odac 0.9.0

package/README.md

@@ -0,0 +1,57 @@
+<p align="center">
+  <img src="https://candypack.dev/assets/img/github/header.png?v=1" alt="CandyPack Header">
+</p>
+
+# 🍭 CandyPack
+
+**CandyPack** is a lightweight yet powerful server + framework toolkit for building and deploying modern web apps with ease — with built-in automation and a developer-first philosophy.
+
+## ✨ Key Features
+
+### Core Server Features
+
+*   ⚡ **Blazing Fast & Ultra Light:** Optimized for performance, CandyPack is significantly lighter and faster than traditional server solutions, ensuring maximum performance with minimal resource usage.
+*   🚀 **Zero-Config Hosting:** Leave the complex server configurations to CandyPack and focus solely on your code. Get your web applications up and running in minutes.
+*   🌐 **One Server, Many Domains:** Easily host and manage multiple websites on a single CandyPack instance, each with its own domain and resources.
+*   🔒 **SSL in Seconds:** Secure all your websites in seconds with free, auto-renewing SSL certificates.
+*   📬 **Native Mail Server:** A full-featured, built-in mail server (IMAP/SMTP) that allows you to create and manage email accounts for your domains without needing an external service.
+*   ⚙️ **Process & CLI Monitor:** Keep your applications running smoothly with the integrated process manager and monitor your server from anywhere with the powerful command-line tool.
+
+### Integrated Candy Framework
+
+*   🔗 **Custom URLs & Infinite Pages:** Easily create clean, custom URLs and an unlimited number of pages thanks to the powerful routing and skeleton system.
+*   ✨ **No-Code AJAX:** Automatically enable AJAX for form submissions and page transitions without writing any custom JavaScript, providing your users with a seamless single-page application (SPA) experience.
+*   🛡️ **Safe Requests:** Automatically secure all your endpoints against common vulnerabilities like CSRF with built-in token verification for POST and GET requests.
+*   🔐 **Auth Made Easy:** Implement user authentication in minutes with built-in session management, password hashing, and ready-to-use login/register forms.
+*   🌍 **Global Ready:** Reach a worldwide audience with built-in, automatic multi-language support. The Candy Framework simplifies internationalization (i18n).
+*   ⏰ **Built-in Cron Jobs:** Schedule and automate recurring tasks with the integrated cron system, perfect for background jobs, data cleanup, and scheduled operations.
+
+## 🚀 Quick Start
+
+> 🔥 **Install with a single command. Works on Linux, macOS, and Windows.**
+
+#### Linux & macOS
+
+```bash
+curl -sL https://candypack.dev/install | sudo bash
+```
+
+#### Windows (PowerShell)
+
+```powershell
+irm https://candypack.dev/install | iex
+```
+
+This command:
+
+- Installs Node.js (v18+) if missing
+- Installs CandyPack globally via npm
+- Prepares your system for development or deployment
+
+## 📚 Documentation
+
+For more detailed information and API reference, please check out our [official documentation website](https://docs.candypack.dev).
+
+## 📄 License
+
+This project is licensed under the AGPL-3.0 License. See the [LICENSE](LICENSE) file for details.

package/SECURITY.md

@@ -0,0 +1,26 @@
+# Security Policy
+
+## Supported Versions
+
+We are committed to ensuring the security of CandyPack. Below is a table of our currently supported versions and their security patch status.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 0.9.x   | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+We take all security vulnerabilities seriously. Thank you for improving the security of our project. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.
+
+To report a security vulnerability, please send an email to **support@candypack.dev**. **Do not create a public GitHub issue.**
+
+Please include the following details with your report:
+
+- A clear description of the vulnerability.
+- The version of CandyPack affected.
+- Steps to reproduce the vulnerability.
+- Any proof-of-concept code or screenshots.
+
+Once the vulnerability is confirmed, we will work on a patch and release it as quickly as possible.
+
+We look forward to working with you to make CandyPack safer for everyone.

package/bin/candy

@@ -0,0 +1,10 @@
+#!/usr/bin/env node
+
+let args = process.argv
+if(process.argv[0].includes('node')) args = process.argv.slice(1)
+if (args[1] === 'framework') {
+  require('../framework/index.js')
+  return
+}
+
+require('../cli/index.js')

package/bin/candypack

@@ -0,0 +1,10 @@
+#!/usr/bin/env node
+
+let args = process.argv
+if(process.argv[0].includes('node')) args = process.argv.slice(1)
+if (args[1] === 'framework') {
+  require('../framework/index.js')
+  return
+}
+
+require(args.includes('watchdog') ? '../watchdog/index.js' : '../cli/index.js')

package/cli/index.js

@@ -0,0 +1,3 @@
+require('../core/Candy.js')
+
+Candy.cli('Cli')

package/cli/src/Cli.js

@@ -0,0 +1,348 @@
+require('../../core/Candy.js')
+
+const childProcess = require('child_process')
+const readline = require('readline')
+
+class Cli {
+  #backgrounds = {red: 41, green: 42, yellow: 43, blue: 44, magenta: 45, white: 47, gray: 100}
+  colors = {red: 31, green: 32, yellow: 33, blue: 34, magenta: 35, white: 37, gray: 90}
+  rl
+  boot() {
+    if (!this.booting) this.booting = true
+    else return
+    return new Promise(resolve => {
+      console.log(__('Starting CandyPack Server...'))
+      const child = childProcess.spawn('node', [__dirname + '/../../watchdog/index.js'], {
+        detached: true,
+        stdio: 'ignore'
+      })
+      child.unref()
+      setTimeout(() => {
+        Candy.core('Config').reload()
+        resolve()
+      }, 1000)
+    })
+  }
+
+  close() {
+    if (this.rl) this.rl.close()
+    this.rl = null
+  }
+
+  color(text, color, ...args) {
+    let output = text
+    if (this.colors[color]) output = '\x1b[' + this.colors[color] + 'm' + output + '\x1b[0m'
+    for (const arg of args) {
+      if (this.#backgrounds[arg]) output = '\x1b[' + this.#backgrounds[arg] + 'm' + output + '\x1b[0m'
+      if (arg == 'bold') output = '\x1b[1m' + output + '\x1b[0m'
+    }
+    return output
+  }
+
+  #format(text, raw) {
+    if (typeof text !== 'string') return text
+    let output = text.toString()
+    if (output.toString().length > 1) {
+      let begin = ''
+      let end = ''
+      while (output.substr(output.length - 1) == ' ') {
+        end += ' '
+        output = output.substr(0, output.length - 1)
+      }
+      while (output.substr(0, 1) == ' ') {
+        begin += ' '
+        output = output.substr(1)
+      }
+      if (output.substr(output.length - 1) == ':') {
+        end = ':'
+        output = output.substr(0, output.length - 1)
+      }
+      output = begin + output + end
+    }
+    if (!raw) {
+      if (text == 'CandyPack') output = this.color(output, 'magenta')
+      if (text == __('Running')) output = this.color(output, 'green')
+      if (text == '\u2713') output = this.color(output, 'green')
+      if (text == '\u2717') output = this.color(output, 'red')
+    }
+    return output
+  }
+
+  async #detail(command, obj) {
+    let result = ''
+    let space = 0
+    if (obj.title) result += '\n\x1b[90m' + (await obj.title) + '\x1b\n'
+    if (obj.description) {
+      let args = ''
+      if (obj.args) {
+        // Only show positional arguments (not prefix arguments starting with -)
+        let positionalArgs = obj.args.filter(arg => !arg.startsWith('-'))
+
+        if (positionalArgs.length > 0) {
+          args += ' <' + positionalArgs.join('> <') + '>'
+        }
+      }
+      let line = '\x1b[91mcandy ' + command + '\x1b[0m\x1b[90m' + args + '\x1b[0m : ' + __(obj.description)
+      result += line
+      line = line.split(':')[0]
+      if (line.length > space) space = line.length
+    }
+    if (obj.sub) {
+      let lines = []
+      for (const sub in obj.sub) {
+        let detail = await this.#detail(command + ' ' + sub, obj.sub[sub])
+        lines.push(detail.result)
+        if (detail.space > space) space = detail.space
+      }
+      result += lines.join('\n')
+    }
+
+    return {result: result, space: space}
+  }
+
+  async help(commands) {
+    let result = []
+    let space = 0
+    if (typeof commands == 'string') {
+      let obj = Candy.core('Commands')
+      let command = commands.shift()
+      if (!obj[command]) return console.log(__(`'%s' is not a valid command.`, this.color(`candy ${commands.join(' ')}`, 'yellow')))
+      obj = obj[command]
+      while (commands.length > 0 && commands.length && obj.sub[commands[0]]) {
+        command = commands.shift()
+        if (!obj.sub[command]) return console.log(__(`'%s' is not a valid command.`, this.color(`candy ${commands.join(' ')}`, 'yellow')))
+        obj = obj.sub[command]
+      }
+      let detail = await this.#detail(command, obj)
+      if (detail.space > space) space = detail.space
+      let lines = detail.result.split('\n')
+      for (let line of lines) result.push(line)
+    } else {
+      const isAuthenticated = !!(Candy.core('Config').config.hub && Candy.core('Config').config.hub.token)
+      for (const command in Candy.core('Commands')) {
+        if (commands && commands !== true && commands[0] !== command) continue
+        if (isAuthenticated && command === 'auth') continue
+        let obj = Candy.core('Commands')[command]
+        if (commands === true && !obj.action) continue
+        let detail = await this.#detail(command, obj)
+        if (detail.space > space) space = detail.space
+        let lines = detail.result.split('\n')
+        for (let line of lines) result.push(line)
+      }
+      result = result.map(line => {
+        if (line.includes(':')) {
+          let parts = line.split(':')
+          parts[0] = parts[0] + ' '.repeat(space - parts[0].length)
+          line = parts.join(':')
+        }
+        return line
+      })
+    }
+    result.push('')
+    for (let line of result) console.log(line)
+  }
+
+  icon(status, selected) {
+    if (status == 'errored') return this.color(' ! ', 'red', selected ? 'white' : null)
+    if (status == 'progress') return this.color(' - ', 'gray', selected ? 'white' : null)
+    if (status == 'running') return this.color(' \u25B6 ', 'green', selected ? 'white' : null)
+    if (status == 'stopped') return this.color(' \u23F8 ', 'yellow', selected ? 'white' : null)
+    if (status == 'success') return this.color(' \u2713 ', 'green', selected ? 'white' : null)
+    return '   '
+  }
+
+  async init() {
+    console.log('\n', this.#format('CandyPack'), '\n')
+    if (!(await Candy.cli('Connector').check())) await this.boot()
+    let args = process.argv.slice(2)
+    let cmds = process.argv.slice(2)
+    if (args.length == 0) return this.#status()
+    let command = args.shift()
+    if (!Candy.core('Commands')[command])
+      return console.log(__(`'%s' is not a valid command.`, this.color(`candy ${cmds.join(' ')}`, 'yellow')))
+    let action = Candy.core('Commands')[command]
+    while (args.length > 0 && !action.args) {
+      command = args.shift()
+      if (!action.sub || !action.sub[command]) return this.help(cmds)
+      action = action.sub[command]
+    }
+    if (action.action) return action.action(args)
+    else return this.help(cmds)
+  }
+
+  #length(text) {
+    return (
+      this.#value(text, true)
+        .toString()
+        // eslint-disable-next-line no-control-regex
+        .replace(/\x1b\[[0-9;]*m/g, '').length
+    )
+  }
+
+  formatDate(date) {
+    const YYYY = date.getFullYear()
+    const MM = String(date.getMonth() + 1).padStart(2, '0')
+    const DD = String(date.getDate()).padStart(2, '0')
+    const HH = String(date.getHours()).padStart(2, '0')
+    const mm = String(date.getMinutes()).padStart(2, '0')
+    const ss = String(date.getSeconds()).padStart(2, '0')
+    return `${YYYY}-${MM}-${DD} ${HH}:${mm}:${ss}`
+  }
+
+  async log(...args) {
+    let output = []
+    for (let i = 0; i < args.length; i++) {
+      if (typeof args[i] != 'string') output.push(args[i])
+      else output.push(this.#format(args[i]))
+    }
+    console.log(...output)
+  }
+
+  spacing(text, len, direction) {
+    if (direction == 'right') return ' '.repeat(len - this.#length(text)) + text
+    if (direction == 'center')
+      return ' '.repeat(Math.floor((len - this.#length(text)) / 2)) + text + ' '.repeat(Math.ceil((len - this.#length(text)) / 2))
+    if (this.#length(text) > len) return text.substr(0, text.length - this.#length(text) + len)
+    return text + ' '.repeat(len - this.#length(text))
+  }
+
+  async #status() {
+    let status = {
+      online: false,
+      services: 0,
+      auth: false,
+      uptime: 0
+    }
+    status.online = await Candy.cli('Connector').check()
+    var uptime = Date.now() - Candy.core('Config').config.server.started
+    let seconds = Math.floor(uptime / 1000)
+    let minutes = Math.floor(seconds / 60)
+    let hours = Math.floor(minutes / 60)
+    let days = Math.floor(hours / 24)
+    seconds %= 60
+    minutes %= 60
+    hours %= 24
+    let uptimeString = ''
+    if (days) uptimeString += days + 'd '
+    if (hours) uptimeString += hours + 'h '
+    if (minutes && !days) uptimeString += minutes + 'm '
+    if (seconds && !hours) uptimeString += seconds + 's'
+    status.uptime = uptimeString
+    status.services = Candy.core('Config').config.services ? Object.keys(Candy.core('Config').config.services).length : 0
+    status.websites = Candy.core('Config').config.websites ? Object.keys(Candy.core('Config').config.websites).length : 0
+    status.auth = !!(Candy.core('Config').config.hub && Candy.core('Config').config.hub.token)
+    var args = process.argv.slice(2)
+    if (args.length == 0) {
+      let length = 0
+      for (let i = 0; i < 2; i++) {
+        for (let iterator of ['Status', 'Uptime', 'Websites', 'Services', 'Auth']) {
+          let title = __(iterator)
+          if (title.length > length) length = title.length
+          if (i) {
+            let space = ''
+            for (let j = 0; j < length - title.length; j++) space += ' '
+            switch (iterator) {
+              case 'Status':
+                console.log(title + space + ' : ' + (status.online ? '\x1b[32m ' + __('Online') : '\x1b[33m ' + __('Offline')) + '\x1b[0m')
+                break
+              case 'Uptime':
+                if (status.online) console.log(title + space + ' : ' + '\x1b[32m ' + status.uptime + '\x1b[0m')
+                break
+              case 'Websites':
+                if (status.online) console.log(title + space + ' : ' + '\x1b[32m ' + status.websites + '\x1b[0m')
+                break
+              case 'Services':
+                if (status.online) console.log(title + space + ' : ' + '\x1b[32m ' + status.services + '\x1b[0m')
+                break
+              case 'Auth':
+                console.log(
+                  title + space + ' : ' + (status.auth ? '\x1b[32m ' + __('Logged in') : '\x1b[33m ' + __('Not logged in')) + '\x1b[0m'
+                )
+                break
+            }
+          }
+        }
+      }
+      if (!status.auth) console.log(__('Login on %s to manage all your server operations.', '\x1b[95mhttps://candypack.dev\x1b[0m'))
+      console.log()
+      console.log(__('Commands:'))
+      length = 0
+      this.help(true)
+      console.log('')
+    }
+  }
+
+  table(input) {
+    let result = ''
+    let width = []
+    for (const row of input) {
+      for (const key of Object.keys(row)) {
+        if (input.indexOf(row) == 0) width[key] = this.#length(key)
+        if (this.#length(row[key]) > width[key]) width[key] = this.#length(row[key])
+      }
+    }
+    for (const row of input) {
+      let insert = ''
+      if (input.indexOf(row) == 0) {
+        result += '┌─'
+        for (const key of Object.keys(row)) result += '─'.repeat(width[key]) + '─┬─'
+        result = this.color(result.substr(0, result.length - 3) + '─┐\n', 'gray')
+        result += this.color('│ ', 'gray')
+        for (const key of Object.keys(row)) {
+          result += this.color(this.#value(key), 'blue') + ' '.repeat(width[key] - this.#length(key)) + this.color(' │ ', 'gray')
+        }
+        result += '\n'
+      }
+      insert += '├─'
+      for (const key of Object.keys(row)) insert += '─'.repeat(width[key]) + '─┼─'
+      insert = insert.substr(0, insert.length - 3) + '─┤\n'
+      insert += '│ '
+      result += this.color(insert, 'gray')
+      for (const key of Object.keys(row)) {
+        result += this.#value(row[key]) + ' '.repeat(width[key] - this.#length(row[key])) + this.color(' │ ', 'gray')
+      }
+      result += '\n'
+    }
+    let insert = '└─'
+    for (const key of Object.keys(input[0])) insert += '─'.repeat(width[key]) + '─┴─'
+    insert = insert.substr(0, insert.length - 3) + '─┘'
+    result += this.color(insert, 'gray')
+    console.log(result)
+  }
+
+  #value(text, raw) {
+    if (!text) return ''
+    let result = ''
+    if (typeof text == 'object') result = this.#format(text.content)
+    else result = this.#format(text, raw)
+    return result
+  }
+
+  parseArg(args, prefixes) {
+    if (!args || !prefixes) return null
+
+    for (let i = 0; i < args.length; i++) {
+      if (prefixes.includes(args[i]) && i + 1 < args.length) {
+        return args[i + 1]
+      }
+    }
+    return null
+  }
+
+  question(question) {
+    return new Promise(resolve => {
+      if (!this.rl) {
+        this.rl = readline.createInterface({
+          input: process.stdin,
+          output: process.stdout
+        })
+      }
+      this.rl.question(question, answer => {
+        this.close()
+        return resolve(answer.trim())
+      })
+    })
+  }
+}
+
+module.exports = new Cli()

package/cli/src/Connector.js

@@ -0,0 +1,93 @@
+const findProcess = require('find-process').default
+const net = require('net')
+
+class Connector {
+  constructor() {
+    this.socket = null
+    this.connected = false
+    this.connecting = false
+    this.manualClose = false
+  }
+
+  #connect() {
+    if (this.connected || this.connecting) return
+    this.connecting = true
+    this.socket = net.createConnection({port: 1453, host: '127.0.0.1'}, () => {
+      this.connected = true
+      this.connecting = false
+    })
+
+    this.socket.on('data', raw => {
+      raw = raw.toString()
+      if (raw.includes('\r\n')) {
+        raw = raw.split('\r\n')
+      } else {
+        raw = [raw]
+      }
+      for (let payload of raw) {
+        try {
+          payload = JSON.parse(payload)
+        } catch {
+          continue
+        }
+        if (payload.message) {
+          if (payload.status) {
+            if (this.lastProcess == payload.process) {
+              process.stdout.clearLine(0)
+              process.stdout.cursorTo(0)
+            } else {
+              this.lastProcess = payload.process
+              process.stdout.write('\n')
+            }
+            process.stdout.write(Candy.cli('Cli').icon(payload.status) + payload.message + '\r')
+          } else {
+            if (this.lastProcess) process.stdout.write('\n')
+            if (payload.result) {
+              console.log(payload.message)
+            } else {
+              console.error(payload.message)
+            }
+            if (!this.manualClose) this.socket.end()
+            this.connected = false
+            this.connecting = false
+            this.lastProcess = null
+          }
+        }
+      }
+    })
+
+    this.socket.on('error', err => {
+      console.error('Socket error:', err.message)
+    })
+  }
+
+  call(command) {
+    if (!command) return
+    this.manualClose = false
+    this.#connect()
+    this.socket.write(
+      JSON.stringify({
+        auth: Candy.core('Config').config.api.auth,
+        action: command.action,
+        data: command.data
+      })
+    )
+  }
+
+  check() {
+    return new Promise(resolve => {
+      if (!Candy.core('Config').config.server.watchdog) return resolve(false)
+      findProcess('pid', Candy.core('Config').config.server.watchdog)
+        .then(list => {
+          if (list.length > 0 && list[0].name == 'node') return resolve(true)
+          return resolve(false)
+        })
+        .catch(err => {
+          console.error('Error checking process:', err)
+          return resolve(false)
+        })
+    })
+  }
+}
+
+module.exports = new Connector()