typescript-express-starter 10.2.1 → 11.0.0

package/devtools/docker/nginx.conf

@@ -0,0 +1,67 @@
+user  nginx;
+worker_processes  1;
+
+error_log  /var/log/nginx/error.log warn;
+pid        /var/run/nginx.pid;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    # gzip compression (optional but recommended)
+    gzip on;
+    gzip_disable "msie6";
+    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+    gzip_min_length 256;
+
+    upstream api-server {
+        server server:3000;  # 여러 서버면 server api1:3000; server api2:3000; ...
+        keepalive 100;
+    }
+
+    server {
+        listen 80;
+        server_name localhost;
+
+        # Health check endpoint
+        location /health {
+            return 200 'ok';
+            add_header Content-Type text/plain;
+        }
+
+        # Main reverse proxy for API
+        location / {
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+            proxy_pass http://api-server;
+            proxy_read_timeout 300;
+            proxy_connect_timeout 60;
+        }
+
+        # (Optional) Static file serving example
+        # location /static/ {
+        #     alias /app/public/;
+        #     expires 30d;
+        #     access_log off;
+        # }
+    }
+
+    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+                    '$status $body_bytes_sent "$http_referer" '
+                    '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log /var/log/nginx/access.log main;
+
+    sendfile on;
+    keepalive_timeout  65;
+    include /etc/nginx/conf.d/*.conf;
+}

package/devtools/eslint/eslint.config.cjs

@@ -0,0 +1,23 @@
+const tseslint = require('typescript-eslint');
+const globals = require('globals');
+const eslintConfigPrettier = require('eslint-config-prettier');
+
+module.exports = [
+  { ignores: ['dist/', 'coverage/', 'logs/', 'node_modules/', '*.config.js', '*.config.ts', '.env', '.env.*', '!.eslintrc.js'] },
+  ...tseslint.configs.recommended,
+  eslintConfigPrettier,
+  {
+    files: ['**/*.ts'],
+    languageOptions: {
+      ecmaVersion: 2022,
+      sourceType: 'commonjs',
+      globals: { ...globals.node, ...globals.es2022 },
+    },
+    rules: {
+      '@typescript-eslint/no-explicit-any': 'off',
+      '@typescript-eslint/explicit-module-boundary-types': 'off',
+      '@typescript-eslint/ban-types': 'off',
+      '@typescript-eslint/no-var-requires': 'off',
+    },
+  },
+];

package/devtools/husky/.husky/commit-msg

@@ -0,0 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+npx commitlint --edit $1

package/devtools/husky/.husky/pre-commit

@@ -0,0 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+npm test

package/devtools/husky/.husky/pre-push

@@ -0,0 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+npm run build

package/devtools/jest/jest.config.cjs

@@ -0,0 +1,2 @@
+require('ts-node/register'); // TS config를 실행 가능하게
+module.exports = require('./jest.config.ts').default;

package/devtools/jest/jest.config.ts

@@ -0,0 +1,25 @@
+import type { Config } from 'jest';
+import { pathsToModuleNameMapper } from 'ts-jest';
+import { compilerOptions } from './tsconfig.json';
+
+const config: Config = {
+  preset: 'ts-jest',
+  testEnvironment: 'node',
+  setupFiles: ['<rootDir>/src/test/setup.ts'],
+  roots: ['<rootDir>/src'],
+  transform: {
+    '^.+\\.tsx?$': 'ts-jest',
+  },
+  moduleNameMapper: pathsToModuleNameMapper(compilerOptions.paths || {}, {
+    prefix: '<rootDir>/src/',
+  }),
+  coverageDirectory: 'coverage',
+  collectCoverageFrom: [
+    'src/**/*.{ts,tsx}',
+    '!src/**/*.d.ts',
+    '!src/**/index.ts',
+  ],
+  testPathIgnorePatterns: ['/node_modules/', '/dist/', '/logs/'],
+};
+
+export default config;

package/devtools/jest/src/test/e2e/auth.e2e.spec.ts

@@ -0,0 +1,40 @@
+import request from 'supertest';
+import { createTestApp, resetUserDB } from '@/test/setup';
+
+describe('Auth API', () => {
+  let server: any;
+  const prefix = '/api/v1';
+
+  beforeAll(() => {
+    server = createTestApp(); // Use shared repository for testing
+  });
+
+  beforeEach(() => {
+    resetUserDB(); // Reset repository before each test
+  });
+
+  const user = { email: 'authuser@example.com', password: 'authpassword123' };
+
+  it('should successfully register a new user', async () => {
+    const res = await request(server).post(`${prefix}/auth/signup`).send(user);
+    expect(res.statusCode).toBe(201);
+    expect(res.body.data.email).toBe(user.email);
+  });
+
+  it('should login a user and set a cookie', async () => {
+    await request(server).post(`${prefix}/auth/signup`).send(user);
+    const res = await request(server).post(`${prefix}/auth/login`).send(user);
+    expect(res.statusCode).toBe(200);
+    expect(res.body.data.email).toBe(user.email);
+    expect(res.header['set-cookie']).toBeDefined();
+  });
+
+  it('should logout a user', async () => {
+    await request(server).post(`${prefix}/auth/signup`).send(user);
+    const loginRes = await request(server).post(`${prefix}/auth/login`).send(user);
+    const cookie = loginRes.headers['set-cookie'];
+    const logoutRes = await request(server).post(`${prefix}/auth/logout`).set('Cookie', cookie[0]);
+    expect(logoutRes.statusCode).toBe(200);
+    expect(logoutRes.body.message).toBe('logout');
+  });
+});

package/devtools/jest/src/test/e2e/users.e2e.spec.ts

@@ -0,0 +1,63 @@
+import request from 'supertest';
+import { createTestApp, resetUserDB } from '@/test/setup';
+
+describe('Users API', () => {
+  let server: any;
+  const prefix = '/api/v1';
+
+  beforeAll(() => {
+    server = createTestApp(); // Initialize server with shared repository
+  });
+
+  beforeEach(() => {
+    resetUserDB(); // Reset repository before each test
+  });
+
+  const user = { email: 'user1@example.com', password: 'password123' };
+
+  it('should create a new user', async () => {
+    const res = await request(server).post(`${prefix}/users`).send(user);
+    expect(res.statusCode).toBe(201);
+    expect(res.body.data.email).toBe(user.email);
+  });
+
+  it('should retrieve all users', async () => {
+    await request(server).post(`${prefix}/users`).send(user);
+    const res = await request(server).get(`${prefix}/users`);
+    expect(res.statusCode).toBe(200);
+    expect(Array.isArray(res.body.data)).toBe(true);
+    expect(res.body.data[0].email).toBe(user.email);
+  });
+
+  it('should retrieve a user by id', async () => {
+    const createRes = await request(server).post(`${prefix}/users`).send(user);
+    const id = createRes.body.data.id;
+
+    const res = await request(server).get(`${prefix}/users/${id}`);
+    expect(res.statusCode).toBe(200);
+    expect(res.body.data.email).toBe(user.email);
+  });
+
+  it('should update user information', async () => {
+    const createRes = await request(server).post(`${prefix}/users`).send(user);
+    const id = createRes.body.data.id;
+
+    const newPassword = 'newpassword123';
+    const res = await request(server).put(`${prefix}/users/${id}`).send({ password: newPassword });
+    expect(res.statusCode).toBe(200);
+    expect(res.body.data.id).toBe(id);
+  });
+
+  it('should delete a user', async () => {
+    const createRes = await request(server).post(`${prefix}/users`).send(user);
+    const id = createRes.body.data.id;
+
+    const res = await request(server).delete(`${prefix}/users/${id}`);
+    expect(res.statusCode).toBe(204);
+  });
+
+  it('should return 404 if user does not exist', async () => {
+    const res = await request(server).get(`${prefix}/users/invalid-id`);
+    expect(res.statusCode).toBe(404);
+  });
+});

package/devtools/jest/src/test/setup.ts

@@ -0,0 +1,31 @@
+import 'reflect-metadata';
+import { container } from 'tsyringe';
+import App from '@/app';
+import { AuthRoute } from '@routes/auth.route';
+import { UsersRoute } from '@routes/users.route';
+import { UsersRepository, IUsersRepository } from '@repositories/users.repository';
+
+let sharedRepo: UsersRepository;
+
+export function createTestApp({ mockRepo }: { mockRepo?: IUsersRepository } = {}) {
+  // 항상 새로운 인스턴스를 주입하고 싶으면 reset logic 추가 필요
+  if (!sharedRepo) {
+    sharedRepo = new UsersRepository();
+    container.registerInstance(UsersRepository, sharedRepo);
+  }
+  // mockRepo가 있으면 주입
+  if (mockRepo) {
+    container.registerInstance(UsersRepository, mockRepo as UsersRepository);
+  }
+
+  // 클래스 타입을 직접 주입
+  const routes = [container.resolve(UsersRoute), container.resolve(AuthRoute)];
+  const appInstance = new App(routes);
+  return appInstance.getServer();
+}
+
+export function resetUserDB() {
+  if (sharedRepo) {
+    sharedRepo.reset();
+  }
+}

package/devtools/jest/src/test/unit/entities/user.entity.spec.ts

@@ -0,0 +1,279 @@
+import { User, type UserCreateData } from '@entities/user.entity';
+
+describe('User Entity', () => {
+  const validUserData: UserCreateData = {
+    email: 'test@example.com',
+    password: 'password123',
+  };
+
+  describe('create', () => {
+    it('should create a new user with valid data', async () => {
+      const user = await User.create(validUserData);
+
+      expect(user.id).toBeDefined();
+      expect(user.id).toMatch(/^user_/);
+      expect(user.email).toBe('test@example.com');
+      expect(user.password).not.toBe('password123'); // should be hashed
+      expect(user.createdAt).toBeInstanceOf(Date);
+      expect(user.updatedAt).toBeInstanceOf(Date);
+    });
+
+    it('should normalize email to lowercase', async () => {
+      const user = await User.create({ ...validUserData, email: 'TEST@EXAMPLE.COM' });
+      expect(user.email).toBe('test@example.com');
+    });
+
+    it('should throw error for invalid email format', async () => {
+      await expect(User.create({ ...validUserData, email: 'invalid-email' })).rejects.toThrow(
+        'Invalid email format',
+      );
+    });
+
+    it('should throw error for empty email', async () => {
+      await expect(User.create({ ...validUserData, email: '' })).rejects.toThrow(
+        'Email is required',
+      );
+    });
+
+    it('should throw error for too long email', async () => {
+      const longEmail = 'a'.repeat(250) + '@example.com';
+      await expect(User.create({ ...validUserData, email: longEmail })).rejects.toThrow(
+        'Email is too long',
+      );
+    });
+
+    it('should throw error for short password', async () => {
+      await expect(User.create({ ...validUserData, password: '123' })).rejects.toThrow(
+        'Password must be at least 8 characters long',
+      );
+    });
+
+    it('should throw error for password without number', async () => {
+      await expect(User.create({ ...validUserData, password: 'onlyletters' })).rejects.toThrow(
+        'Password must contain at least one letter and one number',
+      );
+    });
+
+    it('should throw error for password without letter', async () => {
+      await expect(User.create({ ...validUserData, password: '12345678' })).rejects.toThrow(
+        'Password must contain at least one letter and one number',
+      );
+    });
+
+    it('should throw error for too long password', async () => {
+      const longPassword = 'a'.repeat(130) + '123'; // 133 chars, exceeds 128 limit
+      await expect(User.create({ ...validUserData, password: longPassword })).rejects.toThrow(
+        'Password is too long',
+      );
+    });
+  });
+
+  describe('fromPersistence', () => {
+    it('should restore user from persistence data', () => {
+      const persistenceData = {
+        id: 'user_123',
+        email: 'test@example.com',
+        password: 'hashedpassword',
+        createdAt: new Date('2025-01-01'),
+        updatedAt: new Date('2025-01-02'),
+      };
+
+      const user = User.fromPersistence(persistenceData);
+
+      expect(user.id).toBe('user_123');
+      expect(user.email).toBe('test@example.com');
+      expect(user.password).toBe('hashedpassword');
+      expect(user.createdAt).toEqual(new Date('2025-01-01'));
+      expect(user.updatedAt).toEqual(new Date('2025-01-02'));
+    });
+
+    it('should use default dates if not provided', () => {
+      const persistenceData = {
+        id: 'user_123',
+        email: 'test@example.com',
+        password: 'hashedpassword',
+      };
+
+      const user = User.fromPersistence(persistenceData);
+
+      expect(user.createdAt).toBeInstanceOf(Date);
+      expect(user.updatedAt).toBeInstanceOf(Date);
+    });
+  });
+
+  describe('changeEmail', () => {
+    it('should change email and update timestamp', async () => {
+      const user = await User.create(validUserData);
+      const originalUpdatedAt = user.updatedAt;
+
+      // Wait a bit to ensure timestamp difference
+      await new Promise((resolve) => setTimeout(resolve, 10));
+
+      await user.changeEmail('new@example.com');
+
+      expect(user.email).toBe('new@example.com');
+      expect(user.updatedAt.getTime()).toBeGreaterThan(originalUpdatedAt.getTime());
+    });
+
+    it('should validate new email format', async () => {
+      const user = await User.create(validUserData);
+
+      await expect(user.changeEmail('invalid-email')).rejects.toThrow('Invalid email format');
+    });
+  });
+
+  describe('changePassword', () => {
+    it('should change password and update timestamp', async () => {
+      const user = await User.create(validUserData);
+      const originalPassword = user.password;
+      const originalUpdatedAt = user.updatedAt;
+
+      // Wait a bit to ensure timestamp difference
+      await new Promise((resolve) => setTimeout(resolve, 10));
+
+      await user.changePassword('newpassword123');
+
+      expect(user.password).not.toBe(originalPassword);
+      expect(user.password).not.toBe('newpassword123'); // should be hashed
+      expect(user.updatedAt.getTime()).toBeGreaterThan(originalUpdatedAt.getTime());
+    });
+
+    it('should validate new password', async () => {
+      const user = await User.create(validUserData);
+
+      await expect(user.changePassword('123')).rejects.toThrow(
+        'Password must be at least 8 characters long',
+      );
+    });
+  });
+
+  describe('verifyPassword', () => {
+    it('should verify correct password', async () => {
+      const user = await User.create(validUserData);
+
+      const isValid = await user.verifyPassword('password123');
+      expect(isValid).toBe(true);
+    });
+
+    it('should reject incorrect password', async () => {
+      const user = await User.create(validUserData);
+
+      const isValid = await user.verifyPassword('wrongpassword');
+      expect(isValid).toBe(false);
+    });
+  });
+
+  describe('updateProfile', () => {
+    it('should update email only', async () => {
+      const user = await User.create(validUserData);
+      const originalPassword = user.password;
+
+      await user.updateProfile({ email: 'updated@example.com' });
+
+      expect(user.email).toBe('updated@example.com');
+      expect(user.password).toBe(originalPassword); // unchanged
+    });
+
+    it('should update password only', async () => {
+      const user = await User.create(validUserData);
+      const originalEmail = user.email;
+      const originalPassword = user.password;
+
+      await user.updateProfile({ password: 'newpassword456' });
+
+      expect(user.email).toBe(originalEmail); // unchanged
+      expect(user.password).not.toBe(originalPassword);
+    });
+
+    it('should update both email and password', async () => {
+      const user = await User.create(validUserData);
+      const originalPassword = user.password;
+
+      await user.updateProfile({
+        email: 'both@example.com',
+        password: 'bothupdate789',
+      });
+
+      expect(user.email).toBe('both@example.com');
+      expect(user.password).not.toBe(originalPassword);
+    });
+
+    it('should not update timestamp if no changes', async () => {
+      const user = await User.create(validUserData);
+      const originalUpdatedAt = user.updatedAt;
+
+      await user.updateProfile({ email: user.email }); // same email
+
+      expect(user.updatedAt.getTime()).toBe(originalUpdatedAt.getTime());
+    });
+  });
+
+  describe('toPersistence', () => {
+    it('should return persistence data format', async () => {
+      const user = await User.create(validUserData);
+      const persistenceData = user.toPersistence();
+
+      expect(persistenceData).toEqual({
+        id: user.id,
+        email: user.email,
+        password: user.password,
+        createdAt: user.createdAt,
+        updatedAt: user.updatedAt,
+      });
+    });
+  });
+
+  describe('toResponse', () => {
+    it('should return response format without password', async () => {
+      const user = await User.create(validUserData);
+      const responseData = user.toResponse();
+
+      expect(responseData).toEqual({
+        id: user.id,
+        email: user.email,
+        createdAt: user.createdAt,
+        updatedAt: user.updatedAt,
+      });
+      expect(responseData).not.toHaveProperty('password');
+    });
+  });
+
+  describe('equals', () => {
+    it('should return true for same user ID', async () => {
+      const userData1 = { ...validUserData };
+      const userData2 = { ...validUserData, email: 'different@example.com' };
+
+      const user1 = await User.create(userData1);
+      const user2 = User.fromPersistence({
+        id: user1.id,
+        email: userData2.email,
+        password: 'different',
+      });
+
+      expect(user1.equals(user2)).toBe(true);
+    });
+
+    it('should return false for different user ID', async () => {
+      const user1 = await User.create(validUserData);
+      const user2 = await User.create({ ...validUserData, email: 'other@example.com' });
+
+      expect(user1.equals(user2)).toBe(false);
+    });
+  });
+
+  describe('defensive copying', () => {
+    it('should return defensive copies of dates', async () => {
+      const user = await User.create(validUserData);
+
+      const createdAt1 = user.createdAt;
+      const createdAt2 = user.createdAt;
+
+      expect(createdAt1).not.toBe(createdAt2); // different instances
+      expect(createdAt1.getTime()).toBe(createdAt2.getTime()); // same time
+
+      // Modifying returned date should not affect internal state
+      createdAt1.setTime(0);
+      expect(user.createdAt.getTime()).not.toBe(0);
+    });
+  });
+});

package/devtools/jest/src/test/unit/services/auth.service.spec.ts

@@ -0,0 +1,75 @@
+import { compare, hash } from 'bcryptjs';
+import { CreateUserDto } from '@dtos/users.dto';
+import { User } from '@entities/user.entity';
+import { UsersRepository } from '@repositories/users.repository';
+import { AuthService } from '@services/auth.service';
+
+describe('AuthService (with UserMemoryRepository)', () => {
+  let authService: AuthService;
+  let userRepo: UsersRepository;
+
+  beforeEach(async () => {
+    userRepo = new UsersRepository();
+    authService = new AuthService(userRepo);
+  });
+
+  it('should sign up a new user', async () => {
+    const dto: CreateUserDto = {
+      email: 'newuser@example.com',
+      password: 'newpassword123',
+    };
+    const created = await authService.signup(dto);
+    expect(created.email).toBe(dto.email);
+
+    const found = await userRepo.findByEmail(dto.email);
+    expect(found).toBeDefined();
+    expect(await compare(dto.password, found!.password)).toBe(true);
+  });
+
+  it('should throw an error if email is already in use', async () => {
+    // First create a user
+    const existingUser = await User.create({
+      email: 'existing@example.com',
+      password: 'password123',
+    });
+    await userRepo.save(existingUser);
+
+    const dto: CreateUserDto = {
+      email: 'existing@example.com',
+      password: 'anypass1',
+    };
+    await expect(authService.signup(dto)).rejects.toThrow(/already/);
+  });
+
+  it('should return user and cookie on successful login', async () => {
+    // Create user using Entity
+    const plainPassword = 'mySecret123';
+    const email = 'loginuser@example.com';
+    const user = await User.create({ email, password: plainPassword });
+    await userRepo.save(user);
+
+    const result = await authService.login({ email, password: plainPassword });
+    expect(result.user.email).toBe(email);
+    expect(result.cookie).toContain('Authorization=');
+  });
+
+  it('should throw an error if email or password is incorrect', async () => {
+    // Non-existing email
+    await expect(
+      authService.login({ email: 'nobody@example.com', password: 'wrongpass1' }),
+    ).rejects.toThrow(/Invalid email or password/i);
+
+    // Create user and test wrong password
+    const user = await User.create({ email: 'test@example.com', password: 'correctpass1' });
+    await userRepo.save(user);
+
+    await expect(
+      authService.login({ email: 'test@example.com', password: 'wrongpass2' }),
+    ).rejects.toThrow(/password/i);
+  });
+
+  it('should successfully logout without errors', async () => {
+    const user = await User.create({ email: 'logout@example.com', password: 'password123' });
+    await expect(authService.logout(user)).resolves.toBeUndefined();
+  });
+});