@microbuild/cli 0.1.0

package/dist/templates/api/auth-headers.ts

@@ -0,0 +1,72 @@
+/**
+ * API Auth Headers Helper
+ * 
+ * Forwards authentication tokens from Supabase session to DaaS backend.
+ * This file is copied to your project by the Microbuild CLI.
+ * 
+ * @microbuild/origin: api-routes/auth-headers
+ * @microbuild/version: 1.0.0
+ */
+
+import { createClient } from '@/lib/supabase/server';
+
+/**
+ * Get authentication headers for DaaS API requests
+ * Extracts the access token from the current Supabase session
+ */
+export async function getAuthHeaders(): Promise<HeadersInit> {
+  const supabase = await createClient();
+  const { data: { session } } = await supabase.auth.getSession();
+  
+  const headers: HeadersInit = {
+    'Content-Type': 'application/json',
+  };
+  
+  if (session?.access_token) {
+    headers['Authorization'] = `Bearer ${session.access_token}`;
+  }
+  
+  return headers;
+}
+
+/**
+ * Get the DaaS backend URL from environment
+ */
+export function getDaasUrl(): string {
+  const url = process.env.NEXT_PUBLIC_MICROBUILD_DAAS_URL;
+  if (!url) {
+    throw new Error('NEXT_PUBLIC_MICROBUILD_DAAS_URL is not configured in .env.local');
+  }
+  return url;
+}
+
+/**
+ * Make an authenticated request to the DaaS backend
+ */
+export async function daasRequest<T = unknown>(
+  path: string,
+  options: RequestInit = {}
+): Promise<{ data: T | null; error: Error | null }> {
+  try {
+    const baseUrl = getDaasUrl();
+    const headers = await getAuthHeaders();
+    
+    const response = await fetch(`${baseUrl}${path}`, {
+      ...options,
+      headers: {
+        ...headers,
+        ...options.headers,
+      },
+    });
+    
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => ({}));
+      throw new Error(errorData.errors?.[0]?.message || `Request failed: ${response.status}`);
+    }
+    
+    const data = await response.json();
+    return { data: data.data ?? data, error: null };
+  } catch (error) {
+    return { data: null, error: error as Error };
+  }
+}

package/dist/templates/api/auth-login-route.ts

@@ -0,0 +1,63 @@
+/**
+ * Auth Login API Route (Proxy)
+ * 
+ * Proxies login requests to the DaaS backend.
+ * This ensures no CORS issues because the browser only talks to the same-origin Next.js server.
+ * 
+ * Pattern: Browser → Next.js API Route → DaaS Backend → Supabase Auth
+ * 
+ * @microbuild/origin: api-routes/auth-login
+ * @microbuild/version: 1.0.0
+ */
+
+import { NextRequest, NextResponse } from 'next/server';
+import { createClient } from '@/lib/supabase/server';
+
+/**
+ * POST /api/auth/login
+ * 
+ * Authenticates user with email/password via Supabase Auth.
+ * The session cookie is set server-side, avoiding CORS issues.
+ */
+export async function POST(request: NextRequest) {
+  try {
+    const { email, password } = await request.json();
+
+    if (!email || !password) {
+      return NextResponse.json(
+        { errors: [{ message: 'Email and password are required' }] },
+        { status: 400 }
+      );
+    }
+
+    const supabase = await createClient();
+
+    const { data, error } = await supabase.auth.signInWithPassword({
+      email,
+      password,
+    });
+
+    if (error) {
+      return NextResponse.json(
+        { errors: [{ message: error.message }] },
+        { status: 401 }
+      );
+    }
+
+    return NextResponse.json({
+      data: {
+        user: data.user,
+        session: {
+          access_token: data.session?.access_token,
+          expires_at: data.session?.expires_at,
+        },
+      },
+    });
+  } catch (error) {
+    console.error('Login error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Login failed' }] },
+      { status: 500 }
+    );
+  }
+}

package/dist/templates/api/auth-logout-route.ts

@@ -0,0 +1,41 @@
+/**
+ * Auth Logout API Route (Proxy)
+ * 
+ * Proxies logout requests through the Next.js server.
+ * Clears the Supabase session cookie server-side.
+ * 
+ * @microbuild/origin: api-routes/auth-logout
+ * @microbuild/version: 1.0.0
+ */
+
+import { NextResponse } from 'next/server';
+import { createClient } from '@/lib/supabase/server';
+
+/**
+ * POST /api/auth/logout
+ * 
+ * Signs out the current user and clears session cookies.
+ */
+export async function POST() {
+  try {
+    const supabase = await createClient();
+
+    const { error } = await supabase.auth.signOut();
+
+    if (error) {
+      console.error('Logout error:', error);
+      return NextResponse.json(
+        { errors: [{ message: error.message }] },
+        { status: 500 }
+      );
+    }
+
+    return NextResponse.json({ data: { message: 'Logged out successfully' } });
+  } catch (error) {
+    console.error('Unexpected logout error:', error);
+    return NextResponse.json(
+      { errors: [{ message: 'Failed to logout' }] },
+      { status: 500 }
+    );
+  }
+}

package/dist/templates/api/auth-user-route.ts

@@ -0,0 +1,71 @@
+/**
+ * Auth User API Route (Proxy)
+ * 
+ * Returns the currently authenticated user's information.
+ * Proxies through the Next.js server to avoid CORS issues.
+ * 
+ * @microbuild/origin: api-routes/auth-user
+ * @microbuild/version: 1.0.0
+ */
+
+import { NextResponse } from 'next/server';
+import { createClient } from '@/lib/supabase/server';
+import { getAuthHeaders, getDaasUrl } from '@/lib/api/auth-headers';
+
+/**
+ * GET /api/auth/user
+ * 
+ * Returns current user info. Tries DaaS backend first (for full user profile
+ * with roles/permissions), falls back to Supabase Auth user.
+ */
+export async function GET() {
+  try {
+    const supabase = await createClient();
+    const { data: { user }, error: authError } = await supabase.auth.getUser();
+
+    if (authError || !user) {
+      return NextResponse.json(
+        { errors: [{ message: 'Authentication required' }] },
+        { status: 401 }
+      );
+    }
+
+    // Try to get enhanced user profile from DaaS backend
+    try {
+      const headers = await getAuthHeaders();
+      const daasUrl = getDaasUrl();
+
+      const response = await fetch(`${daasUrl}/api/users/me`, {
+        headers,
+        cache: 'no-store',
+      });
+
+      if (response.ok) {
+        const data = await response.json();
+        return NextResponse.json({ data: data.data || data });
+      }
+    } catch {
+      // DaaS not available, fall back to Supabase user
+    }
+
+    // Fallback: return basic Supabase user info
+    return NextResponse.json({
+      data: {
+        id: user.id,
+        email: user.email,
+        first_name: user.user_metadata?.first_name || null,
+        last_name: user.user_metadata?.last_name || null,
+        avatar: user.user_metadata?.avatar || null,
+        status: 'active',
+        role: null,
+        admin_access: false,
+      },
+    });
+  } catch (error) {
+    console.error('Auth user error:', error);
+    return NextResponse.json(
+      { errors: [{ message: 'Failed to get user info' }] },
+      { status: 500 }
+    );
+  }
+}

package/dist/templates/api/fields-route.ts

@@ -0,0 +1,44 @@
+/**
+ * Fields API Route
+ * 
+ * Proxies field schema requests to the DaaS backend.
+ * Required for CollectionForm, VForm, and dynamic field rendering.
+ * 
+ * @microbuild/origin: api-routes/fields
+ * @microbuild/version: 1.0.0
+ */
+
+import { NextRequest, NextResponse } from 'next/server';
+import { getAuthHeaders, getDaasUrl } from '@/lib/api/auth-headers';
+
+type RouteParams = { params: Promise<{ collection: string }> };
+
+export async function GET(
+  request: NextRequest,
+  { params }: RouteParams
+) {
+  try {
+    const { collection } = await params;
+    const headers = await getAuthHeaders();
+    const daasUrl = getDaasUrl();
+    
+    const response = await fetch(`${daasUrl}/api/fields/${collection}`, {
+      headers,
+      cache: 'no-store',
+    });
+    
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ errors: [{ message: 'Request failed' }] }));
+      return NextResponse.json(error, { status: response.status });
+    }
+    
+    const data = await response.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    console.error('Fields API error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Internal server error' }] },
+      { status: 500 }
+    );
+  }
+}

package/dist/templates/api/files-id-route.ts

@@ -0,0 +1,116 @@
+/**
+ * Single File API Route
+ * 
+ * Proxies single file operations to the DaaS backend.
+ * 
+ * @microbuild/origin: api-routes/files-id
+ * @microbuild/version: 1.0.0
+ */
+
+import { NextRequest, NextResponse } from 'next/server';
+import { getAuthHeaders, getDaasUrl } from '@/lib/api/auth-headers';
+
+type RouteParams = { params: Promise<{ id: string }> };
+
+/**
+ * GET /api/files/[id]
+ * Get file metadata by ID
+ */
+export async function GET(
+  request: NextRequest,
+  { params }: RouteParams
+) {
+  try {
+    const { id } = await params;
+    const headers = await getAuthHeaders();
+    const daasUrl = getDaasUrl();
+    
+    const response = await fetch(`${daasUrl}/api/files/${id}`, {
+      headers,
+      cache: 'no-store',
+    });
+    
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ errors: [{ message: 'Request failed' }] }));
+      return NextResponse.json(error, { status: response.status });
+    }
+    
+    const data = await response.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    console.error('Files GET by ID error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Internal server error' }] },
+      { status: 500 }
+    );
+  }
+}
+
+/**
+ * PATCH /api/files/[id]
+ * Update file metadata
+ */
+export async function PATCH(
+  request: NextRequest,
+  { params }: RouteParams
+) {
+  try {
+    const { id } = await params;
+    const headers = await getAuthHeaders();
+    const daasUrl = getDaasUrl();
+    const body = await request.json();
+    
+    const response = await fetch(`${daasUrl}/api/files/${id}`, {
+      method: 'PATCH',
+      headers,
+      body: JSON.stringify(body),
+    });
+    
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ errors: [{ message: 'Request failed' }] }));
+      return NextResponse.json(error, { status: response.status });
+    }
+    
+    const data = await response.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    console.error('Files PATCH error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Internal server error' }] },
+      { status: 500 }
+    );
+  }
+}
+
+/**
+ * DELETE /api/files/[id]
+ * Delete a file
+ */
+export async function DELETE(
+  request: NextRequest,
+  { params }: RouteParams
+) {
+  try {
+    const { id } = await params;
+    const headers = await getAuthHeaders();
+    const daasUrl = getDaasUrl();
+    
+    const response = await fetch(`${daasUrl}/api/files/${id}`, {
+      method: 'DELETE',
+      headers,
+    });
+    
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ errors: [{ message: 'Request failed' }] }));
+      return NextResponse.json(error, { status: response.status });
+    }
+    
+    return NextResponse.json({ data: null });
+  } catch (error) {
+    console.error('Files DELETE error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Internal server error' }] },
+      { status: 500 }
+    );
+  }
+}

package/dist/templates/api/files-route.ts

@@ -0,0 +1,83 @@
+/**
+ * Files API Route
+ * 
+ * Proxies file operations to the DaaS backend.
+ * Required for file upload components.
+ * 
+ * @microbuild/origin: api-routes/files
+ * @microbuild/version: 1.0.0
+ */
+
+import { NextRequest, NextResponse } from 'next/server';
+import { getAuthHeaders, getDaasUrl } from '@/lib/api/auth-headers';
+
+/**
+ * GET /api/files
+ * List files with optional filtering
+ */
+export async function GET(request: NextRequest) {
+  try {
+    const headers = await getAuthHeaders();
+    const daasUrl = getDaasUrl();
+    
+    // Forward query parameters
+    const searchParams = request.nextUrl.searchParams.toString();
+    const url = `${daasUrl}/api/files${searchParams ? `?${searchParams}` : ''}`;
+    
+    const response = await fetch(url, {
+      headers,
+      cache: 'no-store',
+    });
+    
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ errors: [{ message: 'Request failed' }] }));
+      return NextResponse.json(error, { status: response.status });
+    }
+    
+    const data = await response.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    console.error('Files GET error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Internal server error' }] },
+      { status: 500 }
+    );
+  }
+}
+
+/**
+ * POST /api/files
+ * Upload a file
+ */
+export async function POST(request: NextRequest) {
+  try {
+    const headers = await getAuthHeaders();
+    const daasUrl = getDaasUrl();
+    
+    // Get the form data from the request
+    const formData = await request.formData();
+    
+    // Remove Content-Type header to let fetch set it with boundary for multipart
+    const { 'Content-Type': _, ...restHeaders } = headers as Record<string, string>;
+    
+    const response = await fetch(`${daasUrl}/api/files`, {
+      method: 'POST',
+      headers: restHeaders,
+      body: formData,
+    });
+    
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ errors: [{ message: 'Upload failed' }] }));
+      return NextResponse.json(error, { status: response.status });
+    }
+    
+    const data = await response.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    console.error('Files POST error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Internal server error' }] },
+      { status: 500 }
+    );
+  }
+}

package/dist/templates/api/items-id-route.ts

@@ -0,0 +1,120 @@
+/**
+ * Items Single Item API Route
+ * 
+ * Proxies single item CRUD operations to the DaaS backend.
+ * 
+ * @microbuild/origin: api-routes/items-id
+ * @microbuild/version: 1.0.0
+ */
+
+import { NextRequest, NextResponse } from 'next/server';
+import { getAuthHeaders, getDaasUrl } from '@/lib/api/auth-headers';
+
+type RouteParams = { params: Promise<{ collection: string; id: string }> };
+
+/**
+ * GET /api/items/[collection]/[id]
+ * Get a single item by ID
+ */
+export async function GET(
+  request: NextRequest,
+  { params }: RouteParams
+) {
+  try {
+    const { collection, id } = await params;
+    const headers = await getAuthHeaders();
+    const daasUrl = getDaasUrl();
+    
+    // Forward query parameters (e.g., fields)
+    const searchParams = request.nextUrl.searchParams.toString();
+    const url = `${daasUrl}/api/items/${collection}/${id}${searchParams ? `?${searchParams}` : ''}`;
+    
+    const response = await fetch(url, {
+      headers,
+      cache: 'no-store',
+    });
+    
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ errors: [{ message: 'Request failed' }] }));
+      return NextResponse.json(error, { status: response.status });
+    }
+    
+    const data = await response.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    console.error('Items GET by ID error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Internal server error' }] },
+      { status: 500 }
+    );
+  }
+}
+
+/**
+ * PATCH /api/items/[collection]/[id]
+ * Update an existing item
+ */
+export async function PATCH(
+  request: NextRequest,
+  { params }: RouteParams
+) {
+  try {
+    const { collection, id } = await params;
+    const headers = await getAuthHeaders();
+    const daasUrl = getDaasUrl();
+    const body = await request.json();
+    
+    const response = await fetch(`${daasUrl}/api/items/${collection}/${id}`, {
+      method: 'PATCH',
+      headers,
+      body: JSON.stringify(body),
+    });
+    
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ errors: [{ message: 'Request failed' }] }));
+      return NextResponse.json(error, { status: response.status });
+    }
+    
+    const data = await response.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    console.error('Items PATCH error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Internal server error' }] },
+      { status: 500 }
+    );
+  }
+}
+
+/**
+ * DELETE /api/items/[collection]/[id]
+ * Delete an item
+ */
+export async function DELETE(
+  request: NextRequest,
+  { params }: RouteParams
+) {
+  try {
+    const { collection, id } = await params;
+    const headers = await getAuthHeaders();
+    const daasUrl = getDaasUrl();
+    
+    const response = await fetch(`${daasUrl}/api/items/${collection}/${id}`, {
+      method: 'DELETE',
+      headers,
+    });
+    
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ errors: [{ message: 'Request failed' }] }));
+      return NextResponse.json(error, { status: response.status });
+    }
+    
+    return NextResponse.json({ data: null });
+  } catch (error) {
+    console.error('Items DELETE error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Internal server error' }] },
+      { status: 500 }
+    );
+  }
+}

package/dist/templates/api/items-route.ts

@@ -0,0 +1,88 @@
+/**
+ * Items Collection API Route
+ * 
+ * Proxies CRUD operations for collection items to the DaaS backend.
+ * Supports Directus-compatible query parameters.
+ * 
+ * @microbuild/origin: api-routes/items
+ * @microbuild/version: 1.0.0
+ */
+
+import { NextRequest, NextResponse } from 'next/server';
+import { getAuthHeaders, getDaasUrl } from '@/lib/api/auth-headers';
+
+type RouteParams = { params: Promise<{ collection: string }> };
+
+/**
+ * GET /api/items/[collection]
+ * List items with optional filtering, sorting, and pagination
+ */
+export async function GET(
+  request: NextRequest,
+  { params }: RouteParams
+) {
+  try {
+    const { collection } = await params;
+    const headers = await getAuthHeaders();
+    const daasUrl = getDaasUrl();
+    
+    // Forward all query parameters
+    const searchParams = request.nextUrl.searchParams.toString();
+    const url = `${daasUrl}/api/items/${collection}${searchParams ? `?${searchParams}` : ''}`;
+    
+    const response = await fetch(url, {
+      headers,
+      cache: 'no-store',
+    });
+    
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ errors: [{ message: 'Request failed' }] }));
+      return NextResponse.json(error, { status: response.status });
+    }
+    
+    const data = await response.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    console.error('Items GET error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Internal server error' }] },
+      { status: 500 }
+    );
+  }
+}
+
+/**
+ * POST /api/items/[collection]
+ * Create a new item
+ */
+export async function POST(
+  request: NextRequest,
+  { params }: RouteParams
+) {
+  try {
+    const { collection } = await params;
+    const headers = await getAuthHeaders();
+    const daasUrl = getDaasUrl();
+    const body = await request.json();
+    
+    const response = await fetch(`${daasUrl}/api/items/${collection}`, {
+      method: 'POST',
+      headers,
+      body: JSON.stringify(body),
+    });
+    
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ errors: [{ message: 'Request failed' }] }));
+      return NextResponse.json(error, { status: response.status });
+    }
+    
+    const data = await response.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    console.error('Items POST error:', error);
+    return NextResponse.json(
+      { errors: [{ message: error instanceof Error ? error.message : 'Internal server error' }] },
+      { status: 500 }
+    );
+  }
+}