nextjs-auth-module 1.1.0

package/README.md

@@ -0,0 +1,147 @@
+# Next.js Auth Module
+
+A complete, production-ready authentication module for Next.js applications with PostgreSQL.
+
+## Features
+
+- ✅ User registration with email/password
+- ✅ User login with JWT tokens
+- ✅ Password reset with email notifications
+- ✅ Protected routes
+- ✅ PostgreSQL database support (Neon, AWS RDS, etc.)
+- ✅ JWT authentication
+- ✅ Bcrypt password hashing
+- ✅ Ready-to-use components
+- ✅ TypeScript ready (including .d.ts files)
+
+## Installation
+
+### Quick Setup (Recommended)
+
+```bash
+1 npx create-next-app@latest my-app
+cd my-app
+npm install nextjs-auth-module
+npx setup-auth
+
+
+# When prompted:
+# ✓ Would you like to use TypeScript? … No
+# ✓ Would you like to use ESLint? … Yes  
+# ✓ Would you like to use Tailwind CSS? … Yes
+# ✓ Would you like to use `src/` directory? … No
+# ✓ Would you like to use App Router? … Yes
+# ✓ Would you like to customize the default import alias (@/*)? … No
+
+# Navigate into the new project
+cd my-new-auth-app
+
+3.  # Install all authentication dependencies
+npm install bcryptjs jsonwebtoken pg nodemailer @heroicons/react dotenv
+
+# Install dev dependencies (if needed)
+npm install -D @types/bcryptjs @types/jsonwebtoken
+
+
+
+4. # Install the auth module package
+npm install nextjs-auth-package
+
+# Verify it worked
+npm list --depth=0 | grep nextjs-auth
+# Should show: nextjs-auth-package@1.0.0
+
+
+5. # Run the setup to copy all auth files
+npx setup-auth
+
+# Or if that doesn't work, run:
+node node_modules/nextjs-auth-package/bin/setup-auth.js
+
+6. 7 . create database 
+
+    run  schema.sql file on sql editor on neon
+
+
+7. # Create .env.local from example
+
+copy file from .env.example   to  .env.local
+
+and edit en.local to real data such as db URL  and all place holder file with real data
+
+# To generate JWT secret 
+run in bash
+
+node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
+
+8 . npm run dev
+Open http://localhost:3000
+
+
+📁 Project Structure
+text
+your-project/
+├── app/
+│   ├── api/
+│   │   ├── login/route.js
+│   │   ├── register/route.js
+│   │   ├── forgot-password/route.js
+│   │   └── reset-password/route.js
+│   ├── login/page.jsx
+│   ├── register/page.jsx
+│   ├── forgot-password/page.jsx
+│   ├── reset-password/page.jsx
+│   └── layout.jsx
+├── context/
+│   └── AuthContext.jsx
+├── lib/
+│   ├── db.js
+│   ├── auth.js
+│   └── email.js
+├── scripts/
+│   └── init-db.js
+├── .env.local
+└── package.json
+
+📧 Email Configuration (Gmail)
+To enable password reset emails:
+
+Enable 2-Step Verification on your Google account
+
+Generate an App Password:
+
+Go to https://myaccount.google.com/apppasswords
+
+Select "Other" and name it "NextJS Auth"
+
+Copy the 16-character password
+
+Update .env.local:
+
+env
+EMAIL_USER="your-email@gmail.com"
+EMAIL_PASS="16-character-app-password"
+🧪 Development Without Email
+For testing without email, the reset link will be printed in your terminal:
+
+text
+🔐 ========== PASSWORD RESET LINK ==========
+Reset URL: http://localhost:3000/reset-password?token=abc123
+==========================================
+🚢 Deployment
+Deploy to Vercel
+Push your code to GitHub
+
+Import project to Vercel
+
+Add environment variables in Vercel dashboard
+
+Deploy
+
+Environment Variables on Vercel
+env
+DATABASE_URL=your_neon_postgres_url
+JWT_SECRET=your_jwt_secret
+EMAIL_USER=your_email@gmail.com
+EMAIL_PASS=your_app_password
+NEXT_PUBLIC_APP_URL=https://your-domain.vercel.app

package/bin/create-auth-app.js

@@ -0,0 +1,46 @@
+#!/usr/bin/env node
+
+const { execSync } = require('child_process');
+const fs = require('fs');
+const path = require('path');
+
+const projectName = process.argv[2];
+
+if (!projectName) {
+  console.error('\x1b[31m❌ Please specify a project name:\x1b[0m');
+  console.log('\x1b[33m  npx create-auth-app my-app\x1b[0m\n');
+  process.exit(1);
+}
+
+console.log('\x1b[36m%s\x1b[0m', `\n🚀 Creating Next.js app with authentication: ${projectName}\n`);
+
+try {
+  // Create Next.js app
+  console.log('\x1b[33m📦 Creating Next.js app...\x1b[0m');
+  execSync(`npx create-next-app@latest ${projectName} --typescript --tailwind --app --no-src-dir`, {
+    stdio: 'inherit'
+  });
+  
+  // Install auth dependencies
+  console.log('\x1b[33m📦 Installing auth dependencies...\x1b[0m');
+  execSync(`cd ${projectName} && npm install bcryptjs jsonwebtoken pg nodemailer dotenv @heroicons/react`, {
+    stdio: 'inherit'
+  });
+  
+  // Setup auth module
+  console.log('\x1b[33m🔧 Setting up authentication module...\x1b[0m');
+  execSync(`cd ${projectName} && npx setup-auth`, {
+    stdio: 'inherit'
+  });
+  
+  console.log('\x1b[32m✅ Authentication setup complete!\x1b[0m');
+  console.log('\n📝 Next steps:');
+  console.log(`\x1b[33m1. cd ${projectName}\x1b[0m`);
+  console.log('\x1b[33m2. cp .env.example .env.local\x1b[0m');
+  console.log('\x1b[33m3. Update .env.local with your database credentials\x1b[0m');
+  console.log('\x1b[33m4. npm run dev\x1b[0m\n');
+  
+} catch (error) {
+  console.error('\x1b[31m❌ Setup failed:\x1b[0m', error.message);
+  process.exit(1);
+}

package/bin/init-db.js

@@ -0,0 +1,128 @@
+#!/usr/bin/env node
+
+const { Pool } = require('pg');
+const fs = require('fs');
+const path = require('path');
+const readline = require('readline');
+require('dotenv').config({ path: '.env.local' });
+
+const rl = readline.createInterface({
+  input: process.stdin,
+  output: process.stdout
+});
+
+console.log('\x1b[36m%s\x1b[0m', '🗄️  Next.js Auth Module - Database Setup\n');
+
+// Check if DATABASE_URL exists
+if (!process.env.DATABASE_URL) {
+  console.log('\x1b[31m❌ DATABASE_URL not found in .env.local\x1b[0m');
+  console.log('\x1b[33m📝 Please create .env.local file with:\x1b[0m');
+  console.log('DATABASE_URL="postgresql://username:password@host.neon.tech/dbname?sslmode=require"\n');
+  process.exit(1);
+}
+
+const pool = new Pool({
+  connectionString: process.env.DATABASE_URL,
+  ssl: {
+    rejectUnauthorized: false
+  }
+});
+
+async function initDatabase() {
+  const client = await pool.connect();
+  
+  try {
+    console.log('\x1b[33m📡 Connecting to database...\x1b[0m');
+    await client.query('SELECT NOW()');
+    console.log('\x1b[32m✅ Database connected successfully!\x1b[0m\n');
+    
+    // Ask which SQL to run
+    console.log('\x1b[33m📁 Available SQL files:\x1b[0m');
+    console.log('  1. schema.sql - Complete database schema');
+    console.log('  2. migrations/001_initial.sql - Basic tables only');
+    console.log('  3. migrations/003_add_indexes.sql - Add performance indexes');
+    console.log('  4. Run all migrations in order');
+    
+    rl.question('\n\x1b[36mChoose option (1-4): \x1b[0m', async (answer) => {
+      let sqlContent = '';
+      const packageDir = path.dirname(__dirname);
+      const sqlDir = path.join(packageDir, 'sql');
+      
+      switch(answer) {
+        case '1':
+          sqlContent = fs.readFileSync(path.join(sqlDir, 'schema.sql'), 'utf8');
+          await runSQL(client, sqlContent);
+          break;
+        case '2':
+          sqlContent = fs.readFileSync(path.join(sqlDir, 'migrations/001_initial.sql'), 'utf8');
+          await runSQL(client, sqlContent);
+          break;
+        case '3':
+          sqlContent = fs.readFileSync(path.join(sqlDir, 'migrations/003_add_indexes.sql'), 'utf8');
+          await runSQL(client, sqlContent);
+          break;
+        case '4':
+          await runAllMigrations(client, sqlDir);
+          break;
+        default:
+          console.log('\x1b[31m❌ Invalid option\x1b[0m');
+      }
+      
+      rl.close();
+      await pool.end();
+    });
+    
+  } catch (error) {
+    console.error('\x1b[31m❌ Database initialization failed:\x1b[0m', error.message);
+    rl.close();
+    await pool.end();
+    process.exit(1);
+  }
+}
+
+async function runSQL(client, sqlContent) {
+  try {
+    console.log('\x1b[33m🚀 Running SQL...\x1b[0m');
+    await client.query(sqlContent);
+    console.log('\x1b[32m✅ Database schema created successfully!\x1b[0m');
+    
+    // Verify tables
+    const { rows } = await client.query(`
+      SELECT table_name 
+      FROM information_schema.tables 
+      WHERE table_schema = 'public'
+      AND table_name IN ('users', 'sessions')
+    `);
+    
+    console.log('\n\x1b[36m📊 Created tables:\x1b[0m', rows.map(r => r.table_name).join(', '));
+  } catch (error) {
+    console.error('\x1b[31m❌ Error running SQL:\x1b[0m', error.message);
+    throw error;
+  }
+}
+
+async function runAllMigrations(client, sqlDir) {
+  const migrationsDir = path.join(sqlDir, 'migrations');
+  const migrationFiles = fs.readdirSync(migrationsDir)
+    .filter(f => f.endsWith('.sql'))
+    .sort();
+  
+  console.log(`\n\x1b[33m📦 Running ${migrationFiles.length} migrations...\x1b[0m`);
+  
+  for (const file of migrationFiles) {
+    console.log(`  → Running ${file}...`);
+    const sqlContent = fs.readFileSync(path.join(migrationsDir, file), 'utf8');
+    await client.query(sqlContent);
+  }
+  
+  console.log('\n\x1b[32m✅ All migrations completed!\x1b[0m');
+}
+
+// Handle process termination
+process.on('SIGINT', () => {
+  console.log('\n\x1b[33m⚠️ Database setup cancelled\x1b[0m');
+  rl.close();
+  process.exit(0);
+});
+
+initDatabase();

package/bin/setup-auth.js

@@ -0,0 +1,156 @@
+#!/usr/bin/env node
+
+const fs = require('fs');
+const path = require('path');
+
+console.log('\x1b[36m%s\x1b[0m', '🔐 Setting up Next.js Auth Module...\n');
+
+// Get the current working directory (the user's project)
+const targetPath = process.cwd();
+
+// Get the package directory
+const packageDir = path.dirname(__dirname);
+
+// Source directories
+const srcAppDir = path.join(packageDir, 'src', 'app');
+const srcContextDir = path.join(packageDir, 'src', 'context');
+const srcLibDir = path.join(packageDir, 'src', 'lib');
+const templatesDir = path.join(packageDir, 'templates');
+
+// Target directories
+const targetAppDir = path.join(targetPath, 'app');
+const targetContextDir = path.join(targetPath, 'context');
+const targetLibDir = path.join(targetPath, 'lib');
+
+// Function to copy directory recursively
+function copyDir(src, dest) {
+  if (!fs.existsSync(src)) {
+    console.log(`\x1b[31m❌ Source directory not found: ${src}\x1b[0m`);
+    return false;
+  }
+  
+  // Create destination directory
+  if (!fs.existsSync(dest)) {
+    fs.mkdirSync(dest, { recursive: true });
+  }
+  
+  const entries = fs.readdirSync(src, { withFileTypes: true });
+  
+  for (let entry of entries) {
+    const srcPath = path.join(src, entry.name);
+    const destPath = path.join(dest, entry.name);
+    
+    if (entry.isDirectory()) {
+      copyDir(srcPath, destPath);
+    } else {
+      // Don't overwrite existing files
+      if (!fs.existsSync(destPath)) {
+        fs.copyFileSync(srcPath, destPath);
+        console.log(`  ✓ Copied: ${path.relative(targetPath, destPath)}`);
+      } else {
+        console.log(`  ⚠️ Skipped (exists): ${path.relative(targetPath, destPath)}`);
+      }
+    }
+  }
+  return true;
+}
+
+// Copy app directory (API routes and pages)
+console.log('\x1b[33m📁 Copying authentication pages and API routes...\x1b[0m');
+if (copyDir(srcAppDir, targetAppDir)) {
+  console.log('\x1b[32m✅ Pages and API routes copied\x1b[0m');
+}
+
+// Copy context directory
+console.log('\x1b[33m📁 Copying authentication context...\x1b[0m');
+if (copyDir(srcContextDir, targetContextDir)) {
+  console.log('\x1b[32m✅ Auth context copied\x1b[0m');
+}
+
+// Copy lib directory
+console.log('\x1b[33m📁 Copying authentication utilities...\x1b[0m');
+if (copyDir(srcLibDir, targetLibDir)) {
+  console.log('\x1b[32m✅ Auth utilities copied\x1b[0m');
+}
+
+// === NEW: Copy layout.jsx and page.jsx templates ===
+console.log('\n\x1b[33m📄 Setting up layout and page files...\x1b[0m');
+
+// Copy layout.jsx if it doesn't exist
+const layoutTemplate = path.join(templatesDir, 'layout.jsx');
+const layoutTarget = path.join(targetAppDir, 'layout.jsx');
+
+if (fs.existsSync(layoutTemplate)) {
+  if (!fs.existsSync(layoutTarget)) {
+    fs.copyFileSync(layoutTemplate, layoutTarget);
+    console.log('  ✓ Created app/layout.jsx');
+  } else {
+    console.log('  ⚠️ app/layout.jsx already exists, skipping (check if AuthProvider is included)');
+    
+    // Check if AuthProvider is in the existing layout
+    const layoutContent = fs.readFileSync(layoutTarget, 'utf8');
+    if (!layoutContent.includes('AuthProvider')) {
+      console.log('  💡 Tip: Make sure to wrap your app with <AuthProvider> in layout.jsx');
+    }
+  }
+}
+
+// Copy page.jsx if it doesn't exist
+const pageTemplate = path.join(templatesDir, 'page.jsx');
+const pageTarget = path.join(targetAppDir, 'page.jsx');
+
+if (fs.existsSync(pageTemplate)) {
+  if (!fs.existsSync(pageTarget)) {
+    fs.copyFileSync(pageTemplate, pageTarget);
+    console.log('  ✓ Created app/page.jsx');
+  } else {
+    console.log('  ⚠️ app/page.jsx already exists, skipping');
+  }
+}
+
+// Copy .env.example
+console.log('\n\x1b[33m📝 Setting up environment variables...\x1b[0m');
+const envExampleSrc = path.join(templatesDir, '.env.example');
+const envExampleDest = path.join(targetPath, '.env.example');
+
+if (fs.existsSync(envExampleSrc)) {
+  if (!fs.existsSync(envExampleDest)) {
+    fs.copyFileSync(envExampleSrc, envExampleDest);
+    console.log('  ✓ Created .env.example');
+  } else {
+    console.log('  ⚠️ .env.example already exists');
+  }
+}
+
+// Copy .env.local from example if it doesn't exist
+const envLocalDest = path.join(targetPath, '.env.local');
+if (!fs.existsSync(envLocalDest) && fs.existsSync(envExampleSrc)) {
+  fs.copyFileSync(envExampleSrc, envLocalDest);
+  console.log('  ✓ Created .env.local (please update with your credentials)');
+}
+
+// Copy SQL files
+console.log('\n\x1b[33m🗄️  Copying database SQL files...\x1b[0m');
+const sqlSrc = path.join(packageDir, 'sql');
+const sqlDest = path.join(targetPath, 'sql');
+
+if (fs.existsSync(sqlSrc)) {
+  copyDir(sqlSrc, sqlDest);
+  console.log('\x1b[32m✅ SQL files copied to /sql directory\x1b[0m');
+  console.log('  📁 Run: node sql/init-db.js to setup database');
+}
+
+
+console.log('\n\x1b[32m✨ Authentication module setup complete!\x1b[0m');
+console.log('\n\x1b[33m📝 Next steps:\x1b[0m');
+console.log('  1. Update .env.local with your database credentials');
+console.log('  2. Make sure you have these dependencies installed:');
+console.log('     npm install bcryptjs jsonwebtoken pg nodemailer @heroicons/react and  npm install bcryptjs jsonwebtoken pg nodemailer @heroicons/react dotenv');  
+console.log('  3. Initialize database: node scripts/init-db.js');
+console.log('  4. Run: npm run dev');
+console.log('\n\x1b[36m📚 Available routes:\x1b[0m');
+console.log('  - /login          → Login page');
+console.log('  - /register       → Register page');
+console.log('  - /forgot-password → Password reset request');
+console.log('  - /reset-password  → Reset password page');
+console.log('\n');

package/package.json

@@ -0,0 +1,56 @@
+{
+  "name": "nextjs-auth-module",
+  "version": "1.1.0",
+  "description": "Complete authentication module for Next.js with PostgreSQL, JWT, and password reset functionality",
+  "main": "src/index.js",
+  "bin": {
+    "setup-auth": "./bin/setup-auth.js",
+    "init-db": "./bin/init-db.js"
+  },
+  "files": [
+    "src",
+    "bin",
+    "sql",
+    "templates",
+    "README.md",
+    "LICENSE"
+  ],
+
+  "keywords": [
+    "nextjs",
+    "authentication",
+    "auth",
+    "login",
+    "register",
+    "password-reset",
+    "jwt",
+    "postgresql",
+    "neon",
+    "react"
+  ],
+  "author": "Muler  <mulercs514@gmail.com>",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/MulatuMekonnen/nextjs-auth-module"
+  },
+  "homepage": "https://github.com/MulatuMekonnen/nextjs-auth-module#readme",
+  "bugs": {
+    "url": "https://github.com/MulatuMekonnen/nextjs-auth-module/issues"
+  },
+  "peerDependencies": {
+    "next": ">=13.0.0",
+    "react": ">=18.0.0",
+    "react-dom": ">=18.0.0"
+  },
+  "dependencies": {
+    "bcryptjs": "^2.4.3",
+    "jsonwebtoken": "^9.0.0",
+    "pg": "^8.11.0",
+    "nodemailer": "^6.9.0",
+    "@heroicons/react": "^2.0.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}

package/sql/schema.sql

@@ -0,0 +1,144 @@
+-- ============================================
+-- COMPLETE AUTHENTICATION MODULE SCHEMA
+-- Run this entire script in Neon SQL Editor
+-- ============================================
+
+-- First, drop existing tables if you want a fresh start (optional)
+-- DROP TABLE IF EXISTS sessions;
+-- DROP TABLE IF EXISTS users;
+
+-- ============================================
+-- USERS TABLE (Enhanced with all auth fields)
+-- ============================================
+CREATE TABLE IF NOT EXISTS users (
+    -- Basic Info
+    id SERIAL PRIMARY KEY,
+    name VARCHAR(100),
+    email VARCHAR(255) UNIQUE NOT NULL,
+    password VARCHAR(255) NOT NULL,
+    
+    -- Email Verification
+    is_verified BOOLEAN DEFAULT FALSE,
+    verification_token TEXT,
+    verification_token_expires TIMESTAMP,
+    
+    -- Password Reset
+    reset_password_token TEXT,           -- matches your reset_token
+    reset_password_expires TIMESTAMP,    -- matches your reset_token_expiry but as TIMESTAMP
+    
+    -- Session Management (for refresh tokens)
+    -- Add these if you want remember me functionality
+    refresh_token TEXT,
+    refresh_token_expires TIMESTAMP,
+    
+    -- Account Status
+    is_active BOOLEAN DEFAULT TRUE,
+    last_login TIMESTAMP,
+    login_attempts INTEGER DEFAULT 0,
+    locked_until TIMESTAMP,
+    
+    -- Timestamps
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+-- ============================================
+-- SESSIONS TABLE (For tracking user sessions)
+-- ============================================
+CREATE TABLE IF NOT EXISTS sessions (
+    id SERIAL PRIMARY KEY,
+    user_id INTEGER REFERENCES users(id) ON DELETE CASCADE,
+    session_token TEXT UNIQUE NOT NULL,
+    device_info TEXT,
+    ip_address VARCHAR(45),
+    expires_at TIMESTAMP NOT NULL,
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    last_activity TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+-- ============================================
+-- PASSWORD RESET TOKENS TABLE (Alternative approach)
+-- ============================================
+-- This is optional but recommended for better organization
+CREATE TABLE IF NOT EXISTS password_resets (
+    id SERIAL PRIMARY KEY,
+    user_id INTEGER REFERENCES users(id) ON DELETE CASCADE,
+    token TEXT UNIQUE NOT NULL,
+    expires_at TIMESTAMP NOT NULL,
+    used BOOLEAN DEFAULT FALSE,
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+-- ============================================
+-- INDEXES for better performance
+-- ============================================
+CREATE INDEX IF NOT EXISTS idx_users_email ON users(email);
+CREATE INDEX IF NOT EXISTS idx_users_reset_token ON users(reset_password_token);
+CREATE INDEX IF NOT EXISTS idx_users_verification_token ON users(verification_token);
+CREATE INDEX IF NOT EXISTS idx_sessions_token ON sessions(session_token);
+CREATE INDEX IF NOT EXISTS idx_sessions_user_id ON sessions(user_id);
+CREATE INDEX IF NOT EXISTS idx_password_resets_token ON password_resets(token);
+CREATE INDEX IF NOT EXISTS idx_password_resets_user_id ON password_resets(user_id);
+
+-- ============================================
+-- AUTOMATIC UPDATED_AT TRIGGER
+-- ============================================
+-- Create function to update updated_at timestamp
+CREATE OR REPLACE FUNCTION update_updated_at_column()
+RETURNS TRIGGER AS $$
+BEGIN
+    NEW.updated_at = CURRENT_TIMESTAMP;
+    RETURN NEW;
+END;
+$$ language 'plpgsql';
+
+-- Create trigger for users table
+DROP TRIGGER IF EXISTS update_users_updated_at ON users;
+CREATE TRIGGER update_users_updated_at
+    BEFORE UPDATE ON users
+    FOR EACH ROW
+    EXECUTE FUNCTION update_updated_at_column();
+
+-- ============================================
+-- SAMPLE DATA (Optional - for testing)
+-- ============================================
+-- Insert a test user (password is 'password123' hashed with bcrypt)
+-- Remove this in production!
+-- INSERT INTO users (name, email, password, is_verified) 
+-- VALUES ('Test User', 'test@example.com', '$2a$10$YourHashedPasswordHere', true);
+
+-- ============================================
+-- VERIFY SCHEMA
+-- ============================================
+-- Run this to check if all columns exist
+SELECT column_name, data_type 
+FROM information_schema.columns 
+WHERE table_name = 'users' 
+ORDER BY ordinal_position;
+
+-- ============================================
+-- CLEANUP OLD TOKENS FUNCTION (Run daily)
+-- ============================================
+-- This function removes expired tokens
+CREATE OR REPLACE FUNCTION cleanup_expired_tokens()
+RETURNS void AS $$
+BEGIN
+    -- Clear expired reset tokens in users table
+    UPDATE users 
+    SET reset_password_token = NULL, 
+        reset_password_expires = NULL 
+    WHERE reset_password_expires < NOW();
+    
+    -- Clear expired verification tokens
+    UPDATE users 
+    SET verification_token = NULL, 
+        verification_token_expires = NULL 
+    WHERE verification_token_expires < NOW();
+    
+    -- Delete expired sessions
+    DELETE FROM sessions WHERE expires_at < NOW();
+    
+    -- Delete expired password resets
+    DELETE FROM password_resets WHERE expires_at < NOW() OR used = TRUE;
+END;
+$$ LANGUAGE plpgsql;