@kyro-cms/admin 0.3.2 → 0.3.4

package/src/lib/db/mongodb-auth-adapter.ts

@@ -1,305 +0,0 @@
-import type { AuthAdapter, AuthUser, Session, UserRole } from "@kyro-cms/core";
-import type { AuditLog, AuditLogFilter } from "@kyro-cms/core";
-import { MongoClient, Db, ObjectId } from "mongodb";
-import bcrypt from "bcryptjs";
-import { randomBytes } from "crypto";
-
-export interface MongoDBAuthAdapterOptions {
-  connectionString?: string;
-  host?: string;
-  port?: number;
-  username?: string;
-  password?: string;
-  database?: string;
-  sessionTTL?: number;
-  refreshTokenTTL?: number;
-}
-
-const DEFAULT_SESSION_TTL = 86400;
-const DEFAULT_REFRESH_TTL = 604800;
-
-export class MongoDBAuthAdapter implements AuthAdapter {
-  private client: MongoClient | null = null;
-  private db: Db | null = null;
-  private sessionTTL: number;
-  private refreshTTL: number;
-
-  constructor(private options: MongoDBAuthAdapterOptions) {
-    this.sessionTTL = options.sessionTTL || DEFAULT_SESSION_TTL;
-    this.refreshTTL = options.refreshTokenTTL || DEFAULT_REFRESH_TTL;
-  }
-
-  private async getDb(): Promise<Db> {
-    if (!this.client) {
-      const connectionString =
-        this.options.connectionString ||
-        `mongodb://${this.options.username}:${this.options.password}@${this.options.host}:${this.options.port}`;
-      this.client = new MongoClient(connectionString);
-      await this.client.connect();
-    }
-    if (!this.db) {
-      this.db = this.client!.db(this.options.database || "kyro");
-    }
-    return this.db;
-  }
-
-  private generateId(): string {
-    return new ObjectId().toHexString();
-  }
-
-  async createUser(data: {
-    email: string;
-    passwordHash: string;
-    role: UserRole;
-    tenantId?: string;
-  }): Promise<AuthUser> {
-    const db = await this.getDb();
-    const now = new Date();
-    const id = this.generateId();
-
-    await db.collection("users").insertOne({
-      _id: new ObjectId(id),
-      email: data.email.toLowerCase(),
-      passwordHash: data.passwordHash,
-      name: null,
-      role: data.role,
-      tenantId: data.tenantId || null,
-      emailVerified: false,
-      locked: false,
-      lastLogin: null,
-      failedLoginAttempts: 0,
-      lockedUntil: null,
-      createdAt: now,
-      updatedAt: now,
-    });
-
-    return {
-      id,
-      email: data.email,
-      role: data.role,
-      tenantId: data.tenantId,
-      createdAt: now.toISOString(),
-      updatedAt: now.toISOString(),
-    };
-  }
-
-  async findUserByEmail(email: string): Promise<AuthUser | null> {
-    const db = await this.getDb();
-    const user = await db
-      .collection("users")
-      .findOne({ email: email.toLowerCase() });
-    if (!user) return null;
-    return {
-      id: user._id.toString(),
-      email: user.email,
-      role: user.role as UserRole,
-      tenantId: user.tenantId || undefined,
-      createdAt: user.createdAt?.toISOString() || "",
-      updatedAt: user.updatedAt?.toISOString() || "",
-    };
-  }
-
-  async findUserById(id: string): Promise<AuthUser | null> {
-    const db = await this.getDb();
-    const user = await db
-      .collection("users")
-      .findOne({ _id: new ObjectId(id) });
-    if (!user) return null;
-    return {
-      id: user._id.toString(),
-      email: user.email,
-      role: user.role as UserRole,
-      tenantId: user.tenantId || undefined,
-      createdAt: user.createdAt?.toISOString() || "",
-      updatedAt: user.updatedAt?.toISOString() || "",
-    };
-  }
-
-  async updateUser(
-    id: string,
-    data: Partial<AuthUser>,
-  ): Promise<AuthUser | null> {
-    const db = await this.getDb();
-    const updates: Record<string, unknown> = { updatedAt: new Date() };
-    if (data.email) updates.email = data.email.toLowerCase();
-    if (data.role) updates.role = data.role;
-    if (data.passwordHash) updates.passwordHash = data.passwordHash;
-
-    await db
-      .collection("users")
-      .updateOne({ _id: new ObjectId(id) }, { $set: updates });
-
-    return this.findUserById(id);
-  }
-
-  async deleteUser(id: string): Promise<boolean> {
-    const db = await this.getDb();
-    await db.collection("users").deleteOne({ _id: new ObjectId(id) });
-    return true;
-  }
-
-  async verifyPassword(password: string, hash: string): Promise<boolean> {
-    return bcrypt.compare(password, hash);
-  }
-
-  async hashPassword(password: string): Promise<string> {
-    return bcrypt.hash(password, 10);
-  }
-
-  async createSession(
-    userId: string,
-    data?: { ipAddress?: string; userAgent?: string },
-  ): Promise<Session> {
-    const db = await this.getDb();
-    const now = new Date();
-    const expiresAt = new Date(now.getTime() + this.sessionTTL * 1000);
-    const token = randomBytes(32).toString("hex");
-    const refreshToken = randomBytes(32).toString("hex");
-    const id = this.generateId();
-
-    await db.collection("sessions").insertOne({
-      _id: new ObjectId(id),
-      token,
-      refreshToken,
-      userId,
-      expiresAt,
-      createdAt: now,
-      ipAddress: data?.ipAddress,
-      userAgent: data?.userAgent,
-    });
-
-    return {
-      id,
-      token,
-      refreshToken: refreshToken || undefined,
-      userId,
-      expiresAt: expiresAt.toISOString(),
-      createdAt: now.toISOString(),
-      ipAddress: data?.ipAddress,
-      userAgent: data?.userAgent,
-    };
-  }
-
-  async findSessionByToken(token: string): Promise<Session | null> {
-    const db = await this.getDb();
-    const session = await db
-      .collection("sessions")
-      .findOne({ token, expiresAt: { $gt: new Date() } });
-    if (!session) return null;
-
-    return {
-      id: session._id.toString(),
-      token: session.token,
-      refreshToken: session.refreshToken || undefined,
-      userId: session.userId,
-      expiresAt: session.expiresAt.toISOString(),
-      createdAt: session.createdAt.toISOString(),
-    };
-  }
-
-  async deleteSession(sessionId: string): Promise<boolean> {
-    const db = await this.getDb();
-    await db.collection("sessions").deleteOne({ _id: new ObjectId(sessionId) });
-    return true;
-  }
-
-  async deleteUserSessions(userId: string): Promise<number> {
-    const db = await this.getDb();
-    const result = await db.collection("sessions").deleteMany({ userId });
-    return result.deletedCount;
-  }
-
-  async hasAnyUsers(): Promise<boolean> {
-    const db = await this.getDb();
-    const count = await db.collection("users").countDocuments();
-    return count > 0;
-  }
-
-  async findAuditLogs(
-    filter: AuditLogFilter,
-  ): Promise<{ logs: AuditLog[]; total: number }> {
-    const {
-      limit = 50,
-      offset = 0,
-      userId,
-      action,
-      resource,
-      success,
-      startDate,
-      endDate,
-    } = filter;
-
-    const query: Record<string, unknown> = {};
-    if (userId) query.userId = userId;
-    if (action) {
-      if (Array.isArray(action)) query.action = { $in: action };
-      else query.action = action;
-    }
-    if (resource) query.resource = resource;
-    if (success !== undefined) query.success = success;
-    if (startDate || endDate) {
-      query.createdAt = {};
-      if (startDate) (query.createdAt as Record<string, Date>).$gte = startDate;
-      if (endDate) (query.createdAt as Record<string, Date>).$lte = endDate;
-    }
-
-    const db = await this.getDb();
-    const total = await db.collection("audit_logs").countDocuments(query);
-    const logs = await db
-      .collection("audit_logs")
-      .find(query)
-      .sort({ createdAt: -1 })
-      .skip(offset)
-      .limit(limit)
-      .toArray();
-
-    return {
-      logs: logs.map((log: any) => ({
-        id: log._id.toString(),
-        timestamp: log.createdAt,
-        action: log.action as AuditLog["action"],
-        userId: log.userId || undefined,
-        userEmail: log.userEmail || undefined,
-        role: log.role || undefined,
-        resource: log.resource,
-        resourceId: log.resourceId || undefined,
-        ipAddress: log.ipAddress || undefined,
-        userAgent: log.userAgent || undefined,
-        success: log.success,
-        error: log.error || undefined,
-        metadata: log.metadata || undefined,
-      })),
-      total,
-    };
-  }
-
-  async createAuditLog(
-    data: Omit<AuditLog, "id" | "timestamp">,
-  ): Promise<AuditLog> {
-    const db = await this.getDb();
-    const id = this.generateId();
-    const timestamp = new Date();
-
-    await db.collection("audit_logs").insertOne({
-      _id: new ObjectId(id),
-      action: data.action,
-      userId: data.userId,
-      userEmail: data.userEmail,
-      role: data.role,
-      resource: data.resource,
-      resourceId: data.resourceId,
-      ipAddress: data.ipAddress,
-      userAgent: data.userAgent,
-      success: data.success,
-      error: data.error,
-      metadata: data.metadata,
-      createdAt: timestamp,
-    });
-
-    return {
-      ...data,
-      id,
-      timestamp,
-    };
-  }
-}

package/src/lib/db/schema/mysql-auth.ts

@@ -1,113 +0,0 @@
-import {
-  mysqlTable,
-  varchar,
-  boolean,
-  timestamp,
-  text,
-  json,
-  index,
-  uniqueIndex,
-} from "drizzle-orm/mysql-core";
-
-export const users = mysqlTable(
-  "users",
-  {
-    id: varchar("id", { length: 36 }).primaryKey(),
-    email: varchar("email", { length: 255 }).notNull(),
-    passwordHash: varchar("password_hash", { length: 255 }),
-    name: varchar("name", { length: 255 }),
-    role: varchar("role", { length: 50 }).notNull().default("customer"),
-    tenantId: varchar("tenant_id", { length: 36 }),
-    emailVerified: boolean("email_verified").default(false),
-    locked: boolean("locked").default(false),
-    lastLogin: timestamp("last_login"),
-    failedLoginAttempts: varchar("failed_login_attempts", {
-      length: 10,
-    }).default("0"),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-    updatedAt: timestamp("updated_at").defaultNow().notNull(),
-  },
-  (table) => [
-    uniqueIndex("users_email_idx").on(table.email),
-    index("users_tenant_idx").on(table.tenantId),
-  ],
-);
-
-export const sessions = mysqlTable(
-  "sessions",
-  {
-    id: varchar("id", { length: 36 }).primaryKey(),
-    token: varchar("token", { length: 512 }).notNull().unique(),
-    refreshToken: varchar("refresh_token", { length: 512 }),
-    userId: varchar("user_id", { length: 36 }).notNull(),
-    expiresAt: timestamp("expires_at").notNull(),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-  },
-  (table) => [
-    index("sessions_user_idx").on(table.userId),
-    index("sessions_token_idx").on(table.token),
-    index("sessions_expires_idx").on(table.expiresAt),
-  ],
-);
-
-export const roles = mysqlTable(
-  "roles",
-  {
-    id: varchar("id", { length: 36 }).primaryKey(),
-    name: varchar("name", { length: 100 }).notNull().unique(),
-    level: varchar("level", { length: 10 }).notNull().default("0"),
-    inherits: text("inherits"),
-    permissions: json("permissions").$type<string[]>(),
-    isSystem: boolean("is_system").default(false),
-    description: varchar("description", { length: 500 }),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-  },
-  (table) => [uniqueIndex("roles_name_idx").on(table.name)],
-);
-
-export const auditLogs = mysqlTable(
-  "audit_logs",
-  {
-    id: varchar("id", { length: 36 }).primaryKey(),
-    action: varchar("action", { length: 100 }).notNull(),
-    userId: varchar("user_id", { length: 36 }),
-    userEmail: varchar("user_email", { length: 255 }),
-    role: varchar("role", { length: 50 }),
-    resource: varchar("resource", { length: 255 }).notNull(),
-    ipAddress: varchar("ip_address", { length: 45 }),
-    userAgent: text("user_agent"),
-    success: boolean("success").notNull(),
-    error: text("error"),
-    metadata: json("metadata").$type<Record<string, unknown>>(),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-  },
-  (table) => [
-    index("audit_user_idx").on(table.userId),
-    index("audit_action_idx").on(table.action),
-    index("audit_resource_idx").on(table.resource),
-    index("audit_created_idx").on(table.createdAt),
-  ],
-);
-
-export const passwordHistory = mysqlTable(
-  "password_history",
-  {
-    id: varchar("id", { length: 36 }).primaryKey(),
-    userId: varchar("user_id", { length: 36 }).notNull(),
-    passwordHash: varchar("password_hash", { length: 255 }).notNull(),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-  },
-  (table) => [index("pwd_history_user_idx").on(table.userId)],
-);
-
-export const lockouts = mysqlTable(
-  "lockouts",
-  {
-    id: varchar("id", { length: 36 }).primaryKey(),
-    identifier: varchar("identifier", { length: 255 }).notNull(),
-    failedAttempts: varchar("failed_attempts", { length: 10 }).default("0"),
-    lockedUntil: timestamp("locked_until"),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-  },
-  (table) => [uniqueIndex("lockouts_identifier_idx").on(table.identifier)],
-);

package/src/lib/db/schema/mysql-content.ts

@@ -1,20 +0,0 @@
-import { mysqlTable, text, timestamp, json } from "drizzle-orm/mysql-core";
-
-export const documents = mysqlTable("documents", {
-  id: text("id").primaryKey(),
-  collection: text("collection").notNull(),
-  data: json("data").notNull().$type<Record<string, unknown>>(),
-  createdAt: timestamp("created_at").notNull(),
-  updatedAt: timestamp("updated_at").notNull(),
-});
-
-export const globals = mysqlTable("globals", {
-  slug: text("slug").primaryKey(),
-  data: json("data").notNull().$type<Record<string, unknown>>(),
-  updatedAt: timestamp("updated_at").notNull(),
-});
-
-export type Document = typeof documents.$inferSelect;
-export type NewDocument = typeof documents.$inferInsert;
-export type Global = typeof globals.$inferSelect;
-export type NewGlobal = typeof globals.$inferInsert;

package/src/lib/db/schema/postgres-auth.ts

@@ -1,116 +0,0 @@
-import {
-  pgTable,
-  uuid,
-  varchar,
-  boolean,
-  timestamp,
-  text,
-  jsonb,
-  index,
-  uniqueIndex,
-} from "drizzle-orm/pg-core";
-
-export const users = pgTable(
-  "users",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    email: varchar("email", { length: 255 }).notNull(),
-    passwordHash: varchar("password_hash", { length: 255 }),
-    name: varchar("name", { length: 255 }),
-    role: varchar("role", { length: 50 }).notNull().default("customer"),
-    tenantId: uuid("tenant_id"),
-    emailVerified: boolean("email_verified").default(false),
-    locked: boolean("locked").default(false),
-    lastLogin: timestamp("last_login"),
-    failedLoginAttempts: integer("failed_login_attempts").default(0),
-    metadata: jsonb("metadata").$type<Record<string, unknown>>(),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-    updatedAt: timestamp("updated_at").defaultNow().notNull(),
-  },
-  (table) => [
-    uniqueIndex("users_email_idx").on(table.email),
-    index("users_tenant_idx").on(table.tenantId),
-  ],
-);
-
-export const sessions = pgTable(
-  "sessions",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    token: varchar("token", { length: 512 }).notNull().unique(),
-    refreshToken: varchar("refresh_token", { length: 512 }),
-    userId: uuid("user_id")
-      .notNull()
-      .references(() => users.id, { onDelete: "cascade" }),
-    expiresAt: timestamp("expires_at").notNull(),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-  },
-  (table) => [
-    index("sessions_user_idx").on(table.userId),
-    index("sessions_token_idx").on(table.token),
-    index("sessions_expires_idx").on(table.expiresAt),
-  ],
-);
-
-export const roles = pgTable(
-  "roles",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    name: varchar("name", { length: 100 }).notNull().unique(),
-    level: integer("level").notNull().default(0),
-    inherits: text("inherits").array(),
-    permissions: text("permissions").array(),
-    isSystem: boolean("is_system").default(false),
-    description: text("description"),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-  },
-  (table) => [index("roles_level_idx").on(table.level)],
-);
-
-export const auditLogs = pgTable(
-  "audit_logs",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    action: varchar("action", { length: 100 }).notNull(),
-    userId: uuid("user_id").references(() => users.id, {
-      onDelete: "set null",
-    }),
-    userEmail: varchar("user_email", { length: 255 }),
-    role: varchar("role", { length: 50 }),
-    resource: varchar("resource", { length: 100 }).notNull(),
-    ipAddress: varchar("ip_address", { length: 45 }),
-    userAgent: text("user_agent"),
-    success: boolean("success").notNull(),
-    error: text("error"),
-    metadata: jsonb("metadata").$type<Record<string, unknown>>(),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-  },
-  (table) => [
-    index("audit_user_idx").on(table.userId),
-    index("audit_action_idx").on(table.action),
-    index("audit_created_idx").on(table.createdAt),
-  ],
-);
-
-export const passwordHistory = pgTable(
-  "password_history",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    userId: uuid("user_id")
-      .notNull()
-      .references(() => users.id, { onDelete: "cascade" }),
-    passwordHash: varchar("password_hash", { length: 255 }).notNull(),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-  },
-  (table) => [index("password_history_user_idx").on(table.userId)],
-);
-
-export const lockouts = pgTable("lockouts", {
-  id: uuid("id").primaryKey().defaultRandom(),
-  userId: uuid("user_id")
-    .notNull()
-    .references(() => users.id, { onDelete: "cascade" }),
-  ipAddress: varchar("ip_address", { length: 45 }),
-  lockedUntil: timestamp("locked_until").notNull(),
-  createdAt: timestamp("created_at").defaultNow().notNull(),
-});

package/src/lib/db/schema/postgres-content.ts

@@ -1,35 +0,0 @@
-import {
-  pgTable,
-  uuid,
-  text,
-  timestamp,
-  jsonb,
-  index,
-  uniqueIndex,
-} from "drizzle-orm/pg-core";
-
-export const documents = pgTable(
-  "documents",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    collection: text("collection").notNull(),
-    data: jsonb("data").notNull().$type<Record<string, unknown>>(),
-    createdAt: timestamp("created_at").notNull().defaultNow(),
-    updatedAt: timestamp("updated_at").notNull().defaultNow(),
-  },
-  (table) => [
-    index("idx_documents_collection").on(table.collection),
-    index("idx_documents_created_at").on(table.createdAt),
-  ],
-);
-
-export const globals = pgTable("globals", {
-  slug: text("slug").primaryKey(),
-  data: jsonb("data").notNull().$type<Record<string, unknown>>(),
-  updatedAt: timestamp("updated_at").notNull().defaultNow(),
-});
-
-export type Document = typeof documents.$inferSelect;
-export type NewDocument = typeof documents.$inferInsert;
-export type Global = typeof globals.$inferSelect;
-export type NewGlobal = typeof globals.$inferInsert;

package/src/lib/db/schema/postgres-media.ts

@@ -1,52 +0,0 @@
-import {
-  pgTable,
-  uuid,
-  varchar,
-  timestamp,
-  integer,
-  text,
-  jsonb,
-  index,
-} from "drizzle-orm/pg-core";
-
-export const media = pgTable(
-  "media",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    filename: varchar("filename", { length: 255 }).notNull().unique(),
-    title: varchar("title", { length: 255 }),
-    originalName: varchar("original_name", { length: 255 }).notNull(),
-    mimeType: varchar("mime_type", { length: 100 }).notNull(),
-    fileSize: integer("file_size").notNull(),
-    width: integer("width"),
-    height: integer("height"),
-    url: text("url").notNull().unique(),
-    thumbnailUrl: text("thumbnail_url"),
-    folder: varchar("folder", { length: 255 }),
-    provider: varchar("provider", { length: 50 }).notNull(),
-    alt: text("alt"),
-    caption: text("caption"),
-    metadata: jsonb("metadata").$type<Record<string, unknown>>(),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-    updatedAt: timestamp("updated_at").defaultNow().notNull(),
-  },
-  (table) => [
-    index("media_folder_idx").on(table.folder),
-    index("media_provider_idx").on(table.provider),
-    index("media_filename_idx").on(table.filename),
-  ],
-);
-
-export const mediaFolders = pgTable(
-  "media_folders",
-  {
-    path: varchar("path", { length: 500 }).primaryKey(),
-    name: varchar("name", { length: 255 }).notNull(),
-    parentPath: varchar("parent_path", { length: 500 }),
-    createdAt: timestamp("created_at").defaultNow().notNull(),
-  },
-  (table) => [index("media_folders_parent_idx").on(table.parentPath)],
-);
-
-export type Media = typeof media.$inferSelect;
-export type NewMedia = typeof media.$inferInsert;

package/src/lib/db/schema/postgres-settings.ts

@@ -1,11 +0,0 @@
-import { pgTable, varchar, text, timestamp } from "drizzle-orm/pg-core";
-
-export const settings = pgTable("settings", {
-  key: varchar("key", { length: 255 }).primaryKey(),
-  value: text("value").notNull(),
-  description: text("description"),
-  updatedAt: timestamp("updated_at").defaultNow(),
-});
-
-export type Setting = typeof settings.$inferSelect;
-export type NewSetting = typeof settings.$inferInsert;