Cloud-native MEAN boilerplate

[LouisLetcher]

Initial scaffold of a comprehensive, cloud-native MEAN stack boilerplate, implementing 12-Factor App principles and modern best practices for a production-ready foundation.

---

  

[cursor]

Cursor Agent can help with this pull request. Just @cursor in comments and I'll start working on changes in this branch.
_{Learn more about Cursor Agents}

[gemini-code-assist]

Summary of Changes

Hello @LouisLetcher, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces the foundational codebase for a cloud-native MEAN stack application. It provides a comprehensive setup that prioritizes modern development practices, including containerization, robust API design, and a highly performant Angular frontend. The structure is designed to be easily extensible and maintainable, offering a solid starting point for new projects.

Highlights

• Initial MEAN Stack Scaffold: Established a complete cloud-native MEAN (MongoDB, Express.js, Angular, Node.js) stack boilerplate, adhering to 12-Factor App principles for a production-ready foundation.
• Docker Integration: Implemented multi-stage Dockerfiles for both backend (Node.js) and frontend (Nginx serving Angular), along with a docker-compose.yml for simplified local full-stack development, including MongoDB.
• Backend API Structure: Developed a robust Express.js backend with TypeScript, featuring structured routing, Zod-based request validation, custom error handling, Pino logging, and security middleware (Helmet, CORS, Rate Limiting). Initial modules for authentication and user management are included.
• Angular Frontend Architecture: Set up an Angular 17+ frontend utilizing standalone components, lazy loading for routes, Angular signals for state management, and control-flow syntax. It includes HTTP interceptors for API error handling and authentication.
• Developer Experience & Quality: Configured Git hooks with Husky and lint-staged for pre-commit checks, enforced Conventional Commits with commitlint, and integrated Prettier for consistent code formatting across the monorepo. ESLint and Jest are set up for both backend and frontend.

Changelog

• .commitlintrc.cjs
  • Added configuration for commit message linting to enforce Conventional Commits.
• .editorconfig
  • Added EditorConfig settings to ensure consistent code style across different editors.
• .gitignore
  • Added global Git ignore rules for common development artifacts and sensitive files.
• .husky/commit-msg
  • Added a Husky hook to run commitlint on commit messages.
• .husky/pre-commit
  • Added a Husky hook to run lint-staged before committing changes.
• .lintstagedrc.cjs
  • Added lint-staged configuration to format and lint staged files.
• .prettierignore
  • Added Prettier ignore rules for generated files and lock files.
• .prettierrc
  • Added Prettier configuration for consistent code formatting.
• README.md
  • Updated the main README with a detailed project overview, repository structure, quick start instructions for local development and Docker, and a list of core API endpoints.
• backend/.dockerignore
  • Added Docker ignore rules specific to the backend service.
• backend/.env.example
  • Added an example environment file for backend configuration.
• backend/Dockerfile
  • Added a multi-stage Dockerfile for building and running the backend application.
• backend/eslint.config.mjs
  • Added ESLint configuration for the backend TypeScript codebase.
• backend/jest.config.ts
  • Added Jest configuration for backend unit and integration tests.
• backend/package.json
  • Added backend-specific package.json with dependencies, scripts, and metadata.
• backend/src/app.ts
  • Added the main Express application setup, integrating middleware for logging, security, JSON parsing, and routing.
• backend/src/common/errors/app-error.ts
  • Added a custom AppError class for standardized application-specific error handling.
• backend/src/common/middleware/error-handler.middleware.ts
  • Added global error handling middleware to catch and format application errors.
• backend/src/common/middleware/not-found.middleware.ts
  • Added middleware to handle requests to undefined routes, returning a 404 error.
• backend/src/common/middleware/request-logger.middleware.ts
  • Added request logging middleware using Pino for structured logging.
• backend/src/common/middleware/security.middleware.ts
  • Added security middleware including Helmet, CORS, and rate limiting.
• backend/src/common/middleware/validate-request.middleware.ts
  • Added a middleware for request validation using Zod schemas.
• backend/src/common/types/api-response.ts
  • Added TypeScript interfaces for consistent API success and error response structures.
• backend/src/common/utils/async-handler.ts
  • Added a utility function to wrap asynchronous Express route handlers for automatic error catching.
• backend/src/config/db.ts
  • Added Mongoose database connection and disconnection logic.
• backend/src/config/env.ts
  • Added environment variable loading and validation using dotenv and Zod.
• backend/src/config/logger.ts
  • Added Pino logger configuration for the backend application.
• backend/src/modules/auth/auth.controller.ts
  • Added an authentication controller with a login handler.
• backend/src/modules/auth/auth.routes.ts
  • Added API routes for authentication.
• backend/src/modules/auth/auth.service.ts
  • Added an authentication service responsible for user login, password comparison, and JWT generation.
• backend/src/modules/auth/auth.validation.ts
  • Added Zod schema for validating login input.
• backend/src/modules/health/health.controller.ts
  • Added a health check controller with liveness and readiness endpoints.
• backend/src/modules/health/health.routes.ts
  • Added public routes for health checks.
• backend/src/modules/health/health.service.ts
  • Added a health check service to report application and database status.
• backend/src/modules/users/user.controller.ts
  • Added a user controller with handlers for creating and listing users.
• backend/src/modules/users/user.model.ts
  • Added the Mongoose schema and model for user data.
• backend/src/modules/users/user.routes.ts
  • Added API routes for user management.
• backend/src/modules/users/user.service.ts
  • Added a user service for creating new users (with password hashing) and retrieving user lists.
• backend/src/modules/users/user.validation.ts
  • Added Zod schemas for validating user creation and user ID inputs.
• backend/src/routes/index.ts
  • Added a central file to aggregate and export public and API routes.
• backend/src/server.ts
  • Added the main server entry point, including database connection, server startup, and graceful shutdown handling.
• backend/tests/integration/health.e2e.spec.ts
  • Added end-to-end integration tests for the health check endpoints.
• backend/tests/unit/health.service.spec.ts
  • Added unit tests for the health service logic.
• backend/tsconfig.build.json
  • Added TypeScript build configuration for the backend, specifying output directory and source maps.
• backend/tsconfig.json
  • Added base TypeScript configuration for the backend project.
• docker-compose.yml
  • Added Docker Compose configuration to orchestrate MongoDB, backend, and frontend services for local development.
• frontend/.dockerignore
  • Added Docker ignore rules specific to the frontend service.
• frontend/.editorconfig
  • Added EditorConfig settings for consistent code style in the frontend.
• frontend/.env.example
  • Added an example environment file for frontend API configuration.
• frontend/.gitignore
  • Added Git ignore rules for common Angular and Node.js artifacts in the frontend.
• frontend/Dockerfile
  • Added a multi-stage Dockerfile for building the Angular frontend and serving it with Nginx.
• frontend/README.md
  • Added a README for the frontend project, including development, building, and testing instructions.
• frontend/angular.json
  • Added Angular CLI configuration for the frontend project.
• frontend/eslint.config.mjs
  • Added ESLint configuration for the frontend TypeScript codebase.
• frontend/nginx/default.conf
  • Added Nginx configuration to serve the Angular application and proxy API requests to the backend.
• frontend/package.json
  • Added frontend-specific package.json with Angular dependencies, scripts, and metadata.
• frontend/src/app/app.config.ts
  • Added Angular application configuration, including HTTP client setup with interceptors and router providers.
• frontend/src/app/app.routes.ts
  • Added Angular application routes, demonstrating lazy loading for feature modules.
• frontend/src/app/app.spec.ts
  • Added a basic test file for the root Angular application component.
• frontend/src/app/app.ts
  • Added the root Angular application component.
• frontend/src/app/core/interceptors/api-error.interceptor.ts
  • Added an HTTP interceptor to handle and normalize API error responses.
• frontend/src/app/core/interceptors/auth.interceptor.ts
  • Added an HTTP interceptor to attach authentication tokens to outgoing API requests.
• frontend/src/app/core/services/api.service.ts
  • Added an Angular service for interacting with the backend API, including health checks and login functionality.
• frontend/src/app/core/services/auth-token.service.spec.ts
  • Added tests for the authentication token service.
• frontend/src/app/core/services/auth-token.service.ts
  • Added an Angular service for managing authentication tokens in local storage and as a signal.
• frontend/src/app/features/auth/login.component.html
  • Added the HTML template for the login component.
• frontend/src/app/features/auth/login.component.scss
  • Added SCSS styles for the login component.
• frontend/src/app/features/auth/login.component.ts
  • Added the Angular login component, including form handling, API interaction, and token management.
• frontend/src/app/features/home/home.component.html
  • Added the HTML template for the home component, displaying backend health status.
• frontend/src/app/features/home/home.component.scss
  • Added SCSS styles for the home component.
• frontend/src/app/features/home/home.component.ts
  • Added the Angular home component, demonstrating API calls for backend health and signal-based state management.
• frontend/src/app/features/shell/shell.component.html
  • Added the HTML template for the application shell, including navigation and logout functionality.
• frontend/src/app/features/shell/shell.component.scss
  • Added SCSS styles for the application shell.
• frontend/src/app/features/shell/shell.component.ts
  • Added the Angular shell component, managing global layout, navigation, and authentication state.
• frontend/src/app/shared/ui/loading-indicator.component.ts
  • Added a standalone Angular loading indicator component.
• frontend/src/environments/environment.development.ts
  • Added development environment configuration for the Angular application.
• frontend/src/environments/environment.ts
  • Added production environment configuration for the Angular application.
• frontend/src/index.html
  • Added the main HTML entry file for the Angular application.
• frontend/src/main.ts
  • Added the main TypeScript file for bootstrapping the Angular application.
• frontend/src/styles.scss
  • Added global SCSS styles for the frontend application.
• frontend/tsconfig.app.json
  • Added TypeScript configuration specific to the Angular application build.
• frontend/tsconfig.json
  • Added base TypeScript configuration for the frontend project.
• frontend/tsconfig.spec.json
  • Added TypeScript configuration specific to Angular unit tests.
• package-lock.json
  • Added package-lock.json to lock down dependency versions for consistent builds.
• package.json
  • Added the root package.json for the monorepo, including workspace scripts and dev dependencies for tooling.
• tsconfig.base.json
  • Added a base TypeScript configuration file for consistent settings across the monorepo.

Ignored Files

• Ignored by pattern: .github/workflows/** (1)
  • .github/workflows/ci.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a comprehensive boilerplate for a cloud-native MEAN stack application. The initial scaffolding is well-structured, incorporating modern best practices such as multi-stage Docker builds, graceful shutdown, and environment variable validation with Zod. My review focuses on enhancing security, configuration management, and dependency correctness. I've identified a few critical issues, including incorrect package versions that would prevent the application from building, and a security vulnerability related to the handling of the default JWT secret in production. I have also provided suggestions to improve error handling, make configurations more flexible, and use more performant libraries suitable for a production environment.

[gemini-code-assist]

Many of the specified dependency versions do not exist on the npm registry, which will cause npm install to fail. It seems there might be typos or outdated information.

For example:

• express: version 5.2.1 does not exist. The latest stable is 4.19.2, and the latest beta for v5 is 5.0.0-beta.1.
• bcryptjs: version 3.0.3 does not exist. The latest is 2.4.3.
• mongoose: version 9.2.1 is old. The latest is ^8.5.1.

Please review all dependencies and their versions to ensure they are correct and up-to-date.