@kevinmarrec/create-app 0.6.7 → 0.8.0

package/template/server/src/utils/cors.ts

@@ -0,0 +1,26 @@
+export function cors(handler: (req: Request) => Promise<Response>) {
+  const allowedOrigins = import.meta.env.ALLOWED_ORIGINS.split(',')
+
+  return async (req: Request) => {
+    const origin = req.headers.get('origin') ?? ''
+
+    if (!origin || !allowedOrigins.includes(origin)) {
+      return new Response('Origin not allowed', { status: 403 })
+    }
+
+    const response = req.method === 'OPTIONS'
+      ? new Response(undefined, { status: 204 })
+      : await handler(req)
+
+    if (req.method === 'OPTIONS') {
+      response.headers.append('Access-Control-Allow-Headers', 'Content-Type')
+      response.headers.append('Access-Control-Allow-Methods', 'GET, HEAD, PUT, POST, DELETE, PATCH')
+      response.headers.append('Access-Control-Max-Age', '7200') // 2 hours https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Access-Control-Max-Age
+    }
+
+    response.headers.append('Access-Control-Allow-Credentials', 'true')
+    response.headers.append('Access-Control-Allow-Origin', origin)
+
+    return response
+  }
+}

package/template/tsconfig.json

@@ -2,8 +2,8 @@
   "extends": "@kevinmarrec/tsconfig",
   "compilerOptions": {
     "paths": {
-      "@backend/*": ["./backend/src/*"],
-      "@frontend/*": ["./frontend/src/*"]
+      "@client/*": ["./client/src/*"],
+      "@server/*": ["./server/src/*"]
     }
   },
   "exclude": ["**/dist/**"]

package/template/backend/.env.development

@@ -1,4 +0,0 @@
-BETTER_AUTH_SECRET=foo
-BETTER_AUTH_URL=http://localhost:5137
-DATABASE_URL=dev.db
-NODE_ENV=development

package/template/backend/src/database/index.ts

@@ -1,23 +0,0 @@
-import { logger } from '@backend/utils/logger'
-import { drizzle } from 'drizzle-orm/bun-sqlite'
-
-import * as schema from './schema'
-
-export const db = drizzle(import.meta.env.DATABASE_URL, {
-  casing: 'snake_case',
-  schema,
-  logger: {
-    logQuery: (query, params) => {
-      let msg = `[SQL] ${query}`
-      msg += params.length ? ` [${params}]` : ''
-      logger.debug(msg)
-    },
-  },
-})
-
-db.run('PRAGMA journal_mode = WAL')
-db.run('PRAGMA journal_size_limit = 6144000')
-db.run('PRAGMA synchronous = NORMAL')
-db.run('PRAGMA foreign_keys = ON')
-
-export type Database = typeof db

package/template/backend/src/database/migrations/0000_fluffy_salo.sql

@@ -1,49 +0,0 @@
-CREATE TABLE `users` (
-	`id` text PRIMARY KEY NOT NULL,
-	`name` text NOT NULL,
-	`email` text NOT NULL,
-	`email_verified` integer DEFAULT false NOT NULL,
-	`image` text,
-	`created_at` integer NOT NULL,
-	`updated_at` integer NOT NULL
-);
---> statement-breakpoint
-CREATE UNIQUE INDEX `users_email_unique` ON `users` (`email`);--> statement-breakpoint
-CREATE TABLE `sessions` (
-	`id` text PRIMARY KEY NOT NULL,
-	`user_id` text NOT NULL,
-	`token` text NOT NULL,
-	`expires_at` integer NOT NULL,
-	`ip_address` text,
-	`user_agent` text,
-	`created_at` integer NOT NULL,
-	`updated_at` integer NOT NULL,
-	FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON UPDATE no action ON DELETE cascade
-);
---> statement-breakpoint
-CREATE UNIQUE INDEX `sessions_token_unique` ON `sessions` (`token`);--> statement-breakpoint
-CREATE TABLE `accounts` (
-	`id` text PRIMARY KEY NOT NULL,
-	`user_id` text NOT NULL,
-	`account_id` text NOT NULL,
-	`provider_id` text NOT NULL,
-	`access_token` text,
-	`refresh_token` text,
-	`access_token_expires_at` integer,
-	`refresh_token_expires_at` integer,
-	`scope` text,
-	`id_token` text,
-	`password` text,
-	`created_at` integer NOT NULL,
-	`updated_at` integer NOT NULL,
-	FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON UPDATE no action ON DELETE cascade
-);
---> statement-breakpoint
-CREATE TABLE `verifications` (
-	`id` text PRIMARY KEY NOT NULL,
-	`identifier` text NOT NULL,
-	`value` text NOT NULL,
-	`expires_at` integer NOT NULL,
-	`created_at` integer NOT NULL,
-	`updated_at` integer NOT NULL
-);

package/template/backend/src/database/migrations/meta/_journal.json

@@ -1,13 +0,0 @@
-{
-  "version": "7",
-  "dialect": "sqlite",
-  "entries": [
-    {
-      "idx": 0,
-      "version": "6",
-      "when": 1760742831459,
-      "tag": "0000_fluffy_salo",
-      "breakpoints": true
-    }
-  ]
-}

package/template/backend/src/database/schema/accounts.ts

@@ -1,20 +0,0 @@
-import { sqliteTable } from 'drizzle-orm/sqlite-core'
-
-import { users } from './users'
-
-// https://www.better-auth.com/docs/concepts/database#account
-export const accounts = sqliteTable('accounts', t => ({
-  id: t.text().primaryKey(),
-  userId: t.text().notNull().references(() => users.id, { onDelete: 'cascade' }),
-  accountId: t.text().notNull(),
-  providerId: t.text().notNull(),
-  accessToken: t.text(),
-  refreshToken: t.text(),
-  accessTokenExpiresAt: t.integer({ mode: 'timestamp' }),
-  refreshTokenExpiresAt: t.integer({ mode: 'timestamp' }),
-  scope: t.text(),
-  idToken: t.text(),
-  password: t.text(),
-  createdAt: t.integer({ mode: 'timestamp' }).notNull().$defaultFn(() => new Date()),
-  updatedAt: t.integer({ mode: 'timestamp' }).notNull().$defaultFn(() => new Date()).$onUpdate(() => new Date()),
-}))

package/template/backend/src/database/schema/sessions.ts

@@ -1,15 +0,0 @@
-import { sqliteTable } from 'drizzle-orm/sqlite-core'
-
-import { users } from './users'
-
-// https://www.better-auth.com/docs/concepts/database#session
-export const sessions = sqliteTable('sessions', t => ({
-  id: t.text().primaryKey(),
-  userId: t.text().notNull().references(() => users.id, { onDelete: 'cascade' }),
-  token: t.text().notNull().unique(),
-  expiresAt: t.integer({ mode: 'timestamp' }).notNull(),
-  ipAddress: t.text(),
-  userAgent: t.text(),
-  createdAt: t.integer({ mode: 'timestamp' }).notNull().$defaultFn(() => new Date()),
-  updatedAt: t.integer({ mode: 'timestamp' }).notNull().$defaultFn(() => new Date()).$onUpdate(() => new Date()),
-}))

package/template/backend/src/database/schema/users.ts

@@ -1,12 +0,0 @@
-import { sqliteTable } from 'drizzle-orm/sqlite-core'
-
-// https://www.better-auth.com/docs/concepts/database#user
-export const users = sqliteTable('users', t => ({
-  id: t.text().primaryKey(),
-  name: t.text().notNull(),
-  email: t.text().notNull().unique(),
-  emailVerified: t.integer({ mode: 'boolean' }).notNull().default(false),
-  image: t.text(),
-  createdAt: t.integer({ mode: 'timestamp' }).notNull().$defaultFn(() => new Date()),
-  updatedAt: t.integer({ mode: 'timestamp' }).notNull().$defaultFn(() => new Date()).$onUpdate(() => new Date()),
-}))

package/template/backend/src/database/schema/verifications.ts

@@ -1,11 +0,0 @@
-import { sqliteTable } from 'drizzle-orm/sqlite-core'
-
-// https://www.better-auth.com/docs/concepts/database#verification
-export const verifications = sqliteTable('verifications', t => ({
-  id: t.text().primaryKey(),
-  identifier: t.text().notNull(),
-  value: t.text().notNull(),
-  expiresAt: t.integer({ mode: 'timestamp' }).notNull(),
-  createdAt: t.integer({ mode: 'timestamp' }).notNull().$defaultFn(() => new Date()),
-  updatedAt: t.integer({ mode: 'timestamp' }).notNull().$defaultFn(() => new Date()).$onUpdate(() => new Date()),
-}))

package/template/backend/src/orpc/index.ts

@@ -1,65 +0,0 @@
-import type { Auth } from '@backend/auth'
-import type { Database } from '@backend/database'
-import { requiredAuthMiddleware } from '@backend/orpc/middlewares'
-import type { Logger } from '@backend/utils/logger'
-import { onError, ORPCError, os, type Router } from '@orpc/server'
-import { RPCHandler } from '@orpc/server/fetch'
-import {
-  CORSPlugin,
-  RequestHeadersPlugin,
-  type RequestHeadersPluginContext,
-  ResponseHeadersPlugin,
-  type ResponseHeadersPluginContext,
-} from '@orpc/server/plugins'
-import { APIError } from 'better-auth/api'
-
-/* Context */
-
-export interface Context extends RequestHeadersPluginContext, ResponseHeadersPluginContext {
-  auth: Auth
-  db: Database
-  logger: Logger
-}
-
-/* RPC Handler */
-
-export function createRpcHandler<T extends Context>(router: Router<any, T>) {
-  return new RPCHandler<T>(router, {
-    plugins: [
-      new CORSPlugin({
-        credentials: true,
-        maxAge: 7200, // 2 hours https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Access-Control-Max-Age
-      }),
-      new RequestHeadersPlugin(),
-      new ResponseHeadersPlugin(),
-    ],
-    clientInterceptors: [
-      onError((error, { context }) => {
-        if (error instanceof APIError) {
-          throw new ORPCError(error.body?.code ?? 'INTERNAL_SERVER_ERROR', {
-            status: error.statusCode,
-            message: error.body?.message,
-          })
-        }
-
-        if (error instanceof ORPCError) {
-          throw error
-        }
-
-        context.logger.error(error)
-      }),
-    ],
-  })
-}
-
-/* Builder */
-
-export const pub = os
-  .$context<Context>()
-  .errors({
-    UNAUTHORIZED: { status: 401 },
-  })
-
-/** @beta */
-export const authed = pub
-  .use(requiredAuthMiddleware)

package/template/backend/src/orpc/middlewares/auth.ts

@@ -1,33 +0,0 @@
-import type { Context } from '@backend/orpc'
-import { ORPCError, os } from '@orpc/server'
-
-export const authMiddleware = os
-  .$context<Context>()
-  .middleware(async ({ context, next }) => {
-    const { headers, response: session } = await context.auth.api.getSession({
-      headers: context.reqHeaders ?? new Headers(),
-      returnHeaders: true,
-    })
-
-    headers.forEach((v, k) => context.resHeaders?.append(k, v))
-
-    return next({
-      context: {
-        user: session ? session.user : null,
-      },
-    })
-  })
-
-export const requiredAuthMiddleware = authMiddleware
-  .concat(async ({ context, next }) => {
-    if (!context.user) {
-      throw new ORPCError('UNAUTHORIZED')
-    }
-
-    return next({
-      context: {
-        user: context.user,
-      },
-    })
-  },
-  )

package/template/backend/src/orpc/router/auth.ts

@@ -1,54 +0,0 @@
-import { pub } from '@backend/orpc'
-import { authMiddleware } from '@backend/orpc/middlewares'
-import * as v from 'valibot'
-
-export const getCurrentUser = pub
-  .use(authMiddleware)
-  .handler(async ({ context }) => context.user)
-
-export const signUp = pub
-  .input(v.object({
-    name: v.string(),
-    email: v.pipe(v.string(), v.email()),
-    password: v.string(),
-    rememberMe: v.optional(v.boolean(), true),
-  }))
-  .handler(async ({ input, context: { resHeaders, auth } }) => {
-    const { headers, response } = await auth.api.signUpEmail({
-      body: input,
-      returnHeaders: true,
-    })
-
-    headers.forEach((v, k) => resHeaders?.append(k, v))
-
-    return response.user
-  })
-
-export const signIn = pub
-  .input(v.object({
-    email: v.pipe(v.string(), v.email()),
-    password: v.string(),
-    rememberMe: v.optional(v.boolean(), true),
-  }))
-  .handler(async ({ input, context: { resHeaders, auth } }) => {
-    const { headers, response } = await auth.api.signInEmail({
-      body: input,
-      returnHeaders: true,
-    })
-
-    headers.forEach((v, k) => resHeaders?.append(k, v))
-
-    return response.user
-  })
-
-export const signOut = pub
-  .handler(async ({ context: { auth, reqHeaders, resHeaders } }) => {
-    const { headers, response } = await auth.api.signOut({
-      headers: reqHeaders ?? new Headers(),
-      returnHeaders: true,
-    })
-
-    headers.forEach((v, k) => resHeaders?.append(k, v))
-
-    return response
-  })

package/template/backend/src/orpc/router/index.ts

@@ -1,9 +0,0 @@
-import * as auth from './auth'
-
-export type { RouterClient } from '@orpc/server'
-
-export const router = {
-  auth,
-}
-
-export type Router = typeof router

package/template/frontend/.env.development

@@ -1 +0,0 @@
-VITE_API_URL=http://localhost:4000/rpc

package/template/frontend/src/composables/auth.ts

@@ -1,31 +0,0 @@
-import { orpc } from '@frontend/lib/orpc'
-import { useMutation, useQuery, useQueryClient } from '@tanstack/vue-query'
-
-export function useAuth() {
-  const qc = useQueryClient()
-
-  const { data: user } = useQuery(orpc.auth.getCurrentUser.queryOptions({
-    retry: false,
-  }))
-
-  const signUp = useMutation(orpc.auth.signUp.mutationOptions({
-    onSuccess: () => qc.invalidateQueries({ queryKey: orpc.auth.getCurrentUser.queryKey() }),
-  }))
-
-  const signIn = useMutation(orpc.auth.signIn.mutationOptions({
-    onSuccess: () => qc.invalidateQueries({ queryKey: orpc.auth.getCurrentUser.queryKey() }),
-  }))
-
-  const signOut = useMutation(orpc.auth.signOut.mutationOptions({
-    onSuccess: () => {
-      qc.setQueryData<null>(orpc.auth.getCurrentUser.queryKey(), null)
-    },
-  }))
-
-  return {
-    user,
-    signUp,
-    signIn,
-    signOut,
-  }
-}

package/template/scripts/dev.ts

@@ -1,8 +0,0 @@
-import concurrently, { type ConcurrentlyCommandInput } from 'concurrently'
-
-const commandInputs: ConcurrentlyCommandInput[] = [
-  { name: 'backend', command: `bun --cwd backend dev | pino-pretty`, prefixColor: 'blue' },
-  { name: 'frontend', command: `bun --cwd frontend dev`, prefixColor: 'green' },
-]
-
-concurrently(commandInputs)