@codingfactory/socialkit-vue 0.1.0

package/src/stores/auth.ts

@@ -0,0 +1,400 @@
+/**
+ * Generic auth store factory for SocialKit-powered frontends.
+ *
+ * Use `createAuthStoreDefinition()` to produce a Pinia store definition
+ * that each site frontend can register with its own configuration.
+ */
+
+import { defineStore } from 'pinia'
+import { ref, computed } from 'vue'
+import type { ComputedRef, Ref } from 'vue'
+import type { Router } from 'vue-router'
+import type { AuthServiceInstance, LoginResponse, RegisterData } from '../services/auth.js'
+import type { ApiService } from '../services/api.js'
+import type { TokenStorage } from '../utils/tokenStorage.js'
+import type { User } from '../types/user.js'
+
+export interface AuthStoreStateRefs {
+  user: Ref<User | null>
+  isAuthenticated: Ref<boolean>
+  loading: Ref<boolean>
+}
+
+export interface AuthStoreGetters {
+  currentUser: ComputedRef<User | null>
+  isLoggedIn: ComputedRef<boolean>
+  token: ComputedRef<string | null>
+}
+
+export interface AuthStoreActions {
+  login: (loginCredential: string, password: string, redirectPath?: string, remember?: boolean) => Promise<LoginResponse>
+  register: (data: RegisterData) => Promise<LoginResponse>
+  logout: () => Promise<void>
+  refreshSessionAndReplay: () => Promise<boolean>
+  fetchUser: () => Promise<User | null>
+  checkAuth: (forceValidation?: boolean) => Promise<void>
+  setUser: (newUser: User) => void
+  hasStoredToken: () => boolean
+}
+
+export interface AuthStoreExtensionContext {
+  state: AuthStoreStateRefs
+  getters: AuthStoreGetters
+  actions: AuthStoreActions
+  services: {
+    authService: AuthServiceInstance
+    apiService: ApiService
+    tokenStorage: TokenStorage
+    router: Router
+  }
+  config: {
+    storeId: string
+    defaultLoginRedirect: string
+  }
+  resolveSafeRedirectPath: (redirectPath?: string) => string
+}
+
+export type AuthStoreExtension = Record<string, unknown>
+
+/** Configuration for creating the auth store definition. */
+export interface AuthStoreConfig<TExtension extends AuthStoreExtension = Record<string, never>> {
+  /** Pinia store id (default: 'auth'). */
+  storeId?: string
+  /** Auth service instance. */
+  authService: AuthServiceInstance
+  /** API service instance (for pending auth request management). */
+  apiService: ApiService
+  /** Token storage instance. */
+  tokenStorage: TokenStorage
+  /** Vue Router instance. */
+  router: Router
+  /** Default redirect path after login (default: '/'). */
+  defaultLoginRedirect?: string
+  /** Extra Pinia store options (e.g. persist config from pinia-plugin-persistedstate). */
+  storeOptions?: Record<string, unknown>
+  /** Hook called during logout to reset app-specific stores. */
+  onLogout?: () => Promise<void> | void
+  /** Hook called after the user object is updated. */
+  onUserUpdated?: (prev: User | null, next: User) => void
+  /** Callback to set the validating-auth flag on the auth service layer. */
+  setValidatingAuth?: (value: boolean) => void
+  /** Add app-specific state, getters, and actions without forking the generic auth core. */
+  extend?: (context: AuthStoreExtensionContext) => TExtension
+}
+
+export type AuthStoreReturn = ReturnType<ReturnType<typeof createAuthStoreDefinition>>
+
+/** Create a Pinia auth store definition configured for a specific site. */
+export function createAuthStoreDefinition<TExtension extends AuthStoreExtension = Record<string, never>>(config: AuthStoreConfig<TExtension>) {
+  const {
+    storeId = 'auth',
+    authService,
+    apiService,
+    tokenStorage,
+    router,
+    defaultLoginRedirect = '/',
+    storeOptions = {},
+    onLogout,
+    onUserUpdated,
+    setValidatingAuth,
+    extend
+  } = config
+
+  const EXTERNAL_PROTOCOL_PATTERN = /^[a-z][a-z\d+\-.]*:/i
+
+  return defineStore(storeId, () => {
+    // State
+    const user = ref<User | null>(null)
+    const isAuthenticated = ref(false)
+    const loading = ref(false)
+
+    // Getters
+    const currentUser = computed(() => user.value)
+    const isLoggedIn = computed(() => isAuthenticated.value)
+    const token = computed<string | null>(() => tokenStorage.getToken())
+
+    function resolveSafeRedirectPath(redirectPath?: string): string {
+      if (!redirectPath) {
+        return defaultLoginRedirect
+      }
+
+      const trimmed = redirectPath.trim()
+
+      if (trimmed === '') {
+        return defaultLoginRedirect
+      }
+
+      if (EXTERNAL_PROTOCOL_PATTERN.test(trimmed)) {
+        return defaultLoginRedirect
+      }
+
+      if (!trimmed.startsWith('/') || trimmed.startsWith('//')) {
+        return defaultLoginRedirect
+      }
+
+      return trimmed
+    }
+
+    // Actions
+    async function login(loginCredential: string, password: string, redirectPath?: string, remember = false) {
+      loading.value = true
+
+      try {
+        const response = await authService.login(loginCredential, password, remember)
+        user.value = response.user
+        isAuthenticated.value = true
+
+        await fetchUser()
+
+        const destination = resolveSafeRedirectPath(redirectPath)
+        router.push(destination)
+
+        return response
+      } catch (error) {
+        isAuthenticated.value = false
+        user.value = null
+        throw error
+      } finally {
+        loading.value = false
+      }
+    }
+
+    async function register(data: {
+      handle: string
+      name: string
+      email: string
+      password: string
+      password_confirmation: string
+    }) {
+      loading.value = true
+
+      try {
+        const response = await authService.register(data)
+        user.value = response.user
+        isAuthenticated.value = true
+
+        await fetchUser()
+        router.push(defaultLoginRedirect)
+
+        return response
+      } catch (error) {
+        isAuthenticated.value = false
+        user.value = null
+        throw error
+      } finally {
+        loading.value = false
+      }
+    }
+
+    async function logout() {
+      loading.value = true
+
+      try {
+        await authService.logout()
+      } finally {
+        apiService.clearPendingAuthRequest()
+
+        if (onLogout) {
+          try {
+            await onLogout()
+          } catch {
+            // Swallow store-reset errors during logout
+          }
+        }
+
+        user.value = null
+        isAuthenticated.value = false
+        loading.value = false
+
+        const currentPath = window.location.pathname
+        if (currentPath !== '/login' && currentPath !== '/register') {
+          router.push('/login')
+        }
+      }
+    }
+
+    async function refreshSessionAndReplay(): Promise<boolean> {
+      const refreshedToken = await tokenStorage.tryRefreshToken()
+
+      if (!refreshedToken) {
+        apiService.clearPendingAuthRequest()
+        user.value = null
+        isAuthenticated.value = false
+        tokenStorage.removeToken()
+        return false
+      }
+
+      try {
+        await fetchUser()
+      } catch {
+        apiService.clearPendingAuthRequest()
+        user.value = null
+        isAuthenticated.value = false
+        tokenStorage.removeToken()
+        return false
+      }
+
+      apiService.markAuthRecoveryHandled()
+
+      if (apiService.hasPendingAuthRequest()) {
+        try {
+          await apiService.replayPendingAuthRequest(refreshedToken)
+        } catch {
+          // Keep session; callers can retry replay manually
+        }
+      }
+
+      return true
+    }
+
+    async function fetchUser() {
+      loading.value = true
+
+      try {
+        const prev = user.value ? { ...user.value } : null
+        const next = await authService.getUser()
+
+        user.value = { ...next }
+        isAuthenticated.value = true
+
+        if (onUserUpdated) {
+          onUserUpdated(prev, next)
+        }
+
+        return user.value
+      } catch (error) {
+        isAuthenticated.value = false
+        user.value = null
+        throw error
+      } finally {
+        loading.value = false
+      }
+    }
+
+    async function checkAuth(forceValidation = false) {
+      const storedToken = tokenStorage.getToken()
+
+      if (!storedToken) {
+        isAuthenticated.value = false
+        user.value = null
+        return
+      }
+
+      if (!forceValidation && isAuthenticated.value && user.value) {
+        return
+      }
+
+      if (setValidatingAuth) {
+        setValidatingAuth(true)
+      }
+
+      try {
+        await fetchUser()
+      } catch {
+        isAuthenticated.value = false
+        user.value = null
+        tokenStorage.removeToken()
+      } finally {
+        if (setValidatingAuth) {
+          setValidatingAuth(false)
+        }
+      }
+    }
+
+    function setUser(newUser: User) {
+      const prev = user.value ? { ...user.value } : null
+      user.value = { ...newUser }
+      isAuthenticated.value = true
+
+      if (onUserUpdated) {
+        onUserUpdated(prev, newUser)
+      }
+    }
+
+    function hasStoredToken(): boolean {
+      const storedToken = tokenStorage.getToken()
+
+      if (storedToken === null) {
+        isAuthenticated.value = false
+        user.value = null
+        return false
+      }
+
+      return true
+    }
+
+    const baseState: AuthStoreStateRefs = {
+      user,
+      isAuthenticated,
+      loading
+    }
+
+    const baseGetters: AuthStoreGetters = {
+      currentUser,
+      isLoggedIn,
+      token
+    }
+
+    const baseActions: AuthStoreActions = {
+      login,
+      register,
+      logout,
+      refreshSessionAndReplay,
+      fetchUser,
+      checkAuth,
+      setUser,
+      hasStoredToken
+    }
+
+    const baseStore = {
+      // State (as computed refs for readonly exposure)
+      user: computed(() => user.value),
+      isAuthenticated: computed(() => isAuthenticated.value && token.value !== null),
+      loading: computed(() => loading.value),
+
+      // Getters
+      ...baseGetters,
+
+      // Actions
+      ...baseActions
+    }
+
+    const extensionContext: AuthStoreExtensionContext = {
+      state: baseState,
+      getters: baseGetters,
+      actions: baseActions,
+      services: {
+        authService,
+        apiService,
+        tokenStorage,
+        router
+      },
+      config: {
+        storeId,
+        defaultLoginRedirect
+      },
+      resolveSafeRedirectPath
+    }
+
+    const extension = extend?.(extensionContext)
+
+    if (extension) {
+      for (const key of Object.keys(extension)) {
+        if (key in baseStore) {
+          throw new Error(`Auth store extension key "${key}" conflicts with the shared auth store surface.`)
+        }
+      }
+    }
+
+    if (extension) {
+      return {
+        ...baseStore,
+        ...extension
+      }
+    }
+
+    return {
+      ...baseStore
+    }
+  }, storeOptions as Record<string, never>)
+}

package/src/types/api.ts

@@ -0,0 +1,56 @@
+/**
+ * Core type definitions for SocialKit API services.
+ *
+ * These types are generic and shared across all SocialKit-powered frontends.
+ */
+
+/** Standard API response wrapper. */
+export interface ApiResponse<T> {
+  data: T
+  meta?: {
+    current_page?: number
+    total?: number
+    per_page?: number
+    last_page?: number
+    next_cursor?: string
+    prev_cursor?: string
+    has_more?: boolean
+  }
+  message?: string
+  status?: number
+}
+
+/** Paginated response shape. */
+export interface PaginatedResponse<T> {
+  items: T[]
+  total: number
+  per_page: number
+  current_page: number
+  last_page: number
+  next_cursor?: string
+  prev_cursor?: string
+}
+
+/** API error shape. */
+export interface ApiError {
+  message: string
+  code?: string
+  status?: number
+  details?: Record<string, unknown>
+}
+
+/** Upload progress event. */
+export interface UploadProgressEvent {
+  loaded: number
+  total?: number
+  progress?: number
+}
+
+/** Request configuration accepted by ApiService methods. */
+export interface RequestConfig {
+  headers?: Record<string, string>
+  params?: Record<string, string | number | boolean>
+  timeout?: number
+  onUploadProgress?: (progressEvent: UploadProgressEvent) => void
+  signal?: AbortSignal
+}

package/src/types/user.ts

@@ -0,0 +1,94 @@
+/**
+ * User type definitions shared across SocialKit frontends.
+ */
+
+/** Base user type used by the auth system. */
+export interface User {
+  id: string
+  name: string
+  email: string
+  avatar?: string | Record<string, unknown> | null
+  avatar_url?: string | null
+  cover_photo?: string | null
+  handle?: string
+  role: 'admin' | 'moderator' | 'user'
+  tenant_id?: string
+  roles?: string[]
+  permissions?: string[]
+  capabilities?: Record<string, boolean>
+  last_login_at?: string
+  created_at?: string
+  status?: 'active' | 'suspended' | 'banned'
+  model_type?: string
+}
+
+/** Identity user type from the identity service. */
+export interface IdentityUser {
+  id: string
+  handle?: string
+  name: string
+  avatar?: string | null
+  avatar_url?: string | null
+  cover_photo?: string | null
+  bio?: string | null
+  email?: string
+  created_at?: string
+  updated_at?: string
+}
+
+/** Type guard for User. */
+export function isUser(obj: unknown): obj is User {
+  return (
+    obj !== null &&
+    typeof obj === 'object' &&
+    'id' in obj &&
+    'name' in obj &&
+    'email' in obj &&
+    'role' in obj
+  )
+}
+
+/** Type guard for IdentityUser. */
+export function isIdentityUser(obj: unknown): obj is IdentityUser {
+  return (
+    obj !== null &&
+    typeof obj === 'object' &&
+    'id' in obj &&
+    'name' in obj
+  )
+}
+
+/** Convert an IdentityUser to the base User type. */
+export function identityUserToUser(
+  identity: IdentityUser,
+  role: 'admin' | 'moderator' | 'user' = 'user'
+): User {
+  const user: User = {
+    id: identity.id,
+    name: identity.name,
+    email: identity.email ?? '',
+    role
+  }
+
+  if (identity.avatar !== null && identity.avatar !== undefined) {
+    user.avatar = identity.avatar
+  }
+
+  if (identity.avatar_url !== null && identity.avatar_url !== undefined) {
+    user.avatar_url = identity.avatar_url
+  }
+
+  if (identity.cover_photo !== null && identity.cover_photo !== undefined) {
+    user.cover_photo = identity.cover_photo
+  }
+
+  if (identity.handle !== undefined) {
+    user.handle = identity.handle
+  }
+
+  if (identity.created_at !== undefined) {
+    user.created_at = identity.created_at
+  }
+
+  return user
+}