create-tigra 1.1.0 → 2.0.1

package/template/server/src/libs/error-handler.ts

@@ -1,89 +0,0 @@
-import { FastifyError, FastifyReply, FastifyRequest } from 'fastify';
-import { ZodError } from 'zod';
-import { Prisma } from '@prisma/client';
-import jsonwebtoken from 'jsonwebtoken';
-import { env } from '../config/env.js';
-import { AppError, InternalError } from '../utils/errors.js';
-
-export function setupErrorHandler(error: FastifyError, request: FastifyRequest, reply: FastifyReply) {
-    // 1. Log the error internally
-    request.log.error({
-        err: error,
-        requestId: request.id,
-        userId: request.user?.userId,
-        path: request.url,
-    });
-
-    // 2. Handle known AppErrors
-    if (error instanceof AppError) {
-        return reply.status(error.statusCode).send({
-            success: false,
-            error: {
-                code: error.code,
-                message: error.message,
-            },
-        });
-    }
-
-    // 3. Handle Zod Validation Errors
-    if (error instanceof ZodError) {
-        return reply.status(400).send({
-            success: false,
-            error: {
-                code: 'VALIDATION_ERROR',
-                message: error.errors[0]?.message || 'Invalid input data',
-                details: error.errors,
-            },
-        });
-    }
-
-    // 4. Handle Prisma Database Errors
-    if (error instanceof Prisma.PrismaClientKnownRequestError) {
-        // P2002: Unique constraint failed
-        if (error.code === 'P2002') {
-            return reply.status(409).send({
-                success: false,
-                error: { code: 'CONFLICT', message: 'Resource already exists' },
-            });
-        }
-        // P2025: Record not found
-        if (error.code === 'P2025') {
-            return reply.status(404).send({
-                success: false,
-                error: { code: 'NOT_FOUND', message: 'Resource not found' },
-            });
-        }
-    }
-
-    // 5. Handle JWT Errors explicitly
-    if (error instanceof jsonwebtoken.TokenExpiredError) {
-        return reply.status(401).send({
-            success: false,
-            error: { code: 'UNAUTHORIZED', message: 'Token expired' },
-        });
-    }
-
-    if (error instanceof jsonwebtoken.JsonWebTokenError) {
-        return reply.status(401).send({
-            success: false,
-            error: { code: 'UNAUTHORIZED', message: 'Invalid token' },
-        });
-    }
-
-    // 6. Handle Rate Limit Errors
-    if (reply.statusCode === 429) {
-        return reply.send(error); // Keep custom error from rate-limit plugin
-    }
-
-    // 7. Fallback: Internal Server Error
-    const internalError = new InternalError();
-    return reply.status(500).send({
-        success: false,
-        error: {
-            code: internalError.code,
-            message: env.NODE_ENV === 'production'
-                ? 'An unexpected error occurred'
-                : error.message,
-        },
-    });
-}

package/template/server/src/libs/queue.ts

@@ -1,79 +0,0 @@
-/**
- * Background Job Queues
- * 
- * BullMQ queue configuration for asynchronous task processing.
- * 
- * @see /mnt/project/10-background-jobs-v2.md
- */
-
-import { Queue } from 'bullmq';
-import { redis } from './redis.js';
-import logger from './logger.js';
-
-/**
- * File Processing Queue
- * 
- * Handles file processing jobs (thumbnails, compression, format conversion, etc.)
- * 
- * Job Types:
- * - generate-thumbnail
- * - compress-image
- * - convert-format
- * - process-upload
- */
-export const fileQueue = new Queue('files', {
-    connection: redis as any,
-
-    defaultJobOptions: {
-        // Retry configuration
-        attempts: 3,
-        backoff: {
-            type: 'exponential',
-            delay: 2000, // Start with 2 seconds, then 4s, 8s
-        },
-
-        // Job cleanup
-        removeOnComplete: {
-            age: 3600, // Remove completed jobs after 1 hour
-            count: 100, // Keep max 100 completed jobs
-        },
-        removeOnFail: {
-            age: 86400, // Keep failed jobs for 24 hours
-        },
-
-
-    },
-});
-
-/**
- * Queue Event Handlers
- */
-fileQueue.on('error', (error: Error) => {
-    // Suppress ECONNREFUSED logs during reconnection attempts to reduce noise
-    if (error.message.includes('ECONNREFUSED') || error.stack?.includes('ECONNREFUSED')) {
-        return;
-    }
-
-    logger.error(
-        {
-            queue: 'files',
-            error: error.message,
-            stack: error.stack,
-        },
-        'File queue error'
-    );
-});
-
-fileQueue.on('waiting', (job) => {
-    logger.debug(
-        {
-            queue: 'files',
-            jobId: job.id,
-        },
-        'Job waiting in queue'
-    );
-});
-
-logger.info('File queue initialized');
-
-

package/template/server/src/modules/admin/admin.controller.ts

@@ -1,122 +0,0 @@
-/**
- * Admin Controller
- * HTTP request handlers for admin operations
- */
-
-import type { FastifyRequest, FastifyReply } from 'fastify';
-import { successResponse, paginatedResponse } from '../../utils/response.js';
-import { BadRequestError } from '../../utils/errors.js';
-import * as adminService from './admin.service.js';
-import type { ListUsersInput, UserIdInput, ChangeRoleInput } from './admin.schemas.js';
-
-/**
- * GET /admin/users
- * List all users with pagination
- */
-export async function listAllUsers(
-    request: FastifyRequest<{ Querystring: ListUsersInput }>,
-    reply: FastifyReply
-): Promise<FastifyReply> {
-    const { page, limit } = request.query;
-
-    const { users, totalCount } = await adminService.listAllUsers(page, limit);
-
-    return reply.status(200).send(
-        paginatedResponse('Users retrieved successfully', users, page, limit, totalCount)
-    );
-}
-
-/**
- * GET /admin/users/:id
- * Get user by ID
- */
-export async function getUserById(
-    request: FastifyRequest<{ Params: UserIdInput }>,
-    reply: FastifyReply
-): Promise<FastifyReply> {
-    const { id } = request.params;
-
-    const user = await adminService.getUserById(id);
-
-    return reply.status(200).send(
-        successResponse('User retrieved successfully', user)
-    );
-}
-
-/**
- * DELETE /admin/users/:id
- * Delete user
- */
-export async function deleteUser(
-    request: FastifyRequest<{ Params: UserIdInput }>,
-    reply: FastifyReply
-): Promise<FastifyReply> {
-    const { id } = request.params;
-
-    if (request.user?.userId === id) {
-        throw new BadRequestError('Cannot delete your own account');
-    }
-
-    await adminService.deleteUser(id);
-
-    return reply.status(200).send(
-        successResponse('User deleted successfully', null)
-    );
-}
-
-/**
- * POST /admin/users/:id/change-role
- * Change user role
- */
-export async function changeUserRole(
-    request: FastifyRequest<{
-        Params: UserIdInput;
-        Body: ChangeRoleInput;
-    }>,
-    reply: FastifyReply
-): Promise<FastifyReply> {
-    const { id } = request.params;
-    const { role } = request.body;
-
-    if (request.user?.userId === id) {
-        throw new BadRequestError('Cannot change your own role');
-    }
-
-    const updated = await adminService.changeUserRole(id, role);
-
-    return reply.status(200).send(
-        successResponse('User role updated successfully', updated)
-    );
-}
-
-/**
- * POST /admin/users/:id/verify-email
- * Manually verify user email
- */
-export async function verifyUserEmail(
-    request: FastifyRequest<{ Params: UserIdInput }>,
-    reply: FastifyReply
-): Promise<FastifyReply> {
-    const { id } = request.params;
-
-    await adminService.verifyUserEmail(id);
-
-    return reply.status(200).send(
-        successResponse('User email verified successfully', null)
-    );
-}
-
-/**
- * GET /admin/stats
- * Get system statistics
- */
-export async function getSystemStats(
-    request: FastifyRequest,
-    reply: FastifyReply
-): Promise<FastifyReply> {
-    const stats = await adminService.getSystemStats();
-
-    return reply.status(200).send(
-        successResponse('System statistics retrieved successfully', stats)
-    );
-}

package/template/server/src/modules/admin/admin.routes.ts

@@ -1,62 +0,0 @@
-import { FastifyInstance } from 'fastify';
-import * as adminController from './admin.controller.js';
-
-/**
- * Admin Routes
- * All routes require ADMIN role
- */
-export async function adminRoutes(app: FastifyInstance) {
-    /**
-     * GET /admin/users
-     * List all users with pagination
-     */
-    app.get('/users', {
-        preHandler: [app.authenticate, app.requireAdmin()],
-        handler: adminController.listAllUsers,
-    });
-
-    /**
-     * GET /admin/users/:id
-     * Get user details
-     */
-    app.get('/users/:id', {
-        preHandler: [app.authenticate, app.requireAdmin()],
-        handler: adminController.getUserById,
-    });
-
-    /**
-     * DELETE /admin/users/:id
-     * Delete user
-     */
-    app.delete('/users/:id', {
-        preHandler: [app.authenticate, app.requireAdmin()],
-        handler: adminController.deleteUser,
-    });
-
-    /**
-     * POST /admin/users/:id/change-role
-     * Change user role
-     */
-    app.post('/users/:id/change-role', {
-        preHandler: [app.authenticate, app.requireAdmin()],
-        handler: adminController.changeUserRole,
-    });
-
-    /**
-     * POST /admin/users/:id/verify-email
-     * Manually verify user email
-     */
-    app.post('/users/:id/verify-email', {
-        preHandler: [app.authenticate, app.requireAdmin()],
-        handler: adminController.verifyUserEmail,
-    });
-
-    /**
-     * GET /admin/stats
-     * Get system statistics
-     */
-    app.get('/stats', {
-        preHandler: [app.authenticate, app.requireAdmin()],
-        handler: adminController.getSystemStats,
-    });
-}

package/template/server/src/modules/admin/admin.schemas.ts

@@ -1,35 +0,0 @@
-/**
- * Admin Module Validation Schemas
- */
-
-import { z } from 'zod';
-
-/**
- * List users query parameters
- */
-export const ListUsersSchema = z.object({
-    page: z.coerce.number().int().min(1).default(1),
-    limit: z.coerce.number().int().min(1).max(100).default(10),
-});
-
-export type ListUsersInput = z.infer<typeof ListUsersSchema>;
-
-/**
- * User ID parameter
- */
-export const UserIdSchema = z.object({
-    id: z.string().uuid('Invalid user ID format'),
-});
-
-export type UserIdInput = z.infer<typeof UserIdSchema>;
-
-/**
- * Change role request body
- */
-export const ChangeRoleSchema = z.object({
-    role: z.enum(['USER', 'ADMIN'], {
-        errorMap: () => ({ message: 'Role must be USER or ADMIN' }),
-    }),
-});
-
-export type ChangeRoleInput = z.infer<typeof ChangeRoleSchema>;

package/template/server/src/modules/admin/admin.service.ts

@@ -1,167 +0,0 @@
-/**
- * Admin Service
- * Business logic for admin operations
- */
-
-import { prisma } from '../../libs/db.js';
-import { NotFoundError, BadRequestError } from '../../utils/errors.js';
-import logger from '../../libs/logger.js';
-import type { UserRole } from '@prisma/client';
-
-/**
- * List all users with pagination
- */
-export async function listAllUsers(page: number = 1, limit: number = 10) {
-    const skip = (page - 1) * limit;
-
-    const [users, totalCount] = await Promise.all([
-        prisma.user.findMany({
-            select: {
-                id: true,
-                email: true,
-                name: true,
-                role: true,
-                emailVerified: true,
-                createdAt: true,
-                updatedAt: true,
-            },
-            skip,
-            take: limit,
-            orderBy: { createdAt: 'desc' },
-        }),
-        prisma.user.count(),
-    ]);
-
-    return { users, totalCount };
-}
-
-/**
- * Get user by ID
- */
-export async function getUserById(userId: string) {
-    const user = await prisma.user.findUnique({
-        where: { id: userId },
-        select: {
-            id: true,
-            email: true,
-            name: true,
-            role: true,
-            emailVerified: true,
-            createdAt: true,
-            updatedAt: true,
-        },
-    });
-
-    if (!user) {
-        throw new NotFoundError('User not found');
-    }
-
-    return user;
-}
-
-/**
- * Delete user
- */
-export async function deleteUser(userId: string) {
-    const user = await prisma.user.findUnique({
-        where: { id: userId },
-    });
-
-    if (!user) {
-        throw new NotFoundError('User not found');
-    }
-
-    await prisma.user.delete({
-        where: { id: userId },
-    });
-
-    logger.info({ userId }, 'User deleted by admin');
-}
-
-/**
- * Change user role
- */
-export async function changeUserRole(userId: string, newRole: UserRole) {
-    const user = await prisma.user.findUnique({
-        where: { id: userId },
-    });
-
-    if (!user) {
-        throw new NotFoundError('User not found');
-    }
-
-    const updated = await prisma.user.update({
-        where: { id: userId },
-        data: { role: newRole },
-        select: {
-            id: true,
-            email: true,
-            role: true,
-        },
-    });
-
-    logger.info({ userId, oldRole: user.role, newRole }, 'User role changed by admin');
-
-    return updated;
-}
-
-/**
- * Manually verify user email
- */
-export async function verifyUserEmail(userId: string) {
-    const user = await prisma.user.findUnique({
-        where: { id: userId },
-    });
-
-    if (!user) {
-        throw new NotFoundError('User not found');
-    }
-
-    if (user.emailVerified) {
-        throw new BadRequestError('Email already verified');
-    }
-
-    await prisma.user.update({
-        where: { id: userId },
-        data: { emailVerified: true },
-    });
-
-    logger.info({ userId }, 'User email verified by admin');
-}
-
-/**
- * Get system statistics
- */
-export async function getSystemStats() {
-    const [
-        totalUsers,
-        totalAdmins,
-        totalResources,
-        verifiedUsers,
-        usersToday,
-    ] = await Promise.all([
-        prisma.user.count(),
-        prisma.user.count({ where: { role: 'ADMIN' } }),
-        prisma.resource.count(),
-        prisma.user.count({ where: { emailVerified: true } }),
-        prisma.user.count({
-            where: {
-                createdAt: {
-                    gte: new Date(new Date().setHours(0, 0, 0, 0)),
-                },
-            },
-        }),
-    ]);
-
-    return {
-        users: {
-            total: totalUsers,
-            admins: totalAdmins,
-            verified: verifiedUsers,
-            registeredToday: usersToday,
-        },
-        resources: {
-            total: totalResources,
-        },
-    };
-}

package/template/server/src/modules/auth/auth.integration.test.ts

@@ -1,150 +0,0 @@
-import { describe, it, expect, vi, beforeAll, afterAll } from 'vitest';
-import buildApp from '../../app';
-import * as authService from './auth.service';
-import type { FastifyInstance } from 'fastify';
-
-// Mock auth service to avoid real DB calls
-vi.mock('./auth.service');
-
-// Mock db and redis to prevent connection attempts during integration tests
-vi.mock('@/libs/db', () => ({
-    prisma: {
-        $connect: vi.fn(),
-        $disconnect: vi.fn(),
-        $on: vi.fn(),
-        user: { findUnique: vi.fn() },
-        $queryRaw: vi.fn(),
-    },
-}));
-vi.mock('@/libs/redis', () => ({
-    redis: {
-        get: vi.fn(),
-        set: vi.fn(),
-        setex: vi.fn(),
-        del: vi.fn(),
-        ping: vi.fn().mockResolvedValue('PONG'),
-        call: vi.fn(),
-        on: vi.fn(),
-        off: vi.fn(),
-        quit: vi.fn(),
-        incr: vi.fn().mockResolvedValue(1),
-        expire: vi.fn(),
-        ttl: vi.fn().mockResolvedValue(-1),
-    },
-}));
-
-vi.mock('@/libs/logger', () => ({
-    default: {
-        info: vi.fn(),
-        error: vi.fn(),
-        warn: vi.fn(),
-        debug: vi.fn(),
-        fatal: vi.fn(),
-        child: vi.fn().mockReturnThis(),
-    },
-}));
-
-/**
- * Integration tests are skipped because they require full Fastify app initialization
- * with all plugins (rate-limit, etc.) which need complex mocking.
- *
- * For proper integration testing, use a test database and real dependencies.
- * Unit tests (auth.service.test.ts, rbac.middleware.test.ts) provide adequate coverage.
- */
-describe.skip('Auth Integration', () => {
-    let app: FastifyInstance;
-
-    beforeAll(async () => {
-        try {
-            app = await buildApp();
-            await app.ready();
-        } catch (error) {
-            console.error('Failed to build app:', error);
-            throw error;
-        }
-    });
-
-    afterAll(async () => {
-        if (app) {
-            await app.close();
-        }
-    });
-
-    describe('POST /auth/register', () => {
-        it('should register a user', async () => {
-            const payload = {
-                email: 'newuser@example.com',
-                password: 'Password123!',
-                name: 'New User',
-            };
-
-            const mockResponse = {
-                user: {
-                    id: '123',
-                    email: payload.email,
-                    name: payload.name,
-                    role: 'USER',
-                    emailVerified: false,
-                    createdAt: new Date(),
-                    updatedAt: new Date(),
-                },
-                tokens: {
-                    accessToken: 'access-token',
-                    refreshToken: 'refresh-token',
-                    expiresIn: 3600,
-                },
-            };
-
-            vi.mocked(authService.register).mockResolvedValue(mockResponse as any);
-
-            const response = await app.inject({
-                method: 'POST',
-                url: '/api/v1/auth/register',
-                payload,
-            });
-
-            expect(response.statusCode).toBe(201);
-            expect(response.json().success).toBe(true);
-            expect(response.json().data.user.email).toBe(payload.email);
-        });
-
-        it('should validate input', async () => {
-            const response = await app.inject({
-                method: 'POST',
-                url: '/api/v1/auth/register',
-                payload: {
-                    email: 'invalid-email',
-                    password: 'short',
-                },
-            });
-
-            expect(response.statusCode).toBe(400);
-            expect(response.json().success).toBe(false);
-        });
-    });
-
-    describe('POST /auth/login', () => {
-        it('should login a user', async () => {
-            const payload = {
-                email: 'user@example.com',
-                password: 'Password123!',
-            };
-
-            const mockResponse = {
-                user: { id: '123', email: payload.email, role: 'USER' },
-                tokens: { accessToken: 'token', refreshToken: 'refresh' },
-            };
-
-            vi.mocked(authService.login).mockResolvedValue(mockResponse as any);
-
-            const response = await app.inject({
-                method: 'POST',
-                url: '/api/v1/auth/login',
-                payload,
-            });
-
-            expect(response.statusCode).toBe(200);
-            expect(response.json().success).toBe(true);
-        });
-    });
-});