create-z3 0.0.56 → 0.0.57

package/dist/index.js

@@ -1817,6 +1817,75 @@ async function replacePlaceholder(filePath, placeholder, content, options) {
   }
   await fs3.writeFile(filePath, updatedLines.join("\n"), "utf-8");
 }
+function generateOrganizationsPlugin() {
+  return `organization({
+    roles: {
+      admin: {
+        permissions: ["organization:read", "organization:write", "member:write"]
+      },
+      member: {
+        permissions: ["organization:read"]
+      }
+    },
+    adminRole: "admin"
+  }),`;
+}
+function generateOrganizationsSchema() {
+  return `// Organization tables
+  [TABLE_SLUG_ORGANIZATIONS]: defineTable({
+    name: v.string(),
+    slug: v.string(),
+    metadata: v.optional(v.any()),
+    logo: v.optional(v.string()),
+    createdAt: v.number(),
+    updatedAt: v.number(),
+  })
+    .index("by_slug", ["slug"]),
+
+  [TABLE_SLUG_ORGANIZATION_MEMBERS]: defineTable({
+    userId: v.id(TABLE_SLUG_USERS),
+    organizationId: v.id(TABLE_SLUG_ORGANIZATIONS),
+    role: v.string(),
+    createdAt: v.number(),
+    updatedAt: v.number(),
+  })
+    .index("by_user", ["userId"])
+    .index("by_organization", ["organizationId"])
+    .index("by_user_organization", ["userId", "organizationId"]),`;
+}
+function generateUserOrganizationFields() {
+  return `activeOrganizationId: v.optional(v.id(TABLE_SLUG_ORGANIZATIONS)),`;
+}
+function generateOrganizationRoles() {
+  return `
+export const ORGANIZATION_ROLES = {
+  admin: "admin",
+  member: "member",
+} as const;
+export type OrganizationRole = (typeof ORGANIZATION_ROLES)[keyof typeof ORGANIZATION_ROLES];`;
+}
+function generateOrganizationTableConstants() {
+  return `export const TABLE_SLUG_ORGANIZATIONS = "organization" as const;
+export const TABLE_SLUG_ORGANIZATION_MEMBERS = "organization_member" as const;`;
+}
+function generateOrganizationTableImports() {
+  return `,
+  TABLE_SLUG_ORGANIZATIONS,
+  TABLE_SLUG_ORGANIZATION_MEMBERS`;
+}
+function generateUserWithOrganizationType() {
+  return `import { OrganizationRole } from './constants/auth';
+
+export type UserWithOrganization = User & {
+  organization?: {
+    id: string;
+    name: string;
+    slug: string;
+    role: OrganizationRole;
+    metadata?: any;
+  } | null;
+};`;
+}
 function generateCredentialsValue(enabled) {
   return `credentials={${enabled}}`;
 }
@@ -2196,6 +2265,18 @@ Make sure you are authenticated with GitHub CLI (run "gh auth login")`
       oauthUISpinner.fail("Failed to configure OAuth UI");
       throw error;
     }
+    const multitenancySpinner = ora("Configuring multitenancy...").start();
+    try {
+      await this.updateMultitenancyConfig(options.multitenancy);
+      if (options.multitenancy) {
+        multitenancySpinner.succeed("Multitenancy configuration updated");
+      } else {
+        multitenancySpinner.succeed("Multitenancy placeholders cleaned up");
+      }
+    } catch (error) {
+      multitenancySpinner.fail("Failed to configure multitenancy");
+      throw error;
+    }
     const envSpinner = ora("Updating .env.example...").start();
     try {
       await this.updateEnvExample(options.oauthProviders);
@@ -2389,6 +2470,59 @@ var TanStackInstaller = class extends FrameworkInstaller {
       runtimeMapping
     );
   }
+  /**
+   * Configure multitenancy with organizations
+   * Updates auth plugins, schema, and user types for organization support
+   * Target files:
+   * - convex/auth/plugins/index.ts - Add organization plugin
+   * - convex/schema.ts - Add organization and membership tables
+   * - src/db/constants/auth.ts - Add organization roles
+   * - src/db/types.ts - Update user type with organization
+   *
+   * @param enabled - Whether multitenancy is enabled
+   */
+  async updateMultitenancyConfig(enabled) {
+    const pluginsFilePath = join2(this.targetPath, "convex/auth/plugins/index.ts");
+    await replacePlaceholder(
+      pluginsFilePath,
+      "// {{ORGANIZATIONS_PLUGIN}}",
+      enabled ? generateOrganizationsPlugin() : ""
+    );
+    const schemaFilePath = join2(this.targetPath, "convex/schema.ts");
+    await replacePlaceholder(
+      schemaFilePath,
+      "// {{ORGANIZATION_TABLE_IMPORTS}}",
+      enabled ? generateOrganizationTableImports() : ""
+    );
+    await replacePlaceholder(
+      schemaFilePath,
+      "// {{ORGANIZATIONS_SCHEMA}}",
+      enabled ? generateOrganizationsSchema() : ""
+    );
+    await replacePlaceholder(
+      schemaFilePath,
+      "// {{USER_ORGANIZATION_FIELDS}}",
+      enabled ? generateUserOrganizationFields() : ""
+    );
+    const constantsFilePath = join2(this.targetPath, "src/db/constants/auth.ts");
+    await replacePlaceholder(
+      constantsFilePath,
+      "// {{ORGANIZATION_ROLES}}",
+      enabled ? generateOrganizationRoles() : ""
+    );
+    const constantsIndexFilePath = join2(this.targetPath, "src/db/constants/index.ts");
+    await replacePlaceholder(
+      constantsIndexFilePath,
+      "// {{ORGANIZATION_TABLES}}",
+      enabled ? generateOrganizationTableConstants() : ""
+    );
+    const typesFilePath = join2(this.targetPath, "src/db/types.ts");
+    await replacePlaceholder(
+      typesFilePath,
+      "// {{USER_WITH_ORGANIZATION_TYPE}}",
+      enabled ? generateUserWithOrganizationType() : ""
+    );
+  }
 };
 
 // src/installers/nextjs.ts
@@ -2522,6 +2656,59 @@ var NextJSInstaller = class extends FrameworkInstaller {
       runtimeMapping
     );
   }
+  /**
+   * Configure multitenancy with organizations
+   * Updates auth plugins, schema, and user types for organization support
+   * Target files:
+   * - convex/auth/plugins/index.ts - Add organization plugin
+   * - convex/schema.ts - Add organization and membership tables
+   * - src/db/constants/auth.ts - Add organization roles
+   * - src/db/types.ts - Update user type with organization
+   *
+   * @param enabled - Whether multitenancy is enabled
+   */
+  async updateMultitenancyConfig(enabled) {
+    const pluginsFilePath = join3(this.targetPath, "convex/auth/plugins/index.ts");
+    await replacePlaceholder(
+      pluginsFilePath,
+      "// {{ORGANIZATIONS_PLUGIN}}",
+      enabled ? generateOrganizationsPlugin() : ""
+    );
+    const schemaFilePath = join3(this.targetPath, "convex/schema.ts");
+    await replacePlaceholder(
+      schemaFilePath,
+      "// {{ORGANIZATION_TABLE_IMPORTS}}",
+      enabled ? generateOrganizationTableImports() : ""
+    );
+    await replacePlaceholder(
+      schemaFilePath,
+      "// {{ORGANIZATIONS_SCHEMA}}",
+      enabled ? generateOrganizationsSchema() : ""
+    );
+    await replacePlaceholder(
+      schemaFilePath,
+      "// {{USER_ORGANIZATION_FIELDS}}",
+      enabled ? generateUserOrganizationFields() : ""
+    );
+    const constantsFilePath = join3(this.targetPath, "src/db/constants/auth.ts");
+    await replacePlaceholder(
+      constantsFilePath,
+      "// {{ORGANIZATION_ROLES}}",
+      enabled ? generateOrganizationRoles() : ""
+    );
+    const constantsIndexFilePath = join3(this.targetPath, "src/db/constants/index.ts");
+    await replacePlaceholder(
+      constantsIndexFilePath,
+      "// {{ORGANIZATION_TABLES}}",
+      enabled ? generateOrganizationTableConstants() : ""
+    );
+    const typesFilePath = join3(this.targetPath, "src/db/types.ts");
+    await replacePlaceholder(
+      typesFilePath,
+      "// {{USER_WITH_ORGANIZATION_TYPE}}",
+      enabled ? generateUserWithOrganizationType() : ""
+    );
+  }
 };
 
 // src/index.ts
@@ -2645,6 +2832,21 @@ program.name("create-z3").version(packageJson.version).description("CLI for scaf
       console.log(chalk2.yellow("   Your app will have no user authentication."));
       console.log();
     }
+    let multitenancy = false;
+    if (emailPassword || oauthProviders.length > 0) {
+      multitenancy = await confirm({
+        message: "Enable multitenancy with organizations?",
+        default: false
+      });
+      if (multitenancy) {
+        console.log();
+        console.log(chalk2.cyan("\u{1F3E2} Organizations enabled:"));
+        console.log(chalk2.dim("   \u2022 Users can belong to multiple organizations"));
+        console.log(chalk2.dim("   \u2022 Role-based permissions per organization"));
+        console.log(chalk2.dim("   \u2022 Admin users can manage organization members"));
+        console.log();
+      }
+    }
     console.log();
     console.log(chalk2.dim("\u{1F4A1} TweakCN themes: Visit https://tweakcn.com/themes/[theme-id]"));
     console.log(chalk2.dim('   Click "Code" button and copy the CSS.'));
@@ -2688,6 +2890,7 @@ program.name("create-z3").version(packageJson.version).description("CLI for scaf
       framework,
       emailPasswordAuth: emailPassword,
       oauthProviders,
+      multitenancy,
       tweakcnTheme,
       initGit,
       installDependencies
@@ -2733,6 +2936,11 @@ program.name("create-z3").version(packageJson.version).description("CLI for scaf
     } else {
       console.log(chalk2.dim("Authentication: None selected"));
     }
+    if (multitenancy) {
+      console.log("Organizations: Enabled");
+    } else {
+      console.log("Organizations: Disabled");
+    }
     if (tweakcnTheme) {
       console.log("Theme: Custom TweakCN theme");
     } else {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-z3",
-  "version": "0.0.56",
+  "version": "0.0.57",
   "type": "module",
   "description": "CLI for scaffolding Z3 Stack applications (TanStack/Next.js + Convex + Better Auth)",
   "bin": {

package/templates/nextjs/convex/auth/plugins/index.ts

@@ -1,5 +1,5 @@
 import { nextCookies } from "better-auth/next-js"
-import { admin } from "better-auth/plugins"
+import { admin, organization } from "better-auth/plugins"
 import { apiKey } from "@better-auth/api-key"
 import { convex } from "@convex-dev/better-auth/plugins"
 import { USER_ROLES } from "~/db/constants"
@@ -14,6 +14,7 @@ export const createPlugins = () => [
     adminRoles: [USER_ROLES.admin],
     defaultRole: USER_ROLES.user,
   }),
+  // {{ORGANIZATIONS_PLUGIN}}
   apiKey(),
   nextCookies(),
   convex({ authConfig }),

package/templates/nextjs/convex/schema.ts

@@ -1,7 +1,15 @@
 import { defineSchema, defineTable } from "convex/server";
 import { v } from "convex/values"
 
-import { TABLE_SLUG_ACCOUNTS, TABLE_SLUG_API_KEYS, TABLE_SLUG_JWKS, TABLE_SLUG_SESSIONS, TABLE_SLUG_USERS, TABLE_SLUG_VERIFICATIONS } from "~/db/constants";
+import { 
+  TABLE_SLUG_ACCOUNTS, 
+  TABLE_SLUG_API_KEYS, 
+  TABLE_SLUG_JWKS, 
+  TABLE_SLUG_SESSIONS, 
+  TABLE_SLUG_USERS, 
+  TABLE_SLUG_VERIFICATIONS
+  // {{ORGANIZATION_TABLE_IMPORTS}}
+} from "~/db/constants";
 
 export default defineSchema({
   // Better Auth component tables (type definitions only - actual tables are in component)
@@ -23,7 +31,8 @@ export default defineSchema({
     roles: v.array(v.string()), // our multi-role field via additionalFields
     twoFactorEnabled: v.optional(v.union(v.null(), v.boolean())),
     updatedAt: v.number(),
-    userId: v.optional(v.union(v.null(), v.string()))
+    userId: v.optional(v.union(v.null(), v.string())),
+    // {{USER_ORGANIZATION_FIELDS}}
   })
     .index("by_email", ["email"]),
 
@@ -98,4 +107,6 @@ export default defineSchema({
   })
     .index("by_referenceId", ["referenceId"])
     .index("by_key", ["key"]),
+
+  // {{ORGANIZATIONS_SCHEMA}}
 })

package/templates/nextjs/src/db/constants/auth.ts

@@ -4,3 +4,5 @@ export const USER_ROLES = {
 } as const;
 export type UserRole = (typeof USER_ROLES)[keyof typeof USER_ROLES];
 
+// {{ORGANIZATION_ROLES}}
+

package/templates/nextjs/src/db/constants/index.ts

@@ -8,6 +8,8 @@ export const TABLE_SLUG_VERIFICATIONS = "verification" as const;
 export const TABLE_SLUG_JWKS = "jwks" as const;
 export const TABLE_SLUG_API_KEYS = "apikey" as const;
 
+// {{ORGANIZATION_TABLES}}
+
 export const COLLECTION_SLUG_MEDIA = "media" as const;
 
 export const AUTH_PROVIDERS = {

package/templates/nextjs/src/db/types.ts

@@ -3,3 +3,5 @@ import { TABLE_SLUG_USERS } from "./constants";
 
 export type User = Doc<typeof TABLE_SLUG_USERS>
 export type UserID = Id<typeof TABLE_SLUG_USERS>
+
+// {{USER_WITH_ORGANIZATION_TYPE}}

package/templates/tanstack-start/convex/auth/plugins/index.ts

@@ -1,4 +1,4 @@
-import { admin } from "better-auth/plugins"
+import { admin, organization } from "better-auth/plugins"
 import { apiKey } from "@better-auth/api-key"
 import { convex } from "@convex-dev/better-auth/plugins"
 import authConfig from "@convex/auth.config"
@@ -13,6 +13,7 @@ export const createPlugins = () => [
     adminRoles: [USER_ROLES.admin],
     defaultRole: USER_ROLES.user
   }),
+  // {{ORGANIZATIONS_PLUGIN}}
   apiKey(),
   convex({ authConfig }),
 ]

package/templates/tanstack-start/convex/schema.ts

@@ -7,7 +7,8 @@ import {
   TABLE_SLUG_JWKS,
   TABLE_SLUG_SESSIONS,
   TABLE_SLUG_USERS,
-  TABLE_SLUG_VERIFICATIONS,
+  TABLE_SLUG_VERIFICATIONS
+  // {{ORGANIZATION_TABLE_IMPORTS}}
 } from "~/db/constants";
 
 export default defineSchema({
@@ -31,6 +32,7 @@ export default defineSchema({
     banReason: v.optional(v.string()), // admin plugin
     role: v.optional(v.string()), // admin plugin — single string in BA 1.5
     roles: v.array(v.string()), // our multi-role field via additionalFields
+    // {{USER_ORGANIZATION_FIELDS}}
   })
     .index("by_email", ["email"]),
 
@@ -105,4 +107,6 @@ export default defineSchema({
   })
     .index("by_referenceId", ["referenceId"])
     .index("by_key", ["key"]),
+
+  // {{ORGANIZATIONS_SCHEMA}}
 })

package/templates/tanstack-start/src/db/constants/auth.ts

@@ -38,4 +38,6 @@ export const AUTH_PROVIDERS = {
 } as const;
 export type AuthProvider = (typeof AUTH_PROVIDERS)[keyof typeof AUTH_PROVIDERS];
 
+// {{ORGANIZATION_ROLES}}
+
 

package/templates/tanstack-start/src/db/constants/index.ts

@@ -7,3 +7,5 @@ export const TABLE_SLUG_SESSIONS = "session" as const;
 export const TABLE_SLUG_VERIFICATIONS = "verification" as const;
 export const TABLE_SLUG_JWKS = "jwks" as const;
 export const TABLE_SLUG_API_KEYS = "apikey" as const;
+
+// {{ORGANIZATION_TABLES}}

package/templates/tanstack-start/src/db/types.ts

@@ -3,3 +3,5 @@ import { TABLE_SLUG_USERS } from "./constants";
 
 export type User = Doc<typeof TABLE_SLUG_USERS>
 export type UserID = Id<typeof TABLE_SLUG_USERS>
+
+// {{USER_WITH_ORGANIZATION_TYPE}}