@djangocfg/api 2.1.227 → 2.1.228

package/dist/auth.d.cts

@@ -1,18 +1,8 @@
-import React$1, { ReactNode, MutableRefObject } from 'react';
+import React$1, { MutableRefObject, ReactNode } from 'react';
 import { z } from 'zod';
 import * as react_jsx_runtime from 'react/jsx-runtime';
 import * as consola from 'consola';
 
-/**
- * Delivery channel: 'email' or 'phone'. Auto-detected if not provided.
- * * `email` - Email
- * * `phone` - Phone
- */
-declare enum OTPRequestRequestChannel {
-    EMAIL = "email",
-    PHONE = "phone"
-}
-
 /**
  * Zod schema for OTPRequestRequest
  *
@@ -25,7 +15,6 @@ declare enum OTPRequestRequestChannel {
  */
 declare const OTPRequestRequestSchema: z.ZodObject<{
     identifier: z.ZodString;
-    channel: z.ZodOptional<z.ZodEnum<typeof OTPRequestRequestChannel>>;
     source_url: z.ZodOptional<z.ZodString>;
 }, z.core.$strip>;
 /**
@@ -64,7 +53,6 @@ type OTPRequestResponse = z.infer<typeof OTPRequestResponseSchema>;
 declare const OTPVerifyRequestSchema: z.ZodObject<{
     identifier: z.ZodString;
     otp: z.ZodString;
-    channel: z.ZodOptional<z.ZodEnum<typeof OTPRequestRequestChannel>>;
     source_url: z.ZodOptional<z.ZodString>;
 }, z.core.$strip>;
 /**
@@ -240,6 +228,118 @@ declare const UserProfileUpdateRequestSchema: z.ZodObject<{
  */
 type UserProfileUpdateRequest = z.infer<typeof UserProfileUpdateRequestSchema>;
 
+/**
+ * Auth Form Types
+ *
+ * Single source of truth for auth form state and handlers.
+ * Used by both @djangocfg/api/auth hooks and @djangocfg/layouts/AuthLayout.
+ */
+
+type AuthStep = 'identifier' | 'otp' | '2fa' | '2fa-setup' | 'success';
+interface OTPRequestResult {
+    success: boolean;
+    message: string;
+    statusCode?: number;
+    retryAfter?: number;
+}
+interface AuthFormState {
+    /** Email address */
+    identifier: string;
+    /** OTP code input */
+    otp: string;
+    /** Loading state */
+    isLoading: boolean;
+    /** Terms acceptance state */
+    acceptedTerms: boolean;
+    /** Current form step */
+    step: AuthStep;
+    /** Error message */
+    error: string;
+    /** 2FA session ID from OTP/OAuth verification */
+    twoFactorSessionId: string | null;
+    /** Whether user should be prompted to enable 2FA */
+    shouldPrompt2FA: boolean;
+    /** 2FA code input */
+    twoFactorCode: string;
+    /** Using backup code instead of TOTP */
+    useBackupCode: boolean;
+    /** Seconds remaining until rate limit lifts (0 = not rate limited) */
+    rateLimitSeconds: number;
+    /** True when rateLimitSeconds > 0 — submit should be disabled */
+    isRateLimited: boolean;
+    /** Formatted countdown label, e.g. "19:00" or "42s" */
+    rateLimitLabel: string;
+}
+interface AuthFormStateHandlers {
+    setIdentifier: (identifier: string) => void;
+    setOtp: (otp: string) => void;
+    setAcceptedTerms: (accepted: boolean) => void;
+    setError: (error: string) => void;
+    clearError: () => void;
+    setStep: (step: AuthStep) => void;
+    setIsLoading: (loading: boolean) => void;
+    setTwoFactorSessionId: (sessionId: string | null) => void;
+    setShouldPrompt2FA: (prompt: boolean) => void;
+    setTwoFactorCode: (code: string) => void;
+    setUseBackupCode: (useBackup: boolean) => void;
+    /** Start a countdown timer that disables submit for `seconds` seconds */
+    startRateLimitCountdown: (seconds: number) => void;
+}
+interface AuthFormSubmitHandlers {
+    handleIdentifierSubmit: (e: React.FormEvent) => Promise<void>;
+    handleOTPSubmit: (e: React.FormEvent) => Promise<void>;
+    handleResendOTP: () => Promise<void>;
+    handleBackToIdentifier: () => void;
+    forceOTPStep: () => void;
+    /** Handle 2FA TOTP/backup code verification */
+    handle2FASubmit: (e: React.FormEvent) => Promise<void>;
+    /** Switch to backup code input */
+    handleUseBackupCode: () => void;
+    /** Switch back to TOTP input */
+    handleUseTOTP: () => void;
+}
+interface AuthFormValidation {
+    /** Validate identifier format */
+    validateIdentifier: (identifier: string) => boolean;
+}
+interface AuthFormAutoSubmit {
+    /** Ref to track if auto-submit from URL is in progress */
+    isAutoSubmittingFromUrl: MutableRefObject<boolean>;
+}
+interface AuthForm2FAState {
+    /** Loading state for 2FA verification */
+    is2FALoading: boolean;
+    /** Warning message from 2FA (e.g., low backup codes) */
+    twoFactorWarning: string | null;
+    /** Remaining attempts before 2FA lockout (null = unknown) */
+    twoFactorAttemptsRemaining: number | null;
+}
+interface AuthFormReturn extends AuthFormState, AuthFormStateHandlers, AuthFormSubmitHandlers, AuthFormValidation, AuthFormAutoSubmit, AuthForm2FAState {
+}
+interface UseAuthFormOptions {
+    /** Callback when identifier step succeeds */
+    onIdentifierSuccess?: (identifier: string) => void;
+    /** Callback when OTP verification succeeds */
+    onOTPSuccess?: () => void;
+    /** Callback on any error */
+    onError?: (message: string) => void;
+    /** Source URL for tracking */
+    sourceUrl: string;
+    /** URL to redirect after successful OTP verification */
+    redirectUrl?: string;
+    /** If true, user must accept terms before submitting. Default: false */
+    requireTermsAcceptance?: boolean;
+    /** Path to auth page for auto-OTP detection. Default: '/auth' */
+    authPath?: string;
+    /**
+     * Enable 2FA setup prompt after successful authentication.
+     * When true (default), users without 2FA will see a setup prompt after login.
+     * When false, users go directly to success without 2FA setup prompt.
+     * @default true
+     */
+    enable2FASetup?: boolean;
+}
+
 type UserProfile = User;
 interface AuthConfig {
     apiUrl?: string;
@@ -262,14 +362,8 @@ interface AuthContextType {
     getSavedEmail: () => string | null;
     saveEmail: (email: string) => void;
     clearSavedEmail: () => void;
-    getSavedPhone: () => string | null;
-    savePhone: (phone: string) => void;
-    clearSavedPhone: () => void;
-    requestOTP: (identifier: string, channel?: 'email' | 'phone', sourceUrl?: string) => Promise<{
-        success: boolean;
-        message: string;
-    }>;
-    verifyOTP: (identifier: string, otpCode: string, channel?: 'email' | 'phone', sourceUrl?: string, redirectUrl?: string, skipRedirect?: boolean) => Promise<{
+    requestOTP: (identifier: string, sourceUrl?: string) => Promise<OTPRequestResult>;
+    verifyOTP: (identifier: string, otpCode: string, sourceUrl?: string, redirectUrl?: string, skipRedirect?: boolean) => Promise<{
         success: boolean;
         message: string;
         user?: UserProfile;
@@ -405,169 +499,16 @@ declare function useCfgRouter(): {
  */
 declare function useQueryParams(): URLSearchParams;
 
-/**
- * Auth Form Types
- *
- * Single source of truth for auth form state and handlers.
- * Used by both @djangocfg/api/auth hooks and @djangocfg/layouts/AuthLayout.
- */
-
-type AuthChannel = 'email' | 'phone';
-type AuthStep = 'identifier' | 'otp' | '2fa' | '2fa-setup' | 'success';
-interface AuthFormState {
-    /** Email or phone number */
-    identifier: string;
-    /** Current auth channel */
-    channel: AuthChannel;
-    /** OTP code input */
-    otp: string;
-    /** Loading state */
-    isLoading: boolean;
-    /** Terms acceptance state */
-    acceptedTerms: boolean;
-    /** Current form step */
-    step: AuthStep;
-    /** Error message */
-    error: string;
-    /** 2FA session ID from OTP/OAuth verification */
-    twoFactorSessionId: string | null;
-    /** Whether user should be prompted to enable 2FA */
-    shouldPrompt2FA: boolean;
-    /** 2FA code input */
-    twoFactorCode: string;
-    /** Using backup code instead of TOTP */
-    useBackupCode: boolean;
-}
-interface AuthFormStateHandlers {
-    setIdentifier: (identifier: string) => void;
-    setChannel: (channel: AuthChannel) => void;
-    setOtp: (otp: string) => void;
-    setAcceptedTerms: (accepted: boolean) => void;
-    setError: (error: string) => void;
-    clearError: () => void;
-    setStep: (step: AuthStep) => void;
-    setIsLoading: (loading: boolean) => void;
-    setTwoFactorSessionId: (sessionId: string | null) => void;
-    setShouldPrompt2FA: (prompt: boolean) => void;
-    setTwoFactorCode: (code: string) => void;
-    setUseBackupCode: (useBackup: boolean) => void;
-}
-interface AuthFormSubmitHandlers {
-    handleIdentifierSubmit: (e: React.FormEvent) => Promise<void>;
-    handleOTPSubmit: (e: React.FormEvent) => Promise<void>;
-    handleResendOTP: () => Promise<void>;
-    handleBackToIdentifier: () => void;
-    forceOTPStep: () => void;
-    /** Handle 2FA TOTP/backup code verification */
-    handle2FASubmit: (e: React.FormEvent) => Promise<void>;
-    /** Switch to backup code input */
-    handleUseBackupCode: () => void;
-    /** Switch back to TOTP input */
-    handleUseTOTP: () => void;
-}
-interface AuthFormValidation {
-    /** Detect channel from identifier string */
-    detectChannelFromIdentifier: (identifier: string) => AuthChannel | null;
-    /** Validate identifier format */
-    validateIdentifier: (identifier: string, channel?: AuthChannel) => boolean;
-}
-interface AuthFormAutoSubmit {
-    /** Ref to track if auto-submit from URL is in progress */
-    isAutoSubmittingFromUrl: MutableRefObject<boolean>;
-}
-interface AuthForm2FAState {
-    /** Loading state for 2FA verification */
-    is2FALoading: boolean;
-    /** Warning message from 2FA (e.g., low backup codes) */
-    twoFactorWarning: string | null;
-}
-interface AuthFormReturn extends AuthFormState, AuthFormStateHandlers, AuthFormSubmitHandlers, AuthFormValidation, AuthFormAutoSubmit, AuthForm2FAState {
-}
-interface UseAuthFormOptions {
-    /** Callback when identifier step succeeds */
-    onIdentifierSuccess?: (identifier: string, channel: AuthChannel) => void;
-    /** Callback when OTP verification succeeds */
-    onOTPSuccess?: () => void;
-    /** Callback on any error */
-    onError?: (message: string) => void;
-    /** Source URL for tracking */
-    sourceUrl: string;
-    /** URL to redirect after successful OTP verification */
-    redirectUrl?: string;
-    /** If true, user must accept terms before submitting. Default: false */
-    requireTermsAcceptance?: boolean;
-    /** Path to auth page for auto-OTP detection. Default: '/auth' */
-    authPath?: string;
-    /**
-     * Enable 2FA setup prompt after successful authentication.
-     * When true (default), users without 2FA will see a setup prompt after login.
-     * When false, users go directly to success without 2FA setup prompt.
-     * @default true
-     */
-    enable2FASetup?: boolean;
-}
-interface AuthLayoutConfig {
-    /** Support page URL */
-    supportUrl?: string;
-    /** Terms of service URL */
-    termsUrl?: string;
-    /** Privacy policy URL */
-    privacyUrl?: string;
-    /** Source URL for tracking */
-    sourceUrl: string;
-    /** Enable phone authentication tab */
-    enablePhoneAuth?: boolean;
-    /** Enable GitHub OAuth button */
-    enableGithubAuth?: boolean;
-    /** Logo URL for success screen (SVG recommended) */
-    logoUrl?: string;
-    /** URL to redirect after successful auth (default: /dashboard) */
-    redirectUrl?: string;
-    /**
-     * Enable 2FA setup prompt after successful authentication.
-     * When true (default), users without 2FA will see a setup prompt after login.
-     * When false, users go directly to success without 2FA setup prompt.
-     * Note: This only affects the setup prompt - existing 2FA verification still works.
-     * @default true
-     */
-    enable2FASetup?: boolean;
-}
-interface AuthFormContextType extends AuthFormReturn, AuthLayoutConfig {
-}
-interface AuthLayoutProps extends AuthLayoutConfig {
-    children?: React.ReactNode;
-    className?: string;
-    /** URL to redirect after successful auth (default: /dashboard) */
-    redirectUrl?: string;
-    /** Callback when identifier step succeeds */
-    onIdentifierSuccess?: (identifier: string, channel: AuthChannel) => void;
-    /** Callback when OTP verification succeeds */
-    onOTPSuccess?: () => void;
-    /** Callback when OAuth succeeds */
-    onOAuthSuccess?: (user: any, isNewUser: boolean, provider: string) => void;
-    /** Callback on any error */
-    onError?: (message: string) => void;
-}
-interface AuthHelpProps {
-    className?: string;
-    variant?: 'default' | 'compact';
-}
-
 interface UseAuthFormStateReturn extends AuthFormState, AuthFormStateHandlers {
 }
 /**
  * Hook for auth form state management.
  * Pure state - no side effects, no API calls.
  */
-declare const useAuthFormState: (initialIdentifier?: string, initialChannel?: AuthChannel) => UseAuthFormStateReturn;
+declare const useAuthFormState: (initialIdentifier?: string) => UseAuthFormStateReturn;
 
-/**
- * Hook for auth identifier validation.
- * Pure functions - no state, no side effects.
- */
 declare const useAuthValidation: () => AuthFormValidation;
-declare const detectChannelFromIdentifier: (id: string) => AuthChannel | null;
-declare const validateIdentifier: (id: string, channelType?: AuthChannel) => boolean;
+declare const validateIdentifier: (id: string) => boolean;
 
 /**
  * Complete auth form hook.
@@ -647,6 +588,8 @@ interface UseTwoFactorReturn {
     warning: string | null;
     /** Remaining backup codes (if backup code was used) */
     remainingBackupCodes: number | null;
+    /** Remaining verification attempts before lockout */
+    attemptsRemaining: number | null;
     /** Verify TOTP code */
     verifyTOTP: (sessionId: string, code: string) => Promise<boolean>;
     /** Verify backup code */
@@ -1016,4 +959,4 @@ declare const Analytics: {
     setUser(userId: string): void;
 };
 
-export { type AccountsContextValue, AccountsProvider, Analytics, AnalyticsCategory, type AnalyticsCategoryType, AnalyticsEvent, type AnalyticsEventType, type AuthChannel, type AuthConfig, type AuthContextType, type AuthFormAutoSubmit, type AuthFormContextType, type AuthFormReturn, type AuthFormState, type AuthFormStateHandlers, type AuthFormSubmitHandlers, type AuthFormValidation, type AuthHelpProps, type AuthLayoutConfig, type AuthLayoutProps, AuthProvider, type AuthProviderProps, type AuthStep, type DeleteAccountResult, type PatchedUserProfileUpdateRequest, PatchedUserProfileUpdateRequestSchema, type ProfileCacheOptions, type TwoFactorDevice, type TwoFactorSetupData, type UseAuthFormOptions, type UseAuthFormStateReturn, type UseAutoAuthOptions, type UseDeleteAccountReturn, type UseGithubAuthOptions, type UseGithubAuthReturn, type UseTwoFactorOptions, type UseTwoFactorReturn, type UseTwoFactorSetupOptions, type UseTwoFactorSetupReturn, type UseTwoFactorStatusReturn, type UserProfile, authLogger, clearProfileCache, decodeBase64, detectChannelFromIdentifier, encodeBase64, formatAuthError, getCacheMetadata, getCachedProfile, hasValidCache, logger, setCachedProfile, useAccountsContext, useAuth, useAuthForm, useAuthFormState, useAuthGuard, useAuthRedirectManager, useAuthValidation, useAutoAuth, useBase64, useCfgRouter, useDeleteAccount, useGithubAuth, useLocalStorage, useQueryParams, useSessionStorage, useTokenRefresh, useTwoFactor, useTwoFactorSetup, useTwoFactorStatus, validateEmail, validateIdentifier };
+export { type AccountsContextValue, AccountsProvider, Analytics, AnalyticsCategory, type AnalyticsCategoryType, AnalyticsEvent, type AnalyticsEventType, type AuthConfig, type AuthContextType, type AuthFormAutoSubmit, type AuthFormReturn, type AuthFormState, type AuthFormStateHandlers, type AuthFormSubmitHandlers, type AuthFormValidation, AuthProvider, type AuthProviderProps, type AuthStep, type DeleteAccountResult, type OTPRequestResult, type PatchedUserProfileUpdateRequest, PatchedUserProfileUpdateRequestSchema, type ProfileCacheOptions, type TwoFactorDevice, type TwoFactorSetupData, type UseAuthFormOptions, type UseAuthFormStateReturn, type UseAutoAuthOptions, type UseDeleteAccountReturn, type UseGithubAuthOptions, type UseGithubAuthReturn, type UseTwoFactorOptions, type UseTwoFactorReturn, type UseTwoFactorSetupOptions, type UseTwoFactorSetupReturn, type UseTwoFactorStatusReturn, type UserProfile, authLogger, clearProfileCache, decodeBase64, encodeBase64, formatAuthError, getCacheMetadata, getCachedProfile, hasValidCache, logger, setCachedProfile, useAccountsContext, useAuth, useAuthForm, useAuthFormState, useAuthGuard, useAuthRedirectManager, useAuthValidation, useAutoAuth, useBase64, useCfgRouter, useDeleteAccount, useGithubAuth, useLocalStorage, useQueryParams, useSessionStorage, useTokenRefresh, useTwoFactor, useTwoFactorSetup, useTwoFactorStatus, validateEmail, validateIdentifier };