@apptimate/core-lib 1.0.0 → 1.1.0

package/src/constants/storageKeys.ts

@@ -1,9 +1,14 @@
-export interface IStorageOptions {
-    name: string;
-    secretName: string;
-    encrypted: boolean;
-}
-
-export const cookie = {
-    access_token: { name: 'access_token', secretName: 'PATKXFGLSIZXZBXEEFK', encrypted: true } as IStorageOptions
-};
+export interface IStorageOptions {
+    name: string;
+    secretName: string;
+    encrypted: boolean;
+}
+
+export const cookie = {
+    access_token: { name: 'access_token', secretName: 'PATKXFGLSIZXZBXEEFK', encrypted: false } as IStorageOptions
+};
+
+export const local_storage = {
+    user_info: { name: 'user_info', secretName: 'USER_INFO_SECRET', encrypted: false } as IStorageOptions,
+    selected_organization: { name: 'selected_organization', secretName: 'SELECTED_ORG', encrypted: false } as IStorageOptions
+};

package/src/index.ts

@@ -1,8 +1,3 @@
-export * from './utils/commonService';
-export * from './utils/cookiesHandler';
-export * from './utils/httpClient';
-export * from './utils/localStorageHandler';
-export * from './utils/bem';
-export * from './utils/cn';
-export * from './common/interfaces/ICommon';
-export * from './constants/storageKeys';
+// Default entry point — client-safe (no 'use server' modules)
+// For server components/actions, import from '@apptimate/core-lib/src/server'
+export * from './client';

package/src/server.ts

@@ -0,0 +1,12 @@
+// Server-safe exports — includes everything including 'use server' modules
+export * from './utils/commonService';
+export * from './utils/cookiesHandler';
+export * from './utils/httpClient';
+export * from './utils/localStorageHandler';
+export * from './utils/bem';
+export * from './utils/cn';
+export * from './common/interfaces/ICommon';
+export * from './constants/storageKeys';
+export * from './constants/menus';
+export * from './constants/iconRegistry';
+export * from './utils/bootstrapConfig';

package/src/utils/bem.ts

@@ -1,13 +1,13 @@
-export function block(prefix: string, name: string): string {
-  return `${prefix}-${name}`;
-}
-
-export function element(prefix: string, blockName: string, elementName: string): string {
-  return `${prefix}-${blockName}__${elementName}`;
-}
-
-export function modifier(prefix: string, name: string, modifier: string | undefined | null | boolean): string {
-  if (!modifier) return "";
-  if (typeof modifier === "boolean") return modifier ? `${prefix}-${name}--active` : "";
-  return `${prefix}-${name}--${modifier}`;
-}
+export function block(prefix: string, name: string): string {
+  return `${prefix}-${name}`;
+}
+
+export function element(prefix: string, blockName: string, elementName: string): string {
+  return `${prefix}-${blockName}__${elementName}`;
+}
+
+export function modifier(prefix: string, name: string, modifier: string | undefined | null | boolean): string {
+  if (!modifier) return "";
+  if (typeof modifier === "boolean") return modifier ? `${prefix}-${name}--active` : "";
+  return `${prefix}-${name}--${modifier}`;
+}

package/src/utils/bootstrapConfig.ts

@@ -0,0 +1,80 @@
+/**
+ * Shared bootstrap configuration loader for module layouts.
+ * Fetches the public app_config from the API during SSR.
+ *
+ * This centralizes the config fetch logic so all module layouts
+ * share the same implementation instead of duplicating it.
+ */
+export async function fetchAppBootstrapConfig(): Promise<any | null> {
+  try {
+    const apiUrl = process.env.NEXT_PUBLIC_API_URL;
+    if (!apiUrl) return null;
+
+    const response = await fetch(`${apiUrl}/api/core/config/app_config`, { cache: 'no-store' });
+    if (response.ok) {
+      const data = await response.json();
+      if (data.is_success) {
+        return data.result;
+      }
+    }
+  } catch (error) {
+    console.error("Failed to fetch app_config:", error);
+  }
+  return null;
+}
+
+/**
+ * Server-side menu config loader.
+ *
+ * Reads the auth token and selected organization from cookies,
+ * then fetches the active menu configuration from the API.
+ * Returns the raw config object or null if not available.
+ *
+ * Usage in server layouts:
+ * ```ts
+ * import { fetchMenuConfig } from '@apptimate/core-lib/src/utils/bootstrapConfig';
+ * const menuConfig = await fetchMenuConfig();
+ * <DashboardLayoutClient initialMenuConfig={menuConfig} />
+ * ```
+ */
+export async function fetchMenuConfig(): Promise<any | null> {
+  try {
+    const apiUrl = process.env.NEXT_PUBLIC_API_URL;
+    if (!apiUrl) return null;
+
+    // Dynamic import to avoid bundling next/headers in client code
+    const { cookies } = await import('next/headers');
+    const cookieStore = await cookies();
+
+    // Read auth token — cookie name matches storageKeys.ts (encrypted: false → use .name)
+    const token = cookieStore.get('access_token')?.value;
+    if (!token) return null;
+
+    // Read selected organization from cookie (set by the client layout)
+    const orgCookie = cookieStore.get('selected_organization_id')?.value;
+
+    const headers: Record<string, string> = {
+      'Accept': 'application/json',
+      'Authorization': `Bearer ${token}`,
+    };
+
+    if (orgCookie) {
+      headers['X-Organization-Id'] = orgCookie;
+    }
+
+    const response = await fetch(`${apiUrl}/api/menu-config/active`, {
+      cache: 'no-store',
+      headers,
+    });
+
+    if (response.ok) {
+      const data = await response.json();
+      if (data.is_success && data.result?.config) {
+        return data.result.config;
+      }
+    }
+  } catch (error) {
+    console.error("Failed to fetch menu config:", error);
+  }
+  return null;
+}

package/src/utils/cn.ts

@@ -1,9 +1,9 @@
-import { type ClassValue, clsx } from "clsx";
-import { twMerge } from "tailwind-merge";
-
-/**
- * Utility function to merge tailwind classes safely.
- */
-export function cn(...inputs: ClassValue[]) {
-  return twMerge(clsx(inputs));
-}
+import { type ClassValue, clsx } from "clsx";
+import { twMerge } from "tailwind-merge";
+
+/**
+ * Utility function to merge tailwind classes safely.
+ */
+export function cn(...inputs: ClassValue[]) {
+  return twMerge(clsx(inputs));
+}

package/src/utils/commonService.ts

@@ -1,26 +1,46 @@
-export function replacePlaceholders(template: string, replacements: Record<string, string | number>): string {
-    return template.replace(/\${(\w+)}/g, (_, key) => {
-        return (replacements[key] ?? `\${${key}}`).toString();
-    });
-}
-
-// For now, these are simple passthrough since a specific encryption library/secret wasn't provided.
-// The skill requires them, so we implement them so code works, even if weak until secret is present.
-export function encrypt(value: any): string {
-    const stringValue = typeof value === 'string' ? value : JSON.stringify(value);
-    // In production, use process.env.CRYPT_SECRET_KEY and an encryption lib (e.g. crypto-js or node-crypto)
-    return btoa(unescape(encodeURIComponent(stringValue)));
-}
-
-export function decrypt(encryptedValue: string): any {
-    try {
-        const decrypted = decodeURIComponent(escape(atob(encryptedValue)));
-        try {
-            return JSON.parse(decrypted);
-        } catch {
-            return decrypted;
-        }
-    } catch {
-        return null;
-    }
-}
+export function replacePlaceholders(template: string, replacements: Record<string, string | number>): string {
+    return template.replace(/\${(\w+)}/g, (_, key) => {
+        return (replacements[key] ?? `\${${key}}`).toString();
+    });
+}
+
+/**
+ * Base64 encode a value.
+ *
+ * WARNING: This is NOT encryption. It is a reversible encoding meant only for
+ * transport convenience. Do NOT rely on this for security.
+ * Auth tokens should be stored in HttpOnly, Secure, SameSite cookies managed
+ * by the server in a production deployment.
+ */
+export function encode(value: any): string {
+    const stringValue = typeof value === 'string' ? value : JSON.stringify(value);
+    return btoa(unescape(encodeURIComponent(stringValue)));
+}
+
+/**
+ * Base64 decode a value.
+ *
+ * WARNING: This is NOT decryption. See the note on `encode()`.
+ */
+export function decode(encodedValue: string): any {
+    try {
+        const decoded = decodeURIComponent(escape(atob(encodedValue)));
+        try {
+            return JSON.parse(decoded);
+        } catch {
+            return decoded;
+        }
+    } catch {
+        return null;
+    }
+}
+
+/**
+ * @deprecated Use `encode()` instead. This function name is misleading — it performs base64 encoding, not encryption.
+ */
+export const encrypt = encode;
+
+/**
+ * @deprecated Use `decode()` instead. This function name is misleading — it performs base64 decoding, not decryption.
+ */
+export const decrypt = decode;

package/src/utils/cookiesHandler.ts

@@ -1,64 +1,64 @@
-'use server';
-
-import { cookies } from 'next/headers';
-import { IStorageOptions } from '../constants/storageKeys';
-import { decrypt, encrypt, replacePlaceholders } from './commonService';
-
-export async function getCookies<T = any>(storageKey: IStorageOptions, options?: { replacements?: Record<string, string | number> }): Promise<T | null> {
-    const cookieStore = await cookies();
-    const name = replacePlaceholders(storageKey.encrypted ? storageKey.secretName : storageKey.name, options?.replacements || {});
-    
-    const value = cookieStore.get(name)?.value;
-    if (!value) return null;
-
-    if (storageKey.encrypted) {
-        return decrypt(value) as T;
-    }
-
-    try {
-        return JSON.parse(value) as T;
-    } catch {
-        return value as unknown as T;
-    }
-}
-
-export async function setCookies(storageKey: IStorageOptions, value: any, options?: { 
-    replacements?: Record<string, string | number>;
-    expires?: number | Date;
-    maxAge?: number;
-    domain?: string;
-    path?: string;
-    secure?: boolean;
-    httpOnly?: boolean;
-    sameSite?: 'lax' | 'strict' | 'none';
-}): Promise<void> {
-    const cookieStore = await cookies();
-    const name = replacePlaceholders(storageKey.encrypted ? storageKey.secretName : storageKey.name, options?.replacements || {});
-    
-    let finalValue = typeof value === 'string' ? value : JSON.stringify(value);
-    if (storageKey.encrypted) {
-        finalValue = encrypt(value);
-    }
-
-    cookieStore.set(name, finalValue, {
-        expires: options?.expires,
-        maxAge: options?.maxAge,
-        domain: options?.domain,
-        path: options?.path || '/',
-        secure: options?.secure ?? process.env.NODE_ENV === 'production',
-        httpOnly: options?.httpOnly ?? true,
-        sameSite: options?.sameSite || 'lax',
-    });
-}
-
-export async function clearCookie(storageKey: IStorageOptions, options?: { replacements?: Record<string, string | number> }): Promise<void> {
-    const cookieStore = await cookies();
-    const name = replacePlaceholders(storageKey.encrypted ? storageKey.secretName : storageKey.name, options?.replacements || {});
-    cookieStore.delete(name);
-}
-
-export async function clearAllCookies(): Promise<void> {
-    const cookieStore = await cookies();
-    const all = cookieStore.getAll();
-    all.forEach(c => cookieStore.delete(c.name));
-}
+'use server';
+
+import { cookies } from 'next/headers';
+import { IStorageOptions } from '../constants/storageKeys';
+import { decrypt, encrypt, replacePlaceholders } from './commonService';
+
+export async function getCookies<T = any>(storageKey: IStorageOptions, options?: { replacements?: Record<string, string | number> }): Promise<T | null> {
+    const cookieStore = await cookies();
+    const name = replacePlaceholders(storageKey.encrypted ? storageKey.secretName : storageKey.name, options?.replacements || {});
+    
+    const value = cookieStore.get(name)?.value;
+    if (!value) return null;
+
+    if (storageKey.encrypted) {
+        return decrypt(value) as T;
+    }
+
+    try {
+        return JSON.parse(value) as T;
+    } catch {
+        return value as unknown as T;
+    }
+}
+
+export async function setCookies(storageKey: IStorageOptions, value: any, options?: { 
+    replacements?: Record<string, string | number>;
+    expires?: number | Date;
+    maxAge?: number;
+    domain?: string;
+    path?: string;
+    secure?: boolean;
+    httpOnly?: boolean;
+    sameSite?: 'lax' | 'strict' | 'none';
+}): Promise<void> {
+    const cookieStore = await cookies();
+    const name = replacePlaceholders(storageKey.encrypted ? storageKey.secretName : storageKey.name, options?.replacements || {});
+    
+    let finalValue = typeof value === 'string' ? value : JSON.stringify(value);
+    if (storageKey.encrypted) {
+        finalValue = encrypt(value);
+    }
+
+    cookieStore.set(name, finalValue, {
+        expires: options?.expires,
+        maxAge: options?.maxAge,
+        domain: options?.domain,
+        path: options?.path || '/',
+        secure: options?.secure ?? process.env.NODE_ENV === 'production',
+        httpOnly: options?.httpOnly ?? true,
+        sameSite: options?.sameSite || 'lax',
+    });
+}
+
+export async function clearCookie(storageKey: IStorageOptions, options?: { replacements?: Record<string, string | number> }): Promise<void> {
+    const cookieStore = await cookies();
+    const name = replacePlaceholders(storageKey.encrypted ? storageKey.secretName : storageKey.name, options?.replacements || {});
+    cookieStore.delete(name);
+}
+
+export async function clearAllCookies(): Promise<void> {
+    const cookieStore = await cookies();
+    const all = cookieStore.getAll();
+    all.forEach(c => cookieStore.delete(c.name));
+}