npm - create-velox-app - Versions diffs - 0.4.2 → 0.4.4 - Mend

create-velox-app 0.4.2 → 0.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (174) hide show

package/dist/templates/source/web/vite.config.js ADDED Viewed

@@ -0,0 +1,22 @@
+import { defineConfig } from 'vite';
+import react from '@vitejs/plugin-react';
+import { TanStackRouterVite } from '@tanstack/router-plugin/vite';
+import path from 'node:path';
+export default defineConfig({
+    plugins: [TanStackRouterVite(), react()],
+    resolve: {
+        alias: {
+            '@': path.resolve(__dirname, './src'),
+        },
+    },
+    server: {
+        port: __WEB_PORT__,
+        proxy: {
+            '/api': {
+                target: 'http://localhost:__API_PORT__',
+                changeOrigin: true,
+            },
+        },
+    },
+});
+//# sourceMappingURL=vite.config.js.map

package/dist/templates/source/web/vite.config.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"vite.config.js","sourceRoot":"","sources":["../../../../src/templates/source/web/vite.config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,MAAM,CAAC;AACpC,OAAO,KAAK,MAAM,sBAAsB,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAClE,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,eAAe,YAAY,CAAC;IAC1B,OAAO,EAAE,CAAC,kBAAkB,EAAE,EAAE,KAAK,EAAE,CAAC;IACxC,OAAO,EAAE;QACP,KAAK,EAAE;YACL,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC;SACtC;KACF;IACD,MAAM,EAAE;QACN,IAAI,EAAE,YAAY;QAClB,KAAK,EAAE;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,+BAA+B;gBACvC,YAAY,EAAE,IAAI;aACnB;SACF;KACF;CACF,CAAC,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "create-velox-app",
-  "version": "0.4.2",
+  "version": "0.4.4",
   "description": "Project scaffolder for VeloxTS framework",
   "type": "module",
   "main": "dist/index.js",
@@ -16,8 +16,17 @@
   },
   "files": [
     "dist",
+    "src/templates/source",
     "README.md"
   ],
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "type-check": "tsc --noEmit",
+    "check:templates": "tsc -p tsconfig.templates.json --noEmit || true",
+    "clean": "rm -rf dist tsconfig.tsbuildinfo",
+    "smoke-test": "./scripts/smoke-test.sh"
+  },
   "dependencies": {
     "@clack/prompts": "0.11.0",
     "ora": "8.1.1",
@@ -45,12 +54,5 @@
   },
   "publishConfig": {
     "access": "public"
-  },
-  "scripts": {
-    "build": "tsc",
-    "dev": "tsc --watch",
-    "type-check": "tsc --noEmit",
-    "clean": "rm -rf dist tsconfig.tsbuildinfo",
-    "smoke-test": "./scripts/smoke-test.sh"
   }
-}
+}

package/src/templates/source/api/config/app.ts ADDED Viewed

@@ -0,0 +1,13 @@
+/**
+ * Application Configuration
+ */
+export const config = {
+  port: Number(process.env.PORT) || __API_PORT__,
+  host: process.env.HOST || '0.0.0.0',
+  logger: process.env.LOG_LEVEL !== 'silent',
+  apiPrefix: process.env.API_PREFIX || '/api',
+  env: (process.env.NODE_ENV || 'development') as 'development' | 'production' | 'test',
+} as const;
+export type AppConfig = typeof config;

package/src/templates/source/api/config/auth.ts ADDED Viewed

@@ -0,0 +1,202 @@
+/**
+ * Authentication Configuration
+ *
+ * JWT-based authentication configuration.
+ *
+ * SECURITY: JWT secrets are required from environment variables.
+ * The app will fail to start in production without them.
+ */
+import type { AuthPluginOptions } from '@veloxts/velox';
+import { prisma } from './database.js';
+// ============================================================================
+// Environment Variable Validation
+// ============================================================================
+/**
+ * Gets required JWT secrets from environment variables.
+ * Throws a clear error in production if secrets are not configured.
+ */
+function getRequiredSecrets(): { jwtSecret: string; refreshSecret: string } {
+  const jwtSecret = process.env.JWT_SECRET;
+  const refreshSecret = process.env.JWT_REFRESH_SECRET;
+  const isDevelopment = process.env.NODE_ENV !== 'production';
+  if (!jwtSecret || !refreshSecret) {
+    if (isDevelopment) {
+      console.warn(
+        '\n' +
+          '='.repeat(70) +
+          '\n' +
+          '  WARNING: JWT secrets not configured!\n' +
+          '  Using temporary development secrets. DO NOT USE IN PRODUCTION!\n' +
+          '\n' +
+          '  To configure secrets, add to .env:\n' +
+          '    JWT_SECRET=<generate with: openssl rand -base64 64>\n' +
+          '    JWT_REFRESH_SECRET=<generate with: openssl rand -base64 64>\n' +
+          '='.repeat(70) +
+          '\n'
+      );
+      return {
+        jwtSecret:
+          jwtSecret || `dev-only-jwt-secret-${Math.random().toString(36).substring(2).repeat(4)}`,
+        refreshSecret:
+          refreshSecret ||
+          `dev-only-refresh-secret-${Math.random().toString(36).substring(2).repeat(4)}`,
+      };
+    }
+    throw new Error(
+      '\n' +
+        'CRITICAL: JWT secrets are required but not configured.\n' +
+        '\n' +
+        'Required environment variables:\n' +
+        '  - JWT_SECRET: Secret for signing access tokens (64+ characters)\n' +
+        '  - JWT_REFRESH_SECRET: Secret for signing refresh tokens (64+ characters)\n' +
+        '\n' +
+        'Generate secure secrets with:\n' +
+        '  openssl rand -base64 64\n' +
+        '\n' +
+        'Add them to your environment or .env file before starting the server.\n'
+    );
+  }
+  return { jwtSecret, refreshSecret };
+}
+// ============================================================================
+// Token Revocation Store
+// ============================================================================
+/**
+ * In-memory token revocation store.
+ *
+ * PRODUCTION NOTE: Replace with Redis or database-backed store for:
+ * - Persistence across server restarts
+ * - Horizontal scaling (multiple server instances)
+ */
+class InMemoryTokenStore {
+  private revokedTokens: Map<string, number> = new Map();
+  private usedRefreshTokens: Map<string, string> = new Map();
+  private cleanupInterval: NodeJS.Timeout | null = null;
+  constructor() {
+    this.cleanupInterval = setInterval(() => this.cleanup(), 5 * 60 * 1000);
+  }
+  revoke(jti: string, expiresInMs: number = 7 * 24 * 60 * 60 * 1000): void {
+    this.revokedTokens.set(jti, Date.now() + expiresInMs);
+  }
+  isRevoked(jti: string): boolean {
+    const expiry = this.revokedTokens.get(jti);
+    if (!expiry) return false;
+    if (Date.now() > expiry) {
+      this.revokedTokens.delete(jti);
+      return false;
+    }
+    return true;
+  }
+  markRefreshTokenUsed(jti: string, userId: string): void {
+    this.usedRefreshTokens.set(jti, userId);
+    setTimeout(() => this.usedRefreshTokens.delete(jti), 7 * 24 * 60 * 60 * 1000);
+  }
+  isRefreshTokenUsed(jti: string): string | undefined {
+    return this.usedRefreshTokens.get(jti);
+  }
+  revokeAllUserTokens(userId: string): void {
+    console.warn(
+      `[Security] Token reuse detected for user ${userId}. ` +
+        'All tokens should be revoked. Implement proper user->token mapping for production.'
+    );
+  }
+  private cleanup(): void {
+    const now = Date.now();
+    for (const [jti, expiry] of this.revokedTokens.entries()) {
+      if (now > expiry) {
+        this.revokedTokens.delete(jti);
+      }
+    }
+  }
+}
+export const tokenStore = new InMemoryTokenStore();
+// ============================================================================
+// Role Parsing
+// ============================================================================
+const ALLOWED_ROLES = ['user', 'admin', 'moderator', 'editor'] as const;
+export function parseUserRoles(rolesJson: string | null): string[] {
+  if (!rolesJson) return ['user'];
+  try {
+    const parsed: unknown = JSON.parse(rolesJson);
+    if (!Array.isArray(parsed)) {
+      return ['user'];
+    }
+    const validRoles = parsed
+      .filter((role): role is string => typeof role === 'string')
+      .filter((role) => ALLOWED_ROLES.includes(role as (typeof ALLOWED_ROLES)[number]));
+    return validRoles.length > 0 ? validRoles : ['user'];
+  } catch {
+    return ['user'];
+  }
+}
+// ============================================================================
+// User Loader
+// ============================================================================
+async function userLoader(userId: string) {
+  const user = await prisma.user.findUnique({
+    where: { id: userId },
+  });
+  if (!user) return null;
+  return {
+    id: user.id,
+    email: user.email,
+    name: user.name,
+    roles: parseUserRoles(user.roles),
+  };
+}
+// ============================================================================
+// Auth Configuration
+// ============================================================================
+export function createAuthConfig(): AuthPluginOptions {
+  const { jwtSecret, refreshSecret } = getRequiredSecrets();
+  return {
+    jwt: {
+      secret: jwtSecret,
+      refreshSecret: refreshSecret,
+      accessTokenExpiry: '15m',
+      refreshTokenExpiry: '7d',
+      issuer: 'velox-app',
+      audience: 'velox-app-client',
+    },
+    userLoader,
+    isTokenRevoked: async (jti: string) => tokenStore.isRevoked(jti),
+    rateLimit: {
+      max: 100,
+      windowMs: 60000,
+    },
+  };
+}
+export const authConfig = createAuthConfig();

package/src/templates/source/api/config/database.ts ADDED Viewed

@@ -0,0 +1,22 @@
+/**
+ * Database Client (Prisma 7.x)
+ *
+ * Prisma 7 requires:
+ * - Generated client from custom output path
+ * - Driver adapter for database connections
+ */
+import { PrismaBetterSqlite3 } from '@prisma/adapter-better-sqlite3';
+import { PrismaClient } from '../generated/prisma/client.js';
+// Validate DATABASE_URL is set
+if (!process.env.DATABASE_URL) {
+  throw new Error('DATABASE_URL environment variable is required');
+}
+// Create SQLite adapter with database URL from environment
+const adapter = new PrismaBetterSqlite3({ url: process.env.DATABASE_URL });
+// Export configured Prisma client
+export const prisma = new PrismaClient({ adapter });

package/src/templates/source/api/env.auth ADDED Viewed

@@ -0,0 +1,22 @@
+# Database URL
+# SQLite (local development):
+DATABASE_URL="file:./dev.db"
+# PostgreSQL (production):
+# DATABASE_URL="postgresql://user:password@localhost:5432/myapp"
+# Server Configuration
+PORT=__API_PORT__
+HOST=0.0.0.0
+NODE_ENV=development
+# API Configuration
+API_PREFIX=/api
+# ============================================================================
+# Authentication (REQUIRED for production)
+# ============================================================================
+# Generate new secrets with: openssl rand -base64 64
+#
+# IMPORTANT: Replace these development secrets before deploying to production!
+JWT_SECRET=development-only-jwt-secret-replace-in-production-must-be-64-chars-or-longer
+JWT_REFRESH_SECRET=development-only-refresh-secret-replace-in-production-must-be-64-chars

package/src/templates/source/api/env.default ADDED Viewed

@@ -0,0 +1,13 @@
+# Database URL
+# SQLite (local development):
+DATABASE_URL="file:./dev.db"
+# PostgreSQL (production):
+# DATABASE_URL="postgresql://user:password@localhost:5432/myapp"
+# Server Configuration
+PORT=__API_PORT__
+HOST=0.0.0.0
+NODE_ENV=development
+# API Configuration
+API_PREFIX=/api

package/src/templates/source/api/index.auth.ts ADDED Viewed

@@ -0,0 +1,30 @@
+/**
+ * Application Entry Point
+ */
+import 'dotenv/config';
+import { veloxApp, databasePlugin, authPlugin, rest } from '@veloxts/velox';
+import { config } from './config/app.js';
+import { authConfig } from './config/auth.js';
+import { prisma } from './config/database.js';
+import { authProcedures } from './procedures/auth.js';
+import { healthProcedures } from './procedures/health.js';
+import { userProcedures } from './procedures/users.js';
+const app = await veloxApp({
+  port: config.port,
+  host: config.host,
+  logger: config.logger,
+});
+await app.register(databasePlugin({ client: prisma }));
+await app.register(authPlugin(authConfig));
+app.routes(
+  rest([healthProcedures, authProcedures, userProcedures], {
+    prefix: config.apiPrefix,
+  })
+);
+await app.start();

package/src/templates/source/api/index.default.ts ADDED Viewed

@@ -0,0 +1,27 @@
+/**
+ * Application Entry Point
+ */
+import 'dotenv/config';
+import { veloxApp, databasePlugin, rest } from '@veloxts/velox';
+import { config } from './config/app.js';
+import { prisma } from './config/database.js';
+import { healthProcedures } from './procedures/health.js';
+import { userProcedures } from './procedures/users.js';
+const app = await veloxApp({
+  port: config.port,
+  host: config.host,
+  logger: config.logger,
+});
+await app.register(databasePlugin({ client: prisma }));
+app.routes(
+  rest([healthProcedures, userProcedures], {
+    prefix: config.apiPrefix,
+  })
+);
+await app.start();

package/src/templates/source/api/package.auth.json ADDED Viewed

@@ -0,0 +1,40 @@
+{
+  "name": "api",
+  "version": "0.0.1",
+  "private": true,
+  "type": "module",
+  "main": "dist/index.js",
+  "scripts": {
+    "build": "tsup",
+    "start": "node dist/index.js",
+    "dev": "tsx watch src/index.ts",
+    "dev:hmr": "velox dev --hmr",
+    "type-check": "tsc --noEmit",
+    "clean": "node -e \"require('fs').rmSync('dist',{recursive:true,force:true});require('fs').rmSync('tsconfig.tsbuildinfo',{force:true})\"",
+    "db:generate": "prisma generate",
+    "db:push": "prisma db push",
+    "db:studio": "prisma studio",
+    "postinstall": "prisma generate"
+  },
+  "dependencies": {
+    "@prisma/adapter-better-sqlite3": "7.1.0",
+    "@prisma/client": "7.1.0",
+    "@veloxts/velox": "__VELOXTS_VERSION__",
+    "bcrypt": "5.1.1",
+    "better-sqlite3": "12.5.0",
+    "dotenv": "17.2.3",
+    "zod": "3.24.4"
+  },
+  "devDependencies": {
+    "@types/bcrypt": "5.0.2",
+    "@veloxts/cli": "__VELOXTS_VERSION__",
+    "hot-hook": "0.4.0",
+    "prisma": "7.1.0",
+    "tsup": "8.5.1",
+    "tsx": "4.21.0",
+    "typescript": "5.9.3"
+  },
+  "hotHook": {
+    "boundaries": ["./src/procedures/**/*.ts", "./src/schemas/**/*.ts", "./src/handlers/**/*.ts"]
+  }
+}

package/src/templates/source/api/package.default.json ADDED Viewed

@@ -0,0 +1,38 @@
+{
+  "name": "api",
+  "version": "0.0.1",
+  "private": true,
+  "type": "module",
+  "main": "dist/index.js",
+  "scripts": {
+    "build": "tsup",
+    "start": "node dist/index.js",
+    "dev": "tsx watch src/index.ts",
+    "dev:hmr": "velox dev --hmr",
+    "type-check": "tsc --noEmit",
+    "clean": "node -e \"require('fs').rmSync('dist',{recursive:true,force:true});require('fs').rmSync('tsconfig.tsbuildinfo',{force:true})\"",
+    "db:generate": "prisma generate",
+    "db:push": "prisma db push",
+    "db:studio": "prisma studio",
+    "postinstall": "prisma generate"
+  },
+  "dependencies": {
+    "@prisma/adapter-better-sqlite3": "7.1.0",
+    "@prisma/client": "7.1.0",
+    "@veloxts/velox": "__VELOXTS_VERSION__",
+    "better-sqlite3": "12.5.0",
+    "dotenv": "17.2.3",
+    "zod": "3.24.4"
+  },
+  "devDependencies": {
+    "@veloxts/cli": "__VELOXTS_VERSION__",
+    "hot-hook": "0.4.0",
+    "prisma": "7.1.0",
+    "tsup": "8.5.1",
+    "tsx": "4.21.0",
+    "typescript": "5.9.3"
+  },
+  "hotHook": {
+    "boundaries": ["./src/procedures/**/*.ts", "./src/schemas/**/*.ts", "./src/handlers/**/*.ts"]
+  }
+}

package/src/templates/source/api/prisma/schema.auth.prisma ADDED Viewed

@@ -0,0 +1,30 @@
+// Prisma Schema
+//
+// This schema defines the database structure with authentication support.
+// Using SQLite for simplicity - easily swap to PostgreSQL for production.
+generator client {
+  provider = "prisma-client"
+  output   = "../src/generated/prisma"
+}
+datasource db {
+  provider = "sqlite"
+}
+// ============================================================================
+// User Model
+// ============================================================================
+/// User model with authentication support
+model User {
+  id        String   @id @default(uuid())
+  name      String
+  email     String   @unique
+  password  String?  // Hashed password (optional for social auth)
+  roles     String   @default("[\"user\"]") // JSON array of roles
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+  @@map("users")
+}

package/src/templates/source/api/prisma/schema.default.prisma ADDED Viewed

@@ -0,0 +1,28 @@
+// Prisma Schema
+//
+// This schema defines the database structure.
+// Using SQLite for simplicity - easily swap to PostgreSQL for production.
+generator client {
+  provider = "prisma-client"
+  output   = "../src/generated/prisma"
+}
+datasource db {
+  provider = "sqlite"
+}
+// ============================================================================
+// User Model
+// ============================================================================
+/// User model for basic CRUD demonstration
+model User {
+  id        String   @id @default(uuid())
+  name      String
+  email     String   @unique
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+  @@map("users")
+}

package/src/templates/source/api/prisma.config.ts ADDED Viewed

@@ -0,0 +1,15 @@
+/**
+ * Prisma Configuration (Prisma 7.x)
+ *
+ * Database URL is configured here instead of schema.prisma.
+ */
+import 'dotenv/config';
+import { defineConfig } from 'prisma/config';
+export default defineConfig({
+  schema: './prisma/schema.prisma',
+  datasource: {
+    url: process.env.DATABASE_URL!,
+  },
+});