nodejs-quickstart-structure 2.1.2 → 2.2.0

package/templates/common/auth/ts/services/socialAuthService.spec.ts.ejs

@@ -0,0 +1,187 @@
+import axios from 'axios';
+<% if (architecture === 'MVC') { -%>
+import { SocialAuthService } from '@/services/socialAuthService';
+<% } else { -%>
+import { GoogleProvider, GitHubProvider } from '@/infrastructure/auth/socialAuthService';
+<% } -%>
+
+jest.mock('axios');
+jest.mock('<% if (architecture === "MVC") { %>@/utils/logger<% } else { %>@/infrastructure/log/logger<% } %>', () => ({
+  error: jest.fn(),
+  info: jest.fn(),
+  warn: jest.fn(),
+}));
+
+// Mock environment variables for testing
+process.env.GOOGLE_CLIENT_ID = 'test-google-id';
+process.env.GOOGLE_CLIENT_SECRET = 'test-google-secret';
+process.env.GITHUB_CLIENT_ID = 'test-github-id';
+process.env.GITHUB_CLIENT_SECRET = 'test-github-secret';
+
+describe('SocialAuthService', () => {
+  afterEach(() => {
+    jest.clearAllMocks();
+  });
+
+<% if (socialAuth.includes('Google')) { -%>
+  describe('Google Provider', () => {
+    it('should exchange code for profile', async () => {
+      const mockTokenResponse = { data: { access_token: 'mock_access_token' } };
+      const mockProfileResponse = {
+        data: {
+          id: '123',
+          email: 'test@gmail.com',
+          name: 'Test User',
+          picture: 'http://pic.com/123.jpg'
+        }
+      };
+
+      (axios.post as jest.Mock).mockResolvedValue(mockTokenResponse);
+      (axios.get as jest.Mock).mockResolvedValue(mockProfileResponse);
+
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const provider = new GoogleProvider();
+      const profile = await provider.getProfile('test_code', 'http://localhost/callback');
+      <%_ } else { _%>
+      const profile = await SocialAuthService.getGoogleProfile('test_code', 'http://localhost/callback');
+      <%_ } _%>
+
+      expect(axios.post).toHaveBeenCalled();
+      expect(axios.get).toHaveBeenCalledWith('https://www.googleapis.com/oauth2/v2/userinfo', {
+        headers: { Authorization: 'Bearer mock_access_token' },
+      });
+      expect(profile.email).toBe('test@gmail.com');
+      expect(profile.name).toBe('Test User');
+    });
+
+    it('should throw error if token exchange fails', async () => {
+      (axios.post as jest.Mock).mockRejectedValue(new Error('Network error'));
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const provider = new GoogleProvider();
+      await expect(provider.getProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGoogleProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } _%>
+    });
+
+    it('should handle Axios errors', async () => {
+      const axiosError = new Error('Request failed');
+      (axiosError as any).isAxiosError = true;
+      (axiosError as any).response = { data: { message: 'OAuth Error' } };
+      (axios.isAxiosError as unknown as jest.Mock).mockReturnValue(true);
+      (axios.post as jest.Mock).mockRejectedValue(axiosError);
+
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const provider = new GoogleProvider();
+      await expect(provider.getProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGoogleProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } _%>
+    });
+
+    it('should handle invalid_grant hint in Google', async () => {
+      const axiosError = new Error('Request failed');
+      (axiosError as any).isAxiosError = true;
+      (axiosError as any).response = { data: { error: 'invalid_grant' } };
+      (axios.isAxiosError as unknown as jest.Mock).mockReturnValue(true);
+      (axios.post as jest.Mock).mockRejectedValue(axiosError);
+
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const provider = new GoogleProvider();
+      await expect(provider.getProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGoogleProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } _%>
+    });
+
+    it('should handle non-Axios errors', async () => {
+      (axios.isAxiosError as unknown as jest.Mock).mockReturnValue(false);
+      (axios.post as jest.Mock).mockRejectedValue(new Error('Unexpected error'));
+
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const provider = new GoogleProvider();
+      await expect(provider.getProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGoogleProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } _%>
+    });
+  });
+<% } -%>
+
+<% if (socialAuth.includes('GitHub')) { -%>
+  describe('GitHub Provider', () => {
+    it('should exchange code for profile', async () => {
+      const mockTokenResponse = { data: { access_token: 'mock_access_token' } };
+      const mockProfileResponse = {
+        data: { id: 456, login: 'testuser', name: 'Test Github User' }
+      };
+      const mockEmailsResponse = {
+        data: [{ email: 'github@test.com', primary: true }]
+      };
+
+      (axios.post as jest.Mock).mockResolvedValue(mockTokenResponse);
+      (axios.get as jest.Mock)
+        .mockResolvedValueOnce(mockProfileResponse)
+        .mockResolvedValueOnce(mockEmailsResponse);
+
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const provider = new GitHubProvider();
+      const profile = await provider.getProfile('test_code');
+      <%_ } else { _%>
+      const profile = await SocialAuthService.getGithubProfile('test_code');
+      <%_ } _%>
+
+      expect(axios.post).toHaveBeenCalled();
+      expect(profile.email).toBe('github@test.com');
+      expect(profile.id).toBe('456');
+    });
+
+    it('should throw error if token exchange fails', async () => {
+      (axios.post as jest.Mock).mockRejectedValue(new Error('Network error'));
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const provider = new GitHubProvider();
+      await expect(provider.getProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGithubProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } _%>
+    });
+
+    it('should handle Axios errors', async () => {
+      const axiosError = new Error('Request failed');
+      (axiosError as any).isAxiosError = true;
+      (axiosError as any).response = { data: { message: 'OAuth Error' } };
+      (axios.isAxiosError as unknown as jest.Mock).mockReturnValue(true);
+      (axios.post as jest.Mock).mockRejectedValue(axiosError);
+
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const provider = new GitHubProvider();
+      await expect(provider.getProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGithubProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } _%>
+    });
+
+    it('should throw error if access_token is missing from GitHub', async () => {
+      (axios.post as jest.Mock).mockResolvedValue({ data: {} });
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const provider = new GitHubProvider();
+      await expect(provider.getProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGithubProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } _%>
+    });
+
+    it('should handle non-Axios errors in GitHub', async () => {
+      (axios.isAxiosError as unknown as jest.Mock).mockReturnValue(false);
+      (axios.post as jest.Mock).mockRejectedValue(new Error('Unexpected error'));
+
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const provider = new GitHubProvider();
+      await expect(provider.getProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGithubProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } _%>
+    });
+  });
+<% } -%>
+});

package/templates/common/auth/ts/services/socialAuthService.ts.ejs

@@ -0,0 +1,189 @@
+<% if (architecture === 'MVC') { -%>
+import logger from '@/utils/logger';
+<% } else { -%>
+import logger from '@/infrastructure/log/logger';
+<% } -%>
+import axios from 'axios';
+
+<% if (architecture === 'Clean Architecture') { -%>
+export interface ISocialProfile {
+  id: string;
+  email: string;
+  name: string;
+  picture?: string;
+}
+
+export interface ISocialProvider {
+  name: string;
+  getProfile(code: string, redirectUri?: string): Promise<ISocialProfile>;
+}
+
+<% if (socialAuth.includes('Google')) { -%>
+export class GoogleProvider implements ISocialProvider {
+  name = 'Google';
+  async getProfile(code: string, redirectUri: string): Promise<ISocialProfile> {
+    try {
+      const params = new URLSearchParams();
+      params.append('code', code);
+      params.append('client_id', process.env.GOOGLE_CLIENT_ID!);
+      params.append('client_secret', process.env.GOOGLE_CLIENT_SECRET!);
+      params.append('redirect_uri', redirectUri);
+      params.append('grant_type', 'authorization_code');
+
+      const tokenResponse = await axios.post('https://oauth2.googleapis.com/token', params.toString(), {
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' }
+      });
+
+      const { access_token } = tokenResponse.data;
+      const profileResponse = await axios.get('https://www.googleapis.com/oauth2/v2/userinfo', {
+        headers: { Authorization: `Bearer ${access_token}` },
+      });
+
+      return {
+        id: profileResponse.data.id,
+        email: profileResponse.data.email,
+        name: profileResponse.data.name,
+        picture: profileResponse.data.picture
+      };
+    } catch (error: unknown) {
+      if (axios.isAxiosError(error)) {
+        logger.error('Google OAuth error:', error.response?.data || error.message);
+      } else {
+        logger.error('Google OAuth error:', (error as Error).message);
+      }
+      throw new Error('Failed to authenticate with Google');
+    }
+  }
+}
+<% } -%>
+
+<% if (socialAuth.includes('GitHub')) { -%>
+export class GitHubProvider implements ISocialProvider {
+  name = 'GitHub';
+  async getProfile(code: string): Promise<ISocialProfile> {
+    try {
+      const tokenResponse = await axios.post(
+        'https://github.com/login/oauth/access_token',
+        {
+          client_id: process.env.GITHUB_CLIENT_ID,
+          client_secret: process.env.GITHUB_CLIENT_SECRET,
+          code,
+        },
+        { headers: { Accept: 'application/json' } }
+      );
+
+      const { access_token } = tokenResponse.data;
+      if (!access_token) throw new Error('No access token returned from GitHub');
+
+      const [profileRes, emailsRes] = await Promise.all([
+        axios.get('https://api.github.com/user', { headers: { Authorization: `Bearer ${access_token}` } }),
+        axios.get('https://api.github.com/user/emails', { headers: { Authorization: `Bearer ${access_token}` } })
+      ]);
+
+      const email = emailsRes.data.find((e: { primary: boolean; email: string }) => e.primary)?.email || emailsRes.data[0]?.email;
+
+      return {
+        id: profileRes.data.id.toString(),
+        email,
+        name: profileRes.data.name || profileRes.data.login,
+      };
+    } catch (error: unknown) {
+      if (axios.isAxiosError(error)) {
+        logger.error('GitHub OAuth error:', error.response?.data || error.message);
+      } else {
+        logger.error('GitHub OAuth error:', (error as Error).message);
+      }
+      throw new Error('Failed to authenticate with GitHub');
+    }
+  }
+}
+<% } -%>
+
+<% } else { -%>
+export class SocialAuthService {
+<% if (socialAuth.includes('Google')) { -%>
+  static async getGoogleProfile(code: string, redirectUri: string) {
+    try {
+      const params = new URLSearchParams();
+      params.append('code', code);
+      params.append('client_id', process.env.GOOGLE_CLIENT_ID!);
+      params.append('client_secret', process.env.GOOGLE_CLIENT_SECRET!);
+      params.append('redirect_uri', redirectUri);
+      params.append('grant_type', 'authorization_code');
+
+      const tokenResponse = await axios.post('https://oauth2.googleapis.com/token', params.toString(), {
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' }
+      });
+
+      const { access_token } = tokenResponse.data;
+
+      const profileResponse = await axios.get('https://www.googleapis.com/oauth2/v2/userinfo', {
+        headers: { Authorization: `Bearer ${access_token}` },
+      });
+
+      return {
+        id: profileResponse.data.id,
+        email: profileResponse.data.email,
+        name: profileResponse.data.name,
+        picture: profileResponse.data.picture
+      };
+    } catch (error: unknown) {
+      if (axios.isAxiosError(error)) {
+        const detail = error.response?.data;
+        logger.error('Google OAuth error:', detail || error.message);
+        if (detail?.error === 'invalid_grant') {
+          logger.error('HINT: The code is likely expired or already used. Get a new one!');
+        }
+      } else {
+        logger.error('Google OAuth error:', (error as Error).message);
+      }
+      throw new Error('Failed to authenticate with Google');
+    }
+  }
+<% } -%>
+
+<% if (socialAuth.includes('GitHub')) { -%>
+  static async getGithubProfile(code: string) {
+    try {
+      const tokenResponse = await axios.post(
+        'https://github.com/login/oauth/access_token',
+        {
+          client_id: process.env.GITHUB_CLIENT_ID,
+          client_secret: process.env.GITHUB_CLIENT_SECRET,
+          code,
+        },
+        { headers: { Accept: 'application/json' } }
+      );
+
+      const { access_token } = tokenResponse.data;
+      if (!access_token) {
+        throw new Error('No access token returned from GitHub');
+      }
+
+      const profileResponse = await axios.get('https://api.github.com/user', {
+        headers: { Authorization: `Bearer ${access_token}` },
+      });
+
+      const emailsResponse = await axios.get('https://api.github.com/user/emails', {
+        headers: { Authorization: `Bearer ${access_token}` },
+      });
+
+      const primaryEmail = emailsResponse.data.find((e: { primary: boolean; email: string }) => e.primary)?.email || emailsResponse.data[0]?.email;
+
+      return {
+        id: profileResponse.data.id.toString(),
+        email: primaryEmail,
+        name: profileResponse.data.name || profileResponse.data.login,
+      };
+    } catch (error: unknown) {
+      if (axios.isAxiosError(error)) {
+        logger.error('GitHub OAuth error:', error.response?.data || error.message);
+      } else {
+        logger.error('GitHub OAuth error:', (error as Error).message);
+      }
+      throw new Error('Failed to authenticate with GitHub');
+    }
+  }
+<% } -%>
+}
+<% } -%>

package/templates/common/auth/ts/usecases/SocialLoginUseCase.spec.ts.ejs

@@ -0,0 +1,143 @@
+jest.mock('<%= (architecture === "MVC") ? "@/services/jwtService" : "@/infrastructure/auth/jwtService" %>');
+<%_ if (architecture === 'Clean Architecture') { _%>
+jest.mock('@/infrastructure/repositories/UserRepository', () => ({
+  UserRepository: jest.fn().mockImplementation(() => ({
+    findByEmail: jest.fn(),
+    save: jest.fn(),
+    update: jest.fn(),
+  })),
+}));
+import { UserRepository } from '@/infrastructure/repositories/UserRepository';
+<%_ } else { _%>
+jest.mock('<%= (architecture === "MVC") ? "@/models/User" : "@/infrastructure/database/models/User" %>', () => ({
+  findOne: jest.fn(),
+  create: jest.fn(),
+  update: jest.fn(),
+}));
+import User from '<%= (architecture === "MVC") ? "@/models/User" : "@/infrastructure/database/models/User" %>';
+<%_ } _%>
+
+import { SocialLoginUseCase } from '@/usecases/auth/socialLoginUseCase';
+import { JwtService } from '<%= (architecture === "MVC") ? "@/services/jwtService" : "@/infrastructure/auth/jwtService" %>';
+
+describe('SocialLoginUseCase', () => {
+  let useCase: SocialLoginUseCase;
+  let mockProvider: any;
+  <%_ if (architecture === 'Clean Architecture') { _%>
+  let mockRepo: any;
+  <%_ } _%>
+
+  beforeEach(() => {
+    mockProvider = {
+      name: 'Google',
+      getProfile: jest.fn(),
+    };
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    mockRepo = new UserRepository();
+    useCase = new SocialLoginUseCase(mockProvider, mockRepo);
+    <%_ } else { _%>
+    useCase = new SocialLoginUseCase(mockProvider);
+    <%_ } _%>
+    jest.clearAllMocks();
+  });
+
+  it('should find existing user and generate tokens', async () => {
+    const mockProfile = { id: 'google-123', email: 'test@test.com', name: 'Test User' };
+    const mockUser = { id: '1', email: 'test@test.com', googleId: null };
+    
+    mockProvider.getProfile.mockResolvedValue(mockProfile);
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    mockRepo.findByEmail.mockResolvedValue(mockUser);
+    <%_ } else { _%>
+    (User.findOne as jest.Mock).mockResolvedValue(mockUser);
+    <%_ } _%>
+    (JwtService.generateToken as jest.Mock).mockReturnValue('access-token');
+    (JwtService.generateRefreshToken as jest.Mock).mockReturnValue('refresh-token');
+
+    const result = await useCase.execute('test-code');
+
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    expect(mockRepo.findByEmail).toHaveBeenCalled();
+    <%_ } else { _%>
+    expect(User.findOne).toHaveBeenCalled();
+    <%_ } _%>
+    expect(result.accessToken).toBe('access-token');
+  });
+
+  it('should create new user if not exists', async () => {
+    const mockProfile = { id: 'google-456', email: 'new@test.com', name: 'New User' };
+    const mockUser = { id: '2', email: 'new@test.com' };
+    
+    mockProvider.getProfile.mockResolvedValue(mockProfile);
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    mockRepo.findByEmail.mockResolvedValue(null);
+    mockRepo.save.mockResolvedValue(mockUser);
+    <%_ } else { _%>
+    (User.findOne as jest.Mock).mockResolvedValue(null);
+    (User.create as jest.Mock).mockResolvedValue(mockUser);
+    <%_ } _%>
+    (JwtService.generateToken as jest.Mock).mockReturnValue('access-token');
+    (JwtService.generateRefreshToken as jest.Mock).mockReturnValue('refresh-token');
+
+    await useCase.execute('test-code');
+
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    expect(mockRepo.save).toHaveBeenCalled();
+    <%_ } else { _%>
+    expect(User.create).toHaveBeenCalled();
+    <%_ } _%>
+  });
+
+  it('should link GitHub ID if existing user does not have it', async () => {
+    mockProvider.name = 'GitHub';
+    const mockProfile = { id: 'github-789', email: 'test@test.com', name: 'Test User' };
+    const mockUser = { id: '1', email: 'test@test.com', githubId: null };
+    
+    mockProvider.getProfile.mockResolvedValue(mockProfile);
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    mockRepo.findByEmail.mockResolvedValue(mockUser);
+    <%_ } else { _%>
+    (User.findOne as jest.Mock).mockResolvedValue(mockUser);
+    <%_ } _%>
+    (JwtService.generateToken as jest.Mock).mockReturnValue('access-token');
+    (JwtService.generateRefreshToken as jest.Mock).mockReturnValue('refresh-token');
+
+    await useCase.execute('test-code');
+
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    expect(mockRepo.update).toHaveBeenCalledWith('1', expect.objectContaining({ githubId: 'github-789' }));
+    <%_ } else { _%>
+    <%_ if (database === 'MongoDB') { _%>
+    expect(mockUser.save || jest.fn()).toHaveBeenCalled();
+    <%_ } else { _%>
+    expect(User.update || jest.fn()).toHaveBeenCalled();
+    <%_ } _%>
+    <%_ } _%>
+  });
+
+  it('should link Google ID if existing user does not have it', async () => {
+    mockProvider.name = 'Google';
+    const mockProfile = { id: 'google-789', email: 'test@test.com', name: 'Test User' };
+    const mockUser = { id: '1', email: 'test@test.com', googleId: null };
+    
+    mockProvider.getProfile.mockResolvedValue(mockProfile);
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    mockRepo.findByEmail.mockResolvedValue(mockUser);
+    <%_ } else { _%>
+    (User.findOne as jest.Mock).mockResolvedValue(mockUser);
+    <%_ } _%>
+    (JwtService.generateToken as jest.Mock).mockReturnValue('access-token');
+    (JwtService.generateRefreshToken as jest.Mock).mockReturnValue('refresh-token');
+
+    await useCase.execute('test-code');
+
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    expect(mockRepo.update).toHaveBeenCalledWith('1', expect.objectContaining({ googleId: 'google-789' }));
+    <%_ } _%>
+  });
+
+  it('should throw error if profile has no email', async () => {
+    mockProvider.getProfile.mockResolvedValue({ id: '123' }); // No email
+    await expect(useCase.execute('test-code')).rejects.toThrow('No email associated with this social account');
+  });
+});

package/templates/common/auth/ts/usecases/SocialLoginUseCase.ts.ejs

@@ -0,0 +1,117 @@
+import { ISocialProvider } from '@/infrastructure/auth/socialAuthService';
+import { JwtService } from '@/infrastructure/auth/jwtService';
+<%_ if (architecture === 'Clean Architecture') { _%>
+import { UserRepository } from '@/infrastructure/repositories/UserRepository';
+import { User } from '@/domain/user';
+<%_ } else { _%>
+import User from '@/infrastructure/database/models/User';
+<%_ } _%>
+
+export class SocialLoginUseCase {
+  constructor(
+    private provider: ISocialProvider,
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    private userRepository: UserRepository
+    <%_ } _%>
+  ) {}
+
+  async execute(code: string, redirectUri?: string) {
+    const profile = await this.provider.getProfile(code, redirectUri);
+
+    if (!profile || !profile.email) {
+      throw new Error('No email associated with this social account');
+    }
+
+    // 1. Find or create user
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    let user = await this.userRepository.findByEmail(profile.email);
+
+    if (!user) {
+      user = new User(
+        null,
+        profile.name,
+        profile.email,
+        null,
+        <%_ if (socialAuth.includes('Google')) { _%>
+        this.provider.name === 'Google' ? profile.id : null,
+        <%_ } _%>
+        <%_ if (socialAuth.includes('GitHub')) { _%>
+        this.provider.name === 'GitHub' ? profile.id : null,
+        <%_ } _%>
+      );
+      user = await this.userRepository.save(user);
+    } else {
+      // Link social ID if not already linked
+      let updated = false;
+      <%_ if (socialAuth.includes('Google')) { _%>
+      if (this.provider.name === 'Google' && !user.googleId) {
+        user.googleId = profile.id;
+        updated = true;
+      }
+      <%_ } _%>
+      <%_ if (socialAuth.includes('GitHub')) { _%>
+      if (this.provider.name === 'GitHub' && !user.githubId) {
+        user.githubId = profile.id;
+        updated = true;
+      }
+      <%_ } _%>
+      if (updated) {
+        await this.userRepository.update(user.id!, user);
+      }
+    }
+    <%_ } else { _%>
+    let user = await User.findOne({ 
+      <%_ if (database === 'MongoDB' || database === 'None') { _%>
+      email: profile.email
+      <%_ } else { _%>
+      where: { email: profile.email } 
+      <%_ } _%>
+    });
+
+    if (!user) {
+      user = await User.create({
+        email: profile.email,
+        name: profile.name,
+        password: null,
+        <%_ if (socialAuth.includes('Google')) { _%>
+        googleId: this.provider.name === 'Google' ? profile.id : null,
+        <%_ } _%>
+        <%_ if (socialAuth.includes('GitHub')) { _%>
+        githubId: this.provider.name === 'GitHub' ? profile.id : null,
+        <%_ } _%>
+      });
+    } else {
+      let updated = false;
+      <%_ if (socialAuth.includes('Google')) { _%>
+      if (this.provider.name === 'Google' && !user.googleId) {
+        user.googleId = profile.id;
+        updated = true;
+      }
+      <%_ } _%>
+      <%_ if (socialAuth.includes('GitHub')) { _%>
+      if (this.provider.name === 'GitHub' && !user.githubId) {
+        user.githubId = profile.id;
+        updated = true;
+      }
+      <%_ } _%>
+      if (updated) {
+        <%_ if (database === 'MongoDB') { _%>
+        await user.save();
+        <%_ } else if (database === 'None') { _%>
+        await User.update(user.id, { googleId: user.googleId, githubId: user.githubId });
+        <%_ } else { _%>
+        await user.save();
+        <%_ } _%>
+      }
+    }
+    <%_ } _%>
+
+    // 2. Generate tokens
+    const userId = user.id || (user as { _id?: { toString(): string } })._id?.toString();
+    const payload = { id: userId, email: user.email };
+    const accessToken = JwtService.generateToken(payload);
+    const refreshToken = JwtService.generateRefreshToken(payload);
+
+    return { user, accessToken, refreshToken };
+  }
+}

package/templates/common/database/js/models/User.js.ejs

@@ -67,13 +67,21 @@ User.init(
       type: DataTypes.STRING,
       allowNull: false,
       unique: true,
-    },
-    <% if (auth.includes('JWT')) { %>
+    },<% if (auth.includes('JWT')) { %>
     password: {
       type: DataTypes.STRING,
-      allowNull: false,
-    },
-    <% } %>
+      allowNull: true,
+    },<% } %><% if (socialAuth && socialAuth.includes('Google')) { %>
+    googleId: {
+      type: DataTypes.STRING,
+      allowNull: true,
+      unique: true,
+    },<% } %><% if (socialAuth && socialAuth.includes('GitHub')) { %>
+    githubId: {
+      type: DataTypes.STRING,
+      allowNull: true,
+      unique: true,
+    },<% } %>
     deletedAt: {
       type: DataTypes.DATE,
       allowNull: true,

package/templates/common/database/js/models/User.js.mongoose.ejs

@@ -13,7 +13,21 @@ const UserSchema = new mongoose.Schema({
     <% if (auth.includes('JWT')) { %>
     password: {
         type: String,
-        required: true
+        required: false
+    },
+    <% } %>
+    <% if (socialAuth && socialAuth.includes('Google')) { %>
+    googleId: {
+        type: String,
+        unique: true,
+        sparse: true
+    },
+    <% } %>
+    <% if (socialAuth && socialAuth.includes('GitHub')) { %>
+    githubId: {
+        type: String,
+        unique: true,
+        sparse: true
     },
     <% } %>
     createdAt: {