@githat/nextjs 0.2.1 → 0.2.3

package/dist/index.mjs

@@ -18,15 +18,16 @@ function resolveConfig(config) {
     signInUrl: config.signInUrl || "/sign-in",
     signUpUrl: config.signUpUrl || "/sign-up",
     afterSignInUrl: config.afterSignInUrl || "/dashboard",
-    afterSignOutUrl: config.afterSignOutUrl || "/"
+    afterSignOutUrl: config.afterSignOutUrl || "/",
+    tokenStorage: config.tokenStorage || "localStorage"
   };
 }
 
 // src/client.ts
 var _refreshPromise = null;
-async function refreshTokens(apiUrl, appKey) {
-  const refreshToken = typeof window !== "undefined" ? localStorage.getItem(TOKEN_KEYS.refreshToken) : null;
-  if (!refreshToken) return false;
+async function refreshTokens(apiUrl, appKey, useCookies) {
+  const refreshToken = typeof window !== "undefined" && !useCookies ? localStorage.getItem(TOKEN_KEYS.refreshToken) : null;
+  if (!useCookies && !refreshToken) return false;
   let orgId = null;
   try {
     const orgStr = localStorage.getItem(TOKEN_KEYS.org);
@@ -34,18 +35,22 @@ async function refreshTokens(apiUrl, appKey) {
   } catch {
   }
   try {
-    const res = await fetch(`${apiUrl}/auth/refresh`, {
+    const refreshUrl = useCookies ? `${apiUrl}/auth/refresh?setCookie=true` : `${apiUrl}/auth/refresh`;
+    const res = await fetch(refreshUrl, {
       method: "POST",
       headers: {
         "Content-Type": "application/json",
         "X-GitHat-App-Key": appKey
       },
-      body: JSON.stringify({ refreshToken, orgId })
+      credentials: useCookies ? "include" : "same-origin",
+      body: JSON.stringify(useCookies ? { orgId } : { refreshToken, orgId })
     });
     if (!res.ok) return false;
     const data = await res.json();
-    if (data.accessToken) localStorage.setItem(TOKEN_KEYS.accessToken, data.accessToken);
-    if (data.refreshToken) localStorage.setItem(TOKEN_KEYS.refreshToken, data.refreshToken);
+    if (!useCookies) {
+      if (data.accessToken) localStorage.setItem(TOKEN_KEYS.accessToken, data.accessToken);
+      if (data.refreshToken) localStorage.setItem(TOKEN_KEYS.refreshToken, data.refreshToken);
+    }
     if (data.org) localStorage.setItem(TOKEN_KEYS.org, JSON.stringify(data.org));
     return true;
   } catch {
@@ -55,53 +60,66 @@ async function refreshTokens(apiUrl, appKey) {
 function clearAuth() {
   if (typeof window === "undefined") return;
   Object.values(TOKEN_KEYS).forEach((key) => localStorage.removeItem(key));
-  window.dispatchEvent(new CustomEvent("githat:auth-changed", {
-    detail: { user: null, org: null, signedIn: false }
-  }));
+  window.dispatchEvent(
+    new CustomEvent("githat:auth-changed", {
+      detail: { user: null, org: null, signedIn: false }
+    })
+  );
 }
-function createClient(apiUrl, appKey) {
-  async function fetchApi(endpoint, options = {}) {
+function createClient(apiUrl, appKey, options = {}) {
+  const { useCookies = false } = options;
+  async function fetchApi(endpoint, fetchOptions = {}) {
     const url = `${apiUrl}${endpoint}`;
-    const token = typeof window !== "undefined" ? localStorage.getItem(TOKEN_KEYS.accessToken) : null;
+    const token = typeof window !== "undefined" && !useCookies ? localStorage.getItem(TOKEN_KEYS.accessToken) : null;
     const headers = {
       "Content-Type": "application/json",
       "X-GitHat-App-Key": appKey,
       ...token && { Authorization: `Bearer ${token}` },
-      ...options.headers
+      ...fetchOptions.headers
     };
     let response;
     try {
-      response = await fetch(url, { ...options, headers });
+      response = await fetch(url, {
+        ...fetchOptions,
+        headers,
+        credentials: useCookies ? "include" : "same-origin"
+      });
     } catch (networkError) {
       if (networkError instanceof TypeError) {
-        const isMissingKey = !appKey || !appKey.startsWith("pk_live_");
+        const isMissingKey = !appKey || !appKey.startsWith("pk_live_") && !appKey.startsWith("pk_test_");
         const isLocalhost = typeof window !== "undefined" && (window.location.hostname === "localhost" || window.location.hostname === "127.0.0.1");
         if (isMissingKey && !isLocalhost) {
           throw new Error(
-            "Missing GitHat API key. Add NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY to .env.local"
+            "GitHat: Missing or invalid publishable key. Add NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY to your environment variables. Get your key at https://githat.io/dashboard/apps"
+          );
+        }
+        if (isLocalhost) {
+          throw new Error(
+            "GitHat: Cannot reach api.githat.io. Check your internet connection."
           );
         }
         throw new Error(
-          "Unable to connect to GitHat API. Check your network connection."
+          "GitHat: API request failed. Verify your publishable key and app domain at https://githat.io/dashboard/apps"
         );
       }
       throw networkError;
     }
     if (response.status === 401) {
       if (!_refreshPromise) {
-        _refreshPromise = refreshTokens(apiUrl, appKey).finally(() => {
+        _refreshPromise = refreshTokens(apiUrl, appKey, useCookies).finally(() => {
           _refreshPromise = null;
         });
       }
       const refreshed = await _refreshPromise;
       if (refreshed) {
-        const newToken = localStorage.getItem(TOKEN_KEYS.accessToken);
+        const newToken = !useCookies && typeof window !== "undefined" ? localStorage.getItem(TOKEN_KEYS.accessToken) : null;
         const retryResponse = await fetch(url, {
-          ...options,
+          ...fetchOptions,
           headers: {
             ...headers,
             ...newToken && { Authorization: `Bearer ${newToken}` }
-          }
+          },
+          credentials: useCookies ? "include" : "same-origin"
         });
         const retryData = await retryResponse.json();
         if (!retryResponse.ok) throw new Error(retryData.error || "Request failed");
@@ -118,42 +136,110 @@ function createClient(apiUrl, appKey) {
 }
 
 // src/provider.tsx
-import { jsx } from "react/jsx-runtime";
+import { jsx, jsxs } from "react/jsx-runtime";
 var GitHatContext = createContext(null);
+function isDevMode(key) {
+  return !key || !key.startsWith("pk_live_") && !key.startsWith("pk_test_");
+}
+function DevModeBanner() {
+  const [dismissed, setDismissed] = useState(() => {
+    if (typeof window === "undefined") return true;
+    return localStorage.getItem("githat_dev_banner_dismissed") === "1";
+  });
+  if (dismissed || typeof window === "undefined") return null;
+  const hostname = window.location.hostname;
+  if (hostname !== "localhost" && hostname !== "127.0.0.1") return null;
+  return /* @__PURE__ */ jsxs("div", { className: "githat-dev-banner", role: "status", children: [
+    /* @__PURE__ */ jsxs("span", { children: [
+      /* @__PURE__ */ jsx("strong", { children: "GitHat Dev Mode" }),
+      " \u2014 No publishable key. Auth works on localhost.",
+      " ",
+      /* @__PURE__ */ jsx("a", { href: "https://githat.io/dashboard/apps", target: "_blank", rel: "noopener noreferrer", children: "Get your key" })
+    ] }),
+    /* @__PURE__ */ jsx(
+      "button",
+      {
+        onClick: () => {
+          setDismissed(true);
+          localStorage.setItem("githat_dev_banner_dismissed", "1");
+        },
+        "aria-label": "Dismiss",
+        children: "\xD7"
+      }
+    )
+  ] });
+}
 function GitHatProvider({ config: rawConfig, children }) {
   const config = useMemo(() => resolveConfig(rawConfig), [rawConfig]);
-  const clientRef = useRef(createClient(config.apiUrl, config.publishableKey));
+  const useCookies = config.tokenStorage === "cookie";
+  const devMode = isDevMode(config.publishableKey);
+  const clientRef = useRef(createClient(config.apiUrl, config.publishableKey, { useCookies }));
+  useEffect(() => {
+    if (!devMode || typeof window === "undefined") return;
+    const hostname = window.location.hostname;
+    if (hostname === "localhost" || hostname === "127.0.0.1") {
+      console.warn(
+        "%c GitHat Dev Mode %c No publishable key configured. Auth works on localhost but will fail in production. Get your key at https://githat.io/dashboard/apps",
+        "background: #f59e0b; color: #000; font-weight: bold; padding: 2px 6px; border-radius: 3px;",
+        "color: #f59e0b;"
+      );
+    } else {
+      console.error(
+        "%c GitHat %c Missing publishable key. Auth requests will fail. Add NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY to your environment. Get your key at https://githat.io/dashboard/apps",
+        "background: #ef4444; color: #fff; font-weight: bold; padding: 2px 6px; border-radius: 3px;",
+        "color: #ef4444;"
+      );
+    }
+  }, []);
   const [user, setUser] = useState(null);
   const [org, setOrg] = useState(null);
   const [isSignedIn, setIsSignedIn] = useState(false);
   const [isLoading, setIsLoading] = useState(true);
   const [authError, setAuthError] = useState(null);
   useEffect(() => {
-    const token = localStorage.getItem(TOKEN_KEYS.accessToken);
-    const storedUser = localStorage.getItem(TOKEN_KEYS.user);
-    if (token && storedUser) {
-      clientRef.current.fetchApi("/auth/me").then((data) => {
-        const u = data.user || JSON.parse(storedUser);
-        setUser(u);
-        const storedOrg = localStorage.getItem(TOKEN_KEYS.org);
-        setOrg(data.currentOrg || (storedOrg ? JSON.parse(storedOrg) : null));
-        setIsSignedIn(true);
-        setAuthError(null);
-      }).catch((err) => {
-        if (err.message === "Session expired") {
+    const validateSession = async () => {
+      try {
+        if (!useCookies) {
+          const token = localStorage.getItem(TOKEN_KEYS.accessToken);
+          const storedUser = localStorage.getItem(TOKEN_KEYS.user);
+          if (!token || !storedUser) {
+            setIsLoading(false);
+            return;
+          }
+        }
+        const data = await clientRef.current.fetchApi("/auth/me");
+        if (data.user) {
+          setUser(data.user);
+          setOrg(data.currentOrg || null);
+          setIsSignedIn(true);
+          setAuthError(null);
+          if (!useCookies) {
+            localStorage.setItem(TOKEN_KEYS.user, JSON.stringify(data.user));
+            if (data.currentOrg) {
+              localStorage.setItem(TOKEN_KEYS.org, JSON.stringify(data.currentOrg));
+            }
+          }
+        }
+      } catch (err) {
+        const error = err;
+        if (error.message === "Session expired") {
           clientRef.current.clearAuth();
-        } else {
-          try {
-            setUser(JSON.parse(storedUser));
-          } catch {
+        } else if (!useCookies) {
+          const storedUser = localStorage.getItem(TOKEN_KEYS.user);
+          if (storedUser) {
+            try {
+              setUser(JSON.parse(storedUser));
+              setIsSignedIn(true);
+            } catch {
+            }
           }
-          setAuthError(err.message || "Failed to verify session");
+          setAuthError(error.message || "Failed to verify session");
         }
-      }).finally(() => setIsLoading(false));
-    } else {
+      }
       setIsLoading(false);
-    }
-  }, []);
+    };
+    validateSession();
+  }, [useCookies]);
   useEffect(() => {
     const handleAuthChanged = (e) => {
       const detail = e.detail;
@@ -171,30 +257,36 @@ function GitHatProvider({ config: rawConfig, children }) {
     return () => window.removeEventListener("githat:auth-changed", handleAuthChanged);
   }, []);
   const signIn = useCallback(async (email, password) => {
-    const data = await clientRef.current.fetchApi("/auth/login", {
+    const loginUrl = useCookies ? "/auth/login?setCookie=true" : "/auth/login";
+    const data = await clientRef.current.fetchApi(loginUrl, {
       method: "POST",
       body: JSON.stringify({ email, password })
     });
-    localStorage.setItem(TOKEN_KEYS.accessToken, data.accessToken);
-    localStorage.setItem(TOKEN_KEYS.refreshToken, data.refreshToken);
-    localStorage.setItem(TOKEN_KEYS.user, JSON.stringify(data.user));
-    if (data.org) localStorage.setItem(TOKEN_KEYS.org, JSON.stringify(data.org));
+    if (!useCookies && data.accessToken && data.refreshToken) {
+      localStorage.setItem(TOKEN_KEYS.accessToken, data.accessToken);
+      localStorage.setItem(TOKEN_KEYS.refreshToken, data.refreshToken);
+      localStorage.setItem(TOKEN_KEYS.user, JSON.stringify(data.user));
+      if (data.org) localStorage.setItem(TOKEN_KEYS.org, JSON.stringify(data.org));
+    }
     setUser(data.user);
     setOrg(data.org || null);
     setIsSignedIn(true);
     window.dispatchEvent(new CustomEvent("githat:auth-changed", {
       detail: { user: data.user, org: data.org, signedIn: true }
     }));
-  }, []);
+  }, [useCookies]);
   const signUp = useCallback(async (signUpData) => {
-    const data = await clientRef.current.fetchApi("/auth/register", {
+    const registerUrl = useCookies ? "/auth/register?setCookie=true" : "/auth/register";
+    const data = await clientRef.current.fetchApi(registerUrl, {
       method: "POST",
       body: JSON.stringify(signUpData)
     });
-    localStorage.setItem(TOKEN_KEYS.accessToken, data.accessToken);
-    localStorage.setItem(TOKEN_KEYS.refreshToken, data.refreshToken);
-    localStorage.setItem(TOKEN_KEYS.user, JSON.stringify(data.user));
-    if (data.org) localStorage.setItem(TOKEN_KEYS.org, JSON.stringify(data.org));
+    if (!useCookies && data.accessToken && data.refreshToken) {
+      localStorage.setItem(TOKEN_KEYS.accessToken, data.accessToken);
+      localStorage.setItem(TOKEN_KEYS.refreshToken, data.refreshToken);
+      localStorage.setItem(TOKEN_KEYS.user, JSON.stringify(data.user));
+      if (data.org) localStorage.setItem(TOKEN_KEYS.org, JSON.stringify(data.org));
+    }
     setUser(data.user);
     setOrg(data.org || null);
     setIsSignedIn(true);
@@ -202,10 +294,11 @@ function GitHatProvider({ config: rawConfig, children }) {
       detail: { user: data.user, org: data.org, signedIn: true }
     }));
     return { requiresVerification: !data.user.emailVerified, email: signUpData.email };
-  }, []);
+  }, [useCookies]);
   const signOut = useCallback(async () => {
     try {
-      await clientRef.current.fetchApi("/auth/logout", { method: "POST" });
+      const logoutUrl = useCookies ? "/auth/logout?setCookie=true" : "/auth/logout";
+      await clientRef.current.fetchApi(logoutUrl, { method: "POST" });
     } catch {
     }
     clientRef.current.clearAuth();
@@ -215,22 +308,24 @@ function GitHatProvider({ config: rawConfig, children }) {
     if (typeof window !== "undefined" && config.afterSignOutUrl) {
       window.location.href = config.afterSignOutUrl;
     }
-  }, [config.afterSignOutUrl]);
+  }, [config.afterSignOutUrl, useCookies]);
   const switchOrg = useCallback(async (orgId) => {
     try {
-      const data = await clientRef.current.fetchApi(`/user/orgs/${orgId}/switch`, { method: "POST" });
-      if (data.accessToken) localStorage.setItem(TOKEN_KEYS.accessToken, data.accessToken);
-      if (data.refreshToken) localStorage.setItem(TOKEN_KEYS.refreshToken, data.refreshToken);
-      const orgData = data.org;
-      localStorage.setItem(TOKEN_KEYS.org, JSON.stringify(orgData));
-      setOrg(orgData);
+      const switchUrl = useCookies ? `/user/orgs/${orgId}/switch?setCookie=true` : `/user/orgs/${orgId}/switch`;
+      const data = await clientRef.current.fetchApi(switchUrl, { method: "POST" });
+      if (!useCookies) {
+        if (data.accessToken) localStorage.setItem(TOKEN_KEYS.accessToken, data.accessToken);
+        if (data.refreshToken) localStorage.setItem(TOKEN_KEYS.refreshToken, data.refreshToken);
+        localStorage.setItem(TOKEN_KEYS.org, JSON.stringify(data.org));
+      }
+      setOrg(data.org);
       window.dispatchEvent(new CustomEvent("githat:auth-changed", {
-        detail: { user, org: orgData, signedIn: true }
+        detail: { user, org: data.org, signedIn: true }
       }));
     } catch (e) {
       console.error("Org switch failed:", e);
     }
-  }, [user]);
+  }, [user, useCookies]);
   const value = useMemo(() => ({
     user,
     org,
@@ -243,11 +338,14 @@ function GitHatProvider({ config: rawConfig, children }) {
     signOut,
     switchOrg
   }), [user, org, isSignedIn, isLoading, authError, config, signIn, signUp, signOut, switchOrg]);
-  return /* @__PURE__ */ jsx(GitHatContext.Provider, { value, children });
+  return /* @__PURE__ */ jsxs(GitHatContext.Provider, { value, children: [
+    devMode && /* @__PURE__ */ jsx(DevModeBanner, {}),
+    children
+  ] });
 }
 
 // src/hooks.ts
-import { useContext, useMemo as useMemo2 } from "react";
+import { useContext, useMemo as useMemo2, useCallback as useCallback2 } from "react";
 function useAuth() {
   const ctx = useContext(GitHatContext);
   if (!ctx) throw new Error("useAuth must be used within a <GitHatProvider>");
@@ -259,17 +357,199 @@ function useGitHat() {
     () => createClient(ctx.config.apiUrl, ctx.config.publishableKey),
     [ctx.config.apiUrl, ctx.config.publishableKey]
   );
+  const getOrgMetadata = useCallback2(async () => {
+    if (!ctx.org?.id) {
+      throw new Error("No active organization");
+    }
+    const response = await client.fetchApi(
+      `/orgs/${ctx.org.id}/metadata`
+    );
+    return response.metadata || {};
+  }, [client, ctx.org?.id]);
+  const updateOrgMetadata = useCallback2(
+    async (updates) => {
+      if (!ctx.org?.id) {
+        throw new Error("No active organization");
+      }
+      const response = await client.fetchApi(
+        `/orgs/${ctx.org.id}/metadata`,
+        {
+          method: "PATCH",
+          body: JSON.stringify(updates)
+        }
+      );
+      return response.metadata || {};
+    },
+    [client, ctx.org?.id]
+  );
+  const forgotPassword = useCallback2(
+    async (email) => {
+      const response = await fetch(`${ctx.config.apiUrl}/auth/forgot-password`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ email })
+      });
+      if (!response.ok) {
+        const error = await response.json().catch(() => ({}));
+        throw new Error(error.message || "Failed to send reset email");
+      }
+      return { success: true };
+    },
+    [ctx.config.apiUrl]
+  );
+  const resetPassword = useCallback2(
+    async (token, newPassword) => {
+      const response = await fetch(`${ctx.config.apiUrl}/auth/reset-password`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ token, password: newPassword })
+      });
+      if (!response.ok) {
+        const error = await response.json().catch(() => ({}));
+        throw new Error(error.message || "Failed to reset password");
+      }
+      return { success: true };
+    },
+    [ctx.config.apiUrl]
+  );
+  const changePassword = useCallback2(
+    async (currentPassword, newPassword) => {
+      await client.fetchApi("/auth/change-password", {
+        method: "POST",
+        body: JSON.stringify({ currentPassword, newPassword })
+      });
+      return { success: true };
+    },
+    [client]
+  );
+  const verifyEmail = useCallback2(
+    async (token) => {
+      const response = await fetch(`${ctx.config.apiUrl}/auth/verify-email`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ token })
+      });
+      if (!response.ok) {
+        const error = await response.json().catch(() => ({}));
+        throw new Error(error.message || "Failed to verify email");
+      }
+      return { success: true };
+    },
+    [ctx.config.apiUrl]
+  );
+  const resendVerificationEmail = useCallback2(
+    async (email) => {
+      const response = await fetch(`${ctx.config.apiUrl}/auth/resend-verification`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ email })
+      });
+      if (!response.ok) {
+        const error = await response.json().catch(() => ({}));
+        throw new Error(error.message || "Failed to resend verification email");
+      }
+      return { success: true };
+    },
+    [ctx.config.apiUrl]
+  );
   return {
     fetch: client.fetchApi,
     getUserOrgs: () => client.fetchApi("/user/orgs"),
     verifyMCP: (domain) => client.fetchApi(`/verify/mcp/${domain}`),
-    verifyAgent: (wallet) => client.fetchApi(`/verify/agent/${wallet}`)
+    verifyAgent: (wallet) => client.fetchApi(`/verify/agent/${wallet}`),
+    getOrgMetadata,
+    updateOrgMetadata,
+    // Password management
+    forgotPassword,
+    resetPassword,
+    changePassword,
+    // Email verification
+    verifyEmail,
+    resendVerificationEmail
   };
 }
 
+// src/data.ts
+import { useMemo as useMemo3 } from "react";
+function useData() {
+  const ctx = useAuth();
+  const client = useMemo3(
+    () => createClient(ctx.config.apiUrl, ctx.config.publishableKey),
+    [ctx.config.apiUrl, ctx.config.publishableKey]
+  );
+  return useMemo3(() => ({
+    /**
+     * Store an item in a collection. If the item exists, it will be updated.
+     * @param collection - Collection name (e.g., 'orders', 'users')
+     * @param data - Data object with required `id` field
+     */
+    put: async (collection, data) => {
+      if (!data.id) {
+        throw new Error('Data must include an "id" field');
+      }
+      return client.fetchApi(`/data/${collection}/${data.id}`, {
+        method: "PUT",
+        body: JSON.stringify(data)
+      });
+    },
+    /**
+     * Get a single item from a collection.
+     * @param collection - Collection name
+     * @param id - Item ID
+     */
+    get: async (collection, id) => {
+      try {
+        const result = await client.fetchApi(`/data/${collection}/${id}`);
+        return result.item;
+      } catch (err) {
+        if (err instanceof Error && err.message === "Item not found") {
+          return null;
+        }
+        throw err;
+      }
+    },
+    /**
+     * Query items from a collection with optional filters and pagination.
+     * @param collection - Collection name
+     * @param options - Query options (limit, cursor, filter)
+     */
+    query: async (collection, options = {}) => {
+      const params = new URLSearchParams();
+      if (options.limit) params.set("limit", options.limit.toString());
+      if (options.cursor) params.set("cursor", options.cursor);
+      if (options.filter) params.set("filter", JSON.stringify(options.filter));
+      const queryString = params.toString();
+      const url = `/data/${collection}${queryString ? `?${queryString}` : ""}`;
+      return client.fetchApi(url);
+    },
+    /**
+     * Delete an item from a collection.
+     * @param collection - Collection name
+     * @param id - Item ID
+     */
+    remove: async (collection, id) => {
+      return client.fetchApi(`/data/${collection}/${id}`, {
+        method: "DELETE"
+      });
+    },
+    /**
+     * Batch operations (put/delete) on a collection.
+     * Maximum 100 operations per request.
+     * @param collection - Collection name
+     * @param operations - Array of operations
+     */
+    batch: async (collection, operations) => {
+      return client.fetchApi(`/data/${collection}/batch`, {
+        method: "POST",
+        body: JSON.stringify({ operations })
+      });
+    }
+  }), [client]);
+}
+
 // src/components/SignInForm.tsx
 import { useState as useState2 } from "react";
-import { jsx as jsx2, jsxs } from "react/jsx-runtime";
+import { jsx as jsx2, jsxs as jsxs2 } from "react/jsx-runtime";
 function SignInForm({ onSuccess, signUpUrl, forgotPasswordUrl }) {
   const { signIn, config } = useAuth();
   const [email, setEmail] = useState2("");
@@ -299,14 +579,14 @@ function SignInForm({ onSuccess, signUpUrl, forgotPasswordUrl }) {
       setLoading(false);
     }
   };
-  return /* @__PURE__ */ jsxs("div", { className: "githat-form-container", children: [
-    /* @__PURE__ */ jsxs("div", { className: "githat-form-header", children: [
+  return /* @__PURE__ */ jsxs2("div", { className: "githat-form-container", children: [
+    /* @__PURE__ */ jsxs2("div", { className: "githat-form-header", children: [
       /* @__PURE__ */ jsx2("h2", { className: "githat-form-title", children: "Sign in" }),
       /* @__PURE__ */ jsx2("p", { className: "githat-form-subtitle", children: "Welcome back to GitHat" })
     ] }),
     error && /* @__PURE__ */ jsx2("div", { className: "githat-alert githat-alert-error", role: "alert", "aria-live": "polite", children: error }),
-    /* @__PURE__ */ jsxs("form", { onSubmit: handleSubmit, className: "githat-form", "aria-label": "Sign in form", children: [
-      /* @__PURE__ */ jsxs("div", { className: "githat-field", children: [
+    /* @__PURE__ */ jsxs2("form", { onSubmit: handleSubmit, className: "githat-form", "aria-label": "Sign in form", children: [
+      /* @__PURE__ */ jsxs2("div", { className: "githat-field", children: [
         /* @__PURE__ */ jsx2("label", { className: "githat-label", htmlFor: "githat-signin-email", children: "Email" }),
         /* @__PURE__ */ jsx2(
           "input",
@@ -322,7 +602,7 @@ function SignInForm({ onSuccess, signUpUrl, forgotPasswordUrl }) {
           }
         )
       ] }),
-      /* @__PURE__ */ jsxs("div", { className: "githat-field", children: [
+      /* @__PURE__ */ jsxs2("div", { className: "githat-field", children: [
         /* @__PURE__ */ jsx2("label", { className: "githat-label", htmlFor: "githat-signin-password", children: "Password" }),
         /* @__PURE__ */ jsx2(
           "input",
@@ -349,11 +629,11 @@ function SignInForm({ onSuccess, signUpUrl, forgotPasswordUrl }) {
         }
       )
     ] }),
-    signUpUrl && /* @__PURE__ */ jsxs("p", { className: "githat-form-footer", children: [
+    signUpUrl && /* @__PURE__ */ jsxs2("p", { className: "githat-form-footer", children: [
       "Don't have an account? ",
       /* @__PURE__ */ jsx2("a", { href: signUpUrl, className: "githat-link", children: "Sign up" })
     ] }),
-    /* @__PURE__ */ jsxs("p", { className: "githat-powered-by", children: [
+    /* @__PURE__ */ jsxs2("p", { className: "githat-powered-by", children: [
       "Secured by ",
       /* @__PURE__ */ jsx2("strong", { children: "GitHat" })
     ] })
@@ -362,7 +642,7 @@ function SignInForm({ onSuccess, signUpUrl, forgotPasswordUrl }) {
 
 // src/components/SignUpForm.tsx
 import { useState as useState3 } from "react";
-import { jsx as jsx3, jsxs as jsxs2 } from "react/jsx-runtime";
+import { jsx as jsx3, jsxs as jsxs3 } from "react/jsx-runtime";
 function SignUpForm({ onSuccess, signInUrl }) {
   const { signUp, config } = useAuth();
   const [name, setName] = useState3("");
@@ -379,7 +659,7 @@ function SignUpForm({ onSuccess, signInUrl }) {
       return;
     }
     if (!passwordValid) {
-      setError("Password must be 8+ characters with uppercase, lowercase, number, and special character");
+      setError("Password must be 8+ characters with uppercase, lowercase, and number");
       return;
     }
     setError("");
@@ -397,14 +677,14 @@ function SignUpForm({ onSuccess, signInUrl }) {
       setLoading(false);
     }
   };
-  return /* @__PURE__ */ jsxs2("div", { className: "githat-form-container", children: [
-    /* @__PURE__ */ jsxs2("div", { className: "githat-form-header", children: [
+  return /* @__PURE__ */ jsxs3("div", { className: "githat-form-container", children: [
+    /* @__PURE__ */ jsxs3("div", { className: "githat-form-header", children: [
       /* @__PURE__ */ jsx3("h2", { className: "githat-form-title", children: "Create an account" }),
       /* @__PURE__ */ jsx3("p", { className: "githat-form-subtitle", children: "Get started with GitHat" })
     ] }),
     error && /* @__PURE__ */ jsx3("div", { className: "githat-alert githat-alert-error", role: "alert", "aria-live": "polite", children: error }),
-    /* @__PURE__ */ jsxs2("form", { onSubmit: handleSubmit, className: "githat-form", "aria-label": "Sign up form", children: [
-      /* @__PURE__ */ jsxs2("div", { className: "githat-field", children: [
+    /* @__PURE__ */ jsxs3("form", { onSubmit: handleSubmit, className: "githat-form", "aria-label": "Sign up form", children: [
+      /* @__PURE__ */ jsxs3("div", { className: "githat-field", children: [
         /* @__PURE__ */ jsx3("label", { className: "githat-label", htmlFor: "githat-signup-name", children: "Full name" }),
         /* @__PURE__ */ jsx3(
           "input",
@@ -420,7 +700,7 @@ function SignUpForm({ onSuccess, signInUrl }) {
           }
         )
       ] }),
-      /* @__PURE__ */ jsxs2("div", { className: "githat-field", children: [
+      /* @__PURE__ */ jsxs3("div", { className: "githat-field", children: [
         /* @__PURE__ */ jsx3("label", { className: "githat-label", htmlFor: "githat-signup-email", children: "Email" }),
         /* @__PURE__ */ jsx3(
           "input",
@@ -436,7 +716,7 @@ function SignUpForm({ onSuccess, signInUrl }) {
           }
         )
       ] }),
-      /* @__PURE__ */ jsxs2("div", { className: "githat-field", children: [
+      /* @__PURE__ */ jsxs3("div", { className: "githat-field", children: [
         /* @__PURE__ */ jsx3("label", { className: "githat-label", htmlFor: "githat-signup-password", children: "Password" }),
         /* @__PURE__ */ jsx3(
           "input",
@@ -463,11 +743,11 @@ function SignUpForm({ onSuccess, signInUrl }) {
         }
       )
     ] }),
-    signInUrl && /* @__PURE__ */ jsxs2("p", { className: "githat-form-footer", children: [
+    signInUrl && /* @__PURE__ */ jsxs3("p", { className: "githat-form-footer", children: [
       "Already have an account? ",
       /* @__PURE__ */ jsx3("a", { href: signInUrl, className: "githat-link", children: "Sign in" })
     ] }),
-    /* @__PURE__ */ jsxs2("p", { className: "githat-powered-by", children: [
+    /* @__PURE__ */ jsxs3("p", { className: "githat-powered-by", children: [
       "Secured by ",
       /* @__PURE__ */ jsx3("strong", { children: "GitHat" })
     ] })
@@ -494,7 +774,7 @@ function SignUpButton({ className, children, href }) {
 
 // src/components/UserButton.tsx
 import { useState as useState4, useRef as useRef2, useEffect as useEffect2 } from "react";
-import { jsx as jsx6, jsxs as jsxs3 } from "react/jsx-runtime";
+import { jsx as jsx6, jsxs as jsxs4 } from "react/jsx-runtime";
 function UserButton() {
   const { user, org, isSignedIn, signOut } = useAuth();
   const [open, setOpen] = useState4(false);
@@ -508,10 +788,10 @@ function UserButton() {
   }, []);
   if (!isSignedIn || !user) return null;
   const initials = user.name ? user.name.split(" ").map((n) => n[0]).join("").toUpperCase().slice(0, 2) : user.email[0].toUpperCase();
-  return /* @__PURE__ */ jsxs3("div", { className: "githat-user-button", ref, children: [
+  return /* @__PURE__ */ jsxs4("div", { className: "githat-user-button", ref, children: [
     /* @__PURE__ */ jsx6("button", { className: "githat-avatar-trigger", onClick: () => setOpen(!open), "aria-label": "User menu", "aria-expanded": open, "aria-haspopup": "true", children: user.avatarUrl ? /* @__PURE__ */ jsx6("img", { src: user.avatarUrl, alt: user.name || "User avatar", className: "githat-avatar-img" }) : /* @__PURE__ */ jsx6("span", { className: "githat-avatar-initials", children: initials }) }),
-    open && /* @__PURE__ */ jsxs3("div", { className: "githat-dropdown", role: "menu", children: [
-      /* @__PURE__ */ jsxs3("div", { className: "githat-dropdown-header", children: [
+    open && /* @__PURE__ */ jsxs4("div", { className: "githat-dropdown", role: "menu", children: [
+      /* @__PURE__ */ jsxs4("div", { className: "githat-dropdown-header", children: [
         /* @__PURE__ */ jsx6("p", { className: "githat-dropdown-name", children: user.name }),
         /* @__PURE__ */ jsx6("p", { className: "githat-dropdown-email", children: user.email }),
         org && /* @__PURE__ */ jsx6("p", { className: "githat-dropdown-org", children: org.name })
@@ -527,7 +807,7 @@ function UserButton() {
 
 // src/components/OrgSwitcher.tsx
 import { useState as useState5, useEffect as useEffect3, useRef as useRef3 } from "react";
-import { jsx as jsx7, jsxs as jsxs4 } from "react/jsx-runtime";
+import { jsx as jsx7, jsxs as jsxs5 } from "react/jsx-runtime";
 function OrgSwitcher() {
   const { org, isSignedIn, switchOrg } = useAuth();
   const githat = useGitHat();
@@ -550,12 +830,12 @@ function OrgSwitcher() {
     return () => document.removeEventListener("mousedown", handleClickOutside);
   }, []);
   if (!isSignedIn || !org || orgs.length < 2 && !orgsLoading) return null;
-  return /* @__PURE__ */ jsxs4("div", { className: "githat-org-switcher", ref, children: [
-    /* @__PURE__ */ jsxs4("button", { className: "githat-org-trigger", onClick: () => setOpen(!open), "aria-label": "Switch organization", "aria-expanded": open, "aria-haspopup": "true", children: [
+  return /* @__PURE__ */ jsxs5("div", { className: "githat-org-switcher", ref, children: [
+    /* @__PURE__ */ jsxs5("button", { className: "githat-org-trigger", onClick: () => setOpen(!open), "aria-label": "Switch organization", "aria-expanded": open, "aria-haspopup": "true", children: [
       /* @__PURE__ */ jsx7("span", { className: "githat-org-name", children: org.name }),
       /* @__PURE__ */ jsx7("span", { className: "githat-chevron", children: open ? "\u25B2" : "\u25BC" })
     ] }),
-    open && /* @__PURE__ */ jsx7("div", { className: "githat-dropdown", role: "menu", children: orgsLoading ? /* @__PURE__ */ jsx7("div", { className: "githat-dropdown-item", "aria-busy": "true", children: "Loading..." }) : orgs.map((o) => /* @__PURE__ */ jsxs4(
+    open && /* @__PURE__ */ jsx7("div", { className: "githat-dropdown", role: "menu", children: orgsLoading ? /* @__PURE__ */ jsx7("div", { className: "githat-dropdown-item", "aria-busy": "true", children: "Loading..." }) : orgs.map((o) => /* @__PURE__ */ jsxs5(
       "button",
       {
         className: `githat-dropdown-item ${o.id === org.id ? "githat-dropdown-item-active" : ""}`,
@@ -577,7 +857,7 @@ function OrgSwitcher() {
 
 // src/components/VerifiedBadge.tsx
 import { useState as useState6, useEffect as useEffect4, useRef as useRef4 } from "react";
-import { jsxs as jsxs5 } from "react/jsx-runtime";
+import { jsxs as jsxs6 } from "react/jsx-runtime";
 var CACHE_TTL = 5 * 60 * 1e3;
 var cache = /* @__PURE__ */ new Map();
 function VerifiedBadge({ type, identifier, label }) {
@@ -606,7 +886,7 @@ function VerifiedBadge({ type, identifier, label }) {
     };
   }, [type, identifier]);
   if (verified === null) return null;
-  return /* @__PURE__ */ jsxs5("span", { className: `githat-badge ${verified ? "githat-badge-verified" : "githat-badge-unverified"}`, children: [
+  return /* @__PURE__ */ jsxs6("span", { className: `githat-badge ${verified ? "githat-badge-verified" : "githat-badge-unverified"}`, children: [
     verified ? "\u2713" : "\u2717",
     " ",
     label || (verified ? "Verified" : "Unverified")
@@ -628,17 +908,411 @@ function ProtectedRoute({ children, fallback }) {
   }
   return /* @__PURE__ */ jsx8(Fragment, { children });
 }
+
+// src/components/ForgotPasswordForm.tsx
+import { useState as useState7 } from "react";
+import { jsx as jsx9, jsxs as jsxs7 } from "react/jsx-runtime";
+function ForgotPasswordForm({
+  onSuccess,
+  onError,
+  signInUrl = "/sign-in"
+}) {
+  const { forgotPassword } = useGitHat();
+  const [email, setEmail] = useState7("");
+  const [isLoading, setIsLoading] = useState7(false);
+  const [sent, setSent] = useState7(false);
+  const [error, setError] = useState7("");
+  const emailValid = /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email);
+  const handleSubmit = async (e) => {
+    e.preventDefault();
+    if (!emailValid) {
+      setError("Please enter a valid email address");
+      return;
+    }
+    setIsLoading(true);
+    setError("");
+    try {
+      await forgotPassword(email);
+      setSent(true);
+      onSuccess?.(email);
+    } catch (err) {
+      const message = err instanceof Error ? err.message : "Failed to send reset email";
+      setError(message);
+      onError?.(err instanceof Error ? err : new Error(message));
+    } finally {
+      setIsLoading(false);
+    }
+  };
+  if (sent) {
+    return /* @__PURE__ */ jsxs7("div", { className: "githat-form-container", children: [
+      /* @__PURE__ */ jsxs7("div", { className: "githat-form-header", children: [
+        /* @__PURE__ */ jsx9("h2", { className: "githat-form-title", children: "Check your email" }),
+        /* @__PURE__ */ jsxs7("p", { className: "githat-form-subtitle", children: [
+          "We sent a password reset link to ",
+          /* @__PURE__ */ jsx9("strong", { children: email })
+        ] })
+      ] }),
+      /* @__PURE__ */ jsx9("a", { href: signInUrl, className: "githat-link", children: "Back to sign in" }),
+      /* @__PURE__ */ jsxs7("p", { className: "githat-powered-by", children: [
+        "Secured by ",
+        /* @__PURE__ */ jsx9("strong", { children: "GitHat" })
+      ] })
+    ] });
+  }
+  return /* @__PURE__ */ jsxs7("div", { className: "githat-form-container", children: [
+    /* @__PURE__ */ jsxs7("div", { className: "githat-form-header", children: [
+      /* @__PURE__ */ jsx9("h2", { className: "githat-form-title", children: "Forgot password" }),
+      /* @__PURE__ */ jsx9("p", { className: "githat-form-subtitle", children: "Enter your email and we'll send you a reset link" })
+    ] }),
+    error && /* @__PURE__ */ jsx9("div", { className: "githat-alert githat-alert-error", role: "alert", "aria-live": "polite", children: error }),
+    /* @__PURE__ */ jsxs7("form", { onSubmit: handleSubmit, className: "githat-form", "aria-label": "Forgot password form", children: [
+      /* @__PURE__ */ jsxs7("div", { className: "githat-field", children: [
+        /* @__PURE__ */ jsx9("label", { className: "githat-label", htmlFor: "githat-forgot-email", children: "Email" }),
+        /* @__PURE__ */ jsx9(
+          "input",
+          {
+            id: "githat-forgot-email",
+            className: "githat-input",
+            type: "email",
+            value: email,
+            onChange: (e) => setEmail(e.target.value),
+            placeholder: "you@example.com",
+            autoComplete: "email",
+            disabled: isLoading,
+            required: true
+          }
+        )
+      ] }),
+      /* @__PURE__ */ jsx9(
+        "button",
+        {
+          type: "submit",
+          className: "githat-button githat-button-primary",
+          disabled: isLoading || !email || email.length > 0 && !emailValid,
+          children: isLoading ? "Sending..." : "Send reset link"
+        }
+      )
+    ] }),
+    /* @__PURE__ */ jsxs7("p", { className: "githat-form-footer", children: [
+      "Remember your password? ",
+      /* @__PURE__ */ jsx9("a", { href: signInUrl, className: "githat-link", children: "Sign in" })
+    ] }),
+    /* @__PURE__ */ jsxs7("p", { className: "githat-powered-by", children: [
+      "Secured by ",
+      /* @__PURE__ */ jsx9("strong", { children: "GitHat" })
+    ] })
+  ] });
+}
+
+// src/components/ResetPasswordForm.tsx
+import { useState as useState8 } from "react";
+import { jsx as jsx10, jsxs as jsxs8 } from "react/jsx-runtime";
+function ResetPasswordForm({
+  token,
+  onSuccess,
+  onError,
+  signInUrl = "/sign-in",
+  minPasswordLength = 8
+}) {
+  const { resetPassword } = useGitHat();
+  const [password, setPassword] = useState8("");
+  const [confirm, setConfirm] = useState8("");
+  const [isLoading, setIsLoading] = useState8(false);
+  const [success, setSuccess] = useState8(false);
+  const [error, setError] = useState8("");
+  const handleSubmit = async (e) => {
+    e.preventDefault();
+    if (password !== confirm) {
+      setError("Passwords do not match");
+      return;
+    }
+    if (password.length < minPasswordLength) {
+      setError(`Password must be at least ${minPasswordLength} characters`);
+      return;
+    }
+    setIsLoading(true);
+    setError("");
+    try {
+      await resetPassword(token, password);
+      setSuccess(true);
+      onSuccess?.();
+    } catch (err) {
+      const message = err instanceof Error ? err.message : "Failed to reset password";
+      setError(message);
+      onError?.(err instanceof Error ? err : new Error(message));
+    } finally {
+      setIsLoading(false);
+    }
+  };
+  if (success) {
+    return /* @__PURE__ */ jsxs8("div", { className: "githat-form-container", children: [
+      /* @__PURE__ */ jsxs8("div", { className: "githat-form-header", children: [
+        /* @__PURE__ */ jsx10("h2", { className: "githat-form-title", children: "Password reset!" }),
+        /* @__PURE__ */ jsx10("p", { className: "githat-form-subtitle", children: "Your password has been successfully reset." })
+      ] }),
+      /* @__PURE__ */ jsx10("a", { href: signInUrl, className: "githat-button githat-button-primary", style: { display: "block", textAlign: "center", textDecoration: "none" }, children: "Sign in" }),
+      /* @__PURE__ */ jsxs8("p", { className: "githat-powered-by", children: [
+        "Secured by ",
+        /* @__PURE__ */ jsx10("strong", { children: "GitHat" })
+      ] })
+    ] });
+  }
+  return /* @__PURE__ */ jsxs8("div", { className: "githat-form-container", children: [
+    /* @__PURE__ */ jsxs8("div", { className: "githat-form-header", children: [
+      /* @__PURE__ */ jsx10("h2", { className: "githat-form-title", children: "Reset password" }),
+      /* @__PURE__ */ jsx10("p", { className: "githat-form-subtitle", children: "Enter your new password" })
+    ] }),
+    error && /* @__PURE__ */ jsx10("div", { className: "githat-alert githat-alert-error", role: "alert", "aria-live": "polite", children: error }),
+    /* @__PURE__ */ jsxs8("form", { onSubmit: handleSubmit, className: "githat-form", "aria-label": "Reset password form", children: [
+      /* @__PURE__ */ jsxs8("div", { className: "githat-field", children: [
+        /* @__PURE__ */ jsx10("label", { className: "githat-label", htmlFor: "githat-reset-password", children: "New password" }),
+        /* @__PURE__ */ jsx10(
+          "input",
+          {
+            id: "githat-reset-password",
+            className: "githat-input",
+            type: "password",
+            value: password,
+            onChange: (e) => setPassword(e.target.value),
+            placeholder: "Enter new password",
+            autoComplete: "new-password",
+            disabled: isLoading,
+            required: true,
+            minLength: minPasswordLength
+          }
+        )
+      ] }),
+      /* @__PURE__ */ jsxs8("div", { className: "githat-field", children: [
+        /* @__PURE__ */ jsx10("label", { className: "githat-label", htmlFor: "githat-reset-confirm", children: "Confirm password" }),
+        /* @__PURE__ */ jsx10(
+          "input",
+          {
+            id: "githat-reset-confirm",
+            className: "githat-input",
+            type: "password",
+            value: confirm,
+            onChange: (e) => setConfirm(e.target.value),
+            placeholder: "Confirm new password",
+            autoComplete: "new-password",
+            disabled: isLoading,
+            required: true
+          }
+        )
+      ] }),
+      /* @__PURE__ */ jsx10(
+        "button",
+        {
+          type: "submit",
+          className: "githat-button githat-button-primary",
+          disabled: isLoading || !password || !confirm,
+          children: isLoading ? "Resetting..." : "Reset password"
+        }
+      )
+    ] }),
+    /* @__PURE__ */ jsxs8("p", { className: "githat-powered-by", children: [
+      "Secured by ",
+      /* @__PURE__ */ jsx10("strong", { children: "GitHat" })
+    ] })
+  ] });
+}
+
+// src/components/VerifyEmailStatus.tsx
+import { useEffect as useEffect5, useState as useState9 } from "react";
+import { Fragment as Fragment2, jsx as jsx11, jsxs as jsxs9 } from "react/jsx-runtime";
+function VerifyEmailStatus({
+  token,
+  onSuccess,
+  onError,
+  signInUrl = "/sign-in",
+  redirectDelay = 3e3
+}) {
+  const { verifyEmail } = useGitHat();
+  const [status, setStatus] = useState9("loading");
+  const [error, setError] = useState9("");
+  useEffect5(() => {
+    if (!token) {
+      setStatus("error");
+      setError("Missing verification token");
+      return;
+    }
+    verifyEmail(token).then(() => {
+      setStatus("success");
+      onSuccess?.();
+      if (signInUrl && redirectDelay > 0) {
+        setTimeout(() => {
+          window.location.href = signInUrl;
+        }, redirectDelay);
+      }
+    }).catch((err) => {
+      setStatus("error");
+      const message = err instanceof Error ? err.message : "Verification failed";
+      setError(message);
+      onError?.(err instanceof Error ? err : new Error(message));
+    });
+  }, [token, verifyEmail, onSuccess, onError, signInUrl, redirectDelay]);
+  return /* @__PURE__ */ jsxs9("div", { className: "githat-form-container", children: [
+    status === "loading" && /* @__PURE__ */ jsxs9("div", { className: "githat-form-header", children: [
+      /* @__PURE__ */ jsx11("h2", { className: "githat-form-title", children: "Verifying email..." }),
+      /* @__PURE__ */ jsx11("p", { className: "githat-form-subtitle", children: "Please wait while we verify your email address." })
+    ] }),
+    status === "success" && /* @__PURE__ */ jsxs9(Fragment2, { children: [
+      /* @__PURE__ */ jsxs9("div", { className: "githat-form-header", children: [
+        /* @__PURE__ */ jsx11("h2", { className: "githat-form-title", children: "Email verified!" }),
+        /* @__PURE__ */ jsx11("p", { className: "githat-form-subtitle", children: "Your email has been successfully verified. Redirecting to sign in..." })
+      ] }),
+      /* @__PURE__ */ jsx11("a", { href: signInUrl, className: "githat-button githat-button-primary", style: { display: "block", textAlign: "center", textDecoration: "none" }, children: "Sign in now" })
+    ] }),
+    status === "error" && /* @__PURE__ */ jsxs9(Fragment2, { children: [
+      /* @__PURE__ */ jsxs9("div", { className: "githat-form-header", children: [
+        /* @__PURE__ */ jsx11("h2", { className: "githat-form-title", children: "Verification failed" }),
+        /* @__PURE__ */ jsx11("p", { className: "githat-form-subtitle", children: error })
+      ] }),
+      /* @__PURE__ */ jsxs9("p", { className: "githat-form-footer", children: [
+        "The link may have expired. ",
+        /* @__PURE__ */ jsx11("a", { href: "/sign-up", className: "githat-link", children: "Try signing up again" })
+      ] })
+    ] }),
+    /* @__PURE__ */ jsxs9("p", { className: "githat-powered-by", children: [
+      "Secured by ",
+      /* @__PURE__ */ jsx11("strong", { children: "GitHat" })
+    ] })
+  ] });
+}
+
+// src/components/ChangePasswordForm.tsx
+import { useState as useState10 } from "react";
+import { jsx as jsx12, jsxs as jsxs10 } from "react/jsx-runtime";
+function ChangePasswordForm({
+  onSuccess,
+  onError,
+  minPasswordLength = 8
+}) {
+  const { changePassword } = useGitHat();
+  const [current, setCurrent] = useState10("");
+  const [newPass, setNewPass] = useState10("");
+  const [confirm, setConfirm] = useState10("");
+  const [isLoading, setIsLoading] = useState10(false);
+  const [error, setError] = useState10("");
+  const [success, setSuccess] = useState10(false);
+  const handleSubmit = async (e) => {
+    e.preventDefault();
+    if (newPass !== confirm) {
+      setError("Passwords do not match");
+      return;
+    }
+    if (newPass.length < minPasswordLength) {
+      setError(`Password must be at least ${minPasswordLength} characters`);
+      return;
+    }
+    setIsLoading(true);
+    setError("");
+    try {
+      await changePassword(current, newPass);
+      setSuccess(true);
+      setCurrent("");
+      setNewPass("");
+      setConfirm("");
+      onSuccess?.();
+    } catch (err) {
+      const message = err instanceof Error ? err.message : "Failed to change password";
+      setError(message);
+      onError?.(err instanceof Error ? err : new Error(message));
+    } finally {
+      setIsLoading(false);
+    }
+  };
+  return /* @__PURE__ */ jsxs10("div", { className: "githat-form-container", children: [
+    /* @__PURE__ */ jsxs10("div", { className: "githat-form-header", children: [
+      /* @__PURE__ */ jsx12("h2", { className: "githat-form-title", children: "Change password" }),
+      /* @__PURE__ */ jsx12("p", { className: "githat-form-subtitle", children: "Update your account password" })
+    ] }),
+    success && /* @__PURE__ */ jsx12("div", { className: "githat-alert githat-alert-success", role: "status", "aria-live": "polite", children: "Password changed successfully!" }),
+    error && /* @__PURE__ */ jsx12("div", { className: "githat-alert githat-alert-error", role: "alert", "aria-live": "polite", children: error }),
+    /* @__PURE__ */ jsxs10("form", { onSubmit: handleSubmit, className: "githat-form", "aria-label": "Change password form", children: [
+      /* @__PURE__ */ jsxs10("div", { className: "githat-field", children: [
+        /* @__PURE__ */ jsx12("label", { className: "githat-label", htmlFor: "githat-change-current", children: "Current password" }),
+        /* @__PURE__ */ jsx12(
+          "input",
+          {
+            id: "githat-change-current",
+            className: "githat-input",
+            type: "password",
+            value: current,
+            onChange: (e) => setCurrent(e.target.value),
+            placeholder: "Enter current password",
+            autoComplete: "current-password",
+            disabled: isLoading,
+            required: true
+          }
+        )
+      ] }),
+      /* @__PURE__ */ jsxs10("div", { className: "githat-field", children: [
+        /* @__PURE__ */ jsx12("label", { className: "githat-label", htmlFor: "githat-change-new", children: "New password" }),
+        /* @__PURE__ */ jsx12(
+          "input",
+          {
+            id: "githat-change-new",
+            className: "githat-input",
+            type: "password",
+            value: newPass,
+            onChange: (e) => setNewPass(e.target.value),
+            placeholder: "Enter new password",
+            autoComplete: "new-password",
+            disabled: isLoading,
+            required: true,
+            minLength: minPasswordLength
+          }
+        )
+      ] }),
+      /* @__PURE__ */ jsxs10("div", { className: "githat-field", children: [
+        /* @__PURE__ */ jsx12("label", { className: "githat-label", htmlFor: "githat-change-confirm", children: "Confirm new password" }),
+        /* @__PURE__ */ jsx12(
+          "input",
+          {
+            id: "githat-change-confirm",
+            className: "githat-input",
+            type: "password",
+            value: confirm,
+            onChange: (e) => setConfirm(e.target.value),
+            placeholder: "Confirm new password",
+            autoComplete: "new-password",
+            disabled: isLoading,
+            required: true
+          }
+        )
+      ] }),
+      /* @__PURE__ */ jsx12(
+        "button",
+        {
+          type: "submit",
+          className: "githat-button githat-button-primary",
+          disabled: isLoading || !current || !newPass || !confirm,
+          children: isLoading ? "Changing..." : "Change password"
+        }
+      )
+    ] }),
+    /* @__PURE__ */ jsxs10("p", { className: "githat-powered-by", children: [
+      "Secured by ",
+      /* @__PURE__ */ jsx12("strong", { children: "GitHat" })
+    ] })
+  ] });
+}
 export {
+  ChangePasswordForm,
+  ForgotPasswordForm,
   GitHatProvider,
   OrgSwitcher,
   ProtectedRoute,
+  ResetPasswordForm,
   SignInButton,
   SignInForm,
   SignUpButton,
   SignUpForm,
   UserButton,
   VerifiedBadge,
+  VerifyEmailStatus,
   useAuth,
+  useData,
   useGitHat
 };
 //# sourceMappingURL=index.mjs.map