@checkstack/auth-common 0.6.3 → 0.6.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +11 -0
- package/package.json +2 -2
- package/src/rpc-contract.ts +13 -0
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,16 @@
|
|
|
1
1
|
# @checkstack/auth-common
|
|
2
2
|
|
|
3
|
+
## 0.6.4
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- 32d52c6: Fix and improve password reset flow + email branding:
|
|
8
|
+
|
|
9
|
+
- **Fix**: password reset emails were failing with "Malformed password reset URL: missing token parameter". Better-auth puts the reset token in the URL path (`/reset-password/{token}`), not as a `?token=` query param, so the previous URL-parsing logic always failed. Now uses the `token` argument better-auth passes to `sendResetPassword` directly.
|
|
10
|
+
- **UX**: the reset password page now validates the token on load via a new anonymous `validateResetToken` endpoint, so users see "Invalid Link" / "Link Expired" before typing a password rather than after submitting. Tokens are 24-char nanoid-style values (~143 bits of entropy), so exposing validity does not enable enumeration.
|
|
11
|
+
- **Fix**: transactional notifications were hardcoded to `importance: "critical"`, causing password reset emails to display a misleading "CRITICAL" badge. The `sendTransactional` contract now accepts an optional `importance` field that defaults to `"info"`.
|
|
12
|
+
- **Branding**: redesigned the email layout (`wrapInEmailLayout`) with a Checkstack-style engineering aesthetic — dark header with grid pattern, monospace importance badge, hardened CTA button (Outlook VML fallback + explicit text color), and force-light color scheme to prevent client auto-inversion from breaking text legibility.
|
|
13
|
+
|
|
3
14
|
## 0.6.3
|
|
4
15
|
|
|
5
16
|
### Patch Changes
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@checkstack/auth-common",
|
|
3
|
-
"version": "0.6.
|
|
3
|
+
"version": "0.6.4",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"exports": {
|
|
6
6
|
".": {
|
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
}
|
|
10
10
|
},
|
|
11
11
|
"dependencies": {
|
|
12
|
-
"@checkstack/common": "0.
|
|
12
|
+
"@checkstack/common": "0.7.0",
|
|
13
13
|
"@orpc/contract": "^1.13.14",
|
|
14
14
|
"zod": "^4.0.0"
|
|
15
15
|
},
|
package/src/rpc-contract.ts
CHANGED
|
@@ -152,6 +152,19 @@ export const authContract = {
|
|
|
152
152
|
)
|
|
153
153
|
.output(z.object({ success: z.boolean() })),
|
|
154
154
|
|
|
155
|
+
validateResetToken: proc({
|
|
156
|
+
operationType: "query",
|
|
157
|
+
userType: "anonymous",
|
|
158
|
+
access: [],
|
|
159
|
+
})
|
|
160
|
+
.input(z.object({ token: z.string().min(1).max(128) }))
|
|
161
|
+
.output(
|
|
162
|
+
z.object({
|
|
163
|
+
valid: z.boolean(),
|
|
164
|
+
reason: z.enum(["invalid", "expired"]).optional(),
|
|
165
|
+
}),
|
|
166
|
+
),
|
|
167
|
+
|
|
155
168
|
// ==========================================================================
|
|
156
169
|
// AUTHENTICATED ENDPOINTS (userType: "authenticated")
|
|
157
170
|
// ==========================================================================
|