@knowcode/doc-builder 1.7.4 → 1.7.5

package/lib/config.js

@@ -19,7 +19,7 @@ const defaultConfig = {
   
   // Features
   features: {
-    authentication: false,
+    authentication: false,  // false (no auth) or 'supabase' (secure auth)
     changelog: true,
     mermaid: true,
     tooltips: true,
@@ -33,10 +33,11 @@ const defaultConfig = {
     menuDefaultOpen: true      // Menu/sidebar open by default
   },
   
-  // Authentication (if enabled)
+  // Authentication - Supabase only (basic auth removed for security)
   auth: {
-    username: 'admin',
-    password: 'password'
+    supabaseUrl: '',
+    supabaseAnonKey: '',
+    siteId: ''
   },
   
   // Changelog settings
@@ -90,7 +91,7 @@ const notionInspiredPreset = {
   siteDescription: 'Transforming complex sales through intelligent automation',
   
   features: {
-    authentication: true,
+    authentication: false,  // Default to no auth - can be enabled with 'supabase'
     changelog: true,
     mermaid: true,
     tooltips: true,
@@ -105,8 +106,9 @@ const notionInspiredPreset = {
   },
   
   auth: {
-    username: 'admin',
-    password: 'docs2025'
+    supabaseUrl: process.env.SUPABASE_URL || '',
+    supabaseAnonKey: process.env.SUPABASE_ANON_KEY || '',
+    siteId: process.env.DOC_SITE_ID || ''
   },
   
   changelog: {
@@ -307,32 +309,15 @@ async function createDefaultConfig() {
     {
       type: 'confirm',
       name: 'authentication',
-      message: 'Enable authentication?',
+      message: 'Enable Supabase authentication?',
       initial: false
-    },
-    {
-      type: prev => prev ? 'text' : null,
-      name: 'authUsername',
-      message: 'Authentication username:',
-      initial: 'admin'
-    },
-    {
-      type: prev => prev ? 'password' : null,
-      name: 'authPassword',
-      message: 'Authentication password:',
-      initial: 'password'
     }
   ]);
   
   const config = { ...defaultConfig };
   config.siteName = answers.siteName;
   config.siteDescription = answers.siteDescription;
-  config.features.authentication = answers.authentication;
-  
-  if (answers.authentication) {
-    config.auth.username = answers.authUsername;
-    config.auth.password = answers.authPassword;
-  }
+  config.features.authentication = answers.authentication ? 'supabase' : false;
   
   return config;
 }

package/lib/core-builder.js

@@ -3,6 +3,7 @@ const path = require('path');
 const marked = require('marked');
 const chalk = require('chalk');
 const matter = require('gray-matter');
+const SupabaseAuth = require('./supabase-auth');
 const { 
   generateMetaTags, 
   generateJSONLD, 
@@ -344,6 +345,26 @@ ${seoTags}
     <!-- Styles -->
     <link rel="stylesheet" href="/css/notion-style.css">
     
+    ${config.features?.authentication === 'supabase' ? `
+    <!-- Hide content until auth check -->
+    <style>
+      body { 
+        visibility: hidden; 
+        opacity: 0; 
+        transition: opacity 0.3s ease;
+      }
+      body.authenticated { 
+        visibility: visible; 
+        opacity: 1; 
+      }
+      /* Show login/logout pages immediately */
+      body.auth-page {
+        visibility: visible;
+        opacity: 1;
+      }
+    </style>
+    ` : ''}
+    
     <!-- Favicon -->
     ${generateFaviconTag(config.favicon || '✨')}
     
@@ -367,7 +388,7 @@ ${seoTags}
                     })} UTC</span>
                 </div>
                 
-                ${config.features?.authentication ? `
+                ${config.features?.authentication === 'supabase' ? `
                 <a href="${relativePath}logout.html" class="logout-btn" title="Logout">
                     <i class="fas fa-sign-out-alt"></i>
                 </a>
@@ -435,7 +456,8 @@ ${seoTags}
     };
     </script>
     <script src="/js/main.js"></script>
-    ${config.features?.authentication ? `<script src="/js/auth.js"></script>` : ''}
+    ${config.features?.authentication === 'supabase' ? `<script src="https://unpkg.com/@supabase/supabase-js@2"></script>
+    <script src="/js/auth.js"></script>` : ''}
 </body>
 </html>`;
 }
@@ -778,21 +800,12 @@ async function buildDocumentation(config) {
   if (fs.existsSync(jsSource)) {
     await fs.copy(jsSource, path.join(outputDir, 'js'), { overwrite: true });
     
-    // Copy auth.js to root if authentication is enabled
-    if (config.features?.authentication) {
-      const authSource = path.join(jsSource, 'auth.js');
-      const authDest = path.join(outputDir, 'auth.js');
-      if (fs.existsSync(authSource)) {
-        await fs.copy(authSource, authDest, { overwrite: true });
-      }
+    // Generate Supabase auth script if authentication is enabled
+    if (config.features?.authentication === 'supabase') {
+      await generateSupabaseAuthFiles(outputDir, config);
     }
   }
   
-  // Create auth pages if needed
-  if (config.features?.authentication) {
-    await createAuthPages(outputDir, config);
-  }
-  
   // Copy 404.html for handling .md redirects
   const notFoundSource = path.join(assetsDir, '404.html');
   if (fs.existsSync(notFoundSource)) {
@@ -928,7 +941,7 @@ async function buildDocumentation(config) {
     // Generate robots.txt if enabled
     if (config.seo.generateRobotsTxt) {
       await generateRobotsTxt(config.seo.siteUrl, outputDir, {
-        hasAuthentication: config.features?.authentication
+        hasAuthentication: config.features?.authentication === 'supabase'
       });
     }
   }
@@ -1047,82 +1060,33 @@ For help with @knowcode/doc-builder:
   }
 }
 
-// Create login/logout pages
-async function createAuthPages(outputDir, config) {
-  // Login page
-  const loginHTML = `<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Login - ${config.siteName}</title>
-    <link rel="stylesheet" href="css/notion-style.css">
-</head>
-<body>
-    <div class="auth-container">
-        <div class="auth-box">
-            <h1>Login to ${config.siteName}</h1>
-            <form id="login-form">
-                <div class="form-group">
-                    <label for="username">Username</label>
-                    <input type="text" id="username" name="username" required>
-                </div>
-                <div class="form-group">
-                    <label for="password">Password</label>
-                    <input type="password" id="password" name="password" required>
-                </div>
-                <button type="submit" class="auth-button">Login</button>
-            </form>
-            <div id="error-message" class="error-message"></div>
-        </div>
-    </div>
-    <script>
-        document.getElementById('login-form').addEventListener('submit', function(e) {
-            e.preventDefault();
-            const username = document.getElementById('username').value;
-            const password = document.getElementById('password').value;
-            
-            // Validate credentials
-            if (username === '${config.auth.username}' && password === '${config.auth.password}') {
-                // Set auth cookie
-                const token = btoa(username + ':' + password);
-                document.cookie = 'doc-auth=' + token + '; path=/';
-                
-                // Redirect
-                const params = new URLSearchParams(window.location.search);
-                const redirect = params.get('redirect') || '/';
-                window.location.href = redirect;
-            } else {
-                document.getElementById('error-message').textContent = 'Invalid username or password';
-            }
-        });
-    </script>
-</body>
-</html>`;
+// Generate all Supabase authentication files
+async function generateSupabaseAuthFiles(outputDir, config) {
+  // Validate Supabase configuration
+  const validationErrors = SupabaseAuth.validateConfig(config);
+  if (validationErrors.length > 0) {
+    throw new Error(`Supabase authentication configuration errors:\n${validationErrors.join('\n')}`);
+  }
 
-  await fs.writeFile(path.join(outputDir, 'login.html'), loginHTML);
+  // Create Supabase auth instance
+  const supabaseAuth = new SupabaseAuth(config.auth);
 
-  // Logout page
-  const logoutHTML = `<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Logged Out - ${config.siteName}</title>
-    <link rel="stylesheet" href="css/notion-style.css">
-</head>
-<body>
-    <div class="auth-container">
-        <div class="auth-box">
-            <h1>You have been logged out</h1>
-            <p>Thank you for using ${config.siteName}.</p>
-            <a href="login.html" class="auth-button">Login Again</a>
-        </div>
-    </div>
-</body>
-</html>`;
+  // Generate auth script and save to js/auth.js
+  const authScript = supabaseAuth.generateAuthScript();
+  await fs.writeFile(path.join(outputDir, 'js', 'auth.js'), authScript);
+
+  // Also copy to root for backward compatibility
+  await fs.writeFile(path.join(outputDir, 'auth.js'), authScript);
 
+  // Generate and write login page
+  const loginHTML = supabaseAuth.generateLoginPage(config);
+  await fs.writeFile(path.join(outputDir, 'login.html'), loginHTML);
+
+  // Generate and write logout page
+  const logoutHTML = supabaseAuth.generateLogoutPage(config);
   await fs.writeFile(path.join(outputDir, 'logout.html'), logoutHTML);
+
+  console.log(chalk.green('✓ Generated Supabase authentication files'));
 }
 
 // Create default index page when no documentation exists

package/lib/supabase-auth.js

@@ -0,0 +1,295 @@
+const { createClient } = require('@supabase/supabase-js');
+
+/**
+ * Supabase Authentication Module for @knowcode/doc-builder
+ * 
+ * This module provides secure authentication functionality using Supabase's
+ * built-in auth system. It replaces the insecure basic auth implementation.
+ */
+
+class SupabaseAuth {
+  constructor(config) {
+    if (!config.supabaseUrl || !config.supabaseAnonKey) {
+      throw new Error('Supabase URL and anonymous key are required for authentication');
+    }
+    
+    this.config = config;
+    this.supabase = createClient(config.supabaseUrl, config.supabaseAnonKey, {
+      auth: {
+        persistSession: true,
+        autoRefreshToken: true,
+        detectSessionInUrl: true
+      }
+    });
+    
+    this.siteId = config.siteId;
+  }
+
+  /**
+   * Generate client-side auth script for inclusion in HTML pages
+   */
+  generateAuthScript() {
+    return `
+/**
+ * Supabase Authentication for Documentation Site
+ * Generated by @knowcode/doc-builder
+ */
+
+(function() {
+    'use strict';
+    
+    // Skip auth check on login and logout pages
+    const currentPage = window.location.pathname;
+    if (currentPage === '/login.html' || currentPage === '/logout.html' || 
+        currentPage.includes('login') || currentPage.includes('logout')) {
+        return;
+    }
+    
+    // Initialize Supabase client
+    const { createClient } = supabase;
+    const supabaseClient = createClient('${this.config.supabaseUrl}', '${this.config.supabaseAnonKey}', {
+        auth: {
+            persistSession: true,
+            autoRefreshToken: true,
+            detectSessionInUrl: true
+        }
+    });
+    
+    // Check authentication and site access
+    async function checkAuth() {
+        try {
+            // Get current user session
+            const { data: { user }, error: userError } = await supabaseClient.auth.getUser();
+            
+            if (userError || !user) {
+                redirectToLogin();
+                return;
+            }
+            
+            // Check if user has access to this site
+            const { data: access, error: accessError } = await supabaseClient
+                .from('docbuilder_access')
+                .select('*')
+                .eq('user_id', user.id)
+                .eq('site_id', '${this.config.siteId}')
+                .single();
+            
+            if (accessError || !access) {
+                showAccessDenied();
+                return;
+            }
+            
+            // User is authenticated and has access
+            console.log('User authenticated and authorized');
+            document.body.classList.add('authenticated');
+            
+        } catch (error) {
+            console.error('Auth check failed:', error);
+            redirectToLogin();
+        }
+    }
+    
+    // Redirect to login page
+    function redirectToLogin() {
+        const currentUrl = window.location.pathname + window.location.search;
+        const loginUrl = '/login.html' + (currentUrl !== '/' ? '?redirect=' + encodeURIComponent(currentUrl) : '');
+        window.location.href = loginUrl;
+    }
+    
+    // Show access denied message
+    function showAccessDenied() {
+        document.body.classList.add('authenticated'); // Show the body
+        document.body.innerHTML = \`
+            <div style="display: flex; justify-content: center; align-items: center; height: 100vh; font-family: Inter, sans-serif;">
+                <div style="text-align: center; max-width: 400px;">
+                    <h1 style="color: #ef4444; margin-bottom: 1rem;">Access Denied</h1>
+                    <p style="color: #6b7280; margin-bottom: 2rem;">You don't have permission to view this documentation site.</p>
+                    <a href="/login.html" style="background: #3b82f6; color: white; padding: 0.75rem 1.5rem; border-radius: 0.5rem; text-decoration: none;">Try Different Account</a>
+                </div>
+            </div>
+        \`;
+    }
+    
+    // Add logout functionality
+    document.addEventListener('DOMContentLoaded', function() {
+        const logoutLinks = document.querySelectorAll('a[href*="logout"]');
+        logoutLinks.forEach(link => {
+            link.addEventListener('click', async function(e) {
+                e.preventDefault();
+                await supabaseClient.auth.signOut();
+                window.location.href = '/logout.html';
+            });
+        });
+    });
+    
+    // Run auth check
+    checkAuth();
+    
+})();
+`;
+  }
+
+  /**
+   * Generate login page HTML
+   */
+  generateLoginPage(config) {
+    const siteName = config.siteName || 'Documentation';
+    
+    return `<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login - ${siteName}</title>
+    <link rel="stylesheet" href="css/notion-style.css">
+    <script src="https://unpkg.com/@supabase/supabase-js@2"></script>
+</head>
+<body class="auth-page">
+    <div class="auth-container">
+        <div class="auth-box">
+            <h1>Login to ${siteName}</h1>
+            <form id="login-form">
+                <div class="form-group">
+                    <label for="email">Email</label>
+                    <input type="email" id="email" name="email" required>
+                </div>
+                <div class="form-group">
+                    <label for="password">Password</label>
+                    <input type="password" id="password" name="password" required>
+                </div>
+                <button type="submit" class="auth-button">Login</button>
+            </form>
+            <div id="error-message" class="error-message"></div>
+            <div class="auth-links">
+                <a href="#" id="forgot-password">Forgot Password?</a>
+            </div>
+        </div>
+    </div>
+    
+    <script>
+        // Initialize Supabase
+        const { createClient } = supabase;
+        const supabaseClient = createClient('${this.config.supabaseUrl}', '${this.config.supabaseAnonKey}');
+        
+        // Handle login form
+        document.getElementById('login-form').addEventListener('submit', async function(e) {
+            e.preventDefault();
+            
+            const email = document.getElementById('email').value;
+            const password = document.getElementById('password').value;
+            const errorDiv = document.getElementById('error-message');
+            
+            try {
+                // Sign in with Supabase
+                const { data, error } = await supabaseClient.auth.signInWithPassword({
+                    email: email,
+                    password: password
+                });
+                
+                if (error) throw error;
+                
+                // Check if user has access to this site
+                const { data: access, error: accessError } = await supabaseClient
+                    .from('docbuilder_access')
+                    .select('*')
+                    .eq('user_id', data.user.id)
+                    .eq('site_id', '${this.config.siteId}')
+                    .single();
+                
+                if (accessError || !access) {
+                    await supabaseClient.auth.signOut();
+                    throw new Error('You do not have access to this documentation site');
+                }
+                
+                // Redirect to requested page
+                const params = new URLSearchParams(window.location.search);
+                const redirect = params.get('redirect') || '/';
+                window.location.href = redirect;
+                
+            } catch (error) {
+                errorDiv.textContent = error.message;
+                errorDiv.style.display = 'block';
+            }
+        });
+        
+        // Handle forgot password
+        document.getElementById('forgot-password').addEventListener('click', async function(e) {
+            e.preventDefault();
+            
+            const email = document.getElementById('email').value;
+            if (!email) {
+                alert('Please enter your email address first');
+                return;
+            }
+            
+            try {
+                const { error } = await supabaseClient.auth.resetPasswordForEmail(email, {
+                    redirectTo: window.location.origin + '/login.html'
+                });
+                
+                if (error) throw error;
+                
+                alert('Password reset email sent! Check your inbox.');
+            } catch (error) {
+                alert('Error sending reset email: ' + error.message);
+            }
+        });
+    </script>
+</body>
+</html>`;
+  }
+
+  /**
+   * Generate logout page HTML
+   */
+  generateLogoutPage(config) {
+    const siteName = config.siteName || 'Documentation';
+    
+    return `<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Logged Out - ${siteName}</title>
+    <link rel="stylesheet" href="css/notion-style.css">
+</head>
+<body class="auth-page">
+    <div class="auth-container">
+        <div class="auth-box">
+            <h1>You have been logged out</h1>
+            <p>Thank you for using ${siteName}.</p>
+            <a href="login.html" class="auth-button">Login Again</a>
+        </div>
+    </div>
+</body>
+</html>`;
+  }
+
+  /**
+   * Validate Supabase configuration
+   */
+  static validateConfig(config) {
+    const errors = [];
+    
+    if (!config.auth.supabaseUrl) {
+      errors.push('auth.supabaseUrl is required');
+    }
+    
+    if (!config.auth.supabaseAnonKey) {
+      errors.push('auth.supabaseAnonKey is required');
+    }
+    
+    if (!config.auth.siteId) {
+      errors.push('auth.siteId is required');
+    }
+    
+    // Validate URL format
+    if (config.auth.supabaseUrl && !config.auth.supabaseUrl.match(/^https:\/\/\w+\.supabase\.co$/)) {
+      errors.push('auth.supabaseUrl must be a valid Supabase URL (https://xxx.supabase.co)');
+    }
+    
+    return errors;
+  }
+}
+
+module.exports = SupabaseAuth;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@knowcode/doc-builder",
-  "version": "1.7.4",
+  "version": "1.7.5",
   "description": "Reusable documentation builder for markdown-based sites with Vercel deployment support",
   "main": "index.js",
   "bin": {
@@ -32,6 +32,7 @@
   "homepage": "https://github.com/wapdat/doc-builder#readme",
   "dependencies": {
     "@knowcode/doc-builder": "^1.4.21",
+    "@supabase/supabase-js": "^2.39.0",
     "chalk": "^4.1.2",
     "commander": "^11.0.0",
     "fs-extra": "^11.2.0",

package/public-config.js

@@ -0,0 +1,22 @@
+module.exports = {
+  siteName: '✨ Test Documentation',
+  siteDescription: 'Public documentation site',
+  favicon: '✨',
+  footer: {
+    copyright: 'Test Documentation',
+    links: []
+  },
+  docsDir: 'test-docs',
+  outputDir: 'public-html',
+  // No authentication configured - this is a public site
+  features: {
+    authentication: false,
+    darkMode: true,
+    mermaid: true,
+    changelog: false,
+    normalizeTitle: true,
+    showPdfDownload: true,
+    menuDefaultOpen: true,
+    phosphorIcons: true
+  }
+};