@l4yercak3/cli 1.3.2 → 2.0.0-alpha.0

package/src/generators/api-only/webhooks.js

@@ -1,377 +0,0 @@
-/**
- * Webhooks Generator
- * Generates webhook handling utilities for the L4YERCAK3 API
- */
-
-const fs = require('fs');
-const path = require('path');
-const { ensureDir, writeFileWithBackup, checkFileOverwrite } = require('../../utils/file-utils');
-
-class WebhooksGenerator {
-  /**
-   * Generate the webhooks utility file
-   * @param {Object} options - Generation options
-   * @returns {Promise<string|null>} - Path to generated file or null if skipped
-   */
-  async generate(options) {
-    const { projectPath, isTypeScript } = options;
-
-    // Determine output directory
-    let outputDir;
-    if (fs.existsSync(path.join(projectPath, 'src'))) {
-      outputDir = path.join(projectPath, 'src', 'lib', 'l4yercak3');
-    } else {
-      outputDir = path.join(projectPath, 'lib', 'l4yercak3');
-    }
-
-    ensureDir(outputDir);
-
-    const extension = isTypeScript ? 'ts' : 'js';
-    const outputPath = path.join(outputDir, `webhooks.${extension}`);
-
-    const action = await checkFileOverwrite(outputPath);
-    if (action === 'skip') {
-      return null;
-    }
-
-    const content = isTypeScript
-      ? this.generateTypeScriptWebhooks()
-      : this.generateJavaScriptWebhooks();
-
-    return writeFileWithBackup(outputPath, content, action);
-  }
-
-  generateTypeScriptWebhooks() {
-    return `/**
- * L4YERCAK3 Webhook Utilities
- * Auto-generated by @l4yercak3/cli
- *
- * Utilities for handling webhook events from L4YERCAK3.
- */
-
-import { createHmac, timingSafeEqual } from 'crypto';
-
-export interface WebhookEvent<T = Record<string, unknown>> {
-  id: string;
-  type: WebhookEventType;
-  timestamp: string;
-  data: T;
-  organizationId: string;
-}
-
-export type WebhookEventType =
-  | 'contact.created'
-  | 'contact.updated'
-  | 'contact.deleted'
-  | 'organization.created'
-  | 'organization.updated'
-  | 'event.created'
-  | 'event.updated'
-  | 'event.published'
-  | 'event.cancelled'
-  | 'attendee.registered'
-  | 'attendee.checked_in'
-  | 'attendee.cancelled'
-  | 'form.submitted'
-  | 'order.created'
-  | 'order.paid'
-  | 'order.refunded'
-  | 'invoice.created'
-  | 'invoice.sent'
-  | 'invoice.paid'
-  | 'invoice.overdue'
-  | 'benefit_claim.submitted'
-  | 'benefit_claim.approved'
-  | 'benefit_claim.rejected'
-  | 'benefit_claim.paid'
-  | 'commission.calculated'
-  | 'commission.paid'
-  | 'certificate.issued';
-
-export interface VerifyOptions {
-  /** The raw request body as a string or Buffer */
-  payload: string | Buffer;
-  /** The signature from the X-L4yercak3-Signature header */
-  signature: string;
-  /** Your webhook secret from the L4YERCAK3 dashboard */
-  secret: string;
-  /** Tolerance in seconds for timestamp validation (default: 300 = 5 minutes) */
-  tolerance?: number;
-}
-
-export class WebhookVerificationError extends Error {
-  constructor(message: string) {
-    super(message);
-    this.name = 'WebhookVerificationError';
-  }
-}
-
-/**
- * Verify a webhook signature and parse the event
- *
- * @example
- * \`\`\`ts
- * // In your Next.js API route
- * import { verifyWebhookSignature, WebhookEvent } from '@/lib/l4yercak3';
- *
- * export async function POST(req: Request) {
- *   const payload = await req.text();
- *   const signature = req.headers.get('x-l4yercak3-signature') || '';
- *
- *   try {
- *     const event = verifyWebhookSignature({
- *       payload,
- *       signature,
- *       secret: process.env.L4YERCAK3_WEBHOOK_SECRET!,
- *     });
- *
- *     switch (event.type) {
- *       case 'contact.created':
- *         // Handle new contact
- *         break;
- *       case 'order.paid':
- *         // Handle paid order
- *         break;
- *     }
- *
- *     return new Response('OK', { status: 200 });
- *   } catch (error) {
- *     console.error('Webhook error:', error);
- *     return new Response('Invalid signature', { status: 400 });
- *   }
- * }
- * \`\`\`
- */
-export function verifyWebhookSignature<T = Record<string, unknown>>(
-  options: VerifyOptions
-): WebhookEvent<T> {
-  const { payload, signature, secret, tolerance = 300 } = options;
-
-  if (!signature) {
-    throw new WebhookVerificationError('Missing signature header');
-  }
-
-  // Parse the signature header (format: t=timestamp,v1=signature)
-  const parts = signature.split(',').reduce((acc, part) => {
-    const [key, value] = part.split('=');
-    acc[key] = value;
-    return acc;
-  }, {} as Record<string, string>);
-
-  const timestamp = parts['t'];
-  const signatureHash = parts['v1'];
-
-  if (!timestamp || !signatureHash) {
-    throw new WebhookVerificationError('Invalid signature format');
-  }
-
-  // Check timestamp tolerance
-  const timestampNum = parseInt(timestamp, 10);
-  const now = Math.floor(Date.now() / 1000);
-  if (Math.abs(now - timestampNum) > tolerance) {
-    throw new WebhookVerificationError('Timestamp outside tolerance window');
-  }
-
-  // Compute expected signature
-  const payloadStr = typeof payload === 'string' ? payload : payload.toString('utf8');
-  const signedPayload = \`\${timestamp}.\${payloadStr}\`;
-  const expectedSignature = createHmac('sha256', secret)
-    .update(signedPayload)
-    .digest('hex');
-
-  // Constant-time comparison
-  const expectedBuffer = Buffer.from(expectedSignature);
-  const receivedBuffer = Buffer.from(signatureHash);
-
-  if (expectedBuffer.length !== receivedBuffer.length) {
-    throw new WebhookVerificationError('Invalid signature');
-  }
-
-  if (!timingSafeEqual(expectedBuffer, receivedBuffer)) {
-    throw new WebhookVerificationError('Invalid signature');
-  }
-
-  // Parse and return the event
-  try {
-    return JSON.parse(payloadStr) as WebhookEvent<T>;
-  } catch {
-    throw new WebhookVerificationError('Invalid JSON payload');
-  }
-}
-
-/**
- * Type guard helpers for specific webhook events
- */
-export function isContactEvent(event: WebhookEvent): event is WebhookEvent<{ contact: unknown }> {
-  return event.type.startsWith('contact.');
-}
-
-export function isEventEvent(event: WebhookEvent): event is WebhookEvent<{ event: unknown }> {
-  return event.type.startsWith('event.');
-}
-
-export function isOrderEvent(event: WebhookEvent): event is WebhookEvent<{ order: unknown }> {
-  return event.type.startsWith('order.');
-}
-
-export function isInvoiceEvent(event: WebhookEvent): event is WebhookEvent<{ invoice: unknown }> {
-  return event.type.startsWith('invoice.');
-}
-
-export function isBenefitClaimEvent(event: WebhookEvent): event is WebhookEvent<{ claim: unknown }> {
-  return event.type.startsWith('benefit_claim.');
-}
-`;
-  }
-
-  generateJavaScriptWebhooks() {
-    return `/**
- * L4YERCAK3 Webhook Utilities
- * Auto-generated by @l4yercak3/cli
- *
- * Utilities for handling webhook events from L4YERCAK3.
- */
-
-const { createHmac, timingSafeEqual } = require('crypto');
-
-class WebhookVerificationError extends Error {
-  constructor(message) {
-    super(message);
-    this.name = 'WebhookVerificationError';
-  }
-}
-
-/**
- * Verify a webhook signature and parse the event
- *
- * @param {Object} options
- * @param {string|Buffer} options.payload - The raw request body
- * @param {string} options.signature - The signature from X-L4yercak3-Signature header
- * @param {string} options.secret - Your webhook secret
- * @param {number} [options.tolerance=300] - Timestamp tolerance in seconds
- * @returns {Object} The verified webhook event
- * @throws {WebhookVerificationError} If verification fails
- *
- * @example
- * // In your Next.js API route
- * const { verifyWebhookSignature } = require('@/lib/l4yercak3');
- *
- * export default async function handler(req, res) {
- *   const payload = req.body;
- *   const signature = req.headers['x-l4yercak3-signature'];
- *
- *   try {
- *     const event = verifyWebhookSignature({
- *       payload: JSON.stringify(payload),
- *       signature,
- *       secret: process.env.L4YERCAK3_WEBHOOK_SECRET,
- *     });
- *
- *     switch (event.type) {
- *       case 'contact.created':
- *         // Handle new contact
- *         break;
- *       case 'order.paid':
- *         // Handle paid order
- *         break;
- *     }
- *
- *     res.status(200).json({ received: true });
- *   } catch (error) {
- *     console.error('Webhook error:', error);
- *     res.status(400).json({ error: 'Invalid signature' });
- *   }
- * }
- */
-function verifyWebhookSignature(options) {
-  const { payload, signature, secret, tolerance = 300 } = options;
-
-  if (!signature) {
-    throw new WebhookVerificationError('Missing signature header');
-  }
-
-  // Parse the signature header (format: t=timestamp,v1=signature)
-  const parts = signature.split(',').reduce((acc, part) => {
-    const [key, value] = part.split('=');
-    acc[key] = value;
-    return acc;
-  }, {});
-
-  const timestamp = parts['t'];
-  const signatureHash = parts['v1'];
-
-  if (!timestamp || !signatureHash) {
-    throw new WebhookVerificationError('Invalid signature format');
-  }
-
-  // Check timestamp tolerance
-  const timestampNum = parseInt(timestamp, 10);
-  const now = Math.floor(Date.now() / 1000);
-  if (Math.abs(now - timestampNum) > tolerance) {
-    throw new WebhookVerificationError('Timestamp outside tolerance window');
-  }
-
-  // Compute expected signature
-  const payloadStr = typeof payload === 'string' ? payload : payload.toString('utf8');
-  const signedPayload = \`\${timestamp}.\${payloadStr}\`;
-  const expectedSignature = createHmac('sha256', secret)
-    .update(signedPayload)
-    .digest('hex');
-
-  // Constant-time comparison
-  const expectedBuffer = Buffer.from(expectedSignature);
-  const receivedBuffer = Buffer.from(signatureHash);
-
-  if (expectedBuffer.length !== receivedBuffer.length) {
-    throw new WebhookVerificationError('Invalid signature');
-  }
-
-  if (!timingSafeEqual(expectedBuffer, receivedBuffer)) {
-    throw new WebhookVerificationError('Invalid signature');
-  }
-
-  // Parse and return the event
-  try {
-    return JSON.parse(payloadStr);
-  } catch {
-    throw new WebhookVerificationError('Invalid JSON payload');
-  }
-}
-
-/**
- * Type guard helpers for specific webhook events
- */
-function isContactEvent(event) {
-  return event.type && event.type.startsWith('contact.');
-}
-
-function isEventEvent(event) {
-  return event.type && event.type.startsWith('event.');
-}
-
-function isOrderEvent(event) {
-  return event.type && event.type.startsWith('order.');
-}
-
-function isInvoiceEvent(event) {
-  return event.type && event.type.startsWith('invoice.');
-}
-
-function isBenefitClaimEvent(event) {
-  return event.type && event.type.startsWith('benefit_claim.');
-}
-
-module.exports = {
-  verifyWebhookSignature,
-  WebhookVerificationError,
-  isContactEvent,
-  isEventEvent,
-  isOrderEvent,
-  isInvoiceEvent,
-  isBenefitClaimEvent,
-};
-`;
-  }
-}
-
-module.exports = new WebhooksGenerator();

package/src/generators/env-generator.js

@@ -1,191 +0,0 @@
-/**
- * Environment File Generator
- * Generates .env.local file with configuration
- */
-
-const fs = require('fs');
-const path = require('path');
-
-class EnvGenerator {
-  /**
-   * Generate or update .env.local file
-   */
-  generate(options) {
-    const {
-      projectPath,
-      apiKey,
-      backendUrl,
-      organizationId,
-      features,
-      oauthProviders,
-      isMobile,
-    } = options;
-
-    // Use EXPO_PUBLIC_ for Expo, NEXT_PUBLIC_ for Next.js
-    const publicPrefix = isMobile ? 'EXPO_PUBLIC_' : 'NEXT_PUBLIC_';
-
-    const envPath = path.join(projectPath, '.env.local');
-    const existingEnv = this.readExistingEnv(envPath);
-
-    // Merge with new values
-    const envVars = {
-      ...existingEnv,
-      // Core API configuration
-      // If apiKey is null (user skipped), preserve existing value
-      L4YERCAK3_API_KEY: apiKey || existingEnv.L4YERCAK3_API_KEY || 'your_api_key_here',
-      L4YERCAK3_BACKEND_URL: backendUrl,
-      L4YERCAK3_ORGANIZATION_ID: organizationId,
-    };
-
-    // Add public backend URL with appropriate prefix
-    envVars[`${publicPrefix}L4YERCAK3_BACKEND_URL`] = backendUrl;
-
-    // Add OAuth variables if OAuth is enabled
-    if (features.includes('oauth') && oauthProviders) {
-      if (oauthProviders.includes('google')) {
-        envVars.GOOGLE_CLIENT_ID = existingEnv.GOOGLE_CLIENT_ID || 'your_google_client_id_here';
-        envVars.GOOGLE_CLIENT_SECRET = existingEnv.GOOGLE_CLIENT_SECRET || 'your_google_client_secret_here';
-      }
-      if (oauthProviders.includes('microsoft')) {
-        envVars.AZURE_CLIENT_ID = existingEnv.AZURE_CLIENT_ID || 'your_azure_client_id_here';
-        envVars.AZURE_CLIENT_SECRET = existingEnv.AZURE_CLIENT_SECRET || 'your_azure_client_secret_here';
-        envVars.AZURE_TENANT_ID = existingEnv.AZURE_TENANT_ID || 'your_azure_tenant_id_here';
-      }
-      if (oauthProviders.includes('github')) {
-        envVars.GITHUB_CLIENT_ID = existingEnv.GITHUB_CLIENT_ID || 'your_github_client_id_here';
-        envVars.GITHUB_CLIENT_SECRET = existingEnv.GITHUB_CLIENT_SECRET || 'your_github_client_secret_here';
-      }
-      envVars.NEXTAUTH_URL = existingEnv.NEXTAUTH_URL || 'http://localhost:3000';
-      envVars.NEXTAUTH_SECRET = existingEnv.NEXTAUTH_SECRET || 'generate_with_openssl_rand_base64_32';
-    }
-
-    // Add Stripe variables if Stripe is enabled
-    if (features.includes('stripe')) {
-      const stripePublicKey = `${publicPrefix}STRIPE_PUBLISHABLE_KEY`;
-      envVars[stripePublicKey] = existingEnv[stripePublicKey] || existingEnv.NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY || 'your_stripe_publishable_key_here';
-      envVars.STRIPE_SECRET_KEY = existingEnv.STRIPE_SECRET_KEY || 'your_stripe_secret_key_here';
-      envVars.STRIPE_WEBHOOK_SECRET = existingEnv.STRIPE_WEBHOOK_SECRET || 'your_stripe_webhook_secret_here';
-    }
-
-    // Store isMobile for formatting
-    envVars._isMobile = isMobile;
-
-    // Write env file
-    const envContent = this.formatEnvFile(envVars);
-    fs.writeFileSync(envPath, envContent, 'utf8');
-
-    return envPath;
-  }
-
-  /**
-   * Read existing .env.local file
-   */
-  readExistingEnv(envPath) {
-    const envVars = {};
-    
-    if (!fs.existsSync(envPath)) {
-      return envVars;
-    }
-
-    try {
-      const content = fs.readFileSync(envPath, 'utf8');
-      const lines = content.split('\n');
-      
-      for (const line of lines) {
-        const trimmed = line.trim();
-        if (trimmed && !trimmed.startsWith('#')) {
-          const match = trimmed.match(/^([^=]+)=(.*)$/);
-          if (match) {
-            const key = match[1].trim();
-            const value = match[2].trim();
-            envVars[key] = value;
-          }
-        }
-      }
-    } catch (error) {
-      // Error reading file, return empty object
-    }
-
-    return envVars;
-  }
-
-  /**
-   * Format environment variables as .env file
-   */
-  formatEnvFile(envVars) {
-    const isMobile = envVars._isMobile;
-    const publicPrefix = isMobile ? 'EXPO_PUBLIC_' : 'NEXT_PUBLIC_';
-    const platformName = isMobile ? 'Expo/React Native' : 'Next.js';
-    const deploymentPlatforms = isMobile ? 'EAS Build, Expo Go' : 'Vercel, Netlify, etc.';
-
-    let content = `# L4YERCAK3 Configuration
-# Auto-generated by @l4yercak3/cli
-# DO NOT commit this file to git - it contains sensitive credentials
-#
-# This file is for LOCAL DEVELOPMENT (${platformName}).
-# For production, set these variables in your deployment platform (${deploymentPlatforms}).
-
-# Core API Configuration
-L4YERCAK3_API_KEY=${envVars.L4YERCAK3_API_KEY}
-L4YERCAK3_BACKEND_URL=${envVars.L4YERCAK3_BACKEND_URL}
-L4YERCAK3_ORGANIZATION_ID=${envVars.L4YERCAK3_ORGANIZATION_ID}
-${publicPrefix}L4YERCAK3_BACKEND_URL=${envVars[`${publicPrefix}L4YERCAK3_BACKEND_URL`]}
-
-`;
-
-    // Add OAuth section if present
-    if (envVars.GOOGLE_CLIENT_ID || envVars.AZURE_CLIENT_ID || envVars.GITHUB_CLIENT_ID) {
-      content += `# OAuth Configuration
-# Get your OAuth credentials from:
-# - Google: https://console.cloud.google.com/apis/credentials
-# - Microsoft: https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps
-# - GitHub: https://github.com/settings/developers
-
-`;
-      if (envVars.GOOGLE_CLIENT_ID) {
-        content += `GOOGLE_CLIENT_ID=${envVars.GOOGLE_CLIENT_ID}
-GOOGLE_CLIENT_SECRET=${envVars.GOOGLE_CLIENT_SECRET}
-
-`;
-      }
-      if (envVars.AZURE_CLIENT_ID) {
-        content += `AZURE_CLIENT_ID=${envVars.AZURE_CLIENT_ID}
-AZURE_CLIENT_SECRET=${envVars.AZURE_CLIENT_SECRET}
-AZURE_TENANT_ID=${envVars.AZURE_TENANT_ID}
-
-`;
-      }
-      if (envVars.GITHUB_CLIENT_ID) {
-        content += `GITHUB_CLIENT_ID=${envVars.GITHUB_CLIENT_ID}
-GITHUB_CLIENT_SECRET=${envVars.GITHUB_CLIENT_SECRET}
-
-`;
-      }
-      if (envVars.NEXTAUTH_URL) {
-        content += `# NextAuth.js Configuration
-# NEXTAUTH_URL: Set to http://localhost:3000 for development
-# For production, set this in your hosting platform (Vercel auto-sets this)
-NEXTAUTH_URL=${envVars.NEXTAUTH_URL}
-# Generate with: openssl rand -base64 32
-NEXTAUTH_SECRET=${envVars.NEXTAUTH_SECRET}
-
-`;
-      }
-    }
-
-    // Add Stripe section if present
-    const stripePublicKey = envVars[`${publicPrefix}STRIPE_PUBLISHABLE_KEY`];
-    if (stripePublicKey) {
-      content += `# Stripe Configuration
-${publicPrefix}STRIPE_PUBLISHABLE_KEY=${stripePublicKey}
-STRIPE_SECRET_KEY=${envVars.STRIPE_SECRET_KEY}
-STRIPE_WEBHOOK_SECRET=${envVars.STRIPE_WEBHOOK_SECRET}
-
-`;
-    }
-
-    return content;
-  }
-}
-
-module.exports = new EnvGenerator();