one-for-all-framework 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 7da16da0dd7fd64c3418a570d9d9c2f366fe487a464cd524214ead23b249a932
+  data.tar.gz: 43e95c18a2a0adc29c1c1fb39f95e175a11db8dd9fb70979b9ee04156d49c6f7
+SHA512:
+  metadata.gz: 7e770e771c8cfd8e8e2c7d62a6b46e3a06cada5144a60a35c3d5348a06040a59158de1c2b9c807026c982fd74ea4c1e0f1be8e114f36f91b420955706a9b2e50
+  data.tar.gz: 28c6bc05a32ddf5af5c78e74939adc3886b811c31a812e7fcba9d1b6b437f8f34bc7858917e1f7ef8463dbe93c93c05b7b8927e074b03838cbe1966fc7760761

data/.env.example

@@ -0,0 +1,4 @@
+DATABASE_URL="sqlite://db/development.sqlite3"
+CLOUDINARY_URL="cloudinary://API_KEY:API_SECRET@CLOUD_NAME"
+EKS_CENT_SECRET_KEY_BASE="your_secret_key"
+EKS_ENV="development"

data/Dockerfile

@@ -0,0 +1,19 @@
+FROM ruby:3.2-slim
+
+# Install dependencies
+RUN apt-get update -qq && apt-get install -y build-essential libsqlite3-dev
+
+# Set working directory
+WORKDIR /app
+
+# Copy files
+COPY . .
+
+# Install gems
+RUN bundle install
+
+# Expose port
+EXPOSE 3000
+
+# Start command
+CMD ["./ofa", "run"]

data/Gemfile

@@ -0,0 +1,20 @@
+source 'https://rubygems.org'
+
+gem 'eks-cent', '4.0.0'
+gem 'eksa-server'
+gem 'sequel'
+gem 'sqlite3'
+gem 'bcrypt'
+gem 'json'
+gem 'cloudinary'
+gem 'mysql2'
+gem 'pg'
+gem 'mongo'
+gem 'dotenv'
+gem 'kramdown'
+gem 'kramdown-parser-gfm'
+
+group :test do
+  gem 'eksa-mination'
+  gem 'rack-test'
+end

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Ishikawa Uta
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/Procfile

@@ -0,0 +1 @@
+web: ./ofa run

data/README.md

@@ -0,0 +1,99 @@
+<p align="center">
+  <img src="public/images/logo.png" width="500" height="500" alt="OFA Framework Logo">
+</p>
+
+# ⚡ One-For-All (OFA) Framework
+
+[![Ruby Version](https://img.shields.io/badge/ruby-%3E%3D%203.0.0-red.svg)](https://www.ruby-lang.org/)
+[![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
+[![Framework](https://img.shields.io/badge/MVC-Lightweight-orange.svg)]()
+
+**One-For-All (OFA)** is a premium, ultra-fast Ruby MVC framework designed for developers who value both high performance and modern aesthetics. Built on the powerful **Eks-Cent** engine and optimized with **Eksa Server**, OFA provides a production-ready foundation with a stunning "Glassmorphism" UI out of the box.
+
+---
+
+## ✨ Why One-For-All?
+
+-   **💎 Premium Aesthetics**: Beautiful Glassmorphism design system included by default with smooth dark/light mode transitions.
+-   **🚀 Blazing Fast**: Built on a modular Nio4r-powered engine for minimal overhead and instant boot times.
+-   **📂 Multi-Database**: Seamlessly switch between SQLite, MySQL, MariaDB, and MongoDB Atlas.
+-   **🛠️ Developer First**: A robust CLI (`ofa`) that handles everything from scaffolding to deployment.
+-   **🔐 Enterprise Ready**: Built-in CSRF protection, secure session management, and input validation.
+-   **🌐 Global Support**: Multi-language (I18n) support and SEO optimization ready.
+
+---
+
+## 🚀 Getting Started
+
+### 1. Prerequisites
+Ensure you have Ruby 3.0+ and Bundler installed on your system.
+
+### 2. Installation
+Clone the repository and install dependencies:
+```bash
+git clone https://github.com/ishikawauta/one-for-all-framework.git
+cd one-for-all-framework
+bundle install
+```
+
+### 3. Quick Initialization
+Initialize your project environment and database:
+```bash
+./ofa init
+```
+*The interactive wizard will help you configure your database and cloud storage (Cloudinary).*
+
+### 4. Run the Engine
+Launch your development server:
+```bash
+./ofa run
+```
+Your app is now live at `http://localhost:3000` ⚡
+
+---
+
+## 🛠️ CLI Power Tools
+
+The `ofa` CLI is your best friend. Use it to manage your entire application lifecycle:
+
+| Command | Description |
+| :--- | :--- |
+| `ofa new NAME` | Create a brand new project from scratch. |
+| `ofa g controller Name` | Generate a RESTful controller. |
+| `ofa g model Name` | Generate a database model and migration. |
+| `ofa db migrate` | Sync your database with the latest schema. |
+| `ofa type [blog\|portfolio]` | Switch application mode instantly. |
+| `ofa theme [dark\|light]` | Toggle between premium UI themes. |
+| `ofa storage cloudinary` | Enable automated Cloudinary image hosting. |
+| `ofa reset-password USR PWD`| Securely reset admin credentials. |
+
+---
+
+## 🏗️ Architecture
+
+OFA follows a strict **MVC (Model-View-Controller)** pattern:
+
+-   **Models**: Powered by **Sequel** for SQL and **Mongo Ruby Driver** for NoSQL.
+-   **Views**: High-performance **ERB** templates with a modular design system.
+-   **Controllers**: Lightweight logic handlers with built-in validation helpers.
+-   **Middleware**: Custom authentication and session sliding expiration (8-hour default).
+
+---
+
+## 🚢 Deployment
+
+One-For-All is optimized for modern cloud platforms:
+
+-   **Railway / Heroku**: Uses the included `Procfile` for automatic detection.
+-   **Docker**: A lightweight `Dockerfile` based on `ruby:3.2-slim` is provided.
+-   **VPS**: Can be run behind Nginx/Apache using the `ofa run` command.
+
+---
+
+## 🤝 Contributing
+
+We welcome contributions! Please feel free to submit Pull Requests or report issues on the [GitHub repository](https://github.com/ishikawauta/one-for-all-framework).
+
+## 📄 License
+
+This project is licensed under the **MIT License**. See the [LICENSE](LICENSE) file for details.

data/app/controllers/api_controller.rb

@@ -0,0 +1,19 @@
+require_relative 'application_controller'
+require 'json'
+
+class ApiController < ApplicationController
+  def render_json(data, status: 200)
+    @res.status = status
+    @res.headers['Content-Type'] = 'application/json'
+    @res.body << data.to_json
+  end
+
+  def status
+    render_json({ status: 'ok', version: '1.0.0', type: FEATURES_CONFIG['type'] })
+  end
+
+  def halt_error(message, status: 400)
+    render_json({ error: message }, status: status)
+    throw(:halt)
+  end
+end

data/app/controllers/application_controller.rb

@@ -0,0 +1,77 @@
+class ApplicationController
+  attr_reader :req, :res
+
+  def initialize(req, res)
+    @req = req
+    @res = res
+  end
+
+  def params
+    @req.params
+  end
+
+  def session
+    @req.env['eks_cent.session'] ||= @req.env['rack.session'] || {}
+  end
+
+  def render(template, **locals)
+    # Pass controller instance variables to the view
+    instance_variables.each do |var|
+      locals[var.to_s.delete('@').to_sym] ||= instance_variable_get(var)
+    end
+    @res.render(template, **locals)
+  end
+
+  def redirect_to(path)
+    @res.status = 302
+    @res.headers['Location'] = path
+  end
+
+  # Validation Helper
+  def validate!(required_params)
+    missing = required_params.select { |p| params[p.to_s].nil? || params[p.to_s].empty? }
+    unless missing.empty?
+      @res.status = 400
+      render 'error', layout: false, message: "Missing required parameters: #{missing.join(', ')}"
+      throw(:halt)
+    end
+  end
+
+  # CSRF Helper for views
+  def csrf_token
+    @req.env['eks_cent.csrf_token']
+  end
+
+  def boolean_param(val)
+    ['1', 'true', 'on'].include?(val.to_s)
+  end
+
+  def delete_from_storage(url)
+    return unless url && !url.empty?
+    if url.include?('cloudinary.com')
+      # Extract public_id from Cloudinary URL
+      # Example: https://res.cloudinary.com/demo/image/upload/v12345/sample.jpg -> sample
+      public_id = url.split('/').last.split('.').first
+      begin
+        require 'cloudinary'
+        Cloudinary::Uploader.destroy(public_id)
+      rescue => e
+        puts "⚠ Error deleting from Cloudinary: #{e.message}"
+      end
+    elsif url.start_with?('/img/uploads/')
+      path = File.join(APP_ROOT, 'public', url)
+      FileUtils.rm(path) if File.exist?(path) rescue nil
+    end
+  end
+
+  def delete_all_images_from_content(content)
+    return unless content
+    # Find all Cloudinary URLs in markdown
+    urls = content.scan(/https?:\/\/res\.cloudinary\.com\/[^\/]+\/image\/upload\/[^\s\)]+/)
+    urls.each { |url| delete_from_storage(url) }
+    
+    # Also find local uploads
+    local_urls = content.scan(/\/img\/uploads\/[^\s\)]+/)
+    local_urls.each { |url| delete_from_storage(url) }
+  end
+end

data/app/controllers/auth_controller.rb

@@ -0,0 +1,35 @@
+require_relative 'application_controller'
+
+class AuthController < ApplicationController
+  def show_login
+    if session['user_id']
+      redirect_to '/dashboard'
+      return
+    end
+    reason = req.params['reason']
+    error = reason == 'expired' ? 'Your session has expired. Please log in again.' : nil
+    render 'login', title: 'Login - One-For-All', error: error
+  end
+
+  def login
+    username = req.params['username']
+    password = req.params['password']
+    
+    user = User.authenticate(username, password)
+    if user
+      # Set session keys
+      session['user_id'] = user.id
+      session['username'] = user.username
+      session['last_active_at'] = Time.now.to_i
+      
+      redirect_to '/dashboard'
+    else
+      render 'login', title: 'Login - One-For-All', error: 'Invalid credentials'
+    end
+  end
+
+  def logout
+    ['user_id', :user_id, 'username', :username, 'last_active_at', :last_active_at].each { |k| session.delete(k) }
+    redirect_to '/login'
+  end
+end

data/app/controllers/dashboard_controller.rb

@@ -0,0 +1,41 @@
+require_relative 'application_controller'
+require 'cloudinary'
+
+class DashboardController < ApplicationController
+  def index
+    @type = FEATURES_CONFIG['type']
+    @stats = {
+      pages: Page.count,
+      posts: Post.count,
+      projects: Project.count
+    }
+    render 'dashboard'
+  end
+
+  # Image Upload Action
+  def upload
+    file = params['file']
+    if file && file[:tempfile]
+      if FEATURES_CONFIG['storage'] == 'cloudinary'
+        begin
+          upload = Cloudinary::Uploader.upload(file[:tempfile].path)
+          url = upload['secure_url']
+          @res.body << { url: url }.to_json
+        rescue => e
+          @res.status = 500
+          @res.body << { error: e.message }.to_json
+        end
+      else
+        filename = "#{Time.now.to_i}_#{file[:filename]}"
+        target = File.join(APP_ROOT, 'public/img/uploads', filename)
+        FileUtils.cp(file[:tempfile].path, target)
+        @res.body << { url: "/img/uploads/#{filename}" }.to_json
+      end
+    else
+      @res.status = 400
+      @res.body << { error: "No file uploaded" }.to_json
+    end
+    @res.headers['Content-Type'] = 'application/json'
+    throw(:halt)
+  end
+end

data/app/controllers/pages_controller.rb

@@ -0,0 +1,49 @@
+require_relative 'application_controller'
+
+class PagesController < ApplicationController
+  def index
+    @pages = Page.all
+    render 'cms/pages_index'
+  end
+
+  def new
+    @page = Page.new
+    render 'cms/pages_form'
+  end
+
+  def create
+    data = params['page']
+    data['is_active'] = boolean_param(data['is_active'])
+    data['is_nav'] = boolean_param(data['is_nav'])
+    @page = Page.new(data)
+    if @page.save
+      redirect_to '/dashboard/pages'
+    else
+      render 'cms/pages_form'
+    end
+  end
+
+  def edit
+    @page = Page[params['id']]
+    render 'cms/pages_form'
+  end
+
+  def update
+    @page = Page[params['id']]
+    data = params['page']
+    data['is_active'] = boolean_param(data['is_active'])
+    data['is_nav'] = boolean_param(data['is_nav'])
+    if @page.update(data)
+      redirect_to '/dashboard/pages'
+    else
+      render 'cms/pages_form'
+    end
+  end
+
+  def destroy
+    @page = Page[params['id']]
+    delete_all_images_from_content(@page.content) if @page.respond_to?(:content)
+    @page.destroy
+    redirect_to '/dashboard/pages'
+  end
+end

data/app/controllers/posts_controller.rb

@@ -0,0 +1,48 @@
+require_relative 'application_controller'
+
+class PostsController < ApplicationController
+  def index
+    @posts = Post.order(Sequel.desc(:created_at)).all
+    render 'cms/posts_index'
+  end
+
+  def new
+    @post = Post.new
+    render 'cms/posts_form'
+  end
+
+  def create
+    data = params['post']
+    data['is_active'] = boolean_param(data['is_active'])
+    @post = Post.new(data)
+    if @post.save
+      redirect_to '/dashboard/posts'
+    else
+      render 'cms/posts_form'
+    end
+  end
+
+  def edit
+    @post = Post[params['id']]
+    render 'cms/posts_form'
+  end
+
+  def update
+    @post = Post[params['id']]
+    data = params['post']
+    data['is_active'] = boolean_param(data['is_active'])
+    if @post.update(data)
+      redirect_to '/dashboard/posts'
+    else
+      render 'cms/posts_form'
+    end
+  end
+
+  def destroy
+    @post = Post[params['id']]
+    delete_from_storage(@post.image_url) if @post.respond_to?(:image_url)
+    delete_all_images_from_content(@post.content) if @post.respond_to?(:content)
+    @post.destroy
+    redirect_to '/dashboard/posts'
+  end
+end

data/app/controllers/projects_controller.rb

@@ -0,0 +1,48 @@
+require_relative 'application_controller'
+
+class ProjectsController < ApplicationController
+  def index
+    @projects = Project.order(Sequel.desc(:created_at)).all
+    render 'cms/projects_index'
+  end
+
+  def new
+    @project = Project.new
+    render 'cms/projects_form'
+  end
+
+  def create
+    data = params['project']
+    data['is_active'] = boolean_param(data['is_active'])
+    @project = Project.new(data)
+    if @project.save
+      redirect_to '/dashboard/projects'
+    else
+      render 'cms/projects_form'
+    end
+  end
+
+  def edit
+    @project = Project[params['id']]
+    render 'cms/projects_form'
+  end
+
+  def update
+    @project = Project[params['id']]
+    data = params['project']
+    data['is_active'] = boolean_param(data['is_active'])
+    if @project.update(data)
+      redirect_to '/dashboard/projects'
+    else
+      render 'cms/projects_form'
+    end
+  end
+
+  def destroy
+    @project = Project[params['id']]
+    delete_from_storage(@project.image_url) if @project.respond_to?(:image_url)
+    delete_all_images_from_content(@project.description) if @project.respond_to?(:description)
+    @project.destroy
+    redirect_to '/dashboard/projects'
+  end
+end

data/app/helpers/cloudinary_helper.rb

@@ -0,0 +1,14 @@
+require 'cloudinary'
+
+module CloudinaryHelper
+  def self.setup
+    Cloudinary.config do |config|
+      # In production, use ENV['CLOUDINARY_URL']
+      config.secure = true
+    end
+  end
+
+  def self.upload(file_path)
+    Cloudinary::Uploader.upload(file_path)
+  end
+end

data/app/middleware/auth_middleware.rb

@@ -0,0 +1,52 @@
+class AuthMiddleware
+  # Session expires after 8 hours of inactivity
+  MAX_SESSION_AGE = 60 * 60 * 8
+
+  def initialize(app)
+    @app = app
+  end
+
+  def call(env)
+    # Debug: Check what session keys are available
+    # puts "DEBUG KEYS: #{env.keys.select{|k| k.include?('session')}}"
+    
+    env['eks_cent.session'] ||= env['rack.session'] || {}
+    session = env['eks_cent.session']
+
+    # Check for session expiry
+    user_id = session['user_id'] || session[:user_id]
+    last_active = session['last_active_at'] || session[:last_active_at]
+
+    if user_id && last_active
+      age = Time.now.to_i - last_active.to_i
+      if age > MAX_SESSION_AGE
+        # Clear session if expired
+        ['user_id', :user_id, 'username', :username, 'last_active_at', :last_active_at].each { |k| session.delete(k) }
+        
+        if requires_auth?(env['PATH_INFO'])
+          return [302, { 'Location' => '/login?reason=expired' }, []]
+        end
+      else
+        # Update last active time to extend session (sliding expiration)
+        session['last_active_at'] = Time.now.to_i
+      end
+    elsif user_id
+      # If logged in but no last_active_at (legacy session), set it now
+      session['last_active_at'] = Time.now.to_i
+    end
+
+    # If the route requires authentication and user is not logged in
+    logged_in = session['user_id'] || session[:user_id] || session['username'] || session[:username]
+    if requires_auth?(env['PATH_INFO']) && !logged_in
+      return [302, { 'Location' => '/login' }, []]
+    end
+
+    @app.call(env)
+  end
+
+  private
+
+  def requires_auth?(path)
+    path.start_with?('/dashboard') || path.start_with?('/profile')
+  end
+end

data/app/middleware/csrf_middleware.rb

@@ -0,0 +1,27 @@
+require 'securerandom'
+
+class CSRFMiddleware
+  def initialize(app)
+    @app = app
+  end
+
+  def call(env)
+    req = Rack::Request.new(env)
+    env['eks_cent.session'] ||= env['rack.session'] || {}
+    session = env['eks_cent.session']
+    
+    # Generate token if not exists
+    session['csrf_token'] ||= SecureRandom.hex(32)
+    env['eks_cent.csrf_token'] = session['csrf_token']
+
+    if ['POST', 'PUT', 'DELETE', 'PATCH'].include?(req.request_method)
+      token = req.params['csrf_token'] || req.env['HTTP_X_CSRF_TOKEN']
+      
+      if token != session['csrf_token']
+        return [403, { 'Content-Type' => 'text/plain' }, ['Forbidden: CSRF Token Invalid']]
+      end
+    end
+
+    @app.call(env)
+  end
+end

data/app/models/page.rb

@@ -0,0 +1,8 @@
+class Page < Sequel::Model
+  plugin :validation_helpers
+  def validate
+    super
+    validates_presence [:title, :slug]
+    validates_unique :slug
+  end
+end

data/app/models/post.rb

@@ -0,0 +1,8 @@
+class Post < Sequel::Model
+  plugin :validation_helpers
+  def validate
+    super
+    validates_presence [:title, :slug]
+    validates_unique :slug
+  end
+end

data/app/models/project.rb

@@ -0,0 +1,7 @@
+class Project < Sequel::Model
+  plugin :validation_helpers
+  def validate
+    super
+    validates_presence [:title]
+  end
+end