@artatol-acp/auth-nextjs 0.1.1 → 0.3.1

package/README.md

@@ -10,6 +10,19 @@ npm install @artatol-acp/auth-nextjs
 pnpm add @artatol-acp/auth-nextjs
 ```
 
+## Prerequisites
+
+Before using this SDK, you need to obtain from the ACP AUTH service:
+
+1. **API Key** (required) - Contact your system administrator
+2. **Base URL** (required) - The auth service URL (e.g., `https://sso.artatol.net`)
+3. **JWT Public Key** (optional) - Only needed for local JWT verification with `getUser()`. Download it from:
+   ```bash
+   curl https://sso.artatol.net/public-key > public.pem
+   ```
+
+   **Note:** Without the public key, you can still use all auth operations (login, register, logout, 2FA, password reset, etc.), but you must use the `me()` function instead of `getUser()` for user verification, which makes an API call to the auth service.
+
 ## Setup
 
 ### 1. Initialize Server-side
@@ -24,6 +37,7 @@ const publicKey = readFileSync('./keys/public.pem', 'utf-8');
 
 export const auth = initACPAuth({
   baseUrl: process.env.ACP_AUTH_URL || 'https://sso.artatol.com',
+  apiKey: process.env.ACP_AUTH_API_KEY!,
   jwtPublicKey: publicKey,
 });
 ```
@@ -118,7 +132,8 @@ export async function registerAction(formData: FormData) {
   const password = formData.get('password') as string;
 
   await register(email, password);
-  redirect('/login');
+  // User will receive verification email
+  redirect('/check-email');
 }
 
 export async function logoutAction() {
@@ -171,6 +186,7 @@ import { ACPAuthClient } from '@artatol-acp/auth-nextjs/server';
 
 const client = new ACPAuthClient({
   baseUrl: process.env.ACP_AUTH_URL!,
+  apiKey: process.env.ACP_AUTH_API_KEY!,
 });
 
 export async function POST(request: Request) {
@@ -182,10 +198,125 @@ export async function POST(request: Request) {
 }
 ```
 
+## Password Requirements
+
+Passwords must meet the following requirements:
+- Minimum 10 characters
+- At least one lowercase letter (a-z)
+- At least one uppercase letter (A-Z)
+- At least one number (0-9)
+
+```typescript
+// Example validation on the client side
+function validatePassword(password: string): string[] {
+  const errors: string[] = [];
+
+  if (password.length < 10) {
+    errors.push('Password must be at least 10 characters');
+  }
+  if (!/[a-z]/.test(password)) {
+    errors.push('Password must contain at least one lowercase letter');
+  }
+  if (!/[A-Z]/.test(password)) {
+    errors.push('Password must contain at least one uppercase letter');
+  }
+  if (!/[0-9]/.test(password)) {
+    errors.push('Password must contain at least one number');
+  }
+
+  return errors;
+}
+```
+
+## Email Verification
+
+After registration, users must verify their email address before they can log in. The auth service automatically sends a verification email upon registration.
+
+### Verification Flow
+
+1. User registers → receives verification email
+2. User clicks link in email → email is verified
+3. User can now log in
+
+### Server Actions
+
+```typescript
+'use server';
+
+import { verifyEmail, resendVerificationEmail } from '@artatol-acp/auth-nextjs/server';
+import { redirect } from 'next/navigation';
+
+export async function verifyEmailAction(token: string) {
+  try {
+    await verifyEmail(token);
+    redirect('/login?verified=true');
+  } catch (error) {
+    redirect('/verification-error');
+  }
+}
+
+export async function resendVerificationAction(email: string) {
+  await resendVerificationEmail(email);
+  // Always succeeds to prevent email enumeration
+  return { message: 'If the email exists, a verification link has been sent' };
+}
+```
+
+### Client Component Example
+
+```typescript
+'use client';
+
+import { useAuth } from '@artatol-acp/auth-nextjs/client';
+
+export function ResendVerificationButton({ email }: { email: string }) {
+  const { resendVerification } = useAuth();
+  const [sent, setSent] = useState(false);
+
+  const handleResend = async () => {
+    await resendVerification(email);
+    setSent(true);
+  };
+
+  return (
+    <button onClick={handleResend} disabled={sent}>
+      {sent ? 'Email Sent' : 'Resend Verification Email'}
+    </button>
+  );
+}
+```
+
+### Handling Unverified Users
+
+When an unverified user tries to log in, they will receive an error:
+
+```typescript
+export async function loginAction(formData: FormData) {
+  const email = formData.get('email') as string;
+  const password = formData.get('password') as string;
+
+  try {
+    const result = await login(email, password);
+
+    if ('requiresTwoFactor' in result) {
+      return { requires2FA: true, tempToken: result.tempToken };
+    }
+
+    redirect('/dashboard');
+  } catch (error: any) {
+    if (error.message?.includes('Email not verified')) {
+      return { error: 'Please verify your email before logging in' };
+    }
+    throw error;
+  }
+}
+```
+
 ## Environment Variables
 
 ```env
 ACP_AUTH_URL=https://sso.artatol.com
+ACP_AUTH_API_KEY=your-api-key-here
 NEXT_PUBLIC_ACP_AUTH_URL=https://sso.artatol.com
 ```
 
@@ -200,7 +331,9 @@ NEXT_PUBLIC_ACP_AUTH_URL=https://sso.artatol.com
 - `refreshAccessToken()` - Refresh access token using refresh token cookie
 - `login(email, password)` - Login user
 - `logout()` - Logout user
-- `register(email, password)` - Register new user
+- `register(email, password)` - Register new user (sends verification email)
+- `verifyEmail(token)` - Verify user's email address
+- `resendVerificationEmail(email)` - Resend verification email
 
 ### Client Hooks
 
@@ -210,6 +343,148 @@ NEXT_PUBLIC_ACP_AUTH_URL=https://sso.artatol.com
 
 - `createACPAuthMiddleware(options)` - Create middleware for route protection
 
+## 2FA (Two-Factor Authentication)
+
+### Setup 2FA
+
+```typescript
+'use server';
+
+import { ACPAuthClient } from '@artatol-acp/auth-nextjs/server';
+
+export async function setup2FAAction(password: string) {
+  const client = new ACPAuthClient({
+    baseUrl: process.env.ACP_AUTH_URL!,
+    apiKey: process.env.ACP_AUTH_API_KEY!,
+  });
+
+  const accessToken = // ... get from session/cookie
+
+  const { secret, qrCodeUrl, recoveryCodes } = await client.setup2FA(
+    { password },
+    accessToken
+  );
+
+  return { qrCodeUrl, recoveryCodes };
+}
+```
+
+### Verify 2FA Setup
+
+```typescript
+'use server';
+
+export async function verify2FAAction(code: string) {
+  const client = new ACPAuthClient({
+    baseUrl: process.env.ACP_AUTH_URL!,
+    apiKey: process.env.ACP_AUTH_API_KEY!,
+  });
+
+  const accessToken = // ... get from session/cookie
+
+  await client.verify2FA({ code }, accessToken);
+}
+```
+
+### Complete 2FA Login Flow
+
+```typescript
+'use server';
+
+import { login } from '@artatol-acp/auth-nextjs/server';
+
+export async function loginAction(email: string, password: string) {
+  const result = await login(email, password);
+
+  if ('requiresTwoFactor' in result) {
+    // User has 2FA enabled
+    return {
+      requires2FA: true,
+      tempToken: result.tempToken,
+    };
+  }
+
+  // Regular login successful
+  return { success: true };
+}
+
+export async function complete2FALogin(tempToken: string, code: string) {
+  const client = new ACPAuthClient({
+    baseUrl: process.env.ACP_AUTH_URL!,
+    apiKey: process.env.ACP_AUTH_API_KEY!,
+  });
+
+  const result = await client.verify2FALogin({ tempToken, code });
+  // Set cookies, etc.
+  return result;
+}
+```
+
+### Disable 2FA
+
+```typescript
+'use server';
+
+export async function disable2FAAction(password: string, code: string) {
+  const client = new ACPAuthClient({
+    baseUrl: process.env.ACP_AUTH_URL!,
+    apiKey: process.env.ACP_AUTH_API_KEY!,
+  });
+
+  const accessToken = // ... get from session/cookie
+
+  await client.disable2FA({ password, code }, accessToken);
+}
+```
+
+## Health Check
+
+To check if the auth service is available:
+
+```typescript
+import { ACPAuthClient } from '@artatol-acp/auth-nextjs/server';
+
+const client = new ACPAuthClient({
+  baseUrl: process.env.ACP_AUTH_URL!,
+  apiKey: process.env.ACP_AUTH_API_KEY!,
+});
+
+const health = await client.health();
+console.log(health); // { status: 'ok', timestamp: '...' }
+```
+
+## Error Handling
+
+```typescript
+import { ACPAuthError } from '@artatol-acp/auth-js';
+
+try {
+  await login(email, password);
+} catch (error) {
+  if (error instanceof ACPAuthError) {
+    console.error('Auth error:', error.message);
+    console.error('Status code:', error.statusCode);
+
+    if (error.statusCode === 401) {
+      // Invalid credentials
+    } else if (error.statusCode === 429) {
+      // Rate limited
+    }
+  } else {
+    console.error('Unexpected error:', error);
+  }
+}
+```
+
+### Common Error Codes
+
+| Status Code | Meaning |
+|-------------|---------|
+| 401 | Unauthorized (invalid credentials or token) |
+| 403 | Forbidden (email not verified, account locked) |
+| 429 | Too Many Requests (rate limited) |
+| 500 | Internal Server Error |
+
 ## License
 
 MIT

package/dist/client/index.d.ts

@@ -1,4 +1,4 @@
-import type { User } from '@artatol-acp/auth-js';
+import { type User } from '@artatol-acp/auth-js';
 import { type ReactNode } from 'react';
 export type ACPAuthContextValue = {
     user: User | null;
@@ -6,6 +6,7 @@ export type ACPAuthContextValue = {
     login: (email: string, password: string) => Promise<void>;
     logout: () => Promise<void>;
     refresh: () => Promise<void>;
+    resendVerification: (email: string) => Promise<void>;
 };
 export type ACPAuthProviderProps = {
     children: ReactNode;
@@ -15,3 +16,4 @@ export declare function ACPAuthProvider({ children, baseUrl }: ACPAuthProviderPr
 export declare function useAuth(): ACPAuthContextValue;
 export { ACPAuthClient } from '@artatol-acp/auth-js';
 export type * from '@artatol-acp/auth-js';
+//# sourceMappingURL=index.d.ts.map

package/dist/client/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.tsx"],"names":[],"mappings":"AAGA,OAAO,EAAiB,KAAK,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAChE,OAAO,EAAkD,KAAK,SAAS,EAAE,MAAM,OAAO,CAAC;AAEvF,MAAM,MAAM,mBAAmB,GAAG;IAChC,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1D,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B,kBAAkB,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACtD,CAAC;AAIF,MAAM,MAAM,oBAAoB,GAAG;IACjC,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,wBAAgB,eAAe,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,oBAAoB,2CA8C1E;AAED,wBAAgB,OAAO,IAAI,mBAAmB,CAM7C;AAGD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,mBAAmB,sBAAsB,CAAC"}

package/dist/client/index.jsx

@@ -6,7 +6,7 @@ const ACPAuthContext = createContext(null);
 export function ACPAuthProvider({ children, baseUrl }) {
     const [user, setUser] = useState(null);
     const [isLoading, setIsLoading] = useState(true);
-    const [client] = useState(() => new ACPAuthClient({ baseUrl }));
+    const [client] = useState(() => new ACPAuthClient({ baseUrl, apiKey: '' }));
     const refresh = async () => {
         try {
             await client.refresh();
@@ -30,11 +30,14 @@ export function ACPAuthProvider({ children, baseUrl }) {
         await client.logout();
         setUser(null);
     };
+    const resendVerification = async (email) => {
+        await client.resendVerificationEmail({ email });
+    };
     useEffect(() => {
         // Try to restore session on mount
         refresh().finally(() => setIsLoading(false));
     }, []);
-    return (<ACPAuthContext.Provider value={{ user, isLoading, login, logout, refresh }}>
+    return (<ACPAuthContext.Provider value={{ user, isLoading, login, logout, refresh, resendVerification }}>
       {children}
     </ACPAuthContext.Provider>);
 }
@@ -47,3 +50,4 @@ export function useAuth() {
 }
 // Re-export client for direct use
 export { ACPAuthClient } from '@artatol-acp/auth-js';
+//# sourceMappingURL=index.jsx.map

package/dist/client/index.jsx.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.jsx","sourceRoot":"","sources":["../../src/client/index.tsx"],"names":[],"mappings":"AAAA,6BAA6B;AAC7B,YAAY,CAAC;AAEb,OAAO,EAAE,aAAa,EAAa,MAAM,sBAAsB,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAkB,MAAM,OAAO,CAAC;AAWvF,MAAM,cAAc,GAAG,aAAa,CAA6B,IAAI,CAAC,CAAC;AAOvE,MAAM,UAAU,eAAe,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAwB;IACzE,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAc,IAAI,CAAC,CAAC;IACpD,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC,IAAI,aAAa,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAE5E,MAAM,OAAO,GAAG,KAAK,IAAI,EAAE;QACzB,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,OAAO,EAAE,CAAC;YACvB,iDAAiD;YACjD,kDAAkD;YAClD,4CAA4C;QAC9C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,CAAC;QAChB,CAAC;IACH,CAAC,CAAC;IAEF,MAAM,KAAK,GAAG,KAAK,EAAE,KAAa,EAAE,QAAgB,EAAE,EAAE;QACtD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;QAEvD,IAAI,mBAAmB,IAAI,MAAM,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAClC,CAAC;QAED,8BAA8B;QAC9B,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC,CAAC;IAEF,MAAM,MAAM,GAAG,KAAK,IAAI,EAAE;QACxB,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,IAAI,CAAC,CAAC;IAChB,CAAC,CAAC;IAEF,MAAM,kBAAkB,GAAG,KAAK,EAAE,KAAa,EAAE,EAAE;QACjD,MAAM,MAAM,CAAC,uBAAuB,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IAClD,CAAC,CAAC;IAEF,SAAS,CAAC,GAAG,EAAE;QACb,kCAAkC;QAClC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC;IAC/C,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,OAAO,CACL,CAAC,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC,CAC9F;MAAA,CAAC,QAAQ,CACX;IAAA,EAAE,cAAc,CAAC,QAAQ,CAAC,CAC3B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,OAAO;IACrB,MAAM,OAAO,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC;IAC3C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,kCAAkC;AAClC,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/index.d.ts

@@ -1,3 +1,3 @@
-export * from './server/index.js';
-export * from './client/index.js';
-export * from './middleware.js';
+export { ACPAuthClient } from '@artatol-acp/auth-js';
+export type * from '@artatol-acp/auth-js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,mBAAmB,sBAAsB,CAAC"}

package/dist/index.js

@@ -1,3 +1,3 @@
-export * from './server/index.js';
-export * from './client/index.js';
-export * from './middleware.js';
+// This is the main entry point, but most users will import from /server, /client, or /middleware
+export { ACPAuthClient } from '@artatol-acp/auth-js';
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,iGAAiG;AACjG,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/middleware.d.ts

@@ -5,3 +5,4 @@ export type ACPAuthMiddlewareOptions = {
     loginPath?: string;
 };
 export declare function createACPAuthMiddleware(options: ACPAuthMiddlewareOptions): (request: NextRequest) => Promise<NextResponse<unknown>>;
+//# sourceMappingURL=middleware.d.ts.map

package/dist/middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAGxD,MAAM,MAAM,wBAAwB,GAAG;IACrC,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAIF,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,wBAAwB,IAO/B,SAAS,WAAW,oCAuC7D"}

package/dist/middleware.js

@@ -6,7 +6,7 @@ export function createACPAuthMiddleware(options) {
     return async function acpAuthMiddleware(request) {
         const { pathname } = request.nextUrl;
         // Allow public paths
-        if (publicPaths.some(path => pathname.startsWith(path))) {
+        if (publicPaths.some((path) => pathname.startsWith(path))) {
             return NextResponse.next();
         }
         // Check for access token
@@ -38,3 +38,4 @@ export function createACPAuthMiddleware(options) {
         }
     };
 }
+//# sourceMappingURL=middleware.js.map

package/dist/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAe,YAAY,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAgB,MAAM,MAAM,CAAC;AAQ3D,IAAI,SAAS,GAAmB,IAAI,CAAC;AAErC,MAAM,UAAU,uBAAuB,CAAC,OAAiC;IACvE,MAAM,EACJ,YAAY,EACZ,WAAW,GAAG,CAAC,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE,iBAAiB,CAAC,EAC5E,SAAS,GAAG,QAAQ,GACrB,GAAG,OAAO,CAAC;IAEZ,OAAO,KAAK,UAAU,iBAAiB,CAAC,OAAoB;QAC1D,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;QAErC,qBAAqB;QACrB,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YAC1D,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAED,yBAAyB;QACzB,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC;QAE/D,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,oBAAoB;YACpB,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACpC,GAAG,CAAC,QAAQ,GAAG,SAAS,CAAC;YACzB,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACvC,OAAO,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACpC,CAAC;QAED,sBAAsB;QACtB,IAAI,CAAC;YACH,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,SAAS,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;YACtD,CAAC;YAED,MAAM,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE;gBACtC,UAAU,EAAE,CAAC,OAAO,CAAC;aACtB,CAAC,CAAC;YAEH,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,gCAAgC;YAChC,6BAA6B;YAC7B,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACpC,GAAG,CAAC,QAAQ,GAAG,SAAS,CAAC;YACzB,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACvC,OAAO,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACpC,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}

package/dist/server/index.d.ts

@@ -1,6 +1,7 @@
 import { ACPAuthClient, type User, type LoginResult } from '@artatol-acp/auth-js';
 export type ACPAuthServerOptions = {
     baseUrl: string;
+    apiKey: string;
     jwtPublicKey: string;
 };
 export declare function initACPAuth(options: ACPAuthServerOptions): ACPAuthClient;
@@ -10,6 +11,13 @@ export declare function refreshAccessToken(): Promise<string | null>;
 export declare function login(email: string, password: string): Promise<LoginResult>;
 export declare function logout(): Promise<void>;
 export declare function register(email: string, password: string): Promise<User>;
+export declare function verifyEmail(token: string): Promise<{
+    message: string;
+}>;
+export declare function resendVerificationEmail(email: string): Promise<{
+    message: string;
+}>;
 export declare function me(): Promise<User | null>;
 export { ACPAuthClient } from '@artatol-acp/auth-js';
 export type * from '@artatol-acp/auth-js';
+//# sourceMappingURL=index.d.ts.map

package/dist/server/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,KAAK,IAAI,EAAE,KAAK,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAGlF,MAAM,MAAM,oBAAoB,GAAG;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAMF,wBAAgB,WAAW,CAAC,OAAO,EAAE,oBAAoB,GAAG,aAAa,CAOxE;AAqBD,wBAAsB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAepE;AAED,wBAAsB,OAAO,IAAI,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAapD;AAED,wBAAsB,kBAAkB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAoBjE;AAED,wBAAsB,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAiBjF;AAED,wBAAsB,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,CAW5C;AAED,wBAAsB,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAG7E;AAED,wBAAsB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;IAAE,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAG7E;AAED,wBAAsB,uBAAuB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;IAAE,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAGzF;AAED,wBAAsB,EAAE,IAAI,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAe/C;AAGD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,mBAAmB,sBAAsB,CAAC"}

package/dist/server/index.js

@@ -6,7 +6,10 @@ let publicKey = null;
 let config = null;
 export function initACPAuth(options) {
     config = options;
-    authClient = new ACPAuthClient({ baseUrl: options.baseUrl });
+    authClient = new ACPAuthClient({
+        baseUrl: options.baseUrl,
+        apiKey: options.apiKey,
+    });
     return authClient;
 }
 async function getPublicKey() {
@@ -103,6 +106,14 @@ export async function register(email, password) {
     const client = getClient();
     return await client.register({ email, password });
 }
+export async function verifyEmail(token) {
+    const client = getClient();
+    return await client.verifyEmail({ token });
+}
+export async function resendVerificationEmail(email) {
+    const client = getClient();
+    return await client.resendVerificationEmail({ email });
+}
 export async function me() {
     const cookieStore = await cookies();
     const accessToken = cookieStore.get('access_token')?.value;
@@ -119,3 +130,4 @@ export async function me() {
 }
 // Re-export client for direct use if needed
 export { ACPAuthClient } from '@artatol-acp/auth-js';
+//# sourceMappingURL=index.js.map

package/dist/server/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,aAAa,EAA+B,MAAM,sBAAsB,CAAC;AAClF,OAAO,EAAE,SAAS,EAAE,UAAU,EAAgB,MAAM,MAAM,CAAC;AAQ3D,IAAI,UAAU,GAAyB,IAAI,CAAC;AAC5C,IAAI,SAAS,GAAmB,IAAI,CAAC;AACrC,IAAI,MAAM,GAAgC,IAAI,CAAC;AAE/C,MAAM,UAAU,WAAW,CAAC,OAA6B;IACvD,MAAM,GAAG,OAAO,CAAC;IACjB,UAAU,GAAG,IAAI,aAAa,CAAC;QAC7B,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,MAAM,EAAE,OAAO,CAAC,MAAM;KACvB,CAAC,CAAC;IACH,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,KAAK,UAAU,YAAY;IACzB,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IAED,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,SAAS,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,SAAS;IAChB,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,KAAa;IACnD,MAAM,GAAG,GAAG,MAAM,YAAY,EAAE,CAAC;IAEjC,IAAI,CAAC;QACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE;YAC9C,UAAU,EAAE,CAAC,OAAO,CAAC;SACtB,CAAC,CAAC;QAEH,OAAO;YACL,EAAE,EAAE,OAAO,CAAC,UAAoB;YAChC,KAAK,EAAE,OAAO,CAAC,KAAe;SAC/B,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAC1C,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,OAAO;IAC3B,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC;IAE3D,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,OAAO,MAAM,iBAAiB,CAAC,WAAW,CAAC,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB;IACtC,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,IAAI,CAAC;QACH,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,EAAE,CAAC;QAE/C,8BAA8B;QAC9B,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;QACpC,WAAW,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,EAAE;YAC3C,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;YAC7C,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,EAAE,GAAG,CAAC,EAAE,YAAY;YAC5B,IAAI,EAAE,GAAG;SACV,CAAC,CAAC;QAEH,OAAO,WAAW,CAAC;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,KAAK,CAAC,KAAa,EAAE,QAAgB;IACzD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;IAEvD,IAAI,aAAa,IAAI,MAAM,EAAE,CAAC;QAC5B,0BAA0B;QAC1B,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;QACpC,WAAW,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,WAAW,EAAE;YAClD,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;YAC7C,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,EAAE,GAAG,CAAC,EAAE,YAAY;YAC5B,IAAI,EAAE,GAAG;SACV,CAAC,CAAC;IACL,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM;IAC1B,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;IACxB,CAAC;YAAS,CAAC;QACT,gBAAgB;QAChB,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;QACpC,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;QACnC,WAAW,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,KAAa,EAAE,QAAgB;IAC5D,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,OAAO,MAAM,MAAM,CAAC,QAAQ,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;AACpD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAa;IAC7C,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,OAAO,MAAM,MAAM,CAAC,WAAW,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AAC7C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,KAAa;IACzD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,OAAO,MAAM,MAAM,CAAC,uBAAuB,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AACzD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,EAAE;IACtB,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC;IAE3D,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,IAAI,CAAC;QACH,OAAO,MAAM,MAAM,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,4CAA4C;AAC5C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC"}

package/package.json

@@ -1,10 +1,9 @@
 {
   "name": "@artatol-acp/auth-nextjs",
-  "version": "0.1.1",
-  "description": "Next.js SDK for Artatol Cloud Platform Authentication",
+  "version": "0.3.1",
+  "description": "Next.js SDK for Artatol Cloud Platform Authentication with support for App Router, Server Actions, and Middleware",
   "type": "module",
   "main": "./dist/index.js",
-  "module": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "exports": {
     ".": {
@@ -16,7 +15,7 @@
       "types": "./dist/server/index.d.ts"
     },
     "./client": {
-      "import": "./dist/client/index.js",
+      "import": "./dist/client/index.jsx",
       "types": "./dist/client/index.d.ts"
     },
     "./middleware": {
@@ -27,39 +26,34 @@
   "files": [
     "dist"
   ],
-  "scripts": {
-    "build": "tsc",
-    "dev": "tsc --watch",
-    "typecheck": "tsc --noEmit"
-  },
   "keywords": [
     "acp",
     "auth",
-    "authentication",
-    "artatol",
-    "jwt",
-    "2fa",
     "nextjs",
-    "next.js"
+    "next",
+    "authentication",
+    "artatol"
   ],
   "author": "Artatol",
   "license": "MIT",
-  "dependencies": {
-    "@artatol-acp/auth-js": "workspace:*",
-    "jose": "^6.1.3"
-  },
   "peerDependencies": {
-    "next": ">=15.0.0",
-    "react": ">=18.0.0"
+    "next": "^14.0.0 || ^15.0.0",
+    "react": "^18.0.0 || ^19.0.0"
+  },
+  "dependencies": {
+    "@artatol-acp/auth-js": "^0.3.1",
+    "jose": "^5.9.6"
   },
   "devDependencies": {
-    "@types/node": "^24.10.1",
-    "@types/react": "^18.3.18",
-    "next": "^15.1.6",
-    "react": "^18.3.1",
-    "typescript": "^5.7.2"
+    "@types/react": "^18.3.0",
+    "typescript": "^5.6.3"
   },
   "publishConfig": {
     "access": "public"
+  },
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "typecheck": "tsc --noEmit"
   }
 }