@enderworld/onlyapi 1.5.1

package/src/application/services/index.ts

@@ -0,0 +1,10 @@
+export {
+  type AuthService,
+  type LoginResponse,
+  type MfaSetupResponse,
+  createAuthService,
+} from "./auth.service.js";
+export { type UserService, type UserView, createUserService } from "./user.service.js";
+export { type HealthService, type HealthStatus, createHealthService } from "./health.service.js";
+export { type AdminService, createAdminService } from "./admin.service.js";
+export { type ApiKeyService, createApiKeyService } from "./api-key.service.js";

package/src/application/services/user.service.ts

@@ -0,0 +1,95 @@
+import type { User } from "../../core/entities/user.entity.js";
+import type { AppError } from "../../core/errors/app-error.js";
+import type { Logger } from "../../core/ports/logger.js";
+import type { PasswordHasher } from "../../core/ports/password-hasher.js";
+import type { UserRepository } from "../../core/ports/user.repository.js";
+import type { UserId } from "../../core/types/brand.js";
+import type { Result } from "../../core/types/result.js";
+import { ok } from "../../core/types/result.js";
+import type { UpdateUserDto } from "../dtos/auth.dto.js";
+
+/** Safe user projection — strips sensitive fields */
+export interface UserView {
+  readonly id: string;
+  readonly email: string;
+  readonly role: string;
+  readonly createdAt: number;
+  readonly updatedAt: number;
+}
+
+const toView = (u: User): UserView => ({
+  id: u.id,
+  email: u.email,
+  role: u.role,
+  createdAt: u.createdAt,
+  updatedAt: u.updatedAt,
+});
+
+export interface UserService {
+  getById(id: UserId): Promise<Result<UserView, AppError>>;
+  update(id: UserId, dto: UpdateUserDto): Promise<Result<UserView, AppError>>;
+  remove(id: UserId): Promise<Result<void, AppError>>;
+}
+
+interface Deps {
+  readonly userRepo: UserRepository;
+  readonly passwordHasher: PasswordHasher;
+  readonly logger: Logger;
+}
+
+export const createUserService = (deps: Deps): UserService => {
+  const { userRepo, passwordHasher, logger } = deps;
+
+  return {
+    async getById(id: UserId): Promise<Result<UserView, AppError>> {
+      logger.debug("Fetching user profile", { userId: id });
+
+      const result = await userRepo.findById(id);
+      if (!result.ok) {
+        logger.warn("User not found", { userId: id });
+        return result;
+      }
+      return ok(toView(result.value));
+    },
+
+    async update(id: UserId, dto: UpdateUserDto): Promise<Result<UserView, AppError>> {
+      const fields = Object.keys(dto).filter((k) => dto[k as keyof UpdateUserDto] !== undefined);
+      logger.info("Updating user", { userId: id, fields });
+
+      let passwordHash: string | undefined;
+      if (dto.password !== undefined) {
+        const hashResult = await passwordHasher.hash(dto.password);
+        if (!hashResult.ok) {
+          logger.error("Password hashing failed during update", { userId: id });
+          return hashResult;
+        }
+        passwordHash = hashResult.value;
+      }
+
+      const result = await userRepo.update(id, {
+        email: dto.email,
+        passwordHash,
+      });
+      if (!result.ok) {
+        logger.warn("User update failed", { userId: id, code: result.error.code });
+        return result;
+      }
+
+      logger.info("User updated", { userId: id, fields });
+      return ok(toView(result.value));
+    },
+
+    async remove(id: UserId): Promise<Result<void, AppError>> {
+      logger.info("Deleting user", { userId: id });
+
+      const result = await userRepo.delete(id);
+      if (!result.ok) {
+        logger.warn("User deletion failed", { userId: id, code: result.error.code });
+        return result;
+      }
+
+      logger.info("User deleted", { userId: id });
+      return result;
+    },
+  };
+};

package/src/cli/commands/help.ts

@@ -0,0 +1,86 @@
+/**
+ * `onlyapi help` — display help information.
+ */
+
+import { blank, bold, cyan, dim, gray, green, log, logo, white, yellow } from "../ui.js";
+
+// ── Main ────────────────────────────────────────────────────────────────
+
+export const helpCommand = (version: string): void => {
+  blank();
+  log(logo(version));
+  blank();
+
+  log(`  ${bold(white("USAGE"))}`);
+  log(`  ${gray("─".repeat(50))}`);
+  log(`  ${dim("$")} ${cyan("onlyapi")} ${green("<command>")} ${dim("[options]")}`);
+  blank();
+
+  log(`  ${bold(white("COMMANDS"))}`);
+  log(`  ${gray("─".repeat(50))}`);
+
+  const commands = [
+    ["init <name>", "Create a new onlyApi project"],
+    ["upgrade", "Upgrade current project to latest version"],
+    ["version", "Show CLI version"],
+    ["help", "Show this help message"],
+  ] as const;
+
+  const maxCmd = Math.max(...commands.map(([c]) => c.length));
+
+  for (const [cmd, desc] of commands) {
+    log(`  ${green(cmd.padEnd(maxCmd + 2))} ${dim(desc)}`);
+  }
+
+  blank();
+  log(`  ${bold(white("INIT OPTIONS"))}`);
+  log(`  ${gray("─".repeat(50))}`);
+
+  const initOpts = [
+    [".", "Initialize in the current directory"],
+    ["--cwd", "Same as '.' — use current directory"],
+  ] as const;
+
+  const maxOpt = Math.max(...initOpts.map(([o]) => o.length));
+
+  for (const [opt, desc] of initOpts) {
+    log(`  ${yellow(opt.padEnd(maxOpt + 2))} ${dim(desc)}`);
+  }
+
+  blank();
+  log(`  ${bold(white("UPGRADE OPTIONS"))}`);
+  log(`  ${gray("─".repeat(50))}`);
+
+  const upgradeOpts = [
+    ["--force, -f", "Force upgrade even if on latest version"],
+    ["--dry-run", "Preview changes without applying them"],
+  ] as const;
+
+  const maxUpOpt = Math.max(...upgradeOpts.map(([o]) => o.length));
+
+  for (const [opt, desc] of upgradeOpts) {
+    log(`  ${yellow(opt.padEnd(maxUpOpt + 2))} ${dim(desc)}`);
+  }
+
+  blank();
+  log(`  ${bold(white("EXAMPLES"))}`);
+  log(`  ${gray("─".repeat(50))}`);
+
+  const examples = [
+    ["onlyapi init my-api", "Create project in ./my-api"],
+    ["onlyapi init .", "Initialize in current directory"],
+    ["onlyapi upgrade", "Upgrade to latest version"],
+    ["onlyapi upgrade --dry-run", "Preview upgrade without changes"],
+    ["onlyapi upgrade --force", "Force re-apply latest version"],
+  ] as const;
+
+  for (const [cmd, desc] of examples) {
+    log(`  ${dim("$")} ${cyan(cmd)}`);
+    log(`    ${dim(desc)}`);
+  }
+
+  blank();
+  log(`  ${dim("Docs:")}   ${cyan("https://github.com/lysari/onlyapi#readme")}`);
+  log(`  ${dim("Issues:")} ${cyan("https://github.com/lysari/onlyapi/issues")}`);
+  blank();
+};

package/src/cli/commands/init.ts

@@ -0,0 +1,301 @@
+/**
+ * `onlyapi init <project-name>` — scaffold a new onlyApi project.
+ *
+ * Steps:
+ *  1. Validate project name
+ *  2. Create project directory
+ *  3. Clone from GitHub (or download tarball as fallback)
+ *  4. Clean up git history (.git removed, fresh git init)
+ *  5. Install dependencies via `bun install`
+ *  6. Generate secure JWT_SECRET
+ *  7. Create .env from .env.example
+ *  8. Print success banner with next steps
+ */
+
+import { existsSync, mkdirSync, rmSync } from "node:fs";
+import { join, resolve } from "node:path";
+import {
+  blank,
+  bold,
+  confirm,
+  createSpinner,
+  cyan,
+  dim,
+  error,
+  formatDuration,
+  green,
+  icons,
+  info,
+  log,
+  logo,
+  prompt,
+  randomSecret,
+  section,
+  step,
+  warn,
+  white,
+} from "../ui.js";
+
+// ── Constants ───────────────────────────────────────────────────────────
+
+const REPO_URL = "https://github.com/lysari/onlyapi.git";
+const TARBALL_URL = "https://github.com/lysari/onlyapi/archive/refs/heads/main.tar.gz";
+const VALID_NAME_RE = /^[a-zA-Z0-9_-]+$/;
+
+// ── Helpers ─────────────────────────────────────────────────────────────
+
+const validateProjectName = (name: string): string | null => {
+  if (!name) return "Project name is required.";
+  if (!VALID_NAME_RE.test(name))
+    return "Project name can only contain letters, numbers, hyphens, and underscores.";
+  if (name.length > 214) return "Project name is too long (max 214 chars).";
+  return null;
+};
+
+const exec = async (
+  cmd: string[],
+  cwd: string = process.cwd(),
+): Promise<{ stdout: string; stderr: string; exitCode: number }> => {
+  const proc = Bun.spawn(cmd, {
+    cwd,
+    stdout: "pipe",
+    stderr: "pipe",
+  });
+
+  const [stdout, stderr] = await Promise.all([
+    new Response(proc.stdout).text(),
+    new Response(proc.stderr).text(),
+  ]);
+
+  const exitCode = await proc.exited;
+  return { stdout: stdout.trim(), stderr: stderr.trim(), exitCode };
+};
+
+const hasCommand = async (cmd: string): Promise<boolean> => {
+  try {
+    const { exitCode } = await exec(["which", cmd]);
+    return exitCode === 0;
+  } catch {
+    return false;
+  }
+};
+
+// ── Main ────────────────────────────────────────────────────────────────
+
+// biome-ignore lint/complexity/noExcessiveCognitiveComplexity: CLI wizard is inherently branchy
+export const initCommand = async (args: string[], version: string): Promise<void> => {
+  const startTime = performance.now();
+
+  blank();
+  log(logo(version));
+  blank();
+
+  // ── Parse args ──
+  let projectName = args[0] ?? "";
+  const useCurrentDir = args.includes("--cwd") || args.includes(".");
+
+  // Interactive prompt if no name given
+  if (!projectName && !useCurrentDir) {
+    projectName = await prompt("Project name", "my-api");
+  }
+
+  if (useCurrentDir) {
+    projectName = ".";
+  }
+
+  // Validate name
+  if (projectName !== ".") {
+    const nameError = validateProjectName(projectName);
+    if (nameError) {
+      error(nameError);
+      process.exit(1);
+    }
+  }
+
+  const targetDir = projectName === "." ? process.cwd() : resolve(process.cwd(), projectName);
+
+  // ── Check existing directory ──
+  if (projectName !== "." && existsSync(targetDir)) {
+    const files = await Array.fromAsync(new Bun.Glob("*").scan({ cwd: targetDir }));
+    if (files.length > 0) {
+      const shouldContinue = await confirm(
+        `Directory ${bold(white(projectName))} already exists and is not empty. Continue?`,
+        false,
+      );
+      if (!shouldContinue) {
+        info("Aborted.");
+        process.exit(0);
+      }
+    }
+  }
+
+  section("Creating project");
+
+  // ── Step 1: Create directory ──
+  if (projectName !== ".") {
+    mkdirSync(targetDir, { recursive: true });
+    step(`Created directory ${bold(cyan(projectName))}`);
+  }
+
+  // ── Step 2: Clone or download ──
+  const hasGit = await hasCommand("git");
+  const spinner = createSpinner("Downloading template...");
+  spinner.start();
+
+  let cloneSuccess = false;
+
+  if (hasGit) {
+    spinner.update("Cloning from GitHub...");
+    const { exitCode } = await exec(
+      [
+        "git",
+        "clone",
+        "--depth=1",
+        "--single-branch",
+        REPO_URL,
+        projectName === "." ? "." : projectName,
+      ],
+      projectName === "." ? targetDir : process.cwd(),
+    );
+    cloneSuccess = exitCode === 0;
+  }
+
+  if (!cloneSuccess) {
+    // Fallback: download tarball
+    spinner.update("Downloading release archive...");
+    try {
+      const response = await fetch(TARBALL_URL);
+      if (!response.ok) throw new Error(`HTTP ${response.status}`);
+
+      const tarPath = join(targetDir, "__onlyapi.tar.gz");
+      await Bun.write(tarPath, response);
+
+      // Extract
+      spinner.update("Extracting...");
+      await exec(["tar", "xzf", tarPath, "--strip-components=1"], targetDir);
+      rmSync(tarPath, { force: true });
+      cloneSuccess = true;
+    } catch (e) {
+      spinner.stop();
+      error(`Failed to download template: ${e instanceof Error ? e.message : String(e)}`);
+      error("Please check your network connection and try again.");
+      blank();
+      info(`You can also clone manually: ${dim(`git clone ${REPO_URL} ${projectName}`)}`);
+      process.exit(1);
+    }
+  }
+
+  spinner.stop("Template downloaded");
+
+  // ── Step 3: Clean up git history ──
+  const gitDir = join(targetDir, ".git");
+  if (existsSync(gitDir)) {
+    rmSync(gitDir, { recursive: true, force: true });
+  }
+
+  // Initialize fresh git repo
+  if (hasGit) {
+    await exec(["git", "init"], targetDir);
+    step("Initialized fresh git repository");
+  }
+
+  // ── Step 4: Update package.json with project name ──
+  const pkgPath = join(targetDir, "package.json");
+  if (existsSync(pkgPath)) {
+    try {
+      const pkgContent = await Bun.file(pkgPath).text();
+      const pkg = JSON.parse(pkgContent);
+
+      if (projectName !== ".") {
+        pkg.name = projectName;
+      }
+      pkg.version = "0.1.0";
+      pkg.description = "";
+      pkg.author = "";
+      pkg.repository = undefined;
+      pkg.bugs = undefined;
+      pkg.homepage = undefined;
+
+      await Bun.write(pkgPath, `${JSON.stringify(pkg, null, 2)}\n`);
+      step(`Updated ${bold(cyan("package.json"))}`);
+    } catch {
+      warn("Could not update package.json — you can edit it manually");
+    }
+  }
+
+  // ── Step 5: Generate .env ──
+  const envExamplePath = join(targetDir, ".env.example");
+  const envPath = join(targetDir, ".env");
+
+  if (existsSync(envExamplePath) && !existsSync(envPath)) {
+    try {
+      let envContent = await Bun.file(envExamplePath).text();
+      const secret = randomSecret(64);
+      envContent = envContent.replace("change-me-to-a-64-char-random-string", secret);
+      await Bun.write(envPath, envContent);
+      step(`Generated ${bold(cyan(".env"))} with secure JWT_SECRET`);
+    } catch {
+      warn("Could not generate .env — copy .env.example manually");
+    }
+  }
+
+  // ── Step 6: Install dependencies ──
+  section("Installing dependencies");
+
+  const installSpinner = createSpinner("Running bun install...");
+  installSpinner.start();
+
+  const { exitCode: installExit, stderr: installErr } = await exec(["bun", "install"], targetDir);
+
+  if (installExit !== 0) {
+    installSpinner.stop();
+    error("Failed to install dependencies:");
+    log(`  ${dim(installErr)}`);
+    blank();
+    info(`Run ${bold(cyan("bun install"))} manually in the project directory.`);
+  } else {
+    installSpinner.stop("Dependencies installed");
+  }
+
+  // ── Step 7: Initial git commit ──
+  if (hasGit) {
+    await exec(["git", "add", "-A"], targetDir);
+    await exec(
+      ["git", "commit", "-m", "Initial commit from onlyApi CLI", "--no-verify"],
+      targetDir,
+    );
+    step("Created initial commit");
+  }
+
+  // ── Success banner ──
+  const elapsed = performance.now() - startTime;
+
+  blank();
+  log(
+    `  ${icons.rocket} ${bold(green("Project created successfully!"))} ${dim(`(${formatDuration(elapsed)})`)}`,
+  );
+  blank();
+
+  // Next steps
+  section("Next steps");
+  blank();
+
+  const cdCmd = projectName !== "." ? `cd ${projectName}` : null;
+  const steps = [
+    ...(cdCmd ? [cdCmd] : []),
+    "bun run dev          # Start dev server (hot-reload)",
+    "bun test             # Run tests",
+    "bun run check        # Type-check",
+  ];
+
+  for (const s of steps) {
+    log(`  ${dim("$")} ${bold(cyan(s))}`);
+  }
+
+  blank();
+  log(`  ${dim("Docs:")}  ${cyan("https://github.com/lysari/onlyapi#readme")}`);
+  log(`  ${dim("Issues:")} ${cyan("https://github.com/lysari/onlyapi/issues")}`);
+  blank();
+  log(`  ${dim("Happy hacking!")} ${icons.bolt}`);
+  blank();
+};