@mars-stack/cli 0.2.0 → 1.0.2

package/template/src/lib/core/email/templates/verification-email.ts

@@ -0,0 +1,41 @@
+import { emailLayout, emailButton } from './base-layout';
+
+interface VerificationEmailOptions {
+  appName: string;
+  verifyUrl: string;
+  userName?: string;
+}
+
+export function verificationEmailHtml({ appName, verifyUrl, userName }: VerificationEmailOptions): { html: string; text: string } {
+  const greeting = userName ? `Hi ${userName},` : 'Hi there,';
+
+  const content = `
+    <h1 style="margin: 0 0 16px 0; font-size: 24px; font-weight: 700; color: #111827;">Verify your email address</h1>
+    <p style="margin: 0 0 8px 0;">${greeting}</p>
+    <p style="margin: 0 0 8px 0;">Thanks for creating an account with ${appName}. Please verify your email address to get started.</p>
+    ${emailButton(verifyUrl, 'Verify Email Address')}
+    <p style="margin: 0 0 8px 0; font-size: 14px; color: #6b7280;">If the button doesn't work, copy and paste this link into your browser:</p>
+    <p style="margin: 0 0 16px 0; font-size: 14px; word-break: break-all; color: #6366f1;">${verifyUrl}</p>
+    <p style="margin: 0; font-size: 14px; color: #6b7280;">This link expires in 24 hours. If you didn't create this account, you can safely ignore this email.</p>`;
+
+  const html = emailLayout({
+    appName,
+    previewText: `Verify your email address for ${appName}`,
+    content,
+  });
+
+  const text = [
+    `Verify your email address`,
+    ``,
+    `${greeting}`,
+    ``,
+    `Thanks for creating an account with ${appName}. Please verify your email address by opening this link:`,
+    ``,
+    verifyUrl,
+    ``,
+    `This link expires in 24 hours.`,
+    `If you didn't create this account, you can safely ignore this email.`,
+  ].join('\n');
+
+  return { html, text };
+}

package/template/src/lib/core/email/templates/welcome-email.ts

@@ -0,0 +1,40 @@
+import { emailLayout, emailButton } from './base-layout';
+
+interface WelcomeEmailOptions {
+  appName: string;
+  dashboardUrl: string;
+  userName?: string;
+}
+
+export function welcomeEmailHtml({ appName, dashboardUrl, userName }: WelcomeEmailOptions): { html: string; text: string } {
+  const greeting = userName ? `Hi ${userName},` : 'Hi there,';
+
+  const content = `
+    <h1 style="margin: 0 0 16px 0; font-size: 24px; font-weight: 700; color: #111827;">Welcome to ${appName}</h1>
+    <p style="margin: 0 0 8px 0;">${greeting}</p>
+    <p style="margin: 0 0 8px 0;">Your account is all set up and ready to go. We're excited to have you on board.</p>
+    <p style="margin: 0 0 8px 0;">Head to your dashboard to get started:</p>
+    ${emailButton(dashboardUrl, 'Go to Dashboard')}
+    <p style="margin: 0; font-size: 14px; color: #6b7280;">If you have any questions, feel free to reach out to our support team.</p>`;
+
+  const html = emailLayout({
+    appName,
+    previewText: `Welcome to ${appName} — your account is ready`,
+    content,
+  });
+
+  const text = [
+    `Welcome to ${appName}`,
+    ``,
+    `${greeting}`,
+    ``,
+    `Your account is all set up and ready to go. We're excited to have you on board.`,
+    ``,
+    `Head to your dashboard to get started:`,
+    dashboardUrl,
+    ``,
+    `If you have any questions, feel free to reach out to our support team.`,
+  ].join('\n');
+
+  return { html, text };
+}

package/template/src/lib/mars.ts

@@ -0,0 +1,56 @@
+import 'server-only';
+
+import { configureMars } from '@mars-stack/core';
+import { appConfig } from '@/config/app.config';
+import { prisma } from './prisma';
+import { routes } from '@/config/routes';
+
+const mars = configureMars({
+  appConfig,
+  prisma,
+  signInRoute: routes.signIn,
+});
+
+export const {
+  logger,
+  appLogger,
+  authLogger,
+  securityLogger,
+  apiLogger,
+  logSecurityEvent,
+
+  sendEmail,
+
+  env,
+  validateJWTSecret,
+  getEnvironment,
+
+  getSession,
+  createSession,
+  updateSession,
+  deleteSession,
+  verifySession,
+  verifySessionForAPI,
+  getCurrentUser,
+
+  generateCSRFToken,
+  verifyCSRFToken,
+  requireCSRFToken,
+  validateCSRFRequest,
+
+  withAuth,
+  withAuthNoParams,
+  withAuthSimple,
+  withRole,
+  withOwnership,
+
+  handleApiError,
+
+  buildOrganizationJsonLd,
+  buildWebSiteJsonLd,
+  buildSiteNavigationJsonLd,
+  buildBreadcrumbListJsonLd,
+  buildArticleJsonLd,
+
+  getBaseUrl,
+} = mars;

package/template/src/lib/prisma.ts

@@ -0,0 +1,19 @@
+import 'server-only';
+
+import { PrismaClient } from '@db';
+import { PrismaPg } from '@prisma/adapter-pg';
+import { createPrismaProxy, DatabaseError } from '@mars-stack/core/database';
+
+export const prisma = createPrismaProxy(() => {
+  const connectionString = process.env.DATABASE_URL || '';
+
+  if (!connectionString) {
+    throw new DatabaseError(
+      'DATABASE_URL is not set',
+      'Set DATABASE_URL in your .env file, or run `yarn dev` to start local Postgres.',
+    );
+  }
+
+  const adapter = new PrismaPg({ connectionString });
+  return new PrismaClient({ adapter });
+});

package/template/src/proxy.ts

@@ -0,0 +1,92 @@
+import { decrypt } from '@mars-stack/core/auth/session';
+import { createCSRFProtection } from '@mars-stack/core/auth/csrf';
+import { routes } from '@/config/routes';
+import { NextRequest, NextResponse } from 'next/server';
+
+const csrfExemptRoutes = ['/api/csrf', '/api/webhooks', '/api/auth/verify', '/api/auth/reset'];
+
+const csrf = createCSRFProtection({
+  getJWTSecret: () => {
+    const secret = process.env.JWT_SECRET;
+    if (!secret || secret.length < 32) {
+      throw new Error('JWT_SECRET must be set and at least 32 characters');
+    }
+    return secret;
+  },
+  logViolation: (event) => {
+    console.warn('[CSRF Violation]', event);
+  },
+});
+
+const authRoutes = [routes.signIn, routes.signUp, routes.forgotPassword, routes.resetPassword];
+
+const protectedRoutes = [routes.dashboard, routes.settings];
+
+const adminRoutes = [routes.admin];
+
+export async function proxy(request: NextRequest) {
+  const { pathname } = request.nextUrl;
+
+  const isComingSoonMode = process.env.COMING_SOON === 'true';
+  const isApiRoute = pathname.startsWith('/api/');
+
+  if (isComingSoonMode && pathname !== '/coming-soon' && !isApiRoute) {
+    return NextResponse.redirect(new URL('/coming-soon', request.url));
+  }
+
+  if (!isComingSoonMode && pathname === '/coming-soon') {
+    return NextResponse.redirect(new URL('/', request.url));
+  }
+
+  const jwtSecret = process.env.JWT_SECRET;
+  if (!jwtSecret || jwtSecret.length < 32) {
+    return new NextResponse('Server configuration error', { status: 500 });
+  }
+
+  const sessionCookie = request.cookies.get('session')?.value;
+  const session = await decrypt(sessionCookie, jwtSecret);
+
+  const requiresCsrf =
+    pathname.startsWith('/api/') &&
+    ['POST', 'PUT', 'DELETE', 'PATCH'].includes(request.method) &&
+    !csrfExemptRoutes.some((route) => pathname.startsWith(route));
+
+  if (requiresCsrf && !(await csrf.validateCSRFRequest(request, session?.fingerprint))) {
+    return new NextResponse('CSRF token validation failed', { status: 403 });
+  }
+  const isAuthenticated = !!session;
+
+  if (authRoutes.some((route) => pathname.startsWith(route)) && isAuthenticated) {
+    return NextResponse.redirect(new URL(routes.dashboard, request.url));
+  }
+
+  const safeCallbackPath = encodeURIComponent(
+    request.nextUrl.pathname + request.nextUrl.search,
+  );
+
+  if (protectedRoutes.some((route) => pathname.startsWith(route)) && !isAuthenticated) {
+    const url = new URL(routes.signIn, request.url);
+    url.searchParams.set('callbackUrl', safeCallbackPath);
+    return NextResponse.redirect(url);
+  }
+
+  if (adminRoutes.some((route) => pathname.startsWith(route))) {
+    if (!isAuthenticated) {
+      const url = new URL(routes.signIn, request.url);
+      url.searchParams.set('callbackUrl', safeCallbackPath);
+      return NextResponse.redirect(url);
+    }
+
+    if (session?.role !== 'admin') {
+      return NextResponse.redirect(new URL(routes.dashboard, request.url));
+    }
+  }
+
+  return NextResponse.next();
+}
+
+export const config = {
+  matcher: [
+    '/((?!_next/static|_next/image|favicon.ico|images).*)',
+  ],
+};

package/template/src/styles/brand.css

@@ -0,0 +1,15 @@
+/* Generated by Mars — brand palette derived from blue-600 */
+
+:root {
+  --brand-50: oklch(0.970 0.015 263);
+  --brand-100: oklch(0.930 0.032 263);
+  --brand-200: oklch(0.880 0.060 263);
+  --brand-300: oklch(0.810 0.108 263);
+  --brand-400: oklch(0.710 0.155 263);
+  --brand-500: oklch(0.620 0.215 263);
+  --brand-600: oklch(0.550 0.215 263);
+  --brand-700: oklch(0.490 0.204 263);
+  --brand-800: oklch(0.420 0.176 263);
+  --brand-900: oklch(0.380 0.129 263);
+  --brand-950: oklch(0.280 0.099 263);
+}

package/template/src/styles/globals.css

@@ -0,0 +1,7 @@
+@import 'tailwindcss';
+@import '@mars-stack/ui/styles/index.css';
+@import '@mars-stack/ui/styles/meta-modern-saas.css';
+@import './brand.css';
+/* Monorepo: deps at root (../../../). Scaffolded: deps at project root (../../). */
+@source "../../../node_modules/@mars-stack/ui/dist/**/*.js";
+@source "../../node_modules/@mars-stack/ui/dist/**/*.js";

package/template/tsconfig.json

@@ -0,0 +1,59 @@
+{
+  "compilerOptions": {
+    "target": "ES2017",
+    "lib": [
+      "dom",
+      "dom.iterable",
+      "esnext"
+    ],
+    "allowJs": true,
+    "skipLibCheck": true,
+    "strict": true,
+    "noEmit": true,
+    "esModuleInterop": true,
+    "module": "esnext",
+    "moduleResolution": "bundler",
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "jsx": "react-jsx",
+    "incremental": true,
+    "plugins": [
+      {
+        "name": "next"
+      }
+    ],
+    "paths": {
+      "@/*": [
+        "./src/*"
+      ],
+      "@/lib/*": [
+        "./src/lib/*"
+      ],
+      "@/features/*": [
+        "./src/features/*"
+      ],
+      "@/config/*": [
+        "./src/config/*"
+      ],
+      "@db": [
+        "./prisma/generated/prisma/client"
+      ]
+    }
+  },
+  "include": [
+    "next-env.d.ts",
+    "**/*.ts",
+    "**/*.tsx",
+    ".next/types/**/*.ts",
+    ".next/dev/types/**/*.ts"
+  ],
+  "exclude": [
+    "node_modules",
+    "vitest.config.ts",
+    "vitest.setup.ts",
+    "playwright.config.ts",
+    "e2e",
+    "**/*.test.ts",
+    "**/*.test.tsx"
+  ]
+}

package/template/vitest.config.ts

@@ -0,0 +1,41 @@
+import { defineConfig } from 'vitest/config';
+import react from '@vitejs/plugin-react';
+import { resolve } from 'path';
+
+export default defineConfig({
+  plugins: [react()],
+  test: {
+    environment: 'jsdom',
+    globals: true,
+    setupFiles: ['./vitest.setup.ts'],
+    include: ['src/**/*.test.{ts,tsx}'],
+    passWithNoTests: true,
+    coverage: {
+      provider: 'v8',
+      reporter: ['text', 'json', 'html'],
+      include: ['src/**/*.{ts,tsx}'],
+      exclude: [
+        'src/**/*.test.{ts,tsx}',
+        'src/**/*.d.ts',
+        'src/app/**/layout.tsx',
+        'src/styles/**',
+        'src/config/**',
+      ],
+      thresholds: {
+        statements: 70,
+        branches: 70,
+        functions: 70,
+        lines: 70,
+      },
+    },
+  },
+  resolve: {
+    alias: {
+      '@': resolve(__dirname, './src'),
+      '@/core': resolve(__dirname, './src/core'),
+      '@/shared': resolve(__dirname, './src/shared'),
+      '@/features': resolve(__dirname, './src/features'),
+      '@/config': resolve(__dirname, './src/config'),
+    },
+  },
+});

package/template/vitest.setup.ts

@@ -0,0 +1,24 @@
+import '@testing-library/jest-dom';
+
+vi.mock('server-only', () => ({}));
+
+vi.mock('next/navigation', () => ({
+  useRouter: () => ({
+    push: vi.fn(),
+    replace: vi.fn(),
+    back: vi.fn(),
+    refresh: vi.fn(),
+  }),
+  usePathname: () => '/',
+  useSearchParams: () => new URLSearchParams(),
+  redirect: vi.fn(),
+}));
+
+vi.mock('next/headers', () => ({
+  cookies: () => ({
+    get: vi.fn(),
+    set: vi.fn(),
+    delete: vi.fn(),
+  }),
+  headers: () => new Headers(),
+}));