@bagelink/auth 1.4.169 → 1.4.174

package/dist/index.cjs

@@ -55,74 +55,199 @@ class AuthApi {
   }
   setupInterceptors() {
     this.api.interceptors.request.use((config) => {
-      const token = localStorage.getItem("access_token");
-      if (token !== null && config.headers) {
-        config.headers.Authorization = `Bearer ${token}`;
+      const sessionToken = localStorage.getItem("session_token");
+      if (sessionToken !== null && config.headers) {
+        config.headers.Authorization = `Bearer ${sessionToken}`;
       }
       const urlParams = new URLSearchParams(window.location.search);
       const resetToken = urlParams.get("token");
       if (resetToken !== null && config.headers) {
-        config.headers.Authorization = `Bearer ${resetToken}`;
+        config.headers["X-Reset-Token"] = resetToken;
       }
       return config;
     });
   }
-  async login(username, password) {
-    const { data } = await this.api.post("/auth/login", {
-      username: username.toLowerCase(),
+  // ============================================
+  // Authentication Methods
+  // ============================================
+  /**
+   * Get available authentication methods
+   */
+  async getAuthMethods() {
+    return this.api.get("/authentication/methods");
+  }
+  /**
+   * Register a new account
+   */
+  async register(data) {
+    const response = await this.api.post("/authentication/register", {
+      ...data,
+      email: data.email.toLowerCase()
+    });
+    if (response.data.session_token) {
+      localStorage.setItem("session_token", response.data.session_token);
+    }
+    return response;
+  }
+  /**
+   * Login with password
+   */
+  async login(email, password) {
+    const response = await this.api.post("/authentication/login/password", {
+      email: email.toLowerCase(),
       password
     });
-    localStorage.setItem("access_token", data.access_token);
-    return { data };
-  }
-  logout() {
-    localStorage.removeItem("access_token");
-    window.location.reload();
-  }
-  async passwordRecovery(email) {
-    return this.api.post("/auth/password-recovery", { email });
-  }
-  async resetPassword(newPassword) {
-    return this.api.post("/auth/reset-password", { new_password: newPassword });
-  }
+    if (response.data.session_token) {
+      localStorage.setItem("session_token", response.data.session_token);
+    }
+    return response;
+  }
+  /**
+   * Logout and clear session
+   */
+  async logout() {
+    const response = await this.api.post("/authentication/logout", {});
+    localStorage.removeItem("session_token");
+    return response;
+  }
+  /**
+   * Refresh current session
+   */
+  async refreshSession() {
+    const response = await this.api.post("/authentication/refresh", {});
+    if (response.data.session_token) {
+      localStorage.setItem("session_token", response.data.session_token);
+    }
+    return response;
+  }
+  // ============================================
+  // Current User (Me) Methods
+  // ============================================
+  /**
+   * Get current user account info
+   */
   async getCurrentUser() {
-    return this.api.get("/users/me");
-  }
-  async signup(user) {
-    return this.api.post("/users/signup", {
-      email: user.email.toLowerCase(),
-      password: user.password,
-      first_name: user.first_name,
-      last_name: user.last_name
+    return this.api.get("/authentication/me");
+  }
+  /**
+   * Update current user profile
+   */
+  async updateCurrentUser(data) {
+    return this.api.patch("/authentication/me", data);
+  }
+  /**
+   * Delete current user account
+   */
+  async deleteCurrentUser() {
+    const response = await this.api.delete("/authentication/me");
+    localStorage.removeItem("session_token");
+    return response;
+  }
+  // ============================================
+  // Account Management (Admin)
+  // ============================================
+  /**
+   * Get account information by ID
+   */
+  async getAccount(accountId) {
+    return this.api.get(`/authentication/account/${accountId}`);
+  }
+  /**
+   * Update account by ID
+   */
+  async updateAccount(accountId, data) {
+    return this.api.patch(`/authentication/account/${accountId}`, data);
+  }
+  /**
+   * Delete account by ID
+   */
+  async deleteAccount(accountId) {
+    return this.api.delete(`/authentication/account/${accountId}`);
+  }
+  /**
+   * Activate account by ID
+   */
+  async activateAccount(accountId) {
+    return this.api.post(`/authentication/account/${accountId}/activate`, {});
+  }
+  /**
+   * Deactivate account by ID
+   */
+  async deactivateAccount(accountId) {
+    return this.api.post(`/authentication/account/${accountId}/deactivate`, {});
+  }
+  // ============================================
+  // Password Management
+  // ============================================
+  /**
+   * Change password (requires current password)
+   */
+  async changePassword(data) {
+    return this.api.post("/authentication/password/change", data);
+  }
+  /**
+   * Initiate forgot password flow
+   */
+  async forgotPassword(email) {
+    return this.api.post("/authentication/password/forgot", {
+      email: email.toLowerCase()
     });
   }
-  async updatePassword(form) {
-    return this.api.patch("/users/me/password", {
-      current_password: form.current_password,
-      new_password: form.new_password
-    });
-  }
-  async updateUserProfile(user) {
-    return this.api.patch("/users/me", user);
-  }
-  async setUserStatus(userId, isActive) {
-    return this.api.patch(`/users/${userId}`, {
-      is_active: isActive
+  /**
+   * Verify password reset token
+   */
+  async verifyResetToken(token) {
+    return this.api.get(`/authentication/password/verify-reset-token/${token}`);
+  }
+  /**
+   * Reset password with token
+   */
+  async resetPassword(data) {
+    return this.api.post("/authentication/password/reset", data);
+  }
+  // ============================================
+  // Email Verification
+  // ============================================
+  /**
+   * Send email verification
+   */
+  async sendVerification(data = {}, user) {
+    return this.api.post("/authentication/verify/send", data, {
+      params: user ? { user } : void 0
     });
   }
-  async deleteUser(userId) {
-    return this.api.delete(`/users/${userId}`);
-  }
-  async getUsers(limit = 100, skip) {
-    return this.api.get("/users/", {
-      params: { skip, limit }
-    });
-  }
-  async createUser(user) {
-    return this.api.post("/users/", user);
-  }
-  async getUser(userId) {
-    return this.api.get(`/users/${userId}`);
+  /**
+   * Verify email with token
+   */
+  async verifyEmail(token) {
+    return this.api.post("/authentication/verify/email", { token });
+  }
+  // ============================================
+  // Session Management
+  // ============================================
+  /**
+   * Get sessions for an account
+   */
+  async getSessions(accountId) {
+    return this.api.get(`/authentication/sessions/${accountId}`);
+  }
+  /**
+   * Revoke a specific session
+   */
+  async revokeSession(sessionToken) {
+    return this.api.delete(`/authentication/sessions/${sessionToken}`);
+  }
+  /**
+   * Revoke all sessions for an account
+   */
+  async revokeAllSessions(accountId) {
+    return this.api.delete(`/authentication/sessions/account/${accountId}`);
+  }
+  /**
+   * Cleanup expired sessions (admin)
+   */
+  async cleanupSessions() {
+    return this.api.post("/authentication/cleanup-sessions", {});
   }
 }
 
@@ -131,41 +256,85 @@ var AuthState = /* @__PURE__ */ ((AuthState2) => {
   AuthState2["LOGOUT"] = "logout";
   AuthState2["SIGNUP"] = "signup";
   AuthState2["PASSWORD_RESET"] = "password_reset";
+  AuthState2["PASSWORD_CHANGE"] = "password_change";
   AuthState2["PROFILE_UPDATE"] = "profile_update";
   AuthState2["AUTH_CHECK"] = "auth_check";
+  AuthState2["EMAIL_VERIFIED"] = "email_verified";
+  AuthState2["SESSION_REFRESH"] = "session_refresh";
   return AuthState2;
 })(AuthState || {});
+function accountToUser(account) {
+  if (account === null) return null;
+  if (account.person !== void 0) {
+    return {
+      id: account.person.id,
+      accountId: account.id,
+      name: account.person.name,
+      email: account.person.email,
+      type: account.account_type,
+      roles: account.person.roles,
+      isActive: account.is_active,
+      isVerified: account.is_verified,
+      lastLogin: account.last_login
+    };
+  }
+  if (account.entity !== void 0) {
+    return {
+      id: account.entity.id,
+      accountId: account.id,
+      name: account.entity.name,
+      type: account.account_type,
+      isActive: account.is_active,
+      isVerified: account.is_verified,
+      lastLogin: account.last_login,
+      entityType: account.entity.type,
+      metadata: account.entity.metadata
+    };
+  }
+  const emailMethod = account.authentication_methods?.find(
+    (m) => m.type === "password" || m.type === "email_token"
+  );
+  return {
+    id: account.id,
+    accountId: account.id,
+    name: account.display_name,
+    email: emailMethod?.identifier,
+    type: account.account_type,
+    isActive: account.is_active,
+    isVerified: account.is_verified,
+    lastLogin: account.last_login
+  };
+}
 
 let authApi = null;
 let eventEmitter = null;
-const currentUser = vue.ref({
-  id: "",
-  email: "",
-  first_name: "",
-  last_name: "",
-  is_superuser: false,
-  is_active: false
-});
+const accountInfo = vue.ref(null);
 function initAuth({
   axios,
   baseURL
 }) {
-  if (!authApi) {
+  if (authApi === null) {
     authApi = new AuthApi(axios, baseURL);
   }
-  if (!eventEmitter) {
+  if (eventEmitter === null) {
     eventEmitter = new EventEmitter();
   }
   return {
     // Event listener methods
     on(event, handler) {
-      eventEmitter.on(event, handler);
+      if (eventEmitter) {
+        eventEmitter.on(event, handler);
+      }
     },
     off(event, handler) {
-      eventEmitter.off(event, handler);
+      if (eventEmitter) {
+        eventEmitter.off(event, handler);
+      }
     },
     removeAllListeners(event) {
-      eventEmitter.removeAllListeners(event);
+      if (eventEmitter) {
+        eventEmitter.removeAllListeners(event);
+      }
     },
     install(app) {
       app.config.globalProperties.$auth = useAuth();
@@ -173,135 +342,195 @@ function initAuth({
   };
 }
 function useAuth() {
-  if (!authApi) {
+  if (authApi === null) {
     throw new Error("Auth not initialized. Call initAuth first.");
   }
-  const getFullName = () => `${currentUser.value.first_name} ${currentUser.value.last_name}`;
-  const getIsLoggedIn = () => currentUser.value.id.length > 0;
+  if (eventEmitter === null) {
+    throw new Error("Event emitter not initialized. Call initAuth first.");
+  }
+  const api = authApi;
+  const emitter = eventEmitter;
+  const user = vue.computed(() => accountToUser(accountInfo.value));
+  const getFullName = () => {
+    return user.value?.name ?? "";
+  };
+  const getIsLoggedIn = () => {
+    return user.value !== null;
+  };
+  const getEmail = () => {
+    return user.value?.email ?? "";
+  };
+  const getRoles = () => {
+    return user.value?.roles ?? [];
+  };
+  const getAccountType = () => {
+    return user.value?.type ?? "person";
+  };
+  const isPersonAccount = () => {
+    return user.value?.type === "person";
+  };
+  const isEntityAccount = () => {
+    return user.value?.type === "entity";
+  };
   async function logout() {
-    try {
-      await authApi.logout();
-      currentUser.value = {
-        id: "",
-        email: "",
-        first_name: "",
-        last_name: "",
-        is_superuser: false,
-        is_active: false
-      };
-      eventEmitter.emit(AuthState.LOGOUT);
-    } catch (error) {
-      throw error;
-    }
+    const logoutPromise = api.logout();
+    await logoutPromise.catch(() => {
+    });
+    accountInfo.value = null;
+    emitter.emit(AuthState.LOGOUT);
   }
   async function login(credentials) {
-    try {
-      await authApi.login(
-        credentials.email.toLowerCase(),
-        credentials.password
-      );
+    const { data } = await api.login(
+      credentials.email.toLowerCase(),
+      credentials.password
+    );
+    if (data.success === true && data.requires_verification !== true) {
       await checkAuth();
-      eventEmitter.emit(AuthState.LOGIN);
-    } catch (error) {
-      throw error;
     }
+    emitter.emit(AuthState.LOGIN);
+    return data;
   }
   async function checkAuth() {
     try {
-      if (!getIsLoggedIn()) {
-        const { data } = await authApi.getCurrentUser();
-        currentUser.value = data;
-        if (getIsLoggedIn()) {
-          eventEmitter.emit(AuthState.AUTH_CHECK);
-        }
+      const { data } = await api.getCurrentUser();
+      accountInfo.value = data;
+      if (getIsLoggedIn()) {
+        emitter.emit(AuthState.AUTH_CHECK);
       }
-    } catch (error) {
+      return true;
+    } catch {
+      accountInfo.value = null;
       return false;
     }
-    return getIsLoggedIn();
   }
-  async function signup(user) {
-    try {
-      if (user.password !== user.confirmPassword) {
-        throw new Error("Passwords do not match");
-      }
-      const { data } = await authApi.signup(user);
-      currentUser.value = data;
-      eventEmitter.emit(AuthState.SIGNUP);
-    } catch (error) {
-      throw error;
+  async function signup(newUser) {
+    const hasPassword = newUser.password !== void 0 && newUser.password.length > 0;
+    if (hasPassword && newUser.password !== newUser.confirmPassword) {
+      throw new Error("Passwords do not match");
     }
-  }
-  async function recoverPassword(email) {
-    try {
-      await authApi.passwordRecovery(email);
-    } catch (error) {
-      throw error;
+    const { data } = await api.register({
+      email: newUser.email,
+      first_name: newUser.first_name,
+      last_name: newUser.last_name,
+      phone_number: newUser.phone_number,
+      password: newUser.password
+    });
+    if (data.success === true && data.requires_verification !== true) {
+      await checkAuth();
     }
+    emitter.emit(AuthState.SIGNUP);
+    return data;
   }
-  async function resetPassword(newPassword) {
-    try {
-      await authApi.resetPassword(newPassword);
-      eventEmitter.emit(AuthState.PASSWORD_RESET);
-    } catch (error) {
-      throw error;
-    }
+  async function forgotPassword(email) {
+    await api.forgotPassword(email);
   }
-  async function updatePassword(form) {
-    try {
-      if (form.new_password !== form.confirmNewPassword) {
-        throw new Error("Passwords do not match");
-      }
-      await authApi.updatePassword(form);
-      eventEmitter.emit(AuthState.PASSWORD_RESET);
-    } catch (error) {
-      throw error;
-    }
+  async function verifyResetToken(token) {
+    await api.verifyResetToken(token);
   }
-  async function updateProfile(user) {
-    try {
-      const { data } = await authApi.updateUserProfile(user);
-      currentUser.value = { ...currentUser.value, ...data };
-      eventEmitter.emit(AuthState.PROFILE_UPDATE);
-    } catch (error) {
-      throw error;
+  async function resetPassword(token, newPassword) {
+    await api.resetPassword({ token, new_password: newPassword });
+    emitter.emit(AuthState.PASSWORD_RESET);
+  }
+  async function changePassword(form) {
+    if (form.new_password !== form.confirmNewPassword) {
+      throw new Error("Passwords do not match");
     }
+    await api.changePassword({
+      current_password: form.current_password,
+      new_password: form.new_password
+    });
+    emitter.emit(AuthState.PASSWORD_CHANGE);
   }
-  async function toggleUserStatus(userId, isActive) {
-    try {
-      await authApi.setUserStatus(userId, isActive);
-    } catch (error) {
-      throw error;
+  async function updateProfile(updates) {
+    const { data } = await api.updateCurrentUser(updates);
+    accountInfo.value = data;
+    emitter.emit(AuthState.PROFILE_UPDATE);
+  }
+  async function activateAccount(accountId) {
+    await api.activateAccount(accountId);
+  }
+  async function deactivateAccount(accountId) {
+    await api.deactivateAccount(accountId);
+  }
+  async function deleteAccount(accountId) {
+    await api.deleteAccount(accountId);
+  }
+  async function deleteCurrentUser() {
+    await api.deleteCurrentUser();
+    accountInfo.value = null;
+  }
+  async function sendVerification(email) {
+    await api.sendVerification({ email });
+  }
+  async function verifyEmail(token) {
+    await api.verifyEmail(token);
+    await checkAuth();
+    emitter.emit(AuthState.EMAIL_VERIFIED);
+  }
+  async function refreshSession() {
+    await api.refreshSession();
+    emitter.emit(AuthState.SESSION_REFRESH);
+  }
+  async function getSessions(accountId) {
+    const id = accountId ?? user.value?.accountId;
+    if (id === void 0 || id === "") {
+      throw new Error("No account ID available");
     }
+    return api.getSessions(id);
   }
-  async function deleteUser(userId) {
-    try {
-      await authApi.deleteUser(userId);
-    } catch (error) {
-      throw error;
+  async function revokeSession(sessionToken) {
+    await api.revokeSession(sessionToken);
+  }
+  async function revokeAllSessions(accountId) {
+    const id = accountId ?? user.value?.accountId;
+    if (id === void 0 || id === "") {
+      throw new Error("No account ID available");
     }
+    await api.revokeAllSessions(id);
   }
   return {
-    // State
-    currentUser,
+    // Primary State (use this!)
+    user,
+    // Full account info (for advanced use cases)
+    accountInfo,
     // Getters
     getFullName,
     getIsLoggedIn,
-    // Actions
-    logout,
+    getEmail,
+    getRoles,
+    getAccountType,
+    isPersonAccount,
+    isEntityAccount,
+    // Authentication Actions
     login,
-    checkAuth,
+    logout,
     signup,
-    recoverPassword,
-    resetPassword,
-    updatePassword,
+    checkAuth,
+    refreshSession,
+    // Profile Actions
     updateProfile,
-    toggleUserStatus,
-    deleteUser
+    deleteCurrentUser,
+    // Password Actions
+    changePassword,
+    forgotPassword,
+    verifyResetToken,
+    resetPassword,
+    // Email Verification Actions
+    sendVerification,
+    verifyEmail,
+    // Admin Actions
+    activateAccount,
+    deactivateAccount,
+    deleteAccount,
+    // Session Management
+    getSessions,
+    revokeSession,
+    revokeAllSessions
   };
 }
 
 exports.AuthApi = AuthApi;
 exports.AuthState = AuthState;
+exports.accountToUser = accountToUser;
 exports.initAuth = initAuth;
 exports.useAuth = useAuth;