Als-mvc NPM | npm.io

Als-Mvc

being tested

Als-Mvc

About

Als-mvc is a build with extended abilities. The build use mongoDb for model, Express and dynamic route system for controllers and layout management system and front packages for views.

Included:

Auth with mail verification
Settings management
Layout management
Route system based on files tree with access modifiers, middlwere and static path management
Cli for seeder and settings
Frontend management system
Css framework

What's new

new in 0.9.55

csrf token - can run addCsrf() without csrf parameter, to add csrf to forms without csrf
updated als-dynamic-router and router problem fixed and changed the way for using router (check als-dynamic-router for more details)
updated als-settings - now you can use bollean types
updated als-Component to 0.9.7 (bug fixed, and onLoad has this inside)

new in 0.9.51

csrf token - on frontend csrf token added only to forms with method different then get.

new in 0.9.5

Bug fixed
Added dynamic middleware and dinamic statics
Added csrf middleware
updating settings in dev mode (without updating session key)

new in 0.9

Almost all mvc modules published as separated packages. Now it's depends on:
- als-dynamic-router - for dynamic file routes and statics
- als-layout - for dynamic layout
- als-seeder - for seeding data
Added project settings (instead als-mvc.env) with als-settings
Crude removed and will be added in the future as separated package
sitemap and robots removed and will be added as separated packages

Install and build

Please follow those steps:

Install the package
1. run in console: npm i als-mvc
build
1. run node node_modules\als-mvc\build
update .env
1. add user data
2. run in console: node cli create User
create settings
1. edit app/settings.js
2. run in console: node cli settings (not required in dev mode)
Add script to your package json for nodemon if you want
1. "dev":"nodemon server.js"
2. run in console: npm run dev

Basics

Build tree:

app
- settings.js - initial settings for your project
- layout.js - default layout settings for all layouts
- mailer.js - sends mails from ./mails folder and save it in db>mails
- session.js - initialize session (secret generated in settings)
- statics.js - middleware for serving static folders
- mw.js - initializing middleware
layouts
- basic - layout for routes outside dashboard
- dashboard - layout for routes inside dashboard
mails
- test.js - sends test mail
- auth>passwordchanged.js - mail for changing password
- auth>verification.js - mail for password verification
models
- Mail - model and schema for mails
- User - model and schema for users
- data>users - data for seeder
mw - includes middleware for app
public - public folder (allready in statics)
routes - routes and middleware
cli.js - command line file for settings and seeder
server.js - the server

Route system

The route system powered by als-dynamic-router. You can read more by folowing the link.

Short explanation - each route is a file inside routes folder, where before extension filename has a method like some.get.js. For example \posts\some.get.js is /posts/some route. Also, you can use params with $, where for example \posts\$post.get.js is /posts/:post. Also you can use middleware for group of routes with mw.js for all files and subfolders or #mw.js only for files in it's directory. The als-dynamic-router has many other abilities like dynamic middleware, routers, dynamic static folders and more.

Auth

There are auth routes inside routes folder. When you have run node cli create User you have added admin user. Each user has it's role (you can see the roles in models\User and in settings)

Settings

When you have run node cli settings you added to sqlite database all settings from the file. Now those settings available as process.settings. You can update the settings with process.settings.set(key,value) or refresh the settings with process.settings.get().

Statics

All static route available on process.settings.statics as object.

The initial statics available inside app/settings.js.

Also you can change the object, by updating existing.

Here example:

let statics = process.settings.statics
statics['/accessibility'] = 'node_modules/accessibility/dist'
process.settings.set('statics',statics)

Scripts and styles

On each route, you have req.scripts = {} and req.links = {}. Each of them has to include objects for als-layout.

Here the syntax:

req.scripts = {
   scriptName:{inner='',src='',async,crossorigin,defer,integrity,referrerpolicy,type,footer=false,v}
}
req.links = {
   linkName:{href,rel='stylesheet',crossorigin,hreflang,media,referrerpolicy,sizes,type,v}
}

Example:

module.exports = function(req,res) {
  let test = () => console.log('hello world')

  req.scripts.test = {src:'/link-to-script/script.js}
  req.scripts.testForInner = {inner:`${test.toString(); test()}`,footer:true}
  req.links.test = {href:'/link-to-styles/styles.css}
}

Middleware

There are middleware folders inside mw folder. Each md folder, has to include 3 files: 1. about.js 2. index.js 3. install.js

about.js

This file has to return object with the folowing:

name - middleware's name
description - middleware's description
version - middleware's version
visible - is middleware visible on setting/plugins
author - middleware's author

If about.js is missing, about object will replaced with folowing:

let defaultAbout = {
  name:dirName,
  description:'No description',
  version:'1.0.0',
  visible:true,
  author:'Admin'
}

index.js

index.js has to return middleware function wich will run in all routes (except static routes). For example:

module.exports = function(req,res,next) {
  req.urlWithoutParams = req.url.split('?')[0]
  return next()
}

install.js

This file will run if process.env.DEV = true. File has to return function. You can add in this file scripts, or settings, or write files. Anything you need for initialization.

Example:

module.exports = function(req,res,next) {
   if(!req.url.startsWith('/dashboard')) {
      req.scripts.accessibility = {src:'/accessibility/main.bundle.js'},
      req.scripts.accessibilityInner = {inner:`window.addEventListener('load', function() { new Accessibility(); }, false);`}
   }
   return next()
}

Then mw installed, process.settings.mw will include list of existing plugins which looks like this:

process.settings.mw = {
  active, // if true will run as mw
  error, // null if not errors
  about:{ // all information about plugin
    name,description,version,author,visible
  }
}

In dashboard settings will include plugins for setting active or inactive mw if visible.

Included midddleware (csrf)

Inside mw folder, you have csrf middleware. The middleware generating csrf token for each session if:

req.session.csrf not defined
on login and logout
The middleware adding csrf token to meta with name="csrftoken" and to each form as hidden input with name="csrftoken".
If route is anything except get (like post|put|delete) and csrf token not inside req.body.csrftoken, you will get {err:'Access denied'}.