CRUD Operations

The Store wire provides generic CRUD (Create, Read, Update, Delete) operations on any MongoDB collection via both a programmatic API and REST endpoints.

Programmatic API

Create

const product = await app.store.create("products", {
  name: "Widget",
  price: 9.99,
  tags: ["electronics", "gadgets"],
});

console.log(product._id); // Auto-generated ObjectId

Find

// Find all
const products = await app.store.find("products");

// Find with filters
const cheap = await app.store.find("products", {
  filter: { price: { $lte: 20 } },
  sort: { price: 1 },
  limit: 10,
  offset: 0,
});

// Find one by ID
const product = await app.store.findById("products", productId);

Update

const updated = await app.store.update("products", productId, {
  price: 14.99,
  updatedAt: new Date(),
});

Delete

await app.store.delete("products", productId);

Count

const total = await app.store.count("products", {
  price: { $gte: 10 },
});

REST API

Create a Document

curl -X POST http://localhost:3000/store/products \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer eyJhbGci..." \
  -d '{
    "name": "Widget",
    "price": 9.99,
    "tags": ["electronics"]
  }'

Response (201):

{
  "_id": "65a1b2c3d4e5f6a7b8c9d0e1",
  "name": "Widget",
  "price": 9.99,
  "tags": ["electronics"],
  "createdAt": "2025-01-15T10:30:00.000Z"
}

List Documents

curl "http://localhost:3000/store/products?limit=10&sort=-price" \
  -H "Authorization: Bearer eyJhbGci..."

Param	Type	Default	Description
`limit`	`number`	`20`	Results per page
`offset`	`number`	`0`	Pagination offset
`sort`	`string`	`-createdAt`	Sort field (prefix `-` for descending)
`filter`	`string`	--	JSON-encoded MongoDB filter

Response (200):

{
  "data": [
    { "_id": "...", "name": "Widget", "price": 9.99 }
  ],
  "total": 42,
  "limit": 10,
  "offset": 0
}

Get a Document

curl http://localhost:3000/store/products/65a1b2c3d4e5f6a7b8c9d0e1 \
  -H "Authorization: Bearer eyJhbGci..."

Update a Document

curl -X PUT http://localhost:3000/store/products/65a1b2c3d4e5f6a7b8c9d0e1 \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer eyJhbGci..." \
  -d '{"price": 14.99}'

Delete a Document

curl -X DELETE http://localhost:3000/store/products/65a1b2c3d4e5f6a7b8c9d0e1 \
  -H "Authorization: Bearer eyJhbGci..."

Response (200):

{
  "deleted": true
}

Collection Access Control

You can restrict which collections are accessible via the REST API:

store({
  crud: {
    // Only these collections are accessible via REST
    allowedCollections: ["products", "categories", "reviews"],
    // Or block specific collections
    blockedCollections: ["auth_users", "auth_sessions"],
  },
});

Schema Validation

Define schemas for collections to validate data before writing:

import { Schema } from "@fluxkitdev/core";

store({
  crud: {
    schemas: {
      products: Schema.object({
        name: Schema.string().min(1).max(200).required(),
        price: Schema.number().min(0).required(),
        tags: Schema.array(Schema.string()).optional(),
      }),
    },
  },
});

Invalid data is rejected with a 400 response before it reaches the database.

Programmatic API​

Create​

Find​

Update​

Delete​

Count​

REST API​

Create a Document​

List Documents​

Get a Document​

Update a Document​

Delete a Document​

Collection Access Control​

Schema Validation​