@lastbrain/module-auth 0.1.1 → 0.1.3

package/dist/web/auth/reglage.js

@@ -1,4 +1,100 @@
-import { jsx as _jsx } from "react/jsx-runtime";
+"use client";
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { useEffect, useState } from "react";
+import { Card, CardBody, CardHeader, Switch, Button, Spinner, Divider, Select, SelectItem, addToast, } from "@lastbrain/ui";
+import { Settings, Save } from "lucide-react";
 export function ReglagePage() {
-    return _jsx("div", { className: "pt-12", children: "Welcome to your Reglage!" });
+    const [preferences, setPreferences] = useState({
+        email_notifications: true,
+        push_notifications: false,
+        marketing_emails: false,
+        theme: "system",
+        language: "en",
+        timezone: "UTC",
+    });
+    const [isLoading, setIsLoading] = useState(true);
+    const [isSaving, setIsSaving] = useState(false);
+    useEffect(() => {
+        fetchSettings();
+    }, []);
+    const fetchSettings = async () => {
+        try {
+            setIsLoading(true);
+            const response = await fetch("/api/auth/profile");
+            if (!response.ok) {
+                throw new Error("Failed to fetch settings");
+            }
+            const result = await response.json();
+            if (result.data) {
+                const profile = result.data;
+                setPreferences((prev) => ({
+                    ...prev,
+                    language: profile.language || prev.language,
+                    timezone: profile.timezone || prev.timezone,
+                    ...(profile.preferences || {}),
+                }));
+            }
+        }
+        catch (err) {
+            console.error("Error loading settings:", err);
+            addToast({
+                title: "Error",
+                description: "Failed to load settings",
+                color: "danger",
+            });
+        }
+        finally {
+            setIsLoading(false);
+        }
+    };
+    const handleSave = async () => {
+        setIsSaving(true);
+        try {
+            const response = await fetch("/api/auth/profile", {
+                method: "PUT",
+                headers: {
+                    "Content-Type": "application/json",
+                },
+                body: JSON.stringify({
+                    language: preferences.language,
+                    timezone: preferences.timezone,
+                    preferences: {
+                        email_notifications: preferences.email_notifications,
+                        push_notifications: preferences.push_notifications,
+                        marketing_emails: preferences.marketing_emails,
+                        theme: preferences.theme,
+                    },
+                }),
+            });
+            if (!response.ok) {
+                throw new Error("Failed to update settings");
+            }
+            addToast({
+                title: "Success",
+                description: "Settings updated successfully",
+                color: "success",
+            });
+        }
+        catch (err) {
+            console.error("Error updating settings:", err);
+            addToast({
+                title: "Error",
+                description: "Failed to update settings",
+                color: "danger",
+            });
+        }
+        finally {
+            setIsSaving(false);
+        }
+    };
+    const handleToggle = (key, value) => {
+        setPreferences((prev) => ({ ...prev, [key]: value }));
+    };
+    const handleSelect = (key, value) => {
+        setPreferences((prev) => ({ ...prev, [key]: value }));
+    };
+    if (isLoading) {
+        return (_jsx("div", { className: "flex justify-center items-center min-h-[400px]", children: _jsx(Spinner, { size: "lg", label: "Loading settings..." }) }));
+    }
+    return (_jsxs("div", { className: "pt-12 pb-12 max-w-4xl mx-auto px-4", children: [_jsxs("div", { className: "flex items-center gap-2 mb-8", children: [_jsx(Settings, { className: "w-8 h-8" }), _jsx("h1", { className: "text-3xl font-bold", children: "Account Settings" })] }), _jsxs("div", { className: "space-y-6", children: [_jsxs(Card, { children: [_jsx(CardHeader, { children: _jsx("h3", { className: "text-lg font-semibold", children: "Notifications" }) }), _jsx(Divider, {}), _jsx(CardBody, { children: _jsxs("div", { className: "space-y-4", children: [_jsxs("div", { className: "flex justify-between items-center", children: [_jsxs("div", { children: [_jsx("p", { className: "font-medium", children: "Email Notifications" }), _jsx("p", { className: "text-small text-default-500", children: "Receive email notifications for important updates" })] }), _jsx(Switch, { isSelected: preferences.email_notifications, onValueChange: (value) => handleToggle("email_notifications", value) })] }), _jsx(Divider, {}), _jsxs("div", { className: "flex justify-between items-center", children: [_jsxs("div", { children: [_jsx("p", { className: "font-medium", children: "Push Notifications" }), _jsx("p", { className: "text-small text-default-500", children: "Receive push notifications in your browser" })] }), _jsx(Switch, { isSelected: preferences.push_notifications, onValueChange: (value) => handleToggle("push_notifications", value) })] }), _jsx(Divider, {}), _jsxs("div", { className: "flex justify-between items-center", children: [_jsxs("div", { children: [_jsx("p", { className: "font-medium", children: "Marketing Emails" }), _jsx("p", { className: "text-small text-default-500", children: "Receive emails about new features and updates" })] }), _jsx(Switch, { isSelected: preferences.marketing_emails, onValueChange: (value) => handleToggle("marketing_emails", value) })] })] }) })] }), _jsxs(Card, { children: [_jsx(CardHeader, { children: _jsx("h3", { className: "text-lg font-semibold", children: "Appearance" }) }), _jsx(Divider, {}), _jsx(CardBody, { children: _jsxs(Select, { label: "Theme", placeholder: "Select a theme", selectedKeys: preferences.theme ? [preferences.theme] : [], onChange: (e) => handleSelect("theme", e.target.value), children: [_jsx(SelectItem, { children: "Light" }, "light"), _jsx(SelectItem, { children: "Dark" }, "dark"), _jsx(SelectItem, { children: "System" }, "system")] }) })] }), _jsxs(Card, { children: [_jsx(CardHeader, { children: _jsx("h3", { className: "text-lg font-semibold", children: "Language & Region" }) }), _jsx(Divider, {}), _jsx(CardBody, { children: _jsxs("div", { className: "grid gap-4 md:grid-cols-2", children: [_jsxs(Select, { label: "Language", placeholder: "Select a language", selectedKeys: preferences.language ? [preferences.language] : [], onChange: (e) => handleSelect("language", e.target.value), children: [_jsx(SelectItem, { children: "English" }, "en"), _jsx(SelectItem, { children: "Fran\u00E7ais" }, "fr"), _jsx(SelectItem, { children: "Espa\u00F1ol" }, "es"), _jsx(SelectItem, { children: "Deutsch" }, "de")] }), _jsxs(Select, { label: "Timezone", placeholder: "Select a timezone", selectedKeys: preferences.timezone ? [preferences.timezone] : [], onChange: (e) => handleSelect("timezone", e.target.value), children: [_jsx(SelectItem, { children: "UTC" }, "UTC"), _jsx(SelectItem, { children: "Europe/Paris" }, "Europe/Paris"), _jsx(SelectItem, { children: "America/New_York" }, "America/New_York"), _jsx(SelectItem, { children: "America/Los_Angeles" }, "America/Los_Angeles"), _jsx(SelectItem, { children: "Asia/Tokyo" }, "Asia/Tokyo")] })] }) })] }), _jsxs("div", { className: "flex justify-end gap-3", children: [_jsx(Button, { type: "button", variant: "flat", onPress: () => fetchSettings(), isDisabled: isSaving, children: "Reset" }), _jsx(Button, { type: "button", color: "primary", isLoading: isSaving, onPress: handleSave, startContent: !isSaving && _jsx(Save, { className: "w-4 h-4" }), children: isSaving ? "Saving..." : "Save Settings" })] })] })] }));
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lastbrain/module-auth",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "Module d'authentification complet pour LastBrain avec Supabase",
   "private": false,
   "type": "module",
@@ -25,14 +25,15 @@
   },
   "files": [
     "dist",
+    "src",
     "supabase"
   ],
   "dependencies": {
+    "@lastbrain/core": "^0.1.0",
+    "@lastbrain/ui": "^0.1.4",
     "lucide-react": "^0.554.0",
     "react": "^19.0.0",
-    "react-dom": "^19.0.0",
-    "@lastbrain/core": "0.1.0",
-    "@lastbrain/ui": "0.1.3"
+    "react-dom": "^19.0.0"
   },
   "peerDependencies": {
     "next": ">=15.0.0"

package/src/api/admin/users.ts

@@ -0,0 +1,124 @@
+import { NextRequest, NextResponse } from "next/server";
+import { getSupabaseServerClient } from "@lastbrain/core/server";
+
+/**
+ * GET /api/admin/users
+ * Returns all users (superadmin only)
+ * Supports pagination via query params: page, per_page
+ * Supports search via query param: search (email)
+ */
+export async function GET(request: NextRequest) {
+  try {
+    const supabase = await getSupabaseServerClient();
+
+    // Check authentication
+    const {
+      data: { user },
+      error: authError,
+    } = await supabase.auth.getUser();
+
+    if (authError || !user) {
+      return NextResponse.json(
+        { error: "Unauthorized", message: "User not authenticated" },
+        { status: 401 }
+      );
+    }
+
+    // Check if user is superadmin
+    const { data: isSuperAdmin } = await supabase.rpc("is_superadmin", {
+      user_id: user.id,
+    });
+
+    if (!isSuperAdmin) {
+      return NextResponse.json(
+        { error: "Forbidden", message: "Superadmin access required" },
+        { status: 403 }
+      );
+    }
+
+    // Get query parameters
+    const searchParams = request.nextUrl.searchParams;
+    const page = parseInt(searchParams.get("page") || "1");
+    const perPage = parseInt(searchParams.get("per_page") || "20");
+    const search = searchParams.get("search") || "";
+
+    // Note: We can only get public user data from auth.users via RPC or service role
+    // For now, we'll query user_profil which has owner_id references
+    let query = supabase
+      .from("user_profil")
+      .select("*, owner_id", { count: "exact" })
+      .order("created_at", { ascending: false });
+
+    // Add search filter if provided - using Supabase's built-in parameterized query
+    if (search) {
+      // Using .ilike with % wildcards - Supabase handles escaping
+      query = query.or(
+        `first_name.ilike.%${search}%,last_name.ilike.%${search}%`
+      );
+    }
+
+    // Apply pagination
+    const start = (page - 1) * perPage;
+    query = query.range(start, start + perPage - 1);
+
+    const { data: profiles, error: profileError, count } = await query;
+
+    if (profileError) {
+      console.error("Error fetching users:", profileError);
+      return NextResponse.json(
+        { error: "Database Error", message: profileError.message },
+        { status: 500 }
+      );
+    }
+
+    // Get auth users data in batch - more efficient than individual calls
+    // Note: auth.admin methods require service role, so results may be limited
+    // In production, consider creating a database view or RPC function to join
+    // user_profil with auth.users for better performance
+    const users = await Promise.all(
+      (profiles || []).map(async (profile) => {
+        // Get basic auth info - this is limited to what's available
+        const { data: authData } = await supabase.auth.admin.getUserById(
+          profile.owner_id
+        );
+
+        return {
+          id: profile.owner_id,
+          email: authData?.user?.email || "N/A",
+          created_at: authData?.user?.created_at || profile.created_at,
+          profile: {
+            first_name: profile.first_name,
+            last_name: profile.last_name,
+            avatar_url: profile.avatar_url,
+            bio: profile.bio,
+            phone: profile.phone,
+            company: profile.company,
+            website: profile.website,
+            location: profile.location,
+            language: profile.language,
+            timezone: profile.timezone,
+          },
+        };
+      })
+    );
+
+    return NextResponse.json({
+      data: users,
+      pagination: {
+        page,
+        per_page: perPage,
+        total: count || 0,
+        total_pages: Math.ceil((count || 0) / perPage),
+      },
+    });
+  } catch (error) {
+    console.error("Error in admin users endpoint:", error);
+    return NextResponse.json(
+      {
+        error: "Internal Server Error",
+        message: "Failed to fetch users",
+      },
+      { status: 500 }
+    );
+  }
+}

package/src/api/auth/me.ts

@@ -0,0 +1,48 @@
+import { NextResponse } from "next/server";
+import { getSupabaseServerClient } from "@lastbrain/core/server";
+
+/**
+ * GET /api/auth/me
+ * Returns the current authenticated user and their profile
+ */
+export async function GET() {
+  try {
+    const supabase = await getSupabaseServerClient();
+
+    // Get the authenticated user
+    const {
+      data: { user },
+      error: authError,
+    } = await supabase.auth.getUser();
+
+    if (authError || !user) {
+      return NextResponse.json(
+        { error: "Unauthorized", message: "User not authenticated" },
+        { status: 401 }
+      );
+    }
+
+    // Get user profile
+    const { data: profile, error: profileError } = await supabase
+      .from("user_profil")
+      .select("*")
+      .eq("owner_id", user.id)
+      .single();
+
+    // Profile might not exist yet, that's OK
+    const userData = {
+      id: user.id,
+      email: user.email,
+      created_at: user.created_at,
+      profile: profile || null,
+    };
+
+    return NextResponse.json({ data: userData });
+  } catch (error) {
+    console.error("Error fetching user:", error);
+    return NextResponse.json(
+      { error: "Internal Server Error", message: "Failed to fetch user data" },
+      { status: 500 }
+    );
+  }
+}

package/src/api/auth/profile.ts

@@ -0,0 +1,156 @@
+import { NextRequest, NextResponse } from "next/server";
+import { getSupabaseServerClient } from "@lastbrain/core/server";
+
+/**
+ * GET /api/auth/profile
+ * Returns the user's profile
+ */
+export async function GET() {
+  try {
+    const supabase = await getSupabaseServerClient();
+
+    const {
+      data: { user },
+      error: authError,
+    } = await supabase.auth.getUser();
+
+    if (authError || !user) {
+      return NextResponse.json(
+        { error: "Unauthorized", message: "User not authenticated" },
+        { status: 401 }
+      );
+    }
+
+    const { data: profile, error: profileError } = await supabase
+      .from("user_profil")
+      .select("*")
+      .eq("owner_id", user.id)
+      .single();
+
+    if (profileError && profileError.code !== "PGRST116") {
+      // PGRST116 = no rows returned, which is OK
+      return NextResponse.json(
+        { error: "Database Error", message: profileError.message },
+        { status: 500 }
+      );
+    }
+
+    return NextResponse.json({ data: profile || null });
+  } catch (error) {
+    console.error("Error fetching profile:", error);
+    return NextResponse.json(
+      { error: "Internal Server Error", message: "Failed to fetch profile" },
+      { status: 500 }
+    );
+  }
+}
+
+/**
+ * PUT /api/auth/profile
+ * Updates the user's profile
+ */
+export async function PUT(request: NextRequest) {
+  try {
+    const supabase = await getSupabaseServerClient();
+
+    const {
+      data: { user },
+      error: authError,
+    } = await supabase.auth.getUser();
+
+    if (authError || !user) {
+      return NextResponse.json(
+        { error: "Unauthorized", message: "User not authenticated" },
+        { status: 401 }
+      );
+    }
+
+    const body = await request.json();
+    const {
+      first_name,
+      last_name,
+      avatar_url,
+      bio,
+      phone,
+      company,
+      website,
+      location,
+      language,
+      timezone,
+      preferences,
+    } = body;
+
+    // Check if profile exists
+    const { data: existingProfile } = await supabase
+      .from("user_profil")
+      .select("id")
+      .eq("owner_id", user.id)
+      .single();
+
+    let result;
+    if (existingProfile) {
+      // Update existing profile
+      result = await supabase
+        .from("user_profil")
+        .update({
+          first_name,
+          last_name,
+          avatar_url,
+          bio,
+          phone,
+          company,
+          website,
+          location,
+          language,
+          timezone,
+          preferences,
+        })
+        .eq("owner_id", user.id)
+        .select()
+        .single();
+    } else {
+      // Create new profile
+      result = await supabase
+        .from("user_profil")
+        .insert({
+          owner_id: user.id,
+          first_name,
+          last_name,
+          avatar_url,
+          bio,
+          phone,
+          company,
+          website,
+          location,
+          language,
+          timezone,
+          preferences,
+        })
+        .select()
+        .single();
+    }
+
+    if (result.error) {
+      return NextResponse.json(
+        { error: "Database Error", message: result.error.message },
+        { status: 500 }
+      );
+    }
+
+    return NextResponse.json({ data: result.data });
+  } catch (error) {
+    console.error("Error updating profile:", error);
+    return NextResponse.json(
+      { error: "Internal Server Error", message: "Failed to update profile" },
+      { status: 500 }
+    );
+  }
+}
+
+/**
+ * PATCH /api/auth/profile
+ * Partially updates the user's profile
+ */
+export async function PATCH(request: NextRequest) {
+  return PUT(request);
+}

package/src/api/public/signin.ts

@@ -0,0 +1,31 @@
+import { getSupabaseServerClient } from "@lastbrain/core/server";
+
+const jsonResponse = (payload: unknown, status = 200) => {
+  return new Response(JSON.stringify(payload), {
+    headers: {
+      "content-type": "application/json"
+    },
+    status
+  });
+};
+
+export async function POST(request: Request) {
+  const supabase = await getSupabaseServerClient();
+  const body = await request.json();
+  const { email, password } = body;
+
+  if (!email || !password) {
+    return jsonResponse({ error: "Email et mot de passe requis." }, 400);
+  }
+
+  const { error, data } = await supabase.auth.signInWithPassword({
+    email,
+    password 
+  });
+
+  if (error) {
+    return jsonResponse({ error: error.message }, 400);
+  }
+
+  return jsonResponse({ data });
+}

package/src/api/storage.ts

@@ -0,0 +1,63 @@
+import { supabaseBrowserClient } from "@lastbrain/core";
+
+/**
+ * Upload a file to Supabase Storage and return proxy URL
+ */
+export async function uploadFile(
+  bucket: string,
+  path: string,
+  file: Blob,
+  contentType: string
+): Promise<string> {
+  const { data, error } = await supabaseBrowserClient.storage
+    .from(bucket)
+    .upload(path, file, {
+      contentType,
+      upsert: true,
+    });
+
+  if (error) {
+    throw new Error(`Upload failed: ${error.message}`);
+  }
+
+  // Return proxy URL instead of Supabase public URL
+  return `/api/storage/${bucket}/${data.path}`;
+}
+
+/**
+ * Delete files from Supabase Storage
+ */
+export async function deleteFiles(bucket: string, paths: string[]): Promise<void> {
+  const { error } = await supabaseBrowserClient.storage
+    .from(bucket)
+    .remove(paths);
+
+  if (error) {
+    throw new Error(`Delete failed: ${error.message}`);
+  }
+}
+
+/**
+ * Delete files starting with a specific prefix (like user ID)
+ */
+export async function deleteFilesWithPrefix(
+  bucket: string,
+  prefix: string
+): Promise<void> {
+  // List files with the prefix
+  const { data: files, error: listError } = await supabaseBrowserClient.storage
+    .from(bucket)
+    .list("", {
+      search: prefix,
+    });
+
+  if (listError) {
+    console.warn("Failed to list files for deletion:", listError);
+    return;
+  }
+
+  if (files && files.length > 0) {
+    const filePaths = files.map(file => file.name);
+    await deleteFiles(bucket, filePaths);
+  }
+}

package/src/auth.build.config.ts

@@ -0,0 +1,137 @@
+import type { ModuleBuildConfig } from "@lastbrain/core";
+
+const authBuildConfig: ModuleBuildConfig = {
+  moduleName: "@lastbrain/module-auth",
+  pages: [
+    {
+      section: "public",
+      path: "/signin",
+      componentExport: "SignInPage",
+    },
+    {
+      section: "public",
+      path: "/signup",
+      componentExport: "SignUpPage",
+    },
+    {
+      section: "public",
+      path: "/reset-password",
+      componentExport: "ResetPassword",
+    },
+    {
+      section: "auth",
+      path: "/dashboard",
+      componentExport: "DashboardPage",
+    },
+    {
+      section: "auth",
+      path: "/reglage",
+      componentExport: "ReglagePage",
+    },
+    {
+      section: "auth",
+      path: "/profile",
+      componentExport: "ProfilePage",
+    },
+    {
+      section: "admin",
+      path: "/users",
+      componentExport: "AdminUsersPage",
+    },
+  ],
+  apis: [
+    {
+      method: "POST",
+      path: "/api/auth/signin",
+      handlerExport: "POST",
+      entryPoint: "api/public/signin",
+      authRequired: false,
+    },
+    {
+      method: "GET",
+      path: "/api/auth/profile",
+      handlerExport: "GET",
+      entryPoint: "api/auth/profile",
+      authRequired: true,
+    },
+    {
+      method: "PUT",
+      path: "/api/auth/profile",
+      handlerExport: "PUT",
+      entryPoint: "api/auth/profile",
+      authRequired: true,
+    },
+    {
+      method: "PATCH",
+      path: "/api/auth/profile",
+      handlerExport: "PATCH",
+      entryPoint: "api/auth/profile",
+      authRequired: true,
+    },
+  ],
+  migrations: {
+    enabled: true,
+    priority: 20,
+    path: "supabase/migrations",
+    files: ["001_auth_base.sql"],
+  },
+  menu: {
+    public: [
+      {
+        title: "Connexion",
+        description: "Connectez-vous à votre compte",
+        icon: "LogIn",
+        path: "/signin",
+        order: 1,
+      },
+      {
+        title: "Inscription",
+        description: "Créez votre compte",
+        icon: "UserPlus2",
+        path: "/signup",
+        order: 2,
+      },
+    ],
+    admin: [
+      {
+        title: "Gestion des utilisateurs",
+        description: "Gérez les utilisateurs de la plateforme",
+        icon: "Users2",
+        path: "/admin/users",
+        order: 1,
+      },
+    ],
+    account: [
+      {
+        title: "Tableau de bord",
+        description: "Accédez à votre tableau de bord",
+        icon: "LayoutDashboard",
+        path: "/auth/dashboard",
+        order: 1,
+      },
+      {
+        title: "Mon profil",
+        description: "Gérez vos informations personnelles",
+        icon: "User2",
+        path: "/auth/profile",
+        order: 1,
+      },
+      {
+        title: "Paramètres",
+        description: "Configurez votre compte",
+        icon: "Settings",
+        path: "/auth/reglage",
+        order: 2,
+      },
+      {
+        title: "Déconnexion",
+        description: "Se déconnecter",
+        icon: "LogOut",
+        path: "/signout",
+        order: 99,
+      },
+    ],
+  },
+};
+
+export default authBuildConfig;