@iskra-bun/web-kit 0.1.0

package/src/features/auth/schema.ts

@@ -0,0 +1,174 @@
+import { pgTable, text, timestamp, boolean } from "drizzle-orm/pg-core";
+import { mysqlTable, varchar, timestamp as mysqlTimestamp, boolean as mysqlBoolean, text as mysqlText } from "drizzle-orm/mysql-core";
+import { sqliteTable, text as sqliteText, integer } from "drizzle-orm/sqlite-core";
+
+// ==========================================
+// PostgreSQL Schema
+// ==========================================
+
+export const pgUser = pgTable("user", {
+    id: text("id").primaryKey(),
+    name: text("name"),
+    email: text("email").notNull().unique(),
+    emailVerified: boolean("emailVerified").notNull(),
+    image: text("image"),
+    createdAt: timestamp("createdAt").notNull(),
+    updatedAt: timestamp("updatedAt").notNull()
+});
+
+export const pgSession = pgTable("session", {
+    id: text("id").primaryKey(),
+    expiresAt: timestamp("expiresAt").notNull(),
+    token: text("token").notNull().unique(),
+    createdAt: timestamp("createdAt").notNull(),
+    updatedAt: timestamp("updatedAt").notNull(),
+    ipAddress: text("ipAddress"),
+    userAgent: text("userAgent"),
+    userId: text("userId").notNull().references(() => pgUser.id)
+});
+
+export const pgAccount = pgTable("account", {
+    id: text("id").primaryKey(),
+    accountId: text("accountId").notNull(),
+    providerId: text("providerId").notNull(),
+    userId: text("userId").notNull().references(() => pgUser.id),
+    accessToken: text("accessToken"),
+    refreshToken: text("refreshToken"),
+    idToken: text("idToken"),
+    accessTokenExpiresAt: timestamp("accessTokenExpiresAt"),
+    refreshTokenExpiresAt: timestamp("refreshTokenExpiresAt"),
+    scope: text("scope"),
+    password: text("password"),
+    createdAt: timestamp("createdAt").notNull(),
+    updatedAt: timestamp("updatedAt").notNull()
+});
+
+export const pgVerification = pgTable("verification", {
+    id: text("id").primaryKey(),
+    identifier: text("identifier").notNull(),
+    value: text("value").notNull(),
+    expiresAt: timestamp("expiresAt").notNull(),
+    createdAt: timestamp("createdAt"),
+    updatedAt: timestamp("updatedAt")
+});
+
+export const pgSchema = {
+    user: pgUser,
+    session: pgSession,
+    account: pgAccount,
+    verification: pgVerification
+};
+
+// ==========================================
+// MySQL Schema
+// ==========================================
+
+export const mysqlUser = mysqlTable("user", {
+    id: varchar("id", { length: 36 }).primaryKey(),
+    name: varchar("name", { length: 255 }),
+    email: varchar("email", { length: 255 }).notNull().unique(),
+    emailVerified: mysqlBoolean("emailVerified").notNull(),
+    image: varchar("image", { length: 255 }),
+    createdAt: mysqlTimestamp("createdAt").notNull(),
+    updatedAt: mysqlTimestamp("updatedAt").notNull()
+});
+
+export const mysqlSession = mysqlTable("session", {
+    id: varchar("id", { length: 36 }).primaryKey(),
+    expiresAt: mysqlTimestamp("expiresAt").notNull(),
+    token: varchar("token", { length: 255 }).notNull().unique(),
+    createdAt: mysqlTimestamp("createdAt").notNull(),
+    updatedAt: mysqlTimestamp("updatedAt").notNull(),
+    ipAddress: varchar("ipAddress", { length: 45 }),
+    userAgent: mysqlText("userAgent"),
+    userId: varchar("userId", { length: 36 }).notNull().references(() => mysqlUser.id)
+});
+
+export const mysqlAccount = mysqlTable("account", {
+    id: varchar("id", { length: 36 }).primaryKey(),
+    accountId: varchar("accountId", { length: 255 }).notNull(),
+    providerId: varchar("providerId", { length: 255 }).notNull(),
+    userId: varchar("userId", { length: 36 }).notNull().references(() => mysqlUser.id),
+    accessToken: mysqlText("accessToken"),
+    refreshToken: mysqlText("refreshToken"),
+    idToken: mysqlText("idToken"),
+    accessTokenExpiresAt: mysqlTimestamp("accessTokenExpiresAt"),
+    refreshTokenExpiresAt: mysqlTimestamp("refreshTokenExpiresAt"),
+    scope: mysqlText("scope"),
+    password: varchar("password", { length: 255 }),
+    createdAt: mysqlTimestamp("createdAt").notNull(),
+    updatedAt: mysqlTimestamp("updatedAt").notNull()
+});
+
+export const mysqlVerification = mysqlTable("verification", {
+    id: varchar("id", { length: 36 }).primaryKey(),
+    identifier: varchar("identifier", { length: 255 }).notNull(),
+    value: varchar("value", { length: 255 }).notNull(),
+    expiresAt: mysqlTimestamp("expiresAt").notNull(),
+    createdAt: mysqlTimestamp("createdAt"),
+    updatedAt: mysqlTimestamp("updatedAt")
+});
+
+export const mysqlSchema = {
+    user: mysqlUser,
+    session: mysqlSession,
+    account: mysqlAccount,
+    verification: mysqlVerification
+};
+
+// ==========================================
+// SQLite Schema
+// ==========================================
+
+export const sqliteUser = sqliteTable("user", {
+    id: sqliteText("id").primaryKey(),
+    name: sqliteText("name"),
+    email: sqliteText("email").notNull().unique(),
+    emailVerified: integer("emailVerified", { mode: "boolean" }).notNull(),
+    image: sqliteText("image"),
+    createdAt: integer("createdAt", { mode: "timestamp" }).notNull(),
+    updatedAt: integer("updatedAt", { mode: "timestamp" }).notNull()
+});
+
+export const sqliteSession = sqliteTable("session", {
+    id: sqliteText("id").primaryKey(),
+    expiresAt: integer("expiresAt", { mode: "timestamp" }).notNull(),
+    token: sqliteText("token").notNull().unique(),
+    createdAt: integer("createdAt", { mode: "timestamp" }).notNull(),
+    updatedAt: integer("updatedAt", { mode: "timestamp" }).notNull(),
+    ipAddress: sqliteText("ipAddress"),
+    userAgent: sqliteText("userAgent"),
+    userId: sqliteText("userId").notNull().references(() => sqliteUser.id)
+});
+
+export const sqliteAccount = sqliteTable("account", {
+    id: sqliteText("id").primaryKey(),
+    accountId: sqliteText("accountId").notNull(),
+    providerId: sqliteText("providerId").notNull(),
+    userId: sqliteText("userId").notNull().references(() => sqliteUser.id),
+    accessToken: sqliteText("accessToken"),
+    refreshToken: sqliteText("refreshToken"),
+    idToken: sqliteText("idToken"),
+    accessTokenExpiresAt: integer("accessTokenExpiresAt", { mode: "timestamp" }),
+    refreshTokenExpiresAt: integer("refreshTokenExpiresAt", { mode: "timestamp" }),
+    scope: sqliteText("scope"),
+    password: sqliteText("password"),
+    createdAt: integer("createdAt", { mode: "timestamp" }).notNull(),
+    updatedAt: integer("updatedAt", { mode: "timestamp" }).notNull()
+});
+
+export const sqliteVerification = sqliteTable("verification", {
+    id: sqliteText("id").primaryKey(),
+    identifier: sqliteText("identifier").notNull(),
+    value: sqliteText("value").notNull(),
+    expiresAt: integer("expiresAt", { mode: "timestamp" }).notNull(),
+    createdAt: integer("createdAt", { mode: "timestamp" }),
+    updatedAt: integer("updatedAt", { mode: "timestamp" })
+});
+
+export const sqliteSchema = {
+    user: sqliteUser,
+    session: sqliteSession,
+    account: sqliteAccount,
+    verification: sqliteVerification
+};

package/src/features/auth/types.ts

@@ -0,0 +1,114 @@
+/**
+ * Auth feature types and interfaces
+ */
+
+export interface User {
+    id: string;
+    email: string;
+    emailVerified: boolean;
+    name?: string | null;
+    image?: string | null;
+    createdAt: Date;
+    updatedAt: Date;
+    // deno-lint-ignore no-explicit-any
+    [key: string]: any; // Allow custom fields
+}
+
+export interface Account {
+    id: string;
+    userId: string;
+    accountId: string;
+    providerId: string;
+    accessToken?: string;
+    refreshToken?: string;
+    idToken?: string;
+    expiresAt?: Date;
+    scope?: string;
+    password?: string; // For credentials provider
+    createdAt: Date;
+    updatedAt: Date;
+}
+
+export interface Verification {
+    id: string;
+    identifier: string; // email or phone
+    value: string; // verification token
+    expiresAt: Date;
+    createdAt: Date;
+}
+
+export interface AuthSession {
+    id: string;
+    userId: string;
+    expiresAt: Date;
+    ipAddress?: string;
+    userAgent?: string;
+    createdAt: Date;
+    updatedAt: Date;
+}
+
+export interface PasswordResetToken {
+    id: string;
+    userId: string;
+    token: string;
+    expiresAt: Date;
+    createdAt: Date;
+}
+
+export interface EmailVerificationToken {
+    id: string;
+    userId: string;
+    token: string;
+    email: string;
+    expiresAt: Date;
+    createdAt: Date;
+}
+
+/**
+ * Auth context available in route handlers
+ */
+export interface AuthContext {
+    user: User | null;
+    session: AuthSession | null;
+}
+
+/**
+ * Registration input
+ */
+export interface SignUpInput {
+    email: string;
+    password: string;
+    name?: string;
+    // deno-lint-ignore no-explicit-any
+    [key: string]: any; // Allow custom fields
+}
+
+/**
+ * Login input
+ */
+export interface SignInInput {
+    email: string;
+    password: string;
+}
+
+/**
+ * Password reset request
+ */
+export interface PasswordResetRequest {
+    email: string;
+}
+
+/**
+ * Password reset confirmation
+ */
+export interface PasswordResetConfirm {
+    token: string;
+    newPassword: string;
+}
+
+/**
+ * Email verification
+ */
+export interface EmailVerificationRequest {
+    token: string;
+}

package/src/features/cache.ts

@@ -0,0 +1,144 @@
+import type { Feature, CacheConfig } from "../types";
+import type { Kernel } from "../kernel";
+import type { Context, Next } from "hono";
+import Redis from "ioredis";
+
+// Standard Cache Interface
+export interface CacheAdapter {
+    get(key: string): Promise<any>;
+    set(key: string, value: any, ttl?: number): Promise<void>;
+    delete(key: string): Promise<void>;
+    exists(key: string): Promise<boolean>;
+    increment?(key: string): Promise<number>;
+    disconnect?(): Promise<void>;
+}
+
+// Simple Memory Adapter
+class MemoryAdapter implements CacheAdapter {
+    private store = new Map<string, { value: any, expires: number | null }>();
+
+    async get(key: string) {
+        const item = this.store.get(key);
+        if (!item) return null;
+        if (item.expires && item.expires < Date.now()) {
+            this.store.delete(key);
+            return null;
+        }
+        return item.value;
+    }
+
+    async set(key: string, value: any, ttl?: number) {
+        const expires = ttl ? Date.now() + ttl * 1000 : null;
+        this.store.set(key, { value, expires });
+    }
+
+    async delete(key: string) {
+        this.store.delete(key);
+    }
+
+    async exists(key: string) {
+        return this.store.has(key);
+    }
+
+    async increment(key: string): Promise<number> {
+        const item = this.store.get(key);
+        if (!item || (item.expires && item.expires < Date.now())) {
+            return 0;
+        }
+        const newVal = Number(item.value) + 1;
+        item.value = newVal;
+        return newVal;
+    }
+}
+
+// Redis Adapter
+class RedisAdapter implements CacheAdapter {
+    private client: Redis;
+
+    constructor(options: any) {
+        this.client = new Redis(options);
+    }
+
+    async get(key: string) {
+        const value = await this.client.get(key);
+        try {
+            return value ? JSON.parse(value) : null;
+        } catch {
+            return value;
+        }
+    }
+
+    async set(key: string, value: any, ttl?: number) {
+        const stringValue = typeof value === 'string' ? value : JSON.stringify(value);
+        if (ttl) {
+            await this.client.set(key, stringValue, 'EX', ttl);
+        } else {
+            await this.client.set(key, stringValue);
+        }
+    }
+
+    async delete(key: string) {
+        await this.client.del(key);
+    }
+
+    async exists(key: string) {
+        const result = await this.client.exists(key);
+        return result === 1;
+    }
+
+    async increment(key: string): Promise<number> {
+        return await this.client.incr(key);
+    }
+
+    async disconnect() {
+        await this.client.quit();
+    }
+}
+
+declare module "hono" {
+    interface ContextVariableMap {
+        cache: CacheAdapter;
+    }
+}
+
+export class CacheFeature implements Feature {
+    name = "cache";
+    public client!: CacheAdapter;
+
+    constructor(private config: CacheConfig = { adapter: "memory" }) { }
+
+    async initialize(kernel: Kernel): Promise<void> {
+        console.log(`⚙️ Initializing Cache: ${this.config.adapter}`);
+
+        if (this.config.adapter === "redis") {
+            const conn = this.config.connection || {};
+            try {
+                this.client = new RedisAdapter({
+                    host: conn.host || "localhost",
+                    port: conn.port || 6379,
+                    password: conn.password,
+                    db: conn.db || 0
+                });
+            } catch (err) {
+                console.warn("⚠️ Redis connection failed, falling back to memory cache");
+                this.client = new MemoryAdapter();
+            }
+        } else {
+            this.client = new MemoryAdapter();
+        }
+
+        const app = kernel.getApp();
+        app.use("*", async (c: Context, next: Next) => {
+            c.set("cache", this.client);
+            await next();
+        });
+
+        console.log('✅ Cache initialized.');
+    }
+
+    async shutdown(): Promise<void> {
+        if (this.client.disconnect) {
+            await this.client.disconnect();
+        }
+    }
+}

package/src/features/cors.ts

@@ -0,0 +1,33 @@
+import type { Feature, CorsConfig } from "../types";
+import type { Kernel } from "../kernel";
+import { cors } from "hono/cors";
+
+export class CorsFeature implements Feature {
+    name = "cors";
+
+    constructor(private config: CorsConfig = {}) {
+        if (!this.config.origin) {
+            this.config.origin = "*";
+        }
+        if (this.config.credentials === undefined) {
+            this.config.credentials = false;
+        }
+    }
+
+    async initialize(kernel: Kernel): Promise<void> {
+        const app = kernel.getApp();
+
+        const honoConfig: any = { ...this.config };
+
+        if (typeof this.config.origin === "function") {
+            honoConfig.origin = (origin: string) => {
+                // @ts-expect-error - origin is narrowed to a function above
+                const result = this.config.origin(origin);
+                return result ? origin : null;
+            };
+        }
+
+        app.use("*", cors(honoConfig));
+        console.log("✅ CORS feature initialized");
+    }
+}

package/src/features/csrf.ts

@@ -0,0 +1,94 @@
+import type { Feature, CsrfConfig } from "../types";
+import type { Kernel } from "../kernel";
+import type { Context, Next } from "hono";
+import { HTTPException } from "hono/http-exception";
+import { getCookie, setCookie } from "hono/cookie";
+
+declare module "hono" {
+    interface ContextVariableMap {
+        csrfToken: string;
+    }
+}
+
+export class CsrfFeature implements Feature {
+    name = "csrf";
+    private config: Required<CsrfConfig>;
+
+    constructor(config: CsrfConfig) {
+        if (!config.secret) throw new Error("CSRF secret is required");
+        this.config = {
+            secret: config.secret,
+            cookieName: config.cookieName || "_csrf",
+            headerName: config.headerName || "X-CSRF-Token",
+            ignoreMethods: config.ignoreMethods || ["GET", "HEAD", "OPTIONS"],
+            cookieOptions: {
+                httpOnly: true,
+                secure: true,
+                sameSite: "Strict",
+                maxAge: 86400,
+                ...config.cookieOptions
+            }
+        } as Required<CsrfConfig>;
+    }
+
+    async initialize(kernel: Kernel): Promise<void> {
+        const app = kernel.getApp();
+        app.use("*", async (c: Context, next: Next) => {
+            await this.middleware(c, next);
+        });
+        console.log("✅ CSRF feature initialized");
+    }
+
+    private async middleware(c: Context, next: Next) {
+        const method = c.req.method.toUpperCase();
+        let token = getCookie(c, this.config.cookieName);
+
+        if (!token) {
+            token = crypto.randomUUID().replace(/-/g, '');
+            setCookie(c, this.config.cookieName, token, {
+                httpOnly: this.config.cookieOptions.httpOnly,
+                secure: this.config.cookieOptions.secure,
+                sameSite: this.config.cookieOptions.sameSite as any,
+                maxAge: this.config.cookieOptions.maxAge,
+                path: "/"
+            });
+        }
+
+        c.set("csrfToken", token);
+
+        if (this.config.ignoreMethods.includes(method)) {
+            await next();
+            return;
+        }
+
+        const isValid = await this.validateToken(c, token);
+        if (!isValid) {
+            throw new HTTPException(403, { message: "Invalid CSRF token" });
+        }
+
+        await next();
+    }
+
+    private async validateToken(c: Context, expectedToken: string): Promise<boolean> {
+        const headerToken = c.req.header(this.config.headerName);
+        if (headerToken === expectedToken) return true;
+
+        try {
+            const contentType = c.req.header("content-type");
+            if (contentType?.includes("application/x-www-form-urlencoded")) {
+                const body = await c.req.parseBody();
+                const bodyToken = body._csrf || body[this.config.cookieName];
+                if (String(bodyToken) === expectedToken) return true;
+            }
+        } catch { /* ignored */ }
+
+        return false;
+    }
+}
+
+export function requireCsrf() {
+    return async (c: Context, next: Next) => {
+        if (!c.get("csrfToken")) throw new HTTPException(403, { message: "CSRF token required" });
+        await next();
+    };
+}

package/src/features/db.ts

@@ -0,0 +1,90 @@
+import type { Feature, DbConfig } from "../types";
+import type { Kernel } from "../kernel";
+import type { Context, Next } from "hono";
+import { drizzle } from 'drizzle-orm/postgres-js';
+import { drizzle as drizzleMysql } from 'drizzle-orm/mysql2';
+import { drizzle as drizzleBunSqlite } from 'drizzle-orm/bun-sqlite';
+import postgres from 'postgres';
+import mysql from 'mysql2/promise';
+import { Database } from 'bun:sqlite';
+
+declare module "hono" {
+    interface ContextVariableMap {
+        db: any;
+    }
+}
+
+export class DbFeature implements Feature {
+    name = "db";
+    private client: any;
+    public db: any;
+    public readonly adapter: string;
+
+    constructor(private config: DbConfig) {
+        this.adapter = config.adapter;
+    }
+
+    async initialize(kernel: Kernel): Promise<void> {
+        const config = this.config;
+        console.log(`⚙️ Initializing DB driver: ${config.adapter}`);
+
+        try {
+            switch (config.adapter) {
+                case 'postgres': {
+                    if (!config.connection) throw new Error("Missing connection info");
+                    const pgConfig = config.connection.connectionString ? config.connection.connectionString : {
+                        host: config.connection.host || 'localhost',
+                        port: config.connection.port || 5432,
+                        database: config.connection.database!,
+                        user: config.connection.user!,
+                        password: config.connection.password!
+                    };
+                    this.client = postgres(pgConfig as any);
+                    this.db = drizzle(this.client);
+                    break;
+                }
+                case 'mysql': {
+                    if (!config.connection) throw new Error("Missing connection info");
+                    const mysqlConfig = config.connection.connectionString ? config.connection.connectionString : {
+                        host: config.connection.host || 'localhost',
+                        port: config.connection.port || 3306,
+                        database: config.connection.database!,
+                        user: config.connection.user!,
+                        password: config.connection.password!
+                    };
+                    this.client = await mysql.createConnection(mysqlConfig as any);
+                    this.db = drizzleMysql(this.client);
+                    break;
+                }
+                case 'sqlite': {
+                    const url = config.connection?.database || ':memory:';
+                    this.client = new Database(url);
+                    this.db = drizzleBunSqlite(this.client);
+                    break;
+                }
+                default:
+                    throw new Error(`Unsupported DB adapter: ${config.adapter}`);
+            }
+            console.log('✅ DB connected successfully.');
+        } catch (error) {
+            console.error('❌ Failed to connect to DB', error);
+            throw error;
+        }
+
+        const app = kernel.getApp();
+        app.use("*", async (c: Context, next: Next) => {
+            c.set("db", this.db);
+            await next();
+        });
+    }
+
+    async shutdown(): Promise<void> {
+        if (this.client) {
+            if (this.client.end) {
+                await this.client.end();
+            } else if (this.client.close) {
+                this.client.close();
+            }
+        }
+    }
+}