@gemka/core 0.4.0 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/auth.d.ts ADDED
@@ -0,0 +1,31 @@
1
+ // Type declarations for @gemka/core/auth.
2
+
3
+ /**
4
+ * How long (in seconds) the one-shot OAuth return marker lives.
5
+ */
6
+ export declare const OAUTH_RETURN_MAX_AGE: 180;
7
+
8
+ /**
9
+ * Optimistic signed-in hint from the raw cookie string ("a=1; b=2" form).
10
+ *
11
+ * Returns true when a Clerk UAT cookie ("__client_uat" or "__client_uat_<hash>")
12
+ * is present and non-"0", or when `markerName` names a present, truthy cookie.
13
+ */
14
+ export declare function isSignedInFromCookies(
15
+ cookieString: string | null | undefined,
16
+ markerName?: string
17
+ ): boolean;
18
+
19
+ /**
20
+ * Build the OAuth return marker cookie string, set client-side right before
21
+ * redirecting to gemka.co sign-in.
22
+ */
23
+ export declare function oauthReturnMarker(
24
+ name: string,
25
+ options?: { secure?: boolean }
26
+ ): string;
27
+
28
+ /**
29
+ * Build the cookie string that clears the OAuth return marker.
30
+ */
31
+ export declare function clearOauthReturnMarker(name: string): string;
package/auth.js ADDED
@@ -0,0 +1,59 @@
1
+ // @gemka/core/auth — optimistic-auth primitives shared by GemKa apps.
2
+ //
3
+ // Framework-agnostic and zero-dependency: pure string in, value out. No DOM
4
+ // access, no next/headers, no reading document.cookie inside this module —
5
+ // callers pass the raw cookie string. That's what lets the same code serve a
6
+ // vanilla app, an SSR server component, and a client component.
7
+
8
+ /**
9
+ * How long (in seconds) the one-shot OAuth return marker lives. Short enough to
10
+ * only cover the round-trip back from gemka.co sign-in.
11
+ */
12
+ export const OAUTH_RETURN_MAX_AGE = 180;
13
+
14
+ /**
15
+ * Optimistic signed-in hint from the raw cookie string ("a=1; b=2" form).
16
+ *
17
+ * Returns true when either:
18
+ * - a Clerk UAT cookie is present and non-"0" — its name is exactly
19
+ * "__client_uat" or starts with "__client_uat_" (Clerk's multi-app suffix), or
20
+ * - markerName is provided and that cookie is present with a truthy value
21
+ * (the short-lived OAuth return marker).
22
+ */
23
+ export function isSignedInFromCookies(cookieString, markerName) {
24
+ if (!cookieString) return false;
25
+
26
+ const pairs = cookieString.split(";");
27
+ for (const pair of pairs) {
28
+ const eq = pair.indexOf("=");
29
+ if (eq === -1) continue;
30
+ const name = pair.slice(0, eq).trim();
31
+ const value = pair.slice(eq + 1).trim();
32
+
33
+ if (name === "__client_uat" || name.startsWith("__client_uat_")) {
34
+ if (value && value !== "0") return true;
35
+ }
36
+
37
+ if (markerName && name === markerName && value) return true;
38
+ }
39
+
40
+ return false;
41
+ }
42
+
43
+ /**
44
+ * Build the OAuth return marker cookie string. Set client-side
45
+ * (document.cookie = ...) right before redirecting to gemka.co sign-in.
46
+ */
47
+ export function oauthReturnMarker(name, { secure } = {}) {
48
+ let cookie = `${name}=1; Max-Age=${OAUTH_RETURN_MAX_AGE}; Path=/; SameSite=Lax`;
49
+ if (secure) cookie += "; Secure";
50
+ return cookie;
51
+ }
52
+
53
+ /**
54
+ * Build the cookie string that clears the OAuth return marker (one-shot clear
55
+ * after consumption).
56
+ */
57
+ export function clearOauthReturnMarker(name) {
58
+ return `${name}=; Max-Age=0; Path=/; SameSite=Lax`;
59
+ }
package/chrome.css CHANGED
@@ -425,6 +425,7 @@
425
425
  .theme-vintage .dd-bar-fill.completed { background: var(--gk-accent); }
426
426
  .theme-vintage .dd-bar-fill.sustaining,
427
427
  .theme-vintage .dd-bar-fill.created { background: var(--gk-ink); }
428
+ .theme-vintage .dd-bar-fill.checkpoint { background: var(--gk-checkpoint-bar); }
428
429
  .theme-vintage .dd-bar-value {
429
430
  min-width: var(--dd-bar-value-w, 16px);
430
431
  font-size: var(--dd-bar-value-size, 0.72rem);
package/package.json CHANGED
@@ -1,14 +1,24 @@
1
1
  {
2
2
  "name": "@gemka/core",
3
- "version": "0.4.0",
3
+ "version": "0.5.1",
4
4
  "description": "Canonical GemKa design tokens (cream paper, oxblood accent, warm neutrals, Inter + Fraunces).",
5
5
  "license": "UNLICENSED",
6
+ "type": "module",
7
+ "scripts": {
8
+ "test": "node --test"
9
+ },
6
10
  "files": [
7
11
  "tokens.css",
8
- "chrome.css"
12
+ "chrome.css",
13
+ "auth.js",
14
+ "auth.d.ts"
9
15
  ],
10
16
  "exports": {
11
17
  "./tokens.css": "./tokens.css",
12
- "./chrome.css": "./chrome.css"
18
+ "./chrome.css": "./chrome.css",
19
+ "./auth": {
20
+ "types": "./auth.d.ts",
21
+ "default": "./auth.js"
22
+ }
13
23
  }
14
24
  }
package/tokens.css CHANGED
@@ -25,6 +25,9 @@
25
25
  /* Shared row-hover tint */
26
26
  --gk-hover-cream: #f0ece0;
27
27
 
28
+ /* Neutral magnitude bars */
29
+ --gk-checkpoint-bar: #7C766B; /* warm taupe grey — neutral magnitude bars, distinct from oxblood (deep) and ink (sustaining) */
30
+
28
31
  /* Type */
29
32
  --gk-font-sans: "Inter", -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif;
30
33
  --gk-font-serif: "Fraunces", Georgia, "Times New Roman", serif;