npm - nodejs-quickstart-structure - Versions diffs - 2.0.1 → 2.1.1 - Mend

nodejs-quickstart-structure 2.0.1 → 2.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (165) hide show

package/templates/common/package.json.ejs CHANGED Viewed

@@ -29,7 +29,8 @@
     "braces": "^3.0.3",
     "picomatch": "^4.0.4",
     "lodash": "^4.17.23",
-    "debounce": "^1.2.1"
+    "debounce": "^1.2.1",
+    "uuid": "^14.0.0"
   },
   "dependencies": {
     "express": "^4.18.2",
@@ -53,6 +54,9 @@
 <% if (viewEngine === 'EJS') { %>    "ejs": "^3.1.10",
 <% } -%>
 <% if (viewEngine === 'Pug') { %>    "pug": "^3.0.2",
+<% } -%>
+<% if (auth.includes('JWT')) { %>    "jsonwebtoken": "^9.0.2",
+    "bcryptjs": "^2.4.3",
 <% } -%>
     "cors": "^2.8.5",
     "helmet": "^7.1.0",
@@ -85,7 +89,9 @@
 <% } -%>
     "@types/morgan": "^1.9.9",
     "rimraf": "^6.0.1"<% if ((viewEngine && viewEngine !== 'None') || communication === 'REST APIs' || communication === 'Kafka') { %>,
-    "cpx2": "^8.0.0"<% } %><% } %>,
+    "cpx2": "^8.0.0"<% } %><% if (auth.includes('JWT')) { %>,
+    "@types/jsonwebtoken": "^9.0.6",
+    "@types/bcryptjs": "^2.4.6"<% } %><% } %>,
     "eslint": "^10.1.0",
     "@eslint/js": "^9.20.0",
     "globals": "^15.14.0",
@@ -108,6 +114,9 @@
     "tsc-alias": "^1.8.10",
     "@types/supertest": "^6.0.2"<% } else { %>,
     "jest": "^29.7.0",
+    "babel-jest": "^29.7.0",
+    "@babel/core": "^7.24.0",
+    "@babel/preset-env": "^7.24.0",
     "wait-on": "^7.2.0",
     "supertest": "^7.1.3"<% } %>
   },

package/templates/common/prompts/project-context.md.ejs CHANGED Viewed

@@ -16,6 +16,9 @@ You are an expert working on **<%= projectName %>**.
 <% if (caching !== 'None') { -%>
 - **Caching**: <%= caching %>
 <% } -%>
+<% if (auth.includes('JWT')) { -%>
+- **Authentication**: JWT (Access & Refresh Tokens)
+<% } -%>
 ## High-Level Architecture
 <% if (architecture === 'Clean Architecture') { -%>
@@ -34,7 +37,11 @@ We use the MVC (Model-View-Controller) pattern.
 ## Core Standards
 1. **Testing**: We enforce > 80% coverage. Tests use Jest and the AAA (Arrange, Act, Assert) pattern.
 2. **Error Handling**: We use centralized custom errors (e.g., `ApiError`) and global error middleware. Status codes come from standard constants, not hardcoded numbers.
-3. **Paths & Naming**:
+3. **Security**:
+   <% if (auth.includes('JWT')) { %>- Use `authMiddleware` for protected routes.<% } %>
+   - Validate and sanitize all inputs to prevent injection and XSS.
+   - Never expose sensitive data (passwords, inner keys) in API responses.
+4. **Paths & Naming**:
 <% if (language === 'TypeScript') { -%>
    - We use `@/` path aliases for internal imports.
 <% } -%>

package/templates/common/src/tests/e2e/e2e.users.test.js.ejs CHANGED Viewed

@@ -3,118 +3,160 @@ const request = require('supertest');
 const SERVER_URL = process.env.TEST_URL || `http://127.0.0.1:${process.env.PORT || 3001}`;
 describe('E2E User Tests', () => {
-  // Global setup and teardown hooks can be added here
-  // typically for database seeding or external authentication checks prior to E2E.
-  let userId;
-  const uniqueEmail = `test_${Date.now()}@example.com`;
+    let userId;
+<%_ if (auth.includes('JWT')) { _%>
+    let authToken;
+<%_ } _%>
+    const uniqueEmail = `test_${Date.now()}@example.com`;
+<%_ if (auth.includes('JWT')) { _%>
+    const testPassword = 'password123';
+<%_ } _%>
+<%_ if (auth.includes('JWT')) { _%>
+    it('should fail to fetch users without token (Protected)', async () => {
+<%_ if (communication === 'GraphQL') { _%>
+        const query = `{ getAllUsers { id name } }`;
+        const response = await request(SERVER_URL).post('/graphql').send({ query });
+        // In GraphQL errors are usually in the body with 200/400 status
+        if (response.statusCode === 200 && response.body.errors) {
+          expect(response.body.errors[0].message.toLowerCase()).toContain('unauthorized');
+        } else {
+          expect([401, 400]).toContain(response.statusCode);
+        }
+<%_ } else { _%>
+        const response = await request(SERVER_URL).get('/api/users');
+        expect(response.statusCode).toBe(401);
+<%_ } _%>
+    });
+<%_ } _%>
 <%_ if (communication === 'GraphQL') { -%>
-  it('should create a user via GraphQL', async () => {
-    const query = `
-      mutation {
-        createUser(name: "Test User", email: "${uniqueEmail}") {
-          id
-          name
-          email
-        }
-      }
-    `;
-    const response = await request(SERVER_URL)
-      .post('/graphql')
-      .send({ query });
-    expect(response.statusCode).toBe(200);
-    userId = response.body.data.createUser.id;
-    expect(userId).toBeDefined();
-  });
-  it('should update a user via GraphQL', async () => {
-    const query = `
-      mutation {
-        updateUser(id: "${userId}", name: "Updated User") {
-          id
-          name
-        }
-      }
-    `;
-    const response = await request(SERVER_URL)
-      .post('/graphql')
-      .send({ query });
-    expect(response.statusCode).toBe(200);
-    expect(response.body.data.updateUser.name).toBe("Updated User");
-  });
-  it('should delete a user via GraphQL', async () => {
-    const query = `
-      mutation {
-        deleteUser(id: "${userId}")
-      }
-    `;
-    const response = await request(SERVER_URL)
-      .post('/graphql')
-      .send({ query });
-    expect(response.statusCode).toBe(200);
-    expect(response.body.data.deleteUser).toBe(true);
-  });
-<%_ } else if (communication === 'Kafka') { -%>
-  it('should trigger Kafka event for user creation', async () => {
-    const response = await request(SERVER_URL)
-      .post('/api/users')
-      .send({ name: 'Test User', email: uniqueEmail });
-    expect([201, 202]).toContain(response.statusCode);
-    userId = response.body.id || response.body._id;
-    expect(userId).toBeDefined();
-    // Wait for Kafka to process...
-    await new Promise(resolve => setTimeout(resolve, 500));
-  });
-  it('should trigger Kafka event for user update', async () => {
-    const response = await request(SERVER_URL)
-      .patch(`/api/users/${userId}`)
-      .send({ name: 'Updated User' });
-    expect([200, 202, 204]).toContain(response.statusCode);
-    // Wait for Kafka to process...
-    await new Promise(resolve => setTimeout(resolve, 500));
-  });
-  it('should trigger Kafka event for user deletion', async () => {
-    const response = await request(SERVER_URL)
-      .delete(`/api/users/${userId}`);
-    expect([200, 202, 204]).toContain(response.statusCode);
-    // Wait for Kafka to process...
-    await new Promise(resolve => setTimeout(resolve, 500));
-  });
+    it('should create a user via GraphQL', async () => {
+        const query = `
+            mutation {
+                createUser(name: "Test User", email: "${uniqueEmail}"<%_ if (auth.includes('JWT')) { _%>, password: "${testPassword}"<%_ } _%>) {
+                    id
+                    name
+                    email
+                }
+            }
+        `;
+        const response = await request(SERVER_URL)
+            .post('/graphql')
+            .send({ query });
+        expect(response.statusCode).toBe(200);
+        expect(response.body.errors).toBeUndefined();
+        userId = response.body.data.createUser.id;
+        expect(userId).toBeDefined();
+    });
 <%_ } else { -%>
-  it('should create a user successfully via REST', async () => {
-    const response = await request(SERVER_URL)
-      .post('/api/users')
-      .send({ name: 'Test User', email: uniqueEmail });
-    expect(response.statusCode).toBe(201);
-    userId = response.body.id || response.body._id;
-  });
-  it('should update a user successfully via REST', async () => {
-    const response = await request(SERVER_URL)
-      .patch(`/api/users/${userId}`)
-      .send({ name: 'Updated User' });
+    it('should create a user successfully (Signup)', async () => {
+        const response = await request(SERVER_URL)
+            .post('/api/users')
+            .send({ name: 'Test User', email: uniqueEmail<%_ if (auth.includes('JWT')) { _%>, password: testPassword <%_ } _%>});
+        expect([201, 202]).toContain(response.statusCode);
+        userId = response.body.id || response.body._id;
+    });
+<%_ } -%>
-    expect(response.statusCode).toBe(200);
-  });
+<%_ if (auth.includes('JWT')) { _%>
+    it('should login and obtain a JWT token', async () => {
+        const response = await request(SERVER_URL)
+            .post('/api/auth/login')
+            .send({ email: uniqueEmail, password: testPassword });
-  it('should delete a user successfully via REST', async () => {
-    const response = await request(SERVER_URL)
-      .delete(`/api/users/${userId}`);
+        expect(response.statusCode).toBe(200);
+        expect(response.body.accessToken || response.body.token).toBeDefined();
+        authToken = response.body.accessToken || response.body.token;
+    });
+<%_ } _%>
-    expect(response.statusCode).toBe(200);
-  });
+<%_ if (communication === 'GraphQL') { -%>
+    it('should fetch all users via GraphQL', async () => {
+        const query = `{ getAllUsers { id name email } }`;
+        const response = await request(SERVER_URL)
+            .post('/graphql')
+            <%_ if (auth.includes('JWT')) { _%>
+            .set('Authorization', `Bearer ${authToken}`)
+            <%_ } _%>
+            .send({ query });
+        expect(response.statusCode).toBe(200);
+        expect(Array.isArray(response.body.data.getAllUsers)).toBe(true);
+        const user = response.body.data.getAllUsers.find(u => u.id === userId);
+        expect(user).toBeDefined();
+    });
+    it('should update a user via GraphQL', async () => {
+        const query = `
+            mutation {
+                updateUser(id: "${userId}", name: "Updated User") {
+                    id
+                    name
+                }
+            }
+        `;
+        const response = await request(SERVER_URL)
+            .post('/graphql')
+            <%_ if (auth.includes('JWT')) { _%>
+            .set('Authorization', `Bearer ${authToken}`)
+            <%_ } _%>
+            .set('Content-Type', 'application/json')
+            .send({ query });
+        expect(response.statusCode).toBe(200);
+        expect(response.body.data.updateUser.name).toBe("Updated User");
+    });
+    it('should delete a user via GraphQL', async () => {
+        const query = `
+            mutation {
+                deleteUser(id: "${userId}")
+            }
+        `;
+        const response = await request(SERVER_URL)
+            .post('/graphql')
+            <%_ if (auth.includes('JWT')) { _%>
+            .set('Authorization', `Bearer ${authToken}`)
+            <%_ } _%>
+            .set('Content-Type', 'application/json')
+            .send({ query });
+        expect(response.statusCode).toBe(200);
+        expect(response.body.data.deleteUser).toBe(true);
+    });
+<%_ } else { -%>
+    it('should fetch users successfully', async () => {
+        const response = await request(SERVER_URL)
+            .get('/api/users')
+            <%_ if (auth.includes('JWT')) { _%>
+            .set('Authorization', `Bearer ${authToken}`);
+            <%_ } _%>
+        expect(response.statusCode).toBe(200);
+        expect(Array.isArray(response.body)).toBe(true);
+    });
+    it('should update a user successfully', async () => {
+        const response = await request(SERVER_URL)
+            .patch(`/api/users/${userId}`)
+            <%_ if (auth.includes('JWT')) { _%>
+            .set('Authorization', `Bearer ${authToken}`)
+            <%_ } _%>
+            .send({ name: 'Updated User' });
+        expect([200, 202, 204]).toContain(response.statusCode);
+    });
+    it('should delete a user successfully', async () => {
+        const response = await request(SERVER_URL)
+            .delete(`/api/users/${userId}`)
+            <%_ if (auth.includes('JWT')) { _%>
+            .set('Authorization', `Bearer ${authToken}`)
+            <%_ } _%>;
+        expect([200, 202, 204]).toContain(response.statusCode);
+    });
 <%_ } -%>
 });

package/templates/common/src/tests/e2e/e2e.users.test.ts.ejs CHANGED Viewed

@@ -3,16 +3,37 @@ import request from 'supertest';
 const SERVER_URL = process.env.TEST_URL || `http://127.0.0.1:${process.env.PORT || 3001}`;
 describe('E2E User Tests', () => {
-  // Global setup and teardown hooks can be added here
-  // typically for database seeding or external authentication checks prior to E2E.
   let userId: string;
+<%_ if (auth.includes('JWT')) { _%>
+  let authToken: string;
+<%_ } _%>
   const uniqueEmail = `test_${Date.now()}@example.com`;
+<%_ if (auth.includes('JWT')) { _%>
+  const testPassword = 'password123';
+<%_ } _%>
+<%_ if (auth.includes('JWT')) { _%>
+  it('should fail to fetch users without token (Protected)', async () => {
+<%_ if (communication === 'GraphQL') { _%>
+    const query = `{ getAllUsers { id name } }`;
+    const response = await request(SERVER_URL).post('/graphql').send({ query });
+    if (response.statusCode === 200 && response.body.errors) {
+      expect(response.body.errors[0].message.toLowerCase()).toContain('unauthorized');
+    } else {
+      expect([401, 400]).toContain(response.statusCode);
+    }
+<%_ } else { _%>
+    const response = await request(SERVER_URL).get('/api/users');
+    expect(response.statusCode).toBe(401);
+<%_ } _%>
+  });
+<%_ } _%>
 <%_ if (communication === 'GraphQL') { -%>
   it('should create a user via GraphQL', async () => {
     const query = `
       mutation {
-        createUser(name: "Test User", email: "${uniqueEmail}") {
+        createUser(name: "Test User", email: "${uniqueEmail}"<%_ if (auth.includes('JWT')) { _%>, password: "${testPassword}"<%_ } _%>) {
           id
           name
           email
@@ -24,9 +45,48 @@ describe('E2E User Tests', () => {
       .send({ query });
     expect(response.statusCode).toBe(200);
+    expect(response.body.errors).toBeUndefined();
     userId = response.body.data.createUser.id;
     expect(userId).toBeDefined();
   });
+<%_ } else { -%>
+  it('should create a user successfully (Signup)', async () => {
+    const response = await request(SERVER_URL)
+      .post('/api/users')
+      .send({ name: 'Test User', email: uniqueEmail<%_ if (auth.includes('JWT')) { _%>, password: testPassword <%_ } _%>});
+    expect([201, 202]).toContain(response.statusCode);
+    userId = response.body.id || response.body._id;
+  });
+<%_ } -%>
+<%_ if (auth.includes('JWT')) { _%>
+  it('should login and obtain a JWT token', async () => {
+    const response = await request(SERVER_URL)
+      .post('/api/auth/login')
+      .send({ email: uniqueEmail, password: testPassword });
+    expect(response.statusCode).toBe(200);
+    expect(response.body.accessToken || response.body.token).toBeDefined();
+    authToken = response.body.accessToken || response.body.token;
+  });
+<%_ } _%>
+<%_ if (communication === 'GraphQL') { -%>
+  it('should fetch all users via GraphQL', async () => {
+    const query = `{ getAllUsers { id name email } }`;
+    const response = await request(SERVER_URL)
+      .post('/graphql')
+      <%_ if (auth.includes('JWT')) { _%>
+      .set('Authorization', `Bearer ${authToken}`)
+      <%_ } _%>
+      .send({ query });
+    expect(response.statusCode).toBe(200);
+    expect(Array.isArray(response.body.data.getAllUsers)).toBe(true);
+    const user = response.body.data.getAllUsers.find((u: any) => u.id === userId);
+    expect(user).toBeDefined();
+  });
   it('should update a user via GraphQL', async () => {
     const query = `
@@ -39,6 +99,10 @@ describe('E2E User Tests', () => {
     `;
     const response = await request(SERVER_URL)
       .post('/graphql')
+      <%_ if (auth.includes('JWT')) { _%>
+      .set('Authorization', `Bearer ${authToken}`)
+      <%_ } _%>
+      .set('Content-Type', 'application/json')
       .send({ query });
     expect(response.statusCode).toBe(200);
@@ -53,68 +117,45 @@ describe('E2E User Tests', () => {
     `;
     const response = await request(SERVER_URL)
       .post('/graphql')
+      <%_ if (auth.includes('JWT')) { _%>
+      .set('Authorization', `Bearer ${authToken}`)
+      <%_ } _%>
+      .set('Content-Type', 'application/json')
       .send({ query });
     expect(response.statusCode).toBe(200);
     expect(response.body.data.deleteUser).toBe(true);
   });
-<%_ } else if (communication === 'Kafka') { -%>
-  it('should trigger Kafka event for user creation', async () => {
+<%_ } else { -%>
+  it('should fetch users successfully', async () => {
     const response = await request(SERVER_URL)
-      .post('/api/users')
-      .send({ name: 'Test User', email: uniqueEmail });
-    expect([201, 202]).toContain(response.statusCode);
-    userId = response.body.id || response.body._id;
-    expect(userId).toBeDefined();
-    // Wait for Kafka to process...
-    await new Promise(resolve => setTimeout(resolve, 500));
+      .get('/api/users')
+      <%_ if (auth.includes('JWT')) { _%>
+      .set('Authorization', `Bearer ${authToken}`)
+      <%_ } _%>;
+    expect(response.statusCode).toBe(200);
+    expect(Array.isArray(response.body)).toBe(true);
   });
-  it('should trigger Kafka event for user update', async () => {
+  it('should update a user successfully', async () => {
     const response = await request(SERVER_URL)
       .patch(`/api/users/${userId}`)
+      <%_ if (auth.includes('JWT')) { _%>
+      .set('Authorization', `Bearer ${authToken}`)
+      <%_ } _%>
       .send({ name: 'Updated User' });
     expect([200, 202, 204]).toContain(response.statusCode);
-    // Wait for Kafka to process...
-    await new Promise(resolve => setTimeout(resolve, 500));
   });
-  it('should trigger Kafka event for user deletion', async () => {
+  it('should delete a user successfully', async () => {
     const response = await request(SERVER_URL)
-      .delete(`/api/users/${userId}`);
+      .delete(`/api/users/${userId}`)
+      <%_ if (auth.includes('JWT')) { _%>
+      .set('Authorization', `Bearer ${authToken}`)
+      <%_ } _%>;
     expect([200, 202, 204]).toContain(response.statusCode);
-    // Wait for Kafka to process...
-    await new Promise(resolve => setTimeout(resolve, 500));
-  });
-<%_ } else { -%>
-  it('should create a user successfully via REST', async () => {
-    const response = await request(SERVER_URL)
-      .post('/api/users')
-      .send({ name: 'Test User', email: uniqueEmail });
-    expect(response.statusCode).toBe(201);
-    userId = response.body.id || response.body._id;
-  });
-  it('should update a user successfully via REST', async () => {
-    const response = await request(SERVER_URL)
-      .patch(`/api/users/${userId}`)
-      .send({ name: 'Updated User' });
-    expect(response.statusCode).toBe(200);
-  });
-  it('should delete a user successfully via REST', async () => {
-    const response = await request(SERVER_URL)
-      .delete(`/api/users/${userId}`);
-    expect(response.statusCode).toBe(200);
   });
 <%_ } -%>
 });