@arch-cadre/auth 1.0.6 → 1.0.8

package/src/ui/signup/components.tsx

@@ -0,0 +1,230 @@
+"use client";
+import { useTranslation } from "@arch-cadre/intl";
+import { Button } from "@arch-cadre/ui/components/button";
+import { Checkbox } from "@arch-cadre/ui/components/checkbox";
+import {
+  Field,
+  FieldError,
+  FieldGroup,
+  FieldLabel,
+} from "@arch-cadre/ui/components/field";
+import { Input } from "@arch-cadre/ui/components/input";
+import { Separator } from "@arch-cadre/ui/components/separator";
+import { cn } from "@arch-cadre/ui/lib/utils";
+import { Loader } from "@arch-cadre/ui/shared/loader";
+import { zodResolver } from "@hookform/resolvers/zod";
+import { AlertCircle } from "lucide-react";
+import Link from "next/link";
+import * as React from "react";
+import { createContext, useContext, useState } from "react";
+import type { UseFormReturn } from "react-hook-form";
+import { Controller, useForm } from "react-hook-form";
+import { toast } from "sonner";
+import { signupAction } from "../../actions/index.js";
+import { type RegisterInput, registerSchema } from "../../validation.js";
+
+const SignUpFormContext = createContext<{
+  form: UseFormReturn<RegisterInput>;
+} | null>(null);
+
+export function useSignUpForm() {
+  const context = useContext(SignUpFormContext);
+  if (!context) {
+    throw new Error("useSignUpForm must be used within a SignUpForm");
+  }
+  return context;
+}
+
+export function SignUpForm({
+  extraButtons,
+  extraFields,
+  hasAllowedExtraButtons,
+}: {
+  extraButtons?: React.ReactNode;
+  extraFields?: React.ReactNode;
+  hasAllowedExtraButtons?: boolean;
+}) {
+  const [generalError, setGeneralError] = useState("");
+  const { t } = useTranslation();
+
+  const form = useForm<RegisterInput>({
+    resolver: zodResolver(registerSchema),
+  });
+
+  async function onSubmit(data: RegisterInput) {
+    setGeneralError("");
+
+    try {
+      const response = await signupAction(data);
+
+      if (response.error) {
+        setGeneralError(response.message || t("error_occurred"));
+        return;
+      }
+
+      toast(response.message);
+    } catch (_error) {
+      // setGeneralError(t("error_occurred"));
+    }
+  }
+
+  return (
+    <SignUpFormContext.Provider value={{ form }}>
+      <div className={cn("flex flex-col space-y-6")}>
+        <div className="space-y-2 text-center">
+          <h1 className="text-3xl font-semibold">{t("Sign Up")}</h1>
+          <p className="text-muted-foreground">
+            {t("Sign up to access your dashboard, settings and projects.")}
+          </p>
+        </div>
+
+        <div className="grid gap-5">
+          {hasAllowedExtraButtons && (
+            <>
+              <div className="flex flex-col gap-2">{extraButtons}</div>
+
+              <div className="flex items-center gap-2">
+                <Separator className="flex-1" />
+                <span className="text-sm text-muted-foreground">
+                  {t("or sign up with email")}
+                </span>
+                <Separator className="flex-1" />
+              </div>
+            </>
+          )}
+
+          {generalError && (
+            <div className="flex gap-2 p-3 bg-red-50 border border-red-200 rounded-lg">
+              <AlertCircle className="w-4 h-4 text-red-600 flex-shrink-0 mt-0.5" />
+              <p className="text-sm text-red-600">{generalError}</p>
+            </div>
+          )}
+
+          <form onSubmit={form.handleSubmit(onSubmit)} className="grid gap-6">
+            <FieldGroup>
+              <Controller
+                name="email"
+                control={form.control}
+                render={({ field, fieldState }) => (
+                  <Field data-invalid={fieldState.invalid}>
+                    <FieldLabel htmlFor="email">
+                      {t("Email address")}
+                    </FieldLabel>
+                    <Input
+                      {...field}
+                      id="email"
+                      type="email"
+                      aria-invalid={fieldState.invalid}
+                      placeholder={t("Email address")}
+                      autoComplete="off"
+                    />
+                    {fieldState.invalid && (
+                      <FieldError errors={[fieldState.error]} />
+                    )}
+                  </Field>
+                )}
+              />
+              <Controller
+                name="username"
+                control={form.control}
+                render={({ field, fieldState }) => (
+                  <Field data-invalid={fieldState.invalid}>
+                    <FieldLabel htmlFor="username">{t("Username")}</FieldLabel>
+                    <Input
+                      {...field}
+                      id="username"
+                      type="text"
+                      aria-invalid={fieldState.invalid}
+                      placeholder={t("Username")}
+                      autoComplete="off"
+                    />
+                    {fieldState.invalid && (
+                      <FieldError errors={[fieldState.error]} />
+                    )}
+                  </Field>
+                )}
+              />
+              <Controller
+                name="password"
+                control={form.control}
+                render={({ field, fieldState }) => (
+                  <Field data-invalid={fieldState.invalid}>
+                    <FieldLabel htmlFor="password">{t("Password")}</FieldLabel>
+                    <Input
+                      {...field}
+                      id="password"
+                      type="password"
+                      aria-invalid={fieldState.invalid}
+                      placeholder={t("Password")}
+                      autoComplete="off"
+                    />
+                    {fieldState.invalid && (
+                      <FieldError errors={[fieldState.error]} />
+                    )}
+                  </Field>
+                )}
+              />
+
+              {extraFields}
+
+              <Controller
+                name="terms"
+                control={form.control}
+                render={({ field, fieldState }) => (
+                  <Field
+                    data-invalid={fieldState.invalid}
+                    className="flex items-center space-x-2"
+                  >
+                    <div className="flex items-center space-x-2">
+                      <Checkbox
+                        id="terms"
+                        aria-invalid={fieldState.invalid}
+                        checked={field.value}
+                        onCheckedChange={(checked) => field.onChange(checked)}
+                      />
+                      <FieldLabel
+                        htmlFor="terms"
+                        className="text-sm text-muted-foreground"
+                      >
+                        {t("I agree to the")}{" "}
+                        <Link href="#" className="text-primary hover:underline">
+                          {t("Terms")}
+                        </Link>{" "}
+                        {t("and")}{" "}
+                        <Link href="#" className="text-primary hover:underline">
+                          {t("Privacy Policy")}
+                        </Link>
+                      </FieldLabel>
+                    </div>
+
+                    {fieldState.invalid && (
+                      <FieldError errors={[fieldState.error]} />
+                    )}
+                  </Field>
+                )}
+              />
+            </FieldGroup>
+
+            <Button disabled={form.formState.isSubmitting} className="w-full">
+              {form.formState.isSubmitting ? t("Please wait...") : t("Sign Up")}
+              {form.formState.isSubmitting && <Loader variant="dark" />}
+            </Button>
+
+            {/* {extraButtons} */}
+          </form>
+
+          <div className="text-center text-sm">
+            {t("Already have an account?")}{" "}
+            <Link
+              key="signin"
+              href="/signin"
+              className="underline underline-offset-4"
+            >
+              {t("Sign In")}
+            </Link>
+          </div>
+        </div>
+      </div>
+    </SignUpFormContext.Provider>
+  );
+}

package/src/ui/signup/page.tsx

@@ -0,0 +1,35 @@
+import { getCurrentSession } from "@arch-cadre/core/server";
+import { ExtensionPoint } from "@arch-cadre/modules";
+import { hasExtension } from "@arch-cadre/modules/server";
+import { redirect } from "next/navigation";
+import * as React from "react";
+import { SignUpForm } from "./components.js";
+
+export default async function Page() {
+  const { session, user } = await getCurrentSession();
+
+  if (session !== null && user !== null) {
+    return redirect("/");
+  }
+  const hasAllowed = await hasExtension("auth", "signup:extra-buttons");
+
+  return (
+    <SignUpForm
+      hasAllowedExtraButtons={hasAllowed}
+      extraButtons={
+        <ExtensionPoint
+          module="auth"
+          point="signup:extra-buttons"
+          className="flex flex-col gap-2 mt-4"
+        />
+      }
+      extraFields={
+        <ExtensionPoint
+          module="auth"
+          point="signup:extra-fields"
+          className="flex flex-col gap-4"
+        />
+      }
+    />
+  );
+}

package/src/ui/verify-email/components.tsx

@@ -0,0 +1,135 @@
+"use client";
+import { useTranslation } from "@arch-cadre/intl";
+import { Button } from "@arch-cadre/ui/components/button";
+import { Field, FieldError, FieldGroup } from "@arch-cadre/ui/components/field";
+import {
+  InputOTP,
+  InputOTPGroup,
+  InputOTPSlot,
+} from "@arch-cadre/ui/components/input-otp";
+import { cn } from "@arch-cadre/ui/lib/utils";
+import { Loader } from "@arch-cadre/ui/shared/loader";
+import { zodResolver } from "@hookform/resolvers/zod";
+import { AlertCircle } from "lucide-react";
+import React, { useActionState, useEffect, useState } from "react";
+import { Controller, useForm } from "react-hook-form";
+import { toast } from "sonner";
+import {
+  resendEmailVerificationCodeAction,
+  verifyEmailAction,
+} from "../../actions/index.js";
+import { type VerifyEmailInput, verifyEmailSchema } from "../../validation.js";
+
+export function EmailVerificationForm({ email = "" }) {
+  const [generalError, setGeneralError] = useState("");
+  const { t } = useTranslation();
+
+  const form = useForm<VerifyEmailInput>({
+    resolver: zodResolver(verifyEmailSchema),
+  });
+
+  async function onSubmit(data: VerifyEmailInput) {
+    setGeneralError("");
+
+    try {
+      const response = await verifyEmailAction(data);
+
+      if (response.error) {
+        setGeneralError(response.message || t("error_occurred"));
+        return;
+      }
+
+      toast(response.message);
+    } catch (_error) {
+      // setGeneralError(t("error_occurred"));
+    }
+  }
+
+  return (
+    <div className={cn("flex flex-col space-y-6")}>
+      <div className="space-y-2 text-center">
+        <h1 className="text-3xl font-semibold">{t("Verify email")}</h1>
+        <p className="text-muted-foreground">
+          {t("We've sent a verification code to your email address: {email}", {
+            email,
+          })}
+        </p>
+      </div>
+
+      <div className="grid gap-6">
+        {generalError && (
+          <div className="flex gap-2 p-3 bg-red-50 border border-red-200 rounded-lg">
+            <AlertCircle className="w-4 h-4 text-red-600 flex-shrink-0 mt-0.5" />
+            <p className="text-sm text-red-600">{generalError}</p>
+          </div>
+        )}
+
+        <form onSubmit={form.handleSubmit(onSubmit)} className="grid gap-5">
+          <FieldGroup className="w-full mx-auto">
+            <Controller
+              name="code"
+              control={form.control}
+              render={({ field, fieldState }) => (
+                <Field className="w-full" data-invalid={fieldState.invalid}>
+                  <InputOTP
+                    {...field}
+                    className="mx-auto w-full"
+                    maxLength={6}
+                    autoFocus={true}
+                    inputMode="text"
+                  >
+                    <InputOTPGroup className="mx-auto">
+                      <InputOTPSlot index={0} />
+                      <InputOTPSlot index={1} />
+                      <InputOTPSlot index={2} />
+                      <InputOTPSlot index={3} />
+                      <InputOTPSlot index={4} />
+                      <InputOTPSlot index={5} />
+                    </InputOTPGroup>
+                  </InputOTP>
+                  {fieldState.invalid && (
+                    <FieldError errors={[fieldState.error]} />
+                  )}
+                </Field>
+              )}
+            />
+          </FieldGroup>
+
+          <Button disabled={form.formState.isSubmitting} className="w-full">
+            {form.formState.isSubmitting
+              ? t("Please wait...")
+              : t("Verify Email")}
+            {form.formState.isSubmitting && <Loader variant="dark" />}
+          </Button>
+        </form>
+      </div>
+    </div>
+  );
+}
+
+const resendEmailInitialState = {
+  message: "",
+};
+
+export function ResendEmailVerificationCodeForm() {
+  const { t } = useTranslation();
+  const [state, action, isPending] = useActionState(
+    resendEmailVerificationCodeAction,
+    resendEmailInitialState,
+  );
+
+  useEffect(() => {
+    if (state.message) {
+      toast.success(state.message);
+    }
+  }, [state]);
+
+  return (
+    <form action={action}>
+      <Button disabled={isPending} variant="ghost" className="w-full">
+        {isPending ? t("Please wait...") : t("Resend verification email")}
+        {isPending && <Loader variant="default" />}
+      </Button>
+    </form>
+  );
+}

package/src/ui/verify-email/page.tsx

@@ -0,0 +1,36 @@
+import {
+  getCurrentSession,
+  getUserEmailVerificationRequestFromRequest,
+} from "@arch-cadre/core/server";
+import { redirect } from "next/navigation";
+import * as React from "react";
+
+import {
+  EmailVerificationForm,
+  ResendEmailVerificationCodeForm,
+} from "./components.js";
+
+export default async function Page() {
+  const { user } = await getCurrentSession();
+
+  if (user === null) {
+    return redirect("/signin");
+  }
+
+  // TODO: Ideally we'd sent a new verification email automatically if the previous one is expired,
+  // but we can't set cookies inside server components.
+  const verificationRequest =
+    await getUserEmailVerificationRequestFromRequest();
+
+  if (verificationRequest === null && user.emailVerifiedAt) {
+    return redirect("/?verified");
+  }
+
+  return (
+    <div className="space-y-3">
+      <EmailVerificationForm email={verificationRequest?.email ?? user.email} />
+
+      <ResendEmailVerificationCodeForm />
+    </div>
+  );
+}

package/src/validation.ts

@@ -0,0 +1,61 @@
+import { z } from "zod";
+
+// Auth validation schemas - CLEAN (No DB dependencies for client-side)
+export const loginSchema = z.object({
+  email: z.string().email("Invalid email address"),
+  password: z.string().min(8),
+  remember: z.boolean().optional(),
+});
+
+export const registerSchema = z.object({
+  username: z.string().min(2, "Name must be at least 2 characters"),
+  email: z.string().email("Invalid email address"),
+  password: z.string().min(8, "Password must be at least 8 characters"),
+  terms: z.boolean().refine((val) => val === true, "You must accept the terms"),
+});
+
+export const forgotPasswordSchema = z.object({
+  email: z.string().email("Invalid email address"),
+});
+
+export const resetPasswordSchema = z
+  .object({
+    password: z.string().min(8, "Password must be at least 8 characters"),
+    confirm: z.string(),
+  })
+  .refine((data) => data.password === data.confirm, {
+    message: "Passwords do not match",
+    path: ["confirm"],
+  });
+
+export const verifyEmailSchema = z.object({
+  code: z.string().min(6).max(6),
+});
+
+// mfa validation schemas
+export const totpSetupSchema = z.object({
+  code: z.string().regex(/^\d{6}$/, "Code must be 6 digits"),
+});
+
+export const totpVerifySchema = z.object({
+  code: z.string().regex(/^\d{6}$/, "Code must be 6 digits"),
+});
+
+export const passkeysSetupSchema = z.object({
+  name: z.string().min(1, "Passkey name is required"),
+});
+
+export const recoveryCodeVerifySchema = z.object({
+  code: z.string().min(16, "Recovery code is required").max(16),
+});
+
+// Type exports for use in components
+export type LoginInput = z.infer<typeof loginSchema>;
+export type RegisterInput = z.infer<typeof registerSchema>;
+export type ForgotPasswordInput = z.infer<typeof forgotPasswordSchema>;
+export type ResetPasswordInput = z.infer<typeof resetPasswordSchema>;
+export type TOTPSetupInput = z.infer<typeof totpSetupSchema>;
+export type TOTPVerifyInput = z.infer<typeof totpVerifySchema>;
+export type PasskeysSetupInput = z.infer<typeof passkeysSetupSchema>;
+export type VerifyEmailInput = z.infer<typeof verifyEmailSchema>;
+export type RecoveryVerifyInput = z.infer<typeof recoveryCodeVerifySchema>;