@hightjs/auth 0.4.0

package/dist/routes.js

@@ -0,0 +1,152 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAuthRoutes = createAuthRoutes;
+/*
+ * This file is part of the HightJS Project.
+ * Copyright (c) 2025 itsmuzin
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+const hightjs_1 = require("hightjs");
+const core_1 = require("./core");
+/**
+ * Cria o handler catch-all para /api/auth/[...value]
+ */
+function createAuthRoutes(config) {
+    const auth = new core_1.HWebAuth(config);
+    /**
+     * Handler principal que gerencia todas as rotas de auth
+     * Uso: /api/auth/[...value].ts
+     */
+    return {
+        pattern: '/api/auth/[...value]',
+        async GET(req, params) {
+            const path = params["value"];
+            const route = Array.isArray(path) ? path.join('/') : path || '';
+            // Verifica rotas adicionais dos providers primeiro
+            const additionalRoutes = auth.getAllAdditionalRoutes();
+            for (const { provider, route: additionalRoute } of additionalRoutes) {
+                if (additionalRoute.method === 'GET' && additionalRoute.path.includes(route)) {
+                    try {
+                        return await additionalRoute.handler(req, params);
+                    }
+                    catch (error) {
+                        console.error(`[${provider} Provider] Error in additional route:`, error);
+                        return hightjs_1.HightJSResponse.json({ error: 'Provider route error' }, { status: 500 });
+                    }
+                }
+            }
+            // Rotas padrão do sistema
+            switch (route) {
+                case 'session':
+                    return await handleSession(req, auth);
+                case 'csrf':
+                    return await handleCsrf(req);
+                case 'providers':
+                    return await handleProviders(auth);
+                default:
+                    return hightjs_1.HightJSResponse.json({ error: 'Route not found' }, { status: 404 });
+            }
+        },
+        async POST(req, params) {
+            const path = params["value"];
+            const route = Array.isArray(path) ? path.join('/') : path || '';
+            // Verifica rotas adicionais dos providers primeiro
+            const additionalRoutes = auth.getAllAdditionalRoutes();
+            for (const { provider, route: additionalRoute } of additionalRoutes) {
+                if (additionalRoute.method === 'POST' && additionalRoute.path.includes(route)) {
+                    try {
+                        return await additionalRoute.handler(req, params);
+                    }
+                    catch (error) {
+                        console.error(`[${provider} Provider] Error in additional route:`, error);
+                        return hightjs_1.HightJSResponse.json({ error: 'Provider route error' }, { status: 500 });
+                    }
+                }
+            }
+            // Rotas padrão do sistema
+            switch (route) {
+                case 'signin':
+                    return await handleSignIn(req, auth);
+                case 'signout':
+                    return await handleSignOut(req, auth);
+                default:
+                    return hightjs_1.HightJSResponse.json({ error: 'Route not found' }, { status: 404 });
+            }
+        },
+        // Instância do auth para uso manual
+        auth
+    };
+}
+/**
+ * Handler para GET /api/auth/session
+ */
+async function handleSession(req, auth) {
+    const session = await auth.getSession(req);
+    if (!session) {
+        return hightjs_1.HightJSResponse.json({ session: null });
+    }
+    return hightjs_1.HightJSResponse.json({ session });
+}
+/**
+ * Handler para GET /api/auth/csrf
+ */
+async function handleCsrf(req) {
+    // Token CSRF simples para proteção
+    const csrfToken = Math.random().toString(36).substring(2, 15) +
+        Math.random().toString(36).substring(2, 15);
+    return hightjs_1.HightJSResponse.json({ csrfToken });
+}
+/**
+ * Handler para GET /api/auth/providers
+ */
+async function handleProviders(auth) {
+    const providers = auth.getProviders();
+    return hightjs_1.HightJSResponse.json({ providers });
+}
+/**
+ * Handler para POST /api/auth/signin
+ */
+async function handleSignIn(req, auth) {
+    try {
+        const { provider = 'credentials', ...credentials } = await req.json();
+        const result = await auth.signIn(provider, credentials);
+        if (!result) {
+            return hightjs_1.HightJSResponse.json({ error: 'Invalid credentials' }, { status: 401 });
+        }
+        // Se tem redirectUrl, é OAuth - retorna URL para redirecionamento
+        if ('redirectUrl' in result) {
+            return hightjs_1.HightJSResponse.json({
+                success: true,
+                redirectUrl: result.redirectUrl,
+                type: 'oauth'
+            });
+        }
+        // Se tem session, é credentials - retorna sessão
+        return auth.createAuthResponse(result.token, {
+            success: true,
+            user: result.session.user,
+            type: 'session'
+        });
+    }
+    catch (error) {
+        console.error('[hweb-auth] Error on handleSignIn:', error);
+        return hightjs_1.HightJSResponse.json({ error: 'Authentication failed' }, { status: 500 });
+    }
+}
+/**
+ * Handler para POST /api/auth/signout
+ */
+async function handleSignOut(req, auth) {
+    return await auth.signOut(req);
+}

package/dist/types.d.ts

@@ -0,0 +1,76 @@
+export type User = Record<string, any>;
+export interface Session {
+    user: User;
+    expires: string;
+    accessToken?: string;
+}
+export interface SignInOptions {
+    redirect?: boolean;
+    callbackUrl?: string;
+    [key: string]: any;
+}
+export interface SignInResult {
+    error?: string;
+    status?: number;
+    ok?: boolean;
+    url?: string;
+}
+export interface SessionContextType {
+    data: Session | null;
+    status: 'loading' | 'authenticated' | 'unauthenticated';
+    signIn: (provider?: string, options?: SignInOptions) => Promise<SignInResult | undefined>;
+    signOut: (options?: {
+        callbackUrl?: string;
+    }) => Promise<void>;
+    update: () => Promise<Session | null>;
+}
+export interface AuthRoute {
+    method: 'GET' | 'POST' | 'PUT' | 'DELETE';
+    path: string;
+    handler: (req: any, params: any) => Promise<any>;
+}
+export interface AuthProviderClass {
+    id: string;
+    name: string;
+    type: string;
+    handleOauth?(credentials: Record<string, string>): Promise<string> | string;
+    handleSignIn(credentials: Record<string, string>): Promise<User | string | null>;
+    handleSignOut?(): Promise<void>;
+    additionalRoutes?: AuthRoute[];
+    getConfig?(): any;
+}
+export interface AuthConfig {
+    providers: AuthProviderClass[];
+    pages?: {
+        signIn?: string;
+        signOut?: string;
+        error?: string;
+    };
+    callbacks?: {
+        signIn?: (user: User, account: any, profile: any) => boolean | Promise<boolean>;
+        session?: ({ session, user, provider }: {
+            session: Session;
+            user: User;
+            provider: string;
+        }) => Session | Promise<Session>;
+        jwt?: (token: any, user: User, account: any, profile: any) => any | Promise<any>;
+    };
+    session?: {
+        strategy?: 'jwt' | 'database';
+        maxAge?: number;
+        updateAge?: number;
+    };
+    secret?: string;
+    debug?: boolean;
+    secureCookies?: boolean;
+}
+export interface CredentialsConfig {
+    id?: string;
+    name?: string;
+    credentials: Record<string, {
+        label: string;
+        type: string;
+        placeholder?: string;
+    }>;
+    authorize: (credentials: Record<string, string>) => Promise<User | null> | User | null;
+}

package/dist/types.js

@@ -0,0 +1,18 @@
+"use strict";
+/*
+ * This file is part of the HightJS Project.
+ * Copyright (c) 2025 itsmuzin
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });

package/package.json

@@ -0,0 +1,48 @@
+{
+  "name": "@hightjs/auth",
+  "version": "0.4.0",
+  "description": "Authentication package for HightJS framework",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "private": false,
+  "author": "itsmuzin",
+  "license": "Apache-2.0",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.js"
+    },
+    "./react": {
+      "types": "./dist/react/index.d.ts",
+      "import": "./dist/react/index.js",
+      "require": "./dist/react/index.js"
+    }
+  },
+  "keywords": [
+    "hightjs",
+    "auth",
+    "authentication",
+    "framework"
+  ],
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "devDependencies": {
+    "@types/node": "^20.11.24",
+    "rimraf": "^5.0.0",
+    "typescript": "^5.9.3"
+  },
+  "dependencies": {
+    "@types/react": "^19.2.2",
+    "react": "^19.2.0",
+    "hightjs": "0.4.0"
+  },
+  "scripts": {
+    "build": "tsc",
+    "build:watch": "tsc --watch",
+    "clean": "rimraf dist",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  }
+}