@djangocfg/api 2.1.58 → 2.1.60

package/README.md

@@ -144,6 +144,7 @@ import {
   useGithubAuth,        // GitHub OAuth integration
   useTwoFactor,         // 2FA verification (verify TOTP code)
   useTwoFactorSetup,    // 2FA setup flow (generate QR, verify, enable)
+  useTwoFactorStatus,   // 2FA status check and disable
   useAutoAuth,          // Auto-authentication on mount
   useLocalStorage,      // localStorage helper
   useSessionStorage,    // sessionStorage helper
@@ -416,6 +417,46 @@ export function TwoFactorSetup() {
 }
 ```
 
+### useTwoFactorStatus
+
+Check 2FA status and disable 2FA for authenticated users:
+
+```tsx
+'use client';
+import { useTwoFactorStatus } from '@djangocfg/api/auth';
+
+export function TwoFactorStatus() {
+  const {
+    // State
+    has2FAEnabled,  // boolean | null - current 2FA status
+    devices,        // TwoFactorDevice[] - list of TOTP devices
+    isLoading,
+    error,
+
+    // Actions
+    fetchStatus,    // () => Promise<void> - refresh status
+    disable2FA,     // (code: string) => Promise<boolean> - disable with TOTP code
+    clearError,     // () => void
+  } = useTwoFactorStatus();
+
+  useEffect(() => {
+    fetchStatus();
+  }, [fetchStatus]);
+
+  if (has2FAEnabled) {
+    return (
+      <div>
+        <p>2FA is enabled</p>
+        <p>Devices: {devices.length}</p>
+        <button onClick={() => disable2FA('123456')}>Disable 2FA</button>
+      </div>
+    );
+  }
+
+  return <p>2FA is not enabled</p>;
+}
+```
+
 ## Server Components & API Routes
 
 Use fetchers for server-side data fetching:

package/dist/auth.cjs

@@ -61,6 +61,7 @@ __export(auth_exports, {
   useSessionStorage: () => useSessionStorage,
   useTwoFactor: () => useTwoFactor,
   useTwoFactorSetup: () => useTwoFactorSetup,
+  useTwoFactorStatus: () => useTwoFactorStatus,
   validateEmail: () => validateEmail,
   validateIdentifier: () => validateIdentifier
 });
@@ -5886,7 +5887,8 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
     sourceUrl,
     redirectUrl,
     requireTermsAcceptance = false,
-    authPath = "/auth"
+    authPath = "/auth",
+    enable2FASetup = true
   } = options;
   const formState = useAuthFormState();
   const validation = useAuthValidation();
@@ -6041,14 +6043,18 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
       }
       if (result.success) {
         saveIdentifierToStorage(submitIdentifier, submitChannel);
-        if (result.should_prompt_2fa) {
+        if (result.should_prompt_2fa && enable2FASetup) {
           authLogger.info("OTP verification successful, prompting 2FA setup");
           setShouldPrompt2FA(true);
           setStep("2fa-setup");
           onOTPSuccess?.();
           return true;
         }
-        authLogger.info("OTP verification successful, showing success screen");
+        if (result.should_prompt_2fa && !enable2FASetup) {
+          authLogger.info("OTP verification successful, skipping 2FA setup prompt (disabled)");
+        } else {
+          authLogger.info("OTP verification successful, showing success screen");
+        }
         setStep("success");
         onOTPSuccess?.();
         return true;
@@ -6065,7 +6071,7 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
     } finally {
       setIsLoading(false);
     }
-  }, [verifyOTP, saveIdentifierToStorage, setError, setIsLoading, clearError, onOTPSuccess, onError, sourceUrl, redirectUrl, setTwoFactorSessionId, setShouldPrompt2FA, setStep]);
+  }, [verifyOTP, saveIdentifierToStorage, setError, setIsLoading, clearError, onOTPSuccess, onError, sourceUrl, redirectUrl, setTwoFactorSessionId, setShouldPrompt2FA, setStep, enable2FASetup]);
   const handleOTPSubmit = (0, import_react8.useCallback)(async (e) => {
     e.preventDefault();
     await submitOTP(identifier, otp, channel);
@@ -6391,15 +6397,84 @@ var useTwoFactorSetup = /* @__PURE__ */ __name((options = {}) => {
   };
 }, "useTwoFactorSetup");
 
-// src/auth/hooks/useAuthGuard.ts
+// src/auth/hooks/useTwoFactorStatus.ts
 var import_react11 = require("react");
+var useTwoFactorStatus = /* @__PURE__ */ __name(() => {
+  const [isLoading, setIsLoading] = (0, import_react11.useState)(false);
+  const [error, setError] = (0, import_react11.useState)(null);
+  const [has2FAEnabled, setHas2FAEnabled] = (0, import_react11.useState)(null);
+  const [devices, setDevices] = (0, import_react11.useState)([]);
+  const clearError = (0, import_react11.useCallback)(() => {
+    setError(null);
+  }, []);
+  const fetchStatus = (0, import_react11.useCallback)(async () => {
+    setIsLoading(true);
+    setError(null);
+    try {
+      authLogger.info("Fetching 2FA status...");
+      const response = await apiTotp.totp_management.totpDevicesList();
+      const mappedDevices = (response.results || []).map((device) => ({
+        id: device.id,
+        name: device.name,
+        createdAt: device.created_at,
+        lastUsedAt: device.last_used_at ?? null,
+        isPrimary: device.is_primary
+      }));
+      setDevices(mappedDevices);
+      const enabled = mappedDevices.length > 0;
+      setHas2FAEnabled(enabled);
+      authLogger.info("2FA status:", enabled ? "enabled" : "disabled");
+    } catch (err) {
+      const errorMessage = err instanceof Error ? err.message : "Failed to fetch 2FA status";
+      authLogger.error("Failed to fetch 2FA status:", err);
+      setError(errorMessage);
+    } finally {
+      setIsLoading(false);
+    }
+  }, []);
+  const disable2FA = (0, import_react11.useCallback)(async (code) => {
+    if (!code || code.length !== 6) {
+      setError("Please enter a 6-digit code");
+      return false;
+    }
+    setIsLoading(true);
+    setError(null);
+    try {
+      authLogger.info("Disabling 2FA...");
+      await apiTotp.totp_management.totpDisableCreate({ code });
+      setHas2FAEnabled(false);
+      setDevices([]);
+      authLogger.info("2FA disabled successfully");
+      return true;
+    } catch (err) {
+      const errorMessage = err instanceof Error ? err.message : "Invalid verification code";
+      authLogger.error("Failed to disable 2FA:", err);
+      setError(errorMessage);
+      return false;
+    } finally {
+      setIsLoading(false);
+    }
+  }, []);
+  return {
+    isLoading,
+    error,
+    has2FAEnabled,
+    devices,
+    fetchStatus,
+    disable2FA,
+    clearError
+  };
+}, "useTwoFactorStatus");
+
+// src/auth/hooks/useAuthGuard.ts
+var import_react12 = require("react");
 var import_hooks6 = require("@djangocfg/ui-nextjs/hooks");
 var useAuthGuard = /* @__PURE__ */ __name((options = {}) => {
   const { redirectTo = "/auth", requireAuth = true, saveRedirectUrl: shouldSaveUrl = true } = options;
   const { isAuthenticated, isLoading, saveRedirectUrl } = useAuth();
   const router = (0, import_hooks6.useCfgRouter)();
-  const [isRedirecting, setIsRedirecting] = (0, import_react11.useState)(false);
-  (0, import_react11.useEffect)(() => {
+  const [isRedirecting, setIsRedirecting] = (0, import_react12.useState)(false);
+  (0, import_react12.useEffect)(() => {
     if (!isLoading && requireAuth && !isAuthenticated && !isRedirecting) {
       if (shouldSaveUrl && typeof window !== "undefined") {
         const currentUrl = window.location.pathname + window.location.search;
@@ -6413,9 +6488,9 @@ var useAuthGuard = /* @__PURE__ */ __name((options = {}) => {
 }, "useAuthGuard");
 
 // src/auth/hooks/useLocalStorage.ts
-var import_react12 = require("react");
+var import_react13 = require("react");
 function useLocalStorage2(key, initialValue) {
-  const [storedValue, setStoredValue] = (0, import_react12.useState)(() => {
+  const [storedValue, setStoredValue] = (0, import_react13.useState)(() => {
     if (typeof window === "undefined") {
       return initialValue;
     }