npm - s3db.js - Versions diffs - 11.3.1 → 12.0.0 - Mend

s3db.js 11.3.1 → 12.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (92) hide show

package/README.md +102 -8
package/dist/s3db.cjs.js +36664 -15480
package/dist/s3db.cjs.js.map +1 -1
package/dist/s3db.d.ts +57 -0
package/dist/s3db.es.js +36661 -15531
package/dist/s3db.es.js.map +1 -1
package/mcp/entrypoint.js +58 -0
package/mcp/tools/documentation.js +434 -0
package/mcp/tools/index.js +4 -0
package/package.json +27 -6
package/src/behaviors/user-managed.js +13 -6
package/src/client.class.js +41 -46
package/src/concerns/base62.js +85 -0
package/src/concerns/dictionary-encoding.js +294 -0
package/src/concerns/geo-encoding.js +256 -0
package/src/concerns/high-performance-inserter.js +34 -30
package/src/concerns/ip.js +325 -0
package/src/concerns/metadata-encoding.js +345 -66
package/src/concerns/money.js +193 -0
package/src/concerns/partition-queue.js +7 -4
package/src/concerns/plugin-storage.js +39 -19
package/src/database.class.js +76 -74
package/src/errors.js +0 -4
package/src/plugins/api/auth/api-key-auth.js +88 -0
package/src/plugins/api/auth/basic-auth.js +154 -0
package/src/plugins/api/auth/index.js +112 -0
package/src/plugins/api/auth/jwt-auth.js +169 -0
package/src/plugins/api/index.js +539 -0
package/src/plugins/api/middlewares/index.js +15 -0
package/src/plugins/api/middlewares/validator.js +185 -0
package/src/plugins/api/routes/auth-routes.js +241 -0
package/src/plugins/api/routes/resource-routes.js +304 -0
package/src/plugins/api/server.js +350 -0
package/src/plugins/api/utils/error-handler.js +147 -0
package/src/plugins/api/utils/openapi-generator.js +1240 -0
package/src/plugins/api/utils/response-formatter.js +218 -0
package/src/plugins/backup/streaming-exporter.js +132 -0
package/src/plugins/backup.plugin.js +103 -50
package/src/plugins/cache/s3-cache.class.js +95 -47
package/src/plugins/cache.plugin.js +107 -9
package/src/plugins/concerns/plugin-dependencies.js +313 -0
package/src/plugins/concerns/prometheus-formatter.js +255 -0
package/src/plugins/consumers/rabbitmq-consumer.js +4 -0
package/src/plugins/consumers/sqs-consumer.js +4 -0
package/src/plugins/costs.plugin.js +255 -39
package/src/plugins/eventual-consistency/helpers.js +15 -1
package/src/plugins/geo.plugin.js +873 -0
package/src/plugins/importer/index.js +1020 -0
package/src/plugins/index.js +11 -0
package/src/plugins/metrics.plugin.js +163 -4
package/src/plugins/queue-consumer.plugin.js +6 -27
package/src/plugins/relation.errors.js +139 -0
package/src/plugins/relation.plugin.js +1242 -0
package/src/plugins/replicators/bigquery-replicator.class.js +180 -8
package/src/plugins/replicators/dynamodb-replicator.class.js +383 -0
package/src/plugins/replicators/index.js +28 -3
package/src/plugins/replicators/mongodb-replicator.class.js +391 -0
package/src/plugins/replicators/mysql-replicator.class.js +558 -0
package/src/plugins/replicators/planetscale-replicator.class.js +409 -0
package/src/plugins/replicators/postgres-replicator.class.js +182 -7
package/src/plugins/replicators/s3db-replicator.class.js +1 -12
package/src/plugins/replicators/schema-sync.helper.js +601 -0
package/src/plugins/replicators/sqs-replicator.class.js +11 -9
package/src/plugins/replicators/turso-replicator.class.js +416 -0
package/src/plugins/replicators/webhook-replicator.class.js +612 -0
package/src/plugins/state-machine.plugin.js +122 -68
package/src/plugins/tfstate/README.md +745 -0
package/src/plugins/tfstate/base-driver.js +80 -0
package/src/plugins/tfstate/errors.js +112 -0
package/src/plugins/tfstate/filesystem-driver.js +129 -0
package/src/plugins/tfstate/index.js +2660 -0
package/src/plugins/tfstate/s3-driver.js +192 -0
package/src/plugins/ttl.plugin.js +536 -0
package/src/resource.class.js +14 -10
package/src/s3db.d.ts +57 -0
package/src/schema.class.js +366 -32
package/SECURITY.md +0 -76
package/mcp/CLAUDE_CLI_SETUP.md +0 -302
package/mcp/Dockerfile +0 -45
package/mcp/Makefile +0 -162
package/mcp/NPX_SETUP.md +0 -327
package/mcp/PUBLISHING.md +0 -281
package/mcp/README.md +0 -125
package/mcp/docker-compose.yml +0 -120
package/mcp/examples/test-filesystem-cache.js +0 -147
package/mcp/examples/test-mcp.js +0 -433
package/mcp/package.json +0 -66
package/src/partition-drivers/base-partition-driver.js +0 -106
package/src/partition-drivers/index.js +0 -66
package/src/partition-drivers/memory-partition-driver.js +0 -289
package/src/partition-drivers/sqs-partition-driver.js +0 -337
package/src/partition-drivers/sync-partition-driver.js +0 -38

package/src/plugins/api/middlewares/validator.js ADDED Viewed

@@ -0,0 +1,185 @@
+/**
+ * Validation Middleware - Schema validation for resource operations
+ *
+ * Uses s3db.js resource schemas to validate request data
+ */
+import { validationError } from '../utils/response-formatter.js';
+/**
+ * Create validation middleware for a resource
+ * @param {Object} resource - s3db.js Resource instance
+ * @param {Object} options - Validation options
+ * @param {boolean} options.validateOnInsert - Validate on POST (default: true)
+ * @param {boolean} options.validateOnUpdate - Validate on PUT/PATCH (default: true)
+ * @param {boolean} options.partial - Allow partial validation for PATCH (default: true)
+ * @returns {Function} Hono middleware
+ */
+export function createValidationMiddleware(resource, options = {}) {
+  const {
+    validateOnInsert = true,
+    validateOnUpdate = true,
+    partial = true
+  } = options;
+  const schema = resource.schema;
+  return async (c, next) => {
+    const method = c.req.method;
+    const shouldValidate =
+      (method === 'POST' && validateOnInsert) ||
+      ((method === 'PUT' || method === 'PATCH') && validateOnUpdate);
+    if (!shouldValidate) {
+      return await next();
+    }
+    // Get request body
+    let data;
+    try {
+      data = await c.req.json();
+    } catch (err) {
+      const response = validationError([
+        { field: 'body', message: 'Invalid JSON in request body' }
+      ]);
+      return c.json(response, response._status);
+    }
+    // For PATCH, allow partial data
+    const isPartial = method === 'PATCH' && partial;
+    // Validate using resource schema
+    const validationResult = schema.validate(data, {
+      partial: isPartial,
+      strict: !isPartial
+    });
+    if (!validationResult.valid) {
+      const errors = validationResult.errors.map(err => ({
+        field: err.field || err.attribute || 'unknown',
+        message: err.message,
+        expected: err.expected,
+        actual: err.actual
+      }));
+      const response = validationError(errors);
+      return c.json(response, response._status);
+    }
+    // Store validated data in context (optional)
+    c.set('validatedData', validationResult.data || data);
+    await next();
+  };
+}
+/**
+ * Create validation middleware that validates query parameters
+ * @param {Object} schema - Validation schema for query params
+ * @returns {Function} Hono middleware
+ */
+export function createQueryValidation(schema = {}) {
+  return async (c, next) => {
+    const query = c.req.query();
+    const errors = [];
+    // Validate each query parameter
+    for (const [key, rules] of Object.entries(schema)) {
+      const value = query[key];
+      // Check required
+      if (rules.required && !value) {
+        errors.push({
+          field: key,
+          message: `Query parameter '${key}' is required`
+        });
+        continue;
+      }
+      if (!value) continue;
+      // Check type
+      if (rules.type) {
+        if (rules.type === 'number' && isNaN(Number(value))) {
+          errors.push({
+            field: key,
+            message: `Query parameter '${key}' must be a number`,
+            actual: value
+          });
+        }
+        if (rules.type === 'boolean' && !['true', 'false', '1', '0'].includes(value.toLowerCase())) {
+          errors.push({
+            field: key,
+            message: `Query parameter '${key}' must be a boolean`,
+            actual: value
+          });
+        }
+      }
+      // Check min/max for numbers
+      if (rules.type === 'number') {
+        const num = Number(value);
+        if (rules.min !== undefined && num < rules.min) {
+          errors.push({
+            field: key,
+            message: `Query parameter '${key}' must be at least ${rules.min}`,
+            actual: num
+          });
+        }
+        if (rules.max !== undefined && num > rules.max) {
+          errors.push({
+            field: key,
+            message: `Query parameter '${key}' must be at most ${rules.max}`,
+            actual: num
+          });
+        }
+      }
+      // Check enum values
+      if (rules.enum && !rules.enum.includes(value)) {
+        errors.push({
+          field: key,
+          message: `Query parameter '${key}' must be one of: ${rules.enum.join(', ')}`,
+          actual: value
+        });
+      }
+    }
+    if (errors.length > 0) {
+      const response = validationError(errors);
+      return c.json(response, response._status);
+    }
+    await next();
+  };
+}
+/**
+ * Standard query parameters validation for list endpoints
+ */
+export const listQueryValidation = createQueryValidation({
+  limit: {
+    type: 'number',
+    min: 1,
+    max: 1000
+  },
+  offset: {
+    type: 'number',
+    min: 0
+  },
+  partition: {
+    type: 'string'
+  },
+  partitionValues: {
+    type: 'string' // JSON string
+  }
+});
+export default {
+  createValidationMiddleware,
+  createQueryValidation,
+  listQueryValidation
+};

package/src/plugins/api/routes/auth-routes.js ADDED Viewed

@@ -0,0 +1,241 @@
+/**
+ * Authentication Routes - Login, register, and token management endpoints
+ *
+ * Provides user authentication endpoints for the API
+ */
+import { Hono } from 'hono';
+import { asyncHandler } from '../utils/error-handler.js';
+import * as formatter from '../utils/response-formatter.js';
+import { createToken } from '../auth/jwt-auth.js';
+import { generateApiKey } from '../auth/api-key-auth.js';
+import { encrypt } from '../../../concerns/crypto.js';
+import tryFn from '../../../concerns/try-fn.js';
+/**
+ * Create authentication routes
+ * @param {Object} usersResource - s3db.js users resource
+ * @param {Object} config - Auth configuration
+ * @returns {Hono} Hono app with auth routes
+ */
+export function createAuthRoutes(usersResource, config = {}) {
+  const app = new Hono();
+  const {
+    jwtSecret,
+    jwtExpiresIn = '7d',
+    passphrase = 'secret',
+    allowRegistration = true
+  } = config;
+  // POST /auth/register - Register new user
+  if (allowRegistration) {
+    app.post('/register', asyncHandler(async (c) => {
+      const data = await c.req.json();
+      const { username, password, email, role = 'user' } = data;
+      // Validate input
+      if (!username || !password) {
+        const response = formatter.validationError([
+          { field: 'username', message: 'Username is required' },
+          { field: 'password', message: 'Password is required' }
+        ]);
+        return c.json(response, response._status);
+      }
+      if (password.length < 8) {
+        const response = formatter.validationError([
+          { field: 'password', message: 'Password must be at least 8 characters' }
+        ]);
+        return c.json(response, response._status);
+      }
+      // Check if username already exists
+      const existing = await usersResource.query({ username });
+      if (existing && existing.length > 0) {
+        const response = formatter.error('Username already exists', {
+          status: 409,
+          code: 'CONFLICT'
+        });
+        return c.json(response, response._status);
+      }
+      // Create user
+      const user = await usersResource.insert({
+        username,
+        password, // Will be auto-encrypted by schema (secret field)
+        email,
+        role,
+        active: true,
+        apiKey: generateApiKey(),
+        createdAt: new Date().toISOString()
+      });
+      // Generate JWT token
+      let token = null;
+      if (jwtSecret) {
+        token = createToken(
+          { userId: user.id, username: user.username, role: user.role },
+          jwtSecret,
+          jwtExpiresIn
+        );
+      }
+      // Remove sensitive data from response
+      const { password: _, ...userWithoutPassword } = user;
+      const response = formatter.created({
+        user: userWithoutPassword,
+        token
+      }, `/auth/users/${user.id}`);
+      return c.json(response, response._status);
+    }));
+  }
+  // POST /auth/login - Login with username/password
+  app.post('/login', asyncHandler(async (c) => {
+    const data = await c.req.json();
+    const { username, password } = data;
+    // Validate input
+    if (!username || !password) {
+      const response = formatter.unauthorized('Username and password are required');
+      return c.json(response, response._status);
+    }
+    // Find user
+    const users = await usersResource.query({ username });
+    if (!users || users.length === 0) {
+      const response = formatter.unauthorized('Invalid credentials');
+      return c.json(response, response._status);
+    }
+    const user = users[0];
+    if (!user.active) {
+      const response = formatter.unauthorized('User account is inactive');
+      return c.json(response, response._status);
+    }
+    // Verify password (decrypt and compare)
+    // Note: In production, use proper password hashing (bcrypt, argon2)
+    const [ok, err, decrypted] = await tryFn(() =>
+      user.password // Password is already decrypted by autoDecrypt
+    );
+    // For secret fields, we need to manually decrypt if autoDecrypt is off
+    // But by default autoDecrypt is true, so user.password should be plain text here
+    // Let's just compare directly since schema handles encryption/decryption
+    const isValid = user.password === password;
+    if (!isValid) {
+      const response = formatter.unauthorized('Invalid credentials');
+      return c.json(response, response._status);
+    }
+    // Update last login
+    await usersResource.update(user.id, {
+      lastLoginAt: new Date().toISOString()
+    });
+    // Generate JWT token
+    let token = null;
+    if (jwtSecret) {
+      token = createToken(
+        { userId: user.id, username: user.username, role: user.role },
+        jwtSecret,
+        jwtExpiresIn
+      );
+    }
+    // Remove sensitive data from response
+    const { password: _, ...userWithoutPassword } = user;
+    const response = formatter.success({
+      user: userWithoutPassword,
+      token,
+      expiresIn: jwtExpiresIn
+    });
+    return c.json(response, response._status);
+  }));
+  // POST /auth/token/refresh - Refresh JWT token
+  if (jwtSecret) {
+    app.post('/token/refresh', asyncHandler(async (c) => {
+      const user = c.get('user');
+      if (!user) {
+        const response = formatter.unauthorized('Authentication required');
+        return c.json(response, response._status);
+      }
+      // Generate new token
+      const token = createToken(
+        { userId: user.id, username: user.username, role: user.role },
+        jwtSecret,
+        jwtExpiresIn
+      );
+      const response = formatter.success({
+        token,
+        expiresIn: jwtExpiresIn
+      });
+      return c.json(response, response._status);
+    }));
+  }
+  // GET /auth/me - Get current user info
+  app.get('/me', asyncHandler(async (c) => {
+    const user = c.get('user');
+    if (!user) {
+      const response = formatter.unauthorized('Authentication required');
+      return c.json(response, response._status);
+    }
+    // If user is from JWT payload (no password field), return as is
+    if (!user.password) {
+      const response = formatter.success(user);
+      return c.json(response, response._status);
+    }
+    // Remove sensitive data
+    const { password: _, ...userWithoutPassword } = user;
+    const response = formatter.success(userWithoutPassword);
+    return c.json(response, response._status);
+  }));
+  // POST /auth/api-key/regenerate - Regenerate API key
+  app.post('/api-key/regenerate', asyncHandler(async (c) => {
+    const user = c.get('user');
+    if (!user) {
+      const response = formatter.unauthorized('Authentication required');
+      return c.json(response, response._status);
+    }
+    // Generate new API key
+    const newApiKey = generateApiKey();
+    // Update user
+    await usersResource.update(user.id, {
+      apiKey: newApiKey
+    });
+    const response = formatter.success({
+      apiKey: newApiKey,
+      message: 'API key regenerated successfully'
+    });
+    return c.json(response, response._status);
+  }));
+  return app;
+}
+export default {
+  createAuthRoutes
+};