@knowcode/doc-builder 1.7.4 → 1.7.6

package/lib/supabase-auth.js

@@ -0,0 +1,295 @@
+const { createClient } = require('@supabase/supabase-js');
+
+/**
+ * Supabase Authentication Module for @knowcode/doc-builder
+ * 
+ * This module provides secure authentication functionality using Supabase's
+ * built-in auth system. It replaces the insecure basic auth implementation.
+ */
+
+class SupabaseAuth {
+  constructor(config) {
+    if (!config.supabaseUrl || !config.supabaseAnonKey) {
+      throw new Error('Supabase URL and anonymous key are required for authentication');
+    }
+    
+    this.config = config;
+    this.supabase = createClient(config.supabaseUrl, config.supabaseAnonKey, {
+      auth: {
+        persistSession: true,
+        autoRefreshToken: true,
+        detectSessionInUrl: true
+      }
+    });
+    
+    this.siteId = config.siteId;
+  }
+
+  /**
+   * Generate client-side auth script for inclusion in HTML pages
+   */
+  generateAuthScript() {
+    return `
+/**
+ * Supabase Authentication for Documentation Site
+ * Generated by @knowcode/doc-builder
+ */
+
+(function() {
+    'use strict';
+    
+    // Skip auth check on login and logout pages
+    const currentPage = window.location.pathname;
+    if (currentPage === '/login.html' || currentPage === '/logout.html' || 
+        currentPage.includes('login') || currentPage.includes('logout')) {
+        return;
+    }
+    
+    // Initialize Supabase client
+    const { createClient } = supabase;
+    const supabaseClient = createClient('${this.config.supabaseUrl}', '${this.config.supabaseAnonKey}', {
+        auth: {
+            persistSession: true,
+            autoRefreshToken: true,
+            detectSessionInUrl: true
+        }
+    });
+    
+    // Check authentication and site access
+    async function checkAuth() {
+        try {
+            // Get current user session
+            const { data: { user }, error: userError } = await supabaseClient.auth.getUser();
+            
+            if (userError || !user) {
+                redirectToLogin();
+                return;
+            }
+            
+            // Check if user has access to this site
+            const { data: access, error: accessError } = await supabaseClient
+                .from('docbuilder_access')
+                .select('*')
+                .eq('user_id', user.id)
+                .eq('site_id', '${this.config.siteId}')
+                .single();
+            
+            if (accessError || !access) {
+                showAccessDenied();
+                return;
+            }
+            
+            // User is authenticated and has access
+            console.log('User authenticated and authorized');
+            document.body.classList.add('authenticated');
+            
+        } catch (error) {
+            console.error('Auth check failed:', error);
+            redirectToLogin();
+        }
+    }
+    
+    // Redirect to login page
+    function redirectToLogin() {
+        const currentUrl = window.location.pathname + window.location.search;
+        const loginUrl = '/login.html' + (currentUrl !== '/' ? '?redirect=' + encodeURIComponent(currentUrl) : '');
+        window.location.href = loginUrl;
+    }
+    
+    // Show access denied message
+    function showAccessDenied() {
+        document.body.classList.add('authenticated'); // Show the body
+        document.body.innerHTML = \`
+            <div style="display: flex; justify-content: center; align-items: center; height: 100vh; font-family: Inter, sans-serif;">
+                <div style="text-align: center; max-width: 400px;">
+                    <h1 style="color: #ef4444; margin-bottom: 1rem;">Access Denied</h1>
+                    <p style="color: #6b7280; margin-bottom: 2rem;">You don't have permission to view this documentation site.</p>
+                    <a href="/login.html" style="background: #3b82f6; color: white; padding: 0.75rem 1.5rem; border-radius: 0.5rem; text-decoration: none;">Try Different Account</a>
+                </div>
+            </div>
+        \`;
+    }
+    
+    // Add logout functionality
+    document.addEventListener('DOMContentLoaded', function() {
+        const logoutLinks = document.querySelectorAll('a[href*="logout"]');
+        logoutLinks.forEach(link => {
+            link.addEventListener('click', async function(e) {
+                e.preventDefault();
+                await supabaseClient.auth.signOut();
+                window.location.href = '/logout.html';
+            });
+        });
+    });
+    
+    // Run auth check
+    checkAuth();
+    
+})();
+`;
+  }
+
+  /**
+   * Generate login page HTML
+   */
+  generateLoginPage(config) {
+    const siteName = config.siteName || 'Documentation';
+    
+    return `<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login - ${siteName}</title>
+    <link rel="stylesheet" href="css/notion-style.css">
+    <script src="https://unpkg.com/@supabase/supabase-js@2"></script>
+</head>
+<body class="auth-page">
+    <div class="auth-container">
+        <div class="auth-box">
+            <h1>Login to ${siteName}</h1>
+            <form id="login-form">
+                <div class="form-group">
+                    <label for="email">Email</label>
+                    <input type="email" id="email" name="email" required>
+                </div>
+                <div class="form-group">
+                    <label for="password">Password</label>
+                    <input type="password" id="password" name="password" required>
+                </div>
+                <button type="submit" class="auth-button">Login</button>
+            </form>
+            <div id="error-message" class="error-message"></div>
+            <div class="auth-links">
+                <a href="#" id="forgot-password">Forgot Password?</a>
+            </div>
+        </div>
+    </div>
+    
+    <script>
+        // Initialize Supabase
+        const { createClient } = supabase;
+        const supabaseClient = createClient('${this.config.supabaseUrl}', '${this.config.supabaseAnonKey}');
+        
+        // Handle login form
+        document.getElementById('login-form').addEventListener('submit', async function(e) {
+            e.preventDefault();
+            
+            const email = document.getElementById('email').value;
+            const password = document.getElementById('password').value;
+            const errorDiv = document.getElementById('error-message');
+            
+            try {
+                // Sign in with Supabase
+                const { data, error } = await supabaseClient.auth.signInWithPassword({
+                    email: email,
+                    password: password
+                });
+                
+                if (error) throw error;
+                
+                // Check if user has access to this site
+                const { data: access, error: accessError } = await supabaseClient
+                    .from('docbuilder_access')
+                    .select('*')
+                    .eq('user_id', data.user.id)
+                    .eq('site_id', '${this.config.siteId}')
+                    .single();
+                
+                if (accessError || !access) {
+                    await supabaseClient.auth.signOut();
+                    throw new Error('You do not have access to this documentation site');
+                }
+                
+                // Redirect to requested page
+                const params = new URLSearchParams(window.location.search);
+                const redirect = params.get('redirect') || '/';
+                window.location.href = redirect;
+                
+            } catch (error) {
+                errorDiv.textContent = error.message;
+                errorDiv.style.display = 'block';
+            }
+        });
+        
+        // Handle forgot password
+        document.getElementById('forgot-password').addEventListener('click', async function(e) {
+            e.preventDefault();
+            
+            const email = document.getElementById('email').value;
+            if (!email) {
+                alert('Please enter your email address first');
+                return;
+            }
+            
+            try {
+                const { error } = await supabaseClient.auth.resetPasswordForEmail(email, {
+                    redirectTo: window.location.origin + '/login.html'
+                });
+                
+                if (error) throw error;
+                
+                alert('Password reset email sent! Check your inbox.');
+            } catch (error) {
+                alert('Error sending reset email: ' + error.message);
+            }
+        });
+    </script>
+</body>
+</html>`;
+  }
+
+  /**
+   * Generate logout page HTML
+   */
+  generateLogoutPage(config) {
+    const siteName = config.siteName || 'Documentation';
+    
+    return `<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Logged Out - ${siteName}</title>
+    <link rel="stylesheet" href="css/notion-style.css">
+</head>
+<body class="auth-page">
+    <div class="auth-container">
+        <div class="auth-box">
+            <h1>You have been logged out</h1>
+            <p>Thank you for using ${siteName}.</p>
+            <a href="login.html" class="auth-button">Login Again</a>
+        </div>
+    </div>
+</body>
+</html>`;
+  }
+
+  /**
+   * Validate Supabase configuration
+   */
+  static validateConfig(config) {
+    const errors = [];
+    
+    if (!config.auth.supabaseUrl) {
+      errors.push('auth.supabaseUrl is required');
+    }
+    
+    if (!config.auth.supabaseAnonKey) {
+      errors.push('auth.supabaseAnonKey is required');
+    }
+    
+    if (!config.auth.siteId) {
+      errors.push('auth.siteId is required');
+    }
+    
+    // Validate URL format
+    if (config.auth.supabaseUrl && !config.auth.supabaseUrl.match(/^https:\/\/\w+\.supabase\.co$/)) {
+      errors.push('auth.supabaseUrl must be a valid Supabase URL (https://xxx.supabase.co)');
+    }
+    
+    return errors;
+  }
+}
+
+module.exports = SupabaseAuth;

package/manage-users.sql

@@ -0,0 +1,191 @@
+-- =====================================================
+-- USER MANAGEMENT SQL COMMANDS FOR DOC-BUILDER
+-- =====================================================
+-- Run these in your Supabase SQL Editor
+
+-- =====================================================
+-- 1. VIEW YOUR SITES
+-- =====================================================
+-- See all your documentation sites
+SELECT id, domain, name, created_at 
+FROM docbuilder_sites
+ORDER BY created_at DESC;
+
+-- =====================================================
+-- 2. VIEW EXISTING USERS
+-- =====================================================
+-- See all users in your Supabase project
+SELECT id, email, created_at, last_sign_in_at
+FROM auth.users
+ORDER BY created_at DESC;
+
+-- =====================================================
+-- 3. VIEW WHO HAS ACCESS TO A SPECIFIC SITE
+-- =====================================================
+-- Replace 'your-site-id' with actual site ID
+SELECT 
+    u.email,
+    u.id as user_id,
+    u.created_at as user_since,
+    da.created_at as access_granted,
+    ds.name as site_name,
+    ds.domain
+FROM docbuilder_access da
+JOIN auth.users u ON u.id = da.user_id
+JOIN docbuilder_sites ds ON ds.id = da.site_id
+WHERE da.site_id = 'your-site-id'
+ORDER BY da.created_at DESC;
+
+-- =====================================================
+-- 4. ADD A SINGLE USER TO A SITE
+-- =====================================================
+-- First, create user in Supabase Dashboard (Authentication > Users > Invite)
+-- Then grant access:
+INSERT INTO docbuilder_access (user_id, site_id)
+VALUES (
+    (SELECT id FROM auth.users WHERE email = 'user@example.com'),
+    'your-site-id'
+);
+
+-- =====================================================
+-- 5. ADD MULTIPLE USERS TO A SITE
+-- =====================================================
+-- Add a list of users all at once
+WITH users_to_add AS (
+    SELECT email FROM (VALUES 
+        ('user1@example.com'),
+        ('user2@example.com'),
+        ('user3@example.com'),
+        ('user4@example.com')
+    ) AS t(email)
+)
+INSERT INTO docbuilder_access (user_id, site_id)
+SELECT u.id, 'your-site-id'
+FROM auth.users u
+JOIN users_to_add ua ON u.email = ua.email
+WHERE NOT EXISTS (
+    -- Prevent duplicate entries
+    SELECT 1 FROM docbuilder_access 
+    WHERE user_id = u.id AND site_id = 'your-site-id'
+);
+
+-- =====================================================
+-- 6. GRANT USER ACCESS TO MULTIPLE SITES
+-- =====================================================
+-- Give one user access to several sites
+WITH sites_to_grant AS (
+    SELECT id FROM docbuilder_sites 
+    WHERE domain IN ('site1.com', 'site2.com', 'site3.com')
+)
+INSERT INTO docbuilder_access (user_id, site_id)
+SELECT 
+    (SELECT id FROM auth.users WHERE email = 'user@example.com'),
+    s.id
+FROM sites_to_grant s
+WHERE NOT EXISTS (
+    SELECT 1 FROM docbuilder_access 
+    WHERE user_id = (SELECT id FROM auth.users WHERE email = 'user@example.com')
+    AND site_id = s.id
+);
+
+-- =====================================================
+-- 7. REMOVE USER ACCESS FROM A SITE
+-- =====================================================
+-- Remove specific user from specific site
+DELETE FROM docbuilder_access
+WHERE user_id = (SELECT id FROM auth.users WHERE email = 'user@example.com')
+AND site_id = 'your-site-id';
+
+-- =====================================================
+-- 8. REMOVE USER FROM ALL SITES
+-- =====================================================
+-- Completely remove user's access to all documentation
+DELETE FROM docbuilder_access
+WHERE user_id = (SELECT id FROM auth.users WHERE email = 'user@example.com');
+
+-- =====================================================
+-- 9. BULK REMOVE USERS
+-- =====================================================
+-- Remove multiple users from a site
+WITH users_to_remove AS (
+    SELECT email FROM (VALUES 
+        ('olduser1@example.com'),
+        ('olduser2@example.com')
+    ) AS t(email)
+)
+DELETE FROM docbuilder_access
+WHERE site_id = 'your-site-id'
+AND user_id IN (
+    SELECT u.id FROM auth.users u
+    JOIN users_to_remove ur ON u.email = ur.email
+);
+
+-- =====================================================
+-- 10. VIEW ACCESS SUMMARY
+-- =====================================================
+-- See how many users each site has
+SELECT 
+    ds.name as site_name,
+    ds.domain,
+    ds.id as site_id,
+    COUNT(da.user_id) as user_count,
+    MAX(da.created_at) as last_access_granted
+FROM docbuilder_sites ds
+LEFT JOIN docbuilder_access da ON ds.id = da.site_id
+GROUP BY ds.id, ds.name, ds.domain
+ORDER BY user_count DESC;
+
+-- =====================================================
+-- 11. FIND USERS WITHOUT ACCESS TO ANY SITE
+-- =====================================================
+-- Useful for cleanup
+SELECT u.email, u.created_at, u.last_sign_in_at
+FROM auth.users u
+WHERE NOT EXISTS (
+    SELECT 1 FROM docbuilder_access da 
+    WHERE da.user_id = u.id
+)
+ORDER BY u.created_at DESC;
+
+-- =====================================================
+-- 12. AUDIT LOG - RECENT ACCESS GRANTS
+-- =====================================================
+-- See who was granted access recently
+SELECT 
+    u.email,
+    ds.name as site_name,
+    ds.domain,
+    da.created_at as access_granted
+FROM docbuilder_access da
+JOIN auth.users u ON u.id = da.user_id
+JOIN docbuilder_sites ds ON ds.id = da.site_id
+WHERE da.created_at > NOW() - INTERVAL '30 days'
+ORDER BY da.created_at DESC;
+
+-- =====================================================
+-- 13. COPY ACCESS FROM ONE USER TO ANOTHER
+-- =====================================================
+-- Useful when replacing team members
+INSERT INTO docbuilder_access (user_id, site_id)
+SELECT 
+    (SELECT id FROM auth.users WHERE email = 'newuser@example.com'),
+    da.site_id
+FROM docbuilder_access da
+WHERE da.user_id = (SELECT id FROM auth.users WHERE email = 'olduser@example.com');
+
+-- =====================================================
+-- COMMON SITE IDs FOR REFERENCE
+-- =====================================================
+-- Your test site: 4d8a53bf-dcdd-48c0-98e0-cd1451518735
+-- Add more site IDs here as you create them:
+-- Production site: xxx
+-- Staging site: xxx
+
+-- =====================================================
+-- TIPS
+-- =====================================================
+-- 1. Always check if users exist before granting access
+-- 2. Use the Supabase Dashboard to invite new users first
+-- 3. Run SELECT queries before DELETE to verify
+-- 4. Keep this file updated with your site IDs
+-- 5. Consider creating views for common queries

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@knowcode/doc-builder",
-  "version": "1.7.4",
+  "version": "1.7.6",
   "description": "Reusable documentation builder for markdown-based sites with Vercel deployment support",
   "main": "index.js",
   "bin": {
@@ -32,6 +32,7 @@
   "homepage": "https://github.com/wapdat/doc-builder#readme",
   "dependencies": {
     "@knowcode/doc-builder": "^1.4.21",
+    "@supabase/supabase-js": "^2.39.0",
     "chalk": "^4.1.2",
     "commander": "^11.0.0",
     "fs-extra": "^11.2.0",

package/public-config.js

@@ -0,0 +1,22 @@
+module.exports = {
+  siteName: '✨ Test Documentation',
+  siteDescription: 'Public documentation site',
+  favicon: '✨',
+  footer: {
+    copyright: 'Test Documentation',
+    links: []
+  },
+  docsDir: 'test-docs',
+  outputDir: 'public-html',
+  // No authentication configured - this is a public site
+  features: {
+    authentication: false,
+    darkMode: true,
+    mermaid: true,
+    changelog: false,
+    normalizeTitle: true,
+    showPdfDownload: true,
+    menuDefaultOpen: true,
+    phosphorIcons: true
+  }
+};

package/public-html/404.html

@@ -0,0 +1,115 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Page Not Found - Redirecting...</title>
+    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
+    <style>
+        body {
+            font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
+            margin: 0;
+            padding: 0;
+            display: flex;
+            align-items: center;
+            justify-content: center;
+            min-height: 100vh;
+            background-color: #f7f7f5;
+            color: #37352f;
+        }
+        .container {
+            text-align: center;
+            padding: 2rem;
+            max-width: 600px;
+        }
+        h1 {
+            font-size: 3rem;
+            margin: 0 0 1rem 0;
+            color: #37352f;
+        }
+        p {
+            font-size: 1.125rem;
+            line-height: 1.6;
+            color: #6b6b6b;
+            margin: 0 0 2rem 0;
+        }
+        a {
+            color: #0366d6;
+            text-decoration: none;
+        }
+        a:hover {
+            text-decoration: underline;
+        }
+        .emoji {
+            font-size: 4rem;
+            margin-bottom: 1rem;
+        }
+        .loading {
+            display: none;
+            color: #0366d6;
+            margin-top: 1rem;
+        }
+        .redirect-message {
+            display: none;
+            background-color: #e8f4fd;
+            border: 1px solid #c3e0f7;
+            padding: 1rem;
+            border-radius: 8px;
+            margin-top: 1rem;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <div class="emoji">🔍</div>
+        <h1>404</h1>
+        <p id="message">The page you're looking for doesn't exist.</p>
+        <div id="redirect-message" class="redirect-message">
+            Redirecting to the correct page...
+        </div>
+        <p id="loading" class="loading">Redirecting...</p>
+        <p>
+            <a href="/" id="home-link">Go to Home</a>
+        </p>
+    </div>
+
+    <script>
+        // Check if the URL ends with .md
+        const pathname = window.location.pathname;
+        
+        if (pathname.endsWith('.md')) {
+            // Convert .md to .html
+            const htmlPath = pathname.replace(/\.md$/, '.html');
+            
+            // Show redirect message
+            document.getElementById('message').textContent = 'Found a markdown link. Redirecting to the HTML version...';
+            document.getElementById('redirect-message').style.display = 'block';
+            document.getElementById('loading').style.display = 'block';
+            
+            // Redirect after a brief delay to show the message
+            setTimeout(() => {
+                window.location.replace(htmlPath);
+            }, 500);
+        } else {
+            // For true 404s, show the standard message
+            document.getElementById('message').textContent = "The page you're looking for doesn't exist.";
+            
+            // Also check if we can suggest a similar page
+            // Remove common suffixes and try to find a match
+            const basePath = pathname
+                .replace(/\.(html|htm|php|asp|aspx)$/, '')
+                .replace(/\/$/, '');
+            
+            if (basePath && basePath !== pathname) {
+                document.getElementById('message').innerHTML = 
+                    `The page you're looking for doesn't exist.<br>
+                     <small>Did you mean <a href="${basePath}.html">${basePath}.html</a>?</small>`;
+            }
+        }
+        
+        // Update home link to use the correct base URL
+        const baseUrl = window.location.origin;
+        document.getElementById('home-link').href = baseUrl;
+    </script>
+</body>
+</html>