@bloomneo/appkit 1.2.9

package/bin/templates/feature-user/schema-addition.prisma.template

@@ -0,0 +1,19 @@
+model User {
+  id                Int       @id @default(autoincrement())
+  email             String    @unique
+  password          String
+  name              String?
+  phone             String?
+  role              String    @default("user")
+  level             String    @default("basic")
+  tenantId          String?   // AppKit multi-tenant support
+  isVerified        Boolean   @default(false)
+  isActive          Boolean   @default(true)
+  lastLogin         DateTime?
+  resetToken        String?
+  resetTokenExpiry  DateTime?
+  createdAt         DateTime  @default(now())
+  updatedAt         DateTime  @updatedAt
+
+  @@map("users")
+}

package/bin/templates/feature-user/user.http.template

@@ -0,0 +1,157 @@
+###
+# User Feature HTTP Tests
+# @file src/api/features/user/user.http
+#
+# Test all user authentication endpoints
+# Make sure to run the seeding first: node prisma/seeding/user.seed.js
+###
+
+@baseUrl = http://localhost:3000
+@frontendKey = {{frontendKey}}
+@token =
+
+### 1. Test route (verify user routes are working)
+GET {{baseUrl}}/api/user/test
+X-Frontend-Key: {{frontendKey}}
+
+### 2. Register a new user
+POST {{baseUrl}}/api/user/register
+Content-Type: application/json
+X-Frontend-Key: {{frontendKey}}
+
+{
+  "email": "test@example.com",
+  "password": "Password123!",
+  "name": "Test User",
+  "phone": "+1-555-1234",
+  "role": "user",
+  "level": "basic"
+}
+
+### 3. Login with basic user
+POST {{baseUrl}}/api/user/login
+Content-Type: application/json
+X-Frontend-Key: {{frontendKey}}
+
+{
+  "email": "user.basic@{{projectName}}.com",
+  "password": "Password123!"
+}
+
+### 4. Login with admin user
+POST {{baseUrl}}/api/user/login
+Content-Type: application/json
+X-Frontend-Key: {{frontendKey}}
+
+{
+  "email": "admin.system@{{projectName}}.com",
+  "password": "Password123!"
+}
+
+### 5. Get user profile (requires auth token)
+GET {{baseUrl}}/api/user/profile
+Authorization: Bearer {{token}}
+X-Frontend-Key: {{frontendKey}}
+
+### 6. Update user profile (requires auth token)
+PUT {{baseUrl}}/api/user/profile
+Authorization: Bearer {{token}}
+Content-Type: application/json
+X-Frontend-Key: {{frontendKey}}
+
+{
+  "name": "Updated Name",
+  "phone": "+1-555-9999"
+}
+
+### 7. Change password (requires auth token)
+POST {{baseUrl}}/api/user/change-password
+Authorization: Bearer {{token}}
+Content-Type: application/json
+X-Frontend-Key: {{frontendKey}}
+
+{
+  "currentPassword": "Password123!",
+  "newPassword": "NewPassword123!"
+}
+
+### 8. Forgot password
+POST {{baseUrl}}/api/user/forgot-password
+Content-Type: application/json
+X-Frontend-Key: {{frontendKey}}
+
+{
+  "email": "user.basic@{{projectName}}.com"
+}
+
+### 9. Reset password (use token from forgot password)
+POST {{baseUrl}}/api/user/reset-password
+Content-Type: application/json
+X-Frontend-Key: {{frontendKey}}
+
+{
+  "token": "your-reset-token-here",
+  "newPassword": "ResetPassword123!"
+}
+
+### 10. Get all users (admin only)
+GET {{baseUrl}}/api/user/all
+Authorization: Bearer {{token}}
+X-Frontend-Key: {{frontendKey}}
+
+### 11. Get users list (moderator+ access)
+GET {{baseUrl}}/api/user/list
+Authorization: Bearer {{token}}
+X-Frontend-Key: {{frontendKey}}
+
+### 12. Update user by admin (admin only)
+PUT {{baseUrl}}/api/user/list/2
+Authorization: Bearer {{token}}
+Content-Type: application/json
+X-Frontend-Key: {{frontendKey}}
+
+{
+  "name": "Admin Updated Name",
+  "role": "moderator",
+  "level": "review",
+  "isActive": true,
+  "isVerified": true
+}
+
+### 13. Delete user (admin only)
+DELETE {{baseUrl}}/api/user/list/2
+Authorization: Bearer {{token}}
+X-Frontend-Key: {{frontendKey}}
+
+###
+# Test different role access
+###
+
+### 14. Login as moderator (can view users)
+POST {{baseUrl}}/api/user/login
+Content-Type: application/json
+X-Frontend-Key: {{frontendKey}}
+
+{
+  "email": "moderator.review@{{projectName}}.com",
+  "password": "Password123!"
+}
+
+### 15. Login as system admin (highest privileges)
+POST {{baseUrl}}/api/user/login
+Content-Type: application/json
+X-Frontend-Key: {{frontendKey}}
+
+{
+  "email": "admin.system@{{projectName}}.com",
+  "password": "Password123!"
+}
+
+###
+# Instructions:
+# 1. First run: node prisma/seeding/user.seed.js
+# 2. Start the API server: npm run dev:api
+# 3. Test login endpoints to get JWT token
+# 4. Copy the token to @token variable at the top
+# 5. Test protected endpoints
+###

package/bin/templates/feature-user/user.model.ts.template

@@ -0,0 +1,244 @@
+/**
+ * User Model - User database operations with AppKit integration
+ * @module {{projectName}}/user-model
+ * @file src/api/features/user/user.model.ts
+ *
+ * @llm-rule WHEN: Need database layer separation for user feature with multi-tenant support
+ * @llm-rule AVOID: Database operations directly in service - use model layer
+ * @llm-rule NOTE: Handles all Prisma database operations for User authentication
+ */
+
+import { databaseClass } from '@bloomneo/appkit/database';
+import { loggerClass } from '@bloomneo/appkit/logger';
+import { authClass } from '@bloomneo/appkit/auth';
+import type { UserRegisterRequest, UserUpdateRequest } from './user.types.js';
+
+const logger = loggerClass.get('user-model');
+const auth = authClass.get();
+
+export const model = {
+  /**
+   * Find user by email (for login)
+   */
+  async findByEmail(email: string) {
+    logger.info('Finding user by email', { email });
+    const db = await databaseClass.get();
+    return await db.user.findUnique({
+      where: { email: email.toLowerCase().trim() }
+    });
+  },
+
+  /**
+   * Find user by ID
+   */
+  async findById(id: number) {
+    logger.info('Finding user by ID', { id });
+    const db = await databaseClass.get();
+    return await db.user.findUnique({
+      where: { id },
+      select: {
+        id: true,
+        email: true,
+        name: true,
+        phone: true,
+        role: true,
+        level: true,
+        tenantId: true,
+        isVerified: true,
+        isActive: true,
+        lastLogin: true,
+        createdAt: true,
+        updatedAt: true
+      }
+    });
+  },
+
+  /**
+   * Get all users (admin only)
+   */
+  async findAll(tenantId?: string) {
+    logger.info('Finding all users', { tenantId });
+    const db = await databaseClass.get();
+    const where = tenantId ? { tenantId } : {};
+
+    return await db.user.findMany({
+      where,
+      select: {
+        id: true,
+        email: true,
+        name: true,
+        phone: true,
+        role: true,
+        level: true,
+        tenantId: true,
+        isVerified: true,
+        isActive: true,
+        lastLogin: true,
+        createdAt: true,
+        updatedAt: true
+      },
+      orderBy: { createdAt: 'desc' }
+    });
+  },
+
+  /**
+   * Create new user with hashed password
+   */
+  async create(data: UserRegisterRequest) {
+    logger.info('Creating new user', { email: data.email, role: data.role, level: data.level });
+    const db = await databaseClass.get();
+
+    // Hash password using AppKit auth
+    const hashedPassword = await auth.hashPassword(data.password);
+
+    return await db.user.create({
+      data: {
+        email: data.email.toLowerCase().trim(),
+        password: hashedPassword,
+        name: data.name?.trim(),
+        phone: data.phone?.trim(),
+        role: data.role || 'user',
+        level: data.level || 'basic',
+        tenantId: data.tenantId,
+      },
+      select: {
+        id: true,
+        email: true,
+        name: true,
+        phone: true,
+        role: true,
+        level: true,
+        tenantId: true,
+        isVerified: true,
+        isActive: true,
+        createdAt: true,
+        updatedAt: true
+      }
+    });
+  },
+
+  /**
+   * Update user profile
+   */
+  async update(id: number, data: UserUpdateRequest) {
+    logger.info('Updating user', { id, data });
+    const db = await databaseClass.get();
+
+    return await db.user.update({
+      where: { id },
+      data,
+      select: {
+        id: true,
+        email: true,
+        name: true,
+        phone: true,
+        role: true,
+        level: true,
+        tenantId: true,
+        isVerified: true,
+        isActive: true,
+        lastLogin: true,
+        createdAt: true,
+        updatedAt: true
+      }
+    });
+  },
+
+  /**
+   * Update user's last login time
+   */
+  async updateLastLogin(id: number) {
+    logger.info('Updating last login', { id });
+    const db = await databaseClass.get();
+
+    return await db.user.update({
+      where: { id },
+      data: { lastLogin: new Date() },
+      select: { id: true, lastLogin: true }
+    });
+  },
+
+  /**
+   * Verify user password (for login)
+   */
+  async verifyPassword(plainPassword: string, hashedPassword: string): Promise<boolean> {
+    return await auth.comparePassword(plainPassword, hashedPassword);
+  },
+
+  /**
+   * Update user password
+   */
+  async updatePassword(id: number, newPassword: string) {
+    logger.info('Updating user password', { id });
+    const db = await databaseClass.get();
+
+    const hashedPassword = await auth.hashPassword(newPassword);
+
+    return await db.user.update({
+      where: { id },
+      data: { password: hashedPassword },
+      select: { id: true, email: true }
+    });
+  },
+
+  /**
+   * Set password reset token
+   */
+  async setResetToken(email: string, token: string, expiry: Date) {
+    logger.info('Setting reset token', { email });
+    const db = await databaseClass.get();
+
+    return await db.user.update({
+      where: { email: email.toLowerCase().trim() },
+      data: {
+        resetToken: token,
+        resetTokenExpiry: expiry
+      },
+      select: { id: true, email: true }
+    });
+  },
+
+  /**
+   * Find user by reset token
+   */
+  async findByResetToken(token: string) {
+    logger.info('Finding user by reset token');
+    const db = await databaseClass.get();
+
+    return await db.user.findFirst({
+      where: {
+        resetToken: token,
+        resetTokenExpiry: { gt: new Date() }
+      }
+    });
+  },
+
+  /**
+   * Clear reset token after use
+   */
+  async clearResetToken(id: number) {
+    logger.info('Clearing reset token', { id });
+    const db = await databaseClass.get();
+
+    return await db.user.update({
+      where: { id },
+      data: {
+        resetToken: null,
+        resetTokenExpiry: null
+      },
+      select: { id: true, email: true }
+    });
+  },
+
+  /**
+   * Delete user (admin only)
+   */
+  async delete(id: number) {
+    logger.info('Deleting user', { id });
+    const db = await databaseClass.get();
+
+    return await db.user.delete({
+      where: { id }
+    });
+  }
+};