Reference

Compact reference for key APIs, middleware hooks, and utility functions.

Core App API

nioflow-app-api

1NioFlowApp app = new NioFlowApp();
2
3    RouteRegistration route = app.get(String path, Handler handler);
4    route.timeout(int ms);
5    route.rateLimit(int requests, int windowMs);
6    route.hedge(int delayMs);
7
8    app.post(String path, Handler handler);
9    app.put(String path, Handler handler);
10    app.delete(String path, Handler handler);
11
12app.group(String prefix, GroupConfig config);
13app.exception(Class<? extends Throwable> type, ExceptionHandler handler);
14app.onError(GlobalErrorHandler handler);
15    app.enableReplay(int capacity);
16    app.enableMetrics();
17    app.enableMetrics(String token); // Optional token-gated access
18    app.enableHotReload(Class<?> mainClass, String[] args);
19
20app.listen(int port);

Context API

context-methods

1String value = ctx.pathParam("id");
2long idLong = ctx.pathParamAsLong("id"); // Throws 400 if invalid
3int idInt = ctx.pathParamAsInt("id"); // Throws 400 if invalid
4String query = ctx.queryParam("q");
5String auth = ctx.header("Authorization");
6
7MyBody body = ctx.body(MyBody.class);
8
9ctx.status(200);
10ctx.header("X-Trace-Id", "abc");
11ctx.json(java.util.Map.of("ok", true));
12ctx.send("plain text");

Middleware Chain

middleware-order

1app.use(new LoggerMiddleware());
2app.use(new ChaosMiddleware().latency(150, 0.05));
3app.use(new RateLimitMiddleware(100, 10_000));
4// v1.4.0: Rate limiter with trusted proxies for correct IP extraction
5app.use(new RateLimitMiddleware(100, 10_000, java.util.List.of("10.0.0.1")));
6
7// order matters: logger -> chaos -> global limiter -> route/group policies

Circuit Breaker (Group Scoped)

circuit-breaker

1app.group("/api/downstream", group -> {
2    group.use(new CircuitBreakerMiddleware()
3        .threshold(0.5)
4        .windowSize(20)
5        .cooldown(10_000));
6
7    group.get("/inventory", inventoryController::read);
8});

Request Replay API

replay-api

1Enable:
2NIOFLOW_REPLAY_ENABLED=true
3app.enableReplay(50)
4
5Endpoints:
6GET  /_replay
7POST /_replay/:index
8
9Sensitive headers stripped automatically:
10- Authorization
11- Cookie
12- X-API-Key

Auth Utilities

auth-utils

1String hash = PasswordHasher.hash("secret-password");
2boolean ok = PasswordHasher.verify("secret-password", hash);
3
4String token = JwtProvider.generateToken("user@example.com", "USER");
5var claims = JwtProvider.validateToken(token);
6String jti = JwtProvider.getJtiFromToken(token); // Used for revocation

HTTP Status Utilities

http-status

1ctx.status(HttpStatus.OK).json(java.util.Map.of("status", "ok"));
2ctx.status(HttpStatus.CREATED).json(java.util.Map.of("id", 1));
3ctx.status(HttpStatus.BAD_REQUEST).json(java.util.Map.of("error", "invalid"));
4ctx.status(HttpStatus.UNAUTHORIZED).json(java.util.Map.of("error", "auth required"));

Metrics Output

metrics

1GET /metrics includes:
2- global middleware counters
3- per-route request/error/timeout/hedge counts
4- per-route p50/p95/p99 latencies
5- circuit breaker state per route-group

PreviousOperations + Deployment NextPerformance Benchmarks