@01.software/sdk 0.17.0 → 0.18.0

package/README.md

@@ -307,7 +307,6 @@ login({ email: 'user@example.com', password: 'password' })
 // Other customer mutations
 client.query.useCustomerForgotPassword()
 client.query.useCustomerResetPassword()
-client.query.useCustomerVerifyEmail()
 client.query.useCustomerChangePassword()
 
 // Customer cache utilities
@@ -349,11 +348,10 @@ const orders = await client.commerce.orders.listMine({
   status: 'paid',
 })
 
-// Password & email
+// Password
 await client.customer.auth.forgotPassword('john@example.com')
 await client.customer.auth.resetPassword(token, newPassword)
 await client.customer.auth.changePassword(currentPassword, newPassword)
-await client.customer.auth.verifyEmail(verificationToken)
 ```
 
 ### Commerce Orders (ServerClient-only writes)
@@ -440,7 +438,11 @@ await server.community.moderation.unbanCustomer({ customerId })
 ### Webhook
 
 ```typescript
-import { handleWebhook, createTypedWebhookHandler } from '@01.software/sdk'
+import {
+  handleWebhook,
+  createCustomerAuthWebhookHandler,
+  createTypedWebhookHandler,
+} from '@01.software/sdk'
 
 // Basic handler
 export async function POST(request: Request) {
@@ -461,11 +463,18 @@ const handler = createTypedWebhookHandler('orders', async (event) => {
   // event.data is typed as Order
   console.log(event.data.orderNumber)
 })
+
+// Customer auth helper
+const customerAuthHandler = createCustomerAuthWebhookHandler({
+  passwordReset: async ({ email, resetPasswordToken }) => {
+    await sendPasswordResetEmail(email, resetPasswordToken)
+  },
+})
 ```
 
 ## Supported Collections
 
-Source of truth: `packages/sdk/src/core/collection/const.ts` (`COLLECTIONS`: 70).
+Source of truth: `packages/sdk/src/core/collection/const.ts` (`COLLECTIONS`: 74).
 
 | Category | Collections |
 | --- | --- |
@@ -484,6 +493,7 @@ Source of truth: `packages/sdk/src/core/collection/const.ts` (`COLLECTIONS`: 70)
 | Media | `images` |
 | Forms | `forms`, `form-submissions` |
 | Community | `threads`, `comments`, `reactions`, `reaction-types`, `bookmarks`, `thread-categories`, `reports`, `community-bans` |
+| Events | `event-calendars`, `events`, `event-occurrences`, `event-tags` |
 
 ## Utilities
 
@@ -618,7 +628,6 @@ P5 also adds JWT-`jti` revocation: `revokeCustomerJti(jti, ttl)` on the server i
 | Collection | Old | New |
 |---|---|---|
 | Customers | `socialId` | `providerUserId` |
-| Customers | `isVerified` | `isEmailVerified` |
 | Customers | `loginAttempts` | `loginAttemptCount` |
 | Customers | `resetPasswordExpiry` | `resetPasswordExpiresAt` |
 | Orders, Carts | `shippingFee` | `shippingAmount` |

package/dist/{const-D2K5HxpP.d.cts → const-_gW__LA1.d.ts}

@@ -1,4 +1,4 @@
-import { C as Config } from './payload-types-CMoyAOjJ.cjs';
+import { C as Config } from './payload-types-Cwnj_qN4.js';
 
 /**
  * Collection type derived from Payload Config.
@@ -9,12 +9,12 @@ type Collection = keyof Config['collections'];
  * Internal collections that should not be exposed via SDK.
  * Includes Payload system collections and admin-only collections.
  */
-declare const INTERNAL_COLLECTIONS: readonly ["users", "payload-kv", "payload-locked-documents", "payload-preferences", "payload-migrations", "field-configs", "system-media", "track-assets", "audiences", "email-logs", "tenant-auth-settings", "tenant-community-settings", "api-usage", "tenant-analytics-daily", "analytics-event-schemas", "subscriptions", "billing-history", "order-status-logs", "api-keys", "personal-access-tokens", "tenant-entitlements", "webhook-events", "webhook-deliveries", "audit-logs", "plans", "webhooks"];
+declare const INTERNAL_COLLECTIONS: readonly ["users", "payload-kv", "payload-locked-documents", "payload-preferences", "payload-migrations", "field-configs", "system-media", "track-assets", "audiences", "email-logs", "api-usage", "tenant-analytics-daily", "analytics-event-schemas", "subscriptions", "billing-history", "order-status-logs", "api-keys", "personal-access-tokens", "tenant-entitlements", "webhook-events", "webhook-deliveries", "audit-logs", "plans", "webhooks", "event-registrations"];
 /**
  * Array of all public collection names for runtime use (e.g., Zod enum validation).
  * This is the single source of truth for which collections are publicly accessible via SDK.
  */
-declare const COLLECTIONS: readonly ["tenants", "tenant-metadata", "tenant-logos", "products", "product-variants", "product-options", "product-option-values", "product-categories", "product-tags", "product-collections", "brands", "brand-logos", "orders", "order-items", "returns", "return-items", "fulfillments", "fulfillment-items", "transactions", "customers", "customer-profiles", "customer-addresses", "customer-groups", "carts", "cart-items", "discounts", "promotions", "shipping-policies", "documents", "document-categories", "document-types", "posts", "post-authors", "post-categories", "post-tags", "playlists", "playlist-categories", "playlist-tags", "tracks", "track-categories", "track-tags", "galleries", "gallery-categories", "gallery-tags", "gallery-items", "links", "link-categories", "link-tags", "canvases", "canvas-node-types", "canvas-edge-types", "canvas-categories", "canvas-tags", "canvas-nodes", "canvas-edges", "videos", "video-categories", "video-tags", "live-streams", "images", "forms", "form-submissions", "threads", "comments", "reactions", "reaction-types", "bookmarks", "thread-categories", "reports", "community-bans"];
+declare const COLLECTIONS: readonly ["tenants", "tenant-metadata", "tenant-logos", "products", "product-variants", "product-options", "product-option-values", "product-categories", "product-tags", "product-collections", "brands", "brand-logos", "orders", "order-items", "returns", "return-items", "fulfillments", "fulfillment-items", "transactions", "customers", "customer-profiles", "customer-addresses", "customer-groups", "carts", "cart-items", "discounts", "promotions", "shipping-policies", "documents", "document-categories", "document-types", "posts", "post-authors", "post-categories", "post-tags", "playlists", "playlist-categories", "playlist-tags", "tracks", "track-categories", "track-tags", "galleries", "gallery-categories", "gallery-tags", "gallery-items", "links", "link-categories", "link-tags", "canvases", "canvas-node-types", "canvas-edge-types", "canvas-categories", "canvas-tags", "canvas-nodes", "canvas-edges", "videos", "video-categories", "video-tags", "live-streams", "images", "forms", "form-submissions", "threads", "comments", "reactions", "reaction-types", "bookmarks", "thread-categories", "reports", "community-bans", "event-calendars", "events", "event-occurrences", "event-tags"];
 /**
  * Public collections available for SDK access.
  * Derived from the COLLECTIONS array (single source of truth).

package/dist/{const-DG8TrouX.d.ts → const-zEoxAfGX.d.cts}

@@ -1,4 +1,4 @@
-import { C as Config } from './payload-types-CMoyAOjJ.js';
+import { C as Config } from './payload-types-Cwnj_qN4.cjs';
 
 /**
  * Collection type derived from Payload Config.
@@ -9,12 +9,12 @@ type Collection = keyof Config['collections'];
  * Internal collections that should not be exposed via SDK.
  * Includes Payload system collections and admin-only collections.
  */
-declare const INTERNAL_COLLECTIONS: readonly ["users", "payload-kv", "payload-locked-documents", "payload-preferences", "payload-migrations", "field-configs", "system-media", "track-assets", "audiences", "email-logs", "tenant-auth-settings", "tenant-community-settings", "api-usage", "tenant-analytics-daily", "analytics-event-schemas", "subscriptions", "billing-history", "order-status-logs", "api-keys", "personal-access-tokens", "tenant-entitlements", "webhook-events", "webhook-deliveries", "audit-logs", "plans", "webhooks"];
+declare const INTERNAL_COLLECTIONS: readonly ["users", "payload-kv", "payload-locked-documents", "payload-preferences", "payload-migrations", "field-configs", "system-media", "track-assets", "audiences", "email-logs", "api-usage", "tenant-analytics-daily", "analytics-event-schemas", "subscriptions", "billing-history", "order-status-logs", "api-keys", "personal-access-tokens", "tenant-entitlements", "webhook-events", "webhook-deliveries", "audit-logs", "plans", "webhooks", "event-registrations"];
 /**
  * Array of all public collection names for runtime use (e.g., Zod enum validation).
  * This is the single source of truth for which collections are publicly accessible via SDK.
  */
-declare const COLLECTIONS: readonly ["tenants", "tenant-metadata", "tenant-logos", "products", "product-variants", "product-options", "product-option-values", "product-categories", "product-tags", "product-collections", "brands", "brand-logos", "orders", "order-items", "returns", "return-items", "fulfillments", "fulfillment-items", "transactions", "customers", "customer-profiles", "customer-addresses", "customer-groups", "carts", "cart-items", "discounts", "promotions", "shipping-policies", "documents", "document-categories", "document-types", "posts", "post-authors", "post-categories", "post-tags", "playlists", "playlist-categories", "playlist-tags", "tracks", "track-categories", "track-tags", "galleries", "gallery-categories", "gallery-tags", "gallery-items", "links", "link-categories", "link-tags", "canvases", "canvas-node-types", "canvas-edge-types", "canvas-categories", "canvas-tags", "canvas-nodes", "canvas-edges", "videos", "video-categories", "video-tags", "live-streams", "images", "forms", "form-submissions", "threads", "comments", "reactions", "reaction-types", "bookmarks", "thread-categories", "reports", "community-bans"];
+declare const COLLECTIONS: readonly ["tenants", "tenant-metadata", "tenant-logos", "products", "product-variants", "product-options", "product-option-values", "product-categories", "product-tags", "product-collections", "brands", "brand-logos", "orders", "order-items", "returns", "return-items", "fulfillments", "fulfillment-items", "transactions", "customers", "customer-profiles", "customer-addresses", "customer-groups", "carts", "cart-items", "discounts", "promotions", "shipping-policies", "documents", "document-categories", "document-types", "posts", "post-authors", "post-categories", "post-tags", "playlists", "playlist-categories", "playlist-tags", "tracks", "track-categories", "track-tags", "galleries", "gallery-categories", "gallery-tags", "gallery-items", "links", "link-categories", "link-tags", "canvases", "canvas-node-types", "canvas-edge-types", "canvas-categories", "canvas-tags", "canvas-nodes", "canvas-edges", "videos", "video-categories", "video-tags", "live-streams", "images", "forms", "form-submissions", "threads", "comments", "reactions", "reaction-types", "bookmarks", "thread-categories", "reports", "community-bans", "event-calendars", "events", "event-occurrences", "event-tags"];
 /**
  * Public collections available for SDK access.
  * Derived from the COLLECTIONS array (single source of truth).

package/dist/index.cjs

@@ -24,6 +24,7 @@ __export(src_exports, {
   AuthError: () => AuthError,
   BaseApi: () => BaseApi,
   COLLECTIONS: () => COLLECTIONS,
+  CUSTOMER_PASSWORD_RESET_OPERATION: () => CUSTOMER_PASSWORD_RESET_OPERATION,
   CartApi: () => CartApi,
   Client: () => Client,
   CollectionClient: () => CollectionClient,
@@ -65,6 +66,7 @@ __export(src_exports, {
   createAuthError: () => createAuthError,
   createClient: () => createClient,
   createConflictError: () => createConflictError,
+  createCustomerAuthWebhookHandler: () => createCustomerAuthWebhookHandler,
   createNotFoundError: () => createNotFoundError,
   createPermissionError: () => createPermissionError,
   createRateLimitError: () => createRateLimitError,
@@ -91,6 +93,7 @@ __export(src_exports, {
   isAuthError: () => isAuthError,
   isConfigError: () => isConfigError,
   isConflictError: () => isConflictError,
+  isCustomerPasswordResetWebhookEvent: () => isCustomerPasswordResetWebhookEvent,
   isGoneError: () => isGoneError,
   isNetworkError: () => isNetworkError,
   isNotFoundError: () => isNotFoundError,
@@ -1077,8 +1080,6 @@ var INTERNAL_COLLECTIONS = [
   "track-assets",
   "audiences",
   "email-logs",
-  "tenant-auth-settings",
-  "tenant-community-settings",
   "api-usage",
   "tenant-analytics-daily",
   "analytics-event-schemas",
@@ -1092,7 +1093,8 @@ var INTERNAL_COLLECTIONS = [
   "webhook-deliveries",
   "audit-logs",
   "plans",
-  "webhooks"
+  "webhooks",
+  "event-registrations"
 ];
 var COLLECTIONS = [
   "tenants",
@@ -1165,7 +1167,12 @@ var COLLECTIONS = [
   "bookmarks",
   "thread-categories",
   "reports",
-  "community-bans"
+  "community-bans",
+  // Events
+  "event-calendars",
+  "events",
+  "event-occurrences",
+  "event-tags"
 ];
 
 // src/core/api/parse-response.ts
@@ -1581,15 +1588,6 @@ var CustomerAuth = class {
       body: JSON.stringify({ currentPassword, newPassword })
     });
   }
-  /**
-   * Verify email using the verification token
-   */
-  async verifyEmail(token) {
-    await this.requestJson("/api/customers/verify-email", {
-      method: "POST",
-      body: JSON.stringify({ token })
-    });
-  }
   /**
    * Get the authenticated customer's orders with pagination and optional status filter
    */
@@ -2309,14 +2307,6 @@ var CustomerHooks = class {
       options
     );
   }
-  useCustomerVerifyEmail(options) {
-    return createMutation(
-      (token) => this.ensureCustomerAuth().verifyEmail(token).then(() => {
-      }),
-      options,
-      this.invalidateMe
-    );
-  }
   useCustomerRefreshToken(options) {
     return createMutation(
       () => this.ensureCustomerAuth().refreshToken(),
@@ -2361,7 +2351,6 @@ var QueryHooks = class extends CollectionHooks {
     this.useCustomerLogout = (...args) => this._customer.useCustomerLogout(...args);
     this.useCustomerForgotPassword = (...args) => this._customer.useCustomerForgotPassword(...args);
     this.useCustomerResetPassword = (...args) => this._customer.useCustomerResetPassword(...args);
-    this.useCustomerVerifyEmail = (...args) => this._customer.useCustomerVerifyEmail(...args);
     this.useCustomerRefreshToken = (...args) => this._customer.useCustomerRefreshToken(...args);
     this.useCustomerUpdateProfile = (...args) => this._customer.useCustomerUpdateProfile(...args);
     this.useCustomerChangePassword = (...args) => this._customer.useCustomerChangePassword(...args);
@@ -2745,7 +2734,32 @@ var RealtimeConnection = class {
 function isValidWebhookEvent(data) {
   if (typeof data !== "object" || data === null) return false;
   const obj = data;
-  return typeof obj.collection === "string" && (obj.operation === "create" || obj.operation === "update") && typeof obj.data === "object" && obj.data !== null;
+  return typeof obj.collection === "string" && typeof obj.operation === "string" && obj.operation.length > 0 && typeof obj.data === "object" && obj.data !== null;
+}
+var CUSTOMER_PASSWORD_RESET_OPERATION = "password-reset";
+function isRecord(value) {
+  return typeof value === "object" && value !== null;
+}
+function hasString(value, key) {
+  return typeof value[key] === "string";
+}
+function hasStringOrNumber(value, key) {
+  return typeof value[key] === "string" || typeof value[key] === "number";
+}
+function isCustomerPasswordResetWebhookEvent(event) {
+  if (event.collection !== "customers" || event.operation !== CUSTOMER_PASSWORD_RESET_OPERATION || !isRecord(event.data)) {
+    return false;
+  }
+  return hasStringOrNumber(event.data, "customerId") && hasString(event.data, "email") && hasString(event.data, "name") && hasString(event.data, "resetPasswordToken") && hasString(event.data, "resetPasswordExpiresAt");
+}
+function createCustomerAuthWebhookHandler(handlers) {
+  return async (event) => {
+    if (isCustomerPasswordResetWebhookEvent(event) && handlers.passwordReset) {
+      await handlers.passwordReset(event.data, event);
+      return;
+    }
+    await handlers.unhandled?.(event);
+  };
 }
 async function verifySignature(payload, secret, signature) {
   const encoder = new TextEncoder();