@dev.smartpricing/platform-layer 0.0.2

package/app/queries/useSession.query.ts

@@ -0,0 +1,14 @@
+import type { MeContextResponse } from '@package/platform-shared'
+
+export const sessionKeys = {
+  me: () => ['session', 'me'] as const,
+}
+
+export function useSessionQuery() {
+  const client = useApiClient()
+
+  return useQuery({
+    key: sessionKeys.me,
+    query: () => client<MeContextResponse>('/api/me'),
+  })
+}

package/app/utils/apiClient.utils.ts

@@ -0,0 +1,134 @@
+import { FetchError } from 'ofetch'
+
+export interface ApiClientCsrfConfig {
+  cookieName: string
+  headerName?: string
+}
+
+export interface ApiClientMfaConfig {
+  shouldChallenge: (status: number, data: unknown) => boolean
+  challengePath?: string
+}
+
+export interface ApiClientAuthConfig {
+  refreshBaseURL: string
+  refreshEndpoint?: string
+  platformURL: string
+  shouldRefresh?: (status: number, data: unknown) => boolean
+  onRefreshFailed?: () => void
+  mfa?: ApiClientMfaConfig
+}
+
+export interface ApiClientOptions {
+  baseURL: string
+  csrf?: ApiClientCsrfConfig
+  auth?: ApiClientAuthConfig
+  errorSerializer?: (context: { status: number; statusText: string; data: unknown }) => unknown
+}
+
+function defaultShouldRefresh(status: number, data: unknown): boolean {
+  if (status !== 401) return false
+  const code = (data as { error?: { code?: string } } | undefined)?.error?.code
+  return code === 'session.expired' || code === 'session.missing'
+}
+
+// Module-level refresh dedup — safe because refresh is client-only
+let refreshPromise: Promise<boolean> | null = null
+
+export function createApiClient(options: ApiClientOptions) {
+  const client = $fetch.create({
+    baseURL: options.baseURL,
+    credentials: 'include',
+    onRequest({ options: reqOpts }) {
+      // SSR: forward cookies from incoming request
+      if (import.meta.server) {
+        const { cookie } = useRequestHeaders(['cookie'])
+        if (cookie) {
+          reqOpts.headers.set('cookie', cookie)
+        }
+      }
+
+      // CSRF: inject token header
+      if (options.csrf) {
+        const token = useCookie(options.csrf.cookieName).value
+        if (token) {
+          reqOpts.headers.set(options.csrf.headerName ?? 'X-CSRF-Token', token)
+        }
+      }
+    },
+  })
+
+  // No auth handling needed — return raw $fetch instance
+  if (!options.auth) return client
+
+  const auth = options.auth
+  const shouldRefresh = auth.shouldRefresh ?? defaultShouldRefresh
+
+  function attemptRefresh(): Promise<boolean> {
+    if (refreshPromise) return refreshPromise
+    refreshPromise = $fetch(auth.refreshEndpoint ?? '/api/auth/refresh', {
+      baseURL: auth.refreshBaseURL,
+      method: 'POST',
+      credentials: 'include',
+    })
+      .then(() => true)
+      .catch(() => false)
+      .finally(() => { refreshPromise = null })
+    return refreshPromise
+  }
+
+  function serializeAndThrow(error: unknown): never {
+    if (options.errorSerializer && error instanceof FetchError) {
+      throw options.errorSerializer({
+        status: error.statusCode ?? 0,
+        statusText: error.statusMessage ?? '',
+        data: error.data,
+      })
+    }
+    throw error
+  }
+
+  // Wrap client with refresh + MFA logic (client-only features)
+  async function apiFetch<T = unknown>(
+    url: string,
+    fetchOptions?: Parameters<typeof client>[1],
+  ): Promise<T> {
+    try {
+      return await client(url, fetchOptions) as T
+    }
+    catch (error) {
+      if (!(error instanceof FetchError) || !import.meta.client) {
+        serializeAndThrow(error)
+      }
+
+      const status = error.statusCode ?? 0
+      const data = error.data
+
+      // MFA challenge redirect
+      if (auth.mfa?.shouldChallenge(status, data)) {
+        const returnUrl = encodeURIComponent(window.location.href)
+        const path = auth.mfa.challengePath ?? '/auth/mfa-challenge'
+        window.location.assign(`${auth.platformURL}${path}?redirect=${returnUrl}`)
+        return new Promise<T>(() => {}) // suspend — page is navigating away
+      }
+
+      // Token refresh + single retry
+      if (shouldRefresh(status, data)) {
+        const refreshed = await attemptRefresh()
+        if (refreshed) {
+          try {
+            return await client(url, fetchOptions) as T
+          }
+          catch (retryError) {
+            serializeAndThrow(retryError)
+          }
+        }
+        auth.onRefreshFailed?.()
+      }
+
+      serializeAndThrow(error)
+    }
+  }
+
+  return apiFetch as typeof client
+}

package/nuxt.config.ts

@@ -0,0 +1,50 @@
+import { dirname, join } from 'node:path'
+import { fileURLToPath } from 'node:url'
+
+const currentDir = dirname(fileURLToPath(import.meta.url))
+
+export default defineNuxtConfig({
+  extends: ['nuxt-ui-layer'],
+
+  alias: {
+    '@package/platform-shared': join(currentDir, '_shared'),
+  },
+
+  modules: [
+    '@pinia/nuxt',
+    '@pinia/colada-nuxt',
+    '@nuxtjs/i18n',
+    '@vueuse/nuxt',
+  ],
+
+  i18n: {
+    strategy: 'no_prefix',
+    locales: [
+      { code: 'en', name: 'English', language: 'en' },
+      { code: 'it', name: 'Italiano', language: 'it' },
+      { code: 'de', name: 'Deutsch', language: 'de' },
+      { code: 'es', name: 'Español', language: 'es' },
+    ],
+    defaultLocale: 'en',
+    compilation: {
+      strictMessage: false,
+    },
+    detectBrowserLanguage: {
+      useCookie: true,
+    },
+  },
+
+  imports: {
+    dirs: [
+'queries','mutations',
+    ],
+  },
+
+  runtimeConfig: {
+    public: {
+      BACKEND_BASE_URL: '',
+      ENV_CSRF_COOKIE_NAME: '',
+      PLATFORM_URL: '',
+    },
+  },
+})

package/package.json

@@ -0,0 +1,34 @@
+{
+  "name": "@dev.smartpricing/platform-layer",
+  "version": "0.0.2",
+  "type": "module",
+  "private": false,
+  "main": "./nuxt.config.ts",
+  "files": [
+    "app",
+    "_shared",
+    "nuxt.config.ts"
+  ],
+  "dependencies": {
+    "@nuxtjs/i18n": "^10.3.0",
+    "@pinia/colada": "^1.3.1",
+    "@pinia/colada-nuxt": "^1.0.1",
+    "@pinia/nuxt": "^0.11.3",
+    "@vueuse/core": "^13.9.0",
+    "@vueuse/nuxt": "^13.9.0"
+  },
+  "devDependencies": {
+    "nuxt": "^4.4.2",
+    "nuxt-ui-layer": "github:smartpricing/smartness-nuxt-ui#v1.6.3",
+    "vue": "latest"
+  },
+  "peerDependencies": {
+    "nuxt-ui-layer": ">=1.3.0"
+  },
+  "scripts": {
+    "dev": "nuxi dev .playground",
+    "dev:prepare": "nuxt prepare .playground",
+    "build": "nuxt build .playground",
+    "postinstall": "nuxt prepare"
+  }
+}