@rebasepro/server-core 0.7.0 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (155) hide show
  1. package/build-errors.txt +52 -0
  2. package/dist/api/ast-schema-editor.d.ts +21 -0
  3. package/dist/api/collections_for_test/callbacks_test_collection.d.ts +2 -0
  4. package/dist/api/errors.d.ts +53 -0
  5. package/dist/api/graphql/graphql-schema-generator.d.ts +44 -0
  6. package/dist/api/graphql/index.d.ts +1 -0
  7. package/dist/api/index.d.ts +9 -0
  8. package/dist/api/logs-routes.d.ts +37 -0
  9. package/dist/api/openapi-generator.d.ts +16 -0
  10. package/dist/api/rest/api-generator.d.ts +76 -0
  11. package/dist/api/rest/index.d.ts +1 -0
  12. package/dist/api/rest/query-parser.d.ts +8 -0
  13. package/dist/api/schema-editor-routes.d.ts +3 -0
  14. package/dist/api/server.d.ts +40 -0
  15. package/dist/api/types.d.ts +104 -0
  16. package/dist/auth/adapter-middleware.d.ts +43 -0
  17. package/dist/auth/admin-roles-route.d.ts +18 -0
  18. package/dist/auth/admin-user-ops.d.ts +79 -0
  19. package/dist/auth/admin-users-route.d.ts +28 -0
  20. package/dist/auth/api-keys/api-key-middleware.d.ts +39 -0
  21. package/dist/auth/api-keys/api-key-permission-guard.d.ts +32 -0
  22. package/dist/auth/api-keys/api-key-routes.d.ts +20 -0
  23. package/dist/auth/api-keys/api-key-store.d.ts +35 -0
  24. package/dist/auth/api-keys/api-key-types.d.ts +96 -0
  25. package/dist/auth/api-keys/index.d.ts +17 -0
  26. package/dist/auth/apple-oauth.d.ts +30 -0
  27. package/dist/auth/auth-hooks.d.ts +242 -0
  28. package/dist/auth/bitbucket-oauth.d.ts +11 -0
  29. package/dist/auth/builtin-auth-adapter.d.ts +51 -0
  30. package/dist/auth/crypto-utils.d.ts +16 -0
  31. package/dist/auth/custom-auth-adapter.d.ts +39 -0
  32. package/dist/auth/discord-oauth.d.ts +14 -0
  33. package/dist/auth/facebook-oauth.d.ts +14 -0
  34. package/dist/auth/github-oauth.d.ts +15 -0
  35. package/dist/auth/gitlab-oauth.d.ts +13 -0
  36. package/dist/auth/google-oauth.d.ts +47 -0
  37. package/dist/auth/index.d.ts +37 -0
  38. package/dist/auth/interfaces.d.ts +431 -0
  39. package/dist/auth/jwt.d.ts +55 -0
  40. package/dist/auth/linkedin-oauth.d.ts +18 -0
  41. package/dist/auth/magic-link-routes.d.ts +30 -0
  42. package/dist/auth/mfa-crypto.d.ts +23 -0
  43. package/dist/auth/mfa-routes.d.ts +7 -0
  44. package/dist/auth/mfa.d.ts +49 -0
  45. package/dist/auth/microsoft-oauth.d.ts +16 -0
  46. package/dist/auth/middleware.d.ts +113 -0
  47. package/dist/auth/password.d.ts +22 -0
  48. package/dist/auth/rate-limiter.d.ts +50 -0
  49. package/dist/auth/reset-password-admin.d.ts +29 -0
  50. package/dist/auth/rls-scope.d.ts +31 -0
  51. package/dist/auth/routes.d.ts +35 -0
  52. package/dist/auth/session-routes.d.ts +27 -0
  53. package/dist/auth/slack-oauth.d.ts +12 -0
  54. package/dist/auth/spotify-oauth.d.ts +12 -0
  55. package/dist/auth/twitter-oauth.d.ts +18 -0
  56. package/dist/backend-CIxN4FVm.js +15 -0
  57. package/dist/backend-CIxN4FVm.js.map +1 -0
  58. package/dist/base64-js-C_frYBkI.js +1687 -0
  59. package/dist/base64-js-C_frYBkI.js.map +1 -0
  60. package/dist/chunk-Dze3rakg.js +42 -0
  61. package/dist/collections/BackendCollectionRegistry.d.ts +13 -0
  62. package/dist/collections/loader.d.ts +5 -0
  63. package/dist/cron/cron-loader.d.ts +17 -0
  64. package/dist/cron/cron-routes.d.ts +14 -0
  65. package/dist/cron/cron-scheduler.d.ts +106 -0
  66. package/dist/cron/cron-store.d.ts +32 -0
  67. package/dist/cron/index.d.ts +6 -0
  68. package/dist/db/interfaces.d.ts +18 -0
  69. package/dist/dist-DMO-zF6D.js +832 -0
  70. package/dist/dist-DMO-zF6D.js.map +1 -0
  71. package/dist/email/index.d.ts +6 -0
  72. package/dist/email/smtp-email-service.d.ts +25 -0
  73. package/dist/email/templates.d.ts +50 -0
  74. package/dist/email/types.d.ts +126 -0
  75. package/dist/env.d.ts +102 -0
  76. package/dist/from-VbwD7xRf.js +3849 -0
  77. package/dist/from-VbwD7xRf.js.map +1 -0
  78. package/dist/functions/define-function.d.ts +50 -0
  79. package/dist/functions/function-loader.d.ts +17 -0
  80. package/dist/functions/function-routes.d.ts +10 -0
  81. package/dist/functions/index.d.ts +5 -0
  82. package/dist/history/history-routes.d.ts +23 -0
  83. package/dist/history/index.d.ts +1 -0
  84. package/dist/index.d.ts +31 -0
  85. package/dist/index.es.js +61322 -0
  86. package/dist/index.es.js.map +1 -0
  87. package/dist/index.umd.js +103633 -0
  88. package/dist/index.umd.js.map +1 -0
  89. package/dist/init/docs.d.ts +4 -0
  90. package/dist/init/health.d.ts +2 -0
  91. package/dist/init/middlewares.d.ts +10 -0
  92. package/dist/init/shutdown.d.ts +11 -0
  93. package/dist/init/storage.d.ts +5 -0
  94. package/dist/init.d.ts +314 -0
  95. package/dist/jws-BqRRaK11.js +616 -0
  96. package/dist/jws-BqRRaK11.js.map +1 -0
  97. package/dist/jwt-BETC8a1J.js +3560 -0
  98. package/dist/jwt-BETC8a1J.js.map +1 -0
  99. package/dist/logger-BYU66ENZ.js +94 -0
  100. package/dist/logger-BYU66ENZ.js.map +1 -0
  101. package/dist/ms-BeBSuOXN.js +125 -0
  102. package/dist/ms-BeBSuOXN.js.map +1 -0
  103. package/dist/multipart-parser-CedBDOeC.js +299 -0
  104. package/dist/multipart-parser-CedBDOeC.js.map +1 -0
  105. package/dist/serve-spa.d.ts +30 -0
  106. package/dist/services/driver-registry.d.ts +78 -0
  107. package/dist/services/routed-realtime-service.d.ts +43 -0
  108. package/dist/services/webhook-service.d.ts +29 -0
  109. package/dist/singleton.d.ts +35 -0
  110. package/dist/src-CB2PIpBe.js +1182 -0
  111. package/dist/src-CB2PIpBe.js.map +1 -0
  112. package/dist/src-DjzOT1kG.js +29746 -0
  113. package/dist/src-DjzOT1kG.js.map +1 -0
  114. package/dist/storage/GCSStorageController.d.ts +43 -0
  115. package/dist/storage/LocalStorageController.d.ts +46 -0
  116. package/dist/storage/S3StorageController.d.ts +36 -0
  117. package/dist/storage/image-transform.d.ts +50 -0
  118. package/dist/storage/index.d.ts +31 -0
  119. package/dist/storage/routes.d.ts +70 -0
  120. package/dist/storage/storage-registry.d.ts +78 -0
  121. package/dist/storage/tus-handler.d.ts +53 -0
  122. package/dist/storage/types.d.ts +128 -0
  123. package/dist/types/index.d.ts +11 -0
  124. package/dist/utils/dev-port.d.ts +37 -0
  125. package/dist/utils/logger.d.ts +31 -0
  126. package/dist/utils/logging.d.ts +9 -0
  127. package/dist/utils/request-id.d.ts +4 -0
  128. package/dist/utils/request-logger.d.ts +19 -0
  129. package/dist/utils/sql.d.ts +27 -0
  130. package/package.json +22 -14
  131. package/src/api/graphql/graphql-schema-generator.ts +5 -5
  132. package/src/api/openapi-generator.ts +2 -2
  133. package/src/api/rest/api-generator.ts +44 -123
  134. package/src/api/rest/query-parser.ts +6 -23
  135. package/src/api/types.ts +2 -2
  136. package/src/auth/auth-hooks.ts +1 -1
  137. package/src/auth/builtin-auth-adapter.ts +1 -2
  138. package/src/auth/interfaces.ts +11 -2
  139. package/src/auth/middleware.ts +4 -4
  140. package/src/auth/routes.ts +1 -2
  141. package/src/functions/define-function.ts +59 -0
  142. package/src/functions/function-loader.ts +16 -0
  143. package/src/functions/index.ts +2 -0
  144. package/src/index.ts +70 -37
  145. package/src/init.ts +78 -21
  146. package/src/storage/GCSStorageController.ts +334 -0
  147. package/src/storage/index.ts +9 -3
  148. package/src/storage/routes.ts +191 -23
  149. package/src/storage/tus-handler.ts +16 -4
  150. package/src/storage/types.ts +25 -3
  151. package/test/api-generator.test.ts +1 -1
  152. package/test/auth-config-types.test.ts +40 -0
  153. package/test/define-function.test.ts +45 -0
  154. package/test/storage-routes.test.ts +160 -0
  155. package/test/backend-hooks-data.test.ts +0 -477
@@ -0,0 +1,4 @@
1
+ import { Hono } from "hono";
2
+ import { EntityCollection } from "@rebasepro/types";
3
+ import { HonoEnv } from "../api/types";
4
+ export declare function mountOpenApiDocs(app: Hono<HonoEnv>, basePath: string, enableSwagger: boolean | undefined, activeCollections: EntityCollection[], requireAuth: boolean): Promise<void>;
@@ -0,0 +1,2 @@
1
+ import { DataDriver, HealthCheckResult } from "@rebasepro/types";
2
+ export declare function createHealthCheck(defaultDriver: DataDriver): () => Promise<HealthCheckResult>;
@@ -0,0 +1,10 @@
1
+ import { Hono } from "hono";
2
+ import { HonoEnv } from "../api/types";
3
+ interface MiddlewareConfig {
4
+ maxBodySize?: number;
5
+ csrf?: {
6
+ origin: string | string[] | ((origin: string) => boolean);
7
+ };
8
+ }
9
+ export declare function configureMiddlewares(app: Hono<HonoEnv>, basePath: string, isProduction: boolean, config: MiddlewareConfig): void;
10
+ export {};
@@ -0,0 +1,11 @@
1
+ import { Server } from "http";
2
+ import { RealtimeProvider } from "@rebasepro/types";
3
+ interface ShutdownConfig {
4
+ server: Server;
5
+ cronScheduler?: {
6
+ stop(): void;
7
+ };
8
+ realtimeServices: Record<string, RealtimeProvider>;
9
+ }
10
+ export declare function createShutdown(config: ShutdownConfig): (timeoutMs?: number) => Promise<void>;
11
+ export {};
@@ -0,0 +1,5 @@
1
+ import { BackendStorageConfig, StorageController, StorageRegistry } from "../storage";
2
+ export declare function initializeStorage(storageConfig: BackendStorageConfig | StorageController | Record<string, BackendStorageConfig | StorageController> | undefined, isProduction: boolean): {
3
+ storageRegistry?: StorageRegistry;
4
+ storageController?: StorageController;
5
+ };
package/dist/init.d.ts ADDED
@@ -0,0 +1,314 @@
1
+ import { AuthAdapter, BackendBootstrapper, BootstrappedAuth, DatabaseAdapter, DataDriver, DataSourceDefinition, EntityCallbacks, EntityCollection, HealthCheckResult, RealtimeProvider, SecurityRule } from "@rebasepro/types";
2
+ import { BackendCollectionRegistry } from "./collections/BackendCollectionRegistry";
3
+ import { DriverRegistry } from "./services/driver-registry";
4
+ import { Server } from "http";
5
+ import { Hono } from "hono";
6
+ import { HonoEnv } from "./api/types";
7
+ import { BackendStorageConfig, StorageController, StorageRegistry } from "./storage";
8
+ import { EmailConfig } from "./email";
9
+ import type { OAuthProvider } from "./auth/interfaces";
10
+ import type { AuthHooks } from "./auth/auth-hooks";
11
+ export interface RebaseAuthConfig {
12
+ /**
13
+ * The collection that represents auth users.
14
+ *
15
+ * When provided, this collection's underlying database table is used
16
+ * for all auth operations (login, registration, password reset, etc.).
17
+ *
18
+ * Import the built-in default:
19
+ * ```ts
20
+ * import { defaultUsersCollection } from "@rebasepro/common";
21
+ * auth: { collection: defaultUsersCollection, jwtSecret: "..." }
22
+ * ```
23
+ *
24
+ * Or pass your own collection with the required auth fields
25
+ * (email, passwordHash, displayName, etc.).
26
+ */
27
+ collection?: EntityCollection;
28
+ jwtSecret?: string;
29
+ accessExpiresIn?: string;
30
+ refreshExpiresIn?: string;
31
+ requireAuth?: boolean;
32
+ allowRegistration?: boolean;
33
+ /**
34
+ * A static secret key for server-to-server / script authentication.
35
+ *
36
+ * When a request includes `Authorization: Bearer <serviceKey>`, it is
37
+ * granted admin-level access without JWT verification. This is the
38
+ * Rebase equivalent of a Service Account key.
39
+ *
40
+ * Generate with: `node -e "logger.info(require('crypto').randomBytes(48).toString('base64'))"`
41
+ *
42
+ * Set via `REBASE_SERVICE_KEY` in your `.env`.
43
+ * Must be at least 32 characters.
44
+ */
45
+ serviceKey?: string;
46
+ email?: EmailConfig;
47
+ google?: {
48
+ clientId: string;
49
+ clientSecret?: string;
50
+ };
51
+ linkedin?: {
52
+ clientId: string;
53
+ clientSecret: string;
54
+ };
55
+ github?: {
56
+ clientId: string;
57
+ clientSecret: string;
58
+ };
59
+ microsoft?: {
60
+ clientId: string;
61
+ clientSecret: string;
62
+ tenantId?: string;
63
+ };
64
+ apple?: {
65
+ clientId: string;
66
+ teamId: string;
67
+ keyId: string;
68
+ privateKey: string;
69
+ };
70
+ facebook?: {
71
+ clientId: string;
72
+ clientSecret: string;
73
+ };
74
+ twitter?: {
75
+ clientId: string;
76
+ clientSecret: string;
77
+ };
78
+ discord?: {
79
+ clientId: string;
80
+ clientSecret: string;
81
+ };
82
+ gitlab?: {
83
+ clientId: string;
84
+ clientSecret: string;
85
+ baseUrl?: string;
86
+ };
87
+ bitbucket?: {
88
+ clientId: string;
89
+ clientSecret: string;
90
+ };
91
+ slack?: {
92
+ clientId: string;
93
+ clientSecret: string;
94
+ };
95
+ spotify?: {
96
+ clientId: string;
97
+ clientSecret: string;
98
+ };
99
+ defaultRole?: string;
100
+ /**
101
+ * Canonical array of OAuth providers.
102
+ *
103
+ * This is the primary extension point for **all** OAuth integrations.
104
+ * Each entry is an `OAuthProvider<unknown>` constructed via one of
105
+ * the `create*Provider` factories exported from `@rebasepro/server-core`
106
+ * (e.g. `createGoogleProvider`, `createGitHubProvider`).
107
+ *
108
+ * The named convenience fields above (`google`, `github`, etc.) are
109
+ * automatically resolved into this array at startup. You can mix both
110
+ * approaches; named fields and explicit entries are merged (named
111
+ * fields are appended after explicit entries).
112
+ *
113
+ * @example
114
+ * ```ts
115
+ * import { createGoogleProvider } from "@rebasepro/server-core";
116
+ *
117
+ * auth: {
118
+ * providers: [
119
+ * createGoogleProvider({ clientId: "…", clientSecret: "…" }),
120
+ * ],
121
+ * }
122
+ * ```
123
+ */
124
+ providers?: OAuthProvider<unknown>[];
125
+ /**
126
+ * Override specific parts of the built-in auth implementation.
127
+ *
128
+ * Each override replaces one piece of the default behavior while
129
+ * keeping everything else intact. Unset overrides fall through
130
+ * to the built-in defaults (scrypt passwords, standard validation, etc.).
131
+ *
132
+ * @example bcrypt passwords with a custom hash
133
+ * ```ts
134
+ * import bcrypt from "bcrypt";
135
+ *
136
+ * hooks: {
137
+ * hashPassword: (pw) => bcrypt.hash(pw, 12),
138
+ * verifyPassword: (pw, hash) => bcrypt.compare(pw, hash),
139
+ * }
140
+ * ```
141
+ */
142
+ hooks?: AuthHooks;
143
+ /**
144
+ * Enable magic link (passwordless email) authentication.
145
+ * Requires email to be configured.
146
+ */
147
+ magicLink?: boolean;
148
+ }
149
+ export interface RebaseBackendConfig {
150
+ collections?: EntityCollection[];
151
+ collectionsDir?: string;
152
+ server: Server;
153
+ app: Hono<HonoEnv>;
154
+ basePath?: string;
155
+ /**
156
+ * Declared data sources, shared with the frontend `<Rebase dataSources>`.
157
+ *
158
+ * Used to resolve each collection's engine (capabilities) and transport.
159
+ * Collections on a `direct`/`custom` transport are client-only: the backend
160
+ * still owns their schema/registry but does **not** generate server data
161
+ * routes for them. Server-mediated sources (the default) need no entry.
162
+ */
163
+ dataSources?: DataSourceDefinition[];
164
+ /**
165
+ * Database bootstrappers.
166
+ */
167
+ bootstrappers?: BackendBootstrapper[];
168
+ /**
169
+ * Database adapter.
170
+ *
171
+ * When set, this takes precedence over `bootstrappers`.
172
+ *
173
+ * @example
174
+ * ```ts
175
+ * import { createPostgresAdapter } from "@rebasepro/server-postgresql";
176
+ * database: createPostgresAdapter({ connection: db, schema }),
177
+ * ```
178
+ */
179
+ database?: DatabaseAdapter;
180
+ logging?: {
181
+ level?: "error" | "warn" | "info" | "debug";
182
+ };
183
+ /**
184
+ * Authentication configuration.
185
+ *
186
+ * Accepts **either**:
187
+ * - `RebaseAuthConfig` — built-in configuration
188
+ * - `AuthAdapter` — pluggable adapter for external auth (Clerk, Auth0, etc.)
189
+ *
190
+ * When a plain config object is provided, the built-in adapter is created
191
+ * automatically from the bootstrapper's `initializeAuth()` result.
192
+ */
193
+ auth?: RebaseAuthConfig | AuthAdapter;
194
+ /**
195
+ * Storage configuration. Accepts:
196
+ *
197
+ * - A `BackendStorageConfig` object (`{ type: 'local' | 's3' | 'gcs', ... }`)
198
+ * - A `StorageController` instance (for custom providers like Azure, etc.)
199
+ * - A `Record<string, ...>` of either, for multi-backend setups
200
+ */
201
+ storage?: BackendStorageConfig | StorageController | Record<string, BackendStorageConfig | StorageController>;
202
+ /**
203
+ * Declared storage sources. Drives the client-side StorageSourceRegistry
204
+ * and the transport distinction (server vs direct).
205
+ *
206
+ * Server-backed sources are auto-derived from the `storage` map — you
207
+ * only need explicit entries for "direct" transport sources (e.g.
208
+ * external storage) that the backend does not proxy.
209
+ */
210
+ storageSources?: import("@rebasepro/types").StorageSourceDefinition[];
211
+ history?: unknown;
212
+ /**
213
+ * Default security rules applied to any collection that does not define
214
+ * its own `securityRules`. Opt-in — if not set, collections without
215
+ * explicit rules remain unrestricted (beyond `requireAuth`).
216
+ *
217
+ * @example
218
+ * ```ts
219
+ * defaultSecurityRules: [
220
+ * { operation: "select", access: "public" },
221
+ * { operations: ["insert", "update", "delete"], roles: ["admin"] }
222
+ * ]
223
+ * ```
224
+ */
225
+ defaultSecurityRules?: SecurityRule[];
226
+ enableSwagger?: boolean;
227
+ functionsDir?: string;
228
+ cronsDir?: string;
229
+ /**
230
+ * Enable/disable database persistence for cron job execution logs.
231
+ * When set to false, cron jobs will run but logs will not be persisted to the database.
232
+ * Default: true.
233
+ */
234
+ cronPersistence?: boolean;
235
+ /**
236
+ * Maximum request body size in bytes for API routes (default: 10MB).
237
+ * Set to 0 to disable the global limit entirely.
238
+ *
239
+ * Note: Storage upload routes use their own limit from the storage config's
240
+ * `maxFileSize` property (default: 50MB), which takes precedence over this.
241
+ */
242
+ maxBodySize?: number;
243
+ /**
244
+ * CSRF protection configuration. **Opt-in** — disabled by default.
245
+ *
246
+ * BaaS APIs are consumed by mobile apps, SPAs on different domains,
247
+ * and CLI tools, so CSRF is intentionally not enabled unless you
248
+ * explicitly configure it with allowed origins.
249
+ *
250
+ * @example
251
+ * ```ts
252
+ * csrf: { origin: ["https://myapp.com", "https://admin.myapp.com"] }
253
+ * ```
254
+ */
255
+ csrf?: {
256
+ /** Allowed origins for CSRF validation. */
257
+ origin: string | string[] | ((origin: string) => boolean);
258
+ };
259
+ /**
260
+ * Global lifecycle callbacks applied to every collection.
261
+ *
262
+ * Same type as per-collection `callbacks` — fires on **every** data path
263
+ * (REST API, WebSocket / realtime, server-side `rebase.data`).
264
+ *
265
+ * Execution order: global callbacks → collection callbacks → property callbacks.
266
+ *
267
+ * @example
268
+ * ```ts
269
+ * callbacks: {
270
+ * afterRead({ entity, collection }) {
271
+ * console.log(`Read ${collection.slug}/${entity.id}`);
272
+ * return entity;
273
+ * }
274
+ * }
275
+ * ```
276
+ */
277
+ callbacks?: EntityCallbacks;
278
+ }
279
+ /**
280
+ * Type guard to detect whether the `auth` config is an `AuthAdapter`
281
+ * (has a `verifyRequest` method) vs a plain `RebaseAuthConfig` (plain object).
282
+ */
283
+ export declare function isAuthAdapter(auth: RebaseAuthConfig | AuthAdapter): auth is AuthAdapter;
284
+ /**
285
+ * Type guard to detect whether `database` is a `DatabaseAdapter`.
286
+ */
287
+ export declare function isDatabaseAdapter(db: unknown): db is DatabaseAdapter;
288
+ export interface RebaseBackendInstance {
289
+ driverRegistry: DriverRegistry;
290
+ driver: DataDriver;
291
+ realtimeServices: Record<string, RealtimeProvider>;
292
+ realtimeService: RealtimeProvider;
293
+ auth?: BootstrappedAuth;
294
+ history?: unknown;
295
+ storageRegistry?: StorageRegistry;
296
+ storageController?: StorageController;
297
+ collectionRegistry: BackendCollectionRegistry;
298
+ cronScheduler?: import("./cron").CronScheduler;
299
+ /**
300
+ * Deep health check that verifies database connectivity.
301
+ * Returns latency and component status.
302
+ */
303
+ healthCheck(): Promise<HealthCheckResult>;
304
+ /**
305
+ * Graceful shutdown helper for the BaaS instance.
306
+ * Stops the cron scheduler and closes the HTTP server, allowing
307
+ * in-flight requests to drain within the given timeout.
308
+ *
309
+ * @param timeoutMs - Maximum time (ms) to wait for drain before force-exit (default: 15000).
310
+ * Pass 0 to skip the force-exit timer (useful in tests).
311
+ */
312
+ shutdown(timeoutMs?: number): Promise<void>;
313
+ }
314
+ export declare function initializeRebaseBackend(config: RebaseBackendConfig): Promise<RebaseBackendInstance>;