express-genix 1.1.4 → 2.0.0

package/templates/controllers/authController.js.ejs

@@ -1,129 +1,152 @@
-const jwt = require('jsonwebtoken');
-const bcrypt = require('bcryptjs');
-const authService = require('../services/authService');
-const userService = require('../services/userService');
-const { AppError } = require('../utils/errors');
-
-const jwtSecret = process.env.JWT_SECRET || 'your-secret-key';
-const jwtRefreshSecret = process.env.JWT_REFRESH_SECRET || 'your-refresh-secret-key';
-
-const register = async (req, res, next) => {
-  try {
-    const { username, email, password } = req.body;
-    
-    // Check if user already exists
-    const existingUser = await userService.findByEmail(email);
-    if (existingUser) {
-      throw new AppError('User already exists with this email', 409);
-    }
-    
-    // Hash password
-    const hashedPassword = await bcrypt.hash(password, 12);
-    
-    // Create user
-    const user = await userService.create({
-      username,
-      email,
-      password: hashedPassword,
-    });
-    
-    // Generate tokens
-    const { accessToken, refreshToken } = authService.generateTokens(user);
-    
-    res.status(201).json({
-      message: 'User registered successfully',
-      user: { id: user.id, username: user.username, email: user.email },
-      accessToken,
-      refreshToken,
-    });
-  } catch (error) {
-    next(error);
-  }
-};
-
-const login = async (req, res, next) => {
-  try {
-    const { email, password } = req.body;
-    
-    // Find user
-    const user = await userService.findByEmail(email);
-    if (!user) {
-      throw new AppError('Invalid credentials', 401);
-    }
-    
-    // Check password
-    const isValidPassword = await bcrypt.compare(password, user.password);
-    if (!isValidPassword) {
-      throw new AppError('Invalid credentials', 401);
-    }
-    
-    // Generate tokens
-    const { accessToken, refreshToken } = authService.generateTokens(user);
-    
-    res.json({
-      message: 'Login successful',
-      user: { id: user.id, username: user.username, email: user.email },
-      accessToken,
-      refreshToken,
-    });
-  } catch (error) {
-    next(error);
-  }
-};
-
-const refreshToken = async (req, res, next) => {
-  try {
-    const { refreshToken } = req.body;
-    
-    if (!refreshToken) {
-      throw new AppError('Refresh token is required', 400);
-    }
-    
-    const decoded = jwt.verify(refreshToken, jwtRefreshSecret);
-    const user = await userService.findById(decoded.userId);
-    
-    if (!user) {
-      throw new AppError('Invalid refresh token', 401);
-    }
-    
-    const tokens = authService.generateTokens(user);
-    
-    res.json({
-      accessToken: tokens.accessToken,
-      refreshToken: tokens.refreshToken,
-    });
-  } catch (error) {
-    next(error);
-  }
-};
-
-const logout = (req, res) => {
-  // In a real app, you might want to blacklist the token
-  res.json({ message: 'Logout successful' });
-};
-
-const authenticateToken = (req, res, next) => {
-  const authHeader = req.headers['authorization'];
-  const token = authHeader && authHeader.split(' ')[1];
-  
-  if (!token) {
-    return res.status(401).json({ error: 'Access token is required' });
-  }
-  
-  jwt.verify(token, jwtSecret, (err, decoded) => {
-    if (err) {
-      return res.status(403).json({ error: 'Invalid or expired token' });
-    }
-    
-    req.user = decoded;
-    next();
-  });
-};
-
-module.exports = {
-  register,
-  login,
-  refreshToken,
-  logout,
-  authenticateToken,
-};
+const bcrypt = require('bcryptjs');
+const authService = require('../services/authService');
+const userService = require('../services/userService');
+const { AppError } = require('../utils/errors');
+const { success, created } = require('../utils/response');
+
+const register = async (req, res, next) => {
+  try {
+    const { username, email, password } = req.body;
+
+    const existingUser = await userService.findByEmail(email);
+    if (existingUser) {
+      throw new AppError('User already exists with this email', 409);
+    }
+
+    const hashedPassword = await bcrypt.hash(password, 12);
+    const user = await userService.create({ username, email, password: hashedPassword });
+    const tokens = authService.generateTokens(user);
+
+    return created(res, {
+      message: 'User registered successfully',
+      user: { id: user.id, username: user.username, email: user.email },
+      ...tokens,
+    });
+  } catch (error) {
+    next(error);
+  }
+};
+
+const login = async (req, res, next) => {
+  try {
+    const { email, password } = req.body;
+
+    const user = await userService.findByEmail(email);
+    if (!user) {
+      throw new AppError('Invalid credentials', 401);
+    }
+
+    const isValidPassword = await bcrypt.compare(password, user.password);
+    if (!isValidPassword) {
+      throw new AppError('Invalid credentials', 401);
+    }
+
+    const tokens = authService.generateTokens(user);
+
+    return success(res, {
+      message: 'Login successful',
+      user: { id: user.id, username: user.username, email: user.email },
+      ...tokens,
+    });
+  } catch (error) {
+    next(error);
+  }
+};
+
+const refreshToken = async (req, res, next) => {
+  try {
+    const { refreshToken: token } = req.body;
+
+    if (!token) {
+      throw new AppError('Refresh token is required', 400);
+    }
+
+    if (authService.isTokenBlacklisted(token)) {
+      throw new AppError('Token has been revoked', 401);
+    }
+
+    const decoded = authService.verifyRefreshToken(token);
+    const user = await userService.findById(decoded.userId);
+
+    if (!user) {
+      throw new AppError('Invalid refresh token', 401);
+    }
+
+    // Blacklist old refresh token (rotation)
+    authService.blacklistToken(token);
+
+    const tokens = authService.generateTokens(user);
+    return success(res, tokens);
+  } catch (error) {
+    next(error);
+  }
+};
+
+const logout = async (req, res, next) => {
+  try {
+    const authHeader = req.headers['authorization'];
+    const accessToken = authHeader && authHeader.split(' ')[1];
+
+    if (accessToken) {
+      authService.blacklistToken(accessToken);
+    }
+
+    const { refreshToken: token } = req.body;
+    if (token) {
+      authService.blacklistToken(token);
+    }
+
+    return success(res, { message: 'Logout successful' });
+  } catch (error) {
+    next(error);
+  }
+};
+
+const forgotPassword = async (req, res, next) => {
+  try {
+    const { email } = req.body;
+    const user = await userService.findByEmail(email);
+
+    // Always return success to prevent email enumeration
+    if (!user) {
+      return success(res, { message: 'If an account with that email exists, a reset link has been sent.' });
+    }
+
+    const resetToken = await authService.generateResetToken(email);
+
+    // TODO: Send email with reset link
+    // await emailService.sendResetEmail(email, resetToken);
+    //
+    // For development, log the token:
+    console.log(`Password reset token for ${email}: ${resetToken}`);
+
+    return success(res, { message: 'If an account with that email exists, a reset link has been sent.' });
+  } catch (error) {
+    next(error);
+  }
+};
+
+const resetPassword = async (req, res, next) => {
+  try {
+    const { token, password } = req.body;
+
+    const email = await authService.consumeResetToken(token);
+    if (!email) {
+      throw new AppError('Invalid or expired reset token', 400);
+    }
+
+    const user = await userService.findByEmail(email);
+    if (!user) {
+      throw new AppError('User not found', 404);
+    }
+
+    const hashedPassword = await bcrypt.hash(password, 12);
+    await userService.updateById(user.id, { password: hashedPassword });
+
+    return success(res, { message: 'Password has been reset successfully.' });
+  } catch (error) {
+    next(error);
+  }
+};
+
+module.exports = { register, login, refreshToken, logout, forgotPassword, resetPassword };

package/templates/controllers/exampleController.js.ejs

@@ -1,152 +1,92 @@
-const exampleService = require('../services/exampleService');
-const { AppError } = require('../utils/errors');
-const { createLogger } = require('../utils/logger');
-
-const logger = createLogger('ExampleController');
-
-/**
- * Get all examples
- */
-const getAllExamples = async (req, res, next) => {
-  try {
-    const { page = 1, limit = 10 } = req.query;
-    
-    logger.info('Fetching examples', { page, limit });
-    
-    const examples = await exampleService.getAllExamples(
-      parseInt(page),
-      parseInt(limit)
-    );
-    
-    res.json({
-      success: true,
-      data: examples,
-      pagination: {
-        page: parseInt(page),
-        limit: parseInt(limit),
-      },
-    });
-  } catch (error) {
-    logger.error('Error fetching examples', { error: error.message });
-    next(error);
-  }
-};
-
-/**
- * Get example by ID
- */
-const getExampleById = async (req, res, next) => {
-  try {
-    const { id } = req.params;
-    
-    logger.info('Fetching example by ID', { id });
-    
-    const example = await exampleService.getExampleById(id);
-    
-    if (!example) {
-      throw new AppError('Example not found', 404);
-    }
-    
-    res.json({
-      success: true,
-      data: example,
-    });
-  } catch (error) {
-    logger.error('Error fetching example', { id: req.params.id, error: error.message });
-    next(error);
-  }
-};
-
-/**
- * Create new example
- */
-const createExample = async (req, res, next) => {
-  try {
-    const { title, description } = req.body;
-    
-    if (!title || !description) {
-      throw new AppError('Title and description are required', 400);
-    }
-    
-    logger.info('Creating new example', { title });
-    
-    const example = await exampleService.createExample({
-      title,
-      description,
-      createdAt: new Date(),
-    });
-    
-    res.status(201).json({
-      success: true,
-      message: 'Example created successfully',
-      data: example,
-    });
-  } catch (error) {
-    logger.error('Error creating example', { error: error.message });
-    next(error);
-  }
-};
-
-/**
- * Update example
- */
-const updateExample = async (req, res, next) => {
-  try {
-    const { id } = req.params;
-    const { title, description } = req.body;
-    
-    logger.info('Updating example', { id });
-    
-    const example = await exampleService.updateExample(id, {
-      title,
-      description,
-      updatedAt: new Date(),
-    });
-    
-    if (!example) {
-      throw new AppError('Example not found', 404);
-    }
-    
-    res.json({
-      success: true,
-      message: 'Example updated successfully',
-      data: example,
-    });
-  } catch (error) {
-    logger.error('Error updating example', { id: req.params.id, error: error.message });
-    next(error);
-  }
-};
-
-/**
- * Delete example
- */
-const deleteExample = async (req, res, next) => {
-  try {
-    const { id } = req.params;
-    
-    logger.info('Deleting example', { id });
-    
-    const deleted = await exampleService.deleteExample(id);
-    
-    if (!deleted) {
-      throw new AppError('Example not found', 404);
-    }
-    
-    res.json({
-      success: true,
-      message: 'Example deleted successfully',
-    });
-  } catch (error) {
-    logger.error('Error deleting example', { id: req.params.id, error: error.message });
-    next(error);
-  }
-};
-
-module.exports = {
-  getAllExamples,
-  getExampleById,
-  createExample,
-  updateExample,
-  deleteExample,
-};
+const exampleService = require('../services/exampleService');
+const { AppError } = require('../utils/errors');
+const { success, created, paginated } = require('../utils/response');
+const { createLogger } = require('../utils/logger');
+
+const logger = createLogger('ExampleController');
+
+const getAllExamples = async (req, res, next) => {
+  try {
+    const page = Math.max(1, parseInt(req.query.page, 10) || 1);
+    const limit = Math.min(100, Math.max(1, parseInt(req.query.limit, 10) || 10));
+
+    logger.info('Fetching examples', { page, limit });
+    const result = await exampleService.getAllExamples(page, limit);
+
+    return paginated(res, result.examples, {
+      page,
+      limit,
+      total: result.total,
+      totalPages: result.totalPages,
+    });
+  } catch (error) {
+    logger.error('Error fetching examples', { error: error.message });
+    next(error);
+  }
+};
+
+const getExampleById = async (req, res, next) => {
+  try {
+    const { id } = req.params;
+    const example = await exampleService.getExampleById(id);
+
+    if (!example) {
+      throw new AppError('Example not found', 404);
+    }
+
+    return success(res, example);
+  } catch (error) {
+    next(error);
+  }
+};
+
+const createExample = async (req, res, next) => {
+  try {
+    const { title, description } = req.body;
+
+    if (!title || !description) {
+      throw new AppError('Title and description are required', 400);
+    }
+
+    logger.info('Creating example', { title });
+    const example = await exampleService.createExample({ title, description });
+
+    return created(res, example);
+  } catch (error) {
+    next(error);
+  }
+};
+
+const updateExample = async (req, res, next) => {
+  try {
+    const { id } = req.params;
+    const { title, description } = req.body;
+
+    const example = await exampleService.updateExample(id, { title, description });
+
+    if (!example) {
+      throw new AppError('Example not found', 404);
+    }
+
+    return success(res, example);
+  } catch (error) {
+    next(error);
+  }
+};
+
+const deleteExample = async (req, res, next) => {
+  try {
+    const { id } = req.params;
+    const deleted = await exampleService.deleteExample(id);
+
+    if (!deleted) {
+      throw new AppError('Example not found', 404);
+    }
+
+    return success(res, { message: 'Example deleted successfully' });
+  } catch (error) {
+    next(error);
+  }
+};
+
+module.exports = { getAllExamples, getExampleById, createExample, updateExample, deleteExample };

package/templates/controllers/userController.js.ejs

@@ -1,60 +1,52 @@
-const userService = require('../services/userService');
-const { AppError } = require('../utils/errors');
-
-const getProfile = async (req, res, next) => {
-  try {
-    const user = await userService.findById(req.user.userId);
-    if (!user) {
-      throw new AppError('User not found', 404);
-    }
-    
-    res.json({
-      user: {
-        id: user.id,
-        username: user.username,
-        email: user.email,
-        createdAt: user.createdAt,
-      },
-    });
-  } catch (error) {
-    next(error);
-  }
-};
-
-const updateProfile = async (req, res, next) => {
-  try {
-    const { username } = req.body;
-    const userId = req.user.userId;
-    
-    const updatedUser = await userService.updateById(userId, { username });
-    
-    res.json({
-      message: 'Profile updated successfully',
-      user: {
-        id: updatedUser.id,
-        username: updatedUser.username,
-        email: updatedUser.email,
-      },
-    });
-  } catch (error) {
-    next(error);
-  }
-};
-
-const deleteProfile = async (req, res, next) => {
-  try {
-    const userId = req.user.userId;
-    
-    await userService.deleteById(userId);
-    
-    res.json({ message: 'Profile deleted successfully' });
-  } catch (error) {
-    next(error);
-  }
-};
-
-module.exports = {
-  getProfile,
-  updateProfile,
-  deleteProfile,
-};
+const userService = require('../services/userService');
+const { AppError } = require('../utils/errors');
+const { success } = require('../utils/response');
+
+const getProfile = async (req, res, next) => {
+  try {
+    const user = await userService.findById(req.user.userId);
+    if (!user) {
+      throw new AppError('User not found', 404);
+    }
+
+    return success(res, {
+      user: {
+        id: user.id,
+        username: user.username,
+        email: user.email,
+        createdAt: user.createdAt,
+      },
+    });
+  } catch (error) {
+    next(error);
+  }
+};
+
+const updateProfile = async (req, res, next) => {
+  try {
+    const { username } = req.body;
+    const updatedUser = await userService.updateById(req.user.userId, { username });
+
+    return success(res, {
+      message: 'Profile updated successfully',
+      user: {
+        id: updatedUser.id,
+        username: updatedUser.username,
+        email: updatedUser.email,
+      },
+    });
+  } catch (error) {
+    next(error);
+  }
+};
+
+const deleteProfile = async (req, res, next) => {
+  try {
+    await userService.deleteById(req.user.userId);
+    return success(res, { message: 'Profile deleted successfully' });
+  } catch (error) {
+    next(error);
+  }
+};
+
+module.exports = { getProfile, updateProfile, deleteProfile };