npm - weifuwu - Versions diffs - 0.2.2 → 0.2.4 - Mend

weifuwu 0.2.2 → 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (45) hide show

package/README.md +90 -5
package/dist/compress.d.ts +6 -0
package/dist/cookie.d.ts +12 -0
package/dist/index.d.ts +21 -0
package/dist/index.js +1486 -0
package/dist/middleware.d.ts +21 -0
package/dist/rate-limit.d.ts +8 -0
package/dist/router.d.ts +55 -0
package/dist/serve.d.ts +19 -0
package/dist/static.d.ts +7 -0
package/dist/tsx.d.ts +17 -0
package/dist/types.d.ts +9 -0
package/dist/upload.d.ts +14 -0
package/dist/validate.d.ts +9 -0
package/package.json +14 -2
package/AGENTS.md +0 -105
package/compress.ts +0 -69
package/cookie.ts +0 -58
package/index.ts +0 -21
package/middleware.ts +0 -178
package/rate-limit.ts +0 -68
package/router.ts +0 -701
package/serve.ts +0 -126
package/static.ts +0 -113
package/test/compress.test.ts +0 -106
package/test/cookie.test.ts +0 -79
package/test/fixtures/pages/about/page.tsx +0 -3
package/test/fixtures/pages/blog/[slug]/load.ts +0 -3
package/test/fixtures/pages/blog/[slug]/page.tsx +0 -3
package/test/fixtures/pages/blog/[slug]/route.ts +0 -7
package/test/fixtures/pages/blog/layout.tsx +0 -3
package/test/fixtures/pages/layout.tsx +0 -12
package/test/fixtures/pages/page.tsx +0 -3
package/test/middleware.test.ts +0 -407
package/test/rate-limit.test.ts +0 -94
package/test/static.test.ts +0 -93
package/test/tsx.test.ts +0 -285
package/test/unode.test.ts +0 -401
package/test/upload.test.ts +0 -130
package/test/validate.test.ts +0 -133
package/tsconfig.json +0 -13
package/tsx.ts +0 -374
package/types.ts +0 -23
package/upload.ts +0 -101
package/validate.ts +0 -88

package/test/middleware.test.ts DELETED Viewed

@@ -1,407 +0,0 @@
-import { describe, it, mock, after } from 'node:test'
-import assert from 'node:assert/strict'
-import { Router } from '../router.ts'
-import { serve } from '../serve.ts'
-import { auth, cors, logger } from '../middleware.ts'
-function handler(text = 'ok') {
-  return () => new Response(text)
-}
-// ── Logger ────────────────────────────────────────────────────────────────────
-describe('logger', () => {
-  it('logs method, path and status', async () => {
-    const logs: string[] = []
-    mock.method(console, 'log', (msg: string) => { logs.push(msg) })
-    const r = new Router()
-      .use(logger())
-      .get('/hello', handler())
-    await r.handler()(new Request('http://localhost/hello'), { params: {}, query: {} })
-    assert.equal(logs.length, 1)
-    assert.ok(logs[0]!.includes('GET'))
-    assert.ok(logs[0]!.includes('/hello'))
-    assert.ok(logs[0]!.includes('200'))
-    mock.restoreAll()
-  })
-  it('combined format includes search params', async () => {
-    const logs: string[] = []
-    mock.method(console, 'log', (msg: string) => { logs.push(msg) })
-    const r = new Router()
-      .use(logger({ format: 'combined' }))
-      .get('/search', handler())
-    await r.handler()(new Request('http://localhost/search?q=test'), { params: {}, query: {} })
-    assert.ok(logs[0]!.includes('?q=test'))
-    mock.restoreAll()
-  })
-})
-// ── CORS ───────────────────────────────────────────────────────────────────────
-describe('cors', () => {
-  it('adds Access-Control-Allow-Origin: * by default', async () => {
-    const r = new Router()
-      .use(cors())
-      .get('/data', handler())
-    const res = await r.handler()(new Request('http://localhost/data'), { params: {}, query: {} })
-    assert.equal(res.headers.get('Access-Control-Allow-Origin'), '*')
-  })
-  it('reflects request origin when in allowed list', async () => {
-    const r = new Router()
-      .use(cors({ origin: ['https://example.com', 'https://app.com'] }))
-      .get('/data', handler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { headers: { origin: 'https://example.com' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.headers.get('Access-Control-Allow-Origin'), 'https://example.com')
-  })
-  it('omits CORS headers for disallowed origin', async () => {
-    const r = new Router()
-      .use(cors({ origin: ['https://example.com'] }))
-      .get('/data', handler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { headers: { origin: 'https://evil.com' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.headers.get('Access-Control-Allow-Origin'), null)
-  })
-  it('handles OPTIONS preflight', async () => {
-    const r = new Router()
-      .use(cors({ origin: 'https://example.com', methods: ['GET', 'POST'], allowedHeaders: ['X-Custom'], maxAge: 3600 }))
-      .get('/data', handler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { method: 'OPTIONS', headers: { origin: 'https://example.com' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.status, 204)
-    assert.equal(res.headers.get('Access-Control-Allow-Origin'), 'https://example.com')
-    assert.equal(res.headers.get('Access-Control-Allow-Methods'), 'GET, POST')
-    assert.equal(res.headers.get('Access-Control-Allow-Headers'), 'X-Custom')
-    assert.equal(res.headers.get('Access-Control-Max-Age'), '3600')
-  })
-  it('sets Access-Control-Allow-Credentials', async () => {
-    const r = new Router()
-      .use(cors({ origin: 'https://example.com', credentials: true }))
-      .get('/data', handler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { headers: { origin: 'https://example.com' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.headers.get('Access-Control-Allow-Credentials'), 'true')
-  })
-  it('sets Access-Control-Expose-Headers', async () => {
-    const r = new Router()
-      .use(cors({ origin: '*', exposedHeaders: ['X-Total-Count', 'X-Page'] }))
-      .get('/data', handler())
-    const res = await r.handler()(new Request('http://localhost/data'), { params: {}, query: {} })
-    assert.equal(res.headers.get('Access-Control-Expose-Headers'), 'X-Total-Count, X-Page')
-  })
-  it('sets Vary: Origin', async () => {
-    const r = new Router()
-      .use(cors({ origin: 'https://example.com' }))
-      .get('/data', handler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { headers: { origin: 'https://example.com' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.headers.get('Vary'), 'Origin')
-  })
-  it('uses dynamic origin function', async () => {
-    const r = new Router()
-      .use(cors({
-        origin: (origin) => origin.endsWith('.trusted.com') ? origin : false,
-      }))
-      .get('/data', handler())
-    const res1 = await r.handler()(
-      new Request('http://localhost/data', { headers: { origin: 'https://app.trusted.com' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res1.headers.get('Access-Control-Allow-Origin'), 'https://app.trusted.com')
-    const res2 = await r.handler()(
-      new Request('http://localhost/data', { headers: { origin: 'https://evil.com' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res2.headers.get('Access-Control-Allow-Origin'), null)
-  })
-  it('returns 204 for OPTIONS without matching route', async () => {
-    const r = new Router()
-      .use(cors({ origin: '*' }))
-      .get('/data', handler())
-    const res = await r.handler()(
-      new Request('http://localhost/other', { method: 'OPTIONS', headers: { origin: 'https://example.com' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.status, 204)
-  })
-})
-// ── Auth ───────────────────────────────────────────────────────────────────────
-function authHandler() {
-  return (req: Request, ctx: { user?: unknown }) =>
-    Response.json({ user: ctx.user })
-}
-describe('auth', () => {
-  it('rejects missing Authorization header with 401', async () => {
-    const r = new Router()
-      .use(auth({ token: 'secret' }))
-      .get('/data', handler())
-    const res = await r.handler()(new Request('http://localhost/data'), { params: {}, query: {} })
-    assert.equal(res.status, 401)
-  })
-  it('sets WWW-Authenticate header on 401', async () => {
-    const r = new Router()
-      .use(auth({ token: 'secret' }))
-      .get('/data', handler())
-    const res = await r.handler()(new Request('http://localhost/data'), { params: {}, query: {} })
-    assert.equal(res.headers.get('WWW-Authenticate'), 'Bearer')
-  })
-  it('accepts valid Bearer token', async () => {
-    const r = new Router()
-      .use(auth({ token: 'secret' }))
-      .get('/data', handler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { headers: { Authorization: 'Bearer secret' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.status, 200)
-  })
-  it('rejects invalid Bearer token with 403', async () => {
-    const r = new Router()
-      .use(auth({ token: 'secret' }))
-      .get('/data', handler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { headers: { Authorization: 'Bearer wrong' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.status, 403)
-  })
-  it('supports custom header name (X-API-Key)', async () => {
-    const r = new Router()
-      .use(auth({ token: 'my-key', header: 'X-API-Key' }))
-      .get('/data', handler())
-    const res1 = await r.handler()(
-      new Request('http://localhost/data', { headers: { 'X-API-Key': 'my-key' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res1.status, 200)
-    const res2 = await r.handler()(
-      new Request('http://localhost/data', { headers: { 'X-API-Key': 'wrong' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res2.status, 403)
-  })
-  it('does not set WWW-Authenticate for custom header', async () => {
-    const r = new Router()
-      .use(auth({ token: 'my-key', header: 'X-API-Key' }))
-      .get('/data', handler())
-    const res = await r.handler()(new Request('http://localhost/data'), { params: {}, query: {} })
-    assert.equal(res.headers.get('WWW-Authenticate'), null)
-  })
-  it('verify returning boolean true passes', async () => {
-    const r = new Router()
-      .use(auth({
-        verify: () => true,
-      }))
-      .get('/data', handler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { headers: { Authorization: 'Bearer any' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.status, 200)
-  })
-  it('verify returning boolean false rejects with 403', async () => {
-    const r = new Router()
-      .use(auth({
-        verify: () => false,
-      }))
-      .get('/data', handler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { headers: { Authorization: 'Bearer any' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.status, 403)
-  })
-  it('verify returning object sets ctx.user', async () => {
-    const r = new Router()
-      .use(auth({
-        verify: () => ({ sub: 'user-1', role: 'admin' }),
-      }))
-      .get('/admin', authHandler())
-    const res = await r.handler()(
-      new Request('http://localhost/admin', { headers: { Authorization: 'Bearer token' } }),
-      { params: {}, query: {} },
-    )
-    const data = await res.json() as Record<string, unknown>
-    assert.deepEqual(data.user, { sub: 'user-1', role: 'admin' })
-  })
-  it('verify returning null rejects with 403', async () => {
-    const r = new Router()
-      .use(auth({
-        verify: () => null,
-      }))
-      .get('/data', handler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { headers: { Authorization: 'Bearer any' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.status, 403)
-  })
-  it('works as route-level middleware', async () => {
-    const mw = auth({ verify: () => ({ sub: 'u1' }) })
-    const r = new Router()
-      .get('/admin', mw, (req, ctx) =>
-        Response.json({ user: ctx.user }),
-      )
-    const res = await r.handler()(
-      new Request('http://localhost/admin', { headers: { Authorization: 'Bearer token' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.status, 200)
-    const data = await res.json() as Record<string, unknown>
-    assert.deepEqual(data.user, { sub: 'u1' })
-  })
-  it('route-level auth rejects without token', async () => {
-    const mw = auth({ verify: () => ({ sub: 'u1' }) })
-    const r = new Router()
-      .get('/admin', mw, (req, ctx) => Response.json({ user: ctx.user }))
-    const res = await r.handler()(
-      new Request('http://localhost/admin'),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.status, 401)
-  })
-  // ── Proxy mode ──────────────────────────────────────────────────────────
-  it('proxy: 2xx response passes auth', async () => {
-    const proxy = serve(() => new Response(JSON.stringify({ sub: 'u1' }), {
-      headers: { 'content-type': 'application/json' },
-    }), { port: 0 })
-    await proxy.ready
-    const proxyUrl = `http://localhost:${proxy.port}/validate`
-    const r = new Router()
-      .get('/data', auth({ proxy: proxyUrl }), authHandler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { headers: { Authorization: 'Bearer valid' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.status, 200)
-    const data = await res.json() as Record<string, unknown>
-    assert.deepEqual(data.user, { sub: 'u1' })
-    proxy.stop()
-  })
-  it('proxy: 4xx response rejects auth', async () => {
-    const proxy = serve(() => new Response('Unauthorized', { status: 401 }), { port: 0 })
-    await proxy.ready
-    const proxyUrl = `http://localhost:${proxy.port}/validate`
-    const r = new Router()
-      .get('/data', auth({ proxy: proxyUrl }), handler())
-    const res = await r.handler()(
-      new Request('http://localhost/data', { headers: { Authorization: 'Bearer bad' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res.status, 401)
-    proxy.stop()
-  })
-  it('proxy forwards Authorization header for Bearer tokens', async () => {
-    let receivedAuth: string | null = null
-    const proxy = serve((req) => {
-      receivedAuth = req.headers.get('Authorization')
-      return new Response('ok')
-    }, { port: 0 })
-    await proxy.ready
-    const proxyUrl = `http://localhost:${proxy.port}/validate`
-    const r = new Router()
-      .get('/data', auth({ proxy: proxyUrl }), handler())
-    await r.handler()(
-      new Request('http://localhost/data', { headers: { Authorization: 'Bearer mytoken' } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(receivedAuth, 'Bearer mytoken')
-    proxy.stop()
-  })
-  it('proxy sends access_token query param for custom header', async () => {
-    let receivedQuery = ''
-    const proxy = serve((req) => {
-      receivedQuery = new URL(req.url).search
-      return new Response('ok')
-    }, { port: 0 })
-    await proxy.ready
-    const proxyUrl = `http://localhost:${proxy.port}/validate`
-    const r = new Router()
-      .get('/data', auth({ proxy: proxyUrl, header: 'X-API-Key' }), handler())
-    await r.handler()(
-      new Request('http://localhost/data', { headers: { 'X-API-Key': 'my-key' } }),
-      { params: {}, query: {} },
-    )
-    assert.ok(receivedQuery.includes('access_token=my-key'))
-    proxy.stop()
-  })
-})

package/test/rate-limit.test.ts DELETED Viewed

@@ -1,94 +0,0 @@
-import { describe, it } from 'node:test'
-import assert from 'node:assert/strict'
-import { Router } from '../router.ts'
-import { rateLimit } from '../rate-limit.ts'
-describe('rateLimit', () => {
-  it('allows requests under the limit', async () => {
-    const r = new Router()
-      .use(rateLimit({ max: 5, window: 60_000 }))
-      .get('/data', () => new Response('ok'))
-    for (let i = 0; i < 5; i++) {
-      const res = await r.handler()(new Request('http://localhost/data'), { params: {}, query: {} })
-      assert.equal(res.status, 200)
-    }
-  })
-  it('blocks requests exceeding the limit', async () => {
-    const r = new Router()
-      .use(rateLimit({ max: 3, window: 60_000 }))
-      .get('/data', () => new Response('ok'))
-    for (let i = 0; i < 3; i++) {
-      const res = await r.handler()(new Request('http://localhost/data'), { params: {}, query: {} })
-      assert.equal(res.status, 200)
-    }
-    const res = await r.handler()(new Request('http://localhost/data'), { params: {}, query: {} })
-    assert.equal(res.status, 429)
-  })
-  it('returns rate limit headers', async () => {
-    const r = new Router()
-      .use(rateLimit({ max: 2, window: 60_000 }))
-      .get('/data', () => new Response('ok'))
-    let res = await r.handler()(new Request('http://localhost/data'), { params: {}, query: {} })
-    assert.equal(res.headers.get('X-RateLimit-Remaining'), '1')
-    res = await r.handler()(new Request('http://localhost/data'), { params: {}, query: {} })
-    assert.equal(res.headers.get('X-RateLimit-Remaining'), '0')
-    res = await r.handler()(new Request('http://localhost/data'), { params: {}, query: {} })
-    assert.equal(res.status, 429)
-    assert.equal(res.headers.get('X-RateLimit-Limit'), '2')
-    assert.equal(res.headers.get('X-RateLimit-Remaining'), '0')
-    assert.ok(res.headers.get('X-RateLimit-Reset'))
-    assert.ok(res.headers.get('Retry-After'))
-  })
-  it('uses custom key function', async () => {
-    const keys: string[] = []
-    const r = new Router()
-      .use(rateLimit({
-        max: 1,
-        window: 60_000,
-        key: (req) => {
-          const key = req.headers.get('x-api-key') ?? 'anonymous'
-          keys.push(key)
-          return key
-        },
-      }))
-      .get('/data', () => new Response('ok'))
-    const req1 = new Request('http://localhost/data', { headers: { 'x-api-key': 'alice' } })
-    const res1 = await r.handler()(req1, { params: {}, query: {} })
-    assert.equal(res1.status, 200)
-    const res2 = await r.handler()(req1, { params: {}, query: {} })
-    assert.equal(res2.status, 429)
-    const req2 = new Request('http://localhost/data', { headers: { 'x-api-key': 'bob' } })
-    const res3 = await r.handler()(req2, { params: {}, query: {} })
-    assert.equal(res3.status, 200)
-  })
-  it('resets after window expires', { timeout: 2000 }, async () => {
-    const r = new Router()
-      .use(rateLimit({ max: 1, window: 100 }))
-      .get('/data', () => new Response('ok'))
-    const req = new Request('http://localhost/data')
-    const res1 = await r.handler()(req, { params: {}, query: {} })
-    assert.equal(res1.status, 200)
-    const res2 = await r.handler()(req, { params: {}, query: {} })
-    assert.equal(res2.status, 429)
-    await new Promise((r) => setTimeout(r, 150))
-    const res3 = await r.handler()(req, { params: {}, query: {} })
-    assert.equal(res3.status, 200)
-  })
-})

package/test/static.test.ts DELETED Viewed

@@ -1,93 +0,0 @@
-import { describe, it, before, after } from 'node:test'
-import assert from 'node:assert/strict'
-import { writeFile, mkdir, rm } from 'node:fs/promises'
-import { resolve } from 'node:path'
-import { Router } from '../router.ts'
-import { serve } from '../serve.ts'
-import { serveStatic } from '../static.ts'
-const tmpDir = resolve(import.meta.dirname, '../.test-static')
-before(async () => {
-  await mkdir(tmpDir, { recursive: true })
-  await writeFile(resolve(tmpDir, 'hello.txt'), 'Hello, World!')
-  await writeFile(resolve(tmpDir, 'index.html'), '<h1>Index</h1>')
-  await writeFile(resolve(tmpDir, 'script.js'), 'console.log(1)')
-  await mkdir(resolve(tmpDir, 'sub'), { recursive: true })
-  await writeFile(resolve(tmpDir, 'sub', 'deep.txt'), 'deep')
-})
-after(async () => {
-  await rm(tmpDir, { recursive: true, force: true })
-})
-describe('serveStatic', () => {
-  it('serves a file', async () => {
-    const r = new Router().get('/files/*', serveStatic(tmpDir))
-    const res = await r.handler()(new Request('http://localhost/files/hello.txt'), { params: {}, query: {} })
-    assert.equal(res.status, 200)
-    assert.equal(await res.text(), 'Hello, World!')
-  })
-  it('sets Content-Type based on extension', async () => {
-    const r = new Router().get('/files/*', serveStatic(tmpDir))
-    const res = await r.handler()(new Request('http://localhost/files/script.js'), { params: {}, query: {} })
-    assert.ok(res.headers.get('Content-Type')?.includes('javascript'))
-  })
-  it('sets ETag header', async () => {
-    const r = new Router().get('/files/*', serveStatic(tmpDir))
-    const res = await r.handler()(new Request('http://localhost/files/hello.txt'), { params: {}, query: {} })
-    assert.ok(res.headers.get('ETag'))
-  })
-  it('returns 304 on matching ETag', async () => {
-    const r = new Router().get('/files/*', serveStatic(tmpDir))
-    const res1 = await r.handler()(new Request('http://localhost/files/hello.txt'), { params: {}, query: {} })
-    const etag = res1.headers.get('ETag')
-    const res2 = await r.handler()(
-      new Request('http://localhost/files/hello.txt', { headers: { 'if-none-match': etag! } }),
-      { params: {}, query: {} },
-    )
-    assert.equal(res2.status, 304)
-  })
-  it('serves index.html for directory', async () => {
-    const r = new Router().get('/files/*', serveStatic(tmpDir))
-    const res = await r.handler()(new Request('http://localhost/files/'), { params: {}, query: {} })
-    assert.equal(res.status, 200)
-    assert.equal(await res.text(), '<h1>Index</h1>')
-  })
-  it('returns 404 for missing file', async () => {
-    const r = new Router().get('/files/*', serveStatic(tmpDir))
-    const res = await r.handler()(new Request('http://localhost/files/nope.txt'), { params: {}, query: {} })
-    assert.equal(res.status, 404)
-  })
-  it('blocks directory traversal via wildcard param', async () => {
-    const handler = serveStatic(tmpDir)
-    const res = await handler(
-      new Request('http://localhost/ignored'),
-      { params: { '*': '../../package.json' }, query: {} },
-    )
-    assert.equal(res.status, 403)
-  })
-  it('supports nested paths', async () => {
-    const r = new Router().get('/files/*', serveStatic(tmpDir))
-    const res = await r.handler()(new Request('http://localhost/files/sub/deep.txt'), { params: {}, query: {} })
-    assert.equal(res.status, 200)
-    assert.equal(await res.text(), 'deep')
-  })
-  it('works with serve() end-to-end', async () => {
-    const r = new Router().get('/static/*', serveStatic(tmpDir))
-    const server = serve(r.handler(), { port: 0 })
-    await server.ready
-    const res = await fetch(`http://localhost:${server.port}/static/hello.txt`)
-    assert.equal(res.status, 200)
-    assert.equal(await res.text(), 'Hello, World!')
-    server.stop()
-  })
-})