@croacroa/react-native-template 1.0.0

package/services/api.ts

@@ -0,0 +1,340 @@
+import * as SecureStore from "expo-secure-store";
+import { router } from "expo-router";
+import Bottleneck from "bottleneck";
+import { API_URL } from "@/constants/config";
+import { toast } from "@/utils/toast";
+import type { AuthTokens } from "@/types";
+
+type RequestMethod = "GET" | "POST" | "PUT" | "PATCH" | "DELETE";
+
+// ============================================================================
+// Rate Limiting Configuration
+// ============================================================================
+
+/**
+ * Rate limiter to prevent API abuse and handle rate limiting gracefully
+ * - maxConcurrent: Maximum concurrent requests
+ * - minTime: Minimum time between requests (ms)
+ * - reservoir: Number of requests allowed in the reservoir
+ * - reservoirRefreshAmount: How many requests to add on refresh
+ * - reservoirRefreshInterval: How often to refresh the reservoir (ms)
+ */
+const limiter = new Bottleneck({
+  maxConcurrent: 5, // Max 5 concurrent requests
+  minTime: 100, // At least 100ms between requests
+  reservoir: 50, // 50 requests per interval
+  reservoirRefreshAmount: 50,
+  reservoirRefreshInterval: 60 * 1000, // Refresh every minute
+});
+
+// Track rate limit errors
+let rateLimitRetryAfter = 0;
+
+limiter.on("failed", async (error, _jobInfo) => {
+  // If we hit a rate limit, wait and retry
+  if (error instanceof Error && error.message.includes("429")) {
+    const retryAfter = rateLimitRetryAfter || 1000;
+    console.warn(`Rate limited, retrying in ${retryAfter}ms`);
+    return retryAfter;
+  }
+  return null;
+});
+
+limiter.on("retry", (error, jobInfo) => {
+  console.log(`Retrying request (attempt ${jobInfo.retryCount + 1})`);
+});
+
+interface RequestOptions {
+  method?: RequestMethod;
+  body?: Record<string, unknown>;
+  headers?: Record<string, string>;
+  requiresAuth?: boolean;
+  skipRefresh?: boolean;
+}
+
+interface ApiError extends Error {
+  status: number;
+  data?: unknown;
+}
+
+const TOKEN_KEY = "auth_tokens";
+const TOKEN_REFRESH_THRESHOLD = 5 * 60 * 1000;
+
+// Track if we're currently refreshing to prevent multiple refresh calls
+let isRefreshing = false;
+let refreshPromise: Promise<string | null> | null = null;
+
+/**
+ * Get current auth tokens from secure storage
+ */
+async function getTokens(): Promise<AuthTokens | null> {
+  try {
+    const stored = await SecureStore.getItemAsync(TOKEN_KEY);
+    return stored ? JSON.parse(stored) : null;
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Save new tokens to secure storage
+ */
+async function saveTokens(tokens: AuthTokens): Promise<void> {
+  await SecureStore.setItemAsync(TOKEN_KEY, JSON.stringify(tokens));
+}
+
+/**
+ * Clear tokens and redirect to login
+ */
+async function handleAuthFailure(): Promise<void> {
+  await SecureStore.deleteItemAsync(TOKEN_KEY);
+  await SecureStore.deleteItemAsync("auth_user");
+  toast.error("Session expired", "Please sign in again");
+  router.replace("/(public)/login");
+}
+
+/**
+ * Refresh the access token using the refresh token
+ */
+async function refreshAccessToken(): Promise<string | null> {
+  // If already refreshing, wait for that request
+  if (isRefreshing && refreshPromise) {
+    return refreshPromise;
+  }
+
+  isRefreshing = true;
+  refreshPromise = (async () => {
+    try {
+      const tokens = await getTokens();
+      if (!tokens?.refreshToken) {
+        throw new Error("No refresh token");
+      }
+
+      // TODO: Replace with your actual refresh endpoint
+      const response = await fetch(`${API_URL}/auth/refresh`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ refreshToken: tokens.refreshToken }),
+      });
+
+      if (!response.ok) {
+        throw new Error("Refresh failed");
+      }
+
+      const data = await response.json();
+      const newTokens: AuthTokens = {
+        accessToken: data.accessToken,
+        refreshToken: data.refreshToken || tokens.refreshToken,
+        expiresAt: Date.now() + (data.expiresIn || 3600) * 1000,
+      };
+
+      await saveTokens(newTokens);
+      return newTokens.accessToken;
+    } catch (error) {
+      console.error("Token refresh failed:", error);
+      await handleAuthFailure();
+      return null;
+    } finally {
+      isRefreshing = false;
+      refreshPromise = null;
+    }
+  })();
+
+  return refreshPromise;
+}
+
+/**
+ * Get a valid access token, refreshing if necessary
+ */
+async function getValidAccessToken(): Promise<string | null> {
+  const tokens = await getTokens();
+  if (!tokens) return null;
+
+  // Check if token needs refresh
+  const timeUntilExpiry = tokens.expiresAt - Date.now();
+  if (timeUntilExpiry < TOKEN_REFRESH_THRESHOLD) {
+    return refreshAccessToken();
+  }
+
+  return tokens.accessToken;
+}
+
+class ApiClient {
+  private baseUrl: string;
+  private defaultTimeout: number;
+  private enableRateLimiting: boolean;
+
+  constructor(baseUrl: string, timeout = 30000, enableRateLimiting = true) {
+    this.baseUrl = baseUrl;
+    this.defaultTimeout = timeout;
+    this.enableRateLimiting = enableRateLimiting;
+  }
+
+  /**
+   * Execute a request with rate limiting
+   */
+  private async executeWithRateLimiting<T>(fn: () => Promise<T>): Promise<T> {
+    if (!this.enableRateLimiting) {
+      return fn();
+    }
+    return limiter.schedule(fn);
+  }
+
+  private async request<T>(
+    endpoint: string,
+    options: RequestOptions = {}
+  ): Promise<T> {
+    const {
+      method = "GET",
+      body,
+      headers = {},
+      requiresAuth = true,
+      skipRefresh = false,
+    } = options;
+
+    const requestHeaders: Record<string, string> = {
+      "Content-Type": "application/json",
+      ...headers,
+    };
+
+    // Add auth token if required
+    if (requiresAuth) {
+      const token = await getValidAccessToken();
+      if (token) {
+        requestHeaders.Authorization = `Bearer ${token}`;
+      }
+    }
+
+    // Setup abort controller for timeout
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.defaultTimeout);
+
+    try {
+      const config: RequestInit = {
+        method,
+        headers: requestHeaders,
+        signal: controller.signal,
+      };
+
+      if (body && method !== "GET") {
+        config.body = JSON.stringify(body);
+      }
+
+      const response = await this.executeWithRateLimiting(() =>
+        fetch(`${this.baseUrl}${endpoint}`, config)
+      );
+
+      // Handle 401 - try refresh once
+      if (response.status === 401 && requiresAuth && !skipRefresh) {
+        const newToken = await refreshAccessToken();
+        if (newToken) {
+          // Retry the request with new token
+          return this.request(endpoint, { ...options, skipRefresh: true });
+        }
+        throw new Error("Authentication failed");
+      }
+
+      // Handle rate limiting (429)
+      if (response.status === 429) {
+        const retryAfter = response.headers.get("Retry-After");
+        rateLimitRetryAfter = retryAfter
+          ? parseInt(retryAfter, 10) * 1000
+          : 1000;
+        const error = new Error("Rate limited - too many requests") as ApiError;
+        error.status = 429;
+        throw error;
+      }
+
+      // Handle other errors
+      if (!response.ok) {
+        const error = new Error(
+          `API Error: ${response.status} ${response.statusText}`
+        ) as ApiError;
+        error.status = response.status;
+        try {
+          error.data = await response.json();
+        } catch {
+          // Response body is not JSON
+        }
+        throw error;
+      }
+
+      // Handle empty responses
+      const text = await response.text();
+      if (!text) {
+        return {} as T;
+      }
+
+      return JSON.parse(text);
+    } catch (error) {
+      if (error instanceof Error) {
+        // Handle abort (timeout)
+        if (error.name === "AbortError") {
+          const timeoutError = new Error("Request timeout") as ApiError;
+          timeoutError.status = 408;
+          throw timeoutError;
+        }
+
+        // Handle network errors
+        if (
+          error.message.includes("Network") ||
+          error.message.includes("fetch")
+        ) {
+          const networkError = new Error("Network error") as ApiError;
+          networkError.status = 0;
+          throw networkError;
+        }
+      }
+      throw error;
+    } finally {
+      clearTimeout(timeoutId);
+    }
+  }
+
+  async get<T>(
+    endpoint: string,
+    options?: Omit<RequestOptions, "method" | "body">
+  ) {
+    return this.request<T>(endpoint, { ...options, method: "GET" });
+  }
+
+  async post<T>(
+    endpoint: string,
+    body?: Record<string, unknown>,
+    options?: Omit<RequestOptions, "method">
+  ) {
+    return this.request<T>(endpoint, { ...options, method: "POST", body });
+  }
+
+  async put<T>(
+    endpoint: string,
+    body?: Record<string, unknown>,
+    options?: Omit<RequestOptions, "method">
+  ) {
+    return this.request<T>(endpoint, { ...options, method: "PUT", body });
+  }
+
+  async patch<T>(
+    endpoint: string,
+    body?: Record<string, unknown>,
+    options?: Omit<RequestOptions, "method">
+  ) {
+    return this.request<T>(endpoint, { ...options, method: "PATCH", body });
+  }
+
+  async delete<T>(
+    endpoint: string,
+    options?: Omit<RequestOptions, "method" | "body">
+  ) {
+    return this.request<T>(endpoint, { ...options, method: "DELETE" });
+  }
+}
+
+// Export singleton instance
+export const api = new ApiClient(API_URL);
+
+// Export class for testing or creating additional instances
+export { ApiClient };
+
+// Export token utilities for auth hook
+export { getTokens, saveTokens, getValidAccessToken };

package/services/authAdapter.ts

@@ -0,0 +1,333 @@
+/**
+ * Auth Adapter Pattern
+ *
+ * This module provides an abstraction layer for authentication providers.
+ * Replace the mock implementation with your actual provider (Supabase, Firebase, etc.)
+ */
+
+import * as SecureStore from "expo-secure-store";
+import type { User, AuthTokens } from "@/types";
+
+// ============================================================================
+// Types
+// ============================================================================
+
+export interface AuthResult {
+  user: User;
+  tokens: AuthTokens;
+}
+
+export interface AuthError {
+  code: string;
+  message: string;
+}
+
+export interface AuthAdapter {
+  /**
+   * Sign in with email and password
+   */
+  signIn(email: string, password: string): Promise<AuthResult>;
+
+  /**
+   * Sign up with email, password, and name
+   */
+  signUp(email: string, password: string, name: string): Promise<AuthResult>;
+
+  /**
+   * Sign out the current user
+   */
+  signOut(): Promise<void>;
+
+  /**
+   * Refresh the access token using the refresh token
+   */
+  refreshToken(refreshToken: string): Promise<AuthTokens>;
+
+  /**
+   * Send a password reset email
+   */
+  forgotPassword(email: string): Promise<void>;
+
+  /**
+   * Reset password with token
+   */
+  resetPassword(token: string, newPassword: string): Promise<void>;
+
+  /**
+   * Get current session (useful for providers like Supabase)
+   */
+  getSession(): Promise<AuthResult | null>;
+
+  /**
+   * Subscribe to auth state changes (optional)
+   */
+  onAuthStateChange?(callback: (user: User | null) => void): () => void;
+}
+
+// ============================================================================
+// Mock Implementation (for development/testing)
+// ============================================================================
+
+export const mockAuthAdapter: AuthAdapter = {
+  async signIn(email: string, password: string): Promise<AuthResult> {
+    // Simulate network delay
+    await new Promise((resolve) => setTimeout(resolve, 1000));
+
+    // Simulate validation
+    if (!email.includes("@")) {
+      throw { code: "invalid_email", message: "Invalid email format" };
+    }
+    if (password.length < 6) {
+      throw { code: "weak_password", message: "Password too short" };
+    }
+
+    return {
+      user: {
+        id: "mock_user_1",
+        email,
+        name: email.split("@")[0],
+        createdAt: new Date().toISOString(),
+      },
+      tokens: {
+        accessToken: `mock_access_${Date.now()}`,
+        refreshToken: `mock_refresh_${Date.now()}`,
+        expiresAt: Date.now() + 60 * 60 * 1000, // 1 hour
+      },
+    };
+  },
+
+  async signUp(
+    email: string,
+    password: string,
+    name: string
+  ): Promise<AuthResult> {
+    await new Promise((resolve) => setTimeout(resolve, 1000));
+
+    if (!email.includes("@")) {
+      throw { code: "invalid_email", message: "Invalid email format" };
+    }
+    if (password.length < 8) {
+      throw {
+        code: "weak_password",
+        message: "Password must be at least 8 characters",
+      };
+    }
+
+    return {
+      user: {
+        id: "mock_user_new",
+        email,
+        name,
+        createdAt: new Date().toISOString(),
+      },
+      tokens: {
+        accessToken: `mock_access_${Date.now()}`,
+        refreshToken: `mock_refresh_${Date.now()}`,
+        expiresAt: Date.now() + 60 * 60 * 1000,
+      },
+    };
+  },
+
+  async signOut(): Promise<void> {
+    await new Promise((resolve) => setTimeout(resolve, 500));
+    // Clear any stored tokens
+    await SecureStore.deleteItemAsync("auth_tokens");
+    await SecureStore.deleteItemAsync("auth_user");
+  },
+
+  async refreshToken(refreshToken: string): Promise<AuthTokens> {
+    await new Promise((resolve) => setTimeout(resolve, 500));
+
+    if (!refreshToken) {
+      throw { code: "invalid_token", message: "Invalid refresh token" };
+    }
+
+    return {
+      accessToken: `mock_access_${Date.now()}`,
+      refreshToken: `mock_refresh_${Date.now()}`,
+      expiresAt: Date.now() + 60 * 60 * 1000,
+    };
+  },
+
+  async forgotPassword(email: string): Promise<void> {
+    await new Promise((resolve) => setTimeout(resolve, 1000));
+
+    if (!email.includes("@")) {
+      throw { code: "invalid_email", message: "Invalid email format" };
+    }
+
+    console.log(`[Mock] Password reset email sent to ${email}`);
+  },
+
+  async resetPassword(_token: string, newPassword: string): Promise<void> {
+    await new Promise((resolve) => setTimeout(resolve, 1000));
+
+    if (newPassword.length < 8) {
+      throw {
+        code: "weak_password",
+        message: "Password must be at least 8 characters",
+      };
+    }
+
+    console.log("[Mock] Password reset successful");
+  },
+
+  async getSession(): Promise<AuthResult | null> {
+    try {
+      const storedTokens = await SecureStore.getItemAsync("auth_tokens");
+      const storedUser = await SecureStore.getItemAsync("auth_user");
+
+      if (storedTokens && storedUser) {
+        return {
+          tokens: JSON.parse(storedTokens),
+          user: JSON.parse(storedUser),
+        };
+      }
+      return null;
+    } catch {
+      return null;
+    }
+  },
+};
+
+// ============================================================================
+// Supabase Implementation Example
+// ============================================================================
+
+/**
+ * Example Supabase implementation:
+ *
+ * import { createClient } from "@supabase/supabase-js";
+ *
+ * const supabase = createClient(
+ *   process.env.EXPO_PUBLIC_SUPABASE_URL!,
+ *   process.env.EXPO_PUBLIC_SUPABASE_ANON_KEY!
+ * );
+ *
+ * export const supabaseAuthAdapter: AuthAdapter = {
+ *   async signIn(email, password) {
+ *     const { data, error } = await supabase.auth.signInWithPassword({
+ *       email,
+ *       password,
+ *     });
+ *
+ *     if (error) throw { code: error.name, message: error.message };
+ *
+ *     return {
+ *       user: {
+ *         id: data.user!.id,
+ *         email: data.user!.email!,
+ *         name: data.user!.user_metadata.name || email.split("@")[0],
+ *         avatar: data.user!.user_metadata.avatar_url,
+ *         createdAt: data.user!.created_at,
+ *       },
+ *       tokens: {
+ *         accessToken: data.session!.access_token,
+ *         refreshToken: data.session!.refresh_token,
+ *         expiresAt: data.session!.expires_at! * 1000,
+ *       },
+ *     };
+ *   },
+ *
+ *   async signUp(email, password, name) {
+ *     const { data, error } = await supabase.auth.signUp({
+ *       email,
+ *       password,
+ *       options: { data: { name } },
+ *     });
+ *
+ *     if (error) throw { code: error.name, message: error.message };
+ *
+ *     return {
+ *       user: {
+ *         id: data.user!.id,
+ *         email: data.user!.email!,
+ *         name,
+ *         createdAt: data.user!.created_at,
+ *       },
+ *       tokens: {
+ *         accessToken: data.session!.access_token,
+ *         refreshToken: data.session!.refresh_token,
+ *         expiresAt: data.session!.expires_at! * 1000,
+ *       },
+ *     };
+ *   },
+ *
+ *   async signOut() {
+ *     await supabase.auth.signOut();
+ *   },
+ *
+ *   async refreshToken() {
+ *     const { data, error } = await supabase.auth.refreshSession();
+ *     if (error) throw { code: error.name, message: error.message };
+ *
+ *     return {
+ *       accessToken: data.session!.access_token,
+ *       refreshToken: data.session!.refresh_token,
+ *       expiresAt: data.session!.expires_at! * 1000,
+ *     };
+ *   },
+ *
+ *   async forgotPassword(email) {
+ *     const { error } = await supabase.auth.resetPasswordForEmail(email);
+ *     if (error) throw { code: error.name, message: error.message };
+ *   },
+ *
+ *   async resetPassword(token, newPassword) {
+ *     const { error } = await supabase.auth.updateUser({ password: newPassword });
+ *     if (error) throw { code: error.name, message: error.message };
+ *   },
+ *
+ *   async getSession() {
+ *     const { data } = await supabase.auth.getSession();
+ *     if (!data.session) return null;
+ *
+ *     const { data: userData } = await supabase.auth.getUser();
+ *
+ *     return {
+ *       user: {
+ *         id: userData.user!.id,
+ *         email: userData.user!.email!,
+ *         name: userData.user!.user_metadata.name,
+ *         avatar: userData.user!.user_metadata.avatar_url,
+ *         createdAt: userData.user!.created_at,
+ *       },
+ *       tokens: {
+ *         accessToken: data.session.access_token,
+ *         refreshToken: data.session.refresh_token,
+ *         expiresAt: data.session.expires_at! * 1000,
+ *       },
+ *     };
+ *   },
+ *
+ *   onAuthStateChange(callback) {
+ *     const { data: { subscription } } = supabase.auth.onAuthStateChange(
+ *       async (event, session) => {
+ *         if (session) {
+ *           callback({
+ *             id: session.user.id,
+ *             email: session.user.email!,
+ *             name: session.user.user_metadata.name,
+ *             avatar: session.user.user_metadata.avatar_url,
+ *             createdAt: session.user.created_at,
+ *           });
+ *         } else {
+ *           callback(null);
+ *         }
+ *       }
+ *     );
+ *
+ *     return () => subscription.unsubscribe();
+ *   },
+ * };
+ */
+
+// ============================================================================
+// Active Adapter
+// ============================================================================
+
+/**
+ * Change this to use your preferred auth provider
+ * Options: mockAuthAdapter, supabaseAuthAdapter, firebaseAuthAdapter, etc.
+ */
+export const authAdapter: AuthAdapter = mockAuthAdapter;

package/services/index.ts

@@ -0,0 +1,22 @@
+export { api, ApiClient } from "./api";
+export { storage, secureStorage } from "./storage";
+export {
+  initSentry,
+  captureException,
+  captureMessage,
+  setUser,
+  addBreadcrumb,
+} from "./sentry";
+export { authAdapter, mockAuthAdapter } from "./authAdapter";
+export type { AuthAdapter, AuthResult, AuthError } from "./authAdapter";
+export {
+  analytics,
+  track,
+  identify,
+  screen,
+  resetAnalytics,
+  setUserProperties,
+  trackRevenue,
+  AnalyticsEvents,
+} from "./analytics";
+export type { AnalyticsAdapter, AnalyticsEvent } from "./analytics";