create-sprint 0.0.52 → 0.0.56

package/dist/generators.js

@@ -9,7 +9,7 @@ export function generateJWTKeys() {
 }
 export function getTypeScriptPackageJson(name, telemetry) {
     const deps = {
-        "sprint-es": "^0.0.38"
+        "sprint-es": "^0.0.48"
     };
     const devDeps = {
         "@types/node": "^22.0.0",
@@ -39,7 +39,7 @@ export function getTypeScriptPackageJson(name, telemetry) {
 }
 export function getJavaScriptPackageJson(name, telemetry) {
     const deps = {
-        "sprint-es": "^0.0.38"
+        "sprint-es": "^0.0.48"
     };
     if (telemetry === "sentry" || telemetry === "glitchtip") {
         deps["@sentry/node"] = "^8.0.0";
@@ -117,13 +117,35 @@ export default defineConfig({
 export function getMainFile(language) {
     if (language === "typescript") {
         return `import Sprint from "sprint-es";
+import homeRouter from "./routes/home";
+import adminRouter from "./routes/admin";
+import authInternalMiddleware from "./middlewares/auth.internal";
+import authUserMiddleware from "./middlewares/auth.user";
 
 const app = new Sprint();
+
+app.use(authUserMiddleware);
+app.use(authInternalMiddleware);
+app.route("/", homeRouter);
+app.route("/admin", adminRouter);
+
+app.listen();
 `;
     }
     return `import Sprint from "sprint-es";
+import homeRouter from "./routes/home.js";
+import adminRouter from "./routes/admin.js";
+import authInternalMiddleware from "./middlewares/auth.internal.js";
+import authUserMiddleware from "./middlewares/auth.user.js";
 
 const app = new Sprint();
+
+app.use(authUserMiddleware);
+app.use(authInternalMiddleware);
+app.route("/", homeRouter);
+app.route("/admin", adminRouter);
+
+app.listen();
 `;
 }
 export function getHomeRoute(language) {
@@ -135,7 +157,7 @@ import { homeController, jwtValidateController } from "@/controllers/home";
 const router = Router();
 
 router.get("/", homeSchema, homeController);
-router.post("/jwt/validate", jwtValidateController);
+router.post("/me", jwtValidateController);
 
 export default router;
 `;
@@ -147,7 +169,7 @@ import { homeController, jwtValidateController } from "../controllers/home.js";
 const router = Router();
 
 router.get("/", homeSchema, homeController);
-router.post("/jwt/validate", jwtValidateController);
+router.post("/me", jwtValidateController);
 
 export default router;
 `;
@@ -193,24 +215,7 @@ export const homeController: Handler = (req: SprintRequest, res: SprintResponse)
 };
 
 export const jwtValidateController: Handler = (req: SprintRequest, res: SprintResponse) => {
-    const token = req.sprint?.getAuthorization() || req.headers.authorization;
-
-    if (!token) {
-        return res.status(401).json({ error: "No token provided" });
-    }
-
-    try {
-        const { publicKey } = getJwtFromEnv();
-        const decoded = verifyEncrypted(token, publicKey);
-
-        if (!decoded) {
-            return res.status(401).json({ error: "Invalid token" });
-        }
-
-        res.json({ valid: true, payload: decoded });
-    } catch (error) {
-        return res.status(500).json({ error: "JWT not configured" });
-    }
+    return res.json(req.custom.user);
 };
 `;
     }
@@ -225,24 +230,7 @@ export const homeController = (req: SprintRequest, res: SprintResponse) => {
 };
 
 export const jwtValidateController = (req: SprintRequest, res: SprintResponse) => {
-    const token = req.sprint?.getAuthorization() || req.headers.authorization;
-
-    if (!token) {
-        return res.status(401).json({ error: "No token provided" });
-    }
-
-    try {
-        const { publicKey } = getJwtFromEnv();
-        const decoded = verifyEncrypted(token, publicKey);
-
-        if (!decoded) {
-            return res.status(401).json({ error: "Invalid token" });
-        }
-
-        res.json({ valid: true, payload: decoded });
-    } catch (error) {
-        return res.status(500).json({ error: "JWT not configured" });
-    }
+    return res.json(req.custom.user);
 };
 `;
 }
@@ -271,9 +259,9 @@ export const jwtGenerateController: Handler = (req: SprintRequest, res: SprintRe
     const { userId, role } = req.body || {};
     
     try {
-        const { privateKey } = getJwtFromEnv();
+        const { privateKey, encryptionSecret } = getJwtFromEnv();
         const payload = { userId, role: role || "user" };
-        const token = signEncrypted(payload, privateKey, { expiresIn: "1h" });
+        const token = signEncrypted(payload, privateKey, encryptionSecret, { expiresIn: "1h" });
         res.json({ token });
     } catch (error) {
         return res.status(500).json({ error: "JWT not configured" });
@@ -281,7 +269,8 @@ export const jwtGenerateController: Handler = (req: SprintRequest, res: SprintRe
 };
 `;
     }
-    return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
+    else {
+        return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
 import { signEncrypted, getJwtFromEnv } from "sprint-es/jwt";
 
 export const adminController = (req: SprintRequest, res: SprintResponse) => {
@@ -304,15 +293,16 @@ export const jwtGenerateController = (req: SprintRequest, res: SprintResponse) =
     const { userId, role } = req.body || {};
     
     try {
-        const { privateKey } = getJwtFromEnv();
+        const { privateKey, encryptionSecret } = getJwtFromEnv();
         const payload = { userId, role: role || "user" };
-        const token = signEncrypted(payload, privateKey, { expiresIn: "1h" });
+        const token = signEncrypted(payload, privateKey, encryptionSecret, { expiresIn: "1h" });
         res.json({ token });
     } catch (error) {
         return res.status(500).json({ error: "JWT not configured" });
     }
 };
 `;
+    }
 }
 export function getHomeSchema(language) {
     if (language === "typescript") {
@@ -368,26 +358,21 @@ export const jwtGenerateSchema = defineRouteSchema({
 });
 `;
 }
-export function getAuthMiddleware(language) {
+export function getInternalAuthMiddleware(language) {
     if (language === "typescript") {
         return `import { defineMiddleware } from "sprint-es";
 
 export default defineMiddleware({
-    name: "auth",
+    name: "adminAuth",
     priority: 10,
     include: "/admin/**",
     handler: (req, res, next) => {
         const auth = req.sprint.getAuthorization();
-
-        if (!auth) {
-            return res.status(401).json({ error: "No authorization header" });
-        }
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
 
         const token = auth.replace("Bearer ", "");
 
-        if (token !== "admin-token") {
-            return res.status(403).json({ error: "Invalid token" });
-        }
+        if (token !== "admin-token") return res.status(403).json({ error: "Invalid token" });
 
         next();
     }
@@ -397,21 +382,72 @@ export default defineMiddleware({
     return `import { defineMiddleware } from "sprint-es";
 
 export default defineMiddleware({
-    name: "auth",
+    name: "adminAuth",
     priority: 10,
     include: "/admin/**",
     handler: (req, res, next) => {
         const auth = req.sprint.getAuthorization();
+        if (!auth)  return res.status(401).json({ error: "No authorization header" });
+        
+        const token = auth.replace("Bearer ", "");
 
-        if (!auth) {
-            return res.status(401).json({ error: "No authorization header" });
-        }
+        if (token !== "admin-token") return res.status(403).json({ error: "Invalid token" });
+        
+        next();
+    }
+});
+`;
+}
+export function getUserAuthMiddleware(language) {
+    if (language === "typescript") {
+        return `import { defineMiddleware } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+
+const { publicKey, encryptionSecret } = getJwtFromEnv();
+
+export default defineMiddleware({
+    name: "userAuth",
+    priority: 10,
+    include: "/**",
+    exclude: "/admin/**",
+    handler: (req, res, next) => {
+        const auth = req.sprint.getAuthorization();
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
 
         const token = auth.replace("Bearer ", "");
 
-        if (token !== "admin-token") {
-            return res.status(403).json({ error: "Invalid token" });
-        }
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);
+
+        if (!decoded) return res.status(403).json({ error: "Invalid token" });
+        
+        req.custom.user = decoded;
+
+        next();
+    }
+});
+`;
+    }
+    return `import { defineMiddleware } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+
+const { publicKey, encryptionSecret } = getJwtFromEnv();
+
+export default defineMiddleware({
+    name: "userAuth",
+    priority: 10,
+    include: "/**",
+    exclude: "/admin/**",
+    handler: (req, res, next) => {
+        const auth = req.sprint.getAuthorization();
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
+
+        const token = auth.replace("Bearer ", "");
+
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);
+
+        if (!decoded) return res.status(403).json({ error: "Invalid token" });
+
+        req.custom.user = decoded;
 
         next();
     }
@@ -453,8 +489,7 @@ CMD ["npm", "start"]
 `;
 }
 export function getDockerCompose(language) {
-    return `version: "3.8"
-
+    return `
 services:
   app:
     build: .
@@ -462,7 +497,7 @@ services:
       - "3000:3000"
     environment:
       - NODE_ENV=production
-      - PORT=3000
+      - PORT=5000
     restart: unless-stopped
 `;
 }
@@ -554,7 +589,7 @@ initTelemetry({
 
 initTelemetry({
     provider: "discord",
-    webhookUrl: process.env.DISCORD_WEBHOOK_URL || ""
+    webhookUrl: process.env.DISCORD_TELEMETRY_WEBHOOK_URL || ""
 });
 `;
         }
@@ -581,7 +616,7 @@ import { initTelemetry } from "sprint-es/telemetry";
 
 initTelemetry({
     provider: "discord",
-    webhookUrl: process.env.DISCORD_WEBHOOK_URL || ""
+    webhookUrl: process.env.DISCORD_TELEMETRY_WEBHOOK_URL || ""
 });
 `;
     }
@@ -602,7 +637,7 @@ SENTRY_DSN=
     else if (telemetry === "discord") {
         env += `
 # Discord Webhook URL for error notifications
-DISCORD_WEBHOOK_URL=
+DISCORD_TELEMETRY_WEBHOOK_URL=
 `;
     }
     return env;
@@ -627,7 +662,7 @@ SENTRY_DSN=
     else if (telemetry === "discord") {
         env += `
 # Discord Webhook URL
-DISCORD_WEBHOOK_URL=
+DISCORD_TELEMETRY_WEBHOOK_URL=
 `;
     }
     return env;
@@ -649,7 +684,7 @@ SENTRY_DSN=
     else if (telemetry === "discord") {
         env += `
 # Discord Webhook URL
-DISCORD_WEBHOOK_URL=
+DISCORD_TELEMETRY_WEBHOOK_URL=
 `;
     }
     return env;

package/dist/index.js

@@ -5,7 +5,7 @@ import { join } from "path";
 import color from "picocolors";
 import * as p from "@clack/prompts";
 import { validateProjectName } from "./validators.js";
-import { getTypeScriptPackageJson, getJavaScriptPackageJson, getTsConfig, getViteConfig, getMainFile, getHomeRoute, getAdminRoute, getHomeController, getAdminController, getAuthMiddleware, getHomeSchema, getAdminSchema, getDockerfile, getDockerCompose, getGitignore, getDockerIgnore, getSprintConfigFile, getEnvDevelopment, getEnvProduction, getExampleCronJob } from "./generators.js";
+import { getTypeScriptPackageJson, getJavaScriptPackageJson, getTsConfig, getViteConfig, getMainFile, getHomeRoute, getAdminRoute, getHomeController, getAdminController, getInternalAuthMiddleware, getUserAuthMiddleware, getHomeSchema, getAdminSchema, getDockerfile, getDockerCompose, getGitignore, getDockerIgnore, getSprintConfigFile, getEnvDevelopment, getEnvProduction, getExampleCronJob } from "./generators.js";
 export async function writeFile(path, content, options) {
     if (typeof content === "string")
         content = content.trimEnd();
@@ -16,41 +16,58 @@ export async function runCLI(args) {
     const options = parseArgs(args);
     p.intro("Sprint — Quickly API Framework");
     p.intro(`${color.bgCyan(color.black(' create-sprint-app '))}`);
-    const config = await p.group({
-        projectName: () => p.text({
-            message: "Project name:",
-            placeholder: "my-api",
-            validate: (v) => validateProjectName(v) || undefined,
-        }),
-        language: () => p.select({
-            message: "Language:",
-            options: [
-                { value: "typescript", label: "TypeScript", hint: "recommended" },
-                { value: "javascript", label: "JavaScript" },
-            ],
-        }),
-        telemetry: () => p.select({
-            message: "Error tracking:",
-            options: [
-                { value: "none", label: "None" },
-                { value: "sentry", label: "Sentry", hint: "free tier available" },
-                { value: "glitchtip", label: "GlitchTip", hint: "self-hostable" },
-                { value: "discord", label: "Discord Webhook", hint: "sends to a channel" },
-            ],
-        }),
-        docker: () => p.confirm({ message: "Add Docker support?", initialValue: false }),
-    }, {
-        onCancel: () => {
-            p.cancel("Cancelled.");
-            process.exit(0);
-        },
-    });
+    let config;
+    if (options.skipPrompts) {
+        config = {
+            projectName: options.projectName || "sprint-app",
+            language: options.language || "typescript",
+            telemetry: options.telemetry || "none",
+            docker: options.docker || false,
+        };
+    }
+    else {
+        config = await p.group({
+            projectName: () => p.text({
+                message: "Project name:",
+                placeholder: "my-api",
+                validate: (v) => validateProjectName(v) || undefined,
+            }),
+            language: () => p.select({
+                message: "Language:",
+                options: [
+                    { value: "typescript", label: "TypeScript", hint: "recommended" },
+                    { value: "javascript", label: "JavaScript" },
+                ],
+            }),
+            telemetry: () => p.select({
+                message: "Error tracking:",
+                options: [
+                    { value: "none", label: "None" },
+                    { value: "sentry", label: "Sentry", hint: "free tier available" },
+                    { value: "glitchtip", label: "GlitchTip", hint: "self-hostable" },
+                    { value: "discord", label: "Discord Webhook", hint: "sends to a channel" },
+                ],
+            }),
+            docker: () => p.confirm({ message: "Add Docker support?", initialValue: false }),
+        }, {
+            onCancel: () => {
+                p.cancel("Cancelled.");
+                process.exit(0);
+            },
+        });
+    }
     const targetDir = config.projectName === "." ? process.cwd() : join(process.cwd(), config.projectName);
     const s = p.spinner();
     s.start("Creating project");
     await createProject(config.projectName, config.language, config.telemetry, config.docker);
     s.stop("Project created");
-    const installDeps = await p.confirm({ message: "Install dependencies now?", initialValue: true });
+    let installDeps = true;
+    if (options.skipInstall) {
+        installDeps = false;
+    }
+    else if (!options.skipPrompts) {
+        installDeps = await p.confirm({ message: "Install dependencies now?", initialValue: true });
+    }
     const npmCmd = process.platform === "win32" ? "npm.cmd" : "npm";
     if (installDeps) {
         const s2 = p.spinner();
@@ -59,7 +76,7 @@ export async function runCLI(args) {
             await new Promise((resolve, reject) => {
                 const child = spawn(npmCmd, ["install"], {
                     cwd: targetDir,
-                    stdio: "pipe"
+                    stdio: "inherit"
                 });
                 child.on("close", (code) => {
                     if (code === 0)
@@ -67,12 +84,16 @@ export async function runCLI(args) {
                     else
                         reject(new Error(`npm install exited with code ${code}`));
                 });
-                child.on("error", reject);
+                child.on("error", (err) => {
+                    p.cancel(`Failed to run npm install: ${err.message}`);
+                    reject(err);
+                });
             });
             s2.stop("Dependencies installed");
         }
-        catch {
+        catch (err) {
             s2.stop("Install failed — run npm install manually");
+            console.error(err);
         }
     }
     const cdCmd = config.projectName === "." ? "" : `cd ${config.projectName} && `;
@@ -158,7 +179,8 @@ async function createProject(projectName, language, telemetry, useDocker) {
     await writeFile(join(srcDir, "routes", "admin." + (language === "typescript" ? "ts" : "js")), getAdminRoute(language));
     await writeFile(join(srcDir, "controllers", "home." + (language === "typescript" ? "ts" : "js")), getHomeController(language));
     await writeFile(join(srcDir, "controllers", "admin." + (language === "typescript" ? "ts" : "js")), getAdminController(language));
-    await writeFile(join(srcDir, "middlewares", "auth." + (language === "typescript" ? "ts" : "js")), getAuthMiddleware(language));
+    await writeFile(join(srcDir, "middlewares", "auth.internal." + (language === "typescript" ? "ts" : "js")), getInternalAuthMiddleware(language));
+    await writeFile(join(srcDir, "middlewares", "auth.user." + (language === "typescript" ? "ts" : "js")), getUserAuthMiddleware(language));
     await writeFile(join(srcDir, "schemas", "home." + (language === "typescript" ? "ts" : "js")), getHomeSchema(language));
     await writeFile(join(srcDir, "schemas", "admin." + (language === "typescript" ? "ts" : "js")), getAdminSchema(language));
     await writeFile(join(srcDir, "cronjobs", "example." + (language === "typescript" ? "ts" : "js")), getExampleCronJob(language));

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "create-sprint",
-    "version": "0.0.52",
+    "version": "0.0.56",
     "description": "Create a new Sprint API project",
     "type": "module",
     "bin": {

package/src/generators.ts

@@ -16,7 +16,7 @@ export function generateJWTKeys(): JWTKeys {
 
 export function getTypeScriptPackageJson(name: string, telemetry: string) {
     const deps: Record<string, string> = {
-        "sprint-es": "^0.0.38"
+        "sprint-es": "^0.0.48"
     };
 
     const devDeps: Record<string, string> = {
@@ -49,7 +49,7 @@ export function getTypeScriptPackageJson(name: string, telemetry: string) {
 
 export function getJavaScriptPackageJson(name: string, telemetry: string) {
     const deps: Record<string, string> = {
-        "sprint-es": "^0.0.38"
+        "sprint-es": "^0.0.48"
     };
 
     if (telemetry === "sentry" || telemetry === "glitchtip") {
@@ -131,14 +131,36 @@ export default defineConfig({
 export function getMainFile(language: string) {
     if (language === "typescript") {
         return `import Sprint from "sprint-es";
+import homeRouter from "./routes/home";
+import adminRouter from "./routes/admin";
+import authInternalMiddleware from "./middlewares/auth.internal";
+import authUserMiddleware from "./middlewares/auth.user";
 
 const app = new Sprint();
+
+app.use(authUserMiddleware);
+app.use(authInternalMiddleware);
+app.route("/", homeRouter);
+app.route("/admin", adminRouter);
+
+app.listen();
 `;
     }
 
     return `import Sprint from "sprint-es";
+import homeRouter from "./routes/home.js";
+import adminRouter from "./routes/admin.js";
+import authInternalMiddleware from "./middlewares/auth.internal.js";
+import authUserMiddleware from "./middlewares/auth.user.js";
 
 const app = new Sprint();
+
+app.use(authUserMiddleware);
+app.use(authInternalMiddleware);
+app.route("/", homeRouter);
+app.route("/admin", adminRouter);
+
+app.listen();
 `;
 }
 
@@ -151,7 +173,7 @@ import { homeController, jwtValidateController } from "@/controllers/home";
 const router = Router();
 
 router.get("/", homeSchema, homeController);
-router.post("/jwt/validate", jwtValidateController);
+router.post("/me", jwtValidateController);
 
 export default router;
 `;
@@ -163,7 +185,7 @@ import { homeController, jwtValidateController } from "../controllers/home.js";
 const router = Router();
 
 router.get("/", homeSchema, homeController);
-router.post("/jwt/validate", jwtValidateController);
+router.post("/me", jwtValidateController);
 
 export default router;
 `;
@@ -211,24 +233,7 @@ export const homeController: Handler = (req: SprintRequest, res: SprintResponse)
 };
 
 export const jwtValidateController: Handler = (req: SprintRequest, res: SprintResponse) => {
-    const token = req.sprint?.getAuthorization() || req.headers.authorization;
-
-    if (!token) {
-        return res.status(401).json({ error: "No token provided" });
-    }
-
-    try {
-        const { publicKey } = getJwtFromEnv();
-        const decoded = verifyEncrypted(token, publicKey);
-
-        if (!decoded) {
-            return res.status(401).json({ error: "Invalid token" });
-        }
-
-        res.json({ valid: true, payload: decoded });
-    } catch (error) {
-        return res.status(500).json({ error: "JWT not configured" });
-    }
+    return res.json(req.custom.user);
 };
 `;
     }
@@ -243,24 +248,7 @@ export const homeController = (req: SprintRequest, res: SprintResponse) => {
 };
 
 export const jwtValidateController = (req: SprintRequest, res: SprintResponse) => {
-    const token = req.sprint?.getAuthorization() || req.headers.authorization;
-
-    if (!token) {
-        return res.status(401).json({ error: "No token provided" });
-    }
-
-    try {
-        const { publicKey } = getJwtFromEnv();
-        const decoded = verifyEncrypted(token, publicKey);
-
-        if (!decoded) {
-            return res.status(401).json({ error: "Invalid token" });
-        }
-
-        res.json({ valid: true, payload: decoded });
-    } catch (error) {
-        return res.status(500).json({ error: "JWT not configured" });
-    }
+    return res.json(req.custom.user);
 };
 `;
 }
@@ -290,17 +278,17 @@ export const jwtGenerateController: Handler = (req: SprintRequest, res: SprintRe
     const { userId, role } = req.body || {};
     
     try {
-        const { privateKey } = getJwtFromEnv();
+        const { privateKey, encryptionSecret } = getJwtFromEnv();
         const payload = { userId, role: role || "user" };
-        const token = signEncrypted(payload, privateKey, { expiresIn: "1h" });
+        const token = signEncrypted(payload, privateKey, encryptionSecret, { expiresIn: "1h" });
         res.json({ token });
     } catch (error) {
         return res.status(500).json({ error: "JWT not configured" });
     }
 };
 `;
-    }
-    return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
+    } else {
+        return `import { Handler, SprintRequest, SprintResponse } from "sprint-es";
 import { signEncrypted, getJwtFromEnv } from "sprint-es/jwt";
 
 export const adminController = (req: SprintRequest, res: SprintResponse) => {
@@ -323,16 +311,16 @@ export const jwtGenerateController = (req: SprintRequest, res: SprintResponse) =
     const { userId, role } = req.body || {};
     
     try {
-        const { privateKey } = getJwtFromEnv();
+        const { privateKey, encryptionSecret } = getJwtFromEnv();
         const payload = { userId, role: role || "user" };
-        const token = signEncrypted(payload, privateKey, { expiresIn: "1h" });
+        const token = signEncrypted(payload, privateKey, encryptionSecret, { expiresIn: "1h" });
         res.json({ token });
     } catch (error) {
         return res.status(500).json({ error: "JWT not configured" });
     }
 };
 `;
-
+    }
 }
 
 export function getHomeSchema(language: string) {
@@ -391,26 +379,21 @@ export const jwtGenerateSchema = defineRouteSchema({
 `;
 }
 
-export function getAuthMiddleware(language: string) {
+export function getInternalAuthMiddleware(language: string) {
     if (language === "typescript") {
         return `import { defineMiddleware } from "sprint-es";
 
 export default defineMiddleware({
-    name: "auth",
+    name: "adminAuth",
     priority: 10,
     include: "/admin/**",
     handler: (req, res, next) => {
         const auth = req.sprint.getAuthorization();
-
-        if (!auth) {
-            return res.status(401).json({ error: "No authorization header" });
-        }
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
 
         const token = auth.replace("Bearer ", "");
 
-        if (token !== "admin-token") {
-            return res.status(403).json({ error: "Invalid token" });
-        }
+        if (token !== "admin-token") return res.status(403).json({ error: "Invalid token" });
 
         next();
     }
@@ -420,21 +403,73 @@ export default defineMiddleware({
     return `import { defineMiddleware } from "sprint-es";
 
 export default defineMiddleware({
-    name: "auth",
+    name: "adminAuth",
     priority: 10,
     include: "/admin/**",
     handler: (req, res, next) => {
         const auth = req.sprint.getAuthorization();
+        if (!auth)  return res.status(401).json({ error: "No authorization header" });
+        
+        const token = auth.replace("Bearer ", "");
 
-        if (!auth) {
-            return res.status(401).json({ error: "No authorization header" });
-        }
+        if (token !== "admin-token") return res.status(403).json({ error: "Invalid token" });
+        
+        next();
+    }
+});
+`;
+}
+
+export function getUserAuthMiddleware(language: string) {
+    if (language === "typescript") {
+        return `import { defineMiddleware } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+
+const { publicKey, encryptionSecret } = getJwtFromEnv();
+
+export default defineMiddleware({
+    name: "userAuth",
+    priority: 10,
+    include: "/**",
+    exclude: "/admin/**",
+    handler: (req, res, next) => {
+        const auth = req.sprint.getAuthorization();
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
 
         const token = auth.replace("Bearer ", "");
 
-        if (token !== "admin-token") {
-            return res.status(403).json({ error: "Invalid token" });
-        }
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);
+
+        if (!decoded) return res.status(403).json({ error: "Invalid token" });
+        
+        req.custom.user = decoded;
+
+        next();
+    }
+});
+`;
+    }
+    return `import { defineMiddleware } from "sprint-es";
+import { verifyEncrypted, getJwtFromEnv } from "sprint-es/jwt";
+
+const { publicKey, encryptionSecret } = getJwtFromEnv();
+
+export default defineMiddleware({
+    name: "userAuth",
+    priority: 10,
+    include: "/**",
+    exclude: "/admin/**",
+    handler: (req, res, next) => {
+        const auth = req.sprint.getAuthorization();
+        if (!auth) return res.status(401).json({ error: "No authorization header" });
+
+        const token = auth.replace("Bearer ", "");
+
+        const decoded = verifyEncrypted(token, publicKey, encryptionSecret);
+
+        if (!decoded) return res.status(403).json({ error: "Invalid token" });
+
+        req.custom.user = decoded;
 
         next();
     }
@@ -478,8 +513,7 @@ CMD ["npm", "start"]
 }
 
 export function getDockerCompose(language: string) {
-    return `version: "3.8"
-
+    return `
 services:
   app:
     build: .
@@ -487,7 +521,7 @@ services:
       - "3000:3000"
     environment:
       - NODE_ENV=production
-      - PORT=3000
+      - PORT=5000
     restart: unless-stopped
 `;
 }
@@ -582,7 +616,7 @@ initTelemetry({
 
 initTelemetry({
     provider: "discord",
-    webhookUrl: process.env.DISCORD_WEBHOOK_URL || ""
+    webhookUrl: process.env.DISCORD_TELEMETRY_WEBHOOK_URL || ""
 });
 `;
         }
@@ -611,7 +645,7 @@ import { initTelemetry } from "sprint-es/telemetry";
 
 initTelemetry({
     provider: "discord",
-    webhookUrl: process.env.DISCORD_WEBHOOK_URL || ""
+    webhookUrl: process.env.DISCORD_TELEMETRY_WEBHOOK_URL || ""
 });
 `;
     }
@@ -634,7 +668,7 @@ SENTRY_DSN=
     } else if (telemetry === "discord") {
         env += `
 # Discord Webhook URL for error notifications
-DISCORD_WEBHOOK_URL=
+DISCORD_TELEMETRY_WEBHOOK_URL=
 `;
     }
 
@@ -662,7 +696,7 @@ SENTRY_DSN=
     } else if (telemetry === "discord") {
         env += `
 # Discord Webhook URL
-DISCORD_WEBHOOK_URL=
+DISCORD_TELEMETRY_WEBHOOK_URL=
 `;
     }
 
@@ -686,7 +720,7 @@ SENTRY_DSN=
     } else if (telemetry === "discord") {
         env += `
 # Discord Webhook URL
-DISCORD_WEBHOOK_URL=
+DISCORD_TELEMETRY_WEBHOOK_URL=
 `;
     }
 

package/src/index.ts

@@ -1,11 +1,11 @@
 import { spawn } from "child_process";
-import { existsSync, writeFileSync } from "fs";
+import { existsSync } from "fs";
 import { mkdir, writeFile as fsWriteFile } from "fs/promises";
 import { join } from "path";
 import color from "picocolors";
 import * as p from "@clack/prompts";
 import { validateProjectName } from "./validators.js";
-import { getTypeScriptPackageJson, getJavaScriptPackageJson, getTsConfig, getViteConfig, getMainFile, getHomeRoute, getAdminRoute, getHomeController, getAdminController, getAuthMiddleware, getHomeSchema, getAdminSchema, getDockerfile, getDockerCompose, getGitignore, getDockerIgnore, getSprintConfigFile, getEnvDevelopment, getEnvProduction, getExampleCronJob } from "./generators.js";
+import { getTypeScriptPackageJson, getJavaScriptPackageJson, getTsConfig, getViteConfig, getMainFile, getHomeRoute, getAdminRoute, getHomeController, getAdminController, getInternalAuthMiddleware, getUserAuthMiddleware, getHomeSchema, getAdminSchema, getDockerfile, getDockerCompose, getGitignore, getDockerIgnore, getSprintConfigFile, getEnvDevelopment, getEnvProduction, getExampleCronJob } from "./generators.js";
 
 export interface CLIOptions {
     projectName?: string;
@@ -28,59 +28,81 @@ export async function runCLI(args: string[]) {
 
     p.intro(`${color.bgCyan(color.black(' create-sprint-app '))}`);
 
-    const config = await p.group(
-        {
-            projectName: () =>
-                p.text({
-                    message: "Project name:",
-                    placeholder: "my-api",
-                    validate: (v) => validateProjectName(v) || undefined,
-                }),
-
-            language: () =>
-                p.select({
-                    message: "Language:",
-                    options: [
-                        { value: "typescript", label: "TypeScript", hint: "recommended" },
-                        { value: "javascript", label: "JavaScript" },
-                    ],
-                }),
-
-            telemetry: () =>
-                p.select({
-                    message: "Error tracking:",
-                    options: [
-                        { value: "none", label: "None" },
-                        { value: "sentry", label: "Sentry", hint: "free tier available" },
-                        { value: "glitchtip", label: "GlitchTip", hint: "self-hostable" },
-                        { value: "discord", label: "Discord Webhook", hint: "sends to a channel" },
-                    ],
-                }),
-
-            docker: () =>
-                p.confirm({ message: "Add Docker support?", initialValue: false }),
-        },
-        {
-            onCancel: () => {
-                p.cancel("Cancelled.");
-                process.exit(0);
+    let config: {
+        projectName: string;
+        language: "typescript" | "javascript";
+        telemetry: string;
+        docker: boolean;
+    };
+
+    if (options.skipPrompts) {
+        config = {
+            projectName: options.projectName || "sprint-app",
+            language: options.language || "typescript",
+            telemetry: options.telemetry || "none",
+            docker: options.docker || false,
+        };
+    } else {
+        config = await p.group(
+            {
+                projectName: () =>
+                    p.text({
+                        message: "Project name:",
+                        placeholder: "my-api",
+                        validate: (v) => validateProjectName(v) || undefined,
+                    }),
+
+                language: () =>
+                    p.select({
+                        message: "Language:",
+                        options: [
+                            { value: "typescript", label: "TypeScript", hint: "recommended" },
+                            { value: "javascript", label: "JavaScript" },
+                        ],
+                    }),
+
+                telemetry: () =>
+                    p.select({
+                        message: "Error tracking:",
+                        options: [
+                            { value: "none", label: "None" },
+                            { value: "sentry", label: "Sentry", hint: "free tier available" },
+                            { value: "glitchtip", label: "GlitchTip", hint: "self-hostable" },
+                            { value: "discord", label: "Discord Webhook", hint: "sends to a channel" },
+                        ],
+                    }),
+
+                docker: () =>
+                    p.confirm({ message: "Add Docker support?", initialValue: false }),
             },
-        }
-    );
+            {
+                onCancel: () => {
+                    p.cancel("Cancelled.");
+                    process.exit(0);
+                },
+            }
+        );
+    }
 
     const targetDir = config.projectName === "." ? process.cwd() : join(process.cwd(), config.projectName);
 
     const s = p.spinner();
     s.start("Creating project");
     await createProject(
-        config.projectName as string,
-        config.language as "typescript" | "javascript",
-        config.telemetry as string,
-        config.docker as boolean,
+        config.projectName,
+        config.language,
+        config.telemetry,
+        config.docker,
     );
     s.stop("Project created");
 
-    const installDeps = await p.confirm({ message: "Install dependencies now?", initialValue: true });
+    let installDeps = true;
+    if (options.skipInstall) {
+        installDeps = false;
+    } else if (!options.skipPrompts) {
+        installDeps = await p.confirm({ message: "Install dependencies now?", initialValue: true }) as boolean;
+    }
+
     const npmCmd = process.platform === "win32" ? "npm.cmd" : "npm";
 
     if (installDeps) {
@@ -90,17 +112,21 @@ export async function runCLI(args: string[]) {
             await new Promise<void>((resolve, reject) => {
                 const child = spawn(npmCmd, ["install"], {
                     cwd: targetDir,
-                    stdio: "pipe"
+                    stdio: "inherit"
                 });
                 child.on("close", (code) => {
                     if (code === 0) resolve();
                     else reject(new Error(`npm install exited with code ${code}`));
                 });
-                child.on("error", reject);
+                child.on("error", (err) => {
+                    p.cancel(`Failed to run npm install: ${err.message}`);
+                    reject(err);
+                });
             });
             s2.stop("Dependencies installed");
-        } catch {
+        } catch (err) {
             s2.stop("Install failed — run npm install manually");
+            console.error(err);
         }
     }
 
@@ -202,7 +228,8 @@ async function createProject(
     await writeFile(join(srcDir, "controllers", "home." + (language === "typescript" ? "ts" : "js")), getHomeController(language));
     await writeFile(join(srcDir, "controllers", "admin." + (language === "typescript" ? "ts" : "js")), getAdminController(language));
 
-    await writeFile(join(srcDir, "middlewares", "auth." + (language === "typescript" ? "ts" : "js")), getAuthMiddleware(language));
+    await writeFile(join(srcDir, "middlewares", "auth.internal." + (language === "typescript" ? "ts" : "js")), getInternalAuthMiddleware(language));
+    await writeFile(join(srcDir, "middlewares", "auth.user." + (language === "typescript" ? "ts" : "js")), getUserAuthMiddleware(language));
 
     await writeFile(join(srcDir, "schemas", "home." + (language === "typescript" ? "ts" : "js")), getHomeSchema(language));
     await writeFile(join(srcDir, "schemas", "admin." + (language === "typescript" ? "ts" : "js")), getAdminSchema(language));