beech-api 3.9.0-beta.8-rc → 3.9.0-beta.9-rc

package/README.md

@@ -17,13 +17,13 @@ The Beech API is API framework, It's help you with very easy to create API proje
 - <b>[Beech CLI tool available](#beech-cli-tool-available)</b>
 - ✨ <b>Automation Endpoints with CRUD</b>
   - [Database Connection](#database-connection)
-    - [Model](#model)
+    - [Model](#models)
   - [Retrieving data with Query String](#retrieving-data-with-query-string)
     - Conditions
     - Grouping
     - Ordering
     - Timestamps (Add-on in Store and Update)
-  - [Transactions](#transactions)
+  - [Transactions](#-transactions)
     - [Disorganized transactions](#way-1---disorganized-transactions-)
     - [Organized transactions](#way-2---organized-transactions-)
     - [Transactions set Isolation levels](#way-3---transactions-set-isolation-levels-)
@@ -80,8 +80,11 @@ $ yarn global add beech-api
 
 Installation demo:
 
-[Demo](https://i.ibb.co/hySFxy3/install-beech720-1.gif)
-![Alt Text](https://i.ibb.co/hySFxy3/install-beech720-1.gif)
+[Demo 1](https://i.ibb.co/TBjNgVrF/1-11.gif)
+![Alt Text](https://i.ibb.co/TBjNgVrF/1-11.gif)
+
+[Demo 2](https://i.ibb.co/wrdgyzDP/ezgif-8539024298ec62a9.gif)
+![Alt Text](https://i.ibb.co/wrdgyzDP/ezgif-8539024298ec62a9.gif)
 
 After installation, you will have access to the `beech-app` binary in your command line.
 You can check you have the right version with this command:
@@ -179,7 +182,7 @@ Output: FjgcgJPylkV7EeQJjea_EeifPwaHVO9onD3ATk3YYAyvjtMGu3dcDS0ejA
 
 📂 app.config.js
 ```js
-// basic & sequelize (needed Hash)
+// Database configuration Only Basic & Sequelize (needed Hash)
 
 ...
 
@@ -217,6 +220,8 @@ database_config: [
 ```
 ❓ **Caution! :**  Every re-new generate `app_key`. Must to new Hash your Access and change to ALL Database connections.
 
+❓ **Development** : You can add ```dev: true``` in ```main_config``` for a better experience.
+
 # Models
 
 The `models` keep the files of function(s) data managemnets for Retriving, Creating, Updating and Destroying (CRUD). for understanding you might make model name same your table name inside `src/models` folder.
@@ -325,8 +330,7 @@ Fruit.options = {
    // Option 2: Allow with specific per methods
   defaultEndpoint: {
     GET: true,
-    POST: false,
-    PATCH: {
+    POST: {
       allow: true, // allow Auto-Endpoint
       jwt: {
         allow: true, // allow JWT
@@ -334,7 +338,19 @@ Fruit.options = {
           { role: [1, 2] },
         ],
       },
+      // Rate Limit for POST
+      rate_limit: {
+        windowMs: 15 * 60 * 1000, // 15 minutes
+        limit: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
+        // store: ... , // Redis, Memcached, etc.
+        // See more: https://www.npmjs.com/package/express-rate-limit#Configuration
+      },
+      // Duplicate Request for POST
+      duplicate_request: {
+        expiration: 500, // Can't duplicate request for 5 milliseconds each IP requests per `window` (Disabled for Set expiration to 0 zero.)
+      },
     },
+    PATCH: false,
     DELETE: false,
   },
 
@@ -379,16 +395,17 @@ Now you can add Query String with Conditional, Grouping and Ordering (Now Suppor
 
 <b style="font-size:12pt">For Example, Now!</b>, You can request to `/fruit` with methods GET, POST, PATCH and DELETE like this.
 
-| Efficacy |  Method  |        Endpoint        |    Body    |
-|:---------|:---------|:-----------------------|:-----------|
-|  Create  |  POST    | /fruit                 |     { }    |
-|  Read    |  GET     | /fruit                 |     No     |
-|  Read    |  GET     | /fruit/:limit/:offset  |     No     |
-|  Read    |  GET     | /fruit?someField=1     |     No     |
-|  Read    |  GET     | /fruit?orderby=sort    |     No     |
-|  Read    |  GET     | /fruit?groupby=id      |     No     |
-|  Update  |  PATCH   | /fruit/:id             |     { }    |
-|  Delete  |  DELETE  | /fruit/:id             |     No     |
+| Efficacy |  Method  |        Endpoint        |    Body      | Mode    |
+|:---------|:---------|:-----------------------|:-------------|:--------|
+|  Create  |  POST    | /fruit                 |     { }      | Single  |
+|  Create  |  POST    | /fruit                 |     [ ]      | Bulk    |
+|  Read    |  GET     | /fruit                 |     No       | Fetch   |
+|  Read    |  GET     | /fruit/:limit/:offset  |     No       | Fetch   |
+|  Read    |  GET     | /fruit?someField=1     |     No       | Fetch   |
+|  Read    |  GET     | /fruit?orderby=sort    |     No       | Fetch   |
+|  Read    |  GET     | /fruit?groupby=id      |     No       | Fetch   |
+|  Update  |  PATCH   | /fruit/:id             |     { }      | Single  |
+|  Delete  |  DELETE  | /fruit/:id             |     No       | Single  |
 
 Add some Basic Conditions, Grouping and Ordering with `QUERY STRING` under GET methods<br/>
 
@@ -627,15 +644,15 @@ The **JWT Broken Role** mechanism provides a flexible way to bypass or override
 
 #### It can be applied in three different levels, depending on your use case.
 
-| Level 	                        | Scope                   | Best For                        |
-|:--------------------------------|:------------------------|:--------------------------------|
-| Global (``passport.config.js``)	| All endpoints           |	Common authorization exceptions |
-| Model-level options             |	Per model & HTTP method |	Structured, reusable rules      |
-| Endpoint middleware             |	Single endpoint	        | Custom or special cases         |
+| Priority | Level 	                         | Scope                    | Best For                        |
+|:---------|:--------------------------------|:-------------------------|:--------------------------------|
+| 3rd      | Global (``passport.config.js``) | All endpoints            |	Common authorization exceptions |
+| 2nd      | Model-level options             |	Per model & HTTP method |	Structured, reusable rules      |
+| 1st      | Endpoint middleware             |	Single endpoint	        | Custom or special cases         |
 
 This multi-layer approach allows you to design **secure, flexible, and maintainable JWT authorization flows**.
 
-### 1. Global Configuration (passport.config.js)
+### 1. Global Configuration (passport.config.js) - Priority 3
 
 You can define global JWT Broken Role rules that apply to all endpoints by configuring them in ``passport.config.js``.
 ```js
@@ -667,7 +684,7 @@ module.exports = {
 - Apply common authorization exceptions across the entire application
 - Support both simple role arrays and advanced operators (``$in``, ``$regex``, etc.)
 
-### 2. Model-Level Configuration (Per HTTP Method)
+### 2. Model-Level Configuration (Per HTTP Method) - Priority 2
 
 You can configure JWT and Broken Role rules per model and per HTTP method using model options.
 
@@ -714,7 +731,7 @@ Fruit.options = {
 - Different role requirements for POST, PATCH, etc.
 - Combine role-based and attribute-based conditions
 
-### 3. Endpoint-Level Configuration (Credentials Middleware)
+### 3. Endpoint-Level Configuration (Credentials Middleware) - Priority 1
 
 For maximum flexibility, you can define Broken Role rules directly on a specific endpoint using the Credentials middleware.
 
@@ -782,8 +799,8 @@ Credentials([
 // Common Matching Patterns
 { role: [1, 2, 3] }     // IN
 { role: 1 }             // Equal
-{ email: 'a@b.com' }
-{ department: 'IT' }
+{ email: 'a@b.com' }    // Equal
+{ department: 'IT' }    // Equal
 { status: ['active'] }  // Dynamic key
 ```
 
@@ -959,8 +976,9 @@ module.exports = {
 When you config passport with ```users``` table already. You will got Auth endpoint in available.
 ```js
 POST:  "/authentication"               // Request token
+POST:  "/authentication/refresh"       // Request refresh token
 POST:  "/authentication/create"        // Create new Auth data
-PATCH: "/authentication/update/:id"    // Update old Auth data (needed id)
+PATCH: "/authentication/update/:id"    // Update old Auth data (needed user id)
 ```
 
 ***XHR Example :***
@@ -968,26 +986,28 @@ PATCH: "/authentication/update/:id"    // Update old Auth data (needed id)
 ```js
 // Request with body for gether Token
 POST: "/authentication"
-{
+payload: {
   username: "bombkiml",
   password: "secret"
 }
 
+// Request with header for refresh token
+POST: "/authentication/refresh"
+headers: Authorization: Bearer <your_token>
 
 // Request with body for Create Auth data
 POST: "/authentication/create"
-{
+payload: {
   username: "add_new_username",
   password: "add_new_secret",
   name: "add_new_my_name",
   email: "add_new_email"
 }
 
-
 // Request with body for Update Auth data
 PATCH: "/authentication/update/1"
 headers: Authorization: Bearer <your_token>
-{
+payload: {
   username: "update_bombkiml",
   password: "update_secret",
   name: "update_my_name",
@@ -1293,6 +1313,23 @@ module.exports = {
       duplicateRequest: {
         expiration: 500, // Can't duplicate request for 5 milliseconds each IP requests per `window`
       },
+
+      payload: {
+        // The limit of request body size, json default "100KB", urlencoded default "100KB". Learn more: https://expressjs.com/en/4x/api.html#express.json
+        json: {
+          limit: "100KB", // default: "100KB"
+        },
+        urlencoded: {
+          limit: "100KB", // default: "100KB"
+          extended: true, // default: true (reccomended: true)
+        },
+        file: {
+          uploadAllowMethod: ["POST", "PATCH", "PUT"], // Only apply file upload limit for POST, PATCH, PUT method.
+          allowedTypes: ["image/jpeg", "image/png", "application/pdf"], // Example: Allow only JPEG, PNG, and PDF files. Learn more: https://www.digipres.org/formats/mime-types/
+          limit: 5 * 1024 * 1024, // 5MB (default: Infinity)
+        },
+      },
+
     },
   },
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "beech-api",
-  "version": "3.9.0-beta.8-rc",
+  "version": "3.9.0-beta.9-rc",
   "description": "Command line interface for rapid Beech API development",
   "keywords": [
     "api",
@@ -38,6 +38,7 @@
     "compression": "^1.7.5",
     "cookie-parser": "^1.4.7",
     "cors": "^2.8.1",
+    "cron": "^4.4.0",
     "crypto-js": "^4.2.0",
     "cryptr": "^6.3.0",
     "express": "^4.20.0",
@@ -72,7 +73,7 @@
     "walk": "^2.3.14"
   },
   "devDependencies": {
-    "jest": "^29.7.0",
+    "jest": "^30.2.0",
     "nodemon": "^3.1.0",
     "sequelize-cli": "^5.5.1"
   },

package/packages/cli/bin/beech-app.js

@@ -231,7 +231,7 @@ class Beech {
   successfully() {
     clear();
     console.log("Beech CLI v" + require(__dirname + "/../../../package.json").version);
-    console.log('\n Passed  The project has been successfully created.\n\n  $ cd ' + this.argument + '\n  $ npm start or yarn start');
+    console.log('\n Passed  The project has been successfully created.\n\n  $ cd ' + this.argument + '\n  $ npm run dev or yarn dev');
   }
 
   async contentReplace(pathFile, textCondition) {

package/packages/cli/bin/beech-service.js

@@ -48,13 +48,13 @@ class Beech {
                   setTimeout(() => {
                     clearInterval(refreshCompileIntervalId);
                     logUpdate("\n[OK] Running...");
-                  }, 2500);
+                  }, 1500);
                 } else {
                   setTimeout(() => {
                     clearInterval(refreshCompileIntervalId);
                     logUpdate("\n[ERR] Failed... ", err);
                     reject();
-                  }, 2500);
+                  }, 1000);
                 }
               });
             }).on('error', (err) => {
@@ -91,6 +91,7 @@ class Beech {
       const spawnData = new Promise((resolve) => {
         // check Dev. run service
         if(argument == "-D" || argument == "--dev") {
+          console.log("\n  Starting Beech service in Development mode  ");
           promise = this.spawn('npx', ['nodemon', '-q', './cli/beech']); // For Dev.
         } else {
           promise = this.spawn('npx', ['nodemon', '-q', './node_modules/beech-api/packages/cli/beech']); // For Prd.

package/packages/cli/core/auth/Credentials.js

@@ -37,74 +37,96 @@ const credentials = (req, res, next) => {
   if (passport_config.jwt_allow === true) {
     const auth_endpoint = (passport_config.auth_endpoint) ? (passport_config.auth_endpoint[ 0 ] === "/" ? passport_config.auth_endpoint : "/" + passport_config.auth_endpoint) : "/authentication";
     const slashOneIsHash = auth_endpoint.split("/")[1];
-    // Check first HASH equal Authentication
-    if(slashOneIsHash == req.params.hash) {
-      // Bypass authentication for auth endpoint
-      return next();
+    if(req.params === undefined) {
+      // Request is not valid
+      console.log("\n REQUEST|OPTION  Error: Request is not valid, missing params.");
+      return;
     } else {
-      return passport.authenticate("jwt", {
-        session: false,
-      }, (err, user, info) => {
-          // error check
-          if (err) {
-            console.log(err, info);
-            return res.status(401).json({
-              code: 401,
-              error: "UNAUTHORIZED",
-              message: {
-                name: "WrongTokenError",
-                message: "token error.",
-              },
-              /* dev: { err, info }, */ // for dev info
-            });
-          } else {
-            // anything token check
-            if (!user) {
-              if (info) {
-                if (info.name == "TokenExpiredError") {
-                  return res.status(401).json({
-                    code: 401,
-                    status: "TOKEN_EXPIRED",
-                    message: info,
-                  });
-                }
-                if (info.name == "Error") {
-                  return res.status(401).json({
-                    code: 401,
-                    status: "NO_AUTH_TOKEN",
-                    message: {
-                      name: "NoTokenError",
-                      message: "No auth token",
-                    },
-                  });
-                }
-                if (info.name == "SyntaxError") {
+      // Check first HASH equal Authentication
+      if(slashOneIsHash == req.params.hash) {
+        // Bypass authentication for auth endpoint
+        return next();
+      } else {
+        return passport.authenticate("jwt", {
+          session: false,
+        }, (err, user, info) => {
+            // error check
+            if (err) {
+              console.log(err, info);
+              return res.status(401).json({
+                code: 401,
+                error: "UNAUTHORIZED",
+                message: {
+                  name: "WrongTokenError",
+                  message: "token error.",
+                },
+                /* dev: { err, info }, */ // for dev info
+              });
+            } else {
+              // anything token check
+              if (!user) {
+                if (info) {
+                  if (info.name == "TokenExpiredError") {
+                    return res.status(401).json({
+                      code: 401,
+                      status: "TOKEN_EXPIRED",
+                      message: info,
+                    });
+                  } else if (info.name == "Error") {
+                    return res.status(401).json({
+                      code: 401,
+                      status: "NO_AUTH_TOKEN",
+                      message: {
+                        name: "NoTokenError",
+                        message: "No auth token",
+                      },
+                    });
+                  } else if (info.name == "SyntaxError") {
+                    return res.status(401).json({
+                      code: 401,
+                      status: "PAYLOAD_SYNTAX_ERROR",
+                      message: {
+                        name: "SyntaxError",
+                        message: "Unexpected token < in JSON at position 0",
+                      },
+                    });
+                  } else if (info.name == "JsonWebTokenError") {
+                    return res.status(401).json({
+                      code: 401,
+                      status: "INVALID_TOKEN",
+                      message: {
+                        name: "JsonWebTokenError",
+                        message: "invalid token.",
+                      },
+                    });
+                  } else {
+                    return res.status(401).json({
+                      code: 401,
+                      status: "OTHER_TOKEN_ERR",
+                      message: {
+                        name: "OtherTokenError",
+                        message: String(info),
+                      },
+                    });
+                  }
+                } else {
                   return res.status(401).json({
                     code: 401,
-                    status: "PAYLOAD_SYNTAX_ERROR",
-                    message: {
-                      name: "SyntaxError",
-                      message: "Unexpected token < in JSON at position 0",
+                    status: "UNAUTHORIZED_USER",
+                    message: info || {
+                      name: "TokenError",
+                      message: String(info),
                     },
                   });
                 }
               } else {
-                return res.status(401).json({
-                  code: 401,
-                  status: "UNAUTHORIZED_USER",
-                  message: info || {
-                    name: "TokenError",
-                    message: "Unauthorized token."
-                  },
-                });
+                // Perfectly user jwt
+                return next();
               }
-            } else {
-              // Perfectly user jwt
-              return next();
             }
           }
-        }
-      )(req, res, next);
+        )(req, res, next);
+      }
     }
   } else {
     // Bypass authentication

package/packages/cli/core/databases/test.js

@@ -18,7 +18,7 @@ function filterDbIsTrue(dbConfig, cb) {
         }
         setTimeout(() => {
           cb(null, dbIsTrue);
-        }, 300);
+        }, 200);
       }
     });
   } catch (error) {

package/packages/cli/core/generator/_package

@@ -5,15 +5,14 @@
   "license": "MIT",
   "main": "index.js",
   "scripts": {
-    "prod": "set NODE_ENV=production&& npm start",
-    "production": "set NODE_ENV=production&& npm start",
-    "dev": "set NODE_ENV=development&& npm start",
-    "development": "set NODE_ENV=development&& npm start",
-    "start": "beech-service serve",
+    "predev": "node ./node_modules/beech-api/packages/cli/core/test/check-node.js",
+    "prebuild": "node ./node_modules/beech-api/packages/cli/core/test/check-node.js",
+    "build": "set NODE_ENV=production&& beech-service build",
+    "dev": "beech-service serve",
     "test": "node ./node_modules/jest/bin/jest __tests__ -o --watch --config"
   },
   "dependencies": {
-    "beech-api": "~3.9.0"
+    "beech-api": "^3.9.0"
   },
   "devDependencies": {
     "jest": "^29.7.0"

package/packages/cli/core/generator/_scheduler

@@ -1,5 +1,5 @@
+const CronJob = require("cron").CronJob;
 //const Users = require("@/models/Users");
-//const CronJob = require("cron").CronJob;
 
 exports.init = () => {
 
@@ -8,15 +8,25 @@ exports.init = () => {
    *
    */
 
-  //Users.findAll().then(console.log)
+  // const getUsers = async () => {
+  //   try {
+  //     const users = await Users.findAll();
+  //     console.log(users);
+  //   } catch (error) {
+  //     console.error(error);
+  //   }
+  // };
 
   /**
-   * Job schedule: seccod minute hour dayOfMonth month dayOfWeek
+   * Job schedule: seconds minutes hours dayOfMonth month dayOfWeek
    * Learn more: https://github.com/kelektiv/node-cron
    * 
    */
-  //new CronJob("0 0 0 * * *", () => {
-    //Run job.
-  //}, null, true, "Asia/Bangkok");
+  new CronJob("0 0 0 * * *", () => {
+    // Run job.
+
+    // getUsers();
+
+  }, null, true, "Asia/Bangkok");
 
 };

package/packages/cli/core/generator/index.js

@@ -179,6 +179,18 @@ class Generator {
               resolve("\n Faltal  commnad it's not available.");
             }
           }
+        } else if (this.option == 'update') {
+          console.log('------------------------------');
+          if(this.argument == 'model') {
+            // this.special = model name
+            // if (!this.special) {
+            //   resolve("\n [103m [90m Warning  [0m [0m Please specify model name to update.");
+            // } else {
+            //   this.updateModel()
+            //     .then(res => resolve(res))
+            //     .catch(err => reject(err));
+            // }
+          }
         } else if (this.option == 'passport') {
           if (this.argument == "init") {
             this.makePassportInit()
@@ -451,6 +463,74 @@ class Generator {
     });
   }
 
+  updateModel() {
+    return new Promise((resolve, reject) => {
+      try {
+        // 1. อ่านการตั้งค่าจาก global.config และ app.config เหมือนตอนสร้าง Model
+        this.fs.readFile("./global.config.js", 'utf8', (err, globalData) => {
+          if (err) return resolve("\n [101m Faltal  [0m Can't read `global.config.js` file.");
+  
+          this.fs.readFile("./app.config.js", 'utf8', (appErr, appData) => {
+            if (appErr) return resolve("\n [101m Faltal  [0m Can't read `app.config.js` file.");
+  
+            let appBuf2eval = eval(appData);
+            let modelName = this.special; // <table_name>
+            let modelPath = `./src/models/${modelName.charAt(0).toUpperCase() + modelName.slice(1)}.js`;
+  
+            // ตรวจสอบว่ามีไฟล์ Model เดิมอยู่หรือไม่
+            if (!this.fs.existsSync(modelPath)) {
+              return resolve(`\n [103m [90m Warning  [0m [0m Model file \`${modelName}\` not found to update.`);
+            }
+  
+            // ให้ผู้ใช้เลือก Connection ที่ต้องการดึง Schema ใหม่
+            inquirer.prompt([{
+              type: "list",
+              name: "selectDbConnect",
+              message: " [93mSelect database connection to sync schema: [0m",
+              choices: appBuf2eval.database_config.map(e => e.name),
+            }]).then(dbSelected => {
+              
+              // 2. ดึง Schema ใหม่จาก DB
+              const { connectForGenerateModel } = require("../databases/test");
+              let newModelClassName = modelName.split("_").map(e => e.charAt(0).toUpperCase() + e.slice(1)).join("");
+  
+              connectForGenerateModel(dbSelected.selectDbConnect, modelName, appBuf2eval.database_config, (err, tableSchema, tableName) => {
+                if (err) return reject(err);
+  
+                // 3. แปลง Schema เป็น Code String
+                this.rawSchemaTable(dbSelected.selectDbConnect, newModelClassName, tableName, tableSchema, (SchemaErr, rawSchema) => {
+                  if (SchemaErr) return reject(SchemaErr);
+  
+                  // 4. อ่านไฟล์เดิมและทำการ Replace เฉพาะส่วน Schema
+                  this.fs.readFile(modelPath, 'utf8', (readErr, currentContent) => {
+                    if (readErr) return reject(readErr);
+  
+                    // ใช้ Regex เพื่อหาช่วงของ Schema(...).define(...) และเปลี่ยนเฉพาะข้างใน
+                    // โดยจะหาตั้งแต่ Schema(sql.db).define("table", { จนถึง });
+                    const regex = /const\s+\w+\s+=\s+Schema\(sql\.\w+\)\.define\([\s\S]*?\}\);/;
+                    
+                    if (regex.test(currentContent)) {
+                      let updatedContent = currentContent.replace(regex, rawSchema);
+  
+                      this.fs.writeFile(modelPath, updatedContent, 'utf8', (writeErr) => {
+                        if (writeErr) return reject(writeErr);
+                        resolve(`\n [102m [90m Passed  [0m [0m The model \`${modelName}\` schema has been updated.`);
+                      });
+                    } else {
+                      resolve("\n [101m Faltal  [0m Could not find Schema definition pattern in the file.");
+                    }
+                  });
+                });
+              });
+            });
+          });
+        });
+      } catch (error) {
+        reject(error);
+      }
+    });
+  }
+
   generateModel(tmpModelsPath, dbSelected, appBuf2eval, pool_base) {
     return new Promise((resolve, reject) => {
       try {