@djangocfg/api 2.1.103 → 2.1.105

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@djangocfg/api",
-  "version": "2.1.103",
+  "version": "2.1.105",
   "description": "Auto-generated TypeScript API client with React hooks, SWR integration, and Zod validation for Django REST Framework backends",
   "keywords": [
     "django",
@@ -74,7 +74,6 @@
     "check": "tsc --noEmit"
   },
   "peerDependencies": {
-    "@djangocfg/ui-nextjs": "^2.1.103",
     "consola": "^3.4.2",
     "next": ">=16.0.0",
     "p-retry": "^7.0.0",
@@ -85,7 +84,7 @@
   "devDependencies": {
     "@types/node": "^24.7.2",
     "@types/react": "^19.0.0",
-    "@djangocfg/typescript-config": "^2.1.103",
+    "@djangocfg/typescript-config": "^2.1.105",
     "next": "^16.0.0",
     "react": "^19.0.0",
     "tsup": "^8.5.0",

package/src/auth/context/AuthContext.tsx

@@ -6,7 +6,7 @@ import React, {
     createContext, ReactNode, useCallback, useContext, useEffect, useMemo, useRef, useState
 } from 'react';
 
-import { useCfgRouter, useLocalStorage, useQueryParams } from '@djangocfg/ui-nextjs/hooks';
+import { useCfgRouter, useLocalStorage, useQueryParams } from '../hooks';
 
 import { api as apiAccounts, Enums } from '../../';
 import { clearProfileCache, getCachedProfile } from '../hooks/useProfileCache';

package/src/auth/hooks/index.ts

@@ -1,5 +1,9 @@
 'use client';
 
+// Router hooks
+export { useCfgRouter } from './useCfgRouter';
+export { useQueryParams } from './useQueryParams';
+
 // Core form hooks (decomposed)
 export { useAuthFormState, type UseAuthFormStateReturn } from './useAuthFormState';
 export { useAuthValidation, detectChannelFromIdentifier, validateIdentifier } from './useAuthValidation';

package/src/auth/hooks/useAuthGuard.ts

@@ -2,7 +2,7 @@
 
 import { useEffect, useState } from 'react';
 
-import { useCfgRouter } from '@djangocfg/ui-nextjs/hooks';
+import { useCfgRouter } from './useCfgRouter';
 
 import { useAuth } from '../context';
 

package/src/auth/hooks/useAutoAuth.ts

@@ -3,7 +3,8 @@
 import { usePathname } from 'next/navigation';
 import { useEffect } from 'react';
 
-import { useCfgRouter, useQueryParams } from '@djangocfg/ui-nextjs/hooks';
+import { useCfgRouter } from './useCfgRouter';
+import { useQueryParams } from './useQueryParams';
 
 import { authLogger } from '../utils/logger';
 

package/src/auth/hooks/useCfgRouter.ts

@@ -0,0 +1,153 @@
+/**
+ * Universal Router Hook with BasePath Support
+ *
+ * Wrapper around Next.js useRouter that automatically handles basePath
+ * for static builds served via iframe or subdirectory
+ * 
+ * IMPORTANT: In Next.js 15 App Router, router.push() does NOT automatically
+ * handle basePath (unlike Pages Router). This is a breaking change in App Router.
+ * 
+ * This hook ensures basePath is always included when navigating, especially
+ * important for static exports served via iframe where basePath is critical.
+ * 
+ * @see https://nextjs.org/docs/app/building-your-application/upgrading/app-router-migration
+ */
+
+'use client';
+
+import { useRouter as useNextRouter } from 'next/navigation';
+import { useCallback, useMemo } from 'react';
+
+/**
+ * Get base path from environment variable
+ */
+function getBasePath(): string {
+  if (typeof process === 'undefined') {
+    return '';
+  }
+  return process.env.NEXT_PUBLIC_BASE_PATH || '';
+}
+
+/**
+ * Add base path to a route path
+ */
+function withBasePath(path: string, basePath: string): string {
+  if (!basePath) {
+    return path;
+  }
+  // Ensure path starts with /
+  const normalizedPath = path.startsWith('/') ? path : `/${path}`;
+  // Remove trailing slash from basePath
+  const normalizedBasePath = basePath.replace(/\/$/, '');
+  return `${normalizedBasePath}${normalizedPath}`;
+}
+
+/**
+ * Router with basePath support
+ *
+ * Automatically adds basePath to all navigation methods when basePath is configured.
+ * In Next.js 15 App Router, router.push() doesn't handle basePath automatically,
+ * so this hook uses window.location to ensure basePath is always included.
+ *
+ * @example
+ * ```tsx
+ * const router = useCfgRouter();
+ *
+ * // With basePath='/cfg/admin':
+ * router.push('/dashboard');     // Client-side navigation to '/cfg/admin/dashboard'
+ * router.replace('/auth');       // Client-side replace with '/cfg/admin/auth'
+ * router.hardPush('/dashboard'); // Full page reload to '/cfg/admin/dashboard'
+ * router.hardReplace('/auth');   // Full page replace with '/cfg/admin/auth'
+ * ```
+ */
+export function useCfgRouter() {
+  const router = useNextRouter();
+
+  // Get basePath and check if we're in static build mode
+  const basePath = useMemo(() => getBasePath(), []);
+  const isStaticBuild = useMemo(() => {
+    return typeof process !== 'undefined' && process.env.NEXT_PUBLIC_STATIC_BUILD === 'true';
+  }, []);
+
+  const push = useCallback((href: string, options?: { scroll?: boolean }) => {
+    if (basePath) {
+      // App Router doesn't handle basePath automatically, use window.location
+      window.location.href = withBasePath(href, basePath);
+    } else {
+      // No basePath configured, use standard router
+      router.push(href, options);
+    }
+  }, [router, basePath]);
+
+  const replace = useCallback((href: string, options?: { scroll?: boolean }) => {
+    if (basePath) {
+      // App Router doesn't handle basePath automatically, use window.location
+      window.location.replace(withBasePath(href, basePath));
+    } else {
+      // No basePath configured, use standard router
+      router.replace(href, options);
+    }
+  }, [router, basePath]);
+
+  /**
+   * Hard push - always uses window.location.href for full page reload
+   *
+   * Use this for auth redirects where React contexts need to reinitialize.
+   * Unlike push(), this ALWAYS triggers a full page reload, ensuring all
+   * contexts are reinitialized with fresh state.
+   *
+   * @example
+   * ```tsx
+   * // After successful login - contexts need to reload with new auth state
+   * router.hardPush('/dashboard');
+   * ```
+   */
+  const hardPush = useCallback((href: string) => {
+    window.location.href = withBasePath(href, basePath);
+  }, [basePath]);
+
+  /**
+   * Hard replace - always uses window.location.replace for full page reload
+   *
+   * Same as hardPush but replaces current history entry.
+   * Use for auth redirects where you don't want back button to return to login.
+   *
+   * @example
+   * ```tsx
+   * // After logout - replace so back button doesn't go to protected page
+   * router.hardReplace('/auth');
+   * ```
+   */
+  const hardReplace = useCallback((href: string) => {
+    window.location.replace(withBasePath(href, basePath));
+  }, [basePath]);
+
+  const prefetch = useCallback((href: string) => {
+    // Prefetch doesn't need basePath handling, Next.js handles it
+    router.prefetch(href);
+  }, [router]);
+
+  const back = useCallback(() => {
+    router.back();
+  }, [router]);
+
+  const forward = useCallback(() => {
+    router.forward();
+  }, [router]);
+
+  const refresh = useCallback(() => {
+    router.refresh();
+  }, [router]);
+
+  return {
+    push,
+    replace,
+    hardPush,
+    hardReplace,
+    prefetch,
+    back,
+    forward,
+    refresh,
+  };
+}
+

package/src/auth/hooks/useGithubAuth.ts

@@ -2,7 +2,7 @@
 
 import { useCallback, useState } from 'react';
 
-import { useCfgRouter } from '@djangocfg/ui-nextjs/hooks';
+import { useCfgRouter } from './useCfgRouter';
 
 import { apiAccounts } from '../../clients';
 import { Analytics, AnalyticsCategory, AnalyticsEvent } from '../utils/analytics';

package/src/auth/hooks/useQueryParams.ts

@@ -0,0 +1,73 @@
+/**
+ * useQueryParams Hook
+ * 
+ * Safe hook to access URL query parameters without requiring Suspense boundary.
+ * Works on client-side only, returns empty URLSearchParams during SSR/prerendering.
+ * 
+ * @example
+ * ```tsx
+ * const params = useQueryParams();
+ * const flow = params.get('flow');
+ * const hasFlow = params.has('flow');
+ * const allTags = params.getAll('tags');
+ * ```
+ */
+
+'use client';
+
+import { usePathname } from 'next/navigation';
+import { useEffect, useRef, useState } from 'react';
+
+/**
+ * Hook to safely access URL query parameters without useSearchParams()
+ * 
+ * This hook reads query parameters directly from window.location.search,
+ * avoiding the need for Suspense boundaries that useSearchParams() requires.
+ * 
+ * Automatically updates when URL changes (navigation, back/forward, etc.)
+ * Uses pathname from Next.js to detect route changes and polls for query param changes.
+ * 
+ * Returns a URLSearchParams object with get(), getAll(), has(), etc.
+ * 
+ * @returns URLSearchParams object (empty during SSR)
+ */
+export function useQueryParams(): URLSearchParams {
+  const pathname = usePathname();
+  const [queryParams, setQueryParams] = useState<URLSearchParams>(() => {
+    if (typeof window === 'undefined') {
+      return new URLSearchParams();
+    }
+    return new URLSearchParams(window.location.search);
+  });
+  const lastSearchRef = useRef<string>('');
+
+  useEffect(() => {
+    if (typeof window === 'undefined') return;
+
+    const updateQueryParams = () => {
+      const currentSearch = window.location.search;
+      if (currentSearch !== lastSearchRef.current) {
+        lastSearchRef.current = currentSearch;
+        setQueryParams(new URLSearchParams(currentSearch));
+      }
+    };
+
+    // Update when pathname changes (Next.js navigation)
+    updateQueryParams();
+
+    // Listen to popstate (back/forward navigation)
+    window.addEventListener('popstate', updateQueryParams);
+
+    // Poll for query param changes (for router.push with same pathname)
+    // This handles cases where Next.js router.push updates query params without changing pathname
+    const intervalId = setInterval(updateQueryParams, 100);
+
+    return () => {
+      window.removeEventListener('popstate', updateQueryParams);
+      clearInterval(intervalId);
+    };
+  }, [pathname]);
+
+  return queryParams;
+}
+

package/src/auth/hooks/useTwoFactor.ts

@@ -2,7 +2,7 @@
 
 import { useCallback, useState } from 'react';
 
-import { useCfgRouter } from '@djangocfg/ui-nextjs/hooks';
+import { useCfgRouter } from './useCfgRouter';
 
 import { apiAccounts, apiTotp } from '../../clients';
 import { Analytics, AnalyticsCategory, AnalyticsEvent } from '../utils/analytics';

package/src/auth/hooks/useTwoFactorStatus.ts

@@ -71,7 +71,10 @@ export const useTwoFactorStatus = (): UseTwoFactorStatusReturn => {
       const response = await apiTotp.totp_management.totpDevicesList();
 
       // Map devices to our format
-      const mappedDevices: TwoFactorDevice[] = (response.results || []).map((device) => ({
+
+      // Join all devices into a single array
+      const devices = response.results.flatMap((device) => device.devices);
+      const mappedDevices: TwoFactorDevice[] = devices.map((device) => ({
         id: device.id,
         name: device.name,
         createdAt: device.created_at,
@@ -80,6 +83,7 @@ export const useTwoFactorStatus = (): UseTwoFactorStatusReturn => {
       }));
 
       setDevices(mappedDevices);
+      
       // 2FA is enabled if there are any devices
       const enabled = mappedDevices.length > 0;
       setHas2FAEnabled(enabled);

package/src/generated/cfg_totp/CLAUDE.md

@@ -12,7 +12,7 @@ python manage.py generate_client --groups cfg_totp --typescript
 |---|---|
 | Version | 3.0.3 |
 | Operations | 9 |
-| Schemas | 13 |
+| Schemas | 15 |
 
 ## Resources
 

package/src/generated/cfg_totp/_utils/fetchers/totp__totp_management.ts

@@ -32,7 +32,7 @@
  */
 import { consola } from 'consola'
 import { DisableRequestSchema, type DisableRequest } from '../schemas/DisableRequest.schema'
-import { PaginatedDeviceListListSchema, type PaginatedDeviceListList } from '../schemas/PaginatedDeviceListList.schema'
+import { PaginatedDeviceListResponseListSchema, type PaginatedDeviceListResponseList } from '../schemas/PaginatedDeviceListResponseList.schema'
 import { getAPIInstance } from '../../api-instance'
 
 /**
@@ -42,11 +42,11 @@ import { getAPIInstance } from '../../api-instance'
  * @path /cfg/totp/devices/
  */
 export async function getTotpDevicesList(  params?: { page?: number; page_size?: number },  client?: any
-): Promise<PaginatedDeviceListList> {
+): Promise<PaginatedDeviceListResponseList> {
   const api = client || getAPIInstance()
   const response = await api.totp_management.totpDevicesList(params?.page, params?.page_size)
   try {
-    return PaginatedDeviceListListSchema.parse(response)
+    return PaginatedDeviceListResponseListSchema.parse(response)
   } catch (error) {
     // Zod validation error - log detailed information
     consola.error('❌ Zod Validation Failed');

package/src/generated/cfg_totp/_utils/hooks/totp__totp_management.ts

@@ -22,7 +22,7 @@ import { useSWRConfig } from 'swr'
 import * as Fetchers from '../fetchers/totp__totp_management'
 import type { API } from '../../index'
 import type { DisableRequest } from '../schemas/DisableRequest.schema'
-import type { PaginatedDeviceListList } from '../schemas/PaginatedDeviceListList.schema'
+import type { PaginatedDeviceListResponseList } from '../schemas/PaginatedDeviceListResponseList.schema'
 
 /**
  * API operation
@@ -30,8 +30,8 @@ import type { PaginatedDeviceListList } from '../schemas/PaginatedDeviceListList
  * @method GET
  * @path /cfg/totp/devices/
  */
-export function useTotpDevicesList(params?: { page?: number; page_size?: number }, client?: API): ReturnType<typeof useSWR<PaginatedDeviceListList>> {
-  return useSWR<PaginatedDeviceListList>(
+export function useTotpDevicesList(params?: { page?: number; page_size?: number }, client?: API): ReturnType<typeof useSWR<PaginatedDeviceListResponseList>> {
+  return useSWR<PaginatedDeviceListResponseList>(
     params ? ['cfg-totp-devices', params] : 'cfg-totp-devices',
     () => Fetchers.getTotpDevicesList(params, client)
   )

package/src/generated/cfg_totp/_utils/schemas/DeviceListResponse.schema.ts

@@ -0,0 +1,21 @@
+/**
+ * Zod schema for DeviceListResponse
+ *
+ * This schema provides runtime validation and type inference.
+ *  * Response serializer for device list endpoint.
+ *  */
+import { z } from 'zod'
+import { DeviceListSchema } from './DeviceList.schema'
+
+/**
+ * Response serializer for device list endpoint.
+ */
+export const DeviceListResponseSchema = z.object({
+  devices: z.array(DeviceListSchema),
+  has_2fa_enabled: z.boolean(),
+})
+
+/**
+ * Infer TypeScript type from Zod schema
+ */
+export type DeviceListResponse = z.infer<typeof DeviceListResponseSchema>

package/src/generated/cfg_totp/_utils/schemas/{PaginatedDeviceListList.schema.ts → PaginatedDeviceListResponseList.schema.ts}

@@ -1,12 +1,12 @@
 /**
- * Zod schema for PaginatedDeviceListList
+ * Zod schema for PaginatedDeviceListResponseList
  *
  * This schema provides runtime validation and type inference.
  *  */
 import { z } from 'zod'
-import { DeviceListSchema } from './DeviceList.schema'
+import { DeviceListResponseSchema } from './DeviceListResponse.schema'
 
-export const PaginatedDeviceListListSchema = z.object({
+export const PaginatedDeviceListResponseListSchema = z.object({
   count: z.int(),
   page: z.int(),
   pages: z.int(),
@@ -15,10 +15,10 @@ export const PaginatedDeviceListListSchema = z.object({
   has_previous: z.boolean(),
   next_page: z.int().nullable().optional(),
   previous_page: z.int().nullable().optional(),
-  results: z.array(DeviceListSchema),
+  results: z.array(DeviceListResponseSchema),
 })
 
 /**
  * Infer TypeScript type from Zod schema
  */
-export type PaginatedDeviceListList = z.infer<typeof PaginatedDeviceListListSchema>
+export type PaginatedDeviceListResponseList = z.infer<typeof PaginatedDeviceListResponseListSchema>

package/src/generated/cfg_totp/_utils/schemas/TotpVerifyUser.schema.ts

@@ -0,0 +1,34 @@
+/**
+ * Zod schema for TotpVerifyUser
+ *
+ * This schema provides runtime validation and type inference.
+ *  * User data returned after 2FA verification.
+ *  */
+import { z } from 'zod'
+
+/**
+ * User data returned after 2FA verification.
+ */
+export const TotpVerifyUserSchema = z.object({
+  id: z.int(),
+  email: z.email(),
+  first_name: z.string().max(50).optional(),
+  last_name: z.string().max(50).optional(),
+  full_name: z.string(),
+  initials: z.string(),
+  display_username: z.string(),
+  company: z.string().max(100).optional(),
+  phone: z.string().max(20).optional(),
+  position: z.string().max(100).optional(),
+  avatar: z.union([z.url(), z.literal('')]).nullable(),
+  is_staff: z.boolean(),
+  is_superuser: z.boolean(),
+  date_joined: z.iso.datetime(),
+  last_login: z.iso.datetime().nullable(),
+  unanswered_messages_count: z.int(),
+})
+
+/**
+ * Infer TypeScript type from Zod schema
+ */
+export type TotpVerifyUser = z.infer<typeof TotpVerifyUserSchema>

package/src/generated/cfg_totp/_utils/schemas/VerifyResponse.schema.ts

@@ -5,6 +5,7 @@
  *  * Response serializer for successful 2FA verification.
  *  */
 import { z } from 'zod'
+import { TotpVerifyUserSchema } from './TotpVerifyUser.schema'
 
 /**
  * Response serializer for successful 2FA verification.
@@ -13,7 +14,7 @@ export const VerifyResponseSchema = z.object({
   message: z.string(),
   access_token: z.string(),
   refresh_token: z.string(),
-  user: z.record(z.string(), z.any()),
+  user: TotpVerifyUserSchema,
   remaining_backup_codes: z.int().optional(),
   warning: z.string().optional(),
 })

package/src/generated/cfg_totp/_utils/schemas/index.ts

@@ -23,10 +23,12 @@ export * from './BackupCodesStatus.schema'
 export * from './ConfirmSetupRequest.schema'
 export * from './ConfirmSetupResponse.schema'
 export * from './DeviceList.schema'
+export * from './DeviceListResponse.schema'
 export * from './DisableRequest.schema'
-export * from './PaginatedDeviceListList.schema'
+export * from './PaginatedDeviceListResponseList.schema'
 export * from './SetupRequest.schema'
 export * from './SetupResponse.schema'
+export * from './TotpVerifyUser.schema'
 export * from './VerifyBackupRequest.schema'
 export * from './VerifyRequest.schema'
 export * from './VerifyResponse.schema'

package/src/generated/cfg_totp/schema.json

@@ -135,7 +135,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/PaginatedDeviceListList"
+                  "$ref": "#/components/schemas/PaginatedDeviceListResponseList"
                 }
               }
             },
@@ -640,6 +640,25 @@
           "status"
         ]
       },
+      "DeviceListResponse": {
+        "type": "object",
+        "description": "Response serializer for device list endpoint.",
+        "properties": {
+          "devices": {
+            "type": "array",
+            "items": {
+              "$ref": "#/components/schemas/DeviceList"
+            }
+          },
+          "has_2fa_enabled": {
+            "type": "boolean"
+          }
+        },
+        "required": [
+          "devices",
+          "has_2fa_enabled"
+        ]
+      },
       "DisableRequest": {
         "type": "object",
         "description": "Serializer for completely disabling 2FA.",
@@ -655,7 +674,7 @@
           "code"
         ]
       },
-      "PaginatedDeviceListList": {
+      "PaginatedDeviceListResponseList": {
         "type": "object",
         "required": [
           "count",
@@ -712,7 +731,7 @@
           "results": {
             "type": "array",
             "items": {
-              "$ref": "#/components/schemas/DeviceList"
+              "$ref": "#/components/schemas/DeviceListResponse"
             },
             "description": "Array of items for current page"
           }
@@ -765,6 +784,103 @@
           "secret"
         ]
       },
+      "TotpVerifyUser": {
+        "type": "object",
+        "description": "User data returned after 2FA verification.",
+        "properties": {
+          "id": {
+            "type": "integer",
+            "readOnly": true
+          },
+          "email": {
+            "type": "string",
+            "format": "email",
+            "readOnly": true
+          },
+          "first_name": {
+            "type": "string",
+            "maxLength": 50
+          },
+          "last_name": {
+            "type": "string",
+            "maxLength": 50
+          },
+          "full_name": {
+            "type": "string",
+            "description": "Get user's full name.",
+            "readOnly": true
+          },
+          "initials": {
+            "type": "string",
+            "description": "Get user's initials for avatar fallback.",
+            "readOnly": true
+          },
+          "display_username": {
+            "type": "string",
+            "description": "Get formatted username for display.",
+            "readOnly": true
+          },
+          "company": {
+            "type": "string",
+            "maxLength": 100
+          },
+          "phone": {
+            "type": "string",
+            "maxLength": 20
+          },
+          "position": {
+            "type": "string",
+            "maxLength": 100
+          },
+          "avatar": {
+            "type": "string",
+            "format": "uri",
+            "nullable": true,
+            "readOnly": true
+          },
+          "is_staff": {
+            "type": "boolean",
+            "readOnly": true,
+            "title": "Staff status",
+            "description": "Designates whether the user can log into this admin site."
+          },
+          "is_superuser": {
+            "type": "boolean",
+            "readOnly": true,
+            "title": "Superuser status",
+            "description": "Designates that this user has all permissions without explicitly assigning them."
+          },
+          "date_joined": {
+            "type": "string",
+            "format": "date-time",
+            "readOnly": true
+          },
+          "last_login": {
+            "type": "string",
+            "format": "date-time",
+            "readOnly": true,
+            "nullable": true
+          },
+          "unanswered_messages_count": {
+            "type": "integer",
+            "readOnly": true,
+            "default": 0
+          }
+        },
+        "required": [
+          "avatar",
+          "date_joined",
+          "display_username",
+          "email",
+          "full_name",
+          "id",
+          "initials",
+          "is_staff",
+          "is_superuser",
+          "last_login",
+          "unanswered_messages_count"
+        ]
+      },
       "VerifyBackupRequest": {
         "type": "object",
         "description": "Serializer for backup code verification during login.",
@@ -823,8 +939,11 @@
             "description": "JWT refresh token"
           },
           "user": {
-            "type": "object",
-            "additionalProperties": {},
+            "allOf": [
+              {
+                "$ref": "#/components/schemas/TotpVerifyUser"
+              }
+            ],
             "description": "User profile data"
           },
           "remaining_backup_codes": {