create-authhero 0.40.0 → 0.41.1

package/dist/create-authhero.js

@@ -1,18 +1,19 @@
 #!/usr/bin/env node
-import { Command as P } from "commander";
+import { Command as R } from "commander";
 import m from "inquirer";
-import a from "fs";
-import i from "path";
-import { spawn as E } from "child_process";
-const D = new P(), p = {
+import i from "fs";
+import s from "path";
+import { fileURLToPath as O } from "url";
+import { spawn as U } from "child_process";
+const T = new R(), p = {
   local: {
     name: "Local (SQLite)",
     description: "Local development setup with SQLite database - great for getting started",
     templateDir: "local",
-    packageJson: (s, e, o, r, n) => {
+    packageJson: (a, e, o, r, n) => {
       const t = r ? "workspace:*" : "latest";
       return {
-        name: s,
+        name: a,
         version: "1.0.0",
         type: "module",
         scripts: {
@@ -49,10 +50,10 @@ const D = new P(), p = {
     name: "Cloudflare Workers (D1)",
     description: "Cloudflare Workers setup with D1 database",
     templateDir: "cloudflare",
-    packageJson: (s, e, o, r, n) => {
+    packageJson: (a, e, o, r, n) => {
       const t = r ? "workspace:*" : "latest";
       return {
-        name: s,
+        name: a,
         version: "1.0.0",
         type: "module",
         scripts: {
@@ -98,10 +99,10 @@ const D = new P(), p = {
     name: "AWS SST (Lambda + DynamoDB)",
     description: "Serverless AWS deployment with Lambda, DynamoDB, and SST",
     templateDir: "aws-sst",
-    packageJson: (s, e, o, r, n) => {
+    packageJson: (a, e, o, r, n) => {
       const t = r ? "workspace:*" : "latest";
       return {
-        name: s,
+        name: a,
         version: "1.0.0",
         type: "module",
         scripts: {
@@ -136,14 +137,14 @@ const D = new P(), p = {
     seedFile: "seed.ts"
   }
 };
-function N(s, e) {
-  a.readdirSync(s).forEach((r) => {
-    const n = i.join(s, r), t = i.join(e, r);
-    a.lstatSync(n).isDirectory() ? (a.mkdirSync(t, { recursive: !0 }), N(n, t)) : a.copyFileSync(n, t);
+function P(a, e) {
+  i.readdirSync(a).forEach((r) => {
+    const n = s.join(a, r), t = s.join(e, r);
+    i.lstatSync(n).isDirectory() ? (i.mkdirSync(t, { recursive: !0 }), P(n, t)) : i.copyFileSync(n, t);
   });
 }
-function R(s, e = !1, o = "authhero-local", r) {
-  const n = s ? "control_plane" : "main", t = s ? "Control Plane" : "Main", c = [
+function L(a, e = !1, o = "authhero-local", r) {
+  const n = a ? "control_plane" : "main", t = a ? "Control Plane" : "Main", c = [
     "https://manage.authhero.net/auth-callback",
     "https://local.authhero.net/auth-callback",
     "http://localhost:5173/auth-callback",
@@ -157,7 +158,7 @@ function R(s, e = !1, o = "authhero-local", r) {
     "https://local.authhero.net",
     "http://localhost:5173",
     "http://localhost:3000"
-  ], C = e ? ["https://localhost:8443/", "https://localhost.emobix.co.uk:8443/"] : [], y = [...h, ...C], b = e ? `
+  ], C = e ? ["https://localhost:8443/", "https://localhost.emobix.co.uk:8443/"] : [], y = [...h, ...C], _ = e ? `
   // Create OpenID Conformance Suite test clients and user
   console.log("Creating conformance test clients and user...");
 
@@ -272,7 +273,7 @@ function R(s, e = !1, o = "authhero-local", r) {
   return `import { SqliteDialect, Kysely } from "kysely";
 import Database from "better-sqlite3";
 import createAdapters from "@authhero/kysely-adapter";
-import { seed } from "authhero";
+import { seed${e ? ", USERNAME_PASSWORD_PROVIDER" : ""} } from "authhero";
 
 interface ExtraClient {
   client_id: string;
@@ -281,6 +282,7 @@ interface ExtraClient {
   callbacks?: string[];
   allowed_logout_urls?: string[];
   web_origins?: string[];
+  auth0_conformant?: boolean;
 }
 
 function parseFlag(name: string): string | undefined {
@@ -332,7 +334,7 @@ async function main() {
     adminPassword,
     tenantId: "${n}",
     tenantName: "${t}",
-    isControlPlane: ${!!s},
+    isControlPlane: ${!!a},
     clientId: "default",
     callbacks: ${JSON.stringify(f)},
     allowedLogoutUrls: ${JSON.stringify(y)},
@@ -353,6 +355,9 @@ async function main() {
       web_origins: c.web_origins ?? [],
       connections: ["Username-Password-Authentication"],
       client_metadata: { universal_login_version: "2" },
+      ...(c.auth0_conformant !== undefined && {
+        auth0_conformant: c.auth0_conformant,
+      }),
     });
     console.log(\`✅ Created client "\${c.client_id}"\`);
   }
@@ -361,7 +366,7 @@ async function main() {
     await adapters.users.update(seedResult.tenantId, seedResult.userId, userProfile);
     console.log(\`✅ Updated profile of user "\${seedResult.username}"\`);
   }
-${b}
+${_}
   await db.destroy();
 }
 
@@ -371,7 +376,7 @@ main().catch((err) => {
 });
 `;
 }
-function O(s, e) {
+function $(a, e) {
   const o = e ? `import fs from "fs";
 ` : "", r = e ? `
 const adminDistPath = path.resolve(
@@ -389,7 +394,7 @@ const adminIndexPath = path.join(adminDistPath, "index.html");
       .replace(/href="\\.\\//g, 'href="/admin/');
     const configJson = JSON.stringify({
       domain: issuer.replace(/\\/$/, ""),
-      clientId: ${s ? "CONTROL_PLANE_CLIENT_ID," : '"default",'}
+      clientId: ${a ? "CONTROL_PLANE_CLIENT_ID," : '"default",'}
       basePath: "/admin",
     }).replace(/</g, "\\\\u003c");
     configWithHandlers.adminIndexHtml = rawHtml.replace(
@@ -402,7 +407,7 @@ const adminIndexPath = path.join(adminDistPath, "index.html");
     });
   }
 ` : "";
-  return s ? `import { Context } from "hono";
+  return a ? `import { Context } from "hono";
 import { swaggerUI } from "@hono/swagger-ui";
 import { AuthHeroConfig, DataAdapters } from "authhero";
 import { serveStatic } from "@hono/node-server/serve-static";
@@ -507,7 +512,7 @@ ${n}
 }
 `;
 }
-function U(s) {
+function j(a) {
   return `import { D1Dialect } from "kysely-d1";
 import { Kysely } from "kysely";
 import createAdapters from "@authhero/kysely-adapter";
@@ -534,9 +539,9 @@ export default {
         adminUsername,
         adminPassword,
         issuer,
-        tenantId: "${s ? "control_plane" : "main"}",
-        tenantName: "${s ? "Control Plane" : "Main"}",
-        isControlPlane: ${!!s},
+        tenantId: "${a ? "control_plane" : "main"}",
+        tenantName: "${a ? "Control Plane" : "Main"}",
+        isControlPlane: ${!!a},
         clientId: "default",
       });
 
@@ -568,11 +573,11 @@ export default {
 };
 `;
 }
-function $(s, e) {
+function H(a, e) {
   const o = e ? `import adminIndexHtml from "./admin-index-html";
 ` : "", r = e ? `    adminIndexHtml,
 ` : "";
-  return s ? `import { Context } from "hono";
+  return a ? `import { Context } from "hono";
 import { swaggerUI } from "@hono/swagger-ui";
 import { AuthHeroConfig, DataAdapters } from "authhero";
 import { initMultiTenant } from "@authhero/multi-tenancy";
@@ -653,8 +658,8 @@ ${r}  });
 }
 `;
 }
-function L(s) {
-  return s ? `import { Context } from "hono";
+function M(a) {
+  return a ? `import { Context } from "hono";
 import { swaggerUI } from "@hono/swagger-ui";
 import { AuthHeroConfig, DataAdapters } from "authhero";
 import { initMultiTenant } from "@authhero/multi-tenancy";
@@ -759,7 +764,7 @@ export default function createApp(config: AppConfig) {
 }
 `;
 }
-function j(s) {
+function F(a) {
   return `import { DynamoDBClient } from "@aws-sdk/client-dynamodb";
 import { DynamoDBDocumentClient } from "@aws-sdk/lib-dynamodb";
 import createAdapters from "@authhero/aws";
@@ -788,9 +793,9 @@ async function main() {
   await seed(adapters, {
     adminUsername,
     adminPassword,
-    tenantId: "${s ? "control_plane" : "main"}",
-    tenantName: "${s ? "Control Plane" : "Main"}",
-    isControlPlane: ${!!s},
+    tenantId: "${a ? "control_plane" : "main"}",
+    tenantName: "${a ? "Control Plane" : "Main"}",
+    isControlPlane: ${!!a},
   });
 
   console.log("✅ Database seeded successfully!");
@@ -799,22 +804,22 @@ async function main() {
 main().catch(console.error);
 `;
 }
-function H(s, e) {
-  const o = i.join(s, "src");
-  a.writeFileSync(
-    i.join(o, "app.ts"),
-    L(e)
-  ), a.writeFileSync(
-    i.join(o, "seed.ts"),
-    j(e)
+function W(a, e) {
+  const o = s.join(a, "src");
+  i.writeFileSync(
+    s.join(o, "app.ts"),
+    M(e)
+  ), i.writeFileSync(
+    s.join(o, "seed.ts"),
+    F(e)
   );
 }
-function x() {
+function k() {
   console.log("\\n" + "─".repeat(50)), console.log("🔐 AuthHero deployed to AWS!"), console.log("📚 Check SST output for your API URL"), console.log("🚀 Open your server URL /setup to complete initial setup"), console.log("🌐 Portal available at https://local.authhero.net"), console.log("─".repeat(50) + "\\n");
 }
-function F(s) {
-  const e = i.join(s, ".github", "workflows");
-  a.mkdirSync(e, { recursive: !0 });
+function q(a) {
+  const e = s.join(a, ".github", "workflows");
+  i.mkdirSync(e, { recursive: !0 });
   const o = `name: Unit tests
 
 on: push
@@ -901,9 +906,9 @@ jobs:
           apiToken: \${{ secrets.PROD_CLOUDFLARE_API_TOKEN }}
           command: deploy --env production
 `;
-  a.writeFileSync(i.join(e, "unit-tests.yml"), o), a.writeFileSync(i.join(e, "deploy-dev.yml"), r), a.writeFileSync(i.join(e, "release.yml"), n), console.log("\\n📦 GitHub CI workflows created!");
+  i.writeFileSync(s.join(e, "unit-tests.yml"), o), i.writeFileSync(s.join(e, "deploy-dev.yml"), r), i.writeFileSync(s.join(e, "release.yml"), n), console.log("\\n📦 GitHub CI workflows created!");
 }
-function M(s) {
+function J(a) {
   const e = {
     branches: ["main"],
     plugins: [
@@ -912,11 +917,11 @@ function M(s) {
       "@semantic-release/github"
     ]
   };
-  a.writeFileSync(
-    i.join(s, ".releaserc.json"),
+  i.writeFileSync(
+    s.join(a, ".releaserc.json"),
     JSON.stringify(e, null, 2)
   );
-  const o = i.join(s, "package.json"), r = JSON.parse(a.readFileSync(o, "utf-8"));
+  const o = s.join(a, "package.json"), r = JSON.parse(i.readFileSync(o, "utf-8"));
   r.devDependencies = {
     ...r.devDependencies,
     "semantic-release": "^24.0.0"
@@ -924,11 +929,11 @@ function M(s) {
     ...r.scripts,
     test: 'echo "No tests yet"',
     "type-check": "tsc --noEmit"
-  }, a.writeFileSync(o, JSON.stringify(r, null, 2));
+  }, i.writeFileSync(o, JSON.stringify(r, null, 2));
 }
-function _(s, e) {
+function b(a, e) {
   return new Promise((o, r) => {
-    const n = E(s, [], {
+    const n = U(a, [], {
       cwd: e,
       shell: !0,
       stdio: "inherit"
@@ -938,27 +943,27 @@ function _(s, e) {
     }), n.on("error", r);
   });
 }
-function W(s, e, o) {
-  const r = i.join(s, "src");
-  a.writeFileSync(
-    i.join(r, "app.ts"),
-    $(e, o)
-  ), a.writeFileSync(
-    i.join(r, "seed.ts"),
-    U(e)
+function z(a, e, o) {
+  const r = s.join(a, "src");
+  i.writeFileSync(
+    s.join(r, "app.ts"),
+    H(e, o)
+  ), i.writeFileSync(
+    s.join(r, "seed.ts"),
+    j(e)
   );
 }
-function I() {
+function D() {
   console.log(`
 ` + "─".repeat(50)), console.log("🔐 AuthHero server running at https://localhost:3000"), console.log("🚀 Open https://localhost:3000/setup to complete initial setup"), console.log("─".repeat(50) + `
 `);
 }
-function k() {
+function N() {
   console.log(`
 ` + "─".repeat(50)), console.log("✅ Self-signed certificates generated with openssl"), console.log("⚠️  You may need to trust the certificate in your browser"), console.log("🔐 AuthHero server running at http://localhost:3000"), console.log("📚 API documentation available at http://localhost:3000/docs"), console.log("🚀 Open http://localhost:3000/setup to complete initial setup"), console.log("─".repeat(50) + `
 `);
 }
-D.version("1.0.0").description("Create a new AuthHero project").argument("[project-name]", "name of the project").option("-t, --template <type>", "template type: local or cloudflare").option(
+T.version("1.0.0").description("Create a new AuthHero project").argument("[project-name]", "name of the project").option("-t, --template <type>", "template type: local or cloudflare").option(
   "--package-manager <pm>",
   "package manager to use: npm, yarn, pnpm, or bun"
 ).option("--multi-tenant", "enable multi-tenant mode").option("--admin-ui", "include admin UI at /admin").option("--skip-install", "skip installing dependencies").option("--skip-migrate", "skip running database migrations").option("--skip-start", "skip starting the development server").option("--github-ci", "include GitHub CI workflows with semantic versioning").option("--conformance", "add OpenID conformance suite test clients").option(
@@ -967,12 +972,12 @@ D.version("1.0.0").description("Create a new AuthHero project").argument("[proje
 ).option(
   "--workspace",
   "use workspace:* dependencies for local monorepo development"
-).option("-y, --yes", "skip all prompts and use defaults/provided options").action(async (s, e) => {
+).option("-y, --yes", "skip all prompts and use defaults/provided options").action(async (a, e) => {
   const o = e.yes === !0;
   console.log(`
 🔐 Welcome to AuthHero!
 `);
-  let r = s;
+  let r = a;
   r || (o ? (r = "auth-server", console.log(`Using default project name: ${r}`)) : r = (await m.prompt([
     {
       type: "input",
@@ -982,8 +987,8 @@ D.version("1.0.0").description("Create a new AuthHero project").argument("[proje
       validate: (u) => u !== "" || "Project name cannot be empty"
     }
   ])).projectName);
-  const n = i.join(process.cwd(), r);
-  a.existsSync(n) && (console.error(`❌ Project "${r}" already exists.`), process.exit(1));
+  const n = s.join(process.cwd(), r);
+  i.existsSync(n) && (console.error(`❌ Project "${r}" already exists.`), process.exit(1));
   let t;
   e.template ? (["local", "cloudflare", "aws-sst"].includes(e.template) || (console.error(`❌ Invalid template: ${e.template}`), console.error("Valid options: local, cloudflare, aws-sst"), process.exit(1)), t = e.template, console.log(`Using template: ${p[t].name}`)) : t = (await m.prompt([
     {
@@ -1037,8 +1042,8 @@ D.version("1.0.0").description("Create a new AuthHero project").argument("[proje
   const C = e.workspace || !1;
   C && console.log("Workspace mode: enabled (using workspace:* dependencies)");
   const y = p[t];
-  a.mkdirSync(n, { recursive: !0 }), a.writeFileSync(
-    i.join(n, "package.json"),
+  i.mkdirSync(n, { recursive: !0 }), i.writeFileSync(
+    s.join(n, "package.json"),
     JSON.stringify(
       y.packageJson(
         r,
@@ -1051,15 +1056,19 @@ D.version("1.0.0").description("Create a new AuthHero project").argument("[proje
       2
     )
   );
-  const b = y.templateDir, S = i.join(
-    import.meta.url.replace("file://", "").replace("/create-authhero.js", ""),
-    b
-  );
-  if (a.existsSync(S) ? N(S, n) : (console.error(`❌ Template directory not found: ${S}`), process.exit(1)), t === "cloudflare" && W(n, c, d), t === "cloudflare") {
-    const l = i.join(n, "wrangler.toml"), u = i.join(n, "wrangler.local.toml");
-    a.existsSync(l) && a.copyFileSync(l, u);
-    const g = i.join(n, ".dev.vars.example"), w = i.join(n, ".dev.vars");
-    a.existsSync(g) && a.copyFileSync(g, w), console.log(
+  const _ = y.templateDir, S = s.dirname(O(import.meta.url)), x = [
+    s.join(S, _),
+    s.join(S, "..", "templates", _)
+  ], I = x.find((l) => i.existsSync(l));
+  if (I ? P(I, n) : (console.error(
+    `❌ Template directory not found. Looked in:
+  ${x.join(`
+  `)}`
+  ), process.exit(1)), t === "cloudflare" && z(n, c, d), t === "cloudflare") {
+    const l = s.join(n, "wrangler.toml"), u = s.join(n, "wrangler.local.toml");
+    i.existsSync(l) && i.copyFileSync(l, u);
+    const g = s.join(n, ".dev.vars.example"), w = s.join(n, ".dev.vars");
+    i.existsSync(g) && i.copyFileSync(g, w), console.log(
       "📁 Created wrangler.local.toml and .dev.vars for local development"
     );
   }
@@ -1071,18 +1080,18 @@ D.version("1.0.0").description("Create a new AuthHero project").argument("[proje
       message: "Would you like to include GitHub CI with semantic versioning?",
       default: !1
     }
-  ])).includeGithubCi), A && (F(n), M(n))), t === "local") {
-    const l = R(
+  ])).includeGithubCi), A && (q(n), J(n))), t === "local") {
+    const l = L(
       c,
       f,
       h,
       d
     );
-    a.writeFileSync(i.join(n, "src/seed.ts"), l);
-    const u = O(c, d);
-    a.writeFileSync(i.join(n, "src/app.ts"), u);
+    i.writeFileSync(s.join(n, "src/seed.ts"), l);
+    const u = $(c, d);
+    i.writeFileSync(s.join(n, "src/app.ts"), u);
   }
-  if (t === "aws-sst" && H(n, c), f) {
+  if (t === "aws-sst" && W(n, c), f) {
     const l = {
       alias: h,
       description: "AuthHero Conformance Test",
@@ -1101,17 +1110,17 @@ D.version("1.0.0").description("Create a new AuthHero project").argument("[proje
         resourceUrl: "http://host.docker.internal:3000/userinfo"
       }
     };
-    a.writeFileSync(
-      i.join(n, "conformance-config.json"),
+    i.writeFileSync(
+      s.join(n, "conformance-config.json"),
       JSON.stringify(l, null, 2)
     ), console.log(
       "📝 Created conformance-config.json for OpenID Conformance Suite"
     );
   }
-  const T = c ? "multi-tenant" : "single-tenant";
+  const E = c ? "multi-tenant" : "single-tenant";
   console.log(
     `
-✅ Project "${r}" has been created with ${y.name} (${T}) setup!
+✅ Project "${r}" has been created with ${y.name} (${E}) setup!
 `
   );
   let v;
@@ -1144,9 +1153,9 @@ D.version("1.0.0").description("Create a new AuthHero project").argument("[proje
 `);
     try {
       const u = l === "pnpm" ? "pnpm install --ignore-workspace" : `${l} install`;
-      if (await _(u, n), t === "local" && (console.log(`
+      if (await b(u, n), t === "local" && (console.log(`
 🔧 Building native modules...
-`), await _("npm rebuild better-sqlite3", n)), console.log(`
+`), await b("npm rebuild better-sqlite3", n)), console.log(`
 ✅ Dependencies installed successfully!
 `), (t === "local" || t === "cloudflare") && !e.skipMigrate) {
         let w;
@@ -1159,7 +1168,7 @@ D.version("1.0.0").description("Create a new AuthHero project").argument("[proje
           }
         ])).shouldMigrate, w && (console.log(`
 🔄 Running migrations...
-`), await _(`${l} run migrate`, n));
+`), await b(`${l} run migrate`, n));
       }
       let g;
       e.skipStart || o ? g = !1 : g = (await m.prompt([
@@ -1169,10 +1178,10 @@ D.version("1.0.0").description("Create a new AuthHero project").argument("[proje
           message: "Would you like to start the development server?",
           default: !0
         }
-      ])).shouldStart, g && (t === "cloudflare" ? I() : t === "aws-sst" ? x() : k(), console.log(`🚀 Starting development server...
-`), await _(`${l} run dev`, n)), o && !g && (console.log(`
+      ])).shouldStart, g && (t === "cloudflare" ? D() : t === "aws-sst" ? k() : N(), console.log(`🚀 Starting development server...
+`), await b(`${l} run dev`, n)), o && !g && (console.log(`
 ✅ Setup complete!`), console.log(`
-To start the development server:`), console.log(`  cd ${r}`), console.log("  npm run dev"), t === "cloudflare" ? I() : t === "aws-sst" ? x() : k());
+To start the development server:`), console.log(`  cd ${r}`), console.log("  npm run dev"), t === "cloudflare" ? D() : t === "aws-sst" ? k() : N());
     } catch (u) {
       console.error(`
 ❌ An error occurred:`, u), process.exit(1);
@@ -1199,4 +1208,4 @@ Server will be available at: http://localhost:3000`), f && (console.log(`
 For more information, visit: https://authhero.net/docs
 `));
 });
-D.parse(process.argv);
+T.parse(process.argv);

package/dist/local/src/index.ts

@@ -4,6 +4,76 @@ import { Kysely } from "kysely";
 import Database from "better-sqlite3";
 import createAdapters from "@authhero/kysely-adapter";
 import createApp from "./app";
+import fs from "fs";
+import path from "path";
+import { execFileSync } from "child_process";
+import https from "https";
+
+// Generate self-signed certificates for local HTTPS if they don't exist
+const certDir = path.join(process.cwd(), ".certs");
+const keyPath = path.join(certDir, "localhost-key.pem");
+const certPath = path.join(certDir, "localhost.pem");
+
+function ensureCertificates() {
+  if (!fs.existsSync(certDir)) {
+    fs.mkdirSync(certDir, { recursive: true });
+  }
+
+  if (!fs.existsSync(keyPath) || !fs.existsSync(certPath)) {
+    console.log("🔑 Generating self-signed certificates for local HTTPS...");
+
+    // Try mkcert first (if installed), otherwise fall back to openssl
+    try {
+      execFileSync("which", ["mkcert"], { stdio: "ignore" });
+      execFileSync(
+        "mkcert",
+        ["-key-file", keyPath, "-cert-file", certPath, "localhost", "127.0.0.1"],
+        { stdio: "inherit" },
+      );
+      console.log("✅ Certificates generated with mkcert");
+    } catch {
+      // Fall back to openssl
+      try {
+        execFileSync(
+          "openssl",
+          [
+            "req",
+            "-x509",
+            "-newkey",
+            "rsa:2048",
+            "-keyout",
+            keyPath,
+            "-out",
+            certPath,
+            "-days",
+            "365",
+            "-nodes",
+            "-subj",
+            "/CN=localhost",
+          ],
+          { stdio: "inherit" },
+        );
+        console.log("✅ Self-signed certificates generated with openssl");
+        console.log(
+          "⚠️  You may need to trust the certificate in your browser",
+        );
+      } catch (err) {
+        console.error(
+          "❌ Failed to generate certificates. Please install mkcert or openssl",
+        );
+        console.error(
+          "   Install mkcert: brew install mkcert && mkcert -install",
+        );
+        process.exit(1);
+      }
+    }
+  }
+
+  return {
+    key: fs.readFileSync(keyPath),
+    cert: fs.readFileSync(certPath),
+  };
+}
 
 // Initialize SQLite database
 let db: Kysely<any>;
@@ -34,15 +104,19 @@ const app = createApp({
     "https://manage.authhero.net",
     "https://local.authhero.net",
     "http://localhost:5173",
+    "https://localhost:5173",
   ],
 });
 
 // Start the server
 const port = Number(process.env.PORT) || 3000;
-const issuer = process.env.ISSUER || `http://localhost:${port}/`;
+const issuer = process.env.ISSUER || `https://localhost:${port}/`;
+
+// Get or generate certificates
+const { key, cert } = ensureCertificates();
 
-console.log(`🔐 AuthHero server running at http://localhost:${port}`);
-console.log(`📚 API documentation available at http://localhost:${port}/docs`);
+console.log(`🔐 AuthHero server running at https://localhost:${port}`);
+console.log(`📚 API documentation available at https://localhost:${port}/docs`);
 console.log(`🌐 Portal available at https://local.authhero.net`);
 
 serve({
@@ -53,4 +127,11 @@ serve({
     });
   },
   port,
+  // Bind to all IPv4 interfaces explicitly. Node's default (`::`) is
+  // supposed to be dual-stack but on Docker Desktop Mac the docker bridge
+  // gateway IPv4 (e.g. 192.168.65.254) often isn't reachable that way,
+  // causing connections from inside the suite container to be refused.
+  hostname: "0.0.0.0",
+  createServer: https.createServer,
+  serverOptions: { key, cert },
 });

package/package.json

@@ -5,7 +5,7 @@
     "type": "git",
     "url": "https://github.com/markusahlstrand/authhero"
   },
-  "version": "0.40.0",
+  "version": "0.41.1",
   "type": "module",
   "main": "dist/create-authhero.js",
   "bin": {
@@ -20,6 +20,7 @@
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/inquirer": "^9.0.7",
     "@types/node": "^20.14.9",
+    "tsx": "^4.19.4",
     "typescript": "^5.5.2",
     "vite": "^5.3.2"
   },