tezx 1.0.36 → 1.0.38

package/cjs/core/context.js

@@ -98,7 +98,7 @@ class Context {
         return this;
     }
     get cookies() {
-        const c = this.headers.getAll("cookie");
+        const c = this.req.headers.getAll("cookie");
         let cookies = {};
         if (Array.isArray(c) && c.length != 0) {
             const cookieHeader = c.join("; ").split(";");
@@ -167,8 +167,8 @@ class Context {
         else if (typeof args[0] === "object") {
             headers = args[0];
         }
-        if ((!headers["Content-Type"] && !headers['content-type'])) {
-            if (typeof body === "string" || typeof body == 'number') {
+        if (!headers["Content-Type"] && !headers["content-type"]) {
+            if (typeof body === "string" || typeof body == "number") {
                 headers["Content-Type"] = "text/plain;";
             }
             else if (typeof body === "object" && body !== null) {

package/cjs/core/request.js

@@ -1,12 +1,12 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Request = void 0;
-const environment_1 = require("./environment");
-const header_1 = require("./header");
 const formData_1 = require("../utils/formData");
 const url_1 = require("../utils/url");
+const environment_1 = require("./environment");
+const header_1 = require("./header");
 class Request {
-    headers = new header_1.HeadersParser();
+    #headers = new header_1.HeadersParser();
     url;
     method;
     urlRef = {
@@ -27,13 +27,13 @@ class Request {
     remoteAddress = {};
     constructor(req, params, remoteAddress) {
         this.remoteAddress = remoteAddress;
-        this.headers = new header_1.HeadersParser(req?.headers);
+        this.#headers = new header_1.HeadersParser(req?.headers);
         this.method = req?.method?.toUpperCase();
         this.params = params;
         this.rawRequest = req;
         if (environment_1.EnvironmentDetector.getEnvironment == "node") {
             const protocol = environment_1.EnvironmentDetector.detectProtocol(req);
-            const host = environment_1.EnvironmentDetector.getHost(this.headers);
+            const host = environment_1.EnvironmentDetector.getHost(this.#headers);
             this.url = `${protocol}://${host}${req.url}`;
         }
         else {
@@ -42,11 +42,40 @@ class Request {
         this.urlRef = (0, url_1.urlParse)(this.url);
         this.query = this.urlRef.query;
     }
+    get headers() {
+        let requestHeaders = this.#headers;
+        return {
+            get: function get(key) {
+                return requestHeaders.get(key.toLowerCase());
+            },
+            getAll: function getAll(key) {
+                return requestHeaders.get(key.toLowerCase()) || [];
+            },
+            has: function has(key) {
+                return requestHeaders.has(key.toLowerCase());
+            },
+            entries: function entries() {
+                return requestHeaders.entries();
+            },
+            keys: function keys() {
+                return requestHeaders.keys();
+            },
+            values: function values() {
+                return requestHeaders.values();
+            },
+            forEach: function forEach(callback) {
+                return requestHeaders.forEach(callback);
+            },
+            toObject: function toObject() {
+                return requestHeaders.toObject();
+            },
+        };
+    }
     async text() {
         return await (0, formData_1.parseTextBody)(this.rawRequest);
     }
     async json() {
-        const contentType = this.headers.get("content-type") || "";
+        const contentType = this.#headers.get("content-type") || "";
         if (contentType.includes("application/json")) {
             return await (0, formData_1.parseJsonBody)(this.rawRequest);
         }
@@ -55,7 +84,7 @@ class Request {
         }
     }
     async formData(options) {
-        const contentType = this.headers.get("content-type") || "";
+        const contentType = this.#headers.get("content-type") || "";
         if (!contentType) {
             throw Error("Invalid Content-Type");
         }

package/cjs/core/router.js

@@ -5,7 +5,6 @@ const staticFile_1 = require("../utils/staticFile");
 const url_1 = require("../utils/url");
 const config_1 = require("./config");
 const MiddlewareConfigure_1 = require("./MiddlewareConfigure");
-;
 class TrieRouter {
     children = new Map();
     handlers = new Map();

package/cjs/core/server.js

@@ -133,7 +133,7 @@ class TezX extends router_1.Router {
                     return (await this.#createHandler(middlewares, callback)(ctx));
                 }
                 else {
-                    let res = await config_1.GlobalConfig.notFound(ctx);
+                    let res = (await config_1.GlobalConfig.notFound(ctx));
                     ctx.setStatus = res.status;
                     return res;
                 }

package/cjs/index.js

@@ -7,4 +7,4 @@ var server_1 = require("./core/server");
 Object.defineProperty(exports, "TezX", { enumerable: true, get: function () { return server_1.TezX; } });
 var params_1 = require("./utils/params");
 Object.defineProperty(exports, "useParams", { enumerable: true, get: function () { return params_1.useParams; } });
-exports.version = "1.0.36";
+exports.version = "1.0.38";

package/cjs/middleware/detectBot.js

@@ -0,0 +1,104 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.detectBot = void 0;
+exports.createRateLimitDefaultStorage = createRateLimitDefaultStorage;
+exports.isRateLimit = isRateLimit;
+const config_1 = require("../core/config");
+const detectBot = (options = {}) => {
+    const { botUserAgents = ["bot", "spider", "crawl", "slurp"], maxRequests = 30, windowMs = 60000, isBlacklistedIP = async () => false, queryKeyBot = "bot", onBotDetected = "block", enableRateLimiting = false, customBotDetector = async () => false, customBlockedResponse = (ctx, { reason }) => {
+        ctx.setStatus = 403;
+        ctx.body = { error: `Bot detected: ${reason}` };
+    }, storage, confidenceThreshold = 0.5, } = options;
+    let store = storage;
+    if (enableRateLimiting) {
+        store = createRateLimitDefaultStorage();
+    }
+    return async (ctx, next) => {
+        const detectionResult = {
+            isBot: false,
+            indicators: [],
+        };
+        const userAgent = ctx.headers.get("user-agent")?.toLowerCase() || "";
+        const ip = ctx.req.remoteAddress?.address || "unknown";
+        const isBotQuery = ctx.req.query[queryKeyBot] === "true";
+        if (botUserAgents.some((agent) => userAgent.includes(agent))) {
+            detectionResult.indicators.push("User-Agent");
+        }
+        if (await isBlacklistedIP(ip)) {
+            detectionResult.indicators.push("Blacklisted IP");
+        }
+        if (isBotQuery) {
+            detectionResult.indicators.push("Query Parameter");
+        }
+        const key = `${ctx.req.remoteAddress.address}:${ctx.req.remoteAddress.port}`;
+        if (enableRateLimiting &&
+            isRateLimit(ctx, key, store, maxRequests, windowMs).check) {
+            detectionResult.indicators.push("Rate Limiting");
+        }
+        if (await customBotDetector(ctx)) {
+            detectionResult.indicators.push("Custom Detector");
+        }
+        detectionResult.isBot = detectionResult.indicators.length > 0;
+        if (detectionResult.indicators.length > 1) {
+            detectionResult.reason = "Multiple Indicators";
+            const confidence = Math.min(0.3 * detectionResult.indicators.length, 1);
+            detectionResult.isBot = confidence >= confidenceThreshold;
+        }
+        else if (detectionResult.indicators.length === 1) {
+            detectionResult.reason = detectionResult.indicators[0];
+        }
+        if (detectionResult.isBot) {
+            config_1.GlobalConfig.debugging.warn(`Bot detected: ${detectionResult.reason}`, {
+                ip,
+                userAgent,
+                indicators: detectionResult.indicators,
+            });
+            if (onBotDetected === "block") {
+                return customBlockedResponse(ctx, detectionResult);
+            }
+            else if (typeof onBotDetected === "function") {
+                return onBotDetected(ctx, detectionResult);
+            }
+        }
+        return await next();
+    };
+};
+exports.detectBot = detectBot;
+function createRateLimitDefaultStorage() {
+    const store = new Map();
+    return {
+        get: (key) => store.get(key),
+        set: (key, value) => store.set(key, value),
+        delete: (key) => store.delete(key),
+        clearExpired: () => {
+            const now = Date.now();
+            for (const [key, entry] of store.entries()) {
+                if (now >= entry.resetTime) {
+                    store.delete(key);
+                }
+            }
+        },
+    };
+}
+function isRateLimit(ctx, key, store, maxRequests, windowMs) {
+    store.clearExpired();
+    const now = Date.now();
+    let entry = store.get(key) || { count: 0, resetTime: now + windowMs };
+    if (now < entry.resetTime) {
+        entry.count++;
+        if (entry.count > maxRequests) {
+            return {
+                check: true,
+                entry: entry,
+            };
+        }
+    }
+    else {
+        entry = { count: 1, resetTime: now + windowMs };
+    }
+    store.set(key, entry);
+    return {
+        check: false,
+        entry: entry,
+    };
+}

package/cjs/middleware/i18nMiddleware.js

@@ -4,12 +4,12 @@ exports.i18nMiddleware = void 0;
 const config_1 = require("../core/config");
 const i18nMiddleware = (options) => {
     const { loadTranslations, defaultCacheDuration = 3600000, isCacheValid = (cached) => cached.expiresAt > Date.now(), detectLanguage = (ctx) => ctx.req.query.lang ||
-        ctx.cookies?.get('lang') ||
-        ctx.headers.get('accept-language')?.split(',')[0] ||
+        ctx.cookies?.get("lang") ||
+        ctx.req.headers.get("accept-language")?.split(",")[0] ||
         options.defaultLanguage ||
-        'en', defaultLanguage = 'en', fallbackChain = [], translationFunctionKey = 't', formatMessage = (message, options = {}) => {
-        return Object.entries(options).reduce((msg, [key, value]) => msg.replace(new RegExp(`{{${key}}}`, 'g'), String(value)), message);
-    }, cacheTranslations = true } = options;
+        "en", defaultLanguage = "en", fallbackChain = [], translationFunctionKey = "t", formatMessage = (message, options = {}) => {
+        return Object.entries(options).reduce((msg, [key, value]) => msg.replace(new RegExp(`{{${key}}}`, "g"), String(value)), message);
+    }, cacheTranslations = true, } = options;
     const translationCache = {};
     return async (ctx, next) => {
         try {
@@ -17,12 +17,12 @@ const i18nMiddleware = (options) => {
             const languageChain = [
                 detectedLanguage,
                 ...fallbackChain,
-                defaultLanguage
+                defaultLanguage,
             ].filter(Boolean);
             let translations = null;
             let selectedLanguage = defaultLanguage;
             for (const lang of languageChain) {
-                const normalizedLang = lang.split('-')[0].toLowerCase();
+                const normalizedLang = lang.split("-")[0].toLowerCase();
                 if (cacheTranslations && translationCache[normalizedLang]) {
                     const cached = translationCache[normalizedLang];
                     if (isCacheValid(cached, normalizedLang)) {
@@ -38,7 +38,7 @@ const i18nMiddleware = (options) => {
                     if (expiresAt instanceof Date) {
                         expirationTime = expiresAt.getTime();
                     }
-                    else if (typeof expiresAt === 'number') {
+                    else if (typeof expiresAt === "number") {
                         expirationTime = expiresAt;
                     }
                     translations = loadedTranslations;
@@ -56,13 +56,13 @@ const i18nMiddleware = (options) => {
                 }
             }
             if (!translations) {
-                throw new Error('No translations available');
+                throw new Error("No translations available");
             }
             ctx[translationFunctionKey] = (key, options) => {
-                const value = key.split('.').reduce((acc, k) => {
-                    return (acc && typeof acc === 'object') ? acc[k] : undefined;
+                const value = key.split(".").reduce((acc, k) => {
+                    return acc && typeof acc === "object" ? acc[k] : undefined;
                 }, translations);
-                const message = typeof value === 'string' ? value : key;
+                const message = typeof value === "string" ? value : key;
                 return formatMessage(message, options);
             };
             ctx.language = selectedLanguage;
@@ -70,7 +70,7 @@ const i18nMiddleware = (options) => {
             return await next();
         }
         catch (error) {
-            config_1.GlobalConfig.debugging.error('i18n processing error:', error);
+            config_1.GlobalConfig.debugging.error("i18n processing error:", error);
             ctx.setStatus = 500;
             throw error;
         }

package/cjs/middleware/index.js

@@ -14,16 +14,18 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.cors = void 0;
+exports.detectBot = exports.cors = void 0;
 var cors_1 = require("./cors");
 Object.defineProperty(exports, "cors", { enumerable: true, get: function () { return cors_1.cors; } });
+var detectBot_1 = require("./detectBot");
+Object.defineProperty(exports, "detectBot", { enumerable: true, get: function () { return detectBot_1.detectBot; } });
+__exportStar(require("./i18nMiddleware"), exports);
+__exportStar(require("./lazyLoadModules"), exports);
 __exportStar(require("./logger"), exports);
+__exportStar(require("./pagination"), exports);
 __exportStar(require("./powered-by"), exports);
+__exportStar(require("./rateLimiter"), exports);
 __exportStar(require("./request-id"), exports);
+__exportStar(require("./sanitizeHeader"), exports);
 __exportStar(require("./secureHeaders"), exports);
 __exportStar(require("./xssProtection"), exports);
-__exportStar(require("./sanitizeHeader"), exports);
-__exportStar(require("./rateLimiter"), exports);
-__exportStar(require("./pagination"), exports);
-__exportStar(require("./i18nMiddleware"), exports);
-__exportStar(require("./lazyLoadModules"), exports);

package/cjs/middleware/lazyLoadModules.js

@@ -2,21 +2,26 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.lazyLoadModules = void 0;
 const config_1 = require("../core/config");
-;
 const lazyLoadModules = (options) => {
-    const { moduleKey = (ctx) => ctx.req.params[queryKeyModule] || ctx.req.query[queryKeyModule], getModuleLoader, queryKeyModule = "module", moduleContextKey = "module", cacheTTL = 3600000, dependencies = {}, enableCache = true, cacheStorage = new Map(), lifecycleHooks = {}, validateModule } = options;
+    const { moduleKey = (ctx) => ctx.req.params[queryKeyModule] || ctx.req.query[queryKeyModule], getModuleLoader, queryKeyModule = "module", moduleContextKey = "module", cacheTTL = 3600000, dependencies = {}, enableCache = true, cacheStorage = new Map(), lifecycleHooks = {}, validateModule, } = options;
     return async (ctx, next) => {
-        let moduleName = moduleKey(ctx) || ctx.req.params[queryKeyModule] || ctx.req.query[queryKeyModule];
+        let moduleName = moduleKey(ctx) ||
+            ctx.req.params[queryKeyModule] ||
+            ctx.req.query[queryKeyModule];
         if (!moduleName) {
             config_1.GlobalConfig.debugging.warn("No module specified for lazy loading.");
             return await next();
         }
+        let storage = cacheStorage;
+        if (enableCache && !cacheStorage) {
+            storage = new Map();
+        }
         try {
             if (enableCache) {
-                const cached = cacheStorage.get(moduleName);
+                const cached = storage.get(moduleName);
                 if (cached) {
                     if (cached.expiresAt > Date.now()) {
-                        cacheStorage.delete(moduleName);
+                        storage.delete(moduleName);
                     }
                     else {
                         config_1.GlobalConfig.debugging.info(`Using cached module: ${moduleName}`);
@@ -41,9 +46,9 @@ const lazyLoadModules = (options) => {
             }
             ctx.dependencies = dependencies;
             if (enableCache) {
-                cacheStorage.set(moduleName, {
+                storage.set(moduleName, {
                     module,
-                    expiresAt: Date.now() + cacheTTL
+                    expiresAt: Date.now() + cacheTTL,
                 });
                 lifecycleHooks.onCacheSet?.(moduleName, module, ctx);
             }

package/cjs/middleware/pagination.js

@@ -17,7 +17,11 @@ const paginationHandler = (options = {}) => {
             queryKeyLimit,
         };
         if (getDataSource) {
-            const dataSourceResponse = await getDataSource(ctx, { page, limit, offset });
+            const dataSourceResponse = await getDataSource(ctx, {
+                page,
+                limit,
+                offset,
+            });
             const total = dataSourceResponse?.[countKey];
             const data = dataSourceResponse?.[dataKey];
             const pagination = {

package/cjs/middleware/rateLimiter.js

@@ -1,38 +1,23 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.rateLimiter = void 0;
+const detectBot_1 = require("./detectBot");
 const rateLimiter = (options) => {
-    const { maxRequests, windowMs, keyGenerator = (ctx) => `${ctx.req.remoteAddress.address}:${ctx.req.remoteAddress.port}`, cacheStorage = new Map(), onError = (ctx, retryAfter, error) => {
+    const { maxRequests, windowMs, keyGenerator = (ctx) => `${ctx.req.remoteAddress.address}:${ctx.req.remoteAddress.port}`, storage = (0, detectBot_1.createRateLimitDefaultStorage)(), onError = (ctx, retryAfter, error) => {
         ctx.setStatus = 429;
         throw new Error(`Rate limit exceeded. Try again in ${retryAfter} seconds.`);
     }, } = options;
     return async (ctx, next) => {
         const key = keyGenerator(ctx);
-        let requestCount;
-        let resetTime;
-        for (const [key, entry] of cacheStorage.entries()) {
-            if (Date.now() >= entry.resetTime) {
-                cacheStorage.delete(key);
-            }
-        }
-        const entry = cacheStorage.get(key);
-        if (entry && Date.now() < entry.resetTime) {
-            requestCount = entry.count + 1;
-            resetTime = entry.resetTime;
-        }
-        else {
-            requestCount = 1;
-            resetTime = Date.now() + windowMs;
-            cacheStorage.set(key, { count: requestCount, resetTime });
-        }
-        if (requestCount > maxRequests) {
-            const retryAfter = Math.ceil((resetTime - Date.now()) / 1000);
+        const { check, entry } = (0, detectBot_1.isRateLimit)(ctx, key, storage, maxRequests, windowMs);
+        if (check) {
+            const retryAfter = Math.ceil((entry.resetTime - Date.now()) / 1000);
             ctx.headers.set("Retry-After", retryAfter.toString());
             return onError(ctx, retryAfter, new Error(`Rate limit exceeded. Retry after ${retryAfter} seconds.`));
         }
         ctx.headers.set("X-RateLimit-Limit", maxRequests.toString());
-        ctx.headers.set("X-RateLimit-Remaining", (maxRequests - requestCount).toString());
-        ctx.headers.set("X-RateLimit-Reset", resetTime.toString());
+        ctx.headers.set("X-RateLimit-Remaining", (maxRequests - entry.count).toString());
+        ctx.headers.set("X-RateLimit-Reset", entry.resetTime.toString());
         return await next();
     };
 };

package/cjs/middleware/xssProtection.js

@@ -14,7 +14,7 @@ const xssProtection = (options = {}) => {
         ctx.headers.set("X-XSS-Protection", xssHeaderValue);
         config_1.GlobalConfig.debugging.warn(`🟢 X-XSS-Protection set to: ${xssHeaderValue}`);
         if (fallbackCSP) {
-            const existingCSP = ctx.headers.get("Content-Security-Policy");
+            const existingCSP = ctx.req.headers.get("Content-Security-Policy");
             if (!existingCSP) {
                 ctx.headers.set("Content-Security-Policy", fallbackCSP);
                 config_1.GlobalConfig.debugging.warn(`🟣 Fallback CSP set to: ${fallbackCSP}`);

package/core/context.js

@@ -95,7 +95,7 @@ export class Context {
         return this;
     }
     get cookies() {
-        const c = this.headers.getAll("cookie");
+        const c = this.req.headers.getAll("cookie");
         let cookies = {};
         if (Array.isArray(c) && c.length != 0) {
             const cookieHeader = c.join("; ").split(";");
@@ -164,8 +164,8 @@ export class Context {
         else if (typeof args[0] === "object") {
             headers = args[0];
         }
-        if ((!headers["Content-Type"] && !headers['content-type'])) {
-            if (typeof body === "string" || typeof body == 'number') {
+        if (!headers["Content-Type"] && !headers["content-type"]) {
+            if (typeof body === "string" || typeof body == "number") {
                 headers["Content-Type"] = "text/plain;";
             }
             else if (typeof body === "object" && body !== null) {

package/core/request.d.ts

@@ -1,4 +1,3 @@
-import { HeadersParser } from "./header";
 import { UrlRef } from "../utils/url";
 export type FormDataOptions = {
     maxSize?: number;
@@ -19,7 +18,7 @@ export type ConnAddress = {
 };
 export type HTTPMethod = "GET" | "POST" | "PUT" | "DELETE" | "OPTIONS" | "PATCH" | "HEAD" | "ALL" | "TRACE" | "CONNECT" | string;
 export declare class Request {
-    headers: HeadersParser;
+    #private;
     /**
      * Full request URL including protocol and query string
      * @type {string}
@@ -57,6 +56,81 @@ export declare class Request {
      */
     remoteAddress: AddressType;
     constructor(req: any, params: Record<string, any>, remoteAddress: AddressType);
+    get headers(): {
+        /**
+         * Retrieves the first value of a specific header.
+         * @param key - Header name to search for.
+         * @returns The first header value or undefined if not found.
+         * @example
+         * get('content-type') // returns 'application/json'
+         */
+        get: (key: string) => string | undefined;
+        /**
+         * Retrieves all values of a specific header.
+         * If multiple values exist for a header, all will be returned as an array.
+         * @param key - Header name to search for.
+         * @returns An array of all header values associated with the key.
+         * @example
+         * getAll('accept-language') // returns ['en-US', 'fr-CA']
+         */
+        getAll: (key: string) => string | never[];
+        /**
+         * Checks if a header exists in the request.
+         * @param key - Header name to check for existence.
+         * @returns True if the header exists, false otherwise.
+         * @example
+         * has('Authorization') // returns true if 'Authorization' header exists
+         */
+        has: (key: string) => boolean;
+        /**
+         * Returns an iterator over all header entries.
+         * Each entry is a [key, value] pair where the value can be an array of strings.
+         * @returns IterableIterator for iterating over header key-value pairs.
+         * @example
+         * for (let [key, value] of headers.entries()) {
+         *   console.log(key, value);
+         * }
+         */
+        entries: () => IterableIterator<[string, string[]]>;
+        /**
+         * Returns an iterator over all header keys.
+         * This allows iteration over the names of all headers in the request.
+         * @returns IterableIterator of header names.
+         * @example
+         * for (let key of headers.keys()) {
+         *   console.log(key);
+         * }
+         */
+        keys: () => IterableIterator<string>;
+        /**
+         * Returns an iterator over all header values.
+         * This allows iteration over the values of all headers, with each value being an array of strings.
+         * @returns IterableIterator of header values.
+         * @example
+         * for (let value of headers.values()) {
+         *   console.log(value);
+         * }
+         */
+        values: () => IterableIterator<string[]>;
+        /**
+         * Iterates over each header and executes a callback for every header found.
+         * @param callback - Function to execute for each header. Receives the value array and key.
+         * @example
+         * headers.forEach((value, key) => {
+         *   console.log(key, value);
+         * });
+         */
+        forEach: (callback: (value: string[], key: string) => void) => void;
+        /**
+         * Converts all headers into a plain JavaScript object.
+         * Single-value headers are represented as a string, and multi-value headers as an array.
+         * @returns A plain object with header names as keys and their values as strings or arrays.
+         * @example
+         * const headersObject = headers.toObject();
+         * console.log(headersObject);
+         */
+        toObject: () => Record<string, string | string[]>;
+    };
     /**
      * Parses the request body as plain text.
      * @returns {Promise<string>} The text content of the request body.

package/core/request.js

@@ -1,9 +1,9 @@
-import { EnvironmentDetector } from "./environment";
-import { HeadersParser } from "./header";
 import { parseJsonBody, parseMultipartBody, parseTextBody, parseUrlEncodedBody, } from "../utils/formData";
 import { urlParse } from "../utils/url";
+import { EnvironmentDetector } from "./environment";
+import { HeadersParser } from "./header";
 export class Request {
-    headers = new HeadersParser();
+    #headers = new HeadersParser();
     url;
     method;
     urlRef = {
@@ -24,13 +24,13 @@ export class Request {
     remoteAddress = {};
     constructor(req, params, remoteAddress) {
         this.remoteAddress = remoteAddress;
-        this.headers = new HeadersParser(req?.headers);
+        this.#headers = new HeadersParser(req?.headers);
         this.method = req?.method?.toUpperCase();
         this.params = params;
         this.rawRequest = req;
         if (EnvironmentDetector.getEnvironment == "node") {
             const protocol = EnvironmentDetector.detectProtocol(req);
-            const host = EnvironmentDetector.getHost(this.headers);
+            const host = EnvironmentDetector.getHost(this.#headers);
             this.url = `${protocol}://${host}${req.url}`;
         }
         else {
@@ -39,11 +39,40 @@ export class Request {
         this.urlRef = urlParse(this.url);
         this.query = this.urlRef.query;
     }
+    get headers() {
+        let requestHeaders = this.#headers;
+        return {
+            get: function get(key) {
+                return requestHeaders.get(key.toLowerCase());
+            },
+            getAll: function getAll(key) {
+                return requestHeaders.get(key.toLowerCase()) || [];
+            },
+            has: function has(key) {
+                return requestHeaders.has(key.toLowerCase());
+            },
+            entries: function entries() {
+                return requestHeaders.entries();
+            },
+            keys: function keys() {
+                return requestHeaders.keys();
+            },
+            values: function values() {
+                return requestHeaders.values();
+            },
+            forEach: function forEach(callback) {
+                return requestHeaders.forEach(callback);
+            },
+            toObject: function toObject() {
+                return requestHeaders.toObject();
+            },
+        };
+    }
     async text() {
         return await parseTextBody(this.rawRequest);
     }
     async json() {
-        const contentType = this.headers.get("content-type") || "";
+        const contentType = this.#headers.get("content-type") || "";
         if (contentType.includes("application/json")) {
             return await parseJsonBody(this.rawRequest);
         }
@@ -52,7 +81,7 @@ export class Request {
         }
     }
     async formData(options) {
-        const contentType = this.headers.get("content-type") || "";
+        const contentType = this.#headers.get("content-type") || "";
         if (!contentType) {
             throw Error("Invalid Content-Type");
         }

package/core/router.js

@@ -2,7 +2,6 @@ import { getFiles } from "../utils/staticFile";
 import { sanitizePathSplit } from "../utils/url";
 import { GlobalConfig } from "./config";
 import MiddlewareConfigure, { TriMiddleware, } from "./MiddlewareConfigure";
-;
 class TrieRouter {
     children = new Map();
     handlers = new Map();

package/core/server.js

@@ -130,7 +130,7 @@ export class TezX extends Router {
                     return (await this.#createHandler(middlewares, callback)(ctx));
                 }
                 else {
-                    let res = await GlobalConfig.notFound(ctx);
+                    let res = (await GlobalConfig.notFound(ctx));
                     ctx.setStatus = res.status;
                     return res;
                 }

package/index.js

@@ -1,4 +1,4 @@
 export { Router } from "./core/router";
 export { TezX } from "./core/server";
 export { useParams } from "./utils/params";
-export let version = "1.0.36";
+export let version = "1.0.38";

package/middleware/detectBot.d.ts

@@ -0,0 +1,123 @@
+import { Context, Middleware } from "..";
+export type DetectBotReason = "User-Agent" | "Blacklisted IP" | "Query Parameter" | "Rate Limiting" | "Custom Detector" | "Multiple Indicators";
+type BotDetectionResult = {
+    isBot: boolean;
+    reason?: DetectBotReason;
+    indicators: string[];
+};
+type DetectBotOptions = {
+    /**
+     * 🤖 List of bot-like user-agent substrings to detect
+     * @default ["bot", "spider", "crawl", "slurp"]
+     */
+    botUserAgents?: string[];
+    /**
+     * ⚠️ Maximum allowed requests in the time window
+     * @default 30 requests
+     */
+    maxRequests?: number;
+    /**
+     * ⏱️ Time window in milliseconds for rate limiting
+     * @default 60000 (1 minute)
+     */
+    windowMs?: number;
+    /**
+     * 🚫 IP blacklist checker
+     * @default () => false
+     */
+    isBlacklistedIP?: (ip: string) => boolean | Promise<boolean>;
+    /**
+     * 🔍 Query parameter name for bot identification
+     * @default "bot"
+     */
+    queryKeyBot?: string;
+    /**
+     * 🛡️ Action to take when bot is detected
+     * @default "block"
+     */
+    onBotDetected?: "block" | ((ctx: Context, result: BotDetectionResult) => void);
+    /**
+     * ⚖️ Enable rate-limiting based detection
+     * @default false
+     */
+    enableRateLimiting?: boolean;
+    /**
+     * 🔎 Custom bot detection logic
+     * @default () => false
+     */
+    customBotDetector?: (ctx: Context) => boolean | Promise<boolean>;
+    /**
+     * ✉️ Custom response for blocked requests
+     */
+    customBlockedResponse?: (ctx: Context, result: BotDetectionResult) => void;
+    /**
+     * 🔄 Custom cache storage implementation (e.g., using `Map`, `Redis`, etc.).
+     * By default, it uses a `Map<string, { count: number; resetTime: number }>`.
+     */
+    storage?: {
+        get: (key: string) => {
+            count: number;
+            resetTime: number;
+        } | undefined;
+        set: (key: string, value: {
+            count: number;
+            resetTime: number;
+        }) => void;
+        delete: (key: string) => void;
+        clearExpired: () => void;
+    };
+    /**
+     * 📊 Minimum confidence score to consider as bot (0-1)
+     * @default 0.5
+     */
+    confidenceThreshold?: number;
+};
+/**
+ * 🤖 Advanced bot detection middleware with multiple detection methods
+ *
+ * Features:
+ * - User-Agent analysis
+ * - IP blacklisting
+ * - Query parameter detection
+ * - Rate limiting
+ * - Custom detection logic
+ * - Confidence-based scoring
+ *
+ * @param {DetectBotOptions} options - Configuration options
+ * @returns {Middleware} Configured middleware
+ *
+ * @example
+ * // Basic usage
+ * app.use(detectBot());
+ *
+ * // Custom configuration
+ * app.use(detectBot({
+ *   botUserAgents: ["bot", "crawler"],
+ *   isBlacklistedIP: async (ip) => await checkIPReputation(ip),
+ *   onBotDetected: (ctx, { reason }) => {
+ *     ctx.status = 403;
+ *     ctx.body = { error: `Bot detected (${reason})` };
+ *   }
+ * }));
+ */
+export declare const detectBot: (options?: DetectBotOptions) => Middleware;
+export declare function createRateLimitDefaultStorage(): {
+    get: (key: string) => {
+        count: number;
+        resetTime: number;
+    } | undefined;
+    set: (key: string, value: {
+        count: number;
+        resetTime: number;
+    }) => Map<string, {
+        count: number;
+        resetTime: number;
+    }>;
+    delete: (key: string) => boolean;
+    clearExpired: () => void;
+};
+export declare function isRateLimit(ctx: Context, key: string, store: any, maxRequests: number, windowMs: number): {
+    check: boolean;
+    entry: any;
+};
+export {};

package/middleware/detectBot.js

@@ -0,0 +1,98 @@
+import { GlobalConfig } from "../core/config";
+export const detectBot = (options = {}) => {
+    const { botUserAgents = ["bot", "spider", "crawl", "slurp"], maxRequests = 30, windowMs = 60000, isBlacklistedIP = async () => false, queryKeyBot = "bot", onBotDetected = "block", enableRateLimiting = false, customBotDetector = async () => false, customBlockedResponse = (ctx, { reason }) => {
+        ctx.setStatus = 403;
+        ctx.body = { error: `Bot detected: ${reason}` };
+    }, storage, confidenceThreshold = 0.5, } = options;
+    let store = storage;
+    if (enableRateLimiting) {
+        store = createRateLimitDefaultStorage();
+    }
+    return async (ctx, next) => {
+        const detectionResult = {
+            isBot: false,
+            indicators: [],
+        };
+        const userAgent = ctx.headers.get("user-agent")?.toLowerCase() || "";
+        const ip = ctx.req.remoteAddress?.address || "unknown";
+        const isBotQuery = ctx.req.query[queryKeyBot] === "true";
+        if (botUserAgents.some((agent) => userAgent.includes(agent))) {
+            detectionResult.indicators.push("User-Agent");
+        }
+        if (await isBlacklistedIP(ip)) {
+            detectionResult.indicators.push("Blacklisted IP");
+        }
+        if (isBotQuery) {
+            detectionResult.indicators.push("Query Parameter");
+        }
+        const key = `${ctx.req.remoteAddress.address}:${ctx.req.remoteAddress.port}`;
+        if (enableRateLimiting &&
+            isRateLimit(ctx, key, store, maxRequests, windowMs).check) {
+            detectionResult.indicators.push("Rate Limiting");
+        }
+        if (await customBotDetector(ctx)) {
+            detectionResult.indicators.push("Custom Detector");
+        }
+        detectionResult.isBot = detectionResult.indicators.length > 0;
+        if (detectionResult.indicators.length > 1) {
+            detectionResult.reason = "Multiple Indicators";
+            const confidence = Math.min(0.3 * detectionResult.indicators.length, 1);
+            detectionResult.isBot = confidence >= confidenceThreshold;
+        }
+        else if (detectionResult.indicators.length === 1) {
+            detectionResult.reason = detectionResult.indicators[0];
+        }
+        if (detectionResult.isBot) {
+            GlobalConfig.debugging.warn(`Bot detected: ${detectionResult.reason}`, {
+                ip,
+                userAgent,
+                indicators: detectionResult.indicators,
+            });
+            if (onBotDetected === "block") {
+                return customBlockedResponse(ctx, detectionResult);
+            }
+            else if (typeof onBotDetected === "function") {
+                return onBotDetected(ctx, detectionResult);
+            }
+        }
+        return await next();
+    };
+};
+export function createRateLimitDefaultStorage() {
+    const store = new Map();
+    return {
+        get: (key) => store.get(key),
+        set: (key, value) => store.set(key, value),
+        delete: (key) => store.delete(key),
+        clearExpired: () => {
+            const now = Date.now();
+            for (const [key, entry] of store.entries()) {
+                if (now >= entry.resetTime) {
+                    store.delete(key);
+                }
+            }
+        },
+    };
+}
+export function isRateLimit(ctx, key, store, maxRequests, windowMs) {
+    store.clearExpired();
+    const now = Date.now();
+    let entry = store.get(key) || { count: 0, resetTime: now + windowMs };
+    if (now < entry.resetTime) {
+        entry.count++;
+        if (entry.count > maxRequests) {
+            return {
+                check: true,
+                entry: entry,
+            };
+        }
+    }
+    else {
+        entry = { count: 1, resetTime: now + windowMs };
+    }
+    store.set(key, entry);
+    return {
+        check: false,
+        entry: entry,
+    };
+}

package/middleware/i18nMiddleware.d.ts

@@ -8,10 +8,10 @@ export type loadTranslations = (language: string) => Promise<{
 }>;
 export type I18nOptions = {
     /**
-      * 🌐 Function to load translations dynamically
-      * @param language - Language code to load (e.g., "en-US")
-      * @returns Promise with translations map and optional expiration
-      */
+     * 🌐 Function to load translations dynamically
+     * @param language - Language code to load (e.g., "en-US")
+     * @returns Promise with translations map and optional expiration
+     */
     loadTranslations: (language: string) => Promise<{
         translations: TranslationMap;
         expiresAt?: Date | number;

package/middleware/i18nMiddleware.js

@@ -1,12 +1,12 @@
 import { GlobalConfig } from "../core/config";
 export const i18nMiddleware = (options) => {
     const { loadTranslations, defaultCacheDuration = 3600000, isCacheValid = (cached) => cached.expiresAt > Date.now(), detectLanguage = (ctx) => ctx.req.query.lang ||
-        ctx.cookies?.get('lang') ||
-        ctx.headers.get('accept-language')?.split(',')[0] ||
+        ctx.cookies?.get("lang") ||
+        ctx.req.headers.get("accept-language")?.split(",")[0] ||
         options.defaultLanguage ||
-        'en', defaultLanguage = 'en', fallbackChain = [], translationFunctionKey = 't', formatMessage = (message, options = {}) => {
-        return Object.entries(options).reduce((msg, [key, value]) => msg.replace(new RegExp(`{{${key}}}`, 'g'), String(value)), message);
-    }, cacheTranslations = true } = options;
+        "en", defaultLanguage = "en", fallbackChain = [], translationFunctionKey = "t", formatMessage = (message, options = {}) => {
+        return Object.entries(options).reduce((msg, [key, value]) => msg.replace(new RegExp(`{{${key}}}`, "g"), String(value)), message);
+    }, cacheTranslations = true, } = options;
     const translationCache = {};
     return async (ctx, next) => {
         try {
@@ -14,12 +14,12 @@ export const i18nMiddleware = (options) => {
             const languageChain = [
                 detectedLanguage,
                 ...fallbackChain,
-                defaultLanguage
+                defaultLanguage,
             ].filter(Boolean);
             let translations = null;
             let selectedLanguage = defaultLanguage;
             for (const lang of languageChain) {
-                const normalizedLang = lang.split('-')[0].toLowerCase();
+                const normalizedLang = lang.split("-")[0].toLowerCase();
                 if (cacheTranslations && translationCache[normalizedLang]) {
                     const cached = translationCache[normalizedLang];
                     if (isCacheValid(cached, normalizedLang)) {
@@ -35,7 +35,7 @@ export const i18nMiddleware = (options) => {
                     if (expiresAt instanceof Date) {
                         expirationTime = expiresAt.getTime();
                     }
-                    else if (typeof expiresAt === 'number') {
+                    else if (typeof expiresAt === "number") {
                         expirationTime = expiresAt;
                     }
                     translations = loadedTranslations;
@@ -53,13 +53,13 @@ export const i18nMiddleware = (options) => {
                 }
             }
             if (!translations) {
-                throw new Error('No translations available');
+                throw new Error("No translations available");
             }
             ctx[translationFunctionKey] = (key, options) => {
-                const value = key.split('.').reduce((acc, k) => {
-                    return (acc && typeof acc === 'object') ? acc[k] : undefined;
+                const value = key.split(".").reduce((acc, k) => {
+                    return acc && typeof acc === "object" ? acc[k] : undefined;
                 }, translations);
-                const message = typeof value === 'string' ? value : key;
+                const message = typeof value === "string" ? value : key;
                 return formatMessage(message, options);
             };
             ctx.language = selectedLanguage;
@@ -67,7 +67,7 @@ export const i18nMiddleware = (options) => {
             return await next();
         }
         catch (error) {
-            GlobalConfig.debugging.error('i18n processing error:', error);
+            GlobalConfig.debugging.error("i18n processing error:", error);
             ctx.setStatus = 500;
             throw error;
         }

package/middleware/index.d.ts

@@ -1,12 +1,14 @@
 export { cors } from "./cors";
 export type { CorsOptions } from "./cors";
+export { detectBot } from "./detectBot";
+export type { DetectBotReason } from "./detectBot";
+export * from "./i18nMiddleware";
+export * from "./lazyLoadModules";
 export * from "./logger";
+export * from "./pagination";
 export * from "./powered-by";
+export * from "./rateLimiter";
 export * from "./request-id";
+export * from "./sanitizeHeader";
 export * from "./secureHeaders";
 export * from "./xssProtection";
-export * from "./sanitizeHeader";
-export * from "./rateLimiter";
-export * from "./pagination";
-export * from "./i18nMiddleware";
-export * from './lazyLoadModules';

package/middleware/index.js

@@ -1,11 +1,12 @@
 export { cors } from "./cors";
+export { detectBot } from "./detectBot";
+export * from "./i18nMiddleware";
+export * from "./lazyLoadModules";
 export * from "./logger";
+export * from "./pagination";
 export * from "./powered-by";
+export * from "./rateLimiter";
 export * from "./request-id";
+export * from "./sanitizeHeader";
 export * from "./secureHeaders";
 export * from "./xssProtection";
-export * from "./sanitizeHeader";
-export * from "./rateLimiter";
-export * from "./pagination";
-export * from "./i18nMiddleware";
-export * from './lazyLoadModules';

package/middleware/lazyLoadModules.js

@@ -1,19 +1,24 @@
 import { GlobalConfig } from "../core/config";
-;
 export const lazyLoadModules = (options) => {
-    const { moduleKey = (ctx) => ctx.req.params[queryKeyModule] || ctx.req.query[queryKeyModule], getModuleLoader, queryKeyModule = "module", moduleContextKey = "module", cacheTTL = 3600000, dependencies = {}, enableCache = true, cacheStorage = new Map(), lifecycleHooks = {}, validateModule } = options;
+    const { moduleKey = (ctx) => ctx.req.params[queryKeyModule] || ctx.req.query[queryKeyModule], getModuleLoader, queryKeyModule = "module", moduleContextKey = "module", cacheTTL = 3600000, dependencies = {}, enableCache = true, cacheStorage = new Map(), lifecycleHooks = {}, validateModule, } = options;
     return async (ctx, next) => {
-        let moduleName = moduleKey(ctx) || ctx.req.params[queryKeyModule] || ctx.req.query[queryKeyModule];
+        let moduleName = moduleKey(ctx) ||
+            ctx.req.params[queryKeyModule] ||
+            ctx.req.query[queryKeyModule];
         if (!moduleName) {
             GlobalConfig.debugging.warn("No module specified for lazy loading.");
             return await next();
         }
+        let storage = cacheStorage;
+        if (enableCache && !cacheStorage) {
+            storage = new Map();
+        }
         try {
             if (enableCache) {
-                const cached = cacheStorage.get(moduleName);
+                const cached = storage.get(moduleName);
                 if (cached) {
                     if (cached.expiresAt > Date.now()) {
-                        cacheStorage.delete(moduleName);
+                        storage.delete(moduleName);
                     }
                     else {
                         GlobalConfig.debugging.info(`Using cached module: ${moduleName}`);
@@ -38,9 +43,9 @@ export const lazyLoadModules = (options) => {
             }
             ctx.dependencies = dependencies;
             if (enableCache) {
-                cacheStorage.set(moduleName, {
+                storage.set(moduleName, {
                     module,
-                    expiresAt: Date.now() + cacheTTL
+                    expiresAt: Date.now() + cacheTTL,
                 });
                 lifecycleHooks.onCacheSet?.(moduleName, module, ctx);
             }

package/middleware/pagination.js

@@ -14,7 +14,11 @@ export const paginationHandler = (options = {}) => {
             queryKeyLimit,
         };
         if (getDataSource) {
-            const dataSourceResponse = await getDataSource(ctx, { page, limit, offset });
+            const dataSourceResponse = await getDataSource(ctx, {
+                page,
+                limit,
+                offset,
+            });
             const total = dataSourceResponse?.[countKey];
             const data = dataSourceResponse?.[dataKey];
             const pagination = {

package/middleware/rateLimiter.d.ts

@@ -25,10 +25,10 @@ export type RateLimiterOptions = {
       //  * @todo Implement Redis storage
       //  */
     /**
-       * 🔄 Custom cache storage implementation (e.g., using `Map`, `Redis`, etc.).
-       * By default, it uses a `Map<string, { count: number; resetTime: number }>`.
-       */
-    cacheStorage?: {
+     * 🔄 Custom cache storage implementation (e.g., using `Map`, `Redis`, etc.).
+     * By default, it uses a `Map<string, { count: number; resetTime: number }>`.
+     */
+    storage?: {
         get: (key: string) => {
             count: number;
             resetTime: number;
@@ -38,10 +38,7 @@ export type RateLimiterOptions = {
             resetTime: number;
         }) => void;
         delete: (key: string) => void;
-        entries: () => IterableIterator<[string, {
-            count: number;
-            resetTime: number;
-        }]>;
+        clearExpired: () => void;
     };
     /**
      * 🛑 Custom rate limit exceeded handler

package/middleware/rateLimiter.js

@@ -1,35 +1,20 @@
+import { createRateLimitDefaultStorage, isRateLimit } from "./detectBot";
 export const rateLimiter = (options) => {
-    const { maxRequests, windowMs, keyGenerator = (ctx) => `${ctx.req.remoteAddress.address}:${ctx.req.remoteAddress.port}`, cacheStorage = new Map(), onError = (ctx, retryAfter, error) => {
+    const { maxRequests, windowMs, keyGenerator = (ctx) => `${ctx.req.remoteAddress.address}:${ctx.req.remoteAddress.port}`, storage = createRateLimitDefaultStorage(), onError = (ctx, retryAfter, error) => {
         ctx.setStatus = 429;
         throw new Error(`Rate limit exceeded. Try again in ${retryAfter} seconds.`);
     }, } = options;
     return async (ctx, next) => {
         const key = keyGenerator(ctx);
-        let requestCount;
-        let resetTime;
-        for (const [key, entry] of cacheStorage.entries()) {
-            if (Date.now() >= entry.resetTime) {
-                cacheStorage.delete(key);
-            }
-        }
-        const entry = cacheStorage.get(key);
-        if (entry && Date.now() < entry.resetTime) {
-            requestCount = entry.count + 1;
-            resetTime = entry.resetTime;
-        }
-        else {
-            requestCount = 1;
-            resetTime = Date.now() + windowMs;
-            cacheStorage.set(key, { count: requestCount, resetTime });
-        }
-        if (requestCount > maxRequests) {
-            const retryAfter = Math.ceil((resetTime - Date.now()) / 1000);
+        const { check, entry } = isRateLimit(ctx, key, storage, maxRequests, windowMs);
+        if (check) {
+            const retryAfter = Math.ceil((entry.resetTime - Date.now()) / 1000);
             ctx.headers.set("Retry-After", retryAfter.toString());
             return onError(ctx, retryAfter, new Error(`Rate limit exceeded. Retry after ${retryAfter} seconds.`));
         }
         ctx.headers.set("X-RateLimit-Limit", maxRequests.toString());
-        ctx.headers.set("X-RateLimit-Remaining", (maxRequests - requestCount).toString());
-        ctx.headers.set("X-RateLimit-Reset", resetTime.toString());
+        ctx.headers.set("X-RateLimit-Remaining", (maxRequests - entry.count).toString());
+        ctx.headers.set("X-RateLimit-Reset", entry.resetTime.toString());
         return await next();
     };
 };

package/middleware/xssProtection.js

@@ -11,7 +11,7 @@ export const xssProtection = (options = {}) => {
         ctx.headers.set("X-XSS-Protection", xssHeaderValue);
         GlobalConfig.debugging.warn(`🟢 X-XSS-Protection set to: ${xssHeaderValue}`);
         if (fallbackCSP) {
-            const existingCSP = ctx.headers.get("Content-Security-Policy");
+            const existingCSP = ctx.req.headers.get("Content-Security-Policy");
             if (!existingCSP) {
                 ctx.headers.set("Content-Security-Policy", fallbackCSP);
                 GlobalConfig.debugging.warn(`🟣 Fallback CSP set to: ${fallbackCSP}`);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "tezx",
-  "version": "1.0.36",
+  "version": "1.0.38",
   "description": "TezX is a high-performance, lightweight JavaScript framework designed for speed, scalability, and flexibility. It enables efficient routing, middleware management, and static file serving with minimal configuration. Fully compatible with Node.js, Deno, and Bun.",
   "main": "cjs/index.js",
   "module": "index.js",