@edge-base/server 0.2.2 → 0.2.4

package/src/durable-objects/database-do.ts

@@ -54,15 +54,12 @@ import {
   getRegisteredFunctions,
   buildFunctionContext,
 } from '../lib/functions.js';
-import { parseDbDoName, parseConfig as getGlobalConfig } from '../lib/do-router.js';
+import { parseDbDoName, parseConfig as getGlobalConfig, isDynamicDbBlock } from '../lib/do-router.js';
 import { parseDuration } from '../lib/jwt.js';
-import { createPushProvider } from '../lib/push-provider.js';
-import { getDevicesForUser } from '../lib/push-token.js';
-import { ensureAuthSchema } from '../lib/auth-d1.js';
-import { resolveAuthDb, type AuthDb } from '../lib/auth-db-adapter.js';
 import { buildDbLiveChannel, DATABASE_LIVE_HUB_DO_NAME } from '../lib/database-live-emitter.js';
 import { resolveRootServiceKey } from '../lib/service-key.js';
 import { resolveDbLiveBatchThreshold } from '../lib/database-live-config.js';
+import { buildTableHookRuntimeServices } from '../lib/table-hook-runtime.js';
 import type { Env } from '../types.js';
 
 // ─── Types ───
@@ -104,8 +101,36 @@ export class DatabaseDO extends DurableObject<DOEnv> {
     if (!this.initialized) {
       // §36: Newly created DO must be authorized before initialization.
       // If X-DO-Create-Authorized header is absent, signal Worker to evaluate canCreate.
-      // Shared/static DOs (doName === 'shared' or system) skip this gate.
-      const isStaticDO = !this.doName || this.doName === 'shared' || this.doName.startsWith('_');
+      // Single-instance DB blocks and internal/system DOs skip this gate.
+      const parsedDoName = this.doName ? parseDbDoName(this.doName) : null;
+      const dbBlock = parsedDoName ? this.config.databases?.[parsedDoName.namespace] : undefined;
+      const dynamicDbBlock = isDynamicDbBlock(dbBlock);
+      if (parsedDoName && dbBlock) {
+        if (dynamicDbBlock && !parsedDoName.id) {
+          return Response.json(
+            {
+              code: 400,
+              message: `instanceId is required for dynamic namespace '${parsedDoName.namespace}'`,
+              error: 'INVALID_DB_INSTANCE_ID',
+            },
+            { status: 400 },
+          );
+        }
+        if (!dynamicDbBlock && parsedDoName.id) {
+          return Response.json(
+            {
+              code: 400,
+              message: `instanceId is not allowed for single-instance namespace '${parsedDoName.namespace}'`,
+              error: 'INVALID_DB_INSTANCE_ID',
+            },
+            { status: 400 },
+          );
+        }
+      }
+      const isStaticDO =
+        !this.doName
+        || this.doName.startsWith('_')
+        || (!!dbBlock && !dynamicDbBlock && !parsedDoName?.id);
       if (!isStaticDO && !request.headers.get('X-DO-Create-Authorized')) {
         // Check if _meta table already exists (i.e., DO was previously initialized)
         let alreadyExists = false;
@@ -118,9 +143,8 @@ export class DatabaseDO extends DurableObject<DOEnv> {
 
         if (!alreadyExists) {
           // Signal Worker: this DO needs canCreate evaluation before init
-          const parsed = this.doName ? parseDbDoName(this.doName) : null;
           return Response.json(
-            { needsCreate: true, namespace: parsed?.namespace ?? 'shared', id: parsed?.id },
+            { needsCreate: true, namespace: parsedDoName?.namespace ?? 'shared', id: parsedDoName?.id },
             { status: 201 },
           );
         }
@@ -173,6 +197,8 @@ export class DatabaseDO extends DurableObject<DOEnv> {
    * db.get/list/exists use local SQL; databaseLive.broadcast uses emitDbLiveEvent.
    */
   private buildHookCtx(_table: string): HookCtx {
+    const runtimeServices = buildTableHookRuntimeServices(this.config, this.env as unknown as Env);
+
     return {
       db: {
         get: (tbl: string, id: string) => {
@@ -201,42 +227,7 @@ export class DatabaseDO extends DurableObject<DOEnv> {
           return Promise.resolve(rows.length > 0);
         },
       },
-      databaseLive: {
-        broadcast: (channel: string, event: string, data: unknown) => {
-          return this.sendBroadcastToDatabaseLiveDO(
-            channel,
-            { channel, event, payload: data ?? {} },
-          );
-        },
-      },
-      push: {
-        // Push from hooks — direct FCM via push-provider + KV device tokens
-        send: async (userId: string, payload: { title?: string; body: string }) => {
-          // Fire-and-forget — hooks are non-critical side effects
-          try {
-            if (!this.env.KV) return;
-            const provider = createPushProvider(this.config.push, this.env as unknown as Env);
-            if (!provider) return;
-            let tokenStore: KVNamespace | { kv: KVNamespace; authDb?: AuthDb | null } = this.env.KV;
-            try {
-              const authDb = resolveAuthDb(this.env as unknown as Record<string, unknown>);
-              await ensureAuthSchema(authDb);
-              tokenStore = { kv: this.env.KV, authDb };
-            } catch {
-              tokenStore = this.env.KV;
-            }
-            const devices = await getDevicesForUser(tokenStore, userId);
-            if (devices.length === 0) return;
-            await Promise.allSettled(
-              devices.map((device) =>
-                provider.send({ token: device.token, platform: device.platform, payload }),
-              ),
-            );
-          } catch {
-            /* best-effort */
-          }
-        },
-      },
+      ...runtimeServices,
       waitUntil: (p: Promise<unknown>) => this.ctx.waitUntil(p),
     };
   }

package/src/durable-objects/database-live-do.ts

@@ -19,6 +19,7 @@ interface DatabaseLiveEvent {
   docId: string;
   data: Record<string, unknown> | null;
   timestamp: string;
+  deliveryId?: string;
 }
 
 export type DatabaseLiveFilterCondition = [
@@ -42,6 +43,8 @@ interface WSMeta {
 }
 
 const MAX_FILTER_CONDITIONS = 5;
+const RECENT_DELIVERY_TTL_MS = 60_000;
+const MAX_RECENT_DELIVERIES = 2048;
 const VALID_FILTER_OPERATORS = new Set<FilterOperator>([
   '==',
   '!=',
@@ -138,6 +141,7 @@ export class DatabaseLiveDO extends DurableObject<DOEnv> {
   private filterRecoveryNeeded = true;
   private pendingAuth = new Map<string, ReturnType<typeof setTimeout>>();
   private metaCache = new Map<WebSocket, WSMeta>();
+  private recentDeliveryIds = new Map<string, number>();
 
   constructor(ctx: DurableObjectState, env: DOEnv) {
     super(ctx, env);
@@ -520,6 +524,10 @@ export class DatabaseLiveDO extends DurableObject<DOEnv> {
       return Response.json({ error: 'Invalid event body' }, { status: 400 });
     }
 
+    if (this.isDuplicateDelivery(event.deliveryId)) {
+      return Response.json({ ok: true, duplicate: true });
+    }
+
     await this.broadcastWithFilters({
       type: 'db_change',
       channel: event.channel,
@@ -540,6 +548,7 @@ export class DatabaseLiveDO extends DurableObject<DOEnv> {
       table: string;
       changes: Array<{ type: string; docId: string; data: Record<string, unknown> | null; timestamp: string }>;
       total: number;
+      deliveryId?: string;
     };
     try {
       batch = await request.json() as typeof batch;
@@ -547,6 +556,10 @@ export class DatabaseLiveDO extends DurableObject<DOEnv> {
       return Response.json({ error: 'Invalid batch event body' }, { status: 400 });
     }
 
+    if (this.isDuplicateDelivery(batch.deliveryId)) {
+      return Response.json({ ok: true, duplicate: true });
+    }
+
     const sockets = this.ctx.getWebSockets();
     const batchMsg = {
       type: 'batch_changes' as const,
@@ -646,13 +659,17 @@ export class DatabaseLiveDO extends DurableObject<DOEnv> {
    * Sends a custom broadcast_event to all clients subscribed to matching DB channels.
    */
   private async handleInternalBroadcast(request: Request): Promise<Response> {
-    let body: { channel?: string; event?: string; payload?: Record<string, unknown> };
+    let body: { channel?: string; event?: string; payload?: Record<string, unknown>; deliveryId?: string };
     try {
       body = await request.json() as typeof body;
     } catch {
       return Response.json({ error: 'Invalid broadcast body' }, { status: 400 });
     }
 
+    if (this.isDuplicateDelivery(body.deliveryId)) {
+      return Response.json({ ok: true, duplicate: true });
+    }
+
     const { channel, event, payload } = body;
     if (!channel || typeof channel !== 'string') {
       return Response.json({ error: 'channel is required' }, { status: 400 });
@@ -791,6 +808,34 @@ export class DatabaseLiveDO extends DurableObject<DOEnv> {
     this.metaCache.set(ws, meta);
   }
 
+  private isDuplicateDelivery(deliveryId?: string): boolean {
+    if (!deliveryId) return false;
+
+    const now = Date.now();
+    this.pruneRecentDeliveries(now);
+    if (this.recentDeliveryIds.has(deliveryId)) {
+      return true;
+    }
+
+    this.recentDeliveryIds.set(deliveryId, now);
+    while (this.recentDeliveryIds.size > MAX_RECENT_DELIVERIES) {
+      const oldest = this.recentDeliveryIds.keys().next().value;
+      if (!oldest) break;
+      this.recentDeliveryIds.delete(oldest);
+    }
+
+    return false;
+  }
+
+  private pruneRecentDeliveries(now: number): void {
+    for (const [deliveryId, seenAt] of this.recentDeliveryIds) {
+      if (now - seenAt <= RECENT_DELIVERY_TTL_MS) {
+        break;
+      }
+      this.recentDeliveryIds.delete(deliveryId);
+    }
+  }
+
   private getTableReadRule(tableName: string):
     | ((auth: Record<string, unknown> | null, row: Record<string, unknown>) => boolean | Promise<boolean>)
     | boolean

package/src/durable-objects/room-runtime-base.ts

@@ -48,6 +48,7 @@ export interface RoomDOEnv {
 
 export interface RoomWSMeta {
   authenticated: boolean;
+  authStateLost?: boolean;
   userId?: string;
   role?: string;
   auth?: SharedAuthContext;
@@ -70,6 +71,8 @@ const DEFAULT_DELTA_BATCH_MS = 50;
 const DEFAULT_RATE_LIMIT_ACTIONS = 10;
 const DEFAULT_RECONNECT_TIMEOUT_MS = 30000;
 const ROOM_CLIENT_LEAVE_CLOSE_CODE = 4005;
+const ROOM_AUTH_STATE_LOST_CLOSE_CODE = 4006;
+const ROOM_AUTH_STATE_LOST_CLOSE_REASON = 'Room authentication state lost';
 const EMPTY_ROOM_CLEANUP_DELAY_MS = 100;
 const DEFAULT_IDLE_TIMEOUT_SEC = 300;
 const ACTION_TIMEOUT_MS = 5000;
@@ -330,6 +333,7 @@ export class RoomRuntimeBaseDO extends DurableObject<RoomDOEnv> {
     const connectionId = crypto.randomUUID();
     const meta: RoomWSMeta = {
       authenticated: false,
+      authStateLost: false,
       connectionId,
       ip: request.headers.get('CF-Connecting-IP')
         || request.headers.get('X-Forwarded-For')?.split(',')[0]?.trim()
@@ -407,7 +411,7 @@ export class RoomRuntimeBaseDO extends DurableObject<RoomDOEnv> {
 
     // Everything else requires authentication
     if (!meta.authenticated) {
-      this.safeSend(ws, { type: 'error', code: 'NOT_AUTHENTICATED', message: 'Authenticate first' });
+      this.handleUnauthenticatedSocket(ws, meta);
       return;
     }
 
@@ -593,6 +597,7 @@ export class RoomRuntimeBaseDO extends DurableObject<RoomDOEnv> {
         new Request('http://internal/api/room/auth', { headers }),
       );
       meta.authenticated = true;
+      meta.authStateLost = false;
       meta.userId = auth.id;
       meta.role = auth.role;
       meta.auth = {
@@ -656,7 +661,7 @@ export class RoomRuntimeBaseDO extends DurableObject<RoomDOEnv> {
     msg: Record<string, unknown>,
   ): Promise<void> {
     if (!meta.authenticated || !meta.userId) {
-      this.safeSend(ws, { type: 'error', code: 'NOT_AUTHENTICATED', message: 'Authenticate first' });
+      this.handleUnauthenticatedSocket(ws, meta);
       return;
     }
 
@@ -1582,6 +1587,7 @@ export class RoomRuntimeBaseDO extends DurableObject<RoomDOEnv> {
 
       const meta: RoomWSMeta = {
         authenticated: false, // Must re-auth after hibernation
+        authStateLost: true,
         connectionId,
         ip,
       };
@@ -1596,6 +1602,24 @@ export class RoomRuntimeBaseDO extends DurableObject<RoomDOEnv> {
     this._metaCache.set(ws, meta);
   }
 
+  protected handleUnauthenticatedSocket(ws: WebSocket, meta: RoomWSMeta): void {
+    if (meta.authStateLost) {
+      this.safeSend(ws, {
+        type: 'error',
+        code: 'AUTH_STATE_LOST',
+        message: 'Room authentication state lost. Reconnect required.',
+      });
+      try {
+        ws.close(ROOM_AUTH_STATE_LOST_CLOSE_CODE, ROOM_AUTH_STATE_LOST_CLOSE_REASON);
+      } catch {
+        // Socket may already be closing.
+      }
+      return;
+    }
+
+    this.safeSend(ws, { type: 'error', code: 'NOT_AUTHENTICATED', message: 'Authenticate first' });
+  }
+
   // ─── Config ───
 
   private parseConfig(env: RoomDOEnv): EdgeBaseConfig {

package/src/durable-objects/rooms-do.ts

@@ -2359,7 +2359,7 @@ export class RoomsDO extends RoomRuntimeBaseDO {
     }
 
     if (!meta.authenticated) {
-      this.safeSend(ws, { type: 'error', code: 'NOT_AUTHENTICATED', message: 'Authenticate first' });
+      this.handleUnauthenticatedSocket(ws, meta);
       return null;
     }
 

package/src/index.ts

@@ -35,6 +35,7 @@ import { createAdminAssetRequest } from './lib/admin-assets.js';
 import { resolveAdminFaviconTarget, resolveAdminRedirectTarget } from './lib/admin-routing.js';
 import { zodDefaultHook } from './lib/schemas.js';
 import { executePluginMigrations } from './lib/plugin-migrations.js';
+import { shouldRunPluginMigrationsForRequestPath } from './lib/plugin-migration-routing.js';
 import { getFunctionsByTrigger, buildFunctionContext, getWorkerUrl } from './lib/functions.js';
 import { parseCron, matchesCron } from './lib/cron.js';
 import { parseDuration } from './lib/jwt.js';
@@ -104,15 +105,12 @@ app.use('*', corsMiddleware);
 // middleware below rejects any request with this header unless it comes via internal
 // stub.fetch (which is allowed by the x-internal whitelist). No stripping needed.
 
-// Plugin migration middleware — lazy, runs once per cold-start
+// Plugin migration middleware — lazily reconciles plugin control state before
+// routes that can execute plugin code or touch plugin-managed tables.
 app.use('*', async (c, next) => {
   const config = parseConfig(c.env);
   const requestPath = new URL(c.req.url).pathname;
-  const shouldSkipPluginMigrations =
-    requestPath.startsWith('/admin/api/backup/') ||
-    requestPath.startsWith('/admin/api/data/backup/') ||
-    requestPath.startsWith('/internal/backup/');
-  if (!shouldSkipPluginMigrations && config?.plugins?.length) {
+  if (config?.plugins?.length && shouldRunPluginMigrationsForRequestPath(requestPath)) {
     await executePluginMigrations(config.plugins, c.env, config, getWorkerUrl(c.req.url, c.env));
   }
   return next();
@@ -306,6 +304,14 @@ export default {
    */
   async scheduled(event: ScheduledEvent, env: Env, ctx: ExecutionContext): Promise<void> {
     const config = parseConfig(env);
+    if (config.plugins?.length) {
+      await executePluginMigrations(
+        config.plugins,
+        env,
+        config,
+        getWorkerUrl('http://internal/scheduled', env),
+      );
+    }
     const scheduleFns = getFunctionsByTrigger('schedule');
 
     const now = new Date(event.scheduledTime);

package/src/lib/admin-db-target.ts

@@ -4,16 +4,7 @@ import type {
   AdminInstanceDiscoveryOption,
   EdgeBaseConfig,
 } from '@edge-base/shared';
-import { executeD1Sql } from './d1-sql.js';
-import { executeDoSql } from './do-sql.js';
-import { getD1BindingName, shouldRouteToD1 } from './do-router.js';
-import {
-  ensureLocalDevPostgresSchema,
-  getLocalDevPostgresExecOptions,
-  getProviderBindingName,
-  withPostgresConnection,
-} from './postgres-executor.js';
-import { ensurePgSchema } from './postgres-schema-init.js';
+import { executeProviderAwareSql } from './provider-aware-sql.js';
 import type { Env } from '../types.js';
 
 export interface AdminDbQueryResult {
@@ -47,13 +38,15 @@ interface ResolveAdminInstanceOptions {
 }
 
 function isDynamicDbBlock(
-  dbBlock: {
-    instance?: boolean;
-    access?: {
-      canCreate?: unknown;
-      access?: unknown;
-    };
-  } | undefined,
+  dbBlock:
+    | {
+        instance?: boolean;
+        access?: {
+          canCreate?: unknown;
+          access?: unknown;
+        };
+      }
+    | undefined,
 ): boolean {
   if (!dbBlock) return false;
   return !!(dbBlock.instance || dbBlock.access?.canCreate || dbBlock.access?.access);
@@ -108,7 +101,9 @@ function uniqueStrings(values: Array<string | undefined>): string[] {
   return result;
 }
 
-function normalizeDiscoveryItems(items: AdminInstanceDiscoveryOption[]): AdminInstanceDiscoveryOption[] {
+function normalizeDiscoveryItems(
+  items: AdminInstanceDiscoveryOption[],
+): AdminInstanceDiscoveryOption[] {
   const seen = new Set<string>();
   const normalized: AdminInstanceDiscoveryOption[] = [];
   for (const item of items) {
@@ -132,60 +127,17 @@ export async function executeAdminDbQuery({
   sql,
   params = [],
 }: ExecuteAdminDbQueryOptions): Promise<AdminDbQueryResult> {
-  const dbBlock = config.databases?.[namespace];
-  if (!dbBlock) {
-    throw new Error(`Namespace not found: ${namespace}`);
-  }
-
-  if (!id && (dbBlock.provider === 'neon' || dbBlock.provider === 'postgres')) {
-    const bindingName = getProviderBindingName(namespace);
-    const envRecord = env as unknown as Record<string, unknown>;
-    const hyperdrive = envRecord[bindingName] as { connectionString?: string } | undefined;
-    const envKey = dbBlock.connectionString ?? `${bindingName}_URL`;
-    const connectionString = hyperdrive?.connectionString ?? (envRecord[envKey] as string | undefined);
-    if (!connectionString) {
-      throw new Error(`PostgreSQL connection '${envKey}' not found.`);
-    }
-
-    const localDevOptions = getLocalDevPostgresExecOptions(env as unknown as Record<string, unknown>, namespace);
-    if (localDevOptions) {
-      await ensureLocalDevPostgresSchema(localDevOptions);
-    }
-    return withPostgresConnection(connectionString, async (query) => {
-      if (!localDevOptions) {
-        await ensurePgSchema(connectionString, namespace, dbBlock.tables ?? {}, query);
-      }
-      return query(sql, params);
-    }, localDevOptions);
-  }
-
-  if (!id && shouldRouteToD1(namespace, config)) {
-    const bindingName = getD1BindingName(namespace);
-    const d1 = (env as unknown as Record<string, unknown>)[bindingName] as D1Database | undefined;
-    if (!d1) {
-      throw new Error(`D1 binding '${bindingName}' not found.`);
-    }
-    const result = await executeD1Sql(d1, sql, params);
-    const rows = result.rows;
-    return {
-      columns: rows.length > 0 ? Object.keys(rows[0]) : [],
-      rows,
-      rowCount: result.rowCount,
-    };
-  }
-
-  const rows = await executeDoSql({
-    databaseNamespace: env.DATABASE,
+  return executeProviderAwareSql(
+    {
+      env,
+      config,
+      databaseNamespace: env.DATABASE,
+    },
     namespace,
     id,
-    query: sql,
+    sql,
     params,
-  });
-  return {
-    columns: rows.length > 0 ? Object.keys(rows[0]) : [],
-    rows,
-    rowCount: rows.length,
-  };
+  );
 }
 
 export async function resolveAdminInstanceOptions({
@@ -245,7 +197,11 @@ export async function resolveAdminInstanceOptions({
   const sourceLimit = clampLimit(discovery.limit, 12);
   const effectiveLimit = Math.min(requestedLimit, sourceLimit);
   const sourceDbBlock = config.databases?.[sourceNamespace];
-  const usesPostgres = Boolean(sourceDbBlock && !isDynamicDbBlock(sourceDbBlock) && (sourceDbBlock.provider === 'neon' || sourceDbBlock.provider === 'postgres'));
+  const usesPostgres = Boolean(
+    sourceDbBlock &&
+    !isDynamicDbBlock(sourceDbBlock) &&
+    (sourceDbBlock.provider === 'neon' || sourceDbBlock.provider === 'postgres'),
+  );
   const idField = discovery.idField ?? 'id';
   const labelField = discovery.labelField;
   const descriptionField = discovery.descriptionField;
@@ -254,14 +210,14 @@ export async function resolveAdminInstanceOptions({
   const aliasId = '__edgebase_id';
   const aliasLabel = '__edgebase_label';
   const aliasDescription = '__edgebase_description';
-  const selectParts = [
-    `${quoteIdentifier(idField)} AS ${quoteIdentifier(aliasId)}`,
-  ];
+  const selectParts = [`${quoteIdentifier(idField)} AS ${quoteIdentifier(aliasId)}`];
   if (labelField) {
     selectParts.push(`${quoteIdentifier(labelField)} AS ${quoteIdentifier(aliasLabel)}`);
   }
   if (descriptionField) {
-    selectParts.push(`${quoteIdentifier(descriptionField)} AS ${quoteIdentifier(aliasDescription)}`);
+    selectParts.push(
+      `${quoteIdentifier(descriptionField)} AS ${quoteIdentifier(aliasDescription)}`,
+    );
   }
 
   const params: unknown[] = [];