nodejs-fs
Version:
CLI tool to scaffold production-ready Express + Mongoose backend with security best practices
611 lines (451 loc) โข 16.2 kB
Markdown
<div align="center">
<h1>๐ nodejs-fs</h1>
<p><strong>Scaffold production-ready Express + MongoDB backends in seconds</strong></p>
[](https://www.npmjs.com/package/nodejs-fs)
[](https://www.npmjs.com/package/nodejs-fs)
[](https://opensource.org/licenses/MIT)
[](https://nodejs.org)
<p>
<a href="#-quick-start">Quick Start</a> โข
<a href="#-features">Features</a> โข
<a href="#-whats-included">What's Included</a> โข
<a href="#-usage">Usage</a> โข
<a href="#-api-documentation">API Docs</a>
</p>
</div>
## ๐ฏ Why nodejs-fs?
Stop wasting hours setting up the same backend infrastructure. **nodejs-fs** generates a complete, production-ready Express.js + MongoDB backend with authentication, security, and best practices baked in.
**Perfect for:**
- ๐โโ๏ธ Hackathons and MVPs
- ๐ Learning full-stack development
- ๐ Teaching backend architecture
- ๐ Rapid prototyping
- ๐ผ Freelance projects
## โจ Features
<table>
<tr>
<td width="33%" valign="top">
### ๐ Security First
- JWT authentication
- Bcrypt password hashing
- Rate limiting & brute force protection
- Helmet.js security headers
- CORS configuration
- Cookie parser
</td>
<td width="33%" valign="top">
### โก Production Ready
- Express 5.x (latest)
- Environment-based config
- Winston logging
- Global error handling
- Joi validation
- MongoDB connection pooling
- Compression middleware
</td>
<td width="33%" valign="top">
### ๐ ๏ธ Developer Experience
- Clean MVC architecture
- RESTful API design
- Node.js watch mode (no nodemon)
- Email templates
- Image upload & processing
- Comprehensive documentation
</td>
</tr>
</table>
## ๐ Quick Start
Get your backend up and running in 60 seconds:
```bash
# Create your project with npx (no installation needed)
npx create-nodejs-fs my-awesome-api
# Navigate to your project
cd my-awesome-api
# Configure environment
cp .env.example .env
# Edit .env with your MongoDB URI and JWT secret
# Start developing
npm run dev
```
**That's it!** You now have a fully-functional backend with auth, CRUD operations, and more. ๐
## ๐ฆ Installation & Usage
### Option 1: Use with npx (Recommended)
No installation required - just run:
```bash
npx create-nodejs-fs my-project-name
```
### Option 2: Install Globally
```bash
npm install -g nodejs-fs
create-nodejs-fs my-project-name
```
### What Happens Next
The CLI will automatically:
1. Create the project structure
2. Copy all template files
3. Install dependencies (npm install)
4. Set up your backend with all configurations
### Available Options
```bash
create-nodejs-fs <project-name> [options]
Options:
--no-install Skip npm install
--git Initialize git repository
--verbose Show detailed logs
-v, --version Output version number
-h, --help Display help
```
## ๐ What's Included
### Complete Project Structure
```
your-project/
โโโ ๐ src/
โ โโโ ๐ config/ # Configuration files
โ โ โโโ cloudinary.js # Image hosting setup
โ โ โโโ db.js # MongoDB connection
โ โ โโโ logger.js # Winston logger config
โ โ
โ โโโ ๐ controllers/ # Business logic
โ โ โโโ authController.js # Auth operations
โ โ โโโ productController.js # CRUD operations
โ โ
โ โโโ ๐ middlewares/ # Custom middleware
โ โ โโโ auth.js # JWT verification
โ โ โโโ errorHandler.js # Global error handler
โ โ โโโ rateLimiter.js # Rate limiting
โ โ โโโ validate.js # Input validation
โ โ
โ โโโ ๐ models/ # Database schemas
โ โ โโโ User.js # User model + methods
โ โ โโโ Product.js # Product model
โ โ
โ โโโ ๐ routes/ # API routes
โ โ โโโ authRoutes.js # /api/auth/*
โ โ โโโ productRoutes.js # /api/products/*
โ โ โโโ index.js # Route aggregator
โ โ
โ โโโ ๐ utils/ # Helper functions
โ โ โโโ imageProcessor.js # Image upload/resize
โ โ โโโ mailer.js # Email sending
โ โ โโโ slugifyUtil.js # URL-friendly slugs
โ โ
โ โโโ app.js # Express app configuration
โ โโโ index.js # Server entry point
โ
โโโ .env.example # Environment template
โโโ package.json
โโโ README.md # Complete documentation
```
### ๐ Tech Stack & Dependencies
**Core Framework:**
- **Express.js** `^5.1.0` - Modern, fast web framework (Express 5)
- **Mongoose** `^8.x` - MongoDB object modeling
**Security:**
- **bcrypt** - Password hashing with salt
- **jsonwebtoken** - JWT token generation & verification
- **helmet** - Security HTTP headers
- **express-rate-limit** - Brute force protection
- **cors** - Cross-origin resource sharing
**Utilities:**
- **nodemailer** - Email sending (password reset, notifications)
- **cloudinary** - Cloud image hosting & transformation
- **sharp** - High-performance image processing
- **multer** - Multipart/form-data file upload
- **joi** - Schema validation & sanitization
- **winston** - Comprehensive logging
- **slugify** - URL-friendly string conversion
- **compression** - Gzip compression middleware
- **cookie-parser** - Parse cookies
- **dotenv** - Environment variable management
**Development:**
- **Node.js** `>=18.0.0` - Built-in watch mode with `--watch` flag
- **morgan** - HTTP request logger
## โ๏ธ Configuration Guide
### Essential Environment Variables
```env
# Server Configuration
PORT=5000 # Server port
NODE_ENV=development # development | production
# Database
MONGODB_URI=mongodb://localhost:27017/mydb # MongoDB connection string
# JWT Authentication
JWT_SECRET=your-256-bit-secret-key # Strong random string
JWT_EXPIRE=7d # Token expiration (7d, 24h, etc.)
JWT_COOKIE_EXPIRE=7 # Cookie expiration in days
```
### Optional Features
```env
# Email Service (for password reset)
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=your-email@gmail.com
SMTP_PASSWORD=your-app-specific-password
FROM_EMAIL=noreply@yourapp.com
FROM_NAME=Your App Name
# Cloudinary (for image uploads)
CLOUDINARY_CLOUD_NAME=your-cloud-name
CLOUDINARY_API_KEY=your-api-key
CLOUDINARY_API_SECRET=your-api-secret
# Frontend URL (for CORS and email links)
CLIENT_URL=http://localhost:3000
```
### Quick Setup Tips
**MongoDB Options:**
- ๐ฅ๏ธ **Local:** Install MongoDB Community Server
- โ๏ธ **Cloud:** Use [MongoDB Atlas](https://www.mongodb.com/cloud/atlas) (free tier available)
**Email Service:**
- Use Gmail with [App Password](https://support.google.com/accounts/answer/185833)
- Or try [SendGrid](https://sendgrid.com/), [Mailgun](https://www.mailgun.com/), [AWS SES](https://aws.amazon.com/ses/)
**Image Hosting:**
- Sign up at [Cloudinary](https://cloudinary.com/) (free tier: 25GB storage, 25GB bandwidth)
## ๐ฏ Use Cases
Perfect for building:
- ๐๏ธ **E-commerce APIs** - Product management, user auth, order processing
- ๐ฑ **Mobile App Backends** - REST API for iOS/Android apps
- ๐ฌ **Social Platforms** - User profiles, posts, comments, likes
- ๐ฐ **Blog/CMS Systems** - Content management with authentication
- ๐ **Learning Management** - Course platforms, student portals
- ๐ข **Business Applications** - CRM, inventory management, booking systems
- ๐ฎ **Gaming Backends** - Player data, leaderboards, achievements
## ๐ก๏ธ Security Best Practices
Our template implements enterprise-grade security:
| Security Layer | Implementation |
|---------------|----------------|
| ๐ **Authentication** | JWT tokens with secure secret key |
| ๐ **Password Storage** | Bcrypt hashing (10 salt rounds) |
| ๐ก๏ธ **HTTP Headers** | Helmet.js (XSS, clickjacking, etc.) |
| ๐ฆ **Rate Limiting** | Max 100 requests per 15 min per IP |
| โ
**Validation** | Joi schema validation on all inputs |
| ๐ **CORS** | Configurable allowed origins |
| ๐ช **Cookies** | HttpOnly, Secure, SameSite flags |
| ๐ **Logging** | Winston for security audits |
| ๐๏ธ **Compression** | Gzip compression for responses |
## ๐ Available Scripts
```bash
npm run dev # Start with Node.js watch mode (auto-reload)
npm start # Start production server
```
## ๐ค Contributing
We welcome contributions! Here's how you can help:
1. ๐ **Report bugs** - [Open an issue](https://github.com/iiMuhammadRashed/nodejs-fs/issues)
2. ๐ก **Suggest features** - Share your ideas
3. ๐ง **Submit PRs** - Fork, code, and create pull requests
4. โญ **Star the repo** - Show your support
## ๐ License
MIT ยฉ MERN Stack Hero
Free to use for personal and commercial projects.
## ๐ฌ Support & Community
Need help? We've got you covered:
- ๐ **Documentation:** [GitHub Wiki](https://github.com/iiMuhammadRashed/nodejs-fs)
- ๐ **Bug Reports:** [GitHub Issues](https://github.com/iiMuhammadRashed/nodejs-fs/issues)
- ๐ก **Feature Requests:** [GitHub Discussions](https://github.com/iiMuhammadRashed/nodejs-fs/discussions)
- โญ **Star us on GitHub** to stay updated
## ๐บ๏ธ Roadmap
Coming soon:
- [ ] TypeScript template option
- [ ] GraphQL API template
- [ ] WebSocket support
- [ ] Redis caching integration
- [ ] Stripe payment integration
- [ ] Social OAuth (Google, GitHub, Facebook)
- [ ] Swagger/OpenAPI documentation
- [ ] Docker configuration
- [ ] CI/CD templates (GitHub Actions, GitLab CI)
- [ ] Testing setup (Jest, Supertest)
<div align="center">
### โญ If nodejs-fs helped you, please star the repo! โญ
**Made with โค๏ธ by [MERN Stack Hero](https://github.com/iiMuhammadRashed)**
[Report Bug](https://github.com/iiMuhammadRashed/nodejs-fs/issues) ยท [Request Feature](https://github.com/iiMuhammadRashed/nodejs-fs/issues) ยท [Contribute](https://github.com/iiMuhammadRashed/nodejs-fs/pulls)
</div>
## ๐ API Documentation
### ๐ Authentication Endpoints
| Method | Endpoint | Description | Auth Required |
|--------|----------|-------------|---------------|
| POST | `/api/auth/register` | Register new user | โ |
| POST | `/api/auth/login` | Login user | โ |
| POST | `/api/auth/forgot-password` | Request password reset | โ |
| POST | `/api/auth/reset-password/:token` | Reset password with token | โ |
| GET | `/api/auth/me` | Get current user profile | โ
|
### ๐ฆ Product Endpoints
| Method | Endpoint | Description | Auth Required |
|--------|----------|-------------|---------------|
| GET | `/api/products` | Get all products (paginated) | โ |
| GET | `/api/products/:id` | Get single product | โ |
| POST | `/api/products` | Create new product | โ
|
| PUT | `/api/products/:id` | Update product | โ
|
| DELETE | `/api/products/:id` | Delete product | โ
|
<details>
<summary><strong>๐ Click to see API examples</strong></summary>
**Register a new user:**
```bash
curl -X POST http://localhost:5000/api/auth/register \
-H "Content-Type: application/json" \
-d '{
"name": "John Doe",
"email": "john@example.com",
"password": "securePassword123"
}'
```
**Login:**
```bash
curl -X POST http://localhost:5000/api/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "john@example.com",
"password": "securePassword123"
}'
```
**Create a product (with auth):**
```bash
curl -X POST http://localhost:5000/api/products \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-d '{
"name": "Awesome Product",
"description": "This is an awesome product",
"price": 99.99,
"category": "Electronics"
}'
```
</details>
## Configuration
After generating your project, create a `.env` file based on `.env.example`:
```env
# Server
PORT=5000
NODE_ENV=development
# Database
MONGODB_URI=mongodb://localhost:27017/your-database
# JWT
JWT_SECRET=your-super-secret-jwt-key
JWT_EXPIRE=7d
JWT_COOKIE_EXPIRE=7
# Email
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=your-email@gmail.com
SMTP_PASSWORD=your-email-password
FROM_EMAIL=noreply@yourapp.com
FROM_NAME=Your App Name
# Cloudinary
CLOUDINARY_CLOUD_NAME=your-cloud-name
CLOUDINARY_API_KEY=your-api-key
CLOUDINARY_API_SECRET=your-api-secret
# Client URL
CLIENT_URL=http://localhost:3000
```
## ๐ Getting Started Guide
### Step 1: Create Your Project
```bash
npx create-nodejs-fs my-awesome-api
# Or if installed globally:
create-nodejs-fs my-awesome-api
```
The CLI accepts a project name as an argument (no interactive prompts).
**Available options:**
- `--no-install` - Skip dependency installation
- `--git` - Initialize git repository
- `--verbose` - Show detailed logs
### Step 2: Navigate to Your Project
```bash
cd my-awesome-api
```
### Step 3: Configure Environment
```bash
cp .env.example .env
```
Edit `.env` with your credentials:
```env
# Minimum required configuration
MONGODB_URI=mongodb://localhost:27017/your-database
JWT_SECRET=your-super-secret-key-change-this
PORT=5000
```
### Step 4: Start Developing
```bash
npm run dev
```
Your API is now running at `http://localhost:5000` ๐
Uses Node.js built-in `--watch` flag (Node 18+) - no nodemon needed!
### Step 5: Test Your API
```bash
# Health check
curl http://localhost:5000
# Register a user
curl -X POST http://localhost:5000/api/auth/register \
-H "Content-Type: application/json" \
-d '{"name":"Test User","email":"test@example.com","password":"password123"}'
```
## ๐ What You Get Out of the Box
| Feature | Included | Configuration Required |
|---------|----------|------------------------|
| โ
Express.js Server | โ | Minimal |
| โ
MongoDB + Mongoose | โ | Connection string only |
| โ
JWT Authentication | โ | Secret key only |
| โ
Password Hashing | โ | None |
| โ
Input Validation | โ | None |
| โ
Error Handling | โ | None |
| โ
Security Headers | โ | None |
| โ
Rate Limiting | โ | Optional tuning |
| โ
CORS | โ | Optional tuning |
| โ
Email Service | โ | SMTP credentials |
| โ
Image Upload | โ | Cloudinary credentials |
| โ
Logging | โ | None |
| โ
API Documentation | โ | None |
## ๐ Why Choose nodejs-fs?
<table>
<tr>
<th width="25%">Manual Setup</th>
<th width="25%">Express Generator</th>
<th width="25%">Other Boilerplates</th>
<th width="25%">nodejs-fs โญ</th>
</tr>
<tr>
<td>
โ Hours of setup
โ Security gaps
โ No auth included
โ Basic structure
โ No best practices
</td>
<td>
โ ๏ธ Minimal setup
โ No database
โ No authentication
โ Outdated patterns
โ ๏ธ Basic only
</td>
<td>
โ ๏ธ Overengineered
โ ๏ธ Too opinionated
โ Steep learning curve
โ ๏ธ Hard to modify
โ ๏ธ Limited docs
</td>
<td>
โ
60-second setup
โ
Production-ready
โ
Full auth system
โ
Modern patterns
โ
Well documented
โ
Easy to customize
โ
Actively maintained
</td>
</tr>
</table>
## ๐ What's Included