create-kyro 0.3.1 → 0.4.0

package/src/generators/files.ts

@@ -56,100 +56,36 @@ npm run dev
 
 Visit [http://localhost:4321/admin](http://localhost:4321/admin) to access the admin.
 
-${
-  answers.auth
-    ? `## Creating Your Admin User
-
-Before logging into the admin, you need to create an admin user. Run:
-
-\`\`\`bash
-npm run db:bootstrap
-\`\`\`
-
-Or set environment variables to auto-bootstrap on startup:
-
-\`\`\`bash
-# .env
-KYRO_ADMIN_EMAIL=admin@example.com
-KYRO_ADMIN_PASSWORD=SecurePass123!
-\`\`\`
-
-Then restart the dev server.
-`
-    : ""
-}
+The first user to register will automatically be granted super admin privileges.
 
 ## Documentation
 
-Visit [https://kyro.cms](https://kyro.cms) for full documentation.
+Visit [https://kyro.dev](https://kyro.dev) for full documentation.
 `;
 
   writeFileSync(join(projectDir, "README.md"), readme);
 
   const envExample = `# Kyro CMS Configuration
+# Copy this file to .env and fill in your values
 
 ${
   answers.database === "sqlite"
     ? "# SQLite (local) - no additional config needed"
     : answers.database === "postgres" || answers.database === "mysql"
-      ? "# Database connection (PostgreSQL/MySQL)\nDATABASE_URL=postgresql://user:password@localhost:5432/kyro_cms\nDATABASE_SSL=false"
+      ? "# Database connection (PostgreSQL/MySQL)\nDATABASE_URL=postgresql://user:password@localhost:5432/kyro_cms"
       : "# MongoDB connection\nMONGODB_URI=mongodb://localhost:27017/kyro_cms"
 }
 
-${
-  answers.auth
-    ? `# Authentication (uses SQLite at ./data/auth.db - no Redis needed)
-JWT_SECRET=change-this-to-a-random-32-character-string
-JWT_EXPIRES_IN=24h
-
-# Registration control (set to false to disable public registration after first user)
-KYRO_ALLOW_REGISTRATION=true
-
-# Optional: Custom auth database path (default: ./data/auth.db)
-# KYRO_AUTH_DB_PATH=./data/auth.db
+# JWT secret for authentication tokens
+JWT_SECRET=change-this-to-a-random-64-character-string
 
-# Optional: SMTP for emails
-# SMTP_HOST=smtp.example.com
-# SMTP_PORT=587
-# SMTP_SECURE=false
-# SMTP_USER=your-email@example.com
-# SMTP_PASS=your-password
-# SMTP_FROM=noreply@example.com`
-    : ""
-}
+# Admin credentials (used for first-user bootstrap)
+# KYRO_ADMIN_EMAIL=admin@example.com
+# KYRO_ADMIN_PASSWORD=SecurePass123!
 `;
 
   writeFileSync(join(projectDir, ".env.example"), envExample);
 
-  const spec = `# ${answers.projectName}
-
-## Overview
-
-This project uses Kyro CMS - an Astro-native headless CMS.
-
-## Configuration
-
-- **Database**: ${answers.database === "sqlite" ? "SQLite (local-first)" : answers.database}
-- **APIs**: REST, GraphQL, tRPC, WebSocket
-- **Styling**: ${answers.styling}
-- **Auth**: ${answers.auth ? "Enabled" : "Disabled"}
-- **Versioning**: ${answers.versioning ? "Enabled" : "Disabled"}
-- **Admin**: ${answers.admin ? "Included" : "Not included"}
-- **Template**: ${answers.template}
-
-## Collections
-
-${
-  answers.template === "minimal"
-    ? "- Posts"
-    : answers.template === "blog"
-      ? "- Posts\n- Categories\n- Media"
-      : "- Products\n- Categories\n- Customers\n- Orders\n- Coupons"
-}
-`;
-
-  writeFileSync(join(projectDir, "SPEC.md"), spec);
-
   const indexPage = `---
 const title = "${answers.projectName}";
 ---
@@ -158,17 +94,13 @@ const title = "${answers.projectName}";
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>${answers.projectName}</title>
+    <title>{title}</title>
   </head>
   <body>
     <main>
-      <h1>Welcome to ${answers.projectName}</h1>
+      <h1>Welcome to {title}</h1>
       <p>Your Kyro CMS is ready.</p>
-      ${
-        answers.admin
-          ? '<p><a href="/admin">Go to Admin Dashboard →</a></p>'
-          : ""
-      }
+      <p><a href="/admin">Go to Admin Dashboard &rarr;</a></p>
     </main>
   </body>
 </html>
@@ -199,431 +131,4 @@ const title = "${answers.projectName}";
 `;
 
   writeFileSync(join(pagesDir, "index.astro"), indexPage);
-
-  if (answers.admin) {
-    const adminDir = join(pagesDir, "admin");
-    mkdirSync(adminDir, { recursive: true });
-
-    const adminIndex = `---
-import { Admin } from '@kyro-cms/admin';
-import config from '../../../kyro.config';
----
-<!DOCTYPE html>
-<html lang="en">
-  <head>
-    <meta charset="UTF-8" />
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>Admin - ${answers.projectName}</title>
-  </head>
-  <body>
-    <Admin client:load config={config} />
-  </body>
-</html>
-`;
-
-    writeFileSync(join(adminDir, "index.astro"), adminIndex);
-  }
-
-  if (answers.auth) {
-    const authApiDir = join(pagesDir, "api", "auth");
-    mkdirSync(authApiDir, { recursive: true });
-
-    writeFileSync(
-      join(authApiDir, "login.ts"),
-      generateLoginEndpoint(answers.database),
-    );
-    writeFileSync(
-      join(authApiDir, "register.ts"),
-      generateRegisterEndpoint(answers.database),
-    );
-    writeFileSync(
-      join(authApiDir, "logout.ts"),
-      generateLogoutEndpoint(answers.database),
-    );
-    writeFileSync(join(authApiDir, "me.ts"), generateMeEndpoint());
-    writeFileSync(
-      join(authApiDir, "users.ts"),
-      generateUsersEndpoint(answers.database),
-    );
-
-    writeFileSync(join(srcDir, "middleware.ts"), generateMiddleware());
-  }
-}
-
-function generateLoginEndpoint(database: string): string {
-  return `import type { APIRoute } from "astro";
-import { SQLiteAuthAdapter } from "@kyro-cms/core";
-import jwt from "jsonwebtoken";
-
-const JWT_SECRET = process.env.JWT_SECRET || "change-me-in-production";
-const JWT_EXPIRES_IN = process.env.JWT_EXPIRES_IN || "24h";
-
-async function getAuthApi() {
-  return new SQLiteAuthAdapter({ path: "./data/auth.db" });
-}
-
-export const POST: APIRoute = async ({ request }) => {
-  try {
-    const body = (await request.json()) as {
-      email?: string;
-      password?: string;
-    };
-    const { email, password } = body;
-
-    if (!email || !password) {
-      return new Response(
-        JSON.stringify({ error: "Email and password required" }),
-        { status: 400, headers: { "Content-Type": "application/json" } },
-      );
-    }
-
-    const adapter = await getAuthApi();
-    await adapter.connect();
-
-    const user = await adapter.findUserByEmail(email);
-    if (!user || !user.passwordHash) {
-      await adapter.disconnect();
-      return new Response(JSON.stringify({ error: "Invalid credentials" }), {
-        status: 401,
-        headers: { "Content-Type": "application/json" },
-      });
-    }
-
-    const valid = await adapter.verifyPassword(password, user.passwordHash);
-    if (!valid) {
-      await adapter.disconnect();
-      return new Response(JSON.stringify({ error: "Invalid credentials" }), {
-        status: 401,
-        headers: { "Content-Type": "application/json" },
-      });
-    }
-
-    const session = await adapter.createSession(user.id, {
-      ipAddress: request.headers.get("x-forwarded-for") || "unknown",
-      userAgent: request.headers.get("user-agent") || "",
-    });
-
-    const token = jwt.sign(
-      {
-        sub: user.id,
-        email: user.email,
-        role: user.role,
-        tenantId: user.tenantId,
-      },
-      JWT_SECRET,
-      { expiresIn: JWT_EXPIRES_IN as jwt.SignOptions["expiresIn"] },
-    );
-
-    await adapter.disconnect();
-
-    const { passwordHash, ...safeUser } = user;
-
-    return new Response(
-      JSON.stringify({
-        success: true,
-        user: safeUser,
-        token,
-        refreshToken: session.refreshToken,
-      }),
-      {
-        status: 200,
-        headers: { "Content-Type": "application/json" },
-      },
-    );
-  } catch (error) {
-    console.error("Login error:", error);
-    return new Response(JSON.stringify({ error: "Login failed" }), {
-      status: 500,
-      headers: { "Content-Type": "application/json" },
-    });
-  }
-};
-`;
-}
-
-function generateRegisterEndpoint(database: string): string {
-  return `import type { APIRoute } from "astro";
-import { SQLiteAuthAdapter } from "@kyro-cms/core";
-import jwt from "jsonwebtoken";
-
-const JWT_SECRET = process.env.JWT_SECRET || "change-me-in-production";
-const JWT_EXPIRES_IN = process.env.JWT_EXPIRES_IN || "24h";
-const ALLOW_REGISTRATION = process.env.KYRO_ALLOW_REGISTRATION !== "false";
-
-async function getAuthApi() {
-  return new SQLiteAuthAdapter({ path: "./data/auth.db" });
-}
-
-export const POST: APIRoute = async ({ request }) => {
-  try {
-    const body = (await request.json()) as {
-      email?: string;
-      password?: string;
-      confirmPassword?: string;
-    };
-    const { email, password, confirmPassword } = body;
-
-    if (!email || !password) {
-      return new Response(
-        JSON.stringify({ error: "Email and password required" }),
-        { status: 400, headers: { "Content-Type": "application/json" } },
-      );
-    }
-
-    if (password !== confirmPassword) {
-      return new Response(
-        JSON.stringify({ error: "Passwords do not match" }),
-        { status: 400, headers: { "Content-Type": "application/json" } },
-      );
-    }
-
-    if (password.length < 8) {
-      return new Response(
-        JSON.stringify({ error: "Password must be at least 8 characters" }),
-        { status: 400, headers: { "Content-Type": "application/json" } },
-      );
-    }
-
-    const adapter = await getAuthApi();
-    try {
-      await adapter.connect();
-    } catch {
-      return new Response(
-        JSON.stringify({ error: "Unable to connect to auth storage." }),
-        { status: 500, headers: { "Content-Type": "application/json" } },
-      );
-    }
-
-    const existingUser = await adapter.findUserByEmail(email);
-    if (existingUser) {
-      await adapter.disconnect();
-      return new Response(
-        JSON.stringify({ error: "Email already registered" }),
-        { status: 409, headers: { "Content-Type": "application/json" } },
-      );
-    }
-
-    const isFirstUser = !(await adapter.hasAnyUsers());
-
-    if (!isFirstUser && !ALLOW_REGISTRATION) {
-      await adapter.disconnect();
-      return new Response(
-        JSON.stringify({ error: "Registration is disabled" }),
-        { status: 403, headers: { "Content-Type": "application/json" } },
-      );
-    }
-
-    const passwordHash = await adapter.hashPassword(password);
-    const user = await adapter.createUser({
-      email,
-      passwordHash,
-      role: isFirstUser ? "super_admin" : "editor",
-    });
-
-    if (isFirstUser) {
-      await adapter.updateUser(user.id, { emailVerified: true });
-    }
-
-    const session = await adapter.createSession(user.id, {
-      ipAddress: request.headers.get("x-forwarded-for") || "unknown",
-      userAgent: request.headers.get("user-agent") || "",
-    });
-
-    const token = jwt.sign(
-      {
-        sub: user.id,
-        email: user.email,
-        role: user.role,
-        tenantId: user.tenantId,
-      },
-      JWT_SECRET,
-      { expiresIn: JWT_EXPIRES_IN as jwt.SignOptions["expiresIn"] },
-    );
-
-    await adapter.disconnect();
-
-    const { passwordHash: _, ...safeUser } = user;
-
-    return new Response(
-      JSON.stringify({
-        success: true,
-        isFirstUser,
-        user: safeUser,
-        token,
-        refreshToken: session.refreshToken,
-      }),
-      {
-        status: 201,
-        headers: { "Content-Type": "application/json" },
-      },
-    );
-  } catch (error) {
-    console.error("Registration error:", error);
-    return new Response(JSON.stringify({ error: "Registration failed" }), {
-      status: 500,
-      headers: { "Content-Type": "application/json" },
-    });
-  }
-};
-`;
-}
-
-function generateLogoutEndpoint(database: string): string {
-  return `import type { APIRoute } from "astro";
-import { SQLiteAuthAdapter } from "@kyro-cms/core";
-
-async function getAuthApi() {
-  return new SQLiteAuthAdapter({ path: "./data/auth.db" });
-}
-
-export const POST: APIRoute = async ({ request }) => {
-  try {
-    const authHeader = request.headers.get("authorization");
-    const token = authHeader?.startsWith("Bearer ")
-      ? authHeader.slice(7)
-      : null;
-
-    if (token) {
-      const adapter = await getAuthApi();
-      await adapter.connect();
-      await adapter.deleteSession(token);
-      await adapter.disconnect();
-    }
-
-    return new Response(
-      JSON.stringify({ success: true }),
-      { status: 200, headers: { "Content-Type": "application/json" } },
-    );
-  } catch {
-    return new Response(
-      JSON.stringify({ success: true }),
-      { status: 200, headers: { "Content-Type": "application/json" } },
-    );
-  }
-};
-`;
-}
-
-function generateMeEndpoint(): string {
-  return `import type { APIRoute } from "astro";
-import jwt from "jsonwebtoken";
-
-const JWT_SECRET = process.env.JWT_SECRET || "change-me-in-production";
-
-export const GET: APIRoute = async ({ request }) => {
-  const authHeader = request.headers.get("authorization");
-  const token = authHeader?.startsWith("Bearer ")
-    ? authHeader.slice(7)
-    : null;
-
-  if (!token) {
-    return new Response(
-      JSON.stringify({ error: "Not authenticated" }),
-      { status: 401, headers: { "Content-Type": "application/json" } },
-    );
-  }
-
-  try {
-    const payload = jwt.verify(token, JWT_SECRET) as jwt.JwtPayload;
-    return new Response(
-      JSON.stringify({
-        id: payload.sub,
-        email: payload.email,
-        role: payload.role,
-      }),
-      { status: 200, headers: { "Content-Type": "application/json" } },
-    );
-  } catch {
-    return new Response(
-      JSON.stringify({ error: "Invalid token" }),
-      { status: 401, headers: { "Content-Type": "application/json" } },
-    );
-  }
-};
-`;
-}
-
-function generateUsersEndpoint(database: string): string {
-  return `import type { APIRoute } from "astro";
-import { SQLiteAuthAdapter } from "@kyro-cms/core";
-
-async function getAuthApi() {
-  return new SQLiteAuthAdapter({ path: "./data/auth.db" });
-}
-
-export const GET: APIRoute = async () => {
-  try {
-    const adapter = await getAuthApi();
-    await adapter.connect();
-
-    const hasUsers = await adapter.hasAnyUsers();
-
-    await adapter.disconnect();
-
-    return new Response(JSON.stringify({ hasUsers }), {
-      status: 200,
-      headers: { "Content-Type": "application/json" },
-    });
-  } catch {
-    return new Response(JSON.stringify({ hasUsers: false }), {
-      status: 200,
-      headers: { "Content-Type": "application/json" },
-    });
-  }
-};
-`;
-}
-
-function generateMiddleware(): string {
-  return `import type { MiddlewareHandler } from "astro";
-import jwt from "jsonwebtoken";
-
-const JWT_SECRET = process.env.JWT_SECRET || "change-me-in-production";
-
-const PUBLIC_PATHS = [
-  "/api/auth/login",
-  "/api/auth/logout",
-  "/api/auth/register",
-  "/api/auth/me",
-  "/api/auth/users",
-  "/api/health",
-  "/favicon.svg",
-];
-
-const PUBLIC_PREFIXES = ["/api/auth/", "/admin"];
-
-export const onRequest: MiddlewareHandler = async ({ request, url }, next) => {
-  const pathname = new URL(url).pathname;
-
-  if (PUBLIC_PATHS.includes(pathname) || PUBLIC_PATHS.includes(pathname.replace(/\\/$/, ""))) {
-    return next();
-  }
-
-  for (const prefix of PUBLIC_PREFIXES) {
-    if (pathname.startsWith(prefix)) {
-      return next();
-    }
-  }
-
-  const authHeader = request.headers.get("authorization");
-  const token = authHeader?.startsWith("Bearer ") ? authHeader.slice(7) : null;
-
-  if (!token) {
-    return new Response(
-      JSON.stringify({ error: "Authentication required" }),
-      { status: 401, headers: { "Content-Type": "application/json" } },
-    );
-  }
-
-  try {
-    jwt.verify(token, JWT_SECRET) as jwt.JwtPayload;
-    return next();
-  } catch {
-    return new Response(
-      JSON.stringify({ error: "Invalid or expired token" }),
-      { status: 401, headers: { "Content-Type": "application/json" } },
-    );
-  }
-};
-`;
 }

package/src/generators/packagejson.ts

@@ -12,52 +12,29 @@ export interface PackageJson {
 
 export function generatePackageJson(
   answers: Answers,
-  projectDir: string,
 ): PackageJson {
   const deps: Record<string, string> = {
+    "astro": "^6.3.1",
     "@kyro-cms/core": "latest",
-    astro: "^5.4.0",
+    "@kyro-cms/admin": "latest",
   };
 
   const devDeps: Record<string, string> = {
-    typescript: "^5.7.3",
+    "typescript": "^5.7.3",
   };
 
-  if (answers.styling === "tailwind") {
-    deps["@astrojs/react"] = "^4.2.0";
-    deps["react"] = "^19.0.0";
-    deps["react-dom"] = "^19.0.0";
-    deps["tailwindcss"] = "^4.0.0";
-    deps["@tailwindcss/vite"] = "^4.0.0";
-    devDeps["@types/react"] = "^19.0.0";
-    devDeps["@types/react-dom"] = "^19.0.0";
-  }
-
   if (answers.database === "postgres") {
     deps["pg"] = "^8.13.1";
-    deps["@types/pg"] = "^8.11.0";
   } else if (answers.database === "mysql") {
     deps["mysql2"] = "^3.12.0";
-  } else if (answers.database === "mongodb") {
-    deps["mongodb"] = "^6.12.0";
-  }
-
-  if (answers.admin) {
-    deps["@kyro-cms/admin"] = "latest";
-    deps["@astrojs/node"] = "^9.5.5";
-    deps["lucide-react"] = "^0.475.0";
   }
 
   const scripts: Record<string, string> = {
-    dev: "astro dev",
-    build: "astro build",
-    preview: "astro preview",
+    "dev": "astro dev",
+    "build": "astro build",
+    "preview": "astro preview",
   };
 
-  if (answers.auth) {
-    scripts["db:bootstrap"] = "kyro auth bootstrap";
-  }
-
   if (answers.database === "sqlite") {
     scripts["db:generate"] = "kyro generate";
     scripts["db:push"] = "kyro push";

package/src/index.ts

@@ -8,7 +8,7 @@ import { writeFileSync, mkdirSync, existsSync } from 'fs';
 import { join } from 'path';
 import { execSync } from 'child_process';
 
-const VERSION = '0.1.1';
+const VERSION = '0.4.0';
 
 async function main() {
   logger.intro('create-kyro', VERSION);
@@ -34,7 +34,7 @@ async function main() {
 
   logger.step(2, steps.length, steps[1]);
 
-  const pkg = generatePackageJson(answers, projectDir);
+  const pkg = generatePackageJson(answers);
   writeFileSync(
     join(projectDir, 'package.json'),
     formatPackageJson(pkg)
@@ -85,9 +85,9 @@ async function main() {
   console.log(`    ${logger ? '\x1b[36m' : ''}npm run dev${logger ? '\x1b[0m' : ''}`);
   console.log('');
   console.log('  Visit http://localhost:4321 to see your app.');
-  if (answers.admin) {
-    console.log('  Visit http://localhost:4321/admin for the admin dashboard.');
-  }
+  console.log('  Visit http://localhost:4321/admin for the admin dashboard.');
+  console.log('');
+  console.log('  The first user to register will be the super admin.');
   console.log('');
 }