@wecode-team/cms-supabase-api 0.1.29

package/dist/models/cms-model.d.ts

@@ -0,0 +1,39 @@
+import { CmsModelAttributes, CmsModelCreationAttributes } from "../types";
+declare class CmsModelService {
+    private supabase;
+    private tableName;
+    constructor();
+    /**
+     * 创建新的CMS模型
+     */
+    create(data: CmsModelCreationAttributes): Promise<CmsModelAttributes>;
+    /**
+     * 根据ID获取模型
+     */
+    findById(id: number): Promise<CmsModelAttributes | null>;
+    /**
+     * 根据表名获取模型
+     */
+    findByTableName(tableName: string): Promise<CmsModelAttributes | null>;
+    /**
+     * 获取所有模型
+     */
+    findAll(): Promise<CmsModelAttributes[]>;
+    /**
+     * 更新模型
+     */
+    update(id: number, data: Partial<CmsModelCreationAttributes>): Promise<CmsModelAttributes>;
+    /**
+     * 删除模型
+     */
+    delete(id: number): Promise<boolean>;
+}
+/**
+ * 获取CMS模型服务实例
+ */
+export declare function getCmsModelService(): CmsModelService;
+/**
+ * 初始化 CMS 模型表
+ */
+export declare function initializeCmsModel(): Promise<boolean>;
+export default CmsModelService;

package/dist/services/auth.service.d.ts

@@ -0,0 +1,80 @@
+export interface User {
+    id: number;
+    username: string;
+    password_hash: string;
+    role: string;
+    created_at: string;
+    updated_at: string;
+}
+export interface UserInfo {
+    id: number;
+    username: string;
+    role: string;
+    created_at: string;
+    updated_at: string;
+}
+export declare class AuthService {
+    private supabase;
+    private defaultTableName;
+    constructor();
+    /**
+     * 根据用户名查询用户
+     */
+    findUserByUsername(username: string, tableName?: string): Promise<User | null>;
+    /**
+     * 根据用户ID查询用户信息（不包含密码）
+     */
+    findUserById(userId: number, tableName?: string): Promise<UserInfo | null>;
+    /**
+     * 检查用户名是否存在
+     */
+    checkUsernameExists(username: string, tableName?: string): Promise<boolean>;
+    /**
+     * 创建新用户
+     */
+    createUser(userData: {
+        tableName?: string;
+        username: string;
+        password_hash: string;
+        role?: string;
+    }): Promise<UserInfo>;
+    /**
+     * 更新用户信息
+     */
+    updateUser(userId: number, updateData?: {
+        username?: string;
+        password_hash?: string;
+        role?: string;
+        tableName?: string;
+    }): Promise<UserInfo>;
+    /**
+     * 删除用户
+     */
+    deleteUser(userId: number, tableName?: string): Promise<boolean>;
+    /**
+     * 获取所有用户列表（分页）
+     */
+    getUserList(page?: number, limit?: number, tableName?: string): Promise<{
+        data: UserInfo[];
+        total: number;
+        page: number;
+        limit: number;
+        totalPages: number;
+    }>;
+    /**
+     * 搜索用户（按用户名）
+     */
+    searchUsers(searchValue: string, page?: number, limit?: number, tableName?: string): Promise<{
+        data: UserInfo[];
+        total: number;
+        page: number;
+        limit: number;
+        totalPages: number;
+    }>;
+    /**
+     * 更新用户最后登录时间（如果需要记录的话）
+     */
+    updateLastLogin(userId: number, tableName?: string): Promise<void>;
+}
+export declare function getAuthService(): AuthService;
+export default AuthService;

package/dist/services/dynamic-table.service.d.ts

@@ -0,0 +1,92 @@
+import { JsonSchema, PaginatedResponse, SchemaField, RelationOption, GetRelationOptionsParams, SupabaseFilter } from "../types";
+export declare class DynamicTableService {
+    private supabase;
+    constructor();
+    private applySupabaseFilters;
+    /**
+     * 从完整表名中提取前缀
+     * 例如: "jjj231122a342_posts" -> "jjj231122a342_"
+     * 例如: "posts" -> ""
+     */
+    private extractTablePrefix;
+    /**
+     * 根据 JSON 模式创建数据表
+     * @param tableName 完整表名（可能包含前缀，如 "jjj231122a342_posts"）
+     * @param schema JSON Schema
+     * @param baseTableName 可选，基础表名（不含前缀，如 "posts"），用于计算前缀
+     */
+    createTable(tableName: string, schema: JsonSchema, baseTableName?: string): Promise<boolean>;
+    /**
+     * 删除数据表
+     */
+    dropTable(tableName: string): Promise<boolean>;
+    /**
+     * 删除表的所有外键约束
+     * 用于解决外键约束引用错误表的问题
+     */
+    dropAllForeignKeys(tableName: string): Promise<boolean>;
+    /**
+     * 根据约束名直接删除外键约束
+     */
+    dropForeignKeyByName(tableName: string, constraintName: string): Promise<boolean>;
+    /**
+     * 删除指定的外键约束
+     */
+    dropForeignKey(tableName: string, constraintName: string): Promise<boolean>;
+    /**
+     * 检查表是否存在
+     */
+    tableExists(tableName: string): Promise<boolean>;
+    /**
+     * 获取表结构
+     */
+    getTableStructure(tableName: string): Promise<any>;
+    /**
+     * 执行原生 SQL 查询
+     */
+    executeQuery(sql: string, values?: any[]): Promise<any>;
+    /**
+     * 获取表数据（分页）
+     */
+    getTableData(tableName: string, page?: number, limit?: number, where?: string, filters?: SupabaseFilter[]): Promise<PaginatedResponse>;
+    /**
+     * 获取表数据（分页，带搜索）
+     */
+    getTableDataWithSearch(tableName: string, page: number | undefined, limit: number | undefined, searchableFields: string[], searchValue: string, filters?: SupabaseFilter[]): Promise<PaginatedResponse>;
+    /**
+     * 插入数据
+     */
+    insertData(tableName: string, data: Record<string, any>, autoFixForeignKey?: boolean): Promise<Record<string, any>>;
+    /**
+     * 更新数据
+     * @param id 支持整数和 UUID 字符串
+     */
+    updateData(tableName: string, id: number | string, data: Record<string, any>, autoFixForeignKey?: boolean): Promise<Record<string, any>>;
+    /**
+     * 删除数据
+     * @param id 支持整数和 UUID 字符串
+     */
+    deleteData(tableName: string, id: number | string): Promise<any>;
+    /**
+     * 根据 ID 获取单条数据
+     * @param id 支持整数和 UUID 字符串
+     */
+    getDataById(tableName: string, id: number | string): Promise<any>;
+    /**
+     * 获取关联表选项列表 (用于下拉选择)
+     * @param params 查询参数
+     * @returns 选项列表
+     */
+    getRelationOptions(params: GetRelationOptionsParams): Promise<RelationOption[]>;
+    /**
+     * 获取表数据（带关联数据）
+     * @param tableName 表名
+     * @param schema JSON Schema (包含关系定义)
+     * @param page 页码
+     * @param limit 每页数量
+     * @returns 分页数据（包含关联数据）
+     */
+    getTableDataWithRelations(tableName: string, schema: SchemaField[], page?: number, limit?: number): Promise<PaginatedResponse>;
+}
+export declare function getDynamicTableService(): DynamicTableService;
+export default DynamicTableService;

package/dist/types/index.d.ts

@@ -0,0 +1,127 @@
+export type RelationType = 'belongsTo' | 'hasMany' | 'belongsToMany';
+export interface RelationConfig {
+    /**
+     * 关系类型
+     * - belongsTo: 多对一，当前表存储外键 (如：文章表的 author_id 关联作者表)
+     * - hasMany: 一对多，目标表存储外键 (如：作者表关联多篇文章)
+     * - belongsToMany: 多对多，需要中间表 (如：文章和标签)
+     */
+    type: RelationType;
+    /**
+     * 目标表名
+     */
+    target: string;
+    /**
+     * 外键字段名
+     * - belongsTo: 当前表中的外键字段，默认为 ${target}_id
+     * - hasMany: 目标表中的外键字段，默认为 ${currentTable}_id
+     */
+    foreignKey?: string;
+    /**
+     * 目标表的主键字段，默认为 'id'
+     */
+    targetKey?: string;
+    /**
+     * 多对多关系的中间表名 (仅 belongsToMany 需要)
+     */
+    through?: string;
+    /**
+     * 用于下拉选项显示的字段名，默认为 'name' 或 'title'
+     */
+    displayField?: string;
+    /**
+     * 是否在列表中显示关联数据
+     */
+    showInList?: boolean;
+}
+export interface SchemaField {
+    name: string;
+    /**
+     * 字段类型
+     * - 基础类型: string, text, integer, float, boolean, date, datetime, json, jsonb, email
+     * - 关系类型: relation (需要配置 relation 属性)
+     */
+    type: string;
+    required?: boolean;
+    unique?: boolean;
+    maxLength?: number;
+    defaultValue?: any;
+    comment?: string;
+    /**
+     * 关系配置 (当 type 为 'relation' 时必填)
+     */
+    relation?: RelationConfig;
+}
+export interface JsonSchema {
+    fields: SchemaField[];
+}
+export interface CmsModelAttributes {
+    id: number;
+    name: string;
+    table_name: string;
+    json_schema: JsonSchema;
+    created_at: Date;
+    updated_at: Date;
+}
+export interface CmsModelCreationAttributes {
+    name: string;
+    table_name: string;
+    json_schema: JsonSchema;
+}
+export interface ApiResponse<T = any> {
+    success: boolean;
+    message?: string;
+    data?: T;
+    error?: string;
+}
+export interface PaginatedResponse<T = any> {
+    data: T[];
+    total: number;
+    page: number;
+    limit: number;
+    totalPages: number;
+}
+export interface SupabaseConfig {
+    url: string;
+    key: string;
+    schema?: string;
+}
+export interface DatabaseConfig extends SupabaseConfig {
+}
+export interface TableDataOptions {
+    page?: number;
+    limit?: number;
+    search?: string;
+    where?: string;
+    orderBy?: string;
+    ascending?: boolean;
+}
+export interface SupabaseFilter {
+    column: string;
+    operator: "eq" | "neq" | "gt" | "gte" | "lt" | "lte" | "like" | "ilike" | "in" | "is";
+    value: any;
+}
+export interface FieldTypeMapping {
+    string: "text";
+    text: "text";
+    integer: "int4";
+    float: "float8";
+    boolean: "bool";
+    date: "date";
+    datetime: "timestamptz";
+    json: "jsonb";
+    jsonb: "jsonb";
+    email: "text";
+    relation: "int4";
+}
+export interface RelationOption {
+    id: number | string;
+    label: string;
+    [key: string]: any;
+}
+export interface GetRelationOptionsParams {
+    tableName: string;
+    displayField?: string;
+    limit?: number;
+    search?: string;
+}

package/dist/utils/admin-registry.d.ts

@@ -0,0 +1,14 @@
+import type { SupabaseClient } from "@supabase/supabase-js";
+export declare function normalizeSessionId(sessionId: string | null | undefined): string;
+/**
+ * 从前端传来的 auth tableName 中提取 session_id
+ * 约定：auth tableName 形如 `${sessionId}_cms_users`；无前缀则为 `cms_users`
+ */
+export declare function extractSessionIdFromAuthTableName(tableName: string): string;
+export declare function ensureAdminRegistryTable(supabase: SupabaseClient): Promise<boolean>;
+export declare function getSessionAdminRow(supabase: SupabaseClient, sessionId: string): Promise<{
+    session_id: string;
+    user_id: string;
+    email?: string | null;
+} | null>;
+export declare function isUserSessionAdmin(supabase: SupabaseClient, sessionId: string, userId: string): Promise<boolean>;

package/dist/utils/auth-utils.d.ts

@@ -0,0 +1,56 @@
+import { UserInfo } from "../services/auth.service";
+/**
+ * 认证工具类 - 处理JWT、密码验证等通用逻辑
+ */
+export declare class AuthUtils {
+    /**
+     * 生成JWT token
+     */
+    static generateToken(user: UserInfo): string;
+    /**
+     * 验证JWT token
+     */
+    static verifyToken(token: string): any;
+    /**
+     * 验证密码
+     */
+    static validatePassword(plainPassword: string, hashedPassword: string): Promise<boolean>;
+    /**
+     * 加密密码
+     */
+    static hashPassword(password: string): Promise<string>;
+    /**
+     * 从请求头中提取和验证token
+     */
+    static extractTokenFromHeader(authHeader: string | null): string | null;
+    /**
+     * 获取AuthService实例
+     */
+    static getAuthService(): import("../services/auth.service").AuthService;
+    /**
+     * 验证用户登录
+     */
+    static authenticateUser(username: string, password: string, tableName: string): Promise<{
+        success: boolean;
+        message: string;
+        user?: undefined;
+    } | {
+        success: boolean;
+        user: UserInfo;
+        message?: undefined;
+    }>;
+    /**
+     * 验证并获取用户信息
+     */
+    static verifyTokenAndGetUser(token: string, tableName: string): Promise<{
+        success: boolean;
+        message: string;
+        user?: undefined;
+        decoded?: undefined;
+    } | {
+        success: boolean;
+        user: UserInfo;
+        decoded: any;
+        message?: undefined;
+    }>;
+}

package/dist/utils/route-helpers.d.ts

@@ -0,0 +1,7 @@
+import { Hono } from "hono";
+export declare function createModelRoute(app: Hono): Hono<import("hono/types").BlankEnv, import("hono/types").BlankSchema, "/">;
+export declare function createDataRoute(app: Hono, tableName: string): Hono<import("hono/types").BlankEnv, import("hono/types").BlankSchema, "/">;
+export declare function createDynamicDataRoute(app: Hono): Hono<import("hono/types").BlankEnv, import("hono/types").BlankSchema, "/">;
+export declare function createDynamicAuthRoute(app: Hono): Hono<import("hono/types").BlankEnv, import("hono/types").BlankSchema, "/">;
+export declare function createAuthRoute(app: Hono, tableName: string): Hono<import("hono/types").BlankEnv, import("hono/types").BlankSchema, "/">;
+export declare function createCmsRoutes(app: Hono): Hono<import("hono/types").BlankEnv, import("hono/types").BlankSchema, "/">;

package/dist/utils/user-registry.d.ts

@@ -0,0 +1,7 @@
+import type { SupabaseClient } from "@supabase/supabase-js";
+export declare function ensureUserRegistryTable(supabase: SupabaseClient): Promise<boolean>;
+export declare function isUsernameTaken(supabase: SupabaseClient, sessionId: string, username: string): Promise<boolean>;
+export declare function registerUsername(supabase: SupabaseClient, sessionId: string, username: string, userId: string): Promise<{
+    ok: boolean;
+    conflict?: boolean;
+}>;

package/package.json

@@ -0,0 +1,80 @@
+{
+  "name": "@wecode-team/cms-supabase-api",
+  "version": "0.1.29",
+  "description": "A CMS API package using Hono framework with Supabase and dynamic table management",
+  "main": "dist/index.js",
+  "module": "dist/index.esm.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "require": "./dist/index.js",
+      "import": "./dist/index.esm.js"
+    }
+  },
+  "files": [
+    "dist",
+    "supabase-setup.sql",
+    "README.md",
+    "USAGE_EXAMPLE.md"
+  ],
+  "scripts": {
+    "build": "rollup -c --bundleConfigAsCjs",
+    "prepublishOnly": "npm run build",
+    "dev": "tsx server.ts",
+    "start": "node --loader tsx server.ts",
+    "dev:all": "./start-dev.sh",
+    "publish:public": "npm run build && npm publish --registry https://registry.npmjs.org/ --access public --ignore-scripts",
+    "publish:private": "npm run build && npm publish --registry https://packages.aliyun.com/691ae90ae6c3e0425dbdc56f/npm/npm-registry/ --access public --ignore-scripts",
+    "publish:all": "npm run build && npm publish --registry https://registry.npmjs.org/ --access public --ignore-scripts && npm publish --registry https://packages.aliyun.com/691ae90ae6c3e0425dbdc56f/npm/npm-registry/ --access public --ignore-scripts",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [
+    "cms",
+    "api",
+    "hono",
+    "supabase",
+    "postgresql",
+    "dynamic-table"
+  ],
+  "author": "wecode-team",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/wecode-team/wequicksandbox.git",
+    "directory": "packages/cms-supabase-api"
+  },
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org/"
+  },
+  "dependencies": {
+    "@babel/runtime": "^7.22.5",
+    "jsonwebtoken": "^9.0.2",
+    "bcryptjs": "^2.4.3"
+  },
+  "peerDependencies": {
+    "@supabase/supabase-js": "^2.0.0",
+    "hono": "^4.0.0"
+  },
+  "devDependencies": {
+    "@babel/core": "^7.22.5",
+    "@babel/plugin-transform-runtime": "^7.22.5",
+    "@babel/preset-env": "^7.22.5",
+    "@babel/preset-typescript": "^7.22.5",
+    "@hono/node-server": "^1.12.0",
+    "@rollup/plugin-babel": "^6.0.3",
+    "@rollup/plugin-commonjs": "^25.0.0",
+    "@rollup/plugin-json": "^6.1.0",
+    "@rollup/plugin-node-resolve": "^15.1.0",
+    "@rollup/plugin-typescript": "^11.1.1",
+    "@supabase/supabase-js": "^2.52.1",
+    "@types/bcryptjs": "^2.4.6",
+    "@types/jsonwebtoken": "^9.0.5",
+    "@types/node": "^20.0.0",
+    "hono": "^4.0.0",
+    "rollup": "^3.25.1",
+    "tsx": "^4.21.0",
+    "typescript": "^5.1.3"
+  }
+}

package/supabase-setup.sql

@@ -0,0 +1,151 @@
+-- Supabase Setup SQL for we0-cms-supabase-hono-api
+-- Execute this SQL in your Supabase SQL Editor to set up the required functions
+
+-- Function to execute SQL queries
+CREATE OR REPLACE FUNCTION execute_sql(sql_query text)
+RETURNS json
+LANGUAGE plpgsql
+SECURITY DEFINER
+AS $$
+DECLARE
+  result json;
+  row_count integer;
+BEGIN
+  EXECUTE sql_query;
+  GET DIAGNOSTICS row_count = ROW_COUNT;
+  RETURN json_build_object('success', true, 'rows_affected', row_count);
+EXCEPTION
+  WHEN OTHERS THEN
+    RETURN json_build_object('success', false, 'error', SQLERRM);
+END;
+$$;
+
+-- Function to execute SQL with parameters (simplified version)
+CREATE OR REPLACE FUNCTION execute_sql_with_params(sql_query text, params json)
+RETURNS json
+LANGUAGE plpgsql
+SECURITY DEFINER
+AS $$
+DECLARE
+  result json;
+  row_count integer;
+BEGIN
+  -- Note: This is a simplified version for basic use cases
+  -- In production, you might want more sophisticated parameter binding
+  EXECUTE sql_query;
+  GET DIAGNOSTICS row_count = ROW_COUNT;
+  RETURN json_build_object('success', true, 'rows_affected', row_count);
+EXCEPTION
+  WHEN OTHERS THEN
+    RETURN json_build_object('success', false, 'error', SQLERRM);
+END;
+$$;
+
+-- Function to check if table exists
+CREATE OR REPLACE FUNCTION check_table_exists(input_table_name text)
+RETURNS boolean
+LANGUAGE plpgsql
+SECURITY DEFINER
+AS $$
+BEGIN
+  RETURN EXISTS (
+    SELECT 1 FROM information_schema.tables
+    WHERE table_schema = 'public' 
+    AND table_name = input_table_name
+  );
+END;
+$$;
+
+-- Function to get table structure
+CREATE OR REPLACE FUNCTION get_table_structure(table_name text)
+RETURNS json
+LANGUAGE plpgsql
+SECURITY DEFINER
+AS $$
+DECLARE
+  result json;
+BEGIN
+  SELECT json_agg(
+    json_build_object(
+      'column_name', column_name,
+      'data_type', data_type,
+      'is_nullable', is_nullable,
+      'column_default', column_default,
+      'character_maximum_length', character_maximum_length
+    )
+  ) INTO result
+  FROM information_schema.columns
+  WHERE table_schema = 'public' AND table_name = $1
+  ORDER BY ordinal_position;
+  
+  RETURN COALESCE(result, '[]'::json);
+END;
+$$;
+
+-- Function to create CMS models table if not exists
+CREATE OR REPLACE FUNCTION create_cms_models_table_if_not_exists()
+RETURNS json
+LANGUAGE plpgsql
+SECURITY DEFINER
+AS $$
+BEGIN
+  -- Create the CMS models table
+  CREATE TABLE IF NOT EXISTS "_cms_models" (
+    id SERIAL PRIMARY KEY,
+    name VARCHAR(100) NOT NULL,
+    table_name VARCHAR(100) NOT NULL UNIQUE,
+    json_schema JSONB NOT NULL,
+    created_at TIMESTAMPTZ DEFAULT NOW(),
+    updated_at TIMESTAMPTZ DEFAULT NOW()
+  );
+  
+  -- Create or replace the trigger function for updating timestamps
+  CREATE OR REPLACE FUNCTION update_updated_at_column()
+  RETURNS TRIGGER AS $trigger$
+  BEGIN
+    NEW.updated_at = NOW();
+    RETURN NEW;
+  END;
+  $trigger$ language 'plpgsql';
+  
+  -- Drop existing trigger if it exists and create new one
+  DROP TRIGGER IF EXISTS update_cms_models_updated_at ON "_cms_models";
+  CREATE TRIGGER update_cms_models_updated_at
+    BEFORE UPDATE ON "_cms_models"
+    FOR EACH ROW
+    EXECUTE FUNCTION update_updated_at_column();
+    
+  RETURN json_build_object('success', true, 'message', 'CMS models table created successfully');
+EXCEPTION
+  WHEN OTHERS THEN
+    RETURN json_build_object('success', false, 'error', SQLERRM);
+END;
+$$;
+
+-- Initialize the CMS models table
+SELECT create_cms_models_table_if_not_exists ();
+
+-- Grant necessary permissions (adjust as needed for your security requirements)
+-- Note: Be careful with these permissions in production
+GRANT USAGE ON SCHEMA public TO anon, authenticated;
+
+GRANT ALL ON ALL TABLES IN SCHEMA public TO anon, authenticated;
+
+GRANT ALL ON ALL SEQUENCES IN SCHEMA public TO anon, authenticated;
+
+GRANT ALL ON ALL FUNCTIONS IN SCHEMA public TO anon, authenticated;
+
+-- Create RLS policies for the CMS models table (optional, adjust as needed)
+ALTER TABLE "_cms_models" ENABLE ROW LEVEL SECURITY;
+
+-- Allow all operations for all users (development environment)
+CREATE POLICY "Allow all operations" ON "_cms_models" FOR ALL USING (true);
+
+COMMENT ON
+TABLE "_cms_models" IS 'CMS models configuration table for we0-cms-supabase-hono-api';
+
+COMMENT ON FUNCTION execute_sql (text) IS 'Execute SQL queries for dynamic table management';
+
+COMMENT ON FUNCTION check_table_exists (text) IS 'Check if a table exists in the public schema';
+
+COMMENT ON FUNCTION get_table_structure (text) IS 'Get the structure of a table';