voltjs-framework 1.0.0

package/src/core/app.js

@@ -0,0 +1,701 @@
+/**
+ * VoltJS Core Application
+ * 
+ * The main application class that ties everything together.
+ * Handles HTTP server, routing, middleware, and lifecycle management.
+ * 
+ * @example
+ * const { Volt } = require('voltjs');
+ * 
+ * const app = new Volt({
+ *   port: 3000,
+ *   security: { csrf: true, xss: true, rateLimit: true },
+ * });
+ * 
+ * app.get('/', (req, res) => res.json({ hello: 'world' }));
+ * app.listen();
+ */
+
+'use strict';
+
+const http = require('http');
+const https = require('https');
+const url = require('url');
+const path = require('path');
+const fs = require('fs');
+const { Router } = require('./router');
+const { Middleware } = require('./middleware');
+const { Config } = require('./config');
+const { Renderer } = require('./renderer');
+const { PluginManager } = require('./plugins');
+const { ReactRenderer } = require('./react-renderer');
+const React = require('react');
+const ReactDOMServer = require('react-dom/server');
+
+class Volt {
+  constructor(userConfig = {}) {
+    this.config = new Config(userConfig);
+    this.router = new Router();
+    this.middleware = new Middleware();
+    this.renderer = new Renderer(this.config);
+    this.react = new ReactRenderer(userConfig.react || {});
+    this.plugins = new PluginManager(this);
+    this.server = null;
+    this._hooks = { beforeStart: [], afterStart: [], beforeStop: [], afterStop: [], onError: [] };
+    this._staticDirs = [];
+    this._viewsDir = null;
+
+    // Auto-apply security middleware if enabled
+    this._applyDefaultSecurity();
+
+    // Auto-discover routes from pages/ directory
+    this._autoDiscoverRoutes();
+  }
+
+  // ===== HTTP METHODS =====
+  get(path, ...handlers) { return this.router.add('GET', path, handlers); }
+  post(path, ...handlers) { return this.router.add('POST', path, handlers); }
+  put(path, ...handlers) { return this.router.add('PUT', path, handlers); }
+  patch(path, ...handlers) { return this.router.add('PATCH', path, handlers); }
+  delete(path, ...handlers) { return this.router.add('DELETE', path, handlers); }
+  options(path, ...handlers) { return this.router.add('OPTIONS', path, handlers); }
+  head(path, ...handlers) { return this.router.add('HEAD', path, handlers); }
+  all(path, ...handlers) { return this.router.add('ALL', path, handlers); }
+
+  // ===== MIDDLEWARE =====
+  use(...args) {
+    if (typeof args[0] === 'string') {
+      // Path-specific middleware
+      this.middleware.addPath(args[0], args.slice(1));
+    } else if (typeof args[0] === 'function') {
+      // Global middleware
+      this.middleware.addGlobal(args[0]);
+    } else if (args[0] && typeof args[0] === 'object' && args[0].install) {
+      // Plugin
+      this.plugins.register(args[0], args[1]);
+    }
+    return this;
+  }
+
+  // ===== ROUTE GROUPS =====
+  group(prefix, callback) {
+    const group = this.router.group(prefix);
+    callback(group);
+    return this;
+  }
+
+  // ===== RESOURCE ROUTES (auto CRUD) =====
+  resource(name, controller) {
+    const base = `/${name}`;
+    this.get(base, controller.index || controller.list);
+    this.get(`${base}/:id`, controller.show || controller.get);
+    this.post(base, controller.create || controller.store);
+    this.put(`${base}/:id`, controller.update);
+    this.patch(`${base}/:id`, controller.update);
+    this.delete(`${base}/:id`, controller.destroy || controller.remove || controller.delete);
+    return this;
+  }
+
+  // ===== STATIC FILES =====
+  static(urlPath, dirPath) {
+    this._staticDirs.push({
+      url: urlPath,
+      dir: path.resolve(dirPath || urlPath),
+    });
+    return this;
+  }
+
+  // ===== VIEWS =====
+  views(dirPath) {
+    this._viewsDir = path.resolve(dirPath);
+    this.renderer.setViewsDir(this._viewsDir);
+    return this;
+  }
+
+  // ===== LIFECYCLE HOOKS =====
+  beforeStart(fn) { this._hooks.beforeStart.push(fn); return this; }
+  afterStart(fn) { this._hooks.afterStart.push(fn); return this; }
+  beforeStop(fn) { this._hooks.beforeStop.push(fn); return this; }
+  afterStop(fn) { this._hooks.afterStop.push(fn); return this; }
+  onError(fn) { this._hooks.onError.push(fn); return this; }
+
+  // ===== REQUEST HANDLER =====
+  async _handleRequest(req, res) {
+    const startTime = Date.now();
+
+    try {
+      // Parse URL
+      const parsedUrl = url.parse(req.url, true);
+      req.path = parsedUrl.pathname;
+      req.query = parsedUrl.query;
+      req.params = {};
+
+      // Enhanced response object
+      this._enhanceResponse(res, req);
+
+      // Parse body for POST/PUT/PATCH
+      if (['POST', 'PUT', 'PATCH'].includes(req.method)) {
+        await this._parseBody(req);
+      }
+
+      // Parse cookies
+      this._parseCookies(req);
+
+      // Try static files first
+      const staticResult = await this._serveStatic(req, res);
+      if (staticResult) return;
+
+      // Run global middleware
+      const middlewareResult = await this.middleware.runGlobal(req, res);
+      if (middlewareResult === false || res.writableEnded) return;
+
+      // Match route
+      const match = this.router.match(req.method, req.path);
+      if (!match) {
+        return this._handleNotFound(req, res);
+      }
+
+      // Set params from route matching
+      req.params = match.params;
+
+      // Run path-specific middleware
+      const pathMiddlewareResult = await this.middleware.runPath(req.path, req, res);
+      if (pathMiddlewareResult === false || res.writableEnded) return;
+
+      // Run route handlers (support multiple handlers as middleware chain)
+      for (const handler of match.handlers) {
+        if (res.writableEnded) break;
+        const result = await handler(req, res);
+        if (result !== undefined && !res.writableEnded) {
+          // Auto-send response if handler returns a value
+          if (typeof result === 'object') {
+            res.json(result);
+          } else {
+            res.send(String(result));
+          }
+        }
+      }
+
+      // Log request
+      const duration = Date.now() - startTime;
+      if (this.config.get('logging.requests', true)) {
+        const statusColor = res.statusCode >= 400 ? '\x1b[31m' : '\x1b[32m';
+        console.log(
+          `  ${statusColor}${req.method}${'\x1b[0m'} ${req.path} ${'\x1b[2m'}${res.statusCode} ${duration}ms${'\x1b[0m'}`
+        );
+      }
+    } catch (err) {
+      this._handleError(err, req, res);
+    }
+  }
+
+  // ===== RESPONSE ENHANCEMENT =====
+  _enhanceResponse(res, req) {
+    // JSON response
+    res.json = (data, statusCode = 200) => {
+      res.writeHead(statusCode, {
+        'Content-Type': 'application/json',
+        'X-Powered-By': 'VoltJS',
+      });
+      res.end(JSON.stringify(data));
+    };
+
+    // HTML response
+    res.html = (content, statusCode = 200) => {
+      res.writeHead(statusCode, {
+        'Content-Type': 'text/html; charset=utf-8',
+        'X-Powered-By': 'VoltJS',
+      });
+      res.end(content);
+    };
+
+    // Plain text
+    res.send = (content, statusCode = 200) => {
+      const contentType = typeof content === 'object'
+        ? 'application/json'
+        : 'text/plain; charset=utf-8';
+      res.writeHead(statusCode, {
+        'Content-Type': contentType,
+        'X-Powered-By': 'VoltJS',
+      });
+      res.end(typeof content === 'object' ? JSON.stringify(content) : String(content));
+    };
+
+    // Status setter (chainable)
+    res.status = (code) => {
+      res.statusCode = code;
+      return res;
+    };
+
+    // Redirect
+    res.redirect = (location, statusCode = 302) => {
+      res.writeHead(statusCode, { Location: location });
+      res.end();
+    };
+
+    // Render template
+    res.render = (template, data = {}) => {
+      try {
+        const html = this.renderer.render(template, { ...data, req });
+        res.html(html);
+      } catch (err) {
+        this._handleError(err, req, res);
+      }
+    };
+
+    // React SSR: render a React component to a full HTML page
+    // Usage: res.jsx(Component, props, pageOptions)
+    //    or: res.jsx('ComponentName', props, pageOptions)  (if registered)
+    res.jsx = (componentOrName, props = {}, pageOptions = {}) => {
+      try {
+        const html = this.react.renderPage(componentOrName, props, pageOptions);
+        const statusCode = pageOptions.statusCode || 200;
+        res.html(html, statusCode);
+      } catch (err) {
+        this._handleError(err, req, res);
+      }
+    };
+
+    // Download file
+    res.download = (filePath, filename) => {
+      const fname = filename || path.basename(filePath);
+      res.setHeader('Content-Disposition', `attachment; filename="${fname}"`);
+      const stream = fs.createReadStream(filePath);
+      stream.pipe(res);
+    };
+
+    // Set cookie
+    res.cookie = (name, value, options = {}) => {
+      const parts = [`${name}=${encodeURIComponent(value)}`];
+      if (options.maxAge) parts.push(`Max-Age=${options.maxAge}`);
+      if (options.expires) parts.push(`Expires=${options.expires.toUTCString()}`);
+      if (options.path) parts.push(`Path=${options.path}`);
+      else parts.push('Path=/');
+      if (options.domain) parts.push(`Domain=${options.domain}`);
+      if (options.secure) parts.push('Secure');
+      if (options.httpOnly !== false) parts.push('HttpOnly');
+      if (options.sameSite) parts.push(`SameSite=${options.sameSite}`);
+      else parts.push('SameSite=Lax');
+
+      const existing = res.getHeader('Set-Cookie') || [];
+      const cookies = Array.isArray(existing) ? existing : [existing];
+      cookies.push(parts.join('; '));
+      res.setHeader('Set-Cookie', cookies);
+      return res;
+    };
+
+    // Clear cookie
+    res.clearCookie = (name, options = {}) => {
+      return res.cookie(name, '', { ...options, maxAge: 0 });
+    };
+
+    // Send file
+    res.sendFile = (filePath) => {
+      const ext = path.extname(filePath).toLowerCase();
+      const mimeTypes = {
+        '.html': 'text/html', '.css': 'text/css', '.js': 'application/javascript',
+        '.json': 'application/json', '.png': 'image/png', '.jpg': 'image/jpeg',
+        '.jpeg': 'image/jpeg', '.gif': 'image/gif', '.svg': 'image/svg+xml',
+        '.ico': 'image/x-icon', '.pdf': 'application/pdf', '.txt': 'text/plain',
+        '.xml': 'application/xml', '.mp4': 'video/mp4', '.webm': 'video/webm',
+        '.woff': 'font/woff', '.woff2': 'font/woff2', '.ttf': 'font/ttf',
+      };
+      res.writeHead(200, { 'Content-Type': mimeTypes[ext] || 'application/octet-stream' });
+      fs.createReadStream(filePath).pipe(res);
+    };
+
+    // JSONP
+    res.jsonp = (data, callback = 'callback') => {
+      const cb = req.query[callback] || callback;
+      res.writeHead(200, { 'Content-Type': 'application/javascript' });
+      res.end(`${cb}(${JSON.stringify(data)})`);
+    };
+
+    // No content
+    res.noContent = () => {
+      res.writeHead(204);
+      res.end();
+    };
+  }
+
+  // ===== BODY PARSING =====
+  _parseBody(req) {
+    return new Promise((resolve, reject) => {
+      let body = '';
+      const maxSize = this.config.get('server.maxBodySize', 10 * 1024 * 1024); // 10MB default
+      let size = 0;
+
+      req.on('data', (chunk) => {
+        size += chunk.length;
+        if (size > maxSize) {
+          req.destroy();
+          reject(new Error('Request body too large'));
+          return;
+        }
+        body += chunk.toString();
+      });
+
+      req.on('end', () => {
+        const contentType = req.headers['content-type'] || '';
+
+        if (contentType.includes('application/json')) {
+          try {
+            req.body = JSON.parse(body);
+          } catch {
+            req.body = {};
+          }
+        } else if (contentType.includes('application/x-www-form-urlencoded')) {
+          req.body = Object.fromEntries(new URLSearchParams(body));
+        } else if (contentType.includes('multipart/form-data')) {
+          req.body = {};
+          req.rawBody = body;
+          // Parse multipart
+          this._parseMultipart(req, body, contentType);
+        } else {
+          req.body = body;
+          req.rawBody = body;
+        }
+        resolve();
+      });
+
+      req.on('error', reject);
+    });
+  }
+
+  // ===== MULTIPART PARSING =====
+  _parseMultipart(req, body, contentType) {
+    const boundaryMatch = contentType.match(/boundary=(.+)/);
+    if (!boundaryMatch) return;
+
+    const boundary = boundaryMatch[1];
+    const parts = body.split(`--${boundary}`);
+    req.files = {};
+    req.body = {};
+
+    for (const part of parts) {
+      if (part.trim() === '' || part.trim() === '--') continue;
+
+      const headerEnd = part.indexOf('\r\n\r\n');
+      if (headerEnd === -1) continue;
+
+      const headers = part.substring(0, headerEnd);
+      const content = part.substring(headerEnd + 4).replace(/\r\n$/, '');
+
+      const nameMatch = headers.match(/name="([^"]+)"/);
+      const filenameMatch = headers.match(/filename="([^"]+)"/);
+
+      if (nameMatch) {
+        if (filenameMatch) {
+          const contentTypeMatch = headers.match(/Content-Type:\s*(.+)/i);
+          req.files[nameMatch[1]] = {
+            name: filenameMatch[1],
+            data: Buffer.from(content, 'binary'),
+            type: contentTypeMatch ? contentTypeMatch[1].trim() : 'application/octet-stream',
+            size: content.length,
+          };
+        } else {
+          req.body[nameMatch[1]] = content.trim();
+        }
+      }
+    }
+  }
+
+  // ===== COOKIE PARSING =====
+  _parseCookies(req) {
+    req.cookies = {};
+    const cookieHeader = req.headers.cookie;
+    if (cookieHeader) {
+      cookieHeader.split(';').forEach(cookie => {
+        const [name, ...rest] = cookie.split('=');
+        if (name) {
+          req.cookies[name.trim()] = decodeURIComponent(rest.join('=').trim());
+        }
+      });
+    }
+  }
+
+  // ===== STATIC FILE SERVING =====
+  async _serveStatic(req, res) {
+    if (req.method !== 'GET' && req.method !== 'HEAD') return false;
+
+    for (const staticDir of this._staticDirs) {
+      if (req.path.startsWith(staticDir.url)) {
+        const relativePath = req.path.substring(staticDir.url.length);
+        const filePath = path.join(staticDir.dir, relativePath);
+
+        // Security: prevent directory traversal
+        if (!filePath.startsWith(staticDir.dir)) {
+          return false;
+        }
+
+        try {
+          const stat = fs.statSync(filePath);
+          if (stat.isFile()) {
+            res.sendFile(filePath);
+            return true;
+          }
+        } catch {
+          return false;
+        }
+      }
+    }
+    return false;
+  }
+
+  // ===== AUTO-DISCOVER ROUTES =====
+  _autoDiscoverRoutes() {
+    const pagesDir = path.join(process.cwd(), 'pages');
+    const apiDir = path.join(process.cwd(), 'api');
+
+    if (fs.existsSync(pagesDir)) {
+      this._discoverFileRoutes(pagesDir, '', 'page');
+    }
+    if (fs.existsSync(apiDir)) {
+      this._discoverFileRoutes(apiDir, '/api', 'api');
+    }
+  }
+
+  _discoverFileRoutes(dir, prefix, type) {
+    try {
+      const entries = fs.readdirSync(dir, { withFileTypes: true });
+
+      for (const entry of entries) {
+        const fullPath = path.join(dir, entry.name);
+
+        if (entry.isDirectory()) {
+          // Handle dynamic routes: [id] -> :id
+          const dirName = entry.name.replace(/^\[(.+)\]$/, ':$1');
+          this._discoverFileRoutes(fullPath, `${prefix}/${dirName}`, type);
+        } else if (entry.isFile()) {
+          const ext = path.extname(entry.name);
+          if (!['.js', '.ts', '.volt'].includes(ext)) continue;
+
+          let routePath = entry.name.replace(ext, '');
+
+          // Handle dynamic routes: [id].js -> :id
+          routePath = routePath.replace(/^\[(.+)\]$/, ':$1');
+
+          // index.js maps to /
+          if (routePath === 'index') {
+            routePath = '';
+          }
+
+          const fullRoute = `${prefix}/${routePath}`.replace(/\/+/g, '/') || '/';
+
+          try {
+            const handler = require(fullPath);
+
+            if (type === 'api') {
+              // API routes export method handlers
+              if (typeof handler === 'function') {
+                this.all(fullRoute, handler);
+              } else {
+                if (handler.GET || handler.get) this.get(fullRoute, handler.GET || handler.get);
+                if (handler.POST || handler.post) this.post(fullRoute, handler.POST || handler.post);
+                if (handler.PUT || handler.put) this.put(fullRoute, handler.PUT || handler.put);
+                if (handler.PATCH || handler.patch) this.patch(fullRoute, handler.PATCH || handler.patch);
+                if (handler.DELETE || handler.delete) this.delete(fullRoute, handler.DELETE || handler.delete);
+              }
+            } else {
+              // Page routes
+              if (typeof handler === 'function') {
+                this.get(fullRoute, handler);
+              } else if (handler.default) {
+                this.get(fullRoute, handler.default);
+              }
+            }
+          } catch (err) {
+            console.warn(`\x1b[33mWarning: Failed to load route ${fullRoute}: ${err.message}\x1b[0m`);
+          }
+        }
+      }
+    } catch {
+      // Directory doesn't exist or can't be read
+    }
+  }
+
+  // ===== DEFAULT SECURITY =====
+  _applyDefaultSecurity() {
+    const secConfig = this.config.get('security', {});
+
+    // Always add security headers unless explicitly disabled
+    if (secConfig.headers !== false) {
+      this.middleware.addGlobal((req, res) => {
+        res.setHeader('X-Content-Type-Options', 'nosniff');
+        res.setHeader('X-Frame-Options', 'DENY');
+        res.setHeader('X-XSS-Protection', '1; mode=block');
+        res.setHeader('Referrer-Policy', 'strict-origin-when-cross-origin');
+        res.setHeader('X-Powered-By', 'VoltJS');
+        if (secConfig.hsts !== false) {
+          res.setHeader('Strict-Transport-Security', 'max-age=31536000; includeSubDomains');
+        }
+      });
+    }
+
+    // CORS
+    if (secConfig.cors !== false) {
+      const corsOptions = typeof secConfig.cors === 'object' ? secConfig.cors : {};
+      const { CORSHandler } = require('../security/cors');
+      this.middleware.addGlobal(CORSHandler.middleware(corsOptions));
+    }
+
+    // Rate limiting
+    if (secConfig.rateLimit !== false) {
+      const rlOptions = typeof secConfig.rateLimit === 'object' ? secConfig.rateLimit : {};
+      const { RateLimiter } = require('../security/rateLimit');
+      this.middleware.addGlobal(RateLimiter.middleware(rlOptions));
+    }
+
+    // XSS Protection
+    if (secConfig.xss !== false) {
+      const { XSSProtection } = require('../security/xss');
+      this.middleware.addGlobal(XSSProtection.middleware());
+    }
+  }
+
+  // ===== ERROR HANDLING =====
+  _handleNotFound(req, res) {
+    const payload = {
+      error: 'Not Found',
+      message: `Route ${req.method} ${req.path} not found`,
+      statusCode: 404,
+    };
+
+    if (req.headers.accept && req.headers.accept.includes('text/html')) {
+      res.html(`
+        <!DOCTYPE html>
+        <html>
+          <head><title>404 - Not Found</title>
+          <style>
+            body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; display: flex; justify-content: center; align-items: center; min-height: 100vh; margin: 0; background: #0a0a0a; color: #fff; }
+            .container { text-align: center; }
+            h1 { font-size: 120px; margin: 0; background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); -webkit-background-clip: text; -webkit-text-fill-color: transparent; }
+            p { color: #888; font-size: 18px; }
+            a { color: #667eea; text-decoration: none; }
+          </style></head>
+          <body>
+            <div class="container">
+              <h1>404</h1>
+              <p>${req.method} ${req.path} not found</p>
+              <a href="/">← Go Home</a>
+            </div>
+          </body>
+        </html>
+      `, 404);
+    } else {
+      res.json(payload, 404);
+    }
+  }
+
+  _handleError(err, req, res) {
+    // Run error hooks
+    for (const hook of this._hooks.onError) {
+      try { hook(err, req, res); } catch {}
+    }
+
+    const statusCode = err.statusCode || 500;
+    const isDev = this.config.get('env', 'development') === 'development';
+
+    console.error(`\x1b[31m  ERROR: ${err.message}\x1b[0m`);
+    if (isDev) console.error(`\x1b[2m${err.stack}\x1b[0m`);
+
+    if (req.headers.accept && req.headers.accept.includes('text/html')) {
+      res.html(`
+        <!DOCTYPE html>
+        <html>
+          <head><title>Error ${statusCode}</title>
+          <style>
+            body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', monospace; padding: 40px; background: #0a0a0a; color: #fff; }
+            .error-box { background: #1a1a2e; border: 1px solid #e94560; border-radius: 8px; padding: 24px; max-width: 800px; margin: 0 auto; }
+            h1 { color: #e94560; margin-top: 0; }
+            pre { background: #16213e; padding: 16px; border-radius: 4px; overflow-x: auto; color: #a8a8a8; }
+            .status { color: #e94560; font-size: 48px; font-weight: bold; }
+          </style></head>
+          <body>
+            <div class="error-box">
+              <div class="status">${statusCode}</div>
+              <h1>${err.message}</h1>
+              ${isDev ? `<pre>${err.stack}</pre>` : '<p>An internal error occurred.</p>'}
+            </div>
+          </body>
+        </html>
+      `, statusCode);
+    } else {
+      res.json({
+        error: err.message,
+        statusCode,
+        ...(isDev && { stack: err.stack }),
+      }, statusCode);
+    }
+  }
+
+  // ===== SERVER =====
+  async listen(port, callback) {
+    const serverPort = port || this.config.get('port', 3000);
+    const host = this.config.get('host', '0.0.0.0');
+
+    // Run beforeStart hooks
+    for (const hook of this._hooks.beforeStart) {
+      await hook(this);
+    }
+
+    // Create server
+    const sslConfig = this.config.get('ssl');
+    if (sslConfig && sslConfig.key && sslConfig.cert) {
+      this.server = https.createServer({
+        key: fs.readFileSync(sslConfig.key),
+        cert: fs.readFileSync(sslConfig.cert),
+      }, (req, res) => this._handleRequest(req, res));
+    } else {
+      this.server = http.createServer((req, res) => this._handleRequest(req, res));
+    }
+
+    // Start listening
+    return new Promise((resolve) => {
+      this.server.listen(serverPort, host, async () => {
+        const protocol = sslConfig ? 'https' : 'http';
+        console.log(`
+\x1b[36m\x1b[1m  ⚡ VoltJS server running!\x1b[0m
+  \x1b[2m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\x1b[0m
+  \x1b[32m→ Local:\x1b[0m    ${protocol}://localhost:${serverPort}
+  \x1b[32m→ Network:\x1b[0m  ${protocol}://${host}:${serverPort}
+  \x1b[32m→ Mode:\x1b[0m     ${this.config.get('env', 'development')}
+  \x1b[2m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\x1b[0m
+`);
+
+        // Run afterStart hooks
+        for (const hook of this._hooks.afterStart) {
+          await hook(this);
+        }
+
+        if (callback) callback(this);
+        resolve(this);
+      });
+    });
+  }
+
+  async close() {
+    for (const hook of this._hooks.beforeStop) {
+      await hook(this);
+    }
+
+    if (this.server) {
+      return new Promise((resolve) => {
+        this.server.close(async () => {
+          for (const hook of this._hooks.afterStop) {
+            await hook(this);
+          }
+          console.log('\x1b[33m  ⚡ VoltJS server stopped.\x1b[0m');
+          resolve();
+        });
+      });
+    }
+  }
+
+  // ===== UTILITY =====
+  getRoutes() {
+    return this.router.getRoutes();
+  }
+}
+
+module.exports = { Volt };