voltjs-framework 1.0.0

package/src/database/seeder.js

@@ -0,0 +1,89 @@
+/**
+ * VoltJS Database Seeder
+ * 
+ * @example
+ * // seeders/users.js
+ * module.exports = async (db) => {
+ *   const User = db.model('users', { name: 'string', email: 'string' });
+ *   await User.create({ name: 'Admin', email: 'admin@example.com' });
+ *   await User.create({ name: 'John', email: 'john@example.com' });
+ * };
+ */
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+
+class Seeder {
+  constructor(db, seedersDir) {
+    this._db = db;
+    this._dir = seedersDir || path.join(process.cwd(), 'seeders');
+  }
+
+  /** Run all seeders */
+  async run() {
+    const files = this._getSeederFiles();
+    if (files.length === 0) {
+      console.log('\x1b[33m  No seeders found.\x1b[0m');
+      return [];
+    }
+
+    const results = [];
+    for (const file of files) {
+      try {
+        const seeder = require(path.join(this._dir, file));
+        console.log(`\x1b[36m  Seeding: ${file}\x1b[0m`);
+        if (typeof seeder === 'function') {
+          await seeder(this._db);
+        } else if (typeof seeder.run === 'function') {
+          await seeder.run(this._db);
+        }
+        console.log(`\x1b[32m  ✓ Seeded: ${file}\x1b[0m`);
+        results.push({ file, status: 'success' });
+      } catch (err) {
+        console.error(`\x1b[31m  ✗ Seeder failed: ${file} — ${err.message}\x1b[0m`);
+        results.push({ file, status: 'error', error: err.message });
+      }
+    }
+
+    return results;
+  }
+
+  /** Get seeder files sorted by name */
+  _getSeederFiles() {
+    try {
+      if (!fs.existsSync(this._dir)) return [];
+      return fs.readdirSync(this._dir).filter(f => f.endsWith('.js')).sort();
+    } catch {
+      return [];
+    }
+  }
+
+  /** Generate a new seeder file */
+  static generate(name, seedersDir) {
+    const dir = seedersDir || path.join(process.cwd(), 'seeders');
+    if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+
+    const filename = `${name}.seed.js`;
+    const filepath = path.join(dir, filename);
+
+    const template = `/**
+ * Seeder: ${name}
+ * Created: ${new Date().toISOString()}
+ */
+
+module.exports = async (db) => {
+  // Example: seed ${name} table
+  // const Model = db.model('${name}', { /* schema */ });
+  // await Model.create({ ... });
+};
+`;
+
+    fs.writeFileSync(filepath, template);
+    console.log(`\x1b[32m  ✓ Created seeder: ${filename}\x1b[0m`);
+    return filepath;
+  }
+}
+
+module.exports = { Seeder };

package/src/index.js

@@ -0,0 +1,156 @@
+/**
+ * VoltJS - Lightning-fast, batteries-included, security-first JavaScript framework
+ * 
+ * @description One framework to rule them all. Zero boilerplate. Maximum power.
+ * 
+ * Features:
+ * - File-based routing + programmatic routing
+ * - Built-in security (CSRF, XSS, CORS, Rate Limiting, Helmet)
+ * - Built-in authentication (JWT, Sessions, OAuth)
+ * - Built-in database ORM with migrations
+ * - Built-in utilities (Excel, Mail, SMS, PDF, Validation, Cache, Queue, Cron)
+ * - Reactive UI components (compiled, no virtual DOM)
+ * - Full-stack: SSR + CSR + API in one
+ * - Plugin architecture
+ * - WebSocket support
+ * - GraphQL support
+ * - Zero config needed
+ * 
+ * @example
+ * const { Volt } = require('voltjs');
+ * 
+ * const app = new Volt();
+ * 
+ * app.get('/', (req, res) => {
+ *   res.render('Welcome to VoltJS!');
+ * });
+ * 
+ * app.listen(3000);
+ */
+
+'use strict';
+
+// Core
+const { Volt } = require('./core/app');
+const { Router } = require('./core/router');
+const { Middleware } = require('./core/middleware');
+const { Config } = require('./core/config');
+const { Renderer } = require('./core/renderer');
+const { PluginManager } = require('./core/plugins');
+const { ReactRenderer } = require('./core/react-renderer');
+
+// Security
+const { Security } = require('./security');
+const { Auth } = require('./security/auth');
+const { CSRF } = require('./security/csrf');
+const { XSSProtection } = require('./security/xss');
+const { CORSHandler } = require('./security/cors');
+const { RateLimiter } = require('./security/rateLimit');
+const { Encryption } = require('./security/encryption');
+const { SecurityHeaders } = require('./security/helmet');
+const { InputSanitizer } = require('./security/sanitizer');
+
+// Database
+const { Database } = require('./database');
+const { Model } = require('./database/model');
+const { QueryBuilder } = require('./database/query');
+const { Migration } = require('./database/migration');
+const { Seeder } = require('./database/seeder');
+
+// Utilities
+const { Excel } = require('./utils/excel');
+const { Mail } = require('./utils/mail');
+const { SMS } = require('./utils/sms');
+const { PDF } = require('./utils/pdf');
+const { Validator } = require('./utils/validation');
+const { Cache } = require('./utils/cache');
+const { Logger } = require('./utils/logger');
+const { Storage } = require('./utils/storage');
+const { Queue } = require('./utils/queue');
+const { Cron } = require('./utils/cron');
+const { Hash } = require('./utils/hash');
+const { DateHelper } = require('./utils/date');
+const { StringHelper } = require('./utils/string');
+const { HttpClient } = require('./utils/http');
+const { EventBus } = require('./utils/events');
+const { Paginator } = require('./utils/paginator');
+const { Form } = require('./utils/form');
+const { _, Collection } = require('./utils/collection');
+const { Schema } = require('./utils/schema');
+
+// UI
+const { Component } = require('./ui/component');
+const { Reactive } = require('./ui/reactive');
+const { TemplateEngine } = require('./ui/template');
+
+// API
+const { RestAPI } = require('./api/rest');
+const { WebSocketServer } = require('./api/websocket');
+const { GraphQLHandler } = require('./api/graphql');
+
+// Export everything - one import, full power
+module.exports = {
+  // Main framework
+  Volt,
+  Router,
+  Middleware,
+  Config,
+  Renderer,
+  ReactRenderer,
+  PluginManager,
+
+  // Security
+  Security,
+  Auth,
+  CSRF,
+  XSSProtection,
+  CORSHandler,
+  RateLimiter,
+  Encryption,
+  SecurityHeaders,
+  InputSanitizer,
+
+  // Database
+  Database,
+  Model,
+  QueryBuilder,
+  Migration,
+  Seeder,
+
+  // Utilities
+  Excel,
+  Mail,
+  SMS,
+  PDF,
+  Validator,
+  Cache,
+  Logger,
+  Storage,
+  Queue,
+  Cron,
+  Hash,
+  DateHelper,
+  StringHelper,
+  HttpClient,
+  EventBus,
+  Paginator,
+  Form,
+  _,
+  Collection,
+  Schema,
+
+  // UI
+  Component,
+  Reactive,
+  TemplateEngine,
+
+  // API
+  RestAPI,
+  WebSocketServer,
+  GraphQLHandler,
+
+  // Convenience: create a new app instance
+  create(config = {}) {
+    return new Volt(config);
+  },
+};

package/src/security/auth.js

@@ -0,0 +1,425 @@
+/**
+ * VoltJS Authentication
+ * 
+ * Built-in auth with support for:
+ * - JWT tokens (access + refresh)
+ * - Session-based auth
+ * - API key auth
+ * - OAuth2 helpers
+ * - Password hashing (bcrypt-compatible using native crypto)
+ * - Role-based access control (RBAC)
+ * - Two-factor authentication (TOTP)
+ */
+
+'use strict';
+
+const crypto = require('crypto');
+
+class Auth {
+  constructor(options = {}) {
+    this._secret = options.secret || crypto.randomBytes(64).toString('hex');
+    this._algorithm = options.algorithm || 'HS256';
+    this._tokenExpiry = options.tokenExpiry || '24h';
+    this._refreshExpiry = options.refreshExpiry || '7d';
+    this._sessions = new Map();
+    this._apiKeys = new Map();
+    this._users = options.userProvider || null; // Function to look up users
+    this._roles = new Map();
+    this._permissions = new Map();
+  }
+
+  // ===== JWT =====
+
+  /** Generate a JWT token */
+  generateToken(payload, expiresIn) {
+    const header = { alg: this._algorithm, typ: 'JWT' };
+    const exp = this._parseExpiry(expiresIn || this._tokenExpiry);
+
+    const tokenPayload = {
+      ...payload,
+      iat: Math.floor(Date.now() / 1000),
+      exp: Math.floor(Date.now() / 1000) + exp,
+    };
+
+    const headerB64 = this._base64url(JSON.stringify(header));
+    const payloadB64 = this._base64url(JSON.stringify(tokenPayload));
+    const signature = this._sign(`${headerB64}.${payloadB64}`);
+
+    return `${headerB64}.${payloadB64}.${signature}`;
+  }
+
+  /** Generate access + refresh token pair */
+  generateTokenPair(payload) {
+    return {
+      accessToken: this.generateToken(payload, this._tokenExpiry),
+      refreshToken: this.generateToken({ ...payload, type: 'refresh' }, this._refreshExpiry),
+      expiresIn: this._parseExpiry(this._tokenExpiry),
+      tokenType: 'Bearer',
+    };
+  }
+
+  /** Verify and decode a JWT token */
+  verifyToken(token) {
+    try {
+      const parts = token.split('.');
+      if (parts.length !== 3) return { valid: false, error: 'Invalid token format' };
+
+      const [headerB64, payloadB64, signature] = parts;
+
+      // Verify signature
+      const expected = this._sign(`${headerB64}.${payloadB64}`);
+      if (signature !== expected) {
+        return { valid: false, error: 'Invalid signature' };
+      }
+
+      // Decode payload
+      const payload = JSON.parse(Buffer.from(payloadB64, 'base64url').toString());
+
+      // Check expiration
+      if (payload.exp && payload.exp < Math.floor(Date.now() / 1000)) {
+        return { valid: false, error: 'Token expired' };
+      }
+
+      return { valid: true, payload };
+    } catch (err) {
+      return { valid: false, error: err.message };
+    }
+  }
+
+  /** Middleware: Require valid JWT token */
+  requireAuth(options = {}) {
+    return (req, res) => {
+      const token = this._extractToken(req);
+      if (!token) {
+        res.json({ error: 'Authentication required' }, 401);
+        return false;
+      }
+
+      const result = this.verifyToken(token);
+      if (!result.valid) {
+        res.json({ error: result.error }, 401);
+        return false;
+      }
+
+      req.user = result.payload;
+      req.token = token;
+
+      // Check roles if specified
+      if (options.roles) {
+        const userRoles = result.payload.roles || [];
+        const hasRole = options.roles.some(r => userRoles.includes(r));
+        if (!hasRole) {
+          res.json({ error: 'Insufficient permissions' }, 403);
+          return false;
+        }
+      }
+
+      // Check permissions if specified
+      if (options.permissions) {
+        const userPerms = result.payload.permissions || [];
+        const hasPermission = options.permissions.every(p => userPerms.includes(p));
+        if (!hasPermission) {
+          res.json({ error: 'Insufficient permissions' }, 403);
+          return false;
+        }
+      }
+    };
+  }
+
+  /** Middleware: Optional auth (populates req.user if token exists) */
+  optionalAuth() {
+    return (req, res) => {
+      const token = this._extractToken(req);
+      if (token) {
+        const result = this.verifyToken(token);
+        if (result.valid) {
+          req.user = result.payload;
+          req.token = token;
+        }
+      }
+    };
+  }
+
+  // ===== SESSIONS =====
+
+  /** Create a new session */
+  createSession(userId, data = {}) {
+    const sessionId = crypto.randomBytes(32).toString('hex');
+    const session = {
+      id: sessionId,
+      userId,
+      data,
+      createdAt: new Date(),
+      expiresAt: new Date(Date.now() + 24 * 60 * 60 * 1000),
+    };
+    this._sessions.set(sessionId, session);
+    return session;
+  }
+
+  /** Get session by ID */
+  getSession(sessionId) {
+    const session = this._sessions.get(sessionId);
+    if (!session) return null;
+    if (session.expiresAt < new Date()) {
+      this._sessions.delete(sessionId);
+      return null;
+    }
+    return session;
+  }
+
+  /** Destroy a session */
+  destroySession(sessionId) {
+    this._sessions.delete(sessionId);
+  }
+
+  /** Middleware: Session-based auth */
+  requireSession(options = {}) {
+    const cookieName = options.cookieName || 'volt.sid';
+    return (req, res) => {
+      const sessionId = req.cookies[cookieName];
+      if (!sessionId) {
+        res.json({ error: 'Session required' }, 401);
+        return false;
+      }
+
+      const session = this.getSession(sessionId);
+      if (!session) {
+        res.json({ error: 'Invalid or expired session' }, 401);
+        return false;
+      }
+
+      req.session = session;
+      req.userId = session.userId;
+    };
+  }
+
+  // ===== API KEYS =====
+
+  /** Generate an API key */
+  generateApiKey(name, permissions = []) {
+    const key = `vk_${crypto.randomBytes(32).toString('hex')}`;
+    this._apiKeys.set(key, { name, permissions, createdAt: new Date() });
+    return key;
+  }
+
+  /** Middleware: Require API key */
+  requireApiKey(requiredPermissions = []) {
+    return (req, res) => {
+      const key = req.headers['x-api-key'] || req.query.api_key;
+      if (!key) {
+        res.json({ error: 'API key required' }, 401);
+        return false;
+      }
+
+      const keyData = this._apiKeys.get(key);
+      if (!keyData) {
+        res.json({ error: 'Invalid API key' }, 401);
+        return false;
+      }
+
+      // Check permissions
+      if (requiredPermissions.length > 0) {
+        const hasAll = requiredPermissions.every(p => keyData.permissions.includes(p));
+        if (!hasAll) {
+          res.json({ error: 'Insufficient API key permissions' }, 403);
+          return false;
+        }
+      }
+
+      req.apiKey = keyData;
+    };
+  }
+
+  // ===== PASSWORD =====
+
+  /** Hash a password using PBKDF2 (no external deps needed) */
+  async hashPassword(password, rounds = 100000) {
+    const salt = crypto.randomBytes(16).toString('hex');
+    return new Promise((resolve, reject) => {
+      crypto.pbkdf2(password, salt, rounds, 64, 'sha512', (err, derivedKey) => {
+        if (err) reject(err);
+        else resolve(`$volt$${rounds}$${salt}$${derivedKey.toString('hex')}`);
+      });
+    });
+  }
+
+  /** Verify a password against a hash */
+  async verifyPassword(password, hash) {
+    const parts = hash.split('$').filter(Boolean);
+    if (parts[0] !== 'volt') return false;
+
+    const rounds = parseInt(parts[1], 10);
+    const salt = parts[2];
+    const key = parts[3];
+
+    return new Promise((resolve, reject) => {
+      crypto.pbkdf2(password, salt, rounds, 64, 'sha512', (err, derivedKey) => {
+        if (err) reject(err);
+        else resolve(crypto.timingSafeEqual(Buffer.from(key, 'hex'), derivedKey));
+      });
+    });
+  }
+
+  // ===== RBAC =====
+
+  /** Define a role with permissions */
+  defineRole(roleName, permissions) {
+    this._roles.set(roleName, new Set(permissions));
+    return this;
+  }
+
+  /** Check if a role has a permission */
+  roleHasPermission(roleName, permission) {
+    const role = this._roles.get(roleName);
+    return role ? role.has(permission) : false;
+  }
+
+  /** Middleware: Require specific roles */
+  requireRole(...roles) {
+    return (req, res) => {
+      if (!req.user || !req.user.roles) {
+        res.json({ error: 'Authentication required' }, 401);
+        return false;
+      }
+      const hasRole = roles.some(r => req.user.roles.includes(r));
+      if (!hasRole) {
+        res.json({ error: 'Insufficient role permissions' }, 403);
+        return false;
+      }
+    };
+  }
+
+  /** Middleware: Require specific permissions */
+  requirePermission(...permissions) {
+    return (req, res) => {
+      if (!req.user) {
+        res.json({ error: 'Authentication required' }, 401);
+        return false;
+      }
+      const userPerms = req.user.permissions || [];
+      const userRoles = req.user.roles || [];
+
+      // Check direct permissions
+      const hasDirectPerm = permissions.every(p => userPerms.includes(p));
+      if (hasDirectPerm) return;
+
+      // Check role-based permissions
+      const hasRolePerm = permissions.every(p => {
+        return userRoles.some(role => this.roleHasPermission(role, p));
+      });
+
+      if (!hasRolePerm) {
+        res.json({ error: 'Insufficient permissions' }, 403);
+        return false;
+      }
+    };
+  }
+
+  // ===== TOTP (Two-Factor Authentication) =====
+
+  /** Generate a TOTP secret */
+  generateTOTPSecret(length = 20) {
+    const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
+    let secret = '';
+    const bytes = crypto.randomBytes(length);
+    for (let i = 0; i < length; i++) {
+      secret += chars[bytes[i] % chars.length];
+    }
+    return secret;
+  }
+
+  /** Generate current TOTP code */
+  generateTOTP(secret, timeStep = 30) {
+    const epoch = Math.floor(Date.now() / 1000);
+    const counter = Math.floor(epoch / timeStep);
+    return this._hotpGenerate(secret, counter);
+  }
+
+  /** Verify a TOTP code (with window for clock drift) */
+  verifyTOTP(token, secret, window = 1) {
+    const epoch = Math.floor(Date.now() / 1000);
+    const timeStep = 30;
+
+    for (let i = -window; i <= window; i++) {
+      const counter = Math.floor(epoch / timeStep) + i;
+      const expected = this._hotpGenerate(secret, counter);
+      if (token === expected) return true;
+    }
+    return false;
+  }
+
+  // ===== INTERNAL =====
+
+  _sign(input) {
+    return crypto
+      .createHmac('sha256', this._secret)
+      .update(input)
+      .digest('base64url');
+  }
+
+  _base64url(str) {
+    return Buffer.from(str).toString('base64url');
+  }
+
+  _extractToken(req) {
+    // Check Authorization header
+    const authHeader = req.headers.authorization;
+    if (authHeader && authHeader.startsWith('Bearer ')) {
+      return authHeader.substring(7);
+    }
+
+    // Check query parameter
+    if (req.query && req.query.token) {
+      return req.query.token;
+    }
+
+    // Check cookie
+    if (req.cookies && req.cookies.token) {
+      return req.cookies.token;
+    }
+
+    return null;
+  }
+
+  _parseExpiry(expiry) {
+    if (typeof expiry === 'number') return expiry;
+    const match = String(expiry).match(/^(\d+)(s|m|h|d)$/);
+    if (!match) return 86400; // Default: 24 hours
+
+    const value = parseInt(match[1], 10);
+    const unit = match[2];
+    const multipliers = { s: 1, m: 60, h: 3600, d: 86400 };
+    return value * (multipliers[unit] || 1);
+  }
+
+  _hotpGenerate(secret, counter) {
+    const decodedSecret = Buffer.from(this._base32Decode(secret));
+    const buffer = Buffer.alloc(8);
+    for (let i = 7; i >= 0; i--) {
+      buffer[i] = counter & 0xff;
+      counter = counter >> 8;
+    }
+    const hmac = crypto.createHmac('sha1', decodedSecret).update(buffer).digest();
+    const offset = hmac[hmac.length - 1] & 0xf;
+    const code = ((hmac[offset] & 0x7f) << 24) | ((hmac[offset + 1] & 0xff) << 16) |
+                 ((hmac[offset + 2] & 0xff) << 8) | (hmac[offset + 3] & 0xff);
+    return String(code % 1000000).padStart(6, '0');
+  }
+
+  _base32Decode(input) {
+    const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
+    let bits = '';
+    for (const c of input.toUpperCase()) {
+      const val = chars.indexOf(c);
+      if (val === -1) continue;
+      bits += val.toString(2).padStart(5, '0');
+    }
+    const bytes = [];
+    for (let i = 0; i + 8 <= bits.length; i += 8) {
+      bytes.push(parseInt(bits.substr(i, 8), 2));
+    }
+    return bytes;
+  }
+}
+
+module.exports = { Auth };