npm - lapeeh - Versions diffs - 1.0.0 - Mend

lapeeh 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

package/.env.example +14 -0
package/LICENSE +21 -0
package/bin/index.js +934 -0
package/doc/en/ARCHITECTURE_GUIDE.md +79 -0
package/doc/en/CHANGELOG.md +203 -0
package/doc/en/CHEATSHEET.md +90 -0
package/doc/en/CLI.md +111 -0
package/doc/en/CONTRIBUTING.md +119 -0
package/doc/en/DEPLOYMENT.md +171 -0
package/doc/en/FAQ.md +69 -0
package/doc/en/FEATURES.md +99 -0
package/doc/en/GETTING_STARTED.md +84 -0
package/doc/en/INTRODUCTION.md +62 -0
package/doc/en/PACKAGES.md +63 -0
package/doc/en/PERFORMANCE.md +98 -0
package/doc/en/ROADMAP.md +104 -0
package/doc/en/SECURITY.md +95 -0
package/doc/en/STRUCTURE.md +79 -0
package/doc/en/TUTORIAL.md +145 -0
package/doc/id/ARCHITECTURE_GUIDE.md +76 -0
package/doc/id/CHANGELOG.md +203 -0
package/doc/id/CHEATSHEET.md +90 -0
package/doc/id/CLI.md +139 -0
package/doc/id/CONTRIBUTING.md +119 -0
package/doc/id/DEPLOYMENT.md +171 -0
package/doc/id/FAQ.md +69 -0
package/doc/id/FEATURES.md +169 -0
package/doc/id/GETTING_STARTED.md +91 -0
package/doc/id/INTRODUCTION.md +62 -0
package/doc/id/PACKAGES.md +63 -0
package/doc/id/PERFORMANCE.md +100 -0
package/doc/id/ROADMAP.md +107 -0
package/doc/id/SECURITY.md +94 -0
package/doc/id/STRUCTURE.md +79 -0
package/doc/id/TUTORIAL.md +145 -0
package/docker-compose.yml +24 -0
package/ecosystem.config.js +17 -0
package/eslint.config.mjs +26 -0
package/gitignore.template +30 -0
package/lib/bootstrap.ts +210 -0
package/lib/core/realtime.ts +34 -0
package/lib/core/redis.ts +139 -0
package/lib/core/serializer.ts +63 -0
package/lib/core/server.ts +70 -0
package/lib/core/store.ts +116 -0
package/lib/middleware/auth.ts +63 -0
package/lib/middleware/error.ts +50 -0
package/lib/middleware/multipart.ts +13 -0
package/lib/middleware/rateLimit.ts +14 -0
package/lib/middleware/requestLogger.ts +27 -0
package/lib/middleware/visitor.ts +178 -0
package/lib/utils/logger.ts +100 -0
package/lib/utils/pagination.ts +56 -0
package/lib/utils/response.ts +88 -0
package/lib/utils/validator.ts +394 -0
package/nodemon.json +6 -0
package/package.json +126 -0
package/readme.md +357 -0
package/scripts/check-update.js +92 -0
package/scripts/config-clear.js +45 -0
package/scripts/generate-jwt-secret.js +38 -0
package/scripts/init-project.js +84 -0
package/scripts/make-module.js +89 -0
package/scripts/release.js +494 -0
package/scripts/seed-json.js +158 -0
package/scripts/verify-rbac-functional.js +187 -0
package/src/config/app.ts +9 -0
package/src/config/cors.ts +5 -0
package/src/modules/Auth/auth.controller.ts +519 -0
package/src/modules/Rbac/rbac.controller.ts +533 -0
package/src/routes/auth.ts +74 -0
package/src/routes/index.ts +7 -0
package/src/routes/rbac.ts +42 -0
package/storage/logs/.gitkeep +0 -0
package/tsconfig.build.json +12 -0
package/tsconfig.json +30 -0

package/scripts/seed-json.js ADDED Viewed

@@ -0,0 +1,158 @@
+const fs = require('fs');
+const path = require('path');
+const bcrypt = require('bcryptjs');
+const { v4: uuidv4 } = require('uuid');
+const DB_PATH = path.join(__dirname, '../database.json');
+async function seed() {
+  console.log('🌱 Seeding database.json...');
+  let store = {
+    users: [],
+    roles: [],
+    permissions: [],
+    user_roles: [],
+    role_permissions: [],
+    user_permissions: []
+  };
+  // Load existing if any (optional, but we'll overwrite for seed)
+  // if (fs.existsSync(DB_PATH)) {
+  //   store = JSON.parse(fs.readFileSync(DB_PATH, 'utf-8'));
+  // }
+  const passwordHash = await bcrypt.hash('password123', 10);
+  // 1. Seed Users
+  const usersData = [
+    { name: "Super Admin", email: "sa@sa.com", roleSlug: "super_admin" },
+    { name: "Admin User", email: "a@a.com", roleSlug: "admin" },
+    { name: "Regular User", email: "u@u.com", roleSlug: "user" }
+  ];
+  for (const u of usersData) {
+    const user = {
+      id: (store.users.length + 1).toString(),
+      uuid: uuidv4(),
+      name: u.name,
+      email: u.email,
+      password: passwordHash,
+      created_at: new Date(),
+      updated_at: new Date(),
+      avatar: null,
+      avatar_url: null,
+      email_verified_at: null,
+      remember_token: null
+    };
+    store.users.push(user);
+    console.log(`Created user: ${user.name}`);
+  }
+  // 2. Seed Roles
+  const rolesData = [
+    { name: "Super Admin", slug: "super_admin", description: "Full access to all resources" },
+    { name: "Admin", slug: "admin", description: "Administrator" },
+    { name: "User", slug: "user", description: "Regular user" }
+  ];
+  for (const r of rolesData) {
+    const role = {
+      id: (store.roles.length + 1).toString(),
+      name: r.name,
+      slug: r.slug,
+      description: r.description,
+      created_at: new Date(),
+      updated_at: new Date()
+    };
+    store.roles.push(role);
+    console.log(`Created role: ${role.name}`);
+  }
+  // 3. Seed Permissions
+  const permissionsData = [
+    { name: "Manage Users", slug: "users.manage", description: "Create, update, and delete users" },
+    { name: "Create Users", slug: "users.create", description: "Create users" },
+    { name: "View Users", slug: "users.view", description: "View users" },
+    { name: "Update Users", slug: "users.update", description: "Update users" },
+    { name: "Delete Users", slug: "users.delete", description: "Delete users" },
+    { name: "Manage Roles", slug: "roles.manage", description: "Create, update, and delete roles" },
+    { name: "Manage Permissions", slug: "permissions.manage", description: "Create, update, and delete permissions" },
+    { name: "Manage Profiles", slug: "profiles.manage", description: "Manage user profiles" }
+  ];
+  for (const p of permissionsData) {
+    const perm = {
+      id: (store.permissions.length + 1).toString(),
+      name: p.name,
+      slug: p.slug,
+      description: p.description,
+      created_at: new Date(),
+      updated_at: new Date()
+    };
+    store.permissions.push(perm);
+  }
+  console.log(`Seeded ${store.permissions.length} permissions`);
+  // 4. Link Users to Roles
+  for (const u of usersData) {
+    const user = store.users.find(x => x.email === u.email);
+    const role = store.roles.find(x => x.slug === u.roleSlug);
+    if (user && role) {
+      store.user_roles.push({
+        id: (store.user_roles.length + 1).toString(),
+        user_id: user.id,
+        role_id: role.id,
+        created_at: new Date()
+      });
+    }
+  }
+  // 5. Link Roles to Permissions
+  // Super Admin -> All Permissions
+  const superAdminRole = store.roles.find(r => r.slug === 'super_admin');
+  if (superAdminRole) {
+    for (const p of store.permissions) {
+      store.role_permissions.push({
+        id: (store.role_permissions.length + 1).toString(),
+        role_id: superAdminRole.id,
+        permission_id: p.id,
+        created_at: new Date()
+      });
+    }
+  }
+  // Admin -> Users.*
+  const adminRole = store.roles.find(r => r.slug === 'admin');
+  if (adminRole) {
+    const adminPerms = store.permissions.filter(p => p.slug.startsWith('users.'));
+    for (const p of adminPerms) {
+      store.role_permissions.push({
+        id: (store.role_permissions.length + 1).toString(),
+        role_id: adminRole.id,
+        permission_id: p.id,
+        created_at: new Date()
+      });
+    }
+  }
+  // User -> profiles.manage
+  const userRole = store.roles.find(r => r.slug === 'user');
+  if (userRole) {
+    const userPerms = store.permissions.filter(p => p.slug === 'profiles.manage');
+    for (const p of userPerms) {
+      store.role_permissions.push({
+        id: (store.role_permissions.length + 1).toString(),
+        role_id: userRole.id,
+        permission_id: p.id,
+        created_at: new Date()
+      });
+    }
+  }
+  fs.writeFileSync(DB_PATH, JSON.stringify(store, null, 2));
+  console.log('✅ Database seeded successfully!');
+}
+seed().catch(console.error);

package/scripts/verify-rbac-functional.js ADDED Viewed

@@ -0,0 +1,187 @@
+// const fetch = require('node:fetch'); // Or native fetch in Node 18+
+const BASE_URL = 'http://localhost:8000/api';
+let TOKEN = '';
+let USER_ID = '';
+let ROLE_ID = '';
+let PERMISSION_ID = '';
+async function request(method, endpoint, body = null, token = null) {
+  const headers = { 'Content-Type': 'application/json' };
+  if (token) headers['Authorization'] = `Bearer ${token}`;
+  const config = { method, headers };
+  if (body) config.body = JSON.stringify(body);
+  try {
+    const res = await fetch(`${BASE_URL}${endpoint}`, config);
+    const data = await res.json();
+    return { status: res.status, data };
+  } catch (err) {
+    console.error(`Error requesting ${endpoint}:`, err.message);
+    return null;
+  }
+}
+async function run() {
+  console.log('🚀 Starting RBAC Functional Verification...');
+  // 0. Login as Super Admin
+  console.log('\n0️⃣  Logging in as Super Admin...');
+  const saLogin = await request('POST', '/auth/login', {
+    email: 'sa@sa.com',
+    password: 'string'
+  });
+  let SA_TOKEN = '';
+  if (saLogin?.status === 200) {
+    console.log('✅ SA Login successful');
+    SA_TOKEN = saLogin.data.data.token;
+  } else {
+    console.error('❌ SA Login failed:', JSON.stringify(saLogin?.data));
+    process.exit(1);
+  }
+  // 1. Register User
+  console.log('\n1️⃣  Registering User (Tester)...');
+  const regRes = await request('POST', '/auth/register', {
+    email: 'testrbac@example.com',
+    name: 'RBAC Tester',
+    password: 'password123',
+    confirmPassword: 'password123'
+  });
+  if (regRes?.status === 200 || regRes?.status === 201) {
+    console.log('✅ Registered successfully');
+    USER_ID = regRes.data.data.id;
+  } else if (regRes?.status === 422 && regRes.data.message.includes('Validation error')) {
+     console.log('ℹ️  User might already exist, trying login to get ID...');
+     // Login to get ID
+     const loginRes = await request('POST', '/auth/login', {
+        email: 'testrbac@example.com',
+        password: 'password123'
+      });
+      if (loginRes?.status === 200) {
+        const meRes = await request('GET', '/auth/me', null, loginRes.data.data.token);
+        USER_ID = meRes.data.data.id;
+        console.log('✅ Got existing User ID');
+      }
+  } else {
+    console.error('❌ Registration failed:', JSON.stringify(regRes?.data));
+  }
+  // 2. Login (as Tester) - to verify later
+  console.log('\n2️⃣  Logging in as Tester...');
+  const loginRes = await request('POST', '/auth/login', {
+    email: 'testrbac@example.com',
+    password: 'password123'
+  });
+  if (loginRes?.status === 200) {
+    console.log('✅ Login successful');
+    TOKEN = loginRes.data.data.token;
+  } else {
+    console.error('❌ Login failed:', JSON.stringify(loginRes?.data));
+    process.exit(1);
+  }
+  // 3. Create Role (Using SA Token)
+  console.log('\n3️⃣  Creating Role "tester-role"...');
+  const roleRes = await request('POST', '/rbac/roles', {
+    name: 'Tester Role',
+    slug: 'tester-role',
+    description: 'Role for automated testing'
+  }, SA_TOKEN);
+  if (roleRes?.status === 201 || roleRes?.status === 200) {
+    console.log('✅ Role created');
+    ROLE_ID = roleRes.data.data.id;
+  } else if (roleRes?.status === 422) { // Duplicate?
+     console.log('ℹ️  Role might already exist.');
+     const listRes = await request('GET', '/rbac/roles', null, SA_TOKEN);
+     const found = listRes.data.data.find(r => r.slug === 'tester-role');
+     if (found) {
+        ROLE_ID = found.id;
+        console.log('✅ Found existing role');
+     } else {
+        console.error('❌ Could not create or find role');
+        process.exit(1);
+     }
+  } else {
+    console.error('❌ Create role failed:', JSON.stringify(roleRes?.data));
+    process.exit(1);
+  }
+  // 4. Create Permission (Using SA Token)
+  console.log('\n4️⃣  Creating Permission "test.exec"...');
+  const permRes = await request('POST', '/rbac/permissions', {
+    name: 'Test Execute',
+    slug: 'test.exec',
+    description: 'Permission to execute tests'
+  }, SA_TOKEN);
+  if (permRes?.status === 201 || permRes?.status === 200) {
+    console.log('✅ Permission created');
+    PERMISSION_ID = permRes.data.data.id;
+  } else if (permRes?.status === 422) {
+     const listRes = await request('GET', '/rbac/permissions', null, SA_TOKEN);
+     const found = listRes.data.data.find(p => p.slug === 'test.exec');
+     if (found) {
+        PERMISSION_ID = found.id;
+        console.log('✅ Found existing permission');
+     } else {
+        console.error('❌ Could not create or find permission');
+        process.exit(1);
+     }
+  } else {
+    console.error('❌ Create permission failed:', JSON.stringify(permRes?.data));
+    process.exit(1);
+  }
+  // 5. Assign Permission to Role (Using SA Token)
+  console.log('\n5️⃣  Assigning Permission to Role...');
+  const assignP2R = await request('POST', '/rbac/roles/assign-permission', {
+    roleId: ROLE_ID,
+    permissionId: PERMISSION_ID
+  }, SA_TOKEN);
+  if (assignP2R?.status === 200) {
+    console.log('✅ Permission assigned to role');
+  } else {
+    console.error('❌ Assign permission failed:', JSON.stringify(assignP2R?.data));
+  }
+  // 6. Assign Role to User (Using SA Token)
+  console.log('\n6️⃣  Assigning Role to User...');
+  const assignR2U = await request('POST', '/rbac/users/assign-role', {
+    userId: USER_ID,
+    roleId: ROLE_ID
+  }, SA_TOKEN);
+  if (assignR2U?.status === 200) {
+    console.log('✅ Role assigned to user');
+  } else {
+    console.error('❌ Assign role failed:', JSON.stringify(assignR2U?.data));
+  }
+  // 7. Verify via Profile (Using Tester Token)
+  console.log('\n7️⃣  Verifying Profile...');
+  const profile = await request('GET', '/auth/me', null, TOKEN);
+  console.log('👤 User Profile:', JSON.stringify(profile.data.data));
+  // 8. Cleanup (Using SA Token)
+  console.log('\n8️⃣  Cleaning up...');
+  const delRole = await request('DELETE', `/rbac/roles/${ROLE_ID}`, null, SA_TOKEN);
+  if (delRole?.status === 200) console.log('✅ Role deleted');
+  else console.error('❌ Delete role failed', JSON.stringify(delRole?.data));
+  const delPerm = await request('DELETE', `/rbac/permissions/${PERMISSION_ID}`, null, SA_TOKEN);
+  if (delPerm?.status === 200) console.log('✅ Permission deleted');
+  else console.error('❌ Delete permission failed');
+  console.log('\n🎉 Verification Complete!');
+}
+run();

package/src/config/app.ts ADDED Viewed

@@ -0,0 +1,9 @@
+export const appConfig = {
+  name: "lapeeh API",
+  timeout: 30000, // 30 seconds
+  compression: true,
+  rateLimit: {
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    max: 100, // Limit each IP to 100 requests per windowMs
+  },
+};

package/src/config/cors.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export const corsConfig = {
+  origin: process.env.CORS_ORIGIN || '*',
+  credentials: true,
+  exposedHeaders: ['x-access-token', 'x-access-expires-at'],
+};