@djangocfg/api 2.1.426 → 2.1.428
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +56 -0
- package/dist/auth-server.cjs +248 -32
- package/dist/auth-server.cjs.map +1 -1
- package/dist/auth-server.mjs +248 -32
- package/dist/auth-server.mjs.map +1 -1
- package/dist/auth.cjs +271 -29
- package/dist/auth.cjs.map +1 -1
- package/dist/auth.mjs +271 -29
- package/dist/auth.mjs.map +1 -1
- package/dist/clients.cjs +222 -25
- package/dist/clients.cjs.map +1 -1
- package/dist/clients.d.cts +35 -28
- package/dist/clients.d.ts +35 -28
- package/dist/clients.mjs +222 -25
- package/dist/clients.mjs.map +1 -1
- package/dist/hooks.cjs +117 -4
- package/dist/hooks.cjs.map +1 -1
- package/dist/hooks.mjs +117 -4
- package/dist/hooks.mjs.map +1 -1
- package/dist/index.cjs +277 -26
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +98 -29
- package/dist/index.d.ts +98 -29
- package/dist/index.mjs +277 -26
- package/dist/index.mjs.map +1 -1
- package/package.json +2 -2
- package/src/_api/generated/client/index.ts +1 -0
- package/src/_api/generated/client/utils.gen.ts +2 -2
- package/src/_api/generated/client.gen.ts +2 -2
- package/src/_api/generated/core/auth.gen.ts +7 -0
- package/src/_api/generated/core/params.gen.ts +10 -8
- package/src/_api/generated/core/pathSerializer.gen.ts +6 -6
- package/src/_api/generated/core/queryKeySerializer.gen.ts +1 -1
- package/src/_api/generated/core/utils.gen.ts +4 -4
- package/src/_api/generated/helpers/auth.ts +127 -1
- package/src/_api/generated/sdk.gen.ts +149 -53
- package/src/auth/context/AuthContext.tsx +8 -0
- package/src/auth/utils/env.ts +18 -0
- package/src/auth/utils/logger.ts +11 -4
- package/src/index.ts +12 -0
- package/src/log-control.ts +81 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
// This file is auto-generated by @hey-api/openapi-ts
|
|
2
2
|
|
|
3
|
-
import { type Client, formDataBodySerializer, type Options as Options2, type TDataShape } from './client';
|
|
3
|
+
import { type Client, formDataBodySerializer, type Options as Options2, type RequestResult, type TDataShape } from './client';
|
|
4
4
|
import { client } from './client.gen';
|
|
5
5
|
import type { CfgAccountsApiKeyRegenerateCreateData, CfgAccountsApiKeyRegenerateCreateErrors, CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRetrieveData, CfgAccountsApiKeyRetrieveErrors, CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyTestCreateData, CfgAccountsApiKeyTestCreateResponses, CfgAccountsOauthConnectionsListData, CfgAccountsOauthConnectionsListResponses, CfgAccountsOauthDisconnectCreateData, CfgAccountsOauthDisconnectCreateErrors, CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthGithubAuthorizeCreateData, CfgAccountsOauthGithubAuthorizeCreateErrors, CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubCallbackCreateData, CfgAccountsOauthGithubCallbackCreateErrors, CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthProvidersRetrieveData, CfgAccountsOauthProvidersRetrieveResponses, CfgAccountsOtpRequestCreateData, CfgAccountsOtpRequestCreateErrors, CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpVerifyCreateData, CfgAccountsOtpVerifyCreateErrors, CfgAccountsOtpVerifyCreateResponses, CfgAccountsProfileAvatarCreateData, CfgAccountsProfileAvatarCreateErrors, CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileDeleteCreateData, CfgAccountsProfileDeleteCreateErrors, CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfilePartialPartialUpdateData, CfgAccountsProfilePartialPartialUpdateErrors, CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialUpdateData, CfgAccountsProfilePartialUpdateErrors, CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfileRetrieveData, CfgAccountsProfileRetrieveErrors, CfgAccountsProfileRetrieveResponses, CfgAccountsProfileUpdatePartialUpdateData, CfgAccountsProfileUpdatePartialUpdateErrors, CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdateUpdateData, CfgAccountsProfileUpdateUpdateErrors, CfgAccountsProfileUpdateUpdateResponses, CfgAccountsTokenRefreshCreateData, CfgAccountsTokenRefreshCreateResponses, CfgCentrifugoAuthTokenRetrieveData, CfgCentrifugoAuthTokenRetrieveErrors, CfgCentrifugoAuthTokenRetrieveResponses, CfgTotpBackupCodesRegenerateCreateData, CfgTotpBackupCodesRegenerateCreateErrors, CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRetrieveData, CfgTotpBackupCodesRetrieveResponses, CfgTotpDevicesDestroyData, CfgTotpDevicesDestroyResponses, CfgTotpDevicesRetrieveData, CfgTotpDevicesRetrieveResponses, CfgTotpDisableCreateData, CfgTotpDisableCreateErrors, CfgTotpDisableCreateResponses, CfgTotpSetupConfirmCreateData, CfgTotpSetupConfirmCreateErrors, CfgTotpSetupConfirmCreateResponses, CfgTotpSetupCreateData, CfgTotpSetupCreateErrors, CfgTotpSetupCreateResponses, CfgTotpVerifyBackupCreateData, CfgTotpVerifyBackupCreateErrors, CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyCreateData, CfgTotpVerifyCreateErrors, CfgTotpVerifyCreateResponses } from './types.gen';
|
|
6
6
|
|
|
@@ -24,10 +24,14 @@ export class CfgAccountsApiKey {
|
|
|
24
24
|
*
|
|
25
25
|
* Retrieve the current user's API key (masked) and metadata.
|
|
26
26
|
*/
|
|
27
|
-
public static cfgAccountsApiKeyRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsApiKeyRetrieveData, ThrowOnError>) {
|
|
27
|
+
public static cfgAccountsApiKeyRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsApiKeyRetrieveData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyRetrieveErrors, ThrowOnError> {
|
|
28
28
|
return (options?.client ?? client).get<CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyRetrieveErrors, ThrowOnError>({
|
|
29
29
|
security: [
|
|
30
|
-
{
|
|
30
|
+
{
|
|
31
|
+
key: 'jwtAuth',
|
|
32
|
+
scheme: 'bearer',
|
|
33
|
+
type: 'http'
|
|
34
|
+
},
|
|
31
35
|
{
|
|
32
36
|
in: 'cookie',
|
|
33
37
|
name: 'sessionid',
|
|
@@ -45,10 +49,14 @@ export class CfgAccountsApiKey {
|
|
|
45
49
|
*
|
|
46
50
|
* Generate a new API key. The full key is returned only once.
|
|
47
51
|
*/
|
|
48
|
-
public static cfgAccountsApiKeyRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyRegenerateCreateData, ThrowOnError>) {
|
|
52
|
+
public static cfgAccountsApiKeyRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyRegenerateCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRegenerateCreateErrors, ThrowOnError> {
|
|
49
53
|
return (options.client ?? client).post<CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRegenerateCreateErrors, ThrowOnError>({
|
|
50
54
|
security: [
|
|
51
|
-
{
|
|
55
|
+
{
|
|
56
|
+
key: 'jwtAuth',
|
|
57
|
+
scheme: 'bearer',
|
|
58
|
+
type: 'http'
|
|
59
|
+
},
|
|
52
60
|
{
|
|
53
61
|
in: 'cookie',
|
|
54
62
|
name: 'sessionid',
|
|
@@ -70,10 +78,14 @@ export class CfgAccountsApiKey {
|
|
|
70
78
|
*
|
|
71
79
|
* Test whether an API key is valid without consuming it.
|
|
72
80
|
*/
|
|
73
|
-
public static cfgAccountsApiKeyTestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyTestCreateData, ThrowOnError>) {
|
|
81
|
+
public static cfgAccountsApiKeyTestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyTestCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyTestCreateResponses, unknown, ThrowOnError> {
|
|
74
82
|
return (options.client ?? client).post<CfgAccountsApiKeyTestCreateResponses, unknown, ThrowOnError>({
|
|
75
83
|
security: [
|
|
76
|
-
{
|
|
84
|
+
{
|
|
85
|
+
key: 'jwtAuth',
|
|
86
|
+
scheme: 'bearer',
|
|
87
|
+
type: 'http'
|
|
88
|
+
},
|
|
77
89
|
{
|
|
78
90
|
in: 'cookie',
|
|
79
91
|
name: 'sessionid',
|
|
@@ -97,9 +109,13 @@ export class CfgAccountsOauth {
|
|
|
97
109
|
*
|
|
98
110
|
* Get all OAuth connections for the current user.
|
|
99
111
|
*/
|
|
100
|
-
public static cfgAccountsOauthConnectionsList<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthConnectionsListData, ThrowOnError>) {
|
|
112
|
+
public static cfgAccountsOauthConnectionsList<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthConnectionsListData, ThrowOnError>): RequestResult<CfgAccountsOauthConnectionsListResponses, unknown, ThrowOnError> {
|
|
101
113
|
return (options?.client ?? client).get<CfgAccountsOauthConnectionsListResponses, unknown, ThrowOnError>({
|
|
102
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
114
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
115
|
+
key: 'jwtAuthWithLastLogin',
|
|
116
|
+
scheme: 'bearer',
|
|
117
|
+
type: 'http'
|
|
118
|
+
}],
|
|
103
119
|
url: '/cfg/accounts/oauth/connections/',
|
|
104
120
|
...options
|
|
105
121
|
});
|
|
@@ -110,9 +126,13 @@ export class CfgAccountsOauth {
|
|
|
110
126
|
*
|
|
111
127
|
* Remove OAuth connection for the specified provider.
|
|
112
128
|
*/
|
|
113
|
-
public static cfgAccountsOauthDisconnectCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthDisconnectCreateData, ThrowOnError>) {
|
|
129
|
+
public static cfgAccountsOauthDisconnectCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthDisconnectCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthDisconnectCreateErrors, ThrowOnError> {
|
|
114
130
|
return (options.client ?? client).post<CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthDisconnectCreateErrors, ThrowOnError>({
|
|
115
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
131
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
132
|
+
key: 'jwtAuthWithLastLogin',
|
|
133
|
+
scheme: 'bearer',
|
|
134
|
+
type: 'http'
|
|
135
|
+
}],
|
|
116
136
|
url: '/cfg/accounts/oauth/disconnect/',
|
|
117
137
|
...options,
|
|
118
138
|
headers: {
|
|
@@ -127,7 +147,7 @@ export class CfgAccountsOauth {
|
|
|
127
147
|
*
|
|
128
148
|
* Generate GitHub OAuth authorization URL. Redirect user to this URL to start authentication.
|
|
129
149
|
*/
|
|
130
|
-
public static cfgAccountsOauthGithubAuthorizeCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthGithubAuthorizeCreateData, ThrowOnError>) {
|
|
150
|
+
public static cfgAccountsOauthGithubAuthorizeCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthGithubAuthorizeCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubAuthorizeCreateErrors, ThrowOnError> {
|
|
131
151
|
return (options?.client ?? client).post<CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubAuthorizeCreateErrors, ThrowOnError>({
|
|
132
152
|
url: '/cfg/accounts/oauth/github/authorize/',
|
|
133
153
|
...options,
|
|
@@ -143,7 +163,7 @@ export class CfgAccountsOauth {
|
|
|
143
163
|
*
|
|
144
164
|
* Exchange authorization code for JWT tokens. Call this after GitHub redirects back with code.
|
|
145
165
|
*/
|
|
146
|
-
public static cfgAccountsOauthGithubCallbackCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthGithubCallbackCreateData, ThrowOnError>) {
|
|
166
|
+
public static cfgAccountsOauthGithubCallbackCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthGithubCallbackCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthGithubCallbackCreateErrors, ThrowOnError> {
|
|
147
167
|
return (options.client ?? client).post<CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthGithubCallbackCreateErrors, ThrowOnError>({
|
|
148
168
|
url: '/cfg/accounts/oauth/github/callback/',
|
|
149
169
|
...options,
|
|
@@ -159,7 +179,7 @@ export class CfgAccountsOauth {
|
|
|
159
179
|
*
|
|
160
180
|
* Get list of available OAuth providers for authentication.
|
|
161
181
|
*/
|
|
162
|
-
public static cfgAccountsOauthProvidersRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthProvidersRetrieveData, ThrowOnError>) {
|
|
182
|
+
public static cfgAccountsOauthProvidersRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthProvidersRetrieveData, ThrowOnError>): RequestResult<CfgAccountsOauthProvidersRetrieveResponses, unknown, ThrowOnError> {
|
|
163
183
|
return (options?.client ?? client).get<CfgAccountsOauthProvidersRetrieveResponses, unknown, ThrowOnError>({ url: '/cfg/accounts/oauth/providers/', ...options });
|
|
164
184
|
}
|
|
165
185
|
}
|
|
@@ -168,9 +188,13 @@ export class CfgAccounts {
|
|
|
168
188
|
/**
|
|
169
189
|
* Request OTP code to email.
|
|
170
190
|
*/
|
|
171
|
-
public static cfgAccountsOtpRequestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpRequestCreateData, ThrowOnError>) {
|
|
191
|
+
public static cfgAccountsOtpRequestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpRequestCreateData, ThrowOnError>): RequestResult<CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpRequestCreateErrors, ThrowOnError> {
|
|
172
192
|
return (options.client ?? client).post<CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpRequestCreateErrors, ThrowOnError>({
|
|
173
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
193
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
194
|
+
key: 'jwtAuthWithLastLogin',
|
|
195
|
+
scheme: 'bearer',
|
|
196
|
+
type: 'http'
|
|
197
|
+
}],
|
|
174
198
|
url: '/cfg/accounts/otp/request/',
|
|
175
199
|
...options,
|
|
176
200
|
headers: {
|
|
@@ -190,9 +214,13 @@ export class CfgAccounts {
|
|
|
190
214
|
* If user has no 2FA:
|
|
191
215
|
* - Returns JWT tokens and user data directly
|
|
192
216
|
*/
|
|
193
|
-
public static cfgAccountsOtpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpVerifyCreateData, ThrowOnError>) {
|
|
217
|
+
public static cfgAccountsOtpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpVerifyCreateData, ThrowOnError>): RequestResult<CfgAccountsOtpVerifyCreateResponses, CfgAccountsOtpVerifyCreateErrors, ThrowOnError> {
|
|
194
218
|
return (options.client ?? client).post<CfgAccountsOtpVerifyCreateResponses, CfgAccountsOtpVerifyCreateErrors, ThrowOnError>({
|
|
195
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
219
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
220
|
+
key: 'jwtAuthWithLastLogin',
|
|
221
|
+
scheme: 'bearer',
|
|
222
|
+
type: 'http'
|
|
223
|
+
}],
|
|
196
224
|
url: '/cfg/accounts/otp/verify/',
|
|
197
225
|
...options,
|
|
198
226
|
headers: {
|
|
@@ -209,9 +237,13 @@ export class CfgAccountsProfile {
|
|
|
209
237
|
*
|
|
210
238
|
* Retrieve the current authenticated user's profile information.
|
|
211
239
|
*/
|
|
212
|
-
public static cfgAccountsProfileRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileRetrieveData, ThrowOnError>) {
|
|
240
|
+
public static cfgAccountsProfileRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileRetrieveData, ThrowOnError>): RequestResult<CfgAccountsProfileRetrieveResponses, CfgAccountsProfileRetrieveErrors, ThrowOnError> {
|
|
213
241
|
return (options?.client ?? client).get<CfgAccountsProfileRetrieveResponses, CfgAccountsProfileRetrieveErrors, ThrowOnError>({
|
|
214
|
-
security: [{
|
|
242
|
+
security: [{
|
|
243
|
+
key: 'jwtAuth',
|
|
244
|
+
scheme: 'bearer',
|
|
245
|
+
type: 'http'
|
|
246
|
+
}, {
|
|
215
247
|
in: 'cookie',
|
|
216
248
|
name: 'sessionid',
|
|
217
249
|
type: 'apiKey'
|
|
@@ -226,10 +258,14 @@ export class CfgAccountsProfile {
|
|
|
226
258
|
*
|
|
227
259
|
* Upload avatar image for the current authenticated user. Accepts multipart/form-data with 'avatar' field.
|
|
228
260
|
*/
|
|
229
|
-
public static cfgAccountsProfileAvatarCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileAvatarCreateData, ThrowOnError>) {
|
|
261
|
+
public static cfgAccountsProfileAvatarCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileAvatarCreateData, ThrowOnError>): RequestResult<CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileAvatarCreateErrors, ThrowOnError> {
|
|
230
262
|
return (options?.client ?? client).post<CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileAvatarCreateErrors, ThrowOnError>({
|
|
231
263
|
...formDataBodySerializer,
|
|
232
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
264
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
265
|
+
key: 'jwtAuthWithLastLogin',
|
|
266
|
+
scheme: 'bearer',
|
|
267
|
+
type: 'http'
|
|
268
|
+
}],
|
|
233
269
|
url: '/cfg/accounts/profile/avatar/',
|
|
234
270
|
...options,
|
|
235
271
|
headers: {
|
|
@@ -254,9 +290,13 @@ export class CfgAccountsProfile {
|
|
|
254
290
|
* The account can be restored by an administrator if needed.
|
|
255
291
|
*
|
|
256
292
|
*/
|
|
257
|
-
public static cfgAccountsProfileDeleteCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileDeleteCreateData, ThrowOnError>) {
|
|
293
|
+
public static cfgAccountsProfileDeleteCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileDeleteCreateData, ThrowOnError>): RequestResult<CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfileDeleteCreateErrors, ThrowOnError> {
|
|
258
294
|
return (options?.client ?? client).post<CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfileDeleteCreateErrors, ThrowOnError>({
|
|
259
|
-
security: [{
|
|
295
|
+
security: [{
|
|
296
|
+
key: 'jwtAuth',
|
|
297
|
+
scheme: 'bearer',
|
|
298
|
+
type: 'http'
|
|
299
|
+
}, {
|
|
260
300
|
in: 'cookie',
|
|
261
301
|
name: 'sessionid',
|
|
262
302
|
type: 'apiKey'
|
|
@@ -271,9 +311,13 @@ export class CfgAccountsProfile {
|
|
|
271
311
|
*
|
|
272
312
|
* Partially update the current authenticated user's profile information. Supports avatar upload.
|
|
273
313
|
*/
|
|
274
|
-
public static cfgAccountsProfilePartialPartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialPartialUpdateData, ThrowOnError>) {
|
|
314
|
+
public static cfgAccountsProfilePartialPartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialPartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialPartialUpdateErrors, ThrowOnError> {
|
|
275
315
|
return (options?.client ?? client).patch<CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialPartialUpdateErrors, ThrowOnError>({
|
|
276
|
-
security: [{
|
|
316
|
+
security: [{
|
|
317
|
+
key: 'jwtAuth',
|
|
318
|
+
scheme: 'bearer',
|
|
319
|
+
type: 'http'
|
|
320
|
+
}, {
|
|
277
321
|
in: 'cookie',
|
|
278
322
|
name: 'sessionid',
|
|
279
323
|
type: 'apiKey'
|
|
@@ -292,9 +336,13 @@ export class CfgAccountsProfile {
|
|
|
292
336
|
*
|
|
293
337
|
* Partially update the current authenticated user's profile information. Supports avatar upload.
|
|
294
338
|
*/
|
|
295
|
-
public static cfgAccountsProfilePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialUpdateData, ThrowOnError>) {
|
|
339
|
+
public static cfgAccountsProfilePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfilePartialUpdateErrors, ThrowOnError> {
|
|
296
340
|
return (options?.client ?? client).put<CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfilePartialUpdateErrors, ThrowOnError>({
|
|
297
|
-
security: [{
|
|
341
|
+
security: [{
|
|
342
|
+
key: 'jwtAuth',
|
|
343
|
+
scheme: 'bearer',
|
|
344
|
+
type: 'http'
|
|
345
|
+
}, {
|
|
298
346
|
in: 'cookie',
|
|
299
347
|
name: 'sessionid',
|
|
300
348
|
type: 'apiKey'
|
|
@@ -313,9 +361,13 @@ export class CfgAccountsProfile {
|
|
|
313
361
|
*
|
|
314
362
|
* Update the current authenticated user's profile information.
|
|
315
363
|
*/
|
|
316
|
-
public static cfgAccountsProfileUpdatePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdatePartialUpdateData, ThrowOnError>) {
|
|
364
|
+
public static cfgAccountsProfileUpdatePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdatePartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdatePartialUpdateErrors, ThrowOnError> {
|
|
317
365
|
return (options?.client ?? client).patch<CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdatePartialUpdateErrors, ThrowOnError>({
|
|
318
|
-
security: [{
|
|
366
|
+
security: [{
|
|
367
|
+
key: 'jwtAuth',
|
|
368
|
+
scheme: 'bearer',
|
|
369
|
+
type: 'http'
|
|
370
|
+
}, {
|
|
319
371
|
in: 'cookie',
|
|
320
372
|
name: 'sessionid',
|
|
321
373
|
type: 'apiKey'
|
|
@@ -334,9 +386,13 @@ export class CfgAccountsProfile {
|
|
|
334
386
|
*
|
|
335
387
|
* Update the current authenticated user's profile information.
|
|
336
388
|
*/
|
|
337
|
-
public static cfgAccountsProfileUpdateUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdateUpdateData, ThrowOnError>) {
|
|
389
|
+
public static cfgAccountsProfileUpdateUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdateUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfileUpdateUpdateResponses, CfgAccountsProfileUpdateUpdateErrors, ThrowOnError> {
|
|
338
390
|
return (options?.client ?? client).put<CfgAccountsProfileUpdateUpdateResponses, CfgAccountsProfileUpdateUpdateErrors, ThrowOnError>({
|
|
339
|
-
security: [{
|
|
391
|
+
security: [{
|
|
392
|
+
key: 'jwtAuth',
|
|
393
|
+
scheme: 'bearer',
|
|
394
|
+
type: 'http'
|
|
395
|
+
}, {
|
|
340
396
|
in: 'cookie',
|
|
341
397
|
name: 'sessionid',
|
|
342
398
|
type: 'apiKey'
|
|
@@ -355,7 +411,7 @@ export class CfgAccountsAuth {
|
|
|
355
411
|
/**
|
|
356
412
|
* Refresh JWT token.
|
|
357
413
|
*/
|
|
358
|
-
public static cfgAccountsTokenRefreshCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsTokenRefreshCreateData, ThrowOnError>) {
|
|
414
|
+
public static cfgAccountsTokenRefreshCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsTokenRefreshCreateData, ThrowOnError>): RequestResult<CfgAccountsTokenRefreshCreateResponses, unknown, ThrowOnError> {
|
|
359
415
|
return (options.client ?? client).post<CfgAccountsTokenRefreshCreateResponses, unknown, ThrowOnError>({
|
|
360
416
|
url: '/cfg/accounts/token/refresh/',
|
|
361
417
|
...options,
|
|
@@ -373,9 +429,13 @@ export class CfgCentrifugo {
|
|
|
373
429
|
*
|
|
374
430
|
* Generate JWT token for WebSocket connection to Centrifugo. Token includes user's allowed channels based on their permissions. Requires authentication.
|
|
375
431
|
*/
|
|
376
|
-
public static cfgCentrifugoAuthTokenRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgCentrifugoAuthTokenRetrieveData, ThrowOnError>) {
|
|
432
|
+
public static cfgCentrifugoAuthTokenRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgCentrifugoAuthTokenRetrieveData, ThrowOnError>): RequestResult<CfgCentrifugoAuthTokenRetrieveResponses, CfgCentrifugoAuthTokenRetrieveErrors, ThrowOnError> {
|
|
377
433
|
return (options?.client ?? client).get<CfgCentrifugoAuthTokenRetrieveResponses, CfgCentrifugoAuthTokenRetrieveErrors, ThrowOnError>({
|
|
378
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
434
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
435
|
+
key: 'jwtAuthWithLastLogin',
|
|
436
|
+
scheme: 'bearer',
|
|
437
|
+
type: 'http'
|
|
438
|
+
}],
|
|
379
439
|
url: '/cfg/centrifugo/auth/token/',
|
|
380
440
|
...options
|
|
381
441
|
});
|
|
@@ -386,9 +446,13 @@ export class CfgTotpBackupCodes {
|
|
|
386
446
|
/**
|
|
387
447
|
* Get backup codes status for user.
|
|
388
448
|
*/
|
|
389
|
-
public static cfgTotpBackupCodesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpBackupCodesRetrieveData, ThrowOnError>) {
|
|
449
|
+
public static cfgTotpBackupCodesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpBackupCodesRetrieveData, ThrowOnError>): RequestResult<CfgTotpBackupCodesRetrieveResponses, unknown, ThrowOnError> {
|
|
390
450
|
return (options?.client ?? client).get<CfgTotpBackupCodesRetrieveResponses, unknown, ThrowOnError>({
|
|
391
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
451
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
452
|
+
key: 'jwtAuthWithLastLogin',
|
|
453
|
+
scheme: 'bearer',
|
|
454
|
+
type: 'http'
|
|
455
|
+
}],
|
|
392
456
|
url: '/cfg/totp/backup-codes/',
|
|
393
457
|
...options
|
|
394
458
|
});
|
|
@@ -400,9 +464,13 @@ export class CfgTotpBackupCodes {
|
|
|
400
464
|
* Requires TOTP code for verification.
|
|
401
465
|
* Invalidates all existing codes.
|
|
402
466
|
*/
|
|
403
|
-
public static cfgTotpBackupCodesRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpBackupCodesRegenerateCreateData, ThrowOnError>) {
|
|
467
|
+
public static cfgTotpBackupCodesRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpBackupCodesRegenerateCreateData, ThrowOnError>): RequestResult<CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRegenerateCreateErrors, ThrowOnError> {
|
|
404
468
|
return (options.client ?? client).post<CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRegenerateCreateErrors, ThrowOnError>({
|
|
405
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
469
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
470
|
+
key: 'jwtAuthWithLastLogin',
|
|
471
|
+
scheme: 'bearer',
|
|
472
|
+
type: 'http'
|
|
473
|
+
}],
|
|
406
474
|
url: '/cfg/totp/backup-codes/regenerate/',
|
|
407
475
|
...options,
|
|
408
476
|
headers: {
|
|
@@ -417,9 +485,13 @@ export class CfgTotp {
|
|
|
417
485
|
/**
|
|
418
486
|
* List all TOTP devices for user.
|
|
419
487
|
*/
|
|
420
|
-
public static cfgTotpDevicesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpDevicesRetrieveData, ThrowOnError>) {
|
|
488
|
+
public static cfgTotpDevicesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpDevicesRetrieveData, ThrowOnError>): RequestResult<CfgTotpDevicesRetrieveResponses, unknown, ThrowOnError> {
|
|
421
489
|
return (options?.client ?? client).get<CfgTotpDevicesRetrieveResponses, unknown, ThrowOnError>({
|
|
422
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
490
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
491
|
+
key: 'jwtAuthWithLastLogin',
|
|
492
|
+
scheme: 'bearer',
|
|
493
|
+
type: 'http'
|
|
494
|
+
}],
|
|
423
495
|
url: '/cfg/totp/devices/',
|
|
424
496
|
...options
|
|
425
497
|
});
|
|
@@ -430,9 +502,13 @@ export class CfgTotp {
|
|
|
430
502
|
*
|
|
431
503
|
* Requires verification code if removing the last/primary device.
|
|
432
504
|
*/
|
|
433
|
-
public static cfgTotpDevicesDestroy<ThrowOnError extends boolean = false>(options: Options<CfgTotpDevicesDestroyData, ThrowOnError>) {
|
|
505
|
+
public static cfgTotpDevicesDestroy<ThrowOnError extends boolean = false>(options: Options<CfgTotpDevicesDestroyData, ThrowOnError>): RequestResult<CfgTotpDevicesDestroyResponses, unknown, ThrowOnError> {
|
|
434
506
|
return (options.client ?? client).delete<CfgTotpDevicesDestroyResponses, unknown, ThrowOnError>({
|
|
435
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
507
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
508
|
+
key: 'jwtAuthWithLastLogin',
|
|
509
|
+
scheme: 'bearer',
|
|
510
|
+
type: 'http'
|
|
511
|
+
}],
|
|
436
512
|
url: '/cfg/totp/devices/{id}/',
|
|
437
513
|
...options
|
|
438
514
|
});
|
|
@@ -443,9 +519,13 @@ export class CfgTotp {
|
|
|
443
519
|
*
|
|
444
520
|
* Requires verification code.
|
|
445
521
|
*/
|
|
446
|
-
public static cfgTotpDisableCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpDisableCreateData, ThrowOnError>) {
|
|
522
|
+
public static cfgTotpDisableCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpDisableCreateData, ThrowOnError>): RequestResult<CfgTotpDisableCreateResponses, CfgTotpDisableCreateErrors, ThrowOnError> {
|
|
447
523
|
return (options.client ?? client).post<CfgTotpDisableCreateResponses, CfgTotpDisableCreateErrors, ThrowOnError>({
|
|
448
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
524
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
525
|
+
key: 'jwtAuthWithLastLogin',
|
|
526
|
+
scheme: 'bearer',
|
|
527
|
+
type: 'http'
|
|
528
|
+
}],
|
|
449
529
|
url: '/cfg/totp/disable/',
|
|
450
530
|
...options,
|
|
451
531
|
headers: {
|
|
@@ -462,9 +542,13 @@ export class CfgTotpSetup {
|
|
|
462
542
|
*
|
|
463
543
|
* Creates a new TOTP device and returns QR code for scanning.
|
|
464
544
|
*/
|
|
465
|
-
public static cfgTotpSetupCreate<ThrowOnError extends boolean = false>(options?: Options<CfgTotpSetupCreateData, ThrowOnError>) {
|
|
545
|
+
public static cfgTotpSetupCreate<ThrowOnError extends boolean = false>(options?: Options<CfgTotpSetupCreateData, ThrowOnError>): RequestResult<CfgTotpSetupCreateResponses, CfgTotpSetupCreateErrors, ThrowOnError> {
|
|
466
546
|
return (options?.client ?? client).post<CfgTotpSetupCreateResponses, CfgTotpSetupCreateErrors, ThrowOnError>({
|
|
467
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
547
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
548
|
+
key: 'jwtAuthWithLastLogin',
|
|
549
|
+
scheme: 'bearer',
|
|
550
|
+
type: 'http'
|
|
551
|
+
}],
|
|
468
552
|
url: '/cfg/totp/setup/',
|
|
469
553
|
...options,
|
|
470
554
|
headers: {
|
|
@@ -479,9 +563,13 @@ export class CfgTotpSetup {
|
|
|
479
563
|
*
|
|
480
564
|
* Activates the device and generates backup codes.
|
|
481
565
|
*/
|
|
482
|
-
public static cfgTotpSetupConfirmCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpSetupConfirmCreateData, ThrowOnError>) {
|
|
566
|
+
public static cfgTotpSetupConfirmCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpSetupConfirmCreateData, ThrowOnError>): RequestResult<CfgTotpSetupConfirmCreateResponses, CfgTotpSetupConfirmCreateErrors, ThrowOnError> {
|
|
483
567
|
return (options.client ?? client).post<CfgTotpSetupConfirmCreateResponses, CfgTotpSetupConfirmCreateErrors, ThrowOnError>({
|
|
484
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
568
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
569
|
+
key: 'jwtAuthWithLastLogin',
|
|
570
|
+
scheme: 'bearer',
|
|
571
|
+
type: 'http'
|
|
572
|
+
}],
|
|
485
573
|
url: '/cfg/totp/setup/confirm/',
|
|
486
574
|
...options,
|
|
487
575
|
headers: {
|
|
@@ -498,9 +586,13 @@ export class CfgTotpVerify {
|
|
|
498
586
|
*
|
|
499
587
|
* Completes authentication and returns JWT tokens on success.
|
|
500
588
|
*/
|
|
501
|
-
public static cfgTotpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyCreateData, ThrowOnError>) {
|
|
589
|
+
public static cfgTotpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyCreateData, ThrowOnError>): RequestResult<CfgTotpVerifyCreateResponses, CfgTotpVerifyCreateErrors, ThrowOnError> {
|
|
502
590
|
return (options.client ?? client).post<CfgTotpVerifyCreateResponses, CfgTotpVerifyCreateErrors, ThrowOnError>({
|
|
503
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
591
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
592
|
+
key: 'jwtAuthWithLastLogin',
|
|
593
|
+
scheme: 'bearer',
|
|
594
|
+
type: 'http'
|
|
595
|
+
}],
|
|
504
596
|
url: '/cfg/totp/verify/',
|
|
505
597
|
...options,
|
|
506
598
|
headers: {
|
|
@@ -515,9 +607,13 @@ export class CfgTotpVerify {
|
|
|
515
607
|
*
|
|
516
608
|
* Alternative verification method when TOTP device unavailable.
|
|
517
609
|
*/
|
|
518
|
-
public static cfgTotpVerifyBackupCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyBackupCreateData, ThrowOnError>) {
|
|
610
|
+
public static cfgTotpVerifyBackupCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyBackupCreateData, ThrowOnError>): RequestResult<CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyBackupCreateErrors, ThrowOnError> {
|
|
519
611
|
return (options.client ?? client).post<CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyBackupCreateErrors, ThrowOnError>({
|
|
520
|
-
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
612
|
+
security: [{ name: 'X-API-Key', type: 'apiKey' }, {
|
|
613
|
+
key: 'jwtAuthWithLastLogin',
|
|
614
|
+
scheme: 'bearer',
|
|
615
|
+
type: 'http'
|
|
616
|
+
}],
|
|
521
617
|
url: '/cfg/totp/verify/backup/',
|
|
522
618
|
...options,
|
|
523
619
|
headers: {
|
|
@@ -11,6 +11,7 @@ import { SWRConfig } from 'swr';
|
|
|
11
11
|
import { useCfgRouter, useLocalStorage, useQueryParams } from '../hooks';
|
|
12
12
|
|
|
13
13
|
import { api as apiAccounts } from '../../';
|
|
14
|
+
import { applyRoleLogPolicy } from '../../log-control';
|
|
14
15
|
import { APIError } from '../../_api/generated/helpers';
|
|
15
16
|
import { clearProfileCache, getCachedProfile } from '../hooks/useProfileCache';
|
|
16
17
|
import { useAuthRedirectManager } from '../hooks/useAuthRedirect';
|
|
@@ -556,6 +557,13 @@ const AuthProviderInternal: React.FC<AuthProviderProps> = ({ children, config })
|
|
|
556
557
|
return Boolean(user?.is_staff || user?.is_superuser);
|
|
557
558
|
}, [user]);
|
|
558
559
|
|
|
560
|
+
// Role-aware console verbosity: admins (and dev) get debug logs, regular
|
|
561
|
+
// users in production get a clean console (errors only). Re-applied whenever
|
|
562
|
+
// the admin status changes (login / logout / profile load).
|
|
563
|
+
useEffect(() => {
|
|
564
|
+
applyRoleLogPolicy({ isAdmin: isAdminUser });
|
|
565
|
+
}, [isAdminUser]);
|
|
566
|
+
|
|
559
567
|
// Profile management: Update profile data
|
|
560
568
|
const updateProfile = useCallback(
|
|
561
569
|
async (data: { first_name?: string; last_name?: string; username?: string }): Promise<UserProfile> => {
|
package/src/auth/utils/env.ts
CHANGED
|
@@ -1,3 +1,21 @@
|
|
|
1
1
|
export const isDev = process.env.NODE_ENV === 'development';
|
|
2
2
|
export const isProd = !isDev;
|
|
3
3
|
export const isBrowser = typeof window !== 'undefined';
|
|
4
|
+
|
|
5
|
+
/**
|
|
6
|
+
* Next.js static-export build (`output: 'export'`). Loggers treat it like dev
|
|
7
|
+
* for visibility; some auth/SSR features behave differently under it.
|
|
8
|
+
*/
|
|
9
|
+
export const isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === 'true';
|
|
10
|
+
|
|
11
|
+
/**
|
|
12
|
+
* DPoP (RFC 9449) sender-constrained tokens are enabled for this app.
|
|
13
|
+
*
|
|
14
|
+
* Set by `createBaseNextConfig({ dpop: true })` (inlines
|
|
15
|
+
* `NEXT_PUBLIC_DPOP_ENABLED='true'`). When true: tokens are bound to a
|
|
16
|
+
* non-extractable in-browser key, a copied Bearer token can't be replayed, and
|
|
17
|
+
* the API client signs a per-request DPoP proof. This flag lives in
|
|
18
|
+
* `@djangocfg/api` — the package that implements DPoP — so it is the single
|
|
19
|
+
* source of truth, importable by every higher-level package.
|
|
20
|
+
*/
|
|
21
|
+
export const dpopEnabled = process.env.NEXT_PUBLIC_DPOP_ENABLED === 'true';
|
package/src/auth/utils/logger.ts
CHANGED
|
@@ -11,15 +11,22 @@ import { createConsola } from 'consola';
|
|
|
11
11
|
* - 3: log, info
|
|
12
12
|
* - 4: debug
|
|
13
13
|
* - 5: trace, verbose
|
|
14
|
+
*
|
|
15
|
+
* The level is driven by the GLOBAL runtime controller (log-control), so an
|
|
16
|
+
* admin can get verbose logs (even in prod) while regular users keep a clean
|
|
17
|
+
* console. `applyRoleLogPolicy(...)` at app bootstrap sets the policy.
|
|
14
18
|
*/
|
|
15
|
-
import {
|
|
16
|
-
const isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === 'true';
|
|
17
|
-
const showLogs = isDevelopment || isStaticBuild;
|
|
19
|
+
import { getLogLevel, onLogLevelChange } from '../../log-control';
|
|
18
20
|
|
|
19
21
|
export const logger = createConsola({
|
|
20
|
-
level:
|
|
22
|
+
level: getLogLevel(),
|
|
21
23
|
}).withTag('api');
|
|
22
24
|
|
|
25
|
+
// Keep the live logger's level in sync with the global controller.
|
|
26
|
+
onLogLevelChange((level) => {
|
|
27
|
+
logger.level = level;
|
|
28
|
+
});
|
|
29
|
+
|
|
23
30
|
/**
|
|
24
31
|
* Auth-specific logger
|
|
25
32
|
*/
|
package/src/index.ts
CHANGED
|
@@ -34,3 +34,15 @@ export type { User } from './_api/generated/_cfg_accounts/types.gen';
|
|
|
34
34
|
|
|
35
35
|
// Legacy alias for code that still imports `api` (= cfg_accounts singleton).
|
|
36
36
|
export { CfgAccountsApi as api } from './_api/generated';
|
|
37
|
+
|
|
38
|
+
// Global runtime log-level control (role-aware verbosity).
|
|
39
|
+
export {
|
|
40
|
+
getLogLevel,
|
|
41
|
+
setLogLevel,
|
|
42
|
+
onLogLevelChange,
|
|
43
|
+
applyRoleLogPolicy,
|
|
44
|
+
type ConsolaLevel,
|
|
45
|
+
} from './log-control';
|
|
46
|
+
|
|
47
|
+
// Env flags — single source of truth (api is the lowest shared package).
|
|
48
|
+
export { isDev, isProd, isBrowser, isStaticBuild, dpopEnabled } from './auth/utils/env';
|
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Global runtime log-level control.
|
|
3
|
+
*
|
|
4
|
+
* One mutable level that every `@djangocfg/*` consola wrapper reads, so the
|
|
5
|
+
* whole app's console verbosity can be changed at runtime (e.g. raised for an
|
|
6
|
+
* admin, kept silent for a regular user in production) WITHOUT each package
|
|
7
|
+
* hardcoding `isDev ? 4 : 1`.
|
|
8
|
+
*
|
|
9
|
+
* Lives in `@djangocfg/api` because it's the lowest shared package — api,
|
|
10
|
+
* layouts, centrifugo, ui-core consumers can all import it without a cycle.
|
|
11
|
+
*
|
|
12
|
+
* consola levels: 0 silent · 1 error · 2 warn · 3 info · 4 debug · 5 trace.
|
|
13
|
+
*
|
|
14
|
+
* Default policy (before anyone calls setLogLevel):
|
|
15
|
+
* - dev / static build → 4 (debug)
|
|
16
|
+
* - production → 1 (errors only)
|
|
17
|
+
* App bootstrap should call `applyRoleLogPolicy({ isAdmin, isDev })` once auth
|
|
18
|
+
* is known to raise verbosity for staff/superusers even in production.
|
|
19
|
+
*/
|
|
20
|
+
|
|
21
|
+
import { isDev, isStaticBuild } from './auth/utils/env';
|
|
22
|
+
|
|
23
|
+
export type ConsolaLevel = 0 | 1 | 2 | 3 | 4 | 5;
|
|
24
|
+
|
|
25
|
+
/** Dev or a static export → show verbose logs by default. */
|
|
26
|
+
const verboseByDefault = isDev || isStaticBuild;
|
|
27
|
+
|
|
28
|
+
const DEFAULT_LEVEL: ConsolaLevel = verboseByDefault ? 4 : 1;
|
|
29
|
+
|
|
30
|
+
let _level: ConsolaLevel = DEFAULT_LEVEL;
|
|
31
|
+
|
|
32
|
+
/** Subscribers (the wrapper loggers) notified when the level changes. */
|
|
33
|
+
const _subscribers = new Set<(level: ConsolaLevel) => void>();
|
|
34
|
+
|
|
35
|
+
/** Current global log level. Wrappers read this when constructing/refreshing. */
|
|
36
|
+
export function getLogLevel(): ConsolaLevel {
|
|
37
|
+
return _level;
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
/** Set the global log level and notify all live loggers. */
|
|
41
|
+
export function setLogLevel(level: ConsolaLevel): void {
|
|
42
|
+
_level = level;
|
|
43
|
+
for (const fn of _subscribers) {
|
|
44
|
+
try {
|
|
45
|
+
fn(level);
|
|
46
|
+
} catch {
|
|
47
|
+
/* a bad subscriber must not break logging */
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
|
|
52
|
+
/**
|
|
53
|
+
* Subscribe to level changes. Returns an unsubscribe fn. The callback fires
|
|
54
|
+
* immediately with the current level so a logger can sync on registration.
|
|
55
|
+
*/
|
|
56
|
+
export function onLogLevelChange(fn: (level: ConsolaLevel) => void): () => void {
|
|
57
|
+
_subscribers.add(fn);
|
|
58
|
+
try {
|
|
59
|
+
fn(_level);
|
|
60
|
+
} catch {
|
|
61
|
+
/* ignore */
|
|
62
|
+
}
|
|
63
|
+
return () => _subscribers.delete(fn);
|
|
64
|
+
}
|
|
65
|
+
|
|
66
|
+
/**
|
|
67
|
+
* Apply the role-aware policy. Call once at bootstrap and whenever auth changes.
|
|
68
|
+
*
|
|
69
|
+
* - admin (is_staff / is_superuser): full verbosity (debug) everywhere, even
|
|
70
|
+
* in production — so support/devs can diagnose live without a redeploy.
|
|
71
|
+
* - dev (non-admin): debug.
|
|
72
|
+
* - production regular user: errors only — a clean console, like big SaaS apps.
|
|
73
|
+
*/
|
|
74
|
+
export function applyRoleLogPolicy(opts: { isAdmin: boolean; isDev?: boolean }): void {
|
|
75
|
+
const devMode = opts.isDev ?? verboseByDefault;
|
|
76
|
+
if (opts.isAdmin || devMode) {
|
|
77
|
+
setLogLevel(4);
|
|
78
|
+
} else {
|
|
79
|
+
setLogLevel(1);
|
|
80
|
+
}
|
|
81
|
+
}
|