npm - @aaspai/react - Versions diffs - 0.0.0 → 0.0.2 - Mend

@aaspai/react 0.0.0 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

package/dist/lib.cjs ADDED Viewed

@@ -0,0 +1,139 @@
+'use strict';
+var zod = require('zod');
+// src/lib/validation.ts
+var emailSchema = zod.z.string().min(1, "Email is required").email("Invalid email address");
+function createPasswordSchema(options) {
+  const {
+    minLength = 6,
+    requireUppercase = false,
+    requireLowercase = false,
+    requireNumber = false,
+    requireSpecialChar = false
+  } = options || {};
+  let schema = zod.z.string().min(minLength, `Password must be at least ${minLength} characters`);
+  if (requireUppercase) {
+    schema = schema.regex(/[A-Z]/, "Password must contain at least one uppercase letter");
+  }
+  if (requireLowercase) {
+    schema = schema.regex(/[a-z]/, "Password must contain at least one lowercase letter");
+  }
+  if (requireNumber) {
+    schema = schema.regex(/\d/, "Password must contain at least one number");
+  }
+  if (requireSpecialChar) {
+    schema = schema.regex(
+      /[!@#$%^&*()_+\-=[\]{};':"\\|,.<>/?]/,
+      "Password must contain at least one special character"
+    );
+  }
+  return schema;
+}
+var passwordSchema = createPasswordSchema();
+function validateEmail(email) {
+  const result = emailSchema.safeParse(email);
+  if (result.success) {
+    return { valid: true };
+  }
+  return { valid: false, error: result.error.message };
+}
+function validatePassword(password, options) {
+  const schema = createPasswordSchema(options);
+  const result = schema.safeParse(password);
+  if (result.success) {
+    return { valid: true };
+  }
+  return { valid: false, error: result.error.message };
+}
+function checkPasswordStrength(password) {
+  const feedback = [];
+  let score = 0;
+  if (password.length >= 8) {
+    score += 1;
+  } else {
+    feedback.push("Use at least 8 characters");
+  }
+  if (password.length >= 12) {
+    score += 1;
+  }
+  if (/[a-z]/.test(password) && /[A-Z]/.test(password)) {
+    score += 1;
+  } else {
+    feedback.push("Use both uppercase and lowercase letters");
+  }
+  if (/\d/.test(password)) {
+    score += 1;
+  } else {
+    feedback.push("Include at least one number");
+  }
+  if (/[!@#$%^&*()_+\-=[\]{};':"\\|,.<>/?]/.test(password)) {
+    score += 1;
+  } else {
+    feedback.push("Include at least one special character");
+  }
+  return { score, feedback };
+}
+// src/lib/path-utils.ts
+function resolveAuthPath(targetPath) {
+  if (typeof window === "undefined") {
+    return targetPath;
+  }
+  const currentPath = window.location.pathname;
+  if (currentPath.startsWith("/auth/")) {
+    if (targetPath.startsWith("/auth/")) {
+      return targetPath;
+    }
+    return `/auth${targetPath}`;
+  }
+  return targetPath;
+}
+function resolveAuthUrl(targetPath, searchParams) {
+  const resolvedPath = resolveAuthPath(targetPath);
+  if (!searchParams || searchParams.toString() === "") {
+    return resolvedPath;
+  }
+  return `${resolvedPath}?${searchParams.toString()}`;
+}
+// src/lib/hosted-auth.ts
+function isHostedAuthEnvironment() {
+  if (typeof window === "undefined") {
+    return false;
+  }
+  const { hostname, port, protocol } = window.location;
+  if (hostname === "localhost" && port === "7130") {
+    return true;
+  }
+  if (protocol === "https:" && hostname.endsWith(".aaspai.app")) {
+    return true;
+  }
+  return false;
+}
+function buildLegacyAuthUrl(redirectUrl, session) {
+  const url = new URL(redirectUrl);
+  url.searchParams.set("access_token", session.accessToken);
+  url.searchParams.set("user_id", session.userId);
+  url.searchParams.set("email", session.email);
+  if (session.name) {
+    url.searchParams.set("name", session.name);
+  }
+  if (session.csrfToken) {
+    url.searchParams.set("csrf_token", session.csrfToken);
+  }
+  return url.toString();
+}
+exports.buildLegacyAuthUrl = buildLegacyAuthUrl;
+exports.checkPasswordStrength = checkPasswordStrength;
+exports.createPasswordSchema = createPasswordSchema;
+exports.emailSchema = emailSchema;
+exports.isHostedAuthEnvironment = isHostedAuthEnvironment;
+exports.passwordSchema = passwordSchema;
+exports.resolveAuthPath = resolveAuthPath;
+exports.resolveAuthUrl = resolveAuthUrl;
+exports.validateEmail = validateEmail;
+exports.validatePassword = validatePassword;
+//# sourceMappingURL=lib.cjs.map
+//# sourceMappingURL=lib.cjs.map

package/dist/lib.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/lib/validation.ts","../src/lib/path-utils.ts","../src/lib/hosted-auth.ts"],"names":["z"],"mappings":";;;;;AAKO,IAAM,WAAA,GAAcA,MAAE,MAAA,EAAO,CAAE,IAAI,CAAA,EAAG,mBAAmB,CAAA,CAAE,KAAA,CAAM,uBAAuB;AAKxF,SAAS,qBAAqB,OAAA,EAMlC;AACD,EAAA,MAAM;AAAA,IACJ,SAAA,GAAY,CAAA;AAAA,IACZ,gBAAA,GAAmB,KAAA;AAAA,IACnB,gBAAA,GAAmB,KAAA;AAAA,IACnB,aAAA,GAAgB,KAAA;AAAA,IAChB,kBAAA,GAAqB;AAAA,GACvB,GAAI,WAAW,EAAC;AAEhB,EAAA,IAAI,MAAA,GAASA,MAAE,MAAA,EAAO,CAAE,IAAI,SAAA,EAAW,CAAA,0BAAA,EAA6B,SAAS,CAAA,WAAA,CAAa,CAAA;AAE1F,EAAA,IAAI,gBAAA,EAAkB;AACpB,IAAA,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,OAAA,EAAS,qDAAqD,CAAA;AAAA,EACtF;AAEA,EAAA,IAAI,gBAAA,EAAkB;AACpB,IAAA,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,OAAA,EAAS,qDAAqD,CAAA;AAAA,EACtF;AAEA,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,IAAA,EAAM,2CAA2C,CAAA;AAAA,EACzE;AAEA,EAAA,IAAI,kBAAA,EAAoB;AACtB,IAAA,MAAA,GAAS,MAAA,CAAO,KAAA;AAAA,MACd,qCAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAKO,IAAM,iBAAiB,oBAAA;AAKvB,SAAS,cAAc,KAAA,EAAmD;AAC/E,EAAA,MAAM,MAAA,GAAS,WAAA,CAAY,SAAA,CAAU,KAAK,CAAA;AAC1C,EAAA,IAAI,OAAO,OAAA,EAAS;AAClB,IAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AAAA,EACvB;AACA,EAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,MAAA,CAAO,MAAM,OAAA,EAAQ;AACrD;AAKO,SAAS,gBAAA,CACd,UACA,OAAA,EACoC;AACpC,EAAA,MAAM,MAAA,GAAS,qBAAqB,OAAO,CAAA;AAC3C,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,SAAA,CAAU,QAAQ,CAAA;AACxC,EAAA,IAAI,OAAO,OAAA,EAAS;AAClB,IAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AAAA,EACvB;AACA,EAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,MAAA,CAAO,MAAM,OAAA,EAAQ;AACrD;AAKO,SAAS,sBAAsB,QAAA,EAGpC;AACA,EAAA,MAAM,WAAqB,EAAC;AAC5B,EAAA,IAAI,KAAA,GAAQ,CAAA;AAEZ,EAAA,IAAI,QAAA,CAAS,UAAU,CAAA,EAAG;AACxB,IAAA,KAAA,IAAS,CAAA;AAAA,EACX,CAAA,MAAO;AACL,IAAA,QAAA,CAAS,KAAK,2BAA2B,CAAA;AAAA,EAC3C;AAEA,EAAA,IAAI,QAAA,CAAS,UAAU,EAAA,EAAI;AACzB,IAAA,KAAA,IAAS,CAAA;AAAA,EACX;AAEA,EAAA,IAAI,QAAQ,IAAA,CAAK,QAAQ,KAAK,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG;AACpD,IAAA,KAAA,IAAS,CAAA;AAAA,EACX,CAAA,MAAO;AACL,IAAA,QAAA,CAAS,KAAK,0CAA0C,CAAA;AAAA,EAC1D;AAEA,EAAA,IAAI,IAAA,CAAK,IAAA,CAAK,QAAQ,CAAA,EAAG;AACvB,IAAA,KAAA,IAAS,CAAA;AAAA,EACX,CAAA,MAAO;AACL,IAAA,QAAA,CAAS,KAAK,6BAA6B,CAAA;AAAA,EAC7C;AAEA,EAAA,IAAI,qCAAA,CAAsC,IAAA,CAAK,QAAQ,CAAA,EAAG;AACxD,IAAA,KAAA,IAAS,CAAA;AAAA,EACX,CAAA,MAAO;AACL,IAAA,QAAA,CAAS,KAAK,wCAAwC,CAAA;AAAA,EACxD;AAEA,EAAA,OAAO,EAAE,OAAO,QAAA,EAAS;AAC3B;;;AClGO,SAAS,gBAAgB,UAAA,EAA4B;AAC1D,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,IAAA,OAAO,UAAA;AAAA,EACT;AAEA,EAAA,MAAM,WAAA,GAAc,OAAO,QAAA,CAAS,QAAA;AAGpC,EAAA,IAAI,WAAA,CAAY,UAAA,CAAW,QAAQ,CAAA,EAAG;AAEpC,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,QAAQ,CAAA,EAAG;AACnC,MAAA,OAAO,UAAA;AAAA,IACT;AAEA,IAAA,OAAO,QAAQ,UAAU,CAAA,CAAA;AAAA,EAC3B;AAGA,EAAA,OAAO,UAAA;AACT;AAcO,SAAS,cAAA,CAAe,YAAoB,YAAA,EAAwC;AACzF,EAAA,MAAM,YAAA,GAAe,gBAAgB,UAAU,CAAA;AAE/C,EAAA,IAAI,CAAC,YAAA,IAAgB,YAAA,CAAa,QAAA,OAAe,EAAA,EAAI;AACnD,IAAA,OAAO,YAAA;AAAA,EACT;AAEA,EAAA,OAAO,CAAA,EAAG,YAAY,CAAA,CAAA,EAAI,YAAA,CAAa,UAAU,CAAA,CAAA;AACnD;;;AC/BO,SAAS,uBAAA,GAAmC;AACjD,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,EAAE,QAAA,EAAU,IAAA,EAAM,QAAA,KAAa,MAAA,CAAO,QAAA;AAG5C,EAAA,IAAI,QAAA,KAAa,WAAA,IAAe,IAAA,KAAS,MAAA,EAAQ;AAC/C,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,IAAI,QAAA,KAAa,QAAA,IAAY,QAAA,CAAS,QAAA,CAAS,eAAe,CAAA,EAAG;AAC/D,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO,KAAA;AACT;AAuBO,SAAS,kBAAA,CAAmB,aAAqB,OAAA,EAAoC;AAC1F,EAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,WAAW,CAAA;AAC/B,EAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,cAAA,EAAgB,OAAA,CAAQ,WAAW,CAAA;AACxD,EAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,SAAA,EAAW,OAAA,CAAQ,MAAM,CAAA;AAC9C,EAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAA,EAAS,OAAA,CAAQ,KAAK,CAAA;AAE3C,EAAA,IAAI,QAAQ,IAAA,EAAM;AAChB,IAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,MAAA,EAAQ,OAAA,CAAQ,IAAI,CAAA;AAAA,EAC3C;AAEA,EAAA,IAAI,QAAQ,SAAA,EAAW;AACrB,IAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,YAAA,EAAc,OAAA,CAAQ,SAAS,CAAA;AAAA,EACtD;AAEA,EAAA,OAAO,IAAI,QAAA,EAAS;AACtB","file":"lib.cjs","sourcesContent":["import { z } from 'zod';\r\n\r\n/**\r\n * Email validation schema\r\n */\r\nexport const emailSchema = z.string().min(1, 'Email is required').email('Invalid email address');\r\n\r\n/**\r\n * Password validation schema with configurable requirements\r\n */\r\nexport function createPasswordSchema(options?: {\r\n minLength?: number;\r\n requireUppercase?: boolean;\r\n requireLowercase?: boolean;\r\n requireNumber?: boolean;\r\n requireSpecialChar?: boolean;\r\n}) {\r\n const {\r\n minLength = 6,\r\n requireUppercase = false,\r\n requireLowercase = false,\r\n requireNumber = false,\r\n requireSpecialChar = false,\r\n } = options || {};\r\n\r\n let schema = z.string().min(minLength, `Password must be at least ${minLength} characters`);\r\n\r\n if (requireUppercase) {\r\n schema = schema.regex(/[A-Z]/, 'Password must contain at least one uppercase letter');\r\n }\r\n\r\n if (requireLowercase) {\r\n schema = schema.regex(/[a-z]/, 'Password must contain at least one lowercase letter');\r\n }\r\n\r\n if (requireNumber) {\r\n schema = schema.regex(/\\d/, 'Password must contain at least one number');\r\n }\r\n\r\n if (requireSpecialChar) {\r\n schema = schema.regex(\r\n /[!@#$%^&*()_+\\-=[\\]{};':\"\\\\|,.<>/?]/,\r\n 'Password must contain at least one special character'\r\n );\r\n }\r\n\r\n return schema;\r\n}\r\n\r\n/**\r\n * Default password schema (minimum 6 characters)\r\n */\r\nexport const passwordSchema = createPasswordSchema();\r\n\r\n/**\r\n * Validate email format\r\n */\r\nexport function validateEmail(email: string): { valid: boolean; error?: string } {\r\n const result = emailSchema.safeParse(email);\r\n if (result.success) {\r\n return { valid: true };\r\n }\r\n return { valid: false, error: result.error.message };\r\n}\r\n\r\n/**\r\n * Validate password format\r\n */\r\nexport function validatePassword(\r\n password: string,\r\n options?: Parameters<typeof createPasswordSchema>[0]\r\n): { valid: boolean; error?: string } {\r\n const schema = createPasswordSchema(options);\r\n const result = schema.safeParse(password);\r\n if (result.success) {\r\n return { valid: true };\r\n }\r\n return { valid: false, error: result.error.message };\r\n}\r\n\r\n/**\r\n * Validate password strength based on multiple criteria\r\n */\r\nexport function checkPasswordStrength(password: string): {\r\n score: number;\r\n feedback: string[];\r\n} {\r\n const feedback: string[] = [];\r\n let score = 0;\r\n\r\n if (password.length >= 8) {\r\n score += 1;\r\n } else {\r\n feedback.push('Use at least 8 characters');\r\n }\r\n\r\n if (password.length >= 12) {\r\n score += 1;\r\n }\r\n\r\n if (/[a-z]/.test(password) && /[A-Z]/.test(password)) {\r\n score += 1;\r\n } else {\r\n feedback.push('Use both uppercase and lowercase letters');\r\n }\r\n\r\n if (/\\d/.test(password)) {\r\n score += 1;\r\n } else {\r\n feedback.push('Include at least one number');\r\n }\r\n\r\n if (/[!@#$%^&*()_+\\-=[\\]{};':\"\\\\|,.<>/?]/.test(password)) {\r\n score += 1;\r\n } else {\r\n feedback.push('Include at least one special character');\r\n }\r\n\r\n return { score, feedback };\r\n}\r\n","/**\r\n * Path utilities for handling navigation in auth flows.\r\n * Ensures proper path resolution when auth pages are served under a base path (e.g., /auth/)\r\n */\r\n\r\n/**\r\n * Resolves an auth route path relative to the current location.\r\n * If the current path is under /auth/, it will preserve that prefix.\r\n * Otherwise, it returns the path as-is.\r\n *\r\n * @param targetPath - The target auth path (e.g., '/sign-in', '/sign-up')\r\n * @returns The resolved path with proper base path handling\r\n *\r\n * @example\r\n * // Current URL: http://localhost:5174/auth/sign-in\r\n * resolveAuthPath('/sign-up') // Returns '/auth/sign-up'\r\n *\r\n * @example\r\n * // Current URL: http://localhost:5174/sign-in\r\n * resolveAuthPath('/sign-up') // Returns '/sign-up'\r\n */\r\nexport function resolveAuthPath(targetPath: string): string {\r\n if (typeof window === 'undefined') {\r\n return targetPath;\r\n }\r\n\r\n const currentPath = window.location.pathname;\r\n\r\n // Check if we're currently under /auth/ base path\r\n if (currentPath.startsWith('/auth/')) {\r\n // If target already has /auth/ prefix, return as-is\r\n if (targetPath.startsWith('/auth/')) {\r\n return targetPath;\r\n }\r\n // Add /auth/ prefix to the target path\r\n return `/auth${targetPath}`;\r\n }\r\n\r\n // Not under /auth/, return target path as-is\r\n return targetPath;\r\n}\r\n\r\n/**\r\n * Resolves an auth route URL with search params preserved.\r\n * Similar to resolveAuthPath but returns a full URL string with query parameters.\r\n *\r\n * @param targetPath - The target auth path (e.g., '/sign-in', '/sign-up')\r\n * @param searchParams - Optional URLSearchParams to append\r\n * @returns The resolved URL as a string\r\n *\r\n * @example\r\n * // Current URL: http://localhost:5174/auth/sign-in?redirect=...\r\n * resolveAuthUrl('/sign-up', searchParams) // Returns '/auth/sign-up?redirect=...'\r\n */\r\nexport function resolveAuthUrl(targetPath: string, searchParams?: URLSearchParams): string {\r\n const resolvedPath = resolveAuthPath(targetPath);\r\n\r\n if (!searchParams || searchParams.toString() === '') {\r\n return resolvedPath;\r\n }\r\n\r\n return `${resolvedPath}?${searchParams.toString()}`;\r\n}\r\n","/**\r\n * Hosted Auth Helpers\r\n *\r\n * Utilities for detecting hosted auth environment and building legacy auth URLs\r\n * for cross-domain authentication flows.\r\n */\r\n\r\n/**\r\n * Get CSRF token from cookie\r\n *\r\n * Reads the aaspai_csrf_token cookie set by the backend after authentication.\r\n * This is needed for OAuth flows where the csrfToken is stored in cookies\r\n * rather than returned in the API response.\r\n *\r\n * @returns The CSRF token value or null if not found\r\n */\r\nexport function getCsrfTokenFromCookie(): string | null {\r\n if (typeof document === 'undefined') return null;\r\n const match = document.cookie.match(/(?:^|;\\s*)aaspai_csrf_token=([^;]*)/);\r\n return match ? decodeURIComponent(match[1]) : null;\r\n}\r\n\r\n/**\r\n * Check if current environment is a hosted auth environment\r\n *\r\n * Returns true for:\r\n * - localhost with port 7130 (hosted auth app dev)\r\n * - https://*.aaspai.app (hosted auth app production)\r\n *\r\n * @returns true if running in hosted auth environment\r\n */\r\nexport function isHostedAuthEnvironment(): boolean {\r\n if (typeof window === 'undefined') {\r\n return false;\r\n }\r\n\r\n const { hostname, port, protocol } = window.location;\r\n\r\n // Local development\r\n if (hostname === 'localhost' && port === '7130') {\r\n return true;\r\n }\r\n\r\n // Production hosted auth\r\n if (protocol === 'https:' && hostname.endsWith('.aaspai.app')) {\r\n return true;\r\n }\r\n\r\n return false;\r\n}\r\n\r\n/**\r\n * Session data for building legacy auth URL\r\n */\r\nexport interface LegacyAuthSession {\r\n accessToken: string;\r\n userId: string;\r\n email: string;\r\n name?: string;\r\n csrfToken?: string;\r\n}\r\n\r\n/**\r\n * Build a legacy flow redirect URL with auth params in query string\r\n *\r\n * This is used to pass authentication credentials back to the user's app\r\n * after OAuth completes in the hosted auth environment.\r\n *\r\n * @param redirectUrl - The URL to redirect to (user's app)\r\n * @param session - The session data to include in the URL\r\n * @returns The complete URL with auth params\r\n */\r\nexport function buildLegacyAuthUrl(redirectUrl: string, session: LegacyAuthSession): string {\r\n const url = new URL(redirectUrl);\r\n url.searchParams.set('access_token', session.accessToken);\r\n url.searchParams.set('user_id', session.userId);\r\n url.searchParams.set('email', session.email);\r\n\r\n if (session.name) {\r\n url.searchParams.set('name', session.name);\r\n }\r\n\r\n if (session.csrfToken) {\r\n url.searchParams.set('csrf_token', session.csrfToken);\r\n }\r\n\r\n return url.toString();\r\n}\r\n"]}

package/dist/lib.d.cts ADDED Viewed

@@ -0,0 +1,111 @@
+import { z } from 'zod';
+/**
+ * Email validation schema
+ */
+declare const emailSchema: z.ZodString;
+/**
+ * Password validation schema with configurable requirements
+ */
+declare function createPasswordSchema(options?: {
+    minLength?: number;
+    requireUppercase?: boolean;
+    requireLowercase?: boolean;
+    requireNumber?: boolean;
+    requireSpecialChar?: boolean;
+}): z.ZodString;
+/**
+ * Default password schema (minimum 6 characters)
+ */
+declare const passwordSchema: z.ZodString;
+/**
+ * Validate email format
+ */
+declare function validateEmail(email: string): {
+    valid: boolean;
+    error?: string;
+};
+/**
+ * Validate password format
+ */
+declare function validatePassword(password: string, options?: Parameters<typeof createPasswordSchema>[0]): {
+    valid: boolean;
+    error?: string;
+};
+/**
+ * Validate password strength based on multiple criteria
+ */
+declare function checkPasswordStrength(password: string): {
+    score: number;
+    feedback: string[];
+};
+/**
+ * Path utilities for handling navigation in auth flows.
+ * Ensures proper path resolution when auth pages are served under a base path (e.g., /auth/)
+ */
+/**
+ * Resolves an auth route path relative to the current location.
+ * If the current path is under /auth/, it will preserve that prefix.
+ * Otherwise, it returns the path as-is.
+ *
+ * @param targetPath - The target auth path (e.g., '/sign-in', '/sign-up')
+ * @returns The resolved path with proper base path handling
+ *
+ * @example
+ * // Current URL: http://localhost:5174/auth/sign-in
+ * resolveAuthPath('/sign-up') // Returns '/auth/sign-up'
+ *
+ * @example
+ * // Current URL: http://localhost:5174/sign-in
+ * resolveAuthPath('/sign-up') // Returns '/sign-up'
+ */
+declare function resolveAuthPath(targetPath: string): string;
+/**
+ * Resolves an auth route URL with search params preserved.
+ * Similar to resolveAuthPath but returns a full URL string with query parameters.
+ *
+ * @param targetPath - The target auth path (e.g., '/sign-in', '/sign-up')
+ * @param searchParams - Optional URLSearchParams to append
+ * @returns The resolved URL as a string
+ *
+ * @example
+ * // Current URL: http://localhost:5174/auth/sign-in?redirect=...
+ * resolveAuthUrl('/sign-up', searchParams) // Returns '/auth/sign-up?redirect=...'
+ */
+declare function resolveAuthUrl(targetPath: string, searchParams?: URLSearchParams): string;
+/**
+ * Check if current environment is a hosted auth environment
+ *
+ * Returns true for:
+ * - localhost with port 7130 (hosted auth app dev)
+ * - https://*.aaspai.app (hosted auth app production)
+ *
+ * @returns true if running in hosted auth environment
+ */
+declare function isHostedAuthEnvironment(): boolean;
+/**
+ * Session data for building legacy auth URL
+ */
+interface LegacyAuthSession {
+    accessToken: string;
+    userId: string;
+    email: string;
+    name?: string;
+    csrfToken?: string;
+}
+/**
+ * Build a legacy flow redirect URL with auth params in query string
+ *
+ * This is used to pass authentication credentials back to the user's app
+ * after OAuth completes in the hosted auth environment.
+ *
+ * @param redirectUrl - The URL to redirect to (user's app)
+ * @param session - The session data to include in the URL
+ * @returns The complete URL with auth params
+ */
+declare function buildLegacyAuthUrl(redirectUrl: string, session: LegacyAuthSession): string;
+export { type LegacyAuthSession, buildLegacyAuthUrl, checkPasswordStrength, createPasswordSchema, emailSchema, isHostedAuthEnvironment, passwordSchema, resolveAuthPath, resolveAuthUrl, validateEmail, validatePassword };

package/dist/lib.d.ts ADDED Viewed

@@ -0,0 +1,111 @@
+import { z } from 'zod';
+/**
+ * Email validation schema
+ */
+declare const emailSchema: z.ZodString;
+/**
+ * Password validation schema with configurable requirements
+ */
+declare function createPasswordSchema(options?: {
+    minLength?: number;
+    requireUppercase?: boolean;
+    requireLowercase?: boolean;
+    requireNumber?: boolean;
+    requireSpecialChar?: boolean;
+}): z.ZodString;
+/**
+ * Default password schema (minimum 6 characters)
+ */
+declare const passwordSchema: z.ZodString;
+/**
+ * Validate email format
+ */
+declare function validateEmail(email: string): {
+    valid: boolean;
+    error?: string;
+};
+/**
+ * Validate password format
+ */
+declare function validatePassword(password: string, options?: Parameters<typeof createPasswordSchema>[0]): {
+    valid: boolean;
+    error?: string;
+};
+/**
+ * Validate password strength based on multiple criteria
+ */
+declare function checkPasswordStrength(password: string): {
+    score: number;
+    feedback: string[];
+};
+/**
+ * Path utilities for handling navigation in auth flows.
+ * Ensures proper path resolution when auth pages are served under a base path (e.g., /auth/)
+ */
+/**
+ * Resolves an auth route path relative to the current location.
+ * If the current path is under /auth/, it will preserve that prefix.
+ * Otherwise, it returns the path as-is.
+ *
+ * @param targetPath - The target auth path (e.g., '/sign-in', '/sign-up')
+ * @returns The resolved path with proper base path handling
+ *
+ * @example
+ * // Current URL: http://localhost:5174/auth/sign-in
+ * resolveAuthPath('/sign-up') // Returns '/auth/sign-up'
+ *
+ * @example
+ * // Current URL: http://localhost:5174/sign-in
+ * resolveAuthPath('/sign-up') // Returns '/sign-up'
+ */
+declare function resolveAuthPath(targetPath: string): string;
+/**
+ * Resolves an auth route URL with search params preserved.
+ * Similar to resolveAuthPath but returns a full URL string with query parameters.
+ *
+ * @param targetPath - The target auth path (e.g., '/sign-in', '/sign-up')
+ * @param searchParams - Optional URLSearchParams to append
+ * @returns The resolved URL as a string
+ *
+ * @example
+ * // Current URL: http://localhost:5174/auth/sign-in?redirect=...
+ * resolveAuthUrl('/sign-up', searchParams) // Returns '/auth/sign-up?redirect=...'
+ */
+declare function resolveAuthUrl(targetPath: string, searchParams?: URLSearchParams): string;
+/**
+ * Check if current environment is a hosted auth environment
+ *
+ * Returns true for:
+ * - localhost with port 7130 (hosted auth app dev)
+ * - https://*.aaspai.app (hosted auth app production)
+ *
+ * @returns true if running in hosted auth environment
+ */
+declare function isHostedAuthEnvironment(): boolean;
+/**
+ * Session data for building legacy auth URL
+ */
+interface LegacyAuthSession {
+    accessToken: string;
+    userId: string;
+    email: string;
+    name?: string;
+    csrfToken?: string;
+}
+/**
+ * Build a legacy flow redirect URL with auth params in query string
+ *
+ * This is used to pass authentication credentials back to the user's app
+ * after OAuth completes in the hosted auth environment.
+ *
+ * @param redirectUrl - The URL to redirect to (user's app)
+ * @param session - The session data to include in the URL
+ * @returns The complete URL with auth params
+ */
+declare function buildLegacyAuthUrl(redirectUrl: string, session: LegacyAuthSession): string;
+export { type LegacyAuthSession, buildLegacyAuthUrl, checkPasswordStrength, createPasswordSchema, emailSchema, isHostedAuthEnvironment, passwordSchema, resolveAuthPath, resolveAuthUrl, validateEmail, validatePassword };

package/dist/lib.js ADDED Viewed

@@ -0,0 +1,128 @@
+import { z } from 'zod';
+// src/lib/validation.ts
+var emailSchema = z.string().min(1, "Email is required").email("Invalid email address");
+function createPasswordSchema(options) {
+  const {
+    minLength = 6,
+    requireUppercase = false,
+    requireLowercase = false,
+    requireNumber = false,
+    requireSpecialChar = false
+  } = options || {};
+  let schema = z.string().min(minLength, `Password must be at least ${minLength} characters`);
+  if (requireUppercase) {
+    schema = schema.regex(/[A-Z]/, "Password must contain at least one uppercase letter");
+  }
+  if (requireLowercase) {
+    schema = schema.regex(/[a-z]/, "Password must contain at least one lowercase letter");
+  }
+  if (requireNumber) {
+    schema = schema.regex(/\d/, "Password must contain at least one number");
+  }
+  if (requireSpecialChar) {
+    schema = schema.regex(
+      /[!@#$%^&*()_+\-=[\]{};':"\\|,.<>/?]/,
+      "Password must contain at least one special character"
+    );
+  }
+  return schema;
+}
+var passwordSchema = createPasswordSchema();
+function validateEmail(email) {
+  const result = emailSchema.safeParse(email);
+  if (result.success) {
+    return { valid: true };
+  }
+  return { valid: false, error: result.error.message };
+}
+function validatePassword(password, options) {
+  const schema = createPasswordSchema(options);
+  const result = schema.safeParse(password);
+  if (result.success) {
+    return { valid: true };
+  }
+  return { valid: false, error: result.error.message };
+}
+function checkPasswordStrength(password) {
+  const feedback = [];
+  let score = 0;
+  if (password.length >= 8) {
+    score += 1;
+  } else {
+    feedback.push("Use at least 8 characters");
+  }
+  if (password.length >= 12) {
+    score += 1;
+  }
+  if (/[a-z]/.test(password) && /[A-Z]/.test(password)) {
+    score += 1;
+  } else {
+    feedback.push("Use both uppercase and lowercase letters");
+  }
+  if (/\d/.test(password)) {
+    score += 1;
+  } else {
+    feedback.push("Include at least one number");
+  }
+  if (/[!@#$%^&*()_+\-=[\]{};':"\\|,.<>/?]/.test(password)) {
+    score += 1;
+  } else {
+    feedback.push("Include at least one special character");
+  }
+  return { score, feedback };
+}
+// src/lib/path-utils.ts
+function resolveAuthPath(targetPath) {
+  if (typeof window === "undefined") {
+    return targetPath;
+  }
+  const currentPath = window.location.pathname;
+  if (currentPath.startsWith("/auth/")) {
+    if (targetPath.startsWith("/auth/")) {
+      return targetPath;
+    }
+    return `/auth${targetPath}`;
+  }
+  return targetPath;
+}
+function resolveAuthUrl(targetPath, searchParams) {
+  const resolvedPath = resolveAuthPath(targetPath);
+  if (!searchParams || searchParams.toString() === "") {
+    return resolvedPath;
+  }
+  return `${resolvedPath}?${searchParams.toString()}`;
+}
+// src/lib/hosted-auth.ts
+function isHostedAuthEnvironment() {
+  if (typeof window === "undefined") {
+    return false;
+  }
+  const { hostname, port, protocol } = window.location;
+  if (hostname === "localhost" && port === "7130") {
+    return true;
+  }
+  if (protocol === "https:" && hostname.endsWith(".aaspai.app")) {
+    return true;
+  }
+  return false;
+}
+function buildLegacyAuthUrl(redirectUrl, session) {
+  const url = new URL(redirectUrl);
+  url.searchParams.set("access_token", session.accessToken);
+  url.searchParams.set("user_id", session.userId);
+  url.searchParams.set("email", session.email);
+  if (session.name) {
+    url.searchParams.set("name", session.name);
+  }
+  if (session.csrfToken) {
+    url.searchParams.set("csrf_token", session.csrfToken);
+  }
+  return url.toString();
+}
+export { buildLegacyAuthUrl, checkPasswordStrength, createPasswordSchema, emailSchema, isHostedAuthEnvironment, passwordSchema, resolveAuthPath, resolveAuthUrl, validateEmail, validatePassword };
+//# sourceMappingURL=lib.js.map
+//# sourceMappingURL=lib.js.map

package/dist/lib.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/lib/validation.ts","../src/lib/path-utils.ts","../src/lib/hosted-auth.ts"],"names":[],"mappings":";;;AAKO,IAAM,WAAA,GAAc,EAAE,MAAA,EAAO,CAAE,IAAI,CAAA,EAAG,mBAAmB,CAAA,CAAE,KAAA,CAAM,uBAAuB;AAKxF,SAAS,qBAAqB,OAAA,EAMlC;AACD,EAAA,MAAM;AAAA,IACJ,SAAA,GAAY,CAAA;AAAA,IACZ,gBAAA,GAAmB,KAAA;AAAA,IACnB,gBAAA,GAAmB,KAAA;AAAA,IACnB,aAAA,GAAgB,KAAA;AAAA,IAChB,kBAAA,GAAqB;AAAA,GACvB,GAAI,WAAW,EAAC;AAEhB,EAAA,IAAI,MAAA,GAAS,EAAE,MAAA,EAAO,CAAE,IAAI,SAAA,EAAW,CAAA,0BAAA,EAA6B,SAAS,CAAA,WAAA,CAAa,CAAA;AAE1F,EAAA,IAAI,gBAAA,EAAkB;AACpB,IAAA,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,OAAA,EAAS,qDAAqD,CAAA;AAAA,EACtF;AAEA,EAAA,IAAI,gBAAA,EAAkB;AACpB,IAAA,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,OAAA,EAAS,qDAAqD,CAAA;AAAA,EACtF;AAEA,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,IAAA,EAAM,2CAA2C,CAAA;AAAA,EACzE;AAEA,EAAA,IAAI,kBAAA,EAAoB;AACtB,IAAA,MAAA,GAAS,MAAA,CAAO,KAAA;AAAA,MACd,qCAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAKO,IAAM,iBAAiB,oBAAA;AAKvB,SAAS,cAAc,KAAA,EAAmD;AAC/E,EAAA,MAAM,MAAA,GAAS,WAAA,CAAY,SAAA,CAAU,KAAK,CAAA;AAC1C,EAAA,IAAI,OAAO,OAAA,EAAS;AAClB,IAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AAAA,EACvB;AACA,EAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,MAAA,CAAO,MAAM,OAAA,EAAQ;AACrD;AAKO,SAAS,gBAAA,CACd,UACA,OAAA,EACoC;AACpC,EAAA,MAAM,MAAA,GAAS,qBAAqB,OAAO,CAAA;AAC3C,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,SAAA,CAAU,QAAQ,CAAA;AACxC,EAAA,IAAI,OAAO,OAAA,EAAS;AAClB,IAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AAAA,EACvB;AACA,EAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,MAAA,CAAO,MAAM,OAAA,EAAQ;AACrD;AAKO,SAAS,sBAAsB,QAAA,EAGpC;AACA,EAAA,MAAM,WAAqB,EAAC;AAC5B,EAAA,IAAI,KAAA,GAAQ,CAAA;AAEZ,EAAA,IAAI,QAAA,CAAS,UAAU,CAAA,EAAG;AACxB,IAAA,KAAA,IAAS,CAAA;AAAA,EACX,CAAA,MAAO;AACL,IAAA,QAAA,CAAS,KAAK,2BAA2B,CAAA;AAAA,EAC3C;AAEA,EAAA,IAAI,QAAA,CAAS,UAAU,EAAA,EAAI;AACzB,IAAA,KAAA,IAAS,CAAA;AAAA,EACX;AAEA,EAAA,IAAI,QAAQ,IAAA,CAAK,QAAQ,KAAK,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG;AACpD,IAAA,KAAA,IAAS,CAAA;AAAA,EACX,CAAA,MAAO;AACL,IAAA,QAAA,CAAS,KAAK,0CAA0C,CAAA;AAAA,EAC1D;AAEA,EAAA,IAAI,IAAA,CAAK,IAAA,CAAK,QAAQ,CAAA,EAAG;AACvB,IAAA,KAAA,IAAS,CAAA;AAAA,EACX,CAAA,MAAO;AACL,IAAA,QAAA,CAAS,KAAK,6BAA6B,CAAA;AAAA,EAC7C;AAEA,EAAA,IAAI,qCAAA,CAAsC,IAAA,CAAK,QAAQ,CAAA,EAAG;AACxD,IAAA,KAAA,IAAS,CAAA;AAAA,EACX,CAAA,MAAO;AACL,IAAA,QAAA,CAAS,KAAK,wCAAwC,CAAA;AAAA,EACxD;AAEA,EAAA,OAAO,EAAE,OAAO,QAAA,EAAS;AAC3B;;;AClGO,SAAS,gBAAgB,UAAA,EAA4B;AAC1D,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,IAAA,OAAO,UAAA;AAAA,EACT;AAEA,EAAA,MAAM,WAAA,GAAc,OAAO,QAAA,CAAS,QAAA;AAGpC,EAAA,IAAI,WAAA,CAAY,UAAA,CAAW,QAAQ,CAAA,EAAG;AAEpC,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,QAAQ,CAAA,EAAG;AACnC,MAAA,OAAO,UAAA;AAAA,IACT;AAEA,IAAA,OAAO,QAAQ,UAAU,CAAA,CAAA;AAAA,EAC3B;AAGA,EAAA,OAAO,UAAA;AACT;AAcO,SAAS,cAAA,CAAe,YAAoB,YAAA,EAAwC;AACzF,EAAA,MAAM,YAAA,GAAe,gBAAgB,UAAU,CAAA;AAE/C,EAAA,IAAI,CAAC,YAAA,IAAgB,YAAA,CAAa,QAAA,OAAe,EAAA,EAAI;AACnD,IAAA,OAAO,YAAA;AAAA,EACT;AAEA,EAAA,OAAO,CAAA,EAAG,YAAY,CAAA,CAAA,EAAI,YAAA,CAAa,UAAU,CAAA,CAAA;AACnD;;;AC/BO,SAAS,uBAAA,GAAmC;AACjD,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,EAAE,QAAA,EAAU,IAAA,EAAM,QAAA,KAAa,MAAA,CAAO,QAAA;AAG5C,EAAA,IAAI,QAAA,KAAa,WAAA,IAAe,IAAA,KAAS,MAAA,EAAQ;AAC/C,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,IAAI,QAAA,KAAa,QAAA,IAAY,QAAA,CAAS,QAAA,CAAS,eAAe,CAAA,EAAG;AAC/D,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO,KAAA;AACT;AAuBO,SAAS,kBAAA,CAAmB,aAAqB,OAAA,EAAoC;AAC1F,EAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,WAAW,CAAA;AAC/B,EAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,cAAA,EAAgB,OAAA,CAAQ,WAAW,CAAA;AACxD,EAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,SAAA,EAAW,OAAA,CAAQ,MAAM,CAAA;AAC9C,EAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAA,EAAS,OAAA,CAAQ,KAAK,CAAA;AAE3C,EAAA,IAAI,QAAQ,IAAA,EAAM;AAChB,IAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,MAAA,EAAQ,OAAA,CAAQ,IAAI,CAAA;AAAA,EAC3C;AAEA,EAAA,IAAI,QAAQ,SAAA,EAAW;AACrB,IAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,YAAA,EAAc,OAAA,CAAQ,SAAS,CAAA;AAAA,EACtD;AAEA,EAAA,OAAO,IAAI,QAAA,EAAS;AACtB","file":"lib.js","sourcesContent":["import { z } from 'zod';\r\n\r\n/**\r\n * Email validation schema\r\n */\r\nexport const emailSchema = z.string().min(1, 'Email is required').email('Invalid email address');\r\n\r\n/**\r\n * Password validation schema with configurable requirements\r\n */\r\nexport function createPasswordSchema(options?: {\r\n minLength?: number;\r\n requireUppercase?: boolean;\r\n requireLowercase?: boolean;\r\n requireNumber?: boolean;\r\n requireSpecialChar?: boolean;\r\n}) {\r\n const {\r\n minLength = 6,\r\n requireUppercase = false,\r\n requireLowercase = false,\r\n requireNumber = false,\r\n requireSpecialChar = false,\r\n } = options || {};\r\n\r\n let schema = z.string().min(minLength, `Password must be at least ${minLength} characters`);\r\n\r\n if (requireUppercase) {\r\n schema = schema.regex(/[A-Z]/, 'Password must contain at least one uppercase letter');\r\n }\r\n\r\n if (requireLowercase) {\r\n schema = schema.regex(/[a-z]/, 'Password must contain at least one lowercase letter');\r\n }\r\n\r\n if (requireNumber) {\r\n schema = schema.regex(/\\d/, 'Password must contain at least one number');\r\n }\r\n\r\n if (requireSpecialChar) {\r\n schema = schema.regex(\r\n /[!@#$%^&*()_+\\-=[\\]{};':\"\\\\|,.<>/?]/,\r\n 'Password must contain at least one special character'\r\n );\r\n }\r\n\r\n return schema;\r\n}\r\n\r\n/**\r\n * Default password schema (minimum 6 characters)\r\n */\r\nexport const passwordSchema = createPasswordSchema();\r\n\r\n/**\r\n * Validate email format\r\n */\r\nexport function validateEmail(email: string): { valid: boolean; error?: string } {\r\n const result = emailSchema.safeParse(email);\r\n if (result.success) {\r\n return { valid: true };\r\n }\r\n return { valid: false, error: result.error.message };\r\n}\r\n\r\n/**\r\n * Validate password format\r\n */\r\nexport function validatePassword(\r\n password: string,\r\n options?: Parameters<typeof createPasswordSchema>[0]\r\n): { valid: boolean; error?: string } {\r\n const schema = createPasswordSchema(options);\r\n const result = schema.safeParse(password);\r\n if (result.success) {\r\n return { valid: true };\r\n }\r\n return { valid: false, error: result.error.message };\r\n}\r\n\r\n/**\r\n * Validate password strength based on multiple criteria\r\n */\r\nexport function checkPasswordStrength(password: string): {\r\n score: number;\r\n feedback: string[];\r\n} {\r\n const feedback: string[] = [];\r\n let score = 0;\r\n\r\n if (password.length >= 8) {\r\n score += 1;\r\n } else {\r\n feedback.push('Use at least 8 characters');\r\n }\r\n\r\n if (password.length >= 12) {\r\n score += 1;\r\n }\r\n\r\n if (/[a-z]/.test(password) && /[A-Z]/.test(password)) {\r\n score += 1;\r\n } else {\r\n feedback.push('Use both uppercase and lowercase letters');\r\n }\r\n\r\n if (/\\d/.test(password)) {\r\n score += 1;\r\n } else {\r\n feedback.push('Include at least one number');\r\n }\r\n\r\n if (/[!@#$%^&*()_+\\-=[\\]{};':\"\\\\|,.<>/?]/.test(password)) {\r\n score += 1;\r\n } else {\r\n feedback.push('Include at least one special character');\r\n }\r\n\r\n return { score, feedback };\r\n}\r\n","/**\r\n * Path utilities for handling navigation in auth flows.\r\n * Ensures proper path resolution when auth pages are served under a base path (e.g., /auth/)\r\n */\r\n\r\n/**\r\n * Resolves an auth route path relative to the current location.\r\n * If the current path is under /auth/, it will preserve that prefix.\r\n * Otherwise, it returns the path as-is.\r\n *\r\n * @param targetPath - The target auth path (e.g., '/sign-in', '/sign-up')\r\n * @returns The resolved path with proper base path handling\r\n *\r\n * @example\r\n * // Current URL: http://localhost:5174/auth/sign-in\r\n * resolveAuthPath('/sign-up') // Returns '/auth/sign-up'\r\n *\r\n * @example\r\n * // Current URL: http://localhost:5174/sign-in\r\n * resolveAuthPath('/sign-up') // Returns '/sign-up'\r\n */\r\nexport function resolveAuthPath(targetPath: string): string {\r\n if (typeof window === 'undefined') {\r\n return targetPath;\r\n }\r\n\r\n const currentPath = window.location.pathname;\r\n\r\n // Check if we're currently under /auth/ base path\r\n if (currentPath.startsWith('/auth/')) {\r\n // If target already has /auth/ prefix, return as-is\r\n if (targetPath.startsWith('/auth/')) {\r\n return targetPath;\r\n }\r\n // Add /auth/ prefix to the target path\r\n return `/auth${targetPath}`;\r\n }\r\n\r\n // Not under /auth/, return target path as-is\r\n return targetPath;\r\n}\r\n\r\n/**\r\n * Resolves an auth route URL with search params preserved.\r\n * Similar to resolveAuthPath but returns a full URL string with query parameters.\r\n *\r\n * @param targetPath - The target auth path (e.g., '/sign-in', '/sign-up')\r\n * @param searchParams - Optional URLSearchParams to append\r\n * @returns The resolved URL as a string\r\n *\r\n * @example\r\n * // Current URL: http://localhost:5174/auth/sign-in?redirect=...\r\n * resolveAuthUrl('/sign-up', searchParams) // Returns '/auth/sign-up?redirect=...'\r\n */\r\nexport function resolveAuthUrl(targetPath: string, searchParams?: URLSearchParams): string {\r\n const resolvedPath = resolveAuthPath(targetPath);\r\n\r\n if (!searchParams || searchParams.toString() === '') {\r\n return resolvedPath;\r\n }\r\n\r\n return `${resolvedPath}?${searchParams.toString()}`;\r\n}\r\n","/**\r\n * Hosted Auth Helpers\r\n *\r\n * Utilities for detecting hosted auth environment and building legacy auth URLs\r\n * for cross-domain authentication flows.\r\n */\r\n\r\n/**\r\n * Get CSRF token from cookie\r\n *\r\n * Reads the aaspai_csrf_token cookie set by the backend after authentication.\r\n * This is needed for OAuth flows where the csrfToken is stored in cookies\r\n * rather than returned in the API response.\r\n *\r\n * @returns The CSRF token value or null if not found\r\n */\r\nexport function getCsrfTokenFromCookie(): string | null {\r\n if (typeof document === 'undefined') return null;\r\n const match = document.cookie.match(/(?:^|;\\s*)aaspai_csrf_token=([^;]*)/);\r\n return match ? decodeURIComponent(match[1]) : null;\r\n}\r\n\r\n/**\r\n * Check if current environment is a hosted auth environment\r\n *\r\n * Returns true for:\r\n * - localhost with port 7130 (hosted auth app dev)\r\n * - https://*.aaspai.app (hosted auth app production)\r\n *\r\n * @returns true if running in hosted auth environment\r\n */\r\nexport function isHostedAuthEnvironment(): boolean {\r\n if (typeof window === 'undefined') {\r\n return false;\r\n }\r\n\r\n const { hostname, port, protocol } = window.location;\r\n\r\n // Local development\r\n if (hostname === 'localhost' && port === '7130') {\r\n return true;\r\n }\r\n\r\n // Production hosted auth\r\n if (protocol === 'https:' && hostname.endsWith('.aaspai.app')) {\r\n return true;\r\n }\r\n\r\n return false;\r\n}\r\n\r\n/**\r\n * Session data for building legacy auth URL\r\n */\r\nexport interface LegacyAuthSession {\r\n accessToken: string;\r\n userId: string;\r\n email: string;\r\n name?: string;\r\n csrfToken?: string;\r\n}\r\n\r\n/**\r\n * Build a legacy flow redirect URL with auth params in query string\r\n *\r\n * This is used to pass authentication credentials back to the user's app\r\n * after OAuth completes in the hosted auth environment.\r\n *\r\n * @param redirectUrl - The URL to redirect to (user's app)\r\n * @param session - The session data to include in the URL\r\n * @returns The complete URL with auth params\r\n */\r\nexport function buildLegacyAuthUrl(redirectUrl: string, session: LegacyAuthSession): string {\r\n const url = new URL(redirectUrl);\r\n url.searchParams.set('access_token', session.accessToken);\r\n url.searchParams.set('user_id', session.userId);\r\n url.searchParams.set('email', session.email);\r\n\r\n if (session.name) {\r\n url.searchParams.set('name', session.name);\r\n }\r\n\r\n if (session.csrfToken) {\r\n url.searchParams.set('csrf_token', session.csrfToken);\r\n }\r\n\r\n return url.toString();\r\n}\r\n"]}

package/dist/navigation.cjs ADDED Viewed

@@ -0,0 +1,56 @@
+'use strict';
+var react = require('react');
+var jsxRuntime = require('react/jsx-runtime');
+// src/navigation/NavigationContext.tsx
+var NavigationContext = react.createContext(null);
+function NavigationProvider({ adapter, children }) {
+  return /* @__PURE__ */ jsxRuntime.jsx(NavigationContext.Provider, { value: adapter, children });
+}
+function useNavigationAdapter() {
+  const adapter = react.useContext(NavigationContext);
+  if (!adapter) {
+    return {
+      useSearchParams: () => new URLSearchParams(),
+      Link: ({ href, children, className }) => /* @__PURE__ */ jsxRuntime.jsx("a", { href, className, children })
+    };
+  }
+  return adapter;
+}
+var BrowserNavigationAdapter = {
+  /**
+   * Returns URLSearchParams from current window.location.search
+   * Note: Not reactive - reads once on component mount
+   * This is sufficient for auth flows where we read initial URL params
+   */
+  useSearchParams() {
+    const [searchParams] = react.useState(() => {
+      if (typeof window === "undefined") {
+        return new URLSearchParams();
+      }
+      return new URLSearchParams(window.location.search);
+    });
+    return searchParams;
+  },
+  /**
+   * Native <a> tag for navigation
+   * Uses full page reload
+   */
+  Link({ href, className, children }) {
+    return /* @__PURE__ */ jsxRuntime.jsx("a", { href, className, children });
+  }
+};
+// src/navigation/useSearchParams.ts
+function useSearchParams() {
+  const adapter = useNavigationAdapter();
+  return adapter.useSearchParams();
+}
+exports.BrowserNavigationAdapter = BrowserNavigationAdapter;
+exports.NavigationProvider = NavigationProvider;
+exports.useNavigationAdapter = useNavigationAdapter;
+exports.useSearchParams = useSearchParams;
+//# sourceMappingURL=navigation.cjs.map
+//# sourceMappingURL=navigation.cjs.map

package/dist/navigation.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/navigation/NavigationContext.tsx","../src/navigation/BrowserNavigationAdapter.tsx","../src/navigation/useSearchParams.ts"],"names":["createContext","useContext","jsx","useState"],"mappings":";;;;;;AAGA,IAAM,iBAAA,GAAoBA,oBAAwC,IAAI,CAAA;AAW/D,SAAS,kBAAA,CAAmB,EAAE,OAAA,EAAS,QAAA,EAAS,EAA4B;AACjF,EAAA,sCAAQ,iBAAA,CAAkB,QAAA,EAAlB,EAA2B,KAAA,EAAO,SAAU,QAAA,EAAS,CAAA;AAC/D;AAMO,SAAS,oBAAA,GAA0C;AACxD,EAAA,MAAM,OAAA,GAAUC,iBAAW,iBAAiB,CAAA;AAE5C,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,OAAO;AAAA,MACL,eAAA,EAAiB,MAAM,IAAI,eAAA,EAAgB;AAAA,MAC3C,IAAA,EAAM,CAAC,EAAE,IAAA,EAAM,QAAA,EAAU,SAAA,EAAU,qBACjCC,cAAA,CAAC,GAAA,EAAA,EAAE,IAAA,EAAY,SAAA,EACZ,QAAA,EACH;AAAA,KAEJ;AAAA,EACF;AAEA,EAAA,OAAO,OAAA;AACT;AC7BO,IAAM,wBAAA,GAA8C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMzD,eAAA,GAAkB;AAChB,IAAA,MAAM,CAAC,YAAY,CAAA,GAAIC,cAAA,CAAS,MAAM;AACpC,MAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,QAAA,OAAO,IAAI,eAAA,EAAgB;AAAA,MAC7B;AACA,MAAA,OAAO,IAAI,eAAA,CAAgB,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA;AAAA,IACnD,CAAC,CAAA;AAED,IAAA,OAAO,YAAA;AAAA,EACT,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAA,CAAK,EAAE,IAAA,EAAM,SAAA,EAAW,UAAS,EAAG;AAClC,IAAA,uBACED,cAAAA,CAAC,GAAA,EAAA,EAAE,IAAA,EAAY,WACZ,QAAA,EACH,CAAA;AAAA,EAEJ;AACF;;;ACnBO,SAAS,eAAA,GAAmC;AACjD,EAAA,MAAM,UAAU,oBAAA,EAAqB;AACrC,EAAA,OAAO,QAAQ,eAAA,EAAgB;AACjC","file":"navigation.cjs","sourcesContent":["import { createContext, useContext, ReactNode } from 'react';\r\nimport type { NavigationAdapter } from './types';\r\n\r\nconst NavigationContext = createContext<NavigationAdapter | null>(null);\r\n\r\nexport interface NavigationProviderProps {\r\n adapter: NavigationAdapter;\r\n children: ReactNode;\r\n}\r\n\r\n/**\r\n * Navigation Provider\r\n * Injects navigation adapter into the component tree\r\n */\r\nexport function NavigationProvider({ adapter, children }: NavigationProviderProps) {\r\n return <NavigationContext.Provider value={adapter}>{children}</NavigationContext.Provider>;\r\n}\r\n\r\n/**\r\n * Hook to access navigation adapter\r\n * @throws Error if used outside NavigationProvider\r\n */\r\nexport function useNavigationAdapter(): NavigationAdapter {\r\n const adapter = useContext(NavigationContext);\r\n\r\n if (!adapter) {\r\n return {\r\n useSearchParams: () => new URLSearchParams(),\r\n Link: ({ href, children, className }) => (\r\n <a href={href} className={className}>\r\n {children}\r\n </a>\r\n ),\r\n };\r\n }\r\n\r\n return adapter;\r\n}\r\n","import { useState } from 'react';\r\nimport type { NavigationAdapter } from './types';\r\n\r\n/**\r\n * Browser native navigation adapter\r\n * Uses browser's native URLSearchParams and <a> tags\r\n * Suitable for vanilla React apps without a routing library\r\n */\r\nexport const BrowserNavigationAdapter: NavigationAdapter = {\r\n /**\r\n * Returns URLSearchParams from current window.location.search\r\n * Note: Not reactive - reads once on component mount\r\n * This is sufficient for auth flows where we read initial URL params\r\n */\r\n useSearchParams() {\r\n const [searchParams] = useState(() => {\r\n if (typeof window === 'undefined') {\r\n return new URLSearchParams();\r\n }\r\n return new URLSearchParams(window.location.search);\r\n });\r\n\r\n return searchParams;\r\n },\r\n\r\n /**\r\n * Native <a> tag for navigation\r\n * Uses full page reload\r\n */\r\n Link({ href, className, children }) {\r\n return (\r\n <a href={href} className={className}>\r\n {children}\r\n </a>\r\n );\r\n },\r\n};\r\n","import { useNavigationAdapter } from './NavigationContext';\r\n\r\n/**\r\n * Hook to get URL search parameters\r\n * Uses the navigation adapter injected by NavigationProvider\r\n *\r\n * @returns URLSearchParams object\r\n *\r\n * @example\r\n * ```tsx\r\n * function MyComponent() {\r\n * const searchParams = useSearchParams();\r\n * const redirectUrl = searchParams.get('redirect') || '/';\r\n * // ...\r\n * }\r\n * ```\r\n */\r\nexport function useSearchParams(): URLSearchParams {\r\n const adapter = useNavigationAdapter();\r\n return adapter.useSearchParams();\r\n}\r\n"]}