create-backlist 2.0.0 → 3.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) [2025] [W.A.H.ISHAN]
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,97 @@
+# 🚀 Create Backlist
+
+[![NPM Version](https://img.shields.io/npm/v/create-backlist.svg)](https://www.npmjs.com/package/create-backlist)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+Tired of manually creating backend boilerplate every time you build a frontend? **`create-backlist`** is an intelligent CLI tool that analyzes your frontend project and automatically generates a backend with all the necessary routes and controllers, saving you hours of repetitive work.
+
+It's not just another scaffolder; it's a **context-aware, dynamic code generator** that builds a backend tailor-made for your frontend's specific API needs.
+
+![Demo GIF (Optional: Add a GIF of your tool in action here)](link-to-your-demo-gif.gif)
+
+## ✨ Key Features
+
+-   **🤖 Intelligent Code Analysis:** Scans your frontend codebase (React, Vue, etc.) using Abstract Syntax Trees (ASTs) to detect API calls (`fetch` requests).
+-   **🌐 Multi-Language Support:** Generate a backend in your preferred stack.
+    -   ✅ **Currently Supports:**
+        -   Node.js (with TypeScript & Express)
+        -   C# (with ASP.NET Core Web API)
+    -   ⏳ **Coming Soon:**
+        -   Python (with FastAPI)
+        -   Java (with Spring Boot)
+-   **⚡️ Fully Automated:** A single command handles everything from project scaffolding to dependency installation.
+-   **🔧 Zero-Configuration:** No complex config files needed. Just run the command and answer a few simple questions.
+-   **🧼 Clean Code Generation:** Creates a well-structured backend, ready for you to implement your business logic.
+
+## 📦 Installation & Usage
+
+No global installation needed! Just run this command inside your existing frontend project's root directory:
+
+```bash
+npm create backlist@latest
+```
+
+The tool will then guide you through an interactive setup process:
+
+1.  **Enter a name for your backend directory:** (default: `backend`)
+2.  **Select the backend stack:** (e.g., `Node.js (TypeScript, Express)`)
+3.  **Enter the path to your frontend `src` directory:** (default: `src`)
+
+That's it! The tool will analyze your code, generate the backend in a new directory, and install all the necessary dependencies.
+
+### Example
+
+Let's say your frontend has this API call:
+
+```javascript
+// in your React component
+fetch('/api/products/123', { method: 'PUT' });
+```
+
+`create-backlist` will automatically generate a backend with a `products` controller and a `PUT` route for `products/:id`.
+
+## 💡 How It's Different from Other Tools
+
+| Tool                  | Approach                               | Use Case                                                    |
+| --------------------- | -------------------------------------- | ----------------------------------------------------------- |
+| **Express Generator** | Static Scaffolding                     | Quickly start a *new, empty* Express project.               |
+| **NestJS CLI**        | Static Scaffolding & Code Generation | Start a *new, structured* NestJS project and add parts manually. |
+| **`create-backlist`** | **Dynamic & Context-Aware Scaffolding** | Generate a backend that is **tailor-made** for an *existing* frontend. |
+
+While traditional generators give you a blank canvas, `create-backlist` looks at your finished painting (the frontend) and builds the perfect frame (the backend) for it.
+
+## 🗺️ Roadmap
+
+`create-backlist` is actively being developed. Here are some of the features planned for future releases:
+
+-   [ ] **Python Support:** Generate a backend using FastAPI.
+-   [ ] **Java Support:** Generate a backend using Spring Boot.
+-   [ ] **Database Model Generation:** Automatically create basic database models (e.g., Mongoose, Prisma) based on `POST`/`PUT` request bodies.
+-   [ ] **Authentication Boilerplate:** Add an option to generate basic JWT-based authentication routes (`/login`, `/register`).
+
+Have an idea for a new feature? Feel free to [open an issue](https://github.com/WAH-ISHAN/create-backlist/issues) on GitHub!
+
+## 🛠️ Contributing
+
+Contributions are what make the open-source community such an amazing place to learn, inspire, and create. Any contributions you make are **greatly appreciated**.
+
+1.  Fork the Project
+2.  Create your Feature Branch (`git checkout -b feature/AmazingFeature`)
+3.  Commit your Changes (`git commit -m 'Add some AmazingFeature'`)
+4.  Push to the Branch (`git push origin feature/AmazingFeature`)
+5.  Open a Pull Request
+
+## 📄 License
+
+This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
+
+## 🙏 Acknowledgements
+
+-   **Babel** for the amazing AST parser.
+-   **Inquirer.js** for the interactive CLI prompts.
+-   **fs-extra** for making file system operations a breeze.
+-   **Google's Gemini** for assistance with brainstorming and debugging.
+
+---
+
+_Built with ❤️ by [W.A.H. ISHAN](https://github.com/WAH-ISHAN)._

package/bin/index.js

@@ -38,11 +38,21 @@ async function main() {
         name: 'srcPath',
         message: 'Enter the path to your frontend `src` directory:',
         default: 'src',
+    },
+    // --- NEW QUESTION FOR V3.0 ---
+    {
+      type: 'confirm',
+      name: 'addAuth',
+      message: 'Do you want to add basic JWT authentication? (generates a User model, login/register routes)',
+      default: true,
+      // This question will only be asked if the user selects the Node.js stack
+      when: (answers) => answers.stack === 'node-ts-express'
     }
   ]);
 
+  // Pass all answers to the options object
   const options = {
-    ...answers,
+    ...answers, 
     projectDir: path.resolve(process.cwd(), answers.projectName),
     frontendSrcDir: path.resolve(process.cwd(), answers.srcPath),
   };
@@ -53,7 +63,7 @@ async function main() {
     // --- Dispatcher Logic ---
     switch (options.stack) {
       case 'node-ts-express':
-        await generateNodeProject(options);
+        await generateNodeProject(options); // Pass the entire options object
         break;
 
       case 'dotnet-webapi':
@@ -61,6 +71,7 @@ async function main() {
           throw new Error('.NET SDK is not installed. Please install it from https://dotnet.microsoft.com/download');
         }
         await generateDotnetProject(options);
+
         break;
       
       default:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-backlist",
-  "version": "2.0.0",
+  "version": "3.0.0",
   "description": "An advanced, multi-language backend generator based on frontend analysis.",
   "type": "commonjs",
   "bin": {

package/src/generators/node.js

@@ -5,137 +5,163 @@ const path = require('path');
 const { analyzeFrontend } = require('../analyzer');
 const { renderAndWrite, getTemplatePath } = require('./template');
 
-/**
- * Generate a Node.js + TypeScript (Express) backend project automatically.
- */
 async function generateNodeProject(options) {
-  const { projectDir, projectName, frontendSrcDir } = options;
+  const { projectDir, projectName, frontendSrcDir, addAuth } = options;
 
   try {
-    // --- Step 1: Analyze Frontend ---
-    console.log(chalk.blue(' -> Analyzing frontend for API endpoints...'));
+    // --- Step 1: Analyze Frontend to get Endpoints and Schema Info ---
+    console.log(chalk.blue('  -> Analyzing frontend for API endpoints...'));
     const endpoints = await analyzeFrontend(frontendSrcDir);
-
     if (endpoints.length > 0) {
-      console.log(chalk.green(` -> Found ${endpoints.length} endpoints.`));
+      console.log(chalk.green(`  -> Found ${endpoints.length} endpoints.`));
     } else {
-      console.log(
-        chalk.yellow(' -> No API endpoints found. A basic project will be created.')
-      );
+      console.log(chalk.yellow('  -> No API endpoints found. A basic project will be created.'));
     }
 
-    // --- Step 2: Scaffold Base Project ---
-    console.log(chalk.blue('  -> Scaffolding Node.js (Express + TS) project...'));
-
-    const baseDir = getTemplatePath('node-ts-express/base');
-    const serverTemplatePath = path.join(baseDir, 'server.ts');
-    const tsconfigTemplatePath = path.join(baseDir, 'tsconfig.json');
-
-    const destSrcDir = path.join(projectDir, 'src');
-    const serverDestPath = path.join(destSrcDir, 'server.ts');
-    const tsconfigDestPath = path.join(projectDir, 'tsconfig.json');
-
-    await fs.ensureDir(destSrcDir);
-    await fs.copy(serverTemplatePath, serverDestPath);
-    await fs.copy(tsconfigTemplatePath, tsconfigDestPath);
-
-    console.log(chalk.gray('    -> Base server.ts and tsconfig.json copied.'));
-
-    // --- Step 3: Generate package.json and routes.ts ---
-    await renderAndWrite(
-      getTemplatePath('node-ts-express/partials/package.json.ejs'),
-      path.join(projectDir, 'package.json'),
-      { projectName }
-    );
-
-    await renderAndWrite(
-      getTemplatePath('node-ts-express/partials/routes.ts.ejs'),
-      path.join(destSrcDir, 'routes.ts'),
-      { endpoints }
-    );
-
-    console.log(chalk.gray('    -> package.json and routes.ts generated.'));
-
-    // --- Step 4: Analyze endpoints for models/controllers ---
+    // --- Step 2: Identify which Database Models to Generate ---
     const modelsToGenerate = new Map();
-
-    endpoints.forEach((ep) => {
-      if (ep.schemaFields && !modelsToGenerate.has(ep.controllerName)) {
+    endpoints.forEach(ep => {
+      if (ep.schemaFields && ep.controllerName !== 'Default' && !modelsToGenerate.has(ep.controllerName)) {
         modelsToGenerate.set(ep.controllerName, ep.schemaFields);
       }
     });
 
-    // --- Step 5: Generate Models and Controllers if applicable ---
-    if (modelsToGenerate.size > 0) {
-      console.log(chalk.blue(' -> Generating database models and controllers...'));
+    // If auth is enabled, we MUST have a 'User' model.
+    if (addAuth && !modelsToGenerate.has('User')) {
+      console.log(chalk.yellow('  -> Authentication requires a "User" model. Creating a default one.'));
+      modelsToGenerate.set('User', { name: 'String', email: 'String', password: 'String' });
+    }
 
-      await fs.ensureDir(path.join(projectDir, 'src', 'models'));
-      await fs.ensureDir(path.join(projectDir, 'src', 'controllers'));
+    // --- Step 3: Scaffold Base Project Structure & Files ---
+    console.log(chalk.blue('  -> Scaffolding Node.js (Express + TS) project...'));
+    const destSrcDir = path.join(projectDir, 'src');
+    await fs.ensureDir(destSrcDir);
+    await fs.copy(getTemplatePath('node-ts-express/base/server.ts'), path.join(destSrcDir, 'server.ts'));
+    await fs.copy(getTemplatePath('node-ts-express/base/tsconfig.json'), path.join(projectDir, 'tsconfig.json'));
+    
+    // --- Step 4: Prepare and Write package.json ---
+    const packageJsonContent = JSON.parse(
+      await ejs.renderFile(getTemplatePath('node-ts-express/partials/package.json.ejs'), { projectName })
+    );
 
-      for (const [modelName, schema] of modelsToGenerate.entries()) {
-        // Generate Model file
+    if (modelsToGenerate.size > 0 || addAuth) {
+      packageJsonContent.dependencies['mongoose'] = '^7.5.0';
+    }
+    if (addAuth) {
+      packageJsonContent.dependencies['jsonwebtoken'] = '^9.0.2';
+      packageJsonContent.dependencies['bcryptjs'] = '^2.4.3';
+      packageJsonContent.devDependencies['@types/jsonwebtoken'] = '^9.0.2';
+      packageJsonContent.devDependencies['@types/bcryptjs'] = '^2.4.2';
+    }
+    await fs.writeJson(path.join(projectDir, 'package.json'), packageJsonContent, { spaces: 2 });
+    
+    // --- Step 5: Generate Models and Controllers ---
+    if (modelsToGenerate.size > 0) {
+      console.log(chalk.blue('  -> Generating database models and controllers...'));
+      await fs.ensureDir(path.join(destSrcDir, 'models'));
+      await fs.ensureDir(path.join(destSrcDir, 'controllers'));
+
+      for (let [modelName, schema] of modelsToGenerate.entries()) {
+        if (addAuth && modelName === 'User') {
+          schema = { name: 'String', email: 'String', password: 'String', ...schema };
+        }
         await renderAndWrite(
           getTemplatePath('node-ts-express/partials/Model.ts.ejs'),
-          path.join(projectDir, 'src', 'models', `${modelName}.model.ts`),
+          path.join(destSrcDir, 'models', `${modelName}.model.ts`),
           { modelName, schema }
         );
-
-        // Generate Controller file
         await renderAndWrite(
           getTemplatePath('node-ts-express/partials/Controller.ts.ejs'),
-          path.join(projectDir, 'src', 'controllers', `${modelName}.controller.ts`),
+          path.join(destSrcDir, 'controllers', `${modelName}.controller.ts`),
           { modelName }
         );
       }
-
-      console.log(chalk.gray('    -> Models and controllers generated.'));
+    }
+    
+    // --- Step 6 (v3.0): Generate Authentication Boilerplate ---
+    if (addAuth) {
+        console.log(chalk.blue('  -> Generating authentication boilerplate...'));
+        await fs.ensureDir(path.join(destSrcDir, 'routes'));
+        await fs.ensureDir(path.join(destSrcDir, 'middleware'));
+
+        await renderAndWrite(getTemplatePath('node-ts-express/partials/Auth.controller.ts.ejs'), path.join(destSrcDir, 'controllers', 'Auth.controller.ts'), {});
+        await renderAndWrite(getTemplatePath('node-ts-express/partials/Auth.routes.ts.ejs'), path.join(destSrcDir, 'routes', 'Auth.routes.ts'), {});
+        await renderAndWrite(getTemplatePath('node-ts-express/partials/Auth.middleware.ts.ejs'), path.join(destSrcDir, 'middleware', 'Auth.middleware.ts'), {});
+
+        // Modify the User model to add password hashing
+        const userModelPath = path.join(destSrcDir, 'models', 'User.model.ts');
+        if (await fs.pathExists(userModelPath)) {
+            let userModelContent = await fs.readFile(userModelPath, 'utf-8');
+            if (!userModelContent.includes('bcryptjs')) {
+                userModelContent = userModelContent.replace(`import mongoose, { Schema, Document } from 'mongoose';`, `import mongoose, { Schema, Document } from 'mongoose';\nimport bcrypt from 'bcryptjs';`);
+                const preSaveHook = `
+// Hash password before saving
+UserSchema.pre('save', async function(next) {
+  if (!this.isModified('password')) {
+    return next();
+  }
+  const salt = await bcrypt.genSalt(10);
+  this.password = await bcrypt.hash(this.password, salt);
+  next();
+});
+`;
+                userModelContent = userModelContent.replace(`// Create and export the Model`, `${preSaveHook}\n// Create and export the Model`);
+                await fs.writeFile(userModelPath, userModelContent);
+            }
+        }
     }
 
-    // --- Step 6: Modify server.ts ---
-    if (!(await fs.pathExists(serverDestPath))) {
-      throw new Error(`Critical error: server.ts was not found at ${serverDestPath}.`);
+    // --- Step 7: Generate the Main Route File ---
+    console.log(chalk.gray('    -> Generating dynamic API routes...'));
+    await renderAndWrite(getTemplatePath('node-ts-express/partials/routes.ts.ejs'), path.join(destSrcDir, 'routes.ts'), { endpoints, addAuth });
+    
+    // --- Step 8: Inject Logic into Main Server File ---
+    let serverFileContent = await fs.readFile(path.join(destSrcDir, 'server.ts'), 'utf-8');
+    
+    let dbConnectionCode = '';
+    if (modelsToGenerate.size > 0 || addAuth) {
+      dbConnectionCode = `
+// --- Database Connection ---
+import mongoose from 'mongoose';
+const MONGO_URI = process.env.MONGO_URI || 'mongodb://127.0.0.1:27017/${projectName}';
+mongoose.connect(MONGO_URI)
+  .then(() => console.log('MongoDB Connected...'))
+  .catch(err => console.error('MongoDB Connection Error:', err));
+// -------------------------
+`;
     }
 
-    let serverFileContent = await fs.readFile(serverDestPath, 'utf-8');
-    serverFileContent = serverFileContent.replace(
-      '// INJECT:ROUTES',
-      `import apiRoutes from './routes';\napp.use(apiRoutes);`
-    );
-    await fs.writeFile(serverDestPath, serverFileContent);
+    let authRoutesInjector = '';
+    if (addAuth) {
+        authRoutesInjector = `import authRoutes from './routes/Auth.routes';\napp.use('/api/auth', authRoutes);\n\n`;
+    }
 
-    console.log(chalk.gray('    -> server.ts modified successfully.'));
+    serverFileContent = serverFileContent
+      .replace("dotenv.config();", `dotenv.config();\n${dbConnectionCode}`)
+      .replace('// INJECT:ROUTES', `${authRoutesInjector}import apiRoutes from './routes';\napp.use('/api', apiRoutes);`); // Changed to /api
+      
+    await fs.writeFile(path.join(destSrcDir, 'server.ts'), serverFileContent);
 
-    // --- Step 7: Install dependencies ---
-    console.log(chalk.magenta('  -> Installing dependencies (npm install)...'));
+    // --- Step 9: Install All Dependencies ---
+    console.log(chalk.magenta('  -> Installing all dependencies... This might take a moment.'));
     await execa('npm', ['install'], { cwd: projectDir });
 
-    // --- Step 8: Add mongoose if models were generated ---
-    if (modelsToGenerate.size > 0) {
-      console.log(chalk.gray(' -> Adding Mongoose to dependencies...'));
-
-      const packageJsonPath = path.join(projectDir, 'package.json');
-      const packageJson = await fs.readJson(packageJsonPath);
-      packageJson.dependencies = packageJson.dependencies || {};
-      packageJson.dependencies['mongoose'] = '^7.5.0';
-
-      await fs.writeJson(packageJsonPath, packageJson, { spaces: 2 });
-
-      console.log(chalk.magenta('  -> Installing new dependencies (mongoose)...'));
-      await execa('npm', ['install'], { cwd: projectDir });
-    }
-
-    // --- Step 9: Generate README ---
+    // --- Step 10: Generate Final Files (README, .env.example) ---
     await renderAndWrite(
       getTemplatePath('node-ts-express/partials/README.md.ejs'),
       path.join(projectDir, 'README.md'),
       { projectName }
     );
+    
+    if (addAuth) {
+        const envExampleContent = `PORT=8000\nMONGO_URI=mongodb://127.0.0.1:27017/${projectName}\nJWT_SECRET=your_super_secret_jwt_key_123`;
+        await fs.writeFile(path.join(projectDir, '.env.example'), envExampleContent);
+    }
+
 
-    console.log(chalk.green('✅ Project generation completed successfully!'));
   } catch (error) {
-    console.error(chalk.red('❌ Error generating Node project:'), error);
-    throw error; // Pass to main CLI handler
+    throw error;
   }
 }
 
-module.exports = { generateNodeProject };
+module.exports = { generateNodeProject };

package/src/templates/node-ts-express/partials/Auth.controller.ts.ejs

@@ -0,0 +1,89 @@
+// Auto-generated by create-backlist v3.0 on <%= new Date().toISOString() %>
+import { Request, Response } from 'express';
+import bcrypt from 'bcryptjs';
+import jwt from 'jsonwebtoken';
+import User, { IUser } from '../models/User.model'; // We assume the model is named 'User'
+
+// @desc    Register a new user
+export const registerUser = async (req: Request, res: Response) => {
+  const { name, email, password } = req.body;
+
+  try {
+    // Check if user already exists
+    let user = await User.findOne({ email });
+    if (user) {
+      return res.status(400).json({ message: 'User already exists' });
+    }
+
+    // Create a new user instance
+    user = new User({
+      name,
+      email,
+      password, // Password will be hashed by the pre-save hook in the model
+    });
+
+    // Save the user to the database
+    await user.save();
+
+    // Create JWT Payload
+    const payload = {
+      user: {
+        id: user.id,
+      },
+    };
+
+    // Sign the token
+    jwt.sign(
+      payload,
+      process.env.JWT_SECRET as string,
+      { expiresIn: '5h' }, // Token expires in 5 hours
+      (err, token) => {
+        if (err) throw err;
+        res.status(201).json({ token });
+      }
+    );
+  } catch (error) {
+    console.error(error);
+    res.status(500).send('Server Error');
+  }
+};
+
+// @desc    Authenticate user & get token (Login)
+export const loginUser = async (req: Request, res: Response) => {
+  const { email, password } = req.body;
+
+  try {
+    // Check if user exists
+    const user = await User.findOne({ email });
+    if (!user) {
+      return res.status(400).json({ message: 'Invalid Credentials' });
+    }
+
+    // Compare entered password with stored hashed password
+    const isMatch = await bcrypt.compare(password, user.password);
+    if (!isMatch) {
+      return res.status(400).json({ message: 'Invalid Credentials' });
+    }
+
+    // Create JWT Payload
+    const payload = {
+      user: {
+        id: user.id,
+      },
+    };
+
+    // Sign the token
+    jwt.sign(
+      payload,
+      process.env.JWT_SECRET as string,
+      { expiresIn: '5h' },
+      (err, token) => {
+        if (err) throw err;
+        res.json({ token });
+      }
+    );
+  } catch (error) {
+    console.error(error);
+    res.status(500).send('Server Error');
+  }
+};

package/src/templates/node-ts-express/partials/Auth.middleware.ts.ejs

@@ -0,0 +1,27 @@
+// Auto-generated by create-backlist v3.0 on <%= new Date().toISOString() %>
+import { Request, Response, NextFunction } from 'express';
+import jwt from 'jsonwebtoken';
+
+// Extend the default Request interface to include our 'user' property
+interface AuthRequest extends Request {
+  user?: any;
+}
+
+export const protect = (req: AuthRequest, res: Response, next: NextFunction) => {
+  // Get token from header
+  const token = req.header('x-auth-token');
+
+  // Check if not token
+  if (!token) {
+    return res.status(401).json({ message: 'No token, authorization denied' });
+  }
+
+  // Verify token
+  try {
+    const decoded = jwt.verify(token, process.env.JWT_SECRET as string);
+    req.user = decoded.user;
+    next();
+  } catch (err) {
+    res.status(401).json({ message: 'Token is not valid' });
+  }
+};

package/src/templates/node-ts-express/partials/Auth.routes.ts.ejs

@@ -0,0 +1,15 @@
+// Auto-generated by create-backlist v3.0 on <%= new Date().toISOString() %>
+import { Router } from 'express';
+import { registerUser, loginUser } from '../controllers/Auth.controller';
+
+const router = Router();
+
+// @route   POST /api/auth/register
+// @desc    Register a new user
+router.post('/register', registerUser);
+
+// @route   POST /api/auth/login
+// @desc    Authenticate user and get token
+router.post('/login', loginUser);
+
+export default router;

package/src/templates/node-ts-express/partials/routes.ts.ejs

@@ -1,4 +1,4 @@
-// Auto-generated by create-backlist on <%= new Date().toISOString() %>
+// Auto-generated by create-backlist v3.0 on <%= new Date().toISOString() %>
 import { Router, Request, Response } from 'express';
 <%# Create a unique set of controller names from the endpoints array %>
 <% const controllersToImport = new Set(endpoints.map(ep => ep.controllerName).filter(name => name !== 'Default')); %>
@@ -8,6 +8,11 @@ import { Router, Request, Response } from 'express';
 import * as <%= controller %>Controller from '../controllers/<%= controller %>.controller';
 <% } %>
 
+<%# Import the protect middleware only if authentication is enabled %>
+<% if (addAuth) { %>
+import { protect } from '../middleware/Auth.middleware';
+<% } %>
+
 const router = Router();
 
 <%# Loop through each endpoint found by the analyzer %>
@@ -19,41 +24,40 @@ const router = Router();
   let handlerFunction;
 
   // --- LOGIC TO MAP ENDPOINT TO A CRUD CONTROLLER FUNCTION ---
-  // This logic assumes a standard RESTful API structure.
-  
   if (controllerName !== 'Default') {
     if (endpoint.method === 'POST' && !expressPath.includes(':')) {
-      // e.g., POST /users -> create a new user
       handlerFunction = `${controllerName}Controller.create${controllerName}`;
     } else if (endpoint.method === 'GET' && !expressPath.includes(':')) {
-      // e.g., GET /users -> get all users
       handlerFunction = `${controllerName}Controller.getAll${controllerName}s`;
     } else if (endpoint.method === 'GET' && expressPath.includes(':')) {
-      // e.g., GET /users/:id -> get a single user by ID
       handlerFunction = `${controllerName}Controller.get${controllerName}ById`;
     } else if (endpoint.method === 'PUT' && expressPath.includes(':')) {
-      // e.g., PUT /users/:id -> update a user by ID
       handlerFunction = `${controllerName}Controller.update${controllerName}ById`;
     } else if (endpoint.method === 'DELETE' && expressPath.includes(':')) {
-      // e.g., DELETE /users/:id -> delete a user by ID
       handlerFunction = `${controllerName}Controller.delete${controllerName}ById`;
     }
   }
 
-  // If no specific CRUD function matches, or if it's a default/unhandled route,
-  // create a simple placeholder function.
+  // If no specific CRUD function matches, create a placeholder handler.
   if (!handlerFunction) {
     handlerFunction = `(req: Request, res: Response) => {
-      // TODO: Implement logic for this custom endpoint
       res.status(501).json({ message: 'Handler not implemented for <%= endpoint.method %> <%= expressPath %>' });
     }`;
   }
+
+  // --- V3.0 AUTH LOGIC: Decide if the route should be protected ---
+  // We protect all routes that modify data (POST, PUT, DELETE) if auth is enabled.
+  // We leave GET routes public by default. This is a common pattern.
+  const middleware = (addAuth && (endpoint.method === 'POST' || endpoint.method === 'PUT' || endpoint.method === 'DELETE')) 
+    ? 'protect, ' 
+    : '';
 %>
 /**
  * Route for <%= endpoint.method.toUpperCase() %> <%= endpoint.path %>
  * Mapped to: <%- handlerFunction.includes('=>') ? 'Inline Handler' : handlerFunction %>
+ * Protected: <%= middleware ? 'Yes' : 'No' %>
  */
-router.<%= endpoint.method.toLowerCase() %>('<%- expressPath %>', <%- handlerFunction %>);
+router.<%= endpoint.method.toLowerCase() %>('<%- expressPath %>', <%- middleware %><%- handlerFunction %>);
 
 <% }); %>