create-flex-stack 1.0.0

package/dist/templates/layeredTemplate.js

@@ -0,0 +1,745 @@
+export function getLayeredFiles(options) {
+    const files = {};
+    const userIdExpr = options.orm === 'prisma' ? 'user.id' : 'user._id.toString()';
+    // 1. src/config/env.ts
+    if (options.validation === 'zod') {
+        files['src/config/env.ts'] = `import dotenv from 'dotenv';
+import { z } from 'zod';
+
+dotenv.config();
+
+const envSchema = z.object({
+  PORT: z.coerce.number().default(3000),
+  NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),
+  DATABASE_URL: z.string().min(1, 'DATABASE_URL is required'),
+  ${options.auth ? `JWT_SECRET: z.string().min(8, 'JWT_SECRET must be at least 8 characters'),
+  JWT_REFRESH_SECRET: z.string().min(8, 'JWT_REFRESH_SECRET must be at least 8 characters'),
+  JWT_EXPIRES_IN: z.string().default('15m'),
+  JWT_REFRESH_EXPIRES_IN: z.string().default('7d'),` : ''}
+  ${options.caching ? `REDIS_URL: z.string().min(1, 'REDIS_URL is required'),` : ''}
+});
+
+const parsed = envSchema.safeParse(process.env);
+
+if (!parsed.success) {
+  console.error('❌ Invalid environment variables:', parsed.error.format());
+  process.exit(1);
+}
+
+export const env = parsed.data;
+`;
+    }
+    else {
+        // Joi
+        files['src/config/env.ts'] = `import dotenv from 'dotenv';
+import Joi from 'joi';
+
+dotenv.config();
+
+const envSchema = Joi.object({
+  PORT: Joi.number().default(3000),
+  NODE_ENV: Joi.string().valid('development', 'production', 'test').default('development'),
+  DATABASE_URL: Joi.string().required(),
+  ${options.auth ? `JWT_SECRET: Joi.string().min(8).required(),
+  JWT_REFRESH_SECRET: Joi.string().min(8).required(),
+  JWT_EXPIRES_IN: Joi.string().default('15m'),
+  JWT_REFRESH_EXPIRES_IN: Joi.string().default('7d'),` : ''}
+  ${options.caching ? `REDIS_URL: Joi.string().required(),` : ''}
+}).unknown().required();
+
+const { error, value } = envSchema.validate(process.env);
+
+if (error) {
+  console.error('❌ Invalid environment variables:', error.message);
+  process.exit(1);
+}
+
+export const env = {
+  PORT: Number(value.PORT),
+  NODE_ENV: value.NODE_ENV,
+  DATABASE_URL: value.DATABASE_URL,
+  ${options.auth ? `JWT_SECRET: value.JWT_SECRET,
+  JWT_REFRESH_SECRET: value.JWT_REFRESH_SECRET,
+  JWT_EXPIRES_IN: value.JWT_EXPIRES_IN,
+  JWT_REFRESH_EXPIRES_IN: value.JWT_REFRESH_EXPIRES_IN,` : ''}
+  ${options.caching ? `REDIS_URL: value.REDIS_URL,` : ''}
+};
+`;
+    }
+    // 2. src/middlewares/errorHandler.ts
+    files['src/middlewares/errorHandler.ts'] = `import { Request, Response, NextFunction } from 'express';
+
+export class AppError extends Error {
+  constructor(
+    public statusCode: number,
+    message: string,
+    public isOperational = true
+  ) {
+    super(message);
+    Object.setPrototypeOf(this, new.target.prototype);
+    Error.captureStackTrace(this, this.constructor);
+  }
+}
+
+export const errorHandler = (
+  err: Error | AppError,
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  const statusCode = err instanceof AppError ? err.statusCode : 500;
+  const message = err.message || 'Internal Server Error';
+
+  res.status(statusCode).json({
+    status: 'error',
+    statusCode,
+    message,
+    ...(process.env.NODE_ENV === 'development' && { stack: err.stack }),
+  });
+};
+`;
+    // 3. Auth and RBAC Middlewares (conditional)
+    if (options.auth) {
+        files['src/middlewares/auth.ts'] = `import { Request, Response, NextFunction } from 'express';
+import jwt from 'jsonwebtoken';
+import { env } from '../config/env.js';
+import { AppError } from './errorHandler.js';
+
+export interface AuthenticatedRequest extends Request {
+  user?: {
+    id: string;
+    email: string;
+    role: string;
+  };
+}
+
+export const requireAuth = (
+  req: AuthenticatedRequest,
+  res: Response,
+  next: NextFunction
+) => {
+  const authHeader = req.headers.authorization;
+  if (!authHeader || !authHeader.startsWith('Bearer ')) {
+    return next(new AppError(401, 'Authentication token missing or invalid'));
+  }
+
+  const token = authHeader.split(' ')[1];
+
+  try {
+    const decoded = jwt.verify(token, env.JWT_SECRET) as {
+      id: string;
+      email: string;
+      role: string;
+    };
+    
+    req.user = decoded;
+    next();
+  } catch (error) {
+    next(new AppError(401, 'Authentication token expired or corrupt'));
+  }
+};
+`;
+        if (options.rbac) {
+            files['src/middlewares/rbac.ts'] = `import { Response, NextFunction } from 'express';
+import { AuthenticatedRequest } from './auth.js';
+import { AppError } from './errorHandler.js';
+
+export const authorize = (...roles: string[]) => {
+  return (req: AuthenticatedRequest, res: Response, next: NextFunction) => {
+    if (!req.user) {
+      return next(new AppError(401, 'User not authenticated'));
+    }
+
+    if (!roles.includes(req.user.role)) {
+      return next(new AppError(403, 'Permission denied: insufficient privileges'));
+    }
+
+    next();
+  };
+};
+`;
+        }
+    }
+    // 4. Rate Limiting Middleware (conditional)
+    if (options.rateLimiting) {
+        files['src/middlewares/rateLimiter.ts'] = `import rateLimit from 'express-rate-limit';
+
+export const apiLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000, // 15 minutes
+  max: 100, // Limit each IP to 100 requests per windowMs
+  standardHeaders: true, // Return rate limit info in the \`RateLimit-*\` headers
+  legacyHeaders: false, // Disable the \`X-RateLimit-*\` headers
+  message: {
+    status: 'error',
+    statusCode: 429,
+    message: 'Too many requests from this IP, please try again after 15 minutes',
+  },
+});
+`;
+    }
+    // 5. Schemas (Zod or Joi)
+    if (options.validation === 'zod') {
+        files['src/schemas/user.schema.ts'] = `import { z } from 'zod';
+
+export const registerSchema = z.object({
+  body: z.object({
+    email: z.string().email('Invalid email address'),
+    name: z.string().min(2, 'Name must be at least 2 characters').optional(),
+    password: z.string().min(6, 'Password must be at least 6 characters'),
+    role: z.enum(['user', 'admin']).optional(),
+  }),
+});
+
+export const loginSchema = z.object({
+  body: z.object({
+    email: z.string().email('Invalid email address'),
+    password: z.string().min(1, 'Password is required'),
+  }),
+});
+
+export const refreshSchema = z.object({
+  body: z.object({
+    refreshToken: z.string().min(1, 'Refresh token is required'),
+  }),
+});
+`;
+    }
+    else {
+        // Joi
+        files['src/schemas/user.schema.ts'] = `import Joi from 'joi';
+
+export const registerSchema = Joi.object({
+  body: Joi.object({
+    email: Joi.string().email().required(),
+    name: Joi.string().min(2).optional(),
+    password: Joi.string().min(6).required(),
+    role: Joi.string().valid('user', 'admin').default('user'),
+  }).required(),
+}).unknown(true);
+
+export const loginSchema = Joi.object({
+  body: Joi.object({
+    email: Joi.string().email().required(),
+    password: Joi.string().required(),
+  }).required(),
+}).unknown(true);
+
+export const refreshSchema = Joi.object({
+  body: Joi.object({
+    refreshToken: Joi.string().required(),
+  }).required(),
+}).unknown(true);
+`;
+    }
+    // Helper validation middleware
+    files['src/middlewares/validate.ts'] = options.validation === 'zod'
+        ? `import { Request, Response, NextFunction } from 'express';
+import { AnyZodObject, ZodError } from 'zod';
+
+export const validate = (schema: AnyZodObject) => {
+  return async (req: Request, res: Response, next: NextFunction) => {
+    try {
+      const parsed = await schema.parseAsync({
+        body: req.body,
+        query: req.query,
+        params: req.params,
+      });
+      req.body = parsed.body;
+      req.query = parsed.query;
+      req.params = parsed.params;
+      next();
+    } catch (error) {
+      if (error instanceof ZodError) {
+        res.status(400).json({
+          status: 'error',
+          statusCode: 400,
+          message: 'Validation failed',
+          errors: error.errors.map(err => ({
+            field: err.path.join('.'),
+            message: err.message,
+          })),
+        });
+      } else {
+        next(error);
+      }
+    }
+  };
+};
+`
+        : `import { Request, Response, NextFunction } from 'express';
+import { Schema } from 'joi';
+
+export const validate = (schema: Schema) => {
+  return async (req: Request, res: Response, next: NextFunction) => {
+    try {
+      const { error, value } = schema.validate({
+        body: req.body,
+        query: req.query,
+        params: req.params,
+      }, { abortEarly: false });
+
+      if (error) {
+        return res.status(400).json({
+          status: 'error',
+          statusCode: 400,
+          message: 'Validation failed',
+          errors: error.details.map(err => ({
+            field: err.path.join('.'),
+            message: err.message,
+          })),
+        });
+      }
+      req.body = value.body;
+      req.query = value.query;
+      req.params = value.params;
+      next();
+    } catch (err) {
+      next(err);
+    }
+  };
+};
+`;
+    // 6. DB Client / User Model
+    if (options.orm === 'mongoose') {
+        files['src/models/user.model.ts'] = `import mongoose, { Schema } from 'mongoose';
+
+const UserSchema = new Schema({
+  email: { type: String, required: true, unique: true },
+  name: { type: String },
+  password: { type: String, required: true },
+  role: { type: String, default: 'user', enum: ['user', 'admin'] },
+  refreshToken: { type: String },
+}, { timestamps: true });
+
+export const UserModel = mongoose.model('User', UserSchema);
+`;
+    }
+    // 7. Repositories
+    if (options.orm === 'prisma') {
+        files['src/repositories/user.repository.ts'] = `import { PrismaClient } from '@prisma/client';
+
+const prisma = new PrismaClient();
+
+export class UserRepository {
+  async findByEmail(email: string) {
+    return prisma.user.findUnique({ where: { email } });
+  }
+
+  async findById(id: string) {
+    return prisma.user.findUnique({ where: { id } });
+  }
+
+  async create(data: any) {
+    return prisma.user.create({ data });
+  }
+
+  async update(id: string, data: any) {
+    return prisma.user.update({
+      where: { id },
+      data,
+    });
+  }
+
+  async findAll() {
+    return prisma.user.findMany({
+      select: {
+        id: true,
+        email: true,
+        name: true,
+        role: true,
+        createdAt: true,
+      }
+    });
+  }
+}
+`;
+    }
+    else {
+        // Mongoose Repository
+        files['src/repositories/user.repository.ts'] = `import { UserModel } from '../models/user.model.js';
+
+export class UserRepository {
+  async findByEmail(email: string) {
+    return UserModel.findOne({ email });
+  }
+
+  async findById(id: string) {
+    return UserModel.findById(id);
+  }
+
+  async create(data: any) {
+    return UserModel.create(data);
+  }
+
+  async update(id: string, data: any) {
+    return UserModel.findByIdAndUpdate(id, data, { new: true });
+  }
+
+  async findAll() {
+    return UserModel.find({}, 'id email name role createdAt');
+  }
+}
+`;
+    }
+    // 8. Services
+    files['src/services/user.service.ts'] = `import bcrypt from 'bcryptjs';
+import jwt from 'jsonwebtoken';
+import { UserRepository } from '../repositories/user.repository.js';
+import { env } from '../config/env.js';
+import { AppError } from '../middlewares/errorHandler.js';
+
+const userRepository = new UserRepository();
+
+export class UserService {
+  private generateTokens(payload: { id: string; email: string; role: string }) {
+    const accessToken = jwt.sign(payload, env.JWT_SECRET, {
+      expiresIn: env.JWT_EXPIRES_IN as any,
+    });
+    const refreshToken = jwt.sign(payload, env.JWT_REFRESH_SECRET, {
+      expiresIn: env.JWT_REFRESH_EXPIRES_IN as any,
+    });
+    return { accessToken, refreshToken };
+  }
+
+  async register(data: any) {
+    const existing = await userRepository.findByEmail(data.email);
+    if (existing) {
+      throw new AppError(400, 'Email already registered');
+    }
+
+    const hashedPassword = await bcrypt.hash(data.password, 10);
+    const user = await userRepository.create({
+      ...data,
+      password: hashedPassword,
+    });
+
+    const tokens = this.generateTokens({
+      id: ${userIdExpr},
+      email: user.email,
+      role: user.role,
+    });
+
+    await userRepository.update(${userIdExpr}, {
+      refreshToken: tokens.refreshToken,
+    });
+
+    return {
+      user: {
+        id: ${userIdExpr},
+        email: user.email,
+        name: user.name,
+        role: user.role,
+      },
+      ...tokens,
+    };
+  }
+
+  async login(data: any) {
+    const user = await userRepository.findByEmail(data.email);
+    if (!user) {
+      throw new AppError(401, 'Invalid email or password');
+    }
+
+    const isMatch = await bcrypt.compare(data.password, user.password);
+    if (!isMatch) {
+      throw new AppError(401, 'Invalid email or password');
+    }
+
+    const tokens = this.generateTokens({
+      id: ${userIdExpr},
+      email: user.email,
+      role: user.role,
+    });
+
+    await userRepository.update(${userIdExpr}, {
+      refreshToken: tokens.refreshToken,
+    });
+
+    return {
+      user: {
+        id: ${userIdExpr},
+        email: user.email,
+        name: user.name,
+        role: user.role,
+      },
+      ...tokens,
+    };
+  }
+
+  async refresh(token: string) {
+    try {
+      const decoded = jwt.verify(token, env.JWT_REFRESH_SECRET) as any;
+      const user = await userRepository.findById(decoded.id);
+
+      if (!user || user.refreshToken !== token) {
+        throw new AppError(401, 'Invalid or revoked refresh token');
+      }
+
+      const tokens = this.generateTokens({
+        id: ${userIdExpr},
+        email: user.email,
+        role: user.role,
+      });
+
+      await userRepository.update(${userIdExpr}, {
+        refreshToken: tokens.refreshToken,
+      });
+
+      return tokens;
+    } catch (err) {
+      throw new AppError(401, 'Invalid or expired refresh token');
+    }
+  }
+
+  async getProfile(id: string) {
+    const user = await userRepository.findById(id);
+    if (!user) {
+      throw new AppError(404, 'User not found');
+    }
+    return {
+      id: ${userIdExpr},
+      email: user.email,
+      name: user.name,
+      role: user.role,
+      createdAt: user.createdAt,
+    };
+  }
+
+  async getAllUsers() {
+    return userRepository.findAll();
+  }
+}
+`;
+    // 9. Controllers
+    files['src/controllers/user.controller.ts'] = `import { Request, Response, NextFunction } from 'express';
+import { UserService } from '../services/user.service.js';
+import { AuthenticatedRequest } from '../middlewares/auth.js';
+
+const userService = new UserService();
+
+export class UserController {
+  async register(req: Request, res: Response, next: NextFunction) {
+    try {
+      const result = await userService.register(req.body);
+      res.status(201).json({
+        status: 'success',
+        data: result,
+      });
+    } catch (err) {
+      next(err);
+    }
+  }
+
+  async login(req: Request, res: Response, next: NextFunction) {
+    try {
+      const result = await userService.login(req.body);
+      res.status(200).json({
+        status: 'success',
+        data: result,
+      });
+    } catch (err) {
+      next(err);
+    }
+  }
+
+  async refresh(req: Request, res: Response, next: NextFunction) {
+    try {
+      const result = await userService.refresh(req.body.refreshToken);
+      res.status(200).json({
+        status: 'success',
+        data: result,
+      });
+    } catch (err) {
+      next(err);
+    }
+  }
+
+  async profile(req: AuthenticatedRequest, res: Response, next: NextFunction) {
+    try {
+      const user = await userService.getProfile(req.user!.id);
+      res.status(200).json({
+        status: 'success',
+        data: { user },
+      });
+    } catch (err) {
+      next(err);
+    }
+  }
+
+  async list(req: Request, res: Response, next: NextFunction) {
+    try {
+      const users = await userService.getAllUsers();
+      res.status(200).json({
+        status: 'success',
+        data: { users },
+      });
+    } catch (err) {
+      next(err);
+    }
+  }
+}
+`;
+    // 10. Routes
+    const rbacImport = options.rbac ? ", authorize" : "";
+    files['src/routes/user.routes.ts'] = `import { Router } from 'express';
+import { UserController } from '../controllers/user.controller.js';
+import { requireAuth } from '../middlewares/auth.js';
+${options.rbac ? `import { authorize } from '../middlewares/rbac.js';` : ''}
+import { validate } from '../middlewares/validate.js';
+import { registerSchema, loginSchema, refreshSchema } from '../schemas/user.schema.js';
+
+const router = Router();
+const controller = new UserController();
+
+router.post('/register', validate(registerSchema), controller.register);
+router.post('/login', validate(loginSchema), controller.login);
+router.post('/refresh', validate(refreshSchema), controller.refresh);
+router.get('/profile', requireAuth, controller.profile);
+router.get('/', requireAuth${options.rbac ? ', authorize(\'admin\')' : ''}, controller.list);
+
+export default router;
+`;
+    files['src/routes/index.ts'] = `import { Router } from 'express';
+import userRoutes from './user.routes.js';
+
+const router = Router();
+
+router.use('/users', userRoutes);
+
+export default router;
+`;
+    // 11. Express App / Server
+    let appMiddlewaresImport = '';
+    let appMiddlewares = '';
+    if (options.rateLimiting) {
+        appMiddlewaresImport += `import { apiLimiter } from './middlewares/rateLimiter.js';\n`;
+        appMiddlewares += `app.use('/api', apiLimiter);\n`;
+    }
+    if (options.swagger) {
+        appMiddlewaresImport += `import swaggerUi from 'swagger-ui-express';\n`;
+        appMiddlewares += `
+// Basic Swagger specs
+const swaggerDocument = {
+  openapi: "3.0.0",
+  info: {
+    title: "${options.projectName} API",
+    version: "1.0.0",
+    description: "API Documentation"
+  },
+  servers: [{ url: "http://localhost:3000/api" }],
+  paths: {
+    "/users/register": {
+      post: {
+        summary: "Register a user",
+        requestBody: {
+          required: true,
+          content: {
+            "application/json": {
+              schema: {
+                type: "object",
+                properties: {
+                  email: { type: "string" },
+                  password: { type: "string" },
+                  name: { type: "string" }
+                },
+                required: ["email", "password"]
+              }
+            }
+          }
+        },
+        responses: { "201": { description: "User registered" } }
+      }
+    },
+    "/users/login": {
+      post: {
+        summary: "Login",
+        requestBody: {
+          required: true,
+          content: {
+            "application/json": {
+              schema: {
+                type: "object",
+                properties: {
+                  email: { type: "string" },
+                  password: { type: "string" }
+                },
+                required: ["email", "password"]
+              }
+            }
+          }
+        },
+        responses: { "200": { description: "Successful login" } }
+      }
+    }
+  }
+};
+app.use('/docs', swaggerUi.serve, swaggerUi.setup(swaggerDocument));
+`;
+    }
+    files['src/app.ts'] = `import express from 'express';
+import cors from 'cors';
+import helmet from 'helmet';
+import routes from './routes/index.js';
+import { errorHandler } from './middlewares/errorHandler.js';
+${appMiddlewaresImport}
+const app = express();
+
+app.use(helmet());
+app.use(cors());
+app.use(express.json());
+
+${appMiddlewares}
+app.use('/api', routes);
+
+app.use(errorHandler);
+
+export default app;
+`;
+    let dbConnectionCode = '';
+    if (options.orm === 'mongoose') {
+        dbConnectionCode = `import mongoose from 'mongoose';
+    
+async function connectDB() {
+  try {
+    await mongoose.connect(env.DATABASE_URL);
+    console.log('🔌 Connected to MongoDB database successfully.');
+  } catch (err) {
+    console.error('❌ Failed to connect to MongoDB:', err);
+    process.exit(1);
+  }
+}`;
+    }
+    else {
+        // Prisma
+        dbConnectionCode = `import { PrismaClient } from '@prisma/client';
+const prisma = new PrismaClient();
+
+async function connectDB() {
+  try {
+    await prisma.$connect();
+    console.log('🔌 Connected to Database successfully (Prisma).');
+  } catch (err) {
+    console.error('❌ Failed to connect to Database via Prisma:', err);
+    process.exit(1);
+  }
+}`;
+    }
+    files['src/server.ts'] = `import app from './app.js';
+import { env } from './config/env.js';
+${dbConnectionCode}
+
+const PORT = env.PORT || 3000;
+
+async function start() {
+  await connectDB();
+  app.listen(PORT, () => {
+    console.log(\`🚀 Server running in \${env.NODE_ENV} mode on port \${PORT}\`);
+    console.log(\`🔗 Healthcheck URL: http://localhost:\${PORT}/api/users/profile (needs auth)\`);
+    ${options.swagger ? `console.log(\`📄 Swagger Docs: http://localhost:\${PORT}/docs\`);` : ''}
+  });
+}
+
+start();
+`;
+    return files;
+}