offbyt 1.0.0

package/templates/auth.routes.template.js

@@ -0,0 +1,238 @@
+import express from 'express';
+import jwt from 'jsonwebtoken';
+import User from '../models/User.js';
+import { authenticateToken } from '../middleware/auth.js';
+
+const router = express.Router();
+
+// Ensure JWT_SECRET is consistent across all auth checks
+const JWT_SECRET = process.env.JWT_SECRET || 'your_super_secret_jwt_key_change_this_in_production';
+
+/**
+ * Generate JWT Token
+ */
+const generateToken = (user) => {
+  return jwt.sign(
+    {
+      id: user._id,
+      email: user.email,
+      name: user.name,
+      role: user.role
+    },
+    JWT_SECRET,
+    { expiresIn: process.env.JWT_EXPIRE || process.env.JWT_EXPIRES_IN || '7d' }
+  );
+};
+
+/**
+ * POST /api/auth/signup
+ * Register new user
+ */
+router.post('/signup', async (req, res, next) => {
+  try {
+    const { name, email, password } = req.body;
+
+    // Validation
+    if (!name || !email || !password) {
+      return res.status(400).json({
+        success: false,
+        message: 'Please provide name, email, and password',
+        code: 'MISSING_FIELDS'
+      });
+    }
+
+    // Check if user already exists
+    const existingUser = await User.findOne({ email });
+    if (existingUser) {
+      return res.status(409).json({
+        success: false,
+        message: 'User with this email already exists',
+        code: 'EMAIL_EXISTS'
+      });
+    }
+
+    // Validate email format
+    const emailRegex = /^\S+@\S+\.\S+$/;
+    if (!emailRegex.test(email)) {
+      return res.status(400).json({
+        success: false,
+        message: 'Please provide a valid email',
+        code: 'INVALID_EMAIL'
+      });
+    }
+
+    // Validate password length
+    if (password.length < 6) {
+      return res.status(400).json({
+        success: false,
+        message: 'Password must be at least 6 characters',
+        code: 'WEAK_PASSWORD'
+      });
+    }
+
+    // Create new user (password will be hashed by pre-save hook)
+    const user = new User({
+      name: name.trim(),
+      email: email.toLowerCase().trim(),
+      password
+    });
+
+    await user.save();
+
+    // Generate JWT token
+    const token = generateToken(user);
+
+    res.status(201).json({
+      success: true,
+      message: 'Account created successfully',
+      data: {
+        token,
+        user: user.toJSON()
+      }
+    });
+  } catch (error) {
+    if (error.name === 'ValidationError') {
+      return res.status(400).json({
+        success: false,
+        message: 'Validation Error',
+        code: 'VALIDATION_ERROR',
+        errors: Object.values(error.errors).map(e => e.message)
+      });
+    }
+    next(error);
+  }
+});
+
+/**
+ * POST /api/auth/login
+ * User login with email and password
+ */
+router.post('/login', async (req, res, next) => {
+  try {
+    const { email, password } = req.body;
+
+    // Validation
+    if (!email || !password) {
+      return res.status(400).json({
+        success: false,
+        message: 'Please provide email and password',
+        code: 'MISSING_FIELDS'
+      });
+    }
+
+    // Find user and include password (excluded by default)
+    const user = await User.findOne({ email }).select('+password');
+
+    if (!user || !user.isActive) {
+      return res.status(401).json({
+        success: false,
+        message: 'Invalid email or password',
+        code: 'INVALID_CREDENTIALS'
+      });
+    }
+
+    // Verify password
+    const isPasswordValid = await user.comparePassword(password);
+
+    if (!isPasswordValid) {
+      return res.status(401).json({
+        success: false,
+        message: 'Invalid email or password',
+        code: 'INVALID_CREDENTIALS'
+      });
+    }
+
+    // Update last login
+    user.lastLogin = new Date();
+    await user.save();
+
+    // Generate JWT token
+    const token = generateToken(user);
+
+    res.status(200).json({
+      success: true,
+      message: 'Login successful',
+      data: {
+        token,
+        user: user.toJSON()
+      }
+    });
+  } catch (error) {
+    next(error);
+  }
+});
+
+/**
+ * GET /api/auth/profile
+ * Get current user profile (Protected route)
+ */
+router.get('/profile', authenticateToken, async (req, res, next) => {
+  try {
+    const user = await User.findById(req.user.id);
+
+    if (!user || !user.isActive) {
+      return res.status(404).json({
+        success: false,
+        message: 'User not found',
+        code: 'USER_NOT_FOUND'
+      });
+    }
+
+    res.status(200).json({
+      success: true,
+      data: {
+        user: user.toJSON()
+      }
+    });
+  } catch (error) {
+    next(error);
+  }
+});
+
+/**
+ * PUT /api/auth/profile
+ * Update user profile (Protected route)
+ */
+router.put('/profile', authenticateToken, async (req, res, next) => {
+  try {
+    const { name } = req.body;
+    const user = await User.findById(req.user.id);
+
+    if (!user) {
+      return res.status(404).json({
+        success: false,
+        message: 'User not found',
+        code: 'USER_NOT_FOUND'
+      });
+    }
+
+    if (name) {
+      user.name = name.trim();
+    }
+
+    await user.save();
+
+    res.status(200).json({
+      success: true,
+      message: 'Profile updated successfully',
+      data: {
+        user: user.toJSON()
+      }
+    });
+  } catch (error) {
+    next(error);
+  }
+});
+
+/**
+ * POST /api/auth/logout
+ * Logout user (clears token on frontend)
+ */
+router.post('/logout', authenticateToken, (req, res) => {
+  res.status(200).json({
+    success: true,
+    message: 'Logged out successfully'
+  });
+});
+
+export default router;

package/templates/auth.user.model.template.js

@@ -0,0 +1,78 @@
+import mongoose from 'mongoose';
+import bcrypt from 'bcryptjs';
+
+const userSchema = new mongoose.Schema({
+  name: {
+    type: String,
+    required: [true, 'Please provide a name'],
+    trim: true,
+    minlength: [2, 'Name must be at least 2 characters']
+  },
+  email: {
+    type: String,
+    required: [true, 'Please provide an email'],
+    unique: true,
+    lowercase: true,
+    match: [/^\S+@\S+\.\S+$/, 'Please provide a valid email'],
+    index: true
+  },
+  password: {
+    type: String,
+    required: [true, 'Please provide a password'],
+    minlength: [6, 'Password must be at least 6 characters'],
+    select: false // Don't return password by default
+  },
+  role: {
+    type: String,
+    enum: ['student', 'organizer', 'admin'],
+    default: 'student'
+  },
+  isActive: {
+    type: Boolean,
+    default: true
+  },
+  lastLogin: Date,
+  createdAt: {
+    type: Date,
+    default: Date.now
+  }
+}, {
+  timestamps: true,
+  collection: 'users'
+});
+
+// Hash password before saving
+userSchema.pre('save', async function(next) {
+  if (!this.isModified('password')) {
+    return next();
+  }
+  
+  try {
+    const salt = await bcrypt.genSalt(parseInt(process.env.BCRYPT_ROUNDS || 10));
+    this.password = await bcrypt.hash(this.password, salt);
+    next();
+  } catch (error) {
+    next(error);
+  }
+});
+
+// Method to compare password
+userSchema.methods.comparePassword = async function(candidatePassword) {
+  try {
+    return await bcrypt.compare(candidatePassword, this.password);
+  } catch (error) {
+    throw new Error('Error comparing passwords');
+  }
+};
+
+// Return user without password
+userSchema.methods.toJSON = function() {
+  const obj = this.toObject();
+  delete obj.password;
+  delete obj.__v;
+  return obj;
+};
+
+const User = mongoose.model('User', userSchema);
+
+export default User;

package/templates/cache.middleware.js

@@ -0,0 +1,34 @@
+/**
+ * Caching Middleware
+ * Implements HTTP caching for GET requests
+ */
+
+export const cacheMiddleware = (duration = 60) => {
+  return (req, res, next) => {
+    // Only cache GET requests
+    if (req.method !== 'GET') {
+      return next();
+    }
+
+    // Set cache headers
+    res.set('Cache-Control', `public, max-age=${duration}`);
+    
+    // Skip if no-cache header is set
+    if (req.headers['cache-control'] === 'no-cache') {
+      res.set('Cache-Control', 'no-cache');
+      return next();
+    }
+
+    next();
+  };
+};
+
+// No-cache for sensitive endpoints
+export const noCacheMiddleware = (req, res, next) => {
+  res.set('Cache-Control', 'private, no-cache, no-store, must-revalidate');
+  res.set('Pragma', 'no-cache');
+  res.set('Expires', '0');
+  next();
+};
+
+export default cacheMiddleware;

package/templates/chat.models.template.js

@@ -0,0 +1,260 @@
+/**
+ * Chat Models Templates
+ * 
+ * Provides Mongoose models for:
+ * - Message
+ * - Conversation
+ * - MessageReaction (optional)
+ */
+
+export const messageModelTemplate = `import mongoose from 'mongoose';
+
+const messageSchema = new mongoose.Schema({
+  conversation: {
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'Conversation',
+    required: true,
+    index: true
+  },
+  sender: {
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'User',
+    required: true,
+    index: true
+  },
+  content: {
+    type: String,
+    required: true,
+    maxlength: 10000
+  },
+  type: {
+    type: String,
+    enum: ['text', 'image', 'video', 'audio', 'file', 'system'],
+    default: 'text'
+  },
+  metadata: {
+    type: mongoose.Schema.Types.Mixed,
+    default: {}
+  },
+  // For file messages
+  fileUrl: String,
+  fileName: String,
+  fileSize: Number,
+  fileType: String,
+  
+  // Message status
+  status: {
+    type: String,
+    enum: ['sent', 'delivered', 'read'],
+    default: 'sent'
+  },
+  
+  // Read receipts
+  readBy: [{
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'User'
+  }],
+  readAt: Date,
+  
+  // Edited
+  isEdited: {
+    type: Boolean,
+    default: false
+  },
+  editedAt: Date,
+  
+  // Deleted
+  isDeleted: {
+    type: Boolean,
+    default: false
+  },
+  deletedAt: Date,
+  
+  // Reply/Thread
+  replyTo: {
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'Message'
+  },
+  
+  // Reactions
+  reactions: [{
+    user: {
+      type: mongoose.Schema.Types.ObjectId,
+      ref: 'User'
+    },
+    emoji: String,
+    createdAt: {
+      type: Date,
+      default: Date.now
+    }
+  }],
+  
+  timestamp: {
+    type: Date,
+    default: Date.now,
+    index: true
+  }
+}, {
+  timestamps: true
+});
+
+// Indexes for performance
+messageSchema.index({ conversation: 1, timestamp: -1 });
+messageSchema.index({ sender: 1, timestamp: -1 });
+messageSchema.index({ conversation: 1, timestamp: 1 });
+
+// Virtuals
+messageSchema.virtual('readCount').get(function() {
+  return this.readBy ? this.readBy.length : 0;
+});
+
+messageSchema.set('toJSON', { virtuals: true });
+messageSchema.set('toObject', { virtuals: true });
+
+const Message = mongoose.model('Message', messageSchema);
+
+export default Message;
+`;
+
+export const conversationModelTemplate = `import mongoose from 'mongoose';
+
+const conversationSchema = new mongoose.Schema({
+  name: {
+    type: String,
+    trim: true
+  },
+  type: {
+    type: String,
+    enum: ['direct', 'group', 'channel'],
+    default: 'direct',
+    required: true
+  },
+  participants: [{
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'User',
+    required: true
+  }],
+  admins: [{
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'User'
+  }],
+  createdBy: {
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'User',
+    required: true
+  },
+  
+  // Last message info
+  lastMessage: {
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'Message'
+  },
+  lastMessageAt: {
+    type: Date,
+    default: Date.now,
+    index: true
+  },
+  
+  // Group/Channel settings
+  description: String,
+  avatar: String,
+  
+  // Muted users
+  mutedBy: [{
+    user: {
+      type: mongoose.Schema.Types.ObjectId,
+      ref: 'User'
+    },
+    mutedUntil: Date
+  }],
+  
+  // Archived
+  archivedBy: [{
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'User'
+  }],
+  
+  // Pinned messages
+  pinnedMessages: [{
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'Message'
+  }],
+  
+  // Group settings
+  settings: {
+    allowMemberMessages: {
+      type: Boolean,
+      default: true
+    },
+    allowFileSharing: {
+      type: Boolean,
+      default: true
+    },
+    maxMembers: {
+      type: Number,
+      default: 100
+    }
+  },
+  
+  isActive: {
+    type: Boolean,
+    default: true
+  }
+}, {
+  timestamps: true
+});
+
+// Indexes
+conversationSchema.index({ participants: 1, lastMessageAt: -1 });
+conversationSchema.index({ type: 1, lastMessageAt: -1 });
+conversationSchema.index({ createdBy: 1 });
+
+// Methods
+conversationSchema.methods.isParticipant = function(userId) {
+  return this.participants.some(p => p.toString() === userId.toString());
+};
+
+conversationSchema.methods.isAdmin = function(userId) {
+  return this.admins.some(a => a.toString() === userId.toString());
+};
+
+conversationSchema.methods.addParticipant = async function(userId) {
+  if (!this.isParticipant(userId)) {
+    this.participants.push(userId);
+    await this.save();
+  }
+  return this;
+};
+
+conversationSchema.methods.removeParticipant = async function(userId) {
+  this.participants = this.participants.filter(
+    p => p.toString() !== userId.toString()
+  );
+  await this.save();
+  return this;
+};
+
+// Statics
+conversationSchema.statics.findByUser = function(userId) {
+  return this.find({ participants: userId, isActive: true })
+    .populate('participants', 'name email avatar')
+    .populate('lastMessage')
+    .sort({ lastMessageAt: -1 });
+};
+
+conversationSchema.statics.findDirectConversation = function(user1Id, user2Id) {
+  return this.findOne({
+    type: 'direct',
+    participants: { $all: [user1Id, user2Id], $size: 2 }
+  });
+};
+
+const Conversation = mongoose.model('Conversation', conversationSchema);
+
+export default Conversation;
+`;
+
+export const chatModelsExport = `export { messageModelTemplate, conversationModelTemplate };
+`;
+
+export default { messageModelTemplate, conversationModelTemplate };