npm - @dalgoridim/headless-cms - Versions diffs - 0.5.0 → 0.5.1 - Mend

@dalgoridim/headless-cms 0.5.0 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/README.md +85 -1
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -26,6 +26,7 @@ npm install @dalgoridim/headless-cms
 npm install firebase firebase-admin cloudinary   # Firestore + Cloudinary + Firebase
 npm install pg                                    # Postgres
 npm install @aws-sdk/client-s3 @aws-sdk/s3-request-presigner  # S3
+npm install @react-oauth/google                   # Google sign-in (auth/google/client)
 ```
 `react` / `react-dom` are peer deps; every backend SDK is an **optional** peer —
@@ -38,7 +39,7 @@ Server-only code never leaks into the client bundle. Import from the right entry
 | Entry | Contents |
 |---|---|
 | `@dalgoridim/headless-cms` | Shared types only (safe anywhere) |
-| `.../client` | `PageProvider`, `usePageContext`, `ContentEditSpan`, `EditableImage`, `useMarkdownEditor`, `CmsAuthProvider`, `useCmsAuth` |
+| `.../client` | `PageProvider`, `usePageContext` (field edits **+ collection add/remove/reorder**), `ContentEditSpan`, `EditableImage`, `useMarkdownEditor`, `CmsAuthProvider`, `useCmsAuth` |
 | `.../server` | `createCmsHandlers`, `createAdminGate`, `resolveRelations` |
 | `.../adapters/firestore` | `FirestoreDataAdapter` |
 | `.../adapters/postgres` | `PostgresDataAdapter` (hybrid JSONB + typed tables) |
@@ -46,6 +47,8 @@ Server-only code never leaks into the client bundle. Import from the right entry
 | `.../storage/{cloudinary,s3,local}/server` | **Server** signers — pull in SDKs, server-only |
 | `.../auth/firebase` | `firebaseAuth` (server gate) |
 | `.../auth/firebase/client` | `FirebaseAuthProvider`, `useFirebaseAuth` |
+| `.../auth/google` | `googleAuth` (server gate), `verifyGoogleIdToken` — **Firebase-free** Google sign-in |
+| `.../auth/google/client` | `GoogleAuthProvider`, `useGoogleAuth`, `GoogleSignInButton` |
 | `.../auth/nextauth` | `nextAuthAuth`, `customAuth` |
 ## Core interfaces
@@ -214,6 +217,45 @@ function Editor({ initialValue, onSave }) {
 }
 ```
+## Editable collections (add / remove / reorder)
+`ContentEditSpan` / `EditableImage` edit the **fields of one item**. To let an admin
+change **which items exist** and **their order** (e.g. add a project, delete a tool,
+drag to reorder), `usePageContext` exposes optimistic, self-persisting collection
+ops. Hydrate the lists from the server via `initialCollections`:
+```tsx
+<PageProvider
+  initialSections={sections}
+  initialCollections={{ projects: await data.fetchCollection("projects") }}
+>
+```
+```tsx
+import { usePageContext } from "@dalgoridim/headless-cms/client";
+const { collections, createItem, deleteItem, reorderItems } = usePageContext();
+// add — PUT (upsert) with a generated id; returns the new id
+await createItem("projects", { title: "New project", order: collections.projects.length });
+// remove — DELETE
+await deleteItem("projects", id);
+// reorder — PATCH each item's integer `order` to match the new sequence
+await reorderItems("projects", ["id-c", "id-a", "id-b"]);
+```
+| Op | Persists via | Notes |
+|---|---|---|
+| `createItem(collection, data, opts?)` | `PUT {base}/{collection}/{id}` | `opts.id` to set the id, `opts.atStart` to prepend; returns the id |
+| `deleteItem(collection, id)` | `DELETE {base}/{collection}/{id}` | |
+| `reorderItems(collection, orderedIds)` | `PATCH {base}/{collection}/{id}` ×N | writes `{ order: index }` per item |
+All three update `collections` optimistically and **roll back on failure** (with a
+`notify` toast). Order is an `int` — register the collection with a typed `order`
+column (see [Postgres](#postgres-hybrid)) so it sorts numerically.
 ## The Query language
 A neutral, backend-agnostic query passed to `DataAdapter.fetchCollection`:
@@ -321,6 +363,48 @@ createCmsHandlers({
 });
 ```
+### Google sign-in (no Firebase)
+`auth/google` is a Firebase-free way to do "Sign in with Google" — one OAuth client
+ID, no service account. The server verifies the Google ID token **locally** against
+Google's public keys (Node `crypto` + `fetch`, zero new deps) and grants admin only
+to a verified email in your allowlist.
+```ts
+// server gate
+import { googleAuth } from "@dalgoridim/headless-cms/auth/google";
+export const { GET, PATCH, PUT, DELETE } = createCmsHandlers({
+  data,
+  auth: googleAuth({
+    clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID!,
+    adminEmails: process.env.ADMIN_EMAILS!.split(","),
+  }),
+});
+```
+```tsx
+// client — built on @react-oauth/google (install it)
+import {
+  GoogleAuthProvider,
+  GoogleSignInButton,
+  useGoogleAuth,
+} from "@dalgoridim/headless-cms/auth/google/client";
+<GoogleAuthProvider clientId={clientId} adminEmails={["you@example.com"]}>
+  <PageProvider …>{children}</PageProvider>
+</GoogleAuthProvider>;
+// anywhere inside the provider — renders the official Google button:
+<GoogleSignInButton onError={() => toast.error("Sign-in failed")} />;
+// useGoogleAuth() → { user, isAdmin, isEditing, toggleEdit, logout }
+```
+The button writes the ID token to an `adminToken` cookie that `googleAuth` reads;
+`isAdmin` is optimistic on the client (via `adminEmails`) with the server gate
+authoritative. `verifyGoogleIdToken(token, { clientId })` is also exported for
+custom flows.
 ## Your content types stay unconstrained
 The engine only adds addressing fields; your domain type `T` is never forced to

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@dalgoridim/headless-cms",
-  "version": "0.5.0",
+  "version": "0.5.1",
   "description": "Database-agnostic, inline-edit headless CMS engine for React / Next.js apps",
   "license": "UNLICENSED",
   "author": "dalgoridim",