@grasp-labs/ds-microfrontends-integration 0.6.2 → 0.8.0

package/README.md

@@ -218,6 +218,21 @@ These dependencies are configured as singletons to prevent multiple instances an
 npm install
 ```
 
+### Dev auth middleware
+
+`devAuthMiddleware` adds a quick login screen to your local Express setup and reuses the returned token for every backend call. Mount it before anything that proxies to your APIs so outbound requests get `Authorization: Bearer <token>` automatically.
+
+```ts
+import express from "express";
+import { devAuthMiddleware } from "@grasp-labs/ds-microfrontends-integration/dev";
+
+const app = express();
+
+app.use(devAuthMiddleware());
+```
+
+Skip the form entirely by setting `DEV_AUTH_TOKEN` (env var or `.env` file) before starting the server. Need a token? Call the dev auth endpoint with your usual credentials and copy the `access_token`.
+
 ### Scripts
 
 - `npm run build` - Build the library

package/dist/dev/express-auth-middleware.d.ts

@@ -0,0 +1,49 @@
+import { Request, Response, NextFunction } from 'express';
+export type DevLoginOptions = {
+    /**
+     * Path segment or absolute path for the login page. Values are trimmed and
+     * automatically prefixed with "/" when missing (e.g. "__login" => "/__login").
+     * @default "/__login"
+     */
+    loginPath?: string;
+    /**
+     * Location to redirect to after successful authentication. The same
+     * normalization rules apply as for {@link loginPath}.
+     * @default "/"
+     */
+    redirectAfterLoginPathTo?: string;
+    /**
+     * Fully qualified URL of the backend dev auth login endpoint.
+     * @default "https://auth-dev.grasp-daas.com/rest-auth/login/"
+     */
+    authEndpoint?: string;
+};
+/**
+ * Simple Express middleware that forces a one-page dev login and then injects
+ * `Authorization: Bearer <token>` for subsequent requests. Mount it ahead of
+ * any backend proxy (e.g. `createProxyMiddleware`) so outgoing calls receive
+ * the token.
+ *
+ * Skip the login screen by setting `DEV_AUTH_TOKEN` before starting your app
+ * (via `.env` or the shell). Tokens can be created by calling the dev auth
+ * endpoint with your normal credentials and copying the `access_token`.
+ *
+ * @example
+ * ```typescript
+ * import express from 'express';
+ * import { devAuthMiddleware } from '@grasp-labs/ds-microfrontends-integration/dev';
+ *
+ * const app = express();
+ * app.use(devAuthMiddleware());
+ * ```
+ */
+export declare function devAuthMiddleware(options?: DevLoginOptions): (req: Request, res: Response, next: NextFunction) => Promise<any>;
+/**
+ * Simple in-memory token store backed by process.env.
+ * Preloading `DEV_AUTH_TOKEN` (e.g. via a `.env` file or shell env var) skips the login flow entirely.
+ */
+export declare const DEV_AUTH_TOKEN: {
+    readonly get: () => string | undefined;
+    readonly set: (token: string) => void;
+    readonly exists: () => boolean;
+};

package/dist/dev/express-auth-middleware.js

@@ -0,0 +1,242 @@
+import { urlencoded as b } from "express";
+function w(e) {
+  const t = e.loginPath, r = e.errorMessage ?? "", n = y(r);
+  return `<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Login</title>
+    <style>
+      :root {
+        --border: 1px solid oklch(100% 0 0/0.1);
+      }
+
+      * {
+        margin: 0;
+        padding: 0;
+        box-sizing: border-box;
+        font-size: 14px;
+        border-radius: 8px;
+      }
+
+      body {
+        font-family: sans-serif;
+        background-color: oklch(0.14 0 0);
+        color: oklch(1 0 0);
+        display: flex;
+        justify-content: center;
+        padding-top: 20svh;
+      }
+
+      main {
+        width: 100%;
+        max-width: 320px;
+      }
+
+      h1 {
+        font-size: 24px;
+        margin-bottom: 8px;
+        color: oklch(0.95 0 0);
+      }
+
+      p {
+        color: oklch(0.6 0 0);
+        margin-bottom: 24px;
+      }
+
+      form {
+        display: flex;
+        flex-direction: column;
+        gap: 14px;
+      }
+
+      input {
+        padding: 10px 12px;
+        border: var(--border);
+        background-color: oklch(0.2 0 0);
+        color: oklch(0.95 0 0);
+      }
+
+      input:focus {
+        outline: none;
+        border-color: oklch(0.7 0 0);
+      }
+
+      button {
+        padding: 10px 12px;
+        border: none;
+        background-color: oklch(0.488 0.243 264.376);
+        color: white;
+        cursor: pointer;
+      }
+
+      button:hover {
+        background-color: oklch(0.588 0.243 264.376);
+      }
+
+      .error-block {
+        padding: 12px;
+        margin-top: 20px;
+        border: var(--border);
+        background-color: oklch(0.20 0 0);
+        color: oklch(0.71 0.17 22);
+        margin-bottom: 14px;
+        display: none;
+      }
+
+      .error-block pre {
+        margin: 0;
+        white-space: pre-wrap;
+        word-break: break-word;
+      }
+    </style>
+  </head>
+  <body>
+    <main>
+      <div>
+        <h1>Login</h1>
+        <p>Provide credentials to unlock the dev server</p>
+      </div>
+
+      <form method="POST" action="${t}">
+        <input type="text" placeholder="Email" name="email" required />
+        <input
+          type="password"
+          placeholder="Password"
+          name="password"
+          required
+        />
+        <button type="submit">Login</button>
+        <div class="error-block" style="display: ${r ? "block" : "none"};">
+          <pre>${n}</pre>
+        </div>
+      </form>
+    </main>
+  </body>
+</html>`;
+}
+function y(e) {
+  return e.replace(/[&<>"']/g, (t) => {
+    switch (t) {
+      case "&":
+        return "&amp;";
+      case "<":
+        return "&lt;";
+      case ">":
+        return "&gt;";
+      case '"':
+        return "&quot;";
+      case "'":
+        return "&#39;";
+      default:
+        return t;
+    }
+  });
+}
+function E(e = {}) {
+  const {
+    loginPath: t = "/__login",
+    redirectAfterLoginPathTo: r = "/",
+    authEndpoint: n = "https://auth-dev.grasp-daas.com/rest-auth/login/"
+  } = e, o = g(t, "loginPath"), c = g(
+    r,
+    "redirectAfterLoginPathTo"
+  ), m = k();
+  return async (s, i, p) => {
+    if (l.exists())
+      return s.path === o ? i.redirect(c) : (s.headers.authorization = `Bearer ${l.get()}`, p());
+    if (s.path !== o)
+      return i.redirect(o);
+    if (s.method === "GET")
+      return d(i, o);
+    if (s.method === "POST") {
+      try {
+        await m(s, i);
+      } catch (a) {
+        return p(a);
+      }
+      const { email: u, password: h } = s.body ?? {};
+      if (!u || !h)
+        return d(i, o, "Email and password are required.");
+      try {
+        const { access_token: a } = await x({
+          email: u,
+          password: h,
+          authEndpoint: n
+        });
+        return l.set(a), i.redirect(303, c);
+      } catch (a) {
+        const f = `${a instanceof Error ? a.message : String(a)}`;
+        return d(i, o, f);
+      }
+    }
+    return i.status(405).send("Method Not Allowed");
+  };
+}
+function g(e, t) {
+  const r = e.trim();
+  if (!r)
+    throw new Error(
+      `devAuthMiddleware ${t} must be a non-empty string`
+    );
+  return r.startsWith("/") ? r : `/${r}`;
+}
+function d(e, t, r) {
+  return e.type("html").send(
+    w({
+      loginPath: t,
+      errorMessage: r
+    })
+  );
+}
+function k() {
+  const e = b({ extended: !0 });
+  return (t, r) => new Promise((n, o) => {
+    e(t, r, (c) => {
+      if (c) {
+        o(c);
+        return;
+      }
+      n();
+    });
+  });
+}
+async function x({
+  email: e,
+  password: t,
+  authEndpoint: r
+}) {
+  const n = await fetch(r, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify({
+      email: e,
+      password: t,
+      remember_me: !0
+    })
+  });
+  if (!n.ok)
+    throw new Error(
+      `Authentication failed with status ${n.status} and response: ${await n.text()}`
+    );
+  const o = await n.json();
+  if (!("access_token" in o && "refresh_token" in o))
+    throw new Error(
+      `Authentication response is missing access_token or refresh_token: ${JSON.stringify(o, null, 2)}`
+    );
+  return o;
+}
+const l = {
+  get: () => process.env.DEV_AUTH_TOKEN,
+  set: (e) => {
+    process.env.DEV_AUTH_TOKEN = e;
+  },
+  exists: () => typeof process.env.DEV_AUTH_TOKEN == "string" && process.env.DEV_AUTH_TOKEN.length > 0
+};
+export {
+  l as DEV_AUTH_TOKEN,
+  E as devAuthMiddleware
+};

package/dist/dev/login-page.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Renders the login page markup with optional error messaging.
+ */
+export declare function buildLoginPage(options: {
+    loginPath: string;
+    errorMessage?: string;
+}): string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@grasp-labs/ds-microfrontends-integration",
-  "version": "0.6.2",
+  "version": "0.8.0",
   "private": false,
   "license": "Apache-2.0",
   "type": "module",
@@ -17,6 +17,10 @@
       "import": "./dist/mf-common.js",
       "types": "./dist/mf-common.d.ts"
     },
+    "./dev": {
+      "import": "./dist/dev/express-auth-middleware.js",
+      "types": "./dist/dev/express-auth-middleware.d.ts"
+    },
     "./styles.css": "./src/index.css"
   },
   "files": [
@@ -44,11 +48,17 @@
     "@module-federation/vite": "^1.0.0",
     "ajv": "^8.0.0",
     "axios": "^1.7.9",
+    "express": "^5.0.0",
     "react": "^19.1.0",
     "react-dom": "^19.1.0",
     "react-hook-form": "^7.0.0",
     "react-router": "^7.8.2"
   },
+  "peerDependenciesMeta": {
+    "express": {
+      "optional": true
+    }
+  },
   "devDependencies": {
     "@eslint/js": "^9.32.0",
     "@grasp-labs/ds-react-components": "^0.13.0",
@@ -60,6 +70,7 @@
     "@testing-library/jest-dom": "^6.6.3",
     "@testing-library/react": "^16.3.0",
     "@testing-library/user-event": "^14.6.1",
+    "@types/express": "^5.0.5",
     "@types/node": "^22.16.5",
     "@types/react": "^19.1.10",
     "@types/react-dom": "^19.1.7",
@@ -71,6 +82,7 @@
     "eslint-plugin-prettier": "^5.5.3",
     "eslint-plugin-react-hooks": "^5.2.0",
     "eslint-plugin-storybook": "^9.1.0",
+    "express": "^5.1.0",
     "globals": "^16.2.0",
     "jsdom": "^26.1.0",
     "json-edit-react": "^1.29.0",