s3db.js 11.3.2 → 12.0.1

package/src/database.class.js

@@ -88,11 +88,8 @@ export class Database extends EventEmitter {
       if (typeof process !== 'undefined') {
         process.on('exit', async () => {
           if (this.isConnected()) {
-            try {
-              await this.disconnect();
-            } catch (err) {
-              // Silently ignore errors on exit
-            }
+            // Silently ignore errors on exit
+            await tryFn(() => this.disconnect());
           }
         });
       }
@@ -107,26 +104,28 @@ export class Database extends EventEmitter {
     let healingLog = [];
 
     if (await this.client.exists(`s3db.json`)) {
-      try {
+      const [ok, error] = await tryFn(async () => {
         const request = await this.client.getObject(`s3db.json`);
         const rawContent = await streamToString(request?.Body);
-        
+
         // Try to parse JSON
-        try {
-          metadata = JSON.parse(rawContent);
-        } catch (parseError) {
+        const [parseOk, parseError, parsedData] = tryFn(() => JSON.parse(rawContent));
+
+        if (!parseOk) {
           healingLog.push('JSON parsing failed - attempting recovery');
           needsHealing = true;
-          
+
           // Attempt to fix common JSON issues
           metadata = await this._attemptJsonRecovery(rawContent, healingLog);
-          
+
           if (!metadata) {
             // Create backup and start fresh
             await this._createCorruptedBackup(rawContent);
             healingLog.push('Created backup of corrupted file - starting with blank metadata');
             metadata = this.blankMetadataStructure();
           }
+        } else {
+          metadata = parsedData;
         }
 
         // Validate and heal metadata structure
@@ -135,8 +134,9 @@ export class Database extends EventEmitter {
           metadata = healedMetadata;
           needsHealing = true;
         }
+      });
 
-      } catch (error) {
+      if (!ok) {
         healingLog.push(`Critical error reading s3db.json: ${error.message}`);
         await this._createCorruptedBackup();
         metadata = this.blankMetadataStructure();
@@ -159,7 +159,7 @@ export class Database extends EventEmitter {
     
     // Create resources from saved metadata using current version
     for (const [name, resourceMetadata] of Object.entries(metadata.resources || {})) {
-      const currentVersion = resourceMetadata.currentVersion || 'v0';
+      const currentVersion = resourceMetadata.currentVersion || 'v1';
       const versionData = resourceMetadata.versions?.[currentVersion];
       
       if (versionData) {
@@ -240,7 +240,7 @@ export class Database extends EventEmitter {
         });
       } else {
         // Get current version hash from saved metadata
-        const currentVersion = savedResource.currentVersion || 'v0';
+        const currentVersion = savedResource.currentVersion || 'v1';
         const versionData = savedResource.versions?.[currentVersion];
         const savedHash = versionData?.hash;
         
@@ -260,7 +260,7 @@ export class Database extends EventEmitter {
     // Check for deleted resources
     for (const [name, savedResource] of Object.entries(savedMetadata.resources || {})) {
       if (!this.resources[name]) {
-        const currentVersion = savedResource.currentVersion || 'v0';
+        const currentVersion = savedResource.currentVersion || 'v1';
         const versionData = savedResource.versions?.[currentVersion];
         changes.push({
           type: 'deleted',
@@ -312,8 +312,8 @@ export class Database extends EventEmitter {
       .filter(v => v.startsWith('v'))
       .map(v => parseInt(v.substring(1)))
       .filter(n => !isNaN(n));
-    
-    const maxVersion = versionNumbers.length > 0 ? Math.max(...versionNumbers) : -1;
+
+    const maxVersion = versionNumbers.length > 0 ? Math.max(...versionNumbers) : 0;
     return `v${maxVersion + 1}`;
   }
 
@@ -325,24 +325,25 @@ export class Database extends EventEmitter {
    */
   _serializeHooks(hooks) {
     if (!hooks || typeof hooks !== 'object') return hooks;
-    
+
     const serialized = {};
     for (const [event, hookArray] of Object.entries(hooks)) {
       if (Array.isArray(hookArray)) {
         serialized[event] = hookArray.map(hook => {
           if (typeof hook === 'function') {
-            try {
-              return {
-                __s3db_serialized_function: true,
-                code: hook.toString(),
-                name: hook.name || 'anonymous'
-              };
-            } catch (err) {
+            const [ok, err, data] = tryFn(() => ({
+              __s3db_serialized_function: true,
+              code: hook.toString(),
+              name: hook.name || 'anonymous'
+            }));
+
+            if (!ok) {
               if (this.verbose) {
                 console.warn(`Failed to serialize hook for event '${event}':`, err.message);
               }
               return null;
             }
+            return data;
           }
           return hook;
         });
@@ -361,24 +362,25 @@ export class Database extends EventEmitter {
    */
   _deserializeHooks(serializedHooks) {
     if (!serializedHooks || typeof serializedHooks !== 'object') return serializedHooks;
-    
+
     const deserialized = {};
     for (const [event, hookArray] of Object.entries(serializedHooks)) {
       if (Array.isArray(hookArray)) {
         deserialized[event] = hookArray.map(hook => {
           if (hook && typeof hook === 'object' && hook.__s3db_serialized_function) {
-            try {
+            const [ok, err, fn] = tryFn(() => {
               // Use Function constructor instead of eval for better security
-              const fn = new Function('return ' + hook.code)();
-              if (typeof fn === 'function') {
-                return fn;
-              }
-            } catch (err) {
+              const func = new Function('return ' + hook.code)();
+              return typeof func === 'function' ? func : null;
+            });
+
+            if (!ok || fn === null) {
               if (this.verbose) {
-                console.warn(`Failed to deserialize hook '${hook.name}' for event '${event}':`, err.message);
+                console.warn(`Failed to deserialize hook '${hook.name}' for event '${event}':`, err?.message || 'Invalid function');
               }
+              return null;
             }
-            return null;
+            return fn;
           }
           return hook;
         }).filter(hook => hook !== null); // Remove failed deserializations
@@ -498,7 +500,7 @@ export class Database extends EventEmitter {
       
       // Check if resource exists in saved metadata
       const existingResource = this.savedMetadata?.resources?.[name];
-      const currentVersion = existingResource?.currentVersion || 'v0';
+      const currentVersion = existingResource?.currentVersion || 'v1';
       const existingVersionData = existingResource?.versions?.[currentVersion];
       
       let version, isNewVersion;
@@ -626,14 +628,16 @@ export class Database extends EventEmitter {
     ];
 
     for (const [index, fix] of fixes.entries()) {
-      try {
+      const [ok, err, parsed] = tryFn(() => {
         const fixedContent = fix();
-        const parsed = JSON.parse(fixedContent);
+        return JSON.parse(fixedContent);
+      });
+
+      if (ok) {
         healingLog.push(`JSON recovery successful using fix #${index + 1}`);
         return parsed;
-      } catch (error) {
-        // Try next fix
       }
+      // Try next fix
     }
 
     healingLog.push('All JSON recovery attempts failed');
@@ -723,7 +727,7 @@ export class Database extends EventEmitter {
 
     // Ensure currentVersion exists
     if (!healed.currentVersion) {
-      healed.currentVersion = 'v0';
+      healed.currentVersion = 'v1';
       healingLog.push(`Resource ${name}: added missing currentVersion`);
       changed = true;
     }
@@ -822,17 +826,16 @@ export class Database extends EventEmitter {
    * Create backup of corrupted file
    */
   async _createCorruptedBackup(content = null) {
-    try {
+    const [ok, err] = await tryFn(async () => {
       const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
       const backupKey = `s3db.json.corrupted.${timestamp}.backup`;
-      
+
       if (!content) {
-        try {
+        const [readOk, readErr, readData] = await tryFn(async () => {
           const request = await this.client.getObject(`s3db.json`);
-          content = await streamToString(request?.Body);
-        } catch (error) {
-          content = 'Unable to read corrupted file content';
-        }
+          return await streamToString(request?.Body);
+        });
+        content = readOk ? readData : 'Unable to read corrupted file content';
       }
 
       await this.client.putObject({
@@ -844,10 +847,10 @@ export class Database extends EventEmitter {
       if (this.verbose) {
         console.warn(`S3DB: Created backup of corrupted s3db.json as ${backupKey}`);
       }
-    } catch (error) {
-      if (this.verbose) {
-        console.warn(`S3DB: Failed to create backup: ${error.message}`);
-      }
+    });
+
+    if (!ok && this.verbose) {
+      console.warn(`S3DB: Failed to create backup: ${err.message}`);
     }
   }
 
@@ -855,7 +858,7 @@ export class Database extends EventEmitter {
    * Upload healed metadata with logging
    */
   async _uploadHealedMetadata(metadata, healingLog) {
-    try {
+    const [ok, err] = await tryFn(async () => {
       if (this.verbose && healingLog.length > 0) {
         console.warn('S3DB Self-Healing Operations:');
         healingLog.forEach(log => console.warn(`  - ${log}`));
@@ -875,11 +878,13 @@ export class Database extends EventEmitter {
       if (this.verbose) {
         console.warn('S3DB: Successfully uploaded healed metadata');
       }
-    } catch (error) {
+    });
+
+    if (!ok) {
       if (this.verbose) {
-        console.error(`S3DB: Failed to upload healed metadata: ${error.message}`);
+        console.error(`S3DB: Failed to upload healed metadata: ${err.message}`);
       }
-      throw error;
+      throw err;
     }
   }
 
@@ -979,7 +984,7 @@ export class Database extends EventEmitter {
       // Only upload metadata if hash actually changed
       const newHash = this.generateDefinitionHash(existingResource.export(), existingResource.behavior);
       const existingMetadata = this.savedMetadata?.resources?.[name];
-      const currentVersion = existingMetadata?.currentVersion || 'v0';
+      const currentVersion = existingMetadata?.currentVersion || 'v1';
       const existingVersionData = existingMetadata?.versions?.[currentVersion];
       if (!existingVersionData || existingVersionData.hash !== newHash) {
         await this.uploadMetadataFile();
@@ -988,7 +993,7 @@ export class Database extends EventEmitter {
       return existingResource;
     }
     const existingMetadata = this.savedMetadata?.resources?.[name];
-    const version = existingMetadata?.currentVersion || 'v0';
+    const version = existingMetadata?.currentVersion || 'v1';
     const resource = new Resource({
       name,
       client: this.client,
@@ -1011,6 +1016,7 @@ export class Database extends EventEmitter {
       idGenerator: config.idGenerator,
       idSize: config.idSize,
       asyncEvents: config.asyncEvents,
+      asyncPartitions: config.asyncPartitions !== undefined ? config.asyncPartitions : true,
       events: config.events || {},
       createdBy: config.createdBy || 'user'
     });
@@ -1073,7 +1079,8 @@ export class Database extends EventEmitter {
   }
 
   async disconnect() {
-    try {
+    // Silently ignore all errors during disconnect
+    await tryFn(async () => {
       // 1. Remove all listeners from all plugins
       if (this.pluginList && this.pluginList.length > 0) {
         for (const plugin of this.pluginList) {
@@ -1083,13 +1090,12 @@ export class Database extends EventEmitter {
         }
         // Also stop plugins if they have a stop method
         const stopProms = this.pluginList.map(async (plugin) => {
-          try {
+          // Silently ignore errors on exit
+          await tryFn(async () => {
             if (plugin && typeof plugin.stop === 'function') {
               await plugin.stop();
             }
-          } catch (err) {
-            // Silently ignore errors on exit
-          }
+          });
         });
         await Promise.all(stopProms);
       }
@@ -1097,7 +1103,8 @@ export class Database extends EventEmitter {
       // 2. Remove all listeners from all resources
       if (this.resources && Object.keys(this.resources).length > 0) {
         for (const [name, resource] of Object.entries(this.resources)) {
-          try {
+          // Silently ignore errors on exit
+          await tryFn(() => {
             if (resource && typeof resource.removeAllListeners === 'function') {
               resource.removeAllListeners();
             }
@@ -1110,9 +1117,7 @@ export class Database extends EventEmitter {
             if (resource.observers && Array.isArray(resource.observers)) {
               resource.observers = [];
             }
-          } catch (err) {
-            // Silently ignore errors on exit
-          }
+          });
         }
         // Instead of reassigning, clear in place
         Object.keys(this.resources).forEach(k => delete this.resources[k]);
@@ -1132,9 +1137,7 @@ export class Database extends EventEmitter {
       this.pluginList = [];
 
       this.emit('disconnected', new Date());
-    } catch (err) {
-      // Silently ignore errors on exit
-    }
+    });
   }
 
   /**
@@ -1249,12 +1252,11 @@ export class Database extends EventEmitter {
    */
   async _executeHooks(event, context = {}) {
     if (!this._hooks || !this._hooks.has(event)) return;
-    
+
     const hooks = this._hooks.get(event);
     for (const hook of hooks) {
-      try {
-        await hook({ database: this, ...context });
-      } catch (error) {
+      const [ok, error] = await tryFn(() => hook({ database: this, ...context }));
+      if (!ok) {
         // Emit error but don't stop hook execution
         this.emit('hookError', { event, error, context });
       }

package/src/errors.js

@@ -498,8 +498,6 @@ Solution:
 ${queueSize >= maxQueueSize
   ? 'Wait for queue to drain or increase maxQueueSize'
   : 'Check driver configuration and permissions'}
-
-Docs: https://github.com/forattini-dev/s3db.js/blob/main/docs/README.md#partition-drivers
 `.trim();
     } else if (!description) {
       description = `
@@ -509,8 +507,6 @@ Driver: ${driver}
 Operation: ${operation}
 
 Check driver configuration and permissions.
-
-Docs: https://github.com/forattini-dev/s3db.js/blob/main/docs/README.md#partition-drivers
 `.trim();
     }
 

package/src/plugins/api/auth/api-key-auth.js

@@ -0,0 +1,88 @@
+/**
+ * API Key Authentication - Simple API key authentication middleware
+ *
+ * Provides authentication using static API keys in headers
+ */
+
+import { unauthorized } from '../utils/response-formatter.js';
+
+/**
+ * Generate random API key
+ * @param {number} length - Key length (default: 32)
+ * @returns {string} Random API key
+ */
+export function generateApiKey(length = 32) {
+  const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+  let apiKey = '';
+
+  for (let i = 0; i < length; i++) {
+    apiKey += chars.charAt(Math.floor(Math.random() * chars.length));
+  }
+
+  return apiKey;
+}
+
+/**
+ * Create API Key authentication middleware
+ * @param {Object} options - API Key options
+ * @param {string} options.headerName - Header name for API key (default: 'X-API-Key')
+ * @param {Object} options.usersResource - Users resource for key validation
+ * @param {boolean} options.optional - If true, allows requests without auth
+ * @returns {Function} Hono middleware
+ */
+export function apiKeyAuth(options = {}) {
+  const {
+    headerName = 'X-API-Key',
+    usersResource,
+    optional = false
+  } = options;
+
+  if (!usersResource) {
+    throw new Error('usersResource is required for API key authentication');
+  }
+
+  return async (c, next) => {
+    const apiKey = c.req.header(headerName);
+
+    if (!apiKey) {
+      if (optional) {
+        return await next();
+      }
+
+      const response = unauthorized(`Missing ${headerName} header`);
+      return c.json(response, response._status);
+    }
+
+    // Query users by API key
+    try {
+      const users = await usersResource.query({ apiKey });
+
+      if (!users || users.length === 0) {
+        const response = unauthorized('Invalid API key');
+        return c.json(response, response._status);
+      }
+
+      const user = users[0];
+
+      if (!user.active) {
+        const response = unauthorized('User account is inactive');
+        return c.json(response, response._status);
+      }
+
+      // Store user in context
+      c.set('user', user);
+      c.set('authMethod', 'apiKey');
+
+      await next();
+    } catch (err) {
+      console.error('[API Key Auth] Error validating key:', err);
+      const response = unauthorized('Authentication error');
+      return c.json(response, response._status);
+    }
+  };
+}
+
+export default {
+  generateApiKey,
+  apiKeyAuth
+};

package/src/plugins/api/auth/basic-auth.js

@@ -0,0 +1,154 @@
+/**
+ * Basic Authentication - HTTP Basic Auth middleware
+ *
+ * Provides authentication using username:password in Authorization header
+ */
+
+import { unauthorized } from '../utils/response-formatter.js';
+import { decrypt } from '../../../concerns/crypto.js';
+import tryFn from '../../../concerns/try-fn.js';
+
+/**
+ * Parse Basic Auth header
+ * @param {string} authHeader - Authorization header value
+ * @returns {Object|null} { username, password } or null if invalid
+ */
+export function parseBasicAuth(authHeader) {
+  if (!authHeader) {
+    return null;
+  }
+
+  const match = authHeader.match(/^Basic\s+(.+)$/i);
+  if (!match) {
+    return null;
+  }
+
+  try {
+    const decoded = Buffer.from(match[1], 'base64').toString('utf-8');
+    const [username, ...passwordParts] = decoded.split(':');
+    const password = passwordParts.join(':'); // Handle passwords with colons
+
+    if (!username || !password) {
+      return null;
+    }
+
+    return { username, password };
+  } catch (err) {
+    return null;
+  }
+}
+
+/**
+ * Verify password against stored hash
+ * @param {string} inputPassword - Plain text password from request
+ * @param {string} storedPassword - Encrypted password from database
+ * @param {string} passphrase - Encryption passphrase
+ * @returns {Promise<boolean>} True if password matches
+ */
+async function verifyPassword(inputPassword, storedPassword, passphrase) {
+  try {
+    // Decrypt stored password
+    const [ok, err, decrypted] = await tryFn(() =>
+      decrypt(storedPassword, passphrase)
+    );
+
+    if (!ok) {
+      return false;
+    }
+
+    // Compare
+    return decrypted === inputPassword;
+  } catch (err) {
+    return false;
+  }
+}
+
+/**
+ * Create Basic Auth middleware
+ * @param {Object} options - Basic Auth options
+ * @param {string} options.realm - Authentication realm (default: 'API Access')
+ * @param {Object} options.usersResource - Users resource for credential validation
+ * @param {string} options.passphrase - Passphrase for password decryption
+ * @param {boolean} options.optional - If true, allows requests without auth
+ * @returns {Function} Hono middleware
+ */
+export function basicAuth(options = {}) {
+  const {
+    realm = 'API Access',
+    usersResource,
+    passphrase = 'secret',
+    optional = false
+  } = options;
+
+  if (!usersResource) {
+    throw new Error('usersResource is required for Basic authentication');
+  }
+
+  return async (c, next) => {
+    const authHeader = c.req.header('authorization');
+
+    if (!authHeader) {
+      if (optional) {
+        return await next();
+      }
+
+      c.header('WWW-Authenticate', `Basic realm="${realm}"`);
+      const response = unauthorized('Basic authentication required');
+      return c.json(response, response._status);
+    }
+
+    const credentials = parseBasicAuth(authHeader);
+
+    if (!credentials) {
+      c.header('WWW-Authenticate', `Basic realm="${realm}"`);
+      const response = unauthorized('Invalid Basic authentication format');
+      return c.json(response, response._status);
+    }
+
+    const { username, password } = credentials;
+
+    // Query user by username
+    try {
+      const users = await usersResource.query({ username });
+
+      if (!users || users.length === 0) {
+        c.header('WWW-Authenticate', `Basic realm="${realm}"`);
+        const response = unauthorized('Invalid credentials');
+        return c.json(response, response._status);
+      }
+
+      const user = users[0];
+
+      if (!user.active) {
+        c.header('WWW-Authenticate', `Basic realm="${realm}"`);
+        const response = unauthorized('User account is inactive');
+        return c.json(response, response._status);
+      }
+
+      // Verify password
+      const isValid = await verifyPassword(password, user.password, passphrase);
+
+      if (!isValid) {
+        c.header('WWW-Authenticate', `Basic realm="${realm}"`);
+        const response = unauthorized('Invalid credentials');
+        return c.json(response, response._status);
+      }
+
+      // Store user in context
+      c.set('user', user);
+      c.set('authMethod', 'basic');
+
+      await next();
+    } catch (err) {
+      console.error('[Basic Auth] Error validating credentials:', err);
+      c.header('WWW-Authenticate', `Basic realm="${realm}"`);
+      const response = unauthorized('Authentication error');
+      return c.json(response, response._status);
+    }
+  };
+}
+
+export default {
+  parseBasicAuth,
+  basicAuth
+};