nebula-starter-kit 0.0.1

package/templates/core/constants/environment.module.ts

@@ -0,0 +1,9 @@
+import { Global, Module } from '@nestjs/common';
+import { EnvironmentService } from './environment.service';
+
+@Global()
+@Module({
+  providers: [EnvironmentService],
+  exports: [EnvironmentService],
+})
+export class EnvironmentModule {}

package/templates/core/constants/environment.service.ts

@@ -0,0 +1,69 @@
+import { Injectable } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+
+@Injectable()
+export class EnvironmentService {
+  constructor(private config: ConfigService) {}
+  // Environment variables
+  private get(key: string, required = true): string {
+    const value = this.config?.get<string>(key) || process.env[key];
+    if (required && !value) {
+      throw new Error(`Missing required environment variable: ${key}`);
+    }
+    return value ?? '';
+  }
+
+  isLocal(): boolean {
+    return this.get('NODE_ENV') !== 'production';
+  }
+
+  isProd(): boolean {
+    return this.get('NODE_ENV') === 'production';
+  }
+
+  isLambda(): boolean {
+    return !!this.get('AWS_LAMBDA_FUNCTION_NAME');
+  }
+
+  region(): string {
+    return this.get('REGION') || this.get('AWS_REGION') || 'us-east-1';
+  }
+
+  accessKeyId(): string {
+    return this.get('AWS_ACCESS_KEY_ID') || 'local';
+  }
+
+  secretAccessKey(): string {
+    return this.get('AWS_SECRET_ACCESS_KEY') || 'local';
+  }
+
+  dynamoEndpoint(): string {
+    return this.get('DYNAMO_ENDPOINT') || 'http://localhost:8000';
+  }
+
+  appPort(): number {
+    return Number(this.get('PORT')) || 3000;
+  }
+
+  appName(): string {
+    return this.get('APP_NAME') || 'NEBULA';
+  }
+
+  COGNITO_USER_POOL_ID(): string {
+    return this.get('COGNITO_USER_POOL_ID') || 'COGNITO_USER_POOL_ID';
+  }
+
+  COGNITO_CLIENT_ID(): string {
+    return this.get('COGNITO_CLIENT_ID') || 'COGNITO_CLIENT_ID';
+  }
+
+  tables(): string[] {
+    const tables = this.get('DYNAMODB_TABLES') || null;
+    console.log('tables', tables);
+    return tables ? tables.split(',') : ['users'];
+  }
+
+  BEDROCK_MODEL(): string {
+    return this.get('BEDROCK_MODEL') || 'BEDROCK_MODEL';
+  }
+}

package/templates/core/core.controller.ts

@@ -0,0 +1,35 @@
+import { Controller, Get, Req, Res } from '@nestjs/common';
+import { Request, Response } from 'express';
+import { EnvironmentService } from './constants/environment.service';
+
+import * as dotenv from 'dotenv';
+dotenv.config();
+
+@Controller('core')
+export class CoreController {
+  constructor(private readonly config: EnvironmentService) {}
+
+  @Get('/env-config.js')
+  getEnvConfig(@Req() req: Request, @Res() res: Response) {
+    const protocol = req.headers['x-forwarded-proto'] ?? req.protocol;
+
+    const host = req.headers['host'];
+
+    const apiUrl = `${protocol}://${host}`;
+
+    const js = `
+    window.__ENV__ = {
+      API_BASE_URL: "${apiUrl}",
+      COGNITO_USER_POOL_ID: "${
+        this.config?.COGNITO_USER_POOL_ID() || process.env.COGNITO_USER_POOL_ID
+      }",
+      COGNITO_CLIENT_ID: "${
+        this.config?.COGNITO_CLIENT_ID() || process.env.COGNITO_CLIENT_ID
+      }"
+    };
+  `;
+
+    res.type('application/javascript');
+    res.send(js);
+  }
+}

package/templates/core/core.module.ts

@@ -0,0 +1,22 @@
+import { Module } from '@nestjs/common';
+import { ConfigModule } from '@nestjs/config';
+import { EnvironmentModule } from './constants/environment.module';
+import { CoreController } from './core.controller';
+import { DatabaseModule } from './database/database.module';
+import { AuthModule } from './auth/auth.module';
+import { SummarizeModule } from './summarize/summarize.module';
+import { AuditModule } from './audit/audit.module';
+
+@Module({
+  imports: [
+    // __GENERATED_IMPORTS__,
+    ConfigModule.forRoot({ isGlobal: true, envFilePath: '.env' }),
+    EnvironmentModule,
+    DatabaseModule,
+    AuthModule,
+    AuditModule,
+    SummarizeModule,
+  ],
+  controllers: [CoreController],
+})
+export class CoreModule {}

package/templates/core/database/database.module.ts

@@ -0,0 +1,20 @@
+import { Module } from '@nestjs/common';
+import { EnvironmentService } from '../constants/environment.service';
+import { DatabaseService } from './database.service';
+import {
+  DYNAMODB_DOC,
+  DYNAMODB_RAW,
+  DynamoDBDocProvider,
+  DynamoDBRawProvider,
+} from './database.provider';
+
+@Module({
+  providers: [
+    DynamoDBRawProvider,
+    DynamoDBDocProvider,
+    DatabaseService,
+    EnvironmentService,
+  ],
+  exports: [DYNAMODB_DOC, DYNAMODB_RAW, DatabaseService],
+})
+export class DatabaseModule {}

package/templates/core/database/database.provider.ts

@@ -0,0 +1,32 @@
+import { DynamoDBClient } from '@aws-sdk/client-dynamodb';
+import { DynamoDBDocumentClient } from '@aws-sdk/lib-dynamodb';
+import { EnvironmentService } from '../constants/environment.service';
+
+export const DYNAMODB_RAW = 'DYNAMODB_RAW';
+export const DYNAMODB_DOC = 'DYNAMODB_DOC';
+
+export const DynamoDBRawProvider = {
+  provide: DYNAMODB_RAW,
+  inject: [EnvironmentService],
+  useFactory: (env: EnvironmentService) => {
+    return new DynamoDBClient({
+      region: env.region(),
+      ...(!env.isLambda() && {
+        endpoint: env.dynamoEndpoint(),
+        credentials: {
+          accessKeyId: env.accessKeyId(),
+          secretAccessKey: env.secretAccessKey(),
+        },
+      }),
+    });
+  },
+};
+
+export const DynamoDBDocProvider = {
+  provide: DYNAMODB_DOC,
+  inject: [DYNAMODB_RAW],
+  useFactory: (client: DynamoDBClient) =>
+    DynamoDBDocumentClient.from(client, {
+      marshallOptions: { removeUndefinedValues: true },
+    }),
+};

package/templates/core/database/database.service.ts

@@ -0,0 +1,168 @@
+import { Inject, Injectable, OnModuleInit } from '@nestjs/common';
+import {
+  DynamoDBClient,
+  CreateTableCommand,
+  DescribeTableCommand,
+  waitUntilTableExists,
+  KeyType,
+  UpdateTableCommand,
+} from '@aws-sdk/client-dynamodb';
+import { EnvironmentService } from '../constants/environment.service';
+import { GSIConfig, TableConfig } from './database.types';
+import { GENERATED_SCHEMAS } from './generated-schemas';
+import { DYNAMODB_DOC } from './database.provider';
+
+@Injectable()
+export class DatabaseService implements OnModuleInit {
+  schemas;
+  constructor(
+    @Inject(DYNAMODB_DOC) private client: DynamoDBClient,
+    private env: EnvironmentService,
+  ) {
+    this.schemas = GENERATED_SCHEMAS;
+    console.log('DBSchemas', this.schemas);
+  }
+
+  async onModuleInit() {
+    await this.ensureTables(this.schemas);
+  }
+
+  public async ensureTables(tables: TableConfig[]) {
+    console.log(
+      'ENVIRONMENT:',
+      `${this.env?.isLambda() ? 'PRODUCTION' : 'DEVELOPMENT'}`,
+    );
+    const results: { table: string; status: string; error?: string }[] = [];
+    for (const table of tables) {
+      try {
+        await this.ensureSingleTable(table);
+        results.push({ table: table.tableName, status: 'ensured' });
+      } catch (err: any) {
+        results.push({
+          table: table.tableName,
+          status: 'error',
+          error: err.message,
+        });
+      }
+    }
+    console.log('Returning results', results);
+    return results;
+  }
+
+  private buildAttributeDefinitions(
+    hashKey: string,
+    rangeKey: string,
+    gsis: GSIConfig[] = [],
+  ) {
+    const attributes = new Map<string, 'S' | 'N' | 'B'>();
+
+    // Table primary keys
+    attributes.set(hashKey, 'S');
+    attributes.set(rangeKey, 'S');
+
+    // GSI keys
+    for (const gsi of gsis) {
+      attributes.set(gsi.partitionKey, 'S');
+      if (gsi.sortKey) {
+        attributes.set(gsi.sortKey, 'S');
+      }
+    }
+
+    return Array.from(attributes.entries()).map(
+      ([AttributeName, AttributeType]) => ({
+        AttributeName,
+        AttributeType,
+      }),
+    );
+  }
+
+  private async ensureSingleTable(table: TableConfig) {
+    const { tableName, hashKey, rangeKey, gsis } = table;
+
+    try {
+      const describe = await this.client.send(
+        new DescribeTableCommand({ TableName: tableName }),
+      );
+
+      console.log(`Table "${tableName}" already exists`);
+
+      const existingGsis =
+        describe.Table?.GlobalSecondaryIndexes?.map((g) => g.IndexName) || [];
+
+      const gsisToAdd = gsis?.filter(
+        (g) => !existingGsis.includes(g.indexName),
+      );
+
+      if (gsisToAdd?.length) {
+        console.log(
+          `Adding GSIs: ${gsisToAdd.map((g) => g.indexName).join(', ')}`,
+        );
+        await this.client.send(
+          new UpdateTableCommand({
+            TableName: tableName,
+            AttributeDefinitions: this.buildAttributeDefinitions(
+              hashKey,
+              rangeKey,
+              gsisToAdd,
+            ),
+            GlobalSecondaryIndexUpdates: gsisToAdd.map((g) => ({
+              Create: {
+                IndexName: g.indexName,
+                KeySchema: [
+                  { AttributeName: g.partitionKey, KeyType: KeyType.HASH },
+                  { AttributeName: g.sortKey, KeyType: KeyType.RANGE },
+                ],
+                Projection: { ProjectionType: 'ALL' },
+              },
+            })),
+          }),
+        );
+      }
+
+      return { table: tableName, status: 'exists' };
+    } catch (err: any) {
+      if (err.name === 'ResourceNotFoundException') {
+        console.log(`Creating table "${tableName}"...`);
+
+        await this.client.send(
+          new CreateTableCommand({
+            TableName: tableName,
+            BillingMode: 'PAY_PER_REQUEST',
+            KeySchema: [
+              { AttributeName: hashKey, KeyType: KeyType.HASH },
+              { AttributeName: rangeKey, KeyType: KeyType.RANGE },
+            ],
+            AttributeDefinitions: this.buildAttributeDefinitions(
+              hashKey,
+              rangeKey,
+              gsis,
+            ),
+
+            GlobalSecondaryIndexes: gsis?.map((gsi: any) => ({
+              IndexName: gsi.indexName,
+              KeySchema: [
+                { AttributeName: gsi.partitionKey, KeyType: KeyType.HASH },
+                // { AttributeName: gsi.sortKey, KeyType: "RANGE" },
+                ...(gsi.sortKey
+                  ? [{ AttributeName: gsi.sortKey, KeyType: KeyType.RANGE }]
+                  : []),
+              ],
+              Projection: { ProjectionType: 'ALL' },
+            })),
+          }),
+        );
+
+        // Wait for the table to be active
+        await waitUntilTableExists(
+          { client: this.client, maxWaitTime: 30 },
+          { TableName: tableName },
+        );
+
+        console.log(`Table "${tableName}" created successfully`);
+        return { table: tableName, status: 'created' };
+      } else {
+        console.error(`Error checking table "${tableName}":`, err);
+      }
+    }
+  }
+}

package/templates/core/database/database.types.ts

@@ -0,0 +1,13 @@
+export type GSIConfig = {
+  indexName: string;
+  partitionKey: string;
+  sortKey?: string;
+  projectionType?: 'ALL' | 'KEYS_ONLY' | 'INCLUDE';
+};
+
+export type TableConfig = {
+  tableName: string;
+  hashKey: string;
+  rangeKey: string;
+  gsis?: GSIConfig[];
+};

package/templates/core/filters/audit.decorator.ts

@@ -0,0 +1,5 @@
+import { SetMetadata } from '@nestjs/common';
+
+export const SKIP_AUDIT_LOG = 'skipAuditLog';
+
+export const SkipAuditLog = () => SetMetadata(SKIP_AUDIT_LOG, true);

package/templates/core/filters/audit.interceptor.ts

@@ -0,0 +1,74 @@
+import { AuditService } from '@core/audit/audit.service';
+import {
+  CallHandler,
+  ExecutionContext,
+  Injectable,
+  NestInterceptor,
+} from '@nestjs/common';
+import { catchError, Observable, tap, throwError } from 'rxjs';
+import { SKIP_AUDIT_LOG } from './audit.decorator';
+import { Reflector } from '@nestjs/core';
+
+@Injectable()
+export class AuditInterceptor implements NestInterceptor {
+  constructor(
+    private reflector: Reflector,
+    private readonly auditService: AuditService,
+  ) {}
+
+  intercept(context: ExecutionContext, next: CallHandler): Observable<any> {
+    const shouldSkip = this.reflector.getAllAndOverride<boolean>(
+      SKIP_AUDIT_LOG,
+      [context.getHandler(), context.getClass()],
+    );
+
+    if (shouldSkip) {
+      return next.handle(); // 🚀 skip logging
+    }
+    const req = context.switchToHttp().getRequest();
+    const res = context.switchToHttp().getResponse();
+    const start = Date.now();
+
+    const log: any = {
+      userId: req.user?.id || 'anonymous',
+      action: this.getAction(req),
+      service: this.getServiceName(req),
+      method: req.method,
+      endpoint: req.originalUrl,
+      ipAddress: req.ip,
+      duration: Date.now() - start,
+    };
+    return next.handle().pipe(
+      tap(() => {
+        log.statusCode = res.statusCode;
+        log.duration = Date.now() - start;
+
+        // 🔥 fire-and-forget (don’t block response)
+        this.auditService.log(log).catch(() => {});
+      }),
+
+      catchError((error) => {
+        log.statusCode = error?.status || 500;
+        log.duration = Date.now() - start;
+
+        // 🔥 fire-and-forget
+        this.auditService.log(log).catch(() => {});
+
+        return throwError(() => error); // ✅ preserves error
+      }),
+    );
+  }
+
+  private getAction(req: any): string {
+    if (req.originalUrl.includes('login')) return 'LOGIN';
+    if (req.method === 'GET') return 'VIEW';
+    if (req.method === 'POST') return 'CREATE';
+    if (req.method === 'PUT') return 'UPDATE';
+    if (req.method === 'DELETE') return 'DELETE';
+    return 'UNKNOWN';
+  }
+
+  private getServiceName(req: any): string {
+    return req.originalUrl.split('/')[1] || 'general';
+  }
+}

package/templates/core/filters/http-exception.filter.ts

@@ -0,0 +1,43 @@
+import { BadRequestException, HttpStatus } from '@nestjs/common';
+import {
+  ExceptionFilter,
+  Catch,
+  ArgumentsHost,
+  HttpException,
+} from '@nestjs/common';
+import { Request, Response } from 'express';
+
+@Catch()
+export class HttpExceptionFilter implements ExceptionFilter {
+  catch(exception: any, host: ArgumentsHost) {
+    const ctx = host.switchToHttp();
+    const response = ctx.getResponse<Response>();
+    const request = ctx.getRequest<Request>();
+
+    let status = 500;
+    let message = 'Internal server error';
+
+    // If NestJS HttpException
+    if (exception instanceof HttpException) {
+      status = exception.getStatus();
+      const res: any = exception.getResponse();
+
+      if (res?.message) {
+        message = Array.isArray(res.message)
+          ? res.message.join(', ')
+          : res.message;
+      } else if (typeof res === 'string') {
+        message = res;
+      }
+    } else {
+      // Generic error (AWS, DynamoDB, etc)
+      message = exception?.message || message;
+    }
+    // console.error('🔥 ERROR CAUGHT:', message);
+
+    return response.status(status).json({
+      success: false,
+      message,
+    });
+  }
+}

package/templates/core/filters/success-message.decorator.ts

@@ -0,0 +1,5 @@
+import { SetMetadata } from '@nestjs/common';
+
+export const SUCCESS_MESSAGE_KEY = 'success_message';
+export const SuccessMessage = (message: string) =>
+  SetMetadata(SUCCESS_MESSAGE_KEY, message);

package/templates/core/filters/success-response.interceptor.ts

@@ -0,0 +1,35 @@
+import {
+  CallHandler,
+  ExecutionContext,
+  Injectable,
+  NestInterceptor,
+} from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+import { map } from 'rxjs';
+import { SUCCESS_MESSAGE_KEY } from './success-message.decorator';
+
+export interface ApiResponse<T = any> {
+  success: boolean;
+  message: string;
+  data?: T;
+}
+
+@Injectable()
+export class SuccessResponseInterceptor<T>
+  implements NestInterceptor<T, ApiResponse<T>>
+{
+  intercept(context: ExecutionContext, next: CallHandler) {
+    const handler = context.getHandler();
+    const reflector = new Reflector();
+
+    const customMessage = reflector.get<string>(SUCCESS_MESSAGE_KEY, handler);
+
+    return next.handle().pipe(
+      map((data) => ({
+        success: true,
+        message: customMessage ?? 'Request successful',
+        data,
+      })),
+    );
+  }
+}

package/templates/core/summarize/summarize.controller.ts

@@ -0,0 +1,74 @@
+import { Body, Controller, Post } from '@nestjs/common';
+import { SummarizeDto } from './summarize.dto';
+import {
+  BedrockRuntimeClient,
+  InvokeModelCommand,
+} from '@aws-sdk/client-bedrock-runtime';
+import { EnvironmentService } from '@core/constants/environment.service';
+
+import * as dotenv from 'dotenv';
+dotenv.config();
+
+@Controller('summarize')
+export class SummarizeController {
+  private client: BedrockRuntimeClient;
+  private bedrockModel!: any;
+  constructor(private readonly environment: EnvironmentService) {
+    console.log('Loading summarize');
+    this.client = new BedrockRuntimeClient({
+      region: this.environment?.region() || process.env.REGION,
+    });
+    this.bedrockModel =
+      this.environment?.BEDROCK_MODEL() || process.env.BEDROCK_MODEL;
+    console.log(
+      'bedrockModel',
+      this.bedrockModel,
+      this.environment?.BEDROCK_MODEL(),
+      process.env.BEDROCK_MODEL,
+    );
+  }
+
+  @Post('summarize')
+  async summarize(@Body() dto: SummarizeDto) {
+    try {
+      const prompt = `
+    Summarize the following text in a short paragraph:
+    
+    ${dto.text}
+    `;
+
+      const command = new InvokeModelCommand({
+        modelId: this.bedrockModel || 'anthropic.claude-3-haiku-20240307-v1:0',
+        contentType: 'application/json',
+        accept: 'application/json',
+        body: JSON.stringify({
+          anthropic_version: 'bedrock-2023-05-31',
+          max_tokens: 300,
+          messages: [
+            {
+              role: 'user',
+              content: [
+                {
+                  type: 'text',
+                  text: prompt,
+                },
+              ],
+            },
+          ],
+        }),
+      });
+
+      const response = await this.client.send(command);
+
+      const decoded = new TextDecoder().decode(response.body);
+
+      const parsed = JSON.parse(decoded);
+
+      return parsed.content[0].text;
+    } catch (err: any) {
+      console.error(err.message);
+      const msg = err?.message || JSON.stringify(err);
+      throw err;
+    }
+  }
+}

package/templates/core/summarize/summarize.dto.ts

@@ -0,0 +1,13 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsString, IsNotEmpty } from 'class-validator';
+
+export class SummarizeDto {
+  @ApiProperty({
+    example:
+      'Serverless architecture allows developers to build and run applications without managing infrastructure. AWS Lambda automatically scales...',
+    description: 'Long text to summarize',
+  })
+  @IsNotEmpty()
+  @IsString()
+  text!: string;
+}

package/templates/core/summarize/summarize.module.ts

@@ -0,0 +1,9 @@
+import { Module } from '@nestjs/common';
+import { SummarizeController } from './summarize.controller';
+import { SummarizeService } from './summarize.service';
+
+@Module({
+  controllers: [SummarizeController],
+  //   providers: [SummarizeService],
+})
+export class SummarizeModule {}