feat: both nest and next backends

back-express/.blueprints/module/__kebabCase_name__/__kebabCase_name__.routes.ts

@@ -0,0 +1,21 @@
+import { Router } from "express";
+import { ResponseSuccess } from "@/utils/response/response-success.model";
+
+import {{pascalCase name}}Service from "./{{kebabCase name}}.service";
+
+export const {{camelCase name}}Routes = Router();
+
+const {{camelCase name}}Service = new {{pascalCase name}}Service();
+
+{{camelCase name}}Routes.get("/", async (_, res) => {
+  try {
+    const response = await {{camelCase name}}Service.getAll{{pascalCase name}}();
+    res.status(200);
+    res.send(new ResponseSuccess(response));
+  } catch (e) {
+    res.status(500);
+    res.send(e);
+  }
+});
+
+export { {{camelCase name}}Service };

back-express/.blueprints/module/__kebabCase_name__/__kebabCase_name__.service.ts

@@ -0,0 +1,9 @@
+class {{pascalCase name}}Service {
+  constructor(private info?: string) {}
+
+  async getAll{{pascalCase name}}() {
+    return Promise.resolve(this.info);
+  }
+}
+
+export default {{pascalCase name}}Service;

back-express/.gitignore

@@ -0,0 +1,144 @@
+# Created by https://www.toptal.com/developers/gitignore/api/node
+# Edit at https://www.toptal.com/developers/gitignore?templates=node
+
+### Node ###
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+.pnpm-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# Snowpack dependency directory (https://snowpack.dev/)
+web_modules/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional stylelint cache
+.stylelintcache
+
+# Microbundle cache
+.rpt2_cache/
+.rts2_cache_cjs/
+.rts2_cache_es/
+.rts2_cache_umd/
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variable files
+.env
+.env.development.local
+.env.test.local
+.env.production.local
+.env.local
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+.parcel-cache
+
+# Next.js build output
+.next
+out
+
+# Nuxt.js build / generate output
+.nuxt
+dist
+
+# Gatsby files
+.cache/
+# Comment in the public line in if your project uses Gatsby and not Next.js
+# https://nextjs.org/blog/next-9-1#public-directory-support
+# public
+
+# vuepress build output
+.vuepress/dist
+
+# vuepress v2.x temp and cache directory
+.temp
+
+# Docusaurus cache and generated files
+.docusaurus
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# TernJS port file
+.tern-port
+
+# Stores VSCode versions used for testing VSCode extensions
+.vscode-test
+
+# yarn v2
+.yarn/cache
+.yarn/unplugged
+.yarn/build-state.yml
+.yarn/install-state.gz
+.pnp.*
+
+### Node Patch ###
+# Serverless Webpack directories
+.webpack/
+
+# Optional stylelint cache
+
+# SvelteKit build / generate output
+.svelte-kit
+
+# End of https://www.toptal.com/developers/gitignore/api/node

back-express/Dockerfile

@@ -0,0 +1,15 @@
+FROM node:21-slim
+
+WORKDIR /app
+
+COPY package*.json ./
+
+RUN npm install
+
+COPY . .
+
+RUN npm run build
+
+EXPOSE 3000
+
+CMD ["npm", "run", "serve"]

back-express/package.json

@@ -0,0 +1,31 @@
+{
+  "name": "express-backend",
+  "version": "1.0.0",
+  "scripts": {
+    "dev": "nodemon src/app.ts",
+    "start": "ts-node src/app.ts",
+    "build": "tsc",
+    "serve": "node dist/app.js"
+  },
+  "author": "Daniel Heras Quesada",
+  "license": "ISC",
+  "description": "",
+  "devDependencies": {
+    "@types/cors": "^2.8.17",
+    "@types/express": "^5.0.0",
+    "@types/node": "^22.7.4",
+    "express": "^4.21.0",
+    "nodemon": "^3.1.7",
+    "ts-node": "^10.9.2",
+    "typescript": "^5.6.2"
+  },
+  "dependencies": {
+    "@types/bcrypt": "^5.0.2",
+    "@types/jsonwebtoken": "^9.0.7",
+    "bcrypt": "^5.1.1",
+    "cors": "^2.8.5",
+    "dotenv": "^16.4.5",
+    "jsonwebtoken": "^9.0.2",
+    "mysql2": "^3.11.3"
+  }
+}

back-express/src/app.ts

@@ -0,0 +1,33 @@
+import express from "express";
+import config from "./config";
+import cors from "cors";
+import { routes } from "./modules";
+import { authorizationMiddleware } from "./modules/auth/auth.middleware";
+
+const app = express();
+const port = config.port;
+
+if (config.enableCors) {
+  app.use(cors());
+}
+
+app.use(express.json());
+
+// Global middleware
+app.use(authorizationMiddleware as any); // TODO: move out of here
+app.use((req, _res, next) => {
+  console.log(`LOG: new ${req.method} request for ${req.url}`);
+  next();
+});
+
+// Route specific middleware
+app.use("/example", (req, _res, next) => {
+  console.log(`LOG: new ${req.method} example request for ${req.url}`);
+  next();
+});
+
+app.use(config.baseRoute, routes); // / serves as the base for the imported routes
+
+app.listen(port, () => {
+  console.log(`Server running at http://localhost:${port}`);
+});

back-express/src/config.ts

@@ -0,0 +1,11 @@
+import { configDotenv } from "dotenv";
+
+configDotenv();
+
+const config = {
+  enableCors: true,
+  port: process.env.PORT || 3000,
+  baseRoute: "/api/v1",
+};
+
+export default config;

back-express/src/db.ts

@@ -0,0 +1,26 @@
+import mysql, { QueryError } from "mysql2/promise";
+import { ResponseError } from "./utils/response/response-error.model";
+
+const db_pool = mysql.createPool({
+  host: process.env.DB_HOST ?? "localhost",
+  port: parseInt(process.env.DB_PORT ?? "3307"),
+  user: process.env.DB_USERNAME ?? "dbuser",
+  password: process.env.DB_PASSWORD ?? "securepassword",
+  database: process.env.DB_MAIN ?? "path",
+});
+
+async function DB_Query<T>(query: string): Promise<Partial<T>[]> {
+  try {
+    const [results, _fields] = await db_pool.query(query);
+    return results as T[];
+  } catch (e) {
+    const queryError = e as QueryError;
+    throw new ResponseError({
+      code: queryError.code,
+      number: queryError.errno,
+      detail: queryError.message,
+    });
+  }
+}
+
+export { db_pool as db_connection, DB_Query as db_query };

back-express/src/modules/auth/auth.constants.ts

@@ -0,0 +1 @@
+export const AUTH_KEY_SIZE = 30;

back-express/src/modules/auth/auth.middleware.ts

@@ -0,0 +1,85 @@
+import { NextFunction, Request, Response } from "express";
+import { authService } from "./auth.routes";
+import { Role } from "../users/users.types";
+import { ResponseError } from "../../utils/response/response-error.model";
+import config from "../../config";
+
+async function authorization(req: Request, res: Response, next: NextFunction) {
+  const resource = req.url.replace(config.baseRoute, "");
+  const isPublic = authorizationTable.some((permission) => {
+    const regex = new RegExp(permission.resource);
+    return (
+      regex.test(resource) &&
+      permission.actions.includes(req.method as HttpMethod) &&
+      permission.roles.includes(Role.Public)
+    );
+  });
+
+  if (isPublic) {
+    return next();
+  }
+
+  const authHeader = req.get("authorization");
+  const token = authHeader?.split(" ")[1];
+
+  if (token == null) {
+    res.status(401);
+    return res.send(new ResponseError(401));
+  }
+
+  const user = authService.verifyToken(token);
+  if (user && user instanceof Object) {
+    const authorized = authorizationTable.some((permission) => {
+      const regex = new RegExp(permission.resource);
+      return (
+        regex.test(resource) &&
+        permission.roles.some((role) => user.roles.includes(role)) &&
+        permission.actions.includes(req.method as HttpMethod)
+      );
+    });
+    if (authorized) {
+      return next();
+    }
+  }
+  res.status(401);
+  return res.send(new ResponseError(401));
+}
+
+type HttpMethod =
+  | "GET"
+  | "POST"
+  | "PUT"
+  | "DELETE"
+  | "PATCH"
+  | "OPTIONS"
+  | "HEAD";
+type Permissions = {
+  roles: Array<Role>;
+  resource: string;
+  actions: Array<HttpMethod>;
+};
+
+const authorizationTable: Permissions[] = [
+  {
+    roles: [Role.Public],
+    resource: "^/auth.*", // begins with /auth (is auth would be ^\/auth$)
+    actions: ["POST"],
+  },
+  {
+    roles: [Role.Admin],
+    resource: "^/users.*",
+    actions: ["GET", "PUT", "POST", "DELETE"],
+  },
+  {
+    roles: [Role.User],
+    resource: "^/users.*",
+    actions: ["GET"],
+  },
+  {
+    roles: [Role.Public],
+    resource: "^/example.*",
+    actions: ["GET", "OPTIONS"],
+  },
+];
+
+export { authorization as authorizationMiddleware };

back-express/src/modules/auth/auth.routes.ts

@@ -0,0 +1,33 @@
+import { Router } from "express";
+import { userService } from "../users/users.routes";
+import { AuthService } from "./auth.service";
+import { ResponseError } from "../../utils/response/response-error.model";
+
+export const authRoutes = Router();
+
+const authService = new AuthService(userService);
+
+authRoutes.post("/login", async (req, res) => {
+  try {
+    if (!req.body) {
+      res.status(400);
+      res.send(new ResponseError(400));
+    }
+    const token = await authService.signIn(
+      req.body.username,
+      req.body.password,
+    );
+    if (token) {
+      res.status(200);
+      res.send({ access_token: token });
+    } else {
+      res.status(401);
+      res.send(new ResponseError(401));
+    }
+  } catch (e) {
+    res.status(500);
+    res.send(e);
+  }
+});
+
+export { authService };

back-express/src/modules/auth/auth.service.ts

@@ -0,0 +1,51 @@
+import { sign, verify } from "jsonwebtoken";
+import UsersService from "../users/users.service";
+import { compare } from "bcrypt";
+import { generateRandomString } from "./auth.utils";
+import { AUTH_KEY_SIZE } from "./auth.constants";
+import { Role } from "../users/users.types";
+
+export class AuthService {
+  private secret_key: string;
+  constructor(private usersService: UsersService) {
+    this.secret_key = generateRandomString(AUTH_KEY_SIZE);
+  }
+
+  async signIn(username: string, password: string) {
+    const user = await this.usersService.getUserByUsername(username);
+
+    if (!user) {
+      return null;
+    }
+
+    const isSamePasswd = await compare(`${password}`, `${user?.password}`);
+
+    if (!isSamePasswd) return null;
+
+    const payload = {
+      sub: user.id,
+      username: user.username,
+      roles: user.roles,
+      picture: user.picture,
+    };
+
+    const token = sign(payload, this.secret_key, { expiresIn: 60 * 60 });
+    return token;
+  }
+
+  verifyToken(jwt: string) {
+    const token = jwt.split(".")[1];
+    if (!token) return false;
+    try {
+      const payload = verify(jwt, this.secret_key);
+      if (payload instanceof Object)
+        return {
+          username: payload.username as string,
+          roles: payload.roles as Role[],
+        };
+      else return false;
+    } catch (e) {
+      return false;
+    }
+  }
+}

back-express/src/modules/auth/auth.utils.ts

@@ -0,0 +1,6 @@
+function generateRandomString(size: number) {
+  const value = Math.random() * Math.pow(10, size);
+  return btoa(value.toString());
+}
+
+export { generateRandomString };

back-express/src/modules/default.route.ts

@@ -0,0 +1,8 @@
+import { Router } from "express";
+
+export const defaultRoute = Router();
+
+defaultRoute.get("/", (_, res) => {
+  res.send("Nothing to see here");
+  res.status(200);
+});

back-express/src/modules/example/example.routes.ts

@@ -0,0 +1,40 @@
+import { Router } from "express";
+
+import ExampleService from "./example.service";
+import { ResponseSuccess } from "../../utils/response/response-success.model";
+import { ResponseError } from "../../utils/response/response-error.model";
+
+export const exampleRoutes = Router();
+
+const exampleService = new ExampleService();
+
+exampleRoutes.get("/", async (_, res) => {
+  try {
+    const response = await exampleService.getAllExamples();
+    res.status(200);
+    res.send(new ResponseSuccess(response));
+  } catch (e) {
+    res.status(500);
+    res.send(e);
+  }
+});
+
+exampleRoutes.get("/:id", async (req, res) => {
+  try {
+    const response = await exampleService.getExampleById(
+      parseInt(req.params.id),
+    );
+    if (response) {
+      res.status(200);
+      res.send(new ResponseSuccess(response));
+    } else {
+      res.status(404);
+      res.send(new ResponseError({ code: "NOT_FOUND", number: 404 }));
+    }
+  } catch (e) {
+    res.status(500);
+    res.send(e);
+  }
+});
+
+export { exampleService };

back-express/src/modules/example/example.service.ts

@@ -0,0 +1,23 @@
+import { db_query } from "../../db";
+import { Example } from "./example.types";
+
+class ExampleService {
+  constructor(private info?: string) {}
+
+  async getAllExamples(): Promise<Example[]> {
+    const examples = await db_query("select * from example");
+    return examples as Example[];
+  }
+
+  async getExampleById(id: number): Promise<Example | null> {
+    const example = await db_query(
+      `select * from example as example WHERE id = ${id};`,
+    );
+    if (example.length) {
+      return example[0] as Example;
+    }
+    return null;
+  }
+}
+
+export default ExampleService;

back-express/src/modules/example/example.types.ts

@@ -0,0 +1,7 @@
+export type Example = {
+  id: number;
+  name: string;
+  description: string;
+  image: string;
+  created_at: string;
+};

back-express/src/modules/index.ts

@@ -0,0 +1,16 @@
+import express from "express";
+
+import { defaultRoute } from "./default.route";
+import { userRoutes } from "./users/users.routes";
+import { authRoutes } from "./auth/auth.routes";
+import { exampleRoutes } from "./example/example.routes";
+
+export const routes = express.Router();
+
+/*
+ * Routes
+ * */
+routes.use("/", defaultRoute);
+routes.use("/users", userRoutes);
+routes.use("/auth", authRoutes);
+routes.use("/example", exampleRoutes);

back-express/src/modules/users/users.routes.ts

@@ -0,0 +1,39 @@
+import { Router } from "express";
+import UsersService from "./users.service";
+import { sanitize_user } from "./users.utils";
+import { ResponseSuccess } from "../../utils/response/response-success.model";
+import { ResponseError } from "../../utils/response/response-error.model";
+
+export const userRoutes = Router();
+
+const userService = new UsersService();
+
+//TODO: block access to NON-admins or simply comment
+userRoutes.get("/", async (_, res) => {
+  try {
+    const response = await userService.getAllUsers();
+    res.status(200);
+    res.send(new ResponseSuccess(response.map((user) => sanitize_user(user))));
+  } catch (e) {
+    res.status(500);
+    res.send(e);
+  }
+});
+
+userRoutes.get("/:username", async (req, res) => {
+  try {
+    const response = await userService.getUserByUsername(req.params.username);
+    if (response) {
+      res.status(200);
+      res.send(new ResponseSuccess(sanitize_user(response)));
+    } else {
+      res.status(404);
+      res.send(new ResponseError({ code: "NOT_FOUND", number: 404 }));
+    }
+  } catch (e) {
+    res.status(500);
+    res.send(e);
+  }
+});
+
+export { userService };

back-express/src/modules/users/users.service.ts

@@ -0,0 +1,31 @@
+import { db_query } from "../../db";
+import { User } from "./users.types";
+
+class UsersService {
+  constructor() {}
+
+  async getAllUsers(): Promise<User[]> {
+    const data = await db_query("select * from user");
+    const users: User[] = data.map((user: any) => ({
+      ...user,
+      roles: user.roles.split(";"),
+    }));
+    return users;
+  }
+
+  async getUserByUsername(username: string): Promise<User | null> {
+    const data = await db_query(
+      `select * from user as user WHERE LOWER(username) = LOWER('${username}');`,
+    );
+    if (data.length) {
+      const user = {
+        ...(data[0] as User),
+        roles: (data[0] as any).roles.split(";"),
+      };
+      return user;
+    }
+    return null;
+  }
+}
+
+export default UsersService;

back-express/src/modules/users/users.types.ts

@@ -0,0 +1,17 @@
+export enum Role {
+  Public = "public",
+  User = "user",
+  Manager = "manager",
+  Admin = "admin",
+}
+
+export type User = {
+  id: number;
+  username: string;
+  password: string;
+  roles: Role[];
+  picture: string;
+  created_at: string;
+};
+
+export type UserDetailResult = Omit<User, "password">;

back-express/src/modules/users/users.utils.ts

@@ -0,0 +1,7 @@
+import { User, UserDetailResult } from "./users.types";
+
+// TODO: prettify this
+export function sanitize_user(user: User): UserDetailResult {
+  delete (user as any).password;
+  return user;
+}

back-express/src/utils/response/response-error.model.ts

@@ -0,0 +1,33 @@
+type BasicError = {
+  code: string | number;
+  number?: number;
+  detail?: string;
+  status?: number;
+  suggestion?: string;
+};
+
+const code_error_mapping: Record<number, BasicError> = {
+  400: {
+    code: "BAD REQUEST",
+    status: 400,
+  },
+  401: {
+    code: "UNAUTHORIZED",
+    status: 401,
+  },
+};
+
+export class ResponseError extends Error {
+  public error: BasicError | number;
+  constructor(
+    error: BasicError | number,
+    public timestamp: number = Date.now(),
+  ) {
+    super();
+    if (error instanceof Object) {
+      this.error = error;
+    } else {
+      this.error = code_error_mapping[error];
+    }
+  }
+}

back-express/src/utils/response/response-success.model.ts

@@ -0,0 +1,16 @@
+export class ResponseSuccess {
+  public data?: unknown;
+  public results?: unknown[];
+  public count?: number;
+
+  constructor(data: unknown) {
+    if (data instanceof Array) {
+      this.results = data;
+      this.count = data.length;
+    } else if (data instanceof Object) {
+      Object.assign(this, data);
+    } else {
+      this.data = data;
+    }
+  }
+}

back-express/tsconfig.json

@@ -0,0 +1,13 @@
+{
+  "compilerOptions": {
+    "target": "es6",
+    "module": "commonjs",
+    "outDir": "./dist",
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true
+  },
+  "include": ["src/**/*.ts"],
+  "exclude": ["node_modules"]
+}