@nixxie-cms/core 1.0.3 → 2.0.0

package/fields/types/multiselect/views/dist/nixxie-cms-core-fields-types-multiselect-views.cjs.js

@@ -101,12 +101,7 @@ const Cell = ({
     type: 'conjunction'
   });
   const labels = value.map(x => field.valuesToOptionsWithStringValues[x].label);
-  let cellContent = null;
-  if (value.length > 3) {
-    cellContent = listFormatter.format([labels[0], `${value.length - 1} more`]);
-  } else {
-    cellContent = listFormatter.format(labels);
-  }
+  const cellContent = value.length > 3 ? listFormatter.format([labels[0], `${value.length - 1} more`]) : listFormatter.format(labels);
   return /*#__PURE__*/jsxRuntime.jsx(typography.Text, {
     children: cellContent
   });

package/fields/types/multiselect/views/dist/nixxie-cms-core-fields-types-multiselect-views.esm.js

@@ -97,12 +97,7 @@ const Cell = ({
     type: 'conjunction'
   });
   const labels = value.map(x => field.valuesToOptionsWithStringValues[x].label);
-  let cellContent = null;
-  if (value.length > 3) {
-    cellContent = listFormatter.format([labels[0], `${value.length - 1} more`]);
-  } else {
-    cellContent = listFormatter.format(labels);
-  }
+  const cellContent = value.length > 3 ? listFormatter.format([labels[0], `${value.length - 1} more`]) : listFormatter.format(labels);
   return /*#__PURE__*/jsx(Text, {
     children: cellContent
   });

package/fields/types/password/dist/nixxie-cms-core-fields-types-password.cjs.js

@@ -4,14 +4,16 @@ Object.defineProperty(exports, '__esModule', { value: true });
 
 var bcryptjs = require('bcryptjs');
 var dumbPasswords = require('dumb-passwords');
-var resolveHooks = require('../../../../dist/resolve-hooks-165a9ce2.cjs.js');
+var resolveHooks = require('../../../../dist/resolve-hooks-10a5f84c.cjs.js');
 require('pluralize');
 var nextFields = require('../../../../dist/next-fields-49c025ef.cjs.js');
-var nonNullGraphql = require('../../../../dist/non-null-graphql-add6bb3d.cjs.js');
+require('node:crypto');
+var nonNullGraphql = require('../../../../dist/non-null-graphql-4a44c122.cjs.js');
 require('node:path');
 require('@graphql-ts/schema');
 require('@graphql-ts/extend');
 var graphql = require('graphql');
+require('node:async_hooks');
 require('decimal.js');
 require('graphql-upload/GraphQLUpload.js');
 

package/fields/types/password/dist/nixxie-cms-core-fields-types-password.esm.js

@@ -1,13 +1,15 @@
 import bcryptjs from 'bcryptjs';
 import dumbPasswords from 'dumb-passwords';
-import { u as userInputError } from '../../../../dist/resolve-hooks-6813a045.esm.js';
+import { u as userInputError } from '../../../../dist/resolve-hooks-9e676794.esm.js';
 import 'pluralize';
 import { g, f as fieldType } from '../../../../dist/next-fields-9bf04ed8.esm.js';
-import { m as makeValidateHook, d as defaultIsRequired } from '../../../../dist/non-null-graphql-a84ed64d.esm.js';
+import 'node:crypto';
+import { m as makeValidateHook, d as defaultIsRequired } from '../../../../dist/non-null-graphql-8c5feaae.esm.js';
 import 'node:path';
 import '@graphql-ts/schema';
 import '@graphql-ts/extend';
 import { isObjectType } from 'graphql';
+import 'node:async_hooks';
 import 'decimal.js';
 import 'graphql-upload/GraphQLUpload.js';
 

package/internal-unstable/artifacts/dist/nixxie-cms-core-internal-unstable-artifacts.cjs.js

@@ -2,9 +2,9 @@
 
 Object.defineProperty(exports, '__esModule', { value: true });
 
-var express = require('../../../dist/express-455ae20c.cjs.js');
+var express = require('../../../dist/express-84d534c2.cjs.js');
 var migrations = require('../../../dist/migrations-ab2e0fd4.cjs.js');
-var system = require('../../../dist/system-a321642d.cjs.js');
+var system = require('../../../dist/system-6b37a5f8.cjs.js');
 require('node:fs/promises');
 require('node:path');
 require('@prisma/internals');
@@ -24,12 +24,13 @@ require('@prisma/migrate');
 require('node:crypto');
 require('../../../dist/admin-meta-18d0c276.cjs.js');
 require('@graphql-ts/schema');
-require('../../../dist/resolve-hooks-165a9ce2.cjs.js');
+require('../../../dist/resolve-hooks-10a5f84c.cjs.js');
 require('pluralize');
 require('../../../dist/next-fields-49c025ef.cjs.js');
 require('decimal.js');
 require('@graphql-ts/extend');
 require('graphql-upload/GraphQLUpload.js');
+require('node:async_hooks');
 require('../../../dist/utils-e74e3527.cjs.js');
 require('../../../dist/utils-1b632a8f.cjs.js');
 require('../../../access/dist/nixxie-cms-core-access.cjs.js');

package/internal-unstable/artifacts/dist/nixxie-cms-core-internal-unstable-artifacts.esm.js

@@ -1,6 +1,6 @@
-export { E as ExitError, e as buildArtifacts, c as createExpressServer, g as generateArtifacts } from '../../../dist/express-7559ca2d.esm.js';
+export { E as ExitError, e as buildArtifacts, c as createExpressServer, g as generateArtifacts } from '../../../dist/express-d0a4ce99.esm.js';
 export { w as withMigrate } from '../../../dist/migrations-996e66a0.esm.js';
-export { c as createSystem } from '../../../dist/system-03e49e4f.esm.js';
+export { a as createSystem } from '../../../dist/system-e591d821.esm.js';
 import 'node:fs/promises';
 import 'node:path';
 import '@prisma/internals';
@@ -20,12 +20,13 @@ import '@prisma/migrate';
 import 'node:crypto';
 import '../../../dist/admin-meta-14c60fec.esm.js';
 import '@graphql-ts/schema';
-import '../../../dist/resolve-hooks-6813a045.esm.js';
+import '../../../dist/resolve-hooks-9e676794.esm.js';
 import 'pluralize';
 import '../../../dist/next-fields-9bf04ed8.esm.js';
 import 'decimal.js';
 import '@graphql-ts/extend';
 import 'graphql-upload/GraphQLUpload.js';
+import 'node:async_hooks';
 import '../../../dist/utils-ef2cd0f4.esm.js';
 import '../../../dist/utils-0cc426c8.esm.js';
 import '../../../access/dist/nixxie-cms-core-access.esm.js';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nixxie-cms/core",
-  "version": "1.0.3",
+  "version": "2.0.0",
   "repository": {
     "type": "git",
     "url": "https://github.com/nixxiecms/nixxie/tree/main/packages/core"
@@ -266,12 +266,14 @@
     "clipboard-copy": "^4.0.1",
     "conf": "^10.2.0",
     "cookie": "^1.0.0",
+    "@types/cors": "^2.8.13",
     "cors": "^2.8.5",
     "dataloader": "^2.1.0",
     "date-fns": "^4.0.0",
     "decimal.js": "^10.4.1",
     "dumb-passwords": "^0.2.1",
     "esbuild": "^0.28.0",
+    "@types/express": "^4.17.14",
     "express": "^4.19.2",
     "fast-deep-equal": "^3.1.3",
     "fs-extra": "^11.0.0",
@@ -293,8 +295,6 @@
     "@types/apollo-upload-client": "19.0.0",
     "@types/body-parser": "^1.19.2",
     "@types/bytes": "^3.1.1",
-    "@types/cors": "^2.8.13",
-    "@types/express": "^4.17.14",
     "@types/fs-extra": "^11.0.0",
     "@types/pluralize": "^0.0.33",
     "@types/prompts": "^2.0.14",
@@ -302,7 +302,7 @@
     "@types/react-dom": "^19.2.3",
     "@types/resolve": "^1.20.2",
     "@types/uuid": "^11.0.0",
-    "@nixxie-cms/core": "^1.0.3"
+    "@nixxie-cms/core": "^2.0.0"
   },
   "preconstruct": {
     "entrypoints": [

package/scripts/cli/dist/nixxie-cms-core-scripts-cli.cjs.js

@@ -10,8 +10,8 @@ var fs = require('node:fs/promises');
 var path = require('node:path');
 var node_util = require('node:util');
 var resolve = require('resolve');
-var system = require('../../../dist/system-a321642d.cjs.js');
-var express = require('../../../dist/express-455ae20c.cjs.js');
+var system = require('../../../dist/system-6b37a5f8.cjs.js');
+var express = require('../../../dist/express-84d534c2.cjs.js');
 var node_module = require('node:module');
 var node_http = require('node:http');
 var internals = require('@prisma/internals');
@@ -30,12 +30,13 @@ var node_child_process = require('node:child_process');
 var node_crypto = require('node:crypto');
 require('../../../dist/admin-meta-18d0c276.cjs.js');
 require('@graphql-ts/schema');
-require('../../../dist/resolve-hooks-165a9ce2.cjs.js');
+require('../../../dist/resolve-hooks-10a5f84c.cjs.js');
 require('pluralize');
 require('../../../dist/next-fields-49c025ef.cjs.js');
 require('decimal.js');
 require('@graphql-ts/extend');
 require('graphql-upload/GraphQLUpload.js');
+require('node:async_hooks');
 require('../../../dist/utils-e74e3527.cjs.js');
 require('../../../dist/utils-1b632a8f.cjs.js');
 require('../../../access/dist/nixxie-cms-core-access.cjs.js');

package/scripts/cli/dist/nixxie-cms-core-scripts-cli.esm.js

@@ -6,8 +6,8 @@ import fs from 'node:fs/promises';
 import path, { join } from 'node:path';
 import { promisify } from 'node:util';
 import resolve from 'resolve';
-import { w as withSpan, c as createSystem } from '../../../dist/system-03e49e4f.esm.js';
-import { i as importBuiltNixxieConfiguration, v as validateArtifacts, g as generateArtifacts, a as generateTypes, b as generatePrismaClient, E as ExitError, c as createExpressServer, p as printPrismaSchema, d as getFormattedGraphQLSchema } from '../../../dist/express-7559ca2d.esm.js';
+import { w as withSpan, a as createSystem } from '../../../dist/system-e591d821.esm.js';
+import { i as importBuiltNixxieConfiguration, v as validateArtifacts, g as generateArtifacts, a as generateTypes, b as generatePrismaClient, E as ExitError, c as createExpressServer, p as printPrismaSchema, d as getFormattedGraphQLSchema } from '../../../dist/express-d0a4ce99.esm.js';
 import { createRequire } from 'node:module';
 import { createServer } from 'node:http';
 import { createDatabase, dropDatabase } from '@prisma/internals';
@@ -26,12 +26,13 @@ import { spawn } from 'node:child_process';
 import { randomBytes } from 'node:crypto';
 import '../../../dist/admin-meta-14c60fec.esm.js';
 import '@graphql-ts/schema';
-import '../../../dist/resolve-hooks-6813a045.esm.js';
+import '../../../dist/resolve-hooks-9e676794.esm.js';
 import 'pluralize';
 import '../../../dist/next-fields-9bf04ed8.esm.js';
 import 'decimal.js';
 import '@graphql-ts/extend';
 import 'graphql-upload/GraphQLUpload.js';
+import 'node:async_hooks';
 import '../../../dist/utils-ef2cd0f4.esm.js';
 import '../../../dist/utils-0cc426c8.esm.js';
 import '../../../access/dist/nixxie-cms-core-access.esm.js';

package/scripts/dist/nixxie-cms-core-scripts.cjs.js

@@ -1,7 +1,7 @@
 'use strict';
 
 var scripts_cli_dist_nixxieCmsCoreScriptsCli = require('../cli/dist/nixxie-cms-core-scripts-cli.cjs.js');
-var express = require('../../dist/express-455ae20c.cjs.js');
+var express = require('../../dist/express-84d534c2.cjs.js');
 require('meow');
 require('esbuild');
 require('@nodelib/fs.walk');
@@ -10,17 +10,18 @@ require('node:fs/promises');
 require('node:path');
 require('node:util');
 require('resolve');
-require('../../dist/system-a321642d.cjs.js');
+require('../../dist/system-6b37a5f8.cjs.js');
 require('node:crypto');
 require('../../dist/admin-meta-18d0c276.cjs.js');
 require('graphql');
 require('@graphql-ts/schema');
-require('../../dist/resolve-hooks-165a9ce2.cjs.js');
+require('../../dist/resolve-hooks-10a5f84c.cjs.js');
 require('pluralize');
 require('../../dist/next-fields-49c025ef.cjs.js');
 require('decimal.js');
 require('@graphql-ts/extend');
 require('graphql-upload/GraphQLUpload.js');
+require('node:async_hooks');
 require('../../dist/utils-e74e3527.cjs.js');
 require('../../dist/utils-1b632a8f.cjs.js');
 require('../../access/dist/nixxie-cms-core-access.cjs.js');

package/scripts/dist/nixxie-cms-core-scripts.esm.js

@@ -1,5 +1,5 @@
 import { cli } from '../cli/dist/nixxie-cms-core-scripts-cli.esm.js';
-import { E as ExitError } from '../../dist/express-7559ca2d.esm.js';
+import { E as ExitError } from '../../dist/express-d0a4ce99.esm.js';
 import 'meow';
 import 'esbuild';
 import '@nodelib/fs.walk';
@@ -8,17 +8,18 @@ import 'node:fs/promises';
 import 'node:path';
 import 'node:util';
 import 'resolve';
-import '../../dist/system-03e49e4f.esm.js';
+import '../../dist/system-e591d821.esm.js';
 import 'node:crypto';
 import '../../dist/admin-meta-14c60fec.esm.js';
 import 'graphql';
 import '@graphql-ts/schema';
-import '../../dist/resolve-hooks-6813a045.esm.js';
+import '../../dist/resolve-hooks-9e676794.esm.js';
 import 'pluralize';
 import '../../dist/next-fields-9bf04ed8.esm.js';
 import 'decimal.js';
 import '@graphql-ts/extend';
 import 'graphql-upload/GraphQLUpload.js';
+import 'node:async_hooks';
 import '../../dist/utils-ef2cd0f4.esm.js';
 import '../../dist/utils-0cc426c8.esm.js';
 import '../../access/dist/nixxie-cms-core-access.esm.js';

package/session/dist/nixxie-cms-core-session.cjs.js

@@ -5,6 +5,18 @@ Object.defineProperty(exports, '__esModule', { value: true });
 var node_crypto = require('node:crypto');
 var cookie = require('cookie');
 var Iron = require('@hapi/iron');
+var index = require('../../dist/index-6055753b.cjs.js');
+require('pluralize');
+require('../../dist/next-fields-49c025ef.cjs.js');
+require('decimal.js');
+require('@graphql-ts/schema');
+require('@graphql-ts/extend');
+require('graphql-upload/GraphQLUpload.js');
+require('graphql');
+require('../../dist/resolve-hooks-10a5f84c.cjs.js');
+require('node:async_hooks');
+require('../../dist/non-null-graphql-4a44c122.cjs.js');
+require('node:path');
 
 function _interopDefault (e) { return e && e.__esModule ? e : { 'default': e }; }
 
@@ -104,6 +116,224 @@ function statelessSessions({
     }
   };
 }
+function sessionModel(context, collection) {
+  var _context$prisma;
+  const delegate = (_context$prisma = context.prisma) === null || _context$prisma === void 0 ? void 0 : _context$prisma[collection[0].toLowerCase() + collection.slice(1)];
+  if (!delegate) {
+    throw new Error(`persistentSessions: collection "${collection}" was not found in the Prisma client. ` + `Add it to your config (e.g. \`collections: { ${collection}: sessionCollection() }\`) and run a migration.`);
+  }
+  return delegate;
+}
+
+/**
+ * Database-backed sessions: the cookie carries only an opaque token; the session itself
+ * lives in a collection, so sessions survive restarts, can be listed per user, and can be
+ * revoked server-side (see `listSessions` / `revokeSession` / `revokeUserSessions`).
+ *
+ * Tracks `lastSeenAt` (refreshed at most once a minute), `userAgent` and `ip` per session.
+ * Pair with a scheduled `pruneSessions()` job to clear expired/revoked rows.
+ */
+function persistentSessions({
+  collection = 'UserSession',
+  maxAge = 60 * 60 * 8,
+  // 8 hours
+  ...statelessSessionsOptions
+} = {}) {
+  const stateless = statelessSessions({
+    ...statelessSessionsOptions,
+    maxAge
+  });
+  return {
+    async get({
+      context
+    }) {
+      const token = await stateless.get({
+        context
+      });
+      if (!token) return;
+      const row = await sessionModel(context, collection).findUnique({
+        where: {
+          token
+        }
+      });
+      if (!row || row.revokedAt) return;
+      if (row.expiresAt && row.expiresAt.getTime() < Date.now()) return;
+
+      // Refresh activity tracking at most once a minute; never block the request on it.
+      if (!row.lastSeenAt || Date.now() - row.lastSeenAt.getTime() > 60000) {
+        void sessionModel(context, collection).update({
+          where: {
+            token
+          },
+          data: {
+            lastSeenAt: new Date()
+          }
+        }).catch(() => {});
+      }
+      return row.data;
+    },
+    async start({
+      context,
+      data
+    }) {
+      var _ref, _ref2, _ref3, _forwarded$split$, _req$socket;
+      const token = node_crypto.randomBytes(24).toString('base64url'); // 192-bit
+      const req = context.req;
+      const forwarded = req === null || req === void 0 ? void 0 : req.headers['x-forwarded-for'];
+      await sessionModel(context, collection).create({
+        data: {
+          token,
+          data: data,
+          itemId: (data === null || data === void 0 ? void 0 : data.itemId) != null ? String(data.itemId) : null,
+          expiresAt: new Date(Date.now() + maxAge * 1000),
+          createdAt: new Date(),
+          lastSeenAt: new Date(),
+          userAgent: (_ref = req === null || req === void 0 ? void 0 : req.headers['user-agent']) !== null && _ref !== void 0 ? _ref : null,
+          ip: (_ref2 = (_ref3 = typeof forwarded === 'string' ? (_forwarded$split$ = forwarded.split(',')[0]) === null || _forwarded$split$ === void 0 ? void 0 : _forwarded$split$.trim() : forwarded === null || forwarded === void 0 ? void 0 : forwarded[0]) !== null && _ref3 !== void 0 ? _ref3 : req === null || req === void 0 || (_req$socket = req.socket) === null || _req$socket === void 0 ? void 0 : _req$socket.remoteAddress) !== null && _ref2 !== void 0 ? _ref2 : null
+        }
+      });
+      return (await stateless.start({
+        context,
+        data: token
+      })) || '';
+    },
+    async end({
+      context
+    }) {
+      const token = await stateless.get({
+        context
+      });
+      if (token) {
+        await sessionModel(context, collection).deleteMany({
+          where: {
+            token
+          }
+        });
+      }
+      await stateless.end({
+        context
+      });
+    }
+  };
+}
+const stripToken = row => {
+  var _row$itemId, _row$lastSeenAt, _row$expiresAt, _row$revokedAt, _row$userAgent, _row$ip;
+  return {
+    id: row.id,
+    itemId: (_row$itemId = row.itemId) !== null && _row$itemId !== void 0 ? _row$itemId : null,
+    createdAt: row.createdAt,
+    lastSeenAt: (_row$lastSeenAt = row.lastSeenAt) !== null && _row$lastSeenAt !== void 0 ? _row$lastSeenAt : null,
+    expiresAt: (_row$expiresAt = row.expiresAt) !== null && _row$expiresAt !== void 0 ? _row$expiresAt : null,
+    revokedAt: (_row$revokedAt = row.revokedAt) !== null && _row$revokedAt !== void 0 ? _row$revokedAt : null,
+    userAgent: (_row$userAgent = row.userAgent) !== null && _row$userAgent !== void 0 ? _row$userAgent : null,
+    ip: (_row$ip = row.ip) !== null && _row$ip !== void 0 ? _row$ip : null
+  };
+};
+
+/** Active (non-revoked, non-expired) sessions for a user, without their tokens. */
+async function listSessions(context, itemId, {
+  collection = 'UserSession'
+} = {}) {
+  const rows = await sessionModel(context, collection).findMany({
+    where: {
+      itemId: String(itemId),
+      revokedAt: null,
+      expiresAt: {
+        gte: new Date()
+      }
+    },
+    orderBy: {
+      lastSeenAt: 'desc'
+    }
+  });
+  return rows.map(stripToken);
+}
+
+/** Revoke a single session by its row id. The next request with its cookie is signed out. */
+async function revokeSession(context, sessionId, {
+  collection = 'UserSession'
+} = {}) {
+  await sessionModel(context, collection).updateMany({
+    where: {
+      id: sessionId
+    },
+    data: {
+      revokedAt: new Date()
+    }
+  });
+}
+
+/** Revoke every session belonging to a user (e.g. after a password change). */
+async function revokeUserSessions(context, itemId, {
+  collection = 'UserSession'
+} = {}) {
+  const result = await sessionModel(context, collection).updateMany({
+    where: {
+      itemId: String(itemId),
+      revokedAt: null
+    },
+    data: {
+      revokedAt: new Date()
+    }
+  });
+  return result.count;
+}
+
+/** Delete expired and revoked session rows. Run from a scheduled job. */
+async function pruneSessions(context, {
+  collection = 'UserSession'
+} = {}) {
+  const result = await sessionModel(context, collection).deleteMany({
+    where: {
+      OR: [{
+        expiresAt: {
+          lt: new Date()
+        }
+      }, {
+        revokedAt: {
+          not: null
+        }
+      }]
+    }
+  });
+  return result.count;
+}
+
+/**
+ * Sign the current user in as another user, recording who is impersonating in the
+ * session (`impersonatedBy`). Works with any session strategy. The caller is
+ * responsible for authorising the action (e.g. an admin-only check).
+ */
+async function startImpersonation(context, itemId) {
+  if (!context.sessionStrategy) throw new Error('startImpersonation: no session strategy configured');
+  const current = context.session;
+  if (!(current !== null && current !== void 0 && current.itemId)) throw new Error('startImpersonation: there is no signed-in session');
+  if (current.impersonatedBy != null) {
+    throw new Error('startImpersonation: already impersonating — end the current impersonation first');
+  }
+  await context.sessionStrategy.start({
+    context,
+    data: {
+      itemId,
+      impersonatedBy: current.itemId
+    }
+  });
+}
+
+/** Return from an impersonated session to the original user's session. */
+async function endImpersonation(context) {
+  if (!context.sessionStrategy) throw new Error('endImpersonation: no session strategy configured');
+  const current = context.session;
+  if ((current === null || current === void 0 ? void 0 : current.impersonatedBy) == null) {
+    throw new Error('endImpersonation: the current session is not impersonating anyone');
+  }
+  await context.sessionStrategy.start({
+    context,
+    data: {
+      itemId: current.impersonatedBy
+    }
+  });
+}
 function storedSessions({
   store: storeFn,
   maxAge = 60 * 60 * 8,
@@ -153,5 +383,61 @@ function storedSessions({
   };
 }
 
+/**
+ * Ready-made collection definition backing `persistentSessions()`.
+ *
+ * @example
+ * config({
+ *   collections: {
+ *     UserSession: sessionCollection(),
+ *     ...collections,
+ *   },
+ *   session: persistentSessions({ collection: 'UserSession' }),
+ * })
+ */
+function sessionCollection() {
+  return {
+    fields: {
+      token: index.text({
+        validation: {
+          isRequired: true
+        },
+        isIndexed: 'unique'
+      }),
+      data: index.json(),
+      itemId: index.text({
+        isIndexed: true
+      }),
+      expiresAt: index.timestamp(),
+      createdAt: index.timestamp({
+        defaultValue: {
+          kind: 'now'
+        },
+        db: {
+          isNullable: false
+        }
+      }),
+      lastSeenAt: index.timestamp(),
+      revokedAt: index.timestamp(),
+      userAgent: index.text(),
+      ip: index.text()
+    },
+    graphql: {
+      omit: true
+    },
+    ui: {
+      hideNavigation: true
+    }
+  };
+}
+
+exports.endImpersonation = endImpersonation;
+exports.listSessions = listSessions;
+exports.persistentSessions = persistentSessions;
+exports.pruneSessions = pruneSessions;
+exports.revokeSession = revokeSession;
+exports.revokeUserSessions = revokeUserSessions;
+exports.sessionCollection = sessionCollection;
+exports.startImpersonation = startImpersonation;
 exports.statelessSessions = statelessSessions;
 exports.storedSessions = storedSessions;