npm - @rebasepro/server-core - Versions diffs - 0.1.2 → 0.2.3 - Mend

@rebasepro/server-core 0.1.2 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (75) hide show

package/LICENSE +22 -6
package/dist/common/src/data/query_builder.d.ts +51 -0
package/dist/common/src/index.d.ts +1 -0
package/dist/common/src/util/entities.d.ts +2 -2
package/dist/common/src/util/relations.d.ts +1 -1
package/dist/{index-DXVBFp5V.js → index-BZoAtuqi.js} +6 -2
package/dist/index-BZoAtuqi.js.map +1 -0
package/dist/index.es.js +16038 -15240
package/dist/index.es.js.map +1 -1
package/dist/index.umd.js +15980 -15178
package/dist/index.umd.js.map +1 -1
package/dist/server-core/src/auth/adapter-middleware.d.ts +33 -0
package/dist/server-core/src/auth/admin-routes.d.ts +6 -0
package/dist/server-core/src/auth/auth-overrides.d.ts +139 -0
package/dist/server-core/src/auth/builtin-auth-adapter.d.ts +49 -0
package/dist/server-core/src/auth/crypto-utils.d.ts +16 -0
package/dist/server-core/src/auth/custom-auth-adapter.d.ts +39 -0
package/dist/server-core/src/auth/index.d.ts +7 -0
package/dist/server-core/src/auth/interfaces.d.ts +2 -0
package/dist/server-core/src/auth/middleware.d.ts +18 -0
package/dist/server-core/src/auth/rls-scope.d.ts +31 -0
package/dist/server-core/src/auth/routes.d.ts +7 -1
package/dist/server-core/src/env.d.ts +131 -0
package/dist/server-core/src/index.d.ts +2 -0
package/dist/server-core/src/init.d.ts +62 -3
package/dist/types/src/controllers/auth.d.ts +9 -8
package/dist/types/src/controllers/client.d.ts +3 -0
package/dist/types/src/controllers/data.d.ts +21 -0
package/dist/types/src/types/auth_adapter.d.ts +356 -0
package/dist/types/src/types/collections.d.ts +67 -2
package/dist/types/src/types/database_adapter.d.ts +94 -0
package/dist/types/src/types/entity_actions.d.ts +7 -1
package/dist/types/src/types/entity_callbacks.d.ts +1 -1
package/dist/types/src/types/entity_views.d.ts +36 -1
package/dist/types/src/types/index.d.ts +2 -0
package/dist/types/src/types/plugins.d.ts +1 -1
package/dist/types/src/types/properties.d.ts +24 -5
package/dist/types/src/types/property_config.d.ts +6 -2
package/dist/types/src/types/relations.d.ts +1 -1
package/dist/types/src/types/translations.d.ts +8 -0
package/dist/types/src/users/user.d.ts +5 -0
package/jest.config.cjs +4 -1
package/package.json +27 -27
package/src/api/errors.ts +1 -1
package/src/api/graphql/graphql-schema-generator.ts +7 -0
package/src/api/openapi-generator.ts +13 -1
package/src/api/rest/api-generator-count.test.ts +14 -12
package/src/api/rest/query-parser.ts +2 -20
package/src/auth/adapter-middleware.ts +83 -0
package/src/auth/admin-routes.ts +36 -43
package/src/auth/auth-overrides.ts +172 -0
package/src/auth/builtin-auth-adapter.ts +384 -0
package/src/auth/crypto-utils.ts +31 -0
package/src/auth/custom-auth-adapter.ts +85 -0
package/src/auth/index.ts +10 -0
package/src/auth/interfaces.ts +2 -0
package/src/auth/jwt.ts +3 -1
package/src/auth/middleware.ts +2 -46
package/src/auth/rls-scope.ts +58 -0
package/src/auth/routes.ts +74 -32
package/src/cron/cron-scheduler.test.ts +9 -9
package/src/cron/cron-scheduler.ts +1 -1
package/src/env.ts +224 -0
package/src/index.ts +4 -0
package/src/init.ts +355 -135
package/src/storage/routes.ts +1 -19
package/src/utils/logging.ts +3 -3
package/test/admin-routes.test.ts +10 -4
package/test/auth-routes.test.ts +2 -2
package/test/backend-hooks-admin.test.ts +32 -12
package/test/custom-auth-adapter.test.ts +177 -0
package/test/env.test.ts +138 -0
package/test/query-parser.test.ts +0 -29
package/tsconfig.json +3 -0
package/dist/index-DXVBFp5V.js.map +0 -1

package/dist/types/src/types/entity_views.d.ts CHANGED Viewed

@@ -35,12 +35,17 @@ export interface FormContext<M extends Record<string, unknown> = Record<string,
     status: "new" | "existing" | "copy";
     entity?: Entity<M>;
     savingError?: Error;
-    openEntityMode: "side_panel" | "full_screen" | "split";
+    openEntityMode: "side_panel" | "full_screen" | "split" | "dialog";
     /**
      * The underlying formex controller that powers the form.
      */
     formex: FormexController<M>;
     disabled: boolean;
+    /**
+     * Whether the form context is in read-only detail view mode.
+     * Custom entity views can use this to adjust their rendering.
+     */
+    readOnly?: boolean;
 }
 export type EntityCustomView<M extends Record<string, unknown> = Record<string, unknown>> = {
     key: string;
@@ -58,3 +63,33 @@ export interface EntityCustomViewParams<M extends Record<string, unknown> = Reco
     parentCollectionSlugs?: string[];
     parentEntityIds?: string[];
 }
+/**
+ * Configuration for customizing the read-only detail view of an entity.
+ * Only used when `defaultEntityAction` is set to `"view"` on the collection.
+ * @group Models
+ */
+export type EntityDetailViewConfig<M extends Record<string, unknown> = Record<string, unknown>> = {
+    /**
+     * Custom component rendered above the property display in the detail view.
+     */
+    Header?: ComponentRef<EntityDetailViewParams<M>>;
+    /**
+     * Custom component rendered below the property display in the detail view.
+     */
+    Footer?: ComponentRef<EntityDetailViewParams<M>>;
+    /**
+     * Completely replace the default detail view with a custom component.
+     * When set, Header and Footer are ignored.
+     */
+    Builder?: ComponentRef<EntityDetailViewParams<M>>;
+};
+/**
+ * Props passed to detail view customization components (Header, Footer, Builder).
+ * @group Models
+ */
+export interface EntityDetailViewParams<M extends Record<string, unknown> = Record<string, unknown>> {
+    collection: EntityCollection<M>;
+    entity: Entity<M>;
+    path: string;
+    onEditClick: () => void;
+}

package/dist/types/src/types/index.d.ts CHANGED Viewed

@@ -24,3 +24,5 @@ export * from "./data_source";
 export * from "./cron";
 export * from "./backend_hooks";
 export * from "./component_ref";
+export * from "./auth_adapter";
+export * from "./database_adapter";

package/dist/types/src/types/plugins.d.ts CHANGED Viewed

@@ -250,7 +250,7 @@ export interface PluginFormActionProps<USER extends User = User, EC extends Enti
     disabled: boolean;
     formContext?: FormContext;
     context: RebaseContext<USER>;
-    openEntityMode: "side_panel" | "full_screen" | "split";
+    openEntityMode: "side_panel" | "full_screen" | "split" | "dialog";
 }
 /**
  * Parameters passed to the field builder wrap function.

package/dist/types/src/types/properties.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import type { ComponentRef } from "./component_ref";
-import type { EntityReference, EntityRelation, EntityValues, GeoPoint, Entity } from "./entities";
+import type { EntityReference, EntityRelation, EntityValues, GeoPoint, Entity, Vector } from "./entities";
 import type { Relation, JoinStep, OnAction } from "./relations";
 import type { EntityCollection, FilterValues } from "./collections";
 import type { ColorKey, ColorScheme } from "./chips";
@@ -31,8 +31,8 @@ export type PropertyCallbacks<T = unknown, M extends Record<string, unknown> = R
 /**
  * @group Entity properties
  */
-export type DataType = "string" | "number" | "boolean" | "date" | "geopoint" | "reference" | "relation" | "array" | "map";
-export type Property = StringProperty | NumberProperty | BooleanProperty | DateProperty | GeopointProperty | ReferenceProperty | RelationProperty | ArrayProperty | MapProperty;
+export type DataType = "string" | "number" | "boolean" | "date" | "geopoint" | "reference" | "relation" | "array" | "map" | "vector" | "binary";
+export type Property = StringProperty | NumberProperty | BooleanProperty | DateProperty | GeopointProperty | ReferenceProperty | RelationProperty | ArrayProperty | MapProperty | VectorProperty | BinaryProperty;
 export type Properties = {
     [key: string]: Property;
 };
@@ -48,7 +48,7 @@ export type FirebaseProperties = {
  * A helper type to infer the underlying data type from a Property definition.
  * This is the core of the type inference system.
  */
-export type InferPropertyType<P extends Property> = P extends StringProperty ? string : P extends NumberProperty ? number : P extends BooleanProperty ? boolean : P extends DateProperty ? Date : P extends GeopointProperty ? GeoPoint : P extends ReferenceProperty ? EntityReference : P extends RelationProperty ? EntityRelation | EntityRelation[] : P extends ArrayProperty ? (P["of"] extends Property ? InferPropertyType<P["of"]>[] : unknown[]) : P extends MapProperty ? (P["properties"] extends Properties ? InferEntityType<P["properties"]> : Record<string, unknown>) : never;
+export type InferPropertyType<P extends Property> = P extends StringProperty ? string : P extends NumberProperty ? number : P extends BooleanProperty ? boolean : P extends DateProperty ? Date : P extends GeopointProperty ? GeoPoint : P extends ReferenceProperty ? EntityReference : P extends RelationProperty ? EntityRelation | EntityRelation[] : P extends ArrayProperty ? (P["of"] extends Property ? InferPropertyType<P["of"]>[] : unknown[]) : P extends MapProperty ? (P["properties"] extends Properties ? InferEntityType<P["properties"]> : Record<string, unknown>) : P extends VectorProperty ? Vector : P extends BinaryProperty ? string : never;
 /**
  * Helper type that determines whether a property is required.
  * Uses direct structural matching against `{ validation: { required: true } }`
@@ -309,6 +309,25 @@ export interface BooleanProperty extends BaseProperty {
      */
     validation?: PropertyValidationSchema;
 }
+/**
+ * @group Entity properties
+ */
+export interface VectorUIConfig extends BaseUIConfig {
+    clearable?: boolean;
+}
+export interface VectorProperty extends BaseProperty {
+    ui?: VectorUIConfig;
+    type: "vector";
+    dimensions: number;
+    validation?: PropertyValidationSchema;
+}
+/**
+ * @group Entity properties
+ */
+export interface BinaryProperty extends BaseProperty {
+    type: "binary";
+    validation?: PropertyValidationSchema;
+}
 /**
  * @group Entity properties
  */
@@ -421,7 +440,7 @@ export interface RelationProperty extends BaseProperty {
      * When set, the framework treats this property as a self-contained relation
      * definition and no separate `relations[]` entry is needed.
      */
-    target?: () => EntityCollection;
+    target?: string | (() => EntityCollection | string);
     /**
      * Whether this property references one or many records.
      * Defaults to `"one"`.

package/dist/types/src/types/property_config.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import React from "react";
-import { ArrayProperty, MapProperty, StringProperty, NumberProperty, BooleanProperty, DateProperty, GeopointProperty, ReferenceProperty, RelationProperty } from "./properties";
+import { ArrayProperty, MapProperty, StringProperty, NumberProperty, BooleanProperty, DateProperty, GeopointProperty, ReferenceProperty, RelationProperty, VectorProperty, BinaryProperty } from "./properties";
 import { BaseProperty } from "./properties";
 type CMSBasePropertyNoName = Omit<BaseProperty, "name">;
 export type ConfigProperty = (Omit<StringProperty, "name"> & {
@@ -28,6 +28,10 @@ export type ConfigProperty = (Omit<StringProperty, "name"> & {
 } & CMSBasePropertyNoName) | (Omit<MapProperty, "name" | "properties"> & {
     name?: string;
     properties?: Record<string, ConfigProperty>;
+} & CMSBasePropertyNoName) | (Omit<VectorProperty, "name"> & {
+    name?: string;
+} & CMSBasePropertyNoName) | (Omit<BinaryProperty, "name"> & {
+    name?: string;
 } & CMSBasePropertyNoName);
 /**
  * This is the configuration object for a property.
@@ -66,5 +70,5 @@ export type PropertyConfig = {
      */
     description?: string;
 };
-export type PropertyConfigId = "text_field" | "multiline" | "markdown" | "url" | "email" | "user_select" | "select" | "multi_select" | "number_input" | "number_select" | "multi_number_select" | "file_upload" | "multi_file_upload" | "group" | "key_value" | "reference" | "reference_as_string" | "multi_references" | "relation" | "switch" | "date_time" | "repeat" | "custom_array" | "block";
+export type PropertyConfigId = "text_field" | "multiline" | "markdown" | "url" | "email" | "user_select" | "select" | "multi_select" | "number_input" | "number_select" | "multi_number_select" | "file_upload" | "multi_file_upload" | "group" | "key_value" | "reference" | "reference_as_string" | "multi_references" | "relation" | "switch" | "date_time" | "repeat" | "custom_array" | "block" | "vector_input";
 export {};

package/dist/types/src/types/relations.d.ts CHANGED Viewed

@@ -17,7 +17,7 @@ export interface Relation {
     /**
      * The final collection you want to retrieve records from.
      */
-    target: () => EntityCollection;
+    target: (() => EntityCollection) | any;
     /**
      * The nature of the relationship, determining if one or many records are returned.
      */

package/dist/types/src/types/translations.d.ts CHANGED Viewed

@@ -30,6 +30,8 @@ export interface RebaseTranslations {
     copy: string;
     delete: string;
     delete_not_allowed: string;
+    edit_entity?: string;
+    back_to_detail?: string;
     delete_confirmation_title: string;
     delete_confirmation_body: string;
     delete_multiple_confirmation_body: string;
@@ -392,6 +394,12 @@ export interface RebaseTranslations {
     submit: string;
     no_filterable_properties: string;
     apply_filters: string;
+    /** Label shown on the filter presets dropdown trigger */
+    filter_presets?: string;
+    /** Tooltip shown when hovering over a preset entry */
+    filter_preset_apply?: string;
+    /** Shown when a preset is active, with {{label}} interpolation */
+    filter_preset_active?: string;
     list: string;
     table_view_mode: string;
     cards: string;

package/dist/types/src/users/user.d.ts CHANGED Viewed

@@ -42,5 +42,10 @@ export type User = {
      * The date and time when the user was created.
      */
     createdAt?: Date | string | null;
+    /**
+     * Additional metadata/custom claims associated with the user.
+     * Accessible by the frontend, but only writable by the backend.
+     */
+    readonly metadata?: Record<string, any>;
     getIdToken?: (forceRefresh?: boolean) => Promise<string>;
 };

package/jest.config.cjs CHANGED Viewed

@@ -10,7 +10,10 @@ module.exports = {
     ],
     // This helps Jest resolve monorepo packages
     moduleNameMapper: {
-        "^@rebase/(.*)$": "<rootDir>/../$1/src",
+        "^@rebasepro/client$": "<rootDir>/../client/src/index.ts",
+        "^@rebasepro/common$": "<rootDir>/../common/src/index.ts",
+        "^@rebasepro/types$": "<rootDir>/../types/src/index.ts",
+        "^@rebasepro/utils$": "<rootDir>/../utils/src/index.ts",
         "^(\\.{1,2}/.*)\\.js$": "$1"
     }
 };

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@rebasepro/server-core",
   "type": "module",
-  "version": "0.1.2",
+  "version": "0.2.3",
   "description": "Database-Agnostic Backend Core for Rebase",
   "funding": {
     "url": "https://github.com/sponsors/rebaseco"
@@ -11,7 +11,7 @@
   "repository": {
     "type": "git",
     "url": "https://github.com/rebasepro/rebase.git",
-    "directory": "packages/backend"
+    "directory": "packages/server-core"
   },
   "main": "./dist/index.umd.js",
   "module": "./dist/index.es.js",
@@ -33,44 +33,44 @@
   "exports": {
     ".": {
       "types": "./dist/server-core/src/index.d.ts",
-      "development": "./src/index.ts",
+      "development": "./dist/index.es.js",
       "import": "./dist/index.es.js",
       "require": "./dist/index.umd.js"
     },
     "./package.json": "./package.json"
   },
   "dependencies": {
-    "@aws-sdk/client-s3": "^3.654.0",
-    "@aws-sdk/s3-request-presigner": "^3.654.0",
+    "@aws-sdk/client-s3": "^3.1050.0",
+    "@aws-sdk/s3-request-presigner": "^3.1050.0",
     "@hono/graphql-server": "0.7.0",
     "@hono/node-server": "1.19.12",
-    "google-auth-library": "^9.0.0",
-    "graphql": "^16.8.1",
-    "hono": "^4.12.10",
-    "jsonwebtoken": "^9.0.0",
-    "nodemailer": "^6.9.0",
+    "drizzle-orm": "^0.44.7",
+    "google-auth-library": "^9.15.1",
+    "graphql": "^16.14.0",
+    "hono": "^4.12.21",
+    "jsonwebtoken": "^9.0.3",
+    "nodemailer": "^6.10.1",
     "ts-morph": "27.0.2",
-    "ws": "^8.16.0",
-    "zod": "^3.22.4",
-    "@rebasepro/client": "0.1.2",
-    "@rebasepro/common": "0.1.2",
-    "@rebasepro/utils": "0.1.2",
-    "@rebasepro/types": "0.1.2"
+    "ws": "^8.20.1",
+    "zod": "^3.25.76",
+    "@rebasepro/common": "0.2.3",
+    "@rebasepro/client": "0.2.3",
+    "@rebasepro/types": "0.2.3",
+    "@rebasepro/utils": "0.2.3"
   },
   "devDependencies": {
     "@types/jest": "^29.5.14",
-    "@types/jsonwebtoken": "^9.0.0",
-    "@types/node": "^20.10.5",
-    "@types/nodemailer": "^6.4.0",
-    "@types/react": "^19.0.8",
-    "@types/react-dom": "^19.0.3",
-    "@types/ws": "^8.5.10",
+    "@types/jsonwebtoken": "^9.0.10",
+    "@types/node": "^20.19.41",
+    "@types/nodemailer": "^6.4.23",
+    "@types/react": "^19.2.15",
+    "@types/react-dom": "^19.2.3",
+    "@types/ws": "^8.18.1",
+    "@vitejs/plugin-react": "^4.7.0",
     "jest": "^29.7.0",
     "ts-jest": "29.4.1",
-    "typescript": "^5.0.0",
-    "vite": "^5.0.0",
-    "@rebasepro/common": "0.1.2",
-    "@rebasepro/types": "0.1.2"
+    "typescript": "^5.9.3",
+    "vite": "^5.4.21"
   },
   "gitHead": "d935eefa5aa8d1009a2398cfac2c1e4ee9aeb6b6",
   "publishConfig": {
@@ -80,7 +80,7 @@
     "watch": "vite build --watch",
     "build": "vite build && tsc --emitDeclarationOnly -p tsconfig.prod.json",
     "test:lint": "eslint \"src/**\" --quiet",
-    "test": "jest --passWithNoTests",
+    "test": "jest --passWithNoTests --forceExit",
     "clean": "rm -rf dist && find ./src -name '*.js' -type f | xargs rm -f"
   }
 }

package/src/api/errors.ts CHANGED Viewed

@@ -108,7 +108,7 @@ export const errorHandler: ErrorHandler = (err, c) => {
             logMessage = `Database schema mismatch (${issue} missing): ${cause.message}. Did you forget to run migrations ('pnpm db:push' or 'pnpm db:migrate')?`;
         }
     } else if ("code" in error && error.code === "ENETUNREACH") {
-         const netErr = error as unknown as PgLikeError;
+         const netErr = error as PgLikeError;
          logMessage = `Network unreachable. Cannot connect to service at ${netErr.address}:${netErr.port}.`;
     } else if ("code" in error && (error.code === "42703" || error.code === "42P01")) {
         const issue = error.code === "42703" ? "column" : "table";

package/src/api/graphql/graphql-schema-generator.ts CHANGED Viewed

@@ -89,6 +89,7 @@ export class GraphQLSchemaGenerator {
         let type;
         switch (property.type) {
+            case "binary":
             case "string":
                 type = GraphQLString;
                 break;
@@ -104,6 +105,9 @@ export class GraphQLSchemaGenerator {
             case "array":
                 type = new GraphQLList(GraphQLString);
                 break;
+            case "vector":
+                type = new GraphQLList(GraphQLFloat);
+                break;
             default:
                 type = GraphQLString;
         }
@@ -143,6 +147,7 @@ export class GraphQLSchemaGenerator {
     private convertPropertyToInputType(property: Property) {
         switch (property.type) {
+            case "binary":
             case "string":
                 return GraphQLString;
             case "number":
@@ -153,6 +158,8 @@ export class GraphQLSchemaGenerator {
                 return GraphQLString;
             case "array":
                 return new GraphQLList(GraphQLString);
+            case "vector":
+                return new GraphQLList(GraphQLFloat);
             default:
                 return GraphQLString;
         }

package/src/api/openapi-generator.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { EntityCollection, Property, StringProperty, NumberProperty, ArrayProperty, MapProperty, Relation } from "@rebasepro/types";
+import { EntityCollection, Property, StringProperty, NumberProperty, ArrayProperty, MapProperty, Relation, VectorProperty } from "@rebasepro/types";
 /**
  * OpenAPI 3.0.3 specification generator.
@@ -624,6 +624,18 @@ enum: [variantKey] },
             return base;
         }
+        case "vector": {
+            const vp = property as VectorProperty;
+            base.type = "array";
+            base.items = { type: "number" };
+            base.description = (base.description || "") + ` (Vector(${vp.dimensions}))`;
+            return base;
+        }
+        case "binary": {
+            base.type = "string";
+            base.description = (base.description || "") + " (Binary/Base64)";
+            return base;
+        }
         default:
             base.type = "string";
             return base;

package/src/api/rest/api-generator-count.test.ts CHANGED Viewed

@@ -1,18 +1,20 @@
 import { jest } from "@jest/globals";
 import { RestApiGenerator } from "./api-generator";
-import type { DataDriver, EntityCollection, FetchCollectionProps } from "@rebasepro/types";
+import type { DataDriver, Entity, EntityCollection, FetchCollectionProps } from "@rebasepro/types";
 /**
  * Minimal mock DataDriver for testing.
  */
 function createMockDriver(overrides?: Partial<DataDriver>): DataDriver {
     return {
-        fetchCollection: jest.fn().mockResolvedValue([]),
-        fetchEntity: jest.fn().mockResolvedValue(null),
-        saveEntity: jest.fn().mockResolvedValue({ id: "1", path: "test", values: {} }),
-        deleteEntity: jest.fn().mockResolvedValue(undefined),
-        countEntities: jest.fn().mockResolvedValue(0),
-        ...overrides,
+        fetchCollection: jest.fn<DataDriver["fetchCollection"]>().mockResolvedValue([]),
+        fetchEntity: jest.fn<DataDriver["fetchEntity"]>().mockResolvedValue(undefined),
+        saveEntity: jest.fn<DataDriver["saveEntity"]>().mockResolvedValue({ id: "1",
+path: "test",
+values: {} } as Entity),
+        deleteEntity: jest.fn<DataDriver["deleteEntity"]>().mockResolvedValue(undefined),
+        countEntities: jest.fn<NonNullable<DataDriver["countEntities"]>>().mockResolvedValue(0),
+        ...overrides
     } as unknown as DataDriver;
 }
@@ -21,7 +23,7 @@ function createTestCollection(slug: string): EntityCollection {
         slug,
         name: slug.charAt(0).toUpperCase() + slug.slice(1),
         path: slug,
-        properties: {},
+        properties: {}
     } as unknown as EntityCollection;
 }
@@ -31,7 +33,7 @@ describe("RestApiGenerator - Count Endpoint", () => {
     beforeEach(() => {
         driver = createMockDriver({
-            countEntities: jest.fn().mockResolvedValue(42),
+            countEntities: jest.fn<NonNullable<DataDriver["countEntities"]>>().mockResolvedValue(42)
         });
         collection = createTestCollection("products");
     });
@@ -93,10 +95,10 @@ describe("RestApiGenerator - Count Endpoint", () => {
     it("GET /products/count should not be confused with GET /products/:id", async () => {
         // Ensure the count route is registered before the :id route
-        const fetchEntity = jest.fn().mockResolvedValue(null);
+        const fetchEntity = jest.fn<DataDriver["fetchEntity"]>().mockResolvedValue(undefined);
         const driverCustom = createMockDriver({
-            countEntities: jest.fn().mockResolvedValue(99),
-            fetchEntity,
+            countEntities: jest.fn<NonNullable<DataDriver["countEntities"]>>().mockResolvedValue(99),
+            fetchEntity: fetchEntity as unknown as DataDriver["fetchEntity"]
         });
         const generator = new RestApiGenerator([collection], driverCustom);
         const app = generator.generateRoutes();

package/src/api/rest/query-parser.ts CHANGED Viewed

@@ -37,27 +37,9 @@ export function parseQueryOptions(query: Record<string, unknown>): QueryOptions
     // Filtering
     options.where = {};
-    // Legacy JSON where clause
-    if (query.where) {
-        try {
-            const parsedWhere = typeof query.where === "string"
-                ? JSON.parse(query.where)
-                : query.where;
-            if (typeof parsedWhere !== "object" || parsedWhere === null || Array.isArray(parsedWhere)) {
-                throw new Error("Filter must be a JSON object");
-            }
-            Object.assign(options.where, parsedWhere);
-        } catch (e) {
-            const message = e instanceof Error ? e.message : "malformed JSON";
-            const err = new Error(`Invalid 'where' filter: ${message}`) as Error & { code?: string; statusCode?: number };
-            err.code = "BAD_REQUEST";
-            err.statusCode = 400;
-            throw err;
-        }
-    }
-    // PostgREST style filtering
-    const reservedQueryKeys = ["limit", "offset", "page", "orderBy", "where", "include", "fields", "searchString"];
+    // PostgREST-style filtering: ?field=op.value
+    const reservedQueryKeys = ["limit", "offset", "page", "orderBy", "include", "fields", "searchString"];
     for (const [key, rawValue] of Object.entries(query)) {
         if (reservedQueryKeys.includes(key)) continue;

package/src/auth/adapter-middleware.ts ADDED Viewed

@@ -0,0 +1,83 @@
+/**
+ * Adapter Auth Middleware
+ *
+ * Creates a Hono middleware that delegates authentication to an `AuthAdapter`
+ * instead of hardcoded JWT verification. This is used when the user passes
+ * an `AuthAdapter` to `initializeRebaseBackend()`.
+ *
+ * The middleware:
+ * 1. Calls `adapter.verifyRequest(request)` to resolve the user
+ * 2. Scopes the DataDriver via `withAuth()` for RLS
+ * 3. Enforces auth (401) when `requireAuth` is true and no user is found
+ *
+ * The behavior is identical to `createAuthMiddleware()` — only the
+ * token verification strategy is pluggable.
+ */
+import type { MiddlewareHandler } from "hono";
+import type { DataDriver, AuthAdapter } from "@rebasepro/types";
+import type { HonoEnv } from "../api/types";
+import { scopeDataDriver } from "./rls-scope";
+export interface AdapterAuthMiddlewareOptions {
+    /** The auth adapter to delegate verification to. */
+    adapter: AuthAdapter;
+    /** The DataDriver to scope via withAuth() for RLS. */
+    driver: DataDriver;
+    /**
+     * If true, return 401 when no valid user is resolved.
+     * Defaults to `true` (secure by default).
+     */
+    requireAuth?: boolean;
+}
+/**
+ * Create a Hono middleware that uses an `AuthAdapter` for request verification.
+ */
+export function createAdapterAuthMiddleware(options: AdapterAuthMiddlewareOptions): MiddlewareHandler<HonoEnv> {
+    const { adapter, driver, requireAuth: enforceAuth = true } = options;
+    return async (c, next) => {
+        let authenticatedUser = null;
+        try {
+            authenticatedUser = await adapter.verifyRequest(c.req.raw);
+        } catch (error) {
+            // adapter.verifyRequest() threw — reject the request (fail closed)
+            return c.json({ error: { message: "Unauthorized", code: "UNAUTHORIZED" } }, 401);
+        }
+        if (authenticatedUser) {
+            // Authenticated — set user context and scope driver
+            c.set("user", {
+                userId: authenticatedUser.uid,
+                email: authenticatedUser.email,
+                roles: authenticatedUser.roles,
+            });
+            try {
+                c.set("driver", await scopeDataDriver(driver, {
+                    uid: authenticatedUser.uid,
+                    roles: authenticatedUser.roles,
+                }));
+            } catch (error) {
+                console.error("[AUTH-ADAPTER] RLS scoping failed for authenticated user:", error);
+                return c.json({ error: { message: "Internal authentication error", code: "INTERNAL_ERROR" } }, 500);
+            }
+        } else {
+            // Not authenticated — scope as anon for RLS evaluation
+            try {
+                c.set("driver", await scopeDataDriver(driver, { uid: "anon", roles: ["anon"] }));
+            } catch (error) {
+                console.error("[AUTH-ADAPTER] Failed to create anon-scoped driver:", error);
+                return c.json({ error: { message: "Server configuration error", code: "INTERNAL_ERROR" } }, 500);
+            }
+        }
+        // Enforce auth if required
+        if (enforceAuth && !c.get("user")) {
+            return c.json({ error: { message: "Unauthorized: Authentication required", code: "UNAUTHORIZED" } }, 401);
+        }
+        return next();
+    };
+}