@habityzer/nuxt-symfony-kinde-layer 2.2.1 → 2.2.2

package/CHANGELOG.md

@@ -1,3 +1,11 @@
+## [2.2.2](https://github.com/Habityzer/nuxt-symfony-kinde-layer/compare/v2.2.1...v2.2.2) (2026-02-18)
+
+
+### Bug Fixes
+
+* Enhance Kinde authentication configuration and type safety ([ee59fc4](https://github.com/Habityzer/nuxt-symfony-kinde-layer/commit/ee59fc4d97832f9effcedb613c9c57773cee3d80))
+* Update pnpm lockfile to use published @habityzer/nuxt-kinde-auth package ([39e9f2c](https://github.com/Habityzer/nuxt-symfony-kinde-layer/commit/39e9f2c19ffa5f731cef610bd219dc3f4ba90bf5))
+
 ## [2.2.1](https://github.com/Habityzer/nuxt-symfony-kinde-layer/compare/v2.2.0...v2.2.1) (2026-02-13)
 
 # [2.2.0](https://github.com/Habityzer/nuxt-symfony-kinde-layer/compare/v2.1.4...v2.2.0) (2026-02-13)

package/app/composables/useAuth.ts

@@ -1,4 +1,5 @@
 import { computed, ref, readonly } from 'vue'
+import type { KindeAuthRuntimeConfig } from '../../types/kinde-auth'
 import { E2E_TOKEN_COOKIE_NAME } from '../constants/auth'
 
 const LEGACY_E2E_STORAGE_KEY = 'e2e_app_token'
@@ -110,7 +111,7 @@ export const useAuth = () => {
     // Clear auth cookies first so route middleware blocks protected pages immediately.
     if (import.meta.client) {
       const config = useRuntimeConfig()
-      const kindeConfig = config.public.kindeAuth || {}
+      const kindeConfig = (config.public.kindeAuth || {}) as KindeAuthRuntimeConfig
       const cookieConfig = kindeConfig.cookie || {}
       const middlewareConfig = kindeConfig.middleware || {}
       const cookiePrefix = requireString(cookieConfig.prefix, 'kindeAuth.cookie.prefix')

package/app/plugins/auth-guard.client.ts

@@ -1,10 +1,11 @@
+import type { KindeAuthRuntimeConfig } from '../../types/kinde-auth'
+
 export default defineNuxtPlugin(() => {
   const router = useRouter()
   const config = useRuntimeConfig()
-  const kindeConfig = config.public.kindeAuth || {}
+  const kindeConfig = (config.public.kindeAuth || {}) as KindeAuthRuntimeConfig
   const middlewareConfig = kindeConfig.middleware || {}
   const cookieConfig = kindeConfig.cookie || {}
-  // @ts-expect-error - cookie property exists in runtime config but not in module types
   const cookiePrefix = requireString(cookieConfig.prefix, 'kindeAuth.cookie.prefix')
   const idTokenBaseName = requireString(cookieConfig.idTokenName, 'kindeAuth.cookie.idTokenName')
   const accessTokenBaseName = requireString(cookieConfig.accessTokenName, 'kindeAuth.cookie.accessTokenName')

package/nuxt.config.ts

@@ -25,7 +25,6 @@ export default defineNuxtConfig({
   modules: [
     '@nuxt/eslint',
     '@nuxt/ui',
-    '@nuxt/image',
     '@habityzer/nuxt-kinde-auth',
     '@pinia/nuxt'
   ],
@@ -136,15 +135,31 @@ export default defineNuxtConfig({
   pinia: {}
 })
 
+// Mapping of runtime config keys to their environment variable names
+const CONFIG_TO_ENV_MAP: Record<string, string> = {
+  'runtimeConfig.public.kindeAuth.cookie.prefix': 'NUXT_PUBLIC_AUTH_COOKIE_PREFIX',
+  'runtimeConfig.public.kindeAuth.middleware.clockSkewSeconds': 'NUXT_PUBLIC_AUTH_CLOCK_SKEW_SECONDS',
+  'kindeAuth.cookie.prefix': 'NUXT_PUBLIC_AUTH_COOKIE_PREFIX',
+  'kindeAuth.authDomain': 'KINDE_AUTH_DOMAIN',
+  'kindeAuth.clientId': 'KINDE_CLIENT_ID',
+  'kindeAuth.clientSecret': 'KINDE_CLIENT_SECRET',
+  'kindeAuth.redirectURL': 'KINDE_REDIRECT_URL',
+  'kindeAuth.logoutRedirectURL': 'KINDE_LOGOUT_REDIRECT_URL'
+}
+
 function assertRequiredString(value: unknown, key: string) {
   if (typeof value !== 'string' || value.trim().length === 0) {
-    throw new Error(`[nuxt-symfony-kinde-layer] Missing required config: ${key}`)
+    const envVar = CONFIG_TO_ENV_MAP[key]
+    const envVarHint = envVar ? `\n\n  \x1b[1m\x1b[33m→ Set the environment variable:\x1b[0m \x1b[1m\x1b[36m${envVar}\x1b[0m\n  \x1b[90mAdd it to your .env file (see .env.example for reference)\x1b[0m` : ''
+    throw new Error(`[nuxt-symfony-kinde-layer] \x1b[1m\x1b[31mMissing required config:\x1b[0m ${key}${envVarHint}`)
   }
 }
 
 function assertRequiredNumber(value: unknown, key: string) {
   if (typeof value !== 'number' || !Number.isFinite(value) || value < 0) {
-    throw new Error(`[nuxt-symfony-kinde-layer] Missing or invalid required numeric config: ${key}`)
+    const envVar = CONFIG_TO_ENV_MAP[key]
+    const envVarHint = envVar ? `\n\n  \x1b[1m\x1b[33m→ Set the environment variable:\x1b[0m \x1b[1m\x1b[36m${envVar}\x1b[0m\n  \x1b[90mAdd it to your .env file (see .env.example for reference)\x1b[0m` : ''
+    throw new Error(`[nuxt-symfony-kinde-layer] \x1b[1m\x1b[31mMissing or invalid required numeric config:\x1b[0m ${key}${envVarHint}`)
   }
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@habityzer/nuxt-symfony-kinde-layer",
-  "version": "2.2.1",
+  "version": "2.2.2",
   "description": "Shared Nuxt layer for Symfony + Kinde authentication integration",
   "type": "module",
   "main": "./nuxt.config.ts",
@@ -23,11 +23,11 @@
   "author": "Habityzer",
   "license": "MIT",
   "dependencies": {
-    "@habityzer/nuxt-kinde-auth": "^1.2.0",
-    "@pinia/nuxt": "^0.11.2",
-    "@nuxt/ui": "^4.0.1",
-    "@nuxt/image": "^1.11.0",
+    "@habityzer/nuxt-kinde-auth": "^1.2.2",
     "@nuxt/eslint": "^1.9.0",
+    "@nuxt/image": "^1.11.0",
+    "@nuxt/ui": "^4.0.1",
+    "@pinia/nuxt": "^0.11.2",
     "@vueuse/core": "^13.9.0",
     "nuxt": "^4.1.3",
     "vue": "^3.5.22",
@@ -35,20 +35,20 @@
   },
   "devDependencies": {
     "@commitlint/config-conventional": "^19.8.1",
-    "commitlint": "^19.8.1",
-    "conventional-changelog-conventionalcommits": "^9.1.0",
+    "@habityzer/nuxt-openapi-composables": "^1.1.0",
+    "@iconify-json/heroicons": "^1.2.3",
     "@semantic-release/changelog": "^6.0.3",
     "@semantic-release/commit-analyzer": "^13.0.1",
     "@semantic-release/git": "^10.0.1",
     "@semantic-release/npm": "^12.0.1",
     "@semantic-release/release-notes-generator": "^14.1.0",
-    "@habityzer/nuxt-openapi-composables": "^1.1.0",
-    "@iconify-json/heroicons": "^1.2.3",
-    "openapi-typescript": "^7.10.0",
-    "typescript": "^5.9.3",
+    "commitlint": "^19.8.1",
+    "conventional-changelog-conventionalcommits": "^9.1.0",
     "eslint": "^9.37.0",
+    "husky": "^9.0.0",
+    "openapi-typescript": "^7.10.0",
     "semantic-release": "^24.2.9",
-    "husky": "^9.0.0"
+    "typescript": "^5.9.3"
   },
   "peerDependencies": {
     "nuxt": "^3.0.0 || ^4.0.0"

package/server/api/symfony/[...].ts

@@ -12,9 +12,11 @@
  * @see .cursorrules for proxy best practices
  */
 
+import type { KindeAuthRuntimeConfig } from '../../../types/kinde-auth'
+
 export default defineEventHandler(async (event) => {
   const config = useRuntimeConfig()
-  const kindeConfig = config.public.kindeAuth || {}
+  const kindeConfig = (config.public.kindeAuth || {}) as KindeAuthRuntimeConfig
   const middlewareConfig = kindeConfig.middleware || {}
   const cookieConfig = kindeConfig.cookie || {}
   const appTokenPrefix = requireString(middlewareConfig.appTokenPrefix, 'kindeAuth.middleware.appTokenPrefix')
@@ -32,7 +34,7 @@ export default defineEventHandler(async (event) => {
 
   // Check if this is a public API route (no auth required)
   const publicApiRoutes
-    = config.public.kindeAuth?.middleware?.publicApiRoutes || []
+    = (config.public.kindeAuth as KindeAuthRuntimeConfig | undefined)?.middleware?.publicApiRoutes || []
   const isPublicRoute = publicApiRoutes.some((route: string) => {
     if (route.endsWith('/**')) {
       const prefix = route.slice(0, -3)
@@ -124,13 +126,13 @@ export default defineEventHandler(async (event) => {
     // Get Content-Type to determine how to handle body
     const contentType = getHeader(event, 'content-type') || ''
 
-    let body: string | undefined
+    let body: string | Buffer | undefined
 
     // Handle multipart/form-data specially (preserve binary data and MIME types)
     if (contentType.includes('multipart/form-data')) {
       // For multipart/form-data, read the raw body without parsing
       // This preserves the boundary and binary data including MIME types
-      body = await readRawBody(event, false)
+      body = await readRawBody(event, false) as string | Buffer | undefined
     } else if (method !== 'GET' && method !== 'HEAD') {
       // For other content types (JSON, etc.), read and parse the body
       body = await readBody(event)

package/types/kinde-auth.d.ts

@@ -6,11 +6,19 @@ declare module '@habityzer/nuxt-kinde-auth' {
   interface ModuleOptions {
     cookie?: {
       prefix?: string
+      idTokenName?: string
+      accessTokenName?: string
+      refreshTokenName?: string
     }
     middleware?: {
       enabled?: boolean
       global?: boolean
       publicRoutes?: string[]
+      publicApiRoutes?: string[]
+      e2eTokenCookieName?: string
+      appTokenPrefix?: string
+      clockSkewSeconds?: number
+      loginPath?: string
     }
     debug?: {
       enabled?: boolean
@@ -18,4 +26,25 @@ declare module '@habityzer/nuxt-kinde-auth' {
   }
 }
 
-export {}
+/** Runtime config shape for kindeAuth (used for type-safe access in layer code) */
+export interface KindeAuthRuntimeConfig {
+  cookie?: {
+    prefix?: string
+    idTokenName?: string
+    accessTokenName?: string
+    refreshTokenName?: string
+  }
+  middleware?: {
+    enabled?: boolean
+    global?: boolean
+    publicRoutes?: string[]
+    publicApiRoutes?: string[]
+    e2eTokenCookieName?: string
+    appTokenPrefix?: string
+    clockSkewSeconds?: number
+    loginPath?: string
+  }
+  debug?: {
+    enabled?: boolean
+  }
+}