npm - insforge - Versions diffs - 1.2.10 → 1.3.0 - Mend

insforge 1.2.10 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (335) hide show

package/.claude-plugin/marketplace.json +20 -20
package/.dockerignore +60 -60
package/.env.example +83 -77
package/.github/ISSUE_TEMPLATE/bug_report.yml +36 -36
package/.github/ISSUE_TEMPLATE/config.yml +11 -11
package/.github/ISSUE_TEMPLATE/feature_request.yml +26 -26
package/.github/PULL_REQUEST_TEMPLATE.md +7 -7
package/.github/copilot-instructions.md +146 -146
package/.github/workflows/build-image.yml +65 -65
package/.github/workflows/ci-premerge-check.yml +23 -23
package/.github/workflows/e2e.yml +63 -63
package/.github/workflows/lint-and-format.yml +32 -32
package/.prettierignore +64 -64
package/CHANGELOG.md +44 -44
package/CLAUDE_PLUGIN.md +104 -104
package/CODE_OF_CONDUCT.md +128 -128
package/CONTRIBUTING.md +125 -125
package/Dockerfile +30 -30
package/GITHUB_OAUTH_SETUP.md +49 -49
package/GOOGLE_OAUTH_SETUP.md +148 -148
package/LICENSE +201 -201
package/README.md +182 -182
package/assets/Dark.svg +23 -23
package/auth/package.json +28 -28
package/auth/src/lib/broadcastService.ts +117 -115
package/auth/src/pages/SignInPage.tsx +60 -57
package/auth/src/pages/SignUpPage.tsx +60 -57
package/auth/tsconfig.json +32 -32
package/auth/tsconfig.node.json +11 -11
package/backend/package.json +78 -75
package/backend/src/api/routes/ai/index.routes.ts +3 -3
package/backend/src/api/routes/auth/index.routes.ts +667 -570
package/backend/src/api/routes/auth/oauth.routes.ts +473 -448
package/backend/src/api/routes/database/advance.routes.ts +37 -16
package/backend/src/api/routes/database/index.routes.ts +78 -1
package/backend/src/api/routes/database/records.routes.ts +10 -10
package/backend/src/api/routes/database/tables.routes.ts +0 -14
package/backend/src/api/routes/docs/index.routes.ts +75 -76
package/backend/src/api/routes/email/index.routes.ts +35 -0
package/backend/src/api/routes/functions/index.routes.ts +18 -12
package/backend/src/api/routes/metadata/index.routes.ts +12 -0
package/backend/src/api/routes/realtime/channels.routes.ts +81 -0
package/backend/src/api/routes/realtime/index.routes.ts +12 -0
package/backend/src/api/routes/realtime/messages.routes.ts +48 -0
package/backend/src/api/routes/realtime/permissions.routes.ts +19 -0
package/backend/src/api/routes/storage/index.routes.ts +18 -12
package/backend/src/api/routes/usage/index.routes.ts +6 -4
package/backend/src/infra/database/database.manager.ts +14 -1
package/backend/src/infra/database/migrations/000_create-base-tables.sql +141 -141
package/backend/src/infra/database/migrations/001_create-helper-functions.sql +40 -40
package/backend/src/infra/database/migrations/002_rename-auth-tables.sql +29 -29
package/backend/src/infra/database/migrations/003_create-users-table.sql +55 -55
package/backend/src/infra/database/migrations/004_add-reload-postgrest-func.sql +23 -23
package/backend/src/infra/database/migrations/005_enable-project-admin-modify-users.sql +29 -29
package/backend/src/infra/database/migrations/006_modify-ai-usage-table.sql +24 -24
package/backend/src/infra/database/migrations/007_drop-metadata-table.sql +1 -1
package/backend/src/infra/database/migrations/008_add-system-tables.sql +76 -76
package/backend/src/infra/database/migrations/009_add-function-secrets.sql +23 -23
package/backend/src/infra/database/migrations/010_modify-ai-config-modalities.sql +93 -93
package/backend/src/infra/database/migrations/011_refactor-secrets-table.sql +15 -15
package/backend/src/infra/database/migrations/012_add-storage-uploaded-by.sql +7 -7
package/backend/src/infra/database/migrations/013_create-auth-schema-functions.sql +44 -44
package/backend/src/infra/database/migrations/014_add-updated-at-trigger-user-table.sql +7 -7
package/backend/src/infra/database/migrations/015_create-auth-config-and-email-otp-tables.sql +59 -59
package/backend/src/infra/database/migrations/016_update-auth-config-and-email-otp.sql +24 -24
package/backend/src/infra/database/migrations/017_create-realtime-schema.sql +233 -0
package/backend/src/infra/realtime/realtime.manager.ts +246 -0
package/backend/src/infra/realtime/webhook-sender.ts +82 -0
package/backend/src/infra/security/token.manager.ts +219 -125
package/backend/src/infra/socket/socket.manager.ts +198 -64
package/backend/src/providers/ai/openrouter.provider.ts +12 -9
package/backend/src/providers/email/base.provider.ts +4 -7
package/backend/src/providers/email/cloud.provider.ts +84 -0
package/backend/src/providers/oauth/apple.provider.ts +266 -0
package/backend/src/providers/oauth/index.ts +1 -0
package/backend/src/server.ts +317 -284
package/backend/src/services/ai/ai-model.service.ts +5 -5
package/backend/src/services/ai/chat-completion.service.ts +4 -4
package/backend/src/services/ai/image-generation.service.ts +3 -3
package/backend/src/services/auth/auth.service.ts +14 -0
package/backend/src/services/database/database-table.service.ts +0 -9
package/backend/src/services/database/database.service.ts +127 -0
package/backend/src/services/email/email.service.ts +5 -7
package/backend/src/services/realtime/index.ts +3 -0
package/backend/src/services/realtime/realtime-auth.service.ts +104 -0
package/backend/src/services/realtime/realtime-channel.service.ts +237 -0
package/backend/src/services/realtime/realtime-message.service.ts +260 -0
package/backend/src/types/auth.ts +11 -0
package/backend/src/types/realtime.ts +18 -0
package/backend/src/types/socket.ts +7 -31
package/backend/src/utils/cookies.ts +35 -0
package/backend/src/utils/s3-config-loader.ts +64 -0
package/backend/src/utils/seed.ts +301 -298
package/backend/src/utils/sql-parser.ts +90 -0
package/backend/tests/README.md +133 -133
package/backend/tests/cleanup-all-test-data.sh +230 -230
package/backend/tests/cloud/test-s3-multitenant.sh +131 -131
package/backend/tests/local/comprehensive-curl-tests.sh +155 -155
package/backend/tests/local/test-ai-config.sh +129 -129
package/backend/tests/local/test-ai-usage.sh +80 -80
package/backend/tests/local/test-auth-router.sh +143 -143
package/backend/tests/local/test-database-router.sh +222 -222
package/backend/tests/local/test-e2e.sh +240 -240
package/backend/tests/local/test-fk-errors.sh +96 -96
package/backend/tests/local/test-functions.sh +123 -123
package/backend/tests/local/test-id-field.sh +200 -200
package/backend/tests/local/test-logs.sh +132 -132
package/backend/tests/local/test-public-bucket.sh +264 -264
package/backend/tests/local/test-secrets.sh +249 -249
package/backend/tests/local/test-serverless-functions.sh.disabled +325 -325
package/backend/tests/local/test-traditional-rest.sh +208 -208
package/backend/tests/manual/README.md +50 -50
package/backend/tests/manual/create-large-table-simple.sql +10 -10
package/backend/tests/manual/seed-large-table.sql +100 -100
package/backend/tests/manual/setup-large-table-extras.sql +33 -33
package/backend/tests/manual/test-bulk-upsert.sh +409 -409
package/backend/tests/manual/test-database-advance.sh +296 -296
package/backend/tests/manual/test-postgrest-stability.sh +191 -191
package/backend/tests/manual/test-rawsql-export-import.sh +411 -411
package/backend/tests/manual/test-rawsql-modes.sh +244 -244
package/backend/tests/manual/test-universal-storage.sh +263 -263
package/backend/tests/manual/test-users.sql +17 -17
package/backend/tests/run-all-tests.sh +139 -139
package/backend/tests/setup.ts +0 -0
package/backend/tests/test-config.sh +338 -338
package/backend/tests/unit/analyze-query.test.ts +697 -0
package/backend/tsconfig.json +22 -22
package/claude-plugin/.claude-plugin/plugin.json +24 -24
package/claude-plugin/README.md +133 -133
package/claude-plugin/skills/insforge-schema-patterns/SKILL.md +270 -270
package/docker-compose.prod.yml +204 -200
package/docker-compose.yml +232 -228
package/docker-init/db/db-init.sql +97 -97
package/docker-init/db/jwt.sql +5 -5
package/docker-init/db/postgresql.conf +16 -16
package/docker-init/logs/vector.yml +236 -236
package/docs/README.md +44 -44
package/docs/agent-docs/real-time.md +269 -0
package/docs/changelog.mdx +119 -67
package/docs/core-concepts/ai/architecture.mdx +372 -372
package/docs/core-concepts/ai/sdk.mdx +213 -213
package/docs/core-concepts/authentication/architecture.mdx +278 -278
package/docs/core-concepts/authentication/sdk.mdx +414 -414
package/docs/core-concepts/authentication/ui-components/customization.mdx +529 -529
package/docs/core-concepts/authentication/ui-components/nextjs.mdx +221 -221
package/docs/core-concepts/authentication/ui-components/react-router.mdx +184 -184
package/docs/core-concepts/authentication/ui-components/react.mdx +129 -129
package/docs/core-concepts/database/architecture.mdx +255 -255
package/docs/core-concepts/database/sdk.mdx +382 -382
package/docs/core-concepts/email/architecture.mdx +101 -0
package/docs/core-concepts/email/sdk.mdx +53 -0
package/docs/core-concepts/functions/architecture.mdx +105 -105
package/docs/core-concepts/functions/sdk.mdx +184 -184
package/docs/core-concepts/realtime/architecture.mdx +446 -0
package/docs/core-concepts/realtime/sdk.mdx +409 -0
package/docs/core-concepts/storage/architecture.mdx +243 -243
package/docs/core-concepts/storage/sdk.mdx +253 -253
package/docs/deployment/README.md +94 -94
package/docs/deployment/deploy-to-aws-ec2.md +564 -564
package/docs/deployment/deploy-to-azure-virtual-machines.md +312 -312
package/docs/deployment/deploy-to-google-cloud-compute-engine.md +613 -613
package/docs/deployment/deploy-to-render.md +441 -441
package/docs/deprecated/insforge-auth-api.md +214 -214
package/docs/deprecated/insforge-auth-sdk.md +99 -99
package/docs/deprecated/insforge-db-api.md +358 -358
package/docs/deprecated/insforge-db-sdk.md +139 -139
package/docs/deprecated/insforge-debug-sdk.md +156 -156
package/docs/deprecated/insforge-debug.md +64 -64
package/docs/deprecated/insforge-instructions.md +123 -123
package/docs/deprecated/insforge-project.md +117 -117
package/docs/deprecated/insforge-storage-api.md +278 -278
package/docs/deprecated/insforge-storage-sdk.md +158 -158
package/docs/docs.json +232 -210
package/docs/examples/framework-guides/nextjs.mdx +131 -131
package/docs/examples/framework-guides/nuxt.mdx +165 -165
package/docs/examples/framework-guides/react.mdx +165 -165
package/docs/examples/framework-guides/svelte.mdx +153 -153
package/docs/examples/framework-guides/vue.mdx +159 -159
package/docs/examples/overview.mdx +67 -67
package/docs/favicon.svg +19 -19
package/docs/images/changelog/dec-2025/ai-integration.png +0 -0
package/docs/images/changelog/dec-2025/ai-models.webp +0 -0
package/docs/images/changelog/dec-2025/alipay-payment.webp +0 -0
package/docs/images/changelog/dec-2025/apple-login.jpg +0 -0
package/docs/images/changelog/dec-2025/mcp-installer.png +0 -0
package/docs/images/changelog/dec-2025/realtime-module.jpg +0 -0
package/docs/images/icons/ai.svg +4 -4
package/docs/images/logos/nextjs.svg +4 -4
package/docs/images/logos/nuxt.svg +4 -4
package/docs/images/logos/react.svg +5 -5
package/docs/images/logos/svelte.svg +4 -4
package/docs/images/logos/vue.svg +5 -5
package/docs/insforge-instructions-sdk.md +89 -88
package/docs/introduction.mdx +45 -45
package/docs/logo/dark.svg +22 -22
package/docs/logo/light.svg +20 -20
package/docs/partnership.mdx +651 -646
package/docs/quickstart.mdx +82 -82
package/docs/showcase.mdx +52 -52
package/docs/snippets/sdk-installation.mdx +21 -21
package/docs/snippets/service-icons.mdx +27 -27
package/examples/oauth/frontend-oauth-example.html +250 -250
package/examples/response-examples.md +443 -443
package/frontend/components.json +17 -17
package/frontend/package.json +69 -69
package/frontend/src/assets/icons/checkbox_checked.svg +6 -6
package/frontend/src/assets/icons/checkbox_undetermined.svg +6 -6
package/frontend/src/assets/icons/checked.svg +3 -3
package/frontend/src/assets/icons/connected.svg +3 -3
package/frontend/src/assets/icons/error.svg +3 -3
package/frontend/src/assets/icons/loader.svg +9 -9
package/frontend/src/assets/icons/pencil.svg +4 -4
package/frontend/src/assets/icons/refresh.svg +4 -4
package/frontend/src/assets/icons/step_active.svg +3 -3
package/frontend/src/assets/icons/step_inactive.svg +11 -11
package/frontend/src/assets/icons/warning.svg +3 -3
package/frontend/src/assets/logos/apple.svg +3 -3
package/frontend/src/assets/logos/claude_code.svg +3 -3
package/frontend/src/assets/logos/cline.svg +6 -6
package/frontend/src/assets/logos/cursor.svg +20 -20
package/frontend/src/assets/logos/discord.svg +8 -8
package/frontend/src/assets/logos/facebook.svg +3 -3
package/frontend/src/assets/logos/gemini.svg +19 -19
package/frontend/src/assets/logos/github.svg +5 -5
package/frontend/src/assets/logos/google.svg +13 -13
package/frontend/src/assets/logos/grok.svg +10 -10
package/frontend/src/assets/logos/insforge_dark.svg +15 -15
package/frontend/src/assets/logos/insforge_light.svg +15 -15
package/frontend/src/assets/logos/instagram.svg +1 -1
package/frontend/src/assets/logos/linkedin.svg +3 -3
package/frontend/src/assets/logos/openai.svg +10 -10
package/frontend/src/assets/logos/roo_code.svg +9 -9
package/frontend/src/assets/logos/spotify.svg +16 -16
package/frontend/src/assets/logos/tiktok.svg +5 -5
package/frontend/src/assets/logos/trae.svg +3 -3
package/frontend/src/assets/logos/windsurf.svg +10 -10
package/frontend/src/assets/logos/x.svg +3 -3
package/frontend/src/components/layout/AppHeader.tsx +9 -10
package/frontend/src/features/auth/components/OAuthConfigDialog.tsx +1 -0
package/frontend/src/features/auth/components/UsersDataGrid.tsx +6 -0
package/frontend/src/features/auth/helpers.tsx +8 -0
package/frontend/src/features/auth/{page → pages}/UsersPage.tsx +0 -28
package/frontend/src/features/database/components/SQLModal.tsx +75 -0
package/frontend/src/features/database/components/TableForm.tsx +0 -4
package/frontend/src/features/database/hooks/useDatabase.ts +66 -0
package/frontend/src/features/database/hooks/useTables.ts +32 -28
package/frontend/src/features/database/index.ts +1 -0
package/frontend/src/features/database/{page → pages}/FunctionsPage.tsx +29 -37
package/frontend/src/features/database/{page → pages}/IndexesPage.tsx +35 -47
package/frontend/src/features/database/{page → pages}/PoliciesPage.tsx +43 -54
package/frontend/src/features/database/{page → pages}/TablesPage.tsx +0 -42
package/frontend/src/features/database/{page → pages}/TriggersPage.tsx +35 -47
package/frontend/src/features/database/services/advance.service.ts +0 -26
package/frontend/src/features/database/services/database.service.ts +55 -0
package/frontend/src/features/database/services/table.service.ts +0 -6
package/frontend/src/features/functions/{page → pages}/FunctionsPage.tsx +21 -44
package/frontend/src/features/functions/{page → pages}/SecretsPage.tsx +11 -9
package/frontend/src/features/logs/hooks/useMcpUsage.ts +13 -66
package/frontend/src/features/realtime/components/ChannelRow.tsx +83 -0
package/frontend/src/features/realtime/components/EditChannelModal.tsx +246 -0
package/frontend/src/features/realtime/components/MessageRow.tsx +85 -0
package/frontend/src/features/realtime/components/RealtimeEmptyState.tsx +30 -0
package/frontend/src/features/realtime/hooks/useRealtime.ts +218 -0
package/frontend/src/features/realtime/index.ts +11 -0
package/frontend/src/features/realtime/pages/RealtimeChannelsPage.tsx +172 -0
package/frontend/src/features/realtime/pages/RealtimeMessagesPage.tsx +211 -0
package/frontend/src/features/realtime/pages/RealtimePermissionsPage.tsx +191 -0
package/frontend/src/features/realtime/services/realtime.service.ts +107 -0
package/frontend/src/features/storage/{page → pages}/StoragePage.tsx +1 -29
package/frontend/src/features/visualizer/components/SchemaVisualizer.tsx +3 -3
package/frontend/src/features/visualizer/{page → pages}/VisualizerPage.tsx +1 -35
package/frontend/src/lib/contexts/SocketContext.tsx +119 -75
package/frontend/src/lib/routing/AppRoutes.tsx +35 -20
package/frontend/src/lib/utils/cloudMessaging.ts +1 -1
package/frontend/src/lib/utils/menuItems.ts +24 -0
package/frontend/src/lib/utils/utils.ts +14 -1
package/frontend/tsconfig.json +25 -25
package/frontend/tsconfig.node.json +9 -9
package/functions/deno.json +24 -24
package/functions/server.ts +315 -315
package/i18n/README.ar.md +130 -130
package/i18n/README.de.md +130 -130
package/i18n/README.es.md +154 -154
package/i18n/README.fr.md +134 -134
package/i18n/README.hi.md +129 -129
package/i18n/README.ja.md +174 -174
package/i18n/README.ko.md +136 -136
package/i18n/README.pt-BR.md +131 -131
package/i18n/README.ru.md +129 -129
package/i18n/README.zh-CN.md +133 -133
package/openapi/ai.yaml +715 -715
package/openapi/auth.yaml +1244 -1244
package/openapi/email.yaml +158 -0
package/openapi/functions.yaml +475 -475
package/openapi/health.yaml +29 -29
package/openapi/logs.yaml +223 -223
package/openapi/metadata.yaml +177 -177
package/openapi/realtime.yaml +699 -0
package/openapi/records.yaml +381 -381
package/openapi/secrets.yaml +370 -370
package/openapi/storage.yaml +875 -875
package/openapi/tables.yaml +463 -463
package/package.json +97 -97
package/shared-schemas/package.json +31 -31
package/shared-schemas/src/ai.schema.ts +63 -59
package/shared-schemas/src/auth-api.schema.ts +352 -339
package/shared-schemas/src/auth.schema.ts +1 -1
package/shared-schemas/src/database-api.schema.ts +32 -1
package/shared-schemas/src/database.schema.ts +39 -0
package/shared-schemas/src/docs.schema.ts +26 -0
package/shared-schemas/src/email-api.schema.ts +30 -0
package/shared-schemas/src/index.ts +4 -0
package/shared-schemas/src/metadata.schema.ts +9 -0
package/shared-schemas/src/realtime-api.schema.ts +111 -0
package/shared-schemas/src/realtime.schema.ts +143 -0
package/shared-schemas/tsconfig.json +21 -21
package/tsconfig.json +7 -7
package/zeabur/README.md +13 -13
package/zeabur/template.yml +1032 -1032
package/.cursor/rules/cursor-rules.mdc +0 -94
package/frontend/src/features/database/hooks/useFullMetadata.ts +0 -18
package/test-gemini.sh +0 -35
package/test-usage-admin.sh +0 -57
package/test-usage.sh +0 -50
/package/frontend/src/features/ai/{page → pages}/AIPage.tsx +0 -0
/package/frontend/src/features/auth/{page → pages}/AuthMethodsPage.tsx +0 -0
/package/frontend/src/features/auth/{page → pages}/ConfigurationPage.tsx +0 -0
/package/frontend/src/features/dashboard/{page → pages}/DashboardPage.tsx +0 -0
/package/frontend/src/features/database/{page → pages}/SQLEditorPage.tsx +0 -0
/package/frontend/src/features/database/{page → pages}/TemplatesPage.tsx +0 -0
/package/frontend/src/features/login/{page → pages}/CloudLoginPage.tsx +0 -0
/package/frontend/src/features/login/{page → pages}/LoginPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/AuditsPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/LogsPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/MCPLogsPage.tsx +0 -0

package/docs/deprecated/insforge-db-api.md CHANGED Viewed

@@ -1,359 +1,359 @@
-# Insforge OSS Database API Documentation
-## API Basics
-**Base URL:** `http://localhost:7130`
-**Note:** Avoid special characters (!,$,`,\) in curl command data - they can cause bash interpretation issues. Use simple text for testing.
-**Authentication Requirements:**
-- **READ operations (GET):** No authentication required - public access by default
-- **WRITE operations (POST/PATCH/DELETE):** Requires `Authorization: Bearer <token>` header (JWT token or API key for MCP testing)
-**Important: How Authentication Works**
-1. Login returns a **JWT access token** - e.g., `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...`
-2. Just use: `Authorization: Bearer <token>` in your requests
-3. API keys (starting with `ik_`) can also be used as Bearer tokens for testing
-**Critical:** Always call `get-backend-metadata` first to understand current database structure
-**Critical:** POST body must be arrays `[{...}]`, query filters `?field=eq.value`, add header `Prefer: return=representation` to return created data - follows PostgREST design (not traditional REST)
-## Table Operations (Use MCP Tools)
-### Available MCP Tools
-1. **get-backend-metadata** - Get current database structure (always start here)
-2. **create-table** - Create new table with explicit schema
-3. **update-table-schema** - Alter existing table schema
-4. **delete-table** - Remove table completely
-5. **get-table-schema** - Get specific table structure
-### Column Types
-- `string` - Text data
-- `integer` - Whole numbers
-- `float` - Decimal numbers
-- `boolean` - True/false values
-- `datetime` - Date and time
-- `json` - JSON objects
-- `uuid` - Unique identifiers
-## Record Operations (Use REST API)
-### Base URL
-`/api/database/records/:tableName`
-### Query Records
-**GET** `/api/database/records/:tableName`
-Query parameters:
-- `limit` - Maximum records (default: 100)
-- `offset` - Skip records for pagination
-- `order` - Sort by field (e.g., `createdAt.desc`)
-- PostgREST filters: `field=eq.value`, `field=gt.value`, etc.
-Response: Array of records with auto-generated `id`, `created_at`, `updated_at` fields
-Example:
-```bash
-# Windows PowerShell: use curl.exe
-curl -X GET "http://localhost:7130/api/database/records/posts?limit=10"
-```
-### Create Records
-**POST** `/api/database/records/:tableName`
-**AUTHENTICATION REQUIRED** - Must include `Authorization: Bearer <token>`
-**CRITICAL**: Request body MUST be an array, even for single records!
-**⚠️ IMPORTANT: Default Response Behavior**
-- **By default, POST requests return an empty array `[]`**
-- **To get the created records in the response, you MUST include the header:**
-  ```
-  Prefer: return=representation
-  ```
-- **Without this header, you get no data back, just an empty array!**
-Send array of records:
-```json
-[
-  {
-    "field1": "value1",
-    "field2": "value2"
-  }
-]
-```
-For a single record, still wrap in array:
-```json
-[
-  {
-    "name": "John Doe",
-    "email": "john@example.com"
-  }
-]
-```
-Response format (WITHOUT `Prefer` header - default):
-```json
-[]
-```
-Response format (WITH `Prefer: return=representation` header):
-```json
-[
-  {
-    "id": "248373e1-0aea-45ce-8844-5ef259203749",
-    "name": "John Doe",
-    "email": "john@example.com",
-    "createdAt": "2025-07-18T05:37:24.338Z",
-    "updatedAt": "2025-07-18T05:37:24.338Z"
-  }
-]
-```
-Example:
-```bash
-# Mac/Linux
-curl -X POST http://localhost:7130/api/database/records/comments \
-  -H 'Authorization: Bearer <token>' \
-  -H 'Content-Type: application/json' \
-  -H 'Prefer: return=representation' \
-  -d '[{"user_id": "from-localStorage", "post_id": "post-uuid", "content": "Great"}]'
-# Windows PowerShell (use curl.exe) - different quotes needed for nested JSON
-curl.exe -X POST http://localhost:7130/api/database/records/comments \
-  -H "Authorization: Bearer <token>" \
-  -H "Content-Type: application/json" \
-  -H "Prefer: return=representation" \
-  -d '[{\"user_id\": \"from-localStorage\", \"post_id\": \"post-uuid\", \"content\": \"Great\"}]'
-```
-### Update Record
-**PATCH** `/api/database/records/:tableName?id=eq.uuid`
-**AUTHENTICATION REQUIRED**
-**⚠️ IMPORTANT: PATCH Limitations**
-- **PostgREST does NOT support SQL expressions** like `count + 1`
-- You must fetch the current value and calculate in your code:
-```javascript
-// ❌ WRONG - This will NOT work
-await api.patch(`/api/database/records/posts?id=eq.${postId}`, {
-  comments_count: 'comments_count + 1'  // PostgREST doesn't evaluate expressions!
-});
-// ✅ CORRECT - Fetch and calculate
-const post = await api.get(`/api/database/records/posts?id=eq.${postId}`);
-await api.patch(`/api/database/records/posts?id=eq.${postId}`, {
-  comments_count: post.data[0].comments_count + 1
-});
-```
-**Default Response Behavior**
-- **By default, PATCH requests return an empty array `[]`**
-- **To get the updated record in the response, you MUST include the header:**
-  ```
-  Prefer: return=representation
-  ```
-Send fields to update:
-```json
-{
-  "field1": "new_value"
-}
-```
-Response format (WITHOUT `Prefer: return=representation` header - default):
-```json
-""
-```
-Response format (WITH `Prefer: return=representation` header):
-```json
-[
-  {
-    "id": "123e4567-e89b-12d3-a456-426614174000",
-    "field1": "new_value",
-    "createdAt": "2025-01-01T00:00:00Z",
-    "updatedAt": "2025-01-21T11:00:00Z"
-  }
-]
-```
-### Delete Record
-**DELETE** `/api/database/records/:tableName?id=eq.uuid`
-**AUTHENTICATION REQUIRED**
-**⚠️ IMPORTANT: Delete Behavior**
-- **Without `Prefer: return=representation`**: Returns `204 No Content` (no body)
-- **With `Prefer: return=representation`**: Returns `200 OK` with:
-  - `[{...}]` - Array containing deleted record(s) if found
-  - `[]` - Empty array if record didn't exist
-- **DELETE is idempotent**: No error if record doesn't exist
-Response format (WITHOUT `Prefer` header - default):
-```
-204 No Content (no body)
-```
-Response format (WITH `Prefer: return=representation` header):
-```json
-// If record existed and was deleted:
-[
-  {
-    "id": "123e4567-e89b-12d3-a456-426614174000",
-    "name": "Deleted User",
-    "createdAt": "2025-01-01T00:00:00Z",
-    "updatedAt": "2025-01-21T11:00:00Z"
-  }
-]
-// If record didn't exist (already deleted or never existed):
-[]
-```
-## Error Response Format
-All error responses follow this format:
-```json
-{
-  "error": "ERROR_CODE",
-  "message": "Human-readable error message",
-  "statusCode": 400,
-  "nextActions": "Suggested action to resolve the error"
-}
-```
-Example error:
-```json
-{
-  "error": "TABLE_NOT_FOUND",
-  "message": "Table 'nonexistent' does not exist",
-  "statusCode": 404,
-  "nextActions": "Check table name and try again"
-}
-```
-## Pagination
-For paginated results, use the `Range` header:
-```bash
-# Windows PowerShell: use curl.exe
-curl "http://localhost:7130/api/database/records/posts" \
-  -H "Range: 0-9" \
-  -H "Prefer: count=exact"
-```
-Response includes `Content-Range` header:
-```
-Content-Range: 0-9/100  # Shows items 0-9 out of 100 total
-```
-Without `Prefer: count=exact`, you get: `Content-Range: 0-9/*` (no total count)
-## 🚨 Working with User Data
-**The `users` table stores user profiles:**
-- **✅ READ**: `GET /api/database/records/users` - Get user profiles
-- **✅ WRITE**: `PATCH /api/database/records/users?id=eq.<user_id>` - Update profiles
-**Schema:**
-- `id` - User ID (UUID, references auth system)
-- `nickname` - Display name (text, nullable)
-- `avatar_url` - Profile picture URL (text, nullable)
-- `bio` - User biography (text, nullable)
-- `birthday` - Birth date (date, nullable)
-- `created_at` - Profile creation timestamp
-- `updated_at` - Last update timestamp
-**Important:**
-- User accounts (email, password) are managed via Auth API only
-- The `users` table is automatically created when a user registers
-- Use `users.id` for foreign key references in your tables
-**Creating tables with user references:**
-```json
-{
-  "table_name": "posts",
-  "columns": [
-    {"name": "user_id", "type": "string", "nullable": false,
-     "foreign_key": {"reference_table": "users", "reference_column": "id",
-                     "on_delete": "CASCADE", "on_update": "CASCADE"}},
-    {"name": "content", "type": "string", "nullable": false}
-  ]
-}
-```
-## 🚨 Critical: Always Include user_id
-**Every user-related table MUST include user_id field from localStorage:**
-```javascript
-// Frontend: Get user_id from localStorage after login
-const userId = localStorage.getItem('user_id');
-```
-```bash
-# ❌ WRONG - Missing user_id
-curl -X POST http://localhost:7130/api/database/records/comments \
-  -H "Authorization: Bearer TOKEN" \
-  -d '[{"content": "Great post"}]'
-# ✅ CORRECT - Includes user_id
-# Mac/Linux
-curl -X POST http://localhost:7130/api/database/records/comments \
-  -H 'Authorization: Bearer TOKEN' \
-  -H 'Prefer: return=representation' \
-  -d '[{"content": "Great post", "user_id": "user-uuid-from-localStorage"}]'
-# Windows PowerShell (use curl.exe) - different quotes needed for nested JSON
-curl.exe -X POST http://localhost:7130/api/database/records/comments \
-  -H "Authorization: Bearer TOKEN" \
-  -H "Prefer: return=representation" \
-  -d '[{\"content\": \"Great post\", \"user_id\": \"user-uuid-from-localStorage\"}]'
-```
-**Required for all user-related operations:**
-- Creating posts, comments, likes, follows
-- Any table with a `user_id` foreign key
-- Without it, your INSERT will fail with missing field error
-## Important Rules
-1. **Authentication Summary**:
-   | Operation | Auth Required | Header |
-   |-----------|--------------|--------|
-   | GET (read) | ❌ No | None needed |
-   | POST (create) | ✅ Yes | `Authorization: Bearer <token>` |
-   | PATCH (update) | ✅ Yes | `Authorization: Bearer <token>` |
-   | DELETE | ✅ Yes | `Authorization: Bearer <token>` |
-2. **Auto-Generated Fields**
-   - `id` - UUID primary key (auto-generated)
-   - `createdAt` - Timestamp (auto-set)
-   - `updatedAt` - Timestamp (auto-updated)
-2. **System Tables**
-   - Tables prefixed with `_` are system tables (protected)
-   - User profiles stored in `users` table (read/write allowed)
-   - Account management only through Auth API (register/login)
-3. **Common PostgREST Errors**:
-   ```json
-   {"code": "42501", "message": "permission denied for table comments"}
-   // Means: User not authenticated for write operation
-   {"code": "PGRST301", "message": "JWSError (CompactDecodeError Invalid number of parts: Expected 3 parts; got 1)"}
-   // Means: Invalid or expired token - user needs to login again
-   ```
-4. **Remember**
-   - READ operations are public (no auth needed)
-   - WRITE operations require token from login
-   - POST needs array `[{...}]` even for single record
-   - Add `Prefer: return=representation` to see created/updated data
-   - PATCH cannot use SQL expressions - calculate in JavaScript
-   - Tokens from login work directly as Bearer tokens
+# Insforge OSS Database API Documentation
+## API Basics
+**Base URL:** `http://localhost:7130`
+**Note:** Avoid special characters (!,$,`,\) in curl command data - they can cause bash interpretation issues. Use simple text for testing.
+**Authentication Requirements:**
+- **READ operations (GET):** No authentication required - public access by default
+- **WRITE operations (POST/PATCH/DELETE):** Requires `Authorization: Bearer <token>` header (JWT token or API key for MCP testing)
+**Important: How Authentication Works**
+1. Login returns a **JWT access token** - e.g., `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...`
+2. Just use: `Authorization: Bearer <token>` in your requests
+3. API keys (starting with `ik_`) can also be used as Bearer tokens for testing
+**Critical:** Always call `get-backend-metadata` first to understand current database structure
+**Critical:** POST body must be arrays `[{...}]`, query filters `?field=eq.value`, add header `Prefer: return=representation` to return created data - follows PostgREST design (not traditional REST)
+## Table Operations (Use MCP Tools)
+### Available MCP Tools
+1. **get-backend-metadata** - Get current database structure (always start here)
+2. **create-table** - Create new table with explicit schema
+3. **update-table-schema** - Alter existing table schema
+4. **delete-table** - Remove table completely
+5. **get-table-schema** - Get specific table structure
+### Column Types
+- `string` - Text data
+- `integer` - Whole numbers
+- `float` - Decimal numbers
+- `boolean` - True/false values
+- `datetime` - Date and time
+- `json` - JSON objects
+- `uuid` - Unique identifiers
+## Record Operations (Use REST API)
+### Base URL
+`/api/database/records/:tableName`
+### Query Records
+**GET** `/api/database/records/:tableName`
+Query parameters:
+- `limit` - Maximum records (default: 100)
+- `offset` - Skip records for pagination
+- `order` - Sort by field (e.g., `createdAt.desc`)
+- PostgREST filters: `field=eq.value`, `field=gt.value`, etc.
+Response: Array of records with auto-generated `id`, `created_at`, `updated_at` fields
+Example:
+```bash
+# Windows PowerShell: use curl.exe
+curl -X GET "http://localhost:7130/api/database/records/posts?limit=10"
+```
+### Create Records
+**POST** `/api/database/records/:tableName`
+**AUTHENTICATION REQUIRED** - Must include `Authorization: Bearer <token>`
+**CRITICAL**: Request body MUST be an array, even for single records!
+**⚠️ IMPORTANT: Default Response Behavior**
+- **By default, POST requests return an empty array `[]`**
+- **To get the created records in the response, you MUST include the header:**
+  ```
+  Prefer: return=representation
+  ```
+- **Without this header, you get no data back, just an empty array!**
+Send array of records:
+```json
+[
+  {
+    "field1": "value1",
+    "field2": "value2"
+  }
+]
+```
+For a single record, still wrap in array:
+```json
+[
+  {
+    "name": "John Doe",
+    "email": "john@example.com"
+  }
+]
+```
+Response format (WITHOUT `Prefer` header - default):
+```json
+[]
+```
+Response format (WITH `Prefer: return=representation` header):
+```json
+[
+  {
+    "id": "248373e1-0aea-45ce-8844-5ef259203749",
+    "name": "John Doe",
+    "email": "john@example.com",
+    "createdAt": "2025-07-18T05:37:24.338Z",
+    "updatedAt": "2025-07-18T05:37:24.338Z"
+  }
+]
+```
+Example:
+```bash
+# Mac/Linux
+curl -X POST http://localhost:7130/api/database/records/comments \
+  -H 'Authorization: Bearer <token>' \
+  -H 'Content-Type: application/json' \
+  -H 'Prefer: return=representation' \
+  -d '[{"user_id": "from-localStorage", "post_id": "post-uuid", "content": "Great"}]'
+# Windows PowerShell (use curl.exe) - different quotes needed for nested JSON
+curl.exe -X POST http://localhost:7130/api/database/records/comments \
+  -H "Authorization: Bearer <token>" \
+  -H "Content-Type: application/json" \
+  -H "Prefer: return=representation" \
+  -d '[{\"user_id\": \"from-localStorage\", \"post_id\": \"post-uuid\", \"content\": \"Great\"}]'
+```
+### Update Record
+**PATCH** `/api/database/records/:tableName?id=eq.uuid`
+**AUTHENTICATION REQUIRED**
+**⚠️ IMPORTANT: PATCH Limitations**
+- **PostgREST does NOT support SQL expressions** like `count + 1`
+- You must fetch the current value and calculate in your code:
+```javascript
+// ❌ WRONG - This will NOT work
+await api.patch(`/api/database/records/posts?id=eq.${postId}`, {
+  comments_count: 'comments_count + 1'  // PostgREST doesn't evaluate expressions!
+});
+// ✅ CORRECT - Fetch and calculate
+const post = await api.get(`/api/database/records/posts?id=eq.${postId}`);
+await api.patch(`/api/database/records/posts?id=eq.${postId}`, {
+  comments_count: post.data[0].comments_count + 1
+});
+```
+**Default Response Behavior**
+- **By default, PATCH requests return an empty array `[]`**
+- **To get the updated record in the response, you MUST include the header:**
+  ```
+  Prefer: return=representation
+  ```
+Send fields to update:
+```json
+{
+  "field1": "new_value"
+}
+```
+Response format (WITHOUT `Prefer: return=representation` header - default):
+```json
+""
+```
+Response format (WITH `Prefer: return=representation` header):
+```json
+[
+  {
+    "id": "123e4567-e89b-12d3-a456-426614174000",
+    "field1": "new_value",
+    "createdAt": "2025-01-01T00:00:00Z",
+    "updatedAt": "2025-01-21T11:00:00Z"
+  }
+]
+```
+### Delete Record
+**DELETE** `/api/database/records/:tableName?id=eq.uuid`
+**AUTHENTICATION REQUIRED**
+**⚠️ IMPORTANT: Delete Behavior**
+- **Without `Prefer: return=representation`**: Returns `204 No Content` (no body)
+- **With `Prefer: return=representation`**: Returns `200 OK` with:
+  - `[{...}]` - Array containing deleted record(s) if found
+  - `[]` - Empty array if record didn't exist
+- **DELETE is idempotent**: No error if record doesn't exist
+Response format (WITHOUT `Prefer` header - default):
+```
+204 No Content (no body)
+```
+Response format (WITH `Prefer: return=representation` header):
+```json
+// If record existed and was deleted:
+[
+  {
+    "id": "123e4567-e89b-12d3-a456-426614174000",
+    "name": "Deleted User",
+    "createdAt": "2025-01-01T00:00:00Z",
+    "updatedAt": "2025-01-21T11:00:00Z"
+  }
+]
+// If record didn't exist (already deleted or never existed):
+[]
+```
+## Error Response Format
+All error responses follow this format:
+```json
+{
+  "error": "ERROR_CODE",
+  "message": "Human-readable error message",
+  "statusCode": 400,
+  "nextActions": "Suggested action to resolve the error"
+}
+```
+Example error:
+```json
+{
+  "error": "TABLE_NOT_FOUND",
+  "message": "Table 'nonexistent' does not exist",
+  "statusCode": 404,
+  "nextActions": "Check table name and try again"
+}
+```
+## Pagination
+For paginated results, use the `Range` header:
+```bash
+# Windows PowerShell: use curl.exe
+curl "http://localhost:7130/api/database/records/posts" \
+  -H "Range: 0-9" \
+  -H "Prefer: count=exact"
+```
+Response includes `Content-Range` header:
+```
+Content-Range: 0-9/100  # Shows items 0-9 out of 100 total
+```
+Without `Prefer: count=exact`, you get: `Content-Range: 0-9/*` (no total count)
+## 🚨 Working with User Data
+**The `users` table stores user profiles:**
+- **✅ READ**: `GET /api/database/records/users` - Get user profiles
+- **✅ WRITE**: `PATCH /api/database/records/users?id=eq.<user_id>` - Update profiles
+**Schema:**
+- `id` - User ID (UUID, references auth system)
+- `nickname` - Display name (text, nullable)
+- `avatar_url` - Profile picture URL (text, nullable)
+- `bio` - User biography (text, nullable)
+- `birthday` - Birth date (date, nullable)
+- `created_at` - Profile creation timestamp
+- `updated_at` - Last update timestamp
+**Important:**
+- User accounts (email, password) are managed via Auth API only
+- The `users` table is automatically created when a user registers
+- Use `users.id` for foreign key references in your tables
+**Creating tables with user references:**
+```json
+{
+  "table_name": "posts",
+  "columns": [
+    {"name": "user_id", "type": "string", "nullable": false,
+     "foreign_key": {"reference_table": "users", "reference_column": "id",
+                     "on_delete": "CASCADE", "on_update": "CASCADE"}},
+    {"name": "content", "type": "string", "nullable": false}
+  ]
+}
+```
+## 🚨 Critical: Always Include user_id
+**Every user-related table MUST include user_id field from localStorage:**
+```javascript
+// Frontend: Get user_id from localStorage after login
+const userId = localStorage.getItem('user_id');
+```
+```bash
+# ❌ WRONG - Missing user_id
+curl -X POST http://localhost:7130/api/database/records/comments \
+  -H "Authorization: Bearer TOKEN" \
+  -d '[{"content": "Great post"}]'
+# ✅ CORRECT - Includes user_id
+# Mac/Linux
+curl -X POST http://localhost:7130/api/database/records/comments \
+  -H 'Authorization: Bearer TOKEN' \
+  -H 'Prefer: return=representation' \
+  -d '[{"content": "Great post", "user_id": "user-uuid-from-localStorage"}]'
+# Windows PowerShell (use curl.exe) - different quotes needed for nested JSON
+curl.exe -X POST http://localhost:7130/api/database/records/comments \
+  -H "Authorization: Bearer TOKEN" \
+  -H "Prefer: return=representation" \
+  -d '[{\"content\": \"Great post\", \"user_id\": \"user-uuid-from-localStorage\"}]'
+```
+**Required for all user-related operations:**
+- Creating posts, comments, likes, follows
+- Any table with a `user_id` foreign key
+- Without it, your INSERT will fail with missing field error
+## Important Rules
+1. **Authentication Summary**:
+   | Operation | Auth Required | Header |
+   |-----------|--------------|--------|
+   | GET (read) | ❌ No | None needed |
+   | POST (create) | ✅ Yes | `Authorization: Bearer <token>` |
+   | PATCH (update) | ✅ Yes | `Authorization: Bearer <token>` |
+   | DELETE | ✅ Yes | `Authorization: Bearer <token>` |
+2. **Auto-Generated Fields**
+   - `id` - UUID primary key (auto-generated)
+   - `createdAt` - Timestamp (auto-set)
+   - `updatedAt` - Timestamp (auto-updated)
+2. **System Tables**
+   - Tables prefixed with `_` are system tables (protected)
+   - User profiles stored in `users` table (read/write allowed)
+   - Account management only through Auth API (register/login)
+3. **Common PostgREST Errors**:
+   ```json
+   {"code": "42501", "message": "permission denied for table comments"}
+   // Means: User not authenticated for write operation
+   {"code": "PGRST301", "message": "JWSError (CompactDecodeError Invalid number of parts: Expected 3 parts; got 1)"}
+   // Means: Invalid or expired token - user needs to login again
+   ```
+4. **Remember**
+   - READ operations are public (no auth needed)
+   - WRITE operations require token from login
+   - POST needs array `[{...}]` even for single record
+   - Add `Prefer: return=representation` to see created/updated data
+   - PATCH cannot use SQL expressions - calculate in JavaScript
+   - Tokens from login work directly as Bearer tokens
    - Always include `user_id` in user-related tables