quantum-flow 1.3.9 → 1.4.0

package/README.md

@@ -41,7 +41,8 @@ import {
   Request,
   Response,
   Status,
-  USE
+  USE,
+  CORS
 } from 'quantum-flow/core';
 import {IsString} from  'class-validator'
 
@@ -58,10 +59,12 @@ class UserDto {
     return { data, intercepted: true };
   },
 })
+@CORS({ origin: '*' })
 @Catch((err) => ({ status: 500, err }))
 export class User {
   @Status(201)
   @PUT(':id',[...middlewares])
+  @CORS({ origin: '*' })
   async createUser(
     @Body(UserDto) body: UserDto,
     @Query() query: any,
@@ -97,7 +100,7 @@ Use the `@Server` decorator with configuration options like port, host, controll
 ```typescript
 import { Server, Port, Host, Use, Catch, HttpServer } from 'quantum-flow/http';
 
-@Server({ controllers: [RootController] })
+@Server({ controllers: [RootController], cors: { origin: '*' } })
 @Port(3000)
 @Host('localhost')
 @Use((data) => data)
@@ -115,6 +118,7 @@ server.listen().catch(console.error);
 - Use `@Use` to apply middlewares.
 - Use `@Catch` to handle errors.
 - Use `@Port` and `@Host` to configure server port and host.
+- Use `@CORS` to configure cors.
 
 ## Request decorators
 
@@ -160,8 +164,6 @@ Enable WebSocket in the server configuration and register WebSocket controllers.
 export class Socket {
   @OnConnection()
   onConnection(event: WebSocketEvent) {
-    console.log(`✅ Connected: ${event.client.id}`);
-
     // Send greeting ONLY to this client
     event.client.socket.send(
       JSON.stringify({
@@ -181,8 +183,6 @@ export class Socket {
     // The message is ALREADY automatically broadcast to all!
 
     const msg = event.message?.data;
-    console.log(`💬 Message in chat: ${msg?.text}`);
-
     // You can add logic, but no need to broadcast
     if (msg?.text.includes('bad')) {
       // If return empty, the message will not be sent
@@ -197,7 +197,6 @@ export class Socket {
    */
   @Subscribe('news')
   onNewsMessage(event: WebSocketEvent) {
-    console.log(`📰 News: ${event.message?.data.title}`);
     // Automatic broadcast to all subscribed to 'news'
   }
 
@@ -221,7 +220,6 @@ export class Socket {
   @OnMessage('subscribe')
   onSubscribe(event: WebSocketEvent) {
     const topic = event.message?.data.topic;
-    console.log(`📌 Client ${event.client.id} subscribed to ${topic}`);
 
     // Server will save the subscription automatically, no need to do anything!
     // Just confirm

package/dist/app/aws/helpers.d.ts

@@ -0,0 +1,25 @@
+import { AppRequest, HTTP_METHODS } from '../../types/index.js';
+import { IncomingHttpHeaders } from 'http';
+export declare class LResponse {
+    headers: IncomingHttpHeaders;
+    constructor();
+    setHeader(header: string, value: string): void;
+}
+export declare class LRequest {
+    headers: IncomingHttpHeaders;
+    url: URL;
+    method: HTTP_METHODS;
+    path?: string;
+    query?: any;
+    params?: any;
+    body: any;
+    cookies: Record<string, string>;
+    _startTime: number;
+    event?: any;
+    context?: any;
+    requestId?: string;
+    stage?: string;
+    sourceIp?: string;
+    userAgent?: string;
+    constructor(request: AppRequest);
+}

package/dist/app/aws/helpers.js

@@ -0,0 +1,46 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LRequest = exports.LResponse = void 0;
+class LResponse {
+    headers = {};
+    constructor() { }
+    setHeader(header, value) {
+        this.headers[header] = value;
+    }
+}
+exports.LResponse = LResponse;
+class LRequest {
+    headers;
+    url;
+    method;
+    path;
+    query;
+    params;
+    body;
+    cookies;
+    _startTime;
+    event;
+    context;
+    requestId;
+    stage;
+    sourceIp;
+    userAgent;
+    constructor(request) {
+        this.headers = { ...request.headers };
+        this.url = request.url;
+        this.method = request.method;
+        this.path = request.path;
+        this.query = request.query;
+        this.params = request.params;
+        this.body = request.body;
+        this.cookies = request.cookies;
+        this._startTime = request._startTime;
+        this.event = request.event;
+        this.context = request.context;
+        this.requestId = request.requestId;
+        this.stage = request.stage;
+        this.sourceIp = request.sourceIp;
+        this.userAgent = request.userAgent;
+    }
+}
+exports.LRequest = LRequest;

package/dist/app/aws/lambda.d.ts

@@ -1,13 +1,10 @@
-import { APIGatewayProxyEvent, APIGatewayProxyResult, Context, Handler } from 'aws-lambda';
-import { LambdaApp, LambdaRequest, LambdaResponse } from '../../types/index.js';
+import { LambdaApp } from '../../types/index.js';
+import { Handler } from 'aws-lambda';
 export declare class LambdaAdapter {
-    private static getHeaderValue;
-    static toRequest(event: APIGatewayProxyEvent, context: Context): LambdaRequest;
-    static createResponseBody(response: any): any;
-    static toLambdaResponse(response: any, request?: LambdaRequest): LambdaResponse;
-    static createHandler(Contoller: new (...args: any[]) => LambdaApp): Handler<APIGatewayProxyEvent, APIGatewayProxyResult>;
-    private static safeHeaders;
-    private static safeParams;
+    static createHandler(Controller: new (...args: any[]) => LambdaApp): Handler;
+    private static getEventType;
+    private static toRequest;
+    private static toLambdaResponse;
+    private static handleError;
     private static getSourceIp;
-    private static getUserAgent;
 }

package/dist/app/aws/lambda.js

@@ -3,242 +3,233 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.LambdaAdapter = void 0;
 const _constants_1 = require("../../constants.js");
 const _utils_1 = require("../../utils/index.js");
+const helpers_1 = require("./helpers");
 class LambdaAdapter {
-    static getHeaderValue(headers, headerName) {
-        const value = headers?.[headerName] || headers?.[headerName.toLowerCase()];
-        if (!value)
-            return undefined;
-        if (Array.isArray(value)) {
-            return value[0];
+    static createHandler(Controller) {
+        return async (event, context) => {
+            const instance = new Controller();
+            if (Object.hasOwn(instance, 'beforeStart')) {
+                await instance.beforeStart?.();
+            }
+            try {
+                const cors = Reflect.getMetadata(_constants_1.CORS_METADATA, instance);
+                const eventType = this.getEventType(event);
+                const normalizedEvent = (0, _utils_1.normalizeEvent)(event, eventType);
+                const request = this.toRequest(normalizedEvent, context);
+                const lambdaRequest = new helpers_1.LRequest(request);
+                const lambdaResponse = new helpers_1.LResponse();
+                let handledCors = { permitted: true, continue: true };
+                if (cors) {
+                    handledCors = (0, _utils_1.handleCORS)(request, lambdaResponse, cors);
+                }
+                if (!handledCors.permitted) {
+                    return this.toLambdaResponse({ status: 403, message: 'CORS: Origin not allowed' }, lambdaRequest, lambdaResponse, eventType);
+                }
+                if (!handledCors.continue && handledCors.permitted) {
+                    return this.toLambdaResponse({ status: 204 }, lambdaRequest, lambdaResponse, eventType);
+                }
+                if (typeof instance.handleRequest !== 'function') {
+                    throw new Error('Controller must have handleRequest method');
+                }
+                const response = await instance.handleRequest(request, lambdaRequest, lambdaResponse);
+                return this.toLambdaResponse(response, lambdaRequest, lambdaResponse, eventType);
+            }
+            catch (error) {
+                return this.handleError(error, event, context);
+            }
+        };
+    }
+    static getEventType(event) {
+        if (event.httpMethod && event.resource) {
+            return 'rest';
+        }
+        if (event.version === '2.0' || event.requestContext?.http) {
+            return 'http';
+        }
+        if (event.version && event.rawPath && !event.requestContext?.http) {
+            return 'url';
         }
-        return value;
+        return 'rest';
     }
     static toRequest(event, context) {
         const query = {};
-        if (event.queryStringParameters) {
+        if (event.multiValueQueryStringParameters) {
+            Object.entries(event.multiValueQueryStringParameters).forEach(([key, value]) => {
+                query[key] = value;
+            });
+        }
+        else {
             Object.entries(event.queryStringParameters).forEach(([key, value]) => {
-                if (event.multiValueQueryStringParameters?.[key]) {
-                    query[key] = event.multiValueQueryStringParameters[key];
-                }
-                else {
-                    query[key] = value || '';
-                }
+                query[key] = value;
             });
         }
         const cookies = {};
-        const cookieHeader = event.headers?.Cookie || event.headers?.cookie;
+        const cookieHeader = event.headers?.Cookie || event.headers?.cookie || event.headers?.cookies;
         if (cookieHeader) {
-            cookieHeader.split(';').forEach((cookie) => {
-                const [name, value] = cookie.trim().split('=');
-                if (name && value) {
-                    cookies[name] = decodeURIComponent(value);
-                }
-            });
-        }
-        let body = (0, _utils_1.ParseBody)(event);
-        const protocol = event.headers?.['x-forwarded-proto'] || 'http';
-        const host = event.headers?.host || 'localhost';
-        const cleanPath = event.path.split('?')[0];
-        const fullUrl = `${protocol}://${host}${cleanPath.startsWith('/') ? '' : '/'}${cleanPath}`;
-        let url;
-        try {
-            url = new URL(fullUrl);
-            if (event.queryStringParameters) {
-                Object.entries(event.queryStringParameters).forEach(([key, value]) => {
-                    if (value)
-                        url.searchParams.append(key, value);
+            if (Array.isArray(cookieHeader)) {
+                cookieHeader.forEach((cookie) => {
+                    const [name, value] = cookie.split('=');
+                    if (name && value)
+                        cookies[name] = decodeURIComponent(value);
+                });
+            }
+            else {
+                cookieHeader.split(';').forEach((cookie) => {
+                    const [name, value] = cookie.trim().split('=');
+                    if (name && value)
+                        cookies[name] = decodeURIComponent(value);
                 });
             }
         }
-        catch (error) {
-            console.error('❌ Failed to create URL:', fullUrl, error);
-            url = new URL('http://localhost/');
+        let rawBody = Buffer.from(event.body ?? '', 'base64');
+        let body = event.body || {};
+        if (event.body && event.isBase64Encoded) {
+            body = rawBody.toString('utf-8');
         }
+        if (typeof body === 'string' && body.trim().startsWith('{')) {
+            try {
+                body = JSON.parse(body);
+            }
+            catch (e) { }
+        }
+        const xForvarded = Array.isArray(event.headers['x-forwarded-proto'])
+            ? event.headers['x-forwarded-proto']?.[0]
+            : event.headers['x-forwarded-proto'];
+        const xhost = Array.isArray(event.headers['host'])
+            ? event.headers['host']?.[0]
+            : event.headers['host'];
+        const protocol = xForvarded || 'https';
+        const host = xhost || 'localhost:3000';
+        const fullUrl = `${protocol}://${host}${event.path}`;
+        let url = new URL(fullUrl);
         return {
-            method: event.httpMethod,
-            path: cleanPath,
+            method: event.httpMethod.toUpperCase(),
             url,
-            headers: this.safeHeaders(event.headers),
+            headers: event.headers,
             query,
             body,
-            params: this.safeParams(event.pathParameters),
+            params: event.pathParameters,
             cookies,
             event,
             context,
-            isBase64Encoded: event.isBase64Encoded || false,
+            rawBody,
+            path: event.path,
+            isBase64Encoded: event.isBase64Encoded,
             requestId: context.awsRequestId,
             stage: event.requestContext?.stage || '$default',
             sourceIp: this.getSourceIp(event),
-            userAgent: this.getUserAgent(event),
+            _startTime: Date.now(),
+            userAgent: typeof event.headers['user-agent'] === 'string'
+                ? event.headers['user-agent']
+                : event.headers['user-agent']?.[0] || 'unknown',
         };
     }
-    static createResponseBody(response) {
-        let body = response;
-        if (response && typeof response === 'object') {
-            if ('data' in response) {
-                body = {
-                    data: response.data,
-                    timestamp: new Date().toISOString(),
-                };
-            }
-            else if (response.body) {
-                return response;
-            }
-            else {
-                body = {
-                    data: response,
-                    timestamp: new Date().toISOString(),
-                };
-            }
-        }
-        return body;
-    }
-    static toLambdaResponse(response, request) {
-        let statusCode = response.status ?? 200;
-        let body = this.createResponseBody(response);
-        let headers = {
+    static toLambdaResponse(appResponse, request, res, eventType) {
+        const statusCode = appResponse.status || 200;
+        const headers = {
             'Content-Type': 'application/json',
-            'X-Request-Id': request?.requestId || 'unknown',
-            'X-Powered-By': 'Lambda Decorators',
+            'X-Request-Id': request.requestId,
+            ...(appResponse.headers || {}),
+            ...res.headers,
         };
-        const cookies = [];
-        if (response && typeof response === 'object') {
-            if ('data' in response) {
-                body = {
-                    success: _constants_1.OK_STATUSES.includes(statusCode),
-                    data: response.data,
-                    timestamp: new Date().toISOString(),
-                    requestId: request?.requestId,
-                };
-            }
-            else if (response.body) {
-                return response;
+        const originHeader = request.headers['origin'] || request.headers['Origin'];
+        let origin;
+        if (originHeader) {
+            if (Array.isArray(originHeader)) {
+                origin = originHeader[0];
             }
             else {
-                body = {
-                    success: _constants_1.OK_STATUSES.includes(statusCode),
-                    data: response,
-                    timestamp: new Date().toISOString(),
-                    requestId: request?.requestId,
-                };
+                origin = originHeader;
             }
         }
-        let origin = LambdaAdapter.getHeaderValue(request?.headers, 'origin');
-        const originHeader = Array.isArray(origin) ? origin[0] : origin;
-        if (originHeader) {
-            headers['Access-Control-Allow-Origin'] = originHeader;
+        if (origin) {
+            headers['Access-Control-Allow-Origin'] = origin;
             headers['Access-Control-Allow-Credentials'] = 'true';
             headers['Access-Control-Allow-Methods'] = 'GET,POST,PUT,DELETE,OPTIONS';
             headers['Access-Control-Allow-Headers'] =
                 'Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token';
         }
-        if (request?.cookies && Object.keys(request.cookies).length > 0) {
-            Object.entries(request.cookies).forEach(([name, value]) => {
-                cookies.push(`${name}=${encodeURIComponent(value)}; Path=/; HttpOnly`);
-            });
-        }
-        const lambdaResponse = {
+        const body = JSON.stringify({
+            success: statusCode < 400,
+            data: appResponse.data,
+            timestamp: new Date().toISOString(),
+        });
+        const commonResponse = {
             statusCode,
             headers,
-            body: JSON.stringify(body),
-            isBase64Encoded: false,
+            body: appResponse.data,
+            timestamp: new Date().toISOString(),
         };
-        if (cookies.length > 0) {
-            lambdaResponse.cookies = cookies;
-        }
-        if (cookies.length > 0) {
-            lambdaResponse.multiValueHeaders = {
-                'Set-Cookie': cookies,
-            };
-        }
-        return lambdaResponse;
-    }
-    static createHandler(Contoller) {
-        const handler = async (event, context) => {
-            const instance = new Contoller();
-            if (Object.hasOwn(instance, 'beforeStart')) {
-                await instance.beforeStart?.();
-            }
-            try {
-                const request = LambdaAdapter.toRequest(event, context);
-                if (typeof instance.handleRequest === 'function') {
-                    const response = await instance.handleRequest(request);
-                    return LambdaAdapter.toLambdaResponse(response, request);
-                }
-                else {
-                    throw new Error('Controller must have handleRequest method');
-                }
-            }
-            catch (error) {
-                console.error('❌ Lambda error:', error);
-                const errorResponse = {
-                    statusCode: error.status || 500,
-                    headers: {
-                        'Content-Type': 'application/json',
-                        'X-Request-Id': context.awsRequestId,
-                        'Access-Control-Allow-Origin': event.headers?.origin || event.headers?.Origin || '*',
-                        'Access-Control-Allow-Credentials': 'true',
-                    },
-                    body: JSON.stringify({
-                        success: false,
-                        message: error.message || 'Internal Server Error',
-                        requestId: context.awsRequestId,
-                    }),
+        switch (eventType) {
+            case 'rest':
+                return { ...commonResponse, isBase64Encoded: false };
+            case 'http':
+                return {
+                    ...commonResponse,
+                    cookies: request.cookies
+                        ? Object.entries(request.cookies).map(([k, v]) => `${k}=${encodeURIComponent(v)}`)
+                        : undefined,
                 };
-                if (error.cookies) {
-                    errorResponse.cookies = error.cookies;
-                }
-                return errorResponse;
-            }
-        };
-        return handler;
-    }
-    static safeHeaders(headers) {
-        const result = {};
-        if (!headers)
-            return result;
-        Object.entries(headers).forEach(([key, value]) => {
-            if (value !== undefined) {
-                result[key] = value;
-            }
-        });
-        return result;
+            case 'url':
+                return {
+                    ...commonResponse,
+                    cookies: request.cookies
+                        ? Object.entries(request.cookies).map(([k, v]) => `${k}=${encodeURIComponent(v)}`)
+                        : undefined,
+                };
+            default:
+                return {
+                    statusCode,
+                    headers,
+                    body,
+                };
+        }
     }
-    static safeParams(params) {
-        const result = {};
-        if (!params)
-            return result;
-        Object.entries(params).forEach(([key, value]) => {
-            if (value !== undefined) {
-                result[key] = value;
-            }
+    static handleError(error, event, context) {
+        const eventType = this.getEventType(event);
+        const statusCode = error.status || 500;
+        const body = JSON.stringify({
+            success: false,
+            message: error.message || 'Internal Server Error',
+            requestId: context.awsRequestId,
         });
-        return result;
+        const headers = {
+            'Content-Type': 'application/json',
+            'X-Request-Id': context.awsRequestId,
+            'Access-Control-Allow-Origin': '*',
+            'Access-Control-Allow-Credentials': 'true',
+        };
+        switch (eventType) {
+            case 'rest':
+                return {
+                    statusCode,
+                    headers,
+                    body,
+                    isBase64Encoded: false,
+                };
+            default:
+                return {
+                    statusCode,
+                    headers,
+                    body,
+                };
+        }
     }
     static getSourceIp(event) {
-        if (event.requestContext?.identity?.sourceIp) {
-            return event.requestContext.identity.sourceIp;
-        }
-        const forwardedFor = event.headers?.['x-forwarded-for'];
+        const forwardedFor = event.headers['x-forwarded-for'];
         if (forwardedFor) {
-            if (typeof forwardedFor === 'string') {
-                return forwardedFor.split(',')[0].trim();
-            }
-            if (Array.isArray(forwardedFor) && forwardedFor.length > 0) {
+            if (Array.isArray(forwardedFor)) {
                 return forwardedFor[0].split(',')[0].trim();
             }
+            return forwardedFor.split(',')[0].trim();
+        }
+        if (event.requestContext?.identity?.sourceIp) {
+            return event.requestContext.identity.sourceIp;
+        }
+        if (event.requestContext?.http?.sourceIp) {
+            return event.requestContext.http.sourceIp;
         }
         return '0.0.0.0';
     }
-    static getUserAgent(event) {
-        const ua = event.headers?.['user-agent'];
-        if (!ua)
-            return 'unknown';
-        if (typeof ua === 'string')
-            return ua;
-        if (Array.isArray(ua) && ua.length > 0)
-            return ua[0];
-        return 'unknown';
-    }
 }
 exports.LambdaAdapter = LambdaAdapter;

package/dist/app/aws/utils/response.d.ts

@@ -0,0 +1,7 @@
+import { AppRequest } from '../../../types/index.js';
+import { IncomingHttpHeaders } from 'http';
+export declare class Response {
+    headers: IncomingHttpHeaders;
+    constructor(request: AppRequest);
+    setHeader(header: string, value: string): void;
+}

package/dist/app/aws/utils/response.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Response = void 0;
+class Response {
+    headers;
+    constructor(request) {
+        this.headers = { ...request.headers };
+    }
+    setHeader(header, value) {
+        this.headers[header] = value;
+    }
+}
+exports.Response = Response;

package/dist/app/http/Application.js

@@ -101,6 +101,16 @@ class HttpServer extends Socket_1.Socket {
         const startTime = Date.now();
         try {
             const request = await this.createRequest(req);
+            let handledCors = { permitted: true, continue: true };
+            if (this.config.cors) {
+                handledCors = (0, _utils_1.handleCORS)(request, res, this.config.cors);
+            }
+            if (!handledCors.permitted) {
+                return this.sendResponse(res, { status: 403, message: 'CORS: Origin not allowed' }, startTime);
+            }
+            if (!handledCors.continue && handledCors.permitted) {
+                return this.sendResponse(res, { status: 204 }, startTime);
+            }
             let appRequest = await this.applyMiddlewares(request, req, res);
             let data = await this.findController(appRequest, req, res);
             const isError = !_constants_1.OK_STATUSES.includes(data.status);

package/dist/app/http/decorators.js

@@ -12,6 +12,7 @@ function Server(config = {}) {
             ...config,
             controllers: [...(existingConfig.controllers || []), ...(config.controllers || [])],
             middlewares: [...(existingConfig.middlewares ?? []), ...(config.middlewares ?? [])],
+            cors: config.cors,
             interceptors: existingConfig.interceptor ?? config.interceptor,
         };
         Reflect.defineMetadata(_constants_1.SERVER_CONFIG_KEY, mergedConfig, target);

package/dist/constants.d.ts

@@ -20,3 +20,4 @@ export declare const OK_STATUSES: number[];
 export declare const TO_VALIDATE: string[];
 export declare const STATISTIC: Record<'controllers' | 'routes', number>;
 export declare const INCREMENT_STATISTIC: (prop: "controllers" | "routes") => void;
+export declare const CORS_METADATA = "cors:config";

package/dist/constants.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.INCREMENT_STATISTIC = exports.STATISTIC = exports.TO_VALIDATE = exports.OK_STATUSES = exports.STOPPED = exports.CATCH = exports.INTECEPT = exports.WS_SERVICE_KEY = exports.WS_TOPIC_KEY = exports.WS_METADATA_KEY = exports.USE_MIDDLEWARE = exports.SERVER_MODULES_KEY = exports.SERVER_CONFIG_KEY = exports.OK_METADATA_KEY = exports.ENDPOINT = exports.INTERCEPTOR = exports.CONTROLLERS = exports.MIDDLEWARES = exports.ROUTE_MIDDLEWARES = exports.ROUTE_PREFIX = exports.APP_METADATA_KEY = exports.PARAM_METADATA_KEY = void 0;
+exports.CORS_METADATA = exports.INCREMENT_STATISTIC = exports.STATISTIC = exports.TO_VALIDATE = exports.OK_STATUSES = exports.STOPPED = exports.CATCH = exports.INTECEPT = exports.WS_SERVICE_KEY = exports.WS_TOPIC_KEY = exports.WS_METADATA_KEY = exports.USE_MIDDLEWARE = exports.SERVER_MODULES_KEY = exports.SERVER_CONFIG_KEY = exports.OK_METADATA_KEY = exports.ENDPOINT = exports.INTERCEPTOR = exports.CONTROLLERS = exports.MIDDLEWARES = exports.ROUTE_MIDDLEWARES = exports.ROUTE_PREFIX = exports.APP_METADATA_KEY = exports.PARAM_METADATA_KEY = void 0;
 exports.PARAM_METADATA_KEY = 'design:parameters';
 exports.APP_METADATA_KEY = 'app:configuration';
 exports.ROUTE_PREFIX = 'route:prefix';
@@ -34,3 +34,4 @@ const INCREMENT_STATISTIC = (prop) => {
     exports.STATISTIC[prop] = exports.STATISTIC[prop] + 1;
 };
 exports.INCREMENT_STATISTIC = INCREMENT_STATISTIC;
+exports.CORS_METADATA = 'cors:config';