@urbansolv/create-nestjs-app 1.2.4 → 1.2.7

package/templates/nestjs-app/src/main.ts

@@ -0,0 +1,93 @@
+import { NestFactory, Reflector } from '@nestjs/core';
+import { ValidationPipe, VersioningType, ClassSerializerInterceptor } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
+import { AppModule } from './app.module';
+
+async function bootstrap() {
+  const app = await NestFactory.create(AppModule);
+
+  const configService = app.get(ConfigService);
+
+  // Get configurations
+  const port = configService.get<number>('app.port');
+  const apiPrefix = configService.get<string>('app.apiPrefix');
+  const corsOrigin = configService.get<string>('app.corsOrigin');
+  const swaggerEnabled = configService.get<boolean>('swagger.enabled');
+  const swaggerPath = configService.get<string>('swagger.path');
+
+  // Enable CORS
+  app.enableCors({
+    origin: corsOrigin,
+    credentials: true,
+  });
+
+  // Global prefix
+  app.setGlobalPrefix(apiPrefix);
+
+  // API Versioning
+  app.enableVersioning({
+    type: VersioningType.URI,
+    defaultVersion: '1',
+  });
+
+  // Global validation pipe
+  app.useGlobalPipes(
+    new ValidationPipe({
+      whitelist: true,
+      forbidNonWhitelisted: true,
+      transform: true,
+      transformOptions: {
+        enableImplicitConversion: true,
+      },
+    }),
+  );
+
+  // Class serializer for excluding fields (like password)
+  app.useGlobalInterceptors(new ClassSerializerInterceptor(app.get(Reflector)));
+
+  // Swagger Documentation
+  if (swaggerEnabled) {
+    const config = new DocumentBuilder()
+      .setTitle('Urbansolv API')
+      .setDescription('Urbansolv NestJS Backend API Documentation')
+      .setVersion('1.0')
+      .addBearerAuth(
+        {
+          type: 'http',
+          scheme: 'bearer',
+          bearerFormat: 'JWT',
+          name: 'JWT',
+          description: 'Enter JWT token',
+          in: 'header',
+        },
+        'JWT-auth',
+      )
+      .addTag('Authentication', 'Authentication endpoints')
+      .addTag('Users', 'User management endpoints')
+      .addTag('Health', 'Health check endpoints')
+      .build();
+
+    const document = SwaggerModule.createDocument(app, config);
+    SwaggerModule.setup(swaggerPath, app, document, {
+      useGlobalPrefix: true,
+      swaggerOptions: {
+        persistAuthorization: true,
+        tagsSorter: 'alpha',
+        operationsSorter: 'alpha',
+      },
+    });
+
+    console.log(`\n📚 Swagger documentation available at: http://localhost:${port}/api/${swaggerPath}\n`);
+  }
+
+  await app.listen(port);
+
+  console.log(`\n🚀 Application is running on: http://localhost:${port}/${apiPrefix}`);
+  console.log(`🌍 Environment: ${configService.get<string>('app.env')}`);
+  console.log(`📊 Health check: http://localhost:${port}/health`);
+  console.log(`🏓 Ping endpoint: http://localhost:${port}/ping\n`);
+
+}
+
+bootstrap();

package/templates/nestjs-app/src/modules/auth/auth.module.ts

@@ -0,0 +1,28 @@
+import { Module } from '@nestjs/common';
+import { JwtModule } from '@nestjs/jwt';
+import { PassportModule } from '@nestjs/passport';
+import { ConfigModule, ConfigService } from '@nestjs/config';
+import { AuthService } from './auth.service';
+import { AuthController } from './controllers/v1/auth.controller';
+import { JwtStrategy } from './core/strategies/jwt.strategy';
+import type { StringValue } from 'ms';
+
+@Module({
+  imports: [
+    PassportModule.register({ defaultStrategy: 'jwt' }),
+    JwtModule.registerAsync({
+      imports: [ConfigModule],
+      inject: [ConfigService],
+      useFactory: (configService: ConfigService) => ({
+        secret: configService.get<string>('jwt.secret'),
+        signOptions: {
+          expiresIn: configService.get('jwt.expiresIn', '7d') as StringValue,
+        },
+      }),
+    }),
+  ],
+  controllers: [AuthController],
+  providers: [AuthService, JwtStrategy],
+  exports: [JwtStrategy, PassportModule, JwtModule],
+})
+export class AuthModule {}

package/templates/nestjs-app/src/modules/auth/auth.service.ts

@@ -0,0 +1,173 @@
+import {
+  Injectable,
+  UnauthorizedException,
+  ConflictException,
+  BadRequestException,
+} from '@nestjs/common';
+import { JwtService } from '@nestjs/jwt';
+import { ConfigService } from '@nestjs/config';
+import { PrismaService } from '@common/prisma/prisma.service';
+import { PasswordUtil } from '@common/utils/password.util';
+import { LoginDto } from './core/dto/login.dto';
+import { RegisterDto } from './core/dto/register.dto';
+import { AuthResponseDto } from './core/dto/auth-response.dto';
+import { JwtPayload } from './core/interfaces/jwt-payload.interface';
+
+@Injectable()
+export class AuthService {
+  constructor(
+    private prisma: PrismaService,
+    private jwtService: JwtService,
+    private configService: ConfigService,
+  ) {}
+
+  async login(loginDto: LoginDto): Promise<AuthResponseDto> {
+    const { email, password } = loginDto;
+
+    // Find user with position and permissions
+    const user = await this.prisma.user.findUnique({
+      where: { email },
+      include: {
+        position: {
+          include: {
+            position_permissions: {
+              include: {
+                permission: true,
+              },
+            },
+          },
+        },
+      },
+    });
+
+    if (!user) {
+      throw new UnauthorizedException('Invalid credentials');
+    }
+
+    if (!user.is_active) {
+      throw new UnauthorizedException('Account is inactive');
+    }
+
+    // Verify password
+    const isPasswordValid = await PasswordUtil.compare(password, user.password);
+    if (!isPasswordValid) {
+      throw new UnauthorizedException('Invalid credentials');
+    }
+
+    // Build permissions array
+    const permissions = user.position.position_permissions.map(
+      (pp) => pp.permission.name,
+    );
+
+    // Generate JWT token
+    const payload: JwtPayload = {
+      userId: user.id,
+      email: user.email,
+      positionId: user.position.id,
+      positionName: user.position.name,
+      permissions,
+    };
+
+    const access_token = this.jwtService.sign(payload);
+
+    return {
+      access_token,
+      user: {
+        id: user.id,
+        email: user.email,
+        first_name: user.first_name,
+        last_name: user.last_name,
+        position: {
+          id: user.position.id,
+          name: user.position.name,
+        },
+        permissions,
+      },
+    };
+  }
+
+  async register(registerDto: RegisterDto): Promise<AuthResponseDto> {
+    const { email, password, first_name, last_name, position_id } = registerDto;
+
+    // Check if user already exists
+    const existingUser = await this.prisma.user.findUnique({
+      where: { email },
+    });
+
+    if (existingUser) {
+      throw new ConflictException('Email already exists');
+    }
+
+    // Validate position exists
+    const position = await this.prisma.position.findUnique({
+      where: { id: position_id },
+      include: {
+        position_permissions: {
+          include: {
+            permission: true,
+          },
+        },
+      },
+    });
+
+    if (!position) {
+      throw new BadRequestException('Invalid position ID');
+    }
+
+    // Hash password
+    const hashedPassword = await PasswordUtil.hash(password);
+
+    // Create user
+    const user = await this.prisma.user.create({
+      data: {
+        email,
+        password: hashedPassword,
+        first_name,
+        last_name,
+        position_id,
+      },
+      include: {
+        position: {
+          include: {
+            position_permissions: {
+              include: {
+                permission: true,
+              },
+            },
+          },
+        },
+      },
+    });
+
+    // Build permissions array
+    const permissions = user.position.position_permissions.map(
+      (pp) => pp.permission.name,
+    );
+
+    // Generate JWT token
+    const payload: JwtPayload = {
+      userId: user.id,
+      email: user.email,
+      positionId: user.position.id,
+      positionName: user.position.name,
+      permissions,
+    };
+
+    const access_token = this.jwtService.sign(payload);
+
+    return {
+      access_token,
+      user: {
+        id: user.id,
+        email: user.email,
+        first_name: user.first_name,
+        last_name: user.last_name,
+        position: {
+          id: user.position.id,
+          name: user.position.name,
+        },
+        permissions,
+      },
+    };
+  }
+}

package/templates/nestjs-app/src/modules/auth/controllers/v1/auth.controller.ts

@@ -0,0 +1,37 @@
+import { Controller, Post, Body, HttpCode, HttpStatus } from '@nestjs/common';
+import { ApiTags, ApiOperation, ApiResponse } from '@nestjs/swagger';
+import { AuthService } from '../../auth.service';
+import { LoginDto } from '../../core/dto/login.dto';
+import { RegisterDto } from '../../core/dto/register.dto';
+import { AuthResponseDto } from '../../core/dto/auth-response.dto';
+import { Public } from '@common/decorators/public.decorator';
+import { ApiSuccessResponse } from '@common/decorators/api-response.decorator';
+import { JwtAuthGuard } from '@common/guards/jwt-auth.guard';
+import { PermissionsGuard } from '@common/guards/permissions.guard';
+
+@ApiTags('Authentication')
+@ApiBearerAuth('JWT-auth')
+@Controller({ path: 'auth', version: '1' })
+@UseGuards(JwtAuthGuard, PermissionsGuard)
+export class AuthController {
+  constructor(private readonly authService: AuthService) {}
+
+  @Public()
+  @Post('login')
+  @HttpCode(HttpStatus.OK)
+  @ApiOperation({ summary: 'User login' })
+  @ApiSuccessResponse(AuthResponseDto)
+  @ApiResponse({ status: 401, description: 'Invalid credentials' })
+  async login(@Body() loginDto: LoginDto): Promise<AuthResponseDto> {
+    return this.authService.login(loginDto);
+  }
+
+  @Public()
+  @Post('register')
+  @ApiOperation({ summary: 'User registration' })
+  @ApiSuccessResponse(AuthResponseDto)
+  @ApiResponse({ status: 409, description: 'Email already exists' })
+  async register(@Body() registerDto: RegisterDto): Promise<AuthResponseDto> {
+    return this.authService.register(registerDto);
+  }
+}

package/templates/nestjs-app/src/modules/auth/core/dto/auth-response.dto.ts

@@ -0,0 +1,19 @@
+import { ApiProperty } from '@nestjs/swagger';
+
+export class AuthResponseDto {
+  @ApiProperty()
+  access_token: string;
+
+  @ApiProperty()
+  user: {
+    id: number;
+    email: string;
+    first_name: string;
+    last_name: string;
+    position: {
+      id: number;
+      name: string;
+    };
+    permissions: string[];
+  };
+}

package/templates/nestjs-app/src/modules/auth/core/dto/login-response.dto.ts

@@ -0,0 +1,10 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { UserResponseDto } from '@modules/users/core/dto/user-response.dto';
+
+export class LoginResponseDto {
+  @ApiProperty()
+  access_token: string;
+
+  @ApiProperty()
+  user: UserResponseDto;
+}

package/templates/nestjs-app/src/modules/auth/core/dto/login.dto.ts

@@ -0,0 +1,15 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsEmail, IsNotEmpty, IsString, MinLength } from 'class-validator';
+
+export class LoginDto {
+  @ApiProperty({ example: 'admin@urbansolv.co.id' })
+  @IsEmail({}, { message: 'Please provide a valid email address' })
+  @IsNotEmpty({ message: 'Email is required' })
+  email: string;
+
+  @ApiProperty({ example: 'password123' })
+  @IsString()
+  @IsNotEmpty({ message: 'Password is required' })
+  @MinLength(6, { message: 'Password must be at least 6 characters long' })
+  password: string;
+}

package/templates/nestjs-app/src/modules/auth/core/dto/register.dto.ts

@@ -0,0 +1,30 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsEmail, IsNotEmpty, IsString, MinLength, IsInt } from 'class-validator';
+
+export class RegisterDto {
+  @ApiProperty({ example: 'bhagaskoro@urbansolv.co.id' })
+  @IsEmail({}, { message: 'Please provide a valid email address' })
+  @IsNotEmpty({ message: 'Email is required' })
+  email: string;
+
+  @ApiProperty({ example: 'password123' })
+  @IsString()
+  @IsNotEmpty({ message: 'Password is required' })
+  @MinLength(6, { message: 'Password must be at least 6 characters long' })
+  password: string;
+
+  @ApiProperty({ example: 'Bhagas' })
+  @IsString()
+  @IsNotEmpty({ message: 'First name is required' })
+  first_name: string;
+
+  @ApiProperty({ example: 'Koro' })
+  @IsString()
+  @IsNotEmpty({ message: 'Last name is required' })
+  last_name: string;
+
+  @ApiProperty({ example: 2, description: 'Position ID' })
+  @IsInt({ message: 'Position ID must be an integer' })
+  @IsNotEmpty({ message: 'Position ID is required' })
+  position_id: number;
+}

package/templates/nestjs-app/src/modules/auth/core/interfaces/jwt-payload.interface.ts

@@ -0,0 +1,7 @@
+export interface JwtPayload {
+  userId: number;
+  email: string;
+  positionId: number;
+  positionName: string;
+  permissions: string[];
+}

package/templates/nestjs-app/src/modules/auth/core/strategies/jwt.strategy.ts

@@ -0,0 +1,54 @@
+import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { PassportStrategy } from '@nestjs/passport';
+import { ExtractJwt, Strategy } from 'passport-jwt';
+import { PrismaService } from '@common/prisma/prisma.service';
+import { JwtPayload } from '../interfaces/jwt-payload.interface';
+
+@Injectable()
+export class JwtStrategy extends PassportStrategy(Strategy) {
+  constructor(
+    private configService: ConfigService,
+    private prisma: PrismaService,
+  ) {
+    super({
+      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+      ignoreExpiration: false,
+      secretOrKey: configService.get<string>('jwt.secret'),
+    });
+  }
+
+  async validate(payload: JwtPayload): Promise<JwtPayload> {
+    const user = await this.prisma.user.findUnique({
+      where: { id: payload.userId },
+      include: {
+        position: {
+          include: {
+            position_permissions: {
+              include: {
+                permission: true,
+              },
+            },
+          },
+        },
+      },
+    });
+
+    if (!user || !user.is_active) {
+      throw new UnauthorizedException('User not found or inactive');
+    }
+
+    // Build permissions array from position
+    const permissions = user.position.position_permissions.map(
+      (pp) => pp.permission.name,
+    );
+
+    return {
+      userId: user.id,
+      email: user.email,
+      positionId: user.position.id,
+      positionName: user.position.name,
+      permissions,
+    };
+  }
+}

package/templates/nestjs-app/src/modules/health/health.controller.ts

@@ -0,0 +1,29 @@
+import { Controller, Get } from '@nestjs/common';
+import { ApiTags, ApiOperation } from '@nestjs/swagger';
+import { Public } from '@common/decorators/public.decorator';
+
+@ApiTags('Health')
+@Controller()
+export class HealthController {
+  @Public()
+  @Get('health')
+  @ApiOperation({ summary: 'Health check endpoint' })
+  health() {
+    return {
+      status: 'ok',
+      timestamp: new Date().toISOString(),
+      uptime: process.uptime(),
+      environment: process.env.NODE_ENV,
+    };
+  }
+
+  @Public()
+  @Get('ping')
+  @ApiOperation({ summary: 'Ping endpoint' })
+  ping() {
+    return {
+      message: 'pong',
+      timestamp: new Date().toISOString(),
+    };
+  }
+}

package/templates/nestjs-app/src/modules/health/health.module.ts

@@ -0,0 +1,7 @@
+import { Module } from '@nestjs/common';
+import { HealthController } from './health.controller';
+
+@Module({
+  controllers: [HealthController],
+})
+export class HealthModule {}

package/templates/nestjs-app/src/modules/users/controllers/v1/users.controller.ts

@@ -0,0 +1,118 @@
+import {
+  Controller,
+  Get,
+  Post,
+  Body,
+  Patch,
+  Param,
+  Delete,
+  Query,
+  ParseIntPipe,
+  HttpCode,
+  HttpStatus,
+  UseGuards,
+} from '@nestjs/common';
+import { ApiTags, ApiOperation, ApiBearerAuth, ApiParam } from '@nestjs/swagger';
+import { UsersService } from '../../users.service';
+import { CreateUserDto } from '@modules/users/core/dto/create-user.dto';
+import { UpdateUserDto } from '@modules/users/core/dto/update-user.dto';
+import { ChangePositionDto } from '@modules/users/core/dto/change-position.dto';
+import { ManagePermissionsDto } from '@modules/users/core/dto/manage-permissions.dto';
+import { UserQueryDto } from '@modules/users/core/dto/user-query.dto';
+import { UserEntity } from '../../core//entities/user.entity';
+import { Permissions } from '@common/decorators/permissions.decorator';
+import { PERMISSIONS } from '@common/constants/permissions.constant';
+import { ApiSuccessResponse, ApiSuccessArrayResponse } from '@common/decorators/api-response.decorator';
+import { PaginatedResponseDto } from '@common/dto/pagination.dto';
+import { PermissionsGuard } from '@common/guards/permissions.guard';
+import { JwtAuthGuard } from '@common/guards/jwt-auth.guard';
+
+@ApiTags('Users')
+@ApiBearerAuth('JWT-auth')
+@Controller({ path: 'users', version: '1' })
+@UseGuards(JwtAuthGuard, PermissionsGuard)
+export class UsersController {
+  constructor(private readonly usersService: UsersService) {}
+
+  @Post()
+  @Permissions(PERMISSIONS.USER.ADD)
+  @ApiOperation({ summary: 'Create a new user' })
+  @ApiSuccessResponse(UserEntity)
+  async create(@Body() createUserDto: CreateUserDto): Promise<UserEntity> {
+    return this.usersService.create(createUserDto);
+  }
+
+  @Get()
+  @Permissions(PERMISSIONS.USER.VIEW)
+  @ApiOperation({ summary: 'Get all users with pagination and filters' })
+  @ApiSuccessResponse(PaginatedResponseDto<UserEntity>)
+  async findAll(@Query() query: UserQueryDto): Promise<PaginatedResponseDto<UserEntity>> {
+    return this.usersService.findAll(query);
+  }
+
+  @Get(':id')
+  @Permissions(PERMISSIONS.USER.VIEW)
+  @ApiOperation({ summary: 'Get user by ID' })
+  @ApiParam({ name: 'id', type: Number })
+  @ApiSuccessResponse(UserEntity)
+  async findOne(@Param('id', ParseIntPipe) id: number): Promise<UserEntity> {
+    return this.usersService.findOne(id);
+  }
+
+  @Patch(':id')
+  @Permissions(PERMISSIONS.USER.UPDATE)
+  @ApiOperation({ summary: 'Update user' })
+  @ApiParam({ name: 'id', type: Number })
+  @ApiSuccessResponse(UserEntity)
+  async update(
+    @Param('id', ParseIntPipe) id: number,
+    @Body() updateUserDto: UpdateUserDto,
+  ): Promise<UserEntity> {
+    return this.usersService.update(id, updateUserDto);
+  }
+
+  @Delete(':id')
+  @Permissions(PERMISSIONS.USER.DELETE)
+  @HttpCode(HttpStatus.NO_CONTENT)
+  @ApiOperation({ summary: 'Delete user (soft delete)' })
+  @ApiParam({ name: 'id', type: Number })
+  async remove(@Param('id', ParseIntPipe) id: number): Promise<void> {
+    return this.usersService.remove(id);
+  }
+
+  @Patch(':id/position')
+  @Permissions(PERMISSIONS.USER.CHANGE_POSITION)
+  @ApiOperation({ summary: 'Change user position/role' })
+  @ApiParam({ name: 'id', type: Number })
+  @ApiSuccessResponse(UserEntity)
+  async changePosition(
+    @Param('id', ParseIntPipe) id: number,
+    @Body() changePositionDto: ChangePositionDto,
+  ): Promise<UserEntity> {
+    return this.usersService.changePosition(id, changePositionDto);
+  }
+
+  @Post(':id/permissions/assign')
+  @Permissions(PERMISSIONS.USER.MANAGE_PERMISSION)
+  @ApiOperation({ summary: 'Assign permissions to user position' })
+  @ApiParam({ name: 'id', type: Number })
+  @ApiSuccessResponse(UserEntity)
+  async assignPermissions(
+    @Param('id', ParseIntPipe) id: number,
+    @Body() managePermissionsDto: ManagePermissionsDto,
+  ): Promise<UserEntity> {
+    return this.usersService.assignPermissions(id, managePermissionsDto);
+  }
+
+  @Post(':id/permissions/revoke')
+  @Permissions(PERMISSIONS.USER.MANAGE_PERMISSION)
+  @ApiOperation({ summary: 'Revoke permissions from user position' })
+  @ApiParam({ name: 'id', type: Number })
+  @ApiSuccessResponse(UserEntity)
+  async revokePermissions(
+    @Param('id', ParseIntPipe) id: number,
+    @Body() managePermissionsDto: ManagePermissionsDto,
+  ): Promise<UserEntity> {
+    return this.usersService.revokePermissions(id, managePermissionsDto);
+  }
+}

package/templates/nestjs-app/src/modules/users/core/dto/change-position.dto.ts

@@ -0,0 +1,9 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsInt, IsNotEmpty } from 'class-validator';
+
+export class ChangePositionDto {
+  @ApiProperty({ example: 2, description: 'New position ID' })
+  @IsInt({ message: 'Position ID must be an integer' })
+  @IsNotEmpty({ message: 'Position ID is required' })
+  position_id: number;
+}

package/templates/nestjs-app/src/modules/users/core/dto/create-user.dto.ts

@@ -0,0 +1,35 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsEmail, IsNotEmpty, IsString, MinLength, IsInt, IsBoolean, IsOptional } from 'class-validator';
+
+export class CreateUserDto {
+  @ApiProperty({ example: 'bhagaskoro@urbansolv.co.id' })
+  @IsEmail({}, { message: 'Please provide a valid email address' })
+  @IsNotEmpty({ message: 'Email is required' })
+  email: string;
+
+  @ApiProperty({ example: 'password123' })
+  @IsString()
+  @IsNotEmpty({ message: 'Password is required' })
+  @MinLength(6, { message: 'Password must be at least 6 characters long' })
+  password: string;
+
+  @ApiProperty({ example: 'Bhagas' })
+  @IsString()
+  @IsNotEmpty({ message: 'First name is required' })
+  first_name: string;
+
+  @ApiProperty({ example: 'Koro' })
+  @IsString()
+  @IsNotEmpty({ message: 'Last name is required' })
+  last_name: string;
+
+  @ApiProperty({ example: 2, description: 'Position ID' })
+  @IsInt({ message: 'Position ID must be an integer' })
+  @IsNotEmpty({ message: 'Position ID is required' })
+  position_id: number;
+
+  @ApiProperty({ example: true, default: true })
+  @IsBoolean()
+  @IsOptional()
+  is_active?: boolean = true;
+}