create-tigra 1.0.7 → 2.0.0

package/template/server/src/modules/resources/resources.routes.ts

@@ -1,116 +0,0 @@
-/**
- * Resources Routes
- *
- * Fastify route definitions for resources endpoints.
- * Includes rate limiting for security.
- *
- * @see /mnt/project/11-rate-limiting-v2.md
- */
-
-import type { FastifyInstance } from 'fastify';
-import * as resourceController from './resources.controller';
-
-/**
- * Register resources routes
- *
- * @param fastify - Fastify instance
- */
-export async function resourceRoutes(fastify: FastifyInstance): Promise<void> {
-    /**
-     * GET /resources
-     *
-     * Get paginated list of resources with optional filters
-     */
-    fastify.get('/', {
-        config: {
-            rateLimit: {
-                max: 100,
-                timeWindow: '15 minutes',
-            },
-        },
-        handler: resourceController.listResources,
-    });
-
-    /**
-     * GET /resources/my
-     *
-     * Get current user's resources
-     * Requires authentication
-     */
-    fastify.get('/my', {
-        config: {
-            rateLimit: {
-                max: 1000,
-                timeWindow: '15 minutes',
-            },
-        },
-        preHandler: [fastify.authenticate, fastify.requireAny()],
-        handler: resourceController.getMyResources,
-    });
-
-    /**
-     * GET /resources/:id
-     *
-     * Get single resource by ID with owner information
-     */
-    fastify.get('/:id', {
-        config: {
-            rateLimit: {
-                max: 100,
-                timeWindow: '15 minutes',
-            },
-        },
-        handler: resourceController.getResource,
-    });
-
-    /**
-     * POST /resources
-     *
-     * Create a new resource
-     * Requires authentication
-     */
-    fastify.post('/', {
-        config: {
-            rateLimit: {
-                max: 1000,
-                timeWindow: '15 minutes',
-            },
-        },
-        preHandler: [fastify.authenticate, fastify.requireAny()],
-        handler: resourceController.createResource,
-    });
-
-    /**
-     * PATCH /resources/:id
-     *
-     * Update a resource (owner only)
-     * Requires authentication
-     */
-    fastify.patch('/:id', {
-        config: {
-            rateLimit: {
-                max: 1000,
-                timeWindow: '15 minutes',
-            },
-        },
-        preHandler: [fastify.authenticate, fastify.requireAny()],
-        handler: resourceController.updateResource,
-    });
-
-    /**
-     * DELETE /resources/:id
-     *
-     * Delete a resource (owner only, soft delete)
-     * Requires authentication
-     */
-    fastify.delete('/:id', {
-        config: {
-            rateLimit: {
-                max: 1000,
-                timeWindow: '15 minutes',
-            },
-        },
-        preHandler: [fastify.authenticate, fastify.requireAny()],
-        handler: resourceController.deleteResource,
-    });
-}

package/template/server/src/modules/resources/resources.schemas.ts

@@ -1,146 +0,0 @@
-/**
- * Resources Schemas
- * 
- * Zod schemas for request validation and type validation.
- * Ensures type safety and API documentation consistency.
- */
-
-import { z } from 'zod';
-
-/**
- * Create Resource Schema
- * 
- * Validates resource creation requests.
- */
-export const CreateResourceSchema = z.object({
-    title: z
-        .string()
-        .min(1, 'Title is required')
-        .max(200, 'Title must not exceed 200 characters')
-        .trim(),
-    summary: z
-        .string()
-        .max(1000, 'Summary must not exceed 1000 characters')
-        .trim()
-        .optional(),
-    price: z
-        .number()
-        .positive('Price must be positive')
-        .multipleOf(0.01, 'Price can have at most 2 decimal places')
-        .max(999999.99, 'Price is too large'),
-});
-
-/**
- * Update Resource Schema
- * 
- * Validates resource update requests.
- * All fields are optional (partial update).
- */
-export const UpdateResourceSchema = z.object({
-    title: z
-        .string()
-        .min(1, 'Title cannot be empty')
-        .max(200, 'Title must not exceed 200 characters')
-        .trim()
-        .optional(),
-    summary: z
-        .string()
-        .max(1000, 'Summary must not exceed 1000 characters')
-        .trim()
-        .optional(),
-    price: z
-        .number()
-        .positive('Price must be positive')
-        .multipleOf(0.01, 'Price can have at most 2 decimal places')
-        .max(999999.99, 'Price is too large')
-        .optional(),
-});
-
-/**
- * Resource Filters Schema
- * 
- * Validates query parameters for filtering resources.
- */
-export const ResourceFiltersSchema = z.object({
-    status: z
-        .enum(['active', 'inactive', 'deleted'])
-        .optional(),
-    minPrice: z
-        .coerce
-        .number()
-        .positive('Minimum price must be positive')
-        .optional(),
-    maxPrice: z
-        .coerce
-        .number()
-        .positive('Maximum price must be positive')
-        .optional(),
-    ownerId: z
-        .string()
-        .uuid('Invalid owner ID format')
-        .optional(),
-    search: z
-        .string()
-        .trim()
-        .optional(),
-});
-
-/**
- * Pagination Schema
- * 
- * Validates pagination query parameters.
- */
-export const PaginationSchema = z.object({
-    page: z
-        .coerce
-        .number()
-        .int()
-        .min(1, 'Page must be at least 1')
-        .default(1),
-    limit: z
-        .coerce
-        .number()
-        .int()
-        .min(1, 'Limit must be at least 1')
-        .max(100, 'Limit must not exceed 100')
-        .default(10),
-});
-
-/**
- * Resource Response Schema (for type validation)
- * 
- * Defines the structure of resource objects in API responses.
- */
-export const ResourceResponseSchema = z.object({
-    id: z.string().uuid(),
-    ownerId: z.string().uuid(),
-    title: z.string(),
-    summary: z.string().nullable(),
-    price: z.number(),
-    status: z.string(),
-    createdAt: z.string().datetime(),
-    updatedAt: z.string().datetime(),
-});
-
-/**
- * Resource with Owner Response Schema (for type validation)
- */
-export const ResourceWithOwnerResponseSchema = ResourceResponseSchema.extend({
-    owner: z.object({
-        id: z.string().uuid(),
-        email: z.string().email(),
-        name: z.string().nullable(),
-    }),
-});
-
-/**
- * Type inference from schemas
- * 
- * These types can be used in controllers and services.
- */
-export type CreateResourceInput = z.infer<typeof CreateResourceSchema>;
-export type UpdateResourceInput = z.infer<typeof UpdateResourceSchema>;
-export type ResourceFiltersInput = z.infer<typeof ResourceFiltersSchema>;
-export type PaginationInput = z.infer<typeof PaginationSchema>;
-export type ResourceResponse = z.infer<typeof ResourceResponseSchema>;
-export type ResourceWithOwnerResponse = z.infer<typeof ResourceWithOwnerResponseSchema>;

package/template/server/src/modules/resources/resources.service.ts

@@ -1,218 +0,0 @@
-/**
- * Resources Service
- * 
- * Business logic for resources operations.
- * Handles CRUD operations with authorization checks.
- * 
- * @see /mnt/project/02-general-rules.md
- */
-
-import logger from '@/libs/logger';
-import { NotFoundError, ForbiddenError } from '@/utils/errors';
-import * as resourceRepo from './resources.repo';
-import type { ResourceFilters, Resource, ResourceWithOwner } from './resources.types';
-import type { CreateResourceInput, UpdateResourceInput } from './resources.schemas';
-
-/**
- * Service response for paginated data
- */
-interface PaginatedResult<T> {
-    items: T[];
-    totalItems: number;
-}
-
-/**
- * Get resources with filters and pagination
- * 
- * @param filters - Filter criteria
- * @param page - Page number (1-indexed)
- * @param limit - Items per page
- * @returns Items and total count
- */
-export async function getResources(
-    filters: ResourceFilters,
-    page: number,
-    limit: number
-): Promise<PaginatedResult<Resource>> {
-    try {
-        // Get items with filters and pagination
-        const items = await resourceRepo.findMany(filters, page, limit);
-
-        // Get total count with same filters
-        const totalItems = await resourceRepo.count(filters);
-
-        logger.info(
-            { filters, page, limit, count: items.length, totalItems },
-            'Resources retrieved'
-        );
-
-        return { items, totalItems };
-    } catch (error) {
-        logger.error({ error, filters, page, limit }, 'Failed to get resources');
-        throw error;
-    }
-}
-
-/**
- * Get resource by ID
- * 
- * @param id - Resource ID
- * @returns Resource with owner relation
- * @throws NotFoundError if resource not found
- */
-export async function getResource(id: string): Promise<ResourceWithOwner> {
-    try {
-        const resource = await resourceRepo.findById(id);
-
-        if (!resource) {
-            throw new NotFoundError('Resource not found');
-        }
-
-        logger.info({ resourceId: id }, 'Resource retrieved');
-
-        return resource;
-    } catch (error) {
-        logger.error({ error, resourceId: id }, 'Failed to get resource');
-        throw error;
-    }
-}
-
-/**
- * Create a new resource
- * 
- * @param data - Resource creation data
- * @param userId - Owner user ID
- * @returns Created resource
- */
-export async function createResource(
-    data: CreateResourceInput,
-    userId: string
-): Promise<Resource> {
-    try {
-        const resource = await resourceRepo.create(data, userId);
-
-        logger.info(
-            { resourceId: resource.id, userId, title: resource.title },
-            'Resource created'
-        );
-
-        return resource;
-    } catch (error) {
-        logger.error({ error, userId, data }, 'Failed to create resource');
-        throw error;
-    }
-}
-
-/**
- * Update a resource
- * 
- * @param id - Resource ID
- * @param userId - User ID (for ownership verification)
- * @param data - Update data
- * @returns Updated resource
- * @throws NotFoundError if resource not found
- * @throws ForbiddenError if user is not the owner
- */
-export async function updateResource(
-    id: string,
-    userId: string,
-    data: UpdateResourceInput
-): Promise<Resource> {
-    try {
-        // Check if resource exists
-        const exists = await resourceRepo.exists(id);
-        if (!exists) {
-            throw new NotFoundError('Resource not found');
-        }
-
-        // Verify ownership
-        const isOwner = await resourceRepo.isOwner(id, userId);
-        if (!isOwner) {
-            throw new ForbiddenError('You do not have permission to update this resource');
-        }
-
-        // Update resource
-        const resource = await resourceRepo.update(id, data);
-
-        logger.info(
-            { resourceId: id, userId, updates: Object.keys(data) },
-            'Resource updated'
-        );
-
-        return resource;
-    } catch (error) {
-        logger.error({ error, resourceId: id, userId, data }, 'Failed to update resource');
-        throw error;
-    }
-}
-
-/**
- * Delete a resource (soft delete)
- * 
- * @param id - Resource ID
- * @param userId - User ID (for ownership verification)
- * @returns Deleted resource
- * @throws NotFoundError if resource not found
- * @throws ForbiddenError if user is not the owner
- */
-export async function deleteResource(
-    id: string,
-    userId: string
-): Promise<Resource> {
-    try {
-        // Check if resource exists
-        const exists = await resourceRepo.exists(id);
-        if (!exists) {
-            throw new NotFoundError('Resource not found');
-        }
-
-        // Verify ownership
-        const isOwner = await resourceRepo.isOwner(id, userId);
-        if (!isOwner) {
-            throw new ForbiddenError('You do not have permission to delete this resource');
-        }
-
-        // Soft delete resource
-        const resource = await resourceRepo.deleteResource(id);
-
-        logger.info({ resourceId: id, userId }, 'Resource deleted');
-
-        return resource;
-    } catch (error) {
-        logger.error({ error, resourceId: id, userId }, 'Failed to delete resource');
-        throw error;
-    }
-}
-
-/**
- * Get user's resources
- * 
- * @param userId - User ID
- * @param page - Page number (1-indexed)
- * @param limit - Items per page
- * @returns User's resources and total count
- */
-export async function getMyResources(
-    userId: string,
-    page: number,
-    limit: number
-): Promise<PaginatedResult<Resource>> {
-    try {
-        // Filter by owner ID
-        const filters: ResourceFilters = { ownerId: userId };
-
-        // Get items and count
-        const items = await resourceRepo.findMany(filters, page, limit);
-        const totalItems = await resourceRepo.count(filters);
-
-        logger.info(
-            { userId, page, limit, count: items.length, totalItems },
-            'User resources retrieved'
-        );
-
-        return { items, totalItems };
-    } catch (error) {
-        logger.error({ error, userId, page, limit }, 'Failed to get user resources');
-        throw error;
-    }
-}

package/template/server/src/modules/resources/resources.types.ts

@@ -1,73 +0,0 @@
-/**
- * Resources Types
- * 
- * TypeScript types and interfaces for resources module.
- * Resources are the main CRUD entity in this application.
- */
-
-/**
- * Resource Status Enum
- */
-export type ResourceStatus = 'active' | 'inactive' | 'deleted';
-
-/**
- * Resource object
- * 
- * Main entity representing a resource in the system.
- */
-export interface Resource {
-    id: string;
-    ownerId: string;
-    title: string;
-    summary: string | null;
-    price: number;
-    status: string;
-    createdAt: Date;
-    updatedAt: Date;
-}
-
-/**
- * Create Resource Request Payload
- */
-export interface CreateResourceRequest {
-    title: string;
-    summary?: string;
-    price: number;
-}
-
-/**
- * Update Resource Request Payload
- * 
- * All fields are optional (partial update)
- */
-export interface UpdateResourceRequest {
-    title?: string;
-    summary?: string;
-    price?: number;
-}
-
-/**
- * Resource Filters
- * 
- * Used for filtering and searching resources.
- */
-export interface ResourceFilters {
-    status?: ResourceStatus;
-    minPrice?: number;
-    maxPrice?: number;
-    ownerId?: string;
-    search?: string; // Search in title
-}
-
-/**
- * Resource with Owner
- * 
- * Resource with owner relation populated.
- */
-export interface ResourceWithOwner extends Resource {
-    owner: {
-        id: string;
-        email: string;
-        name: string | null;
-    };
-}

package/template/server/src/plugins/rate-limit.plugin.ts

@@ -1,21 +0,0 @@
-import { FastifyInstance } from 'fastify';
-import rateLimit from '@fastify/rate-limit';
-import { redis } from '@/libs/redis';
-import { env } from '@/config/env';
-
-export async function registerRateLimit(app: FastifyInstance) {
-    await app.register(rateLimit, {
-        global: true,
-        max: env.RATE_LIMIT_MAX,
-        timeWindow: env.RATE_LIMIT_WINDOW,
-        redis,
-        nameSpace: 'rate-limit:',
-        errorResponseBuilder: (request, context) => ({
-            success: false,
-            error: {
-                code: 'RATE_LIMIT_EXCEEDED',
-                message: `Too many requests. Please try again in ${Math.ceil(context.ttl / 1000)}s.`,
-            },
-        }),
-    });
-}

package/template/server/src/plugins/security.plugin.ts

@@ -1,21 +0,0 @@
-import { FastifyInstance } from 'fastify';
-import cors from '@fastify/cors';
-import helmet from '@fastify/helmet';
-import compress from '@fastify/compress';
-import { env } from '@/config/env';
-
-export async function registerSecurityPlugins(app: FastifyInstance) {
-    // CORS - Cross-Origin Resource Sharing
-    await app.register(cors, {
-        origin: env.NODE_ENV === 'development' ? true : env.CORS_ALLOWED_ORIGINS.split(','),
-        credentials: true,
-    });
-
-    // Helmet - Security headers
-    await app.register(helmet, {
-        contentSecurityPolicy: env.NODE_ENV === 'production',
-    });
-
-    // Compression - Gzip/Deflate
-    await app.register(compress, { global: true });
-}

package/template/server/src/routes/health.routes.ts

@@ -1,31 +0,0 @@
-import { FastifyInstance } from 'fastify';
-import { prisma } from '@/libs/db';
-import { redis } from '@/libs/redis';
-
-export async function healthRoutes(app: FastifyInstance) {
-    app.get('/health', async (request, reply) => {
-        const health = {
-            status: 'healthy',
-            timestamp: new Date().toISOString(),
-            uptime: process.uptime(),
-            database: 'connected',
-            redis: 'connected',
-        };
-
-        try {
-            await prisma.$queryRaw`SELECT 1`;
-        } catch (error) {
-            health.database = 'disconnected';
-            health.status = 'unhealthy';
-        }
-
-        try {
-            await redis.ping();
-        } catch (error) {
-            health.redis = 'disconnected';
-            health.status = 'unhealthy';
-        }
-
-        return reply.status(health.status === 'healthy' ? 200 : 503).send(health);
-    });
-}

package/template/server/src/types/fastify.d.ts

@@ -1,36 +0,0 @@
-import { FastifyReply, FastifyRequest } from 'fastify';
-import { JwtPayload } from '@/modules/auth/auth.types';
-import { UserRole } from '@/libs/auth/rbac.middleware';
-
-/**
- * TypeScript Declaration Merging
- * 
- * Extends Fastify types with custom properties.
- */
-declare module 'fastify' {
-    interface FastifyRequest {
-        user?: JwtPayload;
-        startTime: number;
-    }
-    interface FastifyInstance {
-        authenticate: (
-            request: FastifyRequest,
-            reply: FastifyReply
-        ) => Promise<void>;
-        requireRole: (
-            ...roles: UserRole[]
-        ) => (request: FastifyRequest, reply: FastifyReply) => Promise<void>;
-        requireAdmin: () => (
-            request: FastifyRequest,
-            reply: FastifyReply
-        ) => Promise<void>;
-        requireUser: () => (
-            request: FastifyRequest,
-            reply: FastifyReply
-        ) => Promise<void>;
-        requireAny: () => (
-            request: FastifyRequest,
-            reply: FastifyReply
-        ) => Promise<void>;
-    }
-}