kybernus 2.1.1 → 2.2.1

package/templates/java-spring/mvc/infra/modules/vpc/main.tf.hbs

@@ -10,81 +10,213 @@ variable "environment" {
 
 # VPC
 resource "aws_vpc" "main" {
-  cidr_block = "10.0.0.0/16"
+  cidr_block           = "10.0.0.0/16"
   enable_dns_hostnames = true
-  enable_dns_support = true
+  enable_dns_support   = true
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-vpc"
+    Name        = "${var.app_name}-${var.environment}-vpc"
     Environment = var.environment
   }
 }
 
+# Internet Gateway
+resource "aws_internet_gateway" "main" {
+  vpc_id = aws_vpc.main.id
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-igw"
+    Environment = var.environment
+  }
+}
+
+# Data source for AZs
+data "aws_availability_zones" "available" {
+  state = "available"
+}
+
 # Public Subnets
 resource "aws_subnet" "public" {
-  count = 2
+  count                   = 2
+  vpc_id                  = aws_vpc.main.id
+  cidr_block              = "10.0.${count.index + 1}.0/24"
+  availability_zone       = data.aws_availability_zones.available.names[count.index]
+  map_public_ip_on_launch = true
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-public-${count.index + 1}"
+    Environment = var.environment
+  }
+}
+
+# Route Table for Public Subnets
+resource "aws_route_table" "public" {
   vpc_id = aws_vpc.main.id
-  cidr_block = "10.0.${count.index + 1}.0/24"
-  availability_zone = data.aws_availability_zones.available.names[count.index]
 
-  map_public_ip_on_launch = true
+  route {
+    cidr_block = "0.0.0.0/0"
+    gateway_id = aws_internet_gateway.main.id
+  }
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-public-rt"
+    Environment = var.environment
+  }
+}
+
+# Association for Public Subnets
+resource "aws_route_table_association" "public" {
+  count          = 2
+  subnet_id      = aws_subnet.public[count.index].id
+  route_table_id = aws_route_table.public.id
+}
+
+# Elastic IP for NAT Gateway
+resource "aws_eip" "nat" {
+  count  = 1
+  domain = "vpc"
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-public-${count.index + 1}"
+    Name        = "${var.app_name}-${var.environment}-nat-eip"
+    Environment = var.environment
+  }
+}
+
+# NAT Gateway (single NAT for cost savings, can change to 1 per AZ for production if needed)
+resource "aws_nat_gateway" "main" {
+  count         = 1
+  allocation_id = aws_eip.nat[0].id
+  subnet_id     = aws_subnet.public[0].id
+
+  depends_on = [aws_internet_gateway.main]
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-nat"
     Environment = var.environment
   }
 }
 
 # Private Subnets
 resource "aws_subnet" "private" {
-  count = 2
-  vpc_id = aws_vpc.main.id
-  cidr_block = "10.0.${count.index + 10}.0/24"
+  count             = 2
+  vpc_id            = aws_vpc.main.id
+  cidr_block        = "10.0.${count.index + 10}.0/24"
   availability_zone = data.aws_availability_zones.available.names[count.index]
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-private-${count.index + 1}"
+    Name        = "${var.app_name}-${var.environment}-private-${count.index + 1}"
     Environment = var.environment
   }
 }
 
-# Internet Gateway
-resource "aws_internet_gateway" "main" {
+# Route Table for Private Subnets
+resource "aws_route_table" "private" {
   vpc_id = aws_vpc.main.id
 
+  route {
+    cidr_block     = "0.0.0.0/0"
+    nat_gateway_id = aws_nat_gateway.main[0].id
+  }
+
   tags = {
-    Name = "${var.app_name}-${var.environment}-igw"
+    Name        = "${var.app_name}-${var.environment}-private-rt"
     Environment = var.environment
   }
 }
 
-# Data source for AZs
-data "aws_availability_zones" "available" {
-  state = "available"
+# Association for Private Subnets
+resource "aws_route_table_association" "private" {
+  count          = 2
+  subnet_id      = aws_subnet.private[count.index].id
+  route_table_id = aws_route_table.private.id
+}
+
+# Security Group for Load Balancer (ALB)
+resource "aws_security_group" "alb" {
+  name        = "${var.app_name}-${var.environment}-alb-sg"
+  description = "Security group for ALB"
+  vpc_id      = aws_vpc.main.id
+
+  ingress {
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+    description = "Allow HTTP from anywhere"
+  }
+
+  ingress {
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+    description = "Allow HTTPS from anywhere"
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-alb-sg"
+    Environment = var.environment
+  }
 }
 
-# Security Group for DB
+# Security Group for ECS Tasks
+resource "aws_security_group" "ecs_tasks" {
+  name        = "${var.app_name}-${var.environment}-ecs-tasks-sg"
+  description = "Security group for ECS tasks"
+  vpc_id      = aws_vpc.main.id
+
+  ingress {
+    from_port       = 0
+    to_port         = 0
+    protocol        = "-1"
+    security_groups = [aws_security_group.alb.id]
+    description     = "Allow all traffic from ALB"
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+    description = "Allow all outbound traffic"
+  }
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-ecs-tasks-sg"
+    Environment = var.environment
+  }
+}
+
+# Security Group for Database (RDS)
 resource "aws_security_group" "db" {
-  name = "${var.app_name}-${var.environment}-db-sg"
+  name        = "${var.app_name}-${var.environment}-db-sg"
   description = "Security group for database"
-  vpc_id = aws_vpc.main.id
+  vpc_id      = aws_vpc.main.id
 
   ingress {
-    from_port = 5432
-    to_port = 5432
-    protocol = "tcp"
-    cidr_blocks = ["10.0.0.0/16"]
+    from_port       = 5432
+    to_port         = 5432
+    protocol        = "tcp"
+    security_groups = [aws_security_group.ecs_tasks.id]
+    description     = "Allow PostgreSQL access from ECS tasks"
   }
 
   egress {
-    from_port = 0
-    to_port = 0
-    protocol = "-1"
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
     cidr_blocks = ["0.0.0.0/0"]
   }
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-db-sg"
+    Name        = "${var.app_name}-${var.environment}-db-sg"
     Environment = var.environment
   }
 }
@@ -104,4 +236,12 @@ output "private_subnet_ids" {
 
 output "db_security_group_id" {
   value = aws_security_group.db.id
-}
+}
+
+output "alb_security_group_id" {
+  value = aws_security_group.alb.id
+}
+
+output "ecs_tasks_security_group_id" {
+  value = aws_security_group.ecs_tasks.id
+}

package/templates/java-spring/mvc/src/main/java/{{packagePath}}/controller/AuthController.java.hbs

@@ -2,68 +2,64 @@ package {{packageName}}.controller;
 
 import {{packageName}}.dto.AuthRequest;
 import {{packageName}}.dto.AuthResponse;
-import {{packageName}}.security.JwtTokenProvider;
+import {{packageName}}.model.User;
+import {{packageName}}.service.AuthService;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.http.HttpStatus;
 import org.springframework.web.bind.annotation.*;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.Authentication;
 
-import java.util.HashMap;
 import java.util.Map;
-import java.util.UUID;
 
 @RestController
 @RequestMapping("/api/auth")
 public class AuthController {
 
-    private final JwtTokenProvider tokenProvider;
-    private final PasswordEncoder passwordEncoder;
+    private final AuthService authService;
 
-    // In-memory user store (replace with repository in production)
-    private final Map<String, Map<String, String>> users = new HashMap<>();
-
-    public AuthController(JwtTokenProvider tokenProvider, PasswordEncoder passwordEncoder) {
-        this.tokenProvider = tokenProvider;
-        this.passwordEncoder = passwordEncoder;
+    public AuthController(AuthService authService) {
+        this.authService = authService;
     }
 
     @PostMapping("/register")
-    public ResponseEntity
-    <?> register(@RequestBody AuthRequest request) {
-        if (users.containsKey(request.email())) {
-            return ResponseEntity.badRequest().body(Map.of("error", "User already exists"));
+    public ResponseEntity<?> register(@RequestBody AuthRequest request) {
+        try {
+            AuthResponse response = authService.register(request);
+            return ResponseEntity.ok(response);
+        } catch (IllegalArgumentException e) {
+            return ResponseEntity.badRequest().body(Map.of("error", e.getMessage()));
         }
-
-        String userId = UUID.randomUUID().toString();
-        String hashedPassword = passwordEncoder.encode(request.password());
-
-        users.put(request.email(), Map.of(
-            "id", userId,
-            "email", request.email(),
-            "password", hashedPassword
-        ));
-
-        String token = tokenProvider.generateToken(userId, request.email());
-
-        return ResponseEntity.ok(new AuthResponse(token, userId, request.email()));
     }
 
     @PostMapping("/login")
     public ResponseEntity<?> login(@RequestBody AuthRequest request) {
-        Map<String, String> user = users.get(request.email());
-
-        if (user == null || !passwordEncoder.matches(request.password(), user.get("password"))) {
-            return ResponseEntity.status(401).body(Map.of("error", "Invalid credentials"));
+        try {
+            AuthResponse response = authService.login(request);
+            return ResponseEntity.ok(response);
+        } catch (IllegalArgumentException e) {
+            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(Map.of("error", e.getMessage()));
         }
-
-        String token = tokenProvider.generateToken(user.get("id"), user.get("email"));
-
-        return ResponseEntity.ok(new AuthResponse(token, user.get("id"), user.get("email")));
     }
 
     @GetMapping("/me")
-    public ResponseEntity
-    <?> me(@RequestHeader("Authorization") String authHeader) {
-        // User is already authenticated by JWT filter
-        return ResponseEntity.ok(Map.of("message", "Authenticated"));
+    public ResponseEntity<?> me() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if (authentication == null || !authentication.isAuthenticated()) {
+            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
+        }
+        
+        try {
+            String userId = (String) authentication.getPrincipal(); // Assuming custom jwt filter sets principal to id
+            User user = authService.getMe(userId);
+            return ResponseEntity.ok(Map.of(
+                "id", user.getId(),
+                "email", user.getEmail(),
+                "name", user.getName()
+            ));
+        } catch (Exception e) {
+            // Keep original behavior if principal isn't id 
+            return ResponseEntity.ok(Map.of("message", "Authenticated"));
+        }
     }
-}
+}

package/templates/java-spring/mvc/src/main/java/{{packagePath}}/controller/ItemController.java.hbs

@@ -0,0 +1,42 @@
+package {{packageName}}.controller;
+
+import {{packageName}}.model.Item;
+import {{packageName}}.repository.ItemRepository;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+
+@RestController
+@RequestMapping("/api/items")
+public class ItemController {
+
+    private final ItemRepository itemRepository;
+
+    public ItemController(ItemRepository itemRepository) {
+        this.itemRepository = itemRepository;
+    }
+
+    @GetMapping
+    public List<Item> getAllItems() {
+        return itemRepository.findAll();
+    }
+
+    @PostMapping
+    public Item createItem(@RequestBody Item item) {
+        return itemRepository.save(item);
+    }
+
+    @GetMapping("/{id}")
+    public ResponseEntity<Item> getItem(@PathVariable String id) {
+        return itemRepository.findById(id)
+                .map(ResponseEntity::ok)
+                .orElse(ResponseEntity.notFound().build());
+    }
+
+    @DeleteMapping("/{id}")
+    public ResponseEntity<Void> deleteItem(@PathVariable String id) {
+        itemRepository.deleteById(id);
+        return ResponseEntity.ok().build();
+    }
+}

package/templates/java-spring/mvc/src/main/java/{{packagePath}}/controller/PaymentsController.java.hbs

@@ -1,49 +1,92 @@
 package {{packageName}}.controller;
 
+import com.stripe.exception.SignatureVerificationException;
+import com.stripe.model.Event;
+import com.stripe.net.Webhook;
+import {{packageName}}.model.User;
+import {{packageName}}.repository.UserRepository;
 import {{packageName}}.service.StripeService;
-import com.stripe.exception.StripeException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.Map;
+import java.util.Optional;
 
 @RestController
 @RequestMapping("/api/payments")
 public class PaymentsController {
 
+    private static final Logger logger = LoggerFactory.getLogger(PaymentsController.class);
+
+    @Value("${stripe.webhook-secret}")
+    private String webhookSecret;
+
     private final StripeService stripeService;
+    private final UserRepository userRepository;
 
-    public PaymentsController(StripeService stripeService) {
+    public PaymentsController(StripeService stripeService, UserRepository userRepository) {
         this.stripeService = stripeService;
+        this.userRepository = userRepository;
     }
 
     @PostMapping("/checkout")
-    public ResponseEntity
-    <?> createCheckout(@RequestBody Map<String, String> request) {
+    public ResponseEntity<?> createCheckout(@RequestBody Map<String, String> request) {
         try {
-            var session = stripeService.createCheckoutSession(request.get("customerId"));
+            String customerId = request.get("customerId"); // Optional
+            com.stripe.model.checkout.Session session = stripeService.createCheckoutSession(customerId);
             return ResponseEntity.ok(Map.of("url", session.getUrl()));
-        } catch (StripeException e) {
-            return ResponseEntity.status(500).body(Map.of("error", e.getMessage()));
+        } catch (Exception e) {
+            logger.error("Error creating checkout session", e);
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
+                    .body(Map.of("error", e.getMessage()));
         }
     }
 
-    @PostMapping("/portal")
-    public ResponseEntity<?> createPortal(@RequestBody Map<String, String> request) {
+    @PostMapping("/webhook")
+    public ResponseEntity<String> handleWebhook(
+            @RequestBody String payload,
+            @RequestHeader("Stripe-Signature") String sigHeader) {
+
+        Event event;
+
         try {
-            var session = stripeService.createPortalSession(request.get("customerId"));
-            return ResponseEntity.ok(Map.of("url", session.getUrl()));
-        } catch (StripeException e) {
-            return ResponseEntity.status(500).body(Map.of("error", e.getMessage()));
+            event = Webhook.constructEvent(payload, sigHeader, webhookSecret);
+        } catch (SignatureVerificationException e) {
+            logger.warn("Invalid signature", e);
+            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid signature");
+        } catch (Exception e) {
+            logger.error("Error parsing webhook", e);
+             return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Error parsing webhook");
         }
-    }
 
-    @PostMapping("/webhook")
-    public ResponseEntity
-    <?> handleWebhook(@RequestBody String payload,
-    @RequestHeader("Stripe-Signature") String sigHeader) {
-        // TODO: Implement webhook verification and handling
-        // Use Stripe.webhooks.constructEvent to verify signature
-        return ResponseEntity.ok(Map.of("received", true));
+        switch (event.getType()) {
+            case "checkout.session.completed":
+                com.stripe.model.checkout.Session session = (com.stripe.model.checkout.Session) event.getDataObjectDeserializer().getObject().orElse(null);
+                if (session != null) {
+                    logger.info("Checkout completed: {}", session.getId());
+                    // Match to database user here using session properties
+                }
+                break;
+            case "customer.subscription.updated":
+                 com.stripe.model.Subscription subscription = (com.stripe.model.Subscription) event.getDataObjectDeserializer().getObject().orElse(null);
+                 if (subscription != null) {
+                    logger.info("Subscription updated: {}", subscription.getId());
+                 }
+                 break;
+             case "customer.subscription.deleted":
+                  com.stripe.model.Subscription deletedSub = (com.stripe.model.Subscription) event.getDataObjectDeserializer().getObject().orElse(null);
+                  if (deletedSub != null) {
+                      logger.info("Subscription deleted: {}", deletedSub.getId());
+                  }
+                  break;
+            default:
+                logger.info("Unhandled event type: {}", event.getType());
+        }
+
+        return ResponseEntity.ok("Received");
     }
-}
+}

package/templates/java-spring/mvc/src/main/java/{{packagePath}}/model/Item.java.hbs

@@ -0,0 +1,38 @@
+package {{packageName}}.model;
+
+import jakarta.persistence.*;
+import lombok.*;
+import org.springframework.data.annotation.CreatedDate;
+import org.springframework.data.annotation.LastModifiedDate;
+import org.springframework.data.jpa.domain.support.AuditingEntityListener;
+
+import java.time.LocalDateTime;
+
+@Entity
+@Table(name = "items")
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@Builder
+@EntityListeners(AuditingEntityListener.class)
+public class Item {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.UUID)
+    private String id;
+
+    @Column(nullable = false)
+    private String name;
+
+    private String description;
+
+    private Double price;
+
+    @CreatedDate
+    @Column(name = "created_at", nullable = false, updatable = false)
+    private LocalDateTime createdAt;
+
+    @LastModifiedDate
+    @Column(name = "updated_at", nullable = false)
+    private LocalDateTime updatedAt;
+}

package/templates/java-spring/mvc/src/main/java/{{packagePath}}/model/User.java.hbs

@@ -0,0 +1,41 @@
+package {{packageName}}.model;
+
+import jakarta.persistence.*;
+import lombok.*;
+import org.springframework.data.annotation.CreatedDate;
+import org.springframework.data.annotation.LastModifiedDate;
+import org.springframework.data.jpa.domain.support.AuditingEntityListener;
+
+import java.time.LocalDateTime;
+
+@Entity
+@Table(name = "users")
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@Builder
+@EntityListeners(AuditingEntityListener.class)
+public class User {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.UUID)
+    private String id;
+
+    @Column(unique = true, nullable = false)
+    private String email;
+
+    private String name;
+
+    private String password;
+
+    @Column(name = "stripe_customer_id")
+    private String stripeCustomerId;
+
+    @CreatedDate
+    @Column(name = "created_at", nullable = false, updatable = false)
+    private LocalDateTime createdAt;
+
+    @LastModifiedDate
+    @Column(name = "updated_at", nullable = false)
+    private LocalDateTime updatedAt;
+}

package/templates/java-spring/mvc/src/main/java/{{packagePath}}/repository/ItemRepository.java.hbs

@@ -0,0 +1,9 @@
+package {{packageName}}.repository;
+
+import {{packageName}}.model.Item;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public interface ItemRepository extends JpaRepository<Item, String> {
+}

package/templates/java-spring/mvc/src/main/java/{{packagePath}}/repository/UserRepository.java.hbs

@@ -0,0 +1,13 @@
+package {{packageName}}.repository;
+
+import {{packageName}}.model.User;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import java.util.Optional;
+
+@Repository
+public interface UserRepository extends JpaRepository<User, String> {
+    Optional<User> findByEmail(String email);
+    Optional<User> findByStripeCustomerId(String stripeCustomerId);
+}