npm - @cogito.ai/cli - Versions diffs - 0.4.1 → 0.4.3 - Mend

@cogito.ai/cli 0.4.1 → 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (105) hide show

package/dist/templates/web-nextjs/apps/web/src/features/auth/actions.ts CHANGED Viewed

@@ -2,7 +2,14 @@
 import { redirect } from 'next/navigation'
 import { getAuthRepository } from '@/infra/providers'
-import { signInSchema, signUpSchema } from '@/lib/validations/auth'
+import {
+  signInSchema,
+  signUpSchema,
+  forgotPasswordSchema,
+  resetPasswordWithOTPSchema,
+  resetPasswordSchema,
+  displayNameSchema,
+} from '@/lib/validations/auth'
 import type { ActionResult } from '@/core/types/auth'
 import { defaultLocale, isLocale } from '@/i18n/config'
 import type { SignUpSuccessData, OAuthData } from './__contract__'
@@ -84,3 +91,121 @@ export async function signInWithGithubForLocale(
     return { data: null, error: msg }
   }
 }
+export async function requestPasswordReset(
+  _prevState: ActionResult | null,
+  formData: FormData,
+): Promise<ActionResult<void>> {
+  const parsed = forgotPasswordSchema.safeParse({
+    email: formData.get('email'),
+  })
+  if (!parsed.success) {
+    return { data: null, error: parsed.error.issues[0]?.message ?? '输入无效' }
+  }
+  const repo = getAuthRepository()
+  const appUrl = process.env.NEXT_PUBLIC_APP_URL ?? 'http://localhost:3000'
+  const locale = normalizeLocale(formData.get('locale'))
+  const redirectTo = `${appUrl}/auth/callback?next=/${locale}/reset-password`
+  // Always return success to prevent email enumeration
+  await repo.requestPasswordReset(parsed.data.email, redirectTo)
+  return { data: undefined as void, error: null }
+}
+export async function resetPassword(
+  _prevState: ActionResult | null,
+  formData: FormData,
+): Promise<ActionResult<void>> {
+  const parsed = resetPasswordSchema.safeParse({
+    password: formData.get('password'),
+    confirmPassword: formData.get('confirmPassword'),
+  })
+  if (!parsed.success) {
+    return { data: null, error: parsed.error.issues[0]?.message ?? '输入无效' }
+  }
+  const repo = getAuthRepository()
+  const result = await repo.resetPassword(parsed.data.password)
+  if (result.error) {
+    return { data: null, error: result.error }
+  }
+  const locale = normalizeLocale(formData.get('locale'))
+  redirect(`/${locale}/login`)
+}
+export async function updateDisplayName(
+  _prevState: ActionResult | null,
+  formData: FormData,
+): Promise<ActionResult<void>> {
+  const parsed = displayNameSchema.safeParse({
+    name: formData.get('name'),
+  })
+  if (!parsed.success) {
+    return { data: null, error: parsed.error.issues[0]?.message ?? '输入无效' }
+  }
+  const repo = getAuthRepository()
+  const result = await repo.updateDisplayName(parsed.data.name)
+  if (result.error) {
+    return { data: null, error: result.error }
+  }
+  return { data: undefined as void, error: null }
+}
+export async function sendPasswordResetOTP(
+  _prevState: ActionResult | null,
+  formData: FormData,
+): Promise<ActionResult<void>> {
+  const email = formData.get('email')
+  if (!email || typeof email !== 'string') {
+    return { data: null, error: '邮箱不能为空' }
+  }
+  const repo = getAuthRepository()
+  const result = await repo.sendPasswordResetOTP(email)
+  if (result.error) {
+    return { data: null, error: result.error }
+  }
+  return { data: undefined as void, error: null }
+}
+export async function resetPasswordWithOTP(
+  _prevState: ActionResult | null,
+  formData: FormData,
+): Promise<ActionResult<void>> {
+  const parsed = resetPasswordWithOTPSchema.safeParse({
+    email: formData.get('email'),
+    token: formData.get('token'),
+    password: formData.get('password'),
+    confirmPassword: formData.get('confirmPassword'),
+  })
+  if (!parsed.success) {
+    return { data: null, error: parsed.error.issues[0]?.message ?? '输入无效' }
+  }
+  const repo = getAuthRepository()
+  const result = await repo.verifyPasswordResetOTP(
+    parsed.data.email,
+    parsed.data.token,
+    parsed.data.password,
+  )
+  if (result.error) {
+    return { data: null, error: result.error }
+  }
+  const locale = normalizeLocale(formData.get('locale'))
+  redirect(`/${locale}/login`)
+}

package/dist/templates/web-nextjs/apps/web/src/features/auth/index.ts CHANGED Viewed

@@ -1 +1,12 @@
-export { signIn, signUp, signOut, signInWithGithub, signInWithGithubForLocale } from './actions'
+export {
+  signIn,
+  signUp,
+  signOut,
+  signInWithGithub,
+  signInWithGithubForLocale,
+  requestPasswordReset,
+  resetPassword,
+  updateDisplayName,
+  sendPasswordResetOTP,
+  resetPasswordWithOTP,
+} from './actions'

package/dist/templates/web-nextjs/apps/web/src/features/auth/server.ts CHANGED Viewed

@@ -1,9 +1,12 @@
 import { cache } from 'react'
+// eslint-disable-next-line no-restricted-imports -- Infrastructure helper for reading current session; returns raw Supabase user with metadata
 import { getServerClient } from '@/infra/db/client'
 /**
  * Returns the current authenticated user for the active request.
  * Wrapped in React cache() so repeated reads in one request are deduplicated.
+ * Note: This is an infrastructure helper that returns the raw Supabase user
+ * object (including user_metadata) for use in Server Components.
  */
 export const getCurrentUser = cache(async () => {
   const supabase = await getServerClient()

package/dist/templates/web-nextjs/apps/web/src/hooks/use-mobile.ts CHANGED Viewed

@@ -1,6 +1,6 @@
-"use client"
+'use client'
-import * as React from "react"
+import * as React from 'react'
 const MOBILE_BREAKPOINT = 768
@@ -12,9 +12,9 @@ export function useIsMobile() {
     const onChange = () => {
       setIsMobile(window.innerWidth < MOBILE_BREAKPOINT)
     }
-    mql.addEventListener("change", onChange)
+    mql.addEventListener('change', onChange)
     setIsMobile(window.innerWidth < MOBILE_BREAKPOINT)
-    return () => mql.removeEventListener("change", onChange)
+    return () => mql.removeEventListener('change', onChange)
   }, [])
   return !!isMobile

package/dist/templates/web-nextjs/apps/web/src/i18n/config.ts CHANGED Viewed

@@ -9,4 +9,4 @@ export const defaultLocale: AppLocale =
 export function isLocale(value: string): value is AppLocale {
   return locales.includes(value as AppLocale)
-}
+}

package/dist/templates/web-nextjs/apps/web/src/infra/db/SupabaseAuthRepository.ts CHANGED Viewed

@@ -20,9 +20,7 @@ export class SupabaseAuthRepository implements IAuthRepository {
     const supabase = await getServerClient()
     const { data, error } = await supabase.auth.signUp({ email, password })
     if (error) {
-      const msg = error.message.toLowerCase().includes('already')
-        ? '该邮箱已被注册'
-        : error.message
+      const msg = error.message.toLowerCase().includes('already') ? '该邮箱已被注册' : error.message
       return { user: null, error: msg }
     }
     const u = data.user
@@ -39,7 +37,9 @@ export class SupabaseAuthRepository implements IAuthRepository {
   async getSession(): Promise<AuthUser | null> {
     const supabase = await getServerClient()
-    const { data: { user } } = await supabase.auth.getUser()
+    const {
+      data: { user },
+    } = await supabase.auth.getUser()
     if (!user) return null
     return { id: user.id, email: user.email ?? '', createdAt: user.created_at }
   }
@@ -60,4 +60,73 @@ export class SupabaseAuthRepository implements IAuthRepository {
     }
     return { url: data.url }
   }
+  async updateDisplayName(name: string): Promise<AuthResult> {
+    const supabase = await getServerClient()
+    const { error } = await supabase.auth.updateUser({
+      data: { display_name: name },
+    })
+    if (error) {
+      return { user: null, error: error.message }
+    }
+    return { user: null, error: null }
+  }
+  async requestPasswordReset(email: string, redirectTo: string): Promise<void> {
+    const supabase = await getServerClient()
+    await supabase.auth.resetPasswordForEmail(email, { redirectTo })
+  }
+  async resetPassword(password: string): Promise<AuthResult> {
+    const supabase = await getServerClient()
+    const { error } = await supabase.auth.updateUser({ password })
+    if (error) {
+      return { user: null, error: error.message }
+    }
+    return { user: null, error: null }
+  }
+  async sendPasswordResetOTP(email: string): Promise<AuthResult> {
+    const supabase = await getServerClient()
+    const { error } = await supabase.auth.signInWithOtp({
+      email,
+      options: {
+        shouldCreateUser: false, // Don't create user if not exists
+      },
+    })
+    if (error) {
+      return { user: null, error: error.message }
+    }
+    return { user: null, error: null }
+  }
+  async verifyPasswordResetOTP(
+    email: string,
+    token: string,
+    newPassword: string,
+  ): Promise<AuthResult> {
+    const supabase = await getServerClient()
+    const { data, error } = await supabase.auth.verifyOtp({
+      email,
+      token,
+      type: 'email',
+    })
+    if (error) {
+      return { user: null, error: error.message }
+    }
+    // After verifying OTP, update the password
+    const { error: updateError } = await supabase.auth.updateUser({
+      password: newPassword,
+    })
+    if (updateError) {
+      return { user: null, error: updateError.message }
+    }
+    const u = data.user
+    return {
+      user: u ? { id: u.id, email: u.email ?? '', createdAt: u.created_at } : null,
+      error: null,
+    }
+  }
 }

package/dist/templates/web-nextjs/apps/web/src/infra/db/client.ts CHANGED Viewed

@@ -66,10 +66,7 @@ export function getBrowserClient() {
  * await supabase.auth.getUser() // refreshes session token
  * ```
  */
-export function createMiddlewareClient(
-  request: NextRequest,
-  response: NextResponse,
-) {
+export function createMiddlewareClient(request: NextRequest, response: NextResponse) {
   const supabase = createServerClient(
     process.env.NEXT_PUBLIC_SUPABASE_URL!,
     process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,

package/dist/templates/web-nextjs/apps/web/src/lib/utils.ts CHANGED Viewed

@@ -1,5 +1,5 @@
-import { clsx, type ClassValue } from "clsx"
-import { twMerge } from "tailwind-merge"
+import { clsx, type ClassValue } from 'clsx'
+import { twMerge } from 'tailwind-merge'
 export function cn(...inputs: ClassValue[]) {
   return twMerge(clsx(inputs))

package/dist/templates/web-nextjs/apps/web/src/lib/validations/auth.ts CHANGED Viewed

@@ -16,5 +16,39 @@ export const signUpSchema = z
     path: ['confirmPassword'],
   })
+export const forgotPasswordSchema = z.object({
+  email: z.string().email('请输入有效邮箱'),
+})
+export const resetPasswordWithOTPSchema = z
+  .object({
+    email: z.string().email('请输入有效邮箱'),
+    token: z.string().min(6, '验证码至少 6 位'),
+    password: z.string().min(8, '密码至少 8 位'),
+    confirmPassword: z.string(),
+  })
+  .refine((data) => data.password === data.confirmPassword, {
+    message: '两次密码不一致',
+    path: ['confirmPassword'],
+  })
+export const resetPasswordSchema = z
+  .object({
+    password: z.string().min(8, '密码至少 8 位'),
+    confirmPassword: z.string(),
+  })
+  .refine((data) => data.password === data.confirmPassword, {
+    message: '两次密码不一致',
+    path: ['confirmPassword'],
+  })
+export const displayNameSchema = z.object({
+  name: z.string().min(1, '显示名不能为空').max(50, '显示名最多 50 字符'),
+})
 export type SignInInput = z.infer<typeof signInSchema>
 export type SignUpInput = z.infer<typeof signUpSchema>
+export type ForgotPasswordInput = z.infer<typeof forgotPasswordSchema>
+export type ResetPasswordWithOTPInput = z.infer<typeof resetPasswordWithOTPSchema>
+export type ResetPasswordInput = z.infer<typeof resetPasswordSchema>
+export type DisplayNameInput = z.infer<typeof displayNameSchema>

package/dist/templates/web-nextjs/apps/web/src/styles/tokens.css ADDED Viewed

@@ -0,0 +1,58 @@
+@layer base {
+  :root {
+    /* Brand tokens — downstream projects override these three variables to change the theme color */
+    --color-brand-h: 262;
+    --color-brand-c: 0.26;
+    --color-brand-l: 0.56;
+    /* Semantic color tokens */
+    --color-primary: oklch(var(--color-brand-l) var(--color-brand-c) var(--color-brand-h));
+    --color-primary-foreground: oklch(0.98 0 0);
+    /* Neutral surface tokens (with subtle hue, not pure gray) */
+    --color-surface: oklch(0.985 0.003 262);
+    --color-surface-elevated: oklch(1 0 0);
+    --color-muted: oklch(0.94 0.004 262);
+    --color-muted-foreground: oklch(0.52 0.012 262);
+    --color-border: oklch(0.88 0.006 262);
+    /* Spacing tokens (4px baseline) */
+    --space-1: 4px;
+    --space-2: 8px;
+    --space-3: 12px;
+    --space-4: 16px;
+    --space-5: 20px;
+    --space-6: 24px;
+    --space-8: 32px;
+    --space-10: 40px;
+    --space-12: 48px;
+    --space-16: 64px;
+    --space-20: 80px;
+    --space-24: 96px;
+    --space-section: clamp(64px, 10vw, 120px);
+    /* Font tokens */
+    --font-heading: var(--font-geist, 'Geist', system-ui, sans-serif);
+    --font-body: var(--font-geist, 'Geist', system-ui, sans-serif);
+    /* Text size tokens */
+    --text-xs: 0.75rem;
+    --text-sm: 0.875rem;
+    --text-base: 1rem;
+    --text-lg: 1.125rem;
+    --text-xl: 1.25rem;
+    --text-2xl: 1.5rem;
+    --text-3xl: 1.875rem;
+    --text-4xl: 2.25rem;
+    --text-5xl: 3rem;
+  }
+  .dark {
+    /* Dark mode semantic tokens */
+    --color-surface: oklch(0.13 0.008 262);
+    --color-surface-elevated: oklch(0.18 0.007 262);
+    --color-muted: oklch(0.22 0.007 262);
+    --color-muted-foreground: oklch(0.62 0.010 262);
+    --color-border: oklch(0.28 0.008 262);
+  }
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@cogito.ai/cli",
-  "version": "0.4.1",
+  "version": "0.4.3",
   "type": "module",
   "description": "AgentDock CLI – scaffold projects for humans and AI agents",
   "publishConfig": {