express-genix 2.0.1 → 3.0.0

package/README.md

@@ -15,20 +15,32 @@ A production-grade CLI tool that generates Express.js applications with best-in-
 
 **Security & Auth**
 - JWT access + refresh tokens with token blacklist logout
+- Role-Based Access Control (RBAC) — admin, moderator, user roles with permission system
+- Admin panel routes for user management (list, view, update roles, delete)
 - Password reset flow (forgot-password / reset-password with crypto tokens)
 - Optional Redis-backed blacklist for production multi-instance deployments
 - Zod request validation with pre-built schemas (register, login, reset, etc.)
 - bcrypt password hashing, input sanitization (`validator`)
 - Helmet, CORS, environment validation on startup
 - Auto-generated cryptographically secure JWT secrets
+- Soft deletes with restore capability
 
 **API & Documentation**
 - Swagger UI + swagger-jsdoc annotation-based docs with example request/response bodies
+- GraphQL (Apollo Server) with type definitions and resolvers
 - Consistent `{ success, data, meta }` response envelope
+- API versioning (`/api/v1/` prefix)
 - Paginated list endpoints
 - Request ID / correlation tracking
 - Response caching middleware (Redis-backed, configurable TTL)
 
+**Services & Infrastructure**
+- Email service (Nodemailer) with welcome and password reset emails
+- File uploads (Multer) with type filtering and size limits
+- Background jobs (BullMQ) with Redis-backed queues and workers
+- Prometheus metrics (`/metrics` endpoint with prom-client)
+- Audit logging middleware with request tracking and sensitive field redaction
+
 **Developer Experience**
 - Interactive prompts — pick language, database, features via checkbox
 - Winston or Pino logger (you choose)
@@ -71,7 +83,7 @@ You'll be prompted for:
 1. **Project name**
 2. **Language** — JavaScript or TypeScript
 3. **Database** — MongoDB, PostgreSQL (Sequelize), PostgreSQL (Prisma), or None
-4. **Features** — Auth, Rate Limiting, Swagger, Redis Token Blacklist, Docker, CI/CD, WebSocket, Request ID
+4. **Features** — Auth, Rate Limiting, Swagger, Redis, Docker, CI/CD, WebSocket, Request ID, Email, File Uploads, Soft Deletes, Audit Logging, Prometheus Metrics, API Versioning, Background Jobs, GraphQL
 5. **Logger** — Winston or Pino
 
 The CLI generates your project, installs dependencies, formats code, and creates an initial git commit.

package/index.js

@@ -75,6 +75,14 @@ async function main() {
             { name: 'CI/CD (GitHub Actions)', value: 'cicd' },
             { name: 'WebSocket (Socket.io)', value: 'websocket' },
             { name: 'Request ID / Correlation ID', value: 'requestId', checked: true },
+            { name: 'Email Service (Nodemailer)', value: 'email' },
+            { name: 'File Uploads (Multer)', value: 'fileUpload' },
+            { name: 'Soft Deletes', value: 'softDelete' },
+            { name: 'Audit Logging', value: 'auditLog' },
+            { name: 'Prometheus Metrics', value: 'metrics' },
+            { name: 'API Versioning (/api/v1)', value: 'apiVersioning' },
+            { name: 'Background Jobs (BullMQ)', value: 'backgroundJobs' },
+            { name: 'GraphQL (Apollo Server)', value: 'graphql' },
           ],
           when: (ans) => ans.db !== 'none',
         },
@@ -89,6 +97,11 @@ async function main() {
             { name: 'CI/CD (GitHub Actions)', value: 'cicd' },
             { name: 'WebSocket (Socket.io)', value: 'websocket' },
             { name: 'Request ID / Correlation ID', value: 'requestId', checked: true },
+            { name: 'File Uploads (Multer)', value: 'fileUpload' },
+            { name: 'Audit Logging', value: 'auditLog' },
+            { name: 'Prometheus Metrics', value: 'metrics' },
+            { name: 'API Versioning (/api/v1)', value: 'apiVersioning' },
+            { name: 'GraphQL (Apollo Server)', value: 'graphql' },
           ],
           when: (ans) => ans.db === 'none',
         },
@@ -121,6 +134,14 @@ async function main() {
         hasWebsocket: features.includes('websocket'),
         hasRequestId: features.includes('requestId'),
         hasRedis: features.includes('redis') && features.includes('auth') && answers.db !== 'none',
+        hasEmail: features.includes('email') && answers.db !== 'none',
+        hasFileUpload: features.includes('fileUpload'),
+        hasSoftDelete: features.includes('softDelete') && answers.db !== 'none',
+        hasAuditLog: features.includes('auditLog'),
+        hasMetrics: features.includes('metrics'),
+        hasApiVersioning: features.includes('apiVersioning'),
+        hasBackgroundJobs: features.includes('backgroundJobs'),
+        hasGraphQL: features.includes('graphql'),
         jwtSecret: generateSecret(),
         jwtRefreshSecret: generateSecret(),
       };
@@ -163,7 +184,7 @@ async function main() {
 To get started:
   cd ${config.projectName}
   npm run dev
-${config.hasSwagger ? `\nAPI Documentation: http://localhost:3000/api-docs` : ''}
+${config.hasSwagger ? `\nAPI Documentation: http://localhost:3000/api-docs` : ''}${config.hasGraphQL ? `\nGraphQL Playground: http://localhost:3000/graphql` : ''}${config.hasMetrics ? `\nPrometheus Metrics: http://localhost:3000/metrics` : ''}
 Health Check: http://localhost:3000/health
 
 Available scripts:

package/lib/features.js

@@ -232,6 +232,14 @@ const inferConfig = (projectDir, pkg) => {
     hasWebsocket: !!(pkg.dependencies && pkg.dependencies['socket.io']),
     hasRedis: !!(pkg.dependencies && pkg.dependencies.ioredis),
     hasRequestId: !!(pkg.dependencies && pkg.dependencies.uuid),
+    hasEmail: !!(pkg.dependencies && pkg.dependencies.nodemailer),
+    hasFileUpload: !!(pkg.dependencies && pkg.dependencies.multer),
+    hasSoftDelete: false,
+    hasAuditLog: false,
+    hasMetrics: !!(pkg.dependencies && pkg.dependencies['prom-client']),
+    hasApiVersioning: false,
+    hasBackgroundJobs: !!(pkg.dependencies && pkg.dependencies.bullmq),
+    hasGraphQL: !!(pkg.dependencies && pkg.dependencies['@apollo/server']),
     logger: pkg.dependencies && pkg.dependencies.pino ? 'pino' : 'winston',
   };
 };

package/lib/generator.js

@@ -49,6 +49,18 @@ const createDirectoryStructure = (projectDir, config) => {
     dirs.push('.github', '.github/workflows');
   }
 
+  if (config.hasFileUpload) {
+    dirs.push('uploads');
+  }
+
+  if (config.hasBackgroundJobs) {
+    dirs.push('src/jobs');
+  }
+
+  if (config.hasGraphQL) {
+    dirs.push('src/graphql');
+  }
+
   fs.mkdirSync(projectDir);
   dirs.forEach((dir) => {
     fs.mkdirSync(path.join(projectDir, dir), { recursive: true });
@@ -128,6 +140,10 @@ const generateFiles = async (config, projectDir) => {
     configFiles.push({ template: 'config/redis.js.ejs', output: `src/config/redis.${ext}` });
   }
 
+  if (config.hasBackgroundJobs) {
+    configFiles.push({ template: 'config/queue.js.ejs', output: `src/config/queue.${ext}` });
+  }
+
   // Route files
   const routeFiles = [
     { template: 'routes/index.js.ejs', output: `src/routes/index.${ext}` },
@@ -141,11 +157,13 @@ const generateFiles = async (config, projectDir) => {
   if (config.hasAuth) {
     controllerFiles.push(
       { template: 'controllers/authController.js.ejs', output: `src/controllers/authController.${ext}` },
-      { template: 'controllers/userController.js.ejs', output: `src/controllers/userController.${ext}` }
+      { template: 'controllers/userController.js.ejs', output: `src/controllers/userController.${ext}` },
+      { template: 'controllers/adminController.js.ejs', output: `src/controllers/adminController.${ext}` }
     );
     routeFiles.push(
       { template: 'routes/authRoutes.js.ejs', output: `src/routes/authRoutes.${ext}` },
-      { template: 'routes/userRoutes.js.ejs', output: `src/routes/userRoutes.${ext}` }
+      { template: 'routes/userRoutes.js.ejs', output: `src/routes/userRoutes.${ext}` },
+      { template: 'routes/adminRoutes.js.ejs', output: `src/routes/adminRoutes.${ext}` }
     );
     serviceFiles.push(
       { template: 'services/authService.js.ejs', output: `src/services/authService.${ext}` }
@@ -178,6 +196,24 @@ const generateFiles = async (config, projectDir) => {
     );
   }
 
+  if (config.hasEmail) {
+    serviceFiles.push(
+      { template: 'services/emailService.js.ejs', output: `src/services/emailService.${ext}` }
+    );
+  }
+
+  if (config.hasFileUpload) {
+    routeFiles.push(
+      { template: 'routes/uploadRoutes.js.ejs', output: `src/routes/uploadRoutes.${ext}` }
+    );
+  }
+
+  if (config.hasBackgroundJobs) {
+    routeFiles.push(
+      { template: 'routes/jobRoutes.js.ejs', output: `src/routes/jobRoutes.${ext}` }
+    );
+  }
+
   // Middleware files
   const middlewareFiles = [
     { template: 'middleware/errorHandler.js.ejs', output: `src/middleware/errorHandler.${ext}` },
@@ -196,6 +232,30 @@ const generateFiles = async (config, projectDir) => {
     );
   }
 
+  if (config.hasAuth) {
+    middlewareFiles.push(
+      { template: 'middleware/rbac.js.ejs', output: `src/middleware/rbac.${ext}` }
+    );
+  }
+
+  if (config.hasFileUpload) {
+    middlewareFiles.push(
+      { template: 'middleware/upload.js.ejs', output: `src/middleware/upload.${ext}` }
+    );
+  }
+
+  if (config.hasAuditLog) {
+    middlewareFiles.push(
+      { template: 'middleware/auditLog.js.ejs', output: `src/middleware/auditLog.${ext}` }
+    );
+  }
+
+  if (config.hasMetrics) {
+    middlewareFiles.push(
+      { template: 'middleware/metrics.js.ejs', output: `src/middleware/metrics.${ext}` }
+    );
+  }
+
   if (config.hasRedis) {
     middlewareFiles.push(
       { template: 'middleware/cache.js.ejs', output: `src/middleware/cache.${ext}` }
@@ -245,6 +305,21 @@ const generateFiles = async (config, projectDir) => {
     ...testFiles,
   ];
 
+  // GraphQL files
+  if (config.hasGraphQL) {
+    allFiles.push(
+      { template: 'graphql/typeDefs.js.ejs', output: `src/graphql/typeDefs.${ext}` },
+      { template: 'graphql/resolvers.js.ejs', output: `src/graphql/resolvers.${ext}` }
+    );
+  }
+
+  // Background job worker
+  if (config.hasBackgroundJobs) {
+    allFiles.push(
+      { template: 'jobs/worker.js.ejs', output: `src/jobs/worker.${ext}` }
+    );
+  }
+
   const errors = [];
 
   for (const file of allFiles) {

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "express-genix",
-    "version": "2.0.1",
-    "description": "Production-grade CLI to generate Express apps with JWT, TypeScript, Prisma, MongoDB, PostgreSQL, rate-limiting, Swagger, CI/CD, and more",
+    "version": "3.0.0",
+    "description": "Production-grade CLI to generate Express apps with JWT, RBAC, GraphQL, TypeScript, Prisma, MongoDB, PostgreSQL, file uploads, email, background jobs, and more",
     "main": "index.js",
     "bin": {
         "express-genix": "index.js"

package/templates/config/queue.js.ejs

@@ -0,0 +1,29 @@
+const { Queue } = require('bullmq');
+const logger = require('../utils/logger');
+
+const redisConnection = {
+  host: process.env.REDIS_HOST || 'localhost',
+  port: parseInt(process.env.REDIS_PORT, 10) || 6379,
+};
+
+// Define your queues here
+const emailQueue = new Queue('email', { connection: redisConnection });
+const defaultQueue = new Queue('default', { connection: redisConnection });
+
+const addJob = async (queueName, jobName, data, options = {}) => {
+  const queues = { email: emailQueue, default: defaultQueue };
+  const queue = queues[queueName] || defaultQueue;
+
+  const job = await queue.add(jobName, data, {
+    attempts: 3,
+    backoff: { type: 'exponential', delay: 1000 },
+    removeOnComplete: { count: 100 },
+    removeOnFail: { count: 500 },
+    ...options,
+  });
+
+  logger.info(`Job added: ${jobName} (${job.id}) to queue ${queueName}`);
+  return job;
+};
+
+module.exports = { emailQueue, defaultQueue, addJob, redisConnection };

package/templates/config/schema.prisma.ejs

@@ -12,8 +12,10 @@ model User {
   username  String   @unique @db.VarChar(50)
   email     String   @unique
   password  String
+  role      String   @default("user")
   createdAt DateTime @default(now()) @map("created_at")
   updatedAt DateTime @updatedAt @map("updated_at")
+<% if (hasSoftDelete) { %>  deletedAt DateTime? @map("deleted_at")<% } %>
 
   @@map("users")
 }

package/templates/controllers/adminController.js.ejs

@@ -0,0 +1,109 @@
+const userService = require('../services/userService');
+const { AppError } = require('../utils/errors');
+const { success } = require('../utils/response');
+
+const listUsers = async (req, res, next) => {
+  try {
+    const page = parseInt(req.query.page, 10) || 1;
+    const limit = Math.min(parseInt(req.query.limit, 10) || 20, 100);
+    const users = await userService.findAll({ page, limit });
+
+    return success(res, users);
+  } catch (error) {
+    next(error);
+  }
+};
+
+const getUserById = async (req, res, next) => {
+  try {
+    const user = await userService.findById(req.params.id);
+    if (!user) {
+      throw new AppError('User not found', 404);
+    }
+
+    return success(res, {
+      user: {
+        id: user.id,
+        username: user.username,
+        email: user.email,
+        role: user.role,
+        createdAt: user.createdAt,
+      },
+    });
+  } catch (error) {
+    next(error);
+  }
+};
+
+const updateUserRole = async (req, res, next) => {
+  try {
+    const { role } = req.body;
+    const validRoles = ['user', 'moderator', 'admin'];
+
+    if (!validRoles.includes(role)) {
+      throw new AppError(`Invalid role. Must be one of: ${validRoles.join(', ')}`, 400);
+    }
+
+    const user = await userService.findById(req.params.id);
+    if (!user) {
+      throw new AppError('User not found', 404);
+    }
+
+    const updatedUser = await userService.updateById(req.params.id, { role });
+
+    return success(res, {
+      message: 'User role updated successfully',
+      user: {
+        id: updatedUser.id,
+        username: updatedUser.username,
+        email: updatedUser.email,
+        role: updatedUser.role,
+      },
+    });
+  } catch (error) {
+    next(error);
+  }
+};
+
+const deleteUser = async (req, res, next) => {
+  try {
+    if (req.params.id === req.user.userId) {
+      throw new AppError('Cannot delete your own admin account', 400);
+    }
+
+    const user = await userService.findById(req.params.id);
+    if (!user) {
+      throw new AppError('User not found', 404);
+    }
+
+    await userService.deleteById(req.params.id);
+    return success(res, { message: 'User deleted successfully' });
+  } catch (error) {
+    next(error);
+  }
+};
+<% if (hasSoftDelete) { %>
+const restoreUser = async (req, res, next) => {
+  try {
+    const user = await userService.restoreById(req.params.id);
+    if (!user) {
+      throw new AppError('User not found or not deleted', 404);
+    }
+    return success(res, { message: 'User restored successfully' });
+  } catch (error) {
+    next(error);
+  }
+};
+
+const listDeletedUsers = async (req, res, next) => {
+  try {
+    const page = parseInt(req.query.page, 10) || 1;
+    const limit = Math.min(parseInt(req.query.limit, 10) || 20, 100);
+    const users = await userService.findDeleted({ page, limit });
+    return success(res, users);
+  } catch (error) {
+    next(error);
+  }
+};
+<% } %>
+module.exports = { listUsers, getUserById, updateUserRole, deleteUser<% if (hasSoftDelete) { %>, restoreUser, listDeletedUsers<% } %> };

package/templates/controllers/authController.js.ejs

@@ -3,6 +3,7 @@ const authService = require('../services/authService');
 const userService = require('../services/userService');
 const { AppError } = require('../utils/errors');
 const { success, created } = require('../utils/response');
+<% if (hasEmail) { %>const emailService = require('../services/emailService');<% } %>
 
 const register = async (req, res, next) => {
   try {
@@ -16,7 +17,10 @@ const register = async (req, res, next) => {
     const hashedPassword = await bcrypt.hash(password, 12);
     const user = await userService.create({ username, email, password: hashedPassword });
     const tokens = authService.generateTokens(user);
-
+<% if (hasEmail) { %>
+    // Send welcome email (non-blocking)
+    emailService.sendWelcomeEmail(email, username).catch(() => {});
+<% } %>
     return created(res, {
       message: 'User registered successfully',
       user: { id: user.id, username: user.username, email: user.email },
@@ -113,12 +117,13 @@ const forgotPassword = async (req, res, next) => {
     }
 
     const resetToken = await authService.generateResetToken(email);
-
+<% if (hasEmail) { %>
+    await emailService.sendPasswordResetEmail(email, resetToken);
+<% } else { %>
     // TODO: Send email with reset link
-    // await emailService.sendResetEmail(email, resetToken);
-    //
     // For development, log the token:
     console.log(`Password reset token for ${email}: ${resetToken}`);
+<% } %>
 
     return success(res, { message: 'If an account with that email exists, a reset link has been sent.' });
   } catch (error) {

package/templates/controllers/userController.js.ejs

@@ -14,6 +14,7 @@ const getProfile = async (req, res, next) => {
         id: user.id,
         username: user.username,
         email: user.email,
+        role: user.role,
         createdAt: user.createdAt,
       },
     });

package/templates/core/app.js.ejs

@@ -6,6 +6,13 @@ const morgan = require('morgan');
 <% if (hasSwagger) { %>const swaggerUi = require('swagger-ui-express');
 const swaggerSpec = require('./config/swagger');<% } %>
 <% if (hasRequestId) { %>const { requestId } = require('./middleware/requestId');<% } %>
+<% if (hasMetrics) { %>const { metricsMiddleware, metricsEndpoint } = require('./middleware/metrics');<% } %>
+<% if (hasAuditLog) { %>const { auditLog } = require('./middleware/auditLog');<% } %>
+<% if (hasGraphQL) { %>const { ApolloServer } = require('@apollo/server');
+const { expressMiddleware } = require('@apollo/server/express4');
+const typeDefs = require('./graphql/typeDefs');
+const resolvers = require('./graphql/resolvers');<% if (hasAuth) { %>
+const authService = require('./services/authService');<% } %><% } %>
 const routes = require('./routes');
 const errorHandler = require('./middleware/errorHandler');
 <% if (hasDatabase || hasAuth) { %>const { validateEnv } = require('./utils/envValidator');
@@ -31,6 +38,18 @@ app.use(morgan(process.env.NODE_ENV === 'production' ? 'combined' : 'dev'));
 // Body parsing
 app.use(express.json({ limit: '10mb' }));
 app.use(express.urlencoded({ extended: true }));
+<% if (hasFileUpload) { %>
+// Serve uploaded files
+const path = require('path');
+app.use('/uploads', express.static(path.join(process.cwd(), process.env.UPLOAD_DIR || 'uploads')));
+<% } %>
+<% if (hasMetrics) { %>
+// Prometheus metrics
+app.use(metricsMiddleware);
+app.get('/metrics', metricsEndpoint);<% } %>
+<% if (hasAuditLog) { %>
+// Audit logging
+app.use(auditLog());<% } %>
 <% if (hasRateLimit) { %>
 // Rate limiting
 const limiter = rateLimit({
@@ -96,9 +115,39 @@ app.get('/health', async (req, res) => {
 app.use('/api-docs', swaggerUi.serve, swaggerUi.setup(swaggerSpec, {
   customCss: '.swagger-ui .topbar { display: none }',
 }));<% } %>
+<% if (hasGraphQL) { %>
+// GraphQL setup (async — call initGraphQL() before starting server)
+let apolloServer;
+
+const initGraphQL = async () => {
+  apolloServer = new ApolloServer({ typeDefs, resolvers });
+  await apolloServer.start();
+
+  app.use('/graphql', expressMiddleware(apolloServer, {
+    context: async ({ req }) => {
+<% if (hasAuth) { %>      // Extract user from JWT if present
+      const authHeader = req.headers.authorization;
+      if (authHeader) {
+        const token = authHeader.split(' ')[1];
+        try {
+          const user = authService.verifyToken(token);
+          return { user };
+        } catch {
+          return { user: null };
+        }
+      }
+<% } %>      return { user: null };
+    },
+  }));
+};
 
+app.initGraphQL = initGraphQL;
+<% } %>
 // API routes
-app.use('/api', routes);
+<% if (hasApiVersioning) { %>app.use('/api/v1', routes);
+// Future versions: app.use('/api/v2', v2Routes);
+<% } else { %>app.use('/api', routes);
+<% } %>
 
 // 404 handler
 app.use('*', (req, res) => {

package/templates/core/env.ejs

@@ -11,6 +11,23 @@ JWT_REFRESH_EXPIRE=7d
 <% } %><% if (hasRedis) { %>
 # Redis (token blacklist store)
 REDIS_URL=redis://localhost:6379
+<% } %><% if (hasBackgroundJobs && !hasRedis) { %>
+# Redis (required for BullMQ)
+REDIS_HOST=localhost
+REDIS_PORT=6379
+<% } %><% if (hasEmail) { %>
+# Email (SMTP)
+SMTP_HOST=smtp.ethereal.email
+SMTP_PORT=587
+SMTP_SECURE=false
+SMTP_USER=
+SMTP_PASS=
+SMTP_FROM="App" <noreply@example.com>
+FRONTEND_URL=http://localhost:3000
+<% } %><% if (hasFileUpload) { %>
+# File Uploads
+UPLOAD_DIR=uploads
+UPLOAD_MAX_SIZE=5242880
 <% } %><% if (db === 'mongodb') { %>
 # Database
 MONGO_URI=mongodb://localhost:27017/<%= projectName %>

package/templates/core/env.example.ejs

@@ -11,6 +11,23 @@ JWT_REFRESH_EXPIRE=7d
 <% } %><% if (hasRedis) { %>
 # Redis (token blacklist store)
 REDIS_URL=redis://localhost:6379
+<% } %><% if (hasBackgroundJobs && !hasRedis) { %>
+# Redis (required for BullMQ)
+REDIS_HOST=localhost
+REDIS_PORT=6379
+<% } %><% if (hasEmail) { %>
+# Email (SMTP)
+SMTP_HOST=smtp.ethereal.email
+SMTP_PORT=587
+SMTP_SECURE=false
+SMTP_USER=
+SMTP_PASS=
+SMTP_FROM="App" <noreply@example.com>
+FRONTEND_URL=http://localhost:3000
+<% } %><% if (hasFileUpload) { %>
+# File Uploads
+UPLOAD_DIR=uploads
+UPLOAD_MAX_SIZE=5242880
 <% } %><% if (db === 'mongodb') { %>
 # Database
 MONGO_URI=mongodb://localhost:27017/<%= projectName %>

package/templates/core/package.json.ejs

@@ -39,7 +39,14 @@
     "@prisma/client": "^5.22.0"<% } %><% if (hasWebsocket) { %>,
     "socket.io": "^4.8.0"<% } %><% if (hasRedis) { %>,
     "ioredis": "^5.4.0"<% } %><% if (hasRequestId) { %>,
-    "uuid": "^10.0.0"<% } %><% if (logger === 'winston') { %>,
+    "uuid": "^10.0.0"<% } %><% if (hasEmail) { %>,
+    "nodemailer": "^6.9.0"<% } %><% if (hasFileUpload) { %>,
+    "multer": "^1.4.5-lts.1"<% } %><% if (hasMetrics) { %>,
+    "prom-client": "^15.1.0"<% } %><% if (hasGraphQL) { %>,
+    "@apollo/server": "^4.11.0",
+    "graphql": "^16.9.0",
+    "graphql-tag": "^2.12.6"<% } %><% if (hasBackgroundJobs) { %>,
+    "bullmq": "^5.12.0"<% } %><% if (logger === 'winston') { %>,
     "winston": "^3.15.0"<% } %><% if (logger === 'pino') { %>,
     "pino": "^9.5.0",
     "pino-pretty": "^13.0.0"<% } %>

package/templates/core/server.js.ejs

@@ -6,7 +6,8 @@ const os = require('os');
 const app = require('./app');<% if (hasDatabase) { %>
 const db = require('./config/database');<% } %><% if (hasRedis) { %>
 const { connectRedis } = require('./config/redis');<% } %><% if (hasWebsocket) { %>
-const { setupWebSocket } = require('./config/websocket');<% } %>
+const { setupWebSocket } = require('./config/websocket');<% } %><% if (hasBackgroundJobs) { %>
+const { startWorkers } = require('./jobs/worker');<% } %>
 const { createLogger } = require('./utils/logger');
 
 const logger = createLogger('Server');
@@ -28,7 +29,9 @@ const startServer = async () => {
     });
   } else {<% if (hasDatabase) { %>
     await db.connect();<% } %><% if (hasRedis) { %>
-    await connectRedis();<% } %>
+    await connectRedis();<% } %><% if (hasGraphQL) { %>
+    await app.initGraphQL();<% } %><% if (hasBackgroundJobs) { %>
+    startWorkers();<% } %>
 
 <% if (hasWebsocket) { %>    const httpServer = http.createServer(app);
     const io = setupWebSocket(httpServer);

package/templates/graphql/resolvers.js.ejs

@@ -0,0 +1,61 @@
+<% if (hasAuth) { %>const bcrypt = require('bcryptjs');
+const authService = require('../services/authService');
+const userService = require('../services/userService');
+<% } %>
+const resolvers = {
+  Query: {
+    hello: () => 'Hello from GraphQL!',
+<% if (hasAuth) { %>
+    me: async (_, __, { user }) => {
+      if (!user) throw new Error('Authentication required');
+      return userService.findById(user.userId);
+    },
+
+    users: async (_, { page = 1, limit = 20 }, { user }) => {
+      if (!user || user.role !== 'admin') throw new Error('Admin access required');
+      return userService.findAll({ page, limit });
+    },
+<% } %>  },
+<% if (hasAuth) { %>
+  Mutation: {
+    register: async (_, { input }) => {
+      const { username, email, password } = input;
+
+      const existing = await userService.findByEmail(email);
+      if (existing) throw new Error('User already exists with this email');
+
+      const hashedPassword = await bcrypt.hash(password, 12);
+      const user = await userService.create({ username, email, password: hashedPassword });
+      const tokens = authService.generateTokens(user);
+
+      return {
+        user: { id: user.id, username: user.username, email: user.email, role: user.role || 'user', createdAt: user.createdAt },
+        ...tokens,
+      };
+    },
+
+    login: async (_, { input }) => {
+      const { email, password } = input;
+
+      const user = await userService.findByEmail(email);
+      if (!user) throw new Error('Invalid credentials');
+
+      const valid = await bcrypt.compare(password, user.password);
+      if (!valid) throw new Error('Invalid credentials');
+
+      const tokens = authService.generateTokens(user);
+
+      return {
+        user: { id: user.id, username: user.username, email: user.email, role: user.role || 'user', createdAt: user.createdAt },
+        ...tokens,
+      };
+    },
+
+    updateProfile: async (_, { input }, { user }) => {
+      if (!user) throw new Error('Authentication required');
+      return userService.updateById(user.userId, input);
+    },
+  },
+<% } %>};
+
+module.exports = resolvers;