npm - insforge - Versions diffs - 1.2.10 → 1.3.0 - Mend

insforge 1.2.10 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (335) hide show

package/.claude-plugin/marketplace.json +20 -20
package/.dockerignore +60 -60
package/.env.example +83 -77
package/.github/ISSUE_TEMPLATE/bug_report.yml +36 -36
package/.github/ISSUE_TEMPLATE/config.yml +11 -11
package/.github/ISSUE_TEMPLATE/feature_request.yml +26 -26
package/.github/PULL_REQUEST_TEMPLATE.md +7 -7
package/.github/copilot-instructions.md +146 -146
package/.github/workflows/build-image.yml +65 -65
package/.github/workflows/ci-premerge-check.yml +23 -23
package/.github/workflows/e2e.yml +63 -63
package/.github/workflows/lint-and-format.yml +32 -32
package/.prettierignore +64 -64
package/CHANGELOG.md +44 -44
package/CLAUDE_PLUGIN.md +104 -104
package/CODE_OF_CONDUCT.md +128 -128
package/CONTRIBUTING.md +125 -125
package/Dockerfile +30 -30
package/GITHUB_OAUTH_SETUP.md +49 -49
package/GOOGLE_OAUTH_SETUP.md +148 -148
package/LICENSE +201 -201
package/README.md +182 -182
package/assets/Dark.svg +23 -23
package/auth/package.json +28 -28
package/auth/src/lib/broadcastService.ts +117 -115
package/auth/src/pages/SignInPage.tsx +60 -57
package/auth/src/pages/SignUpPage.tsx +60 -57
package/auth/tsconfig.json +32 -32
package/auth/tsconfig.node.json +11 -11
package/backend/package.json +78 -75
package/backend/src/api/routes/ai/index.routes.ts +3 -3
package/backend/src/api/routes/auth/index.routes.ts +667 -570
package/backend/src/api/routes/auth/oauth.routes.ts +473 -448
package/backend/src/api/routes/database/advance.routes.ts +37 -16
package/backend/src/api/routes/database/index.routes.ts +78 -1
package/backend/src/api/routes/database/records.routes.ts +10 -10
package/backend/src/api/routes/database/tables.routes.ts +0 -14
package/backend/src/api/routes/docs/index.routes.ts +75 -76
package/backend/src/api/routes/email/index.routes.ts +35 -0
package/backend/src/api/routes/functions/index.routes.ts +18 -12
package/backend/src/api/routes/metadata/index.routes.ts +12 -0
package/backend/src/api/routes/realtime/channels.routes.ts +81 -0
package/backend/src/api/routes/realtime/index.routes.ts +12 -0
package/backend/src/api/routes/realtime/messages.routes.ts +48 -0
package/backend/src/api/routes/realtime/permissions.routes.ts +19 -0
package/backend/src/api/routes/storage/index.routes.ts +18 -12
package/backend/src/api/routes/usage/index.routes.ts +6 -4
package/backend/src/infra/database/database.manager.ts +14 -1
package/backend/src/infra/database/migrations/000_create-base-tables.sql +141 -141
package/backend/src/infra/database/migrations/001_create-helper-functions.sql +40 -40
package/backend/src/infra/database/migrations/002_rename-auth-tables.sql +29 -29
package/backend/src/infra/database/migrations/003_create-users-table.sql +55 -55
package/backend/src/infra/database/migrations/004_add-reload-postgrest-func.sql +23 -23
package/backend/src/infra/database/migrations/005_enable-project-admin-modify-users.sql +29 -29
package/backend/src/infra/database/migrations/006_modify-ai-usage-table.sql +24 -24
package/backend/src/infra/database/migrations/007_drop-metadata-table.sql +1 -1
package/backend/src/infra/database/migrations/008_add-system-tables.sql +76 -76
package/backend/src/infra/database/migrations/009_add-function-secrets.sql +23 -23
package/backend/src/infra/database/migrations/010_modify-ai-config-modalities.sql +93 -93
package/backend/src/infra/database/migrations/011_refactor-secrets-table.sql +15 -15
package/backend/src/infra/database/migrations/012_add-storage-uploaded-by.sql +7 -7
package/backend/src/infra/database/migrations/013_create-auth-schema-functions.sql +44 -44
package/backend/src/infra/database/migrations/014_add-updated-at-trigger-user-table.sql +7 -7
package/backend/src/infra/database/migrations/015_create-auth-config-and-email-otp-tables.sql +59 -59
package/backend/src/infra/database/migrations/016_update-auth-config-and-email-otp.sql +24 -24
package/backend/src/infra/database/migrations/017_create-realtime-schema.sql +233 -0
package/backend/src/infra/realtime/realtime.manager.ts +246 -0
package/backend/src/infra/realtime/webhook-sender.ts +82 -0
package/backend/src/infra/security/token.manager.ts +219 -125
package/backend/src/infra/socket/socket.manager.ts +198 -64
package/backend/src/providers/ai/openrouter.provider.ts +12 -9
package/backend/src/providers/email/base.provider.ts +4 -7
package/backend/src/providers/email/cloud.provider.ts +84 -0
package/backend/src/providers/oauth/apple.provider.ts +266 -0
package/backend/src/providers/oauth/index.ts +1 -0
package/backend/src/server.ts +317 -284
package/backend/src/services/ai/ai-model.service.ts +5 -5
package/backend/src/services/ai/chat-completion.service.ts +4 -4
package/backend/src/services/ai/image-generation.service.ts +3 -3
package/backend/src/services/auth/auth.service.ts +14 -0
package/backend/src/services/database/database-table.service.ts +0 -9
package/backend/src/services/database/database.service.ts +127 -0
package/backend/src/services/email/email.service.ts +5 -7
package/backend/src/services/realtime/index.ts +3 -0
package/backend/src/services/realtime/realtime-auth.service.ts +104 -0
package/backend/src/services/realtime/realtime-channel.service.ts +237 -0
package/backend/src/services/realtime/realtime-message.service.ts +260 -0
package/backend/src/types/auth.ts +11 -0
package/backend/src/types/realtime.ts +18 -0
package/backend/src/types/socket.ts +7 -31
package/backend/src/utils/cookies.ts +35 -0
package/backend/src/utils/s3-config-loader.ts +64 -0
package/backend/src/utils/seed.ts +301 -298
package/backend/src/utils/sql-parser.ts +90 -0
package/backend/tests/README.md +133 -133
package/backend/tests/cleanup-all-test-data.sh +230 -230
package/backend/tests/cloud/test-s3-multitenant.sh +131 -131
package/backend/tests/local/comprehensive-curl-tests.sh +155 -155
package/backend/tests/local/test-ai-config.sh +129 -129
package/backend/tests/local/test-ai-usage.sh +80 -80
package/backend/tests/local/test-auth-router.sh +143 -143
package/backend/tests/local/test-database-router.sh +222 -222
package/backend/tests/local/test-e2e.sh +240 -240
package/backend/tests/local/test-fk-errors.sh +96 -96
package/backend/tests/local/test-functions.sh +123 -123
package/backend/tests/local/test-id-field.sh +200 -200
package/backend/tests/local/test-logs.sh +132 -132
package/backend/tests/local/test-public-bucket.sh +264 -264
package/backend/tests/local/test-secrets.sh +249 -249
package/backend/tests/local/test-serverless-functions.sh.disabled +325 -325
package/backend/tests/local/test-traditional-rest.sh +208 -208
package/backend/tests/manual/README.md +50 -50
package/backend/tests/manual/create-large-table-simple.sql +10 -10
package/backend/tests/manual/seed-large-table.sql +100 -100
package/backend/tests/manual/setup-large-table-extras.sql +33 -33
package/backend/tests/manual/test-bulk-upsert.sh +409 -409
package/backend/tests/manual/test-database-advance.sh +296 -296
package/backend/tests/manual/test-postgrest-stability.sh +191 -191
package/backend/tests/manual/test-rawsql-export-import.sh +411 -411
package/backend/tests/manual/test-rawsql-modes.sh +244 -244
package/backend/tests/manual/test-universal-storage.sh +263 -263
package/backend/tests/manual/test-users.sql +17 -17
package/backend/tests/run-all-tests.sh +139 -139
package/backend/tests/setup.ts +0 -0
package/backend/tests/test-config.sh +338 -338
package/backend/tests/unit/analyze-query.test.ts +697 -0
package/backend/tsconfig.json +22 -22
package/claude-plugin/.claude-plugin/plugin.json +24 -24
package/claude-plugin/README.md +133 -133
package/claude-plugin/skills/insforge-schema-patterns/SKILL.md +270 -270
package/docker-compose.prod.yml +204 -200
package/docker-compose.yml +232 -228
package/docker-init/db/db-init.sql +97 -97
package/docker-init/db/jwt.sql +5 -5
package/docker-init/db/postgresql.conf +16 -16
package/docker-init/logs/vector.yml +236 -236
package/docs/README.md +44 -44
package/docs/agent-docs/real-time.md +269 -0
package/docs/changelog.mdx +119 -67
package/docs/core-concepts/ai/architecture.mdx +372 -372
package/docs/core-concepts/ai/sdk.mdx +213 -213
package/docs/core-concepts/authentication/architecture.mdx +278 -278
package/docs/core-concepts/authentication/sdk.mdx +414 -414
package/docs/core-concepts/authentication/ui-components/customization.mdx +529 -529
package/docs/core-concepts/authentication/ui-components/nextjs.mdx +221 -221
package/docs/core-concepts/authentication/ui-components/react-router.mdx +184 -184
package/docs/core-concepts/authentication/ui-components/react.mdx +129 -129
package/docs/core-concepts/database/architecture.mdx +255 -255
package/docs/core-concepts/database/sdk.mdx +382 -382
package/docs/core-concepts/email/architecture.mdx +101 -0
package/docs/core-concepts/email/sdk.mdx +53 -0
package/docs/core-concepts/functions/architecture.mdx +105 -105
package/docs/core-concepts/functions/sdk.mdx +184 -184
package/docs/core-concepts/realtime/architecture.mdx +446 -0
package/docs/core-concepts/realtime/sdk.mdx +409 -0
package/docs/core-concepts/storage/architecture.mdx +243 -243
package/docs/core-concepts/storage/sdk.mdx +253 -253
package/docs/deployment/README.md +94 -94
package/docs/deployment/deploy-to-aws-ec2.md +564 -564
package/docs/deployment/deploy-to-azure-virtual-machines.md +312 -312
package/docs/deployment/deploy-to-google-cloud-compute-engine.md +613 -613
package/docs/deployment/deploy-to-render.md +441 -441
package/docs/deprecated/insforge-auth-api.md +214 -214
package/docs/deprecated/insforge-auth-sdk.md +99 -99
package/docs/deprecated/insforge-db-api.md +358 -358
package/docs/deprecated/insforge-db-sdk.md +139 -139
package/docs/deprecated/insforge-debug-sdk.md +156 -156
package/docs/deprecated/insforge-debug.md +64 -64
package/docs/deprecated/insforge-instructions.md +123 -123
package/docs/deprecated/insforge-project.md +117 -117
package/docs/deprecated/insforge-storage-api.md +278 -278
package/docs/deprecated/insforge-storage-sdk.md +158 -158
package/docs/docs.json +232 -210
package/docs/examples/framework-guides/nextjs.mdx +131 -131
package/docs/examples/framework-guides/nuxt.mdx +165 -165
package/docs/examples/framework-guides/react.mdx +165 -165
package/docs/examples/framework-guides/svelte.mdx +153 -153
package/docs/examples/framework-guides/vue.mdx +159 -159
package/docs/examples/overview.mdx +67 -67
package/docs/favicon.svg +19 -19
package/docs/images/changelog/dec-2025/ai-integration.png +0 -0
package/docs/images/changelog/dec-2025/ai-models.webp +0 -0
package/docs/images/changelog/dec-2025/alipay-payment.webp +0 -0
package/docs/images/changelog/dec-2025/apple-login.jpg +0 -0
package/docs/images/changelog/dec-2025/mcp-installer.png +0 -0
package/docs/images/changelog/dec-2025/realtime-module.jpg +0 -0
package/docs/images/icons/ai.svg +4 -4
package/docs/images/logos/nextjs.svg +4 -4
package/docs/images/logos/nuxt.svg +4 -4
package/docs/images/logos/react.svg +5 -5
package/docs/images/logos/svelte.svg +4 -4
package/docs/images/logos/vue.svg +5 -5
package/docs/insforge-instructions-sdk.md +89 -88
package/docs/introduction.mdx +45 -45
package/docs/logo/dark.svg +22 -22
package/docs/logo/light.svg +20 -20
package/docs/partnership.mdx +651 -646
package/docs/quickstart.mdx +82 -82
package/docs/showcase.mdx +52 -52
package/docs/snippets/sdk-installation.mdx +21 -21
package/docs/snippets/service-icons.mdx +27 -27
package/examples/oauth/frontend-oauth-example.html +250 -250
package/examples/response-examples.md +443 -443
package/frontend/components.json +17 -17
package/frontend/package.json +69 -69
package/frontend/src/assets/icons/checkbox_checked.svg +6 -6
package/frontend/src/assets/icons/checkbox_undetermined.svg +6 -6
package/frontend/src/assets/icons/checked.svg +3 -3
package/frontend/src/assets/icons/connected.svg +3 -3
package/frontend/src/assets/icons/error.svg +3 -3
package/frontend/src/assets/icons/loader.svg +9 -9
package/frontend/src/assets/icons/pencil.svg +4 -4
package/frontend/src/assets/icons/refresh.svg +4 -4
package/frontend/src/assets/icons/step_active.svg +3 -3
package/frontend/src/assets/icons/step_inactive.svg +11 -11
package/frontend/src/assets/icons/warning.svg +3 -3
package/frontend/src/assets/logos/apple.svg +3 -3
package/frontend/src/assets/logos/claude_code.svg +3 -3
package/frontend/src/assets/logos/cline.svg +6 -6
package/frontend/src/assets/logos/cursor.svg +20 -20
package/frontend/src/assets/logos/discord.svg +8 -8
package/frontend/src/assets/logos/facebook.svg +3 -3
package/frontend/src/assets/logos/gemini.svg +19 -19
package/frontend/src/assets/logos/github.svg +5 -5
package/frontend/src/assets/logos/google.svg +13 -13
package/frontend/src/assets/logos/grok.svg +10 -10
package/frontend/src/assets/logos/insforge_dark.svg +15 -15
package/frontend/src/assets/logos/insforge_light.svg +15 -15
package/frontend/src/assets/logos/instagram.svg +1 -1
package/frontend/src/assets/logos/linkedin.svg +3 -3
package/frontend/src/assets/logos/openai.svg +10 -10
package/frontend/src/assets/logos/roo_code.svg +9 -9
package/frontend/src/assets/logos/spotify.svg +16 -16
package/frontend/src/assets/logos/tiktok.svg +5 -5
package/frontend/src/assets/logos/trae.svg +3 -3
package/frontend/src/assets/logos/windsurf.svg +10 -10
package/frontend/src/assets/logos/x.svg +3 -3
package/frontend/src/components/layout/AppHeader.tsx +9 -10
package/frontend/src/features/auth/components/OAuthConfigDialog.tsx +1 -0
package/frontend/src/features/auth/components/UsersDataGrid.tsx +6 -0
package/frontend/src/features/auth/helpers.tsx +8 -0
package/frontend/src/features/auth/{page → pages}/UsersPage.tsx +0 -28
package/frontend/src/features/database/components/SQLModal.tsx +75 -0
package/frontend/src/features/database/components/TableForm.tsx +0 -4
package/frontend/src/features/database/hooks/useDatabase.ts +66 -0
package/frontend/src/features/database/hooks/useTables.ts +32 -28
package/frontend/src/features/database/index.ts +1 -0
package/frontend/src/features/database/{page → pages}/FunctionsPage.tsx +29 -37
package/frontend/src/features/database/{page → pages}/IndexesPage.tsx +35 -47
package/frontend/src/features/database/{page → pages}/PoliciesPage.tsx +43 -54
package/frontend/src/features/database/{page → pages}/TablesPage.tsx +0 -42
package/frontend/src/features/database/{page → pages}/TriggersPage.tsx +35 -47
package/frontend/src/features/database/services/advance.service.ts +0 -26
package/frontend/src/features/database/services/database.service.ts +55 -0
package/frontend/src/features/database/services/table.service.ts +0 -6
package/frontend/src/features/functions/{page → pages}/FunctionsPage.tsx +21 -44
package/frontend/src/features/functions/{page → pages}/SecretsPage.tsx +11 -9
package/frontend/src/features/logs/hooks/useMcpUsage.ts +13 -66
package/frontend/src/features/realtime/components/ChannelRow.tsx +83 -0
package/frontend/src/features/realtime/components/EditChannelModal.tsx +246 -0
package/frontend/src/features/realtime/components/MessageRow.tsx +85 -0
package/frontend/src/features/realtime/components/RealtimeEmptyState.tsx +30 -0
package/frontend/src/features/realtime/hooks/useRealtime.ts +218 -0
package/frontend/src/features/realtime/index.ts +11 -0
package/frontend/src/features/realtime/pages/RealtimeChannelsPage.tsx +172 -0
package/frontend/src/features/realtime/pages/RealtimeMessagesPage.tsx +211 -0
package/frontend/src/features/realtime/pages/RealtimePermissionsPage.tsx +191 -0
package/frontend/src/features/realtime/services/realtime.service.ts +107 -0
package/frontend/src/features/storage/{page → pages}/StoragePage.tsx +1 -29
package/frontend/src/features/visualizer/components/SchemaVisualizer.tsx +3 -3
package/frontend/src/features/visualizer/{page → pages}/VisualizerPage.tsx +1 -35
package/frontend/src/lib/contexts/SocketContext.tsx +119 -75
package/frontend/src/lib/routing/AppRoutes.tsx +35 -20
package/frontend/src/lib/utils/cloudMessaging.ts +1 -1
package/frontend/src/lib/utils/menuItems.ts +24 -0
package/frontend/src/lib/utils/utils.ts +14 -1
package/frontend/tsconfig.json +25 -25
package/frontend/tsconfig.node.json +9 -9
package/functions/deno.json +24 -24
package/functions/server.ts +315 -315
package/i18n/README.ar.md +130 -130
package/i18n/README.de.md +130 -130
package/i18n/README.es.md +154 -154
package/i18n/README.fr.md +134 -134
package/i18n/README.hi.md +129 -129
package/i18n/README.ja.md +174 -174
package/i18n/README.ko.md +136 -136
package/i18n/README.pt-BR.md +131 -131
package/i18n/README.ru.md +129 -129
package/i18n/README.zh-CN.md +133 -133
package/openapi/ai.yaml +715 -715
package/openapi/auth.yaml +1244 -1244
package/openapi/email.yaml +158 -0
package/openapi/functions.yaml +475 -475
package/openapi/health.yaml +29 -29
package/openapi/logs.yaml +223 -223
package/openapi/metadata.yaml +177 -177
package/openapi/realtime.yaml +699 -0
package/openapi/records.yaml +381 -381
package/openapi/secrets.yaml +370 -370
package/openapi/storage.yaml +875 -875
package/openapi/tables.yaml +463 -463
package/package.json +97 -97
package/shared-schemas/package.json +31 -31
package/shared-schemas/src/ai.schema.ts +63 -59
package/shared-schemas/src/auth-api.schema.ts +352 -339
package/shared-schemas/src/auth.schema.ts +1 -1
package/shared-schemas/src/database-api.schema.ts +32 -1
package/shared-schemas/src/database.schema.ts +39 -0
package/shared-schemas/src/docs.schema.ts +26 -0
package/shared-schemas/src/email-api.schema.ts +30 -0
package/shared-schemas/src/index.ts +4 -0
package/shared-schemas/src/metadata.schema.ts +9 -0
package/shared-schemas/src/realtime-api.schema.ts +111 -0
package/shared-schemas/src/realtime.schema.ts +143 -0
package/shared-schemas/tsconfig.json +21 -21
package/tsconfig.json +7 -7
package/zeabur/README.md +13 -13
package/zeabur/template.yml +1032 -1032
package/.cursor/rules/cursor-rules.mdc +0 -94
package/frontend/src/features/database/hooks/useFullMetadata.ts +0 -18
package/test-gemini.sh +0 -35
package/test-usage-admin.sh +0 -57
package/test-usage.sh +0 -50
/package/frontend/src/features/ai/{page → pages}/AIPage.tsx +0 -0
/package/frontend/src/features/auth/{page → pages}/AuthMethodsPage.tsx +0 -0
/package/frontend/src/features/auth/{page → pages}/ConfigurationPage.tsx +0 -0
/package/frontend/src/features/dashboard/{page → pages}/DashboardPage.tsx +0 -0
/package/frontend/src/features/database/{page → pages}/SQLEditorPage.tsx +0 -0
/package/frontend/src/features/database/{page → pages}/TemplatesPage.tsx +0 -0
/package/frontend/src/features/login/{page → pages}/CloudLoginPage.tsx +0 -0
/package/frontend/src/features/login/{page → pages}/LoginPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/AuditsPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/LogsPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/MCPLogsPage.tsx +0 -0

package/docs/deprecated/insforge-auth-api.md CHANGED Viewed

@@ -1,215 +1,215 @@
-# Insforge OSS Authentication API Documentation
-## Overview
-Insforge uses JWT tokens and API keys for authentication. Store tokens in localStorage after login.
-**All requests**: Use `Authorization: Bearer <token>` header (for both JWT tokens and API keys)
-## Base URL
-`http://localhost:7130`
-## User Authentication
-### Register New User
-**POST** `/api/auth/users`
-Body: `{"email": "user@example.com", "password": "password", "name": "User Name"}`
-Returns: `{"accessToken": "...", "user": {"id": "...", "email": "...", "name": "...", "emailVerified": false, "createdAt": "...", "updatedAt": "..."}}`
-**Note:** This creates an entry in the `users` table with the same `id` for profile data
-### Login User
-**POST** `/api/auth/sessions`
-Body: `{"email": "user@example.com", "password": "password"}`
-Returns: `{"accessToken": "...", "user": {"id": "...", "email": "...", "name": "...", "emailVerified": false, "createdAt": "...", "updatedAt": "..."}}`
-### Get Current User
-**GET** `/api/auth/sessions/current`
-Headers: `Authorization: Bearer <accessToken>`
-Returns: `{"user": {"id": "...", "email": "...", "role": "authenticated"}}`
-**Note**: Returns LIMITED fields (id, email, role). For user profile data (nickname, avatar, bio, etc.), query `/api/database/records/users?id=eq.<user_id>`
-**Common errors:**
-- `401` with `"code": "MISSING_AUTHORIZATION_HEADER"` → No token provided
-- `401` with `"code": "INVALID_TOKEN"` → Token expired or invalid
-## Admin Authentication
-### Admin Login
-**POST** `/api/auth/admin/sessions`
-Request:
-```json
-{
-  "email": "admin@example.com",
-  "password": "change-this-password"
-}
-```
-Response:
-```json
-{
-  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
-  "user": {
-    "id": "admin-id",
-    "email": "admin@example.com",
-    "name": "Administrator",
-    "role": "project_admin"
-  }
-}
-```
-```bash
-# Mac/Linux
-curl -X POST http://localhost:7130/api/auth/admin/sessions \
-  -H 'Content-Type: application/json' \
-  -d '{"email":"admin@example.com","password":"change-this-password"}'
-# Windows PowerShell (use curl.exe)
-curl.exe -X POST http://localhost:7130/api/auth/admin/sessions \
-  -H "Content-Type: application/json" \
-  -d '{\"email\":\"admin@example.com\",\"password\":\"change-this-password\"}'
-```
-## Error Response Format
-All error responses follow this format:
-```json
-{
-  "code": "ERROR_CODE",
-  "message": "Human-readable error message"
-}
-```
-Example error:
-```json
-{
-  "code": "INVALID_EMAIL",
-  "message": "Please provide a valid email"
-}
-```
-## OAuth Support
-Insforge supports Google and GitHub OAuth when configured with environment variables.
-OAuth workflow:
-1. End user initiates OAuth login and receives authorization URL from backend
-2. After successful user authorization, Google/GitHub redirects to backend callback
-3. Backend generates JWT token and redirects to the application page
-Prerequisites:
-1. Create Google or GitHub OAuth Application and obtain Client ID and Client Secret
-2. Configure each platform's Client ID/Client Secret in InsForge backend (via Environment Variables)
-### OAuth Endpoints
-#### Get OAuth URL (Google/GitHub)
-**GET** `/api/auth/oauth/:provider`
-Parameters:
-- `provider`: "google" or "github" in the URL path
-- Query params: `?redirect_uri=http://localhost:3000/dashboard`
-Returns: `{"authUrl": "https://accounts.google.com/..."}` - URL to redirect user to provider's OAuth page.
-```bash
-# Mac/Linux
-curl -X GET "http://localhost:7130/api/auth/oauth/google?redirect_uri=http://localhost:3000/dashboard"
-# Windows PowerShell (use curl.exe)
-curl.exe -X GET "http://localhost:7130/api/auth/oauth/google?redirect_uri=http://localhost:3000/dashboard"
-```
-Example response:
-```json
-{
-  "authUrl": "https://accounts.google.com/o/oauth2/v2/auth?client_id=..."
-}
-```
-#### OAuth Callback
-The OAuth provider will redirect to:
-- Google: `http://localhost:7130/api/auth/oauth/google/callback`
-- GitHub: `http://localhost:7130/api/auth/oauth/github/callback`
-After processing, backend redirects to your specified `redirect_uri` with JWT token in URL parameters:
-- `access_token` - JWT authentication token
-- `user_id` - User's unique ID
-- `email` - User's email address
-- `name` - User's display name
-## User Profile Table
-### Users Table
-The `users` table stores **user profile data**:
-- **✅ READ** via: `GET /api/database/records/users`
-- **✅ WRITE** via: `PATCH /api/database/records/users?id=eq.<user_id>`
-- **✅ Foreign keys allowed** - reference `users.id`
-- **IMPORTANT**: Add columns to this table for profile data instead of creating separate profile tables
-**Schema:**
-- `id` - User ID (UUID, primary key)
-- `nickname` - Display name (text, nullable)
-- `avatar_url` - Profile picture URL (text, nullable)
-- `bio` - User biography (text, nullable)
-- `birthday` - Birth date (date, nullable)
-- `created_at` - Account creation timestamp
-- `updated_at` - Last update timestamp
-**Note:** Email and name from auth are returned by Auth API, not stored in users table
-Example - Create table with user reference:
-```json
-{
-  "table_name": "posts",
-  "columns": [
-    {
-      "name": "title",
-      "type": "string",
-      "nullable": false,
-      "is_unique": false
-    },
-    {
-      "name": "user_id",
-      "type": "string",
-      "nullable": false,
-      "is_unique": false,
-      "foreign_key": {
-        "reference_table": "users",
-        "reference_column": "id",
-        "on_delete": "CASCADE",
-        "on_update": "CASCADE"
-      }
-    }
-  ]
-}
-```
-### Available Tables
-- **users** - User profile data (read/write access)
-  - Use this table for foreign key references
-  - Update profiles with PATCH requests
-## Headers Summary
-| API Type | Header Required |
-|----------|----------------|
-| Auth endpoints | None |
-| Database/Storage | `Authorization: Bearer <accessToken>` |
-| MCP testing only | `x-api-key: <key>` |
-## Critical Notes
-1. `/api/auth/sessions/current` returns `{"user": {...}}` - nested, not root level
-2. `/api/auth/sessions/current` only has: id, email, role (limited fields)
-3. Full user profile: `GET /api/database/records/users?id=eq.<id>`
-4. POST to database requires `[{...}]` array format always
-5. Auth endpoints (register/login): no headers needed
+# Insforge OSS Authentication API Documentation
+## Overview
+Insforge uses JWT tokens and API keys for authentication. Store tokens in localStorage after login.
+**All requests**: Use `Authorization: Bearer <token>` header (for both JWT tokens and API keys)
+## Base URL
+`http://localhost:7130`
+## User Authentication
+### Register New User
+**POST** `/api/auth/users`
+Body: `{"email": "user@example.com", "password": "password", "name": "User Name"}`
+Returns: `{"accessToken": "...", "user": {"id": "...", "email": "...", "name": "...", "emailVerified": false, "createdAt": "...", "updatedAt": "..."}}`
+**Note:** This creates an entry in the `users` table with the same `id` for profile data
+### Login User
+**POST** `/api/auth/sessions`
+Body: `{"email": "user@example.com", "password": "password"}`
+Returns: `{"accessToken": "...", "user": {"id": "...", "email": "...", "name": "...", "emailVerified": false, "createdAt": "...", "updatedAt": "..."}}`
+### Get Current User
+**GET** `/api/auth/sessions/current`
+Headers: `Authorization: Bearer <accessToken>`
+Returns: `{"user": {"id": "...", "email": "...", "role": "authenticated"}}`
+**Note**: Returns LIMITED fields (id, email, role). For user profile data (nickname, avatar, bio, etc.), query `/api/database/records/users?id=eq.<user_id>`
+**Common errors:**
+- `401` with `"code": "MISSING_AUTHORIZATION_HEADER"` → No token provided
+- `401` with `"code": "INVALID_TOKEN"` → Token expired or invalid
+## Admin Authentication
+### Admin Login
+**POST** `/api/auth/admin/sessions`
+Request:
+```json
+{
+  "email": "admin@example.com",
+  "password": "change-this-password"
+}
+```
+Response:
+```json
+{
+  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
+  "user": {
+    "id": "admin-id",
+    "email": "admin@example.com",
+    "name": "Administrator",
+    "role": "project_admin"
+  }
+}
+```
+```bash
+# Mac/Linux
+curl -X POST http://localhost:7130/api/auth/admin/sessions \
+  -H 'Content-Type: application/json' \
+  -d '{"email":"admin@example.com","password":"change-this-password"}'
+# Windows PowerShell (use curl.exe)
+curl.exe -X POST http://localhost:7130/api/auth/admin/sessions \
+  -H "Content-Type: application/json" \
+  -d '{\"email\":\"admin@example.com\",\"password\":\"change-this-password\"}'
+```
+## Error Response Format
+All error responses follow this format:
+```json
+{
+  "code": "ERROR_CODE",
+  "message": "Human-readable error message"
+}
+```
+Example error:
+```json
+{
+  "code": "INVALID_EMAIL",
+  "message": "Please provide a valid email"
+}
+```
+## OAuth Support
+Insforge supports Google and GitHub OAuth when configured with environment variables.
+OAuth workflow:
+1. End user initiates OAuth login and receives authorization URL from backend
+2. After successful user authorization, Google/GitHub redirects to backend callback
+3. Backend generates JWT token and redirects to the application page
+Prerequisites:
+1. Create Google or GitHub OAuth Application and obtain Client ID and Client Secret
+2. Configure each platform's Client ID/Client Secret in InsForge backend (via Environment Variables)
+### OAuth Endpoints
+#### Get OAuth URL (Google/GitHub)
+**GET** `/api/auth/oauth/:provider`
+Parameters:
+- `provider`: "google" or "github" in the URL path
+- Query params: `?redirect_uri=http://localhost:3000/dashboard`
+Returns: `{"authUrl": "https://accounts.google.com/..."}` - URL to redirect user to provider's OAuth page.
+```bash
+# Mac/Linux
+curl -X GET "http://localhost:7130/api/auth/oauth/google?redirect_uri=http://localhost:3000/dashboard"
+# Windows PowerShell (use curl.exe)
+curl.exe -X GET "http://localhost:7130/api/auth/oauth/google?redirect_uri=http://localhost:3000/dashboard"
+```
+Example response:
+```json
+{
+  "authUrl": "https://accounts.google.com/o/oauth2/v2/auth?client_id=..."
+}
+```
+#### OAuth Callback
+The OAuth provider will redirect to:
+- Google: `http://localhost:7130/api/auth/oauth/google/callback`
+- GitHub: `http://localhost:7130/api/auth/oauth/github/callback`
+After processing, backend redirects to your specified `redirect_uri` with JWT token in URL parameters:
+- `access_token` - JWT authentication token
+- `user_id` - User's unique ID
+- `email` - User's email address
+- `name` - User's display name
+## User Profile Table
+### Users Table
+The `users` table stores **user profile data**:
+- **✅ READ** via: `GET /api/database/records/users`
+- **✅ WRITE** via: `PATCH /api/database/records/users?id=eq.<user_id>`
+- **✅ Foreign keys allowed** - reference `users.id`
+- **IMPORTANT**: Add columns to this table for profile data instead of creating separate profile tables
+**Schema:**
+- `id` - User ID (UUID, primary key)
+- `nickname` - Display name (text, nullable)
+- `avatar_url` - Profile picture URL (text, nullable)
+- `bio` - User biography (text, nullable)
+- `birthday` - Birth date (date, nullable)
+- `created_at` - Account creation timestamp
+- `updated_at` - Last update timestamp
+**Note:** Email and name from auth are returned by Auth API, not stored in users table
+Example - Create table with user reference:
+```json
+{
+  "table_name": "posts",
+  "columns": [
+    {
+      "name": "title",
+      "type": "string",
+      "nullable": false,
+      "is_unique": false
+    },
+    {
+      "name": "user_id",
+      "type": "string",
+      "nullable": false,
+      "is_unique": false,
+      "foreign_key": {
+        "reference_table": "users",
+        "reference_column": "id",
+        "on_delete": "CASCADE",
+        "on_update": "CASCADE"
+      }
+    }
+  ]
+}
+```
+### Available Tables
+- **users** - User profile data (read/write access)
+  - Use this table for foreign key references
+  - Update profiles with PATCH requests
+## Headers Summary
+| API Type | Header Required |
+|----------|----------------|
+| Auth endpoints | None |
+| Database/Storage | `Authorization: Bearer <accessToken>` |
+| MCP testing only | `x-api-key: <key>` |
+## Critical Notes
+1. `/api/auth/sessions/current` returns `{"user": {...}}` - nested, not root level
+2. `/api/auth/sessions/current` only has: id, email, role (limited fields)
+3. Full user profile: `GET /api/database/records/users?id=eq.<id>`
+4. POST to database requires `[{...}]` array format always
+5. Auth endpoints (register/login): no headers needed
 6. Protected endpoints: `Authorization: Bearer <accessToken>`

package/docs/deprecated/insforge-auth-sdk.md CHANGED Viewed

@@ -1,100 +1,100 @@
-# InsForge Auth SDK
-## Setup
-```javascript
-import { createClient } from '@insforge/sdk';
-const client = createClient({ baseUrl: 'http://localhost:7130' });
-```
-## Methods
-### signUp
-```javascript
-await client.auth.signUp({ email, password, name? })
-// Returns: { data: { accessToken, user }, error }
-// user: { id, email, name, emailVerified, createdAt, updatedAt }
-// Token auto-stored
-```
-### signInWithPassword
-```javascript
-await client.auth.signInWithPassword({ email, password })
-// Returns: { data: { accessToken, user }, error }
-// Token auto-stored
-```
-### signInWithOAuth
-```javascript
-const { data, error } = await client.auth.signInWithOAuth({
-  provider: 'google'|'github',
-  redirectTo: window.location.origin,
-  skipBrowserRedirect: true
-})
-// Returns: { data: { url, provider }, error }
-// Manual redirect required
-if (data?.url) {
-  window.location.href = data.url
-}
-// ⚠️ IMPORTANT: No callback handling needed!
-// After OAuth, user returns to redirectTo URL already authenticated
-// The SDK automatically:
-// - Handles the OAuth callback
-// - Stores the JWT token
-// - Makes user available via getCurrentUser()
-// ❌ DON'T DO THIS (not needed):
-// const accessToken = urlParams.get('access_token')
-// const userId = urlParams.get('user_id')
-// ✅ DO THIS INSTEAD (after redirect back):
-const { data: userData } = await client.auth.getCurrentUser()
-```
-### getCurrentUser
-```javascript
-await client.auth.getCurrentUser()
-// Returns: { data: { user: { id, email, role }, profile: {...} }, error }
-// Makes API call to validate token and fetch profile
-```
-### getCurrentSession
-```javascript
-await client.auth.getCurrentSession()
-// Returns: { data: { session: { accessToken, user } }, error }
-// From localStorage, no API call
-```
-### getProfile
-```javascript
-await client.auth.getProfile(userId)
-// Returns: { data: { id, nickname, bio, ... }, error }
-// Returns single object, not array!
-```
-### setProfile
-```javascript
-await client.auth.setProfile({ nickname, bio, avatar_url })
-// Returns: { data: { id, nickname, bio, ... }, error }
-// Returns single object, not array!
-```
-### signOut
-```javascript
-await client.auth.signOut()
-// Returns: { error }
-// Clears token from storage
-```
-## Error Codes
-- `INVALID_EMAIL`
-- `WEAK_PASSWORD`
-- `USER_ALREADY_EXISTS`
-- `INVALID_CREDENTIALS`
-- `INVALID_TOKEN`
-## Notes
-- Tokens stored in localStorage (browser) or memory (Node.js)
-- All requests after login automatically include token
+# InsForge Auth SDK
+## Setup
+```javascript
+import { createClient } from '@insforge/sdk';
+const client = createClient({ baseUrl: 'http://localhost:7130' });
+```
+## Methods
+### signUp
+```javascript
+await client.auth.signUp({ email, password, name? })
+// Returns: { data: { accessToken, user }, error }
+// user: { id, email, name, emailVerified, createdAt, updatedAt }
+// Token auto-stored
+```
+### signInWithPassword
+```javascript
+await client.auth.signInWithPassword({ email, password })
+// Returns: { data: { accessToken, user }, error }
+// Token auto-stored
+```
+### signInWithOAuth
+```javascript
+const { data, error } = await client.auth.signInWithOAuth({
+  provider: 'google'|'github',
+  redirectTo: window.location.origin,
+  skipBrowserRedirect: true
+})
+// Returns: { data: { url, provider }, error }
+// Manual redirect required
+if (data?.url) {
+  window.location.href = data.url
+}
+// ⚠️ IMPORTANT: No callback handling needed!
+// After OAuth, user returns to redirectTo URL already authenticated
+// The SDK automatically:
+// - Handles the OAuth callback
+// - Stores the JWT token
+// - Makes user available via getCurrentUser()
+// ❌ DON'T DO THIS (not needed):
+// const accessToken = urlParams.get('access_token')
+// const userId = urlParams.get('user_id')
+// ✅ DO THIS INSTEAD (after redirect back):
+const { data: userData } = await client.auth.getCurrentUser()
+```
+### getCurrentUser
+```javascript
+await client.auth.getCurrentUser()
+// Returns: { data: { user: { id, email, role }, profile: {...} }, error }
+// Makes API call to validate token and fetch profile
+```
+### getCurrentSession
+```javascript
+await client.auth.getCurrentSession()
+// Returns: { data: { session: { accessToken, user } }, error }
+// From localStorage, no API call
+```
+### getProfile
+```javascript
+await client.auth.getProfile(userId)
+// Returns: { data: { id, nickname, bio, ... }, error }
+// Returns single object, not array!
+```
+### setProfile
+```javascript
+await client.auth.setProfile({ nickname, bio, avatar_url })
+// Returns: { data: { id, nickname, bio, ... }, error }
+// Returns single object, not array!
+```
+### signOut
+```javascript
+await client.auth.signOut()
+// Returns: { error }
+// Clears token from storage
+```
+## Error Codes
+- `INVALID_EMAIL`
+- `WEAK_PASSWORD`
+- `USER_ALREADY_EXISTS`
+- `INVALID_CREDENTIALS`
+- `INVALID_TOKEN`
+## Notes
+- Tokens stored in localStorage (browser) or memory (Node.js)
+- All requests after login automatically include token
 - User profile data in `users` table, not auth