@erwininteractive/mvc 0.5.1 → 0.6.3

package/README.md

@@ -546,6 +546,50 @@ NODE_ENV=development                                       # Environment
 
 ---
 
+## Escape Hatch Documentation
+
+### Island Pattern (EJS + React)
+
+Use EJS for layout while adding React components where needed:
+
+```html
+<!-- layout.ejs -->
+<!DOCTYPE html>
+<html>
+<head><title><%= title %></title></head>
+<body>
+  <header><%- include('partial/header') %></header>
+  
+  <main id="app"><%- body %></main>
+  
+  <!-- React island -->
+  <div id="comment-section" data-post-id="<%= post.id %>"></div>
+  
+  <footer><%- include('partial/footer') %></footer>
+  
+  <script type="module" src="/src/components/CommentSection.tsx"></script>
+</body>
+</html>
+```
+
+### API-Only Mode
+
+Disable EJS engine for pure API responses:
+
+```typescript
+const { app } = await createMvcApp({
+  viewsPath: "src/views",
+  disableViewEngine: true, // Don't setup EJS
+});
+
+app.get("/api/users", async (req, res) => {
+  const users = await prisma.user.findMany();
+  res.json(users);  // Always JSON, no EJS
+});
+```
+
+---
+
 ## Learn More
 
 - [Express.js Documentation](https://expressjs.com/)

package/dist/cli.js

@@ -7,11 +7,21 @@ const generateModel_1 = require("./generators/generateModel");
 const generateController_1 = require("./generators/generateController");
 const generateResource_1 = require("./generators/generateResource");
 const generateWebAuthn_1 = require("./generators/generateWebAuthn");
+const listRoutes_1 = require("./generators/listRoutes");
+const makeAuth_1 = require("./generators/makeAuth");
 const program = new commander_1.Command();
 program
     .name("erwinmvc")
     .description("CLI for @erwininteractive/mvc framework")
-    .version("0.2.0");
+    .version("0.2.0")
+    .addHelpText("after", `
+Examples:
+  $ erwinmvc init myapp                     Create a new app
+  $ erwinmvc generate resource Post         Generate CRUD for Post
+  $ erwinmvc webauthn                       Setup passkey authentication
+  $ erwinmvc make:auth                      Generate authentication system
+  $ erwinmvc list:routes                    Show all routes
+`);
 // Init command - scaffold a new application
 program
     .command("init <dir>")
@@ -94,4 +104,35 @@ program
         process.exit(1);
     }
 });
+// List routes command - shows all defined routes
+program
+    .command("list:routes")
+    .alias("lr")
+    .description("List all routes in the application")
+    .action(async () => {
+    try {
+        (0, listRoutes_1.listRoutes)();
+    }
+    catch (err) {
+        console.error("Error:", err instanceof Error ? err.message : err);
+        process.exit(1);
+    }
+});
+// Make auth command - generate complete authentication system
+program
+    .command("make:auth")
+    .alias("ma")
+    .description("Generate a complete authentication system")
+    .option("--without-model", "Skip generating User model")
+    .option("--session-only", "Only session-based auth (no JWT tokens)")
+    .option("--jwt-only", "Only JWT tokens (no sessions)")
+    .action(async (options) => {
+    try {
+        await (0, makeAuth_1.makeAuth)(options);
+    }
+    catch (err) {
+        console.error("Error:", err instanceof Error ? err.message : err);
+        process.exit(1);
+    }
+});
 program.parse();

package/dist/generators/listRoutes.d.ts

@@ -0,0 +1,22 @@
+interface RouteInfo {
+    method: string;
+    path: string;
+    handler: string;
+}
+/**
+ * Parse routes from server.ts file
+ */
+export declare function parseRoutes(serverPath: string): RouteInfo[];
+/**
+ * Format routes as a table
+ */
+export declare function formatRoutes(routes: RouteInfo[]): string;
+/**
+ * Get server.ts path from current directory
+ */
+export declare function getServerPath(cwd?: string): string;
+/**
+ * List all routes in the current project
+ */
+export declare function listRoutes(cwd?: string): void;
+export {};

package/dist/generators/listRoutes.js

@@ -0,0 +1,103 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseRoutes = parseRoutes;
+exports.formatRoutes = formatRoutes;
+exports.getServerPath = getServerPath;
+exports.listRoutes = listRoutes;
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+/**
+ * Parse routes from server.ts file
+ */
+function parseRoutes(serverPath) {
+    const routes = [];
+    if (!fs_1.default.existsSync(serverPath)) {
+        return routes;
+    }
+    const content = fs_1.default.readFileSync(serverPath, "utf-8");
+    const lines = content.split("\n");
+    for (const line of lines) {
+        // Match app.METHOD("/path", handler)
+        const routeMatch = line.match(/app\.(\w+)\s*\(\s*["']([^"']+)["']/);
+        if (routeMatch) {
+            const currentMethod = routeMatch[1].toLowerCase();
+            const currentPath = routeMatch[2];
+            let currentHandler = "";
+            // Extract handler name - look for arrow function or identifier
+            const arrowFuncMatch = line.match(/=>\s*\{/);
+            if (arrowFuncMatch) {
+                currentHandler = "<anonymous>";
+            }
+            else {
+                const handlerMatch = line.match(/,\s*([^\s,)]+)/);
+                if (handlerMatch) {
+                    currentHandler = handlerMatch[1].trim();
+                }
+                else {
+                    currentHandler = "<anonymous>";
+                }
+            }
+            routes.push({
+                method: currentMethod.toUpperCase(),
+                path: currentPath,
+                handler: currentHandler,
+            });
+        }
+    }
+    return routes;
+}
+/**
+ * Format routes as a table
+ */
+function formatRoutes(routes) {
+    if (routes.length === 0) {
+        return "No routes found.";
+    }
+    const headers = ["Method", "Path", "Handler"];
+    const colWidths = [6, 20, 30];
+    const formatRow = (cells) => {
+        return cells.map((cell, i) => cell.padEnd(colWidths[i])).join(" | ");
+    };
+    const separator = colWidths.map(w => "-".repeat(w)).join("-+-");
+    let output = "";
+    output += formatRow(headers) + "\n";
+    output += separator + "\n";
+    for (const route of routes) {
+        output += formatRow([
+            route.method,
+            route.path,
+            route.handler,
+        ]) + "\n";
+    }
+    return output;
+}
+/**
+ * Get server.ts path from current directory
+ */
+function getServerPath(cwd = process.cwd()) {
+    const possiblePaths = [
+        path_1.default.join(cwd, "src", "server.ts"),
+        path_1.default.join(cwd, "server.ts"),
+    ];
+    for (const p of possiblePaths) {
+        if (fs_1.default.existsSync(p)) {
+            return p;
+        }
+    }
+    return possiblePaths[0];
+}
+/**
+ * List all routes in the current project
+ */
+function listRoutes(cwd = process.cwd()) {
+    const serverPath = getServerPath(cwd);
+    const routes = parseRoutes(serverPath);
+    console.log("\nDefined Routes:\n");
+    console.log(formatRoutes(routes));
+    if (routes.length === 0) {
+        console.log("\nNo routes found. Add routes to src/server.ts");
+    }
+}

package/dist/generators/makeAuth.d.ts

@@ -0,0 +1,9 @@
+export interface MakeAuthOptions {
+    withoutModel?: boolean;
+    sessionOnly?: boolean;
+    jwtOnly?: boolean;
+}
+/**
+ * Generate a complete authentication system (User model, AuthController, views)
+ */
+export declare function makeAuth(options?: MakeAuthOptions): Promise<void>;

package/dist/generators/makeAuth.js

@@ -0,0 +1,299 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.makeAuth = makeAuth;
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const paths_1 = require("./paths");
+/**
+ * Generate a complete authentication system (User model, AuthController, views)
+ */
+async function makeAuth(options = {}) {
+    const targetDir = process.cwd();
+    const templateDir = path_1.default.join((0, paths_1.getTemplatesDir)(), "auth");
+    console.log("Generating authentication system...");
+    // Create auth template files if they don't exist
+    createAuthTemplates(templateDir);
+    // Copy auth templates
+    if (fs_1.default.existsSync(templateDir)) {
+        copyDirRecursive(templateDir, targetDir);
+    }
+    // Update .env with auth configuration
+    const envPath = path_1.default.join(targetDir, ".env");
+    if (fs_1.default.existsSync(envPath)) {
+        const envContent = fs_1.default.readFileSync(envPath, "utf-8");
+        if (!envContent.includes("SESSION_SECRET")) {
+            fs_1.default.appendFileSync(envPath, "\nSESSION_SECRET=\"change-me-session\"\n");
+        }
+    }
+    // Update .env.example
+    const envExamplePath = path_1.default.join(targetDir, ".env.example");
+    if (fs_1.default.existsSync(envExamplePath)) {
+        const envContent = fs_1.default.readFileSync(envExamplePath, "utf-8");
+        if (!envContent.includes("SESSION_SECRET")) {
+            fs_1.default.appendFileSync(envExamplePath, "\nSESSION_SECRET=\"change-me-session\"\n");
+        }
+    }
+    console.log("\nAuthentication system generated successfully!");
+    console.log(`
+Next steps:
+  1. Run migrations: npm run db:migrate
+  2. Add auth routes to src/server.ts:
+     - import * as auth from "./controllers/AuthController";
+     - app.get("/login", auth.showLogin);
+     - app.post("/login", auth.login);
+     - app.get("/register", auth.showRegister);
+     - app.post("/register", auth.register);
+     - app.post("/logout", auth.logout);
+`);
+    // Generate AuthController.ejs files
+    const authControllerTemplate = path_1.default.join((0, paths_1.getTemplatesDir)(), "authController.ts.ejs");
+    if (fs_1.default.existsSync(authControllerTemplate)) {
+        const destPath = path_1.default.join(targetDir, "src", "controllers", "AuthController.ts");
+        const content = fs_1.default.readFileSync(authControllerTemplate, "utf-8");
+        fs_1.default.writeFileSync(destPath, content);
+        console.log("✓ Created src/controllers/AuthController.ts");
+    }
+    // Generate EJS views
+    const viewsDir = path_1.default.join(targetDir, "src", "views", "auth");
+    fs_1.default.mkdirSync(viewsDir, { recursive: true });
+    const loginView = path_1.default.join((0, paths_1.getTemplatesDir)(), "views/auth/login.ejs");
+    if (fs_1.default.existsSync(loginView)) {
+        fs_1.default.copyFileSync(loginView, path_1.default.join(viewsDir, "login.ejs"));
+        console.log("✓ Created src/views/auth/login.ejs");
+    }
+    const registerView = path_1.default.join((0, paths_1.getTemplatesDir)(), "views/auth/register.ejs");
+    if (fs_1.default.existsSync(registerView)) {
+        fs_1.default.copyFileSync(registerView, path_1.default.join(viewsDir, "register.ejs"));
+        console.log("✓ Created src/views/auth/register.ejs");
+    }
+}
+/**
+ * Create auth template files if they don't exist
+ */
+function createAuthTemplates(templateDir) {
+    fs_1.default.mkdirSync(templateDir, { recursive: true });
+    // Create AuthController template
+    const controllerTemplate = `import { Request, Response } from "express";
+import { hashPassword, verifyPassword, signToken, verifyToken } from "@erwininteractive/mvc";
+import { getPrismaClient } from "@erwininteractive/mvc";
+
+const prisma = getPrismaClient();
+
+export async function showLogin(req: Request, res: Response) {
+  res.render("auth/login", { title: "Login" });
+}
+
+export async function showRegister(req: Request, res: Response) {
+  res.render("auth/register", { title: "Register" });
+}
+
+export async function login(req: Request, res: Response) {
+  const { email, password } = req.body;
+
+  try {
+    const user = await prisma.user.findUnique({
+      where: { email }
+    });
+
+    if (!user) {
+      return res.render("auth/login", {
+        title: "Login",
+        error: "Invalid email or password"
+      });
+    }
+
+    const isValid = await verifyPassword(password, user.hashedPassword);
+    if (!isValid) {
+      return res.render("auth/login", {
+        title: "Login",
+        error: "Invalid email or password"
+      });
+    }
+
+    const token = signToken({ userId: user.id, email: user.email });
+    res.cookie("token", token, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+      maxAge: 1000 * 60 * 60 * 24 // 24 hours
+    });
+
+    res.redirect("/");
+  } catch (err) {
+    console.error("Login error:", err);
+    res.render("auth/login", {
+      title: "Login",
+      error: "An error occurred during login"
+    });
+  }
+}
+
+export async function register(req: Request, res: Response) {
+  const { email, password, confirmPassword } = req.body;
+
+  if (password !== confirmPassword) {
+    return res.render("auth/register", {
+      title: "Register",
+      error: "Passwords do not match"
+    });
+  }
+
+  try {
+    const existingUser = await prisma.user.findUnique({
+      where: { email }
+    });
+
+    if (existingUser) {
+      return res.render("auth/register", {
+        title: "Register",
+        error: "Email already in use"
+      });
+    }
+
+    const hashedPassword = await hashPassword(password);
+
+    await prisma.user.create({
+      data: {
+        email,
+        hashedPassword,
+        role: "user"
+      }
+    });
+
+    res.redirect("/login");
+  } catch (err) {
+    console.error("Registration error:", err);
+    res.render("auth/register", {
+      title: "Register",
+      error: "An error occurred during registration"
+    });
+  }
+}
+
+export async function logout(req: Request, res: Response) {
+  res.clearCookie("token");
+  res.redirect("/login");
+}
+
+export async function requireAuth(req: Request, res: Response, next: any) {
+  const token = req.cookies?.token || req.headers.authorization?.split(" ")[1];
+
+  if (!token) {
+    return res.redirect("/login");
+  }
+
+  try {
+    const decoded = verifyToken(token);
+    req.user = decoded;
+    next();
+  } catch {
+    res.clearCookie("token");
+    res.redirect("/login");
+  }
+}
+`;
+    fs_1.default.writeFileSync(path_1.default.join(templateDir, "authController.ts.ejs"), controllerTemplate);
+    // Create login view
+    const loginView = `<!DOCTYPE html>
+<html>
+<head>
+  <title><%= title %></title>
+  <style>
+    body { font-family: sans-serif; max-width: 400px; margin: 50px auto; }
+    input { width: 100%; padding: 8px; margin: 8px 0; }
+    button { background: #007bff; color: white; padding: 10px; border: none; cursor: pointer; }
+    .error { color: red; }
+    .link { color: #007bff; }
+  </style>
+</head>
+<body>
+  <h1><%= title %></h1>
+  
+  <% if (error) { %>
+    <p class="error"><%= error %></p>
+  <% } %>
+  
+  <form method="POST" action="/login">
+    <label>Email</label>
+    <input type="email" name="email" required>
+    
+    <label>Password</label>
+    <input type="password" name="password" required>
+    
+    <button type="submit">Login</button>
+  </form>
+  
+  <p>Don't have an account? <a href="/register" class="link">Register</a></p>
+</body>
+</html>
+`;
+    fs_1.default.writeFileSync(path_1.default.join(templateDir, "views/auth/login.ejs.ejs"), loginView);
+    // Create register view
+    const registerView = `<!DOCTYPE html>
+<html>
+<head>
+  <title><%= title %></title>
+  <style>
+    body { font-family: sans-serif; max-width: 400px; margin: 50px auto; }
+    input { width: 100%; padding: 8px; margin: 8px 0; }
+    button { background: #28a745; color: white; padding: 10px; border: none; cursor: pointer; }
+    .error { color: red; }
+    .link { color: #007bff; }
+  </style>
+</head>
+<body>
+  <h1><%= title %></h1>
+  
+  <% if (error) { %>
+    <p class="error"><%= error %></p>
+  <% } %>
+  
+  <form method="POST" action="/register">
+    <label>Email</label>
+    <input type="email" name="email" required>
+    
+    <label>Password</label>
+    <input type="password" name="password" required>
+    
+    <label>Confirm Password</label>
+    <input type="password" name="confirmPassword" required>
+    
+    <button type="submit">Register</button>
+  </form>
+  
+  <p>Already have an account? <a href="/login" class="link">Login</a></p>
+</body>
+</html>
+`;
+    fs_1.default.writeFileSync(path_1.default.join(templateDir, "views/auth/register.ejs.ejs"), registerView);
+}
+/**
+ * Recursively copy a directory
+ */
+function copyDirRecursive(src, dest) {
+    if (!fs_1.default.existsSync(src)) {
+        return;
+    }
+    if (!fs_1.default.existsSync(dest)) {
+        fs_1.default.mkdirSync(dest, { recursive: true });
+    }
+    const entries = fs_1.default.readdirSync(src, { withFileTypes: true });
+    for (const entry of entries) {
+        const srcPath = path_1.default.join(src, entry.name);
+        const destPath = path_1.default.join(dest, entry.name);
+        if (entry.isDirectory()) {
+            copyDirRecursive(srcPath, destPath);
+        }
+        else if (entry.name.endsWith(".ejs.ejs")) {
+            // Remove .ejs.ejs suffix, write render version
+            const content = fs_1.default.readFileSync(srcPath, "utf-8");
+            const targetPath = destPath.replace(/\.ejs\.ejs$/, ".ejs");
+            fs_1.default.writeFileSync(targetPath, content);
+        }
+        else {
+            fs_1.default.copyFileSync(srcPath, destPath);
+        }
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@erwininteractive/mvc",
-  "version": "0.5.1",
+  "version": "0.6.3",
   "description": "A lightweight, full-featured MVC framework for Node.js with Express, Prisma, and EJS",
   "main": "dist/framework/index.js",
   "types": "dist/framework/index.d.ts",

package/templates/appScaffold/README.md

@@ -203,6 +203,32 @@ Then run migrations again:
 npx prisma migrate dev --name add-post-fields
 ```
 
+## Full-Stack Flexibility
+
+### Island Pattern (EJS + React)
+
+Use EJS for layout while adding React components where needed:
+
+```html
+<div id="comment-section" data-post-id="<%= post.id %>"></div>
+<script type="module" src="/src/components/CommentSection.tsx"></script>
+```
+
+### API-Only Mode
+
+For pure API development, disable EJS:
+
+```typescript
+const { app } = await createMvcApp({
+  viewsPath: "src/views",
+  disableViewEngine: true,
+});
+
+app.get("/api/users", async (req, res) => {
+  res.json(users);  // Always JSON
+});
+```
+
 ### Step 5: Use in Your Code
 
 ```typescript
@@ -286,10 +312,22 @@ Link to them in your templates:
 
 | Command | Description |
 |---------|-------------|
-| `npx erwinmvc generate controller <Name>` | Create a CRUD controller |
-| `npx erwinmvc generate model <Name>` | Create a database model |
-
----
+| `npx @erwininteractive/mvc init <dir>` | Create a new app |
+| `npx erwinmvc generate resource <name>` | Generate model + controller + views |
+| `npx erwinmvc generate controller <name>` | Generate a CRUD controller |
+| `npx erwinmvc generate model <name>` | Generate a database model |
+| `npx erwinmvc webauthn` | Generate WebAuthn authentication (security keys) |
+| `npx erwinmvc list:routes` | Show all defined routes |
+
+### Init Options
+
+| Option | Description |
+|--------|-------------|
+| `--skip-install` | Skip running npm install |
+| `--with-database` | Include Prisma database setup |
+| `--with-ci` | Include GitHub Actions CI workflow |
+
+### Resource Options
 
 ## Learn More