supertokens · porcellus · Dec 23, 2024 · Dec 12, 2024 · Dec 12, 2024 · Dec 12, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [0.0.56] - 2024-12-12
+
+-   Adds changes to the express boilerplate to work as project scaffolding
+
 ## [0.0.55] - 2024-12-12
 
 -   Adds a Vite-based React implementation. To be used as reference implementation for front-end options.

diff --git a/boilerplate/backend/node-express/.gitignore b/boilerplate/backend/node-express/.gitignore
@@ -0,0 +1,18 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+
+# production
+/dist
+
+# misc
+.DS_Store
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
diff --git a/boilerplate/backend/node-express/README.md b/boilerplate/backend/node-express/README.md
@@ -0,0 +1,66 @@
+# SuperTokens + Express
+
+A demo implementation of [SuperTokens](https://supertokens.com/) with [Express](https://expressjs.com/).
+
+## General Info
+
+This project aims to demonstrate how to integrate SuperTokens into an Express server. Its primary purpose is to serve as an educational tool, but it can also be used as a starting point for your own project.
+
+## Repo Structure
+
+### Source
+
+```
+📦backend
+┣ 📜config.tsx --> Root component of the app
+┗ 📜index.tsx --> Entry point of the app
+```
+
+#### SuperTokens
+
+The full configuration needed for the SuperTokens' back-end to work is in the `src/config.tsx` file. This file will differ based on the [auth recipe](https://supertokens.com/docs/guides) you choose.
+
+If you choose to use this as a starting point for your own project, you can further customize SuperTokens in the `src/config.tsx` file. Refer to our [docs](https://supertokens.com/docs) (and make sure to choose the correct recipe) for more details.
+
+## Application Flow
+
+When using SuperTokens, the front-end never calls directly to the SuperTokens Core, the service that creates and manages sessions. Instead, the front-end calls to the back-end and the back-end calls to the Core. You can read more about [how SuperTokens works here](https://supertokens.com/docs/thirdpartyemailpassword/architecture).
+
+The back-end has two main files:
+
+1. **Entry Point (`index.ts`)**
+
+    - Initializes SuperTokens
+    - Adds CORS headers for sessions with the front-end
+    - Adds SuperTokens middleware
+    - Endpoints:
+        - `/hello`: Public route not protected by SuperTokens
+        - `/sessioninfo`: Uses SuperTokens middleware to pull the session token off the request and get the user session info
+        - `/tenants`: Grabs a list of tenants for multitenant configured applications
+
+2. **Configuration (`config.ts`)**
+    - `supertokensConfig`:
+        - `supertokens`:
+            - `connectionURI`: Sets the URL that your SuperTokens core is located. By default, it connects to the playground core. In production, you can [host your own core](https://supertokens.com/docs/thirdpartyemailpassword/pre-built-ui/setup/core/with-docker) or create an account to [enable managed hosting](https://supertokens.com/dashboard-saas)
+        - `appInfo`: Holds informaiton like your project name
+            - `apiDomain`: Sets the domain your back-end API is on. SuperTokens automatically listens to create requests at `${apiDomain}/auth`
+            - `websiteDomain`: Sets the domain your front-end website is on
+        - `recipeList`: An array of recipes for adding supertokens features
+
+## Additional resources
+
+-   Custom UI Example: https://github.com/supertokens/supertokens-web-js/tree/master/examples/react/with-thirdpartyemailpassword
+-   Custom UI Blog post: https://supertokens.medium.com/adding-social-login-to-your-website-with-supertokens-custom-ui-only-5fa4d7ab6402
+-   Awesome SuperTokens: https://github.com/kohasummons/awesome-supertokens
+
+## Contributing
+
+Please refer to the [CONTRIBUTING.md](https://github.com/supertokens/create-supertokens-app/blob/master/CONTRIBUTING.md) file in the root of the [`create-supertokens-app`](https://github.com/supertokens/create-supertokens-app) repo.
+
+## Contact us
+
+For any questions, or support requests, please email us at [email protected], or join our [Discord](https://supertokens.com/discord) server.
+
+## Authors
+
+Created with :heart: by the folks at SuperTokens.com.
diff --git a/boilerplate/backend/node-express/config/all_auth.ts b/boilerplate/backend/node-express/config/all_auth.ts
@@ -7,14 +7,14 @@ import Dashboard from "supertokens-node/recipe/dashboard";
 import UserRoles from "supertokens-node/recipe/userroles";
 
 export function getApiDomain() {
-    const apiPort = process.env.REACT_APP_API_PORT || 3001;
-    const apiUrl = process.env.REACT_APP_API_URL || `http://localhost:${apiPort}`;
+    const apiPort = process.env.VITE_APP_API_PORT || 3001;
+    const apiUrl = process.env.VITE_APP_API_URL || `http://localhost:${apiPort}`;
     return apiUrl;
 }
 
 export function getWebsiteDomain() {
-    const websitePort = process.env.REACT_APP_WEBSITE_PORT || 3000;
-    const websiteUrl = process.env.REACT_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
+    const websitePort = process.env.VITE_APP_WEBSITE_PORT || 3000;
+    const websiteUrl = process.env.VITE_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
     return websiteUrl;
 }
 

diff --git a/boilerplate/backend/node-express/config/emailpassword.ts b/boilerplate/backend/node-express/config/emailpassword.ts
@@ -5,14 +5,14 @@ import Dashboard from "supertokens-node/recipe/dashboard";
 import UserRoles from "supertokens-node/recipe/userroles";
 
 export function getApiDomain() {
-    const apiPort = process.env.REACT_APP_API_PORT || 3001;
-    const apiUrl = process.env.REACT_APP_API_URL || `http://localhost:${apiPort}`;
+    const apiPort = process.env.VITE_APP_API_PORT || 3001;
+    const apiUrl = process.env.VITE_APP_API_URL || `http://localhost:${apiPort}`;
     return apiUrl;
 }
 
 export function getWebsiteDomain() {
-    const websitePort = process.env.REACT_APP_WEBSITE_PORT || 3000;
-    const websiteUrl = process.env.REACT_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
+    const websitePort = process.env.VITE_APP_WEBSITE_PORT || 3000;
+    const websiteUrl = process.env.VITE_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
     return websiteUrl;
 }
 

diff --git a/boilerplate/backend/node-express/config/multifactorauth.ts b/boilerplate/backend/node-express/config/multifactorauth.ts
@@ -10,14 +10,14 @@ import EmailVerification from "supertokens-node/recipe/emailverification";
 import TOTP from "supertokens-node/recipe/totp";
 
 export function getApiDomain() {
-    const apiPort = process.env.REACT_APP_API_PORT || 3001;
-    const apiUrl = process.env.REACT_APP_API_URL || `http://localhost:${apiPort}`;
+    const apiPort = process.env.VITE_APP_API_PORT || 3001;
+    const apiUrl = process.env.VITE_APP_API_URL || `http://localhost:${apiPort}`;
     return apiUrl;
 }
 
 export function getWebsiteDomain() {
-    const websitePort = process.env.REACT_APP_WEBSITE_PORT || 3000;
-    const websiteUrl = process.env.REACT_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
+    const websitePort = process.env.VITE_APP_WEBSITE_PORT || 3000;
+    const websiteUrl = process.env.VITE_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
     return websiteUrl;
 }
 

diff --git a/boilerplate/backend/node-express/config/multitenancy.ts b/boilerplate/backend/node-express/config/multitenancy.ts
@@ -7,14 +7,14 @@ import Dashboard from "supertokens-node/recipe/dashboard";
 import UserRoles from "supertokens-node/recipe/userroles";
 
 export function getApiDomain() {
-    const apiPort = process.env.REACT_APP_API_PORT || 3001;
-    const apiUrl = process.env.REACT_APP_API_URL || `http://localhost:${apiPort}`;
+    const apiPort = process.env.VITE_APP_API_PORT || 3001;
+    const apiUrl = process.env.VITE_APP_API_URL || `http://localhost:${apiPort}`;
     return apiUrl;
 }
 
 export function getWebsiteDomain() {
-    const websitePort = process.env.REACT_APP_WEBSITE_PORT || 3000;
-    const websiteUrl = process.env.REACT_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
+    const websitePort = process.env.VITE_APP_WEBSITE_PORT || 3000;
+    const websiteUrl = process.env.VITE_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
     return websiteUrl;
 }
 

diff --git a/boilerplate/backend/node-express/config/passwordless.ts b/boilerplate/backend/node-express/config/passwordless.ts
@@ -5,14 +5,14 @@ import Dashboard from "supertokens-node/recipe/dashboard";
 import UserRoles from "supertokens-node/recipe/userroles";
 
 export function getApiDomain() {
-    const apiPort = process.env.REACT_APP_API_PORT || 3001;
-    const apiUrl = process.env.REACT_APP_API_URL || `http://localhost:${apiPort}`;
+    const apiPort = process.env.VITE_APP_API_PORT || 3001;
+    const apiUrl = process.env.VITE_APP_API_URL || `http://localhost:${apiPort}`;
     return apiUrl;
 }
 
 export function getWebsiteDomain() {
-    const websitePort = process.env.REACT_APP_WEBSITE_PORT || 3000;
-    const websiteUrl = process.env.REACT_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
+    const websitePort = process.env.VITE_APP_WEBSITE_PORT || 3000;
+    const websiteUrl = process.env.VITE_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
     return websiteUrl;
 }
 

diff --git a/boilerplate/backend/node-express/config/thirdparty.ts b/boilerplate/backend/node-express/config/thirdparty.ts
@@ -5,14 +5,14 @@ import Dashboard from "supertokens-node/recipe/dashboard";
 import UserRoles from "supertokens-node/recipe/userroles";
 
 export function getApiDomain() {
-    const apiPort = process.env.REACT_APP_API_PORT || 3001;
-    const apiUrl = process.env.REACT_APP_API_URL || `http://localhost:${apiPort}`;
+    const apiPort = process.env.VITE_APP_API_PORT || 3001;
+    const apiUrl = process.env.VITE_APP_API_URL || `http://localhost:${apiPort}`;
     return apiUrl;
 }
 
 export function getWebsiteDomain() {
-    const websitePort = process.env.REACT_APP_WEBSITE_PORT || 3000;
-    const websiteUrl = process.env.REACT_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
+    const websitePort = process.env.VITE_APP_WEBSITE_PORT || 3000;
+    const websiteUrl = process.env.VITE_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
     return websiteUrl;
 }
 

diff --git a/boilerplate/backend/node-express/config/thirdpartyemailpassword.ts b/boilerplate/backend/node-express/config/thirdpartyemailpassword.ts
@@ -6,14 +6,14 @@ import Dashboard from "supertokens-node/recipe/dashboard";
 import UserRoles from "supertokens-node/recipe/userroles";
 
 export function getApiDomain() {
-    const apiPort = process.env.REACT_APP_API_PORT || 3001;
-    const apiUrl = process.env.REACT_APP_API_URL || `http://localhost:${apiPort}`;
+    const apiPort = process.env.VITE_APP_API_PORT || 3001;
+    const apiUrl = process.env.VITE_APP_API_URL || `http://localhost:${apiPort}`;
     return apiUrl;
 }
 
 export function getWebsiteDomain() {
-    const websitePort = process.env.REACT_APP_WEBSITE_PORT || 3000;
-    const websiteUrl = process.env.REACT_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
+    const websitePort = process.env.VITE_APP_WEBSITE_PORT || 3000;
+    const websiteUrl = process.env.VITE_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
     return websiteUrl;
 }
 

diff --git a/boilerplate/backend/node-express/config/thirdpartypasswordless.ts b/boilerplate/backend/node-express/config/thirdpartypasswordless.ts
@@ -6,14 +6,14 @@ import Dashboard from "supertokens-node/recipe/dashboard";
 import UserRoles from "supertokens-node/recipe/userroles";
 
 export function getApiDomain() {
-    const apiPort = process.env.REACT_APP_API_PORT || 3001;
-    const apiUrl = process.env.REACT_APP_API_URL || `http://localhost:${apiPort}`;
+    const apiPort = process.env.VITE_APP_API_PORT || 3001;
+    const apiUrl = process.env.VITE_APP_API_URL || `http://localhost:${apiPort}`;
     return apiUrl;
 }
 
 export function getWebsiteDomain() {
-    const websitePort = process.env.REACT_APP_WEBSITE_PORT || 3000;
-    const websiteUrl = process.env.REACT_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
+    const websitePort = process.env.VITE_APP_WEBSITE_PORT || 3000;
+    const websiteUrl = process.env.VITE_APP_WEBSITE_URL || `http://localhost:${websitePort}`;
     return websiteUrl;
 }
 

diff --git a/boilerplate/backend/node-express/eslint.config.mjs b/boilerplate/backend/node-express/eslint.config.mjs
@@ -0,0 +1,11 @@
+import globals from "globals";
+import pluginJs from "@eslint/js";
+import tseslint from "typescript-eslint";
+
+/** @type {import('eslint').Linter.Config[]} */
+export default [
+    { files: ["**/*.{js,mjs,cjs,ts}"] },
+    { languageOptions: { globals: globals.node } },
+    pluginJs.configs.recommended,
+    ...tseslint.configs.recommended,
+];
diff --git a/boilerplate/backend/node-express/index.ts b/boilerplate/backend/node-express/index.ts
@@ -3,7 +3,7 @@ import cors from "cors";
 import supertokens from "supertokens-node";
 import { verifySession } from "supertokens-node/recipe/session/framework/express";
 import { middleware, errorHandler, SessionRequest } from "supertokens-node/framework/express";
-import { getWebsiteDomain, SuperTokensConfig } from "./config";
+import { getWebsiteDomain, SuperTokensConfig } from "./config.js";
 import Multitenancy from "supertokens-node/recipe/multitenancy";
 
 supertokens.init(SuperTokensConfig);
@@ -22,9 +22,15 @@ app.use(
 // This exposes all the APIs from SuperTokens to the client.
 app.use(middleware());
 
+// This endpoint can be accessed regardless of
+// having a session with SuperTokens
+app.get("/hello", async (_req, res) => {
+    res.send("hello");
+});
+
 // An example API that requires session verification
 app.get("/sessioninfo", verifySession(), async (req: SessionRequest, res) => {
-    let session = req.session;
+    const session = req.session;
     res.send({
         sessionHandle: session!.getHandle(),
         userId: session!.getUserId(),
@@ -34,8 +40,8 @@ app.get("/sessioninfo", verifySession(), async (req: SessionRequest, res) => {
 
 // This API is used by the frontend to create the tenants drop down when the app loads.
 // Depending on your UX, you can remove this API.
-app.get("/tenants", async (req, res) => {
-    let tenants = await Multitenancy.listAllTenants();
+app.get("/tenants", async (_req, res) => {
+    const tenants = await Multitenancy.listAllTenants();
     res.send(tenants);
 });
 

diff --git a/boilerplate/backend/node-express/package.json b/boilerplate/backend/node-express/package.json
@@ -1,28 +1,30 @@
 {
     "name": "supertokens-node",
-    "version": "0.0.1",
+    "type": "module",
+    "version": "0.0.2",
     "private": true,
     "description": "",
-    "main": "index.js",
+    "main": "dist/index.js",
     "scripts": {
-        "start": "npx ts-node-dev --project ./tsconfig.json ./index.ts"
+        "start": "npx vite-node ./index.ts",
+        "lint": "eslint .",
+        "build": "tsc"
     },
     "dependencies": {
         "cors": "^2.8.5",
-        "express": "^4.18.1",
-        "helmet": "^5.1.0",
-        "morgan": "^1.10.0",
-        "npm-run-all": "^4.1.5",
+        "express": "^4.21.2",
         "supertokens-node": "latest",
-        "ts-node-dev": "^2.0.0",
         "typescript": "^4.7.2"
     },
     "devDependencies": {
+        "@eslint/js": "^9.16.0",
         "@types/cors": "^2.8.12",
         "@types/express": "^4.17.17",
-        "@types/morgan": "^1.9.3",
         "@types/node": "^16.11.38",
-        "nodemon": "^2.0.16"
+        "eslint": "^9.16.0",
+        "globals": "^15.13.0",
+        "typescript-eslint": "^8.18.0",
+        "vite-node": "^2.1.8"
     },
     "keywords": [],
     "author": "",