Add i18n, analytics, turso aggregate, auth date normalization

Author: hotlong

apps/cloud/wrangler.toml

@@ -45,7 +45,7 @@ compatibility_flags = ["nodejs_compat"]
 # rebuild + re-push to ship a new version, then run `wrangler deploy`.
 [[containers]]
 class_name = "CloudContainer"
-image = "registry.cloudflare.com/2846eb40a60f4738e292b90dcd8cce10/objectstack-cloud:direct-storage"
+image = "registry.cloudflare.com/2846eb40a60f4738e292b90dcd8cce10/objectstack-cloud:8aa66f48"
 max_instances = 3
 instance_type = "standard-1"
 

apps/objectos/package.json

@@ -48,6 +48,7 @@
     "@objectstack/service-automation": "workspace:*",
     "@objectstack/service-cloud": "workspace:*",
     "@objectstack/service-feed": "workspace:*",
+    "@objectstack/service-i18n": "workspace:*",
     "@objectstack/service-package": "workspace:*",
     "@objectstack/service-tenant": "workspace:*",
     "@objectstack/spec": "workspace:*",

apps/objectos/wrangler.toml

@@ -44,7 +44,7 @@ compatibility_flags = ["nodejs_compat"]
 # rebuild + re-push to ship a new version, then run `wrangler deploy`.
 [[containers]]
 class_name = "ObjectOSContainer"
-image = "registry.cloudflare.com/2846eb40a60f4738e292b90dcd8cce10/objectos:per-project-auth-14"
+image = "registry.cloudflare.com/2846eb40a60f4738e292b90dcd8cce10/objectos:turso-aggregate-1"
 max_instances = 5
 instance_type = "standard-1"
 

packages/objectql/src/plugin.ts

@@ -149,6 +149,28 @@ export class ObjectQLPlugin implements Plugin {
 
     ctx.registerService('protocol', protocolShim);
     ctx.logger.info('Protocol service registered');
+
+    // Register an `analytics` service adapter that maps the dispatcher's
+    // expected interface (query / getMeta / generateSql) onto the
+    // protocol shim's `analyticsQuery`. Without this, HttpDispatcher's
+    // `handleAnalytics` cannot resolve a service and `/api/v1/analytics/*`
+    // returns ROUTE_NOT_FOUND, even though discovery advertises the route
+    // (objectql's getDiscovery hardcodes `analytics: enabled:true`). The
+    // adapter delegates `query` to the cube → engine.aggregate translator
+    // already implemented in protocol.ts; getMeta/generateSql return a
+    // structured "not implemented" payload so callers see something
+    // useful instead of a 500.
+    ctx.registerService('analytics', {
+      query: (body: any) => protocolShim.analyticsQuery(body),
+      getMeta: async () => ({
+        cubes: [],
+        message: 'Analytics meta endpoint not implemented by ObjectQL adapter',
+      }),
+      generateSql: async (_body: any) => ({
+        sql: null,
+        message: 'Analytics SQL generation not implemented by ObjectQL adapter',
+      }),
+    });
   }
 
   start = async (ctx: PluginContext) => {

packages/plugins/driver-turso/src/remote-transport.ts

@@ -174,6 +174,67 @@ export class RemoteTransport {
     }
   }
 
+  async aggregate(object: string, query: any): Promise<Record<string, unknown>[]> {
+    await this.ensureConnected();
+    this.assertSafeIdentifier(object);
+
+    const selectParts: string[] = [];
+    const groupBy: string[] = Array.isArray(query?.groupBy) ? query.groupBy : [];
+
+    for (const field of groupBy) {
+      this.assertSafeIdentifier(field);
+      selectParts.push(`"${field}"`);
+    }
+
+    const aggregations = query?.aggregations || query?.aggregate || [];
+    for (const agg of aggregations) {
+      const funcRaw = String(agg.function || agg.func || '').toLowerCase();
+      if (!['count', 'sum', 'avg', 'min', 'max'].includes(funcRaw)) {
+        throw new Error(`Unsupported aggregate function: ${funcRaw}`);
+      }
+      const field = agg.field || '*';
+      let fieldSql: string;
+      if (field === '*') {
+        fieldSql = '*';
+      } else {
+        this.assertSafeIdentifier(field);
+        fieldSql = `"${field}"`;
+      }
+      const alias = agg.alias || `${funcRaw}_${field === '*' ? 'all' : field}`;
+      this.assertSafeIdentifier(alias);
+      selectParts.push(`${funcRaw}(${fieldSql}) AS "${alias}"`);
+    }
+
+    if (selectParts.length === 0) selectParts.push('*');
+
+    let sql = `SELECT ${selectParts.join(', ')} FROM "${object}"`;
+    const args: any[] = [];
+
+    const { whereClauses, args: whereArgs } = this.buildWhereSQL(query?.where);
+    if (whereClauses) {
+      sql += ` WHERE ${whereClauses}`;
+      args.push(...whereArgs);
+    }
+
+    if (groupBy.length > 0) {
+      sql += ` GROUP BY ${groupBy.map((f) => `"${f}"`).join(', ')}`;
+    }
+
+    try {
+      const result = await this.client!.execute({ sql, args });
+      return this.mapRows(result);
+    } catch (error: any) {
+      if (
+        error.message &&
+        (error.message.includes('no such table') ||
+          error.message.includes('no such column'))
+      ) {
+        return [];
+      }
+      throw error;
+    }
+  }
+
   async create(object: string, data: Record<string, unknown>): Promise<Record<string, unknown>> {
     await this.ensureConnected();
 
@@ -765,11 +826,15 @@ export class RemoteTransport {
 
   /**
    * Serialize a value for @libsql/client args.
-   * JSON objects/arrays are stringified; booleans are kept as-is (libsql handles them).
+   * - `Date` → ISO 8601 string (avoids libsql HTTP transport coercing the
+   *   value to a REAL column and round-tripping it as `"<epoch>.0"`).
+   * - JSON objects/arrays are stringified.
+   * - booleans are kept as-is (libsql handles them).
    */
   private serializeValue(value: unknown): any {
     if (value === null || value === undefined) return null;
-    if (typeof value === 'object' && !(value instanceof Date)) {
+    if (value instanceof Date) return value.toISOString();
+    if (typeof value === 'object') {
       return JSON.stringify(value);
     }
     return value;

packages/plugins/driver-turso/src/turso-driver.ts

@@ -491,6 +491,11 @@ export class TursoDriver extends SqlDriver {
     return super.count(object, query, options);
   }
 
+  override async aggregate(object: string, query: any, options?: any): Promise<any> {
+    if (this.isRemote) return this.remoteTransport!.aggregate(object, query);
+    return super.aggregate(object, query, options);
+  }
+
   // ===================================
   // Bulk Operations (remote mode overrides)
   // ===================================

packages/plugins/plugin-auth/src/objectql-adapter.ts

@@ -30,6 +30,73 @@ export function resolveProtocolName(model: string): string {
 // Internal helpers
 // ---------------------------------------------------------------------------
 
+/**
+ * better-auth datetime columns (snake_case) per model.
+ *
+ * When the underlying driver stored these as JavaScript `Date` objects
+ * (legacy behaviour), the libsql HTTP transport coerces the value to a REAL
+ * column and round-trips it as a string like `"1779497911249.0"`. That
+ * string is not a valid Date string (it has a trailing `.0`), so
+ * `new Date(...)` produces `Invalid Date` and better-auth's client treats
+ * the session as expired — causing a login/redirect loop.
+ *
+ * We normalise these legacy values back to ISO strings on **read** so the
+ * factory's `supportsDates: false` parser can turn them into real Date
+ * objects. New writes always go through better-auth's own
+ * `Date → ISO string` conversion (because we declare `supportsDates: false`
+ * below), so no further `.0`-suffixed values will ever be created.
+ */
+const LEGACY_DATETIME_FIELDS_BY_MODEL: Record<string, string[]> = {
+  user: ['created_at', 'updated_at'],
+  session: ['expires_at', 'created_at', 'updated_at'],
+  account: [
+    'access_token_expires_at',
+    'refresh_token_expires_at',
+    'created_at',
+    'updated_at',
+  ],
+  verification: ['expires_at', 'created_at', 'updated_at'],
+};
+
+const NUMERIC_STRING_RE = /^-?\d+(\.\d+)?$/;
+
+/**
+ * If `value` looks like a stringified epoch-ms (optionally with `.0`),
+ * convert it to an ISO 8601 string. Otherwise return it unchanged.
+ */
+function normaliseLegacyDate(value: unknown): unknown {
+  if (typeof value !== 'string') return value;
+  if (!NUMERIC_STRING_RE.test(value)) return value;
+  const n = parseFloat(value);
+  if (!Number.isFinite(n)) return value;
+  // Heuristic: epoch milliseconds are at least 10 digits (year 2001+).
+  if (Math.abs(n) < 1e10) return value;
+  const d = new Date(n);
+  if (Number.isNaN(d.getTime())) return value;
+  return d.toISOString();
+}
+
+/**
+ * Walk a record and rewrite any legacy `.0`-suffixed datetime values
+ * into ISO strings. Mutates and returns the record.
+ */
+function normaliseLegacyDates<T extends Record<string, any> | null | undefined>(
+  model: string,
+  record: T,
+): T {
+  if (!record) return record;
+  const cols = LEGACY_DATETIME_FIELDS_BY_MODEL[model];
+  if (!cols) return record;
+  for (const col of cols) {
+    if (col in record) {
+      (record as Record<string, unknown>)[col] = normaliseLegacyDate(
+        (record as Record<string, unknown>)[col],
+      );
+    }
+  }
+  return record;
+}
+
 /**
  * Convert better-auth where clause to ObjectQL query format.
  *
@@ -88,17 +155,21 @@ export function createObjectQLAdapterFactory(dataEngine: IDataEngine) {
   return createAdapterFactory({
     config: {
       adapterId: 'objectql',
-      // ObjectQL natively supports these types — no extra conversion needed
-      supportsBooleans: true,
-      supportsDates: true,
+      // We let better-auth handle Date↔string and boolean↔0/1 conversion so
+      // that values land in the underlying SQL driver as primitive strings
+      // and integers. Some drivers (e.g. libsql over the HTTP transport)
+      // otherwise mangle `Date` objects into `"<epoch>.0"` strings that
+      // break the client-side session parser.
+      supportsBooleans: false,
+      supportsDates: false,
       supportsJSON: true,
     },
     adapter: () => ({
       create: async <T extends Record<string, any>>(
         { model, data, select: _select }: { model: string; data: T; select?: string[] },
       ): Promise<T> => {
         const result = await dataEngine.insert(model, data);
-        return result as T;
+        return normaliseLegacyDates(model, result) as T;
       },
 
       findOne: async <T>(
@@ -108,7 +179,7 @@ export function createObjectQLAdapterFactory(dataEngine: IDataEngine) {
 
         const result = await dataEngine.findOne(model, { where: filter, fields: select });
 
-        return result ? (result as T) : null;
+        return result ? (normaliseLegacyDates(model, result) as T) : null;
       },
 
       findMany: async <T>(
@@ -130,7 +201,7 @@ export function createObjectQLAdapterFactory(dataEngine: IDataEngine) {
           orderBy,
         });
 
-        return results as T[];
+        return results.map((r) => normaliseLegacyDates(model, r as Record<string, any>)) as T[];
       },
 
       count: async (
@@ -150,7 +221,7 @@ export function createObjectQLAdapterFactory(dataEngine: IDataEngine) {
         if (!record) return null;
 
         const result = await dataEngine.update(model, { ...(update as any), id: record.id });
-        return result ? (result as T) : null;
+        return result ? (normaliseLegacyDates(model, result) as T) : null;
       },
 
       updateMany: async (

packages/runtime/src/dispatcher-plugin.ts

@@ -260,9 +260,12 @@ export function createDispatcherPlugin(config: DispatcherPluginConfig = {}): Plu
             });
 
             // ── Analytics ───────────────────────────────────────────────
+            // Route via dispatch() (not handleAnalytics directly) so the host
+            // dispatcher's project-aware kernel swap runs first — the per-project
+            // kernel owns the `analytics` service (registered by ObjectQLPlugin).
             server.post(`${prefix}/analytics/query`, async (req: any, res: any) => {
                 try {
-                    const result = await dispatcher.handleAnalytics('query', 'POST', req.body, { request: req });
+                    const result = await dispatcher.dispatch('POST', '/analytics/query', req.body, req.query, { request: req });
                     sendResult(result, res);
                 } catch (err: any) {
                     errorResponse(err, res);
@@ -271,7 +274,7 @@ export function createDispatcherPlugin(config: DispatcherPluginConfig = {}): Plu
 
             server.get(`${prefix}/analytics/meta`, async (req: any, res: any) => {
                 try {
-                    const result = await dispatcher.handleAnalytics('meta', 'GET', {}, { request: req });
+                    const result = await dispatcher.dispatch('GET', '/analytics/meta', undefined, req.query, { request: req });
                     sendResult(result, res);
                 } catch (err: any) {
                     errorResponse(err, res);
@@ -280,7 +283,7 @@ export function createDispatcherPlugin(config: DispatcherPluginConfig = {}): Plu
 
             server.post(`${prefix}/analytics/sql`, async (req: any, res: any) => {
                 try {
-                    const result = await dispatcher.handleAnalytics('sql', 'POST', req.body, { request: req });
+                    const result = await dispatcher.dispatch('POST', '/analytics/sql', req.body, req.query, { request: req });
                     sendResult(result, res);
                 } catch (err: any) {
                     errorResponse(err, res);
@@ -609,11 +612,15 @@ export function createDispatcherPlugin(config: DispatcherPluginConfig = {}): Plu
             });
 
             // ── i18n ────────────────────────────────────────────────────
-            // Bridges to HttpDispatcher.handleI18n() which resolves the i18n
-            // service from the kernel (either I18nServicePlugin or memory fallback).
+            // Route via dispatch() (not handleI18n directly) so the host
+            // dispatcher's project-aware kernel swap runs first. Without this,
+            // i18n requests hit the host kernel's in-memory fallback (which
+            // is always empty) instead of the per-project I18nServicePlugin
+            // populated by ArtifactKernelFactory with the artifact's
+            // translation bundles.
             server.get(`${prefix}/i18n/locales`, async (req: any, res: any) => {
                 try {
-                    const result = await dispatcher.handleI18n('/locales', 'GET', req.query, { request: req });
+                    const result = await dispatcher.dispatch('GET', '/i18n/locales', undefined, req.query, { request: req });
                     sendResult(result, res);
                 } catch (err: any) {
                     errorResponse(err, res);
@@ -622,7 +629,7 @@ export function createDispatcherPlugin(config: DispatcherPluginConfig = {}): Plu
 
             server.get(`${prefix}/i18n/translations/:locale`, async (req: any, res: any) => {
                 try {
-                    const result = await dispatcher.handleI18n(`/translations/${req.params.locale}`, 'GET', req.query, { request: req });
+                    const result = await dispatcher.dispatch('GET', `/i18n/translations/${req.params.locale}`, undefined, req.query, { request: req });
                     sendResult(result, res);
                 } catch (err: any) {
                     errorResponse(err, res);
@@ -631,7 +638,7 @@ export function createDispatcherPlugin(config: DispatcherPluginConfig = {}): Plu
 
             server.get(`${prefix}/i18n/labels/:object/:locale`, async (req: any, res: any) => {
                 try {
-                    const result = await dispatcher.handleI18n(`/labels/${req.params.object}/${req.params.locale}`, 'GET', req.query, { request: req });
+                    const result = await dispatcher.dispatch('GET', `/i18n/labels/${req.params.object}/${req.params.locale}`, undefined, req.query, { request: req });
                     sendResult(result, res);
                 } catch (err: any) {
                     errorResponse(err, res);

packages/services/service-cloud/package.json

@@ -34,6 +34,7 @@
     "@objectstack/plugin-auth": "workspace:^",
     "@objectstack/plugin-security": "workspace:^",
     "@objectstack/runtime": "workspace:^",
+    "@objectstack/service-i18n": "workspace:^",
     "@objectstack/service-package": "workspace:^",
     "@objectstack/service-storage": "workspace:*",
     "@objectstack/service-tenant": "workspace:^",