npm - create-seamless - Versions diffs - 0.0.3 → 0.0.5 - Mend

create-seamless 0.0.3 → 0.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/index.js +181 -23
package/package.json +7 -1
package/.github/workflows/release.yml +0 -40
package/SECURITY.md +0 -80

package/index.js CHANGED Viewed

@@ -13,6 +13,34 @@ const streamPipeline = promisify(pipeline);
 const MIN_NODE_MAJOR = 18;
 const nodeMajor = Number(process.versions.node.split(".")[0]);
+function printHelp() {
+  console.log(`
+create-seamless
+Scaffold a local Seamless Auth development environment.
+Usage:
+  npx create-seamless [project-name] [options]
+Options:
+  --auth           Include the Seamless Auth server
+  --api            Include the Express API example
+  --web            Include the React web application
+  --no-git         Skip git initialization
+  --auth-port <n>  Auth server port (default: 5312)
+  --api-port <n>   API server port (default: 3000)
+  --web-port <n>   Web server port (default: 5173)
+  -h, --help       Show this help message
+If no component flags are provided, all components are included.
+Docs:
+  https://docs.seamlessauth.com
+`);
+}
 if (nodeMajor < MIN_NODE_MAJOR) {
   console.error(`
 ❌ Seamless requires Node ${MIN_NODE_MAJOR}+.
@@ -24,6 +52,11 @@ Upgrade at https://nodejs.org
 }
 const args = process.argv.slice(2);
+if (args.includes("-h") || args.includes("--help")) {
+  printHelp();
+  process.exit(0);
+}
 const projectName = args.find((a) => !a.startsWith("--")) ?? "seamless-app";
 const hasFlag = (flag) => args.includes(`--${flag}`);
@@ -35,12 +68,11 @@ const getFlag = (flag, fallback) => {
 const includeAuth = hasFlag("auth");
 const includeWeb = hasFlag("web");
 const includeApi = hasFlag("api");
-const installDeps = hasFlag("install");
 const skipGit = hasFlag("no-git");
 const authPort = getFlag("auth-port", "5312");
 const apiPort = getFlag("api-port", "3000");
-const webPort = getFlag("web-port", "5173");
+const webPort = getFlag("web-port", "5001");
 const wantsSomething = includeAuth || includeWeb || includeApi;
 const AUTH = wantsSomething ? includeAuth : true;
@@ -71,9 +103,10 @@ It is designed for development environments where you want:
 \`\`\`text
 .
-├─ auth/        # Seamless Auth open source server
-├─ api/         # Backend API server (optional)
-├─ web/         # Frontend web application (optional)
+├─ auth/                # Seamless Auth open source server
+├─ api/                 # Backend API server (optional)
+├─ web/                 # Frontend web application (optional)
+├─ Docker-compose.yml   # Docker compose for one command spin up of dev environment
 └─ README.md
 \`\`\`
@@ -81,6 +114,54 @@ It is designed for development environments where you want:
 ## Running the stack
+### Running with Docker (optional)
+This project includes a Docker Compose configuration that allows you to run the
+entire Seamless Auth stack locally with a single command.
+### Requirements
+* Docker
+* Docker Compose
+### Start the stack
+From the project root, run:
+\`\`\`bash
+docker compose up
+\`\`\`
+This will start the following services in development mode:
+* Postgres database
+* Seamless Auth server
+* API server
+* Web UI
+All services are configured with hot reload. Changes to the source code will be
+picked up automatically.
+### Access the application
+Once all services are running, open:
+\`\`\`
+http://localhost:5001
+\`\`\`
+This is the main entry point for the web application.
+### Stopping the stack
+To stop all services:
+\`\`\`bash
+docker compose down
+\`\`\`
+This will shut down all containers while preserving the local database volume.
 Open separate terminals and run each service independently.
 ### Auth server
@@ -90,7 +171,7 @@ cd auth
 npm run dev
 \`\`\`
-Default port: \`3000\`
+Default port: \`5312\`
 ---
@@ -101,7 +182,7 @@ cd api
 npm run dev
 \`\`\`
-Default port: \`4000\`
+Default port: \`3000\`
 ---
@@ -112,7 +193,7 @@ cd web
 npm run dev
 \`\`\`
-Default port: \`5173\`
+Default port: \`5001\`
 ---
@@ -145,6 +226,72 @@ includes.
 Review each subproject for its specific license before deploying to production.
 `;
+const GENERATED_DOCKER_COMPOSE = `
+version: "3.9"
+services:
+  db:
+    image: postgres:16
+    container_name: seamless-db
+    ports:
+      - "5432:5432"
+    environment:
+      POSTGRES_USER: seamless
+      POSTGRES_PASSWORD: seamless
+      POSTGRES_DB: seamless
+    volumes:
+      - pgdata:/var/lib/postgresql/data
+  auth:
+    container_name: seamless-auth
+    build: ./auth
+    ports:
+      - "${authPort}:${authPort}"
+    env_file:
+      - ./auth/.env
+    environment:
+      - DB_HOST: db
+      - ISSUER=http://auth:${authPort}
+    volumes:
+      - ./auth:/app
+      - /app/node_modules
+    depends_on:
+      - db
+  api:
+    container_name: seamless-api
+    build: ./api
+    ports:
+      - "${apiPort}:${apiPort}"
+    env_file:
+      - ./api/.env
+    environment:
+      - AUTH_SERVER_URL=http://auth:${authPort}
+    volumes:
+      - ./api:/app
+      - /app/node_modules
+    depends_on:
+      - auth
+      - db
+  web:
+    container_name: seamless-web
+    build: ./web
+    ports:
+      - "${webPort}:${webPort}"
+    env_file:
+      - ./web/.env
+    volumes:
+      - ./web:/app
+      - /app/node_modules
+    depends_on:
+      - auth
+      - api
+volumes:
+  pgdata:
+`;
 function writeEnv(dir, values) {
   const env = Object.entries(values)
     .map(([k, v]) => `${k}=${v}`)
@@ -202,8 +349,8 @@ async function downloadRepo(repo, dest) {
       VERSION: "1.0.0",
       APP_NAME: "Seamless Auth Example",
       APP_ID: "local-dev",
-      APP_ORIGIN: "http://localhost:3000",
-      ISSUER: "http://localhost:5312",
+      APP_ORIGIN: `http://localhost:${apiPort}`,
+      ISSUER: `http://localhost:${authPort}`,
       AUTH_MODE: "server",
       DEMO: "true",
@@ -211,7 +358,11 @@ async function downloadRepo(repo, dest) {
       DEFAULT_ROLES: "user,betaUser",
       AVAILABLE_ROLES: "user,admin,betaUser,team",
-      DATABASE_URL: "postgres://myuser:mypassword@localhost:5432/seamless-auth",
+      DB_HOST: "localhost",
+      DB_PORT: "5432",
+      DB_NAME: "seamless-auth",
+      DB_USER: "myuser",
+      DB_PASSWORD: "mypassword",
       ACCESS_TOKEN_TTL: "30m",
       REFRESH_TOKEN_TTL: "1h",
@@ -223,7 +374,7 @@ async function downloadRepo(repo, dest) {
       JWKS_ACTIVE_KID: "dev-main",
       RPID: "localhost",
-      ORIGINS: "http://localhost:3000",
+      ORIGINS: `http://localhost:${apiPort}`,
     });
   }
@@ -234,11 +385,17 @@ async function downloadRepo(repo, dest) {
     await downloadRepo(REPOS.api, dir);
     writeEnv(dir, {
-      AUTH_SERVER_URL: `http://localhost${authPort}`,
-      APP_ORIGIN: `http://localhost:${apiPort}`,
+      AUTH_SERVER_URL: `http://localhost:${authPort}`,
+      APP_ORIGIN: `http://localhost:${webPort}`,
       COOKIE_SIGNING_KEY: randomBytes(32).toString("hex"),
       API_SERVICE_TOKEN: API_SERVICE_TOKEN,
-      DATABASE_URL: `postgres://myuser:mypassword@localhost:5432/seamless`,
+      DB_HOST: "localhost",
+      DB_PORT: "5432",
+      DB_NAME: "seamless-auth",
+      DB_USER: "myuser",
+      DB_PASSWORD: "mypassword",
       DB_NAME: "seamless",
       SQL_LOGGING: "false",
     });
@@ -263,14 +420,11 @@ async function downloadRepo(repo, dest) {
     execSync("git init", { cwd: root });
   }
-  if (installDeps) {
-    for (const dir of ["auth", "api", "web"]) {
-      const full = path.join(root, dir);
-      if (fs.existsSync(full)) {
-        console.log(`Installing deps in ${dir}...`);
-        execSync("npm install", { cwd: full, stdio: "inherit" });
-      }
-    }
+  if (AUTH && API && WEB) {
+    fs.writeFileSync(
+      path.join(root, "Docker-compose.yml"),
+      GENERATED_DOCKER_COMPOSE,
+    );
   }
   console.log(`
@@ -293,6 +447,10 @@ Start development:
   # terminal 3
   cd web && npm i && npm run dev
+  or if using Docker
+  docker compose up
 Docs: https://docs.seamlessauth.com/docs
 Happy hacking. 🚀
 `);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "create-seamless",
-  "version": "0.0.3",
+  "version": "0.0.5",
   "description": "The starter script for Seamless Auth",
   "homepage": "https://github.com/fells-code/create-seamless#readme",
   "bugs": {
@@ -14,6 +14,12 @@
   "author": "Fells Code, LLC",
   "type": "module",
   "main": "index.js",
+  "files": [
+    "index.js",
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1"
   },

package/.github/workflows/release.yml DELETED Viewed

@@ -1,40 +0,0 @@
-name: Publish to npm
-on:
-  push:
-    tags:
-      - "v*.*.*"
-permissions:
-  contents: read
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: Use Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: 20
-          registry-url: https://registry.npmjs.org
-      - name: Install dependencies
-        run: npm ci
-      - name: Verify tag matches package version
-        run: |
-          TAG_VERSION=${GITHUB_REF#refs/tags/v}
-          PKG_VERSION=$(node -p "require('./package.json').version")
-          if [ "$TAG_VERSION" != "$PKG_VERSION" ]; then
-            echo "Tag version ($TAG_VERSION) does not match package.json version ($PKG_VERSION)"
-            exit 1
-          fi
-      - name: Publish to npm
-        run: npm publish
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

package/SECURITY.md DELETED Viewed

@@ -1,80 +0,0 @@
-# Security Policy
-## Reporting a Vulnerability
-Seamless Auth takes security seriously.
-We appreciate responsible disclosure and will work quickly with researchers and users to investigate and resolve issues.
-**Please do not report security vulnerabilities through public GitHub issues.**
----
-## How to Report
-If you believe you have found a security vulnerability, please report it privately by emailing:
-security@seamlessauth.com
-Include as much detail as possible:
-- A clear description of the issue
-- Steps to reproduce (proof-of-concept if available)
-- Affected package(s) and version(s)
-- Potential impact (authentication bypass, privilege escalation, data exposure, etc.)
-Encrypted reports are welcome. If you need a public PGP key, request one in your initial email.
----
-## Scope
-This policy applies to:
-- @seamless-auth/core
-- @seamless-auth/express
-- @seamless-auth/react
-- Seamless Auth Api
-- Create seamless
-- Official Docker images published under the Seamless Auth organization
-Third-party dependencies are not covered, but reports identifying vulnerable dependency usage are appreciated.
----
-## What to Expect
-- **Acknowledgement** within 72 hours
-- **Initial assessment** within 5 business days
-- **Fix or mitigation** as quickly as possible depending on severity
-We will coordinate disclosure timing with you if a fix requires public communication.
----
-## Supported Versions
-Security fixes are applied to:
-- The latest published version
-- The current development branch
-Older versions may not receive patches unless the issue is critical.
----
-## Responsible Disclosure
-We kindly ask that you:
-- Allow reasonable time to investigate and remediate
-- Avoid exploiting vulnerabilities beyond proof-of-concept
-- Avoid public disclosure until a fix is released or coordinated
-We believe responsible disclosure helps keep the ecosystem safer for everyone.
----
-Thank you for helping keep Seamless Auth secure.
-— Fells Code, LLC
-https://seamlessauth.com