@lenne.tech/nuxt-extensions 1.2.9 → 1.2.12

package/dist/module.d.mts

@@ -2,7 +2,7 @@ import * as _nuxt_schema from '@nuxt/schema';
 import { LtExtensionsModuleOptions } from '../dist/runtime/types/index.js';
 export { LtAuthClientConfig, LtAuthMode, LtAuthResponse, LtAuthState, LtPasskeyAuthResult, LtPasskeyRegisterResult, LtUser, UseLtAuthReturn } from '../dist/runtime/types/auth.js';
 export { LtFileInfo, LtUploadItem, LtUploadOptions, LtUploadProgress, LtUploadStatus, UseLtFileReturn, UseLtTusUploadReturn } from '../dist/runtime/types/upload.js';
-export { LtAuthModuleOptions, LtErrorTranslationModuleOptions, LtExtensionsModuleOptions, LtExtensionsPublicRuntimeConfig, LtI18nModuleOptions, LtTusModuleOptions } from '../dist/runtime/types/module.js';
+export { LtAuthModuleOptions, LtErrorTranslationModuleOptions, LtExtensionsModuleOptions, LtExtensionsPublicRuntimeConfig, LtI18nModuleOptions, LtSystemSetupModuleOptions, LtTusModuleOptions } from '../dist/runtime/types/module.js';
 export { LtErrorTranslationResponse, LtParsedError, UseLtErrorTranslationReturn } from '../dist/runtime/types/error.js';
 
 declare const name = "@lenne.tech/nuxt-extensions";

package/dist/module.mjs

@@ -1,4 +1,4 @@
-import { defineNuxtModule, createResolver, addImports, addComponent, addPlugin } from '@nuxt/kit';
+import { defineNuxtModule, createResolver, addImports, addComponent, addPlugin, addRouteMiddleware } from '@nuxt/kit';
 
 const name = "@lenne.tech/nuxt-extensions";
 const version = "1.0.0";
@@ -16,6 +16,10 @@ const defaultOptions = {
       publicPaths: []
     },
     loginPath: "/auth/login",
+    systemSetup: {
+      enabled: false,
+      setupPath: "/auth/setup"
+    },
     twoFactorRedirectPath: "/auth/2fa"
   },
   errorTranslation: {
@@ -41,7 +45,11 @@ const module$1 = defineNuxtModule({
   async setup(options, nuxt) {
     const { resolve } = createResolver(import.meta.url);
     const resolvedOptions = {
-      auth: { ...defaultOptions.auth, ...options.auth },
+      auth: {
+        ...defaultOptions.auth,
+        ...options.auth,
+        systemSetup: { ...defaultOptions.auth.systemSetup, ...options.auth?.systemSetup }
+      },
       errorTranslation: { ...defaultOptions.errorTranslation, ...options.errorTranslation },
       i18n: { ...defaultOptions.i18n, ...options.i18n },
       tus: { ...defaultOptions.tus, ...options.tus }
@@ -59,6 +67,10 @@ const module$1 = defineNuxtModule({
           publicPaths: resolvedOptions.auth?.interceptor?.publicPaths || []
         },
         loginPath: resolvedOptions.auth?.loginPath || "/auth/login",
+        systemSetup: {
+          enabled: resolvedOptions.auth?.systemSetup?.enabled ?? false,
+          setupPath: resolvedOptions.auth?.systemSetup?.setupPath || "/auth/setup"
+        },
         twoFactorRedirectPath: resolvedOptions.auth?.twoFactorRedirectPath || "/auth/2fa"
       },
       errorTranslation: {
@@ -82,6 +94,7 @@ const module$1 = defineNuxtModule({
       { name: "useLtFile", from: resolve("./runtime/composables/use-lt-file") },
       { name: "useLtTusUpload", from: resolve("./runtime/composables/use-lt-tus-upload") },
       { name: "useLtShare", from: resolve("./runtime/composables/use-lt-share") },
+      { name: "useSystemSetup", from: resolve("./runtime/composables/auth/use-system-setup") },
       // Utils
       { name: "ltSha256", from: resolve("./runtime/utils/crypto") },
       { name: "ltArrayBufferToBase64Url", from: resolve("./runtime/utils/crypto") },
@@ -119,6 +132,13 @@ const module$1 = defineNuxtModule({
     if (resolvedOptions.auth?.enabled && resolvedOptions.auth?.interceptor?.enabled) {
       addPlugin(resolve("./runtime/plugins/auth-interceptor.client"));
     }
+    if (resolvedOptions.auth?.systemSetup?.enabled) {
+      addRouteMiddleware({
+        name: "lt-system-setup",
+        path: resolve("./runtime/middleware/setup"),
+        global: true
+      });
+    }
     if (resolvedOptions.errorTranslation?.enabled) {
       addPlugin(resolve("./runtime/plugins/error-translation.client"));
     }

package/dist/runtime/composables/auth/use-system-setup.d.ts

@@ -0,0 +1,35 @@
+/**
+ * System Setup Composable
+ *
+ * Checks whether the system needs initial setup (first admin user creation)
+ * and provides a method to perform that setup.
+ *
+ * Uses useState for SSR-compatible state management.
+ */
+import type { ComputedRef } from "vue";
+export interface UseSystemSetupReturn {
+    /** Whether the system needs initial setup (null = not checked yet) */
+    needsSetup: ComputedRef<boolean | null>;
+    /** Check setup status from the backend */
+    checkSetupStatus: () => Promise<boolean>;
+    /** Initialize the system with the first admin user */
+    initSetup: (params: {
+        email: string;
+        password: string;
+        name: string;
+    }) => Promise<void>;
+}
+/**
+ * Composable for system setup flow (first admin user creation)
+ *
+ * @example
+ * ```typescript
+ * const { needsSetup, checkSetupStatus, initSetup } = useSystemSetup();
+ *
+ * await checkSetupStatus();
+ * if (needsSetup.value) {
+ *   await initSetup({ email: 'admin@example.com', password: 'secret', name: 'Admin' });
+ * }
+ * ```
+ */
+export declare function useSystemSetup(): UseSystemSetupReturn;

package/dist/runtime/composables/auth/use-system-setup.js

@@ -0,0 +1,43 @@
+import { computed, useRuntimeConfig, useState } from "#imports";
+import { getLtApiBase } from "../../lib/auth-state.js";
+import { ltSha256 } from "../../utils/crypto.js";
+export function useSystemSetup() {
+  const runtimeConfig = useRuntimeConfig();
+  const needsSetupState = useState("lt-needs-setup", () => null);
+  const needsSetup = computed(() => needsSetupState.value);
+  async function checkSetupStatus() {
+    try {
+      let url;
+      if (import.meta.server) {
+        const apiUrl = runtimeConfig.apiUrl || "http://localhost:3000";
+        url = `${apiUrl}/api/system-setup/status`;
+      } else {
+        url = "/api/system-setup/status";
+      }
+      const data = await $fetch(url);
+      needsSetupState.value = data.needsSetup;
+      return data.needsSetup;
+    } catch {
+      needsSetupState.value = false;
+      return false;
+    }
+  }
+  async function initSetup(params) {
+    const apiBase = getLtApiBase();
+    const hashedPassword = await ltSha256(params.password);
+    await $fetch(`${apiBase}/system-setup/init`, {
+      method: "POST",
+      body: {
+        email: params.email,
+        password: hashedPassword,
+        name: params.name
+      }
+    });
+    needsSetupState.value = false;
+  }
+  return {
+    needsSetup,
+    checkSetupStatus,
+    initSetup
+  };
+}

package/dist/runtime/composables/index.d.ts

@@ -1,4 +1,5 @@
 export { useLtAuth } from "./auth/use-lt-auth.js";
+export { useSystemSetup } from "./auth/use-system-setup.js";
 export { useLtAuthClient, ltAuthClient } from "./use-lt-auth-client.js";
 export { useLtTusUpload } from "./use-lt-tus-upload.js";
 export { useLtFile } from "./use-lt-file.js";

package/dist/runtime/composables/index.js

@@ -1,4 +1,5 @@
 export { useLtAuth } from "./auth/use-lt-auth.js";
+export { useSystemSetup } from "./auth/use-system-setup.js";
 export { useLtAuthClient, ltAuthClient } from "./use-lt-auth-client.js";
 export { useLtTusUpload } from "./use-lt-tus-upload.js";
 export { useLtFile } from "./use-lt-file.js";

package/dist/runtime/lib/auth-client.d.ts

@@ -280,6 +280,21 @@ export declare function createLtAuthClient(config?: LtAuthClientConfig): {
         listen: (signal: Omit<string, "$sessionSignal"> | "$sessionSignal", listener: (value: boolean, oldValue?: boolean | undefined) => void) => void;
         atoms: Record<string, import("better-auth/client").WritableAtom<any>>;
     };
+    requestPasswordReset: <FetchOptions extends import("better-auth").ClientFetchOption<Partial<{
+        email: string;
+        redirectTo?: string | undefined;
+    }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0: import("better-auth").Prettify<{
+        email: string;
+        redirectTo?: string | undefined;
+    } & {
+        fetchOptions?: FetchOptions | undefined;
+    }>, data_1?: FetchOptions | undefined) => Promise<import("better-auth/client").BetterFetchResponse<{
+        status: boolean;
+        message: string;
+    }, {
+        code?: string | undefined;
+        message?: string | undefined;
+    }, FetchOptions["throw"] extends true ? true : false>>;
     /**
      * Change password for an authenticated user (both passwords are hashed)
      */
@@ -615,21 +630,6 @@ export declare function createLtAuthClient(config?: LtAuthClientConfig): {
             message?: string | undefined;
         }, FetchOptions["throw"] extends true ? true : false>>;
     };
-    requestPasswordReset: <FetchOptions extends import("better-auth").ClientFetchOption<Partial<{
-        email: string;
-        redirectTo?: string | undefined;
-    }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0: import("better-auth").Prettify<{
-        email: string;
-        redirectTo?: string | undefined;
-    } & {
-        fetchOptions?: FetchOptions | undefined;
-    }>, data_1?: FetchOptions | undefined) => Promise<import("better-auth/client").BetterFetchResponse<{
-        status: boolean;
-        message: string;
-    }, {
-        code?: string | undefined;
-        message?: string | undefined;
-    }, FetchOptions["throw"] extends true ? true : false>>;
     listSessions: <FetchOptions extends import("better-auth").ClientFetchOption<never, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0?: import("better-auth").Prettify<{
         query?: Record<string, any> | undefined;
         fetchOptions?: FetchOptions | undefined;

package/dist/runtime/lib/auth-client.js

@@ -89,6 +89,7 @@ export function createLtAuthClient(config = {}) {
     $Infer: baseClient.$Infer,
     $fetch: baseClient.$fetch,
     $store: baseClient.$store,
+    requestPasswordReset: baseClient.requestPasswordReset,
     /**
      * Change password for an authenticated user (both passwords are hashed)
      */

package/dist/runtime/middleware/setup.d.ts

@@ -0,0 +1,12 @@
+/**
+ * System Setup Middleware
+ *
+ * Global middleware that redirects to the setup page when the system
+ * needs initial setup (no admin user exists yet).
+ *
+ * - needsSetup === null -> calls checkSetupStatus()
+ * - needsSetup === true AND route != setupPath -> redirect to setupPath
+ * - needsSetup === false AND route === setupPath -> redirect to loginPath
+ */
+declare const _default: import("nuxt/app").RouteMiddleware;
+export default _default;

package/dist/runtime/middleware/setup.js

@@ -0,0 +1,21 @@
+import { defineNuxtRouteMiddleware, navigateTo, useRuntimeConfig } from "#imports";
+import { useSystemSetup } from "../composables/auth/use-system-setup.js";
+export default defineNuxtRouteMiddleware(async (to) => {
+  const runtimeConfig = useRuntimeConfig();
+  const authConfig = runtimeConfig.public?.ltExtensions?.auth;
+  const setupPath = authConfig?.systemSetup?.setupPath || "/auth/setup";
+  const loginPath = authConfig?.loginPath || "/auth/login";
+  const { needsSetup, checkSetupStatus } = useSystemSetup();
+  try {
+    if (needsSetup.value === null) {
+      await checkSetupStatus();
+    }
+    if (needsSetup.value === true && to.path !== setupPath) {
+      return navigateTo(setupPath);
+    }
+    if (needsSetup.value === false && to.path === setupPath) {
+      return navigateTo(loginPath);
+    }
+  } catch {
+  }
+});

package/dist/runtime/plugins/auth-interceptor.client.js

@@ -17,7 +17,8 @@ export default (nuxtApp) => {
     "/auth/register",
     "/auth/forgot-password",
     "/auth/reset-password",
-    "/auth/2fa"
+    "/auth/2fa",
+    "/auth/setup"
   ];
   const publicAuthPaths = [.../* @__PURE__ */ new Set([...defaultPublicPaths, ...configuredPublicPaths])];
   function isPublicAuthRoute() {

package/dist/runtime/types/index.d.ts

@@ -1,4 +1,4 @@
 export type { LtAuthClientConfig, LtAuthMode, LtAuthResponse, LtAuthState, LtPasskeyAuthResult, LtPasskeyRegisterResult, LtUser, UseLtAuthReturn, } from "./auth.js";
 export type { LtFileInfo, LtUploadItem, LtUploadOptions, LtUploadProgress, LtUploadStatus, UseLtFileReturn, UseLtTusUploadReturn, } from "./upload.js";
-export type { LtAuthModuleOptions, LtErrorTranslationModuleOptions, LtExtensionsModuleOptions, LtExtensionsPublicRuntimeConfig, LtI18nModuleOptions, LtTusModuleOptions, } from "./module.js";
+export type { LtAuthModuleOptions, LtErrorTranslationModuleOptions, LtExtensionsModuleOptions, LtExtensionsPublicRuntimeConfig, LtI18nModuleOptions, LtSystemSetupModuleOptions, LtTusModuleOptions, } from "./module.js";
 export type { LtErrorTranslationResponse, LtParsedError, UseLtErrorTranslationReturn, } from "./error.js";

package/dist/runtime/types/module.d.ts

@@ -1,6 +1,12 @@
 /**
  * Auth module configuration options
  */
+export interface LtSystemSetupModuleOptions {
+    /** Enable system setup flow (default: false) */
+    enabled?: boolean;
+    /** Path to the setup page (default: '/auth/setup') */
+    setupPath?: string;
+}
 export interface LtAuthModuleOptions {
     /** Auth API base path (default: '/iam' - must match nest-server betterAuth.basePath) */
     basePath?: string;
@@ -23,6 +29,8 @@ export interface LtAuthModuleOptions {
     };
     /** Login page path for redirects (default: '/auth/login') */
     loginPath?: string;
+    /** System setup configuration */
+    systemSetup?: LtSystemSetupModuleOptions;
     /** 2FA redirect path (default: '/auth/2fa') */
     twoFactorRedirectPath?: string;
 }
@@ -81,6 +89,10 @@ export interface LtExtensionsPublicRuntimeConfig {
                 publicPaths: string[];
             };
             loginPath: string;
+            systemSetup: {
+                enabled: boolean;
+                setupPath: string;
+            };
             twoFactorRedirectPath: string;
         };
         errorTranslation: {

package/dist/types.d.mts

@@ -8,7 +8,7 @@ export { type LtAuthClientConfig, type LtAuthMode, type LtAuthResponse, type LtA
 
 export { type LtFileInfo, type LtUploadItem, type LtUploadOptions, type LtUploadProgress, type LtUploadStatus, type UseLtFileReturn, type UseLtTusUploadReturn } from '../dist/runtime/types/upload.js'
 
-export { type LtAuthModuleOptions, type LtErrorTranslationModuleOptions, type LtExtensionsModuleOptions, type LtExtensionsPublicRuntimeConfig, type LtI18nModuleOptions, type LtTusModuleOptions } from '../dist/runtime/types/module.js'
+export { type LtAuthModuleOptions, type LtErrorTranslationModuleOptions, type LtExtensionsModuleOptions, type LtExtensionsPublicRuntimeConfig, type LtI18nModuleOptions, type LtSystemSetupModuleOptions, type LtTusModuleOptions } from '../dist/runtime/types/module.js'
 
 export { type LtErrorTranslationResponse, type LtParsedError, type UseLtErrorTranslationReturn } from '../dist/runtime/types/error.js'
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lenne.tech/nuxt-extensions",
-  "version": "1.2.9",
+  "version": "1.2.12",
   "description": "Reusable Nuxt 4 composables, components, and Better-Auth integration for lenne.tech projects",
   "repository": {
     "type": "git",