quantum-flow 1.3.10 → 1.5.0

package/dist/app/http/Application.js

@@ -85,7 +85,6 @@ class HttpServer extends Socket_1.Socket {
                 }
                 else {
                     this.isRunning = false;
-                    console.log(_constants_1.STOPPED);
                     resolve();
                 }
             });
@@ -97,23 +96,39 @@ class HttpServer extends Socket_1.Socket {
             config: this.config,
         };
     }
-    async requestHandler(req, res) {
+    async requestHandler(req, response) {
         const startTime = Date.now();
+        let request;
         try {
-            const request = await this.createRequest(req);
-            let appRequest = await this.applyMiddlewares(request, req, res);
-            let data = await this.findController(appRequest, req, res);
+            request = await this.createRequest(req);
+        }
+        catch (err) {
+            return this.sendResponse(response, { status: 500, message: err.message }, startTime);
+        }
+        try {
+            let handledCors = { permitted: true, continue: true };
+            if (this.config.cors) {
+                handledCors = (0, _utils_1.handleCORS)(request, response, this.config.cors);
+            }
+            if (!handledCors.permitted) {
+                return this.sendResponse(response, { status: 403, message: 'CORS: Origin not allowed' }, startTime);
+            }
+            if (!handledCors.continue && handledCors.permitted) {
+                return this.sendResponse(response, { status: 204 }, startTime);
+            }
+            await this.beforeRequest(request, response);
+            let data = await this.findController(request, response);
             const isError = !_constants_1.OK_STATUSES.includes(data.status);
             if (isError) {
-                return this.handleError(data, req, res, startTime);
+                return this.handleError(data, request, response, startTime);
             }
             if (this.config.interceptor) {
-                data = await this.config.interceptor(data, req, res);
+                data = await this.config.interceptor(data, request, response);
             }
-            return this.sendResponse(res, data, startTime);
+            return this.sendResponse(response, data, startTime);
         }
         catch (error) {
-            return this.handleError(error, req, res, startTime);
+            return this.handleError(error, request, response, startTime);
         }
     }
     async createRequest(req) {
@@ -127,33 +142,33 @@ class HttpServer extends Socket_1.Socket {
         const protocol = req.headers['x-forwarded-proto'] || 'http';
         const host = req.headers.host || 'localhost';
         const fullUrl = `${protocol}://${host}${req.url}`;
-        const whatwgUrl = new URL(fullUrl);
-        return {
+        const requestUrl = new URL(fullUrl);
+        const parsedRequest = {
             method: req.method?.toUpperCase(),
-            url: whatwgUrl,
+            requestUrl,
             headers: req.headers,
             body: parsedBody,
             rawBody: rawBody,
-            query: (0, _utils_1.ParseQuery)(whatwgUrl),
+            query: (0, _utils_1.ParseQuery)(requestUrl),
             params: {},
             cookies: (0, _utils_1.ParseCookies)(req),
             isBase64Encoded: false,
             _startTime: Date.now(),
         };
+        Object.assign(req, parsedRequest);
+        return req;
     }
-    async applyMiddlewares(appRequest, request, response) {
-        let processed = appRequest;
+    async beforeRequest(request, response) {
+        (0, _utils_1.sanitizeRequest)(request, this.config.sanitizers ?? []);
         for (const middleware of this.config.middlewares?.reverse() || []) {
-            const result = await middleware(processed, request, response);
-            processed = result ?? processed;
+            await middleware(request, response, _utils_1.NextFN);
         }
-        return processed;
     }
-    async findController(appRequest, request, response) {
+    async findController(request, response) {
         for (const ControllerClass of this.config.controllers || []) {
             const instance = new ControllerClass();
             if (typeof instance.handleRequest === 'function') {
-                const data = await instance.handleRequest(appRequest, request, response);
+                const data = await instance.handleRequest(request, response);
                 if (data && data.status !== 404) {
                     return data;
                 }
@@ -161,7 +176,7 @@ class HttpServer extends Socket_1.Socket {
         }
         return {
             status: 404,
-            data: { message: `Route ${appRequest.method} ${appRequest.url.pathname} not found` },
+            data: { message: `Route ${request.method} ${request.requestUrl.pathname} not found` },
         };
     }
     async sendResponse(res, data, startTime) {

package/dist/app/http/decorators.js

@@ -12,6 +12,7 @@ function Server(config = {}) {
             ...config,
             controllers: [...(existingConfig.controllers || []), ...(config.controllers || [])],
             middlewares: [...(existingConfig.middlewares ?? []), ...(config.middlewares ?? [])],
+            cors: config.cors,
             interceptors: existingConfig.interceptor ?? config.interceptor,
         };
         Reflect.defineMetadata(_constants_1.SERVER_CONFIG_KEY, mergedConfig, target);

package/dist/constants.d.ts

@@ -15,8 +15,10 @@ export declare const WS_TOPIC_KEY = "websocket:topic";
 export declare const WS_SERVICE_KEY = "websocket:service";
 export declare const INTECEPT = "server:intercept";
 export declare const CATCH = "server:catch";
+export declare const SANITIZE = "action:sanitize";
 export declare const STOPPED = "\n\u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557\n\u2551  \uD83D\uDC4B Server stopped                      \u2551\n\u2551  \uD83D\uDCCA Status: STOPPED                      \u2551\n\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D\n          ";
 export declare const OK_STATUSES: number[];
 export declare const TO_VALIDATE: string[];
 export declare const STATISTIC: Record<'controllers' | 'routes', number>;
 export declare const INCREMENT_STATISTIC: (prop: "controllers" | "routes") => void;
+export declare const CORS_METADATA = "cors:config";

package/dist/constants.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.INCREMENT_STATISTIC = exports.STATISTIC = exports.TO_VALIDATE = exports.OK_STATUSES = exports.STOPPED = exports.CATCH = exports.INTECEPT = exports.WS_SERVICE_KEY = exports.WS_TOPIC_KEY = exports.WS_METADATA_KEY = exports.USE_MIDDLEWARE = exports.SERVER_MODULES_KEY = exports.SERVER_CONFIG_KEY = exports.OK_METADATA_KEY = exports.ENDPOINT = exports.INTERCEPTOR = exports.CONTROLLERS = exports.MIDDLEWARES = exports.ROUTE_MIDDLEWARES = exports.ROUTE_PREFIX = exports.APP_METADATA_KEY = exports.PARAM_METADATA_KEY = void 0;
+exports.CORS_METADATA = exports.INCREMENT_STATISTIC = exports.STATISTIC = exports.TO_VALIDATE = exports.OK_STATUSES = exports.STOPPED = exports.SANITIZE = exports.CATCH = exports.INTECEPT = exports.WS_SERVICE_KEY = exports.WS_TOPIC_KEY = exports.WS_METADATA_KEY = exports.USE_MIDDLEWARE = exports.SERVER_MODULES_KEY = exports.SERVER_CONFIG_KEY = exports.OK_METADATA_KEY = exports.ENDPOINT = exports.INTERCEPTOR = exports.CONTROLLERS = exports.MIDDLEWARES = exports.ROUTE_MIDDLEWARES = exports.ROUTE_PREFIX = exports.APP_METADATA_KEY = exports.PARAM_METADATA_KEY = void 0;
 exports.PARAM_METADATA_KEY = 'design:parameters';
 exports.APP_METADATA_KEY = 'app:configuration';
 exports.ROUTE_PREFIX = 'route:prefix';
@@ -18,6 +18,7 @@ exports.WS_TOPIC_KEY = 'websocket:topic';
 exports.WS_SERVICE_KEY = 'websocket:service';
 exports.INTECEPT = 'server:intercept';
 exports.CATCH = 'server:catch';
+exports.SANITIZE = 'action:sanitize';
 exports.STOPPED = `
 ╔════════════════════════════════════════╗
 ║  👋 Server stopped                      ║
@@ -34,3 +35,4 @@ const INCREMENT_STATISTIC = (prop) => {
     exports.STATISTIC[prop] = exports.STATISTIC[prop] + 1;
 };
 exports.INCREMENT_STATISTIC = INCREMENT_STATISTIC;
+exports.CORS_METADATA = 'cors:config';

package/dist/core/Controller.d.ts

@@ -1,5 +1,5 @@
-import { AppRequest, ControllerClass, ControllerConfig, ControllerInstance, InterceptorCB, MiddlewareCB, RouteContext } from '../types/index.js';
-import { IncomingMessage, ServerResponse } from 'http';
+import { AppRequest, ControllerClass, ControllerConfig, InterceptorCB, RouteContext } from '../types/index.js';
+import { ServerResponse } from 'http';
 import 'reflect-metadata';
 /**
  * Class decorator to define a controller with optional configuration.
@@ -25,28 +25,9 @@ import 'reflect-metadata';
 export declare function Controller(config: string | ControllerConfig, middlewares?: Array<InterceptorCB>): <T extends ControllerClass>(constructor: T) => {
     new (...args: any[]): {
         [x: string]: any;
-        executeControllerMethod: (controller: ControllerInstance, propertyName: string, payload: any, request?: IncomingMessage, response?: ServerResponse) => Promise<any>;
-        getControllerMethods: (controller: ControllerInstance) => import("../types/index.js").ControllerMethods;
-        getResponse(data: {
-            controllerInstance: ControllerInstance;
-            name: string;
-            payload: any;
-            interceptors: InterceptorCB[];
-            request?: IncomingMessage;
-            response?: ServerResponse;
-        }): Promise<{
-            status: any;
-            data: any;
-        }>;
-        handleRequest: (appRequest: AppRequest, request?: IncomingMessage, response?: ServerResponse) => Promise<any>;
-        routeWalker(context: RouteContext): Promise<any>;
-        getAllMethods(obj: any): string[];
-        findRouteInController(instance: any, path: string, route: string, method: string): {
-            name: string;
-            pathParams: Record<string, string>;
-            priority: number;
-            methodMiddlewares: MiddlewareCB[];
-            methodInterceptors: InterceptorCB[];
-        };
+        executeControllerMethod: (controller: import("../types/index.js").ControllerInstance, propertyName: string, request: AppRequest, response: ServerResponse) => Promise<any>;
+        getControllerMethods: (controller: import("../types/index.js").ControllerInstance) => import("../types/index.js").ControllerMethods;
+        handleRequest: (request: AppRequest, response: ServerResponse) => Promise<any>;
+        routeWalker(context: RouteContext, request: AppRequest, response: ServerResponse): Promise<any>;
     };
 } & T;

package/dist/core/Controller.js

@@ -69,170 +69,136 @@ function Controller(config, middlewares = []) {
             constructor(...args) {
                 super(...args);
             }
-            async getResponse(data) {
-                try {
-                    let appResponse = await this.executeControllerMethod(data.controllerInstance, data.name, data.payload, data.request, data.response);
-                    let status = appResponse.status ?? 200;
-                    const isError = !_constants_1.OK_STATUSES.includes(status);
-                    const interceptors = data.interceptors.reverse();
-                    for (let index = 0; index < interceptors?.length && !isError; index++) {
-                        const interceptor = interceptors[index];
-                        appResponse = await interceptor(appResponse, data.request, data.response);
-                    }
-                    const propertyName = data.name;
-                    const prototype = Object.getPrototypeOf(data.controllerInstance);
-                    const methodOkStatus = Reflect.getMetadata(_constants_1.OK_METADATA_KEY, data.controllerInstance, propertyName);
-                    if (methodOkStatus) {
-                        !isError && (status = methodOkStatus);
-                    }
-                    else {
-                        const classOkStatus = Reflect.getMetadata(_constants_1.OK_METADATA_KEY, prototype);
-                        !isError && classOkStatus && (status = classOkStatus);
-                    }
-                    return { status, data: appResponse };
-                }
-                catch (err) {
-                    throw err;
-                }
-            }
-            handleRequest = async (appRequest, request, response) => {
+            handleRequest = async (request, response) => {
+                const middlewares = []
+                    .concat(Reflect.getMetadata(_constants_1.MIDDLEWARES, proto))
+                    .concat(Reflect.getMetadata(_constants_1.USE_MIDDLEWARE, constructor))
+                    .filter((el) => !!el);
                 const context = {
                     controllerInstance: this,
                     controllerMeta: {
                         routePrefix: Reflect.getMetadata(_constants_1.ROUTE_PREFIX, proto) || '',
-                        middlewares: Reflect.getMetadata(_constants_1.MIDDLEWARES, proto) || [],
+                        middlewares,
                         interceptor: Reflect.getMetadata(_constants_1.INTERCEPTOR, proto),
                         subControllers: Reflect.getMetadata(_constants_1.CONTROLLERS, proto) || [],
-                        errorHandler: Reflect.getMetadata(_constants_1.CATCH, proto),
+                        errorHandler: Reflect.getMetadata(_constants_1.CATCH, constructor),
+                        cors: Reflect.getMetadata(_constants_1.CORS_METADATA, proto),
+                        sanitizers: Reflect.getMetadata(_constants_1.SANITIZE, proto) || [],
                     },
-                    path: (appRequest.url.pathname ?? '').replace(/^\/+/g, ''),
-                    method: appRequest.method.toUpperCase(),
-                    appRequest,
-                    request,
-                    response,
+                    path: (request.requestUrl.pathname ?? '').replace(/^\/+/g, ''),
+                    method: request.method.toUpperCase(),
                     middlewareChain: [],
                     interceptorChain: [],
+                    sanitizersChain: [],
+                    corsChain: [Reflect.getMetadata(_constants_1.CORS_METADATA, proto)],
                     errorHandlerChain: [Reflect.getMetadata(_constants_1.CATCH, proto)],
                     subPath: Reflect.getMetadata(_constants_1.ROUTE_PREFIX, proto) || '',
                 };
-                const result = await this.routeWalker(context);
+                const result = await this.routeWalker(context, request, response);
                 return result || { status: 404, message: 'Method Not Found' };
             };
-            async routeWalker(context) {
+            async routeWalker(context, request, response) {
                 const { controllerInstance, controllerMeta, path, method, subPath } = context;
                 for (const SubController of controllerMeta.subControllers) {
                     const subInstance = new SubController();
+                    const middlewares = []
+                        .concat(Reflect.getMetadata(_constants_1.MIDDLEWARES, SubController.prototype))
+                        .concat(Reflect.getMetadata(_constants_1.USE_MIDDLEWARE, SubController))
+                        .filter((el) => !!el);
+                    const sanitizers = []
+                        .concat(Reflect.getMetadata(_constants_1.SANITIZE, SubController.prototype))
+                        .concat(Reflect.getMetadata(_constants_1.SANITIZE, SubController))
+                        .filter((el) => !!el);
                     const subMeta = {
                         routePrefix: Reflect.getMetadata(_constants_1.ROUTE_PREFIX, SubController.prototype) || '',
-                        middlewares: Reflect.getMetadata(_constants_1.MIDDLEWARES, SubController.prototype) || [],
+                        middlewares,
                         interceptor: Reflect.getMetadata(_constants_1.INTERCEPTOR, SubController.prototype),
                         errorHandler: Reflect.getMetadata(_constants_1.CATCH, SubController),
                         subControllers: Reflect.getMetadata(_constants_1.CONTROLLERS, SubController.prototype) || [],
+                        cors: Reflect.getMetadata(_constants_1.CORS_METADATA, SubController.prototype) || [],
+                        sanitizers,
                     };
                     const fullSubPath = [subPath, subMeta.routePrefix]
                         .filter(Boolean)
                         .join('/')
                         .replace(/\/+/g, '/');
                     if (path.startsWith(fullSubPath)) {
-                        const subResult = await this.routeWalker({
+                        const walkerData = {
                             ...context,
                             subPath: fullSubPath,
                             controllerInstance: subInstance,
                             controllerMeta: subMeta,
                             path,
                             middlewareChain: [...context.middlewareChain, ...controllerMeta.middlewares],
+                            sanitizersChain: [...context.sanitizersChain, ...controllerMeta.sanitizers],
                             errorHandlerChain: [...context.errorHandlerChain, subMeta.errorHandler].filter((el) => !!el),
                             interceptorChain: [...context.interceptorChain, controllerMeta.interceptor].filter((el) => !!el),
-                        });
+                            corsChain: [...context.corsChain, subMeta.cors].filter((el) => !!el),
+                        };
+                        const subResult = await this.routeWalker(walkerData, request, response);
                         if (subResult && subResult.status !== 404) {
                             return subResult;
                         }
                     }
                 }
-                const routeMatch = this.findRouteInController(controllerInstance, subPath, path, method);
-                if (routeMatch) {
-                    const { name, pathParams, methodMiddlewares, methodInterceptors } = routeMatch;
-                    const allMiddlewares = [
-                        ...context.middlewareChain,
-                        ...controllerMeta.middlewares,
-                        ...methodMiddlewares,
-                    ];
-                    let payload = { ...context.appRequest, params: pathParams };
-                    for (const mw of allMiddlewares) {
-                        const mwResult = await mw(payload, context.request, context.response);
-                        payload = mwResult ?? payload;
-                    }
-                    let apiResponse = await this.getResponse({
-                        interceptors: [...context.interceptorChain, controllerMeta.interceptor].filter((el) => !!el),
-                        controllerInstance,
-                        name,
-                        payload,
-                        response: context.response,
-                        request: context.request,
-                    }).catch((err) => err);
-                    const isError = !_constants_1.OK_STATUSES.includes(apiResponse.status);
-                    if (isError) {
-                        for (const handler of context.errorHandlerChain?.reverse() || []) {
-                            apiResponse = handler(apiResponse);
+                const routeMatch = (0, _utils_1.findRouteInController)(controllerInstance, subPath, path, method);
+                try {
+                    if (routeMatch) {
+                        const { name, pathParams, middlewares, cors, sanitizers } = routeMatch;
+                        Object.assign(request, { params: pathParams });
+                        const handledCors = context.corsChain
+                            .concat(cors ?? [])
+                            .flat()
+                            .reduce((acc, conf) => {
+                            const cors = (0, _utils_1.handleCORS)(request, response, conf);
+                            return {
+                                permitted: acc.permitted && cors.permitted,
+                                continue: acc.continue && cors.continue,
+                            };
+                        }, { permitted: true, continue: true });
+                        if (!handledCors.permitted) {
+                            return { status: 403, message: 'Cors: Origin not allowed' };
                         }
-                    }
-                    return apiResponse;
-                }
-                return null;
-            }
-            getAllMethods(obj) {
-                let methods = new Set();
-                let current = Object.getPrototypeOf(obj);
-                while (current && current !== Object.prototype) {
-                    Object.getOwnPropertyNames(current).forEach((name) => {
-                        if (name !== 'constructor' && typeof current[name] === 'function') {
-                            methods.add(name);
+                        if (!handledCors.continue && handledCors.permitted) {
+                            return { status: 204 };
                         }
-                    });
-                    current = Object.getPrototypeOf(current);
-                }
-                return Array.from(methods);
-            }
-            findRouteInController(instance, path, route, method) {
-                const prototype = Object.getPrototypeOf(instance);
-                const propertyNames = this.getAllMethods(instance);
-                const matches = [];
-                for (const name of propertyNames) {
-                    if ([
-                        'constructor',
-                        'getResponse',
-                        'routeWalker',
-                        'getAllMethods',
-                        'findRouteInController',
-                    ].includes(name))
-                        continue;
-                    const endpointMeta = Reflect.getMetadata(_constants_1.ENDPOINT, prototype, name) || [];
-                    if (endpointMeta.length === 0)
-                        continue;
-                    const [httpMethod, routePattern] = endpointMeta;
-                    if (httpMethod !== method && httpMethod !== 'USE') {
-                        continue;
-                    }
-                    if (httpMethod === 'USE') {
-                        let useRoute = route.split('/');
-                        useRoute.pop();
-                        route = useRoute.join('/');
-                    }
-                    const current = [path, routePattern].join('/').replace(/\/+/g, '/');
-                    const pathParams = (0, _utils_1.matchRoute)(current, route);
-                    if (pathParams) {
-                        const priority = httpMethod === 'USE' ? 0 : Object.keys(pathParams).length > 0 ? 1 : 2;
-                        matches.push({
-                            name,
-                            pathParams,
-                            priority,
-                            methodMiddlewares: Reflect.getMetadata(_constants_1.MIDDLEWARES, prototype, name) || [],
-                            methodInterceptors: Reflect.getMetadata(_constants_1.INTERCEPTOR, prototype, name) || [],
+                        const controllerMiddlewares = [
+                            ...context.middlewareChain,
+                            ...controllerMeta.middlewares,
+                        ];
+                        const controllerSanitizers = [
+                            ...context.sanitizersChain,
+                            ...controllerMeta.sanitizers,
+                        ].filter((el) => !!el);
+                        await (0, _utils_1.applyMiddlewaresVsSanitizers)(request, response, {
+                            sanitizers: [controllerSanitizers, sanitizers],
+                            middlewares: [controllerMiddlewares, middlewares],
                         });
+                        let apiResponse = await (0, _utils_1.getResponse)({
+                            interceptors: [...context.interceptorChain, controllerMeta.interceptor].filter((el) => !!el),
+                            controllerInstance,
+                            name,
+                            response: response,
+                            request: request,
+                        }).catch((err) => err);
+                        const isError = !_constants_1.OK_STATUSES.includes(apiResponse.status);
+                        if (isError) {
+                            for (const handler of context.errorHandlerChain?.reverse() || []) {
+                                apiResponse = handler(apiResponse, request, response);
+                            }
+                        }
+                        return apiResponse;
                     }
                 }
-                matches.sort((a, b) => b.priority - a.priority);
-                return matches[0] || null;
+                catch (errror) {
+                    let data = { status: 500, ...errror };
+                    for (const handler of context.errorHandlerChain?.reverse() || []) {
+                        const res = await handler(errror, request, response);
+                        Object.assign(data, res);
+                    }
+                    return data;
+                }
+                return null;
             }
         };
     };

package/dist/core/Endpoint.js

@@ -27,8 +27,7 @@ function Endpoint(method, pathPattern, middlewares) {
             return descriptor;
         }
         if (method && pathPattern) {
-            Reflect.defineMetadata(_constants_1.ENDPOINT, [method, pathPattern], target, propertyKey);
-            Reflect.defineMetadata('middlewares', middlewares || [], target, propertyKey);
+            Reflect.defineMetadata(_constants_1.ENDPOINT, [method, pathPattern, middlewares], target, propertyKey);
         }
         (0, _constants_1.INCREMENT_STATISTIC)('routes');
         return descriptor;

package/dist/core/index.d.ts

@@ -4,7 +4,7 @@
  * This module provides centralized exports for controller and endpoint decorators,
  * as well as related types and utility functions used throughout the core framework.
  */
-export { AppRequest, EndpointResponse, ErrorCB, HttpError, IController, InterceptorCB, IWebSocketService, MiddlewareCB, ResponseWithStatus, Router, WebSocketClient, WebSocketEvent, WebSocketMessage, } from '../types/index.js';
+export { AppRequest, CORSConfig, EndpointResponse, ErrorCB, HttpError, IController, InterceptorCB, IWebSocketService, MiddlewareCB, MultipartFile, ResponseWithStatus, WebSocketClient, WebSocketEvent, WebSocketMessage, } from '../types/index.js';
 export * from './Controller';
 export * from './Endpoint';
 export * from './utils';

package/dist/core/utils/index.d.ts

@@ -1,4 +1,2 @@
 export * from './extractors';
-export * from './helpers';
-export * from './middlewares';
 export * from './websocket';

package/dist/core/utils/index.js

@@ -15,6 +15,4 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./extractors"), exports);
-__exportStar(require("./helpers"), exports);
-__exportStar(require("./middlewares"), exports);
 __exportStar(require("./websocket"), exports);

package/dist/examples/app.d.ts

@@ -1,4 +1,3 @@
-import 'reflect-metadata';
 export declare class Root {
 }
 export declare class App {

package/dist/examples/app.js

@@ -1,21 +1,75 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
 var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
     var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
     if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
     else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
     return c > 3 && r && Object.defineProperty(target, key, r), r;
 };
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.App = exports.Root = void 0;
+const Joi = __importStar(require("joi"));
 const core_1 = require("quantum-flow/core");
 const http_1 = require("quantum-flow/http");
-require("reflect-metadata");
+const middlewares_1 = require("quantum-flow/middlewares");
 const user_1 = require("./controllers/user");
 let Root = class Root {
 };
 exports.Root = Root;
 exports.Root = Root = __decorate([
-    (0, core_1.Controller)({ prefix: 'api', controllers: [user_1.User] })
+    (0, core_1.Controller)({
+        prefix: 'api',
+        controllers: [user_1.User],
+        middlewares: [function Global(req, res, next) { }],
+    }),
+    (0, middlewares_1.Cors)({ origin: '*' }),
+    (0, middlewares_1.Use)(function Global1(req, res, next) {
+        return next();
+    }),
+    (0, middlewares_1.Catch)(function GLOBALCATCH(err) {
+        return { status: 400 };
+    }),
+    (0, middlewares_1.Sanitize)({
+        schema: Joi.object({
+            name: Joi.string().trim().min(2).max(50).required(),
+        }),
+        action: 'both',
+        options: { abortEarly: false },
+        stripUnknown: true,
+        type: 'body',
+    })
 ], Root);
 let App = class App {
 };
@@ -26,9 +80,20 @@ exports.App = App = __decorate([
         websocket: { enabled: true },
         interceptor: (data) => data,
         errorHandler: (err) => err,
+        cors: { origin: '*' },
+        middlewares: [() => { }, () => { }],
     }),
     (0, http_1.Port)(3000),
-    (0, core_1.Use)((data) => data),
-    (0, core_1.Use)((data) => data),
-    (0, core_1.Catch)((err) => err)
+    (0, middlewares_1.Use)(() => { }),
+    (0, middlewares_1.Use)([() => { }, () => { }]),
+    (0, middlewares_1.Catch)((err) => err),
+    (0, middlewares_1.Sanitize)({
+        schema: Joi.object({
+            name: Joi.string().trim().min(2).max(50).required(),
+        }),
+        action: 'both',
+        options: { abortEarly: false },
+        stripUnknown: true,
+        type: 'headers',
+    })
 ], App);