npm - dzql - Versions diffs - 0.4.5 → 0.4.7 - Mend

dzql 0.4.5 → 0.4.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/package.json +1 -1
package/src/compiler/codegen/auth-codegen.js +147 -0
package/src/compiler/codegen/operation-codegen.js +23 -4
package/src/compiler/compiler.js +7 -0
package/src/database/migrations/006_auth.sql +33 -22

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "dzql",
-  "version": "0.4.5",
+  "version": "0.4.7",
   "description": "PostgreSQL-powered framework with zero boilerplate CRUD operations and real-time WebSocket synchronization",
   "type": "module",
   "main": "src/server/index.js",

package/src/compiler/codegen/auth-codegen.js ADDED Viewed

@@ -0,0 +1,147 @@
+/**
+ * Auth Code Generator
+ * Generates PostgreSQL functions for user authentication
+ * Only generated when the entity is named 'users'
+ */
+export class AuthCodegen {
+  constructor(entity) {
+    this.entity = entity;
+    this.tableName = entity.tableName;
+  }
+  /**
+   * Check if this entity should have auth functions generated
+   * @returns {boolean}
+   */
+  shouldGenerate() {
+    return this.tableName === 'users';
+  }
+  /**
+   * Generate all auth functions
+   * @returns {string} SQL for auth functions
+   */
+  generateAll() {
+    if (!this.shouldGenerate()) {
+      return '';
+    }
+    return [
+      this._generateProfileFunction(),
+      this._generateRegisterFunction(),
+      this._generateLoginFunction()
+    ].join('\n\n');
+  }
+  /**
+   * Generate _profile function
+   * Returns all user columns except sensitive fields
+   * @private
+   */
+  _generateProfileFunction() {
+    return `-- ============================================================================
+-- Auth: _profile function for ${this.tableName}
+-- Returns user record minus sensitive fields
+-- ============================================================================
+CREATE OR REPLACE FUNCTION _profile(p_user_id INT)
+RETURNS JSONB
+LANGUAGE SQL
+SECURITY DEFINER
+AS $$
+  SELECT jsonb_build_object('user_id', u.id) || (to_jsonb(u.*) - 'id' - 'password_hash' - 'password' - 'secret' - 'token')
+  FROM ${this.tableName} u
+  WHERE id = p_user_id;
+$$;`;
+  }
+  /**
+   * Generate register_user function
+   * Supports optional extra fields via JSON parameter
+   * @private
+   */
+  _generateRegisterFunction() {
+    return `-- ============================================================================
+-- Auth: register_user function for ${this.tableName}
+-- p_extra: optional JSON object with additional fields to set on the user record
+-- Example: register_user('test@example.com', 'password', '{"name": "Test User"}')
+-- ============================================================================
+CREATE OR REPLACE FUNCTION register_user(p_email TEXT, p_password TEXT, p_extra JSONB DEFAULT '{}')
+RETURNS JSONB
+LANGUAGE plpgsql
+SECURITY DEFINER
+AS $$
+DECLARE
+  v_user_id INT;
+  v_salt TEXT;
+  v_hash TEXT;
+  v_insert_data JSONB;
+BEGIN
+  -- Generate salt and hash password
+  v_salt := gen_salt('bf', 10);
+  v_hash := crypt(p_password, v_salt);
+  -- Build insert data: extra fields + email + password_hash (extra cannot override core fields)
+  v_insert_data := (p_extra - 'id' - 'email' - 'password_hash' - 'password')
+                   || jsonb_build_object('email', p_email, 'password_hash', v_hash);
+  -- Dynamic INSERT from JSONB (same pattern as compiled save functions)
+  EXECUTE (
+    SELECT format(
+      'INSERT INTO ${this.tableName} (%s) VALUES (%s) RETURNING id',
+      string_agg(quote_ident(key), ', '),
+      string_agg(quote_nullable(value), ', ')
+    )
+    FROM jsonb_each_text(v_insert_data) kv(key, value)
+  ) INTO v_user_id;
+  RETURN _profile(v_user_id);
+EXCEPTION
+  WHEN unique_violation THEN
+    RAISE EXCEPTION 'Email already exists' USING errcode = '23505';
+END $$;`;
+  }
+  /**
+   * Generate login_user function
+   * @private
+   */
+  _generateLoginFunction() {
+    return `-- ============================================================================
+-- Auth: login_user function for ${this.tableName}
+-- ============================================================================
+CREATE OR REPLACE FUNCTION login_user(p_email TEXT, p_password TEXT)
+RETURNS JSONB
+LANGUAGE plpgsql
+SECURITY DEFINER
+AS $$
+DECLARE
+  v_user_record RECORD;
+BEGIN
+  SELECT id, email, password_hash
+  INTO v_user_record
+  FROM ${this.tableName}
+  WHERE email = p_email;
+  IF NOT FOUND THEN
+    RAISE EXCEPTION 'Invalid credentials' USING errcode = '28000';
+  END IF;
+  IF NOT (v_user_record.password_hash = crypt(p_password, v_user_record.password_hash)) THEN
+    RAISE EXCEPTION 'Invalid credentials' USING errcode = '28000';
+  END IF;
+  RETURN _profile(v_user_record.id);
+END $$;`;
+  }
+}
+/**
+ * Generate auth functions for an entity (only if it's the users table)
+ * @param {Object} entity - Entity configuration
+ * @returns {string} SQL for auth functions (empty string if not users table)
+ */
+export function generateAuthFunctions(entity) {
+  const codegen = new AuthCodegen(entity);
+  return codegen.generateAll();
+}

package/src/compiler/codegen/operation-codegen.js CHANGED Viewed

@@ -267,7 +267,8 @@ CREATE OR REPLACE FUNCTION search_${this.tableName}(
   p_search TEXT DEFAULT NULL,
   p_sort JSONB DEFAULT NULL,
   p_page INT DEFAULT 1,
-  p_limit INT DEFAULT 25
+  p_limit INT DEFAULT 25,
+  p_on_date TIMESTAMPTZ DEFAULT NULL
 ) RETURNS JSONB AS $$
 DECLARE
   v_data JSONB;
@@ -280,8 +281,10 @@ DECLARE
   v_filter JSONB;
   v_operator TEXT;
   v_value JSONB;
+  v_on_date TIMESTAMPTZ;
 BEGIN
   v_offset := (p_page - 1) * p_limit;
+  v_on_date := COALESCE(p_on_date, NOW());
   -- Extract sort parameters
   v_sort_field := COALESCE(p_sort->>'field', '${this.entity.labelField}');
@@ -329,8 +332,7 @@ BEGIN
     v_where_clause := v_where_clause || ' AND (${searchConditions})';
   END IF;
-  -- Add temporal filter
-  v_where_clause := v_where_clause || '${this._generateTemporalFilter().replace(/\n/g, ' ')}';
+  -- Add temporal filter${this._generateTemporalFilterForSearch()}
   -- Get total count
   EXECUTE format('SELECT COUNT(*) FROM ${this.tableName} WHERE %s', v_where_clause) INTO v_total;
@@ -754,7 +756,7 @@ $$ LANGUAGE plpgsql SECURITY DEFINER;`;
   }
   /**
-   * Generate temporal filter
+   * Generate temporal filter for static SQL (GET, LOOKUP)
    * @private
    */
   _generateTemporalFilter() {
@@ -770,6 +772,23 @@ $$ LANGUAGE plpgsql SECURITY DEFINER;`;
     AND (${validTo} > COALESCE(p_on_date, NOW()) OR ${validTo} IS NULL)`;
   }
+  /**
+   * Generate temporal filter for SEARCH function (dynamic SQL with EXECUTE)
+   * Uses format() to properly interpolate the v_on_date variable
+   * @private
+   */
+  _generateTemporalFilterForSearch() {
+    if (!this.entity.temporalFields || Object.keys(this.entity.temporalFields).length === 0) {
+      return '';
+    }
+    const validFrom = this.entity.temporalFields.valid_from || 'valid_from';
+    const validTo = this.entity.temporalFields.valid_to || 'valid_to';
+    return `
+  v_where_clause := v_where_clause || format(' AND ${validFrom} <= %L AND (${validTo} > %L OR ${validTo} IS NULL)', v_on_date, v_on_date);`;
+  }
   /**
    * Check if a trigger has any rules with actions
    * @private

package/src/compiler/compiler.js CHANGED Viewed

@@ -10,6 +10,7 @@ import { generateOperations } from './codegen/operation-codegen.js';
 import { generateNotificationFunction } from './codegen/notification-codegen.js';
 import { generateGraphRuleFunctions } from './codegen/graph-rules-codegen.js';
 import { generateSubscribable } from './codegen/subscribable-codegen.js';
+import { generateAuthFunctions } from './codegen/auth-codegen.js';
 import crypto from 'crypto';
 export class DZQLCompiler {
@@ -53,6 +54,12 @@ export class DZQLCompiler {
     const operationSQL = generateOperations(normalizedEntity);
     sections.push(operationSQL);
+    // Auth functions (only for users table)
+    const authSQL = generateAuthFunctions(normalizedEntity);
+    if (authSQL) {
+      sections.push(authSQL);
+    }
     // Notification path resolution (if needed)
     if (normalizedEntity.notificationPaths &&
         Object.keys(normalizedEntity.notificationPaths).length > 0) {

package/src/database/migrations/006_auth.sql CHANGED Viewed

@@ -5,37 +5,51 @@
 create extension if not exists pgcrypto;
 -- === Users Table ===
+-- Core auth table with optional name field
+-- Applications can add additional columns as needed
+-- Note: created_at is tracked via the action log, not here
 create table if not exists users (
   id serial primary key,
+  name text,
   email text unique not null,
-  name text not null,
-  password_hash text not null,
-  created_at timestamptz default now()
+  password_hash text not null
 );
 -- === Auth Functions ===
 -- Register new user
-create or replace function register_user(p_email text, p_password text)
+-- p_extra: optional JSON object with additional fields to set on the user record
+-- Example: register_user('test@example.com', 'password', '{"name": "Test User"}')
+create or replace function register_user(p_email text, p_password text, p_extra jsonb default '{}')
 returns jsonb
 language plpgsql
 security definer
 as $$
 declare
-  user_id int;
-  salt text;
-  hash text;
+  v_user_id int;
+  v_salt text;
+  v_hash text;
+  v_insert_data jsonb;
 begin
   -- Generate salt and hash password
-  salt := gen_salt('bf', 10);
-  hash := crypt(p_password, salt);
+  v_salt := gen_salt('bf', 10);
+  v_hash := crypt(p_password, v_salt);
-  -- Insert user
-  insert into users (email, name, password_hash)
-  values (p_email, split_part(p_email, '@', 1), hash)
-  returning id into user_id;
+  -- Build insert data: extra fields + email + password_hash (extra cannot override core fields)
+  v_insert_data := (p_extra - 'id' - 'email' - 'password_hash' - 'password')
+                   || jsonb_build_object('email', p_email, 'password_hash', v_hash);
-  return _profile(user_id);
+  -- Dynamic INSERT from JSONB (same pattern as compiled save functions)
+  execute (
+    select format(
+      'INSERT INTO users (%s) VALUES (%s) RETURNING id',
+      string_agg(quote_ident(key), ', '),
+      string_agg(quote_nullable(value), ', ')
+    )
+    from jsonb_each_text(v_insert_data) kv(key, value)
+  ) into v_user_id;
+  return _profile(v_user_id);
 exception
   when unique_violation then
     raise exception 'Email already exists' using errcode = '23505';
@@ -50,7 +64,7 @@ as $$
 declare
   user_record record;
 begin
-  select id, email, name, password_hash
+  select id, email, password_hash
   into user_record
   from users
   where email = p_email;
@@ -67,17 +81,14 @@ begin
 end $$;
 -- Get user profile (private function)
+-- Returns all user columns except sensitive fields (password_hash, password, secret, token)
+-- This allows the users table to have any additional columns without modifying this function
 create or replace function _profile(p_user_id int)
 returns jsonb
 language sql
 security definer
 as $$
-  select jsonb_build_object(
-    'user_id', id,
-    'email', email,
-    'name', name,
-    'created_at', created_at
-  )
-  from users
+  select jsonb_build_object('user_id', u.id) || (to_jsonb(u.*) - 'id' - 'password_hash' - 'password' - 'secret' - 'token')
+  from users u
   where id = p_user_id;
 $$;