insforge 0.3.3 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (635) hide show
  1. package/.claude-plugin/marketplace.json +20 -0
  2. package/.dockerignore +60 -57
  3. package/.env.example +84 -49
  4. package/.github/ISSUE_TEMPLATE/bug_report.yml +36 -83
  5. package/.github/ISSUE_TEMPLATE/config.yml +11 -11
  6. package/.github/ISSUE_TEMPLATE/feature_request.yml +26 -79
  7. package/.github/PULL_REQUEST_TEMPLATE.md +7 -0
  8. package/.github/copilot-instructions.md +146 -146
  9. package/.github/workflows/build-image.yml +66 -65
  10. package/.github/workflows/ci-premerge-check.yml +23 -23
  11. package/.github/workflows/e2e.yml +63 -0
  12. package/.github/workflows/lint-and-format.yml +32 -32
  13. package/.prettierignore +64 -64
  14. package/CHANGELOG.md +44 -3
  15. package/CLAUDE_PLUGIN.md +104 -0
  16. package/CODE_OF_CONDUCT.md +128 -0
  17. package/CONTRIBUTING.md +125 -125
  18. package/Dockerfile +30 -27
  19. package/GITHUB_OAUTH_SETUP.md +49 -49
  20. package/GOOGLE_OAUTH_SETUP.md +148 -148
  21. package/LICENSE +201 -201
  22. package/README.md +182 -134
  23. package/assets/Dark.svg +23 -23
  24. package/assets/mcpInstallv2.png +0 -0
  25. package/assets/sampleResponse.png +0 -0
  26. package/auth/index.html +13 -0
  27. package/auth/package.json +28 -0
  28. package/auth/public/favicon.ico +0 -0
  29. package/auth/src/App.tsx +33 -0
  30. package/auth/src/components/ErrorCard.tsx +37 -0
  31. package/auth/src/components/Layout.tsx +13 -0
  32. package/auth/src/index.css +19 -0
  33. package/auth/src/lib/broadcastService.ts +117 -0
  34. package/auth/src/lib/utils.ts +11 -0
  35. package/auth/src/main.tsx +22 -0
  36. package/auth/src/pages/ForgotPasswordPage.tsx +11 -0
  37. package/auth/src/pages/ResetPasswordPage.tsx +11 -0
  38. package/auth/src/pages/SignInPage.tsx +60 -0
  39. package/auth/src/pages/SignUpPage.tsx +60 -0
  40. package/auth/src/pages/VerifyEmailPage.tsx +20 -0
  41. package/auth/src/vite-env.d.ts +10 -0
  42. package/auth/tsconfig.json +32 -0
  43. package/auth/tsconfig.node.json +11 -0
  44. package/auth/vite.config.ts +25 -0
  45. package/backend/package.json +78 -75
  46. package/backend/src/api/{middleware → middlewares}/auth.ts +8 -9
  47. package/backend/src/api/middlewares/rate-limiters.ts +127 -0
  48. package/backend/src/api/routes/{ai.ts → ai/index.routes.ts} +22 -26
  49. package/backend/src/api/routes/auth/index.routes.ts +667 -0
  50. package/backend/src/api/routes/auth/oauth.routes.ts +473 -0
  51. package/backend/src/api/routes/{database.advance.ts → database/advance.routes.ts} +128 -65
  52. package/backend/src/api/routes/database/index.routes.ts +90 -0
  53. package/backend/src/api/routes/{database.records.ts → database/records.routes.ts} +26 -12
  54. package/backend/src/api/routes/{database.tables.ts → database/tables.routes.ts} +6 -23
  55. package/backend/src/api/routes/docs/index.routes.ts +75 -0
  56. package/backend/src/api/routes/email/index.routes.ts +35 -0
  57. package/backend/src/api/routes/functions/index.routes.ts +194 -0
  58. package/backend/src/api/routes/{logs.ts → logs/index.routes.ts} +25 -30
  59. package/backend/src/api/routes/{metadata.ts → metadata/index.routes.ts} +33 -31
  60. package/backend/src/api/routes/realtime/channels.routes.ts +81 -0
  61. package/backend/src/api/routes/realtime/index.routes.ts +12 -0
  62. package/backend/src/api/routes/realtime/messages.routes.ts +48 -0
  63. package/backend/src/api/routes/realtime/permissions.routes.ts +19 -0
  64. package/backend/src/api/routes/{secrets.ts → secrets/index.routes.ts} +27 -22
  65. package/backend/src/api/routes/{storage.ts → storage/index.routes.ts} +48 -61
  66. package/backend/src/api/routes/usage/index.routes.ts +91 -0
  67. package/backend/src/infra/config/app.config.ts +51 -0
  68. package/backend/src/infra/database/database.manager.ts +182 -0
  69. package/backend/{migrations → src/infra/database/migrations}/000_create-base-tables.sql +141 -141
  70. package/backend/{migrations → src/infra/database/migrations}/001_create-helper-functions.sql +40 -40
  71. package/backend/{migrations → src/infra/database/migrations}/002_rename-auth-tables.sql +29 -29
  72. package/backend/{migrations → src/infra/database/migrations}/003_create-users-table.sql +55 -55
  73. package/backend/{migrations → src/infra/database/migrations}/004_add-reload-postgrest-func.sql +23 -23
  74. package/backend/{migrations → src/infra/database/migrations}/005_enable-project-admin-modify-users.sql +29 -29
  75. package/backend/{migrations → src/infra/database/migrations}/006_modify-ai-usage-table.sql +24 -24
  76. package/backend/{migrations → src/infra/database/migrations}/007_drop-metadata-table.sql +1 -1
  77. package/backend/{migrations → src/infra/database/migrations}/008_add-system-tables.sql +76 -76
  78. package/backend/{migrations → src/infra/database/migrations}/009_add-function-secrets.sql +23 -23
  79. package/backend/{migrations → src/infra/database/migrations}/010_modify-ai-config-modalities.sql +93 -93
  80. package/backend/{migrations → src/infra/database/migrations}/011_refactor-secrets-table.sql +15 -15
  81. package/backend/{migrations → src/infra/database/migrations}/012_add-storage-uploaded-by.sql +7 -7
  82. package/backend/src/infra/database/migrations/013_create-auth-schema-functions.sql +44 -0
  83. package/backend/src/infra/database/migrations/014_add-updated-at-trigger-user-table.sql +8 -0
  84. package/backend/src/infra/database/migrations/015_create-auth-config-and-email-otp-tables.sql +60 -0
  85. package/backend/src/infra/database/migrations/016_update-auth-config-and-email-otp.sql +24 -0
  86. package/backend/src/infra/database/migrations/017_create-realtime-schema.sql +233 -0
  87. package/backend/src/infra/realtime/realtime.manager.ts +246 -0
  88. package/backend/src/infra/realtime/webhook-sender.ts +82 -0
  89. package/backend/src/{core/secrets/encryption.ts → infra/security/encryption.manager.ts} +3 -2
  90. package/backend/src/infra/security/token.manager.ts +219 -0
  91. package/backend/src/infra/socket/socket.manager.ts +522 -0
  92. package/backend/src/providers/ai/openrouter.provider.ts +380 -0
  93. package/backend/src/providers/email/base.provider.ts +38 -0
  94. package/backend/src/providers/email/cloud.provider.ts +271 -0
  95. package/backend/src/{core/logs/providers → providers/logs}/base.provider.ts +11 -11
  96. package/backend/src/{core/logs/providers → providers/logs}/cloudwatch.provider.ts +61 -38
  97. package/backend/src/providers/logs/local.provider.ts +185 -0
  98. package/backend/src/providers/oauth/apple.provider.ts +266 -0
  99. package/backend/src/providers/oauth/base.provider.ts +29 -0
  100. package/backend/src/providers/oauth/discord.provider.ts +195 -0
  101. package/backend/src/providers/oauth/facebook.provider.ts +194 -0
  102. package/backend/src/providers/oauth/github.provider.ts +208 -0
  103. package/backend/src/providers/oauth/google.provider.ts +249 -0
  104. package/backend/src/providers/oauth/index.ts +8 -0
  105. package/backend/src/providers/oauth/linkedin.provider.ts +240 -0
  106. package/backend/src/providers/oauth/microsoft.provider.ts +169 -0
  107. package/backend/src/providers/oauth/x.provider.ts +202 -0
  108. package/backend/src/providers/storage/base.provider.ts +29 -0
  109. package/backend/src/providers/storage/local.provider.ts +103 -0
  110. package/backend/src/providers/storage/s3.provider.ts +313 -0
  111. package/backend/src/server.ts +317 -288
  112. package/backend/src/{core/ai/config.ts → services/ai/ai-config.service.ts} +19 -24
  113. package/backend/src/services/ai/ai-model.service.ts +60 -0
  114. package/backend/src/{core/ai/usage.ts → services/ai/ai-usage.service.ts} +28 -35
  115. package/backend/src/{core/ai/chat.ts → services/ai/chat-completion.service.ts} +37 -24
  116. package/backend/src/services/ai/helpers.ts +64 -0
  117. package/backend/src/{core/ai/image.ts → services/ai/image-generation.service.ts} +17 -19
  118. package/backend/src/services/ai/index.ts +13 -0
  119. package/backend/src/services/auth/auth-config.service.ts +250 -0
  120. package/backend/src/services/auth/auth-otp.service.ts +424 -0
  121. package/backend/src/services/auth/auth.service.ts +1150 -0
  122. package/backend/src/services/auth/index.ts +4 -0
  123. package/backend/src/{core/auth/oauth.ts → services/auth/oauth-config.service.ts} +106 -52
  124. package/backend/src/{core/database/advance.ts → services/database/database-advance.service.ts} +97 -131
  125. package/backend/src/services/database/database-table.service.ts +802 -0
  126. package/backend/src/services/database/database.service.ts +127 -0
  127. package/backend/src/services/email/email.service.ts +73 -0
  128. package/backend/src/{core/functions/functions.ts → services/functions/function.service.ts} +95 -88
  129. package/backend/src/{core/logs/audit.ts → services/logs/audit.service.ts} +92 -75
  130. package/backend/src/services/logs/log.service.ts +73 -0
  131. package/backend/src/services/realtime/index.ts +3 -0
  132. package/backend/src/services/realtime/realtime-auth.service.ts +104 -0
  133. package/backend/src/services/realtime/realtime-channel.service.ts +237 -0
  134. package/backend/src/services/realtime/realtime-message.service.ts +260 -0
  135. package/backend/src/{core/secrets/secrets.ts → services/secrets/secret.service.ts} +48 -66
  136. package/backend/src/services/storage/storage.service.ts +617 -0
  137. package/backend/src/services/usage/usage.service.ts +149 -0
  138. package/backend/src/types/auth.ts +77 -2
  139. package/backend/src/types/email.ts +8 -0
  140. package/backend/src/types/error-constants.ts +4 -0
  141. package/backend/src/types/logs.ts +0 -29
  142. package/backend/src/types/realtime.ts +18 -0
  143. package/backend/src/{core/socket/types.ts → types/socket.ts} +11 -36
  144. package/backend/src/utils/cookies.ts +35 -0
  145. package/backend/src/utils/environment.ts +9 -3
  146. package/backend/src/utils/logger.ts +20 -2
  147. package/backend/src/utils/s3-config-loader.ts +64 -0
  148. package/backend/src/utils/seed.ts +301 -205
  149. package/backend/src/utils/sql-parser.ts +91 -1
  150. package/backend/src/utils/utils.ts +114 -0
  151. package/backend/src/utils/validations.ts +40 -4
  152. package/backend/tests/README.md +133 -133
  153. package/backend/tests/cleanup-all-test-data.sh +230 -230
  154. package/backend/tests/cloud/test-s3-multitenant.sh +131 -131
  155. package/backend/tests/local/comprehensive-curl-tests.sh +155 -155
  156. package/backend/tests/local/test-ai-config.sh +129 -0
  157. package/backend/tests/local/test-ai-usage.sh +80 -0
  158. package/backend/tests/local/test-auth-router.sh +143 -143
  159. package/backend/tests/local/test-database-router.sh +222 -222
  160. package/backend/tests/local/test-e2e.sh +240 -240
  161. package/backend/tests/local/test-fk-errors.sh +96 -96
  162. package/backend/tests/local/test-functions.sh +123 -0
  163. package/backend/tests/local/test-id-field.sh +200 -200
  164. package/backend/tests/local/test-logs.sh +132 -0
  165. package/backend/tests/local/test-public-bucket.sh +264 -264
  166. package/backend/tests/local/test-secrets.sh +249 -247
  167. package/backend/tests/local/test-serverless-functions.sh.disabled +325 -325
  168. package/backend/tests/local/test-traditional-rest.sh +208 -208
  169. package/backend/tests/manual/README.md +50 -50
  170. package/backend/tests/manual/create-large-table-simple.sql +10 -10
  171. package/backend/tests/manual/seed-large-table.sql +100 -100
  172. package/backend/tests/manual/setup-large-table-extras.sql +33 -33
  173. package/backend/tests/manual/test-bulk-upsert.sh +409 -409
  174. package/backend/tests/manual/test-database-advance.sh +296 -296
  175. package/backend/tests/manual/test-postgrest-stability.sh +191 -191
  176. package/backend/tests/manual/test-rawsql-export-import.sh +411 -411
  177. package/backend/tests/manual/test-rawsql-modes.sh +244 -0
  178. package/backend/tests/manual/test-universal-storage.sh +263 -263
  179. package/backend/tests/manual/test-users.sql +17 -17
  180. package/backend/tests/run-all-tests.sh +139 -139
  181. package/backend/tests/setup.ts +0 -0
  182. package/backend/tests/test-config.sh +338 -302
  183. package/backend/tests/unit/analyze-query.test.ts +697 -0
  184. package/backend/tests/unit/cloud-token.test.ts +48 -0
  185. package/backend/tests/unit/constant.test.ts +8 -0
  186. package/backend/tests/unit/email.test.ts +372 -0
  187. package/backend/tests/unit/environment.test.ts +59 -0
  188. package/backend/tests/unit/helpers.test.ts +63 -0
  189. package/backend/tests/unit/logger.test.ts +22 -0
  190. package/backend/tests/unit/rate-limit.test.ts +154 -0
  191. package/backend/tests/unit/response.test.ts +58 -0
  192. package/backend/tests/unit/sql-parser.test.ts +74 -0
  193. package/backend/tests/unit/uuid.test.ts +21 -0
  194. package/backend/tests/unit/validations.test.ts +80 -0
  195. package/backend/tsconfig.json +22 -22
  196. package/backend/vitest.config.ts +11 -0
  197. package/claude-plugin/.claude-plugin/plugin.json +24 -0
  198. package/claude-plugin/README.md +133 -0
  199. package/claude-plugin/skills/insforge-schema-patterns/SKILL.md +270 -0
  200. package/docker-compose.prod.yml +204 -144
  201. package/docker-compose.yml +232 -167
  202. package/docker-init/db/db-init.sql +97 -125
  203. package/docker-init/db/jwt.sql +5 -5
  204. package/docker-init/db/postgresql.conf +16 -16
  205. package/docker-init/logs/vector.yml +236 -0
  206. package/docs/README.md +44 -0
  207. package/docs/agent-docs/real-time.md +269 -0
  208. package/docs/changelog.mdx +119 -0
  209. package/docs/core-concepts/ai/architecture.mdx +373 -0
  210. package/docs/core-concepts/ai/sdk.mdx +213 -0
  211. package/docs/core-concepts/authentication/architecture.mdx +278 -0
  212. package/docs/core-concepts/authentication/sdk.mdx +414 -0
  213. package/docs/core-concepts/authentication/ui-components/customization.mdx +529 -0
  214. package/docs/core-concepts/authentication/ui-components/nextjs.mdx +221 -0
  215. package/docs/core-concepts/authentication/ui-components/react-router.mdx +184 -0
  216. package/docs/core-concepts/authentication/ui-components/react.mdx +129 -0
  217. package/docs/core-concepts/database/architecture.mdx +256 -0
  218. package/docs/core-concepts/database/sdk.mdx +382 -0
  219. package/docs/core-concepts/email/architecture.mdx +101 -0
  220. package/docs/core-concepts/email/sdk.mdx +53 -0
  221. package/docs/core-concepts/functions/architecture.mdx +105 -0
  222. package/docs/core-concepts/functions/sdk.mdx +184 -0
  223. package/docs/core-concepts/realtime/architecture.mdx +446 -0
  224. package/docs/core-concepts/realtime/sdk.mdx +409 -0
  225. package/docs/core-concepts/storage/architecture.mdx +243 -0
  226. package/docs/core-concepts/storage/sdk.mdx +253 -0
  227. package/docs/deployment/README.md +94 -0
  228. package/docs/deployment/deploy-to-aws-ec2.md +565 -0
  229. package/docs/deployment/deploy-to-azure-virtual-machines.md +313 -0
  230. package/docs/deployment/deploy-to-google-cloud-compute-engine.md +613 -0
  231. package/docs/deployment/deploy-to-render.md +441 -0
  232. package/docs/deprecated/insforge-auth-api.md +214 -214
  233. package/docs/deprecated/insforge-auth-sdk.md +99 -99
  234. package/docs/deprecated/insforge-db-api.md +358 -358
  235. package/docs/deprecated/insforge-db-sdk.md +139 -139
  236. package/docs/deprecated/insforge-debug-sdk.md +156 -156
  237. package/docs/deprecated/insforge-debug.md +64 -64
  238. package/docs/deprecated/insforge-instructions.md +123 -123
  239. package/docs/deprecated/insforge-project.md +117 -117
  240. package/docs/deprecated/insforge-storage-api.md +278 -278
  241. package/docs/deprecated/insforge-storage-sdk.md +158 -158
  242. package/docs/docs.json +232 -0
  243. package/docs/examples/framework-guides/nextjs.mdx +131 -0
  244. package/docs/examples/framework-guides/nuxt.mdx +165 -0
  245. package/docs/examples/framework-guides/react.mdx +165 -0
  246. package/docs/examples/framework-guides/svelte.mdx +153 -0
  247. package/docs/examples/framework-guides/vue.mdx +159 -0
  248. package/docs/examples/overview.mdx +67 -0
  249. package/docs/favicon.svg +19 -0
  250. package/docs/images/changelog/dec-2025/ai-integration.png +0 -0
  251. package/docs/images/changelog/dec-2025/ai-models.webp +0 -0
  252. package/docs/images/changelog/dec-2025/alipay-payment.webp +0 -0
  253. package/docs/images/changelog/dec-2025/apple-login.jpg +0 -0
  254. package/docs/images/changelog/dec-2025/mcp-installer.png +0 -0
  255. package/docs/images/changelog/dec-2025/realtime-module.jpg +0 -0
  256. package/docs/images/changelog/nov-2025/auth-components.webp +0 -0
  257. package/docs/images/changelog/nov-2025/database-metadata.webp +0 -0
  258. package/docs/images/changelog/nov-2025/quickstart-prompts.webp +0 -0
  259. package/docs/images/changelog/nov-2025/sql-editor.webp +0 -0
  260. package/docs/images/changelog/nov-2025/usage-page.webp +0 -0
  261. package/docs/images/changelog/october-2025/csv-upload.webp +0 -0
  262. package/docs/images/changelog/october-2025/logs-feature.webp +0 -0
  263. package/docs/images/changelog/october-2025/oauth-providers.webp +0 -0
  264. package/docs/images/checks-passed.png +0 -0
  265. package/docs/images/dashboard-connect-expanded.png +0 -0
  266. package/docs/images/dashboard-connect.png +0 -0
  267. package/docs/images/hero-dark.png +0 -0
  268. package/docs/images/hero-light.png +0 -0
  269. package/docs/images/icons/ai.svg +4 -0
  270. package/docs/images/icons/auth.svg +1 -0
  271. package/docs/images/icons/database.svg +1 -0
  272. package/docs/images/icons/function.svg +1 -0
  273. package/docs/images/icons/storage.svg +1 -0
  274. package/docs/images/logos/nextjs.svg +4 -0
  275. package/docs/images/logos/nuxt.svg +4 -0
  276. package/docs/images/logos/react.svg +5 -0
  277. package/docs/images/logos/svelte.svg +4 -0
  278. package/docs/images/logos/vue.svg +5 -0
  279. package/docs/images/mcp-install.png +0 -0
  280. package/docs/images/onboarding-mcp.png +0 -0
  281. package/docs/insforge-instructions-sdk.md +89 -407
  282. package/docs/introduction.mdx +45 -0
  283. package/docs/logo/dark.svg +22 -0
  284. package/docs/logo/light.svg +20 -0
  285. package/docs/partnership.mdx +652 -0
  286. package/docs/quickstart.mdx +83 -0
  287. package/docs/showcase/2048-arena.png +0 -0
  288. package/docs/showcase/framegen-cloud.png +0 -0
  289. package/docs/showcase/line-connect-race.png +0 -0
  290. package/docs/showcase/moment-vibe.png +0 -0
  291. package/docs/showcase/national-flags.png +0 -0
  292. package/docs/showcase/pokemon-vibe.png +0 -0
  293. package/docs/showcase/pure-browse-buy.png +0 -0
  294. package/docs/showcase.mdx +52 -0
  295. package/docs/snippets/sdk-installation.mdx +22 -0
  296. package/docs/snippets/service-icons.mdx +27 -0
  297. package/eslint.config.js +10 -3
  298. package/examples/oauth/frontend-oauth-example.html +250 -250
  299. package/examples/response-examples.md +443 -443
  300. package/frontend/components.json +17 -17
  301. package/frontend/package.json +69 -63
  302. package/frontend/src/App.tsx +13 -82
  303. package/frontend/src/assets/icons/checkbox_checked.svg +6 -6
  304. package/frontend/src/assets/icons/checkbox_undetermined.svg +6 -6
  305. package/frontend/src/assets/icons/checked.svg +3 -3
  306. package/frontend/src/assets/icons/connected.svg +3 -0
  307. package/frontend/src/assets/icons/error.svg +3 -3
  308. package/frontend/src/assets/icons/loader.svg +9 -0
  309. package/frontend/src/assets/icons/pencil.svg +4 -4
  310. package/frontend/src/assets/icons/refresh.svg +4 -4
  311. package/frontend/src/assets/icons/step_active.svg +3 -3
  312. package/frontend/src/assets/icons/step_inactive.svg +11 -11
  313. package/frontend/src/assets/icons/warning.svg +3 -3
  314. package/frontend/src/assets/logos/apple.svg +4 -0
  315. package/frontend/src/assets/logos/claude_code.svg +3 -3
  316. package/frontend/src/assets/logos/cline.svg +6 -6
  317. package/frontend/src/assets/logos/cursor.svg +20 -20
  318. package/frontend/src/assets/logos/discord.svg +8 -8
  319. package/frontend/src/assets/logos/facebook.svg +3 -0
  320. package/frontend/src/assets/logos/gemini.svg +19 -19
  321. package/frontend/src/assets/logos/github.svg +5 -5
  322. package/frontend/src/assets/logos/google.svg +13 -13
  323. package/frontend/src/assets/logos/grok.svg +10 -10
  324. package/frontend/src/assets/logos/insforge_dark.svg +15 -15
  325. package/frontend/src/assets/logos/insforge_light.svg +15 -15
  326. package/frontend/src/assets/logos/instagram.svg +2 -0
  327. package/frontend/src/assets/logos/linkedin.svg +3 -0
  328. package/frontend/src/assets/logos/microsoft.svg +1 -0
  329. package/frontend/src/assets/logos/openai.svg +10 -10
  330. package/frontend/src/assets/logos/roo_code.svg +9 -9
  331. package/frontend/src/assets/logos/spotify.svg +17 -0
  332. package/frontend/src/assets/logos/tiktok.svg +6 -0
  333. package/frontend/src/assets/logos/trae.svg +3 -3
  334. package/frontend/src/assets/logos/windsurf.svg +10 -10
  335. package/frontend/src/assets/logos/x.svg +3 -0
  336. package/frontend/src/components/Checkbox.tsx +27 -29
  337. package/frontend/src/components/CodeBlock.tsx +55 -2
  338. package/frontend/src/components/CodeEditor.tsx +92 -0
  339. package/frontend/src/components/ConfirmDialog.tsx +1 -1
  340. package/frontend/src/components/ConnectCTA.tsx +38 -0
  341. package/frontend/src/components/CopyButton.tsx +52 -15
  342. package/frontend/src/components/ErrorState.tsx +1 -2
  343. package/frontend/src/components/FeatureSidebar.tsx +6 -6
  344. package/frontend/src/components/FeatureSidebarItem.tsx +2 -2
  345. package/frontend/src/components/JsonHighlight.tsx +21 -9
  346. package/frontend/src/components/ProjectInfoModal.tsx +128 -0
  347. package/frontend/src/components/PromptDialog.tsx +1 -4
  348. package/frontend/src/components/SearchInput.tsx +1 -2
  349. package/frontend/src/components/Stepper.tsx +53 -0
  350. package/frontend/src/components/ThemeToggle.tsx +3 -3
  351. package/frontend/src/components/datagrid/DataGrid.tsx +25 -32
  352. package/frontend/src/components/datagrid/cell-editors/DateCellEditor.tsx +1 -2
  353. package/frontend/src/components/datagrid/cell-editors/JsonCellEditor.tsx +2 -4
  354. package/frontend/src/components/datagrid/index.ts +23 -0
  355. package/frontend/src/components/index.ts +23 -30
  356. package/frontend/src/components/layout/AppHeader.tsx +131 -91
  357. package/frontend/src/components/layout/AppSidebar.tsx +80 -170
  358. package/frontend/src/components/layout/Layout.tsx +12 -23
  359. package/frontend/src/components/layout/PrimaryMenu.tsx +187 -0
  360. package/frontend/src/components/layout/SecondaryMenu.tsx +70 -0
  361. package/frontend/src/components/layout/index.ts +5 -0
  362. package/frontend/src/components/radix/Tooltip.tsx +24 -13
  363. package/frontend/src/components/radix/index.ts +22 -0
  364. package/frontend/src/features/ai/components/AIConfigCard.tsx +129 -83
  365. package/frontend/src/features/ai/components/AIEmptyState.tsx +12 -7
  366. package/frontend/src/features/ai/components/ModalityFilterSidebar.tsx +101 -0
  367. package/frontend/src/features/ai/components/ModelSelectionDialog.tsx +135 -0
  368. package/frontend/src/features/ai/components/ModelSelectionGrid.tsx +51 -0
  369. package/frontend/src/features/ai/components/SystemPromptDialog.tsx +118 -0
  370. package/frontend/src/features/ai/components/index.ts +6 -0
  371. package/frontend/src/features/ai/helpers.ts +57 -71
  372. package/frontend/src/features/ai/hooks/useAIConfigs.ts +39 -113
  373. package/frontend/src/features/ai/hooks/useAIUsage.ts +0 -2
  374. package/frontend/src/features/ai/pages/AIPage.tsx +166 -0
  375. package/frontend/src/features/ai/services/ai.service.ts +5 -5
  376. package/frontend/src/features/auth/components/AuthPreview.tsx +96 -0
  377. package/frontend/src/features/auth/components/OAuthConfigDialog.tsx +54 -30
  378. package/frontend/src/features/auth/components/UserFormDialog.tsx +13 -6
  379. package/frontend/src/features/auth/components/UsersDataGrid.tsx +50 -14
  380. package/frontend/src/features/auth/components/index.ts +5 -0
  381. package/frontend/src/features/auth/helpers.tsx +208 -0
  382. package/frontend/src/features/auth/hooks/useAnonToken.ts +30 -0
  383. package/frontend/src/features/auth/hooks/useAuthConfig.ts +48 -0
  384. package/frontend/src/features/auth/hooks/useOAuthConfig.ts +14 -10
  385. package/frontend/src/features/auth/hooks/useUsers.ts +43 -5
  386. package/frontend/src/features/auth/index.ts +3 -2
  387. package/frontend/src/features/auth/pages/AuthMethodsPage.tsx +275 -0
  388. package/frontend/src/features/auth/pages/ConfigurationPage.tsx +395 -0
  389. package/frontend/src/features/auth/pages/UsersPage.tsx +257 -0
  390. package/frontend/src/features/auth/services/anonToken.service.ts +11 -0
  391. package/frontend/src/features/auth/services/config.service.ts +19 -0
  392. package/frontend/src/features/auth/services/{oauth.service.ts → oauth-config.service.ts} +4 -4
  393. package/frontend/src/features/auth/services/{auth.service.ts → user.service.ts} +7 -53
  394. package/frontend/src/features/dashboard/components/ConnectionSuccessBanner.tsx +35 -0
  395. package/frontend/src/features/dashboard/components/PromptCard.tsx +21 -0
  396. package/frontend/src/features/dashboard/components/PromptDialog.tsx +103 -0
  397. package/frontend/src/features/dashboard/components/StatsCard.tsx +50 -0
  398. package/frontend/src/features/dashboard/components/index.ts +4 -0
  399. package/frontend/src/features/dashboard/pages/DashboardPage.tsx +212 -0
  400. package/frontend/src/features/dashboard/prompts/ai-chatbot.ts +13 -0
  401. package/frontend/src/features/dashboard/prompts/crm-system.ts +13 -0
  402. package/frontend/src/features/dashboard/prompts/ecommerce-platform.ts +12 -0
  403. package/frontend/src/features/dashboard/prompts/index.ts +31 -0
  404. package/frontend/src/features/dashboard/prompts/instagram-clone.ts +11 -0
  405. package/frontend/src/features/dashboard/prompts/notion-clone.ts +14 -0
  406. package/frontend/src/features/dashboard/prompts/reddit-clone.ts +12 -0
  407. package/frontend/src/features/database/components/DatabaseDataGrid.tsx +48 -17
  408. package/frontend/src/features/database/components/ForeignKeyCell.tsx +15 -34
  409. package/frontend/src/features/database/components/ForeignKeyPopover.tsx +19 -20
  410. package/frontend/src/features/database/components/LinkRecordModal.tsx +120 -125
  411. package/frontend/src/features/database/components/RecordFormDialog.tsx +22 -33
  412. package/frontend/src/features/database/components/RecordFormField.tsx +45 -47
  413. package/frontend/src/features/database/components/SQLModal.tsx +75 -0
  414. package/frontend/src/features/database/components/TableEmptyState.tsx +6 -5
  415. package/frontend/src/features/database/components/TableForm.tsx +28 -19
  416. package/frontend/src/features/database/components/TableFormColumn.tsx +2 -3
  417. package/frontend/src/features/database/components/TableSidebar.tsx +1 -1
  418. package/frontend/src/features/database/components/TablesEmptyState.tsx +48 -0
  419. package/frontend/src/features/database/components/TemplateCard.tsx +37 -0
  420. package/frontend/src/features/database/components/TemplatePreview.tsx +92 -0
  421. package/frontend/src/features/database/components/index.ts +19 -0
  422. package/frontend/src/features/database/constants.ts +28 -2
  423. package/frontend/src/features/database/contexts/SQLEditorContext.tsx +188 -0
  424. package/frontend/src/features/database/helpers.ts +2 -2
  425. package/frontend/src/features/database/hooks/useCSVImport.ts +29 -0
  426. package/frontend/src/features/database/hooks/useDatabase.ts +66 -0
  427. package/frontend/src/features/database/hooks/useRawSQL.ts +55 -0
  428. package/frontend/src/features/database/hooks/useRecords.ts +139 -0
  429. package/frontend/src/features/database/hooks/useTables.ts +135 -0
  430. package/frontend/src/features/database/index.ts +7 -1
  431. package/frontend/src/features/database/pages/FunctionsPage.tsx +203 -0
  432. package/frontend/src/features/database/pages/IndexesPage.tsx +228 -0
  433. package/frontend/src/features/database/pages/PoliciesPage.tsx +237 -0
  434. package/frontend/src/features/database/pages/SQLEditorPage.tsx +382 -0
  435. package/frontend/src/features/database/{page/DatabasePage.tsx → pages/TablesPage.tsx} +168 -209
  436. package/frontend/src/features/database/pages/TemplatesPage.tsx +39 -0
  437. package/frontend/src/features/database/pages/TriggersPage.tsx +230 -0
  438. package/frontend/src/features/database/services/advance.service.ts +40 -0
  439. package/frontend/src/features/database/services/database.service.ts +33 -194
  440. package/frontend/src/features/database/services/record.service.ts +219 -0
  441. package/frontend/src/features/database/services/table.service.ts +58 -0
  442. package/frontend/src/features/database/templates/ai-chatbot.ts +402 -0
  443. package/frontend/src/features/database/templates/crm-system.ts +528 -0
  444. package/frontend/src/features/database/templates/ecommerce-platform.ts +553 -0
  445. package/frontend/src/features/database/templates/index.ts +34 -0
  446. package/frontend/src/features/database/templates/instagram-clone.ts +222 -0
  447. package/frontend/src/features/database/templates/notion-clone.ts +483 -0
  448. package/frontend/src/features/database/templates/reddit-clone.ts +526 -0
  449. package/frontend/src/features/functions/components/FunctionRow.tsx +2 -1
  450. package/frontend/src/features/functions/components/FunctionsSidebar.tsx +1 -1
  451. package/frontend/src/features/functions/components/SecretRow.tsx +1 -1
  452. package/frontend/src/features/functions/components/index.ts +5 -0
  453. package/frontend/src/features/functions/hooks/useFunctions.ts +4 -4
  454. package/frontend/src/features/{secrets → functions}/hooks/useSecrets.ts +5 -5
  455. package/frontend/src/features/functions/pages/FunctionsPage.tsx +148 -0
  456. package/frontend/src/features/functions/{components/SecretsContent.tsx → pages/SecretsPage.tsx} +19 -21
  457. package/frontend/src/features/functions/services/{functions.service.ts → function.service.ts} +2 -2
  458. package/frontend/src/features/{secrets/services/secrets.service.ts → functions/services/secret.service.ts} +2 -2
  459. package/frontend/src/features/login/hooks/usePartnerOrigin.ts +27 -0
  460. package/frontend/src/features/login/pages/CloudLoginPage.tsx +118 -0
  461. package/frontend/src/features/login/{page → pages}/LoginPage.tsx +16 -23
  462. package/frontend/src/features/login/services/partnership.service.ts +65 -0
  463. package/frontend/src/features/logs/components/LogsDataGrid.tsx +89 -0
  464. package/frontend/src/features/logs/components/SeverityBadge.tsx +18 -0
  465. package/frontend/src/features/logs/components/index.ts +2 -0
  466. package/frontend/src/features/logs/helpers.ts +24 -0
  467. package/frontend/src/features/logs/hooks/useAuditLogs.ts +4 -4
  468. package/frontend/src/features/logs/hooks/useLogSources.ts +137 -0
  469. package/frontend/src/features/logs/hooks/useLogs.ts +163 -0
  470. package/frontend/src/features/logs/hooks/useMcpUsage.ts +128 -0
  471. package/frontend/src/features/logs/index.ts +8 -2
  472. package/frontend/src/features/logs/{page → pages}/AuditsPage.tsx +91 -38
  473. package/frontend/src/features/logs/pages/LogsPage.tsx +152 -0
  474. package/frontend/src/features/logs/pages/MCPLogsPage.tsx +84 -0
  475. package/frontend/src/features/logs/services/audit.service.ts +63 -0
  476. package/frontend/src/features/logs/services/log.service.ts +15 -110
  477. package/frontend/src/features/logs/services/usage.service.ts +31 -0
  478. package/frontend/src/features/onboard/components/McpConnectionStatus.tsx +68 -0
  479. package/frontend/src/features/onboard/components/OnboardingModal.tsx +267 -0
  480. package/frontend/src/features/onboard/components/VideoDemoModal.tsx +38 -0
  481. package/frontend/src/features/onboard/components/index.ts +4 -0
  482. package/frontend/src/features/onboard/components/mcp/CursorDeeplinkGenerator.tsx +2 -2
  483. package/frontend/src/features/onboard/components/mcp/{mcp-helper.tsx → helpers.tsx} +8 -8
  484. package/frontend/src/features/onboard/components/mcp/index.ts +2 -3
  485. package/frontend/src/features/onboard/index.ts +13 -3
  486. package/frontend/src/features/realtime/components/ChannelRow.tsx +83 -0
  487. package/frontend/src/features/realtime/components/EditChannelModal.tsx +246 -0
  488. package/frontend/src/features/realtime/components/MessageRow.tsx +85 -0
  489. package/frontend/src/features/realtime/components/RealtimeEmptyState.tsx +30 -0
  490. package/frontend/src/features/realtime/hooks/useRealtime.ts +218 -0
  491. package/frontend/src/features/realtime/index.ts +11 -0
  492. package/frontend/src/features/realtime/pages/RealtimeChannelsPage.tsx +172 -0
  493. package/frontend/src/features/realtime/pages/RealtimeMessagesPage.tsx +211 -0
  494. package/frontend/src/features/realtime/pages/RealtimePermissionsPage.tsx +191 -0
  495. package/frontend/src/features/realtime/services/realtime.service.ts +107 -0
  496. package/frontend/src/features/storage/components/BucketEmptyState.tsx +9 -6
  497. package/frontend/src/features/storage/components/BucketFormDialog.tsx +25 -41
  498. package/frontend/src/features/storage/components/FilePreviewDialog.tsx +20 -8
  499. package/frontend/src/features/storage/components/StorageDataGrid.tsx +4 -3
  500. package/frontend/src/features/storage/components/StorageManager.tsx +23 -34
  501. package/frontend/src/features/storage/components/index.ts +12 -0
  502. package/frontend/src/features/storage/hooks/useStorage.ts +208 -0
  503. package/frontend/src/features/storage/{page → pages}/StoragePage.tsx +41 -143
  504. package/frontend/src/features/storage/services/storage.service.ts +22 -1
  505. package/frontend/src/features/visualizer/components/AuthNode.tsx +72 -56
  506. package/frontend/src/features/visualizer/components/BucketNode.tsx +4 -4
  507. package/frontend/src/features/visualizer/components/SchemaVisualizer.tsx +108 -80
  508. package/frontend/src/features/visualizer/components/TableNode.tsx +34 -41
  509. package/frontend/src/features/visualizer/components/VisualizerSkeleton.tsx +12 -4
  510. package/frontend/src/features/visualizer/pages/VisualizerPage.tsx +97 -0
  511. package/frontend/src/index.css +1 -0
  512. package/frontend/src/lib/analytics/posthog.tsx +27 -0
  513. package/frontend/src/lib/contexts/AuthContext.tsx +38 -31
  514. package/frontend/src/lib/contexts/SocketContext.tsx +123 -80
  515. package/frontend/src/{features/metadata → lib}/hooks/useMetadata.ts +1 -1
  516. package/frontend/src/lib/hooks/useToast.tsx +6 -2
  517. package/frontend/src/lib/routing/AppRoutes.tsx +99 -0
  518. package/frontend/src/lib/routing/RequireAuth.tsx +27 -0
  519. package/frontend/src/lib/utils/cloudMessaging.ts +20 -0
  520. package/frontend/src/lib/utils/menuItems.ts +207 -0
  521. package/frontend/src/lib/utils/{validation-schemas.ts → schemaValidations.ts} +10 -5
  522. package/frontend/src/lib/utils/utils.ts +32 -1
  523. package/frontend/src/vite-env.d.ts +1 -0
  524. package/frontend/tsconfig.json +25 -25
  525. package/frontend/tsconfig.node.json +9 -9
  526. package/frontend/vite.config.ts +5 -3
  527. package/functions/deno.json +24 -24
  528. package/functions/server.ts +315 -290
  529. package/functions/worker-template.js +15 -4
  530. package/i18n/README.ar.md +130 -0
  531. package/i18n/README.de.md +130 -0
  532. package/i18n/README.es.md +154 -0
  533. package/i18n/README.fr.md +134 -0
  534. package/i18n/README.hi.md +129 -0
  535. package/i18n/README.ja.md +174 -0
  536. package/i18n/README.ko.md +137 -0
  537. package/i18n/README.pt-BR.md +131 -0
  538. package/i18n/README.ru.md +129 -0
  539. package/i18n/README.zh-CN.md +133 -0
  540. package/openapi/ai.yaml +715 -688
  541. package/openapi/auth.yaml +1244 -563
  542. package/openapi/email.yaml +158 -0
  543. package/openapi/functions.yaml +475 -475
  544. package/openapi/health.yaml +29 -29
  545. package/openapi/logs.yaml +223 -223
  546. package/openapi/metadata.yaml +177 -177
  547. package/openapi/realtime.yaml +699 -0
  548. package/openapi/records.yaml +381 -381
  549. package/openapi/secrets.yaml +370 -370
  550. package/openapi/storage.yaml +875 -875
  551. package/openapi/tables.yaml +463 -463
  552. package/package.json +97 -88
  553. package/shared-schemas/package.json +31 -31
  554. package/shared-schemas/src/ai-api.schema.ts +34 -58
  555. package/shared-schemas/src/ai.schema.ts +63 -54
  556. package/shared-schemas/src/auth-api.schema.ts +352 -193
  557. package/shared-schemas/src/auth.schema.ts +43 -7
  558. package/shared-schemas/src/cloud-events.schema.ts +57 -0
  559. package/shared-schemas/src/database-api.schema.ts +35 -4
  560. package/shared-schemas/src/database.schema.ts +40 -1
  561. package/shared-schemas/src/docs.schema.ts +26 -0
  562. package/shared-schemas/src/email-api.schema.ts +30 -0
  563. package/shared-schemas/src/index.ts +5 -0
  564. package/shared-schemas/src/logs-api.schema.ts +7 -1
  565. package/shared-schemas/src/logs.schema.ts +26 -0
  566. package/shared-schemas/src/metadata.schema.ts +18 -4
  567. package/shared-schemas/src/realtime-api.schema.ts +111 -0
  568. package/shared-schemas/src/realtime.schema.ts +143 -0
  569. package/shared-schemas/tsconfig.json +21 -21
  570. package/tsconfig.json +7 -7
  571. package/zeabur/README.md +13 -0
  572. package/zeabur/template.yml +1032 -0
  573. package/.github/workflows/deploy-aws.yml +0 -130
  574. package/backend/src/api/routes/agent.ts +0 -29
  575. package/backend/src/api/routes/auth.oauth.ts +0 -482
  576. package/backend/src/api/routes/auth.ts +0 -386
  577. package/backend/src/api/routes/docs.ts +0 -66
  578. package/backend/src/api/routes/functions.ts +0 -183
  579. package/backend/src/api/routes/openapi.ts +0 -82
  580. package/backend/src/api/routes/usage.ts +0 -96
  581. package/backend/src/core/ai/client.ts +0 -242
  582. package/backend/src/core/ai/model.ts +0 -117
  583. package/backend/src/core/auth/auth.ts +0 -780
  584. package/backend/src/core/database/manager.ts +0 -178
  585. package/backend/src/core/database/table.ts +0 -772
  586. package/backend/src/core/documentation/agent.ts +0 -689
  587. package/backend/src/core/documentation/openapi.ts +0 -856
  588. package/backend/src/core/logs/analytics.ts +0 -76
  589. package/backend/src/core/logs/providers/localdb.provider.ts +0 -246
  590. package/backend/src/core/socket/socket.ts +0 -388
  591. package/backend/src/core/storage/storage.ts +0 -923
  592. package/backend/src/utils/cloud-token.ts +0 -39
  593. package/backend/src/utils/helpers.ts +0 -49
  594. package/backend/src/utils/uuid.ts +0 -9
  595. package/backend/tests/manual/test-better-auth.sh +0 -303
  596. package/docker-init/db/logs.sql +0 -9
  597. package/frontend/README.md +0 -112
  598. package/frontend/src/components/datagrid/index.tsx +0 -20
  599. package/frontend/src/components/layout/CloudLayout.tsx +0 -95
  600. package/frontend/src/features/ai/components/AIConfigDialog.tsx +0 -76
  601. package/frontend/src/features/ai/components/AIConfigForm.tsx +0 -222
  602. package/frontend/src/features/ai/components/fields/ModalityField.tsx +0 -87
  603. package/frontend/src/features/ai/components/fields/ModelSelectionField.tsx +0 -134
  604. package/frontend/src/features/ai/components/fields/SystemPromptField.tsx +0 -33
  605. package/frontend/src/features/ai/page/AIPage.tsx +0 -178
  606. package/frontend/src/features/auth/components/AddOAuthDialog.tsx +0 -106
  607. package/frontend/src/features/auth/components/AuthMethodTab.tsx +0 -238
  608. package/frontend/src/features/auth/components/UsersTab.tsx +0 -114
  609. package/frontend/src/features/auth/page/AuthenticationPage.tsx +0 -169
  610. package/frontend/src/features/dashboard/page/DashboardPage.tsx +0 -194
  611. package/frontend/src/features/database/hooks/UseLinkModal.tsx +0 -78
  612. package/frontend/src/features/functions/components/FunctionViewer.tsx +0 -46
  613. package/frontend/src/features/functions/components/FunctionsContent.tsx +0 -88
  614. package/frontend/src/features/functions/page/FunctionsPage.tsx +0 -28
  615. package/frontend/src/features/login/components/AuthErrorBoundary.tsx +0 -87
  616. package/frontend/src/features/login/components/PrivateRoute.tsx +0 -24
  617. package/frontend/src/features/login/page/CloudLoginPage.tsx +0 -93
  618. package/frontend/src/features/logs/components/AnalyticsLogsTable.tsx +0 -313
  619. package/frontend/src/features/logs/components/LogsTable.tsx +0 -199
  620. package/frontend/src/features/logs/page/AnalyticsLogsPage.tsx +0 -530
  621. package/frontend/src/features/metadata/index.ts +0 -0
  622. package/frontend/src/features/metadata/page/MetadataPage.tsx +0 -136
  623. package/frontend/src/features/onboard/components/CompletionCard.tsx +0 -41
  624. package/frontend/src/features/onboard/components/OnboardButton.tsx +0 -84
  625. package/frontend/src/features/onboard/components/StepContent.tsx +0 -91
  626. package/frontend/src/features/onboard/components/TestConnectionStep.tsx +0 -53
  627. package/frontend/src/features/onboard/components/mcp/McpInstallation.tsx +0 -144
  628. package/frontend/src/features/onboard/page/OnBoardPage.tsx +0 -104
  629. package/frontend/src/features/onboard/types.ts +0 -8
  630. package/frontend/src/features/visualizer/page/VisualizerPage.tsx +0 -127
  631. package/frontend/src/lib/contexts/OnboardStepContext.tsx +0 -68
  632. package/frontend/src/lib/hooks/useOnboardingCompletion.ts +0 -29
  633. /package/backend/src/api/{middleware → middlewares}/error.ts +0 -0
  634. /package/backend/src/api/{middleware → middlewares}/upload.ts +0 -0
  635. /package/frontend/src/{features/metadata → lib}/services/metadata.service.ts +0 -0
package/openapi/auth.yaml CHANGED
@@ -1,563 +1,1244 @@
1
- openapi: 3.0.3
2
- info:
3
- title: Insforge Authentication API
4
- version: 2.0.0
5
- description: Authentication endpoints with separated auth and profile tables
6
-
7
- paths:
8
- /api/auth/users:
9
- post:
10
- summary: Register new user
11
- description: Creates a new user account
12
- tags:
13
- - Client
14
- requestBody:
15
- required: true
16
- content:
17
- application/json:
18
- schema:
19
- type: object
20
- required:
21
- - email
22
- - password
23
- properties:
24
- email:
25
- type: string
26
- format: email
27
- example: user@example.com
28
- password:
29
- type: string
30
- minLength: 8
31
- example: securepassword123
32
- name:
33
- type: string
34
- example: John Doe
35
- responses:
36
- '201':
37
- description: User created successfully
38
- content:
39
- application/json:
40
- schema:
41
- type: object
42
- properties:
43
- user:
44
- type: object
45
- properties:
46
- id:
47
- type: string
48
- format: uuid
49
- email:
50
- type: string
51
- name:
52
- type: string
53
- emailVerified:
54
- type: boolean
55
- createdAt:
56
- type: string
57
- format: date-time
58
- updatedAt:
59
- type: string
60
- format: date-time
61
- accessToken:
62
- type: string
63
- description: JWT authentication token
64
- '400':
65
- description: Invalid request
66
- '409':
67
- description: User already exists
68
-
69
- get:
70
- summary: List all users (admin only)
71
- description: Returns paginated list of users
72
- tags:
73
- - Admin
74
- security:
75
- - bearerAuth: []
76
- parameters:
77
- - name: page
78
- in: query
79
- schema:
80
- type: integer
81
- default: 1
82
- - name: limit
83
- in: query
84
- schema:
85
- type: integer
86
- default: 10
87
- - name: search
88
- in: query
89
- schema:
90
- type: string
91
- - name: role
92
- in: query
93
- schema:
94
- type: string
95
- enum: [user, admin]
96
- responses:
97
- '200':
98
- description: List of users
99
- content:
100
- application/json:
101
- schema:
102
- type: object
103
- properties:
104
- data:
105
- type: array
106
- items:
107
- type: object
108
- properties:
109
- id:
110
- type: string
111
- email:
112
- type: string
113
- name:
114
- type: string
115
- role:
116
- type: string
117
- created_at:
118
- type: string
119
- format: date-time
120
- pagination:
121
- type: object
122
- properties:
123
- offset:
124
- type: integer
125
- limit:
126
- type: integer
127
- total:
128
- type: integer
129
- '401':
130
- description: Unauthorized
131
- '403':
132
- description: Forbidden - Admin only
133
-
134
- delete:
135
- summary: Delete users (admin only)
136
- description: Delete multiple users by their IDs
137
- tags:
138
- - Admin
139
- security:
140
- - bearerAuth: []
141
- requestBody:
142
- required: true
143
- content:
144
- application/json:
145
- schema:
146
- type: object
147
- properties:
148
- userIds:
149
- type: array
150
- items:
151
- type: string
152
- required:
153
- - userIds
154
- responses:
155
- '200':
156
- description: Users deleted successfully
157
- content:
158
- application/json:
159
- schema:
160
- type: object
161
- properties:
162
- message:
163
- type: string
164
- deletedCount:
165
- type: integer
166
- '401':
167
- description: Unauthorized
168
- '403':
169
- description: Forbidden - Admin only
170
-
171
- /api/auth/sessions:
172
- post:
173
- summary: User login
174
- description: Authenticates user and returns access token
175
- tags:
176
- - Client
177
- requestBody:
178
- required: true
179
- content:
180
- application/json:
181
- schema:
182
- type: object
183
- required:
184
- - email
185
- - password
186
- properties:
187
- email:
188
- type: string
189
- format: email
190
- password:
191
- type: string
192
- responses:
193
- '200':
194
- description: Login successful
195
- content:
196
- application/json:
197
- schema:
198
- type: object
199
- properties:
200
- user:
201
- type: object
202
- properties:
203
- id:
204
- type: string
205
- format: uuid
206
- email:
207
- type: string
208
- name:
209
- type: string
210
- emailVerified:
211
- type: boolean
212
- createdAt:
213
- type: string
214
- format: date-time
215
- updatedAt:
216
- type: string
217
- format: date-time
218
- accessToken:
219
- type: string
220
- '401':
221
- description: Invalid credentials
222
-
223
- /api/auth/sessions/current:
224
- get:
225
- summary: Get current user
226
- description: Returns the currently authenticated user
227
- tags:
228
- - Client
229
- security:
230
- - bearerAuth: []
231
- responses:
232
- '200':
233
- description: Current user info
234
- content:
235
- application/json:
236
- schema:
237
- type: object
238
- properties:
239
- user:
240
- type: object
241
- properties:
242
- id:
243
- type: string
244
- email:
245
- type: string
246
- name:
247
- type: string
248
- role:
249
- type: string
250
- '401':
251
- description: Unauthorized
252
-
253
- /api/auth/admin/sessions:
254
- post:
255
- summary: Admin login
256
- description: Authenticates admin user for dashboard access
257
- tags:
258
- - Admin
259
- requestBody:
260
- required: true
261
- content:
262
- application/json:
263
- schema:
264
- type: object
265
- required:
266
- - email
267
- - password
268
- properties:
269
- email:
270
- type: string
271
- format: email
272
- password:
273
- type: string
274
- responses:
275
- '200':
276
- description: Admin login successful
277
- content:
278
- application/json:
279
- schema:
280
- type: object
281
- properties:
282
- accessToken:
283
- type: string
284
- user:
285
- type: object
286
- properties:
287
- id:
288
- type: string
289
- email:
290
- type: string
291
- name:
292
- type: string
293
- role:
294
- type: string
295
- enum: [admin]
296
- '401':
297
- description: Invalid credentials
298
- '403':
299
- description: User is not an admin
300
-
301
- /api/auth/admin/sessions/exchange:
302
- post:
303
- summary: Exchange cloud provider authorization code for admin session
304
- description: Verifies an authorization code/JWT from from Insforge Cloud platform and issues an internal admin session token with project_admin role
305
- tags:
306
- - Admin
307
- requestBody:
308
- required: true
309
- content:
310
- application/json:
311
- schema:
312
- type: object
313
- required:
314
- - code
315
- properties:
316
- code:
317
- type: string
318
- description: Authorization code or JWT from the Insforge
319
- example: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
320
- responses:
321
- '200':
322
- description: Cloud authorization verified, admin session created
323
- content:
324
- application/json:
325
- schema:
326
- type: object
327
- properties:
328
- accessToken:
329
- type: string
330
- description: Internal JWT for admin authentication
331
- user:
332
- type: object
333
- properties:
334
- id:
335
- type: string
336
- format: uuid
337
- email:
338
- type: string
339
- name:
340
- type: string
341
- example: Administrator
342
- emailVerified:
343
- type: boolean
344
- createdAt:
345
- type: string
346
- format: date-time
347
- updatedAt:
348
- type: string
349
- format: date-time
350
- '400':
351
- description: Invalid authorization code or JWT verification failed
352
- content:
353
- application/json:
354
- schema:
355
- $ref: '#/components/schemas/ErrorResponse'
356
-
357
- /api/auth/tokens/anon:
358
- post:
359
- summary: Generate anonymous token
360
- description: Generate a non-expiring anonymous JWT token for public API access (admin only)
361
- tags:
362
- - Client
363
- security:
364
- - bearerAuth: []
365
- responses:
366
- '200':
367
- description: Anonymous token generated successfully
368
- content:
369
- application/json:
370
- schema:
371
- type: object
372
- properties:
373
- accessToken:
374
- type: string
375
- description: Non-expiring anonymous JWT token
376
- example: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
377
- message:
378
- type: string
379
- description: Success message
380
- example: "Anonymous token generated successfully (never expires)"
381
- '401':
382
- description: Unauthorized - requires authentication
383
- '403':
384
- description: Forbidden - admin access required
385
-
386
- /api/auth/oauth/google:
387
- get:
388
- summary: Initiate Google OAuth flow
389
- tags:
390
- - Client
391
- parameters:
392
- - name: redirect_uri
393
- in: query
394
- schema:
395
- type: string
396
- format: uri
397
- description: URL to redirect after authentication
398
- responses:
399
- '302':
400
- description: Redirect to Google OAuth
401
- '500':
402
- description: OAuth not configured
403
-
404
- /api/auth/oauth/github:
405
- get:
406
- summary: Initiate GitHub OAuth flow
407
- tags:
408
- - Client
409
- parameters:
410
- - name: redirect_uri
411
- in: query
412
- schema:
413
- type: string
414
- format: uri
415
- description: URL to redirect after authentication
416
- responses:
417
- '302':
418
- description: Redirect to GitHub OAuth
419
- '500':
420
- description: OAuth not configured
421
-
422
- /api/auth/oauth/shared/callback:
423
- get:
424
- summary: Shared OAuth callback handler
425
- description: Handles OAuth callbacks from all providers
426
- tags:
427
- - Client
428
- parameters:
429
- - name: code
430
- in: query
431
- schema:
432
- type: string
433
- description: Authorization code from OAuth provider
434
- - name: state
435
- in: query
436
- schema:
437
- type: string
438
- description: JWT encoded state with provider and redirect URL
439
- - name: token
440
- in: query
441
- schema:
442
- type: string
443
- description: Direct ID token (for Google)
444
- responses:
445
- '302':
446
- description: Redirect with access token and user info in query params
447
- headers:
448
- Location:
449
- schema:
450
- type: string
451
- format: uri
452
-
453
- /api/auth/oauth/{provider}/callback:
454
- get:
455
- summary: Provider-specific OAuth callback
456
- description: Alternative callback endpoint for specific providers
457
- tags:
458
- - Client
459
- parameters:
460
- - name: provider
461
- in: path
462
- required: true
463
- schema:
464
- type: string
465
- enum: [google, github]
466
- - name: code
467
- in: query
468
- schema:
469
- type: string
470
- - name: state
471
- in: query
472
- schema:
473
- type: string
474
- - name: token
475
- in: query
476
- schema:
477
- type: string
478
- responses:
479
- '302':
480
- description: Redirect with access token
481
-
482
- components:
483
- securitySchemes:
484
- bearerAuth:
485
- type: http
486
- scheme: bearer
487
- bearerFormat: JWT
488
- apiKey:
489
- type: apiKey
490
- in: header
491
- name: x-api-key
492
-
493
- schemas:
494
- AuthRecord:
495
- type: object
496
- properties:
497
- id:
498
- type: string
499
- format: uuid
500
- email:
501
- type: string
502
- format: email
503
- passwordHash:
504
- type: string
505
- description: SHA256 hash of password
506
- createdAt:
507
- type: string
508
- format: date-time
509
- updatedAt:
510
- type: string
511
- format: date-time
512
-
513
- ProfileRecord:
514
- type: object
515
- properties:
516
- id:
517
- type: string
518
- format: uuid
519
- authId:
520
- type: string
521
- format: uuid
522
- description: Foreign key to auth table
523
- name:
524
- type: string
525
- avatar_url:
526
- type: string
527
- nullable: true
528
- bio:
529
- type: string
530
- nullable: true
531
- metadata:
532
- type: object
533
- description: JSONB field for flexible data
534
- createdAt:
535
- type: string
536
- format: date-time
537
- updatedAt:
538
- type: string
539
- format: date-time
540
-
541
- ErrorResponse:
542
- type: object
543
- required:
544
- - error
545
- - message
546
- - statusCode
547
- properties:
548
- error:
549
- type: string
550
- description: Error code for programmatic handling
551
- example: "VALIDATION_ERROR"
552
- message:
553
- type: string
554
- description: Human-readable error message
555
- example: "Email is already in use"
556
- statusCode:
557
- type: integer
558
- description: HTTP status code
559
- example: 400
560
- nextActions:
561
- type: string
562
- description: Suggested action to resolve the error
563
- example: "Please use a different email address"
1
+ openapi: 3.0.3
2
+ info:
3
+ title: Insforge Authentication API
4
+ version: 2.0.0
5
+ description: Authentication endpoints with separated auth and profile tables
6
+
7
+ paths:
8
+ /api/auth/public-config:
9
+ get:
10
+ summary: Get public authentication configuration
11
+ description: Get all public authentication configuration including OAuth providers and email auth settings (public endpoint)
12
+ tags:
13
+ - Client
14
+ responses:
15
+ '200':
16
+ description: Public authentication configuration
17
+ content:
18
+ application/json:
19
+ schema:
20
+ type: object
21
+ properties:
22
+ oAuthProviders:
23
+ type: array
24
+ items:
25
+ type: object
26
+ properties:
27
+ provider:
28
+ type: string
29
+ enum: [google, github, discord, linkedin, facebook, microsoft]
30
+ useSharedKey:
31
+ type: boolean
32
+ requireEmailVerification:
33
+ type: boolean
34
+ passwordMinLength:
35
+ type: integer
36
+ minimum: 4
37
+ maximum: 128
38
+ requireNumber:
39
+ type: boolean
40
+ requireLowercase:
41
+ type: boolean
42
+ requireUppercase:
43
+ type: boolean
44
+ requireSpecialChar:
45
+ type: boolean
46
+ verifyEmailRedirectTo:
47
+ type: string
48
+ nullable: true
49
+ description: URL to redirect users after successful email verification (if not set, shows default success page)
50
+ resetPasswordRedirectTo:
51
+ type: string
52
+ nullable: true
53
+ description: URL to redirect users after successful password reset (if not set, shows default success page)
54
+ verifyEmailMethod:
55
+ type: string
56
+ enum: [code, link]
57
+ description: Method for email verification (code = 6-digit OTP, link = magic link)
58
+ resetPasswordMethod:
59
+ type: string
60
+ enum: [code, link]
61
+ description: Method for password reset (code = 6-digit OTP + exchange flow, link = magic link)
62
+
63
+ /api/auth/config:
64
+ get:
65
+ summary: Get authentication configuration
66
+ description: Get current authentication settings including all configuration options (admin only)
67
+ tags:
68
+ - Admin
69
+ security:
70
+ - bearerAuth: []
71
+ responses:
72
+ '200':
73
+ description: Authentication configuration
74
+ content:
75
+ application/json:
76
+ schema:
77
+ type: object
78
+ properties:
79
+ id:
80
+ type: string
81
+ format: uuid
82
+ requireEmailVerification:
83
+ type: boolean
84
+ passwordMinLength:
85
+ type: integer
86
+ minimum: 4
87
+ maximum: 128
88
+ requireNumber:
89
+ type: boolean
90
+ requireLowercase:
91
+ type: boolean
92
+ requireUppercase:
93
+ type: boolean
94
+ requireSpecialChar:
95
+ type: boolean
96
+ verifyEmailRedirectTo:
97
+ type: string
98
+ nullable: true
99
+ description: URL to redirect users after successful email verification (if not set, shows default success page)
100
+ resetPasswordRedirectTo:
101
+ type: string
102
+ nullable: true
103
+ description: URL to redirect users after successful password reset (if not set, shows default success page)
104
+ verifyEmailMethod:
105
+ type: string
106
+ enum: [code, link]
107
+ description: Method for email verification (code = 6-digit OTP, link = magic link)
108
+ resetPasswordMethod:
109
+ type: string
110
+ enum: [code, link]
111
+ description: Method for password reset (code = 6-digit OTP + exchange flow, link = magic link)
112
+ signInRedirectTo:
113
+ type: string
114
+ nullable: true
115
+ description: URL to redirect users after successful sign in
116
+ createdAt:
117
+ type: string
118
+ format: date-time
119
+ updatedAt:
120
+ type: string
121
+ format: date-time
122
+ '401':
123
+ description: Unauthorized
124
+ '403':
125
+ description: Forbidden - Admin only
126
+
127
+ put:
128
+ summary: Update authentication configuration
129
+ description: Update authentication settings (admin only)
130
+ tags:
131
+ - Admin
132
+ security:
133
+ - bearerAuth: []
134
+ requestBody:
135
+ required: true
136
+ content:
137
+ application/json:
138
+ schema:
139
+ type: object
140
+ properties:
141
+ requireEmailVerification:
142
+ type: boolean
143
+ passwordMinLength:
144
+ type: integer
145
+ minimum: 4
146
+ maximum: 128
147
+ requireNumber:
148
+ type: boolean
149
+ requireLowercase:
150
+ type: boolean
151
+ requireUppercase:
152
+ type: boolean
153
+ requireSpecialChar:
154
+ type: boolean
155
+ verifyEmailRedirectTo:
156
+ type: string
157
+ nullable: true
158
+ description: URL to redirect users after successful email verification (if not set, shows default success page)
159
+ resetPasswordRedirectTo:
160
+ type: string
161
+ nullable: true
162
+ description: URL to redirect users after successful password reset (if not set, shows default success page)
163
+ verifyEmailMethod:
164
+ type: string
165
+ enum: [code, link]
166
+ description: Method for email verification (code = 6-digit OTP, link = magic link)
167
+ resetPasswordMethod:
168
+ type: string
169
+ enum: [code, link]
170
+ description: Method for password reset (code = 6-digit OTP + exchange flow, link = magic link)
171
+ signInRedirectTo:
172
+ type: string
173
+ nullable: true
174
+ description: URL to redirect users after successful sign in
175
+ responses:
176
+ '200':
177
+ description: Configuration updated successfully
178
+ content:
179
+ application/json:
180
+ schema:
181
+ type: object
182
+ properties:
183
+ id:
184
+ type: string
185
+ format: uuid
186
+ requireEmailVerification:
187
+ type: boolean
188
+ passwordMinLength:
189
+ type: integer
190
+ minimum: 4
191
+ maximum: 128
192
+ requireNumber:
193
+ type: boolean
194
+ requireLowercase:
195
+ type: boolean
196
+ requireUppercase:
197
+ type: boolean
198
+ requireSpecialChar:
199
+ type: boolean
200
+ verifyEmailRedirectTo:
201
+ type: string
202
+ nullable: true
203
+ description: URL to redirect users after successful email verification (if not set, shows default success page)
204
+ resetPasswordRedirectTo:
205
+ type: string
206
+ nullable: true
207
+ description: URL to redirect users after successful password reset (if not set, shows default success page)
208
+ verifyEmailMethod:
209
+ type: string
210
+ enum: [code, link]
211
+ resetPasswordMethod:
212
+ type: string
213
+ enum: [code, link]
214
+ signInRedirectTo:
215
+ type: string
216
+ nullable: true
217
+ createdAt:
218
+ type: string
219
+ format: date-time
220
+ updatedAt:
221
+ type: string
222
+ format: date-time
223
+ '400':
224
+ description: Invalid request
225
+ '401':
226
+ description: Unauthorized
227
+ '403':
228
+ description: Forbidden - Admin only
229
+
230
+ /api/auth/users:
231
+ post:
232
+ summary: Register new user
233
+ description: Creates a new user account
234
+ tags:
235
+ - Client
236
+ requestBody:
237
+ required: true
238
+ content:
239
+ application/json:
240
+ schema:
241
+ type: object
242
+ required:
243
+ - email
244
+ - password
245
+ properties:
246
+ email:
247
+ type: string
248
+ format: email
249
+ example: user@example.com
250
+ password:
251
+ type: string
252
+ description: Password meeting configured requirements (check /api/auth/email/config for current requirements)
253
+ example: securepassword123
254
+ name:
255
+ type: string
256
+ example: John Doe
257
+ responses:
258
+ '200':
259
+ description: User created successfully
260
+ content:
261
+ application/json:
262
+ schema:
263
+ type: object
264
+ properties:
265
+ user:
266
+ $ref: '#/components/schemas/UserResponse'
267
+ accessToken:
268
+ type: string
269
+ nullable: true
270
+ description: JWT authentication token (null if email verification required)
271
+ requireEmailVerification:
272
+ type: boolean
273
+ description: Whether email verification is required before login
274
+ redirectTo:
275
+ type: string
276
+ format: uri
277
+ description: Optional URL to redirect user after registration (only present if email verification not required)
278
+ '400':
279
+ description: Invalid request
280
+ '409':
281
+ description: User already exists
282
+
283
+ get:
284
+ summary: List all users (admin only)
285
+ description: Returns paginated list of users
286
+ tags:
287
+ - Admin
288
+ security:
289
+ - bearerAuth: []
290
+ parameters:
291
+ - name: offset
292
+ in: query
293
+ schema:
294
+ type: string
295
+ default: '0'
296
+ description: Number of records to skip
297
+ - name: limit
298
+ in: query
299
+ schema:
300
+ type: string
301
+ default: '10'
302
+ description: Maximum number of records to return
303
+ - name: search
304
+ in: query
305
+ schema:
306
+ type: string
307
+ description: Search by email or name
308
+ responses:
309
+ '200':
310
+ description: List of users
311
+ content:
312
+ application/json:
313
+ schema:
314
+ type: object
315
+ properties:
316
+ data:
317
+ type: array
318
+ items:
319
+ $ref: '#/components/schemas/UserResponse'
320
+ pagination:
321
+ type: object
322
+ properties:
323
+ offset:
324
+ type: integer
325
+ limit:
326
+ type: integer
327
+ total:
328
+ type: integer
329
+ '401':
330
+ description: Unauthorized
331
+ '403':
332
+ description: Forbidden - Admin only
333
+
334
+ delete:
335
+ summary: Delete users (admin only)
336
+ description: Delete multiple users by their IDs
337
+ tags:
338
+ - Admin
339
+ security:
340
+ - bearerAuth: []
341
+ requestBody:
342
+ required: true
343
+ content:
344
+ application/json:
345
+ schema:
346
+ type: object
347
+ properties:
348
+ userIds:
349
+ type: array
350
+ items:
351
+ type: string
352
+ required:
353
+ - userIds
354
+ responses:
355
+ '200':
356
+ description: Users deleted successfully
357
+ content:
358
+ application/json:
359
+ schema:
360
+ type: object
361
+ properties:
362
+ message:
363
+ type: string
364
+ deletedCount:
365
+ type: integer
366
+ '401':
367
+ description: Unauthorized
368
+ '403':
369
+ description: Forbidden - Admin only
370
+
371
+ /api/auth/users/{userId}:
372
+ get:
373
+ summary: Get specific user
374
+ description: Get user details by ID (admin only)
375
+ tags:
376
+ - Admin
377
+ security:
378
+ - bearerAuth: []
379
+ parameters:
380
+ - name: userId
381
+ in: path
382
+ required: true
383
+ schema:
384
+ type: string
385
+ format: uuid
386
+ description: User ID
387
+ responses:
388
+ '200':
389
+ description: User details
390
+ content:
391
+ application/json:
392
+ schema:
393
+ $ref: '#/components/schemas/UserResponse'
394
+ '400':
395
+ description: Invalid user ID format
396
+ '401':
397
+ description: Unauthorized
398
+ '403':
399
+ description: Forbidden - Admin only
400
+ '404':
401
+ description: User not found
402
+
403
+ /api/auth/sessions:
404
+ post:
405
+ summary: User login
406
+ description: Authenticates user and returns access token
407
+ tags:
408
+ - Client
409
+ requestBody:
410
+ required: true
411
+ content:
412
+ application/json:
413
+ schema:
414
+ type: object
415
+ required:
416
+ - email
417
+ - password
418
+ properties:
419
+ email:
420
+ type: string
421
+ format: email
422
+ password:
423
+ type: string
424
+ responses:
425
+ '200':
426
+ description: Login successful
427
+ content:
428
+ application/json:
429
+ schema:
430
+ type: object
431
+ properties:
432
+ user:
433
+ $ref: '#/components/schemas/UserResponse'
434
+ accessToken:
435
+ type: string
436
+ redirectTo:
437
+ type: string
438
+ format: uri
439
+ description: Optional URL to redirect user after login (if configured)
440
+ '401':
441
+ description: Invalid credentials
442
+ '403':
443
+ description: Email verification required
444
+
445
+ /api/auth/sessions/current:
446
+ get:
447
+ summary: Get current user
448
+ description: Returns the currently authenticated user's basic info from JWT token
449
+ tags:
450
+ - Client
451
+ security:
452
+ - bearerAuth: []
453
+ responses:
454
+ '200':
455
+ description: Current user info
456
+ content:
457
+ application/json:
458
+ schema:
459
+ type: object
460
+ properties:
461
+ user:
462
+ type: object
463
+ properties:
464
+ id:
465
+ type: string
466
+ format: uuid
467
+ email:
468
+ type: string
469
+ format: email
470
+ role:
471
+ type: string
472
+ enum: [authenticated, project_admin]
473
+ '401':
474
+ description: Unauthorized
475
+
476
+ /api/auth/admin/sessions:
477
+ post:
478
+ summary: Admin login
479
+ description: Authenticates admin user for dashboard access
480
+ tags:
481
+ - Admin
482
+ requestBody:
483
+ required: true
484
+ content:
485
+ application/json:
486
+ schema:
487
+ type: object
488
+ required:
489
+ - email
490
+ - password
491
+ properties:
492
+ email:
493
+ type: string
494
+ format: email
495
+ password:
496
+ type: string
497
+ responses:
498
+ '200':
499
+ description: Admin login successful
500
+ content:
501
+ application/json:
502
+ schema:
503
+ type: object
504
+ properties:
505
+ user:
506
+ $ref: '#/components/schemas/UserResponse'
507
+ accessToken:
508
+ type: string
509
+ '401':
510
+ description: Invalid credentials
511
+ '403':
512
+ description: User is not an admin
513
+
514
+ /api/auth/admin/sessions/exchange:
515
+ post:
516
+ summary: Exchange cloud provider authorization code for admin session
517
+ description: Verifies an authorization code/JWT from from Insforge Cloud platform and issues an internal admin session token with project_admin role
518
+ tags:
519
+ - Admin
520
+ requestBody:
521
+ required: true
522
+ content:
523
+ application/json:
524
+ schema:
525
+ type: object
526
+ required:
527
+ - code
528
+ properties:
529
+ code:
530
+ type: string
531
+ description: Authorization code or JWT from the Insforge
532
+ example: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
533
+ responses:
534
+ '200':
535
+ description: Cloud authorization verified, admin session created
536
+ content:
537
+ application/json:
538
+ schema:
539
+ type: object
540
+ properties:
541
+ user:
542
+ $ref: '#/components/schemas/UserResponse'
543
+ accessToken:
544
+ type: string
545
+ description: Internal JWT for admin authentication
546
+ '400':
547
+ description: Invalid authorization code or JWT verification failed
548
+ content:
549
+ application/json:
550
+ schema:
551
+ $ref: '#/components/schemas/ErrorResponse'
552
+
553
+ /api/auth/tokens/anon:
554
+ post:
555
+ summary: Generate anonymous token
556
+ description: Generate a non-expiring anonymous JWT token for public API access (admin only)
557
+ tags:
558
+ - Admin
559
+ security:
560
+ - bearerAuth: []
561
+ responses:
562
+ '200':
563
+ description: Anonymous token generated successfully
564
+ content:
565
+ application/json:
566
+ schema:
567
+ type: object
568
+ properties:
569
+ accessToken:
570
+ type: string
571
+ description: Non-expiring anonymous JWT token
572
+ example: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
573
+ message:
574
+ type: string
575
+ description: Success message
576
+ example: "Anonymous token generated successfully (never expires)"
577
+ '401':
578
+ description: Unauthorized - requires authentication
579
+ '403':
580
+ description: Forbidden - admin access required
581
+
582
+ /api/auth/email/send-verification:
583
+ post:
584
+ summary: Send email verification (code or link based on config)
585
+ description: Send email verification using the method configured in auth settings (verifyEmailMethod). When method is 'code', sends a 6-digit numeric code. When method is 'link', sends a magic link. Prevents user enumeration by returning success even if email doesn't exist.
586
+ tags:
587
+ - Client
588
+ requestBody:
589
+ required: true
590
+ content:
591
+ application/json:
592
+ schema:
593
+ type: object
594
+ required:
595
+ - email
596
+ properties:
597
+ email:
598
+ type: string
599
+ format: email
600
+ example: user@example.com
601
+ responses:
602
+ '202':
603
+ description: Verification email sent (if email exists). Message varies based on configured method.
604
+ content:
605
+ application/json:
606
+ schema:
607
+ type: object
608
+ properties:
609
+ success:
610
+ type: boolean
611
+ message:
612
+ type: string
613
+ example: "If your email is registered, we have sent you a verification code/link. Please check your inbox."
614
+ '400':
615
+ description: Invalid request
616
+
617
+ /api/auth/email/verify:
618
+ post:
619
+ summary: Verify email with code or link
620
+ description: |
621
+ Verify email address using the method configured in auth settings (verifyEmailMethod):
622
+ - Code verification: Provide both `email` and `otp` (6-digit numeric code)
623
+ - Link verification: Provide only `otp` (64-character hex token from magic link)
624
+
625
+ Successfully verified users will receive a session token.
626
+
627
+ The email verification link sent to users always points to the backend API endpoint.
628
+ If `verifyEmailRedirectTo` is configured, the backend will redirect to that URL after successful verification.
629
+ Otherwise, a default success page is displayed.
630
+ tags:
631
+ - Client
632
+ requestBody:
633
+ required: true
634
+ content:
635
+ application/json:
636
+ schema:
637
+ type: object
638
+ required:
639
+ - otp
640
+ properties:
641
+ email:
642
+ type: string
643
+ format: email
644
+ description: Required for numeric code verification, omit for magic link verification
645
+ example: user@example.com
646
+ otp:
647
+ type: string
648
+ description: Either a 6-digit numeric code or a 64-character hex token from magic link
649
+ example: "123456"
650
+ responses:
651
+ '200':
652
+ description: Email verified successfully, session created
653
+ content:
654
+ application/json:
655
+ schema:
656
+ type: object
657
+ properties:
658
+ user:
659
+ $ref: '#/components/schemas/UserResponse'
660
+ accessToken:
661
+ type: string
662
+ description: JWT authentication token
663
+ redirectTo:
664
+ type: string
665
+ format: uri
666
+ description: Optional URL to redirect user after verification (only present if configured)
667
+ '400':
668
+ description: Invalid verification code or token
669
+ '401':
670
+ description: Verification code/token expired or invalid
671
+
672
+ /api/auth/email/send-reset-password:
673
+ post:
674
+ summary: Send password reset (code or link based on config)
675
+ description: Send password reset email using the method configured in auth settings (resetPasswordMethod). When method is 'code', sends a 6-digit numeric code for two-step flow. When method is 'link', sends a magic link. Prevents user enumeration by returning success even if email doesn't exist.
676
+ tags:
677
+ - Client
678
+ requestBody:
679
+ required: true
680
+ content:
681
+ application/json:
682
+ schema:
683
+ type: object
684
+ required:
685
+ - email
686
+ properties:
687
+ email:
688
+ type: string
689
+ format: email
690
+ example: user@example.com
691
+ responses:
692
+ '202':
693
+ description: Password reset email sent (if email exists). Message varies based on configured method.
694
+ content:
695
+ application/json:
696
+ schema:
697
+ type: object
698
+ properties:
699
+ success:
700
+ type: boolean
701
+ message:
702
+ type: string
703
+ example: "If your email is registered, we have sent you a password reset code/link. Please check your inbox."
704
+ '400':
705
+ description: Invalid request
706
+
707
+ /api/auth/email/exchange-reset-password-token:
708
+ post:
709
+ summary: Exchange reset password code for reset token
710
+ description: |
711
+ Step 1 of two-step password reset flow (only used when resetPasswordMethod is 'code'):
712
+ 1. Verify the 6-digit code sent to user's email
713
+ 2. Return a reset token that can be used to actually reset the password
714
+
715
+ This endpoint is not used when resetPasswordMethod is 'link' (magic link flow is direct).
716
+ tags:
717
+ - Client
718
+ requestBody:
719
+ required: true
720
+ content:
721
+ application/json:
722
+ schema:
723
+ type: object
724
+ required:
725
+ - email
726
+ - code
727
+ properties:
728
+ email:
729
+ type: string
730
+ format: email
731
+ example: user@example.com
732
+ code:
733
+ type: string
734
+ description: 6-digit numeric code from email
735
+ example: "123456"
736
+ responses:
737
+ '200':
738
+ description: Code verified successfully, reset token returned
739
+ content:
740
+ application/json:
741
+ schema:
742
+ type: object
743
+ properties:
744
+ token:
745
+ type: string
746
+ description: Reset token to be used in reset-password endpoint
747
+ expiresAt:
748
+ type: string
749
+ format: date-time
750
+ description: Token expiration timestamp
751
+ '400':
752
+ description: Invalid request
753
+ '401':
754
+ description: Invalid or expired code
755
+
756
+ /api/auth/email/reset-password:
757
+ post:
758
+ summary: Reset password with token
759
+ description: |
760
+ Reset user password with a token. The token can be:
761
+ - Magic link token (64-character hex token from send-reset-password when method is 'link')
762
+ - Reset token (from exchange-reset-password-token after code verification when method is 'code')
763
+
764
+ Both token types use RESET_PASSWORD purpose and are verified the same way.
765
+
766
+ Flow summary:
767
+ - Code method: send-reset-password → exchange-reset-password-token → reset-password (with resetToken)
768
+ - Link method: send-reset-password → reset-password (with link token directly)
769
+ tags:
770
+ - Client
771
+ requestBody:
772
+ required: true
773
+ content:
774
+ application/json:
775
+ schema:
776
+ type: object
777
+ required:
778
+ - newPassword
779
+ - otp
780
+ properties:
781
+ newPassword:
782
+ type: string
783
+ description: New password meeting configured requirements
784
+ example: newSecurePassword123
785
+ otp:
786
+ type: string
787
+ description: Reset token (either from magic link or from exchange-reset-password-token endpoint)
788
+ example: "a1b2c3d4..."
789
+ responses:
790
+ '200':
791
+ description: Password reset successfully
792
+ content:
793
+ application/json:
794
+ schema:
795
+ type: object
796
+ properties:
797
+ message:
798
+ type: string
799
+ example: "Password reset successfully"
800
+ '400':
801
+ description: Invalid request or password requirements not met
802
+ '401':
803
+ description: Verification code/token expired or invalid
804
+
805
+ /api/auth/oauth/configs:
806
+ get:
807
+ summary: List all OAuth configurations
808
+ description: Get all configured OAuth providers (admin only)
809
+ tags:
810
+ - Admin
811
+ security:
812
+ - bearerAuth: []
813
+ responses:
814
+ '200':
815
+ description: List of OAuth configurations
816
+ content:
817
+ application/json:
818
+ schema:
819
+ type: object
820
+ properties:
821
+ data:
822
+ type: array
823
+ items:
824
+ $ref: '#/components/schemas/OAuthConfig'
825
+ count:
826
+ type: integer
827
+ '401':
828
+ description: Unauthorized
829
+ '403':
830
+ description: Forbidden - Admin only
831
+
832
+ post:
833
+ summary: Create OAuth configuration
834
+ description: Create a new OAuth provider configuration (admin only)
835
+ tags:
836
+ - Admin
837
+ security:
838
+ - bearerAuth: []
839
+ requestBody:
840
+ required: true
841
+ content:
842
+ application/json:
843
+ schema:
844
+ type: object
845
+ required:
846
+ - provider
847
+ properties:
848
+ provider:
849
+ type: string
850
+ enum: [google, github, discord, linkedin, facebook, microsoft]
851
+ clientId:
852
+ type: string
853
+ clientSecret:
854
+ type: string
855
+ redirectUri:
856
+ type: string
857
+ scopes:
858
+ type: array
859
+ items:
860
+ type: string
861
+ useSharedKey:
862
+ type: boolean
863
+ responses:
864
+ '200':
865
+ description: OAuth configuration created
866
+ content:
867
+ application/json:
868
+ schema:
869
+ $ref: '#/components/schemas/OAuthConfig'
870
+ '400':
871
+ description: Invalid request
872
+ '401':
873
+ description: Unauthorized
874
+ '403':
875
+ description: Forbidden - Admin only
876
+
877
+ /api/auth/oauth/{provider}/config:
878
+ get:
879
+ summary: Get OAuth configuration for specific provider
880
+ description: Get OAuth configuration including client secret (admin only)
881
+ tags:
882
+ - Admin
883
+ security:
884
+ - bearerAuth: []
885
+ parameters:
886
+ - name: provider
887
+ in: path
888
+ required: true
889
+ schema:
890
+ type: string
891
+ enum: [google, github, discord, linkedin, facebook, microsoft]
892
+ responses:
893
+ '200':
894
+ description: OAuth configuration
895
+ content:
896
+ application/json:
897
+ schema:
898
+ allOf:
899
+ - $ref: '#/components/schemas/OAuthConfig'
900
+ - type: object
901
+ properties:
902
+ clientSecret:
903
+ type: string
904
+ '401':
905
+ description: Unauthorized
906
+ '403':
907
+ description: Forbidden - Admin only
908
+ '404':
909
+ description: Configuration not found
910
+
911
+ put:
912
+ summary: Update OAuth configuration
913
+ description: Update OAuth provider configuration (admin only)
914
+ tags:
915
+ - Admin
916
+ security:
917
+ - bearerAuth: []
918
+ parameters:
919
+ - name: provider
920
+ in: path
921
+ required: true
922
+ schema:
923
+ type: string
924
+ enum: [google, github, discord, linkedin, facebook, microsoft]
925
+ requestBody:
926
+ required: true
927
+ content:
928
+ application/json:
929
+ schema:
930
+ type: object
931
+ properties:
932
+ clientId:
933
+ type: string
934
+ clientSecret:
935
+ type: string
936
+ redirectUri:
937
+ type: string
938
+ scopes:
939
+ type: array
940
+ items:
941
+ type: string
942
+ useSharedKey:
943
+ type: boolean
944
+ responses:
945
+ '200':
946
+ description: Configuration updated
947
+ content:
948
+ application/json:
949
+ schema:
950
+ $ref: '#/components/schemas/OAuthConfig'
951
+ '400':
952
+ description: Invalid request
953
+ '401':
954
+ description: Unauthorized
955
+ '403':
956
+ description: Forbidden - Admin only
957
+ '404':
958
+ description: Configuration not found
959
+
960
+ delete:
961
+ summary: Delete OAuth configuration
962
+ description: Delete OAuth provider configuration (admin only)
963
+ tags:
964
+ - Admin
965
+ security:
966
+ - bearerAuth: []
967
+ parameters:
968
+ - name: provider
969
+ in: path
970
+ required: true
971
+ schema:
972
+ type: string
973
+ enum: [google, github, discord, linkedin, facebook, microsoft]
974
+ responses:
975
+ '200':
976
+ description: Configuration deleted
977
+ content:
978
+ application/json:
979
+ schema:
980
+ type: object
981
+ properties:
982
+ success:
983
+ type: boolean
984
+ message:
985
+ type: string
986
+ '401':
987
+ description: Unauthorized
988
+ '403':
989
+ description: Forbidden - Admin only
990
+ '404':
991
+ description: Configuration not found
992
+
993
+ /api/auth/oauth/{provider}:
994
+ get:
995
+ summary: Initiate OAuth flow
996
+ description: Generate OAuth authorization URL for any supported provider
997
+ tags:
998
+ - Client
999
+ parameters:
1000
+ - name: provider
1001
+ in: path
1002
+ required: true
1003
+ schema:
1004
+ type: string
1005
+ enum: [google, github, discord, linkedin, facebook, microsoft]
1006
+ - name: redirect_uri
1007
+ in: query
1008
+ required: true
1009
+ schema:
1010
+ type: string
1011
+ format: uri
1012
+ description: URL to redirect after authentication
1013
+ responses:
1014
+ '200':
1015
+ description: OAuth authorization URL
1016
+ content:
1017
+ application/json:
1018
+ schema:
1019
+ type: object
1020
+ properties:
1021
+ authUrl:
1022
+ type: string
1023
+ format: uri
1024
+ '400':
1025
+ description: Invalid request or provider not supported
1026
+ '500':
1027
+ description: OAuth not configured
1028
+
1029
+ /api/auth/oauth/shared/callback/{state}:
1030
+ get:
1031
+ summary: Shared OAuth callback handler
1032
+ description: Handles OAuth callbacks from InsForge Cloud shared OAuth
1033
+ tags:
1034
+ - Client
1035
+ parameters:
1036
+ - name: state
1037
+ in: path
1038
+ required: true
1039
+ schema:
1040
+ type: string
1041
+ description: JWT state parameter
1042
+ - name: success
1043
+ in: query
1044
+ schema:
1045
+ type: string
1046
+ description: Success flag
1047
+ - name: error
1048
+ in: query
1049
+ schema:
1050
+ type: string
1051
+ description: Error message
1052
+ - name: payload
1053
+ in: query
1054
+ schema:
1055
+ type: string
1056
+ description: Base64 encoded user payload
1057
+ responses:
1058
+ '302':
1059
+ description: Redirect to application with access token or error
1060
+ headers:
1061
+ Location:
1062
+ schema:
1063
+ type: string
1064
+ format: uri
1065
+
1066
+ /api/auth/oauth/{provider}/callback:
1067
+ get:
1068
+ summary: Provider-specific OAuth callback
1069
+ description: OAuth callback endpoint for provider-specific flows
1070
+ tags:
1071
+ - Client
1072
+ parameters:
1073
+ - name: provider
1074
+ in: path
1075
+ required: true
1076
+ schema:
1077
+ type: string
1078
+ enum: [google, github, discord, linkedin, facebook, microsoft]
1079
+ - name: code
1080
+ in: query
1081
+ schema:
1082
+ type: string
1083
+ description: Authorization code from OAuth provider
1084
+ - name: state
1085
+ in: query
1086
+ required: true
1087
+ schema:
1088
+ type: string
1089
+ description: JWT state with redirect URI
1090
+ - name: token
1091
+ in: query
1092
+ schema:
1093
+ type: string
1094
+ description: Direct ID token (for some providers)
1095
+ responses:
1096
+ '302':
1097
+ description: Redirect to application with access token
1098
+ headers:
1099
+ Location:
1100
+ schema:
1101
+ type: string
1102
+ format: uri
1103
+ description: Redirect URL with access_token, user_id, email, and name query params
1104
+
1105
+ components:
1106
+ securitySchemes:
1107
+ bearerAuth:
1108
+ type: http
1109
+ scheme: bearer
1110
+ bearerFormat: JWT
1111
+ apiKey:
1112
+ type: apiKey
1113
+ in: header
1114
+ name: x-api-key
1115
+
1116
+ schemas:
1117
+ UserResponse:
1118
+ type: object
1119
+ properties:
1120
+ id:
1121
+ type: string
1122
+ format: uuid
1123
+ email:
1124
+ type: string
1125
+ format: email
1126
+ name:
1127
+ type: string
1128
+ emailVerified:
1129
+ type: boolean
1130
+ identities:
1131
+ type: array
1132
+ items:
1133
+ type: object
1134
+ properties:
1135
+ provider:
1136
+ type: string
1137
+ providerType:
1138
+ type: string
1139
+ createdAt:
1140
+ type: string
1141
+ format: date-time
1142
+ updatedAt:
1143
+ type: string
1144
+ format: date-time
1145
+
1146
+ OAuthConfig:
1147
+ type: object
1148
+ properties:
1149
+ id:
1150
+ type: string
1151
+ format: uuid
1152
+ provider:
1153
+ type: string
1154
+ enum: [google, github, discord, linkedin, facebook, microsoft]
1155
+ clientId:
1156
+ type: string
1157
+ nullable: true
1158
+ redirectUri:
1159
+ type: string
1160
+ nullable: true
1161
+ scopes:
1162
+ type: array
1163
+ items:
1164
+ type: string
1165
+ nullable: true
1166
+ useSharedKey:
1167
+ type: boolean
1168
+ createdAt:
1169
+ type: string
1170
+ format: date-time
1171
+ updatedAt:
1172
+ type: string
1173
+ format: date-time
1174
+
1175
+ AuthRecord:
1176
+ type: object
1177
+ properties:
1178
+ id:
1179
+ type: string
1180
+ format: uuid
1181
+ email:
1182
+ type: string
1183
+ format: email
1184
+ passwordHash:
1185
+ type: string
1186
+ description: SHA256 hash of password
1187
+ createdAt:
1188
+ type: string
1189
+ format: date-time
1190
+ updatedAt:
1191
+ type: string
1192
+ format: date-time
1193
+
1194
+ ProfileRecord:
1195
+ type: object
1196
+ properties:
1197
+ id:
1198
+ type: string
1199
+ format: uuid
1200
+ authId:
1201
+ type: string
1202
+ format: uuid
1203
+ description: Foreign key to auth table
1204
+ name:
1205
+ type: string
1206
+ avatar_url:
1207
+ type: string
1208
+ nullable: true
1209
+ bio:
1210
+ type: string
1211
+ nullable: true
1212
+ metadata:
1213
+ type: object
1214
+ description: JSONB field for flexible data
1215
+ createdAt:
1216
+ type: string
1217
+ format: date-time
1218
+ updatedAt:
1219
+ type: string
1220
+ format: date-time
1221
+
1222
+ ErrorResponse:
1223
+ type: object
1224
+ required:
1225
+ - error
1226
+ - message
1227
+ - statusCode
1228
+ properties:
1229
+ error:
1230
+ type: string
1231
+ description: Error code for programmatic handling
1232
+ example: "VALIDATION_ERROR"
1233
+ message:
1234
+ type: string
1235
+ description: Human-readable error message
1236
+ example: "Email is already in use"
1237
+ statusCode:
1238
+ type: integer
1239
+ description: HTTP status code
1240
+ example: 400
1241
+ nextActions:
1242
+ type: string
1243
+ description: Suggested action to resolve the error
1244
+ example: "Please use a different email address"