blacksmith-cli 0.1.1

package/package.json

@@ -0,0 +1,51 @@
+{
+  "name": "blacksmith-cli",
+  "version": "0.1.1",
+  "description": "Fullstack Django + React framework — one command, one codebase, one mental model",
+  "type": "module",
+  "bin": {
+    "blacksmith": "./bin/blacksmith.js"
+  },
+  "engines": {
+    "node": ">=20.5.0"
+  },
+  "main": "./dist/index.js",
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "start": "node dist/index.js",
+    "prepare": "npm run build"
+  },
+  "files": [
+    "bin",
+    "dist",
+    "src/templates"
+  ],
+  "keywords": [
+    "django",
+    "react",
+    "fullstack",
+    "openapi",
+    "scaffold",
+    "cli"
+  ],
+  "author": "",
+  "license": "MIT",
+  "dependencies": {
+    "chalk": "^5.4.1",
+    "change-case": "^5.4.4",
+    "chokidar": "^5.0.0",
+    "commander": "^13.1.0",
+    "concurrently": "^9.1.2",
+    "execa": "^9.5.2",
+    "handlebars": "^4.7.8",
+    "ora": "^8.2.0",
+    "pluralize": "^8.0.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.15.0",
+    "@types/pluralize": "^0.0.33",
+    "tsup": "^8.4.0",
+    "typescript": "~5.9.3"
+  }
+}

package/src/templates/backend/.env.example.hbs

@@ -0,0 +1,10 @@
+DJANGO_ENV=development
+DJANGO_SECRET_KEY=change-me-in-production
+DJANGO_DEBUG=True
+DJANGO_ALLOWED_HOSTS=localhost,127.0.0.1
+
+# Database (production)
+# DATABASE_URL=postgres://user:password@localhost:5432/{{projectName}}
+
+# CORS
+CORS_ALLOWED_ORIGINS=http://localhost:5173,http://localhost:3000

package/src/templates/backend/apps/users/admin.py.hbs

@@ -0,0 +1,26 @@
+from django.contrib import admin
+from django.contrib.auth.admin import UserAdmin
+from .models import CustomUser
+
+
+@admin.register(CustomUser)
+class CustomUserAdmin(UserAdmin):
+    model = CustomUser
+    list_display = ('email', 'first_name', 'last_name', 'is_staff', 'date_joined')
+    list_filter = ('is_staff', 'is_superuser', 'is_active')
+    search_fields = ('email', 'first_name', 'last_name')
+    ordering = ('-date_joined',)
+
+    fieldsets = (
+        (None, {'fields': ('email', 'password')}),
+        ('Personal info', {'fields': ('first_name', 'last_name')}),
+        ('Permissions', {'fields': ('is_active', 'is_staff', 'is_superuser', 'groups', 'user_permissions')}),
+        ('Important dates', {'fields': ('last_login', 'date_joined')}),
+    )
+
+    add_fieldsets = (
+        (None, {
+            'classes': ('wide',),
+            'fields': ('email', 'first_name', 'password1', 'password2'),
+        }),
+    )

package/src/templates/backend/apps/users/managers.py.hbs

@@ -0,0 +1,25 @@
+from django.contrib.auth.models import BaseUserManager
+
+
+class CustomUserManager(BaseUserManager):
+    """Custom user manager where email is the unique identifier."""
+
+    def create_user(self, email, password=None, **extra_fields):
+        if not email:
+            raise ValueError('The Email field must be set')
+        email = self.normalize_email(email)
+        user = self.model(email=email, **extra_fields)
+        user.set_password(password)
+        user.save(using=self._db)
+        return user
+
+    def create_superuser(self, email, password=None, **extra_fields):
+        extra_fields.setdefault('is_staff', True)
+        extra_fields.setdefault('is_superuser', True)
+
+        if extra_fields.get('is_staff') is not True:
+            raise ValueError('Superuser must have is_staff=True.')
+        if extra_fields.get('is_superuser') is not True:
+            raise ValueError('Superuser must have is_superuser=True.')
+
+        return self.create_user(email, password, **extra_fields)

package/src/templates/backend/apps/users/models.py.hbs

@@ -0,0 +1,25 @@
+from django.contrib.auth.models import AbstractUser
+from django.db import models
+from .managers import CustomUserManager
+
+
+class CustomUser(AbstractUser):
+    """Custom user model with email as the primary identifier."""
+
+    username = None
+    email = models.EmailField('email address', unique=True)
+    first_name = models.CharField('first name', max_length=150)
+    last_name = models.CharField('last name', max_length=150, blank=True)
+
+    USERNAME_FIELD = 'email'
+    REQUIRED_FIELDS = ['first_name']
+
+    objects = CustomUserManager()
+
+    class Meta:
+        verbose_name = 'user'
+        verbose_name_plural = 'users'
+        ordering = ['-date_joined']
+
+    def __str__(self):
+        return self.email

package/src/templates/backend/apps/users/serializers.py.hbs

@@ -0,0 +1,94 @@
+from rest_framework import serializers
+from django.contrib.auth import authenticate
+from django.contrib.auth.password_validation import validate_password
+from .models import CustomUser
+
+
+class UserSerializer(serializers.ModelSerializer):
+    """Serializer for user profile data."""
+
+    class Meta:
+        model = CustomUser
+        fields = ['id', 'email', 'first_name', 'last_name', 'date_joined']
+        read_only_fields = ['id', 'email', 'date_joined']
+
+
+class LoginSerializer(serializers.Serializer):
+    """Serializer for login requests."""
+
+    email = serializers.EmailField()
+    password = serializers.CharField(write_only=True)
+
+    def validate(self, attrs):
+        user = authenticate(
+            request=self.context.get('request'),
+            email=attrs['email'],
+            password=attrs['password'],
+        )
+        if not user:
+            raise serializers.ValidationError('Invalid email or password.')
+        if not user.is_active:
+            raise serializers.ValidationError('User account is disabled.')
+        attrs['user'] = user
+        return attrs
+
+
+class RegisterSerializer(serializers.ModelSerializer):
+    """Serializer for user registration."""
+
+    password = serializers.CharField(
+        write_only=True,
+        validators=[validate_password],
+    )
+    password_confirm = serializers.CharField(write_only=True)
+
+    class Meta:
+        model = CustomUser
+        fields = ['email', 'first_name', 'last_name', 'password', 'password_confirm']
+
+    def validate(self, attrs):
+        if attrs['password'] != attrs.pop('password_confirm'):
+            raise serializers.ValidationError({'password_confirm': 'Passwords do not match.'})
+        return attrs
+
+    def create(self, validated_data):
+        return CustomUser.objects.create_user(**validated_data)
+
+
+class TokenSerializer(serializers.Serializer):
+    """Serializer for JWT token responses."""
+
+    access = serializers.CharField()
+    refresh = serializers.CharField()
+
+
+class ChangePasswordSerializer(serializers.Serializer):
+    """Serializer for changing password."""
+
+    old_password = serializers.CharField(write_only=True)
+    new_password = serializers.CharField(write_only=True, validators=[validate_password])
+
+    def validate_old_password(self, value):
+        user = self.context['request'].user
+        if not user.check_password(value):
+            raise serializers.ValidationError('Current password is incorrect.')
+        return value
+
+
+class ForgotPasswordSerializer(serializers.Serializer):
+    """Serializer for forgot password request."""
+
+    email = serializers.EmailField()
+
+
+class ResetPasswordSerializer(serializers.Serializer):
+    """Serializer for resetting password with token."""
+
+    token = serializers.CharField()
+    password = serializers.CharField(write_only=True, validators=[validate_password])
+    password_confirm = serializers.CharField(write_only=True)
+
+    def validate(self, attrs):
+        if attrs['password'] != attrs.pop('password_confirm'):
+            raise serializers.ValidationError({'password_confirm': 'Passwords do not match.'})
+        return attrs

package/src/templates/backend/apps/users/tests.py.hbs

@@ -0,0 +1,47 @@
+from django.test import TestCase
+from django.contrib.auth import get_user_model
+from rest_framework.test import APIClient
+from rest_framework import status
+
+User = get_user_model()
+
+
+class AuthTests(TestCase):
+    def setUp(self):
+        self.client = APIClient()
+        self.user_data = {
+            'email': 'test@example.com',
+            'first_name': 'Test',
+            'password': 'TestPass123!',
+            'password_confirm': 'TestPass123!',
+        }
+
+    def test_register(self):
+        response = self.client.post('/api/auth/register/', self.user_data)
+        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
+        self.assertIn('access', response.data)
+        self.assertIn('refresh', response.data)
+
+    def test_login(self):
+        User.objects.create_user(
+            email='test@example.com',
+            password='TestPass123!',
+            first_name='Test',
+        )
+        response = self.client.post('/api/auth/login/', {
+            'email': 'test@example.com',
+            'password': 'TestPass123!',
+        })
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertIn('access', response.data)
+
+    def test_me(self):
+        user = User.objects.create_user(
+            email='test@example.com',
+            password='TestPass123!',
+            first_name='Test',
+        )
+        self.client.force_authenticate(user=user)
+        response = self.client.get('/api/auth/me/')
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data['email'], 'test@example.com')

package/src/templates/backend/apps/users/urls.py.hbs

@@ -0,0 +1,10 @@
+from django.urls import path, include
+from rest_framework.routers import DefaultRouter
+from .views import AuthViewSet
+
+router = DefaultRouter()
+router.register('', AuthViewSet, basename='auth')
+
+urlpatterns = [
+    path('', include(router.urls)),
+]

package/src/templates/backend/apps/users/views.py.hbs

@@ -0,0 +1,175 @@
+from rest_framework import status
+from rest_framework.decorators import action
+from rest_framework.permissions import AllowAny, IsAuthenticated
+from rest_framework.response import Response
+from rest_framework.viewsets import ViewSet
+from rest_framework_simplejwt.tokens import RefreshToken
+from rest_framework_simplejwt.exceptions import TokenError
+from drf_spectacular.utils import extend_schema
+
+from .serializers import (
+    LoginSerializer,
+    RegisterSerializer,
+    UserSerializer,
+    TokenSerializer,
+    ChangePasswordSerializer,
+    ForgotPasswordSerializer,
+    ResetPasswordSerializer,
+)
+
+
+class AuthViewSet(ViewSet):
+    """Authentication endpoints for the application."""
+
+    @extend_schema(
+        request=LoginSerializer,
+        responses={200: TokenSerializer},
+        description='Authenticate with email and password. Returns JWT access and refresh tokens.',
+        tags=['auth'],
+    )
+    @action(detail=False, methods=['post'], permission_classes=[AllowAny])
+    def login(self, request):
+        serializer = LoginSerializer(data=request.data, context={'request': request})
+        serializer.is_valid(raise_exception=True)
+        user = serializer.validated_data['user']
+        refresh = RefreshToken.for_user(user)
+        return Response({
+            'access': str(refresh.access_token),
+            'refresh': str(refresh),
+        })
+
+    @extend_schema(
+        request=RegisterSerializer,
+        responses={201: TokenSerializer},
+        description='Create a new user account. Returns JWT tokens.',
+        tags=['auth'],
+    )
+    @action(detail=False, methods=['post'], permission_classes=[AllowAny])
+    def register(self, request):
+        serializer = RegisterSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        user = serializer.save()
+        refresh = RefreshToken.for_user(user)
+        return Response(
+            {
+                'access': str(refresh.access_token),
+                'refresh': str(refresh),
+            },
+            status=status.HTTP_201_CREATED,
+        )
+
+    @extend_schema(
+        request=None,
+        responses={200: UserSerializer},
+        description='Get or update the current authenticated user profile.',
+        tags=['auth'],
+    )
+    @action(detail=False, methods=['get', 'patch'], permission_classes=[IsAuthenticated])
+    def me(self, request):
+        if request.method == 'GET':
+            serializer = UserSerializer(request.user)
+            return Response(serializer.data)
+
+        serializer = UserSerializer(request.user, data=request.data, partial=True)
+        serializer.is_valid(raise_exception=True)
+        serializer.save()
+        return Response(serializer.data)
+
+    @extend_schema(
+        request=ChangePasswordSerializer,
+        responses={200: None},
+        description='Change the current user password.',
+        tags=['auth'],
+    )
+    @action(
+        detail=False,
+        methods=['post'],
+        permission_classes=[IsAuthenticated],
+        url_path='change-password',
+    )
+    def change_password(self, request):
+        serializer = ChangePasswordSerializer(data=request.data, context={'request': request})
+        serializer.is_valid(raise_exception=True)
+        request.user.set_password(serializer.validated_data['new_password'])
+        request.user.save()
+        return Response({'detail': 'Password changed successfully.'})
+
+    @extend_schema(
+        request=ForgotPasswordSerializer,
+        responses={200: None},
+        description='Request a password reset email.',
+        tags=['auth'],
+    )
+    @action(
+        detail=False,
+        methods=['post'],
+        permission_classes=[AllowAny],
+        url_path='forgot-password',
+    )
+    def forgot_password(self, request):
+        serializer = ForgotPasswordSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        # TODO: Implement email sending logic
+        # Always return success to prevent email enumeration
+        return Response({'detail': 'If an account exists, a reset email has been sent.'})
+
+    @extend_schema(
+        request=ResetPasswordSerializer,
+        responses={200: None},
+        description='Reset password using a token from the reset email.',
+        tags=['auth'],
+    )
+    @action(
+        detail=False,
+        methods=['post'],
+        permission_classes=[AllowAny],
+        url_path='reset-password',
+    )
+    def reset_password(self, request):
+        serializer = ResetPasswordSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        # TODO: Implement token verification and password reset
+        return Response({'detail': 'Password has been reset successfully.'})
+
+    @extend_schema(
+        request=None,
+        responses={200: None},
+        description='Logout by blacklisting the refresh token.',
+        tags=['auth'],
+    )
+    @action(detail=False, methods=['post'], permission_classes=[IsAuthenticated])
+    def logout(self, request):
+        try:
+            refresh_token = request.data.get('refresh')
+            if refresh_token:
+                token = RefreshToken(refresh_token)
+                token.blacklist()
+        except TokenError:
+            pass
+        return Response({'detail': 'Successfully logged out.'})
+
+    @extend_schema(
+        request=None,
+        responses={200: TokenSerializer},
+        description='Refresh the access token using a valid refresh token.',
+        tags=['auth'],
+    )
+    @action(detail=False, methods=['post'], permission_classes=[AllowAny])
+    def refresh(self, request):
+        refresh_token = request.data.get('refresh')
+        if not refresh_token:
+            return Response(
+                {'detail': 'Refresh token is required.'},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+        try:
+            token = RefreshToken(refresh_token)
+            return Response({
+                'access': str(token.access_token),
+                'refresh': str(token),
+            })
+        except TokenError:
+            return Response(
+                {'detail': 'Invalid or expired refresh token.'},
+                status=status.HTTP_401_UNAUTHORIZED,
+            )

package/src/templates/backend/config/asgi.py.hbs

@@ -0,0 +1,9 @@
+"""
+ASGI config for {{projectName}}.
+"""
+
+import os
+from django.core.asgi import get_asgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'config.settings')
+application = get_asgi_application()

package/src/templates/backend/config/settings/__init__.py.hbs

@@ -0,0 +1,13 @@
+import os
+from dotenv import load_dotenv
+
+load_dotenv()
+
+env = os.environ.get('DJANGO_ENV', 'development')
+
+from .base import *  # noqa: F401, F403
+
+if env == 'production':
+    from .production import *  # noqa: F401, F403
+else:
+    from .development import *  # noqa: F401, F403

package/src/templates/backend/config/settings/base.py.hbs

@@ -0,0 +1,117 @@
+"""
+Base Django settings for {{projectName}}.
+Generated by Blacksmith.
+"""
+
+import os
+from pathlib import Path
+from datetime import timedelta
+
+BASE_DIR = Path(__file__).resolve().parent.parent.parent
+
+SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', 'django-insecure-change-me')
+
+INSTALLED_APPS = [
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    # Third party
+    'rest_framework',
+    'drf_spectacular',
+    'drf_spectacular_sidecar',
+    'corsheaders',
+    'rest_framework_simplejwt',
+    'rest_framework_simplejwt.token_blacklist',
+    # Local apps
+    'apps.users',
+    # blacksmith:apps
+]
+
+MIDDLEWARE = [
+    'django.middleware.security.SecurityMiddleware',
+    'corsheaders.middleware.CorsMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+]
+
+ROOT_URLCONF = 'config.urls'
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = 'config.wsgi.application'
+
+AUTH_PASSWORD_VALIDATORS = [
+    {'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator'},
+    {'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator'},
+    {'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator'},
+    {'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator'},
+]
+
+LANGUAGE_CODE = 'en-us'
+TIME_ZONE = 'UTC'
+USE_I18N = True
+USE_TZ = True
+
+STATIC_URL = 'static/'
+STATIC_ROOT = BASE_DIR / 'staticfiles'
+
+DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+
+# Custom user model
+AUTH_USER_MODEL = 'users.CustomUser'
+
+# Django REST Framework
+REST_FRAMEWORK = {
+    'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema',
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'rest_framework_simplejwt.authentication.JWTAuthentication',
+    ],
+    'DEFAULT_PERMISSION_CLASSES': [
+        'rest_framework.permissions.IsAuthenticated',
+    ],
+    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
+    'PAGE_SIZE': 20,
+}
+
+# drf-spectacular (OpenAPI)
+SPECTACULAR_SETTINGS = {
+    'TITLE': '{{projectName}} API',
+    'DESCRIPTION': 'API documentation for {{projectName}}. Generated by Blacksmith.',
+    'VERSION': '1.0.0',
+    'OAS_VERSION': '3.1.0',
+    'SERVE_INCLUDE_SCHEMA': False,
+    'COMPONENT_SPLIT_REQUEST': True,
+    'SWAGGER_UI_DIST': 'SIDECAR',
+    'SWAGGER_UI_FAVICON_HREF': 'SIDECAR',
+    'REDOC_DIST': 'SIDECAR',
+}
+
+# Simple JWT
+SIMPLE_JWT = {
+    'ACCESS_TOKEN_LIFETIME': timedelta(minutes=30),
+    'REFRESH_TOKEN_LIFETIME': timedelta(days=7),
+    'ROTATE_REFRESH_TOKENS': True,
+    'BLACKLIST_AFTER_ROTATION': True,
+    'AUTH_HEADER_TYPES': ('Bearer',),
+}

package/src/templates/backend/config/settings/development.py.hbs

@@ -0,0 +1,19 @@
+"""
+Development settings for {{projectName}}.
+"""
+
+DEBUG = True
+
+ALLOWED_HOSTS = ['*']
+
+# SQLite for development
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': 'db.sqlite3',
+    }
+}
+
+# CORS - allow all origins in development
+CORS_ALLOW_ALL_ORIGINS = True
+CORS_ALLOW_CREDENTIALS = True

package/src/templates/backend/config/settings/production.py.hbs

@@ -0,0 +1,31 @@
+"""
+Production settings for {{projectName}}.
+"""
+
+import os
+
+DEBUG = False
+
+ALLOWED_HOSTS = os.environ.get('DJANGO_ALLOWED_HOSTS', '').split(',')
+
+# PostgreSQL for production
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.postgresql',
+        'NAME': os.environ.get('DB_NAME', '{{projectName}}'),
+        'USER': os.environ.get('DB_USER', 'postgres'),
+        'PASSWORD': os.environ.get('DB_PASSWORD', ''),
+        'HOST': os.environ.get('DB_HOST', 'localhost'),
+        'PORT': os.environ.get('DB_PORT', '5432'),
+    }
+}
+
+# CORS - restrict in production
+CORS_ALLOWED_ORIGINS = os.environ.get('CORS_ALLOWED_ORIGINS', '').split(',')
+CORS_ALLOW_CREDENTIALS = True
+
+# Security
+SECURE_BROWSER_XSS_FILTER = True
+SECURE_CONTENT_TYPE_NOSNIFF = True
+SESSION_COOKIE_SECURE = True
+CSRF_COOKIE_SECURE = True