ar-saas 0.3.1 → 0.3.3

package/templates/backend/src/common/filters/global-exception.filter.ts

@@ -1,61 +1,61 @@
-import {
-  ExceptionFilter,
-  Catch,
-  ArgumentsHost,
-  HttpException,
-  HttpStatus,
-  Logger,
-} from '@nestjs/common';
-import { Request, Response } from 'express';
-
-@Catch()
-export class GlobalExceptionFilter implements ExceptionFilter {
-  private readonly logger = new Logger(GlobalExceptionFilter.name);
-
-  catch(exception: unknown, host: ArgumentsHost): void {
-    const ctx = host.switchToHttp();
-    const response = ctx.getResponse<Response>();
-    const request = ctx.getRequest<Request>();
-
-    let status = HttpStatus.INTERNAL_SERVER_ERROR;
-    let message = 'Error interno del servidor';
-    let error = 'Internal Server Error';
-
-    if (exception instanceof HttpException) {
-      status = exception.getStatus();
-      const exceptionResponse = exception.getResponse();
-
-      if (typeof exceptionResponse === 'string') {
-        message = exceptionResponse;
-        error = exception.message;
-      } else if (typeof exceptionResponse === 'object') {
-        const resp = exceptionResponse as Record<string, unknown>;
-        message =
-          typeof resp.message === 'string'
-            ? resp.message
-            : Array.isArray(resp.message)
-              ? resp.message.join('; ')
-              : exception.message;
-        error = (resp.error as string) ?? exception.message;
-      }
-    } else if (exception instanceof Error) {
-      message = exception.message;
-      error = exception.name;
-    }
-
-    if (status >= 500) {
-      this.logger.error(
-        `${request.method} ${request.url} → ${status}`,
-        exception instanceof Error ? exception.stack : undefined,
-      );
-    }
-
-    response.status(status).json({
-      statusCode: status,
-      message,
-      error,
-      timestamp: new Date().toISOString(),
-      path: request.url,
-    });
-  }
-}
+import {
+  ExceptionFilter,
+  Catch,
+  ArgumentsHost,
+  HttpException,
+  HttpStatus,
+  Logger,
+} from '@nestjs/common';
+import { Request, Response } from 'express';
+
+@Catch()
+export class GlobalExceptionFilter implements ExceptionFilter {
+  private readonly logger = new Logger(GlobalExceptionFilter.name);
+
+  catch(exception: unknown, host: ArgumentsHost): void {
+    const ctx = host.switchToHttp();
+    const response = ctx.getResponse<Response>();
+    const request = ctx.getRequest<Request>();
+
+    let status = HttpStatus.INTERNAL_SERVER_ERROR;
+    let message = 'Error interno del servidor';
+    let error = 'Internal Server Error';
+
+    if (exception instanceof HttpException) {
+      status = exception.getStatus();
+      const exceptionResponse = exception.getResponse();
+
+      if (typeof exceptionResponse === 'string') {
+        message = exceptionResponse;
+        error = exception.message;
+      } else if (typeof exceptionResponse === 'object') {
+        const resp = exceptionResponse as Record<string, unknown>;
+        message =
+          typeof resp.message === 'string'
+            ? resp.message
+            : Array.isArray(resp.message)
+              ? resp.message.join('; ')
+              : exception.message;
+        error = (resp.error as string) ?? exception.message;
+      }
+    } else if (exception instanceof Error) {
+      message = exception.message;
+      error = exception.name;
+    }
+
+    if (status >= 500) {
+      this.logger.error(
+        `${request.method} ${request.url} → ${status}`,
+        exception instanceof Error ? exception.stack : undefined,
+      );
+    }
+
+    response.status(status).json({
+      statusCode: status,
+      message,
+      error,
+      timestamp: new Date().toISOString(),
+      path: request.url,
+    });
+  }
+}

package/templates/backend/src/common/guards/jwt-auth.guard.ts

@@ -1,5 +1,5 @@
-import { Injectable } from '@nestjs/common';
-import { AuthGuard } from '@nestjs/passport';
-
-@Injectable()
-export class JwtAuthGuard extends AuthGuard('jwt') {}
+import { Injectable } from '@nestjs/common';
+import { AuthGuard } from '@nestjs/passport';
+
+@Injectable()
+export class JwtAuthGuard extends AuthGuard('jwt') {}

package/templates/backend/src/common/interceptors/workspace-tenant.interceptor.ts

@@ -1,45 +1,45 @@
-import {
-  Injectable,
-  NestInterceptor,
-  ExecutionContext,
-  CallHandler,
-  BadRequestException,
-} from '@nestjs/common';
-import { Observable } from 'rxjs';
-import { Request } from 'express';
-
-export interface TenantRequest extends Request {
-  workspaceId?: string;
-  user?: Record<string, unknown>;
-}
-
-@Injectable()
-export class WorkspaceTenantInterceptor implements NestInterceptor {
-  intercept(context: ExecutionContext, next: CallHandler): Observable<unknown> {
-    const request = context.switchToHttp().getRequest<TenantRequest>();
-
-    const headerWorkspaceId = request.headers['x-workspace-id'];
-    if (headerWorkspaceId && typeof headerWorkspaceId === 'string') {
-      request.workspaceId = headerWorkspaceId;
-      return next.handle();
-    }
-
-    const workspaceIdFromUser =
-      typeof request.user?.workspaceId === 'string'
-        ? request.user.workspaceId
-        : undefined;
-    if (workspaceIdFromUser) {
-      request.workspaceId = workspaceIdFromUser;
-      return next.handle();
-    }
-
-    const apiPrefix = process.env.API_PREFIX ?? 'api';
-    if (request.path.startsWith(`/${apiPrefix}/auth/`)) {
-      return next.handle();
-    }
-
-    throw new BadRequestException(
-      'Se requiere workspaceId en header x-workspace-id o token JWT',
-    );
-  }
-}
+import {
+  Injectable,
+  NestInterceptor,
+  ExecutionContext,
+  CallHandler,
+  BadRequestException,
+} from '@nestjs/common';
+import { Observable } from 'rxjs';
+import { Request } from 'express';
+
+export interface TenantRequest extends Request {
+  workspaceId?: string;
+  user?: Record<string, unknown>;
+}
+
+@Injectable()
+export class WorkspaceTenantInterceptor implements NestInterceptor {
+  intercept(context: ExecutionContext, next: CallHandler): Observable<unknown> {
+    const request = context.switchToHttp().getRequest<TenantRequest>();
+
+    const headerWorkspaceId = request.headers['x-workspace-id'];
+    if (headerWorkspaceId && typeof headerWorkspaceId === 'string') {
+      request.workspaceId = headerWorkspaceId;
+      return next.handle();
+    }
+
+    const workspaceIdFromUser =
+      typeof request.user?.workspaceId === 'string'
+        ? request.user.workspaceId
+        : undefined;
+    if (workspaceIdFromUser) {
+      request.workspaceId = workspaceIdFromUser;
+      return next.handle();
+    }
+
+    const apiPrefix = process.env.API_PREFIX ?? 'api';
+    if (request.path.startsWith(`/${apiPrefix}/auth/`)) {
+      return next.handle();
+    }
+
+    throw new BadRequestException(
+      'Se requiere workspaceId en header x-workspace-id o token JWT',
+    );
+  }
+}

package/templates/backend/src/main.ts

@@ -1,51 +1,51 @@
-import { NestFactory } from '@nestjs/core';
-import { ValidationPipe } from '@nestjs/common';
-import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
-import cookieParser from 'cookie-parser';
-import { AppModule } from './app.module';
-import { WorkspaceTenantInterceptor } from './common/interceptors/workspace-tenant.interceptor';
-
-async function bootstrap() {
-  const app = await NestFactory.create(AppModule);
-
-  const apiPrefix = process.env.API_PREFIX ?? 'api';
-  app.setGlobalPrefix(apiPrefix);
-
-  app.use(cookieParser(process.env.COOKIE_SECRET));
-
-  app.enableCors({
-    origin: process.env.CORS_ORIGINS?.split(',') ?? ['http://localhost:5173'],
-    credentials: true,
-  });
-
-  app.useGlobalPipes(
-    new ValidationPipe({
-      whitelist: true,
-      forbidNonWhitelisted: true,
-      transform: true,
-      transformOptions: {
-        enableImplicitConversion: true,
-      },
-    }),
-  );
-
-  app.useGlobalInterceptors(new WorkspaceTenantInterceptor());
-
-  if (process.env.SWAGGER_ENABLED === 'true') {
-    const config = new DocumentBuilder()
-      .setTitle('create-saas-ar API')
-      .setDescription('Backend SaaS multi-tenant')
-      .setVersion('1.0')
-      .addCookieAuth('access_token')
-      .build();
-
-    const document = SwaggerModule.createDocument(app, config);
-    SwaggerModule.setup(`${apiPrefix}/docs`, app, document);
-  }
-
-  const port = process.env.PORT ?? 3000;
-  await app.listen(port);
-  console.log(`🚀 Servidor corriendo en http://localhost:${port}/${apiPrefix}`);
-}
-
-void bootstrap();
+import { NestFactory } from '@nestjs/core';
+import { ValidationPipe } from '@nestjs/common';
+import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
+import cookieParser from 'cookie-parser';
+import { AppModule } from './app.module';
+import { WorkspaceTenantInterceptor } from './common/interceptors/workspace-tenant.interceptor';
+
+async function bootstrap() {
+  const app = await NestFactory.create(AppModule);
+
+  const apiPrefix = process.env.API_PREFIX ?? 'api';
+  app.setGlobalPrefix(apiPrefix);
+
+  app.use(cookieParser(process.env.COOKIE_SECRET));
+
+  app.enableCors({
+    origin: process.env.CORS_ORIGINS?.split(',') ?? ['http://localhost:5173'],
+    credentials: true,
+  });
+
+  app.useGlobalPipes(
+    new ValidationPipe({
+      whitelist: true,
+      forbidNonWhitelisted: true,
+      transform: true,
+      transformOptions: {
+        enableImplicitConversion: true,
+      },
+    }),
+  );
+
+  app.useGlobalInterceptors(new WorkspaceTenantInterceptor());
+
+  if (process.env.SWAGGER_ENABLED === 'true') {
+    const config = new DocumentBuilder()
+      .setTitle('create-saas-ar API')
+      .setDescription('Backend SaaS multi-tenant')
+      .setVersion('1.0')
+      .addCookieAuth('access_token')
+      .build();
+
+    const document = SwaggerModule.createDocument(app, config);
+    SwaggerModule.setup(`${apiPrefix}/docs`, app, document);
+  }
+
+  const port = process.env.PORT ?? 3000;
+  await app.listen(port);
+  console.log(`🚀 Servidor corriendo en http://localhost:${port}/${apiPrefix}`);
+}
+
+void bootstrap();

package/templates/backend/src/modules/auth/auth.controller.ts

@@ -1,158 +1,158 @@
-import {
-  Body,
-  Controller,
-  Get,
-  HttpCode,
-  HttpStatus,
-  Post,
-  Query,
-  Res,
-  UnauthorizedException,
-  UseGuards,
-} from '@nestjs/common';
-import { ConfigService } from '@nestjs/config';
-import { ApiOperation, ApiTags } from '@nestjs/swagger';
-import type { Response } from 'express';
-import { CurrentUser } from '../../common/decorators/current-user.decorator';
-import type { TokenPayload } from '../../common/decorators/current-user.decorator';
-import { Cookie } from '../../common/decorators/cookie.decorator';
-import { JwtAuthGuard } from '../../common/guards/jwt-auth.guard';
-import { AuthService } from './auth.service';
-import { ForgotPasswordDto } from './dto/forgot-password.dto';
-import { LoginDto } from './dto/login.dto';
-import { RefreshTokenDto } from './dto/refresh-token.dto';
-import { RegisterDto } from './dto/register.dto';
-import { ResetPasswordDto } from './dto/reset-password.dto';
-import { VerifyEmailDto } from './dto/verify-email.dto';
-
-@ApiTags('Auth')
-@Controller('auth')
-export class AuthController {
-  private readonly refreshCookiePath: string;
-
-  constructor(
-    private readonly authService: AuthService,
-    private readonly configService: ConfigService,
-  ) {
-    const prefix = this.configService.get<string>('API_PREFIX', 'api');
-    this.refreshCookiePath = `/${prefix}/auth/refresh`;
-  }
-
-  @Post('register')
-  @HttpCode(HttpStatus.CREATED)
-  @ApiOperation({ summary: 'Registrar nuevo usuario y workspace' })
-  register(@Body() dto: RegisterDto) {
-    return this.authService.register(dto);
-  }
-
-  @Get('verify-email')
-  @ApiOperation({ summary: 'Verificar email con token' })
-  verifyEmail(@Query() dto: VerifyEmailDto) {
-    return this.authService.verifyEmail(dto.token);
-  }
-
-  @Post('login')
-  @HttpCode(HttpStatus.OK)
-  @ApiOperation({ summary: 'Iniciar sesión' })
-  async login(
-    @Body() dto: LoginDto,
-    @Res({ passthrough: true }) res: Response,
-  ) {
-    const { user, accessToken, refreshToken } =
-      await this.authService.login(dto);
-    this.setTokenCookies(res, accessToken, refreshToken);
-    return user;
-  }
-
-  @Post('refresh')
-  @HttpCode(HttpStatus.OK)
-  @ApiOperation({ summary: 'Renovar access token usando el refresh token' })
-  async refresh(
-    @Cookie('refresh_token') cookieToken: string | undefined,
-    @Body() dto: RefreshTokenDto,
-    @Res({ passthrough: true }) res: Response,
-  ) {
-    const token = cookieToken ?? dto.refreshToken;
-    if (!token) {
-      throw new UnauthorizedException('Refresh token no encontrado.');
-    }
-    const tokens = await this.authService.refresh(token);
-    this.setTokenCookies(res, tokens.accessToken, tokens.refreshToken);
-    return { message: 'Token refreshed' };
-  }
-
-  @Post('logout')
-  @HttpCode(HttpStatus.OK)
-  @UseGuards(JwtAuthGuard)
-  @ApiOperation({ summary: 'Cerrar sesión' })
-  async logout(
-    @CurrentUser() user: TokenPayload,
-    @Res({ passthrough: true }) res: Response,
-  ) {
-    await this.authService.logout(user.userId);
-    this.clearTokenCookies(res);
-    return { message: 'Logged out' };
-  }
-
-  @Post('forgot-password')
-  @HttpCode(HttpStatus.OK)
-  @ApiOperation({ summary: 'Solicitar restablecimiento de contraseña' })
-  forgotPassword(@Body() dto: ForgotPasswordDto) {
-    return this.authService.forgotPassword(dto);
-  }
-
-  @Post('reset-password')
-  @HttpCode(HttpStatus.OK)
-  @ApiOperation({ summary: 'Restablecer contraseña con token del email' })
-  resetPassword(@Body() dto: ResetPasswordDto) {
-    return this.authService.resetPassword(dto);
-  }
-
-  @Get('me')
-  @UseGuards(JwtAuthGuard)
-  @ApiOperation({ summary: 'Obtener perfil del usuario autenticado' })
-  getMe(@CurrentUser() user: TokenPayload) {
-    return this.authService.getMe(user.userId);
-  }
-
-  // ─── Private helpers ────────────────────────────────────────────────────────
-
-  private setTokenCookies(
-    res: Response,
-    accessToken: string,
-    refreshToken: string,
-  ): void {
-    const isProd = this.configService.get<string>('NODE_ENV') === 'production';
-    const base = {
-      httpOnly: true,
-      secure: isProd,
-      sameSite: 'lax' as const,
-    };
-
-    res.cookie('access_token', accessToken, {
-      ...base,
-      maxAge: 15 * 60 * 1000,
-    });
-
-    res.cookie('refresh_token', refreshToken, {
-      ...base,
-      path: this.refreshCookiePath,
-      maxAge: 7 * 24 * 60 * 60 * 1000,
-    });
-  }
-
-  private clearTokenCookies(res: Response): void {
-    const isProd = this.configService.get<string>('NODE_ENV') === 'production';
-    const base = {
-      httpOnly: true,
-      secure: isProd,
-      sameSite: 'lax' as const,
-    };
-
-    res.clearCookie('access_token', base);
-    res.clearCookie('refresh_token', {
-      ...base,
-      path: this.refreshCookiePath,
-    });
-  }
-}
+import {
+  Body,
+  Controller,
+  Get,
+  HttpCode,
+  HttpStatus,
+  Post,
+  Query,
+  Res,
+  UnauthorizedException,
+  UseGuards,
+} from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { ApiOperation, ApiTags } from '@nestjs/swagger';
+import type { Response } from 'express';
+import { CurrentUser } from '../../common/decorators/current-user.decorator';
+import type { TokenPayload } from '../../common/decorators/current-user.decorator';
+import { Cookie } from '../../common/decorators/cookie.decorator';
+import { JwtAuthGuard } from '../../common/guards/jwt-auth.guard';
+import { AuthService } from './auth.service';
+import { ForgotPasswordDto } from './dto/forgot-password.dto';
+import { LoginDto } from './dto/login.dto';
+import { RefreshTokenDto } from './dto/refresh-token.dto';
+import { RegisterDto } from './dto/register.dto';
+import { ResetPasswordDto } from './dto/reset-password.dto';
+import { VerifyEmailDto } from './dto/verify-email.dto';
+
+@ApiTags('Auth')
+@Controller('auth')
+export class AuthController {
+  private readonly refreshCookiePath: string;
+
+  constructor(
+    private readonly authService: AuthService,
+    private readonly configService: ConfigService,
+  ) {
+    const prefix = this.configService.get<string>('API_PREFIX', 'api');
+    this.refreshCookiePath = `/${prefix}/auth/refresh`;
+  }
+
+  @Post('register')
+  @HttpCode(HttpStatus.CREATED)
+  @ApiOperation({ summary: 'Registrar nuevo usuario y workspace' })
+  register(@Body() dto: RegisterDto) {
+    return this.authService.register(dto);
+  }
+
+  @Get('verify-email')
+  @ApiOperation({ summary: 'Verificar email con token' })
+  verifyEmail(@Query() dto: VerifyEmailDto) {
+    return this.authService.verifyEmail(dto.token);
+  }
+
+  @Post('login')
+  @HttpCode(HttpStatus.OK)
+  @ApiOperation({ summary: 'Iniciar sesión' })
+  async login(
+    @Body() dto: LoginDto,
+    @Res({ passthrough: true }) res: Response,
+  ) {
+    const { user, accessToken, refreshToken } =
+      await this.authService.login(dto);
+    this.setTokenCookies(res, accessToken, refreshToken);
+    return user;
+  }
+
+  @Post('refresh')
+  @HttpCode(HttpStatus.OK)
+  @ApiOperation({ summary: 'Renovar access token usando el refresh token' })
+  async refresh(
+    @Cookie('refresh_token') cookieToken: string | undefined,
+    @Body() dto: RefreshTokenDto,
+    @Res({ passthrough: true }) res: Response,
+  ) {
+    const token = cookieToken ?? dto.refreshToken;
+    if (!token) {
+      throw new UnauthorizedException('Refresh token no encontrado.');
+    }
+    const tokens = await this.authService.refresh(token);
+    this.setTokenCookies(res, tokens.accessToken, tokens.refreshToken);
+    return { message: 'Token refreshed' };
+  }
+
+  @Post('logout')
+  @HttpCode(HttpStatus.OK)
+  @UseGuards(JwtAuthGuard)
+  @ApiOperation({ summary: 'Cerrar sesión' })
+  async logout(
+    @CurrentUser() user: TokenPayload,
+    @Res({ passthrough: true }) res: Response,
+  ) {
+    await this.authService.logout(user.userId);
+    this.clearTokenCookies(res);
+    return { message: 'Logged out' };
+  }
+
+  @Post('forgot-password')
+  @HttpCode(HttpStatus.OK)
+  @ApiOperation({ summary: 'Solicitar restablecimiento de contraseña' })
+  forgotPassword(@Body() dto: ForgotPasswordDto) {
+    return this.authService.forgotPassword(dto);
+  }
+
+  @Post('reset-password')
+  @HttpCode(HttpStatus.OK)
+  @ApiOperation({ summary: 'Restablecer contraseña con token del email' })
+  resetPassword(@Body() dto: ResetPasswordDto) {
+    return this.authService.resetPassword(dto);
+  }
+
+  @Get('me')
+  @UseGuards(JwtAuthGuard)
+  @ApiOperation({ summary: 'Obtener perfil del usuario autenticado' })
+  getMe(@CurrentUser() user: TokenPayload) {
+    return this.authService.getMe(user.userId);
+  }
+
+  // ─── Private helpers ────────────────────────────────────────────────────────
+
+  private setTokenCookies(
+    res: Response,
+    accessToken: string,
+    refreshToken: string,
+  ): void {
+    const isProd = this.configService.get<string>('NODE_ENV') === 'production';
+    const base = {
+      httpOnly: true,
+      secure: isProd,
+      sameSite: 'lax' as const,
+    };
+
+    res.cookie('access_token', accessToken, {
+      ...base,
+      maxAge: 15 * 60 * 1000,
+    });
+
+    res.cookie('refresh_token', refreshToken, {
+      ...base,
+      path: this.refreshCookiePath,
+      maxAge: 7 * 24 * 60 * 60 * 1000,
+    });
+  }
+
+  private clearTokenCookies(res: Response): void {
+    const isProd = this.configService.get<string>('NODE_ENV') === 'production';
+    const base = {
+      httpOnly: true,
+      secure: isProd,
+      sameSite: 'lax' as const,
+    };
+
+    res.clearCookie('access_token', base);
+    res.clearCookie('refresh_token', {
+      ...base,
+      path: this.refreshCookiePath,
+    });
+  }
+}