TASK-040: Rewrite examples/ for the v2.0 lambda-first idiom

* Replace examples/hello_world.cpp with a 9-LOC lambda demo that
  satisfies the PRD §3.4 acceptance criterion (no http_resource
  subclass, no raw pointer, blocking start(true), <=10 LOC).
* Add examples/shared_state.cpp -- the canonical example of when the
  class form is the right shape: an http_resource holding an int +
  std::mutex shared between render_get and render_post (PRD-HDL-REQ-005,
  AR-006).
* Port the trivial single-method examples (handlers, hello_with_get_arg,
  setting_headers, custom_access_log, minimal_ip_ban, minimal_file_response,
  turbo_mode, daemon_info, minimal_https, minimal_https_psk,
  basic_authentication, digest_authentication, iovec_response_example,
  pipe_response_example, external_event_loop) to on_get / lambda form.
* url_registration: lambda for stateless routes; keep one resource for
  the prefix + regex registration that on_* does not cover.
* centralized_authentication: lambdify the two trivial resources; keep
  the free-function auth_handler.
* Delete examples/minimal_hello_world.cpp -- superseded by the new
  hello_world.cpp (no v1-only files existed; this is an idiom-replacement,
  not v1 cleanup).
* Rewrite examples/README.md as a categorized map of the suite, used
  as the input for TASK-041.
* Add scripts/check-examples.sh -- static guard for hello_world LOC and
  shared_state structure. Wired into the top-level Makefile.am as a new
  check-examples target invoked by check-local, so it runs every
  `make check`.
* Add scripts/verify-installed-examples.sh -- compiles every example
  against an installed prefix (the "consumer view" of the v2.0 headers).

Verified: make check is 48/48 passing; scripts/check-examples.sh and
scripts/verify-installed-examples.sh both green; release and
--enable-debug (-Werror -Wextra) builds of every example are clean.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: etr

Makefile.am

@@ -39,6 +39,7 @@ endif
 endif
 
 EXTRA_DIST = libhttpserver.pc.in $(DX_CONFIG) scripts/extract-release-notes.sh scripts/validate-version.sh \
+	scripts/check-examples.sh scripts/verify-installed-examples.sh \
 	test/headers/consumer_direct.cpp test/headers/consumer_detail.cpp test/headers/consumer_umbrella.cpp \
 	test/headers/consumer_post_umbrella.cpp \
 	test/headers/consumer_umbrella_no_backend.cpp
@@ -281,7 +282,7 @@ check-hygiene:
 # shared staged install to avoid paying two full `make install` costs on
 # every `make check`. Both sub-checks can still be invoked standalone (they
 # will do their own install when CHECK_*_SHARED is not set).
-check-local: check-headers
+check-local: check-headers check-examples
 	@echo "=== Shared staged install for check-install-layout and check-hygiene ==="
 	@rm -rf $(abs_top_builddir)/.shared-check-stage
 	@$(MAKE) $(AM_MAKEFLAGS) install DESTDIR=$(abs_top_builddir)/.shared-check-stage >check-shared-install.log 2>&1 || { \
@@ -296,7 +297,14 @@ check-local: check-headers
 	    CHECK_HYGIENE_SHARED=yes
 	@rm -rf $(abs_top_builddir)/.shared-check-stage
 
-.PHONY: check-headers check-install-layout check-hygiene
+# TASK-040: enforce static invariants on the two flagship examples
+# (hello_world.cpp <= 10 LOC, lambda-only; shared_state.cpp class+mutex).
+# Run as part of `make check` via check-local.
+check-examples:
+	@echo "=== check-examples: enforce TASK-040 invariants on examples/ ==="
+	@$(top_srcdir)/scripts/check-examples.sh
+
+.PHONY: check-headers check-install-layout check-hygiene check-examples
 
 # TASK-039: top-level convenience rule that descends into test/ to
 # build and run the bench binaries (see test/Makefile.am and

examples/Makefile.am

@@ -19,11 +19,11 @@
 LDADD = $(top_builddir)/src/libhttpserver.la
 AM_CPPFLAGS = -I$(top_srcdir)/src -I$(top_srcdir)/src/httpserver/
 METASOURCES = AUTO
-noinst_PROGRAMS = hello_world service minimal_hello_world custom_error allowing_disallowing_methods handlers hello_with_get_arg args_processing setting_headers custom_access_log minimal_https minimal_file_response minimal_deferred url_registration minimal_ip_ban benchmark_select benchmark_threads benchmark_nodelay deferred_with_accumulator file_upload file_upload_with_callback empty_response_example iovec_response_example pipe_response_example daemon_info external_event_loop turbo_mode binary_buffer_response
+noinst_PROGRAMS = hello_world shared_state service custom_error allowing_disallowing_methods handlers hello_with_get_arg args_processing setting_headers custom_access_log minimal_https minimal_file_response minimal_deferred url_registration minimal_ip_ban benchmark_select benchmark_threads benchmark_nodelay deferred_with_accumulator file_upload file_upload_with_callback empty_response_example iovec_response_example pipe_response_example daemon_info external_event_loop turbo_mode binary_buffer_response
 
 hello_world_SOURCES = hello_world.cpp
+shared_state_SOURCES = shared_state.cpp
 service_SOURCES = service.cpp
-minimal_hello_world_SOURCES = minimal_hello_world.cpp
 custom_error_SOURCES = custom_error.cpp
 allowing_disallowing_methods_SOURCES = allowing_disallowing_methods.cpp
 handlers_SOURCES = handlers.cpp

examples/README.md

@@ -1,58 +1,122 @@
-Example Programs
-================
-
-hello_world.cpp	- a very simple example of using libhttpserver to
-		  create a Rest server capable of receiving and processing
-		  HTTP requests.  The server will be listening on port
-		  8080.
-
-
-service.cpp	- an example using more of the libhttpserver API.
-		  This creates a Rest server capable of running with
-		  HTTP or HTTPS (provided that libhttpserver and
-		  libmicrohttpd have been compiled with SSL support.
-
-		  The server can be configured via command line
-		  arguments:
+libhttpserver Examples
+======================
 
-		  -p <port>  - port number to listen on (default 8080)
-		  -s         - enable HTTPS
-		  -k         - server key filename (default "key.pem")
-		  -c         - server certificate filename (default "cert.pem")
+Every example is a standalone program built from a single `.cpp`. To
+build the suite locally:
+
+    ./bootstrap && mkdir build && cd build && ../configure && make
+
+Each binary lands in `build/examples/`. To verify that an example also
+compiles against an *installed* libhttpserver (the consumer view), run
+`scripts/verify-installed-examples.sh` after `make install`. To enforce
+the structural invariants on `hello_world.cpp` and `shared_state.cpp`
+(LOC budget, lambda-only form, mutex usage), run
+`scripts/check-examples.sh`.
+
+Start here
+----------
+
+* `hello_world.cpp` — ten lines, no subclassing, no raw pointers. The
+  canonical "hello world" demo and the PRD §3.4 acceptance fixture for
+  the v2.0 lambda idiom.
+* `shared_state.cpp` — the canonical example of when the class form is
+  the right shape: an `http_resource` subclass that shares a `std::mutex`-
+  guarded counter between `render_get` and `render_post`.
+
+HTTP basics
+-----------
+
+* `setting_headers.cpp` — attach response headers fluently with
+  `with_header`.
+* `hello_with_get_arg.cpp` — read a query-string parameter from
+  `http_request::get_arg`.
+* `args_processing.cpp` — iterate every form/query argument.
+* `custom_error.cpp` — install custom `not_found_handler` and
+  `method_not_allowed_handler` and let `set_allowing` restrict methods
+  on a resource.
+* `allowing_disallowing_methods.cpp` — narrow a resource to a single
+  HTTP method via the allow mask.
+* `url_registration.cpp` — exact paths, prefix matches, regex paths,
+  and parametric segments (with optional per-segment regex).
+* `handlers.cpp` — register distinct lambdas for GET and POST on the
+  same path; the dispatcher composes them.
+
+Response shapes
+---------------
+
+* `minimal_file_response.cpp` — stream a file from disk.
+* `binary_buffer_response.cpp` — return a binary buffer (e.g. a PNG).
+* `iovec_response_example.cpp` — gather a response body from multiple
+  borrowed buffers without copying.
+* `pipe_response_example.cpp` — stream from a pipe filled by a
+  background thread.
+* `empty_response_example.cpp` — bodyless responses for DELETE / HEAD.
+* `minimal_deferred.cpp` — deferred response: the body is produced
+  asynchronously by a callback.
+* `deferred_with_accumulator.cpp` — deferred response that mutates
+  shared state across calls.
+
+TLS and authentication
+----------------------
+
+* `minimal_https.cpp` — enable TLS with PEM key/cert files.
+* `minimal_https_psk.cpp` — TLS with pre-shared keys.
+* `basic_authentication.cpp` — per-request HTTP Basic auth inside the
+  handler.
+* `centralized_authentication.cpp` — server-wide `auth_handler` and
+  `auth_skip_paths`.
+* `digest_authentication.cpp` — per-request HTTP Digest auth via
+  `http_request::check_digest_auth`.
+* `client_cert_auth.cpp` — mutual TLS with X.509 client certificates.
+  Ships as a documentation artifact; not wired into `noinst_PROGRAMS`.
+
+Operations
+----------
+
+* `daemon_info.cpp` — introspect the running daemon (bound port,
+  listen FD, active connections).
+* `external_event_loop.cpp` — drive `EXTERNAL_SELECT` from the
+  application's loop via `run_wait`.
+* `custom_access_log.cpp` — server-wide access-log callback.
+* `minimal_ip_ban.cpp` — `block_ip` / `unblock_ip` under the default
+  ACCEPT policy.
+* `turbo_mode.cpp` — turbo, suppressed Date header, fastopen queue,
+  listen backlog.
+* `service.cpp` — the kitchen-sink reference example: CLI args,
+  optional TLS, all `render_*` overrides.
+
+Benchmarks
+----------
+
+* `benchmark_select.cpp`, `benchmark_threads.cpp`,
+  `benchmark_nodelay.cpp` — micro-benchmarks. See `test/v1_baseline/` for
+  v1.x reference numbers.
+
+WebSockets
+----------
+
+* `websocket_echo.cpp` — `websocket_handler` subclass registered via
+  `register_ws_resource` with `std::make_unique`.
+
+File upload
+-----------
+
+* `file_upload.cpp`, `file_upload_with_callback.cpp` — multipart
+  upload, GET serves the HTML form and POST processes the parts.
 
 Creating Certificates
 =====================
+
 Self-signed certificates can be created using OpenSSL using the
 following steps:
 
-	  $ openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
-	  $ openssl rsa -passin pass:x -in server.pass.key -out server.key
-	  $ openssl req -new -key server.key -out server.csr
-	  $ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
+    $ openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
+    $ openssl rsa -passin pass:x -in server.pass.key -out server.key
+    $ openssl req -new -key server.key -out server.csr
+    $ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
 
 On the last step when prompted for a challenge password it can be left
 empty.
 
 Thanks to https://devcenter.heroku.com/articles/ssl-certificate-self
 for these instructions.
-
-Keystore configuration
-======================
-If using a local client such as RestClient
-(https://github.com/wiztools/rest-client) for testing the Rest server
-then a keystore needs to be established.  These commands should be
-bundled with your Java installation.
-
-$ keytool -noprompt -import -keystore /path/to/restclient.store -alias
-restclient -file /path/to/server.crt
-
-The keys in the store can be listed as follows:
-
-$ keytool -list -v -keystore /path/to/restclient.store
-
-The client can then be configured to use this keystore.  Thanks to
-http://rubensgomes.blogspot.com/2012/01/how-to-set-up-restclient-for-ssl.html
-for instructions on configuring RestClient.
-
-
-

examples/basic_authentication.cpp

@@ -1,6 +1,6 @@
 /*
      This file is part of libhttpserver
-     Copyright (C) 2011, 2012, 2013, 2014, 2015 Sebastiano Merlino
+     Copyright (C) 2011-2025 Sebastiano Merlino
 
      This library is free software; you can redistribute it and/or
      modify it under the terms of the GNU Lesser General Public
@@ -18,29 +18,26 @@
      USA
 */
 
-#include <memory>
+// basic_authentication.cpp - per-request HTTP Basic auth check inside a
+// lambda handler. For centralized auth that intercepts every request,
+// see centralized_authentication.cpp.
+
 #include <string>
 
 #include <httpserver.hpp>
 
-class user_pass_resource : public httpserver::http_resource {
- public:
-     httpserver::http_response render_get(const httpserver::http_request& req) {
-         if (req.get_user() != "myuser" || req.get_pass() != "mypass") {
-             return
-                 httpserver::http_response::unauthorized("Basic", "test@example.com", "FAIL");
-         }
-
-         return httpserver::http_response::string(std::string(req.get_user()) + " " + std::string(req.get_pass()));
-     }
-};
-
 int main() {
     httpserver::webserver ws{httpserver::create_webserver(8080)};
 
-    auto hwr = std::make_shared<user_pass_resource>();
-    ws.register_path("/hello", hwr);
-    ws.start(true);
+    ws.on_get("/hello", [](const httpserver::http_request& req) {
+        if (req.get_user() != "myuser" || req.get_pass() != "mypass") {
+            return httpserver::http_response::unauthorized(
+                "Basic", "test@example.com", "FAIL");
+        }
+        return httpserver::http_response::string(
+            std::string(req.get_user()) + " " + std::string(req.get_pass()));
+    });
 
+    ws.start(true);
     return 0;
 }

examples/centralized_authentication.cpp

@@ -1,6 +1,6 @@
 /*
      This file is part of libhttpserver
-     Copyright (C) 2011, 2012, 2013, 2014, 2015 Sebastiano Merlino
+     Copyright (C) 2011-2025 Sebastiano Merlino
 
      This library is free software; you can redistribute it and/or
      modify it under the terms of the GNU Lesser General Public
@@ -18,57 +18,39 @@
      USA
 */
 
+// centralized_authentication.cpp - install a server-wide auth_handler
+// that runs before every request. The handler returns nullptr to
+// accept, or an http_response to reject. auth_skip_paths lists routes
+// that bypass auth entirely.
+
 #include <memory>
-#include <string>
 
 #include <httpserver.hpp>
 
-using httpserver::http_request;
-using httpserver::http_response;
-using httpserver::http_resource;
-using httpserver::webserver;
-using httpserver::create_webserver;
-// Simple resource that doesn't need to handle auth itself
-class hello_resource : public http_resource {
- public:
-    http_response render_get(const http_request&) {
-        return http_response::string("Hello, authenticated user!");
-    }
-};
-
-class health_resource : public http_resource {
- public:
-    http_response render_get(const http_request&) {
-        return http_response::string("OK");
-    }
-};
-
-// Centralized authentication handler
-// Returns nullptr to allow the request, or an http_response to reject it
-std::shared_ptr<http_response> auth_handler(const http_request& req) {
+// Returns nullptr to allow the request, or an http_response to reject it.
+std::shared_ptr<httpserver::http_response> auth_handler(
+        const httpserver::http_request& req) {
     if (req.get_user() != "admin" || req.get_pass() != "secret") {
-        return std::make_shared<http_response>(
-            http_response::unauthorized("Basic", "MyRealm", "Unauthorized"));
+        return std::make_shared<httpserver::http_response>(
+            httpserver::http_response::unauthorized(
+                "Basic", "MyRealm", "Unauthorized"));
     }
-    return nullptr;  // Allow request
+    return nullptr;
 }
 
 int main() {
-    // Create webserver with centralized authentication
-    // - auth_handler: called before every resource's render method
-    // - auth_skip_paths: paths that bypass authentication
-    webserver ws{create_webserver(8080)
-        .auth_handler(auth_handler)
-        .auth_skip_paths({"/health", "/public/*"})};
-
-    auto hello = std::make_shared<hello_resource>();
-    auto health = std::make_shared<health_resource>();
+    httpserver::webserver ws{httpserver::create_webserver(8080)
+                                 .auth_handler(auth_handler)
+                                 .auth_skip_paths({"/health", "/public/*"})};
 
-    ws.register_path("/api", hello);
-    ws.register_path("/health", health);
+    ws.on_get("/api", [](const httpserver::http_request&) {
+        return httpserver::http_response::string("Hello, authenticated user!");
+    });
+    ws.on_get("/health", [](const httpserver::http_request&) {
+        return httpserver::http_response::string("OK");
+    });
 
     ws.start(true);
-
     return 0;
 }
 

examples/custom_access_log.cpp

@@ -1,6 +1,6 @@
 /*
      This file is part of libhttpserver
-     Copyright (C) 2011, 2012, 2013, 2014, 2015 Sebastiano Merlino
+     Copyright (C) 2011-2025 Sebastiano Merlino
 
      This library is free software; you can redistribute it and/or
      modify it under the terms of the GNU Lesser General Public
@@ -18,8 +18,11 @@
      USA
 */
 
+// custom_access_log.cpp - install a per-request access-log callback via
+// create_webserver().log_access(). The callback is server-wide; the
+// handler itself is a plain lambda.
+
 #include <iostream>
-#include <memory>
 #include <string>
 
 #include <httpserver.hpp>
@@ -28,20 +31,14 @@ void custom_access_log(const std::string& url) {
     std::cout << "ACCESSING: " << url << std::endl;
 }
 
-class hello_world_resource : public httpserver::http_resource {
- public:
-     httpserver::http_response render(const httpserver::http_request&) {
-         return httpserver::http_response::string("Hello, World!");
-     }
-};
-
 int main() {
     httpserver::webserver ws{httpserver::create_webserver(8080)
-        .log_access(custom_access_log)};
+                                 .log_access(custom_access_log)};
 
-    auto hwr = std::make_shared<hello_world_resource>();
-    ws.register_path("/hello", hwr);
-    ws.start(true);
+    ws.on_get("/hello", [](const httpserver::http_request&) {
+        return httpserver::http_response::string("Hello, World!");
+    });
 
+    ws.start(true);
     return 0;
 }