npm - @rebasepro/server-core - Versions diffs - 0.0.1-canary.09e5ec5 - Mend

@rebasepro/server-core 0.0.1-canary.09e5ec5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (300) hide show

package/LICENSE +6 -0
package/README.md +40 -0
package/build-errors.txt +52 -0
package/coverage/clover.xml +3739 -0
package/coverage/coverage-final.json +31 -0
package/coverage/lcov-report/base.css +224 -0
package/coverage/lcov-report/block-navigation.js +87 -0
package/coverage/lcov-report/favicon.png +0 -0
package/coverage/lcov-report/index.html +266 -0
package/coverage/lcov-report/prettify.css +1 -0
package/coverage/lcov-report/prettify.js +2 -0
package/coverage/lcov-report/sort-arrow-sprite.png +0 -0
package/coverage/lcov-report/sorter.js +210 -0
package/coverage/lcov-report/src/api/ast-schema-editor.ts.html +952 -0
package/coverage/lcov-report/src/api/errors.ts.html +472 -0
package/coverage/lcov-report/src/api/graphql/graphql-schema-generator.ts.html +1069 -0
package/coverage/lcov-report/src/api/graphql/index.html +116 -0
package/coverage/lcov-report/src/api/index.html +176 -0
package/coverage/lcov-report/src/api/openapi-generator.ts.html +565 -0
package/coverage/lcov-report/src/api/rest/api-generator.ts.html +994 -0
package/coverage/lcov-report/src/api/rest/index.html +131 -0
package/coverage/lcov-report/src/api/rest/query-parser.ts.html +550 -0
package/coverage/lcov-report/src/api/schema-editor-routes.ts.html +202 -0
package/coverage/lcov-report/src/api/server.ts.html +823 -0
package/coverage/lcov-report/src/auth/admin-routes.ts.html +973 -0
package/coverage/lcov-report/src/auth/index.html +176 -0
package/coverage/lcov-report/src/auth/jwt.ts.html +574 -0
package/coverage/lcov-report/src/auth/middleware.ts.html +745 -0
package/coverage/lcov-report/src/auth/password.ts.html +310 -0
package/coverage/lcov-report/src/auth/services.ts.html +2074 -0
package/coverage/lcov-report/src/collections/index.html +116 -0
package/coverage/lcov-report/src/collections/loader.ts.html +232 -0
package/coverage/lcov-report/src/db/auth-schema.ts.html +523 -0
package/coverage/lcov-report/src/db/data-transformer.ts.html +1753 -0
package/coverage/lcov-report/src/db/entityService.ts.html +700 -0
package/coverage/lcov-report/src/db/index.html +146 -0
package/coverage/lcov-report/src/db/services/EntityFetchService.ts.html +4048 -0
package/coverage/lcov-report/src/db/services/EntityPersistService.ts.html +883 -0
package/coverage/lcov-report/src/db/services/RelationService.ts.html +3121 -0
package/coverage/lcov-report/src/db/services/entity-helpers.ts.html +442 -0
package/coverage/lcov-report/src/db/services/index.html +176 -0
package/coverage/lcov-report/src/db/services/index.ts.html +124 -0
package/coverage/lcov-report/src/generate-drizzle-schema-logic.ts.html +1960 -0
package/coverage/lcov-report/src/index.html +116 -0
package/coverage/lcov-report/src/services/driver-registry.ts.html +631 -0
package/coverage/lcov-report/src/services/index.html +131 -0
package/coverage/lcov-report/src/services/postgresDataDriver.ts.html +3025 -0
package/coverage/lcov-report/src/storage/LocalStorageController.ts.html +1189 -0
package/coverage/lcov-report/src/storage/S3StorageController.ts.html +970 -0
package/coverage/lcov-report/src/storage/index.html +161 -0
package/coverage/lcov-report/src/storage/storage-registry.ts.html +646 -0
package/coverage/lcov-report/src/storage/types.ts.html +451 -0
package/coverage/lcov-report/src/utils/drizzle-conditions.ts.html +3082 -0
package/coverage/lcov-report/src/utils/index.html +116 -0
package/coverage/lcov.info +7179 -0
package/dist/common/src/collections/CollectionRegistry.d.ts +56 -0
package/dist/common/src/collections/index.d.ts +1 -0
package/dist/common/src/data/buildRebaseData.d.ts +14 -0
package/dist/common/src/index.d.ts +3 -0
package/dist/common/src/util/builders.d.ts +57 -0
package/dist/common/src/util/callbacks.d.ts +6 -0
package/dist/common/src/util/collections.d.ts +11 -0
package/dist/common/src/util/common.d.ts +2 -0
package/dist/common/src/util/conditions.d.ts +26 -0
package/dist/common/src/util/entities.d.ts +58 -0
package/dist/common/src/util/enums.d.ts +3 -0
package/dist/common/src/util/index.d.ts +16 -0
package/dist/common/src/util/navigation_from_path.d.ts +34 -0
package/dist/common/src/util/navigation_utils.d.ts +20 -0
package/dist/common/src/util/parent_references_from_path.d.ts +6 -0
package/dist/common/src/util/paths.d.ts +14 -0
package/dist/common/src/util/permissions.d.ts +5 -0
package/dist/common/src/util/references.d.ts +2 -0
package/dist/common/src/util/relations.d.ts +22 -0
package/dist/common/src/util/resolutions.d.ts +72 -0
package/dist/common/src/util/storage.d.ts +24 -0
package/dist/index-DXVBFp5V.js +37 -0
package/dist/index-DXVBFp5V.js.map +1 -0
package/dist/index.es.js +49934 -0
package/dist/index.es.js.map +1 -0
package/dist/index.umd.js +49968 -0
package/dist/index.umd.js.map +1 -0
package/dist/server-core/src/api/ast-schema-editor.d.ts +21 -0
package/dist/server-core/src/api/collections_for_test/callbacks_test_collection.d.ts +2 -0
package/dist/server-core/src/api/errors.d.ts +35 -0
package/dist/server-core/src/api/graphql/graphql-schema-generator.d.ts +35 -0
package/dist/server-core/src/api/graphql/index.d.ts +1 -0
package/dist/server-core/src/api/index.d.ts +9 -0
package/dist/server-core/src/api/openapi-generator.d.ts +16 -0
package/dist/server-core/src/api/rest/api-generator.d.ts +64 -0
package/dist/server-core/src/api/rest/index.d.ts +1 -0
package/dist/server-core/src/api/rest/query-parser.d.ts +9 -0
package/dist/server-core/src/api/schema-editor-routes.d.ts +3 -0
package/dist/server-core/src/api/server.d.ts +40 -0
package/dist/server-core/src/api/types.d.ts +90 -0
package/dist/server-core/src/auth/admin-routes.d.ts +16 -0
package/dist/server-core/src/auth/apple-oauth.d.ts +30 -0
package/dist/server-core/src/auth/bitbucket-oauth.d.ts +11 -0
package/dist/server-core/src/auth/discord-oauth.d.ts +14 -0
package/dist/server-core/src/auth/facebook-oauth.d.ts +14 -0
package/dist/server-core/src/auth/github-oauth.d.ts +15 -0
package/dist/server-core/src/auth/gitlab-oauth.d.ts +13 -0
package/dist/server-core/src/auth/google-oauth.d.ts +14 -0
package/dist/server-core/src/auth/index.d.ts +23 -0
package/dist/server-core/src/auth/interfaces.d.ts +309 -0
package/dist/server-core/src/auth/jwt.d.ts +43 -0
package/dist/server-core/src/auth/linkedin-oauth.d.ts +18 -0
package/dist/server-core/src/auth/microsoft-oauth.d.ts +16 -0
package/dist/server-core/src/auth/middleware.d.ts +81 -0
package/dist/server-core/src/auth/password.d.ts +22 -0
package/dist/server-core/src/auth/rate-limiter.d.ts +31 -0
package/dist/server-core/src/auth/routes.d.ts +27 -0
package/dist/server-core/src/auth/slack-oauth.d.ts +12 -0
package/dist/server-core/src/auth/spotify-oauth.d.ts +12 -0
package/dist/server-core/src/auth/twitter-oauth.d.ts +18 -0
package/dist/server-core/src/bootstrappers/index.d.ts +0 -0
package/dist/server-core/src/collections/BackendCollectionRegistry.d.ts +13 -0
package/dist/server-core/src/collections/loader.d.ts +5 -0
package/dist/server-core/src/cron/cron-loader.d.ts +17 -0
package/dist/server-core/src/cron/cron-routes.d.ts +14 -0
package/dist/server-core/src/cron/cron-scheduler.d.ts +61 -0
package/dist/server-core/src/cron/cron-store.d.ts +32 -0
package/dist/server-core/src/cron/index.d.ts +6 -0
package/dist/server-core/src/db/interfaces.d.ts +18 -0
package/dist/server-core/src/email/index.d.ts +6 -0
package/dist/server-core/src/email/smtp-email-service.d.ts +25 -0
package/dist/server-core/src/email/templates.d.ts +42 -0
package/dist/server-core/src/email/types.d.ts +107 -0
package/dist/server-core/src/functions/function-loader.d.ts +17 -0
package/dist/server-core/src/functions/function-routes.d.ts +10 -0
package/dist/server-core/src/functions/index.d.ts +3 -0
package/dist/server-core/src/history/history-routes.d.ts +23 -0
package/dist/server-core/src/history/index.d.ts +1 -0
package/dist/server-core/src/index.d.ts +29 -0
package/dist/server-core/src/init.d.ts +159 -0
package/dist/server-core/src/serve-spa.d.ts +30 -0
package/dist/server-core/src/services/driver-registry.d.ts +78 -0
package/dist/server-core/src/singleton.d.ts +35 -0
package/dist/server-core/src/storage/LocalStorageController.d.ts +46 -0
package/dist/server-core/src/storage/S3StorageController.d.ts +36 -0
package/dist/server-core/src/storage/index.d.ts +25 -0
package/dist/server-core/src/storage/routes.d.ts +38 -0
package/dist/server-core/src/storage/storage-registry.d.ts +78 -0
package/dist/server-core/src/storage/types.d.ts +103 -0
package/dist/server-core/src/types/index.d.ts +11 -0
package/dist/server-core/src/utils/dev-port.d.ts +35 -0
package/dist/server-core/src/utils/logger.d.ts +31 -0
package/dist/server-core/src/utils/logging.d.ts +9 -0
package/dist/server-core/src/utils/request-logger.d.ts +19 -0
package/dist/server-core/src/utils/sql.d.ts +27 -0
package/dist/types/src/controllers/analytics_controller.d.ts +7 -0
package/dist/types/src/controllers/auth.d.ts +119 -0
package/dist/types/src/controllers/client.d.ts +170 -0
package/dist/types/src/controllers/collection_registry.d.ts +45 -0
package/dist/types/src/controllers/customization_controller.d.ts +60 -0
package/dist/types/src/controllers/data.d.ts +168 -0
package/dist/types/src/controllers/data_driver.d.ts +160 -0
package/dist/types/src/controllers/database_admin.d.ts +11 -0
package/dist/types/src/controllers/dialogs_controller.d.ts +36 -0
package/dist/types/src/controllers/effective_role.d.ts +4 -0
package/dist/types/src/controllers/email.d.ts +34 -0
package/dist/types/src/controllers/index.d.ts +18 -0
package/dist/types/src/controllers/local_config_persistence.d.ts +20 -0
package/dist/types/src/controllers/navigation.d.ts +213 -0
package/dist/types/src/controllers/registry.d.ts +54 -0
package/dist/types/src/controllers/side_dialogs_controller.d.ts +67 -0
package/dist/types/src/controllers/side_entity_controller.d.ts +90 -0
package/dist/types/src/controllers/snackbar.d.ts +24 -0
package/dist/types/src/controllers/storage.d.ts +171 -0
package/dist/types/src/index.d.ts +4 -0
package/dist/types/src/rebase_context.d.ts +105 -0
package/dist/types/src/types/backend.d.ts +536 -0
package/dist/types/src/types/builders.d.ts +15 -0
package/dist/types/src/types/chips.d.ts +5 -0
package/dist/types/src/types/collections.d.ts +856 -0
package/dist/types/src/types/cron.d.ts +102 -0
package/dist/types/src/types/data_source.d.ts +64 -0
package/dist/types/src/types/entities.d.ts +145 -0
package/dist/types/src/types/entity_actions.d.ts +98 -0
package/dist/types/src/types/entity_callbacks.d.ts +173 -0
package/dist/types/src/types/entity_link_builder.d.ts +7 -0
package/dist/types/src/types/entity_overrides.d.ts +10 -0
package/dist/types/src/types/entity_views.d.ts +61 -0
package/dist/types/src/types/export_import.d.ts +21 -0
package/dist/types/src/types/index.d.ts +23 -0
package/dist/types/src/types/locales.d.ts +4 -0
package/dist/types/src/types/modify_collections.d.ts +5 -0
package/dist/types/src/types/plugins.d.ts +279 -0
package/dist/types/src/types/properties.d.ts +1176 -0
package/dist/types/src/types/property_config.d.ts +70 -0
package/dist/types/src/types/relations.d.ts +336 -0
package/dist/types/src/types/slots.d.ts +252 -0
package/dist/types/src/types/translations.d.ts +870 -0
package/dist/types/src/types/user_management_delegate.d.ts +121 -0
package/dist/types/src/types/websockets.d.ts +78 -0
package/dist/types/src/users/index.d.ts +2 -0
package/dist/types/src/users/roles.d.ts +22 -0
package/dist/types/src/users/user.d.ts +46 -0
package/history_diff.log +385 -0
package/jest.config.cjs +16 -0
package/package.json +86 -0
package/scratch.ts +9 -0
package/src/api/ast-schema-editor.ts +289 -0
package/src/api/collections_for_test/callbacks_test_collection.ts +60 -0
package/src/api/errors.ts +179 -0
package/src/api/graphql/graphql-schema-generator.ts +336 -0
package/src/api/graphql/index.ts +2 -0
package/src/api/index.ts +11 -0
package/src/api/openapi-generator.ts +715 -0
package/src/api/rest/api-generator.ts +472 -0
package/src/api/rest/index.ts +2 -0
package/src/api/rest/query-parser.ts +155 -0
package/src/api/schema-editor-routes.ts +41 -0
package/src/api/server.ts +248 -0
package/src/api/types.ts +90 -0
package/src/auth/admin-routes.ts +529 -0
package/src/auth/apple-oauth.ts +130 -0
package/src/auth/bitbucket-oauth.ts +82 -0
package/src/auth/discord-oauth.ts +83 -0
package/src/auth/facebook-oauth.ts +72 -0
package/src/auth/github-oauth.ts +110 -0
package/src/auth/gitlab-oauth.ts +70 -0
package/src/auth/google-oauth.ts +48 -0
package/src/auth/index.ts +34 -0
package/src/auth/interfaces.ts +363 -0
package/src/auth/jwt.ts +181 -0
package/src/auth/linkedin-oauth.ts +81 -0
package/src/auth/microsoft-oauth.ts +88 -0
package/src/auth/middleware.ts +384 -0
package/src/auth/password.ts +77 -0
package/src/auth/rate-limiter.ts +129 -0
package/src/auth/routes.ts +788 -0
package/src/auth/slack-oauth.ts +71 -0
package/src/auth/spotify-oauth.ts +67 -0
package/src/auth/twitter-oauth.ts +120 -0
package/src/bootstrappers/index.ts +1 -0
package/src/collections/BackendCollectionRegistry.ts +20 -0
package/src/collections/loader.ts +49 -0
package/src/cron/cron-loader.ts +89 -0
package/src/cron/cron-routes.test.ts +265 -0
package/src/cron/cron-routes.ts +85 -0
package/src/cron/cron-scheduler.test.ts +421 -0
package/src/cron/cron-scheduler.ts +413 -0
package/src/cron/cron-store.ts +163 -0
package/src/cron/index.ts +6 -0
package/src/db/interfaces.ts +60 -0
package/src/email/index.ts +18 -0
package/src/email/smtp-email-service.ts +91 -0
package/src/email/templates.ts +388 -0
package/src/email/types.ts +105 -0
package/src/functions/function-loader.ts +119 -0
package/src/functions/function-routes.ts +31 -0
package/src/functions/index.ts +3 -0
package/src/history/history-routes.ts +129 -0
package/src/history/index.ts +2 -0
package/src/index.ts +66 -0
package/src/init.ts +727 -0
package/src/serve-spa.ts +81 -0
package/src/services/driver-registry.ts +182 -0
package/src/singleton.test.ts +28 -0
package/src/singleton.ts +70 -0
package/src/storage/LocalStorageController.ts +365 -0
package/src/storage/S3StorageController.ts +298 -0
package/src/storage/index.ts +43 -0
package/src/storage/routes.ts +264 -0
package/src/storage/storage-registry.ts +187 -0
package/src/storage/types.ts +134 -0
package/src/types/index.ts +27 -0
package/src/utils/dev-port.ts +176 -0
package/src/utils/logger.ts +143 -0
package/src/utils/logging.ts +38 -0
package/src/utils/request-logger.ts +66 -0
package/src/utils/sql.ts +38 -0
package/test/admin-routes.test.ts +640 -0
package/test/api-generator.test.ts +501 -0
package/test/ast-schema-editor.test.ts +63 -0
package/test/auth-middleware-hono.test.ts +556 -0
package/test/auth-routes.test.ts +1047 -0
package/test/driver-registry.test.ts +282 -0
package/test/error-propagation.test.ts +226 -0
package/test/errors-hono.test.ts +133 -0
package/test/errors.test.ts +155 -0
package/test/jwt-security.test.ts +182 -0
package/test/jwt.test.ts +324 -0
package/test/middleware.test.ts +300 -0
package/test/password.test.ts +165 -0
package/test/query-parser.test.ts +263 -0
package/test/rate-limiter.test.ts +102 -0
package/test/safe-compare.test.ts +66 -0
package/test/singleton.test.ts +59 -0
package/test/storage-local.test.ts +271 -0
package/test/storage-registry.test.ts +282 -0
package/test/storage-routes.test.ts +222 -0
package/test/storage-s3.test.ts +304 -0
package/test-ast.ts +28 -0
package/test.ts +6 -0
package/test_output.txt +1133 -0
package/tsconfig.json +49 -0
package/tsconfig.prod.json +20 -0
package/vite.config.ts +80 -0

package/src/storage/routes.ts ADDED Viewed

@@ -0,0 +1,264 @@
+/**
+ * Storage REST API routes using Hono
+ */
+import { Hono } from "hono";
+import * as fs from "fs";
+import { StorageController } from "./types";
+import { LocalStorageController } from "./LocalStorageController";
+import { requireAuth as jwtRequireAuth, optionalAuth } from "../auth/middleware";
+import { ApiError, errorHandler } from "../api/errors";
+import { HonoEnv } from "../api/types";
+export interface StorageRoutesConfig {
+    controller: StorageController;
+    /** Base path for storage routes (default: '/api/storage') */
+    basePath?: string;
+    /** Require authentication for write operations (default: true) */
+    requireAuth?: boolean;
+    /** Allow unauthenticated read access to stored files (default: false).
+     *  When false and requireAuth is true, reads also require authentication. */
+    publicRead?: boolean;
+}
+/**
+ * Extract the wildcard portion of a route path from the full request path.
+ *
+ * Hono's `c.req.param('*')` does not work reliably in sub-routers mounted
+ * via `app.route(prefix, subRouter)`. Instead we derive the wildcard value
+ * from the fully-resolved `c.req.path` and `c.req.routePath`.
+ *
+ * For a route `/metadata/*` mounted at `/api/storage`, a request to
+ * `/api/storage/metadata/default/file.jpg` yields routePath
+ * `/api/storage/metadata/*`.  We strip the prefix (everything before `/*`)
+ * plus one character for the trailing `/` to obtain `default/file.jpg`.
+ */
+export function extractWildcardPath(c: { req: { path: string; routePath: string } }): string {
+    const routePath = c.req.routePath; // e.g. "/api/storage/metadata/*"
+    const prefix = routePath.replace("/*", ""); // e.g. "/api/storage/metadata"
+    const fullPath = c.req.path; // e.g. "/api/storage/metadata/default/file.jpg"
+    const idx = fullPath.indexOf(prefix);
+    if (idx < 0) return "";
+    // +1 to skip the '/' after the prefix
+    return fullPath.substring(idx + prefix.length + 1);
+}
+/**
+ * Create storage REST API routes
+ */
+export function createStorageRoutes(config: StorageRoutesConfig): Hono<HonoEnv> {
+    const router = new Hono<HonoEnv>();
+    router.onError(errorHandler);
+    const { controller, requireAuth = true, publicRead = false } = config;
+    // Use actual JWT auth middleware from auth module
+    const writeAuthMiddleware = requireAuth ? jwtRequireAuth : optionalAuth;
+    // For read operations: respect publicRead config.
+    const readAuthMiddleware = (publicRead || !requireAuth) ? optionalAuth : jwtRequireAuth;
+    /**
+     * Parse bucket and path from a combined file path.
+     */
+    const parseBucketAndPath = (filePath: string): { bucket: string; resolvedPath: string } => {
+        const parts = filePath.split("/");
+        // Only recognize 'default' as an explicit bucket prefix
+        if (parts.length > 1 && parts[0].toLowerCase() === "default") {
+            return {
+                bucket: "default",
+                resolvedPath: parts.slice(1).join("/")
+            };
+        }
+        // All other paths use 'default' bucket with the full path
+        return {
+            bucket: "default",
+            resolvedPath: filePath
+        };
+    };
+    /**
+     * POST /upload - Upload a file
+     * Body: multipart/form-data with 'file' field
+     * Request body can also contain metadata keys 'metadata_*'
+     */
+    router.post("/upload", writeAuthMiddleware, async (c) => {
+        const body = await c.req.parseBody();
+        const uploadedFile = body["file"];
+        if (!uploadedFile || typeof uploadedFile === "string") {
+            throw ApiError.badRequest("No file provided");
+        }
+        const key = typeof body["key"] === "string" ? body["key"] : "";
+        const bucket = typeof body["bucket"] === "string" ? body["bucket"] : undefined;
+        // Backward compatibility support for older clients sending path and fileName
+        const legacyPath = typeof body["path"] === "string" ? body["path"] : "";
+        const legacyFileName = typeof body["fileName"] === "string" ? body["fileName"] : undefined;
+        let finalKey = key;
+        if (!finalKey) {
+            if (legacyPath || legacyFileName) {
+                const parts = [];
+                if (legacyPath) parts.push(legacyPath);
+                if (legacyFileName) {
+                    parts.push(legacyFileName);
+                } else {
+                    parts.push(uploadedFile.name || "unnamed");
+                }
+                finalKey = parts.join("/");
+            } else {
+                finalKey = uploadedFile.name || "unnamed";
+            }
+        }
+        // Extract custom metadata from request body
+        const metadata: Record<string, unknown> = {};
+        for (const [k, value] of Object.entries(body)) {
+            if (k.startsWith("metadata_")) {
+                metadata[k.replace("metadata_", "")] = value;
+            }
+        }
+        const result = await controller.putObject({
+            file: uploadedFile,
+            key: finalKey,
+            metadata: Object.keys(metadata).length > 0 ? metadata : undefined,
+            bucket
+        });
+        return c.json({
+            success: true,
+            data: result
+        }, 201);
+    });
+    /**
+     * GET /file/* - Download/serve a file
+     * Path: /file/{bucket}/{path} or /file/{path}
+     */
+    router.get("/file/*", readAuthMiddleware, async (c) => {
+        const rawPath = extractWildcardPath(c);
+        if (!rawPath) {
+            throw ApiError.notFound("File not found");
+        }
+        const filePath = decodeURIComponent(rawPath);
+        // For local storage, serve the file directly from disk
+        if (controller.getType() === "local") {
+            const localController = controller as LocalStorageController;
+            const { bucket, resolvedPath } = parseBucketAndPath(filePath);
+            const absolutePath = localController.getAbsolutePath(resolvedPath, bucket);
+            // Check if file exists
+            if (!fs.existsSync(absolutePath)) {
+                throw ApiError.notFound("File not found");
+            }
+            // Get content type from metadata or infer from extension
+            let contentType = "application/octet-stream";
+            const metadataPath = `${absolutePath}.metadata.json`;
+            if (fs.existsSync(metadataPath)) {
+                try {
+                    const metadata = JSON.parse(fs.readFileSync(metadataPath, "utf-8"));
+                    contentType = metadata.contentType || contentType;
+                } catch {
+                    // Ignore metadata errors
+                }
+            }
+            c.header("Content-Type", contentType);
+            // In a better scenario, we should pipe the stream instead of reading whole file
+            const fileContent = fs.readFileSync(absolutePath);
+            return c.body(new Uint8Array(fileContent));
+        }
+        // For remote storage (S3, GCS, etc.), redirect to a signed URL
+        const downloadConfig = await controller.getSignedUrl(filePath);
+        if (downloadConfig.fileNotFound || !downloadConfig.url) {
+            throw ApiError.notFound("File not found");
+        }
+        return c.redirect(downloadConfig.url);
+    });
+    /**
+     * GET /metadata/* - Get file metadata
+     */
+    router.get("/metadata/*", readAuthMiddleware, async (c) => {
+        const rawPath = extractWildcardPath(c);
+        if (!rawPath) {
+            return c.json({
+                success: true,
+                data: null,
+                fileNotFound: true
+            }, 404);
+        }
+        const filePath = decodeURIComponent(rawPath);
+        const { bucket, resolvedPath } = parseBucketAndPath(filePath);
+        const downloadConfig = await controller.getSignedUrl(resolvedPath, bucket);
+        if (downloadConfig.fileNotFound) {
+            throw ApiError.notFound("File not found");
+        }
+        return c.json({
+            success: true,
+            data: downloadConfig.metadata
+        });
+    });
+    /**
+     * DELETE /file/* - Delete a file
+     */
+    router.delete("/file/*", writeAuthMiddleware, async (c) => {
+        const rawPath = extractWildcardPath(c);
+        if (!rawPath) {
+            return c.json({ success: true,
+message: "No file to delete" });
+        }
+        const filePath = decodeURIComponent(rawPath);
+        const { bucket, resolvedPath } = parseBucketAndPath(filePath);
+        await controller.deleteObject(resolvedPath, bucket);
+        return c.json({
+            success: true,
+            message: "File deleted"
+        });
+    });
+    /**
+     * GET /list - List files in a path
+     */
+    router.get("/list", writeAuthMiddleware, async (c) => {
+        // Fallback to path for backward compatibility
+        const storagePrefix = c.req.query("prefix") || c.req.query("path") || "";
+        const bucket = c.req.query("bucket");
+        const maxResults = c.req.query("maxResults");
+        const pageToken = c.req.query("pageToken");
+        const result = await controller.listObjects(
+            storagePrefix,
+            {
+                bucket,
+                maxResults: maxResults ? parseInt(maxResults, 10) : undefined,
+                pageToken
+            }
+        );
+        return c.json({
+            success: true,
+            data: result
+        });
+    });
+    return router;
+}

package/src/storage/storage-registry.ts ADDED Viewed

@@ -0,0 +1,187 @@
+/**
+ * Storage Registry
+ *
+ * Manages multiple storage controllers for Rebase backend.
+ * Allows different storage backends for different use cases.
+ *
+ * Usage:
+ * - Single storage: Pass a single StorageController → maps to "(default)"
+ * - Multiple storages: Pass a map of { storageId: StorageController }
+ * - String properties use `storageId` in their config to specify which storage to use
+ * - Properties without `storageId` fallback to "(default)"
+ */
+import { StorageController } from "./types";
+/**
+ * The default storage identifier used when:
+ * - A single storage controller is provided (not a map)
+ * - A property doesn't specify a storageId
+ */
+export const DEFAULT_STORAGE_ID = "(default)";
+/**
+ * Registry for managing multiple storage controllers
+ */
+export interface StorageRegistry {
+    /**
+     * Register a storage controller with an ID
+     * @param id - Unique identifier for this storage (e.g., "media", "backups")
+     * @param controller - The StorageController instance
+     */
+    register(id: string, controller: StorageController): void;
+    /**
+     * Get the default storage controller (id = "(default)")
+     * @throws Error if no default storage is registered
+     */
+    getDefault(): StorageController;
+    /**
+     * Get a storage controller by ID
+     * @param id - Storage identifier, or undefined/null for default
+     * @returns The StorageController, or undefined if not found
+     */
+    get(id: string | undefined | null): StorageController | undefined;
+    /**
+     * Get a storage controller by ID, with fallback to default
+     * @param id - Storage identifier, or undefined/null for default
+     * @returns The StorageController (falls back to default if id not found)
+     * @throws Error if neither the specified nor default storage exists
+     */
+    getOrDefault(id: string | undefined | null): StorageController;
+    /**
+     * Check if a storage with the given ID exists
+     */
+    has(id: string): boolean;
+    /**
+     * List all registered storage IDs
+     */
+    list(): string[];
+    /**
+     * Get the number of registered storage controllers
+     */
+    size(): number;
+}
+/**
+ * Default implementation of StorageRegistry
+ */
+export class DefaultStorageRegistry implements StorageRegistry {
+    private controllers = new Map<string, StorageController>();
+    /**
+     * Create a StorageRegistry from either a single controller or a map
+     * @param input - Single StorageController (maps to "(default)") or Record<string, StorageController>
+     */
+    static create(
+        input: StorageController | Record<string, StorageController>
+    ): DefaultStorageRegistry {
+        const registry = new DefaultStorageRegistry();
+        if (isStorageController(input)) {
+            // Single controller → register as "(default)"
+            registry.register(DEFAULT_STORAGE_ID, input);
+        } else {
+            // Map of controllers → register each
+            for (const [id, controller] of Object.entries(input)) {
+                if (isStorageController(controller)) {
+                    registry.register(id, controller);
+                }
+            }
+            // Ensure there's a default if not explicitly provided
+            if (!registry.has(DEFAULT_STORAGE_ID) && registry.size() > 0) {
+                // If no explicit "(default)", use the first one as default
+                const firstId = Object.keys(input).find(k => isStorageController(input[k]));
+                if (firstId) {
+                    console.warn(
+                        `[StorageRegistry] No "${DEFAULT_STORAGE_ID}" storage provided. ` +
+                        `Using "${firstId}" as the default.`
+                    );
+                    registry.register(DEFAULT_STORAGE_ID, input[firstId]);
+                }
+            }
+        }
+        return registry;
+    }
+    register(id: string, controller: StorageController): void {
+        if (this.controllers.has(id)) {
+            console.warn(`[StorageRegistry] Overwriting storage with id "${id}"`);
+        }
+        this.controllers.set(id, controller);
+    }
+    getDefault(): StorageController {
+        const controller = this.controllers.get(DEFAULT_STORAGE_ID);
+        if (!controller) {
+            throw new Error(
+                "[StorageRegistry] No default storage registered. " +
+                `Register one with id "${DEFAULT_STORAGE_ID}" or pass a single StorageController.`
+            );
+        }
+        return controller;
+    }
+    get(id: string | undefined | null): StorageController | undefined {
+        if (id === undefined || id === null) {
+            return this.controllers.get(DEFAULT_STORAGE_ID);
+        }
+        return this.controllers.get(id);
+    }
+    getOrDefault(id: string | undefined | null): StorageController {
+        // If no ID specified, return default
+        if (id === undefined || id === null) {
+            return this.getDefault();
+        }
+        // Try to get by ID
+        const controller = this.controllers.get(id);
+        if (controller) {
+            return controller;
+        }
+        // Fallback to default with warning
+        console.warn(
+            `[StorageRegistry] Storage "${id}" not found, falling back to "${DEFAULT_STORAGE_ID}"`
+        );
+        return this.getDefault();
+    }
+    has(id: string): boolean {
+        return this.controllers.has(id);
+    }
+    list(): string[] {
+        return Array.from(this.controllers.keys());
+    }
+    size(): number {
+        return this.controllers.size;
+    }
+}
+/**
+ * Type guard to check if an object is a StorageController
+ * vs a Record<string, StorageController> (multiple storages)
+ */
+function isStorageController(obj: unknown): obj is StorageController {
+    if (typeof obj !== "object" || obj === null) {
+        return false;
+    }
+    const controller = obj as StorageController;
+    // Check for required StorageController properties
+    return (
+        typeof controller.putObject === "function" &&
+        typeof controller.getSignedUrl === "function" &&
+        typeof controller.deleteObject === "function" &&
+        typeof controller.listObjects === "function" &&
+        typeof controller.getType === "function"
+    );
+}

package/src/storage/types.ts ADDED Viewed

@@ -0,0 +1,134 @@
+/**
+ * Storage configuration and types for Rebase backend
+ */
+import { StorageSource, UploadFileProps, UploadFileResult, DownloadConfig, StorageListResult, StorageReference } from "@rebasepro/types";
+/**
+ * Local filesystem storage configuration
+ */
+export interface LocalStorageConfig {
+    type: "local";
+    /** Base directory for file storage (e.g., './uploads') */
+    basePath: string;
+    /** Maximum file size in bytes (default: 50MB) */
+    maxFileSize?: number;
+    /** Allowed MIME types (if not set, all types allowed) */
+    allowedMimeTypes?: string[];
+    /** Base URL for generating download URLs (default: auto-detected from request) */
+    baseUrl?: string;
+}
+/**
+ * S3-compatible storage configuration (works with AWS S3 and MinIO)
+ */
+export interface S3StorageConfig {
+    type: "s3";
+    /** S3 bucket name */
+    bucket: string;
+    /** AWS region (e.g., 'us-east-1') */
+    region?: string;
+    /** Custom endpoint URL (required for MinIO, Cloudflare R2, Hetzner Object Storage) */
+    endpoint?: string;
+    /** AWS access key ID */
+    accessKeyId: string;
+    /** AWS secret access key */
+    secretAccessKey: string;
+    /** Use path-style URLs (required for MinIO) */
+    forcePathStyle?: boolean;
+    /** Maximum file size in bytes (default: 50MB) */
+    maxFileSize?: number;
+    /** Allowed MIME types (if not set, all types allowed) */
+    allowedMimeTypes?: string[];
+    /** URL expiration time in seconds for signed URLs (default: 3600) */
+    signedUrlExpiration?: number;
+}
+/**
+ * Storage configuration — local filesystem or S3-compatible.
+ *
+ * **Built-in providers:**
+ * - `local` — Zero-config filesystem storage. Great for dev and single-server deployments (Hetzner, bare metal).
+ * - `s3` — Any S3-compatible provider. AWS S3, Cloudflare R2, MinIO, Hetzner Object Storage,
+ *           Backblaze B2, DigitalOcean Spaces, and even GCS (via its S3-compatible interoperability API).
+ *
+ * **Custom providers:**
+ * For cloud-native storage (GCS, Azure Blob, etc.), implement the `StorageController`
+ * interface and pass the instance directly to the `storage` config.
+ */
+export type BackendStorageConfig = LocalStorageConfig | S3StorageConfig;
+/**
+ * Storage controller interface for backend implementations
+ */
+export interface StorageController {
+    /**
+     * Upload an object
+     */
+    putObject(props: UploadFileProps): Promise<UploadFileResult>;
+    /**
+     * Get a download URL (signed URL equivalent) for an object
+     */
+    getSignedUrl(key: string, bucket?: string): Promise<DownloadConfig>;
+    /**
+     * Get object as a File
+     */
+    getObject(key: string, bucket?: string): Promise<File | null>;
+    /**
+     * Delete an object
+     */
+    deleteObject(key: string, bucket?: string): Promise<void>;
+    /**
+     * List objects in a prefix
+     */
+    listObjects(prefix: string, options?: {
+        bucket?: string;
+        maxResults?: number;
+        pageToken?: string;
+    }): Promise<StorageListResult>;
+    /**
+     * Get the storage provider identifier.
+     *
+     * Built-in values are `'local'` and `'s3'`. Custom implementations
+     * should return their own identifier (e.g. `'gcs'`, `'azure'`).
+     */
+    getType(): string;
+}
+/**
+ * Default maximum file size (50MB)
+ */
+export const DEFAULT_MAX_FILE_SIZE = 50 * 1024 * 1024;
+/**
+ * Common image MIME types
+ */
+export const IMAGE_MIME_TYPES = [
+    "image/jpeg",
+    "image/png",
+    "image/gif",
+    "image/webp",
+    "image/svg+xml",
+    "image/bmp",
+    "image/tiff"
+];
+/**
+ * Common document MIME types
+ */
+export const DOCUMENT_MIME_TYPES = [
+    "application/pdf",
+    "application/msword",
+    "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+    "application/vnd.ms-excel",
+    "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+    "application/vnd.ms-powerpoint",
+    "application/vnd.openxmlformats-officedocument.presentationml.presentation",
+    "text/plain",
+    "text/csv"
+];

package/src/types/index.ts ADDED Viewed

@@ -0,0 +1,27 @@
+import {
+  Entity,
+  EntityCollection,
+  EntityStatus,
+  FilterValues,
+  FetchCollectionProps,
+  FetchEntityProps,
+  SaveEntityProps,
+  DeleteEntityProps,
+  WebSocketMessage,
+  CollectionUpdateMessage,
+  EntityUpdateMessage
+} from "@rebasepro/types";
+// Subscription types
+export interface ListenCollectionRequest<M extends Record<string, unknown> = Record<string, unknown>> extends FetchCollectionProps<M> {
+  subscriptionId: string;
+  onUpdate: (entities: Entity<M>[]) => void;
+  onError?: (error: Error) => void;
+}
+export interface ListenEntityRequest<M extends Record<string, unknown> = Record<string, unknown>> extends FetchEntityProps<M> {
+  subscriptionId: string;
+  onUpdate: (entity: Entity<M> | null) => void;
+  onError?: (error: Error) => void;
+}