|
2 | 2 |
|
3 | 3 | [Docs Home](../index.md) | [Previous: Decorator Basics](decorators.md) | [Next: Controllers and Routes](../guides/controllers-and-routes.md) |
4 | 4 |
|
5 | | -This is the practical execution flow inside createApp route handlers. |
6 | | - |
7 | | -## Execution Order |
8 | | - |
9 | | -1. Route match by path and HTTP method. |
10 | | -2. Request data parsing and binding: |
11 | | - - params |
12 | | - - query |
13 | | - - headers |
14 | | - - body |
15 | | -3. Schema validation and scalar coercion. |
16 | | -4. Guard execution: |
17 | | - - global guards |
18 | | - - controller guards |
19 | | - - method guards |
20 | | - - security guards for @Security routes |
21 | | -5. Interceptor chain: |
22 | | - - global interceptors |
23 | | - - controller interceptors |
24 | | - - method interceptors |
25 | | -6. Controller method execution. |
26 | | -7. Optional response validation against @Returns. |
27 | | -8. Final response formatting. |
| 5 | +This page describes the exact execution flow when an HTTP request hits a route handler built by `createApp()`. |
| 6 | + |
| 7 | +## Full Request Flow |
| 8 | + |
| 9 | +``` |
| 10 | +Incoming HTTP Request |
| 11 | + | |
| 12 | + v |
| 13 | ++-------------------------------------------+ |
| 14 | +| 1. Route matching | |
| 15 | +| Bun matches path and HTTP method | |
| 16 | ++-------------------------------------------+ |
| 17 | + | |
| 18 | + v |
| 19 | ++-------------------------------------------+ |
| 20 | +| 2. Request parsing and binding | |
| 21 | +| - path params | |
| 22 | +| - query string | |
| 23 | +| - headers | |
| 24 | +| - body | |
| 25 | ++-------------------------------------------+ |
| 26 | + | |
| 27 | + v |
| 28 | ++-------------------------------------------+ |
| 29 | +| 3. Schema validation and coercion | |
| 30 | +| - @Param(schema) | |
| 31 | +| - @Query(schema) | |
| 32 | +| - @Header(schema) | |
| 33 | +| - @Body(schema) | |
| 34 | ++-------------------------------------------+ |
| 35 | + | |
| 36 | + +--> validation failure -> 400 Bad Request |
| 37 | + | |
| 38 | + v |
| 39 | ++-------------------------------------------+ |
| 40 | +| 4. Middleware chain | |
| 41 | +| Global -> Controller -> Method | |
| 42 | ++-------------------------------------------+ |
| 43 | + | |
| 44 | + v |
| 45 | ++-------------------------------------------+ |
| 46 | +| 5. Guard execution | |
| 47 | +| Global -> Controller -> Method | |
| 48 | +| + security guards from @Security | |
| 49 | ++-------------------------------------------+ |
| 50 | + | |
| 51 | + +--> false -> 403 Forbidden |
| 52 | + +--> Response -> short-circuit |
| 53 | + | |
| 54 | + v |
| 55 | ++-------------------------------------------+ |
| 56 | +| 6. Interceptor chain | |
| 57 | +| Global -> Controller -> Method | |
| 58 | +| Each interceptor wraps next() | |
| 59 | ++-------------------------------------------+ |
| 60 | + | |
| 61 | + v |
| 62 | ++-------------------------------------------+ |
| 63 | +| 7. Controller method execution | |
| 64 | +| - create RequestScope | |
| 65 | +| - instantiate controller | |
| 66 | +| - resolve method arguments | |
| 67 | +| - call method(...args) | |
| 68 | ++-------------------------------------------+ |
| 69 | + | |
| 70 | + v |
| 71 | ++-------------------------------------------+ |
| 72 | +| 8. Optional response validation | |
| 73 | +| Validate final output against the | |
| 74 | +| @Returns schema for the status code | |
| 75 | ++-------------------------------------------+ |
| 76 | + | |
| 77 | + +--> mismatch -> 500 Server Error |
| 78 | + | |
| 79 | + v |
| 80 | ++-------------------------------------------+ |
| 81 | +| 9. Response formatting | |
| 82 | +| - status and headers | |
| 83 | +| - JSON or custom content type | |
| 84 | +| - @Render -> HTML via ViewEngine | |
| 85 | ++-------------------------------------------+ |
| 86 | + | |
| 87 | + v |
| 88 | +HTTP Response |
| 89 | +``` |
| 90 | + |
| 91 | +## How the Layers Nest |
| 92 | + |
| 93 | +Middleware, guards, and interceptors form concentric layers around your controller method. Understanding this nesting is key to writing correct cross-cutting logic: |
| 94 | + |
| 95 | +``` |
| 96 | ++-----------------------------------------------------+ |
| 97 | +| Middleware | |
| 98 | +| (request, next) => Response | |
| 99 | +| | |
| 100 | +| +-----------------------------------------------+ | |
| 101 | +| | Guards | | |
| 102 | +| | canActivate(ctx) | | |
| 103 | +| | | | |
| 104 | +| | +-----------------------------------------+ | | |
| 105 | +| | | Interceptors | | | |
| 106 | +| | | intercept(ctx, next) | | | |
| 107 | +| | | | | | |
| 108 | +| | | +-----------------------------------+ | | | |
| 109 | +| | | | Controller method | | | | |
| 110 | +| | | +-----------------------------------+ | | | |
| 111 | +| | +-----------------------------------------+ | | |
| 112 | +| +-----------------------------------------------+ | |
| 113 | ++-----------------------------------------------------+ |
| 114 | +``` |
| 115 | + |
| 116 | +| Layer | Interface | Purpose | Can Short-Circuit? | |
| 117 | +| ---------------- | -------------------------------------- | ------------------------------------ | ---------------------------------- | |
| 118 | +| **Middleware** | `(request, next) => Response` | Cross-cutting: logging, CORS, timing | Yes (skip `next()`) | |
| 119 | +| **Guards** | `canActivate(ctx) => bool \| Response` | Authorization gate | Yes (return `false` or `Response`) | |
| 120 | +| **Interceptors** | `intercept(ctx, next) => unknown` | Transform request/response, caching | Yes (skip `next()`) | |
| 121 | + |
| 122 | +Within each layer, execution order is: **Global → Controller-level → Method-level**. |
28 | 123 |
|
29 | 124 | ## Error Flow |
30 | 125 |
|
31 | | -Any error from validation, guards, interceptors, or controller methods is normalized into an HTTP response. You can customize this with errorFormatter in createApp. |
| 126 | +``` |
| 127 | +Any exception |
| 128 | + | |
| 129 | + v |
| 130 | ++-------------------------------------------+ |
| 131 | +| mapError(error) | |
| 132 | ++-------------------------------------------+ |
| 133 | + | |
| 134 | + +--> HttpException -> status/body/headers |
| 135 | + +--> Error -> 500 + error.message |
| 136 | + +--> other -> 500 + Internal Server Error |
| 137 | + | |
| 138 | + v |
| 139 | ++-------------------------------------------+ |
| 140 | +| errorFormatter(error, context) | |
| 141 | +| optional global formatter | |
| 142 | ++-------------------------------------------+ |
| 143 | + | |
| 144 | + v |
| 145 | +HTTP response |
| 146 | +``` |
| 147 | + |
| 148 | +Any error from validation, guards, interceptors, or controller methods is caught and normalized into an HTTP response. Customize the shape with `errorFormatter` in `createApp`. |
32 | 149 |
|
33 | 150 | ## Caller Context |
34 | 151 |
|
35 | | -bun-openapi stores endpoint metadata in async local storage: |
| 152 | +bun-openapi stores endpoint metadata in `AsyncLocalStorage` during handler execution: |
| 153 | + |
| 154 | +- `className` — the controller class name |
| 155 | +- `methodName` — the handler method name |
| 156 | + |
| 157 | +Use `getCallerContext()` in services or logging helpers to access this without manually passing method names: |
36 | 158 |
|
37 | | -- className |
38 | | -- methodName |
| 159 | +```ts |
| 160 | +import { getCallerContext } from "bun-openapi"; |
39 | 161 |
|
40 | | -Use getCallerContext() in logging and metrics helpers to label output without manually passing method names. |
| 162 | +function log(message: string) { |
| 163 | + const ctx = getCallerContext(); |
| 164 | + console.log(`[${ctx?.className}.${ctx?.methodName}] ${message}`); |
| 165 | +} |
| 166 | +``` |
41 | 167 |
|
42 | 168 | Example usage is available in [examples/08_logging/server.ts](https://github.com/xseman/bun-openapi/blob/master/examples/08_logging/server.ts). |
0 commit comments