{"id":16795,"library":"create-auth-app-cli","title":"JWT Authentication Boilerplate CLI","description":"create-auth-app-cli is a command-line interface tool designed to rapidly scaffold a complete boilerplate for a JWT (JSON Web Token) authentication system. Currently at version 1.0.2, it provides a functional backend API with features such as user registration, login, logout, automatic token refresh, and robust Role-Based Access Control (RBAC). The generated project utilizes Node.js, Express.js, and MongoDB, incorporating security best practices like bcrypt for password hashing and HTTP-only cookies for refresh tokens. This CLI streamlines the setup process for backend authentication services, offering a clean and scalable project structure. Its release cadence is typically driven by updates to the underlying libraries in the generated template, security enhancements, or new features added to the boilerplate, rather than frequent releases of the CLI itself.","status":"active","version":"1.0.2","language":"javascript","source_language":"en","source_url":null,"tags":["javascript","auth","jwt","boilerplate","cli"],"install":[{"cmd":"npm install create-auth-app-cli","lang":"bash","label":"npm"},{"cmd":"yarn add create-auth-app-cli","lang":"bash","label":"yarn"},{"cmd":"pnpm add create-auth-app-cli","lang":"bash","label":"pnpm"}],"dependencies":[],"imports":[{"note":"This package is a CLI tool and is executed directly via `npx` or globally installed. It does not export modules for direct programmatic import.","wrong":"import createAuthApp from 'create-auth-app-cli'","symbol":"npx create-auth-app-cli","correct":"npx create-auth-app-cli my-auth-project"},{"note":"This import is for a middleware *within the project generated by the CLI*, not from the CLI package itself. The generated project uses ES Modules.","wrong":"const verifyToken = require('./src/middleware/auth');","symbol":"verifyToken","correct":"import verifyToken from './src/middleware/auth.js';"},{"note":"This import is for a middleware *within the project generated by the CLI*, not from the CLI package itself. The generated project uses ES Modules.","wrong":"const authorizeRoles = require('./src/middleware/rbac');","symbol":"authorizeRoles","correct":"import authorizeRoles from './src/middleware/rbac.js';"}],"quickstart":{"code":"npx create-auth-app-cli my-jwt-auth-backend\ncd my-jwt-auth-backend\ncp .env.example .env\n# IMPORTANT: Fill in your actual secrets and MongoDB URI in .env\n# For example:\n# MONGO_URI=mongodb://localhost:27017/my-jwt-db\n# ACCESS_TOKEN_SECRET=super_secret_jwt_key_123\n# REFRESH_TOKEN_SECRET=another_super_secret_key_456\n# Then install dependencies and run the server\nnpm install\nnpm run dev","lang":"bash","description":"Scaffolds a new JWT authentication project, navigates into it, sets up environment variables, installs dependencies, and starts the development server."},"warnings":[{"fix":"Consider using tools like `js-to-ts` or manually refactoring the generated code to TypeScript types and interfaces.","message":"The generated project uses plain JavaScript and not TypeScript. Developers accustomed to TypeScript will need to manually convert the codebase if type safety is desired.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Ensure MongoDB is installed and running, or update the `MONGO_URI` in the `.env` file to point to a valid MongoDB server.","message":"The scaffolded application requires a running MongoDB instance to function. If MongoDB is not accessible, the application will fail to connect and start.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Pin the CLI version (`npx create-auth-app-cli@1.x.x`) for existing projects, and thoroughly test any generated projects after upgrading the CLI.","message":"This is a new CLI tool (version 1.0.2). Future major versions (e.g., v2.0.0) may introduce breaking changes to the generated project structure, dependencies, or API endpoints. Always review the release notes before upgrading the CLI and regenerating projects.","severity":"breaking","affected_versions":">=1.0.0"},{"fix":"Use a robust secret generation tool (e.g., `openssl rand -base64 32`) and manage these secrets securely, perhaps via environment variables provided by your hosting platform.","message":"The `.env.example` file provides placeholder secrets for `ACCESS_TOKEN_SECRET` and `REFRESH_TOKEN_SECRET`. These **must** be replaced with strong, unique, randomly generated secrets in production environments to ensure security.","severity":"gotcha","affected_versions":">=1.0.0"}],"env_vars":null,"last_verified":"2026-04-22T00:00:00.000Z","next_check":"2026-07-21T00:00:00.000Z","problems":[{"fix":"Ensure MongoDB is running locally or that the `MONGO_URI` in your `.env` file points to a reachable MongoDB instance.","cause":"The MongoDB server is not running or is inaccessible from the application. The application cannot establish a database connection.","error":"MongooseServerSelectionError: connect ECONNREFUSED 127.0.0.1:27017"},{"fix":"Open your `.env` file and provide values for `ACCESS_TOKEN_SECRET` and `REFRESH_TOKEN_SECRET`. These should be strong, unique strings.","cause":"One of the JWT secrets (`ACCESS_TOKEN_SECRET` or `REFRESH_TOKEN_SECRET`) is not defined in the `.env` file, preventing token generation or verification.","error":"Error: secretOrPrivateKey must have a value"},{"fix":"Change the `PORT` variable in your `.env` file to an unused port (e.g., 3000, 8000), or terminate the process currently using port 5000.","cause":"Another process is already using the port that the Express server (default 5000) is trying to bind to.","error":"Error: listen EADDRINUSE: address already in use :::5000"}],"ecosystem":"npm","meta_description":null}