npm - create-sprint - Versions diffs - 0.0.48 → 0.0.54 - Mend

create-sprint 0.0.48 → 0.0.54

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/generators.js CHANGED Viewed

@@ -1,7 +1,7 @@
 import * as crypto from "node:crypto";
 export function generateJWTKeys() {
-    const keys = crypto.generateKeyPairSync("ec", {
-        namedCurve: "prime256v1",
+    const keys = crypto.generateKeyPairSync("rsa", {
+        modulusLength: 4096,
         publicKeyEncoding: { type: "spki", format: "pem" },
         privateKeyEncoding: { type: "pkcs8", format: "pem" }
     });
@@ -130,22 +130,24 @@ export function getHomeRoute(language) {
     if (language === "typescript") {
         return `import { Router } from "sprint-es";
 import { homeSchema } from "@/schemas/home";
-import { homeController } from "@/controllers/home";
+import { homeController, jwtValidateController } from "@/controllers/home";
 const router = Router();
 router.get("/", homeSchema, homeController);
+router.post("/jwt/validate", jwtValidateController);
 export default router;
 `;
     }
     return `import { Router } from "sprint-es";
 import { homeSchema } from "../schemas/home.js";
-import { homeController } from "../controllers/home.js";
+import { homeController, jwtValidateController } from "../controllers/home.js";
 const router = Router();
 router.get("/", homeSchema, homeController);
+router.post("/jwt/validate", jwtValidateController);
 export default router;
 `;
@@ -154,67 +156,109 @@ export function getAdminRoute(language) {
     if (language === "typescript") {
         return `import { Router } from "sprint-es";
 import { adminSchema, jwtGenerateSchema } from "@/schemas/admin";
-import { adminController, adminUsersController, jwtGenerateController, jwtValidateController } from "@/controllers/admin";
+import { adminController, adminUsersController, jwtGenerateController } from "@/controllers/admin";
 const router = Router();
 router.get("/", adminSchema, adminController);
 router.get("/users", adminSchema, adminUsersController);
 router.post("/jwt/generate", jwtGenerateSchema, jwtGenerateController);
-router.post("/jwt/validate", jwtValidateController);
 export default router;
 `;
     }
     return `import { Router } from "sprint-es";
 import { adminSchema, jwtGenerateSchema } from "../schemas/admin.js";
-import { adminController, adminUsersController, jwtGenerateController, jwtValidateController } from "../controllers/admin.js";
+import { adminController, adminUsersController, jwtGenerateController } from "../controllers/admin.js";
 const router = Router();
 router.get("/", adminSchema, adminController);
 router.get("/users", adminSchema, adminUsersController);
 router.post("/jwt/generate", jwtGenerateSchema, jwtGenerateController);
-router.post("/jwt/validate", jwtValidateController);
 export default router;
 `;
 }
 export function getHomeController(language) {
     if (language === "typescript") {
-        return `import { Handler } from "sprint-es";
+        return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
-export const homeController: Handler = (req, res) => {
+export const homeController: Handler = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         message: "Hello World",
         status: "ok"
     });
 };
+export const jwtValidateController: Handler = (req: SprintRequest, res: SprintResponse) => {
+    const token = req.sprint?.getAuthorization() || req.headers.authorization;
+    if (!token) {
+        return res.status(401).json({ error: "No token provided" });
+    }
+    try {
+        const { publicKey, encryptionSecret } = getJwtFromEnv();
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);
+        if (!decoded) {
+            return res.status(401).json({ error: "Invalid token" });
+        }
+        res.json({ valid: true, payload: decoded });
+    } catch (error) {
+        return res.status(500).json({ error: "JWT not configured" });
+    }
+};
 `;
     }
-    return `import { Handler } from "sprint-es";
+    return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
-export const homeController = (req, res) => {
+export const homeController = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         message: "Hello World",
         status: "ok"
     });
 };
+export const jwtValidateController = (req: SprintRequest, res: SprintResponse) => {
+    const token = req.sprint?.getAuthorization() || req.headers.authorization;
+    if (!token) {
+        return res.status(401).json({ error: "No token provided" });
+    }
+    try {
+        const { publicKey, encryptionSecret } = getJwtFromEnv();
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);
+        if (!decoded) {
+            return res.status(401).json({ error: "Invalid token" });
+        }
+        res.json({ valid: true, payload: decoded });
+    } catch (error) {
+        return res.status(500).json({ error: "JWT not configured" });
+    }
+};
 `;
 }
 export function getAdminController(language) {
     if (language === "typescript") {
-        return `import { Handler } from "sprint-es";
-import { signEncrypted, verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+        return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
+import { signEncrypted, getJwtFromEnv } from "sprint-es/jwt";
-export const adminController: Handler = (req, res) => {
+export const adminController: Handler = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         message: "Admin Dashboard",
         status: "ok"
     });
 };
-export const adminUsersController: Handler = (req, res) => {
+export const adminUsersController: Handler = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         users: [
             { id: 1, name: "John Doe", role: "admin" },
@@ -223,52 +267,31 @@ export const adminUsersController: Handler = (req, res) => {
     });
 };
-export const jwtGenerateController: Handler = (req, res) => {
+export const jwtGenerateController: Handler = (req: SprintRequest, res: SprintResponse) => {
     const { userId, role } = req.body || {};
     try {
         const { privateKey } = getJwtFromEnv();
         const payload = { userId, role: role || "user" };
-        const token = signEncrypted(payload, privateKey, { expiresIn: "1h" });
+        const token = signEncrypted(payload, privateKey, encryptionSecret, { expiresIn: "1h" });
         res.json({ token });
     } catch (error) {
         return res.status(500).json({ error: "JWT not configured" });
     }
 };
-export const jwtValidateController: Handler = (req, res) => {
-    const token = req.sprint?.getAuthorization() || req.headers.authorization;
-    if (!token) {
-        return res.status(401).json({ error: "No token provided" });
-    }
-    try {
-        const { publicKey } = getJwtFromEnv();
-        const decoded = verifyEncrypted(token, publicKey);
-        if (!decoded) {
-            return res.status(401).json({ error: "Invalid token" });
-        }
-        res.json({ valid: true, payload: decoded });
-    } catch (error) {
-        return res.status(500).json({ error: "JWT not configured" });
-    }
-};
 `;
     }
-    return `import { Handler } from "sprint-es";
-import { signEncrypted, verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+    return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
+import { signEncrypted, getJwtFromEnv } from "sprint-es/jwt";
-export const adminController = (req, res) => {
+export const adminController = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         message: "Admin Dashboard",
         status: "ok"
     });
 };
-export const adminUsersController = (req, res) => {
+export const adminUsersController = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         users: [
             { id: 1, name: "John Doe", role: "admin" },
@@ -277,39 +300,18 @@ export const adminUsersController = (req, res) => {
     });
 };
-export const jwtGenerateController = (req, res) => {
+export const jwtGenerateController = (req: SprintRequest, res: SprintResponse) => {
     const { userId, role } = req.body || {};
     try {
-        const { privateKey } = getJwtFromEnv();
+        const { privateKey, encryptionSecret } = getJwtFromEnv();
         const payload = { userId, role: role || "user" };
-        const token = signEncrypted(payload, privateKey, { expiresIn: "1h" });
+        const token = signEncrypted(payload, privateKey, encryptionSecret, { expiresIn: "1h" });
         res.json({ token });
     } catch (error) {
         return res.status(500).json({ error: "JWT not configured" });
     }
 };
-export const jwtValidateController = (req, res) => {
-    const token = req.sprint?.getAuthorization() || req.headers.authorization;
-    if (!token) {
-        return res.status(401).json({ error: "No token provided" });
-    }
-    try {
-        const { publicKey } = getJwtFromEnv();
-        const decoded = verifyEncrypted(token, publicKey);
-        if (!decoded) {
-            return res.status(401).json({ error: "Invalid token" });
-        }
-        res.json({ valid: true, payload: decoded });
-    } catch (error) {
-        return res.status(500).json({ error: "JWT not configured" });
-    }
-};
 `;
 }
 export function getHomeSchema(language) {
@@ -366,26 +368,21 @@ export const jwtGenerateSchema = defineRouteSchema({
 });
 `;
 }
-export function getAuthMiddleware(language) {
+export function getInternalAuthMiddleware(language) {
     if (language === "typescript") {
         return `import { defineMiddleware } from "sprint-es";
 export default defineMiddleware({
-    name: "auth",
+    name: "adminAuth",
     priority: 10,
     include: "/admin/**",
     handler: (req, res, next) => {
         const auth = req.sprint.getAuthorization();
-        if (!auth) {
-            return res.status(401).json({ error: "No authorization header" });
-        }
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
         const token = auth.replace("Bearer ", "");
-        if (token !== "admin-token") {
-            return res.status(403).json({ error: "Invalid token" });
-        }
+        if (token !== "admin-token") return res.status(403).json({ error: "Invalid token" });
         next();
     }
@@ -395,21 +392,72 @@ export default defineMiddleware({
     return `import { defineMiddleware } from "sprint-es";
 export default defineMiddleware({
-    name: "auth",
+    name: "adminAuth",
     priority: 10,
     include: "/admin/**",
     handler: (req, res, next) => {
         const auth = req.sprint.getAuthorization();
+        if (!auth)  return res.status(401).json({ error: "No authorization header" });
+        const token = auth.replace("Bearer ", "");
-        if (!auth) {
-            return res.status(401).json({ error: "No authorization header" });
-        }
+        if (token !== "admin-token") return res.status(403).json({ error: "Invalid token" });
+        next();
+    }
+});
+`;
+}
+export function getUserAuthMiddleware(language) {
+    if (language === "typescript") {
+        return `import { defineMiddleware } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+const { publicKey, encryptionSecret } = getJwtFromEnv();
+export default defineMiddleware({
+    name: "userAuth",
+    priority: 10,
+    include: "/**",
+    exclude: "/admin/**",
+    handler: (req, res, next) => {
+        const auth = req.sprint.getAuthorization();
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
         const token = auth.replace("Bearer ", "");
-        if (token !== "admin-token") {
-            return res.status(403).json({ error: "Invalid token" });
-        }
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);cd .
+        if (!decoded) return res.status(403).json({ error: "Invalid token" });
+        req.custom.user = decoded;
+        next();
+    }
+});
+`;
+    }
+    return `import { defineMiddleware } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+const { publicKey, encryptionSecret } = getJwtFromEnv();
+export default defineMiddleware({
+    name: "userAuth",
+    priority: 10,
+    include: "/**",
+    exclude: "/admin/**",
+    handler: (req, res, next) => {
+        const auth = req.sprint.getAuthorization();
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
+        const token = auth.replace("Bearer ", "");
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);
+        if (!decoded) return res.status(403).json({ error: "Invalid token" });
+        req.custom.user = decoded;
         next();
     }
@@ -614,6 +662,7 @@ export function getEnvDevelopment(telemetry) {
 PORT=5000
 JWT_PUBLIC_KEY='${keys.publicKey}'
 JWT_PRIVATE_KEY='${keys.privateKey}'
+JWT_ENCRYPTION_SECRET='${crypto.randomBytes(32).toString("hex")}'
 `;
     if (telemetry === "sentry" || telemetry === "glitchtip") {
         env += `
@@ -635,6 +684,7 @@ export function getEnvProduction(telemetry) {
 PORT=5000
 JWT_PUBLIC_KEY='${keys.publicKey}'
 JWT_PRIVATE_KEY='${keys.privateKey}'
+JWT_ENCRYPTION_SECRET='${crypto.randomBytes(32).toString("hex")}'
 `;
     if (telemetry === "sentry" || telemetry === "glitchtip") {
         env += `

package/dist/index.js CHANGED Viewed

@@ -2,9 +2,10 @@ import { spawn } from "child_process";
 import { existsSync } from "fs";
 import { mkdir, writeFile as fsWriteFile } from "fs/promises";
 import { join } from "path";
+import color from "picocolors";
 import * as p from "@clack/prompts";
 import { validateProjectName } from "./validators.js";
-import { getTypeScriptPackageJson, getJavaScriptPackageJson, getTsConfig, getViteConfig, getMainFile, getHomeRoute, getAdminRoute, getHomeController, getAdminController, getAuthMiddleware, getHomeSchema, getAdminSchema, getDockerfile, getDockerCompose, getGitignore, getDockerIgnore, getSprintConfigFile, getEnvDevelopment, getEnvProduction, getExampleCronJob } from "./generators.js";
+import { getTypeScriptPackageJson, getJavaScriptPackageJson, getTsConfig, getViteConfig, getMainFile, getHomeRoute, getAdminRoute, getHomeController, getAdminController, getInternalAuthMiddleware, getUserAuthMiddleware, getHomeSchema, getAdminSchema, getDockerfile, getDockerCompose, getGitignore, getDockerIgnore, getSprintConfigFile, getEnvDevelopment, getEnvProduction, getExampleCronJob } from "./generators.js";
 export async function writeFile(path, content, options) {
     if (typeof content === "string")
         content = content.trimEnd();
@@ -14,6 +15,7 @@ export async function writeFile(path, content, options) {
 export async function runCLI(args) {
     const options = parseArgs(args);
     p.intro("Sprint — Quickly API Framework");
+    p.intro(`${color.bgCyan(color.black(' create-sprint-app '))}`);
     const config = await p.group({
         projectName: () => p.text({
             message: "Project name:",
@@ -49,12 +51,13 @@ export async function runCLI(args) {
     await createProject(config.projectName, config.language, config.telemetry, config.docker);
     s.stop("Project created");
     const installDeps = await p.confirm({ message: "Install dependencies now?", initialValue: true });
+    const npmCmd = process.platform === "win32" ? "npm.cmd" : "npm";
     if (installDeps) {
         const s2 = p.spinner();
         s2.start("Installing dependencies");
         try {
             await new Promise((resolve, reject) => {
-                const child = spawn("npm", ["install"], {
+                const child = spawn(npmCmd, ["install"], {
                     cwd: targetDir,
                     stdio: "pipe"
                 });
@@ -64,6 +67,7 @@ export async function runCLI(args) {
                     else
                         reject(new Error(`npm install exited with code ${code}`));
                 });
+                child.on("error", reject);
             });
             s2.stop("Dependencies installed");
         }
@@ -154,7 +158,8 @@ async function createProject(projectName, language, telemetry, useDocker) {
     await writeFile(join(srcDir, "routes", "admin." + (language === "typescript" ? "ts" : "js")), getAdminRoute(language));
     await writeFile(join(srcDir, "controllers", "home." + (language === "typescript" ? "ts" : "js")), getHomeController(language));
     await writeFile(join(srcDir, "controllers", "admin." + (language === "typescript" ? "ts" : "js")), getAdminController(language));
-    await writeFile(join(srcDir, "middlewares", "auth." + (language === "typescript" ? "ts" : "js")), getAuthMiddleware(language));
+    await writeFile(join(srcDir, "middlewares", "auth.internal." + (language === "typescript" ? "ts" : "js")), getInternalAuthMiddleware(language));
+    await writeFile(join(srcDir, "middlewares", "auth.user." + (language === "typescript" ? "ts" : "js")), getUserAuthMiddleware(language));
     await writeFile(join(srcDir, "schemas", "home." + (language === "typescript" ? "ts" : "js")), getHomeSchema(language));
     await writeFile(join(srcDir, "schemas", "admin." + (language === "typescript" ? "ts" : "js")), getAdminSchema(language));
     await writeFile(join(srcDir, "cronjobs", "example." + (language === "typescript" ? "ts" : "js")), getExampleCronJob(language));

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "create-sprint",
-    "version": "0.0.48",
+    "version": "0.0.54",
     "description": "Create a new Sprint API project",
     "type": "module",
     "bin": {

package/src/generators.ts CHANGED Viewed

@@ -6,8 +6,8 @@ export interface JWTKeys {
 }
 export function generateJWTKeys(): JWTKeys {
-    const keys = crypto.generateKeyPairSync("ec", {
-        namedCurve: "prime256v1",
+    const keys = crypto.generateKeyPairSync("rsa", {
+        modulusLength: 4096,
         publicKeyEncoding: { type: "spki", format: "pem" },
         privateKeyEncoding: { type: "pkcs8", format: "pem" }
     }) as unknown as { publicKey: string; privateKey: string };
@@ -146,22 +146,24 @@ export function getHomeRoute(language: string) {
     if (language === "typescript") {
         return `import { Router } from "sprint-es";
 import { homeSchema } from "@/schemas/home";
-import { homeController } from "@/controllers/home";
+import { homeController, jwtValidateController } from "@/controllers/home";
 const router = Router();
 router.get("/", homeSchema, homeController);
+router.post("/jwt/validate", jwtValidateController);
 export default router;
 `;
     }
     return `import { Router } from "sprint-es";
 import { homeSchema } from "../schemas/home.js";
-import { homeController } from "../controllers/home.js";
+import { homeController, jwtValidateController } from "../controllers/home.js";
 const router = Router();
 router.get("/", homeSchema, homeController);
+router.post("/jwt/validate", jwtValidateController);
 export default router;
 `;
@@ -171,28 +173,26 @@ export function getAdminRoute(language: string) {
     if (language === "typescript") {
         return `import { Router } from "sprint-es";
 import { adminSchema, jwtGenerateSchema } from "@/schemas/admin";
-import { adminController, adminUsersController, jwtGenerateController, jwtValidateController } from "@/controllers/admin";
+import { adminController, adminUsersController, jwtGenerateController } from "@/controllers/admin";
 const router = Router();
 router.get("/", adminSchema, adminController);
 router.get("/users", adminSchema, adminUsersController);
 router.post("/jwt/generate", jwtGenerateSchema, jwtGenerateController);
-router.post("/jwt/validate", jwtValidateController);
 export default router;
 `;
     }
     return `import { Router } from "sprint-es";
 import { adminSchema, jwtGenerateSchema } from "../schemas/admin.js";
-import { adminController, adminUsersController, jwtGenerateController, jwtValidateController } from "../controllers/admin.js";
+import { adminController, adminUsersController, jwtGenerateController } from "../controllers/admin.js";
 const router = Router();
 router.get("/", adminSchema, adminController);
 router.get("/users", adminSchema, adminUsersController);
 router.post("/jwt/generate", jwtGenerateSchema, jwtGenerateController);
-router.post("/jwt/validate", jwtValidateController);
 export default router;
 `;
@@ -200,40 +200,84 @@ export default router;
 export function getHomeController(language: string) {
     if (language === "typescript") {
-        return `import { Handler } from "sprint-es";
+        return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
-export const homeController: Handler = (req, res) => {
+export const homeController: Handler = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         message: "Hello World",
         status: "ok"
     });
 };
+export const jwtValidateController: Handler = (req: SprintRequest, res: SprintResponse) => {
+    const token = req.sprint?.getAuthorization() || req.headers.authorization;
+    if (!token) {
+        return res.status(401).json({ error: "No token provided" });
+    }
+    try {
+        const { publicKey, encryptionSecret } = getJwtFromEnv();
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);
+        if (!decoded) {
+            return res.status(401).json({ error: "Invalid token" });
+        }
+        res.json({ valid: true, payload: decoded });
+    } catch (error) {
+        return res.status(500).json({ error: "JWT not configured" });
+    }
+};
 `;
     }
-    return `import { Handler } from "sprint-es";
+    return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
-export const homeController = (req, res) => {
+export const homeController = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         message: "Hello World",
         status: "ok"
     });
 };
+export const jwtValidateController = (req: SprintRequest, res: SprintResponse) => {
+    const token = req.sprint?.getAuthorization() || req.headers.authorization;
+    if (!token) {
+        return res.status(401).json({ error: "No token provided" });
+    }
+    try {
+        const { publicKey, encryptionSecret } = getJwtFromEnv();
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);
+        if (!decoded) {
+            return res.status(401).json({ error: "Invalid token" });
+        }
+        res.json({ valid: true, payload: decoded });
+    } catch (error) {
+        return res.status(500).json({ error: "JWT not configured" });
+    }
+};
 `;
 }
 export function getAdminController(language: string) {
     if (language === "typescript") {
-        return `import { Handler } from "sprint-es";
-import { signEncrypted, verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+        return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
+import { signEncrypted, getJwtFromEnv } from "sprint-es/jwt";
-export const adminController: Handler = (req, res) => {
+export const adminController: Handler = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         message: "Admin Dashboard",
         status: "ok"
     });
 };
-export const adminUsersController: Handler = (req, res) => {
+export const adminUsersController: Handler = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         users: [
             { id: 1, name: "John Doe", role: "admin" },
@@ -242,52 +286,31 @@ export const adminUsersController: Handler = (req, res) => {
     });
 };
-export const jwtGenerateController: Handler = (req, res) => {
+export const jwtGenerateController: Handler = (req: SprintRequest, res: SprintResponse) => {
     const { userId, role } = req.body || {};
     try {
         const { privateKey } = getJwtFromEnv();
         const payload = { userId, role: role || "user" };
-        const token = signEncrypted(payload, privateKey, { expiresIn: "1h" });
+        const token = signEncrypted(payload, privateKey, encryptionSecret, { expiresIn: "1h" });
         res.json({ token });
     } catch (error) {
         return res.status(500).json({ error: "JWT not configured" });
     }
 };
-export const jwtValidateController: Handler = (req, res) => {
-    const token = req.sprint?.getAuthorization() || req.headers.authorization;
-    if (!token) {
-        return res.status(401).json({ error: "No token provided" });
-    }
-    try {
-        const { publicKey } = getJwtFromEnv();
-        const decoded = verifyEncrypted(token, publicKey);
-        if (!decoded) {
-            return res.status(401).json({ error: "Invalid token" });
-        }
-        res.json({ valid: true, payload: decoded });
-    } catch (error) {
-        return res.status(500).json({ error: "JWT not configured" });
-    }
-};
 `;
     }
-    return `import { Handler } from "sprint-es";
-import { signEncrypted, verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+    return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
+import { signEncrypted, getJwtFromEnv } from "sprint-es/jwt";
-export const adminController = (req, res) => {
+export const adminController = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         message: "Admin Dashboard",
         status: "ok"
     });
 };
-export const adminUsersController = (req, res) => {
+export const adminUsersController = (req: SprintRequest, res: SprintResponse) => {
     res.json({
         users: [
             { id: 1, name: "John Doe", role: "admin" },
@@ -296,40 +319,20 @@ export const adminUsersController = (req, res) => {
     });
 };
-export const jwtGenerateController = (req, res) => {
+export const jwtGenerateController = (req: SprintRequest, res: SprintResponse) => {
     const { userId, role } = req.body || {};
     try {
-        const { privateKey } = getJwtFromEnv();
+        const { privateKey, encryptionSecret } = getJwtFromEnv();
         const payload = { userId, role: role || "user" };
-        const token = signEncrypted(payload, privateKey, { expiresIn: "1h" });
+        const token = signEncrypted(payload, privateKey, encryptionSecret, { expiresIn: "1h" });
         res.json({ token });
     } catch (error) {
         return res.status(500).json({ error: "JWT not configured" });
     }
 };
-export const jwtValidateController = (req, res) => {
-    const token = req.sprint?.getAuthorization() || req.headers.authorization;
-    if (!token) {
-        return res.status(401).json({ error: "No token provided" });
-    }
-    try {
-        const { publicKey } = getJwtFromEnv();
-        const decoded = verifyEncrypted(token, publicKey);
-        if (!decoded) {
-            return res.status(401).json({ error: "Invalid token" });
-        }
-        res.json({ valid: true, payload: decoded });
-    } catch (error) {
-        return res.status(500).json({ error: "JWT not configured" });
-    }
-};
 `;
 }
 export function getHomeSchema(language: string) {
@@ -388,26 +391,21 @@ export const jwtGenerateSchema = defineRouteSchema({
 `;
 }
-export function getAuthMiddleware(language: string) {
+export function getInternalAuthMiddleware(language: string) {
     if (language === "typescript") {
         return `import { defineMiddleware } from "sprint-es";
 export default defineMiddleware({
-    name: "auth",
+    name: "adminAuth",
     priority: 10,
     include: "/admin/**",
     handler: (req, res, next) => {
         const auth = req.sprint.getAuthorization();
-        if (!auth) {
-            return res.status(401).json({ error: "No authorization header" });
-        }
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
         const token = auth.replace("Bearer ", "");
-        if (token !== "admin-token") {
-            return res.status(403).json({ error: "Invalid token" });
-        }
+        if (token !== "admin-token") return res.status(403).json({ error: "Invalid token" });
         next();
     }
@@ -417,21 +415,73 @@ export default defineMiddleware({
     return `import { defineMiddleware } from "sprint-es";
 export default defineMiddleware({
-    name: "auth",
+    name: "adminAuth",
     priority: 10,
     include: "/admin/**",
     handler: (req, res, next) => {
         const auth = req.sprint.getAuthorization();
+        if (!auth)  return res.status(401).json({ error: "No authorization header" });
+        const token = auth.replace("Bearer ", "");
-        if (!auth) {
-            return res.status(401).json({ error: "No authorization header" });
-        }
+        if (token !== "admin-token") return res.status(403).json({ error: "Invalid token" });
+        next();
+    }
+});
+`;
+}
+export function getUserAuthMiddleware(language: string) {
+    if (language === "typescript") {
+        return `import { defineMiddleware } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+const { publicKey, encryptionSecret } = getJwtFromEnv();
+export default defineMiddleware({
+    name: "userAuth",
+    priority: 10,
+    include: "/**",
+    exclude: "/admin/**",
+    handler: (req, res, next) => {
+        const auth = req.sprint.getAuthorization();
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
         const token = auth.replace("Bearer ", "");
-        if (token !== "admin-token") {
-            return res.status(403).json({ error: "Invalid token" });
-        }
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);cd .
+        if (!decoded) return res.status(403).json({ error: "Invalid token" });
+        req.custom.user = decoded;
+        next();
+    }
+});
+`;
+    }
+    return `import { defineMiddleware } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+const { publicKey, encryptionSecret } = getJwtFromEnv();
+export default defineMiddleware({
+    name: "userAuth",
+    priority: 10,
+    include: "/**",
+    exclude: "/admin/**",
+    handler: (req, res, next) => {
+        const auth = req.sprint.getAuthorization();
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
+        const token = auth.replace("Bearer ", "");
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);
+        if (!decoded) return res.status(403).json({ error: "Invalid token" });
+        req.custom.user = decoded;
         next();
     }
@@ -648,6 +698,7 @@ export function getEnvDevelopment(telemetry: string) {
 PORT=5000
 JWT_PUBLIC_KEY='${keys.publicKey}'
 JWT_PRIVATE_KEY='${keys.privateKey}'
+JWT_ENCRYPTION_SECRET='${crypto.randomBytes(32).toString("hex")}'
 `;
     if (telemetry === "sentry" || telemetry === "glitchtip") {
@@ -671,6 +722,7 @@ export function getEnvProduction(telemetry: string) {
 PORT=5000
 JWT_PUBLIC_KEY='${keys.publicKey}'
 JWT_PRIVATE_KEY='${keys.privateKey}'
+JWT_ENCRYPTION_SECRET='${crypto.randomBytes(32).toString("hex")}'
 `;
     if (telemetry === "sentry" || telemetry === "glitchtip") {

package/src/index.ts CHANGED Viewed

@@ -2,9 +2,10 @@ import { spawn } from "child_process";
 import { existsSync, writeFileSync } from "fs";
 import { mkdir, writeFile as fsWriteFile } from "fs/promises";
 import { join } from "path";
+import color from "picocolors";
 import * as p from "@clack/prompts";
 import { validateProjectName } from "./validators.js";
-import { getTypeScriptPackageJson, getJavaScriptPackageJson, getTsConfig, getViteConfig, getMainFile, getHomeRoute, getAdminRoute, getHomeController, getAdminController, getAuthMiddleware, getHomeSchema, getAdminSchema, getDockerfile, getDockerCompose, getGitignore, getDockerIgnore, getSprintConfigFile, getEnvDevelopment, getEnvProduction, getExampleCronJob } from "./generators.js";
+import { getTypeScriptPackageJson, getJavaScriptPackageJson, getTsConfig, getViteConfig, getMainFile, getHomeRoute, getAdminRoute, getHomeController, getAdminController, getInternalAuthMiddleware, getUserAuthMiddleware, getHomeSchema, getAdminSchema, getDockerfile, getDockerCompose, getGitignore, getDockerIgnore, getSprintConfigFile, getEnvDevelopment, getEnvProduction, getExampleCronJob } from "./generators.js";
 export interface CLIOptions {
     projectName?: string;
@@ -25,6 +26,8 @@ export async function runCLI(args: string[]) {
     p.intro("Sprint — Quickly API Framework");
+    p.intro(`${color.bgCyan(color.black(' create-sprint-app '))}`);
     const config = await p.group(
         {
             projectName: () =>
@@ -78,13 +81,14 @@ export async function runCLI(args: string[]) {
     s.stop("Project created");
     const installDeps = await p.confirm({ message: "Install dependencies now?", initialValue: true });
+    const npmCmd = process.platform === "win32" ? "npm.cmd" : "npm";
     if (installDeps) {
         const s2 = p.spinner();
         s2.start("Installing dependencies");
         try {
             await new Promise<void>((resolve, reject) => {
-                const child = spawn("npm", ["install"], {
+                const child = spawn(npmCmd, ["install"], {
                     cwd: targetDir,
                     stdio: "pipe"
                 });
@@ -92,6 +96,7 @@ export async function runCLI(args: string[]) {
                     if (code === 0) resolve();
                     else reject(new Error(`npm install exited with code ${code}`));
                 });
+                child.on("error", reject);
             });
             s2.stop("Dependencies installed");
         } catch {
@@ -197,7 +202,8 @@ async function createProject(
     await writeFile(join(srcDir, "controllers", "home." + (language === "typescript" ? "ts" : "js")), getHomeController(language));
     await writeFile(join(srcDir, "controllers", "admin." + (language === "typescript" ? "ts" : "js")), getAdminController(language));
-    await writeFile(join(srcDir, "middlewares", "auth." + (language === "typescript" ? "ts" : "js")), getAuthMiddleware(language));
+    await writeFile(join(srcDir, "middlewares", "auth.internal." + (language === "typescript" ? "ts" : "js")), getInternalAuthMiddleware(language));
+    await writeFile(join(srcDir, "middlewares", "auth.user." + (language === "typescript" ? "ts" : "js")), getUserAuthMiddleware(language));
     await writeFile(join(srcDir, "schemas", "home." + (language === "typescript" ? "ts" : "js")), getHomeSchema(language));
     await writeFile(join(srcDir, "schemas", "admin." + (language === "typescript" ? "ts" : "js")), getAdminSchema(language));