@rebasepro/server-core 0.6.1 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (116) hide show
  1. package/dist/api/graphql/graphql-schema-generator.d.ts +9 -0
  2. package/dist/api/rest/api-generator.d.ts +2 -14
  3. package/dist/api/rest/query-parser.d.ts +2 -5
  4. package/dist/api/types.d.ts +8 -2
  5. package/dist/auth/adapter-middleware.d.ts +7 -1
  6. package/dist/auth/admin-roles-route.d.ts +18 -0
  7. package/dist/auth/admin-users-route.d.ts +28 -0
  8. package/dist/auth/api-keys/api-key-types.d.ts +8 -0
  9. package/dist/auth/auth-hooks.d.ts +17 -0
  10. package/dist/auth/builtin-auth-adapter.d.ts +3 -1
  11. package/dist/auth/index.d.ts +1 -0
  12. package/dist/auth/interfaces.d.ts +32 -2
  13. package/dist/auth/magic-link-routes.d.ts +30 -0
  14. package/dist/auth/mfa-crypto.d.ts +23 -0
  15. package/dist/auth/mfa-routes.d.ts +2 -1
  16. package/dist/auth/middleware.d.ts +9 -2
  17. package/dist/auth/routes.d.ts +3 -1
  18. package/dist/auth/session-routes.d.ts +2 -0
  19. package/dist/backend-CIxN4FVm.js.map +1 -1
  20. package/dist/base64-js-C_frYBkI.js +1687 -0
  21. package/dist/base64-js-C_frYBkI.js.map +1 -0
  22. package/dist/{dist-CZKP-Xz4.js → dist-DMO-zF6D.js} +2 -2
  23. package/dist/{dist-CZKP-Xz4.js.map → dist-DMO-zF6D.js.map} +1 -1
  24. package/dist/email/index.d.ts +2 -2
  25. package/dist/email/templates.d.ts +8 -0
  26. package/dist/email/types.d.ts +18 -0
  27. package/dist/functions/define-function.d.ts +50 -0
  28. package/dist/functions/index.d.ts +2 -0
  29. package/dist/index.d.ts +16 -18
  30. package/dist/index.es.js +1947 -2356
  31. package/dist/index.es.js.map +1 -1
  32. package/dist/index.umd.js +40615 -10203
  33. package/dist/index.umd.js.map +1 -1
  34. package/dist/init.d.ts +68 -12
  35. package/dist/jws-BqRRaK11.js +616 -0
  36. package/dist/jws-BqRRaK11.js.map +1 -0
  37. package/dist/{jwt-DHcQRGC3.js → jwt-BETC8a1J.js} +3 -611
  38. package/dist/jwt-BETC8a1J.js.map +1 -0
  39. package/dist/services/routed-realtime-service.d.ts +43 -0
  40. package/dist/{src-COaj0G3P.js → src-CB2PIpBe.js} +2 -2
  41. package/dist/{src-COaj0G3P.js.map → src-CB2PIpBe.js.map} +1 -1
  42. package/dist/src-DjzOT1kG.js +29746 -0
  43. package/dist/src-DjzOT1kG.js.map +1 -0
  44. package/dist/storage/GCSStorageController.d.ts +43 -0
  45. package/dist/storage/index.d.ts +5 -2
  46. package/dist/storage/routes.d.ts +33 -1
  47. package/dist/storage/tus-handler.d.ts +3 -1
  48. package/dist/storage/types.d.ts +28 -3
  49. package/dist/utils/dev-port.d.ts +2 -0
  50. package/package.json +13 -5
  51. package/src/api/errors.ts +16 -2
  52. package/src/api/graphql/graphql-schema-generator.ts +50 -15
  53. package/src/api/openapi-generator.ts +2 -2
  54. package/src/api/rest/api-generator.ts +44 -123
  55. package/src/api/rest/query-parser.ts +6 -23
  56. package/src/api/server.ts +10 -2
  57. package/src/api/types.ts +8 -2
  58. package/src/auth/adapter-middleware.ts +10 -2
  59. package/src/auth/admin-roles-route.ts +36 -0
  60. package/src/auth/admin-users-route.ts +302 -0
  61. package/src/auth/api-keys/api-key-middleware.ts +4 -3
  62. package/src/auth/api-keys/api-key-routes.ts +12 -2
  63. package/src/auth/api-keys/api-key-store.ts +83 -66
  64. package/src/auth/api-keys/api-key-types.ts +8 -0
  65. package/src/auth/apple-oauth.ts +2 -1
  66. package/src/auth/auth-hooks.ts +21 -0
  67. package/src/auth/bitbucket-oauth.ts +2 -1
  68. package/src/auth/builtin-auth-adapter.ts +29 -6
  69. package/src/auth/custom-auth-adapter.ts +2 -0
  70. package/src/auth/discord-oauth.ts +2 -1
  71. package/src/auth/facebook-oauth.ts +2 -1
  72. package/src/auth/github-oauth.ts +2 -1
  73. package/src/auth/gitlab-oauth.ts +2 -1
  74. package/src/auth/google-oauth.ts +8 -4
  75. package/src/auth/index.ts +2 -0
  76. package/src/auth/interfaces.ts +38 -2
  77. package/src/auth/linkedin-oauth.ts +2 -1
  78. package/src/auth/magic-link-routes.ts +167 -0
  79. package/src/auth/mfa-crypto.ts +91 -0
  80. package/src/auth/mfa-routes.ts +34 -10
  81. package/src/auth/microsoft-oauth.ts +2 -1
  82. package/src/auth/middleware.ts +14 -5
  83. package/src/auth/reset-password-admin.ts +17 -1
  84. package/src/auth/routes.ts +78 -10
  85. package/src/auth/session-routes.ts +15 -3
  86. package/src/auth/slack-oauth.ts +2 -1
  87. package/src/auth/spotify-oauth.ts +2 -1
  88. package/src/auth/twitter-oauth.ts +8 -1
  89. package/src/cron/cron-store.ts +25 -23
  90. package/src/email/index.ts +3 -2
  91. package/src/email/templates.ts +82 -0
  92. package/src/email/types.ts +16 -0
  93. package/src/functions/define-function.ts +59 -0
  94. package/src/functions/function-loader.ts +16 -0
  95. package/src/functions/index.ts +2 -0
  96. package/src/index.ts +70 -37
  97. package/src/init.ts +214 -25
  98. package/src/services/routed-realtime-service.ts +113 -0
  99. package/src/storage/GCSStorageController.ts +334 -0
  100. package/src/storage/index.ts +9 -3
  101. package/src/storage/routes.ts +191 -23
  102. package/src/storage/tus-handler.ts +16 -4
  103. package/src/storage/types.ts +25 -3
  104. package/src/utils/dev-port.ts +13 -7
  105. package/test/api-generator.test.ts +1 -1
  106. package/test/auth-config-types.test.ts +40 -0
  107. package/test/auth-routes.test.ts +54 -4
  108. package/test/custom-auth-adapter.test.ts +20 -1
  109. package/test/define-function.test.ts +45 -0
  110. package/test/env.test.ts +9 -19
  111. package/test/multi-datasource-routing.test.ts +113 -0
  112. package/test/routed-realtime-service.test.ts +86 -0
  113. package/test/storage-routes.test.ts +160 -0
  114. package/test/transform-auth-response.test.ts +305 -0
  115. package/dist/jwt-DHcQRGC3.js.map +0 -1
  116. package/test/backend-hooks-data.test.ts +0 -477
package/dist/init.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { AuthAdapter, BackendBootstrapper, BackendHooks, BootstrappedAuth, DatabaseAdapter, DataDriver, EntityCollection, HealthCheckResult, RealtimeProvider, SecurityRule } from "@rebasepro/types";
1
+ import { AuthAdapter, BackendBootstrapper, BootstrappedAuth, DatabaseAdapter, DataDriver, DataSourceDefinition, EntityCallbacks, EntityCollection, HealthCheckResult, RealtimeProvider, SecurityRule } from "@rebasepro/types";
2
2
  import { BackendCollectionRegistry } from "./collections/BackendCollectionRegistry";
3
3
  import { DriverRegistry } from "./services/driver-registry";
4
4
  import { Server } from "http";
@@ -35,7 +35,7 @@ export interface RebaseAuthConfig {
35
35
  *
36
36
  * When a request includes `Authorization: Bearer <serviceKey>`, it is
37
37
  * granted admin-level access without JWT verification. This is the
38
- * Rebase equivalent of a Firebase Service Account key.
38
+ * Rebase equivalent of a Service Account key.
39
39
  *
40
40
  * Generate with: `node -e "logger.info(require('crypto').randomBytes(48).toString('base64'))"`
41
41
  *
@@ -97,7 +97,31 @@ export interface RebaseAuthConfig {
97
97
  clientSecret: string;
98
98
  };
99
99
  defaultRole?: string;
100
- providers?: OAuthProvider<any>[];
100
+ /**
101
+ * Canonical array of OAuth providers.
102
+ *
103
+ * This is the primary extension point for **all** OAuth integrations.
104
+ * Each entry is an `OAuthProvider<unknown>` constructed via one of
105
+ * the `create*Provider` factories exported from `@rebasepro/server-core`
106
+ * (e.g. `createGoogleProvider`, `createGitHubProvider`).
107
+ *
108
+ * The named convenience fields above (`google`, `github`, etc.) are
109
+ * automatically resolved into this array at startup. You can mix both
110
+ * approaches; named fields and explicit entries are merged (named
111
+ * fields are appended after explicit entries).
112
+ *
113
+ * @example
114
+ * ```ts
115
+ * import { createGoogleProvider } from "@rebasepro/server-core";
116
+ *
117
+ * auth: {
118
+ * providers: [
119
+ * createGoogleProvider({ clientId: "…", clientSecret: "…" }),
120
+ * ],
121
+ * }
122
+ * ```
123
+ */
124
+ providers?: OAuthProvider<unknown>[];
101
125
  /**
102
126
  * Override specific parts of the built-in auth implementation.
103
127
  *
@@ -116,7 +140,11 @@ export interface RebaseAuthConfig {
116
140
  * ```
117
141
  */
118
142
  hooks?: AuthHooks;
119
- [key: string]: unknown;
143
+ /**
144
+ * Enable magic link (passwordless email) authentication.
145
+ * Requires email to be configured.
146
+ */
147
+ magicLink?: boolean;
120
148
  }
121
149
  export interface RebaseBackendConfig {
122
150
  collections?: EntityCollection[];
@@ -124,6 +152,15 @@ export interface RebaseBackendConfig {
124
152
  server: Server;
125
153
  app: Hono<HonoEnv>;
126
154
  basePath?: string;
155
+ /**
156
+ * Declared data sources, shared with the frontend `<Rebase dataSources>`.
157
+ *
158
+ * Used to resolve each collection's engine (capabilities) and transport.
159
+ * Collections on a `direct`/`custom` transport are client-only: the backend
160
+ * still owns their schema/registry but does **not** generate server data
161
+ * routes for them. Server-mediated sources (the default) need no entry.
162
+ */
163
+ dataSources?: DataSourceDefinition[];
127
164
  /**
128
165
  * Database bootstrappers.
129
166
  */
@@ -157,11 +194,20 @@ export interface RebaseBackendConfig {
157
194
  /**
158
195
  * Storage configuration. Accepts:
159
196
  *
160
- * - A `BackendStorageConfig` object (`{ type: 'local' | 's3', ... }`)
161
- * - A `StorageController` instance (for custom providers like GCS, Azure, etc.)
197
+ * - A `BackendStorageConfig` object (`{ type: 'local' | 's3' | 'gcs', ... }`)
198
+ * - A `StorageController` instance (for custom providers like Azure, etc.)
162
199
  * - A `Record<string, ...>` of either, for multi-backend setups
163
200
  */
164
201
  storage?: BackendStorageConfig | StorageController | Record<string, BackendStorageConfig | StorageController>;
202
+ /**
203
+ * Declared storage sources. Drives the client-side StorageSourceRegistry
204
+ * and the transport distinction (server vs direct).
205
+ *
206
+ * Server-backed sources are auto-derived from the `storage` map — you
207
+ * only need explicit entries for "direct" transport sources (e.g.
208
+ * external storage) that the backend does not proxy.
209
+ */
210
+ storageSources?: import("@rebasepro/types").StorageSourceDefinition[];
165
211
  history?: unknown;
166
212
  /**
167
213
  * Default security rules applied to any collection that does not define
@@ -211,14 +257,24 @@ export interface RebaseBackendConfig {
211
257
  origin: string | string[] | ((origin: string) => boolean);
212
258
  };
213
259
  /**
214
- * Backend-level hooks for intercepting collection entity data
215
- * at the REST API boundary. These run server-side after database
216
- * operations and before API responses are sent.
260
+ * Global lifecycle callbacks applied to every collection.
217
261
  *
218
- * Complement the per-collection `EntityCallbacks` system which
219
- * handles collection CRUD operations.
262
+ * Same type as per-collection `callbacks` fires on **every** data path
263
+ * (REST API, WebSocket / realtime, server-side `rebase.data`).
264
+ *
265
+ * Execution order: global callbacks → collection callbacks → property callbacks.
266
+ *
267
+ * @example
268
+ * ```ts
269
+ * callbacks: {
270
+ * afterRead({ entity, collection }) {
271
+ * console.log(`Read ${collection.slug}/${entity.id}`);
272
+ * return entity;
273
+ * }
274
+ * }
275
+ * ```
220
276
  */
221
- hooks?: BackendHooks;
277
+ callbacks?: EntityCallbacks;
222
278
  }
223
279
  /**
224
280
  * Type guard to detect whether the `auth` config is an `AuthAdapter`