@kyro-cms/admin 0.1.6 → 0.1.7

package/src/pages/api/[collection]/index.ts

@@ -1,210 +1,182 @@
 import type { APIRoute } from "astro";
 import { dataStore } from "@/lib/dataStore";
 import { collections } from "@/lib/config";
+import { getAuthAdapter } from "../../../lib/db";
 
 dataStore.initialize(collections);
 
-const AUTH_COLLECTIONS = ["users", "roles", "audit_logs"];
-
-async function getAuthApi() {
-  const { RedisAuthAdapter } = await import("@kyro-cms/core");
-  return new RedisAuthAdapter({
-    url: process.env.REDIS_URL || "redis://localhost:6379",
-    tls: process.env.REDIS_TLS === "true",
-  });
-}
-
-export const GET: APIRoute = async ({ params, url }) => {
-  const collection = params.collection as string;
-
-  if (AUTH_COLLECTIONS.includes(collection)) {
-    const page = parseInt(url.searchParams.get("page") || "1");
-    const limit = parseInt(url.searchParams.get("limit") || "25");
-    const search = url.searchParams.get("search") || "";
-
-    try {
-      const adapter = await getAuthApi();
-      await adapter.connect();
-
-      if (collection === "users") {
-        const pattern = search ? `*${search.toLowerCase()}*` : "*";
-        let cursor = "0";
-        const users: any[] = [];
-        const seenIds = new Set<string>();
-
-        do {
-          const [nextCursor, keys] = await (adapter as any).redis.scan(
-            cursor,
-            "MATCH",
-            "kyro:auth:users:email:*",
-            "COUNT",
-            100,
-          );
-          cursor = nextCursor;
+const initSeedData = async () => {
+  const store = dataStore;
+
+  // Seed products (for ecommerce)
+  if (!(await store.isSeeded("products"))) {
+    await store.seed("products", [
+      {
+        title: "Kyro Stealth Hoodie",
+        slug: "kyro-stealth-hoodie",
+        sku: "KSH-001",
+        price: 89.99,
+        status: "active",
+        inventory: 50,
+        description: "Premium heavy-weight cotton hoodie.",
+        category: "apparel-1",
+      },
+    ]);
+  }
 
-          for (const key of keys) {
-            const userId = await (adapter as any).redis.get(key);
-            if (userId && !seenIds.has(userId)) {
-              seenIds.add(userId);
-              const user = await adapter.findUserById(userId);
-              if (user) {
-                const { passwordHash, ...safeUser } = user;
-                users.push(safeUser);
-              }
-            }
-          }
-        } while (cursor !== "0");
+  // Seed pages
+  if (!(await store.isSeeded("pages"))) {
+    await store.seed("pages", [
+      {
+        title: "About Us",
+        slug: "about",
+        content: "<p>Welcome to our about page!</p>",
+        status: "published",
+      },
+      {
+        title: "Contact",
+        slug: "contact",
+        content: "<p>Get in touch with us!</p>",
+        status: "published",
+      },
+    ]);
+  }
 
-        const totalDocs = users.length;
-        const startIndex = (page - 1) * limit;
-        const paginatedUsers = users.slice(startIndex, startIndex + limit);
+  // Seed posts (for blog content)
+  if (!(await store.isSeeded("posts"))) {
+    await store.seed("posts", [
+      {
+        title: "Welcome to Kyro CMS",
+        slug: "welcome-to-kyro-cms",
+        content:
+          "<p>Welcome to your new CMS! This is your first blog post.</p>",
+        excerpt: "Welcome to your new CMS!",
+        status: "published",
+        publishedAt: new Date().toISOString(),
+      },
+    ]);
+  }
 
-        await adapter.disconnect();
+  // Seed categories
+  if (!(await store.isSeeded("categories"))) {
+    await store.seed("categories", [
+      { title: "General", slug: "general", description: "General category" },
+      { title: "News", slug: "news", description: "News and announcements" },
+      { title: "Updates", slug: "updates", description: "Product updates" },
+    ]);
+  }
 
-        return new Response(
-          JSON.stringify({
-            docs: paginatedUsers,
-            totalDocs,
-            page,
-            limit,
-            totalPages: Math.ceil(totalDocs / limit),
-          }),
-          { status: 200, headers: { "Content-Type": "application/json" } },
-        );
-      }
+  // Seed navigation
+  if (!(await store.isSeeded("navigation"))) {
+    await store.seed("navigation", [
+      { label: "Home", url: "/", location: "header", order: 1 },
+      { label: "Blog", url: "/blog", location: "header", order: 2 },
+      { label: "About", url: "/about", location: "header", order: 3 },
+      { label: "Contact", url: "/contact", location: "header", order: 4 },
+      { label: "Privacy", url: "/privacy", location: "footer", order: 1 },
+      { label: "Terms", url: "/terms", location: "footer", order: 2 },
+    ]);
+  }
 
-      if (collection === "roles") {
-        const defaultRoles = [
-          {
-            id: "super_admin",
-            name: "super_admin",
-            level: 100,
-            inherits: ["admin"],
-            description: "Full system access across all tenants",
-          },
-          {
-            id: "admin",
-            name: "admin",
-            level: 90,
-            inherits: ["editor"],
-            description: "Full tenant access with all content permissions",
-          },
-          {
-            id: "editor",
-            name: "editor",
-            level: 70,
-            inherits: ["author"],
-            description: "Edit and publish all content",
-          },
-          {
-            id: "author",
-            name: "author",
-            level: 50,
-            inherits: ["customer"],
-            description: "Create and edit own content",
-          },
-          {
-            id: "customer",
-            name: "customer",
-            level: 30,
-            inherits: [],
-            description: "Access own data and make purchases",
-          },
-          {
-            id: "guest",
-            name: "guest",
-            level: 10,
-            inherits: [],
-            description: "Public read-only access",
-          },
-        ];
+  // Seed site settings
+  const siteGlobal = await store.findGlobal("site-settings");
+  if (!siteGlobal.siteName) {
+    await store.seedGlobal("site-settings", {
+      siteName: "Kyro CMS",
+      siteDescription: "A modern, powerful headless CMS built with Astro.",
+      allowRegistration: true,
+    });
+  }
 
-        await adapter.disconnect();
+  // Seed SEO settings
+  const seoGlobal = await store.findGlobal("seo-settings");
+  if (!seoGlobal.defaultTitle) {
+    await store.seedGlobal("seo-settings", {
+      defaultTitle: "Kyro CMS - The Performance CMS",
+      titleTemplate: "%s | Kyro CMS",
+      defaultDescription:
+        "High-performance content management for the modern web.",
+    });
+  }
+};
 
-        return new Response(
-          JSON.stringify({
-            docs: defaultRoles,
-            totalDocs: defaultRoles.length,
-            page,
-            limit,
-            totalPages: 1,
-          }),
-          { status: 200, headers: { "Content-Type": "application/json" } },
-        );
-      }
+initSeedData().catch(console.error);
 
-      if (collection === "audit_logs") {
-        const logs = await (adapter as any).redis.keys("kyro:auth:audit:*");
-        const auditLogs: any[] = [];
+const AUTH_COLLECTIONS = ["users", "roles", "audit_logs"];
 
-        for (const key of logs.slice(0, 100)) {
-          const logData = await (adapter as any).redis.hgetall(key);
-          if (logData) {
-            auditLogs.push({
-              id: logData.id,
-              action: logData.action,
-              userId: logData.userId,
-              userEmail: logData.userEmail,
-              role: logData.role,
-              resource: logData.resource,
-              ipAddress: logData.ipAddress,
-              userAgent: logData.userAgent,
-              success: logData.success === "true",
-              error: logData.error,
-              timestamp: logData.timestamp,
-            });
-          }
-        }
+async function getAuthAdapterLocal() {
+  return await getAuthAdapter();
+}
 
-        const sortedLogs = auditLogs.sort(
-          (a, b) =>
-            new Date(b.timestamp).getTime() - new Date(a.timestamp).getTime(),
-        );
+export const GET: APIRoute = async ({ params, url }) => {
+  const collection = params.collection as string;
+  const page = parseInt(url.searchParams.get("page") || "1");
+  const limit = parseInt(url.searchParams.get("limit") || "25");
 
-        const totalDocs = sortedLogs.length;
-        const startIndex = (page - 1) * limit;
-        const paginatedLogs = sortedLogs.slice(startIndex, startIndex + limit);
+  if (AUTH_COLLECTIONS.includes(collection)) {
+    const adapter = await getAuthAdapterLocal();
 
-        await adapter.disconnect();
+    if (collection === "users") {
+      const users = await adapter.findAllUsers();
+      const safeUsers = users.map(({ passwordHash, ...user }) => user);
+      return new Response(
+        JSON.stringify({
+          docs: safeUsers,
+          totalDocs: safeUsers.length,
+          page,
+          limit,
+          totalPages: 1,
+        }),
+        { status: 200, headers: { "Content-Type": "application/json" } },
+      );
+    }
 
-        return new Response(
-          JSON.stringify({
-            docs: paginatedLogs,
-            totalDocs,
-            page,
-            limit,
-            totalPages: Math.ceil(totalDocs / limit) || 1,
-          }),
-          { status: 200, headers: { "Content-Type": "application/json" } },
-        );
-      }
+    if (collection === "roles") {
+      const roles = await adapter.findUserRoles();
+      return new Response(
+        JSON.stringify({
+          docs: roles,
+          totalDocs: roles.length,
+          page,
+          limit,
+          totalPages: 1,
+        }),
+        { status: 200, headers: { "Content-Type": "application/json" } },
+      );
+    }
 
-      await adapter.disconnect();
-    } catch (error) {
-      console.error(`Error fetching ${collection}:`, error);
+    if (collection === "audit_logs") {
+      const offset = (page - 1) * limit;
+      const { logs, total } = await adapter.findAuditLogs({
+        limit,
+        offset,
+      });
       return new Response(
         JSON.stringify({
-          error: `Failed to fetch ${collection}`,
-          docs: [],
-          totalDocs: 0,
+          docs: logs,
+          totalDocs: total,
+          page,
+          limit,
+          totalPages: Math.ceil(total / limit),
         }),
         { status: 200, headers: { "Content-Type": "application/json" } },
       );
     }
   }
 
-  const page = parseInt(url.searchParams.get("page") || "1");
-  const limit = parseInt(url.searchParams.get("limit") || "25");
-
   try {
-    const result = dataStore.find(collection, { page, limit });
+    const result = await dataStore.find(collection, { page, limit });
     return new Response(JSON.stringify(result), {
       status: 200,
       headers: { "Content-Type": "application/json" },
     });
   } catch (error) {
     return new Response(
-      JSON.stringify({ error: "Failed to fetch documents" }),
+      JSON.stringify({
+        error: "Failed to fetch documents",
+        docs: [],
+        totalDocs: 0,
+      }),
       { status: 500, headers: { "Content-Type": "application/json" } },
     );
   }
@@ -214,68 +186,17 @@ export const POST: APIRoute = async ({ params, request }) => {
   const collection = params.collection as string;
 
   if (AUTH_COLLECTIONS.includes(collection)) {
-    try {
-      const adapter = await getAuthApi();
-      await adapter.connect();
-
-      const body = await request.json();
-
-      if (collection === "users") {
-        const { email, password, role, tenantId } = body;
-
-        if (!email || !password) {
-          await adapter.disconnect();
-          return new Response(
-            JSON.stringify({ error: "Email and password are required" }),
-            { status: 400, headers: { "Content-Type": "application/json" } },
-          );
-        }
-
-        const existing = await adapter.findUserByEmail(email);
-        if (existing) {
-          await adapter.disconnect();
-          return new Response(
-            JSON.stringify({ error: "Email already exists" }),
-            { status: 400, headers: { "Content-Type": "application/json" } },
-          );
-        }
-
-        const passwordHash = await adapter.hashPassword(password);
-        const user = await adapter.createUser({
-          email,
-          passwordHash,
-          role: role || "customer",
-          tenantId,
-        });
-
-        await adapter.disconnect();
-
-        const { passwordHash: _, ...safeUser } = user;
-        return new Response(JSON.stringify({ data: safeUser }), {
-          status: 201,
-          headers: { "Content-Type": "application/json" },
-        });
-      }
-
-      await adapter.disconnect();
-      return new Response(
-        JSON.stringify({
-          error: `Collection ${collection} does not support POST`,
-        }),
-        { status: 405, headers: { "Content-Type": "application/json" } },
-      );
-    } catch (error) {
-      console.error(`Error creating ${collection}:`, error);
-      return new Response(
-        JSON.stringify({ error: `Failed to create ${collection}` }),
-        { status: 500, headers: { "Content-Type": "application/json" } },
-      );
-    }
+    return new Response(
+      JSON.stringify({
+        error: `Collection ${collection} does not support POST`,
+      }),
+      { status: 405, headers: { "Content-Type": "application/json" } },
+    );
   }
 
   try {
     const body = await request.json();
-    const doc = dataStore.create(collection, body);
+    const doc = await dataStore.create(collection, body);
     return new Response(JSON.stringify({ data: doc }), {
       status: 201,
       headers: { "Content-Type": "application/json" },

package/src/pages/api/auth/[id].ts

@@ -1,30 +1,12 @@
 import type { APIRoute } from "astro";
-import { RedisAuthAdapter } from "@kyro-cms/core";
-import { AuditLogger } from "@kyro-cms/core";
-import { createAuditContext } from "@kyro-cms/core";
-import bcrypt from "bcryptjs";
-
-const redisAdapter = new RedisAuthAdapter({
-  url: process.env.REDIS_URL || "redis://localhost:6379",
-});
-
-const auditLogger = new AuditLogger(redisAdapter as any);
-
-async function ensureConnection() {
-  try {
-    await redisAdapter.connect();
-  } catch (e) {
-    // Connection might already be established
-  }
-}
+import { getAuthAdapter } from "../../../lib/db";
 
 export const GET: APIRoute = async ({ params }) => {
-  await ensureConnection();
-
   const { id } = params;
+  const adapter = await getAuthAdapter();
 
   try {
-    const user = await redisAdapter.findUserById(id!);
+    const user = await adapter.findUserById(id!);
 
     if (!user) {
       return new Response(JSON.stringify({ error: "User not found" }), {
@@ -33,8 +15,7 @@ export const GET: APIRoute = async ({ params }) => {
       });
     }
 
-    const { passwordHash, ...safeUser } = user;
-    return new Response(JSON.stringify({ data: safeUser }), {
+    return new Response(JSON.stringify({ data: user }), {
       status: 200,
       headers: { "Content-Type": "application/json" },
     });
@@ -48,46 +29,26 @@ export const GET: APIRoute = async ({ params }) => {
 };
 
 export const PUT: APIRoute = async ({ params, request }) => {
-  await ensureConnection();
-
   const { id } = params;
-  const { ipAddress, userAgent } = createAuditContext(request as any);
+  const adapter = await getAuthAdapter();
 
   try {
     const body = await request.json();
-    const { email, role, tenantId, locked, emailVerified } = body;
+    const { email, role } = body;
 
-    const existing = await redisAdapter.findUserById(id!);
-    if (!existing) {
+    const user = await adapter.updateUser(id!, {
+      email,
+      role,
+    });
+
+    if (!user) {
       return new Response(JSON.stringify({ error: "User not found" }), {
         status: 404,
         headers: { "Content-Type": "application/json" },
       });
     }
 
-    const updateData: any = {};
-    if (email !== undefined) updateData.email = email;
-    if (role !== undefined) updateData.role = role;
-    if (tenantId !== undefined) updateData.tenantId = tenantId;
-    if (locked !== undefined) updateData.locked = locked;
-    if (emailVerified !== undefined) updateData.emailVerified = emailVerified;
-
-    const user = await redisAdapter.updateUser(id!, updateData);
-
-    await auditLogger.log({
-      action: "user_update",
-      userId: id,
-      userEmail: existing.email,
-      role: existing.role,
-      resource: "users",
-      ipAddress,
-      userAgent,
-      success: true,
-      metadata: { updateData },
-    });
-
-    const { passwordHash, ...safeUser } = user!;
-    return new Response(JSON.stringify({ data: safeUser }), {
+    return new Response(JSON.stringify({ data: user }), {
       status: 200,
       headers: { "Content-Type": "application/json" },
     });
@@ -100,33 +61,51 @@ export const PUT: APIRoute = async ({ params, request }) => {
   }
 };
 
-export const DELETE: APIRoute = async ({ params, request }) => {
-  await ensureConnection();
-
+export const PATCH: APIRoute = async ({ params, request }) => {
   const { id } = params;
-  const { ipAddress, userAgent } = createAuditContext(request as any);
+  const adapter = await getAuthAdapter();
 
   try {
-    const existing = await redisAdapter.findUserById(id!);
-    if (!existing) {
+    const body = await request.json();
+    const { locked } = body;
+
+    const user = await adapter.updateUser(id!, {
+      locked,
+    });
+
+    if (!user) {
       return new Response(JSON.stringify({ error: "User not found" }), {
         status: 404,
         headers: { "Content-Type": "application/json" },
       });
     }
 
-    await redisAdapter.deleteUser(id!);
-
-    await auditLogger.log({
-      action: "user_delete",
-      userId: id,
-      userEmail: existing.email,
-      role: existing.role,
-      resource: "users",
-      ipAddress,
-      userAgent,
-      success: true,
+    return new Response(JSON.stringify({ data: user }), {
+      status: 200,
+      headers: { "Content-Type": "application/json" },
     });
+  } catch (error) {
+    console.error("Error setting user locked status:", error);
+    return new Response(JSON.stringify({ error: "Failed to update user" }), {
+      status: 500,
+      headers: { "Content-Type": "application/json" },
+    });
+  }
+};
+
+export const DELETE: APIRoute = async ({ params }) => {
+  const { id } = params;
+  const adapter = await getAuthAdapter();
+
+  try {
+    const success = await adapter.deleteUser(id!);
+
+    if (!success) {
+      return new Response(JSON.stringify({ error: "User not found" }), {
+        status: 404,
+        headers: { "Content-Type": "application/json" },
+      });
+    }
 
     return new Response(JSON.stringify({ success: true }), {
       status: 200,