npm - @surajprasad/create-starterkit - Versions diffs - 0.1.0 - Mend

@surajprasad/create-starterkit 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (84) hide show

package/templates/mern/backend/src/modules/auth/auth.model.js ADDED Viewed

@@ -0,0 +1,20 @@
+import mongoose from "mongoose";
+const userSchema = new mongoose.Schema(
+  {
+    name: { type: String, trim: true, required: true },
+    email: { type: String, trim: true, lowercase: true, unique: true, required: true, index: true },
+    password: { type: String, required: true, select: false },
+    role: { type: String, enum: ["user", "admin"], default: "user" },
+    isEmailVerified: { type: Boolean, default: false },
+    otp: { type: String, default: null },
+    otpExpiry: { type: Date, default: null },
+    resetPasswordToken: { type: String, default: null },
+    resetPasswordExpiry: { type: Date, default: null }
+  },
+  { timestamps: true }
+);
+const User = mongoose.model("User", userSchema);
+export default User;

package/templates/mern/backend/src/modules/auth/auth.routes.js ADDED Viewed

@@ -0,0 +1,55 @@
+import express from "express";
+import Joi from "joi";
+import { validateDto } from "../../utils/validateDto.util.js";
+import { authMiddleware } from "../../middleware/authMiddleware.js";
+import { loginSchema } from "./dto/login.dto.js";
+import { registerSchema } from "./dto/register.dto.js";
+import {
+  forgotPassword,
+  getMe,
+  login,
+  register,
+  resetPassword,
+  verifyEmail
+} from "./auth.controller.js";
+const router = express.Router();
+router.post("/register", validateDto(registerSchema), register);
+router.post("/login", validateDto(loginSchema), login);
+router.get("/me", authMiddleware, getMe);
+router.post(
+  "/verify-email",
+  authMiddleware,
+  validateDto(
+    Joi.object({
+      otp: Joi.string().length(6).required()
+    })
+  ),
+  verifyEmail
+);
+router.post(
+  "/forgot-password",
+  validateDto(
+    Joi.object({
+      email: Joi.string().email().required()
+    })
+  ),
+  forgotPassword
+);
+router.post(
+  "/reset-password",
+  validateDto(
+    Joi.object({
+      password: Joi.string().min(6).required()
+    })
+  ),
+  resetPassword
+);
+export default router;

package/templates/mern/backend/src/modules/auth/auth.service.js ADDED Viewed

@@ -0,0 +1,185 @@
+import crypto from "node:crypto";
+import User from "./auth.model.js";
+import { hashPassword, comparePassword } from "../../utils/hashPassword.util.js";
+import { signToken } from "../../utils/generateToken.util.js";
+import { generateOTP, getOTPExpiry } from "../../utils/generateOTP.util.js";
+import { generateResetToken } from "../../utils/generateResetToken.util.js";
+import {
+  sendPasswordResetEmail,
+  sendVerifyEmail,
+  sendWelcomeEmail
+} from "../email/email.service.js";
+const sanitizeUser = (userDoc) => {
+  if (!userDoc) return null;
+  const user = userDoc.toObject ? userDoc.toObject() : userDoc;
+  delete user.password;
+  delete user.otp;
+  delete user.otpExpiry;
+  delete user.resetPasswordToken;
+  delete user.resetPasswordExpiry;
+  return user;
+};
+export const registerUser = async ({ name, email, password }) => {
+  try {
+    const existing = await User.findOne({ email }).select("_id");
+    if (existing) {
+      const err = new Error("Email already in use");
+      err.statusCode = 409;
+      throw err;
+    }
+    const hashed = await hashPassword(password);
+    const otp = generateOTP();
+    const otpExpiry = getOTPExpiry();
+    const user = await User.create({
+      name,
+      email,
+      password: hashed,
+      isEmailVerified: false,
+      otp,
+      otpExpiry
+    });
+    const token = signToken(user._id.toString());
+    await sendWelcomeEmail(user.email, user.name);
+    await sendVerifyEmail(user.email, user.name, otp);
+    const safeUser = await User.findById(user._id).select("-password");
+    return { user: sanitizeUser(safeUser), token };
+  } catch (err) {
+    throw err;
+  }
+};
+export const loginUser = async ({ email, password }) => {
+  try {
+    const user = await User.findOne({ email }).select("+password");
+    if (!user) {
+      const err = new Error("Invalid credentials");
+      err.statusCode = 401;
+      throw err;
+    }
+    const ok = await comparePassword(password, user.password);
+    if (!ok) {
+      const err = new Error("Invalid credentials");
+      err.statusCode = 401;
+      throw err;
+    }
+    const token = signToken(user._id.toString());
+    const safeUser = await User.findById(user._id).select("-password");
+    return { user: sanitizeUser(safeUser), token };
+  } catch (err) {
+    throw err;
+  }
+};
+export const getMeService = async ({ userId }) => {
+  try {
+    const user = await User.findById(userId).select("-password");
+    if (!user) {
+      const err = new Error("User not found");
+      err.statusCode = 404;
+      throw err;
+    }
+    return { user: sanitizeUser(user) };
+  } catch (err) {
+    throw err;
+  }
+};
+export const verifyEmailService = async ({ userId, otp }) => {
+  try {
+    const user = await User.findById(userId).select("-password");
+    if (!user) {
+      const err = new Error("User not found");
+      err.statusCode = 404;
+      throw err;
+    }
+    if (user.isEmailVerified) {
+      return { user: sanitizeUser(user) };
+    }
+    const now = new Date();
+    if (!user.otp || !user.otpExpiry) {
+      const err = new Error("No OTP found");
+      err.statusCode = 400;
+      throw err;
+    }
+    if (user.otp !== otp) {
+      const err = new Error("Invalid OTP");
+      err.statusCode = 400;
+      throw err;
+    }
+    if (user.otpExpiry < now) {
+      const err = new Error("OTP expired");
+      err.statusCode = 400;
+      throw err;
+    }
+    user.isEmailVerified = true;
+    user.otp = null;
+    user.otpExpiry = null;
+    await user.save();
+    return { user: sanitizeUser(user) };
+  } catch (err) {
+    throw err;
+  }
+};
+export const forgotPasswordService = async ({ email }) => {
+  try {
+    const user = await User.findOne({ email }).select("-password");
+    if (!user) {
+      return { ok: true };
+    }
+    const { rawToken, hashedToken } = generateResetToken();
+    user.resetPasswordToken = hashedToken;
+    user.resetPasswordExpiry = new Date(Date.now() + 60 * 60 * 1000);
+    await user.save();
+    const resetLink = `${process.env.FRONTEND_URL}/reset-password?token=${rawToken}`;
+    await sendPasswordResetEmail(user.email, user.name, resetLink);
+    return { ok: true };
+  } catch (err) {
+    throw err;
+  }
+};
+export const resetPasswordService = async ({ rawToken, newPassword }) => {
+  try {
+    const hashed = crypto.createHash("sha256").update(rawToken).digest("hex");
+    const user = await User.findOne({
+      resetPasswordToken: hashed,
+      resetPasswordExpiry: { $gt: new Date() }
+    }).select("+password");
+    if (!user) {
+      const err = new Error("Invalid or expired reset token");
+      err.statusCode = 400;
+      throw err;
+    }
+    user.password = await hashPassword(newPassword);
+    user.resetPasswordToken = null;
+    user.resetPasswordExpiry = null;
+    await user.save();
+    return { ok: true };
+  } catch (err) {
+    throw err;
+  }
+};

package/templates/mern/backend/src/modules/auth/dto/login.dto.js ADDED Viewed

@@ -0,0 +1,12 @@
+import Joi from "joi";
+export const loginShape = {
+  email: "string",
+  password: "string"
+};
+export const loginSchema = Joi.object({
+  email: Joi.string().email().required(),
+  password: Joi.string().min(6).required()
+});

package/templates/mern/backend/src/modules/auth/dto/register.dto.js ADDED Viewed

@@ -0,0 +1,14 @@
+import Joi from "joi";
+export const registerShape = {
+  name: "string",
+  email: "string",
+  password: "string"
+};
+export const registerSchema = Joi.object({
+  name: Joi.string().min(2).max(50).required(),
+  email: Joi.string().email().required(),
+  password: Joi.string().min(6).required()
+});

package/templates/mern/backend/src/modules/email/dto/sendEmail.dto.js ADDED Viewed

@@ -0,0 +1,16 @@
+import Joi from "joi";
+export const sendEmailShape = {
+  to: "string",
+  subject: "string",
+  template: "string",
+  data: "object"
+};
+export const sendEmailSchema = Joi.object({
+  to: Joi.string().email().required(),
+  subject: Joi.string().min(2).max(150).required(),
+  template: Joi.string().valid("welcome", "verifyEmail", "resetPassword").required(),
+  data: Joi.object().default({})
+});

package/templates/mern/backend/src/modules/email/email.controller.js ADDED Viewed

@@ -0,0 +1,33 @@
+import { asyncHandler } from "../../utils/asyncHandler.util.js";
+import { apiResponse } from "../../utils/apiResponse.util.js";
+import {
+  sendPasswordResetEmail,
+  sendVerifyEmail,
+  sendWelcomeEmail
+} from "./email.service.js";
+const requireAdmin = (req) => {
+  return req.user && req.user.role === "admin";
+};
+export const sendEmail = asyncHandler(async (req, res) => {
+  if (!requireAdmin(req)) {
+    const err = new Error("Forbidden");
+    err.statusCode = 403;
+    throw err;
+  }
+  const { to, subject, template, data } = req.body;
+  const name = data?.name || "there";
+  if (template === "welcome") {
+    await sendWelcomeEmail(to, name);
+  } else if (template === "verifyEmail") {
+    await sendVerifyEmail(to, name, data?.otp || "000000");
+  } else if (template === "resetPassword") {
+    await sendPasswordResetEmail(to, name, data?.resetLink || process.env.FRONTEND_URL);
+  }
+  res.status(200).json(apiResponse(true, subject, { to, template }));
+});

package/templates/mern/backend/src/modules/email/email.routes.js ADDED Viewed

@@ -0,0 +1,13 @@
+import express from "express";
+import { authMiddleware } from "../../middleware/authMiddleware.js";
+import { validateDto } from "../../utils/validateDto.util.js";
+import { sendEmailSchema } from "./dto/sendEmail.dto.js";
+import { sendEmail } from "./email.controller.js";
+const router = express.Router();
+router.post("/send", authMiddleware, validateDto(sendEmailSchema), sendEmail);
+export default router;

package/templates/mern/backend/src/modules/email/email.service.js ADDED Viewed

@@ -0,0 +1,88 @@
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+import fs from "fs-extra";
+import nodemailer from "nodemailer";
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const getTransporter = () => {
+  const host = process.env.SMTP_HOST;
+  const port = Number(process.env.SMTP_PORT);
+  const user = process.env.SMTP_USER;
+  const pass = process.env.SMTP_PASS;
+  const auth = user && pass ? { user, pass } : undefined;
+  return nodemailer.createTransport({ host, port, secure: port === 465, auth });
+};
+const readTemplate = (templateFile) => {
+  const full = path.join(__dirname, "templates", templateFile);
+  return fs.readFileSync(full, "utf8");
+};
+const replacePlaceholders = (html, data) => {
+  return Object.entries(data).reduce((acc, [key, value]) => {
+    const pattern = new RegExp(`{{\\s*${key}\\s*}}`, "g");
+    return acc.replace(pattern, String(value));
+  }, html);
+};
+const sendHtmlEmail = async ({ to, subject, html }) => {
+  try {
+    const transporter = getTransporter();
+    await transporter.sendMail({
+      from: process.env.EMAIL_FROM,
+      to,
+      subject,
+      html
+    });
+  } catch (err) {
+    // eslint-disable-next-line no-console
+    console.error("Email send failed:", err?.message || err);
+  }
+};
+export const sendWelcomeEmail = async (to, name) => {
+  try {
+    const html = replacePlaceholders(readTemplate("welcome.html"), {
+      name,
+      appName: "StarterKit",
+      frontendUrl: process.env.FRONTEND_URL
+    });
+    await sendHtmlEmail({ to, subject: "Welcome to StarterKit", html });
+  } catch (err) {
+    // eslint-disable-next-line no-console
+    console.error("sendWelcomeEmail failed:", err?.message || err);
+  }
+};
+export const sendVerifyEmail = async (to, name, otp) => {
+  try {
+    const html = replacePlaceholders(readTemplate("verifyEmail.html"), {
+      name,
+      otp,
+      appName: "StarterKit"
+    });
+    await sendHtmlEmail({ to, subject: "Verify your email", html });
+  } catch (err) {
+    // eslint-disable-next-line no-console
+    console.error("sendVerifyEmail failed:", err?.message || err);
+  }
+};
+export const sendPasswordResetEmail = async (to, name, resetLink) => {
+  try {
+    const html = replacePlaceholders(readTemplate("resetPassword.html"), {
+      name,
+      resetLink,
+      appName: "StarterKit"
+    });
+    await sendHtmlEmail({ to, subject: "Reset your password", html });
+  } catch (err) {
+    // eslint-disable-next-line no-console
+    console.error("sendPasswordResetEmail failed:", err?.message || err);
+  }
+};

package/templates/mern/backend/src/modules/email/templates/resetPassword.html ADDED Viewed

@@ -0,0 +1,47 @@
+<!doctype html>
+<html>
+  <head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+    <title>Reset Password</title>
+  </head>
+  <body style="margin:0;padding:0;background:#F9FAFB;font-family:Arial,Helvetica,sans-serif;color:#111827;">
+    <table role="presentation" width="100%" cellspacing="0" cellpadding="0" style="background:#F9FAFB;padding:24px 0;">
+      <tr>
+        <td align="center">
+          <table role="presentation" width="600" cellspacing="0" cellpadding="0" style="background:#ffffff;border-radius:12px;overflow:hidden;border:1px solid #E5E7EB;">
+            <tr>
+              <td style="background:#4F46E5;padding:20px 24px;">
+                <div style="font-size:18px;font-weight:700;color:#ffffff;">{{appName}}</div>
+              </td>
+            </tr>
+            <tr>
+              <td style="padding:24px;">
+                <h1 style="margin:0 0 12px 0;font-size:22px;line-height:1.3;">Reset your password</h1>
+                <p style="margin:0 0 16px 0;font-size:14px;line-height:1.6;color:#374151;">
+                  Hi {{name}}, click the button below to reset your password.
+                </p>
+                <div style="margin:24px 0;">
+                  <a href="{{resetLink}}" style="display:inline-block;background:#4F46E5;color:#ffffff;text-decoration:none;padding:12px 16px;border-radius:10px;font-weight:700;font-size:14px;">
+                    Reset password
+                  </a>
+                </div>
+                <p style="margin:0;font-size:12px;line-height:1.6;color:#6B7280;">
+                  This link expires in 1 hour. If you didn’t request a password reset, you can ignore this email.
+                </p>
+              </td>
+            </tr>
+            <tr>
+              <td style="padding:16px 24px;background:#F9FAFB;border-top:1px solid #E5E7EB;">
+                <p style="margin:0;font-size:12px;line-height:1.6;color:#6B7280;">
+                  {{appName}} — This is an automated email, please do not reply.
+                </p>
+              </td>
+            </tr>
+          </table>
+        </td>
+      </tr>
+    </table>
+  </body>
+</html>

package/templates/mern/backend/src/modules/email/templates/verifyEmail.html ADDED Viewed

@@ -0,0 +1,45 @@
+<!doctype html>
+<html>
+  <head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+    <title>Verify Email</title>
+  </head>
+  <body style="margin:0;padding:0;background:#F9FAFB;font-family:Arial,Helvetica,sans-serif;color:#111827;">
+    <table role="presentation" width="100%" cellspacing="0" cellpadding="0" style="background:#F9FAFB;padding:24px 0;">
+      <tr>
+        <td align="center">
+          <table role="presentation" width="600" cellspacing="0" cellpadding="0" style="background:#ffffff;border-radius:12px;overflow:hidden;border:1px solid #E5E7EB;">
+            <tr>
+              <td style="background:#4F46E5;padding:20px 24px;">
+                <div style="font-size:18px;font-weight:700;color:#ffffff;">{{appName}}</div>
+              </td>
+            </tr>
+            <tr>
+              <td style="padding:24px;">
+                <h1 style="margin:0 0 12px 0;font-size:22px;line-height:1.3;">Verify your email</h1>
+                <p style="margin:0 0 16px 0;font-size:14px;line-height:1.6;color:#374151;">
+                  Hi {{name}}, use the OTP below to verify your email address.
+                </p>
+                <div style="margin:18px 0;padding:16px;border:1px dashed #D1D5DB;border-radius:12px;background:#F9FAFB;text-align:center;">
+                  <div style="font-size:28px;letter-spacing:6px;font-weight:800;color:#111827;">{{otp}}</div>
+                </div>
+                <p style="margin:0;font-size:12px;line-height:1.6;color:#6B7280;">
+                  This OTP expires in 10 minutes.
+                </p>
+              </td>
+            </tr>
+            <tr>
+              <td style="padding:16px 24px;background:#F9FAFB;border-top:1px solid #E5E7EB;">
+                <p style="margin:0;font-size:12px;line-height:1.6;color:#6B7280;">
+                  {{appName}} — This is an automated email, please do not reply.
+                </p>
+              </td>
+            </tr>
+          </table>
+        </td>
+      </tr>
+    </table>
+  </body>
+</html>

package/templates/mern/backend/src/modules/email/templates/welcome.html ADDED Viewed

@@ -0,0 +1,47 @@
+<!doctype html>
+<html>
+  <head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+    <title>Welcome</title>
+  </head>
+  <body style="margin:0;padding:0;background:#F9FAFB;font-family:Arial,Helvetica,sans-serif;color:#111827;">
+    <table role="presentation" width="100%" cellspacing="0" cellpadding="0" style="background:#F9FAFB;padding:24px 0;">
+      <tr>
+        <td align="center">
+          <table role="presentation" width="600" cellspacing="0" cellpadding="0" style="background:#ffffff;border-radius:12px;overflow:hidden;border:1px solid #E5E7EB;">
+            <tr>
+              <td style="background:#4F46E5;padding:20px 24px;">
+                <div style="font-size:18px;font-weight:700;color:#ffffff;">{{appName}}</div>
+              </td>
+            </tr>
+            <tr>
+              <td style="padding:24px;">
+                <h1 style="margin:0 0 12px 0;font-size:22px;line-height:1.3;">Welcome, {{name}}!</h1>
+                <p style="margin:0 0 16px 0;font-size:14px;line-height:1.6;color:#374151;">
+                  Your account is ready. You can now sign in and start using the app.
+                </p>
+                <div style="margin:24px 0;">
+                  <a href="{{frontendUrl}}" style="display:inline-block;background:#4F46E5;color:#ffffff;text-decoration:none;padding:12px 16px;border-radius:10px;font-weight:700;font-size:14px;">
+                    Get started
+                  </a>
+                </div>
+                <p style="margin:0;font-size:12px;line-height:1.6;color:#6B7280;">
+                  If you didn’t create this account, you can ignore this email.
+                </p>
+              </td>
+            </tr>
+            <tr>
+              <td style="padding:16px 24px;background:#F9FAFB;border-top:1px solid #E5E7EB;">
+                <p style="margin:0;font-size:12px;line-height:1.6;color:#6B7280;">
+                  {{appName}} — This is an automated email, please do not reply.
+                </p>
+              </td>
+            </tr>
+          </table>
+        </td>
+      </tr>
+    </table>
+  </body>
+</html>

package/templates/mern/backend/src/utils/apiResponse.util.js ADDED Viewed

@@ -0,0 +1,9 @@
+export const apiResponse = (success, message, data) => {
+  return {
+    success: Boolean(success),
+    message,
+    data: data ?? null,
+    timestamp: new Date().toISOString()
+  };
+};

package/templates/mern/backend/src/utils/asyncHandler.util.js ADDED Viewed

@@ -0,0 +1,6 @@
+export const asyncHandler = (fn) => {
+  return (req, res, next) => {
+    Promise.resolve(fn(req, res, next)).catch(next);
+  };
+};

package/templates/mern/backend/src/utils/generateOTP.util.js ADDED Viewed

@@ -0,0 +1,10 @@
+export const generateOTP = () => {
+  const otp = Math.floor(100000 + Math.random() * 900000);
+  return String(otp);
+};
+export const getOTPExpiry = () => {
+  const now = Date.now();
+  return new Date(now + 10 * 60 * 1000);
+};

package/templates/mern/backend/src/utils/generateResetToken.util.js ADDED Viewed

@@ -0,0 +1,8 @@
+import crypto from "node:crypto";
+export const generateResetToken = () => {
+  const rawToken = crypto.randomBytes(32).toString("hex");
+  const hashedToken = crypto.createHash("sha256").update(rawToken).digest("hex");
+  return { rawToken, hashedToken };
+};

package/templates/mern/backend/src/utils/generateToken.util.js ADDED Viewed

@@ -0,0 +1,17 @@
+import jwt from "jsonwebtoken";
+export const signToken = (userId) => {
+  const secret = process.env.JWT_SECRET;
+  const expiresIn = process.env.JWT_EXPIRES_IN || "7d";
+  if (!secret) throw new Error("JWT_SECRET is not set");
+  return jwt.sign({ userId }, secret, { expiresIn });
+};
+export const verifyToken = (token) => {
+  const secret = process.env.JWT_SECRET;
+  if (!secret) throw new Error("JWT_SECRET is not set");
+  return jwt.verify(token, secret);
+};

package/templates/mern/backend/src/utils/hashPassword.util.js ADDED Viewed

@@ -0,0 +1,11 @@
+import bcrypt from "bcryptjs";
+export const hashPassword = async (plain) => {
+  const saltRounds = 10;
+  return bcrypt.hash(plain, saltRounds);
+};
+export const comparePassword = async (plain, hashed) => {
+  return bcrypt.compare(plain, hashed);
+};

package/templates/mern/backend/src/utils/validateDto.util.js ADDED Viewed

@@ -0,0 +1,18 @@
+import { apiResponse } from "./apiResponse.util.js";
+export const validateDto = (schema) => {
+  return (req, res, next) => {
+    const { error, value } = schema.validate(req.body, {
+      abortEarly: true,
+      stripUnknown: true
+    });
+    if (error) {
+      return res.status(400).json(apiResponse(false, error.message, null));
+    }
+    req.body = value;
+    next();
+  };
+};

package/templates/mern/frontend/.env.example ADDED Viewed

	@@ -0,0 +1 @@
1	+ VITE_API_URL=http://localhost:5000