npm - @etus/bhono-app - Versions diffs - 0.1.5 → 0.1.7 - Mend

@etus/bhono-app 0.1.5 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (300) hide show

package/templates/base/src/server/db/schema/accounts.ts DELETED Viewed

@@ -1,20 +0,0 @@
-// src/db/schema/accounts.ts
-import { sqliteTable, text } from 'drizzle-orm/sqlite-core'
-import { sql } from 'drizzle-orm'
-export const accounts = sqliteTable('accounts', {
-  id: text('id')
-    .primaryKey()
-    .$defaultFn(() => crypto.randomUUID()),
-  name: text('name').notNull(),
-  description: text('description'),
-  domain: text('domain').unique(),
-  // Soft delete fields
-  createdAt: text('created_at').default(sql`(datetime('now'))`).notNull(),
-  updatedAt: text('updated_at').default(sql`(datetime('now'))`).notNull(),
-  deletedAt: text('deleted_at'),
-})
-export type AccountRecord = typeof accounts.$inferSelect
-export type NewAccount = typeof accounts.$inferInsert

package/templates/base/src/server/db/schema/audit-logs.ts DELETED Viewed

@@ -1,26 +0,0 @@
-// src/db/schema/audit-logs.ts
-import { sqliteTable, text } from 'drizzle-orm/sqlite-core'
-import { sql } from 'drizzle-orm'
-import { users } from './users'
-import { accounts } from './accounts'
-export const auditLogs = sqliteTable('audit_logs', {
-  id: text('id')
-    .primaryKey()
-    .$defaultFn(() => crypto.randomUUID()),
-  transactionId: text('transaction_id').notNull(),
-  accountId: text('account_id').references(() => accounts.id),
-  userId: text('user_id').references(() => users.id),
-  entity: text('entity').notNull(),
-  entityId: text('entity_id').notNull(),
-  action: text('action', {
-    enum: ['INSERT', 'UPDATE', 'DELETE', 'LOGIN', 'LOGOUT', 'SIGNUP', 'TOKEN_REFRESH', 'LOGIN_FAILED']
-  }).notNull(),
-  changes: text('changes', { mode: 'json' }).$type<Record<string, unknown>>(),
-  ipAddress: text('ip_address'),
-  userAgent: text('user_agent'),
-  timestamp: text('timestamp').default(sql`(datetime('now'))`).notNull(),
-})
-export type AuditLogRecord = typeof auditLogs.$inferSelect
-export type NewAuditLog = typeof auditLogs.$inferInsert

package/templates/base/src/server/db/schema/index.ts DELETED Viewed

@@ -1,7 +0,0 @@
-// src/db/schema/index.ts
-export * from './users'
-export * from './accounts'
-export * from './user-accounts'
-export * from './audit-logs'
-export * from './refresh-tokens'
-export * from './invitations'

package/templates/base/src/server/db/schema/invitations.ts DELETED Viewed

@@ -1,30 +0,0 @@
-// src/db/schema/invitations.ts
-import { sqliteTable, text, uniqueIndex } from 'drizzle-orm/sqlite-core'
-import { sql } from 'drizzle-orm'
-import { accounts } from './accounts'
-import { users } from './users'
-export const invitations = sqliteTable('invitations', {
-  id: text('id')
-    .primaryKey()
-    .$defaultFn(() => crypto.randomUUID()),
-  accountId: text('account_id')
-    .notNull()
-    .references(() => accounts.id, { onDelete: 'cascade' }),
-  email: text('email').notNull(),
-  role: text('role', {
-    enum: ['ADMIN', 'MANAGER', 'EDITOR', 'AUTHOR', 'VIEWER', 'BILLING', 'ANALYTICS'],
-  }).notNull(),
-  token: text('token').notNull().unique(),
-  invitedById: text('invited_by_id')
-    .notNull()
-    .references(() => users.id),
-  expiresAt: text('expires_at').notNull(),
-  acceptedAt: text('accepted_at'),
-  createdAt: text('created_at').default(sql`(datetime('now'))`).notNull(),
-}, (table) => [
-  uniqueIndex('account_email_idx').on(table.accountId, table.email),
-])
-export type InvitationRecord = typeof invitations.$inferSelect
-export type NewInvitation = typeof invitations.$inferInsert

package/templates/base/src/server/db/schema/refresh-tokens.ts DELETED Viewed

@@ -1,22 +0,0 @@
-// src/db/schema/refresh-tokens.ts
-import { sqliteTable, text, integer } from 'drizzle-orm/sqlite-core'
-import { sql } from 'drizzle-orm'
-import { users } from './users'
-export const refreshTokens = sqliteTable('refresh_tokens', {
-  id: text('id')
-    .primaryKey()
-    .$defaultFn(() => crypto.randomUUID()),
-  userId: text('user_id')
-    .notNull()
-    .references(() => users.id, { onDelete: 'cascade' }),
-  tokenHash: text('token_hash').notNull(),
-  expiresAt: integer('expires_at', { mode: 'timestamp' }).notNull(),
-  createdAt: integer('created_at', { mode: 'timestamp' })
-    .notNull()
-    .default(sql`(unixepoch())`),
-  revokedAt: integer('revoked_at', { mode: 'timestamp' }),
-})
-export type RefreshTokenRecord = typeof refreshTokens.$inferSelect
-export type NewRefreshToken = typeof refreshTokens.$inferInsert

package/templates/base/src/server/db/schema/user-accounts.ts DELETED Viewed

@@ -1,25 +0,0 @@
-// src/db/schema/user-accounts.ts
-import { sqliteTable, text, primaryKey } from 'drizzle-orm/sqlite-core'
-import { users } from './users'
-import { accounts } from './accounts'
-export const userAccounts = sqliteTable(
-  'user_accounts',
-  {
-    userId: text('user_id')
-      .notNull()
-      .references(() => users.id, { onDelete: 'cascade' }),
-    accountId: text('account_id')
-      .notNull()
-      .references(() => accounts.id, { onDelete: 'cascade' }),
-    role: text('role', {
-      enum: ['ADMIN', 'MANAGER', 'EDITOR', 'AUTHOR', 'VIEWER', 'BILLING', 'ANALYTICS'],
-    }).notNull(),
-  },
-  (table) => [
-    primaryKey({ columns: [table.userId, table.accountId] }),
-  ]
-)
-export type UserAccountRecord = typeof userAccounts.$inferSelect
-export type NewUserAccount = typeof userAccounts.$inferInsert

package/templates/base/src/server/db/schema/users.ts DELETED Viewed

@@ -1,33 +0,0 @@
-// src/db/schema/users.ts
-import { sqliteTable, text, integer, type AnySQLiteColumn } from 'drizzle-orm/sqlite-core'
-import { sql } from 'drizzle-orm'
-export const users = sqliteTable('users', {
-  id: text('id')
-    .primaryKey()
-    .$defaultFn(() => crypto.randomUUID()),
-  googleId: text('google_id').notNull().unique(),
-  email: text('email').notNull(),
-  name: text('name').notNull(),
-  avatarUrl: text('avatar_url'),
-  status: text('status', { enum: ['active', 'inactive'] })
-    .default('active')
-    .notNull(),
-  providerIds: text('provider_ids', { mode: 'json' })
-    .$type<string[]>()
-    .default([]),
-  isSuperAdmin: integer('is_super_admin', { mode: 'boolean' })
-    .default(false)
-    .notNull(),
-  // Soft delete + audit fields
-  createdAt: text('created_at').default(sql`(datetime('now'))`).notNull(),
-  updatedAt: text('updated_at').default(sql`(datetime('now'))`).notNull(),
-  deletedAt: text('deleted_at'),
-  createdById: text('created_by_id').references((): AnySQLiteColumn => users.id),
-  updatedById: text('updated_by_id').references((): AnySQLiteColumn => users.id),
-  deletedById: text('deleted_by_id').references((): AnySQLiteColumn => users.id),
-})
-export type UserRecord = typeof users.$inferSelect
-export type NewUser = typeof users.$inferInsert

package/templates/base/src/server/lib/audited-db.test.ts DELETED Viewed

@@ -1,107 +0,0 @@
-// src/server/lib/audited-db.test.ts
-import { describe, it, expect, vi, beforeEach } from 'vitest'
-import { auditedInsert, auditedUpdate, auditedDelete } from './audited-db'
-import type { ServiceContext } from '../types'
-// Mock database and table
-const mockDb = {
-  insert: vi.fn(),
-  update: vi.fn(),
-  delete: vi.fn(),
-  select: vi.fn(),
-}
-const mockTable = {
-  _: { name: 'users' },
-} as any
-const mockCtx: ServiceContext = {
-  accountId: 'account-123',
-  user: {
-    id: 'user-123',
-    email: 'test@example.com',
-    name: 'Test User',
-    status: 'active',
-    providerIds: [],
-    isSuperAdmin: false,
-    createdAt: '2024-01-01',
-    updatedAt: '2024-01-01',
-    deletedAt: null,
-  },
-  transactionId: 'tx-123',
-  ip: '127.0.0.1',
-  userAgent: 'test-agent',
-}
-describe('audited-db', () => {
-  beforeEach(() => {
-    vi.clearAllMocks()
-  })
-  describe('auditedInsert', () => {
-    it('should insert data and return result', async () => {
-      const insertedData = { id: 'new-123', name: 'Test' }
-      const mockReturning = vi.fn().mockResolvedValue([insertedData])
-      const mockValues = vi.fn().mockReturnValue({ returning: mockReturning })
-      mockDb.insert.mockReturnValue({ values: mockValues })
-      const result = await auditedInsert(mockDb as any, mockCtx, mockTable, { name: 'Test' })
-      expect(result).toEqual([insertedData])
-      expect(mockDb.insert).toHaveBeenCalledWith(mockTable)
-    })
-    it('should log audit after insert', async () => {
-      const insertedData = { id: 'new-123', name: 'Test' }
-      const mockReturning = vi.fn().mockResolvedValue([insertedData])
-      const mockValues = vi.fn().mockReturnValue({ returning: mockReturning })
-      mockDb.insert.mockReturnValue({ values: mockValues })
-      await auditedInsert(mockDb as any, mockCtx, mockTable, { name: 'Test' })
-      // Verify insert was called (audit logging happens internally)
-      expect(mockDb.insert).toHaveBeenCalled()
-    })
-  })
-  describe('auditedUpdate', () => {
-    it('should update data and return result', async () => {
-      const updatedData = { id: 'existing-123', name: 'Updated' }
-      const mockReturning = vi.fn().mockResolvedValue([updatedData])
-      const mockWhere = vi.fn().mockReturnValue({ returning: mockReturning })
-      const mockSet = vi.fn().mockReturnValue({ where: mockWhere })
-      mockDb.update.mockReturnValue({ set: mockSet })
-      // Mock select for getting old data
-      const mockLimit = vi.fn().mockResolvedValue([{ id: 'existing-123', name: 'Old' }])
-      const mockSelectWhere = vi.fn().mockReturnValue({ limit: mockLimit })
-      const mockFrom = vi.fn().mockReturnValue({ where: mockSelectWhere })
-      mockDb.select.mockReturnValue({ from: mockFrom })
-      const whereClause = {} as any
-      const result = await auditedUpdate(
-        mockDb as any,
-        mockCtx,
-        mockTable,
-        { name: 'Updated' },
-        whereClause
-      )
-      expect(result).toEqual([updatedData])
-    })
-  })
-  describe('auditedDelete', () => {
-    it('should soft delete and return void', async () => {
-      const mockReturning = vi.fn().mockResolvedValue([{ id: 'deleted-123' }])
-      const mockWhere = vi.fn().mockReturnValue({ returning: mockReturning })
-      const mockSet = vi.fn().mockReturnValue({ where: mockWhere })
-      mockDb.update.mockReturnValue({ set: mockSet })
-      const whereClause = {} as any
-      await auditedDelete(mockDb as any, mockCtx, mockTable, whereClause)
-      expect(mockDb.update).toHaveBeenCalledWith(mockTable)
-    })
-  })
-})

package/templates/base/src/server/lib/schema-helpers.ts DELETED Viewed

@@ -1,16 +0,0 @@
-// src/lib/schema-helpers.ts
-import { text, type AnySQLiteColumn } from 'drizzle-orm/sqlite-core'
-import { sql } from 'drizzle-orm'
-export const softDeleteFields = {
-  createdAt: text('created_at').default(sql`(datetime('now'))`).notNull(),
-  updatedAt: text('updated_at').default(sql`(datetime('now'))`).notNull(),
-  deletedAt: text('deleted_at'),
-}
-export const createInteractiveFields = (usersTableRef: () => AnySQLiteColumn) => ({
-  ...softDeleteFields,
-  createdById: text('created_by_id').references(usersTableRef),
-  updatedById: text('updated_by_id').references(usersTableRef),
-  deletedById: text('deleted_by_id').references(usersTableRef),
-})

package/templates/base/src/server/middleware/auth.test.ts DELETED Viewed

@@ -1,345 +0,0 @@
-// src/server/middleware/auth.test.ts
-import { describe, it, expect, vi, beforeEach } from 'vitest'
-import { Hono } from 'hono'
-import { sessionAuth, jwtAuth } from './auth'
-import { createUserFixture, createInactiveUserFixture } from '../__tests__/fixtures'
-// Mock the session module
-vi.mock('../lib/session', () => ({
-  getSession: vi.fn(),
-}))
-// Mock hono/jwt
-vi.mock('hono/jwt', () => ({
-  verify: vi.fn(),
-}))
-import { getSession } from '../lib/session'
-import { verify } from 'hono/jwt'
-describe('sessionAuth', () => {
-  beforeEach(() => {
-    vi.clearAllMocks()
-  })
-  const createApp = () => {
-    const app = new Hono()
-    // Setup mock db in context
-    app.use('*', async (c, next) => {
-      c.set('db', mockDb)
-      await next()
-    })
-    app.use('*', sessionAuth)
-    app.get('/test', (c) => {
-      const user = c.get('user')
-      return c.json({ success: true, user })
-    })
-    return app
-  }
-  // Create mock database
-  let mockDb: any
-  beforeEach(() => {
-    mockDb = {
-      select: vi.fn().mockReturnThis(),
-      from: vi.fn().mockReturnThis(),
-      where: vi.fn().mockReturnThis(),
-      limit: vi.fn(),
-    }
-  })
-  it('calls next() when valid session exists', async () => {
-    const testUser = createUserFixture({ id: 'user-123', email: 'test@example.com' })
-    // Mock session exists
-    vi.mocked(getSession).mockReturnValue({
-      userId: 'user-123',
-      email: 'test@example.com',
-      name: 'Test User',
-      isSuperAdmin: false,
-    })
-    // Mock db returns user
-    mockDb.limit.mockResolvedValue([testUser])
-    const app = createApp()
-    const res = await app.request('/test')
-    const body = await res.json()
-    expect(res.status).toBe(200)
-    expect(body.success).toBe(true)
-    expect(body.user.id).toBe('user-123')
-  })
-  it('throws 401 when no session', async () => {
-    vi.mocked(getSession).mockReturnValue(null)
-    const app = createApp()
-    const res = await app.request('/test')
-    expect(res.status).toBe(401)
-  })
-  it('throws 401 when user not found', async () => {
-    vi.mocked(getSession).mockReturnValue({
-      userId: 'nonexistent-user',
-      email: 'test@example.com',
-      name: 'Test User',
-      isSuperAdmin: false,
-    })
-    // Mock db returns empty array (user not found)
-    mockDb.limit.mockResolvedValue([])
-    const app = createApp()
-    const res = await app.request('/test')
-    expect(res.status).toBe(401)
-  })
-  it('throws 401 when user is inactive', async () => {
-    const inactiveUser = createInactiveUserFixture({ id: 'user-123' })
-    vi.mocked(getSession).mockReturnValue({
-      userId: 'user-123',
-      email: 'test@example.com',
-      name: 'Test User',
-      isSuperAdmin: false,
-    })
-    // Mock db returns inactive user
-    mockDb.limit.mockResolvedValue([inactiveUser])
-    const app = createApp()
-    const res = await app.request('/test')
-    expect(res.status).toBe(401)
-  })
-  it('sets user in context with correct fields', async () => {
-    const testUser = createUserFixture({
-      id: 'user-123',
-      email: 'test@example.com',
-      name: 'Test User',
-      status: 'active',
-      providerIds: ['google', 'github'],
-      isSuperAdmin: true,
-    })
-    vi.mocked(getSession).mockReturnValue({
-      userId: 'user-123',
-      email: 'test@example.com',
-      name: 'Test User',
-      isSuperAdmin: true,
-    })
-    mockDb.limit.mockResolvedValue([testUser])
-    const app = createApp()
-    const res = await app.request('/test')
-    const body = await res.json()
-    expect(res.status).toBe(200)
-    expect(body.user).toMatchObject({
-      id: 'user-123',
-      email: 'test@example.com',
-      name: 'Test User',
-      status: 'active',
-      providerIds: ['google', 'github'],
-      isSuperAdmin: true,
-    })
-  })
-})
-describe('jwtAuth', () => {
-  beforeEach(() => {
-    vi.clearAllMocks()
-  })
-  // Create mock database
-  let mockDb: any
-  beforeEach(() => {
-    mockDb = {
-      select: vi.fn().mockReturnThis(),
-      from: vi.fn().mockReturnThis(),
-      where: vi.fn().mockReturnThis(),
-      limit: vi.fn(),
-    }
-  })
-  const createApp = () => {
-    const app = new Hono<{ Bindings: { JWT_SECRET: string } }>()
-    // Setup mock db and env in context
-    app.use('*', async (c, next) => {
-      c.set('db', mockDb)
-      ;(c.env as any) = { JWT_SECRET: 'test-secret' }
-      await next()
-    })
-    app.use('*', jwtAuth)
-    app.get('/test', (c) => {
-      const user = c.get('user')
-      return c.json({ success: true, user })
-    })
-    return app
-  }
-  it('calls next() when valid JWT provided', async () => {
-    const testUser = createUserFixture({ id: 'user-123', email: 'test@example.com' })
-    // Mock JWT verification
-    vi.mocked(verify).mockResolvedValue({
-      sub: 'user-123',
-      email: 'test@example.com',
-      iat: Date.now(),
-      exp: Date.now() + 3600000,
-    })
-    // Mock db returns user
-    mockDb.limit.mockResolvedValue([testUser])
-    const app = createApp()
-    const res = await app.request('/test', {
-      headers: { Authorization: 'Bearer valid-token' },
-    })
-    const body = await res.json()
-    expect(res.status).toBe(200)
-    expect(body.success).toBe(true)
-    expect(body.user.id).toBe('user-123')
-  })
-  it('throws 401 when Authorization header missing', async () => {
-    const app = createApp()
-    const res = await app.request('/test')
-    expect(res.status).toBe(401)
-  })
-  it('throws 401 when Authorization header format invalid', async () => {
-    const app = createApp()
-    // Test with wrong scheme
-    const res1 = await app.request('/test', {
-      headers: { Authorization: 'Basic some-token' },
-    })
-    expect(res1.status).toBe(401)
-    // Test with no token
-    const res2 = await app.request('/test', {
-      headers: { Authorization: 'Bearer ' },
-    })
-    expect(res2.status).toBe(401)
-    // Test with Bearer only
-    const res3 = await app.request('/test', {
-      headers: { Authorization: 'Bearer' },
-    })
-    expect(res3.status).toBe(401)
-  })
-  it('throws 401 when JWT invalid/expired', async () => {
-    // Mock JWT verification to throw error
-    vi.mocked(verify).mockRejectedValue(new Error('Invalid token'))
-    const app = createApp()
-    const res = await app.request('/test', {
-      headers: { Authorization: 'Bearer invalid-token' },
-    })
-    expect(res.status).toBe(401)
-  })
-  it('throws 401 when payload missing sub', async () => {
-    // Mock JWT verification without sub claim
-    vi.mocked(verify).mockResolvedValue({
-      email: 'test@example.com',
-      iat: Date.now(),
-      exp: Date.now() + 3600000,
-    })
-    const app = createApp()
-    const res = await app.request('/test', {
-      headers: { Authorization: 'Bearer token-without-sub' },
-    })
-    expect(res.status).toBe(401)
-  })
-  it('throws 401 when user not found', async () => {
-    vi.mocked(verify).mockResolvedValue({
-      sub: 'nonexistent-user',
-      email: 'test@example.com',
-      iat: Date.now(),
-      exp: Date.now() + 3600000,
-    })
-    // Mock db returns empty array
-    mockDb.limit.mockResolvedValue([])
-    const app = createApp()
-    const res = await app.request('/test', {
-      headers: { Authorization: 'Bearer valid-token' },
-    })
-    expect(res.status).toBe(401)
-  })
-  it('throws 401 when user is inactive', async () => {
-    const inactiveUser = createInactiveUserFixture({ id: 'user-123' })
-    vi.mocked(verify).mockResolvedValue({
-      sub: 'user-123',
-      email: 'test@example.com',
-      iat: Date.now(),
-      exp: Date.now() + 3600000,
-    })
-    // Mock db returns inactive user
-    mockDb.limit.mockResolvedValue([inactiveUser])
-    const app = createApp()
-    const res = await app.request('/test', {
-      headers: { Authorization: 'Bearer valid-token' },
-    })
-    expect(res.status).toBe(401)
-  })
-  it('sets user in context with correct fields', async () => {
-    const testUser = createUserFixture({
-      id: 'user-123',
-      email: 'test@example.com',
-      name: 'Test User',
-      status: 'active',
-      providerIds: ['google'],
-      isSuperAdmin: false,
-    })
-    vi.mocked(verify).mockResolvedValue({
-      sub: 'user-123',
-      email: 'test@example.com',
-      iat: Date.now(),
-      exp: Date.now() + 3600000,
-    })
-    mockDb.limit.mockResolvedValue([testUser])
-    const app = createApp()
-    const res = await app.request('/test', {
-      headers: { Authorization: 'Bearer valid-token' },
-    })
-    const body = await res.json()
-    expect(res.status).toBe(200)
-    expect(body.user).toMatchObject({
-      id: 'user-123',
-      email: 'test@example.com',
-      name: 'Test User',
-      status: 'active',
-      providerIds: ['google'],
-      isSuperAdmin: false,
-    })
-  })
-})