@kyro-cms/admin 0.1.5 → 0.1.7

package/src/lib/auth/sqlite-adapter.ts

@@ -0,0 +1,319 @@
+import type { AuthAdapter, AuthUser, Session, UserRole } from "@kyro-cms/core";
+import bcrypt from "bcryptjs";
+import { randomBytes } from "crypto";
+import Database from "better-sqlite3";
+import path from "path";
+import fs from "fs";
+
+const DB_DIR = path.join(process.cwd(), "data");
+const DB_PATH = path.join(DB_DIR, "kyro.db");
+
+if (!fs.existsSync(DB_DIR)) {
+  fs.mkdirSync(DB_DIR, { recursive: true });
+}
+
+export const db = new Database(DB_PATH);
+db.pragma("journal_mode = WAL");
+
+db.exec(`
+  CREATE TABLE IF NOT EXISTS users (
+    id TEXT PRIMARY KEY,
+    email TEXT UNIQUE NOT NULL,
+    password_hash TEXT NOT NULL,
+    name TEXT,
+    role TEXT DEFAULT 'customer',
+    created_at TEXT NOT NULL,
+    updated_at TEXT NOT NULL
+  );
+
+  CREATE TABLE IF NOT EXISTS sessions (
+    token TEXT PRIMARY KEY,
+    user_id TEXT NOT NULL,
+    expires_at TEXT NOT NULL,
+    created_at TEXT NOT NULL
+  );
+
+  CREATE TABLE IF NOT EXISTS roles (
+    id TEXT PRIMARY KEY,
+    name TEXT UNIQUE NOT NULL,
+    level INTEGER DEFAULT 50,
+    inherits TEXT DEFAULT '[]',
+    permissions TEXT DEFAULT '[]',
+    description TEXT,
+    created_at TEXT NOT NULL
+  );
+
+  CREATE TABLE IF NOT EXISTS audit_logs (
+    id TEXT PRIMARY KEY,
+    user_id TEXT,
+    action TEXT NOT NULL,
+    entity_type TEXT,
+    entity_id TEXT,
+    metadata TEXT DEFAULT '{}',
+    ip_address TEXT,
+    user_agent TEXT,
+    created_at TEXT NOT NULL
+  );
+`);
+
+export interface SQLiteAuthAdapterOptions {
+  tokenExpiration?: number;
+  refreshTokenExpiration?: number;
+}
+
+const DEFAULT_TOKEN_EXPIRATION = 86400;
+const DEFAULT_REFRESH_EXPIRATION = 604800;
+
+export class SQLiteAuthAdapter implements AuthAdapter {
+  private tokenExpiration: number;
+  private refreshExpiration: number;
+
+  constructor(options: SQLiteAuthAdapterOptions = {}) {
+    this.tokenExpiration = options.tokenExpiration || DEFAULT_TOKEN_EXPIRATION;
+    this.refreshExpiration =
+      options.refreshTokenExpiration || DEFAULT_REFRESH_EXPIRATION;
+  }
+
+  private getTimestamp(): string {
+    return new Date().toISOString();
+  }
+
+  private generateId(): string {
+    return randomBytes(16).toString("hex");
+  }
+
+  private getDb(): Database.Database {
+    return db;
+  }
+
+  async findUserById(id: string): Promise<AuthUser | null> {
+    const user = db.prepare("SELECT * FROM users WHERE id = ?").get(id) as any;
+    if (!user) return null;
+    return {
+      id: user.id,
+      email: user.email,
+      name: user.name,
+      role: user.role as UserRole,
+      createdAt: user.created_at,
+      updatedAt: user.updated_at,
+    };
+  }
+
+  async findUserByEmail(email: string): Promise<AuthUser | null> {
+    const user = db
+      .prepare("SELECT * FROM users WHERE email = ?")
+      .get(email) as any;
+    if (!user) return null;
+    return {
+      id: user.id,
+      email: user.email,
+      name: user.name,
+      role: user.role as UserRole,
+      createdAt: user.created_at,
+      updatedAt: user.updated_at,
+    };
+  }
+
+  async createUser(
+    userData: Partial<AuthUser> & { password: string },
+  ): Promise<AuthUser> {
+    const now = this.getTimestamp();
+    const id = this.generateId();
+    const passwordHash = await bcrypt.hash(userData.password, 10);
+
+    db.prepare(
+      "INSERT INTO users (id, email, password_hash, name, role, created_at, updated_at) VALUES (?, ?, ?, ?, ?, ?, ?)",
+    ).run(
+      id,
+      userData.email,
+      passwordHash,
+      userData.name || null,
+      userData.role || "customer",
+      now,
+      now,
+    );
+
+    return {
+      id,
+      email: userData.email,
+      name: userData.name,
+      role: userData.role || "customer",
+      createdAt: now,
+      updatedAt: now,
+    };
+  }
+
+  async updateUser(
+    id: string,
+    data: Partial<AuthUser> & { password?: string },
+  ): Promise<AuthUser | null> {
+    const existing = await this.findUserById(id);
+    if (!existing) return null;
+
+    const now = this.getTimestamp();
+    const updates: string[] = [];
+    const values: any[] = [];
+
+    if (data.email !== undefined) {
+      updates.push("email = ?");
+      values.push(data.email);
+    }
+    if (data.name !== undefined) {
+      updates.push("name = ?");
+      values.push(data.name);
+    }
+    if (data.role !== undefined) {
+      updates.push("role = ?");
+      values.push(data.role);
+    }
+    if (data.password !== undefined) {
+      updates.push("password_hash = ?");
+      values.push(await bcrypt.hash(data.password, 10));
+    }
+
+    updates.push("updated_at = ?");
+    values.push(now);
+    values.push(id);
+
+    db.prepare(`UPDATE users SET ${updates.join(", ")} WHERE id = ?`).run(
+      ...values,
+    );
+
+    return this.findUserById(id);
+  }
+
+  async deleteUser(id: string): Promise<boolean> {
+    const result = db.prepare("DELETE FROM users WHERE id = ?").run(id);
+    if (result.changes > 0) {
+      db.prepare("DELETE FROM sessions WHERE user_id = ?").run(id);
+      return true;
+    }
+    return false;
+  }
+
+  async verifyPassword(
+    email: string,
+    password: string,
+  ): Promise<AuthUser | null> {
+    const user = db
+      .prepare("SELECT * FROM users WHERE email = ?")
+      .get(email) as any;
+    if (!user) return null;
+
+    const valid = await bcrypt.compare(password, user.password_hash);
+    if (!valid) return null;
+
+    return {
+      id: user.id,
+      email: user.email,
+      name: user.name,
+      role: user.role as UserRole,
+      createdAt: user.created_at,
+      updatedAt: user.updated_at,
+    };
+  }
+
+  async createSession(userId: string): Promise<Session> {
+    const now = new Date();
+    const expiresAt = new Date(now.getTime() + this.tokenExpiration * 1000);
+    const refreshExpiresAt = new Date(
+      now.getTime() + this.refreshExpiration * 1000,
+    );
+
+    const token = randomBytes(32).toString("hex");
+    const refreshToken = randomBytes(32).toString("hex");
+
+    db.prepare(
+      "INSERT INTO sessions (token, user_id, expires_at, created_at) VALUES (?, ?, ?, ?)",
+    ).run(token, userId, expiresAt.toISOString(), now.toISOString());
+
+    return {
+      token,
+      refreshToken,
+      expiresAt: expiresAt.toISOString(),
+      userId,
+      createdAt: now.toISOString(),
+    };
+  }
+
+  async validateSession(token: string): Promise<Session | null> {
+    const now = new Date().toISOString();
+    const session = db
+      .prepare("SELECT * FROM sessions WHERE token = ? AND expires_at > ?")
+      .get(token, now) as any;
+
+    if (!session) return null;
+
+    return {
+      token: session.token,
+      userId: session.user_id,
+      expiresAt: session.expires_at,
+      createdAt: session.created_at,
+    };
+  }
+
+  async refreshSession(token: string): Promise<Session | null> {
+    const session = await this.validateSession(token);
+    if (!session) return null;
+
+    return this.createSession(session.userId);
+  }
+
+  async revokeSession(token: string): Promise<void> {
+    db.prepare("DELETE FROM sessions WHERE token = ?").run(token);
+  }
+
+  async revokeAllUserSessions(userId: string): Promise<void> {
+    db.prepare("DELETE FROM sessions WHERE user_id = ?").run(userId);
+  }
+
+  async findUserRoles(): Promise<UserRole[]> {
+    const roles = db
+      .prepare("SELECT * FROM roles ORDER BY level DESC")
+      .all() as any[];
+    return roles.map((r) => ({
+      id: r.id,
+      name: r.name,
+      level: r.level,
+      inherits: JSON.parse(r.inherits || "[]"),
+      permissions: JSON.parse(r.permissions || "[]"),
+      description: r.description,
+      createdAt: r.created_at,
+    }));
+  }
+
+  async createRole(role: Partial<UserRole>): Promise<UserRole> {
+    const now = this.getTimestamp();
+    const id = role.id || this.generateId();
+
+    db.prepare(
+      "INSERT INTO roles (id, name, level, inherits, permissions, description, created_at) VALUES (?, ?, ?, ?, ?, ?, ?)",
+    ).run(
+      id,
+      role.name,
+      role.level || 50,
+      JSON.stringify(role.inherits || []),
+      JSON.stringify(role.permissions || []),
+      role.description || null,
+      now,
+    );
+
+    return {
+      id,
+      name: role.name!,
+      level: role.level || 50,
+      inherits: role.inherits || [],
+      permissions: role.permissions || [],
+      description: role.description,
+      createdAt: now,
+    };
+  }
+
+  async findUserByIdWithPassword(
+    id: string,
+  ): Promise<{ id: string; email: string; password_hash: string } | null> {
+    return db
+      .prepare("SELECT id, email, password_hash FROM users WHERE id = ?")
+      .get(id) as any;
+  }
+}

package/src/lib/config.ts

@@ -1,8 +1,8 @@
 import type { CollectionConfig, GlobalConfig } from "@kyro-cms/core";
-import { blogCollections } from "../../../src/index";
-import { ecommerceCollections } from "../../../src/index";
-import { minimalCollections } from "../../../src/index";
-import { kitchenSinkCollections } from "../../../src/index";
+import { blogCollections } from "../../../src/templates/blog";
+import { ecommerceCollections } from "../../../src/templates/ecommerce";
+import { minimalCollections } from "../../../src/templates/minimal";
+import { kitchenSinkCollections } from "../../../src/templates/kitchen-sink";
 import { mediaCollections } from "../../../src/templates/media";
 import {
   allSettingsGlobals,
@@ -10,8 +10,14 @@ import {
   ecommerceSettingsGlobals,
 } from "../../../src/templates/settings";
 import { authCollections } from "../collections/auth";
+import { portfolioCollections } from "../collections/portfolio";
 
-export type AdminTemplate = "minimal" | "blog" | "ecommerce" | "kitchen-sink";
+export type AdminTemplate =
+  | "minimal"
+  | "blog"
+  | "ecommerce"
+  | "kitchen-sink"
+  | "portfolio";
 
 export function getAdminConfig(template: AdminTemplate = "blog") {
   const collections: CollectionConfig[] = [];
@@ -42,6 +48,11 @@ export function getAdminConfig(template: AdminTemplate = "blog") {
       );
       globals.push(...allSettingsGlobals);
       break;
+    case "portfolio":
+      collections.push(...Object.values(blogCollections));
+      collections.push(...Object.values(portfolioCollections));
+      globals.push(...coreSettingsGlobals);
+      break;
   }
 
   const collectionsMap = collections.reduce(
@@ -63,6 +74,11 @@ export function getAdminConfig(template: AdminTemplate = "blog") {
   return { collections: collectionsMap, globals: globalsMap };
 }
 
-export const adminConfig = getAdminConfig("blog");
+export const adminConfig = getAdminConfig("minimal");
 export const collections = adminConfig.collections;
 export const globals = adminConfig.globals;
+
+export const authCollectionSlugs = ["users", "roles", "audit_logs"];
+export const nonAuthCollections = Object.values(collections).filter(
+  (c) => !authCollectionSlugs.includes(c.slug),
+);

package/src/lib/dataStore.ts

@@ -1,111 +1,169 @@
 import type { CollectionConfig } from "@kyro-cms/core";
+import { randomUUID } from "crypto";
+import {
+  initializeDatabase,
+  getDatabaseAdapter,
+  isDatabaseInitialized,
+} from "./db";
 
-interface Document {
-  id: string;
-  [key: string]: any;
-}
+class DataStoreWrapper {
+  private async getStore() {
+    if (!isDatabaseInitialized()) {
+      await initializeDatabase();
+    }
+    return getDatabaseAdapter();
+  }
 
-class DataStore {
-  private data: Map<string, Document[]> = new Map();
-  private metadata: Map<string, { createdAt: string; updatedAt: string }> =
-    new Map();
-  private idCounters: Map<string, number> = new Map();
+  private readonly VERSIONS_COLLECTION = "_versions";
 
   initialize(collections: Record<string, CollectionConfig>) {
-    for (const [slug, config] of Object.entries(collections)) {
-      if (!this.data.has(slug)) {
-        this.data.set(slug, []);
-        this.idCounters.set(slug, 1);
-      }
-    }
+    initializeDatabase(collections); // Sync wrapper - adapter handles initialization
   }
 
-  private generateId(slug: string): string {
-    const counter = this.idCounters.get(slug) || 1;
-    this.idCounters.set(slug, counter + 1);
-    return `${slug}-${counter}`;
+  private async getTimestamp(): Promise<string> {
+    return new Date().toISOString();
   }
 
-  private getTimestamp(): string {
-    return new Date().toISOString();
+  private generateId(): string {
+    return randomUUID();
   }
 
-  find<T = any>(
+  async find<T = any>(
     slug: string,
     options: { page?: number; limit?: number } = {},
-  ): { docs: T[]; totalDocs: number; totalPages: number; page: number } {
-    const docs = this.data.get(slug) || [];
-    const page = options.page || 1;
-    const limit = options.limit || 25;
-    const start = (page - 1) * limit;
-    const end = start + limit;
-
-    return {
-      docs: docs.slice(start, end) as T[],
-      totalDocs: docs.length,
-      totalPages: Math.ceil(docs.length / limit),
-      page,
-    };
+  ): Promise<{
+    docs: T[];
+    totalDocs: number;
+    totalPages: number;
+    page: number;
+  }> {
+    const store = await this.getStore();
+    return store.find(slug, options);
   }
 
-  findById<T = any>(slug: string, id: string): T | null {
-    const docs = this.data.get(slug) || [];
-    return (docs.find((d) => d.id === id) as T) || null;
+  async findById<T = any>(slug: string, id: string): Promise<T | null> {
+    const store = await this.getStore();
+    return store.findById(slug, id);
   }
 
-  create<T = any>(slug: string, data: Partial<T>): T {
-    const docs = this.data.get(slug) || [];
-    const now = this.getTimestamp();
+  async create<T = any>(slug: string, data: Partial<T>): Promise<T> {
+    const store = await this.getStore();
+    const now = await this.getTimestamp();
+    const id = data?.id || this.generateId();
     const newDoc = {
-      id: this.generateId(slug),
       ...data,
+      id,
       createdAt: now,
       updatedAt: now,
-    } as T;
-    docs.push(newDoc as any);
-    this.data.set(slug, docs);
-    this.metadata.set(`${slug}:${(newDoc as any).id}`, {
-      createdAt: now,
-      updatedAt: now,
-    });
-    return newDoc;
+    };
+    return store.create(slug, newDoc);
   }
 
-  update<T = any>(slug: string, id: string, data: Partial<T>): T | null {
-    const docs = this.data.get(slug) || [];
-    const index = docs.findIndex((d) => d.id === id);
-    if (index === -1) return null;
+  async update<T = any>(
+    slug: string,
+    id: string,
+    data: Partial<T>,
+  ): Promise<T | null> {
+    const store = await this.getStore();
+    const existing = await store.findById(slug, id);
+    if (!existing) return null;
 
-    const now = this.getTimestamp();
+    const now = await this.getTimestamp();
     const updated = {
-      ...docs[index],
+      ...existing,
       ...data,
       id,
       updatedAt: now,
     };
-    docs[index] = updated;
-    this.data.set(slug, docs);
-    this.metadata.set(`${slug}:${id}`, {
-      createdAt: docs[index].createdAt,
-      updatedAt: now,
-    });
-    return updated as T;
+
+    // Save version history before updating
+    await this.createVersion(slug, id, existing);
+
+    return store.update(slug, id, updated);
   }
 
-  delete(slug: string, id: string): boolean {
-    const docs = this.data.get(slug) || [];
-    const index = docs.findIndex((d) => d.id === id);
-    if (index === -1) return false;
+  async findVersions(parentCollection: string, parentId: string) {
+    const store = await this.getStore();
+    // We use find with a limit and custom filtering logic if supported, 
+    // but for now we'll fetch and filter in memory if the adapter is basic
+    const result = await store.find(this.VERSIONS_COLLECTION, { limit: 100 });
+    return result.docs
+      .filter((v: any) => v.parentCollection === parentCollection && v.parentId === parentId)
+      .sort((a: any, b: any) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
+  }
+
+  async createVersion(parentCollection: string, parentId: string, data: any) {
+    const store = await this.getStore();
+    const now = await this.getTimestamp();
+    const versionDoc = {
+      id: this.generateId(),
+      parentId,
+      parentCollection,
+      data,
+      createdAt: now,
+      version: Date.now() // Simple version numbering
+    };
+    try {
+      return await store.create(this.VERSIONS_COLLECTION, versionDoc);
+    } catch (e) {
+      console.error("Failed to create version snapshot:", e);
+      return null;
+    }
+  }
+
+  async restoreVersion(parentCollection: string, parentId: string, versionId: string) {
+    const store = await this.getStore();
+    const version = await store.findById(this.VERSIONS_COLLECTION, versionId);
+    if (!version || version.parentId !== parentId) return null;
+
+    return this.update(parentCollection, parentId, version.data);
+  }
+
+  async delete(slug: string, id: string): Promise<boolean> {
+    const store = await this.getStore();
+    return store.delete(slug, id);
+  }
+
+  async findOne(
+    slug: string,
+    filter: Record<string, any>,
+  ): Promise<any | null> {
+    const store = await this.getStore();
+    const results = await store.find(slug, { limit: 1, where: filter });
+    return results.length > 0 ? results[0] : null;
+  }
+
+  async findGlobal<T = any>(slug: string): Promise<T> {
+    const store = await this.getStore();
+    return store.findGlobal(slug);
+  }
+
+  async updateGlobal<T = any>(slug: string, data: Partial<T>): Promise<T> {
+    const store = await this.getStore();
+    const current = await store.findGlobal(slug);
+    const updated = { ...current, ...data };
+    return store.updateGlobal(slug, updated);
+  }
+
+  async seedGlobal(slug: string, data: any): Promise<void> {
+    const store = await this.getStore();
+    return store.seedGlobal(slug, data);
+  }
+
+  async count(slug: string): Promise<number> {
+    const store = await this.getStore();
+    return store.count(slug);
+  }
 
-    docs.splice(index, 1);
-    this.data.set(slug, docs);
-    this.metadata.delete(`${slug}:${id}`);
-    return true;
+  async seed(slug: string, docs: any[]): Promise<void> {
+    const store = await this.getStore();
+    return store.seed(slug, docs);
   }
 
-  count(slug: string): number {
-    return (this.data.get(slug) || []).length;
+  async isSeeded(slug: string): Promise<boolean> {
+    const store = await this.getStore();
+    return store.isSeeded(slug);
   }
 }
 
-export const dataStore = new DataStore();
+export const dataStore = new DataStoreWrapper();

package/src/lib/db/adapter.ts

@@ -0,0 +1,54 @@
+import type { CollectionConfig } from "@kyro-cms/core";
+
+export interface DatabaseAdapter {
+  initialize(collections: Record<string, CollectionConfig>): void;
+
+  find<T = any>(
+    slug: string,
+    options?: { page?: number; limit?: number },
+  ): Promise<{
+    docs: T[];
+    totalDocs: number;
+    totalPages: number;
+    page: number;
+  }>;
+
+  findById<T = any>(slug: string, id: string): Promise<T | null>;
+
+  create<T = any>(slug: string, data: Partial<T>): Promise<T>;
+
+  update<T = any>(
+    slug: string,
+    id: string,
+    data: Partial<T>,
+  ): Promise<T | null>;
+
+  delete(slug: string, id: string): Promise<boolean>;
+
+  findGlobal<T = any>(slug: string): Promise<T>;
+
+  updateGlobal<T = any>(slug: string, data: Partial<T>): Promise<T>;
+
+  seedGlobal(slug: string, data: any): Promise<void>;
+
+  count(slug: string): Promise<number>;
+
+  seed(slug: string, docs: any[]): Promise<void>;
+
+  isSeeded(slug: string): Promise<boolean>;
+}
+
+export type DatabaseType = "sqlite" | "postgres" | "mysql" | "mongodb";
+
+export interface DatabaseConfig {
+  type: DatabaseType;
+  connectionString?: string;
+  host?: string;
+  port?: number;
+  database?: string;
+  username?: string;
+  password?: string;
+  poolMin?: number;
+  poolMax?: number;
+  contentDbPath?: string;
+}