flarecms 0.1.0 → 0.1.2

package/src/db/migrations/002_auth_tables.ts

@@ -1,84 +0,0 @@
-import { Kysely, sql } from 'kysely';
-
-export async function up(db: Kysely<any>): Promise<void> {
-  // Core Sessions
-  await db.schema
-    .createTable('fc_sessions')
-    .ifNotExists()
-    .addColumn('id', 'text', (col) => col.primaryKey())
-    .addColumn('user_id', 'text', (col) => col.notNull())
-    .addColumn('expires_at', 'text', (col) => col.notNull())
-    .execute();
-
-  // Biometric Passkeys
-  await db.schema
-    .createTable('fc_passkeys')
-    .ifNotExists()
-    .addColumn('id', 'text', (col) => col.primaryKey())
-    .addColumn('user_id', 'text', (col) => col.notNull())
-    .addColumn('name', 'text')
-    .addColumn('public_key', 'text', (col) => col.notNull())
-    .addColumn('counter', 'integer', (col) => col.notNull())
-    .addColumn('device_type', 'text', (col) => col.notNull())
-    .addColumn('backed_up', 'integer', (col) => col.notNull())
-    .addColumn('transports', 'text')
-    .addColumn('created_at', 'text', (col) => col.defaultTo(sql`CURRENT_TIMESTAMP`))
-    .addColumn('last_used_at', 'text')
-    .execute();
-
-  // API Token Management
-  await db.schema
-    .createTable('fc_api_tokens')
-    .ifNotExists()
-    .addColumn('id', 'text', (col) => col.primaryKey())
-    .addColumn('user_id', 'text', (col) => col.notNull())
-    .addColumn('name', 'text', (col) => col.notNull())
-    .addColumn('hash', 'text', (col) => col.notNull())
-    .addColumn('scopes', 'text', (col) => col.notNull())
-    .addColumn('expires_at', 'text')
-    .addColumn('last_used_at', 'text')
-    .addColumn('created_at', 'text', (col) => col.defaultTo(sql`CURRENT_TIMESTAMP`))
-    .execute();
-
-  // OAuth Providers Linkage
-  await db.schema
-    .createTable('fc_oauth_accounts')
-    .ifNotExists()
-    .addColumn('provider_id', 'text', (col) => col.notNull())
-    .addColumn('provider_user_id', 'text', (col) => col.notNull())
-    .addColumn('user_id', 'text', (col) => col.notNull())
-    .addPrimaryKeyConstraint('pk_oauth_accounts', ['provider_id', 'provider_user_id'])
-    .execute();
-
-  // Email/OTP Verification Tokens
-  await db.schema
-    .createTable('fc_verification_tokens')
-    .ifNotExists()
-    .addColumn('identifier', 'text', (col) => col.notNull())
-    .addColumn('token', 'text', (col) => col.notNull())
-    .addColumn('expires_at', 'text', (col) => col.notNull())
-    .addPrimaryKeyConstraint('pk_verification_tokens', ['identifier', 'token'])
-    .execute();
-
-  // Device Code Authorization (IoT/TV flows)
-  await db.schema
-    .createTable('fc_device_codes')
-    .ifNotExists()
-    .addColumn('device_code', 'text', (col) => col.primaryKey())
-    .addColumn('user_code', 'text', (col) => col.notNull().unique())
-    .addColumn('client_id', 'text', (col) => col.notNull())
-    .addColumn('user_id', 'text')
-    .addColumn('scopes', 'text', (col) => col.notNull())
-    .addColumn('expires_at', 'text', (col) => col.notNull())
-    .addColumn('created_at', 'text', (col) => col.defaultTo(sql`CURRENT_TIMESTAMP`))
-    .execute();
-}
-
-export async function down(db: Kysely<any>): Promise<void> {
-  await db.schema.dropTable('fc_sessions').ifExists().execute();
-  await db.schema.dropTable('fc_passkeys').ifExists().execute();
-  await db.schema.dropTable('fc_api_tokens').ifExists().execute();
-  await db.schema.dropTable('fc_oauth_accounts').ifExists().execute();
-  await db.schema.dropTable('fc_verification_tokens').ifExists().execute();
-  await db.schema.dropTable('fc_device_codes').ifExists().execute();
-}

package/src/db/migrator.ts

@@ -1,61 +0,0 @@
-import { sql, type Migration } from 'kysely';
-import type { FlareDb } from './index';
-
-import * as initialSchema from './migrations/001_initial_schema';
-import * as authTables from './migrations/002_auth_tables';
-
-const STATIC_MIGRATIONS: Record<string, any> = {
-  '001_initial_schema': initialSchema,
-  '002_auth_tables': authTables,
-};
-
-/**
- * Manual D1-safe migration runner.
- * We avoid Kysely's built-in Migrator because it uses introspection (sqlite_master)
- * which Cloudflare D1 restricts, causing SQLITE_AUTH errors.
- */
-export async function runMigrations(db: FlareDb) {
-  // 1. Ensure migrations table exists
-  await sql`
-    CREATE TABLE IF NOT EXISTS _fc_migrations (
-      name TEXT PRIMARY KEY,
-      executed_at TEXT DEFAULT CURRENT_TIMESTAMP
-    )
-  `.execute(db);
-
-  // 2. Get executed migrations
-  const executed = await db
-    .selectFrom('_fc_migrations' as any)
-    .select('name')
-    .execute();
-  const executedNames = new Set(executed.map((m: any) => m.name));
-
-  const results: { name: string; status: 'Success' | 'Skipped' | 'Error' }[] = [];
-
-  // 3. Run missing migrations in order
-  const migrationNames = Object.keys(STATIC_MIGRATIONS).sort();
-
-  for (const name of migrationNames) {
-    if (executedNames.has(name)) {
-      results.push({ name, status: 'Skipped' });
-      continue;
-    }
-
-    try {
-      const migration = STATIC_MIGRATIONS[name];
-      await migration.up(db);
-
-      await db
-        .insertInto('_fc_migrations' as any)
-        .values({ name })
-        .execute();
-
-      results.push({ name, status: 'Success' });
-    } catch (err) {
-      console.error(`Migration ${name} failed:`, err);
-      throw err;
-    }
-  }
-
-  return results;
-}

package/src/db/schema.ts

@@ -1,142 +0,0 @@
-import type { ColumnType, Generated, Selectable, Insertable, Updateable } from 'kysely';
-
-export interface Database {
-  options: OptionsTable;
-  fc_collections: CollectionsTable;
-  fc_fields: FieldsTable;
-  fc_users: UsersTable;
-  fc_passkeys: PasskeysTable;
-  fc_sessions: SessionsTable;
-  fc_api_tokens: ApiTokensTable;
-  fc_oauth_accounts: OAuthAccountsTable;
-  fc_verification_tokens: VerificationTokensTable;
-  fc_device_codes: DeviceCodesTable;
-  // This helps typescript understand that we can have arbitrary string tables for dynamic content
-  [tableName: string]: any; 
-}
-
-export interface OptionsTable {
-  name: string;
-  value: string;
-}
-
-export type Option = Selectable<OptionsTable>;
-export type NewOption = Insertable<OptionsTable>;
-
-export interface CollectionsTable {
-  id: string;
-  slug: string;
-  label: string;
-  label_singular: string | null;
-  description: string | null;
-  icon: string | null;
-  is_public: ColumnType<number, number | undefined, number>;
-  features: string | null; // JSON array of strings
-  url_pattern: string | null;
-  created_at: ColumnType<string, string | undefined, never>;
-  updated_at: ColumnType<string, string | undefined, string>;
-}
-
-export type Collection = Selectable<CollectionsTable>;
-export type NewCollection = Insertable<CollectionsTable>;
-export type CollectionUpdate = Updateable<CollectionsTable>;
-
-export interface FieldsTable {
-  id: string;
-  collection_id: string;
-  label: string;
-  slug: string;
-  type: string;
-  required: ColumnType<number, number | undefined, number>; // sqlite boolean
-  created_at: ColumnType<string, string | undefined, never>;
-}
-
-export type Field = Selectable<FieldsTable>;
-export type NewField = Insertable<FieldsTable>;
-
-export interface UsersTable {
-  id: string;
-  email: string;
-  password: string | null; // Nullable if passkey only
-  role: string;
-  disabled: ColumnType<number, number | undefined, number>;
-  created_at: ColumnType<string, string | undefined, never>;
-  updated_at: ColumnType<string, string | undefined, string>;
-}
-
-export type User = Selectable<UsersTable>;
-export type NewUser = Insertable<UsersTable>;
-export type UserUpdate = Updateable<UsersTable>;
-
-export interface PasskeysTable {
-  id: string; // credentialID base64url encoded
-  user_id: string;
-  name: string | null; // User-defined alias
-  public_key: string; // base64url encoded
-  counter: number;
-  device_type: string;
-  backed_up: number;
-  transports: string | null;
-  created_at: ColumnType<string, string | undefined, never>;
-  last_used_at: string | null;
-}
-
-export type Passkey = Selectable<PasskeysTable>;
-export type NewPasskey = Insertable<PasskeysTable>;
-export type PasskeyUpdate = Updateable<PasskeysTable>;
-
-export interface SessionsTable {
-  id: string;
-  user_id: string;
-  expires_at: string;
-}
-
-export type Session = Selectable<SessionsTable>;
-export type NewSession = Insertable<SessionsTable>;
-export type SessionUpdate = Updateable<SessionsTable>;
-
-export interface ApiTokensTable {
-  id: string; // Token prefix (ec_pat_...)
-  user_id: string;
-  name: string;
-  hash: string; // SHA-256 hashed secret
-  scopes: string; // JSON string (array or structured object)
-  expires_at: string | null;
-  last_used_at: string | null;
-  created_at: ColumnType<string, string | undefined, never>;
-}
-
-export type ApiToken = Selectable<ApiTokensTable>;
-export type NewApiToken = Insertable<ApiTokensTable>;
-
-export interface OAuthAccountsTable {
-  provider_id: string;
-  provider_user_id: string;
-  user_id: string;
-}
-
-export type OAuthAccount = Selectable<OAuthAccountsTable>;
-export type NewOAuthAccount = Insertable<OAuthAccountsTable>;
-
-export interface VerificationTokensTable {
-  identifier: string; // Email
-  token: string;      // Hashed token
-  expires_at: string;
-}
-
-export type VerificationToken = Selectable<VerificationTokensTable>;
-export type NewVerificationToken = Insertable<VerificationTokensTable>;
-
-export interface DeviceCodesTable {
-  device_code: string;
-  user_code: string;
-  client_id: string;
-  user_id: string | null; // Null until user approves
-  scopes: string; // JSON string array
-  expires_at: string;
-  created_at: ColumnType<string, string | undefined, never>;
-}
-
-export type DeviceCode = Selectable<DeviceCodesTable>;
-export type NewDeviceCode = Insertable<DeviceCodesTable>;
-export type DeviceCodeUpdate = Updateable<DeviceCodesTable>;

package/src/index.ts

@@ -1,12 +0,0 @@
-export * from './auth';
-export * from './db';
-export * from './server';
-export * from './client';
-export * from './types';
-
-import { createFlareAPI } from './server';
-
-/**
- * @deprecated Use createFlareAPI from 'flarecms/server' for better modularity.
- */
-export const flarecms = createFlareAPI;

package/src/server/index.ts

@@ -1,66 +0,0 @@
-import { Hono } from 'hono';
-import { corsMiddleware } from '../api/middlewares/cors';
-import { setupMiddleware, authMiddleware } from '../api/middlewares/auth';
-import { authRoutes } from '../api/routes/auth';
-import { setupRoutes } from '../api/routes/setup';
-import { collectionsRoutes } from '../api/routes/collections';
-import { contentRoutes } from '../api/routes/content';
-import { tokenRoutes } from '../api/routes/tokens';
-import { deviceRoutes } from '../api/routes/device';
-import { magicRoutes } from '../api/routes/magic';
-import { oauthRoutes } from '../api/routes/oauth';
-import { settingsRoutes } from '../api/routes/settings';
-import { mcpRoutes } from '../api/routes/mcp';
-import { apiResponse } from '../api/lib/response';
-import type { Bindings, Variables } from '../types';
-
-/**
- * Creates the modular FlareCMS API router.
- * This can be mounted into any Hono application.
- * 
- * @example
- * app.route('/api', createFlareAPI({ base: '/admin' }));
- */
-export function createFlareAPI(options: { base?: string } = {}) {
-  const base = options.base || '/admin';
-  const api = new Hono<{ Bindings: Bindings; Variables: Variables }>();
-
-  // Middlewares
-  api.use('*', corsMiddleware);
-  api.use('*', async (c, next) => {
-    // Collect reserved slugs from base and standard system paths
-    const adminPrefix = base.replace(/^\//, '') || 'admin';
-    c.set('reservedSlugs', [
-      adminPrefix,
-      'api',
-      'setup',
-      'auth',
-      'login',
-      'signup',
-      'collections',
-      'users',
-      'settings',
-      'oauth',
-    ]);
-    await next();
-  });
-
-  api.use('/*', setupMiddleware);
-  api.use('/*', authMiddleware);
-
-  // Routes
-  api.route('/auth', authRoutes);
-  api.route('/setup', setupRoutes);
-  api.route('/collections', collectionsRoutes);
-  api.route('/content', contentRoutes);
-  api.route('/tokens', tokenRoutes);
-  api.route('/device', deviceRoutes);
-  api.route('/magic', magicRoutes);
-  api.route('/oauth', oauthRoutes);
-  api.route('/settings', settingsRoutes);
-  api.route('/mcp', mcpRoutes);
-  
-  api.get('/health', (c) => apiResponse.ok(c, { status: 'ok' }));
-
-  return api;
-}

package/src/types.ts

@@ -1,20 +0,0 @@
-import {
-  type D1Database,
-  type KVNamespace,
-  type Fetcher,
-} from '@cloudflare/workers-types';
-
-export type Bindings = {
-  DB: D1Database;
-  KV: KVNamespace;
-  ASSETS: Fetcher;
-  AUTH_SECRET: string;
-  GITHUB_CLIENT_ID?: string;
-  GITHUB_CLIENT_SECRET?: string;
-};
-
-export type Variables = {
-  user: any;
-  scopes: string[];
-  reservedSlugs: string[];
-};

package/tests/css.test.ts

@@ -1,21 +0,0 @@
-import { expect, test, describe } from "bun:test";
-import fs from "node:fs";
-
-describe("CSS Modularization", () => {
-  test("CSS is built with flare-cms prefix", () => {
-    const css = fs.readFileSync("./dist/style.css", "utf8");
-    // Verify prefix exists
-    expect(css).toContain(".flare-cms");
-  });
-
-  test("Global tags are scoped under flare-cms", () => {
-    const css = fs.readFileSync("./dist/style.css", "utf8");
-    
-    // html/body are converted to .flare-cms
-    expect(css).toContain(".flare-cms {");
-    
-    // Verify that utility classes are prefixed with the scope
-    // Example: .flare-cms .bg-background
-    expect(css).toContain(".flare-cms .bg-background");
-  });
-});

package/tests/modular.test.ts

@@ -1,29 +0,0 @@
-import { expect, test, describe } from "bun:test";
-import { createFlareAPI } from "../src/server";
-import { Hono } from "hono";
-
-describe("Modular API", () => {
-  test("createFlareAPI returns a Hono instance", () => {
-    const api = createFlareAPI();
-    expect(api).toBeInstanceOf(Hono);
-  });
-
-  test("API has health check route", async () => {
-    const api = createFlareAPI();
-    const res = await api.request("/health");
-    expect(res.status).toBe(200);
-    const data: any = await res.json();
-    expect(data.data.status).toBe("ok");
-  });
-
-  test("API injects reservedSlugs middleware", async () => {
-    const api = createFlareAPI({ base: '/custom-admin' });
-    api.get('/test-context', (c) => {
-      return c.json({ slugs: c.get('reservedSlugs') });
-    });
-    const res = await api.request("/test-context");
-    const data: any = await res.json();
-    expect(data.slugs).toContain('custom-admin');
-    expect(data.slugs).toContain('api');
-  });
-});

package/tsconfig.json

@@ -1,10 +0,0 @@
-{
-  "extends": "../../tsconfig.json",
-  "compilerOptions": {
-    "baseUrl": ".",
-    "paths": {
-      "@/*": ["./src/client/*"]
-    }
-  },
-  "include": ["src"]
-}