@arch-cadre/auth 0.0.1

package/dist/actions/basic.cjs

@@ -0,0 +1,46 @@
+"use strict";
+"use server";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.loginAction = loginAction;
+exports.logoutAction = logoutAction;
+exports.signupAction = signupAction;
+var _server = require("@arch-cadre/core/server");
+var _navigation = require("next/navigation");
+async function loginAction(data) {
+  const result = await (0, _server.signIn)(data);
+  console.log("[LoginAction] SignIn result:", JSON.stringify(result, null, 2));
+  if (result.status === "ERROR") {
+    return {
+      success: false,
+      message: result.message
+    };
+  }
+  if (result.redirect) {
+    return (0, _navigation.redirect)(result.redirect);
+  }
+  if (result.status === "SUCCESS") {
+    return (0, _navigation.redirect)("/");
+  }
+  return {
+    success: false,
+    message: "Invalid authentication state"
+  };
+}
+async function signupAction(data) {
+  try {
+    await (0, _server.signUp)(data);
+    return (0, _navigation.redirect)("/verify-email");
+  } catch (error) {
+    return {
+      success: false,
+      message: error.message || "Failed to create account"
+    };
+  }
+}
+async function logoutAction() {
+  await (0, _server.signOut)();
+  return (0, _navigation.redirect)("/signin");
+}

package/dist/actions/basic.d.ts

@@ -0,0 +1,14 @@
+import type { LoginInput, RegisterInput } from "@arch-cadre/core";
+import type { ActionResult } from "../types";
+/**
+ * Modern Login Action delegating to Core Auth
+ */
+export declare function loginAction(data: LoginInput): Promise<ActionResult>;
+/**
+ * Modern Signup Action delegating to Core Auth
+ */
+export declare function signupAction(data: RegisterInput): Promise<ActionResult>;
+/**
+ * Modern Logout Action delegating to Core Auth
+ */
+export declare function logoutAction(): Promise<ActionResult>;

package/dist/actions/basic.mjs

@@ -0,0 +1,32 @@
+"use server";
+import { signIn, signOut, signUp } from "@arch-cadre/core/server";
+import { redirect } from "next/navigation";
+export async function loginAction(data) {
+  const result = await signIn(data);
+  console.log("[LoginAction] SignIn result:", JSON.stringify(result, null, 2));
+  if (result.status === "ERROR") {
+    return { success: false, message: result.message };
+  }
+  if (result.redirect) {
+    return redirect(result.redirect);
+  }
+  if (result.status === "SUCCESS") {
+    return redirect("/");
+  }
+  return { success: false, message: "Invalid authentication state" };
+}
+export async function signupAction(data) {
+  try {
+    await signUp(data);
+    return redirect("/verify-email");
+  } catch (error) {
+    return {
+      success: false,
+      message: error.message || "Failed to create account"
+    };
+  }
+}
+export async function logoutAction() {
+  await signOut();
+  return redirect("/signin");
+}

package/dist/actions/email.cjs

@@ -0,0 +1,209 @@
+"use strict";
+"use server";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.forgotPasswordAction = forgotPasswordAction;
+exports.resendEmailVerificationCodeAction = resendEmailVerificationCodeAction;
+exports.resetPasswordAction = resetPasswordAction;
+exports.verifyEmailAction = verifyEmailAction;
+exports.verifyPasswordResetEmailAction = verifyPasswordResetEmailAction;
+var _core = require("@arch-cadre/core");
+var _server = require("@arch-cadre/core/server");
+var _navigation = require("next/navigation");
+async function forgotPasswordAction(data) {
+  const {
+    email
+  } = await _core.forgotPasswordSchema.parseAsync(data);
+  const user = await (0, _server.getUserFromEmail)(email);
+  if (!user) {
+    return {
+      success: false,
+      message: "Not found user with this email"
+    };
+  }
+  await (0, _server.invalidateUserPasswordResetSessions)(user.id);
+  const sessionToken = await (0, _server.generateSessionToken)();
+  const session = await (0, _server.createPasswordResetSession)(sessionToken, user.id, user.email);
+  await (0, _server.sendPasswordResetEmail)(session.email, session.code);
+  await (0, _server.setPasswordResetSessionTokenCookie)(sessionToken, session.expiresAt);
+  await _server.eventBus.publish("auth:password-reset:requested", {
+    userId: user.id,
+    email: user.email
+  });
+  return (0, _navigation.redirect)("/reset-password/verify-email");
+}
+async function verifyPasswordResetEmailAction(data) {
+  const {
+    session,
+    user
+  } = await (0, _server.getCurrentPasswordResetSession)();
+  if (!session || !user) {
+    return {
+      success: false,
+      message: "Not authenticated"
+    };
+  }
+  if (session.emailVerified) {
+    return {
+      success: false,
+      message: "Email already verified"
+    };
+  }
+  const {
+    code
+  } = _core.verifyEmailSchema.parse(data);
+  if (session.code !== code) {
+    return {
+      success: false,
+      message: "Incorrect code"
+    };
+  }
+  await (0, _server.setPasswordResetSessionAsEmailVerified)(session.id);
+  const security = await (0, _server.checkSecurity)(session, user);
+  if (!security.satisfied && security.redirect) {
+    return (0, _navigation.redirect)(security.redirect);
+  }
+  return (0, _navigation.redirect)("/reset-password");
+}
+async function verifyEmailAction(data) {
+  const {
+    session,
+    user
+  } = await (0, _server.getCurrentSession)();
+  if (!session || !user) {
+    return {
+      success: false,
+      message: "Not authenticated"
+    };
+  }
+  let verificationRequest = await (0, _server.getUserEmailVerificationRequestFromRequest)();
+  if (!verificationRequest) {
+    return {
+      success: false,
+      message: "Verification request not found"
+    };
+  }
+  const {
+    code
+  } = _core.verifyEmailSchema.parse(data);
+  if (Date.now() >= verificationRequest.expiresAt.getTime()) {
+    verificationRequest = await (0, _server.createEmailVerificationRequest)(user.id, verificationRequest.email);
+    await (0, _server.sendVerificationEmail)(verificationRequest.email, verificationRequest.code);
+    await (0, _server.setEmailVerificationRequestCookie)(verificationRequest);
+    return {
+      success: false,
+      message: "The verification code was expired. We sent another code to your inbox."
+    };
+  }
+  if (verificationRequest.code !== code) return {
+    success: false,
+    message: "Incorrect code"
+  };
+  const interception = await (0, _server.runEmailVerificationValidators)(user.id);
+  if (interception) {
+    if (interception.status === "CHALLENGE_REQUIRED") {
+      return (0, _navigation.redirect)(interception.redirect || "/signin");
+    }
+    if (interception.status === "ERROR") {
+      return {
+        success: false,
+        message: interception.message
+      };
+    }
+  }
+  await (0, _server.deleteUserEmailVerificationRequest)(user.id);
+  await (0, _server.invalidateUserPasswordResetSessions)(user.id);
+  await (0, _server.updateUserEmailAndSetEmailAsVerified)(user.id, verificationRequest.email);
+  await (0, _server.deleteEmailVerificationRequestCookie)();
+  await _server.eventBus.publish("auth:email-verified", {
+    userId: user.id,
+    email: verificationRequest.email
+  });
+  return (0, _navigation.redirect)("/");
+}
+async function resendEmailVerificationCodeAction() {
+  const {
+    session,
+    user
+  } = await (0, _server.getCurrentSession)();
+  if (!session || !user) {
+    return {
+      success: false,
+      message: "Not authenticated"
+    };
+  }
+  let verificationRequest = await (0, _server.getUserEmailVerificationRequestFromRequest)();
+  if (!verificationRequest) {
+    if (user.emailVerifiedAt) {
+      return {
+        success: false,
+        message: "Email already verified"
+      };
+    }
+    verificationRequest = await (0, _server.createEmailVerificationRequest)(user.id, user.email);
+  } else {
+    verificationRequest = await (0, _server.createEmailVerificationRequest)(user.id, verificationRequest.email);
+  }
+  await (0, _server.sendVerificationEmail)(verificationRequest.email, verificationRequest.code);
+  await (0, _server.setEmailVerificationRequestCookie)(verificationRequest);
+  await _server.eventBus.publish("auth:verification-requested", {
+    userId: user.id,
+    email: verificationRequest.email
+  });
+  return {
+    success: true,
+    message: "A new code was sent to your inbox."
+  };
+}
+async function resetPasswordAction(data) {
+  const {
+    session: passwordResetSession,
+    user
+  } = await (0, _server.getCurrentPasswordResetSession)();
+  if (!passwordResetSession || !user) {
+    return {
+      success: false,
+      message: "Not authenticated"
+    };
+  }
+  if (!passwordResetSession.emailVerified) {
+    return {
+      success: false,
+      message: "Forbidden"
+    };
+  }
+  const {
+    password
+  } = _core.resetPasswordSchema.parse(data);
+  if (!(await (0, _server.verifyPasswordStrength)(password))) {
+    return {
+      success: false,
+      message: "Weak password"
+    };
+  }
+  const interception = await (0, _server.runPasswordResetValidators)(user.id);
+  if (interception) {
+    if (interception.status === "CHALLENGE_REQUIRED") {
+      return (0, _navigation.redirect)(interception.redirect || "/signin");
+    }
+    if (interception.status === "ERROR") {
+      return {
+        success: false,
+        message: interception.message
+      };
+    }
+  }
+  await (0, _server.invalidateUserPasswordResetSessions)(user.id);
+  await (0, _server.invalidateUserSessions)(user.id);
+  await (0, _server.updateUserPassword)(user.id, password);
+  const sessionToken = await (0, _server.generateSessionToken)();
+  const session = await (0, _server.createSession)(sessionToken, user.id, {});
+  await (0, _server.setSessionTokenCookie)(sessionToken, session.expiresAt);
+  await (0, _server.deletePasswordResetSessionTokenCookie)();
+  await _server.eventBus.publish("auth:password-reset:completed", {
+    userId: user.id
+  });
+  return (0, _navigation.redirect)("/");
+}

package/dist/actions/email.d.ts

@@ -0,0 +1,7 @@
+import type { ForgotPasswordInput, ResetPasswordInput, VerifyEmailInput } from "@arch-cadre/core";
+import type { ActionResult } from "../types";
+export declare function forgotPasswordAction(data: ForgotPasswordInput): Promise<ActionResult>;
+export declare function verifyPasswordResetEmailAction(data: VerifyEmailInput): Promise<ActionResult>;
+export declare function verifyEmailAction(data: VerifyEmailInput): Promise<ActionResult>;
+export declare function resendEmailVerificationCodeAction(): Promise<ActionResult>;
+export declare function resetPasswordAction(data: ResetPasswordInput): Promise<ActionResult>;

package/dist/actions/email.mjs

@@ -0,0 +1,186 @@
+"use server";
+import {
+  forgotPasswordSchema,
+  resetPasswordSchema,
+  verifyEmailSchema
+} from "@arch-cadre/core";
+import {
+  checkSecurity,
+  createEmailVerificationRequest,
+  createPasswordResetSession,
+  createSession,
+  deleteEmailVerificationRequestCookie,
+  deletePasswordResetSessionTokenCookie,
+  deleteUserEmailVerificationRequest,
+  eventBus,
+  generateSessionToken,
+  getCurrentPasswordResetSession,
+  getCurrentSession,
+  getUserEmailVerificationRequestFromRequest,
+  getUserFromEmail,
+  invalidateUserPasswordResetSessions,
+  invalidateUserSessions,
+  runEmailVerificationValidators,
+  runPasswordResetValidators,
+  sendPasswordResetEmail,
+  sendVerificationEmail,
+  setEmailVerificationRequestCookie,
+  setPasswordResetSessionAsEmailVerified,
+  setPasswordResetSessionTokenCookie,
+  setSessionTokenCookie,
+  updateUserEmailAndSetEmailAsVerified,
+  updateUserPassword,
+  verifyPasswordStrength
+} from "@arch-cadre/core/server";
+import { redirect } from "next/navigation";
+export async function forgotPasswordAction(data) {
+  const { email } = await forgotPasswordSchema.parseAsync(data);
+  const user = await getUserFromEmail(email);
+  if (!user) {
+    return { success: false, message: "Not found user with this email" };
+  }
+  await invalidateUserPasswordResetSessions(user.id);
+  const sessionToken = await generateSessionToken();
+  const session = await createPasswordResetSession(
+    sessionToken,
+    user.id,
+    user.email
+  );
+  await sendPasswordResetEmail(session.email, session.code);
+  await setPasswordResetSessionTokenCookie(sessionToken, session.expiresAt);
+  await eventBus.publish("auth:password-reset:requested", {
+    userId: user.id,
+    email: user.email
+  });
+  return redirect("/reset-password/verify-email");
+}
+export async function verifyPasswordResetEmailAction(data) {
+  const { session, user } = await getCurrentPasswordResetSession();
+  if (!session || !user) {
+    return { success: false, message: "Not authenticated" };
+  }
+  if (session.emailVerified) {
+    return { success: false, message: "Email already verified" };
+  }
+  const { code } = verifyEmailSchema.parse(data);
+  if (session.code !== code) {
+    return { success: false, message: "Incorrect code" };
+  }
+  await setPasswordResetSessionAsEmailVerified(session.id);
+  const security = await checkSecurity(session, user);
+  if (!security.satisfied && security.redirect) {
+    return redirect(security.redirect);
+  }
+  return redirect("/reset-password");
+}
+export async function verifyEmailAction(data) {
+  const { session, user } = await getCurrentSession();
+  if (!session || !user) {
+    return { success: false, message: "Not authenticated" };
+  }
+  let verificationRequest = await getUserEmailVerificationRequestFromRequest();
+  if (!verificationRequest) {
+    return { success: false, message: "Verification request not found" };
+  }
+  const { code } = verifyEmailSchema.parse(data);
+  if (Date.now() >= verificationRequest.expiresAt.getTime()) {
+    verificationRequest = await createEmailVerificationRequest(
+      user.id,
+      verificationRequest.email
+    );
+    await sendVerificationEmail(
+      verificationRequest.email,
+      verificationRequest.code
+    );
+    await setEmailVerificationRequestCookie(verificationRequest);
+    return {
+      success: false,
+      message: "The verification code was expired. We sent another code to your inbox."
+    };
+  }
+  if (verificationRequest.code !== code)
+    return { success: false, message: "Incorrect code" };
+  const interception = await runEmailVerificationValidators(user.id);
+  if (interception) {
+    if (interception.status === "CHALLENGE_REQUIRED") {
+      return redirect(interception.redirect || "/signin");
+    }
+    if (interception.status === "ERROR") {
+      return { success: false, message: interception.message };
+    }
+  }
+  await deleteUserEmailVerificationRequest(user.id);
+  await invalidateUserPasswordResetSessions(user.id);
+  await updateUserEmailAndSetEmailAsVerified(
+    user.id,
+    verificationRequest.email
+  );
+  await deleteEmailVerificationRequestCookie();
+  await eventBus.publish("auth:email-verified", {
+    userId: user.id,
+    email: verificationRequest.email
+  });
+  return redirect("/");
+}
+export async function resendEmailVerificationCodeAction() {
+  const { session, user } = await getCurrentSession();
+  if (!session || !user) {
+    return { success: false, message: "Not authenticated" };
+  }
+  let verificationRequest = await getUserEmailVerificationRequestFromRequest();
+  if (!verificationRequest) {
+    if (user.emailVerifiedAt) {
+      return { success: false, message: "Email already verified" };
+    }
+    verificationRequest = await createEmailVerificationRequest(
+      user.id,
+      user.email
+    );
+  } else {
+    verificationRequest = await createEmailVerificationRequest(
+      user.id,
+      verificationRequest.email
+    );
+  }
+  await sendVerificationEmail(
+    verificationRequest.email,
+    verificationRequest.code
+  );
+  await setEmailVerificationRequestCookie(verificationRequest);
+  await eventBus.publish("auth:verification-requested", {
+    userId: user.id,
+    email: verificationRequest.email
+  });
+  return { success: true, message: "A new code was sent to your inbox." };
+}
+export async function resetPasswordAction(data) {
+  const { session: passwordResetSession, user } = await getCurrentPasswordResetSession();
+  if (!passwordResetSession || !user) {
+    return { success: false, message: "Not authenticated" };
+  }
+  if (!passwordResetSession.emailVerified) {
+    return { success: false, message: "Forbidden" };
+  }
+  const { password } = resetPasswordSchema.parse(data);
+  if (!await verifyPasswordStrength(password)) {
+    return { success: false, message: "Weak password" };
+  }
+  const interception = await runPasswordResetValidators(user.id);
+  if (interception) {
+    if (interception.status === "CHALLENGE_REQUIRED") {
+      return redirect(interception.redirect || "/signin");
+    }
+    if (interception.status === "ERROR") {
+      return { success: false, message: interception.message };
+    }
+  }
+  await invalidateUserPasswordResetSessions(user.id);
+  await invalidateUserSessions(user.id);
+  await updateUserPassword(user.id, password);
+  const sessionToken = await generateSessionToken();
+  const session = await createSession(sessionToken, user.id, {});
+  await setSessionTokenCookie(sessionToken, session.expiresAt);
+  await deletePasswordResetSessionTokenCookie();
+  await eventBus.publish("auth:password-reset:completed", { userId: user.id });
+  return redirect("/");
+}

package/dist/actions/index.cjs

@@ -0,0 +1,27 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+var _basic = require("./basic.cjs");
+Object.keys(_basic).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _basic[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _basic[key];
+    }
+  });
+});
+var _email = require("./email.cjs");
+Object.keys(_email).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _email[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _email[key];
+    }
+  });
+});

package/dist/actions/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./basic";
+export * from "./email";

package/dist/actions/index.mjs

@@ -0,0 +1,2 @@
+export * from "./basic.mjs";
+export * from "./email.mjs";

package/dist/index.cjs

@@ -0,0 +1,16 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+
+var _manifest = _interopRequireDefault(require("../manifest.json"));
+var _routes = require("./routes.cjs");
+function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
+const authModule = {
+  manifest: _manifest.default,
+  routes: {
+    public: _routes.publicRoutes
+  }
+};
+module.exports = authModule;

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+import type { IModule } from "@arch-cadre/modules";
+declare const authModule: IModule;
+export default authModule;

package/dist/index.mjs

@@ -0,0 +1,9 @@
+import manifest from "../manifest.json";
+import { publicRoutes } from "./routes.mjs";
+const authModule = {
+  manifest,
+  routes: {
+    public: publicRoutes
+  }
+};
+export default authModule;

package/dist/intl.d.ts

@@ -0,0 +1,13 @@
+import type messages from "../locales/en/global.json";
+
+type JsonDataType = typeof messages;
+
+// declare global {
+//   interface IntlMessages extends JsonDataType {}
+// }
+
+declare module "@arch-cadre/intl" {
+  export interface IntlMessages extends JsonDataType {}
+}
+
+export {};

package/dist/routes.cjs

@@ -0,0 +1,46 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.publicRoutes = void 0;
+var _dynamic = _interopRequireDefault(require("next/dynamic"));
+function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
+const AuthLayout = (0, _dynamic.default)(() => Promise.resolve().then(() => require("./ui/layout.cjs")));
+const SignInPage = (0, _dynamic.default)(() => Promise.resolve().then(() => require("./ui/signin/page.cjs")));
+const SignUpPage = (0, _dynamic.default)(() => Promise.resolve().then(() => require("./ui/signup/page.cjs")));
+const ForgotPasswordPage = (0, _dynamic.default)(() => Promise.resolve().then(() => require("./ui/forgot-password/page.cjs")));
+const ResetPasswordPage = (0, _dynamic.default)(() => Promise.resolve().then(() => require("./ui/reset-password/page.cjs")));
+const VerifyEmailPage = (0, _dynamic.default)(() => Promise.resolve().then(() => require("./ui/verify-email/page.cjs")));
+const ResetPasswordVerifyEmailPage = (0, _dynamic.default)(() => Promise.resolve().then(() => require("./ui/reset-password/verify-email/page.cjs")));
+const publicRoutes = exports.publicRoutes = [{
+  path: "/signin",
+  component: SignInPage,
+  layout: AuthLayout,
+  auth: false
+}, {
+  path: "/signup",
+  component: SignUpPage,
+  layout: AuthLayout,
+  auth: false
+}, {
+  path: "/forgot-password",
+  component: ForgotPasswordPage,
+  layout: AuthLayout,
+  auth: false
+}, {
+  path: "/reset-password",
+  component: ResetPasswordPage,
+  layout: AuthLayout,
+  auth: false
+}, {
+  path: "/verify-email",
+  component: VerifyEmailPage,
+  layout: AuthLayout,
+  auth: false
+}, {
+  path: "/reset-password/verify-email",
+  component: ResetPasswordVerifyEmailPage,
+  layout: AuthLayout,
+  auth: false
+}];

package/dist/routes.d.ts

@@ -0,0 +1,2 @@
+import type { PublicRouteDefinition } from "@arch-cadre/modules";
+export declare const publicRoutes: PublicRouteDefinition[];

package/dist/routes.mjs

@@ -0,0 +1,48 @@
+import dynamic from "next/dynamic";
+const AuthLayout = dynamic(() => import("./ui/layout.mjs"));
+const SignInPage = dynamic(() => import("./ui/signin/page.mjs"));
+const SignUpPage = dynamic(() => import("./ui/signup/page.mjs"));
+const ForgotPasswordPage = dynamic(() => import("./ui/forgot-password/page.mjs"));
+const ResetPasswordPage = dynamic(() => import("./ui/reset-password/page.mjs"));
+const VerifyEmailPage = dynamic(() => import("./ui/verify-email/page.mjs"));
+const ResetPasswordVerifyEmailPage = dynamic(
+  () => import("./ui/reset-password/verify-email/page.mjs")
+);
+export const publicRoutes = [
+  {
+    path: "/signin",
+    component: SignInPage,
+    layout: AuthLayout,
+    auth: false
+  },
+  {
+    path: "/signup",
+    component: SignUpPage,
+    layout: AuthLayout,
+    auth: false
+  },
+  {
+    path: "/forgot-password",
+    component: ForgotPasswordPage,
+    layout: AuthLayout,
+    auth: false
+  },
+  {
+    path: "/reset-password",
+    component: ResetPasswordPage,
+    layout: AuthLayout,
+    auth: false
+  },
+  {
+    path: "/verify-email",
+    component: VerifyEmailPage,
+    layout: AuthLayout,
+    auth: false
+  },
+  {
+    path: "/reset-password/verify-email",
+    component: ResetPasswordVerifyEmailPage,
+    layout: AuthLayout,
+    auth: false
+  }
+];

package/dist/types.cjs

@@ -0,0 +1 @@
+"use strict";