sitepaige-mcp-server 1.1.0 → 1.2.1

package/dist/defaultapp/api/Auth/resend-verification/route.ts

@@ -4,8 +4,8 @@
  */
 
 import { NextResponse } from 'next/server';
-import { regenerateVerificationToken } from '../../../db-password-auth';
-import { send_email } from '../../../storage/email';
+import { regenerateVerificationToken } from '../../db-password-auth';
+import { send_email } from '../../storage/email';
 
 // Email validation regex
 const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
@@ -36,7 +36,7 @@ export async function POST(request: Request) {
     const { verificationToken } = result;
 
     // Get site domain from environment or default
-    const siteDomain = process.env.SITE_DOMAIN || 'https://sitepaige.com';
+    const siteDomain = process.env.NODE_ENV === 'production' ? process.env.DOMAIN : process.env.LOCAL_DOMAIN;
     const verificationUrl = `${siteDomain}/api/Auth/verify-email?token=${verificationToken}`;
 
     // Send verification email

package/dist/defaultapp/api/Auth/route.ts

@@ -8,8 +8,8 @@ import { cookies } from 'next/headers';
 import { NextResponse } from 'next/server';
 import * as crypto from 'node:crypto';
 
-import { db_init, db_query } from '../../db';
-import { upsertUser, storeOAuthToken, validateSession, rotateSession } from '../../db-users';
+import { db_init, db_query } from '../db';
+import { upsertUser, storeOAuthToken, validateSession, rotateSession } from '../db-users';
 
 type OAuthProvider = 'google' | 'facebook' | 'apple'  | 'github';
 

package/dist/defaultapp/api/Auth/signup/route.ts

@@ -4,8 +4,8 @@
  */
 
 import { NextResponse } from 'next/server';
-import { createPasswordAuth } from '../../../db-password-auth';
-import { send_email } from '../../../storage/email';
+import { createPasswordAuth } from '../../db-password-auth';
+import { send_email } from '../../storage/email';
 
 // Email validation regex
 const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
@@ -37,7 +37,7 @@ export async function POST(request: Request) {
     const { passwordAuth, verificationToken } = await createPasswordAuth(email, password);
 
     // Get site domain from environment or default
-    const siteDomain = process.env.SITE_DOMAIN || 'https://sitepaige.com';
+    const siteDomain = process.env.NODE_ENV === 'production' ? process.env.DOMAIN : process.env.LOCAL_DOMAIN;
     const verificationUrl = `${siteDomain}/api/Auth/verify-email?token=${verificationToken}`;
 
     // Send verification email

package/dist/defaultapp/api/Auth/verify-email/route.ts

@@ -4,9 +4,9 @@
  */
 
 import { NextResponse } from 'next/server';
-import { verifyEmailWithToken } from '../../../db-password-auth';
-import { upsertUser } from '../../../db-users';
-import { db_init, db_query } from '../../../db';
+import { verifyEmailWithToken } from '../../db-password-auth';
+import { upsertUser } from '../../db-users';
+import { db_init, db_query } from '../../db';
 import { cookies } from 'next/headers';
 import * as crypto from 'node:crypto';
 
@@ -86,7 +86,7 @@ export async function GET(request: Request) {
     });
 
     // Redirect to home page or dashboard with success message
-    const siteDomain = process.env.SITE_DOMAIN || 'https://sitepaige.com';
+    const siteDomain = process.env.NODE_ENV === 'production' ? process.env.DOMAIN : process.env.LOCAL_DOMAIN;
     const redirectUrl = new URL('/', siteDomain);
     redirectUrl.searchParams.set('verified', 'true');
     
@@ -96,7 +96,7 @@ export async function GET(request: Request) {
     console.error('Email verification error:', error);
     
     // Redirect to home with error
-    const siteDomain = process.env.SITE_DOMAIN || 'https://sitepaige.com';
+    const siteDomain = process.env.NODE_ENV === 'production' ? process.env.DOMAIN : process.env.LOCAL_DOMAIN;
     const redirectUrl = new URL('/', siteDomain);
     redirectUrl.searchParams.set('error', 'verification_failed');
     

package/dist/defaultapp/api/admin/users/route.ts

@@ -5,15 +5,15 @@
 
 import { NextRequest, NextResponse } from 'next/server';
 import { cookies } from 'next/headers';
-import { db_init, db_query } from '../../../db';
+import { db_init, db_query } from '../../db';
 import { 
   getAllUsers, 
   updateUserPermission, 
   deleteUser, 
   getUserStats,
   getUserByID
-} from '../../../db-users';
-import { validateCsrfToken } from '../../../csrf';
+} from '../../db-users';
+import { validateCsrfToken } from '../../csrf';
 
 // Helper function to check if the current user is an admin
 async function checkAdminAuth(): Promise<{ isAdmin: boolean; userId?: string }> {

package/dist/defaultapp/api/csrf.ts

@@ -0,0 +1,111 @@
+/*
+Sitepaige v1.0.0
+CSRF Protection Utility
+WARNING: This file is automatically generated and should not be modified.
+*/
+
+import { cookies, headers } from 'next/headers';
+import { NextRequest } from 'next/server';
+
+export class CsrfError extends Error {
+  constructor(message: string) {
+    super(message);
+    this.name = 'CsrfError';
+  }
+}
+
+/**
+ * Generates a new CSRF token
+ */
+export function generateCsrfToken(): string {
+  return crypto.randomUUID();
+}
+
+/**
+ * Gets the CSRF token from cookies
+ */
+export async function getCsrfToken(): Promise<string | undefined> {
+  const cookieStore = await cookies();
+  return cookieStore.get('csrf-token')?.value;
+}
+
+/**
+ * Validates CSRF token from request
+ * Checks both header and form data for the token
+ */
+export async function validateCsrfToken(request: NextRequest | Request): Promise<boolean> {
+  // Skip CSRF validation for GET and HEAD requests
+  if (request.method === 'GET' || request.method === 'HEAD') {
+    return true;
+  }
+
+  const cookieStore = await cookies();
+  const headerStore = await headers();
+  const cookieToken = cookieStore.get('csrf-token')?.value;
+
+  if (!cookieToken) {
+    return false;
+  }
+
+  // Check X-CSRF-Token header first
+  const headerToken = headerStore.get('x-csrf-token');
+  if (headerToken === cookieToken) {
+    return true;
+  }
+
+  // For form submissions, check the request body
+  if (request.headers.get('content-type')?.includes('application/x-www-form-urlencoded')) {
+    try {
+      const formData = await request.formData();
+      const formToken = formData.get('csrf_token');
+      if (formToken === cookieToken) {
+        return true;
+      }
+    } catch {
+      // If form parsing fails, continue to check JSON body
+    }
+  }
+
+  // For JSON requests, check the body
+  if (request.headers.get('content-type')?.includes('application/json')) {
+    try {
+      const body = await request.json();
+      if (body.csrf_token === cookieToken) {
+        return true;
+      }
+    } catch {
+      // If JSON parsing fails, token is invalid
+    }
+  }
+
+  return false;
+}
+
+/**
+ * Middleware helper to validate CSRF token
+ * Throws CsrfError if token is invalid
+ */
+export async function requireCsrfToken(request: NextRequest | Request): Promise<void> {
+  const isValid = await validateCsrfToken(request);
+  if (!isValid) {
+    throw new CsrfError('Invalid or missing CSRF token');
+  }
+}
+
+/**
+ * React hook helper to get CSRF token for client-side forms
+ */
+export function useCsrfToken(): { token: string | undefined; header: Record<string, string> } {
+  // This will be used client-side
+  const token = typeof document !== 'undefined' 
+    ? document.cookie
+        .split('; ')
+        .find(row => row.startsWith('csrf-token='))
+        ?.split('=')[1]
+    : undefined;
+
+  return {
+    token,
+    header: token ? { 'X-CSRF-Token': token } : {}
+  };
+}

package/dist/defaultapp/api/db-mysql.ts

@@ -0,0 +1,183 @@
+/*
+Sitepaige v1.0.0
+MySQL database implementation
+WARNING: This file is automatically generated and should not be modified.
+*/
+
+import mysql from 'mysql2/promise';
+import type { Model, ModelField } from './db';
+
+// Connection pool for better performance
+let pool: mysql.Pool | null = null;
+
+/**
+ * Initialize database connection
+ * @returns Database client (Pool)
+ */
+export async function db_init(): Promise<mysql.Pool> {
+
+  
+  // Return existing pool if already initialized
+  if (pool) {
+    return pool;
+  }
+
+  try {
+    // Create connection configuration
+    const poolConfig: mysql.PoolOptions = {
+      host: process.env.DB_HOST || 'localhost',
+      port: parseInt(process.env.DB_PORT || '3306'),
+      user: process.env.DB_USER || 'root',
+      password: process.env.DB_PASSWORD,
+      database: process.env.DB_NAME || 'app',
+      waitForConnections: true,
+      connectionLimit: 20,
+      queueLimit: 0,
+      enableKeepAlive: true,
+      keepAliveInitialDelay: 0
+    };
+    
+    // Create the pool
+    pool = mysql.createPool(poolConfig);
+    
+  
+    return pool;
+  } catch (error) {
+    throw error;
+  }
+}
+
+/**
+ * Execute a SQL query using the provided MySQL client
+ * @param client Database client from db_init()
+ * @param query SQL query string (MySQL syntax with ? parameter placeholders)
+ * @param params Optional array of parameters for the query
+ * @returns Array of selected rows or execution results
+ */
+export async function db_query(
+  client: mysql.Pool,
+  query: string,
+  params?: any[]
+): Promise<any[]> {
+
+  
+  try {
+    // MySQL uses ? placeholders like SQLite, so no conversion needed
+    const [results] = await client.execute(query, params);
+    
+    // Handle different result types
+    if (Array.isArray(results)) {
+      // SELECT query results
+      return results;
+    } else {
+      // INSERT, UPDATE, DELETE results
+      const resultInfo = results as mysql.ResultSetHeader;
+      return [{
+        changes: resultInfo.affectedRows,
+        insertId: resultInfo.insertId
+      }];
+    }
+    
+  } catch (error) {
+    // If table doesn't exist for SELECT, return empty array
+    if (error instanceof Error && error.message.includes("doesn't exist") && query.trim().toUpperCase().startsWith('SELECT')) {
+      return [];
+    }
+    throw error;
+  }
+}
+
+/**
+ * Generates a CREATE TABLE SQL string for the specified table and fields
+ * @param model The model definition
+ * @param dbType Database type
+ * @returns SQL string for creating the table
+ */
+export function db_migrate(model: Model, dbType: string): string {
+ 
+  const sanitizedTableName = model.name.toLowerCase().replace(/\s+/g, '_');
+  
+  // Start with the model's fields
+  let fields = [...model.fields];
+  
+  // Add userid field if data is user specific
+  if (model.data_is_user_specific === "true") {
+    fields.push({
+      name: 'userid',
+      datatype: 'VARCHAR',
+      datatypesize: '36', // UUID as string
+      key: 'foreign',
+      required: 'true',
+      default: undefined
+    });
+  }
+  
+  // Map SQL data types for MySQL
+  const sqlTypeMap: { [key: string]: string } = {
+    'UUID': 'VARCHAR(36)',
+    'TINYINT': 'TINYINT',
+    'SMALLINT': 'SMALLINT',
+    'BIGINT': 'BIGINT',
+    'INT128': 'DECIMAL(39,0)',
+    'VARCHAR': 'VARCHAR',
+    'TEXT': 'TEXT',
+    'BINARY': 'BLOB',
+    'DATE': 'DATE',
+    'TIME': 'TIME',
+    'DATETIME': 'DATETIME',
+    'DOUBLE': 'DOUBLE',
+    'FLOAT': 'FLOAT',
+    'BOOLEAN': 'BOOLEAN'
+  };
+
+  // Build column definitions
+  const columnDefs = fields.sort((a, b) => (b.key === 'primary' ? 1 : 0) - (a.key === 'primary' ? 1 : 0)).map(field => {
+    const dataType = field.datatype.toUpperCase();
+    let sqlType = sqlTypeMap[dataType] || dataType;
+    
+    // Add size for VARCHAR
+    if (dataType === 'VARCHAR' && field.datatypesize) {
+      sqlType = `VARCHAR(${field.datatypesize})`;
+    }
+    
+    let def = `\`${field.name}\` ${sqlType}`;
+    
+    // Add NOT NULL if required
+    if (field.required === "true") {
+        def += ' NOT NULL';
+    }
+
+    // Add default if specified
+    if (field.default !== undefined) {
+      if (field.datatype === 'VARCHAR' || field.datatype === 'TEXT') {
+        def += ` DEFAULT '${field.default}'`;
+      } else if (field.datatype === 'BOOLEAN') {
+        def += ` DEFAULT ${field.default === 'true' || field.default === true ? 1 : 0}`;
+      } else {
+        def += ` DEFAULT ${field.default}`;
+      }
+    }
+
+    // Add primary key constraint
+    if (field.key === 'primary') {
+      def += ' PRIMARY KEY';
+    }
+    
+    return def;
+  }).join(',\n  ');
+
+  // Add foreign key constraints at the end
+  const foreignKeys: string[] = [];
+  if (model.data_is_user_specific === "true") {
+    foreignKeys.push(`FOREIGN KEY (\`userid\`) REFERENCES \`users\` (\`userid\`)`);
+  }
+  
+  const allConstraints = foreignKeys.length > 0 
+    ? columnDefs + ',\n  ' + foreignKeys.join(',\n  ')
+    : columnDefs;
+
+  // Build the CREATE TABLE statement
+  const sql = `CREATE TABLE IF NOT EXISTS \`${sanitizedTableName}\` (\n  ${allConstraints}\n);`;
+
+  return sql;
+}