npm - insforge - Versions diffs - 1.2.10 → 1.3.0 - Mend

insforge 1.2.10 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (335) hide show

package/.claude-plugin/marketplace.json +20 -20
package/.dockerignore +60 -60
package/.env.example +83 -77
package/.github/ISSUE_TEMPLATE/bug_report.yml +36 -36
package/.github/ISSUE_TEMPLATE/config.yml +11 -11
package/.github/ISSUE_TEMPLATE/feature_request.yml +26 -26
package/.github/PULL_REQUEST_TEMPLATE.md +7 -7
package/.github/copilot-instructions.md +146 -146
package/.github/workflows/build-image.yml +65 -65
package/.github/workflows/ci-premerge-check.yml +23 -23
package/.github/workflows/e2e.yml +63 -63
package/.github/workflows/lint-and-format.yml +32 -32
package/.prettierignore +64 -64
package/CHANGELOG.md +44 -44
package/CLAUDE_PLUGIN.md +104 -104
package/CODE_OF_CONDUCT.md +128 -128
package/CONTRIBUTING.md +125 -125
package/Dockerfile +30 -30
package/GITHUB_OAUTH_SETUP.md +49 -49
package/GOOGLE_OAUTH_SETUP.md +148 -148
package/LICENSE +201 -201
package/README.md +182 -182
package/assets/Dark.svg +23 -23
package/auth/package.json +28 -28
package/auth/src/lib/broadcastService.ts +117 -115
package/auth/src/pages/SignInPage.tsx +60 -57
package/auth/src/pages/SignUpPage.tsx +60 -57
package/auth/tsconfig.json +32 -32
package/auth/tsconfig.node.json +11 -11
package/backend/package.json +78 -75
package/backend/src/api/routes/ai/index.routes.ts +3 -3
package/backend/src/api/routes/auth/index.routes.ts +667 -570
package/backend/src/api/routes/auth/oauth.routes.ts +473 -448
package/backend/src/api/routes/database/advance.routes.ts +37 -16
package/backend/src/api/routes/database/index.routes.ts +78 -1
package/backend/src/api/routes/database/records.routes.ts +10 -10
package/backend/src/api/routes/database/tables.routes.ts +0 -14
package/backend/src/api/routes/docs/index.routes.ts +75 -76
package/backend/src/api/routes/email/index.routes.ts +35 -0
package/backend/src/api/routes/functions/index.routes.ts +18 -12
package/backend/src/api/routes/metadata/index.routes.ts +12 -0
package/backend/src/api/routes/realtime/channels.routes.ts +81 -0
package/backend/src/api/routes/realtime/index.routes.ts +12 -0
package/backend/src/api/routes/realtime/messages.routes.ts +48 -0
package/backend/src/api/routes/realtime/permissions.routes.ts +19 -0
package/backend/src/api/routes/storage/index.routes.ts +18 -12
package/backend/src/api/routes/usage/index.routes.ts +6 -4
package/backend/src/infra/database/database.manager.ts +14 -1
package/backend/src/infra/database/migrations/000_create-base-tables.sql +141 -141
package/backend/src/infra/database/migrations/001_create-helper-functions.sql +40 -40
package/backend/src/infra/database/migrations/002_rename-auth-tables.sql +29 -29
package/backend/src/infra/database/migrations/003_create-users-table.sql +55 -55
package/backend/src/infra/database/migrations/004_add-reload-postgrest-func.sql +23 -23
package/backend/src/infra/database/migrations/005_enable-project-admin-modify-users.sql +29 -29
package/backend/src/infra/database/migrations/006_modify-ai-usage-table.sql +24 -24
package/backend/src/infra/database/migrations/007_drop-metadata-table.sql +1 -1
package/backend/src/infra/database/migrations/008_add-system-tables.sql +76 -76
package/backend/src/infra/database/migrations/009_add-function-secrets.sql +23 -23
package/backend/src/infra/database/migrations/010_modify-ai-config-modalities.sql +93 -93
package/backend/src/infra/database/migrations/011_refactor-secrets-table.sql +15 -15
package/backend/src/infra/database/migrations/012_add-storage-uploaded-by.sql +7 -7
package/backend/src/infra/database/migrations/013_create-auth-schema-functions.sql +44 -44
package/backend/src/infra/database/migrations/014_add-updated-at-trigger-user-table.sql +7 -7
package/backend/src/infra/database/migrations/015_create-auth-config-and-email-otp-tables.sql +59 -59
package/backend/src/infra/database/migrations/016_update-auth-config-and-email-otp.sql +24 -24
package/backend/src/infra/database/migrations/017_create-realtime-schema.sql +233 -0
package/backend/src/infra/realtime/realtime.manager.ts +246 -0
package/backend/src/infra/realtime/webhook-sender.ts +82 -0
package/backend/src/infra/security/token.manager.ts +219 -125
package/backend/src/infra/socket/socket.manager.ts +198 -64
package/backend/src/providers/ai/openrouter.provider.ts +12 -9
package/backend/src/providers/email/base.provider.ts +4 -7
package/backend/src/providers/email/cloud.provider.ts +84 -0
package/backend/src/providers/oauth/apple.provider.ts +266 -0
package/backend/src/providers/oauth/index.ts +1 -0
package/backend/src/server.ts +317 -284
package/backend/src/services/ai/ai-model.service.ts +5 -5
package/backend/src/services/ai/chat-completion.service.ts +4 -4
package/backend/src/services/ai/image-generation.service.ts +3 -3
package/backend/src/services/auth/auth.service.ts +14 -0
package/backend/src/services/database/database-table.service.ts +0 -9
package/backend/src/services/database/database.service.ts +127 -0
package/backend/src/services/email/email.service.ts +5 -7
package/backend/src/services/realtime/index.ts +3 -0
package/backend/src/services/realtime/realtime-auth.service.ts +104 -0
package/backend/src/services/realtime/realtime-channel.service.ts +237 -0
package/backend/src/services/realtime/realtime-message.service.ts +260 -0
package/backend/src/types/auth.ts +11 -0
package/backend/src/types/realtime.ts +18 -0
package/backend/src/types/socket.ts +7 -31
package/backend/src/utils/cookies.ts +35 -0
package/backend/src/utils/s3-config-loader.ts +64 -0
package/backend/src/utils/seed.ts +301 -298
package/backend/src/utils/sql-parser.ts +90 -0
package/backend/tests/README.md +133 -133
package/backend/tests/cleanup-all-test-data.sh +230 -230
package/backend/tests/cloud/test-s3-multitenant.sh +131 -131
package/backend/tests/local/comprehensive-curl-tests.sh +155 -155
package/backend/tests/local/test-ai-config.sh +129 -129
package/backend/tests/local/test-ai-usage.sh +80 -80
package/backend/tests/local/test-auth-router.sh +143 -143
package/backend/tests/local/test-database-router.sh +222 -222
package/backend/tests/local/test-e2e.sh +240 -240
package/backend/tests/local/test-fk-errors.sh +96 -96
package/backend/tests/local/test-functions.sh +123 -123
package/backend/tests/local/test-id-field.sh +200 -200
package/backend/tests/local/test-logs.sh +132 -132
package/backend/tests/local/test-public-bucket.sh +264 -264
package/backend/tests/local/test-secrets.sh +249 -249
package/backend/tests/local/test-serverless-functions.sh.disabled +325 -325
package/backend/tests/local/test-traditional-rest.sh +208 -208
package/backend/tests/manual/README.md +50 -50
package/backend/tests/manual/create-large-table-simple.sql +10 -10
package/backend/tests/manual/seed-large-table.sql +100 -100
package/backend/tests/manual/setup-large-table-extras.sql +33 -33
package/backend/tests/manual/test-bulk-upsert.sh +409 -409
package/backend/tests/manual/test-database-advance.sh +296 -296
package/backend/tests/manual/test-postgrest-stability.sh +191 -191
package/backend/tests/manual/test-rawsql-export-import.sh +411 -411
package/backend/tests/manual/test-rawsql-modes.sh +244 -244
package/backend/tests/manual/test-universal-storage.sh +263 -263
package/backend/tests/manual/test-users.sql +17 -17
package/backend/tests/run-all-tests.sh +139 -139
package/backend/tests/setup.ts +0 -0
package/backend/tests/test-config.sh +338 -338
package/backend/tests/unit/analyze-query.test.ts +697 -0
package/backend/tsconfig.json +22 -22
package/claude-plugin/.claude-plugin/plugin.json +24 -24
package/claude-plugin/README.md +133 -133
package/claude-plugin/skills/insforge-schema-patterns/SKILL.md +270 -270
package/docker-compose.prod.yml +204 -200
package/docker-compose.yml +232 -228
package/docker-init/db/db-init.sql +97 -97
package/docker-init/db/jwt.sql +5 -5
package/docker-init/db/postgresql.conf +16 -16
package/docker-init/logs/vector.yml +236 -236
package/docs/README.md +44 -44
package/docs/agent-docs/real-time.md +269 -0
package/docs/changelog.mdx +119 -67
package/docs/core-concepts/ai/architecture.mdx +372 -372
package/docs/core-concepts/ai/sdk.mdx +213 -213
package/docs/core-concepts/authentication/architecture.mdx +278 -278
package/docs/core-concepts/authentication/sdk.mdx +414 -414
package/docs/core-concepts/authentication/ui-components/customization.mdx +529 -529
package/docs/core-concepts/authentication/ui-components/nextjs.mdx +221 -221
package/docs/core-concepts/authentication/ui-components/react-router.mdx +184 -184
package/docs/core-concepts/authentication/ui-components/react.mdx +129 -129
package/docs/core-concepts/database/architecture.mdx +255 -255
package/docs/core-concepts/database/sdk.mdx +382 -382
package/docs/core-concepts/email/architecture.mdx +101 -0
package/docs/core-concepts/email/sdk.mdx +53 -0
package/docs/core-concepts/functions/architecture.mdx +105 -105
package/docs/core-concepts/functions/sdk.mdx +184 -184
package/docs/core-concepts/realtime/architecture.mdx +446 -0
package/docs/core-concepts/realtime/sdk.mdx +409 -0
package/docs/core-concepts/storage/architecture.mdx +243 -243
package/docs/core-concepts/storage/sdk.mdx +253 -253
package/docs/deployment/README.md +94 -94
package/docs/deployment/deploy-to-aws-ec2.md +564 -564
package/docs/deployment/deploy-to-azure-virtual-machines.md +312 -312
package/docs/deployment/deploy-to-google-cloud-compute-engine.md +613 -613
package/docs/deployment/deploy-to-render.md +441 -441
package/docs/deprecated/insforge-auth-api.md +214 -214
package/docs/deprecated/insforge-auth-sdk.md +99 -99
package/docs/deprecated/insforge-db-api.md +358 -358
package/docs/deprecated/insforge-db-sdk.md +139 -139
package/docs/deprecated/insforge-debug-sdk.md +156 -156
package/docs/deprecated/insforge-debug.md +64 -64
package/docs/deprecated/insforge-instructions.md +123 -123
package/docs/deprecated/insforge-project.md +117 -117
package/docs/deprecated/insforge-storage-api.md +278 -278
package/docs/deprecated/insforge-storage-sdk.md +158 -158
package/docs/docs.json +232 -210
package/docs/examples/framework-guides/nextjs.mdx +131 -131
package/docs/examples/framework-guides/nuxt.mdx +165 -165
package/docs/examples/framework-guides/react.mdx +165 -165
package/docs/examples/framework-guides/svelte.mdx +153 -153
package/docs/examples/framework-guides/vue.mdx +159 -159
package/docs/examples/overview.mdx +67 -67
package/docs/favicon.svg +19 -19
package/docs/images/changelog/dec-2025/ai-integration.png +0 -0
package/docs/images/changelog/dec-2025/ai-models.webp +0 -0
package/docs/images/changelog/dec-2025/alipay-payment.webp +0 -0
package/docs/images/changelog/dec-2025/apple-login.jpg +0 -0
package/docs/images/changelog/dec-2025/mcp-installer.png +0 -0
package/docs/images/changelog/dec-2025/realtime-module.jpg +0 -0
package/docs/images/icons/ai.svg +4 -4
package/docs/images/logos/nextjs.svg +4 -4
package/docs/images/logos/nuxt.svg +4 -4
package/docs/images/logos/react.svg +5 -5
package/docs/images/logos/svelte.svg +4 -4
package/docs/images/logos/vue.svg +5 -5
package/docs/insforge-instructions-sdk.md +89 -88
package/docs/introduction.mdx +45 -45
package/docs/logo/dark.svg +22 -22
package/docs/logo/light.svg +20 -20
package/docs/partnership.mdx +651 -646
package/docs/quickstart.mdx +82 -82
package/docs/showcase.mdx +52 -52
package/docs/snippets/sdk-installation.mdx +21 -21
package/docs/snippets/service-icons.mdx +27 -27
package/examples/oauth/frontend-oauth-example.html +250 -250
package/examples/response-examples.md +443 -443
package/frontend/components.json +17 -17
package/frontend/package.json +69 -69
package/frontend/src/assets/icons/checkbox_checked.svg +6 -6
package/frontend/src/assets/icons/checkbox_undetermined.svg +6 -6
package/frontend/src/assets/icons/checked.svg +3 -3
package/frontend/src/assets/icons/connected.svg +3 -3
package/frontend/src/assets/icons/error.svg +3 -3
package/frontend/src/assets/icons/loader.svg +9 -9
package/frontend/src/assets/icons/pencil.svg +4 -4
package/frontend/src/assets/icons/refresh.svg +4 -4
package/frontend/src/assets/icons/step_active.svg +3 -3
package/frontend/src/assets/icons/step_inactive.svg +11 -11
package/frontend/src/assets/icons/warning.svg +3 -3
package/frontend/src/assets/logos/apple.svg +3 -3
package/frontend/src/assets/logos/claude_code.svg +3 -3
package/frontend/src/assets/logos/cline.svg +6 -6
package/frontend/src/assets/logos/cursor.svg +20 -20
package/frontend/src/assets/logos/discord.svg +8 -8
package/frontend/src/assets/logos/facebook.svg +3 -3
package/frontend/src/assets/logos/gemini.svg +19 -19
package/frontend/src/assets/logos/github.svg +5 -5
package/frontend/src/assets/logos/google.svg +13 -13
package/frontend/src/assets/logos/grok.svg +10 -10
package/frontend/src/assets/logos/insforge_dark.svg +15 -15
package/frontend/src/assets/logos/insforge_light.svg +15 -15
package/frontend/src/assets/logos/instagram.svg +1 -1
package/frontend/src/assets/logos/linkedin.svg +3 -3
package/frontend/src/assets/logos/openai.svg +10 -10
package/frontend/src/assets/logos/roo_code.svg +9 -9
package/frontend/src/assets/logos/spotify.svg +16 -16
package/frontend/src/assets/logos/tiktok.svg +5 -5
package/frontend/src/assets/logos/trae.svg +3 -3
package/frontend/src/assets/logos/windsurf.svg +10 -10
package/frontend/src/assets/logos/x.svg +3 -3
package/frontend/src/components/layout/AppHeader.tsx +9 -10
package/frontend/src/features/auth/components/OAuthConfigDialog.tsx +1 -0
package/frontend/src/features/auth/components/UsersDataGrid.tsx +6 -0
package/frontend/src/features/auth/helpers.tsx +8 -0
package/frontend/src/features/auth/{page → pages}/UsersPage.tsx +0 -28
package/frontend/src/features/database/components/SQLModal.tsx +75 -0
package/frontend/src/features/database/components/TableForm.tsx +0 -4
package/frontend/src/features/database/hooks/useDatabase.ts +66 -0
package/frontend/src/features/database/hooks/useTables.ts +32 -28
package/frontend/src/features/database/index.ts +1 -0
package/frontend/src/features/database/{page → pages}/FunctionsPage.tsx +29 -37
package/frontend/src/features/database/{page → pages}/IndexesPage.tsx +35 -47
package/frontend/src/features/database/{page → pages}/PoliciesPage.tsx +43 -54
package/frontend/src/features/database/{page → pages}/TablesPage.tsx +0 -42
package/frontend/src/features/database/{page → pages}/TriggersPage.tsx +35 -47
package/frontend/src/features/database/services/advance.service.ts +0 -26
package/frontend/src/features/database/services/database.service.ts +55 -0
package/frontend/src/features/database/services/table.service.ts +0 -6
package/frontend/src/features/functions/{page → pages}/FunctionsPage.tsx +21 -44
package/frontend/src/features/functions/{page → pages}/SecretsPage.tsx +11 -9
package/frontend/src/features/logs/hooks/useMcpUsage.ts +13 -66
package/frontend/src/features/realtime/components/ChannelRow.tsx +83 -0
package/frontend/src/features/realtime/components/EditChannelModal.tsx +246 -0
package/frontend/src/features/realtime/components/MessageRow.tsx +85 -0
package/frontend/src/features/realtime/components/RealtimeEmptyState.tsx +30 -0
package/frontend/src/features/realtime/hooks/useRealtime.ts +218 -0
package/frontend/src/features/realtime/index.ts +11 -0
package/frontend/src/features/realtime/pages/RealtimeChannelsPage.tsx +172 -0
package/frontend/src/features/realtime/pages/RealtimeMessagesPage.tsx +211 -0
package/frontend/src/features/realtime/pages/RealtimePermissionsPage.tsx +191 -0
package/frontend/src/features/realtime/services/realtime.service.ts +107 -0
package/frontend/src/features/storage/{page → pages}/StoragePage.tsx +1 -29
package/frontend/src/features/visualizer/components/SchemaVisualizer.tsx +3 -3
package/frontend/src/features/visualizer/{page → pages}/VisualizerPage.tsx +1 -35
package/frontend/src/lib/contexts/SocketContext.tsx +119 -75
package/frontend/src/lib/routing/AppRoutes.tsx +35 -20
package/frontend/src/lib/utils/cloudMessaging.ts +1 -1
package/frontend/src/lib/utils/menuItems.ts +24 -0
package/frontend/src/lib/utils/utils.ts +14 -1
package/frontend/tsconfig.json +25 -25
package/frontend/tsconfig.node.json +9 -9
package/functions/deno.json +24 -24
package/functions/server.ts +315 -315
package/i18n/README.ar.md +130 -130
package/i18n/README.de.md +130 -130
package/i18n/README.es.md +154 -154
package/i18n/README.fr.md +134 -134
package/i18n/README.hi.md +129 -129
package/i18n/README.ja.md +174 -174
package/i18n/README.ko.md +136 -136
package/i18n/README.pt-BR.md +131 -131
package/i18n/README.ru.md +129 -129
package/i18n/README.zh-CN.md +133 -133
package/openapi/ai.yaml +715 -715
package/openapi/auth.yaml +1244 -1244
package/openapi/email.yaml +158 -0
package/openapi/functions.yaml +475 -475
package/openapi/health.yaml +29 -29
package/openapi/logs.yaml +223 -223
package/openapi/metadata.yaml +177 -177
package/openapi/realtime.yaml +699 -0
package/openapi/records.yaml +381 -381
package/openapi/secrets.yaml +370 -370
package/openapi/storage.yaml +875 -875
package/openapi/tables.yaml +463 -463
package/package.json +97 -97
package/shared-schemas/package.json +31 -31
package/shared-schemas/src/ai.schema.ts +63 -59
package/shared-schemas/src/auth-api.schema.ts +352 -339
package/shared-schemas/src/auth.schema.ts +1 -1
package/shared-schemas/src/database-api.schema.ts +32 -1
package/shared-schemas/src/database.schema.ts +39 -0
package/shared-schemas/src/docs.schema.ts +26 -0
package/shared-schemas/src/email-api.schema.ts +30 -0
package/shared-schemas/src/index.ts +4 -0
package/shared-schemas/src/metadata.schema.ts +9 -0
package/shared-schemas/src/realtime-api.schema.ts +111 -0
package/shared-schemas/src/realtime.schema.ts +143 -0
package/shared-schemas/tsconfig.json +21 -21
package/tsconfig.json +7 -7
package/zeabur/README.md +13 -13
package/zeabur/template.yml +1032 -1032
package/.cursor/rules/cursor-rules.mdc +0 -94
package/frontend/src/features/database/hooks/useFullMetadata.ts +0 -18
package/test-gemini.sh +0 -35
package/test-usage-admin.sh +0 -57
package/test-usage.sh +0 -50
/package/frontend/src/features/ai/{page → pages}/AIPage.tsx +0 -0
/package/frontend/src/features/auth/{page → pages}/AuthMethodsPage.tsx +0 -0
/package/frontend/src/features/auth/{page → pages}/ConfigurationPage.tsx +0 -0
/package/frontend/src/features/dashboard/{page → pages}/DashboardPage.tsx +0 -0
/package/frontend/src/features/database/{page → pages}/SQLEditorPage.tsx +0 -0
/package/frontend/src/features/database/{page → pages}/TemplatesPage.tsx +0 -0
/package/frontend/src/features/login/{page → pages}/CloudLoginPage.tsx +0 -0
/package/frontend/src/features/login/{page → pages}/LoginPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/AuditsPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/LogsPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/MCPLogsPage.tsx +0 -0

package/backend/src/services/ai/chat-completion.service.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import OpenAI from 'openai';
 import { AIUsageService } from './ai-usage.service.js';
 import { AIConfigService } from './ai-config.service.js';
-import { AIClientService } from '@/providers/ai/openrouter.provider.js';
+import { OpenRouterProvider } from '@/providers/ai/openrouter.provider.js';
 import type {
   AIConfigurationSchema,
   ChatCompletionResponse,
@@ -14,7 +14,7 @@ export class ChatCompletionService {
   private static instance: ChatCompletionService;
   private aiUsageService = AIUsageService.getInstance();
   private aiConfigService = AIConfigService.getInstance();
-  private aiClientService = AIClientService.getInstance();
+  private openRouterProvider = OpenRouterProvider.getInstance();
   private constructor() {}
@@ -106,7 +106,7 @@ export class ChatCompletionService {
       };
       // Send request with automatic renewal and retry logic
-      const response = await this.aiClientService.sendRequest((client) =>
+      const response = await this.openRouterProvider.sendRequest((client) =>
         client.chat.completions.create(request)
       );
@@ -173,7 +173,7 @@ export class ChatCompletionService {
       };
       // Send request with automatic renewal and retry logic
-      const stream = await this.aiClientService.sendRequest((client) =>
+      const stream = await this.openRouterProvider.sendRequest((client) =>
         client.chat.completions.create(request)
       );

package/backend/src/services/ai/image-generation.service.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import OpenAI from 'openai';
 import { AIUsageService } from './ai-usage.service.js';
 import { AIConfigService } from './ai-config.service.js';
-import { AIClientService } from '@/providers/ai/openrouter.provider.js';
+import { OpenRouterProvider } from '@/providers/ai/openrouter.provider.js';
 import type {
   AIConfigurationSchema,
   ImageGenerationRequest,
@@ -14,7 +14,7 @@ import { OpenRouterImageMessage } from '@/types/ai.js';
 export class ImageGenerationService {
   private static aiUsageService = AIUsageService.getInstance();
   private static aiConfigService = AIConfigService.getInstance();
-  private static aiClientService = AIClientService.getInstance();
+  private static openRouterProvider = OpenRouterProvider.getInstance();
   /**
    * Validate model and get config
@@ -75,7 +75,7 @@ export class ImageGenerationService {
       };
       // Send request with automatic renewal and retry logic
-      const response = (await this.aiClientService.sendRequest((client) =>
+      const response = (await this.openRouterProvider.sendRequest((client) =>
         client.chat.completions.create(
           request as OpenAI.Chat.ChatCompletionCreateParamsNonStreaming
         )

package/backend/src/services/auth/auth.service.ts CHANGED Viewed

@@ -33,6 +33,7 @@ import {
   LinkedInUserInfo,
   DiscordUserInfo,
   XUserInfo,
+  AppleUserInfo,
   UserRecord,
   OAuthUserData,
 } from '@/types/auth.js';
@@ -42,6 +43,7 @@ import { AppError } from '@/api/middlewares/error.js';
 import { ERROR_CODES } from '@/types/error-constants.js';
 import { EmailService } from '@/services/email/email.service.js';
 import { XOAuthProvider } from '@/providers/oauth/x.provider.js';
+import { AppleOAuthProvider } from '@/providers/oauth/apple.provider.js';
 /**
  * Simplified JWT-based auth service
@@ -62,6 +64,7 @@ export class AuthService {
   private facebookOAuthProvider: FacebookOAuthProvider;
   private microsoftOAuthProvider: MicrosoftOAuthProvider;
   private xOAuthProvider: XOAuthProvider;
+  private appleOAuthProvider: AppleOAuthProvider;
   private constructor() {
     this.adminEmail = process.env.ADMIN_EMAIL ?? '';
@@ -82,6 +85,7 @@ export class AuthService {
     this.facebookOAuthProvider = FacebookOAuthProvider.getInstance();
     this.microsoftOAuthProvider = MicrosoftOAuthProvider.getInstance();
     this.xOAuthProvider = XOAuthProvider.getInstance();
+    this.appleOAuthProvider = AppleOAuthProvider.getInstance();
     logger.info('AuthService initialized');
   }
@@ -670,6 +674,7 @@ export class AuthService {
       | MicrosoftUserInfo
       | FacebookUserInfo
       | XUserInfo
+      | AppleUserInfo
       | Record<string, unknown>
   ): Promise<CreateSessionResponse> {
     const pool = this.getPool();
@@ -777,6 +782,7 @@ export class AuthService {
       | MicrosoftUserInfo
       | FacebookUserInfo
       | XUserInfo
+      | AppleUserInfo
       | Record<string, unknown>,
     avatarUrl: string
   ): Promise<CreateSessionResponse> {
@@ -870,6 +876,8 @@ export class AuthService {
         return this.microsoftOAuthProvider.generateOAuthUrl(state);
       case 'x':
         return this.xOAuthProvider.generateOAuthUrl(state);
+      case 'apple':
+        return this.appleOAuthProvider.generateOAuthUrl(state);
       default:
         throw new Error(`OAuth provider ${provider} is not implemented yet.`);
     }
@@ -906,6 +914,9 @@ export class AuthService {
       case 'x':
         userData = await this.xOAuthProvider.handleCallback(payload);
         break;
+      case 'apple':
+        userData = await this.appleOAuthProvider.handleCallback(payload);
+        break;
       default:
         throw new Error(`OAuth provider ${provider} is not implemented yet.`);
     }
@@ -949,6 +960,9 @@ export class AuthService {
       case 'x':
         userData = this.xOAuthProvider.handleSharedCallback(payloadData);
         break;
+      case 'apple':
+        userData = this.appleOAuthProvider.handleSharedCallback(payloadData);
+        break;
       case 'microsoft':
       default:
         throw new Error(`OAuth provider ${provider} is not supported for shared callback.`);

package/backend/src/services/database/database-table.service.ts CHANGED Viewed

@@ -268,15 +268,6 @@ export class DatabaseTableService {
     }
   }
-  /**
-   * Get all table schemas
-   */
-  async getAllTableSchemas(): Promise<GetTableSchemaResponse[]> {
-    const tables = await this.listTables();
-    const schemas = await Promise.all(tables.map((table) => this.getTableSchema(table)));
-    return schemas;
-  }
   /**
    * Get table schema
    */

package/backend/src/services/database/database.service.ts ADDED Viewed

@@ -0,0 +1,127 @@
+import { DatabaseManager } from '@/infra/database/database.manager.js';
+import type {
+  DatabaseFunctionsResponse,
+  DatabaseIndexesResponse,
+  DatabasePoliciesResponse,
+  DatabaseTriggersResponse,
+} from '@insforge/shared-schemas';
+export class DatabaseService {
+  private static instance: DatabaseService;
+  private dbManager = DatabaseManager.getInstance();
+  private constructor() {}
+  public static getInstance(): DatabaseService {
+    if (!DatabaseService.instance) {
+      DatabaseService.instance = new DatabaseService();
+    }
+    return DatabaseService.instance;
+  }
+  /**
+   * Get all database functions (excluding system and extension functions)
+   */
+  async getFunctions(): Promise<DatabaseFunctionsResponse> {
+    const pool = this.dbManager.getPool();
+    const result = await pool.query(`
+      SELECT
+        p.proname as "functionName",
+        pg_get_functiondef(p.oid) as "functionDef",
+        p.prokind as "kind"
+      FROM pg_proc p
+      JOIN pg_namespace n ON p.pronamespace = n.oid
+      WHERE n.nspname = 'public'
+        AND p.prokind IN ('f', 'p', 'w')
+        AND NOT EXISTS (
+          SELECT 1 FROM pg_depend d
+          JOIN pg_extension e ON d.refobjid = e.oid
+          WHERE d.objid = p.oid
+        )
+      ORDER BY p.proname
+    `);
+    return {
+      functions: result.rows,
+    };
+  }
+  /**
+   * Get all indexes across all tables (excluding system tables)
+   */
+  async getIndexes(): Promise<DatabaseIndexesResponse> {
+    const pool = this.dbManager.getPool();
+    const result = await pool.query(`
+      SELECT
+        pi.tablename as "tableName",
+        pi.indexname as "indexName",
+        pi.indexdef as "indexDef",
+        idx.indisunique as "isUnique",
+        idx.indisprimary as "isPrimary"
+      FROM pg_indexes pi
+      JOIN pg_class cls ON cls.relname = pi.indexname
+        AND cls.relnamespace = (SELECT oid FROM pg_namespace WHERE nspname = pi.schemaname)
+      JOIN pg_index idx ON idx.indexrelid = cls.oid
+      WHERE pi.schemaname = 'public'
+        AND pi.tablename NOT LIKE '\\_%' ESCAPE '\\'
+      ORDER BY pi.tablename, pi.indexname
+    `);
+    return {
+      indexes: result.rows,
+    };
+  }
+  /**
+   * Get all RLS policies across all tables (excluding system tables)
+   */
+  async getPolicies(): Promise<DatabasePoliciesResponse> {
+    const pool = this.dbManager.getPool();
+    const result = await pool.query(`
+      SELECT
+        tablename as "tableName",
+        policyname as "policyName",
+        cmd,
+        roles,
+        qual,
+        with_check as "withCheck"
+      FROM pg_policies
+      WHERE schemaname = 'public'
+        AND tablename NOT LIKE '\\_%' ESCAPE '\\'
+      ORDER BY tablename, policyname
+    `);
+    return {
+      policies: result.rows,
+    };
+  }
+  /**
+   * Get all triggers across all tables (excluding system tables)
+   */
+  async getTriggers(): Promise<DatabaseTriggersResponse> {
+    const pool = this.dbManager.getPool();
+    const result = await pool.query(`
+      SELECT
+        event_object_table as "tableName",
+        trigger_name as "triggerName",
+        action_timing as "actionTiming",
+        event_manipulation as "eventManipulation",
+        action_orientation as "actionOrientation",
+        action_condition as "actionCondition",
+        action_statement as "actionStatement"
+      FROM information_schema.triggers
+      WHERE event_object_schema = 'public'
+        AND event_object_table NOT LIKE '\\_%' ESCAPE '\\'
+      ORDER BY event_object_table, trigger_name
+    `);
+    return {
+      triggers: result.rows,
+    };
+  }
+}

package/backend/src/services/email/email.service.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import { EmailProvider } from '@/providers/email/base.provider.js';
 import { CloudEmailProvider } from '@/providers/email/cloud.provider.js';
 import { EmailTemplate } from '@/types/email.js';
+import { SendRawEmailRequest } from '@insforge/shared-schemas';
 import logger from '@/utils/logger.js';
 /**
@@ -53,17 +54,14 @@ export class EmailService {
   }
   /**
-   * Send raw email (if provider supports it)
-   * @param to - Recipient email address
-   * @param subject - Email subject
-   * @param html - HTML email body
-   * @param text - Plain text email body (optional)
+   * Send custom/raw email
+   * @param options - Email options (to, subject, html, cc, bcc, from, replyTo)
    */
-  public async sendRaw(to: string, subject: string, html: string, text?: string): Promise<void> {
+  public async sendRaw(options: SendRawEmailRequest): Promise<void> {
     if (!this.provider.sendRaw) {
       throw new Error('Current email provider does not support raw email sending');
     }
-    return this.provider.sendRaw(to, subject, html, text);
+    return this.provider.sendRaw(options);
   }
   /**

package/backend/src/services/realtime/index.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export { RealtimeChannelService } from './realtime-channel.service.js';
+export { RealtimeAuthService } from './realtime-auth.service.js';
+export { RealtimeMessageService } from './realtime-message.service.js';

package/backend/src/services/realtime/realtime-auth.service.ts ADDED Viewed

@@ -0,0 +1,104 @@
+import { Pool, PoolClient } from 'pg';
+import { DatabaseManager } from '@/infra/database/database.manager.js';
+import logger from '@/utils/logger.js';
+import { RoleSchema } from '@insforge/shared-schemas';
+/**
+ * Handles channel authorization by checking RLS policies on the messages table.
+ *
+ * Permission Model (Supabase pattern):
+ * - SELECT on messages = 'join' permission (can subscribe to channel)
+ * - INSERT on messages = 'send' permission (can publish to channel)
+ *
+ * Developers define RLS policies on realtime.messages that check:
+ * - current_setting('request.jwt.claim.sub', true) = user ID
+ * - current_setting('request.jwt.claim.role', true) = user role
+ * - channel_name for channel-specific access
+ */
+export class RealtimeAuthService {
+  private static instance: RealtimeAuthService;
+  private pool: Pool | null = null;
+  private constructor() {}
+  static getInstance(): RealtimeAuthService {
+    if (!RealtimeAuthService.instance) {
+      RealtimeAuthService.instance = new RealtimeAuthService();
+    }
+    return RealtimeAuthService.instance;
+  }
+  private getPool(): Pool {
+    if (!this.pool) {
+      this.pool = DatabaseManager.getInstance().getPool();
+    }
+    return this.pool;
+  }
+  /**
+   * Check if user has permission to subscribe to a channel.
+   * Tests SELECT permission on channels table via RLS.
+   *
+   * @param channelName - The channel to check access for
+   * @param userId - The user ID (undefined for anonymous users)
+   * @param role - The database role to use (authenticated or anon)
+   * @returns true if user can subscribe, false otherwise
+   */
+  async checkSubscribePermission(
+    channelName: string,
+    userId: string | undefined,
+    role: RoleSchema
+  ): Promise<boolean> {
+    const client = await this.getPool().connect();
+    try {
+      // Begin transaction to ensure settings persist across queries
+      await client.query('BEGIN');
+      // Switch to specified role to enforce RLS policies
+      await client.query(`SET LOCAL ROLE ${role}`);
+      await this.setUserContext(client, userId, channelName);
+      // Test SELECT permission via RLS on channels table
+      const result = await client.query(
+        `SELECT 1 FROM realtime.channels
+         WHERE enabled = TRUE
+           AND (pattern = $1 OR $1 LIKE pattern)
+         LIMIT 1`,
+        [channelName]
+      );
+      // Commit transaction
+      await client.query('COMMIT');
+      // If query returns a row, user has permission
+      return result.rowCount !== null && result.rowCount > 0;
+    } catch (error) {
+      // Rollback transaction on error
+      await client.query('ROLLBACK').catch(() => {});
+      logger.debug('Subscribe permission denied', { channelName, userId, error });
+      return false;
+    } finally {
+      // Reset role back to default before releasing connection
+      await client.query('RESET ROLE');
+      client.release();
+    }
+  }
+  /**
+   * Set user context variables for RLS policy evaluation.
+   * Can be used by other services that need to execute queries with user context.
+   */
+  async setUserContext(
+    client: PoolClient,
+    userId: string | undefined,
+    channelName: string
+  ): Promise<void> {
+    if (userId) {
+      await client.query("SELECT set_config('request.jwt.claim.sub', $1, true)", [userId]);
+    } else {
+      await client.query("SELECT set_config('request.jwt.claim.sub', '', true)");
+    }
+    // Set the channel being accessed (used by realtime.channel_name())
+    await client.query("SELECT set_config('realtime.channel_name', $1, true)", [channelName]);
+  }
+}

package/backend/src/services/realtime/realtime-channel.service.ts ADDED Viewed

@@ -0,0 +1,237 @@
+import { Pool } from 'pg';
+import { DatabaseManager } from '@/infra/database/database.manager.js';
+import { AppError } from '@/api/middlewares/error.js';
+import { ERROR_CODES } from '@/types/error-constants.js';
+import logger from '@/utils/logger.js';
+import type {
+  RealtimeChannel,
+  CreateChannelRequest,
+  UpdateChannelRequest,
+  RealtimeMetadataSchema,
+  RlsPolicy,
+  RealtimePermissionsResponse,
+} from '@insforge/shared-schemas';
+const SYSTEM_POLICIES = ['project_admin_policy'];
+export class RealtimeChannelService {
+  private static instance: RealtimeChannelService;
+  private pool: Pool | null = null;
+  private constructor() {}
+  static getInstance(): RealtimeChannelService {
+    if (!RealtimeChannelService.instance) {
+      RealtimeChannelService.instance = new RealtimeChannelService();
+    }
+    return RealtimeChannelService.instance;
+  }
+  private getPool(): Pool {
+    if (!this.pool) {
+      this.pool = DatabaseManager.getInstance().getPool();
+    }
+    return this.pool;
+  }
+  async list(): Promise<RealtimeChannel[]> {
+    const result = await this.getPool().query(`
+      SELECT
+        id,
+        pattern,
+        description,
+        webhook_urls as "webhookUrls",
+        enabled,
+        created_at as "createdAt",
+        updated_at as "updatedAt"
+      FROM realtime.channels
+      ORDER BY created_at DESC
+    `);
+    return result.rows;
+  }
+  async getById(id: string): Promise<RealtimeChannel | null> {
+    const result = await this.getPool().query(
+      `SELECT
+        id,
+        pattern,
+        description,
+        webhook_urls as "webhookUrls",
+        enabled,
+        created_at as "createdAt",
+        updated_at as "updatedAt"
+      FROM realtime.channels
+      WHERE id = $1`,
+      [id]
+    );
+    return result.rows[0] || null;
+  }
+  /**
+   * Find a channel by name (exact match or wildcard pattern match).
+   * For wildcard patterns like "order:%", checks if channelName matches the pattern.
+   * Returns the matching channel if found and enabled, null otherwise.
+   */
+  async getByName(channelName: string): Promise<RealtimeChannel | null> {
+    const result = await this.getPool().query(
+      `SELECT
+        id,
+        pattern,
+        description,
+        webhook_urls as "webhookUrls",
+        enabled,
+        created_at as "createdAt",
+        updated_at as "updatedAt"
+      FROM realtime.channels
+      WHERE enabled = TRUE
+        AND (pattern = $1 OR $1 LIKE pattern)
+      ORDER BY pattern = $1 DESC
+      LIMIT 1`,
+      [channelName]
+    );
+    return result.rows[0] || null;
+  }
+  async create(input: CreateChannelRequest): Promise<RealtimeChannel> {
+    this.validateChannelPattern(input.pattern);
+    const result = await this.getPool().query(
+      `INSERT INTO realtime.channels (
+        pattern, description, webhook_urls, enabled
+      ) VALUES ($1, $2, $3, $4)
+      RETURNING
+        id,
+        pattern,
+        description,
+        webhook_urls as "webhookUrls",
+        enabled,
+        created_at as "createdAt",
+        updated_at as "updatedAt"`,
+      [input.pattern, input.description || null, input.webhookUrls || null, input.enabled ?? true]
+    );
+    logger.info('Realtime channel created', { pattern: input.pattern });
+    return result.rows[0];
+  }
+  async update(id: string, input: UpdateChannelRequest): Promise<RealtimeChannel> {
+    const existing = await this.getById(id);
+    if (!existing) {
+      throw new AppError('Channel not found', 404, ERROR_CODES.NOT_FOUND);
+    }
+    if (input.pattern) {
+      this.validateChannelPattern(input.pattern);
+    }
+    const result = await this.getPool().query(
+      `UPDATE realtime.channels
+       SET
+         pattern = COALESCE($2, pattern),
+         description = COALESCE($3, description),
+         webhook_urls = COALESCE($4, webhook_urls),
+         enabled = COALESCE($5, enabled)
+       WHERE id = $1
+       RETURNING
+         id,
+         pattern,
+         description,
+         webhook_urls as "webhookUrls",
+         enabled,
+         created_at as "createdAt",
+         updated_at as "updatedAt"`,
+      [id, input.pattern, input.description, input.webhookUrls, input.enabled]
+    );
+    logger.info('Realtime channel updated', { id });
+    return result.rows[0];
+  }
+  async delete(id: string): Promise<void> {
+    const existing = await this.getById(id);
+    if (!existing) {
+      throw new AppError('Channel not found', 404, ERROR_CODES.NOT_FOUND);
+    }
+    await this.getPool().query('DELETE FROM realtime.channels WHERE id = $1', [id]);
+    logger.info('Realtime channel deleted', { id, pattern: existing.pattern });
+  }
+  /**
+   * Get realtime metadata including channels and permissions
+   */
+  async getMetadata(): Promise<RealtimeMetadataSchema> {
+    const [channels, permissions] = await Promise.all([this.list(), this.getPermissions()]);
+    return {
+      channels,
+      permissions,
+    };
+  }
+  // ============================================================================
+  // Permissions Methods
+  // ============================================================================
+  /**
+   * Get RLS policies for a table in the realtime schema, excluding system policies
+   */
+  private async getPolicies(tableName: string): Promise<RlsPolicy[]> {
+    const result = await this.getPool().query(
+      `SELECT
+         policyname as "policyName",
+         tablename as "tableName",
+         cmd as "command",
+         roles,
+         qual as "using",
+         with_check as "withCheck"
+       FROM pg_policies
+       WHERE schemaname = 'realtime'
+         AND tablename = $1
+       ORDER BY policyname`,
+      [tableName]
+    );
+    // Filter out system policies
+    return result.rows.filter((policy) => !SYSTEM_POLICIES.includes(policy.policyName));
+  }
+  /**
+   * Get all realtime permissions (RLS policies for channels and messages tables)
+   *
+   * - Subscribe permission: RLS policies on realtime.channels (SELECT)
+   * - Publish permission: RLS policies on realtime.messages (INSERT)
+   */
+  async getPermissions(): Promise<RealtimePermissionsResponse> {
+    const [channelsPolicies, messagesPolicies] = await Promise.all([
+      this.getPolicies('channels'),
+      this.getPolicies('messages'),
+    ]);
+    return {
+      subscribe: {
+        policies: channelsPolicies,
+      },
+      publish: {
+        policies: messagesPolicies,
+      },
+    };
+  }
+  // ============================================================================
+  // Validation
+  // ============================================================================
+  private validateChannelPattern(pattern: string): void {
+    // Allow alphanumeric, colons, hyphens, and % for wildcards
+    // Note: underscore is not allowed as it's a SQL wildcard character
+    const validPattern = /^[a-zA-Z0-9-]+(:[a-zA-Z0-9%:-]+)*$/;
+    if (!validPattern.test(pattern)) {
+      throw new AppError(
+        'Invalid channel pattern. Use alphanumeric characters, colons, hyphens, and % for wildcards.',
+        400,
+        ERROR_CODES.INVALID_INPUT
+      );
+    }
+  }
+}