deesse 0.2.11 → 0.2.13

package/src/config/define.ts

@@ -2,38 +2,134 @@ import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
 import type { BetterAuthPlugin } from 'better-auth';
 import type { Plugin } from './plugin';
 import type { PageTree } from './page';
+import type { AdminHeaderConfig } from '@deessejs/admin';
 import { admin } from 'better-auth/plugins';
 
-export type Config = {
+/**
+ * User schema type - each application defines their own schema.
+ * Use generics to preserve Drizzle type safety.
+ */
+export type Config<TSchema extends Record<string, unknown> = Record<string, never>> = {
   name?: string;
-  database: PostgresJsDatabase;
+  database: PostgresJsDatabase<TSchema>;
   plugins?: Plugin[];
   pages?: PageTree[];
   secret: string;
-  auth: {
-    baseURL: string;
+  auth: AuthConfig;
+  admin?: {
+    header?: AdminHeaderConfig;
+  };
+};
+
+/**
+ * Auth configuration - all fields optional for partial override
+ */
+export type AuthConfig = {
+  baseURL: string;
+  plugins?: BetterAuthPlugin[];
+  emailAndPassword?: {
+    enabled?: boolean;
+    allowSignUp?: boolean;
+    requireEmailVerification?: boolean;
   };
+  session?: {
+    maxAge?: number;
+    updateAge?: number;
+  };
+  trustedOrigins?: string[];
 };
 
 /**
  * Internal config type used at runtime - includes admin plugin
+ * Preserves the schema generic for type safety.
  */
-export type InternalConfig = Config & {
+export type InternalConfig<TSchema extends Record<string, unknown> = Record<string, never>> = Config<TSchema> & {
   auth: {
     baseURL: string;
     plugins: BetterAuthPlugin[];
+    emailAndPassword: { enabled: boolean };
+    session: { maxAge: number };
+    trustedOrigins: string[];
   };
 };
 
-export function defineConfig(config: Config): InternalConfig {
-  // Always include admin plugin - user cannot remove it
-  const authPlugins: BetterAuthPlugin[] = [admin()];
+/**
+ * Deep merge two objects, with source overriding target for nested objects.
+ * Arrays are concatenated, primitive overrides replace values.
+ */
+function deepMerge<T extends Record<string, unknown>>(target: T, source: Partial<T>): T {
+  const result = { ...target };
+  for (const key of Object.keys(source) as (keyof T)[]) {
+    const targetValue = target[key];
+    const sourceValue = source[key];
+
+    if (
+      typeof targetValue === 'object' &&
+      targetValue !== null &&
+      !Array.isArray(targetValue) &&
+      typeof sourceValue === 'object' &&
+      sourceValue !== null &&
+      !Array.isArray(sourceValue)
+    ) {
+      result[key] = deepMerge(
+        targetValue as Record<string, unknown>,
+        sourceValue as Record<string, unknown>
+      ) as T[typeof key];
+    } else if (sourceValue !== undefined) {
+      result[key] = sourceValue as T[typeof key];
+    }
+  }
+  return result;
+}
 
-  return {
+/**
+ * Global config storage for getDeesse() without arguments.
+ * Stored at module level to persist across HMR.
+ * Uses 'any' for the schema since it's a runtime singleton.
+ */
+let globalConfig: InternalConfig<any> | undefined;
+
+export function defineConfig<TSchema extends Record<string, unknown>>(
+  config: Config<TSchema>
+): InternalConfig<TSchema> {
+  // Default auth configuration - admin() is always first
+  const defaultAuth = {
+    plugins: [admin()] as BetterAuthPlugin[],
+    emailAndPassword: { enabled: true },
+    session: { maxAge: 60 * 60 * 24 * 7 }, // 7 days
+    trustedOrigins: [config.auth.baseURL],
+  };
+
+  // Merge user config with defaults
+  const mergedAuth = {
+    baseURL: config.auth.baseURL,
+    secret: config.secret,
+    plugins: [...defaultAuth.plugins, ...(config.auth.plugins || [])],
+    emailAndPassword: deepMerge(defaultAuth.emailAndPassword, config.auth.emailAndPassword || {}),
+    session: deepMerge(defaultAuth.session, config.auth.session || {}),
+    trustedOrigins: config.auth.trustedOrigins || defaultAuth.trustedOrigins,
+  };
+
+  const internalConfig: InternalConfig<TSchema> = {
     ...config,
-    auth: {
-      ...config.auth,
-      plugins: authPlugins,
-    },
-  } as InternalConfig;
+    auth: mergedAuth,
+  } as InternalConfig<TSchema>;
+
+  // Store globally for getDeesse() without arguments
+  globalConfig = internalConfig;
+
+  return internalConfig;
+}
+
+/**
+ * Get the global config stored by defineConfig().
+ * Throws if defineConfig() has not been called.
+ */
+export function getGlobalConfig<TSchema extends Record<string, unknown> = Record<string, never>>(): InternalConfig<TSchema> {
+  if (!globalConfig) {
+    throw new Error(
+      "Deesse config not defined. Call defineConfig() before accessing getDeesse() without arguments."
+    );
+  }
+  return globalConfig as InternalConfig<TSchema>;
 }

package/src/index.ts

@@ -1,8 +1,8 @@
 // @deessejs/deesse core package
 
-import type { InternalConfig } from "./config/define.js";
 import type { PostgresJsDatabase } from "drizzle-orm/postgres-js";
 import { createDeesse, type Deesse } from "./server.js";
+import { getGlobalConfig, type InternalConfig } from "./config/define.js";
 
 export { defineConfig } from "./config/index.js";
 export type { Config, InternalConfig } from "./config/index.js";
@@ -14,14 +14,12 @@ export type { Page, Section, PageTree } from "./config/index.js";
 export { z } from "zod";
 export type { ZodSchema } from "zod";
 
+export { sql } from "drizzle-orm";
+
 export type { Deesse } from "./server.js";
 
 export { createClient } from "./client.js";
-export type { DeesseClient, DeesseClientOptions } from "./client.js";
-
-export { isDatabaseEmpty, requireDatabaseNotEmpty, validateAdminEmail } from "./lib/admin.js";
-export type { EmailValidationOptions } from "./lib/admin.js";
-export { isPublicEmailDomain, isAllowedAdminEmail, getAllowedDomains, validateAdminEmailDomain, PUBLIC_EMAIL_DOMAINS } from "./lib/validation.js";
+export type { DeesseClientOptions } from "./client.js";
 
 /**
  * Symbol-based global storage for Deesse instance.
@@ -52,6 +50,8 @@ function getGlobalCache(): GlobalDeesseCache {
 /**
  * Deep equality check for config comparison.
  * Required because config objects are recreated on HMR.
+ * Note: We do NOT compare database pools - the pool reference from $client
+ * may return new wrapper objects on each access, causing false positives.
  */
 function isConfigEqual(a: InternalConfig, b: InternalConfig): boolean {
   if (a.secret !== b.secret) return false;
@@ -71,35 +71,54 @@ function extractPool(db: PostgresJsDatabase): unknown {
 /**
  * Get the Deesse singleton instance.
  * Cached on global to persist across HMR.
+ *
+ * Can be called without arguments if defineConfig() was called first,
+ * or with a config for explicit instantiation.
  */
 export const getDeesse = async (
-  config: InternalConfig
+  config?: InternalConfig
 ): Promise<Deesse> => {
+  const effectiveConfig = config ?? getGlobalConfig();
   const cache = getGlobalCache();
 
   // Case 1: Instance exists and config is semantically equal
-  if (cache.instance && cache.config && isConfigEqual(cache.config, config)) {
+  if (cache.instance && cache.config && isConfigEqual(cache.config, effectiveConfig)) {
     return cache.instance;
   }
 
   // Case 2: Instance exists but config changed - hot reload
-  // IMPORTANT: Don't close the pool! cache.instance still uses the old pool.
-  // The new config's pool will be garbage collected when the HMR module reference is dropped.
   if (
     cache.instance &&
     cache.config &&
-    !isConfigEqual(cache.config, config)
+    !isConfigEqual(cache.config, effectiveConfig)
   ) {
     console.info("[deesse] Config changed, performing hot reload...");
-    cache.config = config;
-    return cache.instance;
+
+    // Close the old pool before creating new instance (with 5s timeout)
+    if (cache.pool) {
+      const oldPool = cache.pool as { end?: () => Promise<void> };
+      if (typeof oldPool.end === "function") {
+        await Promise.race([
+          oldPool.end(),
+          new Promise((resolve) => setTimeout(() => resolve(undefined), 5000)),
+        ]).catch(console.error);
+      }
+    }
+
+    // Create new instance with new config
+    const instance = createDeesse(effectiveConfig);
+    cache.pool = extractPool(instance.database);
+    cache.instance = instance;
+    cache.config = effectiveConfig;
+
+    return instance;
   }
 
   // Case 3: No instance exists - create one
-  const instance = createDeesse(config);
+  const instance = createDeesse(effectiveConfig);
   cache.pool = extractPool(instance.database);
   cache.instance = instance;
-  cache.config = config;
+  cache.config = effectiveConfig;
 
   return instance;
 };

package/src/server.ts

@@ -1,16 +1,11 @@
 import type { PostgresJsDatabase } from "drizzle-orm/postgres-js";
-import type { BetterAuthPlugin } from "better-auth";
+import type { Auth } from "better-auth";
 import type { InternalConfig } from "./config/define";
 import { betterAuth } from "better-auth";
 import { drizzleAdapter } from "@better-auth/drizzle-adapter";
 
 export type Deesse = {
-  auth: Awaited<ReturnType<typeof betterAuth<{
-    database: ReturnType<typeof drizzleAdapter>;
-    baseURL: string;
-    secret: string;
-    plugins: BetterAuthPlugin[];
-  }>>>;
+  auth: Auth;
   database: PostgresJsDatabase;
 };
 
@@ -21,8 +16,10 @@ export function createDeesse(config: InternalConfig): Deesse {
     }),
     baseURL: config.auth.baseURL,
     secret: config.secret,
+    emailAndPassword: config.auth.emailAndPassword,
+    trustedOrigins: config.auth.trustedOrigins,
     plugins: config.auth.plugins,
-  });
+  }) as Auth;
 
   return {
     auth,

package/tsconfig.json

@@ -1,12 +1,12 @@
-{
-  "extends": "../../tsconfig.json",
-  "compilerOptions": {
-    "composite": false,
-    "module": "ESNext",
-    "moduleResolution": "bundler",
-    "outDir": "./dist",
-    "rootDir": "./src"
-  },
-  "include": ["src/**/*"],
-  "exclude": ["node_modules", "dist"]
-}
+{
+  "extends": "../../tsconfig.json",
+  "compilerOptions": {
+    "composite": false,
+    "module": "ESNext",
+    "moduleResolution": "bundler",
+    "outDir": "./dist",
+    "rootDir": "./src"
+  },
+  "include": ["src/**/*"],
+  "exclude": ["node_modules", "dist"]
+}

package/src/lib/admin.ts

@@ -1,68 +0,0 @@
-import type { Auth } from "better-auth";
-
-/**
- * Check if the database has any users.
- * Returns true if the database is empty (no users).
- */
-export async function isDatabaseEmpty(auth: Auth): Promise<boolean> {
-  try {
-    const result = await (auth.api as any).listUsers({ limit: 1 });
-    return !result?.users || result.users.length === 0;
-  } catch {
-    // If listUsers fails, assume not empty (safer default)
-    return false;
-  }
-}
-
-/**
- * Require that the database is NOT empty.
- * Throws if no users exist.
- */
-export async function requireDatabaseNotEmpty(auth: Auth): Promise<void> {
-  if (await isDatabaseEmpty(auth)) {
-    throw new Error(
-      "Database is empty. Cannot proceed with this operation. " +
-      "Use the First Admin Setup page to create the initial admin account."
-    );
-  }
-}
-
-export interface EmailValidationOptions {
-  allowedDomains?: string[];
-  blockedDomains?: string[];
-  requireOrganization?: boolean;
-}
-
-/**
- * Validate an admin email against configured rules.
- */
-export function validateAdminEmail(
-  email: string,
-  options: EmailValidationOptions = {}
-): { valid: boolean; error?: string } {
-  const domain = email.split('@')[1]?.toLowerCase();
-
-  if (!domain) {
-    return { valid: false, error: "Invalid email format" };
-  }
-
-  // Check blocked domains
-  if (options.blockedDomains?.includes(domain)) {
-    return { valid: false, error: `Email domain ${domain} is blocked` };
-  }
-
-  // Check allowed domains (if specified)
-  if (options.allowedDomains?.length && !options.allowedDomains.includes(domain)) {
-    return { valid: false, error: `Email must be from: ${options.allowedDomains.join(', ')}` };
-  }
-
-  // Require organization (no public email domains)
-  if (options.requireOrganization) {
-    const PUBLIC_DOMAINS = ['gmail.com', 'yahoo.com', 'hotmail.com', 'outlook.com', 'icloud.com'];
-    if (PUBLIC_DOMAINS.includes(domain)) {
-      return { valid: false, error: "Personal email domains are not allowed. Use an organizational email." };
-    }
-  }
-
-  return { valid: true };
-}

package/src/lib/validation.ts

@@ -1,89 +0,0 @@
-/**
- * Email validation utilities for admin email enforcement
- */
-
-export const PUBLIC_EMAIL_DOMAINS = [
-  'gmail.com',
-  'yahoo.com',
-  'hotmail.com',
-  'outlook.com',
-  'icloud.com',
-  'mail.com',
-  'aol.com',
-  'protonmail.com',
-  'zoho.com',
-  'yandex.com',
-  'gmx.com',
-] as const;
-
-export type PublicEmailDomain = (typeof PUBLIC_EMAIL_DOMAINS)[number];
-
-/**
- * Check if an email uses a public email domain
- */
-export function isPublicEmailDomain(email: string): boolean {
-  const domain = email.split('@')[1]?.toLowerCase();
-  return PUBLIC_EMAIL_DOMAINS.includes(domain as PublicEmailDomain);
-}
-
-/**
- * Get allowed domains from ADMIN_ALLOWED_DOMAINS environment variable.
- * Returns empty array if not configured (no restrictions).
- */
-export function getAllowedDomains(): string[] {
-  const envValue = process.env['ADMIN_ALLOWED_DOMAINS'];
-  if (!envValue) return [];
-  return envValue
-    .split(',')
-    .map((d) => d.trim().toLowerCase())
-    .filter(Boolean);
-}
-
-/**
- * Check if an email is from an allowed domain.
- * If no allowed domains are configured, all domains are allowed.
- */
-export function isAllowedAdminEmail(email: string): boolean {
-  const allowed = getAllowedDomains();
-  if (!allowed.length) return true; // No restriction configured
-  const domain = email.split('@')[1]?.toLowerCase();
-  return allowed.includes(domain);
-}
-
-/**
- * Validate admin email against organizational requirements.
- * Returns an error message if validation fails.
- */
-export function validateAdminEmailDomain(
-  email: string
-): { valid: true } | { valid: false; code: string; message: string; suggestion?: string } {
-  // Check if email is from a public domain (warning level, not blocking)
-  const isPublic = isPublicEmailDomain(email);
-  const allowed = getAllowedDomains();
-
-  // If allowed domains are configured, enforce them strictly
-  if (allowed.length > 0) {
-    const domain = email.split('@')[1]?.toLowerCase();
-    if (!allowed.includes(domain)) {
-      return {
-        valid: false,
-        code: 'INVALID_EMAIL_DOMAIN',
-        message: `Admin email must be from an allowed domain. Allowed: ${allowed.join(', ')}`,
-        suggestion: 'Set ADMIN_ALLOWED_DOMAINS environment variable to configure allowed email domains',
-      };
-    }
-  }
-
-  // If email is from a public domain, return warning info (but allow through)
-  if (isPublic && allowed.length === 0) {
-    const domain = email.split('@')[1]?.toLowerCase();
-    return {
-      valid: false,
-      code: 'PUBLIC_EMAIL_DOMAIN',
-      message: `${email} is a public email domain. Admin accounts should use organizational email addresses.`,
-      suggestion: `Set ADMIN_ALLOWED_DOMAINS environment variable to restrict to organizational domains only (e.g., ADMIN_ALLOWED_DOMAINS=${domain})`,
-    };
-  }
-
-  return { valid: true };
-}