express-genix 4.5.2 → 4.6.1

package/README.md

@@ -112,6 +112,7 @@ npm run dev
 
 ```bash
 cd my-express-app
+express-genix add infra       # Adds Production-Ready Infra (Docker, CI/CD, Nginx, Makefile)
 express-genix add docker      # Adds Dockerfile, docker-compose.yml, .dockerignore
 express-genix add cicd        # Adds GitHub Actions CI workflow
 express-genix add auth        # Adds JWT auth, controllers, routes, middleware
@@ -119,6 +120,23 @@ express-genix add websocket   # Adds Socket.io setup
 express-genix add prisma      # Adds Prisma schema, client config, migrations
 ```
 
+## Interactive Resource Scaffolding
+
+Generate a complete resource (Controller, Service, and Routes) inside an existing Express Genix project.
+
+```bash
+cd my-express-app
+express-genix generate product
+# or use the alias
+express-genix g product
+```
+
+This command automatically:
+1. Creates `src/controllers/productController.js` (with CRUD operations)
+2. Creates `src/services/productService.js` (with business logic structure)
+3. Creates `src/routes/productRoutes.js` (with Swagger annotations and auth middleware if enabled)
+4. **Auto-injects** the new route into `src/routes/index.js` (`router.use('/products', productRoutes);`)
+
 ### Generate from natural language (AI)
 
 Requires `OPENAI_API_KEY` or `ANTHROPIC_API_KEY` in your environment.

package/index.js

@@ -8,6 +8,7 @@ const crypto = require('crypto');
 const { execSync } = require('child_process');
 const { runPostGenerationCleanup } = require('./lib/cleanup');
 const { generateProject } = require('./lib/generator');
+const { validateProjectName } = require('./lib/utils');
 
 const pkg = require('./package.json');
 const prompt = inquirer.createPromptModule();
@@ -70,13 +71,8 @@ async function main() {
           message: 'Project name:',
           default: 'my-express-app',
           validate: (input) => {
-            if (!/^[a-zA-Z0-9-_]+$/.test(input)) {
-              return 'Project name can only contain letters, numbers, hyphens, and underscores';
-            }
-            if (input.length > 100) {
-              return 'Project name must be less than 100 characters';
-            }
-            return true;
+            const error = validateProjectName(input);
+            return error ? error : true;
           },
         },
         {
@@ -107,7 +103,7 @@ async function main() {
             { name: 'JWT Authentication', value: 'auth', checked: true },
             { name: 'Rate Limiting', value: 'rateLimit', checked: true },
             { name: 'Swagger/OpenAPI Docs', value: 'swagger', checked: true },
-            { name: 'Redis Token Blacklist', value: 'redis' },
+            { name: 'Redis Caching / Token Blacklist', value: 'redis' },
             { name: 'Docker & Docker Compose', value: 'docker', checked: true },
             { name: 'CI/CD (GitHub Actions)', value: 'cicd' },
             { name: 'WebSocket (Socket.io)', value: 'websocket' },
@@ -131,14 +127,17 @@ async function main() {
           choices: [
             { name: 'Rate Limiting', value: 'rateLimit', checked: true },
             { name: 'Swagger/OpenAPI Docs', value: 'swagger', checked: true },
+            { name: 'Redis Caching', value: 'redis' },
             { name: 'Docker & Docker Compose', value: 'docker', checked: true },
             { name: 'CI/CD (GitHub Actions)', value: 'cicd' },
             { name: 'WebSocket (Socket.io)', value: 'websocket' },
             { name: 'Request ID / Correlation ID', value: 'requestId', checked: true },
+            { name: 'Email Service (Nodemailer)', value: 'email' },
             { name: 'File Uploads (Multer)', value: 'fileUpload' },
             { name: 'Audit Logging', value: 'auditLog' },
             { name: 'Prometheus Metrics', value: 'metrics' },
             { name: 'API Versioning (/api/v1)', value: 'apiVersioning' },
+            { name: 'Background Jobs (BullMQ)', value: 'backgroundJobs' },
             { name: 'GraphQL (Apollo Server)', value: 'graphql' },
             { name: 'MCP Server (AI Agent Tools)', value: 'mcp' },
           ],
@@ -172,8 +171,8 @@ async function main() {
         hasCicd: features.includes('cicd'),
         hasWebsocket: features.includes('websocket'),
         hasRequestId: features.includes('requestId'),
-        hasRedis: features.includes('redis') && features.includes('auth') && answers.db !== 'none',
-        hasEmail: features.includes('email') && answers.db !== 'none',
+        hasRedis: features.includes('redis') || features.includes('backgroundJobs'),
+        hasEmail: features.includes('email'),
         hasFileUpload: features.includes('fileUpload'),
         hasSoftDelete: features.includes('softDelete') && answers.db !== 'none',
         hasAuditLog: features.includes('auditLog'),
@@ -249,12 +248,17 @@ Configuration:
         }
 
       } catch (error) {
-        // Rollback: remove partial project directory on failure
-        if (fs.existsSync(projectDir)) {
-          fs.rmSync(projectDir, { recursive: true, force: true });
-          console.error('\n🧹 Rolled back partial project directory.');
+        if (error.message.includes('Failed to install dependencies')) {
+          console.error(`\n⚠️  Project generated, but dependency installation failed.`);
+          console.error(`   Please cd into ${config.projectName} and run "npm install" manually.`);
+        } else {
+          // Rollback: remove partial project directory on failure
+          if (fs.existsSync(projectDir)) {
+            fs.rmSync(projectDir, { recursive: true, force: true });
+            console.error('\n🧹 Rolled back partial project directory.');
+          }
+          console.error(`\n❌ Failed to create project: ${error.message}`);
         }
-        console.error(`\n❌ Failed to create project: ${error.message}`);
         process.exit(1);
       }
     });
@@ -263,7 +267,7 @@ Configuration:
     .command('add <feature>')
     .description('Add a feature to an existing express-genix project')
     .action(async (feature) => {
-      const supportedFeatures = ['auth', 'websocket', 'docker', 'cicd', 'prisma'];
+      const supportedFeatures = ['auth', 'websocket', 'docker', 'cicd', 'prisma', 'infra'];
       if (!supportedFeatures.includes(feature)) {
         console.error(`❌ Unknown feature: "${feature}"`);
         console.log(`Supported features: ${supportedFeatures.join(', ')}`);
@@ -290,106 +294,19 @@ Configuration:
       }
     });
 
-  program
-    .command('ai <description>')
-    .description('Generate a project from a natural language description (requires OPENAI_API_KEY or ANTHROPIC_API_KEY)')
-    .option('--skip-install', 'Skip npm install')
-    .option('--skip-cleanup', 'Skip post-generation cleanup')
-    .action(async (description, options) => {
-      const { runAiCommand } = require('./lib/ai-cli');
-      const aiConfig = await runAiCommand(description);
-
-      const inquirerPrompt = inquirer.createPromptModule();
-      const aiFollowUp = await inquirerPrompt([
-        {
-          type: 'confirm',
-          name: 'confirmed',
-          message: 'Generate project with this configuration?',
-          default: true,
-        },
-      ]);
-
-      if (!aiFollowUp.confirmed) {
-        console.log('Cancelled.');
-        process.exit(0);
-      }
-
-      aiConfig.aiProvider = aiFollowUp.aiProvider || 'openai';
-      const features = aiConfig.features || [];
-      const config = {
-        projectName: aiConfig.projectName,
-        language: aiConfig.language || 'javascript',
-        db: aiConfig.db || 'none',
-        logger: aiConfig.logger || 'winston',
-        hasDatabase: aiConfig.db !== 'none',
-        isNoDatabase: aiConfig.db === 'none',
-        isPrisma: aiConfig.db === 'prisma',
-        isTypescript: aiConfig.language === 'typescript',
-        hasAuth: features.includes('auth') && aiConfig.db !== 'none',
-        hasRateLimit: features.includes('rateLimit'),
-        hasSwagger: features.includes('swagger'),
-        hasDocker: features.includes('docker'),
-        hasCicd: features.includes('cicd'),
-        hasWebsocket: features.includes('websocket'),
-        hasRequestId: features.includes('requestId'),
-        hasRedis: features.includes('redis') && features.includes('auth') && aiConfig.db !== 'none',
-        hasEmail: features.includes('email') && aiConfig.db !== 'none',
-        hasFileUpload: features.includes('fileUpload'),
-        hasSoftDelete: features.includes('softDelete') && aiConfig.db !== 'none',
-        hasAuditLog: features.includes('auditLog'),
-        hasMetrics: features.includes('metrics'),
-        hasApiVersioning: features.includes('apiVersioning'),
-        hasBackgroundJobs: features.includes('backgroundJobs'),
-        hasGraphQL: features.includes('graphql'),
-        hasMCP: features.includes('mcp'),
-        jwtSecret: generateSecret(),
-        jwtRefreshSecret: generateSecret(),
-      };
 
-      const projectDir = path.join(process.cwd(), config.projectName);
-
-      if (fs.existsSync(projectDir)) {
-        console.error(`\n❌ Directory "${config.projectName}" already exists!`);
-        process.exit(1);
-      }
-
-      const dbLabel = config.isNoDatabase ? 'no database' : config.db;
-      console.log(`\n🚀 Creating ${config.projectName} (${config.language}, ${dbLabel})...\n`);
 
+  program
+    .command('generate <resource>')
+    .alias('g')
+    .description('Generate a new resource (controller, service, routes)')
+    .action(async (resource) => {
       try {
-        await generateProject(config, projectDir, options);
-
-        if (!options.skipCleanup) {
-          await runPostGenerationCleanup(projectDir, config);
-        }
-
-        try {
-          execSync('git init', { cwd: projectDir, stdio: 'pipe' });
-          execSync('git add -A', { cwd: projectDir, stdio: 'pipe' });
-          execSync('git commit -m "Initial commit from express-genix ai"', {
-            cwd: projectDir,
-            stdio: 'pipe',
-            env: { ...process.env, GIT_COMMITTER_NAME: 'express-genix', GIT_COMMITTER_EMAIL: 'cli@express-genix.dev', GIT_AUTHOR_NAME: 'express-genix', GIT_AUTHOR_EMAIL: 'cli@express-genix.dev' },
-          });
-        } catch {
-          // Git not available
-        }
-
-        console.log(`\n✅ Project ${config.projectName} created from AI description!\n`);
-        console.log(`  cd ${config.projectName}`);
-        console.log('  npm run dev\n');
-
-        // Prompt to install Coda VS Code extension
-        if (config.hasMCP) {
-          await promptCodaExtension();
-        }
-
+        const { generateResource } = require('./lib/scaffold');
+        await generateResource(resource, process.cwd());
+        console.log(`\n🎉 Resource "${resource}" generated successfully!`);
       } catch (error) {
-        if (fs.existsSync(projectDir)) {
-          fs.rmSync(projectDir, { recursive: true, force: true });
-          console.error('\n🧹 Rolled back partial project directory.');
-        }
-        console.error(`\n❌ Failed to create project: ${error.message}`);
+        console.error(`\n❌ Failed to generate resource: ${error.message}`);
         process.exit(1);
       }
     });

package/lib/cleanup.js

@@ -6,23 +6,25 @@ const runPostGenerationCleanup = async (projectDir) => {
   try {
     // Step 1: Run eslint --fix
     try {
-      execSync(`cd "${projectDir}" && npx eslint . --fix`, { stdio: 'pipe' });
+      execSync('npx eslint . --fix', { cwd: projectDir, stdio: 'pipe' });
       console.log('✅ ESLint auto-fixes applied');
-    } catch {
+    } catch (error) {
       console.log('⚠️  Some ESLint issues may need manual fixing');
+      if (error.stderr) console.log(error.stderr.toString());
     }
 
     // Step 2: Format with Prettier
     try {
-      execSync(`cd "${projectDir}" && npx prettier --write .`, { stdio: 'pipe' });
+      execSync('npx prettier --write .', { cwd: projectDir, stdio: 'pipe' });
       console.log('✅ Code formatted with Prettier');
-    } catch {
+    } catch (error) {
       console.warn('⚠️  Prettier formatting encountered issues');
+      if (error.stderr) console.warn(error.stderr.toString());
     }
 
     // Step 3: Validate
     try {
-      execSync(`cd "${projectDir}" && npx eslint .`, { encoding: 'utf8', stdio: 'pipe' });
+      execSync('npx eslint .', { cwd: projectDir, encoding: 'utf8', stdio: 'pipe' });
       console.log('✅ All linting checks passed');
     } catch (error) {
       const stdout = error.stdout || '';

package/lib/features.js

@@ -11,6 +11,7 @@ const addFeature = async (feature, projectDir) => {
   const handlers = {
     docker: () => addDocker(projectDir, templatesDir, pkg),
     cicd: () => addCicd(projectDir, templatesDir, pkg),
+    infra: () => addInfra(projectDir, templatesDir, pkg),
     auth: () => addAuth(projectDir, templatesDir, pkg),
     websocket: () => addWebsocket(projectDir, templatesDir, pkg),
     prisma: () => addPrisma(projectDir, templatesDir, pkg),
@@ -62,6 +63,47 @@ const addCicd = (projectDir, templatesDir, pkg) => {
   console.log('  Created .github/workflows/ci.yml');
 };
 
+const addInfra = (projectDir, templatesDir, pkg) => {
+  const config = inferConfig(projectDir, pkg);
+  config.hasNginx = true; // Enable Nginx in docker-compose
+
+  // 1. Add Docker files
+  const dockerFiles = [
+    { template: 'core/Dockerfile.ejs', output: 'Dockerfile' },
+    { template: 'core/docker-compose.yml.ejs', output: 'docker-compose.yml' },
+    { template: 'core/dockerignore.ejs', output: '.dockerignore' },
+  ];
+
+  for (const file of dockerFiles) {
+    const content = renderTemplate(templatesDir, file.template, config);
+    fs.writeFileSync(path.join(projectDir, file.output), content);
+  }
+
+  // 2. Add CI/CD files
+  const workflowDir = path.join(projectDir, '.github', 'workflows');
+  fs.mkdirSync(workflowDir, { recursive: true });
+  const ciContent = renderTemplate(templatesDir, 'cicd/github-actions.yml.ejs', config);
+  fs.writeFileSync(path.join(workflowDir, 'ci.yml'), ciContent);
+
+  // 3. Add Infra specific files (Makefile, Nginx)
+  const infraFiles = [
+    { template: 'infra/Makefile.ejs', output: 'Makefile' },
+    { template: 'infra/nginx.conf.ejs', output: 'nginx/nginx.conf' },
+  ];
+
+  for (const file of infraFiles) {
+    const outputPath = path.join(projectDir, file.output);
+    fs.mkdirSync(path.dirname(outputPath), { recursive: true });
+    const content = renderTemplate(templatesDir, file.template, config);
+    fs.writeFileSync(outputPath, content);
+  }
+
+  console.log('  ✅ Production-Ready Infrastructure added!');
+  console.log('  Created Dockerfile, docker-compose.yml, .dockerignore');
+  console.log('  Created .github/workflows/ci.yml');
+  console.log('  Created Makefile and nginx/nginx.conf');
+};
+
 const addAuth = (projectDir, templatesDir, pkg) => {
   const config = inferConfig(projectDir, pkg);
 
@@ -79,10 +121,13 @@ const addAuth = (projectDir, templatesDir, pkg) => {
   const files = [
     { template: 'controllers/authController.js.ejs', output: `src/controllers/authController.${ext}` },
     { template: 'controllers/userController.js.ejs', output: `src/controllers/userController.${ext}` },
+    { template: 'controllers/adminController.js.ejs', output: `src/controllers/adminController.${ext}` },
     { template: 'middleware/auth.js.ejs', output: `src/middleware/auth.${ext}` },
     { template: 'middleware/validation.js.ejs', output: `src/middleware/validation.${ext}` },
+    { template: 'middleware/rbac.js.ejs', output: `src/middleware/rbac.${ext}` },
     { template: 'routes/authRoutes.js.ejs', output: `src/routes/authRoutes.${ext}` },
     { template: 'routes/userRoutes.js.ejs', output: `src/routes/userRoutes.${ext}` },
+    { template: 'routes/adminRoutes.js.ejs', output: `src/routes/adminRoutes.${ext}` },
     { template: 'services/authService.js.ejs', output: `src/services/authService.${ext}` },
     { template: 'utils/validators.js.ejs', output: `src/utils/validators.${ext}` },
   ];
@@ -93,12 +138,14 @@ const addAuth = (projectDir, templatesDir, pkg) => {
   } else if (config.db === 'mongodb') {
     files.push(
       { template: 'services/userService.mongodb.js.ejs', output: `src/services/userService.${ext}` },
-      { template: 'models/User.mongo.js.ejs', output: `src/models/User.${ext}` }
+      { template: 'models/User.mongo.js.ejs', output: `src/models/User.${ext}` },
+      { template: 'models/index.mongo.js.ejs', output: `src/models/index.${ext}` }
     );
   } else if (config.db === 'postgresql') {
     files.push(
       { template: 'services/userService.postgres.js.ejs', output: `src/services/userService.${ext}` },
-      { template: 'models/User.postgres.js.ejs', output: `src/models/User.${ext}` }
+      { template: 'models/User.postgres.js.ejs', output: `src/models/User.${ext}` },
+      { template: 'models/index.postgres.js.ejs', output: `src/models/index.${ext}` }
     );
   }
 
@@ -109,8 +156,28 @@ const addAuth = (projectDir, templatesDir, pkg) => {
     fs.writeFileSync(outputPath, content);
   }
 
+  // Update routes/index.js
+  const routesIndexPath = path.join(projectDir, `src/routes/index.${ext}`);
+  if (fs.existsSync(routesIndexPath)) {
+    let routesContent = fs.readFileSync(routesIndexPath, 'utf8');
+    
+    // Add imports if not present
+    if (!routesContent.includes('authRoutes')) {
+      const imports = `const authRoutes = require('./authRoutes');\nconst userRoutes = require('./userRoutes');\nconst adminRoutes = require('./adminRoutes');\n`;
+      routesContent = routesContent.replace(/(const express = require\('express'\);)/, `$1\n${imports}`);
+    }
+    
+    // Add routes if not present
+    if (!routesContent.includes('/auth')) {
+      const routes = `router.use('/auth', authRoutes);\nrouter.use('/users', userRoutes);\nrouter.use('/admin', adminRoutes);\n`;
+      routesContent = routesContent.replace(/(const router = express\.Router\(\);)/, `$1\n\n${routes}`);
+    }
+    
+    fs.writeFileSync(routesIndexPath, routesContent);
+  }
+
   // Add auth dependencies
-  const depsToAdd = ['jsonwebtoken', 'bcryptjs', 'validator'];
+  const depsToAdd = ['jsonwebtoken', 'bcryptjs', 'validator', 'zod'];
   const missing = depsToAdd.filter((dep) => !(pkg.dependencies && pkg.dependencies[dep]));
   if (missing.length > 0) {
     console.log(`  Installing: ${missing.join(', ')}`);
@@ -142,13 +209,20 @@ const addWebsocket = (projectDir, templatesDir, pkg) => {
     execSync('npm install socket.io', { cwd: projectDir, stdio: 'pipe' });
   }
 
+  // Update server.js
+  const serverPath = path.join(projectDir, `src/server.${ext}`);
+  if (fs.existsSync(serverPath)) {
+    let serverContent = fs.readFileSync(serverPath, 'utf8');
+    
+    if (!serverContent.includes('setupWebSocket')) {
+      serverContent = serverContent.replace(/(const app = require\('\.\/app'\);)/, `$1\nconst { setupWebSocket } = require('./config/websocket');\nconst http = require('http');`);
+      serverContent = serverContent.replace(/const server = app\.listen\(port, \(\) => \{/, `const httpServer = http.createServer(app);\n    const io = setupWebSocket(httpServer);\n    app.set('io', io);\n\n    const server = httpServer.listen(port, () => {`);
+      fs.writeFileSync(serverPath, serverContent);
+    }
+  }
+
   console.log('  Created src/config/websocket.' + ext);
-  console.log('  ⚠️  Wire setupWebSocket into your server file:');
-  console.log('     const http = require("http");');
-  console.log('     const { setupWebSocket } = require("./config/websocket");');
-  console.log('     const httpServer = http.createServer(app);');
-  console.log('     setupWebSocket(httpServer);');
-  console.log('     httpServer.listen(port);');
+  console.log('  ✅ WebSocket setup injected into src/server.' + ext);
 };
 
 const addPrisma = (projectDir, templatesDir, pkg) => {
@@ -200,9 +274,23 @@ const addPrisma = (projectDir, templatesDir, pkg) => {
     console.log('  ⚠️  Run "npx prisma generate" manually');
   }
 
+  // Update server.js
+  const serverPath = path.join(projectDir, `src/server.${ext}`);
+  if (fs.existsSync(serverPath)) {
+    let serverContent = fs.readFileSync(serverPath, 'utf8');
+    if (!serverContent.includes('db.connect()')) {
+      serverContent = serverContent.replace(/(const app = require\('\.\/app'\);)/, `$1\nconst db = require('./config/database');`);
+      serverContent = serverContent.replace(/(try \{)/, `$1\n    await db.connect();`);
+      serverContent = serverContent.replace(/(server\.close\(async \(\) => \{)/, `$1\n        await db.disconnect();`);
+      fs.writeFileSync(serverPath, serverContent);
+    }
+  }
+
   console.log('  Created prisma/schema.prisma and src/config/database.' + ext);
+  console.log('  ✅ Database connection injected into src/server.' + ext);
   console.log('  ⚠️  Add DATABASE_URL to your .env file');
   console.log('  ⚠️  Run "npx prisma migrate dev --name init" to create tables');
+  console.log('  ⚠️  Update your health check endpoint in src/app.' + ext + ' to check Prisma connection');
 };
 
 const inferConfig = (projectDir, pkg) => {

package/lib/generator.js

@@ -371,11 +371,12 @@ const generateFiles = async (config, projectDir) => {
 const installDependencies = (projectDir) => {
   try {
     console.log('📦 Installing dependencies...');
-    execSync(`cd "${projectDir}" && npm install`, { stdio: 'inherit' });
+    execSync('npm install', { cwd: projectDir, stdio: 'inherit' });
   } catch (error) {
     console.error('Failed to install dependencies:', error.message);
+    if (error.stderr) console.error(error.stderr.toString());
     console.log('Try running "npm install" manually in the project directory');
-    throw error;
+    throw new Error('Failed to install dependencies');
   }
 };
 

package/lib/scaffold.js

@@ -0,0 +1,165 @@
+const fs = require('fs');
+const path = require('path');
+const ejs = require('ejs');
+
+/**
+ * Capitalize first letter
+ */
+const capitalize = (str) => str.charAt(0).toUpperCase() + str.slice(1);
+
+/**
+ * Convert to camelCase
+ */
+const toCamelCase = (str) => {
+  return str.replace(/[-_](.)/g, (_, c) => c.toUpperCase());
+};
+
+/**
+ * Convert to PascalCase
+ */
+const toPascalCase = (str) => {
+  const camel = toCamelCase(str);
+  return capitalize(camel);
+};
+
+/**
+ * Simple pluralize (adds 's' if not ending in 's')
+ */
+const pluralize = (str) => {
+  if (str.endsWith('s')) return str;
+  if (str.endsWith('y')) return str.slice(0, -1) + 'ies';
+  return str + 's';
+};
+
+/**
+ * Generate a resource (controller, service, route)
+ */
+const generateResource = async (resourceName, projectDir) => {
+  const packageJsonPath = path.join(projectDir, 'package.json');
+  
+  if (!fs.existsSync(packageJsonPath)) {
+    throw new Error('No package.json found. Run this command from your express-genix project root.');
+  }
+
+  const pkg = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));
+  
+  // Check if it's an express-genix project (or at least has the structure)
+  const srcDir = path.join(projectDir, 'src');
+  if (!fs.existsSync(srcDir)) {
+    throw new Error('No "src" directory found. Are you in an express-genix project?');
+  }
+
+  // Determine features from package.json dependencies
+  const hasAuth = !!pkg.dependencies['jsonwebtoken'];
+  
+  const nameCamel = toCamelCase(resourceName);
+  const namePascal = toPascalCase(resourceName);
+  const namePlural = pluralize(nameCamel);
+
+  const templateData = {
+    resourceName: resourceName.toLowerCase(),
+    resourceNameCamel: nameCamel,
+    resourceNamePascal: namePascal,
+    resourceNamePlural: namePlural,
+    hasAuth,
+  };
+
+  const templatesDir = path.join(__dirname, '..', 'templates', 'scaffold');
+  
+  const filesToGenerate = [
+    {
+      template: 'controller.js.ejs',
+      dest: path.join(srcDir, 'controllers', `${nameCamel}Controller.js`),
+    },
+    {
+      template: 'service.js.ejs',
+      dest: path.join(srcDir, 'services', `${nameCamel}Service.js`),
+    },
+    {
+      template: 'route.js.ejs',
+      dest: path.join(srcDir, 'routes', `${nameCamel}Routes.js`),
+    },
+  ];
+
+  console.log(`\nGenerating resource: ${namePascal}...`);
+
+  for (const file of filesToGenerate) {
+    if (fs.existsSync(file.dest)) {
+      console.log(`⚠️  Skipping ${path.basename(file.dest)} (already exists)`);
+      continue;
+    }
+
+    const templatePath = path.join(templatesDir, file.template);
+    const templateContent = fs.readFileSync(templatePath, 'utf8');
+    const rendered = ejs.render(templateContent, templateData);
+    
+    // Ensure directory exists
+    fs.mkdirSync(path.dirname(file.dest), { recursive: true });
+    
+    fs.writeFileSync(file.dest, rendered);
+    console.log(`✅ Created ${path.relative(projectDir, file.dest)}`);
+  }
+
+  // Inject route into src/routes/index.js
+  injectRoute(srcDir, nameCamel, namePlural);
+};
+
+/**
+ * Inject the new route into src/routes/index.js
+ */
+const injectRoute = (srcDir, nameCamel, namePlural) => {
+  const routesIndexPath = path.join(srcDir, 'routes', 'index.js');
+  
+  if (!fs.existsSync(routesIndexPath)) {
+    console.log(`⚠️  Could not find src/routes/index.js to inject the route.`);
+    return;
+  }
+
+  let content = fs.readFileSync(routesIndexPath, 'utf8');
+  
+  const requireStatement = `const ${nameCamel}Routes = require('./${nameCamel}Routes');`;
+  const useStatement = `router.use('/${namePlural}', ${nameCamel}Routes);`;
+
+  if (content.includes(requireStatement) || content.includes(useStatement)) {
+    console.log(`⚠️  Route already injected in src/routes/index.js`);
+    return;
+  }
+
+  // Find the last require statement
+  const requireRegex = /const .* = require\('.*'\);/g;
+  let lastRequireMatch;
+  let match;
+  while ((match = requireRegex.exec(content)) !== null) {
+    lastRequireMatch = match;
+  }
+
+  if (lastRequireMatch) {
+    const insertPos = lastRequireMatch.index + lastRequireMatch[0].length;
+    content = content.slice(0, insertPos) + '\n' + requireStatement + content.slice(insertPos);
+  } else {
+    // Fallback: put it after express require
+    content = content.replace(/const express = require\('express'\);/, `const express = require('express');\n${requireStatement}`);
+  }
+
+  // Find the last router.use statement
+  const useRegex = /router\.use\('.*', .*\);/g;
+  let lastUseMatch;
+  while ((match = useRegex.exec(content)) !== null) {
+    lastUseMatch = match;
+  }
+
+  if (lastUseMatch) {
+    const insertPos = lastUseMatch.index + lastUseMatch[0].length;
+    content = content.slice(0, insertPos) + '\n' + useStatement + content.slice(insertPos);
+  } else {
+    // Fallback: put it before router.get('/', ...)
+    content = content.replace(/router\.get\('\/'/, `${useStatement}\n\nrouter.get('/'`);
+  }
+
+  fs.writeFileSync(routesIndexPath, content);
+  console.log(`✅ Injected /${namePlural} route into src/routes/index.js`);
+};
+
+module.exports = {
+  generateResource,
+};

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "express-genix",
-    "version": "4.5.2",
+    "version": "4.6.1",
     "description": "Production-grade CLI to generate Express apps with JWT, RBAC, GraphQL, TypeScript, Prisma, MongoDB, PostgreSQL, file uploads, email, background jobs, and more",
     "main": "index.js",
     "bin": {

package/templates/controllers/authController.js.ejs

@@ -112,20 +112,29 @@ const forgotPassword = async (req, res, next) => {
     const user = await userService.findByEmail(email);
 
     // Always return success to prevent email enumeration
+    const responseMessage = 'If an account with that email exists, a reset link has been sent.';
+    
     if (!user) {
-      return success(res, { message: 'If an account with that email exists, a reset link has been sent.' });
+      return success(res, { message: responseMessage });
     }
 
-    const resetToken = await authService.generateResetToken(email);
+    // Process asynchronously to prevent timing attacks
+    (async () => {
+      try {
+        const resetToken = await authService.generateResetToken(email);
 <% if (hasEmail) { %>
-    await emailService.sendPasswordResetEmail(email, resetToken);
+        await emailService.sendPasswordResetEmail(email, resetToken);
 <% } else { %>
-    // TODO: Send email with reset link
-    // For development, log the token:
-    console.log(`Password reset token for ${email}: ${resetToken}`);
+        // TODO: Send email with reset link
+        // For development, log the token:
+        console.log(`Password reset token for ${email}: ${resetToken}`);
 <% } %>
+      } catch (err) {
+        console.error('Error in forgotPassword background task:', err);
+      }
+    })();
 
-    return success(res, { message: 'If an account with that email exists, a reset link has been sent.' });
+    return success(res, { message: responseMessage });
   } catch (error) {
     next(error);
   }