npm - db-model-router - Versions diffs - 1.0.5 → 1.0.7 - Mend

db-model-router 1.0.5 → 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (136) hide show

package/README.md +150 -11
package/TODO.md +0 -14
package/db-manager/.dbmanager.sqlite +0 -0
package/db-manager/README.md +223 -0
package/db-manager/adapter-proxy.js +361 -0
package/db-manager/demo/cockroachdb.env +6 -0
package/db-manager/demo/demo.sqlite +0 -0
package/db-manager/demo/dynamodb.env +7 -0
package/db-manager/demo/mongodb.env +4 -0
package/db-manager/demo/mssql.env +6 -0
package/db-manager/demo/mysql.env +6 -0
package/db-manager/demo/oracle.env +6 -0
package/db-manager/demo/postgres.env +6 -0
package/db-manager/demo/redis.env +4 -0
package/db-manager/demo/seeds/cockroachdb.sql +32 -0
package/db-manager/demo/seeds/mssql.sql +32 -0
package/db-manager/demo/seeds/mysql.sql +32 -0
package/db-manager/demo/seeds/oracle.sql +43 -0
package/db-manager/demo/seeds/postgres.sql +32 -0
package/db-manager/demo/seeds/sqlite3.sql +32 -0
package/db-manager/demo/sqlite3.env +2 -0
package/db-manager/metadata-db.js +170 -0
package/db-manager/public/.gitkeep +1 -0
package/db-manager/public/css/style.css +1413 -0
package/db-manager/public/js/app.js +1370 -0
package/db-manager/routes/api.js +388 -0
package/db-manager/routes/views.js +61 -0
package/db-manager/server.js +39 -0
package/db-manager/utils/build-filter-config.js +18 -0
package/db-manager/utils/csv-export.js +59 -0
package/db-manager/utils/export-filename.js +39 -0
package/db-manager/utils/filter-tables.js +20 -0
package/db-manager/utils/parse-filters.js +93 -0
package/db-manager/utils/sort-state.js +35 -0
package/db-manager/views/.gitkeep +1 -0
package/db-manager/views/dashboard.ejs +53 -0
package/db-manager/views/history.ejs +52 -0
package/db-manager/views/index.ejs +35 -0
package/db-manager/views/layout.ejs +31 -0
package/db-manager/views/partials/data-panel.ejs +74 -0
package/db-manager/views/partials/header.ejs +36 -0
package/db-manager/views/partials/sidebar.ejs +30 -0
package/db-manager/views/query.ejs +58 -0
package/dbmr.schema.json +23 -45
package/demo/.env.example +1 -0
package/demo/app.js +3 -1
package/demo/commons/db.js +11 -0
package/demo/commons/migrate.js +3 -0
package/demo/commons/modules.js +18 -0
package/demo/commons/password.js +36 -0
package/demo/commons/webhook.js +81 -0
package/demo/dbmr.schema.json +22 -46
package/demo/middleware/authenticate.js +14 -0
package/demo/middleware/hasPermission.js +30 -0
package/demo/middleware/tenantIsolation.js +17 -0
package/demo/migrations/20260509170349_create_saas_tables.sql +69 -0
package/demo/migrations/{20260430155809_create_tables.sql → 20260509170349_create_tables.sql} +11 -25
package/demo/models/addresses.js +5 -3
package/demo/models/cart_items.js +5 -3
package/demo/models/carts.js +5 -3
package/demo/models/categories.js +5 -3
package/demo/models/coupons.js +5 -3
package/demo/models/index.js +43 -0
package/demo/models/order_items.js +4 -2
package/demo/models/orders.js +5 -3
package/demo/models/payments.js +5 -3
package/demo/models/product_images.js +4 -2
package/demo/models/product_reviews.js +5 -3
package/demo/models/product_variants.js +5 -3
package/demo/models/products.js +5 -3
package/demo/models/role_permissions.js +17 -0
package/demo/models/roles.js +17 -0
package/demo/models/shipments.js +5 -3
package/demo/models/tenants.js +18 -0
package/demo/models/users.js +12 -8
package/demo/models/webhook_logs.js +22 -0
package/demo/models/webhooks.js +19 -0
package/demo/models/wishlists.js +4 -2
package/demo/openapi.json +1744 -616
package/demo/package-lock.json +24 -24
package/demo/package.json +9 -0
package/demo/routes/{addresses.js → addresses/index.js} +1 -1
package/demo/routes/auth/index.js +55 -0
package/demo/routes/carts/{cart_items.js → cart_items/index.js} +1 -1
package/demo/routes/{carts.js → carts/index.js} +1 -1
package/demo/routes/{categories.js → categories/index.js} +1 -1
package/demo/routes/{coupons.js → coupons/index.js} +1 -1
package/demo/routes/index.js +39 -24
package/demo/routes/{orders.js → orders/index.js} +1 -1
package/demo/routes/orders/{order_items.js → order_items/index.js} +1 -1
package/demo/routes/orders/{payments.js → payments/index.js} +1 -1
package/demo/routes/orders/{shipments.js → shipments/index.js} +1 -1
package/demo/routes/{products.js → products/index.js} +1 -1
package/demo/routes/products/{product_images.js → product_images/index.js} +1 -1
package/demo/routes/products/{product_reviews.js → product_reviews/index.js} +1 -1
package/demo/routes/products/{product_variants.js → product_variants/index.js} +1 -1
package/demo/routes/roles/index.js +75 -0
package/demo/routes/roles/permissions/index.js +47 -0
package/demo/routes/tenants/index.js +45 -0
package/demo/routes/users/index.js +45 -0
package/demo/routes/{wishlists.js → wishlists/index.js} +1 -1
package/demo/seeds/saas-seed.js +329 -0
package/docker-compose.yml +61 -0
package/package.json +120 -113
package/scripts/demo-create.js +1 -1
package/skill/SKILL.md +119 -3
package/src/cli/commands/db-manager.js +134 -0
package/src/cli/commands/generate.js +112 -43
package/src/cli/commands/help.js +0 -1
package/src/cli/diff-engine.js +2 -1
package/src/cli/generate-model.js +9 -4
package/src/cli/generate-openapi.js +40 -13
package/src/cli/generate-route.js +61 -22
package/src/cli/generate-saas-structure.js +122 -0
package/src/cli/init/generators.js +42 -30
package/src/cli/init.js +8 -0
package/src/cli/main.js +8 -1
package/src/cli/saas/generate-saas-middleware.js +108 -0
package/src/cli/saas/generate-saas-migrations.js +480 -0
package/src/cli/saas/generate-saas-models.js +211 -0
package/src/cli/saas/generate-saas-openapi.js +419 -0
package/src/cli/saas/generate-saas-routes.js +435 -0
package/src/cli/saas/generate-saas-seeds.js +243 -0
package/src/cli/saas/generate-saas-utils.js +176 -0
package/src/commons/kafka.js +139 -0
package/src/commons/model.js +29 -9
package/src/index.js +2 -0
package/src/mssql/db.js +41 -3
package/src/mysql/db.js +3 -0
package/src/postgres/db.js +6 -0
package/src/sqlite3/db.js +11 -0
package/demo/docs/llm.md +0 -197
package/demo/llms.txt +0 -70
package/demo/routes/users.js +0 -6
package/src/cli/commands/generate-llm-docs.js +0 -418
/package/demo/migrations/{20260430155808_create_migrations_table.sql → 20260509170349_create_migrations_table.sql} +0 -0

package/dbmr.schema.json CHANGED Viewed

@@ -2,35 +2,13 @@
   "adapter": "sqlite3",
   "framework": "express",
   "options": {
-    "session": "redis",
+    "session": "memory",
     "rateLimiting": true,
     "helmet": true,
     "logger": true,
     "loki": false
   },
   "tables": {
-    "users": {
-      "columns": {
-        "user_id": "auto_increment",
-        "name": "required|string",
-        "email": "required|string",
-        "password_hash": "required|string",
-        "phone": "string",
-        "avatar_url": "string",
-        "role": "required|string",
-        "is_deleted": "boolean",
-        "created_at": "datetime",
-        "updated_at": "datetime"
-      },
-      "pk": "user_id",
-      "unique": ["email"],
-      "softDelete": "is_deleted",
-      "timestamps": {
-        "created_at": "created_at",
-        "modified_at": "updated_at"
-      },
-      "parent": null
-    },
     "addresses": {
       "columns": {
         "address_id": "auto_increment",
@@ -44,13 +22,13 @@
         "country": "required|string",
         "is_default": "boolean",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "address_id",
       "unique": ["address_id"],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },
@@ -65,13 +43,13 @@
         "sort_order": "integer",
         "is_active": "boolean",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "category_id",
       "unique": ["slug"],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },
@@ -97,14 +75,14 @@
         "is_deleted": "boolean",
         "meta": "object",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "product_id",
       "unique": ["sku", "slug"],
       "softDelete": "is_deleted",
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },
@@ -136,13 +114,13 @@
         "attributes": "object",
         "is_active": "boolean",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "variant_id",
       "unique": ["sku"],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": "products"
     },
@@ -157,13 +135,13 @@
         "is_verified": "boolean",
         "is_approved": "boolean",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "review_id",
       "unique": ["review_id"],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": "products"
     },
@@ -174,13 +152,13 @@
         "session_id": "string",
         "currency": "required|string",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "cart_id",
       "unique": ["cart_id"],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },
@@ -193,13 +171,13 @@
         "quantity": "required|integer",
         "unit_price": "required|numeric",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "cart_item_id",
       "unique": ["cart_item_id"],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": "carts"
     },
@@ -219,13 +197,13 @@
         "billing_address_id": "integer",
         "notes": "string",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "order_id",
       "unique": ["order_number"],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },
@@ -261,13 +239,13 @@
         "status": "required|string",
         "paid_at": "datetime",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "payment_id",
       "unique": ["payment_id"],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": "orders"
     },
@@ -281,13 +259,13 @@
         "shipped_at": "datetime",
         "delivered_at": "datetime",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "shipment_id",
       "unique": ["shipment_id"],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": "orders"
     },
@@ -305,13 +283,13 @@
         "expires_at": "datetime",
         "is_active": "boolean",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "coupon_id",
       "unique": ["code"],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },

package/demo/.env.example CHANGED Viewed

@@ -1,5 +1,6 @@
 # Server
 PORT=3000
+API_BASE_PATH=/api
 # Database
 DB_NAME=./data/data.db

package/demo/app.js CHANGED Viewed

@@ -4,7 +4,9 @@ import configureSession from "./commons/session.js";
 import applySecurity from "./commons/security.js";
 import logger from "./middleware/logger.js";
 import route from "./routes/index.js";
+import { fileURLToPath } from 'node:url';
+import path from "path";
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
 const app = express();
 const PORT = process.env.PORT || 3000;

package/demo/commons/db.js CHANGED Viewed

@@ -9,6 +9,17 @@ dbModelRouter.db.connect({
   database: process.env.DB_NAME || "./data/data.db",
 });
+// Initialize Kafka if KAFKA_BROKER is configured
+if (process.env.KAFKA_BROKER) {
+  dbModelRouter.kafka.init().then((connected) => {
+    if (connected) {
+      console.log("[kafka] Producer connected to", process.env.KAFKA_BROKER);
+    } else {
+      console.warn("[kafka] Failed to connect to Kafka broker");
+    }
+  });
+}
 // Make db available globally across the application
 const db = dbModelRouter.db;
 global.db = db;

package/demo/commons/migrate.js CHANGED Viewed

@@ -58,6 +58,9 @@ if (isMain) {
   const pkg = await import("db-model-router");
   const mod = pkg.default || pkg;
   mod.init("sqlite3");
+  mod.db.connect({
+    database: process.env.DB_NAME || "./data/data.db",
+});
   const migrationsDir = path.join(__dirname, "../migrations");
   runMigrations(mod.db, migrationsDir)
     .then(() => process.exit(0))

package/demo/commons/modules.js ADDED Viewed

@@ -0,0 +1,18 @@
+/**
+ * Registry of all SaaS module names.
+ * This is the single source of truth for valid module identifiers
+ * used by the permission system.
+ *
+ * @type {string[]}
+ */
+export const modules = ["users", "tenants", "roles", "permissions", "webhooks"];
+/**
+ * Check whether a given name is a registered module.
+ *
+ * @param {string} name - The module name to validate
+ * @returns {boolean} True if the name exists in the modules registry
+ */
+export function isValidModule(name) {
+  return modules.includes(name);
+}

package/demo/commons/password.js ADDED Viewed

@@ -0,0 +1,36 @@
+import crypto from "crypto";
+/**
+ * Hash a password using scrypt with a random salt.
+ * Returns a string in the format "salt:derivedKey" (both hex-encoded).
+ *
+ * @param {string} password - The plaintext password to hash
+ * @returns {Promise<string>} The hashed password string
+ */
+export function hashPassword(password) {
+  const salt = crypto.randomBytes(16).toString("hex");
+  return new Promise((resolve, reject) => {
+    crypto.scrypt(password, salt, 64, (err, derivedKey) => {
+      if (err) reject(err);
+      resolve(salt + ":" + derivedKey.toString("hex"));
+    });
+  });
+}
+/**
+ * Verify a password against a previously hashed value.
+ * Uses timing-safe comparison to prevent timing attacks.
+ *
+ * @param {string} password - The plaintext password to verify
+ * @param {string} hash - The stored hash in "salt:derivedKey" format
+ * @returns {Promise<boolean>} True if the password matches, false otherwise
+ */
+export function verifyPassword(password, hash) {
+  const [salt, key] = hash.split(":");
+  return new Promise((resolve, reject) => {
+    crypto.scrypt(password, salt, 64, (err, derivedKey) => {
+      if (err) reject(err);
+      resolve(crypto.timingSafeEqual(Buffer.from(key, "hex"), derivedKey));
+    });
+  });
+}

package/demo/commons/webhook.js ADDED Viewed

@@ -0,0 +1,81 @@
+import crypto from "crypto";
+/**
+ * Retry delay schedule in seconds.
+ * Attempt 0: immediate, 1: 1 min, 2: 5 min, 3: 1 hour, 4: 1 day.
+ *
+ * @type {number[]}
+ */
+export const RETRY_DELAYS = [0, 60, 300, 3600, 86400];
+/**
+ * Sign a webhook payload using HMAC-SHA256.
+ *
+ * @param {object} payload - The payload object to sign
+ * @param {string} secret - The tenant's webhook secret
+ * @returns {string} Hex-encoded HMAC-SHA256 signature
+ */
+export function signPayload(payload, secret) {
+  const body = JSON.stringify(payload);
+  return crypto.createHmac("sha256", secret).update(body).digest("hex");
+}
+/**
+ * Look up the configured webhook for a tenant.
+ * TODO: Replace this stub with actual database lookup.
+ */
+export async function lookupWebhook(tenantId) {
+  return null;
+}
+/**
+ * Log a webhook delivery event.
+ * TODO: Replace this stub with actual database insert into webhook_logs.
+ */
+export async function logWebhookEvent(webhookId, tenantId, eventType, payload, status, responseBody, responseStatusCode) {
+  // Stub: replace with actual DB insert
+}
+/**
+ * Delay execution for the specified number of milliseconds.
+ */
+export function delay(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+/**
+ * Send a webhook notification to the configured endpoint for a tenant.
+ * Retries delivery up to 5 times with exponential backoff.
+ */
+export async function sendWebhook(tenantId, event, context) {
+  const webhook = await lookupWebhook(tenantId);
+  if (!webhook) return;
+  const payload = { context, event, timestamp: new Date().toISOString() };
+  payload.signature = signPayload(payload, webhook.secret);
+  for (let attempt = 0; attempt < RETRY_DELAYS.length; attempt++) {
+    if (attempt > 0) {
+      await delay(RETRY_DELAYS[attempt] * 1000);
+      console.log(`Webhook retry attempt ${attempt}, delay: ${RETRY_DELAYS[attempt]}s`);
+    }
+    try {
+      const response = await fetch(webhook.url, {
+        method: "POST",
+        headers: { "Content-Type": "application/json", "X-Webhook-Key": webhook.key },
+        body: JSON.stringify(payload),
+      });
+      await logWebhookEvent(
+        webhook.id, tenantId, event.type, payload,
+        response.ok ? "success" : "failed",
+        await response.text(), response.status
+      );
+      if (response.ok) return;
+    } catch (err) {
+      await logWebhookEvent(
+        webhook.id, tenantId, event.type, payload,
+        "error", err.message, null
+      );
+    }
+  }
+}

package/demo/dbmr.schema.json CHANGED Viewed

@@ -7,30 +7,6 @@
     "logger": true
   },
   "tables": {
-    "users": {
-      "columns": {
-        "user_id": "auto_increment",
-        "name": "required|string",
-        "email": "required|string",
-        "password_hash": "required|string",
-        "phone": "string",
-        "avatar_url": "string",
-        "role": "required|string",
-        "is_deleted": "boolean",
-        "created_at": "datetime",
-        "updated_at": "datetime"
-      },
-      "pk": "user_id",
-      "unique": [
-        "email"
-      ],
-      "softDelete": "is_deleted",
-      "timestamps": {
-        "created_at": "created_at",
-        "modified_at": "updated_at"
-      },
-      "parent": null
-    },
     "addresses": {
       "columns": {
         "address_id": "auto_increment",
@@ -44,7 +20,7 @@
         "country": "required|string",
         "is_default": "boolean",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "address_id",
       "unique": [
@@ -52,7 +28,7 @@
       ],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },
@@ -67,7 +43,7 @@
         "sort_order": "integer",
         "is_active": "boolean",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "category_id",
       "unique": [
@@ -75,7 +51,7 @@
       ],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },
@@ -101,7 +77,7 @@
         "is_deleted": "boolean",
         "meta": "object",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "product_id",
       "unique": [
@@ -111,7 +87,7 @@
       "softDelete": "is_deleted",
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },
@@ -145,7 +121,7 @@
         "attributes": "object",
         "is_active": "boolean",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "variant_id",
       "unique": [
@@ -153,7 +129,7 @@
       ],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": "products"
     },
@@ -168,7 +144,7 @@
         "is_verified": "boolean",
         "is_approved": "boolean",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "review_id",
       "unique": [
@@ -176,7 +152,7 @@
       ],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": "products"
     },
@@ -187,7 +163,7 @@
         "session_id": "string",
         "currency": "required|string",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "cart_id",
       "unique": [
@@ -195,7 +171,7 @@
       ],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },
@@ -208,7 +184,7 @@
         "quantity": "required|integer",
         "unit_price": "required|numeric",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "cart_item_id",
       "unique": [
@@ -216,7 +192,7 @@
       ],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": "carts"
     },
@@ -236,7 +212,7 @@
         "billing_address_id": "integer",
         "notes": "string",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "order_id",
       "unique": [
@@ -244,7 +220,7 @@
       ],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },
@@ -282,7 +258,7 @@
         "status": "required|string",
         "paid_at": "datetime",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "payment_id",
       "unique": [
@@ -290,7 +266,7 @@
       ],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": "orders"
     },
@@ -304,7 +280,7 @@
         "shipped_at": "datetime",
         "delivered_at": "datetime",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "shipment_id",
       "unique": [
@@ -312,7 +288,7 @@
       ],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": "orders"
     },
@@ -330,7 +306,7 @@
         "expires_at": "datetime",
         "is_active": "boolean",
         "created_at": "datetime",
-        "updated_at": "datetime"
+        "modified_at": "datetime"
       },
       "pk": "coupon_id",
       "unique": [
@@ -338,7 +314,7 @@
       ],
       "timestamps": {
         "created_at": "created_at",
-        "modified_at": "updated_at"
+        "modified_at": "modified_at"
       },
       "parent": null
     },

package/demo/middleware/authenticate.js ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * Authentication middleware.
+ *
+ * Validates that the request has an active session with a user object.
+ * Responds with 401 Unauthorized if no valid session exists.
+ */
+function authenticate(req, res, next) {
+  if (!req.session || !req.session.user) {
+    return res.status(401).json({ message: "Unauthorized" });
+  }
+  next();
+}
+export default authenticate;

package/demo/middleware/hasPermission.js ADDED Viewed

@@ -0,0 +1,30 @@
+import { isValidModule } from "#commons/modules.js";
+/**
+ * Permission validation middleware factory.
+ *
+ * Returns a middleware function that checks whether the authenticated user
+ * has the required permission for the specified module and action.
+ * A permission entry with action "global" grants access to any action
+ * on that module.
+ *
+ * @param {string} module - The module name to check permission for
+ * @param {string} action - The required action
+ * @returns {function} Express middleware function
+ */
+function hasPermission(module, action) {
+  return (req, res, next) => {
+    if (!isValidModule(module)) {
+      return res.status(403).json({ message: "Invalid module" });
+    }
+    const match = req.session.permission.find(
+      (p) => p.module === module && (p.action === action || p.action === "global")
+    );
+    if (!match) {
+      return res.status(403).json({ message: "Forbidden" });
+    }
+    next();
+  };
+}
+export default hasPermission;

package/demo/middleware/tenantIsolation.js ADDED Viewed

@@ -0,0 +1,17 @@
+/**
+ * Tenant isolation middleware.
+ *
+ * Restricts data access to the user's own tenant unless the user
+ * has a global-scoped permission. Injects tenant_id into query
+ * and body parameters for non-global users.
+ */
+function tenantIsolation(req, res, next) {
+  const hasGlobal = req.session.permission.some((p) => p.scope === "global");
+  if (!hasGlobal) {
+    req.query.tenant_id = req.session.user.tenant_id;
+    req.body.tenant_id = req.session.user.tenant_id;
+  }
+  next();
+}
+export default tenantIsolation;