npm - @joystick.js/db-canary - Versions diffs - 0.0.0-canary.2209 - Mend

@joystick.js/db-canary 0.0.0-canary.2209

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (354) hide show

package/.build/getFilesToBuild.js +26 -0
package/.build/getPlatformSafeFilePath.js +6 -0
package/.build/getPlatformSafePath.js +6 -0
package/.build/index.js +88 -0
package/.build/isWindows.js +3 -0
package/API_KEY +1 -0
package/README.md +1821 -0
package/data/data.mdb +0 -0
package/data/lock.mdb +0 -0
package/dist/client/database.js +1 -0
package/dist/client/index.js +1 -0
package/dist/server/cluster/index.js +1 -0
package/dist/server/cluster/master.js +20 -0
package/dist/server/cluster/worker.js +1 -0
package/dist/server/index.js +1 -0
package/dist/server/lib/api_key_manager.js +9 -0
package/dist/server/lib/auth_manager.js +1 -0
package/dist/server/lib/auto_index_manager.js +1 -0
package/dist/server/lib/backup_manager.js +1 -0
package/dist/server/lib/connection_manager.js +1 -0
package/dist/server/lib/disk_utils.js +2 -0
package/dist/server/lib/http_server.js +405 -0
package/dist/server/lib/index_manager.js +1 -0
package/dist/server/lib/load_settings.js +1 -0
package/dist/server/lib/logger.js +1 -0
package/dist/server/lib/op_types.js +1 -0
package/dist/server/lib/operation_dispatcher.js +1 -0
package/dist/server/lib/operations/admin.js +1 -0
package/dist/server/lib/operations/bulk_write.js +1 -0
package/dist/server/lib/operations/create_index.js +1 -0
package/dist/server/lib/operations/delete_one.js +1 -0
package/dist/server/lib/operations/drop_index.js +1 -0
package/dist/server/lib/operations/find.js +1 -0
package/dist/server/lib/operations/find_one.js +1 -0
package/dist/server/lib/operations/get_indexes.js +1 -0
package/dist/server/lib/operations/insert_one.js +1 -0
package/dist/server/lib/operations/update_one.js +1 -0
package/dist/server/lib/performance_monitor.js +1 -0
package/dist/server/lib/query_engine.js +1 -0
package/dist/server/lib/recovery_manager.js +1 -0
package/dist/server/lib/replication_manager.js +1 -0
package/dist/server/lib/safe_json_parse.js +1 -0
package/dist/server/lib/send_response.js +1 -0
package/dist/server/lib/tcp_protocol.js +1 -0
package/dist/server/lib/write_forwarder.js +1 -0
package/dist/server/lib/write_queue.js +1 -0
package/increment_version.js +3 -0
package/logs/.013e15b54597d05db4b4b53ecc37b10c92a72927-audit.json +20 -0
package/logs/.02de550a67ea0f5961faa2dfd458a4d06f59ebd1-audit.json +20 -0
package/logs/.03494ba24eb3c72214b4068a77d54b8993bee651-audit.json +20 -0
package/logs/.06309ec60b339be1259a7993dd09c732f8907fbc-audit.json +20 -0
package/logs/.0663a04dcfa17285661e5e1b8cfa51f41523b210-audit.json +20 -0
package/logs/.0f06e6c4c9b824622729e13927587479e5060391-audit.json +20 -0
package/logs/.16ccf58682ecb22b3e3ec63f0da1b7fe9be56528-audit.json +20 -0
package/logs/.1fa1a5d02f496474b1ab473524c65c984146a9ad-audit.json +20 -0
package/logs/.2223c0ae3bea6f0d62c62b1d319cc8634856abb7-audit.json +20 -0
package/logs/.23dc79ffda3e083665e6f5993f59397adcbf4a46-audit.json +20 -0
package/logs/.28104f49b03906b189eefd1cd462cb46c3c0af22-audit.json +20 -0
package/logs/.29cdbf13808abe6a0ce70ee2f2efdd680ce3fd8e-audit.json +20 -0
package/logs/.2a9889afd071f77f41f5170d08703a0afca866b7-audit.json +20 -0
package/logs/.2acec3d1940a2bbed487528b703ee5948959a599-audit.json +20 -0
package/logs/.2fb60ff326338c02bfedbcd0e936444e4a216750-audit.json +20 -0
package/logs/.318fc7a19530d76a345f030f7cad00dda15300e7-audit.json +20 -0
package/logs/.3cf27043e19085f908cedc7701e6d013463208ee-audit.json +25 -0
package/logs/.3d90d785415817fc443402843b7c95f8371adc9b-audit.json +20 -0
package/logs/.4074bca620375f72966fc52dfd439577727671e5-audit.json +20 -0
package/logs/.40eecf018417ea80a70ea8ec7a3cc9406bc6334b-audit.json +20 -0
package/logs/.50e974f1ef7c365fca6a1251b2e2c2252914cb5e-audit.json +20 -0
package/logs/.52cb7d9e4223cf26ba36006ac26b949a97c7923c-audit.json +20 -0
package/logs/.54befcdb84c15aad980705a31bcc9f555c3577ab-audit.json +20 -0
package/logs/.57dfb70e22eddb84db2e3c0ceeefac5c0b9baffa-audit.json +20 -0
package/logs/.5f0b24705a1eaad4eca4968f2d86f91b3f9be683-audit.json +20 -0
package/logs/.61ba98fdda7db58576b382fee07904e5db1169d6-audit.json +20 -0
package/logs/.6235017727ef6b199d569a99d6aa8c8e80a1b475-audit.json +20 -0
package/logs/.63db16193699219489d218a1ddea5dde3750cae4-audit.json +20 -0
package/logs/.64fb67dfe14149c9eef728d79bf30a54da809c60-audit.json +20 -0
package/logs/.669137453368987c1f311b5345342527afb54e50-audit.json +20 -0
package/logs/.7a71f8c89ea28ae266d356aeff6306e876a30fbb-audit.json +20 -0
package/logs/.7afbaa90fe9dc3a7d682676f9bb79f9a1b1fd9a6-audit.json +20 -0
package/logs/.7ca29e322cd05327035de850099e7610864f2347-audit.json +20 -0
package/logs/.83335ab3347e449dae03455a110aaf7f120d4802-audit.json +20 -0
package/logs/.8c2487b5fd445d2c8e5c483c80b9fa99bbf1ca58-audit.json +20 -0
package/logs/.8c8b9dc386922c9f3b4c13251af7052aac1d24c0-audit.json +20 -0
package/logs/.8d6155d94640c4863301ae0fee5e4e7372a21446-audit.json +20 -0
package/logs/.944a3119a243deea7c8270d5d9e582bb1d0eaa10-audit.json +20 -0
package/logs/.9816a845c30fb2909f3b26a23eeb3538ebcad5db-audit.json +20 -0
package/logs/.9dc08784e38b865488177c26d4af5934555e0323-audit.json +20 -0
package/logs/.9dd27d2e0e454ac0a37600206d1cac5493b0d7ee-audit.json +20 -0
package/logs/.a3d486feeac7654c59b547de96600e8849a06d4f-audit.json +20 -0
package/logs/.a5b811f4def22250f86cc18870d7c4573625df22-audit.json +20 -0
package/logs/.a61648eb5f830e0b6f508ac35e4f8f629d2ad4c7-audit.json +20 -0
package/logs/.a89016d507045771b4b5a65656944a9c0f1e528b-audit.json +20 -0
package/logs/.a99bee160a1c590be959af46bacc02724803f691-audit.json +20 -0
package/logs/.ada7906d6243fd7da802f03d86c4ae5dd9df6236-audit.json +20 -0
package/logs/.b518339ee942143b6af983af167f5bbb6983b4de-audit.json +20 -0
package/logs/.b51b124b166d53c9519017856ea610d61d65fabe-audit.json +20 -0
package/logs/.b7a6aee19f58e55633d5e4a3709041c47dfff975-audit.json +20 -0
package/logs/.bd7a8a6ba9c55d557a4867ab53f02e3ec2e1553d-audit.json +20 -0
package/logs/.c1435dafe453b169d6392b25065f3cf4ab6fbb21-audit.json +20 -0
package/logs/.c17e1ce043109f77dc2f0e2aa290a9d1ed842c03-audit.json +20 -0
package/logs/.ca62637ce9540e5a38a2fbedb2115febb6ad308a-audit.json +15 -0
package/logs/.ccee67b9c176967f8977071409a41f5cb5cd6ad4-audit.json +20 -0
package/logs/.db24043417ea79a6f14cd947476399e53930b48d-audit.json +20 -0
package/logs/.e0f12acccb57829f5f33712bb2e2607ecd808147-audit.json +20 -0
package/logs/.e9b6cc33d0bbd2e644c4e2bf44d177f850016557-audit.json +20 -0
package/logs/.f15291d434808e3bdca7963ccd2e73893be027e6-audit.json +20 -0
package/logs/.f4bdf9e21ef84f8a3fae3ffb32bbc39275991351-audit.json +15 -0
package/logs/.fbac3aefac1e81b4230df5aa50667cb90d51024f-audit.json +20 -0
package/logs/.fcfd495c0a9169db243f4a4f21878ee02b76413c-audit.json +20 -0
package/logs/admin-2025-09-12.log +580 -0
package/logs/admin-2025-09-15.log +283 -0
package/logs/admin-error-2025-09-12.log +22 -0
package/logs/admin-error-2025-09-15.log +10 -0
package/logs/api_key_manager-2025-09-12.log +658 -0
package/logs/api_key_manager-2025-09-15.log +295 -0
package/logs/api_key_manager-error-2025-09-12.log +0 -0
package/logs/api_key_manager-error-2025-09-15.log +0 -0
package/logs/auth_manager-2025-09-12.log +4432 -0
package/logs/auth_manager-2025-09-15.log +2000 -0
package/logs/auth_manager-error-2025-09-12.log +11 -0
package/logs/auth_manager-error-2025-09-15.log +5 -0
package/logs/auto_index_manager-2025-09-12.log +84 -0
package/logs/auto_index_manager-2025-09-15.log +45 -0
package/logs/auto_index_manager-error-2025-09-12.log +6 -0
package/logs/auto_index_manager-error-2025-09-15.log +0 -0
package/logs/backup_manager-2025-09-12.log +198 -0
package/logs/backup_manager-2025-09-15.log +90 -0
package/logs/backup_manager-error-2025-09-12.log +198 -0
package/logs/backup_manager-error-2025-09-15.log +90 -0
package/logs/bulk_write-2025-09-12.log +66 -0
package/logs/bulk_write-2025-09-15.log +38 -0
package/logs/bulk_write-error-2025-09-12.log +0 -0
package/logs/bulk_write-error-2025-09-15.log +0 -0
package/logs/connection_manager-2025-09-12.log +2412 -0
package/logs/connection_manager-2025-09-15.log +1132 -0
package/logs/connection_manager-error-2025-09-12.log +0 -0
package/logs/connection_manager-error-2025-09-15.log +0 -0
package/logs/create_index-2025-09-12.log +302 -0
package/logs/create_index-2025-09-15.log +158 -0
package/logs/create_index-error-2025-09-12.log +30 -0
package/logs/create_index-error-2025-09-15.log +13 -0
package/logs/delete_one-2025-09-12.log +73 -0
package/logs/delete_one-2025-09-15.log +43 -0
package/logs/delete_one-error-2025-09-12.log +0 -0
package/logs/delete_one-error-2025-09-15.log +0 -0
package/logs/disk_utils-2025-09-12.log +4954 -0
package/logs/disk_utils-2025-09-15.log +2446 -0
package/logs/disk_utils-error-2025-09-12.log +0 -0
package/logs/disk_utils-error-2025-09-15.log +0 -0
package/logs/drop_index-2025-09-12.log +41 -0
package/logs/drop_index-2025-09-15.log +23 -0
package/logs/drop_index-error-2025-09-12.log +11 -0
package/logs/drop_index-error-2025-09-15.log +5 -0
package/logs/find-2025-09-12.log +1050 -0
package/logs/find-2025-09-15.log +592 -0
package/logs/find-error-2025-09-12.log +1 -0
package/logs/find-error-2025-09-15.log +0 -0
package/logs/find_one-2025-09-12.log +425 -0
package/logs/find_one-2025-09-15.log +264 -0
package/logs/find_one-error-2025-09-12.log +5 -0
package/logs/find_one-error-2025-09-15.log +0 -0
package/logs/get_indexes-2025-09-12.log +84 -0
package/logs/get_indexes-2025-09-15.log +56 -0
package/logs/get_indexes-error-2025-09-12.log +6 -0
package/logs/get_indexes-error-2025-09-15.log +0 -0
package/logs/http_server-2025-09-12.log +2772 -0
package/logs/http_server-2025-09-15.log +1276 -0
package/logs/http_server-error-2025-09-12.log +212 -0
package/logs/http_server-error-2025-09-15.log +44 -0
package/logs/index_manager-2025-09-12.log +5031 -0
package/logs/index_manager-2025-09-15.log +2909 -0
package/logs/index_manager-error-2025-09-12.log +80 -0
package/logs/index_manager-error-2025-09-15.log +38 -0
package/logs/insert_one-2025-09-12.log +2181 -0
package/logs/insert_one-2025-09-15.log +1293 -0
package/logs/insert_one-error-2025-09-12.log +0 -0
package/logs/insert_one-error-2025-09-15.log +0 -0
package/logs/master-2025-09-12.log +1882 -0
package/logs/master-2025-09-15.log +910 -0
package/logs/master-error-2025-09-12.log +80 -0
package/logs/master-error-2025-09-15.log +0 -0
package/logs/operation_dispatcher-2025-09-12.log +751 -0
package/logs/operation_dispatcher-2025-09-15.log +359 -0
package/logs/operation_dispatcher-error-2025-09-12.log +33 -0
package/logs/operation_dispatcher-error-2025-09-15.log +11 -0
package/logs/performance_monitor-2025-09-12.log +14889 -0
package/logs/performance_monitor-2025-09-15.log +6803 -0
package/logs/performance_monitor-error-2025-09-12.log +0 -0
package/logs/performance_monitor-error-2025-09-15.log +0 -0
package/logs/query_engine-2025-09-12.log +5310 -0
package/logs/query_engine-2025-09-15.log +2639 -0
package/logs/query_engine-error-2025-09-12.log +0 -0
package/logs/query_engine-error-2025-09-15.log +0 -0
package/logs/recovery_manager-2025-09-12.log +462 -0
package/logs/recovery_manager-2025-09-15.log +210 -0
package/logs/recovery_manager-error-2025-09-12.log +22 -0
package/logs/recovery_manager-error-2025-09-15.log +10 -0
package/logs/replication-2025-09-12.log +1923 -0
package/logs/replication-2025-09-15.log +917 -0
package/logs/replication-error-2025-09-12.log +33 -0
package/logs/replication-error-2025-09-15.log +15 -0
package/logs/server-2025-09-12.log +2601 -0
package/logs/server-2025-09-15.log +1191 -0
package/logs/server-error-2025-09-12.log +0 -0
package/logs/server-error-2025-09-15.log +0 -0
package/logs/tcp_protocol-2025-09-12.log +22 -0
package/logs/tcp_protocol-2025-09-15.log +10 -0
package/logs/tcp_protocol-error-2025-09-12.log +22 -0
package/logs/tcp_protocol-error-2025-09-15.log +10 -0
package/logs/test-2025-09-12.log +0 -0
package/logs/test-2025-09-15.log +0 -0
package/logs/test-error-2025-09-12.log +0 -0
package/logs/test-error-2025-09-15.log +0 -0
package/logs/update_one-2025-09-12.log +173 -0
package/logs/update_one-2025-09-15.log +118 -0
package/logs/update_one-error-2025-09-12.log +0 -0
package/logs/update_one-error-2025-09-15.log +0 -0
package/logs/worker-2025-09-12.log +1457 -0
package/logs/worker-2025-09-15.log +695 -0
package/logs/worker-error-2025-09-12.log +0 -0
package/logs/worker-error-2025-09-15.log +0 -0
package/logs/write_forwarder-2025-09-12.log +1956 -0
package/logs/write_forwarder-2025-09-15.log +932 -0
package/logs/write_forwarder-error-2025-09-12.log +66 -0
package/logs/write_forwarder-error-2025-09-15.log +30 -0
package/logs/write_queue-2025-09-12.log +612 -0
package/logs/write_queue-2025-09-15.log +301 -0
package/logs/write_queue-error-2025-09-12.log +184 -0
package/logs/write_queue-error-2025-09-15.log +83 -0
package/package.json +48 -0
package/prompts/01-core-infrastructure.md +56 -0
package/prompts/02-secondary-indexing.md +65 -0
package/prompts/03-write-serialization.md +63 -0
package/prompts/04-enhanced-authentication.md +75 -0
package/prompts/05-comprehensive-admin-operations.md +75 -0
package/prompts/06-backup-and-restore-system.md +106 -0
package/prompts/07-production-safety-features.md +107 -0
package/prompts/08-tcp-client-library.md +121 -0
package/prompts/09-api-method-chaining.md +134 -0
package/prompts/10-automatic-index-creation.md +223 -0
package/prompts/11-operation-naming-consistency.md +268 -0
package/prompts/12-tcp-replication-system.md +333 -0
package/prompts/13-master-read-write-operations.md +57 -0
package/prompts/14-index-upsert-operations.md +68 -0
package/prompts/15-client-api-return-types.md +81 -0
package/prompts/16-server-setup-ui.md +97 -0
package/prompts/17-emergency-password-change.md +108 -0
package/prompts/18-joystick-framework-integration.md +116 -0
package/prompts/19-api-key-authentication-system.md +137 -0
package/prompts/20-configurable-server-port.md +105 -0
package/prompts/21-multi-database-support.md +161 -0
package/prompts/FULL_TEXT_SEARCH.md +293 -0
package/prompts/PROMPTS.md +158 -0
package/prompts/README.md +221 -0
package/prompts/TYPESCRIPT_GENERATION.md +179 -0
package/src/client/database.js +166 -0
package/src/client/index.js +752 -0
package/src/server/cluster/index.js +53 -0
package/src/server/cluster/master.js +774 -0
package/src/server/cluster/worker.js +537 -0
package/src/server/index.js +540 -0
package/src/server/lib/api_key_manager.js +473 -0
package/src/server/lib/auth_manager.js +375 -0
package/src/server/lib/auto_index_manager.js +681 -0
package/src/server/lib/backup_manager.js +650 -0
package/src/server/lib/connection_manager.js +218 -0
package/src/server/lib/disk_utils.js +118 -0
package/src/server/lib/http_server.js +1165 -0
package/src/server/lib/index_manager.js +756 -0
package/src/server/lib/load_settings.js +143 -0
package/src/server/lib/logger.js +135 -0
package/src/server/lib/op_types.js +29 -0
package/src/server/lib/operation_dispatcher.js +268 -0
package/src/server/lib/operations/admin.js +808 -0
package/src/server/lib/operations/bulk_write.js +367 -0
package/src/server/lib/operations/create_index.js +68 -0
package/src/server/lib/operations/delete_one.js +114 -0
package/src/server/lib/operations/drop_index.js +58 -0
package/src/server/lib/operations/find.js +340 -0
package/src/server/lib/operations/find_one.js +319 -0
package/src/server/lib/operations/get_indexes.js +52 -0
package/src/server/lib/operations/insert_one.js +113 -0
package/src/server/lib/operations/update_one.js +225 -0
package/src/server/lib/performance_monitor.js +313 -0
package/src/server/lib/query_engine.js +243 -0
package/src/server/lib/recovery_manager.js +388 -0
package/src/server/lib/replication_manager.js +727 -0
package/src/server/lib/safe_json_parse.js +21 -0
package/src/server/lib/send_response.js +47 -0
package/src/server/lib/tcp_protocol.js +130 -0
package/src/server/lib/write_forwarder.js +636 -0
package/src/server/lib/write_queue.js +335 -0
package/test_data/data.mdb +0 -0
package/test_data/lock.mdb +0 -0
package/tests/client/index.test.js +1232 -0
package/tests/server/cluster/cluster.test.js +248 -0
package/tests/server/cluster/master_read_write_operations.test.js +577 -0
package/tests/server/index.test.js +651 -0
package/tests/server/integration/authentication_integration.test.js +294 -0
package/tests/server/integration/auto_indexing_integration.test.js +268 -0
package/tests/server/integration/backup_integration.test.js +513 -0
package/tests/server/integration/indexing_integration.test.js +126 -0
package/tests/server/integration/production_safety_integration.test.js +358 -0
package/tests/server/integration/replication_integration.test.js +227 -0
package/tests/server/integration/write_serialization_integration.test.js +246 -0
package/tests/server/lib/api_key_manager.test.js +516 -0
package/tests/server/lib/auth_manager.test.js +317 -0
package/tests/server/lib/auto_index_manager.test.js +275 -0
package/tests/server/lib/backup_manager.test.js +238 -0
package/tests/server/lib/connection_manager.test.js +221 -0
package/tests/server/lib/disk_utils.test.js +63 -0
package/tests/server/lib/http_server.test.js +389 -0
package/tests/server/lib/index_manager.test.js +301 -0
package/tests/server/lib/load_settings.test.js +107 -0
package/tests/server/lib/load_settings_port_config.test.js +243 -0
package/tests/server/lib/logger.test.js +282 -0
package/tests/server/lib/operations/admin.test.js +638 -0
package/tests/server/lib/operations/bulk_write.test.js +128 -0
package/tests/server/lib/operations/create_index.test.js +138 -0
package/tests/server/lib/operations/delete_one.test.js +52 -0
package/tests/server/lib/operations/drop_index.test.js +72 -0
package/tests/server/lib/operations/find.test.js +93 -0
package/tests/server/lib/operations/find_one.test.js +91 -0
package/tests/server/lib/operations/get_indexes.test.js +87 -0
package/tests/server/lib/operations/insert_one.test.js +42 -0
package/tests/server/lib/operations/update_one.test.js +89 -0
package/tests/server/lib/performance_monitor.test.js +185 -0
package/tests/server/lib/query_engine.test.js +46 -0
package/tests/server/lib/recovery_manager.test.js +414 -0
package/tests/server/lib/replication_manager.test.js +202 -0
package/tests/server/lib/safe_json_parse.test.js +45 -0
package/tests/server/lib/send_response.test.js +155 -0
package/tests/server/lib/tcp_protocol.test.js +169 -0
package/tests/server/lib/write_forwarder.test.js +258 -0
package/tests/server/lib/write_queue.test.js +255 -0
package/tsconfig.json +30 -0
package/types/client/index.d.ts +447 -0
package/types/server/cluster/index.d.ts +28 -0
package/types/server/cluster/master.d.ts +115 -0
package/types/server/cluster/worker.d.ts +1 -0
package/types/server/lib/auth_manager.d.ts +13 -0
package/types/server/lib/backup_manager.d.ts +43 -0
package/types/server/lib/connection_manager.d.ts +15 -0
package/types/server/lib/disk_utils.d.ts +3 -0
package/types/server/lib/index_manager.d.ts +24 -0
package/types/server/lib/load_settings.d.ts +4 -0
package/types/server/lib/logger.d.ts +44 -0
package/types/server/lib/op_types.d.ts +6 -0
package/types/server/lib/performance_monitor.d.ts +68 -0
package/types/server/lib/query_engine.d.ts +10 -0
package/types/server/lib/safe_json_parse.d.ts +7 -0
package/types/server/lib/send_response.d.ts +3 -0
package/types/server/lib/tcp_protocol.d.ts +12 -0
package/types/server/lib/write_queue.d.ts +2 -0

package/src/server/lib/api_key_manager.js ADDED Viewed

@@ -0,0 +1,473 @@
+/**
+ * @fileoverview API key management for JoystickDB authentication system.
+ *
+ * Handles API key file generation, validation, and user management operations.
+ * Provides secure API key-based authentication for database setup and user management.
+ */
+import { readFileSync, writeFileSync, existsSync, unlinkSync } from 'fs';
+import crypto from 'crypto';
+import bcrypt from 'bcrypt';
+import create_logger from './logger.js';
+import { get_database, build_collection_key, generate_document_id } from './query_engine.js';
+const { create_context_logger } = create_logger('api_key_manager');
+const log = create_context_logger();
+/** @type {string} Path to API key file */
+const API_KEY_FILE_PATH = './API_KEY';
+/** @type {string} Collection name for storing users */
+const USERS_COLLECTION = '_users';
+/** @type {number} BCrypt salt rounds for password hashing */
+const SALT_ROUNDS = 12;
+/** @type {string|null} Cached API key */
+let cached_api_key = null;
+/** @type {boolean} Flag to track if admin user exists */
+let admin_user_exists = false;
+/**
+ * Generates a cryptographically secure 32-character alphanumeric API key.
+ * @returns {string} 32-character alphanumeric API key
+ */
+const generate_api_key = () => {
+  const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+  let result = '';
+  const bytes = crypto.randomBytes(32);
+  for (let i = 0; i < 32; i++) {
+    result += chars[bytes[i] % chars.length];
+  }
+  return result;
+};
+/**
+ * Loads API key from file or generates new one if it doesn't exist.
+ * @returns {string} API key from file or newly generated key
+ */
+const load_or_generate_api_key = () => {
+  if (cached_api_key) {
+    return cached_api_key;
+  }
+  if (existsSync(API_KEY_FILE_PATH)) {
+    try {
+      cached_api_key = readFileSync(API_KEY_FILE_PATH, 'utf8').trim();
+      log.info('API key loaded from file');
+      return cached_api_key;
+    } catch (error) {
+      log.error('Failed to read API key file', { error: error.message });
+      throw new Error(`Failed to read API key file: ${error.message}`);
+    }
+  }
+  // Generate new API key
+  const api_key = generate_api_key();
+  try {
+    writeFileSync(API_KEY_FILE_PATH, api_key, { mode: 0o600 });
+    cached_api_key = api_key;
+    log.info('New API key generated and saved', { file_path: API_KEY_FILE_PATH });
+    // Display startup message
+    display_startup_message(api_key);
+    return api_key;
+  } catch (error) {
+    log.error('Failed to save API key file', { error: error.message });
+    throw new Error(`Failed to save API key file: ${error.message}`);
+  }
+};
+/**
+ * Displays the startup message with API key and setup instructions.
+ * @param {string} api_key - Generated API key to display
+ */
+const display_startup_message = (api_key) => {
+  const port = process.env.JOYSTICK_DB_PORT || '1983';
+  const http_port = process.env.JOYSTICK_DB_HTTP_PORT || '1984';
+  console.log('\nJoystickDB Setup\n');
+  console.log('To finish setting up your database and enable operations for authenticated users, you will need to create an admin user via the database\'s admin API using the API key displayed below.\n');
+  console.log('=== STORE THIS KEY SECURELY -- IT WILL NOT BE DISPLAYED AGAIN ===');
+  console.log(api_key);
+  console.log('===\n');
+  console.log('To create a user, send a POST request to the server:\n');
+  console.log(`fetch('http://localhost:${http_port}/api/users', {`);
+  console.log('  method: \'POST\',');
+  console.log('  headers: {');
+  console.log('    \'Content-Type\': \'application/json\',');
+  console.log(`    'x-joystick-db-api-key': '${api_key}'`);
+  console.log('  },');
+  console.log('  body: JSON.stringify({');
+  console.log('    username: \'admin\',');
+  console.log('    password: \'your_secure_password\',');
+  console.log('    role: \'read_write\'');
+  console.log('  })');
+  console.log('});\n');
+  console.log('==!==');
+  console.log('Store this key securely. It will not be displayed again.');
+  console.log('==!==\n');
+  console.log(`API key saved to: ${API_KEY_FILE_PATH}\n`);
+};
+/**
+ * Validates an API key against the stored key.
+ * @param {string} provided_key - API key to validate
+ * @returns {boolean} True if API key is valid
+ */
+const validate_api_key = (provided_key) => {
+  if (!provided_key) {
+    return false;
+  }
+  const stored_key = load_or_generate_api_key();
+  return provided_key === stored_key;
+};
+/**
+ * Validates username format (alphanumeric, 3-50 characters).
+ * @param {string} username - Username to validate
+ * @returns {boolean} True if username is valid
+ */
+const validate_username = (username) => {
+  if (!username || typeof username !== 'string') {
+    return false;
+  }
+  return /^[a-zA-Z0-9]{3,50}$/.test(username);
+};
+/**
+ * Validates password complexity requirements.
+ * @param {string} password - Password to validate
+ * @returns {Object} Validation result
+ * @returns {boolean} returns.valid - Whether password is valid
+ * @returns {string} returns.error - Error message if invalid
+ */
+const validate_password = (password) => {
+  if (!password || typeof password !== 'string') {
+    return { valid: false, error: 'Password is required' };
+  }
+  if (password.length < 8) {
+    return { valid: false, error: 'Password must be at least 8 characters long' };
+  }
+  if (password.length > 128) {
+    return { valid: false, error: 'Password must be no more than 128 characters long' };
+  }
+  return { valid: true };
+};
+/**
+ * Validates role value against allowed options.
+ * @param {string} role - Role to validate
+ * @returns {boolean} True if role is valid
+ */
+const validate_role = (role) => {
+  const allowed_roles = ['read', 'write', 'read_write'];
+  return allowed_roles.includes(role);
+};
+/**
+ * Creates a new user in the database.
+ * @param {Object} user_data - User data
+ * @param {string} user_data.username - Username
+ * @param {string} user_data.password - Plain text password
+ * @param {string} user_data.role - User role
+ * @returns {Promise<Object>} Created user data
+ * @throws {Error} When validation fails or user already exists
+ */
+const create_user = async (user_data) => {
+  const { username, password, role } = user_data;
+  // Validate input
+  if (!validate_username(username)) {
+    throw new Error('Username must be alphanumeric and 3-50 characters long');
+  }
+  const password_validation = validate_password(password);
+  if (!password_validation.valid) {
+    throw new Error(password_validation.error);
+  }
+  if (!validate_role(role)) {
+    throw new Error('Role must be one of: read, write, read_write');
+  }
+  const db = get_database();
+  // Hash password
+  const password_hash = await bcrypt.hash(password, SALT_ROUNDS);
+  // Create user document
+  const user_document = {
+    username,
+    password_hash,
+    role,
+    created_at: new Date().toISOString(),
+    updated_at: new Date().toISOString()
+  };
+  // Store user in database using transaction
+  const user_key = build_collection_key(USERS_COLLECTION, username);
+  let stored_user = null;
+  await db.transaction(() => {
+    const existing_user = db.get(user_key);
+    if (existing_user) {
+      throw new Error('Username already exists');
+    }
+    db.put(user_key, JSON.stringify(user_document));
+    stored_user = user_document;
+  });
+  // Check if this is the first admin user
+  if (role === 'read_write') {
+    admin_user_exists = true;
+    log.info('Admin user created, API key requirement relaxed for authenticated operations');
+  }
+  log.info('User created successfully', { username, role });
+  // Return user data without password hash
+  return {
+    username: user_document.username,
+    role: user_document.role,
+    created_at: user_document.created_at
+  };
+};
+/**
+ * Gets all users from the database.
+ * @returns {Array<Object>} Array of user objects without password hashes
+ */
+const get_all_users = () => {
+  const db = get_database();
+  const users = [];
+  for (const { key, value } of db.getRange({ start: `${USERS_COLLECTION}:`, end: `${USERS_COLLECTION}:\xFF` })) {
+    const parsed_user = JSON.parse(value);
+    const user_data = {
+      username: parsed_user.username,
+      role: parsed_user.role,
+      created_at: parsed_user.created_at,
+      updated_at: parsed_user.updated_at
+    };
+    users.push(user_data);
+  }
+  return users;
+};
+/**
+ * Gets a user by username.
+ * @param {string} username - Username to find
+ * @returns {Object|null} User object without password hash, or null if not found
+ */
+const get_user = (username) => {
+  const db = get_database();
+  const user_key = build_collection_key(USERS_COLLECTION, username);
+  const user_data = db.get(user_key);
+  if (!user_data) {
+    return null;
+  }
+  const user = JSON.parse(user_data);
+  return {
+    username: user.username,
+    role: user.role,
+    created_at: user.created_at,
+    updated_at: user.updated_at
+  };
+};
+/**
+ * Updates a user's role or password.
+ * @param {string} username - Username to update
+ * @param {Object} updates - Updates to apply
+ * @param {string} [updates.password] - New password
+ * @param {string} [updates.role] - New role
+ * @returns {Promise<Object>} Updated user data
+ * @throws {Error} When user not found or validation fails
+ */
+const update_user = async (username, updates) => {
+  const db = get_database();
+  const user_key = build_collection_key(USERS_COLLECTION, username);
+  // Validate password first if provided (before transaction)
+  let password_hash = null;
+  if (updates.password) {
+    const password_validation = validate_password(updates.password);
+    if (!password_validation.valid) {
+      throw new Error(password_validation.error);
+    }
+    password_hash = await bcrypt.hash(updates.password, SALT_ROUNDS);
+  }
+  // Validate role if provided (before transaction)
+  if (updates.role && !validate_role(updates.role)) {
+    throw new Error('Role must be one of: read, write, read_write');
+  }
+  // Check if user exists first
+  const existing_user_data = db.get(user_key);
+  if (!existing_user_data) {
+    throw new Error('User not found');
+  }
+  const existing_user = JSON.parse(existing_user_data);
+  const user_to_update = { ...existing_user };
+  if (updates.role) {
+    user_to_update.role = updates.role;
+  }
+  if (password_hash) {
+    user_to_update.password_hash = password_hash;
+  }
+  user_to_update.updated_at = new Date().toISOString();
+  // Update using putSync for immediate persistence
+  db.putSync(user_key, JSON.stringify(user_to_update));
+  log.info('User updated successfully', { username, updates: Object.keys(updates) });
+  return {
+    username: user_to_update.username,
+    role: user_to_update.role,
+    created_at: user_to_update.created_at,
+    updated_at: user_to_update.updated_at
+  };
+};
+/**
+ * Deletes a user from the database.
+ * @param {string} username - Username to delete
+ * @returns {boolean} True if user was deleted
+ * @throws {Error} When user not found
+ */
+const delete_user = (username) => {
+  const db = get_database();
+  const user_key = build_collection_key(USERS_COLLECTION, username);
+  // Check if user exists first
+  const existing_user = db.get(user_key);
+  if (!existing_user) {
+    throw new Error('User not found');
+  }
+  // Delete using removeSync (synchronous remove)
+  const result = db.removeSync(user_key);
+  log.info('User deleted successfully', { username });
+  return true;
+};
+/**
+ * Verifies a user's password.
+ * @param {string} username - Username
+ * @param {string} password - Plain text password
+ * @returns {Promise<Object|null>} User object if password is correct, null otherwise
+ */
+const verify_user_password = async (username, password) => {
+  const db = get_database();
+  const user_key = build_collection_key(USERS_COLLECTION, username);
+  const user_data = db.get(user_key);
+  if (!user_data) {
+    return null;
+  }
+  const user = JSON.parse(user_data);
+  const is_valid = await bcrypt.compare(password, user.password_hash);
+  if (is_valid) {
+    return {
+      username: user.username,
+      role: user.role,
+      created_at: user.created_at,
+      updated_at: user.updated_at
+    };
+  }
+  return null;
+};
+/**
+ * Checks if an admin user exists in the database.
+ * @returns {boolean} True if admin user exists
+ */
+const check_admin_user_exists = () => {
+  if (admin_user_exists) {
+    return true;
+  }
+  const db = get_database();
+  for (const { value } of db.getRange({ start: `${USERS_COLLECTION}:`, end: `${USERS_COLLECTION}:\xFF` })) {
+    const parsed_user = JSON.parse(value);
+    if (parsed_user.role === 'read_write') {
+      admin_user_exists = true;
+      return true;
+    }
+  }
+  return false;
+};
+/**
+ * Initializes the API key manager.
+ */
+const initialize_api_key_manager = () => {
+  load_or_generate_api_key();
+  admin_user_exists = check_admin_user_exists();
+  if (admin_user_exists) {
+    log.info('Admin user detected, API key requirement relaxed for authenticated operations');
+  }
+};
+/**
+ * Resets API key manager state (for testing).
+ */
+const reset_api_key_state = () => {
+  cached_api_key = null;
+  admin_user_exists = false;
+  // Remove API key file if it exists
+  if (existsSync(API_KEY_FILE_PATH)) {
+    try {
+      unlinkSync(API_KEY_FILE_PATH);
+    } catch (error) {
+      // Ignore errors when removing file
+    }
+  }
+};
+export {
+  load_or_generate_api_key,
+  validate_api_key,
+  create_user,
+  get_all_users,
+  get_user,
+  update_user,
+  delete_user,
+  verify_user_password,
+  check_admin_user_exists,
+  initialize_api_key_manager,
+  reset_api_key_state
+};