vasp-cli 0.3.0 → 0.4.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vasp-cli",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "description": "The Vasp CLI — declarative full-stack framework for Vue developers",
   "license": "Apache-2.0",
   "type": "module",

package/starters/recipe.vasp

@@ -0,0 +1,79 @@
+app RecipeApp {
+  title: "Recipe App"
+  db: Drizzle
+  ssr: false
+  typescript: false
+}
+
+auth RecipeAuth {
+  userEntity: User
+  methods: [usernameAndPassword]
+}
+
+entity User {
+  id: Int @id
+  username: String @unique
+  password: String
+  createdAt: DateTime @default(now)
+}
+
+entity Recipe {
+  id: Int @id
+  title: String
+  description: String
+  ingredients: String
+  instructions: String
+  cookTime: Int
+  servings: Int
+  imageUrl: String
+  createdAt: DateTime @default(now)
+}
+
+route HomeRoute {
+  path: "/"
+  to: HomePage
+}
+
+route RecipesRoute {
+  path: "/recipes"
+  to: RecipesPage
+}
+
+route AddRecipeRoute {
+  path: "/recipes/add"
+  to: AddRecipePage
+}
+
+page HomePage {
+  component: import Home from "@src/pages/Home.vue"
+}
+
+page RecipesPage {
+  component: import Recipes from "@src/pages/Recipes.vue"
+}
+
+page AddRecipePage {
+  component: import AddRecipe from "@src/pages/AddRecipe.vue"
+}
+
+crud Recipe {
+  entity: Recipe
+  operations: [list, create, update, delete]
+}
+
+query getRecipes {
+  fn: import { getRecipes } from "@src/queries.js"
+  entities: [Recipe]
+}
+
+action createRecipe {
+  fn: import { createRecipe } from "@src/actions.js"
+  entities: [Recipe]
+  auth: true
+}
+
+action deleteRecipe {
+  fn: import { deleteRecipe } from "@src/actions.js"
+  entities: [Recipe]
+  auth: true
+}

package/templates/shared/auth/client/Login.vue.hbs

@@ -38,7 +38,7 @@ async function handleLogin() {
     await login(username.value, password.value)
     router.push('/')
   } catch (err) {
-    error.value = err?.data?.error || 'Login failed'
+    error.value = err?.data?.error || err?.message || 'Login failed'
   } finally {
     loading.value = false
   }

package/templates/shared/auth/client/Register.vue.hbs

@@ -34,7 +34,7 @@ async function handleRegister() {
     await register(username.value, password.value, email.value || undefined)
     router.push('/')
   } catch (err) {
-    error.value = err?.data?.error || 'Registration failed'
+    error.value = err?.data?.error || err?.message || 'Registration failed'
   } finally {
     loading.value = false
   }

package/templates/shared/drizzle/drizzle.config.hbs

@@ -0,0 +1,10 @@
+import { defineConfig } from 'drizzle-kit'
+
+export default defineConfig({
+  schema: './drizzle/schema.{{ext}}',
+  out: './drizzle/migrations',
+  dialect: 'postgresql',
+  dbCredentials: {
+    url: process.env.DATABASE_URL,
+  },
+})

package/templates/shared/drizzle/schema.hbs

@@ -1,4 +1,4 @@
-import { pgTable, serial, text, timestamp, boolean } from 'drizzle-orm/pg-core'
+import { pgTable, serial, text, integer, boolean, timestamp, doublePrecision } from 'drizzle-orm/pg-core'
 {{#if isTypeScript}}
 import type { InferSelectModel, InferInsertModel } from 'drizzle-orm'
 {{/if}}
@@ -21,14 +21,25 @@ export type NewUser = InferInsertModel<typeof users>
 {{/if}}
 
 {{/if}}
-{{#each cruds}}
-// {{entity}} table — add your columns below
+{{#each crudsWithFields}}
+{{#if hasEntity}}
+// {{entity}} table — generated from entity block
+export const {{camelCase entity}}s = pgTable('{{camelCase entity}}s', {
+{{#each fields}}
+  {{camelCase name}}: {{{drizzleColumn name type modifiers}}},
+{{/each}}
+  createdAt: timestamp('created_at').defaultNow().notNull(),
+  updatedAt: timestamp('updated_at').defaultNow().notNull(),
+})
+{{else}}
+// {{entity}} table — no entity block found, add your columns below
 export const {{camelCase entity}}s = pgTable('{{camelCase entity}}s', {
   id: serial('id').primaryKey(),
   // TODO: Add your {{entity}} columns here
   createdAt: timestamp('created_at').defaultNow().notNull(),
   updatedAt: timestamp('updated_at').defaultNow().notNull(),
 })
+{{/if}}
 {{#if ../isTypeScript}}
 export type {{pascalCase entity}} = InferSelectModel<typeof {{camelCase entity}}s>
 export type New{{pascalCase entity}} = InferInsertModel<typeof {{camelCase entity}}s>

package/templates/shared/jobs/_job.hbs

@@ -12,13 +12,23 @@ export async function register{{pascalCase name}}Worker() {
   await boss.work(JOB_NAME, async (job) => {
     await {{namedExport}}(job.data)
   })
+{{#if hasSchedule}}
+
+  // Register cron schedule: {{schedule}}
+  await boss.schedule(JOB_NAME, '{{schedule}}', {})
+{{/if}}
 }
 
 /**
- * Schedule a '{{name}}' job.
+ * Schedule a '{{name}}' job on demand.
  * @param {unknown} data - Data to pass to the job handler
  */
 export async function schedule{{pascalCase name}}(data) {
   const boss = await getBoss()
-  return boss.send(JOB_NAME, data)
+  return boss.send(JOB_NAME, data, {
+    retryLimit: Number(process.env.JOB_RETRY_LIMIT) || 3,
+    retryDelay: Number(process.env.JOB_RETRY_DELAY) || 60,
+    retryBackoff: true,
+    expireInMinutes: Number(process.env.JOB_EXPIRE_MINUTES) || 15,
+  })
 }

package/templates/shared/package.json.hbs

@@ -7,7 +7,10 @@
     "dev": "vasp start",
     "build": "vasp build",
     "dev:server": "bun --hot server/index.{{ext}}",
-    "dev:client": "{{#if isSpa}}vite{{else}}nuxt dev{{/if}}"
+    "dev:client": "{{#if isSpa}}vite{{else}}nuxt dev{{/if}}",
+    "db:generate": "bunx drizzle-kit generate",
+    "db:migrate": "bunx drizzle-kit migrate",
+    "db:studio": "bunx drizzle-kit studio"
   },
   "dependencies": {
     "@vasp-framework/runtime": "^0.1.0",

package/templates/shared/server/index.hbs

@@ -2,6 +2,10 @@ import { Elysia } from 'elysia'
 import { cors } from '@elysiajs/cors'
 import { staticPlugin } from '@elysiajs/static'
 import { db } from './db/client.{{ext}}'
+import { rateLimit } from './middleware/rateLimit.{{ext}}'
+{{#if isSsr}}
+import { csrfProtection } from './middleware/csrf.{{ext}}'
+{{/if}}
 {{#if hasAuth}}
 import { authRoutes } from './auth/index.{{ext}}'
 {{/if}}
@@ -28,6 +32,10 @@ const app = new Elysia()
     origin: process.env.CORS_ORIGIN || 'http://localhost:{{frontendPort}}',
     credentials: true,
   }))
+  .use(rateLimit())
+{{#if isSsr}}
+  .use(csrfProtection())
+{{/if}}
   .get('/api/health', () => ({ status: 'ok', version: '{{vaspVersion}}' }))
 {{#if hasAuth}}
   .use(authRoutes)

package/templates/shared/server/middleware/csrf.hbs

@@ -0,0 +1,34 @@
+import { Elysia } from 'elysia'
+import { randomBytes } from 'node:crypto'
+
+const CSRF_COOKIE = 'vasp-csrf'
+const CSRF_HEADER = 'x-csrf-token'
+const SAFE_METHODS = new Set(['GET', 'HEAD', 'OPTIONS'])
+
+/**
+ * CSRF protection middleware — double-submit cookie pattern.
+ * On every response, sets a CSRF cookie with a random token.
+ * On state-changing requests (POST, PUT, DELETE), validates that the
+ * x-csrf-token header matches the cookie value.
+ */
+export function csrfProtection() {
+  return new Elysia({ name: 'csrf' })
+    .onRequest(({ request, set, cookie }) => {
+      // Generate token if not already set
+      if (!cookie[CSRF_COOKIE]?.value) {
+        const token = randomBytes(32).toString('hex')
+        cookie[CSRF_COOKIE].set({ value: token, httpOnly: false, sameSite: 'strict', path: '/' })
+      }
+
+      // Skip validation for safe methods
+      if (SAFE_METHODS.has(request.method)) return
+
+      const cookieToken = cookie[CSRF_COOKIE]?.value
+      const headerToken = request.headers.get(CSRF_HEADER)
+
+      if (!cookieToken || !headerToken || cookieToken !== headerToken) {
+        set.status = 403
+        return { error: 'CSRF token mismatch' }
+      }
+    })
+}

package/templates/shared/server/middleware/rateLimit.hbs

@@ -0,0 +1,44 @@
+import { Elysia } from 'elysia'
+
+const MAX_REQUESTS = Number(process.env.RATE_LIMIT_MAX) || 100
+const WINDOW_MS = Number(process.env.RATE_LIMIT_WINDOW_MS) || 60_000
+
+const hits = new Map()
+
+// Clean up expired entries every 60 seconds
+setInterval(() => {
+  const now = Date.now()
+  for (const [key, entry] of hits) {
+    if (now - entry.start > WINDOW_MS) hits.delete(key)
+  }
+}, 60_000)
+
+/**
+ * Simple in-memory sliding-window rate limiter.
+ * Limits each IP to MAX_REQUESTS per WINDOW_MS.
+ */
+export function rateLimit() {
+  return new Elysia({ name: 'rate-limit' })
+    .onBeforeHandle(({ request, set }) => {
+      const ip = request.headers.get('x-forwarded-for')
+        || request.headers.get('x-real-ip')
+        || 'unknown'
+      const now = Date.now()
+      let entry = hits.get(ip)
+
+      if (!entry || now - entry.start > WINDOW_MS) {
+        entry = { start: now, count: 0 }
+        hits.set(ip, entry)
+      }
+
+      entry.count++
+
+      set.headers['x-ratelimit-limit'] = String(MAX_REQUESTS)
+      set.headers['x-ratelimit-remaining'] = String(Math.max(0, MAX_REQUESTS - entry.count))
+
+      if (entry.count > MAX_REQUESTS) {
+        set.status = 429
+        return { error: 'Too many requests. Please try again later.' }
+      }
+    })
+}

package/templates/shared/server/routes/crud/_crud.hbs

@@ -1,23 +1,61 @@
 import { Elysia, t } from 'elysia'
 import { db } from '../../db/client.{{ext}}'
-import { eq } from 'drizzle-orm'
+import { eq, sql, asc, desc, and, ilike } from 'drizzle-orm'
 import { {{camelCase entity}}s } from '../../../drizzle/schema.{{ext}}'
 {{#if hasAuth}}
 import { requireAuth } from '../../auth/middleware.{{ext}}'
 {{/if}}
+{{#if hasRealtime}}
+import { publish{{pascalCase entity}} } from '../realtime/{{camelCase realtimeName}}.{{ext}}'
+{{/if}}
 
 export const {{camelCase entity}}CrudRoutes = new Elysia({ prefix: '/api/crud/{{camelCase entity}}' })
 {{#if hasAuth}}
   .use(requireAuth)
 {{/if}}
 {{#if (includes operations "list")}}
-  .get('/', async () => {
-    return db.select().from({{camelCase entity}}s)
+  .get('/', async ({ query }) => {
+    const limit = Math.min(Math.max(Number(query.limit) || 20, 1), 100)
+    const offset = Math.max(Number(query.offset) || 0, 0)
+
+    const table = {{camelCase entity}}s
+
+    // Multi-column sorting: orderBy=col1,col2 & dir=asc,desc
+    const orderByFields = (query.orderBy ?? 'id').split(',')
+    const directions = (query.dir ?? 'asc').split(',')
+    const orderClauses = orderByFields.map((field, i) => {
+      const col = table[field.trim()] ?? table.id
+      const dirFn = (directions[i] ?? directions[0] ?? 'asc').trim() === 'desc' ? desc : asc
+      return dirFn(col)
+    })
+
+    // Build WHERE conditions from filter.* query params
+    const conditions = []
+    for (const [key, value] of Object.entries(query)) {
+      if (!key.startsWith('filter.')) continue
+      const field = key.slice(7)
+      if (!table[field]) continue
+      conditions.push(eq(table[field], value))
+    }
+    const where = conditions.length > 0 ? and(...conditions) : undefined
+
+    const baseQuery = db.select().from(table)
+    const countQuery = db.select({ count: sql`count(*)::int` }).from(table)
+
+    const [data, countResult] = await Promise.all([
+      (where ? baseQuery.where(where) : baseQuery).orderBy(...orderClauses).limit(limit).offset(offset),
+      where ? countQuery.where(where) : countQuery,
+    ])
+
+    return { data, total: countResult[0]?.count ?? 0, limit, offset }
   })
 {{/if}}
 {{#if (includes operations "create")}}
   .post('/', async ({ body }) => {
     const [created] = await db.insert({{camelCase entity}}s).values(body).returning()
+{{#if hasRealtime}}
+    publish{{pascalCase entity}}('created', created)
+{{/if}}
     return created
   })
 {{/if}}
@@ -30,6 +68,9 @@ export const {{camelCase entity}}CrudRoutes = new Elysia({ prefix: '/api/crud/{{
   .put('/:id', async ({ params: { id }, body, set }) => {
     const [updated] = await db.update({{camelCase entity}}s).set(body).where(eq({{camelCase entity}}s.id, Number(id))).returning()
     if (!updated) { set.status = 404; return { error: 'Not found' } }
+{{#if hasRealtime}}
+    publish{{pascalCase entity}}('updated', updated)
+{{/if}}
     return updated
   })
 {{/if}}
@@ -37,6 +78,9 @@ export const {{camelCase entity}}CrudRoutes = new Elysia({ prefix: '/api/crud/{{
   .delete('/:id', async ({ params: { id }, set }) => {
     const [deleted] = await db.delete({{camelCase entity}}s).where(eq({{camelCase entity}}s.id, Number(id))).returning()
     if (!deleted) { set.status = 404; return { error: 'Not found' } }
+{{#if hasRealtime}}
+    publish{{pascalCase entity}}('deleted', deleted)
+{{/if}}
     return { ok: true }
   })
 {{/if}}

package/templates/shared/server/routes/realtime/_channel.hbs

@@ -1,30 +1,78 @@
 import { Elysia } from 'elysia'
+{{#if ../hasAuth}}
+import jwt from '@elysiajs/jwt'
+{{/if}}
 
-// In-process subscriber set for '{{name}}' channel
-// Swap this for a Redis adapter in production multi-instance deployments
-const subscribers = new Set()
+// Room-based subscriber map for '{{name}}' channel
+// Each room key maps to a set of connected WebSocket clients
+const rooms = new Map()
+
+function getRoom(roomId) {
+  if (!rooms.has(roomId)) rooms.set(roomId, new Set())
+  return rooms.get(roomId)
+}
 
 /**
- * Publish a realtime event to all connected subscribers of '{{name}}'.
+ * Publish a realtime event to all subscribers in a specific room of '{{name}}'.
  * Called automatically by CRUD mutation handlers.
  */
-export function publish{{pascalCase name}}(event, data) {
+export function publish{{pascalCase name}}(event, data, roomId = 'default') {
+  const room = rooms.get(roomId)
+  if (!room) return
+  const message = JSON.stringify({ channel: '{{camelCase name}}', room: roomId, event, data })
+  for (const ws of room) {
+    try { ws.send(message) } catch { room.delete(ws) }
+  }
+}
+
+/**
+ * Broadcast to all rooms of '{{name}}'.
+ */
+export function broadcast{{pascalCase name}}(event, data) {
   const message = JSON.stringify({ channel: '{{camelCase name}}', event, data })
-  for (const ws of subscribers) {
-    try { ws.send(message) } catch { subscribers.delete(ws) }
+  for (const [, room] of rooms) {
+    for (const ws of room) {
+      try { ws.send(message) } catch { room.delete(ws) }
+    }
   }
 }
 
 export const {{camelCase name}}Channel = new Elysia()
+{{#if ../hasAuth}}
+  .use(jwt({ name: 'jwt', secret: process.env.JWT_SECRET || 'vasp-dev-secret' }))
+{{/if}}
   .ws('/ws/{{camelCase name}}', {
+{{#if ../hasAuth}}
+    async beforeHandle({ jwt: jwtPlugin, request }) {
+      const url = new URL(request.url)
+      const token = url.searchParams.get('token')
+      if (!token) return new Response('Unauthorized', { status: 401 })
+      const payload = await jwtPlugin.verify(token)
+      if (!payload) return new Response('Unauthorized', { status: 401 })
+    },
+{{/if}}
     open(ws) {
-      subscribers.add(ws)
+      const room = ws.data?.query?.room ?? 'default'
+      getRoom(room).add(ws)
+      ws.data._room = room
     },
     message(ws, msg) {
-      // Echo back for debugging; extend for room-based subscriptions
+      // Client can switch rooms via { action: 'join', room: 'roomId' }
+      try {
+        const parsed = typeof msg === 'string' ? JSON.parse(msg) : msg
+        if (parsed.action === 'join' && parsed.room) {
+          const oldRoom = ws.data._room
+          if (oldRoom) rooms.get(oldRoom)?.delete(ws)
+          ws.data._room = parsed.room
+          getRoom(parsed.room).add(ws)
+          ws.send(JSON.stringify({ ack: 'joined', room: parsed.room }))
+          return
+        }
+      } catch { /* ignore parse errors */ }
       ws.send(JSON.stringify({ ack: msg }))
     },
     close(ws) {
-      subscribers.delete(ws)
+      const room = ws.data?._room
+      if (room) rooms.get(room)?.delete(ws)
     },
   })

package/templates/ssr/js/plugins/vasp.client.js.hbs

@@ -2,6 +2,11 @@
 // Runs only on the client after hydration — routes calls to the Elysia backend via ofetch
 import { $fetch } from 'ofetch'
 
+function getCsrfToken() {
+  const match = document.cookie.match(/(?:^|;\s*)vasp-csrf=([^;]*)/)
+  return match ? decodeURIComponent(match[1]) : undefined
+}
+
 export default defineNuxtPlugin((nuxtApp) => {
   const config = useRuntimeConfig()
   const baseURL = config.public.apiBase
@@ -11,7 +16,12 @@ export default defineNuxtPlugin((nuxtApp) => {
       return $fetch(`/queries/${name}`, { baseURL, method: 'GET', query: args })
     },
     async action(name, args) {
-      return $fetch(`/actions/${name}`, { baseURL, method: 'POST', body: args })
+      return $fetch(`/actions/${name}`, {
+        baseURL,
+        method: 'POST',
+        body: args,
+        headers: { 'x-csrf-token': getCsrfToken() ?? '' },
+      })
     },
   })
 })

package/templates/ssr/ts/plugins/vasp.client.ts.hbs

@@ -2,6 +2,11 @@
 // Runs only on the client after hydration — routes calls to the Elysia backend via ofetch
 import { $fetch } from 'ofetch'
 
+function getCsrfToken(): string | undefined {
+  const match = document.cookie.match(/(?:^|;\s*)vasp-csrf=([^;]*)/)
+  return match ? decodeURIComponent(match[1]) : undefined
+}
+
 export default defineNuxtPlugin((nuxtApp) => {
   const config = useRuntimeConfig()
   const baseURL = config.public.apiBase as string
@@ -11,7 +16,12 @@ export default defineNuxtPlugin((nuxtApp) => {
       return $fetch<T>(`/queries/${name}`, { baseURL, method: 'GET', query: args as Record<string, unknown> })
     },
     async action<T = unknown>(name: string, args?: unknown): Promise<T> {
-      return $fetch<T>(`/actions/${name}`, { baseURL, method: 'POST', body: args })
+      return $fetch<T>(`/actions/${name}`, {
+        baseURL,
+        method: 'POST',
+        body: args,
+        headers: { 'x-csrf-token': getCsrfToken() ?? '' },
+      })
     },
   })
 })

package/templates/templates/shared/.env.hbs

@@ -0,0 +1,14 @@
+DATABASE_URL=postgres://user:password@localhost:5432/{{kebabCase appName}}
+PORT={{backendPort}}
+VITE_API_URL=http://localhost:{{backendPort}}/api
+{{#if hasAuth}}
+JWT_SECRET=change-me-in-production
+{{#if (includes authMethods "google")}}
+GOOGLE_CLIENT_ID=
+GOOGLE_CLIENT_SECRET=
+{{/if}}
+{{#if (includes authMethods "github")}}
+GITHUB_CLIENT_ID=
+GITHUB_CLIENT_SECRET=
+{{/if}}
+{{/if}}

package/templates/templates/shared/README.md.hbs

@@ -0,0 +1,53 @@
+# {{appTitle}}
+
+A full-stack app built with [Vasp](https://github.com/AliBeigi/Vasp).
+
+## Getting Started
+
+```bash
+# Install dependencies
+bun install
+
+# Set up your database
+# Make sure PostgreSQL is running, then push the schema:
+bun run db:push
+
+# Start the dev server (backend + frontend)
+vasp start
+```
+
+## Project Structure
+
+```
+main.vasp          # Vasp declarative config
+server/            # Elysia backend
+  routes/          # API routes (queries, actions, CRUD)
+  db/              # Drizzle DB client
+  middleware/      # Rate limiting{{#if hasAuth}}, auth{{/if}}
+{{#if hasJobs}}  jobs/            # Background jobs (PgBoss)
+{{/if}}src/               # Frontend source
+  pages/           # Vue page components
+  components/      # Shared components
+drizzle/           # Database schema & migrations
+```
+
+## Scripts
+
+| Command | Description |
+|---------|-------------|
+| `vasp start` | Start dev server (backend + frontend) |
+| `vasp build` | Production build |
+| `bun run db:push` | Push schema to database |
+| `bun run db:generate` | Generate a migration |
+| `bun run db:migrate` | Run migrations |
+| `bun run db:studio` | Open Drizzle Studio |
+
+## Environment Variables
+
+Copy `.env.example` to `.env` and update the values:
+
+- `DATABASE_URL` — PostgreSQL connection string
+- `PORT` — Backend server port (default: {{backendPort}})
+- `VITE_API_URL` — Frontend API base URL
+{{#if hasAuth}}- `JWT_SECRET` — Secret for JWT token signing
+{{/if}}

package/templates/templates/shared/auth/server/index.hbs

@@ -1,9 +1,8 @@
 import { Elysia } from 'elysia'
-import { jwt } from '@elysiajs/jwt'
-import { cookie } from '@elysiajs/cookie'
 import { db } from '../db/client.{{ext}}'
 import { users } from '../../drizzle/schema.{{ext}}'
 import { eq } from 'drizzle-orm'
+import { authPlugin } from './plugin.{{ext}}'
 {{#if (includes authMethods "usernameAndPassword")}}
 import { usernameAndPasswordRoutes } from './providers/usernameAndPassword.{{ext}}'
 {{/if}}
@@ -14,13 +13,9 @@ import { googleRoutes } from './providers/google.{{ext}}'
 import { githubRoutes } from './providers/github.{{ext}}'
 {{/if}}
 
-const JWT_SECRET = process.env.JWT_SECRET || 'change-me-in-production'
+export { authPlugin } from './plugin.{{ext}}'
 
-export const authPlugin = new Elysia({ name: 'auth-plugin' })
-  .use(jwt({ name: 'jwt', secret: JWT_SECRET }))
-  .use(cookie())
-
-export const authRoutes = new Elysia({ prefix: '/auth' })
+export const authRoutes = new Elysia({ prefix: '/api/auth' })
   .use(authPlugin)
 {{#if (includes authMethods "usernameAndPassword")}}
   .use(usernameAndPasswordRoutes)

package/templates/templates/shared/auth/server/plugin.hbs

@@ -0,0 +1,9 @@
+import { Elysia } from 'elysia'
+import { jwt } from '@elysiajs/jwt'
+import { cookie } from '@elysiajs/cookie'
+
+const JWT_SECRET = process.env.JWT_SECRET || 'change-me-in-production'
+
+export const authPlugin = new Elysia({ name: 'auth-plugin' })
+  .use(jwt({ name: 'jwt', secret: JWT_SECRET }))
+  .use(cookie())

package/templates/templates/shared/auth/server/providers/github.hbs

@@ -2,7 +2,7 @@ import { Elysia } from 'elysia'
 import { db } from '../../db/client.{{ext}}'
 import { users } from '../../../drizzle/schema.{{ext}}'
 import { eq } from 'drizzle-orm'
-import { authPlugin } from '../index.{{ext}}'
+import { authPlugin } from '../plugin.{{ext}}'
 
 const GITHUB_CLIENT_ID = process.env.GITHUB_CLIENT_ID || ''
 const GITHUB_CLIENT_SECRET = process.env.GITHUB_CLIENT_SECRET || ''

package/templates/templates/shared/auth/server/providers/google.hbs

@@ -2,7 +2,7 @@ import { Elysia } from 'elysia'
 import { db } from '../../db/client.{{ext}}'
 import { users } from '../../../drizzle/schema.{{ext}}'
 import { eq } from 'drizzle-orm'
-import { authPlugin } from '../index.{{ext}}'
+import { authPlugin } from '../plugin.{{ext}}'
 
 const GOOGLE_CLIENT_ID = process.env.GOOGLE_CLIENT_ID || ''
 const GOOGLE_CLIENT_SECRET = process.env.GOOGLE_CLIENT_SECRET || ''