@knowcode/doc-builder 1.7.5 → 1.8.0

package/html/vercel-first-time-setup-guide.html

@@ -65,8 +65,8 @@
     "name": "Knowcode Ltd",
     "url": "https://knowcode.tech"
   },
-  "datePublished": "2025-07-25T13:01:14.243Z",
-  "dateModified": "2025-07-25T13:01:14.243Z",
+  "datePublished": "2025-07-26T09:59:23.016Z",
+  "dateModified": "2025-07-26T09:59:23.016Z",
   "mainEntityOfPage": {
     "@type": "WebPage",
     "@id": "https://doc-builder-delta.vercel.app/vercel-first-time-setup-guide.html"
@@ -99,7 +99,7 @@
             
             <div class="header-actions">
                 <div class="deployment-info">
-                    <span class="deployment-date" title="Built with doc-builder v1.7.5">Last updated: Jul 25, 2025, 01:01 PM UTC</span>
+                    <span class="deployment-date" title="Built with doc-builder v1.8.0">Last updated: Jul 26, 2025, 09:59 AM UTC</span>
                 </div>
                 
                 
@@ -158,31 +158,17 @@
         </a>
         <div class="nav-content collapsed" id="nav-guides-1">
         <a href="/guides/authentication-default-change.html" class="nav-item" data-tooltip="Starting from version 1.7.4, @knowcode/doc-builder now defaults to no authentication for all documentation sites."><i class="fas fa-file-alt"></i> Authentication Default Change</a>
-        <a href="/guides/authentication-guide.html" class="nav-item" data-tooltip="🚨 This authentication method has been REMOVED in version 2.0.0 due to serious security flaws."><i class="fas fa-file-alt"></i> Authentication Guide</a>
-        <a href="/guides/cache-control-anti-pattern.html" class="nav-item" data-tooltip="Cache Control Anti-Pattern: Why Aggressive Cache-Busting is Bad for Documentation Sites."><i class="fas fa-file-alt"></i> Cache Control Anti Pattern</a>
+        <a href="/guides/authentication-guide.html" class="nav-item" data-tooltip="@knowcode/doc-builder supports enterprise-grade authentication through Supabase - a secure, scalable authentication platform."><i class="fas fa-file-alt"></i> Authentication Guide</a>
         <a href="/guides/claude-workflow-guide.html" class="nav-item" data-tooltip="This guide demonstrates an efficient workflow for using Claude Code with a refined CLAUDE.md file to create high-quality documentation and deploy it..."><i class="fas fa-file-alt"></i> Claude Workflow Guide</a>
         <a href="/guides/documentation-standards.html" class="nav-item" data-tooltip="This document defines the documentation standards and conventions for the @knowcode/doc-builder project."><i class="fas fa-file-alt"></i> Documentation Standards</a>
-        <a href="/guides/next-steps-walkthrough.html" class="nav-item" data-tooltip="Now that we&#039;ve implemented Supabase authentication, let&#039;s walk through testing the implementation and preparing for deployment."><i class="fas fa-file-alt"></i> Next Steps Walkthrough</a>
         <a href="/guides/phosphor-icons-guide.html" class="nav-item" data-tooltip="@knowcode/doc-builder automatically converts Unicode emojis in your markdown files to beautiful Phosphor icons in the generated HTML."><i class="fas fa-file-alt"></i> Phosphor Icons Guide</a>
+        <a href="/guides/private-directory-authentication.html" class="nav-item" data-tooltip="The @knowcode/doc-builder now includes automatic authentication for documents placed in a directory."><i class="fas fa-file-alt"></i> Private Directory Authentication</a>
         <a href="/guides/public-site-deployment.html" class="nav-item" data-tooltip="The @knowcode/doc-builder now supports deploying public documentation sites without authentication."><i class="fas fa-file-alt"></i> Public Site Deployment</a>
         <a href="/guides/search-engine-verification-guide.html" class="nav-item" data-tooltip="Search engine verification provides access to powerful webmaster tools:."><i class="fas fa-file-alt"></i> Search Engine Verification Guide</a>
         <a href="/guides/seo-guide.html" class="nav-item" data-tooltip="@knowcode/doc-builder includes comprehensive SEO (Search Engine Optimization) features to help your documentation rank better in search results and..."><i class="fas fa-file-alt"></i> Seo Guide</a>
         <a href="/guides/seo-optimization-guide.html" class="nav-item" data-tooltip="@knowcode/doc-builder includes comprehensive SEO (Search Engine Optimization) features that automatically optimize your documentation for search..."><i class="fas fa-file-alt"></i> Seo Optimization Guide</a>
-        <a href="/guides/supabase-auth-implementation-plan.html" class="nav-item" data-tooltip="Supabase Auth Implementation Plan for @knowcode/doc-builder."><i class="fas fa-file-alt"></i> Supabase Auth Implementation Plan</a>
-        <a href="/guides/supabase-auth-integration-plan.html" class="nav-item" data-tooltip="Supabase Authentication Integration Plan for @knowcode/doc-builder."><i class="fas fa-file-alt"></i> Supabase Auth Integration Plan</a>
-        <a href="/guides/supabase-auth-setup-guide.html" class="nav-item" data-tooltip="@knowcode/doc-builder now supports enterprise-grade authentication through Supabase, replacing the previous insecure basic authentication."><i class="fas fa-file-alt"></i> Supabase Auth Setup Guide</a>
         <a href="/guides/troubleshooting-guide.html" class="nav-item" data-tooltip="This guide helps you resolve common issues when using @knowcode/doc-builder."><i class="fas fa-file-alt"></i> Troubleshooting Guide</a>
-        <a href="/guides/vercel-deployment-auth-setup.html" class="nav-item" data-tooltip="Vercel Deployment Authentication Setup Guide."><i class="fas fa-file-alt"></i> Vercel Deployment Auth Setup</a>
         <a href="/guides/windows-setup-guide.html" class="nav-item" data-tooltip="This guide helps Windows users set up the complete AI-powered documentation workflow using Claude Code, @knowcode/doc-builder, and Vercel."><i class="fas fa-file-alt"></i> Windows Setup Guide</a></div></div>
-      <div class="nav-section" data-level="1">
-        <a class="nav-title collapsible" href="/launch/README.html" data-target="nav-launch-1" >
-          <i class="fas fa-chevron-right collapse-icon"></i><i class="fas fa-folder"></i> Launch
-        </a>
-        <div class="nav-content collapsed" id="nav-launch-1">
-        <a href="/launch/README.html" class="nav-item" data-tooltip="This directory contains all documentation related to the commercial launch of @knowcode/doc-builder, including go-to-market strategy, platform..."><i class="fas fa-file-alt"></i> Launch Overview</a>
-        <a href="/launch/bubble-plugin-specification.html" class="nav-item" data-tooltip="This document outlines the technical specification for creating a Bubble.io plugin that integrates @knowcode/doc-builder, enabling Bubble developers..."><i class="fas fa-file-alt"></i> Bubble Plugin Specification</a>
-        <a href="/launch/go-to-market-strategy.html" class="nav-item" data-tooltip="Go-to-Market Strategy &amp; Product Launch Plan."><i class="fas fa-file-alt"></i> Go To Market Strategy</a>
-        <a href="/launch/launch-announcements.html" class="nav-item" data-tooltip="This document contains ready-to-use announcement templates for launching @knowcode/doc-builder across various platforms and channels."><i class="fas fa-file-alt"></i> Launch Announcements</a></div></div>
             </nav>
             <div class="resize-handle"></div>
         </aside>

package/lib/config.js

@@ -30,7 +30,8 @@ const defaultConfig = {
     phosphorSize: '1.2em',     // Relative to text size
     normalizeTitle: true,      // Auto-normalize all-caps titles to title case
     showPdfDownload: true,     // Show PDF download icon in header
-    menuDefaultOpen: true      // Menu/sidebar open by default
+    menuDefaultOpen: true,     // Menu/sidebar open by default
+    attachments: true          // Copy attachments (Excel, PDF, etc.) to output
   },
   
   // Authentication - Supabase only (basic auth removed for security)
@@ -78,7 +79,21 @@ const defaultConfig = {
     generateSitemap: true,
     generateRobotsTxt: true,
     customMetaTags: []
-  }
+  },
+  
+  // Attachment file types to copy
+  attachmentTypes: [
+    // Documents
+    '.pdf', '.doc', '.docx', '.xls', '.xlsx', '.csv', '.ppt', '.pptx', '.txt', '.rtf',
+    // Archives
+    '.zip', '.tar', '.gz', '.7z', '.rar',
+    // Images
+    '.png', '.jpg', '.jpeg', '.gif', '.svg', '.webp', '.ico', '.bmp',
+    // Data files
+    '.json', '.xml', '.yaml', '.yml', '.toml',
+    // Other
+    '.mp4', '.mp3', '.wav', '.avi', '.mov'
+  ]
 };
 
 /**
@@ -102,7 +117,8 @@ const notionInspiredPreset = {
     phosphorSize: '1.2em',
     normalizeTitle: true,
     showPdfDownload: true,
-    menuDefaultOpen: true
+    menuDefaultOpen: true,
+    attachments: true
   },
   
   auth: {
@@ -261,6 +277,9 @@ async function loadConfig(configPath, options = {}) {
   if (options.menuClosed === true) {
     config.features.menuDefaultOpen = false;
   }
+  if (options.attachments === false) {
+    config.features.attachments = false;
+  }
   
   // Legacy mode - auto-detect structure
   if (options.legacy) {
@@ -284,6 +303,30 @@ async function loadConfig(configPath, options = {}) {
       console.log(chalk.gray(`Create it with: mkdir ${config.docsDir} && echo "# Documentation" > ${config.docsDir}/README.md`));
     }
     // Don't throw error - let commands handle missing directories appropriately
+  } else {
+    // Check for private directory and auto-enable authentication if found
+    const privatePath = path.join(docsPath, 'private');
+    if (fs.existsSync(privatePath) && fs.statSync(privatePath).isDirectory()) {
+      // Only auto-enable if not already configured
+      if (!config.features.authentication) {
+        console.log(chalk.blue('🔐 Found private directory - automatically enabling Supabase authentication'));
+        config.features.authentication = 'supabase';
+        config.features.autoAuthEnabled = true; // Track that this was auto-enabled
+        
+        // Check if Supabase credentials are configured
+        if (!config.auth.supabaseUrl || !config.auth.supabaseAnonKey || !config.auth.siteId) {
+          console.warn(chalk.yellow('⚠️  Supabase credentials not configured. Private directory found but authentication will not work.'));
+          console.warn(chalk.yellow('   To enable authentication, set the following in your config:'));
+          console.warn(chalk.yellow('   - auth.supabaseUrl'));
+          console.warn(chalk.yellow('   - auth.supabaseAnonKey'));
+          console.warn(chalk.yellow('   - auth.siteId'));
+          console.warn(chalk.yellow(''));
+          console.warn(chalk.yellow('   Or disable authentication by removing the private directory.'));
+          // Disable authentication if credentials are missing
+          config.features.authentication = false;
+        }
+      }
+    }
   }
   
   return config;

package/lib/core-builder.js

@@ -362,6 +362,21 @@ ${seoTags}
         visibility: visible;
         opacity: 1;
       }
+      /* Style auth button consistently */
+      .auth-btn {
+        background: none;
+        border: none;
+        color: var(--text-secondary);
+        cursor: pointer;
+        padding: 0.5rem;
+        border-radius: 0.5rem;
+        transition: all 0.2s;
+        font-size: 1.1rem;
+      }
+      .auth-btn:hover {
+        background: var(--bg-secondary);
+        color: var(--text-primary);
+      }
     </style>
     ` : ''}
     
@@ -389,8 +404,8 @@ ${seoTags}
                 </div>
                 
                 ${config.features?.authentication === 'supabase' ? `
-                <a href="${relativePath}logout.html" class="logout-btn" title="Logout">
-                    <i class="fas fa-sign-out-alt"></i>
+                <a href="${relativePath}login.html" class="auth-btn" title="Login/Logout">
+                    <i class="fas fa-sign-in-alt"></i>
                 </a>
                 ` : ''}
                 
@@ -484,10 +499,23 @@ const folderDescriptions = {
 };
 
 // Build navigation structure with rich functionality
-function buildNavigationStructure(files, currentFile) {
+function buildNavigationStructure(files, currentFile, config = {}) {
   const tree = { files: [], folders: {} };
   
+  // Check if authentication is enabled
+  const isAuthEnabled = config.features?.authentication === 'supabase';
+  
+  // Filter files based on authentication status and whether we're building for an authenticated page
+  // We'll pass a flag from processMarkdownFile to indicate if this is a private page
+  const isPrivatePage = currentFile && (currentFile.startsWith('private/') || currentFile.includes('/private/'));
+  const shouldIncludePrivate = isAuthEnabled && isPrivatePage;
+  
   files.forEach(file => {
+    // Skip private files if we're not on an authenticated page
+    if (file.isPrivate && !shouldIncludePrivate) {
+      return;
+    }
+    
     const parts = file.urlPath.split('/');
     let current = tree;
     
@@ -704,8 +732,8 @@ async function processMarkdownFile(filePath, outputPath, allFiles, config) {
   // Process content
   const htmlContent = processMarkdownContent(content, config);
   
-  // Build navigation
-  const navigation = buildNavigationStructure(allFiles, urlPath);
+  // Build navigation - pass config to handle private file filtering
+  const navigation = buildNavigationStructure(allFiles, urlPath, config);
   
   // Generate full HTML (pass original content and front matter for SEO)
   const html = generateHTML(title, htmlContent, navigation, urlPath, config, content, frontMatter);
@@ -740,12 +768,18 @@ async function getAllMarkdownFiles(dir, baseDir = dir) {
       const content = await fs.readFile(fullPath, 'utf-8');
       const summary = extractSummary(content);
       
+      // Check if this file is in the private directory
+      const isPrivate = relativePath.split(path.sep)[0] === 'private' || 
+                       relativePath.startsWith('private/') || 
+                       relativePath.startsWith('private\\');
+      
       files.push({
         path: fullPath,
         relativePath,
         urlPath,
         displayName,
-        summary
+        summary,
+        isPrivate
       });
     }
   }
@@ -753,6 +787,62 @@ async function getAllMarkdownFiles(dir, baseDir = dir) {
   return files;
 }
 
+// Get all attachment files
+async function getAllAttachmentFiles(dir, baseDir = dir, attachmentTypes) {
+  const files = [];
+  const items = await fs.readdir(dir);
+  
+  for (const item of items) {
+    const fullPath = path.join(dir, item);
+    const stat = await fs.stat(fullPath);
+    
+    if (stat.isDirectory() && !item.startsWith('.')) {
+      // Recursively scan subdirectories
+      const subFiles = await getAllAttachmentFiles(fullPath, baseDir, attachmentTypes);
+      files.push(...subFiles);
+    } else {
+      // Check if file is an attachment type
+      const ext = path.extname(item).toLowerCase();
+      if (attachmentTypes.includes(ext) && !item.startsWith('.')) {
+        const relativePath = path.relative(baseDir, fullPath);
+        files.push({
+          path: fullPath,
+          relativePath,
+          size: stat.size
+        });
+      }
+    }
+  }
+  
+  return files;
+}
+
+// Copy attachment files to output directory
+async function copyAttachmentFiles(attachmentFiles, docsDir, outputDir) {
+  let totalSize = 0;
+  let copiedCount = 0;
+  
+  for (const file of attachmentFiles) {
+    try {
+      const outputPath = path.join(outputDir, file.relativePath);
+      const outputDirPath = path.dirname(outputPath);
+      
+      // Create directory if it doesn't exist
+      await fs.ensureDir(outputDirPath);
+      
+      // Copy the file
+      await fs.copy(file.path, outputPath, { overwrite: true });
+      
+      totalSize += file.size;
+      copiedCount++;
+    } catch (error) {
+      console.warn(chalk.yellow(`Warning: Could not copy ${file.relativePath}: ${error.message}`));
+    }
+  }
+  
+  return { copiedCount, totalSize };
+}
+
 // Main build function
 async function buildDocumentation(config) {
   const docsDir = path.join(process.cwd(), config.docsDir);
@@ -946,7 +1036,41 @@ async function buildDocumentation(config) {
     }
   }
   
-  console.log(chalk.green('✅ Documentation build complete!'));
+  // Copy attachment files if feature is enabled
+  if (config.features?.attachments !== false) {
+    console.log(chalk.blue('\n📎 Processing attachments...'));
+    
+    const attachmentTypes = config.attachmentTypes || [
+      '.pdf', '.doc', '.docx', '.xls', '.xlsx', '.csv', '.ppt', '.pptx', '.txt', '.rtf',
+      '.zip', '.tar', '.gz', '.7z', '.rar',
+      '.png', '.jpg', '.jpeg', '.gif', '.svg', '.webp', '.ico', '.bmp',
+      '.json', '.xml', '.yaml', '.yml', '.toml',
+      '.mp4', '.mp3', '.wav', '.avi', '.mov'
+    ];
+    
+    try {
+      const attachmentFiles = await getAllAttachmentFiles(docsDir, docsDir, attachmentTypes);
+      
+      if (attachmentFiles.length > 0) {
+        const { copiedCount, totalSize } = await copyAttachmentFiles(attachmentFiles, docsDir, outputDir);
+        
+        // Format file size
+        const formatSize = (bytes) => {
+          if (bytes < 1024) return bytes + ' B';
+          if (bytes < 1024 * 1024) return (bytes / 1024).toFixed(1) + ' KB';
+          return (bytes / (1024 * 1024)).toFixed(1) + ' MB';
+        };
+        
+        console.log(chalk.green(`✅ Copied ${copiedCount} attachments (${formatSize(totalSize)} total)`));
+      } else {
+        console.log(chalk.gray('  No attachments found to copy'));
+      }
+    } catch (error) {
+      console.warn(chalk.yellow(`Warning: Error processing attachments: ${error.message}`));
+    }
+  }
+  
+  console.log(chalk.green('\n✅ Documentation build complete!'));
 }
 
 // Create placeholder README.md if missing

package/lib/supabase-auth.js

@@ -58,11 +58,22 @@ class SupabaseAuth {
     // Check authentication and site access
     async function checkAuth() {
         try {
+            // Check if current page is in private directory
+            const currentPath = window.location.pathname;
+            const isPrivatePage = currentPath.includes('/private/');
+            
             // Get current user session
             const { data: { user }, error: userError } = await supabaseClient.auth.getUser();
             
             if (userError || !user) {
-                redirectToLogin();
+                // Only redirect if we're on a private page
+                if (isPrivatePage) {
+                    redirectToLogin();
+                } else {
+                    // Public page, just show it
+                    document.body.classList.add('authenticated'); // Use same class to show body
+                    updateAuthButton(false);
+                }
                 return;
             }
             
@@ -75,17 +86,30 @@ class SupabaseAuth {
                 .single();
             
             if (accessError || !access) {
-                showAccessDenied();
+                if (isPrivatePage) {
+                    showAccessDenied();
+                } else {
+                    // Public page, just show it
+                    document.body.classList.add('authenticated');
+                    updateAuthButton(false);
+                }
                 return;
             }
             
             // User is authenticated and has access
             console.log('User authenticated and authorized');
             document.body.classList.add('authenticated');
+            updateAuthButton(true);
             
         } catch (error) {
             console.error('Auth check failed:', error);
-            redirectToLogin();
+            if (window.location.pathname.includes('/private/')) {
+                redirectToLogin();
+            } else {
+                // Public page, show it anyway
+                document.body.classList.add('authenticated');
+                updateAuthButton(false);
+            }
         }
     }
     
@@ -110,16 +134,41 @@ class SupabaseAuth {
         \`;
     }
     
-    // Add logout functionality
+    // Function to update auth button
+    function updateAuthButton(isAuthenticated) {
+        const authBtn = document.querySelector('.auth-btn');
+        if (authBtn) {
+            const icon = authBtn.querySelector('i');
+            if (icon) {
+                if (isAuthenticated) {
+                    icon.className = 'fas fa-sign-out-alt';
+                    authBtn.title = 'Logout';
+                    authBtn.href = '/logout.html';
+                } else {
+                    icon.className = 'fas fa-sign-in-alt';
+                    authBtn.title = 'Login';
+                    authBtn.href = '/login.html';
+                }
+            }
+        }
+    }
+    
+    // Add auth button functionality
     document.addEventListener('DOMContentLoaded', function() {
-        const logoutLinks = document.querySelectorAll('a[href*="logout"]');
-        logoutLinks.forEach(link => {
-            link.addEventListener('click', async function(e) {
-                e.preventDefault();
-                await supabaseClient.auth.signOut();
-                window.location.href = '/logout.html';
+        const authBtn = document.querySelector('.auth-btn');
+        if (authBtn) {
+            authBtn.addEventListener('click', async function(e) {
+                // Check if we're logged in
+                const { data: { user } } = await supabaseClient.auth.getUser();
+                if (user) {
+                    // Logged in - sign out
+                    e.preventDefault();
+                    await supabaseClient.auth.signOut();
+                    window.location.href = '/logout.html';
+                }
+                // If not logged in, normal navigation to login page will occur
             });
-        });
+        }
     });
     
     // Run auth check

package/manage-users.sql

@@ -0,0 +1,191 @@
+-- =====================================================
+-- USER MANAGEMENT SQL COMMANDS FOR DOC-BUILDER
+-- =====================================================
+-- Run these in your Supabase SQL Editor
+
+-- =====================================================
+-- 1. VIEW YOUR SITES
+-- =====================================================
+-- See all your documentation sites
+SELECT id, domain, name, created_at 
+FROM docbuilder_sites
+ORDER BY created_at DESC;
+
+-- =====================================================
+-- 2. VIEW EXISTING USERS
+-- =====================================================
+-- See all users in your Supabase project
+SELECT id, email, created_at, last_sign_in_at
+FROM auth.users
+ORDER BY created_at DESC;
+
+-- =====================================================
+-- 3. VIEW WHO HAS ACCESS TO A SPECIFIC SITE
+-- =====================================================
+-- Replace 'your-site-id' with actual site ID
+SELECT 
+    u.email,
+    u.id as user_id,
+    u.created_at as user_since,
+    da.created_at as access_granted,
+    ds.name as site_name,
+    ds.domain
+FROM docbuilder_access da
+JOIN auth.users u ON u.id = da.user_id
+JOIN docbuilder_sites ds ON ds.id = da.site_id
+WHERE da.site_id = 'your-site-id'
+ORDER BY da.created_at DESC;
+
+-- =====================================================
+-- 4. ADD A SINGLE USER TO A SITE
+-- =====================================================
+-- First, create user in Supabase Dashboard (Authentication > Users > Invite)
+-- Then grant access:
+INSERT INTO docbuilder_access (user_id, site_id)
+VALUES (
+    (SELECT id FROM auth.users WHERE email = 'user@example.com'),
+    'your-site-id'
+);
+
+-- =====================================================
+-- 5. ADD MULTIPLE USERS TO A SITE
+-- =====================================================
+-- Add a list of users all at once
+WITH users_to_add AS (
+    SELECT email FROM (VALUES 
+        ('user1@example.com'),
+        ('user2@example.com'),
+        ('user3@example.com'),
+        ('user4@example.com')
+    ) AS t(email)
+)
+INSERT INTO docbuilder_access (user_id, site_id)
+SELECT u.id, 'your-site-id'
+FROM auth.users u
+JOIN users_to_add ua ON u.email = ua.email
+WHERE NOT EXISTS (
+    -- Prevent duplicate entries
+    SELECT 1 FROM docbuilder_access 
+    WHERE user_id = u.id AND site_id = 'your-site-id'
+);
+
+-- =====================================================
+-- 6. GRANT USER ACCESS TO MULTIPLE SITES
+-- =====================================================
+-- Give one user access to several sites
+WITH sites_to_grant AS (
+    SELECT id FROM docbuilder_sites 
+    WHERE domain IN ('site1.com', 'site2.com', 'site3.com')
+)
+INSERT INTO docbuilder_access (user_id, site_id)
+SELECT 
+    (SELECT id FROM auth.users WHERE email = 'user@example.com'),
+    s.id
+FROM sites_to_grant s
+WHERE NOT EXISTS (
+    SELECT 1 FROM docbuilder_access 
+    WHERE user_id = (SELECT id FROM auth.users WHERE email = 'user@example.com')
+    AND site_id = s.id
+);
+
+-- =====================================================
+-- 7. REMOVE USER ACCESS FROM A SITE
+-- =====================================================
+-- Remove specific user from specific site
+DELETE FROM docbuilder_access
+WHERE user_id = (SELECT id FROM auth.users WHERE email = 'user@example.com')
+AND site_id = 'your-site-id';
+
+-- =====================================================
+-- 8. REMOVE USER FROM ALL SITES
+-- =====================================================
+-- Completely remove user's access to all documentation
+DELETE FROM docbuilder_access
+WHERE user_id = (SELECT id FROM auth.users WHERE email = 'user@example.com');
+
+-- =====================================================
+-- 9. BULK REMOVE USERS
+-- =====================================================
+-- Remove multiple users from a site
+WITH users_to_remove AS (
+    SELECT email FROM (VALUES 
+        ('olduser1@example.com'),
+        ('olduser2@example.com')
+    ) AS t(email)
+)
+DELETE FROM docbuilder_access
+WHERE site_id = 'your-site-id'
+AND user_id IN (
+    SELECT u.id FROM auth.users u
+    JOIN users_to_remove ur ON u.email = ur.email
+);
+
+-- =====================================================
+-- 10. VIEW ACCESS SUMMARY
+-- =====================================================
+-- See how many users each site has
+SELECT 
+    ds.name as site_name,
+    ds.domain,
+    ds.id as site_id,
+    COUNT(da.user_id) as user_count,
+    MAX(da.created_at) as last_access_granted
+FROM docbuilder_sites ds
+LEFT JOIN docbuilder_access da ON ds.id = da.site_id
+GROUP BY ds.id, ds.name, ds.domain
+ORDER BY user_count DESC;
+
+-- =====================================================
+-- 11. FIND USERS WITHOUT ACCESS TO ANY SITE
+-- =====================================================
+-- Useful for cleanup
+SELECT u.email, u.created_at, u.last_sign_in_at
+FROM auth.users u
+WHERE NOT EXISTS (
+    SELECT 1 FROM docbuilder_access da 
+    WHERE da.user_id = u.id
+)
+ORDER BY u.created_at DESC;
+
+-- =====================================================
+-- 12. AUDIT LOG - RECENT ACCESS GRANTS
+-- =====================================================
+-- See who was granted access recently
+SELECT 
+    u.email,
+    ds.name as site_name,
+    ds.domain,
+    da.created_at as access_granted
+FROM docbuilder_access da
+JOIN auth.users u ON u.id = da.user_id
+JOIN docbuilder_sites ds ON ds.id = da.site_id
+WHERE da.created_at > NOW() - INTERVAL '30 days'
+ORDER BY da.created_at DESC;
+
+-- =====================================================
+-- 13. COPY ACCESS FROM ONE USER TO ANOTHER
+-- =====================================================
+-- Useful when replacing team members
+INSERT INTO docbuilder_access (user_id, site_id)
+SELECT 
+    (SELECT id FROM auth.users WHERE email = 'newuser@example.com'),
+    da.site_id
+FROM docbuilder_access da
+WHERE da.user_id = (SELECT id FROM auth.users WHERE email = 'olduser@example.com');
+
+-- =====================================================
+-- COMMON SITE IDs FOR REFERENCE
+-- =====================================================
+-- Your test site: 4d8a53bf-dcdd-48c0-98e0-cd1451518735
+-- Add more site IDs here as you create them:
+-- Production site: xxx
+-- Staging site: xxx
+
+-- =====================================================
+-- TIPS
+-- =====================================================
+-- 1. Always check if users exist before granting access
+-- 2. Use the Supabase Dashboard to invite new users first
+-- 3. Run SELECT queries before DELETE to verify
+-- 4. Keep this file updated with your site IDs
+-- 5. Consider creating views for common queries

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@knowcode/doc-builder",
-  "version": "1.7.5",
+  "version": "1.8.0",
   "description": "Reusable documentation builder for markdown-based sites with Vercel deployment support",
   "main": "index.js",
   "bin": {