create-express-kickstart 1.2.9 → 1.2.11

package/.env.example

@@ -6,11 +6,4 @@ NODE_ENV=development
 
 # Rate Limiting
 RATE_LIMIT_WINDOW_MS=900000 # 15 minutes in milliseconds
-RATE_LIMIT_MAX=100 # Maximum requests per windowMs
-
-# Bcrypt Configuration
-BCRYPT_SALT=10 
-
-# JWT Configuration
-JWT_SECRET=your_jwt_secret_key
-JWT_EXPIRES_IN=1d
+RATE_LIMIT_MAX=100 # Maximum requests per windowMs

package/bin/cli.js

@@ -258,11 +258,6 @@ export const verifyToken = (token) => {
       if (fs.existsSync(dbDir)) fs.rmSync(dbDir, { recursive: true, force: true });
     }
 
-    if (!deps.dotenv) {
-      serverJsCode = serverJsCode.replace(/import dotenv from "dotenv";\r?\n/, '');
-      serverJsCode = serverJsCode.replace(/\/\/ Load environment variables[\s\S]*?\}\);\r?\n/, '');
-    }
-
     fs.writeFileSync(serverJsPath, serverJsCode);
   }
 
@@ -276,7 +271,7 @@ export const verifyToken = (token) => {
     type: "module",
     scripts: {
       "start": "node src/server.js",
-      "dev": "nodemon src/server.js"
+      "dev": deps.dotenv ? "nodemon -r dotenv/config src/server.js" : "nodemon src/server.js"
     },
     imports: {
       "#*": "./src/*"
@@ -296,21 +291,22 @@ export const verifyToken = (token) => {
 
   // Write package.json
   fs.writeFileSync(
-    path.join(projectPath, 'package.json'), 
+    path.join(projectPath, 'package.json'),
     JSON.stringify(packageJsonTemplate, null, 2)
   );
 
   // Install Dependencies
-  const dependenciesToInstall = Object.keys(deps).filter(dep => deps[dep] && dep !== 'prettier');
+  const dependenciesToInstall = Object.keys(deps).filter(dep => deps[dep] && dep !== 'prettier' && dep !== 'dotenv');
   if (deps['pino-http']) {
     dependenciesToInstall.push('pino');
   }
   if (initAuth) {
     dependenciesToInstall.push('jsonwebtoken', 'bcryptjs'); // Add bcryptjs too since it's standard with JWT
   }
-  
+
   const devDependenciesToInstall = ['nodemon'];
   if (deps.prettier) devDependenciesToInstall.push('prettier');
+  if (deps.dotenv) devDependenciesToInstall.push('dotenv');
   if (installPinoPretty) devDependenciesToInstall.push('pino-pretty');
   if (initTests) {
     devDependenciesToInstall.push('jest', 'supertest');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-express-kickstart",
-  "version": "1.2.9",
+  "version": "1.2.11",
   "description": "Production-ready CLI starter for Express APIs",
   "main": "bin/cli.js",
   "bin": {

package/src/app.js

@@ -16,8 +16,8 @@ app.use(helmet());
 
 // Rate Limiting
 const limiter = rateLimit({
-    windowMs: process.env.RATE_LIMIT_WINDOW_MS || 15 * 60 * 1000, // Default 15 minutes
-    limit: process.env.RATE_LIMIT_MAX || 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
+    windowMs: Number(process.env.RATE_LIMIT_WINDOW_MS) || 15 * 60 * 1000, // Default 15 minutes
+    limit: Number(process.env.RATE_LIMIT_MAX) || 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
     standardHeaders: 'draft-7', // draft-6: `RateLimit-*` headers; draft-7: combined `RateLimit` header
     legacyHeaders: false, // Disable the `X-RateLimit-*` headers
     message: "Too many requests from this IP, please try again later"
@@ -51,9 +51,12 @@ app.use(pinoHttp({
 }));
 
 // CORS setup
+if (!process.env.CORS_ORIGIN && process.env.NODE_ENV === "production") {
+    throw new Error("CORS_ORIGIN must be set");
+}
 app.use(
     cors({
-        origin: process.env.CORS_ORIGIN || "*", // Fallback to allowing everything
+        origin: process.env.CORS_ORIGIN || "*",
         credentials: true, // Allow cookies with requests
     })
 );

package/src/server.js

@@ -1,11 +1,4 @@
-import dotenv from "dotenv";
 import { app } from "#app.js";
-
-// Load environment variables from .env file
-dotenv.config({
-    path: './.env'
-});
-
 import connectDB from "#db/index.js";
 
 const PORT = process.env.PORT || 8000;