phcdevworks_accounts_stytch 0.1.0.pre.1 → 0.2.0.pre.1

data/app/views/phcdevworks_accounts_stytch/b2b/passwords/reset_existing_password.html.erb

@@ -0,0 +1,22 @@
+<h1>Reset Your Password Using Existing Password</h1>
+
+<%= form_with url: phcdevworks_accounts_stytch.b2b_process_reset_existing_password_path(organization_slug: params[:organization_slug] || 'example-slug'), method: :post do |form| %>
+  <div>
+    <%= form.label :email, "Email" %>
+    <%= form.email_field :email, required: true %>
+  </div>
+
+  <div>
+    <%= form.label :old_password, "Old Password" %>
+    <%= form.password_field :old_password, required: true %>
+  </div>
+
+  <div>
+    <%= form.label :new_password, "New Password" %>
+    <%= form.password_field :new_password, required: true %>
+  </div>
+
+  <div>
+    <%= form.submit "Reset Password" %>
+  </div>
+<% end %>

data/app/views/phcdevworks_accounts_stytch/b2b/passwords/reset_password.html.erb

@@ -0,0 +1,17 @@
+<h1>Reset Your Password</h1>
+
+<%= form_with url: phcdevworks_accounts_stytch.b2b_process_password_reset_path(organization_slug: params[:organization_slug]), method: :post do |form| %>
+  <div>
+    <%= form.label :token, "Reset Token" %>
+    <%= form.text_field :token, required: true %>
+  </div>
+
+  <div>
+    <%= form.label :password, "New Password" %>
+    <%= form.password_field :password, required: true %>
+  </div>
+
+  <div>
+    <%= form.submit "Reset Password" %>
+  </div>
+<% end %>

data/app/views/phcdevworks_accounts_stytch/b2b/passwords/reset_start.html.erb

@@ -0,0 +1,12 @@
+<h1>Reset Password</h1>
+
+<%= form_with url: phcdevworks_accounts_stytch.b2b_process_reset_start_path(organization_slug: params[:organization_slug]), method: :post do |form| %>
+  <div>
+    <%= form.label :email, "Email" %>
+    <%= form.email_field :email, required: true %>
+  </div>
+
+  <div>
+    <%= form.submit "Send Reset Instructions" %>
+  </div>
+<% end %>

data/app/views/phcdevworks_accounts_stytch/b2b/passwords/reset_with_session.html.erb

@@ -0,0 +1,17 @@
+<h1>Reset Your Password Using Session</h1>
+
+<%= form_with url: phcdevworks_accounts_stytch.b2b_process_reset_session_path(organization_slug: params[:organization_slug]), method: :post do |form| %>
+  <div>
+    <%= form.label :session_token, "Session Token" %>
+    <%= form.text_field :session_token, required: true %>
+  </div>
+
+  <div>
+    <%= form.label :password, "New Password" %>
+    <%= form.password_field :password, required: true %>
+  </div>
+
+  <div>
+    <%= form.submit "Reset Password" %>
+  </div>
+<% end %>

data/app/views/phcdevworks_accounts_stytch/b2c/magic_links/invite.html.erb

@@ -0,0 +1,12 @@
+<h1>Invite User via Magic Link</h1>
+
+<%= form_with url: phcdevworks_accounts_stytch.b2c_magic_links_process_invite_path, local: true do |form| %>
+  <div class="field">
+    <%= form.label :email, "Invitee's Email" %><br>
+    <%= form.email_field :email, required: true %>
+  </div>
+
+  <div class="actions">
+    <%= form.submit "Send Invite" %>
+  </div>
+<% end %>

data/app/views/phcdevworks_accounts_stytch/b2c/magic_links/login_or_signup.html.erb

@@ -0,0 +1,12 @@
+<h1>Login or Sign Up with Magic Link</h1>
+
+<%= form_with url: phcdevworks_accounts_stytch.b2c_magic_links_process_login_or_signup_path, local: true do |form| %>
+  <div class="field">
+    <%= form.label :email, "Your Email" %><br>
+    <%= form.email_field :email, required: true %>
+  </div>
+
+  <div class="actions">
+    <%= form.submit "Send Magic Link" %>
+  </div>
+<% end %>

data/app/views/phcdevworks_accounts_stytch/b2c/passwords/reset_existing_password.html.erb

@@ -0,0 +1,22 @@
+<h1>Reset Your Password Using Existing Password</h1>
+
+<%= form_with url: phcdevworks_accounts_stytch.b2c_process_reset_existing_password_path, method: :post do |form| %>
+  <div>
+    <%= form.label :email, "Email" %>
+    <%= form.email_field :email, required: true %>
+  </div>
+
+  <div>
+    <%= form.label :old_password, "Old Password" %>
+    <%= form.password_field :old_password, required: true %>
+  </div>
+
+  <div>
+    <%= form.label :new_password, "New Password" %>
+    <%= form.password_field :new_password, required: true %>
+  </div>
+
+  <div>
+    <%= form.submit "Reset Password" %>
+  </div>
+<% end %>

data/app/views/phcdevworks_accounts_stytch/b2c/passwords/reset_password.html.erb

@@ -0,0 +1,17 @@
+<h1>Reset Your Password</h1>
+
+<%= form_with url: phcdevworks_accounts_stytch.b2c_process_password_reset_path, method: :post do |form| %>
+  <div>
+    <%= form.label :token, "Reset Token" %>
+    <%= form.text_field :token, required: true %>
+  </div>
+
+  <div>
+    <%= form.label :password, "New Password" %>
+    <%= form.password_field :password, required: true %>
+  </div>
+
+  <div>
+    <%= form.submit "Reset Password" %>
+  </div>
+<% end %>

data/app/views/phcdevworks_accounts_stytch/b2c/passwords/reset_start.html.erb

@@ -0,0 +1,12 @@
+<h1>Reset Password</h1>
+
+<%= form_with url: phcdevworks_accounts_stytch.b2c_process_reset_start_path, method: :post do |form| %>
+  <div>
+    <%= form.label :email, "Email" %>
+    <%= form.email_field :email, required: true %>
+  </div>
+
+  <div>
+    <%= form.submit "Send Reset Instructions" %>
+  </div>
+<% end %>

data/app/views/phcdevworks_accounts_stytch/b2c/passwords/reset_with_session.html.erb

@@ -0,0 +1,17 @@
+<h1>Reset Your Password Using Session</h1>
+
+<%= form_with url: phcdevworks_accounts_stytch.b2c_process_reset_session_path, method: :post do |form| %>
+  <div>
+    <%= form.label :session_token, "Session Token" %>
+    <%= form.text_field :session_token, required: true %>
+  </div>
+
+  <div>
+    <%= form.label :password, "New Password" %>
+    <%= form.password_field :password, required: true %>
+  </div>
+
+  <div>
+    <%= form.submit "Reset Password" %>
+  </div>
+<% end %>

data/config/routes/b2b.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+namespace :b2b do
+  # PHCDEVWORKS - B2B Routes for Magic Links
+  get 'magic_links/invite/:organization_slug', to: 'magic_links#invite', as: 'magic_links_invite'
+  get 'magic_links/login/:organization_slug', to: 'magic_links#login_or_signup', as: 'magic_links_login'
+  get 'magic_links/signup/:organization_slug', to: 'magic_links#login_or_signup', as: 'magic_links_signup'
+
+  post 'magic_links/process_invite/:organization_slug', to: 'magic_links#process_invite', as: 'magic_links_process_invite'
+  post 'magic_links/process_login_or_signup/:organization_slug', to: 'magic_links#process_login_or_signup',
+                                                                 as: 'magic_links_process_login_or_signup'
+
+  # PHCDEVWORKS - B2B Routes for Passwords
+  get 'passwords/reset/:organization_slug', to: 'passwords#reset_password', as: 'password_reset'
+  get 'passwords/reset/existing/:organization_slug', to: 'passwords#reset_existing_password', as: 'password_reset_existing'
+  get 'passwords/reset/session/:organization_slug', to: 'passwords#reset_with_session', as: 'password_reset_session'
+  get 'passwords/reset/start/:organization_slug', to: 'passwords#reset_start', as: 'password_reset_start'
+
+  post 'passwords/reset/:organization_slug', to: 'passwords#process_reset_password', as: 'process_password_reset'
+  post 'passwords/reset/existing/:organization_slug', to: 'passwords#process_reset_existing_password',
+                                                      as: 'process_reset_existing_password'
+  post 'passwords/reset/session/:organization_slug',
+       to: 'passwords#process_reset_with_session', as: 'process_reset_session'
+
+  post 'passwords/reset/start/:organization_slug', to: 'passwords#process_reset_start', as: 'process_reset_start'
+
+  # PHCDEVWORKS - B2B Authentication Routes for both Passwords and Magic Links
+  get 'authenticate', to: 'authenticate#authenticate', as: 'authenticate'
+  match 'process_authenticate', to: 'authenticate#process_authenticate', via: %i[get post], as: 'process_authenticate'
+end

data/config/routes/b2c.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+namespace :b2c do
+  # PHCDEVWORKS - B2C Routes for Magic Links
+  get 'magic_links/invite', to: 'magic_links#invite', as: 'magic_links_invite'
+  get 'magic_links/login', to: 'magic_links#login_or_signup', as: 'magic_links_login'
+  get 'magic_links/signup', to: 'magic_links#login_or_signup', as: 'magic_links_signup'
+
+  post 'magic_links/process_invite', to: 'magic_links#process_invite', as: 'magic_links_process_invite'
+  post 'magic_links/process_revoke_invite', to: 'magic_links#process_revoke_invite', as: 'magic_links_process_revoke_invite'
+  post 'magic_links/process_login_or_signup', to: 'magic_links#process_login_or_signup', as: 'magic_links_process_login_or_signup'
+
+  # PHCDEVWORKS - B2C Routes for Passwords
+  get 'passwords/reset', to: 'passwords#reset_password', as: 'password_reset'
+  get 'passwords/reset/existing', to: 'passwords#reset_existing_password', as: 'password_reset_existing'
+  get 'passwords/reset/session', to: 'passwords#reset_with_session', as: 'password_reset_session'
+  get 'passwords/reset/start', to: 'passwords#reset_start', as: 'password_reset_start'
+
+  post 'passwords/reset', to: 'passwords#process_reset_password', as: 'process_password_reset'
+  post 'passwords/reset/existing', to: 'passwords#process_reset_existing_password', as: 'process_reset_existing_password'
+  post 'passwords/reset/session', to: 'passwords#process_reset_with_session', as: 'process_reset_session'
+  post 'passwords/reset/start', to: 'passwords#process_reset_start', as: 'process_reset_start'
+
+  # PHCDEVWORKS - B2C Authentication Routes for both Passwords and Magic Links
+  get 'authenticate', to: 'authenticate#authenticate', as: 'authenticate'
+  match 'process_authenticate', to: 'authenticate#process_authenticate', via: %i[get post], as: 'process_authenticate'
+end

data/config/routes.rb

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 
 PhcdevworksAccountsStytch::Engine.routes.draw do
-  namespace :authentication do
-    post 'login', to: 'login#create'
-    post 'process', to: 'processor#create'
-  end
+  draw(:b2b)
+  draw(:b2c)
 end

data/lib/phcdevworks_accounts_stytch/authentication/b2b/magic_link_service.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+module PhcdevworksAccountsStytch
+  module Authentication
+    module B2b
+      class MagicLinkService
+        def initialize
+          @client = PhcdevworksAccountsStytch::Stytch::Client.b2b_client
+        end
+
+        def process_login_or_signup(email, organization_id)
+          log_action('Login or Signup', email: email, organization_id: organization_id)
+          response = @client.magic_links.email.login_or_signup(
+            organization_id: organization_id,
+            email_address: email
+          )
+          handle_response(response)
+        end
+
+        def process_invite(email, organization_id, session_token)
+          log_action('Invite', email: email, organization_id: organization_id)
+          options = build_method_options(session_token)
+          response = @client.magic_links.email.invite(
+            organization_id: organization_id,
+            email_address: email,
+            method_options: options
+          )
+          handle_response(response)
+        end
+
+        def process_authenticate(magic_links_token)
+          log_action('Authenticate', magic_links_token: magic_links_token)
+          response = @client.magic_links.authenticate(magic_links_token: magic_links_token)
+          handle_response(response)
+        end
+
+        private
+
+        def handle_response(response)
+          PhcdevworksAccountsStytch::Stytch::Response.handle_response(response)
+        rescue PhcdevworksAccountsStytch::Stytch::Error => e
+          log_error(e)
+          raise
+        end
+
+        def build_method_options(session_token)
+          PhcdevworksAccountsStytch::Stytch::MethodOptions.new(
+            authorization: { session_token: session_token }
+          )
+        end
+
+        def log_action(action_name, details = {})
+          Rails.logger.info "Starting #{action_name} with details: #{details.inspect}"
+        end
+
+        def log_error(error)
+          Rails.logger.error "Error occurred: #{error.message}"
+          Rails.logger.error error.backtrace.join("\n")
+        end
+      end
+    end
+  end
+end

data/lib/phcdevworks_accounts_stytch/authentication/b2b/password_service.rb

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+module PhcdevworksAccountsStytch
+  module Authentication
+    module B2b
+      class PasswordService
+        def initialize
+          @client = PhcdevworksAccountsStytch::Stytch::Client.b2b_client
+        end
+
+        def reset_start(email, organization_id)
+          log_action('Password Reset Start', email: email, organization_id: organization_id)
+          response = @client.passwords.email.reset_start(
+            organization_id: organization_id,
+            email_address: email
+          )
+          handle_response(response)
+        end
+
+        def reset(password_reset_token, new_password)
+          log_action('Password Reset', token: password_reset_token)
+          response = @client.passwords.email.reset(
+            password_reset_token: password_reset_token,
+            password: new_password
+          )
+          handle_response(response)
+        end
+
+        def reset_existing(email, old_password, new_password, organization_id)
+          log_action('Existing Password Reset', email: email, organization_id: organization_id)
+          response = @client.passwords.existing_password.reset(
+            email_address: email,
+            existing_password: old_password,
+            new_password: new_password,
+            organization_id: organization_id
+          )
+          handle_response(response)
+        end
+
+        def reset_with_session(session_token, new_password, organization_id)
+          log_action('Session-based Password Reset', session_token: session_token, organization_id: organization_id)
+          response = @client.passwords.sessions.reset(
+            session_token: session_token,
+            password: new_password,
+            organization_id: organization_id
+          )
+          handle_response(response)
+        end
+
+        def authenticate_password(email, password, organization_id)
+          log_action('Password Authentication', email: email, organization_id: organization_id)
+          response = @client.passwords.authenticate(
+            email_address: email,
+            password: password,
+            organization_id: organization_id
+          )
+          handle_response(response)
+        end
+
+        private
+
+        def handle_response(response)
+          PhcdevworksAccountsStytch::Stytch::Response.handle_response(response)
+        rescue PhcdevworksAccountsStytch::Stytch::Error => e
+          log_error(e)
+          raise
+        end
+
+        def log_action(action_name, details = {})
+          Rails.logger.info "Starting #{action_name} with details: #{details.inspect}"
+        end
+
+        def log_error(error)
+          Rails.logger.error "Error occurred: #{error.message}"
+          Rails.logger.error error.backtrace.join("\n")
+        end
+      end
+    end
+  end
+end

data/lib/phcdevworks_accounts_stytch/authentication/b2c/magic_link_service.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+module PhcdevworksAccountsStytch
+  module Authentication
+    module B2c
+      class MagicLinkService
+        def initialize
+          @client = PhcdevworksAccountsStytch::Stytch::Client.b2c_client
+        end
+
+        def process_login_or_signup(email)
+          log_action('Login or Signup', email: email)
+          response = @client.magic_links.email.login_or_create(email: email)
+          handle_response(response)
+        end
+
+        def process_invite(email)
+          log_action('Invite', email: email)
+          response = @client.magic_links.email.invite(email: email)
+          handle_response(response)
+        end
+
+        def process_revoke_invite(email)
+          log_action('Revoke Invite', email: email)
+          response = @client.magic_links.email.revoke_invite(email: email)
+          handle_response(response)
+        end
+
+        def process_authenticate(token)
+          log_action('Authenticate', token: token)
+          response = @client.magic_links.authenticate(token: token)
+          handle_response(response)
+        end
+
+        private
+
+        def handle_response(response)
+          PhcdevworksAccountsStytch::Stytch::Response.handle_response(response)
+        rescue PhcdevworksAccountsStytch::Stytch::Error => e
+          log_error(e)
+          raise
+        end
+
+        def log_action(action_name, details = {})
+          Rails.logger.info "Starting #{action_name} with details: #{details.inspect}"
+        end
+
+        def log_error(error)
+          Rails.logger.error "Error occurred: #{error.message}"
+          Rails.logger.error error.backtrace.join("\n")
+        end
+      end
+    end
+  end
+end

data/lib/phcdevworks_accounts_stytch/authentication/b2c/password_service.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+module PhcdevworksAccountsStytch
+  module Authentication
+    module B2c
+      class PasswordService
+        def initialize
+          @client = PhcdevworksAccountsStytch::Stytch::Client.b2c_client
+        end
+
+        def reset_start(email)
+          log_action('Password Reset Start', email: email)
+          response = @client.passwords.email.reset_start(
+            email: email
+          )
+          handle_response(response)
+        end
+
+        def reset(password_reset_token, new_password)
+          log_action('Password Reset', token: password_reset_token)
+          response = @client.passwords.email.reset(
+            token: password_reset_token,
+            password: new_password
+          )
+          handle_response(response)
+        end
+
+        def reset_existing(email, old_password, new_password)
+          log_action('Existing Password Reset', email: email)
+          response = @client.passwords.existing_password.reset(
+            email: email,
+            existing_password: old_password,
+            new_password: new_password
+          )
+          handle_response(response)
+        end
+
+        def reset_with_session(session_token, new_password)
+          log_action('Session-based Password Reset', session_token: session_token)
+          response = @client.passwords.sessions.reset(
+            session_token: session_token,
+            password: new_password
+          )
+          handle_response(response)
+        end
+
+        def authenticate_password(email, password)
+          log_action('Password Authentication', email: email)
+          response = @client.passwords.authenticate(
+            email: email,
+            password: password
+          )
+          handle_response(response)
+        end
+
+        private
+
+        def handle_response(response)
+          PhcdevworksAccountsStytch::Stytch::Response.handle_response(response)
+        rescue PhcdevworksAccountsStytch::Stytch::Error => e
+          log_error(e)
+          raise
+        end
+
+        def log_action(action_name, details = {})
+          Rails.logger.info "Starting #{action_name} with details: #{details.inspect}"
+        end
+
+        def log_error(error)
+          Rails.logger.error "Error occurred: #{error.message}"
+          Rails.logger.error error.backtrace.join("\n")
+        end
+      end
+    end
+  end
+end

data/lib/phcdevworks_accounts_stytch/engine.rb

@@ -3,5 +3,11 @@
 module PhcdevworksAccountsStytch
   class Engine < ::Rails::Engine
     isolate_namespace PhcdevworksAccountsStytch
+
+    initializer 'phcdevworks_accounts_stytch.configure_stytch' do
+      PhcdevworksAccountsStytch::Stytch::Client.b2b_client
+      PhcdevworksAccountsStytch::Stytch::Client.b2c_client
+    end
+    config.autoload_paths += %W[#{config.root}/lib]
   end
 end

data/lib/phcdevworks_accounts_stytch/stytch/client.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module PhcdevworksAccountsStytch
+  module Stytch
+    class Client
+      class << self
+        def b2b_client
+          @b2b_client ||= create_b2b_client
+        end
+
+        def b2c_client
+          @b2c_client ||= create_b2c_client
+        end
+
+        private
+
+        def create_b2b_client
+          project_id = Rails.application.credentials.dig(:stytch, :b2b, :project_id)
+          secret = Rails.application.credentials.dig(:stytch, :b2b, :secret)
+          unless project_id && secret
+            raise PhcdevworksAccountsStytch::Stytch::Error.new(error_message: 'Stytch B2B credentials are missing')
+          end
+
+          StytchB2B::Client.new(
+            project_id: project_id,
+            secret: secret
+          )
+        end
+
+        def create_b2c_client
+          project_id = Rails.application.credentials.dig(:stytch, :b2c, :project_id)
+          secret = Rails.application.credentials.dig(:stytch, :b2c, :secret)
+          unless project_id && secret
+            raise PhcdevworksAccountsStytch::Stytch::Error.new(error_message: 'Stytch B2C credentials are missing')
+          end
+
+          ::Stytch::Client.new(
+            project_id: project_id,
+            secret: secret
+          )
+        end
+      end
+    end
+  end
+end

data/lib/phcdevworks_accounts_stytch/stytch/error.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module PhcdevworksAccountsStytch
+  module Stytch
+    class Error < StandardError
+      attr_reader :status_code, :error_code, :error_message
+
+      def initialize(status_code: nil, error_code: nil, error_message: nil)
+        @status_code = status_code
+        @error_code = error_code
+        @error_message = error_message || 'An error occurred with Stytch'
+        super(build_message)
+      end
+
+      private
+
+      def build_message
+        message = 'Stytch Error'
+        message += " (Status Code: #{@status_code})" if @status_code
+        message += " - Code: #{@error_code}" if @error_code
+        message += " - Message: #{@error_message}" if @error_message
+        message
+      end
+    end
+  end
+end

data/lib/phcdevworks_accounts_stytch/stytch/method_options.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module PhcdevworksAccountsStytch
+  module Stytch
+    class MethodOptions
+      attr_reader :options
+
+      def initialize(options = {})
+        @options = options
+      end
+
+      def to_headers
+        headers = {}
+        if (authorization = options[:authorization]) && authorization[:session_token]
+          headers['Authorization'] = "Bearer #{authorization[:session_token]}"
+        end
+        headers
+      end
+    end
+  end
+end