@authhero/react-admin 0.12.0 → 0.14.0

package/CHANGELOG.md

@@ -1,5 +1,19 @@
 # @authhero/react-admin
 
+## 0.14.0
+
+### Minor Changes
+
+- 63f9c89: Remove requirement for password users to have verified emails
+- 63f9c89: Fix the listing of logs for a user
+
+## 0.13.0
+
+### Minor Changes
+
+- 0f8e4e8: Change from main to control plane
+- 3a180df: Fix organization names for main tenant
+
 ## 0.12.0
 
 ### Minor Changes

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@authhero/react-admin",
-  "version": "0.12.0",
+  "version": "0.14.0",
   "private": false,
   "repository": {
     "type": "git",

package/src/auth0DataProvider.ts

@@ -205,29 +205,7 @@ export default (
           resourceKey: "organizations",
           idKey: "id",
         },
-        logs: {
-          fetch: (client) => {
-            // Build the query string, combining search query and IP filter
-            let query = params.filter?.q || "";
-            if (params.filter?.ip) {
-              const ipQuery = `ip:${params.filter.ip}`;
-              query = query ? `${query} AND ${ipQuery}` : ipQuery;
-            }
-
-            return client.logs.list({
-              page: page - 1,
-              per_page: perPage,
-              q: query || undefined,
-              sort:
-                field && order
-                  ? `${field}:${order === "DESC" ? "-1" : "1"}`
-                  : undefined,
-              include_totals: true,
-            });
-          },
-          resourceKey: "logs",
-          idKey: "log_id",
-        },
+        // Logs removed from SDK handlers - using HTTP directly for full control
         rules: {
           fetch: (client) => client.rules.list(),
           resourceKey: "rules",
@@ -257,9 +235,9 @@ export default (
         },
       };
 
-      // Handle SDK resources
+      // Handle SDK resources (only for top-level resources, not nested paths like users/{id}/roles)
       const handler = sdkHandlers[resource];
-      if (handler) {
+      if (handler && !resourcePath.includes("/")) {
         const result = await handler.fetch(managementClient);
         const { data, total } = normalizeSDKResponse(
           result,
@@ -285,6 +263,35 @@ export default (
         );
       }
 
+      // Handle logs with direct HTTP for full control over query params
+      if (resource === "logs") {
+        const headers = createHeaders(tenantId);
+        const query: any = {
+          include_totals: true,
+          page: page - 1,
+          per_page: perPage,
+          sort:
+            field && order
+              ? `${field}:${order === "DESC" ? "-1" : "1"}`
+              : undefined,
+          ...params.filter, // Pass all filter params directly (q, from, etc.)
+        };
+        const url = `${apiUrl}/api/v2/logs?${stringify(query)}`;
+
+        const res = await httpClient(url, { headers });
+        const response = res.json;
+        const logsData = response.logs || response || [];
+        const logsArray = Array.isArray(logsData) ? logsData : [];
+
+        return {
+          data: logsArray.map((log: any) => ({
+            id: log.log_id || log.id,
+            ...log,
+          })),
+          total: response.total || logsArray.length,
+        };
+      }
+
       // Handle stats/daily endpoint
       if (resourcePath === "stats/daily") {
         const headers = createHeaders(tenantId);
@@ -704,9 +711,10 @@ export default (
         };
       }
 
-      // Logs filtered by user_id
+      // Logs filtered by user_id - use direct HTTP for full control
       if (resource === "logs" && params.target === "user_id") {
-        const result = await managementClient.logs.list({
+        const headers = createHeaders(tenantId);
+        const query = {
           page: page - 1,
           per_page: perPage,
           q: `user_id:${params.id}`,
@@ -715,12 +723,21 @@ export default (
               ? `${field}:${order === "DESC" ? "-1" : "1"}`
               : undefined,
           include_totals: true,
-        });
+          ...params.filter, // Allow additional filters to be passed through
+        };
+        const url = `${apiUrl}/api/v2/logs?${stringify(query)}`;
+
+        const res = await httpClient(url, { headers });
+        const response = res.json;
+        const logsData = response.logs || response || [];
+        const logsArray = Array.isArray(logsData) ? logsData : [];
 
-        const normalized = normalizeSDKResponse(result, "logs");
         return {
-          data: normalized.data.map((log: any) => ({ id: log.log_id, ...log })),
-          total: normalized.total,
+          data: logsArray.map((log: any) => ({
+            id: log.log_id || log.id,
+            ...log,
+          })),
+          total: response.total || logsArray.length,
         };
       }
 

package/src/authProvider.ts

@@ -196,12 +196,35 @@ export const createManagementClient = async (
       const orgAuth0Client = createAuth0ClientForOrg(domainForAuth, tenantId);
       const audience =
         import.meta.env.VITE_AUTH0_AUDIENCE || "urn:authhero:management";
-      token = await orgAuth0Client.getTokenSilently({
-        authorizationParams: {
-          audience,
-          organization: tenantId,
-        },
-      });
+      try {
+        token = await orgAuth0Client.getTokenSilently({
+          authorizationParams: {
+            audience,
+            organization: tenantId,
+          },
+        });
+      } catch (error) {
+        // If silent token acquisition fails, redirect to login with org
+        // Get the base auth0 client to get the user's email for login hint
+        const baseClient = createAuth0Client(domainForAuth);
+        const user = await baseClient.getUser().catch(() => null);
+
+        // Redirect to login with organization
+        await orgAuth0Client.loginWithRedirect({
+          authorizationParams: {
+            organization: tenantId,
+            login_hint: user?.email,
+          },
+          appState: {
+            returnTo: window.location.pathname,
+          },
+        });
+
+        // This won't be reached as loginWithRedirect redirects the page
+        throw new Error(
+          `Redirecting to login for organization ${tenantId}`,
+        );
+      }
     } else {
       // For token/client_credentials, use getOrganizationToken
       token = await getOrganizationToken(domainConfig, tenantId);
@@ -751,6 +774,16 @@ export const createOrganizationHttpClient = (organizationId: string) => {
         })
         .then((token) => {
           const headersObj = new Headers();
+          // Merge any headers passed in options
+          if (options.headers) {
+            const incomingHeaders =
+              options.headers instanceof Headers
+                ? options.headers
+                : new Headers(options.headers as HeadersInit);
+            incomingHeaders.forEach((value, key) => {
+              headersObj.set(key, value);
+            });
+          }
           headersObj.set("Authorization", `Bearer ${token}`);
           const method = (options.method || "GET").toUpperCase();
           if (method === "POST" || method === "PATCH") {
@@ -819,7 +852,7 @@ export const createOrganizationHttpClient = (organizationId: string) => {
             organization: organizationId,
           },
         })
-        .catch(async (error) => {
+        .catch(async (_error) => {
           // If silent token acquisition fails, we need to redirect to login with org
           // Get the base auth0 client to get the user's email for login hint
           const baseClient = createAuth0Client(selectedDomain);
@@ -843,6 +876,16 @@ export const createOrganizationHttpClient = (organizationId: string) => {
         })
         .then((token) => {
           const headersObj = new Headers();
+          // Merge any headers passed in options
+          if (options.headers) {
+            const incomingHeaders =
+              options.headers instanceof Headers
+                ? options.headers
+                : new Headers(options.headers as HeadersInit);
+            incomingHeaders.forEach((value, key) => {
+              headersObj.set(key, value);
+            });
+          }
           headersObj.set("Authorization", `Bearer ${token}`);
           const method = (options.method || "GET").toUpperCase();
           if (method === "POST" || method === "PATCH") {

package/src/components/clients/edit.tsx

@@ -55,7 +55,7 @@ import EditIcon from "@mui/icons-material/Edit";
 import DragIndicatorIcon from "@mui/icons-material/DragIndicator";
 import ArrowUpwardIcon from "@mui/icons-material/ArrowUpward";
 import ArrowDownwardIcon from "@mui/icons-material/ArrowDownward";
-import { authorizedHttpClient } from "../../authProvider";
+import { createOrganizationHttpClient } from "../../authProvider";
 import {
   getDomainFromStorage,
   getSelectedDomainFromStorage,
@@ -864,8 +864,10 @@ const ConnectionsTab = () => {
     setLoading(true);
     try {
       // Fetch enabled connections from the new API endpoint
+      // Use organization-scoped HTTP client to ensure proper org_id in token
       const baseUrl = getApiBaseUrl();
-      const response = await authorizedHttpClient(
+      const orgHttpClient = createOrganizationHttpClient(tenantId);
+      const response = await orgHttpClient(
         `${baseUrl}/api/v2/clients/${clientId}/connections`,
         {
           method: "GET",
@@ -926,8 +928,10 @@ const ConnectionsTab = () => {
 
     setSaving(true);
     try {
+      // Use organization-scoped HTTP client to ensure proper org_id in token
       const baseUrl = getApiBaseUrl();
-      await authorizedHttpClient(
+      const orgHttpClient = createOrganizationHttpClient(tenantId);
+      await orgHttpClient(
         `${baseUrl}/api/v2/clients/${clientId}/connections`,
         {
           method: "PATCH",

package/src/components/settings/edit.tsx

@@ -126,6 +126,11 @@ export function SettingsEdit() {
 
         <TabbedForm.Tab label="Feature Flags">
           <Stack spacing={2}>
+            <BooleanInput
+              source="allow_organization_name_in_authentication_api"
+              label="Allow Organization Name in Authentication API"
+              helperText="Allow using organization names (instead of IDs) in the /authorize endpoint and include org_name claim in tokens"
+            />
             <BooleanInput
               source="flags.allow_legacy_delegation_grant_types"
               label="Allow Legacy Delegation Grant Types"

package/src/components/users/create.tsx

@@ -6,6 +6,7 @@ import {
   SelectInput,
   useGetList,
   FormDataConsumer,
+  BooleanInput,
 } from "react-admin";
 import { useState } from "react";
 
@@ -101,6 +102,11 @@ export function UserCreate() {
                       validate={[required()]}
                       helperText="Password for the user account"
                     />
+                    <BooleanInput
+                      source="email_verified"
+                      label="Email Verified"
+                      defaultValue={false}
+                    />
                   </>
                 );
               }

package/src/components/users/edit.tsx

@@ -12,6 +12,7 @@ import {
   TextInput,
   FunctionField,
   BooleanField,
+  BooleanInput,
   ArrayField,
   SimpleShowLayout,
   useNotify,
@@ -1444,6 +1445,7 @@ export function UserEdit() {
             >
               <TextField source="connection" />
             </Labeled>
+            <BooleanInput source="email_verified" label="Email Verified" />
           </Stack>
           <TextInput source="picture" />
           <ArrayField source="identities">