Request class

Represents an HTTP request within the Khadem framework.

Provides a clean interface for accessing request data with:

Single responsibility principle for each component
Fast, optimized accessors with caching
Type-safe parameter handling
Comprehensive metadata access
Easy-to-use input helpers

Available extensions

RequestAuth

Constructors

Request(HttpRequest _raw)

Properties

accept → String?: Gets Accept header
no setter
all → Map<String, dynamic>: Gets all input (body + query) - shortcut
no setter
allAttributes → Map<String, dynamic>: Gets all attributes
no setter
allHeaders → Map<String, String>: Gets all headers as map
no setter
allParams → Map<String, String>: Gets all path parameters
no setter
allSession → Map<String, dynamic>: Gets all session data
no setter
authContext → Map<String, dynamic>: Available on Request, provided by the RequestAuth extension
Gets authentication context for logging/auditing.
no setter
authenticatable → Authenticatable?: Available on Request, provided by the RequestAuth extension
Returns the currently authenticated Authenticatable instance (if available).
no setter
authorization → String?: Gets Authorization header
no setter
bearerToken → String?: Available on Request, provided by the RequestAuth extension
Gets the Bearer token from the Authorization header.
no setter
bearerToken → String?: Gets Bearer token
no setter
body → Future<Map<String, dynamic>>: Gets parsed body
no setter
bodyParser → BodyParser: Access to body parsing
no setter
clientIp → String: Available on Request, provided by the RequestAuth extension
Gets the user's IP address for security logging.
no setter
contentType → String?: Gets Content-Type header
no setter
cookieManager → Cookies: Access to cookies manager
no setter
cookies → Map<String, String>: Gets all cookies
no setter
csrfToken → String?: Gets CSRF token cookie
no setter
files → Map<String, UploadedFile>?: Gets all uploaded files
no setter
guard → String?: Available on Request, provided by the RequestAuth extension
Gets the user's authentication guard name.
no setter
hashCode → int: The hash code for this object.
no setterinherited
headers → RequestHeaders: Access to headers
no setter
host → String?: Gets host name
no setter
input → RequestInput: Access to input helper
no setter
ip → String: Client IP address (handles proxies)
no setter
isAdmin → bool: Available on Request, provided by the RequestAuth extension
Returns true if the user has admin privileges.
no setter
isAjax → bool: Checks if request is AJAX/XHR
no setter
isAttemptingAuth → bool: Available on Request, provided by the RequestAuth extension
Checks if the current request is attempting authentication.
no setter
isAuthenticated → bool: Available on Request, provided by the RequestAuth extension
Returns true if a user is authenticated.
no setter
isDelete → bool: Checks if DELETE
no setter
isGet → bool: Checks if GET
no setter
isGuest → bool: Available on Request, provided by the RequestAuth extension
Returns true if no user is authenticated.
no setter
isJson → bool: Checks if request content type is JSON
no setter
isPatch → bool: Checks if PATCH
no setter
isPost → bool: Checks if POST
no setter
isPut → bool: Checks if PUT
no setter
isSecure → bool: Checks if request is HTTPS
no setter
isSuperAdmin → bool: Available on Request, provided by the RequestAuth extension
Returns true if the user has super admin privileges.
no setter
isSuspicious → bool: Available on Request, provided by the RequestAuth extension
Checks if the request is from a suspicious source.
no setter
isXml → bool: Checks if request content type is XML
no setter
metadata → RequestMetadata: Access to metadata
no setter
method → String: HTTP method (GET, POST, PUT, etc.)
no setter
origin → String: Gets origin (CORS)
no setter
params → RequestParams: Access to parameters
no setter
path → String: Request path (/api/users)
no setter
port → int?: Request port
no setter
protocol → String: Gets protocol version
no setter
query → Map<String, String>: Query parameters
no setter
queryKeys → Iterable<String>: Gets all query parameter keys.
no setter
raw → HttpRequest: Raw HttpRequest from Dart SDK
no setter
referrer → String?: Gets referrer
no setter
rememberToken → String?: Gets remember token cookie
no setter
runtimeType → Type: A representation of the runtime type of the object.
no setterinherited
session → RequestSession: Access to session
no setter
sessionId → String: Gets session ID
no setter
token → String?: Available on Request, provided by the RequestAuth extension
Gets the user's authentication token (if available).
no setter
uri → Uri: Full request URI
no setter
user → Map<String, dynamic>?: Available on Request, provided by the RequestAuth extension
Returns the currently authenticated user data (if any).
no setter
userAgent → String?: Gets User-Agent header
no setter
userAgent → String: Available on Request, provided by the RequestAuth extension
Gets the user's User-Agent for security logging.
no setter
userEmail → String?: Available on Request, provided by the RequestAuth extension
Returns the email of the authenticated user (if available).
no setter
userId → dynamic: Available on Request, provided by the RequestAuth extension
Returns the ID of the authenticated user (if available).
no setter
userName → String?: Available on Request, provided by the RequestAuth extension
Returns the name of the authenticated user (if available).
no setter
validator → RequestValidator: Access to validation
no setter
wantsJson → bool: Checks if request wants JSON
no setter
wasRecentlyAuthenticated → bool: Available on Request, provided by the RequestAuth extension
Checks if the user was recently authenticated (within last 5 minutes).
no setter

Methods

add(String key, dynamic value) → void: Adds or updates a value in the request body.
attribute<T>(String key) → T?: Gets a custom attribute
attributeOr<T>(String key, T defaultValue) → T: Gets attribute with default
canAccessAdmin() → bool: Available on Request, provided by the RequestAuth extension
Checks if the user can access admin-only resources.
cleanup() → Future<void>: Cleans up request resources (temp files, etc.)
clearUser() → void: Available on Request, provided by the RequestAuth extension
Clears the authenticated user.
cookie(String name) → String?: Gets a cookie value
except(List<String> keys) → Map<String, dynamic>: Gets all input except specified keys
file(String fieldName) → UploadedFile?: Gets a specific uploaded file
filesByName(String fieldName) → List<UploadedFile>: Gets all files with a field name
firstFile(String fieldName) → UploadedFile?: Gets first file by field name
get(String key, [dynamic defaultValue]) → dynamic: Gets input value from body or query
getBoolean(String key, [bool defaultValue = false]) → bool: Gets boolean input
getDouble(String key, [double? defaultValue]) → double?: Gets double input
getInt(String key, [int? defaultValue]) → int?: Gets integer input
getList<T>(String key) → List<T>?: Gets list input
getMap(String key) → Map<String, dynamic>?: Gets map input
getQuery<T>(String key, {T? defaultValue}) → T?: Gets a query parameter with type conversion.
getSessionValue(String key) → dynamic: Gets a session value
getString(String key, [String? defaultValue]) → String?: Gets string input
getTyped<T>(String key, [T? defaultValue]) → T?: Gets typed input value
getUserMeta(String key) → dynamic: Available on Request, provided by the RequestAuth extension
Gets user metadata/custom fields.
hasAllPermissions(List<String> permissions) → bool: Available on Request, provided by the RequestAuth extension
Checks if the user has all of the specified permissions.
hasAllRoles(List<String> roles) → bool: Available on Request, provided by the RequestAuth extension
Checks if the user has all of the specified roles.
hasAnyPermission(List<String> permissions) → bool: Available on Request, provided by the RequestAuth extension
Checks if the user has any of the specified permissions.
hasAnyRole(List<String> roles) → bool: Available on Request, provided by the RequestAuth extension
Checks if the user has any of the specified roles.
hasAttribute(String key) → bool: Checks if attribute exists
hasCookie(String name) → bool: Checks if cookie exists
hasFile(String fieldName) → bool: Checks if file was uploaded
hasHeader(String name) → bool: Checks if header exists
hasInput(String key) → bool: Checks if input key exists
hasInputAll(List<String> keys) → bool: Checks if multiple input keys exist
hasInputAny(List<String> keys) → bool: Checks if any input key exists
hasParam(String key) → bool: Checks if path parameter exists
hasPermission(String permission) → bool: Available on Request, provided by the RequestAuth extension
Checks if the user has a specific permission.
hasQuery(String key) → bool: Checks if a query parameter exists.
hasRole(String role) → bool: Available on Request, provided by the RequestAuth extension
Checks if the user has a specific role.
hasSessionValue(String key) → bool: Checks if session key exists
header(String name) → String?: Gets a header value
headerAll(String name) → List<String>?: Gets all header values
isMethod(String method) → bool: Checks if method matches
logout() → Future<void>: Available on Request, provided by the RequestAuth extension
Logs out the current user.
logoutAllDevices() → Future<void>: Available on Request, provided by the RequestAuth extension
Logs out the user from all devices.
merge(Map<String, dynamic> values) → void: Merges values into the request body.
noSuchMethod(Invocation invocation) → dynamic: Invoked when a nonexistent method or property is accessed.
inherited
only(List<String> keys) → Map<String, dynamic>: Gets only specified input keys
ownsResource(dynamic resourceOwnerId) → bool: Available on Request, provided by the RequestAuth extension
Checks if the user owns a resource (by comparing user ID).
param(String key) → String?: Gets a path parameter
paramBool(String key) → bool: Gets path parameter as bool
paramDouble(String key) → double?: Gets path parameter as double
paramInt(String key) → int?: Gets path parameter as int
paramOr(String key, String defaultValue) → String: Gets path parameter with default
paramTyped<T>(String key) → T?: Gets typed path parameter
queryBool(String key, {bool? defaultValue}) → bool?: Gets a query parameter as boolean.
queryDouble(String key, {double? defaultValue}) → double?: Gets a query parameter as double.
queryInt(String key, {int? defaultValue}) → int?: Gets a query parameter as integer.
queryList(String key, {String separator = ',', List<String>? defaultValue}) → List<String>?: Gets a query parameter as list of strings.
queryString(String key, {String? defaultValue}) → String?: Gets a query parameter as string.
queryWith<T>(String key, T? parser(String), {T? defaultValue}) → T?: Gets a query parameter with custom parsing function.
recordAuthTime() → void: Available on Request, provided by the RequestAuth extension
Records the authentication time.
refreshAuth() → Future<Map<String, dynamic>?>: Available on Request, provided by the RequestAuth extension
Refreshes the current user's authentication.
remove(String key) → void: Removes a value from the request body.
removeAttribute(String key) → void: Available on Request, provided by the RequestAuth extension
Removes an attribute from the request.
removeSessionValue(String key) → void: Removes a session value
requireAdmin([String? message]) → void: Available on Request, provided by the RequestAuth extension
Requires admin privileges - throws exception if not admin.
requireAuth([String? message]) → void: Available on Request, provided by the RequestAuth extension
Requires authentication - throws exception if not authenticated.
requireOwnership(dynamic resourceOwnerId, [String? message]) → void: Available on Request, provided by the RequestAuth extension
Requires ownership of a resource.
requirePermission(String permission, [String? message]) → void: Available on Request, provided by the RequestAuth extension
Requires a specific permission - throws exception if user doesn't have it.
requireRole(String role, [String? message]) → void: Available on Request, provided by the RequestAuth extension
Requires a specific role - throws exception if user doesn't have it.
requireSuperAdmin([String? message]) → void: Available on Request, provided by the RequestAuth extension
Requires super admin privileges - throws exception if not super admin.
setAttribute(String key, dynamic value) → void: Sets a custom attribute
setAuthenticatable(Authenticatable authenticatable) → void: Available on Request, provided by the RequestAuth extension
Sets the authenticated user from an Authenticatable instance.
setGuard(String guardName) → void: Available on Request, provided by the RequestAuth extension
Sets the user's authentication guard name.
setParam(String key, String value) → void: Sets a path parameter
setSessionValue(String key, dynamic value) → void: Sets a session value
setToken(String token) → void: Available on Request, provided by the RequestAuth extension
Sets the user's authentication token.
setUser(Map<String, dynamic> userData) → void: Available on Request, provided by the RequestAuth extension
Sets the authenticated user from a map (backward compatibility).
setUserAuthenticatable(Authenticatable user) → void: Available on Request, provided by the RequestAuth extension
Sets the authenticated user from an Authenticatable instance.
setUserMeta(String key, dynamic value) → void: Available on Request, provided by the RequestAuth extension
Sets user metadata/custom fields.
toString() → String: A string representation of this object.
inherited
validate(Map<String, dynamic> rules, {Map<String, String>? messages}) → Future<Map<String, dynamic>>: Validates request body
validateAuth() → Future<bool>: Available on Request, provided by the RequestAuth extension
Validates the current user's session/token.
validateData(Map<String, dynamic> data, Map<String, dynamic> rules) → Future<Map<String, dynamic>>: Validates specific data

Operators

operator ==(Object other) → bool: The equality operator.
inherited

Request class

Constructors

Properties

Methods

Operators

khadem_http library