npm - create-ishvexa-app - Versions diffs - 1.0.0 - Mend

create-ishvexa-app 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (484) hide show

package/templates/sfms-app/backend-mysql/package.json ADDED Viewed

@@ -0,0 +1,24 @@
+{
+  "name": "sfms-backend-mysql",
+  "version": "1.0.0",
+  "description": "SFMS API — Express + MySQL",
+  "type": "module",
+  "main": "src/server.js",
+  "scripts": {
+    "start": "node src/server.js",
+    "dev": "nodemon src/server.js",
+    "db:init": "bash -c 'set -a && source .env && set +a && if [ -n \"$DB_PASSWORD\" ]; then mysql -h \"$DB_HOST\" -P \"$DB_PORT\" -u \"$DB_USER\" -p\"$DB_PASSWORD\" < database/schema.sql; else mysql -h \"$DB_HOST\" -P \"$DB_PORT\" -u \"$DB_USER\" < database/schema.sql; fi'"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "dependencies": {
+    "bcryptjs": "^2.4.3",
+    "cors": "^2.8.5",
+    "dotenv": "^16.4.5",
+    "express": "^4.21.0",
+    "jsonwebtoken": "^9.0.2",
+    "mysql2": "^3.14.1",
+    "nodemon": "^3.1.14"
+  }
+}

package/templates/sfms-app/backend-mysql/src/config/.gitkeep ADDED Viewed

File without changes

package/templates/sfms-app/backend-mysql/src/config/db.js ADDED Viewed

@@ -0,0 +1,31 @@
+import mysql from 'mysql2/promise';
+import 'dotenv/config';
+const pool = mysql.createPool({
+  host: process.env.DB_HOST || 'localhost',
+  user: process.env.DB_USER || 'student',
+  password: process.env.DB_PASSWORD || '',
+  database: process.env.DB_NAME || 'SFMS',
+  port: Number(process.env.DB_PORT || 3306),
+  waitForConnections: true,
+  connectionLimit: 10,
+});
+export const query = async (sql, params = []) => {
+  const [rows] = await pool.execute(sql, params);
+  return rows;
+};
+export async function connectDatabase() {
+  try {
+    await query('SELECT 1');
+    console.log('Database Connected Successfully');
+    return true;
+  } catch (error) {
+    console.log('Database Connection Failed');
+    console.error(error.message);
+    return false;
+  }
+}
+export default pool;

package/templates/sfms-app/backend-mysql/src/config/env.js ADDED Viewed

@@ -0,0 +1,20 @@
+const DEFAULT_BACKEND_PORT = 5000;
+function parsePort(raw, fallback) {
+  const n = Number(raw);
+  return Number.isFinite(n) && n > 0 ? n : fallback;
+}
+export const env = {
+  port: parsePort(process.env.PORT || process.env.SFMS_BACKEND_PORT, DEFAULT_BACKEND_PORT),
+  jwtSecret: process.env.JWT_SECRET?.trim() || process.env.JWT_INGUFU?.trim() || '',
+  nodeEnv: process.env.NODE_ENV || 'development',
+};
+export function requireJwtSecret() {
+  if (!env.jwtSecret) {
+    console.error('Missing JWT_SECRET in .env');
+    process.exit(1);
+  }
+  return env.jwtSecret;
+}

package/templates/sfms-app/backend-mysql/src/middleware/.gitkeep ADDED Viewed

File without changes

package/templates/sfms-app/backend-mysql/src/middleware/authMiddleware.js ADDED Viewed

@@ -0,0 +1,26 @@
+import jwt from 'jsonwebtoken';
+import { env } from '../config/env.js';
+import { query } from '../config/db.js';
+export async function protect(req, res, next) {
+  const header = req.headers.authorization;
+  const token = header?.startsWith('Bearer ') ? header.slice(7) : null;
+  if (!token) {
+    return res.status(401).json({ message: 'No token provided' });
+  }
+  try {
+    if (!env.jwtSecret) throw new Error('JWT_SECRET missing');
+    const payload = jwt.verify(token, env.jwtSecret);
+    const rows = await query('SELECT id, role FROM users WHERE id = ?', [payload.id]);
+    if (!rows.length) {
+      return res.status(401).json({ message: 'User not found' });
+    }
+    req.user = { id: String(rows[0].id), role: rows[0].role };
+    next();
+  } catch {
+    return res.status(401).json({ message: 'Invalid or expired token' });
+  }
+}

package/templates/sfms-app/backend-mysql/src/models/.gitkeep ADDED Viewed

File without changes

package/templates/sfms-app/backend-mysql/src/routes/.gitkeep ADDED Viewed

File without changes

package/templates/sfms-app/backend-mysql/src/routes/authRoutes.js ADDED Viewed

@@ -0,0 +1,131 @@
+import { Router } from 'express';
+import bcrypt from 'bcryptjs';
+import jwt from 'jsonwebtoken';
+import { env } from '../config/env.js';
+import { query } from '../config/db.js';
+const router = Router();
+const normalizeEmail = (email) => String(email || '').trim().toLowerCase();
+function signToken(user) {
+  if (!env.jwtSecret) throw new Error('JWT_SECRET');
+  return jwt.sign({ id: String(user.id), role: user.role }, env.jwtSecret, { expiresIn: '7d' });
+}
+function toUserApi(user) {
+  return {
+    id: String(user.id),
+    username: user.username,
+    name: user.name,
+    email: user.email,
+    role: user.role,
+    created_at: user.created_at,
+  };
+}
+router.post('/register', async (req, res) => {
+  try {
+    const { username, email, password, role } = req.body;
+    if (!username || !email || !password) {
+      return res.status(400).json({ message: 'Username, email and password are required' });
+    }
+    if (String(password).length < 6) {
+      return res.status(400).json({ message: 'Password must be at least 6 characters' });
+    }
+    const usernameNorm = String(username).trim();
+    const emailNorm = normalizeEmail(email);
+    if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(emailNorm)) {
+      return res.status(400).json({ message: 'Enter a valid email address.' });
+    }
+    const existingUser = await query('SELECT id FROM users WHERE username = ?', [usernameNorm]);
+    if (existingUser.length) {
+      return res.status(409).json({ message: 'Username already exists' });
+    }
+    const exists = await query('SELECT id FROM users WHERE email = ?', [emailNorm]);
+    if (exists.length) {
+      return res.status(409).json({ message: 'Email already registered' });
+    }
+    const hash = await bcrypt.hash(String(password), 12);
+    const result = await query(
+      'INSERT INTO users (username, name, email, password, role) VALUES (?, ?, ?, ?, ?)',
+      [usernameNorm, usernameNorm, emailNorm, hash, role === 'staff' ? 'staff' : 'admin']
+    );
+    const rows = await query(
+      'SELECT id, username, name, email, role, created_at FROM users WHERE id = ?',
+      [result.insertId]
+    );
+    const user = rows[0];
+    const token = signToken(user);
+    return res.status(201).json({ token, user: toUserApi(user) });
+  } catch (err) {
+    console.error(err);
+    return res.status(500).json({ message: 'Registration failed' });
+  }
+});
+router.post('/login', async (req, res) => {
+  try {
+    const { username, password } = req.body;
+    if (!username || !password) {
+      return res.status(400).json({ message: 'Username and password are required' });
+    }
+    const rows = await query('SELECT * FROM users WHERE username = ?', [String(username).trim()]);
+    const user = rows[0];
+    if (!user) {
+      return res.status(401).json({ message: 'Invalid credentials' });
+    }
+    const match = await bcrypt.compare(String(password), user.password);
+    if (!match) {
+      return res.status(401).json({ message: 'Invalid credentials' });
+    }
+    const token = signToken(user);
+    return res.json({
+      token,
+      user: toUserApi(user),
+    });
+  } catch (err) {
+    console.error(err);
+    return res.status(500).json({ message: 'Login failed' });
+  }
+});
+router.post('/forgot-password', async (req, res) => {
+  try {
+    const { email, newPassword, confirmPassword } = req.body;
+    if (!email) {
+      return res.status(400).json({ success: false, message: 'Email is required.' });
+    }
+    if (!newPassword) {
+      return res.status(400).json({ success: false, message: 'New password is required.' });
+    }
+    if (!confirmPassword) {
+      return res.status(400).json({ success: false, message: 'Confirm password is required.' });
+    }
+    if (newPassword !== confirmPassword) {
+      return res.status(400).json({
+        success: false,
+        message: 'New password and confirm password must match.',
+      });
+    }
+    const emailNorm = normalizeEmail(email);
+    const rows = await query('SELECT id FROM users WHERE email = ?', [emailNorm]);
+    if (!rows.length) {
+      return res.status(404).json({ success: false, message: 'User not found' });
+    }
+    const hash = await bcrypt.hash(String(newPassword), 12);
+    await query('UPDATE users SET password = ? WHERE email = ?', [hash, emailNorm]);
+    return res.json({ success: true, message: 'Password reset successfully' });
+  } catch (err) {
+    console.error(err);
+    return res.status(500).json({ success: false, message: 'Server error.' });
+  }
+});
+export default router;

package/templates/sfms-app/backend-mysql/src/routes/paymentRoutes.js ADDED Viewed

@@ -0,0 +1,92 @@
+import { Router } from 'express';
+import { query } from '../config/db.js';
+import { protect } from '../middleware/authMiddleware.js';
+import { paymentSelect, toPaymentApi } from '../utils/mappers.js';
+const router = Router();
+router.use(protect);
+router.get('/', async (_req, res) => {
+  try {
+    const rows = await query(`${paymentSelect} ORDER BY p.payment_date DESC`);
+    return res.json(rows.map(toPaymentApi));
+  } catch (err) {
+    console.error(err);
+    return res.status(500).json({ message: 'Failed to list payments' });
+  }
+});
+router.post('/', async (req, res) => {
+  try {
+    const { student_id, amount, payment_date } = req.body;
+    if (!student_id || amount === undefined || amount === null || !payment_date) {
+      return res.status(400).json({ message: 'Student, amount and payment date are required' });
+    }
+    const students = await query('SELECT id FROM students WHERE id = ?', [student_id]);
+    if (!students.length) return res.status(404).json({ message: 'Student not found' });
+    const num = Number(amount);
+    if (Number.isNaN(num) || num < 0) {
+      return res.status(400).json({ message: 'Amount must be a valid non-negative number' });
+    }
+    const result = await query(
+      'INSERT INTO payments (student_id, amount, payment_date) VALUES (?, ?, ?)',
+      [student_id, num, payment_date]
+    );
+    const rows = await query(`${paymentSelect} WHERE p.id = ?`, [result.insertId]);
+    return res.status(201).json(toPaymentApi(rows[0]));
+  } catch (err) {
+    console.error(err);
+    return res.status(500).json({ message: 'Failed to create payment' });
+  }
+});
+router.put('/:id', async (req, res) => {
+  try {
+    const existing = await query('SELECT * FROM payments WHERE id = ?', [req.params.id]);
+    if (!existing.length) return res.status(404).json({ message: 'Payment not found' });
+    const { student_id, amount, payment_date } = req.body;
+    const current = existing[0];
+    if (student_id !== undefined) {
+      const students = await query('SELECT id FROM students WHERE id = ?', [student_id]);
+      if (!students.length) return res.status(404).json({ message: 'Student not found' });
+    }
+    if (amount !== undefined) {
+      const num = Number(amount);
+      if (Number.isNaN(num) || num < 0) {
+        return res.status(400).json({ message: 'Amount must be a valid non-negative number' });
+      }
+    }
+    await query(
+      'UPDATE payments SET student_id = ?, amount = ?, payment_date = ? WHERE id = ?',
+      [
+        student_id !== undefined ? student_id : current.student_id,
+        amount !== undefined ? Number(amount) : current.amount,
+        payment_date !== undefined ? payment_date : current.payment_date,
+        req.params.id,
+      ]
+    );
+    const rows = await query(`${paymentSelect} WHERE p.id = ?`, [req.params.id]);
+    return res.json(toPaymentApi(rows[0]));
+  } catch (err) {
+    console.error(err);
+    return res.status(500).json({ message: 'Failed to update payment' });
+  }
+});
+router.delete('/:id', async (req, res) => {
+  try {
+    const result = await query('DELETE FROM payments WHERE id = ?', [req.params.id]);
+    if (!result.affectedRows) return res.status(404).json({ message: 'Payment not found' });
+    return res.json({ message: 'Deleted', id: req.params.id });
+  } catch (err) {
+    console.error(err);
+    return res.status(500).json({ message: 'Failed to delete' });
+  }
+});
+export default router;

package/templates/sfms-app/backend-mysql/src/routes/reportRoutes.js ADDED Viewed

@@ -0,0 +1,41 @@
+import { Router } from 'express';
+import { query } from '../config/db.js';
+import { protect } from '../middleware/authMiddleware.js';
+import { paymentSelect, toPaymentApi } from '../utils/mappers.js';
+const router = Router();
+router.use(protect);
+router.get('/', async (req, res) => {
+  try {
+    const { start, end } = req.query;
+    if (!start || !end) {
+      return res.status(400).json({ message: 'Query params start and end (yyyy-mm-dd) are required' });
+    }
+    const startDate = new Date(String(start));
+    const endDate = new Date(String(end));
+    if (Number.isNaN(startDate.getTime()) || Number.isNaN(endDate.getTime())) {
+      return res.status(400).json({ message: 'Invalid date format; use yyyy-mm-dd' });
+    }
+    const rows = await query(
+      `${paymentSelect} WHERE p.payment_date BETWEEN ? AND ? ORDER BY p.payment_date DESC`,
+      [String(start), String(end)]
+    );
+    const payments = rows.map(toPaymentApi);
+    const total = payments.reduce((sum, row) => sum + (row.amount || 0), 0);
+    return res.json({
+      start: String(start),
+      end: String(end),
+      payments,
+      total_amount_paid: total,
+    });
+  } catch (err) {
+    console.error(err);
+    return res.status(500).json({ message: 'Failed to build report' });
+  }
+});
+export default router;

package/templates/sfms-app/backend-mysql/src/routes/studentRoutes.js ADDED Viewed

@@ -0,0 +1,75 @@
+import { Router } from 'express';
+import { query } from '../config/db.js';
+import { protect } from '../middleware/authMiddleware.js';
+import { toStudentApi } from '../utils/mappers.js';
+const router = Router();
+router.use(protect);
+router.get('/', async (_req, res) => {
+  try {
+    const rows = await query('SELECT * FROM students ORDER BY created_at DESC');
+    return res.json(rows.map(toStudentApi));
+  } catch (err) {
+    console.error(err);
+    return res.status(500).json({ message: 'Failed to list students' });
+  }
+});
+router.post('/', async (req, res) => {
+  try {
+    const { full_name, class: className, parent_phone } = req.body;
+    if (!full_name || !className || !parent_phone) {
+      return res.status(400).json({ message: 'Full name, class and parent phone are required' });
+    }
+    const result = await query(
+      'INSERT INTO students (full_name, class_name, parent_phone) VALUES (?, ?, ?)',
+      [String(full_name).trim(), String(className).trim(), String(parent_phone).trim()]
+    );
+    const rows = await query('SELECT * FROM students WHERE id = ?', [result.insertId]);
+    return res.status(201).json(toStudentApi(rows[0]));
+  } catch (err) {
+    console.error(err);
+    return res.status(500).json({ message: 'Failed to create student' });
+  }
+});
+router.put('/:id', async (req, res) => {
+  try {
+    const rows = await query('SELECT * FROM students WHERE id = ?', [req.params.id]);
+    if (!rows.length) return res.status(404).json({ message: 'Student not found' });
+    const { full_name, class: className, parent_phone } = req.body;
+    const current = rows[0];
+    await query(
+      'UPDATE students SET full_name = ?, class_name = ?, parent_phone = ? WHERE id = ?',
+      [
+        full_name !== undefined ? String(full_name).trim() : current.full_name,
+        className !== undefined ? String(className).trim() : current.class_name,
+        parent_phone !== undefined ? String(parent_phone).trim() : current.parent_phone,
+        req.params.id,
+      ]
+    );
+    const updated = await query('SELECT * FROM students WHERE id = ?', [req.params.id]);
+    return res.json(toStudentApi(updated[0]));
+  } catch (err) {
+    console.error(err);
+    return res.status(500).json({ message: 'Failed to update student' });
+  }
+});
+router.delete('/:id', async (req, res) => {
+  try {
+    const result = await query('DELETE FROM students WHERE id = ?', [req.params.id]);
+    if (!result.affectedRows) return res.status(404).json({ message: 'Student not found' });
+    return res.json({ message: 'Deleted', id: req.params.id });
+  } catch (err) {
+    if (err.code === 'ER_ROW_IS_REFERENCED_2') {
+      return res.status(409).json({ message: 'Student has payments; delete payments first' });
+    }
+    console.error(err);
+    return res.status(500).json({ message: 'Failed to delete' });
+  }
+});
+export default router;

package/templates/sfms-app/backend-mysql/src/server.js ADDED Viewed

@@ -0,0 +1,39 @@
+import 'dotenv/config';
+import express from 'express';
+import cors from 'cors';
+import { env, requireJwtSecret } from './config/env.js';
+import { connectDatabase } from './config/db.js';
+import authRoutes from './routes/authRoutes.js';
+import studentRoutes from './routes/studentRoutes.js';
+import paymentRoutes from './routes/paymentRoutes.js';
+import reportRoutes from './routes/reportRoutes.js';
+requireJwtSecret();
+const app = express();
+app.use(cors({ origin: true, credentials: true }));
+app.use(express.json());
+app.get('/api/health', (_req, res) => {
+  res.json({ ok: true, app: 'SFMS' });
+});
+app.use('/api/auth', authRoutes);
+app.use('/api/students', studentRoutes);
+app.use('/api/payments', paymentRoutes);
+app.use('/api/reports', reportRoutes);
+app.use((_req, res) => {
+  res.status(404).json({ message: 'Not found' });
+});
+const ok = await connectDatabase();
+if (!ok) {
+  console.error('Cannot start without database');
+  process.exit(1);
+}
+app.listen(env.port, () => {
+  console.log(`SFMS API (MySQL) on http://localhost:${env.port}`);
+});

package/templates/sfms-app/backend-mysql/src/utils/mappers.js ADDED Viewed

@@ -0,0 +1,43 @@
+export const toStudentApi = (row) => {
+  if (!row) return null;
+  return {
+    id: String(row.id),
+    full_name: row.full_name,
+    class: row.class_name,
+    parent_phone: row.parent_phone,
+    created_at: row.created_at,
+  };
+};
+export const toPaymentApi = (row) => {
+  if (!row) return null;
+  const paymentDate =
+    row.payment_date instanceof Date
+      ? row.payment_date.toISOString().slice(0, 10)
+      : String(row.payment_date ?? '').slice(0, 10);
+  const student =
+    row.student_id && row.student_full_name
+      ? {
+          id: String(row.student_id),
+          full_name: row.student_full_name,
+          class: row.student_class_name,
+          parent_phone: row.student_parent_phone,
+        }
+      : undefined;
+  return {
+    id: String(row.id),
+    student_id: String(row.student_id),
+    amount: Number(row.amount),
+    payment_date: paymentDate,
+    created_at: row.created_at,
+    student,
+  };
+};
+export const paymentSelect = `
+  SELECT p.id, p.student_id, p.amount, p.payment_date, p.created_at,
+         s.full_name AS student_full_name, s.class_name AS student_class_name,
+         s.parent_phone AS student_parent_phone
+  FROM payments p
+  JOIN students s ON s.id = p.student_id
+`;

package/templates/sfms-app/frontend/.env.example ADDED Viewed

@@ -0,0 +1,9 @@
+# Dev server — fixed port; strictPort fails if busy (no random port)
+VITE_DEV_SERVER_PORT=5173
+# Optional: override API proxy target in dev.
+# If omitted, Vite reads PORT from ../backend-mysql/.env or ../backend-mongodb/.env
+# VITE_API_PROXY_TARGET=http://localhost:5000
+# Production or custom API origin (optional; empty = relative /api)
+# VITE_API_BASE_URL=https://api.example.com

package/templates/sfms-app/frontend/index.html ADDED Viewed

@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <link rel="icon" type="image/svg+xml" href="/favicon.svg" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <link rel="preconnect" href="https://fonts.googleapis.com" />
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
+    <link
+      href="https://fonts.googleapis.com/css2?family=DM+Sans:ital,opsz,wght@0,9..40,400;0,9..40,500;0,9..40,600;0,9..40,700&family=Outfit:wght@500;600;700&display=swap"
+      rel="stylesheet"
+    />
+    <title>SFMS — School Fee Management</title>
+  </head>
+  <body class="antialiased">
+    <div id="root"></div>
+    <script type="module" src="/src/main.jsx"></script>
+  </body>
+</html>