@caseparts-org/casecore 0.0.3 → 0.0.4

package/dist/authentication/AuthContext.d.ts

@@ -1,14 +1,34 @@
-import React from "react";
-export interface AuthContextValue {
-    initialized: string;
-    login: (_email: string, _password: string) => void;
-    user: string | null;
-}
-export declare const AuthContext: React.Context<AuthContextValue | undefined>;
-export declare const useAuthContext: () => AuthContextValue;
-export interface AuthProviderProps {
-    children: React.ReactNode;
+import React, { ReactNode } from "react";
+import { Claims } from "./AuthTypes";
+export type AuthUrls = {
+    Login: string;
+    Logout: string;
+    Impersonate: (_email: string) => string;
+};
+export type AuthProviderProps = {
+    children: ReactNode;
+    urls: AuthUrls;
     apiKey: string;
-    loginUrl: string;
-}
-export declare const AuthProvider: React.FC<AuthProviderProps>;
+    sessionClientId: string;
+};
+export type AuthContextType = {
+    initialized: string;
+    claims: Claims | null;
+    email: string;
+    discountLevel: string;
+    userType: string;
+    login: (_email?: string, _password?: string) => Promise<unknown>;
+    logout: () => Promise<boolean>;
+    impersonate: (_email: string) => Promise<string | null>;
+    fetch: (_url: string, _options?: RequestInit) => Promise<Response | null>;
+    hasRight: (_right: string) => boolean;
+    token: string | null;
+    sessionId: string;
+};
+export type Credentials = {
+    email: string;
+    password: string;
+};
+export declare const AuthContext: React.Context<AuthContextType | undefined>;
+export declare const useAuthContext: () => AuthContextType | undefined;
+export default function AuthProvider({ children, urls, apiKey, sessionClientId }: AuthProviderProps): import("react/jsx-runtime").JSX.Element;

package/dist/authentication/AuthContext.js

@@ -1,21 +1,252 @@
 import { jsx as _jsx } from "react/jsx-runtime";
-import { createContext, useContext, useState } from "react";
+import React, { useContext, useState, useEffect, createContext } from "react";
+import { jwtDecode } from "jwt-decode";
+import useLocalStorage from "../hooks/useLocalStorage";
+import { getSessionId } from '../utils/SessionUtils';
+import { buildClaimsFromPayload } from "../utils/ClaimsUtils";
 export const AuthContext = createContext(undefined);
 export const useAuthContext = () => {
-    const ctx = useContext(AuthContext);
-    if (!ctx)
-        throw new Error("Must be inside AuthProvider");
-    return ctx;
+    return useContext(AuthContext);
 };
-export const AuthProvider = ({ children, apiKey, loginUrl, }) => {
-    const [initialized] = useState("OK");
-    const [user, setUser] = useState(null);
+export default function AuthProvider({ children, urls, apiKey, sessionClientId }) {
+    const [token, setToken] = useState(null);
+    const [initialized, setInitialized] = useState("");
+    const [claims, setClaims] = useState(null);
+    const [localToken, setLocalToken] = useLocalStorage("token", "");
+    const credentialsRef = React.useRef(null);
+    const sessionId = getSessionId(sessionClientId);
+    useEffect(() => {
+        if (token)
+            return;
+        // Logs in using local storage token if present or cookies. If neither exist, API will return a Guest token.
+        login()
+            .catch(e => setInitialized(e.message));
+        // eslint-disable-next-line
+    }, [token]); // Triggers login when setting token in `logout` to obtain a Guest token.
+    //#region Fetch extensions
+    class FetchError extends Error {
+        statusCode;
+        constructor(statusCode, message) {
+            super(message);
+            this.name = "FetchError";
+            this.statusCode = statusCode;
+        }
+    }
+    function defaultErrorMessage(status, url) {
+        switch (status) {
+            case 401: return "You are not authenticated";
+            case 403: return "You do not have permission to access this page";
+            case 404: return "Page does not exist: " + url;
+            default: return "Unexpected Error";
+        }
+    }
+    /**
+   * Performs a fetch request and throws a FetchError for HTTP errors (except 500).
+   *
+   * - Returns the response for successful requests (status < 400) and for status 500.
+   * - For other error statuses, reads the response text and throws a FetchError with a normalized message.
+   * - Handles network or parsing errors by rethrowing them.
+   *
+   * @param url - The URL to fetch.
+   * @param options - Optional fetch options (method, headers, body, etc).
+   * @returns {Promise<Response>} The fetch response if successful.
+   * @throws {FetchError} If the response status is an error (except 500).
+   */
+    const fancyFetch = (url, options) => {
+        return fetch(url, options)
+            .then(async (res) => {
+            if (res.status < 400) {
+                return res;
+            }
+            else if (res.status === 500) {
+                return res;
+            }
+            else {
+                const text = await res.text();
+                const message = text ? String(text).replace(/['"]+/g, '')
+                    : res.statusText ? res.statusText
+                        : defaultErrorMessage(res.status, url);
+                throw new FetchError(res.status, message);
+            }
+        })
+            .catch(e => { throw e; });
+    };
+    /**
+   * Performs a fetch request with authentication and automatic retry on 401 errors.
+   *
+   * - Adds Authorization and X-Session-ID headers if available.
+   * - On a 401 response, attempts to re-authenticate by calling login(), updates the Authorization header, and retries the request once.
+   * - Throws for other errors or if re-authentication fails.
+   *
+   * @param url - The URL to fetch.
+   * @param options - Optional fetch options (method, headers, body, etc).
+   * @returns {Promise<Response>} The fetch response if successful.
+   * @throws {FetchError} If the request fails or re-authentication fails.
+   */
+    const fancyFetchWithRetry = (url, options) => {
+        const opts = { ...options };
+        opts.method = opts.method || 'GET';
+        opts.headers = { ...(opts.headers || {}) };
+        if (token)
+            opts.headers.Authorization = "Bearer " + token;
+        opts.headers['X-Session-ID'] = sessionId;
+        opts.credentials = 'include';
+        return fancyFetch(url, opts)
+            .catch(e => {
+            if (e.statusCode === 401) {
+                return login()
+                    .then(fetchTokenResult => {
+                    opts.headers.Authorization = "Bearer " + fetchTokenResult.token;
+                })
+                    .then(() => fancyFetch(url, opts))
+                    .catch(loginError => { throw loginError; });
+            }
+            else {
+                throw e;
+            }
+        });
+    };
+    //#endregion
+    //#region Login/Logout with related helpers
+    /**
+   * Authenticates the user and returns a token/claims object.
+   *
+   * The login logic attempts authentication in the following order:
+   * 1. If running locally and no email is provided, but credentials are stored in memory, it uses those credentials to fetch a token.
+   * 2. If running locally and a JWT exists in local storage (and no email is provided), it uses that token and parses claims from it.
+   * 3. Otherwise, it calls fetchToken with the provided email and password (or undefined for guest login).
+   *
+   * This function is used both for explicit user login and for automatic login (e.g., after logout or on mount) to obtain a guest or user token as needed.
+   *
+   * @param email - Optional email/username for login. If omitted, attempts to use stored credentials or local storage.
+   * @param password - Optional password for login.
+   * @returns {Promise<FetchTokenResult>} A promise resolving to the token and claims.
+   */
     const login = (email, password) => {
-        // Use both email and password to avoid unused variable error
-        console.log(`Logging in with email: ${email} and password: ${password}`);
-        setUser(`${email}.${password}`);
+        // const localTokenJson = window.localStorage.getItem("CPC.token")
+        // const localToken = localTokenJson ? JSON.parse(localTokenJson) : null
+        if (isLocal() && !email && credentialsRef.current) { // Has logged in using credentials and stored in state
+            return fetchToken(credentialsRef.current.email, credentialsRef.current.password);
+        }
+        if (isLocal() && localToken && !email) { // Local storage jwt exists on localhost
+            const claims = assignToken(localToken);
+            return Promise.resolve({ token: localToken, claims });
+        }
+        return fetchToken(email, password);
     };
-    console.log(apiKey);
-    console.log(loginUrl);
-    return (_jsx(AuthContext.Provider, { value: { initialized, login, user }, children: children }));
-};
+    /**
+     * Logs out the current user and resets authentication state.
+     *
+     * - Calls the logout API endpoint to invalidate the session on the server.
+     * - Clears any stored credentials in memory.
+     * - Sets the token to null, which triggers a re-authentication as a guest via useEffect.
+     * - Clears claims state.
+     *
+     * @returns {Promise<boolean>} Resolves to true when logout is complete.
+     */
+    const logout = () => {
+        if (isLocal())
+            setLocalToken();
+        return fancyFetch(urls.Logout, { method: 'POST', credentials: 'include' })
+            .then(() => {
+            credentialsRef.current = null;
+            setToken(null); // Setting token null triggers useEffect to reauthenticate as an anonymous user
+            setClaims(null);
+            return true;
+        });
+    };
+    /**
+     * Impersonates another user by email, updating authentication state with the new user's claims.
+     *
+     * - Calls the impersonate API endpoint with the provided email.
+     * - Parses and assigns the returned JWT as the current authentication token and claims.
+     * - If running locally, stores the new JWT in local storage.
+     *
+     * @param email - The email address of the user to impersonate.
+     * @returns {Promise<string | null>} Resolves to the new JWT string if successful, or null otherwise.
+     */
+    const impersonate = (email) => {
+        return fancyFetchWithRetry(urls.Impersonate(email))
+            .then(res => res ? res.text() : null)
+            .then(jwt => jwt ? jwt.replace(/['"]+/g, '') : null)
+            .then(jwt => {
+            assignToken(jwt);
+            if (isLocal() && jwt)
+                setLocalToken(jwt);
+            return jwt;
+        });
+    };
+    function isLocal() {
+        const hostname = window.location.hostname;
+        return hostname === "localhost" || hostname === "127.0.0.1";
+    }
+    const assignToken = (jwt) => {
+        if (!jwt) {
+            throw Error("Cannot parse null");
+        }
+        const decoded = jwtDecode(jwt);
+        const claims = buildClaimsFromPayload(decoded);
+        setInitialized("OK");
+        setToken(jwt);
+        setClaims(claims);
+        return claims;
+    };
+    async function fetchToken(email, password) {
+        const options = {
+            method: 'POST',
+            credentials: 'include',
+            headers: {
+                'Accept': 'application/json',
+                'Content-Type': 'application/json',
+                'ApiKey': apiKey
+            }
+        };
+        if (email) {
+            options.body = JSON.stringify({
+                UserName: email,
+                Password: password,
+                RememberMe: false
+            });
+        }
+        return fancyFetch(urls.Login, options)
+            .then(res => res ? res.text() : null)
+            .then(jwt => jwt ? jwt.replace(/['"]+/g, '') : null)
+            .then(jwt => {
+            const decoded = assignToken(jwt);
+            if (isLocal() && email && password) {
+                credentialsRef.current = { email, password };
+            }
+            if (isLocal() && decoded.UserType !== "Guest" && jwt) {
+                setLocalToken(jwt); // Store token in Local Storage
+            }
+            return { token: jwt, claims: decoded };
+        });
+    }
+    //#endregion
+    const hasRight = (right) => {
+        const claimsType = claims;
+        if (claimsType.UserType === "Guest")
+            return false;
+        if (claimsType.Customer && claimsType.Customer.Rights) {
+            return claimsType.Customer.Rights.includes(right);
+        }
+        if (claimsType.Employee && claimsType.Employee.Rights) {
+            return claimsType.Employee.Rights.includes(right);
+        }
+        return false;
+    };
+    return (_jsx(AuthContext.Provider, { value: {
+            initialized,
+            claims,
+            email: claims?.Customer?.UserName || claims?.Employee?.UserName || "",
+            discountLevel: claims?.Customer?.CustClass || "EndUser",
+            userType: claims?.UserType || "",
+            login,
+            logout,
+            impersonate,
+            fetch: fancyFetchWithRetry,
+            hasRight,
+            token,
+            sessionId
+        }, children: children }));
+}

package/dist/authentication/AuthContext.test.js

@@ -1,29 +1,214 @@
-import { jsx as _jsx } from "react/jsx-runtime";
-import { describe, it, expect } from 'vitest';
-import { render, screen } from '@testing-library/react';
-import { AuthProvider, useAuthContext } from './AuthContext';
-/**
- * Dummy component to consume the AuthContext
- */
-function ShowAuthState() {
-    const { initialized } = useAuthContext();
-    return _jsx("span", { "data-testid": "auth-state", children: initialized });
-}
-describe('AuthContext', () => {
-    it('provides initialized state to children', () => {
-        render(_jsx(AuthProvider, { loginUrl: '/login', apiKey: '123', children: _jsx(ShowAuthState, {}) }));
-        // The initial state should be "OK"
-        expect(screen.getByTestId('auth-state')).toHaveTextContent('OK');
-    });
-    it('throws error if used outside AuthProvider', () => {
-        // Expect the hook to throw if used outside the provider
-        // (React Testing Library can't render hooks directly; need to use a component)
-        // We'll use a function to capture the error:
-        function CallWithoutProvider() {
-            useAuthContext();
-            return null;
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { render, screen, waitFor, act } from '@testing-library/react';
+import { useAuthContext, default as AuthProvider } from './AuthContext';
+import { buildClaimsFromPayload } from '../utils/ClaimsUtils';
+// Dummy data for API responses
+const dummyEmployee = {
+    userId: 'emp1',
+    userName: 'employee@example.com',
+    nickName: 'Emp',
+    branch: 'HQ',
+    rights: 'VIEW,EDIT',
+};
+const dummyCustomer = {
+    userName: 'customer@example.com',
+    userId: 'cust1',
+    custKey: 123,
+    custId: 'C123',
+    custName: 'Test Customer',
+    custClass: 'Dealer',
+    firstName: 'John',
+    lastName: 'Doe',
+    address: '123 Main St',
+    city: 'Metropolis',
+    state: 'NY',
+    zipCode: '10001',
+    phone: '555-1234',
+    hq: 'HQ',
+    hqCustKey: '456',
+    paymentTerms: 'Net30',
+    lastLoginDate: '2024-01-01',
+    rights: 'BUY,SELL',
+    pendingInvites: ['invite1'],
+    primaryAdmin: 'admin1',
+};
+const dummyJwtPayload = {
+    Time: 'now',
+    IpAddress: '127.0.0.1',
+    Origin: 'test',
+    UserType: 'Employee',
+    Customer: JSON.stringify(dummyCustomer),
+    Employee: JSON.stringify(dummyEmployee),
+    exp: 9999999999,
+    iss: 'issuer',
+};
+const dummyJwt = 'dummy.jwt.token';
+const guestDefaultClaims = {
+    Time: 'now',
+    IpAddress: '127.0.0.1',
+    Origin: 'test',
+    UserType: "Guest",
+    Customer: null,
+    Employee: null,
+    exp: 9999999999,
+    iss: 'issuer',
+};
+const guestJwtPayload = guestDefaultClaims;
+const guestJwt = 'guest.jwt.token';
+// Mock jwtDecode to just return our dummy payload
+vi.mock('jwt-decode', () => ({
+    jwtDecode: (jwt) => {
+        if (jwt === dummyJwt) {
+            return dummyJwtPayload;
+        }
+        else {
+            return guestJwtPayload;
         }
-        // Wrap in a function to capture the thrown error
-        expect(() => render(_jsx(CallWithoutProvider, {}))).toThrow(/Must be inside AuthProvider/);
+    }
+}));
+global.fetch = vi.fn();
+const urls = {
+    Login: '/api/login',
+    Logout: '/api/logout',
+    Impersonate: (email) => `/api/impersonate/${email}`,
+};
+const apiKey = 'test-api-key';
+const sessionClientId = 'test-session-id';
+function TestConsumer() {
+    const ctx = useAuthContext();
+    if (!ctx)
+        return _jsx("div", { children: "no context" });
+    return (_jsxs("div", { children: [_jsx("div", { "data-testid": "initialized", children: ctx.initialized }), _jsx("div", { "data-testid": "email", children: ctx.email }), _jsx("div", { "data-testid": "userType", children: ctx.userType }), _jsx("div", { "data-testid": "claims", children: JSON.stringify(ctx.claims) }), _jsx("button", { onClick: () => ctx.login('test@example.com', 'pw'), children: "Login" }), _jsx("button", { onClick: () => ctx.logout(), children: "Logout" }), _jsx("button", { onClick: () => ctx.impersonate('imp@example.com'), children: "Impersonate" })] }));
+}
+describe('AuthProvider', () => {
+    // Setup mock API endpoints
+    beforeEach(() => {
+        vi.clearAllMocks();
+        // Default fetch mock: login returns a dummy JWT string
+        global.fetch.mockImplementation((url, opts) => {
+            if (url.includes('/api/login')) {
+                // If no body or body does not include UserName/Password, return guest JWT
+                if (!opts?.body) {
+                    return Promise.resolve({
+                        status: 200,
+                        text: () => Promise.resolve('"' + guestJwt + '"'),
+                    });
+                }
+                try {
+                    const body = JSON.parse(opts.body);
+                    if (!body.UserName || !body.Password) {
+                        return Promise.resolve({
+                            status: 200,
+                            text: () => Promise.resolve('"' + guestJwt + '"'),
+                        });
+                    }
+                }
+                catch {
+                    // fallback to guest
+                    return Promise.resolve({
+                        status: 200,
+                        text: () => Promise.resolve('"' + guestJwt + '"'),
+                    });
+                }
+                // Otherwise, return employee/customer JWT
+                return Promise.resolve({
+                    status: 200,
+                    text: () => Promise.resolve('"' + dummyJwt + '"'),
+                });
+            }
+            if (url.includes('/api/impersonate')) {
+                return Promise.resolve({
+                    status: 200,
+                    text: () => Promise.resolve('"' + dummyJwt + '"'),
+                });
+            }
+            if (url.includes('/api/logout')) {
+                return Promise.resolve({
+                    status: 200,
+                    text: () => Promise.resolve(''),
+                });
+            }
+            return Promise.resolve({ status: 404, text: () => Promise.resolve('Not found') });
+        });
+        // Clear localStorage
+        window.localStorage.clear();
+    });
+    afterEach(() => {
+        vi.clearAllMocks();
+        window.localStorage.clear();
+    });
+    // Tests
+    it('calls login on mount (useEffect) and sets state', async () => {
+        await act(async () => {
+            render(_jsx(AuthProvider, { urls: urls, apiKey: apiKey, sessionClientId: sessionClientId, children: _jsx(TestConsumer, {}) }));
+        });
+        await waitFor(() => {
+            expect(screen.getByTestId('initialized').textContent).toBe('OK');
+            expect(screen.getByTestId('email').textContent).toBe('');
+            expect(screen.getByTestId('userType').textContent).toBe('Guest');
+            expect(screen.getByTestId('claims').textContent).toContain('');
+        });
+    });
+    it('loads token from localStorage and sets state on mount', async () => {
+        // The key used by useLocalStorage (with CPC. prefix)
+        window.localStorage.setItem('CPC.token', JSON.stringify(dummyJwt));
+        await act(async () => {
+            render(_jsx(AuthProvider, { urls: urls, apiKey: apiKey, sessionClientId: sessionClientId, children: _jsx(TestConsumer, {}) }));
+        });
+        await waitFor(() => {
+            expect(screen.getByTestId('initialized').textContent).toBe('OK');
+            expect(screen.getByTestId('email').textContent).toBe('customer@example.com');
+            expect(screen.getByTestId('userType').textContent).toBe('Employee');
+            expect(screen.getByTestId('claims').textContent).toContain('customer@example.com');
+        });
+    });
+    it('login() sets state with new credentials', async () => {
+        render(_jsx(AuthProvider, { urls: urls, apiKey: apiKey, sessionClientId: sessionClientId, children: _jsx(TestConsumer, {}) }));
+        await act(async () => {
+            screen.getByText('Login').click();
+        });
+        await waitFor(() => {
+            expect(screen.getByTestId('initialized').textContent).toBe('OK');
+            expect(screen.getByTestId('email').textContent).toBe('customer@example.com');
+        });
+    });
+    it('impersonate() sets state with impersonated user', async () => {
+        render(_jsx(AuthProvider, { urls: urls, apiKey: apiKey, sessionClientId: sessionClientId, children: _jsx(TestConsumer, {}) }));
+        await act(async () => {
+            screen.getByText('Impersonate').click();
+        });
+        await waitFor(() => {
+            expect(screen.getByTestId('initialized').textContent).toBe('OK');
+            expect(screen.getByTestId('email').textContent).toBe('customer@example.com');
+        });
+    });
+    it('logout() resets state to guest', async () => {
+        render(_jsx(AuthProvider, { urls: urls, apiKey: apiKey, sessionClientId: sessionClientId, children: _jsx(TestConsumer, {}) }));
+        // First, login
+        await act(async () => {
+            screen.getByText('Login').click();
+        });
+        await waitFor(() => {
+            expect(screen.getByTestId('userType').textContent).toBe('Employee');
+        });
+        // Now, logout
+        await act(async () => {
+            screen.getByText('Logout').click();
+        });
+        await waitFor(async () => {
+            const userTypeDiv = await screen.findByTestId('userType');
+            expect(userTypeDiv.textContent).toBe('Guest');
+        });
+    });
+});
+describe('buildClaimsFromPayload', () => {
+    it('parses payload and normalizes claims', () => {
+        const claims = buildClaimsFromPayload(dummyJwtPayload);
+        expect(claims.Customer?.UserName).toBe('customer@example.com');
+        expect(claims.Employee?.UserName).toBe('employee@example.com');
+        expect(claims.UserType).toBe('Employee');
+        expect(Array.isArray(claims.Customer?.Rights)).toBe(true);
+        expect(Array.isArray(claims.Employee?.Rights)).toBe(true);
     });
 });

package/dist/authentication/AuthTypes.d.ts

@@ -0,0 +1,82 @@
+export type EmployeeResponse = {
+    userId: string;
+    userName: string;
+    nickName: string;
+    branch: string;
+    rights: string;
+};
+export type CustomerResponse = {
+    userName: string;
+    userId: string;
+    custKey: number;
+    custId: string;
+    custName: string;
+    custClass: string;
+    firstName: string;
+    lastName: string;
+    address: string;
+    city: string;
+    state: string;
+    zipCode: string;
+    phone: string;
+    hq: string;
+    hqCustKey: string;
+    paymentTerms: string;
+    lastLoginDate: string | null;
+    rights: string;
+    pendingInvites: Invite[];
+    primaryAdmin: string;
+};
+export type InviteType = "NewAcctPrimary" | "Standard" | "Primary" | "LinkedStandard" | "LinkedPrimary";
+export type Invite = {
+    id: string;
+    senderEmail: string;
+    custKey: number;
+    custId: string;
+    custName: string;
+    targetEmail: string;
+    targetUserId: string;
+    inviteType: InviteType | string;
+    rights: string;
+    status: string;
+    createdDate: string;
+};
+export type EmployeeClaims = {
+    UserId: string;
+    UserName: string;
+    NickName: string;
+    Branch: string | null;
+    Rights: string[];
+};
+export type CustomerClaims = {
+    UserName: string;
+    UserId: string;
+    CustKey: number;
+    CustId: string;
+    CustName: string;
+    CustClass: string;
+    FirstName: string;
+    LastName: string;
+    Address: string;
+    City: string;
+    State: string;
+    ZipCode: string;
+    Phone: string;
+    HQ: string | null;
+    HQCustKey: number;
+    PaymentTerms: string;
+    LastLoginDate: string;
+    Rights: string[];
+    PendingInvites: unknown[];
+    PrimaryAdmin: unknown | null;
+};
+export type Claims = {
+    Time: string;
+    IpAddress: string;
+    Origin: string;
+    UserType: "Guest" | "Employee" | "LinkedCustomer" | string;
+    Customer: CustomerClaims | null;
+    Employee: EmployeeClaims | null;
+    exp: number;
+    iss: string;
+};

package/dist/authentication/AuthTypes.js

@@ -0,0 +1 @@
+export {};

package/dist/hooks/useLocalStorage.d.ts

@@ -0,0 +1,14 @@
+/**
+ * React hook for managing a value in localStorage with a CPC-prefixed key.
+ *
+ * The key is automatically prefixed with "CPC." if not already present (case-insensitive).
+ *
+ * @template T The type of the value to store.
+ * @param {string} key - The key to use in localStorage. Will be prefixed with "CPC." if not already.
+ * @param {T} initialValue - The initial value to use if no value is found in localStorage.
+ * @returns {[T, (value?: T) => void]} A tuple containing the current value and a setter function.
+ *
+ * The setter function updates both state and localStorage. Passing `undefined` removes the item from localStorage.
+ * Passing `null` resets the value to the initial value.
+ */
+export default function useLocalStorage<T>(key: string, initialValue: T): [T, (_value?: T) => void];

package/dist/hooks/useLocalStorage.js

@@ -0,0 +1,41 @@
+import { useState } from "react";
+function getPrefixedKey(key) {
+    return key.toLowerCase().startsWith("cpc.") ? key : "CPC." + key;
+}
+/**
+ * React hook for managing a value in localStorage with a CPC-prefixed key.
+ *
+ * The key is automatically prefixed with "CPC." if not already present (case-insensitive).
+ *
+ * @template T The type of the value to store.
+ * @param {string} key - The key to use in localStorage. Will be prefixed with "CPC." if not already.
+ * @param {T} initialValue - The initial value to use if no value is found in localStorage.
+ * @returns {[T, (value?: T) => void]} A tuple containing the current value and a setter function.
+ *
+ * The setter function updates both state and localStorage. Passing `undefined` removes the item from localStorage.
+ * Passing `null` resets the value to the initial value.
+ */
+export default function useLocalStorage(key, initialValue) {
+    const fullKey = getPrefixedKey(key);
+    const getStoredValue = () => {
+        try {
+            const item = window.localStorage.getItem(fullKey);
+            return item ? JSON.parse(item) : initialValue;
+        }
+        catch {
+            return initialValue;
+        }
+    };
+    const [storedValue, setStoredValue] = useState(getStoredValue);
+    const setValue = (value) => {
+        const denullified = value === null ? initialValue : value;
+        setStoredValue(denullified);
+        if (value === undefined) {
+            window.localStorage.removeItem(fullKey);
+        }
+        else {
+            window.localStorage.setItem(fullKey, JSON.stringify(denullified));
+        }
+    };
+    return [storedValue, setValue];
+}

package/dist/index.d.ts

@@ -1,2 +1,6 @@
-export type { AuthContextValue, AuthProviderProps } from './authentication/AuthContext';
-export { useAuthContext, AuthProvider } from './authentication/AuthContext';
+export type { AuthUrls, AuthContextType, AuthProviderProps, Credentials } from './authentication/AuthContext';
+export { default as AuthProvider, useAuthContext } from './authentication/AuthContext';
+export type { EmployeeResponse, CustomerResponse, InviteType, Invite, EmployeeClaims, CustomerClaims, Claims } from './authentication/AuthTypes';
+export { default as useLocalStorage } from './hooks/useLocalStorage';
+export { getSessionId } from './utils/SessionUtils';
+export { buildClaimsFromPayload } from './utils/ClaimsUtils';

package/dist/index.js

@@ -1 +1,6 @@
-export { useAuthContext, AuthProvider } from './authentication/AuthContext';
+// Export AuthProvider as default and useAuthContext hook
+export { default as AuthProvider, useAuthContext } from './authentication/AuthContext';
+// Export utility hooks and functions
+export { default as useLocalStorage } from './hooks/useLocalStorage';
+export { getSessionId } from './utils/SessionUtils';
+export { buildClaimsFromPayload } from './utils/ClaimsUtils';

package/dist/utils/ClaimsUtils.d.ts

@@ -0,0 +1,16 @@
+import { Claims } from "../authentication/AuthTypes";
+/**
+ * Converts a decoded JWT payload into a normalized Claims object for authentication.
+ *
+ * This function parses the nested Customer and Employee fields (if present) from the payload,
+ * normalizes their structure (including splitting comma-separated rights into arrays),
+ * and returns a Claims object suitable for use in authentication and authorization logic.
+ *
+ * - If the payload contains stringified JSON for Customer or Employee, they are parsed and normalized.
+ * - Rights fields are always returned as arrays of strings.
+ * - Handles missing or malformed fields gracefully, returning nulls or empty arrays as appropriate.
+ *
+ * @param payload - The decoded JWT payload as a plain object.
+ * @returns {Claims} The normalized Claims object with Customer and Employee claims, or nulls if not present.
+ */
+export declare function buildClaimsFromPayload(payload: Record<string, any>): Claims;

package/dist/utils/ClaimsUtils.js

@@ -0,0 +1,76 @@
+/**
+ * Converts a decoded JWT payload into a normalized Claims object for authentication.
+ *
+ * This function parses the nested Customer and Employee fields (if present) from the payload,
+ * normalizes their structure (including splitting comma-separated rights into arrays),
+ * and returns a Claims object suitable for use in authentication and authorization logic.
+ *
+ * - If the payload contains stringified JSON for Customer or Employee, they are parsed and normalized.
+ * - Rights fields are always returned as arrays of strings.
+ * - Handles missing or malformed fields gracefully, returning nulls or empty arrays as appropriate.
+ *
+ * @param payload - The decoded JWT payload as a plain object.
+ * @returns {Claims} The normalized Claims object with Customer and Employee claims, or nulls if not present.
+ */
+export function buildClaimsFromPayload(payload) {
+    // Parse nested Customer and Employee using API response types
+    function parseNested(obj, name) {
+        if (obj && typeof obj === "object" && typeof obj[name] === "string" && obj[name].length > 0) {
+            return JSON.parse(obj[name]);
+        }
+        return "";
+    }
+    const customerRaw = parseNested(payload, "Customer");
+    const employeeRaw = parseNested(payload, "Employee");
+    // Convert EmployeeResponse to EmployeeClaims (normalize Rights)
+    let employeeClaims = null;
+    if (employeeRaw && typeof employeeRaw === "object") {
+        employeeClaims = {
+            UserId: employeeRaw.userId,
+            UserName: employeeRaw.userName,
+            NickName: employeeRaw.nickName,
+            Branch: employeeRaw.branch ?? null,
+            Rights: typeof employeeRaw.rights === "string"
+                ? employeeRaw.rights.split(",").map((s) => s.trim())
+                : [],
+        };
+    }
+    // Convert CustomerResponse to CustomerClaims (normalize Rights, PendingInvites, etc.)
+    let customerClaims = null;
+    if (customerRaw && typeof customerRaw === "object") {
+        customerClaims = {
+            UserName: customerRaw.userName,
+            UserId: customerRaw.userId,
+            CustKey: customerRaw.custKey,
+            CustId: customerRaw.custId,
+            CustName: customerRaw.custName,
+            CustClass: customerRaw.custClass,
+            FirstName: customerRaw.firstName,
+            LastName: customerRaw.lastName,
+            Address: customerRaw.address,
+            City: customerRaw.city,
+            State: customerRaw.state,
+            ZipCode: customerRaw.zipCode,
+            Phone: customerRaw.phone,
+            HQ: customerRaw.hq ?? null,
+            HQCustKey: typeof customerRaw.hqCustKey === "string" ? parseInt(customerRaw.hqCustKey, 10) : customerRaw.hqCustKey,
+            PaymentTerms: customerRaw.paymentTerms,
+            LastLoginDate: customerRaw.lastLoginDate ?? "",
+            Rights: typeof customerRaw.rights === "string"
+                ? customerRaw.rights.split(",").map((s) => s.trim())
+                : [],
+            PendingInvites: customerRaw.pendingInvites ?? [],
+            PrimaryAdmin: customerRaw.primaryAdmin ?? null,
+        };
+    }
+    return {
+        Time: String(payload.Time ?? ""),
+        IpAddress: String(payload.IpAddress ?? ""),
+        Origin: String(payload.Origin ?? ""),
+        UserType: String(payload.UserType ?? "Guest"),
+        Customer: customerClaims,
+        Employee: employeeClaims,
+        exp: Number(payload.exp ?? 0),
+        iss: String(payload.iss ?? ""),
+    };
+}

package/dist/utils/SessionUtils.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Gets or creates a session ID stored in sessionStorage under a CPC-prefixed key.
+ *
+ * @param {string} clientId - The identifier to inject into the session key (e.g., 'CatBaker2').
+ * @returns {string} The session ID.
+ */
+export declare const getSessionId: (clientId: string) => string;

package/dist/utils/SessionUtils.js

@@ -0,0 +1,18 @@
+import { v4 as uuidv4 } from 'uuid';
+/**
+ * Gets or creates a session ID stored in sessionStorage under a CPC-prefixed key.
+ *
+ * @param {string} clientId - The identifier to inject into the session key (e.g., 'CatBaker2').
+ * @returns {string} The session ID.
+ */
+export const getSessionId = (clientId) => {
+    const SESSION_ID_KEY = `CPC.${clientId}.SessionId`;
+    // Check if we already have a session ID
+    let sessionId = sessionStorage.getItem(SESSION_ID_KEY);
+    // If not, generate a new one and store it
+    if (!sessionId) {
+        sessionId = uuidv4();
+        sessionStorage.setItem(SESSION_ID_KEY, sessionId);
+    }
+    return sessionId;
+};

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@caseparts-org/casecore",
   "private": false,
-  "version": "0.0.3",
+  "version": "0.0.4",
   "type": "module",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",