odac 1.4.3 → 1.4.5

package/docs/frontend/02-ajax-navigation/03-advanced-usage.md

@@ -143,6 +143,57 @@ Odac.action({
 
 ## Animation & Transitions
 
+### View Transitions (Recommended)
+
+ODAC natively supports the browser's [View Transition API](https://developer.mozilla.org/en-US/docs/Web/API/View_Transition_API). Add the `odac-transition` attribute to any element that should animate between page navigations. No JavaScript configuration is needed.
+
+```html
+<header odac-transition="header">Site Header</header>
+<nav odac-transition="sidebar">Navigation</nav>
+<main>Regular content (updated by AJAX loader)</main>
+<img odac-transition="hero" src="/hero.jpg" alt="Hero" />
+```
+
+**How it works:**
+- Before navigation, ODAC assigns `view-transition-name` to each `odac-transition` element
+- The browser captures a snapshot of the old state
+- DOM is updated with new content
+- New `odac-transition` elements receive their transition names
+- The browser animates between old and new snapshots
+
+**Rules:**
+1. Each `odac-transition` value must be unique within the page (browser requirement)
+2. Elements that persist across pages (e.g., shared header) will morph smoothly
+3. If the browser doesn't support View Transition API, the legacy fade animation runs automatically
+
+**CSS Customization:**
+
+```css
+/* Crossfade the hero image */
+::view-transition-old(hero) {
+  animation: fade-out 0.3s ease;
+}
+::view-transition-new(hero) {
+  animation: fade-in 0.3s ease;
+}
+
+/* Slide the sidebar */
+::view-transition-old(sidebar) {
+  animation: slide-out-left 0.25s ease;
+}
+::view-transition-new(sidebar) {
+  animation: slide-in-left 0.25s ease;
+}
+
+/* Default transition for all elements */
+::view-transition-old(*) {
+  animation-duration: 0.2s;
+}
+::view-transition-new(*) {
+  animation-duration: 0.2s;
+}
+```
+
 ### Custom Transitions
 
 Add custom animations:

package/package.json

@@ -7,7 +7,7 @@
     "email": "mail@emre.red",
     "url": "https://emre.red"
   },
-  "version": "1.4.3",
+  "version": "1.4.5",
   "license": "MIT",
   "engines": {
     "node": ">=18.0.0"
@@ -24,10 +24,13 @@
     "@tailwindcss/cli": "^4.1.18",
     "knex": "^3.1.0",
     "lmdb": "^3.4.4",
+    "tailwindcss": "^4.1.18"
+  },
+  "optionalDependencies": {
     "mysql2": "^3.16.0",
     "pg": "^8.16.3",
     "redis": "^5.10.0",
-    "tailwindcss": "^4.1.18"
+    "sharp": "^0.33.0"
   },
   "overrides": {
     "tar": "7.5.9",

package/src/Auth.js

@@ -593,6 +593,7 @@ class Auth {
 
     // 4. Log in user (or Register if new)
     let user = await Odac.DB[this.#table].where('email', email).first()
+    let alreadyLoggedIn = false
 
     if (!user) {
       // Auto-Register the user
@@ -630,12 +631,15 @@ class Auth {
       }
 
       user = regResult.user
+      // register() already performs auto-login by default, skip duplicate login
+      alreadyLoggedIn = regResult.autoLogin !== false
     }
 
-    // Login logic similar to login()
-    const loginData = {}
-    loginData[primaryKey] = user[primaryKey]
-    await this.login(loginData)
+    if (!alreadyLoggedIn) {
+      const loginData = {}
+      loginData[primaryKey] = user[primaryKey]
+      await this.login(loginData)
+    }
 
     return {success: true, user: user}
   }

package/src/Config.js

@@ -18,6 +18,11 @@ module.exports = {
     auto: true,
     maxResources: 5
   },
+  image: {
+    quality: 80,
+    maxDimension: 4096,
+    format: 'webp'
+  },
   ipc: {
     driver: 'memory',
     redis: 'default'

package/src/Database/ConnectionFactory.js

@@ -35,6 +35,13 @@ function buildConnectionConfig(db, client) {
   }
 }
 
+/** @type {Record<string, string>} Maps ODAC db type to the npm package that must be installed */
+const DRIVER_PACKAGES = {
+  pg: 'pg',
+  mysql2: 'mysql2',
+  sqlite3: 'sqlite3'
+}
+
 /**
  * Creates knex connections map from ODAC database config.
  * Why: Centralizes zero-config connection bootstrap used by runtime and migration CLI.
@@ -51,6 +58,15 @@ function buildConnections(databaseConfig) {
     const client = resolveClient(db.type)
     const connection = buildConnectionConfig(db, client)
 
+    const pkg = DRIVER_PACKAGES[client]
+    if (pkg) {
+      try {
+        require(pkg)
+      } catch {
+        throw new Error(`Database driver "${pkg}" is not installed. Run: npm install ${pkg}`)
+      }
+    }
+
     connections[key] = knex({
       client,
       connection,

package/src/Ipc.js

@@ -122,8 +122,9 @@ class Ipc extends EventEmitter {
       this.redis = Redis.createClient(Odac.Config.database?.redis?.[this.config.redis || 'default'] || {})
       await this.redis.connect()
     } catch (e) {
-      console.error('IPC Redis Driver Error:', e)
-      // Re-throw to ensure application doesn't start in a broken state.
+      if (e.code === 'MODULE_NOT_FOUND') {
+        throw new Error('IPC Redis driver requires the "redis" package. Run: npm install redis')
+      }
       throw e
     }
   }

package/src/Lang.js

@@ -1,4 +1,5 @@
-const fs = require('fs')
+const fs = require('node:fs')
+const fsPromises = fs.promises
 
 class Lang {
   #odac
@@ -10,7 +11,7 @@ class Lang {
     this.set()
   }
 
-  get(...args) {
+  async get(...args) {
     if (typeof args[0] !== 'string') return args[0]
     if (!this.#data[args[0]]) {
       this.#data[args[0]] = args[0]
@@ -34,11 +35,11 @@ class Lang {
     return str
   }
 
-  #save() {
+  async #save() {
     if (!this.#lang) return
-    if (!fs.existsSync(__dir + '/storage/')) fs.mkdirSync(__dir + '/storage/')
-    if (!fs.existsSync(__dir + '/storage/language/')) fs.mkdirSync(__dir + '/storage/language/')
-    fs.writeFileSync(__dir + '/storage/language/' + this.#lang + '.json', JSON.stringify(this.#data, null, 4))
+    const langDir = __dir + '/storage/language/'
+    if (!fs.existsSync(langDir)) await fsPromises.mkdir(langDir, {recursive: true})
+    await fsPromises.writeFile(langDir + this.#lang + '.json', JSON.stringify(this.#data, null, 4))
   }
 
   set(lang) {
@@ -49,15 +50,21 @@ class Lang {
         this.#odac.Request.header('ACCEPT-LANGUAGE') &&
         this.#odac.Request.header('ACCEPT-LANGUAGE').length > 1
       ) {
-        lang = this.#odac.Request.header('ACCEPT-LANGUAGE').substr(0, 2)
+        lang = this.#odac.Request.header('ACCEPT-LANGUAGE').slice(0, 2)
       } else {
         lang = this.#odac.Config.lang?.default || 'en'
       }
     }
     this.#lang = lang
-    if (fs.existsSync(__dir + '/storage/language/' + lang + '.json'))
-      this.#data = JSON.parse(fs.readFileSync(__dir + '/storage/language/' + lang + '.json'))
-    else this.#data = {}
+    const langFile = __dir + '/storage/language/' + lang + '.json'
+    if (fs.existsSync(langFile)) {
+      // Use Sync read here only because it's during initialization/request entry
+      // and we need to block briefly to ensure data is ready before logic proceeds.
+      // In a high-load system, this should Ideally be pre-cached.
+      this.#data = JSON.parse(fs.readFileSync(langFile, 'utf8'))
+    } else {
+      this.#data = {}
+    }
   }
 }
 

package/src/Odac.js

@@ -62,6 +62,7 @@ module.exports = {
     _odac.Server = require('./Server.js')
     _odac.Storage = require('./Storage.js')
     _odac.Var = (...args) => new (require('./Var.js'))(...args)
+    _odac.image = (src, options) => require('./View/Image.js').url(src, options)
 
     if (req) {
       _odac.setInterval = function (callback, delay, ...args) {

package/src/Request.js

@@ -32,17 +32,17 @@ class OdacRequest {
     delete this.req.headers['x-odac-connection-ssl']
     delete this.req.headers['x-odac-connection-remoteaddress']
     let route = req.headers.host.split('.')[0]
-    if (!Odac.Route.routes[route]) route = 'www'
+    if (!global.Odac.Route.routes[route]) route = 'www'
     this.route = route
     if (this.res) {
       if (typeof this.#odac.setTimeout === 'function') {
-        this.#timeout = this.#odac.setTimeout(() => !this.res.finished && this.abort(408), Odac.Config.request.timeout)
+        this.#timeout = this.#odac.setTimeout(() => !this.res.finished && this.abort(408), global.Odac.Config.request.timeout)
       } else {
-        this.#timeout = setTimeout(() => !this.res.finished && this.abort(408), Odac.Config.request.timeout)
+        this.#timeout = setTimeout(() => !this.res.finished && this.abort(408), global.Odac.Config.request.timeout)
       }
     }
     this.#data()
-    if (!Odac.Request) Odac.Request = {}
+    if (!global.Odac.Request) global.Odac.Request = {}
   }
 
   // - ABORT REQUEST
@@ -50,11 +50,11 @@ class OdacRequest {
     this.status(code)
     let result = {401: 'Unauthorized', 404: 'Not Found', 408: 'Request Timeout'}[code] ?? null
     if (
-      Odac.Route.routes[this.route].error &&
-      Odac.Route.routes[this.route].error[code] &&
-      typeof Odac.Route.routes[this.route].error[code].cache === 'function'
+      global.Odac.Route.routes[this.route].error &&
+      global.Odac.Route.routes[this.route].error[code] &&
+      typeof global.Odac.Route.routes[this.route].error[code].cache === 'function'
     )
-      result = await Odac.Route.routes[this.route].error[code].cache(this.#odac)
+      result = await global.Odac.Route.routes[this.route].error[code].cache(this.#odac)
     this.end(result)
   }
 
@@ -250,30 +250,30 @@ class OdacRequest {
       .update(this.req.headers['user-agent'] ?? '.')
       .digest('hex')
     let pub = this.cookie('odac_session')
-    if (!pub || !Odac.Storage.get(`sess:${pub}:${pri}:_created`)) {
+    if (!pub || !global.Odac.Storage.get(`sess:${pub}:${pri}:_created`)) {
       const lockKey = `lock:${this.ip}:${pri}`
       const now = Date.now()
 
-      const existingLock = Odac.Storage.get(lockKey)
+      const existingLock = global.Odac.Storage.get(lockKey)
       if (existingLock) {
-        if (now - existingLock.timestamp < 2000 && Odac.Storage.get(`sess:${existingLock.sessionId}:${pri}:_created`)) {
+        if (now - existingLock.timestamp < 2000 && global.Odac.Storage.get(`sess:${existingLock.sessionId}:${pri}:_created`)) {
           pub = existingLock.sessionId
         } else {
-          Odac.Storage.remove(lockKey)
+          global.Odac.Storage.remove(lockKey)
         }
       }
 
       if (!pub) {
         do {
           pub = nodeCrypto.randomBytes(16).toString('hex')
-        } while (Odac.Storage.get(`sess:${pub}:${pri}:_created`))
-        Odac.Storage.put(lockKey, {sessionId: pub, timestamp: now})
-        Odac.Storage.put(`sess:${pub}:${pri}:_created`, now)
+        } while (global.Odac.Storage.get(`sess:${pub}:${pri}:_created`))
+        global.Odac.Storage.put(lockKey, {sessionId: pub, timestamp: now})
+        global.Odac.Storage.put(`sess:${pub}:${pri}:_created`, now)
         this.cookie('odac_session', `${pub}`)
         setTimeout(() => {
-          const lock = Odac.Storage.get(lockKey)
+          const lock = global.Odac.Storage.get(lockKey)
           if (lock?.timestamp === now) {
-            Odac.Storage.remove(lockKey)
+            global.Odac.Storage.remove(lockKey)
           }
         }, 2000)
       }
@@ -282,15 +282,15 @@ class OdacRequest {
     const dbKey = `sess:${pub}:${pri}:${key}`
     if (value === undefined) {
       if (Object.prototype.hasOwnProperty.call(this.#sessions, dbKey)) return this.#sessions[dbKey]
-      const dbValue = Odac.Storage.get(dbKey) ?? null
+      const dbValue = global.Odac.Storage.get(dbKey) ?? null
       return dbValue
     } else if (value === null) {
       delete this.#sessions[dbKey]
       delete this.#sessions[dbKey]
-      Odac.Storage.remove(dbKey)
+      global.Odac.Storage.remove(dbKey)
     } else {
       this.#sessions[dbKey] = value
-      Odac.Storage.put(dbKey, value)
+      global.Odac.Storage.put(dbKey, value)
     }
   }
 

package/src/Route.js

@@ -4,10 +4,11 @@ const path = require('path')
 
 const Cron = require('./Route/Cron.js')
 const Internal = require('./Route/Internal.js')
+const Image = require('./View/Image.js')
 const MiddlewareChain = require('./Route/Middleware.js')
 const {WebSocketServer} = require('./WebSocket.js')
 
-var routes2 = {}
+let routes2 = {}
 const mime = require('./Route/MimeTypes.js')
 
 class Route {
@@ -586,6 +587,29 @@ class Route {
       {token: false}
     )
 
+    this.set(
+      'GET',
+      '/_odac/img/{file}',
+      async Odac => {
+        const filename = Odac.Request.data.url.file
+        if (!filename) return Odac.Request.abort(404)
+
+        // Validate filename format: {name}-{dimension}-{hash8}.{ext}
+        if (!/^[\w-]+-(?:\d+|o)-[a-f0-9]{8}\.(webp|avif|png|jpeg|jpg|tiff)$/.test(filename)) {
+          return Odac.Request.abort(404)
+        }
+
+        const result = await Image.serve(filename)
+        if (!result) return Odac.Request.abort(404)
+
+        Odac.Request.header('Content-Type', result.type)
+        Odac.Request.header('Content-Length', result.size)
+        Odac.Request.header('Cache-Control', 'public, max-age=31536000, immutable')
+        return result.stream
+      },
+      {token: false}
+    )
+
     delete Odac.Route.buff
   }
 
@@ -679,6 +703,13 @@ class Route {
             // File error, proceed to reload or re-set
           }
         } else {
+          // Update inline function reference on hot reload
+          this.routes[Odac.Route.buff][type][url].cache = file
+          this.routes[Odac.Route.buff][type][url].file = file
+          this.routes[Odac.Route.buff][type][url].mtime = Date.now()
+          this.routes[Odac.Route.buff][type][url].middlewares = capturedMiddlewares
+          this.routes[Odac.Route.buff][type][url].token = options.token ?? true
+          this.routes[Odac.Route.buff][type][url].action = action
           return
         }
       }
@@ -709,9 +740,14 @@ class Route {
           this.routes[Odac.Route.buff][type][url].action = action
 
           this.routes[Odac.Route.buff][type][url].middlewares = capturedMiddlewares
-        } catch {
+        } catch (err) {
           if (file && typeof file === 'string') {
-            console.error(`\x1b[31m[Odac]\x1b[0m Controller not found: \x1b[33m${path}\x1b[0m`)
+            if (err.code === 'ENOENT') {
+              console.error(`\x1b[31m[Odac]\x1b[0m Controller not found: \x1b[33m${path}\x1b[0m`)
+            } else {
+              console.error(`\x1b[31m[Odac]\x1b[0m Failed to load controller: \x1b[33m${path}\x1b[0m`)
+              console.error(`\x1b[31m[Odac]\x1b[0m ${err.message}`)
+            }
           }
         }
       }

package/src/Validator.js

@@ -343,10 +343,10 @@ class Validator {
   }
 
   async brute(maxAttempts = 5) {
-    const ip = this.#request.ip()
+    const ip = this.#request.ip
     const now = new Date().toISOString().slice(0, 13).replace(/[-:T]/g, '')
-    const page = this.#request.path()
-    const storage = this.#odac.storage('sys')
+    const page = this.#request.url.split('?')[0]
+    const storage = this.#odac.Storage
     const validation = storage.get('validation') || {}
 
     this.#name = '_odac_form'
@@ -361,12 +361,12 @@ class Validator {
 
       if (validation.brute[now][page][ip] >= maxAttempts) {
         this.#message['_odac_form'] = this.#odac.Lang
-          ? this.#odac.Lang.get('Too many failed attempts. Please try again later.')
+          ? await this.#odac.Lang.get('Too many failed attempts. Please try again later.')
           : 'Too many failed attempts. Please try again later.'
       }
     }
 
-    storage.set('validation', validation)
+    storage.put('validation', validation)
     return this
   }
 }