vasp-cli 0.3.1 → 0.9.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vasp-cli",
-  "version": "0.3.1",
+  "version": "0.9.0",
   "description": "The Vasp CLI — declarative full-stack framework for Vue developers",
   "license": "Apache-2.0",
   "type": "module",
@@ -14,7 +14,7 @@
     "README.md"
   ],
   "scripts": {
-    "build": "bun build ./bin/vasp.ts --target=bun --outfile=dist/vasp --minify --banner='#!/usr/bin/env bun' && chmod +x dist/vasp && cp -r ../../templates ./templates",
+    "build": "rm -rf dist templates starters && bun build ./bin/vasp.ts --target=bun --outfile=dist/vasp --minify --banner='#!/usr/bin/env bun' && chmod +x dist/vasp && mkdir -p templates starters && cp -R ../../templates/. ./templates && cp -R ../../templates/starters/. ./starters",
     "test": "vitest run"
   },
   "dependencies": {

package/starters/minimal.vasp

@@ -1,5 +1,5 @@
 app MinimalApp {
-  title: "My Vasp App"
+  title: "Minimal App"
   db: Drizzle
   ssr: false
   typescript: false

package/starters/recipe.vasp

@@ -0,0 +1,70 @@
+app RecipeApp {
+  title: "Recipe App"
+  db: Drizzle
+  ssr: false
+  typescript: false
+}
+
+auth RecipeAuth {
+  userEntity: User
+  methods: [usernameAndPassword]
+}
+
+entity Recipe {
+  id: Int @id
+  title: String
+  description: String
+  ingredients: String
+  instructions: String
+  author: String
+}
+
+route HomeRoute {
+  path: "/"
+  to: HomePage
+}
+
+route RecipesRoute {
+  path: "/recipes"
+  to: RecipesPage
+}
+
+route AddRecipeRoute {
+  path: "/recipes/new"
+  to: AddRecipePage
+}
+
+page HomePage {
+  component: import HomePage from "@src/pages/HomePage.vue"
+}
+
+page RecipesPage {
+  component: import RecipesPage from "@src/pages/RecipesPage.vue"
+}
+
+page AddRecipePage {
+  component: import AddRecipePage from "@src/pages/AddRecipePage.vue"
+}
+
+query getRecipes {
+  fn: import { getRecipes } from "@src/queries.js"
+  entities: [Recipe]
+  auth: true
+}
+
+action createRecipe {
+  fn: import { createRecipe } from "@src/actions.js"
+  entities: [Recipe]
+  auth: true
+}
+
+action deleteRecipe {
+  fn: import { deleteRecipe } from "@src/actions.js"
+  entities: [Recipe]
+  auth: true
+}
+
+crud Recipe {
+  entity: Recipe
+  operations: [list, create, update, delete]
+}

package/starters/todo-auth-ssr.vasp

@@ -1,52 +1,65 @@
-app TodoSsrApp {
-  title: "Todo App (SSR + Auth)"
+app TodoAuthSsrApp {
+  title: "Todo App"
   db: Drizzle
   ssr: true
-  typescript: true
+  typescript: false
 }
 
-auth UserAuth {
+auth TodoAuth {
   userEntity: User
   methods: [usernameAndPassword]
 }
 
-route HomeRoute {
-  path: "/"
-  to: TodoPage
+entity User {
+  id: Int @id
+  username: String @unique
+  email: String @unique
 }
 
-route DashboardRoute {
-  path: "/dashboard"
-  to: DashboardPage
+entity Todo {
+  id: Int @id
+  title: String
+  done: Boolean
+  createdAt: DateTime @default(now)
 }
 
-page TodoPage {
-  component: import TodoPage from "@src/pages/TodoPage.vue"
+route HomeRoute {
+  path: "/"
+  to: HomePage
 }
 
-page DashboardPage {
-  component: import DashboardPage from "@src/pages/DashboardPage.vue"
+route TodoRoute {
+  path: "/todos"
+  to: TodoPage
 }
 
-crud Todo {
-  entity: Todo
-  operations: [list, create, update, delete]
+page HomePage {
+  component: import Home from "@src/pages/Home.vue"
+}
+
+page TodoPage {
+  component: import TodoList from "@src/pages/TodoList.vue"
 }
 
 query getTodos {
-  fn: import { getTodos } from "@src/queries.ts"
+  fn: import { getTodos } from "@src/queries.js"
   entities: [Todo]
   auth: true
 }
 
 action createTodo {
-  fn: import { createTodo } from "@src/actions.ts"
+  fn: import { createTodo } from "@src/actions.js"
   entities: [Todo]
   auth: true
 }
 
 action deleteTodo {
-  fn: import { deleteTodo } from "@src/actions.ts"
+  fn: import { deleteTodo } from "@src/actions.js"
   entities: [Todo]
   auth: true
 }
+
+crud Todo {
+  entity: Todo
+  operations: [list, create, update, delete]
+}

package/starters/todo.vasp

@@ -5,18 +5,20 @@ app TodoApp {
   typescript: false
 }
 
-route HomeRoute {
-  path: "/"
-  to: TodoPage
+entity Todo {
+  id: Int @id
+  title: String
+  done: Boolean
+  createdAt: DateTime @default(now)
 }
 
-page TodoPage {
-  component: import TodoPage from "@src/pages/TodoPage.vue"
+route HomeRoute {
+  path: "/"
+  to: HomePage
 }
 
-crud Todo {
-  entity: Todo
-  operations: [list, create, update, delete]
+page HomePage {
+  component: import Home from "@src/pages/Home.vue"
 }
 
 query getTodos {
@@ -33,3 +35,8 @@ action deleteTodo {
   fn: import { deleteTodo } from "@src/actions.js"
   entities: [Todo]
 }
+
+crud Todo {
+  entity: Todo
+  operations: [list, create, update, delete]
+}

package/templates/shared/.gitignore.hbs

@@ -2,6 +2,7 @@ node_modules
 dist
 .output
 .nuxt
+.vasp
 .vasp-gen
 .env
 .env.local

package/templates/shared/README.md.hbs

@@ -0,0 +1,53 @@
+# {{appTitle}}
+
+A full-stack app built with [Vasp](https://github.com/AliBeigi/Vasp).
+
+## Getting Started
+
+```bash
+# Install dependencies
+bun install
+
+# Set up your database
+# Make sure PostgreSQL is running, then push the schema:
+bun run db:push
+
+# Start the dev server (backend + frontend)
+vasp start
+```
+
+## Project Structure
+
+```
+main.vasp          # Vasp declarative config
+server/            # Elysia backend
+  routes/          # API routes (queries, actions, CRUD)
+  db/              # Drizzle DB client
+  middleware/      # Rate limiting{{#if hasAuth}}, auth{{/if}}
+{{#if hasJobs}}  jobs/            # Background jobs (PgBoss)
+{{/if}}src/               # Frontend source
+  pages/           # Vue page components
+  components/      # Shared components
+drizzle/           # Database schema & migrations
+```
+
+## Scripts
+
+| Command | Description |
+|---------|-------------|
+| `vasp start` | Start dev server (backend + frontend) |
+| `vasp build` | Production build |
+| `bun run db:push` | Push schema to database |
+| `bun run db:generate` | Generate a migration |
+| `bun run db:migrate` | Run migrations |
+| `bun run db:studio` | Open Drizzle Studio |
+
+## Environment Variables
+
+Copy `.env.example` to `.env` and update the values:
+
+- `DATABASE_URL` — PostgreSQL connection string
+- `PORT` — Backend server port (default: {{backendPort}})
+- `VITE_API_URL` — Frontend API base URL
+{{#if hasAuth}}- `JWT_SECRET` — Secret for JWT token signing
+{{/if}}

package/templates/shared/auth/client/Login.vue.hbs

@@ -38,7 +38,7 @@ async function handleLogin() {
     await login(username.value, password.value)
     router.push('/')
   } catch (err) {
-    error.value = err?.data?.error || 'Login failed'
+    error.value = err?.data?.error || err?.message || 'Login failed'
   } finally {
     loading.value = false
   }

package/templates/shared/auth/client/Register.vue.hbs

@@ -34,7 +34,7 @@ async function handleRegister() {
     await register(username.value, password.value, email.value || undefined)
     router.push('/')
   } catch (err) {
-    error.value = err?.data?.error || 'Registration failed'
+    error.value = err?.data?.error || err?.message || 'Registration failed'
   } finally {
     loading.value = false
   }

package/templates/shared/auth/server/index.hbs

@@ -1,9 +1,9 @@
 import { Elysia } from 'elysia'
-import { jwt } from '@elysiajs/jwt'
-import { cookie } from '@elysiajs/cookie'
 import { db } from '../db/client.{{ext}}'
 import { users } from '../../drizzle/schema.{{ext}}'
 import { eq } from 'drizzle-orm'
+import { authPlugin } from './plugin.{{ext}}'
+import { VaspError } from '../middleware/errorHandler.{{ext}}'
 {{#if (includes authMethods "usernameAndPassword")}}
 import { usernameAndPasswordRoutes } from './providers/usernameAndPassword.{{ext}}'
 {{/if}}
@@ -14,13 +14,9 @@ import { googleRoutes } from './providers/google.{{ext}}'
 import { githubRoutes } from './providers/github.{{ext}}'
 {{/if}}
 
-const JWT_SECRET = process.env.JWT_SECRET || 'change-me-in-production'
+export { authPlugin } from './plugin.{{ext}}'
 
-export const authPlugin = new Elysia({ name: 'auth-plugin' })
-  .use(jwt({ name: 'jwt', secret: JWT_SECRET }))
-  .use(cookie())
-
-export const authRoutes = new Elysia({ prefix: '/auth' })
+export const authRoutes = new Elysia({ prefix: '/api/auth' })
   .use(authPlugin)
 {{#if (includes authMethods "usernameAndPassword")}}
   .use(usernameAndPasswordRoutes)

package/templates/shared/auth/server/middleware.hbs

@@ -1,11 +1,11 @@
 import { Elysia } from 'elysia'
-import { jwt } from '@elysiajs/jwt'
-import { cookie } from '@elysiajs/cookie'
+import { jwtVerify } from 'jose'
 import { db } from '../db/client.{{ext}}'
 import { users } from '../../drizzle/schema.{{ext}}'
 import { eq } from 'drizzle-orm'
+import { VaspError } from '../middleware/errorHandler.{{ext}}'
 
-const JWT_SECRET = process.env.JWT_SECRET || 'change-me-in-production'
+const JWT_SECRET = new TextEncoder().encode(process.env.JWT_SECRET || 'change-me-in-production')
 
 /**
  * requireAuth — Elysia plugin that verifies the JWT cookie and injects `user` into the context.
@@ -15,19 +15,37 @@ const JWT_SECRET = process.env.JWT_SECRET || 'change-me-in-production'
  * new Elysia().use(requireAuth).get('/protected', ({ user }) => user)
  */
 export const requireAuth = new Elysia({ name: 'require-auth' })
-  .use(jwt({ name: 'jwt', secret: JWT_SECRET }))
-  .use(cookie())
-  .derive(async ({ jwt, cookie: { token }, set }) => {
-    const payload = await jwt.verify(token?.value ?? '')
-    if (!payload || typeof payload.userId !== 'number') {
-      set.status = 401
-      throw new Error('Unauthorized')
+  .resolve({ as: 'scoped' }, async ({ cookie }) => {
+    const tokenValue = cookie?.token?.value ?? ''
+    if (!tokenValue) return { user: null }
+    try {
+      const { payload } = await jwtVerify(tokenValue, JWT_SECRET)
+      if (!payload || typeof payload.userId !== 'number') {
+        return { user: null }
+      }
+      const [user] = await db.select().from(users).where(eq(users.id, payload.userId)).limit(1)
+      if (!user) {
+        return { user: null }
+      }
+      const { passwordHash: _ph, ...safeUser } = user
+      return { user: safeUser }
+    } catch {
+      return { user: null }
     }
-    const [user] = await db.select().from(users).where(eq(users.id, payload.userId)).limit(1)
+  })
+  .onBeforeHandle({ as: 'scoped' }, ({ user }) => {
     if (!user) {
-      set.status = 401
-      throw new Error('User not found')
+      throw new VaspError('AUTH_REQUIRED', 'Authentication required', 401)
     }
-    const { passwordHash: _ph, ...safeUser } = user
-    return { user: safeUser }
   })
+
+export function requireRole(roles{{#if isTypeScript}}: string[]{{/if}}) {
+  return new Elysia({ name: 'require-role' })
+    .use(requireAuth)
+    .onBeforeHandle({ as: 'scoped' }, ({ user }) => {
+      const userRole = typeof user?.role === 'string' ? user.role : ''
+      if (!roles.includes(userRole)) {
+        throw new VaspError('AUTH_FORBIDDEN', 'Insufficient permissions', 403)
+      }
+    })
+}

package/templates/shared/auth/server/plugin.hbs

@@ -0,0 +1,7 @@
+import { Elysia } from 'elysia'
+import { jwt } from '@elysiajs/jwt'
+
+const JWT_SECRET = process.env.JWT_SECRET || 'change-me-in-production'
+
+export const authPlugin = new Elysia({ name: 'auth-plugin' })
+  .use(jwt({ name: 'jwt', secret: JWT_SECRET }))

package/templates/shared/auth/server/providers/github.hbs

@@ -2,7 +2,7 @@ import { Elysia } from 'elysia'
 import { db } from '../../db/client.{{ext}}'
 import { users } from '../../../drizzle/schema.{{ext}}'
 import { eq } from 'drizzle-orm'
-import { authPlugin } from '../index.{{ext}}'
+import { authPlugin } from '../plugin.{{ext}}'
 
 const GITHUB_CLIENT_ID = process.env.GITHUB_CLIENT_ID || ''
 const GITHUB_CLIENT_SECRET = process.env.GITHUB_CLIENT_SECRET || ''

package/templates/shared/auth/server/providers/google.hbs

@@ -2,7 +2,7 @@ import { Elysia } from 'elysia'
 import { db } from '../../db/client.{{ext}}'
 import { users } from '../../../drizzle/schema.{{ext}}'
 import { eq } from 'drizzle-orm'
-import { authPlugin } from '../index.{{ext}}'
+import { authPlugin } from '../plugin.{{ext}}'
 
 const GOOGLE_CLIENT_ID = process.env.GOOGLE_CLIENT_ID || ''
 const GOOGLE_CLIENT_SECRET = process.env.GOOGLE_CLIENT_SECRET || ''

package/templates/shared/auth/server/providers/usernameAndPassword.hbs

@@ -2,17 +2,14 @@ import { Elysia, t } from 'elysia'
 import { db } from '../../db/client.{{ext}}'
 import { users } from '../../../drizzle/schema.{{ext}}'
 import { eq } from 'drizzle-orm'
-import { authPlugin } from '../index.{{ext}}'
+import { authPlugin } from '../plugin.{{ext}}'
 
 async function hashPassword(password{{#if isTypeScript}}: string{{/if}}) {
-  const encoder = new TextEncoder()
-  const data = encoder.encode(password)
-  const hash = await crypto.subtle.digest('SHA-256', data)
-  return Buffer.from(hash).toString('hex')
+  return Bun.password.hash(password, 'argon2id')
 }
 
 async function verifyPassword(password{{#if isTypeScript}}: string{{/if}}, hash{{#if isTypeScript}}: string{{/if}}) {
-  return (await hashPassword(password)) === hash
+  return Bun.password.verify(password, hash)
 }
 
 export const usernameAndPasswordRoutes = new Elysia()

package/templates/shared/bunfig.toml.hbs

@@ -1,2 +1,5 @@
 [install]
 exact = false
+
+[resolve]
+"@src" = "./src"

package/templates/shared/drizzle/schema.hbs

@@ -1,17 +1,25 @@
-import { pgTable, serial, text, timestamp, boolean } from 'drizzle-orm/pg-core'
+import { pgTable, text, integer, boolean, timestamp, doublePrecision, jsonb{{#if hasAnyRelations}}, relations{{/if}}{{#if hasEnums}}, pgEnum{{/if}} } from 'drizzle-orm/pg-core'
 {{#if isTypeScript}}
 import type { InferSelectModel, InferInsertModel } from 'drizzle-orm'
 {{/if}}
 
+{{#if hasEnums}}
+{{#each enumDeclarations}}
+export const {{fnName}} = pgEnum('{{dbName}}', [{{#each values}}'{{this}}'{{#unless @last}}, {{/unless}}{{/each}}])
+{{/each}}
+{{/if}}
 {{#if hasAuth}}
 // Users table — generated by Vasp auth system
 export const users = pgTable('users', {
-  id: serial('id').primaryKey(),
+  id: integer('id').primaryKey().generatedByDefaultAsIdentity(),
   username: text('username').notNull().unique(),
   email: text('email').unique(),
   passwordHash: text('password_hash'),
   googleId: text('google_id').unique(),
   githubId: text('github_id').unique(),
+{{#each authUserExtraFields}}
+  {{camelCase name}}: {{{drizzleColumn name type modifiers nullable defaultValue isUpdatedAt}}},
+{{/each}}
   createdAt: timestamp('created_at').defaultNow().notNull(),
   updatedAt: timestamp('updated_at').defaultNow().notNull(),
 })
@@ -21,17 +29,39 @@ export type NewUser = InferInsertModel<typeof users>
 {{/if}}
 
 {{/if}}
-{{#each cruds}}
-// {{entity}} table — add your columns below
-export const {{camelCase entity}}s = pgTable('{{camelCase entity}}s', {
-  id: serial('id').primaryKey(),
-  // TODO: Add your {{entity}} columns here
+{{#each entitiesWithSchema}}
+// {{name}} table — generated from entity block
+export const {{camelCase name}}s = pgTable('{{camelCase name}}s', {
+{{#each scalarFields}}
+{{#if isForeignKey}}
+  {{camelCase name}}: integer('{{camelCase name}}').notNull().references(() => {{referencedTable}}.id, { onDelete: '{{onDelete}}' }),
+{{else}}
+{{#if isEnum}}
+  {{camelCase name}}: {{enumFnName}}('{{camelCase name}}'){{#unless nullable}}.notNull(){{/unless}},
+{{else}}
+  {{camelCase name}}: {{{drizzleColumn name type modifiers nullable defaultValue isUpdatedAt}}},
+{{/if}}
+{{/if}}
+{{/each}}
   createdAt: timestamp('created_at').defaultNow().notNull(),
   updatedAt: timestamp('updated_at').defaultNow().notNull(),
 })
 {{#if ../isTypeScript}}
-export type {{pascalCase entity}} = InferSelectModel<typeof {{camelCase entity}}s>
-export type New{{pascalCase entity}} = InferInsertModel<typeof {{camelCase entity}}s>
+export type {{pascalCase name}} = InferSelectModel<typeof {{camelCase name}}s>
+export type New{{pascalCase name}} = InferInsertModel<typeof {{camelCase name}}s>
 {{/if}}
 
 {{/each}}
+{{#each entitiesWithSchema}}
+{{#if hasRelations}}
+export const {{camelCase name}}sRelations = relations({{camelCase name}}s, ({ one, many }) => ({
+{{#each manyToOne}}
+  {{camelCase name}}: one({{relatedTable}}, { fields: [{{camelCase ../name}}s.{{camelCase localField}}], references: [{{relatedTable}}.id] }),
+{{/each}}
+{{#each oneToMany}}
+  {{camelCase fieldName}}: many({{relatedTable}}),
+{{/each}}
+}))
+
+{{/if}}
+{{/each}}

package/templates/shared/jobs/_job.hbs

@@ -12,13 +12,23 @@ export async function register{{pascalCase name}}Worker() {
   await boss.work(JOB_NAME, async (job) => {
     await {{namedExport}}(job.data)
   })
+{{#if hasSchedule}}
+
+  // Register cron schedule: {{schedule}}
+  await boss.schedule(JOB_NAME, '{{schedule}}', {})
+{{/if}}
 }
 
 /**
- * Schedule a '{{name}}' job.
+ * Schedule a '{{name}}' job on demand.
  * @param {unknown} data - Data to pass to the job handler
  */
 export async function schedule{{pascalCase name}}(data) {
   const boss = await getBoss()
-  return boss.send(JOB_NAME, data)
+  return boss.send(JOB_NAME, data, {
+    retryLimit: Number(process.env.JOB_RETRY_LIMIT) || 3,
+    retryDelay: Number(process.env.JOB_RETRY_DELAY) || 60,
+    retryBackoff: true,
+    expireInMinutes: Number(process.env.JOB_EXPIRE_MINUTES) || 15,
+  })
 }

package/templates/shared/package.json.hbs

@@ -6,14 +6,23 @@
   "scripts": {
     "dev": "vasp start",
     "build": "vasp build",
+    "test": "vitest run",
     "dev:server": "bun --hot server/index.{{ext}}",
-    "dev:client": "{{#if isSpa}}vite{{else}}nuxt dev{{/if}}"
+    "dev:client": "{{#if isSpa}}vite{{else}}nuxt dev{{/if}}",
+    "db:generate": "bunx drizzle-kit generate",
+    "db:migrate": "bunx drizzle-kit migrate",
+    "db:push": "bunx drizzle-kit push",
+    "db:studio": "bunx drizzle-kit studio"{{#if seed}},
+    "db:seed": "bun server/db/seed.{{ext}}"{{/if}}
   },
   "dependencies": {
-    "@vasp-framework/runtime": "^0.1.0",
+    "@vasp-framework/runtime": "^0.4.0",
     "elysia": "^1.1.0",
     "@elysiajs/cors": "^1.1.0",
-    "@elysiajs/static": "^1.1.0",
+    "@elysiajs/static": "^1.1.0",{{#if auth}}
+    "@elysiajs/jwt": "^1.1.0",
+    "jose": "^5.0.0",{{/if}}
+    "valibot": "^1.0.0",
     "drizzle-orm": "^0.36.0",
     "postgres": "^3.4.0",
     "ofetch": "^1.3.4",
@@ -23,7 +32,8 @@
     "pg-boss": "^10.0.0"{{/if}}
   },
   "devDependencies": {
-    "drizzle-kit": "^0.28.0"{{#if isSpa}},
+    "drizzle-kit": "^0.28.0",
+    "vitest": "^2.1.9"{{#if isSpa}},
     "@vitejs/plugin-vue": "^5.2.0",
     "vite": "^6.0.0"{{/if}}{{#if isTypeScript}},
     "typescript": "^5.6.0",

package/templates/shared/server/db/client.hbs

@@ -5,8 +5,26 @@ import * as schema from '../../drizzle/schema.{{ext}}'
 const connectionString = process.env.DATABASE_URL
 
 if (!connectionString) {
-  throw new Error('DATABASE_URL environment variable is required')
+  console.error('\n✗ DATABASE_URL environment variable is required. Set it in .env\n')
+  process.exit(1)
+}
+
+if (connectionString.startsWith('postgres://user:password@localhost')) {
+  console.warn(
+    '\n⚠  DATABASE_URL looks like a placeholder. Edit .env to set your real database credentials.\n'
+  )
 }
 
 const client = postgres(connectionString)
+
+// Verify database connectivity at startup
+try {
+  await client`SELECT 1`
+} catch (err) {
+  const message = err instanceof Error ? err.message : String(err)
+  console.error('\n✗ Cannot connect to database. Verify DATABASE_URL in .env')
+  console.error(`  ${message}\n`)
+  process.exit(1)
+}
+
 export const db = drizzle(client, { schema })

package/templates/shared/server/db/seed.hbs

@@ -0,0 +1,16 @@
+import { db } from './client.{{ext}}'
+{{#if (eq seedImportKind "default")}}
+import {{seedImportName}} from '{{importPath fnSource ext}}'
+{{else}}
+import { {{seedImportName}} } from '{{importPath fnSource ext}}'
+{{/if}}
+
+async function runSeed() {
+  await {{seedImportName}}({ db })
+  console.log('✅ Seed completed')
+}
+
+runSeed().catch((error) => {
+  console.error('❌ Seed failed', error)
+  process.exit(1)
+})