beech-api 3.8.0 → 3.9.0-beta.9-rc

package/README.md

@@ -1,22 +1,74 @@
 [![N|Solid](https://i.ibb.co/NKxx9NQ/beech320.jpg)](https://github.com/bombkiml)
 
 # Beech API framework
-#### Stable v.3.8.0 (LTS)
+#### Auto endpoint v.3.9.0 (LTS)
 
-[![beech-api release](https://img.shields.io/github/v/release/bombkiml/beech-api)](https://github.com/bombkiml/beech-api/releases/tag/3.8.0)
+[![beech-api release](https://img.shields.io/github/v/release/bombkiml/beech-api)](https://github.com/bombkiml/beech-api/releases/)
 [![PyPI license](https://shields.io/pypi/l/ansicolortags.svg)](https://github.com/bombkiml/beech-api/blob/master/README.md)
 
 # What is Beech API ?
 
 The Beech API is API framework, It's help you with very easy to create API project under [Node.js](https://nodejs.org)
 
+## Let's go
+- <b>[Installation](#installation)</b>
+- <b>[Creating a project](#creating-a-project)</b>
+- <b>[Upgrade to latest version](#upgrade-to-latest-version)</b>
+- <b>[Beech CLI tool available](#beech-cli-tool-available)</b>
+- ✨ <b>Automation Endpoints with CRUD</b>
+  - [Database Connection](#database-connection)
+    - [Model](#models)
+  - [Retrieving data with Query String](#retrieving-data-with-query-string)
+    - Conditions
+    - Grouping
+    - Ordering
+    - Timestamps (Add-on in Store and Update)
+  - [Transactions](#-transactions)
+    - [Disorganized transactions](#way-1---disorganized-transactions-)
+    - [Organized transactions](#way-2---organized-transactions-)
+    - [Transactions set Isolation levels](#way-3---transactions-set-isolation-levels-)
+  - [Endpoints](#endpoints)
+  - [Helpers](#helpers)
+- 🔐 <b>System Management of Authentication</b>
+  - [Authentication Manegement](#authentication-passport-jwt)
+    - [Request Token](#request-token)
+    - [Beech Guard](#beech-guard)
+      - Verify Identity Management
+      - Two Factor (2fa, OTP, etc.)
+    - [Beech User Authentication Managements](#-beech-user-authentication-managements)
+      - Create Auth
+      - Update Auth
+- 🛠️ <b>Safe Endpoints Request</b>
+  - [Rate Limit](#-custom-endpoint-specific-rate-limit)
+  - [Slow Down](#-custom-endpoint-specific-slow-down)
+  - [Block Duplicate Request per Window](#-custom-endpoint-specific-duplicate-request)
+  - [JWT Broken Role](#jwt-broken-role)
+  - [Advance Guard (Timimg)](#-beech-advanced-guard-timing)
+- 🙂 <b>Hight Security under passport-jwt, oauth2</b>
+- 🌐 <b>Supported Official Strategy</b>
+  - [Google](#-google-strategy)
+  - [Facebook](#-facebook-strategy)
+- 🖥️ <b>CORS Origin & Server Configuration</b>
+  - [Config Base public path `./`](#cors-origin--server-configuration)
+  - [Allow origin whitelist](#cors-origin--server-configuration)
+- 📚 <b>Databases Managements</b>
+  - [Migrations](#databases-managements)
+  - [Seeder](#-creating-first-seeder)
+- ☕ <b>Testing</b>
+  - [Jest](#testing)
+- 🏃 <b>Implementration</b>
+  - [Docker](#implementation)
+  - [PM2](#-implement-with-pm2)
+
 # Environment
 
-- [`Node.js`](https://nodejs.org) >= 14.19.0+ (recommended)
+- [`Node.js`](https://nodejs.org) >= 18.17.1+ (recommended)
 
 # Installation
 
-Beech API requires Node.js version 14.19.0 or above. You can manage multiple versions of Node on the same machine with [nvm](https://github.com/creationix/nvm) or [nvm-windows](https://github.com/coreybutler/nvm-windows). So, Let's go to install `beech-api`
+Beech API needed Node.js version 18.17.1 or above. You can management multiple versions on the same machine with [nvm](https://github.com/creationix/nvm) or [nvm-windows](https://github.com/coreybutler/nvm-windows).
+
+<b>So, Let's go to install</b> `beech-api`
 
 ```sh
 # NPM
@@ -28,8 +80,11 @@ $ yarn global add beech-api
 
 Installation demo:
 
-[Demo](https://i.ibb.co/hySFxy3/install-beech720-1.gif)
-![Alt Text](https://i.ibb.co/hySFxy3/install-beech720-1.gif)
+[Demo 1](https://i.ibb.co/TBjNgVrF/1-11.gif)
+![Alt Text](https://i.ibb.co/TBjNgVrF/1-11.gif)
+
+[Demo 2](https://i.ibb.co/wrdgyzDP/ezgif-8539024298ec62a9.gif)
+![Alt Text](https://i.ibb.co/wrdgyzDP/ezgif-8539024298ec62a9.gif)
 
 After installation, you will have access to the `beech-app` binary in your command line.
 You can check you have the right version with this command:
@@ -98,7 +153,9 @@ The following commands are available:
   $ beech key:generate, key:gen       Re-Generate application key (Dangerous!).
   $ beech hash:<text>                 Hash text for Access to Database connection.
 ```
-❓ **Note:** Every to create new project will be generated new ``app_key`` in ``app.config.js`` file, If you can re-generate. Can use command ``$ beech key:generate`` or ``$ beech key:gen``
+❓ **Note:** Every to create new project will be generated new ``app_key`` in ``app.config.js`` file.
+
+❓ **Note:** If you can re-generate. Can use command ``$ beech key:generate`` or ``$ beech key:gen``
 
 # Database connection
 
@@ -121,11 +178,11 @@ $ beech hash:password
 Output: FjgcgJPylkV7EeQJjea_EeifPwaHVO9onD3ATk3YYAyvjtMGu3dcDS0ejA
 
 ```
-Example:
+***For Example :***
 
 📂 app.config.js
 ```js
-// basic & sequelize (needed Hash)
+// Database configuration Only Basic & Sequelize (needed Hash)
 
 ...
 
@@ -150,9 +207,9 @@ database_config: [
     // or use a named timezone supported by Intl.Locale
     // timezone: 'America/Los_Angeles',
 
-    logging: console.log, // SQL trace logs
+    logging: console.log, // SQL trace logs. Learn more: https://sequelize.org/docs/v6/getting-started/#logging
 
-    is_connect: true, // boolean, Turn ON/OFF to connect
+    is_connect: true, // Boolean, Turn ON/OFF to connect
   },
 
   ...
@@ -163,113 +220,26 @@ database_config: [
 ```
 ❓ **Caution! :**  Every re-new generate `app_key`. Must to new Hash your Access and change to ALL Database connections.
 
-# Part of generate file
-
-## # Generate Endpoints
+❓ **Development** : You can add ```dev: true``` in ```main_config``` for a better experience.
 
-The `endpoints` keep the endpoints basic request files currently support `GET`, `POST`, `PUT`, `PATCH` and `DELETE`.
+# Models
 
-So, you might create new endpoints with constant `endpoint` object variable in `src/endpoints/` folder and file neme must be end with `-endpoints.js`
+The `models` keep the files of function(s) data managemnets for Retriving, Creating, Updating and Destroying (CRUD). for understanding you might make model name same your table name inside `src/models` folder.
 
 ```sh
-$ beech make endpointName
-```
-You might using [special] `-R, --require` for choose Model(s) used for that endpoint.
-
-### Example ***(Basic)*** : Fruit endpoints.
-
-📂 fruit-endpoints.js
-```js
-exports.init = () => {
-
-  // GET method
-  endpoint.get("/fruit", Credentials, (req, res) => {
-    // @response
-    res.json({
-      code: 200,
-      status: "SUCCESS",
-      message: "GET /fruit request.",
-    });
-  });
-
-
-  // POST method
-  endpoint.post("/fruit", Credentials, (req, res) => {
-    // @response
-    res.json({
-      code: 200,
-      status: "SUCCESS",
-      message: "POST request at /fruit",
-      result: {
-        id: req.body.id,
-        name: req.body.name,
-      },
-    });
-  });
-
-
-  // PUT method
-  endpoint.put("/fruit/:id", Credentials, (req, res) => {
-    // @response
-    res.json({
-      code: 200,
-      status: "SUCCESS",
-      message: "PUT request at /fruit/" + req.params.id,
-    });
-  });
-
-
-  // DELETE method
-  endpoint.delete("/fruit/:id", Credentials, (req, res) => {
-    // @response
-    res.json({
-      code: 200,
-      status: "SUCCESS",
-      message: "DELETE request at /fruit/" + req.params.id,
-    });
-  });
-
-  ...
-
-}
-```
-
-### Example ***(Sequelize)*** : Fruit endpoints. 
-
-📂 fruit-endpoints.js
-```js
-  // Require Model schema, Function & Others
-  const { Fruit } = require("@/models/Fruit");
-
-  exports.init = () => {
-
-    // GET method
-    endpoint.get('/fruit', async (req, res) => {
-      // example call Fruit model for get data
-      res.json({
-        code: 200,
-        status: "SUCCESS",
-        results: await Fruit.findAll();
-      });
-    });
-
-    ...
-
-  }
+$ beech make modelName --model
 ```
 
+## # Model (Basic)
 
-## # Generate Models ###
+  Basic model only support `MySQL` Raw Query format and freedom of your SQL query
 
-The `models` keep the files of function(s) data managemnets for Retriving, Creating, Updating and Destroying (CRUD). for understanding you might make model name same your table name inside `src/models` folder.
+  ❓ **Note:**  The Basic pool engine it's not support auto Endpoints.
 
-```sh
-$ beech make modelName --model
-```
 
-### Example ***(Basic)*** : Fruit model.
+***For example :***
 
-📂 Fruit.js
+📂 models/Fruit.js
 ```js
 module.exports = {
 
@@ -299,11 +269,17 @@ module.exports = {
 };
 ```
 
-### Example ***(Sequelize)*** : Fruit model.
+## # Model (Sequelize)
 
+  Sequelize is a promise-based Node.js ORM tool for Postgres, MySQL, MariaDB, SQLite, Microsoft SQL Server, Oracle Database, Amazon Redshift and Snowflake’s Data Cloud. It features solid transaction support, relations, eager and lazy loading, read replication and more. <br/>You can learn more: [Sequelize docs](https://sequelize.org/docs/v6)
+  
   You can asign more DataTypes, Learn more : [Sequelize docs](https://sequelize.org/docs/v6/core-concepts/model-basics/#data-types)
 
-📂Fruit.js
+  ❓ **Note:** When you generate a model it's create table structure for automatically for you.
+
+***For example :***
+
+📂 models/Fruit.js
 ```js
 const { Schema } = require("beech-api");
 
@@ -327,6 +303,7 @@ const Fruit = Schema(sql.default_db).define("fruit", {
     type: DataTypes.INTEGER,
     allowNull: false, // Allow null feilds
   },
+  sort: DataTypes.STRING,
   createdAt: {
     type: DataTypes.DATE,
     allowNull: false,
@@ -350,11 +327,10 @@ Fruit.options = {
   // Option 1: Allow all methods
   defaultEndpoint: true,
 
-  // Option 2: Allow with specific per methods
+   // Option 2: Allow with specific per methods
   defaultEndpoint: {
     GET: true,
-    POST: false,
-    PATCH: {
+    POST: {
       allow: true, // allow Auto-Endpoint
       jwt: {
         allow: true, // allow JWT
@@ -362,12 +338,23 @@ Fruit.options = {
           { role: [1, 2] },
         ],
       },
+      // Rate Limit for POST
+      rate_limit: {
+        windowMs: 15 * 60 * 1000, // 15 minutes
+        limit: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
+        // store: ... , // Redis, Memcached, etc.
+        // See more: https://www.npmjs.com/package/express-rate-limit#Configuration
+      },
+      // Duplicate Request for POST
+      duplicate_request: {
+        expiration: 500, // Can't duplicate request for 5 milliseconds each IP requests per `window` (Disabled for Set expiration to 0 zero.)
+      },
     },
+    PATCH: false,
     DELETE: false,
   },
 
   limitRows: 100, // Limit rows default 100
-
 };
 
 // Example Finder by id (ORM), Learn more: https://sequelize.org/docs/v6/core-concepts/model-querying-finders/
@@ -375,7 +362,6 @@ function exampleFindOneFruitById(id) {
   return Fruit.findOne({ where: { id: id } });
 }
 
-
 // Example Raw Query with Model Instances. This allows you to easily map a query to a predefined model
 function exampleGetAllFruitWithModelInstance(id) {
   return Fruit.query("SELECT * FROM fruit", {
@@ -400,18 +386,98 @@ module.exports = {
   ...
 };
 ```
-#### That's cool! It's like magic creating The endpoints for you (CRUD) ✨
 
-Now! you can request to `/fruit` with methods GET, POST, PATCH and DELETE like this.
+## Retrieving data with Query String
+
+Now you can add Query String with Conditional, Grouping and Ordering (Now Support Readonly for GET method)
+
+### ✨ That's cool! It's like magic Creating The Endpoints for you (CRUD) ✨
+
+<b style="font-size:12pt">For Example, Now!</b>, You can request to `/fruit` with methods GET, POST, PATCH and DELETE like this.
 
-| Efficacy |  Method  |        Endpoint        |    Body    |
-|:---------|:---------|:-----------------------|:-----------|
-|  Create  |  POST    | /fruit                 |     { }    |
-|  Read    |  GET     | /fruit                 |     No     |
-|  Read    |  GET     | /fruit/:id             |     No     |
-|  Read    |  GET     | /fruit/:limit/:offset  |     No     |
-|  Update  |  PATCH   | /fruit/:id             |     { }    |
-|  Delete  |  DELETE  | /fruit/:id             |     No     |
+| Efficacy |  Method  |        Endpoint        |    Body      | Mode    |
+|:---------|:---------|:-----------------------|:-------------|:--------|
+|  Create  |  POST    | /fruit                 |     { }      | Single  |
+|  Create  |  POST    | /fruit                 |     [ ]      | Bulk    |
+|  Read    |  GET     | /fruit                 |     No       | Fetch   |
+|  Read    |  GET     | /fruit/:limit/:offset  |     No       | Fetch   |
+|  Read    |  GET     | /fruit?someField=1     |     No       | Fetch   |
+|  Read    |  GET     | /fruit?orderby=sort    |     No       | Fetch   |
+|  Read    |  GET     | /fruit?groupby=id      |     No       | Fetch   |
+|  Update  |  PATCH   | /fruit/:id             |     { }      | Single  |
+|  Delete  |  DELETE  | /fruit/:id             |     No       | Single  |
+
+Add some Basic Conditions, Grouping and Ordering with `QUERY STRING` under GET methods<br/>
+
+Retrieving `fruit` data with GET : `/fruit?someField=[eq,1]&groupby=[id]&orderby=[id,desc]`
+
+***For Example :***
+
+```java
+// WHERE Conditions
+GET: /fruit?id=1                      // id = 1
+GET: /fruit?isActived=[eq,1]          // isActived = 1
+GET: /fruit?fruitName=[like,Banana%]  // fruitName LIKE 'Banana%' (Not allow with date, time)
+GET: /fruit?cost=[gt,50]&qty=[lt,10]  // cost > 50 AND qty < 10
+GET: /fruit/10/0?qty=[lt,10]          // qty < 10 LIMIT 0,10
+
+// Grouping
+GET: /fruit?groupby=id                // GROUP BY id
+GET: /fruit?groupby=[id,fruitName]    // GROUP BY id, fruitName
+
+// Ordering
+GET: /fruit?oderby=id                 // ORDER BY id ASC
+GET: /fruit?oderby=[sort,desc]        // ORDER BY sort DESC
+```
+
+For usage avariable:
+
+```java
+// Basics conditions
+3                                     // = 3
+[eq, 3]                               // = 3
+[ne, 20]                              // != 20
+[is, null]                            // IS NULL
+[not, null]                           // IS NOT NULL
+[or, [5, 6]]                          // (someField = 5) OR (someField = 6) // Not support NULL value
+
+// Number comparisons conditions
+[gt, 6]                               // > 6
+[gte, 6]                              // >= 6
+[lt, 10]                              // < 10
+[lte, 10]                             // <= 10
+[between, [6, 10]]                    // BETWEEN 6 AND 10
+[between, [2025-01-01, 2025-04-30]]   // BETWEEN '2025-01-01 00:00:00' AND '2025-04-30 23:59:59'
+                                      // When assign Datetime format will only support field datatype is `Date`, `Datetime`, `Time`
+
+// OR You can assign Datetime like this.
+[between, [2025-01-01 12:00:00, 2025-04-30 15:00:00]] // BETWEEN '2025-01-01 12:00:00' AND '2025-04-30 15:00:00'
+
+[notBetween, [11, 15]]                // NOT BETWEEN 11 AND 15
+
+// Other operators conditions
+[in, [1, 2, 3]],                      // IN [1, 2, 3]
+[notIn, [1, 2, 3]],                   // NOT IN [1, 2, 3]
+[like, %hat]                          // LIKE '%hat' (Avoid use #, % and %<Number> between wording)
+                                      // Becuase URL will be decoded it, Reccommand use startsWith, endsWith and substring when you need assing Number value)
+                                      // And NOT SUPPORT field datatype is `date`, `datetime`, `time`. Should be use with datatype is `String` or `Number` it work!.
+
+[notLike, %hat]                       // NOT LIKE '%hat'
+[startsWith, hat]                     // LIKE 'hat%'
+[endsWith, hat]                       // LIKE '%hat'
+[substring, hat]                      // LIKE '%hat%'
+
+// Grouping
+groupby=id                            // GROUP BY id
+groupby=[id]                          // ORDER BY id
+groupby=[id, fruitName]               // ORDER BY id, fruitName
+
+// Ordering
+oderby=id                             // ORDER BY id ASC (Basic usage default Ascending)
+oderby=[id, asc]                      // ORDER BY id ASC
+oderby=[id, desc]                     // ORDER BY id ASC
+oderby=[[id, desc], [sort, asc]]      // ORDER BY id DESC, sort ASC
+```
 
 ## # Transactions
 
@@ -500,7 +566,306 @@ Fruit.transaction(
 });
 ```
 
-## # Generate Helpers ###
+# Endpoints
+
+The `endpoints` keep the endpoints basic request files currently support `GET`, `POST`, `PUT`, `PATCH` and `DELETE`.
+
+So, you might create new endpoints with constant `endpoint` object variable in `src/endpoints/` folder and file neme must be end with `-endpoints.js`
+
+```sh
+$ beech make endpointName
+```
+You might using [special] `-R, --require` for choose Model(s) used for that endpoint.
+
+***For Example :***
+
+📂 endpoints/fruit-endpoints.js
+```js
+// Require Model schema, Function & Others
+const { Fruit } = require("@/models/Fruit");
+
+exports.init = () => {
+
+  // GET method
+  endpoint.get("/fruit", Credentials, async (req, res) => {
+    // example call Fruit model for get data
+    res.json({
+      code: 200,
+      status: "SUCCESS",
+      results: await Fruit.findAll();
+    });
+  });
+
+
+  // POST method
+  endpoint.post("/fruit", Credentials, (req, res) => {
+    // @response
+    res.json({
+      code: 200,
+      status: "SUCCESS",
+      message: "POST request at /fruit",
+      result: {
+        id: req.body.id,
+        name: req.body.name,
+      },
+    });
+  });
+
+
+  // PUT method
+  endpoint.put("/fruit/:id", Credentials, (req, res) => {
+    // @response
+    res.json({
+      code: 200,
+      status: "SUCCESS",
+      message: "PUT request at /fruit/" + req.params.id,
+    });
+  });
+
+
+  // DELETE method
+  endpoint.delete("/fruit/:id", Credentials, (req, res) => {
+    // @response
+    res.json({
+      code: 200,
+      status: "SUCCESS",
+      message: "DELETE request at /fruit/" + req.params.id,
+    });
+  });
+
+  ...
+
+}
+```
+
+# JWT Broken Role
+
+The **JWT Broken Role** mechanism provides a flexible way to bypass or override role-based authorization rules when using JWT.
+
+#### It can be applied in three different levels, depending on your use case.
+
+| Priority | Level 	                         | Scope                    | Best For                        |
+|:---------|:--------------------------------|:-------------------------|:--------------------------------|
+| 3rd      | Global (``passport.config.js``) | All endpoints            |	Common authorization exceptions |
+| 2nd      | Model-level options             |	Per model & HTTP method |	Structured, reusable rules      |
+| 1st      | Endpoint middleware             |	Single endpoint	        | Custom or special cases         |
+
+This multi-layer approach allows you to design **secure, flexible, and maintainable JWT authorization flows**.
+
+### 1. Global Configuration (passport.config.js) - Priority 3
+
+You can define global JWT Broken Role rules that apply to all endpoints by configuring them in ``passport.config.js``.
+```js
+module.exports = {
+  // Enable JWT authentication
+  jwt_allow: true,
+
+  ...
+
+  // Global JWT broken role configuration
+  jwt_broken_role: [
+    {
+      role: [0, 2, 4],
+      email: "john.doe@company.com",
+    }, // Basic role matching
+
+    {
+      role: { $in: [0, 2, 4] },
+      email: { $regex: /@company\.com$/ },
+    }, // Advanced matching using operators
+  ],
+
+  ...
+};
+```
+
+**Use cases**
+
+- Apply common authorization exceptions across the entire application
+- Support both simple role arrays and advanced operators (``$in``, ``$regex``, etc.)
+
+### 2. Model-Level Configuration (Per HTTP Method) - Priority 2
+
+You can configure JWT and Broken Role rules per model and per HTTP method using model options.
+
+📂 src/models/Fruit.js
+```js
+Fruit.options = {
+  ...
+
+  // Auto-endpoint configuration by HTTP method
+  defaultEndpoint: {
+    GET: true, // Enable auto-generated GET endpoint
+
+    POST: {
+      allow: true,
+      jwt: {
+        allow: true,
+        broken_role: [
+          { role: [5, 6] },
+        ],
+      },
+    },
+
+    PATCH: {
+      allow: true,
+      jwt: {
+        allow: true,
+        broken_role: [
+          { role: [5, 6, 9] },
+          { department: "IT" },
+        ],
+      },
+    },
+
+    DELETE: false, // Disable auto-generated DELETE endpoint
+  },
+
+  ...
+};
+```
+
+**Use cases**
+
+- Fine-grained access control per HTTP method
+- Different role requirements for POST, PATCH, etc.
+- Combine role-based and attribute-based conditions
+
+### 3. Endpoint-Level Configuration (Credentials Middleware) - Priority 1
+
+For maximum flexibility, you can define Broken Role rules directly on a specific endpoint using the Credentials middleware.
+
+📂 endpoints/custom-fruit-endpoints.js
+```js
+const { Fruit } = require("@/models/Fruit");
+
+endpoint.delete(
+  "/destroy-fruit-by-id/:id",
+  Credentials([{ role: [5, 9] }]),
+  async (req, res) => {
+
+    // Only JWT tokens with role level 5 or 9 are allowed
+
+    const deleted = await Fruit.destroy({
+      where: {
+        id: req.params.id,
+      },
+    });
+
+    console.log("result:", deleted);
+
+    // @response
+  }
+);
+```
+
+**Use cases**
+
+- One-off or custom endpoints
+- Highly specific authorization rules
+- Override global or model-level behavior when necessary
+
+## Supported Basic & Operators Usage
+
+The JWT Broken Role system supports both basic value matching and advanced operators for flexible authorization rules.
+
+| Operator | Meaning            | Description                                                   |
+|:---------|:-------------------|:--------------------------------------------------------------|
+| $eq      | equal              | Matches when the value is equal                               |
+| $ne      | not equal          | Matches when the value is not equal                           |
+| $in      | value IN array     | Matches when the value exists in the specified array          |
+| $not     | value NOT IN array | Matches when the value does not exist in the specified array  |
+| $regex   | regex match        | Matches using a regular expression                            |
+| $fn      | custom function    | Matches using a custom evaluation function                    |
+
+## Evaluation Logic (Very Important !)
+```js
+[
+  { rule1 AND rule1 },
+  { rule2 AND rule2 }
+]
+        ⬇
+        OR
+```
+
+## Basic Usage for Examples :
+
+```js
+Credentials([
+  { role: [9] },         // Only role check
+  { email: 'a@b.com' },  // OR email
+])
+
+// Common Matching Patterns
+{ role: [1, 2, 3] }     // IN
+{ role: 1 }             // Equal
+{ email: 'a@b.com' }    // Equal
+{ department: 'IT' }    // Equal
+{ status: ['active'] }  // Dynamic key
+```
+
+## Operators Usage for Examples :
+
+```js
+// Equal with Role
+Credentials([
+  {
+    role: { $eq: [1, 2, 5] }
+  }
+])
+
+// Not Equal with Role
+Credentials([
+  {
+    role: { $ne: [0, 3] }
+  }
+])
+
+// Regex with Email domain
+Credentials([
+  {
+    email: { $regex: /@company\.com$/ }
+  }
+])
+
+// IN with Role
+Credentials([
+  {
+    role: { $in: [1, 2, 4] }
+  }
+])
+
+// NOT IN with Role
+Credentials([
+  {
+    role: { $not: [0, 3] }
+  }
+])
+
+// Multiple OR rules
+Credentials([
+  {
+    role: { $in: [1] },
+    email: 'john.doe@company.com'
+  },
+  // OR
+  {
+    role: { $in: [4] },
+    email: { $regex: /@company\.com$/ }
+  },
+])
+
+// Custom Function
+Credentials([
+  {
+    role: {
+      $fn: (value, user) => value >= 4 && user.department === 'IT'
+    }
+  }
+])
+```
+
+# Helpers
 
 The `helpers` keep the files of functions for process specific something in the project. So, you might create the `helpers` in path `src/helpers` folder.
 
@@ -508,9 +873,9 @@ The `helpers` keep the files of functions for process specific something in the
 $ beech make helperName --helper
 ```
 
-***Example:*** Text editor helper.
+***For Example :***
 
-📂 TextEditor.js
+📂 helpers/TextEditor.js
 ```js
 module.exports = {
 
@@ -598,7 +963,7 @@ module.exports = {
 
 };
 ```
-
+### Request Token
 **Authentication structure :** Simple ``users`` table:
 ```
 ==============================================================
@@ -611,8 +976,9 @@ module.exports = {
 When you config passport with ```users``` table already. You will got Auth endpoint in available.
 ```js
 POST:  "/authentication"               // Request token
+POST:  "/authentication/refresh"       // Request refresh token
 POST:  "/authentication/create"        // Create new Auth data
-PATCH: "/authentication/update/:id"    // Update old Auth data (needed id)
+PATCH: "/authentication/update/:id"    // Update old Auth data (needed user id)
 ```
 
 ***XHR Example :***
@@ -620,26 +986,28 @@ PATCH: "/authentication/update/:id"    // Update old Auth data (needed id)
 ```js
 // Request with body for gether Token
 POST: "/authentication"
-{
+payload: {
   username: "bombkiml",
   password: "secret"
 }
 
+// Request with header for refresh token
+POST: "/authentication/refresh"
+headers: Authorization: Bearer <your_token>
 
 // Request with body for Create Auth data
 POST: "/authentication/create"
-{
+payload: {
   username: "add_new_username",
   password: "add_new_secret",
   name: "add_new_my_name",
   email: "add_new_email"
 }
 
-
 // Request with body for Update Auth data
 PATCH: "/authentication/update/1"
 headers: Authorization: Bearer <your_token>
-{
+payload: {
   username: "update_bombkiml",
   password: "update_secret",
   name: "update_my_name",
@@ -647,10 +1015,10 @@ headers: Authorization: Bearer <your_token>
 }
 ```
 
-# Beech Two Factor (2FA)
+# Beech Guard
 You can easy using 2 Factor authenticate with ```guard_field``` inside ```passport.config.js``` file and add your Guard field ex: ```2fa``` field for Authenticate Conditions.
 
-## # Usage guard (2FA, Other)
+## # Guard (2FA, Other)
 
 📂 passport.config.js
 ```js
@@ -659,7 +1027,7 @@ module.exports = {
 
   guard: {
     // Other fields add for authenticate, exmaple ["pin", "hint", "2fa"]
-    guard_field: ["2fa"], 👈 // your feild guard.
+    guard_field: ["2fa"], 👈 // your feild guard. (Disabled to remove it.)
 
     ...
   },
@@ -680,7 +1048,7 @@ module.exports = {
   guard: {
     ...
 
-    // Advanced guard jwt request (needed some logical from front-end)
+    // Advanced guard to Request (Needed some logical from front-end)
     advanced_guard: {
       allow: false, 👈 // advanced guard allow for All Endpoint.
       entity: "", // default entity `timing`
@@ -709,26 +1077,42 @@ $ npm install --save beech-auth0 moment
 # Yarn
 $ yarn add beech-auth0 moment
 ```
-Now! you can add some logic.
+Now! you can add some logic like this.
+
+ - Import packages
+
 ```js
+// CommonJS
 const { Auth0 } = require("beech-auth0");
 const moment = require("moment");
 
+// ES6
+import { Auth0 } from "beech-auth0";
+import moment from "moment";
+```
+
+- Get unix time with momentJS
+
+```js
 // Get UNIX TIME with moment
 let unix_time = moment().unix();
+```
+
+- Get hashing with Beech Auth0
 
+```js
 // Auth0 Policy.
 Auth0(unix_time, 'your_advance_guard_secret', (error, hashing) => {
-  
+
   // Your XHR request for All Endpoint.
   POST: "/authentication"
-  headers: timing: hashing, 👈 // Assign advance guard entity to headers with callback hashing.
+  headers: { timing: hashing } 👈 // Assign advance guard entity to headers with callback hashing.
 
 });
 
 ```
 
-## # Beech User Auth Managements ###
+## # Beech User Authentication Managements ###
 You can easy management `users` data with Beech, Only ```Store, Update``` NO ```Delete```, Anything you can make DELETE endpoint by yourself
 
 ```js
@@ -929,6 +1313,23 @@ module.exports = {
       duplicateRequest: {
         expiration: 500, // Can't duplicate request for 5 milliseconds each IP requests per `window`
       },
+
+      payload: {
+        // The limit of request body size, json default "100KB", urlencoded default "100KB". Learn more: https://expressjs.com/en/4x/api.html#express.json
+        json: {
+          limit: "100KB", // default: "100KB"
+        },
+        urlencoded: {
+          limit: "100KB", // default: "100KB"
+          extended: true, // default: true (reccomended: true)
+        },
+        file: {
+          uploadAllowMethod: ["POST", "PATCH", "PUT"], // Only apply file upload limit for POST, PATCH, PUT method.
+          allowedTypes: ["image/jpeg", "image/png", "application/pdf"], // Example: Allow only JPEG, PNG, and PDF files. Learn more: https://www.digipres.org/formats/mime-types/
+          limit: 5 * 1024 * 1024, // 5MB (default: Infinity)
+        },
+      },
+
     },
   },
 }
@@ -1014,8 +1415,6 @@ endpoint.get("/banana", specificDup1, (req, res) => {
 ...
 ```
 
-
-
 # Databases managements
 
 ## # Migrations & Seeder
@@ -1050,6 +1449,7 @@ Before continuing further we will need to tell CLI how to connect to database. T
     "password": null,
     "database": "database_development",
     "host": "127.0.0.1",
+    "port": 3306, // IF your another port
     "dialect": "mysql"
   },
   "test": {
@@ -1098,7 +1498,12 @@ Until this step, we haven't inserted anything into the database. We have just cr
 
 - **Migrate Down** : you can use `db:migrate:undo`, this command will revert most recent migration.
   ```sh
+  // Step to undo
   $ npx sequelize-cli db:migrate:undo
+
+  // All to undo
+  $ npx sequelize-cli db:migrate:undo:all
+
   ```
 
 ## # Creating First Seeder
@@ -1147,9 +1552,9 @@ Test using [Jest](https://jestjs.io/en/) for testing the project. Jest is a deli
 
 So, When you make the new endpoints it's automatic create test file end with `.spec.js` in `__test__` folder with constant `baseUrl` variable and `axios` package.
 
-Example endpoints testing :
+***For Example :***
 
-📂 fruit-endpoints.spec.js
+📂 \_\_test\_\_/unit/endpoints/fruit-endpoints.spec.js
 ```js
 const endpoint = baseUrl.concat("/fruit");
 
@@ -1180,7 +1585,7 @@ Docker builds images automatically by reading the instructions from a Dockerfile
 
 📂 Dockerfile
 ```js
-FROM node:14.19-alpine
+FROM node:18-alpine
 ENV NODE_ENV=production
 WORKDIR /usr/src/api
 COPY ["package.json", "package-lock.json*", "./"]