npm - create-mantiq - Versions diffs - 0.7.0 → 0.7.2 - Mend

create-mantiq 0.7.0 → 0.7.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (220) hide show

package/src/terminal.ts CHANGED Viewed

@@ -33,6 +33,8 @@ export class Terminal {
     write(`   ${EMERALD}●${R}  ${BOLD}mantiq${R}   ${GRAY}│${R}   ${DIM}The Bun framework for artisans${R}\n`)
     write(`\n`)
     write(`   ${GRAY}───────────────────────────────────────────────${R}\n`)
+    const version = require('../package.json').version
+    write(`   ${DIM}v${version}${R}\n`)
     write('\n\n')
   }
@@ -94,6 +96,68 @@ export class Terminal {
     })
   }
+  /** Checkbox-style multi-select prompt */
+  async multiSelect(label: string, options: SelectOption[]): Promise<string[]> {
+    let cursor = 0
+    const checked = new Set<number>()
+    const render = () => {
+      let out = `   ${EMERALD}◆${R}  ${BOLD}${label}${R}\n`
+      for (let i = 0; i < options.length; i++) {
+        const opt = options[i]!
+        const active = i === cursor
+        const isChecked = checked.has(i)
+        const box = isChecked ? `${EMERALD}\u2611${R}` : `${GRAY}\u2610${R}`
+        const text = active ? `${WHITE}${BOLD}${opt.label}${R}` : `${GRAY}${opt.label}${R}`
+        const hint = opt.hint ? `  ${DIM}${opt.hint}${R}` : ''
+        out += `      ${box}  ${text}${hint}\n`
+      }
+      out += `\n`
+      return out
+    }
+    const lines = options.length + 2
+    write(render())
+    if (process.stdin.isTTY) process.stdin.setRawMode(true)
+    write(HIDE_CURSOR)
+    return new Promise<string[]>((resolve) => {
+      const onData = (buf: Buffer) => {
+        const key = buf.toString()
+        if (key === '\x1b[A' || key === 'k') {
+          cursor = (cursor - 1 + options.length) % options.length
+        } else if (key === '\x1b[B' || key === 'j') {
+          cursor = (cursor + 1) % options.length
+        } else if (key === ' ') {
+          if (checked.has(cursor)) checked.delete(cursor)
+          else checked.add(cursor)
+        } else if (key === '\r' || key === '\n') {
+          process.stdin.removeListener('data', onData)
+          if (process.stdin.isTTY) process.stdin.setRawMode(false)
+          write(SHOW_CURSOR)
+          write(UP(lines) + CLEAR_LINE)
+          for (let i = 0; i < lines; i++) write(`${CLEAR_LINE}\n`)
+          write(UP(lines))
+          const selected = [...checked].sort().map(i => options[i]!.label)
+          const summary = selected.length > 0 ? selected.join(', ') : 'None'
+          write(`   ${EMERALD}\u25C7${R}  ${label}  ${EMERALD}${summary}${R}\n\n`)
+          resolve([...checked].sort().map(i => options[i]!.value))
+          return
+        } else if (key === '\x03') {
+          process.stdin.removeListener('data', onData)
+          if (process.stdin.isTTY) process.stdin.setRawMode(false)
+          write(SHOW_CURSOR + '\n')
+          process.exit(0)
+        }
+        write(UP(lines))
+        write(render())
+      }
+      process.stdin.on('data', onData)
+      process.stdin.resume()
+    })
+  }
   /** Yes/No confirm prompt */
   async confirm(label: string, defaultVal = false): Promise<boolean> {
     const options: SelectOption[] = [

package/stubs/api-only/routes/api.ts.stub ADDED Viewed

@@ -0,0 +1,24 @@
+import type { Router } from '@mantiq/core'
+import { json } from '@mantiq/core'
+import { ApiAuthController } from '../app/Http/Controllers/ApiAuthController.ts'
+import { UserController } from '../app/Http/Controllers/UserController.ts'
+import { RegisterRequest } from '../app/Http/Requests/RegisterRequest.ts'
+import { LoginRequest } from '../app/Http/Requests/LoginRequest.ts'
+import { StoreUserRequest } from '../app/Http/Requests/StoreUserRequest.ts'
+import { UpdateUserRequest } from '../app/Http/Requests/UpdateUserRequest.ts'
+export default function (router: Router) {
+  router.get('/ping', () => json({ status: 'ok', timestamp: new Date().toISOString() }))
+  // Token auth — FormRequest auto-validates, controller receives validated data
+  router.post('/register', [ApiAuthController, 'register', RegisterRequest])
+  router.post('/login', [ApiAuthController, 'login', LoginRequest])
+  router.post('/logout', [ApiAuthController, 'logout']).middleware('auth:api')
+  router.get('/user', [ApiAuthController, 'user']).middleware('auth:api')
+  // Users CRUD (protected)
+  router.get('/users', [UserController, 'index']).middleware('auth:api')
+  router.post('/users', [UserController, 'store', StoreUserRequest]).middleware('auth:api')
+  router.put('/users/:id', [UserController, 'update', UpdateUserRequest]).middleware('auth:api')
+  router.delete('/users/:id', [UserController, 'destroy']).middleware('auth:api')
+}

package/stubs/api-only/tests/feature/token-auth.test.ts.stub ADDED Viewed

@@ -0,0 +1,69 @@
+import { describe, test, expect } from 'bun:test'
+import { TestCase } from '@mantiq/testing'
+const t = new TestCase()
+t.refreshDatabase = true
+t.setup()
+const user = {
+  name: 'API User',
+  email: 'api@example.com',
+  password: 'password123',
+}
+describe('Token Authentication', () => {
+  test('can register and receive a token', async () => {
+    const res = await t.client.post('/api/register', user)
+    res.assertCreated()
+    await res.assertJsonHasKey('token')
+    const data = await res.json()
+    expect(data.token).toContain('|')
+  })
+  test('can login and receive a token', async () => {
+    await t.client.post('/api/register', user)
+    const res = await t.client.post('/api/login', {
+      email: user.email,
+      password: user.password,
+    })
+    res.assertOk()
+    await res.assertJsonHasKey('token')
+  })
+  test('cannot login with wrong credentials', async () => {
+    await t.client.post('/api/register', user)
+    const res = await t.client.post('/api/login', {
+      email: user.email,
+      password: 'wrong',
+    })
+    res.assertUnauthorized()
+  })
+  test('can access protected route with bearer token', async () => {
+    const regRes = await t.client.post('/api/register', user)
+    const { token } = await regRes.json()
+    t.client.withToken(token)
+    const res = await t.client.get('/api/user')
+    res.assertOk()
+    await res.assertJsonPath('user.email', user.email)
+  })
+  test('cannot access protected route without token', async () => {
+    const res = await t.client.get('/api/user')
+    res.assertUnauthorized()
+  })
+  test('can logout (revoke token)', async () => {
+    const regRes = await t.client.post('/api/register', user)
+    const { token } = await regRes.json()
+    t.client.withToken(token)
+    const logoutRes = await t.client.post('/api/logout')
+    logoutRes.assertOk()
+    // Token should be revoked
+    const userRes = await t.client.get('/api/user')
+    userRes.assertUnauthorized()
+  })
+})

package/stubs/auth/api/app/Http/Controllers/ApiAuthController.ts.stub ADDED Viewed

@@ -0,0 +1,57 @@
+import type { MantiqRequest } from '@mantiq/core'
+import { json, hash, hashCheck, abort } from '@mantiq/core'
+import { auth } from '@mantiq/auth'
+import { User } from '../../Models/User.ts'
+/**
+ * Sanctum-style token authentication for API-only apps.
+ * Issues bearer tokens instead of session cookies.
+ */
+export class ApiAuthController {
+  async register(request: MantiqRequest, data: Record<string, any>): Promise<Response> {
+    if (await User.where('email', data.email).first()) abort(422, 'A user with this email already exists.')
+    const user = await User.create({
+      name: data.name,
+      email: data.email,
+      password: await hash(data.password),
+    })
+    const { plainTextToken } = await user.createToken(data.device_name ?? 'api')
+    return json({ message: 'Registered.', user: user.toObject(), token: plainTextToken }, 201)
+  }
+  async login(request: MantiqRequest, data: Record<string, any>): Promise<Response> {
+    const user = await User.where('email', data.email).first()
+    if (!user || !(await hashCheck(data.password, user.getAuthPassword()))) {
+      abort(401, 'Invalid credentials.')
+    }
+    const { plainTextToken } = await user!.createToken(data.device_name ?? 'api')
+    return json({ message: 'Logged in.', user: user!.toObject(), token: plainTextToken })
+  }
+  async logout(request: MantiqRequest): Promise<Response> {
+    const manager = auth()
+    manager.setRequest(request)
+    const user = await manager.guard('api').user()
+    if (user) {
+      const token = user.currentAccessToken?.()
+      if (token) await token.delete()
+    }
+    return json({ message: 'Token revoked.' })
+  }
+  async user(request: MantiqRequest): Promise<Response> {
+    const manager = auth()
+    manager.setRequest(request)
+    const user = await manager.guard('api').user()
+    if (!user) abort(401, 'Unauthenticated.')
+    return json({ user: user!.toObject() })
+  }
+}

package/stubs/auth/api/routes/api.ts.stub ADDED Viewed

@@ -0,0 +1,24 @@
+import type { Router } from '@mantiq/core'
+import { json } from '@mantiq/core'
+import { ApiAuthController } from '../app/Http/Controllers/ApiAuthController.ts'
+import { UserController } from '../app/Http/Controllers/UserController.ts'
+import { RegisterRequest } from '../app/Http/Requests/RegisterRequest.ts'
+import { LoginRequest } from '../app/Http/Requests/LoginRequest.ts'
+import { StoreUserRequest } from '../app/Http/Requests/StoreUserRequest.ts'
+import { UpdateUserRequest } from '../app/Http/Requests/UpdateUserRequest.ts'
+export default function (router: Router) {
+  router.get('/ping', () => json({ status: 'ok', timestamp: new Date().toISOString() }))
+  // Token auth — FormRequest auto-validates, controller receives validated data
+  router.post('/register', [ApiAuthController, 'register', RegisterRequest])
+  router.post('/login', [ApiAuthController, 'login', LoginRequest])
+  router.post('/logout', [ApiAuthController, 'logout']).middleware('auth:api')
+  router.get('/user', [ApiAuthController, 'user']).middleware('auth:api')
+  // Users CRUD (protected)
+  router.get('/users', [UserController, 'index']).middleware('auth:api')
+  router.post('/users', [UserController, 'store', StoreUserRequest]).middleware('auth:api')
+  router.put('/users/:id', [UserController, 'update', UpdateUserRequest]).middleware('auth:api')
+  router.delete('/users/:id', [UserController, 'destroy']).middleware('auth:api')
+}

package/stubs/auth/api/tests/feature/token-auth.test.ts.stub ADDED Viewed

@@ -0,0 +1,69 @@
+import { describe, test, expect } from 'bun:test'
+import { TestCase } from '@mantiq/testing'
+const t = new TestCase()
+t.refreshDatabase = true
+t.setup()
+const user = {
+  name: 'API User',
+  email: 'api@example.com',
+  password: 'password123',
+}
+describe('Token Authentication', () => {
+  test('can register and receive a token', async () => {
+    const res = await t.client.post('/api/register', user)
+    res.assertCreated()
+    await res.assertJsonHasKey('token')
+    const data = await res.json()
+    expect(data.token).toContain('|')
+  })
+  test('can login and receive a token', async () => {
+    await t.client.post('/api/register', user)
+    const res = await t.client.post('/api/login', {
+      email: user.email,
+      password: user.password,
+    })
+    res.assertOk()
+    await res.assertJsonHasKey('token')
+  })
+  test('cannot login with wrong credentials', async () => {
+    await t.client.post('/api/register', user)
+    const res = await t.client.post('/api/login', {
+      email: user.email,
+      password: 'wrong',
+    })
+    res.assertUnauthorized()
+  })
+  test('can access protected route with bearer token', async () => {
+    const regRes = await t.client.post('/api/register', user)
+    const { token } = await regRes.json()
+    t.client.withToken(token)
+    const res = await t.client.get('/api/user')
+    res.assertOk()
+    await res.assertJsonPath('user.email', user.email)
+  })
+  test('cannot access protected route without token', async () => {
+    const res = await t.client.get('/api/user')
+    res.assertUnauthorized()
+  })
+  test('can logout (revoke token)', async () => {
+    const regRes = await t.client.post('/api/register', user)
+    const { token } = await regRes.json()
+    t.client.withToken(token)
+    const logoutRes = await t.client.post('/api/logout')
+    logoutRes.assertOk()
+    // Token should be revoked
+    const userRes = await t.client.get('/api/user')
+    userRes.assertUnauthorized()
+  })
+})

package/stubs/auth/shared/app/Http/Requests/LoginRequest.ts.stub ADDED Viewed

@@ -0,0 +1,10 @@
+import { FormRequest } from '@mantiq/validation'
+export class LoginRequest extends FormRequest {
+  override rules() {
+    return {
+      email: 'required|email',
+      password: 'required|string',
+    }
+  }
+}

package/stubs/auth/shared/app/Http/Requests/RegisterRequest.ts.stub ADDED Viewed

@@ -0,0 +1,11 @@
+import { FormRequest } from '@mantiq/validation'
+export class RegisterRequest extends FormRequest {
+  override rules() {
+    return {
+      name: 'required|string|max:255',
+      email: 'required|email|max:255',
+      password: 'required|string|min:6',
+    }
+  }
+}

package/stubs/auth/web/app/Http/Controllers/AuthController.ts.stub ADDED Viewed

@@ -0,0 +1,43 @@
+import type { MantiqRequest } from '@mantiq/core'
+import { json, hash, abort } from '@mantiq/core'
+import { auth } from '@mantiq/auth'
+import { User } from '../../Models/User.ts'
+export class AuthController {
+  async register(request: MantiqRequest, data: Record<string, any>): Promise<Response> {
+    if (await User.where('email', data.email).first()) abort(422, 'A user with this email already exists.')
+    const user = await User.create({
+      name: data.name,
+      email: data.email,
+      password: await hash(data.password),
+    })
+    const manager = auth()
+    manager.setRequest(request)
+    await manager.login(user)
+    return json({ message: 'Registered.', user: user.toObject() }, 201)
+  }
+  async login(request: MantiqRequest, data: Record<string, any>): Promise<Response> {
+    const manager = auth()
+    manager.setRequest(request)
+    const success = await manager.attempt(
+      { email: data.email, password: data.password },
+      data.remember ?? false,
+    )
+    if (!success) abort(401, 'Invalid credentials.')
+    const user = await manager.user()
+    return json({ message: 'Logged in.', user: user?.toObject() })
+  }
+  async logout(request: MantiqRequest): Promise<Response> {
+    const manager = auth()
+    manager.setRequest(request)
+    await manager.logout()
+    return json({ message: 'Logged out.' })
+  }
+}

package/stubs/auth/web/app/Http/Controllers/PageController.ts.stub ADDED Viewed

@@ -0,0 +1,66 @@
+import type { MantiqRequest } from '@mantiq/core'
+import { config } from '@mantiq/core'
+import { vite } from '@mantiq/vite'
+import { auth } from '@mantiq/auth'
+import { User } from '../../Models/User.ts'
+async function getUser(request: MantiqRequest) {
+  const manager = auth()
+  manager.setRequest(request)
+  const user = await manager.user()
+  if (!user) return null
+  return {
+    id: user.getAttribute('id') ?? user.getAuthIdentifier(),
+    name: user.getAttribute('name') ?? '',
+    email: user.getAttribute('email') ?? '',
+  }
+}
+function render(request: MantiqRequest, page: string, title: string, data: Record<string, any> = {}) {
+  return vite().render(request, {
+    page,
+    entry: ['src/style.css', '{{MAIN_ENTRY}}'],
+    title: config('app.name') + ' — ' + title,
+    data: { appName: config('app.name'), ...data },
+  })
+}
+export class PageController {
+  async dashboard(request: MantiqRequest): Promise<Response> {
+    const currentUser = await getUser(request)
+    const users = await User.all()
+    return render(request, 'Dashboard', 'Dashboard', {
+      currentUser,
+      users: users.map((u: any) => u.toObject()),
+    })
+  }
+  async login(request: MantiqRequest): Promise<Response> {
+    return render(request, 'Login', 'Sign In')
+  }
+  async register(request: MantiqRequest): Promise<Response> {
+    return render(request, 'Register', 'Register')
+  }
+  async users(request: MantiqRequest): Promise<Response> {
+    const currentUser = await getUser(request)
+    const users = await User.all()
+    return render(request, 'Users', 'Users', {
+      currentUser,
+      users: users.map((u: any) => u.toObject()),
+    })
+  }
+  async profile(request: MantiqRequest): Promise<Response> {
+    return render(request, 'Profile', 'Profile', { currentUser: await getUser(request) })
+  }
+  async security(request: MantiqRequest): Promise<Response> {
+    return render(request, 'Security', 'Security', { currentUser: await getUser(request) })
+  }
+  async preferences(request: MantiqRequest): Promise<Response> {
+    return render(request, 'Preferences', 'Preferences', { currentUser: await getUser(request) })
+  }
+}

package/stubs/auth/web/routes/web.ts.stub ADDED Viewed

@@ -0,0 +1,25 @@
+import type { Router } from '@mantiq/core'
+import { HomeController } from '../app/Http/Controllers/HomeController.ts'
+import { PageController } from '../app/Http/Controllers/PageController.ts'
+import { AuthController } from '../app/Http/Controllers/AuthController.ts'
+import { RegisterRequest } from '../app/Http/Requests/RegisterRequest.ts'
+import { LoginRequest } from '../app/Http/Requests/LoginRequest.ts'
+export default function (router: Router) {
+  router.get('/', [HomeController, 'index'])
+  router.get('/dashboard', [PageController, 'dashboard']).middleware('auth')
+  router.get('/login', [PageController, 'login']).middleware('guest')
+  router.get('/register', [PageController, 'register']).middleware('guest')
+  router.get('/users', [PageController, 'users']).middleware('auth')
+  // Account settings
+  router.get('/account/profile', [PageController, 'profile']).middleware('auth')
+  router.get('/account/security', [PageController, 'security']).middleware('auth')
+  router.get('/account/preferences', [PageController, 'preferences']).middleware('auth')
+  // Auth actions — FormRequest auto-validates before controller runs
+  router.post('/login', [AuthController, 'login', LoginRequest])
+  router.post('/register', [AuthController, 'register', RegisterRequest])
+  router.post('/logout', [AuthController, 'logout']).middleware('auth')
+}

package/stubs/auth/web/svelte/src/App.svelte.stub ADDED Viewed

@@ -0,0 +1,77 @@
+<script lang="ts">
+  import { onMount, onDestroy, setContext } from 'svelte'
+  let {
+    pages = {},
+    initialData = {},
+  }: {
+    pages?: Record<string, any>
+    initialData?: Record<string, any>
+  } = $props()
+  const windowData = typeof window !== 'undefined' ? (window as Record<string, any>).__MANTIQ_DATA__ ?? {} : {}
+  const bootstrapData = (() => initialData ?? windowData)()
+  let currentPage = $state<string>(bootstrapData._page ?? 'Login')
+  let pageData = $state<Record<string, any>>(bootstrapData)
+  const PageComponent = $derived(pages[currentPage] ?? null)
+  // Initialize theme immediately to prevent flash
+  if (typeof window !== 'undefined') {
+    const theme = localStorage.getItem('theme') ||
+      (window.matchMedia('(prefers-color-scheme: dark)').matches ? 'dark' : 'light')
+    document.documentElement.classList.toggle('dark', theme === 'dark')
+  }
+  async function navigate(href: string) {
+    const res = await fetch(href, {
+      headers: { 'X-Mantiq': 'true', Accept: 'application/json' },
+    })
+    // Handle 401/419 — session expired
+    if (res.status === 401 || res.status === 419) {
+      window.location.href = '/login'
+      return
+    }
+    const newData = await res.json()
+    currentPage = newData._page
+    pageData = newData
+    history.pushState(null, '', newData._url)
+  }
+  setContext('navigate', navigate)
+  const spaRoutes = [
+    '/login', '/register', '/dashboard', '/users',
+    '/account/profile', '/account/security', '/account/preferences',
+  ]
+  function handleClick(e: MouseEvent) {
+    const anchor = (e.target as HTMLElement).closest('a')
+    const href = anchor?.getAttribute('href')
+    if (!href?.startsWith('/') || anchor?.target || e.ctrlKey || e.metaKey) return
+    if (!spaRoutes.some(r => href === r || href.startsWith(r + '?'))) return
+    e.preventDefault()
+    navigate(href)
+  }
+  function handlePop() { navigate(location.pathname) }
+  onMount(() => {
+    document.addEventListener('click', handleClick)
+    window.addEventListener('popstate', handlePop)
+  })
+  onDestroy(() => {
+    if (typeof window !== 'undefined') {
+      document.removeEventListener('click', handleClick)
+      window.removeEventListener('popstate', handlePop)
+    }
+  })
+</script>
+{#if PageComponent}
+  <PageComponent {...pageData} {navigate} />
+{/if}

package/stubs/auth/web/svelte/src/pages.ts.stub ADDED Viewed

@@ -0,0 +1,17 @@
+import Login from './pages/Login.svelte'
+import Register from './pages/Register.svelte'
+import Dashboard from './pages/Dashboard.svelte'
+import Users from './pages/Users.svelte'
+import Profile from './pages/account/profile.svelte'
+import Security from './pages/account/security.svelte'
+import Preferences from './pages/account/preferences.svelte'
+export const pages: Record<string, any> = {
+  Login,
+  Register,
+  Dashboard,
+  Users,
+  Profile,
+  Security,
+  Preferences,
+}

package/stubs/auth/web/tests/feature/auth.test.ts.stub ADDED Viewed

@@ -0,0 +1,69 @@
+import { describe, test, beforeAll } from 'bun:test'
+import { TestCase } from '@mantiq/testing'
+const t = new TestCase()
+t.refreshDatabase = true
+t.setup()
+const user = {
+  name: 'Test User',
+  email: 'test@example.com',
+  password: 'password123',
+}
+describe('Authentication', () => {
+  test('can register a new user', async () => {
+    await t.client.initSession()
+    const res = await t.client.post('/register', user)
+    res.assertCreated()
+    await res.assertJson({ message: 'Registered.' })
+    await res.assertJsonMissingKey('password')
+    await t.assertDatabaseHas('users', { email: user.email })
+  })
+  test('cannot register with duplicate email', async () => {
+    await t.client.initSession()
+    await t.client.post('/register', user)
+    const res = await t.client.post('/register', user)
+    res.assertUnprocessable()
+  })
+  test('can login with valid credentials', async () => {
+    await t.client.initSession()
+    await t.client.post('/register', user)
+    t.client.flushCookies()
+    await t.client.initSession()
+    const res = await t.client.post('/login', {
+      email: user.email,
+      password: user.password,
+    })
+    res.assertOk()
+    await res.assertJson({ message: 'Logged in.' })
+  })
+  test('cannot login with wrong password', async () => {
+    await t.client.initSession()
+    await t.client.post('/register', user)
+    t.client.flushCookies()
+    await t.client.initSession()
+    const res = await t.client.post('/login', {
+      email: user.email,
+      password: 'wrong',
+    })
+    res.assertUnauthorized()
+  })
+  test('can logout', async () => {
+    await t.client.initSession()
+    await t.client.post('/register', user)
+    const logoutRes = await t.client.post('/logout')
+    logoutRes.assertOk()
+  })
+  test('protected routes require authentication', async () => {
+    const res = await t.client.get('/api/users')
+    res.assertUnauthorized()
+  })
+})