@nitronjs/framework 0.2.2 → 0.2.4

package/lib/Database/QueryBuilder.js

@@ -1,6 +1,17 @@
 import { validateDirection, validateIdentifier, validateWhereOperator } from "./QueryValidation.js";
 import Environment from "../Core/Environment.js";
 
+/**
+ * SQL query builder with fluent interface.
+ * Provides chainable methods for building safe parameterized queries.
+ * 
+ * @example
+ * const users = await DB.table("users")
+ *     .where("status", "active")
+ *     .orderBy("created_at", "DESC")
+ *     .limit(10)
+ *     .get();
+ */
 class QueryBuilder {
     #table = null;
     #connection = null;
@@ -159,6 +170,18 @@ class QueryBuilder {
     }
 
     where(column, operator, value) {
+        if (typeof column === 'object' && column !== null && !Array.isArray(column)) {
+            for (const [key, val] of Object.entries(column)) {
+                if (Array.isArray(val) && val.length === 2) {
+                    this.where(key, val[0], val[1]);
+                }
+                else {
+                    this.where(key, '=', val);
+                }
+            }
+            return this;
+        }
+
         if (arguments.length === 2) {
             value = operator;
             operator = '=';
@@ -471,6 +494,26 @@ class QueryBuilder {
         return parseInt(result) || 0;
     }
 
+    async max(column) {
+        return await this.#aggregate('MAX', column);
+    }
+
+    async min(column) {
+        return await this.#aggregate('MIN', column);
+    }
+
+    async sum(column) {
+        const result = await this.#aggregate('SUM', column);
+
+        return parseFloat(result) || 0;
+    }
+
+    async avg(column) {
+        const result = await this.#aggregate('AVG', column);
+
+        return parseFloat(result) || 0;
+    }
+
     async #aggregate(func, column) {
         const alias = func.toLowerCase();
         const originalSelect = this.#selectColumns;

package/lib/Database/QueryValidation.js

@@ -1,54 +1,68 @@
+const RESERVED_KEYWORDS = new Set([
+    'order', 'key', 'group', 'index', 'table', 'column', 'select', 'insert',
+    'update', 'delete', 'from', 'where', 'join', 'left', 'right', 'inner',
+    'outer', 'on', 'and', 'or', 'not', 'null', 'true', 'false', 'like',
+    'in', 'between', 'is', 'as', 'by', 'asc', 'desc', 'limit', 'offset',
+    'having', 'distinct', 'all', 'any', 'exists', 'case', 'when', 'then',
+    'else', 'end', 'if', 'into', 'values', 'set', 'create', 'drop', 'alter',
+    'add', 'primary', 'foreign', 'references', 'constraint', 'default',
+    'unique', 'check', 'view', 'trigger', 'procedure', 'function', 'database',
+    'schema', 'use', 'show', 'describe', 'explain', 'grant', 'revoke',
+    'commit', 'rollback', 'transaction', 'lock', 'unlock', 'read', 'write',
+    'range', 'rows', 'rank', 'row', 'status', 'type', 'level', 'value', 'name'
+]);
+
+const ALLOWED_WHERE_OPERATORS = new Set([
+    '=', '!=', '<>', '<', '>', '<=', '>=',
+    'LIKE', 'NOT LIKE', 'ILIKE', 'NOT ILIKE',
+    'IN', 'NOT IN', 'IS', 'IS NOT',
+    'BETWEEN', 'NOT BETWEEN',
+    'REGEXP', 'NOT REGEXP', 'RLIKE', 'NOT RLIKE'
+]);
+
+const IDENTIFIER_PATTERNS = [
+    /^[a-zA-Z_][a-zA-Z0-9_]*$/,
+    /^[a-zA-Z_][a-zA-Z0-9_]*\.[a-zA-Z_][a-zA-Z0-9_]*$/,
+    /^[a-zA-Z_][a-zA-Z0-9_]*\.\*$/
+];
+
+// ─────────────────────────────────────────────────────────────────────────────
+// Public Functions
+// ─────────────────────────────────────────────────────────────────────────────
+
 export function validateIdentifier(identifier) {
     if (typeof identifier !== 'string' || identifier.length === 0) {
         throw new Error('Identifier must be a non-empty string');
     }
-
     if (identifier.length > 64) {
         throw new Error(`Invalid identifier: "${identifier}". Maximum length is 64 characters.`);
     }
-
     if (identifier === '*' || identifier === '*.*') {
         return identifier;
     }
-
     if (/--|#|\/\*|\*\//.test(identifier)) {
         throw new Error(`Invalid identifier: "${identifier}". SQL comments are not allowed.`);
     }
 
-    const patterns = [
-        /^[a-zA-Z_][a-zA-Z0-9_]*$/,
-        /^[a-zA-Z_][a-zA-Z0-9_]*\.[a-zA-Z_][a-zA-Z0-9_]*$/,
-        /^[a-zA-Z_][a-zA-Z0-9_]*\.\*$/
-    ];
-
-    const isValid = patterns.some(pattern => pattern.test(identifier));
+    if (!IDENTIFIER_PATTERNS.some(p => p.test(identifier))) {
+        throw new Error(`Invalid identifier: "${identifier}". Must be alphanumeric with underscores.`);
+    }
 
-    if (!isValid) {
-        throw new Error(`Invalid identifier: "${identifier}". Must be alphanumeric with underscores, optionally qualified with table name.`);
+    if (identifier.includes('.')) {
+        const [table, column] = identifier.split('.');
+        return column === '*'
+            ? `${escapeKeyword(table)}.*`
+            : `${escapeKeyword(table)}.${escapeKeyword(column)}`;
     }
 
-    return identifier;
+    return escapeKeyword(identifier);
 }
 
 export function validateWhereOperator(operator) {
     const normalized = String(operator).trim().toUpperCase();
-    const allowedOperators = new Set([
-        '=', '!=', '<>', '<', '>', '<=', '>=',
-        'LIKE', 'NOT LIKE', 'ILIKE', 'NOT ILIKE',
-        'IN', 'NOT IN',
-        'IS', 'IS NOT',
-        'BETWEEN', 'NOT BETWEEN',
-        'REGEXP', 'NOT REGEXP',
-        'RLIKE', 'NOT RLIKE'
-    ]);
-
-    if (!allowedOperators.has(normalized)) {
-        throw new Error(
-            `Invalid WHERE operator: '${operator}'. ` +
-            `Allowed operators: ${[...allowedOperators].join(', ')}`
-        );
+    if (!ALLOWED_WHERE_OPERATORS.has(normalized)) {
+        throw new Error(`Invalid WHERE operator: '${operator}'.`);
     }
-
     return normalized;
 }
 
@@ -57,6 +71,13 @@ export function validateDirection(direction) {
     if (upper !== 'ASC' && upper !== 'DESC') {
         throw new Error(`Invalid direction: ${direction}. Use 'ASC' or 'DESC'.`);
     }
-
     return upper;
 }
+
+// ─────────────────────────────────────────────────────────────────────────────
+// Private Functions
+// ─────────────────────────────────────────────────────────────────────────────
+
+function escapeKeyword(identifier) {
+    return RESERVED_KEYWORDS.has(identifier.toLowerCase()) ? `\`${identifier}\`` : identifier;
+}

package/lib/Database/Schema/Blueprint.js

@@ -6,6 +6,10 @@ class Blueprint {
         this.#tableName = tableName;
     }
 
+    // ─────────────────────────────────────────────────────────────────────────
+    // Public Methods
+    // ─────────────────────────────────────────────────────────────────────────
+
     getTableName() {
         return this.#tableName;
     }
@@ -14,43 +18,8 @@ class Blueprint {
         return this.#columns;
     }
 
-    #addColumn(type, name, options = {}) {
-        const column = {
-            name,
-            type,
-            ...options,
-            modifiers: {
-                nullable: false,
-                default: null,
-                unique: false
-            }
-        };
-
-        this.#columns.push(column);
-
-        return {
-            nullable: () => {
-                column.modifiers.nullable = true;
-                return this;
-            },
-            default: (value) => {
-                column.modifiers.default = value;
-                return this;
-            },
-            unique: () => {
-                column.modifiers.unique = true;
-                return this;
-            }
-        };
-    }
-
     id() {
-        const column = {
-            name: 'id',
-            type: 'id',
-            modifiers: {}
-        };
-        this.#columns.push(column);
+        this.#columns.push({ name: 'id', type: 'id', modifiers: {} });
         return this;
     }
 
@@ -81,6 +50,26 @@ class Blueprint {
     json(name) {
         return this.#addColumn('json', name);
     }
+
+    // ─────────────────────────────────────────────────────────────────────────
+    // Private Methods
+    // ─────────────────────────────────────────────────────────────────────────
+
+    #addColumn(type, name, options = {}) {
+        const column = {
+            name,
+            type,
+            ...options,
+            modifiers: { nullable: false, default: null, unique: false }
+        };
+        this.#columns.push(column);
+
+        return {
+            nullable: () => { column.modifiers.nullable = true; return this; },
+            default: (value) => { column.modifiers.default = value; return this; },
+            unique: () => { column.modifiers.unique = true; return this; }
+        };
+    }
 }
 
 export default Blueprint;

package/lib/Database/Schema/Manager.js

@@ -1,103 +1,66 @@
-import DatabaseManager from "../Manager.js";
+import DB from "../DB.js";
 import Config from "../../Core/Config.js";
 
 export default class Schema {
 
+    // Public Methods
     static async create(tableName, callback) {
         const blueprint = new (await import('./Blueprint.js')).default(tableName);
         callback(blueprint);
-
-        const sql = this.#buildCreateTableSQL(blueprint, false);
-
-        const connection = DatabaseManager.getInstance().connection();
-        await connection.raw(sql);
+        await DB.rawQuery(this.#buildCreateSQL(blueprint, false));
     }
 
     static async createIfNotExists(tableName, callback) {
         const blueprint = new (await import('./Blueprint.js')).default(tableName);
         callback(blueprint);
-
-        const sql = this.#buildCreateTableSQL(blueprint, true);
-
-        const connection = DatabaseManager.getInstance().connection();
-        await connection.raw(sql);
+        await DB.rawQuery(this.#buildCreateSQL(blueprint, true));
     }
 
     static async dropIfExists(tableName) {
-        const connection = DatabaseManager.getInstance().connection();
-        await connection.raw(`DROP TABLE IF EXISTS \`${tableName}\``);
+        await DB.rawQuery(`DROP TABLE IF EXISTS \`${tableName}\``);
     }
 
-    static #buildCreateTableSQL(blueprint, ifNotExists = false) {
-        const columns = blueprint.getColumns();
-        const columnsSql = columns.map(col => this.#buildColumnSQL(col));
-
-        const manager = DatabaseManager.getInstance();
-        const connection = manager.connection();
-        const connectionName = connection.getName();
-        const databaseConfig = Config.all('database');
-        const dbConfig = databaseConfig.connections[connectionName];
+    // Private Methods
+    static #buildCreateSQL(blueprint, ifNotExists = false) {
+        const columns = blueprint.getColumns().map(col => this.#buildColumnSQL(col));
+        const dbConfig = Config.all('database').connections.mysql;
 
         const charset = dbConfig.charset || 'utf8mb4';
         const collation = dbConfig.collation || 'utf8mb4_unicode_ci';
-
         const ifNotExistsClause = ifNotExists ? 'IF NOT EXISTS ' : '';
-        let sql = `CREATE TABLE ${ifNotExistsClause}\`${blueprint.getTableName()}\` (\n`;
-        sql += '    ' + columnsSql.join(',\n    ');
-        sql += `\n) ENGINE=InnoDB DEFAULT CHARSET=${charset} COLLATE=${collation}`;
 
-        return sql;
+        return `CREATE TABLE ${ifNotExistsClause}\`${blueprint.getTableName()}\` (\n    ${columns.join(',\n    ')}\n) ENGINE=InnoDB DEFAULT CHARSET=${charset} COLLATE=${collation}`;
     }
 
     static #buildColumnSQL(column) {
-        let sql = `\`${column.name}\` `;
-
-        switch (column.type) {
-            case 'id':
-                sql += 'BIGINT UNSIGNED AUTO_INCREMENT PRIMARY KEY';
-                return sql;
-            case 'string':
-                sql += `VARCHAR(${column.length || 255})`;
-                break;
-            case 'text':
-                sql += 'TEXT';
-                break;
-            case 'integer':
-                sql += 'INT';
-                break;
-            case 'bigInteger':
-                sql += 'BIGINT';
-                break;
-            case 'boolean':
-                sql += 'TINYINT(1)';
-                break;
-            case 'timestamp':
-                sql += 'TIMESTAMP';
-                break;
-            case 'json':
-                sql += 'JSON';
-                break;
-            default:
-                throw new Error(`Unknown column type: ${column.type}`);
+        if (column.type === 'id') {
+            return `\`${column.name}\` BIGINT UNSIGNED AUTO_INCREMENT PRIMARY KEY`;
         }
 
-        if (column.modifiers) {
-            if (column.modifiers.nullable) {
-                sql += ' NULL';
-            } else {
-                sql += ' NOT NULL';
-            }
+        const typeMap = {
+            string: `VARCHAR(${column.length || 255})`,
+            text: 'TEXT',
+            integer: 'INT',
+            bigInteger: 'BIGINT',
+            boolean: 'TINYINT(1)',
+            timestamp: 'TIMESTAMP',
+            json: 'JSON'
+        };
+
+        const type = typeMap[column.type];
+        if (!type) throw new Error(`Unknown column type: ${column.type}`);
+
+        let sql = `\`${column.name}\` ${type}`;
 
+        if (column.modifiers) {
+            sql += column.modifiers.nullable ? ' NULL' : ' NOT NULL';
             if (column.modifiers.default !== null) {
-                const defaultValue = typeof column.modifiers.default === 'string'
+                const val = typeof column.modifiers.default === 'string'
                     ? `'${column.modifiers.default}'`
                     : column.modifiers.default;
-                sql += ` DEFAULT ${defaultValue}`;
-            }
-
-            if (column.modifiers.unique) {
-                sql += ' UNIQUE';
+                sql += ` DEFAULT ${val}`;
             }
+            if (column.modifiers.unique) sql += ' UNIQUE';
         }
 
         return sql;

package/lib/Database/Seeder/SeederRunner.js

@@ -1,183 +1,62 @@
 import fs from 'fs';
 import path from 'path';
 import { pathToFileURL } from 'url';
-import Checksum from '../Migration/Checksum.js';
-import SeederRepository from './SeederRepository.js';
 import Paths from '../../Core/Paths.js';
-
-const COLORS = {
-    reset: '\x1b[0m',
-    red: '\x1b[31m',
-    green: '\x1b[32m',
-    yellow: '\x1b[33m',
-    cyan: '\x1b[36m',
-    dim: '\x1b[2m',
-    bold: '\x1b[1m'
-};
+import Output from '../../Console/Output.js';
 
 class SeederRunner {
-
-    static async run(environment = 'prod') {
-        const seedersDir = environment === 'dev' ? Paths.seedersDev : Paths.seedersProd;
+    static async run(seederName = null) {
+        const seedersDir = Paths.seeders;
 
         if (!fs.existsSync(seedersDir)) {
-            console.log(`${COLORS.yellow}⚠️  No seeders directory found for ${environment}${COLORS.reset}`);
+            Output.warn("No seeders directory found");
             return { success: true, ran: [] };
         }
 
-        const files = fs.readdirSync(seedersDir)
-            .filter(f => f.endsWith('.js'))
-            .sort();
+        let files = fs.readdirSync(seedersDir).filter(f => f.endsWith('.js')).sort();
 
         if (files.length === 0) {
-            console.log(`${COLORS.yellow}⚠️  No seeder files found in ${environment}${COLORS.reset}`);
+            Output.warn("No seeder files found");
             return { success: true, ran: [] };
         }
 
-        const executedNames = await SeederRepository.getExecutedNames();
-
-        for (const file of files) {
-            const fullName = `${environment}/${file}`;
-            if (executedNames.has(fullName)) {
-                const filePath = path.join(seedersDir, file);
-                const currentChecksum = Checksum.fromFile(filePath);
-                const storedChecksum = await SeederRepository.getChecksum(fullName);
-
-                if (currentChecksum !== storedChecksum) {
-                    console.error(`${COLORS.red}❌ CHECKSUM MISMATCH: ${fullName}${COLORS.reset}`);
-                    console.error(`${COLORS.dim}   Stored:  ${storedChecksum}${COLORS.reset}`);
-                    console.error(`${COLORS.dim}   Current: ${currentChecksum}${COLORS.reset}`);
-                    console.error(`${COLORS.red}   Seeder files must NEVER be modified after execution.${COLORS.reset}`);
-                    console.error(`${COLORS.red}   Create a NEW seeder for any data changes.${COLORS.reset}`);
-                    return { 
-                        success: false, 
-                        ran: [], 
-                        error: new Error(`Checksum mismatch for seeder: ${fullName}`) 
-                    };
-                }
+        if (seederName) {
+            const targetFile = seederName.endsWith('.js') ? seederName : `${seederName}.js`;
+            files = files.filter(f => f === targetFile);
+            if (files.length === 0) {
+                Output.error(`Seeder not found: ${seederName}`);
+                return { success: false, ran: [], error: new Error(`Seeder not found: ${seederName}`) };
             }
         }
 
-        const pending = files.filter(f => !executedNames.has(`${environment}/${f}`));
-
-        if (pending.length === 0) {
-            console.log(`${COLORS.green}✅ Nothing to seed. All ${environment} seeders are up to date.${COLORS.reset}`);
-            return { success: true, ran: [] };
-        }
-
-        console.log(`${COLORS.cyan}🌱 Running ${environment} seeders${COLORS.reset}\n`);
+        Output.seederHeader();
 
         const executed = [];
 
         try {
-            for (const file of pending) {
-                const filePath = path.join(seedersDir, file);
-                const fileUrl = pathToFileURL(filePath).href;
-                const checksum = Checksum.fromFile(filePath);
-                const fullName = `${environment}/${file}`;
-
-                console.log(`${COLORS.dim}Seeding:${COLORS.reset} ${COLORS.cyan}${fullName}${COLORS.reset}`);
-
-                const { default: seeder } = await import(fileUrl);
+            for (const file of files) {
+                const fileUrl = pathToFileURL(path.join(seedersDir, file)).href;
+                Output.pending("Seeding", file);
 
+                const { default: seeder } = await import(`${fileUrl}?t=${Date.now()}`);
                 if (typeof seeder.run !== 'function') {
                     throw new Error(`Seeder ${file} does not have a run() method`);
                 }
 
                 await seeder.run();
-                await SeederRepository.log(fullName, checksum);
-                executed.push(fullName);
-
-                console.log(`${COLORS.green}✅ Seeded:${COLORS.reset}  ${COLORS.cyan}${fullName}${COLORS.reset}\n`);
+                executed.push(file);
+                Output.done("Seeded", file);
             }
 
-            console.log(`${COLORS.green}${COLORS.bold}✅ All ${environment} seeders completed successfully.${COLORS.reset}`);
+            Output.seederSuccess();
             return { success: true, ran: executed };
-
-        } catch (error) {
-            console.error(`\n${COLORS.red}❌ Seeding failed: ${error.message}${COLORS.reset}`);
-            return { success: false, ran: executed, error };
-        }
-    }
-
-    static async runAll() {
-        console.log(`${COLORS.bold}Running prod seeders...${COLORS.reset}\n`);
-        const prodResult = await this.run('prod');
-
-        if (!prodResult.success) {
-            return prodResult;
         }
-
-        console.log(`\n${COLORS.bold}Running dev seeders...${COLORS.reset}\n`);
-        const devResult = await this.run('dev');
-
-        return {
-            success: devResult.success,
-            ran: [...prodResult.ran, ...devResult.ran],
-            error: devResult.error
-        };
-    }
-
-    static async status() {
-        const prodDir = Paths.seedersProd;
-        const devDir = Paths.seedersDev;
-
-        const status = [];
-
-        if (fs.existsSync(prodDir)) {
-            const prodFiles = fs.readdirSync(prodDir).filter(f => f.endsWith('.js')).sort();
-            for (const file of prodFiles) {
-                const fullName = `prod/${file}`;
-                const record = await SeederRepository.find(fullName);
-                status.push({
-                    name: fullName,
-                    status: record ? 'Ran' : 'Pending',
-                    executedAt: record?.executed_at || null
-                });
-            }
-        }
-
-        if (fs.existsSync(devDir)) {
-            const devFiles = fs.readdirSync(devDir).filter(f => f.endsWith('.js')).sort();
-            for (const file of devFiles) {
-                const fullName = `dev/${file}`;
-                const record = await SeederRepository.find(fullName);
-                status.push({
-                    name: fullName,
-                    status: record ? 'Ran' : 'Pending',
-                    executedAt: record?.executed_at || null
-                });
-            }
-        }
-
-        return status;
-    }
-
-    static async printStatus() {
-        const status = await this.status();
-
-        if (status.length === 0) {
-            console.log(`${COLORS.yellow}⚠️  No seeders found.${COLORS.reset}`);
-            return;
-        }
-
-        console.log(`\n${COLORS.bold}Seeder Status${COLORS.reset}\n`);
-        console.log(`${COLORS.dim}${'─'.repeat(80)}${COLORS.reset}`);
-
-        for (const seeder of status) {
-            const statusColor = seeder.status === 'Ran' ? COLORS.green : COLORS.yellow;
-            const statusIcon = seeder.status === 'Ran' ? '✅' : '⏳';
-
-            console.log(`${statusIcon} ${statusColor}${seeder.status.padEnd(7)}${COLORS.reset} ${seeder.name}`);
+        catch (error) {
+            Output.newline();
+            Output.error(`Seeding failed: ${error.message}`);
+            return { success: false, ran: executed, error };
         }
-
-        console.log(`${COLORS.dim}${'─'.repeat(80)}${COLORS.reset}\n`);
-
-        const ran = status.filter(s => s.status === 'Ran').length;
-        const pending = status.filter(s => s.status === 'Pending').length;
-        console.log(`${COLORS.dim}Total: ${status.length} | Ran: ${ran} | Pending: ${pending}${COLORS.reset}\n`);
     }
-
 }
 
 export default SeederRunner;

package/lib/Date/DateTime.js

@@ -1,6 +1,15 @@
 import locale from './Locale.js';
 import Config from '../Core/Config.js';
 
+/**
+ * Date and time utility with timezone and localization support.
+ * Uses config/app.js timezone and locale settings.
+ * 
+ * @example
+ * DateTime.toSQL();           // "2025-01-15 10:30:00"
+ * DateTime.addDays(7);        // 7 days from now
+ * DateTime.diffForHumans(ts); // "2 hours ago"
+ */
 class DateTime {
     static #getDate(date = null) {
         const timezone = Config.get('app.timezone', 'UTC');

package/lib/Encryption/Encryption.js

@@ -0,0 +1,52 @@
+import crypto from "crypto";
+
+/**
+ * AES-256-CBC encryption and decryption utility.
+ * Uses APP_KEY from environment for secure encryption.
+ */
+class Encryption {
+    /**
+     * Encrypts a value using AES-256-CBC.
+     * @param {string|Object} value - Value to encrypt (objects are JSON stringified)
+     * @returns {string} Encrypted string in format "iv:encryptedData"
+     */
+    static encrypt(value) {
+        if (typeof value === "object") {
+            value = JSON.stringify(value);
+        }
+
+        const secretKey = crypto.createHash("sha256").update(process.env.APP_KEY).digest();
+        const iv = crypto.randomBytes(16);
+        const cipher = crypto.createCipheriv("aes-256-cbc", secretKey, iv);
+
+        let encrypted = cipher.update(value, "utf8", "hex");
+        encrypted += cipher.final("hex");
+
+        return iv.toString("hex") + ":" + encrypted;
+    }
+
+    /**
+     * Decrypts an AES-256-CBC encrypted value.
+     * @param {string} encryptedValue - Encrypted string in format "iv:encryptedData"
+     * @returns {string|false} Decrypted string or false if decryption fails
+     */
+    static decrypt(encryptedValue) {
+        try {
+            const parts = encryptedValue.split(":");
+            const iv = Buffer.from(parts.shift(), "hex");
+            const encryptedText = Buffer.from(parts.join(":"), "hex");
+            const secretKey = crypto.createHash("sha256").update(process.env.APP_KEY).digest();
+            const decipher = crypto.createDecipheriv("aes-256-cbc", secretKey, iv);
+
+            let decrypted = decipher.update(encryptedText, "hex", "utf8");
+            decrypted += decipher.final("utf8");
+
+            return decrypted;
+        }
+        catch {
+            return false;
+        }
+    }
+}
+
+export default Encryption;