primate 0.5.0 → 0.6.0

package/README.md

@@ -1,33 +1,23 @@
-# Primate: a JavaScript framework
+# Primate, A JavaScript Framework
 
-⚠️ **This software is currently its initial development phase. It is not
-considered production-ready. Expect breakage.** ⚠️
-
-Primate is a server-client JavaScript framework for web applications aimed at
-relieving you of dealing with repetitive, error-prone tasks and letting you
-concentrate on writing effective, expressive code.
+A full-stack Javascript framework with batteries included, Primate relieves you of dealing with repetitive, error-prone tasks and lets you concentrate on writing effective, expressive code.
 
 ## Installing
 
 ```
-yarn add primate
+npm install primate
 ```
 
-## Concepts
-
-* **Minimal** just one dependency ([ws][])
-* **Simple** only native web technologies (JavaScript, HTML)
-* **Full-stack** server and client, both in JavaScript
-* **Layered** separation of data (domains), logic (actions) and presentation
-(views)
-* **Correct** data verification using field definitions in domains
-* **Secure** serving hash-verified scripts on secure HTTP with a strong CSP
-* **Roles** access control with contexts
-* **Sessions** using cookies that are `HttpOnly`, `Secure` and `Path`-limited
-* **Sane defaults** minimally opinionated with good, overrideable defaults
-for most features
-* **Data linking** modeling `1:1`, `1:n` and `n:m` relationships on domains via
-cacheable ad-hoc getters
+## Highlights
+
+* Flexible HTTP routing, returning HTML, JSON or a custom handler
+* Secure by default with HTTPS, hash-verified scripts and a strong CSP
+* Built-in support for sessions with secure cookies
+* Input verification using data domains
+* Many different data store modules: In-Memory (built-in), [File][primate-store-file], [JSON][primate-store-json], [MongoDB][primate-store-mongodb]
+* Easy modelling of`1:1`, `1:n` and `n:m` relationships
+* Minimally opinionated with sane, overrideable defaults
+* No dependencies
 
 ## Getting started
 
@@ -38,19 +28,13 @@ See the [getting started][getting-started] guide.
 * [Source code][source-code]
 * [Issues][issues]
 
-A full guide is coming soon.
-
-## Versioning
-
-This software is still in its initial development phase and is not considered
-stable or recommended for production. Once we release a stable version `1`, we
-will move over to semantic versioning.
-
 ## License
 
 BSD-3-Clause
 
-[ws]: https://github.com/websockets/ws
 [getting-started]: https://primatejs.com/getting-started
-[source-code]: https://adaptivecloud.dev/primate/primate
-[issues]: https://adaptivecloud.dev/primate/primate/issues
+[source-code]: https://github.com/primatejs/primate
+[issues]: https://github.com/primatejs/primate/issues
+[primate-store-file]: https://npmjs.com/primate-store-file
+[primate-store-json]: https://npmjs.com/primate-store-json
+[primate-store-mongodb]: https://npmjs.com/primate-store-mongodb

package/debris.json

@@ -0,0 +1,4 @@
+{
+  "suites": "test/suites",
+  "fixtures": "test/fixtures"
+}

package/jsconfig.json

@@ -0,0 +1,8 @@
+{
+  "compilerOptions": {
+    "baseUrl": ".",
+    "target": "esnext",
+    "module": "esnext"
+  },
+  "exclude": ["node_modules"]
+}

package/package.json

@@ -1,25 +1,28 @@
 {
   "name": "primate",
-  "version": "0.5.0",
+  "version": "0.6.0",
   "author": "Primate core team <core@primatejs.com>",
   "homepage": "https://primatejs.com",
-  "bugs": "https://adaptivecloud.dev/primate/primate/issues",
-  "repository": "https://adaptivecloud.dev/primate/primate",
+  "bugs": "https://github.com/primatejs/primate/issues",
+  "repository": "https://github.com/primatejs/primate",
   "description": "Server-client framework",
   "license": "BSD-3-Clause",
-  "dependencies": {
-    "ws": "^8.5.0"
-  },
   "scripts": {
     "copy": "rm -rf output && mkdir output && cp source/* output -a",
     "instrument": "nyc instrument source ./output",
-    "stick": "node --experimental-json-modules node_modules/stick stick.json",
-    "coverage": "yarn instrument && nyc yarn run stick",
-    "test": "yarn copy && yarn run stick"
+    "debris": "node --experimental-json-modules node_modules/debris debris.json",
+    "coverage": "npm run instrument && nyc npm run debris",
+    "test": "npm run copy && npm run debris"
+  },
+  "devDependencies": {
+    "debris": "^0.2.2",
+    "eslint": "^8.13.0",
+    "eslint-plugin-json": "^3.1.0",
+    "nyc": "^15.1.0"
   },
   "type": "module",
-  "exports": "./source/server/exports.js",
+  "exports": "./source/exports.js",
   "engines": {
-    "node": ">=17.3.0"
+    "node": ">=17.9.0"
   }
 }

package/source/{server/App.js → App.js}

@@ -1,12 +1,12 @@
 import {resolve} from "path";
 import Bundler from "./Bundler.js";
 import File from "./File.js";
+import Directory from "./Directory.js";
 import Router from "./Router.js";
-import DynamicServer from "./servers/Dynamic.js";
-import StaticServer from "./servers/Static.js";
+import Server from "./Server.js";
 import cache from "./cache.js";
 import log from "./log.js";
-import package_json from "../../package.json" assert {"type": "json" };
+import package_json from "../package.json" assert {"type": "json"};
 
 export default class App {
   constructor(conf) {
@@ -29,33 +29,28 @@ export default class App {
   async run() {
     log.reset("Primate").yellow(package_json.version);
 
-    this.router = new Router(await this.routes, this.conf);
-    const {index, hashes} = await new this.Bundler(this.conf).bundle();
-    const {router} = this;
+    const routes = await Directory.list(this.conf.paths.routes);
+    for (const route of routes) {
+      await import(`${this.conf.paths.routes}/${route}`);
+    }
+    const index = await new this.Bundler(this.conf).bundle();
 
-    const conf = {index, hashes, router,
+    const conf = {index, "router": Router,
       "serve_from": this.conf.paths.public,
       "http": {
+        ...this.conf.http,
         "key": File.read_sync(resolve(this.conf.http.ssl.key)),
         "cert": File.read_sync(resolve(this.conf.http.ssl.cert)),
       },
-      "context": this.conf.defaults.context,
     };
-    this.static_server = new StaticServer(conf);
-    await this.static_server.run();
-
-    this.dynamic_server = new DynamicServer({router,
-      "path": this.conf.base,
-      "server": this.static_server.server,
-      "context": this.conf.defaults.context,
-    });
-    await this.dynamic_server.run();
+    this.server = new Server(conf);
+    await this.server.run();
 
     const {port, host} = this.conf.http;
-    this.static_server.listen(port, host);
+    this.server.listen(port, host);
   }
 
   stop() {
-    this.static_server.close();
+    this.server.close();
   }
 }

package/source/Bundler.js

@@ -0,0 +1,43 @@
+import {dirname} from "path";
+import {fileURLToPath} from "url";
+import File from "./File.js";
+
+const meta_url = fileURLToPath(import.meta.url);
+const directory = dirname(meta_url);
+const preset = `${directory}/preset`;
+
+export default class Bundler {
+  constructor(conf) {
+    this.conf = conf;
+    this.debug = conf.debug;
+    this.index = conf.files.index;
+    this.scripts = [];
+  }
+
+  async copy_with_preset(subdirectory, to) {
+    const {paths} = this.conf;
+
+    // copy files preset files first
+    await File.copy(`${preset}/${subdirectory}`, to);
+
+    // copy any user code over it, not recreating the folder
+    try {
+      await File.copy(paths[subdirectory], to, false);
+    } catch(error) {
+      // directory doesn't exist
+    }
+  }
+
+  async bundle() {
+    const {paths} = this.conf;
+
+    // copy static files to public
+    await this.copy_with_preset("static", paths.public);
+
+    // read index.html from public, then remove it (we serve it dynamically)
+    const index_html = await File.read(`${paths.public}/${this.index}`);
+    await File.remove(`${paths.public}/${this.index}`);
+
+    return index_html;
+  }
+}

package/source/{server/File.js → File.js}

@@ -31,6 +31,10 @@ export default class File {
     return this.exists && !this.stats.isDirectory();
   }
 
+  get stream() {
+    return this.read_stream;
+  }
+
   get read_stream() {
     return fs.createReadStream(this.path, {"flags": "r"});
   }

package/source/Router.js

@@ -0,0 +1,23 @@
+import {http404} from "./handlers/http.js";
+
+const aliases = [];
+const routes = [];
+const dealias = path => aliases.reduce((dealiased, {key, value}) =>
+  dealiased.replace(key, () => value), path);
+const push = (type, path, handler) =>
+  routes.push({type, "path": new RegExp(`^${dealias(path)}$`, "u"), handler});
+const find = (type, path, fallback) => routes.find(route =>
+  route.type === type && route.path.test(path))?.handler ?? fallback;
+
+export default {
+  "map": (path, callback) => push("map", path, callback),
+  "get": (path, callback) => push("get", path, callback),
+  "post": (path, callback) => push("post", path, callback),
+  "alias": (key, value) => aliases.push({key, value}),
+  "process": async request => {
+    const {pathname, method} = request;
+    request.path = pathname.split("/").filter(path => path !== "");
+    const verb = find(method, pathname, () => http404``);
+    return verb(await find("map", pathname, _ => _)(request));
+  },
+};

package/source/Server.js

@@ -0,0 +1,103 @@
+import zlib from "zlib";
+import {Readable} from "stream";
+import {createServer} from "https";
+import {join} from "path";
+import {parse} from "url";
+import Session from "./Session.js";
+import File from "./File.js";
+import {algorithm, hash} from "./crypto.js";
+import log from "./log.js";
+import codes from "./http-codes.json" assert {"type": "json"};
+import mimes from "./mimes.json" assert {"type": "json"};
+
+const regex = /\.([a-z1-9]*)$/u;
+const mime = filename => mimes[filename.match(regex)[1]] ?? mimes.binary;
+
+const stream = (from, response) => {
+  response.setHeader("Content-Encoding", "br");
+  response.writeHead(codes.OK);
+  return from.pipe(zlib.createBrotliCompress())
+    .pipe(response)
+    .on("close", () => response.end());
+};
+
+export default class Server {
+  constructor(conf) {
+    this.conf = conf;
+  }
+
+  async run() {
+    const {http} = this.conf;
+    const {csp, "same-site": same_site = "Strict"} = http;
+    this.csp = Object.keys(csp).reduce((policy_string, key) =>
+      policy_string + `${key} ${csp[key]};`, "");
+
+    this.server = await createServer(http, async (request, response) => {
+      const session = await Session.get(request.headers.cookie);
+      if (!session.has_cookie) {
+        const {cookie} = session;
+        response.setHeader("Set-Cookie", `${cookie}; SameSite=${same_site}`);
+      }
+      response.session = session;
+      const buffers = [];
+
+      for await (const chunk of request) {
+        buffers.push(chunk);
+      }
+
+      const data = Buffer.concat(buffers).toString();
+      const payload = Object.fromEntries(data
+        .split("&")
+        .map(part => part.split("="))
+        .filter(([, value]) => value !== ""));
+      this.try(parse(request.url).path, request, response, payload);
+    });
+  }
+
+  async try(url, request, response, payload) {
+    try {
+      await this.serve(url, request, response, payload);
+    } catch (error) {
+      console.log(error);
+//      await response.session.log("red", error.message);
+      response.writeHead(codes.InternalServerError);
+      response.end();
+    }
+  }
+
+  async serve_file(url, filename, file, response) {
+    response.setHeader("Content-Type", mime(filename));
+    response.setHeader("Etag", file.modified);
+    await response.session.log("green", url);
+    return stream(file.read_stream, response);
+  }
+
+  async serve(url, request, response, payload) {
+    const filename = join(this.conf.serve_from, url);
+    const file = await new File(filename);
+    return await file.is_file
+      ? this.serve_file(url, filename, file, response, payload)
+      : this.serve_data(url, request, response, payload);
+  }
+
+  async serve_data(pathname, request, response, payload) {
+    const {session} = response;
+    const request2 = {pathname, "method": request.method.toLowerCase(), payload};
+    const res = await this.conf.router.process(request2);
+    const {body, code, headers} = res;
+
+    const result = this.conf.index.replace("<body>", () => `<body>${body}`);
+    for (const [key, value] of Object.entries(headers)) {
+      response.setHeader(key, value);
+    }
+    response.setHeader("Content-Security-Policy", this.csp);
+    response.setHeader("Referrer-Policy", "same-origin");
+    response.writeHead(code);
+    response.end(result);
+  }
+
+  listen(port, host) {
+    log.reset("on").yellow(`https://${host}:${port}`).nl();
+    this.server.listen(port, host);
+  }
+}

package/source/Session.js

@@ -0,0 +1,26 @@
+import Domain from "./domain/Domain.js";
+
+const extract_id = cookie_header => cookie_header
+  ?.split(";").filter(text => text.includes("session_id="))[0]?.split("=")[1];
+
+export default class Session extends Domain {
+  static get fields() {
+    return {
+      "?data": Object,
+      "created": value => value ?? new Date(),
+    };
+  }
+
+  static async get(cookie_header) {
+    const session = await Session.touch({"_id": extract_id(cookie_header)});
+    await session.save();
+    if (session.new) {
+      session.has_cookie = false;
+    }
+    return session;
+  }
+
+  get cookie() {
+    return `session_id=${this._id}; Path=/; Secure; HttpOnly`;
+  }
+}

package/source/{server/conf.js → conf.js}

@@ -2,7 +2,7 @@ import {join, resolve} from "path";
 import cache from "./cache.js";
 import File from "./File.js";
 import extend_object from "./extend_object.js";
-import primate_json from "../preset/primate.json" assert {"type": "json" };
+import primate_json from "./preset/primate.json" assert {"type": "json" };
 
 const qualify = (root, paths) =>
   Object.keys(paths).reduce((sofar, key) => {

package/source/{server/domain → domain}/Domain.js

@@ -1,4 +1,3 @@
-import {resolve as path_resolve} from "path";
 import Field from "./Field.js";
 import {PredicateError} from "../errors.js";
 import EagerPromise from "../EagerPromise.js";
@@ -10,7 +9,7 @@ import {random} from "../crypto.js";
 const length = 12;
 
 export default class Domain {
-  static stores_directory = "data/stores";
+  static stores_directory = "stores";
   static store_file = "default.js";
 
   static {
@@ -27,8 +26,8 @@ export default class Domain {
       "in": value => value ?? random(length).toString("hex"),
     });
     return new Proxy(this, {"get": (target, property, receiver) =>
-      Reflect.get(target, property, receiver) ?? target.#proxy(property)
-    }).set({...document, errors})
+      Reflect.get(target, property, receiver) ?? target.#proxy(property),
+    }).set({...document, errors});
   }
 
   get Class() {
@@ -47,7 +46,7 @@ export default class Domain {
   }
 
   static get store() {
-    return EagerPromise.resolve(cache(this, "store", async () =>
+    return EagerPromise.resolve(cache(this, "store", () =>
       Store.get(this.stores_directory, this.store_file)
     ));
   }
@@ -101,8 +100,8 @@ export default class Domain {
   #link(name) {
     const field = this.fields[`${name}_id`];
     if (field?.is_domain) {
-      const collection = field.Type.collection;
-      const cache = this.Class.cache;
+      const {collection} = field.Type;
+      const {cache} = this.Class;
       if (cache[collection] === undefined) {
         cache[collection] = {};
       }
@@ -110,9 +109,8 @@ export default class Domain {
         cache[collection][this[`${name}_id`]] = field.by_id(this[`${name}_id`]);
       }
       return cache[collection][this[`${name}_id`]];
-    } else {
-      return undefined
     }
+    return undefined;
   }
 
   // Serializing is done from the instance's point of view.
@@ -163,7 +161,7 @@ export default class Domain {
 
   async verify(delta) {
     this.set(delta);
-    const fields = this.fields;
+    const {fields} = this;
     this.errors = (await Promise.all(Object.keys(fields).map(async property =>
       ({property, "value": await fields[property].verify(property, this)}))))
       .filter(result => typeof result.value === "string")

package/source/{server/domain → domain}/domains.js

@@ -4,7 +4,7 @@ import Field from "./Field.js";
 import Domain from "./Domain.js";
 
 const domains = {};
-const base = conf().paths.data.domains;
+const base = conf().paths.domains;
 
 for (const domain of await new File(base).list(".js")) {
   const name = domain.slice(0, -3);

package/source/{server/exports.js → exports.js}

@@ -2,9 +2,7 @@ import conf from "./conf.js";
 import App from "./App.js";
 
 export {App};
-export {default as Action} from "./Action.js";
 export {default as Bundler} from "./Bundler.js";
-export {default as Context} from "./Context.js";
 export {default as Directory} from "./Directory.js";
 export {default as File} from "./File.js";
 export {default as EagerPromise, eager} from "./EagerPromise.js" ;
@@ -23,6 +21,10 @@ export {default as log} from "./log.js";
 export {default as extend_object} from "./extend_object.js";
 export {default as sanitize} from "./sanitize.js";
 
+export {default as html} from "./handlers/html.js";
+export {default as redirect} from "./handlers/redirect.js";
+export {default as router} from "./Router.js";
+
 const app = new App(conf());
 
 export {app};