@bagelink/auth 1.7.72 → 1.7.76

package/dist/index.cjs

@@ -1079,7 +1079,7 @@ const _sfc_main$4 = /* @__PURE__ */ vue.defineComponent({
     const authResponse = vue.ref(null);
     const { sso: sso2, user, accountInfo: accountInfo2 } = useAuth();
     const route = vueRouter.useRoute();
-    const router = vueRouter.useRouter();
+    const router2 = vueRouter.useRouter();
     const providerInfo = vue.computed(() => {
       if (provider.value === null) return null;
       return providers[provider.value];
@@ -1089,7 +1089,7 @@ const _sfc_main$4 = /* @__PURE__ */ vue.defineComponent({
       try {
         await sso2.handleLinkCallback();
         success.value = true;
-        setTimeout(() => router.push("/"), timeout);
+        setTimeout(() => router2.push("/"), timeout);
       } catch (err) {
         const errorMessage = err instanceof Error ? err.message : "Failed to link account";
         error.value = errorMessage;
@@ -1108,7 +1108,7 @@ const _sfc_main$4 = /* @__PURE__ */ vue.defineComponent({
         } else {
           authResponse.value = response;
           success.value = true;
-          setTimeout(() => router.push("/"), timeout);
+          setTimeout(() => router2.push("/"), timeout);
         }
       } catch (err) {
         const errorMessage = err instanceof Error ? err.message : "Authentication failed";
@@ -1239,10 +1239,10 @@ const _sfc_main$3 = /* @__PURE__ */ vue.defineComponent({
     cardShadow: { type: Boolean, default: true }
   },
   setup(__props) {
-    const router = vueRouter.useRouter();
+    const router2 = vueRouter.useRouter();
     function switchForm(form) {
       if (form === "login") {
-        router.push("/login");
+        router2.push("/login");
       }
     }
     return (_ctx, _cache) => {
@@ -1283,12 +1283,12 @@ const _sfc_main$2 = /* @__PURE__ */ vue.defineComponent({
     cardShadow: { type: Boolean, default: true }
   },
   setup(__props) {
-    const router = vueRouter.useRouter();
+    const router2 = vueRouter.useRouter();
     function switchForm(form) {
       if (form === "signup") {
-        router.push("/signup");
+        router2.push("/signup");
       } else if (form === "forgot-password") {
-        router.push("/forgot-password");
+        router2.push("/forgot-password");
       }
     }
     return (_ctx, _cache) => {
@@ -1329,12 +1329,12 @@ const _sfc_main$1 = /* @__PURE__ */ vue.defineComponent({
     cardShadow: { type: Boolean, default: true }
   },
   setup(__props) {
-    const router = vueRouter.useRouter();
+    const router2 = vueRouter.useRouter();
     const route = vueRouter.useRoute();
     const token = vue.computed(() => route.query.token);
     function switchForm(form) {
       if (form === "login") {
-        router.push("/login");
+        router2.push("/login");
       }
     }
     return (_ctx, _cache) => {
@@ -1366,10 +1366,10 @@ const _sfc_main = /* @__PURE__ */ vue.defineComponent({
     cardShadow: { type: Boolean, default: true }
   },
   setup(__props) {
-    const router = vueRouter.useRouter();
+    const router2 = vueRouter.useRouter();
     function switchForm(form) {
       if (form === "login") {
-        router.push("/login");
+        router2.push("/login");
       }
     }
     return (_ctx, _cache) => {
@@ -1391,70 +1391,56 @@ const _sfc_main = /* @__PURE__ */ vue.defineComponent({
     };
   }
 });
-function createAuthRoutes(config = {}) {
-  const {
-    basePath = "",
-    namePrefix = "",
-    routeNames = {},
-    layout
-  } = config;
-  const createRouteName = (name) => namePrefix ? `${namePrefix}${name}` : name;
-  const routes = [
-    {
-      path: `${basePath}/login`,
-      name: routeNames.login || createRouteName("Login"),
-      component: () => Promise.resolve().then(() => require("./LoginPage-hv1wc54S.cjs")),
-      meta: { requiresAuth: false }
-    },
-    {
-      path: `${basePath}/signup`,
-      name: routeNames.signup || createRouteName("Signup"),
-      component: () => Promise.resolve().then(() => require("./SignupPage-m36w9PLJ.cjs")),
-      meta: { requiresAuth: false }
-    },
-    {
-      path: `${basePath}/forgot-password`,
-      name: routeNames.forgotPassword || createRouteName("ForgotPassword"),
-      component: () => Promise.resolve().then(() => require("./ForgotPasswordPage-BV9tyhHl.cjs")),
-      meta: { requiresAuth: false }
-    },
-    {
-      path: `${basePath}/reset-password`,
-      name: routeNames.resetPassword || createRouteName("ResetPassword"),
-      component: () => Promise.resolve().then(() => require("./ResetPasswordPage-COPrJmW8.cjs")),
-      meta: { requiresAuth: false }
-    },
-    {
-      path: `${basePath}/callback`,
-      name: routeNames.callback || createRouteName("AuthCallback"),
-      component: () => Promise.resolve().then(() => require("./Callback-BHqVaZZm.cjs")),
-      meta: { requiresAuth: false }
-    }
-  ];
-  if (layout) {
-    return [{
-      path: basePath,
-      component: layout,
-      children: routes.map((route) => ({
-        ...route,
-        path: route.path.replace(basePath, "")
-      }))
-    }];
+function getRedirectUrl(router2, config) {
+  const redirect2 = router2.currentRoute.value.query[config.queryKey];
+  return redirect2 || config.fallback;
+}
+function isValidRedirect(redirectUrl, allowedPaths) {
+  if (!redirectUrl) {
+    return false;
   }
-  return routes;
+  if (redirectUrl.startsWith("http://") || redirectUrl.startsWith("https://")) {
+    return false;
+  }
+  if (redirectUrl.startsWith("//")) {
+    return false;
+  }
+  if (redirectUrl.startsWith("javascript:") || redirectUrl.startsWith("data:")) {
+    return false;
+  }
+  if (!redirectUrl.startsWith("/")) {
+    return false;
+  }
+  if (allowedPaths && allowedPaths.length > 0) {
+    return allowedPaths.some((pattern) => pattern.test(redirectUrl));
+  }
+  return true;
 }
-function createAuthGuard(config = {}) {
-  const { redirectTo = "/" } = config;
-  return async (to, _from, next) => {
-    const { useAuth: useAuth2 } = await Promise.resolve().then(() => useAuth$1);
-    const { user } = useAuth2();
-    if (to.meta.requiresAuth === false && user.value) {
-      next(redirectTo);
-    } else {
-      next();
-    }
-  };
+async function performRedirect(router2, config) {
+  const redirect2 = getRedirectUrl(router2, config);
+  if (redirect2 !== config.fallback && !isValidRedirect(redirect2, config.allowedPaths)) {
+    console.warn("[Auth] Invalid redirect URL detected, using fallback:", redirect2);
+    await router2.push(config.fallback);
+    return;
+  }
+  await router2.push(redirect2);
 }
+function buildLoginQuery(currentPath, config) {
+  if (!config.preserveRedirect) {
+    return {};
+  }
+  if (isValidRedirect(currentPath, config.allowedPaths)) {
+    return { [config.queryKey]: currentPath };
+  }
+  return {};
+}
+const redirect = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
+  __proto__: null,
+  buildLoginQuery,
+  getRedirectUrl,
+  isValidRedirect,
+  performRedirect
+}, Symbol.toStringTag, { value: "Module" }));
 let authApiRef = null;
 function setAuthContext(authApi2) {
   authApiRef = authApi2;
@@ -1902,9 +1888,34 @@ function accountToUser(account) {
     lastLogin: account.last_login
   };
 }
+const DEFAULT_REDIRECT_CONFIG = {
+  queryKey: "redirect",
+  fallback: "/",
+  noAuthRoutes: ["Login", "Signup", "ForgotPassword", "ResetPassword", "Callback"],
+  authenticatedRedirect: "/",
+  loginRoute: "Login",
+  authMetaKey: "auth",
+  autoRedirect: true,
+  preserveRedirect: true
+};
+function normalizeRedirectConfig(config) {
+  return {
+    ...DEFAULT_REDIRECT_CONFIG,
+    ...config
+  };
+}
 let authApi = null;
 let eventEmitter = null;
+let redirectConfig = null;
+let autoRedirectRouter = null;
+let cachedAuthGuard = null;
 const accountInfo = vue.ref(null);
+function getRedirectConfig() {
+  if (!redirectConfig) {
+    throw new Error("Redirect config not initialized. Did you call createAuth with redirect config?");
+  }
+  return redirectConfig;
+}
 function createAuth(params) {
   if (authApi === null) {
     authApi = new AuthApi(params.baseURL);
@@ -1912,7 +1923,13 @@ function createAuth(params) {
   if (eventEmitter === null) {
     eventEmitter = new EventEmitter();
   }
-  return {
+  if (params.redirect) {
+    redirectConfig = normalizeRedirectConfig(params.redirect);
+  }
+  if (redirectConfig == null ? void 0 : redirectConfig.autoRedirect) {
+    setupAutoRedirect();
+  }
+  const authInstance = {
     // Event listener methods
     on(event, handler) {
       if (eventEmitter) {
@@ -1929,10 +1946,89 @@ function createAuth(params) {
         eventEmitter.removeAllListeners(event);
       }
     },
+    /**
+     * Connect external dependencies like Vue Router
+     * Automatically sets up router guard when router is provided
+     * @param dependency - Vue Router instance or other plugins
+     * @param options - Configuration options
+     * @param options.guard - Whether to automatically set up auth guard (default: true)
+     * @example
+     * ```ts
+     * // Auto setup (default)
+     * auth.use(router)
+     *
+     * // Manual guard control (for custom composition)
+     * auth.use(router, { guard: false })
+     * router.beforeEach(async (to, from, next) => {
+     *   // Custom logic first
+     *   if (!hasOrgAccess(to)) return next('/no-access')
+     *   // Then run auth guard
+     *   return auth.routerGuard()(to, from, next)
+     * })
+     * ```
+     */
+    use(dependency, options = {}) {
+      const { guard = true } = options;
+      if (dependency && (dependency.beforeEach || dependency.push || dependency.currentRoute)) {
+        autoRedirectRouter = dependency;
+        if (guard) {
+          dependency.beforeEach(authInstance.routerGuard());
+        }
+      }
+      return authInstance;
+    },
+    /**
+     * Create a Vue Router navigation guard for authentication
+     * Protects routes requiring authentication and handles redirect logic
+     * Note: Automatically called by auth.use(router), only use directly for custom setups
+     * @example
+     * ```ts
+     * // Automatic (recommended)
+     * auth.use(router)
+     *
+     * // Manual (for custom setups)
+     * router.beforeEach(auth.routerGuard())
+     * ```
+     */
+    routerGuard() {
+      if (cachedAuthGuard === null) {
+        cachedAuthGuard = async (to, from, next) => {
+          const { authGuard: authGuard2 } = await Promise.resolve().then(() => router);
+          const guard = authGuard2();
+          cachedAuthGuard = guard;
+          return guard(to, from, next);
+        };
+      }
+      return cachedAuthGuard;
+    },
+    /**
+     * Vue plugin install method
+     * Makes auth available globally as $auth
+     * @example
+     * ```ts
+     * app.use(auth)
+     * ```
+     */
     install(app) {
       app.config.globalProperties.$auth = useAuth();
     }
   };
+  return authInstance;
+}
+function setupAutoRedirect() {
+  if (!eventEmitter || !redirectConfig) return;
+  eventEmitter.on(AuthState.LOGIN, async () => {
+    if (!autoRedirectRouter) {
+      console.warn("[Auth] Auto-redirect enabled but router not set. Call setAuthRouter(router) in your app setup.");
+      return;
+    }
+    const { performRedirect: performRedirect2 } = await Promise.resolve().then(() => redirect);
+    try {
+      await performRedirect2(autoRedirectRouter, redirectConfig);
+    } catch (error) {
+      console.error("[Auth] Auto-redirect error:", error);
+    }
+  });
 }
 function useAuth() {
   if (authApi === null) {
@@ -2182,12 +2278,140 @@ function useAuth() {
 const useAuth$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
   __proto__: null,
   createAuth,
+  getRedirectConfig,
   useAuth
 }, Symbol.toStringTag, { value: "Module" }));
+let authInitialized = false;
+function resetAuthState() {
+  authInitialized = false;
+}
+function authGuard() {
+  return async function guard(to, _from, next) {
+    const auth = useAuth();
+    const config = getRedirectConfig();
+    const requiresAuth = to.meta[config.authMetaKey];
+    const requiresNoAuth = config.noAuthRoutes.includes(to.name);
+    try {
+      if (!authInitialized) {
+        await auth.checkAuth();
+        authInitialized = true;
+      }
+      const isAuthenticated = !!auth.user.value;
+      if (isAuthenticated && requiresNoAuth) {
+        next(config.authenticatedRedirect);
+        return;
+      }
+      if (!isAuthenticated && requiresAuth) {
+        const query = buildLoginQuery(to.fullPath, config);
+        next({
+          name: config.loginRoute,
+          query
+        });
+        return;
+      }
+      next();
+    } catch (error) {
+      console.error("[Auth Guard] Error:", error);
+      next();
+    }
+  };
+}
+function composeGuards(guards) {
+  return async (to, from, next) => {
+    let guardIndex = 0;
+    const runNextGuard = async () => {
+      if (guardIndex >= guards.length) {
+        next();
+        return;
+      }
+      const guard = guards[guardIndex];
+      guardIndex++;
+      await guard(to, from, (result) => {
+        if (result !== void 0) {
+          next(result);
+        } else {
+          runNextGuard();
+        }
+      });
+    };
+    await runNextGuard();
+  };
+}
+const router = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
+  __proto__: null,
+  authGuard,
+  composeGuards,
+  resetAuthState
+}, Symbol.toStringTag, { value: "Module" }));
+function createAuthRoutes(config = {}) {
+  const {
+    basePath = "",
+    namePrefix = "",
+    routeNames = {},
+    layout
+  } = config;
+  const createRouteName = (name) => namePrefix ? `${namePrefix}${name}` : name;
+  const routes = [
+    {
+      path: `${basePath}/login`,
+      name: routeNames.login || createRouteName("Login"),
+      component: () => Promise.resolve().then(() => require("./LoginPage-hv1wc54S.cjs")),
+      meta: { requiresAuth: false }
+    },
+    {
+      path: `${basePath}/signup`,
+      name: routeNames.signup || createRouteName("Signup"),
+      component: () => Promise.resolve().then(() => require("./SignupPage-m36w9PLJ.cjs")),
+      meta: { requiresAuth: false }
+    },
+    {
+      path: `${basePath}/forgot-password`,
+      name: routeNames.forgotPassword || createRouteName("ForgotPassword"),
+      component: () => Promise.resolve().then(() => require("./ForgotPasswordPage-BV9tyhHl.cjs")),
+      meta: { requiresAuth: false }
+    },
+    {
+      path: `${basePath}/reset-password`,
+      name: routeNames.resetPassword || createRouteName("ResetPassword"),
+      component: () => Promise.resolve().then(() => require("./ResetPasswordPage-COPrJmW8.cjs")),
+      meta: { requiresAuth: false }
+    },
+    {
+      path: `${basePath}/callback`,
+      name: routeNames.callback || createRouteName("AuthCallback"),
+      component: () => Promise.resolve().then(() => require("./Callback-BHqVaZZm.cjs")),
+      meta: { requiresAuth: false }
+    }
+  ];
+  if (layout) {
+    return [{
+      path: basePath,
+      component: layout,
+      children: routes.map((route) => ({
+        ...route,
+        path: route.path.replace(basePath, "")
+      }))
+    }];
+  }
+  return routes;
+}
+function createAuthGuard(config = {}) {
+  const { redirectTo = "/" } = config;
+  return async (to, _from, next) => {
+    const { useAuth: useAuth2 } = await Promise.resolve().then(() => useAuth$1);
+    const { user } = useAuth2();
+    if (to.meta.requiresAuth === false && user.value) {
+      next(redirectTo);
+    } else {
+      next();
+    }
+  };
+}
 exports.AuthApi = AuthApi;
 exports.AuthState = AuthState;
 exports.Callback = _sfc_main$4;
 exports.DEFAULT_AGENT_ID = DEFAULT_AGENT_ID;
+exports.DEFAULT_REDIRECT_CONFIG = DEFAULT_REDIRECT_CONFIG;
 exports.ForgotPasswordForm = _sfc_main$8;
 exports.ForgotPasswordPage = _sfc_main$3;
 exports.INTAKE_WORKFLOW_ID = INTAKE_WORKFLOW_ID;
@@ -2203,13 +2427,22 @@ exports.SignupForm = _sfc_main$5;
 exports.SignupPage = _sfc_main;
 exports.StateMismatchError = StateMismatchError;
 exports.accountToUser = accountToUser;
+exports.authGuard = authGuard;
+exports.buildLoginQuery = buildLoginQuery;
+exports.composeGuards = composeGuards;
 exports.createAuth = createAuth;
 exports.createAuthGuard = createAuthGuard;
 exports.createAuthRoutes = createAuthRoutes;
 exports.getAllSSOProviders = getAllSSOProviders;
+exports.getRedirectConfig = getRedirectConfig;
+exports.getRedirectUrl = getRedirectUrl;
 exports.getSSOProvider = getSSOProvider;
 exports.isSupportedProvider = isSupportedProvider;
+exports.isValidRedirect = isValidRedirect;
+exports.normalizeRedirectConfig = normalizeRedirectConfig;
+exports.performRedirect = performRedirect;
 exports.providers = providers;
+exports.resetAuthState = resetAuthState;
 exports.setAuthContext = setAuthContext;
 exports.sso = sso;
 exports.ssoProvidersList = ssoProvidersList;

package/dist/index.d.ts

@@ -9,8 +9,11 @@ export { default as ForgotPasswordPage } from './pages/ForgotPasswordPage.vue';
 export { default as LoginPage } from './pages/LoginPage.vue';
 export { default as ResetPasswordPage } from './pages/ResetPasswordPage.vue';
 export { default as SignupPage } from './pages/SignupPage.vue';
+export * from './redirect';
+export * from './router';
 export * from './routes';
 export * from './sso';
 export * from './types';
 export type { ForgotPasswordTexts, LoginTexts, ResetPasswordTexts, SignupTexts, } from './types/';
+export * from './types/redirect';
 export * from './useAuth';