stackkit 0.2.8 → 0.3.0

package/dist/lib/generation/generator-utils.js

@@ -64,7 +64,7 @@ async function mergeModuleIntoGeneratorConfig(config, modulePath) {
             }
         }
         catch {
-            // ignore invalid module.json
+            return config;
         }
     }
     return config;
@@ -74,7 +74,6 @@ async function mergeGeneratorIntoModuleMetadata(metadata, modulePath) {
     if (await fs.pathExists(generatorPath)) {
         try {
             const generator = await fs.readJson(generatorPath);
-            // Process add-env operations to extract envVars
             if (generator.operations && Array.isArray(generator.operations)) {
                 for (const operation of generator.operations) {
                     if (operation.type === "add-env" && operation.envVars) {
@@ -90,11 +89,6 @@ async function mergeGeneratorIntoModuleMetadata(metadata, modulePath) {
                             });
                         }
                     }
-                }
-            }
-            // Collect dependencies/devDependencies from add-dependency operations
-            if (generator.operations && Array.isArray(generator.operations)) {
-                for (const operation of generator.operations) {
                     if (operation.type === "add-dependency") {
                         if (operation.dependencies) {
                             metadata.dependencies = {
@@ -117,7 +111,7 @@ async function mergeGeneratorIntoModuleMetadata(metadata, modulePath) {
             }
         }
         catch {
-            // ignore invalid generator.json
+            return metadata;
         }
     }
     return metadata;
@@ -129,13 +123,7 @@ function locateOperationSource(generatorType, generatorName, sourceRel) {
     const moduleBasePath = generatorType === "framework"
         ? path.join(templatesPath, generatorName)
         : path.join(modulesPath, generatorType, generatorName);
-    const sourcePath = path.join(moduleBasePath, "files", sourceRel);
-    try {
-        return sourcePath;
-    }
-    catch {
-        return null;
-    }
+    return path.join(moduleBasePath, "files", sourceRel);
 }
 exports.default = {
     mergeModuleIntoGeneratorConfig,

package/dist/lib/project/detect.js

@@ -8,16 +8,15 @@ exports.getRouterBasePath = getRouterBasePath;
 exports.getLibPath = getLibPath;
 const fs_extra_1 = __importDefault(require("fs-extra"));
 const path_1 = __importDefault(require("path"));
+const constants_1 = require("../constants");
 const installed_detection_1 = require("../discovery/installed-detection");
 const package_root_1 = require("../utils/package-root");
 async function detectProjectInfo(targetDir) {
-    const packageJsonPath = path_1.default.join(targetDir, "package.json");
+    const packageJsonPath = path_1.default.join(targetDir, constants_1.FILE_NAMES.PACKAGE_JSON);
     if (!(await fs_extra_1.default.pathExists(packageJsonPath))) {
-        throw new Error("No package.json found. This does not appear to be a Node.js project.");
+        throw new Error(constants_1.ERROR_MESSAGES.NO_PACKAGE_JSON);
     }
     const packageJson = await fs_extra_1.default.readJSON(packageJsonPath);
-    // Detect framework by matching available templates' characteristic files
-    // Framework is dynamic and driven by templates; keep as string for discovery
     let framework = "unknown";
     try {
         const templatesDir = path_1.default.join((0, package_root_1.getPackageRoot)(), "templates");
@@ -41,19 +40,17 @@ async function detectProjectInfo(targetDir) {
                         bestMatch = { name: d, score };
                 }
                 catch {
-                    // ignore
+                    continue;
                 }
             }
             if (bestMatch && bestMatch.score > 0) {
-                // Use the template folder name as the framework identifier
                 framework = bestMatch.name;
             }
         }
     }
     catch {
-        // fall back to dependency heuristics below
+        framework = "unknown";
     }
-    // Fallback: simple dependency-based detection
     if (framework === "unknown") {
         const isNextJs = packageJson.dependencies?.next || packageJson.devDependencies?.next;
         const isExpress = packageJson.dependencies?.express || packageJson.devDependencies?.express;
@@ -71,7 +68,6 @@ async function detectProjectInfo(targetDir) {
     if (framework === "unknown") {
         throw new Error("Unsupported project type or unable to detect framework from templates.");
     }
-    // Detect router type (only for Next.js)
     let router = "unknown";
     if (framework === "nextjs") {
         const appDirExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, "app"));
@@ -79,14 +75,13 @@ async function detectProjectInfo(targetDir) {
         const srcAppDirExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, "src", "app"));
         const srcPagesDirExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, "src", "pages"));
         if (appDirExists || srcAppDirExists) {
-            router = "app";
+            router = constants_1.ROUTER_TYPES.APP;
         }
         else if (pagesDirExists || srcPagesDirExists) {
-            router = "pages";
+            router = constants_1.ROUTER_TYPES.PAGES;
         }
     }
-    // Detect TypeScript vs JavaScript
-    const tsconfigExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, "tsconfig.json"));
+    const tsconfigExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, constants_1.FILE_NAMES.TSCONFIG_JSON));
     const jsconfigExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, "jsconfig.json"));
     let language;
     if (tsconfigExists) {
@@ -98,10 +93,9 @@ async function detectProjectInfo(targetDir) {
     else {
         language = "ts";
     }
-    // Detect package manager
-    const yarnLockExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, "yarn.lock"));
-    const pnpmLockExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, "pnpm-lock.yaml"));
-    const bunLockExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, "bun.lockb"));
+    const yarnLockExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, constants_1.LOCK_FILES.yarn));
+    const pnpmLockExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, constants_1.LOCK_FILES.pnpm));
+    const bunLockExists = await fs_extra_1.default.pathExists(path_1.default.join(targetDir, constants_1.LOCK_FILES.bun));
     let packageManager = "pnpm";
     if (pnpmLockExists) {
         packageManager = "pnpm";
@@ -112,8 +106,6 @@ async function detectProjectInfo(targetDir) {
     else if (bunLockExists) {
         packageManager = "bun";
     }
-    // Detect installed modules by comparing project dependencies against
-    // declared dependencies in `modules/*/generator.json` and `module.json`.
     const detectedAuth = await (0, installed_detection_1.detectAuthModules)(packageJson);
     const detectedDbs = await (0, installed_detection_1.detectDatabaseModules)(packageJson);
     const hasAuth = detectedAuth.length > 0;

package/dist/lib/utils/fs-helpers.d.ts

@@ -7,6 +7,6 @@ export declare function writeFile(filePath: string, content: string): Promise<vo
 export declare function copyDir(source: string, destination: string, options?: CopyFilterFunction): Promise<void>;
 export declare function readDir(dirPath: string): Promise<string[]>;
 export declare function isDirectory(dirPath: string): Promise<boolean>;
-export declare function findFilesInDir(dirPath: string, predicate: (file: string) => boolean): Promise<string[]>;
+export declare function findFilesInDir(dirPath: string, predicate: (fileName: string) => boolean): Promise<string[]>;
 export declare function getEnvFilePath(projectRoot: string): Promise<string | null>;
 export {};

package/modules/auth/authjs/generator.json

@@ -3,11 +3,6 @@
   "type": "auth",
   "priority": 10,
   "operations": [
-    {
-      "type": "create-file",
-      "source": "shared/lib/auth.ts",
-      "destination": "server/auth/auth.ts"
-    },
     {
       "type": "create-file",
       "source": "nextjs/api/auth/[...nextauth]/route.ts",
@@ -18,6 +13,11 @@
       "source": "nextjs/proxy.ts",
       "destination": "proxy.ts"
     },
+    {
+      "type": "create-file",
+      "source": "shared/lib/auth.ts",
+      "destination": "server/auth/auth.ts"
+    },
     {
       "type": "patch-file",
       "destination": "prisma/schema.prisma",
@@ -36,6 +36,17 @@
         "@auth/prisma-adapter": "^2.11.1"
       }
     },
+    {
+      "type": "add-dependency",
+      "dependencies": {
+        "bcryptjs": "^3.0.3",
+        "next-auth": "^5.0.0-beta.30",
+        "nodemailer": "^7.0.12"
+      },
+      "devDependencies": {
+        "@types/nodemailer": "^7.0.5"
+      }
+    },
     {
       "type": "add-env",
       "envVars": {
@@ -48,17 +59,6 @@
         "EMAIL_PASS": "",
         "EMAIL_FROM": "noreply@yourapp.com"
       }
-    },
-    {
-      "type": "add-dependency",
-      "dependencies": {
-        "next-auth": "^5.0.0-beta.30",
-        "bcryptjs": "^3.0.3",
-        "nodemailer": "^7.0.12"
-      },
-      "devDependencies": {
-        "@types/nodemailer": "^7.0.5"
-      }
     }
   ]
 }

package/modules/auth/better-auth/files/express/middlewares/authorize.ts

@@ -1,54 +1,192 @@
 import { NextFunction, Request, Response } from "express";
-import { auth } from "../../modules/auth/auth";
+import status from "http-status";
+import { envVars } from "../../config/env";
+import { AppError } from "../errors/app-error";
+import { cookieUtils } from "../utils/cookie";
+import { jwtUtils } from "../utils/jwt";
+{{#if database == "prisma"}}
+import { Role, UserStatus } from "@prisma/client";
+import { prisma } from "../../database/prisma";
+{{/if}}
+{{#if database == "mongoose"}}
+import { Role, UserStatus } from "../../modules/auth/auth.constants";
+import { getAuthCollections } from "../../modules/auth/auth.helper";
+{{/if}}
 
-export enum UserRole {
-    USER = "USER",
-    ADMIN = "ADMIN"
-}
+{{#if database == "prisma"}}
+export const authorize = (...authRoles: Role[]) =>
+{{/if}}
+{{#if database == "mongoose"}}
+type AuthRole = (typeof Role)[keyof typeof Role];
 
-const authorize = (...roles: UserRole[]) => {
-  return async (req: Request, res: Response, next: NextFunction) => {
+export const authorize = (...authRoles: AuthRole[]) =>
+{{/if}}
+  async (req: Request, res: Response, next: NextFunction) => {
     try {
-      // get user session
-      const session = await auth?.api.getSession({
-        headers: req.headers as any,
-      });
-
-      if (!session) {
-        return res.status(401).json({
-          success: false,
-          message: "You are not authorized!",
-        });
+      //Session Token Verification
+      const sessionToken = cookieUtils.getCookie(
+        req,
+        "better-auth.session_token",
+      );
+
+      if (!sessionToken) {
+        throw new Error("Unauthorized access! No session token provided.");
       }
 
-      if (!session.user.emailVerified) {
-        return res.status(403).json({
-          success: false,
-          message: "Email verification required. Please verify your email!",
+      if (sessionToken) {
+        {{#if database == "prisma"}}
+          const sessionExists = await prisma.session.findFirst({
+          where: {
+            token: sessionToken,
+            expiresAt: {
+              gt: new Date(),
+            },
+          },
+          include: {
+            user: true,
+          },
         });
+        {{/if}}
+        {{#if database == "mongoose"}}
+        const { sessions, users } = await getAuthCollections();
+        const sessionExists = await sessions.findOne({
+          token: sessionToken,
+          expiresAt: { $gt: new Date() },
+        });
+
+        const user = sessionExists
+          ? await users.findOne({
+              id: sessionExists.userId,
+            })
+          : null;
+        {{/if}}
+
+        {{#if database == "prisma"}}
+        if (sessionExists && sessionExists.user) {
+          const user = sessionExists.user;
+        {{/if}}
+        {{#if database == "mongoose"}}
+        if (sessionExists && user) {
+        {{/if}}
+
+          {{#if database == "prisma"}}
+          const now = new Date();
+          const expiresAt = new Date(sessionExists.expiresAt);
+          const createdAt = new Date(sessionExists.createdAt);
+
+          const sessionLifeTime = expiresAt.getTime() - createdAt.getTime();
+          const timeRemaining = expiresAt.getTime() - now.getTime();
+          const percentRemaining = (timeRemaining / sessionLifeTime) * 100;
+
+          if (percentRemaining < 20) {
+            res.setHeader("X-Session-Refresh", "true");
+            res.setHeader("X-Session-Expires-At", expiresAt.toISOString());
+            res.setHeader("X-Time-Remaining", timeRemaining.toString());
+
+            console.log("Session Expiring Soon!!");
+          }
+          {{/if}}
+          {{#if database == "mongoose"}}
+          if (sessionExists.expiresAt && sessionExists.createdAt) {
+            const now = new Date();
+            const expiresAt = new Date(sessionExists.expiresAt);
+            const createdAt = new Date(sessionExists.createdAt);
+
+            const sessionLifeTime = expiresAt.getTime() - createdAt.getTime();
+            const timeRemaining = expiresAt.getTime() - now.getTime();
+            const percentRemaining = (timeRemaining / sessionLifeTime) * 100;
+
+            if (percentRemaining < 20) {
+              res.setHeader("X-Session-Refresh", "true");
+              res.setHeader("X-Session-Expires-At", expiresAt.toISOString());
+              res.setHeader("X-Time-Remaining", timeRemaining.toString());
+
+              console.log("Session Expiring Soon!!");
+            }
+          }
+          {{/if}}
+
+          if (
+            user.status === UserStatus.BLOCKED ||
+            user.status === UserStatus.DELETED
+          ) {
+            throw new AppError(
+              status.UNAUTHORIZED,
+              "Unauthorized access! User is not active.",
+            );
+          }
+
+          if (user.isDeleted) {
+            throw new AppError(
+              status.UNAUTHORIZED,
+              "Unauthorized access! User is deleted.",
+            );
+          }
+
+          {{#if database == "prisma"}}
+          if (authRoles.length > 0 && !authRoles.includes(user.role)) {
+          {{/if}}
+          {{#if database == "mongoose"}}
+          if (authRoles.length > 0 && !authRoles.includes(user.role as AuthRole)) {
+          {{/if}}
+            throw new AppError(
+              status.FORBIDDEN,
+              "Forbidden access! You do not have permission to access this resource.",
+            );
+          }
+
+          req.user = {
+            id: user.id,
+            name: user.name,
+            email: user.email,
+            role: user.role,
+          };
+        }
+
+        const accessToken = cookieUtils.getCookie(req, "accessToken");
+
+        if (!accessToken) {
+          throw new AppError(
+            status.UNAUTHORIZED,
+            "Unauthorized access! No access token provided.",
+          );
+        }
       }
 
-      req.user = {
-        id: session.user.id,
-        email: session.user.email,
-        name: session.user.name,
-        role: session.user.role as string,
-        emailVerified: session.user.emailVerified,
-      };
-
-      if (roles.length && !roles.includes(req.user.role as UserRole)) {
-        return res.status(403).json({
-          success: false,
-          message:
-            "Forbidden! You don't have permission to access this resources!",
-        });
+      //Access Token Verification
+      const accessToken = cookieUtils.getCookie(req, "accessToken");
+
+      if (!accessToken) {
+        throw new AppError(
+          status.UNAUTHORIZED,
+          "Unauthorized access! No access token provided.",
+        );
+      }
+
+      const verifiedToken = jwtUtils.verifyToken(
+        accessToken,
+        envVars.ACCESS_TOKEN_SECRET,
+      );
+
+      if (!verifiedToken.success) {
+        throw new AppError(
+          status.UNAUTHORIZED,
+          "Unauthorized access! Invalid access token.",
+        );
+      }
+
+      if (
+        authRoles.length > 0 &&
+        !authRoles.includes(verifiedToken.data!.role)
+      ) {
+        throw new AppError(
+          status.FORBIDDEN,
+          "Forbidden access! You do not have permission to access this resource.",
+        );
       }
 
       next();
-    } catch (err) {
-      next(err);
+    } catch (error: unknown) {
+      next(error);
     }
-  };
 };
-
-export default authorize;