@jskit-ai/auth-web 0.1.8 → 0.1.10

package/package.descriptor.mjs

@@ -1,7 +1,7 @@
 export default Object.freeze({
   "packageVersion": 1,
   "packageId": "@jskit-ai/auth-web",
-  "version": "0.1.8",
+  "version": "0.1.10",
   "description": "Auth web module: Fastify auth routes plus web login/sign-out scaffolds.",
   "dependsOn": [
     "@jskit-ai/auth-core",
@@ -219,19 +219,23 @@ export default Object.freeze({
   "mutations": {
     "dependencies": {
       "runtime": {
-        "@tanstack/vue-query": "^5.90.5",
+        "@tanstack/vue-query": "5.92.12",
         "@mdi/js": "^7.4.47",
         "@fastify/type-provider-typebox": "^6.1.0",
-        "@jskit-ai/auth-core": "0.1.8",
-        "@jskit-ai/http-runtime": "0.1.8",
-        "@jskit-ai/kernel": "0.1.8",
-        "@jskit-ai/shell-web": "0.1.8",
+        "@jskit-ai/auth-core": "0.1.10",
+        "@jskit-ai/http-runtime": "0.1.10",
+        "@jskit-ai/kernel": "0.1.10",
+        "@jskit-ai/shell-web": "0.1.10",
         "vuetify": "^4.0.0"
       },
       "dev": {}
     },
     "packageJson": {
-      "scripts": {}
+      "scripts": {
+        "server:auth": "SERVER_SURFACE=auth node ./bin/server.js",
+        "dev:auth": "VITE_SURFACE=auth vite",
+        "build:auth": "VITE_SURFACE=auth vite build"
+      }
     },
     "procfile": {},
     "files": [

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jskit-ai/auth-web",
-  "version": "0.1.8",
+  "version": "0.1.10",
   "type": "module",
   "scripts": {
     "test": "node --test"
@@ -18,12 +18,12 @@
   },
   "dependencies": {
     "@tanstack/vue-query": "^5.90.5",
-    "@jskit-ai/auth-core": "0.1.8",
+    "@jskit-ai/auth-core": "0.1.10",
     "@mdi/js": "^7.4.47",
     "@fastify/type-provider-typebox": "^6.1.0",
-    "@jskit-ai/kernel": "0.1.8",
-    "@jskit-ai/shell-web": "0.1.8",
+    "@jskit-ai/kernel": "0.1.10",
+    "@jskit-ai/shell-web": "0.1.10",
     "vuetify": "^4.0.0",
-    "@jskit-ai/http-runtime": "0.1.8"
+    "@jskit-ai/http-runtime": "0.1.10"
   }
 }

package/src/client/composables/loginView/constants.js

@@ -0,0 +1,42 @@
+const LOGIN_MODE = "login";
+const REGISTER_MODE = "register";
+const FORGOT_MODE = "forgot";
+const OTP_MODE = "otp";
+const EMAIL_CONFIRMATION_MODE = "confirm-email";
+
+const AUTH_TITLE_BY_MODE = Object.freeze({
+  [LOGIN_MODE]: "Welcome back",
+  [REGISTER_MODE]: "Create your account",
+  [FORGOT_MODE]: "Reset your password",
+  [OTP_MODE]: "Use one-time code",
+  [EMAIL_CONFIRMATION_MODE]: "Confirm your email"
+});
+
+const AUTH_SUBTITLE_BY_MODE = Object.freeze({
+  [LOGIN_MODE]: "Sign in to continue.",
+  [REGISTER_MODE]: "Register to access your workspace.",
+  [FORGOT_MODE]: "We will send password reset instructions to your email.",
+  [OTP_MODE]: "Request a one-time login code and verify it below."
+});
+
+const SUBMIT_LABEL_BY_MODE = Object.freeze({
+  [LOGIN_MODE]: "Sign in",
+  [REGISTER_MODE]: "Register",
+  [FORGOT_MODE]: "Send reset instructions",
+  [OTP_MODE]: "Verify code",
+  [EMAIL_CONFIRMATION_MODE]: "Continue"
+});
+
+const DEFAULT_REGISTER_CONFIRMATION_MESSAGE = "Check your email to confirm the account before logging in.";
+
+export {
+  LOGIN_MODE,
+  REGISTER_MODE,
+  FORGOT_MODE,
+  OTP_MODE,
+  EMAIL_CONFIRMATION_MODE,
+  AUTH_TITLE_BY_MODE,
+  AUTH_SUBTITLE_BY_MODE,
+  SUBMIT_LABEL_BY_MODE,
+  DEFAULT_REGISTER_CONFIRMATION_MESSAGE
+};

package/src/client/composables/loginView/identityHelpers.js

@@ -0,0 +1,23 @@
+function normalizeEmailAddress(value) {
+  return String(value || "")
+    .trim()
+    .toLowerCase();
+}
+
+function maskEmail(emailAddress) {
+  const normalized = normalizeEmailAddress(emailAddress);
+  const separatorIndex = normalized.indexOf("@");
+  if (separatorIndex <= 0) {
+    return normalized;
+  }
+
+  const localPart = normalized.slice(0, separatorIndex);
+  const domainPart = normalized.slice(separatorIndex + 1);
+  const visiblePrefix = localPart.slice(0, 1);
+  return `${visiblePrefix}***@${domainPart}`;
+}
+
+export {
+  normalizeEmailAddress,
+  maskEmail
+};

package/src/client/composables/loginView/oauthCallbackUrl.js

@@ -0,0 +1,90 @@
+import {
+  OAUTH_QUERY_PARAM_PROVIDER,
+  OAUTH_QUERY_PARAM_RETURN_TO
+} from "@jskit-ai/auth-core/shared/oauthCallbackParams";
+
+function stripOAuthParamsFromLocation() {
+  if (typeof window !== "object" || !window.location) {
+    return;
+  }
+
+  const nextUrl = new URL(window.location.href);
+  const oauthParamKeys = [
+    "code",
+    "access_token",
+    "refresh_token",
+    "provider_token",
+    "expires_in",
+    "expires_at",
+    "token_type",
+    "state",
+    "sb",
+    "type",
+    "error",
+    "error_description",
+    "errorCode",
+    "errorDescription",
+    OAUTH_QUERY_PARAM_PROVIDER,
+    OAUTH_QUERY_PARAM_RETURN_TO
+  ];
+
+  oauthParamKeys.forEach((key) => {
+    nextUrl.searchParams.delete(key);
+  });
+
+  const hashParams = new URLSearchParams((nextUrl.hash || "").replace(/^#/, ""));
+  oauthParamKeys.forEach((key) => {
+    hashParams.delete(key);
+  });
+
+  const nextHash = hashParams.toString();
+  window.history.replaceState({}, "", `${nextUrl.pathname}${nextUrl.search}${nextHash ? `#${nextHash}` : ""}`);
+}
+
+function readOAuthCallbackParamsFromLocation() {
+  if (typeof window !== "object" || !window.location) {
+    return null;
+  }
+
+  const searchParams = new URLSearchParams(window.location.search || "");
+  const hashParams = new URLSearchParams((window.location.hash || "").replace(/^#/, ""));
+
+  const code = String(searchParams.get("code") || hashParams.get("code") || "").trim();
+  const accessToken = String(searchParams.get("access_token") || hashParams.get("access_token") || "").trim();
+  const refreshToken = String(searchParams.get("refresh_token") || hashParams.get("refresh_token") || "").trim();
+  const errorCode = String(
+    searchParams.get("error") ||
+      hashParams.get("error") ||
+      searchParams.get("errorCode") ||
+      hashParams.get("errorCode") ||
+      ""
+  ).trim();
+  const errorDescription = String(
+    searchParams.get("error_description") ||
+      hashParams.get("error_description") ||
+      searchParams.get("errorDescription") ||
+      hashParams.get("errorDescription") ||
+      ""
+  ).trim();
+  const hasSessionPair = Boolean(accessToken && refreshToken);
+
+  if (!code && !hasSessionPair && !errorCode) {
+    return null;
+  }
+
+  return {
+    code,
+    accessToken,
+    refreshToken,
+    hasSessionPair,
+    errorCode,
+    errorDescription,
+    provider: String(searchParams.get(OAUTH_QUERY_PARAM_PROVIDER) || "").trim().toLowerCase(),
+    returnTo: String(searchParams.get(OAUTH_QUERY_PARAM_RETURN_TO) || "").trim()
+  };
+}
+
+export {
+  stripOAuthParamsFromLocation,
+  readOAuthCallbackParamsFromLocation
+};

package/src/client/composables/loginView/registerCompletion.js

@@ -0,0 +1,18 @@
+import { DEFAULT_REGISTER_CONFIRMATION_MESSAGE } from "./constants.js";
+
+function resolveRegisterCompletionState(registerResult) {
+  if (registerResult?.requiresEmailConfirmation === true) {
+    const message = String(registerResult?.message || "").trim() || DEFAULT_REGISTER_CONFIRMATION_MESSAGE;
+    return {
+      shouldCompleteLogin: false,
+      message
+    };
+  }
+
+  return {
+    shouldCompleteLogin: true,
+    message: ""
+  };
+}
+
+export { resolveRegisterCompletionState };

package/src/client/composables/loginView/rememberedAccountStorage.js

@@ -0,0 +1,95 @@
+import { normalizeEmailAddress, maskEmail } from "./identityHelpers.js";
+
+const REMEMBERED_ACCOUNT_STORAGE_KEY = "auth.rememberedAccount";
+
+function resolveLocalStorage() {
+  if (typeof window === "undefined" || !window.localStorage) {
+    return null;
+  }
+
+  try {
+    const probeKey = "__auth_hint_probe__";
+    window.localStorage.setItem(probeKey, "1");
+    window.localStorage.removeItem(probeKey);
+    return window.localStorage;
+  } catch {
+    return null;
+  }
+}
+
+function createRememberedAccountHint({ email: accountEmail, displayName, maskedEmail, lastUsedAt } = {}) {
+  const normalizedEmail = normalizeEmailAddress(accountEmail);
+  if (!normalizedEmail) {
+    return null;
+  }
+
+  const normalizedDisplayName = String(displayName || "").trim() || normalizedEmail.split("@")[0] || "User";
+  const normalizedMaskedEmail =
+    normalizedEmail.includes("@") && !maskedEmail ? maskEmail(normalizedEmail) : String(maskedEmail || "").trim();
+
+  return {
+    email: normalizedEmail,
+    displayName: normalizedDisplayName,
+    maskedEmail: normalizedMaskedEmail,
+    lastUsedAt: String(lastUsedAt || new Date().toISOString())
+  };
+}
+
+function readRememberedAccountHint() {
+  const storage = resolveLocalStorage();
+  if (!storage) {
+    return null;
+  }
+
+  try {
+    const rawValue = storage.getItem(REMEMBERED_ACCOUNT_STORAGE_KEY);
+    if (!rawValue) {
+      return null;
+    }
+    const parsed = JSON.parse(rawValue);
+    return createRememberedAccountHint(parsed);
+  } catch {
+    return null;
+  }
+}
+
+function writeRememberedAccountHint(hint) {
+  const storage = resolveLocalStorage();
+  if (!storage || !hint) {
+    return;
+  }
+
+  try {
+    storage.setItem(
+      REMEMBERED_ACCOUNT_STORAGE_KEY,
+      JSON.stringify({
+        email: hint.email,
+        displayName: hint.displayName,
+        maskedEmail: hint.maskedEmail,
+        lastUsedAt: hint.lastUsedAt
+      })
+    );
+  } catch {
+    // best effort only
+  }
+}
+
+function clearRememberedAccountHint() {
+  const storage = resolveLocalStorage();
+  if (!storage) {
+    return;
+  }
+
+  try {
+    storage.removeItem(REMEMBERED_ACCOUNT_STORAGE_KEY);
+  } catch {
+    // best effort only
+  }
+}
+
+export {
+  createRememberedAccountHint,
+  readRememberedAccountHint,
+  writeRememberedAccountHint,
+  clearRememberedAccountHint
+};