@meistrari/auth-nuxt 2.2.2 → 2.3.1

package/dist/module.json

@@ -1,7 +1,7 @@
 {
   "name": "@meistrari/auth-nuxt",
   "configKey": "telaAuth",
-  "version": "2.2.2",
+  "version": "2.3.1",
   "builder": {
     "@nuxt/module-builder": "1.0.2",
     "unbuild": "3.6.1"

package/dist/module.mjs

@@ -66,6 +66,11 @@ const module$1 = defineNuxtModule({
         handler: resolver.resolve("./runtime/server/routes/auth/switch-organization"),
         method: "post"
       });
+      addServerHandler({
+        route: "/auth/whoami",
+        handler: resolver.resolve("./runtime/server/routes/auth/whoami"),
+        method: "get"
+      });
       addPlugin(resolver.resolve("./runtime/plugins/application-token-refresh"));
       addPlugin(resolver.resolve("./runtime/plugins/auth-guard"));
       addPlugin(resolver.resolve("./runtime/plugins/directives"));

package/dist/runtime/composables/application-auth.d.ts

@@ -1,11 +1,4 @@
-type RawOrganization = {
-    title: string;
-    id: string;
-    createdAt: Date;
-    avatarUrl: string | null;
-    metadata: string | null;
-    slug: string | null;
-};
+import type { FullOrganization } from '@meistrari/auth-core';
 /**
  * Composable for managing Tela application authentication with OAuth 2.0 PKCE flow
  *
@@ -44,7 +37,7 @@ export declare function useTelaApplicationAuth(): {
     login: () => Promise<void>;
     logout: () => Promise<void>;
     initSession: () => Promise<void>;
-    getAvailableOrganizations: () => Promise<RawOrganization[]>;
+    getAvailableOrganizations: () => Promise<FullOrganization[]>;
     switchOrganization: (organizationId: string) => Promise<void>;
     refreshToken: () => Promise<void>;
     user: import("vue").Ref<{
@@ -76,6 +69,5 @@ export declare function useTelaApplicationAuth(): {
         banExpires?: Date | null | undefined;
         lastActiveAt?: Date | null | undefined;
     } | null>;
-    activeOrganization: import("vue").Ref<Omit<import("@meistrari/auth-core").FullOrganization, "members" | "invitations" | "teams"> | null, Omit<import("@meistrari/auth-core").FullOrganization, "members" | "invitations" | "teams"> | null>;
+    activeOrganization: import("vue").Ref<FullOrganization | null, FullOrganization | null>;
 };
-export {};

package/dist/runtime/composables/application-auth.js

@@ -3,16 +3,6 @@ import { AuthorizationFlowError, isTokenExpired, RefreshTokenExpiredError, UserN
 import { useApplicationSessionState } from "./state.js";
 const FIFTEEN_MINUTES = 60 * 15;
 const ONE_MINUTE = 60 * 1e3;
-function mapOrganization(organization) {
-  return {
-    name: organization.title,
-    id: organization.id,
-    createdAt: organization.createdAt,
-    logo: organization.avatarUrl,
-    metadata: organization.metadata,
-    slug: organization.slug ?? ""
-  };
-}
 export function useTelaApplicationAuth() {
   const appConfig = useRuntimeConfig().public.telaAuth;
   const accessTokenCookie = useCookie("tela-access-token", {
@@ -60,7 +50,7 @@ export function useTelaApplicationAuth() {
         method: "POST"
       });
       state.user.value = result.user;
-      state.activeOrganization.value = mapOrganization(result.organization);
+      state.activeOrganization.value = result.organization;
     } catch (error) {
       console.error("[Auth Refresh] Failed to refresh token:", error);
       throw new RefreshTokenExpiredError();
@@ -91,7 +81,7 @@ export function useTelaApplicationAuth() {
         body: { organizationId }
       });
       state.user.value = result.user;
-      state.activeOrganization.value = mapOrganization(result.organization);
+      state.activeOrganization.value = result.organization;
     } catch (error) {
       console.error("[Auth Switch Org] Failed to switch organization:", error);
       throw error;

package/dist/runtime/composables/state.d.ts

@@ -100,6 +100,7 @@ export declare function useSessionState(): {
 export declare function useOrganizationState(): {
     activeOrganization: import("vue").Ref<FullOrganization | null, FullOrganization | null>;
     activeMember: import("vue").Ref<{
+        [x: string]: string | number | boolean | string[] | Record<string, any> | (string & Record<never, never>) | Date | number[] | undefined;
         id: string;
         organizationId: string;
         role: "org:admin" | "org:member" | "org:reviewer";
@@ -112,9 +113,8 @@ export declare function useOrganizationState(): {
             name: string;
             image?: string | undefined;
         };
-        deletedAt?: Date | undefined;
-        lastActiveAt?: Date | undefined;
     } | null, {
+        [x: string]: string | number | boolean | string[] | Record<string, any> | (string & Record<never, never>) | Date | number[] | undefined;
         id: string;
         organizationId: string;
         role: "org:admin" | "org:member" | "org:reviewer";
@@ -127,8 +127,6 @@ export declare function useOrganizationState(): {
             name: string;
             image?: string | undefined;
         };
-        deletedAt?: Date | undefined;
-        lastActiveAt?: Date | undefined;
     } | null>;
 };
 export declare function useApplicationSessionState(): {
@@ -161,5 +159,5 @@ export declare function useApplicationSessionState(): {
         banExpires?: Date | null | undefined;
         lastActiveAt?: Date | null | undefined;
     } | null>;
-    activeOrganization: import("vue").Ref<Omit<FullOrganization, "members" | "invitations" | "teams"> | null, Omit<FullOrganization, "members" | "invitations" | "teams"> | null>;
+    activeOrganization: import("vue").Ref<FullOrganization | null, FullOrganization | null>;
 };

package/dist/runtime/plugins/application-token-refresh.js

@@ -17,16 +17,6 @@ function parseTokenExpiry(token) {
     return null;
   }
 }
-function mapOrganization(organization) {
-  return {
-    name: organization.title,
-    id: organization.id,
-    createdAt: organization.createdAt,
-    logo: organization.avatarUrl,
-    metadata: organization.metadata,
-    slug: organization.slug ?? ""
-  };
-}
 export default defineNuxtPlugin({
   name: "tela-application-token-refresh",
   enforce: "post",
@@ -62,14 +52,14 @@ export default defineNuxtPlugin({
           accessTokenCookie.value = accessToken;
           refreshTokenCookie.value = refreshToken2;
           state.user.value = user2;
-          state.activeOrganization.value = mapOrganization(organization2);
+          state.activeOrganization.value = organization2;
           return;
         }
         const { user, organization } = await $fetch("/auth/refresh", {
           method: "POST"
         });
         state.user.value = user;
-        state.activeOrganization.value = mapOrganization(organization);
+        state.activeOrganization.value = organization;
       } catch {
         await sdkLogout();
         if (import.meta.client) {
@@ -107,7 +97,7 @@ export default defineNuxtPlugin({
         try {
           const data = await authClient.application.whoAmI(accessTokenCookie.value);
           state.user.value = data.user;
-          state.activeOrganization.value = mapOrganization(data.organization);
+          state.activeOrganization.value = data.organization;
         } catch (error) {
           console.error("[Tela Auth SDK] Failed to get user and organization:", error.message);
           if (!refreshTokenCookie.value) {
@@ -135,6 +125,17 @@ export default defineNuxtPlugin({
       return;
     }
     if (import.meta.client) {
+      if (!state.user.value && accessTokenCookie.value) {
+        try {
+          const { user, organization } = await $fetch("/auth/whoami", {
+            method: "GET"
+          });
+          state.user.value = user;
+          state.activeOrganization.value = organization;
+        } catch (error) {
+          console.error("[Tela Auth SDK] Failed to load user info on client startup:", error);
+        }
+      }
       void scheduleTokenRefresh();
     }
   }

package/dist/runtime/server/routes/auth/refresh.d.ts

@@ -26,14 +26,6 @@ declare const _default: import("h3").EventHandler<import("h3").EventHandlerReque
         banExpires?: Date | null | undefined;
         lastActiveAt?: Date | null | undefined;
     };
-    organization: {
-        id: string;
-        title: string;
-        slug: string | null;
-        avatarUrl: string | null;
-        createdAt: Date;
-        metadata: string | null;
-        settings: unknown;
-    };
+    organization: import("@meistrari/auth-core").FullOrganization;
 }>>;
 export default _default;

package/dist/runtime/server/routes/auth/switch-organization.d.ts

@@ -27,14 +27,6 @@ declare const _default: import("h3").EventHandler<import("h3").EventHandlerReque
         banExpires?: Date | null | undefined;
         lastActiveAt?: Date | null | undefined;
     };
-    organization: {
-        id: string;
-        title: string;
-        slug: string | null;
-        avatarUrl: string | null;
-        createdAt: Date;
-        metadata: string | null;
-        settings: unknown;
-    };
+    organization: import("@meistrari/auth-core").FullOrganization;
 }>>;
 export default _default;

package/dist/runtime/server/routes/auth/whoami.d.ts

@@ -0,0 +1,20 @@
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<{
+    success: boolean;
+    user: {
+        id: string;
+        createdAt: Date;
+        updatedAt: Date;
+        email: string;
+        emailVerified: boolean;
+        name: string;
+        image?: string | null | undefined;
+        twoFactorEnabled: boolean | null | undefined;
+        banned: boolean | null | undefined;
+        role?: string | null | undefined;
+        banReason?: string | null | undefined;
+        banExpires?: Date | null | undefined;
+        lastActiveAt?: Date | null | undefined;
+    };
+    organization: import("@meistrari/auth-core").FullOrganization;
+}>>;
+export default _default;

package/dist/runtime/server/routes/auth/whoami.js

@@ -0,0 +1,31 @@
+import { createError, useRuntimeConfig } from "#imports";
+import { defineEventHandler, getCookie } from "h3";
+import { createNuxtAuthClient } from "../../../shared.js";
+export default defineEventHandler(async (event) => {
+  const config = useRuntimeConfig();
+  const authConfig = config.public.telaAuth;
+  const authClient = createNuxtAuthClient(authConfig.apiUrl, () => null, () => null);
+  const accessToken = getCookie(event, "tela-access-token");
+  if (!accessToken) {
+    throw createError({
+      statusCode: 401,
+      statusMessage: "Unauthorized",
+      message: "No access token found"
+    });
+  }
+  try {
+    const { user, organization } = await authClient.application.whoAmI(accessToken);
+    return {
+      success: true,
+      user,
+      organization
+    };
+  } catch (error) {
+    console.error("[Auth WhoAmI] Failed to get user and organization:", error);
+    throw createError({
+      statusCode: 401,
+      statusMessage: "Unauthorized",
+      message: "Failed to get user and organization"
+    });
+  }
+});

package/dist/runtime/server/utils/require-auth.js

@@ -3,7 +3,14 @@ import { createRemoteJWKSet, jwtVerify } from "jose";
 import { useRuntimeConfig } from "nitropack/runtime";
 export function requireAuth(handler, options) {
   return defineEventHandler(async (event) => {
+    const moduleOptions = useRuntimeConfig(event).public.telaAuth;
+    if (!moduleOptions.skipServerMiddleware && !options?.roles && import.meta.dev) {
+      console.warn("You have enabled the global server middleware, meaning you only need to use requireAuth() on routes that require specific roles.", `Triggered at ${event.path}`);
+    }
     if (event.context.auth?.user && event.context.auth?.token) {
+      if (import.meta.dev) {
+        console.debug("Using existing auth context from global server middleware");
+      }
       const user = event.context.auth.user;
       if (options?.roles && !options.roles.includes(user.role ?? "")) {
         throw createError({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@meistrari/auth-nuxt",
-  "version": "2.2.2",
+  "version": "2.3.1",
   "type": "module",
   "exports": {
     ".": {
@@ -31,7 +31,7 @@
     "build": "nuxt-module-build build --stub && nuxt-module-build prepare && nuxt-module-build build"
   },
   "dependencies": {
-    "@meistrari/auth-core": "1.10.0",
+    "@meistrari/auth-core": "1.11.1",
     "jose": "6.1.3"
   },
   "peerDependencies": {