quantum-flow 1.3.10 → 1.4.0

package/README.md

@@ -41,7 +41,8 @@ import {
   Request,
   Response,
   Status,
-  USE
+  USE,
+  CORS
 } from 'quantum-flow/core';
 import {IsString} from  'class-validator'
 
@@ -58,10 +59,12 @@ class UserDto {
     return { data, intercepted: true };
   },
 })
+@CORS({ origin: '*' })
 @Catch((err) => ({ status: 500, err }))
 export class User {
   @Status(201)
   @PUT(':id',[...middlewares])
+  @CORS({ origin: '*' })
   async createUser(
     @Body(UserDto) body: UserDto,
     @Query() query: any,
@@ -97,7 +100,7 @@ Use the `@Server` decorator with configuration options like port, host, controll
 ```typescript
 import { Server, Port, Host, Use, Catch, HttpServer } from 'quantum-flow/http';
 
-@Server({ controllers: [RootController] })
+@Server({ controllers: [RootController], cors: { origin: '*' } })
 @Port(3000)
 @Host('localhost')
 @Use((data) => data)
@@ -115,6 +118,7 @@ server.listen().catch(console.error);
 - Use `@Use` to apply middlewares.
 - Use `@Catch` to handle errors.
 - Use `@Port` and `@Host` to configure server port and host.
+- Use `@CORS` to configure cors.
 
 ## Request decorators
 
@@ -160,8 +164,6 @@ Enable WebSocket in the server configuration and register WebSocket controllers.
 export class Socket {
   @OnConnection()
   onConnection(event: WebSocketEvent) {
-    console.log(`✅ Connected: ${event.client.id}`);
-
     // Send greeting ONLY to this client
     event.client.socket.send(
       JSON.stringify({
@@ -181,8 +183,6 @@ export class Socket {
     // The message is ALREADY automatically broadcast to all!
 
     const msg = event.message?.data;
-    console.log(`💬 Message in chat: ${msg?.text}`);
-
     // You can add logic, but no need to broadcast
     if (msg?.text.includes('bad')) {
       // If return empty, the message will not be sent
@@ -197,7 +197,6 @@ export class Socket {
    */
   @Subscribe('news')
   onNewsMessage(event: WebSocketEvent) {
-    console.log(`📰 News: ${event.message?.data.title}`);
     // Automatic broadcast to all subscribed to 'news'
   }
 
@@ -221,7 +220,6 @@ export class Socket {
   @OnMessage('subscribe')
   onSubscribe(event: WebSocketEvent) {
     const topic = event.message?.data.topic;
-    console.log(`📌 Client ${event.client.id} subscribed to ${topic}`);
 
     // Server will save the subscription automatically, no need to do anything!
     // Just confirm

package/dist/app/aws/helpers.d.ts

@@ -0,0 +1,25 @@
+import { AppRequest, HTTP_METHODS } from '../../types/index.js';
+import { IncomingHttpHeaders } from 'http';
+export declare class LResponse {
+    headers: IncomingHttpHeaders;
+    constructor();
+    setHeader(header: string, value: string): void;
+}
+export declare class LRequest {
+    headers: IncomingHttpHeaders;
+    url: URL;
+    method: HTTP_METHODS;
+    path?: string;
+    query?: any;
+    params?: any;
+    body: any;
+    cookies: Record<string, string>;
+    _startTime: number;
+    event?: any;
+    context?: any;
+    requestId?: string;
+    stage?: string;
+    sourceIp?: string;
+    userAgent?: string;
+    constructor(request: AppRequest);
+}

package/dist/app/aws/helpers.js

@@ -0,0 +1,46 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LRequest = exports.LResponse = void 0;
+class LResponse {
+    headers = {};
+    constructor() { }
+    setHeader(header, value) {
+        this.headers[header] = value;
+    }
+}
+exports.LResponse = LResponse;
+class LRequest {
+    headers;
+    url;
+    method;
+    path;
+    query;
+    params;
+    body;
+    cookies;
+    _startTime;
+    event;
+    context;
+    requestId;
+    stage;
+    sourceIp;
+    userAgent;
+    constructor(request) {
+        this.headers = { ...request.headers };
+        this.url = request.url;
+        this.method = request.method;
+        this.path = request.path;
+        this.query = request.query;
+        this.params = request.params;
+        this.body = request.body;
+        this.cookies = request.cookies;
+        this._startTime = request._startTime;
+        this.event = request.event;
+        this.context = request.context;
+        this.requestId = request.requestId;
+        this.stage = request.stage;
+        this.sourceIp = request.sourceIp;
+        this.userAgent = request.userAgent;
+    }
+}
+exports.LRequest = LRequest;

package/dist/app/aws/lambda.js

@@ -1,7 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.LambdaAdapter = void 0;
+const _constants_1 = require("../../constants.js");
 const _utils_1 = require("../../utils/index.js");
+const helpers_1 = require("./helpers");
 class LambdaAdapter {
     static createHandler(Controller) {
         return async (event, context) => {
@@ -10,14 +12,27 @@ class LambdaAdapter {
                 await instance.beforeStart?.();
             }
             try {
+                const cors = Reflect.getMetadata(_constants_1.CORS_METADATA, instance);
                 const eventType = this.getEventType(event);
                 const normalizedEvent = (0, _utils_1.normalizeEvent)(event, eventType);
                 const request = this.toRequest(normalizedEvent, context);
+                const lambdaRequest = new helpers_1.LRequest(request);
+                const lambdaResponse = new helpers_1.LResponse();
+                let handledCors = { permitted: true, continue: true };
+                if (cors) {
+                    handledCors = (0, _utils_1.handleCORS)(request, lambdaResponse, cors);
+                }
+                if (!handledCors.permitted) {
+                    return this.toLambdaResponse({ status: 403, message: 'CORS: Origin not allowed' }, lambdaRequest, lambdaResponse, eventType);
+                }
+                if (!handledCors.continue && handledCors.permitted) {
+                    return this.toLambdaResponse({ status: 204 }, lambdaRequest, lambdaResponse, eventType);
+                }
                 if (typeof instance.handleRequest !== 'function') {
                     throw new Error('Controller must have handleRequest method');
                 }
-                const response = await instance.handleRequest(request);
-                return this.toLambdaResponse(response, request, eventType);
+                const response = await instance.handleRequest(request, lambdaRequest, lambdaResponse);
+                return this.toLambdaResponse(response, lambdaRequest, lambdaResponse, eventType);
             }
             catch (error) {
                 return this.handleError(error, event, context);
@@ -109,12 +124,13 @@ class LambdaAdapter {
                 : event.headers['user-agent']?.[0] || 'unknown',
         };
     }
-    static toLambdaResponse(response, request, eventType) {
-        const statusCode = response.status || 200;
+    static toLambdaResponse(appResponse, request, res, eventType) {
+        const statusCode = appResponse.status || 200;
         const headers = {
             'Content-Type': 'application/json',
             'X-Request-Id': request.requestId,
-            ...(response.headers || {}),
+            ...(appResponse.headers || {}),
+            ...res.headers,
         };
         const originHeader = request.headers['origin'] || request.headers['Origin'];
         let origin;
@@ -135,13 +151,13 @@ class LambdaAdapter {
         }
         const body = JSON.stringify({
             success: statusCode < 400,
-            data: response.data,
+            data: appResponse.data,
             timestamp: new Date().toISOString(),
         });
         const commonResponse = {
             statusCode,
             headers,
-            body: response.data,
+            body: appResponse.data,
             timestamp: new Date().toISOString(),
         };
         switch (eventType) {

package/dist/app/aws/utils/response.d.ts

@@ -0,0 +1,7 @@
+import { AppRequest } from '../../../types/index.js';
+import { IncomingHttpHeaders } from 'http';
+export declare class Response {
+    headers: IncomingHttpHeaders;
+    constructor(request: AppRequest);
+    setHeader(header: string, value: string): void;
+}

package/dist/app/aws/utils/response.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Response = void 0;
+class Response {
+    headers;
+    constructor(request) {
+        this.headers = { ...request.headers };
+    }
+    setHeader(header, value) {
+        this.headers[header] = value;
+    }
+}
+exports.Response = Response;

package/dist/app/http/Application.js

@@ -101,6 +101,16 @@ class HttpServer extends Socket_1.Socket {
         const startTime = Date.now();
         try {
             const request = await this.createRequest(req);
+            let handledCors = { permitted: true, continue: true };
+            if (this.config.cors) {
+                handledCors = (0, _utils_1.handleCORS)(request, res, this.config.cors);
+            }
+            if (!handledCors.permitted) {
+                return this.sendResponse(res, { status: 403, message: 'CORS: Origin not allowed' }, startTime);
+            }
+            if (!handledCors.continue && handledCors.permitted) {
+                return this.sendResponse(res, { status: 204 }, startTime);
+            }
             let appRequest = await this.applyMiddlewares(request, req, res);
             let data = await this.findController(appRequest, req, res);
             const isError = !_constants_1.OK_STATUSES.includes(data.status);

package/dist/app/http/decorators.js

@@ -12,6 +12,7 @@ function Server(config = {}) {
             ...config,
             controllers: [...(existingConfig.controllers || []), ...(config.controllers || [])],
             middlewares: [...(existingConfig.middlewares ?? []), ...(config.middlewares ?? [])],
+            cors: config.cors,
             interceptors: existingConfig.interceptor ?? config.interceptor,
         };
         Reflect.defineMetadata(_constants_1.SERVER_CONFIG_KEY, mergedConfig, target);

package/dist/constants.d.ts

@@ -20,3 +20,4 @@ export declare const OK_STATUSES: number[];
 export declare const TO_VALIDATE: string[];
 export declare const STATISTIC: Record<'controllers' | 'routes', number>;
 export declare const INCREMENT_STATISTIC: (prop: "controllers" | "routes") => void;
+export declare const CORS_METADATA = "cors:config";

package/dist/constants.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.INCREMENT_STATISTIC = exports.STATISTIC = exports.TO_VALIDATE = exports.OK_STATUSES = exports.STOPPED = exports.CATCH = exports.INTECEPT = exports.WS_SERVICE_KEY = exports.WS_TOPIC_KEY = exports.WS_METADATA_KEY = exports.USE_MIDDLEWARE = exports.SERVER_MODULES_KEY = exports.SERVER_CONFIG_KEY = exports.OK_METADATA_KEY = exports.ENDPOINT = exports.INTERCEPTOR = exports.CONTROLLERS = exports.MIDDLEWARES = exports.ROUTE_MIDDLEWARES = exports.ROUTE_PREFIX = exports.APP_METADATA_KEY = exports.PARAM_METADATA_KEY = void 0;
+exports.CORS_METADATA = exports.INCREMENT_STATISTIC = exports.STATISTIC = exports.TO_VALIDATE = exports.OK_STATUSES = exports.STOPPED = exports.CATCH = exports.INTECEPT = exports.WS_SERVICE_KEY = exports.WS_TOPIC_KEY = exports.WS_METADATA_KEY = exports.USE_MIDDLEWARE = exports.SERVER_MODULES_KEY = exports.SERVER_CONFIG_KEY = exports.OK_METADATA_KEY = exports.ENDPOINT = exports.INTERCEPTOR = exports.CONTROLLERS = exports.MIDDLEWARES = exports.ROUTE_MIDDLEWARES = exports.ROUTE_PREFIX = exports.APP_METADATA_KEY = exports.PARAM_METADATA_KEY = void 0;
 exports.PARAM_METADATA_KEY = 'design:parameters';
 exports.APP_METADATA_KEY = 'app:configuration';
 exports.ROUTE_PREFIX = 'route:prefix';
@@ -34,3 +34,4 @@ const INCREMENT_STATISTIC = (prop) => {
     exports.STATISTIC[prop] = exports.STATISTIC[prop] + 1;
 };
 exports.INCREMENT_STATISTIC = INCREMENT_STATISTIC;
+exports.CORS_METADATA = 'cors:config';

package/dist/core/Controller.d.ts

@@ -1,4 +1,4 @@
-import { AppRequest, ControllerClass, ControllerConfig, ControllerInstance, InterceptorCB, MiddlewareCB, RouteContext } from '../types/index.js';
+import { AppRequest, ControllerClass, ControllerConfig, ControllerInstance, InterceptorCB, RouteContext } from '../types/index.js';
 import { IncomingMessage, ServerResponse } from 'http';
 import 'reflect-metadata';
 /**
@@ -40,13 +40,5 @@ export declare function Controller(config: string | ControllerConfig, middleware
         }>;
         handleRequest: (appRequest: AppRequest, request?: IncomingMessage, response?: ServerResponse) => Promise<any>;
         routeWalker(context: RouteContext): Promise<any>;
-        getAllMethods(obj: any): string[];
-        findRouteInController(instance: any, path: string, route: string, method: string): {
-            name: string;
-            pathParams: Record<string, string>;
-            priority: number;
-            methodMiddlewares: MiddlewareCB[];
-            methodInterceptors: InterceptorCB[];
-        };
     };
 } & T;

package/dist/core/Controller.js

@@ -104,6 +104,7 @@ function Controller(config, middlewares = []) {
                         interceptor: Reflect.getMetadata(_constants_1.INTERCEPTOR, proto),
                         subControllers: Reflect.getMetadata(_constants_1.CONTROLLERS, proto) || [],
                         errorHandler: Reflect.getMetadata(_constants_1.CATCH, proto),
+                        cors: Reflect.getMetadata(_constants_1.CORS_METADATA, proto),
                     },
                     path: (appRequest.url.pathname ?? '').replace(/^\/+/g, ''),
                     method: appRequest.method.toUpperCase(),
@@ -112,6 +113,7 @@ function Controller(config, middlewares = []) {
                     response,
                     middlewareChain: [],
                     interceptorChain: [],
+                    corsChain: [Reflect.getMetadata(_constants_1.CORS_METADATA, proto)],
                     errorHandlerChain: [Reflect.getMetadata(_constants_1.CATCH, proto)],
                     subPath: Reflect.getMetadata(_constants_1.ROUTE_PREFIX, proto) || '',
                 };
@@ -128,6 +130,7 @@ function Controller(config, middlewares = []) {
                         interceptor: Reflect.getMetadata(_constants_1.INTERCEPTOR, SubController.prototype),
                         errorHandler: Reflect.getMetadata(_constants_1.CATCH, SubController),
                         subControllers: Reflect.getMetadata(_constants_1.CONTROLLERS, SubController.prototype) || [],
+                        cors: Reflect.getMetadata(_constants_1.CORS_METADATA, SubController.prototype) || [],
                     };
                     const fullSubPath = [subPath, subMeta.routePrefix]
                         .filter(Boolean)
@@ -143,21 +146,38 @@ function Controller(config, middlewares = []) {
                             middlewareChain: [...context.middlewareChain, ...controllerMeta.middlewares],
                             errorHandlerChain: [...context.errorHandlerChain, subMeta.errorHandler].filter((el) => !!el),
                             interceptorChain: [...context.interceptorChain, controllerMeta.interceptor].filter((el) => !!el),
+                            corsChain: [...context.corsChain, subMeta.cors].filter((el) => !!el),
                         });
                         if (subResult && subResult.status !== 404) {
                             return subResult;
                         }
                     }
                 }
-                const routeMatch = this.findRouteInController(controllerInstance, subPath, path, method);
+                const routeMatch = (0, _utils_1.findRouteInController)(controllerInstance, subPath, path, method);
                 if (routeMatch) {
-                    const { name, pathParams, methodMiddlewares, methodInterceptors } = routeMatch;
+                    const { name, pathParams, methodMiddlewares, cors } = routeMatch;
+                    let payload = { ...context.appRequest, params: pathParams };
+                    const handledCors = context.corsChain
+                        .concat(cors ?? [])
+                        .flat()
+                        .reduce((acc, conf) => {
+                        const cors = (0, _utils_1.handleCORS)(payload, context.response, conf);
+                        return {
+                            permitted: acc.permitted && cors.permitted,
+                            continue: acc.continue && cors.continue,
+                        };
+                    }, { permitted: true, continue: true });
+                    if (!handledCors.permitted) {
+                        return { status: 403, message: 'CORS: Origin not allowed' };
+                    }
+                    if (!handledCors.continue && handledCors.permitted) {
+                        return { status: 204 };
+                    }
                     const allMiddlewares = [
                         ...context.middlewareChain,
                         ...controllerMeta.middlewares,
                         ...methodMiddlewares,
                     ];
-                    let payload = { ...context.appRequest, params: pathParams };
                     for (const mw of allMiddlewares) {
                         const mwResult = await mw(payload, context.request, context.response);
                         payload = mwResult ?? payload;
@@ -180,60 +200,6 @@ function Controller(config, middlewares = []) {
                 }
                 return null;
             }
-            getAllMethods(obj) {
-                let methods = new Set();
-                let current = Object.getPrototypeOf(obj);
-                while (current && current !== Object.prototype) {
-                    Object.getOwnPropertyNames(current).forEach((name) => {
-                        if (name !== 'constructor' && typeof current[name] === 'function') {
-                            methods.add(name);
-                        }
-                    });
-                    current = Object.getPrototypeOf(current);
-                }
-                return Array.from(methods);
-            }
-            findRouteInController(instance, path, route, method) {
-                const prototype = Object.getPrototypeOf(instance);
-                const propertyNames = this.getAllMethods(instance);
-                const matches = [];
-                for (const name of propertyNames) {
-                    if ([
-                        'constructor',
-                        'getResponse',
-                        'routeWalker',
-                        'getAllMethods',
-                        'findRouteInController',
-                    ].includes(name))
-                        continue;
-                    const endpointMeta = Reflect.getMetadata(_constants_1.ENDPOINT, prototype, name) || [];
-                    if (endpointMeta.length === 0)
-                        continue;
-                    const [httpMethod, routePattern] = endpointMeta;
-                    if (httpMethod !== method && httpMethod !== 'USE') {
-                        continue;
-                    }
-                    if (httpMethod === 'USE') {
-                        let useRoute = route.split('/');
-                        useRoute.pop();
-                        route = useRoute.join('/');
-                    }
-                    const current = [path, routePattern].join('/').replace(/\/+/g, '/');
-                    const pathParams = (0, _utils_1.matchRoute)(current, route);
-                    if (pathParams) {
-                        const priority = httpMethod === 'USE' ? 0 : Object.keys(pathParams).length > 0 ? 1 : 2;
-                        matches.push({
-                            name,
-                            pathParams,
-                            priority,
-                            methodMiddlewares: Reflect.getMetadata(_constants_1.MIDDLEWARES, prototype, name) || [],
-                            methodInterceptors: Reflect.getMetadata(_constants_1.INTERCEPTOR, prototype, name) || [],
-                        });
-                    }
-                }
-                matches.sort((a, b) => b.priority - a.priority);
-                return matches[0] || null;
-            }
         };
     };
 }

package/dist/core/index.d.ts

@@ -4,7 +4,7 @@
  * This module provides centralized exports for controller and endpoint decorators,
  * as well as related types and utility functions used throughout the core framework.
  */
-export { AppRequest, EndpointResponse, ErrorCB, HttpError, IController, InterceptorCB, IWebSocketService, MiddlewareCB, ResponseWithStatus, Router, WebSocketClient, WebSocketEvent, WebSocketMessage, } from '../types/index.js';
+export { AppRequest, CORSConfig, EndpointResponse, ErrorCB, HttpError, IController, InterceptorCB, IWebSocketService, MiddlewareCB, ResponseWithStatus, Router, WebSocketClient, WebSocketEvent, WebSocketMessage, } from '../types/index.js';
 export * from './Controller';
 export * from './Endpoint';
 export * from './utils';

package/dist/core/utils/cors.d.ts

@@ -0,0 +1,2 @@
+import { CORSConfig } from '../../types/index.js';
+export declare function CORS(config?: CORSConfig): (target: any, propertyKey?: string, descriptor?: PropertyDescriptor) => void;

package/dist/core/utils/cors.js

@@ -0,0 +1,21 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CORS = CORS;
+const _constants_1 = require("../../constants.js");
+const _types_1 = require("../../types/index.js");
+function CORS(config = {}) {
+    return function (target, propertyKey, descriptor) {
+        const defaultConfig = {
+            origin: '*',
+            optionsSuccessStatus: 204,
+            methods: Object.keys(_types_1.HTTP_METHODS),
+        };
+        const finalConfig = { ...defaultConfig, ...config };
+        if (propertyKey && descriptor) {
+            Reflect.defineMetadata(_constants_1.CORS_METADATA, finalConfig, target, propertyKey);
+        }
+        else {
+            Reflect.defineMetadata(_constants_1.CORS_METADATA, finalConfig, target.prototype || target);
+        }
+    };
+}

package/dist/core/utils/index.d.ts

@@ -1,3 +1,4 @@
+export * from './cors';
 export * from './extractors';
 export * from './helpers';
 export * from './middlewares';

package/dist/core/utils/index.js

@@ -14,6 +14,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./cors"), exports);
 __exportStar(require("./extractors"), exports);
 __exportStar(require("./helpers"), exports);
 __exportStar(require("./middlewares"), exports);

package/dist/examples/app.js

@@ -15,7 +15,8 @@ let Root = class Root {
 };
 exports.Root = Root;
 exports.Root = Root = __decorate([
-    (0, core_1.Controller)({ prefix: 'api', controllers: [user_1.User] })
+    (0, core_1.Controller)({ prefix: 'api', controllers: [user_1.User] }),
+    (0, core_1.CORS)({ origin: '*' })
 ], Root);
 let App = class App {
 };
@@ -26,9 +27,14 @@ exports.App = App = __decorate([
         websocket: { enabled: true },
         interceptor: (data) => data,
         errorHandler: (err) => err,
+        cors: { origin: '*' },
     }),
     (0, http_1.Port)(3000),
-    (0, core_1.Use)((data) => data),
-    (0, core_1.Use)((data) => data),
+    (0, core_1.Use)((data) => {
+        return data;
+    }),
+    (0, core_1.Use)((data) => {
+        return data;
+    }),
     (0, core_1.Catch)((err) => err)
 ], App);

package/dist/examples/controllers/user.js

@@ -67,5 +67,6 @@ exports.User = User = __decorate([
         interceptor: (data, req, res) => {
             return { data, intercepted: true };
         },
-    })
+    }),
+    (0, core_1.CORS)({ origin: '*' })
 ], User);

package/dist/examples/controllers/userMetadata.d.ts

@@ -1,6 +1,6 @@
 export declare class UserMetadata {
     getUserMetadata(params: any): Promise<any>;
-    createMeta(body: any, params: any): Promise<{
+    createMeta(mult: any, body: any, params: any): Promise<{
         body: any;
         params: any;
     }>;

package/dist/examples/controllers/userMetadata.js

@@ -27,7 +27,7 @@ let UserMetadata = class UserMetadata {
     async getUserMetadata(params) {
         return params;
     }
-    async createMeta(body, params) {
+    async createMeta(mult, body, params) {
         return { body, params };
     }
 };
@@ -41,12 +41,20 @@ __decorate([
 ], UserMetadata.prototype, "getUserMetadata", null);
 __decorate([
     (0, core_1.POST)('/:meta'),
-    __param(0, (0, core_1.Body)()),
-    __param(1, (0, core_1.Params)(DTO, 'meta')),
+    __param(0, (0, core_1.Multipart)()),
+    __param(1, (0, core_1.Body)()),
+    __param(2, (0, core_1.Params)(DTO, 'meta')),
     __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object]),
+    __metadata("design:paramtypes", [Object, Object, Object]),
     __metadata("design:returntype", Promise)
 ], UserMetadata.prototype, "createMeta", null);
 exports.UserMetadata = UserMetadata = __decorate([
-    (0, core_1.Controller)({ prefix: 'metadata' })
+    (0, core_1.Controller)({
+        prefix: 'metadata',
+        middlewares: [
+            (req) => {
+                return req;
+            },
+        ],
+    })
 ], UserMetadata);

package/dist/types/common.d.ts

@@ -38,19 +38,6 @@ export type EndpointResponse<T = any> = {
     data?: T;
     error?: any;
 };
-export type AxiosQuery = {
-    data?: {
-        [key: string]: any;
-    };
-    headers?: {
-        [key: string]: any;
-    };
-    params?: {
-        [key: string]: any;
-    };
-    url: string;
-    method: 'POST' | 'GET' | 'PATCH' | 'DELETE';
-};
 export interface IController {
     handleRequest: Router;
 }

package/dist/types/controller.d.ts

@@ -1,5 +1,6 @@
 import { IncomingMessage, ServerResponse } from 'http';
 import { AppRequest, ErrorCB, HTTP_METHODS, InterceptorCB, MiddlewareCB } from './common';
+import { CORSConfig } from './cors';
 export type ControllerClass = {
     new (...args: any[]): any;
 };
@@ -16,6 +17,7 @@ export type ControllerMetadata = {
     interceptor?: InterceptorCB;
     subControllers: ControllerClass[];
     errorHandler?: ErrorCB;
+    cors?: CORSConfig;
 };
 export interface ControllerConfig {
     prefix: string;
@@ -33,6 +35,7 @@ export type RouteContext = {
     response?: ServerResponse;
     middlewareChain: MiddlewareCB[];
     interceptorChain: InterceptorCB[];
+    corsChain: CORSConfig[];
     errorHandlerChain: ErrorCB[];
     subPath: string;
 };

package/dist/types/cors.d.ts

@@ -0,0 +1,10 @@
+export interface CORSConfig {
+    origin?: string | string[] | ((origin: string) => boolean);
+    methods?: string[];
+    allowedHeaders?: string[];
+    exposedHeaders?: string[];
+    credentials?: boolean;
+    maxAge?: number;
+    preflightContinue?: boolean;
+    optionsSuccessStatus?: number;
+}

package/dist/types/cors.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/types/http.d.ts

@@ -1,4 +1,5 @@
 import { ErrorCB, InterceptorCB, MiddlewareCB } from './common';
+import { CORSConfig } from './cors';
 export interface ServerConfig {
     port?: number;
     host?: string;
@@ -6,6 +7,7 @@ export interface ServerConfig {
     interceptor?: InterceptorCB;
     errorHandler?: ErrorCB;
     controllers?: (new (...args: any[]) => any)[];
+    cors?: CORSConfig;
     websocket?: {
         enabled: boolean;
         path?: string;

package/dist/types/index.d.ts

@@ -1,5 +1,6 @@
 export * from './common';
 export * from './controller';
+export * from './cors';
 export * from './http';
 export * from './lambda';
 export * from './websocket';

package/dist/types/index.js

@@ -16,6 +16,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./common"), exports);
 __exportStar(require("./controller"), exports);
+__exportStar(require("./cors"), exports);
 __exportStar(require("./http"), exports);
 __exportStar(require("./lambda"), exports);
 __exportStar(require("./websocket"), exports);

package/dist/types/lambda.d.ts

@@ -56,6 +56,11 @@ export interface LambdaRequest {
     url: URL;
     event: NormalizedEvent;
     _startTime: number;
+    routeInfo?: {
+        controller: any;
+        methodName: string;
+        pathParams: Record<string, string>;
+    };
 }
 export interface LambdaResponse {
     statusCode: number;

package/dist/utils/controller.d.ts

@@ -1,4 +1,12 @@
-import { ControllerInstance, ControllerMethods } from '../types/index.js';
+import { ControllerInstance, ControllerMethods, CORSConfig, MiddlewareCB } from '../types/index.js';
 import { IncomingMessage, ServerResponse } from 'http';
 export declare const executeControllerMethod: (controller: ControllerInstance, propertyName: string, payload: any, request?: IncomingMessage, response?: ServerResponse) => Promise<any>;
 export declare const getControllerMethods: (controller: ControllerInstance) => ControllerMethods;
+export declare const getAllMethods: (obj: any) => string[];
+export declare const findRouteInController: (instance: any, path: string, route: string, method: string) => {
+    name: string;
+    pathParams: Record<string, string>;
+    priority: number;
+    methodMiddlewares: MiddlewareCB[];
+    cors?: CORSConfig;
+};

package/dist/utils/controller.js

@@ -1,17 +1,18 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getControllerMethods = exports.executeControllerMethod = void 0;
+exports.findRouteInController = exports.getAllMethods = exports.getControllerMethods = exports.executeControllerMethod = void 0;
+const _constants_1 = require("../constants.js");
 const _types_1 = require("../types/index.js");
-const _utils_1 = require("./index.js");
 const WebsocketService_1 = require("../app/http/websocket/WebsocketService");
+const helper_1 = require("./helper");
+const multipart_1 = require("./multipart");
 const validate_1 = require("./validate");
-const _constants_1 = require("../constants.js");
 const getBodyAndMultipart = (payload) => {
     let body = payload.body;
     let multipart;
-    if (_utils_1.MultipartProcessor.isMultipart({ headers: payload.headers })) {
+    if (multipart_1.MultipartProcessor.isMultipart({ headers: payload.headers })) {
         try {
-            const { fields, files } = _utils_1.MultipartProcessor.parse({
+            const { fields, files } = multipart_1.MultipartProcessor.parse({
                 body: payload.rawBody || payload.body,
                 headers: payload.headers,
                 isBase64Encoded: payload.isBase64Encoded,
@@ -110,3 +111,59 @@ const getControllerMethods = (controller) => {
     return methods.sort((a, b) => (a.httpMethod === _types_1.HTTP_METHODS.USE ? 1 : -1));
 };
 exports.getControllerMethods = getControllerMethods;
+const getAllMethods = (obj) => {
+    let methods = new Set();
+    let current = Object.getPrototypeOf(obj);
+    while (current && current !== Object.prototype) {
+        Object.getOwnPropertyNames(current).forEach((name) => {
+            if (name !== 'constructor' && typeof current[name] === 'function') {
+                methods.add(name);
+            }
+        });
+        current = Object.getPrototypeOf(current);
+    }
+    return Array.from(methods);
+};
+exports.getAllMethods = getAllMethods;
+const findRouteInController = (instance, path, route, method) => {
+    const prototype = Object.getPrototypeOf(instance);
+    const propertyNames = (0, exports.getAllMethods)(instance);
+    const matches = [];
+    for (const name of propertyNames) {
+        if ([
+            'constructor',
+            'getResponse',
+            'routeWalker',
+            'getAllMethods',
+            'findRouteInController',
+        ].includes(name))
+            continue;
+        const endpointMeta = Reflect.getMetadata(_constants_1.ENDPOINT, prototype, name) || [];
+        if (endpointMeta.length === 0)
+            continue;
+        const [httpMethod, routePattern] = endpointMeta;
+        if (httpMethod !== method && httpMethod !== 'USE') {
+            continue;
+        }
+        if (httpMethod === 'USE') {
+            let useRoute = route.split('/');
+            useRoute.pop();
+            route = useRoute.join('/');
+        }
+        const current = [path, routePattern].join('/').replace(/\/+/g, '/');
+        const pathParams = (0, helper_1.matchRoute)(current, route);
+        if (pathParams) {
+            const priority = httpMethod === 'USE' ? 0 : Object.keys(pathParams).length > 0 ? 1 : 2;
+            matches.push({
+                name,
+                pathParams,
+                priority,
+                cors: Reflect.getMetadata(_constants_1.CORS_METADATA, prototype, name),
+                methodMiddlewares: Reflect.getMetadata(_constants_1.MIDDLEWARES, prototype, name) || [],
+            });
+        }
+    }
+    matches.sort((a, b) => b.priority - a.priority);
+    return matches[0] || null;
+};
+exports.findRouteInController = findRouteInController;

package/dist/utils/cors.d.ts

@@ -0,0 +1,8 @@
+import { CORSConfig } from '../types/index.js';
+export declare function handleCORS(req: any, res: any, config: CORSConfig): {
+    permitted: boolean;
+    continue: boolean;
+};
+export declare function isPreflightRequest(req: any): boolean;
+export declare const getCORSConfig: (controller: any, methodName?: string) => CORSConfig | null;
+export declare const getCORSHeaders: (req: any, config: CORSConfig) => Record<string, string>;

package/dist/utils/cors.js

@@ -0,0 +1,126 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getCORSHeaders = exports.getCORSConfig = void 0;
+exports.handleCORS = handleCORS;
+exports.isPreflightRequest = isPreflightRequest;
+const _constants_1 = require("../constants.js");
+function handleCORS(req, res, config) {
+    const origin = req.headers.origin || req.headers.Origin || req.url.origin;
+    function isOriginAllowed() {
+        if (!origin)
+            return false;
+        if (config.origin === '*')
+            return true;
+        if (typeof config.origin === 'string')
+            return config.origin === origin;
+        if (Array.isArray(config.origin))
+            return config.origin.includes(origin);
+        if (typeof config.origin === 'function')
+            return config.origin(origin);
+        return false;
+    }
+    if (origin && !isOriginAllowed()) {
+        res.statusCode = 403;
+        res.setHeader('Content-Type', 'application/json');
+        return { permitted: false, continue: false };
+    }
+    if (req.method === 'OPTIONS') {
+        if (origin) {
+            res.setHeader('Access-Control-Allow-Origin', origin);
+        }
+        else if (config.origin === '*') {
+            res.setHeader('Access-Control-Allow-Origin', '*');
+        }
+        if (config.methods) {
+            res.setHeader('Access-Control-Allow-Methods', config.methods.join(', '));
+        }
+        if (config.allowedHeaders) {
+            res.setHeader('Access-Control-Allow-Headers', config.allowedHeaders.join(', '));
+        }
+        if (config.credentials) {
+            res.setHeader('Access-Control-Allow-Credentials', 'true');
+        }
+        if (config.maxAge) {
+            res.setHeader('Access-Control-Max-Age', config.maxAge.toString());
+        }
+        res.statusCode = config.optionsSuccessStatus || 204;
+        return { permitted: true, continue: false };
+    }
+    if (origin) {
+        res.setHeader('Access-Control-Allow-Origin', origin);
+        if (config.credentials) {
+            res.setHeader('Access-Control-Allow-Credentials', 'true');
+        }
+        if (config.exposedHeaders) {
+            res.setHeader('Access-Control-Expose-Headers', config.exposedHeaders.join(', '));
+        }
+    }
+    return { permitted: true, continue: true };
+}
+function isPreflightRequest(req) {
+    return (req.method === 'OPTIONS' && req.headers['access-control-request-method'] && req.headers.origin);
+}
+const getCORSConfig = (controller, methodName) => {
+    if (methodName) {
+        const methodConfig = Reflect.getMetadata(_constants_1.CORS_METADATA, controller, methodName);
+        if (methodConfig) {
+            return methodConfig;
+        }
+    }
+    if (controller && controller.constructor) {
+        const classConfig = Reflect.getMetadata(_constants_1.CORS_METADATA, controller.constructor.prototype);
+        if (classConfig) {
+            return classConfig;
+        }
+    }
+    return null;
+};
+exports.getCORSConfig = getCORSConfig;
+const getCORSHeaders = (req, config) => {
+    const headers = {};
+    const origin = req?.headers?.origin || req?.headers?.Origin;
+    if (!origin)
+        return headers;
+    let allowedOrigin = null;
+    if (config.origin === '*') {
+        allowedOrigin = '*';
+    }
+    else if (typeof config.origin === 'string') {
+        allowedOrigin = config.origin;
+    }
+    else if (Array.isArray(config.origin)) {
+        if (config.origin.includes(origin)) {
+            allowedOrigin = origin;
+        }
+    }
+    else if (typeof config.origin === 'function') {
+        if (config.origin(origin)) {
+            allowedOrigin = origin;
+        }
+    }
+    else if (config.origin === true) {
+        allowedOrigin = origin;
+    }
+    if (allowedOrigin) {
+        headers['Access-Control-Allow-Origin'] = allowedOrigin;
+        if (config.credentials) {
+            headers['Access-Control-Allow-Credentials'] = 'true';
+        }
+        if (config.exposedHeaders?.length) {
+            headers['Access-Control-Expose-Headers'] = config.exposedHeaders.join(', ');
+        }
+        if (req.method === 'OPTIONS') {
+            if (config.methods?.length) {
+                headers['Access-Control-Allow-Methods'] = config.methods.join(', ');
+            }
+            if (config.allowedHeaders?.length) {
+                headers['Access-Control-Allow-Headers'] = config.allowedHeaders.join(', ');
+            }
+            if (config.maxAge) {
+                headers['Access-Control-Max-Age'] = config.maxAge.toString();
+            }
+        }
+    }
+    return headers;
+};
+exports.getCORSHeaders = getCORSHeaders;

package/dist/utils/index.d.ts

@@ -1,4 +1,5 @@
 export * from './controller';
+export * from './cors';
 export * from './endpoint';
 export * from './helper';
 export * from './lambda';

package/dist/utils/index.js

@@ -15,6 +15,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./controller"), exports);
+__exportStar(require("./cors"), exports);
 __exportStar(require("./endpoint"), exports);
 __exportStar(require("./helper"), exports);
 __exportStar(require("./lambda"), exports);

package/dist/utils/multipart.d.ts

@@ -12,4 +12,5 @@ export declare class MultipartProcessor {
         files: Record<string, MultipartFile | MultipartFile[]>;
     };
     static isMultipart(request: any): boolean;
+    private static getContentType;
 }

package/dist/utils/multipart.js

@@ -69,10 +69,11 @@ class MultipartProcessor {
         parts.forEach((part) => {
             if (part.filename) {
                 const fieldName = part.name || 'file';
+                const contentType = this.getContentType(part);
                 const fileData = {
                     fieldname: fieldName,
                     filename: part.filename,
-                    contentType: part.type,
+                    contentType: contentType ?? part.type,
                     data: part.data,
                     size: part.data.length,
                     encoding: part.encoding,
@@ -105,5 +106,101 @@ class MultipartProcessor {
         const contentType = request.headers?.['content-type'] || request.headers?.['Content-Type'] || '';
         return contentType.startsWith('multipart/form-data');
     }
+    static getContentType(part) {
+        const filename = part.filename || '';
+        const extension = filename.split('.').pop()?.toLowerCase() ?? '';
+        const mimeMap = {
+            txt: 'text/plain',
+            text: 'text/plain',
+            log: 'text/plain',
+            md: 'text/markdown',
+            csv: 'text/csv',
+            ts: 'application/typescript',
+            tsx: 'application/typescript',
+            js: 'application/javascript',
+            jsx: 'application/javascript',
+            mjs: 'application/javascript',
+            cjs: 'application/javascript',
+            json: 'application/json',
+            xml: 'application/xml',
+            yaml: 'application/yaml',
+            yml: 'application/yaml',
+            toml: 'application/toml',
+            php: 'application/x-httpd-php',
+            py: 'text/x-python',
+            rb: 'text/x-ruby',
+            java: 'text/x-java',
+            c: 'text/x-c',
+            cpp: 'text/x-c++',
+            h: 'text/x-c',
+            hpp: 'text/x-c++',
+            go: 'text/x-go',
+            rs: 'text/x-rust',
+            swift: 'text/x-swift',
+            kt: 'text/x-kotlin',
+            kts: 'text/x-kotlin',
+            html: 'text/html',
+            htm: 'text/html',
+            css: 'text/css',
+            scss: 'text/x-scss',
+            sass: 'text/x-sass',
+            less: 'text/x-less',
+            jpg: 'image/jpeg',
+            jpeg: 'image/jpeg',
+            png: 'image/png',
+            gif: 'image/gif',
+            webp: 'image/webp',
+            svg: 'image/svg+xml',
+            ico: 'image/x-icon',
+            bmp: 'image/bmp',
+            tiff: 'image/tiff',
+            tif: 'image/tiff',
+            avif: 'image/avif',
+            heic: 'image/heic',
+            heif: 'image/heif',
+            pdf: 'application/pdf',
+            doc: 'application/msword',
+            docx: 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
+            xls: 'application/vnd.ms-excel',
+            xlsx: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+            ppt: 'application/vnd.ms-powerpoint',
+            pptx: 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
+            odt: 'application/vnd.oasis.opendocument.text',
+            ods: 'application/vnd.oasis.opendocument.spreadsheet',
+            odp: 'application/vnd.oasis.opendocument.presentation',
+            zip: 'application/zip',
+            rar: 'application/vnd.rar',
+            '7z': 'application/x-7z-compressed',
+            tar: 'application/x-tar',
+            gz: 'application/gzip',
+            bz2: 'application/x-bzip2',
+            mp3: 'audio/mpeg',
+            wav: 'audio/wav',
+            ogg: 'audio/ogg',
+            m4a: 'audio/mp4',
+            flac: 'audio/flac',
+            aac: 'audio/aac',
+            mp4: 'video/mp4',
+            mpg: 'video/mpeg',
+            mpeg: 'video/mpeg',
+            mov: 'video/quicktime',
+            avi: 'video/x-msvideo',
+            wmv: 'video/x-ms-wmv',
+            flv: 'video/x-flv',
+            webm: 'video/webm',
+            mkv: 'video/x-matroska',
+            m4v: 'video/x-m4v',
+            bin: 'application/octet-stream',
+            exe: 'application/vnd.microsoft.portable-executable',
+            dll: 'application/vnd.microsoft.portable-executable',
+            deb: 'application/vnd.debian.binary-package',
+            rpm: 'application/x-rpm',
+            iso: 'application/x-iso9660-image',
+            sh: 'application/x-sh',
+            bat: 'application/x-msdos-program',
+            ps1: 'application/x-powershell',
+        };
+        return mimeMap[extension];
+    }
 }
 exports.MultipartProcessor = MultipartProcessor;

package/dist/utils/server.js

@@ -15,6 +15,7 @@ const resolveConfig = (configOrClass) => {
             ...decoratorConfig,
             errorHandler: decoratorConfig.errorHandler ?? errorHandler,
             interceptors,
+            cors: decoratorConfig.cors,
             controllers: [...controllers, ...(decoratorConfig.controllers || [])],
         };
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "quantum-flow",
-  "version": "1.3.10",
+  "version": "1.4.0",
   "description": "Decorator-based API framework",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",