@anarchitects/auth-angular 0.0.1

package/fesm2022/anarchitects-auth-angular-state.mjs

@@ -0,0 +1,175 @@
+import { AuthApi } from '@anarchitects/auth-angular/data-access';
+import { createAppAbility } from '@anarchitects/auth-angular/util';
+import { inject, computed } from '@angular/core';
+import { tapResponse } from '@ngrx/operators';
+import { signalStore, withState, withProps, withComputed, withMethods, patchState } from '@ngrx/signals';
+import { withEntities, setAllEntities, removeAllEntities } from '@ngrx/signals/entities';
+import { rxMethod } from '@ngrx/signals/rxjs-interop';
+import { jwtDecode } from 'jwt-decode';
+import { pipe, tap, switchMap, EMPTY } from 'rxjs';
+
+const initialState = {
+    loading: false,
+    error: null,
+    success: false,
+    ability: undefined,
+};
+const AuthStore = signalStore({ providedIn: 'root' }, withState(initialState), withEntities(), withProps(() => ({
+    _authApi: inject(AuthApi),
+})), withComputed((store) => ({
+    isLoggedIn: computed(() => !!store.entities().length),
+    loggedInUser: computed(() => store.entities()[0]),
+})), withMethods((store) => ({
+    registerUser: rxMethod(pipe(tap(() => patchState(store, { loading: true, error: null })), switchMap((dto) => store._authApi.registerUser(dto).pipe(tapResponse({
+        next: ({ success }) => {
+            patchState(store, { success });
+        },
+        error: (error) => {
+            patchState(store, { error });
+        },
+        finalize: () => {
+            patchState(store, { loading: false });
+        },
+    }))))),
+    activateUser: rxMethod(pipe(tap(() => patchState(store, { loading: true, error: null })), switchMap((dto) => store._authApi.activateUser(dto).pipe(tapResponse({
+        next: ({ success }) => {
+            patchState(store, { success });
+        },
+        error: (error) => {
+            patchState(store, { error });
+        },
+        finalize: () => {
+            patchState(store, { loading: false });
+        },
+    }))))),
+    login: rxMethod(pipe(tap(() => patchState(store, { loading: true, error: null })), switchMap((dto) => store._authApi.login(dto).pipe(switchMap(({ accessToken, refreshToken }) => {
+        localStorage.setItem('accessToken', accessToken);
+        localStorage.setItem('refreshToken', refreshToken);
+        const decoded = jwtDecode(accessToken);
+        if (!decoded.sub) {
+            patchState(store, { error: 'Invalid access token payload.' });
+            return EMPTY;
+        }
+        return store._authApi.getLoggedInUserInfo();
+    }), tapResponse({
+        next: ({ user, rbac }) => {
+            const authUser = {
+                id: user.id,
+                email: user.email,
+            };
+            patchState(store, setAllEntities([authUser]), {
+                ability: createAppAbility(rbac),
+                success: true,
+            });
+        },
+        error: (error) => {
+            patchState(store, { error });
+        },
+        finalize: () => {
+            patchState(store, { loading: false });
+        },
+    }))))),
+    logout: rxMethod(pipe(tap(() => patchState(store, { loading: true, error: null })), switchMap((dto) => store._authApi.logout(dto).pipe(tapResponse({
+        next: ({ success }) => {
+            patchState(store, { success });
+            localStorage.removeItem('accessToken');
+            localStorage.removeItem('refreshToken');
+            patchState(store, removeAllEntities());
+        },
+        error: (error) => {
+            patchState(store, { error });
+        },
+        finalize: () => {
+            patchState(store, { loading: false });
+        },
+    }))))),
+    changePassword: rxMethod(pipe(tap(() => patchState(store, { loading: true, error: null })), switchMap(({ userId, dto }) => store._authApi.changePassword(userId, dto).pipe(tapResponse({
+        next: ({ success }) => {
+            patchState(store, { success });
+        },
+        error: (error) => {
+            patchState(store, { error });
+        },
+        finalize: () => {
+            patchState(store, { loading: false });
+        },
+    }))))),
+    forgotPassword: rxMethod(pipe(tap(() => patchState(store, { loading: true, error: null })), switchMap((dto) => store._authApi.forgotPassword(dto).pipe(tapResponse({
+        next: ({ success }) => {
+            patchState(store, { success });
+        },
+        error: (error) => {
+            patchState(store, { error });
+        },
+        finalize: () => {
+            patchState(store, { loading: false });
+        },
+    }))))),
+    resetPassword: rxMethod(pipe(tap(() => patchState(store, { loading: true, error: null })), switchMap(({ dto }) => store._authApi.resetPassword(dto).pipe(tapResponse({
+        next: ({ success }) => {
+            patchState(store, { success });
+        },
+        error: (error) => {
+            patchState(store, { error });
+        },
+        finalize: () => {
+            patchState(store, { loading: false });
+        },
+    }))))),
+    verifyEmail: rxMethod(pipe(tap(() => patchState(store, { loading: true, error: null })), switchMap((dto) => store._authApi.verifyEmail(dto).pipe(tapResponse({
+        next: ({ success }) => {
+            patchState(store, { success });
+        },
+        error: (error) => {
+            patchState(store, { error });
+        },
+        finalize: () => {
+            patchState(store, { loading: false });
+        },
+    }))))),
+    updateEmail: rxMethod(pipe(tap(() => patchState(store, { loading: true, error: null })), switchMap(({ userId, dto }) => store._authApi.updateEmail(userId, dto).pipe(tapResponse({
+        next: ({ success }) => {
+            patchState(store, { success });
+        },
+        error: (error) => {
+            patchState(store, { error });
+        },
+        finalize: () => {
+            patchState(store, { loading: false });
+        },
+    }))))),
+    refreshTokens: rxMethod(pipe(tap(() => patchState(store, { loading: true, error: null })), switchMap(({ userId, dto }) => store._authApi.refreshTokens(userId, dto).pipe(switchMap(({ accessToken, refreshToken }) => {
+        localStorage.setItem('accessToken', accessToken);
+        localStorage.setItem('refreshToken', refreshToken);
+        const decoded = jwtDecode(accessToken);
+        if (!decoded.sub) {
+            patchState(store, { error: 'Invalid access token payload.' });
+            return EMPTY;
+        }
+        return store._authApi.getLoggedInUserInfo();
+    }), tapResponse({
+        next: ({ user, rbac }) => {
+            const authUser = {
+                id: user.id,
+                email: user.email,
+            };
+            patchState(store, setAllEntities([authUser]), {
+                ability: createAppAbility(rbac),
+                success: true,
+            });
+        },
+        error: (error) => {
+            patchState(store, { error });
+        },
+        finalize: () => {
+            patchState(store, { loading: false });
+        },
+    }))))),
+})));
+
+/**
+ * Generated bundle index. Do not edit.
+ */
+
+export { AuthStore };
+//# sourceMappingURL=anarchitects-auth-angular-state.mjs.map

package/fesm2022/anarchitects-auth-angular-state.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"anarchitects-auth-angular-state.mjs","sources":["../../../../../libs/auth/angular/state/src/auth.store.ts","../../../../../libs/auth/angular/state/src/anarchitects-auth-angular-state.ts"],"sourcesContent":["import { AuthApi } from '@anarchitects/auth-angular/data-access';\nimport { createAppAbility } from '@anarchitects/auth-angular/util';\nimport {\n  ActivateUserRequestDTO,\n  ChangePasswordRequestDTO,\n  ForgotPasswordRequestDTO,\n  LoginRequestDTO,\n  LogoutRequestDTO,\n  RefreshTokenRequestDTO,\n  RegisterRequestDTO,\n  ResetPasswordRequestDTO,\n  UpdateEmailRequestDTO,\n  VerifyEmailRequestDTO,\n} from '@anarchitects/auth-ts/dtos';\nimport { User } from '@anarchitects/auth-ts/models';\nimport { computed, inject } from '@angular/core';\nimport { PureAbility } from '@casl/ability';\nimport { tapResponse } from '@ngrx/operators';\nimport {\n  patchState,\n  signalStore,\n  withComputed,\n  withMethods,\n  withProps,\n  withState,\n} from '@ngrx/signals';\nimport {\n  removeAllEntities,\n  setAllEntities,\n  withEntities,\n} from '@ngrx/signals/entities';\nimport { rxMethod } from '@ngrx/signals/rxjs-interop';\nimport { jwtDecode } from 'jwt-decode';\nimport { EMPTY, pipe, switchMap, tap } from 'rxjs';\n\ntype AuthState = {\n  loading: boolean;\n  error: string | null;\n  success: boolean;\n  ability?: PureAbility;\n};\n\ntype AuthUser = Pick<User, 'id' | 'email'>;\n\nconst initialState: AuthState = {\n  loading: false,\n  error: null,\n  success: false,\n  ability: undefined,\n};\n\nexport const AuthStore = signalStore(\n  { providedIn: 'root' },\n  withState(initialState),\n  withEntities<AuthUser>(),\n  withProps(() => ({\n    _authApi: inject(AuthApi),\n  })),\n  withComputed((store) => ({\n    isLoggedIn: computed(() => !!store.entities().length),\n    loggedInUser: computed(() => store.entities()[0]),\n  })),\n  withMethods((store) => ({\n    registerUser: rxMethod<RegisterRequestDTO>(\n      pipe(\n        tap(() => patchState(store, { loading: true, error: null })),\n        switchMap((dto) =>\n          store._authApi.registerUser(dto).pipe(\n            tapResponse({\n              next: ({ success }) => {\n                patchState(store, { success });\n              },\n              error: (error: string) => {\n                patchState(store, { error });\n              },\n              finalize: () => {\n                patchState(store, { loading: false });\n              },\n            })\n          )\n        )\n      )\n    ),\n    activateUser: rxMethod<ActivateUserRequestDTO>(\n      pipe(\n        tap(() => patchState(store, { loading: true, error: null })),\n        switchMap((dto) =>\n          store._authApi.activateUser(dto).pipe(\n            tapResponse({\n              next: ({ success }) => {\n                patchState(store, { success });\n              },\n              error: (error: string) => {\n                patchState(store, { error });\n              },\n              finalize: () => {\n                patchState(store, { loading: false });\n              },\n            })\n          )\n        )\n      )\n    ),\n    login: rxMethod<LoginRequestDTO>(\n      pipe(\n        tap(() => patchState(store, { loading: true, error: null })),\n        switchMap((dto) =>\n          store._authApi.login(dto).pipe(\n            switchMap(({ accessToken, refreshToken }) => {\n              localStorage.setItem('accessToken', accessToken);\n              localStorage.setItem('refreshToken', refreshToken);\n              const decoded = jwtDecode<{ sub?: string }>(accessToken);\n              if (!decoded.sub) {\n                patchState(store, { error: 'Invalid access token payload.' });\n                return EMPTY;\n              }\n              return store._authApi.getLoggedInUserInfo();\n            }),\n            tapResponse({\n              next: ({ user, rbac }) => {\n                const authUser: AuthUser = {\n                  id: user.id,\n                  email: user.email,\n                };\n                patchState(store, setAllEntities([authUser]), {\n                  ability: createAppAbility(rbac),\n                  success: true,\n                });\n              },\n              error: (error: string) => {\n                patchState(store, { error });\n              },\n              finalize: () => {\n                patchState(store, { loading: false });\n              },\n            })\n          )\n        )\n      )\n    ),\n    logout: rxMethod<LogoutRequestDTO>(\n      pipe(\n        tap(() => patchState(store, { loading: true, error: null })),\n        switchMap((dto) =>\n          store._authApi.logout(dto).pipe(\n            tapResponse({\n              next: ({ success }) => {\n                patchState(store, { success });\n                localStorage.removeItem('accessToken');\n                localStorage.removeItem('refreshToken');\n                patchState(store, removeAllEntities());\n              },\n              error: (error: string) => {\n                patchState(store, { error });\n              },\n              finalize: () => {\n                patchState(store, { loading: false });\n              },\n            })\n          )\n        )\n      )\n    ),\n    changePassword: rxMethod<{ userId: string; dto: ChangePasswordRequestDTO }>(\n      pipe(\n        tap(() => patchState(store, { loading: true, error: null })),\n        switchMap(({ userId, dto }) =>\n          store._authApi.changePassword(userId, dto).pipe(\n            tapResponse({\n              next: ({ success }) => {\n                patchState(store, { success });\n              },\n              error: (error: string) => {\n                patchState(store, { error });\n              },\n              finalize: () => {\n                patchState(store, { loading: false });\n              },\n            })\n          )\n        )\n      )\n    ),\n    forgotPassword: rxMethod<ForgotPasswordRequestDTO>(\n      pipe(\n        tap(() => patchState(store, { loading: true, error: null })),\n        switchMap((dto) =>\n          store._authApi.forgotPassword(dto).pipe(\n            tapResponse({\n              next: ({ success }) => {\n                patchState(store, { success });\n              },\n              error: (error: string) => {\n                patchState(store, { error });\n              },\n              finalize: () => {\n                patchState(store, { loading: false });\n              },\n            })\n          )\n        )\n      )\n    ),\n    resetPassword: rxMethod<{ dto: ResetPasswordRequestDTO }>(\n      pipe(\n        tap(() => patchState(store, { loading: true, error: null })),\n        switchMap(({ dto }) =>\n          store._authApi.resetPassword(dto).pipe(\n            tapResponse({\n              next: ({ success }) => {\n                patchState(store, { success });\n              },\n              error: (error: string) => {\n                patchState(store, { error });\n              },\n              finalize: () => {\n                patchState(store, { loading: false });\n              },\n            })\n          )\n        )\n      )\n    ),\n    verifyEmail: rxMethod<VerifyEmailRequestDTO>(\n      pipe(\n        tap(() => patchState(store, { loading: true, error: null })),\n        switchMap((dto) =>\n          store._authApi.verifyEmail(dto).pipe(\n            tapResponse({\n              next: ({ success }) => {\n                patchState(store, { success });\n              },\n              error: (error: string) => {\n                patchState(store, { error });\n              },\n              finalize: () => {\n                patchState(store, { loading: false });\n              },\n            })\n          )\n        )\n      )\n    ),\n    updateEmail: rxMethod<{ userId: string; dto: UpdateEmailRequestDTO }>(\n      pipe(\n        tap(() => patchState(store, { loading: true, error: null })),\n        switchMap(({ userId, dto }) =>\n          store._authApi.updateEmail(userId, dto).pipe(\n            tapResponse({\n              next: ({ success }) => {\n                patchState(store, { success });\n              },\n              error: (error: string) => {\n                patchState(store, { error });\n              },\n              finalize: () => {\n                patchState(store, { loading: false });\n              },\n            })\n          )\n        )\n      )\n    ),\n    refreshTokens: rxMethod<{ userId: string; dto: RefreshTokenRequestDTO }>(\n      pipe(\n        tap(() => patchState(store, { loading: true, error: null })),\n        switchMap(({ userId, dto }) =>\n          store._authApi.refreshTokens(userId, dto).pipe(\n            switchMap(({ accessToken, refreshToken }) => {\n              localStorage.setItem('accessToken', accessToken);\n              localStorage.setItem('refreshToken', refreshToken);\n              const decoded = jwtDecode<{ sub?: string }>(accessToken);\n              if (!decoded.sub) {\n                patchState(store, { error: 'Invalid access token payload.' });\n                return EMPTY;\n              }\n              return store._authApi.getLoggedInUserInfo();\n            }),\n            tapResponse({\n              next: ({ user, rbac }) => {\n                const authUser: AuthUser = {\n                  id: user.id,\n                  email: user.email,\n                };\n                patchState(store, setAllEntities([authUser]), {\n                  ability: createAppAbility(rbac),\n                  success: true,\n                });\n              },\n              error: (error: string) => {\n                patchState(store, { error });\n              },\n              finalize: () => {\n                patchState(store, { loading: false });\n              },\n            })\n          )\n        )\n      )\n    ),\n  }))\n);\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './index';\n"],"names":[],"mappings":";;;;;;;;;;AA4CA,MAAM,YAAY,GAAc;AAC9B,IAAA,OAAO,EAAE,KAAK;AACd,IAAA,KAAK,EAAE,IAAI;AACX,IAAA,OAAO,EAAE,KAAK;AACd,IAAA,OAAO,EAAE,SAAS;CACnB;AAEM,MAAM,SAAS,GAAG,WAAW,CAClC,EAAE,UAAU,EAAE,MAAM,EAAE,EACtB,SAAS,CAAC,YAAY,CAAC,EACvB,YAAY,EAAY,EACxB,SAAS,CAAC,OAAO;AACf,IAAA,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC;CAC1B,CAAC,CAAC,EACH,YAAY,CAAC,CAAC,KAAK,MAAM;AACvB,IAAA,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,MAAM,CAAC;AACrD,IAAA,YAAY,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC;CAClD,CAAC,CAAC,EACH,WAAW,CAAC,CAAC,KAAK,MAAM;IACtB,YAAY,EAAE,QAAQ,CACpB,IAAI,CACF,GAAG,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC5D,SAAS,CAAC,CAAC,GAAG,KACZ,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CACnC,WAAW,CAAC;AACV,QAAA,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,KAAI;AACpB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC;QAChC,CAAC;AACD,QAAA,KAAK,EAAE,CAAC,KAAa,KAAI;AACvB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,QAAQ,EAAE,MAAK;YACb,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACvC,CAAC;KACF,CAAC,CACH,CACF,CACF,CACF;IACD,YAAY,EAAE,QAAQ,CACpB,IAAI,CACF,GAAG,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC5D,SAAS,CAAC,CAAC,GAAG,KACZ,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CACnC,WAAW,CAAC;AACV,QAAA,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,KAAI;AACpB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC;QAChC,CAAC;AACD,QAAA,KAAK,EAAE,CAAC,KAAa,KAAI;AACvB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,QAAQ,EAAE,MAAK;YACb,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACvC,CAAC;KACF,CAAC,CACH,CACF,CACF,CACF;IACD,KAAK,EAAE,QAAQ,CACb,IAAI,CACF,GAAG,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC5D,SAAS,CAAC,CAAC,GAAG,KACZ,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAC5B,SAAS,CAAC,CAAC,EAAE,WAAW,EAAE,YAAY,EAAE,KAAI;AAC1C,QAAA,YAAY,CAAC,OAAO,CAAC,aAAa,EAAE,WAAW,CAAC;AAChD,QAAA,YAAY,CAAC,OAAO,CAAC,cAAc,EAAE,YAAY,CAAC;AAClD,QAAA,MAAM,OAAO,GAAG,SAAS,CAAmB,WAAW,CAAC;AACxD,QAAA,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE;YAChB,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,+BAA+B,EAAE,CAAC;AAC7D,YAAA,OAAO,KAAK;QACd;AACA,QAAA,OAAO,KAAK,CAAC,QAAQ,CAAC,mBAAmB,EAAE;IAC7C,CAAC,CAAC,EACF,WAAW,CAAC;QACV,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,KAAI;AACvB,YAAA,MAAM,QAAQ,GAAa;gBACzB,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;YACD,UAAU,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE;AAC5C,gBAAA,OAAO,EAAE,gBAAgB,CAAC,IAAI,CAAC;AAC/B,gBAAA,OAAO,EAAE,IAAI;AACd,aAAA,CAAC;QACJ,CAAC;AACD,QAAA,KAAK,EAAE,CAAC,KAAa,KAAI;AACvB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,QAAQ,EAAE,MAAK;YACb,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACvC,CAAC;KACF,CAAC,CACH,CACF,CACF,CACF;IACD,MAAM,EAAE,QAAQ,CACd,IAAI,CACF,GAAG,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC5D,SAAS,CAAC,CAAC,GAAG,KACZ,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAC7B,WAAW,CAAC;AACV,QAAA,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,KAAI;AACpB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC;AAC9B,YAAA,YAAY,CAAC,UAAU,CAAC,aAAa,CAAC;AACtC,YAAA,YAAY,CAAC,UAAU,CAAC,cAAc,CAAC;AACvC,YAAA,UAAU,CAAC,KAAK,EAAE,iBAAiB,EAAE,CAAC;QACxC,CAAC;AACD,QAAA,KAAK,EAAE,CAAC,KAAa,KAAI;AACvB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,QAAQ,EAAE,MAAK;YACb,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACvC,CAAC;KACF,CAAC,CACH,CACF,CACF,CACF;IACD,cAAc,EAAE,QAAQ,CACtB,IAAI,CACF,GAAG,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC5D,SAAS,CAAC,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,KACxB,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,CAC7C,WAAW,CAAC;AACV,QAAA,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,KAAI;AACpB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC;QAChC,CAAC;AACD,QAAA,KAAK,EAAE,CAAC,KAAa,KAAI;AACvB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,QAAQ,EAAE,MAAK;YACb,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACvC,CAAC;KACF,CAAC,CACH,CACF,CACF,CACF;IACD,cAAc,EAAE,QAAQ,CACtB,IAAI,CACF,GAAG,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC5D,SAAS,CAAC,CAAC,GAAG,KACZ,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,IAAI,CACrC,WAAW,CAAC;AACV,QAAA,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,KAAI;AACpB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC;QAChC,CAAC;AACD,QAAA,KAAK,EAAE,CAAC,KAAa,KAAI;AACvB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,QAAQ,EAAE,MAAK;YACb,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACvC,CAAC;KACF,CAAC,CACH,CACF,CACF,CACF;IACD,aAAa,EAAE,QAAQ,CACrB,IAAI,CACF,GAAG,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC5D,SAAS,CAAC,CAAC,EAAE,GAAG,EAAE,KAChB,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,IAAI,CACpC,WAAW,CAAC;AACV,QAAA,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,KAAI;AACpB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC;QAChC,CAAC;AACD,QAAA,KAAK,EAAE,CAAC,KAAa,KAAI;AACvB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,QAAQ,EAAE,MAAK;YACb,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACvC,CAAC;KACF,CAAC,CACH,CACF,CACF,CACF;IACD,WAAW,EAAE,QAAQ,CACnB,IAAI,CACF,GAAG,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC5D,SAAS,CAAC,CAAC,GAAG,KACZ,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,IAAI,CAClC,WAAW,CAAC;AACV,QAAA,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,KAAI;AACpB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC;QAChC,CAAC;AACD,QAAA,KAAK,EAAE,CAAC,KAAa,KAAI;AACvB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,QAAQ,EAAE,MAAK;YACb,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACvC,CAAC;KACF,CAAC,CACH,CACF,CACF,CACF;IACD,WAAW,EAAE,QAAQ,CACnB,IAAI,CACF,GAAG,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC5D,SAAS,CAAC,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,KACxB,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,CAC1C,WAAW,CAAC;AACV,QAAA,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,KAAI;AACpB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC;QAChC,CAAC;AACD,QAAA,KAAK,EAAE,CAAC,KAAa,KAAI;AACvB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,QAAQ,EAAE,MAAK;YACb,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACvC,CAAC;KACF,CAAC,CACH,CACF,CACF,CACF;IACD,aAAa,EAAE,QAAQ,CACrB,IAAI,CACF,GAAG,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC5D,SAAS,CAAC,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,KACxB,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,CAC5C,SAAS,CAAC,CAAC,EAAE,WAAW,EAAE,YAAY,EAAE,KAAI;AAC1C,QAAA,YAAY,CAAC,OAAO,CAAC,aAAa,EAAE,WAAW,CAAC;AAChD,QAAA,YAAY,CAAC,OAAO,CAAC,cAAc,EAAE,YAAY,CAAC;AAClD,QAAA,MAAM,OAAO,GAAG,SAAS,CAAmB,WAAW,CAAC;AACxD,QAAA,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE;YAChB,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,+BAA+B,EAAE,CAAC;AAC7D,YAAA,OAAO,KAAK;QACd;AACA,QAAA,OAAO,KAAK,CAAC,QAAQ,CAAC,mBAAmB,EAAE;IAC7C,CAAC,CAAC,EACF,WAAW,CAAC;QACV,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,KAAI;AACvB,YAAA,MAAM,QAAQ,GAAa;gBACzB,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;YACD,UAAU,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE;AAC5C,gBAAA,OAAO,EAAE,gBAAgB,CAAC,IAAI,CAAC;AAC/B,gBAAA,OAAO,EAAE,IAAI;AACd,aAAA,CAAC;QACJ,CAAC;AACD,QAAA,KAAK,EAAE,CAAC,KAAa,KAAI;AACvB,YAAA,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,QAAQ,EAAE,MAAK;YACb,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACvC,CAAC;KACF,CAAC,CACH,CACF,CACF,CACF;CACF,CAAC,CAAC;;AC5SL;;AAEG;;;;"}

package/fesm2022/anarchitects-auth-angular-util.mjs

@@ -0,0 +1,10 @@
+import { createMongoAbility } from '@casl/ability';
+
+const createAppAbility = (rules) => createMongoAbility(rules);
+
+/**
+ * Generated bundle index. Do not edit.
+ */
+
+export { createAppAbility };
+//# sourceMappingURL=anarchitects-auth-angular-util.mjs.map

package/fesm2022/anarchitects-auth-angular-util.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"anarchitects-auth-angular-util.mjs","sources":["../../../../../libs/auth/angular/util/src/ability.factory.ts","../../../../../libs/auth/angular/util/src/anarchitects-auth-angular-util.ts"],"sourcesContent":["import { Action, PolicyRule, Subject } from '@anarchitects/auth-ts/models';\nimport { createMongoAbility, MongoAbility } from '@casl/ability';\n\ntype AbilitySubject =\n  | Subject\n  | (Record<string, unknown> & { __caslSubjectType__?: Subject });\n\nexport type AppAbility = MongoAbility<\n  [Action, AbilitySubject],\n  { conditions: Record<string, unknown> }\n>;\n\nexport const createAppAbility = (rules: PolicyRule[]) =>\n  createMongoAbility(rules);\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './index';\n"],"names":[],"mappings":";;AAYO,MAAM,gBAAgB,GAAG,CAAC,KAAmB,KAClD,kBAAkB,CAAC,KAAK;;ACb1B;;AAEG;;;;"}

package/fesm2022/anarchitects-auth-angular.mjs

@@ -0,0 +1,10 @@
+export * from '@anarchitects/auth-angular/config';
+export * from '@anarchitects/auth-angular/data-access';
+export * from '@anarchitects/auth-angular/feature';
+export * from '@anarchitects/auth-angular/state';
+export * from '@anarchitects/auth-angular/util';
+
+/**
+ * Generated bundle index. Do not edit.
+ */
+//# sourceMappingURL=anarchitects-auth-angular.mjs.map

package/fesm2022/anarchitects-auth-angular.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"anarchitects-auth-angular.mjs","sources":["../../../../../libs/auth/angular/src/anarchitects-auth-angular.ts"],"sourcesContent":["/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './index';\n"],"names":[],"mappings":";;;;;;AAAA;;AAEG"}

package/package.json

@@ -0,0 +1,55 @@
+{
+  "name": "@anarchitects/auth-angular",
+  "version": "0.0.1",
+  "peerDependencies": {
+    "@angular/common": "21.1.6",
+    "@angular/core": "21.1.6",
+    "@anarchitects/auth-ts": "0.0.1",
+    "@anarchitects/forms-angular": "0.0.6",
+    "@anarchitects/forms-ts": "0.0.5",
+    "@ngrx/signals": "^20.0.1",
+    "@ngrx/operators": "^20.0.1",
+    "rxjs": "~7.8.0",
+    "jwt-decode": "^4.0.0",
+    "@casl/ability": "^6.7.3",
+    "@angular/router": "21.1.6"
+  },
+  "sideEffects": false,
+  "publishConfig": {
+    "access": "public"
+  },
+  "module": "fesm2022/anarchitects-auth-angular.mjs",
+  "typings": "types/anarchitects-auth-angular.d.ts",
+  "exports": {
+    "./package.json": {
+      "default": "./package.json"
+    },
+    ".": {
+      "types": "./types/anarchitects-auth-angular.d.ts",
+      "default": "./fesm2022/anarchitects-auth-angular.mjs"
+    },
+    "./config": {
+      "types": "./types/anarchitects-auth-angular-config.d.ts",
+      "default": "./fesm2022/anarchitects-auth-angular-config.mjs"
+    },
+    "./data-access": {
+      "types": "./types/anarchitects-auth-angular-data-access.d.ts",
+      "default": "./fesm2022/anarchitects-auth-angular-data-access.mjs"
+    },
+    "./feature": {
+      "types": "./types/anarchitects-auth-angular-feature.d.ts",
+      "default": "./fesm2022/anarchitects-auth-angular-feature.mjs"
+    },
+    "./state": {
+      "types": "./types/anarchitects-auth-angular-state.d.ts",
+      "default": "./fesm2022/anarchitects-auth-angular-state.mjs"
+    },
+    "./util": {
+      "types": "./types/anarchitects-auth-angular-util.d.ts",
+      "default": "./fesm2022/anarchitects-auth-angular-util.mjs"
+    }
+  },
+  "dependencies": {
+    "tslib": "^2.3.0"
+  }
+}

package/state/README.md

@@ -0,0 +1,34 @@
+# @anarchitects/auth-angular/state
+
+Signal-based state management for the auth domain. Import from `@anarchitects/auth-angular/state` to orchestrate login, logout, password resets, token refresh, and related workflows without wiring up NgRx reducers manually.
+
+## Exports
+
+- `AuthStore`: an Angular `signalStore` that exposes:
+  - computed selectors (`isLoggedIn`, `loggedInUser`)
+  - async methods for each auth use case (`login`, `logout`, `registerUser`, etc.)
+- The store depends on `AuthApi` from the data-access layer and respects the configuration providers.
+
+## Usage
+
+```ts
+import { Component, inject } from '@angular/core';
+import { AuthStore } from '@anarchitects/auth-angular/state';
+
+@Component({
+  selector: 'auth-login-button',
+  template: `
+    <button (click)="onLogin()" [disabled]="store.loading()">Sign in</button>
+    <p *ngIf="store.error()">{{ store.error() }}</p>
+  `,
+})
+export class AuthLoginButtonComponent {
+  readonly store = inject(AuthStore);
+
+  onLogin() {
+    this.store.login({ credential: 'user@example.com', password: 'secret' });
+  }
+}
+```
+
+Compose the store inside smart/feature components or facades; keep UI components dumb by binding to the store's signals.

package/types/anarchitects-auth-angular-config.d.ts

@@ -0,0 +1,18 @@
+import { InjectionToken, Provider } from '@angular/core';
+
+type AuthConfig = {
+    apiResourcePath: string;
+};
+declare const AUTH_CONFIG: InjectionToken<AuthConfig>;
+declare const API_RESOURCE_PATH: InjectionToken<string>;
+/** Library-level sensible defaults */
+declare const AUTH_DEFAULTS: AuthConfig;
+/** Safe injectors that fall back to defaults if no providers are registered */
+declare function injectAuthConfig(): AuthConfig;
+declare function injectApiResourcePath(): string;
+
+declare function provideAuthConfig(cfg: Partial<AuthConfig>): Provider[];
+declare function provideAuthDefaults(): Provider[];
+
+export { API_RESOURCE_PATH, AUTH_CONFIG, AUTH_DEFAULTS, injectApiResourcePath, injectAuthConfig, provideAuthConfig, provideAuthDefaults };
+export type { AuthConfig };

package/types/anarchitects-auth-angular-data-access.d.ts

@@ -0,0 +1,58 @@
+import * as rxjs from 'rxjs';
+import { RegisterRequestDTO, ActivateUserRequestDTO, LoginRequestDTO, LogoutRequestDTO, ChangePasswordRequestDTO, ForgotPasswordRequestDTO, ResetPasswordRequestDTO, VerifyEmailRequestDTO, UpdateEmailRequestDTO, RefreshTokenRequestDTO } from '@anarchitects/auth-ts/dtos';
+import { User, PolicyRule } from '@anarchitects/auth-ts/models';
+import * as i0 from '@angular/core';
+import * as _angular_common_http from '@angular/common/http';
+import { HttpInterceptorFn } from '@angular/common/http';
+
+declare class AuthApi {
+    private readonly http;
+    private readonly resourceUrl;
+    registerUser(dto: RegisterRequestDTO): rxjs.Observable<{
+        success: boolean;
+    }>;
+    activateUser(dto: ActivateUserRequestDTO): rxjs.Observable<{
+        success: boolean;
+    }>;
+    login(dto: LoginRequestDTO): rxjs.Observable<{
+        accessToken: string;
+        refreshToken: string;
+    }>;
+    logout(dto: LogoutRequestDTO): rxjs.Observable<{
+        success: boolean;
+    }>;
+    changePassword(userId: string, dto: ChangePasswordRequestDTO): rxjs.Observable<{
+        success: boolean;
+    }>;
+    forgotPassword(dto: ForgotPasswordRequestDTO): rxjs.Observable<{
+        success: boolean;
+    }>;
+    resetPassword(dto: ResetPasswordRequestDTO): rxjs.Observable<{
+        success: boolean;
+    }>;
+    verifyEmail(dto: VerifyEmailRequestDTO): rxjs.Observable<{
+        success: boolean;
+    }>;
+    updateEmail(userId: string, dto: UpdateEmailRequestDTO): rxjs.Observable<{
+        success: boolean;
+    }>;
+    refreshTokens(userId: string, dto: RefreshTokenRequestDTO): rxjs.Observable<{
+        accessToken: string;
+        refreshToken: string;
+    }>;
+    getLoggedInUserInfo(): rxjs.Observable<{
+        user: User;
+        rbac: PolicyRule[];
+    }>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthApi, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<AuthApi>;
+}
+
+declare const authBearerTokenInterceptor: HttpInterceptorFn;
+
+declare const authErrorInterceptor: HttpInterceptorFn;
+
+declare const AUTH_HTTP_INTERCEPTORS: HttpInterceptorFn[];
+declare function withAuthHttpInterceptors(): _angular_common_http.HttpFeature<_angular_common_http.HttpFeatureKind.Interceptors>;
+
+export { AUTH_HTTP_INTERCEPTORS, AuthApi, authBearerTokenInterceptor, authErrorInterceptor, withAuthHttpInterceptors };

package/types/anarchitects-auth-angular-feature.d.ts

@@ -0,0 +1,97 @@
+import * as i0 from '@angular/core';
+import { SubmissionRequestDTO } from '@anarchitects/forms-ts/dtos';
+import { FormConfig } from '@anarchitects/forms-ts/models';
+import { CanMatchFn } from '@angular/router';
+
+declare class AnarchitectsFeatureRegister {
+    private readonly authStore;
+    formConfig: i0.WritableSignal<FormConfig>;
+    submitForm(input: SubmissionRequestDTO): Promise<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AnarchitectsFeatureRegister, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AnarchitectsFeatureRegister, "anarchitects-auth-feature-register", never, {}, {}, never, never, true, never>;
+}
+
+declare class AnarchitectsFeatureActivateUser {
+    private readonly authStore;
+    readonly token: i0.InputSignal<string | undefined>;
+    readonly formConfig: i0.Signal<FormConfig>;
+    submitForm(input: SubmissionRequestDTO): Promise<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AnarchitectsFeatureActivateUser, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AnarchitectsFeatureActivateUser, "anarchitects-auth-feature-activate-user", never, { "token": { "alias": "token"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
+}
+
+declare class AnarchitectsFeatureForgotPassword {
+    private readonly authStore;
+    readonly formConfig: i0.WritableSignal<FormConfig>;
+    submitForm(input: SubmissionRequestDTO): Promise<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AnarchitectsFeatureForgotPassword, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AnarchitectsFeatureForgotPassword, "anarchitects-auth-feature-forgot-password", never, {}, {}, never, never, true, never>;
+}
+
+declare class AnarchitectsFeatureResetPassword {
+    private readonly authStore;
+    readonly token: i0.InputSignal<string | undefined>;
+    readonly formConfig: i0.Signal<FormConfig>;
+    submitForm(input: SubmissionRequestDTO): Promise<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AnarchitectsFeatureResetPassword, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AnarchitectsFeatureResetPassword, "anarchitects-auth-feature-reset-password", never, { "token": { "alias": "token"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
+}
+
+declare class AnarchitectsFeatureVerifyEmail {
+    private readonly authStore;
+    readonly token: i0.InputSignal<string | undefined>;
+    readonly formConfig: i0.Signal<FormConfig>;
+    submitForm(input: SubmissionRequestDTO): Promise<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AnarchitectsFeatureVerifyEmail, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AnarchitectsFeatureVerifyEmail, "anarchitects-auth-feature-verify-email", never, { "token": { "alias": "token"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
+}
+
+declare class AnarchitectsFeatureChangePassword {
+    private readonly authStore;
+    readonly userId: i0.InputSignal<string | undefined>;
+    readonly formConfig: i0.WritableSignal<FormConfig>;
+    private resolveUserId;
+    submitForm(input: SubmissionRequestDTO): Promise<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AnarchitectsFeatureChangePassword, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AnarchitectsFeatureChangePassword, "anarchitects-auth-feature-change-password", never, { "userId": { "alias": "userId"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
+}
+
+declare class AnarchitectsFeatureUpdateEmail {
+    private readonly authStore;
+    readonly userId: i0.InputSignal<string | undefined>;
+    readonly formConfig: i0.WritableSignal<FormConfig>;
+    private resolveUserId;
+    submitForm(input: SubmissionRequestDTO): Promise<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AnarchitectsFeatureUpdateEmail, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AnarchitectsFeatureUpdateEmail, "anarchitects-auth-feature-update-email", never, { "userId": { "alias": "userId"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
+}
+
+declare class AnarchitectsFeatureLogout {
+    private readonly authStore;
+    readonly formConfig: i0.WritableSignal<FormConfig>;
+    submitForm(input: SubmissionRequestDTO): Promise<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AnarchitectsFeatureLogout, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AnarchitectsFeatureLogout, "anarchitects-auth-feature-logout", never, {}, {}, never, never, true, never>;
+}
+
+declare class AnarchitectsFeatureRefreshTokens {
+    private readonly authStore;
+    readonly userId: i0.InputSignal<string | undefined>;
+    readonly formConfig: i0.WritableSignal<FormConfig>;
+    private resolveUserId;
+    submitForm(input: SubmissionRequestDTO): Promise<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AnarchitectsFeatureRefreshTokens, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AnarchitectsFeatureRefreshTokens, "anarchitects-auth-feature-refresh-tokens", never, { "userId": { "alias": "userId"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
+}
+
+declare const policyGuard: CanMatchFn;
+
+declare class AnarchitectsFeatureLogin {
+    private readonly authStore;
+    formConfig: i0.WritableSignal<FormConfig>;
+    submitForm(input: SubmissionRequestDTO): Promise<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AnarchitectsFeatureLogin, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AnarchitectsFeatureLogin, "anarchitects-auth-feature-login", never, {}, {}, never, never, true, never>;
+}
+
+export { AnarchitectsFeatureActivateUser, AnarchitectsFeatureChangePassword, AnarchitectsFeatureForgotPassword, AnarchitectsFeatureLogin, AnarchitectsFeatureLogout, AnarchitectsFeatureRefreshTokens, AnarchitectsFeatureRegister, AnarchitectsFeatureResetPassword, AnarchitectsFeatureUpdateEmail, AnarchitectsFeatureVerifyEmail, policyGuard };

package/types/anarchitects-auth-angular-state.d.ts

@@ -0,0 +1,68 @@
+import * as _ngrx_signals from '@ngrx/signals';
+import * as _ngrx_signals_rxjs_interop from '@ngrx/signals/rxjs-interop';
+import * as _ngrx_signals_entities from '@ngrx/signals/entities';
+import * as _casl_ability from '@casl/ability';
+import { PureAbility } from '@casl/ability';
+import * as _angular_core from '@angular/core';
+import { ChangePasswordRequestDTO, ResetPasswordRequestDTO, UpdateEmailRequestDTO, RefreshTokenRequestDTO } from '@anarchitects/auth-ts/dtos';
+import { User } from '@anarchitects/auth-ts/models';
+
+type AuthUser = Pick<User, 'id' | 'email'>;
+declare const AuthStore: _angular_core.Type<{
+    loading: _angular_core.Signal<boolean>;
+    error: _angular_core.Signal<string | null>;
+    success: _angular_core.Signal<boolean>;
+    ability?: _angular_core.Signal<PureAbility<_casl_ability.AbilityTuple, unknown> | undefined> | undefined;
+    entityMap: _angular_core.Signal<_ngrx_signals_entities.EntityMap<AuthUser>>;
+    ids: _angular_core.Signal<_ngrx_signals_entities.EntityId[]>;
+    entities: _angular_core.Signal<AuthUser[]>;
+    isLoggedIn: _angular_core.Signal<boolean>;
+    loggedInUser: _angular_core.Signal<AuthUser>;
+    registerUser: _ngrx_signals_rxjs_interop.RxMethod<{
+        userName?: string | undefined;
+        email: string;
+        password: string;
+        confirmPassword: string;
+    }>;
+    activateUser: _ngrx_signals_rxjs_interop.RxMethod<{
+        token: string;
+    }>;
+    login: _ngrx_signals_rxjs_interop.RxMethod<{
+        password: string;
+        credential: string;
+    }>;
+    logout: _ngrx_signals_rxjs_interop.RxMethod<{
+        accessToken?: string | undefined;
+        refreshToken: string;
+    }>;
+    changePassword: _ngrx_signals_rxjs_interop.RxMethod<{
+        userId: string;
+        dto: ChangePasswordRequestDTO;
+    }>;
+    forgotPassword: _ngrx_signals_rxjs_interop.RxMethod<{
+        email: string;
+    }>;
+    resetPassword: _ngrx_signals_rxjs_interop.RxMethod<{
+        dto: ResetPasswordRequestDTO;
+    }>;
+    verifyEmail: _ngrx_signals_rxjs_interop.RxMethod<{
+        token: string;
+    }>;
+    updateEmail: _ngrx_signals_rxjs_interop.RxMethod<{
+        userId: string;
+        dto: UpdateEmailRequestDTO;
+    }>;
+    refreshTokens: _ngrx_signals_rxjs_interop.RxMethod<{
+        userId: string;
+        dto: RefreshTokenRequestDTO;
+    }>;
+} & _ngrx_signals.StateSource<{
+    loading: boolean;
+    error: string | null;
+    success: boolean;
+    ability?: PureAbility | undefined;
+    entityMap: _ngrx_signals_entities.EntityMap<AuthUser>;
+    ids: _ngrx_signals_entities.EntityId[];
+}>>;
+
+export { AuthStore };

package/types/anarchitects-auth-angular-util.d.ts

@@ -0,0 +1,17 @@
+import * as _casl_ability from '@casl/ability';
+import { MongoAbility } from '@casl/ability';
+import { Action, Subject, PolicyRule } from '@anarchitects/auth-ts/models';
+
+type AbilitySubject = Subject | (Record<string, unknown> & {
+    __caslSubjectType__?: Subject;
+});
+type AppAbility = MongoAbility<[
+    Action,
+    AbilitySubject
+], {
+    conditions: Record<string, unknown>;
+}>;
+declare const createAppAbility: (rules: PolicyRule[]) => MongoAbility<_casl_ability.AbilityTuple, Record<string, unknown>>;
+
+export { createAppAbility };
+export type { AppAbility };

package/types/anarchitects-auth-angular.d.ts

@@ -0,0 +1,5 @@
+export * from '@anarchitects/auth-angular/config';
+export * from '@anarchitects/auth-angular/data-access';
+export * from '@anarchitects/auth-angular/feature';
+export * from '@anarchitects/auth-angular/state';
+export * from '@anarchitects/auth-angular/util';

package/util/README.md

@@ -0,0 +1,28 @@
+# @anarchitects/auth-angular/util
+
+Utility layer for the Angular auth brick. Re-exported via `@anarchitects/auth-angular/util`, it centralises CASL ability helpers that are consumed by the feature and state slices.
+
+## Exports
+
+- `createAppAbility(rules: PolicyRule[])`: wraps `createMongoAbility` and returns the typed `AppAbility` used throughout the auth domain.
+- `AppAbility`: CASL ability type configured for `Action`/`Subject` pairs defined in `@anarchitects/auth-ts/models`.
+
+## Usage
+
+```ts
+import { createAppAbility } from '@anarchitects/auth-angular/util';
+import type { PolicyRule } from '@anarchitects/auth-ts/models';
+
+const rules: PolicyRule[] = [
+  { action: 'read', subject: 'profile' },
+  { action: 'manage', subject: 'Project', conditions: { ownerId: 1 } },
+];
+
+const ability = createAppAbility(rules);
+
+if (ability.can('manage', 'Project')) {
+  // guarded feature logic
+}
+```
+
+For stateful orchestration examples, see `auth.store` in the state layer where the ability factory is integrated with the auth API responses.