fix: add validation for Turso DB credentials and handle undefined values (#12)

dreyfus92 · Adammatthiesen · web-flow · commit 2f8f5e2295ff · 2025-04-09T08:01:55.000-06:00
Co-authored-by: Adam Matthiesen &lt;amatthiesen@outlook.com&gt;
diff --git a/.changeset/honest-turkeys-relate.md b/.changeset/honest-turkeys-relate.md
@@ -0,0 +1,5 @@
+---
+"create-studiocms": patch
+---
+
+Fixes undefined Turso DB credentials in environment files and add validation
diff --git a/package/src/cmds/interactive/data/studiocmsenv.ts b/package/src/cmds/interactive/data/studiocmsenv.ts
@@ -38,8 +38,8 @@ export function buildEnvFile(envBuilderOpts: EnvBuilderOptions): string {
 	let envFileContent = `# StudioCMS Environment Variables
 
 # libSQL URL and Token for AstroDB
-ASTRO_DB_REMOTE_URL=${envBuilderOpts.astroDbRemoteUrl}
-ASTRO_DB_APP_TOKEN=${envBuilderOpts.astroDbToken}
+ASTRO_DB_REMOTE_URL=${envBuilderOpts.astroDbRemoteUrl || ''}
+ASTRO_DB_APP_TOKEN=${envBuilderOpts.astroDbToken || ''}
 
 # Auth encryption key
 CMS_ENCRYPTION_KEY="${envBuilderOpts.encryptionKey}" # openssl rand --base64 16
diff --git a/package/src/cmds/interactive/envBuilder.ts b/package/src/cmds/interactive/envBuilder.ts
@@ -267,8 +267,107 @@ export async function env(
 
 								ctx.debug && ctx.logger.debug(`Database Token: ${dbToken}`);
 
-								envBuilderOpts.astroDbRemoteUrl = dbURL;
-								envBuilderOpts.astroDbToken = dbToken;
+								// Validate URL and token
+								if (!dbURL || !dbURL.startsWith('libsql://')) {
+									tursoSetup.stop(
+										`${label('Turso', TursoColorway, color.black)} Failed to retrieve a valid database URL.`
+									);
+									ctx.prompt.log.error(StudioCMSColorwayError(`Invalid database URL: ${dbURL || 'undefined'}`));
+									
+									const manualURL = await ctx.prompt.text({
+										message: 'Enter your Turso database URL manually',
+										placeholder: 'libsql://your-database.turso.io',
+									});
+									
+									if (typeof manualURL === 'symbol') {
+										ctx.promptCancel(manualURL);
+									} else {
+										envBuilderOpts.astroDbRemoteUrl = manualURL || '';
+									}
+								} else {
+									envBuilderOpts.astroDbRemoteUrl = dbURL;
+								}
+
+								if (!dbToken || dbToken.length < 10) {
+									tursoSetup.stop(
+										`${label('Turso', TursoColorway, color.black)} Failed to retrieve a valid token.`
+									);
+									ctx.prompt.log.error(StudioCMSColorwayError(`Invalid database token: ${dbToken ? 'too short' : 'undefined'}`));
+									
+									const manualToken = await ctx.prompt.text({
+										message: 'Enter your Turso database token manually',
+										placeholder: 'eyJh...Nzc2',
+									});
+									
+									if (typeof manualToken === 'symbol') {
+										ctx.promptCancel(manualToken);
+									} else {
+										envBuilderOpts.astroDbToken = manualToken || '';
+									}
+								} else {
+									envBuilderOpts.astroDbToken = dbToken;
+								}
+
+								// Verify credentials with a simple test connection
+								if (envBuilderOpts.astroDbRemoteUrl && envBuilderOpts.astroDbToken) {
+									tursoSetup.message(
+										`${label('Turso', TursoColorway, color.black)} Verifying database connection...`
+									);
+									
+									try {
+										// Test connection using curl (doesn't require additional dependencies)
+										const connectionTest = await runShellCommand(
+											`curl -s -o /dev/null -w "%{http_code}" ${envBuilderOpts.astroDbRemoteUrl}/health -H "Authorization: Bearer ${envBuilderOpts.astroDbToken}"`
+										);
+										
+										const statusCode = Number.parseInt(connectionTest.trim(), 10);
+										
+										if (statusCode >= 200 && statusCode < 300) {
+											ctx.debug && ctx.logger.debug(`Database connection successful: ${statusCode}`);
+										} else {
+											ctx.debug && ctx.logger.debug(`Database connection failed: ${statusCode}`);
+											ctx.prompt.log.warn(
+												`${label('Warning', StudioCMSColorwayWarnBg, color.black)} Could not verify database connection. Status: ${statusCode}`
+											);
+											
+											const confirmContinue = await ctx.prompt.confirm({
+												message: 'Continue with these credentials anyway?',
+												initialValue: true,
+											});
+											
+											if (typeof confirmContinue === 'symbol') {
+												ctx.promptCancel(confirmContinue);
+											} else if (!confirmContinue) {
+												// If user doesn't want to continue with unverified credentials, ask for new ones
+												const newCredentials = await ctx.prompt.group(
+													{
+														astroDbRemoteUrl: () =>
+															ctx.prompt.text({
+																message: 'Remote URL for AstroDB',
+																initialValue: envBuilderOpts.astroDbRemoteUrl || 'libsql://your-database.turso.io',
+															}),
+														astroDbToken: () =>
+															ctx.prompt.text({
+																message: 'AstroDB Token',
+																initialValue: '',
+															}),
+													},
+													{
+														onCancel: () => ctx.promptOnCancel(),
+													}
+												);
+												
+												envBuilderOpts.astroDbRemoteUrl = newCredentials.astroDbRemoteUrl || '';
+												envBuilderOpts.astroDbToken = newCredentials.astroDbToken || '';
+											}
+										}
+									} catch (error) {
+										ctx.debug && ctx.logger.debug(`Database connection test error: ${error instanceof Error ? error.message : 'unknown error'}`);
+										ctx.prompt.log.warn(
+											`${label('Warning', StudioCMSColorwayWarnBg, color.black)} Could not verify database connection due to an error.`
+										);
+									}
+								}
 
 								tursoSetup.stop(
 									`${label('Turso', TursoColorway, color.black)} Database setup complete. New Database: ${dbFinalName}`
@@ -312,7 +411,100 @@ export async function env(
 
 					ctx.debug && ctx.logger.debug(`AstroDB setup: ${envBuilderStep_AstroDB}`);
 
-					envBuilderOpts = { ...envBuilderStep_AstroDB };
+					// Validate the manually entered credentials
+					let dbUrl = envBuilderStep_AstroDB.astroDbRemoteUrl || '';
+					let dbToken = envBuilderStep_AstroDB.astroDbToken || '';
+					
+					// Check URL format
+					if (!dbUrl.startsWith('libsql://') && dbUrl !== '') {
+						ctx.prompt.log.warn(
+							`${label('Warning', StudioCMSColorwayWarnBg, color.black)} The database URL should start with 'libsql://'.`
+						);
+						
+						const fixUrl = await ctx.prompt.confirm({
+							message: 'Would you like to prepend "libsql://" to your URL?',
+							initialValue: true,
+						});
+						
+						if (typeof fixUrl === 'symbol') {
+							ctx.promptCancel(fixUrl);
+						} else if (fixUrl) {
+							dbUrl = `libsql://${dbUrl}`;
+						}
+					}
+					
+					// Verify the credentials with a connection test
+					if (dbUrl && dbToken && dbToken !== 'your-astrodb-token') {
+						const verifyConnection = await ctx.prompt.confirm({
+							message: 'Would you like to verify these credentials?',
+							initialValue: true,
+						});
+						
+						if (typeof verifyConnection === 'symbol') {
+							ctx.promptCancel(verifyConnection);
+						} else if (verifyConnection) {
+							const connectionTestSpinner = ctx.prompt.spinner();
+							connectionTestSpinner.start(`${label('Turso', TursoColorway, color.black)} Verifying database connection...`);
+							
+							try {
+								// Test connection using curl (doesn't require additional dependencies)
+								const connectionTest = await runShellCommand(
+									`curl -s -o /dev/null -w "%{http_code}" ${dbUrl}/health -H "Authorization: Bearer ${dbToken}"`
+								);
+								
+								const statusCode = Number.parseInt(connectionTest.trim(), 10);
+								
+								if (statusCode >= 200 && statusCode < 300) {
+									connectionTestSpinner.stop(`${label('Turso', TursoColorway, color.black)} Connection successful!`);
+								} else {
+									connectionTestSpinner.stop(`${label('Turso', TursoColorway, color.black)} Connection failed (${statusCode}).`);
+									ctx.prompt.log.warn(
+										`${label('Warning', StudioCMSColorwayWarnBg, color.black)} Could not verify database connection. Status: ${statusCode}`
+									);
+									
+									const retryCredentials = await ctx.prompt.confirm({
+										message: 'Would you like to enter different credentials?',
+										initialValue: true,
+									});
+									
+									if (typeof retryCredentials === 'symbol') {
+										ctx.promptCancel(retryCredentials);
+									} else if (retryCredentials) {
+										const newCredentials = await ctx.prompt.group(
+											{
+												astroDbRemoteUrl: () =>
+													ctx.prompt.text({
+														message: 'Remote URL for AstroDB',
+														initialValue: dbUrl,
+													}),
+												astroDbToken: () =>
+													ctx.prompt.text({
+														message: 'AstroDB Token',
+														initialValue: '',
+													}),
+											},
+											{
+												onCancel: () => ctx.promptOnCancel(),
+											}
+										);
+										
+										dbUrl = newCredentials.astroDbRemoteUrl || '';
+										dbToken = newCredentials.astroDbToken || '';
+									}
+								}
+							} catch (error) {
+								connectionTestSpinner.stop(`${label('Turso', TursoColorway, color.black)} Connection test failed.`);
+								ctx.debug && ctx.logger.debug(`Database connection test error: ${error instanceof Error ? error.message : 'unknown error'}`);
+								ctx.prompt.log.warn(
+									`${label('Warning', StudioCMSColorwayWarnBg, color.black)} Could not verify database connection due to an error.`
+								);
+							}
+						}
+					}
+					
+					// Save the validated credentials
+					envBuilderOpts.astroDbRemoteUrl = dbUrl;
+					envBuilderOpts.astroDbToken = dbToken;
 				}
 			}
 
@@ -344,7 +536,18 @@ export async function env(
 
 			ctx.debug && ctx.logger.debug(`Environment Builder Step 1: ${envBuilderStep1}`);
 
-			envBuilderOpts = { ...envBuilderStep1 };
+			// Preserve AstroDB URL and token while merging
+			const previousDbValues = {
+				astroDbRemoteUrl: envBuilderOpts.astroDbRemoteUrl,
+				astroDbToken: envBuilderOpts.astroDbToken
+			};
+			
+			envBuilderOpts = { 
+				...envBuilderOpts,
+				...envBuilderStep1,
+				astroDbRemoteUrl: previousDbValues.astroDbRemoteUrl || '',
+				astroDbToken: previousDbValues.astroDbToken || ''
+			};
 
 			if (envBuilderStep1.oAuthOptions.includes('github')) {
 				const githubOAuth = await ctx.prompt.group(
diff --git a/package/tests/env-builder.test.ts b/package/tests/env-builder.test.ts
@@ -121,4 +121,19 @@ describe('Environment Builder Configuration', () => {
 		expect(envWithMultiple).toContain('CMS_ENCRYPTION_KEY="test-encryption-key"');
 		expect(envWithMultiple).toContain('CMS_CLOUDINARY_CLOUDNAME="demo"');
 	});
+
+	it('handles undefined AstroDB values correctly', () => {
+		// Test with undefined AstroDB values
+		const envWithUndefinedValues = buildEnvFile({
+			encryptionKey: 'test-encryption-key',
+			oAuthOptions: [],
+			// Deliberately omit astroDbRemoteUrl and astroDbToken
+		});
+
+		// Verify the environment values are empty strings, not "undefined"
+		expect(envWithUndefinedValues).toContain('ASTRO_DB_REMOTE_URL=');
+		expect(envWithUndefinedValues).toContain('ASTRO_DB_APP_TOKEN=');
+		expect(envWithUndefinedValues).not.toContain('ASTRO_DB_REMOTE_URL=undefined');
+		expect(envWithUndefinedValues).not.toContain('ASTRO_DB_APP_TOKEN=undefined');
+	});
 });
diff --git a/package/tests/fixtures/not-empty/git.json b/package/tests/fixtures/not-empty/git.json
@@ -1 +1 @@
-{}
+{}

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +---
 +"create-studiocms": patch
 +---
++
 +Fixes undefined Turso DB credentials in environment files and add validation