Update pnpm-lock.yaml

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

.changeset/big-phones-bow.md

@@ -0,0 +1,6 @@
+---
+"@blitzjs/next": patch
+"@blitzjs/generator": patch
+---
+
+add mounted check inside withBlitz

.changeset/breezy-cameras-double.md

@@ -0,0 +1,7 @@
+---
+"blitz": patch
+"@blitzjs/next": patch
+"@blitzjs/generator": patch
+---
+
+Fix codegen and postinstall to make work with pnpm

.changeset/bright-mangos-run.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/rpc": patch
+---
+
+Add queryClient to RPC Plugin exports

.changeset/config.json

@@ -7,5 +7,5 @@
   "access": "restricted",
   "baseBranch": "main",
   "updateInternalDependencies": "patch",
-  "ignore": ["web", "test-*"]
+  "ignore": ["web", "test-*", "toolkit-app"]
 }

.changeset/cool-doors-invent.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/rpc": patch
+---
+
+Add invokeWithCtx function

.changeset/dirty-monkeys-greet.md

@@ -0,0 +1,6 @@
+---
+"blitz": patch
+"@blitzjs/generator": patch
+---
+
+Use alpha version for blitz dependency, fix package manager selection

.changeset/eleven-humans-sort.md

@@ -0,0 +1,6 @@
+---
+"@blitzjs/codemod": patch
+"@blitzjs/generator": patch
+---
+
+codemod fixes

.changeset/empty-berries-rule.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+fix app generator for pnpm unmet dependency

.changeset/fair-wombats-sneeze.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/next": patch
+---
+
+added superjson

.changeset/famous-kings-explain.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+updated nextjs version in generator & npmrc file

.changeset/fast-trainers-kneel.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+Export Zod utils from blitz core package

.changeset/flat-bees-approve.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+set default enviornment variable to development unless build and start command

.changeset/four-meals-fry.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/next": patch
+---
+
+export BlitzPage & BlitzLayout types from @blitzjs/next

.changeset/gentle-dogs-reply.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Update queryClient import in codemod

.changeset/great-months-train.md

@@ -0,0 +1,9 @@
+---
+"blitz": patch
+"@blitzjs/next": patch
+"@blitzjs/auth": patch
+"@blitzjs/rpc": patch
+"@blitzjs/generator": patch
+---
+
+fix route manifest codegen

.changeset/green-papayas-do.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+Update codemod and template with a new queryClient import location

.changeset/healthy-rice-shout.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+detailed print env info

.changeset/hot-drinks-approve.md

@@ -0,0 +1,6 @@
+---
+"@blitzjs/next": patch
+"@blitzjs/generator": patch
+---
+
+Upgrade @types/react, fix typings inside @blitzjs/next

.changeset/lovely-colts-share.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+fix broken cli versioning

.changeset/modern-cameras-pull.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/next": patch
+---
+
+Support `prefetchBlitzQuery` in gSSP and gSP

.changeset/moody-squids-cheer.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+test automated publish

.changeset/nice-starfishes-live.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+add mounted check to app generator template

.changeset/nine-onions-admire.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+downgrade pkg-dir to non-esm only version

.changeset/olive-bees-buy.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Fix templates source in RPC codemod step

.changeset/olive-feet-rhyme.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Add codemod to upgrade from legacy framework to the Blitz Toolkit

.changeset/plenty-bottles-swim.md

@@ -0,0 +1,11 @@
+---
+"blitz": patch
+"@blitzjs/next": patch
+"@blitzjs/generator": patch
+---
+
+- Add mounted check to withBlitz
+- Upgrade @types/react, fix typings inside @blitzjs/next
+- Support prefetchBlitzQuery in gSP and gSSP
+- Add db seed cli command
+- Add try/catch to changePassword mutation

.changeset/poor-penguins-look.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+add `db seed` cli command

.changeset/poor-shrimps-think.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/next": patch
+---
+
+Setup SuperJson for GSSP and GSP

.changeset/pre.json

@@ -12,7 +12,63 @@
     "@blitzjs/rpc": "2.0.0-alpha.0",
     "@blitzjs/config": "0.0.0",
     "@blitzjs/generator": "2.0.0-alpha.0",
-    "template": "0.0.0"
+    "@blitzjs/codemod": "2.0.0-alpha.0",
+    "template": "0.0.0",
+    "toolkit-app": "1.0.0",
+    "test-qm": "0.0.0",
+    "test-no-suspense": "0.0.0",
+    "test-trailing-slash": "0.0.0"
   },
-  "changesets": ["ninety-pets-heal", "poor-peas-lick"]
+  "changesets": [
+    "big-phones-bow",
+    "breezy-cameras-double",
+    "bright-mangos-run",
+    "cool-doors-invent",
+    "dirty-monkeys-greet",
+    "eleven-humans-sort",
+    "empty-berries-rule",
+    "fair-wombats-sneeze",
+    "famous-kings-explain",
+    "fast-trainers-kneel",
+    "flat-bees-approve",
+    "four-meals-fry",
+    "gentle-dogs-reply",
+    "great-months-train",
+    "green-papayas-do",
+    "healthy-rice-shout",
+    "hot-drinks-approve",
+    "lovely-colts-share",
+    "modern-cameras-pull",
+    "moody-squids-cheer",
+    "nice-starfishes-live",
+    "nine-onions-admire",
+    "ninety-pets-heal",
+    "olive-bees-buy",
+    "olive-feet-rhyme",
+    "plenty-bottles-swim",
+    "poor-peas-lick",
+    "poor-penguins-look",
+    "poor-shrimps-think",
+    "quiet-feet-travel",
+    "rich-chairs-invent",
+    "sharp-falcons-begin",
+    "shy-olives-hang",
+    "silent-colts-reply",
+    "small-socks-confess",
+    "stupid-walls-sell",
+    "swift-drinks-dress",
+    "tasty-news-collect",
+    "ten-rivers-burn",
+    "tender-pianos-check",
+    "thick-parrots-float",
+    "thirty-countries-build",
+    "twenty-beans-pump",
+    "two-kiwis-help",
+    "unlucky-papayas-sleep",
+    "violet-bags-leave",
+    "violet-lions-help",
+    "weak-suns-shave",
+    "wicked-ghosts-cough",
+    "wise-frogs-give"
+  ]
 }

.changeset/quiet-feet-travel.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+fix source path for templates

.changeset/rich-chairs-invent.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/next": patch
+---
+
+Rename prefetchBlitzQuery to prefetchQuery, add prefetchInfiniteQuery

.changeset/sharp-falcons-begin.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+Use routes manifest in template app

.changeset/shy-olives-hang.md

@@ -0,0 +1,6 @@
+---
+"@blitzjs/rpc": patch
+"@blitzjs/generator": patch
+---
+
+Update RPC plugin setup in templates

.changeset/silent-colts-reply.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+added index.cjs to blitz externals

.changeset/small-socks-confess.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/auth": patch
+---
+
+Add passport adapter to @blitzjs/auth

.changeset/stupid-walls-sell.md

@@ -0,0 +1,8 @@
+---
+"blitz": patch
+"@blitzjs/auth": patch
+"@blitzjs/next": patch
+"@blitzjs/rpc": patch
+---
+
+testing set dist-tag

.changeset/swift-drinks-dress.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/next": patch
+---
+
+Fix postinstall script not being found

.changeset/tasty-news-collect.md

@@ -0,0 +1,6 @@
+---
+"blitz": patch
+"@blitzjs/codemod": patch
+---
+
+init codemod generator

.changeset/ten-rivers-burn.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+fix more cli problems

.changeset/tender-pianos-check.md

@@ -0,0 +1,7 @@
+---
+"blitz": patch
+"@blitzjs/next": patch
+"@blitzjs/generator": patch
+---
+
+various improvements and fixes

.changeset/thick-parrots-float.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+allow extension catch in getAllFiles codemod util

.changeset/thirty-countries-build.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+add @blitzjs/generator as external

.changeset/twenty-beans-pump.md

@@ -0,0 +1,10 @@
+---
+"blitz": patch
+"@blitzjs/auth": patch
+"@blitzjs/next": patch
+"@blitzjs/rpc": patch
+"@blitzjs/config": patch
+"@blitzjs/generator": patch
+---
+
+new app template

.changeset/two-kiwis-help.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+fix generate cli command

.changeset/unlucky-papayas-sleep.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+remove console logs inside onPostInstall in the new cli command

.changeset/violet-bags-leave.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Update templates directory for codemod

.changeset/violet-lions-help.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/rpc": patch
+---
+
+Add resolverBasePath to Blitz config to change the way rpc routes are generated

.changeset/weak-suns-shave.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/next": patch
+---
+
+Move blitz config to next.config.js

.changeset/wicked-ghosts-cough.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+fix template sourcepath because of new env variable

.changeset/wise-frogs-give.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+use latest tag for generator template on rpc & auth packages

.github/workflows/release.yml

@@ -0,0 +1,44 @@
+name: Release
+
+on:
+  push:
+    branches:
+      - main
+
+concurrency: ${{ github.workflow }}-${{ github.ref }}
+
+jobs:
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v2
+
+      - name: Setup Node.js 16.x
+        uses: actions/setup-node@v2
+        with:
+          node-version: 16.x
+
+      - name: Creating .npmrc
+        run: |
+          cat << EOF > "$HOME/.npmrc"
+            //registry.npmjs.org/:_authToken=$NPM_TOKEN
+          EOF
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      - name: Pre-publish
+        uses: pnpm/action-setup@646cdf48217256a3d0b80361c5a50727664284f2
+        with:
+          version: 6.32.6
+      - run: pnpm install --frozen-lockfile
+      - run: pnpm build
+
+      - name: Create Release Pull Request
+        uses: changesets/action@v1
+        with:
+          publish: pnpm release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

.gitignore

@@ -62,6 +62,7 @@ examples/auth2
 .idea
 .ultra.cache.json
 db.sqlite-journal
+**/db/db.sqlite
 test/integration/**/db.json
 test/**/*/out
 test/**/blitz-env.d.ts

.npmrc

@@ -1,7 +1,9 @@
 save-exact=true
+strict-peer-dependencies=false
 
 public-hoist-pattern[]=secure-password
 public-hoist-pattern[]=*types*
 public-hoist-pattern[]=*eslint*
 public-hoist-pattern[]=@prettier/plugin-*
 public-hoist-pattern[]=*prettier-plugin-*
+strict-peer-dependencies=false

README.md

@@ -174,6 +174,7 @@ Your financial contributions help ensure Blitz continues to be developed and mai
   <tr>
     <td align="center"><a href="https://twitter.com/flybayer"><img src="https://avatars3.githubusercontent.com/u/8813276?v=4" width="100px;" alt=""/><br /><sub><b>Brandon Bayer</b></sub></a><br />Creator</td>
     <td align="center"><a href="http://aleksandra.codes"><img src="https://avatars.githubusercontent.com/u/9019397?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Aleksandra Sikora</b></sub></a><br />Lead Maintainer</td>
+    <td align="center"><a href="http://twitter.com/dillonraphael"><img src="https://avatars.githubusercontent.com/u/3496193?v=4" width="100px;" alt=""/><br /><sub><b>Dillon Raphael</b></sub></a><br />Senior Maintainer</td>
 
   </tr>
 </table>

apps/toolkit-app/.editorconfig

@@ -0,0 +1,11 @@
+# https://EditorConfig.org
+
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true

apps/toolkit-app/.env

@@ -0,0 +1,3 @@
+# This env file should be checked into source control
+# This is the place for default values for all environments
+# Values in `.env.local` and `.env.production` will override these values

apps/toolkit-app/.eslintrc.js

@@ -0,0 +1 @@
+module.exports = require("@blitzjs/next/eslint")

apps/toolkit-app/.gitignore

@@ -0,0 +1,56 @@
+# dependencies
+node_modules
+.yarn/*
+!.yarn/patches
+!.yarn/plugins
+!.yarn/releases
+!.yarn/sdks
+!.yarn/versions
+.pnp.*
+.npm
+web_modules/
+
+# blitz
+/.blitz/
+/.next/
+*.sqlite
+*.sqlite-journal
+.now
+.blitz**
+blitz-log.log
+
+# misc
+.DS_Store
+
+# local env files
+.env.local
+.env.*.local
+.envrc
+
+# Logs
+logs
+*.log
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Testing
+.coverage
+*.lcov
+.nyc_output
+lib-cov
+
+# Caches
+*.tsbuildinfo
+.eslintcache
+.node_repl_history
+.yarn-integrity
+
+# Serverless directories
+.serverless/
+
+# Stores VSCode versions used for testing VSCode extensions
+.vscode-test

apps/toolkit-app/.prettierignore

@@ -0,0 +1,9 @@
+.gitkeep
+.env*
+*.ico
+*.lock
+db/migrations
+.next
+.yarn
+.pnp.*
+node_modules

apps/toolkit-app/CHANGELOG.md

@@ -0,0 +1,185 @@
+# toolkit-app
+
+## 1.0.1-alpha.16
+
+### Patch Changes
+
+- blitz@2.0.0-alpha.21
+- @blitzjs/auth@2.0.0-alpha.21
+- @blitzjs/next@2.0.0-alpha.21
+- @blitzjs/rpc@2.0.0-alpha.21
+- @blitzjs/config@2.0.0-alpha.21
+
+## 1.0.1-alpha.15
+
+### Patch Changes
+
+- Updated dependencies
+  - blitz@2.0.0-alpha.20
+  - @blitzjs/auth@2.0.0-alpha.20
+  - @blitzjs/next@2.0.0-alpha.20
+  - @blitzjs/rpc@2.0.0-alpha.20
+  - @blitzjs/config@2.0.0-alpha.20
+
+## 1.0.1-alpha.14
+
+### Patch Changes
+
+- Updated dependencies
+- Updated dependencies [2150dcc3]
+  - @blitzjs/next@2.0.0-alpha.19
+  - blitz@2.0.0-alpha.19
+  - @blitzjs/auth@2.0.0-alpha.19
+  - @blitzjs/rpc@2.0.0-alpha.19
+  - @blitzjs/config@2.0.0-alpha.19
+
+## 1.0.1-alpha.13
+
+### Patch Changes
+
+- Updated dependencies
+  - blitz@2.0.0-alpha.18
+  - @blitzjs/auth@2.0.0-alpha.18
+  - @blitzjs/next@2.0.0-alpha.18
+  - @blitzjs/rpc@2.0.0-alpha.18
+  - @blitzjs/config@2.0.0-alpha.18
+
+## 1.0.1-alpha.12
+
+### Patch Changes
+
+- blitz@2.0.0-alpha.17
+- @blitzjs/auth@2.0.0-alpha.17
+- @blitzjs/next@2.0.0-alpha.17
+- @blitzjs/rpc@2.0.0-alpha.17
+- @blitzjs/config@2.0.0-alpha.17
+
+## 1.0.1-alpha.11
+
+### Patch Changes
+
+- Updated dependencies
+  - blitz@2.0.0-alpha.16
+  - @blitzjs/auth@2.0.0-alpha.16
+  - @blitzjs/next@2.0.0-alpha.16
+  - @blitzjs/rpc@2.0.0-alpha.16
+  - @blitzjs/config@2.0.0-alpha.16
+
+## 1.0.1-alpha.10
+
+### Patch Changes
+
+- blitz@2.0.0-alpha.15
+- @blitzjs/auth@2.0.0-alpha.15
+- @blitzjs/next@2.0.0-alpha.15
+- @blitzjs/rpc@2.0.0-alpha.15
+- @blitzjs/config@2.0.0-alpha.15
+
+## 1.0.1-alpha.9
+
+### Patch Changes
+
+- Updated dependencies
+  - blitz@2.0.0-alpha.14
+  - @blitzjs/auth@2.0.0-alpha.14
+  - @blitzjs/next@2.0.0-alpha.14
+  - @blitzjs/rpc@2.0.0-alpha.14
+  - @blitzjs/config@2.0.0-alpha.14
+
+## 1.0.1-alpha.8
+
+### Patch Changes
+
+- Updated dependencies
+  - blitz@2.0.0-alpha.13
+  - @blitzjs/next@2.0.0-alpha.13
+  - @blitzjs/auth@2.0.0-alpha.13
+  - @blitzjs/rpc@2.0.0-alpha.13
+  - @blitzjs/config@2.0.0-alpha.13
+
+## 1.0.1-alpha.7
+
+### Patch Changes
+
+- Updated dependencies
+  - blitz@2.0.0-alpha.12
+  - @blitzjs/auth@2.0.0-alpha.12
+  - @blitzjs/next@2.0.0-alpha.12
+  - @blitzjs/rpc@2.0.0-alpha.12
+  - @blitzjs/config@2.0.0-alpha.12
+
+## 1.0.1-alpha.6
+
+### Patch Changes
+
+- Updated dependencies
+  - @blitzjs/next@2.0.0-alpha.11
+  - @blitzjs/auth@2.0.0-alpha.11
+  - @blitzjs/rpc@2.0.0-alpha.11
+  - @blitzjs/config@2.0.0-alpha.11
+  - blitz@2.0.0-alpha.11
+
+## 1.0.1-alpha.5
+
+### Patch Changes
+
+- blitz@2.0.0-alpha.10
+- @blitzjs/auth@2.0.0-alpha.10
+- @blitzjs/next@2.0.0-alpha.10
+- @blitzjs/rpc@2.0.0-alpha.10
+- @blitzjs/config@2.0.0-alpha.10
+
+## 1.0.1-alpha.4
+
+### Patch Changes
+
+- Updated dependencies
+  - blitz@2.0.0-alpha.9
+  - @blitzjs/auth@2.0.0-alpha.9
+  - @blitzjs/next@2.0.0-alpha.9
+  - @blitzjs/rpc@2.0.0-alpha.9
+  - @blitzjs/config@2.0.0-alpha.9
+
+## 1.0.1-alpha.3
+
+### Patch Changes
+
+- Updated dependencies
+  - blitz@2.0.0-alpha.8
+  - @blitzjs/auth@2.0.0-alpha.8
+  - @blitzjs/next@2.0.0-alpha.8
+  - @blitzjs/rpc@2.0.0-alpha.8
+  - @blitzjs/config@2.0.0-alpha.8
+
+## 1.0.1-alpha.2
+
+### Patch Changes
+
+- Updated dependencies
+  - blitz@2.0.0-alpha.7
+  - @blitzjs/auth@2.0.0-alpha.7
+  - @blitzjs/next@2.0.0-alpha.7
+  - @blitzjs/rpc@2.0.0-alpha.7
+  - @blitzjs/config@2.0.0-alpha.7
+
+## 1.0.1-alpha.1
+
+### Patch Changes
+
+- Updated dependencies
+  - @blitzjs/next@2.0.0-alpha.6
+  - blitz@2.0.0-alpha.6
+  - @blitzjs/auth@2.0.0-alpha.6
+  - @blitzjs/rpc@2.0.0-alpha.6
+  - @blitzjs/config@2.0.0-alpha.6
+
+## 1.0.1-alpha.0
+
+### Patch Changes
+
+- Updated dependencies
+  - blitz@2.0.0-alpha.5
+  - @blitzjs/auth@2.0.0-alpha.5
+  - @blitzjs/next@2.0.0-alpha.5
+  - @blitzjs/rpc@2.0.0-alpha.5
+  - @blitzjs/config@2.0.0-alpha.5

apps/toolkit-app/README.md

@@ -0,0 +1,175 @@
+TODO
+
+[![Blitz.js](https://raw.githubusercontent.com/blitz-js/art/master/github-cover-photo.png)](https://blitzjs.com)
+
+This is a [Blitz.js](https://github.com/blitz-js/blitz) app.
+
+# ****name****
+
+## Getting Started
+
+Run your app in the development mode.
+
+```
+blitz dev
+```
+
+Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
+
+## Environment Variables
+
+Ensure the `.env.local` file has required environment variables:
+
+```
+DATABASE_URL=postgresql://<YOUR_DB_USERNAME>@localhost:5432/__name__
+```
+
+Ensure the `.env.test.local` file has required environment variables:
+
+```
+DATABASE_URL=postgresql://<YOUR_DB_USERNAME>@localhost:5432/__name___test
+```
+
+## Tests
+
+Runs your tests using Jest.
+
+```
+yarn test
+```
+
+Blitz comes with a test setup using [Jest](https://jestjs.io/) and [react-testing-library](https://testing-library.com/).
+
+## Commands
+
+Blitz comes with a powerful CLI that is designed to make development easy and fast. You can install it with `npm i -g blitz`
+
+```
+  blitz [COMMAND]
+
+  dev       Start a development server
+  build     Create a production build
+  start     Start a production server
+  export    Export your Blitz app as a static application
+  prisma    Run prisma commands
+  generate  Generate new files for your Blitz project
+  console   Run the Blitz console REPL
+  install   Install a recipe
+  help      Display help for blitz
+  test      Run project tests
+```
+
+You can read more about it on the [CLI Overview](https://blitzjs.com/docs/cli-overview) documentation.
+
+## What's included?
+
+Here is the starting structure of your app.
+
+```
+__name__
+├── app/
+│   ├── api/
+│   ├── auth/
+│   │   ├── components/
+│   │   │   ├── LoginForm.tsx
+│   │   │   └── SignupForm.tsx
+│   │   ├── mutations/
+│   │   │   ├── changePassword.ts
+│   │   │   ├── forgotPassword.test.ts
+│   │   │   ├── forgotPassword.ts
+│   │   │   ├── login.ts
+│   │   │   ├── logout.ts
+│   │   │   ├── resetPassword.test.ts
+│   │   │   ├── resetPassword.ts
+│   │   │   └── signup.ts
+│   │   ├── pages/
+│   │   │   ├── forgot-password.tsx
+│   │   │   ├── login.tsx
+│   │   │   ├── reset-password.tsx
+│   │   │   └── signup.tsx
+│   │   └── validations.ts
+│   ├── core/
+│   │   ├── components/
+│   │   │   ├── Form.tsx
+│   │   │   └── LabeledTextField.tsx
+│   │   ├── hooks/
+│   │   │   └── useCurrentUser.ts
+│   │   └── layouts/
+│   │       └── Layout.tsx
+│   ├── pages/
+│   │   ├── _app.tsx
+│   │   ├── _document.tsx
+│   │   ├── 404.tsx
+│   │   ├── index.test.tsx
+│   │   └── index.tsx
+│   └── users/
+│       └── queries/
+│           └── getCurrentUser.ts
+├── db/
+│   ├── migrations/
+│   ├── index.ts
+│   ├── schema.prisma
+│   └── seeds.ts
+├── integrations/
+├── mailers/
+│   └── forgotPasswordMailer.ts
+├── public/
+│   ├── favicon.ico
+│   └── logo.png
+├── test/
+│   ├── setup.ts
+│   └── utils.tsx
+├── .eslintrc.js
+├── babel.config.js
+├── blitz.config.ts
+├── jest.config.ts
+├── package.json
+├── README.md
+├── tsconfig.json
+└── types.ts
+```
+
+These files are:
+
+- The `app/` folder is a container for most of your project. This is where you’ll put any pages or API routes.
+
+- `db/` is where your database configuration goes. If you’re writing models or checking migrations, this is where to go.
+
+- `public/` is a folder where you will put any static assets. If you have images, files, or videos which you want to use in your app, this is where to put them.
+
+- `integrations/` is a folder to put all third-party integrations like with Stripe, Sentry, etc.
+
+- `test/` is a folder where you can put test utilities and integration tests.
+
+- `package.json` contains information about your dependencies and devDependencies. If you’re using a tool like `npm` or `yarn`, you won’t have to worry about this much.
+
+- `tsconfig.json` is our recommended setup for TypeScript.
+
+- `.babel.config.js`, `.eslintrc.js`, `.env`, etc. ("dotfiles") are configuration files for various bits of JavaScript tooling.
+
+- `blitz.config.ts` is for advanced custom configuration of Blitz. [Here you can learn how to use it](https://blitzjs.com/docs/blitz-config).
+
+- `jest.config.js` contains config for Jest tests. You can [customize it if needed](https://jestjs.io/docs/en/configuration).
+
+You can read more about it in the [File Structure](https://blitzjs.com/docs/file-structure) section of the documentation.
+
+### Tools included
+
+Blitz comes with a set of tools that corrects and formats your code, facilitating its future maintenance. You can modify their options and even uninstall them.
+
+- **ESLint**: It lints your code: searches for bad practices and tell you about it. You can customize it via the `.eslintrc.js`, and you can install (or even write) plugins to have it the way you like it. It already comes with the [`blitz`](https://github.com/blitz-js/blitz/tree/canary/packages/eslint-config) config, but you can remove it safely. [Learn More](https://blitzjs.com/docs/eslint-config).
+- **Husky**: It adds [githooks](https://git-scm.com/docs/githooks), little pieces of code that get executed when certain Git events are triggerd. For example, `pre-commit` is triggered just before a commit is created. You can see the current hooks inside `.husky/`. If are having problems commiting and pushing, check out ther [troubleshooting](https://typicode.github.io/husky/#/?id=troubleshoot) guide. [Learn More](https://blitzjs.com/docs/husky-config).
+- **Prettier**: It formats your code to look the same everywhere. You can configure it via the `.prettierrc` file. The `.prettierignore` contains the files that should be ignored by Prettier; useful when you have large files or when you want to keep a custom formatting. [Learn More](https://blitzjs.com/docs/prettier-config).
+
+## Learn more
+
+Read the [Blitz.js Documentation](https://blitzjs.com/docs/getting-started) to learn more.
+
+The Blitz community is warm, safe, diverse, inclusive, and fun! Feel free to reach out to us in any of our communication channels.
+
+- [Website](https://blitzjs.com)
+- [Discord](https://blitzjs.com/discord)
+- [Report an issue](https://github.com/blitz-js/blitz/issues/new/choose)
+- [Forum discussions](https://github.com/blitz-js/blitz/discussions)
+- [How to Contribute](https://blitzjs.com/docs/contributing)
+- [Sponsor or donate](https://github.com/blitz-js/blitz#sponsors-and-donations)

apps/toolkit-app/app/auth/components/LoginForm.tsx

@@ -0,0 +1,59 @@
+import { AuthenticationError, PromiseReturnType } from "blitz"
+import Link from "next/link"
+import { LabeledTextField } from "app/core/components/LabeledTextField"
+import { Form, FORM_ERROR } from "app/core/components/Form"
+import login from "app/auth/mutations/login"
+import { Login } from "app/auth/validations"
+import { useMutation } from "@blitzjs/rpc"
+import { Routes } from "@blitzjs/next"
+
+type LoginFormProps = {
+  onSuccess?: (user: PromiseReturnType<typeof login>) => void
+}
+
+export const LoginForm = (props: LoginFormProps) => {
+  const [loginMutation] = useMutation(login)
+  return (
+    <div>
+      <h1>Login</h1>
+
+      <Form
+        submitText="Login"
+        schema={Login}
+        initialValues={{ email: "", password: "" }}
+        onSubmit={async (values) => {
+          try {
+            const user = await loginMutation(values)
+            props.onSuccess?.(user)
+          } catch (error: any) {
+            if (error instanceof AuthenticationError) {
+              return { [FORM_ERROR]: "Sorry, those credentials are invalid" }
+            } else {
+              return {
+                [FORM_ERROR]:
+                  "Sorry, we had an unexpected error. Please try again. - " + error.toString(),
+              }
+            }
+          }
+        }}
+      >
+        <LabeledTextField name="email" label="Email" placeholder="Email" />
+        <LabeledTextField name="password" label="Password" placeholder="Password" type="password" />
+        <div>
+          <Link href={Routes.ForgotPasswordPage()} passHref>
+            <a>Forgot your password?</a>
+          </Link>
+        </div>
+      </Form>
+
+      <div style={{ marginTop: "1rem" }}>
+        Or{" "}
+        <Link href={Routes.SignupPage()} passHref>
+          <a>Sign Up</a>
+        </Link>
+      </div>
+    </div>
+  )
+}
+
+export default LoginForm

apps/toolkit-app/app/auth/components/SignupForm.tsx

@@ -0,0 +1,42 @@
+import { LabeledTextField } from "app/core/components/LabeledTextField"
+import { Form, FORM_ERROR } from "app/core/components/Form"
+import signup from "app/auth/mutations/signup"
+import { Signup } from "app/auth/validations"
+import { useMutation } from "@blitzjs/rpc"
+
+type SignupFormProps = {
+  onSuccess?: () => void
+}
+
+export const SignupForm = (props: SignupFormProps) => {
+  const [signupMutation] = useMutation(signup)
+  return (
+    <div>
+      <h1>Create an Account</h1>
+
+      <Form
+        submitText="Create Account"
+        schema={Signup}
+        initialValues={{ email: "", password: "" }}
+        onSubmit={async (values) => {
+          try {
+            await signupMutation(values)
+            props.onSuccess?.()
+          } catch (error: any) {
+            if (error.code === "P2002" && error.meta?.target?.includes("email")) {
+              // This error comes from Prisma
+              return { email: "This email is already being used" }
+            } else {
+              return { [FORM_ERROR]: error.toString() }
+            }
+          }
+        }}
+      >
+        <LabeledTextField name="email" label="Email" placeholder="Email" />
+        <LabeledTextField name="password" label="Password" placeholder="Password" type="password" />
+      </Form>
+    </div>
+  )
+}
+
+export default SignupForm

apps/toolkit-app/app/auth/mutations/changePassword.ts

@@ -0,0 +1,25 @@
+import { NotFoundError } from "blitz"
+import { db } from "db"
+import { authenticateUser } from "./login"
+import { ChangePassword } from "../validations"
+import { resolver } from "@blitzjs/rpc"
+import { SecurePassword } from "@blitzjs/auth"
+
+export default resolver.pipe(
+  resolver.zod(ChangePassword),
+  resolver.authorize(),
+  async ({ currentPassword, newPassword }, ctx) => {
+    const user = await db.user.findFirst({ where: { id: ctx.session.userId as number } })
+    if (!user) throw new NotFoundError()
+
+    await authenticateUser(user.email, currentPassword)
+
+    const hashedPassword = await SecurePassword.hash(newPassword.trim())
+    await db.user.update({
+      where: { id: user.id },
+      data: { hashedPassword },
+    })
+
+    return true
+  }
+)

apps/toolkit-app/app/auth/mutations/forgotPassword.ts

@@ -0,0 +1,42 @@
+import { generateToken, hash256 } from "@blitzjs/auth"
+import { resolver } from "@blitzjs/rpc"
+import { db } from "db"
+import { forgotPasswordMailer } from "mailers/forgotPasswordMailer"
+import { ForgotPassword } from "../validations"
+
+const RESET_PASSWORD_TOKEN_EXPIRATION_IN_HOURS = 4
+
+export default resolver.pipe(resolver.zod(ForgotPassword), async ({ email }) => {
+  // 1. Get the user
+  const user = await db.user.findFirst({ where: { email: email.toLowerCase() } })
+
+  // 2. Generate the token and expiration date.
+  const token = generateToken()
+  const hashedToken = hash256(token)
+  const expiresAt = new Date()
+  expiresAt.setHours(expiresAt.getHours() + RESET_PASSWORD_TOKEN_EXPIRATION_IN_HOURS)
+
+  // 3. If user with this email was found
+  if (user) {
+    // 4. Delete any existing password reset tokens
+    await db.token.deleteMany({ where: { type: "RESET_PASSWORD", userId: user.id } })
+    // 5. Save this new token in the database.
+    await db.token.create({
+      data: {
+        user: { connect: { id: user.id } },
+        type: "RESET_PASSWORD",
+        expiresAt,
+        hashedToken,
+        sentTo: user.email,
+      },
+    })
+    // 6. Send the email
+    await forgotPasswordMailer({ to: user.email, token }).send()
+  } else {
+    // 7. If no user found wait the same time so attackers can't tell the difference
+    await new Promise((resolve) => setTimeout(resolve, 750))
+  }
+
+  // 8. Return the same result whether a password reset email was sent or not
+  return
+})

apps/toolkit-app/app/auth/mutations/login.ts

@@ -0,0 +1,32 @@
+import { SecurePassword } from "@blitzjs/auth"
+import { resolver } from "@blitzjs/rpc"
+import { AuthenticationError } from "blitz"
+import { db } from "db"
+import { Role } from "types"
+import { Login } from "../validations"
+
+export const authenticateUser = async (rawEmail: string, rawPassword: string) => {
+  const { email, password } = Login.parse({ email: rawEmail, password: rawPassword })
+  const user = await db.user.findFirst({ where: { email } })
+  if (!user) throw new AuthenticationError()
+
+  const result = await SecurePassword.verify(user.hashedPassword, password)
+
+  if (result === SecurePassword.VALID_NEEDS_REHASH) {
+    // Upgrade hashed password with a more secure hash
+    const improvedHash = await SecurePassword.hash(password)
+    await db.user.update({ where: { id: user.id }, data: { hashedPassword: improvedHash } })
+  }
+
+  const { hashedPassword, ...rest } = user
+  return rest
+}
+
+export default resolver.pipe(resolver.zod(Login), async ({ email, password }, ctx) => {
+  // This throws an error if credentials are invalid
+  const user = await authenticateUser(email, password)
+
+  await ctx.session.$create({ userId: user.id, role: user.role as Role })
+
+  return user
+})

apps/toolkit-app/app/auth/mutations/logout.ts

@@ -0,0 +1,5 @@
+import { Ctx } from "blitz"
+
+export default async function logout(_: any, ctx: Ctx) {
+  return await ctx.session.$revoke()
+}

apps/toolkit-app/app/auth/mutations/resetPassword.ts

@@ -0,0 +1,48 @@
+import { SecurePassword, hash256 } from "@blitzjs/auth"
+import { db } from "db"
+import { ResetPassword } from "../validations"
+import login from "./login"
+
+export class ResetPasswordError extends Error {
+  name = "ResetPasswordError"
+  message = "Reset password link is invalid or it has expired."
+}
+
+export default async function resetPassword(input, ctx) {
+  ResetPassword.parse(input)
+  // 1. Try to find this token in the database
+  const hashedToken = hash256(input.token)
+  const possibleToken = await db.token.findFirst({
+    where: { hashedToken, type: "RESET_PASSWORD" },
+    include: { user: true },
+  })
+
+  // 2. If token not found, error
+  if (!possibleToken) {
+    throw new ResetPasswordError()
+  }
+  const savedToken = possibleToken
+
+  // 3. Delete token so it can't be used again
+  await db.token.delete({ where: { id: savedToken.id } })
+
+  // 4. If token has expired, error
+  if (savedToken.expiresAt < new Date()) {
+    throw new ResetPasswordError()
+  }
+
+  // 5. Since token is valid, now we can update the user's password
+  const hashedPassword = await SecurePassword.hash(input.password.trim())
+  const user = await db.user.update({
+    where: { id: savedToken.userId },
+    data: { hashedPassword },
+  })
+
+  // 6. Revoke all existing login sessions for this user
+  await db.session.deleteMany({ where: { userId: user.id } })
+
+  // 7. Now log the user in with the new credentials
+  await login({ email: user.email, password: input.password }, ctx)
+
+  return true
+}

apps/toolkit-app/app/auth/mutations/signup.ts

@@ -0,0 +1,19 @@
+import { db } from "db"
+import { SecurePassword } from "@blitzjs/auth"
+
+export default async function signup(input, ctx) {
+  const blitzContext = ctx
+
+  const hashedPassword = await SecurePassword.hash((input.password as string) || "test-password")
+  const email = (input.email as string) || "test" + Math.random() + "@test.com"
+  const user = await db.user.create({
+    data: { email, hashedPassword, role: "user" },
+    select: { id: true, name: true, email: true, role: true },
+  })
+
+  await blitzContext.session.$create({
+    userId: user.id,
+  })
+
+  return { userId: blitzContext.session.userId, ...user, email: input.email }
+}

apps/toolkit-app/app/auth/validations.ts

@@ -0,0 +1,42 @@
+import { z } from "zod"
+
+export const email = z
+  .string()
+  .email()
+  .transform((str) => str.toLowerCase().trim())
+
+export const password = z
+  .string()
+  .min(10)
+  .max(100)
+  .transform((str) => str.trim())
+
+export const Signup = z.object({
+  email,
+  password,
+})
+
+export const Login = z.object({
+  email,
+  password: z.string(),
+})
+
+export const ForgotPassword = z.object({
+  email,
+})
+
+export const ResetPassword = z
+  .object({
+    password: password,
+    passwordConfirmation: password,
+    token: z.string(),
+  })
+  .refine((data) => data.password === data.passwordConfirmation, {
+    message: "Passwords don't match",
+    path: ["passwordConfirmation"], // set the path of the error
+  })
+
+export const ChangePassword = z.object({
+  currentPassword: z.string(),
+  newPassword: password,
+})

apps/toolkit-app/app/blitz-client.ts

@@ -0,0 +1,12 @@
+import { AuthClientPlugin } from "@blitzjs/auth"
+import { setupBlitzClient } from "@blitzjs/next"
+import { BlitzRpcPlugin } from "@blitzjs/rpc"
+
+export const { withBlitz, queryClient } = setupBlitzClient({
+  plugins: [
+    AuthClientPlugin({
+      cookiePrefix: "web-cookie-prefix",
+    }),
+    BlitzRpcPlugin({}),
+  ],
+})

apps/toolkit-app/app/blitz-server.ts

@@ -0,0 +1,17 @@
+import { setupBlitzServer } from "@blitzjs/next"
+import { AuthServerPlugin, PrismaStorage } from "@blitzjs/auth"
+import { db } from "db"
+import { simpleRolesIsAuthorized } from "@blitzjs/auth"
+
+const { gSSP, gSP, api } = setupBlitzServer({
+  plugins: [
+    AuthServerPlugin({
+      cookiePrefix: "web-cookie-prefix",
+      // TODO fix type
+      storage: PrismaStorage(db as any),
+      isAuthorized: simpleRolesIsAuthorized,
+    }),
+  ],
+})
+
+export { gSSP, gSP, api }

apps/toolkit-app/app/core/components/Form.tsx

@@ -0,0 +1,83 @@
+import { useState, ReactNode, PropsWithoutRef } from "react"
+import { FormProvider, useForm, UseFormProps } from "react-hook-form"
+import { zodResolver } from "@hookform/resolvers/zod"
+import { z } from "zod"
+
+export interface FormProps<S extends z.ZodType<any, any>>
+  extends Omit<PropsWithoutRef<JSX.IntrinsicElements["form"]>, "onSubmit"> {
+  /** All your form fields */
+  children?: ReactNode
+  /** Text to display in the submit button */
+  submitText?: string
+  schema?: S
+  onSubmit: (values: z.infer<S>) => Promise<void | OnSubmitResult>
+  initialValues?: UseFormProps<z.infer<S>>["defaultValues"]
+}
+
+interface OnSubmitResult {
+  FORM_ERROR?: string
+  [prop: string]: any
+}
+
+export const FORM_ERROR = "FORM_ERROR"
+
+export function Form<S extends z.ZodType<any, any>>({
+  children,
+  submitText,
+  schema,
+  initialValues,
+  onSubmit,
+  ...props
+}: FormProps<S>) {
+  const ctx = useForm<z.infer<S>>({
+    mode: "onBlur",
+    resolver: schema ? zodResolver(schema) : undefined,
+    defaultValues: initialValues,
+  })
+  const [formError, setFormError] = useState<string | null>(null)
+
+  return (
+    <FormProvider {...ctx}>
+      <form
+        onSubmit={ctx.handleSubmit(async (values) => {
+          const result = (await onSubmit(values)) || {}
+          for (const [key, value] of Object.entries(result)) {
+            if (key === FORM_ERROR) {
+              setFormError(value)
+            } else {
+              ctx.setError(key as any, {
+                type: "submit",
+                message: value,
+              })
+            }
+          }
+        })}
+        className="form"
+        {...props}
+      >
+        {/* Form fields supplied as children are rendered here */}
+        {children}
+
+        {formError && (
+          <div role="alert" style={{ color: "red" }}>
+            {formError}
+          </div>
+        )}
+
+        {submitText && (
+          <button type="submit" disabled={ctx.formState.isSubmitting}>
+            {submitText}
+          </button>
+        )}
+
+        <style global jsx>{`
+          .form > * + * {
+            margin-top: 1rem;
+          }
+        `}</style>
+      </form>
+    </FormProvider>
+  )
+}
+
+export default Form

apps/toolkit-app/app/core/components/LabeledTextField.tsx

@@ -0,0 +1,59 @@
+import { forwardRef, PropsWithoutRef, ComponentPropsWithoutRef } from "react"
+import { useFormContext } from "react-hook-form"
+
+export interface LabeledTextFieldProps extends PropsWithoutRef<JSX.IntrinsicElements["input"]> {
+  /** Field name. */
+  name: string
+  /** Field label. */
+  label: string
+  /** Field type. Doesn't include radio buttons and checkboxes */
+  type?: "text" | "password" | "email" | "number"
+  outerProps?: PropsWithoutRef<JSX.IntrinsicElements["div"]>
+  labelProps?: ComponentPropsWithoutRef<"label">
+}
+
+export const LabeledTextField = forwardRef<HTMLInputElement, LabeledTextFieldProps>(
+  ({ label, outerProps, labelProps, name, ...props }, ref) => {
+    const {
+      register,
+      formState: { isSubmitting, errors },
+    } = useFormContext()
+    const error = Array.isArray(errors[name])
+      ? errors[name].join(", ")
+      : errors[name]?.message || errors[name]
+
+    return (
+      <div {...outerProps}>
+        <label {...labelProps}>
+          {label}
+          <input disabled={isSubmitting} {...register(name)} {...props} />
+        </label>
+
+        {error && (
+          <div role="alert" style={{ color: "red" }}>
+            {error}
+          </div>
+        )}
+
+        <style jsx>{`
+          label {
+            display: flex;
+            flex-direction: column;
+            align-items: start;
+            font-size: 1rem;
+          }
+          input {
+            font-size: 1rem;
+            padding: 0.25rem 0.5rem;
+            border-radius: 3px;
+            border: 1px solid purple;
+            appearance: none;
+            margin-top: 0.5rem;
+          }
+        `}</style>
+      </div>
+    )
+  }
+)
+
+export default LabeledTextField

apps/toolkit-app/app/core/hooks/useCurrentUser.ts

@@ -0,0 +1,7 @@
+import { useQuery } from "@blitzjs/rpc"
+import getCurrentUser from "app/users/queries/getCurrentUser"
+
+export const useCurrentUser = () => {
+  const [user] = useQuery(getCurrentUser, null)
+  return user
+}

apps/toolkit-app/app/core/layouts/Layout.tsx

@@ -0,0 +1,17 @@
+import Head from "next/head"
+import React, { FC } from "react"
+
+const Layout: FC<{ title?: string; children?: React.ReactNode }> = ({ title, children }) => {
+  return (
+    <>
+      <Head>
+        <title>{title || "__name__"}</title>
+        <link rel="icon" href="/favicon.ico" />
+      </Head>
+
+      {children}
+    </>
+  )
+}
+
+export default Layout

apps/toolkit-app/app/users/queries/getCurrentUser.ts

@@ -0,0 +1,13 @@
+import { Ctx } from "blitz"
+import { db } from "db"
+
+export default async function getCurrentUser(_ = null, { session }: Ctx) {
+  if (!session.userId) return null
+
+  const user = await db.user.findFirst({
+    where: { id: session.userId as number },
+    select: { id: true, name: true, email: true, role: true },
+  })
+
+  return user
+}

apps/toolkit-app/db/index.ts

@@ -0,0 +1,8 @@
+import { enhancePrisma } from "blitz"
+import { PrismaClient } from "@prisma/client"
+
+const EnhancedPrisma = enhancePrisma(PrismaClient)
+
+export * from "@prisma/client"
+const db = new EnhancedPrisma()
+export { db }

apps/toolkit-app/db/migrations/20220427214932_/migration.sql

@@ -0,0 +1,47 @@
+-- CreateTable
+CREATE TABLE "User" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "name" TEXT,
+    "email" TEXT NOT NULL,
+    "hashedPassword" TEXT,
+    "role" TEXT NOT NULL DEFAULT 'USER'
+);
+
+-- CreateTable
+CREATE TABLE "Session" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "expiresAt" DATETIME,
+    "handle" TEXT NOT NULL,
+    "hashedSessionToken" TEXT,
+    "antiCSRFToken" TEXT,
+    "publicData" TEXT,
+    "privateData" TEXT,
+    "userId" INTEGER,
+    CONSTRAINT "Session_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE SET NULL ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "Token" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "hashedToken" TEXT NOT NULL,
+    "type" TEXT NOT NULL,
+    "expiresAt" DATETIME NOT NULL,
+    "sentTo" TEXT NOT NULL,
+    "userId" INTEGER NOT NULL,
+    CONSTRAINT "Token_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Session_handle_key" ON "Session"("handle");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Token_hashedToken_type_key" ON "Token"("hashedToken", "type");

apps/toolkit-app/db/migrations/migration_lock.toml

@@ -0,0 +1,3 @@
+# Please do not edit this file manually
+# It should be added in your version-control system (i.e. Git)
+provider = "sqlite"

apps/toolkit-app/db/schema.prisma

@@ -0,0 +1,65 @@
+// This is your Prisma schema file,
+// learn more about it in the docs: https://pris.ly/d/prisma-schema
+
+datasource db {
+  provider = "sqlite"
+  url      = "file:./db.sqlite"
+}
+
+generator client {
+  provider = "prisma-client-js"
+}
+
+// --------------------------------------
+
+model User {
+  id             Int      @id @default(autoincrement())
+  createdAt      DateTime @default(now())
+  updatedAt      DateTime @updatedAt
+  name           String?
+  email          String   @unique
+  hashedPassword String?
+  role           String   @default("USER")
+
+  tokens   Token[]
+  sessions Session[]
+}
+
+model Session {
+  id                 Int       @id @default(autoincrement())
+  createdAt          DateTime  @default(now())
+  updatedAt          DateTime  @updatedAt
+  expiresAt          DateTime?
+  handle             String    @unique
+  hashedSessionToken String?
+  antiCSRFToken      String?
+  publicData         String?
+  privateData        String?
+
+  user   User? @relation(fields: [userId], references: [id])
+  userId Int?
+}
+
+model Token {
+  id          Int      @id @default(autoincrement())
+  createdAt   DateTime @default(now())
+  updatedAt   DateTime @updatedAt
+  hashedToken String
+  type        String
+  // See note below about TokenType enum
+  // type        TokenType
+  expiresAt   DateTime
+  sentTo      String
+
+  user   User @relation(fields: [userId], references: [id])
+  userId Int
+
+  @@unique([hashedToken, type])
+}
+
+// NOTE: It's highly recommended to use an enum for the token type
+//       but enums only work in Postgres.
+//       See: https://blitzjs.com/docs/database-overview#switch-to-postgre-sql
+// enum TokenType {
+//   RESET_PASSWORD
+// }

apps/toolkit-app/db/seeds.ts

@@ -0,0 +1,21 @@
+import { db } from "./index"
+
+/*
+ * This seed function is executed when you run `blitz db seed`.
+ *
+ * Probably you want to use a library like https://chancejs.com
+ * to easily generate realistic data.
+ */
+const seed = async () => {
+  await db.$reset()
+
+  for (let i = 0; i < 1; i++) {
+    await db.user.create({
+      data: {
+        email: "test@test.com",
+      },
+    })
+  }
+}
+
+export default seed

apps/toolkit-app/jest.config.js

@@ -0,0 +1,11 @@
+const nextJest = require("@blitzjs/next/jest")
+
+const createJestConfig = nextJest({
+  dir: "./",
+})
+
+const customJestConfig = {
+  testEnvironment: "jest-environment-jsdom",
+}
+
+module.exports = createJestConfig(customJestConfig)

apps/toolkit-app/jsconfig.json

@@ -0,0 +1,5 @@
+{
+  "compilerOptions": {
+    "baseUrl": "."
+  }
+}

apps/toolkit-app/mailers/forgotPasswordMailer.ts

@@ -0,0 +1,45 @@
+/* TODO - You need to add a mailer integration in `integrations/` and import here.
+ *
+ * The integration file can be very simple. Instantiate the email client
+ * and then export it. That way you can import here and anywhere else
+ * and use it straight away.
+ */
+
+type ResetPasswordMailer = {
+  to: string
+  token: string
+}
+
+export function forgotPasswordMailer({ to, token }: ResetPasswordMailer) {
+  // In production, set APP_ORIGIN to your production server origin
+  const origin = process.env.APP_ORIGIN || process.env.BLITZ_DEV_SERVER_ORIGIN
+  const resetUrl = `${origin}/reset-password?token=${token}`
+
+  const msg = {
+    from: "TODO@example.com",
+    to,
+    subject: "Your Password Reset Instructions",
+    html: `
+      <h1>Reset Your Password</h1>
+      <h3>NOTE: You must set up a production email integration in mailers/forgotPasswordMailer.ts</h3>
+
+      <a href="${resetUrl}">
+        Click here to set a new password
+      </a>
+    `,
+  }
+
+  return {
+    async send() {
+      if (process.env.NODE_ENV === "production") {
+        // TODO - send the production email, like this:
+        // await postmark.sendEmail(msg)
+        throw new Error("No production email implementation in mailers/forgotPasswordMailer")
+      } else {
+        // Preview email in the browser
+        const previewEmail = (await import("preview-email")).default
+        await previewEmail(msg)
+      }
+    },
+  }
+}

apps/toolkit-app/next-env.d.ts

@@ -1,5 +1,4 @@
 /// <reference types="next" />
-/// <reference types="next/types/global" />
 /// <reference types="next/image-types/global" />
 
 // NOTE: This file should not be edited

apps/toolkit-app/next.config.js

@@ -0,0 +1,10 @@
+const withBundleAnalyzer = require("@next/bundle-analyzer")({
+  enabled: process.env.ANALYZE === "true",
+})
+const { withBlitz } = require("@blitzjs/next")
+
+module.exports = withBlitz(
+  withBundleAnalyzer({
+    reactStrictMode: true,
+  })
+)

apps/toolkit-app/npmrc

@@ -0,0 +1,7 @@
+save-exact=true
+legacy-peer-deps=true
+
+public-hoist-pattern[]=next
+public-hoist-pattern[]=secure-password
+public-hoist-pattern[]=*jest*
+public-hoist-pattern[]=@testing-library/*

apps/toolkit-app/package.json

@@ -0,0 +1,60 @@
+{
+  "name": "toolkit-app",
+  "version": "1.0.1-alpha.16",
+  "scripts": {
+    "start:dev": "pnpm run prisma:start && next dev",
+    "buildapp": "NODE_ENV=production pnpm blitz codegen && pnpm prisma generate && next build",
+    "start": "next start",
+    "lint": "next lint",
+    "prisma:start": "prisma generate && prisma migrate deploy",
+    "prisma:studio": "prisma studio",
+    "test:local": "jest"
+  },
+  "prisma": {
+    "schema": "db/schema.prisma"
+  },
+  "prettier": {
+    "semi": false,
+    "printWidth": 100
+  },
+  "lint-staged": {
+    "*.{js}": [
+      "eslint --fix"
+    ]
+  },
+  "dependencies": {
+    "@blitzjs/auth": "workspace:*",
+    "@blitzjs/config": "workspace:*",
+    "@blitzjs/next": "workspace:*",
+    "@blitzjs/rpc": "workspace:*",
+    "@hookform/resolvers": "2.8.8",
+    "@prisma/client": "3.9.0",
+    "blitz": "workspace:2.0.0-alpha.36",
+    "next": "12.1.6-canary.17",
+    "prisma": "3.9.0",
+    "react": "18.0.0",
+    "react-dom": "18.0.0",
+    "react-hook-form": "7.29.0",
+    "ts-node": "10.7.0",
+    "zod": "3.10.1"
+  },
+  "devDependencies": {
+    "@next/bundle-analyzer": "12.0.8",
+    "@testing-library/react": "13.0.0",
+    "@testing-library/react-hooks": "7.0.2",
+    "@types/jest": "27.4.1",
+    "@types/node": "17.0.16",
+    "@types/preview-email": "2.0.1",
+    "@types/react": "18.0.1",
+    "eslint": "7.32.0",
+    "husky": "7.0.4",
+    "jest": "27.5.1",
+    "lint-staged": "12.1.7",
+    "prettier": "^2.5.1",
+    "prettier-plugin-prisma": "3.8.0",
+    "pretty-quick": "3.1.3",
+    "preview-email": "3.x",
+    "typescript": "^4.5.3"
+  },
+  "private": true
+}

apps/toolkit-app/pages/_app.tsx

@@ -0,0 +1,34 @@
+import { ErrorFallbackProps, ErrorComponent, ErrorBoundary, AppProps } from "@blitzjs/next"
+import { AuthenticationError, AuthorizationError } from "blitz"
+import React from "react"
+import { withBlitz } from "app/blitz-client"
+
+function RootErrorFallback({ error }: ErrorFallbackProps) {
+  if (error instanceof AuthenticationError) {
+    return <div>Error: You are not authenticated</div>
+  } else if (error instanceof AuthorizationError) {
+    return (
+      <ErrorComponent
+        statusCode={error.statusCode}
+        title="Sorry, you are not authorized to access this"
+      />
+    )
+  } else {
+    return (
+      <ErrorComponent
+        statusCode={(error as any)?.statusCode || 400}
+        title={error.message || error.name}
+      />
+    )
+  }
+}
+
+function MyApp({ Component, pageProps }: AppProps) {
+  return (
+    <ErrorBoundary FallbackComponent={RootErrorFallback}>
+      <Component {...pageProps} />
+    </ErrorBoundary>
+  )
+}
+
+export default withBlitz(MyApp)

apps/toolkit-app/pages/api/rpc/[[...blitz]].ts

@@ -0,0 +1,4 @@
+import { rpcHandler } from "@blitzjs/rpc"
+import { api } from "app/blitz-server"
+
+export default api(rpcHandler({ onError: console.log }))

apps/toolkit-app/pages/auth/forgot-password.tsx

@@ -1,15 +1,15 @@
-import { BlitzPage, useMutation } from "blitz"
 import Layout from "app/core/layouts/Layout"
 import { LabeledTextField } from "app/core/components/LabeledTextField"
 import { Form, FORM_ERROR } from "app/core/components/Form"
 import { ForgotPassword } from "app/auth/validations"
 import forgotPassword from "app/auth/mutations/forgotPassword"
+import { useMutation } from "@blitzjs/rpc"
 
-const ForgotPasswordPage: BlitzPage = () => {
+const ForgotPasswordPage = () => {
   const [forgotPasswordMutation, { isSuccess }] = useMutation(forgotPassword)
 
   return (
-    <div>
+    <Layout title="Forgot Your Password?">
       <h1>Forgot your password?</h1>
 
       {isSuccess ? (
@@ -38,11 +38,8 @@ const ForgotPasswordPage: BlitzPage = () => {
           <LabeledTextField name="email" label="Email" placeholder="Email" />
         </Form>
       )}
-    </div>
+    </Layout>
   )
 }
 
-ForgotPasswordPage.redirectAuthenticatedTo = "/"
-ForgotPasswordPage.getLayout = (page) => <Layout title="Forgot Your Password?">{page}</Layout>
-
 export default ForgotPasswordPage

apps/toolkit-app/pages/auth/login.tsx

@@ -1,23 +1,20 @@
-import { useRouter, BlitzPage } from "blitz"
 import Layout from "app/core/layouts/Layout"
 import { LoginForm } from "app/auth/components/LoginForm"
+import { useRouter } from "next/router"
 
-const LoginPage: BlitzPage = () => {
+const LoginPage = () => {
   const router = useRouter()
 
   return (
-    <div>
+    <Layout title="Log In">
       <LoginForm
         onSuccess={(_user) => {
           const next = router.query.next ? decodeURIComponent(router.query.next as string) : "/"
-          router.push(next)
+          return router.push(next)
         }}
       />
-    </div>
+    </Layout>
   )
 }
 
-LoginPage.redirectAuthenticatedTo = "/"
-LoginPage.getLayout = (page) => <Layout title="Log In">{page}</Layout>
-
 export default LoginPage

apps/toolkit-app/pages/auth/signup.tsx

@@ -1,18 +1,16 @@
-import { useRouter, BlitzPage, Routes } from "blitz"
+import { useRouter } from "next/router"
 import Layout from "app/core/layouts/Layout"
 import { SignupForm } from "app/auth/components/SignupForm"
+import { Routes } from "@blitzjs/next"
 
-const SignupPage: BlitzPage = () => {
+const SignupPage = () => {
   const router = useRouter()
 
   return (
-    <div>
+    <Layout title="Sign Up">
       <SignupForm onSuccess={() => router.push(Routes.Home())} />
-    </div>
+    </Layout>
   )
 }
 
-SignupPage.redirectAuthenticatedTo = "/"
-SignupPage.getLayout = (page) => <Layout title="Sign Up">{page}</Layout>
-
 export default SignupPage

apps/toolkit-app/pages/index.tsx

@@ -0,0 +1,274 @@
+import { Suspense } from "react"
+import Image from "next/image"
+import Link from "next/link"
+import Layout from "app/core/layouts/Layout"
+import { useCurrentUser } from "app/core/hooks/useCurrentUser"
+import logout from "app/auth/mutations/logout"
+import logo from "public/logo.png"
+import { useMutation } from "@blitzjs/rpc"
+import { Routes } from "@blitzjs/next"
+
+/*
+ * This file is just for a pleasant getting started page for your new app.
+ * You can delete everything in here and start from scratch if you like.
+ */
+
+const UserInfo = () => {
+  const currentUser = useCurrentUser()
+  const [logoutMutation] = useMutation(logout)
+
+  if (currentUser) {
+    return (
+      <>
+        <button
+          className="button small"
+          onClick={async () => {
+            await logoutMutation()
+          }}
+        >
+          Logout
+        </button>
+        <div>
+          User id: <code>{currentUser.id}</code>
+          <br />
+          User role: <code>{currentUser.role}</code>
+        </div>
+      </>
+    )
+  } else {
+    return (
+      <>
+        <Link href={Routes.SignupPage()} passHref>
+          <a className="button small">
+            <strong>Sign Up</strong>
+          </a>
+        </Link>
+        <Link href={Routes.LoginPage()} passHref>
+          <a className="button small">
+            <strong>Login</strong>
+          </a>
+        </Link>
+      </>
+    )
+  }
+}
+
+const Home = () => {
+  return (
+    <Layout title="Home">
+      <div className="container">
+        <main>
+          <div className="logo">
+            <Image src={`${logo.src}`} alt="blitzjs" width="256px" height="118px" layout="fixed" />
+          </div>
+          <p>
+            <strong>Congrats!</strong> Your app is ready, including user sign-up and log-in.
+          </p>
+          <div className="buttons" style={{ marginTop: "1rem", marginBottom: "1rem" }}>
+            <Suspense fallback="Loading...">
+              <UserInfo />
+            </Suspense>
+          </div>
+          <p>
+            <strong>
+              To add a new model to your app, <br />
+              run the following in your terminal:
+            </strong>
+          </p>
+          <pre>
+            <code>blitz generate all project name:string</code>
+          </pre>
+          <div style={{ marginBottom: "1rem" }}>(And select Yes to run prisma migrate)</div>
+          <div>
+            <p>
+              Then <strong>restart the server</strong>
+            </p>
+            <pre>
+              <code>Ctrl + c</code>
+            </pre>
+            <pre>
+              <code>blitz dev</code>
+            </pre>
+            <p>
+              and go to{" "}
+              <Link href="/projects">
+                <a>/projects</a>
+              </Link>
+            </p>
+          </div>
+          <div className="buttons" style={{ marginTop: "5rem" }}>
+            <a
+              className="button"
+              href="https://blitzjs.com/docs/getting-started?utm_source=blitz-new&utm_medium=app-template&utm_campaign=blitz-new"
+              target="_blank"
+              rel="noopener noreferrer"
+            >
+              Documentation
+            </a>
+            <a
+              className="button-outline"
+              href="https://github.com/blitz-js/blitz"
+              target="_blank"
+              rel="noopener noreferrer"
+            >
+              Github Repo
+            </a>
+            <a
+              className="button-outline"
+              href="https://discord.blitzjs.com"
+              target="_blank"
+              rel="noopener noreferrer"
+            >
+              Discord Community
+            </a>
+          </div>
+        </main>
+
+        <footer>
+          <a
+            href="https://blitzjs.com?utm_source=blitz-new&utm_medium=app-template&utm_campaign=blitz-new"
+            target="_blank"
+            rel="noopener noreferrer"
+          >
+            Powered by Blitz.js
+          </a>
+        </footer>
+
+        <style jsx global>{`
+          @import url("https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@300;700&display=swap");
+
+          html,
+          body {
+            padding: 0;
+            margin: 0;
+            font-family: "Libre Franklin", -apple-system, BlinkMacSystemFont, Segoe UI, Roboto,
+              Oxygen, Ubuntu, Cantarell, Fira Sans, Droid Sans, Helvetica Neue, sans-serif;
+          }
+
+          * {
+            -webkit-font-smoothing: antialiased;
+            -moz-osx-font-smoothing: grayscale;
+            box-sizing: border-box;
+          }
+          .container {
+            min-height: 100vh;
+            display: flex;
+            flex-direction: column;
+            justify-content: center;
+            align-items: center;
+          }
+
+          main {
+            padding: 5rem 0;
+            flex: 1;
+            display: flex;
+            flex-direction: column;
+            justify-content: center;
+            align-items: center;
+          }
+
+          main p {
+            font-size: 1.2rem;
+          }
+
+          p {
+            text-align: center;
+          }
+
+          footer {
+            width: 100%;
+            height: 60px;
+            border-top: 1px solid #eaeaea;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+            background-color: #45009d;
+          }
+
+          footer a {
+            display: flex;
+            justify-content: center;
+            align-items: center;
+          }
+
+          footer a {
+            color: #f4f4f4;
+            text-decoration: none;
+          }
+
+          .logo {
+            margin-bottom: 2rem;
+          }
+
+          .logo img {
+            width: 300px;
+          }
+
+          .buttons {
+            display: grid;
+            grid-auto-flow: column;
+            grid-gap: 0.5rem;
+          }
+          .button {
+            font-size: 1rem;
+            background-color: #6700eb;
+            padding: 1rem 2rem;
+            color: #f4f4f4;
+            text-align: center;
+          }
+
+          .button.small {
+            padding: 0.5rem 1rem;
+          }
+
+          .button:hover {
+            background-color: #45009d;
+          }
+
+          .button-outline {
+            border: 2px solid #6700eb;
+            padding: 1rem 2rem;
+            color: #6700eb;
+            text-align: center;
+          }
+
+          .button-outline:hover {
+            border-color: #45009d;
+            color: #45009d;
+          }
+
+          pre {
+            background: #fafafa;
+            border-radius: 5px;
+            padding: 0.75rem;
+            text-align: center;
+          }
+          code {
+            font-size: 0.9rem;
+            font-family: Menlo, Monaco, Lucida Console, Liberation Mono, DejaVu Sans Mono,
+              Bitstream Vera Sans Mono, Courier New, monospace;
+          }
+
+          .grid {
+            display: flex;
+            align-items: center;
+            justify-content: center;
+            flex-wrap: wrap;
+
+            max-width: 800px;
+            margin-top: 3rem;
+          }
+
+          @media (max-width: 600px) {
+            .grid {
+              width: 100%;
+              flex-direction: column;
+            }
+          }
+        `}</style>
+      </div>
+    </Layout>
+  )
+}
+
+export default Home