SEO_iamge_renamer_starting_.../packages/api/src/main.ts

import { NestFactory } from '@nestjs/core';
import { ValidationPipe, Logger } from '@nestjs/common';
import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
import { ConfigService } from '@nestjs/config';
import helmet from 'helmet';
import * as compression from 'compression';
import * as cookieParser from 'cookie-parser';

import { AppModule } from './app.module';

async function bootstrap() {
  const logger = new Logger('Bootstrap');
  
  const app = await NestFactory.create(AppModule);
  const configService = app.get(ConfigService);
  
  // Global prefix for API routes
  app.setGlobalPrefix('api');
  
  // Enable CORS
  app.enableCors({
    origin: configService.get<string>('CORS_ORIGIN', 'http://localhost:3000'),
    credentials: true,
    methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
    allowedHeaders: [
      'Content-Type',
      'Authorization',
      'X-Requested-With',
      'X-CSRF-Token',
      'Accept',
    ],
  });
  
  // Security middleware
  app.use(helmet({
    contentSecurityPolicy: false, // We handle CSP in our custom middleware
    crossOriginEmbedderPolicy: false, // Allow embedding for OAuth
  }));
  
  // Compression middleware
  app.use(compression());
  
  // Cookie parser
  app.use(cookieParser(configService.get<string>('COOKIE_SECRET')));
  
  // Global validation pipe
  app.useGlobalPipes(
    new ValidationPipe({
      whitelist: true, // Strip unknown properties
      forbidNonWhitelisted: true, // Throw error for unknown properties
      transform: true, // Transform payloads to DTO instances
      disableErrorMessages: process.env.NODE_ENV === 'production',
    }),
  );
  
  // Swagger documentation (development only)
  if (process.env.NODE_ENV !== 'production') {
    const config = new DocumentBuilder()
      .setTitle('SEO Image Renamer API')
      .setDescription('AI-powered bulk image renaming SaaS API')
      .setVersion('1.0')
      .addBearerAuth(
        {
          type: 'http',
          scheme: 'bearer',
          bearerFormat: 'JWT',
          name: 'JWT',
          description: 'Enter JWT token',
          in: 'header',
        },
        'JWT-auth',
      )
      .addTag('Authentication', 'Google OAuth and JWT authentication')
      .addTag('Users', 'User management and profile operations')
      .addTag('Batches', 'Image batch processing')
      .addTag('Images', 'Individual image operations')
      .addTag('Payments', 'Stripe payment processing')
      .build();
      
    const document = SwaggerModule.createDocument(app, config);
    SwaggerModule.setup('api/docs', app, document, {
      customSiteTitle: 'SEO Image Renamer API Documentation',
      customfavIcon: '/favicon.ico',
      customCss: '.swagger-ui .topbar { display: none }',
    });
    
    logger.log('Swagger documentation available at /api/docs');
  }
  
  // Start server
  const port = configService.get<number>('PORT', 3001);
  await app.listen(port);
  
  logger.log(`🚀 SEO Image Renamer API running on port ${port}`);
  logger.log(`📚 Environment: ${process.env.NODE_ENV || 'development'}`);
  
  if (process.env.NODE_ENV !== 'production') {
    logger.log(`📖 API Documentation: http://localhost:${port}/api/docs`);
  }
}

bootstrap().catch((error) => {
  Logger.error('Failed to start application', error);
  process.exit(1);
});
feat(auth): implement complete Google OAuth authentication system - Add authentication module with Google OAuth 2.0 and JWT strategies - Create secure user management with email hashing (SHA-256) - Implement rate limiting (10 requests/minute) for auth endpoints - Add CSRF protection and security middleware - Create user registration with Basic plan (50 quota default) - Add JWT-based session management with secure cookies - Implement protected routes with authentication guards - Add comprehensive API documentation with Swagger - Configure environment variables for OAuth and security - Add user profile management and quota tracking Resolves authentication requirements §18-20: - §18: Google OAuth 2.0 with email scope only - §19: Auto-create User record on first OAuth callback - §20: Store only Google UID, display name, and email hash 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> 2025-08-05 17:09:43 +02:00			`import { NestFactory } from '@nestjs/core';`
			`import { ValidationPipe, Logger } from '@nestjs/common';`
			`import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';`
			`import { ConfigService } from '@nestjs/config';`
			`import helmet from 'helmet';`
			`import * as compression from 'compression';`
			`import * as cookieParser from 'cookie-parser';`

			`import { AppModule } from './app.module';`

			`async function bootstrap() {`
			`const logger = new Logger('Bootstrap');`

			`const app = await NestFactory.create(AppModule);`
			`const configService = app.get(ConfigService);`

			`// Global prefix for API routes`
			`app.setGlobalPrefix('api');`

			`// Enable CORS`
			`app.enableCors({`
			`origin: configService.get<string>('CORS_ORIGIN', 'http://localhost:3000'),`
			`credentials: true,`
			`methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],`
			`allowedHeaders: [`
			`'Content-Type',`
			`'Authorization',`
			`'X-Requested-With',`
			`'X-CSRF-Token',`
			`'Accept',`
			`],`
			`});`

			`// Security middleware`
			`app.use(helmet({`
			`contentSecurityPolicy: false, // We handle CSP in our custom middleware`
			`crossOriginEmbedderPolicy: false, // Allow embedding for OAuth`
			`}));`

			`// Compression middleware`
			`app.use(compression());`

			`// Cookie parser`
			`app.use(cookieParser(configService.get<string>('COOKIE_SECRET')));`

			`// Global validation pipe`
			`app.useGlobalPipes(`
			`new ValidationPipe({`
			`whitelist: true, // Strip unknown properties`
			`forbidNonWhitelisted: true, // Throw error for unknown properties`
			`transform: true, // Transform payloads to DTO instances`
			`disableErrorMessages: process.env.NODE_ENV === 'production',`
			`}),`
			`);`

			`// Swagger documentation (development only)`
			`if (process.env.NODE_ENV !== 'production') {`
			`const config = new DocumentBuilder()`
			`.setTitle('SEO Image Renamer API')`
			`.setDescription('AI-powered bulk image renaming SaaS API')`
			`.setVersion('1.0')`
			`.addBearerAuth(`
			`{`
			`type: 'http',`
			`scheme: 'bearer',`
			`bearerFormat: 'JWT',`
			`name: 'JWT',`
			`description: 'Enter JWT token',`
			`in: 'header',`
			`},`
			`'JWT-auth',`
			`)`
			`.addTag('Authentication', 'Google OAuth and JWT authentication')`
			`.addTag('Users', 'User management and profile operations')`
			`.addTag('Batches', 'Image batch processing')`
			`.addTag('Images', 'Individual image operations')`
			`.addTag('Payments', 'Stripe payment processing')`
			`.build();`

			`const document = SwaggerModule.createDocument(app, config);`
			`SwaggerModule.setup('api/docs', app, document, {`
			`customSiteTitle: 'SEO Image Renamer API Documentation',`
			`customfavIcon: '/favicon.ico',`
			`customCss: '.swagger-ui .topbar { display: none }',`
			`});`

			`logger.log('Swagger documentation available at /api/docs');`
			`}`

			`// Start server`
			`const port = configService.get<number>('PORT', 3001);`
			`await app.listen(port);`

			logger.log(`🚀 SEO Image Renamer API running on port ${port}`);
			logger.log(`📚 Environment: ${process.env.NODE_ENV \|\| 'development'}`);

			`if (process.env.NODE_ENV !== 'production') {`
			logger.log(`📖 API Documentation: http://localhost:${port}/api/docs`);
			`}`
			`}`

			`bootstrap().catch((error) => {`
			`Logger.error('Failed to start application', error);`
			`process.exit(1);`
			`});`