@amaster.ai/auth-client 1.0.0-beta.5 → 1.0.0-beta.72

package/dist/{types-CsOvCspq.d.cts → types-DGF9cpAg.d.cts}

@@ -22,20 +22,24 @@
  * @example
  * Minimal configuration (recommended):
  * ```typescript
- * const options: AuthClientOptions = {
+ * const authClient = createAuthClient();
+ * ```
+ *
+ * @example
+ * With callbacks:
+ * ```typescript
+ * const authClient = createAuthClient({
  *   onTokenExpired: () => window.location.href = "/login",
- * };
+ *   onUnauthorized: () => alert("Session expired"),
+ * });
  * ```
  *
  * @example
- * Full configuration:
+ * With custom base URL:
  * ```typescript
- * const options: AuthClientOptions = {
+ * const authClient = createAuthClient({
  *   baseURL: "https://api.example.com",
- *   storage: "sessionStorage",
- *   onTokenExpired: () => handleTokenExpired(),
- *   onUnauthorized: () => handleUnauthorized(),
- * };
+ * });
  * ```
  */
 interface AuthClientOptions {
@@ -50,12 +54,6 @@ interface AuthClientOptions {
      * @example { "x-tenant-id": "tenant123", "x-api-key": "key123" }
      */
     headers?: Record<string, string>;
-    /**
-     * Token storage type (defaults to "localStorage")
-     * - localStorage: Persistent across browser sessions
-     * - sessionStorage: Cleared when browser tab closes
-     */
-    storage?: "localStorage" | "sessionStorage";
     /**
      * Callback when token expires
      * @example () => window.location.href = "/login"
@@ -66,6 +64,35 @@ interface AuthClientOptions {
      * @example () => alert("Session expired")
      */
     onUnauthorized?: () => void;
+    /**
+     * Automatically handle OAuth callback on initialization
+     * When enabled, the client will automatically detect and process OAuth callback URLs with #access_token
+     * @default true
+     * @example
+     * ```typescript
+     * // Enable auto-handling (default)
+     * const authClient = createAuthClient({
+     *   autoHandleOAuthCallback: true,
+     * });
+     *
+     * // Disable if you want to handle OAuth callback manually
+     * const authClient = createAuthClient({
+     *   autoHandleOAuthCallback: false,
+     * });
+     * await authClient.handleOAuthCallback(); // Call manually when needed
+     * ```
+     */
+    autoHandleOAuthCallback?: boolean;
+    /**
+     * Automatically redirect to the current page's `?redirect=...` target after any successful login
+     *
+     * This applies to password login, code login, registration auto-login, mini-program login,
+     * and OAuth callback processing. Set to `false` if your application wants to fully control
+     * post-login navigation.
+     *
+     * @default true
+     */
+    autoRedirectAfterLogin?: boolean;
 }
 /**
  * User information with roles and permissions
@@ -73,7 +100,7 @@ interface AuthClientOptions {
  * Note: This is an optimized format for client-side use.
  * - roles: Only role codes (e.g., ["admin", "user"])
  * - permissions: Only permission names (e.g., ["user.read", "user.write"])
- * - dataScopes: Not included, use getPermissionScope() to load on-demand
+ * - dataScopes: Not included
  *
  * @example
  * ```typescript
@@ -164,46 +191,6 @@ interface Permission {
     description?: string;
     sourceType: "system" | "role" | "direct";
 }
-/**
- * Data scope defining what data a user can access for a permission
- *
- * @example
- * All data:
- * ```typescript
- * { scopeType: "all", scopeFilter: null }
- * ```
- *
- * @example
- * Department-scoped:
- * ```typescript
- * {
- *   scopeType: "department",
- *   scopeFilter: { departmentId: 123 }
- * }
- * ```
- *
- * @example
- * Self only:
- * ```typescript
- * { scopeType: "self", scopeFilter: null }
- * ```
- */
-interface DataScope {
-    /**
-     * Type of data scope:
-     * - "all": User can access all data
-     * - "organization": User can access data in their organization
-     * - "department": User can access data in their department
-     * - "self": User can only access their own data
-     * - "custom": Custom filter defined in scopeFilter
-     */
-    scopeType: "all" | "organization" | "department" | "self" | "custom";
-    /**
-     * Custom filter conditions (used when scopeType="custom")
-     * @example { departmentId: 123, regionId: 456 }
-     */
-    scopeFilter: any;
-}
 /**
  * User registration parameters
  * At least one of username/email/phone must be provided
@@ -343,8 +330,6 @@ interface LoginResponse {
     user: User;
     /** Access token (JWT) for API authentication */
     accessToken: string;
-    /** Refresh token for obtaining new access tokens */
-    refreshToken?: string;
     /** Token expiration time in seconds */
     expiresIn?: number;
 }
@@ -405,7 +390,15 @@ interface ChangePasswordParams {
     oldPassword: string;
     newPassword: string;
 }
-type OAuthProvider = "google" | "github" | "wechat" | "platform";
+/**
+ * OAuth provider types
+ * - google: Google OAuth
+ * - github: GitHub OAuth
+ * - wechat: WeChat Open Platform OAuth (for web/mobile apps)
+ * - wechat_mini: WeChat Mini Program login
+ * - platform: AMaster Platform OAuth
+ */
+type OAuthProvider = "google" | "github" | "wechat" | "wechat_mini" | "platform";
 interface OAuthBinding {
     provider: OAuthProvider;
     providerId: string;
@@ -414,6 +407,15 @@ interface OAuthBinding {
     avatarUrl: string | null;
     createdAt: string;
 }
+/**
+ * WeChat Mini Program phone number response
+ */
+interface MiniProgramPhoneResponse {
+    /** Phone number with country code (e.g., "+8613800138000") */
+    phone: string;
+    /** Whether the phone number is verified by WeChat */
+    phoneVerified: boolean;
+}
 /**
  * Session information for multi-device management
  *
@@ -485,16 +487,5 @@ interface RevokeAllSessionsResponse {
     timestamp?: string;
     revokedCount: number;
 }
-interface CheckPermissionResponse {
-    hasPermission: boolean;
-    dataScope?: DataScope;
-}
-interface BatchCheckPermissionsResponse {
-    [permission: string]: boolean;
-}
-interface PermissionScopeResponse {
-    permission: string;
-    dataScope: DataScope;
-}
 
-export type { AuthClientOptions as A, BatchCheckPermissionsResponse as B, ChangePasswordParams as C, DataScope as D, EventHandler as E, LoginParams as L, OAuthBinding as O, Permission as P, RefreshTokenResponse as R, SendCodeParams as S, UpdateMeParams as U, AuthEvent as a, CaptchaResponse as b, CheckPermissionResponse as c, CodeLoginParams as d, CodeLoginType as e, LoginResponse as f, LoginType as g, OAuthProvider as h, PermissionDetail as i, PermissionScopeResponse as j, RegisterParams as k, RegisterResponse as l, RevokeAllSessionsResponse as m, Role as n, RoleDetail as o, SendCodeType as p, Session as q, SuccessResponse as r, User as s };
+export type { AuthClientOptions as A, ChangePasswordParams as C, EventHandler as E, LoginParams as L, MiniProgramPhoneResponse as M, OAuthBinding as O, Permission as P, RefreshTokenResponse as R, SendCodeParams as S, UpdateMeParams as U, AuthEvent as a, CaptchaResponse as b, CodeLoginParams as c, CodeLoginType as d, LoginResponse as e, LoginType as f, OAuthProvider as g, PermissionDetail as h, RegisterParams as i, RegisterResponse as j, RevokeAllSessionsResponse as k, Role as l, RoleDetail as m, SendCodeType as n, Session as o, SuccessResponse as p, User as q };

package/dist/{types-CsOvCspq.d.ts → types-DGF9cpAg.d.ts}

@@ -22,20 +22,24 @@
  * @example
  * Minimal configuration (recommended):
  * ```typescript
- * const options: AuthClientOptions = {
+ * const authClient = createAuthClient();
+ * ```
+ *
+ * @example
+ * With callbacks:
+ * ```typescript
+ * const authClient = createAuthClient({
  *   onTokenExpired: () => window.location.href = "/login",
- * };
+ *   onUnauthorized: () => alert("Session expired"),
+ * });
  * ```
  *
  * @example
- * Full configuration:
+ * With custom base URL:
  * ```typescript
- * const options: AuthClientOptions = {
+ * const authClient = createAuthClient({
  *   baseURL: "https://api.example.com",
- *   storage: "sessionStorage",
- *   onTokenExpired: () => handleTokenExpired(),
- *   onUnauthorized: () => handleUnauthorized(),
- * };
+ * });
  * ```
  */
 interface AuthClientOptions {
@@ -50,12 +54,6 @@ interface AuthClientOptions {
      * @example { "x-tenant-id": "tenant123", "x-api-key": "key123" }
      */
     headers?: Record<string, string>;
-    /**
-     * Token storage type (defaults to "localStorage")
-     * - localStorage: Persistent across browser sessions
-     * - sessionStorage: Cleared when browser tab closes
-     */
-    storage?: "localStorage" | "sessionStorage";
     /**
      * Callback when token expires
      * @example () => window.location.href = "/login"
@@ -66,6 +64,35 @@ interface AuthClientOptions {
      * @example () => alert("Session expired")
      */
     onUnauthorized?: () => void;
+    /**
+     * Automatically handle OAuth callback on initialization
+     * When enabled, the client will automatically detect and process OAuth callback URLs with #access_token
+     * @default true
+     * @example
+     * ```typescript
+     * // Enable auto-handling (default)
+     * const authClient = createAuthClient({
+     *   autoHandleOAuthCallback: true,
+     * });
+     *
+     * // Disable if you want to handle OAuth callback manually
+     * const authClient = createAuthClient({
+     *   autoHandleOAuthCallback: false,
+     * });
+     * await authClient.handleOAuthCallback(); // Call manually when needed
+     * ```
+     */
+    autoHandleOAuthCallback?: boolean;
+    /**
+     * Automatically redirect to the current page's `?redirect=...` target after any successful login
+     *
+     * This applies to password login, code login, registration auto-login, mini-program login,
+     * and OAuth callback processing. Set to `false` if your application wants to fully control
+     * post-login navigation.
+     *
+     * @default true
+     */
+    autoRedirectAfterLogin?: boolean;
 }
 /**
  * User information with roles and permissions
@@ -73,7 +100,7 @@ interface AuthClientOptions {
  * Note: This is an optimized format for client-side use.
  * - roles: Only role codes (e.g., ["admin", "user"])
  * - permissions: Only permission names (e.g., ["user.read", "user.write"])
- * - dataScopes: Not included, use getPermissionScope() to load on-demand
+ * - dataScopes: Not included
  *
  * @example
  * ```typescript
@@ -164,46 +191,6 @@ interface Permission {
     description?: string;
     sourceType: "system" | "role" | "direct";
 }
-/**
- * Data scope defining what data a user can access for a permission
- *
- * @example
- * All data:
- * ```typescript
- * { scopeType: "all", scopeFilter: null }
- * ```
- *
- * @example
- * Department-scoped:
- * ```typescript
- * {
- *   scopeType: "department",
- *   scopeFilter: { departmentId: 123 }
- * }
- * ```
- *
- * @example
- * Self only:
- * ```typescript
- * { scopeType: "self", scopeFilter: null }
- * ```
- */
-interface DataScope {
-    /**
-     * Type of data scope:
-     * - "all": User can access all data
-     * - "organization": User can access data in their organization
-     * - "department": User can access data in their department
-     * - "self": User can only access their own data
-     * - "custom": Custom filter defined in scopeFilter
-     */
-    scopeType: "all" | "organization" | "department" | "self" | "custom";
-    /**
-     * Custom filter conditions (used when scopeType="custom")
-     * @example { departmentId: 123, regionId: 456 }
-     */
-    scopeFilter: any;
-}
 /**
  * User registration parameters
  * At least one of username/email/phone must be provided
@@ -343,8 +330,6 @@ interface LoginResponse {
     user: User;
     /** Access token (JWT) for API authentication */
     accessToken: string;
-    /** Refresh token for obtaining new access tokens */
-    refreshToken?: string;
     /** Token expiration time in seconds */
     expiresIn?: number;
 }
@@ -405,7 +390,15 @@ interface ChangePasswordParams {
     oldPassword: string;
     newPassword: string;
 }
-type OAuthProvider = "google" | "github" | "wechat" | "platform";
+/**
+ * OAuth provider types
+ * - google: Google OAuth
+ * - github: GitHub OAuth
+ * - wechat: WeChat Open Platform OAuth (for web/mobile apps)
+ * - wechat_mini: WeChat Mini Program login
+ * - platform: AMaster Platform OAuth
+ */
+type OAuthProvider = "google" | "github" | "wechat" | "wechat_mini" | "platform";
 interface OAuthBinding {
     provider: OAuthProvider;
     providerId: string;
@@ -414,6 +407,15 @@ interface OAuthBinding {
     avatarUrl: string | null;
     createdAt: string;
 }
+/**
+ * WeChat Mini Program phone number response
+ */
+interface MiniProgramPhoneResponse {
+    /** Phone number with country code (e.g., "+8613800138000") */
+    phone: string;
+    /** Whether the phone number is verified by WeChat */
+    phoneVerified: boolean;
+}
 /**
  * Session information for multi-device management
  *
@@ -485,16 +487,5 @@ interface RevokeAllSessionsResponse {
     timestamp?: string;
     revokedCount: number;
 }
-interface CheckPermissionResponse {
-    hasPermission: boolean;
-    dataScope?: DataScope;
-}
-interface BatchCheckPermissionsResponse {
-    [permission: string]: boolean;
-}
-interface PermissionScopeResponse {
-    permission: string;
-    dataScope: DataScope;
-}
 
-export type { AuthClientOptions as A, BatchCheckPermissionsResponse as B, ChangePasswordParams as C, DataScope as D, EventHandler as E, LoginParams as L, OAuthBinding as O, Permission as P, RefreshTokenResponse as R, SendCodeParams as S, UpdateMeParams as U, AuthEvent as a, CaptchaResponse as b, CheckPermissionResponse as c, CodeLoginParams as d, CodeLoginType as e, LoginResponse as f, LoginType as g, OAuthProvider as h, PermissionDetail as i, PermissionScopeResponse as j, RegisterParams as k, RegisterResponse as l, RevokeAllSessionsResponse as m, Role as n, RoleDetail as o, SendCodeType as p, Session as q, SuccessResponse as r, User as s };
+export type { AuthClientOptions as A, ChangePasswordParams as C, EventHandler as E, LoginParams as L, MiniProgramPhoneResponse as M, OAuthBinding as O, Permission as P, RefreshTokenResponse as R, SendCodeParams as S, UpdateMeParams as U, AuthEvent as a, CaptchaResponse as b, CodeLoginParams as c, CodeLoginType as d, LoginResponse as e, LoginType as f, OAuthProvider as g, PermissionDetail as h, RegisterParams as i, RegisterResponse as j, RevokeAllSessionsResponse as k, Role as l, RoleDetail as m, SendCodeType as n, Session as o, SuccessResponse as p, User as q };

package/dist/user.d.cts

@@ -14,7 +14,7 @@
  * ============================================================================
  */
 import { HttpClient, ClientResult } from '@amaster.ai/http-client';
-import { s as User, U as UpdateMeParams, C as ChangePasswordParams, r as SuccessResponse } from './types-CsOvCspq.cjs';
+import { q as User, U as UpdateMeParams, C as ChangePasswordParams, p as SuccessResponse } from './types-DGF9cpAg.cjs';
 
 /**
  * User Management Module

package/dist/user.d.ts

@@ -14,7 +14,7 @@
  * ============================================================================
  */
 import { HttpClient, ClientResult } from '@amaster.ai/http-client';
-import { s as User, U as UpdateMeParams, C as ChangePasswordParams, r as SuccessResponse } from './types-CsOvCspq.js';
+import { q as User, U as UpdateMeParams, C as ChangePasswordParams, p as SuccessResponse } from './types-DGF9cpAg.js';
 
 /**
  * User Management Module

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@amaster.ai/auth-client",
-  "version": "1.0.0-beta.5",
+  "version": "1.0.0-beta.72",
   "description": "Authentication SDK for Amaster platform",
   "type": "module",
   "main": "./dist/index.cjs",
@@ -47,7 +47,7 @@
     "registry": "https://registry.npmjs.org/"
   },
   "dependencies": {
-    "@amaster.ai/http-client": "1.0.0-beta.6"
+    "@amaster.ai/http-client": "1.0.0-beta.72"
   },
   "peerDependencies": {
     "axios": "^1.11.0"