break;
+    case 'd' : multiplier = 24 * 60 * 60; break;
+    case 'y' : multiplier = 365 * 24 * 60 * 60; break;
+    default: multiplier = 1;
+}
+
+const secondsToadd = value * multiplier;
+
+return nowInSeconds + secondsToadd;
+
+}

package/utils/isPromise.js

@@ -0,0 +1,7 @@
+
+
+export const isPromise = (value) =>{
+    return (!!value && 
+        (typeof value === 'object' || typeof value === 'function')
+         && typeof value.then === 'function')
+}