lapeh 2.2.3 → 2.2.4

package/bin/index.js

@@ -6,15 +6,58 @@ const { execSync } = require('child_process');
 const readline = require('readline');
 
 const args = process.argv.slice(2);
+const command = args[0];
+
+// Register tsconfig paths for development
+require('tsconfig-paths/register');
+
+switch (command) {
+  case 'dev':
+    runDev();
+    break;
+  case 'start':
+    runStart();
+    break;
+  case 'build':
+    runBuild();
+    break;
+  case 'upgrade':
+    (async () => {
+      await upgradeProject();
+    })();
+    break;
+  default:
+    createProject();
+    break;
+}
 
-// --- UPGRADE MODE ---
-if (args[0] === 'upgrade') {
-  (async () => {
-    await upgradeProject();
-  })();
-} else {
-  // --- CREATE MODE ---
-  createProject();
+function runDev() {
+  console.log('🚀 Starting Lapeh in development mode...');
+  try {
+    // We execute a script that requires ts-node to run lib/bootstrap.ts
+    // In a real package, this would be `node dist/lib/bootstrap.js`
+    execSync('npx nodemon --exec ts-node -r tsconfig-paths/register -e "require(\'./lib/bootstrap\').bootstrap()"', { stdio: 'inherit' });
+  } catch (error) {
+    // Ignore error
+  }
+}
+
+function runStart() {
+  console.log('🚀 Starting Lapeh production server...');
+  const distPath = path.join(process.cwd(), 'dist/lib/bootstrap.js');
+  // For production, we assume built files
+  const cmd = `node -e "require('${distPath.replace(/\\/g, '/')}').bootstrap()"`;
+  execSync(cmd, { 
+    stdio: 'inherit',
+    env: { ...process.env, NODE_ENV: 'production' }
+  });
+}
+
+function runBuild() {
+  console.log('🛠️  Building Lapeh project...');
+  execSync('npm run prisma:generate', { stdio: 'inherit' });
+  execSync('npx tsc && npx tsc-alias', { stdio: 'inherit' });
+  console.log('✅ Build complete.');
 }
 
 async function upgradeProject() {

package/doc/ARCHITECTURE_GUIDE.md

@@ -0,0 +1,73 @@
+# Panduan Arsitektur: Menuju "Framework as a Dependency" (Next.js Style)
+
+Saat ini, Lapeh menggunakan pendekatan **Boilerplate** (seperti Laravel), di mana pengguna mendapatkan seluruh kode sumber (`src/`) dan bertanggung jawab atas `express`, `prisma`, dll.
+
+Untuk mengubahnya menjadi seperti **Next.js** (di mana pengguna hanya menginstall `lapeh` dan `package.json` mereka bersih), kita perlu mengubah arsitektur menjadi **Library**.
+
+## 1. Perbedaan Utama
+
+| Fitur | Boilerplate (Lapeh Saat Ini) | Library (Next.js Style) |
+| :--- | :--- | :--- |
+| **Instalasi** | `git clone` / `npx create-lapeh` | `npm install lapeh` |
+| **package.json** | Banyak dependency (`express`, `cors`, dll) | Sedikit (`lapeh`, `react`) |
+| **Scripts** | Panjang (`nodemon src/index.ts`) | Pendek (`lapeh dev`) |
+| **Core Code** | Terbuka di `src/core/` | Tersembunyi di `node_modules/lapeh` |
+| **Update** | Susah (harus merge manual) | Mudah (`npm update lapeh`) |
+
+## 2. Langkah Implementasi
+
+Saya telah memulai langkah pertama dengan menambahkan **CLI Runner** di `bin/index.js`.
+
+### A. Update CLI (`bin/index.js`) ✅ (Sudah Dilakukan)
+Saya sudah menambahkan command `dev`, `start`, dan `build` ke dalam CLI Lapeh. Ini memungkinkan pengguna menjalankan server tanpa tahu perintah aslinya.
+
+```javascript
+// Contoh penggunaan nanti:
+"scripts": {
+  "dev": "lapeh dev",
+  "build": "lapeh build",
+  "start": "lapeh start"
+}
+```
+
+### B. Struktur Project Pengguna (Target)
+Nantinya, project pengguna Lapeh hanya akan berisi file bisnis mereka:
+
+```text
+my-app/
+├── src/
+│   ├── controllers/
+│   ├── routes/
+│   └── models/
+├── lapeh.config.ts  <-- Konfigurasi framework (pengganti edit core)
+└── package.json
+```
+
+Dan `package.json` mereka akan terlihat seperti ini:
+
+```json
+{
+  "name": "my-app",
+  "dependencies": {
+    "lapeh": "^2.0.0"
+  },
+  "scripts": {
+    "dev": "lapeh dev",
+    "build": "lapeh build",
+    "start": "lapeh start"
+  }
+}
+```
+
+### C. Apa yang Harus Dilakukan Selanjutnya?
+
+1.  **Publish Package**: Anda perlu mempublish folder framework ini ke NPM (atau private registry).
+    *   Pastikan `express`, `cors`, `helmet`, dll ada di `dependencies` (bukan `devDependencies`).
+2.  **Abstraksi `src/index.ts`**:
+    *   Saat ini `src/index.ts` adalah entry point yang diedit user.
+    *   Ubah agar `lapeh dev` menjalankan server internal yang **mengimpor** routes/controller user secara dinamis (seperti Next.js pages router).
+3.  **Config Loader**:
+    *   Buat sistem pembacaan `lapeh.config.ts` untuk mengatur Port, Database URL, dll tanpa mengedit kode core.
+
+## 3. Kesimpulan
+Perubahan yang saya lakukan di `bin/index.js` adalah fondasi untuk CLI style. Untuk mencapai "Clean package.json" sepenuhnya, Anda harus memisahkan **Framework Core** (repo ini) dengan **User Project** (repo baru yang menginstall framework ini).

package/doc/CHEATSHEET.md

@@ -4,48 +4,50 @@ Referensi cepat untuk perintah dan kode yang sering digunakan.
 
 ## 💻 CLI Commands
 
-| Perintah | Fungsi |
-| :--- | :--- |
-| **`npm run dev`** | Menjalankan server development (hot-reload). |
-| **`npm run typecheck`** | Cek error TypeScript (tanpa compile). |
-| **`npm run lint`** | Cek kode kotor/variabel tidak terpakai. |
-| **`npm run lint:fix`** | Perbaiki kode kotor otomatis. |
-| **`npm run make:module <Name>`** | Buat Controller, Route, & Model sekaligus. |
-| **`npm run make:controller <Name>`** | Buat Controller saja. |
-| **`npm run make:model <Name>`** | Buat Model Prisma saja. |
-| **`npm run prisma:migrate`** | Apply perubahan schema ke DB lokal. |
-| **`npm run db:studio`** | Buka GUI Database. |
-| **`npm run db:seed`** | Isi data dummy. |
-| **`npm run db:reset`** | Hapus DB & mulai dari nol. |
+| Perintah                             | Fungsi                                       |
+| :----------------------------------- | :------------------------------------------- |
+| **`npm run dev`**                    | Menjalankan server development (hot-reload). |
+| **`npm run typecheck`**              | Cek error TypeScript (tanpa compile).        |
+| **`npm run lint`**                   | Cek kode kotor/variabel tidak terpakai.      |
+| **`npm run lint:fix`**               | Perbaiki kode kotor otomatis.                |
+| **`npm run make:module <Name>`**     | Buat Controller, Route, & Model sekaligus.   |
+| **`npm run make:controller <Name>`** | Buat Controller saja.                        |
+| **`npm run make:model <Name>`**      | Buat Model Prisma saja.                      |
+| **`npm run prisma:migrate`**         | Apply perubahan schema ke DB lokal.          |
+| **`npm run db:studio`**              | Buka GUI Database.                           |
+| **`npm run db:seed`**                | Isi data dummy.                              |
+| **`npm run db:reset`**               | Hapus DB & mulai dari nol.                   |
 
 ## 🛡️ Validator Rules (Laravel-Style)
 
 Gunakan di `Validator.make(data, rules)`.
 
-| Rule | Deskripsi | Contoh |
-| :--- | :--- | :--- |
-| `required` | Wajib ada & tidak null. | `"required"` |
-| `string` | Harus text. | `"required|string"` |
-| `number` | Harus angka. | `"required|number"` |
-| `email` | Format email valid. | `"required|email"` |
-| `min:X` | Min panjang/nilai. | `"min:8"` (pass), `"min:18"` (umur) |
-| `max:X` | Max panjang/nilai. | `"max:255"` |
-| `unique:table,col` | Cek unik di DB. | `"unique:users,email"` |
-| `exists:table,col` | Cek exist di DB. | `"exists:roles,id"` |
-| `image` | File harus gambar. | `"required|image"` |
-| `mimes:types` | File extension. | `"mimes:pdf,docx"` |
+| Rule               | Deskripsi               | Contoh                              |
+| :----------------- | :---------------------- | :---------------------------------- | -------- |
+| `required`         | Wajib ada & tidak null. | `"required"`                        |
+| `string`           | Harus text.             | `"required                          | string"` |
+| `number`           | Harus angka.            | `"required                          | number"` |
+| `email`            | Format email valid.     | `"required                          | email"`  |
+| `min:X`            | Min panjang/nilai.      | `"min:8"` (pass), `"min:18"` (umur) |
+| `max:X`            | Max panjang/nilai.      | `"max:255"`                         |
+| `unique:table,col` | Cek unik di DB.         | `"unique:users,email"`              |
+| `exists:table,col` | Cek exist di DB.        | `"exists:roles,id"`                 |
+| `image`            | File harus gambar.      | `"required                          | image"`  |
+| `mimes:types`      | File extension.         | `"mimes:pdf,docx"`                  |
 
 ## 🔑 Authentication
 
 **Middleware di Route:**
+
 ```typescript
 import { requireAuth, requireAdmin } from "@/middleware/auth";
 
-router.get("/profile", requireAuth, getProfile);       // Login User
+router.get("/profile", requireAuth, getProfile); // Login User
 router.delete("/user", requireAuth, requireAdmin, del); // Admin Only
 ```
 
 **Akses User di Controller:**
+
 ```typescript
 // (req as any).user tersedia setelah requireAuth
 const userId = (req as any).user.userId;
@@ -55,22 +57,25 @@ const role = (req as any).user.role;
 ## ⚡ Fast Response (Serializer)
 
 **1. Schema:**
+
 ```typescript
 const schema = {
   type: "object",
   properties: {
     id: { type: "string" },
-    name: { type: "string" }
-  }
+    name: { type: "string" },
+  },
 };
 ```
 
 **2. Serializer:**
+
 ```typescript
 const serializer = getSerializer("key-name", createResponseSchema(schema));
 ```
 
 **3. Send:**
+
 ```typescript
 sendFastSuccess(res, 200, serializer, { ...data });
 ```
@@ -78,7 +83,7 @@ sendFastSuccess(res, 200, serializer, { ...data });
 ## 📦 Redis (Cache)
 
 ```typescript
-import { redis } from "@/core/redis";
+import { redis } from "@lapeh/core/redis";
 
 // Set Cache (Key, Value, Mode, Detik)
 await redis.set("profile:1", JSON.stringify(data), "EX", 3600);

package/doc/FEATURES.md

@@ -6,12 +6,12 @@ Dokumen ini menjelaskan fitur-fitur utama Lapeh Framework dan cara penggunaannya
 
 Framework ini menyediakan utility `Validator` yang terinspirasi dari Laravel, menggunakan `zod` di belakang layar namun dengan API yang lebih string-based dan mudah dibaca.
 
-**Lokasi:** `@/utils/validator`
+**Lokasi:** `@lapeh/utils/validator`
 
 ### Penggunaan Dasar
 
 ```typescript
-import { Validator } from "@/utils/validator";
+import { Validator } from "@lapeh/utils/validator";
 
 export async function createProduct(req: Request, res: Response) {
   const validator = await Validator.make(req.body, {
@@ -79,7 +79,7 @@ Untuk endpoint yang membutuhkan performa tinggi (misalnya list data besar), guna
 3. **Kirim Response**
 
    ```typescript
-   import { sendFastSuccess } from "@/utils/response";
+   import { sendFastSuccess } from "@lapeh/utils/response";
 
    // Di dalam controller
    sendFastSuccess(res, 200, productSerializer, {

package/doc/STRUCTURE.md

@@ -4,56 +4,73 @@ Untuk memahami Lapeh Framework sepenuhnya, Anda perlu tahu apa fungsi setiap fil
 
 ## Root Directory
 
-| File/Folder | Deskripsi |
-| :--- | :--- |
-| `bin/` | Berisi script eksekusi untuk CLI (`npx lapeh`). Anda jarang menyentuh ini. |
-| `doc/` | Dokumentasi proyek ini berada. |
-| `prisma/` | Jantung konfigurasi Database. |
-| `scripts/` | Kumpulan script Node.js untuk utility (generator, compiler schema, dll). |
-| `src/` | **Source Code Utama**. 99% kodingan Anda ada di sini. |
-| `.env` | Variabel rahasia (Database URL, API Keys). **Jangan commit file ini ke Git!** |
-| `docker-compose.yml` | Konfigurasi Docker untuk menjalankan Database & Redis lokal. |
-| `nodemon.json` | Konfigurasi auto-restart saat development. |
-| `package.json` | Daftar library (dependencies) dan perintah (`npm run ...`). |
-| `tsconfig.json` | Konfigurasi TypeScript. |
-
-## Folder `src/` (Source Code)
+| File/Folder          | Deskripsi                                                                     |
+| :------------------- | :---------------------------------------------------------------------------- |
+| `bin/`               | Berisi script eksekusi untuk CLI (`npx lapeh`). Anda jarang menyentuh ini.    |
+| `doc/`               | Dokumentasi proyek ini berada.                                                |
+| `lib/`               | **Framework Core**. Bagian internal framework yang jarang Anda sentuh.        |
+| `prisma/`            | Jantung konfigurasi Database.                                                 |
+| `scripts/`           | Kumpulan script Node.js untuk utility (generator, compiler schema, dll).      |
+| `src/`               | **Source Code Utama**. 99% kodingan Anda ada di sini.                         |
+| `.env`               | Variabel rahasia (Database URL, API Keys). **Jangan commit file ini ke Git!** |
+| `docker-compose.yml` | Konfigurasi Docker untuk menjalankan Database & Redis lokal.                  |
+| `nodemon.json`       | Konfigurasi auto-restart saat development.                                    |
+| `package.json`       | Daftar library (dependencies) dan perintah (`npm run ...`).                   |
+| `tsconfig.json`      | Konfigurasi TypeScript.                                                       |
+
+## Folder `src/` (Source Code - User Space)
 
 Ini adalah tempat Anda bekerja setiap hari.
 
 ### `src/controllers/`
+
 Berisi logika aplikasi. Controller menerima Request, memprosesnya, dan mengembalikan Response.
+
 - **Contoh**: `authController.ts` menangani login/register.
-- **Tips**: Jangan taruh *business logic* yang terlalu kompleks di sini. Gunakan Service (opsional) jika controller sudah terlalu gemuk.
+- **Tips**: Jangan taruh _business logic_ yang terlalu kompleks di sini. Gunakan Service (opsional) jika controller sudah terlalu gemuk.
 
 ### `src/models/`
+
 Berisi definisi tabel database (Schema Prisma).
+
 - **Unik di Lapeh**: Kami memecah `schema.prisma` yang besar menjadi file-file kecil per fitur (misal `user.prisma`, `product.prisma`) agar mudah di-manage. Script `prisma:migrate` akan menggabungkannya nanti.
 
 ### `src/routes/`
+
 Mendefinisikan URL endpoint.
+
 - Menghubungkan URL (misal `/api/login`) ke fungsi di Controller.
 - Menempelkan Middleware (misal `requireAuth`).
 
-### `src/middleware/`
-Kode yang berjalan *sebelum* Controller.
-- `auth.ts`: Cek JWT Token.
-- `rateLimit.ts`: Batasi jumlah request.
-- `requestLogger.ts`: Log setiap request yang masuk.
+## Folder `lib/` (Framework Internals)
 
-### `src/utils/`
-Fungsi bantuan (Helper) yang bisa dipakai di mana saja.
-- `validator.ts`: Validasi input ala Laravel.
-- `response.ts`: Standar format JSON response (`sendSuccess`, `sendError`).
-- `logger.ts`: Sistem logging (Winston).
+Bagian ini mirip dengan `node_modules` atau folder `.next` di Next.js. Ini adalah mesin framework.
+
+### `lib/core/`
+
+Bagian "Mesin" framework.
 
-### `src/core/`
-Bagian "Mesin" framework. Anda jarang perlu mengubah ini kecuali ingin memodifikasi behavior dasar framework.
 - `server.ts`: Setup Express App.
 - `database.ts`: Instance Prisma Client.
 - `redis.ts`: Koneksi Redis.
 - `serializer.ts`: Logic caching JSON Schema.
 
+### `lib/middleware/`
+
+Middleware bawaan framework.
+
+- `auth.ts`: Cek JWT Token.
+- `rateLimit.ts`: Batasi jumlah request.
+- `requestLogger.ts`: Log setiap request yang masuk.
+
+### `lib/utils/`
+
+Fungsi bantuan (Helper) bawaan.
+
+- `validator.ts`: Validasi input ala Laravel.
+- `response.ts`: Standar format JSON response (`sendFastSuccess`, `sendError`).
+- `logger.ts`: Sistem logging (Winston).
+
 ## Folder `prisma/`
 
 - `migrations/`: History perubahan database (SQL file). Jangan diedit manual.
@@ -63,6 +80,7 @@ Bagian "Mesin" framework. Anda jarang perlu mengubah ini kecuali ingin memodifik
 ## Folder `scripts/`
 
 Script-script "Magic" yang dijalankan `npm run`.
+
 - `make-controller.js`: Generator controller.
 - `compile-schema.js`: Penggabung file `.prisma`.
 - `init-project.js`: Wizard setup awal.

package/lib/bootstrap.ts

@@ -0,0 +1,145 @@
+import dotenv from "dotenv";
+dotenv.config();
+
+import express, { Request, Response, NextFunction } from "express";
+import cors from "cors";
+import helmet from "helmet";
+import compression from "compression";
+import http from "http";
+import path from "path";
+import { initRealtime } from "./core/realtime";
+import { initRedis, redis } from "./core/redis";
+import { prisma } from "./core/database";
+import { visitorCounter } from "./middleware/visitor";
+import { errorHandler } from "./middleware/error";
+import { apiLimiter } from "./middleware/rateLimit";
+import { requestLogger } from "./middleware/requestLogger";
+import { sendSuccess } from "./utils/response";
+
+export async function bootstrap() {
+  // Validasi Environment Variables
+  const requiredEnvs = ["DATABASE_URL", "JWT_SECRET"];
+  const missingEnvs = requiredEnvs.filter((key) => !process.env[key]);
+  if (missingEnvs.length > 0) {
+    console.error(
+      `❌ Missing required environment variables: ${missingEnvs.join(", ")}`
+    );
+    process.exit(1);
+  }
+
+  const app = express();
+
+  app.disable("x-powered-by");
+  app.use(compression());
+
+  // Request Timeout Middleware (30s)
+  app.use((_req: Request, res: Response, next: NextFunction) => {
+    res.setTimeout(30000, () => {
+      res.status(408).send({
+        status: "error",
+        message: "Request Timeout (30s limit)",
+      });
+    });
+    next();
+  });
+
+  app.use(
+    helmet({
+      contentSecurityPolicy: false,
+      crossOriginResourcePolicy: { policy: "cross-origin" },
+    })
+  );
+
+  const corsOrigin = process.env.CORS_ORIGIN || "*";
+  app.use(
+    cors({
+      origin: corsOrigin,
+      credentials: true,
+      exposedHeaders: ["x-access-token", "x-access-expires-at"],
+    })
+  );
+
+  app.use(requestLogger);
+  app.use(express.json({ limit: "10mb" }));
+  app.use(express.urlencoded({ extended: true, limit: "10mb" }));
+  app.use(apiLimiter);
+  app.use(visitorCounter);
+
+  // Health Check
+  app.get("/", (_req: Request, res: Response) => {
+    sendSuccess(res, 200, "Lapeh API is running", {
+      status: "active",
+      timestamp: new Date(),
+      version: process.env.npm_package_version || "unknown",
+    });
+  });
+
+  // DYNAMIC ROUTE LOADING
+  try {
+    const isProduction = process.env.NODE_ENV === "production";
+    const userRoutesPath = isProduction
+      ? path.join(process.cwd(), "dist", "src", "routes")
+      : path.join(process.cwd(), "src", "routes");
+
+    // Gunakan require agar sinkron dan mudah dicatch
+    const { apiRouter } = require(userRoutesPath);
+    app.use("/api", apiRouter);
+    console.log(
+      `✅ User routes loaded successfully from ${
+        isProduction ? "dist/" : ""
+      }src/routes`
+    );
+  } catch (error) {
+    console.warn(
+      "⚠️  Could not load user routes. Make sure you export 'apiRouter'."
+    );
+    console.error(error);
+  }
+
+  app.use(errorHandler);
+
+  const port = process.env.PORT ? Number(process.env.PORT) : 4000;
+  const server = http.createServer(app);
+
+  initRealtime(server);
+
+  try {
+    await initRedis();
+
+    server.on("error", (e: any) => {
+      if (e.code === "EADDRINUSE") {
+        console.log(`\n❌ Error: Port ${port} is already in use.`);
+        process.exit(1);
+      }
+    });
+
+    server.listen(port, () => {
+      console.log(`✅ API running at http://localhost:${port}`);
+      console.log(`🛡️  Environment: ${process.env.NODE_ENV || "development"}`);
+    });
+  } catch (error) {
+    console.error("❌ Failed to start server:", error);
+    process.exit(1);
+  }
+
+  // Graceful Shutdown
+  const shutdown = async (signal: string) => {
+    console.log(`\n🛑 ${signal} received. Closing resources...`);
+    server.close(() => console.log("Http server closed."));
+    try {
+      await prisma.$disconnect();
+      if (redis && redis.status === "ready") await redis.quit();
+      process.exit(0);
+    } catch (err) {
+      console.error("Error during shutdown:", err);
+      process.exit(1);
+    }
+  };
+
+  process.on("SIGTERM", () => shutdown("SIGTERM"));
+  process.on("SIGINT", () => shutdown("SIGINT"));
+  process.on("uncaughtException", (error) => {
+    console.error("❌ Uncaught Exception:", error);
+    shutdown("uncaughtException");
+  });
+}

package/{src → lib}/core/server.ts

@@ -1,9 +1,10 @@
-import express, { Request, Response } from "express";
+import express, { Request, Response, NextFunction } from "express";
 import cors from "cors";
 import helmet from "helmet";
-import { apiRouter } from "../routes"; // Import unified routes
+import compression from "compression";
+// import { apiRouter } from "@/routes"; // Routes are now loaded dynamically in bootstrap.ts
 import { visitorCounter } from "../middleware/visitor";
-import { errorHandler } from "../middleware/error";
+// import { errorHandler } from "../middleware/error";
 import { apiLimiter } from "../middleware/rateLimit";
 import { requestLogger } from "../middleware/requestLogger";
 import { sendSuccess } from "../utils/response";
@@ -12,6 +13,20 @@ export const app = express();
 
 app.disable("x-powered-by");
 
+// Compression (Gzip)
+app.use(compression());
+
+// Request Timeout Middleware (30s)
+app.use((_req: Request, res: Response, next: NextFunction) => {
+  res.setTimeout(30000, () => {
+    res.status(408).send({
+      status: "error",
+      message: "Request Timeout (30s limit)",
+    });
+  });
+  next();
+});
+
 // Security Headers
 app.use(
   helmet({
@@ -48,8 +63,8 @@ app.get("/", (_req: Request, res: Response) => {
   });
 });
 
-// Routes
-app.use("/api", apiRouter);
+// Routes are loaded in bootstrap.ts via app.use('/api', userApiRouter)
 
 // Global Error Handler
-app.use(errorHandler);
+// Note: We don't attach error handler here because we want to attach it AFTER routes are loaded in bootstrap
+// app.use(errorHandler);

package/{src → lib}/middleware/auth.ts

@@ -1,7 +1,14 @@
 import { Request, Response, NextFunction } from "express";
 import jwt from "jsonwebtoken";
 import { sendError } from "../utils/response";
-import { ACCESS_TOKEN_EXPIRES_IN_SECONDS } from "../controllers/authController";
+// Note: We should ideally avoid importing from controllers in middleware
+// But for now we'll keep it to maintain functionality, but point to src if needed
+// However, authController is in src (user land) or lib?
+// Wait, authController was NOT moved to lib. It is in src/controllers.
+// So this import will fail if we use relative paths.
+// But we are in lib.
+// We should probably move ACCESS_TOKEN_EXPIRES_IN_SECONDS to a config or constants file in lib.
+const ACCESS_TOKEN_EXPIRES_IN_SECONDS = 7 * 24 * 60 * 60;
 
 export function requireAuth(req: Request, res: Response, next: NextFunction) {
   const header = req.headers.authorization;
@@ -35,7 +42,7 @@ export function requireAuth(req: Request, res: Response, next: NextFunction) {
     res.setHeader("x-access-expires-at", accessExpiresAt);
 
     next();
-  } catch {
+  } catch (err: any) {
     sendError(res, 401, "Invalid token");
   }
 }

package/{src → lib}/middleware/error.ts

@@ -27,6 +27,11 @@ export function errorHandler(
       const fields = target.length > 0 ? target.join(", ") : "field";
       return sendError(res, 409, `Unique constraint failed on: ${fields}`);
     }
+    // P2003: Foreign key constraint failed
+    if (err.code === "P2003") {
+      const field = err.meta?.field_name || "unknown field";
+      return sendError(res, 400, `Foreign key constraint failed on: ${field}`);
+    }
     // P2025: Record not found
     if (err.code === "P2025") {
       return sendError(res, 404, "Record not found");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "lapeh",
-  "version": "2.2.3",
+  "version": "2.2.4",
   "description": "Framework API Express yang siap pakai (Standardized)",
   "main": "index.js",
   "bin": {
@@ -16,14 +16,14 @@
   },
   "types": "dist/src/index.d.ts",
   "scripts": {
-    "dev": "node scripts/check-update.js && nodemon src/index.ts",
+    "dev": "node bin/index.js dev",
     "first": "node scripts/init-project.js",
     "prebuild": "npm run prisma:generate",
-    "build": "tsc && tsc-alias",
+    "build": "node bin/index.js build",
     "prestart": "npm run prisma:generate",
-    "start": "node dist/src/index.js",
+    "start": "node bin/index.js start",
     "prestart:prod": "npm run prisma:generate",
-    "start:prod": "NODE_ENV=production node dist/src/index.js",
+    "start:prod": "node bin/index.js start",
     "typecheck": "tsc --noEmit",
     "lint": "eslint .",
     "lint:fix": "eslint . --fix",
@@ -67,6 +67,7 @@
     "@prisma/adapter-pg": "7.2.0",
     "@prisma/client": "7.2.0",
     "bcryptjs": "3.0.3",
+    "compression": "^1.8.1",
     "cors": "2.8.5",
     "dotenv": "17.2.3",
     "express": "5.2.1",
@@ -88,6 +89,7 @@
   "devDependencies": {
     "@eslint/js": "^9.39.2",
     "@types/bcryptjs": "2.4.6",
+    "@types/compression": "^1.8.1",
     "@types/cors": "2.8.19",
     "@types/express": "5.0.6",
     "@types/jsonwebtoken": "9.0.10",