npm - @erwininteractive/mvc - Versions diffs - 0.6.1 → 0.6.5 - Mend

@erwininteractive/mvc 0.6.1 → 0.6.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/cli.js +19 -0
package/dist/framework/Validation.d.ts +34 -0
package/dist/framework/Validation.js +67 -0
package/dist/framework/index.d.ts +1 -0
package/dist/framework/index.js +7 -1
package/dist/generators/makeAuth.d.ts +9 -0
package/dist/generators/makeAuth.js +299 -0
package/package.json +3 -2
package/templates/appScaffold/package.json +4 -2

package/dist/cli.js CHANGED Viewed

@@ -8,6 +8,7 @@ const generateController_1 = require("./generators/generateController");
 const generateResource_1 = require("./generators/generateResource");
 const generateWebAuthn_1 = require("./generators/generateWebAuthn");
 const listRoutes_1 = require("./generators/listRoutes");
+const makeAuth_1 = require("./generators/makeAuth");
 const program = new commander_1.Command();
 program
     .name("erwinmvc")
@@ -18,6 +19,7 @@ Examples:
   $ erwinmvc init myapp                     Create a new app
   $ erwinmvc generate resource Post         Generate CRUD for Post
   $ erwinmvc webauthn                       Setup passkey authentication
+  $ erwinmvc make:auth                      Generate authentication system
   $ erwinmvc list:routes                    Show all routes
 `);
 // Init command - scaffold a new application
@@ -116,4 +118,21 @@ program
         process.exit(1);
     }
 });
+// Make auth command - generate complete authentication system
+program
+    .command("make:auth")
+    .alias("ma")
+    .description("Generate a complete authentication system")
+    .option("--without-model", "Skip generating User model")
+    .option("--session-only", "Only session-based auth (no JWT tokens)")
+    .option("--jwt-only", "Only JWT tokens (no sessions)")
+    .action(async (options) => {
+    try {
+        await (0, makeAuth_1.makeAuth)(options);
+    }
+    catch (err) {
+        console.error("Error:", err instanceof Error ? err.message : err);
+        process.exit(1);
+    }
+});
 program.parse();

package/dist/framework/Validation.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+import type { ZodError, ZodSchema } from "zod";
+export type ValidationStrategyType = "redirect" | "json";
+/**
+ * Zod validation middleware
+ * @param schema - Zod schema to validate against
+ * @param strategy - 'redirect' (web) or 'json' (API)
+ */
+export declare function validate<T>(schema: ZodSchema<T>, strategy?: ValidationStrategyType): (req: any, res: any, next: any) => Promise<any>;
+/**
+ * Extract field errors from Zod ZodError
+ */
+export declare function getFieldErrors(error: ZodError): Array<{
+    field: string;
+    message: string;
+}>;
+/**
+ * Preserves form input when validation fails
+ */
+export declare function getOldInput(req: any): any;
+/**
+ * Get validation errors for display
+ */
+export declare function getErrors(req: any): Array<{
+    field: string;
+    message: string;
+}>;
+/**
+ * Check if a field has errors
+ */
+export declare function hasFieldError(field: string, errors: any): boolean;
+/**
+ * Get error message for a specific field
+ */
+export declare function getFieldError(field: string, errors: any): string | undefined;

package/dist/framework/Validation.js ADDED Viewed

@@ -0,0 +1,67 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validate = validate;
+exports.getFieldErrors = getFieldErrors;
+exports.getOldInput = getOldInput;
+exports.getErrors = getErrors;
+exports.hasFieldError = hasFieldError;
+exports.getFieldError = getFieldError;
+/**
+ * Zod validation middleware
+ * @param schema - Zod schema to validate against
+ * @param strategy - 'redirect' (web) or 'json' (API)
+ */
+function validate(schema, strategy = "redirect") {
+    return async (req, res, next) => {
+        const result = await schema.safeParseAsync(req.body);
+        if (!result.success) {
+            const errors = getFieldErrors(result.error);
+            const oldInput = req.body;
+            if (strategy === "json") {
+                return res.status(422).json({ errors, oldInput });
+            }
+            // Redirect with errors and old input for web forms
+            req.flash("errors", errors);
+            req.flash("oldInput", oldInput);
+            // Get referrer URL or use default
+            const redirectUrl = req.headers.referer || req.headers.referrer || "/";
+            return res.redirect(redirectUrl);
+        }
+        req.validatedBody = result.data;
+        next();
+    };
+}
+/**
+ * Extract field errors from Zod ZodError
+ */
+function getFieldErrors(error) {
+    return error.errors.map((err) => ({
+        field: err.path.join("."),
+        message: err.message,
+    }));
+}
+/**
+ * Preserves form input when validation fails
+ */
+function getOldInput(req) {
+    return req.flash("oldInput")[0] || {};
+}
+/**
+ * Get validation errors for display
+ */
+function getErrors(req) {
+    return req.flash("errors") || [];
+}
+/**
+ * Check if a field has errors
+ */
+function hasFieldError(field, errors) {
+    return errors.some((err) => err.field === field);
+}
+/**
+ * Get error message for a specific field
+ */
+function getFieldError(field, errors) {
+    const error = errors.find((err) => err.field === field);
+    return error?.message;
+}

package/dist/framework/index.d.ts CHANGED Viewed

@@ -3,4 +3,5 @@ export type { MvcAppOptions, MvcApp } from "./App";
 export { getPrismaClient, disconnectPrisma } from "./db";
 export { hashPassword, verifyPassword, signToken, verifyToken, authenticate, } from "./Auth";
 export { startRegistration, completeRegistration, startAuthentication, completeAuthentication, getRPConfig, } from "./WebAuthn";
+export { validate, getFieldErrors, getErrors, getOldInput } from "./Validation";
 export { registerControllers, registerController } from "./Router";

package/dist/framework/index.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.registerController = exports.registerControllers = exports.getRPConfig = exports.completeAuthentication = exports.startAuthentication = exports.completeRegistration = exports.startRegistration = exports.authenticate = exports.verifyToken = exports.signToken = exports.verifyPassword = exports.hashPassword = exports.disconnectPrisma = exports.getPrismaClient = exports.startServer = exports.createMvcApp = void 0;
+exports.registerController = exports.registerControllers = exports.getOldInput = exports.getErrors = exports.getFieldErrors = exports.validate = exports.getRPConfig = exports.completeAuthentication = exports.startAuthentication = exports.completeRegistration = exports.startRegistration = exports.authenticate = exports.verifyToken = exports.signToken = exports.verifyPassword = exports.hashPassword = exports.disconnectPrisma = exports.getPrismaClient = exports.startServer = exports.createMvcApp = void 0;
 // App factory and server
 var App_1 = require("./App");
 Object.defineProperty(exports, "createMvcApp", { enumerable: true, get: function () { return App_1.createMvcApp; } });
@@ -23,6 +23,12 @@ Object.defineProperty(exports, "completeRegistration", { enumerable: true, get:
 Object.defineProperty(exports, "startAuthentication", { enumerable: true, get: function () { return WebAuthn_1.startAuthentication; } });
 Object.defineProperty(exports, "completeAuthentication", { enumerable: true, get: function () { return WebAuthn_1.completeAuthentication; } });
 Object.defineProperty(exports, "getRPConfig", { enumerable: true, get: function () { return WebAuthn_1.getRPConfig; } });
+// Validation
+var Validation_1 = require("./Validation");
+Object.defineProperty(exports, "validate", { enumerable: true, get: function () { return Validation_1.validate; } });
+Object.defineProperty(exports, "getFieldErrors", { enumerable: true, get: function () { return Validation_1.getFieldErrors; } });
+Object.defineProperty(exports, "getErrors", { enumerable: true, get: function () { return Validation_1.getErrors; } });
+Object.defineProperty(exports, "getOldInput", { enumerable: true, get: function () { return Validation_1.getOldInput; } });
 // Routing
 var Router_1 = require("./Router");
 Object.defineProperty(exports, "registerControllers", { enumerable: true, get: function () { return Router_1.registerControllers; } });

package/dist/generators/makeAuth.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+export interface MakeAuthOptions {
+    withoutModel?: boolean;
+    sessionOnly?: boolean;
+    jwtOnly?: boolean;
+}
+/**
+ * Generate a complete authentication system (User model, AuthController, views)
+ */
+export declare function makeAuth(options?: MakeAuthOptions): Promise<void>;

package/dist/generators/makeAuth.js ADDED Viewed

@@ -0,0 +1,299 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.makeAuth = makeAuth;
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const paths_1 = require("./paths");
+/**
+ * Generate a complete authentication system (User model, AuthController, views)
+ */
+async function makeAuth(options = {}) {
+    const targetDir = process.cwd();
+    const templateDir = path_1.default.join((0, paths_1.getTemplatesDir)(), "auth");
+    console.log("Generating authentication system...");
+    // Create auth template files if they don't exist
+    createAuthTemplates(templateDir);
+    // Copy auth templates
+    if (fs_1.default.existsSync(templateDir)) {
+        copyDirRecursive(templateDir, targetDir);
+    }
+    // Update .env with auth configuration
+    const envPath = path_1.default.join(targetDir, ".env");
+    if (fs_1.default.existsSync(envPath)) {
+        const envContent = fs_1.default.readFileSync(envPath, "utf-8");
+        if (!envContent.includes("SESSION_SECRET")) {
+            fs_1.default.appendFileSync(envPath, "\nSESSION_SECRET=\"change-me-session\"\n");
+        }
+    }
+    // Update .env.example
+    const envExamplePath = path_1.default.join(targetDir, ".env.example");
+    if (fs_1.default.existsSync(envExamplePath)) {
+        const envContent = fs_1.default.readFileSync(envExamplePath, "utf-8");
+        if (!envContent.includes("SESSION_SECRET")) {
+            fs_1.default.appendFileSync(envExamplePath, "\nSESSION_SECRET=\"change-me-session\"\n");
+        }
+    }
+    console.log("\nAuthentication system generated successfully!");
+    console.log(`
+Next steps:
+  1. Run migrations: npm run db:migrate
+  2. Add auth routes to src/server.ts:
+     - import * as auth from "./controllers/AuthController";
+     - app.get("/login", auth.showLogin);
+     - app.post("/login", auth.login);
+     - app.get("/register", auth.showRegister);
+     - app.post("/register", auth.register);
+     - app.post("/logout", auth.logout);
+`);
+    // Generate AuthController.ejs files
+    const authControllerTemplate = path_1.default.join((0, paths_1.getTemplatesDir)(), "authController.ts.ejs");
+    if (fs_1.default.existsSync(authControllerTemplate)) {
+        const destPath = path_1.default.join(targetDir, "src", "controllers", "AuthController.ts");
+        const content = fs_1.default.readFileSync(authControllerTemplate, "utf-8");
+        fs_1.default.writeFileSync(destPath, content);
+        console.log("✓ Created src/controllers/AuthController.ts");
+    }
+    // Generate EJS views
+    const viewsDir = path_1.default.join(targetDir, "src", "views", "auth");
+    fs_1.default.mkdirSync(viewsDir, { recursive: true });
+    const loginView = path_1.default.join((0, paths_1.getTemplatesDir)(), "views/auth/login.ejs");
+    if (fs_1.default.existsSync(loginView)) {
+        fs_1.default.copyFileSync(loginView, path_1.default.join(viewsDir, "login.ejs"));
+        console.log("✓ Created src/views/auth/login.ejs");
+    }
+    const registerView = path_1.default.join((0, paths_1.getTemplatesDir)(), "views/auth/register.ejs");
+    if (fs_1.default.existsSync(registerView)) {
+        fs_1.default.copyFileSync(registerView, path_1.default.join(viewsDir, "register.ejs"));
+        console.log("✓ Created src/views/auth/register.ejs");
+    }
+}
+/**
+ * Create auth template files if they don't exist
+ */
+function createAuthTemplates(templateDir) {
+    fs_1.default.mkdirSync(templateDir, { recursive: true });
+    // Create AuthController template
+    const controllerTemplate = `import { Request, Response } from "express";
+import { hashPassword, verifyPassword, signToken, verifyToken } from "@erwininteractive/mvc";
+import { getPrismaClient } from "@erwininteractive/mvc";
+const prisma = getPrismaClient();
+export async function showLogin(req: Request, res: Response) {
+  res.render("auth/login", { title: "Login" });
+}
+export async function showRegister(req: Request, res: Response) {
+  res.render("auth/register", { title: "Register" });
+}
+export async function login(req: Request, res: Response) {
+  const { email, password } = req.body;
+  try {
+    const user = await prisma.user.findUnique({
+      where: { email }
+    });
+    if (!user) {
+      return res.render("auth/login", {
+        title: "Login",
+        error: "Invalid email or password"
+      });
+    }
+    const isValid = await verifyPassword(password, user.hashedPassword);
+    if (!isValid) {
+      return res.render("auth/login", {
+        title: "Login",
+        error: "Invalid email or password"
+      });
+    }
+    const token = signToken({ userId: user.id, email: user.email });
+    res.cookie("token", token, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+      maxAge: 1000 * 60 * 60 * 24 // 24 hours
+    });
+    res.redirect("/");
+  } catch (err) {
+    console.error("Login error:", err);
+    res.render("auth/login", {
+      title: "Login",
+      error: "An error occurred during login"
+    });
+  }
+}
+export async function register(req: Request, res: Response) {
+  const { email, password, confirmPassword } = req.body;
+  if (password !== confirmPassword) {
+    return res.render("auth/register", {
+      title: "Register",
+      error: "Passwords do not match"
+    });
+  }
+  try {
+    const existingUser = await prisma.user.findUnique({
+      where: { email }
+    });
+    if (existingUser) {
+      return res.render("auth/register", {
+        title: "Register",
+        error: "Email already in use"
+      });
+    }
+    const hashedPassword = await hashPassword(password);
+    await prisma.user.create({
+      data: {
+        email,
+        hashedPassword,
+        role: "user"
+      }
+    });
+    res.redirect("/login");
+  } catch (err) {
+    console.error("Registration error:", err);
+    res.render("auth/register", {
+      title: "Register",
+      error: "An error occurred during registration"
+    });
+  }
+}
+export async function logout(req: Request, res: Response) {
+  res.clearCookie("token");
+  res.redirect("/login");
+}
+export async function requireAuth(req: Request, res: Response, next: any) {
+  const token = req.cookies?.token || req.headers.authorization?.split(" ")[1];
+  if (!token) {
+    return res.redirect("/login");
+  }
+  try {
+    const decoded = verifyToken(token);
+    req.user = decoded;
+    next();
+  } catch {
+    res.clearCookie("token");
+    res.redirect("/login");
+  }
+}
+`;
+    fs_1.default.writeFileSync(path_1.default.join(templateDir, "authController.ts.ejs"), controllerTemplate);
+    // Create login view
+    const loginView = `<!DOCTYPE html>
+<html>
+<head>
+  <title><%= title %></title>
+  <style>
+    body { font-family: sans-serif; max-width: 400px; margin: 50px auto; }
+    input { width: 100%; padding: 8px; margin: 8px 0; }
+    button { background: #007bff; color: white; padding: 10px; border: none; cursor: pointer; }
+    .error { color: red; }
+    .link { color: #007bff; }
+  </style>
+</head>
+<body>
+  <h1><%= title %></h1>
+  <% if (error) { %>
+    <p class="error"><%= error %></p>
+  <% } %>
+  <form method="POST" action="/login">
+    <label>Email</label>
+    <input type="email" name="email" required>
+    <label>Password</label>
+    <input type="password" name="password" required>
+    <button type="submit">Login</button>
+  </form>
+  <p>Don't have an account? <a href="/register" class="link">Register</a></p>
+</body>
+</html>
+`;
+    fs_1.default.writeFileSync(path_1.default.join(templateDir, "views/auth/login.ejs.ejs"), loginView);
+    // Create register view
+    const registerView = `<!DOCTYPE html>
+<html>
+<head>
+  <title><%= title %></title>
+  <style>
+    body { font-family: sans-serif; max-width: 400px; margin: 50px auto; }
+    input { width: 100%; padding: 8px; margin: 8px 0; }
+    button { background: #28a745; color: white; padding: 10px; border: none; cursor: pointer; }
+    .error { color: red; }
+    .link { color: #007bff; }
+  </style>
+</head>
+<body>
+  <h1><%= title %></h1>
+  <% if (error) { %>
+    <p class="error"><%= error %></p>
+  <% } %>
+  <form method="POST" action="/register">
+    <label>Email</label>
+    <input type="email" name="email" required>
+    <label>Password</label>
+    <input type="password" name="password" required>
+    <label>Confirm Password</label>
+    <input type="password" name="confirmPassword" required>
+    <button type="submit">Register</button>
+  </form>
+  <p>Already have an account? <a href="/login" class="link">Login</a></p>
+</body>
+</html>
+`;
+    fs_1.default.writeFileSync(path_1.default.join(templateDir, "views/auth/register.ejs.ejs"), registerView);
+}
+/**
+ * Recursively copy a directory
+ */
+function copyDirRecursive(src, dest) {
+    if (!fs_1.default.existsSync(src)) {
+        return;
+    }
+    if (!fs_1.default.existsSync(dest)) {
+        fs_1.default.mkdirSync(dest, { recursive: true });
+    }
+    const entries = fs_1.default.readdirSync(src, { withFileTypes: true });
+    for (const entry of entries) {
+        const srcPath = path_1.default.join(src, entry.name);
+        const destPath = path_1.default.join(dest, entry.name);
+        if (entry.isDirectory()) {
+            copyDirRecursive(srcPath, destPath);
+        }
+        else if (entry.name.endsWith(".ejs.ejs")) {
+            // Remove .ejs.ejs suffix, write render version
+            const content = fs_1.default.readFileSync(srcPath, "utf-8");
+            const targetPath = destPath.replace(/\.ejs\.ejs$/, ".ejs");
+            fs_1.default.writeFileSync(targetPath, content);
+        }
+        else {
+            fs_1.default.copyFileSync(srcPath, destPath);
+        }
+    }
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@erwininteractive/mvc",
-  "version": "0.6.1",
+  "version": "0.6.5",
   "description": "A lightweight, full-featured MVC framework for Node.js with Express, Prisma, and EJS",
   "main": "dist/framework/index.js",
   "types": "dist/framework/index.d.ts",
@@ -52,7 +52,8 @@
     "helmet": "^8.0.0",
     "jsonwebtoken": "^9.0.2",
     "prisma": "^6.0.0",
-    "redis": "^4.7.0"
+    "redis": "^4.7.0",
+    "zod": "^3.23.8"
   },
   "devDependencies": {
     "@types/bcryptjs": "^2.4.6",

package/templates/appScaffold/package.json CHANGED Viewed

@@ -12,11 +12,13 @@
     "db:push": "prisma db push"
   },
   "dependencies": {
-    "@erwininteractive/mvc": "^0.4.0",
-    "cookie-parser": "^1.4.6"
+    "@erwininteractive/mvc": "^0.6.0",
+    "cookie-parser": "^1.4.6",
+    "zod": "^3.23.8"
   },
   "devDependencies": {
     "@types/cookie-parser": "^1.4.7",
+    "@types/ejs": "^3.1.5",
     "@types/express": "^5.0.0",
     "@types/node": "^22.7.5",
     "tsx": "^4.19.1",