UNPKG

h3

Version:

Minimal H(TTP) framework built for high performance and portability.

h3.dev

h3js/h3

110 lines (68 loc) 2.25 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# Security > H3 security utilities. ## Authentication ### `basicAuth(opts)` Create a basic authentication middleware. **Example:** ```ts import { H3, serve, basicAuth } from "h3"; const auth = basicAuth({ password: "test" }); app.get("/", (event) => `Hello ${event.context.basicAuth?.username}!`, [auth]); serve(app, { port: 3000 }); ``` ### `requireBasicAuth(event, opts)` Apply basic authentication for current request. **Example:** ```ts import { defineHandler, requireBasicAuth } from "h3"; export default defineHandler(async (event) => { await requireBasicAuth(event, { password: "test" }); return `Hello, ${event.context.basicAuth.username}!`; }); ``` ## Session ### `clearSession(event, config)` Clear the session data for the current request. ### `getSession(event, config)` Get the session for the current request. ### `sealSession(event, config)` Encrypt and sign the session data for the current request. ### `unsealSession(_event, config, sealed)` Decrypt and verify the session data for the current request. ### `updateSession(event, config, update?)` Update the session data for the current request. ### `useSession(event, config)` Create a session manager for the current request. ## Fingerprint ### `getRequestFingerprint(event, opts)` Get a unique fingerprint for the incoming request. ## CORS ### `appendCorsHeaders(event, options)` Append CORS headers to the response. ### `appendCorsPreflightHeaders(event, options)` Append CORS preflight headers to the response. ### `handleCors(event, options)` Handle CORS for the incoming request. If the incoming request is a CORS preflight request, it will append the CORS preflight headers and send a 204 response. If return value is not `false`, the request is handled and no further action is needed. **Example:** ```ts const app = new H3(); app.all("/", async (event) => { const corsRes = handleCors(event, { origin: "*", preflight: { statusCode: 204, }, methods: "*", }); if (corsRes !== false) { return corsRes; } // Your code here }); ``` ### `isCorsOriginAllowed(origin, options)` Check if the origin is allowed. ### `isPreflightRequest(event)` Check if the incoming request is a CORS preflight request.