create-forgeon 0.2.2 → 0.2.4

package/templates/base/scripts/forgeon-sync-integrations.mjs

@@ -1,176 +1,6 @@
 #!/usr/bin/env node
 import fs from 'node:fs';
 import path from 'node:path';
-import { fileURLToPath } from 'node:url';
-import { Project, QuoteKind } from 'ts-morph';
-
-function hasAnyImport(sourceFile, moduleSpecifier) {
-  return sourceFile.getImportDeclarations().some((item) => item.getModuleSpecifierValue() === moduleSpecifier);
-}
-
-function ensureNamedImports(sourceFile, moduleSpecifier, names) {
-  const declaration = sourceFile
-    .getImportDeclarations()
-    .find((item) => item.getModuleSpecifierValue() === moduleSpecifier);
-
-  if (!declaration) {
-    sourceFile.addImportDeclaration({
-      moduleSpecifier,
-      namedImports: [...names].sort(),
-    });
-    return;
-  }
-
-  const existing = new Set(declaration.getNamedImports().map((item) => item.getName()));
-  for (const name of names) {
-    if (!existing.has(name)) {
-      declaration.addNamedImport(name);
-    }
-  }
-}
-
-function hasDecorator(node, decoratorName) {
-  return node.getDecorators().some((item) => item.getName() === decoratorName);
-}
-
-function addDecoratorIfMissing(node, decoratorName, args = []) {
-  if (hasDecorator(node, decoratorName)) {
-    return false;
-  }
-  node.addDecorator({
-    name: decoratorName,
-    arguments: args,
-  });
-  return true;
-}
-
-function syncJwtSwagger({ rootDir, changedFiles }) {
-  const controllerPath = path.join(
-    rootDir,
-    'packages',
-    'auth-api',
-    'src',
-    'auth.controller.ts',
-  );
-  const loginDtoPath = path.join(rootDir, 'packages', 'auth-api', 'src', 'dto', 'login.dto.ts');
-  const refreshDtoPath = path.join(rootDir, 'packages', 'auth-api', 'src', 'dto', 'refresh.dto.ts');
-  const authApiPackagePath = path.join(rootDir, 'packages', 'auth-api', 'package.json');
-
-  if (
-    !fs.existsSync(controllerPath) ||
-    !fs.existsSync(loginDtoPath) ||
-    !fs.existsSync(refreshDtoPath) ||
-    !fs.existsSync(authApiPackagePath)
-  ) {
-    return { applied: false, reason: 'jwt-auth source files are missing' };
-  }
-
-  const project = new Project({
-    manipulationSettings: { quoteKind: QuoteKind.Single },
-    skipAddingFilesFromTsConfig: true,
-  });
-
-  const controller = project.addSourceFileAtPath(controllerPath);
-  const loginDto = project.addSourceFileAtPath(loginDtoPath);
-  const refreshDto = project.addSourceFileAtPath(refreshDtoPath);
-
-  const controllerDecorators = [
-    'ApiBearerAuth',
-    'ApiBody',
-    'ApiOkResponse',
-    'ApiOperation',
-    'ApiTags',
-    'ApiUnauthorizedResponse',
-  ];
-  const dtoDecorators = ['ApiProperty'];
-
-  ensureNamedImports(controller, '@nestjs/swagger', controllerDecorators);
-  ensureNamedImports(loginDto, '@nestjs/swagger', dtoDecorators);
-  ensureNamedImports(refreshDto, '@nestjs/swagger', dtoDecorators);
-
-  const authController = controller.getClass('AuthController');
-  if (!authController) {
-    return { applied: false, reason: 'AuthController not found' };
-  }
-
-  addDecoratorIfMissing(authController, 'ApiTags', ["'auth'"]);
-
-  const loginMethod = authController.getMethod('login');
-  const refreshMethod = authController.getMethod('refresh');
-  const logoutMethod = authController.getMethod('logout');
-  const meMethod = authController.getMethod('me');
-
-  if (loginMethod) {
-    addDecoratorIfMissing(loginMethod, 'ApiOperation', ["{ summary: 'Authenticate demo user' }"]);
-    addDecoratorIfMissing(loginMethod, 'ApiBody', ['{ type: LoginDto }']);
-    addDecoratorIfMissing(loginMethod, 'ApiOkResponse', ["{ description: 'JWT token pair' }"]);
-    addDecoratorIfMissing(loginMethod, 'ApiUnauthorizedResponse', ["{ description: 'Invalid credentials' }"]);
-  }
-
-  if (refreshMethod) {
-    addDecoratorIfMissing(refreshMethod, 'ApiOperation', ["{ summary: 'Refresh access token' }"]);
-    addDecoratorIfMissing(refreshMethod, 'ApiBody', ['{ type: RefreshDto }']);
-    addDecoratorIfMissing(refreshMethod, 'ApiOkResponse', ["{ description: 'New JWT token pair' }"]);
-    addDecoratorIfMissing(refreshMethod, 'ApiUnauthorizedResponse', [
-      "{ description: 'Refresh token is invalid or expired' }",
-    ]);
-  }
-
-  if (logoutMethod) {
-    addDecoratorIfMissing(logoutMethod, 'ApiBearerAuth');
-    addDecoratorIfMissing(logoutMethod, 'ApiOperation', ["{ summary: 'Logout and clear refresh token state' }"]);
-    addDecoratorIfMissing(logoutMethod, 'ApiOkResponse', ["{ description: 'Logout accepted' }"]);
-  }
-
-  if (meMethod) {
-    addDecoratorIfMissing(meMethod, 'ApiBearerAuth');
-    addDecoratorIfMissing(meMethod, 'ApiOperation', ["{ summary: 'Get current authenticated user' }"]);
-    addDecoratorIfMissing(meMethod, 'ApiOkResponse', ["{ description: 'Current user payload' }"]);
-  }
-
-  const loginDtoClass = loginDto.getClass('LoginDto');
-  if (loginDtoClass) {
-    const emailProp = loginDtoClass.getProperty('email');
-    const passwordProp = loginDtoClass.getProperty('password');
-    if (emailProp) {
-      addDecoratorIfMissing(emailProp, 'ApiProperty', [
-        "{ example: 'demo@forgeon.local', description: 'Demo account email' }",
-      ]);
-    }
-    if (passwordProp) {
-      addDecoratorIfMissing(passwordProp, 'ApiProperty', [
-        "{ example: 'forgeon-demo-password', description: 'Demo account password' }",
-      ]);
-    }
-  }
-
-  const refreshDtoClass = refreshDto.getClass('RefreshDto');
-  if (refreshDtoClass) {
-    const tokenProp = refreshDtoClass.getProperty('refreshToken');
-    if (tokenProp) {
-      addDecoratorIfMissing(tokenProp, 'ApiProperty', [
-        "{ example: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...', description: 'Refresh token' }",
-      ]);
-    }
-  }
-
-  project.saveSync();
-  changedFiles.add(controllerPath);
-  changedFiles.add(loginDtoPath);
-  changedFiles.add(refreshDtoPath);
-
-  const authApiPackage = JSON.parse(fs.readFileSync(authApiPackagePath, 'utf8'));
-  if (!authApiPackage.dependencies) {
-    authApiPackage.dependencies = {};
-  }
-  if (!authApiPackage.dependencies['@nestjs/swagger']) {
-    authApiPackage.dependencies['@nestjs/swagger'] = '^11.2.0';
-    fs.writeFileSync(authApiPackagePath, `${JSON.stringify(authApiPackage, null, 2)}\n`, 'utf8');
-    changedFiles.add(authApiPackagePath);
-  }
-
-  return { applied: true };
-}
 
 const PRISMA_AUTH_STORE_CONTENT = `import {
   AuthRefreshTokenStore,
@@ -215,6 +45,32 @@ ALTER TABLE "User"
 ADD COLUMN "refreshTokenHash" TEXT;
 `;
 
+function detectModules(rootDir) {
+  const appModulePath = path.join(rootDir, 'apps', 'api', 'src', 'app.module.ts');
+  const appModuleText = fs.existsSync(appModulePath) ? fs.readFileSync(appModulePath, 'utf8') : '';
+
+  return {
+    jwtAuth:
+      fs.existsSync(path.join(rootDir, 'packages', 'auth-api', 'package.json')) ||
+      appModuleText.includes("from '@forgeon/auth-api'"),
+    dbPrisma:
+      fs.existsSync(path.join(rootDir, 'packages', 'db-prisma', 'package.json')) ||
+      appModuleText.includes("from '@forgeon/db-prisma'"),
+  };
+}
+
+function ensureLineAfter(content, anchorLine, lineToInsert) {
+  if (content.includes(lineToInsert)) {
+    return content;
+  }
+  const index = content.indexOf(anchorLine);
+  if (index < 0) {
+    return `${content.trimEnd()}\n${lineToInsert}\n`;
+  }
+  const insertAt = index + anchorLine.length;
+  return `${content.slice(0, insertAt)}\n${lineToInsert}${content.slice(insertAt)}`;
+}
+
 function syncJwtDbPrisma({ rootDir, changedFiles }) {
   const appModulePath = path.join(rootDir, 'apps', 'api', 'src', 'app.module.ts');
   const schemaPath = path.join(rootDir, 'apps', 'api', 'prisma', 'schema.prisma');
@@ -246,48 +102,33 @@ function syncJwtDbPrisma({ rootDir, changedFiles }) {
   let appModule = fs.readFileSync(appModulePath, 'utf8').replace(/\r\n/g, '\n');
   const originalAppModule = appModule;
 
-  if (appModule.includes("import { AUTH_REFRESH_TOKEN_STORE,")) {
-    // already includes token symbol
-  } else {
+  if (!appModule.includes("AUTH_REFRESH_TOKEN_STORE, authConfig")) {
     appModule = appModule.replace(
-      /import\s*\{([^}]*)\}\s*from '@forgeon\/auth-api';/m,
-      (full, namesRaw) => {
-        const names = namesRaw
-          .split(',')
-          .map((item) => item.trim())
-          .filter(Boolean);
-        if (!names.includes('AUTH_REFRESH_TOKEN_STORE')) {
-          names.unshift('AUTH_REFRESH_TOKEN_STORE');
-        }
-        return `import { ${names.join(', ')} } from '@forgeon/auth-api';`;
-      },
+      /import\s*\{\s*authConfig,\s*authEnvSchema,\s*ForgeonAuthModule\s*\}\s*from '@forgeon\/auth-api';/m,
+      "import { AUTH_REFRESH_TOKEN_STORE, authConfig, authEnvSchema, ForgeonAuthModule } from '@forgeon/auth-api';",
     );
   }
 
   const storeImportLine = "import { PrismaAuthRefreshTokenStore } from './auth/prisma-auth-refresh-token.store';";
   if (!appModule.includes(storeImportLine)) {
-    const controllerImport = "import { HealthController } from './health/health.controller';";
-    if (appModule.includes(controllerImport)) {
-      appModule = appModule.replace(controllerImport, `${storeImportLine}\n${controllerImport}`);
-    } else {
-      appModule = `${appModule.trimEnd()}\n${storeImportLine}\n`;
-    }
+    appModule = ensureLineAfter(
+      appModule,
+      "import { HealthController } from './health/health.controller';",
+      storeImportLine,
+    );
   }
 
-  const authRegisterWithPrisma = `ForgeonAuthModule.register({
+  if (!appModule.includes('refreshTokenStoreProvider')) {
+    appModule = appModule.replace(
+      /ForgeonAuthModule\.register\(\),/m,
+      `ForgeonAuthModule.register({
       imports: [DbPrismaModule],
       refreshTokenStoreProvider: {
         provide: AUTH_REFRESH_TOKEN_STORE,
         useClass: PrismaAuthRefreshTokenStore,
       },
-    }),`;
-
-  if (!appModule.includes('refreshTokenStoreProvider')) {
-    if (/ForgeonAuthModule\.register\(\s*\),/.test(appModule)) {
-      appModule = appModule.replace(/ForgeonAuthModule\.register\(\s*\),/, authRegisterWithPrisma);
-    } else if (/ForgeonAuthModule\.register\(\{[\s\S]*?\}\),/m.test(appModule)) {
-      appModule = appModule.replace(/ForgeonAuthModule\.register\(\{[\s\S]*?\}\),/m, authRegisterWithPrisma);
-    }
+    }),`,
+    );
   }
 
   if (appModule !== originalAppModule) {
@@ -299,10 +140,7 @@ function syncJwtDbPrisma({ rootDir, changedFiles }) {
   let schema = fs.readFileSync(schemaPath, 'utf8').replace(/\r\n/g, '\n');
   const originalSchema = schema;
   if (!schema.includes('refreshTokenHash')) {
-    schema = schema.replace(
-      /email\s+String\s+@unique/g,
-      'email            String   @unique\n  refreshTokenHash String?',
-    );
+    schema = schema.replace(/email\s+String\s+@unique/g, 'email            String   @unique\n  refreshTokenHash String?');
   }
   if (schema !== originalSchema) {
     fs.writeFileSync(schemaPath, `${schema.trimEnd()}\n`, 'utf8');
@@ -321,11 +159,11 @@ function syncJwtDbPrisma({ rootDir, changedFiles }) {
     let readme = fs.readFileSync(readmePath, 'utf8').replace(/\r\n/g, '\n');
     const originalReadme = readme;
     readme = readme.replace(
-      '- refresh token persistence: disabled (no supported DB adapter found)',
+      '- refresh token persistence: disabled by default (stateless mode)',
       '- refresh token persistence: enabled (`db-prisma` adapter)',
     );
     readme = readme.replace(
-      /- to enable persistence later:[\s\S]*?2\. run `create-forgeon add jwt-auth --project \.` again to auto-wire the adapter\./m,
+      /- to enable persistence later:[\s\S]*?2\. run `pnpm forgeon:sync-integrations` to auto-wire pair integrations\./m,
       '- migration: `apps/api/prisma/migrations/0002_auth_refresh_token_hash`',
     );
     if (readme !== originalReadme) {
@@ -341,41 +179,12 @@ function syncJwtDbPrisma({ rootDir, changedFiles }) {
   return { applied: true };
 }
 
-function detectModules(rootDir) {
-  const appModulePath = path.join(rootDir, 'apps', 'api', 'src', 'app.module.ts');
-  const appModuleText = fs.existsSync(appModulePath) ? fs.readFileSync(appModulePath, 'utf8') : '';
-
-  return {
-    swagger:
-      fs.existsSync(path.join(rootDir, 'packages', 'swagger', 'package.json')) ||
-      appModuleText.includes("from '@forgeon/swagger'"),
-    jwtAuth:
-      fs.existsSync(path.join(rootDir, 'packages', 'auth-api', 'package.json')) ||
-      appModuleText.includes("from '@forgeon/auth-api'"),
-    dbPrisma:
-      fs.existsSync(path.join(rootDir, 'packages', 'db-prisma', 'package.json')) ||
-      appModuleText.includes("from '@forgeon/db-prisma'"),
-  };
-}
-
 function run() {
   const rootDir = process.cwd();
   const changedFiles = new Set();
   const detected = detectModules(rootDir);
   const summary = [];
 
-  if (detected.swagger && detected.jwtAuth) {
-    summary.push({
-      feature: 'jwt-auth + swagger',
-      result: syncJwtSwagger({ rootDir, changedFiles }),
-    });
-  } else {
-    summary.push({
-      feature: 'jwt-auth + swagger',
-      result: { applied: false, reason: 'required modules are not both installed' },
-    });
-  }
-
   if (detected.jwtAuth && detected.dbPrisma) {
     summary.push({
       feature: 'jwt-auth + db-prisma',
@@ -406,10 +215,4 @@ function run() {
   }
 }
 
-const isMain =
-  process.argv[1] &&
-  path.resolve(process.argv[1]) === fileURLToPath(import.meta.url);
-
-if (isMain) {
-  run();
-}
+run();