create-ishvexa-app 1.0.0

package/templates/lms-app/backend-mongodb/package.json

@@ -0,0 +1,26 @@
+{
+  "name": "lms-backend-mongodb",
+  "version": "1.0.0",
+  "description": "Library Management System API — Express + MongoDB (EPMS-style layout)",
+  "main": "src/server.js",
+  "scripts": {
+    "dev": "nodemon src/server.js",
+    "start": "node src/server.js",
+    "seed": "node src/seed.js"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "MIT",
+  "dependencies": {
+    "bcryptjs": "^3.0.3",
+    "connect-mongo": "^6.0.0",
+    "cors": "^2.8.6",
+    "dotenv": "^17.4.2",
+    "express": "^5.2.1",
+    "express-session": "^1.19.0",
+    "mongoose": "^9.5.0"
+  },
+  "devDependencies": {
+    "nodemon": "^3.1.14"
+  }
+}

package/templates/lms-app/backend-mongodb/src/config/db.js

@@ -0,0 +1,10 @@
+const mongoose = require("mongoose");
+const { getEnv } = require("./env");
+
+async function connectDatabase() {
+  const { mongoUri } = getEnv();
+  await mongoose.connect(mongoUri);
+  console.log("Database Connected Successfully");
+}
+
+module.exports = connectDatabase;

package/templates/lms-app/backend-mongodb/src/config/env.js

@@ -0,0 +1,28 @@
+function parsePort(raw, fallback) {
+  const n = Number(String(raw || "").trim());
+  return Number.isFinite(n) && n > 0 ? n : fallback;
+}
+
+function getEnv() {
+  const mongoUri =
+    process.env.MONGO_URI?.trim() ||
+    process.env.MONGODB_URI?.trim() ||
+    process.env.DATABASE_URL?.trim() ||
+    "mongodb://127.0.0.1:27017/lms";
+
+  return {
+    port: parsePort(process.env.PORT || process.env.LMS_BACKEND_PORT, 5827),
+    mongoUri,
+    sessionSecret:
+      process.env.SESSION_SECRET?.trim() ||
+      process.env.LMS_SESSION_SECRET?.trim() ||
+      "lms-dev-session-secret-change-in-production",
+    frontendUrl:
+      process.env.FRONTEND_URL?.trim() ||
+      process.env.LMS_FRONTEND_URL?.trim() ||
+      "http://localhost:5828",
+    nodeEnv: process.env.NODE_ENV || "development",
+  };
+}
+
+module.exports = { getEnv };

package/templates/lms-app/backend-mongodb/src/controllers/authController.js

@@ -0,0 +1,86 @@
+const bcrypt = require("bcryptjs");
+const User = require("../models/User");
+
+const normalize = (value) => String(value || "").trim().toLowerCase();
+const normalizeEmail = (email) => String(email || "").trim().toLowerCase();
+
+const login = async (req, res) => {
+  try {
+    const username = normalize(req.body.username);
+    const password = String(req.body.password || "");
+    if (!username || !password) {
+      return res.status(400).json({ message: "Username and password are required" });
+    }
+
+    const user = await User.findOne({ username });
+    if (!user) {
+      return res.status(401).json({ message: "Invalid credentials" });
+    }
+
+    const ok = await bcrypt.compare(password, user.passwordHash);
+    if (!ok) {
+      return res.status(401).json({ message: "Invalid credentials" });
+    }
+
+    req.session.userId = String(user._id);
+    req.session.username = user.username;
+    req.session.role = user.role;
+    return res.json({
+      message: "Login successful",
+      username: user.username,
+      role: user.role,
+    });
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const forgotPassword = async (req, res) => {
+  try {
+    const { email, newPassword, confirmPassword } = req.body;
+    if (!email) {
+      return res.status(400).json({ success: false, message: "Email is required." });
+    }
+    if (!newPassword) {
+      return res.status(400).json({ success: false, message: "New password is required." });
+    }
+    if (!confirmPassword) {
+      return res.status(400).json({ success: false, message: "Confirm password is required." });
+    }
+    if (newPassword !== confirmPassword) {
+      return res.status(400).json({
+        success: false,
+        message: "New password and confirm password must match.",
+      });
+    }
+    const emailNorm = normalizeEmail(email);
+    const user = await User.findOne({ email: emailNorm });
+    if (!user) {
+      return res.status(404).json({ success: false, message: "User not found" });
+    }
+    user.passwordHash = await bcrypt.hash(newPassword, 10);
+    await user.save();
+    return res.json({ success: true, message: "Password reset successfully" });
+  } catch (error) {
+    return res.status(500).json({ success: false, message: error.message });
+  }
+};
+
+const me = (req, res) => {
+  if (!req.session.userId) {
+    return res.status(401).json({ message: "Unauthorized" });
+  }
+  return res.json({
+    username: req.session.username,
+    role: req.session.role,
+  });
+};
+
+const logout = (req, res) => {
+  req.session.destroy(() => {
+    res.clearCookie("connect.sid");
+    res.json({ message: "Logged out" });
+  });
+};
+
+module.exports = { login, forgotPassword, me, logout };

package/templates/lms-app/backend-mongodb/src/controllers/bookController.js

@@ -0,0 +1,101 @@
+const Book = require("../models/Book");
+
+const listBooks = async (req, res) => {
+  try {
+    const q = String(req.query.title || "").trim();
+    const filter = q ? { title: new RegExp(q.replace(/[.*+?^${}()|[\]\\]/g, "\\$&"), "i") } : {};
+    const books = await Book.find(filter).sort({ title: 1 });
+    return res.json(books);
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const getBook = async (req, res) => {
+  try {
+    const book = await Book.findById(req.params.id);
+    if (!book) return res.status(404).json({ message: "Book not found" });
+    return res.json(book);
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const createBook = async (req, res) => {
+  try {
+    const { title, author, category, quantity, publishedYear } = req.body;
+    if (!title || !author || !category || quantity === undefined || !publishedYear) {
+      return res.status(400).json({ message: "All fields are required" });
+    }
+    const qty = Number(quantity);
+    if (!Number.isFinite(qty) || qty < 0) {
+      return res.status(400).json({ message: "Quantity must be a non-negative number" });
+    }
+    const year = Number(publishedYear);
+    if (!Number.isFinite(year) || year < 1000 || year > 9999) {
+      return res.status(400).json({ message: "Invalid published year" });
+    }
+    const book = await Book.create({
+      title: String(title).trim(),
+      author: String(author).trim(),
+      category: String(category).trim(),
+      quantity: qty,
+      publishedYear: year,
+    });
+    return res.status(201).json(book);
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const updateBook = async (req, res) => {
+  try {
+    const { title, author, category, quantity, publishedYear } = req.body;
+    const book = await Book.findById(req.params.id);
+    if (!book) return res.status(404).json({ message: "Book not found" });
+    if (title !== undefined) book.title = String(title).trim();
+    if (author !== undefined) book.author = String(author).trim();
+    if (category !== undefined) book.category = String(category).trim();
+    if (quantity !== undefined) {
+      const qty = Number(quantity);
+      if (!Number.isFinite(qty) || qty < 0) {
+        return res.status(400).json({ message: "Invalid quantity" });
+      }
+      book.quantity = qty;
+    }
+    if (publishedYear !== undefined) {
+      const year = Number(publishedYear);
+      if (!Number.isFinite(year) || year < 1000 || year > 9999) {
+        return res.status(400).json({ message: "Invalid published year" });
+      }
+      book.publishedYear = year;
+    }
+    await book.save();
+    return res.json(book);
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const deleteBook = async (req, res) => {
+  try {
+    const Borrow = require("../models/Borrow");
+    const active = await Borrow.exists({ book: req.params.id, returnedAt: null });
+    if (active) {
+      return res.status(409).json({ message: "Book has active borrows" });
+    }
+    const book = await Book.findByIdAndDelete(req.params.id);
+    if (!book) return res.status(404).json({ message: "Book not found" });
+    return res.json({ message: "Deleted" });
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+module.exports = {
+  listBooks,
+  getBook,
+  createBook,
+  updateBook,
+  deleteBook,
+};

package/templates/lms-app/backend-mongodb/src/controllers/borrowController.js

@@ -0,0 +1,106 @@
+const Borrow = require("../models/Borrow");
+const Book = require("../models/Book");
+const Student = require("../models/Student");
+
+const startOfDay = (d) => {
+  const x = new Date(d);
+  x.setHours(0, 0, 0, 0);
+  return x;
+};
+
+const listBorrows = async (req, res) => {
+  try {
+    const status = String(req.query.status || "all").toLowerCase();
+    const dateFrom = req.query.dateFrom ? startOfDay(req.query.dateFrom) : null;
+    const dateTo = req.query.dateTo ? startOfDay(req.query.dateTo) : null;
+    if (dateTo) dateTo.setHours(23, 59, 59, 999);
+
+    const filter = {};
+    if (status === "active") filter.returnedAt = null;
+    else if (status === "returned") filter.returnedAt = { $ne: null };
+
+    if (dateFrom || dateTo) {
+      filter.borrowDate = {};
+      if (dateFrom) filter.borrowDate.$gte = dateFrom;
+      if (dateTo) filter.borrowDate.$lte = dateTo;
+    }
+
+    const rows = await Borrow.find(filter)
+      .populate("student", "fullName className email phone")
+      .populate("book", "title author category quantity publishedYear")
+      .sort({ borrowDate: -1 });
+    return res.json(rows);
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const createBorrow = async (req, res) => {
+  try {
+    const { studentId, bookId, borrowDate, returnDueDate } = req.body;
+    if (!studentId || !bookId || !borrowDate || !returnDueDate) {
+      return res.status(400).json({ message: "Student, book, borrow date and return date are required" });
+    }
+    const bd = new Date(borrowDate);
+    const rd = new Date(returnDueDate);
+    if (Number.isNaN(bd.getTime()) || Number.isNaN(rd.getTime())) {
+      return res.status(400).json({ message: "Invalid dates" });
+    }
+    if (rd < bd) {
+      return res.status(400).json({ message: "Return date must be on or after borrow date" });
+    }
+
+    const student = await Student.findById(studentId);
+    if (!student) return res.status(404).json({ message: "Student not found" });
+
+    const book = await Book.findById(bookId);
+    if (!book) return res.status(404).json({ message: "Book not found" });
+    if (book.quantity < 1) {
+      return res.status(409).json({ message: "No copies available to borrow" });
+    }
+
+    book.quantity -= 1;
+    await book.save();
+
+    const borrow = await Borrow.create({
+      student: studentId,
+      book: bookId,
+      borrowDate: bd,
+      returnDueDate: rd,
+      returnedAt: null,
+    });
+    const populated = await Borrow.findById(borrow._id)
+      .populate("student", "fullName className email phone")
+      .populate("book", "title author category quantity publishedYear");
+    return res.status(201).json(populated);
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const returnBorrow = async (req, res) => {
+  try {
+    const borrow = await Borrow.findById(req.params.id);
+    if (!borrow) return res.status(404).json({ message: "Borrow record not found" });
+    if (borrow.returnedAt) {
+      return res.status(409).json({ message: "Already returned" });
+    }
+
+    const book = await Book.findById(borrow.book);
+    if (!book) return res.status(500).json({ message: "Book missing" });
+
+    borrow.returnedAt = new Date();
+    await borrow.save();
+    book.quantity += 1;
+    await book.save();
+
+    const populated = await Borrow.findById(borrow._id)
+      .populate("student", "fullName className email phone")
+      .populate("book", "title author category quantity publishedYear");
+    return res.json(populated);
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+module.exports = { listBorrows, createBorrow, returnBorrow };

package/templates/lms-app/backend-mongodb/src/controllers/dashboardController.js

@@ -0,0 +1,40 @@
+const Book = require("../models/Book");
+const Student = require("../models/Student");
+const Borrow = require("../models/Borrow");
+
+const stats = async (_req, res) => {
+  try {
+    const totalBooks = await Book.countDocuments();
+    const totalStudents = await Student.countDocuments();
+    const totalCopies = await Book.aggregate([{ $group: { _id: null, sum: { $sum: "$quantity" } } }]);
+    const copiesInLibrary = totalCopies[0]?.sum ?? 0;
+
+    const borrowedActive = await Borrow.countDocuments({ returnedAt: null });
+    const returnedCount = await Borrow.countDocuments({ returnedAt: { $ne: null } });
+
+    const now = new Date();
+    const lateReturned = await Borrow.countDocuments({
+      returnedAt: { $ne: null },
+      $expr: { $gt: ["$returnedAt", "$returnDueDate"] },
+    });
+
+    const overdueActive = await Borrow.countDocuments({
+      returnedAt: null,
+      returnDueDate: { $lt: now },
+    });
+
+    return res.json({
+      totalBookTitles: totalBooks,
+      totalCopiesInLibrary: copiesInLibrary,
+      totalStudents,
+      borrowedActive,
+      returnedCount,
+      lateReturned,
+      overdueActive,
+    });
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+module.exports = { stats };

package/templates/lms-app/backend-mongodb/src/controllers/reportController.js

@@ -0,0 +1,47 @@
+const Student = require("../models/Student");
+const Book = require("../models/Book");
+const Borrow = require("../models/Borrow");
+
+const allStudents = async (_req, res) => {
+  try {
+    const rows = await Student.find().sort({ fullName: 1 });
+    return res.json({ generatedAt: new Date().toISOString(), rows });
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const allBooks = async (_req, res) => {
+  try {
+    const rows = await Book.find().sort({ title: 1 });
+    return res.json({ generatedAt: new Date().toISOString(), rows });
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const borrowedReport = async (_req, res) => {
+  try {
+    const rows = await Borrow.find({ returnedAt: null })
+      .populate("student", "fullName className email phone gender")
+      .populate("book", "title author category publishedYear")
+      .sort({ borrowDate: -1 });
+    return res.json({ generatedAt: new Date().toISOString(), rows });
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const returnedReport = async (_req, res) => {
+  try {
+    const rows = await Borrow.find({ returnedAt: { $ne: null } })
+      .populate("student", "fullName className email phone gender")
+      .populate("book", "title author category publishedYear")
+      .sort({ returnedAt: -1 });
+    return res.json({ generatedAt: new Date().toISOString(), rows });
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+module.exports = { allStudents, allBooks, borrowedReport, returnedReport };

package/templates/lms-app/backend-mongodb/src/controllers/studentController.js

@@ -0,0 +1,92 @@
+const Student = require("../models/Student");
+
+const listStudents = async (req, res) => {
+  try {
+    const q = String(req.query.name || "").trim();
+    const filter = q ? { fullName: new RegExp(q.replace(/[.*+?^${}()|[\]\\]/g, "\\$&"), "i") } : {};
+    const students = await Student.find(filter).sort({ fullName: 1 });
+    return res.json(students);
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const getStudent = async (req, res) => {
+  try {
+    const student = await Student.findById(req.params.id);
+    if (!student) return res.status(404).json({ message: "Student not found" });
+    return res.json(student);
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const createStudent = async (req, res) => {
+  try {
+    const { fullName, gender, className, phone, email } = req.body;
+    if (!fullName || !gender || !className || !phone || !email) {
+      return res.status(400).json({ message: "All fields are required" });
+    }
+    if (!["Male", "Female", "Other"].includes(gender)) {
+      return res.status(400).json({ message: "Invalid gender" });
+    }
+    const student = await Student.create({
+      fullName: String(fullName).trim(),
+      gender,
+      className: String(className).trim(),
+      phone: String(phone).trim(),
+      email: String(email).trim().toLowerCase(),
+    });
+    return res.status(201).json(student);
+  } catch (error) {
+    if (error.code === 11000) {
+      return res.status(409).json({ message: "Duplicate email" });
+    }
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const updateStudent = async (req, res) => {
+  try {
+    const { fullName, gender, className, phone, email } = req.body;
+    const student = await Student.findById(req.params.id);
+    if (!student) return res.status(404).json({ message: "Student not found" });
+    if (fullName !== undefined) student.fullName = String(fullName).trim();
+    if (gender !== undefined) {
+      if (!["Male", "Female", "Other"].includes(gender)) {
+        return res.status(400).json({ message: "Invalid gender" });
+      }
+      student.gender = gender;
+    }
+    if (className !== undefined) student.className = String(className).trim();
+    if (phone !== undefined) student.phone = String(phone).trim();
+    if (email !== undefined) student.email = String(email).trim().toLowerCase();
+    await student.save();
+    return res.json(student);
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+const deleteStudent = async (req, res) => {
+  try {
+    const Borrow = require("../models/Borrow");
+    const active = await Borrow.exists({ student: req.params.id, returnedAt: null });
+    if (active) {
+      return res.status(409).json({ message: "Student has active borrows; return books first" });
+    }
+    const student = await Student.findByIdAndDelete(req.params.id);
+    if (!student) return res.status(404).json({ message: "Student not found" });
+    return res.json({ message: "Deleted" });
+  } catch (error) {
+    return res.status(500).json({ message: error.message });
+  }
+};
+
+module.exports = {
+  listStudents,
+  getStudent,
+  createStudent,
+  updateStudent,
+  deleteStudent,
+};

package/templates/lms-app/backend-mongodb/src/ensureSeedData.js

@@ -0,0 +1,72 @@
+const bcrypt = require("bcryptjs");
+const User = require("./models/User");
+const Student = require("./models/Student");
+const Book = require("./models/Book");
+
+async function ensureSeedData() {
+  let log = [];
+
+  const userPairs = [
+    { username: "admin", email: "admin@exam.local", password: "admin123", role: "admin" },
+    { username: "librarian", email: "librarian@exam.local", password: "librarian123", role: "librarian" },
+  ];
+  let usersCreated = 0;
+  for (const { username, email, password, role } of userPairs) {
+    const exists = await User.findOne({ username });
+    if (exists) continue;
+    await User.create({
+      username,
+      email,
+      passwordHash: await bcrypt.hash(password, 10),
+      role,
+    });
+    usersCreated += 1;
+  }
+  if (usersCreated) log.push(`${usersCreated} user(s)`);
+
+  if ((await Student.countDocuments()) === 0) {
+    await Student.create([
+      {
+        fullName: "Marie Uwase",
+        gender: "Female",
+        className: "Senior 3",
+        phone: "+250788100001",
+        email: "marie.demo@school.test",
+      },
+      {
+        fullName: "David Nkurunziza",
+        gender: "Male",
+        className: "Senior 2",
+        phone: "+250788100002",
+        email: "david.demo@school.test",
+      },
+    ]);
+    log.push("2 students");
+  }
+
+  if ((await Book.countDocuments()) === 0) {
+    await Book.create([
+      {
+        title: "Computer Science Basics",
+        author: "Teaching Team",
+        category: "Textbook",
+        quantity: 5,
+        publishedYear: 2021,
+      },
+      {
+        title: "Stories for Young Readers",
+        author: "A. Mukamana",
+        category: "Literature",
+        quantity: 8,
+        publishedYear: 2019,
+      },
+    ]);
+    log.push("2 books");
+  }
+
+  if (log.length) {
+    console.log(`LMS seed: created ${log.join(", ")}.`);
+  }
+}
+
+module.exports = ensureSeedData;

package/templates/lms-app/backend-mongodb/src/middleware/auth.js

@@ -0,0 +1,29 @@
+const requireAuth = (req, res, next) => {
+  if (!req.session.userId) {
+    return res.status(401).json({ message: "Unauthorized" });
+  }
+  return next();
+};
+
+const requireAdmin = (req, res, next) => {
+  if (!req.session.userId) {
+    return res.status(401).json({ message: "Unauthorized" });
+  }
+  if (req.session.role !== "admin") {
+    return res.status(403).json({ message: "Admin only" });
+  }
+  return next();
+};
+
+
+const requireLibrarian = (req, res, next) => {
+  if (!req.session.userId) {
+    return res.status(401).json({ message: "Unauthorized" });
+  }
+  if (req.session.role !== "librarian" && req.session.role !== "admin") {
+    return res.status(403).json({ message: "Librarian or admin required" });
+  }
+  return next();
+};
+
+module.exports = { requireAuth, requireAdmin, requireLibrarian };

package/templates/lms-app/backend-mongodb/src/models/Book.js

@@ -0,0 +1,14 @@
+const mongoose = require("mongoose");
+
+const bookSchema = new mongoose.Schema(
+  {
+    title: { type: String, required: true, trim: true },
+    author: { type: String, required: true, trim: true },
+    category: { type: String, required: true, trim: true },
+    quantity: { type: Number, required: true, min: 0, default: 0 },
+    publishedYear: { type: Number, required: true, min: 1000, max: 9999 },
+  },
+  { timestamps: true }
+);
+
+module.exports = mongoose.model("Book", bookSchema);

package/templates/lms-app/backend-mongodb/src/models/Borrow.js

@@ -0,0 +1,16 @@
+const mongoose = require("mongoose");
+
+const borrowSchema = new mongoose.Schema(
+  {
+    student: { type: mongoose.Schema.Types.ObjectId, ref: "Student", required: true },
+    book: { type: mongoose.Schema.Types.ObjectId, ref: "Book", required: true },
+    borrowDate: { type: Date, required: true },
+    returnDueDate: { type: Date, required: true },
+    returnedAt: { type: Date, default: null },
+  },
+  { timestamps: true }
+);
+
+borrowSchema.index({ student: 1, book: 1, returnedAt: 1 });
+
+module.exports = mongoose.model("Borrow", borrowSchema);