@bagelink/auth 1.12.3 → 1.12.8

package/dist/routes.d.ts

@@ -1,39 +1,3 @@
-import { RouteRecordRaw } from 'vue-router';
-export interface AuthRouteConfig {
-    /** Base path for auth routes. Defaults to '/' */
-    basePath?: string;
-    /** Route names prefix. Defaults to '' */
-    namePrefix?: string;
-    /** Custom route names */
-    routeNames?: {
-        login?: string;
-        signup?: string;
-        forgotPassword?: string;
-        resetPassword?: string;
-        callback?: string;
-    };
-    /** Redirect path after successful auth. Defaults to '/' */
-    redirectTo?: string;
-    /** Custom layout wrapper component */
-    layout?: any;
-}
-/**
- * Creates auth routes for Vue Router
- *
- * @example
- * ```ts
- * import { createAuthRoutes } from '@bagelink/auth'
- *
- * const routes = [
- *   ...createAuthRoutes({
- *     basePath: '/auth',
- *     redirectTo: '/dashboard'
- *   }),
- *   // ... other routes
- * ]
- * ```
- */
-export declare function createAuthRoutes(config?: AuthRouteConfig): RouteRecordRaw[];
 /**
  * Creates a navigation guard to redirect authenticated users away from auth pages
  *

package/dist/types.d.ts

@@ -36,6 +36,74 @@ export interface TenantInfo {
     created_at: string;
     updated_at: string;
 }
+export interface CreateTenantRequest {
+    name: string;
+    slug?: string;
+    settings?: Record<string, any>;
+}
+export interface UpdateTenantRequest {
+    name?: string;
+    slug?: string;
+    settings?: Record<string, any>;
+    status?: TenantStatus;
+}
+export type MemberStatus = 'pending' | 'active' | 'inactive' | 'suspended';
+export interface TenantMember {
+    identity_id: string;
+    tenant_id: string;
+    roles: string[];
+    status: MemberStatus;
+    metadata: Record<string, any> | null;
+    created_at: string;
+    updated_at: string;
+}
+export interface AddMemberRequest {
+    identity_id: string;
+    roles?: string[];
+    status?: MemberStatus;
+}
+export interface UpdateMemberRequest {
+    roles?: string[];
+    status?: MemberStatus;
+    metadata?: Record<string, any>;
+}
+export type InvitationStatus = 'pending' | 'accepted' | 'expired' | 'revoked';
+export interface TenantInvitation {
+    id: string;
+    tenant_id: string;
+    email: string;
+    role: string;
+    status: InvitationStatus;
+    created_at: string;
+    expires_at: string | null;
+}
+export interface CreateInvitationRequest {
+    email: string;
+    role?: string;
+    message?: string;
+}
+export interface AcceptInvitationRequest {
+    first_name: string;
+    last_name: string;
+    password: string;
+}
+export type GetTenantsResponse = AxiosResponse<TenantInfo[]>;
+export type GetTenantResponse = AxiosResponse<TenantInfo>;
+export type CreateTenantResponse = AxiosResponse<TenantInfo>;
+export type UpdateTenantResponse = AxiosResponse<TenantInfo>;
+export type DeleteTenantResponse = AxiosResponse<MessageResponse>;
+export type GetTenantMembersResponse = AxiosResponse<TenantMember[]>;
+export type AddTenantMemberResponse = AxiosResponse<TenantMember>;
+export type UpdateTenantMemberResponse = AxiosResponse<TenantMember>;
+export type DeleteTenantMemberResponse = AxiosResponse<MessageResponse>;
+export type GetTenantRolesResponse = AxiosResponse<string[]>;
+export type CreateInvitationResponse = AxiosResponse<TenantInvitation>;
+export type GetInvitationResponse = AxiosResponse<{
+    email: string;
+    first_name?: string | null;
+    last_name?: string | null;
+}>;
+export type AcceptInvitationResponse = AxiosResponse<MessageResponse>;
 export type AuthenticationMethodType = 'password' | 'email_token' | 'sso' | 'otp';
 export type SSOProvider = 'google' | 'microsoft' | 'github' | 'okta' | 'apple' | 'facebook' | 'custom';
 export interface AuthenticationAccount {
@@ -298,7 +366,6 @@ export type InitiateSSOResponse = AxiosResponse<SSOInitiateResponse>;
 export type CallbackSSOResponse = AxiosResponse<SSOCallbackResponse>;
 export type LinkSSOResponse = AxiosResponse<SSOLinkResponse>;
 export type UnlinkSSOResponse = AxiosResponse<SSOUnlinkResponse>;
-export type GetTenantsResponse = AxiosResponse<TenantInfo[]>;
 export type GetAuthStatusResponse = AxiosResponse<AuthStatusResponse>;
 export type SendEmailTokenResponse = AxiosResponse<AuthenticationResponse>;
 export type VerifyEmailTokenResponse = AxiosResponse<AuthenticationResponse>;

package/dist/useAuth.d.ts

@@ -1,5 +1,5 @@
 import { App, ObjectPlugin } from 'vue';
-import { AccountInfo, User, NewUser, UpdatePasswordForm, UpdateAccountRequest, AuthEventMap, SSOProvider, SSOInitiateRequest, SSOCallbackRequest, SSOLinkRequest, TenantInfo, AuthState } from './types';
+import { AccountInfo, User, NewUser, UpdatePasswordForm, UpdateAccountRequest, AuthEventMap, SSOProvider, SSOInitiateRequest, SSOCallbackRequest, SSOLinkRequest, TenantInfo, CreateTenantRequest, UpdateTenantRequest, AddMemberRequest, UpdateMemberRequest, CreateInvitationRequest, AcceptInvitationRequest, AuthState } from './types';
 import { RedirectConfig, NormalizedRedirectConfig } from './types/redirect';
 interface InitParams {
     baseURL: string;
@@ -194,5 +194,21 @@ export declare function useAuth(): {
     loadTenants: () => Promise<TenantInfo[]>;
     setTenant: (tenantId: string | null) => void;
     switchTenant: (tenantId: string) => void;
+    createTenant: (data: CreateTenantRequest) => Promise<TenantInfo>;
+    updateTenant: (tenantId: string, data: UpdateTenantRequest) => Promise<TenantInfo>;
+    deleteTenant: (tenantId: string) => Promise<void>;
+    getTenantMembers: (tenantId: string, status?: string) => Promise<import('./types').TenantMember[]>;
+    addTenantMember: (tenantId: string, member: AddMemberRequest) => Promise<import('./types').TenantMember>;
+    updateTenantMember: (tenantId: string, identityId: string, updates: UpdateMemberRequest) => Promise<import('./types').TenantMember>;
+    activateTenantMember: (tenantId: string, identityId: string) => Promise<import('./types').TenantMember>;
+    removeTenantMember: (tenantId: string, identityId: string) => Promise<void>;
+    getTenantRoles: () => Promise<string[]>;
+    createInvitation: (data: CreateInvitationRequest) => Promise<import('./types').TenantInvitation>;
+    getInvitation: (token: string) => Promise<{
+        email: string;
+        first_name?: string | null;
+        last_name?: string | null;
+    }>;
+    acceptInvitation: (token: string, data?: AcceptInvitationRequest) => Promise<void>;
 };
 export {};

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@bagelink/auth",
   "type": "module",
-  "version": "1.12.3",
+  "version": "1.12.8",
   "description": "Bagelink auth package",
   "author": {
     "name": "Bagel Studio",

package/src/api.ts

@@ -47,6 +47,24 @@ import type {
 	LinkSSOResponse,
 	UnlinkSSOResponse,
 	GetTenantsResponse,
+	GetTenantResponse,
+	CreateTenantResponse,
+	UpdateTenantResponse,
+	DeleteTenantResponse,
+	GetTenantMembersResponse,
+	AddTenantMemberResponse,
+	UpdateTenantMemberResponse,
+	DeleteTenantMemberResponse,
+	GetTenantRolesResponse,
+	CreateInvitationResponse,
+	GetInvitationResponse,
+	AcceptInvitationResponse,
+	CreateTenantRequest,
+	UpdateTenantRequest,
+	AddMemberRequest,
+	UpdateMemberRequest,
+	CreateInvitationRequest,
+	AcceptInvitationRequest,
 } from './types'
 import { createAxiosInstance } from './utils'
 
@@ -336,4 +354,104 @@ export class AuthApi {
 	async getTenants(): Promise<GetTenantsResponse> {
 		return this.api.get('tenants')
 	}
+
+	/**
+	 * Get a single tenant by ID or slug
+	 */
+	async getTenant(idOrSlug: string): Promise<GetTenantResponse> {
+		return this.api.get(`tenants/${idOrSlug}`)
+	}
+
+	/**
+	 * Create a new tenant (caller is auto-added as admin)
+	 */
+	async createTenant(data: CreateTenantRequest): Promise<CreateTenantResponse> {
+		return this.api.post('tenants/', data)
+	}
+
+	/**
+	 * Update a tenant
+	 */
+	async updateTenant(tenantId: string, data: UpdateTenantRequest): Promise<UpdateTenantResponse> {
+		return this.api.put(`tenants/${tenantId}`, data)
+	}
+
+	/**
+	 * Delete a tenant
+	 */
+	async deleteTenant(tenantId: string): Promise<DeleteTenantResponse> {
+		return this.api.delete(`tenants/${tenantId}`)
+	}
+
+	// ============================================
+	// Tenant Member Methods
+	// ============================================
+
+	/**
+	 * List members of a tenant
+	 */
+	async getTenantMembers(tenantId: string, status?: string): Promise<GetTenantMembersResponse> {
+		return this.api.get(`tenants/${tenantId}/members`, { params: status ? { status } : undefined })
+	}
+
+	/**
+	 * Add a member to a tenant by identity_id
+	 */
+	async addTenantMember(tenantId: string, data: AddMemberRequest): Promise<AddTenantMemberResponse> {
+		return this.api.post(`tenants/${tenantId}/members`, data)
+	}
+
+	/**
+	 * Update a tenant member's roles/status/metadata
+	 */
+	async updateTenantMember(tenantId: string, identityId: string, data: UpdateMemberRequest): Promise<UpdateTenantMemberResponse> {
+		return this.api.put(`tenants/${tenantId}/members/${identityId}`, data)
+	}
+
+	/**
+	 * Activate a pending membership
+	 */
+	async activateTenantMember(tenantId: string, identityId: string): Promise<AddTenantMemberResponse> {
+		return this.api.post(`tenants/${tenantId}/members/${identityId}/activate`, {})
+	}
+
+	/**
+	 * Remove a member from a tenant
+	 */
+	async removeTenantMember(tenantId: string, identityId: string): Promise<DeleteTenantMemberResponse> {
+		return this.api.delete(`tenants/${tenantId}/members/${identityId}`)
+	}
+
+	/**
+	 * List available roles
+	 */
+	async getTenantRoles(): Promise<GetTenantRolesResponse> {
+		return this.api.get('tenants/roles')
+	}
+
+	// ============================================
+	// Invitation Methods
+	// ============================================
+
+	/**
+	 * Create an invitation for a new user to join a tenant
+	 * Requires X-Tenant-ID header (set via setTenantId)
+	 */
+	async createInvitation(data: CreateInvitationRequest): Promise<CreateInvitationResponse> {
+		return this.api.post('invitations/', data)
+	}
+
+	/**
+	 * Get invitation metadata by token (no auth required)
+	 */
+	async getInvitation(token: string): Promise<GetInvitationResponse> {
+		return this.api.get(`invitations/${token}`)
+	}
+
+	/**
+	 * Accept an invitation — creates TenantMembership for the authenticated user
+	 */
+	async acceptInvitation(token: string, data?: AcceptInvitationRequest): Promise<AcceptInvitationResponse> {
+		return this.api.post(`invitations/${token}/accept`, data ?? {})
+	}
 }

package/src/index.ts

@@ -1,19 +1,6 @@
 // Core auth functionality
 export * from './api'
-// Components
-export { default as ForgotPasswordForm } from './components/auth/ForgotPasswordForm.vue'
-export { default as LoginForm } from './components/auth/LoginForm.vue'
-export { default as ResetPasswordForm } from './components/auth/ResetPasswordForm.vue'
-
-export { default as SignupForm } from './components/auth/SignupForm.vue'
 export * from './constants'
-// Page components
-export { default as Callback } from './pages/Callback.vue'
-export { default as ForgotPasswordPage } from './pages/ForgotPasswordPage.vue'
-
-export { default as LoginPage } from './pages/LoginPage.vue'
-export { default as ResetPasswordPage } from './pages/ResetPasswordPage.vue'
-export { default as SignupPage } from './pages/SignupPage.vue'
 
 // Redirect utilities
 export * from './redirect'

package/src/routes.ts

@@ -1,99 +1,3 @@
-import type { RouteRecordRaw } from 'vue-router'
-
-export interface AuthRouteConfig {
-	/** Base path for auth routes. Defaults to '/' */
-	basePath?: string
-	/** Route names prefix. Defaults to '' */
-	namePrefix?: string
-	/** Custom route names */
-	routeNames?: {
-		login?: string
-		signup?: string
-		forgotPassword?: string
-		resetPassword?: string
-		callback?: string
-	}
-	/** Redirect path after successful auth. Defaults to '/' */
-	redirectTo?: string
-	/** Custom layout wrapper component */
-	layout?: any
-}
-
-/**
- * Creates auth routes for Vue Router
- *
- * @example
- * ```ts
- * import { createAuthRoutes } from '@bagelink/auth'
- *
- * const routes = [
- *   ...createAuthRoutes({
- *     basePath: '/auth',
- *     redirectTo: '/dashboard'
- *   }),
- *   // ... other routes
- * ]
- * ```
- */
-export function createAuthRoutes(config: AuthRouteConfig = {}): RouteRecordRaw[] {
-	const {
-		basePath = '',
-		namePrefix = '',
-		routeNames = {},
-		layout
-	} = config
-
-	const createRouteName = (name: string) => namePrefix ? `${namePrefix}${name}` : name
-
-	// Lazy load components
-	const routes: RouteRecordRaw[] = [
-		{
-			path: `${basePath}/login`,
-			name: routeNames.login || createRouteName('Login'),
-			component: () => import('./pages/LoginPage.vue'),
-			meta: { requiresAuth: false }
-		},
-		{
-			path: `${basePath}/signup`,
-			name: routeNames.signup || createRouteName('Signup'),
-			component: () => import('./pages/SignupPage.vue'),
-			meta: { requiresAuth: false }
-		},
-		{
-			path: `${basePath}/forgot-password`,
-			name: routeNames.forgotPassword || createRouteName('ForgotPassword'),
-			component: () => import('./pages/ForgotPasswordPage.vue'),
-			meta: { requiresAuth: false }
-		},
-		{
-			path: `${basePath}/reset-password`,
-			name: routeNames.resetPassword || createRouteName('ResetPassword'),
-			component: () => import('./pages/ResetPasswordPage.vue'),
-			meta: { requiresAuth: false }
-		},
-		{
-			path: `${basePath}/callback`,
-			name: routeNames.callback || createRouteName('AuthCallback'),
-			component: () => import('./pages/Callback.vue'),
-			meta: { requiresAuth: false }
-		}
-	]
-
-	// Wrap in layout if provided
-	if (layout) {
-		return [{
-			path: basePath,
-			component: layout,
-			children: routes.map(route => ({
-				...route,
-				path: route.path.replace(basePath, '')
-			}))
-		}]
-	}
-
-	return routes
-}
-
 /**
  * Creates a navigation guard to redirect authenticated users away from auth pages
  *

package/src/types.ts

@@ -56,6 +56,87 @@ export interface TenantInfo {
 	updated_at: string
 }
 
+export interface CreateTenantRequest {
+	name: string
+	slug?: string
+	settings?: Record<string, any>
+}
+
+export interface UpdateTenantRequest {
+	name?: string
+	slug?: string
+	settings?: Record<string, any>
+	status?: TenantStatus
+}
+
+// ─── Tenant Membership ────────────────────────────────────────────────────────
+
+export type MemberStatus = 'pending' | 'active' | 'inactive' | 'suspended'
+
+export interface TenantMember {
+	identity_id: string
+	tenant_id: string
+	roles: string[]
+	status: MemberStatus
+	metadata: Record<string, any> | null
+	created_at: string
+	updated_at: string
+}
+
+export interface AddMemberRequest {
+	identity_id: string
+	roles?: string[]
+	status?: MemberStatus
+}
+
+export interface UpdateMemberRequest {
+	roles?: string[]
+	status?: MemberStatus
+	metadata?: Record<string, any>
+}
+
+// ─── Invitations ──────────────────────────────────────────────────────────────
+
+export type InvitationStatus = 'pending' | 'accepted' | 'expired' | 'revoked'
+
+export interface TenantInvitation {
+	id: string
+	tenant_id: string
+	email: string
+	role: string
+	status: InvitationStatus
+	created_at: string
+	expires_at: string | null
+}
+
+export interface CreateInvitationRequest {
+	email: string
+	role?: string
+	message?: string
+}
+
+export interface AcceptInvitationRequest {
+	first_name: string
+	last_name: string
+	password: string
+}
+
+// ─── Tenant API response types ────────────────────────────────────────────────
+
+export type GetTenantsResponse = AxiosResponse<TenantInfo[]>
+export type GetTenantResponse = AxiosResponse<TenantInfo>
+export type CreateTenantResponse = AxiosResponse<TenantInfo>
+export type UpdateTenantResponse = AxiosResponse<TenantInfo>
+export type DeleteTenantResponse = AxiosResponse<MessageResponse>
+export type GetTenantMembersResponse = AxiosResponse<TenantMember[]>
+export type AddTenantMemberResponse = AxiosResponse<TenantMember>
+export type UpdateTenantMemberResponse = AxiosResponse<TenantMember>
+export type DeleteTenantMemberResponse = AxiosResponse<MessageResponse>
+export type GetTenantRolesResponse = AxiosResponse<string[]>
+export type CreateInvitationResponse = AxiosResponse<TenantInvitation>
+export type GetInvitationResponse = AxiosResponse<{ email: string, first_name?: string | null, last_name?: string | null }>
+export type AcceptInvitationResponse = AxiosResponse<MessageResponse>
+
 export type AuthenticationMethodType
 	= | 'password'
 		| 'email_token'
@@ -363,7 +444,6 @@ export type InitiateSSOResponse = AxiosResponse<SSOInitiateResponse>
 export type CallbackSSOResponse = AxiosResponse<SSOCallbackResponse>
 export type LinkSSOResponse = AxiosResponse<SSOLinkResponse>
 export type UnlinkSSOResponse = AxiosResponse<SSOUnlinkResponse>
-export type GetTenantsResponse = AxiosResponse<TenantInfo[]>
 export type GetAuthStatusResponse = AxiosResponse<AuthStatusResponse>
 export type SendEmailTokenResponse = AxiosResponse<AuthenticationResponse>
 export type VerifyEmailTokenResponse = AxiosResponse<AuthenticationResponse>

package/src/useAuth.ts

@@ -11,6 +11,12 @@ import type {
 	SSOCallbackRequest,
 	SSOLinkRequest,
 	TenantInfo,
+	CreateTenantRequest,
+	UpdateTenantRequest,
+	AddMemberRequest,
+	UpdateMemberRequest,
+	CreateInvitationRequest,
+	AcceptInvitationRequest,
 } from './types'
 import type { RedirectConfig, NormalizedRedirectConfig } from './types/redirect'
 import { ref, computed } from 'vue'
@@ -382,6 +388,85 @@ export function useAuth() {
 		return currentTenant.value
 	}
 
+	// ============================================
+	// Tenant CRUD
+	// ============================================
+
+	async function createTenant(data: CreateTenantRequest) {
+		const { data: tenant } = await api.createTenant(data)
+		await loadTenants()
+		return tenant
+	}
+
+	async function updateTenant(tenantId: string, data: UpdateTenantRequest) {
+		const { data: tenant } = await api.updateTenant(tenantId, data)
+		// Refresh list so currentTenant stays in sync
+		await loadTenants()
+		return tenant
+	}
+
+	async function deleteTenant(tenantId: string) {
+		await api.deleteTenant(tenantId)
+		if (currentTenant.value?.id === tenantId) {
+			currentTenant.value = null
+			api.setTenantId(null)
+		}
+		await loadTenants()
+	}
+
+	// ============================================
+	// Tenant Members
+	// ============================================
+
+	async function getTenantMembers(tenantId: string, status?: string) {
+		const { data } = await api.getTenantMembers(tenantId, status)
+		return data
+	}
+
+	async function addTenantMember(tenantId: string, member: AddMemberRequest) {
+		const { data } = await api.addTenantMember(tenantId, member)
+		return data
+	}
+
+	async function updateTenantMember(tenantId: string, identityId: string, updates: UpdateMemberRequest) {
+		const { data } = await api.updateTenantMember(tenantId, identityId, updates)
+		return data
+	}
+
+	async function activateTenantMember(tenantId: string, identityId: string) {
+		const { data } = await api.activateTenantMember(tenantId, identityId)
+		return data
+	}
+
+	async function removeTenantMember(tenantId: string, identityId: string) {
+		await api.removeTenantMember(tenantId, identityId)
+	}
+
+	async function getTenantRoles() {
+		const { data } = await api.getTenantRoles()
+		return data
+	}
+
+	// ============================================
+	// Invitations
+	// ============================================
+
+	async function createInvitation(data: CreateInvitationRequest) {
+		const { data: invitation } = await api.createInvitation(data)
+		return invitation
+	}
+
+	async function getInvitation(token: string) {
+		const { data } = await api.getInvitation(token)
+		return data
+	}
+
+	async function acceptInvitation(token: string, data?: AcceptInvitationRequest) {
+		await api.acceptInvitation(token, data)
+		// Re-check auth so tenants are reloaded after membership is created
+		await checkAuth()
+	}
+
 	async function signup(newUser: NewUser) {
 		// Check password match if password is provided
 		const hasPassword = newUser.password !== undefined && newUser.password.length > 0
@@ -572,5 +657,23 @@ export function useAuth() {
 		loadTenants,
 		setTenant,
 		switchTenant,
+
+		// Tenant CRUD (requires tenancy: true)
+		createTenant,
+		updateTenant,
+		deleteTenant,
+
+		// Tenant Members
+		getTenantMembers,
+		addTenantMember,
+		updateTenantMember,
+		activateTenantMember,
+		removeTenantMember,
+		getTenantRoles,
+
+		// Invitations
+		createInvitation,
+		getInvitation,
+		acceptInvitation,
 	}
 }

package/dist/Callback-BHqVaZZm.cjs

@@ -1,4 +0,0 @@
-"use strict";
-Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const index = require("./index.cjs");
-exports.default = index.Callback;

package/dist/Callback-C-XghN_z.js

@@ -1,4 +0,0 @@
-import { Callback as _sfc_main } from "./index.mjs";
-export {
-  _sfc_main as default
-};

package/dist/ForgotPasswordPage-BV9tyhHl.cjs

@@ -1,4 +0,0 @@
-"use strict";
-Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const index = require("./index.cjs");
-exports.default = index.ForgotPasswordPage;

package/dist/ForgotPasswordPage-DvttMGb0.js

@@ -1,4 +0,0 @@
-import { ForgotPasswordPage as _sfc_main } from "./index.mjs";
-export {
-  _sfc_main as default
-};

package/dist/LoginPage-hv1wc54S.cjs

@@ -1,4 +0,0 @@
-"use strict";
-Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const index = require("./index.cjs");
-exports.default = index.LoginPage;

package/dist/LoginPage-klj1NV4J.js

@@ -1,4 +0,0 @@
-import { LoginPage as _sfc_main } from "./index.mjs";
-export {
-  _sfc_main as default
-};

package/dist/ResetPasswordPage-COPrJmW8.cjs

@@ -1,4 +0,0 @@
-"use strict";
-Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const index = require("./index.cjs");
-exports.default = index.ResetPasswordPage;

package/dist/ResetPasswordPage-nvQ4uupb.js

@@ -1,4 +0,0 @@
-import { ResetPasswordPage as _sfc_main } from "./index.mjs";
-export {
-  _sfc_main as default
-};

package/dist/SignupPage-m36w9PLJ.cjs

@@ -1,4 +0,0 @@
-"use strict";
-Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const index = require("./index.cjs");
-exports.default = index.SignupPage;

package/dist/SignupPage-oUFYApYW.js

@@ -1,4 +0,0 @@
-import { SignupPage as _sfc_main } from "./index.mjs";
-export {
-  _sfc_main as default
-};