@bagelink/auth 1.7.94 → 1.7.98

package/dist/api.d.ts

@@ -1,7 +1,16 @@
-import { RegisterRequest, UpdateAccountRequest, ChangePasswordRequest, ResetPasswordRequest, SendVerificationRequest, AuthenticationAccount, LoginResponse, RegisterResponse, LogoutResponse, GetMeResponse, UpdateMeResponse, DeleteMeResponse, GetAccountResponse, UpdateAccountResponse, DeleteAccountResponse, ActivateAccountResponse, DeactivateAccountResponse, ChangePasswordResponse, ForgotPasswordResponse, ResetPasswordResponse, VerifyResetTokenResponse, SendVerificationResponse, VerifyEmailResponse, RefreshSessionResponse, GetSessionsResponse, DeleteSessionResponse, DeleteAllSessionsResponse, CleanupSessionsResponse, GetMethodsResponse, SSOProvider, SSOInitiateRequest, SSOCallbackRequest, SSOLinkRequest, SSOInitiateResponse, SSOCallbackResponse, SSOLinkResponse, SSOUnlinkResponse } from './types';
+import { RegisterRequest, UpdateAccountRequest, ChangePasswordRequest, ResetPasswordRequest, SendVerificationRequest, AuthenticationAccount, LoginResponse, RegisterResponse, LogoutResponse, GetMeResponse, UpdateMeResponse, DeleteMeResponse, GetAccountResponse, UpdateAccountResponse, DeleteAccountResponse, ActivateAccountResponse, DeactivateAccountResponse, ChangePasswordResponse, ForgotPasswordResponse, ResetPasswordResponse, VerifyResetTokenResponse, SendVerificationResponse, VerifyEmailResponse, RefreshSessionResponse, GetSessionsResponse, DeleteSessionResponse, DeleteAllSessionsResponse, CleanupSessionsResponse, GetMethodsResponse, SSOProvider, SSOInitiateRequest, SSOCallbackRequest, SSOLinkRequest, SSOInitiateResponse, SSOCallbackResponse, SSOLinkResponse, SSOUnlinkResponse, GetTenantsResponse } from './types';
 export declare class AuthApi {
     private api;
+    private currentTenantId;
     constructor(baseURL?: string);
+    /**
+     * Set the current tenant ID for multi-tenant requests
+     */
+    setTenantId(tenantId: string | null): void;
+    /**
+     * Get the current tenant ID
+     */
+    getTenantId(): string | null;
     private setupInterceptors;
     /**
      * Get available authentication methods
@@ -112,4 +121,8 @@ export declare class AuthApi {
      * Cleanup expired sessions (admin)
      */
     cleanupSessions(): Promise<CleanupSessionsResponse>;
+    /**
+     * Get list of tenants the authenticated user belongs to
+     */
+    getTenants(): Promise<GetTenantsResponse>;
 }

package/dist/index.cjs

@@ -65,9 +65,22 @@ function queryParams() {
 class AuthApi {
   constructor(baseURL = "") {
     __publicField(this, "api");
+    __publicField(this, "currentTenantId", null);
     this.api = createAxiosInstance(baseURL);
     this.setupInterceptors();
   }
+  /**
+   * Set the current tenant ID for multi-tenant requests
+   */
+  setTenantId(tenantId) {
+    this.currentTenantId = tenantId;
+  }
+  /**
+   * Get the current tenant ID
+   */
+  getTenantId() {
+    return this.currentTenantId;
+  }
   setupInterceptors() {
     this.api.interceptors.request.use((config) => {
       const urlParams = new URLSearchParams(window.location.search);
@@ -75,6 +88,9 @@ class AuthApi {
       if (resetToken !== null) {
         config.headers["X-Reset-Token"] = resetToken;
       }
+      if (this.currentTenantId !== null) {
+        config.headers["X-Tenant-ID"] = this.currentTenantId;
+      }
       return config;
     });
   }
@@ -85,13 +101,13 @@ class AuthApi {
    * Get available authentication methods
    */
   async getAuthMethods() {
-    return this.api.get("/authentication/methods");
+    return this.api.get("authentication/methods");
   }
   /**
    * Register a new account
    */
   async register(data) {
-    return this.api.post("/authentication/register", {
+    return this.api.post("authentication/register", {
       ...data,
       email: data.email.toLowerCase()
     });
@@ -100,7 +116,7 @@ class AuthApi {
    * Login with password
    */
   async login(email, password) {
-    return this.api.post("/authentication/login/password", {
+    return this.api.post("authentication/login/password", {
       email: email.toLowerCase(),
       password
     });
@@ -109,13 +125,13 @@ class AuthApi {
    * Logout and clear session
    */
   async logout() {
-    return this.api.post("/authentication/logout", {});
+    return this.api.post("authentication/logout", {});
   }
   /**
    * Refresh current session
    */
   async refreshSession() {
-    return this.api.post("/authentication/refresh", {});
+    return this.api.post("authentication/refresh", {});
   }
   // ============================================
   // SSO Authentication Methods
@@ -125,7 +141,7 @@ class AuthApi {
    * Returns authorization URL to redirect user to
    */
   async initiateSSO(data) {
-    return this.api.post(`/authentication/sso/${data.provider}/initiate`, {
+    return this.api.post(`authentication/sso/${data.provider}/initiate`, {
       redirect_uri: data.redirect_uri,
       state: data.state
     });
@@ -134,7 +150,7 @@ class AuthApi {
    * Complete SSO login after callback from provider
    */
   async ssoCallback(data) {
-    return this.api.post(`/authentication/sso/${data.provider}/callback`, {
+    return this.api.post(`authentication/sso/${data.provider}/callback`, {
       code: data.code,
       state: data.state
     });
@@ -143,7 +159,7 @@ class AuthApi {
    * Link an SSO provider to existing account
    */
   async linkSSOProvider(data) {
-    return this.api.post(`/authentication/sso/${data.provider}/link`, {
+    return this.api.post(`authentication/sso/${data.provider}/link`, {
       code: data.code,
       state: data.state
     });
@@ -152,7 +168,7 @@ class AuthApi {
    * Unlink an SSO provider from account
    */
   async unlinkSSOProvider(provider) {
-    return this.api.delete(`/authentication/sso/${provider}/unlink`);
+    return this.api.delete(`authentication/sso/${provider}/unlink`);
   }
   // ============================================
   // Current User (Me) Methods
@@ -161,19 +177,19 @@ class AuthApi {
    * Get current user account info
    */
   async getCurrentUser() {
-    return this.api.get("/authentication/me");
+    return this.api.get("authentication/me");
   }
   /**
    * Update current user profile
    */
   async updateCurrentUser(data) {
-    return this.api.patch("/authentication/me", data);
+    return this.api.patch("authentication/me", data);
   }
   /**
    * Delete current user account
    */
   async deleteCurrentUser() {
-    return this.api.delete("/authentication/me");
+    return this.api.delete("authentication/me");
   }
   // ============================================
   // Account Management (Admin)
@@ -182,31 +198,31 @@ class AuthApi {
    * Get account information by ID
    */
   async getAccount(accountId) {
-    return this.api.get(`/authentication/account/${accountId}`);
+    return this.api.get(`authentication/account/${accountId}`);
   }
   /**
    * Update account by ID
    */
   async updateAccount(accountId, data) {
-    return this.api.patch(`/authentication/account/${accountId}`, data);
+    return this.api.patch(`authentication/account/${accountId}`, data);
   }
   /**
    * Delete account by ID
    */
   async deleteAccount(accountId) {
-    return this.api.delete(`/authentication/account/${accountId}`);
+    return this.api.delete(`authentication/account/${accountId}`);
   }
   /**
    * Activate account by ID
    */
   async activateAccount(accountId) {
-    return this.api.post(`/authentication/account/${accountId}/activate`, {});
+    return this.api.post(`authentication/account/${accountId}/activate`, {});
   }
   /**
    * Deactivate account by ID
    */
   async deactivateAccount(accountId) {
-    return this.api.post(`/authentication/account/${accountId}/deactivate`, {});
+    return this.api.post(`authentication/account/${accountId}/deactivate`, {});
   }
   // ============================================
   // Password Management
@@ -215,13 +231,13 @@ class AuthApi {
    * Change password (requires current password)
    */
   async changePassword(data) {
-    return this.api.post("/authentication/password/change", data);
+    return this.api.post("authentication/password/change", data);
   }
   /**
    * Initiate forgot password flow
    */
   async forgotPassword(email) {
-    return this.api.post("/authentication/password/forgot", {
+    return this.api.post("authentication/password/forgot", {
       email: email.toLowerCase()
     });
   }
@@ -229,13 +245,13 @@ class AuthApi {
    * Verify password reset token
    */
   async verifyResetToken(token) {
-    return this.api.get(`/authentication/password/verify-reset-token/${token}`);
+    return this.api.get(`authentication/password/verify-reset-token/${token}`);
   }
   /**
    * Reset password with token
    */
   async resetPassword(data) {
-    return this.api.post("/authentication/password/reset", data);
+    return this.api.post("authentication/password/reset", data);
   }
   // ============================================
   // Email Verification
@@ -244,7 +260,7 @@ class AuthApi {
    * Send email verification
    */
   async sendVerification(data = {}, user) {
-    return this.api.post("/authentication/verify/send", data, {
+    return this.api.post("authentication/verify/send", data, {
       params: user ? { user } : void 0
     });
   }
@@ -252,7 +268,7 @@ class AuthApi {
    * Verify email with token
    */
   async verifyEmail(token) {
-    return this.api.post("/authentication/verify/email", { token });
+    return this.api.post("authentication/verify/email", { token });
   }
   // ============================================
   // Session Management
@@ -261,25 +277,34 @@ class AuthApi {
    * Get sessions for an account
    */
   async getSessions(accountId) {
-    return this.api.get(`/authentication/sessions/${accountId}`);
+    return this.api.get(`authentication/sessions/${accountId}`);
   }
   /**
    * Revoke a specific session
    */
   async revokeSession(sessionToken) {
-    return this.api.delete(`/authentication/sessions/${sessionToken}`);
+    return this.api.delete(`authentication/sessions/${sessionToken}`);
   }
   /**
    * Revoke all sessions for an account
    */
   async revokeAllSessions(accountId) {
-    return this.api.delete(`/authentication/sessions/account/${accountId}`);
+    return this.api.delete(`authentication/sessions/account/${accountId}`);
   }
   /**
    * Cleanup expired sessions (admin)
    */
   async cleanupSessions() {
-    return this.api.post("/authentication/cleanup-sessions", {});
+    return this.api.post("authentication/cleanup-sessions", {});
+  }
+  // ============================================
+  // Multi-Tenancy Methods
+  // ============================================
+  /**
+   * Get list of tenants the authenticated user belongs to
+   */
+  async getTenants() {
+    return this.api.get("tenants");
   }
 }
 const _hoisted_1$8 = { class: "txt20 bold mb-1" };
@@ -1902,35 +1927,24 @@ function accountToUser(account) {
   if (account === null) {
     return null;
   }
-  if (account.person !== void 0) {
+  const hasPersonLinked = account.person !== void 0 && account.person !== null;
+  if (hasPersonLinked) {
     return {
       id: account.person.id,
       accountId: account.id,
       name: account.person.name,
-      email: account.person.email,
+      email: account.person.email ?? void 0,
       type: account.account_type,
       roles: account.person.roles,
       isActive: account.is_active,
       isVerified: account.is_verified,
       person: account.person,
-      lastLogin: account.last_login
-    };
-  }
-  if (account.entity !== void 0) {
-    return {
-      id: account.entity.id,
-      accountId: account.id,
-      name: account.entity.name,
-      type: account.account_type,
-      isActive: account.is_active,
-      isVerified: account.is_verified,
-      lastLogin: account.last_login,
-      entityType: account.entity.type,
-      metadata: account.entity.metadata
+      lastLogin: account.last_login ?? void 0,
+      hasPersonLinked: true
     };
   }
   const emailMethod = account.authentication_methods.find(
-    (m) => m.type === "password" || m.type === "email_token"
+    (m) => m.type === "password" || m.type === "email_token" || m.type === "sso"
   );
   return {
     id: account.id,
@@ -1940,7 +1954,8 @@ function accountToUser(account) {
     type: account.account_type,
     isActive: account.is_active,
     isVerified: account.is_verified,
-    lastLogin: account.last_login
+    lastLogin: account.last_login ?? void 0,
+    hasPersonLinked: false
   };
 }
 const DEFAULT_REDIRECT_CONFIG = {
@@ -1965,6 +1980,8 @@ let redirectConfig = null;
 let autoRedirectRouter = null;
 let cachedAuthGuard = null;
 const accountInfo = vue.ref(null);
+const tenants = vue.ref([]);
+const currentTenant = vue.ref(null);
 function getRedirectConfig() {
   if (!redirectConfig) {
     throw new Error("Redirect config not initialized. Did you call createAuth with redirect config?");
@@ -2135,15 +2152,11 @@ function useAuth() {
   };
   const getAccountType = () => {
     var _a;
-    return ((_a = user.value) == null ? void 0 : _a.type) ?? "person";
+    return ((_a = user.value) == null ? void 0 : _a.type) ?? "identity";
   };
   const isPersonAccount = () => {
     var _a;
-    return ((_a = user.value) == null ? void 0 : _a.type) === "person";
-  };
-  const isEntityAccount = () => {
-    var _a;
-    return ((_a = user.value) == null ? void 0 : _a.type) === "entity";
+    return ((_a = user.value) == null ? void 0 : _a.hasPersonLinked) === true;
   };
   async function logout() {
     const logoutPromise = api.logout();
@@ -2176,6 +2189,45 @@ function useAuth() {
       return false;
     }
   }
+  async function loadTenants() {
+    try {
+      const { data } = await api.getTenants();
+      tenants.value = data;
+      if (currentTenant.value === null && tenants.value.length > 0) {
+        const firstActiveTenant = tenants.value.find((t) => t.status === "active");
+        if (firstActiveTenant !== void 0) {
+          setTenant(firstActiveTenant.id);
+        }
+      }
+      return tenants.value;
+    } catch {
+      tenants.value = [];
+      return [];
+    }
+  }
+  function setTenant(tenantId) {
+    if (tenantId === null) {
+      currentTenant.value = null;
+      api.setTenantId(null);
+      return;
+    }
+    const tenant = tenants.value.find((t) => t.id === tenantId);
+    if (tenant !== void 0) {
+      currentTenant.value = tenant;
+      api.setTenantId(tenantId);
+    } else {
+      throw new Error(`Tenant with ID ${tenantId} not found`);
+    }
+  }
+  function switchTenant(tenantId) {
+    setTenant(tenantId);
+  }
+  function getTenants() {
+    return tenants.value;
+  }
+  function getCurrentTenant() {
+    return currentTenant.value;
+  }
   async function signup(newUser) {
     const hasPassword = newUser.password !== void 0 && newUser.password.length > 0;
     if (hasPassword && newUser.password !== newUser.confirmPassword) {
@@ -2290,6 +2342,9 @@ function useAuth() {
     accountInfo,
     // SSO Providers (ready to use!)
     sso,
+    // Multi-Tenancy State
+    tenants,
+    currentTenant,
     // Getters
     getFullName,
     getIsLoggedIn,
@@ -2297,7 +2352,8 @@ function useAuth() {
     getRoles,
     getAccountType,
     isPersonAccount,
-    isEntityAccount,
+    getTenants,
+    getCurrentTenant,
     // Authentication Actions
     login,
     logout,
@@ -2327,7 +2383,11 @@ function useAuth() {
     // Session Management
     getSessions,
     revokeSession,
-    revokeAllSessions
+    revokeAllSessions,
+    // Multi-Tenancy Actions
+    loadTenants,
+    setTenant,
+    switchTenant
   };
 }
 const useAuth$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({