@ifecodes/backend-template 1.1.9 → 1.4.0

package/template/features/auth/models/user.model.ts

@@ -1,28 +1,28 @@
-import { Schema, model, Document } from "mongoose";
-
-export interface IUser extends Document {
-  email: string;
-  password: string;
-  fullName: string;
-}
-
-const userSchema = new Schema<IUser>(
-  {
-    email: {
-      type: String,
-      required: true,
-      unique: true,
-    },
-    password: {
-      type: String,
-      required: true,
-    },
-    fullName: {
-      type: String,
-      required: true,
-    },
-  },
-  { timestamps: true },
-);
-
-export const UserModel = model<IUser>("User", userSchema);
+import { Schema, model, Document } from "mongoose";
+
+export interface IUser extends Document {
+  email: string;
+  password: string;
+  fullName: string;
+}
+
+const userSchema = new Schema<IUser>(
+  {
+    email: {
+      type: String,
+      required: true,
+      unique: true,
+    },
+    password: {
+      type: String,
+      required: true,
+    },
+    fullName: {
+      type: String,
+      required: true,
+    },
+  },
+  { timestamps: true }
+);
+
+export const UserModel = model<IUser>("User", userSchema);

package/template/features/auth/modules/auth.controller.js

@@ -1,21 +1,21 @@
-const { loginService, registerService } = require("./auth.service");
-
-async function login(req, res, next) {
-  try {
-    const token = await loginService(req.body);
-    return res.status(200).json({ token });
-  } catch (err) {
-    return next(err);
-  }
-}
-
-async function register(req, res, next) {
-  try {
-    const token = await registerService(req.body);
-    return res.status(201).json({ token });
-  } catch (err) {
-    return next(err);
-  }
-}
-
-module.exports = { login, register };
+const { loginService, registerService } = require("./auth.service");
+
+async function login(req, res, next) {
+  try {
+    const token = await loginService(req.body);
+    return res.status(200).json({ token });
+  } catch (err) {
+    return next(err);
+  }
+}
+
+async function register(req, res, next) {
+  try {
+    const token = await registerService(req.body);
+    return res.status(201).json({ token });
+  } catch (err) {
+    return next(err);
+  }
+}
+
+module.exports = { login, register };

package/template/features/auth/modules/auth.controller.ts

@@ -1,20 +1,28 @@
-import { Request, Response, NextFunction } from "express";
-import { loginService, registerService } from "./auth.service";
-
-export const login = async (req: Request, res: Response, next: NextFunction) => {
-  try {
-    const token = await loginService(req.body);
-    return res.status(200).json({ token });
-  } catch (err) {
-    return next(err);
-  }
-};
-
-export const register = async (req: Request, res: Response, next: NextFunction) => {
-  try {
-    const token = await registerService(req.body);
-    return res.status(201).json({ token });
-  } catch (err) {
-    return next(err);
-  }
-};
+import { Request, Response, NextFunction } from "express";
+import { loginService, registerService } from "./auth.service";
+
+export const login = async (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  try {
+    const token = await loginService(req.body);
+    return res.status(200).json({ token });
+  } catch (err) {
+    return next(err);
+  }
+};
+
+export const register = async (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  try {
+    const token = await registerService(req.body);
+    return res.status(201).json({ token });
+  } catch (err) {
+    return next(err);
+  }
+};

package/template/features/auth/modules/auth.routes.js

@@ -1,10 +1,89 @@
-const { Router } = require("express");
-const { register, login } = require("./auth.controller");
-const { methodNotAllowedHandler } = require("../../../middlewares");
-
-const router = Router();
-router.use(methodNotAllowedHandler(["POST"]));
-router.post("/login", login);
-router.post("/register", register);
-
-module.exports = router;
+const { Router } = require("express");
+const { register, login } = require("./auth.controller");
+const {
+  methodNotAllowedHandler,
+  validateRequest,
+} = require("../../../middlewares");
+const { z } = require("zod");
+const { routeRegistry } = require("../../../docs");
+
+const router = Router();
+
+// Define request schemas for validation
+const registerSchema = z
+  .object({
+    username: z.string().min(3, "Username must be at least 3 characters"),
+    password: z.string().min(6, "Password must be at least 6 characters"),
+  })
+  .strict();
+
+const loginSchema = z
+  .object({
+    username: z.string().min(1, "Username is required"),
+    password: z.string().min(1, "Password is required"),
+  })
+  .strict();
+
+// Register route docs for auto OpenAPI generation
+routeRegistry.register({
+  method: "POST",
+  path: "/api/v1/auth/login",
+  handler: login,
+  docs: {
+    tags: ["Auth"],
+    summary: "User login",
+    requestBody: {
+      required: true,
+      content: {
+        "application/json": {
+          schema: {
+            type: "object",
+            properties: {
+              username: { type: "string" },
+              password: { type: "string" },
+            },
+          },
+        },
+      },
+    },
+    responses: {
+      200: { description: "Successful login" },
+      400: { description: "Invalid request" },
+      401: { description: "Unauthorized" },
+    },
+  },
+});
+
+routeRegistry.register({
+  method: "POST",
+  path: "/api/v1/auth/register",
+  handler: register,
+  docs: {
+    tags: ["Auth"],
+    summary: "Register new user",
+    requestBody: {
+      required: true,
+      content: {
+        "application/json": {
+          schema: {
+            type: "object",
+            properties: {
+              username: { type: "string" },
+              password: { type: "string" },
+            },
+          },
+        },
+      },
+    },
+    responses: {
+      201: { description: "User created" },
+      400: { description: "Invalid request" },
+    },
+  },
+});
+
+router.use(methodNotAllowedHandler(["POST"]));
+router.post("/login", validateRequest({ body: loginSchema }), login);
+router.post("/register", validateRequest({ body: registerSchema }), register);
+
+module.exports = router;

package/template/features/auth/modules/auth.routes.ts

@@ -1,11 +1,86 @@
-import { Router } from "express";
-import { register, login } from "./auth.controller";
-import { methodNotAllowedHandler } from "@/middlewares";
-
-const router = Router();
-router.use(methodNotAllowedHandler(["POST"]));
-router.post("/login", login);
-router.post("/register", register);
-
-export default router;
-
+import { Router } from "express";
+import { register, login } from "./auth.controller";
+import { methodNotAllowedHandler, validateRequest } from "@/middlewares";
+import { z } from "zod";
+import { routeRegistry } from "@/docs";
+
+const router = Router();
+
+// Define request schemas for validation
+const registerSchema = z
+  .object({
+    username: z.string().min(3, "Username must be at least 3 characters"),
+    password: z.string().min(6, "Password must be at least 6 characters"),
+  })
+  .strict();
+
+const loginSchema = z
+  .object({
+    username: z.string().min(1, "Username is required"),
+    password: z.string().min(1, "Password is required"),
+  })
+  .strict();
+
+router.use(methodNotAllowedHandler(["POST"]));
+// Register route docs for auto OpenAPI generation
+routeRegistry.register({
+  method: "POST",
+  path: "/api/v1/auth/login",
+  handler: login,
+  docs: {
+    tags: ["Auth"],
+    summary: "User login",
+    requestBody: {
+      required: true,
+      content: {
+        "application/json": {
+          schema: {
+            type: "object",
+            properties: {
+              username: { type: "string" },
+              password: { type: "string" },
+            },
+          },
+        },
+      },
+    },
+    responses: {
+      200: { description: "Successful login" },
+      400: { description: "Invalid request" },
+      401: { description: "Unauthorized" },
+    },
+  },
+});
+
+routeRegistry.register({
+  method: "POST",
+  path: "/api/v1/auth/register",
+  handler: register,
+  docs: {
+    tags: ["Auth"],
+    summary: "Register new user",
+    requestBody: {
+      required: true,
+      content: {
+        "application/json": {
+          schema: {
+            type: "object",
+            properties: {
+              username: { type: "string" },
+              password: { type: "string" },
+            },
+          },
+        },
+      },
+    },
+    responses: {
+      201: { description: "User created" },
+      400: { description: "Invalid request" },
+    },
+  },
+});
+
+router.post("/login", validateRequest({ body: loginSchema }), login);
+router.post("/register", validateRequest({ body: registerSchema }), register);
+
+export default router;

package/template/features/auth/modules/auth.service.js

@@ -1,29 +1,29 @@
-const { generateToken } = require("../../../utils/jwt");
-const { UserModel } = require("../../../models/user.model");
-const { hashPassword, verifyPassword } = require("../../../utils/hash");
-const {
-  UnauthorizedError,
-  ConflictError,
-} = require("../../../utils/http-error");
-
-async function loginService({ email, password }) {
-  const user = await UserModel.findOne({ email }).exec();
-  if (!user) throw new UnauthorizedError("User not found");
-
-  const match = await verifyPassword(user.password, password);
-  if (!match) throw new UnauthorizedError("Invalid credentials");
-
-  return generateToken({ email: user.email });
-}
-
-async function registerService({ email, password, fullName }) {
-  const exists = await UserModel.findOne({ email }).exec();
-  if (exists) throw new ConflictError("Email already registered");
-
-  const hashed = await hashPassword(password);
-  const user = await UserModel.create({ email, password: hashed, fullName });
-
-  return generateToken({ email: user.email });
-}
-
-module.exports = { loginService, registerService };
+const { generateToken } = require("../../../utils/jwt");
+const { UserModel } = require("../../../models/user.model");
+const { hashPassword, verifyPassword } = require("../../../utils/hash");
+const {
+  UnauthorizedError,
+  ConflictError,
+} = require("../../../utils/http-error");
+
+async function loginService({ email, password }) {
+  const user = await UserModel.findOne({ email }).exec();
+  if (!user) throw new UnauthorizedError("User not found");
+
+  const match = await verifyPassword(user.password, password);
+  if (!match) throw new UnauthorizedError("Invalid credentials");
+
+  return generateToken({ email: user.email });
+}
+
+async function registerService({ email, password, fullName }) {
+  const exists = await UserModel.findOne({ email }).exec();
+  if (exists) throw new ConflictError("Email already registered");
+
+  const hashed = await hashPassword(password);
+  const user = await UserModel.create({ email, password: hashed, fullName });
+
+  return generateToken({ email: user.email });
+}
+
+module.exports = { loginService, registerService };

package/template/features/auth/modules/auth.service.ts

@@ -1,38 +1,38 @@
-import { generateToken } from "@/utils";
-import { UserModel } from "@/models/user.model";
-import { hashPassword, verifyPassword } from "@/utils";
-import { UnauthorizedError, ConflictError } from "@/utils";
-
-export const loginService = async ({
-  email,
-  password,
-}: {
-  email: string;
-  password: string;
-}) => {
-  const user = await UserModel.findOne({ email }).exec();
-  if (!user) throw new UnauthorizedError("User not found");
-
-  const match = await verifyPassword(user.password, password);
-  if (!match) throw new UnauthorizedError("Invalid credentials");
-
-  return generateToken({ email: user.email });
-};
-
-export const registerService = async ({
-  email,
-  password,
-  fullName,
-}: {
-  email: string;
-  password: string;
-  fullName: string;
-}) => {
-  const exists = await UserModel.findOne({ email }).exec();
-  if (exists) throw new ConflictError("Email already registered");
-
-  const hashed = await hashPassword(password);
-  const user = await UserModel.create({ email, password: hashed, fullName });
-
-  return generateToken({ email: user.email });
-};
+import { generateToken } from "@/utils";
+import { UserModel } from "@/models/user.model";
+import { hashPassword, verifyPassword } from "@/utils";
+import { UnauthorizedError, ConflictError } from "@/utils";
+
+export const loginService = async ({
+  email,
+  password,
+}: {
+  email: string;
+  password: string;
+}) => {
+  const user = await UserModel.findOne({ email }).exec();
+  if (!user) throw new UnauthorizedError("User not found");
+
+  const match = await verifyPassword(user.password, password);
+  if (!match) throw new UnauthorizedError("Invalid credentials");
+
+  return generateToken({ email: user.email });
+};
+
+export const registerService = async ({
+  email,
+  password,
+  fullName,
+}: {
+  email: string;
+  password: string;
+  fullName: string;
+}) => {
+  const exists = await UserModel.findOne({ email }).exec();
+  if (exists) throw new ConflictError("Email already registered");
+
+  const hashed = await hashPassword(password);
+  const user = await UserModel.create({ email, password: hashed, fullName });
+
+  return generateToken({ email: user.email });
+};

package/template/features/auth/modules/index.js

@@ -1 +1 @@
-module.exports = { authRoutes: require("./auth.routes") };
+module.exports = { authRoutes: require("./auth.routes") };

package/template/features/auth/modules/index.ts

@@ -1 +1 @@
-export { default as authRoutes } from "./auth.routes";
+export { default as authRoutes } from "./auth.routes";

package/template/features/auth/utils/hash.ts

@@ -1,20 +1,20 @@
-/**
- * This base hash utility defines generic hashing function signatures.
- * The actual implementation will be replaced by bcrypt or argon2 depending
- * on user selection during template generation.
- */
-
-export async function hashPassword(_password: string): Promise<string> {
-  throw new Error(
-    "hashPassword() not implemented — hashing method not selected (bcrypt or argon2)"
-  );
-}
-
-export async function verifyPassword(
-  _hashed: string,
-  _password: string
-): Promise<boolean> {
-  throw new Error(
-    "verifyPassword() not implemented — hashing method not selected (bcrypt or argon2)"
-  );
-}
+/**
+ * This base hash utility defines generic hashing function signatures.
+ * The actual implementation will be replaced by bcrypt or argon2 depending
+ * on user selection during template generation.
+ */
+
+export async function hashPassword(_password: string): Promise<string> {
+  throw new Error(
+    "hashPassword() not implemented — hashing method not selected (bcrypt or argon2)"
+  );
+}
+
+export async function verifyPassword(
+  _hashed: string,
+  _password: string
+): Promise<boolean> {
+  throw new Error(
+    "verifyPassword() not implemented — hashing method not selected (bcrypt or argon2)"
+  );
+}

package/template/features/auth/utils/jwt.js

@@ -1,12 +1,12 @@
-const jwt = require("jsonwebtoken");
-const { ENV } = require("../config");
-
-async function generateToken(payload) {
-  return jwt.sign(payload, ENV.JWT_SECRET, { expiresIn: "7d" });
-}
-
-function verifyToken(token) {
-  return jwt.verify(token, ENV.JWT_SECRET);
-}
-
-module.exports = { generateToken, verifyToken };
+const jwt = require("jsonwebtoken");
+const { ENV } = require("../config");
+
+async function generateToken(payload) {
+  return jwt.sign(payload, ENV.JWT_SECRET, { expiresIn: "7d" });
+}
+
+function verifyToken(token) {
+  return jwt.verify(token, ENV.JWT_SECRET);
+}
+
+module.exports = { generateToken, verifyToken };

package/template/features/auth/utils/jwt.ts

@@ -1,15 +1,15 @@
-import jwt from "jsonwebtoken";
-import { ENV } from "@/config";
-
-// JwtPayload mirrors the global JwtPayload declared in `src/types/express.d.ts`.
-export type JwtPayload = {
-  email?: string;
-  iat?: number;
-  exp?: number;
-};
-
-export const generateToken = (payload: JwtPayload) =>
-  jwt.sign(payload, ENV.JWT_SECRET, { expiresIn: "7d" });
-
-export const verifyToken = (token: string): JwtPayload =>
-  jwt.verify(token, ENV.JWT_SECRET) as JwtPayload;
+import jwt from "jsonwebtoken";
+import { ENV } from "@/config";
+
+// JwtPayload mirrors the global JwtPayload declared in `src/types/express.d.ts`.
+export type JwtPayload = {
+  email?: string;
+  iat?: number;
+  exp?: number;
+};
+
+export const generateToken = (payload: JwtPayload) =>
+  jwt.sign(payload, ENV.JWT_SECRET, { expiresIn: "7d" });
+
+export const verifyToken = (token: string): JwtPayload =>
+  jwt.verify(token, ENV.JWT_SECRET) as JwtPayload;

package/template/features/cors/inject.js

@@ -1,13 +1,14 @@
-export const deps = ["cors"];
-export const devDeps = ["@types/cors"];
-export const getImports = (language) => language === "javascript" 
-  ? `const cors = require("cors");\nconst { ENV } = require("./config");`
-  : `import cors from "cors";\nimport { ENV } from "@/config";`;
-export const imports = getImports("typescript");
-export const middleware = `
-const corsOptions = {
-  origin: ENV.ALLOWED_ORIGIN,
-  credentials: true,
-};
-
-app.use(cors(corsOptions));`;
+export const deps = ["cors"];
+export const devDeps = ["@types/cors"];
+export const getImports = (language) =>
+  language === "javascript"
+    ? `const cors = require("cors");\nconst { ENV } = require("./config");`
+    : `import cors from "cors";\nimport { ENV } from "@/config";`;
+export const imports = getImports("typescript");
+export const middleware = `
+const corsOptions = {
+  origin: ENV.ALLOWED_ORIGIN,
+  credentials: true,
+};
+
+app.use(cors(corsOptions));`;

package/template/features/helmet/inject.js

@@ -1,6 +1,7 @@
-export const deps = ["helmet"];
-export const getImports = (language) => language === "javascript"
-  ? `const helmet = require("helmet");`
-  : `import helmet from "helmet";`;
-export const imports = getImports("typescript");
-export const middleware = `app.use(helmet());`;
+export const deps = ["helmet"];
+export const getImports = (language) =>
+  language === "javascript"
+    ? `const helmet = require("helmet");`
+    : `import helmet from "helmet";`;
+export const imports = getImports("typescript");
+export const middleware = `app.use(helmet());`;

package/template/features/morgan/inject.js

@@ -1,7 +1,8 @@
-export const deps = ["morgan"];
-export const devDeps = ["@types/morgan"];
-export const getImports = (language) => language === "javascript"
-  ? `const morgan = require("morgan");`
-  : `import morgan from "morgan";`;
-export const imports = getImports("typescript");
-export const middleware = `app.use(morgan("dev"));`;
+export const deps = ["morgan"];
+export const devDeps = ["@types/morgan"];
+export const getImports = (language) =>
+  language === "javascript"
+    ? `const morgan = require("morgan");`
+    : `import morgan from "morgan";`;
+export const imports = getImports("typescript");
+export const middleware = `app.use(morgan("dev"));`;