@alinsafawi/aegis-auth 0.1.8 → 0.2.0

package/dist/index.js

@@ -23443,6 +23443,60 @@ export default config
 }
 
 // src/generators/env.ts
+function generateEnvFile(cookiePrefix, infra, features) {
+  const lines = [
+    `# \u2500\u2500\u2500 Aegis Auth \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500`,
+    `# Fill in every value before running: npx prisma migrate dev --name init`,
+    ``,
+    `# Generate with (PowerShell):  [Convert]::ToBase64String((1..32|%{[byte](Get-Random -Max 256)}))`,
+    `# Generate with (Unix):        openssl rand -base64 32`,
+    `AEGIS_JWT_SECRET=`,
+    ``,
+    `# Set to the previous secret when rotating \u2014 gives active sessions a grace period`,
+    `# AEGIS_JWT_SECRET_PREVIOUS=`,
+    ``,
+    `# \u2500\u2500\u2500 Database \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500`,
+    `# Neon:     postgresql://user:pass@host/db?sslmode=require`,
+    `# Supabase: postgresql://postgres:pass@db.xxx.supabase.co:5432/postgres`,
+    `# Local:    postgresql://postgres:password@localhost:5432/mydb`,
+    `DATABASE_URL=`,
+    ``
+  ];
+  if (features.emailVerification || features.passwordReset || features.accountLockout) {
+    lines.push(
+      `# \u2500\u2500\u2500 Email (SMTP) \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500`,
+      `# Works with Resend, Sendgrid, Postmark, Gmail, etc.`
+    );
+    if (infra.setupSmtp && infra.smtpHost) {
+      lines.push(
+        `AEGIS_SMTP_HOST=${infra.smtpHost}`,
+        `AEGIS_SMTP_PORT=${infra.smtpPort ?? 587}`,
+        `AEGIS_SMTP_USER=${infra.smtpUser ?? ""}`,
+        `AEGIS_SMTP_PASS=`,
+        `AEGIS_SMTP_FROM=${infra.smtpFrom ?? ""}`
+      );
+    } else {
+      lines.push(
+        `AEGIS_SMTP_HOST=`,
+        `AEGIS_SMTP_PORT=587`,
+        `AEGIS_SMTP_USER=`,
+        `AEGIS_SMTP_PASS=`,
+        `AEGIS_SMTP_FROM=`
+      );
+    }
+    lines.push(``);
+  }
+  if (infra.rateLimitProvider === "upstash") {
+    lines.push(
+      `# \u2500\u2500\u2500 Upstash Redis (rate limiting) \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500`,
+      `# Get these from upstash.com \u2014 free tier available`,
+      `UPSTASH_REDIS_REST_URL=`,
+      `UPSTASH_REDIS_REST_TOKEN=`,
+      ``
+    );
+  }
+  return lines.join("\n");
+}
 function generateEnvExample(cookiePrefix, infra, features) {
   const lines = [
     `# \u2500\u2500\u2500 Aegis Auth \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500`,
@@ -23553,11 +23607,12 @@ export default function RootPage() {
 }
 function generateMiddleware(cookiePrefix, language) {
   return `import { createAuthMiddleware } from '@alinsafawi/aegis-auth-next'
-import config from './auth.config'
+import authConfig from './auth.config'
 
-export default createAuthMiddleware(config)
+export default createAuthMiddleware(authConfig)
 
 export const config = {
+  runtime: 'nodejs',
   matcher: ['/((?!_next/static|_next/image|favicon.ico).*)'],
 }
 `;
@@ -23672,7 +23727,11 @@ export default function LoginPage() {
 function generateNextConfig() {
   return `import type { NextConfig } from 'next'
 
-const nextConfig: NextConfig = {}
+const nextConfig: NextConfig = {
+  experimental: {
+    nodeMiddleware: true,
+  },
+}
 
 export default nextConfig
 `;
@@ -23710,6 +23769,7 @@ function generatePackageJson(name, packageManager) {
         "react-dom": "^19.0.0"
       },
       devDependencies: {
+        "@alinsafawi/aegis-auth": "latest",
         "@types/node": "^20.0.0",
         "@types/react": "^19.0.0",
         "@types/react-dom": "^19.0.0",
@@ -23939,7 +23999,8 @@ dist
     const e = language === "typescript" ? "tsx" : "jsx";
     await writeFile(`src/app/(auth)/login/page.${e}`, generateLoginPage(app.appName, style.primaryColor, language));
   });
-  await step("Updating .env.example", async () => {
+  await step("Creating .env and .env.example", async () => {
+    await writeFile(".env", generateEnvFile(app.cookiePrefix, infra, features));
     await writeFile(".env.example", generateEnvExample(app.cookiePrefix, infra, features));
   });
   if (!isDry && mode === "new") {
@@ -23957,13 +24018,13 @@ dist
     }] : [],
     {
       n: 1,
-      title: "Fill in .env.local",
+      title: `Fill in ${import_chalk8.default.yellow(".env")}  ${import_chalk8.default.dim("(created for you \u2014 open it and add your values)")}`,
       lines: [
-        `${import_chalk8.default.cyan("AEGIS_JWT_SECRET=")}          ${import_chalk8.default.dim(process.platform === "win32" ? "\u2190 [Convert]::ToBase64String((1..32|%{[byte](Get-Random -Max 256)}))" : "\u2190 openssl rand -base64 32")}`,
-        `${import_chalk8.default.cyan("DATABASE_URL=")}`,
-        features.emailVerification || features.passwordReset ? `${import_chalk8.default.cyan("AEGIS_SMTP_HOST=")}` : "",
-        infra.rateLimitProvider === "upstash" ? `${import_chalk8.default.cyan("UPSTASH_REDIS_REST_URL=")}` : ""
-      ].filter(Boolean)
+        `${import_chalk8.default.cyan("DATABASE_URL=")}        ${import_chalk8.default.dim("\u2190 your Postgres connection string  (Neon, Supabase, local)")}`,
+        `${import_chalk8.default.cyan("AEGIS_JWT_SECRET=")}    ${import_chalk8.default.dim(process.platform === "win32" ? "\u2190 [Convert]::ToBase64String((1..32|%{[byte](Get-Random -Max 256)}))" : "\u2190 openssl rand -base64 32")}`,
+        ...features.emailVerification || features.passwordReset ? [`${import_chalk8.default.cyan("AEGIS_SMTP_HOST=")}        ${import_chalk8.default.dim("\u2190 and SMTP_PORT, SMTP_USER, SMTP_PASS, SMTP_FROM")}`] : [],
+        ...infra.rateLimitProvider === "upstash" ? [`${import_chalk8.default.cyan("UPSTASH_REDIS_REST_URL=")} ${import_chalk8.default.dim("\u2190 and UPSTASH_REDIS_REST_TOKEN")}`] : []
+      ]
     },
     {
       n: 2,
@@ -24151,20 +24212,34 @@ async function runSeed() {
     p9.cancel("No auth.config.ts found. Run: npx aegis-auth init first.");
     process.exit(1);
   }
-  console.log(
-    `
-  ${import_chalk12.default.dim("This creates the first user account in your database.")}
-`
-  );
+  const hasPrisma = import_fs_extra5.default.existsSync(import_path5.default.join(cwd, "node_modules", ".prisma", "client"));
+  if (!hasPrisma) {
+    p9.cancel("Prisma client not generated. Run: npx prisma generate first.");
+    process.exit(1);
+  }
+  console.log(`
+  ${import_chalk12.default.dim("Creates the first user account in your database.")}
+`);
   const role = await p9.text({
-    message: "Role ID to seed",
+    message: "Role ID",
     placeholder: "admin",
     validate: (v) => !v ? "Required" : void 0
   });
   if (p9.isCancel(role)) process.exit(0);
+  const loginField = await p9.select({
+    message: "Login field for this role",
+    options: [
+      { value: "email", label: "email" },
+      { value: "username", label: "username" }
+    ]
+  });
+  if (p9.isCancel(loginField)) process.exit(0);
   const identifier = await p9.text({
-    message: "Email or username",
-    validate: (v) => !v ? "Required" : void 0
+    message: loginField === "email" ? "Email address" : "Username",
+    validate: (v) => {
+      if (!v) return "Required";
+      if (loginField === "email" && !v.includes("@")) return "Enter a valid email address";
+    }
   });
   if (p9.isCancel(identifier)) process.exit(0);
   const password3 = await p9.password({
@@ -24172,25 +24247,50 @@ async function runSeed() {
     validate: (v) => v.length < 8 ? "At least 8 characters" : void 0
   });
   if (p9.isCancel(password3)) process.exit(0);
-  console.log();
-  console.log(
-    `  ${import_chalk12.default.yellow("\u26A0")}  ${import_chalk12.default.dim("Seed functionality requires your app to be running with Prisma connected.")}`
-  );
-  console.log(
-    `  ${import_chalk12.default.dim("Add this to a script in your project or run via ts-node:")}`
-  );
-  console.log();
-  console.log(
-    import_chalk12.default.dim(
-      `  import { PrismaClient } from '@prisma/client'
-  import { hashPassword } from '@alinsafawi/aegis-auth-core'
-  const prisma = new PrismaClient()
-  await prisma.${role}.create({
-    data: { email: '${identifier}', passwordHash: await hashPassword('${password3}') }
-  })`
-    )
-  );
-  console.log();
+  const spin = p9.spinner();
+  spin.start("Creating user\u2026");
+  try {
+    const envPath = import_path5.default.join(cwd, ".env");
+    if (import_fs_extra5.default.existsSync(envPath)) {
+      const raw = import_fs_extra5.default.readFileSync(envPath, "utf8");
+      for (const line of raw.split("\n")) {
+        const trimmed = line.trim();
+        if (!trimmed || trimmed.startsWith("#")) continue;
+        const eq = trimmed.indexOf("=");
+        if (eq === -1) continue;
+        const key = trimmed.slice(0, eq).trim();
+        const val = trimmed.slice(eq + 1).trim().replace(/^["']|["']$/g, "");
+        if (!process.env[key]) process.env[key] = val;
+      }
+    }
+    const { PrismaClient } = require(import_path5.default.join(cwd, "node_modules", ".prisma", "client"));
+    const { hashPassword } = require(import_path5.default.join(cwd, "node_modules", "@alinsafawi", "aegis-auth-core", "dist", "index.js"));
+    const prisma = new PrismaClient();
+    const modelKey = role.charAt(0).toLowerCase() + role.slice(1);
+    const passwordHash = await hashPassword(password3);
+    await prisma[modelKey].create({
+      data: {
+        [loginField]: identifier,
+        passwordHash
+      }
+    });
+    await prisma.$disconnect();
+    spin.stop(`${import_chalk12.default.green("\u2713")}  User created`);
+    console.log();
+    console.log(`  ${import_chalk12.default.bold("Role")}      ${import_chalk12.default.magentaBright(role)}`);
+    console.log(`  ${import_chalk12.default.bold(loginField)}   ${import_chalk12.default.cyan(identifier)}`);
+    console.log();
+  } catch (err) {
+    spin.stop(`${import_chalk12.default.red("\u2717")}  Failed`);
+    console.log();
+    if (err?.code === "P2002") {
+      console.log(`  ${import_chalk12.default.red("A user with that ${loginField} already exists.")}`);
+    } else {
+      console.log(`  ${import_chalk12.default.red(err?.message ?? String(err))}`);
+    }
+    console.log();
+    process.exit(1);
+  }
 }
 
 // src/index.ts

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@alinsafawi/aegis-auth",
-  "version": "0.1.8",
+  "version": "0.2.0",
   "description": "The shield your Next.js app deserves — full-stack auth in minutes",
   "bin": {
     "aegis-auth": "dist/index.js"