create-authhero 0.6.0 → 0.8.0

package/dist/cloudflare-simple/src/index.ts

@@ -1,27 +1,45 @@
-import { OpenAPIHono } from "@hono/zod-openapi";
 import { D1Dialect } from "kysely-d1";
 import { Kysely } from "kysely";
 import createAdapters from "@authhero/kysely-adapter";
 import createApp from "./app";
 import { Env } from "./types";
-import { AuthHeroConfig, Bindings, Variables } from "authhero";
-
-let app: OpenAPIHono<{ Bindings: Bindings; Variables: Variables }> | undefined;
+import { AuthHeroConfig } from "authhero";
 
 export default {
   async fetch(request: Request, env: Env): Promise<Response> {
-    if (!app) {
-      const dialect = new D1Dialect({ database: env.AUTH_DB });
-      const db = new Kysely<any>({ dialect });
-      const dataAdapter = createAdapters(db);
+    const url = new URL(request.url);
+    const issuer = `${url.protocol}//${url.host}/`;
+
+    // Get the origin from the request for dynamic CORS
+    const origin = request.headers.get("Origin") || "";
+
+    const dialect = new D1Dialect({ database: env.AUTH_DB });
+    const db = new Kysely<any>({ dialect });
+    const dataAdapter = createAdapters(db);
+
+    const config: AuthHeroConfig = {
+      dataAdapter,
+      // Allow CORS from common development origins
+      allowedOrigins: [
+        "http://localhost:5173",
+        "http://localhost:3000",
+        "https://localhost:5173",
+        "https://localhost:3000",
+        "https://manage.authhero.net",
+        "https://local.authhero.net",
+        // Also allow the requesting origin in development
+        origin,
+      ].filter(Boolean),
+    };
 
-      const config: AuthHeroConfig = {
-        dataAdapter,
-      };
+    const app = createApp(config);
 
-      app = createApp(config);
-    }
+    // Pass the issuer via env bindings
+    const envWithIssuer = {
+      ...env,
+      ISSUER: issuer,
+    };
 
-    return app.fetch(request, env);
+    return app.fetch(request, envWithIssuer);
   },
 };

package/dist/cloudflare-simple/src/seed.ts

@@ -0,0 +1,64 @@
+import { D1Dialect } from "kysely-d1";
+import { Kysely } from "kysely";
+import createAdapters from "@authhero/kysely-adapter";
+import { seed } from "authhero";
+
+interface Env {
+  AUTH_DB: D1Database;
+}
+
+export default {
+  async fetch(request: Request, env: Env): Promise<Response> {
+    const url = new URL(request.url);
+    const adminEmail = url.searchParams.get("email");
+    const adminPassword = url.searchParams.get("password");
+
+    if (!adminEmail || !adminPassword) {
+      return new Response(
+        JSON.stringify({
+          error: "Missing email or password query parameters",
+          usage: "/?email=admin@example.com&password=yourpassword",
+        }),
+        {
+          status: 400,
+          headers: { "Content-Type": "application/json" },
+        },
+      );
+    }
+
+    try {
+      const dialect = new D1Dialect({ database: env.AUTH_DB });
+      const db = new Kysely<any>({ dialect });
+      const adapters = createAdapters(db);
+
+      const result = await seed(adapters, {
+        adminEmail,
+        adminPassword,
+      });
+
+      return new Response(
+        JSON.stringify({
+          success: true,
+          message: "Database seeded successfully",
+          result,
+        }),
+        {
+          status: 200,
+          headers: { "Content-Type": "application/json" },
+        },
+      );
+    } catch (error) {
+      console.error("Seed error:", error);
+      return new Response(
+        JSON.stringify({
+          error: "Failed to seed database",
+          message: error instanceof Error ? error.message : String(error),
+        }),
+        {
+          status: 500,
+          headers: { "Content-Type": "application/json" },
+        },
+      );
+    }
+  },
+};

package/dist/cloudflare-simple/wrangler.toml

@@ -9,12 +9,14 @@ compatibility_date = "2024-11-20"
 # binding = "AUTH_DB"
 # database_name = "authhero-db"
 # database_id = "<YOUR_DATABASE_ID>"
+# migrations_dir = "migrations"
 
 # For local development, you can use a local D1 database:
 [[d1_databases]]
 binding = "AUTH_DB"
 database_name = "authhero-db"
 database_id = "local"
+migrations_dir = "migrations"
 
 # Optional: Enable observability
 # [observability]

package/dist/create-authhero.js

@@ -1,16 +1,16 @@
 #!/usr/bin/env node
-import { Command as b } from "commander";
-import d from "inquirer";
-import l from "fs";
-import c from "path";
-import { spawn as f } from "child_process";
-const w = new b(), r = {
+import { Command as I } from "commander";
+import m from "inquirer";
+import i from "fs";
+import f from "path";
+import { spawn as A } from "child_process";
+const b = new I(), l = {
   local: {
     name: "Local (SQLite)",
     description: "Local development setup with SQLite database - great for getting started",
     templateDir: "local",
-    packageJson: (t) => ({
-      name: t,
+    packageJson: (n) => ({
+      name: n,
       version: "1.0.0",
       type: "module",
       scripts: {
@@ -42,16 +42,22 @@ const w = new b(), r = {
     name: "Cloudflare Simple (Single Tenant)",
     description: "Single-tenant Cloudflare Workers setup with D1 database",
     templateDir: "cloudflare-simple",
-    packageJson: (t) => ({
-      name: t,
+    packageJson: (n) => ({
+      name: n,
       version: "1.0.0",
       type: "module",
       scripts: {
-        dev: "wrangler dev",
+        "dev:local": "wrangler dev --port 3000 --local-protocol https",
+        "dev:remote": "wrangler dev --port 3000 --local-protocol https --remote",
+        dev: "wrangler dev --port 3000 --local-protocol https",
         deploy: "wrangler deploy",
-        "db:migrate": "wrangler d1 migrations apply AUTH_DB --local",
-        "db:migrate:prod": "wrangler d1 migrations apply AUTH_DB --remote",
-        seed: "wrangler d1 execute AUTH_DB --local --file=seed.sql"
+        "db:migrate:local": "wrangler d1 migrations apply AUTH_DB --local",
+        "db:migrate:remote": "wrangler d1 migrations apply AUTH_DB --remote",
+        migrate: "wrangler d1 migrations apply AUTH_DB --local",
+        "db:generate": "drizzle-kit generate",
+        "seed:local": "node seed-helper.js",
+        "seed:remote": "node seed-helper.js '' '' remote",
+        seed: "node seed-helper.js"
       },
       dependencies: {
         "@authhero/kysely-adapter": "latest",
@@ -64,18 +70,20 @@ const w = new b(), r = {
       },
       devDependencies: {
         "@cloudflare/workers-types": "^4.0.0",
+        "drizzle-kit": "^0.31.0",
+        "drizzle-orm": "^0.44.0",
         typescript: "^5.5.0",
         wrangler: "^3.0.0"
       }
     }),
-    seedFile: "seed.sql"
+    seedFile: "seed.ts"
   },
   "cloudflare-multitenant": {
     name: "Cloudflare Multi-Tenant (Production)",
     description: "Production-grade multi-tenant setup with per-tenant D1 databases and Analytics Engine",
     templateDir: "cloudflare-multitenant",
-    packageJson: (t) => ({
-      name: t,
+    packageJson: (n) => ({
+      name: n,
       version: "1.0.0",
       type: "module",
       scripts: {
@@ -106,14 +114,14 @@ const w = new b(), r = {
     seedFile: "seed.sql"
   }
 };
-function v(t, e) {
-  l.readdirSync(t).forEach((s) => {
-    const n = c.join(t, s), o = c.join(e, s);
-    l.lstatSync(n).isDirectory() ? (l.mkdirSync(o, { recursive: !0 }), v(n, o)) : l.copyFileSync(n, o);
+function D(n, e) {
+  i.readdirSync(n).forEach((o) => {
+    const t = f.join(n, o), a = f.join(e, o);
+    i.lstatSync(t).isDirectory() ? (i.mkdirSync(a, { recursive: !0 }), D(t, a)) : i.copyFileSync(t, a);
   });
 }
-function D(t) {
-  if (t === "local")
+function $(n) {
+  if (n === "local")
     return `import { SqliteDialect, Kysely } from "kysely";
 import Database from "better-sqlite3";
 import createAdapters from "@authhero/kysely-adapter";
@@ -147,7 +155,7 @@ async function main() {
 main().catch(console.error);
 `;
   {
-    const e = (/* @__PURE__ */ new Date()).toISOString(), a = "default";
+    const e = (/* @__PURE__ */ new Date()).toISOString(), r = "default";
     return `-- Seed file for AuthHero
 -- 
 -- IMPORTANT: This SQL file creates the basic structure but the password
@@ -156,15 +164,15 @@ main().catch(console.error);
 
 -- Create default tenant
 INSERT OR IGNORE INTO tenants (id, friendly_name, audience, sender_email, sender_name, created_at, updated_at)
-VALUES ('${a}', 'Default Tenant', 'https://api.example.com', 'noreply@example.com', 'AuthHero', '${e}', '${e}');
+VALUES ('${r}', 'Default Tenant', 'https://api.example.com', 'noreply@example.com', 'AuthHero', '${e}', '${e}');
 
 -- Create password connection
 INSERT OR IGNORE INTO connections (id, tenant_id, name, strategy, options, created_at, updated_at)
-VALUES ('conn_default', '${a}', 'Username-Password-Authentication', 'Username-Password-Authentication', '{}', '${e}', '${e}');
+VALUES ('conn_default', '${r}', 'Username-Password-Authentication', 'Username-Password-Authentication', '{}', '${e}', '${e}');
 
 -- Create default client
 INSERT OR IGNORE INTO clients (client_id, tenant_id, name, callbacks, allowed_origins, web_origins, connections, created_at, updated_at)
-VALUES ('default', '${a}', 'Default Application', '["https://manage.authhero.net/auth-callback","https://local.authhero.net/auth-callback"]', '[]', '[]', '["Username-Password-Authentication"]', '${e}', '${e}');
+VALUES ('default', '${r}', 'Default Application', '["https://manage.authhero.net/auth-callback","https://local.authhero.net/auth-callback"]', '[]', '[]', '["Username-Password-Authentication"]', '${e}', '${e}');
 
 -- Note: Admin user and password should be created via the management API
 -- or using a TypeScript seed script with proper bcrypt hashing.
@@ -172,97 +180,111 @@ VALUES ('default', '${a}', 'Default Application', '["https://manage.authhero.net
 `;
   }
 }
-function u(t, e) {
-  return new Promise((a, s) => {
-    const n = f(t, [], {
+function v(n, e) {
+  return new Promise((r, o) => {
+    const t = A(n, [], {
       cwd: e,
       shell: !0,
       stdio: "inherit"
     });
-    n.on("close", (o) => {
-      o === 0 ? a() : s(new Error(`Command failed with exit code ${o}`));
-    }), n.on("error", s);
+    t.on("close", (a) => {
+      a === 0 ? r() : o(new Error(`Command failed with exit code ${a}`));
+    }), t.on("error", o);
   });
 }
-function k(t, e, a) {
-  return new Promise((s, n) => {
-    const o = f(t, [], {
+function S(n, e, r) {
+  return new Promise((o, t) => {
+    const a = A(n, [], {
       cwd: e,
       shell: !0,
       stdio: "inherit",
-      env: { ...process.env, ...a }
+      env: { ...process.env, ...r }
     });
-    o.on("close", (m) => {
-      m === 0 ? s() : n(new Error(`Command failed with exit code ${m}`));
-    }), o.on("error", n);
+    a.on("close", (g) => {
+      g === 0 ? o() : t(new Error(`Command failed with exit code ${g}`));
+    }), a.on("error", t);
   });
 }
-w.version("1.0.0").description("Create a new AuthHero project").argument("[project-name]", "name of the project").action(async (t) => {
+b.version("1.0.0").description("Create a new AuthHero project").argument("[project-name]", "name of the project").option(
+  "-t, --template <type>",
+  "template type: local, cloudflare-simple, or cloudflare-multitenant"
+).option("-e, --email <email>", "admin email address").option("-p, --password <password>", "admin password (min 8 characters)").option(
+  "--package-manager <pm>",
+  "package manager to use: npm, yarn, pnpm, or bun"
+).option("--skip-install", "skip installing dependencies").option("--skip-migrate", "skip running database migrations").option("--skip-seed", "skip seeding the database").option("--skip-start", "skip starting the development server").option("--remote", "use remote mode for cloudflare-simple (production D1)").option("-y, --yes", "skip all prompts and use defaults/provided options").action(async (n, e) => {
+  const r = e.yes === !0;
   console.log(`
 🔐 Welcome to AuthHero!
-`), t || (t = (await d.prompt([
+`);
+  let o = n;
+  o || (r ? (o = "auth-server", console.log(`Using default project name: ${o}`)) : o = (await m.prompt([
     {
       type: "input",
       name: "projectName",
       message: "Project name:",
       default: "auth-server",
-      validate: (p) => p !== "" || "Project name cannot be empty"
+      validate: (d) => d !== "" || "Project name cannot be empty"
     }
   ])).projectName);
-  const e = c.join(process.cwd(), t);
-  l.existsSync(e) && (console.error(`❌ Project "${t}" already exists.`), process.exit(1));
-  const { setupType: a } = await d.prompt([
+  const t = f.join(process.cwd(), o);
+  i.existsSync(t) && (console.error(`❌ Project "${o}" already exists.`), process.exit(1));
+  let a;
+  e.template ? (["local", "cloudflare-simple", "cloudflare-multitenant"].includes(e.template) || (console.error(`❌ Invalid template: ${e.template}`), console.error("Valid options: local, cloudflare-simple, cloudflare-multitenant"), process.exit(1)), a = e.template, console.log(`Using template: ${l[a].name}`)) : a = (await m.prompt([
     {
       type: "list",
       name: "setupType",
       message: "Select your setup type:",
       choices: [
         {
-          name: `${r.local.name}
-     ${r.local.description}`,
+          name: `${l.local.name}
+     ${l.local.description}`,
           value: "local",
-          short: r.local.name
+          short: l.local.name
         },
         {
-          name: `${r["cloudflare-simple"].name}
-     ${r["cloudflare-simple"].description}`,
+          name: `${l["cloudflare-simple"].name}
+     ${l["cloudflare-simple"].description}`,
           value: "cloudflare-simple",
-          short: r["cloudflare-simple"].name
+          short: l["cloudflare-simple"].name
         },
         {
-          name: `${r["cloudflare-multitenant"].name}
-     ${r["cloudflare-multitenant"].description}`,
+          name: `${l["cloudflare-multitenant"].name}
+     ${l["cloudflare-multitenant"].description}`,
           value: "cloudflare-multitenant",
-          short: r["cloudflare-multitenant"].name
+          short: l["cloudflare-multitenant"].name
         }
       ]
     }
-  ]), s = r[a];
-  l.mkdirSync(e, { recursive: !0 }), l.writeFileSync(
-    c.join(e, "package.json"),
-    JSON.stringify(s.packageJson(t), null, 2)
+  ])).setupType;
+  const g = l[a];
+  i.mkdirSync(t, { recursive: !0 }), i.writeFileSync(
+    f.join(t, "package.json"),
+    JSON.stringify(g.packageJson(o), null, 2)
   );
-  const n = c.join(
+  const k = f.join(
     import.meta.url.replace("file://", "").replace("/create-authhero.js", ""),
-    s.templateDir
+    g.templateDir
   );
-  l.existsSync(n) ? v(n, e) : (console.error(`❌ Template directory not found: ${n}`), process.exit(1));
-  const o = D(a), m = a === "local" ? "src/seed.ts" : "seed.sql";
-  l.writeFileSync(c.join(e, m), o), console.log(
+  if (i.existsSync(k) ? D(k, t) : (console.error(`❌ Template directory not found: ${k}`), process.exit(1)), a === "local" || a === "cloudflare-multitenant") {
+    const s = $(a), d = a === "local" ? "src/seed.ts" : "seed.sql";
+    i.writeFileSync(f.join(t, d), s);
+  }
+  console.log(
     `
-✅ Project "${t}" has been created with ${s.name} setup!
+✅ Project "${o}" has been created with ${g.name} setup!
 `
   );
-  const { shouldInstall: h } = await d.prompt([
+  let h;
+  if (e.skipInstall ? h = !1 : r ? h = !0 : h = (await m.prompt([
     {
       type: "confirm",
       name: "shouldInstall",
       message: "Would you like to install dependencies now?",
       default: !0
     }
-  ]);
-  if (h) {
-    const { packageManager: i } = await d.prompt([
+  ])).shouldInstall, h) {
+    let s;
+    e.packageManager ? (["npm", "yarn", "pnpm", "bun"].includes(e.packageManager) || (console.error(`❌ Invalid package manager: ${e.packageManager}`), console.error("Valid options: npm, yarn, pnpm, bun"), process.exit(1)), s = e.packageManager) : r ? s = "npm" : s = (await m.prompt([
       {
         type: "list",
         name: "packageManager",
@@ -275,70 +297,127 @@ w.version("1.0.0").description("Create a new AuthHero project").argument("[proje
         ],
         default: "npm"
       }
-    ]);
-    console.log(`
-📦 Installing dependencies with ${i}...
+    ])).packageManager, console.log(`
+📦 Installing dependencies with ${s}...
 `);
     try {
-      const p = i === "pnpm" ? "pnpm install --ignore-workspace" : `${i} install`;
-      if (await u(p, e), a === "local" && (console.log(`
+      const d = s === "pnpm" ? "pnpm install --ignore-workspace" : `${s} install`;
+      await v(d, t), a === "local" && (console.log(`
 🔧 Building native modules...
-`), await u("npm rebuild better-sqlite3", e)), console.log(`
+`), await v("npm rebuild better-sqlite3", t)), console.log(`
 ✅ Dependencies installed successfully!
-`), a === "local") {
-        const { shouldSetup: A } = await d.prompt([
+`);
+      let w = e.remote ? "remote" : "local";
+      if (a === "local" || a === "cloudflare-simple") {
+        a === "cloudflare-simple" && !r && !e.remote && (w = (await m.prompt([
+          {
+            type: "list",
+            name: "mode",
+            message: "Would you like to run in local mode or remote mode?",
+            choices: [
+              {
+                name: "Local (using local D1 database)",
+                value: "local",
+                short: "Local"
+              },
+              {
+                name: "Remote (using production D1 database)",
+                value: "remote",
+                short: "Remote"
+              }
+            ],
+            default: "local"
+          }
+        ])).mode);
+        let u;
+        if (e.skipMigrate && e.skipSeed ? u = !1 : r ? u = !e.skipMigrate || !e.skipSeed : u = (await m.prompt([
           {
             type: "confirm",
             name: "shouldSetup",
             message: "Would you like to run migrations and seed the database?",
             default: !0
           }
-        ]);
-        if (A) {
-          const y = await d.prompt([
+        ])).shouldSetup, u) {
+          let c;
+          if (e.email && e.password ? (/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(e.email) || (console.error("❌ Invalid email address provided"), process.exit(1)), e.password.length < 8 && (console.error("❌ Password must be at least 8 characters"), process.exit(1)), c = {
+            username: e.email,
+            password: e.password
+          }, console.log(`Using admin email: ${e.email}`)) : c = await m.prompt([
             {
               type: "input",
               name: "username",
               message: "Admin email:",
               default: "admin@example.com",
-              validate: (g) => /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(g) || "Please enter a valid email address"
+              validate: (p) => /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(p) || "Please enter a valid email address"
             },
             {
               type: "password",
               name: "password",
               message: "Admin password:",
               mask: "*",
-              validate: (g) => g.length < 8 ? "Password must be at least 8 characters" : !0
+              validate: (p) => p.length < 8 ? "Password must be at least 8 characters" : !0
             }
-          ]);
-          console.log(`
+          ]), !e.skipMigrate) {
+            console.log(`
 🔄 Running migrations...
-`), await u(`${i} run migrate`, e), console.log(`
+`);
+            const p = a === "cloudflare-simple" && w === "remote" ? `${s} run db:migrate:remote` : `${s} run migrate`;
+            await v(p, t);
+          }
+          if (!e.skipSeed)
+            if (console.log(`
 🌱 Seeding database...
-`), await k(`${i} run seed`, e, {
-            ADMIN_EMAIL: y.username,
-            ADMIN_PASSWORD: y.password
-          });
+`), a === "local")
+              await S(
+                `${s} run seed`,
+                t,
+                {
+                  ADMIN_EMAIL: c.username,
+                  ADMIN_PASSWORD: c.password
+                }
+              );
+            else {
+              const p = w === "remote" ? `${s} run seed:remote` : `${s} run seed:local`;
+              await S(p, t, {
+                ADMIN_EMAIL: c.username,
+                ADMIN_PASSWORD: c.password
+              });
+            }
         }
       }
-      const { shouldStart: S } = await d.prompt([
+      let y;
+      if (e.skipStart || r ? y = !1 : y = (await m.prompt([
         {
           type: "confirm",
           name: "shouldStart",
           message: "Would you like to start the development server?",
           default: !0
         }
-      ]);
-      S && (console.log(`
-🚀 Starting development server...
-`), await u(`${i} run dev`, e));
-    } catch (p) {
+      ])).shouldStart, y) {
+        console.log(`
+🚀 Starting development server on https://localhost:3000 ...
+`);
+        const u = a === "cloudflare-simple" && w === "remote" ? `${s} run dev:remote` : `${s} run dev`;
+        await v(u, t);
+      }
+      r && !y && (console.log(`
+✅ Setup complete!`), console.log(`
+To start the development server:`), console.log(`  cd ${o}`), console.log(a === "cloudflare-simple" && w === "remote" ? "  npm run dev:remote" : "  npm run dev"), a === "cloudflare-simple" && console.log(`
+Server will be available at: https://localhost:3000`));
+    } catch (d) {
       console.error(`
-❌ An error occurred:`, p);
+❌ An error occurred:`, d), process.exit(1);
     }
   }
-  h || (console.log("Next steps:"), console.log(`  cd ${t}`), a === "local" ? (console.log("  npm install"), console.log("  npm run migrate"), console.log("  npm run seed -- <email> <password>"), console.log("  npm run dev")) : (console.log("  npm install"), console.log("  npm run db:migrate"), console.log("  npm run seed"), console.log("  npm run dev")), console.log(`
+  h || (console.log("Next steps:"), console.log(`  cd ${o}`), a === "local" ? (console.log("  npm install"), console.log("  npm run migrate"), console.log(
+    "  ADMIN_EMAIL=admin@example.com ADMIN_PASSWORD=yourpassword npm run seed"
+  ), console.log("  npm run dev")) : a === "cloudflare-simple" ? (console.log("  npm install"), console.log(
+    "  npm run migrate  # or npm run db:migrate:remote for production"
+  ), console.log(
+    "  ADMIN_EMAIL=admin@example.com ADMIN_PASSWORD=yourpassword npm run seed"
+  ), console.log("  npm run dev  # or npm run dev:remote for production"), console.log(`
+Server will be available at: https://localhost:3000`)) : (console.log("  npm install"), console.log("  npm run db:migrate"), console.log("  npm run seed"), console.log("  npm run dev")), console.log(`
 For more information, visit: https://authhero.net/docs
 `));
 });
-w.parse(process.argv);
+b.parse(process.argv);

package/index.js

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+
+import './dist/create-authhero.js'

package/package.json

@@ -5,14 +5,15 @@
     "type": "git",
     "url": "https://github.com/markusahlstrand/authhero"
   },
-  "version": "0.6.0",
+  "version": "0.8.0",
   "type": "module",
   "main": "dist/create-authhero.js",
   "bin": {
-    "create-authhero": "dist/create-authhero.js"
+    "create-authhero": "index.js"
   },
   "files": [
-    "dist"
+    "dist",
+    "index.js"
   ],
   "devDependencies": {
     "@rollup/plugin-commonjs": "^26.0.1",