tina4 0.2.0

data/lib/tina4/api.rb

@@ -0,0 +1,152 @@
+# frozen_string_literal: true
+require "net/http"
+require "uri"
+require "json"
+
+module Tina4
+  class API
+    attr_reader :base_url, :headers
+
+    def initialize(base_url, headers: {}, timeout: 30)
+      @base_url = base_url.chomp("/")
+      @headers = {
+        "Content-Type" => "application/json",
+        "Accept" => "application/json"
+      }.merge(headers)
+      @timeout = timeout
+    end
+
+    def get(path, params: {}, headers: {})
+      uri = build_uri(path, params)
+      request = Net::HTTP::Get.new(uri)
+      apply_headers(request, headers)
+      execute(uri, request)
+    end
+
+    def post(path, body: nil, headers: {})
+      uri = build_uri(path)
+      request = Net::HTTP::Post.new(uri)
+      request.body = body.is_a?(String) ? body : JSON.generate(body) if body
+      apply_headers(request, headers)
+      execute(uri, request)
+    end
+
+    def put(path, body: nil, headers: {})
+      uri = build_uri(path)
+      request = Net::HTTP::Put.new(uri)
+      request.body = body.is_a?(String) ? body : JSON.generate(body) if body
+      apply_headers(request, headers)
+      execute(uri, request)
+    end
+
+    def patch(path, body: nil, headers: {})
+      uri = build_uri(path)
+      request = Net::HTTP::Patch.new(uri)
+      request.body = body.is_a?(String) ? body : JSON.generate(body) if body
+      apply_headers(request, headers)
+      execute(uri, request)
+    end
+
+    def delete(path, headers: {})
+      uri = build_uri(path)
+      request = Net::HTTP::Delete.new(uri)
+      apply_headers(request, headers)
+      execute(uri, request)
+    end
+
+    def upload(path, file_path, field_name: "file", extra_fields: {}, headers: {})
+      uri = build_uri(path)
+      boundary = "----Tina4Boundary#{SecureRandom.hex(16)}"
+
+      body = build_multipart_body(boundary, file_path, field_name, extra_fields)
+
+      request = Net::HTTP::Post.new(uri)
+      request.body = body
+      request["Content-Type"] = "multipart/form-data; boundary=#{boundary}"
+      headers.each { |k, v| request[k] = v }
+      execute(uri, request)
+    end
+
+    private
+
+    def build_uri(path, params = {})
+      url = "#{@base_url}#{path}"
+      uri = URI.parse(url)
+      unless params.empty?
+        query = URI.encode_www_form(params)
+        uri.query = uri.query ? "#{uri.query}&#{query}" : query
+      end
+      uri
+    end
+
+    def apply_headers(request, extra_headers)
+      @headers.merge(extra_headers).each do |key, value|
+        request[key] = value
+      end
+    end
+
+    def execute(uri, request)
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = uri.scheme == "https"
+      http.open_timeout = @timeout
+      http.read_timeout = @timeout
+
+      response = http.request(request)
+
+      APIResponse.new(
+        status: response.code.to_i,
+        body: response.body,
+        headers: response.to_hash
+      )
+    rescue StandardError => e
+      APIResponse.new(
+        status: 0,
+        body: "",
+        headers: {},
+        error: e.message
+      )
+    end
+
+    def build_multipart_body(boundary, file_path, field_name, extra_fields)
+      body = ""
+      extra_fields.each do |key, value|
+        body += "--#{boundary}\r\n"
+        body += "Content-Disposition: form-data; name=\"#{key}\"\r\n\r\n"
+        body += "#{value}\r\n"
+      end
+
+      filename = File.basename(file_path)
+      body += "--#{boundary}\r\n"
+      body += "Content-Disposition: form-data; name=\"#{field_name}\"; filename=\"#{filename}\"\r\n"
+      body += "Content-Type: application/octet-stream\r\n\r\n"
+      body += File.binread(file_path)
+      body += "\r\n--#{boundary}--\r\n"
+      body
+    end
+  end
+
+  class APIResponse
+    attr_reader :status, :body, :headers, :error
+
+    def initialize(status:, body:, headers:, error: nil)
+      @status = status
+      @body = body
+      @headers = headers
+      @error = error
+    end
+
+    def success?
+      @status >= 200 && @status < 300
+    end
+
+    def json
+      @json ||= JSON.parse(@body)
+    rescue JSON::ParserError
+      {}
+    end
+
+    def to_s
+      "APIResponse(status=#{@status})"
+    end
+  end
+end

data/lib/tina4/auth.rb

@@ -0,0 +1,139 @@
+# frozen_string_literal: true
+require "openssl"
+require "base64"
+require "json"
+require "fileutils"
+
+module Tina4
+  module Auth
+    KEYS_DIR = ".keys"
+
+    class << self
+      def setup(root_dir = Dir.pwd)
+        @keys_dir = File.join(root_dir, KEYS_DIR)
+        FileUtils.mkdir_p(@keys_dir)
+        ensure_keys
+      end
+
+      def generate_token(payload, expires_in: 3600)
+        ensure_keys
+        now = Time.now.to_i
+        claims = payload.merge(
+          "iat" => now,
+          "exp" => now + expires_in,
+          "nbf" => now
+        )
+        require "jwt"
+        JWT.encode(claims, private_key, "RS256")
+      end
+
+      def validate_token(token)
+        ensure_keys
+        require "jwt"
+        decoded = JWT.decode(token, public_key, true, algorithm: "RS256")
+        { valid: true, payload: decoded[0] }
+      rescue JWT::ExpiredSignature
+        { valid: false, error: "Token expired" }
+      rescue JWT::DecodeError => e
+        { valid: false, error: e.message }
+      end
+
+      def hash_password(password)
+        require "bcrypt"
+        BCrypt::Password.create(password)
+      end
+
+      def verify_password(password, hash)
+        require "bcrypt"
+        BCrypt::Password.new(hash) == password
+      rescue BCrypt::Errors::InvalidHash
+        false
+      end
+
+      def auth_handler(&block)
+        if block_given?
+          @custom_handler = block
+        else
+          @custom_handler || method(:default_auth_handler)
+        end
+      end
+
+      def bearer_auth
+        lambda do |env|
+          auth_header = env["HTTP_AUTHORIZATION"] || ""
+          return false unless auth_header =~ /\ABearer\s+(.+)\z/i
+
+          token = Regexp.last_match(1)
+
+          # API_KEY bypass — matches tina4_python behavior
+          api_key = ENV["API_KEY"]
+          if api_key && !api_key.empty? && token == api_key
+            env["tina4.auth"] = { "api_key" => true }
+            return true
+          end
+
+          result = validate_token(token)
+          if result[:valid]
+            env["tina4.auth"] = result[:payload]
+            true
+          else
+            false
+          end
+        end
+      end
+
+      # Default auth handler for secured routes (POST/PUT/PATCH/DELETE)
+      # Used automatically unless auth: false is passed
+      def default_secure_auth
+        @default_secure_auth ||= bearer_auth
+      end
+
+      def private_key
+        @private_key ||= OpenSSL::PKey::RSA.new(File.read(private_key_path))
+      end
+
+      def public_key
+        @public_key ||= OpenSSL::PKey::RSA.new(File.read(public_key_path))
+      end
+
+      private
+
+      def ensure_keys
+        @keys_dir ||= File.join(Dir.pwd, KEYS_DIR)
+        FileUtils.mkdir_p(@keys_dir)
+        unless File.exist?(private_key_path) && File.exist?(public_key_path)
+          generate_keys
+        end
+      end
+
+      def generate_keys
+        Tina4::Debug.info("Generating RSA key pair for JWT authentication")
+        key = OpenSSL::PKey::RSA.generate(2048)
+        File.write(private_key_path, key.to_pem)
+        File.write(public_key_path, key.public_key.to_pem)
+        @private_key = nil
+        @public_key = nil
+      end
+
+      def private_key_path
+        File.join(@keys_dir, "private.pem")
+      end
+
+      def public_key_path
+        File.join(@keys_dir, "public.pem")
+      end
+
+      def default_auth_handler(env)
+        auth_header = env["HTTP_AUTHORIZATION"] || ""
+        return true if auth_header.empty?
+
+        if auth_header =~ /\ABearer\s+(.+)\z/i
+          result = validate_token(Regexp.last_match(1))
+          result[:valid]
+        else
+          false
+        end
+      end
+    end
+  end
+end

data/lib/tina4/cli.rb

@@ -0,0 +1,243 @@
+# frozen_string_literal: true
+require "thor"
+require "fileutils"
+
+module Tina4
+  class CLI < Thor
+    desc "init [NAME]", "Initialize a new Tina4 project"
+    option :template, type: :string, default: "default", desc: "Project template"
+    def init(name = ".")
+      dir = name == "." ? Dir.pwd : File.join(Dir.pwd, name)
+      FileUtils.mkdir_p(dir)
+
+      create_project_structure(dir)
+      create_sample_files(dir, name == "." ? File.basename(Dir.pwd) : name)
+
+      puts "Tina4 project initialized in #{dir}"
+      puts "Run 'cd #{name} && bundle install && tina4 start' to get started" unless name == "."
+    end
+
+    desc "start", "Start the Tina4 web server"
+    option :port, type: :numeric, default: 7145, aliases: "-p"
+    option :host, type: :string, default: "0.0.0.0", aliases: "-h"
+    option :dev, type: :boolean, default: false, aliases: "-d", desc: "Enable dev mode with auto-reload"
+    def start
+      require_relative "../tina4"
+
+      root_dir = Dir.pwd
+      Tina4.initialize!(root_dir)
+
+      # Load route files
+      load_routes(root_dir)
+
+      if options[:dev]
+        Tina4::DevReload.start(root_dir: root_dir)
+        Tina4::ScssCompiler.compile_all(root_dir)
+      end
+
+      app = Tina4::RackApp.new(root_dir: root_dir)
+
+      # Try Puma first (production-grade), fall back to WEBrick
+      begin
+        require "puma"
+        require "puma/configuration"
+        require "puma/launcher"
+
+        puma_host = options[:host]
+        puma_port = options[:port]
+
+        config = Puma::Configuration.new do |user_config|
+          user_config.bind "tcp://#{puma_host}:#{puma_port}"
+          user_config.app app
+          user_config.threads 0, 16
+          user_config.workers 0
+          user_config.environment "development"
+          user_config.log_requests false
+          user_config.quiet
+        end
+
+        Tina4::Debug.info("Starting Puma server on http://#{puma_host}:#{puma_port}")
+        launcher = Puma::Launcher.new(config)
+        launcher.run
+      rescue LoadError
+        Tina4::Debug.info("Puma not found, falling back to WEBrick")
+        server = Tina4::WebServer.new(app, host: options[:host], port: options[:port])
+        server.start
+      end
+    end
+
+    desc "migrate", "Run database migrations"
+    option :create, type: :string, desc: "Create a new migration"
+    option :rollback, type: :numeric, desc: "Rollback N migrations"
+    def migrate
+      require_relative "../tina4"
+      Tina4.initialize!(Dir.pwd)
+
+      db = Tina4.database
+      unless db
+        puts "No database configured. Set DATABASE_URL in your .env file."
+        return
+      end
+
+      migration = Tina4::Migration.new(db)
+
+      if options[:create]
+        path = migration.create(options[:create])
+        puts "Created migration: #{path}"
+      elsif options[:rollback]
+        migration.rollback(options[:rollback])
+        puts "Rolled back #{options[:rollback]} migration(s)"
+      else
+        results = migration.run
+        if results.empty?
+          puts "No pending migrations"
+        else
+          results.each do |r|
+            status_icon = r[:status] == "success" ? "OK" : "FAIL"
+            puts "  [#{status_icon}] #{r[:name]}"
+          end
+        end
+      end
+    end
+
+    desc "test", "Run inline tests"
+    def test
+      require_relative "../tina4"
+      Tina4.initialize!(Dir.pwd)
+
+      # Load test files
+      test_dirs = %w[tests test spec src/tests]
+      test_dirs.each do |dir|
+        test_dir = File.join(Dir.pwd, dir)
+        next unless Dir.exist?(test_dir)
+        Dir.glob(File.join(test_dir, "**/*_test.rb")).sort.each { |f| load f }
+        Dir.glob(File.join(test_dir, "**/test_*.rb")).sort.each { |f| load f }
+      end
+
+      # Also load inline tests from routes
+      load_routes(Dir.pwd)
+
+      results = Tina4::Testing.run_all
+      exit(1) if results[:failed] > 0 || results[:errors] > 0
+    end
+
+    desc "version", "Show Tina4 version"
+    def version
+      require_relative "version"
+      puts "Tina4 Ruby v#{Tina4::VERSION}"
+    end
+
+    desc "routes", "List all registered routes"
+    def routes
+      require_relative "../tina4"
+      Tina4.initialize!(Dir.pwd)
+      load_routes(Dir.pwd)
+
+      puts "\nRegistered Routes:"
+      puts "-" * 60
+      Tina4::Router.routes.each do |route|
+        auth = route.auth_handler ? " [AUTH]" : ""
+        puts "  #{route.method.ljust(8)} #{route.path}#{auth}"
+      end
+      puts "-" * 60
+      puts "Total: #{Tina4::Router.routes.length} routes\n"
+    end
+
+    desc "console", "Start an interactive console"
+    def console
+      require_relative "../tina4"
+      Tina4.initialize!(Dir.pwd)
+      load_routes(Dir.pwd)
+
+      require "irb"
+      IRB.start
+    end
+
+    private
+
+    def load_routes(root_dir)
+      route_dirs = %w[routes src/routes src/api api]
+      route_dirs.each do |dir|
+        route_dir = File.join(root_dir, dir)
+        next unless Dir.exist?(route_dir)
+        Dir.glob(File.join(route_dir, "**/*.rb")).sort.each { |f| load f }
+      end
+
+      # Also load app.rb if it exists
+      app_file = File.join(root_dir, "app.rb")
+      load app_file if File.exist?(app_file)
+
+      index_file = File.join(root_dir, "index.rb")
+      load index_file if File.exist?(index_file)
+    end
+
+    def create_project_structure(dir)
+      %w[
+        routes templates public public/css public/js public/images
+        migrations src logs
+      ].each do |subdir|
+        FileUtils.mkdir_p(File.join(dir, subdir))
+      end
+    end
+
+    def create_sample_files(dir, project_name)
+      # app.rb
+      unless File.exist?(File.join(dir, "app.rb"))
+        File.write(File.join(dir, "app.rb"), <<~RUBY)
+          require "tina4"
+
+          Tina4.get "/" do |request, response|
+            response.html "<h1>Welcome to #{project_name}!</h1><p>Powered by Tina4 Ruby</p>"
+          end
+
+          Tina4.get "/api/hello" do |request, response|
+            response.json({ message: "Hello from Tina4!", timestamp: Time.now.iso8601 })
+          end
+        RUBY
+      end
+
+      # Gemfile
+      unless File.exist?(File.join(dir, "Gemfile"))
+        File.write(File.join(dir, "Gemfile"), <<~RUBY)
+          source "https://rubygems.org"
+          gem "tina4"
+        RUBY
+      end
+
+      # .gitignore
+      unless File.exist?(File.join(dir, ".gitignore"))
+        File.write(File.join(dir, ".gitignore"), <<~TEXT)
+          .env
+          .keys/
+          logs/
+          sessions/
+          .queue/
+          *.db
+          vendor/
+        TEXT
+      end
+
+      # Base template
+      templates_dir = File.join(dir, "templates")
+      unless File.exist?(File.join(templates_dir, "base.twig"))
+        File.write(File.join(templates_dir, "base.twig"), <<~HTML)
+          <!DOCTYPE html>
+          <html lang="en">
+          <head>
+            <meta charset="UTF-8">
+            <meta name="viewport" content="width=device-width, initial-scale=1.0">
+            <title>{% block title %}#{project_name}{% endblock %}</title>
+            <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+            {% block head %}{% endblock %}
+          </head>
+          <body>
+            {% block content %}{% endblock %}
+            <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
+            {% block scripts %}{% endblock %}
+          </body>
+          </html>
+        HTML
+      end
+    end
+  end
+end

data/lib/tina4/crud.rb

@@ -0,0 +1,124 @@
+# frozen_string_literal: true
+
+module Tina4
+  module Crud
+    class << self
+      def generate_table(records, table_name: "data", primary_key: "id", editable: true)
+        return "<p>No records found.</p>" if records.nil? || records.empty?
+
+        columns = records.first.keys
+
+        html = <<~HTML
+          <div class="table-responsive">
+          <table class="table table-striped table-hover" id="crud-#{table_name}">
+          <thead class="table-dark"><tr>
+        HTML
+
+        columns.each do |col|
+          html += "<th>#{col}</th>"
+        end
+        html += "<th>Actions</th>" if editable
+        html += "</tr></thead><tbody>"
+
+        records.each do |row|
+          pk_value = row[primary_key.to_sym] || row[primary_key.to_s]
+          html += "<tr data-id=\"#{pk_value}\">"
+          columns.each do |col|
+            value = row[col]
+            if editable
+              html += "<td contenteditable=\"true\" data-field=\"#{col}\">#{value}</td>"
+            else
+              html += "<td>#{value}</td>"
+            end
+          end
+          if editable
+            html += "<td>"
+            html += "<button class=\"btn btn-sm btn-primary me-1\" onclick=\"crudSave('#{table_name}', '#{pk_value}')\">Save</button>"
+            html += "<button class=\"btn btn-sm btn-danger\" onclick=\"crudDelete('#{table_name}', '#{pk_value}')\">Delete</button>"
+            html += "</td>"
+          end
+          html += "</tr>"
+        end
+
+        html += "</tbody></table></div>"
+
+        if editable
+          html += crud_javascript(table_name)
+        end
+
+        html
+      end
+
+      def generate_form(fields, action: "/", method: "POST", table_name: "data")
+        html = "<form action=\"#{action}\" method=\"#{method}\" class=\"needs-validation\" novalidate>"
+        html += "<input type=\"hidden\" name=\"_method\" value=\"#{method}\">" if %w[PUT PATCH DELETE].include?(method.upcase)
+
+        fields.each do |field|
+          name = field[:name]
+          type = field[:type] || :string
+          label = field[:label] || name.to_s.capitalize
+          value = field[:value] || ""
+          required = field[:required] || false
+
+          html += "<div class=\"mb-3\">"
+          html += "<label for=\"#{name}\" class=\"form-label\">#{label}</label>"
+
+          case type.to_sym
+          when :text
+            html += "<textarea class=\"form-control\" id=\"#{name}\" name=\"#{name}\" #{'required' if required}>#{value}</textarea>"
+          when :boolean
+            checked = value ? "checked" : ""
+            html += "<div class=\"form-check\">"
+            html += "<input class=\"form-check-input\" type=\"checkbox\" id=\"#{name}\" name=\"#{name}\" #{checked}>"
+            html += "</div>"
+          when :select
+            html += "<select class=\"form-select\" id=\"#{name}\" name=\"#{name}\" #{'required' if required}>"
+            (field[:options] || []).each do |opt|
+              selected = opt[:value].to_s == value.to_s ? "selected" : ""
+              html += "<option value=\"#{opt[:value]}\" #{selected}>#{opt[:label]}</option>"
+            end
+            html += "</select>"
+          when :date
+            html += "<input type=\"date\" class=\"form-control\" id=\"#{name}\" name=\"#{name}\" value=\"#{value}\" #{'required' if required}>"
+          when :integer, :number
+            html += "<input type=\"number\" class=\"form-control\" id=\"#{name}\" name=\"#{name}\" value=\"#{value}\" #{'required' if required}>"
+          else
+            html += "<input type=\"text\" class=\"form-control\" id=\"#{name}\" name=\"#{name}\" value=\"#{value}\" #{'required' if required}>"
+          end
+          html += "</div>"
+        end
+
+        html += "<button type=\"submit\" class=\"btn btn-primary\">Submit</button>"
+        html += "</form>"
+        html
+      end
+
+      private
+
+      def crud_javascript(table_name)
+        <<~JS
+          <script>
+          function crudSave(table, id) {
+            const row = document.querySelector(`tr[data-id="${id}"]`);
+            const cells = row.querySelectorAll('td[data-field]');
+            const data = {};
+            cells.forEach(cell => { data[cell.dataset.field] = cell.textContent; });
+            fetch(`/api/${table}/${id}`, {
+              method: 'PUT',
+              headers: { 'Content-Type': 'application/json' },
+              body: JSON.stringify(data)
+            }).then(r => r.json()).then(d => { alert('Saved!'); }).catch(e => alert('Error: ' + e));
+          }
+          function crudDelete(table, id) {
+            if (!confirm('Delete this record?')) return;
+            fetch(`/api/${table}/${id}`, { method: 'DELETE' })
+              .then(r => r.json())
+              .then(d => { document.querySelector(`tr[data-id="${id}"]`).remove(); })
+              .catch(e => alert('Error: ' + e));
+          }
+          </script>
+        JS
+      end
+    end
+  end
+end