feat(dao): Implement comprehensive DAO layer (#308)

Co-authored-by: samanhappy@qq.com <my6051199>

docs/dao-implementation-summary.md

@@ -0,0 +1,210 @@
+# MCPHub DAO Layer 实现总结
+
+## 项目概述
+
+本次开发为MCPHub项目引入了独立的数据访问对象(DAO)层，用于管理`mcp_settings.json`中的不同类型数据的增删改查操作。
+
+## 已实现的功能
+
+### 1. 核心DAO层架构
+
+#### 基础架构
+- **BaseDao.ts**: 定义了通用的CRUD接口和抽象实现
+- **JsonFileBaseDao.ts**: 提供JSON文件操作的基础类，包含缓存机制
+- **DaoFactory.ts**: 工厂模式实现，提供DAO实例的创建和管理
+
+#### 具体DAO实现
+1. **UserDao**: 用户数据管理
+   - 用户创建（含密码哈希）
+   - 密码验证
+   - 权限管理
+   - 管理员查询
+
+2. **ServerDao**: 服务器配置管理
+   - 服务器CRUD操作
+   - 按所有者/类型/状态查询
+   - 工具和提示配置管理
+   - 启用/禁用控制
+
+3. **GroupDao**: 群组管理
+   - 群组CRUD操作
+   - 服务器成员管理
+   - 按所有者查询
+   - 群组-服务器关系管理
+
+4. **SystemConfigDao**: 系统配置管理
+   - 系统级配置的读取和更新
+   - 分段配置管理
+   - 配置重置功能
+
+5. **UserConfigDao**: 用户个人配置管理
+   - 用户个人配置的CRUD操作
+   - 分段配置管理
+   - 批量配置查询
+
+### 2. 配置服务集成
+
+#### DaoConfigService
+- 使用DAO层重新实现配置加载和保存
+- 支持用户权限过滤
+- 提供配置合并和验证功能
+
+#### ConfigManager
+- 双模式支持：传统文件方式 + 新DAO层
+- 运行时切换机制
+- 环境变量控制 (`USE_DAO_LAYER`)
+- 迁移工具集成
+
+### 3. 迁移和验证工具
+
+#### 迁移功能
+- 从传统JSON文件格式迁移到DAO层
+- 数据完整性验证
+- 性能对比分析
+- 迁移报告生成
+
+#### 测试工具
+- DAO操作完整性测试
+- 示例数据生成和清理
+- 性能基准测试
+
+## 文件结构
+
+```
+src/
+├── dao/                          # DAO层核心
+│   ├── base/
+│   │   ├── BaseDao.ts           # 基础DAO接口
+│   │   └── JsonFileBaseDao.ts   # JSON文件基础类
+│   ├── UserDao.ts               # 用户数据访问
+│   ├── ServerDao.ts             # 服务器配置访问
+│   ├── GroupDao.ts              # 群组数据访问
+│   ├── SystemConfigDao.ts       # 系统配置访问
+│   ├── UserConfigDao.ts         # 用户配置访问
+│   ├── DaoFactory.ts            # DAO工厂
+│   ├── examples.ts              # 使用示例
+│   └── index.ts                 # 统一导出
+├── config/
+│   ├── DaoConfigService.ts      # DAO配置服务
+│   ├── configManager.ts         # 配置管理器
+│   └── migrationUtils.ts        # 迁移工具
+├── scripts/
+│   └── dao-demo.ts              # 演示脚本
+└── docs/
+    └── dao-layer.md             # 详细文档
+```
+
+## 主要特性
+
+### 1. 类型安全
+- 完整的TypeScript类型定义
+- 编译时类型检查
+- 接口约束和验证
+
+### 2. 模块化设计
+- 每种数据类型独立的DAO
+- 清晰的关注点分离
+- 可插拔的实现方式
+
+### 3. 缓存机制
+- JSON文件读取缓存
+- 文件修改时间检测
+- 缓存失效和刷新
+
+### 4. 向后兼容
+- 保持现有API不变
+- 支持传统和DAO双模式
+- 平滑迁移路径
+
+### 5. 未来扩展性
+- 数据库切换准备
+- 新数据类型支持
+- 复杂查询能力
+
+## 使用方法
+
+### 启用DAO层
+```bash
+# 环境变量配置
+export USE_DAO_LAYER=true
+```
+
+### 基本操作示例
+```typescript
+import { getUserDao, getServerDao } from './dao/index.js';
+
+// 用户操作
+const userDao = getUserDao();
+await userDao.createWithHashedPassword('admin', 'password', true);
+const user = await userDao.findByUsername('admin');
+
+// 服务器操作
+const serverDao = getServerDao();
+await serverDao.create({
+  name: 'my-server',
+  command: 'node',
+  args: ['server.js']
+});
+```
+
+### 迁移操作
+```typescript
+import { migrateToDao, validateMigration } from './config/configManager.js';
+
+// 执行迁移
+await migrateToDao();
+
+// 验证迁移
+await validateMigration();
+```
+
+## 依赖包
+
+新增的依赖包：
+- `bcrypt`: 用户密码哈希
+- `@types/bcrypt`: bcrypt类型定义
+- `uuid`: UUID生成（群组ID）
+- `@types/uuid`: uuid类型定义
+
+## 测试状态
+
+✅ **编译测试**: 项目成功编译，无TypeScript错误
+✅ **类型检查**: 所有类型定义正确
+✅ **依赖安装**: 必要依赖包已安装
+⏳ **运行时测试**: 需要在实际环境中测试
+⏳ **迁移测试**: 需要使用真实数据测试迁移
+
+## 下一步计划
+
+### 短期目标
+1. 在开发环境中测试DAO层功能
+2. 完善错误处理和边界情况
+3. 添加更多单元测试
+4. 性能优化和监控
+
+### 中期目标
+1. 集成到现有业务逻辑中
+2. 提供Web界面的DAO层管理
+3. 添加数据备份和恢复功能
+4. 实现配置版本控制
+
+### 长期目标
+1. 实现数据库后端支持
+2. 添加分布式配置管理
+3. 实现实时配置同步
+4. 支持配置审计和日志
+
+## 优势总结
+
+通过引入DAO层，MCPHub获得了以下优势：
+
+1. **🏗️ 架构清晰**: 数据访问逻辑与业务逻辑分离
+2. **🔄 易于扩展**: 为未来数据库支持做好准备
+3. **🧪 便于测试**: 接口可以轻松模拟和单元测试
+4. **🔒 类型安全**: 完整的TypeScript类型支持
+5. **⚡ 性能优化**: 内置缓存和批量操作
+6. **🛡️ 数据完整性**: 强制数据验证和约束
+7. **📦 模块化**: 每种数据类型独立管理
+8. **🔧 可维护性**: 代码结构清晰，易于维护
+
+这个DAO层的实现为MCPHub项目提供了坚实的数据管理基础，支持项目的长期发展和扩展需求。

docs/dao-layer.md

@@ -0,0 +1,254 @@
+# MCPHub DAO Layer 设计文档
+
+## 概述
+
+MCPHub的数据访问对象(DAO)层为项目中`mcp_settings.json`文件中的不同数据类型提供了统一的增删改查操作接口。这个设计使得未来从JSON文件存储切换到数据库存储变得更加容易。
+
+## 架构设计
+
+### 核心组件
+
+```
+src/dao/
+├── base/
+│   ├── BaseDao.ts          # 基础DAO接口和抽象实现
+│   └── JsonFileBaseDao.ts  # JSON文件操作的基础类
+├── UserDao.ts              # 用户数据访问对象
+├── ServerDao.ts            # 服务器配置数据访问对象
+├── GroupDao.ts             # 群组数据访问对象
+├── SystemConfigDao.ts      # 系统配置数据访问对象
+├── UserConfigDao.ts        # 用户配置数据访问对象
+├── DaoFactory.ts           # DAO工厂类
+├── examples.ts             # 使用示例
+└── index.ts               # 统一导出
+```
+
+### 数据类型映射
+
+| 数据类型 | 原始位置 | DAO类 | 主要功能 |
+|---------|---------|-------|---------|
+| IUser | `settings.users[]` | UserDao | 用户管理、密码验证、权限控制 |
+| ServerConfig | `settings.mcpServers{}` | ServerDao | 服务器配置、启用/禁用、工具管理 |
+| IGroup | `settings.groups[]` | GroupDao | 群组管理、服务器分组、成员管理 |
+| SystemConfig | `settings.systemConfig` | SystemConfigDao | 系统级配置、路由设置、安装配置 |
+| UserConfig | `settings.userConfigs{}` | UserConfigDao | 用户个人配置 |
+
+## 主要特性
+
+### 1. 统一的CRUD接口
+
+所有DAO都实现了基础的CRUD操作：
+
+```typescript
+interface BaseDao<T, K = string> {
+  findAll(): Promise<T[]>;
+  findById(id: K): Promise<T | null>;
+  create(entity: Omit<T, 'id'>): Promise<T>;
+  update(id: K, entity: Partial<T>): Promise<T | null>;
+  delete(id: K): Promise<boolean>;
+  exists(id: K): Promise<boolean>;
+  count(): Promise<number>;
+}
+```
+
+### 2. 特定业务操作
+
+每个DAO还提供了针对其数据类型的特定操作：
+
+#### UserDao 特殊功能
+- `createWithHashedPassword()` - 创建用户时自动哈希密码
+- `validateCredentials()` - 验证用户凭据
+- `updatePassword()` - 更新用户密码
+- `findAdmins()` - 查找管理员用户
+
+#### ServerDao 特殊功能
+- `findByOwner()` - 按所有者查找服务器
+- `findEnabled()` - 查找启用的服务器
+- `findByType()` - 按类型查找服务器
+- `setEnabled()` - 启用/禁用服务器
+- `updateTools()` - 更新服务器工具配置
+
+#### GroupDao 特殊功能
+- `findByOwner()` - 按所有者查找群组
+- `findByServer()` - 查找包含特定服务器的群组
+- `addServerToGroup()` - 向群组添加服务器
+- `removeServerFromGroup()` - 从群组移除服务器
+- `findByName()` - 按名称查找群组
+
+### 3. 配置管理特殊功能
+
+#### SystemConfigDao
+- `getSection()` - 获取特定配置段
+- `updateSection()` - 更新特定配置段
+- `reset()` - 重置为默认配置
+
+#### UserConfigDao
+- `getSection()` - 获取用户特定配置段
+- `updateSection()` - 更新用户特定配置段
+- `getAll()` - 获取所有用户配置
+
+## 使用方法
+
+### 1. 基本使用
+
+```typescript
+import { getUserDao, getServerDao, getGroupDao } from './dao/index.js';
+
+// 用户操作
+const userDao = getUserDao();
+const newUser = await userDao.createWithHashedPassword('username', 'password', false);
+const user = await userDao.findByUsername('username');
+const isValid = await userDao.validateCredentials('username', 'password');
+
+// 服务器操作
+const serverDao = getServerDao();
+const server = await serverDao.create({
+  name: 'my-server',
+  command: 'node',
+  args: ['server.js'],
+  enabled: true
+});
+
+// 群组操作
+const groupDao = getGroupDao();
+const group = await groupDao.create({
+  name: 'my-group',
+  description: 'Test group',
+  servers: ['my-server']
+});
+```
+
+### 2. 配置服务集成
+
+```typescript
+import { DaoConfigService, createDaoConfigService } from './config/DaoConfigService.js';
+
+const daoService = createDaoConfigService();
+
+// 加载完整配置
+const settings = await daoService.loadSettings();
+
+// 保存配置
+await daoService.saveSettings(updatedSettings);
+```
+
+### 3. 迁移管理
+
+```typescript
+import { migrateToDao, switchToDao, switchToLegacy } from './config/configManager.js';
+
+// 迁移到DAO层
+const success = await migrateToDao();
+
+// 运行时切换
+switchToDao();      // 切换到DAO层
+switchToLegacy();   // 切换回传统方式
+```
+
+## 配置选项
+
+可以通过环境变量控制使用哪种数据访问方式：
+
+```bash
+# 使用DAO层 (推荐)
+USE_DAO_LAYER=true
+
+# 使用传统文件方式 (默认，向后兼容)
+USE_DAO_LAYER=false
+```
+
+## 未来扩展
+
+### 数据库支持
+
+DAO层的设计使得切换到数据库变得容易，只需要：
+
+1. 实现新的DAO实现类（如DatabaseUserDao）
+2. 创建新的DaoFactory
+3. 更新配置以使用新的工厂
+
+```typescript
+// 未来的数据库实现示例
+class DatabaseUserDao implements UserDao {
+  constructor(private db: Database) {}
+  
+  async findAll(): Promise<IUser[]> {
+    return this.db.query('SELECT * FROM users');
+  }
+  
+  // ... 其他方法
+}
+```
+
+### 新数据类型
+
+添加新数据类型只需要：
+
+1. 定义数据接口
+2. 创建对应的DAO接口和实现
+3. 更新DaoFactory
+4. 更新配置服务
+
+## 迁移指南
+
+### 从传统方式迁移到DAO层
+
+1. **备份数据**
+```bash
+cp mcp_settings.json mcp_settings.json.backup
+```
+
+2. **运行迁移**
+```typescript
+import { performMigration } from './config/migrationUtils.js';
+await performMigration();
+```
+
+3. **验证迁移**
+```typescript
+import { validateMigration } from './config/migrationUtils.js';
+const isValid = await validateMigration();
+```
+
+4. **切换到DAO层**
+```bash
+export USE_DAO_LAYER=true
+```
+
+### 性能对比
+
+可以使用内置工具对比性能：
+
+```typescript
+import { performanceComparison } from './config/migrationUtils.js';
+await performanceComparison();
+```
+
+## 最佳实践
+
+1. **类型安全**: 始终使用TypeScript接口确保类型安全
+2. **错误处理**: 在DAO操作周围实现适当的错误处理
+3. **事务**: 对于复杂操作，考虑使用事务（未来数据库实现）
+4. **缓存**: DAO层包含内置缓存机制
+5. **测试**: 使用DAO接口进行单元测试的模拟
+
+## 示例代码
+
+查看以下文件获取完整示例：
+
+- `src/dao/examples.ts` - 基本DAO操作示例
+- `src/config/migrationUtils.ts` - 迁移和验证工具
+- `src/scripts/dao-demo.ts` - 交互式演示脚本
+
+## 总结
+
+DAO层为MCPHub提供了：
+
+- 🏗️ **模块化设计**: 每种数据类型都有专门的访问层
+- 🔄 **易于迁移**: 为未来切换到数据库做好准备
+- 🧪 **可测试性**: 接口可以轻松模拟和测试
+- 🔒 **类型安全**: 完整的TypeScript类型支持
+- ⚡ **性能优化**: 内置缓存和批量操作支持
+- 🛡️ **数据完整性**: 强制数据验证和约束
+
+通过引入DAO层，MCPHub的数据管理变得更加结构化、可维护和可扩展。

package.json

@@ -48,10 +48,12 @@
     "@apidevtools/swagger-parser": "^11.0.1",
     "@modelcontextprotocol/sdk": "^1.17.4",
     "@types/adm-zip": "^0.5.7",
+    "@types/bcrypt": "^6.0.0",
     "@types/multer": "^1.4.13",
     "@types/pg": "^8.15.5",
     "adm-zip": "^0.5.16",
     "axios": "^1.11.0",
+    "bcrypt": "^6.0.0",
     "bcryptjs": "^3.0.2",
     "cors": "^2.8.5",
     "dotenv": "^16.6.1",

pnpm-lock.yaml

@@ -21,6 +21,9 @@ importers:
       '@types/adm-zip':
         specifier: ^0.5.7
         version: 0.5.7
+      '@types/bcrypt':
+        specifier: ^6.0.0
+        version: 6.0.0
       '@types/multer':
         specifier: ^1.4.13
         version: 1.4.13
@@ -33,6 +36,9 @@ importers:
       axios:
         specifier: ^1.11.0
         version: 1.11.0
+      bcrypt:
+        specifier: ^6.0.0
+        version: 6.0.0
       bcryptjs:
         specifier: ^3.0.2
         version: 3.0.2
@@ -660,78 +666,92 @@ packages:
     resolution: {integrity: sha512-RXwd0CgG+uPRX5YYrkzKyalt2OJYRiJQ8ED/fi1tq9WQW2jsQIn0tqrlR5l5dr/rjqq6AHAxURhj2DVjyQWSOA==}
     cpu: [arm64]
     os: [linux]
+    libc: [glibc]
 
   '@img/sharp-libvips-linux-arm@1.2.0':
     resolution: {integrity: sha512-mWd2uWvDtL/nvIzThLq3fr2nnGfyr/XMXlq8ZJ9WMR6PXijHlC3ksp0IpuhK6bougvQrchUAfzRLnbsen0Cqvw==}
     cpu: [arm]
     os: [linux]
+    libc: [glibc]
 
   '@img/sharp-libvips-linux-ppc64@1.2.0':
     resolution: {integrity: sha512-Xod/7KaDDHkYu2phxxfeEPXfVXFKx70EAFZ0qyUdOjCcxbjqyJOEUpDe6RIyaunGxT34Anf9ue/wuWOqBW2WcQ==}
     cpu: [ppc64]
     os: [linux]
+    libc: [glibc]
 
   '@img/sharp-libvips-linux-s390x@1.2.0':
     resolution: {integrity: sha512-eMKfzDxLGT8mnmPJTNMcjfO33fLiTDsrMlUVcp6b96ETbnJmd4uvZxVJSKPQfS+odwfVaGifhsB07J1LynFehw==}
     cpu: [s390x]
     os: [linux]
+    libc: [glibc]
 
   '@img/sharp-libvips-linux-x64@1.2.0':
     resolution: {integrity: sha512-ZW3FPWIc7K1sH9E3nxIGB3y3dZkpJlMnkk7z5tu1nSkBoCgw2nSRTFHI5pB/3CQaJM0pdzMF3paf9ckKMSE9Tg==}
     cpu: [x64]
     os: [linux]
+    libc: [glibc]
 
   '@img/sharp-libvips-linuxmusl-arm64@1.2.0':
     resolution: {integrity: sha512-UG+LqQJbf5VJ8NWJ5Z3tdIe/HXjuIdo4JeVNADXBFuG7z9zjoegpzzGIyV5zQKi4zaJjnAd2+g2nna8TZvuW9Q==}
     cpu: [arm64]
     os: [linux]
+    libc: [musl]
 
   '@img/sharp-libvips-linuxmusl-x64@1.2.0':
     resolution: {integrity: sha512-SRYOLR7CXPgNze8akZwjoGBoN1ThNZoqpOgfnOxmWsklTGVfJiGJoC/Lod7aNMGA1jSsKWM1+HRX43OP6p9+6Q==}
     cpu: [x64]
     os: [linux]
+    libc: [musl]
 
   '@img/sharp-linux-arm64@0.34.3':
     resolution: {integrity: sha512-QdrKe3EvQrqwkDrtuTIjI0bu6YEJHTgEeqdzI3uWJOH6G1O8Nl1iEeVYRGdj1h5I21CqxSvQp1Yv7xeU3ZewbA==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
     cpu: [arm64]
     os: [linux]
+    libc: [glibc]
 
   '@img/sharp-linux-arm@0.34.3':
     resolution: {integrity: sha512-oBK9l+h6KBN0i3dC8rYntLiVfW8D8wH+NPNT3O/WBHeW0OQWCjfWksLUaPidsrDKpJgXp3G3/hkmhptAW0I3+A==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
     cpu: [arm]
     os: [linux]
+    libc: [glibc]
 
   '@img/sharp-linux-ppc64@0.34.3':
     resolution: {integrity: sha512-GLtbLQMCNC5nxuImPR2+RgrviwKwVql28FWZIW1zWruy6zLgA5/x2ZXk3mxj58X/tszVF69KK0Is83V8YgWhLA==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
     cpu: [ppc64]
     os: [linux]
+    libc: [glibc]
 
   '@img/sharp-linux-s390x@0.34.3':
     resolution: {integrity: sha512-3gahT+A6c4cdc2edhsLHmIOXMb17ltffJlxR0aC2VPZfwKoTGZec6u5GrFgdR7ciJSsHT27BD3TIuGcuRT0KmQ==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
     cpu: [s390x]
     os: [linux]
+    libc: [glibc]
 
   '@img/sharp-linux-x64@0.34.3':
     resolution: {integrity: sha512-8kYso8d806ypnSq3/Ly0QEw90V5ZoHh10yH0HnrzOCr6DKAPI6QVHvwleqMkVQ0m+fc7EH8ah0BB0QPuWY6zJQ==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
     cpu: [x64]
     os: [linux]
+    libc: [glibc]
 
   '@img/sharp-linuxmusl-arm64@0.34.3':
     resolution: {integrity: sha512-vAjbHDlr4izEiXM1OTggpCcPg9tn4YriK5vAjowJsHwdBIdx0fYRsURkxLG2RLm9gyBq66gwtWI8Gx0/ov+JKQ==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
     cpu: [arm64]
     os: [linux]
+    libc: [musl]
 
   '@img/sharp-linuxmusl-x64@0.34.3':
     resolution: {integrity: sha512-gCWUn9547K5bwvOn9l5XGAEjVTTRji4aPTqLzGXHvIr6bIDZKNTA34seMPgM0WmSf+RYBH411VavCejp3PkOeQ==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
     cpu: [x64]
     os: [linux]
+    libc: [musl]
 
   '@img/sharp-wasm32@0.34.3':
     resolution: {integrity: sha512-+CyRcpagHMGteySaWos8IbnXcHgfDn7pO2fiC2slJxvNq9gDipYBN42/RagzctVRKgxATmfqOSulgZv5e1RdMg==}
@@ -909,24 +929,28 @@ packages:
     engines: {node: '>= 10'}
     cpu: [arm64]
     os: [linux]
+    libc: [glibc]
 
   '@next/swc-linux-arm64-musl@15.5.0':
     resolution: {integrity: sha512-biWqIOE17OW/6S34t1X8K/3vb1+svp5ji5QQT/IKR+VfM3B7GvlCwmz5XtlEan2ukOUf9tj2vJJBffaGH4fGRw==}
     engines: {node: '>= 10'}
     cpu: [arm64]
     os: [linux]
+    libc: [musl]
 
   '@next/swc-linux-x64-gnu@15.5.0':
     resolution: {integrity: sha512-zPisT+obYypM/l6EZ0yRkK3LEuoZqHaSoYKj+5jiD9ESHwdr6QhnabnNxYkdy34uCigNlWIaCbjFmQ8FY5AlxA==}
     engines: {node: '>= 10'}
     cpu: [x64]
     os: [linux]
+    libc: [glibc]
 
   '@next/swc-linux-x64-musl@15.5.0':
     resolution: {integrity: sha512-+t3+7GoU9IYmk+N+FHKBNFdahaReoAktdOpXHFIPOU1ixxtdge26NgQEEkJkCw2dHT9UwwK5zw4mAsURw4E8jA==}
     engines: {node: '>= 10'}
     cpu: [x64]
     os: [linux]
+    libc: [musl]
 
   '@next/swc-win32-arm64-msvc@15.5.0':
     resolution: {integrity: sha512-d8MrXKh0A+c9DLiy1BUFwtg3Hu90Lucj3k6iKTUdPOv42Ve2UiIG8HYi3UAb8kFVluXxEfdpCoPPCSODk5fDcw==}
@@ -1140,56 +1164,67 @@ packages:
     resolution: {integrity: sha512-JWnrj8qZgLWRNHr7NbpdnrQ8kcg09EBBq8jVOjmtlB3c8C6IrynAJSMhMVGME4YfTJzIkJqvSUSVJRqkDnu/aA==}
     cpu: [arm]
     os: [linux]
+    libc: [glibc]
 
   '@rollup/rollup-linux-arm-musleabihf@4.48.0':
     resolution: {integrity: sha512-9xu92F0TxuMH0tD6tG3+GtngwdgSf8Bnz+YcsPG91/r5Vgh5LNofO48jV55priA95p3c92FLmPM7CvsVlnSbGQ==}
     cpu: [arm]
     os: [linux]
+    libc: [musl]
 
   '@rollup/rollup-linux-arm64-gnu@4.48.0':
     resolution: {integrity: sha512-NLtvJB5YpWn7jlp1rJiY0s+G1Z1IVmkDuiywiqUhh96MIraC0n7XQc2SZ1CZz14shqkM+XN2UrfIo7JB6UufOA==}
     cpu: [arm64]
     os: [linux]
+    libc: [glibc]
 
   '@rollup/rollup-linux-arm64-musl@4.48.0':
     resolution: {integrity: sha512-QJ4hCOnz2SXgCh+HmpvZkM+0NSGcZACyYS8DGbWn2PbmA0e5xUk4bIP8eqJyNXLtyB4gZ3/XyvKtQ1IFH671vQ==}
     cpu: [arm64]
     os: [linux]
+    libc: [musl]
 
   '@rollup/rollup-linux-loongarch64-gnu@4.48.0':
     resolution: {integrity: sha512-Pk0qlGJnhILdIC5zSKQnprFjrGmjfDM7TPZ0FKJxRkoo+kgMRAg4ps1VlTZf8u2vohSicLg7NP+cA5qE96PaFg==}
     cpu: [loong64]
     os: [linux]
+    libc: [glibc]
 
   '@rollup/rollup-linux-ppc64-gnu@4.48.0':
     resolution: {integrity: sha512-/dNFc6rTpoOzgp5GKoYjT6uLo8okR/Chi2ECOmCZiS4oqh3mc95pThWma7Bgyk6/WTEvjDINpiBCuecPLOgBLQ==}
     cpu: [ppc64]
     os: [linux]
+    libc: [glibc]
 
   '@rollup/rollup-linux-riscv64-gnu@4.48.0':
     resolution: {integrity: sha512-YBwXsvsFI8CVA4ej+bJF2d9uAeIiSkqKSPQNn0Wyh4eMDY4wxuSp71BauPjQNCKK2tD2/ksJ7uhJ8X/PVY9bHQ==}
     cpu: [riscv64]
     os: [linux]
+    libc: [glibc]
 
   '@rollup/rollup-linux-riscv64-musl@4.48.0':
     resolution: {integrity: sha512-FI3Rr2aGAtl1aHzbkBIamsQyuauYtTF9SDUJ8n2wMXuuxwchC3QkumZa1TEXYIv/1AUp1a25Kwy6ONArvnyeVQ==}
     cpu: [riscv64]
     os: [linux]
+    libc: [musl]
 
   '@rollup/rollup-linux-s390x-gnu@4.48.0':
     resolution: {integrity: sha512-Dx7qH0/rvNNFmCcIRe1pyQ9/H0XO4v/f0SDoafwRYwc2J7bJZ5N4CHL/cdjamISZ5Cgnon6iazAVRFlxSoHQnQ==}
     cpu: [s390x]
     os: [linux]
+    libc: [glibc]
 
   '@rollup/rollup-linux-x64-gnu@4.48.0':
     resolution: {integrity: sha512-GUdZKTeKBq9WmEBzvFYuC88yk26vT66lQV8D5+9TgkfbewhLaTHRNATyzpQwwbHIfJvDJ3N9WJ90wK/uR3cy3Q==}
     cpu: [x64]
     os: [linux]
+    libc: [glibc]
 
   '@rollup/rollup-linux-x64-musl@4.48.0':
     resolution: {integrity: sha512-ao58Adz/v14MWpQgYAb4a4h3fdw73DrDGtaiF7Opds5wNyEQwtO6M9dBh89nke0yoZzzaegq6J/EXs7eBebG8A==}
     cpu: [x64]
     os: [linux]
+    libc: [musl]
 
   '@rollup/rollup-win32-arm64-msvc@4.48.0':
     resolution: {integrity: sha512-kpFno46bHtjZVdRIOxqaGeiABiToo2J+st7Yce+aiAoo1H0xPi2keyQIP04n2JjDVuxBN6bSz9R6RdTK5hIppw==}
@@ -1251,24 +1286,28 @@ packages:
     engines: {node: '>=10'}
     cpu: [arm64]
     os: [linux]
+    libc: [glibc]
 
   '@swc/core-linux-arm64-musl@1.13.5':
     resolution: {integrity: sha512-9+ZxFN5GJag4CnYnq6apKTnnezpfJhCumyz0504/JbHLo+Ue+ZtJnf3RhyA9W9TINtLE0bC4hKpWi8ZKoETyOQ==}
     engines: {node: '>=10'}
     cpu: [arm64]
     os: [linux]
+    libc: [musl]
 
   '@swc/core-linux-x64-gnu@1.13.5':
     resolution: {integrity: sha512-WD530qvHrki8Ywt/PloKUjaRKgstQqNGvmZl54g06kA+hqtSE2FTG9gngXr3UJxYu/cNAjJYiBifm7+w4nbHbA==}
     engines: {node: '>=10'}
     cpu: [x64]
     os: [linux]
+    libc: [glibc]
 
   '@swc/core-linux-x64-musl@1.13.5':
     resolution: {integrity: sha512-Luj8y4OFYx4DHNQTWjdIuKTq2f5k6uSXICqx+FSabnXptaOBAbJHNbHT/06JZh6NRUouaf0mYXN0mcsqvkhd7Q==}
     engines: {node: '>=10'}
     cpu: [x64]
     os: [linux]
+    libc: [musl]
 
   '@swc/core-win32-arm64-msvc@1.13.5':
     resolution: {integrity: sha512-cZ6UpumhF9SDJvv4DA2fo9WIzlNFuKSkZpZmPG1c+4PFSEMy5DFOjBSllCvnqihCabzXzpn6ykCwBmHpy31vQw==}
@@ -1355,24 +1394,28 @@ packages:
     engines: {node: '>= 10'}
     cpu: [arm64]
     os: [linux]
+    libc: [glibc]
 
   '@tailwindcss/oxide-linux-arm64-musl@4.1.12':
     resolution: {integrity: sha512-V8pAM3s8gsrXcCv6kCHSuwyb/gPsd863iT+v1PGXC4fSL/OJqsKhfK//v8P+w9ThKIoqNbEnsZqNy+WDnwQqCA==}
     engines: {node: '>= 10'}
     cpu: [arm64]
     os: [linux]
+    libc: [musl]
 
   '@tailwindcss/oxide-linux-x64-gnu@4.1.12':
     resolution: {integrity: sha512-xYfqYLjvm2UQ3TZggTGrwxjYaLB62b1Wiysw/YE3Yqbh86sOMoTn0feF98PonP7LtjsWOWcXEbGqDL7zv0uW8Q==}
     engines: {node: '>= 10'}
     cpu: [x64]
     os: [linux]
+    libc: [glibc]
 
   '@tailwindcss/oxide-linux-x64-musl@4.1.12':
     resolution: {integrity: sha512-ha0pHPamN+fWZY7GCzz5rKunlv9L5R8kdh+YNvP5awe3LtuXb5nRi/H27GeL2U+TdhDOptU7T6Is7mdwh5Ar3A==}
     engines: {node: '>= 10'}
     cpu: [x64]
     os: [linux]
+    libc: [musl]
 
   '@tailwindcss/oxide-wasm32-wasi@4.1.12':
     resolution: {integrity: sha512-4tSyu3dW+ktzdEpuk6g49KdEangu3eCYoqPhWNsZgUhyegEda3M9rG0/j1GV/JjVVsj+lG7jWAyrTlLzd/WEBg==}
@@ -1437,6 +1480,9 @@ packages:
   '@types/babel__traverse@7.28.0':
     resolution: {integrity: sha512-8PvcXf70gTDZBgt9ptxJ8elBeBjcLOAcOtoO/mPJjtji1+CdGbHgm77om1GrsPxsiE+uXIpNSK64UYaIwQXd4Q==}
 
+  '@types/bcrypt@6.0.0':
+    resolution: {integrity: sha512-/oJGukuH3D2+D+3H4JWLaAsJ/ji86dhRidzZ/Od7H/i8g+aCmvkeCc6Ni/f9uxGLSQVCRZkX2/lqEFG2BvWtlQ==}
+
   '@types/bcryptjs@3.0.0':
     resolution: {integrity: sha512-WRZOuCuaz8UcZZE4R5HXTco2goQSI2XxjGY3hbM/xDvwmqFWd4ivooImsMx65OKM6CtNKbnZ5YL+YwAwK7c1dg==}
     deprecated: This is a stub types definition. bcryptjs provides its own type definitions, so you do not need this installed.
@@ -1778,6 +1824,10 @@ packages:
   base64-js@1.5.1:
     resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==}
 
+  bcrypt@6.0.0:
+    resolution: {integrity: sha512-cU8v/EGSrnH+HnxV2z0J7/blxH8gq7Xh2JFT6Aroax7UohdmiJJlxApMxtKfuI7z68NvvVcmR78k2LbT6efhRg==}
+    engines: {node: '>= 18'}
+
   bcryptjs@3.0.2:
     resolution: {integrity: sha512-k38b3XOZKv60C4E2hVsXTolJWfkGRMbILBIe2IBITXciy5bOsTKot5kDrf3ZfufQtQOUN5mXceUEpU1rTl9Uog==}
     hasBin: true
@@ -2937,24 +2987,28 @@ packages:
     engines: {node: '>= 12.0.0'}
     cpu: [arm64]
     os: [linux]
+    libc: [glibc]
 
   lightningcss-linux-arm64-musl@1.30.1:
     resolution: {integrity: sha512-jmUQVx4331m6LIX+0wUhBbmMX7TCfjF5FoOH6SD1CttzuYlGNVpA7QnrmLxrsub43ClTINfGSYyHe2HWeLl5CQ==}
     engines: {node: '>= 12.0.0'}
     cpu: [arm64]
     os: [linux]
+    libc: [musl]
 
   lightningcss-linux-x64-gnu@1.30.1:
     resolution: {integrity: sha512-piWx3z4wN8J8z3+O5kO74+yr6ze/dKmPnI7vLqfSqI8bccaTGY5xiSGVIJBDd5K5BHlvVLpUB3S2YCfelyJ1bw==}
     engines: {node: '>= 12.0.0'}
     cpu: [x64]
     os: [linux]
+    libc: [glibc]
 
   lightningcss-linux-x64-musl@1.30.1:
     resolution: {integrity: sha512-rRomAK7eIkL+tHY0YPxbc5Dra2gXlI63HL+v1Pdi1a3sC+tJTcFrHX+E86sulgAXeI7rSzDYhPSeHHjqFhqfeQ==}
     engines: {node: '>= 12.0.0'}
     cpu: [x64]
     os: [linux]
+    libc: [musl]
 
   lightningcss-win32-arm64-msvc@1.30.1:
     resolution: {integrity: sha512-mSL4rqPi4iXq5YVqzSsJgMVFENoa4nGTT/GjO2c0Yl9OuQfPsIfncvLrEW6RbbB24WtZ3xP/2CCmI3tNkNV4oA==}
@@ -3195,6 +3249,10 @@ packages:
       sass:
         optional: true
 
+  node-addon-api@8.5.0:
+    resolution: {integrity: sha512-/bRZty2mXUIFY/xU5HLvveNHlswNJej+RnxBjOMkidWfwZzgTbPG1E3K5TOxRLOR+5hX7bSofy8yf1hZevMS8A==}
+    engines: {node: ^18 || ^20 || >= 21}
+
   node-domexception@1.0.0:
     resolution: {integrity: sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==}
     engines: {node: '>=10.5.0'}
@@ -3213,6 +3271,10 @@ packages:
     resolution: {integrity: sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==}
     engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0}
 
+  node-gyp-build@4.8.4:
+    resolution: {integrity: sha512-LA4ZjwlnUblHVgq0oBF3Jl/6h/Nvs5fzBLwdEF4nuxnFdsfajde4WfxtJr3CaiH+F6ewcIB/q4jQ4UzPyid+CQ==}
+    hasBin: true
+
   node-int64@0.4.0:
     resolution: {integrity: sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==}
 
@@ -5405,6 +5467,10 @@ snapshots:
     dependencies:
       '@babel/types': 7.28.2
 
+  '@types/bcrypt@6.0.0':
+    dependencies:
+      '@types/node': 22.17.2
+
   '@types/bcryptjs@3.0.0':
     dependencies:
       bcryptjs: 3.0.2
@@ -5820,6 +5886,11 @@ snapshots:
 
   base64-js@1.5.1: {}
 
+  bcrypt@6.0.0:
+    dependencies:
+      node-addon-api: 8.5.0
+      node-gyp-build: 4.8.4
+
   bcryptjs@3.0.2: {}
 
   binary-extensions@2.3.0: {}
@@ -7486,6 +7557,8 @@ snapshots:
       - '@babel/core'
       - babel-plugin-macros
 
+  node-addon-api@8.5.0: {}
+
   node-domexception@1.0.0: {}
 
   node-fetch@2.7.0:
@@ -7498,6 +7571,8 @@ snapshots:
       fetch-blob: 3.2.0
       formdata-polyfill: 4.0.10
 
+  node-gyp-build@4.8.4: {}
+
   node-int64@0.4.0: {}
 
   node-releases@2.0.19: {}

src/config/DaoConfigService.ts

@@ -0,0 +1,265 @@
+import { McpSettings, IUser, ServerConfig } from '../types/index.js';
+import { 
+  UserDao, 
+  ServerDao, 
+  GroupDao, 
+  SystemConfigDao, 
+  UserConfigDao,
+  ServerConfigWithName,
+  UserDaoImpl,
+  ServerDaoImpl,
+  GroupDaoImpl,
+  SystemConfigDaoImpl,
+  UserConfigDaoImpl
+} from '../dao/index.js';
+
+/**
+ * Configuration service using DAO layer
+ */
+export class DaoConfigService {
+  constructor(
+    private userDao: UserDao,
+    private serverDao: ServerDao,
+    private groupDao: GroupDao,
+    private systemConfigDao: SystemConfigDao,
+    private userConfigDao: UserConfigDao
+  ) {}
+
+  /**
+   * Load complete settings using DAO layer
+   */
+  async loadSettings(user?: IUser): Promise<McpSettings> {
+    const [users, servers, groups, systemConfig, userConfigs] = await Promise.all([
+      this.userDao.findAll(),
+      this.serverDao.findAll(),
+      this.groupDao.findAll(),
+      this.systemConfigDao.get(),
+      this.userConfigDao.getAll()
+    ]);
+
+    // Convert servers back to the original format
+    const mcpServers: { [key: string]: ServerConfig } = {};
+    for (const server of servers) {
+      const { name, ...config } = server;
+      mcpServers[name] = config;
+    }
+
+    const settings: McpSettings = {
+      users,
+      mcpServers,
+      groups,
+      systemConfig,
+      userConfigs
+    };
+
+    // Apply user-specific filtering if needed
+    if (user && !user.isAdmin) {
+      return this.filterSettingsForUser(settings, user);
+    }
+
+    return settings;
+  }
+
+  /**
+   * Save settings using DAO layer
+   */
+  async saveSettings(settings: McpSettings, user?: IUser): Promise<boolean> {
+    try {
+      // If user is not admin, merge with existing settings
+      if (user && !user.isAdmin) {
+        const currentSettings = await this.loadSettings();
+        settings = this.mergeSettingsForUser(currentSettings, settings, user);
+      }
+
+      // Save each component using respective DAOs
+      const promises: Promise<any>[] = [];
+
+      // Save users
+      if (settings.users) {
+        // Note: For users, we need to handle creation/updates separately
+        // since passwords might need hashing
+        // This is a simplified approach - in practice, you'd want more sophisticated handling
+        const currentUsers = await this.userDao.findAll();
+        for (const user of settings.users) {
+          const existing = currentUsers.find((u: IUser) => u.username === user.username);
+          if (existing) {
+            promises.push(this.userDao.update(user.username, user));
+          } else {
+            // For new users, we'd need to handle password hashing properly
+            // This is a placeholder - actual implementation would use createWithHashedPassword
+            console.warn('Creating new user requires special handling for password hashing');
+          }
+        }
+      }
+
+      // Save servers
+      if (settings.mcpServers) {
+        const currentServers = await this.serverDao.findAll();
+        const currentServerNames = new Set(currentServers.map((s: ServerConfigWithName) => s.name));
+        
+        for (const [name, config] of Object.entries(settings.mcpServers)) {
+          const serverWithName: ServerConfigWithName = { name, ...config };
+          if (currentServerNames.has(name)) {
+            promises.push(this.serverDao.update(name, serverWithName));
+          } else {
+            promises.push(this.serverDao.create(serverWithName));
+          }
+        }
+
+        // Remove servers that are no longer in the settings
+        for (const existingServer of currentServers) {
+          if (!settings.mcpServers[existingServer.name]) {
+            promises.push(this.serverDao.delete(existingServer.name));
+          }
+        }
+      }
+
+      // Save groups
+      if (settings.groups) {
+        const currentGroups = await this.groupDao.findAll();
+        const currentGroupIds = new Set(currentGroups.map((g: any) => g.id));
+        
+        for (const group of settings.groups) {
+          if (group.id && currentGroupIds.has(group.id)) {
+            promises.push(this.groupDao.update(group.id, group));
+          } else {
+            promises.push(this.groupDao.create(group));
+          }
+        }
+
+        // Remove groups that are no longer in the settings
+        const newGroupIds = new Set(settings.groups.map(g => g.id).filter(Boolean));
+        for (const existingGroup of currentGroups) {
+          if (!newGroupIds.has(existingGroup.id)) {
+            promises.push(this.groupDao.delete(existingGroup.id));
+          }
+        }
+      }
+
+      // Save system config
+      if (settings.systemConfig) {
+        promises.push(this.systemConfigDao.update(settings.systemConfig));
+      }
+
+      // Save user configs
+      if (settings.userConfigs) {
+        for (const [username, config] of Object.entries(settings.userConfigs)) {
+          promises.push(this.userConfigDao.update(username, config));
+        }
+      }
+
+      await Promise.all(promises);
+      return true;
+    } catch (error) {
+      console.error('Failed to save settings using DAO layer:', error);
+      return false;
+    }
+  }
+
+  /**
+   * Filter settings for non-admin users
+   */
+  private filterSettingsForUser(settings: McpSettings, user: IUser): McpSettings {
+    if (user.isAdmin) {
+      return settings;
+    }
+
+    // Non-admin users can only see their own servers and groups
+    const filteredServers: { [key: string]: ServerConfig } = {};
+    for (const [name, config] of Object.entries(settings.mcpServers || {})) {
+      if (config.owner === user.username || config.owner === undefined) {
+        filteredServers[name] = config;
+      }
+    }
+
+    const filteredGroups = (settings.groups || []).filter(
+      group => group.owner === user.username || group.owner === undefined
+    );
+
+    return {
+      ...settings,
+      mcpServers: filteredServers,
+      groups: filteredGroups,
+      users: [], // Non-admin users can't see user list
+      systemConfig: {}, // Non-admin users can't see system config
+      userConfigs: { [user.username]: settings.userConfigs?.[user.username] || {} }
+    };
+  }
+
+  /**
+   * Merge settings for non-admin users
+   */
+  private mergeSettingsForUser(
+    currentSettings: McpSettings, 
+    newSettings: McpSettings, 
+    user: IUser
+  ): McpSettings {
+    if (user.isAdmin) {
+      return newSettings;
+    }
+
+    // Non-admin users can only modify their own servers, groups, and user config
+    const mergedSettings = { ...currentSettings };
+
+    // Merge servers (only user's own servers)
+    if (newSettings.mcpServers) {
+      for (const [name, config] of Object.entries(newSettings.mcpServers)) {
+        const existingConfig = currentSettings.mcpServers?.[name];
+        if (!existingConfig || existingConfig.owner === user.username) {
+          mergedSettings.mcpServers = mergedSettings.mcpServers || {};
+          mergedSettings.mcpServers[name] = { ...config, owner: user.username };
+        }
+      }
+    }
+
+    // Merge groups (only user's own groups)
+    if (newSettings.groups) {
+      const userGroups = newSettings.groups.filter(
+        group => !group.owner || group.owner === user.username
+      ).map(group => ({ ...group, owner: user.username }));
+      
+      const otherGroups = (currentSettings.groups || []).filter(
+        group => group.owner !== user.username
+      );
+      
+      mergedSettings.groups = [...otherGroups, ...userGroups];
+    }
+
+    // Merge user config (only user's own config)
+    if (newSettings.userConfigs?.[user.username]) {
+      mergedSettings.userConfigs = mergedSettings.userConfigs || {};
+      mergedSettings.userConfigs[user.username] = newSettings.userConfigs[user.username];
+    }
+
+    return mergedSettings;
+  }
+
+  /**
+   * Clear all caches
+   */
+  async clearCache(): Promise<void> {
+    // DAO implementations handle their own caching
+    // This could be extended to clear DAO-level caches if needed
+  }
+
+  /**
+   * Get cache info for debugging
+   */
+  getCacheInfo(): { hasCache: boolean } {
+    // DAO implementations handle their own caching
+    return { hasCache: false };
+  }
+}
+
+/**
+ * Create a DaoConfigService with default DAO implementations
+ */
+export function createDaoConfigService(): DaoConfigService {
+  return new DaoConfigService(
+    new UserDaoImpl(),
+    new ServerDaoImpl(),
+    new GroupDaoImpl(),
+    new SystemConfigDaoImpl(),
+    new UserConfigDaoImpl()
+  );
+}

src/config/configManager.ts

@@ -0,0 +1,134 @@
+import dotenv from 'dotenv';
+import { McpSettings, IUser } from '../types/index.js';
+import { getPackageVersion } from '../utils/version.js';
+import { getDataService } from '../services/services.js';
+import { DataService } from '../services/dataService.js';
+import { DaoConfigService, createDaoConfigService } from './DaoConfigService.js';
+import { loadOriginalSettings as legacyLoadSettings, saveSettings as legacySaveSettings, clearSettingsCache as legacyClearCache } from './index.js';
+
+dotenv.config();
+
+const defaultConfig = {
+  port: process.env.PORT || 3000,
+  initTimeout: process.env.INIT_TIMEOUT || 300000,
+  basePath: process.env.BASE_PATH || '',
+  readonly: 'true' === process.env.READONLY || false,
+  mcpHubName: 'mcphub',
+  mcpHubVersion: getPackageVersion(),
+};
+
+// Configuration for which data access method to use
+const USE_DAO_LAYER = process.env.USE_DAO_LAYER === 'true';
+
+// Services
+const dataService: DataService = getDataService();
+const daoConfigService: DaoConfigService = createDaoConfigService();
+
+/**
+ * Load settings using either DAO layer or legacy file-based approach
+ */
+export const loadSettings = async (user?: IUser): Promise<McpSettings> => {
+  if (USE_DAO_LAYER) {
+    console.log('Loading settings using DAO layer');
+    return await daoConfigService.loadSettings(user);
+  } else {
+    console.log('Loading settings using legacy approach');
+    const settings = legacyLoadSettings();
+    return dataService.filterSettings!(settings, user);
+  }
+};
+
+/**
+ * Save settings using either DAO layer or legacy file-based approach
+ */
+export const saveSettings = async (settings: McpSettings, user?: IUser): Promise<boolean> => {
+  if (USE_DAO_LAYER) {
+    console.log('Saving settings using DAO layer');
+    return await daoConfigService.saveSettings(settings, user);
+  } else {
+    console.log('Saving settings using legacy approach');
+    const mergedSettings = dataService.mergeSettings!(legacyLoadSettings(), settings, user);
+    return legacySaveSettings(mergedSettings, user);
+  }
+};
+
+/**
+ * Clear settings cache
+ */
+export const clearSettingsCache = (): void => {
+  if (USE_DAO_LAYER) {
+    daoConfigService.clearCache();
+  } else {
+    legacyClearCache();
+  }
+};
+
+/**
+ * Get current cache status (for debugging)
+ */
+export const getSettingsCacheInfo = (): { hasCache: boolean; usingDao: boolean } => {
+  if (USE_DAO_LAYER) {
+    const daoInfo = daoConfigService.getCacheInfo();
+    return {
+      ...daoInfo,
+      usingDao: true
+    };
+  } else {
+    return {
+      hasCache: false, // Legacy method doesn't expose cache info here
+      usingDao: false
+    };
+  }
+};
+
+/**
+ * Switch to DAO layer at runtime (for testing/migration purposes)
+ */
+export const switchToDao = (): void => {
+  process.env.USE_DAO_LAYER = 'true';
+};
+
+/**
+ * Switch to legacy file-based approach at runtime (for testing/rollback purposes)
+ */
+export const switchToLegacy = (): void => {
+  process.env.USE_DAO_LAYER = 'false';
+};
+
+/**
+ * Get DAO config service for direct access
+ */
+export const getDaoConfigService = (): DaoConfigService => {
+  return daoConfigService;
+};
+
+/**
+ * Migration utility to migrate from legacy format to DAO layer
+ */
+export const migrateToDao = async (): Promise<boolean> => {
+  try {
+    console.log('Starting migration from legacy format to DAO layer...');
+    
+    // Load data using legacy method
+    const legacySettings = legacyLoadSettings();
+    
+    // Save using DAO layer
+    switchToDao();
+    const success = await saveSettings(legacySettings);
+    
+    if (success) {
+      console.log('Migration completed successfully');
+      return true;
+    } else {
+      console.error('Migration failed during save operation');
+      switchToLegacy();
+      return false;
+    }
+  } catch (error) {
+    console.error('Migration failed:', error);
+    switchToLegacy();
+    return false;
+  }
+};
+
+export default defaultConfig;

src/config/migrationUtils.ts

@@ -0,0 +1,247 @@
+/**
+ * Migration utilities for moving from legacy file-based config to DAO layer
+ */
+
+import { 
+  loadSettings, 
+  migrateToDao, 
+  switchToDao, 
+  switchToLegacy
+} from './configManager.js';
+import { UserDaoImpl, ServerDaoImpl, GroupDaoImpl } from '../dao/index.js';
+
+/**
+ * Validate data integrity after migration
+ */
+export async function validateMigration(): Promise<boolean> {
+  try {
+    console.log('Validating migration...');
+    
+    // Load settings using DAO layer
+    switchToDao();
+    const daoSettings = await loadSettings();
+    
+    // Load settings using legacy method
+    switchToLegacy();
+    const legacySettings = await loadSettings();
+    
+    // Compare key metrics
+    const daoUserCount = daoSettings.users?.length || 0;
+    const legacyUserCount = legacySettings.users?.length || 0;
+    
+    const daoServerCount = Object.keys(daoSettings.mcpServers || {}).length;
+    const legacyServerCount = Object.keys(legacySettings.mcpServers || {}).length;
+    
+    const daoGroupCount = daoSettings.groups?.length || 0;
+    const legacyGroupCount = legacySettings.groups?.length || 0;
+    
+    console.log('Data comparison:');
+    console.log(`Users: DAO=${daoUserCount}, Legacy=${legacyUserCount}`);
+    console.log(`Servers: DAO=${daoServerCount}, Legacy=${legacyServerCount}`);
+    console.log(`Groups: DAO=${daoGroupCount}, Legacy=${legacyGroupCount}`);
+    
+    const isValid = (
+      daoUserCount === legacyUserCount &&
+      daoServerCount === legacyServerCount &&
+      daoGroupCount === legacyGroupCount
+    );
+    
+    if (isValid) {
+      console.log('✅ Migration validation passed');
+    } else {
+      console.log('❌ Migration validation failed');
+    }
+    
+    return isValid;
+  } catch (error) {
+    console.error('Migration validation error:', error);
+    return false;
+  }
+}
+
+/**
+ * Perform a complete migration with validation
+ */
+export async function performMigration(): Promise<boolean> {
+  try {
+    console.log('🚀 Starting migration to DAO layer...');
+    
+    // Step 1: Backup current data
+    console.log('📁 Creating backup of current data...');
+    switchToLegacy();
+    const _backupData = await loadSettings();
+    
+    // Step 2: Perform migration
+    console.log('🔄 Migrating data to DAO layer...');
+    const migrationSuccess = await migrateToDao();
+    
+    if (!migrationSuccess) {
+      console.error('❌ Migration failed');
+      return false;
+    }
+    
+    // Step 3: Validate migration
+    console.log('🔍 Validating migration...');
+    const validationSuccess = await validateMigration();
+    
+    if (!validationSuccess) {
+      console.error('❌ Migration validation failed');
+      // Could implement rollback here if needed
+      return false;
+    }
+    
+    console.log('✅ Migration completed successfully!');
+    console.log('💡 You can now use the DAO layer by setting USE_DAO_LAYER=true');
+    
+    return true;
+  } catch (error) {
+    console.error('Migration error:', error);
+    return false;
+  }
+}
+
+/**
+ * Test DAO operations with sample data
+ */
+export async function testDaoOperations(): Promise<boolean> {
+  try {
+    console.log('🧪 Testing DAO operations...');
+    
+    switchToDao();
+    const userDao = new UserDaoImpl();
+    const serverDao = new ServerDaoImpl();
+    const groupDao = new GroupDaoImpl();
+    
+    // Test user operations
+    console.log('Testing user operations...');
+    const testUser = await userDao.createWithHashedPassword('test-dao-user', 'password123', false);
+    console.log(`✅ Created test user: ${testUser.username}`);
+    
+    const foundUser = await userDao.findByUsername('test-dao-user');
+    console.log(`✅ Found user: ${foundUser?.username}`);
+    
+    const isValidPassword = await userDao.validateCredentials('test-dao-user', 'password123');
+    console.log(`✅ Password validation: ${isValidPassword}`);
+    
+    // Test server operations
+    console.log('Testing server operations...');
+    const testServer = await serverDao.create({
+      name: 'test-dao-server',
+      command: 'node',
+      args: ['test.js'],
+      enabled: true,
+      owner: 'test-dao-user'
+    });
+    console.log(`✅ Created test server: ${testServer.name}`);
+    
+    const userServers = await serverDao.findByOwner('test-dao-user');
+    console.log(`✅ Found ${userServers.length} servers for user`);
+    
+    // Test group operations
+    console.log('Testing group operations...');
+    const testGroup = await groupDao.create({
+      name: 'test-dao-group',
+      description: 'Test group for DAO operations',
+      servers: ['test-dao-server'],
+      owner: 'test-dao-user'
+    });
+    console.log(`✅ Created test group: ${testGroup.name} (ID: ${testGroup.id})`);
+    
+    const userGroups = await groupDao.findByOwner('test-dao-user');
+    console.log(`✅ Found ${userGroups.length} groups for user`);
+    
+    // Cleanup test data
+    console.log('Cleaning up test data...');
+    await groupDao.delete(testGroup.id);
+    await serverDao.delete('test-dao-server');
+    await userDao.delete('test-dao-user');
+    console.log('✅ Test data cleaned up');
+    
+    console.log('🎉 All DAO operations test passed!');
+    return true;
+  } catch (error) {
+    console.error('DAO operations test error:', error);
+    return false;
+  }
+}
+
+/**
+ * Performance comparison between legacy and DAO approaches
+ */
+export async function performanceComparison(): Promise<void> {
+  try {
+    console.log('⚡ Performance comparison...');
+    
+    // Test legacy approach
+    console.log('Testing legacy approach...');
+    switchToLegacy();
+    const legacyStart = Date.now();
+    await loadSettings();
+    const legacyTime = Date.now() - legacyStart;
+    console.log(`Legacy load time: ${legacyTime}ms`);
+    
+    // Test DAO approach
+    console.log('Testing DAO approach...');
+    switchToDao();
+    const daoStart = Date.now();
+    await loadSettings();
+    const daoTime = Date.now() - daoStart;
+    console.log(`DAO load time: ${daoTime}ms`);
+    
+    // Comparison
+    const difference = daoTime - legacyTime;
+    const percentage = ((difference / legacyTime) * 100).toFixed(2);
+    
+    console.log(`Performance difference: ${difference}ms (${percentage}%)`);
+    
+    if (difference > 0) {
+      console.log(`DAO approach is ${percentage}% slower`);
+    } else {
+      console.log(`DAO approach is ${Math.abs(parseFloat(percentage))}% faster`);
+    }
+  } catch (error) {
+    console.error('Performance comparison error:', error);
+  }
+}
+
+/**
+ * Generate migration report
+ */
+export async function generateMigrationReport(): Promise<any> {
+  try {
+    console.log('📊 Generating migration report...');
+    
+    // Collect statistics from both approaches
+    switchToLegacy();
+    const legacySettings = await loadSettings();
+    
+    switchToDao();
+    const daoSettings = await loadSettings();
+    
+    const report = {
+      timestamp: new Date().toISOString(),
+      legacy: {
+        users: legacySettings.users?.length || 0,
+        servers: Object.keys(legacySettings.mcpServers || {}).length,
+        groups: legacySettings.groups?.length || 0,
+        systemConfigSections: Object.keys(legacySettings.systemConfig || {}).length,
+        userConfigs: Object.keys(legacySettings.userConfigs || {}).length
+      },
+      dao: {
+        users: daoSettings.users?.length || 0,
+        servers: Object.keys(daoSettings.mcpServers || {}).length,
+        groups: daoSettings.groups?.length || 0,
+        systemConfigSections: Object.keys(daoSettings.systemConfig || {}).length,
+        userConfigs: Object.keys(daoSettings.userConfigs || {}).length
+      }
+    };
+    
+    console.log('📈 Migration Report:');
+    console.log(JSON.stringify(report, null, 2));
+    
+    return report;
+  } catch (error) {
+    console.error('Report generation error:', error);
+    return null;
+  }
+}

src/controllers/serverController.ts

@@ -13,9 +13,9 @@ import { loadSettings, saveSettings } from '../config/index.js';
 import { syncAllServerToolsEmbeddings } from '../services/vectorSearchService.js';
 import { createSafeJSON } from '../utils/serialization.js';
 
-export const getAllServers = (_: Request, res: Response): void => {
+export const getAllServers = async (_: Request, res: Response): Promise<void> => {
   try {
-    const serversInfo = getServersInfo();
+    const serversInfo = await getServersInfo();
     const response: ApiResponse = {
       success: true,
       data: createSafeJSON(serversInfo),
@@ -167,7 +167,7 @@ export const deleteServer = async (req: Request, res: Response): Promise<void> =
       return;
     }
 
-    const result = removeServer(name);
+    const result = await removeServer(name);
     if (result.success) {
       notifyToolChanged();
       res.json({
@@ -299,11 +299,12 @@ export const updateServer = async (req: Request, res: Response): Promise<void> =
   }
 };
 
-export const getServerConfig = (req: Request, res: Response): void => {
+export const getServerConfig = async (req: Request, res: Response): Promise<void> => {
   try {
     const { name } = req.params;
-    const settings = loadSettings();
+    const allServers = await getServersInfo();
-    if (!settings.mcpServers || !settings.mcpServers[name]) {
+    const serverInfo = allServers.find((s) => s.name === name);
+    if (!serverInfo) {
       res.status(404).json({
         success: false,
         message: 'Server not found',
@@ -311,15 +312,13 @@ export const getServerConfig = (req: Request, res: Response): void => {
       return;
     }
 
-    const serverInfo = getServersInfo().find((s) => s.name === name);
-    const serverConfig = settings.mcpServers[name];
     const response: ApiResponse = {
       success: true,
       data: {
         name,
         status: serverInfo ? serverInfo.status : 'disconnected',
         tools: serverInfo ? serverInfo.tools : [],
-        config: serverConfig,
+        config: serverInfo,
       },
     };
 

src/dao/DaoFactory.ts

@@ -0,0 +1,131 @@
+import { UserDao, UserDaoImpl } from './UserDao.js';
+import { ServerDao, ServerDaoImpl } from './ServerDao.js';
+import { GroupDao, GroupDaoImpl } from './GroupDao.js';
+import { SystemConfigDao, SystemConfigDaoImpl } from './SystemConfigDao.js';
+import { UserConfigDao, UserConfigDaoImpl } from './UserConfigDao.js';
+
+/**
+ * DAO Factory interface for creating DAO instances
+ */
+export interface DaoFactory {
+  getUserDao(): UserDao;
+  getServerDao(): ServerDao;
+  getGroupDao(): GroupDao;
+  getSystemConfigDao(): SystemConfigDao;
+  getUserConfigDao(): UserConfigDao;
+}
+
+/**
+ * Default DAO factory implementation using JSON file-based DAOs
+ */
+export class JsonFileDaoFactory implements DaoFactory {
+  private static instance: JsonFileDaoFactory;
+  
+  private userDao: UserDao | null = null;
+  private serverDao: ServerDao | null = null;
+  private groupDao: GroupDao | null = null;
+  private systemConfigDao: SystemConfigDao | null = null;
+  private userConfigDao: UserConfigDao | null = null;
+
+  /**
+   * Get singleton instance
+   */
+  public static getInstance(): JsonFileDaoFactory {
+    if (!JsonFileDaoFactory.instance) {
+      JsonFileDaoFactory.instance = new JsonFileDaoFactory();
+    }
+    return JsonFileDaoFactory.instance;
+  }
+
+  private constructor() {
+    // Private constructor for singleton
+  }
+
+  getUserDao(): UserDao {
+    if (!this.userDao) {
+      this.userDao = new UserDaoImpl();
+    }
+    return this.userDao;
+  }
+
+  getServerDao(): ServerDao {
+    if (!this.serverDao) {
+      this.serverDao = new ServerDaoImpl();
+    }
+    return this.serverDao;
+  }
+
+  getGroupDao(): GroupDao {
+    if (!this.groupDao) {
+      this.groupDao = new GroupDaoImpl();
+    }
+    return this.groupDao;
+  }
+
+  getSystemConfigDao(): SystemConfigDao {
+    if (!this.systemConfigDao) {
+      this.systemConfigDao = new SystemConfigDaoImpl();
+    }
+    return this.systemConfigDao;
+  }
+
+  getUserConfigDao(): UserConfigDao {
+    if (!this.userConfigDao) {
+      this.userConfigDao = new UserConfigDaoImpl();
+    }
+    return this.userConfigDao;
+  }
+
+  /**
+   * Reset all cached DAO instances (useful for testing)
+   */
+  public resetInstances(): void {
+    this.userDao = null;
+    this.serverDao = null;
+    this.groupDao = null;
+    this.systemConfigDao = null;
+    this.userConfigDao = null;
+  }
+}
+
+/**
+ * Global DAO factory instance
+ */
+let daoFactory: DaoFactory = JsonFileDaoFactory.getInstance();
+
+/**
+ * Set the global DAO factory (useful for dependency injection)
+ */
+export function setDaoFactory(factory: DaoFactory): void {
+  daoFactory = factory;
+}
+
+/**
+ * Get the global DAO factory
+ */
+export function getDaoFactory(): DaoFactory {
+  return daoFactory;
+}
+
+/**
+ * Convenience functions to get specific DAOs
+ */
+export function getUserDao(): UserDao {
+  return getDaoFactory().getUserDao();
+}
+
+export function getServerDao(): ServerDao {
+  return getDaoFactory().getServerDao();
+}
+
+export function getGroupDao(): GroupDao {
+  return getDaoFactory().getGroupDao();
+}
+
+export function getSystemConfigDao(): SystemConfigDao {
+  return getDaoFactory().getSystemConfigDao();
+}
+
+export function getUserConfigDao(): UserConfigDao {
+  return getDaoFactory().getUserConfigDao();
+}

src/dao/GroupDao.ts

@@ -0,0 +1,221 @@
+import { IGroup } from '../types/index.js';
+import { BaseDao } from './base/BaseDao.js';
+import { JsonFileBaseDao } from './base/JsonFileBaseDao.js';
+import { v4 as uuidv4 } from 'uuid';
+
+/**
+ * Group DAO interface with group-specific operations
+ */
+export interface GroupDao extends BaseDao<IGroup, string> {
+  /**
+   * Find groups by owner
+   */
+  findByOwner(owner: string): Promise<IGroup[]>;
+
+  /**
+   * Find groups containing specific server
+   */
+  findByServer(serverName: string): Promise<IGroup[]>;
+
+  /**
+   * Add server to group
+   */
+  addServerToGroup(groupId: string, serverName: string): Promise<boolean>;
+
+  /**
+   * Remove server from group
+   */
+  removeServerFromGroup(groupId: string, serverName: string): Promise<boolean>;
+
+  /**
+   * Update group servers
+   */
+  updateServers(groupId: string, servers: string[] | IGroup['servers']): Promise<boolean>;
+
+  /**
+   * Find group by name
+   */
+  findByName(name: string): Promise<IGroup | null>;
+}
+
+/**
+ * JSON file-based Group DAO implementation
+ */
+export class GroupDaoImpl extends JsonFileBaseDao implements GroupDao {
+  protected async getAll(): Promise<IGroup[]> {
+    const settings = await this.loadSettings();
+    return settings.groups || [];
+  }
+
+  protected async saveAll(groups: IGroup[]): Promise<void> {
+    const settings = await this.loadSettings();
+    settings.groups = groups;
+    await this.saveSettings(settings);
+  }
+
+  protected getEntityId(group: IGroup): string {
+    return group.id;
+  }
+
+  protected createEntity(data: Omit<IGroup, 'id'>): IGroup {
+    return {
+      id: uuidv4(),
+      owner: 'admin', // Default owner
+      ...data,
+      servers: data.servers || [],
+    };
+  }
+
+  protected updateEntity(existing: IGroup, updates: Partial<IGroup>): IGroup {
+    return {
+      ...existing,
+      ...updates,
+      id: existing.id, // ID should not be updated
+    };
+  }
+
+  async findAll(): Promise<IGroup[]> {
+    return this.getAll();
+  }
+
+  async findById(id: string): Promise<IGroup | null> {
+    const groups = await this.getAll();
+    return groups.find((group) => group.id === id) || null;
+  }
+
+  async create(data: Omit<IGroup, 'id'>): Promise<IGroup> {
+    const groups = await this.getAll();
+
+    // Check if group name already exists
+    if (groups.find((group) => group.name === data.name)) {
+      throw new Error(`Group with name ${data.name} already exists`);
+    }
+
+    const newGroup = this.createEntity(data);
+    groups.push(newGroup);
+    await this.saveAll(groups);
+
+    return newGroup;
+  }
+
+  async update(id: string, updates: Partial<IGroup>): Promise<IGroup | null> {
+    const groups = await this.getAll();
+    const index = groups.findIndex((group) => group.id === id);
+
+    if (index === -1) {
+      return null;
+    }
+
+    // Check if name update would cause conflict
+    if (updates.name && updates.name !== groups[index].name) {
+      const existingGroup = groups.find((group) => group.name === updates.name && group.id !== id);
+      if (existingGroup) {
+        throw new Error(`Group with name ${updates.name} already exists`);
+      }
+    }
+
+    // Don't allow ID changes
+    const { id: _, ...allowedUpdates } = updates;
+    const updatedGroup = this.updateEntity(groups[index], allowedUpdates);
+    groups[index] = updatedGroup;
+
+    await this.saveAll(groups);
+    return updatedGroup;
+  }
+
+  async delete(id: string): Promise<boolean> {
+    const groups = await this.getAll();
+    const index = groups.findIndex((group) => group.id === id);
+
+    if (index === -1) {
+      return false;
+    }
+
+    groups.splice(index, 1);
+    await this.saveAll(groups);
+    return true;
+  }
+
+  async exists(id: string): Promise<boolean> {
+    const group = await this.findById(id);
+    return group !== null;
+  }
+
+  async count(): Promise<number> {
+    const groups = await this.getAll();
+    return groups.length;
+  }
+
+  async findByOwner(owner: string): Promise<IGroup[]> {
+    const groups = await this.getAll();
+    return groups.filter((group) => group.owner === owner);
+  }
+
+  async findByServer(serverName: string): Promise<IGroup[]> {
+    const groups = await this.getAll();
+    return groups.filter((group) => {
+      if (Array.isArray(group.servers)) {
+        return group.servers.some((server) => {
+          if (typeof server === 'string') {
+            return server === serverName;
+          } else {
+            return server.name === serverName;
+          }
+        });
+      }
+      return false;
+    });
+  }
+
+  async addServerToGroup(groupId: string, serverName: string): Promise<boolean> {
+    const group = await this.findById(groupId);
+    if (!group) {
+      return false;
+    }
+
+    // Check if server already exists in group
+    const serverExists = group.servers.some((server) => {
+      if (typeof server === 'string') {
+        return server === serverName;
+      } else {
+        return server.name === serverName;
+      }
+    });
+
+    if (serverExists) {
+      return true; // Already exists, consider it success
+    }
+
+    const updatedServers = [...group.servers, serverName] as IGroup['servers'];
+    const result = await this.update(groupId, { servers: updatedServers });
+    return result !== null;
+  }
+
+  async removeServerFromGroup(groupId: string, serverName: string): Promise<boolean> {
+    const group = await this.findById(groupId);
+    if (!group) {
+      return false;
+    }
+
+    const updatedServers = group.servers.filter((server) => {
+      if (typeof server === 'string') {
+        return server !== serverName;
+      } else {
+        return server.name !== serverName;
+      }
+    }) as IGroup['servers'];
+
+    const result = await this.update(groupId, { servers: updatedServers });
+    return result !== null;
+  }
+
+  async updateServers(groupId: string, servers: string[] | IGroup['servers']): Promise<boolean> {
+    const result = await this.update(groupId, { servers });
+    return result !== null;
+  }
+
+  async findByName(name: string): Promise<IGroup | null> {
+    const groups = await this.getAll();
+    return groups.find((group) => group.name === name) || null;
+  }
+}

src/dao/ServerDao.ts

@@ -0,0 +1,210 @@
+import { ServerConfig } from '../types/index.js';
+import { BaseDao } from './base/BaseDao.js';
+import { JsonFileBaseDao } from './base/JsonFileBaseDao.js';
+
+/**
+ * Server DAO interface with server-specific operations
+ */
+export interface ServerDao extends BaseDao<ServerConfigWithName, string> {
+  /**
+   * Find servers by owner
+   */
+  findByOwner(owner: string): Promise<ServerConfigWithName[]>;
+
+  /**
+   * Find enabled servers only
+   */
+  findEnabled(): Promise<ServerConfigWithName[]>;
+
+  /**
+   * Find servers by type
+   */
+  findByType(type: string): Promise<ServerConfigWithName[]>;
+
+  /**
+   * Enable/disable server
+   */
+  setEnabled(name: string, enabled: boolean): Promise<boolean>;
+
+  /**
+   * Update server tools configuration
+   */
+  updateTools(
+    name: string,
+    tools: Record<string, { enabled: boolean; description?: string }>,
+  ): Promise<boolean>;
+
+  /**
+   * Update server prompts configuration
+   */
+  updatePrompts(
+    name: string,
+    prompts: Record<string, { enabled: boolean; description?: string }>,
+  ): Promise<boolean>;
+}
+
+/**
+ * Server configuration with name for DAO operations
+ */
+export interface ServerConfigWithName extends ServerConfig {
+  name: string;
+}
+
+/**
+ * JSON file-based Server DAO implementation
+ */
+export class ServerDaoImpl extends JsonFileBaseDao implements ServerDao {
+  protected async getAll(): Promise<ServerConfigWithName[]> {
+    const settings = await this.loadSettings();
+    const servers: ServerConfigWithName[] = [];
+
+    for (const [name, config] of Object.entries(settings.mcpServers || {})) {
+      servers.push({
+        name,
+        ...config,
+      });
+    }
+
+    return servers;
+  }
+
+  protected async saveAll(servers: ServerConfigWithName[]): Promise<void> {
+    const settings = await this.loadSettings();
+    settings.mcpServers = {};
+
+    for (const server of servers) {
+      const { name, ...config } = server;
+      settings.mcpServers[name] = config;
+    }
+
+    await this.saveSettings(settings);
+  }
+
+  protected getEntityId(server: ServerConfigWithName): string {
+    return server.name;
+  }
+
+  protected createEntity(_data: Omit<ServerConfigWithName, 'name'>): ServerConfigWithName {
+    throw new Error('Server name must be provided');
+  }
+
+  protected updateEntity(
+    existing: ServerConfigWithName,
+    updates: Partial<ServerConfigWithName>,
+  ): ServerConfigWithName {
+    return {
+      ...existing,
+      ...updates,
+      name: existing.name, // Name should not be updated
+    };
+  }
+
+  async findAll(): Promise<ServerConfigWithName[]> {
+    return this.getAll();
+  }
+
+  async findById(name: string): Promise<ServerConfigWithName | null> {
+    const servers = await this.getAll();
+    return servers.find((server) => server.name === name) || null;
+  }
+
+  async create(
+    data: Omit<ServerConfigWithName, 'name'> & { name: string },
+  ): Promise<ServerConfigWithName> {
+    const servers = await this.getAll();
+
+    // Check if server already exists
+    if (servers.find((server) => server.name === data.name)) {
+      throw new Error(`Server ${data.name} already exists`);
+    }
+
+    const newServer: ServerConfigWithName = {
+      enabled: true, // Default to enabled
+      owner: 'admin', // Default owner
+      ...data,
+    };
+
+    servers.push(newServer);
+    await this.saveAll(servers);
+
+    return newServer;
+  }
+
+  async update(
+    name: string,
+    updates: Partial<ServerConfigWithName>,
+  ): Promise<ServerConfigWithName | null> {
+    const servers = await this.getAll();
+    const index = servers.findIndex((server) => server.name === name);
+
+    if (index === -1) {
+      return null;
+    }
+
+    // Don't allow name changes
+    const { name: _, ...allowedUpdates } = updates;
+    const updatedServer = this.updateEntity(servers[index], allowedUpdates);
+    servers[index] = updatedServer;
+
+    await this.saveAll(servers);
+    return updatedServer;
+  }
+
+  async delete(name: string): Promise<boolean> {
+    const servers = await this.getAll();
+    const index = servers.findIndex((server) => server.name === name);
+    if (index === -1) {
+      return false;
+    }
+
+    servers.splice(index, 1);
+    await this.saveAll(servers);
+    return true;
+  }
+
+  async exists(name: string): Promise<boolean> {
+    const server = await this.findById(name);
+    return server !== null;
+  }
+
+  async count(): Promise<number> {
+    const servers = await this.getAll();
+    return servers.length;
+  }
+
+  async findByOwner(owner: string): Promise<ServerConfigWithName[]> {
+    const servers = await this.getAll();
+    return servers.filter((server) => server.owner === owner);
+  }
+
+  async findEnabled(): Promise<ServerConfigWithName[]> {
+    const servers = await this.getAll();
+    return servers.filter((server) => server.enabled !== false);
+  }
+
+  async findByType(type: string): Promise<ServerConfigWithName[]> {
+    const servers = await this.getAll();
+    return servers.filter((server) => server.type === type);
+  }
+
+  async setEnabled(name: string, enabled: boolean): Promise<boolean> {
+    const result = await this.update(name, { enabled });
+    return result !== null;
+  }
+
+  async updateTools(
+    name: string,
+    tools: Record<string, { enabled: boolean; description?: string }>,
+  ): Promise<boolean> {
+    const result = await this.update(name, { tools });
+    return result !== null;
+  }
+
+  async updatePrompts(
+    name: string,
+    prompts: Record<string, { enabled: boolean; description?: string }>,
+  ): Promise<boolean> {
+    const result = await this.update(name, { prompts });
+    return result !== null;
+  }
+}

src/dao/SystemConfigDao.ts

@@ -0,0 +1,95 @@
+import { SystemConfig } from '../types/index.js';
+import { JsonFileBaseDao } from './base/JsonFileBaseDao.js';
+
+/**
+ * System Configuration DAO interface
+ */
+export interface SystemConfigDao {
+  /**
+   * Get system configuration
+   */
+  get(): Promise<SystemConfig>;
+
+  /**
+   * Update system configuration
+   */
+  update(config: Partial<SystemConfig>): Promise<SystemConfig>;
+
+  /**
+   * Reset system configuration to defaults
+   */
+  reset(): Promise<SystemConfig>;
+
+  /**
+   * Get specific configuration section
+   */
+  getSection<K extends keyof SystemConfig>(section: K): Promise<SystemConfig[K] | undefined>;
+
+  /**
+   * Update specific configuration section
+   */
+  updateSection<K extends keyof SystemConfig>(section: K, value: SystemConfig[K]): Promise<boolean>;
+}
+
+/**
+ * JSON file-based System Configuration DAO implementation
+ */
+export class SystemConfigDaoImpl extends JsonFileBaseDao implements SystemConfigDao {
+  async get(): Promise<SystemConfig> {
+    const settings = await this.loadSettings();
+    return settings.systemConfig || {};
+  }
+
+  async update(config: Partial<SystemConfig>): Promise<SystemConfig> {
+    const settings = await this.loadSettings();
+    const currentConfig = settings.systemConfig || {};
+    
+    // Deep merge configuration
+    const updatedConfig = this.deepMerge(currentConfig, config);
+    settings.systemConfig = updatedConfig;
+    
+    await this.saveSettings(settings);
+    return updatedConfig;
+  }
+
+  async reset(): Promise<SystemConfig> {
+    const settings = await this.loadSettings();
+    const defaultConfig: SystemConfig = {};
+    
+    settings.systemConfig = defaultConfig;
+    await this.saveSettings(settings);
+    
+    return defaultConfig;
+  }
+
+  async getSection<K extends keyof SystemConfig>(section: K): Promise<SystemConfig[K] | undefined> {
+    const config = await this.get();
+    return config[section];
+  }
+
+  async updateSection<K extends keyof SystemConfig>(section: K, value: SystemConfig[K]): Promise<boolean> {
+    try {
+      await this.update({ [section]: value } as Partial<SystemConfig>);
+      return true;
+    } catch {
+      return false;
+    }
+  }
+
+  /**
+   * Deep merge two objects
+   */
+  private deepMerge(target: any, source: any): any {
+    const result = { ...target };
+    
+    for (const key in source) {
+      if (source[key] && typeof source[key] === 'object' && !Array.isArray(source[key])) {
+        result[key] = this.deepMerge(target[key] || {}, source[key]);
+      } else {
+        result[key] = source[key];
+      }
+    }
+    
+    return result;
+  }
+}

src/dao/UserConfigDao.ts

@@ -0,0 +1,132 @@
+import { UserConfig } from '../types/index.js';
+import { JsonFileBaseDao } from './base/JsonFileBaseDao.js';
+
+/**
+ * User Configuration DAO interface
+ */
+export interface UserConfigDao {
+  /**
+   * Get user configuration
+   */
+  get(username: string): Promise<UserConfig | undefined>;
+
+  /**
+   * Get all user configurations
+   */
+  getAll(): Promise<Record<string, UserConfig>>;
+
+  /**
+   * Update user configuration
+   */
+  update(username: string, config: Partial<UserConfig>): Promise<UserConfig>;
+
+  /**
+   * Delete user configuration
+   */
+  delete(username: string): Promise<boolean>;
+
+  /**
+   * Check if user configuration exists
+   */
+  exists(username: string): Promise<boolean>;
+
+  /**
+   * Reset user configuration to defaults
+   */
+  reset(username: string): Promise<UserConfig>;
+
+  /**
+   * Get specific configuration section for user
+   */
+  getSection<K extends keyof UserConfig>(username: string, section: K): Promise<UserConfig[K] | undefined>;
+
+  /**
+   * Update specific configuration section for user
+   */
+  updateSection<K extends keyof UserConfig>(username: string, section: K, value: UserConfig[K]): Promise<boolean>;
+}
+
+/**
+ * JSON file-based User Configuration DAO implementation
+ */
+export class UserConfigDaoImpl extends JsonFileBaseDao implements UserConfigDao {
+  async get(username: string): Promise<UserConfig | undefined> {
+    const settings = await this.loadSettings();
+    return settings.userConfigs?.[username];
+  }
+
+  async getAll(): Promise<Record<string, UserConfig>> {
+    const settings = await this.loadSettings();
+    return settings.userConfigs || {};
+  }
+
+  async update(username: string, config: Partial<UserConfig>): Promise<UserConfig> {
+    const settings = await this.loadSettings();
+    
+    if (!settings.userConfigs) {
+      settings.userConfigs = {};
+    }
+    
+    const currentConfig = settings.userConfigs[username] || {};
+    
+    // Deep merge configuration
+    const updatedConfig = this.deepMerge(currentConfig, config);
+    settings.userConfigs[username] = updatedConfig;
+    
+    await this.saveSettings(settings);
+    return updatedConfig;
+  }
+
+  async delete(username: string): Promise<boolean> {
+    const settings = await this.loadSettings();
+    
+    if (!settings.userConfigs || !settings.userConfigs[username]) {
+      return false;
+    }
+    
+    delete settings.userConfigs[username];
+    await this.saveSettings(settings);
+    return true;
+  }
+
+  async exists(username: string): Promise<boolean> {
+    const config = await this.get(username);
+    return config !== undefined;
+  }
+
+  async reset(username: string): Promise<UserConfig> {
+    const defaultConfig: UserConfig = {};
+    return this.update(username, defaultConfig);
+  }
+
+  async getSection<K extends keyof UserConfig>(username: string, section: K): Promise<UserConfig[K] | undefined> {
+    const config = await this.get(username);
+    return config?.[section];
+  }
+
+  async updateSection<K extends keyof UserConfig>(username: string, section: K, value: UserConfig[K]): Promise<boolean> {
+    try {
+      await this.update(username, { [section]: value } as Partial<UserConfig>);
+      return true;
+    } catch {
+      return false;
+    }
+  }
+
+  /**
+   * Deep merge two objects
+   */
+  private deepMerge(target: any, source: any): any {
+    const result = { ...target };
+    
+    for (const key in source) {
+      if (source[key] && typeof source[key] === 'object' && !Array.isArray(source[key])) {
+        result[key] = this.deepMerge(target[key] || {}, source[key]);
+      } else {
+        result[key] = source[key];
+      }
+    }
+    
+    return result;
+  }
+}

src/dao/UserDao.ts

@@ -0,0 +1,169 @@
+import { IUser } from '../types/index.js';
+import { BaseDao } from './base/BaseDao.js';
+import { JsonFileBaseDao } from './base/JsonFileBaseDao.js';
+import bcrypt from 'bcryptjs';
+
+/**
+ * User DAO interface with user-specific operations
+ */
+export interface UserDao extends BaseDao<IUser, string> {
+  /**
+   * Find user by username
+   */
+  findByUsername(username: string): Promise<IUser | null>;
+
+  /**
+   * Validate user credentials
+   */
+  validateCredentials(username: string, password: string): Promise<boolean>;
+
+  /**
+   * Create user with hashed password
+   */
+  createWithHashedPassword(username: string, password: string, isAdmin?: boolean): Promise<IUser>;
+
+  /**
+   * Update user password
+   */
+  updatePassword(username: string, newPassword: string): Promise<boolean>;
+
+  /**
+   * Find all admin users
+   */
+  findAdmins(): Promise<IUser[]>;
+}
+
+/**
+ * JSON file-based User DAO implementation
+ */
+export class UserDaoImpl extends JsonFileBaseDao implements UserDao {
+  protected async getAll(): Promise<IUser[]> {
+    const settings = await this.loadSettings();
+    return settings.users || [];
+  }
+
+  protected async saveAll(users: IUser[]): Promise<void> {
+    const settings = await this.loadSettings();
+    settings.users = users;
+    await this.saveSettings(settings);
+  }
+
+  protected getEntityId(user: IUser): string {
+    return user.username;
+  }
+
+  protected createEntity(_data: Omit<IUser, 'username'>): IUser {
+    // This method should not be called directly for users
+    throw new Error('Use createWithHashedPassword instead');
+  }
+
+  protected updateEntity(existing: IUser, updates: Partial<IUser>): IUser {
+    return {
+      ...existing,
+      ...updates,
+      username: existing.username, // Username should not be updated
+    };
+  }
+
+  async findAll(): Promise<IUser[]> {
+    return this.getAll();
+  }
+
+  async findById(username: string): Promise<IUser | null> {
+    return this.findByUsername(username);
+  }
+
+  async findByUsername(username: string): Promise<IUser | null> {
+    const users = await this.getAll();
+    return users.find((user) => user.username === username) || null;
+  }
+
+  async create(_data: Omit<IUser, 'username'>): Promise<IUser> {
+    throw new Error('Use createWithHashedPassword instead');
+  }
+
+  async createWithHashedPassword(
+    username: string,
+    password: string,
+    isAdmin: boolean = false,
+  ): Promise<IUser> {
+    const users = await this.getAll();
+
+    // Check if user already exists
+    if (users.find((user) => user.username === username)) {
+      throw new Error(`User ${username} already exists`);
+    }
+
+    const hashedPassword = await bcrypt.hash(password, 10);
+    const newUser: IUser = {
+      username,
+      password: hashedPassword,
+      isAdmin,
+    };
+
+    users.push(newUser);
+    await this.saveAll(users);
+
+    return newUser;
+  }
+
+  async update(username: string, updates: Partial<IUser>): Promise<IUser | null> {
+    const users = await this.getAll();
+    const index = users.findIndex((user) => user.username === username);
+
+    if (index === -1) {
+      return null;
+    }
+
+    // Don't allow username changes
+    const { username: _, ...allowedUpdates } = updates;
+    const updatedUser = this.updateEntity(users[index], allowedUpdates);
+    users[index] = updatedUser;
+
+    await this.saveAll(users);
+    return updatedUser;
+  }
+
+  async updatePassword(username: string, newPassword: string): Promise<boolean> {
+    const hashedPassword = await bcrypt.hash(newPassword, 10);
+    const result = await this.update(username, { password: hashedPassword });
+    return result !== null;
+  }
+
+  async delete(username: string): Promise<boolean> {
+    const users = await this.getAll();
+    const index = users.findIndex((user) => user.username === username);
+
+    if (index === -1) {
+      return false;
+    }
+
+    users.splice(index, 1);
+    await this.saveAll(users);
+    return true;
+  }
+
+  async exists(username: string): Promise<boolean> {
+    const user = await this.findByUsername(username);
+    return user !== null;
+  }
+
+  async count(): Promise<number> {
+    const users = await this.getAll();
+    return users.length;
+  }
+
+  async validateCredentials(username: string, password: string): Promise<boolean> {
+    const user = await this.findByUsername(username);
+    if (!user) {
+      return false;
+    }
+
+    return bcrypt.compare(password, user.password);
+  }
+
+  async findAdmins(): Promise<IUser[]> {
+    const users = await this.getAll();
+    return users.filter((user) => user.isAdmin === true);
+  }
+}

src/dao/base/BaseDao.ts

@@ -0,0 +1,107 @@
+/**
+ * Base DAO interface providing common CRUD operations
+ */
+export interface BaseDao<T, K = string> {
+  /**
+   * Find all entities
+   */
+  findAll(): Promise<T[]>;
+
+  /**
+   * Find entity by ID
+   */
+  findById(id: K): Promise<T | null>;
+
+  /**
+   * Create new entity
+   */
+  create(entity: Omit<T, 'id'>): Promise<T>;
+
+  /**
+   * Update existing entity
+   */
+  update(id: K, entity: Partial<T>): Promise<T | null>;
+
+  /**
+   * Delete entity by ID
+   */
+  delete(id: K): Promise<boolean>;
+
+  /**
+   * Check if entity exists
+   */
+  exists(id: K): Promise<boolean>;
+
+  /**
+   * Count total entities
+   */
+  count(): Promise<number>;
+}
+
+/**
+ * Base DAO implementation with common functionality
+ */
+export abstract class BaseDaoImpl<T, K = string> implements BaseDao<T, K> {
+  protected abstract getAll(): Promise<T[]>;
+  protected abstract saveAll(entities: T[]): Promise<void>;
+  protected abstract getEntityId(entity: T): K;
+  protected abstract createEntity(data: Omit<T, 'id'>): T;
+  protected abstract updateEntity(existing: T, updates: Partial<T>): T;
+
+  async findAll(): Promise<T[]> {
+    return this.getAll();
+  }
+
+  async findById(id: K): Promise<T | null> {
+    const entities = await this.getAll();
+    return entities.find(entity => this.getEntityId(entity) === id) || null;
+  }
+
+  async create(data: Omit<T, 'id'>): Promise<T> {
+    const entities = await this.getAll();
+    const newEntity = this.createEntity(data);
+    
+    entities.push(newEntity);
+    await this.saveAll(entities);
+    
+    return newEntity;
+  }
+
+  async update(id: K, updates: Partial<T>): Promise<T | null> {
+    const entities = await this.getAll();
+    const index = entities.findIndex(entity => this.getEntityId(entity) === id);
+    
+    if (index === -1) {
+      return null;
+    }
+
+    const updatedEntity = this.updateEntity(entities[index], updates);
+    entities[index] = updatedEntity;
+    
+    await this.saveAll(entities);
+    return updatedEntity;
+  }
+
+  async delete(id: K): Promise<boolean> {
+    const entities = await this.getAll();
+    const index = entities.findIndex(entity => this.getEntityId(entity) === id);
+    
+    if (index === -1) {
+      return false;
+    }
+
+    entities.splice(index, 1);
+    await this.saveAll(entities);
+    return true;
+  }
+
+  async exists(id: K): Promise<boolean> {
+    const entity = await this.findById(id);
+    return entity !== null;
+  }
+
+  async count(): Promise<number> {
+    const entities = await this.getAll();
+    return entities.length;
+  }
+}

src/dao/base/JsonFileBaseDao.ts

@@ -0,0 +1,93 @@
+import fs from 'fs';
+import path from 'path';
+import { McpSettings } from '../../types/index.js';
+import { getSettingsPath } from '../../config/index.js';
+
+/**
+ * Abstract base class for JSON file-based DAO implementations
+ */
+export abstract class JsonFileBaseDao {
+  private settingsCache: McpSettings | null = null;
+  private lastModified: number = 0;
+
+  /**
+   * Load settings from JSON file with caching
+   */
+  protected async loadSettings(): Promise<McpSettings> {
+    try {
+      const settingsPath = getSettingsPath();
+      const stats = fs.statSync(settingsPath);
+      const fileModified = stats.mtime.getTime();
+
+      // Check if cache is still valid
+      if (this.settingsCache && this.lastModified >= fileModified) {
+        return this.settingsCache;
+      }
+
+      const settingsData = fs.readFileSync(settingsPath, 'utf8');
+      const settings = JSON.parse(settingsData) as McpSettings;
+
+      // Update cache
+      this.settingsCache = settings;
+      this.lastModified = fileModified;
+
+      return settings;
+    } catch (error) {
+      console.error(`Failed to load settings:`, error);
+      const defaultSettings: McpSettings = {
+        mcpServers: {},
+        users: [],
+        groups: [],
+        systemConfig: {},
+        userConfigs: {},
+      };
+
+      // Cache default settings
+      this.settingsCache = defaultSettings;
+      this.lastModified = Date.now();
+
+      return defaultSettings;
+    }
+  }
+
+  /**
+   * Save settings to JSON file and update cache
+   */
+  protected async saveSettings(settings: McpSettings): Promise<void> {
+    try {
+      // Ensure directory exists
+      const settingsPath = getSettingsPath();
+      const dir = path.dirname(settingsPath);
+      if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+      }
+
+      fs.writeFileSync(settingsPath, JSON.stringify(settings, null, 2), 'utf8');
+
+      // Update cache
+      this.settingsCache = settings;
+      this.lastModified = Date.now();
+    } catch (error) {
+      console.error(`Failed to save settings:`, error);
+      throw error;
+    }
+  }
+
+  /**
+   * Clear settings cache
+   */
+  protected clearCache(): void {
+    this.settingsCache = null;
+    this.lastModified = 0;
+  }
+
+  /**
+   * Get cache status for debugging
+   */
+  protected getCacheInfo(): { hasCache: boolean; lastModified: number } {
+    return {
+      hasCache: this.settingsCache !== null,
+      lastModified: this.lastModified,
+    };
+  }
+}

src/dao/examples.ts

@@ -0,0 +1,218 @@
+/**
+ * Data access layer example and test utilities
+ * 
+ * This file demonstrates how to use the DAO layer for managing different types of data
+ * in the MCPHub application.
+ */
+
+import { 
+  getUserDao, 
+  getServerDao, 
+  getGroupDao, 
+  getSystemConfigDao, 
+  getUserConfigDao,
+  JsonFileDaoFactory,
+  setDaoFactory
+} from './DaoFactory.js';
+
+/**
+ * Example usage of UserDao
+ */
+export async function exampleUserOperations() {
+  const userDao = getUserDao();
+
+  // Create a new user
+  const newUser = await userDao.createWithHashedPassword('testuser', 'password123', false);
+  console.log('Created user:', newUser.username);
+
+  // Find user by username
+  const foundUser = await userDao.findByUsername('testuser');
+  console.log('Found user:', foundUser?.username);
+
+  // Validate credentials
+  const isValid = await userDao.validateCredentials('testuser', 'password123');
+  console.log('Credentials valid:', isValid);
+
+  // Update user
+  await userDao.update('testuser', { isAdmin: true });
+  console.log('Updated user to admin');
+
+  // Find all admin users
+  const admins = await userDao.findAdmins();
+  console.log('Admin users:', admins.map(u => u.username));
+
+  // Delete user
+  await userDao.delete('testuser');
+  console.log('Deleted test user');
+}
+
+/**
+ * Example usage of ServerDao
+ */
+export async function exampleServerOperations() {
+  const serverDao = getServerDao();
+
+  // Create a new server
+  const newServer = await serverDao.create({
+    name: 'test-server',
+    command: 'node',
+    args: ['server.js'],
+    enabled: true,
+    owner: 'admin'
+  });
+  console.log('Created server:', newServer.name);
+
+  // Find servers by owner
+  const userServers = await serverDao.findByOwner('admin');
+  console.log('Servers owned by admin:', userServers.map(s => s.name));
+
+  // Find enabled servers
+  const enabledServers = await serverDao.findEnabled();
+  console.log('Enabled servers:', enabledServers.map(s => s.name));
+
+  // Update server tools
+  await serverDao.updateTools('test-server', {
+    'tool1': { enabled: true, description: 'Test tool' }
+  });
+  console.log('Updated server tools');
+
+  // Delete server
+  await serverDao.delete('test-server');
+  console.log('Deleted test server');
+}
+
+/**
+ * Example usage of GroupDao
+ */
+export async function exampleGroupOperations() {
+  const groupDao = getGroupDao();
+
+  // Create a new group
+  const newGroup = await groupDao.create({
+    name: 'test-group',
+    description: 'Test group for development',
+    servers: ['server1', 'server2'],
+    owner: 'admin'
+  });
+  console.log('Created group:', newGroup.name, 'with ID:', newGroup.id);
+
+  // Find groups by owner
+  const userGroups = await groupDao.findByOwner('admin');
+  console.log('Groups owned by admin:', userGroups.map(g => g.name));
+
+  // Add server to group
+  await groupDao.addServerToGroup(newGroup.id, 'server3');
+  console.log('Added server3 to group');
+
+  // Find groups containing specific server
+  const groupsWithServer = await groupDao.findByServer('server1');
+  console.log('Groups containing server1:', groupsWithServer.map(g => g.name));
+
+  // Remove server from group
+  await groupDao.removeServerFromGroup(newGroup.id, 'server2');
+  console.log('Removed server2 from group');
+
+  // Delete group
+  await groupDao.delete(newGroup.id);
+  console.log('Deleted test group');
+}
+
+/**
+ * Example usage of SystemConfigDao
+ */
+export async function exampleSystemConfigOperations() {
+  const systemConfigDao = getSystemConfigDao();
+
+  // Get current system config
+  const currentConfig = await systemConfigDao.get();
+  console.log('Current system config:', currentConfig);
+
+  // Update routing configuration
+  await systemConfigDao.updateSection('routing', {
+    enableGlobalRoute: true,
+    enableGroupNameRoute: true,
+    enableBearerAuth: false
+  });
+  console.log('Updated routing configuration');
+
+  // Update install configuration
+  await systemConfigDao.updateSection('install', {
+    pythonIndexUrl: 'https://pypi.org/simple/',
+    npmRegistry: 'https://registry.npmjs.org/',
+    baseUrl: 'https://mcphub.local'
+  });
+  console.log('Updated install configuration');
+
+  // Get specific section
+  const routingConfig = await systemConfigDao.getSection('routing');
+  console.log('Routing config:', routingConfig);
+}
+
+/**
+ * Example usage of UserConfigDao
+ */
+export async function exampleUserConfigOperations() {
+  const userConfigDao = getUserConfigDao();
+
+  // Update user configuration
+  await userConfigDao.update('admin', {
+    routing: {
+      enableGlobalRoute: false,
+      enableGroupNameRoute: true
+    }
+  });
+  console.log('Updated admin user config');
+
+  // Get user configuration
+  const adminConfig = await userConfigDao.get('admin');
+  console.log('Admin config:', adminConfig);
+
+  // Get all user configurations
+  const allUserConfigs = await userConfigDao.getAll();
+  console.log('All user configs:', Object.keys(allUserConfigs));
+
+  // Get specific section for user
+  const userRoutingConfig = await userConfigDao.getSection('admin', 'routing');
+  console.log('Admin routing config:', userRoutingConfig);
+
+  // Delete user configuration
+  await userConfigDao.delete('admin');
+  console.log('Deleted admin user config');
+}
+
+/**
+ * Test all DAO operations
+ */
+export async function testAllDaoOperations() {
+  try {
+    console.log('=== Testing DAO Layer ===');
+    
+    console.log('\n--- User Operations ---');
+    await exampleUserOperations();
+    
+    console.log('\n--- Server Operations ---');
+    await exampleServerOperations();
+    
+    console.log('\n--- Group Operations ---');
+    await exampleGroupOperations();
+    
+    console.log('\n--- System Config Operations ---');
+    await exampleSystemConfigOperations();
+    
+    console.log('\n--- User Config Operations ---');
+    await exampleUserConfigOperations();
+    
+    console.log('\n=== DAO Layer Test Complete ===');
+  } catch (error) {
+    console.error('Error during DAO testing:', error);
+  }
+}
+
+/**
+ * Reset DAO factory for testing purposes
+ */
+export function resetDaoFactory() {
+  const factory = JsonFileDaoFactory.getInstance();
+  factory.resetInstances();
+  setDaoFactory(factory);
+}

src/dao/index.ts

@@ -0,0 +1,11 @@
+// Export all DAO interfaces and implementations
+export * from './base/BaseDao.js';
+export * from './base/JsonFileBaseDao.js';
+export * from './UserDao.js';
+export * from './ServerDao.js';
+export * from './GroupDao.js';
+export * from './SystemConfigDao.js';
+export * from './UserConfigDao.js';
+
+// Export the DAO factory and convenience functions
+export * from './DaoFactory.js';

src/scripts/dao-demo.ts

@@ -0,0 +1,259 @@
+#!/usr/bin/env node
+
+/**
+ * MCPHub DAO Layer Demo Script
+ *
+ * This script demonstrates how to use the new DAO layer for managing
+ * MCPHub configuration data.
+ */
+
+import {
+  loadSettings,
+  switchToDao,
+  switchToLegacy,
+  getDaoConfigService,
+} from '../config/configManager.js';
+
+import {
+  performMigration,
+  validateMigration,
+  testDaoOperations,
+  performanceComparison,
+  generateMigrationReport,
+} from '../config/migrationUtils.js';
+
+async function main() {
+  const args = process.argv.slice(2);
+  const command = args[0];
+
+  switch (command) {
+    case 'migrate':
+      {
+        console.log('🚀 Starting migration to DAO layer...');
+        const success = await performMigration();
+        process.exit(success ? 0 : 1);
+      }
+      break;
+
+    case 'validate':
+      {
+        console.log('🔍 Validating migration...');
+        const isValid = await validateMigration();
+        process.exit(isValid ? 0 : 1);
+      }
+      break;
+
+    case 'test':
+      {
+        console.log('🧪 Testing DAO operations...');
+        const testSuccess = await testDaoOperations();
+        process.exit(testSuccess ? 0 : 1);
+      }
+      break;
+
+    case 'compare':
+      {
+        console.log('⚡ Comparing performance...');
+        await performanceComparison();
+        process.exit(0);
+      }
+      break;
+
+    case 'report':
+      {
+        console.log('📊 Generating migration report...');
+        await generateMigrationReport();
+        process.exit(0);
+      }
+      break;
+
+    case 'demo':
+      {
+        await runDemo();
+        process.exit(0);
+      }
+      break;
+
+    case 'switch-dao':
+      {
+        switchToDao();
+        console.log('✅ Switched to DAO layer');
+        process.exit(0);
+      }
+      break;
+
+    case 'switch-legacy':
+      {
+        switchToLegacy();
+        console.log('✅ Switched to legacy file-based approach');
+        process.exit(0);
+      }
+      break;
+
+    default: {
+      printHelp();
+      process.exit(1);
+    }
+  }
+}
+
+function printHelp() {
+  console.log(`
+MCPHub DAO Layer Demo
+
+Usage: node dao-demo.js <command>
+
+Commands:
+  migrate       - Migrate from legacy format to DAO layer
+  validate      - Validate migration integrity
+  test          - Test DAO operations with sample data
+  compare       - Compare performance between legacy and DAO approaches
+  report        - Generate migration report
+  demo          - Run interactive demo
+  switch-dao    - Switch to DAO layer
+  switch-legacy - Switch to legacy file-based approach
+
+Examples:
+  node dao-demo.js migrate
+  node dao-demo.js test
+  node dao-demo.js compare
+`);
+}
+
+async function runDemo() {
+  console.log('🎭 MCPHub DAO Layer Interactive Demo');
+  console.log('=====================================\n');
+
+  try {
+    // Step 1: Show current configuration
+    console.log('📋 Step 1: Loading current configuration...');
+    switchToLegacy();
+    const legacySettings = await loadSettings();
+    console.log(`Current data:
+- Users: ${legacySettings.users?.length || 0}
+- Servers: ${Object.keys(legacySettings.mcpServers || {}).length}
+- Groups: ${legacySettings.groups?.length || 0}
+- System Config Sections: ${Object.keys(legacySettings.systemConfig || {}).length}
+- User Configs: ${Object.keys(legacySettings.userConfigs || {}).length}
+`);
+
+    // Step 2: Switch to DAO and show same data
+    console.log('🔄 Step 2: Switching to DAO layer...');
+    switchToDao();
+    const daoService = getDaoConfigService();
+
+    const daoSettings = await daoService.loadSettings();
+    console.log(`DAO layer data:
+- Users: ${daoSettings.users?.length || 0}
+- Servers: ${Object.keys(daoSettings.mcpServers || {}).length}
+- Groups: ${daoSettings.groups?.length || 0}
+- System Config Sections: ${Object.keys(daoSettings.systemConfig || {}).length}
+- User Configs: ${Object.keys(daoSettings.userConfigs || {}).length}
+`);
+
+    // Step 3: Demonstrate CRUD operations
+    console.log('🛠️ Step 3: Demonstrating CRUD operations...');
+
+    // Test user creation (if not exists)
+    try {
+      // Add demo data if needed
+      if (!daoSettings.users?.length) {
+        console.log('Creating demo user...');
+        // Note: In practice, you'd use the UserDao directly for password hashing
+        const demoSettings = {
+          ...daoSettings,
+          users: [
+            {
+              username: 'demo-user',
+              password: 'hashed-password',
+              isAdmin: false,
+            },
+          ],
+        };
+        await daoService.saveSettings(demoSettings);
+        console.log('✅ Demo user created');
+      }
+
+      // Add demo server if needed
+      if (!Object.keys(daoSettings.mcpServers || {}).length) {
+        console.log('Creating demo server...');
+        const demoSettings = {
+          ...daoSettings,
+          mcpServers: {
+            'demo-server': {
+              command: 'echo',
+              args: ['hello'],
+              enabled: true,
+              owner: 'admin',
+            },
+          },
+        };
+        await daoService.saveSettings(demoSettings);
+        console.log('✅ Demo server created');
+      }
+
+      // Add demo group if needed
+      if (!daoSettings.groups?.length) {
+        console.log('Creating demo group...');
+        const demoSettings = {
+          ...daoSettings,
+          groups: [
+            {
+              id: 'demo-group-1',
+              name: 'Demo Group',
+              description: 'A demo group for testing',
+              servers: ['demo-server'],
+              owner: 'admin',
+            },
+          ],
+        };
+        await daoService.saveSettings(demoSettings);
+        console.log('✅ Demo group created');
+      }
+    } catch (error) {
+      console.log('⚠️ Some demo operations failed (this is expected for password hashing)');
+      console.log('In production, you would use individual DAO methods for proper handling');
+    }
+
+    // Step 4: Show benefits
+    console.log(`
+🌟 Benefits of the DAO Layer:
+
+1. 📦 Separation of Concerns
+   - Data access logic is separated from business logic
+   - Each data type has its own DAO with specific operations
+
+2. 🔄 Easy Database Migration
+   - Ready for switching from JSON files to database
+   - Interface remains the same, implementation changes
+
+3. 🧪 Better Testing
+   - Can easily mock DAO interfaces for unit tests
+   - Isolated testing of data access operations
+
+4. 🔒 Type Safety
+   - Strong typing for all data operations
+   - Compile-time checking of data structure changes
+
+5. 🚀 Enhanced Features
+   - User password hashing in UserDao
+   - Server filtering by owner/type in ServerDao
+   - Group membership management in GroupDao
+   - Section-based config updates in SystemConfigDao
+
+6. 🏗️ Future Extensibility
+   - Easy to add new data types
+   - Consistent interface across all data operations
+   - Support for complex queries and relationships
+`);
+
+    console.log('✅ Demo completed successfully!');
+  } catch (error) {
+    console.error('❌ Demo failed:', error);
+  }
+}
+
+// Run the main function
+if (require.main === module) {
+  main().catch(console.error);
+}

src/services/mcpService.ts

@@ -11,16 +11,19 @@ import { SSEClientTransport } from '@modelcontextprotocol/sdk/client/sse.js';
 import { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js';
 import { StreamableHTTPClientTransport } from '@modelcontextprotocol/sdk/client/streamableHttp.js';
 import { ServerInfo, ServerConfig, Tool } from '../types/index.js';
-import { loadSettings, saveSettings, expandEnvVars, replaceEnvVars } from '../config/index.js';
+import { loadSettings, expandEnvVars, replaceEnvVars } from '../config/index.js';
 import config from '../config/index.js';
 import { getGroup } from './sseService.js';
 import { getServersInGroup, getServerConfigInGroup } from './groupService.js';
 import { saveToolsAsVectorEmbeddings, searchToolsByVector } from './vectorSearchService.js';
 import { OpenAPIClient } from '../clients/openapi.js';
 import { getDataService } from './services.js';
+import { getServerDao, ServerConfigWithName } from '../dao/index.js';
 
 const servers: { [sessionId: string]: Server } = {};
 
+const serverDao = getServerDao();
+
 // Helper function to set up keep-alive ping for SSE connections
 const setupKeepAlive = (serverInfo: ServerInfo, serverConfig: ServerConfig): void => {
   // Only set up keep-alive for SSE connections
@@ -253,15 +256,13 @@ const callToolWithReconnect = async (
           serverInfo.client.close();
           serverInfo.transport.close();
 
-          // Get server configuration to recreate transport
+          const server = await serverDao.findById(serverInfo.name);
-          const settings = loadSettings();
+          if (!server) {
-          const conf = settings.mcpServers[serverInfo.name];
-          if (!conf) {
             throw new Error(`Server configuration not found for: ${serverInfo.name}`);
           }
 
           // Recreate transport using helper function
-          const newTransport = createTransportFromConfig(serverInfo.name, conf);
+          const newTransport = createTransportFromConfig(serverInfo.name, server);
 
           // Create new client
           const client = new Client(
@@ -335,11 +336,12 @@ export const initializeClientsFromSettings = async (
   isInit: boolean,
   serverName?: string,
 ): Promise<ServerInfo[]> => {
-  const settings = loadSettings();
+  const allServers: ServerConfigWithName[] = await serverDao.findAll();
   const existingServerInfos = serverInfos;
   serverInfos = [];
 
-  for (const [name, conf] of Object.entries(settings.mcpServers)) {
+  for (const conf of allServers) {
+    const { name } = conf;
     // Skip disabled servers
     if (conf.enabled === false) {
       console.log(`Skipping disabled server: ${name}`);
@@ -567,14 +569,14 @@ export const registerAllTools = async (isInit: boolean, serverName?: string): Pr
 };
 
 // Get all server information
-export const getServersInfo = (): Omit<ServerInfo, 'client' | 'transport'>[] => {
+export const getServersInfo = async (): Promise<Omit<ServerInfo, 'client' | 'transport'>[]> => {
-  const settings = loadSettings();
+  const allServers: ServerConfigWithName[] = await serverDao.findAll();
   const dataService = getDataService();
   const filterServerInfos: ServerInfo[] = dataService.filterData
     ? dataService.filterData(serverInfos)
     : serverInfos;
   const infos = filterServerInfos.map(({ name, status, tools, prompts, createTime, error }) => {
-    const serverConfig = settings.mcpServers[name];
+    const serverConfig = allServers.find((server) => server.name === name);
     const enabled = serverConfig ? serverConfig.enabled !== false : true;
 
     // Add enabled status and custom description to each tool
@@ -619,10 +621,8 @@ export const getServerByName = (name: string): ServerInfo | undefined => {
 };
 
 // Filter tools by server configuration
-const filterToolsByConfig = (serverName: string, tools: Tool[]): Tool[] => {
+const filterToolsByConfig = async (serverName: string, tools: Tool[]): Promise<Tool[]> => {
-  const settings = loadSettings();
+  const serverConfig = await serverDao.findById(serverName);
-  const serverConfig = settings.mcpServers[serverName];
-
   if (!serverConfig || !serverConfig.tools) {
     // If no tool configuration exists, all tools are enabled by default
     return tools;
@@ -645,44 +645,26 @@ export const addServer = async (
   name: string,
   config: ServerConfig,
 ): Promise<{ success: boolean; message?: string }> => {
-  try {
+  const server: ServerConfigWithName = { name, ...config };
-    const settings = loadSettings();
+  const result = await serverDao.create(server);
-    if (settings.mcpServers[name]) {
+  if (result) {
-      return { success: false, message: 'Server name already exists' };
-    }
-
-    settings.mcpServers[name] = config;
-    if (!saveSettings(settings)) {
-      return { success: false, message: 'Failed to save settings' };
-    }
-
     return { success: true, message: 'Server added successfully' };
-  } catch (error) {
+  } else {
-    console.error(`Failed to add server: ${name}`, error);
     return { success: false, message: 'Failed to add server' };
   }
 };
 
 // Remove server
-export const removeServer = (name: string): { success: boolean; message?: string } => {
+export const removeServer = async (
-  try {
+  name: string,
-    const settings = loadSettings();
+): Promise<{ success: boolean; message?: string }> => {
-    if (!settings.mcpServers[name]) {
+  const result = await serverDao.delete(name);
-      return { success: false, message: 'Server not found' };
+  if (!result) {
-    }
+    return { success: false, message: 'Failed to remove server' };
-
-    delete settings.mcpServers[name];
-
-    if (!saveSettings(settings)) {
-      return { success: false, message: 'Failed to save settings' };
-    }
-
-    serverInfos = serverInfos.filter((serverInfo) => serverInfo.name !== name);
-    return { success: true, message: 'Server removed successfully' };
-  } catch (error) {
-    console.error(`Failed to remove server: ${name}`, error);
-    return { success: false, message: `Failed to remove server: ${error}` };
   }
+
+  serverInfos = serverInfos.filter((serverInfo) => serverInfo.name !== name);
+  return { success: true, message: 'Server removed successfully' };
 };
 
 // Add or update server (supports overriding existing servers for DXT)
@@ -692,9 +674,7 @@ export const addOrUpdateServer = async (
   allowOverride: boolean = false,
 ): Promise<{ success: boolean; message?: string }> => {
   try {
-    const settings = loadSettings();
+    const exists = await serverDao.exists(name);
-    const exists = !!settings.mcpServers[name];
-
     if (exists && !allowOverride) {
       return { success: false, message: 'Server name already exists' };
     }
@@ -708,9 +688,10 @@ export const addOrUpdateServer = async (
       serverInfos = serverInfos.filter((serverInfo) => serverInfo.name !== name);
     }
 
-    settings.mcpServers[name] = config;
+    if (exists) {
-    if (!saveSettings(settings)) {
+      await serverDao.update(name, config);
-      return { success: false, message: 'Failed to save settings' };
+    } else {
+      await serverDao.create({ name, ...config });
     }
 
     const action = exists ? 'updated' : 'added';
@@ -745,18 +726,7 @@ export const toggleServerStatus = async (
   enabled: boolean,
 ): Promise<{ success: boolean; message?: string }> => {
   try {
-    const settings = loadSettings();
+    await serverDao.setEnabled(name, enabled);
-    if (!settings.mcpServers[name]) {
-      return { success: false, message: 'Server not found' };
-    }
-
-    // Update the enabled status in settings
-    settings.mcpServers[name].enabled = enabled;
-
-    if (!saveSettings(settings)) {
-      return { success: false, message: 'Failed to save settings' };
-    }
-
     // If disabling, disconnect the server and remove from active servers
     if (!enabled) {
       closeServer(name);
@@ -865,7 +835,7 @@ Available servers: ${serversList}`;
   for (const serverInfo of allServerInfos) {
     if (serverInfo.tools && serverInfo.tools.length > 0) {
       // Filter tools based on server configuration
-      let enabledTools = filterToolsByConfig(serverInfo.name, serverInfo.tools);
+      let enabledTools = await filterToolsByConfig(serverInfo.name, serverInfo.tools);
 
       // If this is a group request, apply group-level tool filtering
       if (group) {
@@ -880,8 +850,7 @@ Available servers: ${serversList}`;
       }
 
       // Apply custom descriptions from server configuration
-      const settings = loadSettings();
+      const serverConfig = await serverDao.findById(serverInfo.name);
-      const serverConfig = settings.mcpServers[serverInfo.name];
       const toolsWithCustomDescriptions = enabledTools.map((tool) => {
         const toolConfig = serverConfig?.tools?.[tool.name];
         return {
@@ -931,8 +900,9 @@ export const handleCallToolRequest = async (request: any, extra: any) => {
       const searchResults = await searchToolsByVector(query, limitNum, thresholdNum, servers);
       console.log(`Search results: ${JSON.stringify(searchResults)}`);
       // Find actual tool information from serverInfos by serverName and toolName
-      const tools = searchResults
+      // First resolve all tool promises
-        .map((result) => {
+      const resolvedTools = await Promise.all(
+        searchResults.map(async (result) => {
           // Find the server in serverInfos
           const server = serverInfos.find(
             (serverInfo) =>
@@ -945,17 +915,17 @@ export const handleCallToolRequest = async (request: any, extra: any) => {
             const actualTool = server.tools.find((tool) => tool.name === result.toolName);
             if (actualTool) {
               // Check if the tool is enabled in configuration
-              const enabledTools = filterToolsByConfig(server.name, [actualTool]);
+              const enabledTools = await filterToolsByConfig(server.name, [actualTool]);
               if (enabledTools.length > 0) {
                 // Apply custom description from configuration
-                const settings = loadSettings();
+                const serverConfig = await serverDao.findById(server.name);
-                const serverConfig = settings.mcpServers[server.name];
                 const toolConfig = serverConfig?.tools?.[actualTool.name];
 
                 // Return the actual tool info from serverInfos with custom description
                 return {
                   ...actualTool,
                   description: toolConfig?.description || actualTool.description,
+                  serverName: result.serverName, // Add serverName for filtering
                 };
               }
             }
@@ -966,19 +936,25 @@ export const handleCallToolRequest = async (request: any, extra: any) => {
             name: result.toolName,
             description: result.description || '',
             inputSchema: cleanInputSchema(result.inputSchema || {}),
+            serverName: result.serverName, // Add serverName for filtering
           };
-        })
+        }),
-        .filter((tool) => {
+      );
+
+      // Now filter the resolved tools
+      const tools = await Promise.all(
+        resolvedTools.filter(async (tool) => {
           // Additional filter to remove tools that are disabled
           if (tool.name) {
-            const serverName = searchResults.find((r) => r.toolName === tool.name)?.serverName;
+            const serverName = tool.serverName;
             if (serverName) {
-              const enabledTools = filterToolsByConfig(serverName, [tool as Tool]);
+              const enabledTools = await filterToolsByConfig(serverName, [tool as Tool]);
               return enabledTools.length > 0;
             }
           }
           return true; // Keep fallback results
-        });
+        }),
+      );
 
       // Add usage guidance to the response
       const response = {
@@ -1234,8 +1210,7 @@ export const handleListPromptsRequest = async (_: any, extra: any) => {
   for (const serverInfo of allServerInfos) {
     if (serverInfo.prompts && serverInfo.prompts.length > 0) {
       // Filter prompts based on server configuration
-      const settings = loadSettings();
+      const serverConfig = await serverDao.findById(serverInfo.name);
-      const serverConfig = settings.mcpServers[serverInfo.name];
 
       let enabledPrompts = serverInfo.prompts;
       if (serverConfig && serverConfig.prompts) {

src/services/openApiGeneratorService.ts

@@ -158,8 +158,10 @@ function generateOperationFromTool(tool: Tool, serverName: string): OpenAPIV3.Op
 /**
  * Generate OpenAPI specification from MCP tools
  */
-export function generateOpenAPISpec(options: OpenAPIGenerationOptions = {}): OpenAPIV3.Document {
+export async function generateOpenAPISpec(
-  const serverInfos = getServersInfo();
+  options: OpenAPIGenerationOptions = {},
+): Promise<OpenAPIV3.Document> {
+  const serverInfos = await getServersInfo();
 
   // Filter servers based on options
   const filteredServers = serverInfos.filter(
@@ -283,20 +285,20 @@ export function generateOpenAPISpec(options: OpenAPIGenerationOptions = {}): Ope
 /**
  * Get available server names for filtering
  */
-export function getAvailableServers(): string[] {
+export async function getAvailableServers(): Promise<string[]> {
-  const serverInfos = getServersInfo();
+  const serverInfos = await getServersInfo();
   return serverInfos.filter((server) => server.status === 'connected').map((server) => server.name);
 }
 
 /**
  * Get statistics about available tools
  */
-export function getToolStats(): {
+export async function getToolStats(): Promise<{
   totalServers: number;
   totalTools: number;
   serverBreakdown: Array<{ name: string; toolCount: number; status: string }>;
-} {
+}> {
-  const serverInfos = getServersInfo();
+  const serverInfos = await getServersInfo();
 
   const serverBreakdown = serverInfos.map((server) => ({
     name: server.name,

src/services/vectorSearchService.ts

@@ -499,7 +499,7 @@ export const syncAllServerToolsEmbeddings = async (): Promise<void> => {
     // Import getServersInfo to get all server information
     const { getServersInfo } = await import('./mcpService.js');
 
-    const servers = getServersInfo();
+    const servers = await getServersInfo();
     let totalToolsSynced = 0;
     let serversSynced = 0;
 

tests/integration/sse-service-real-client.test.ts

@@ -97,7 +97,7 @@ describe('Real Client Transport Integration Tests', () => {
 
       expect(error).toBeNull();
       expect(isConnected).toBe(true);
-    }, 30000);
+    }, 60000);
 
     it('should connect using real SSEClientTransport with group', async () => {
       const testGroup = 'integration-test-group';
@@ -155,7 +155,7 @@ describe('Real Client Transport Integration Tests', () => {
 
       expect(error).toBeNull();
       expect(isConnected).toBe(true);
-    }, 30000);
+    }, 60000);
   });
 
   describe('StreamableHTTP Client Transport Tests', () => {
@@ -214,7 +214,7 @@ describe('Real Client Transport Integration Tests', () => {
 
       expect(error).toBeNull();
       expect(isConnected).toBe(true);
-    }, 30000);
+    }, 60000);
 
     it('should connect using real StreamableHTTPClientTransport with group', async () => {
       const testGroup = 'integration-test-group';
@@ -272,7 +272,7 @@ describe('Real Client Transport Integration Tests', () => {
 
       expect(error).toBeNull();
       expect(isConnected).toBe(true);
-    }, 30000);
+    }, 60000);
   });
 
   describe('Real Client Authentication Tests', () => {
@@ -288,7 +288,7 @@ describe('Real Client Transport Integration Tests', () => {
       _authAppServer = authResult.appServer;
       _authHttpServer = authResult.httpServer;
       authBaseURL = authResult.baseURL;
-    }, 30000);
+    }, 60000);
 
     afterAll(async () => {
       if (_authHttpServer) {
@@ -345,7 +345,7 @@ describe('Real Client Transport Integration Tests', () => {
       if (error) {
         expect(error.message).toContain('401');
       }
-    }, 30000);
+    }, 60000);
 
     it('should connect with SSEClientTransport with valid auth', async () => {
       const sseUrl = new URL(`${authBaseURL}/sse`);
@@ -402,7 +402,7 @@ describe('Real Client Transport Integration Tests', () => {
 
       expect(error).toBeNull();
       expect(isConnected).toBe(true);
-    }, 30000);
+    }, 60000);
 
     it('should connect with StreamableHTTPClientTransport with auth', async () => {
       const mcpUrl = new URL(`${authBaseURL}/mcp`);
@@ -460,6 +460,6 @@ describe('Real Client Transport Integration Tests', () => {
 
       expect(error).toBeNull();
       expect(isConnected).toBe(true);
-    }, 30000);
+    }, 60000);
   });
 });

tests/services/openApiGeneratorService.test.ts

@@ -2,51 +2,51 @@ import { generateOpenAPISpec, getToolStats } from '../../src/services/openApiGen
 
 describe('OpenAPI Generator Service', () => {
   describe('generateOpenAPISpec', () => {
-    it('should generate a valid OpenAPI specification', () => {
+    it('should generate a valid OpenAPI specification', async () => {
-      const spec = generateOpenAPISpec();
+      const spec = await generateOpenAPISpec();
-      
+
       // Check basic structure
       expect(spec).toHaveProperty('openapi');
       expect(spec).toHaveProperty('info');
       expect(spec).toHaveProperty('servers');
       expect(spec).toHaveProperty('paths');
       expect(spec).toHaveProperty('components');
-      
+
       // Check OpenAPI version
       expect(spec.openapi).toBe('3.0.3');
-      
+
       // Check info section
       expect(spec.info).toHaveProperty('title');
       expect(spec.info).toHaveProperty('description');
       expect(spec.info).toHaveProperty('version');
-      
+
       // Check components
       expect(spec.components).toHaveProperty('schemas');
       expect(spec.components).toHaveProperty('securitySchemes');
-      
+
       // Check security schemes
       expect(spec.components?.securitySchemes).toHaveProperty('bearerAuth');
     });
 
-    it('should generate spec with custom options', () => {
+    it('should generate spec with custom options', async () => {
       const options = {
         title: 'Custom API',
         description: 'Custom description',
         version: '2.0.0',
-        serverUrl: 'https://custom.example.com'
+        serverUrl: 'https://custom.example.com',
       };
-      
+
-      const spec = generateOpenAPISpec(options);
+      const spec = await generateOpenAPISpec(options);
-      
+
       expect(spec.info.title).toBe('Custom API');
       expect(spec.info.description).toBe('Custom description');
       expect(spec.info.version).toBe('2.0.0');
-      expect(spec.servers[0].url).toContain('https://custom.example.com');
+      expect(spec.servers?.[0].url).toContain('https://custom.example.com');
     });
-    
+
-    it('should handle empty server list gracefully', () => {
+    it('should handle empty server list gracefully', async () => {
-      const spec = generateOpenAPISpec();
+      const spec = await generateOpenAPISpec();
-      
+
       // Should not throw and should have valid structure
       expect(spec).toHaveProperty('paths');
       expect(typeof spec.paths).toBe('object');
@@ -54,16 +54,16 @@ describe('OpenAPI Generator Service', () => {
   });
 
   describe('getToolStats', () => {
-    it('should return valid tool statistics', () => {
+    it('should return valid tool statistics', async () => {
-      const stats = getToolStats();
+      const stats = await getToolStats();
-      
+
       expect(stats).toHaveProperty('totalServers');
       expect(stats).toHaveProperty('totalTools');
       expect(stats).toHaveProperty('serverBreakdown');
-      
+
       expect(typeof stats.totalServers).toBe('number');
       expect(typeof stats.totalTools).toBe('number');
       expect(Array.isArray(stats.serverBreakdown)).toBe(true);
     });
   });
-});
+});