create-nara 1.0.25 → 1.0.26

package/dist/cli.js

@@ -29,16 +29,7 @@ export async function main() {
     });
     if (!mode)
         process.exit(1);
-    const { features } = await prompts({
-        type: 'multiselect',
-        name: 'features',
-        message: 'Select features:',
-        choices: [
-            { title: 'Authentication', value: 'auth', selected: true },
-            { title: 'Database (SQLite)', value: 'db', selected: true },
-            { title: 'File uploads', value: 'uploads', selected: false }
-        ]
-    });
+    const features = ['auth', 'db', 'uploads'];
     const targetDir = path.resolve(process.cwd(), projectName);
     console.log(pc.dim(`\nCreating project in ${targetDir}...\n`));
     await setupProject({ projectName, targetDir, mode, features: features || [] });

package/dist/template.js

@@ -60,25 +60,7 @@ export async function setupProject(options) {
     if (features.includes('uploads')) {
         fs.mkdirSync(path.join(targetDir, 'uploads'), { recursive: true });
     }
-    // 6. Modify server.ts to import feature routes
-    const serverPath = path.join(targetDir, 'server.ts');
-    if (fs.existsSync(serverPath)) {
-        let serverContent = fs.readFileSync(serverPath, 'utf8');
-        // Add auth routes import and registration
-        if (features.includes('auth')) {
-            // Add import after web routes import
-            serverContent = serverContent.replace("import { registerRoutes } from './routes/web.js';", "import { registerRoutes } from './routes/web.js';\nimport { registerAuthRoutes } from './routes/auth.js';");
-            // Add registration before app.start()
-            serverContent = serverContent.replace('app.start();', 'registerAuthRoutes(app);\napp.start();');
-        }
-        // Add upload routes import and registration
-        if (features.includes('uploads')) {
-            serverContent = serverContent.replace("import { registerRoutes } from './routes/web.js';", "import { registerRoutes } from './routes/web.js';\nimport { registerUploadRoutes } from './routes/uploads.js';");
-            serverContent = serverContent.replace('app.start();', 'registerUploadRoutes(app);\napp.start();');
-        }
-        fs.writeFileSync(serverPath, serverContent);
-    }
-    // 7. Generate package.json (dynamic content)
+    // 6. Generate package.json (dynamic content)
     const pkg = createPackageJson(projectName, mode, features);
     fs.writeFileSync(path.join(targetDir, 'package.json'), JSON.stringify(pkg, null, 2));
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-nara",
-  "version": "1.0.25",
+  "version": "1.0.26",
   "description": "CLI to scaffold NARA projects",
   "type": "module",
   "bin": {

package/templates/features/auth/app/middlewares/rateLimit.ts

@@ -169,7 +169,7 @@ export function rateLimit(options: RateLimitOptions = {}): NaraMiddleware {
         res.setHeader('Retry-After', String(Math.ceil(resetMs / 1000)));
       }
 
-      return jsonError(res, message, 429, 'TOO_MANY_REQUESTS');
+      return jsonError(res, message, 429);
     }
 
     // Record this request

package/templates/minimal/routes/web.ts

@@ -1,6 +1,17 @@
 import type { NaraApp } from '@nara-web/core';
+import { AuthController } from '../app/controllers/AuthController.js';
+import { ProfileController } from '../app/controllers/ProfileController.js';
+import { UserController } from '../app/controllers/UserController.js';
+import { UploadController } from '../app/controllers/UploadController.js';
+import { authMiddleware, webAuthMiddleware } from '../app/middlewares/auth.js';
+import { wrapHandler } from '../app/utils/route-helper.js';
 
 export function registerRoutes(app: NaraApp) {
+  const auth = new AuthController();
+  const profile = new ProfileController();
+  const users = new UserController();
+  const upload = new UploadController();
+
   app.get('/', (req, res) => {
     res.json({ message: 'Welcome to NARA API' });
   });
@@ -8,4 +19,29 @@ export function registerRoutes(app: NaraApp) {
   app.get('/health', (req, res) => {
     res.json({ status: 'ok' });
   });
+
+  // --- API Routes ---
+
+  // Auth
+  app.post('/api/auth/login', wrapHandler((req, res) => auth.login(req, res)));
+  app.post('/api/auth/register', wrapHandler((req, res) => auth.register(req, res)));
+  app.post('/api/auth/logout', wrapHandler((req, res) => auth.logout(req, res)));
+  app.post('/api/auth/forgot-password', wrapHandler((req, res) => auth.forgotPassword(req, res)));
+  app.post('/api/auth/reset-password', wrapHandler((req, res) => auth.resetPassword(req, res)));
+  app.get('/api/auth/me', authMiddleware as any, wrapHandler((req, res) => auth.me(req, res)));
+
+  // Profile
+  app.post('/api/profile/update', webAuthMiddleware as any, wrapHandler((req, res) => profile.update(req, res)));
+  app.post('/api/profile/password', webAuthMiddleware as any, wrapHandler((req, res) => profile.changePassword(req, res)));
+  app.post('/api/profile/avatar', webAuthMiddleware as any, wrapHandler((req, res) => profile.uploadAvatar(req, res)));
+
+  // Users
+  app.get('/api/users', webAuthMiddleware as any, wrapHandler((req, res) => users.index(req, res)));
+  app.post('/api/users', webAuthMiddleware as any, wrapHandler((req, res) => users.store(req, res)));
+  app.put('/api/users/:id', webAuthMiddleware as any, wrapHandler((req, res) => users.update(req, res)));
+  app.delete('/api/users', webAuthMiddleware as any, wrapHandler((req, res) => users.destroy(req, res)));
+
+  // Uploads
+  app.post('/api/uploads', wrapHandler((req, res) => upload.upload(req, res)));
+  app.delete('/api/uploads/:filename', wrapHandler((req, res) => upload.delete(req, res)));
 }

package/templates/svelte/app/utils/route-helper.ts

@@ -10,17 +10,19 @@ export function wrapHandler(handler: NaraHandler): NaraHandler {
       await handler(req, res);
     } catch (error: any) {
       if (error instanceof ValidationError) {
-        return jsonValidationError(res, error.errors);
+        jsonValidationError(res, error.errors);
+        return;
       }
 
       // Handle other HttpErrors
       if (error.statusCode) {
-        return jsonError(res, error.message, error.statusCode);
+        jsonError(res, error.message, error.statusCode);
+        return;
       }
 
       // Unknown error
       console.error('[Unhandled Error]:', error);
-      return jsonError(res, 'Internal server error', 500);
+      jsonError(res, 'Internal server error', 500);
     }
   };
 }

package/templates/svelte/routes/web.ts

@@ -1,61 +1,74 @@
 import type { NaraApp } from '@nara-web/core';
-import { webAuthMiddleware, guestMiddleware } from '../app/middlewares/auth.js';
-import fs from 'fs';
-import path from 'path';
+import { AuthController } from '../app/controllers/AuthController.js';
+import { ProfileController } from '../app/controllers/ProfileController.js';
+import { UserController } from '../app/controllers/UserController.js';
+import { UploadController } from '../app/controllers/UploadController.js';
+import { authMiddleware, webAuthMiddleware, guestMiddleware } from '../app/middlewares/auth.js';
+import { wrapHandler } from '../app/utils/route-helper.js';
 
 export function registerRoutes(app: NaraApp) {
-  // Serve uploaded files
-  app.get('/uploads/*', (req, res) => {
-    const requestPath = req.path?.replace('/uploads/', '') || '';
-    const filePath = path.join(process.cwd(), 'uploads', requestPath);
-
-    if (fs.existsSync(filePath)) {
-      const ext = path.extname(filePath).toLowerCase();
-      const mimeTypes: Record<string, string> = {
-        '.webp': 'image/webp',
-        '.png': 'image/png',
-        '.jpg': 'image/jpeg',
-        '.jpeg': 'image/jpeg',
-        '.gif': 'image/gif',
-      };
-      res.setHeader('Content-Type', mimeTypes[ext] || 'application/octet-stream');
-      res.setHeader('Cache-Control', 'public, max-age=31536000');
-      res.send(fs.readFileSync(filePath));
-    } else {
-      res.status(404).send('Not found');
-    }
-  });
-
-  // Public routes
+  const auth = new AuthController();
+  const profile = new ProfileController();
+  const users = new UserController();
+  const upload = new UploadController();
+
+  // --- Page Routes (Inertia) ---
+
+  // Public
   app.get('/', (req, res) => {
-    res.inertia?.('landing', {
-      title: 'Welcome to NARA'
+    return res.inertia('landing', {
+        title: 'Welcome to NARA'
     });
   });
 
-  // Guest only routes (redirect to dashboard if logged in)
+  // Guest only
   app.get('/login', guestMiddleware as any, (req, res) => {
-    res.inertia?.('auth/login');
+    return res.inertia('auth/login');
   });
-
   app.get('/register', guestMiddleware as any, (req, res) => {
-    res.inertia?.('auth/register');
+    return res.inertia('auth/register');
   });
-
   app.get('/forgot-password', guestMiddleware as any, (req, res) => {
-    res.inertia?.('auth/forgot-password');
+    return res.inertia('auth/forgot-password');
+  });
+  app.get('/reset-password/:token', guestMiddleware as any, (req, res) => {
+    return res.inertia('auth/reset-password', { token: req.params.token });
   });
 
-  // Protected routes (redirect to login if not authenticated)
+  // Protected
   app.get('/dashboard', webAuthMiddleware as any, (req, res) => {
-    res.inertia?.('dashboard');
+    return res.inertia('dashboard');
   });
-
   app.get('/users', webAuthMiddleware as any, (req, res) => {
-    res.inertia?.('users');
+    return res.inertia('users');
   });
-
   app.get('/profile', webAuthMiddleware as any, (req, res) => {
-    res.inertia?.('profile');
+    return res.inertia('profile');
   });
+
+
+  // --- API Routes ---
+
+  // Auth
+  app.post('/api/auth/login', wrapHandler((req, res) => auth.login(req, res)));
+  app.post('/api/auth/register', wrapHandler((req, res) => auth.register(req, res)));
+  app.post('/api/auth/logout', wrapHandler((req, res) => auth.logout(req, res)));
+  app.post('/api/auth/forgot-password', wrapHandler((req, res) => auth.forgotPassword(req, res)));
+  app.post('/api/auth/reset-password', wrapHandler((req, res) => auth.resetPassword(req, res)));
+  app.get('/api/auth/me', authMiddleware as any, wrapHandler((req, res) => auth.me(req, res)));
+
+  // Profile
+  app.post('/api/profile/update', webAuthMiddleware as any, wrapHandler((req, res) => profile.update(req, res)));
+  app.post('/api/profile/password', webAuthMiddleware as any, wrapHandler((req, res) => profile.changePassword(req, res)));
+  app.post('/api/profile/avatar', webAuthMiddleware as any, wrapHandler((req, res) => profile.uploadAvatar(req, res)));
+
+  // Users
+  app.get('/api/users', webAuthMiddleware as any, wrapHandler((req, res) => users.index(req, res)));
+  app.post('/api/users', webAuthMiddleware as any, wrapHandler((req, res) => users.store(req, res)));
+  app.put('/api/users/:id', webAuthMiddleware as any, wrapHandler((req, res) => users.update(req, res)));
+  app.delete('/api/users', webAuthMiddleware as any, wrapHandler((req, res) => users.destroy(req, res)));
+
+  // Uploads
+  app.post('/api/uploads', wrapHandler((req, res) => upload.upload(req, res)));
+  app.delete('/api/uploads/:filename', wrapHandler((req, res) => upload.delete(req, res)));
 }

package/templates/svelte/server.ts

@@ -9,9 +9,11 @@ const app = createApp({
 });
 
 // Global error handler
-app.getServer().set_error_handler((req, res, error) => {
+app.getServer().set_error_handler((req, res, error: any) => {
   console.error('[Server Error]:', error);
-  return jsonError(res, error.message || 'Internal server error', error.statusCode || 500);
+  const message = error.message || 'Internal server error';
+  const status = error.statusCode || 500;
+  return jsonError(res, message, status);
 });
 
 registerRoutes(app);

package/templates/vue/routes/web.ts

@@ -1,17 +1,74 @@
 import type { NaraApp } from '@nara-web/core';
+import { AuthController } from '../app/controllers/AuthController.js';
+import { ProfileController } from '../app/controllers/ProfileController.js';
+import { UserController } from '../app/controllers/UserController.js';
+import { UploadController } from '../app/controllers/UploadController.js';
+import { authMiddleware, webAuthMiddleware, guestMiddleware } from '../app/middlewares/auth.js';
+import { wrapHandler } from '../app/utils/route-helper.js';
 
 export function registerRoutes(app: NaraApp) {
+  const auth = new AuthController();
+  const profile = new ProfileController();
+  const users = new UserController();
+  const upload = new UploadController();
+
+  // --- Page Routes (Inertia) ---
+
+  // Public
   app.get('/', (req, res) => {
     return res.inertia('landing', {
         title: 'Welcome to NARA'
     });
   });
 
-  app.get('/dashboard', (req, res) => {
-    return res.inertia('dashboard');
+  // Guest only
+  app.get('/login', guestMiddleware as any, (req, res) => {
+    return res.inertia('auth/login');
+  });
+  app.get('/register', guestMiddleware as any, (req, res) => {
+    return res.inertia('auth/register');
+  });
+  app.get('/forgot-password', guestMiddleware as any, (req, res) => {
+    return res.inertia('auth/forgot-password');
+  });
+  app.get('/reset-password/:token', guestMiddleware as any, (req, res) => {
+    return res.inertia('auth/reset-password', { token: req.params.token });
   });
 
-  app.get('/login', (req, res) => {
-    return res.inertia('auth/login');
+  // Protected
+  app.get('/dashboard', webAuthMiddleware as any, (req, res) => {
+    return res.inertia('dashboard');
   });
+  app.get('/users', webAuthMiddleware as any, (req, res) => {
+    return res.inertia('users');
+  });
+  app.get('/profile', webAuthMiddleware as any, (req, res) => {
+    return res.inertia('profile');
+  });
+
+
+  // --- API Routes ---
+
+  // Auth
+  app.post('/api/auth/login', wrapHandler((req, res) => auth.login(req, res)));
+  app.post('/api/auth/register', wrapHandler((req, res) => auth.register(req, res)));
+  app.post('/api/auth/logout', wrapHandler((req, res) => auth.logout(req, res)));
+  app.post('/api/auth/forgot-password', wrapHandler((req, res) => auth.forgotPassword(req, res)));
+  app.post('/api/auth/reset-password', wrapHandler((req, res) => auth.resetPassword(req, res)));
+  app.get('/api/auth/me', authMiddleware as any, wrapHandler((req, res) => auth.me(req, res)));
+
+  // Profile
+  app.post('/api/profile/update', webAuthMiddleware as any, wrapHandler((req, res) => profile.update(req, res)));
+  app.post('/api/profile/password', webAuthMiddleware as any, wrapHandler((req, res) => profile.changePassword(req, res)));
+  app.post('/api/profile/avatar', webAuthMiddleware as any, wrapHandler((req, res) => profile.uploadAvatar(req, res)));
+
+  // Users
+  app.get('/api/users', webAuthMiddleware as any, wrapHandler((req, res) => users.index(req, res)));
+  app.post('/api/users', webAuthMiddleware as any, wrapHandler((req, res) => users.store(req, res)));
+  app.put('/api/users/:id', webAuthMiddleware as any, wrapHandler((req, res) => users.update(req, res)));
+  app.delete('/api/users', webAuthMiddleware as any, wrapHandler((req, res) => users.destroy(req, res)));
+
+  // Uploads
+  app.post('/api/uploads', wrapHandler((req, res) => upload.upload(req, res)));
+  app.delete('/api/uploads/:filename', wrapHandler((req, res) => upload.delete(req, res)));
 }

package/templates/features/auth/routes/auth.ts

@@ -1,60 +0,0 @@
-import type { NaraApp } from '@nara-web/core';
-import { AuthController } from '../app/controllers/AuthController.js';
-import { ProfileController } from '../app/controllers/ProfileController.js';
-import { UserController } from '../app/controllers/UserController.js';
-import { authMiddleware, webAuthMiddleware } from '../app/middlewares/auth.js';
-import { wrapHandler } from '../app/utils/route-helper.js';
-
-export function registerAuthRoutes(app: NaraApp) {
-  const auth = new AuthController();
-  const profile = new ProfileController();
-  const users = new UserController();
-
-  // ===== Auth Routes =====
-  // Public routes
-  app.post('/api/auth/login', wrapHandler(async (req, res) => {
-    await auth.login(req, res);
-  }));
-  app.post('/api/auth/register', wrapHandler(async (req, res) => {
-    await auth.register(req, res);
-  }));
-  app.post('/api/auth/logout', wrapHandler(async (req, res) => {
-    await auth.logout(req, res);
-  }));
-  app.post('/api/auth/forgot-password', wrapHandler(async (req, res) => {
-    await auth.forgotPassword(req, res);
-  }));
-  app.post('/api/auth/reset-password', wrapHandler(async (req, res) => {
-    await auth.resetPassword(req, res);
-  }));
-
-  // Protected API routes (Bearer token)
-  app.get('/api/auth/me', authMiddleware as any, wrapHandler(async (req, res) => {
-    await auth.me(req, res);
-  }));
-
-  // ===== Profile Routes (cookie-based auth) =====
-  app.post('/api/profile/update', webAuthMiddleware as any, wrapHandler(async (req, res) => {
-    await profile.update(req, res);
-  }));
-  app.post('/api/profile/password', webAuthMiddleware as any, wrapHandler(async (req, res) => {
-    await profile.changePassword(req, res);
-  }));
-  app.post('/api/profile/avatar', webAuthMiddleware as any, wrapHandler(async (req, res) => {
-    await profile.uploadAvatar(req, res);
-  }));
-
-  // ===== User Management Routes (cookie-based auth, admin only) =====
-  app.get('/api/users', webAuthMiddleware as any, wrapHandler(async (req, res) => {
-    await users.index(req, res);
-  }));
-  app.post('/api/users', webAuthMiddleware as any, wrapHandler(async (req, res) => {
-    await users.store(req, res);
-  }));
-  app.put('/api/users/:id', webAuthMiddleware as any, wrapHandler(async (req, res) => {
-    await users.update(req, res);
-  }));
-  app.delete('/api/users', webAuthMiddleware as any, wrapHandler(async (req, res) => {
-    await users.destroy(req, res);
-  }));
-}

package/templates/features/uploads/routes/uploads.ts

@@ -1,14 +0,0 @@
-import type { NaraApp } from '@nara-web/core';
-import { UploadController } from '../app/controllers/UploadController.js';
-import { wrapHandler } from '../app/utils/route-helper.js';
-
-export function registerUploadRoutes(app: NaraApp) {
-  const upload = new UploadController();
-
-  app.post('/api/uploads', wrapHandler(async (req, res) => {
-    await upload.upload(req, res);
-  }));
-  app.delete('/api/uploads/:filename', wrapHandler(async (req, res) => {
-    await upload.delete(req, res);
-  }));
-}