db-model-router 1.0.6 → 1.0.7

package/demo/dbmr.schema.json

@@ -0,0 +1,338 @@
+{
+  "adapter": "sqlite3",
+  "framework": "express",
+  "options": {
+    "rateLimiting": true,
+    "helmet": true,
+    "logger": true
+  },
+  "tables": {
+    "addresses": {
+      "columns": {
+        "address_id": "auto_increment",
+        "user_id": "required|integer",
+        "label": "string",
+        "line1": "required|string",
+        "line2": "string",
+        "city": "required|string",
+        "state": "required|string",
+        "postal_code": "required|string",
+        "country": "required|string",
+        "is_default": "boolean",
+        "created_at": "datetime",
+        "modified_at": "datetime"
+      },
+      "pk": "address_id",
+      "unique": [
+        "address_id"
+      ],
+      "timestamps": {
+        "created_at": "created_at",
+        "modified_at": "modified_at"
+      },
+      "parent": null
+    },
+    "categories": {
+      "columns": {
+        "category_id": "auto_increment",
+        "name": "required|string",
+        "slug": "required|string",
+        "description": "string",
+        "parent_category_id": "integer",
+        "image_url": "string",
+        "sort_order": "integer",
+        "is_active": "boolean",
+        "created_at": "datetime",
+        "modified_at": "datetime"
+      },
+      "pk": "category_id",
+      "unique": [
+        "slug"
+      ],
+      "timestamps": {
+        "created_at": "created_at",
+        "modified_at": "modified_at"
+      },
+      "parent": null
+    },
+    "products": {
+      "columns": {
+        "product_id": "auto_increment",
+        "category_id": "required|integer",
+        "name": "required|string",
+        "slug": "required|string",
+        "description": "string",
+        "short_description": "string",
+        "sku": "required|string",
+        "price": "required|numeric",
+        "compare_at_price": "numeric",
+        "cost_price": "numeric",
+        "currency": "required|string",
+        "stock_quantity": "required|integer",
+        "low_stock_threshold": "integer",
+        "weight": "numeric",
+        "weight_unit": "string",
+        "is_active": "boolean",
+        "is_featured": "boolean",
+        "is_deleted": "boolean",
+        "meta": "object",
+        "created_at": "datetime",
+        "modified_at": "datetime"
+      },
+      "pk": "product_id",
+      "unique": [
+        "sku",
+        "slug"
+      ],
+      "softDelete": "is_deleted",
+      "timestamps": {
+        "created_at": "created_at",
+        "modified_at": "modified_at"
+      },
+      "parent": null
+    },
+    "product_images": {
+      "columns": {
+        "product_image_id": "auto_increment",
+        "product_id": "required|integer",
+        "url": "required|string",
+        "alt_text": "string",
+        "sort_order": "integer",
+        "is_primary": "boolean",
+        "created_at": "datetime"
+      },
+      "pk": "product_image_id",
+      "unique": [
+        "product_image_id"
+      ],
+      "timestamps": {
+        "created_at": "created_at"
+      },
+      "parent": "products"
+    },
+    "product_variants": {
+      "columns": {
+        "variant_id": "auto_increment",
+        "product_id": "required|integer",
+        "name": "required|string",
+        "sku": "required|string",
+        "price": "required|numeric",
+        "stock_quantity": "required|integer",
+        "attributes": "object",
+        "is_active": "boolean",
+        "created_at": "datetime",
+        "modified_at": "datetime"
+      },
+      "pk": "variant_id",
+      "unique": [
+        "sku"
+      ],
+      "timestamps": {
+        "created_at": "created_at",
+        "modified_at": "modified_at"
+      },
+      "parent": "products"
+    },
+    "product_reviews": {
+      "columns": {
+        "review_id": "auto_increment",
+        "product_id": "required|integer",
+        "user_id": "required|integer",
+        "rating": "required|integer",
+        "title": "string",
+        "body": "string",
+        "is_verified": "boolean",
+        "is_approved": "boolean",
+        "created_at": "datetime",
+        "modified_at": "datetime"
+      },
+      "pk": "review_id",
+      "unique": [
+        "review_id"
+      ],
+      "timestamps": {
+        "created_at": "created_at",
+        "modified_at": "modified_at"
+      },
+      "parent": "products"
+    },
+    "carts": {
+      "columns": {
+        "cart_id": "auto_increment",
+        "user_id": "integer",
+        "session_id": "string",
+        "currency": "required|string",
+        "created_at": "datetime",
+        "modified_at": "datetime"
+      },
+      "pk": "cart_id",
+      "unique": [
+        "cart_id"
+      ],
+      "timestamps": {
+        "created_at": "created_at",
+        "modified_at": "modified_at"
+      },
+      "parent": null
+    },
+    "cart_items": {
+      "columns": {
+        "cart_item_id": "auto_increment",
+        "cart_id": "required|integer",
+        "product_id": "required|integer",
+        "variant_id": "integer",
+        "quantity": "required|integer",
+        "unit_price": "required|numeric",
+        "created_at": "datetime",
+        "modified_at": "datetime"
+      },
+      "pk": "cart_item_id",
+      "unique": [
+        "cart_item_id"
+      ],
+      "timestamps": {
+        "created_at": "created_at",
+        "modified_at": "modified_at"
+      },
+      "parent": "carts"
+    },
+    "orders": {
+      "columns": {
+        "order_id": "auto_increment",
+        "user_id": "required|integer",
+        "order_number": "required|string",
+        "status": "required|string",
+        "subtotal": "required|numeric",
+        "tax_amount": "required|numeric",
+        "shipping_amount": "required|numeric",
+        "discount_amount": "numeric",
+        "total": "required|numeric",
+        "currency": "required|string",
+        "shipping_address_id": "integer",
+        "billing_address_id": "integer",
+        "notes": "string",
+        "created_at": "datetime",
+        "modified_at": "datetime"
+      },
+      "pk": "order_id",
+      "unique": [
+        "order_number"
+      ],
+      "timestamps": {
+        "created_at": "created_at",
+        "modified_at": "modified_at"
+      },
+      "parent": null
+    },
+    "order_items": {
+      "columns": {
+        "order_item_id": "auto_increment",
+        "order_id": "required|integer",
+        "product_id": "required|integer",
+        "variant_id": "integer",
+        "product_name": "required|string",
+        "sku": "required|string",
+        "quantity": "required|integer",
+        "unit_price": "required|numeric",
+        "total_price": "required|numeric",
+        "created_at": "datetime"
+      },
+      "pk": "order_item_id",
+      "unique": [
+        "order_item_id"
+      ],
+      "timestamps": {
+        "created_at": "created_at"
+      },
+      "parent": "orders"
+    },
+    "payments": {
+      "columns": {
+        "payment_id": "auto_increment",
+        "order_id": "required|integer",
+        "method": "required|string",
+        "provider": "string",
+        "provider_transaction_id": "string",
+        "amount": "required|numeric",
+        "currency": "required|string",
+        "status": "required|string",
+        "paid_at": "datetime",
+        "created_at": "datetime",
+        "modified_at": "datetime"
+      },
+      "pk": "payment_id",
+      "unique": [
+        "payment_id"
+      ],
+      "timestamps": {
+        "created_at": "created_at",
+        "modified_at": "modified_at"
+      },
+      "parent": "orders"
+    },
+    "shipments": {
+      "columns": {
+        "shipment_id": "auto_increment",
+        "order_id": "required|integer",
+        "carrier": "required|string",
+        "tracking_number": "string",
+        "status": "required|string",
+        "shipped_at": "datetime",
+        "delivered_at": "datetime",
+        "created_at": "datetime",
+        "modified_at": "datetime"
+      },
+      "pk": "shipment_id",
+      "unique": [
+        "shipment_id"
+      ],
+      "timestamps": {
+        "created_at": "created_at",
+        "modified_at": "modified_at"
+      },
+      "parent": "orders"
+    },
+    "coupons": {
+      "columns": {
+        "coupon_id": "auto_increment",
+        "code": "required|string",
+        "description": "string",
+        "discount_type": "required|string",
+        "discount_value": "required|numeric",
+        "min_order_amount": "numeric",
+        "max_uses": "integer",
+        "used_count": "integer",
+        "starts_at": "datetime",
+        "expires_at": "datetime",
+        "is_active": "boolean",
+        "created_at": "datetime",
+        "modified_at": "datetime"
+      },
+      "pk": "coupon_id",
+      "unique": [
+        "code"
+      ],
+      "timestamps": {
+        "created_at": "created_at",
+        "modified_at": "modified_at"
+      },
+      "parent": null
+    },
+    "wishlists": {
+      "columns": {
+        "wishlist_id": "auto_increment",
+        "user_id": "required|integer",
+        "product_id": "required|integer",
+        "created_at": "datetime"
+      },
+      "pk": "wishlist_id",
+      "unique": [
+        "wishlist_id"
+      ],
+      "timestamps": {
+        "created_at": "created_at"
+      },
+      "parent": null
+    }
+  }
+}

package/demo/middleware/authenticate.js

@@ -0,0 +1,14 @@
+/**
+ * Authentication middleware.
+ *
+ * Validates that the request has an active session with a user object.
+ * Responds with 401 Unauthorized if no valid session exists.
+ */
+function authenticate(req, res, next) {
+  if (!req.session || !req.session.user) {
+    return res.status(401).json({ message: "Unauthorized" });
+  }
+  next();
+}
+
+export default authenticate;

package/demo/middleware/hasPermission.js

@@ -0,0 +1,30 @@
+import { isValidModule } from "#commons/modules.js";
+
+/**
+ * Permission validation middleware factory.
+ *
+ * Returns a middleware function that checks whether the authenticated user
+ * has the required permission for the specified module and action.
+ * A permission entry with action "global" grants access to any action
+ * on that module.
+ *
+ * @param {string} module - The module name to check permission for
+ * @param {string} action - The required action
+ * @returns {function} Express middleware function
+ */
+function hasPermission(module, action) {
+  return (req, res, next) => {
+    if (!isValidModule(module)) {
+      return res.status(403).json({ message: "Invalid module" });
+    }
+    const match = req.session.permission.find(
+      (p) => p.module === module && (p.action === action || p.action === "global")
+    );
+    if (!match) {
+      return res.status(403).json({ message: "Forbidden" });
+    }
+    next();
+  };
+}
+
+export default hasPermission;

package/demo/middleware/logger.js

@@ -0,0 +1,67 @@
+import winston from "winston";
+
+/**
+ * Winston logger with Console transport.
+ * If LOKI_HOST is set in .env, adds a Loki transport for Grafana visualization.
+ */
+const transports = [
+  new winston.transports.Console({
+    format: winston.format.combine(
+      winston.format.colorize(),
+      winston.format.printf(({ timestamp, level, message, ...meta }) => {
+        const metaStr = Object.keys(meta).length > 1
+          ? " " + JSON.stringify(meta)
+          : "";
+        return `[${timestamp}] [${level}] ${message}${metaStr}`;
+      }),
+    ),
+  }),
+];
+
+// Add Loki transport only when LOKI_HOST is configured
+if (process.env.LOKI_HOST) {
+  const { default: LokiTransport } = await import("winston-loki");
+  transports.push(
+    new LokiTransport({
+      host: process.env.LOKI_HOST,
+      labels: { app: process.env.APP_NAME || "app" },
+      json: true,
+      onConnectionError: (err) => console.error("Loki connection error:", err),
+    }),
+  );
+}
+
+const logger = winston.createLogger({
+  level: process.env.LOG_LEVEL || "info",
+  format: winston.format.combine(
+    winston.format.timestamp(),
+    winston.format.json(),
+  ),
+  defaultMeta: { service: process.env.APP_NAME || "app" },
+  transports,
+});
+
+/**
+ * Express middleware that logs every request/response.
+ */
+function requestLogger(req, res, next) {
+  const start = Date.now();
+
+  res.on("finish", () => {
+    const duration = Date.now() - start;
+    const level = res.statusCode >= 400 ? "warn" : "info";
+    logger.log({
+      level,
+      message: `${req.method} ${req.originalUrl} ${res.statusCode} ${duration}ms`,
+      method: req.method,
+      url: req.originalUrl,
+      status: res.statusCode,
+      duration,
+    });
+  });
+
+  next();
+}
+
+requestLogger.logger = logger;
+export default requestLogger;

package/demo/middleware/tenantIsolation.js

@@ -0,0 +1,17 @@
+/**
+ * Tenant isolation middleware.
+ *
+ * Restricts data access to the user's own tenant unless the user
+ * has a global-scoped permission. Injects tenant_id into query
+ * and body parameters for non-global users.
+ */
+function tenantIsolation(req, res, next) {
+  const hasGlobal = req.session.permission.some((p) => p.scope === "global");
+  if (!hasGlobal) {
+    req.query.tenant_id = req.session.user.tenant_id;
+    req.body.tenant_id = req.session.user.tenant_id;
+  }
+  next();
+}
+
+export default tenantIsolation;

package/demo/migrations/20260509170349_create_migrations_table.sql

@@ -0,0 +1,6 @@
+CREATE TABLE IF NOT EXISTS _migrations (
+  id INTEGER PRIMARY KEY AUTOINCREMENT,
+  filename VARCHAR(255) NOT NULL UNIQUE,
+  executed_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  checksum VARCHAR(64) NOT NULL
+);

package/demo/migrations/20260509170349_create_saas_tables.sql

@@ -0,0 +1,69 @@
+CREATE TABLE IF NOT EXISTS tenants (
+  tenant_id INTEGER PRIMARY KEY AUTOINCREMENT,
+  name VARCHAR(255) NOT NULL,
+  slug VARCHAR(255) NOT NULL,
+  attributes TEXT,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  modified_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  UNIQUE (slug)
+);
+
+CREATE TABLE IF NOT EXISTS roles (
+  role_id INTEGER PRIMARY KEY AUTOINCREMENT,
+  tenant_id INTEGER,
+  name VARCHAR(255) NOT NULL,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  modified_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FOREIGN KEY (tenant_id) REFERENCES tenants(tenant_id),
+  UNIQUE (tenant_id, name)
+);
+
+CREATE TABLE IF NOT EXISTS users (
+  user_id INTEGER PRIMARY KEY AUTOINCREMENT,
+  email VARCHAR(255) NOT NULL,
+  phone VARCHAR(255),
+  password_hash VARCHAR(255) NOT NULL,
+  name VARCHAR(255) NOT NULL,
+  unique_attribute VARCHAR(255) NOT NULL,
+  tenant_id INTEGER,
+  role_id INTEGER NOT NULL,
+  attributes TEXT,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  modified_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FOREIGN KEY (tenant_id) REFERENCES tenants(tenant_id),
+  FOREIGN KEY (role_id) REFERENCES roles(role_id),
+  UNIQUE (tenant_id, unique_attribute)
+);
+
+CREATE TABLE IF NOT EXISTS role_permissions (
+  role_permission_id INTEGER PRIMARY KEY AUTOINCREMENT,
+  role_id INTEGER NOT NULL,
+  permission TEXT NOT NULL,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  modified_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FOREIGN KEY (role_id) REFERENCES roles(role_id)
+);
+
+CREATE TABLE IF NOT EXISTS webhooks (
+  webhook_id INTEGER PRIMARY KEY AUTOINCREMENT,
+  tenant_id INTEGER NOT NULL,
+  url VARCHAR(255) NOT NULL,
+  key VARCHAR(255) NOT NULL,
+  secret VARCHAR(255) NOT NULL,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  modified_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FOREIGN KEY (tenant_id) REFERENCES tenants(tenant_id)
+);
+
+CREATE TABLE IF NOT EXISTS webhook_logs (
+  webhook_log_id INTEGER PRIMARY KEY AUTOINCREMENT,
+  webhook_id INTEGER NOT NULL,
+  tenant_id INTEGER NOT NULL,
+  event_type VARCHAR(255) NOT NULL,
+  payload TEXT NOT NULL,
+  status VARCHAR(255) NOT NULL,
+  response_body TEXT,
+  response_status_code INTEGER,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FOREIGN KEY (webhook_id) REFERENCES webhooks(webhook_id)
+);