@kyro-cms/admin 0.1.6 → 0.1.8

package/src/lib/auth/sqlite-adapter.ts

@@ -0,0 +1,319 @@
+import type { AuthAdapter, AuthUser, Session, UserRole } from "@kyro-cms/core";
+import bcrypt from "bcryptjs";
+import { randomBytes } from "crypto";
+import Database from "better-sqlite3";
+import path from "path";
+import fs from "fs";
+
+const DB_DIR = path.join(process.cwd(), "data");
+const DB_PATH = path.join(DB_DIR, "kyro.db");
+
+if (!fs.existsSync(DB_DIR)) {
+  fs.mkdirSync(DB_DIR, { recursive: true });
+}
+
+export const db = new Database(DB_PATH);
+db.pragma("journal_mode = WAL");
+
+db.exec(`
+  CREATE TABLE IF NOT EXISTS users (
+    id TEXT PRIMARY KEY,
+    email TEXT UNIQUE NOT NULL,
+    password_hash TEXT NOT NULL,
+    name TEXT,
+    role TEXT DEFAULT 'customer',
+    created_at TEXT NOT NULL,
+    updated_at TEXT NOT NULL
+  );
+
+  CREATE TABLE IF NOT EXISTS sessions (
+    token TEXT PRIMARY KEY,
+    user_id TEXT NOT NULL,
+    expires_at TEXT NOT NULL,
+    created_at TEXT NOT NULL
+  );
+
+  CREATE TABLE IF NOT EXISTS roles (
+    id TEXT PRIMARY KEY,
+    name TEXT UNIQUE NOT NULL,
+    level INTEGER DEFAULT 50,
+    inherits TEXT DEFAULT '[]',
+    permissions TEXT DEFAULT '[]',
+    description TEXT,
+    created_at TEXT NOT NULL
+  );
+
+  CREATE TABLE IF NOT EXISTS audit_logs (
+    id TEXT PRIMARY KEY,
+    user_id TEXT,
+    action TEXT NOT NULL,
+    entity_type TEXT,
+    entity_id TEXT,
+    metadata TEXT DEFAULT '{}',
+    ip_address TEXT,
+    user_agent TEXT,
+    created_at TEXT NOT NULL
+  );
+`);
+
+export interface SQLiteAuthAdapterOptions {
+  tokenExpiration?: number;
+  refreshTokenExpiration?: number;
+}
+
+const DEFAULT_TOKEN_EXPIRATION = 86400;
+const DEFAULT_REFRESH_EXPIRATION = 604800;
+
+export class SQLiteAuthAdapter implements AuthAdapter {
+  private tokenExpiration: number;
+  private refreshExpiration: number;
+
+  constructor(options: SQLiteAuthAdapterOptions = {}) {
+    this.tokenExpiration = options.tokenExpiration || DEFAULT_TOKEN_EXPIRATION;
+    this.refreshExpiration =
+      options.refreshTokenExpiration || DEFAULT_REFRESH_EXPIRATION;
+  }
+
+  private getTimestamp(): string {
+    return new Date().toISOString();
+  }
+
+  private generateId(): string {
+    return randomBytes(16).toString("hex");
+  }
+
+  private getDb(): Database.Database {
+    return db;
+  }
+
+  async findUserById(id: string): Promise<AuthUser | null> {
+    const user = db.prepare("SELECT * FROM users WHERE id = ?").get(id) as any;
+    if (!user) return null;
+    return {
+      id: user.id,
+      email: user.email,
+      name: user.name,
+      role: user.role as UserRole,
+      createdAt: user.created_at,
+      updatedAt: user.updated_at,
+    };
+  }
+
+  async findUserByEmail(email: string): Promise<AuthUser | null> {
+    const user = db
+      .prepare("SELECT * FROM users WHERE email = ?")
+      .get(email) as any;
+    if (!user) return null;
+    return {
+      id: user.id,
+      email: user.email,
+      name: user.name,
+      role: user.role as UserRole,
+      createdAt: user.created_at,
+      updatedAt: user.updated_at,
+    };
+  }
+
+  async createUser(
+    userData: Partial<AuthUser> & { password: string },
+  ): Promise<AuthUser> {
+    const now = this.getTimestamp();
+    const id = this.generateId();
+    const passwordHash = await bcrypt.hash(userData.password, 10);
+
+    db.prepare(
+      "INSERT INTO users (id, email, password_hash, name, role, created_at, updated_at) VALUES (?, ?, ?, ?, ?, ?, ?)",
+    ).run(
+      id,
+      userData.email,
+      passwordHash,
+      userData.name || null,
+      userData.role || "customer",
+      now,
+      now,
+    );
+
+    return {
+      id,
+      email: userData.email,
+      name: userData.name,
+      role: userData.role || "customer",
+      createdAt: now,
+      updatedAt: now,
+    };
+  }
+
+  async updateUser(
+    id: string,
+    data: Partial<AuthUser> & { password?: string },
+  ): Promise<AuthUser | null> {
+    const existing = await this.findUserById(id);
+    if (!existing) return null;
+
+    const now = this.getTimestamp();
+    const updates: string[] = [];
+    const values: any[] = [];
+
+    if (data.email !== undefined) {
+      updates.push("email = ?");
+      values.push(data.email);
+    }
+    if (data.name !== undefined) {
+      updates.push("name = ?");
+      values.push(data.name);
+    }
+    if (data.role !== undefined) {
+      updates.push("role = ?");
+      values.push(data.role);
+    }
+    if (data.password !== undefined) {
+      updates.push("password_hash = ?");
+      values.push(await bcrypt.hash(data.password, 10));
+    }
+
+    updates.push("updated_at = ?");
+    values.push(now);
+    values.push(id);
+
+    db.prepare(`UPDATE users SET ${updates.join(", ")} WHERE id = ?`).run(
+      ...values,
+    );
+
+    return this.findUserById(id);
+  }
+
+  async deleteUser(id: string): Promise<boolean> {
+    const result = db.prepare("DELETE FROM users WHERE id = ?").run(id);
+    if (result.changes > 0) {
+      db.prepare("DELETE FROM sessions WHERE user_id = ?").run(id);
+      return true;
+    }
+    return false;
+  }
+
+  async verifyPassword(
+    email: string,
+    password: string,
+  ): Promise<AuthUser | null> {
+    const user = db
+      .prepare("SELECT * FROM users WHERE email = ?")
+      .get(email) as any;
+    if (!user) return null;
+
+    const valid = await bcrypt.compare(password, user.password_hash);
+    if (!valid) return null;
+
+    return {
+      id: user.id,
+      email: user.email,
+      name: user.name,
+      role: user.role as UserRole,
+      createdAt: user.created_at,
+      updatedAt: user.updated_at,
+    };
+  }
+
+  async createSession(userId: string): Promise<Session> {
+    const now = new Date();
+    const expiresAt = new Date(now.getTime() + this.tokenExpiration * 1000);
+    const refreshExpiresAt = new Date(
+      now.getTime() + this.refreshExpiration * 1000,
+    );
+
+    const token = randomBytes(32).toString("hex");
+    const refreshToken = randomBytes(32).toString("hex");
+
+    db.prepare(
+      "INSERT INTO sessions (token, user_id, expires_at, created_at) VALUES (?, ?, ?, ?)",
+    ).run(token, userId, expiresAt.toISOString(), now.toISOString());
+
+    return {
+      token,
+      refreshToken,
+      expiresAt: expiresAt.toISOString(),
+      userId,
+      createdAt: now.toISOString(),
+    };
+  }
+
+  async validateSession(token: string): Promise<Session | null> {
+    const now = new Date().toISOString();
+    const session = db
+      .prepare("SELECT * FROM sessions WHERE token = ? AND expires_at > ?")
+      .get(token, now) as any;
+
+    if (!session) return null;
+
+    return {
+      token: session.token,
+      userId: session.user_id,
+      expiresAt: session.expires_at,
+      createdAt: session.created_at,
+    };
+  }
+
+  async refreshSession(token: string): Promise<Session | null> {
+    const session = await this.validateSession(token);
+    if (!session) return null;
+
+    return this.createSession(session.userId);
+  }
+
+  async revokeSession(token: string): Promise<void> {
+    db.prepare("DELETE FROM sessions WHERE token = ?").run(token);
+  }
+
+  async revokeAllUserSessions(userId: string): Promise<void> {
+    db.prepare("DELETE FROM sessions WHERE user_id = ?").run(userId);
+  }
+
+  async findUserRoles(): Promise<UserRole[]> {
+    const roles = db
+      .prepare("SELECT * FROM roles ORDER BY level DESC")
+      .all() as any[];
+    return roles.map((r) => ({
+      id: r.id,
+      name: r.name,
+      level: r.level,
+      inherits: JSON.parse(r.inherits || "[]"),
+      permissions: JSON.parse(r.permissions || "[]"),
+      description: r.description,
+      createdAt: r.created_at,
+    }));
+  }
+
+  async createRole(role: Partial<UserRole>): Promise<UserRole> {
+    const now = this.getTimestamp();
+    const id = role.id || this.generateId();
+
+    db.prepare(
+      "INSERT INTO roles (id, name, level, inherits, permissions, description, created_at) VALUES (?, ?, ?, ?, ?, ?, ?)",
+    ).run(
+      id,
+      role.name,
+      role.level || 50,
+      JSON.stringify(role.inherits || []),
+      JSON.stringify(role.permissions || []),
+      role.description || null,
+      now,
+    );
+
+    return {
+      id,
+      name: role.name!,
+      level: role.level || 50,
+      inherits: role.inherits || [],
+      permissions: role.permissions || [],
+      description: role.description,
+      createdAt: now,
+    };
+  }
+
+  async findUserByIdWithPassword(
+    id: string,
+  ): Promise<{ id: string; email: string; password_hash: string } | null> {
+    return db
+      .prepare("SELECT id, email, password_hash FROM users WHERE id = ?")
+      .get(id) as any;
+  }
+}

package/src/lib/config.ts

@@ -1,8 +1,8 @@
-import type { CollectionConfig, GlobalConfig } from "@kyro-cms/core";
-import { blogCollections } from "../../../src/index";
-import { ecommerceCollections } from "../../../src/index";
-import { minimalCollections } from "../../../src/index";
-import { kitchenSinkCollections } from "../../../src/index";
+import type { CollectionConfig, GlobalConfig } from "@kyro-cms/core/client";
+import { blogCollections } from "../../../src/templates/blog";
+import { ecommerceCollections } from "../../../src/templates/ecommerce";
+import { minimalCollections } from "../../../src/templates/minimal";
+import { kitchenSinkCollections } from "../../../src/templates/kitchen-sink";
 import { mediaCollections } from "../../../src/templates/media";
 import {
   allSettingsGlobals,
@@ -10,8 +10,14 @@ import {
   ecommerceSettingsGlobals,
 } from "../../../src/templates/settings";
 import { authCollections } from "../collections/auth";
+import { portfolioCollections } from "../collections/portfolio";
 
-export type AdminTemplate = "minimal" | "blog" | "ecommerce" | "kitchen-sink";
+export type AdminTemplate =
+  | "minimal"
+  | "blog"
+  | "ecommerce"
+  | "kitchen-sink"
+  | "portfolio";
 
 export function getAdminConfig(template: AdminTemplate = "blog") {
   const collections: CollectionConfig[] = [];
@@ -42,6 +48,11 @@ export function getAdminConfig(template: AdminTemplate = "blog") {
       );
       globals.push(...allSettingsGlobals);
       break;
+    case "portfolio":
+      collections.push(...Object.values(blogCollections));
+      collections.push(...Object.values(portfolioCollections));
+      globals.push(...coreSettingsGlobals);
+      break;
   }
 
   const collectionsMap = collections.reduce(
@@ -63,6 +74,11 @@ export function getAdminConfig(template: AdminTemplate = "blog") {
   return { collections: collectionsMap, globals: globalsMap };
 }
 
-export const adminConfig = getAdminConfig("blog");
+export const adminConfig = getAdminConfig("minimal");
 export const collections = adminConfig.collections;
 export const globals = adminConfig.globals;
+
+export const authCollectionSlugs = ["users", "roles", "audit_logs"];
+export const nonAuthCollections = Object.values(collections).filter(
+  (c) => !authCollectionSlugs.includes(c.slug),
+);

package/src/lib/dataStore.ts

@@ -1,111 +1,226 @@
-import type { CollectionConfig } from "@kyro-cms/core";
+import type { CollectionConfig } from "@kyro-cms/core/client";
+import { randomUUID } from "crypto";
+import {
+  initializeDatabase,
+  getDatabaseAdapter,
+  isDatabaseInitialized,
+} from "./db";
+import type { Version, VersionDiff, DraftPublishConfig } from "@kyro-cms/core";
+import { VersionManager, createVersionManager } from "@kyro-cms/core";
+import { DataStoreVersionAdapter } from "./db/version-adapter.js";
 
-interface Document {
-  id: string;
-  [key: string]: any;
-}
-
-class DataStore {
-  private data: Map<string, Document[]> = new Map();
-  private metadata: Map<string, { createdAt: string; updatedAt: string }> =
-    new Map();
-  private idCounters: Map<string, number> = new Map();
+class DataStoreWrapper {
+  private db: ReturnType<typeof getDatabaseAdapter> | null = null;
+  private versionManager: VersionManager | null = null;
 
-  initialize(collections: Record<string, CollectionConfig>) {
-    for (const [slug, config] of Object.entries(collections)) {
-      if (!this.data.has(slug)) {
-        this.data.set(slug, []);
-        this.idCounters.set(slug, 1);
-      }
+  private async getStore() {
+    if (!isDatabaseInitialized()) {
+      await initializeDatabase();
     }
+    return getDatabaseAdapter();
+  }
+
+  private async getVersionManager(): Promise<VersionManager> {
+    if (this.versionManager) return this.versionManager;
+    const db = await this.getStore();
+    const adapter = new DataStoreVersionAdapter(db);
+    this.versionManager = createVersionManager(adapter, {
+      versioningEnabled: true,
+      maxVersionsPerDocument: 50,
+    } as DraftPublishConfig);
+    return this.versionManager;
   }
 
-  private generateId(slug: string): string {
-    const counter = this.idCounters.get(slug) || 1;
-    this.idCounters.set(slug, counter + 1);
-    return `${slug}-${counter}`;
+  initialize(collections: Record<string, CollectionConfig>) {
+    initializeDatabase(collections);
   }
 
-  private getTimestamp(): string {
+  private async getTimestamp(): Promise<string> {
     return new Date().toISOString();
   }
 
-  find<T = any>(
+  private generateId(): string {
+    return randomUUID();
+  }
+
+  async find<T = any>(
     slug: string,
     options: { page?: number; limit?: number } = {},
-  ): { docs: T[]; totalDocs: number; totalPages: number; page: number } {
-    const docs = this.data.get(slug) || [];
-    const page = options.page || 1;
-    const limit = options.limit || 25;
-    const start = (page - 1) * limit;
-    const end = start + limit;
-
-    return {
-      docs: docs.slice(start, end) as T[],
-      totalDocs: docs.length,
-      totalPages: Math.ceil(docs.length / limit),
-      page,
-    };
+  ): Promise<{
+    docs: T[];
+    totalDocs: number;
+    totalPages: number;
+    page: number;
+  }> {
+    const store = await this.getStore();
+    return store.find(slug, options);
   }
 
-  findById<T = any>(slug: string, id: string): T | null {
-    const docs = this.data.get(slug) || [];
-    return (docs.find((d) => d.id === id) as T) || null;
+  async findById<T = any>(slug: string, id: string): Promise<T | null> {
+    const store = await this.getStore();
+    return store.findById(slug, id);
   }
 
-  create<T = any>(slug: string, data: Partial<T>): T {
-    const docs = this.data.get(slug) || [];
-    const now = this.getTimestamp();
+  async create<T = any>(slug: string, data: Partial<T>): Promise<T> {
+    const store = await this.getStore();
+    const now = await this.getTimestamp();
+    const id = (data as any)?.id || this.generateId();
     const newDoc = {
-      id: this.generateId(slug),
       ...data,
+      id,
       createdAt: now,
       updatedAt: now,
     } as T;
-    docs.push(newDoc as any);
-    this.data.set(slug, docs);
-    this.metadata.set(`${slug}:${(newDoc as any).id}`, {
-      createdAt: now,
-      updatedAt: now,
-    });
-    return newDoc;
+    return store.create(slug, newDoc);
   }
 
-  update<T = any>(slug: string, id: string, data: Partial<T>): T | null {
-    const docs = this.data.get(slug) || [];
-    const index = docs.findIndex((d) => d.id === id);
-    if (index === -1) return null;
+  async update<T = any>(
+    slug: string,
+    id: string,
+    data: Partial<T>,
+    options?: {
+      versionStatus?: "draft" | "published";
+      changeDescription?: string;
+    },
+  ): Promise<T | null> {
+    const store = await this.getStore();
+    const existing = await store.findById(slug, id);
+    if (!existing) return null;
 
-    const now = this.getTimestamp();
+    const now = await this.getTimestamp();
     const updated = {
-      ...docs[index],
+      ...existing,
       ...data,
       id,
       updatedAt: now,
     };
-    docs[index] = updated;
-    this.data.set(slug, docs);
-    this.metadata.set(`${slug}:${id}`, {
-      createdAt: docs[index].createdAt,
-      updatedAt: now,
+
+    // Save version history before updating
+    const versionStatus = options?.versionStatus || "draft";
+    const changeDescription = options?.changeDescription;
+
+    await this.createVersion(slug, id, existing, {
+      status: versionStatus,
+      changeDescription,
     });
-    return updated as T;
+
+    return store.update(slug, id, updated);
+  }
+
+  async findVersions(parentCollection: string, parentId: string) {
+    const vm = await this.getVersionManager();
+    const versions = await vm.getVersionHistory(
+      parentCollection,
+      parentId,
+      100,
+    );
+    return (versions as Version[])
+      .map((v) => ({
+        id: v.id,
+        version: v.version,
+        createdAt: v.createdAt,
+        status: v.status,
+        createdBy: v.createdBy,
+        data: v.data,
+        changeDescription: v.changeDescription,
+      }))
+      .sort((a, b) => b.version - a.version);
   }
 
-  delete(slug: string, id: string): boolean {
-    const docs = this.data.get(slug) || [];
-    const index = docs.findIndex((d) => d.id === id);
-    if (index === -1) return false;
+  async createVersion(
+    parentCollection: string,
+    parentId: string,
+    data: any,
+    options?: {
+      status?: string;
+      createdBy?: string;
+      changeDescription?: string;
+    },
+  ) {
+    const vm = await this.getVersionManager();
+    try {
+      return await vm.createVersion({
+        collection: parentCollection,
+        documentId: parentId,
+        data,
+        status: (options?.status || "draft") as "draft" | "published",
+        createdBy: options?.createdBy || "system",
+        changeDescription: options?.changeDescription,
+      });
+    } catch (e) {
+      console.error("Failed to create version snapshot:", e);
+      return null;
+    }
+  }
+
+  async restoreVersion(
+    parentCollection: string,
+    parentId: string,
+    versionId: string,
+  ) {
+    const vm = await this.getVersionManager();
+    const store = await this.getStore();
+    const version = await store.findById("_versions", versionId);
+    if (!version || version.parentId !== parentId) return null;
+
+    return this.update(parentCollection, parentId, version.data);
+  }
+
+  async compareVersions(
+    collection: string,
+    documentId: string,
+    versionA: string | number,
+    versionB: string | number,
+  ): Promise<VersionDiff[]> {
+    const vm = await this.getVersionManager();
+    return vm.compareTwoVersions(collection, documentId, versionA, versionB);
+  }
+
+  async delete(slug: string, id: string): Promise<boolean> {
+    const store = await this.getStore();
+    return store.delete(slug, id);
+  }
+
+  async findOne(
+    slug: string,
+    filter: Record<string, any>,
+  ): Promise<any | null> {
+    const store = await this.getStore();
+    const results = await store.find(slug, { limit: 1 });
+    return results.docs.length > 0 ? results.docs[0] : null;
+  }
+
+  async findGlobal<T = any>(slug: string): Promise<T> {
+    const store = await this.getStore();
+    return store.findGlobal(slug);
+  }
+
+  async updateGlobal<T = any>(slug: string, data: Partial<T>): Promise<T> {
+    const store = await this.getStore();
+    const current = await store.findGlobal(slug);
+    const updated = { ...current, ...data };
+    return store.updateGlobal(slug, updated);
+  }
+
+  async seedGlobal(slug: string, data: any): Promise<void> {
+    const store = await this.getStore();
+    return store.seedGlobal(slug, data);
+  }
+
+  async count(slug: string): Promise<number> {
+    const store = await this.getStore();
+    return store.count(slug);
+  }
 
-    docs.splice(index, 1);
-    this.data.set(slug, docs);
-    this.metadata.delete(`${slug}:${id}`);
-    return true;
+  async seed(slug: string, docs: any[]): Promise<void> {
+    const store = await this.getStore();
+    return store.seed(slug, docs);
   }
 
-  count(slug: string): number {
-    return (this.data.get(slug) || []).length;
+  async isSeeded(slug: string): Promise<boolean> {
+    const store = await this.getStore();
+    return store.isSeeded(slug);
   }
 }
 
-export const dataStore = new DataStore();
+export const dataStore = new DataStoreWrapper();