create-blitzpack 0.1.0 → 0.1.1

package/template/apps/api/start.sh

@@ -1,33 +0,0 @@
-#!/bin/sh
-set -e
-
-echo "🚀 Starting API deployment..."
-
-# Wait for database to be ready (handles Railway sleep mode)
-echo "⏳ Waiting for database to wake up..."
-
-max_attempts=30
-attempt=0
-
-until npx prisma db push --accept-data-loss --skip-generate || [ $attempt -eq $max_attempts ]; do
-  attempt=$((attempt + 1))
-  echo "   Database not ready yet (attempt $attempt/$max_attempts). Retrying in 2 seconds..."
-  sleep 2
-done
-
-if [ $attempt -eq $max_attempts ]; then
-  echo "❌ Database connection failed after $max_attempts attempts"
-  exit 1
-fi
-
-echo "✅ Database is ready!"
-
-# Run migrations (production-safe, no prompts)
-echo "🔄 Running database migrations..."
-npx prisma migrate deploy
-
-echo "✅ Migrations complete!"
-
-# Start the API server
-echo "🎯 Starting API server..."
-exec node dist/src/main.js

package/template/apps/api/test/helpers/fastify-app.ts

@@ -1,24 +0,0 @@
-import type { FastifyInstance } from 'fastify';
-import Fastify from 'fastify';
-
-import { loadEnv } from '@/config/env';
-
-/**
- * Create a Fastify test instance with minimal plugins for testing
- */
-export async function createTestApp(): Promise<FastifyInstance> {
-  loadEnv(); // Load test environment variables
-
-  const app = Fastify({
-    logger: false, // Disable logging in tests
-  });
-
-  return app;
-}
-
-/**
- * Close the Fastify test instance
- */
-export async function closeTestApp(app: FastifyInstance): Promise<void> {
-  await app.close();
-}

package/template/apps/api/test/helpers/mock-authorization.ts

@@ -1,16 +0,0 @@
-import { vi } from 'vitest';
-
-import type { AuthorizationService } from '@/services/authorization.service';
-
-export function createMockAuthorizationService(): AuthorizationService {
-  return {
-    canModifyUser: vi.fn().mockReturnValue(true),
-    canDeleteUser: vi.fn().mockReturnValue(true),
-    canChangeRole: vi.fn().mockReturnValue(true),
-    canChangeEmail: vi.fn().mockReturnValue(true),
-    assertCanModifyUser: vi.fn(),
-    assertCanDeleteUser: vi.fn(),
-    assertCanChangeRole: vi.fn(),
-    assertCanChangeEmail: vi.fn(),
-  } as unknown as AuthorizationService;
-}

package/template/apps/api/test/helpers/mock-logger.ts

@@ -1,28 +0,0 @@
-import { vi } from 'vitest';
-
-import type { LoggerService } from '@/common/logger.service';
-
-export function createMockLogger(): LoggerService {
-  const mockLogger = {
-    setContext: vi.fn(),
-    info: vi.fn(),
-    error: vi.fn(),
-    warn: vi.fn(),
-    debug: vi.fn(),
-    http: vi.fn(),
-    child: vi.fn(),
-    minimal: vi.fn(),
-    normal: vi.fn(),
-    detailed: vi.fn(),
-    verbose: vi.fn(),
-  } as unknown as LoggerService;
-
-  // Make verbosity methods chainable
-  mockLogger.minimal = vi.fn().mockReturnValue(mockLogger);
-  mockLogger.normal = vi.fn().mockReturnValue(mockLogger);
-  mockLogger.detailed = vi.fn().mockReturnValue(mockLogger);
-  mockLogger.verbose = vi.fn().mockReturnValue(mockLogger);
-  mockLogger.child = vi.fn().mockReturnValue(mockLogger);
-
-  return mockLogger;
-}

package/template/apps/api/test/helpers/mock-prisma.ts

@@ -1,30 +0,0 @@
-import { vi } from 'vitest';
-
-import type { PrismaClient } from '@/generated/client/client.js';
-
-export function createMockPrisma(): PrismaClient {
-  return {
-    user: {
-      findMany: vi.fn(),
-      findUnique: vi.fn(),
-      findFirst: vi.fn(),
-      create: vi.fn(),
-      update: vi.fn(),
-      delete: vi.fn(),
-      count: vi.fn(),
-    },
-    session: {
-      findMany: vi.fn(),
-      findUnique: vi.fn(),
-      findFirst: vi.fn(),
-      create: vi.fn(),
-      update: vi.fn(),
-      delete: vi.fn(),
-      deleteMany: vi.fn(),
-      count: vi.fn(),
-    },
-    $connect: vi.fn(),
-    $disconnect: vi.fn(),
-    $queryRaw: vi.fn(),
-  } as unknown as PrismaClient;
-}

package/template/apps/api/test/helpers/test-db.ts

@@ -1,125 +0,0 @@
-import 'dotenv-flow/config';
-
-import { PrismaPg } from '@prisma/adapter-pg';
-import { execSync } from 'child_process';
-import { Pool } from 'pg';
-
-import { PrismaClient } from '@/generated/client/client.js';
-
-let prisma: PrismaClient | null = null;
-let pool: Pool | null = null;
-
-/**
- * Get test database URL
- * Uses DATABASE_URL from env but appends _test suffix to database name
- */
-function getTestDatabaseUrl(): string {
-  const databaseUrl =
-    process.env.DATABASE_URL ||
-    'postgresql://postgres:postgres_dev_password@localhost:5432/app_dev';
-
-  const url = new URL(databaseUrl);
-  const dbName = url.pathname.slice(1);
-  url.pathname = `/${dbName}_test`;
-
-  return url.toString();
-}
-
-/**
- * Setup test database before running tests
- * - Sets up test database URL
- * - Runs migrations
- * - Creates Prisma client instance
- */
-export async function setupTestDatabase(): Promise<void> {
-  const testDatabaseUrl = getTestDatabaseUrl();
-
-  process.env.DATABASE_URL = testDatabaseUrl;
-
-  try {
-    // Run migrations on test database
-    console.log('⏳ Running test database migrations...');
-    execSync('npx prisma migrate deploy', {
-      stdio: 'inherit',
-      env: { ...process.env, DATABASE_URL: testDatabaseUrl },
-    });
-
-    pool = new Pool({ connectionString: testDatabaseUrl });
-    const adapter = new PrismaPg(pool);
-    prisma = new PrismaClient({ adapter });
-
-    await prisma.$connect();
-    console.log('✅ Test database ready');
-  } catch (error) {
-    console.error('❌ Failed to setup test database:', error);
-    throw error;
-  }
-}
-
-/**
- * Cleanup test database after tests complete
- * - Disconnects Prisma client
- * - Optionally drops test database (set KEEP_TEST_DB=true to preserve)
- */
-export async function cleanupTestDatabase(): Promise<void> {
-  if (prisma) {
-    await prisma.$disconnect();
-    prisma = null;
-  }
-
-  if (pool) {
-    await pool.end();
-    pool = null;
-  }
-
-  if (process.env.KEEP_TEST_DB !== 'true') {
-    try {
-      const testDatabaseUrl = getTestDatabaseUrl();
-      const url = new URL(testDatabaseUrl);
-      const dbName = url.pathname.slice(1);
-
-      url.pathname = '/postgres';
-      const adminUrl = url.toString();
-
-      console.log('⏳ Cleaning up test database...');
-
-      const adminPool = new Pool({ connectionString: adminUrl });
-      const adminAdapter = new PrismaPg(adminPool);
-      const adminPrisma = new PrismaClient({ adapter: adminAdapter });
-
-      await adminPrisma.$connect();
-      await adminPrisma.$executeRawUnsafe(
-        `DROP DATABASE IF EXISTS "${dbName}" WITH (FORCE);`
-      );
-      await adminPrisma.$disconnect();
-      await adminPool.end();
-
-      console.log('✅ Test database cleaned up');
-    } catch (error) {
-      console.warn('⚠️ Test database cleanup failed (usually okay)');
-    }
-  }
-}
-
-export function getTestPrisma(): PrismaClient {
-  if (!prisma) {
-    throw new Error(
-      'Test database not initialized. Make sure setupTestDatabase() was called.'
-    );
-  }
-  return prisma;
-}
-
-/**
- * Reset test database between tests
- * Truncates all tables while preserving schema
- */
-export async function resetTestDatabase(): Promise<void> {
-  const client = getTestPrisma();
-
-  // Disable foreign key checks and truncate all tables at once
-  // This is more efficient and avoids deadlocks
-  await client.$executeRaw`
-    TRUNCATE TABLE "verifications", "sessions", "accounts", "users" RESTART IDENTITY CASCADE;
-  `;
-}

package/template/apps/api/test/integration/auth-flow.integration.spec.ts

@@ -1,449 +0,0 @@
-import { getTestPrisma, resetTestDatabase } from '@test/helpers/test-db';
-import { afterEach, beforeEach, describe, expect, it } from 'vitest';
-
-describe('Authentication Flow Integration Tests', () => {
-  beforeEach(async () => {
-    await resetTestDatabase();
-  });
-
-  afterEach(async () => {
-    // Additional cleanup if needed
-  });
-
-  describe('Signup and Login Flow', () => {
-    it('should allow user to signup and login with email/password', async () => {
-      const prisma = getTestPrisma();
-
-      const email = 'newuser@test.com';
-      const password = 'SecurePass123!';
-      const name = 'New User';
-
-      // Simulate signup by creating user directly in database
-      // (Better Auth handles signup via API endpoint)
-      const user = await prisma.user.create({
-        data: {
-          email,
-          name,
-          emailVerified: false,
-        },
-      });
-
-      // Create credential account for password auth
-      const bcrypt = await import('bcryptjs');
-      const hashedPassword = await bcrypt.hash(password, 10);
-
-      await prisma.account.create({
-        data: {
-          userId: user.id,
-          accountId: email, // Use email as accountId for credential provider
-          providerId: 'credential',
-          password: hashedPassword,
-        },
-      });
-
-      // Verify user was created
-      const createdUser = await prisma.user.findUnique({
-        where: { email },
-      });
-
-      expect(createdUser).toBeDefined();
-      expect(createdUser?.email).toBe(email);
-      expect(createdUser?.name).toBe(name);
-      expect(createdUser?.emailVerified).toBe(false);
-    });
-
-    it('should create session on successful login', async () => {
-      const prisma = getTestPrisma();
-
-      const user = await prisma.user.create({
-        data: {
-          email: 'session@test.com',
-          name: 'Session User',
-          emailVerified: true,
-        },
-      });
-
-      const bcrypt = await import('bcryptjs');
-      const hashedPassword = await bcrypt.hash('password123', 10);
-
-      await prisma.account.create({
-        data: {
-          userId: user.id,
-          accountId: 'session@test.com', // Use email as accountId for credential provider
-          providerId: 'credential',
-          password: hashedPassword,
-        },
-      });
-
-      // Create session manually (Better Auth would do this on login)
-      const session = await prisma.session.create({
-        data: {
-          userId: user.id,
-          token: 'test-session-token',
-          expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000), // 7 days
-          ipAddress: '127.0.0.1',
-          userAgent: 'Test Browser',
-        },
-      });
-
-      expect(session).toBeDefined();
-      expect(session.userId).toBe(user.id);
-      expect(session.expiresAt.getTime()).toBeGreaterThan(Date.now());
-    });
-
-    it('should not allow duplicate email signups', async () => {
-      const prisma = getTestPrisma();
-
-      const email = 'duplicate@test.com';
-
-      // Create first user
-      await prisma.user.create({
-        data: {
-          email,
-          name: 'First User',
-        },
-      });
-
-      // Attempt to create second user with same email
-      await expect(
-        prisma.user.create({
-          data: {
-            email,
-            name: 'Second User',
-          },
-        })
-      ).rejects.toThrow();
-    });
-  });
-
-  describe('Session Management', () => {
-    it('should allow multiple sessions for same user', async () => {
-      const prisma = getTestPrisma();
-
-      const user = await prisma.user.create({
-        data: {
-          email: 'multisession@test.com',
-          name: 'Multi Session User',
-        },
-      });
-
-      // Create multiple sessions (different devices)
-      const session1 = await prisma.session.create({
-        data: {
-          userId: user.id,
-          token: 'session-1-token',
-          expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000),
-          ipAddress: '192.168.1.1',
-          userAgent: 'Desktop Browser',
-        },
-      });
-
-      const session2 = await prisma.session.create({
-        data: {
-          userId: user.id,
-          token: 'session-2-token',
-          expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000),
-          ipAddress: '192.168.1.2',
-          userAgent: 'Mobile Browser',
-        },
-      });
-
-      const sessions = await prisma.session.findMany({
-        where: { userId: user.id },
-      });
-
-      expect(sessions).toHaveLength(2);
-      expect(sessions[0].id).toBe(session1.id);
-      expect(sessions[1].id).toBe(session2.id);
-    });
-
-    it('should filter out expired sessions', async () => {
-      const prisma = getTestPrisma();
-
-      const user = await prisma.user.create({
-        data: {
-          email: 'expired@test.com',
-          name: 'Expired Session User',
-        },
-      });
-
-      // Create active session
-      await prisma.session.create({
-        data: {
-          userId: user.id,
-          token: 'active-session',
-          expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000),
-        },
-      });
-
-      // Create expired session
-      await prisma.session.create({
-        data: {
-          userId: user.id,
-          token: 'expired-session',
-          expiresAt: new Date(Date.now() - 1000), // Already expired
-        },
-      });
-
-      // Query only active sessions
-      const activeSessions = await prisma.session.findMany({
-        where: {
-          userId: user.id,
-          expiresAt: {
-            gt: new Date(),
-          },
-        },
-      });
-
-      expect(activeSessions).toHaveLength(1);
-      expect(activeSessions[0].token).toBe('active-session');
-    });
-
-    it('should delete session on logout', async () => {
-      const prisma = getTestPrisma();
-
-      const user = await prisma.user.create({
-        data: {
-          email: 'logout@test.com',
-          name: 'Logout User',
-        },
-      });
-
-      const session = await prisma.session.create({
-        data: {
-          userId: user.id,
-          token: 'logout-session',
-          expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000),
-        },
-      });
-
-      // Delete session (logout)
-      await prisma.session.delete({
-        where: { id: session.id },
-      });
-
-      const deletedSession = await prisma.session.findUnique({
-        where: { id: session.id },
-      });
-
-      expect(deletedSession).toBeNull();
-    });
-
-    it('should revoke all user sessions', async () => {
-      const prisma = getTestPrisma();
-
-      const user = await prisma.user.create({
-        data: {
-          email: 'revoke-all@test.com',
-          name: 'Revoke All User',
-        },
-      });
-
-      // Create multiple sessions
-      await prisma.session.createMany({
-        data: [
-          {
-            userId: user.id,
-            token: 'session-1',
-            expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000),
-          },
-          {
-            userId: user.id,
-            token: 'session-2',
-            expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000),
-          },
-          {
-            userId: user.id,
-            token: 'session-3',
-            expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000),
-          },
-        ],
-      });
-
-      // Revoke all sessions
-      await prisma.session.deleteMany({
-        where: { userId: user.id },
-      });
-
-      const remainingSessions = await prisma.session.findMany({
-        where: { userId: user.id },
-      });
-
-      expect(remainingSessions).toHaveLength(0);
-    });
-  });
-
-  describe('Email Verification Flow', () => {
-    it('should create verification record on signup', async () => {
-      const prisma = getTestPrisma();
-
-      const user = await prisma.user.create({
-        data: {
-          email: 'verify@test.com',
-          name: 'Verify User',
-          emailVerified: false,
-        },
-      });
-
-      // Create verification token
-      const verification = await prisma.verification.create({
-        data: {
-          identifier: user.email,
-          value: 'verification-token-12345',
-          expiresAt: new Date(Date.now() + 24 * 60 * 60 * 1000), // 24 hours
-        },
-      });
-
-      expect(verification).toBeDefined();
-      expect(verification.identifier).toBe(user.email);
-      expect(verification.expiresAt.getTime()).toBeGreaterThan(Date.now());
-    });
-
-    it('should mark user as verified after email verification', async () => {
-      const prisma = getTestPrisma();
-
-      const user = await prisma.user.create({
-        data: {
-          email: 'verify-success@test.com',
-          name: 'Verify Success User',
-          emailVerified: false,
-        },
-      });
-
-      // Simulate verification
-      const updatedUser = await prisma.user.update({
-        where: { id: user.id },
-        data: { emailVerified: true },
-      });
-
-      expect(updatedUser.emailVerified).toBe(true);
-    });
-
-    it('should delete verification token after successful verification', async () => {
-      const prisma = getTestPrisma();
-
-      const verification = await prisma.verification.create({
-        data: {
-          identifier: 'delete-token@test.com',
-          value: 'token-to-delete',
-          expiresAt: new Date(Date.now() + 24 * 60 * 60 * 1000),
-        },
-      });
-
-      // Delete verification token after use
-      await prisma.verification.delete({
-        where: { id: verification.id },
-      });
-
-      const deletedVerification = await prisma.verification.findUnique({
-        where: { id: verification.id },
-      });
-
-      expect(deletedVerification).toBeNull();
-    });
-  });
-
-  describe('Password Reset Flow', () => {
-    it('should create password reset token', async () => {
-      const prisma = getTestPrisma();
-
-      const user = await prisma.user.create({
-        data: {
-          email: 'reset@test.com',
-          name: 'Reset User',
-        },
-      });
-
-      // Create password reset verification
-      const resetToken = await prisma.verification.create({
-        data: {
-          identifier: user.email,
-          value: 'reset-token-12345',
-          expiresAt: new Date(Date.now() + 3600 * 1000), // 1 hour
-        },
-      });
-
-      expect(resetToken).toBeDefined();
-      expect(resetToken.identifier).toBe(user.email);
-    });
-
-    it('should update password and invalidate reset token', async () => {
-      const prisma = getTestPrisma();
-
-      const user = await prisma.user.create({
-        data: {
-          email: 'password-change@test.com',
-          name: 'Password Change User',
-        },
-      });
-
-      // Create account with old password
-      const bcrypt = await import('bcryptjs');
-      const oldPassword = await bcrypt.hash('oldPassword123', 10);
-
-      const account = await prisma.account.create({
-        data: {
-          userId: user.id,
-          accountId: user.id,
-          providerId: 'credential',
-          password: oldPassword,
-        },
-      });
-
-      // Update password
-      const newPassword = await bcrypt.hash('newPassword456', 10);
-      const updatedAccount = await prisma.account.update({
-        where: { id: account.id },
-        data: { password: newPassword },
-      });
-
-      // Verify password was changed
-      const isOldPasswordValid = await bcrypt.compare(
-        'oldPassword123',
-        updatedAccount.password!
-      );
-      const isNewPasswordValid = await bcrypt.compare(
-        'newPassword456',
-        updatedAccount.password!
-      );
-
-      expect(isOldPasswordValid).toBe(false);
-      expect(isNewPasswordValid).toBe(true);
-    });
-  });
-
-  describe('User Role Management', () => {
-    it('should assign default role on user creation', async () => {
-      const prisma = getTestPrisma();
-
-      const user = await prisma.user.create({
-        data: {
-          email: 'default-role@test.com',
-          name: 'Default Role User',
-        },
-      });
-
-      // Better Auth admin plugin uses 'role' field
-      // Default role should be 'user' (as configured in auth plugin)
-      const userWithRole = user as typeof user & { role?: string };
-      expect(userWithRole.role || 'user').toBe('user');
-    });
-
-    it('should allow admin role assignment', async () => {
-      const prisma = getTestPrisma();
-
-      // Create user with admin role
-      const adminUser = await prisma.user.create({
-        data: {
-          email: 'admin@test.com',
-          name: 'Admin User',
-          // Note: Better Auth admin plugin manages roles via user.role field
-          // The exact implementation depends on your Prisma schema
-        },
-      });
-
-      expect(adminUser).toBeDefined();
-      expect(adminUser.email).toBe('admin@test.com');
-    });
-  });
-});