sonamu 0.8.24 → 0.8.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api/__tests__/config.test.js +189 -0
- package/dist/api/config.d.ts.map +1 -1
- package/dist/api/config.js +7 -2
- package/dist/api/sonamu.d.ts.map +1 -1
- package/dist/api/sonamu.js +14 -10
- package/dist/auth/index.d.ts +1 -0
- package/dist/auth/index.d.ts.map +1 -1
- package/dist/auth/index.js +2 -1
- package/dist/auth/knex-adapter.d.ts +23 -0
- package/dist/auth/knex-adapter.d.ts.map +1 -0
- package/dist/auth/knex-adapter.js +163 -0
- package/dist/auth/plugins/wrappers/admin.d.ts +2 -2
- package/dist/bin/__tests__/ts-loader-register.test.js +45 -0
- package/dist/bin/cli.js +47 -9
- package/dist/bin/ts-loader-register.js +3 -29
- package/dist/bin/ts-loader-registration.d.ts +2 -0
- package/dist/bin/ts-loader-registration.d.ts.map +1 -0
- package/dist/bin/ts-loader-registration.js +42 -0
- package/dist/cone/cone-generator.js +3 -3
- package/dist/database/puri-subset.test-d.js +9 -1
- package/dist/database/puri-subset.types.d.ts +1 -1
- package/dist/database/puri-subset.types.d.ts.map +1 -1
- package/dist/database/puri-subset.types.js +1 -1
- package/dist/testing/fixture-generator.js +5 -5
- package/dist/ui/ai-client.js +2 -2
- package/dist/ui/api.d.ts.map +1 -1
- package/dist/ui/api.js +14 -14
- package/dist/ui/cdd-service.d.ts +15 -18
- package/dist/ui/cdd-service.d.ts.map +1 -1
- package/dist/ui/cdd-service.js +246 -222
- package/dist/ui/cdd-types.d.ts +41 -68
- package/dist/ui/cdd-types.d.ts.map +1 -1
- package/dist/ui/cdd-types.js +2 -2
- package/dist/ui-web/assets/index-CKo0Z2Iu.css +1 -0
- package/dist/ui-web/assets/{index-CxiydzeC.js → index-DK-2aacv.js} +83 -83
- package/dist/ui-web/index.html +2 -2
- package/package.json +6 -2
- package/src/api/__tests__/config.test.ts +225 -0
- package/src/api/config.ts +10 -4
- package/src/api/sonamu.ts +16 -13
- package/src/auth/index.ts +1 -0
- package/src/auth/knex-adapter.ts +208 -0
- package/src/bin/__tests__/ts-loader-register.test.ts +62 -0
- package/src/bin/cli.ts +52 -9
- package/src/bin/ts-loader-register.ts +2 -32
- package/src/bin/ts-loader-registration.ts +55 -0
- package/src/cone/cone-generator.ts +2 -2
- package/src/database/puri-subset.test-d.ts +102 -0
- package/src/database/puri-subset.types.ts +1 -1
- package/src/skills/commands/sonamu-skills.md +20 -0
- package/src/skills/sonamu/SKILL.md +179 -137
- package/src/skills/sonamu/ai-agents.md +69 -69
- package/src/skills/sonamu/api.md +147 -147
- package/src/skills/sonamu/auth-migration.md +220 -220
- package/src/skills/sonamu/auth-plugins.md +83 -83
- package/src/skills/sonamu/auth.md +106 -106
- package/src/skills/sonamu/cdd.md +65 -200
- package/src/skills/sonamu/cone.md +138 -138
- package/src/skills/sonamu/config.md +191 -191
- package/src/skills/sonamu/create-sonamu.md +66 -66
- package/src/skills/sonamu/database.md +158 -158
- package/src/skills/sonamu/entity-basic.md +292 -293
- package/src/skills/sonamu/entity-relations.md +246 -246
- package/src/skills/sonamu/entity-validation-checklist.md +124 -124
- package/src/skills/sonamu/fixture-cli.md +231 -231
- package/src/skills/sonamu/framework-change.md +37 -37
- package/src/skills/sonamu/frontend.md +223 -223
- package/src/skills/sonamu/i18n.md +82 -82
- package/src/skills/sonamu/migration.md +77 -77
- package/src/skills/sonamu/model.md +222 -222
- package/src/skills/sonamu/naite.md +86 -86
- package/src/skills/sonamu/project-init.md +228 -228
- package/src/skills/sonamu/puri.md +122 -122
- package/src/skills/sonamu/scaffolding.md +154 -154
- package/src/skills/sonamu/skill-contribution.md +124 -124
- package/src/skills/sonamu/subset.md +46 -46
- package/src/skills/sonamu/tasks.md +82 -82
- package/src/skills/sonamu/testing-devrunner.md +147 -147
- package/src/skills/sonamu/testing.md +673 -673
- package/src/skills/sonamu/upsert.md +79 -79
- package/src/skills/sonamu/vector.md +67 -67
- package/src/testing/fixture-generator.ts +4 -4
- package/src/ui/ai-client.ts +1 -1
- package/src/ui/api.ts +18 -17
- package/src/ui/cdd-service.ts +264 -254
- package/src/ui/cdd-types.ts +40 -75
- package/dist/ui-web/assets/index-BrQKU3j9.css +0 -1
- package/src/skills/sonamu/workflow.md +0 -317
|
@@ -1,77 +1,77 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: sonamu-auth
|
|
3
|
-
description: Sonamu better-auth
|
|
3
|
+
description: Sonamu better-auth authentication system. Automatic entity generation, Guards configuration, Context access. Use when setting up authentication or implementing auth-related features.
|
|
4
4
|
---
|
|
5
5
|
|
|
6
|
-
# better-auth
|
|
6
|
+
# better-auth Authentication System
|
|
7
7
|
|
|
8
|
-
>
|
|
8
|
+
> This document is based on actual Sonamu source code.
|
|
9
9
|
|
|
10
|
-
##
|
|
10
|
+
## Automatic Entity Generation
|
|
11
11
|
|
|
12
|
-
|
|
13
|
-
- CLI: `modules/sonamu/src/bin/cli.ts` (auth_generate
|
|
14
|
-
-
|
|
15
|
-
-
|
|
12
|
+
**Source code:**
|
|
13
|
+
- CLI: `modules/sonamu/src/bin/cli.ts` (auth_generate function)
|
|
14
|
+
- Generation logic: `modules/sonamu/src/auth/auth-generator.ts`
|
|
15
|
+
- Entity definitions: `modules/sonamu/src/auth/better-auth-entities.ts`
|
|
16
16
|
|
|
17
|
-
**IMPORTANT: generate
|
|
17
|
+
**IMPORTANT: Before running generate, you must confirm with the user which plugins they want to use.**
|
|
18
18
|
|
|
19
|
-
|
|
20
|
-
|
|
19
|
+
Plugin selection happens at generate time and can be added later, but it is best to specify them from the start.
|
|
20
|
+
Refer to `auth-plugins.md` for the list of supported plugins and their purposes.
|
|
21
21
|
|
|
22
|
-
###
|
|
22
|
+
### Plugin Confirmation Flow
|
|
23
23
|
|
|
24
|
-
**[Step 1]
|
|
24
|
+
**[Step 1] Confirm before generate (required)**
|
|
25
25
|
|
|
26
|
-
> "
|
|
27
|
-
>
|
|
26
|
+
> "What authentication method do you plan to use? Please confirm whether you need additional plugins beyond the default email/social login.
|
|
27
|
+
> Supported plugins: `admin`, `organization`, `2fa`, `username`, `phone-number`, `api-key`, `jwt`, `passkey`, `sso`, `anonymous`"
|
|
28
28
|
|
|
29
|
-
**[Step 1-A]
|
|
29
|
+
**[Step 1-A] If the user responds "I'll do it later":**
|
|
30
30
|
|
|
31
|
-
|
|
31
|
+
Provide the following guidance and proceed with generate without plugins:
|
|
32
32
|
|
|
33
|
-
> "
|
|
34
|
-
>
|
|
33
|
+
> "Understood. It's best to add plugins before the initial migration is run.
|
|
34
|
+
> I'll confirm again before the migration."
|
|
35
35
|
|
|
36
|
-
|
|
36
|
+
And remember the **`plugins_deferred: true`** state.
|
|
37
37
|
|
|
38
|
-
**[Step 2] migrate run
|
|
38
|
+
**[Step 2] Re-confirm just before migrate run (CRITICAL — must be done if `plugins_deferred: true`)**
|
|
39
39
|
|
|
40
|
-
|
|
40
|
+
Before running the migration, always confirm again:
|
|
41
41
|
|
|
42
|
-
> "
|
|
43
|
-
>
|
|
44
|
-
>
|
|
42
|
+
> "You are about to run a migration. This is the best time to add plugins.
|
|
43
|
+
> If you want to add any plugins, please let me know. Otherwise, we'll proceed as-is.
|
|
44
|
+
> Supported plugins: `admin`, `organization`, `2fa`, `username`, `phone-number`, `api-key`, `jwt`, `passkey`, `sso`, `anonymous`"
|
|
45
45
|
|
|
46
|
-
-
|
|
47
|
-
-
|
|
46
|
+
- If adding plugins: run `pnpm sonamu auth generate --plugins <list>` then proceed with migrate
|
|
47
|
+
- If none: proceed with migrate as-is
|
|
48
48
|
|
|
49
49
|
```bash
|
|
50
|
-
#
|
|
50
|
+
# Basic entities only, no plugins
|
|
51
51
|
pnpm sonamu auth generate
|
|
52
52
|
|
|
53
|
-
#
|
|
53
|
+
# With plugins
|
|
54
54
|
pnpm sonamu auth generate --plugins admin,2fa,username
|
|
55
55
|
```
|
|
56
56
|
|
|
57
|
-
|
|
57
|
+
The 4 entities generated (`betterAuthV1` array):
|
|
58
58
|
|
|
59
|
-
|
|
|
59
|
+
| Entity | Table | Key fields |
|
|
60
60
|
|--------|--------|-----------|
|
|
61
61
|
| User | users | id, name, email, email_verified, image |
|
|
62
62
|
| Session | sessions | id, token, expires_at, user_id |
|
|
63
63
|
| Account | accounts | id, provider_id, access_token, user_id |
|
|
64
64
|
| Verification | verifications | id, identifier, value, expires_at |
|
|
65
65
|
|
|
66
|
-
|
|
67
|
-
-
|
|
68
|
-
-
|
|
69
|
-
-
|
|
70
|
-
- snake_case
|
|
66
|
+
**How it works:**
|
|
67
|
+
- If the entity does not exist, it is created fresh
|
|
68
|
+
- If the entity already exists, only missing fields are added
|
|
69
|
+
- Fields with changed types are updated automatically
|
|
70
|
+
- Uses snake_case column names (better-auth uses camelCase)
|
|
71
71
|
|
|
72
|
-
##
|
|
72
|
+
## Field Mapping (Applied Automatically)
|
|
73
73
|
|
|
74
|
-
|
|
74
|
+
**Source code:** `modules/sonamu/src/auth/better-auth-entities.ts` (BASE_FIELD_MAPPINGS)
|
|
75
75
|
|
|
76
76
|
| better-auth | Sonamu |
|
|
77
77
|
|-------------|--------|
|
|
@@ -80,16 +80,16 @@ pnpm sonamu auth generate --plugins admin,2fa,username
|
|
|
80
80
|
| `userId` | `user_id` |
|
|
81
81
|
| `expiresAt` | `expires_at` |
|
|
82
82
|
|
|
83
|
-
## Config
|
|
83
|
+
## Config Setup
|
|
84
84
|
|
|
85
|
-
|
|
85
|
+
**Source code:** `modules/sonamu/src/api/config.ts` (SonamuServerOptions.auth)
|
|
86
86
|
|
|
87
87
|
```typescript
|
|
88
88
|
// sonamu.config.ts
|
|
89
89
|
server: {
|
|
90
90
|
auth: {
|
|
91
91
|
emailAndPassword: { enabled: true },
|
|
92
|
-
//
|
|
92
|
+
// To add social login:
|
|
93
93
|
// socialProviders: {
|
|
94
94
|
// google: {
|
|
95
95
|
// clientId: process.env.GOOGLE_CLIENT_ID!,
|
|
@@ -100,18 +100,18 @@ server: {
|
|
|
100
100
|
}
|
|
101
101
|
```
|
|
102
102
|
|
|
103
|
-
## API
|
|
103
|
+
## API Endpoints (Auto-registered)
|
|
104
104
|
|
|
105
|
-
|
|
|
105
|
+
| Path | Method | Description |
|
|
106
106
|
|------|--------|------|
|
|
107
|
-
| `/api/auth/sign-up/email` | POST |
|
|
108
|
-
| `/api/auth/sign-in/email` | POST |
|
|
109
|
-
| `/api/auth/sign-out` | POST |
|
|
110
|
-
| `/api/auth/get-session` | GET |
|
|
107
|
+
| `/api/auth/sign-up/email` | POST | Sign up |
|
|
108
|
+
| `/api/auth/sign-in/email` | POST | Sign in |
|
|
109
|
+
| `/api/auth/sign-out` | POST | Sign out |
|
|
110
|
+
| `/api/auth/get-session` | GET | Get session |
|
|
111
111
|
|
|
112
|
-
##
|
|
112
|
+
## Accessing user/session from Context
|
|
113
113
|
|
|
114
|
-
|
|
114
|
+
**Source code:** `modules/sonamu/src/api/context.ts` (AuthContext type definition)
|
|
115
115
|
|
|
116
116
|
```typescript
|
|
117
117
|
import { Sonamu } from "sonamu";
|
|
@@ -122,42 +122,42 @@ async me(): Promise<UserSubsetA | null> {
|
|
|
122
122
|
|
|
123
123
|
if (!user) return null;
|
|
124
124
|
|
|
125
|
-
// user.id, user.email, user.name
|
|
125
|
+
// user.id, user.email, user.name, etc. are accessible
|
|
126
126
|
return this.findById("A", user.id);
|
|
127
127
|
}
|
|
128
128
|
```
|
|
129
129
|
|
|
130
|
-
## Guards
|
|
130
|
+
## Using Guards
|
|
131
131
|
|
|
132
|
-
|
|
132
|
+
**Source code:** `modules/sonamu/src/api/decorators.ts` (GuardKeys interface)
|
|
133
133
|
|
|
134
|
-
###
|
|
134
|
+
### Built-in Guards
|
|
135
135
|
|
|
136
|
-
Sonamu
|
|
137
|
-
- `query`:
|
|
138
|
-
- `user`:
|
|
139
|
-
- `admin`:
|
|
136
|
+
Sonamu provides 3 default guards:
|
|
137
|
+
- `query`: allows all users (including unauthenticated)
|
|
138
|
+
- `user`: allows only authenticated users
|
|
139
|
+
- `admin`: allows only users with admin privileges
|
|
140
140
|
|
|
141
141
|
```typescript
|
|
142
|
-
//
|
|
142
|
+
// Login required
|
|
143
143
|
@api({ httpMethod: "GET", guards: ["user"] })
|
|
144
144
|
async getProfile() {
|
|
145
145
|
const { user } = Sonamu.getContext();
|
|
146
146
|
return { userId: user.id };
|
|
147
147
|
}
|
|
148
148
|
|
|
149
|
-
//
|
|
149
|
+
// Admin only (requires adding a role field to the User entity)
|
|
150
150
|
@api({ httpMethod: "DELETE", guards: ["admin"] })
|
|
151
151
|
async deleteUser(id: string) {
|
|
152
|
-
//
|
|
152
|
+
// Only admins can execute
|
|
153
153
|
}
|
|
154
154
|
```
|
|
155
155
|
|
|
156
|
-
###
|
|
156
|
+
### Adding Custom Guards
|
|
157
157
|
|
|
158
|
-
|
|
158
|
+
If additional permissions beyond the default guards are needed, extend the `GuardKeys` interface in `src/typings/sonamu.d.ts`.
|
|
159
159
|
|
|
160
|
-
|
|
160
|
+
**File location:** `src/typings/sonamu.d.ts`
|
|
161
161
|
|
|
162
162
|
```typescript
|
|
163
163
|
import {} from "sonamu";
|
|
@@ -167,7 +167,7 @@ declare module "sonamu" {
|
|
|
167
167
|
query: true;
|
|
168
168
|
user: true;
|
|
169
169
|
admin: true;
|
|
170
|
-
//
|
|
170
|
+
// Custom guards
|
|
171
171
|
manager: true;
|
|
172
172
|
evaluator: true;
|
|
173
173
|
superadmin: true;
|
|
@@ -175,25 +175,25 @@ declare module "sonamu" {
|
|
|
175
175
|
}
|
|
176
176
|
```
|
|
177
177
|
|
|
178
|
-
|
|
178
|
+
You can now use the added guards in the `@api` decorator:
|
|
179
179
|
|
|
180
180
|
```typescript
|
|
181
|
-
//
|
|
181
|
+
// Manager permission
|
|
182
182
|
@api({ httpMethod: "GET", guards: ["manager"] })
|
|
183
183
|
async getReports() {
|
|
184
|
-
//
|
|
184
|
+
// Only managers can execute
|
|
185
185
|
}
|
|
186
186
|
|
|
187
|
-
//
|
|
187
|
+
// Allow multiple guards simultaneously
|
|
188
188
|
@api({ httpMethod: "POST", guards: ["admin", "manager"] })
|
|
189
189
|
async createReport() {
|
|
190
|
-
// admin
|
|
190
|
+
// Requires admin or manager permission
|
|
191
191
|
}
|
|
192
192
|
```
|
|
193
193
|
|
|
194
|
-
## guardHandler
|
|
194
|
+
## Implementing guardHandler
|
|
195
195
|
|
|
196
|
-
|
|
196
|
+
**Source code:** `modules/sonamu/src/api/config.ts` (SonamuFastifyConfig.guardHandler)
|
|
197
197
|
|
|
198
198
|
```typescript
|
|
199
199
|
import { Sonamu } from "sonamu";
|
|
@@ -206,94 +206,94 @@ apiConfig: {
|
|
|
206
206
|
switch (guard) {
|
|
207
207
|
case "user":
|
|
208
208
|
if (!user) {
|
|
209
|
-
throw new Error("
|
|
209
|
+
throw new Error("Login is required");
|
|
210
210
|
}
|
|
211
211
|
break;
|
|
212
212
|
|
|
213
213
|
case "admin":
|
|
214
|
-
//
|
|
214
|
+
// Requires adding a role field to the User entity
|
|
215
215
|
if (!user || (user as any).role !== "admin") {
|
|
216
|
-
throw new Error("
|
|
216
|
+
throw new Error("Only admins can access this");
|
|
217
217
|
}
|
|
218
218
|
break;
|
|
219
219
|
|
|
220
220
|
case "manager":
|
|
221
|
-
//
|
|
221
|
+
// Custom guard: manager permission
|
|
222
222
|
if (!user || !["admin", "manager"].includes((user as any).role)) {
|
|
223
|
-
throw new Error("
|
|
223
|
+
throw new Error("Manager permission is required");
|
|
224
224
|
}
|
|
225
225
|
break;
|
|
226
226
|
|
|
227
227
|
case "evaluator":
|
|
228
|
-
//
|
|
228
|
+
// Custom guard: evaluator permission
|
|
229
229
|
if (!user || !["admin", "evaluator"].includes((user as any).role)) {
|
|
230
|
-
throw new Error("
|
|
230
|
+
throw new Error("Evaluator permission is required");
|
|
231
231
|
}
|
|
232
232
|
break;
|
|
233
233
|
|
|
234
234
|
case "query":
|
|
235
|
-
//
|
|
235
|
+
// Allow all users
|
|
236
236
|
break;
|
|
237
237
|
}
|
|
238
238
|
},
|
|
239
239
|
}
|
|
240
240
|
```
|
|
241
241
|
|
|
242
|
-
##
|
|
242
|
+
## Adding role to the User Entity (Role-based Authorization)
|
|
243
243
|
|
|
244
|
-
|
|
244
|
+
**Note:** The default User entity from better-auth (`modules/sonamu/src/auth/better-auth-entities.ts`) does not have a `role` field.
|
|
245
245
|
|
|
246
|
-
|
|
246
|
+
If role-based authorization is needed, add it directly to the User entity:
|
|
247
247
|
|
|
248
248
|
```json
|
|
249
249
|
// src/application/sonamu.entity.json
|
|
250
250
|
{
|
|
251
251
|
"id": "User",
|
|
252
252
|
"props": [
|
|
253
|
-
// ...
|
|
253
|
+
// ... existing fields
|
|
254
254
|
{
|
|
255
255
|
"name": "role",
|
|
256
256
|
"type": "string",
|
|
257
257
|
"default": "user",
|
|
258
|
-
"desc": "
|
|
258
|
+
"desc": "User role (user, admin, manager)"
|
|
259
259
|
}
|
|
260
260
|
]
|
|
261
261
|
}
|
|
262
262
|
```
|
|
263
263
|
|
|
264
|
-
|
|
264
|
+
Adding an enum:
|
|
265
265
|
|
|
266
266
|
```json
|
|
267
267
|
{
|
|
268
268
|
"enums": {
|
|
269
269
|
"UserRole": {
|
|
270
|
-
"user": "
|
|
271
|
-
"admin": "
|
|
272
|
-
"manager": "
|
|
270
|
+
"user": "Regular user",
|
|
271
|
+
"admin": "Administrator",
|
|
272
|
+
"manager": "Manager"
|
|
273
273
|
}
|
|
274
274
|
}
|
|
275
275
|
}
|
|
276
276
|
```
|
|
277
277
|
|
|
278
|
-
##
|
|
278
|
+
## Checklist
|
|
279
279
|
|
|
280
|
-
|
|
281
|
-
- [ ] **[generate
|
|
282
|
-
- "
|
|
283
|
-
- [ ] `pnpm sonamu auth generate [--plugins ...]`
|
|
284
|
-
- [ ] **[migrate
|
|
285
|
-
- [ ]
|
|
286
|
-
- [ ] `sonamu.config.ts
|
|
287
|
-
- [ ] `guardHandler`
|
|
288
|
-
- [ ]
|
|
289
|
-
- [ ]
|
|
280
|
+
After setup, verify:
|
|
281
|
+
- [ ] **[Before generate] Confirm with user whether plugins are needed**
|
|
282
|
+
- If "later" → remember `plugins_deferred: true`, guide on optimal timing
|
|
283
|
+
- [ ] Run `pnpm sonamu auth generate [--plugins ...]`
|
|
284
|
+
- [ ] **[Before migrate] Re-confirm plugins if `plugins_deferred: true`** (CRITICAL)
|
|
285
|
+
- [ ] Create and apply migration
|
|
286
|
+
- [ ] Configure `server.auth` in `sonamu.config.ts`
|
|
287
|
+
- [ ] Implement `guardHandler`
|
|
288
|
+
- [ ] Confirm user/session access from Context
|
|
289
|
+
- [ ] Add role to User entity if role-based authorization is needed
|
|
290
290
|
|
|
291
|
-
##
|
|
291
|
+
## Reference
|
|
292
292
|
|
|
293
|
-
**Skills
|
|
294
|
-
-
|
|
295
|
-
- Context API:
|
|
293
|
+
**Skills documentation:**
|
|
294
|
+
- Detailed configuration: "server.auth details" section in `config.md`
|
|
295
|
+
- Context API: "Context access" section in `api.md`
|
|
296
296
|
|
|
297
|
-
|
|
298
|
-
-
|
|
299
|
-
-
|
|
297
|
+
**Official documentation:**
|
|
298
|
+
- Korean: `modules/docs/ko/api-development/authentication/setup.mdx`
|
|
299
|
+
- English: `modules/docs/en/api-development/authentication/setup.mdx`
|