kybernus 2.4.0 → 3.0.1

package/add-features/auth/nodejs-express/auth.service.ts

@@ -0,0 +1,73 @@
+import { generateToken } from './jwt.config';
+import bcrypt from 'bcryptjs';
+
+// ==========================================
+// 🚨 TODO: DATABASE INTEGRATION REQUIRED 🚨
+// ==========================================
+// This service currently uses an IN-MEMORY array to store users.
+// You MUST replace the "mockDb" logic below with your actual ORM or Database provider.
+//
+// EXAMPLE WITH PRISMA:
+// 1. import { PrismaClient } from '@prisma/client';
+//    const prisma = new PrismaClient();
+// 2. To find user: const user = await prisma.user.findUnique({ where: { email } });
+// 3. To create user: const user = await prisma.user.create({ data: { email, password: hashedPassword } });
+// ==========================================
+
+const mockDb: any[] = []; // 🚨 REPLACE THIS WITH REAL DB CALLS 🚨
+
+export class AuthService {
+
+    async register(email: string, password: string) {
+        // 🚨 TODO: Change this to checking your real database!
+        const existingUser = mockDb.find((u) => u.email === email);
+        if (existingUser) {
+            throw new Error('User already exists');
+        }
+
+        const hashedPassword = await bcrypt.hash(password, 12);
+
+        // 🚨 TODO: Change this to inserting into your real database!
+        const newUser = {
+            id: Math.random().toString(36).substring(7), // Mock ID
+            email,
+            password: hashedPassword,
+        };
+        mockDb.push(newUser);
+
+        const token = generateToken({ userId: newUser.id, email: newUser.email });
+
+        // Do not return password hash
+        const { password: _, ...userWithoutPassword } = newUser;
+        return { user: userWithoutPassword, token };
+    }
+
+    async login(email: string, password: string) {
+        // 🚨 TODO: Change this to fetching from your real database!
+        const user = mockDb.find((u) => u.email === email);
+
+        if (!user) {
+            throw new Error('Invalid credentials');
+        }
+
+        const isMatch = await bcrypt.compare(password, user.password);
+        if (!isMatch) {
+            throw new Error('Invalid credentials');
+        }
+
+        const token = generateToken({ userId: user.id, email: user.email });
+
+        return { token };
+    }
+
+    async getUserProfile(userId: string) {
+        // 🚨 TODO: Change this to fetching from your real database!
+        const user = mockDb.find((u) => u.id === userId);
+        if (!user) {
+            throw new Error('User not found');
+        }
+
+        const { password, ...profile } = user;
+        return profile;
+    }
+}

package/add-features/auth/nodejs-express/jwt.config.ts

@@ -0,0 +1,17 @@
+import jwt from 'jsonwebtoken';
+
+const JWT_SECRET = process.env.JWT_SECRET || 'change-me-in-production';
+const JWT_EXPIRES_IN = process.env.JWT_EXPIRES_IN || '7d';
+
+export interface JwtPayload {
+    userId: string;
+    email: string;
+}
+
+export function generateToken(payload: JwtPayload): string {
+    return jwt.sign(payload, JWT_SECRET, { expiresIn: JWT_EXPIRES_IN });
+}
+
+export function verifyToken(token: string): JwtPayload {
+    return jwt.verify(token, JWT_SECRET) as JwtPayload;
+}

package/add-features/auth/python-fastapi/INSTRUCTIONS.md

@@ -0,0 +1,100 @@
+# 🔐 JWT Authentication Module — Python FastAPI
+
+A complete, modular authentication flow was added to your project inside the `app/auth/` directory.
+
+## 📁 Files generated:
+
+- `router.py` — The FastAPI `APIRouter` exposing `/auth/login`, `/auth/register`, and `/auth/me`.
+- `service.py` — Business logic (password validation, checking user). **🚨 ACTION REQUIRED HERE**
+- `security.py` — JWT token generation and password hashing (passlib).
+- `schemas.py` — Pydantic models for request/response validation.
+
+## 📦 1. Install Dependencies
+
+You need to install the cryptography and hashing libraries:
+
+```bash
+pip install python-jose[cryptography] passlib[bcrypt] python-multipart
+```
+
+## ⚙️ 2. Environment Variables
+
+Add these to your `.env` file at the root of your project:
+
+```
+JWT_SECRET=your-super-secret-key-change-me
+JWT_EXPIRES_MINUTES=10080
+```
+
+> 💡 **Tip:** Generate a strong random secret by running this:
+> `python -c "import secrets; print(secrets.token_hex(64))"`
+
+---
+
+## 🚨 3. MANDATORY ACTION: Connect to your Database
+
+The generated `service.py` uses an **IN-MEMORY MOCK DATABASE** by default so that the API compiles and runs immediately. 
+You **MUST** replace this with calls to your actual Database (SQLAlchemy, SQLModel, Motor, etc).
+
+**Open `app/auth/service.py` and look for the `🚨 TODO` blocks.**
+
+### Example: How to connect it to SQLAlchemy:
+
+```python
+# Inside app/auth/service.py
+
+from sqlalchemy.orm import Session
+from app.db.models import User
+
+# Add 'db: Session' parameter so router can inject it
+def auth_register(user_data: UserCreate, db: Session) -> dict:
+    existing = db.query(User).filter(User.email == user_data.email).first()
+    if existing:
+        raise HTTPException(status_code=409, detail="User already exists")
+
+    hashed_password = hash_password(user_data.password)
+    
+    new_user = User(email=user_data.email, password=hashed_password)
+    db.add(new_user)
+    db.commit()
+    db.refresh(new_user)
+
+    token = create_access_token(data={"sub": str(new_user.id), "email": new_user.email})
+    return {"user": new_user, "access_token": token, "token_type": "bearer"}
+```
+*(Remember to update `router.py` endpoints to pass the `db: Session = Depends(get_db)` to the service).*
+
+---
+
+## ⚡ 4. Plug the Router into your App
+
+Currently, the `router.py` exists, but your FastAPI app doesn't know about it.
+You must include it in your main application instance.
+
+**Open `app/main.py` and add:**
+
+```python
+from fastapi import FastAPI
+from app.auth.router import router as auth_router # <-- Import this
+
+app = FastAPI()
+
+app.include_router(auth_router) # <-- Register it
+```
+
+## 🔒 5. How to protect other routes
+
+You can secure any other route by using the `get_current_user` dependency:
+
+```python
+from fastapi import APIRouter, Depends
+from app.auth.router import get_current_user
+
+router = APIRouter(prefix="/admin")
+
+# The Depend() ensures a valid JWT is present before hitting this code
+@router.get("/dashboard")
+async def dashboard(user: dict = Depends(get_current_user)):
+    # You now have access to the logged-in user's payload!
+    return {"message": f"Welcome back, {user['email']}"}
+```

package/add-features/auth/python-fastapi/router.py

@@ -0,0 +1,26 @@
+from fastapi import APIRouter, Depends, HTTPException
+from .schemas import UserCreate, UserLogin, TokenResponse, RegisterResponse, UserResponse
+from .service import auth_register, auth_login, get_user_profile
+from .security import oauth2_scheme, decode_token
+
+router = APIRouter(prefix="/auth", tags=["Authentication"])
+
+def get_current_user(token: str = Depends(oauth2_scheme)) -> dict:
+    """Dependency for securing endpoints."""
+    payload = decode_token(token)
+    user_id = payload.get("sub")
+    if not user_id:
+        raise HTTPException(status_code=401, detail="Invalid token structure")
+    return {"user_id": user_id, "email": payload.get("email")}
+
+@router.post("/register", response_model=RegisterResponse, status_code=201)
+def register(user_data: UserCreate):
+    return auth_register(user_data)
+
+@router.post("/login", response_model=TokenResponse)
+def login(user_data: UserLogin):
+    return auth_login(user_data)
+
+@router.get("/me", response_model=UserResponse)
+def get_me(current_user: dict = Depends(get_current_user)):
+    return get_user_profile(current_user["user_id"])

package/add-features/auth/python-fastapi/schemas.py

@@ -0,0 +1,25 @@
+from pydantic import BaseModel, EmailStr
+
+class UserBase(BaseModel):
+    email: EmailStr
+
+class UserCreate(UserBase):
+    password: str
+
+class UserLogin(UserBase):
+    password: str
+
+class UserResponse(UserBase):
+    id: str
+
+    class Config:
+        from_attributes = True
+
+class TokenResponse(BaseModel):
+    access_token: str
+    token_type: str = "bearer"
+
+class RegisterResponse(BaseModel):
+    user: UserResponse
+    access_token: str
+    token_type: str = "bearer"

package/add-features/auth/python-fastapi/security.py

@@ -0,0 +1,37 @@
+import os
+from datetime import datetime, timedelta, timezone
+from typing import Optional
+
+from fastapi import Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordBearer
+from jose import JWTError, jwt
+from passlib.context import CryptContext
+
+JWT_SECRET = os.getenv("JWT_SECRET", "change-me-in-production")
+JWT_ALGORITHM = "HS256"
+JWT_EXPIRES_MINUTES = int(os.getenv("JWT_EXPIRES_MINUTES", "10080"))  # 7 days
+
+pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="auth/login")
+
+def hash_password(password: str) -> str:
+    return pwd_context.hash(password)
+
+def verify_password(plain: str, hashed: str) -> bool:
+    return pwd_context.verify(plain, hashed)
+
+def create_access_token(data: dict, expires_delta: Optional[timedelta] = None) -> str:
+    to_encode = data.copy()
+    expire = datetime.now(timezone.utc) + (expires_delta or timedelta(minutes=JWT_EXPIRES_MINUTES))
+    to_encode.update({"exp": expire})
+    return jwt.encode(to_encode, JWT_SECRET, algorithm=JWT_ALGORITHM)
+
+def decode_token(token: str) -> dict:
+    try:
+        return jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])
+    except JWTError:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid or expired token",
+            headers={"WWW-Authenticate": "Bearer"},
+        )

package/add-features/auth/python-fastapi/service.py

@@ -0,0 +1,61 @@
+from fastapi import HTTPException
+from .security import hash_password, verify_password, create_access_token
+from .schemas import UserCreate, UserLogin
+
+# ==========================================
+# 🚨 TODO: DATABASE INTEGRATION REQUIRED 🚨
+# ==========================================
+# This service currently uses an IN-MEMORY list to store users.
+# You MUST replace the "mock_db" logic below with your SQLAlchemy sessions
+# or other ORM tool.
+#
+# EXAMPLE WITH SQLALCHEMY:
+# def register_user(db: Session, user_data: UserCreate):
+#     existing = db.query(User).filter(User.email == user_data.email).first()
+#     if existing: ...
+# ==========================================
+
+mock_db = []  # 🚨 REPLACE THIS WITH REAL DB CALLS 🚨
+
+def auth_register(user_data: UserCreate) -> dict:
+    # 🚨 TODO: Check real DB
+    existing_user = next((u for u in mock_db if u["email"] == user_data.email), None)
+    if existing_user:
+        raise HTTPException(status_code=409, detail="User already exists")
+
+    hashed_password = hash_password(user_data.password)
+
+    # 🚨 TODO: Insert into real DB
+    import uuid
+    new_user = {
+        "id": str(uuid.uuid4()),
+        "email": user_data.email,
+        "password": hashed_password
+    }
+    mock_db.append(new_user)
+
+    token = create_access_token(data={"sub": new_user["id"], "email": new_user["email"]})
+    
+    return {
+        "user": {"id": new_user["id"], "email": new_user["email"]},
+        "access_token": token,
+        "token_type": "bearer"
+    }
+
+def auth_login(user_data: UserLogin) -> dict:
+    # 🚨 TODO: Fetch from real DB
+    user = next((u for u in mock_db if u["email"] == user_data.email), None)
+    
+    if not user or not verify_password(user_data.password, user["password"]):
+        raise HTTPException(status_code=401, detail="Invalid credentials")
+
+    token = create_access_token(data={"sub": user["id"], "email": user["email"]})
+    return {"access_token": token, "token_type": "bearer"}
+
+def get_user_profile(user_id: str) -> dict:
+    # 🚨 TODO: Fetch from real DB
+    user = next((u for u in mock_db if u["id"] == user_id), None)
+    if not user:
+        raise HTTPException(status_code=404, detail="User not found")
+    
+    return {"id": user["id"], "email": user["email"]}

package/add-features/deploy/dockerfiles/Dockerfile.java

@@ -0,0 +1,22 @@
+# ── Build stage ───────────────────────────────────────────────────
+FROM maven:3.9-eclipse-temurin-21 AS builder
+
+WORKDIR /app
+
+COPY pom.xml .
+# Pre-download dependencies for caching
+RUN mvn dependency:go-offline -B
+
+COPY src ./src
+RUN mvn package -DskipTests -B
+
+# ── Runtime stage ─────────────────────────────────────────────────
+FROM eclipse-temurin:21-jre-alpine
+
+WORKDIR /app
+
+COPY --from=builder /app/target/*.jar app.jar
+
+EXPOSE 8080
+
+ENTRYPOINT ["java", "-jar", "app.jar"]

package/add-features/deploy/dockerfiles/Dockerfile.nextjs

@@ -0,0 +1,32 @@
+FROM node:20-alpine AS deps
+WORKDIR /app
+COPY package*.json ./
+RUN npm ci
+
+FROM node:20-alpine AS builder
+WORKDIR /app
+COPY --from=deps /app/node_modules ./node_modules
+COPY . .
+RUN npm run build
+
+# ── Production runner ─────────────────────────────────────────────
+FROM node:20-alpine AS runner
+WORKDIR /app
+
+ENV NODE_ENV=production
+
+RUN addgroup --system --gid 1001 nodejs
+RUN adduser --system --uid 1001 nextjs
+
+COPY --from=builder /app/public ./public
+COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
+COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
+
+USER nextjs
+
+EXPOSE 3000
+
+ENV PORT=3000
+ENV HOSTNAME="0.0.0.0"
+
+CMD ["node", "server.js"]

package/add-features/deploy/dockerfiles/Dockerfile.nodejs

@@ -0,0 +1,25 @@
+FROM node:20-alpine AS builder
+
+WORKDIR /app
+
+COPY package*.json ./
+RUN npm ci
+
+COPY . .
+RUN npm run build
+
+# ── Production image ──────────────────────────────────────────────
+FROM node:20-alpine AS runner
+
+WORKDIR /app
+
+ENV NODE_ENV=production
+
+COPY --from=builder /app/package*.json ./
+RUN npm ci --only=production
+
+COPY --from=builder /app/dist ./dist
+
+EXPOSE 3000
+
+CMD ["node", "dist/index.js"]

package/add-features/deploy/dockerfiles/Dockerfile.python

@@ -0,0 +1,17 @@
+FROM python:3.11-slim
+
+WORKDIR /app
+
+# Install system dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    gcc \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+COPY . .
+
+EXPOSE 8000
+
+CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]

package/add-features/deploy/fly/INSTRUCTIONS.md

@@ -0,0 +1,39 @@
+# 🚀 Deploy to Fly.io
+
+Your deployment configuration has been generated for **Fly.io**.
+
+## 📁 Files generated
+
+- `fly.toml` — Fly.io app configuration
+- `Dockerfile` — Container image definition
+
+## 🔧 1. Install the Fly CLI
+
+```bash
+# macOS
+brew install flyctl
+
+# Linux / WSL
+curl -L https://fly.io/install.sh | sh
+```
+
+## 🔑 2. Set Secrets (Environment Variables)
+
+```bash
+fly secrets set DATABASE_URL="your-db-connection-string"
+fly secrets set JWT_SECRET="$(node -e "console.log(require('crypto').randomBytes(64).toString('hex'))")"
+```
+
+## ⚡ 3. Deploy
+
+```bash
+fly auth login
+fly launch    # First time: creates the app and allocates resources
+fly deploy    # Subsequent deploys
+```
+
+> 💡 **Tip:** `fly launch` will walk you through a wizard. When it asks "Would you like to deploy now?", you can say Yes.
+
+## 📖 More Info
+- [Fly.io Docs](https://fly.io/docs)
+- [fly.toml Reference](https://fly.io/docs/reference/configuration)

package/add-features/deploy/fly/java-spring.toml

@@ -0,0 +1,21 @@
+app = "my-spring-app"
+primary_region = "gru"
+
+[build]
+  dockerfile = "Dockerfile"
+
+[http_service]
+  internal_port = 8080
+  force_https = true
+  auto_stop_machines = true
+  auto_start_machines = true
+
+  [http_service.concurrency]
+    type = "connections"
+    hard_limit = 25
+    soft_limit = 20
+
+[[vm]]
+  memory = "512mb"
+  cpu_kind = "shared"
+  cpus = 1

package/add-features/deploy/fly/nextjs.toml

@@ -0,0 +1,16 @@
+app = "my-nextjs-app"
+primary_region = "gru"
+
+[build]
+  dockerfile = "Dockerfile"
+
+[http_service]
+  internal_port = 3000
+  force_https = true
+  auto_stop_machines = true
+  auto_start_machines = true
+
+[[vm]]
+  memory = "512mb"
+  cpu_kind = "shared"
+  cpus = 1

package/add-features/deploy/fly/nodejs.toml

@@ -0,0 +1,21 @@
+app = "my-node-app"
+primary_region = "gru"
+
+[build]
+  dockerfile = "Dockerfile"
+
+[http_service]
+  internal_port = 3000
+  force_https = true
+  auto_stop_machines = true
+  auto_start_machines = true
+
+  [http_service.concurrency]
+    type = "connections"
+    hard_limit = 25
+    soft_limit = 20
+
+[[vm]]
+  memory = "256mb"
+  cpu_kind = "shared"
+  cpus = 1

package/add-features/deploy/fly/python-fastapi.toml

@@ -0,0 +1,21 @@
+app = "my-fastapi-app"
+primary_region = "gru"
+
+[build]
+  dockerfile = "Dockerfile"
+
+[http_service]
+  internal_port = 8000
+  force_https = true
+  auto_stop_machines = true
+  auto_start_machines = true
+
+  [http_service.concurrency]
+    type = "connections"
+    hard_limit = 25
+    soft_limit = 20
+
+[[vm]]
+  memory = "256mb"
+  cpu_kind = "shared"
+  cpus = 1

package/add-features/deploy/railway/INSTRUCTIONS.md

@@ -0,0 +1,38 @@
+# 🚀 Deploy to Railway
+
+Your deployment configuration has been generated for **Railway**.
+
+## 📁 Files generated
+
+- `railway.toml` — Railway project configuration
+
+## 🔑 1. Set Environment Variables
+
+1. Go to [railway.app](https://railway.app) → Your Project → **Variables**
+2. Add each variable from your `.env` file:
+
+| Variable | Description |
+|---|---|
+| `DATABASE_URL` | Your database connection string |
+| `JWT_SECRET` | A strong, random secret for JWT signing |
+| `NODE_ENV` / `PYTHON_ENV` | Set to `production` |
+
+> 💡 Railway can also **provision a Postgres database** for you directly — click **New → Database → Postgres** in your project.
+
+## ⚡ 2. Deploy
+
+**Option A — GitHub Auto-Deploy (recommended):**
+1. Go to [railway.app](https://railway.app) → **New Project** → **Deploy from GitHub repo**
+2. Select your repo — Railway auto-detects `railway.toml` and deploys on every push to `main`
+
+**Option B — Railway CLI:**
+```bash
+npm install -g @railway/cli
+railway login
+railway link
+railway up
+```
+
+## 📖 More Info
+- [Railway Docs](https://docs.railway.app)
+- [Railway CLI Reference](https://docs.railway.app/reference/cli-api)

package/add-features/deploy/railway/java-spring.toml

@@ -0,0 +1,16 @@
+[build]
+builder = "dockerfile"
+dockerfilePath = "Dockerfile"
+
+[deploy]
+startCommand = "java -jar target/*.jar"
+restartPolicyType = "on-failure"
+restartPolicyMaxRetries = 5
+healthcheckPath = "/actuator/health"
+healthcheckTimeout = 100
+
+[env]
+# Add your env variables in the Railway dashboard under Variables
+# DATABASE_URL =
+# JWT_SECRET =
+# SPRING_PROFILES_ACTIVE = "prod"

package/add-features/deploy/railway/nextjs.toml

@@ -0,0 +1,14 @@
+[build]
+builder = "nixpacks"
+buildCommand = "npm install && npm run build"
+
+[deploy]
+startCommand = "npm start"
+restartPolicyType = "on-failure"
+restartPolicyMaxRetries = 5
+
+[env]
+# Add your env variables in the Railway dashboard under Variables
+# DATABASE_URL =
+# JWT_SECRET =
+# NEXTAUTH_URL =

package/add-features/deploy/railway/nodejs.toml

@@ -0,0 +1,14 @@
+[build]
+builder = "nixpacks"
+buildCommand = "npm install && npm run build"
+
+[deploy]
+startCommand = "npm start"
+restartPolicyType = "on-failure"
+restartPolicyMaxRetries = 5
+
+[env]
+# Add your env variables in the Railway dashboard under Variables
+# DATABASE_URL =
+# JWT_SECRET =
+# NODE_ENV = "production"

package/add-features/deploy/railway/python-fastapi.toml

@@ -0,0 +1,13 @@
+[build]
+builder = "nixpacks"
+buildCommand = "pip install -r requirements.txt"
+
+[deploy]
+startCommand = "uvicorn app.main:app --host 0.0.0.0 --port $PORT"
+restartPolicyType = "on-failure"
+restartPolicyMaxRetries = 5
+
+[env]
+# Add your env variables in the Railway dashboard under Variables
+# DATABASE_URL =
+# JWT_SECRET =