git.stevedylan.dev

chore: refactored db into create e0759b6c

Steve · 2026-04-16 20:00 17 file(s) · +611 −903

Cargo.lock +15 −0

]

[[package]]
name = "andromeda-db"
version = "0.1.0"
dependencies = [
 "axum",
 "rusqlite",
 "tracing",
]

[[package]]
name = "anstream"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"

version = "0.1.4"
dependencies = [
 "andromeda-auth",
 "andromeda-db",
 "askama 0.15.6",
 "askama_web",
 "axum",

version = "0.2.0"
dependencies = [
 "andromeda-auth",
 "andromeda-db",
 "arboard",
 "askama 0.15.6",
 "askama_web",

version = "0.1.3"
dependencies = [
 "andromeda-auth",
 "andromeda-db",
 "anyhow",
 "askama 0.12.1",
 "askama_axum",

version = "0.1.4"
dependencies = [
 "andromeda-auth",
 "andromeda-db",
 "askama 0.15.6",
 "askama_web",
 "axum",

 "rust-embed",
 "serde",
 "serde_json",
 "serde_rusqlite",
 "subtle",
 "tokio",
 "tracing",

name = "sipp-so"
version = "0.1.6"
dependencies = [
 "andromeda-db",
 "arboard",
 "askama 0.15.6",
 "askama_web",

Cargo.toml +2 −0

9	9		"apps/cellar",
10	10		"apps/posts",
11	11		"crates/auth",
	12	+	"crates/db",
12	13		]
13	14		resolver = "3"
14	15

50	51
51	52		# Workspace crates
52	53		andromeda-auth = { path = "crates/auth" }
	54	+	andromeda-db = { path = "crates/db" }

apps/cellar/Cargo.toml +1 −0

tracing = { workspace = true }
tracing-subscriber = { workspace = true }
andromeda-auth = { workspace = true }
andromeda-db = { workspace = true, features = ["session"] }
askama = "0.15"
askama_web = { version = "0.15", features = ["axum-0.8"] }
reqwest = { version = "0.12", features = ["json", "rustls-tls"], default-features = false }

apps/cellar/src/db.rs +36 −124

use nanoid::nanoid;
use rusqlite::{Connection, params};
use serde::{Deserialize, Serialize};
use std::fmt;
use std::sync::{Arc, Mutex};

pub type Db = Arc<Mutex<Connection>>;

#[derive(Debug)]
pub enum DbError {
    Sqlite(rusqlite::Error),
    LockPoisoned,
}

impl fmt::Display for DbError {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            DbError::Sqlite(e) => write!(f, "Database error: {}", e),
            DbError::LockPoisoned => write!(f, "Database lock poisoned"),
        }
    }
}

impl std::error::Error for DbError {}

impl From<rusqlite::Error> for DbError {
    fn from(e: rusqlite::Error) -> Self {
        DbError::Sqlite(e)
    }
}
pub use andromeda_db::{Db, DbError};
pub use andromeda_db::session::{insert_session, get_session_expiry, delete_session, prune_expired_sessions};

#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct Wine {

    pub wishlist: bool,
}

const SCHEMA: &str = "
    CREATE TABLE IF NOT EXISTS wines (
        id              INTEGER PRIMARY KEY AUTOINCREMENT,
        short_id        TEXT NOT NULL UNIQUE,
        name            TEXT NOT NULL,
        origin          TEXT NOT NULL,
        grape           TEXT NOT NULL,
        notes           TEXT NOT NULL,
        image           BLOB,
        image_mime      TEXT,
        sweetness       INTEGER NOT NULL CHECK(sweetness BETWEEN 1 AND 5),
        acidity         INTEGER NOT NULL CHECK(acidity BETWEEN 1 AND 5),
        tannin          INTEGER NOT NULL CHECK(tannin BETWEEN 1 AND 5),
        alcohol         INTEGER NOT NULL CHECK(alcohol BETWEEN 1 AND 5),
        body            INTEGER NOT NULL CHECK(body BETWEEN 1 AND 5),
        clarity         INTEGER NOT NULL DEFAULT 3,
        color_intensity INTEGER NOT NULL DEFAULT 3,
        aroma_intensity INTEGER NOT NULL DEFAULT 3,
        nose_complexity INTEGER NOT NULL DEFAULT 3,
        background      TEXT NOT NULL DEFAULT '',
        created_at      TEXT NOT NULL DEFAULT (datetime('now')),
        wishlist        INTEGER NOT NULL DEFAULT 0
    );

    CREATE TABLE IF NOT EXISTS sessions (
        id         INTEGER PRIMARY KEY AUTOINCREMENT,
        token      TEXT NOT NULL UNIQUE,
        expires_at TEXT NOT NULL
    );
";

pub fn init_db() -> Db {
    let path = std::env::var("CELLAR_DB_PATH").unwrap_or_else(|_| "cellar.sqlite".to_string());
    let conn = Connection::open(&path).expect("Failed to open database");

    conn.execute_batch(
        "CREATE TABLE IF NOT EXISTS wines (
            id         INTEGER PRIMARY KEY AUTOINCREMENT,
            short_id   TEXT NOT NULL UNIQUE,
            name       TEXT NOT NULL,
            origin     TEXT NOT NULL,
            grape      TEXT NOT NULL,
            notes      TEXT NOT NULL,
            image      BLOB,
            image_mime TEXT,
            sweetness  INTEGER NOT NULL CHECK(sweetness BETWEEN 1 AND 5),
            acidity    INTEGER NOT NULL CHECK(acidity BETWEEN 1 AND 5),
            tannin     INTEGER NOT NULL CHECK(tannin BETWEEN 1 AND 5),
            alcohol    INTEGER NOT NULL CHECK(alcohol BETWEEN 1 AND 5),
            body       INTEGER NOT NULL CHECK(body BETWEEN 1 AND 5),
            created_at TEXT NOT NULL DEFAULT (datetime('now'))
        );
    conn.execute_batch(SCHEMA).expect("Failed to create tables");

        CREATE TABLE IF NOT EXISTS sessions (
            id         INTEGER PRIMARY KEY AUTOINCREMENT,
            token      TEXT NOT NULL UNIQUE,
            expires_at TEXT NOT NULL
        );"
    )
    .expect("Failed to create tables");

    // Migration: add background column if it doesn't exist
    // Migrations for existing databases (idempotent — ALTER TABLE fails silently if column exists)
    let _ = conn.execute("ALTER TABLE wines ADD COLUMN background TEXT NOT NULL DEFAULT ''", []);

    // Migration: add appearance and nose tasting attributes
    let _ = conn.execute("ALTER TABLE wines ADD COLUMN clarity INTEGER NOT NULL DEFAULT 3", []);
    let _ = conn.execute("ALTER TABLE wines ADD COLUMN color_intensity INTEGER NOT NULL DEFAULT 3", []);
    let _ = conn.execute("ALTER TABLE wines ADD COLUMN aroma_intensity INTEGER NOT NULL DEFAULT 3", []);
    let _ = conn.execute("ALTER TABLE wines ADD COLUMN nose_complexity INTEGER NOT NULL DEFAULT 3", []);

    // Migration: add wishlist flag
    let _ = conn.execute("ALTER TABLE wines ADD COLUMN wishlist INTEGER NOT NULL DEFAULT 0", []);

    Arc::new(Mutex::new(conn))

    Ok(rows > 0)
}

// Session functions

pub fn insert_session(db: &Db, token: &str, expires_at: &str) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute(
        "INSERT INTO sessions (token, expires_at) VALUES (?1, ?2)",
        params![token, expires_at],
    )?;
    Ok(())
}

pub fn get_session_expiry(db: &Db, token: &str) -> Result<Option<String>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        "SELECT expires_at FROM sessions WHERE token = ?1",
        params![token],
        |row| row.get(0),
    ) {
        Ok(val) => Ok(Some(val)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
}

pub fn delete_session(db: &Db, token: &str) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute("DELETE FROM sessions WHERE token = ?1", params![token])?;
    Ok(())
}

pub fn prune_expired_sessions(db: &Db) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute(
        "DELETE FROM sessions WHERE expires_at < datetime('now')",
        [],
    )?;
    Ok(())
}

#[cfg(test)]
mod tests {
    use super::*;

    fn test_db() -> Db {
        let conn = Connection::open_in_memory().unwrap();
        conn.execute_batch(
            "CREATE TABLE IF NOT EXISTS wines (
                id              INTEGER PRIMARY KEY AUTOINCREMENT,
                short_id        TEXT NOT NULL UNIQUE,
                name            TEXT NOT NULL,
                origin          TEXT NOT NULL,
                grape           TEXT NOT NULL,
                notes           TEXT NOT NULL,
                image           BLOB,
                image_mime      TEXT,
                sweetness       INTEGER NOT NULL CHECK(sweetness BETWEEN 1 AND 5),
                acidity         INTEGER NOT NULL CHECK(acidity BETWEEN 1 AND 5),
                tannin          INTEGER NOT NULL CHECK(tannin BETWEEN 1 AND 5),
                alcohol         INTEGER NOT NULL CHECK(alcohol BETWEEN 1 AND 5),
                body            INTEGER NOT NULL CHECK(body BETWEEN 1 AND 5),
                clarity         INTEGER NOT NULL DEFAULT 3,
                color_intensity INTEGER NOT NULL DEFAULT 3,
                aroma_intensity INTEGER NOT NULL DEFAULT 3,
                nose_complexity INTEGER NOT NULL DEFAULT 3,
                background      TEXT NOT NULL DEFAULT '',
                created_at      TEXT NOT NULL DEFAULT (datetime('now')),
                wishlist        INTEGER NOT NULL DEFAULT 0
            );
            CREATE TABLE IF NOT EXISTS sessions (
                id         INTEGER PRIMARY KEY AUTOINCREMENT,
                token      TEXT NOT NULL UNIQUE,
                expires_at TEXT NOT NULL
            );",
        )
        .unwrap();
        conn.execute_batch(SCHEMA).unwrap();
        Arc::new(Mutex::new(conn))
    }


apps/jotts/Cargo.toml +1 −0

tracing = { workspace = true }
tracing-subscriber = { workspace = true }
andromeda-auth = { workspace = true }
andromeda-db = { workspace = true, features = ["session", "axum"] }
askama = "0.15"
askama_web = { version = "0.15", features = ["axum-0.8"] }
pulldown-cmark = "0.12"

apps/jotts/src/db.rs +2 −63

use nanoid::nanoid;
use rusqlite::{Connection, OptionalExtension, Row, params};
use serde::{Deserialize, Serialize};
use std::fmt;
use std::sync::{Arc, Mutex};

pub type Db = Arc<Mutex<Connection>>;
pub use andromeda_db::{Db, DbError};
pub use andromeda_db::session::{insert_session, get_session_expiry, delete_session, prune_expired_sessions};

const NOTE_COLUMNS: &str = "id, short_id, title, content, created_at, updated_at";


        expires_at TEXT NOT NULL
    );
";

#[derive(Debug)]
pub enum DbError {
    Sqlite(rusqlite::Error),
    LockPoisoned,
}

impl fmt::Display for DbError {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            DbError::Sqlite(e) => write!(f, "Database error: {}", e),
            DbError::LockPoisoned => write!(f, "Database lock poisoned"),
        }
    }
}

impl std::error::Error for DbError {}

impl From<rusqlite::Error> for DbError {
    fn from(e: rusqlite::Error) -> Self {
        DbError::Sqlite(e)
    }
}

#[derive(Debug, Serialize, Deserialize)]
pub struct Note {

    Ok(rows > 0)
}

// Session functions

pub fn insert_session(db: &Db, token: &str, expires_at: &str) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute(
        "INSERT INTO sessions (token, expires_at) VALUES (?1, ?2)",
        params![token, expires_at],
    )?;
    Ok(())
}

pub fn get_session_expiry(db: &Db, token: &str) -> Result<Option<String>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        "SELECT expires_at FROM sessions WHERE token = ?1",
        params![token],
        |row| row.get(0),
    ) {
        Ok(val) => Ok(Some(val)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
}

pub fn delete_session(db: &Db, token: &str) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute("DELETE FROM sessions WHERE token = ?1", params![token])?;
    Ok(())
}

pub fn prune_expired_sessions(db: &Db) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute(
        "DELETE FROM sessions WHERE expires_at < datetime('now')",
        [],
    )?;
    Ok(())
}

#[cfg(test)]
mod tests {

apps/jotts/src/server.rs +0 −7

use crate::auth;
use crate::db::{self, Db, DbError, Note, NoteInput};

impl IntoResponse for DbError {
    fn into_response(self) -> Response {
        tracing::error!("{}", self);
        (StatusCode::INTERNAL_SERVER_ERROR, "Server error").into_response()
    }
}

fn redirect_with_cookie(target: &str, cookie: String) -> Response {
    let mut resp = Redirect::to(target).into_response();
    resp.headers_mut().insert(

apps/parcels/Cargo.toml +1 −0

tracing = { workspace = true }
tracing-subscriber = { workspace = true, features = ["env-filter"] }
andromeda-auth = { workspace = true }
andromeda-db = { workspace = true, features = ["session"] }
rusqlite = { workspace = true }
reqwest = { version = "0.12", features = ["json"] }
askama = { version = "0.12", features = ["with-axum"] }

apps/parcels/src/db.rs +83 −184

use rusqlite::{Connection, params};
use std::fmt;
use rusqlite::{Connection, OptionalExtension, params};
use std::sync::{Arc, Mutex};

pub type Db = Arc<Mutex<Connection>>;

// ── Error ───────────────────────────────────────────────────────────────────

#[derive(Debug)]
pub enum DbError {
    Sqlite(rusqlite::Error),
    LockPoisoned,
}

impl fmt::Display for DbError {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            DbError::Sqlite(e) => write!(f, "Database error: {}", e),
            DbError::LockPoisoned => write!(f, "Database lock poisoned"),
        }
    }
}

impl std::error::Error for DbError {}

impl From<rusqlite::Error> for DbError {
    fn from(e: rusqlite::Error) -> Self {
        DbError::Sqlite(e)
    }
}
pub use andromeda_db::{Db, DbError};
pub use andromeda_db::session::{insert_session, get_session_expiry, delete_session, prune_expired_sessions};

// ── Types ───────────────────────────────────────────────────────────────────



// ── Pool Setup ──────────────────────────────────────────────────────────────

const SCHEMA: &str = "
    CREATE TABLE IF NOT EXISTS packages (
        id                INTEGER PRIMARY KEY AUTOINCREMENT,
        tracking_number   TEXT NOT NULL UNIQUE,
        label             TEXT,
        status            TEXT,
        status_category   TEXT,
        status_summary    TEXT,
        mail_class        TEXT,
        expected_delivery TEXT,
        last_refreshed_at TEXT,
        created_at        TEXT NOT NULL DEFAULT (datetime('now'))
    );
    CREATE TABLE IF NOT EXISTS tracking_events (
        id              INTEGER PRIMARY KEY AUTOINCREMENT,
        package_id      INTEGER NOT NULL REFERENCES packages(id) ON DELETE CASCADE,
        event_timestamp TEXT,
        event_type      TEXT,
        event_city      TEXT,
        event_state     TEXT,
        event_zip       TEXT,
        event_code      TEXT
    );
    CREATE TABLE IF NOT EXISTS sessions (
        id         INTEGER PRIMARY KEY AUTOINCREMENT,
        token      TEXT NOT NULL UNIQUE,
        expires_at TEXT NOT NULL
    );
";

pub fn init_db() -> Db {
    let path = "parcels.db";
    let conn = Connection::open(path).expect("Failed to open database");
    conn.execute_batch("PRAGMA journal_mode=WAL; PRAGMA foreign_keys=ON;")
        .expect("Failed to set PRAGMAs");
    conn.execute_batch("
        CREATE TABLE IF NOT EXISTS packages (
            id                INTEGER PRIMARY KEY AUTOINCREMENT,
            tracking_number   TEXT NOT NULL UNIQUE,
            label             TEXT,
            status            TEXT,
            status_category   TEXT,
            status_summary    TEXT,
            mail_class        TEXT,
            expected_delivery TEXT,
            last_refreshed_at TEXT,
            created_at        TEXT NOT NULL DEFAULT (datetime('now'))
        );
        CREATE TABLE IF NOT EXISTS tracking_events (
            id              INTEGER PRIMARY KEY AUTOINCREMENT,
            package_id      INTEGER NOT NULL REFERENCES packages(id) ON DELETE CASCADE,
            event_timestamp TEXT,
            event_type      TEXT,
            event_city      TEXT,
            event_state     TEXT,
            event_zip       TEXT,
            event_code      TEXT
        );
        CREATE TABLE IF NOT EXISTS sessions (
            id         INTEGER PRIMARY KEY AUTOINCREMENT,
            token      TEXT NOT NULL UNIQUE,
            expires_at TEXT NOT NULL
        );
    ").expect("Failed to create tables");
    conn.execute_batch(SCHEMA).expect("Failed to create tables");
    Arc::new(Mutex::new(conn))
}

// ── Row Helpers ────────────────────────────────────────────────────────────

const PACKAGE_COLS: &str = "id, tracking_number, label, status, status_category, status_summary, mail_class, expected_delivery, last_refreshed_at, created_at";

fn package_from_row(row: &rusqlite::Row) -> rusqlite::Result<Package> {
    Ok(Package {
        id: row.get(0)?,
        tracking_number: row.get(1)?,
        label: row.get(2)?,
        status: row.get(3)?,
        status_category: row.get(4)?,
        status_summary: row.get(5)?,
        mail_class: row.get(6)?,
        expected_delivery: row.get(7)?,
        last_refreshed_at: row.get(8)?,
        created_at: row.get(9)?,
    })
}

const EVENT_COLS: &str = "id, package_id, event_timestamp, event_type, event_city, event_state, event_zip, event_code";

fn event_from_row(row: &rusqlite::Row) -> rusqlite::Result<TrackingEvent> {
    Ok(TrackingEvent {
        id: row.get(0)?,
        package_id: row.get(1)?,
        event_timestamp: row.get(2)?,
        event_type: row.get(3)?,
        event_city: row.get(4)?,
        event_state: row.get(5)?,
        event_zip: row.get(6)?,
        event_code: row.get(7)?,
    })
}

// ── Package Queries ─────────────────────────────────────────────────────────

pub fn list_packages(db: &Db) -> Result<Vec<Package>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    let mut stmt = conn.prepare(
        "SELECT id, tracking_number, label, status, status_category, status_summary,
                mail_class, expected_delivery, last_refreshed_at, created_at
         FROM packages ORDER BY created_at DESC",
        &format!("SELECT {} FROM packages ORDER BY created_at DESC", PACKAGE_COLS),
    )?;
    let packages = stmt
        .query_map([], |row| {
            Ok(Package {
                id: row.get(0)?,
                tracking_number: row.get(1)?,
                label: row.get(2)?,
                status: row.get(3)?,
                status_category: row.get(4)?,
                status_summary: row.get(5)?,
                mail_class: row.get(6)?,
                expected_delivery: row.get(7)?,
                last_refreshed_at: row.get(8)?,
                created_at: row.get(9)?,
            })
        })?
        .filter_map(|r| r.ok())
        .collect();
        .query_map([], package_from_row)?
        .collect::<Result<Vec<_>, _>>()?;
    Ok(packages)
}

pub fn get_package(db: &Db, id: i64) -> Result<Option<Package>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        "SELECT id, tracking_number, label, status, status_category, status_summary,
                mail_class, expected_delivery, last_refreshed_at, created_at
         FROM packages WHERE id = ?1",
        params![id],
        |row| {
            Ok(Package {
                id: row.get(0)?,
                tracking_number: row.get(1)?,
                label: row.get(2)?,
                status: row.get(3)?,
                status_category: row.get(4)?,
                status_summary: row.get(5)?,
                mail_class: row.get(6)?,
                expected_delivery: row.get(7)?,
                last_refreshed_at: row.get(8)?,
                created_at: row.get(9)?,
            })
        },
    ) {
        Ok(pkg) => Ok(Some(pkg)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
    let pkg = conn
        .query_row(
            &format!("SELECT {} FROM packages WHERE id = ?1", PACKAGE_COLS),
            params![id],
            package_from_row,
        )
        .optional()?;
    Ok(pkg)
}

pub fn insert_package(db: &Db, tracking_number: &str, label: Option<&str>) -> Result<i64, DbError> {

pub fn get_events_for_package(db: &Db, package_id: i64) -> Result<Vec<TrackingEvent>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    let mut stmt = conn.prepare(
        "SELECT id, package_id, event_timestamp, event_type, event_city, event_state,
                event_zip, event_code
         FROM tracking_events WHERE package_id = ?1
         ORDER BY event_timestamp DESC",
        &format!("SELECT {} FROM tracking_events WHERE package_id = ?1 ORDER BY event_timestamp DESC", EVENT_COLS),
    )?;
    let events = stmt
        .query_map(params![package_id], |row| {
            Ok(TrackingEvent {
                id: row.get(0)?,
                package_id: row.get(1)?,
                event_timestamp: row.get(2)?,
                event_type: row.get(3)?,
                event_city: row.get(4)?,
                event_state: row.get(5)?,
                event_zip: row.get(6)?,
                event_code: row.get(7)?,
            })
        })?
        .filter_map(|r| r.ok())
        .collect();
        .query_map(params![package_id], event_from_row)?
        .collect::<Result<Vec<_>, _>>()?;
    Ok(events)
}

// ── Session Queries ──────────────────────────────────────────────────────────

pub fn insert_session(db: &Db, token: &str, expires_at: &str) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute(
        "INSERT INTO sessions (token, expires_at) VALUES (?1, ?2)",
        params![token, expires_at],
    )?;
    Ok(())
}

pub fn get_session_expiry(db: &Db, token: &str) -> Result<Option<String>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        "SELECT expires_at FROM sessions WHERE token = ?1",
        params![token],
        |row| row.get(0),
    ) {
        Ok(expires_at) => Ok(Some(expires_at)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
}

pub fn delete_session(db: &Db, token: &str) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute("DELETE FROM sessions WHERE token = ?1", params![token])?;
    Ok(())
}

pub fn prune_expired_sessions(db: &Db) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute("DELETE FROM sessions WHERE expires_at < datetime('now')", [])?;
    Ok(())
}

#[cfg(test)]
mod tests {
    use super::*;

    fn test_db() -> Db {
        let conn = Connection::open_in_memory().unwrap();
        conn.execute_batch("PRAGMA foreign_keys=ON;").unwrap();
        conn.execute_batch(
            "CREATE TABLE IF NOT EXISTS packages (
                id                INTEGER PRIMARY KEY AUTOINCREMENT,
                tracking_number   TEXT NOT NULL UNIQUE,
                label             TEXT,
                status            TEXT,
                status_category   TEXT,
                status_summary    TEXT,
                mail_class        TEXT,
                expected_delivery TEXT,
                last_refreshed_at TEXT,
                created_at        TEXT NOT NULL DEFAULT (datetime('now'))
            );
            CREATE TABLE IF NOT EXISTS tracking_events (
                id              INTEGER PRIMARY KEY AUTOINCREMENT,
                package_id      INTEGER NOT NULL REFERENCES packages(id) ON DELETE CASCADE,
                event_timestamp TEXT,
                event_type      TEXT,
                event_city      TEXT,
                event_state     TEXT,
                event_zip       TEXT,
                event_code      TEXT
            );
            CREATE TABLE IF NOT EXISTS sessions (
                id         INTEGER PRIMARY KEY AUTOINCREMENT,
                token      TEXT NOT NULL UNIQUE,
                expires_at TEXT NOT NULL
            );",
        )
        .unwrap();
        conn.execute_batch(SCHEMA).unwrap();
        Arc::new(Mutex::new(conn))
    }


apps/posts/Cargo.toml +2 −0

tracing = { workspace = true }
tracing-subscriber = { workspace = true }
andromeda-auth = { workspace = true }
andromeda-db = { workspace = true, features = ["session"] }
serde_rusqlite = "0.41"
askama = "0.15"
askama_web = { version = "0.15", features = ["axum-0.8"] }
pulldown-cmark = "0.12"

apps/posts/src/db.rs +245 −413

use nanoid::nanoid;
use rusqlite::{Connection, params};
use rusqlite::{Connection, OptionalExtension, params};
use serde::{Deserialize, Serialize};
use std::fmt;
use std::sync::{Arc, Mutex};

pub type Db = Arc<Mutex<Connection>>;

#[derive(Debug)]
pub enum DbError {
    Sqlite(rusqlite::Error),
    LockPoisoned,
}

impl fmt::Display for DbError {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            DbError::Sqlite(e) => write!(f, "Database error: {}", e),
            DbError::LockPoisoned => write!(f, "Database lock poisoned"),
        }
    }
}

impl std::error::Error for DbError {}
pub use andromeda_db::{Db, DbError};
pub use andromeda_db::session::{insert_session, get_session_expiry, delete_session, prune_expired_sessions};

impl From<rusqlite::Error> for DbError {
    fn from(e: rusqlite::Error) -> Self {
        DbError::Sqlite(e)
    }
fn from_row<T: serde::de::DeserializeOwned>(row: &rusqlite::Row) -> rusqlite::Result<T> {
    serde_rusqlite::from_row::<T>(row).map_err(|e| {
        rusqlite::Error::FromSqlConversionFailure(0, rusqlite::types::Type::Null, Box::new(e))
    })
}

#[derive(Debug, Serialize, Deserialize, Clone)]

    pub updated_at: String,
}

#[derive(Serialize)]
pub struct PostInput<'a> {
    pub title: &'a str,
    pub slug: &'a str,
    pub content: &'a str,
    pub status: &'a str,
    pub alias: Option<&'a str>,
    pub canonical_url: Option<&'a str>,
    pub published_date: Option<&'a str>,
    pub meta_description: Option<&'a str>,
    pub meta_image: Option<&'a str>,
    pub lang: &'a str,
    pub tags: Option<&'a str>,
}

#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct Page {
    pub id: i64,

    pub created_at: String,
}

pub fn init_db() -> Db {
    let path = std::env::var("POSTS_DB_PATH").unwrap_or_else(|_| "posts.sqlite".to_string());
    let conn = Connection::open(&path).expect("Failed to open database");
const SCHEMA: &str = "
    CREATE TABLE IF NOT EXISTS posts (
        id              INTEGER PRIMARY KEY AUTOINCREMENT,
        short_id        TEXT NOT NULL UNIQUE,
        title           TEXT NOT NULL,
        slug            TEXT NOT NULL UNIQUE,
        alias           TEXT,
        canonical_url   TEXT,
        published_date  TEXT,
        meta_description TEXT,
        meta_image      TEXT,
        lang            TEXT NOT NULL DEFAULT 'en',
        tags            TEXT,
        content         TEXT NOT NULL,
        status          TEXT NOT NULL DEFAULT 'draft',
        created_at      TEXT NOT NULL DEFAULT (datetime('now')),
        updated_at      TEXT NOT NULL DEFAULT (datetime('now'))
    );

    CREATE TABLE IF NOT EXISTS pages (
        id              INTEGER PRIMARY KEY AUTOINCREMENT,
        short_id        TEXT NOT NULL UNIQUE,
        title           TEXT NOT NULL,
        slug            TEXT NOT NULL UNIQUE,
        content         TEXT NOT NULL,
        is_published    INTEGER NOT NULL DEFAULT 0,
        nav_order       INTEGER NOT NULL DEFAULT 0,
        created_at      TEXT NOT NULL DEFAULT (datetime('now')),
        updated_at      TEXT NOT NULL DEFAULT (datetime('now'))
    );

    CREATE TABLE IF NOT EXISTS sessions (
        id              INTEGER PRIMARY KEY AUTOINCREMENT,
        token           TEXT NOT NULL UNIQUE,
        expires_at      TEXT NOT NULL
    );

    conn.execute_batch(
        "CREATE TABLE IF NOT EXISTS posts (
            id              INTEGER PRIMARY KEY AUTOINCREMENT,
            short_id        TEXT NOT NULL UNIQUE,
            title           TEXT NOT NULL,
            slug            TEXT NOT NULL UNIQUE,
            alias           TEXT,
            canonical_url   TEXT,
            published_date  TEXT,
            meta_description TEXT,
            meta_image      TEXT,
            lang            TEXT NOT NULL DEFAULT 'en',
            tags            TEXT,
            content         TEXT NOT NULL,
            status          TEXT NOT NULL DEFAULT 'draft',
            created_at      TEXT NOT NULL DEFAULT (datetime('now')),
            updated_at      TEXT NOT NULL DEFAULT (datetime('now'))
        );
    CREATE TABLE IF NOT EXISTS settings (
        key   TEXT PRIMARY KEY,
        value TEXT NOT NULL
    );

        CREATE TABLE IF NOT EXISTS pages (
            id              INTEGER PRIMARY KEY AUTOINCREMENT,
            short_id        TEXT NOT NULL UNIQUE,
            title           TEXT NOT NULL,
            slug            TEXT NOT NULL UNIQUE,
            content         TEXT NOT NULL,
            is_published    INTEGER NOT NULL DEFAULT 0,
            nav_order       INTEGER NOT NULL DEFAULT 0,
            created_at      TEXT NOT NULL DEFAULT (datetime('now')),
            updated_at      TEXT NOT NULL DEFAULT (datetime('now'))
        );
    CREATE TABLE IF NOT EXISTS files (
        id            INTEGER PRIMARY KEY AUTOINCREMENT,
        short_id      TEXT NOT NULL UNIQUE,
        filename      TEXT NOT NULL UNIQUE,
        original_name TEXT NOT NULL,
        content_type  TEXT NOT NULL DEFAULT 'application/octet-stream',
        size          INTEGER NOT NULL,
        created_at    TEXT NOT NULL DEFAULT (datetime('now'))
    );
";

        CREATE TABLE IF NOT EXISTS sessions (
            id              INTEGER PRIMARY KEY AUTOINCREMENT,
            token           TEXT NOT NULL UNIQUE,
            expires_at      TEXT NOT NULL
        );
const DEFAULT_SETTINGS: &[(&str, &str)] = &[
    ("blog_title", "My Blog"),
    ("blog_description", "A simple blog"),
    ("intro_content", ""),
    ("nav_links", "[blog](/) [posts](/posts)"),
    ("custom_css", ""),
    ("favicon_url", ""),
    ("og_image_url", ""),
    ("custom_header", ""),
    ("custom_footer", "<div>
<a href=\"/feed.xml\" class=\"rss-link\" title=\"RSS Feed\"><svg xmlns=\"http://www.w3.org/2000/svg\" width=\"32\" height=\"32\" fill=\"currentColor\" viewBox=\"0 0 256 256\"><path fill=\"currentColor\" d=\"M104.08 151.92A67.52 67.52 0 0 1 124 200a4 4 0 0 1-8 0a60 60 0 0 0-60-60a4 4 0 0 1 0-8a67.52 67.52 0 0 1 48.08 19.92M56 84a4 4 0 0 0 0 8a108 108 0 0 1 108 108a4 4 0 0 0 8 0A116 116 0 0 0 56 84m116 0A162.92 162.92 0 0 0 56 36a4 4 0 0 0 0 8a155 155 0 0 1 110.31 45.69A155 155 0 0 1 212 200a4 4 0 0 0 8 0a162.92 162.92 0 0 0-48-116M60 188a8 8 0 1 0 8 8a8 8 0 0 0-8-8\"/></svg></a>
</div>"),
];

        CREATE TABLE IF NOT EXISTS settings (
            key   TEXT PRIMARY KEY,
            value TEXT NOT NULL
        );
pub fn init_db() -> Db {
    let path = std::env::var("POSTS_DB_PATH").unwrap_or_else(|_| "posts.sqlite".to_string());
    let conn = Connection::open(&path).expect("Failed to open database");

        CREATE TABLE IF NOT EXISTS files (
            id            INTEGER PRIMARY KEY AUTOINCREMENT,
            short_id      TEXT NOT NULL UNIQUE,
            filename      TEXT NOT NULL UNIQUE,
            original_name TEXT NOT NULL,
            content_type  TEXT NOT NULL DEFAULT 'application/octet-stream',
            size          INTEGER NOT NULL,
            created_at    TEXT NOT NULL DEFAULT (datetime('now'))
        );"
    )
    .expect("Failed to create tables");
    conn.execute_batch(SCHEMA).expect("Failed to create tables");

    // Seed default settings
    conn.execute(
        "INSERT OR IGNORE INTO settings (key, value) VALUES ('blog_title', 'My Blog')",
        [],
    )
    .ok();
    conn.execute(
        "INSERT OR IGNORE INTO settings (key, value) VALUES ('blog_description', 'A simple blog')",
        [],
    )
    .ok();
    conn.execute(
        "INSERT OR IGNORE INTO settings (key, value) VALUES ('intro_content', '')",
        [],
    )
    .ok();
    conn.execute(
        "INSERT OR IGNORE INTO settings (key, value) VALUES ('nav_links', '[blog](/) [posts](/posts)')",
        [],
    )
    .ok();
    conn.execute(
        "INSERT OR IGNORE INTO settings (key, value) VALUES ('custom_css', '')",
        [],
    )
    .ok();
    conn.execute(
        "INSERT OR IGNORE INTO settings (key, value) VALUES ('favicon_url', '')",
        [],
    )
    .ok();
    conn.execute(
        "INSERT OR IGNORE INTO settings (key, value) VALUES ('og_image_url', '')",
        [],
    )
    .ok();
    conn.execute(
        "INSERT OR IGNORE INTO settings (key, value) VALUES ('custom_header', '')",
        [],
    )
    .ok();
    conn.execute(
        "INSERT OR IGNORE INTO settings (key, value) VALUES ('custom_footer', '<div>
<a href=\"/feed.xml\" class=\"rss-link\" title=\"RSS Feed\"><svg xmlns=\"http://www.w3.org/2000/svg\" width=\"32\" height=\"32\" fill=\"currentColor\" viewBox=\"0 0 256 256\"><path fill=\"currentColor\" d=\"M104.08 151.92A67.52 67.52 0 0 1 124 200a4 4 0 0 1-8 0a60 60 0 0 0-60-60a4 4 0 0 1 0-8a67.52 67.52 0 0 1 48.08 19.92M56 84a4 4 0 0 0 0 8a108 108 0 0 1 108 108a4 4 0 0 0 8 0A116 116 0 0 0 56 84m116 0A162.92 162.92 0 0 0 56 36a4 4 0 0 0 0 8a155 155 0 0 1 110.31 45.69A155 155 0 0 1 212 200a4 4 0 0 0 8 0a162.92 162.92 0 0 0-48-116M60 188a8 8 0 1 0 8 8a8 8 0 0 0-8-8\"/></svg></a>
</div>')",
        [],
    )
    .ok();
    for (key, value) in DEFAULT_SETTINGS {
        conn.execute(
            "INSERT OR IGNORE INTO settings (key, value) VALUES (?1, ?2)",
            params![key, value],
        )
        .ok();
    }

    Arc::new(Mutex::new(conn))
}

// --- Post CRUD ---

fn row_to_post(row: &rusqlite::Row) -> rusqlite::Result<Post> {
    Ok(Post {
        id: row.get(0)?,
        short_id: row.get(1)?,
        title: row.get(2)?,
        slug: row.get(3)?,
        alias: row.get(4)?,
        canonical_url: row.get(5)?,
        published_date: row.get(6)?,
        meta_description: row.get(7)?,
        meta_image: row.get(8)?,
        lang: row.get(9)?,
        tags: row.get(10)?,
        content: row.get(11)?,
        status: row.get(12)?,
        created_at: row.get(13)?,
        updated_at: row.get(14)?,
    })
}

const POST_COLS: &str = "id, short_id, title, slug, alias, canonical_url, published_date, meta_description, meta_image, lang, tags, content, status, created_at, updated_at";

pub fn create_post(
    db: &Db,
    title: &str,
    slug: &str,
    content: &str,
    status: &str,
    alias: Option<&str>,
    canonical_url: Option<&str>,
    published_date: Option<&str>,
    meta_description: Option<&str>,
    meta_image: Option<&str>,
    lang: &str,
    tags: Option<&str>,
) -> Result<Post, DbError> {
pub fn create_post(db: &Db, input: &PostInput) -> Result<Post, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    let short_id = nanoid!(10);
    let named = serde_rusqlite::to_params_named(input)
        .map_err(|e| rusqlite::Error::ToSqlConversionFailure(Box::new(e)))?;
    let mut bindings = named.to_slice();
    bindings.push((":short_id", &short_id));
    conn.execute(
        "INSERT INTO posts (short_id, title, slug, content, status, alias, canonical_url, published_date, meta_description, meta_image, lang, tags)
         VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8, ?9, ?10, ?11, ?12)",
        params![short_id, title, slug, content, status, alias, canonical_url, published_date, meta_description, meta_image, lang, tags],
         VALUES (:short_id, :title, :slug, :content, :status, :alias, :canonical_url, :published_date, :meta_description, :meta_image, :lang, :tags)",
        bindings.as_slice(),
    )?;
    let id = conn.last_insert_rowid();
    let post = conn.query_row(
        &format!("SELECT {} FROM posts WHERE id = ?1", POST_COLS),
        params![id],
        row_to_post,
        from_row,
    )?;
    Ok(post)
}

pub fn get_post_by_short_id(db: &Db, short_id: &str) -> Result<Option<Post>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        &format!("SELECT {} FROM posts WHERE short_id = ?1", POST_COLS),
        params![short_id],
        row_to_post,
    ) {
        Ok(post) => Ok(Some(post)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
    let post = conn
        .query_row(
            &format!("SELECT {} FROM posts WHERE short_id = ?1", POST_COLS),
            params![short_id],
            from_row,
        )
        .optional()?;
    Ok(post)
}

pub fn get_post_by_slug(db: &Db, slug: &str) -> Result<Option<Post>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        &format!("SELECT {} FROM posts WHERE slug = ?1", POST_COLS),
        params![slug],
        row_to_post,
    ) {
        Ok(post) => Ok(Some(post)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
    let post = conn
        .query_row(
            &format!("SELECT {} FROM posts WHERE slug = ?1", POST_COLS),
            params![slug],
            from_row,
        )
        .optional()?;
    Ok(post)
}

pub fn get_all_posts(db: &Db) -> Result<Vec<Post>, DbError> {

        &format!("SELECT {} FROM posts ORDER BY id DESC", POST_COLS),
    )?;
    let posts = stmt
        .query_map([], row_to_post)?
        .query_map([], from_row)?
        .collect::<Result<Vec<_>, _>>()?;
    Ok(posts)
}

        &format!("SELECT {} FROM posts WHERE status = 'published' ORDER BY published_date DESC, id DESC", POST_COLS),
    )?;
    let posts = stmt
        .query_map([], row_to_post)?
        .query_map([], from_row)?
        .collect::<Result<Vec<_>, _>>()?;
    Ok(posts)
}

pub fn update_post(
    db: &Db,
    short_id: &str,
    title: &str,
    slug: &str,
    content: &str,
    status: &str,
    alias: Option<&str>,
    canonical_url: Option<&str>,
    published_date: Option<&str>,
    meta_description: Option<&str>,
    meta_image: Option<&str>,
    lang: &str,
    tags: Option<&str>,
) -> Result<Option<Post>, DbError> {
pub fn update_post(db: &Db, short_id: &str, input: &PostInput) -> Result<Option<Post>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    let effective_published_date = if status == "published" {
        Some(published_date.unwrap_or(""))
    let effective_published_date = if input.status == "published" {
        Some(input.published_date.unwrap_or(""))
    } else {
        published_date
        input.published_date
    };
    let rows = conn.execute(
        "UPDATE posts SET title = ?1, slug = ?2, content = ?3, status = ?4, alias = ?5, canonical_url = ?6,
         published_date = CASE WHEN ?4 = 'published' THEN COALESCE(?7, published_date, datetime('now')) ELSE ?7 END,
         meta_description = ?8, meta_image = ?9, lang = ?10, tags = ?11,
         updated_at = datetime('now') WHERE short_id = ?12",
        params![title, slug, content, status, alias, canonical_url, effective_published_date, meta_description, meta_image, lang, tags, short_id],
        params![input.title, input.slug, input.content, input.status, input.alias, input.canonical_url, effective_published_date, input.meta_description, input.meta_image, input.lang, input.tags, short_id],
    )?;
    if rows == 0 {
        return Ok(None);
    }
    match conn.query_row(
        &format!("SELECT {} FROM posts WHERE short_id = ?1", POST_COLS),
        params![short_id],
        row_to_post,
    ) {
        Ok(post) => Ok(Some(post)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
    let post = conn
        .query_row(
            &format!("SELECT {} FROM posts WHERE short_id = ?1", POST_COLS),
            params![short_id],
            from_row,
        )
        .optional()?;
    Ok(post)
}

pub fn delete_post(db: &Db, short_id: &str) -> Result<bool, DbError> {


pub fn toggle_post_status(db: &Db, short_id: &str) -> Result<Option<String>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    let current: String = match conn.query_row(
        "SELECT status FROM posts WHERE short_id = ?1",
        params![short_id],
        |row| row.get(0),
    ) {
        Ok(s) => s,
        Err(rusqlite::Error::QueryReturnedNoRows) => return Ok(None),
        Err(e) => return Err(DbError::Sqlite(e)),
    let current: Option<String> = conn
        .query_row(
            "SELECT status FROM posts WHERE short_id = ?1",
            params![short_id],
            |row| row.get(0),
        )
        .optional()?;
    let current = match current {
        Some(s) => s,
        None => return Ok(None),
    };
    let new_status = if current == "published" { "draft" } else { "published" };
    if new_status == "published" {


pub fn find_alias_redirect(db: &Db, alias: &str) -> Result<Option<String>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        "SELECT slug FROM posts WHERE alias = ?1 AND status = 'published'",
        params![alias],
        |row| row.get::<_, String>(0),
    ) {
        Ok(slug) => Ok(Some(format!("/posts/{}", slug))),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
    let slug: Option<String> = conn
        .query_row(
            "SELECT slug FROM posts WHERE alias = ?1 AND status = 'published'",
            params![alias],
            |row| row.get(0),
        )
        .optional()?;
    Ok(slug.map(|s| format!("/posts/{}", s)))
}

// --- Page CRUD ---

fn row_to_page(row: &rusqlite::Row) -> rusqlite::Result<Page> {
    Ok(Page {
        id: row.get(0)?,
        short_id: row.get(1)?,
        title: row.get(2)?,
        slug: row.get(3)?,
        content: row.get(4)?,
        is_published: row.get::<_, i64>(5)? != 0,
        nav_order: row.get(6)?,
        created_at: row.get(7)?,
        updated_at: row.get(8)?,
    })
}

const PAGE_COLS: &str = "id, short_id, title, slug, content, is_published, nav_order, created_at, updated_at";

pub fn create_page(

    let page = conn.query_row(
        &format!("SELECT {} FROM pages WHERE id = ?1", PAGE_COLS),
        params![id],
        row_to_page,
        from_row,
    )?;
    Ok(page)
}

pub fn get_page_by_short_id(db: &Db, short_id: &str) -> Result<Option<Page>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        &format!("SELECT {} FROM pages WHERE short_id = ?1", PAGE_COLS),
        params![short_id],
        row_to_page,
    ) {
        Ok(page) => Ok(Some(page)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
    let page = conn
        .query_row(
            &format!("SELECT {} FROM pages WHERE short_id = ?1", PAGE_COLS),
            params![short_id],
            from_row,
        )
        .optional()?;
    Ok(page)
}

pub fn get_page_by_slug(db: &Db, slug: &str) -> Result<Option<Page>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        &format!("SELECT {} FROM pages WHERE slug = ?1", PAGE_COLS),
        params![slug],
        row_to_page,
    ) {
        Ok(page) => Ok(Some(page)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
    let page = conn
        .query_row(
            &format!("SELECT {} FROM pages WHERE slug = ?1", PAGE_COLS),
            params![slug],
            from_row,
        )
        .optional()?;
    Ok(page)
}

pub fn get_all_pages(db: &Db) -> Result<Vec<Page>, DbError> {

        &format!("SELECT {} FROM pages ORDER BY nav_order ASC, id ASC", PAGE_COLS),
    )?;
    let pages = stmt
        .query_map([], row_to_page)?
        .query_map([], from_row)?
        .collect::<Result<Vec<_>, _>>()?;
    Ok(pages)
}

        &format!("SELECT {} FROM pages WHERE is_published = 1 ORDER BY nav_order ASC, id ASC", PAGE_COLS),
    )?;
    let pages = stmt
        .query_map([], row_to_page)?
        .query_map([], from_row)?
        .collect::<Result<Vec<_>, _>>()?;
    Ok(pages)
}

    if rows == 0 {
        return Ok(None);
    }
    match conn.query_row(
        &format!("SELECT {} FROM pages WHERE short_id = ?1", PAGE_COLS),
        params![short_id],
        row_to_page,
    ) {
        Ok(page) => Ok(Some(page)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
    let page = conn
        .query_row(
            &format!("SELECT {} FROM pages WHERE short_id = ?1", PAGE_COLS),
            params![short_id],
            from_row,
        )
        .optional()?;
    Ok(page)
}

pub fn delete_page(db: &Db, short_id: &str) -> Result<bool, DbError> {


pub fn get_setting(db: &Db, key: &str) -> Result<Option<String>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        "SELECT value FROM settings WHERE key = ?1",
        params![key],
        |row| row.get(0),
    ) {
        Ok(val) => Ok(Some(val)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
    let val = conn
        .query_row(
            "SELECT value FROM settings WHERE key = ?1",
            params![key],
            |row| row.get(0),
        )
        .optional()?;
    Ok(val)
}

pub fn set_setting(db: &Db, key: &str, value: &str) -> Result<(), DbError> {

    Ok(settings)
}

// --- Session functions ---

pub fn insert_session(db: &Db, token: &str, expires_at: &str) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute(
        "INSERT INTO sessions (token, expires_at) VALUES (?1, ?2)",
        params![token, expires_at],
    )?;
    Ok(())
}

pub fn get_session_expiry(db: &Db, token: &str) -> Result<Option<String>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        "SELECT expires_at FROM sessions WHERE token = ?1",
        params![token],
        |row| row.get(0),
    ) {
        Ok(val) => Ok(Some(val)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
}

pub fn delete_session(db: &Db, token: &str) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute("DELETE FROM sessions WHERE token = ?1", params![token])?;
    Ok(())
}

pub fn prune_expired_sessions(db: &Db) -> Result<(), DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    conn.execute(
        "DELETE FROM sessions WHERE expires_at < datetime('now')",
        [],
    )?;
    Ok(())
}

// --- File CRUD ---

fn row_to_file(row: &rusqlite::Row) -> rusqlite::Result<UploadedFile> {
    Ok(UploadedFile {
        id: row.get(0)?,
        short_id: row.get(1)?,
        filename: row.get(2)?,
        original_name: row.get(3)?,
        content_type: row.get(4)?,
        size: row.get(5)?,
        created_at: row.get(6)?,
    })
}

const FILE_COLS: &str = "id, short_id, filename, original_name, content_type, size, created_at";

pub fn create_file(

    let file = conn.query_row(
        &format!("SELECT {} FROM files WHERE id = ?1", FILE_COLS),
        params![id],
        row_to_file,
        from_row,
    )?;
    Ok(file)
}

        &format!("SELECT {} FROM files ORDER BY id DESC", FILE_COLS),
    )?;
    let files = stmt
        .query_map([], row_to_file)?
        .query_map([], from_row)?
        .collect::<Result<Vec<_>, _>>()?;
    Ok(files)
}

pub fn delete_file(db: &Db, short_id: &str) -> Result<Option<UploadedFile>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    let file = match conn.query_row(
        &format!("SELECT {} FROM files WHERE short_id = ?1", FILE_COLS),
        params![short_id],
        row_to_file,
    ) {
        Ok(f) => f,
        Err(rusqlite::Error::QueryReturnedNoRows) => return Ok(None),
        Err(e) => return Err(DbError::Sqlite(e)),
    };
    conn.execute("DELETE FROM files WHERE short_id = ?1", params![short_id])?;
    Ok(Some(file))
    let file: Option<UploadedFile> = conn
        .query_row(
            &format!("SELECT {} FROM files WHERE short_id = ?1", FILE_COLS),
            params![short_id],
            from_row,
        )
        .optional()?;
    match file {
        Some(f) => {
            conn.execute("DELETE FROM files WHERE short_id = ?1", params![short_id])?;
            Ok(Some(f))
        }
        None => Ok(None),
    }
}

#[cfg(test)]


    fn test_db() -> Db {
        let conn = Connection::open_in_memory().unwrap();
        conn.execute_batch(
            "CREATE TABLE IF NOT EXISTS posts (
                id              INTEGER PRIMARY KEY AUTOINCREMENT,
                short_id        TEXT NOT NULL UNIQUE,
                title           TEXT NOT NULL,
                slug            TEXT NOT NULL UNIQUE,
                alias           TEXT,
                canonical_url   TEXT,
                published_date  TEXT,
                meta_description TEXT,
                meta_image      TEXT,
                lang            TEXT NOT NULL DEFAULT 'en',
                tags            TEXT,
                content         TEXT NOT NULL,
                status          TEXT NOT NULL DEFAULT 'draft',
                created_at      TEXT NOT NULL DEFAULT (datetime('now')),
                updated_at      TEXT NOT NULL DEFAULT (datetime('now'))
            );
            CREATE TABLE IF NOT EXISTS pages (
                id              INTEGER PRIMARY KEY AUTOINCREMENT,
                short_id        TEXT NOT NULL UNIQUE,
                title           TEXT NOT NULL,
                slug            TEXT NOT NULL UNIQUE,
                content         TEXT NOT NULL,
                is_published    INTEGER NOT NULL DEFAULT 0,
                nav_order       INTEGER NOT NULL DEFAULT 0,
                created_at      TEXT NOT NULL DEFAULT (datetime('now')),
                updated_at      TEXT NOT NULL DEFAULT (datetime('now'))
            );
            CREATE TABLE IF NOT EXISTS sessions (
                id              INTEGER PRIMARY KEY AUTOINCREMENT,
                token           TEXT NOT NULL UNIQUE,
                expires_at      TEXT NOT NULL
            );
            CREATE TABLE IF NOT EXISTS settings (
                key   TEXT PRIMARY KEY,
                value TEXT NOT NULL
            );
            CREATE TABLE IF NOT EXISTS files (
                id            INTEGER PRIMARY KEY AUTOINCREMENT,
                short_id      TEXT NOT NULL UNIQUE,
                filename      TEXT NOT NULL UNIQUE,
                original_name TEXT NOT NULL,
                content_type  TEXT NOT NULL DEFAULT 'application/octet-stream',
                size          INTEGER NOT NULL,
                created_at    TEXT NOT NULL DEFAULT (datetime('now'))
            );",
        )
        .unwrap();
        conn.execute_batch(SCHEMA).unwrap();
        Arc::new(Mutex::new(conn))
    }

    fn test_post_input<'a>(title: &'a str, slug: &'a str, content: &'a str, status: &'a str) -> PostInput<'a> {
        PostInput {
            title,
            slug,
            content,
            status,
            alias: None,
            canonical_url: None,
            published_date: None,
            meta_description: None,
            meta_image: None,
            lang: "en",
            tags: None,
        }
    }

    // ── Post CRUD ──────────────────────────────────────────────────────

    #[test]
    fn create_and_get_post() {
        let db = test_db();
        let post = create_post(
            &db, "Hello World", "hello-world", "# Hello", "draft",
            None, None, None, None, None, "en", None,
        )
        .unwrap();
        let post = create_post(&db, &test_post_input("Hello World", "hello-world", "# Hello", "draft")).unwrap();
        assert_eq!(post.title, "Hello World");
        assert_eq!(post.slug, "hello-world");
        assert_eq!(post.status, "draft");

    #[test]
    fn get_post_by_slug_works() {
        let db = test_db();
        create_post(
            &db, "Test", "test-slug", "content", "published",
            None, None, Some("2024-01-01"), None, None, "en", None,
        )
        .unwrap();
        let mut input = test_post_input("Test", "test-slug", "content", "published");
        input.published_date = Some("2024-01-01");
        create_post(&db, &input).unwrap();

        let post = get_post_by_slug(&db, "test-slug").unwrap().unwrap();
        assert_eq!(post.title, "Test");

    #[test]
    fn duplicate_slug_fails() {
        let db = test_db();
        create_post(&db, "A", "same-slug", "a", "draft", None, None, None, None, None, "en", None).unwrap();
        let result = create_post(&db, "B", "same-slug", "b", "draft", None, None, None, None, None, "en", None);
        create_post(&db, &test_post_input("A", "same-slug", "a", "draft")).unwrap();
        let result = create_post(&db, &test_post_input("B", "same-slug", "b", "draft"));
        assert!(result.is_err());
    }

    #[test]
    fn get_all_posts_ordered_desc() {
        let db = test_db();
        create_post(&db, "First", "first", "a", "draft", None, None, None, None, None, "en", None).unwrap();
        create_post(&db, "Second", "second", "b", "draft", None, None, None, None, None, "en", None).unwrap();
        create_post(&db, &test_post_input("First", "first", "a", "draft")).unwrap();
        create_post(&db, &test_post_input("Second", "second", "b", "draft")).unwrap();

        let all = get_all_posts(&db).unwrap();
        assert_eq!(all.len(), 2);

    #[test]
    fn get_published_posts_filters() {
        let db = test_db();
        create_post(&db, "Draft", "draft", "a", "draft", None, None, None, None, None, "en", None).unwrap();
        create_post(&db, "Published", "pub", "b", "published", None, None, Some("2024-01-01"), None, None, "en", None).unwrap();
        create_post(&db, &test_post_input("Draft", "draft", "a", "draft")).unwrap();
        let mut input = test_post_input("Published", "pub", "b", "published");
        input.published_date = Some("2024-01-01");
        create_post(&db, &input).unwrap();

        let published = get_published_posts(&db).unwrap();
        assert_eq!(published.len(), 1);

    #[test]
    fn delete_post_works() {
        let db = test_db();
        let post = create_post(&db, "Del", "del", "x", "draft", None, None, None, None, None, "en", None).unwrap();
        let post = create_post(&db, &test_post_input("Del", "del", "x", "draft")).unwrap();
        assert!(delete_post(&db, &post.short_id).unwrap());
        assert!(get_post_by_short_id(&db, &post.short_id).unwrap().is_none());
    }

    #[test]
    fn toggle_post_status_draft_to_published() {
        let db = test_db();
        let post = create_post(&db, "Toggle", "toggle", "x", "draft", None, None, None, None, None, "en", None).unwrap();
        let post = create_post(&db, &test_post_input("Toggle", "toggle", "x", "draft")).unwrap();
        let new_status = toggle_post_status(&db, &post.short_id).unwrap().unwrap();
        assert_eq!(new_status, "published");


    #[test]
    fn toggle_post_status_published_to_draft() {
        let db = test_db();
        let post = create_post(&db, "Toggle", "toggle", "x", "published", None, None, Some("2024-01-01"), None, None, "en", None).unwrap();
        let mut input = test_post_input("Toggle", "toggle", "x", "published");
        input.published_date = Some("2024-01-01");
        let post = create_post(&db, &input).unwrap();
        let new_status = toggle_post_status(&db, &post.short_id).unwrap().unwrap();
        assert_eq!(new_status, "draft");
    }

    #[test]
    fn find_alias_redirect_found() {
        let db = test_db();
        create_post(&db, "Aliased", "aliased-post", "x", "published", Some("old-url"), None, Some("2024-01-01"), None, None, "en", None).unwrap();
        let mut input = test_post_input("Aliased", "aliased-post", "x", "published");
        input.alias = Some("old-url");
        input.published_date = Some("2024-01-01");
        create_post(&db, &input).unwrap();
        let redirect = find_alias_redirect(&db, "old-url").unwrap();
        assert_eq!(redirect, Some("/posts/aliased-post".to_string()));
    }

    #[test]
    fn find_alias_redirect_only_published() {
        let db = test_db();
        create_post(&db, "Draft Alias", "draft-alias", "x", "draft", Some("my-alias"), None, None, None, None, "en", None).unwrap();
        let mut input = test_post_input("Draft Alias", "draft-alias", "x", "draft");
        input.alias = Some("my-alias");
        create_post(&db, &input).unwrap();
        assert!(find_alias_redirect(&db, "my-alias").unwrap().is_none());
    }


apps/posts/src/server/handlers/admin.rs +22 −23

        attrs.published_date.trim().to_string()
    };

    match db::create_post(
        &state.db,
    let input = db::PostInput {
        title,
        &slug,
        &form.content,
        slug: &slug,
        content: &form.content,
        status,
        opt_str(&attrs.alias),
        None,
        Some(&published_date),
        opt_str(&attrs.meta_description),
        opt_str(&attrs.meta_image),
        alias: opt_str(&attrs.alias),
        canonical_url: None,
        published_date: Some(&published_date),
        meta_description: opt_str(&attrs.meta_description),
        meta_image: opt_str(&attrs.meta_image),
        lang,
        opt_str(&attrs.tags),
    ) {
        tags: opt_str(&attrs.tags),
    };
    match db::create_post(&state.db, &input) {
        Ok(_) => Redirect::to("/admin").into_response(),
        Err(e) => {
            tracing::error!("Failed to create post: {}", e);

        Some(attrs.published_date.trim().to_string())
    };

    match db::update_post(
        &state.db,
        &short_id,
    let input = db::PostInput {
        title,
        &slug,
        &form.content,
        slug: &slug,
        content: &form.content,
        status,
        opt_str(&attrs.alias),
        None,
        published_date.as_deref(),
        opt_str(&attrs.meta_description),
        opt_str(&attrs.meta_image),
        alias: opt_str(&attrs.alias),
        canonical_url: None,
        published_date: published_date.as_deref(),
        meta_description: opt_str(&attrs.meta_description),
        meta_image: opt_str(&attrs.meta_image),
        lang,
        opt_str(&attrs.tags),
    ) {
        tags: opt_str(&attrs.tags),
    };
    match db::update_post(&state.db, &short_id, &input) {
        Ok(Some(_)) => Redirect::to("/admin").into_response(),
        Ok(None) => (StatusCode::NOT_FOUND, Html("Post not found".to_string())).into_response(),
        Err(e) => {

apps/sipp/Cargo.toml +1 −0

dotenvy = { workspace = true }
subtle = { workspace = true }
rusqlite = { workspace = true }
andromeda-db = { workspace = true }
askama = "0.15.4"
askama_web = { version = "0.15.1", features = ["axum-0.8"] }
ratatui = "0.30"

apps/sipp/src/db.rs +46 −89

use nanoid::nanoid;
use rusqlite::{Connection, params};
use rusqlite::{Connection, OptionalExtension, params};
use serde::{Deserialize, Serialize};
use std::fmt;
use std::sync::{Arc, Mutex};

pub type Db = Arc<Mutex<Connection>>;

#[derive(Debug)]
pub enum DbError {
    Sqlite(rusqlite::Error),
    LockPoisoned,
}

impl fmt::Display for DbError {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            DbError::Sqlite(e) => write!(f, "Database error: {}", e),
            DbError::LockPoisoned => write!(f, "Database lock poisoned"),
        }
    }
}

impl std::error::Error for DbError {}

impl From<rusqlite::Error> for DbError {
    fn from(e: rusqlite::Error) -> Self {
        DbError::Sqlite(e)
    }
}
pub use andromeda_db::{Db, DbError};

#[derive(Serialize, Deserialize)]
pub struct Snippet {

    pub name: String,
}

const SNIPPET_COLS: &str = "id, short_id, content, name";

fn snippet_from_row(row: &rusqlite::Row) -> rusqlite::Result<Snippet> {
    Ok(Snippet {
        id: row.get(0)?,
        short_id: row.get(1)?,
        content: row.get(2)?,
        name: row.get(3)?,
    })
}

fn generate_short_id() -> String {
    nanoid!(10)
}

    std::env::var("SIPP_DB_PATH").unwrap_or_else(|_| "sipp.sqlite".to_string())
}

const SCHEMA: &str = "
    CREATE TABLE IF NOT EXISTS snippets (
        id INTEGER PRIMARY KEY AUTOINCREMENT,
        short_id TEXT NOT NULL UNIQUE,
        content TEXT NOT NULL,
        name TEXT NOT NULL
    );
";

pub fn init_db() -> Result<Db, DbError> {
    let conn = Connection::open(db_path())?;
    conn.execute(
        "CREATE TABLE IF NOT EXISTS snippets (
            id INTEGER PRIMARY KEY AUTOINCREMENT,
            short_id TEXT NOT NULL UNIQUE,
            content TEXT NOT NULL,
            name TEXT NOT NULL
        )",
        [],
    )?;
    conn.execute_batch(SCHEMA)?;
    Ok(Arc::new(Mutex::new(conn)))
}



pub fn get_snippet_by_short_id(db: &Db, short_id: &str) -> Result<Option<Snippet>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    match conn.query_row(
        "SELECT id, short_id, content, name FROM snippets WHERE short_id = ?1",
        params![short_id],
        |row| {
            Ok(Snippet {
                id: row.get(0)?,
                short_id: row.get(1)?,
                content: row.get(2)?,
                name: row.get(3)?,
            })
        },
    ) {
        Ok(snippet) => Ok(Some(snippet)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
    let snippet = conn
        .query_row(
            &format!("SELECT {} FROM snippets WHERE short_id = ?1", SNIPPET_COLS),
            params![short_id],
            snippet_from_row,
        )
        .optional()?;
    Ok(snippet)
}

pub fn get_all_snippets(db: &Db) -> Result<Vec<Snippet>, DbError> {
    let conn = db.lock().map_err(|_| DbError::LockPoisoned)?;
    let mut stmt = conn
        .prepare("SELECT id, short_id, content, name FROM snippets ORDER BY id DESC")?;
    let snippets = stmt.query_map([], |row| {
        Ok(Snippet {
            id: row.get(0)?,
            short_id: row.get(1)?,
            content: row.get(2)?,
            name: row.get(3)?,
        })
    })?
    .filter_map(|r| r.ok())
    .collect();
    let mut stmt = conn.prepare(
        &format!("SELECT {} FROM snippets ORDER BY id DESC", SNIPPET_COLS),
    )?;
    let snippets = stmt
        .query_map([], snippet_from_row)?
        .collect::<Result<Vec<_>, _>>()?;
    Ok(snippets)
}


    if rows_affected == 0 {
        return Ok(None);
    }
    match conn.query_row(
        "SELECT id, short_id, content, name FROM snippets WHERE short_id = ?1",
        params![short_id],
        |row| {
            Ok(Snippet {
                id: row.get(0)?,
                short_id: row.get(1)?,
                content: row.get(2)?,
                name: row.get(3)?,
            })
        },
    ) {
        Ok(snippet) => Ok(Some(snippet)),
        Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
        Err(e) => Err(DbError::Sqlite(e)),
    }
    let snippet = conn
        .query_row(
            &format!("SELECT {} FROM snippets WHERE short_id = ?1", SNIPPET_COLS),
            params![short_id],
            snippet_from_row,
        )
        .optional()?;
    Ok(snippet)
}

#[cfg(test)]


    fn test_db() -> Db {
        let conn = Connection::open_in_memory().unwrap();
        conn.execute(
            "CREATE TABLE IF NOT EXISTS snippets (
                id INTEGER PRIMARY KEY AUTOINCREMENT,
                short_id TEXT NOT NULL UNIQUE,
                content TEXT NOT NULL,
                name TEXT NOT NULL
            )",
            [],
        )
        .unwrap();
        conn.execute_batch(SCHEMA).unwrap();
        Arc::new(Mutex::new(conn))
    }


crates/db/Cargo.toml (added) +18 −0

1	+	[package]
2	+	name = "andromeda-db"
3	+	version = "0.1.0"
4	+	edition = "2024"
5	+	description = "Shared database types and session management for Andromeda apps"
6	+	license = "MIT"
7	+	repository = "https://github.com/stevedylandev/andromeda"
8	+	homepage = "https://github.com/stevedylandev/andromeda"
9	+
10	+	[dependencies]
11	+	rusqlite = { workspace = true }
12	+	axum = { workspace = true, optional = true }
13	+	tracing = { workspace = true, optional = true }
14	+
15	+	[features]
16	+	default = []
17	+	session = []
18	+	axum = ["dep:axum", "dep:tracing"]

crates/db/src/lib.rs (added) +47 −0

1	+	use rusqlite::Connection;
2	+	use std::fmt;
3	+	use std::sync::{Arc, Mutex};
4	+
5	+	pub type Db = Arc<Mutex<Connection>>;
6	+
7	+	pub trait HasDb {
8	+	fn db(&self) -> &Db;
9	+	}
10	+
11	+	#[derive(Debug)]
12	+	pub enum DbError {
13	+	Sqlite(rusqlite::Error),
14	+	LockPoisoned,
15	+	}
16	+
17	+	impl fmt::Display for DbError {
18	+	fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
19	+	match self {
20	+	DbError::Sqlite(e) => write!(f, "Database error: {}", e),
21	+	DbError::LockPoisoned => write!(f, "Database lock poisoned"),
22	+	}
23	+	}
24	+	}
25	+
26	+	impl std::error::Error for DbError {}
27	+
28	+	impl From<rusqlite::Error> for DbError {
29	+	fn from(e: rusqlite::Error) -> Self {
30	+	DbError::Sqlite(e)
31	+	}
32	+	}
33	+
34	+	#[cfg(feature = "axum")]
35	+	impl axum::response::IntoResponse for DbError {
36	+	fn into_response(self) -> axum::response::Response {
37	+	tracing::error!("{}", self);
38	+	(
39	+	axum::http::StatusCode::INTERNAL_SERVER_ERROR,
40	+	"Server error",
41	+	)
42	+	.into_response()
43	+	}
44	+	}
45	+
46	+	#[cfg(feature = "session")]
47	+	pub mod session;

crates/db/src/session.rs (added) +89 −0

1	+	use rusqlite::params;
2	+
3	+	use crate::{Db, DbError};
4	+
5	+	pub const SESSION_SCHEMA: &str = "
6	+	CREATE TABLE IF NOT EXISTS sessions (
7	+	id INTEGER PRIMARY KEY AUTOINCREMENT,
8	+	token TEXT NOT NULL UNIQUE,
9	+	expires_at TEXT NOT NULL
10	+	);
11	+	";
12	+
13	+	pub fn insert_session(db: &Db, token: &str, expires_at: &str) -> Result<(), DbError> {
14	+	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
15	+	conn.execute(
16	+	"INSERT INTO sessions (token, expires_at) VALUES (?1, ?2)",
17	+	params![token, expires_at],
18	+	)?;
19	+	Ok(())
20	+	}
21	+
22	+	pub fn get_session_expiry(db: &Db, token: &str) -> Result<Option<String>, DbError> {
23	+	use rusqlite::OptionalExtension;
24	+	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
25	+	let val = conn
26	+	.query_row(
27	+	"SELECT expires_at FROM sessions WHERE token = ?1",
28	+	params![token],
29	+	\|row\| row.get(0),
30	+	)
31	+	.optional()?;
32	+	Ok(val)
33	+	}
34	+
35	+	pub fn delete_session(db: &Db, token: &str) -> Result<(), DbError> {
36	+	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
37	+	conn.execute("DELETE FROM sessions WHERE token = ?1", params![token])?;
38	+	Ok(())
39	+	}
40	+
41	+	pub fn prune_expired_sessions(db: &Db) -> Result<(), DbError> {
42	+	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
43	+	conn.execute(
44	+	"DELETE FROM sessions WHERE expires_at < datetime('now')",
45	+	[],
46	+	)?;
47	+	Ok(())
48	+	}
49	+
50	+	#[cfg(test)]
51	+	mod tests {
52	+	use super::*;
53	+	use rusqlite::Connection;
54	+	use std::sync::{Arc, Mutex};
55	+
56	+	fn test_db() -> Db {
57	+	let conn = Connection::open_in_memory().unwrap();
58	+	conn.execute_batch(SESSION_SCHEMA).unwrap();
59	+	Arc::new(Mutex::new(conn))
60	+	}
61	+
62	+	#[test]
63	+	fn session_lifecycle() {
64	+	let db = test_db();
65	+	insert_session(&db, "tok", "2099-12-31 23:59:59").unwrap();
66	+	assert_eq!(
67	+	get_session_expiry(&db, "tok").unwrap(),
68	+	Some("2099-12-31 23:59:59".to_string())
69	+	);
70	+	delete_session(&db, "tok").unwrap();
71	+	assert!(get_session_expiry(&db, "tok").unwrap().is_none());
72	+	}
73	+
74	+	#[test]
75	+	fn prune_expired_sessions_works() {
76	+	let db = test_db();
77	+	insert_session(&db, "old", "2000-01-01 00:00:00").unwrap();
78	+	insert_session(&db, "new", "2099-01-01 00:00:00").unwrap();
79	+	prune_expired_sessions(&db).unwrap();
80	+	assert!(get_session_expiry(&db, "old").unwrap().is_none());
81	+	assert!(get_session_expiry(&db, "new").unwrap().is_some());
82	+	}
83	+
84	+	#[test]
85	+	fn missing_token_returns_none() {
86	+	let db = test_db();
87	+	assert!(get_session_expiry(&db, "nonexistent").unwrap().is_none());
88	+	}
89	+	}

71	71		]
72	72
73	73		[[package]]
	74	+	name = "andromeda-db"
	75	+	version = "0.1.0"
	76	+	dependencies = [
	77	+	"axum",
	78	+	"rusqlite",
	79	+	"tracing",
	80	+	]
	81	+
	82	+	[[package]]
74	83		name = "anstream"
75	84		version = "1.0.0"
76	85		source = "registry+https://github.com/rust-lang/crates.io-index"

680	689		version = "0.1.4"
681	690		dependencies = [
682	691		"andromeda-auth",
	692	+	"andromeda-db",
683	693		"askama 0.15.6",
684	694		"askama_web",
685	695		"axum",

2195	2205		version = "0.2.0"
2196	2206		dependencies = [
2197	2207		"andromeda-auth",
	2208	+	"andromeda-db",
2198	2209		"arboard",
2199	2210		"askama 0.15.6",
2200	2211		"askama_web",

2900	2911		version = "0.1.3"
2901	2912		dependencies = [
2902	2913		"andromeda-auth",
	2914	+	"andromeda-db",
2903	2915		"anyhow",
2904	2916		"askama 0.12.1",
2905	2917		"askama_axum",

3117	3129		version = "0.1.4"
3118	3130		dependencies = [
3119	3131		"andromeda-auth",
	3132	+	"andromeda-db",
3120	3133		"askama 0.15.6",
3121	3134		"askama_web",
3122	3135		"axum",

3128	3141		"rust-embed",
3129	3142		"serde",
3130	3143		"serde_json",
	3144	+	"serde_rusqlite",
3131	3145		"subtle",
3132	3146		"tokio",
3133	3147		"tracing",

4183	4197		name = "sipp-so"
4184	4198		version = "0.1.6"
4185	4199		dependencies = [
	4200	+	"andromeda-db",
4186	4201		"arboard",
4187	4202		"askama 0.15.6",
4188	4203		"askama_web",

21	21		tracing = { workspace = true }
22	22		tracing-subscriber = { workspace = true }
23	23		andromeda-auth = { workspace = true }
	24	+	andromeda-db = { workspace = true, features = ["session"] }
24	25		askama = "0.15"
25	26		askama_web = { version = "0.15", features = ["axum-0.8"] }
26	27		reqwest = { version = "0.12", features = ["json", "rustls-tls"], default-features = false }

1	1		use nanoid::nanoid;
2	2		use rusqlite::{Connection, params};
3	3		use serde::{Deserialize, Serialize};
4		-	use std::fmt;
5	4		use std::sync::{Arc, Mutex};
6	5
7		-	pub type Db = Arc<Mutex<Connection>>;
8		-
9		-	#[derive(Debug)]
10		-	pub enum DbError {
11		-	Sqlite(rusqlite::Error),
12		-	LockPoisoned,
13		-	}
14		-
15		-	impl fmt::Display for DbError {
16		-	fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
17		-	match self {
18		-	DbError::Sqlite(e) => write!(f, "Database error: {}", e),
19		-	DbError::LockPoisoned => write!(f, "Database lock poisoned"),
20		-	}
21		-	}
22		-	}
23		-
24		-	impl std::error::Error for DbError {}
25		-
26		-	impl From<rusqlite::Error> for DbError {
27		-	fn from(e: rusqlite::Error) -> Self {
28		-	DbError::Sqlite(e)
29		-	}
30		-	}
	6	+	pub use andromeda_db::{Db, DbError};
	7	+	pub use andromeda_db::session::{insert_session, get_session_expiry, delete_session, prune_expired_sessions};
31	8
32	9		#[derive(Debug, Serialize, Deserialize, Clone)]
33	10		pub struct Wine {

53	30		pub wishlist: bool,
54	31		}
55	32
	33	+	const SCHEMA: &str = "
	34	+	CREATE TABLE IF NOT EXISTS wines (
	35	+	id INTEGER PRIMARY KEY AUTOINCREMENT,
	36	+	short_id TEXT NOT NULL UNIQUE,
	37	+	name TEXT NOT NULL,
	38	+	origin TEXT NOT NULL,
	39	+	grape TEXT NOT NULL,
	40	+	notes TEXT NOT NULL,
	41	+	image BLOB,
	42	+	image_mime TEXT,
	43	+	sweetness INTEGER NOT NULL CHECK(sweetness BETWEEN 1 AND 5),
	44	+	acidity INTEGER NOT NULL CHECK(acidity BETWEEN 1 AND 5),
	45	+	tannin INTEGER NOT NULL CHECK(tannin BETWEEN 1 AND 5),
	46	+	alcohol INTEGER NOT NULL CHECK(alcohol BETWEEN 1 AND 5),
	47	+	body INTEGER NOT NULL CHECK(body BETWEEN 1 AND 5),
	48	+	clarity INTEGER NOT NULL DEFAULT 3,
	49	+	color_intensity INTEGER NOT NULL DEFAULT 3,
	50	+	aroma_intensity INTEGER NOT NULL DEFAULT 3,
	51	+	nose_complexity INTEGER NOT NULL DEFAULT 3,
	52	+	background TEXT NOT NULL DEFAULT '',
	53	+	created_at TEXT NOT NULL DEFAULT (datetime('now')),
	54	+	wishlist INTEGER NOT NULL DEFAULT 0
	55	+	);
	56	+
	57	+	CREATE TABLE IF NOT EXISTS sessions (
	58	+	id INTEGER PRIMARY KEY AUTOINCREMENT,
	59	+	token TEXT NOT NULL UNIQUE,
	60	+	expires_at TEXT NOT NULL
	61	+	);
	62	+	";
	63	+
56	64		pub fn init_db() -> Db {
57	65		let path = std::env::var("CELLAR_DB_PATH").unwrap_or_else(\|_\| "cellar.sqlite".to_string());
58	66		let conn = Connection::open(&path).expect("Failed to open database");
59	67
60		-	conn.execute_batch(
61		-	"CREATE TABLE IF NOT EXISTS wines (
62		-	id INTEGER PRIMARY KEY AUTOINCREMENT,
63		-	short_id TEXT NOT NULL UNIQUE,
64		-	name TEXT NOT NULL,
65		-	origin TEXT NOT NULL,
66		-	grape TEXT NOT NULL,
67		-	notes TEXT NOT NULL,
68		-	image BLOB,
69		-	image_mime TEXT,
70		-	sweetness INTEGER NOT NULL CHECK(sweetness BETWEEN 1 AND 5),
71		-	acidity INTEGER NOT NULL CHECK(acidity BETWEEN 1 AND 5),
72		-	tannin INTEGER NOT NULL CHECK(tannin BETWEEN 1 AND 5),
73		-	alcohol INTEGER NOT NULL CHECK(alcohol BETWEEN 1 AND 5),
74		-	body INTEGER NOT NULL CHECK(body BETWEEN 1 AND 5),
75		-	created_at TEXT NOT NULL DEFAULT (datetime('now'))
76		-	);
	68	+	conn.execute_batch(SCHEMA).expect("Failed to create tables");
77	69
78		-	CREATE TABLE IF NOT EXISTS sessions (
79		-	id INTEGER PRIMARY KEY AUTOINCREMENT,
80		-	token TEXT NOT NULL UNIQUE,
81		-	expires_at TEXT NOT NULL
82		-	);"
83		-	)
84		-	.expect("Failed to create tables");
85		-
86		-	// Migration: add background column if it doesn't exist
	70	+	// Migrations for existing databases (idempotent — ALTER TABLE fails silently if column exists)
87	71		let _ = conn.execute("ALTER TABLE wines ADD COLUMN background TEXT NOT NULL DEFAULT ''", []);
88		-
89		-	// Migration: add appearance and nose tasting attributes
90	72		let _ = conn.execute("ALTER TABLE wines ADD COLUMN clarity INTEGER NOT NULL DEFAULT 3", []);
91	73		let _ = conn.execute("ALTER TABLE wines ADD COLUMN color_intensity INTEGER NOT NULL DEFAULT 3", []);
92	74		let _ = conn.execute("ALTER TABLE wines ADD COLUMN aroma_intensity INTEGER NOT NULL DEFAULT 3", []);
93	75		let _ = conn.execute("ALTER TABLE wines ADD COLUMN nose_complexity INTEGER NOT NULL DEFAULT 3", []);
94		-
95		-	// Migration: add wishlist flag
96	76		let _ = conn.execute("ALTER TABLE wines ADD COLUMN wishlist INTEGER NOT NULL DEFAULT 0", []);
97	77
98	78		Arc::new(Mutex::new(conn))

298	278		Ok(rows > 0)
299	279		}
300	280
301		-	// Session functions
302		-
303		-	pub fn insert_session(db: &Db, token: &str, expires_at: &str) -> Result<(), DbError> {
304		-	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
305		-	conn.execute(
306		-	"INSERT INTO sessions (token, expires_at) VALUES (?1, ?2)",
307		-	params![token, expires_at],
308		-	)?;
309		-	Ok(())
310		-	}
311		-
312		-	pub fn get_session_expiry(db: &Db, token: &str) -> Result<Option<String>, DbError> {
313		-	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
314		-	match conn.query_row(
315		-	"SELECT expires_at FROM sessions WHERE token = ?1",
316		-	params![token],
317		-	\|row\| row.get(0),
318		-	) {
319		-	Ok(val) => Ok(Some(val)),
320		-	Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
321		-	Err(e) => Err(DbError::Sqlite(e)),
322		-	}
323		-	}
324		-
325		-	pub fn delete_session(db: &Db, token: &str) -> Result<(), DbError> {
326		-	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
327		-	conn.execute("DELETE FROM sessions WHERE token = ?1", params![token])?;
328		-	Ok(())
329		-	}
330		-
331		-	pub fn prune_expired_sessions(db: &Db) -> Result<(), DbError> {
332		-	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
333		-	conn.execute(
334		-	"DELETE FROM sessions WHERE expires_at < datetime('now')",
335		-	[],
336		-	)?;
337		-	Ok(())
338		-	}
339		-
340	281		#[cfg(test)]
341	282		mod tests {
342	283		use super::*;
343	284
344	285		fn test_db() -> Db {
345	286		let conn = Connection::open_in_memory().unwrap();
346		-	conn.execute_batch(
347		-	"CREATE TABLE IF NOT EXISTS wines (
348		-	id INTEGER PRIMARY KEY AUTOINCREMENT,
349		-	short_id TEXT NOT NULL UNIQUE,
350		-	name TEXT NOT NULL,
351		-	origin TEXT NOT NULL,
352		-	grape TEXT NOT NULL,
353		-	notes TEXT NOT NULL,
354		-	image BLOB,
355		-	image_mime TEXT,
356		-	sweetness INTEGER NOT NULL CHECK(sweetness BETWEEN 1 AND 5),
357		-	acidity INTEGER NOT NULL CHECK(acidity BETWEEN 1 AND 5),
358		-	tannin INTEGER NOT NULL CHECK(tannin BETWEEN 1 AND 5),
359		-	alcohol INTEGER NOT NULL CHECK(alcohol BETWEEN 1 AND 5),
360		-	body INTEGER NOT NULL CHECK(body BETWEEN 1 AND 5),
361		-	clarity INTEGER NOT NULL DEFAULT 3,
362		-	color_intensity INTEGER NOT NULL DEFAULT 3,
363		-	aroma_intensity INTEGER NOT NULL DEFAULT 3,
364		-	nose_complexity INTEGER NOT NULL DEFAULT 3,
365		-	background TEXT NOT NULL DEFAULT '',
366		-	created_at TEXT NOT NULL DEFAULT (datetime('now')),
367		-	wishlist INTEGER NOT NULL DEFAULT 0
368		-	);
369		-	CREATE TABLE IF NOT EXISTS sessions (
370		-	id INTEGER PRIMARY KEY AUTOINCREMENT,
371		-	token TEXT NOT NULL UNIQUE,
372		-	expires_at TEXT NOT NULL
373		-	);",
374		-	)
375		-	.unwrap();
	287	+	conn.execute_batch(SCHEMA).unwrap();
376	288		Arc::new(Mutex::new(conn))
377	289		}
378	290

1	1		use nanoid::nanoid;
2	2		use rusqlite::{Connection, OptionalExtension, Row, params};
3	3		use serde::{Deserialize, Serialize};
4		-	use std::fmt;
5	4		use std::sync::{Arc, Mutex};
6	5
7		-	pub type Db = Arc<Mutex<Connection>>;
	6	+	pub use andromeda_db::{Db, DbError};
	7	+	pub use andromeda_db::session::{insert_session, get_session_expiry, delete_session, prune_expired_sessions};
8	8
9	9		const NOTE_COLUMNS: &str = "id, short_id, title, content, created_at, updated_at";
10	10

24	24		expires_at TEXT NOT NULL
25	25		);
26	26		";
27		-
28		-	#[derive(Debug)]
29		-	pub enum DbError {
30		-	Sqlite(rusqlite::Error),
31		-	LockPoisoned,
32		-	}
33		-
34		-	impl fmt::Display for DbError {
35		-	fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
36		-	match self {
37		-	DbError::Sqlite(e) => write!(f, "Database error: {}", e),
38		-	DbError::LockPoisoned => write!(f, "Database lock poisoned"),
39		-	}
40		-	}
41		-	}
42		-
43		-	impl std::error::Error for DbError {}
44		-
45		-	impl From<rusqlite::Error> for DbError {
46		-	fn from(e: rusqlite::Error) -> Self {
47		-	DbError::Sqlite(e)
48		-	}
49		-	}
50	27
51	28		#[derive(Debug, Serialize, Deserialize)]
52	29		pub struct Note {

156	133		Ok(rows > 0)
157	134		}
158	135
159		-	// Session functions
160		-
161		-	pub fn insert_session(db: &Db, token: &str, expires_at: &str) -> Result<(), DbError> {
162		-	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
163		-	conn.execute(
164		-	"INSERT INTO sessions (token, expires_at) VALUES (?1, ?2)",
165		-	params![token, expires_at],
166		-	)?;
167		-	Ok(())
168		-	}
169		-
170		-	pub fn get_session_expiry(db: &Db, token: &str) -> Result<Option<String>, DbError> {
171		-	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
172		-	match conn.query_row(
173		-	"SELECT expires_at FROM sessions WHERE token = ?1",
174		-	params![token],
175		-	\|row\| row.get(0),
176		-	) {
177		-	Ok(val) => Ok(Some(val)),
178		-	Err(rusqlite::Error::QueryReturnedNoRows) => Ok(None),
179		-	Err(e) => Err(DbError::Sqlite(e)),
180		-	}
181		-	}
182		-
183		-	pub fn delete_session(db: &Db, token: &str) -> Result<(), DbError> {
184		-	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
185		-	conn.execute("DELETE FROM sessions WHERE token = ?1", params![token])?;
186		-	Ok(())
187		-	}
188		-
189		-	pub fn prune_expired_sessions(db: &Db) -> Result<(), DbError> {
190		-	let conn = db.lock().map_err(\|_\| DbError::LockPoisoned)?;
191		-	conn.execute(
192		-	"DELETE FROM sessions WHERE expires_at < datetime('now')",
193		-	[],
194		-	)?;
195		-	Ok(())
196		-	}
197	136
198	137		#[cfg(test)]
199	138		mod tests {

14	14		use crate::auth;
15	15		use crate::db::{self, Db, DbError, Note, NoteInput};
16	16
17		-	impl IntoResponse for DbError {
18		-	fn into_response(self) -> Response {
19		-	tracing::error!("{}", self);
20		-	(StatusCode::INTERNAL_SERVER_ERROR, "Server error").into_response()
21		-	}
22		-	}
23		-
24	17		fn redirect_with_cookie(target: &str, cookie: String) -> Response {
25	18		let mut resp = Redirect::to(target).into_response();
26	19		resp.headers_mut().insert(

22	22		tracing = { workspace = true }
23	23		tracing-subscriber = { workspace = true, features = ["env-filter"] }
24	24		andromeda-auth = { workspace = true }
	25	+	andromeda-db = { workspace = true, features = ["session"] }
25	26		rusqlite = { workspace = true }
26	27		reqwest = { version = "0.12", features = ["json"] }
27	28		askama = { version = "0.12", features = ["with-axum"] }

116	116		attrs.published_date.trim().to_string()
117	117		};
118	118
119		-	match db::create_post(
120		-	&state.db,
	119	+	let input = db::PostInput {
121	120		title,
122		-	&slug,
123		-	&form.content,
	121	+	slug: &slug,
	122	+	content: &form.content,
124	123		status,
125		-	opt_str(&attrs.alias),
126		-	None,
127		-	Some(&published_date),
128		-	opt_str(&attrs.meta_description),
129		-	opt_str(&attrs.meta_image),
	124	+	alias: opt_str(&attrs.alias),
	125	+	canonical_url: None,
	126	+	published_date: Some(&published_date),
	127	+	meta_description: opt_str(&attrs.meta_description),
	128	+	meta_image: opt_str(&attrs.meta_image),
130	129		lang,
131		-	opt_str(&attrs.tags),
132		-	) {
	130	+	tags: opt_str(&attrs.tags),
	131	+	};
	132	+	match db::create_post(&state.db, &input) {
133	133		Ok(_) => Redirect::to("/admin").into_response(),
134	134		Err(e) => {
135	135		tracing::error!("Failed to create post: {}", e);

184	184		Some(attrs.published_date.trim().to_string())
185	185		};
186	186
187		-	match db::update_post(
188		-	&state.db,
189		-	&short_id,
	187	+	let input = db::PostInput {
190	188		title,
191		-	&slug,
192		-	&form.content,
	189	+	slug: &slug,
	190	+	content: &form.content,
193	191		status,
194		-	opt_str(&attrs.alias),
195		-	None,
196		-	published_date.as_deref(),
197		-	opt_str(&attrs.meta_description),
198		-	opt_str(&attrs.meta_image),
	192	+	alias: opt_str(&attrs.alias),
	193	+	canonical_url: None,
	194	+	published_date: published_date.as_deref(),
	195	+	meta_description: opt_str(&attrs.meta_description),
	196	+	meta_image: opt_str(&attrs.meta_image),
199	197		lang,
200		-	opt_str(&attrs.tags),
201		-	) {
	198	+	tags: opt_str(&attrs.tags),
	199	+	};
	200	+	match db::update_post(&state.db, &short_id, &input) {
202	201		Ok(Some(_)) => Redirect::to("/admin").into_response(),
203	202		Ok(None) => (StatusCode::NOT_FOUND, Html("Post not found".to_string())).into_response(),
204	203		Err(e) => {

28	28		dotenvy = { workspace = true }
29	29		subtle = { workspace = true }
30	30		rusqlite = { workspace = true }
	31	+	andromeda-db = { workspace = true }
31	32		askama = "0.15.4"
32	33		askama_web = { version = "0.15.1", features = ["axum-0.8"] }
33	34		ratatui = "0.30"