@explita/cloud-auth-client 0.1.3 → 0.2.1

package/dist/components/login-form.js

@@ -77,7 +77,6 @@ function Login({ className, logo, ...props }) {
             setIsAuthenticated(true);
         }
         setIsPending(false);
-        // return { email: formData.get("email") as string };
     }
     return (react_1.default.createElement("div", { className: (0, utils_1.cn)("ecpauth:relative ecpauth:flex ecpauth:flex-col ecpauth:items-center ecpauth:justify-center ecpauth:w-full ecpauth:mx-auto ecpauth:px-4", className), ...props },
         isAuthenticated && react_1.default.createElement(loader_1.Loader, null),
@@ -91,7 +90,7 @@ function Login({ className, logo, ...props }) {
                     react_1.default.createElement(card_1.CardTitle, { className: "ecpauth:text-2xl ecpauth:font-black ecpauth:tracking-tight ecpauth:text-gray-900 ecpauth:dark:text-white" }, "Welcome Back"),
                     react_1.default.createElement(card_1.CardDescription, { className: "ecpauth:text-sm ecpauth:text-gray-500 ecpauth:dark:text-gray-400" }, "Enter your credentials to access the dashboard.")),
                 error?.message && (react_1.default.createElement("p", { className: "ecpauth:text-red-500 ecpauth:mt-3 ecpauth:text-sm ecpauth:font-medium" }, error.message))),
-            react_1.default.createElement(card_1.CardContent, { className: "ecpauth:space-y-6 ecpauth:p-8 ecpauth:px-12" },
+            react_1.default.createElement(card_1.CardContent, { className: "ecpauth:space-y-6 ecpauth:p-8 ecpauth:lg:px-12" },
                 react_1.default.createElement("form", { onSubmit: handleSubmit, className: "ecpauth:space-y-6" },
                     react_1.default.createElement("div", { className: "ecpauth:space-y-4" },
                         react_1.default.createElement("div", { className: "ecpauth:space-y-2" },

package/dist/components/reset-password.js

@@ -96,7 +96,7 @@ function ResetPassword({ className, onChangePassword, logo, ...props }) {
                 state?.status === "success" ? (react_1.default.createElement("div", { className: "ecpauth:mt-3" },
                     react_1.default.createElement(message_1.Message, { message: state?.message, variant: "success" }))) : state?.message ? (react_1.default.createElement("div", { className: "ecpauth:mt-3" },
                     react_1.default.createElement(message_1.Message, { message: state?.message }))) : null),
-            react_1.default.createElement(card_1.CardContent, { className: "ecpauth:space-y-6 ecpauth:p-8 ecpauth:px-12" },
+            react_1.default.createElement(card_1.CardContent, { className: "ecpauth:space-y-6 ecpauth:p-8 ecpauth:lg:px-12" },
                 !token ? (react_1.default.createElement("form", { onSubmit: handleSubmit, className: "ecpauth:space-y-6" },
                     react_1.default.createElement("div", { className: "ecpauth:space-y-2" },
                         react_1.default.createElement(label_1.Label, { htmlFor: "email", className: "ecpauth:text-sm ecpauth:font-medium ecpauth:text-gray-700 ecpauth:dark:text-gray-300" }, "Email Address"),

package/dist/components/signup-form.js

@@ -108,7 +108,7 @@ function Signup({ className, onSubmit, groupId, metadata, acceptUsername = true,
                 state?.status === "success" ? (react_1.default.createElement("div", { className: "ecpauth:mt-3" },
                     react_1.default.createElement(message_1.Message, { message: state?.message, variant: "success" }))) : state?.message ? (react_1.default.createElement("div", { className: "ecpauth:mt-3" },
                     react_1.default.createElement(message_1.Message, { message: state?.message }))) : null),
-            react_1.default.createElement(card_1.CardContent, { className: "ecpauth:space-y-6 ecpauth:p-8 ecpauth:px-12" },
+            react_1.default.createElement(card_1.CardContent, { className: "ecpauth:space-y-6 ecpauth:p-8 ecpauth:lg:px-12" },
                 react_1.default.createElement("form", { onSubmit: handleSubmit, className: "ecpauth:space-y-6" },
                     react_1.default.createElement("div", { className: "ecpauth:grid ecpauth:grid-cols-1 ecpauth:md:grid-cols-2 ecpauth:gap-4" },
                         react_1.default.createElement("div", { className: "ecpauth:space-y-2" },

package/dist/contexts/auth-provider.js

@@ -49,8 +49,7 @@ function AuthProvider({ children, config }) {
     const [user, setUser] = (0, react_1.useState)(null);
     const [loading, setLoading] = (0, react_1.useState)(false);
     const [error, setError] = (0, react_1.useState)(null);
-    const [isAuthenticated, setIsAuthenticated] = (0, react_1.useState)(false);
-    const [transition, startTransition] = (0, react_1.useTransition)();
+    const [_, startTransition] = (0, react_1.useTransition)();
     const withFullObject = (0, utils_1.shouldPassFullUserObject)();
     const computedRouteContext = (0, utils_1.buildRouteContext)(config);
     const { loginUrl, resetPasswordUrl, dashboardUrl, returnPathRaw, isExcluded, } = computedRouteContext;
@@ -69,14 +68,6 @@ function AuthProvider({ children, config }) {
         if (!token)
             return;
         if (!navigator.onLine) {
-            try {
-                const payload = (0, utils_1.parseJwt)(token);
-                setUser(payload?.user);
-                setIsAuthenticated(true);
-            }
-            catch (e) {
-                console.warn("[ecp-auth] Invalid token format:", e);
-            }
             console.warn("[ecp-auth] Offline — skipping fetchCurrentUser()");
             return;
         }
@@ -84,10 +75,8 @@ function AuthProvider({ children, config }) {
         try {
             const res = await (0, api_1.apiFactory)("/me", { method: "GET" });
             setUser(res.user);
-            setIsAuthenticated(true);
         }
         catch (err) {
-            console.warn("[ecp-auth] Failed to fetch user:", err);
             await logout("server_unavailable");
         }
         finally {
@@ -97,7 +86,7 @@ function AuthProvider({ children, config }) {
     (0, react_1.useEffect)(() => {
         fetchCurrentUser();
     }, []);
-    async function login(credentials) {
+    const login = (0, react_1.useCallback)(async (credentials) => {
         setError(null);
         setLoading(true);
         try {
@@ -109,7 +98,6 @@ function AuthProvider({ children, config }) {
             });
             const { authToken, user, with2fa } = res;
             if (authToken && !with2fa) {
-                setIsAuthenticated(true);
                 await redirectAfterLogin(authToken, res.tempRefreshToken);
                 return null;
             }
@@ -126,8 +114,8 @@ function AuthProvider({ children, config }) {
         finally {
             setLoading(false);
         }
-    }
-    async function sendPasswordResetRequest(email) {
+    }, []);
+    const sendPasswordResetRequest = (0, react_1.useCallback)(async (email) => {
         try {
             const res = await (0, api_1.apiFactory)("/reset-password", {
                 body: { email, passwordResetLink: resetPasswordUrl },
@@ -140,8 +128,8 @@ function AuthProvider({ children, config }) {
             }
             return { message: err.message, status: "failure" };
         }
-    }
-    async function logout(reason = "", params) {
+    }, []);
+    const logout = (0, react_1.useCallback)(async (reason = "", params) => {
         let logoutSucceeded = false;
         try {
             await (0, api_1.apiFactory)("/logout");
@@ -151,7 +139,6 @@ function AuthProvider({ children, config }) {
             if ([401, 403].includes(err.status)) {
                 logoutSucceeded = true;
             }
-            console.error("Logout failed:", err);
         }
         const forceLogout = ["user_logout", "server_unavailable"].includes(reason);
         if (logoutSucceeded || forceLogout) {
@@ -168,42 +155,56 @@ function AuthProvider({ children, config }) {
                 window.location.href = `${loginUrl}?${fullParams}`;
             }
         }
-    }
+    }, [loginUrl, returnPathRaw, config]);
     (0, use_token_refresher_1.useTokenRefresher)({
         config,
         refreshTokenRequest: async () => {
-            const res = await (0, api_1.apiFactory)("/refresh", {
+            return await (0, api_1.apiFactory)("/refresh", {
                 body: {
                     withFullObject,
                 },
             });
-            return res;
         },
         onTokenRefreshed: (authToken, tempRefreshToken) => {
             localStorage.setItem(constants_1.AUTH_TOKEN_KEY, authToken);
             config?.cookieOverride?.(tempRefreshToken);
         },
-        revalidateUserWhenOnline: fetchCurrentUser,
+        // revalidateUserWhenOnline: fetchCurrentUser,
         onRefreshFailed: async () => await logout("session_expired"),
     });
+    const userLogout = (0, react_1.useCallback)((params) => logout("user_logout", params), [logout]);
+    const revalidate = (0, react_1.useCallback)(() => startTransition(fetchCurrentUser), [fetchCurrentUser]);
+    const contextValue = (0, react_1.useMemo)(() => {
+        return {
+            user,
+            isLoading: loading,
+            isAuthenticated: !!user,
+            error,
+            computedRouteContext,
+            login,
+            sendPasswordResetRequest,
+            logout: userLogout,
+            hasPermission: (permission) => (0, utils_1.hasPermission)(user, permission),
+            revalidate,
+            getToken: () => (0, utils_1.getClientToken)(),
+        };
+    }, [
+        user,
+        loading,
+        error,
+        computedRouteContext,
+        login,
+        sendPasswordResetRequest,
+        fetchCurrentUser,
+        userLogout,
+        revalidate,
+    ]);
     return (react_1.default.createElement(react_1.default.Fragment, null,
         react_1.default.createElement(optional_otp_wrapper_1.OptionalOTPWrapper, { user: twoFAData, onVerified: redirectAfterLogin, onCanceled: () => {
                 setTwoFAData(null);
             } }),
         !disableLoading && loading && react_1.default.createElement(loader_1.Loader, null),
-        react_1.default.createElement(AuthContext.Provider, { value: {
-                user,
-                isLoading: loading,
-                isAuthenticated,
-                error,
-                computedRouteContext,
-                login,
-                sendPasswordResetRequest,
-                logout: (params) => logout("user_logout", params),
-                hasPermission: (permission) => (0, utils_1.hasPermission)(user, permission),
-                revalidate: () => startTransition(fetchCurrentUser),
-                getToken: () => (0, utils_1.getClientToken)(),
-            } }, children)));
+        react_1.default.createElement(AuthContext.Provider, { value: contextValue }, children)));
 }
 function useAuth() {
     const ctx = (0, react_1.useContext)(AuthContext);

package/dist/lib/api-server.js

@@ -18,6 +18,7 @@ async function apiServer(apiPath, options) {
         headers: {
             "Content-Type": "application/json",
             Authorization: `Bearer ${token}`,
+            "x-server-to-server": "true",
             "x-api-key": apiKey,
             "x-api-version": version,
             "x-workspace-id": workspaceId,

package/dist/lib/utils.d.ts

@@ -1,4 +1,4 @@
-import { AuthConfig, QueryOpts, User } from "../types";
+import { AuthConfig, QueryOpts, TokenSession, User } from "../types";
 export declare function cn(...classes: (string | false | null | undefined)[]): string;
 export declare function unstuckPointerEvents(): void;
 export declare function buildRouteContext(config?: AuthConfig, currentPath?: string): {
@@ -13,7 +13,7 @@ export declare function buildRouteContext(config?: AuthConfig, currentPath?: str
     isExcluded: boolean;
 };
 export declare function getClientToken(): string;
-export declare function hasPermission(user: User | null, permission: string): boolean;
+export declare function hasPermission(session: User | TokenSession | null, permission: string): boolean;
 export declare function parseMessage(message: string): string;
 export declare function parseGroupId(data?: QueryOpts["groupIds"]): string;
 export declare function parseJwt(token: string): any;

package/dist/lib/utils.js

@@ -102,10 +102,10 @@ function getClientToken() {
         ? localStorage.getItem(constants_1.AUTH_TOKEN_KEY) || ""
         : "";
 }
-function hasPermission(user, permission) {
-    if (!user)
+function hasPermission(session, permission) {
+    if (!session)
         return false;
-    return user.role.permissions?.includes(permission) || user.isSuperAdmin;
+    return session.role.permissions?.includes(permission) || session.isSuperAdmin;
 }
 function parseMessage(message) {
     return message == "fetch failed" || message == "Failed to fetch"

package/dist/server/index.d.ts

@@ -3,6 +3,7 @@ export * from "./reset-password";
 export * from "./user";
 export * from "./next-cookie-override";
 export * from "./server-session";
+export * from "./token-session";
 export * from "./server-token";
 export * from "./role";
 export { hasPermission } from "../lib/utils";

package/dist/server/index.js

@@ -20,6 +20,7 @@ __exportStar(require("./reset-password"), exports);
 __exportStar(require("./user"), exports);
 __exportStar(require("./next-cookie-override"), exports);
 __exportStar(require("./server-session"), exports);
+__exportStar(require("./token-session"), exports);
 __exportStar(require("./server-token"), exports);
 __exportStar(require("./role"), exports);
 var utils_1 = require("../lib/utils");

package/dist/server/server-session.d.ts

@@ -1,8 +1,2 @@
-import { User } from "../types";
-export declare function getServerSession(): Promise<(User & {
-    meta: {
-        sessionId: string;
-        exp: number;
-        iat: number;
-    };
-}) | null>;
+import { ServerSession } from "../types";
+export declare const getServerSession: () => Promise<ServerSession | null>;

package/dist/server/server-session.js

@@ -1,36 +1,37 @@
 "use server";
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getServerSession = getServerSession;
+exports.getServerSession = void 0;
+const react_1 = require("react");
+const api_1 = require("../lib/api");
 const utils_1 = require("../lib/utils");
 const server_token_1 = require("./server-token");
-async function getServerSession() {
+exports.getServerSession = (0, react_1.cache)(async function () {
     try {
         const token = await (0, server_token_1.getServerToken)();
         if (!token)
             return null;
         const session = (0, utils_1.parseJwt)(token);
-        const expiresAt = session.exp * 1000;
-        const now = Date.now();
-        if (now > expiresAt) {
+        if (!session)
             return null;
-        }
+        const now = Date.now();
+        if (now > session.exp * 1000 - 1000)
+            return null; // 1s buffer
+        const res = await (0, api_1.apiFactory)("/me-server", {
+            method: "GET",
+            cache: "no-store",
+        });
         return {
-            ...session.user,
+            ...res.user,
             meta: {
                 sessionId: session.sessionId,
                 exp: session.exp,
                 iat: session.iat,
             },
         };
-        // const res = await apiFactory("/me-server", {
-        //   method: "GET",
-        //   cache: "no-store",
-        // });
-        // return res.user;
     }
-    catch (error) {
-        console.log(error);
+    catch (err) {
+        console.error("[getServerSession] Failed to fetch user:", err);
         return null;
     }
-}
+});

package/dist/server/token-session.d.ts

@@ -0,0 +1,7 @@
+import { TokenSession } from "../types";
+/**
+ * Reads session from JWT in cookies.
+ * No network call. No server validation.
+ * Intended for middleware / edge usage.
+ */
+export declare function getTokenSession<T extends Record<string, any>>(): Promise<TokenSession<T> | null>;

package/dist/server/token-session.js

@@ -0,0 +1,36 @@
+"use server";
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getTokenSession = getTokenSession;
+const utils_1 = require("../lib/utils");
+const server_token_1 = require("./server-token");
+/**
+ * Reads session from JWT in cookies.
+ * No network call. No server validation.
+ * Intended for middleware / edge usage.
+ */
+async function getTokenSession() {
+    try {
+        const token = await (0, server_token_1.getServerToken)();
+        if (!token)
+            return null;
+        const session = (0, utils_1.parseJwt)(token);
+        if (!session)
+            return null;
+        const now = Date.now();
+        if (now > session.exp * 1000 - 5000)
+            return null; // 5s buffer
+        return {
+            ...session.user,
+            meta: {
+                sessionId: session.sessionId,
+                exp: session.exp,
+                iat: session.iat,
+            },
+        };
+    }
+    catch (err) {
+        console.error("[getTokenSession] Failed:", err);
+        return null;
+    }
+}