@hightjs/auth 0.4.0

package/dist/providers/google.js

@@ -0,0 +1,186 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GoogleProvider = void 0;
+const hightjs_1 = require("hightjs");
+/**
+ * Provider para autenticação com Google OAuth2
+ *
+ * Este provider permite autenticação usando Google OAuth2.
+ * Automaticamente gerencia o fluxo OAuth completo e rotas necessárias.
+ *
+ * Exemplo de uso:
+ * ```typescript
+ * new GoogleProvider({
+ * clientId: process.env.GOOGLE_CLIENT_ID!,
+ * clientSecret: process.env.GOOGLE_CLIENT_SECRET!,
+ * callbackUrl: "http://localhost:3000/api/auth/callback/google"
+ * })
+ * ```
+ *
+ * Fluxo de autenticação:
+ * 1. GET /api/auth/signin/google - Gera URL e redireciona para Google
+ * 2. Google redireciona para /api/auth/callback/google com código
+ * 3. Provider troca código por token e busca dados do usuário
+ * 4. Retorna objeto User com dados do Google
+ */
+class GoogleProvider {
+    constructor(config) {
+        this.type = 'google';
+        this.defaultScope = [
+            'openid',
+            'https://www.googleapis.com/auth/userinfo.email',
+            'https://www.googleapis.com/auth/userinfo.profile'
+        ];
+        /**
+         * Rotas adicionais específicas do Google OAuth
+         */
+        this.additionalRoutes = [
+            // Rota de callback do Google
+            {
+                method: 'GET',
+                path: '/api/auth/callback/google',
+                handler: async (req, params) => {
+                    const url = new URL(req.url || '', 'http://localhost');
+                    const code = url.searchParams.get('code');
+                    if (!code) {
+                        return hightjs_1.HightJSResponse.json({ error: 'Authorization code not provided' }, { status: 400 });
+                    }
+                    try {
+                        // Delega o 'code' para o endpoint de signin principal
+                        const authResponse = await fetch(`${req.headers.origin || 'http://localhost:3000'}/api/auth/signin`, {
+                            method: 'POST',
+                            headers: {
+                                'Content-Type': 'application/json',
+                            },
+                            body: JSON.stringify({
+                                provider: this.id,
+                                code,
+                            })
+                        });
+                        if (authResponse.ok) {
+                            // Propaga o cookie de sessão e redireciona para a URL de sucesso
+                            const setCookieHeader = authResponse.headers.get('set-cookie');
+                            if (this.config.successUrl) {
+                                return hightjs_1.HightJSResponse
+                                    .redirect(this.config.successUrl)
+                                    .header('Set-Cookie', setCookieHeader || '');
+                            }
+                            return hightjs_1.HightJSResponse.json({ success: true })
+                                .header('Set-Cookie', setCookieHeader || '');
+                        }
+                        else {
+                            const errorText = await authResponse.text();
+                            console.error(`[${this.id} Provider] Session creation failed during callback. Status: ${authResponse.status}, Body: ${errorText}`);
+                            return hightjs_1.HightJSResponse.json({ error: 'Session creation failed' }, { status: 500 });
+                        }
+                    }
+                    catch (error) {
+                        console.error(`[${this.id} Provider] Callback handler fetch error:`, error);
+                        return hightjs_1.HightJSResponse.json({ error: 'Internal server error' }, { status: 500 });
+                    }
+                }
+            }
+        ];
+        this.config = config;
+        this.id = config.id || 'google';
+        this.name = config.name || 'Google';
+    }
+    /**
+     * Método para gerar URL OAuth (usado pelo handleSignIn)
+     */
+    handleOauth(credentials = {}) {
+        return this.getAuthorizationUrl();
+    }
+    /**
+     * Método principal - redireciona para OAuth ou processa o callback
+     */
+    async handleSignIn(credentials) {
+        // Se tem código, é o callback - processa a autenticação
+        if (credentials.code) {
+            return await this.processOAuthCallback(credentials);
+        }
+        // Se não tem código, é o início do OAuth - retorna a URL
+        return this.handleOauth(credentials);
+    }
+    /**
+     * Processa o callback do OAuth (troca o código pelo usuário)
+     */
+    async processOAuthCallback(credentials) {
+        try {
+            const { code } = credentials;
+            if (!code) {
+                throw new Error('Authorization code not provided');
+            }
+            // Troca o código por um access token
+            const tokenResponse = await fetch('https://oauth2.googleapis.com/token', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/x-www-form-urlencoded',
+                },
+                body: new URLSearchParams({
+                    client_id: this.config.clientId,
+                    client_secret: this.config.clientSecret,
+                    grant_type: 'authorization_code',
+                    code,
+                    redirect_uri: this.config.callbackUrl || '',
+                }),
+            });
+            if (!tokenResponse.ok) {
+                const error = await tokenResponse.text();
+                throw new Error(`Failed to exchange code for token: ${error}`);
+            }
+            const tokens = await tokenResponse.json();
+            // Busca os dados do usuário com o access token
+            const userResponse = await fetch('https://www.googleapis.com/oauth2/v2/userinfo', {
+                headers: {
+                    'Authorization': `Bearer ${tokens.access_token}`,
+                },
+            });
+            if (!userResponse.ok) {
+                throw new Error('Failed to fetch user data');
+            }
+            const googleUser = await userResponse.json();
+            // Retorna o objeto User padronizado
+            return {
+                id: googleUser.id,
+                name: googleUser.name,
+                email: googleUser.email,
+                image: googleUser.picture || null,
+                provider: this.id,
+                providerId: googleUser.id,
+                accessToken: tokens.access_token,
+                refreshToken: tokens.refresh_token
+            };
+        }
+        catch (error) {
+            console.error(`[${this.id} Provider] Error during OAuth callback:`, error);
+            return null;
+        }
+    }
+    /**
+     * Gera a URL de autorização do Google
+     */
+    getAuthorizationUrl() {
+        const params = new URLSearchParams({
+            client_id: this.config.clientId,
+            redirect_uri: this.config.callbackUrl || '',
+            response_type: 'code',
+            scope: (this.config.scope || this.defaultScope).join(' ')
+        });
+        return `https://accounts.google.com/o/oauth2/v2/auth?${params.toString()}`;
+    }
+    /**
+     * Retorna a configuração pública do provider
+     */
+    getConfig() {
+        return {
+            id: this.id,
+            name: this.name,
+            type: this.type,
+            clientId: this.config.clientId, // Público
+            scope: this.config.scope || this.defaultScope,
+            callbackUrl: this.config.callbackUrl
+        };
+    }
+}
+exports.GoogleProvider = GoogleProvider;

package/dist/providers/index.d.ts

@@ -0,0 +1,2 @@
+export * from './credentials';
+export * from './discord';

package/dist/providers/index.js

@@ -0,0 +1,35 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+/*
+ * This file is part of the HightJS Project.
+ * Copyright (c) 2025 itsmuzin
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Exportações dos providers
+__exportStar(require("./credentials"), exports);
+__exportStar(require("./discord"), exports);

package/dist/providers.d.ts

@@ -0,0 +1,3 @@
+export { CredentialsProvider } from './providers/credentials';
+export { DiscordProvider } from './providers/discord';
+export { GoogleProvider } from './providers/google';

package/dist/providers.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GoogleProvider = exports.DiscordProvider = exports.CredentialsProvider = void 0;
+/*
+ * This file is part of the HightJS Project.
+ * Copyright (c) 2025 itsmuzin
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Exportações dos providers
+var credentials_1 = require("./providers/credentials");
+Object.defineProperty(exports, "CredentialsProvider", { enumerable: true, get: function () { return credentials_1.CredentialsProvider; } });
+var discord_1 = require("./providers/discord");
+Object.defineProperty(exports, "DiscordProvider", { enumerable: true, get: function () { return discord_1.DiscordProvider; } });
+var google_1 = require("./providers/google");
+Object.defineProperty(exports, "GoogleProvider", { enumerable: true, get: function () { return google_1.GoogleProvider; } });

package/dist/react/index.d.ts

@@ -0,0 +1,6 @@
+export * from '../react';
+export * from '../client';
+export * from '../components';
+export { getSession } from '../client';
+export { useSession, useAuth, SessionProvider } from '../react';
+export { ProtectedRoute, AuthGuard, GuestOnly } from '../components';

package/dist/react/index.js

@@ -0,0 +1,48 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GuestOnly = exports.AuthGuard = exports.ProtectedRoute = exports.SessionProvider = exports.useAuth = exports.useSession = exports.getSession = void 0;
+/*
+ * This file is part of the HightJS Project.
+ * Copyright (c) 2025 itsmuzin
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Exportações do frontend
+__exportStar(require("../react"), exports);
+__exportStar(require("../client"), exports);
+__exportStar(require("../components"), exports);
+// Re-exports das funções mais usadas para conveniência
+var client_1 = require("../client");
+Object.defineProperty(exports, "getSession", { enumerable: true, get: function () { return client_1.getSession; } });
+var react_1 = require("../react");
+Object.defineProperty(exports, "useSession", { enumerable: true, get: function () { return react_1.useSession; } });
+Object.defineProperty(exports, "useAuth", { enumerable: true, get: function () { return react_1.useAuth; } });
+Object.defineProperty(exports, "SessionProvider", { enumerable: true, get: function () { return react_1.SessionProvider; } });
+var components_1 = require("../components");
+Object.defineProperty(exports, "ProtectedRoute", { enumerable: true, get: function () { return components_1.ProtectedRoute; } });
+Object.defineProperty(exports, "AuthGuard", { enumerable: true, get: function () { return components_1.AuthGuard; } });
+Object.defineProperty(exports, "GuestOnly", { enumerable: true, get: function () { return components_1.GuestOnly; } });

package/dist/react.d.ts

@@ -0,0 +1,22 @@
+import { ReactNode } from 'react';
+import type { SessionContextType, User } from './types';
+interface SessionProviderProps {
+    children: ReactNode;
+    basePath?: string;
+    refetchInterval?: number;
+    refetchOnWindowFocus?: boolean;
+}
+export declare function SessionProvider({ children, basePath, refetchInterval, refetchOnWindowFocus }: SessionProviderProps): import("react/jsx-runtime").JSX.Element;
+/**
+ * Hook para acessar a sessão atual
+ */
+export declare function useSession(): SessionContextType;
+/**
+ * Hook para verificar se o usuário está autenticado
+ */
+export declare function useAuth(): {
+    user: User | null;
+    isAuthenticated: boolean;
+    isLoading: boolean;
+};
+export {};

package/dist/react.js

@@ -0,0 +1,199 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SessionProvider = SessionProvider;
+exports.useSession = useSession;
+exports.useAuth = useAuth;
+const jsx_runtime_1 = require("react/jsx-runtime");
+/*
+ * This file is part of the HightJS Project.
+ * Copyright (c) 2025 itsmuzin
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+const react_1 = require("react");
+const react_2 = require("hightjs/react");
+const SessionContext = (0, react_1.createContext)(undefined);
+function SessionProvider({ children, basePath = '/api/auth', refetchInterval = 0, refetchOnWindowFocus = true }) {
+    const [session, setSession] = (0, react_1.useState)(null);
+    const [status, setStatus] = (0, react_1.useState)('loading');
+    // Fetch da sessão atual
+    const fetchSession = (0, react_1.useCallback)(async () => {
+        try {
+            const response = await fetch(`${basePath}/session`, {
+                credentials: 'include'
+            });
+            if (!response.ok) {
+                setStatus('unauthenticated');
+                return null;
+            }
+            const data = await response.json();
+            const sessionData = data.session;
+            if (sessionData) {
+                setSession(sessionData);
+                setStatus('authenticated');
+                return sessionData;
+            }
+            else {
+                setSession(null);
+                setStatus('unauthenticated');
+                return null;
+            }
+        }
+        catch (error) {
+            console.error('[hweb-auth] Error fetching session:', error);
+            setSession(null);
+            setStatus('unauthenticated');
+            return null;
+        }
+    }, [basePath]);
+    // SignIn function
+    const signIn = (0, react_1.useCallback)(async (provider = 'credentials', options = {}) => {
+        try {
+            const { redirect = true, callbackUrl, ...credentials } = options;
+            const response = await fetch(`${basePath}/signin`, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+                credentials: 'include',
+                body: JSON.stringify({
+                    provider,
+                    ...credentials
+                })
+            });
+            const data = await response.json();
+            if (response.ok && data.success) {
+                await fetchSession();
+                // Se é OAuth, redireciona para URL fornecida
+                if (data.type === 'oauth' && data.redirectUrl) {
+                    if (redirect && typeof window !== 'undefined') {
+                        window.location.href = data.redirectUrl;
+                    }
+                    return {
+                        ok: true,
+                        status: 200,
+                        url: data.redirectUrl
+                    };
+                }
+                // Se é sessão (credentials), redireciona para callbackUrl
+                if (data.type === 'session') {
+                    if (redirect && typeof window !== 'undefined') {
+                        window.location.href = callbackUrl || '/';
+                    }
+                    return {
+                        ok: true,
+                        status: 200,
+                        url: callbackUrl || '/'
+                    };
+                }
+            }
+            else {
+                return {
+                    error: data.error || 'Authentication failed',
+                    status: response.status,
+                    ok: false
+                };
+            }
+        }
+        catch (error) {
+            console.error('[hweb-auth] Error on signIn:', error);
+            return {
+                error: 'Network error',
+                status: 500,
+                ok: false
+            };
+        }
+    }, [basePath, fetchSession]);
+    // SignOut function
+    const signOut = (0, react_1.useCallback)(async (options = {}) => {
+        try {
+            await fetch(`${basePath}/signout`, {
+                method: 'POST',
+                credentials: 'include'
+            });
+            setSession(null);
+            setStatus('unauthenticated');
+            if (typeof window !== 'undefined') {
+                try {
+                    react_2.router.push(options.callbackUrl || '/');
+                }
+                catch (e) {
+                    window.location.href = options.callbackUrl || '/';
+                }
+            }
+        }
+        catch (error) {
+            console.error('[hweb-auth] Error on signOut:', error);
+        }
+    }, [basePath]);
+    // Update session
+    const update = (0, react_1.useCallback)(async () => {
+        return await fetchSession();
+    }, [fetchSession]);
+    // Initial session fetch
+    (0, react_1.useEffect)(() => {
+        fetchSession();
+    }, [fetchSession]);
+    // Refetch interval
+    (0, react_1.useEffect)(() => {
+        if (refetchInterval > 0) {
+            const interval = setInterval(() => {
+                if (status === 'authenticated') {
+                    fetchSession();
+                }
+            }, refetchInterval * 1000);
+            return () => clearInterval(interval);
+        }
+    }, [refetchInterval, status, fetchSession]);
+    // Refetch on window focus
+    (0, react_1.useEffect)(() => {
+        if (refetchOnWindowFocus) {
+            const handleFocus = () => {
+                if (status === 'authenticated') {
+                    fetchSession();
+                }
+            };
+            window.addEventListener('focus', handleFocus);
+            return () => window.removeEventListener('focus', handleFocus);
+        }
+    }, [refetchOnWindowFocus, status, fetchSession]);
+    const value = {
+        data: session,
+        status,
+        signIn,
+        signOut,
+        update
+    };
+    return ((0, jsx_runtime_1.jsx)(SessionContext.Provider, { value: value, children: children }));
+}
+/**
+ * Hook para acessar a sessão atual
+ */
+function useSession() {
+    const context = (0, react_1.useContext)(SessionContext);
+    if (context === undefined) {
+        throw new Error('useSession must be used inside a SessionProvider');
+    }
+    return context;
+}
+/**
+ * Hook para verificar se o usuário está autenticado
+ */
+function useAuth() {
+    const { data: session, status } = useSession();
+    return {
+        user: session?.user || null,
+        isAuthenticated: status === 'authenticated',
+        isLoading: status === 'loading'
+    };
+}

package/dist/routes.d.ts

@@ -0,0 +1,16 @@
+import { HightJSRequest } from 'hightjs';
+import type { AuthConfig } from './types';
+import { HWebAuth } from './core';
+/**
+ * Cria o handler catch-all para /api/auth/[...value]
+ */
+export declare function createAuthRoutes(config: AuthConfig): {
+    pattern: string;
+    GET(req: HightJSRequest, params: {
+        [key: string]: string;
+    }): Promise<any>;
+    POST(req: HightJSRequest, params: {
+        [key: string]: string;
+    }): Promise<any>;
+    auth: HWebAuth;
+};