te.js 2.0.3 → 2.1.1

package/server/files/uploader.js

@@ -1,143 +1,143 @@
-import { filesize } from 'filesize';
-import fs from 'node:fs';
-import TejError from './../error.js';
-import { extAndType, extract, paths } from './helper.js';
-
-class TejFileUploader {
-  /*
-   * @param {Object} options
-   * @param {string} options.destination - Destination to upload file to
-   * @param {string} options.name - Name of the file
-   * @param {number} options.maxFileSize - Maximum file size in bytes
-   */
-  constructor(options = {}) {
-    this.destination = options.destination;
-    this.name = options.name;
-    this.maxFileSize = options.maxFileSize;
-  }
-
-  file() {
-    const keys = [...arguments];
-    return async (ammo, next) => {
-      if (!ammo.headers['content-type'].startsWith('multipart/form-data'))
-        return next();
-
-      const payload = ammo.payload;
-      const updatedPayload = {};
-
-      for (const part in payload) {
-        const obj = payload[part];
-        const contentDisposition = obj.headers['content-disposition'];
-
-        const { ext, type } = extAndType(obj);
-
-        const key = extract(contentDisposition, 'name');
-        if (!key) continue;
-
-        if (!ext || ext === 'txt') {
-          updatedPayload[key] = obj.value;
-        } else {
-          if (!keys.includes(key)) continue;
-
-          const filename = extract(contentDisposition, 'filename');
-          if (!filename) continue;
-
-          const { dir, absolute, relative } = paths(this.destination, filename);
-          const size = filesize(obj.value.length,
-            { output: 'object', round: 0 });
-          const maxSize = filesize(this.maxFileSize,
-            { output: 'object', round: 0 });
-          if (this.maxFileSize && obj.value.length > this.maxFileSize)
-            throw new TejError(413,
-              `File size exceeds ${maxSize.value} ${maxSize.symbol}`);
-
-          if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
-          fs.writeFileSync(absolute, obj.value, 'binary');
-
-          updatedPayload[key] = {
-            filename,
-            extension: ext,
-            path: {
-              absolute: absolute,
-              relative: relative
-            },
-            mimetype: type,
-            size
-          };
-        }
-      }
-
-      ammo.payload = updatedPayload;
-      next();
-    };
-  }
-
-  files() {
-    const keys = [...arguments];
-    return async (ammo, next) => {
-      if (!ammo.headers['content-type'].startsWith('multipart/form-data'))
-        return next();
-
-      const payload = ammo.payload;
-      const updatedPayload = {};
-      const files = [];
-
-      for (const part in payload) {
-        const obj = payload[part];
-        const contentDisposition = obj.headers['content-disposition'];
-
-        const { ext, type } = extAndType(obj);
-        if (!ext) continue;
-
-        const key = extract(contentDisposition, 'name');
-        if (ext === 'txt') {
-          updatedPayload[key] = obj.value;
-        } else {
-          if (!keys.includes(key)) continue;
-
-          const filename = extract(contentDisposition, 'filename');
-          if (!filename) continue;
-
-          const { dir, absolute, relative } = paths(this.destination, filename);
-          const size = filesize(obj.value.length,
-            { output: 'object', round: 0 });
-          const maxSize = filesize(this.maxFileSize,
-            { output: 'object', round: 0 });
-          if (this.maxFileSize && obj.value.length > this.maxFileSize) {
-            throw new TejError(413,
-              `File size exceeds ${maxSize.value} ${maxSize.symbol}`);
-          }
-
-          if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
-          fs.writeFileSync(absolute, obj.value, 'binary');
-
-          files.push({
-            key,
-            filename,
-            path: {
-              absolute: absolute,
-              relative: relative
-            },
-            mimetype: type,
-            size
-          });
-        }
-      }
-
-      const groupedFilesByKey = files.reduce((acc, file) => {
-        if (!acc[file.key]) acc[file.key] = [];
-        acc[file.key].push(file);
-        return acc;
-      }, {});
-
-      for (const key in groupedFilesByKey) {
-        updatedPayload[key] = groupedFilesByKey[key];
-      }
-
-      ammo.payload = updatedPayload;
-      next();
-    };
-  }
-}
-
-export default TejFileUploader;
+import { filesize } from 'filesize';
+import fs from 'node:fs';
+import TejError from './../error.js';
+import { extAndType, extract, paths } from './helper.js';
+
+class TejFileUploader {
+  /*
+   * @param {Object} options
+   * @param {string} options.destination - Destination to upload file to
+   * @param {string} options.name - Name of the file
+   * @param {number} options.maxFileSize - Maximum file size in bytes
+   */
+  constructor(options = {}) {
+    this.destination = options.destination;
+    this.name = options.name;
+    this.maxFileSize = options.maxFileSize;
+  }
+
+  file() {
+    const keys = [...arguments];
+    return async (ammo, next) => {
+      if (!ammo.headers['content-type'].startsWith('multipart/form-data'))
+        return next();
+
+      const payload = ammo.payload;
+      const updatedPayload = {};
+
+      for (const part in payload) {
+        const obj = payload[part];
+        const contentDisposition = obj.headers['content-disposition'];
+
+        const { ext, type } = extAndType(obj);
+
+        const key = extract(contentDisposition, 'name');
+        if (!key) continue;
+
+        if (!ext || ext === 'txt') {
+          updatedPayload[key] = obj.value;
+        } else {
+          if (!keys.includes(key)) continue;
+
+          const filename = extract(contentDisposition, 'filename');
+          if (!filename) continue;
+
+          const { dir, absolute, relative } = paths(this.destination, filename);
+          const size = filesize(obj.value.length,
+            { output: 'object', round: 0 });
+          const maxSize = filesize(this.maxFileSize,
+            { output: 'object', round: 0 });
+          if (this.maxFileSize && obj.value.length > this.maxFileSize)
+            throw new TejError(413,
+              `File size exceeds ${maxSize.value} ${maxSize.symbol}`);
+
+          if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+          fs.writeFileSync(absolute, obj.value, 'binary');
+
+          updatedPayload[key] = {
+            filename,
+            extension: ext,
+            path: {
+              absolute: absolute,
+              relative: relative
+            },
+            mimetype: type,
+            size
+          };
+        }
+      }
+
+      ammo.payload = updatedPayload;
+      next();
+    };
+  }
+
+  files() {
+    const keys = [...arguments];
+    return async (ammo, next) => {
+      if (!ammo.headers['content-type'].startsWith('multipart/form-data'))
+        return next();
+
+      const payload = ammo.payload;
+      const updatedPayload = {};
+      const files = [];
+
+      for (const part in payload) {
+        const obj = payload[part];
+        const contentDisposition = obj.headers['content-disposition'];
+
+        const { ext, type } = extAndType(obj);
+        if (!ext) continue;
+
+        const key = extract(contentDisposition, 'name');
+        if (ext === 'txt') {
+          updatedPayload[key] = obj.value;
+        } else {
+          if (!keys.includes(key)) continue;
+
+          const filename = extract(contentDisposition, 'filename');
+          if (!filename) continue;
+
+          const { dir, absolute, relative } = paths(this.destination, filename);
+          const size = filesize(obj.value.length,
+            { output: 'object', round: 0 });
+          const maxSize = filesize(this.maxFileSize,
+            { output: 'object', round: 0 });
+          if (this.maxFileSize && obj.value.length > this.maxFileSize) {
+            throw new TejError(413,
+              `File size exceeds ${maxSize.value} ${maxSize.symbol}`);
+          }
+
+          if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+          fs.writeFileSync(absolute, obj.value, 'binary');
+
+          files.push({
+            key,
+            filename,
+            path: {
+              absolute: absolute,
+              relative: relative
+            },
+            mimetype: type,
+            size
+          });
+        }
+      }
+
+      const groupedFilesByKey = files.reduce((acc, file) => {
+        if (!acc[file.key]) acc[file.key] = [];
+        acc[file.key].push(file);
+        return acc;
+      }, {});
+
+      for (const key in groupedFilesByKey) {
+        updatedPayload[key] = groupedFilesByKey[key];
+      }
+
+      ammo.payload = updatedPayload;
+      next();
+    };
+  }
+}
+
+export default TejFileUploader;

package/server/handler.js

@@ -1,113 +1,158 @@
-import { env } from 'tej-env';
-import TejLogger from 'tej-logger';
-import logHttpRequest from '../utils/request-logger.js';
-
-import Ammo from './ammo.js';
-import TejError from './error.js';
-import targetRegistry from './targets/registry.js';
-
-const errorLogger = new TejLogger('Tejas.Exception');
-
-/**
- * Executes the middleware and handler chain for a given target.
- *
- * @param {Object} target - The target endpoint object.
- * @param {Ammo} ammo - The Ammo instance containing request and response objects.
- * @returns {Promise<void>} A promise that resolves when the chain execution is complete.
- */
-const executeChain = async (target, ammo) => {
-  let i = 0;
-
-  const chain = targetRegistry.globalMiddlewares.concat(
-    target.getMiddlewares(),
-  );
-  chain.push(target.getHandler());
-
-  const next = async () => {
-    // Check if response has already been sent (e.g., by passport.authenticate redirect)
-    if (ammo.res.headersSent || ammo.res.writableEnded || ammo.res.finished) {
-      return;
-    }
-
-    const middleware = chain[i];
-    i++;
-
-    const args =
-      middleware.length === 3 ? [ammo.req, ammo.res, next] : [ammo, next];
-
-    try {
-      const result = await middleware(...args);
-      
-      // Check again after middleware execution (passport might have redirected)
-      if (ammo.res.headersSent || ammo.res.writableEnded || ammo.res.finished) {
-        return;
-      }
-      
-      // If middleware returned a promise that resolved, continue chain
-      if (result && typeof result.then === 'function') {
-        await result;
-        // Check one more time after promise resolution
-        if (ammo.res.headersSent || ammo.res.writableEnded || ammo.res.finished) {
-          return;
-        }
-      }
-    } catch (err) {
-      // Only handle error if response hasn't been sent
-      if (!ammo.res.headersSent && !ammo.res.writableEnded && !ammo.res.finished) {
-        errorHandler(ammo, err);
-      }
-    }
-  };
-
-  await next();
-};
-
-/**
- * Handles errors by logging them and sending an appropriate response.
- *
- * @param {Ammo} ammo - The Ammo instance containing request and response objects.
- * @param {Error} err - The error object to handle.
- */
-const errorHandler = (ammo, err) => {
-  if (env('LOG_EXCEPTIONS')) errorLogger.error(err);
-
-  if (err instanceof TejError) return ammo.throw(err);
-  return ammo.throw(err);
-};
-
-/**
- * Main request handler function.
- *
- * @param {http.IncomingMessage} req - The HTTP request object.
- * @param {http.ServerResponse} res - The HTTP response object.
- * @returns {Promise<void>} A promise that resolves when the request handling is complete.
- */
-const handler = async (req, res) => {
-  const url = req.url.split('?')[0];
-  const match = targetRegistry.aim(url);
-  const ammo = new Ammo(req, res);
-
-  try {
-    if (match && match.target) {
-      await ammo.enhance();
-
-      // Add route parameters to ammo.payload
-      if (match.params && Object.keys(match.params).length > 0) {
-        Object.assign(ammo.payload, match.params);
-      }
-
-      if (env('LOG_HTTP_REQUESTS')) logHttpRequest(ammo);
-      await executeChain(match.target, ammo);
-    } else {
-      if (req.url === '/') {
-        ammo.defaultEntry();
-      } else {
-        errorHandler(ammo, new TejError(404, `URL not found: ${url}`));
-      }
-    }
-  } catch (err) {
-    errorHandler(ammo, err);
-  }
-};
-
-export default handler;
+import { env } from 'tej-env';
+import TejLogger from 'tej-logger';
+import logHttpRequest from '../utils/request-logger.js';
+
+import Ammo from './ammo.js';
+import TejError from './error.js';
+import targetRegistry from './targets/registry.js';
+
+const errorLogger = new TejLogger('Tejas.Exception');
+
+const DEFAULT_ALLOWED_METHODS = [
+  'GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'HEAD', 'OPTIONS',
+];
+
+/**
+ * Returns the set of allowed HTTP methods (configurable via allowedMethods in tejas.config.json or ALLOWEDMETHODS env).
+ * @returns {Set<string>}
+ */
+const getAllowedMethods = () => {
+  const raw = env('ALLOWEDMETHODS');
+  if (raw == null) return new Set(DEFAULT_ALLOWED_METHODS);
+  const arr = Array.isArray(raw)
+    ? raw
+    : (typeof raw === 'string' ? raw.split(',').map((s) => s.trim()) : []);
+  const normalized = arr.map((m) => String(m).toUpperCase()).filter(Boolean);
+  return normalized.length > 0 ? new Set(normalized) : new Set(DEFAULT_ALLOWED_METHODS);
+};
+
+/**
+ * Executes the middleware and handler chain for a given target.
+ *
+ * @param {Object} target - The target endpoint object.
+ * @param {Ammo} ammo - The Ammo instance containing request and response objects.
+ * @returns {Promise<void>} A promise that resolves when the chain execution is complete.
+ */
+const executeChain = async (target, ammo) => {
+  let i = 0;
+
+  const chain = targetRegistry.globalMiddlewares.concat(
+    target.getMiddlewares(),
+  );
+  chain.push(target.getHandler());
+
+  const next = async () => {
+    // Check if response has already been sent (e.g., by passport.authenticate redirect)
+    if (ammo.res.headersSent || ammo.res.writableEnded || ammo.res.finished) {
+      return;
+    }
+
+    const middleware = chain[i];
+    i++;
+
+    const args =
+      middleware.length === 3 ? [ammo.req, ammo.res, next] : [ammo, next];
+
+    try {
+      const result = await middleware(...args);
+      
+      // Check again after middleware execution (passport might have redirected)
+      if (ammo.res.headersSent || ammo.res.writableEnded || ammo.res.finished) {
+        return;
+      }
+      
+      // If middleware returned a promise that resolved, continue chain
+      if (result && typeof result.then === 'function') {
+        await result;
+        // Check one more time after promise resolution
+        if (ammo.res.headersSent || ammo.res.writableEnded || ammo.res.finished) {
+          return;
+        }
+      }
+    } catch (err) {
+      // Only handle error if response hasn't been sent
+      if (!ammo.res.headersSent && !ammo.res.writableEnded && !ammo.res.finished) {
+        await errorHandler(ammo, err);
+      }
+    }
+  };
+
+  await next();
+};
+
+/**
+ * Handles errors: optional logging (log.exceptions) and sending the response via ammo.throw(err).
+ * One mechanism — ammo.throw — takes care of everything (no separate "log then send").
+ * When errors.llm.enabled, framework-caught errors get the same LLM-inferred response as explicit ammo.throw().
+ * When ammo.throw() returns a Promise (LLM path), waits for it to complete.
+ *
+ * @param {Ammo} ammo - The Ammo instance containing request and response objects.
+ * @param {Error} err - The error object to handle.
+ * @returns {Promise<void>}
+ */
+const errorHandler = async (ammo, err) => {
+  if (env('LOG_EXCEPTIONS')) errorLogger.error(err);
+
+  const result = ammo.throw(err);
+  if (result != null && typeof result.then === 'function') {
+    await result;
+  }
+};
+
+/**
+ * Main request handler function.
+ *
+ * @param {http.IncomingMessage} req - The HTTP request object.
+ * @param {http.ServerResponse} res - The HTTP response object.
+ * @returns {Promise<void>} A promise that resolves when the request handling is complete.
+ */
+const handler = async (req, res) => {
+  const allowedMethods = getAllowedMethods();
+  const method = req.method ? String(req.method).toUpperCase() : '';
+  if (!method || !allowedMethods.has(method)) {
+    res.writeHead(405, {
+      'Content-Type': 'text/plain',
+      Allow: [...allowedMethods].join(', '),
+    });
+    res.end('Method Not Allowed');
+    return;
+  }
+
+  const url = req.url.split('?')[0];
+  const match = targetRegistry.aim(url);
+  const ammo = new Ammo(req, res);
+
+  try {
+    if (match && match.target) {
+      await ammo.enhance();
+
+      const allowedMethods = match.target.getMethods();
+      if (allowedMethods != null && allowedMethods.length > 0) {
+        const method = ammo.method && String(ammo.method).toUpperCase();
+        if (!method || !allowedMethods.includes(method)) {
+          ammo.res.setHeader('Allow', allowedMethods.join(', '));
+          await errorHandler(ammo, new TejError(405, 'Method Not Allowed'));
+          return;
+        }
+      }
+
+      // Add route parameters to ammo.payload
+      if (match.params && Object.keys(match.params).length > 0) {
+        Object.assign(ammo.payload, match.params);
+      }
+
+      if (env('LOG_HTTP_REQUESTS')) logHttpRequest(ammo);
+      await executeChain(match.target, ammo);
+    } else {
+      if (req.url === '/') {
+        ammo.defaultEntry();
+      } else {
+        await errorHandler(ammo, new TejError(404, `URL not found: ${url}`));
+      }
+    }
+  } catch (err) {
+    await errorHandler(ammo, err);
+  }
+};
+
+export default handler;