npm - @mostajs/orm-cli - Versions diffs - 0.3.0 → 0.3.2 - Mend

@mostajs/orm-cli 0.3.0 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/bin/mostajs.sh +256 -5
package/package.json +2 -1

package/bin/mostajs.sh CHANGED Viewed

@@ -548,6 +548,7 @@ menu_databases() {
   echo -e "  ${CYAN}p${RESET}) APP_PORT            : ${DIM}${APP_PORT:-3000}${RESET}"
   echo
   echo -e "  ${CYAN}t${RESET}) Test all connections"
+  echo -e "  ${CYAN}i${RESET}) ${BOLD}Import from project .env${RESET} (auto-detect app's real DB)"
   echo -e "  ${CYAN}e${RESET}) Export to .env.local in project"
   echo -e "  ${CYAN}r${RESET}) Reset config"
   echo -e "  ${CYAN}b${RESET}) Back"
@@ -565,6 +566,7 @@ menu_databases() {
     n|N) save_var MOSTA_NET_TRANSPORT "$(ask 'MOSTA_NET_TRANSPORT (rest|sse|graphql|mcp|websocket|jsonrpc|grpc|odata)' "${MOSTA_NET_TRANSPORT:-rest}")";;
     p|P) save_var APP_PORT            "$(ask 'APP_PORT' "${APP_PORT:-3000}")";;
     t|T) action_test_connections; return;;
+    i|I) action_import_env ;;
     e|E) export_env_local ;;
     r|R) confirm "Really reset config?" && rm -f "$CONFIG_FILE" && ok "Reset";;
     b|B) return;;
@@ -647,6 +649,95 @@ list_extra_bindings() {
   done
 }
+# Import DB config from the project's own .env file.
+# This is CRUCIAL when your app (Prisma, NextAuth, ...) already has a
+# DATABASE_URL / MONGODB_URI / POSTGRES_URL. Seeding the wrong DB leads to
+# the classic "users are in mosta-net /api/v1/users but login fails" bug.
+action_import_env() {
+  header
+  echo -e "${BOLD}${MAGENTA}▶ Import DB config from project .env${RESET}"
+  echo
+  local candidates=(".env.local" ".env" ".env.production" ".env.development")
+  local -a available=()
+  for f in "${candidates[@]}"; do
+    [[ -f "$PROJECT_ROOT/$f" ]] && available+=("$f")
+  done
+  if [[ ${#available[@]} -eq 0 ]]; then
+    err "No .env* file found in $PROJECT_ROOT"
+    pause; return
+  fi
+  echo "Found env files :"
+  local i=1
+  for f in "${available[@]}"; do
+    echo -e "  ${CYAN}$i${RESET}) $f"
+    i=$((i+1))
+  done
+  echo
+  local choice; choice=$(ask "Number" 1)
+  local src_file="${available[$((choice-1))]}"
+  [[ -z "$src_file" ]] && return
+  local src_path="$PROJECT_ROOT/$src_file"
+  # Extract common DB URI variables — priority order matters
+  # MONGODB_URI > DATABASE_URL > POSTGRES_URL > MYSQL_URL > SGBD_URI
+  local found_uri="" found_var="" found_dialect=""
+  for var in SGBD_URI DATABASE_URL MONGODB_URI POSTGRES_URL POSTGRES_URI MYSQL_URL MYSQL_URI POSTGRESQL_URL; do
+    # Read value, skip commented lines, strip quotes
+    local val
+    val=$(grep -E "^${var}=" "$src_path" 2>/dev/null | grep -v "^#" | head -1 | sed "s/^${var}=//" | sed 's/^"\(.*\)"$/\1/' | sed "s/^'\(.*\)'$/\1/")
+    if [[ -n "$val" ]]; then
+      found_uri="$val"
+      found_var="$var"
+      break
+    fi
+  done
+  if [[ -z "$found_uri" ]]; then
+    err "No DB URI found in $src_file"
+    info "Searched : SGBD_URI, DATABASE_URL, MONGODB_URI, POSTGRES_URL/URI, MYSQL_URL/URI"
+    pause; return
+  fi
+  # Detect dialect from URI scheme
+  found_dialect=$(detect_dialect_from_uri "$found_uri")
+  if [[ "$found_dialect" == "unknown" ]]; then
+    warn "Could not auto-detect dialect from URI: $found_uri"
+    found_dialect=$(ask "Dialect name (mongodb|postgres|mysql|...)" "")
+    [[ -z "$found_dialect" ]] && { pause; return; }
+  fi
+  info "Detected :"
+  echo -e "  Variable : ${CYAN}$found_var${RESET}"
+  echo -e "  URI      : ${DIM}$found_uri${RESET}"
+  echo -e "  Dialect  : ${MAGENTA}$found_dialect${RESET}"
+  echo
+  # Special Prisma note
+  if [[ "$found_var" == "MONGODB_URI" ]] || [[ "$found_var" == "DATABASE_URL" ]]; then
+    dim "  (This is likely the Prisma datasource — the same DB your app uses for login/auth.)"
+    echo
+  fi
+  if confirm "Save as DB_DIALECT + SGBD_URI ?"; then
+    save_var DB_DIALECT "$found_dialect"
+    save_var SGBD_URI   "$found_uri"
+    # Suggest a strategy based on environment context
+    if [[ "$src_file" == ".env.production" ]]; then
+      save_var DB_SCHEMA_STRATEGY "validate"
+      info "Auto-set DB_SCHEMA_STRATEGY=validate (production)"
+    elif [[ -z "${DB_SCHEMA_STRATEGY:-}" ]]; then
+      save_var DB_SCHEMA_STRATEGY "update"
+    fi
+    ok "Config imported"
+    echo
+    info "Next step : menu 2 → t (test connection), then menu S → 4 (seed)"
+  fi
+  pause
+}
 # Export a .env.local file compatible with @mostajs/orm convention
 export_env_local() {
   local target="$PROJECT_ROOT/.env.mostajs"
@@ -1508,6 +1599,7 @@ menu_seeding() {
   echo -e "  ${CYAN}7${RESET}) Dump current DB rows → .mostajs/seeds-dump/"
   echo -e "  ${CYAN}8${RESET}) Clear the seeds directory"
   echo -e "  ${CYAN}9${RESET}) Show a seed file"
+  echo -e "  ${CYAN}h${RESET}) ${BOLD}Hash plain-text passwords in seed files${RESET} (bcrypt)"
   echo
   echo -e "  ${CYAN}b${RESET}) Back"
   echo
@@ -1523,12 +1615,105 @@ menu_seeding() {
     7) action_seed_dump ;;
     8) action_seed_clear ;;
     9) action_seed_show ;;
+    h|H) action_seed_hash_passwords ;;
     b|B) return ;;
     *) warn "Unknown"; pause ;;
   esac
   menu_seeding
 }
+# ------------------------------------------------------------
+# seed : hash plain-text passwords
+# ------------------------------------------------------------
+action_seed_hash_passwords() {
+  header
+  echo -e "${BOLD}${MAGENTA}▶ Hash plain-text passwords in seed files${RESET}"
+  echo
+  local seed_dir="$CONFIG_DIR/seeds"
+  local count
+  count=$(ls -1 "$seed_dir"/*.json 2>/dev/null | wc -l)
+  if [[ $count -eq 0 ]]; then
+    err "No seed files in $seed_dir (menu S → 1 first)"
+    pause; return
+  fi
+  echo "Auto-detects fields named :"
+  dim "  password, passwordHash, hashedPassword, pwd, userPassword"
+  echo
+  echo "Skips values that are already bcrypt hashes (start with \$2a\$ / \$2b\$ / \$2y\$, 60 chars)"
+  echo
+  local cost
+  cost=$(ask "bcrypt cost factor" "${BCRYPT_COST:-10}")
+  if ! confirm "Hash all plain passwords in $seed_dir ?"; then
+    return
+  fi
+  # Ensure bcryptjs is available
+  ensure_pkg "bcryptjs" || { pause; return; }
+  cat > "$CONFIG_DIR/seed-hash.mjs" <<EOF
+import { readdirSync, readFileSync, writeFileSync } from 'fs';
+import { join } from 'path';
+import bcrypt from 'bcryptjs';
+const SEEDDIR = '$seed_dir';
+const COST    = $cost;
+// Field names commonly used for passwords
+const PASSWORD_FIELDS = ['password', 'passwordHash', 'hashedPassword', 'pwd', 'userPassword'];
+// Test if a string is already a bcrypt hash
+const isBcrypt = v => typeof v === 'string' && /^\\\$2[ayb]\\\$\\d{1,2}\\\$/.test(v) && v.length === 60;
+let totalHashed = 0;
+let totalSkipped = 0;
+const summary = [];
+for (const f of readdirSync(SEEDDIR).filter(x => x.endsWith('.json'))) {
+  const path = join(SEEDDIR, f);
+  let data;
+  try { data = JSON.parse(readFileSync(path, 'utf8')); }
+  catch { continue; }
+  if (!Array.isArray(data)) continue;
+  let hashed = 0, skipped = 0;
+  for (const row of data) {
+    for (const field of PASSWORD_FIELDS) {
+      const val = row[field];
+      if (typeof val !== 'string' || val.length === 0) continue;
+      if (isBcrypt(val)) { skipped++; continue; }
+      row[field] = bcrypt.hashSync(val, COST);
+      hashed++;
+    }
+  }
+  if (hashed > 0) {
+    writeFileSync(path, JSON.stringify(data, null, 2));
+    summary.push({ file: f, hashed, skipped });
+  }
+  totalHashed  += hashed;
+  totalSkipped += skipped;
+}
+for (const s of summary) {
+  console.log('  \u2713 ' + s.file + ' : ' + s.hashed + ' hashed' + (s.skipped ? ' (+ ' + s.skipped + ' already hashed)' : ''));
+}
+console.log();
+console.log('Total : ' + totalHashed + ' hashed, ' + totalSkipped + ' already-hashed skipped');
+if (totalHashed === 0 && totalSkipped === 0) {
+  console.log('No password fields found.');
+}
+EOF
+  cd "$PROJECT_ROOT"
+  node "$CONFIG_DIR/seed-hash.mjs" 2>&1 | tee "$LOG_DIR/seed-hash.log"
+  echo
+  pause
+}
 # ------------------------------------------------------------
 # seed : upload / import
 # ------------------------------------------------------------
@@ -1750,6 +1935,9 @@ for (const f of readdirSync(SEEDDIR).filter(x => x.endsWith('.json'))) {
 }
 // ---------- Validate ----------
+const PASSWORD_FIELDS = ['password', 'passwordHash', 'hashedPassword', 'pwd', 'userPassword'];
+const isBcrypt = v => typeof v === 'string' && /^\\\$2[ayb]\\\$\\d{1,2}\\\$/.test(v) && v.length === 60;
 function validateRow(row, entity) {
   const errors = [];
   const fieldNames = new Set(Object.keys(entity.fields ?? {}));
@@ -1780,6 +1968,12 @@ function validateRow(row, entity) {
       warnings.push('unknown field "' + k + '" (not in schema)');
     }
   }
+  // Password fields that look like plain-text (not bcrypt)
+  for (const pf of PASSWORD_FIELDS) {
+    if (row[pf] !== undefined && row[pf] !== null && row[pf] !== '' && !isBcrypt(row[pf])) {
+      warnings.push('field "' + pf + '" does not look like a bcrypt hash — run menu S \u2192 h to hash');
+    }
+  }
   return { errors, warnings };
 }
@@ -2122,6 +2316,55 @@ EOF
 run_subcommand() {
   case "$1" in
+    hash|h)
+      # mostajs hash <plaintext> [cost]
+      local pw="${2:-}"
+      local cost="${3:-10}"
+      [[ -z "$pw" ]] && { echo "Usage: mostajs hash <password> [cost=10]" >&2; exit 1; }
+      # Try local project, then CLI's own node_modules (bcryptjs is a dep)
+      local bcrypt_dir=""
+      if [[ -d "$PROJECT_ROOT/node_modules/bcryptjs" ]]; then
+        bcrypt_dir="$PROJECT_ROOT/node_modules/bcryptjs"
+      else
+        local cli_dir
+        cli_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+        [[ -d "$cli_dir/node_modules/bcryptjs" ]] && bcrypt_dir="$cli_dir/node_modules/bcryptjs"
+      fi
+      if [[ -z "$bcrypt_dir" ]]; then
+        ensure_pkg "bcryptjs" >/dev/null 2>&1 || {
+          err "bcryptjs not available. Install it manually : npm install bcryptjs"
+          exit 1
+        }
+        bcrypt_dir="$PROJECT_ROOT/node_modules/bcryptjs"
+      fi
+      BCRYPT_PASSWORD="$pw" BCRYPT_COST="$cost" BCRYPT_DIR="$bcrypt_dir" node -e "
+        const bcrypt = require(process.env.BCRYPT_DIR);
+        const h = bcrypt.hashSync(process.env.BCRYPT_PASSWORD, parseInt(process.env.BCRYPT_COST, 10));
+        console.log(h);
+      "
+      ;;
+    verify|v)
+      # mostajs verify <plaintext> <hash>
+      local pw="${2:-}"
+      local hashval="${3:-}"
+      [[ -z "$pw" || -z "$hashval" ]] && { echo "Usage: mostajs verify <password> <hash>" >&2; exit 1; }
+      local bcrypt_dir=""
+      if [[ -d "$PROJECT_ROOT/node_modules/bcryptjs" ]]; then
+        bcrypt_dir="$PROJECT_ROOT/node_modules/bcryptjs"
+      else
+        local cli_dir
+        cli_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+        [[ -d "$cli_dir/node_modules/bcryptjs" ]] && bcrypt_dir="$cli_dir/node_modules/bcryptjs"
+      fi
+      if [[ -z "$bcrypt_dir" ]]; then
+        ensure_pkg "bcryptjs" >/dev/null 2>&1 || exit 1
+        bcrypt_dir="$PROJECT_ROOT/node_modules/bcryptjs"
+      fi
+      BCRYPT_PASSWORD="$pw" BCRYPT_HASH="$hashval" BCRYPT_DIR="$bcrypt_dir" node -e "
+        const bcrypt = require(process.env.BCRYPT_DIR);
+        console.log(bcrypt.compareSync(process.env.BCRYPT_PASSWORD, process.env.BCRYPT_HASH) ? 'match' : 'no match');
+      "
+      ;;
     convert|c)
       detect_project
       [[ ${#DETECTED_TYPES[@]} -eq 0 ]] && { err "No schema found"; exit 1; }
@@ -2150,11 +2393,17 @@ run_subcommand() {
     help|-h|--help)
       cat <<EOF
 Usage :
-  $CLI_NAME                 Interactive menu
-  $CLI_NAME convert         Run conversion (auto-detect schema type)
-  $CLI_NAME detect          Print detected schemas
-  $CLI_NAME health          Run health checks
-  $CLI_NAME version         Print version
+  $CLI_NAME                         Interactive menu
+  $CLI_NAME convert                 Run conversion (auto-detect schema type)
+  $CLI_NAME detect                  Print detected schemas
+  $CLI_NAME health                  Run health checks
+  $CLI_NAME hash <password> [cost]  Hash a password with bcrypt (cost default 10)
+  $CLI_NAME verify <password> <hash> Check if a plain password matches a bcrypt hash
+  $CLI_NAME version                 Print version
+Examples:
+  $CLI_NAME hash 'Admin@123456'     → \$2b\$10\$N9qo8uLOickgx2ZMRZoMyeIjZA...
+  $CLI_NAME verify 'Admin@123456' '\$2b\$10\$N9qo...'
 EOF
       ;;
     *)
@@ -2175,6 +2424,8 @@ EOF
 # Non-interactive mode if args provided
 if [[ $# -gt 0 ]]; then
+  detect_project  # populates PKG_MANAGER, PROJECT_ROOT, etc.
+  load_env        # optional config for subcommands that need it
   run_subcommand "$@"
   exit 0
 fi

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@mostajs/orm-cli",
-  "version": "0.3.0",
+  "version": "0.3.2",
   "description": "Universal CLI to integrate @mostajs/orm into any project — auto-detects Prisma, OpenAPI, JSON Schema. Interactive menu + subcommands. 13 databases.",
   "author": "Dr Hamid MADANI <drmdh@msn.com>",
   "license": "AGPL-3.0-or-later",
@@ -43,6 +43,7 @@
   ],
   "dependencies": {
     "@mostajs/orm": "^1.9.2",
+    "bcryptjs": "^2.4.3",
     "better-sqlite3": "^12.9.0"
   }
 }