vector-framework 1.1.1 → 1.2.1

package/src/core/vector.ts

@@ -1,5 +1,4 @@
 import type { Server } from 'bun';
-import type { RouteEntry } from 'itty-router';
 import { AuthManager } from '../auth/protected';
 import { CacheManager } from '../cache/manager';
 import { RouteGenerator } from '../dev/route-generator';
@@ -9,15 +8,24 @@ import { toFileUrl } from '../utils/path';
 import type {
   CacheHandler,
   DefaultVectorTypes,
+  InferRouteInputFromSchemaDefinition,
+  LegacyRouteEntry,
   ProtectedHandler,
   RouteHandler,
   RouteOptions,
+  RouteSchemaDefinition,
   VectorConfig,
   VectorTypes,
 } from '../types';
 import { VectorRouter } from './router';
 import { VectorServer } from './server';
 
+interface LoadedRouteDefinition<TTypes extends VectorTypes = DefaultVectorTypes> {
+  entry: { method: string; path: string };
+  options: RouteOptions<TTypes>;
+  handler: RouteHandler<TTypes>;
+}
+
 // Internal-only class - not exposed to users
 export class Vector<TTypes extends VectorTypes = DefaultVectorTypes> {
   private static instance: Vector<any>;
@@ -31,16 +39,13 @@ export class Vector<TTypes extends VectorTypes = DefaultVectorTypes> {
   private routeGenerator: RouteGenerator | null = null;
   private _protectedHandler: ProtectedHandler<TTypes> | null = null;
   private _cacheHandler: CacheHandler | null = null;
+  private shutdownPromise: Promise<void> | null = null;
 
   private constructor() {
     this.middlewareManager = new MiddlewareManager<TTypes>();
     this.authManager = new AuthManager<TTypes>();
     this.cacheManager = new CacheManager<TTypes>();
-    this.router = new VectorRouter<TTypes>(
-      this.middlewareManager,
-      this.authManager,
-      this.cacheManager
-    );
+    this.router = new VectorRouter<TTypes>(this.middlewareManager, this.authManager, this.cacheManager);
   }
 
   // Internal use only - not exposed to users
@@ -52,9 +57,13 @@ export class Vector<TTypes extends VectorTypes = DefaultVectorTypes> {
   }
 
   // Internal method to set protected handler
-  setProtectedHandler(handler: ProtectedHandler<TTypes>) {
+  setProtectedHandler(handler: ProtectedHandler<TTypes> | null) {
     this._protectedHandler = handler;
-    this.authManager.setProtectedHandler(handler);
+    if (handler) {
+      this.authManager.setProtectedHandler(handler);
+      return;
+    }
+    this.authManager.clearProtectedHandler();
   }
 
   getProtectedHandler(): ProtectedHandler<TTypes> | null {
@@ -62,9 +71,13 @@ export class Vector<TTypes extends VectorTypes = DefaultVectorTypes> {
   }
 
   // Internal method to set cache handler
-  setCacheHandler(handler: CacheHandler) {
+  setCacheHandler(handler: CacheHandler | null) {
     this._cacheHandler = handler;
-    this.cacheManager.setCacheHandler(handler);
+    if (handler) {
+      this.cacheManager.setCacheHandler(handler);
+      return;
+    }
+    this.cacheManager.clearCacheHandler();
   }
 
   getCacheHandler(): CacheHandler | null {
@@ -72,13 +85,20 @@ export class Vector<TTypes extends VectorTypes = DefaultVectorTypes> {
   }
 
   // Internal method to add route
-  addRoute(options: RouteOptions<TTypes>, handler: RouteHandler<TTypes>): RouteEntry {
-    return this.router.route(options, handler);
+  addRoute<TSchemaDef extends RouteSchemaDefinition | undefined>(
+    options: Omit<RouteOptions<TTypes>, 'schema'> & { schema?: TSchemaDef },
+    handler: RouteHandler<TTypes, InferRouteInputFromSchemaDefinition<TSchemaDef>>
+  ): void;
+  addRoute(options: RouteOptions<TTypes>, handler: RouteHandler<TTypes>): void {
+    this.router.route(options, handler);
   }
 
   // Internal method to start server - only called by CLI
   async startServer(config?: VectorConfig<TTypes>): Promise<Server> {
     this.config = { ...this.config, ...config };
+    const routeDefaults = { ...this.config.defaults?.route };
+    this.router.setRouteBooleanDefaults(routeDefaults);
+    this.router.setDevelopmentMode(this.config.development);
 
     // Clear previous middleware to avoid accumulation across multiple starts
     this.middlewareManager.clear();
@@ -96,6 +116,10 @@ export class Vector<TTypes extends VectorTypes = DefaultVectorTypes> {
       this.middlewareManager.addFinally(...config.finally);
     }
 
+    if (typeof this.config.startup === 'function') {
+      await this.config.startup();
+    }
+
     if (this.config.autoDiscover !== false) {
       await this.discoverRoutes();
     }
@@ -136,25 +160,21 @@ export class Vector<TTypes extends VectorTypes = DefaultVectorTypes> {
             if (exported) {
               if (this.isRouteDefinition(exported)) {
                 // Use router.route() to ensure middleware is applied
-                const routeDef = exported as any;
-                this.router.route(routeDef.options, routeDef.handler);
-                this.logRouteLoaded(routeDef.options);
+                this.router.route(exported.options, exported.handler);
+                this.logRouteLoaded(exported.options);
               } else if (this.isRouteEntry(exported)) {
                 // Legacy support for direct RouteEntry (won't have middleware)
-                this.router.addRoute(exported as RouteEntry);
-                this.logRouteLoaded(exported as RouteEntry);
+                this.router.addRoute(exported);
+                this.logRouteLoaded(exported);
               } else if (typeof exported === 'function') {
-                this.router.route(route.options as any, exported);
-                this.logRouteLoaded(route.options);
+                this.router.route(route.options as RouteOptions<TTypes>, exported as RouteHandler<TTypes>);
+                this.logRouteLoaded(route.options as RouteOptions<TTypes>);
               }
             }
           } catch (error) {
             console.error(`Failed to load route ${route.name} from ${route.path}:`, error);
           }
         }
-
-        // Ensure routes are properly sorted after loading all
-        this.router.sortRoutes();
       }
     } catch (error) {
       if ((error as any).code !== 'ENOENT' && (error as any).code !== 'ENOTDIR') {
@@ -166,36 +186,49 @@ export class Vector<TTypes extends VectorTypes = DefaultVectorTypes> {
   async loadRoute(routeModule: any) {
     if (typeof routeModule === 'function') {
       const routeEntry = routeModule();
-      if (Array.isArray(routeEntry)) {
-        this.router.addRoute(routeEntry as RouteEntry);
+      if (this.isRouteEntry(routeEntry)) {
+        this.router.addRoute(routeEntry);
       }
     } else if (routeModule && typeof routeModule === 'object') {
       for (const [, value] of Object.entries(routeModule)) {
         if (typeof value === 'function') {
-          const routeEntry = (value as any)();
-          if (Array.isArray(routeEntry)) {
-            this.router.addRoute(routeEntry as RouteEntry);
+          const routeEntry = value();
+          if (this.isRouteEntry(routeEntry)) {
+            this.router.addRoute(routeEntry);
           }
         }
       }
     }
   }
 
-  private isRouteEntry(value: any): boolean {
-    return Array.isArray(value) && value.length >= 3;
+  private isRouteEntry(value: unknown): value is LegacyRouteEntry {
+    if (!Array.isArray(value) || value.length < 3) {
+      return false;
+    }
+
+    const [method, matcher, handlers, path] = value;
+    return (
+      typeof method === 'string' &&
+      matcher instanceof RegExp &&
+      Array.isArray(handlers) &&
+      handlers.length > 0 &&
+      handlers.every((handler) => typeof handler === 'function') &&
+      (path === undefined || typeof path === 'string')
+    );
   }
 
-  private isRouteDefinition(value: any): boolean {
+  private isRouteDefinition(value: unknown): value is LoadedRouteDefinition<TTypes> {
     return (
-      value &&
+      value !== null &&
       typeof value === 'object' &&
       'entry' in value &&
       'options' in value &&
-      'handler' in value
+      'handler' in value &&
+      typeof (value as LoadedRouteDefinition<TTypes>).handler === 'function'
     );
   }
 
-  private logRouteLoaded(_: RouteEntry | RouteOptions): void {
+  private logRouteLoaded(_: RouteOptions<TTypes> | LegacyRouteEntry): void {
     // Silent - no logging
   }
 
@@ -208,6 +241,27 @@ export class Vector<TTypes extends VectorTypes = DefaultVectorTypes> {
     // Routes will be cleared on next startServer() call
   }
 
+  async shutdown(): Promise<void> {
+    if (this.shutdownPromise) {
+      return this.shutdownPromise;
+    }
+
+    this.shutdownPromise = (async () => {
+      // Stop accepting new traffic first.
+      this.stop();
+
+      if (typeof this.config.shutdown === 'function') {
+        await this.config.shutdown();
+      }
+    })();
+
+    try {
+      await this.shutdownPromise;
+    } finally {
+      this.shutdownPromise = null;
+    }
+  }
+
   getServer(): VectorServer<TTypes> | null {
     return this.server;
   }

package/src/dev/route-generator.ts

@@ -36,9 +36,7 @@ export class RouteGenerator {
 
       if (fileRoutes.some((r) => r.name === 'default')) {
         if (namedImports.length > 0) {
-          imports.push(
-            `import ${importName}, { ${namedImports.join(', ')} } from '${relativePath}';`
-          );
+          imports.push(`import ${importName}, { ${namedImports.join(', ')} } from '${relativePath}';`);
         } else {
           imports.push(`import ${importName} from '${relativePath}';`);
         }

package/src/dev/route-scanner.ts

@@ -95,8 +95,7 @@ export class RouteScanner {
 
         try {
           // Convert Windows paths to URLs for import
-          const importPath =
-            process.platform === 'win32' ? `file:///${fullPath.replace(/\\/g, '/')}` : fullPath;
+          const importPath = process.platform === 'win32' ? `file:///${fullPath.replace(/\\/g, '/')}` : fullPath;
 
           const module = await import(importPath);
 
@@ -117,13 +116,7 @@ export class RouteScanner {
             if (name === 'default') continue;
 
             // Check for new RouteDefinition format
-            if (
-              value &&
-              typeof value === 'object' &&
-              'entry' in value &&
-              'options' in value &&
-              'handler' in value
-            ) {
+            if (value && typeof value === 'object' && 'entry' in value && 'options' in value && 'handler' in value) {
               const routeDef = value as any;
               routes.push({
                 name,

package/src/http.ts

@@ -1,81 +1,63 @@
-import { cors, type IRequest, type RouteEntry, withContent } from 'itty-router';
-import { buildRouteRegex } from './utils/path';
 import { CONTENT_TYPES, HTTP_STATUS } from './constants';
 import type {
   CacheOptions,
   DefaultVectorTypes,
   GetAuthType,
+  InferRouteInputFromSchemaDefinition,
+  RouteSchemaDefinition,
   VectorRequest,
   VectorTypes,
 } from './types';
 import { getVectorInstance } from './core/vector';
 
-export interface ProtectedRequest<TTypes extends VectorTypes = DefaultVectorTypes>
-  extends IRequest {
-  authUser?: GetAuthType<TTypes>;
-}
-
-export const { preflight, corsify } = cors({
-  origin: '*',
-  credentials: true,
-  allowHeaders: 'Content-Type, Authorization',
-  allowMethods: 'GET, POST, PUT, PATCH, DELETE, OPTIONS',
-  exposeHeaders: 'Authorization',
-  maxAge: 86_400,
-});
-
-interface ExtendedApiOptions extends ApiOptions {
+interface ExtendedApiOptions<TSchemaDef extends RouteSchemaDefinition | undefined = RouteSchemaDefinition | undefined>
+  extends ApiOptions<TSchemaDef> {
   method: string;
   path: string;
 }
 
-export interface RouteDefinition<TTypes extends VectorTypes = DefaultVectorTypes> {
-  entry: RouteEntry;
-  options: ExtendedApiOptions;
-  handler: (req: VectorRequest<TTypes>) => Promise<unknown>;
+export interface RouteDefinition<
+  TTypes extends VectorTypes = DefaultVectorTypes,
+  TValidatedInput = undefined,
+  TSchemaDef extends RouteSchemaDefinition | undefined = RouteSchemaDefinition | undefined,
+> {
+  entry: { method: string; path: string };
+  options: ExtendedApiOptions<TSchemaDef>;
+  handler: (req: VectorRequest<TTypes, TValidatedInput>) => Promise<unknown> | unknown;
 }
 
-export function route<TTypes extends VectorTypes = DefaultVectorTypes>(
-  options: ExtendedApiOptions,
-  fn: (req: VectorRequest<TTypes>) => Promise<unknown>
-): RouteDefinition<TTypes> {
-  const handler = api(options, fn);
-
-  const entry: RouteEntry = [
-    options.method.toUpperCase(),
-    buildRouteRegex(options.path),
-    [handler],
-    options.path,
-  ];
-
+export function route<
+  TTypes extends VectorTypes = DefaultVectorTypes,
+  TSchemaDef extends RouteSchemaDefinition | undefined = RouteSchemaDefinition | undefined,
+>(
+  options: ExtendedApiOptions<TSchemaDef>,
+  fn: (req: VectorRequest<TTypes, InferRouteInputFromSchemaDefinition<TSchemaDef>>) => Promise<unknown> | unknown
+): RouteDefinition<TTypes, InferRouteInputFromSchemaDefinition<TSchemaDef>, TSchemaDef> {
   return {
-    entry,
+    entry: {
+      method: options.method.toUpperCase(),
+      path: options.path,
+    },
     options,
     handler: fn,
   };
 }
 
-function hasBigInt(value: unknown, depth = 0): boolean {
-  if (typeof value === 'bigint') return true;
-  if (depth > 4 || value === null || typeof value !== 'object') return false;
-  for (const v of Object.values(value as object)) {
-    if (hasBigInt(v, depth + 1)) return true;
-  }
-  return false;
-}
-
 function stringifyData(data: unknown): string {
   const val = data ?? null;
-  if (!hasBigInt(val)) return JSON.stringify(val);
-  return JSON.stringify(val, (_key, value) =>
-    typeof value === 'bigint' ? value.toString() : value
-  );
+  try {
+    return JSON.stringify(val);
+  } catch (e) {
+    if (e instanceof TypeError && /\bbigint\b/i.test(e.message)) {
+      return JSON.stringify(val, (_key, value) => (typeof value === 'bigint' ? value.toString() : value));
+    }
+    throw e;
+  }
 }
 
 const ApiResponse = {
   success: <T>(data: T, contentType?: string) => createResponse(HTTP_STATUS.OK, data, contentType),
-  created: <T>(data: T, contentType?: string) =>
-    createResponse(HTTP_STATUS.CREATED, data, contentType),
+  created: <T>(data: T, contentType?: string) => createResponse(HTTP_STATUS.CREATED, data, contentType),
 };
 
 function createErrorResponse(code: number, message: string, contentType?: string): Response {
@@ -97,40 +79,29 @@ export const APIError = {
   unauthorized: (msg = 'Unauthorized', contentType?: string) =>
     createErrorResponse(HTTP_STATUS.UNAUTHORIZED, msg, contentType),
 
-  paymentRequired: (msg = 'Payment Required', contentType?: string) =>
-    createErrorResponse(402, msg, contentType),
+  paymentRequired: (msg = 'Payment Required', contentType?: string) => createErrorResponse(402, msg, contentType),
 
-  forbidden: (msg = 'Forbidden', contentType?: string) =>
-    createErrorResponse(HTTP_STATUS.FORBIDDEN, msg, contentType),
+  forbidden: (msg = 'Forbidden', contentType?: string) => createErrorResponse(HTTP_STATUS.FORBIDDEN, msg, contentType),
 
-  notFound: (msg = 'Not Found', contentType?: string) =>
-    createErrorResponse(HTTP_STATUS.NOT_FOUND, msg, contentType),
+  notFound: (msg = 'Not Found', contentType?: string) => createErrorResponse(HTTP_STATUS.NOT_FOUND, msg, contentType),
 
-  methodNotAllowed: (msg = 'Method Not Allowed', contentType?: string) =>
-    createErrorResponse(405, msg, contentType),
+  methodNotAllowed: (msg = 'Method Not Allowed', contentType?: string) => createErrorResponse(405, msg, contentType),
 
-  notAcceptable: (msg = 'Not Acceptable', contentType?: string) =>
-    createErrorResponse(406, msg, contentType),
+  notAcceptable: (msg = 'Not Acceptable', contentType?: string) => createErrorResponse(406, msg, contentType),
 
-  requestTimeout: (msg = 'Request Timeout', contentType?: string) =>
-    createErrorResponse(408, msg, contentType),
+  requestTimeout: (msg = 'Request Timeout', contentType?: string) => createErrorResponse(408, msg, contentType),
 
-  conflict: (msg = 'Conflict', contentType?: string) =>
-    createErrorResponse(HTTP_STATUS.CONFLICT, msg, contentType),
+  conflict: (msg = 'Conflict', contentType?: string) => createErrorResponse(HTTP_STATUS.CONFLICT, msg, contentType),
 
   gone: (msg = 'Gone', contentType?: string) => createErrorResponse(410, msg, contentType),
 
-  lengthRequired: (msg = 'Length Required', contentType?: string) =>
-    createErrorResponse(411, msg, contentType),
+  lengthRequired: (msg = 'Length Required', contentType?: string) => createErrorResponse(411, msg, contentType),
 
-  preconditionFailed: (msg = 'Precondition Failed', contentType?: string) =>
-    createErrorResponse(412, msg, contentType),
+  preconditionFailed: (msg = 'Precondition Failed', contentType?: string) => createErrorResponse(412, msg, contentType),
 
-  payloadTooLarge: (msg = 'Payload Too Large', contentType?: string) =>
-    createErrorResponse(413, msg, contentType),
+  payloadTooLarge: (msg = 'Payload Too Large', contentType?: string) => createErrorResponse(413, msg, contentType),
 
-  uriTooLong: (msg = 'URI Too Long', contentType?: string) =>
-    createErrorResponse(414, msg, contentType),
+  uriTooLong: (msg = 'URI Too Long', contentType?: string) => createErrorResponse(414, msg, contentType),
 
   unsupportedMediaType: (msg = 'Unsupported Media Type', contentType?: string) =>
     createErrorResponse(415, msg, contentType),
@@ -138,33 +109,27 @@ export const APIError = {
   rangeNotSatisfiable: (msg = 'Range Not Satisfiable', contentType?: string) =>
     createErrorResponse(416, msg, contentType),
 
-  expectationFailed: (msg = 'Expectation Failed', contentType?: string) =>
-    createErrorResponse(417, msg, contentType),
+  expectationFailed: (msg = 'Expectation Failed', contentType?: string) => createErrorResponse(417, msg, contentType),
 
-  imATeapot: (msg = "I'm a teapot", contentType?: string) =>
-    createErrorResponse(418, msg, contentType),
+  imATeapot: (msg = "I'm a teapot", contentType?: string) => createErrorResponse(418, msg, contentType),
 
-  misdirectedRequest: (msg = 'Misdirected Request', contentType?: string) =>
-    createErrorResponse(421, msg, contentType),
+  misdirectedRequest: (msg = 'Misdirected Request', contentType?: string) => createErrorResponse(421, msg, contentType),
 
   unprocessableEntity: (msg = 'Unprocessable Entity', contentType?: string) =>
     createErrorResponse(HTTP_STATUS.UNPROCESSABLE_ENTITY, msg, contentType),
 
   locked: (msg = 'Locked', contentType?: string) => createErrorResponse(423, msg, contentType),
 
-  failedDependency: (msg = 'Failed Dependency', contentType?: string) =>
-    createErrorResponse(424, msg, contentType),
+  failedDependency: (msg = 'Failed Dependency', contentType?: string) => createErrorResponse(424, msg, contentType),
 
   tooEarly: (msg = 'Too Early', contentType?: string) => createErrorResponse(425, msg, contentType),
 
-  upgradeRequired: (msg = 'Upgrade Required', contentType?: string) =>
-    createErrorResponse(426, msg, contentType),
+  upgradeRequired: (msg = 'Upgrade Required', contentType?: string) => createErrorResponse(426, msg, contentType),
 
   preconditionRequired: (msg = 'Precondition Required', contentType?: string) =>
     createErrorResponse(428, msg, contentType),
 
-  tooManyRequests: (msg = 'Too Many Requests', contentType?: string) =>
-    createErrorResponse(429, msg, contentType),
+  tooManyRequests: (msg = 'Too Many Requests', contentType?: string) => createErrorResponse(429, msg, contentType),
 
   requestHeaderFieldsTooLarge: (msg = 'Request Header Fields Too Large', contentType?: string) =>
     createErrorResponse(431, msg, contentType),
@@ -176,17 +141,13 @@ export const APIError = {
   internalServerError: (msg = 'Internal Server Error', contentType?: string) =>
     createErrorResponse(HTTP_STATUS.INTERNAL_SERVER_ERROR, msg, contentType),
 
-  notImplemented: (msg = 'Not Implemented', contentType?: string) =>
-    createErrorResponse(501, msg, contentType),
+  notImplemented: (msg = 'Not Implemented', contentType?: string) => createErrorResponse(501, msg, contentType),
 
-  badGateway: (msg = 'Bad Gateway', contentType?: string) =>
-    createErrorResponse(502, msg, contentType),
+  badGateway: (msg = 'Bad Gateway', contentType?: string) => createErrorResponse(502, msg, contentType),
 
-  serviceUnavailable: (msg = 'Service Unavailable', contentType?: string) =>
-    createErrorResponse(503, msg, contentType),
+  serviceUnavailable: (msg = 'Service Unavailable', contentType?: string) => createErrorResponse(503, msg, contentType),
 
-  gatewayTimeout: (msg = 'Gateway Timeout', contentType?: string) =>
-    createErrorResponse(504, msg, contentType),
+  gatewayTimeout: (msg = 'Gateway Timeout', contentType?: string) => createErrorResponse(504, msg, contentType),
 
   httpVersionNotSupported: (msg = 'HTTP Version Not Supported', contentType?: string) =>
     createErrorResponse(505, msg, contentType),
@@ -197,11 +158,9 @@ export const APIError = {
   insufficientStorage: (msg = 'Insufficient Storage', contentType?: string) =>
     createErrorResponse(507, msg, contentType),
 
-  loopDetected: (msg = 'Loop Detected', contentType?: string) =>
-    createErrorResponse(508, msg, contentType),
+  loopDetected: (msg = 'Loop Detected', contentType?: string) => createErrorResponse(508, msg, contentType),
 
-  notExtended: (msg = 'Not Extended', contentType?: string) =>
-    createErrorResponse(510, msg, contentType),
+  notExtended: (msg = 'Not Extended', contentType?: string) => createErrorResponse(510, msg, contentType),
 
   networkAuthenticationRequired: (msg = 'Network Authentication Required', contentType?: string) =>
     createErrorResponse(511, msg, contentType),
@@ -210,22 +169,15 @@ export const APIError = {
   invalidArgument: (msg = 'Invalid Argument', contentType?: string) =>
     createErrorResponse(HTTP_STATUS.UNPROCESSABLE_ENTITY, msg, contentType),
 
-  rateLimitExceeded: (msg = 'Rate Limit Exceeded', contentType?: string) =>
-    createErrorResponse(429, msg, contentType),
+  rateLimitExceeded: (msg = 'Rate Limit Exceeded', contentType?: string) => createErrorResponse(429, msg, contentType),
 
-  maintenance: (msg = 'Service Under Maintenance', contentType?: string) =>
-    createErrorResponse(503, msg, contentType),
+  maintenance: (msg = 'Service Under Maintenance', contentType?: string) => createErrorResponse(503, msg, contentType),
 
   // Helper to create custom error with any status code
-  custom: (statusCode: number, msg: string, contentType?: string) =>
-    createErrorResponse(statusCode, msg, contentType),
+  custom: (statusCode: number, msg: string, contentType?: string) => createErrorResponse(statusCode, msg, contentType),
 };
 
-export function createResponse(
-  statusCode: number,
-  data?: unknown,
-  contentType: string = CONTENT_TYPES.JSON
-): Response {
+export function createResponse(statusCode: number, data?: unknown, contentType: string = CONTENT_TYPES.JSON): Response {
   const body = contentType === CONTENT_TYPES.JSON ? stringifyData(data) : data;
 
   return new Response(body as string, {
@@ -238,7 +190,6 @@ export const protectedRoute = async <TTypes extends VectorTypes = DefaultVectorT
   request: VectorRequest<TTypes>,
   responseContentType?: string
 ) => {
-  // Get the Vector instance to access the protected handler
   const vector = getVectorInstance();
 
   const protectedHandler = vector.getProtectedHandler();
@@ -250,25 +201,24 @@ export const protectedRoute = async <TTypes extends VectorTypes = DefaultVectorT
     const authUser = await protectedHandler(request as any);
     request.authUser = authUser as GetAuthType<TTypes>;
   } catch (error) {
-    throw APIError.unauthorized(
-      error instanceof Error ? error.message : 'Authentication failed',
-      responseContentType
-    );
+    throw APIError.unauthorized(error instanceof Error ? error.message : 'Authentication failed', responseContentType);
   }
 };
 
-export interface ApiOptions {
+export interface ApiOptions<TSchemaDef extends RouteSchemaDefinition | undefined = RouteSchemaDefinition | undefined> {
   auth?: boolean;
   expose?: boolean;
   rawRequest?: boolean;
+  validate?: boolean;
   rawResponse?: boolean;
   cache?: CacheOptions | number | null;
   responseContentType?: string;
+  schema?: TSchemaDef;
 }
 
-export function api<TTypes extends VectorTypes = DefaultVectorTypes>(
+export function api<TTypes extends VectorTypes = DefaultVectorTypes, TValidatedInput = undefined>(
   options: ApiOptions,
-  fn: (request: VectorRequest<TTypes>) => Promise<unknown>
+  fn: (request: VectorRequest<TTypes, TValidatedInput>) => Promise<unknown> | unknown
 ) {
   const {
     auth = false,
@@ -278,32 +228,42 @@ export function api<TTypes extends VectorTypes = DefaultVectorTypes>(
     responseContentType = CONTENT_TYPES.JSON,
   } = options;
 
-  // For backward compatibility with direct route usage (not auto-discovered)
-  // This wrapper is only used when routes are NOT auto-discovered
-  return async (request: IRequest) => {
+  return async (request: Request) => {
+    const req = request as unknown as VectorRequest<TTypes>;
+
     if (!expose) {
       return APIError.forbidden('Forbidden');
     }
 
     try {
       if (auth) {
-        await protectedRoute(request as any as VectorRequest<TTypes>, responseContentType);
+        await protectedRoute(req, responseContentType);
       }
 
-      if (!rawRequest) {
-        await withContent(request);
+      if (!rawRequest && req.method !== 'GET' && req.method !== 'HEAD') {
+        try {
+          const contentType = req.headers.get('content-type');
+          if (contentType?.startsWith('application/json')) {
+            req.content = await req.json();
+          } else if (contentType?.startsWith('application/x-www-form-urlencoded')) {
+            req.content = Object.fromEntries(await req.formData());
+          } else if (contentType?.startsWith('multipart/form-data')) {
+            req.content = await req.formData();
+          } else {
+            req.content = await req.text();
+          }
+        } catch {
+          req.content = null;
+        }
       }
 
-      // Cache handling is now done in the router
-      const result = await fn(request as any as VectorRequest<TTypes>);
+      const result = await fn(req as unknown as VectorRequest<TTypes, TValidatedInput>);
 
       return rawResponse ? result : ApiResponse.success(result, responseContentType);
     } catch (err: unknown) {
-      // Ensure we return a Response object
       if (err instanceof Response) {
         return err;
       }
-      // For non-Response errors, wrap them
       return APIError.internalServerError(String(err), responseContentType);
     }
   };

package/src/index.ts

@@ -1,8 +1,10 @@
-// Public exports for route definitions only
+// Public exports for route definitions and Vector startup API
 import { route } from './http';
+import { startVector } from './start-vector';
 
 // Export route function for defining routes
 export { route };
+export { startVector };
 
 // Export utilities for route handlers
 export { APIError, createResponse } from './http';
@@ -10,5 +12,4 @@ export { APIError, createResponse } from './http';
 // Export types for TypeScript users
 export * from './types';
 
-// Note: Vector framework is now config-driven and runs via CLI
-// Usage: Create vector.config.ts and run 'vector dev' or 'vector start'
+// Note: Vector is config-driven and can run via CLI or programmatic startup API

package/src/middleware/manager.ts

@@ -19,6 +19,8 @@ export class MiddlewareManager<TTypes extends VectorTypes = DefaultVectorTypes>
   }
 
   async executeBefore(request: VectorRequest<TTypes>): Promise<VectorRequest<TTypes> | Response> {
+    if (this.beforeHandlers.length === 0) return request;
+
     let currentRequest = request;
 
     for (const handler of this.beforeHandlers) {
@@ -35,6 +37,8 @@ export class MiddlewareManager<TTypes extends VectorTypes = DefaultVectorTypes>
   }
 
   async executeFinally(response: Response, request: VectorRequest<TTypes>): Promise<Response> {
+    if (this.finallyHandlers.length === 0) return response;
+
     let currentResponse = response;
 
     for (const handler of this.finallyHandlers) {