@flink-app/management-api-plugin 0.12.1-alpha.23 → 0.12.1-alpha.33

package/.flink/generatedHandlers.ts

@@ -1,4 +1,4 @@
-// Generated Mon Aug 25 2025 11:28:38 GMT+0200 (Central European Summer Time)
+// Generated Fri Oct 24 2025 08:13:55 GMT+0200 (Central European Summer Time)
 import { autoRegisteredHandlers, HttpMethod } from "@flink-app/flink";
 import * as GetManagement_0 from "../src/handlers/Management/GetManagement";
 import * as DeleteByUserid_0 from "../src/handlers/User/DeleteByUserid";

package/.flink/generatedJobs.ts

@@ -1,4 +1,4 @@
-// Generated Mon Aug 25 2025 11:28:38 GMT+0200 (Central European Summer Time)
+// Generated Fri Oct 24 2025 08:13:55 GMT+0200 (Central European Summer Time)
 import { autoRegisteredJobs } from "@flink-app/flink";
 export const jobs = [];
 autoRegisteredJobs.push(...jobs);

package/.flink/generatedRepos.ts

@@ -1,4 +1,4 @@
-// Generated Mon Aug 25 2025 11:28:38 GMT+0200 (Central European Summer Time)
+// Generated Fri Oct 24 2025 08:13:55 GMT+0200 (Central European Summer Time)
   import { autoRegisteredRepos } from "@flink-app/flink";
 import ManagementUserRepo from "../src/repos/ManagementUserRepo";
 

package/.flink/schemas/schemas.ts

@@ -15,7 +15,7 @@ import { PostUserLoginRes } from "../../src/schemas/User/PostLoginRes";
 import { PutUserByUseridReq } from "../../src/schemas/User/PutByUseridReq";
 import { PutUserByUseridRes } from "../../src/schemas/User/PutByUseridRes";
 
-// Generated Mon Aug 25 2025 11:28:38 GMT+0200 (Central European Summer Time)
+// Generated Fri Oct 24 2025 08:13:55 GMT+0200 (Central European Summer Time)
 export interface GetManagement_6_ReqSchema extends GetManagementReq {}
 
 export interface GetManagement_6_ResSchema extends GetManagementRes {}

package/.flink/start.ts

@@ -1,4 +1,4 @@
-// Generated Mon Aug 25 2025 11:28:38 GMT+0200 (Central European Summer Time)
+// Generated Fri Oct 24 2025 08:13:55 GMT+0200 (Central European Summer Time)
 import "./generatedHandlers";
 import "./generatedRepos";
 import "./generatedJobs";

package/dist/.flink/generatedHandlers.js

@@ -24,7 +24,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.handlers = void 0;
-// Generated Mon Aug 25 2025 11:28:38 GMT+0200 (Central European Summer Time)
+// Generated Fri Oct 24 2025 08:13:55 GMT+0200 (Central European Summer Time)
 var flink_1 = require("@flink-app/flink");
 var DeleteByUserid_0 = __importStar(require("../src/handlers/User/DeleteByUserid"));
 var GetByUserid_1 = __importStar(require("../src/handlers/User/GetByUserid"));

package/dist/.flink/generatedJobs.js

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.jobs = void 0;
-// Generated Mon Aug 25 2025 11:28:38 GMT+0200 (Central European Summer Time)
+// Generated Fri Oct 24 2025 08:13:55 GMT+0200 (Central European Summer Time)
 var flink_1 = require("@flink-app/flink");
 exports.jobs = [];
 flink_1.autoRegisteredJobs.push.apply(flink_1.autoRegisteredJobs, exports.jobs);

package/dist/.flink/generatedRepos.js

@@ -4,7 +4,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.repos = void 0;
-// Generated Mon Aug 25 2025 11:28:38 GMT+0200 (Central European Summer Time)
+// Generated Fri Oct 24 2025 08:13:55 GMT+0200 (Central European Summer Time)
 var flink_1 = require("@flink-app/flink");
 var ManagementUserRepo_1 = __importDefault(require("../src/repos/ManagementUserRepo"));
 exports.repos = [{ collectionName: "managementuser", repoInstanceName: "managementUserRepo", Repo: ManagementUserRepo_1.default }];

package/dist/.flink/start.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-// Generated Mon Aug 25 2025 11:28:38 GMT+0200 (Central European Summer Time)
+// Generated Fri Oct 24 2025 08:13:55 GMT+0200 (Central European Summer Time)
 require("./generatedHandlers");
 require("./generatedRepos");
 require("./generatedJobs");

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@flink-app/management-api-plugin",
-    "version": "0.12.1-alpha.23",
+    "version": "0.12.1-alpha.33",
     "description": "Flink plugin that makes it possible to expose management api:s for other plugins",
     "scripts": {
         "test": "echo \"Error: no test specified\"",
@@ -30,5 +30,5 @@
         "ts-node": "^9.1.1",
         "typescript": "5.4.5"
     },
-    "gitHead": "ab25ba2532fd79e5452390591c1899fbe3eae230"
+    "gitHead": "eec3a22c21db0e7fec84190bf7a74c1e430e5ec4"
 }

package/readme.md

@@ -1,51 +1,202 @@
-# Flink API Docs
+# @flink-app/management-api-plugin
 
-**WORK IN PROGRESS 👷‍♀️👷🏻‍♂️**
+A Flink plugin that provides a secure management API system with built-in user authentication and module registration. This plugin enables other plugins to expose their own management endpoints through a centralized API.
 
-A FLINK plugin that lets you expose management api:s for other plugins.
+## Features
 
-Other plugins must be able to generate a ManagementApiModule that can be registered with this plugin to expose management apis.
+- Built-in user management system with authentication
+- JWT-based token authentication
+- Module-based architecture for extensibility
+- Token or JWT authentication for all endpoints
+- Automatic endpoint registration for modules
+- MongoDB-backed user storage
+- Password hashing with bcrypt
 
-## Usage
-
-Install plugin to your flink app project:
+## Installation
 
-```
-npm i -S @flink-app/management-api-plugin
+```bash
+npm install @flink-app/management-api-plugin
 ```
 
-Add and configure plugin in your app startup (probable the `index.ts` in root project):
+## Usage
 
-```
-import { managementApiPlugin } from "@flink-app/management-api-plugin";
+### Basic Setup
 
+```typescript
+import { FlinkApp } from "@flink-app/flink";
+import { managementApiPlugin } from "@flink-app/management-api-plugin";
 
 function start() {
   new FlinkApp<AppContext>({
     name: "My app",
     plugins: [
-        // Register plugin
-        managementApiPlugin({
-          token : "SECRET_TOKEN_USED_TO_COMMUNICATE_WITH_THE_API",
-          jwtSecret : "JWT_SECRET_USED_TO_GENERATE_LOGGED_IN_TOKENS",
-          modules : []
-        })
+      managementApiPlugin({
+        token: "SECRET_TOKEN_USED_TO_COMMUNICATE_WITH_THE_API",
+        jwtSecret: "JWT_SECRET_USED_TO_GENERATE_LOGGED_IN_TOKENS",
+        modules: [],
+        baseUrl: "/managementapi", // optional, defaults to /managementapi
+      }),
     ],
   }).start();
 }
 ```
 
-## Communicating with the management api
+## Configuration Options
+
+- `token` (required): Master token for initial authentication and user creation
+- `jwtSecret` (required): Secret key for JWT token generation and verification
+- `modules` (required): Array of management API modules to register
+- `baseUrl` (optional): Base URL for all management API endpoints (defaults to `/managementapi`)
+
+## Authentication
+
+The management API supports two authentication methods:
+
+1. **Master Token**: Use the `token` specified during plugin initialization
+2. **JWT Token**: Login with a management user to receive a JWT token
+
+All requests (except login) must include one of these tokens in the `management-token` header.
+
+## Built-in User Management
 
-To work with the management api you must in the http header `management-token` send either the `token` specified when register the plugin or a user login token.
+The plugin includes a complete user management system:
 
-The management API have it's own users system, where you might add, edit or remove management users.
+### Endpoints
 
-To create a first user to your management api make a POST request to /managementapi/managementapiuser with http-header management-token set to the specified token.
+- `POST /managementapi/managementapiuser` - Create new user
+- `POST /managementapi/managementapiuser/login` - Login and receive JWT token
+- `GET /managementapi/managementapiuser` - List all users
+- `GET /managementapi/managementapiuser/me` - Get current user info
+- `GET /managementapi/managementapiuser/:userid` - Get user by ID
+- `PUT /managementapi/managementapiuser/:userid` - Update user
+- `DELETE /managementapi/managementapiuser/:userid` - Delete user
 
+### Creating Your First User
+
+To create the initial management user, make a POST request with the master token:
+
+```bash
+curl 'https://YOUR-API-URL/managementapi/managementapiuser' \
+  -H 'management-token: SECRET_TOKEN_USED_TO_COMMUNICATE_WITH_THE_API' \
+  -H 'Content-Type: application/json' \
+  --data-raw '{"username":"admin","password":"secure_password"}'
 ```
-curl 'https://URL-TO-YOUR-API/managementapi/managementapiuser' \
-    -H 'management-token: SECRET_TOKEN_USED_TO_COMMUNICATE_WITH_THE_API' \
-  -H 'Content-Type: application/json;charset=UTF-8' \
-  --data-raw '{"username":"test","password":"test"}'
+
+### Logging In
+
+```bash
+curl 'https://YOUR-API-URL/managementapi/managementapiuser/login' \
+  -H 'Content-Type: application/json' \
+  --data-raw '{"username":"admin","password":"secure_password"}'
 ```
+
+This returns a JWT token that can be used in the `management-token` header for subsequent requests.
+
+## Creating Management Modules
+
+Other plugins can create management modules that get registered with this plugin:
+
+```typescript
+import { ManagementApiModule, ManagementApiType } from "@flink-app/management-api-plugin";
+import { HttpMethod } from "@flink-app/flink";
+
+const myModule: ManagementApiModule = {
+  id: "my-module",
+  type: ManagementApiType.custom, // or other types
+  ui: true,
+  uiSettings: {
+    title: "My Module",
+    icon: "",
+    features: [],
+  },
+  endpoints: [
+    {
+      handler: myHandler,
+      routeProps: {
+        method: HttpMethod.get,
+        path: "/list",
+        docs: "List all items",
+      },
+    },
+  ],
+  data: {},
+};
+
+// Register with management API plugin
+managementApiPlugin({
+  token: "...",
+  jwtSecret: "...",
+  modules: [myModule],
+});
+```
+
+## Module Types
+
+The plugin supports different module types via `ManagementApiType`:
+
+- `managementUser` - User management (built-in)
+- `action` - Action modules (used by management-actions-plugin)
+- Custom types can be defined
+
+## API Endpoints
+
+### Get Management API Info
+
+```
+GET /managementapi
+```
+
+Returns information about all registered modules and their configuration.
+
+## TypeScript Support
+
+The plugin includes full TypeScript definitions. To use the plugin context in your application:
+
+```typescript
+import { managementApiPluginContext } from "@flink-app/management-api-plugin";
+
+interface MyContext extends FlinkContext<managementApiPluginContext> {
+  // your context
+}
+```
+
+## Database Requirements
+
+This plugin requires MongoDB to be configured in your Flink app for user management. The plugin automatically creates a `ManagementUserRepo` repository.
+
+## Security Notes
+
+- Always use strong, unique values for `token` and `jwtSecret`
+- Store secrets in environment variables, never commit them to source control
+- The master token provides full access - protect it carefully
+- User passwords are automatically hashed using bcrypt
+- The login endpoint is the only endpoint that doesn't require authentication
+
+## Example Integration with Management Actions Plugin
+
+```typescript
+import { managementApiPlugin } from "@flink-app/management-api-plugin";
+import { GetManagementModule } from "@flink-app/management-actions-plugin";
+
+const actionsModule = GetManagementModule({
+  ui: true,
+  uiSettings: { title: "Actions" },
+  actions: [
+    // your actions
+  ],
+});
+
+new FlinkApp<AppContext>({
+  plugins: [
+    managementApiPlugin({
+      token: process.env.MANAGEMENT_TOKEN!,
+      jwtSecret: process.env.JWT_SECRET!,
+      modules: [actionsModule],
+    }),
+  ],
+}).start();
+```
+
+## License
+
+MIT