create-backlist 6.0.3 → 6.0.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-backlist",
-  "version": "6.0.3",
+  "version": "6.0.4",
   "description": "An advanced, multi-language backend generator based on frontend analysis.",
   "type": "commonjs",
   "bin": {

package/src/analyzer.js

@@ -1,44 +1,134 @@
-const fs = require('fs-extra');
-const { glob } = require('glob');
-const parser = require('@babel/parser');
-const traverse = require('@babel/traverse').default;
+/* eslint-disable @typescript-eslint/no-var-requires */
+const fs = require("fs-extra");
+const path = require("path");
+const { glob } = require("glob");
 
-const HTTP_METHODS = new Set(['get', 'post', 'put', 'patch', 'delete']);
+const parser = require("@babel/parser");
+const traverse = require("@babel/traverse").default;
 
+const HTTP_METHODS = new Set(["get", "post", "put", "patch", "delete"]);
+
+// -------------------------
+// Small utils
+// -------------------------
+function normalizeSlashes(p) {
+  return String(p || "").replace(/\\/g, "/");
+}
+
+function readJSONSafe(p) {
+  try {
+    return fs.readJsonSync(p);
+  } catch {
+    return null;
+  }
+}
+
+// -------------------------
+// AUTH detection (for addAuth)
+// -------------------------
+function findAuthUsageInRepo(rootDir) {
+  // 1) package.json quick check
+  const pkgPath = path.join(rootDir, "package.json");
+  const pkg = readJSONSafe(pkgPath) || {};
+  const deps = { ...(pkg.dependencies || {}), ...(pkg.devDependencies || {}) };
+
+  const authDeps = [
+    "next-auth",
+    "@auth/core",
+    "@clerk/nextjs",
+    "@supabase/auth-helpers-nextjs",
+    "@supabase/supabase-js",
+    "firebase",
+    "lucia",
+  ];
+
+  if (authDeps.some((d) => deps[d])) return true;
+
+  // 2) Source scan for common auth identifiers
+  const scanDirs = ["src", "app", "pages", "components", "lib", "utils"]
+    .map((d) => path.join(rootDir, d))
+    .filter((d) => fs.existsSync(d));
+
+  const patterns = [
+    "next-auth",
+    "getServerSession",
+    "useSession",
+    "SessionProvider",
+    "@clerk/nextjs",
+    "ClerkProvider",
+    "auth()",
+    "currentUser",
+    "createServerClient",
+  ];
+
+  for (const dir of scanDirs) {
+    const files = glob.sync(`${normalizeSlashes(dir)}/**/*.{js,ts,jsx,tsx}`, {
+      ignore: [
+        "**/node_modules/**",
+        "**/dist/**",
+        "**/build/**",
+        "**/.next/**",
+        "**/coverage/**",
+      ],
+    });
+
+    for (const f of files) {
+      try {
+        const content = fs.readFileSync(f, "utf8");
+        if (patterns.some((p) => content.includes(p))) return true;
+      } catch {
+        // ignore read errors
+      }
+    }
+  }
+
+  return false;
+}
+
+// -------------------------
+// Frontend API call analyzer (your code)
+// -------------------------
 function toTitleCase(str) {
-  if (!str) return 'Default';
+  if (!str) return "Default";
   return String(str)
     .replace(/[-_]+(\w)/g, (_, c) => c.toUpperCase())
-    .replace(/^\w/, c => c.toUpperCase())
-    .replace(/[^a-zA-Z0-9]/g, '');
+    .replace(/^\w/, (c) => c.toUpperCase())
+    .replace(/[^a-zA-Z0-9]/g, "");
 }
 
 function normalizeRouteForBackend(urlValue) {
-  return urlValue.replace(/\{(\w+)\}/g, ':$1');
+  return urlValue.replace(/\{(\w+)\}/g, ":$1");
 }
 
 function inferTypeFromNode(node) {
-  if (!node) return 'String';
+  if (!node) return "String";
   switch (node.type) {
-    case 'StringLiteral': return 'String';
-    case 'NumericLiteral': return 'Number';
-    case 'BooleanLiteral': return 'Boolean';
-    case 'NullLiteral': return 'String';
-    default: return 'String';
+    case "StringLiteral":
+      return "String";
+    case "NumericLiteral":
+      return "Number";
+    case "BooleanLiteral":
+      return "Boolean";
+    case "NullLiteral":
+      return "String";
+    default:
+      return "String";
   }
 }
 
 function extractObjectSchema(objExpr) {
   const schemaFields = {};
-  if (!objExpr || objExpr.type !== 'ObjectExpression') return null;
+  if (!objExpr || objExpr.type !== "ObjectExpression") return null;
 
   for (const prop of objExpr.properties) {
-    if (prop.type !== 'ObjectProperty') continue;
+    if (prop.type !== "ObjectProperty") continue;
 
     const key =
-      prop.key.type === 'Identifier' ? prop.key.name :
-      prop.key.type === 'StringLiteral' ? prop.key.value :
-      null;
+      prop.key.type === "Identifier"
+        ? prop.key.name
+        : prop.key.type === "StringLiteral"
+          ? prop.key.value
+          : null;
 
     if (!key) continue;
     schemaFields[key] = inferTypeFromNode(prop.value);
@@ -46,14 +136,14 @@ function extractObjectSchema(objExpr) {
   return schemaFields;
 }
 
-function resolveIdentifierToInit(path, identifierName) {
+function resolveIdentifierToInit(pathObj, identifierName) {
   try {
-    const binding = path.scope.getBinding(identifierName);
+    const binding = pathObj.scope.getBinding(identifierName);
     if (!binding) return null;
     const declPath = binding.path;
     if (!declPath || !declPath.node) return null;
 
-    if (declPath.node.type === 'VariableDeclarator') return declPath.node.init || null;
+    if (declPath.node.type === "VariableDeclarator") return declPath.node.init || null;
     return null;
   } catch {
     return null;
@@ -63,17 +153,16 @@ function resolveIdentifierToInit(path, identifierName) {
 function getUrlValue(urlNode) {
   if (!urlNode) return null;
 
-  if (urlNode.type === 'StringLiteral') return urlNode.value;
+  if (urlNode.type === "StringLiteral") return urlNode.value;
 
-  if (urlNode.type === 'TemplateLiteral') {
-    // `/api/users/${id}` -> `/api/users/{id}` or `{param1}`
+  if (urlNode.type === "TemplateLiteral") {
     const quasis = urlNode.quasis || [];
     const exprs = urlNode.expressions || [];
-    let out = '';
+    let out = "";
     for (let i = 0; i < quasis.length; i++) {
       out += quasis[i].value.raw;
       if (exprs[i]) {
-        if (exprs[i].type === 'Identifier') out += `{${exprs[i].name}}`;
+        if (exprs[i].type === "Identifier") out += `{${exprs[i].name}}`;
         else out += `{param${i + 1}}`;
       }
     }
@@ -84,26 +173,21 @@ function getUrlValue(urlNode) {
 }
 
 function extractApiPath(urlValue) {
-  // supports:
-  // - /api/...
-  // - http://localhost:5000/api/...
   if (!urlValue) return null;
-  const idx = urlValue.indexOf('/api/');
+  const idx = urlValue.indexOf("/api/");
   if (idx === -1) return null;
-  return urlValue.slice(idx); // => /api/...
+  return urlValue.slice(idx);
 }
 
 function deriveControllerNameFromUrl(urlValue) {
   const apiPath = extractApiPath(urlValue) || urlValue;
-  const parts = String(apiPath).split('/').filter(Boolean); // ["api","v1","products"]
-  const apiIndex = parts.indexOf('api');
+  const parts = String(apiPath).split("/").filter(Boolean);
+  const apiIndex = parts.indexOf("api");
 
   let seg = null;
 
   if (apiIndex >= 0) {
     seg = parts[apiIndex + 1] || null;
-
-    // skip version segment (v1, v2, v10...)
     if (seg && /^v\d+$/i.test(seg)) {
       seg = parts[apiIndex + 2] || seg;
     }
@@ -115,8 +199,8 @@ function deriveControllerNameFromUrl(urlValue) {
 }
 
 function deriveActionName(method, route) {
-  const cleaned = String(route).replace(/^\/api\//, '/').replace(/[/:{}-]/g, ' ');
-  const last = cleaned.trim().split(/\s+/).filter(Boolean).pop() || 'Action';
+  const cleaned = String(route).replace(/^\/api\//, "/").replace(/[/:{}-]/g, " ");
+  const last = cleaned.trim().split(/\s+/).filter(Boolean).pop() || "Action";
   return `${String(method).toLowerCase()}${toTitleCase(last)}`;
 }
 
@@ -130,21 +214,23 @@ function extractPathParams(route) {
 
 function extractQueryParamsFromUrl(urlValue) {
   try {
-    const qIndex = urlValue.indexOf('?');
+    const qIndex = urlValue.indexOf("?");
     if (qIndex === -1) return [];
     const qs = urlValue.slice(qIndex + 1);
-    return qs.split('&').map(p => p.split('=')[0]).filter(Boolean);
+    return qs
+      .split("&")
+      .map((p) => p.split("=")[0])
+      .filter(Boolean);
   } catch {
     return [];
   }
 }
 
 function detectAxiosLikeMethod(node) {
-  // axios.get(...) / api.get(...) / httpClient.post(...) etc
-  if (!node.callee || node.callee.type !== 'MemberExpression') return null;
+  if (!node.callee || node.callee.type !== "MemberExpression") return null;
 
   const prop = node.callee.property;
-  if (!prop || prop.type !== 'Identifier') return null;
+  if (!prop || prop.type !== "Identifier") return null;
 
   const name = prop.name.toLowerCase();
   if (!HTTP_METHODS.has(name)) return null;
@@ -153,22 +239,28 @@ function detectAxiosLikeMethod(node) {
 }
 
 async function analyzeFrontend(srcPath) {
+  if (!srcPath) throw new Error("analyzeFrontend: srcPath is required");
   if (!fs.existsSync(srcPath)) {
     throw new Error(`The source directory '${srcPath}' does not exist.`);
   }
 
-  const files = await glob(`${srcPath}/**/*.{js,ts,jsx,tsx}`, {
-    ignore: ['**/node_modules/**', '**/dist/**', '**/build/**', '**/.next/**']
+  const files = await glob(`${normalizeSlashes(srcPath)}/**/*.{js,ts,jsx,tsx}`, {
+    ignore: ["**/node_modules/**", "**/dist/**", "**/build/**", "**/.next/**", "**/coverage/**"],
   });
 
   const endpoints = new Map();
 
   for (const file of files) {
-    const code = await fs.readFile(file, 'utf-8');
+    let code;
+    try {
+      code = await fs.readFile(file, "utf-8");
+    } catch {
+      continue;
+    }
 
     let ast;
     try {
-      ast = parser.parse(code, { sourceType: 'module', plugins: ['jsx', 'typescript'] });
+      ast = parser.parse(code, { sourceType: "module", plugins: ["jsx", "typescript"] });
     } catch {
       continue;
     }
@@ -177,52 +269,56 @@ async function analyzeFrontend(srcPath) {
       CallExpression(callPath) {
         const node = callPath.node;
 
-        const isFetch = node.callee.type === 'Identifier' && node.callee.name === 'fetch';
+        const isFetch = node.callee.type === "Identifier" && node.callee.name === "fetch";
         const axiosMethod = detectAxiosLikeMethod(node);
 
         if (!isFetch && !axiosMethod) return;
 
         let urlValue = null;
-        let method = 'GET';
+        let method = "GET";
         let schemaFields = null;
 
-        // ---- fetch() ----
         if (isFetch) {
           urlValue = getUrlValue(node.arguments[0]);
           const optionsNode = node.arguments[1];
 
-          if (optionsNode && optionsNode.type === 'ObjectExpression') {
+          if (optionsNode && optionsNode.type === "ObjectExpression") {
             const methodProp = optionsNode.properties.find(
-              p => p.type === 'ObjectProperty' && p.key.type === 'Identifier' && p.key.name === 'method'
+              (p) =>
+                p.type === "ObjectProperty" &&
+                p.key.type === "Identifier" &&
+                p.key.name === "method"
             );
-            if (methodProp && methodProp.value.type === 'StringLiteral') {
+            if (methodProp && methodProp.value.type === "StringLiteral") {
               method = methodProp.value.value.toUpperCase();
             }
 
-            // body schema for POST/PUT/PATCH
-            if (['POST', 'PUT', 'PATCH'].includes(method)) {
+            if (["POST", "PUT", "PATCH"].includes(method)) {
               const bodyProp = optionsNode.properties.find(
-                p => p.type === 'ObjectProperty' && p.key.type === 'Identifier' && p.key.name === 'body'
+                (p) =>
+                  p.type === "ObjectProperty" &&
+                  p.key.type === "Identifier" &&
+                  p.key.name === "body"
               );
 
               if (bodyProp) {
                 const v = bodyProp.value;
 
                 if (
-                  v.type === 'CallExpression' &&
-                  v.callee.type === 'MemberExpression' &&
-                  v.callee.object.type === 'Identifier' &&
-                  v.callee.object.name === 'JSON' &&
-                  v.callee.property.type === 'Identifier' &&
-                  v.callee.property.name === 'stringify'
+                  v.type === "CallExpression" &&
+                  v.callee.type === "MemberExpression" &&
+                  v.callee.object.type === "Identifier" &&
+                  v.callee.object.name === "JSON" &&
+                  v.callee.property.type === "Identifier" &&
+                  v.callee.property.name === "stringify"
                 ) {
                   const arg0 = v.arguments[0];
 
-                  if (arg0?.type === 'ObjectExpression') {
+                  if (arg0?.type === "ObjectExpression") {
                     schemaFields = extractObjectSchema(arg0);
-                  } else if (arg0?.type === 'Identifier') {
+                  } else if (arg0?.type === "Identifier") {
                     const init = resolveIdentifierToInit(callPath, arg0.name);
-                    if (init?.type === 'ObjectExpression') schemaFields = extractObjectSchema(init);
+                    if (init?.type === "ObjectExpression") schemaFields = extractObjectSchema(init);
                   }
                 }
               }
@@ -230,27 +326,25 @@ async function analyzeFrontend(srcPath) {
           }
         }
 
-        // ---- axios-like client ----
         if (axiosMethod) {
           method = axiosMethod;
           urlValue = getUrlValue(node.arguments[0]);
 
-          if (['POST', 'PUT', 'PATCH'].includes(method)) {
+          if (["POST", "PUT", "PATCH"].includes(method)) {
             const dataArg = node.arguments[1];
-            if (dataArg?.type === 'ObjectExpression') {
+            if (dataArg?.type === "ObjectExpression") {
               schemaFields = extractObjectSchema(dataArg);
-            } else if (dataArg?.type === 'Identifier') {
+            } else if (dataArg?.type === "Identifier") {
               const init = resolveIdentifierToInit(callPath, dataArg.name);
-              if (init?.type === 'ObjectExpression') schemaFields = extractObjectSchema(init);
+              if (init?.type === "ObjectExpression") schemaFields = extractObjectSchema(init);
             }
           }
         }
 
-        // accept only URLs that contain /api/
         const apiPath = extractApiPath(urlValue);
         if (!apiPath) return;
 
-        const route = normalizeRouteForBackend(apiPath.split('?')[0]);
+        const route = normalizeRouteForBackend(apiPath.split("?")[0]);
         const controllerName = deriveControllerNameFromUrl(apiPath);
         const actionName = deriveActionName(method, route);
 
@@ -266,14 +360,31 @@ async function analyzeFrontend(srcPath) {
             queryParams: extractQueryParamsFromUrl(apiPath),
             schemaFields,
             requestBody: schemaFields ? { fields: schemaFields } : null,
-            sourceFile: file
+            sourceFile: normalizeSlashes(file),
           });
         }
-      }
+      },
     });
   }
 
   return Array.from(endpoints.values());
 }
 
-module.exports = { analyzeFrontend };
+// -------------------------
+// Main analyze() exported for CLI
+// -------------------------
+function analyze(projectRoot = process.cwd()) {
+  const rootDir = path.resolve(projectRoot);
+
+  return {
+    rootDir: normalizeSlashes(rootDir),
+    hasAuth: findAuthUsageInRepo(rootDir),
+    // If CLI expects addAuth directly, keep both:
+    addAuth: findAuthUsageInRepo(rootDir),
+  };
+}
+
+module.exports = {
+  analyze,
+  analyzeFrontend,
+};

package/src/templates/node-ts-express/partials/App.test.ts.ejs

@@ -2,7 +2,8 @@
 import request from 'supertest';
 import express from 'express';
 
-import apiRoutes from '../routes'; 
+import apiRoutes from '../routes';
+
 <% if (addAuth) { -%>
 import authRoutes from '../routes/Auth.routes';
 <% } -%>
@@ -13,6 +14,7 @@ app.use(express.json());
 <% if (addAuth) { -%>
 app.use('/api/auth', authRoutes);
 <% } -%>
+
 app.use('/api', apiRoutes);
 
 describe('API Endpoints (Generated)', () => {
@@ -22,14 +24,35 @@ describe('API Endpoints (Generated)', () => {
 
   <% endpoints
       .filter(ep => ep && ep.route && ep.method)
-      .forEach(ep => { 
-        const method = ep.method.toLowerCase();
-        const url = (ep.route.startsWith('/api/') ? ep.route.replace(/^\/api/, '') : ep.route)
-          .replace(/:\w+/g, '1'); // replace path params with dummy value
+      .forEach(ep => {
+        const method = String(ep.method).toLowerCase();
+
+        // ep.route might be "/api/..." or "/..."
+        const url = (String(ep.route).startsWith('/api/')
+          ? String(ep.route).replace(/^\/api/, '')
+          : String(ep.route)
+        )
+          // replace ":id" style params with dummy value
+          .replace(/:\w+/g, '1');
   -%>
   it('<%= ep.method %> <%= url %> should respond', async () => {
-    const res = await request(app).<%= method %>('<%= '/api' + url %>')<% if (['post','put','patch'].includes(method) && ep.schemaFields) { %>
-      .send(<%- JSON.stringify(Object.fromEntries(Object.entries(ep.schemaFields).map(([k,t]) => [k, t === 'Number' ? 1 : (t === 'Boolean' ? true : 'test') ]))) %>)<% } %>;
+    const req = request(app).<%= method %>('<%= '/api' + url %>');
+
+    <% if (['post','put','patch'].includes(method) && ep.schemaFields) { -%>
+    req.send(
+      <%- JSON.stringify(
+        Object.fromEntries(
+          Object.entries(ep.schemaFields).map(([k, t]) => [
+            k,
+            t === 'Number' ? 1 : (t === 'Boolean' ? true : 'test')
+          ])
+        )
+      ) %>
+    );
+    <% } -%>
+
+    const res = await req;
+
     // We only assert "not 404" because generated handlers may be TODO stubs,
     // and auth/validation may affect exact status codes.
     expect(res.statusCode).not.toBe(404);