jcc-express-mvc 1.9.4 → 1.9.6

package/final-documentation/Digging Deeper/Helpers.md

@@ -21,21 +21,22 @@ These helpers are available during request handling and in `tinker` (with contai
 
 ## HTTP context helpers
 
-- `request()` -> current `AppRequest`
-- `response()` -> current `AppResponse`
-- `next()` -> current `next` function
+- `request()` -> current `AppRequest` (returns `{}` outside an HTTP request)
+- `response()` -> current `AppResponse` (returns `{}` outside an HTTP request)
 - `view(view, options?, callback?)`
 - `inertia(component, props?, option?)`
 - `redirect(url, status?)`
 - `back(url?)`
 
-These depend on per-request container bindings, so they are request-lifecycle helpers.
+These depend on per-request container bindings, so they are request-lifecycle helpers. `request()` and `response()` are safe to call from code that may run outside middleware (for example pagination link builders) — they return an empty object when no request is bound.
+
+`next()` is **not** exposed as a global helper. Use the `next` argument in middleware and route handlers directly.
 
 ---
 
 ## Auth and authorization helpers
 
-- `auth()` -> current request user
+- `auth()` -> `Authentication` class (`Auth.attempt`, `Auth.apiAttempt`, `Auth.logout`, etc.)
 - `Gate` -> `GateFacade`
 - `can(user, ability, model?, ...args)`
 - `authorize(user, ability, ...args)`
@@ -98,8 +99,8 @@ Global helper types are declared in `jcc-express-mvc/global.d.ts`, so TypeScript
 
 ## Notes
 
-- `auth` is assigned twice inside `globalHelpers`; the later assignment returns `request().user`.
-- Helpers that rely on request bindings (`request`, `response`, `next`, `validate`, etc.) are not meaningful before HTTP middleware bootstraps those bindings.
+- Helpers that rely on request bindings (`request`, `response`, `validate`, `session`, etc.) are not meaningful before HTTP middleware bootstraps those bindings.
+- `request()` and `response()` catch missing bindings and return `{}` instead of throwing.
 
 ---
 

package/final-documentation/Digging Deeper/Monitor.md

@@ -157,8 +157,14 @@ export const monitor: Partial<MonitorConfig> = {
     },
     system: { enabled: true, intervalMs: 15_000 },
     errors: { enabled: true },
-    database: { enabled: false, slowQueryMs: 200 },
-    queue: { enabled: false },
+    database: { enabled: true, slowQueryMs: 200 },
+    queue: { enabled: true },
+    commands: { enabled: true },
+    schedule: { enabled: true },
+    mail: { enabled: true },
+    cache: { enabled: true },
+    outgoing: { enabled: true },
+    logs: { enabled: true },
   },
 
   exporters: {
@@ -187,6 +193,22 @@ export const monitor: Partial<MonitorConfig> = {
     recentErrors: 100,
     recentJobs: 100,
     recentQueries: 100,
+    recentCommands: 100,
+    recentScheduledTasks: 100,
+    recentNotifications: 100,
+    recentMail: 100,
+    recentCacheOps: 100,
+    recentOutgoingRequests: 100,
+    recentLogs: 100,
+  },
+
+  storage: {
+    driver: config.get("MONITOR_STORAGE", "memory") as
+      | "memory"
+      | "file"
+      | "redis"
+      | "database",
+    file: { path: config.get("MONITOR_STORAGE_PATH", "storage/monitor") },
   },
 
   alerts: {
@@ -258,13 +280,14 @@ The `/_monitor` path is excluded from request metric collection so the dashboard
 | --------------- | ------------------------------------------------------------------- |
 | Requests        | Auto — `MonitorMiddleware` records every request                    |
 | Exceptions      | Auto — `ErrorCollector` + `MonitorErrorMiddleware`                  |
-| Queries         | Manual — call `Monitor.recordQuery({ ... })` from your ORM hook     |
-| Jobs            | Manual — call `Monitor.recordJob({ ... })` or hook `Queue.events`   |
+| Queries         | Auto when `collectors.database.enabled` — ORM query hooks           |
+| Jobs            | Auto when `collectors.queue.enabled` — `Queue` records job events   |
+| Commands        | Auto when `collectors.commands.enabled` — console kernel records runs |
+| Scheduled Tasks | Auto when `collectors.schedule.enabled` — scheduler records runs    |
 | Mail            | Auto when `collectors.mail.enabled` — wraps the `Mail` facade       |
 | Cache           | Auto when `collectors.cache.enabled` — wraps `Cache.get/put/forget` |
-| Outgoing        | Auto when `collectors.outgoing.enabled` — patches global `fetch`    |
-| Commands        | Manual — `Monitor.recordCommand({ ... })` from your console kernel  |
-| Scheduled Tasks | Manual — `Monitor.recordScheduledTask({ ... })` from the runner     |
+| Outgoing        | Auto when `collectors.outgoing.enabled` — axios + `fetch` patch     |
+| Logs            | Auto when `collectors.logs.enabled` — framework logger integration  |
 | Notifications   | Manual — `Monitor.recordNotification({ ... })` after dispatch       |
 
 ---

package/final-documentation/Getting-Started/Frontend.md

@@ -156,11 +156,20 @@ Vite is the default bundler: fast builds and Hot Module Replacement (HMR) during
 
 For Blade tags, `public/hot`, manifest resolution, and troubleshooting, see [Asset-bundling.md](../The Basics/Asset-bundling.md).
 
-Local workflow — start the asset server before the HTTP server:
+Local workflow — use two terminals:
 
 ```bash
-bun run watch   # or: npm run watch  → runs Vite
-bun run dev     # or: npm run dev     → runs the Express app
+# Terminal 1 — backend (recommended: Laravel-style watcher)
+bun artisanNode serve
+
+# Terminal 2 — Vite assets (writes public/hot)
+bun run watch   # or: npm run watch
+```
+
+Alternative backend command:
+
+```bash
+bun run dev     # or: npm run dev  → bun --watch server.ts (simpler, no serve watcher)
 ```
 
 Production-style build:

package/final-documentation/Getting-Started/Installation.md

@@ -224,6 +224,14 @@ This starts Vite in watch mode (React/Vue, Tailwind, hot reload, etc.). Let it k
 
 In a second terminal, from the same project root:
 
+```bash
+bun artisanNode serve
+```
+
+This is the recommended dev server: it watches backend files, reloads silently, keeps the same port, and reacts to `public/hot` when Vite starts.
+
+Alternative (simpler, without the Laravel-style watcher):
+
 ```bash
 bun run dev
 ```
@@ -234,7 +242,7 @@ or:
 npm run dev
 ```
 
-This usually runs `bun --watch server.ts` (when using Bun) or the `dev` script from `package.json`, which boots Express and your bootstrap pipeline.
+This runs `bun --watch server.ts`, which boots Express and your bootstrap pipeline with Bun's built-in file watcher.
 
 ### 7.3 Open the app
 
@@ -267,7 +275,7 @@ Use `bun artisanNode list` or `bun artisanNode help [command]` to see commands (
 - [ ] `.env` exists and is filled in for your machine (starter projects already have the file; cloned repos may need `cp .env.example .env`)
 - [ ] `bun artisanNode key:generate` has set `JWT_SECRET` (required for JWT auth)
 - [ ] `bun artisanNode migrate` completed (or you intentionally skip DB for now)
-- [ ] `watch` then `dev` both run without crashing (`bun run` / `npm run` as you prefer)
+- [ ] `watch` then `serve` (or `dev`) both run without crashing (`bun run` / `npm run` as you prefer)
 - [ ] Browser loads `http://localhost:<PORT>`
 
 ---
@@ -287,7 +295,7 @@ Use `bun artisanNode list` or `bun artisanNode help [command]` to see commands (
 
 - [Configuration.md](./Configuration.md) — `.env`, `app/Config`, and how values are loaded at runtime
 - [Directory-structure.md](./Directory-structure.md) — Project folders and what each is for
-- [Frontend.md](./Frontend.md) — Why `watch` runs before `dev` (Vite + Inertia)
+- [Frontend.md](./Frontend.md) — Why `watch` runs alongside `serve` (Vite + Inertia)
 - [Deployment.md](./Deployment.md) — Production `.env`, builds, migrations, and process management
 - `docs/docs-for-dev.md` — broad framework guide (routing, Eloquent, validation, queues, etc.)
 - `docs/getting-started.md` — shorter orientation

package/final-documentation/JCC-Eloquent/Defining-Model.md

@@ -279,7 +279,7 @@ Route.middleware(["apiAuth"]).get("/me", async (req) => {
 If `hasToken` is not enabled on the model:
 
 ```text
-ModelTokenError: User Missing required token. Please set 'protected hasToken = true' .
+ModelTokenError: User Model Missing required token. Please set 'protected hasToken = true' .
 ```
 
 The global error handler returns `500` with the error message for `ModelTokenError`.

package/final-documentation/JCC-Eloquent/JCC-Eloquent-Introduction.md

@@ -111,7 +111,7 @@ export class User extends Model {
 Model-level pagination helper exists:
 
 ```typescript
-const page = await User.paginate(req, 15);
+const page = await User.paginate(15);
 ```
 
 This returns `data` plus pagination metadata/links.

package/final-documentation/JCC-Eloquent/Pagination.md

@@ -4,16 +4,18 @@
 
 JCC-Eloquent provides pagination at both model and builder level.
 
-Both methods read `request.query.page` and return `data` + pagination metadata.
+Pagination reads the current HTTP request via the global `request()` helper — you do **not** pass `req` as the first argument. Page number comes from `request().query.page` (default `1`). Link URLs use `request().protocol`, host, and path.
+
+Both methods return `data` + pagination metadata.
 
 ---
 
 ## Model pagination
 
-`Model.paginate(request, perPage?)`:
+`Model.paginate(perPage?, page?)`:
 
 ```typescript
-const paginatedUsers = await User.paginate(req, 15);
+const paginatedUsers = await User.paginate(15);
 ```
 
 This returns:
@@ -31,7 +33,7 @@ Builder pagination works on filtered queries:
 ```typescript
 const page = await User.where("active", true)
   .orderBy("created_at", "desc")
-  .paginate(req, 20);
+  .paginate(20);
 ```
 
 Use this when pagination must respect custom constraints.
@@ -43,7 +45,7 @@ Use this when pagination must respect custom constraints.
 `simplePaginate` uses offset pagination without running a `COUNT(*)` query — faster for large tables when you don't need a total count:
 
 ```typescript
-const page = await User.where("active", true).simplePaginate(req, 15);
+const page = await User.where("active", true).simplePaginate(15);
 ```
 
 Response shape:
@@ -70,7 +72,7 @@ No `total` or `total_pages` — just whether there is a next page.
 `cursorPaginate` implements keyset (cursor-based) pagination — stable and O(1) for any page depth, regardless of table size:
 
 ```typescript
-const page = await User.orderBy("id").cursorPaginate(req, 20);
+const page = await User.orderBy("id").cursorPaginate(20);
 ```
 
 Response shape:
@@ -112,7 +114,7 @@ Pass the next page by forwarding `?cursor=<token>` from `meta.next_cursor`.
 For full manual control:
 
 ```typescript
-const currentPage = Number(req.query.page || 1);
+const currentPage = Number(request().query?.page || 1);
 const perPage = 20;
 const offset = (currentPage - 1) * perPage;
 
@@ -131,7 +133,8 @@ const rows = await User.orderBy("id", "desc").offset(offset).limit(perPage).get(
 
 ## Summary
 
-- Use `paginate(req, perPage)` for standard pagination with total counts and page links.
-- Use `simplePaginate(req, perPage)` for large tables where you don't need a total count.
-- Use `cursorPaginate(req, perPage)` for high-performance, stable pagination on large or frequently-updated tables.
+- Use `paginate(perPage)` for standard pagination with total counts and page links.
+- Use `simplePaginate(perPage)` for large tables where you don't need a total count.
+- Use `cursorPaginate(perPage)` for high-performance, stable pagination on large or frequently-updated tables.
+- Pagination uses the global `request()` helper for page number and link generation — call it inside a route handler or middleware context.
 - Use `offset` + `limit` only for fully custom paging flows.

package/final-documentation/JCC-Eloquent/Query-Builder.md

@@ -258,7 +258,7 @@ await User.where("id", 1).updateJson("preferences.notifications.email", false);
 For large datasets where `COUNT(*)` is too slow, use cursor-based (keyset) pagination:
 
 ```typescript
-const page = await User.orderBy("id").cursorPaginate(req, 20);
+const page = await User.orderBy("id").cursorPaginate(20);
 ```
 
 Response shape:
@@ -291,7 +291,7 @@ Pass the next page by forwarding `?cursor=<token>` from `meta.next_cursor`.
 Offset pagination without a `COUNT(*)` query — faster for large tables:
 
 ```typescript
-const page = await User.where("active", true).simplePaginate(req, 15);
+const page = await User.where("active", true).simplePaginate(15);
 ```
 
 Response:

package/final-documentation/Security/Authentication.md

@@ -101,9 +101,43 @@ Route.middleware(["loginThrottle"]).post("/auth/login", async (req, res, next) =
 Route.middleware(["auth"]).get("/home", homeHandler);
 ```
 
-### API token login (model `createToken`)
+### API token login (`apiAttempt`)
 
-For stateless API clients, issue a bearer token from a model instance instead of cookie login:
+For stateless API clients, use `auth().apiAttempt()` to validate credentials and issue a bearer token in one step:
+
+```typescript
+Route.post("/api/login", async () => {
+  const result = await auth().apiAttempt({ field: "email", table: "User" });
+
+  if (!result.success) {
+    return response().status(401).json({ message: result.message });
+  }
+
+  return {
+    token: result.token,
+    user: result.user,
+  };
+});
+
+Route.middleware(["apiAuth"]).get("/api/me", async (req) => {
+  return { user: req.user };
+});
+```
+
+`apiAttempt` options:
+
+| Field | Default | Description |
+|---|---|---|
+| `field` | `"email"` | Request input key to match (`email`, `phone`, `username`, etc.) |
+| `table` | `"User"` | Model name resolved via `getModel()` |
+
+The request body must include the credential field and `password`. On success, returns `{ success: true, token, user, message }`. On failure, returns `{ success: false, token: null, user: null, message: "Invalid credentials" }`.
+
+The model must have `protected hasToken = true`. User lookup and password verification are shared with session login via `findUserForAuth()`.
+
+### Manual token login (`createToken`)
+
+You can also issue a token manually after your own credential check:
 
 ```typescript
 import { User } from "@/Model/User";
@@ -120,13 +154,13 @@ Route.middleware(["apiAuth"]).get("/api/me", async (req) => {
 });
 ```
 
-The model must have `protected hasToken = true`. Full details: [Defining-Model.md](../JCC-Eloquent/Defining-Model.md#api-tokens-createtoken).
+Full `createToken` details: [Defining-Model.md](../JCC-Eloquent/Defining-Model.md#api-tokens-createtoken).
 
 ---
 
 ## Summary
 
 - Authentication uses JWT cookies with rotating refresh tokens.
-- Use `Auth.attempt(next)` for login, `auth`/`apiAuth` middleware for protection.
-- For API bearer tokens, enable `hasToken` on the model and call `createToken()` — `apiAuth` reloads the user from JWT claims.
+- Use `Auth.attempt(next)` for cookie login, `auth().apiAttempt()` for API email/password + bearer token, and `auth`/`apiAuth` middleware for protection.
+- For manual API tokens, enable `hasToken` on the model and call `createToken()` — `apiAuth` reloads the user from JWT claims.
 - `Auth.logout()` clears auth state and redirects to login.

package/final-documentation/The Basics/Artisan-Node.md

@@ -60,12 +60,29 @@ bun artisanNode db:wipe
 ## Dev server
 
 ```bash
-bun artisanNode serve              # start the dev server with a file watcher (entry: server.ts)
+bun artisanNode serve              # Laravel-style dev server with file watcher (entry: server.ts)
 bun artisanNode serve app.ts       # use a different entry file
 bun artisanNode watch              # alias of `serve`
 ```
 
-`serve` (alias `watch`) boots the app under a file watcher and restarts on change — the same thing `npm run dev` runs. It takes an optional entry file argument (defaults to `server.ts`).
+`serve` (alias `watch`) is the recommended backend dev command. It:
+
+- watches backend paths (`app/`, `route/`, `jcc-express-mvc/`, `resources/views/`, etc.)
+- reloads **silently** on code changes (no terminal clear, no restart banner)
+- keeps the same `PORT` from `.env` across restarts
+- watches `public/hot` so the backend picks up Vite when the dev asset server starts
+
+Run Vite separately for frontend assets:
+
+```bash
+# Terminal 1 — backend (file watcher + Express)
+bun artisanNode serve
+
+# Terminal 2 — frontend (Vite HMR, writes public/hot)
+npm run watch
+```
+
+`npm run dev` (`bun --watch server.ts`) is a simpler alternative without the Laravel-style watcher. Prefer `bun artisanNode serve` when you want silent reloads, stable ports, and `public/hot` integration.
 
 ---
 

package/final-documentation/The Basics/Asset-bundling.md

@@ -15,11 +15,12 @@ For Inertia, SSR, and the HTTP kernel’s `inertia()` middleware, see `Getting-S
 Typical `package.json` scripts:
 
 - `watch` — Runs `vite` (dev server, HMR, writes `public/hot`).
-- `dev` — Runs the Node/Bun HTTP app (`server.ts`); use alongside `watch` during local UI work.
+- `dev` — Runs `bun --watch server.ts` (simple backend reload; no Laravel-style watcher).
+- `serve` — Run via `bun artisanNode serve` (recommended backend dev server; see `Artisan-Node.md`).
 - `vite-build` — `vite build` plus `vite build --ssr` when you ship SSR (adjust to your app).
 - `build` — TypeScript compile (`tsc`) for the server codebase; not a substitute for `vite-build`.
 
-Start Vite before hitting pages that use `@vite`, or the template layer will not resolve the dev server URL.
+Start Vite before hitting pages that use `@vite`, or refresh after `public/hot` appears. The template layer reads `public/hot` on each request in development.
 
 ---
 
@@ -41,13 +42,13 @@ Add or change `input` when you create new entrypoints. Tailwind and React (or Vu
 
 ## `public/hot` and the dev server
 
-In non-production, `EngineHelpers` reads `public/hot` (first line is the Vite origin, e.g. `http://127.0.0.1:5173`). That value becomes `viteHost` for:
+In non-production, `EngineHelpers` reads `public/hot` on **each render** (first line is the Vite origin, e.g. `http://127.0.0.1:5173`). That value becomes `viteHost` for:
 
 - Module `<script>` tags pointing at your entries.
 - Optional link to the CSS entry when you pass more than one resource in `@vite` (first entry is treated as CSS in dev in that case).
 - Injection of `/@vite/client` for HMR.
 
-If `hot` is missing, tags may point at an empty base—run `npm run watch` / `bun run watch`.
+If `hot` is missing, tags may point at an empty base — run `npm run watch` / `bun run watch`. After Vite creates `public/hot`, refresh the page (or use `bun artisanNode serve`, which watches `public/hot` and reloads the backend when Vite starts).
 
 ---
 

package/lib/Application/ApplicationBuilder.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ApplicationBuilder.d.ts","sourceRoot":"","sources":["../../../jcc-express-mvc/lib/Application/ApplicationBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAG/D,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAU3C,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAEzC,qBAAa,kBAAkB;IACtB,GAAG,EAAE,WAAW,CAAC;gBAEZ,GAAG,EAAE,WAAW;IAIrB,UAAU,CAAC,MAAM,EAAE,GAAG;IAKtB,UAAU,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;IAMtC,WAAW,CAAC,WAAW,EAAE,WAAW,EAAE;IAOtC,aAAa,CAClB,SAAS,EAAE,KAAK,CAAC,KAAK,GAAG,EAAE,WAAW,KAAK,eAAe,CAAC;IA2B7D,OAAO,CAAC,UAAU;IAMlB,OAAO,CAAC,gBAAgB;IAIjB,WAAW;IAKX,cAAc,CAAC,oBAAoB,GAAE,cAAc,EAAO;IAY1D,MAAM;CAKd"}
+{"version":3,"file":"ApplicationBuilder.d.ts","sourceRoot":"","sources":["../../../jcc-express-mvc/lib/Application/ApplicationBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAI/D,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAU3C,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAEzC,qBAAa,kBAAkB;IACtB,GAAG,EAAE,WAAW,CAAC;gBAEZ,GAAG,EAAE,WAAW;IAIrB,UAAU,CAAC,MAAM,EAAE,GAAG;IAKtB,UAAU,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;IAMtC,WAAW,CAAC,WAAW,EAAE,WAAW,EAAE;IAOtC,aAAa,CAClB,SAAS,EAAE,KAAK,CAAC,KAAK,GAAG,EAAE,WAAW,KAAK,eAAe,CAAC;IA4B7D,OAAO,CAAC,UAAU;IAMlB,OAAO,CAAC,gBAAgB;IAIjB,WAAW;IAKX,cAAc,CAAC,oBAAoB,GAAE,cAAc,EAAO;IAY1D,MAAM;CAKd"}

package/lib/Application/ApplicationBuilder.js

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ApplicationBuilder = void 0;
 const DatabaseServiceProvider_1 = require("../Database/DatabaseServiceProvider");
+const PrismaServiceProvider_1 = require("../Database/PrismaServiceProvider");
 const Middleware_1 = require("../Middleware");
 const NodeArtisanCommand_1 = require("../Command-Line/NodeArtisanCommand");
 const helpers_1 = require("../Global/helpers");
@@ -40,6 +41,7 @@ class ApplicationBuilder {
         const chain = [
             LogServiceProvider_1.LogServiceProvider,
             DatabaseServiceProvider_1.DatabaseServiceProvider,
+            PrismaServiceProvider_1.PrismaServiceProvider,
             SessionServiceProvider_1.SessionServiceProvider,
             CacheServiceProvider_1.CacheServiceProvider,
             ...ordered,

package/lib/Auth/index.d.ts

@@ -1,5 +1,6 @@
 import { AppRequest, AppResponse, AppNext } from "../Interface";
 import { type IRefreshTokenStore } from "./refreshTokenStore";
+import { ApiAuthResponse, ApiAuthType } from "./type";
 export declare class Authentication {
     private static refreshStore;
     /** Use a shared store (e.g. Redis) when running multiple app instances. */
@@ -12,6 +13,7 @@ export declare class Authentication {
     private static setTokens;
     /** Handle user login attempt */
     static attempt(next: AppNext, redirect?: string): Promise<void>;
+    static apiAttempt(data: ApiAuthType): Promise<ApiAuthResponse>;
     /**
      * After the user is resolved (e.g. OAuth via Socialite), issue JWT cookies
      * and redirect or JSON response like {@link Authentication.attempt}.

package/lib/Auth/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../jcc-express-mvc/lib/Auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAgBhE,OAAO,EAEL,KAAK,kBAAkB,EACxB,MAAM,qBAAqB,CAAC;AAsB7B,qBAAa,cAAc;IACzB,OAAO,CAAC,MAAM,CAAC,YAAY,CAAgD;IAE3E,2EAA2E;IAC3E,MAAM,CAAC,oBAAoB,CAAC,KAAK,EAAE,kBAAkB,GAAG,IAAI;IAI5D,qDAAqD;IACrD,OAAO,CAAC,MAAM,CAAC,cAAc;IAc7B,0DAA0D;mBACrC,OAAO;IAqB5B,wFAAwF;IACxF,OAAO,CAAC,MAAM,CAAC,SAAS;IA0BxB,gCAAgC;WACnB,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,GAAE,MAAgB;IA2B9D;;;OAGG;WACU,aAAa,CACxB,GAAG,EAAE,UAAU,EACf,GAAG,EAAE,WAAW,EAChB,MAAM,EAAE,MAAM,GAAG,MAAM,EACvB,QAAQ,GAAE,MAAgB,GACzB,OAAO,CAAC,IAAI,CAAC;IA4BhB,+BAA+B;WAClB,YAAY,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO;IAsC1E,qBAAqB;IACrB,MAAM,CAAC,MAAM;IAsBb,4FAA4F;IAC5F,MAAM,CAAC,KAAK,IAAI,OAAO;IAWvB,MAAM,CAAC,IAAI;IAIX,MAAM,CAAC,EAAE;WAII,WAAW,CACtB,MAAM,EAAE,MAAM,GAAG,MAAM,EACvB,QAAQ,GAAE,MAAgB;CAI7B"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../jcc-express-mvc/lib/Auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAkBhE,OAAO,EAEL,KAAK,kBAAkB,EACxB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AAsBtD,qBAAa,cAAc;IACzB,OAAO,CAAC,MAAM,CAAC,YAAY,CAAgD;IAE3E,2EAA2E;IAC3E,MAAM,CAAC,oBAAoB,CAAC,KAAK,EAAE,kBAAkB,GAAG,IAAI;IAI5D,qDAAqD;IACrD,OAAO,CAAC,MAAM,CAAC,cAAc;IAc7B,0DAA0D;mBACrC,OAAO;IAS5B,wFAAwF;IACxF,OAAO,CAAC,MAAM,CAAC,SAAS;IA0BxB,gCAAgC;WACnB,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,GAAE,MAAgB;WA2BjD,UAAU,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,eAAe,CAAC;IAwBpE;;;OAGG;WACU,aAAa,CACxB,GAAG,EAAE,UAAU,EACf,GAAG,EAAE,WAAW,EAChB,MAAM,EAAE,MAAM,GAAG,MAAM,EACvB,QAAQ,GAAE,MAAgB,GACzB,OAAO,CAAC,IAAI,CAAC;IA4BhB,+BAA+B;WAClB,YAAY,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO;IAsC1E,qBAAqB;IACrB,MAAM,CAAC,MAAM;IAsBb,4FAA4F;IAC5F,MAAM,CAAC,KAAK,IAAI,OAAO;IAWvB,MAAM,CAAC,IAAI;IAIX,MAAM,CAAC,EAAE;WAII,WAAW,CACtB,MAAM,EAAE,MAAM,GAAG,MAAM,EACvB,QAAQ,GAAE,MAAgB;CAI7B"}

package/lib/Auth/index.js

@@ -2,9 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Authentication = void 0;
 const util_1 = require("../util");
-const Config_1 = require("../Config/Config");
 const ValidationException_v2_1 = require("../Error/ValidationException-v2");
-const Jcc_eloquent_1 = require("../Jcc-eloquent");
 const refreshTokenStore_1 = require("./refreshTokenStore");
 const REFRESH_TTL_MS = 7 * 24 * 60 * 60 * 1000;
 const ACCESS_MAX_AGE_MS = 60 * 60 * 1000;
@@ -47,20 +45,7 @@ class Authentication {
         const field = this.getCredentials(data);
         if (!Object.keys(field).length)
             return { user: null, field: "email" };
-        let user = null;
-        const orm = Config_1.config.get("DB_ORM");
-        if (orm === "mongodb" || orm === "mongoose") {
-            user = await User.findOne(field).select("+password");
-        }
-        else if (orm === "sequelize") {
-            user = await User.findOne({ where: field });
-        }
-        else {
-            // JCC ORM
-            user = await Jcc_eloquent_1.DB.table("users")
-                .where(Object.keys(field)[0], Object.values(field)[0])
-                .first();
-        }
+        let user = await (0, util_1.findUserForAuth)(User, field);
         return { user, field: Object.keys(field)[0] || "email" };
     }
     /** Generate and attach tokens to cookies (refresh is rotated server-side via `jti`). */
@@ -100,6 +85,20 @@ class Authentication {
             next(error);
         }
     }
+    static async apiAttempt(data) {
+        data = data || { field: "email", model: "User" };
+        const input = request().input(data.field || "");
+        const password = request().input("password");
+        const { [data.model]: Model } = (0, util_1.getModel)(data.model);
+        let user = await (0, util_1.findUserForAuth)(Model, { [data.field]: input });
+        if (!user) {
+            return (0, util_1.authResponseMessages)(false, "Invalid credentials", null, null);
+        }
+        if (!(await (0, util_1.verifyHash)(password, user?.password || ""))) {
+            return (0, util_1.authResponseMessages)(false, "Invalid credentials", null, null);
+        }
+        return (0, util_1.authResponseMessages)(true, "Login successful", user?.toJSON(), user.createToken());
+    }
     /**
      * After the user is resolved (e.g. OAuth via Socialite), issue JWT cookies
      * and redirect or JSON response like {@link Authentication.attempt}.

package/lib/Auth/type.d.ts

@@ -0,0 +1,11 @@
+export type ApiAuthType = {
+    field?: string;
+    model?: string;
+};
+export type ApiAuthResponse = {
+    success: boolean;
+    user: Record<string, any> | null;
+    token: string | null;
+    message: string;
+};
+//# sourceMappingURL=type.d.ts.map

package/lib/Auth/type.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"type.d.ts","sourceRoot":"","sources":["../../../jcc-express-mvc/lib/Auth/type.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,WAAW,GAAG;IACxB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI,CAAC;IACjC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC"}

package/lib/Auth/type.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/Command-Line/MakeCommand.d.ts

@@ -3,6 +3,7 @@ export declare class MakeCommand {
     createController(controllerName: string, modelName?: boolean): any;
     createApiController(controllerName: string, modelName?: boolean): any;
     createModel(modelName: string): any;
+    createResource(name: string): void;
     createRequest(requestName: string): any;
     createMigration(migrationName: string, optionalTable: string): any;
     createSeeder(name: string): any;

package/lib/Command-Line/MakeCommand.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"MakeCommand.d.ts","sourceRoot":"","sources":["../../../jcc-express-mvc/lib/Command-Line/MakeCommand.ts"],"names":[],"mappings":"AAmCA,qBAAa,WAAW;IACtB,OAAO,CAAC,aAAa,CAA0C;IAE/D,gBAAgB,CAAC,cAAc,EAAE,MAAM,EAAE,SAAS,UAAQ,GAAG,GAAG;IAsChE,mBAAmB,CAAC,cAAc,EAAE,MAAM,EAAE,SAAS,UAAQ,GAAG,GAAG;IAkDnE,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,GAAG;IAuBnC,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,GAAG;IA4BvC,eAAe,CAAC,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,GAAG;IA4BlE,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,GAAG;IA2B/B,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,GAAG;IA8B/B,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG;IA8B3B,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,GAAG;IAmC1D,gBAAgB;IA+BhB,kBAAkB;IAyBlB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,GAAG;IAiCjD,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,GAAG;IAmC/C,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,GAAG,GAAG;IAmC1D,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IA+BjC,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI;IA+BpD,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAiC7B,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IA8BhC,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,GAAG;CAkCrC"}
+{"version":3,"file":"MakeCommand.d.ts","sourceRoot":"","sources":["../../../jcc-express-mvc/lib/Command-Line/MakeCommand.ts"],"names":[],"mappings":"AAoCA,qBAAa,WAAW;IACtB,OAAO,CAAC,aAAa,CAA0C;IAE/D,gBAAgB,CAAC,cAAc,EAAE,MAAM,EAAE,SAAS,UAAQ,GAAG,GAAG;IAsChE,mBAAmB,CAAC,cAAc,EAAE,MAAM,EAAE,SAAS,UAAQ,GAAG,GAAG;IAkDnE,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,GAAG;IAuBnC,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAuClC,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,GAAG;IA4BvC,eAAe,CAAC,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,GAAG;IA4BlE,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,GAAG;IA2B/B,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,GAAG;IA8B/B,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG;IA8B3B,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,GAAG;IAmC1D,gBAAgB;IA+BhB,kBAAkB;IAyBlB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,GAAG;IAiCjD,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,GAAG;IAmC/C,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,GAAG,GAAG;IAmC1D,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IA+BjC,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI;IA+BpD,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAiC7B,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IA8BhC,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,GAAG;CAkCrC"}

package/lib/Command-Line/MakeCommand.js

@@ -1,4 +1,37 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -28,6 +61,7 @@ const Service_1 = __importDefault(require("./files/Service"));
 const Repository_1 = __importDefault(require("./files/Repository"));
 const Dto_1 = __importDefault(require("./files/Dto"));
 const Action_1 = __importDefault(require("./files/Action"));
+const Resource_1 = __importStar(require("./files/Resource"));
 const Config_1 = require("../Config/Config");
 const rootPath = app_root_path_1.default.path;
 /** Convert PascalCase to kebab-case (e.g. SendEmails -> send:emails) */
@@ -115,6 +149,34 @@ class MakeCommand {
             return console.log(colors_1.default.red(`${modelName} model not added`)); // Log error if model addition fails
         }
     }
+    createResource(name) {
+        try {
+            if (!name) {
+                console.log(colors_1.default.red("Please give a name for your resource"));
+                return;
+            }
+            const { className, filePath } = (0, Resource_1.parseResourceName)(name);
+            const resourcePath = path_1.default.resolve(`${rootPath}/app/Http/Resources`);
+            if (!fs_1.default.existsSync(resourcePath)) {
+                fs_1.default.mkdirSync(resourcePath, { recursive: true });
+            }
+            const targetDir = path_1.default.dirname(path_1.default.resolve(resourcePath, filePath));
+            if (!fs_1.default.existsSync(targetDir)) {
+                fs_1.default.mkdirSync(targetDir, { recursive: true });
+            }
+            const resourceFile = path_1.default.resolve(resourcePath, `${filePath}.${this.fileExtension}`);
+            if (fs_1.default.existsSync(resourceFile)) {
+                console.log(colors_1.default.yellow(`${className} already exists`));
+                return;
+            }
+            fs_1.default.writeFileSync(resourceFile, (0, Resource_1.default)(className));
+            console.log(colors_1.default.green(`${className} created successfully [${resourceFile}]`));
+        }
+        catch (err) {
+            console.log(colors_1.default.red(`${name} resource not created`));
+            console.log(err.message);
+        }
+    }
     createRequest(requestName) {
         try {
             if (!requestName) {

package/lib/Command-Line/NodeArtisanCommand.d.ts

@@ -12,6 +12,7 @@ export declare class ConsoleKernel {
     private _watch;
     private _app;
     private _cache;
+    private _prisma;
     private get migrate();
     private get db();
     private get make();
@@ -19,6 +20,7 @@ export declare class ConsoleKernel {
     private get schedule();
     private get watch();
     private get cache();
+    private get prisma();
     private app;
     constructor();
     /** Load user commands from app/Console/Command (guarded, non-blocking for missing dir) */