@erwininteractive/mvc 0.6.3 → 0.6.7

package/dist/cli.js

@@ -16,11 +16,12 @@ program
     .version("0.2.0")
     .addHelpText("after", `
 Examples:
-  $ erwinmvc init myapp                     Create a new app
-  $ erwinmvc generate resource Post         Generate CRUD for Post
-  $ erwinmvc webauthn                       Setup passkey authentication
-  $ erwinmvc make:auth                      Generate authentication system
-  $ erwinmvc list:routes                    Show all routes
+   $ erwinmvc init myapp                     Create a new app
+   $ erwinmvc init myapp --with-tailwind     Create app with Tailwind CSS
+   $ erwinmvc generate resource Post         Generate CRUD for Post
+   $ erwinmvc webauthn                       Setup passkey authentication
+   $ erwinmvc make:auth                      Generate authentication system
+   $ erwinmvc list:routes                    Show all routes
 `);
 // Init command - scaffold a new application
 program
@@ -29,6 +30,7 @@ program
     .option("--skip-install", "Skip npm install")
     .option("--with-database", "Include database/Prisma setup")
     .option("--with-ci", "Include GitHub Actions CI workflow")
+    .option("--with-tailwind", "Include Tailwind CSS setup (with PostCSS)")
     .action(async (dir, options) => {
     try {
         await (0, initApp_1.initApp)(dir, options);

package/dist/framework/Validation.d.ts

@@ -0,0 +1,34 @@
+import type { ZodError, ZodSchema } from "zod";
+export type ValidationStrategyType = "redirect" | "json";
+/**
+ * Zod validation middleware
+ * @param schema - Zod schema to validate against
+ * @param strategy - 'redirect' (web) or 'json' (API)
+ */
+export declare function validate<T>(schema: ZodSchema<T>, strategy?: ValidationStrategyType): (req: any, res: any, next: any) => Promise<any>;
+/**
+ * Extract field errors from Zod ZodError
+ */
+export declare function getFieldErrors(error: ZodError): Array<{
+    field: string;
+    message: string;
+}>;
+/**
+ * Preserves form input when validation fails
+ */
+export declare function getOldInput(req: any): any;
+/**
+ * Get validation errors for display
+ */
+export declare function getErrors(req: any): Array<{
+    field: string;
+    message: string;
+}>;
+/**
+ * Check if a field has errors
+ */
+export declare function hasFieldError(field: string, errors: any): boolean;
+/**
+ * Get error message for a specific field
+ */
+export declare function getFieldError(field: string, errors: any): string | undefined;

package/dist/framework/Validation.js

@@ -0,0 +1,67 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validate = validate;
+exports.getFieldErrors = getFieldErrors;
+exports.getOldInput = getOldInput;
+exports.getErrors = getErrors;
+exports.hasFieldError = hasFieldError;
+exports.getFieldError = getFieldError;
+/**
+ * Zod validation middleware
+ * @param schema - Zod schema to validate against
+ * @param strategy - 'redirect' (web) or 'json' (API)
+ */
+function validate(schema, strategy = "redirect") {
+    return async (req, res, next) => {
+        const result = await schema.safeParseAsync(req.body);
+        if (!result.success) {
+            const errors = getFieldErrors(result.error);
+            const oldInput = req.body;
+            if (strategy === "json") {
+                return res.status(422).json({ errors, oldInput });
+            }
+            // Redirect with errors and old input for web forms
+            req.flash("errors", errors);
+            req.flash("oldInput", oldInput);
+            // Get referrer URL or use default
+            const redirectUrl = req.headers.referer || req.headers.referrer || "/";
+            return res.redirect(redirectUrl);
+        }
+        req.validatedBody = result.data;
+        next();
+    };
+}
+/**
+ * Extract field errors from Zod ZodError
+ */
+function getFieldErrors(error) {
+    return error.errors.map((err) => ({
+        field: err.path.join("."),
+        message: err.message,
+    }));
+}
+/**
+ * Preserves form input when validation fails
+ */
+function getOldInput(req) {
+    return req.flash("oldInput")[0] || {};
+}
+/**
+ * Get validation errors for display
+ */
+function getErrors(req) {
+    return req.flash("errors") || [];
+}
+/**
+ * Check if a field has errors
+ */
+function hasFieldError(field, errors) {
+    return errors.some((err) => err.field === field);
+}
+/**
+ * Get error message for a specific field
+ */
+function getFieldError(field, errors) {
+    const error = errors.find((err) => err.field === field);
+    return error?.message;
+}

package/dist/framework/index.d.ts

@@ -3,4 +3,5 @@ export type { MvcAppOptions, MvcApp } from "./App";
 export { getPrismaClient, disconnectPrisma } from "./db";
 export { hashPassword, verifyPassword, signToken, verifyToken, authenticate, } from "./Auth";
 export { startRegistration, completeRegistration, startAuthentication, completeAuthentication, getRPConfig, } from "./WebAuthn";
+export { validate, getFieldErrors, getErrors, getOldInput } from "./Validation";
 export { registerControllers, registerController } from "./Router";

package/dist/framework/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.registerController = exports.registerControllers = exports.getRPConfig = exports.completeAuthentication = exports.startAuthentication = exports.completeRegistration = exports.startRegistration = exports.authenticate = exports.verifyToken = exports.signToken = exports.verifyPassword = exports.hashPassword = exports.disconnectPrisma = exports.getPrismaClient = exports.startServer = exports.createMvcApp = void 0;
+exports.registerController = exports.registerControllers = exports.getOldInput = exports.getErrors = exports.getFieldErrors = exports.validate = exports.getRPConfig = exports.completeAuthentication = exports.startAuthentication = exports.completeRegistration = exports.startRegistration = exports.authenticate = exports.verifyToken = exports.signToken = exports.verifyPassword = exports.hashPassword = exports.disconnectPrisma = exports.getPrismaClient = exports.startServer = exports.createMvcApp = void 0;
 // App factory and server
 var App_1 = require("./App");
 Object.defineProperty(exports, "createMvcApp", { enumerable: true, get: function () { return App_1.createMvcApp; } });
@@ -23,6 +23,12 @@ Object.defineProperty(exports, "completeRegistration", { enumerable: true, get:
 Object.defineProperty(exports, "startAuthentication", { enumerable: true, get: function () { return WebAuthn_1.startAuthentication; } });
 Object.defineProperty(exports, "completeAuthentication", { enumerable: true, get: function () { return WebAuthn_1.completeAuthentication; } });
 Object.defineProperty(exports, "getRPConfig", { enumerable: true, get: function () { return WebAuthn_1.getRPConfig; } });
+// Validation
+var Validation_1 = require("./Validation");
+Object.defineProperty(exports, "validate", { enumerable: true, get: function () { return Validation_1.validate; } });
+Object.defineProperty(exports, "getFieldErrors", { enumerable: true, get: function () { return Validation_1.getFieldErrors; } });
+Object.defineProperty(exports, "getErrors", { enumerable: true, get: function () { return Validation_1.getErrors; } });
+Object.defineProperty(exports, "getOldInput", { enumerable: true, get: function () { return Validation_1.getOldInput; } });
 // Routing
 var Router_1 = require("./Router");
 Object.defineProperty(exports, "registerControllers", { enumerable: true, get: function () { return Router_1.registerControllers; } });

package/dist/generators/initApp.d.ts

@@ -2,6 +2,7 @@ export interface InitOptions {
     skipInstall?: boolean;
     withDatabase?: boolean;
     withCi?: boolean;
+    withTailwind?: boolean;
 }
 /**
  * Scaffold a new MVC application.

package/dist/generators/initApp.js

@@ -72,6 +72,10 @@ async function initApp(dir, options = {}) {
     if (options.withCi) {
         setupCi(targetDir);
     }
+    // Setup Tailwind CSS if requested
+    if (options.withTailwind) {
+        setupTailwind(targetDir);
+    }
     console.log(`
 Next steps:
   cd ${dir}
@@ -83,6 +87,11 @@ To add database support later:
   npm run db:setup
   # Edit .env with DATABASE_URL
   npx prisma migrate dev --name init
+` : ""}
+${options.withTailwind ? `
+To configure Tailwind CSS:
+  npm run tailwind
+  # Edit tailwind.config.cjs and src/assets/tailwind.css
 ` : ""}`);
 }
 /**
@@ -121,6 +130,49 @@ function setupDatabase(targetDir) {
         console.error("Failed to setup Prisma. Run 'npm run db:setup' manually.");
     }
 }
+/**
+ * Setup Tailwind CSS with PostCSS.
+ */
+function setupTailwind(targetDir) {
+    console.log("\nSetting up Tailwind CSS...");
+    try {
+        (0, child_process_1.execSync)("npm install -D tailwindcss postcss autoprefixer", { cwd: targetDir, stdio: "inherit" });
+        // Removed npx command - using manual config
+        // Create assets directory
+        const assetsDir = path_1.default.join(targetDir, "src", "assets");
+        fs_1.default.mkdirSync(assetsDir, { recursive: true });
+        // Create tailwind.css
+        const tailwindCss = `@tailwind base;
+@tailwind components;
+@tailwind utilities;
+`;
+        fs_1.default.writeFileSync(path_1.default.join(assetsDir, "tailwind.css"), tailwindCss);
+        // Update postcss.config.cjs
+        const postcssConfig = `/** @type {import('postcss-load-config').Config} */
+const config = {
+  plugins: {
+    tailwindcss: {},
+    autoprefixer: {},
+  },
+};
+
+export default config;
+`;
+        fs_1.default.writeFileSync(path_1.default.join(targetDir, "postcss.config.cjs"), postcssConfig);
+        // Update package.json with tailwind build script
+        const packageJsonPath = path_1.default.join(targetDir, "package.json");
+        if (fs_1.default.existsSync(packageJsonPath)) {
+            const pkg = JSON.parse(fs_1.default.readFileSync(packageJsonPath, "utf-8"));
+            pkg.scripts.tailwind = "tailwindcss -i ./src/assets/tailwind.css -o ./public/dist/tailwind.css --watch";
+            pkg.scripts.build = "tsc && npm run tailwind";
+            fs_1.default.writeFileSync(packageJsonPath, JSON.stringify(pkg, null, 2));
+            console.log("✓ Added Tailwind CSS support");
+        }
+    }
+    catch {
+        console.error("Failed to setup Tailwind CSS. Run 'npm install -D tailwindcss postcss autoprefixer' manually.");
+    }
+}
 /**
  * Recursively copy a directory.
  */

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@erwininteractive/mvc",
-  "version": "0.6.3",
+  "version": "0.6.7",
   "description": "A lightweight, full-featured MVC framework for Node.js with Express, Prisma, and EJS",
   "main": "dist/framework/index.js",
   "types": "dist/framework/index.d.ts",
@@ -52,7 +52,8 @@
     "helmet": "^8.0.0",
     "jsonwebtoken": "^9.0.2",
     "prisma": "^6.0.0",
-    "redis": "^4.7.0"
+    "redis": "^4.7.0",
+    "zod": "^3.23.8"
   },
   "devDependencies": {
     "@types/bcryptjs": "^2.4.6",

package/templates/appScaffold/package.json

@@ -12,11 +12,13 @@
     "db:push": "prisma db push"
   },
   "dependencies": {
-    "@erwininteractive/mvc": "^0.4.0",
-    "cookie-parser": "^1.4.6"
+    "@erwininteractive/mvc": "^0.6.0",
+    "cookie-parser": "^1.4.6",
+    "zod": "^3.23.8"
   },
   "devDependencies": {
     "@types/cookie-parser": "^1.4.7",
+    "@types/ejs": "^3.1.5",
     "@types/express": "^5.0.0",
     "@types/node": "^22.7.5",
     "tsx": "^4.19.1",

package/templates/appScaffold/postcss.config.cjs

@@ -0,0 +1,9 @@
+/** @type {import('postcss-load-config').Config} */
+const config = {
+  plugins: {
+    tailwindcss: {},
+    autoprefixer: {},
+  },
+};
+
+export default config;

package/templates/appScaffold/src/assets/tailwind.css

@@ -0,0 +1,3 @@
+@tailwind base;
+@tailwind components;
+@tailwind utilities;

package/templates/appScaffold/tailwind.config.cjs

@@ -0,0 +1,23 @@
+/** @type {import('tailwindcss').Config} */
+module.exports = {
+  content: ["./src/**/*.{js,ts,tsx}"],
+  theme: {
+    extend: {
+      colors: {
+        primary: {
+          50: '#f0f9ff',
+          100: '#e0f2fe',
+          200: '#bae6fd',
+          300: '#7dd3fc',
+          400: '#38bdf8',
+          500: '#0ea5e9',
+          600: '#0284c7',
+          700: '#0369a1',
+          800: '#075985',
+          900: '#0c4a6e',
+        },
+      },
+    },
+  },
+  plugins: [],
+};

package/templates/auth/authController.ts.ejs

@@ -0,0 +1,117 @@
+import { Request, Response } from "express";
+import { hashPassword, verifyPassword, signToken, verifyToken } from "@erwininteractive/mvc";
+import { getPrismaClient } from "@erwininteractive/mvc";
+
+const prisma = getPrismaClient();
+
+export async function showLogin(req: Request, res: Response) {
+  res.render("auth/login", { title: "Login" });
+}
+
+export async function showRegister(req: Request, res: Response) {
+  res.render("auth/register", { title: "Register" });
+}
+
+export async function login(req: Request, res: Response) {
+  const { email, password } = req.body;
+
+  try {
+    const user = await prisma.user.findUnique({
+      where: { email }
+    });
+
+    if (!user) {
+      return res.render("auth/login", {
+        title: "Login",
+        error: "Invalid email or password"
+      });
+    }
+
+    const isValid = await verifyPassword(password, user.hashedPassword);
+    if (!isValid) {
+      return res.render("auth/login", {
+        title: "Login",
+        error: "Invalid email or password"
+      });
+    }
+
+    const token = signToken({ userId: user.id, email: user.email });
+    res.cookie("token", token, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+      maxAge: 1000 * 60 * 60 * 24 // 24 hours
+    });
+
+    res.redirect("/");
+  } catch (err) {
+    console.error("Login error:", err);
+    res.render("auth/login", {
+      title: "Login",
+      error: "An error occurred during login"
+    });
+  }
+}
+
+export async function register(req: Request, res: Response) {
+  const { email, password, confirmPassword } = req.body;
+
+  if (password !== confirmPassword) {
+    return res.render("auth/register", {
+      title: "Register",
+      error: "Passwords do not match"
+    });
+  }
+
+  try {
+    const existingUser = await prisma.user.findUnique({
+      where: { email }
+    });
+
+    if (existingUser) {
+      return res.render("auth/register", {
+        title: "Register",
+        error: "Email already in use"
+      });
+    }
+
+    const hashedPassword = await hashPassword(password);
+
+    await prisma.user.create({
+      data: {
+        email,
+        hashedPassword,
+        role: "user"
+      }
+    });
+
+    res.redirect("/login");
+  } catch (err) {
+    console.error("Registration error:", err);
+    res.render("auth/register", {
+      title: "Register",
+      error: "An error occurred during registration"
+    });
+  }
+}
+
+export async function logout(req: Request, res: Response) {
+  res.clearCookie("token");
+  res.redirect("/login");
+}
+
+export async function requireAuth(req: Request, res: Response, next: any) {
+  const token = req.cookies?.token || req.headers.authorization?.split(" ")[1];
+
+  if (!token) {
+    return res.redirect("/login");
+  }
+
+  try {
+    const decoded = verifyToken(token);
+    req.user = decoded;
+    next();
+  } catch {
+    res.clearCookie("token");
+    res.redirect("/login");
+  }
+}