@paralect/hive 0.1.48 → 0.1.50-alpha.0

package/.hive/src/routes/index.js

@@ -0,0 +1,172 @@
+import _ from "lodash";
+import getResources from "helpers/getResources";
+import getMiddlewares from "helpers/getMiddlewares";
+import getResourceEndpoints from "helpers/getResourceEndpoints";
+import mount from "koa-mount";
+import Router from "@koa/router";
+import validate from "middlewares/validate";
+import db from "db";
+import tryToAttachUser from "middlewares/global/tryToAttachUser";
+import attachCustomErrors from "./middlewares/attachCustomErrors";
+import routeErrorHandler from "./middlewares/routeErrorHandler";
+import isAuthorized from "middlewares/isAuthorized";
+import config from 'app-config';
+
+const requestLogService = db.createService("_request_logs");
+
+const logRequestToMongo = async (ctx, next) => {
+  const startedOn = new Date();
+
+  const saveLog = async ({ error = null } = {}) => {
+    if (ctx.state.isSkipLog) {
+      return;
+    }
+
+    if (ctx.state.resourceName && ctx.state.endpoint) {
+      const requestLog = {
+        isSuccess: true,
+        request: {
+          url: ctx.originalUrl,
+          method: ctx.request.method,
+          query: ctx.query,
+          body: ctx.request.body,
+          params: ctx.params,
+          headers: ctx.headers,
+        },
+        response: {
+          status: ctx.status,
+          body: ctx.body,
+        },
+        resourceName: ctx.state.resourceName,
+        endpoint: ctx.state.endpoint,
+        time: new Date() - startedOn,
+      };
+      if (error) {
+        requestLog.isSuccess = false;
+        requestLog.error = {
+          message: error.message,
+          stack: error.stack,
+        };
+      }
+      await requestLogService.create(requestLog);
+    }
+  };
+
+  try {
+    await next();
+
+    await saveLog({ error: ctx.state.error });
+
+  } catch (err) {
+    await saveLog({ error: err });
+    throw err;
+  }
+};
+
+export default async (app) => {
+  app.use(logRequestToMongo);
+  app.use(attachCustomErrors);
+  app.use(routeErrorHandler);
+  app.use(tryToAttachUser);
+
+  const [resources, allMiddlewares] = await Promise.all([getResources(), getMiddlewares()]);
+
+  await Promise.all(_.map(resources, async ({ name: resourceName }) => {
+    const resourceRouter = new Router();
+    const globalRouter = new Router();
+    const endpoints = await Promise.all((await getResourceEndpoints(resourceName))
+      .map(async ({ file: endpointFile, name }) => {
+        let endpointDef = (await import(endpointFile));
+
+        if (!endpointDef.endpoint) {
+          console.log('missing endpoint for', name);
+        }
+        endpointDef.endpoint.name = name;
+
+        return {
+          endpoint: endpointDef.endpoint,
+          requestSchema: endpointDef.requestSchema,
+          middlewares: endpointDef.middlewares,
+          handler: endpointDef.handler,
+        };
+      })
+      .sort((e) => {
+        e.endpoint = e.endpoint || { method: "get", url: "/" };
+        const url = e.endpoint.url || e.endpoint.absoluteUrl;
+        if (url.includes("/:")) {
+          return 1;
+        }
+        return -1;
+      }));
+
+    endpoints.forEach(({ endpoint, requestSchema, middlewares = [], handler }) => {
+      let targetRouter;
+      console.log('[routes] Register endpoint', resourceName, endpoint?.method || 'GET', endpoint?.url);
+
+      let url = endpoint.absoluteUrl || endpoint.url;
+
+      if (url.startsWith("$HOST/")) {
+        url = url.replace("$HOST", "");
+        targetRouter = globalRouter;
+      } else if (endpoint.absoluteUrl) {
+        targetRouter = globalRouter;
+      } else {
+        targetRouter = resourceRouter;
+      }
+
+      const globalMiddleware = allMiddlewares.find(m => m.name === 'global');
+
+      if (globalMiddleware) {
+        globalMiddleware.runOrder = 0;
+        middlewares.unshift(globalMiddleware.fn);
+      }
+
+      middlewares = middlewares.map(middleware => {
+        if (_.isString(middleware)) {
+          if (!allMiddlewares.find(m => m.name === middleware)) {
+            throw new Error(`Middleware ${middleware} not found`);
+          }
+
+          middleware = allMiddlewares.find(m => m.name === middleware).fn;
+        } else if (middleware?.name && middleware?.args) {
+          if (!allMiddlewares.find(m => m.name === middleware.name)) {
+            throw new Error(`Middleware ${middleware.name} not found`);
+          };
+          middleware = allMiddlewares.find(m => m.name === middleware.name).fn(...middleware.args);
+        }
+
+        return middleware;
+      }).map(middleware => {
+        middleware.runOrder = _.isNumber(middleware.runOrder) ? middleware.runOrder : 1;
+        return middleware;
+      });
+
+
+      if (config._hive.isRequireAuthAllEndpoints) {
+        isAuthorized.runOrder = 0;
+        middlewares.unshift(isAuthorized);
+      }
+
+      targetRouter[endpoint.method?.toLowerCase() || "get"](
+        url,
+        async (ctx, next) => {
+          ctx.state.resourceName = resourceName;
+          ctx.state.endpoint = endpoint;
+          await next();
+        },
+        validate(requestSchema),
+        ..._.sortBy(middlewares, m => m.runOrder),
+        async ctx => {
+          const result = await handler(ctx);
+
+          if (!ctx.body) {
+            ctx.body = result || { isOk: true };
+          }
+        }
+      );
+    });
+
+    app.use(globalRouter.routes());
+    app.use(mount(`/${resourceName}`, resourceRouter.routes()));
+  }));
+};

package/.hive/src/routes/middlewares/attachCustomErrors.js

@@ -0,0 +1,28 @@
+import _ from 'lodash';
+
+const formatError = (customError) => {
+  const errors = {};
+
+  Object.keys(customError).forEach((key) => {
+    errors[key] = _.isArray(customError[key])
+      ? customError[key]
+      : [customError[key]];
+  });
+
+  return errors;
+};
+
+const attachCustomErrors = async (ctx, next) => {
+  ctx.throwError = (message) => ctx.throw(500, { message });
+  ctx.assertError = (condition, message) =>
+    ctx.assert(condition, 500, { message });
+
+  ctx.throwClientError = (errors) =>
+    ctx.throw(400, { errors: formatError(errors) });
+  ctx.assertClientError = (condition, errors) =>
+    ctx.assert(condition, 400, { errors: formatError(errors) });
+
+  await next();
+};
+
+export default attachCustomErrors;

package/.hive/src/routes/middlewares/routeErrorHandler.js

@@ -0,0 +1,27 @@
+import logger from 'logger';
+
+const routeErrorHandler = async (ctx, next) => {
+  try {
+    await next();
+  } catch (error) {
+    console.log("Route Error", error, error.stack);
+
+    const clientError = error.errors;
+    const serverError = { global: error.message };
+
+    const errors = clientError || serverError;
+
+    logger.error(errors);
+
+    if (serverError && (error.status === 500 || !error.status) && process.env.APP_ENV === "production") {
+      serverError.global = "Something went wrong";
+    }
+
+    ctx.state.error = error;
+
+    ctx.status = error.status || 500;
+    ctx.body = { errors };
+  }
+};
+
+export default routeErrorHandler;

package/.hive/src/scheduler/handlers/sendDailyReport.example.js

@@ -0,0 +1,7 @@
+import moment from 'moment';
+
+export const cron = "* * * * *";
+
+export const handler = () => {
+  const yesterday = moment().add(-1, "day").toDate();
+};

package/.hive/src/scheduler.js

@@ -0,0 +1,32 @@
+import path from 'path';
+import fs from 'fs';
+import moment from 'moment';
+import schedule from 'node-schedule';
+import requireDir from 'require-dir';
+
+export default () => {
+  const paths = [path.resolve(__dirname, './scheduler/handlers')];
+  if (process.env.HIVE_SRC) {
+    paths.push(path.resolve(process.env.HIVE_SRC, './scheduler/handlers'))
+  }
+
+  paths.forEach((pathName) => {
+    if (fs.existsSync(pathName)) {
+      requireDir(pathName, {
+        mapValue: (handler, handlerName) => {
+          console.log(
+            `[scheduler] Registering handler ${handlerName} with cron ${handler.cron}`
+          );
+
+          schedule.scheduleJob(handler.cron, () => {
+            console.log(
+              `[scheduler] ${moment().format()} executing ${handlerName} with cron ${handler.cron
+              }`
+            );
+            handler.handler();
+          });
+        },
+      });
+    }
+  });
+}

package/.hive/src/security.util.js

@@ -0,0 +1,38 @@
+import crypto from 'crypto';
+import bcrypt from 'bcryptjs';
+import util from 'util';
+
+const randomBytes = util.promisify(crypto.randomBytes, crypto);
+const bcryptHash = util.promisify(bcrypt.hash, bcrypt);
+const compare = util.promisify(bcrypt.compare, bcrypt);
+
+/**
+ * @desc Generates random string, useful for creating secure tokens
+ *
+ * @return {string} - random string
+ */
+export const generateSecureToken = async (tokenLength = 48) => {
+  const buf = await randomBytes(tokenLength);
+  return buf.toString("hex");
+};
+
+/**
+ * @desc Generate hash from any string. Could be used to generate a hash from password
+ *
+ * @param text {string} - a text to produce hash from
+ * @return {Promise} - a hash from input text
+ */
+export const getHash = (text) => {
+  return bcryptHash(text, 10);
+};
+
+/**
+ * @desc Compares if text and hash are equal
+ *
+ * @param text {string} - a text to compare with hash
+ * @param hash {string} - a hash to compare with text
+ * @return {Promise} - are hash and text equal
+ */
+export const compareTextWithHash = (text, hash) => {
+  return compare(text, hash);
+};

package/.hive/src/services/emailService.js

@@ -0,0 +1,15 @@
+import config from 'app-config';
+import nodemailer from 'nodemailer';
+
+config.assert('smtp');
+
+export default {
+  sendEmail: async ({ to, subject, html }) => {
+    const transporter = nodemailer.createTransport(config.smtp)
+
+    return await transporter.sendMail({
+      from: config.smtp.fromEmail,
+      to, subject, html
+    })
+  }
+};

package/.hive/src/services/setCookie.js

@@ -0,0 +1,21 @@
+import psl from 'psl';
+import url from 'url';
+import { env } from 'app-config';
+import { webUri } from 'app-config';
+
+let cookiesDomain;
+
+if (webUri) {
+  const parsedUrl = url.parse(webUri);
+  const parsed = psl.parse(parsedUrl.hostname);
+  cookiesDomain = parsed.domain;
+}
+
+export default (ctx, { name, value }, options = {}) => {
+  ctx.cookies.set(name, value, {
+    domain: '',
+    expires: new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000),
+    httpOnly: false,
+    ...options,
+  });
+};

package/.hive/src/socketIo.js

@@ -0,0 +1,99 @@
+import db from 'db';
+import { Server } from 'socket.io';
+import { createClient } from 'redis';
+import { createAdapter } from '@socket.io/redis-adapter';
+import config from 'app-config';
+import logger from 'logger';
+
+export default (server) => {
+  const io = new Server(server);
+
+  const pubClient = createClient({ url: config.redis.url });
+  const subClient = pubClient.duplicate();
+
+  io.adapter(createAdapter(pubClient, subClient));
+
+  const getCookie = (cookieString, name) => {
+    const value = `; ${cookieString}`;
+    const parts = value.split(`; ${name}=`);
+
+    if (parts.length === 2) {
+      return parts.pop().split(";").shift();
+    }
+
+    return null;
+  };
+
+  // #TODO get user using accessToken
+  const getUserData = async (socket) => {
+    const accessToken = getCookie(
+      socket.handshake.headers.cookie,
+      "access_token"
+    ) || '';
+
+    console.log('socket: cookie access token', accessToken[0], accessToken[1], accessToken[2]);
+
+    let tokenDoc = null;
+
+    if (!accessToken) {
+      logger.info(
+        "Note: socket io anonymous auth. Add user authentication in socketIoService"
+      );
+    } else {
+      tokenDoc = await db.services.tokens.findOne({ token: accessToken });
+    }
+
+    return {
+      _id: tokenDoc?.user?._id || "anonymous",
+    };
+  };
+
+  io.use(async (socket, next) => {
+    const userData = await getUserData(socket);
+
+    if (userData) {
+      // eslint-disable-next-line no-param-reassign
+      socket.handshake.data = {
+        userId: userData.userId,
+      };
+
+      return next();
+    }
+
+    return next(new Error("token is invalid"));
+  });
+
+  function checkAccessToRoom(roomId, data) {
+    let result = false;
+    const [roomType, id] = roomId.split("-");
+
+    switch (roomType) {
+      case "user":
+        result = id === data.userId;
+        break;
+      default:
+        result = true;
+    }
+
+    return result;
+  }
+
+  io.on("connection", (client) => {
+    client.on("subscribe", (roomId) => {
+      const { userId } = client.handshake.data;
+      // const hasAccessToRoom = checkAccessToRoom(roomId, { userId });
+      
+      const hasAccessToRoom = true;
+
+      if (hasAccessToRoom) {
+        client.join(roomId);
+      }
+    });
+
+    client.on("unsubscribe", (roomId) => {
+      client.leave(roomId);
+    });
+  });
+
+  console.log(`Socket.io server is started on app instance`);
+};

package/.hive/tsconfig.json

@@ -0,0 +1,31 @@
+{
+	"compilerOptions": {
+
+		// Treat files as modules even if it doesn't use import/export
+		"moduleDetection": "force",
+
+		// Ignore module structure
+		"module": "Preserve",
+
+		// Allow JSON modules to be imported
+		"resolveJsonModule": true,
+
+		// Allow JS files to be imported from TS and vice versa
+		"allowJs": true,
+
+		// Use correct ESM import behavior
+		"esModuleInterop": true,
+
+		// Disallow features that require cross-file awareness
+		"isolatedModules": true,
+
+    "baseUrl": "src",
+    "paths": {
+      "*": ["*"]
+    },
+	},
+ "include": [
+		"src/**/*",
+		".hive/**/*"
+	]
+}

package/AGENTS.md

@@ -0,0 +1,96 @@
+# AGENTS.md
+
+## Agent Persona
+
+You are a **Hive framework developer** — building tools for engineers who are pissed off about the complexity of modern technology. Hive lets them build, iterate, and grow products faster.
+
+**Your mindset:**
+- Prioritize product outcomes over technical purity
+- Minimize boilerplate and cognitive overhead
+- Challenge complexity — if it doesn't serve the user, remove it
+- Less code = better outcome
+
+---
+
+## What is Hive
+
+Hive is a Koa-based Node.js framework with MongoDB, Zod validation, and auto-sync for embedded documents. It provides:
+
+- **Resource pattern** — convention-based feature modules with schemas, endpoints, handlers
+- **Auto-sync** — embedded document references stay in sync automatically
+- **CLI** — `hive run`, `hive prepare`, `hive deploy`, `hive install`
+
+---
+
+## Repository Structure
+
+```
+/
+├── cli/                # Hive CLI (commander.js)
+│   ├── hive.js         # CLI entry point
+│   └── helpers/        # CLI utilities
+├── starter/            # Framework core (copied to .hive/ on run)
+│   ├── src/            # Framework source
+│   │   ├── app.js              # Server bootstrap
+│   │   ├── db.js               # Database layer
+│   │   ├── routes/             # Route registration
+│   │   ├── middlewares/        # Built-in middlewares
+│   │   ├── helpers/            # Internal helpers
+│   │   ├── resources/          # Built-in resources (users, tokens, health)
+│   │   ├── autoMap/            # Auto-sync system
+│   │   └── scheduler/          # Cron job system
+│   └── .cursor/skills/         # Cursor skills for projects using Hive
+└── package.json
+```
+
+---
+
+## How It Works
+
+1. User runs `npx hive run ./src` from their project
+2. CLI copies `starter/` to `.hive/` in user's project
+3. Framework loads user's code from `HIVE_SRC` env var
+4. Schemas, endpoints, handlers merge at runtime
+
+**Key mechanism:** User code in `/src/` extends framework code in `/.hive/`. The framework reads from `process.env.HIVE_SRC` to find user schemas, endpoints, handlers, and config.
+
+---
+
+## Development
+
+```bash
+# Test CLI locally (from repo root)
+node cli/hive.js run ./path/to/test-project/src
+
+# The starter/ folder IS the framework
+# Changes here affect all projects using Hive
+```
+
+---
+
+## Boundaries
+
+| Location | What it is | Editable |
+|----------|-----------|----------|
+| `cli/` | CLI tools | ✅ Yes |
+| `starter/` | Framework core | ✅ Yes |
+| `starter/.cursor/skills/` | Cursor skills for end-users | ✅ Yes |
+| User's `/src/` | User code (not in this repo) | N/A |
+| User's `/.hive/` | Auto-generated, never edit | N/A |
+
+---
+
+## When Editing Skills
+
+Skills in `starter/.cursor/skills/` are documentation for projects **using** Hive. Each skill:
+- Has a `SKILL.md` with frontmatter (name, description, globs)
+- Teaches Cursor how to write code for Hive projects
+- Should be concise and pattern-focused
+
+---
+
+## Philosophy
+
+> Technology should solve people's issues, not create new weird ones.
+
+When in doubt: simpler is better. Challenge unnecessary complexity.