@djangocfg/api 2.1.427 → 2.1.428

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/README.md +56 -0
  2. package/dist/auth-server.cjs +248 -32
  3. package/dist/auth-server.cjs.map +1 -1
  4. package/dist/auth-server.mjs +248 -32
  5. package/dist/auth-server.mjs.map +1 -1
  6. package/dist/auth.cjs +271 -29
  7. package/dist/auth.cjs.map +1 -1
  8. package/dist/auth.mjs +271 -29
  9. package/dist/auth.mjs.map +1 -1
  10. package/dist/clients.cjs +222 -25
  11. package/dist/clients.cjs.map +1 -1
  12. package/dist/clients.d.cts +35 -28
  13. package/dist/clients.d.ts +35 -28
  14. package/dist/clients.mjs +222 -25
  15. package/dist/clients.mjs.map +1 -1
  16. package/dist/hooks.cjs +117 -4
  17. package/dist/hooks.cjs.map +1 -1
  18. package/dist/hooks.mjs +117 -4
  19. package/dist/hooks.mjs.map +1 -1
  20. package/dist/index.cjs +277 -26
  21. package/dist/index.cjs.map +1 -1
  22. package/dist/index.d.cts +98 -29
  23. package/dist/index.d.ts +98 -29
  24. package/dist/index.mjs +277 -26
  25. package/dist/index.mjs.map +1 -1
  26. package/package.json +2 -2
  27. package/src/_api/generated/client/index.ts +1 -0
  28. package/src/_api/generated/client/utils.gen.ts +2 -2
  29. package/src/_api/generated/client.gen.ts +2 -2
  30. package/src/_api/generated/core/auth.gen.ts +7 -0
  31. package/src/_api/generated/core/params.gen.ts +10 -8
  32. package/src/_api/generated/core/pathSerializer.gen.ts +6 -6
  33. package/src/_api/generated/core/queryKeySerializer.gen.ts +1 -1
  34. package/src/_api/generated/core/utils.gen.ts +4 -4
  35. package/src/_api/generated/helpers/auth.ts +127 -1
  36. package/src/_api/generated/sdk.gen.ts +149 -53
  37. package/src/auth/context/AuthContext.tsx +8 -0
  38. package/src/auth/utils/env.ts +18 -0
  39. package/src/auth/utils/logger.ts +11 -4
  40. package/src/index.ts +12 -0
  41. package/src/log-control.ts +81 -0
@@ -1,6 +1,6 @@
1
1
  // This file is auto-generated by @hey-api/openapi-ts
2
2
 
3
- import { type Client, formDataBodySerializer, type Options as Options2, type TDataShape } from './client';
3
+ import { type Client, formDataBodySerializer, type Options as Options2, type RequestResult, type TDataShape } from './client';
4
4
  import { client } from './client.gen';
5
5
  import type { CfgAccountsApiKeyRegenerateCreateData, CfgAccountsApiKeyRegenerateCreateErrors, CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRetrieveData, CfgAccountsApiKeyRetrieveErrors, CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyTestCreateData, CfgAccountsApiKeyTestCreateResponses, CfgAccountsOauthConnectionsListData, CfgAccountsOauthConnectionsListResponses, CfgAccountsOauthDisconnectCreateData, CfgAccountsOauthDisconnectCreateErrors, CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthGithubAuthorizeCreateData, CfgAccountsOauthGithubAuthorizeCreateErrors, CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubCallbackCreateData, CfgAccountsOauthGithubCallbackCreateErrors, CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthProvidersRetrieveData, CfgAccountsOauthProvidersRetrieveResponses, CfgAccountsOtpRequestCreateData, CfgAccountsOtpRequestCreateErrors, CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpVerifyCreateData, CfgAccountsOtpVerifyCreateErrors, CfgAccountsOtpVerifyCreateResponses, CfgAccountsProfileAvatarCreateData, CfgAccountsProfileAvatarCreateErrors, CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileDeleteCreateData, CfgAccountsProfileDeleteCreateErrors, CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfilePartialPartialUpdateData, CfgAccountsProfilePartialPartialUpdateErrors, CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialUpdateData, CfgAccountsProfilePartialUpdateErrors, CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfileRetrieveData, CfgAccountsProfileRetrieveErrors, CfgAccountsProfileRetrieveResponses, CfgAccountsProfileUpdatePartialUpdateData, CfgAccountsProfileUpdatePartialUpdateErrors, CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdateUpdateData, CfgAccountsProfileUpdateUpdateErrors, CfgAccountsProfileUpdateUpdateResponses, CfgAccountsTokenRefreshCreateData, CfgAccountsTokenRefreshCreateResponses, CfgCentrifugoAuthTokenRetrieveData, CfgCentrifugoAuthTokenRetrieveErrors, CfgCentrifugoAuthTokenRetrieveResponses, CfgTotpBackupCodesRegenerateCreateData, CfgTotpBackupCodesRegenerateCreateErrors, CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRetrieveData, CfgTotpBackupCodesRetrieveResponses, CfgTotpDevicesDestroyData, CfgTotpDevicesDestroyResponses, CfgTotpDevicesRetrieveData, CfgTotpDevicesRetrieveResponses, CfgTotpDisableCreateData, CfgTotpDisableCreateErrors, CfgTotpDisableCreateResponses, CfgTotpSetupConfirmCreateData, CfgTotpSetupConfirmCreateErrors, CfgTotpSetupConfirmCreateResponses, CfgTotpSetupCreateData, CfgTotpSetupCreateErrors, CfgTotpSetupCreateResponses, CfgTotpVerifyBackupCreateData, CfgTotpVerifyBackupCreateErrors, CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyCreateData, CfgTotpVerifyCreateErrors, CfgTotpVerifyCreateResponses } from './types.gen';
6
6
 
@@ -24,10 +24,14 @@ export class CfgAccountsApiKey {
24
24
  *
25
25
  * Retrieve the current user's API key (masked) and metadata.
26
26
  */
27
- public static cfgAccountsApiKeyRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsApiKeyRetrieveData, ThrowOnError>) {
27
+ public static cfgAccountsApiKeyRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsApiKeyRetrieveData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyRetrieveErrors, ThrowOnError> {
28
28
  return (options?.client ?? client).get<CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyRetrieveErrors, ThrowOnError>({
29
29
  security: [
30
- { scheme: 'bearer', type: 'http' },
30
+ {
31
+ key: 'jwtAuth',
32
+ scheme: 'bearer',
33
+ type: 'http'
34
+ },
31
35
  {
32
36
  in: 'cookie',
33
37
  name: 'sessionid',
@@ -45,10 +49,14 @@ export class CfgAccountsApiKey {
45
49
  *
46
50
  * Generate a new API key. The full key is returned only once.
47
51
  */
48
- public static cfgAccountsApiKeyRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyRegenerateCreateData, ThrowOnError>) {
52
+ public static cfgAccountsApiKeyRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyRegenerateCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRegenerateCreateErrors, ThrowOnError> {
49
53
  return (options.client ?? client).post<CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRegenerateCreateErrors, ThrowOnError>({
50
54
  security: [
51
- { scheme: 'bearer', type: 'http' },
55
+ {
56
+ key: 'jwtAuth',
57
+ scheme: 'bearer',
58
+ type: 'http'
59
+ },
52
60
  {
53
61
  in: 'cookie',
54
62
  name: 'sessionid',
@@ -70,10 +78,14 @@ export class CfgAccountsApiKey {
70
78
  *
71
79
  * Test whether an API key is valid without consuming it.
72
80
  */
73
- public static cfgAccountsApiKeyTestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyTestCreateData, ThrowOnError>) {
81
+ public static cfgAccountsApiKeyTestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyTestCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyTestCreateResponses, unknown, ThrowOnError> {
74
82
  return (options.client ?? client).post<CfgAccountsApiKeyTestCreateResponses, unknown, ThrowOnError>({
75
83
  security: [
76
- { scheme: 'bearer', type: 'http' },
84
+ {
85
+ key: 'jwtAuth',
86
+ scheme: 'bearer',
87
+ type: 'http'
88
+ },
77
89
  {
78
90
  in: 'cookie',
79
91
  name: 'sessionid',
@@ -97,9 +109,13 @@ export class CfgAccountsOauth {
97
109
  *
98
110
  * Get all OAuth connections for the current user.
99
111
  */
100
- public static cfgAccountsOauthConnectionsList<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthConnectionsListData, ThrowOnError>) {
112
+ public static cfgAccountsOauthConnectionsList<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthConnectionsListData, ThrowOnError>): RequestResult<CfgAccountsOauthConnectionsListResponses, unknown, ThrowOnError> {
101
113
  return (options?.client ?? client).get<CfgAccountsOauthConnectionsListResponses, unknown, ThrowOnError>({
102
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
114
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
115
+ key: 'jwtAuthWithLastLogin',
116
+ scheme: 'bearer',
117
+ type: 'http'
118
+ }],
103
119
  url: '/cfg/accounts/oauth/connections/',
104
120
  ...options
105
121
  });
@@ -110,9 +126,13 @@ export class CfgAccountsOauth {
110
126
  *
111
127
  * Remove OAuth connection for the specified provider.
112
128
  */
113
- public static cfgAccountsOauthDisconnectCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthDisconnectCreateData, ThrowOnError>) {
129
+ public static cfgAccountsOauthDisconnectCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthDisconnectCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthDisconnectCreateErrors, ThrowOnError> {
114
130
  return (options.client ?? client).post<CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthDisconnectCreateErrors, ThrowOnError>({
115
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
131
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
132
+ key: 'jwtAuthWithLastLogin',
133
+ scheme: 'bearer',
134
+ type: 'http'
135
+ }],
116
136
  url: '/cfg/accounts/oauth/disconnect/',
117
137
  ...options,
118
138
  headers: {
@@ -127,7 +147,7 @@ export class CfgAccountsOauth {
127
147
  *
128
148
  * Generate GitHub OAuth authorization URL. Redirect user to this URL to start authentication.
129
149
  */
130
- public static cfgAccountsOauthGithubAuthorizeCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthGithubAuthorizeCreateData, ThrowOnError>) {
150
+ public static cfgAccountsOauthGithubAuthorizeCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthGithubAuthorizeCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubAuthorizeCreateErrors, ThrowOnError> {
131
151
  return (options?.client ?? client).post<CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubAuthorizeCreateErrors, ThrowOnError>({
132
152
  url: '/cfg/accounts/oauth/github/authorize/',
133
153
  ...options,
@@ -143,7 +163,7 @@ export class CfgAccountsOauth {
143
163
  *
144
164
  * Exchange authorization code for JWT tokens. Call this after GitHub redirects back with code.
145
165
  */
146
- public static cfgAccountsOauthGithubCallbackCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthGithubCallbackCreateData, ThrowOnError>) {
166
+ public static cfgAccountsOauthGithubCallbackCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthGithubCallbackCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthGithubCallbackCreateErrors, ThrowOnError> {
147
167
  return (options.client ?? client).post<CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthGithubCallbackCreateErrors, ThrowOnError>({
148
168
  url: '/cfg/accounts/oauth/github/callback/',
149
169
  ...options,
@@ -159,7 +179,7 @@ export class CfgAccountsOauth {
159
179
  *
160
180
  * Get list of available OAuth providers for authentication.
161
181
  */
162
- public static cfgAccountsOauthProvidersRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthProvidersRetrieveData, ThrowOnError>) {
182
+ public static cfgAccountsOauthProvidersRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthProvidersRetrieveData, ThrowOnError>): RequestResult<CfgAccountsOauthProvidersRetrieveResponses, unknown, ThrowOnError> {
163
183
  return (options?.client ?? client).get<CfgAccountsOauthProvidersRetrieveResponses, unknown, ThrowOnError>({ url: '/cfg/accounts/oauth/providers/', ...options });
164
184
  }
165
185
  }
@@ -168,9 +188,13 @@ export class CfgAccounts {
168
188
  /**
169
189
  * Request OTP code to email.
170
190
  */
171
- public static cfgAccountsOtpRequestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpRequestCreateData, ThrowOnError>) {
191
+ public static cfgAccountsOtpRequestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpRequestCreateData, ThrowOnError>): RequestResult<CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpRequestCreateErrors, ThrowOnError> {
172
192
  return (options.client ?? client).post<CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpRequestCreateErrors, ThrowOnError>({
173
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
193
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
194
+ key: 'jwtAuthWithLastLogin',
195
+ scheme: 'bearer',
196
+ type: 'http'
197
+ }],
174
198
  url: '/cfg/accounts/otp/request/',
175
199
  ...options,
176
200
  headers: {
@@ -190,9 +214,13 @@ export class CfgAccounts {
190
214
  * If user has no 2FA:
191
215
  * - Returns JWT tokens and user data directly
192
216
  */
193
- public static cfgAccountsOtpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpVerifyCreateData, ThrowOnError>) {
217
+ public static cfgAccountsOtpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpVerifyCreateData, ThrowOnError>): RequestResult<CfgAccountsOtpVerifyCreateResponses, CfgAccountsOtpVerifyCreateErrors, ThrowOnError> {
194
218
  return (options.client ?? client).post<CfgAccountsOtpVerifyCreateResponses, CfgAccountsOtpVerifyCreateErrors, ThrowOnError>({
195
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
219
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
220
+ key: 'jwtAuthWithLastLogin',
221
+ scheme: 'bearer',
222
+ type: 'http'
223
+ }],
196
224
  url: '/cfg/accounts/otp/verify/',
197
225
  ...options,
198
226
  headers: {
@@ -209,9 +237,13 @@ export class CfgAccountsProfile {
209
237
  *
210
238
  * Retrieve the current authenticated user's profile information.
211
239
  */
212
- public static cfgAccountsProfileRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileRetrieveData, ThrowOnError>) {
240
+ public static cfgAccountsProfileRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileRetrieveData, ThrowOnError>): RequestResult<CfgAccountsProfileRetrieveResponses, CfgAccountsProfileRetrieveErrors, ThrowOnError> {
213
241
  return (options?.client ?? client).get<CfgAccountsProfileRetrieveResponses, CfgAccountsProfileRetrieveErrors, ThrowOnError>({
214
- security: [{ scheme: 'bearer', type: 'http' }, {
242
+ security: [{
243
+ key: 'jwtAuth',
244
+ scheme: 'bearer',
245
+ type: 'http'
246
+ }, {
215
247
  in: 'cookie',
216
248
  name: 'sessionid',
217
249
  type: 'apiKey'
@@ -226,10 +258,14 @@ export class CfgAccountsProfile {
226
258
  *
227
259
  * Upload avatar image for the current authenticated user. Accepts multipart/form-data with 'avatar' field.
228
260
  */
229
- public static cfgAccountsProfileAvatarCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileAvatarCreateData, ThrowOnError>) {
261
+ public static cfgAccountsProfileAvatarCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileAvatarCreateData, ThrowOnError>): RequestResult<CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileAvatarCreateErrors, ThrowOnError> {
230
262
  return (options?.client ?? client).post<CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileAvatarCreateErrors, ThrowOnError>({
231
263
  ...formDataBodySerializer,
232
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
264
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
265
+ key: 'jwtAuthWithLastLogin',
266
+ scheme: 'bearer',
267
+ type: 'http'
268
+ }],
233
269
  url: '/cfg/accounts/profile/avatar/',
234
270
  ...options,
235
271
  headers: {
@@ -254,9 +290,13 @@ export class CfgAccountsProfile {
254
290
  * The account can be restored by an administrator if needed.
255
291
  *
256
292
  */
257
- public static cfgAccountsProfileDeleteCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileDeleteCreateData, ThrowOnError>) {
293
+ public static cfgAccountsProfileDeleteCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileDeleteCreateData, ThrowOnError>): RequestResult<CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfileDeleteCreateErrors, ThrowOnError> {
258
294
  return (options?.client ?? client).post<CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfileDeleteCreateErrors, ThrowOnError>({
259
- security: [{ scheme: 'bearer', type: 'http' }, {
295
+ security: [{
296
+ key: 'jwtAuth',
297
+ scheme: 'bearer',
298
+ type: 'http'
299
+ }, {
260
300
  in: 'cookie',
261
301
  name: 'sessionid',
262
302
  type: 'apiKey'
@@ -271,9 +311,13 @@ export class CfgAccountsProfile {
271
311
  *
272
312
  * Partially update the current authenticated user's profile information. Supports avatar upload.
273
313
  */
274
- public static cfgAccountsProfilePartialPartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialPartialUpdateData, ThrowOnError>) {
314
+ public static cfgAccountsProfilePartialPartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialPartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialPartialUpdateErrors, ThrowOnError> {
275
315
  return (options?.client ?? client).patch<CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialPartialUpdateErrors, ThrowOnError>({
276
- security: [{ scheme: 'bearer', type: 'http' }, {
316
+ security: [{
317
+ key: 'jwtAuth',
318
+ scheme: 'bearer',
319
+ type: 'http'
320
+ }, {
277
321
  in: 'cookie',
278
322
  name: 'sessionid',
279
323
  type: 'apiKey'
@@ -292,9 +336,13 @@ export class CfgAccountsProfile {
292
336
  *
293
337
  * Partially update the current authenticated user's profile information. Supports avatar upload.
294
338
  */
295
- public static cfgAccountsProfilePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialUpdateData, ThrowOnError>) {
339
+ public static cfgAccountsProfilePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfilePartialUpdateErrors, ThrowOnError> {
296
340
  return (options?.client ?? client).put<CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfilePartialUpdateErrors, ThrowOnError>({
297
- security: [{ scheme: 'bearer', type: 'http' }, {
341
+ security: [{
342
+ key: 'jwtAuth',
343
+ scheme: 'bearer',
344
+ type: 'http'
345
+ }, {
298
346
  in: 'cookie',
299
347
  name: 'sessionid',
300
348
  type: 'apiKey'
@@ -313,9 +361,13 @@ export class CfgAccountsProfile {
313
361
  *
314
362
  * Update the current authenticated user's profile information.
315
363
  */
316
- public static cfgAccountsProfileUpdatePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdatePartialUpdateData, ThrowOnError>) {
364
+ public static cfgAccountsProfileUpdatePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdatePartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdatePartialUpdateErrors, ThrowOnError> {
317
365
  return (options?.client ?? client).patch<CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdatePartialUpdateErrors, ThrowOnError>({
318
- security: [{ scheme: 'bearer', type: 'http' }, {
366
+ security: [{
367
+ key: 'jwtAuth',
368
+ scheme: 'bearer',
369
+ type: 'http'
370
+ }, {
319
371
  in: 'cookie',
320
372
  name: 'sessionid',
321
373
  type: 'apiKey'
@@ -334,9 +386,13 @@ export class CfgAccountsProfile {
334
386
  *
335
387
  * Update the current authenticated user's profile information.
336
388
  */
337
- public static cfgAccountsProfileUpdateUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdateUpdateData, ThrowOnError>) {
389
+ public static cfgAccountsProfileUpdateUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdateUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfileUpdateUpdateResponses, CfgAccountsProfileUpdateUpdateErrors, ThrowOnError> {
338
390
  return (options?.client ?? client).put<CfgAccountsProfileUpdateUpdateResponses, CfgAccountsProfileUpdateUpdateErrors, ThrowOnError>({
339
- security: [{ scheme: 'bearer', type: 'http' }, {
391
+ security: [{
392
+ key: 'jwtAuth',
393
+ scheme: 'bearer',
394
+ type: 'http'
395
+ }, {
340
396
  in: 'cookie',
341
397
  name: 'sessionid',
342
398
  type: 'apiKey'
@@ -355,7 +411,7 @@ export class CfgAccountsAuth {
355
411
  /**
356
412
  * Refresh JWT token.
357
413
  */
358
- public static cfgAccountsTokenRefreshCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsTokenRefreshCreateData, ThrowOnError>) {
414
+ public static cfgAccountsTokenRefreshCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsTokenRefreshCreateData, ThrowOnError>): RequestResult<CfgAccountsTokenRefreshCreateResponses, unknown, ThrowOnError> {
359
415
  return (options.client ?? client).post<CfgAccountsTokenRefreshCreateResponses, unknown, ThrowOnError>({
360
416
  url: '/cfg/accounts/token/refresh/',
361
417
  ...options,
@@ -373,9 +429,13 @@ export class CfgCentrifugo {
373
429
  *
374
430
  * Generate JWT token for WebSocket connection to Centrifugo. Token includes user's allowed channels based on their permissions. Requires authentication.
375
431
  */
376
- public static cfgCentrifugoAuthTokenRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgCentrifugoAuthTokenRetrieveData, ThrowOnError>) {
432
+ public static cfgCentrifugoAuthTokenRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgCentrifugoAuthTokenRetrieveData, ThrowOnError>): RequestResult<CfgCentrifugoAuthTokenRetrieveResponses, CfgCentrifugoAuthTokenRetrieveErrors, ThrowOnError> {
377
433
  return (options?.client ?? client).get<CfgCentrifugoAuthTokenRetrieveResponses, CfgCentrifugoAuthTokenRetrieveErrors, ThrowOnError>({
378
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
434
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
435
+ key: 'jwtAuthWithLastLogin',
436
+ scheme: 'bearer',
437
+ type: 'http'
438
+ }],
379
439
  url: '/cfg/centrifugo/auth/token/',
380
440
  ...options
381
441
  });
@@ -386,9 +446,13 @@ export class CfgTotpBackupCodes {
386
446
  /**
387
447
  * Get backup codes status for user.
388
448
  */
389
- public static cfgTotpBackupCodesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpBackupCodesRetrieveData, ThrowOnError>) {
449
+ public static cfgTotpBackupCodesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpBackupCodesRetrieveData, ThrowOnError>): RequestResult<CfgTotpBackupCodesRetrieveResponses, unknown, ThrowOnError> {
390
450
  return (options?.client ?? client).get<CfgTotpBackupCodesRetrieveResponses, unknown, ThrowOnError>({
391
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
451
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
452
+ key: 'jwtAuthWithLastLogin',
453
+ scheme: 'bearer',
454
+ type: 'http'
455
+ }],
392
456
  url: '/cfg/totp/backup-codes/',
393
457
  ...options
394
458
  });
@@ -400,9 +464,13 @@ export class CfgTotpBackupCodes {
400
464
  * Requires TOTP code for verification.
401
465
  * Invalidates all existing codes.
402
466
  */
403
- public static cfgTotpBackupCodesRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpBackupCodesRegenerateCreateData, ThrowOnError>) {
467
+ public static cfgTotpBackupCodesRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpBackupCodesRegenerateCreateData, ThrowOnError>): RequestResult<CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRegenerateCreateErrors, ThrowOnError> {
404
468
  return (options.client ?? client).post<CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRegenerateCreateErrors, ThrowOnError>({
405
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
469
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
470
+ key: 'jwtAuthWithLastLogin',
471
+ scheme: 'bearer',
472
+ type: 'http'
473
+ }],
406
474
  url: '/cfg/totp/backup-codes/regenerate/',
407
475
  ...options,
408
476
  headers: {
@@ -417,9 +485,13 @@ export class CfgTotp {
417
485
  /**
418
486
  * List all TOTP devices for user.
419
487
  */
420
- public static cfgTotpDevicesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpDevicesRetrieveData, ThrowOnError>) {
488
+ public static cfgTotpDevicesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpDevicesRetrieveData, ThrowOnError>): RequestResult<CfgTotpDevicesRetrieveResponses, unknown, ThrowOnError> {
421
489
  return (options?.client ?? client).get<CfgTotpDevicesRetrieveResponses, unknown, ThrowOnError>({
422
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
490
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
491
+ key: 'jwtAuthWithLastLogin',
492
+ scheme: 'bearer',
493
+ type: 'http'
494
+ }],
423
495
  url: '/cfg/totp/devices/',
424
496
  ...options
425
497
  });
@@ -430,9 +502,13 @@ export class CfgTotp {
430
502
  *
431
503
  * Requires verification code if removing the last/primary device.
432
504
  */
433
- public static cfgTotpDevicesDestroy<ThrowOnError extends boolean = false>(options: Options<CfgTotpDevicesDestroyData, ThrowOnError>) {
505
+ public static cfgTotpDevicesDestroy<ThrowOnError extends boolean = false>(options: Options<CfgTotpDevicesDestroyData, ThrowOnError>): RequestResult<CfgTotpDevicesDestroyResponses, unknown, ThrowOnError> {
434
506
  return (options.client ?? client).delete<CfgTotpDevicesDestroyResponses, unknown, ThrowOnError>({
435
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
507
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
508
+ key: 'jwtAuthWithLastLogin',
509
+ scheme: 'bearer',
510
+ type: 'http'
511
+ }],
436
512
  url: '/cfg/totp/devices/{id}/',
437
513
  ...options
438
514
  });
@@ -443,9 +519,13 @@ export class CfgTotp {
443
519
  *
444
520
  * Requires verification code.
445
521
  */
446
- public static cfgTotpDisableCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpDisableCreateData, ThrowOnError>) {
522
+ public static cfgTotpDisableCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpDisableCreateData, ThrowOnError>): RequestResult<CfgTotpDisableCreateResponses, CfgTotpDisableCreateErrors, ThrowOnError> {
447
523
  return (options.client ?? client).post<CfgTotpDisableCreateResponses, CfgTotpDisableCreateErrors, ThrowOnError>({
448
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
524
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
525
+ key: 'jwtAuthWithLastLogin',
526
+ scheme: 'bearer',
527
+ type: 'http'
528
+ }],
449
529
  url: '/cfg/totp/disable/',
450
530
  ...options,
451
531
  headers: {
@@ -462,9 +542,13 @@ export class CfgTotpSetup {
462
542
  *
463
543
  * Creates a new TOTP device and returns QR code for scanning.
464
544
  */
465
- public static cfgTotpSetupCreate<ThrowOnError extends boolean = false>(options?: Options<CfgTotpSetupCreateData, ThrowOnError>) {
545
+ public static cfgTotpSetupCreate<ThrowOnError extends boolean = false>(options?: Options<CfgTotpSetupCreateData, ThrowOnError>): RequestResult<CfgTotpSetupCreateResponses, CfgTotpSetupCreateErrors, ThrowOnError> {
466
546
  return (options?.client ?? client).post<CfgTotpSetupCreateResponses, CfgTotpSetupCreateErrors, ThrowOnError>({
467
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
547
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
548
+ key: 'jwtAuthWithLastLogin',
549
+ scheme: 'bearer',
550
+ type: 'http'
551
+ }],
468
552
  url: '/cfg/totp/setup/',
469
553
  ...options,
470
554
  headers: {
@@ -479,9 +563,13 @@ export class CfgTotpSetup {
479
563
  *
480
564
  * Activates the device and generates backup codes.
481
565
  */
482
- public static cfgTotpSetupConfirmCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpSetupConfirmCreateData, ThrowOnError>) {
566
+ public static cfgTotpSetupConfirmCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpSetupConfirmCreateData, ThrowOnError>): RequestResult<CfgTotpSetupConfirmCreateResponses, CfgTotpSetupConfirmCreateErrors, ThrowOnError> {
483
567
  return (options.client ?? client).post<CfgTotpSetupConfirmCreateResponses, CfgTotpSetupConfirmCreateErrors, ThrowOnError>({
484
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
568
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
569
+ key: 'jwtAuthWithLastLogin',
570
+ scheme: 'bearer',
571
+ type: 'http'
572
+ }],
485
573
  url: '/cfg/totp/setup/confirm/',
486
574
  ...options,
487
575
  headers: {
@@ -498,9 +586,13 @@ export class CfgTotpVerify {
498
586
  *
499
587
  * Completes authentication and returns JWT tokens on success.
500
588
  */
501
- public static cfgTotpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyCreateData, ThrowOnError>) {
589
+ public static cfgTotpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyCreateData, ThrowOnError>): RequestResult<CfgTotpVerifyCreateResponses, CfgTotpVerifyCreateErrors, ThrowOnError> {
502
590
  return (options.client ?? client).post<CfgTotpVerifyCreateResponses, CfgTotpVerifyCreateErrors, ThrowOnError>({
503
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
591
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
592
+ key: 'jwtAuthWithLastLogin',
593
+ scheme: 'bearer',
594
+ type: 'http'
595
+ }],
504
596
  url: '/cfg/totp/verify/',
505
597
  ...options,
506
598
  headers: {
@@ -515,9 +607,13 @@ export class CfgTotpVerify {
515
607
  *
516
608
  * Alternative verification method when TOTP device unavailable.
517
609
  */
518
- public static cfgTotpVerifyBackupCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyBackupCreateData, ThrowOnError>) {
610
+ public static cfgTotpVerifyBackupCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyBackupCreateData, ThrowOnError>): RequestResult<CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyBackupCreateErrors, ThrowOnError> {
519
611
  return (options.client ?? client).post<CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyBackupCreateErrors, ThrowOnError>({
520
- security: [{ name: 'X-API-Key', type: 'apiKey' }, { scheme: 'bearer', type: 'http' }],
612
+ security: [{ name: 'X-API-Key', type: 'apiKey' }, {
613
+ key: 'jwtAuthWithLastLogin',
614
+ scheme: 'bearer',
615
+ type: 'http'
616
+ }],
521
617
  url: '/cfg/totp/verify/backup/',
522
618
  ...options,
523
619
  headers: {
@@ -11,6 +11,7 @@ import { SWRConfig } from 'swr';
11
11
  import { useCfgRouter, useLocalStorage, useQueryParams } from '../hooks';
12
12
 
13
13
  import { api as apiAccounts } from '../../';
14
+ import { applyRoleLogPolicy } from '../../log-control';
14
15
  import { APIError } from '../../_api/generated/helpers';
15
16
  import { clearProfileCache, getCachedProfile } from '../hooks/useProfileCache';
16
17
  import { useAuthRedirectManager } from '../hooks/useAuthRedirect';
@@ -556,6 +557,13 @@ const AuthProviderInternal: React.FC<AuthProviderProps> = ({ children, config })
556
557
  return Boolean(user?.is_staff || user?.is_superuser);
557
558
  }, [user]);
558
559
 
560
+ // Role-aware console verbosity: admins (and dev) get debug logs, regular
561
+ // users in production get a clean console (errors only). Re-applied whenever
562
+ // the admin status changes (login / logout / profile load).
563
+ useEffect(() => {
564
+ applyRoleLogPolicy({ isAdmin: isAdminUser });
565
+ }, [isAdminUser]);
566
+
559
567
  // Profile management: Update profile data
560
568
  const updateProfile = useCallback(
561
569
  async (data: { first_name?: string; last_name?: string; username?: string }): Promise<UserProfile> => {
@@ -1,3 +1,21 @@
1
1
  export const isDev = process.env.NODE_ENV === 'development';
2
2
  export const isProd = !isDev;
3
3
  export const isBrowser = typeof window !== 'undefined';
4
+
5
+ /**
6
+ * Next.js static-export build (`output: 'export'`). Loggers treat it like dev
7
+ * for visibility; some auth/SSR features behave differently under it.
8
+ */
9
+ export const isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === 'true';
10
+
11
+ /**
12
+ * DPoP (RFC 9449) sender-constrained tokens are enabled for this app.
13
+ *
14
+ * Set by `createBaseNextConfig({ dpop: true })` (inlines
15
+ * `NEXT_PUBLIC_DPOP_ENABLED='true'`). When true: tokens are bound to a
16
+ * non-extractable in-browser key, a copied Bearer token can't be replayed, and
17
+ * the API client signs a per-request DPoP proof. This flag lives in
18
+ * `@djangocfg/api` — the package that implements DPoP — so it is the single
19
+ * source of truth, importable by every higher-level package.
20
+ */
21
+ export const dpopEnabled = process.env.NEXT_PUBLIC_DPOP_ENABLED === 'true';
@@ -11,15 +11,22 @@ import { createConsola } from 'consola';
11
11
  * - 3: log, info
12
12
  * - 4: debug
13
13
  * - 5: trace, verbose
14
+ *
15
+ * The level is driven by the GLOBAL runtime controller (log-control), so an
16
+ * admin can get verbose logs (even in prod) while regular users keep a clean
17
+ * console. `applyRoleLogPolicy(...)` at app bootstrap sets the policy.
14
18
  */
15
- import { isDev as isDevelopment } from './env';
16
- const isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === 'true';
17
- const showLogs = isDevelopment || isStaticBuild;
19
+ import { getLogLevel, onLogLevelChange } from '../../log-control';
18
20
 
19
21
  export const logger = createConsola({
20
- level: showLogs ? 4 : 1, // dev: debug, production: errors only
22
+ level: getLogLevel(),
21
23
  }).withTag('api');
22
24
 
25
+ // Keep the live logger's level in sync with the global controller.
26
+ onLogLevelChange((level) => {
27
+ logger.level = level;
28
+ });
29
+
23
30
  /**
24
31
  * Auth-specific logger
25
32
  */
package/src/index.ts CHANGED
@@ -34,3 +34,15 @@ export type { User } from './_api/generated/_cfg_accounts/types.gen';
34
34
 
35
35
  // Legacy alias for code that still imports `api` (= cfg_accounts singleton).
36
36
  export { CfgAccountsApi as api } from './_api/generated';
37
+
38
+ // Global runtime log-level control (role-aware verbosity).
39
+ export {
40
+ getLogLevel,
41
+ setLogLevel,
42
+ onLogLevelChange,
43
+ applyRoleLogPolicy,
44
+ type ConsolaLevel,
45
+ } from './log-control';
46
+
47
+ // Env flags — single source of truth (api is the lowest shared package).
48
+ export { isDev, isProd, isBrowser, isStaticBuild, dpopEnabled } from './auth/utils/env';
@@ -0,0 +1,81 @@
1
+ /**
2
+ * Global runtime log-level control.
3
+ *
4
+ * One mutable level that every `@djangocfg/*` consola wrapper reads, so the
5
+ * whole app's console verbosity can be changed at runtime (e.g. raised for an
6
+ * admin, kept silent for a regular user in production) WITHOUT each package
7
+ * hardcoding `isDev ? 4 : 1`.
8
+ *
9
+ * Lives in `@djangocfg/api` because it's the lowest shared package — api,
10
+ * layouts, centrifugo, ui-core consumers can all import it without a cycle.
11
+ *
12
+ * consola levels: 0 silent · 1 error · 2 warn · 3 info · 4 debug · 5 trace.
13
+ *
14
+ * Default policy (before anyone calls setLogLevel):
15
+ * - dev / static build → 4 (debug)
16
+ * - production → 1 (errors only)
17
+ * App bootstrap should call `applyRoleLogPolicy({ isAdmin, isDev })` once auth
18
+ * is known to raise verbosity for staff/superusers even in production.
19
+ */
20
+
21
+ import { isDev, isStaticBuild } from './auth/utils/env';
22
+
23
+ export type ConsolaLevel = 0 | 1 | 2 | 3 | 4 | 5;
24
+
25
+ /** Dev or a static export → show verbose logs by default. */
26
+ const verboseByDefault = isDev || isStaticBuild;
27
+
28
+ const DEFAULT_LEVEL: ConsolaLevel = verboseByDefault ? 4 : 1;
29
+
30
+ let _level: ConsolaLevel = DEFAULT_LEVEL;
31
+
32
+ /** Subscribers (the wrapper loggers) notified when the level changes. */
33
+ const _subscribers = new Set<(level: ConsolaLevel) => void>();
34
+
35
+ /** Current global log level. Wrappers read this when constructing/refreshing. */
36
+ export function getLogLevel(): ConsolaLevel {
37
+ return _level;
38
+ }
39
+
40
+ /** Set the global log level and notify all live loggers. */
41
+ export function setLogLevel(level: ConsolaLevel): void {
42
+ _level = level;
43
+ for (const fn of _subscribers) {
44
+ try {
45
+ fn(level);
46
+ } catch {
47
+ /* a bad subscriber must not break logging */
48
+ }
49
+ }
50
+ }
51
+
52
+ /**
53
+ * Subscribe to level changes. Returns an unsubscribe fn. The callback fires
54
+ * immediately with the current level so a logger can sync on registration.
55
+ */
56
+ export function onLogLevelChange(fn: (level: ConsolaLevel) => void): () => void {
57
+ _subscribers.add(fn);
58
+ try {
59
+ fn(_level);
60
+ } catch {
61
+ /* ignore */
62
+ }
63
+ return () => _subscribers.delete(fn);
64
+ }
65
+
66
+ /**
67
+ * Apply the role-aware policy. Call once at bootstrap and whenever auth changes.
68
+ *
69
+ * - admin (is_staff / is_superuser): full verbosity (debug) everywhere, even
70
+ * in production — so support/devs can diagnose live without a redeploy.
71
+ * - dev (non-admin): debug.
72
+ * - production regular user: errors only — a clean console, like big SaaS apps.
73
+ */
74
+ export function applyRoleLogPolicy(opts: { isAdmin: boolean; isDev?: boolean }): void {
75
+ const devMode = opts.isDev ?? verboseByDefault;
76
+ if (opts.isAdmin || devMode) {
77
+ setLogLevel(4);
78
+ } else {
79
+ setLogLevel(1);
80
+ }
81
+ }