npm - @hotosm/hanko-auth - Versions diffs - 0.2.5 → 0.3.1 - Mend

@hotosm/hanko-auth 0.2.5 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md +152 -146
package/dist/hanko-auth.esm.js +2292 -2205
package/dist/hanko-auth.iife.js +440 -0
package/dist/hanko-auth.umd.js +440 -0
package/package.json +1 -1
package/src/hanko-auth.ts +0 -2

package/README.md CHANGED Viewed

@@ -1,210 +1,216 @@
-# @hotosm/hanko-auth
+# Web Component: `<hotosm-auth>`
-Header authentication widget for HOTOSM applications. Displays login/logout state and user profile dropdown.
-**Note:** This package provides only the header widget. The actual login form and profile pages are hosted at the [HOTOSM Login service](https://login.hotosm.org). Users will be redirected there for authentication.
+Lit-based web component for HOTOSM SSO authentication with Hanko and OpenStreetMap integration.
 ## Installation
-Install the package and its peer dependency:
 ```bash
 # npm
-npm install @hotosm/hanko-auth @awesome.me/webawesome
+npm install @hotosm/hanko-auth
+# pnpm
+pnpm add @hotosm/hanko-auth
 # yarn
-yarn add @hotosm/hanko-auth @awesome.me/webawesome
+yarn add @hotosm/hanko-auth
+```
+### Peer Dependencies
+This package requires Web Awesome to be installed separately:
+```bash
+# npm
+npm install @awesome.me/webawesome
 # pnpm
-pnpm add @hotosm/hanko-auth @awesome.me/webawesome
+pnpm add @awesome.me/webawesome
+# yarn
+yarn add @awesome.me/webawesome
 ```
-## Usage
+**Why peer dependencies?**
+- Control the Web Awesome version in your project
+- Share Web Awesome across multiple packages without duplication
+- Reduce bundle size when multiple packages use Web Awesome
-### Basic Setup
+## Quick Start
+### Import the component
 ```javascript
-import '@awesome.me/webawesome';
-import '@hotosm/hanko-auth';
+// Import Web Awesome (required peer dependency)
+import "@awesome.me/webawesome";
+// Import the auth component
+import "@hotosm/hanko-auth";
+```
+### Use in HTML
+```html
+<hotosm-auth
+  hanko-url="https://login.hotosm.org"
+  show-profile="true"
+></hotosm-auth>
 ```
-### React/Preact
+### React Example
-```jsx
-import '@awesome.me/webawesome';
-import '@hotosm/hanko-auth';
+```tsx
+import { useEffect, useRef } from "react";
+import "@awesome.me/webawesome";
+import "@hotosm/hanko-auth";
-function Header() {
-  return (
-    <nav>
-      <hotosm-auth hanko-url="https://login.hotosm.org" />
-    </nav>
-  );
+export function AuthButton({ hankoUrl, onLogin }) {
+  const ref = useRef<HTMLElement>(null);
+  useEffect(() => {
+    const el = ref.current;
+    const handler = (e: CustomEvent) => onLogin(e.detail.user);
+    el?.addEventListener("hanko-login", handler);
+    return () => el?.removeEventListener("hanko-login", handler);
+  }, [onLogin]);
+  return <hotosm-auth ref={ref} hanko-url={hankoUrl} osm-required />;
 }
 ```
-### HTML
+## Attributes
-```html
-<!DOCTYPE html>
-<html>
-<head>
-  <meta name="hanko-url" content="https://login.hotosm.org">
-</head>
-<body>
-  <script type="module">
-    import '@awesome.me/webawesome';
-    import '@hotosm/hanko-auth';
-  </script>
-  <!-- Header auth widget -->
-  <nav>
-    <hotosm-auth></hotosm-auth>
-  </nav>
-</body>
-</html>
-```
+### Core
+| Attribute   | Type   | Default                  | Description                                |
+| ----------- | ------ | ------------------------ | ------------------------------------------ |
+| `hanko-url` | string | `window.location.origin` | Login service URL for Hanko authentication |
+| `base-path` | string | `""`                     | Base URL for OSM OAuth endpoints           |
+| `auth-path` | string | `/api/auth/osm`          | OSM auth endpoints path                    |
+### Behavior
+| Attribute        | Type    | Default        | Description                |
+| ---------------- | ------- | -------------- | -------------------------- |
+| `osm-required`   | boolean | `false`        | Require OSM connection     |
+| `osm-scopes`     | string  | `"read_prefs"` | Space-separated OSM scopes |
+| `auto-connect`   | boolean | `false`        | Auto-redirect to OSM OAuth |
+| `verify-session` | boolean | `false`        | Verify session on return   |
+### Display
+| Attribute      | Type    | Default | Description                          |
+| -------------- | ------- | ------- | ------------------------------------ |
+| `show-profile` | boolean | `false` | Show full profile (vs header button) |
+| `display-name` | string  | `""`    | Override display name                |
+### Redirects
+| Attribute               | Type   | Default | Description                |
+| ----------------------- | ------ | ------- | -------------------------- |
+| `redirect-after-login`  | string | `""`    | URL after successful login |
+| `redirect-after-logout` | string | `""`    | URL after logout           |
+### Cross-app
-## Component API
+| Attribute           | Type   | Default | Description                   |
+| ------------------- | ------ | ------- | ----------------------------- |
+| `mapping-check-url` | string | `""`    | URL to check user mapping     |
+| `app-id`            | string | `""`    | App identifier for onboarding |
-### Attributes/Properties
+## Events
-| Attribute | Type | Default | Description |
-|-----------|------|---------|-------------|
-| `hanko-url` | `string` | `window.location.origin` | Hanko API URL (e.g., `https://login.hotosm.org`) |
-| `redirect-after-login` | `string` | Current page | Redirect URL after successful login |
-| `redirect-after-logout` | `string` | `""` | Redirect URL after logout |
-| `display-name` | `string` | `""` | Override user display name |
-| `osm-required` | `boolean` | `false` | Show OSM connection requirement indicator |
-| `base-path` | `string` | `""` | Base path for API calls |
-| `auth-path` | `string` | `"/api/auth/osm"` | OSM connection check endpoint |
+The component dispatches the following custom events:
-### Events
+| Event           | Detail                 | When                        |
+| --------------- | ---------------------- | --------------------------- |
+| `hanko-login`   | `{ user: HankoUser }`  | User logged in              |
+| `osm-connected` | `{ osmData: OSMData }` | OSM account linked          |
+| `osm-skipped`   | `{}`                   | User skipped OSM connection |
+| `auth-complete` | `{}`                   | Auth flow complete          |
+| `logout`        | `{}`                   | User logged out             |
-The component dispatches custom events:
+### Event Handling Example
 ```javascript
-document.addEventListener('hanko-login', (event) => {
-  console.log('User logged in:', event.detail.user);
+const auth = document.querySelector("hotosm-auth");
+auth.addEventListener("hanko-login", (e) => {
+  console.log("Logged in:", e.detail.user.email);
 });
-document.addEventListener('hanko-logout', () => {
-  console.log('User logged out');
+auth.addEventListener("osm-connected", (e) => {
+  console.log("OSM connected:", e.detail.osmData.osm_username);
 });
-document.addEventListener('osm-connected', (event) => {
-  console.log('OSM connected:', event.detail.osmData);
+auth.addEventListener("logout", () => {
+  console.log("User logged out");
+  window.location.href = "/";
 });
 ```
-## Examples
+## Usage Modes
-### Basic Header Widget
+### Header Mode (default)
-```html
-<hotosm-auth
-  hanko-url="https://login.hotosm.org"
-></hotosm-auth>
-```
-### With Return URL
-Redirect users back to a specific page after login:
+Shows a compact login button in the header:
 ```html
-<hotosm-auth
-  hanko-url="https://login.hotosm.org"
-  redirect-after-login="/dashboard"
-></hotosm-auth>
+<header>
+  <hotosm-auth
+    hanko-url="https://login.hotosm.org"
+    redirect-after-login="/"
+  ></hotosm-auth>
+</header>
 ```
-### Check OSM Connection Status
+### Profile Mode
-Show indicator if OSM connection is required:
+Shows full authentication form (for login pages):
 ```html
 <hotosm-auth
   hanko-url="https://login.hotosm.org"
+  show-profile
   osm-required
-  auth-path="/api/auth/osm"
+  auto-connect
+  redirect-after-login="https://portal.hotosm.org"
 ></hotosm-auth>
 ```
-### Custom Display Name
+## Configuration
+### Hanko URL Detection
+The component detects the Hanko URL in the following priority order:
-Override the displayed user name:
+1. `hanko-url` attribute
+2. `<meta name="hanko-url" content="...">` tag
+3. `window.HANKO_URL` global variable
+4. `window.location.origin` (fallback)
 ```html
-<hotosm-auth
-  hanko-url="https://login.hotosm.org"
-  display-name="Custom Name"
-></hotosm-auth>
+<!-- Option 1: Attribute -->
+<hotosm-auth hanko-url="https://login.hotosm.org"></hotosm-auth>
+<!-- Option 2: Meta tag -->
+<meta name="hanko-url" content="https://login.hotosm.org" />
+<hotosm-auth></hotosm-auth>
+<!-- Option 3: JavaScript -->
+<script>
+  window.HANKO_URL = "https://login.hotosm.org";
+</script>
+<hotosm-auth></hotosm-auth>
 ```
 ## Styling
-The component uses the HOT design system with CSS custom properties injected from CDN:
-- `hotosm-ui-design/dist/hot.css` - Color, typography, spacing variables
-- `hotosm-ui-design/dist/hot-font-face.css` - Font definitions
-- `hotosm-ui-design/dist/hot-wa.css` - WebAwesome theme overrides
-You can override styles by setting CSS custom properties:
+The component uses Shadow DOM. Override styles with CSS custom properties:
 ```css
 hotosm-auth {
-  --hot-color-gray-800: #1a1a1a;
-  --hot-font-sans: 'Your Font', sans-serif;
+  --primary-color: #d73f3f;
+  --text-color: #333;
 }
 ```
-## Features
-- 🔐 **Authentication State** - Shows login/logout status and user info
-- 👤 **Profile Dropdown** - Quick access to profile and logout
-- 🗺️ **OSM Status Indicator** - Shows OpenStreetMap connection status
-- 🎨 **HOT Design System** - Consistent styling with HOT branding
-- 📱 **Responsive** - Works on desktop and mobile
-- ⚡ **Lightweight** - Built with Lit web components
-- 🔄 **Cross-App Sessions** - Shared authentication across HOT tools
-- 🎯 **Framework Agnostic** - Works with React, Vue, vanilla JS, etc.
-## How It Works
-1. **Logged Out**: Displays a "Log in" button
-2. **Click Login**: Redirects to `https://login.hotosm.org` for authentication
-3. **After Login**: User returns to your app (or `redirect-after-login` URL)
-4. **Logged In**: Shows user avatar with dropdown menu:
-   - My Profile (redirects to login service)
-   - OSM connection status
-   - Sign Out
-## Browser Support
-- Chrome/Edge (latest)
-- Firefox (latest)
-- Safari (latest)
-## Development
-```bash
-# Install dependencies
-pnpm install
-# Build
-pnpm build
-# Development with hot reload
-pnpm dev
-```
-## License
-AGPL-3.0
-## Links
-- [Documentation](https://hotosm.github.io/auth-docs)
-- [GitHub Repository](https://github.com/hotosm/login)
-- [Issues](https://github.com/hotosm/login/issues)
-- [HOTOSM Website](https://www.hotosm.org)