@mesob/auth-react 0.3.5 → 0.4.0

package/dist/components/auth/set-password.js

@@ -0,0 +1,527 @@
+"use client";
+
+// src/components/auth/set-password.tsx
+import { zodResolver } from "@hookform/resolvers/zod";
+import {
+  Alert,
+  AlertDescription,
+  AlertTitle,
+  Button,
+  Form,
+  FormControl,
+  FormField,
+  FormItem,
+  FormLabel,
+  FormMessage,
+  Input,
+  useFormField
+} from "@mesob/ui/components";
+import { useMesob as useMesob2 } from "@mesob/ui/providers";
+import { IconAlertCircle, IconEye, IconEyeOff } from "@tabler/icons-react";
+import { useEffect, useEffectEvent, useState as useState2 } from "react";
+import { useForm } from "react-hook-form";
+import { toast } from "sonner";
+import { z } from "zod";
+
+// src/hooks/use-translator.ts
+import { useMesob } from "@mesob/ui/providers";
+
+// src/lib/translations.ts
+function createTranslator(messages, namespace) {
+  return (key, params) => {
+    const fullKey = namespace ? `${namespace}.${key}` : key;
+    const keys = fullKey.split(".");
+    let value = messages;
+    for (const k of keys) {
+      if (value && typeof value === "object" && value !== null) {
+        value = value[k];
+      } else {
+        return fullKey;
+      }
+    }
+    if (typeof value !== "string") {
+      return fullKey;
+    }
+    if (params) {
+      return value.replace(
+        /\{(\w+)\}/g,
+        (_, param) => String(params[param] ?? `{${param}}`)
+      );
+    }
+    return value;
+  };
+}
+
+// src/provider.tsx
+import { QueryClient, QueryClientProvider } from "@tanstack/react-query";
+import { deepmerge } from "deepmerge-ts";
+import createFetchClient from "openapi-fetch";
+import createClient from "openapi-react-query";
+import { createContext, useContext, useMemo, useState } from "react";
+
+// src/utils/cookie.ts
+var isProduction = typeof process !== "undefined" && process.env.NODE_ENV === "production";
+
+// src/provider.tsx
+import { jsx } from "react/jsx-runtime";
+var SessionContext = createContext(null);
+var ApiContext = createContext(null);
+var ConfigContext = createContext(null);
+var queryClient = new QueryClient({
+  defaultOptions: {
+    queries: {
+      refetchOnWindowFocus: false
+    }
+  }
+});
+function useApi() {
+  const context = useContext(ApiContext);
+  if (!context) {
+    throw new Error("useApi must be used within MesobAuthProvider");
+  }
+  return context;
+}
+function useConfig() {
+  const context = useContext(ConfigContext);
+  if (!context) {
+    throw new Error("useConfig must be used within MesobAuthProvider");
+  }
+  return context;
+}
+
+// src/hooks/use-translator.ts
+function useTranslator(namespace) {
+  const mesob = useMesob();
+  const { config } = useConfig();
+  if (mesob?.t) {
+    return (key, params) => {
+      const fullKey = namespace ? `${namespace}.${key}` : key;
+      return mesob.t?.(fullKey, params) ?? fullKey;
+    };
+  }
+  return createTranslator(config.messages || {}, namespace);
+}
+
+// src/constants/auth.error.codes.ts
+var AUTH_ERROR_MAPPING = {
+  USER_NOT_FOUND: {
+    title: "Account Not Found",
+    description: "We could not find an account with that identifier. Please check your spelling or sign up."
+  },
+  INVALID_PASSWORD: {
+    title: "Invalid Password",
+    description: "The password you entered is incorrect. Please try again."
+  },
+  USER_EXISTS: {
+    title: "Account Already Exists",
+    description: "An account with this identifier already exists. Please sign in instead."
+  },
+  VERIFICATION_EXPIRED: {
+    title: "Verification Expired",
+    description: "The verification code or link has expired. Please request a new one."
+  },
+  VERIFICATION_MISMATCH: {
+    title: "Invalid Code",
+    description: "The verification code you entered is invalid. Please double-check and try again."
+  },
+  VERIFICATION_NOT_FOUND: {
+    title: "Verification Not Found",
+    description: "We could not find a pending verification request. Please restart the process."
+  },
+  TOO_MANY_ATTEMPTS: {
+    title: "Too Many Attempts",
+    description: "You have made too many requests recently. Please wait a moment before trying again."
+  },
+  REQUIRES_VERIFICATION: {
+    title: "Verification Required",
+    description: "You need to verify your account before you can continue. Please check your email or phone."
+  },
+  UNAUTHORIZED: {
+    title: "Unauthorized",
+    description: "You are not authorized to perform this action. Please sign in again."
+  },
+  ACCESS_DENIED: {
+    title: "Access Denied",
+    description: "You do not have permission to access this resource. Please contact support if you believe this is an error."
+  },
+  HAS_NO_PASSWORD: {
+    title: "No Password Set",
+    description: "Your account does not have a password yet. Continue to set a password before signing in."
+  },
+  PASSWORD_ALREADY_SET: {
+    title: "Password Already Set",
+    description: "This account already has a password. Use the normal sign-in form instead."
+  }
+};
+var validCodes = Object.keys(AUTH_ERROR_MAPPING);
+
+// src/utils/handle-error.ts
+function isAuthError(err) {
+  return typeof err === "object" && err !== null && "message" in err && typeof err.message === "string";
+}
+function extractErrorCode(err) {
+  if (err.code && validCodes.includes(err.code)) {
+    return err.code;
+  }
+  if (err.message) {
+    const messageUpper = err.message.toUpperCase().trim();
+    if (validCodes.includes(messageUpper)) {
+      return messageUpper;
+    }
+  }
+  return "";
+}
+function sanitizeErrorMessage(message) {
+  const lowerMessage = message.toLowerCase();
+  const isDatabaseError = lowerMessage.includes("failed query") || lowerMessage.includes("select") || lowerMessage.includes("insert") || lowerMessage.includes("update") || lowerMessage.includes("delete") || lowerMessage.includes("from") || lowerMessage.includes("where") || lowerMessage.includes("limit") || lowerMessage.includes("params:") || lowerMessage.includes("query") || message.includes('"iam".') || message.includes('"tenants"') || message.includes('"users"') || message.includes('"sessions"') || message.includes('"accounts"') || lowerMessage.includes("relation") || lowerMessage.includes("column") || lowerMessage.includes("syntax error") || lowerMessage.includes("database") || lowerMessage.includes("postgres") || lowerMessage.includes("sql");
+  if (isDatabaseError) {
+    return "An error occurred while processing your request";
+  }
+  return message;
+}
+function handleAuthError(err, setError, t) {
+  const errorCode = extractErrorCode(err);
+  if (errorCode && AUTH_ERROR_MAPPING[errorCode]) {
+    const mapping = AUTH_ERROR_MAPPING[errorCode];
+    setError({
+      title: mapping.title,
+      description: mapping.description
+    });
+    return;
+  }
+  const sanitizedMessage = sanitizeErrorMessage(
+    err.message || t("errors.fallback")
+  );
+  setError({
+    title: t("errors.fallback"),
+    description: sanitizedMessage
+  });
+}
+function handleGenericError(err, setError, t) {
+  const rawMessage = err instanceof Error ? err.message : t("errors.fallback");
+  const sanitizedMessage = sanitizeErrorMessage(rawMessage);
+  setError({
+    title: "Error",
+    description: sanitizedMessage
+  });
+}
+var handleError = (err, setError, t) => {
+  if (isAuthError(err)) {
+    handleAuthError(err, setError, t);
+  } else {
+    handleGenericError(err, setError, t);
+  }
+};
+
+// src/utils/normalize-phone.ts
+function normalizePhone(phone) {
+  const cleaned = phone.trim().replace(/\s/g, "");
+  if (cleaned.startsWith("+2519") || cleaned.startsWith("+2517")) {
+    return cleaned;
+  }
+  if (cleaned.startsWith("2519") || cleaned.startsWith("2517")) {
+    return `+${cleaned}`;
+  }
+  if (cleaned.startsWith("09") || cleaned.startsWith("07")) {
+    return `+251${cleaned.slice(1)}`;
+  }
+  if ((cleaned.startsWith("9") || cleaned.startsWith("7")) && cleaned.length === 9) {
+    return `+251${cleaned}`;
+  }
+  return cleaned;
+}
+
+// src/components/auth/auth-layout.tsx
+import { jsx as jsx2, jsxs } from "react/jsx-runtime";
+var AuthLayout = ({
+  title,
+  description,
+  children,
+  footer,
+  logoImage
+}) => {
+  return /* @__PURE__ */ jsxs("div", { className: "space-y-4", children: [
+    /* @__PURE__ */ jsx2("div", { className: "flex size-8 mb-6 w-full items-center justify-center rounded-md", children: /* @__PURE__ */ jsx2(
+      "img",
+      {
+        src: logoImage || "",
+        alt: title,
+        width: 42,
+        height: 42
+      }
+    ) }),
+    /* @__PURE__ */ jsxs("div", { className: "text-center", children: [
+      /* @__PURE__ */ jsx2("h1", { className: "text-2xl font-bold tracking-tight", children: title }),
+      description && /* @__PURE__ */ jsx2("p", { className: "mt-2 text-sm text-muted-foreground", children: description })
+    ] }),
+    children,
+    footer && /* @__PURE__ */ jsx2("div", { className: "mt-2 w-full", children: /* @__PURE__ */ jsx2("div", { className: "w-full text-center text-sm text-muted-foreground", children: footer }) })
+  ] });
+};
+
+// src/components/auth/set-password.tsx
+import { jsx as jsx3, jsxs as jsxs2 } from "react/jsx-runtime";
+function PasswordInput({ field, show, onToggle }) {
+  const { formItemId, error } = useFormField();
+  return /* @__PURE__ */ jsxs2("div", { className: "relative", children: [
+    /* @__PURE__ */ jsx3(
+      Input,
+      {
+        ...field,
+        id: formItemId,
+        type: show ? "text" : "password",
+        "aria-invalid": !!error,
+        className: "pr-10"
+      }
+    ),
+    /* @__PURE__ */ jsx3(
+      Button,
+      {
+        type: "button",
+        variant: "ghost",
+        size: "icon",
+        className: "absolute right-0 top-0 h-full px-3 text-muted-foreground hover:text-foreground",
+        onClick: onToggle,
+        "aria-label": show ? "Hide password" : "Show password",
+        children: show ? /* @__PURE__ */ jsx3(IconEyeOff, { className: "h-4 w-4" }) : /* @__PURE__ */ jsx3(IconEye, { className: "h-4 w-4" })
+      }
+    )
+  ] });
+}
+var setPasswordSchema = (t) => z.object({
+  password: z.string().min(8, t("errors.passwordLength")).max(128, t("errors.longPasswordError")),
+  confirmPassword: z.string()
+}).refine((data) => data.password === data.confirmPassword, {
+  message: t("errors.passwordsMismatch"),
+  path: ["confirmPassword"]
+});
+var getPhoneRegex = (phoneRegex) => {
+  if (typeof phoneRegex === "string") {
+    return new RegExp(phoneRegex);
+  }
+  return phoneRegex || /^(\+2519|\+2517|2519|2517|09|07)\d{8}$/;
+};
+var normalizeIdentifier = (identifier, phoneRegex) => {
+  const resolvedPhoneRegex = getPhoneRegex(phoneRegex);
+  return resolvedPhoneRegex.test(identifier) ? normalizePhone(identifier) : identifier;
+};
+var SetPassword = function SetPassword2({
+  identifier,
+  redirectUrl
+} = {}) {
+  const { hooks, setAuth } = useApi();
+  const { config } = useConfig();
+  const mesob = useMesob2();
+  const t = useTranslator("Auth.setPassword");
+  const Link = mesob?.navigation?.Link;
+  const [error, setError] = useState2(null);
+  const [isLoading, setIsLoading] = useState2(false);
+  const [isChecking, setIsChecking] = useState2(true);
+  const [showPassword, setShowPassword] = useState2(false);
+  const [showConfirmPassword, setShowConfirmPassword] = useState2(false);
+  const [account, setAccount] = useState2(null);
+  const checkAccountMutation = hooks.useMutation("post", "/check-account");
+  const setPasswordMutation = hooks.useMutation("post", "/password/set");
+  const onNavigate = config.navigation?.onNavigate || ((path) => {
+    if (typeof window !== "undefined") {
+      window.location.href = path;
+    }
+  });
+  const signInLink = config.navigation?.links?.signIn || "/auth/sign-in";
+  const logoImage = config.ui.logoImage;
+  const defaultRedirect = redirectUrl || config.navigation?.defaultRedirectUrl || "/";
+  const form = useForm({
+    resolver: zodResolver(setPasswordSchema(t)),
+    defaultValues: {
+      password: "",
+      confirmPassword: ""
+    }
+  });
+  useEffect(() => {
+    if (error) {
+      toast.error(error.title || "Error", {
+        description: error.description
+      });
+    }
+  }, [error]);
+  const loadAccount = useEffectEvent(async () => {
+    if (!identifier) {
+      setError({
+        title: t("errors.fallback"),
+        description: t("errors.missingIdentifier")
+      });
+      setIsChecking(false);
+      return;
+    }
+    try {
+      const normalizedIdentifier = normalizeIdentifier(
+        identifier,
+        config.phoneRegex
+      );
+      const res = await checkAccountMutation.mutateAsync({
+        body: { username: normalizedIdentifier }
+      });
+      if (!(res.exists && res.account && res.requiresPasswordSetup)) {
+        setError({
+          title: t("errors.fallback"),
+          description: t("errors.accountNotEligible")
+        });
+        setIsChecking(false);
+        return;
+      }
+      setAccount({
+        fullName: res.account.fullName,
+        email: res.account.email,
+        phone: res.account.phone
+      });
+    } catch {
+      setError({
+        title: t("errors.fallback"),
+        description: t("errors.accountLookupFailed")
+      });
+    } finally {
+      setIsChecking(false);
+    }
+  });
+  useEffect(() => {
+    loadAccount().catch(() => {
+      setIsChecking(false);
+    });
+  }, [identifier]);
+  const handleSubmit = form.handleSubmit(async (values) => {
+    if (!identifier) {
+      return;
+    }
+    setIsLoading(true);
+    setError(null);
+    try {
+      const normalizedIdentifier = normalizeIdentifier(
+        identifier,
+        config.phoneRegex
+      );
+      const res = await setPasswordMutation.mutateAsync({
+        body: {
+          identifier: normalizedIdentifier,
+          password: values.password
+        }
+      });
+      if ("user" in res && "session" in res) {
+        setAuth(res);
+      }
+      onNavigate(defaultRedirect);
+    } catch (err) {
+      handleError(err, setError, t);
+    } finally {
+      setIsLoading(false);
+    }
+  });
+  const accountLabel = account?.email ? t("form.emailLabel") : t("form.phoneLabel");
+  const accountValue = account?.email || account?.phone || identifier || "";
+  let errorContent = null;
+  if (error) {
+    errorContent = typeof error === "string" ? { title: "Error", description: error } : error;
+  }
+  const showError = !isChecking && !!errorContent;
+  const errorAlert = showError && errorContent && /* @__PURE__ */ jsxs2(Alert, { variant: "destructive", className: "mt-4", children: [
+    /* @__PURE__ */ jsx3(IconAlertCircle, { className: "h-4 w-4" }),
+    /* @__PURE__ */ jsx3(AlertTitle, { children: errorContent.title }),
+    /* @__PURE__ */ jsx3(AlertDescription, { children: errorContent.description })
+  ] });
+  return /* @__PURE__ */ jsxs2(
+    AuthLayout,
+    {
+      title: config.ui.name,
+      description: t("description"),
+      logoImage,
+      footer: /* @__PURE__ */ jsxs2("p", { children: [
+        t("footer.hasPassword"),
+        " ",
+        Link ? /* @__PURE__ */ jsx3(Link, { href: signInLink, className: "text-primary hover:underline", children: t("footer.signInCta") }) : /* @__PURE__ */ jsx3(
+          "a",
+          {
+            href: signInLink,
+            onClick: (e) => {
+              e.preventDefault();
+              onNavigate(signInLink);
+            },
+            className: "text-primary hover:underline",
+            children: t("footer.signInCta")
+          }
+        )
+      ] }),
+      children: [
+        /* @__PURE__ */ jsx3(Form, { ...form, children: /* @__PURE__ */ jsxs2(
+          "form",
+          {
+            id: "set-password-form",
+            onSubmit: handleSubmit,
+            className: "space-y-4",
+            children: [
+              /* @__PURE__ */ jsxs2(FormItem, { children: [
+                /* @__PURE__ */ jsx3(FormLabel, { children: t("form.fullNameLabel") }),
+                /* @__PURE__ */ jsx3(FormControl, { children: /* @__PURE__ */ jsx3(Input, { value: account?.fullName || "", disabled: true }) })
+              ] }),
+              /* @__PURE__ */ jsxs2(FormItem, { children: [
+                /* @__PURE__ */ jsx3(FormLabel, { children: accountLabel }),
+                /* @__PURE__ */ jsx3(FormControl, { children: /* @__PURE__ */ jsx3(Input, { value: accountValue, disabled: true }) })
+              ] }),
+              /* @__PURE__ */ jsx3(
+                FormField,
+                {
+                  control: form.control,
+                  name: "password",
+                  render: ({ field }) => /* @__PURE__ */ jsxs2(FormItem, { children: [
+                    /* @__PURE__ */ jsx3(FormLabel, { children: t("form.passwordLabel") }),
+                    /* @__PURE__ */ jsx3(
+                      PasswordInput,
+                      {
+                        field,
+                        show: showPassword,
+                        onToggle: () => setShowPassword(!showPassword)
+                      }
+                    ),
+                    /* @__PURE__ */ jsx3(FormMessage, {})
+                  ] })
+                }
+              ),
+              /* @__PURE__ */ jsx3(
+                FormField,
+                {
+                  control: form.control,
+                  name: "confirmPassword",
+                  render: ({ field }) => /* @__PURE__ */ jsxs2(FormItem, { children: [
+                    /* @__PURE__ */ jsx3(FormLabel, { children: t("form.confirmPasswordLabel") }),
+                    /* @__PURE__ */ jsx3(
+                      PasswordInput,
+                      {
+                        field,
+                        show: showConfirmPassword,
+                        onToggle: () => setShowConfirmPassword(!showConfirmPassword)
+                      }
+                    ),
+                    /* @__PURE__ */ jsx3(FormMessage, {})
+                  ] })
+                }
+              ),
+              /* @__PURE__ */ jsx3(
+                Button,
+                {
+                  type: "submit",
+                  form: "set-password-form",
+                  className: "w-full",
+                  disabled: isChecking || !account || isLoading || setPasswordMutation.isPending,
+                  children: isLoading || setPasswordMutation.isPending ? t("form.submitting") : t("form.submit")
+                }
+              )
+            ]
+          }
+        ) }),
+        errorAlert
+      ]
+    }
+  );
+};
+export {
+  SetPassword
+};
+//# sourceMappingURL=set-password.js.map

package/dist/components/auth/set-password.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/components/auth/set-password.tsx","../../../src/hooks/use-translator.ts","../../../src/lib/translations.ts","../../../src/provider.tsx","../../../src/utils/cookie.ts","../../../src/constants/auth.error.codes.ts","../../../src/utils/handle-error.ts","../../../src/utils/normalize-phone.ts","../../../src/components/auth/auth-layout.tsx"],"sourcesContent":["'use client';\n\nimport { zodResolver } from '@hookform/resolvers/zod';\nimport {\n  Alert,\n  AlertDescription,\n  AlertTitle,\n  Button,\n  Form,\n  FormControl,\n  FormField,\n  FormItem,\n  FormLabel,\n  FormMessage,\n  Input,\n  useFormField,\n} from '@mesob/ui/components';\nimport { useMesob } from '@mesob/ui/providers';\nimport { IconAlertCircle, IconEye, IconEyeOff } from '@tabler/icons-react';\nimport type { ChangeEvent, ComponentProps } from 'react';\nimport { useEffect, useEffectEvent, useState } from 'react';\nimport { useForm } from 'react-hook-form';\nimport { toast } from 'sonner';\nimport { z } from 'zod';\nimport { useTranslator } from '../../hooks/use-translator';\nimport { useApi, useConfig } from '../../provider';\nimport type { AuthErrorContent } from '../../utils/handle-error';\nimport { handleError } from '../../utils/handle-error';\nimport { normalizePhone } from '../../utils/normalize-phone';\nimport { AuthLayout } from './auth-layout';\n\ntype PasswordInputProps = {\n  field: ComponentProps<'input'> & {\n    value: string;\n    onChange: (e: ChangeEvent<HTMLInputElement>) => void;\n    onBlur: () => void;\n  };\n  show: boolean;\n  onToggle: () => void;\n};\n\nfunction PasswordInput({ field, show, onToggle }: PasswordInputProps) {\n  const { formItemId, error } = useFormField();\n  return (\n    <div className=\"relative\">\n      <Input\n        {...field}\n        id={formItemId}\n        type={show ? 'text' : 'password'}\n        aria-invalid={!!error}\n        className=\"pr-10\"\n      />\n      <Button\n        type=\"button\"\n        variant=\"ghost\"\n        size=\"icon\"\n        className=\"absolute right-0 top-0 h-full px-3 text-muted-foreground hover:text-foreground\"\n        onClick={onToggle}\n        aria-label={show ? 'Hide password' : 'Show password'}\n      >\n        {show ? (\n          <IconEyeOff className=\"h-4 w-4\" />\n        ) : (\n          <IconEye className=\"h-4 w-4\" />\n        )}\n      </Button>\n    </div>\n  );\n}\n\nconst setPasswordSchema = (t: (key: string) => string) =>\n  z\n    .object({\n      password: z\n        .string()\n        .min(8, t('errors.passwordLength'))\n        .max(128, t('errors.longPasswordError')),\n      confirmPassword: z.string(),\n    })\n    .refine((data) => data.password === data.confirmPassword, {\n      message: t('errors.passwordsMismatch'),\n      path: ['confirmPassword'],\n    });\n\ntype SetPasswordFormValues = z.infer<ReturnType<typeof setPasswordSchema>>;\n\ntype SetPasswordProps = {\n  identifier?: string;\n  redirectUrl?: string;\n};\n\ntype AccountState = {\n  fullName: string;\n  email: string | null;\n  phone: string | null;\n};\n\nconst getPhoneRegex = (phoneRegex: RegExp | string | undefined) => {\n  if (typeof phoneRegex === 'string') {\n    return new RegExp(phoneRegex);\n  }\n\n  return phoneRegex || /^(\\+2519|\\+2517|2519|2517|09|07)\\d{8}$/;\n};\n\nconst normalizeIdentifier = (\n  identifier: string,\n  phoneRegex: RegExp | string | undefined,\n) => {\n  const resolvedPhoneRegex = getPhoneRegex(phoneRegex);\n  return resolvedPhoneRegex.test(identifier)\n    ? normalizePhone(identifier)\n    : identifier;\n};\n\nexport const SetPassword = function SetPassword({\n  identifier,\n  redirectUrl,\n}: SetPasswordProps = {}) {\n  const { hooks, setAuth } = useApi();\n  const { config } = useConfig();\n  const mesob = useMesob();\n  const t = useTranslator('Auth.setPassword');\n  const Link = mesob?.navigation?.Link;\n  const [error, setError] = useState<AuthErrorContent | null>(null);\n  const [isLoading, setIsLoading] = useState(false);\n  const [isChecking, setIsChecking] = useState(true);\n  const [showPassword, setShowPassword] = useState(false);\n  const [showConfirmPassword, setShowConfirmPassword] = useState(false);\n  const [account, setAccount] = useState<AccountState | null>(null);\n\n  const checkAccountMutation = hooks.useMutation('post', '/check-account');\n  const setPasswordMutation = hooks.useMutation('post', '/password/set');\n\n  const onNavigate =\n    config.navigation?.onNavigate ||\n    ((path: string) => {\n      if (typeof window !== 'undefined') {\n        window.location.href = path;\n      }\n    });\n  const signInLink = config.navigation?.links?.signIn || '/auth/sign-in';\n  const logoImage = config.ui.logoImage;\n  const defaultRedirect =\n    redirectUrl || config.navigation?.defaultRedirectUrl || '/';\n  const form = useForm<SetPasswordFormValues>({\n    resolver: zodResolver(setPasswordSchema(t)),\n    defaultValues: {\n      password: '',\n      confirmPassword: '',\n    },\n  });\n\n  useEffect(() => {\n    if (error) {\n      toast.error(error.title || 'Error', {\n        description: error.description,\n      });\n    }\n  }, [error]);\n\n  const loadAccount = useEffectEvent(async () => {\n    if (!identifier) {\n      setError({\n        title: t('errors.fallback'),\n        description: t('errors.missingIdentifier'),\n      });\n      setIsChecking(false);\n      return;\n    }\n\n    try {\n      const normalizedIdentifier = normalizeIdentifier(\n        identifier,\n        config.phoneRegex,\n      );\n      const res = await checkAccountMutation.mutateAsync({\n        body: { username: normalizedIdentifier },\n      });\n\n      if (!(res.exists && res.account && res.requiresPasswordSetup)) {\n        setError({\n          title: t('errors.fallback'),\n          description: t('errors.accountNotEligible'),\n        });\n        setIsChecking(false);\n        return;\n      }\n\n      setAccount({\n        fullName: res.account.fullName,\n        email: res.account.email,\n        phone: res.account.phone,\n      });\n    } catch {\n      setError({\n        title: t('errors.fallback'),\n        description: t('errors.accountLookupFailed'),\n      });\n    } finally {\n      setIsChecking(false);\n    }\n  });\n\n  // biome-ignore lint/correctness/useExhaustiveDependencies: rerun only when route identifier changes\n  useEffect(() => {\n    loadAccount().catch(() => {\n      setIsChecking(false);\n    });\n  }, [identifier]);\n\n  const handleSubmit = form.handleSubmit(async (values) => {\n    if (!identifier) {\n      return;\n    }\n\n    setIsLoading(true);\n    setError(null);\n\n    try {\n      const normalizedIdentifier = normalizeIdentifier(\n        identifier,\n        config.phoneRegex,\n      );\n      const res = await setPasswordMutation.mutateAsync({\n        body: {\n          identifier: normalizedIdentifier,\n          password: values.password,\n        },\n      });\n\n      if ('user' in res && 'session' in res) {\n        setAuth(res);\n      }\n      onNavigate(defaultRedirect);\n    } catch (err) {\n      handleError(err, setError, t);\n    } finally {\n      setIsLoading(false);\n    }\n  });\n\n  const accountLabel = account?.email\n    ? t('form.emailLabel')\n    : t('form.phoneLabel');\n  const accountValue = account?.email || account?.phone || identifier || '';\n\n  let errorContent: AuthErrorContent | null = null;\n  if (error) {\n    errorContent =\n      typeof error === 'string'\n        ? { title: 'Error', description: error }\n        : error;\n  }\n  const showError = !isChecking && !!errorContent;\n  const errorAlert = showError && errorContent && (\n    <Alert variant=\"destructive\" className=\"mt-4\">\n      <IconAlertCircle className=\"h-4 w-4\" />\n      <AlertTitle>{errorContent.title}</AlertTitle>\n      <AlertDescription>{errorContent.description}</AlertDescription>\n    </Alert>\n  );\n\n  return (\n    <AuthLayout\n      title={config.ui.name}\n      description={t('description')}\n      logoImage={logoImage}\n      footer={\n        <p>\n          {t('footer.hasPassword')}{' '}\n          {Link ? (\n            <Link href={signInLink} className=\"text-primary hover:underline\">\n              {t('footer.signInCta')}\n            </Link>\n          ) : (\n            <a\n              href={signInLink}\n              onClick={(e) => {\n                e.preventDefault();\n                onNavigate(signInLink);\n              }}\n              className=\"text-primary hover:underline\"\n            >\n              {t('footer.signInCta')}\n            </a>\n          )}\n        </p>\n      }\n    >\n      <Form {...form}>\n        <form\n          id=\"set-password-form\"\n          onSubmit={handleSubmit}\n          className=\"space-y-4\"\n        >\n          <FormItem>\n            <FormLabel>{t('form.fullNameLabel')}</FormLabel>\n            <FormControl>\n              <Input value={account?.fullName || ''} disabled />\n            </FormControl>\n          </FormItem>\n          <FormItem>\n            <FormLabel>{accountLabel}</FormLabel>\n            <FormControl>\n              <Input value={accountValue} disabled />\n            </FormControl>\n          </FormItem>\n          <FormField\n            control={form.control}\n            name=\"password\"\n            render={({ field }) => (\n              <FormItem>\n                <FormLabel>{t('form.passwordLabel')}</FormLabel>\n                <PasswordInput\n                  field={field}\n                  show={showPassword}\n                  onToggle={() => setShowPassword(!showPassword)}\n                />\n                <FormMessage />\n              </FormItem>\n            )}\n          />\n          <FormField\n            control={form.control}\n            name=\"confirmPassword\"\n            render={({ field }) => (\n              <FormItem>\n                <FormLabel>{t('form.confirmPasswordLabel')}</FormLabel>\n                <PasswordInput\n                  field={field}\n                  show={showConfirmPassword}\n                  onToggle={() => setShowConfirmPassword(!showConfirmPassword)}\n                />\n                <FormMessage />\n              </FormItem>\n            )}\n          />\n          <Button\n            type=\"submit\"\n            form=\"set-password-form\"\n            className=\"w-full\"\n            disabled={\n              isChecking ||\n              !account ||\n              isLoading ||\n              setPasswordMutation.isPending\n            }\n          >\n            {isLoading || setPasswordMutation.isPending\n              ? t('form.submitting')\n              : t('form.submit')}\n          </Button>\n        </form>\n      </Form>\n      {errorAlert}\n    </AuthLayout>\n  );\n};\n","import { useMesob } from '@mesob/ui/providers';\nimport { createTranslator } from '../lib/translations';\nimport { useConfig } from '../provider';\n\nexport function useTranslator(namespace?: string) {\n  const mesob = useMesob();\n  const { config } = useConfig();\n\n  if (mesob?.t) {\n    return (key: string, params?: Record<string, string | number>): string => {\n      const fullKey = namespace ? `${namespace}.${key}` : key;\n      return mesob.t?.(fullKey, params) ?? fullKey;\n    };\n  }\n\n  return createTranslator(config.messages || {}, namespace);\n}\n","type Messages = Record<string, unknown>;\n\nexport function createTranslator(messages: Messages, namespace?: string) {\n  return (key: string, params?: Record<string, string | number>): string => {\n    const fullKey = namespace ? `${namespace}.${key}` : key;\n    const keys = fullKey.split('.');\n\n    let value: unknown = messages;\n    for (const k of keys) {\n      if (value && typeof value === 'object' && value !== null) {\n        value = (value as Record<string, unknown>)[k];\n      } else {\n        return fullKey;\n      }\n    }\n\n    if (typeof value !== 'string') {\n      return fullKey;\n    }\n\n    // Simple parameter replacement\n    if (params) {\n      return value.replace(/\\{(\\w+)\\}/g, (_, param) =>\n        String(params[param] ?? `{${param}}`),\n      );\n    }\n\n    return value;\n  };\n}\n","'use client';\n\nimport { QueryClient, QueryClientProvider } from '@tanstack/react-query';\nimport { deepmerge } from 'deepmerge-ts';\nimport createFetchClient from 'openapi-fetch';\nimport createClient from 'openapi-react-query';\nimport type { ReactNode } from 'react';\nimport { createContext, useContext, useMemo, useState } from 'react';\nimport type { paths } from './data/openapi';\nimport { createTranslator } from './lib/translations';\nimport {\n  type AuthClientConfig,\n  type AuthResponse,\n  defaultAuthClientConfig,\n  type Session,\n  type User,\n} from './types';\nimport { getSessionCookieName } from './utils/cookie';\nimport { createCustomFetch } from './utils/custom-fetch';\n\n// biome-ignore lint/suspicious/noExplicitAny: OpenAPI hooks type\ntype OpenApiHooks = any;\n\n// --- Utility: Check if running on server ---\nfunction isServer(): boolean {\n  return typeof document === 'undefined';\n}\n\n/**\n * @deprecated Cookie is httpOnly and cannot be read client-side.\n * Use `useSession().isAuthenticated` instead.\n * This function always returns false on client.\n */\nexport function hasAuthCookie(_cookieName: string): boolean {\n  // Cookie is httpOnly, can't check client-side\n  // Always return false - use useSession() for auth status\n  return false;\n}\n\n// --- Types ---\nexport type AuthStatus = 'loading' | 'authenticated' | 'unauthenticated';\n\ntype AuthState = {\n  user: User | null;\n  session: Session | null;\n  status: AuthStatus;\n  error: Error | null;\n};\n\ntype SessionContextValue = AuthState & {\n  isLoading: boolean;\n  isAuthenticated: boolean;\n  refresh: () => Promise<void>;\n  signOut: () => Promise<void>;\n};\n\ntype ApiContextValue = {\n  hooks: OpenApiHooks;\n  setAuth: (auth: AuthResponse) => void;\n  clearAuth: () => void;\n  refresh: () => Promise<void>;\n};\n\ntype ConfigContextValue = {\n  config: AuthClientConfig;\n  cookieName: string;\n  t: (key: string, params?: Record<string, string | number>) => string;\n};\n\nconst SessionContext = createContext<SessionContextValue | null>(null);\nconst ApiContext = createContext<ApiContextValue | null>(null);\nconst ConfigContext = createContext<ConfigContextValue | null>(null);\n\nconst queryClient = new QueryClient({\n  defaultOptions: {\n    queries: {\n      refetchOnWindowFocus: false,\n    },\n  },\n});\n\n// --- Hooks ---\n\n/**\n * Get session state including user, session, and auth status.\n * - `status`: 'loading' | 'authenticated' | 'unauthenticated'\n * - `isLoading`: true while fetching session\n * - `isAuthenticated`: true if user and session exist\n */\nexport function useSession(): SessionContextValue {\n  const context = useContext(SessionContext);\n  if (!context) {\n    throw new Error('useSession must be used within MesobAuthProvider');\n  }\n  return context;\n}\n\nexport function useApi(): ApiContextValue {\n  const context = useContext(ApiContext);\n  if (!context) {\n    throw new Error('useApi must be used within MesobAuthProvider');\n  }\n  return context;\n}\n\nexport function useConfig(): ConfigContextValue {\n  const context = useContext(ConfigContext);\n  if (!context) {\n    throw new Error('useConfig must be used within MesobAuthProvider');\n  }\n  return context;\n}\n\n/**\n * @deprecated Cookie is httpOnly, can't be checked client-side.\n * Use `useSession().isAuthenticated` instead.\n */\nexport function useHasAuthCookie(): boolean {\n  const { status } = useSession();\n  return status === 'authenticated' || status === 'loading';\n}\n\n// --- Provider ---\n\ntype MesobAuthProviderProps = {\n  config: AuthClientConfig;\n  children: ReactNode;\n};\n\nexport function MesobAuthProvider({\n  config,\n  children,\n}: MesobAuthProviderProps) {\n  const mergedConfig = useMemo(\n    () =>\n      deepmerge(\n        { ...defaultAuthClientConfig } as Partial<AuthClientConfig>,\n        config,\n      ) as AuthClientConfig,\n    [config],\n  );\n\n  const api = useMemo(\n    () =>\n      createFetchClient<paths>({\n        baseUrl: mergedConfig.baseURL,\n        fetch: createCustomFetch(mergedConfig),\n      }),\n    [mergedConfig],\n  );\n\n  const hooks = useMemo(() => createClient(api), [api]);\n  const cookieName = useMemo(\n    () => getSessionCookieName(mergedConfig),\n    [mergedConfig],\n  );\n\n  return (\n    <QueryClientProvider client={queryClient}>\n      <AuthStateProvider\n        config={mergedConfig}\n        hooks={hooks}\n        cookieName={cookieName}\n      >\n        {children}\n      </AuthStateProvider>\n    </QueryClientProvider>\n  );\n}\n\ntype AuthStateProviderProps = {\n  config: AuthClientConfig;\n  hooks: OpenApiHooks;\n  cookieName: string;\n  children: ReactNode;\n};\n\nfunction AuthStateProvider({\n  config,\n  hooks,\n  cookieName,\n  children,\n}: AuthStateProviderProps) {\n  // Manual override for sign-out / sign-in\n  const [override, setOverride] = useState<AuthState | null>(null);\n\n  // Always fetch session - cookie is httpOnly, can't check client-side\n  // Server will read the cookie and return user/session if valid\n  const {\n    data: sessionData,\n    isLoading,\n    isFetched,\n    error: sessionError,\n    refetch,\n  } = hooks.useQuery(\n    'get',\n    '/session',\n    {},\n    {\n      enabled: !(override || isServer()),\n      refetchOnMount: false,\n      refetchOnWindowFocus: false,\n      refetchOnReconnect: false,\n      retry: false,\n      gcTime: 0,\n      staleTime: 0,\n    },\n  );\n\n  // Derive state directly - no useEffect\n  const user = override?.user ?? sessionData?.user ?? null;\n  const session = override?.session ?? sessionData?.session ?? null;\n  const error = override?.error ?? (sessionError as Error | null);\n\n  // Check error status code\n  const errorStatus = (() => {\n    if (!sessionError) {\n      return null;\n    }\n    const err = sessionError as { status?: number };\n    return err.status ?? null;\n  })();\n\n  // Check if error is a network/connection error\n  const isNetworkError = (() => {\n    if (!sessionError) {\n      return false;\n    }\n    const error = sessionError as Error & { cause?: unknown; data?: unknown };\n    const errorMessage =\n      error.message || String(error) || JSON.stringify(error);\n    // Network errors: TypeError, DOMException, or fetch failures\n    if (\n      error instanceof TypeError ||\n      error instanceof DOMException ||\n      error.name === 'TypeError' ||\n      errorMessage.includes('Failed to fetch') ||\n      errorMessage.includes('ERR_CONNECTION_REFUSED') ||\n      errorMessage.includes('NetworkError') ||\n      errorMessage.includes('Network request failed') ||\n      errorMessage.includes('fetch failed')\n    ) {\n      return true;\n    }\n    // Check error cause\n    if (error.cause) {\n      const causeStr = String(error.cause);\n      if (\n        causeStr.includes('Failed to fetch') ||\n        causeStr.includes('ERR_CONNECTION_REFUSED') ||\n        causeStr.includes('NetworkError')\n      ) {\n        return true;\n      }\n    }\n    return false;\n  })();\n\n  // Compute status\n  // biome-ignore lint: Status determination requires multiple checks\n  const status: AuthStatus = (() => {\n    if (override) {\n      return override.status;\n    }\n    if (isServer()) {\n      return 'loading';\n    }\n    if (user && session) {\n      return 'authenticated';\n    }\n    // Check for network errors or auth errors first - allow auth page to show\n    if (isNetworkError || errorStatus === 401) {\n      return 'unauthenticated';\n    }\n    // If we have an error but it's not a network error, still check loading state\n    if (sessionError && !isNetworkError && errorStatus !== 401) {\n      if (errorStatus && errorStatus >= 500) {\n        return 'authenticated';\n      }\n      // Other errors mean unauthenticated\n      if (isFetched) {\n        return 'unauthenticated';\n      }\n    }\n    if (isLoading || !isFetched) {\n      return 'loading';\n    }\n    if (isFetched && !user && !session) {\n      return 'unauthenticated';\n    }\n    return 'unauthenticated';\n  })();\n\n  const signOutMutation = hooks.useMutation('post', '/sign-out');\n  const t = createTranslator(config.messages || {});\n\n  const setAuth = (auth: AuthResponse) => {\n    setOverride({\n      user: auth.user,\n      session: auth.session,\n      status: 'authenticated',\n      error: null,\n    });\n  };\n\n  const clearAuth = () => {\n    setOverride({\n      user: null,\n      session: null,\n      status: 'unauthenticated',\n      error: null,\n    });\n  };\n\n  const refresh = async () => {\n    setOverride(null);\n    await refetch();\n  };\n\n  const signOut = async () => {\n    try {\n      await signOutMutation.mutateAsync({});\n    } finally {\n      clearAuth();\n    }\n  };\n\n  return (\n    <ConfigContext.Provider value={{ config, cookieName, t }}>\n      <ApiContext.Provider value={{ hooks, setAuth, clearAuth, refresh }}>\n        <SessionContext.Provider\n          value={{\n            user,\n            session,\n            status,\n            error,\n            isLoading: status === 'loading',\n            isAuthenticated: status === 'authenticated',\n            refresh,\n            signOut,\n          }}\n        >\n          {children}\n        </SessionContext.Provider>\n      </ApiContext.Provider>\n    </ConfigContext.Provider>\n  );\n}\n","import type { AuthClientConfig } from '../types';\n\nconst isProduction =\n  typeof process !== 'undefined' && process.env.NODE_ENV === 'production';\n\nexport const getSessionCookieName = (config: AuthClientConfig): string => {\n  const prefix = config.cookiePrefix || '';\n  const baseName = 'session_token';\n  if (prefix) {\n    return `${prefix}_${baseName}`;\n  }\n  return isProduction ? '__Host-session_token' : baseName;\n};\n","export const AUTH_ERROR_MAPPING: Record<\n  string,\n  { title: string; description: string }\n> = {\n  USER_NOT_FOUND: {\n    title: 'Account Not Found',\n    description:\n      'We could not find an account with that identifier. Please check your spelling or sign up.',\n  },\n  INVALID_PASSWORD: {\n    title: 'Invalid Password',\n    description: 'The password you entered is incorrect. Please try again.',\n  },\n  USER_EXISTS: {\n    title: 'Account Already Exists',\n    description:\n      'An account with this identifier already exists. Please sign in instead.',\n  },\n  VERIFICATION_EXPIRED: {\n    title: 'Verification Expired',\n    description:\n      'The verification code or link has expired. Please request a new one.',\n  },\n  VERIFICATION_MISMATCH: {\n    title: 'Invalid Code',\n    description:\n      'The verification code you entered is invalid. Please double-check and try again.',\n  },\n  VERIFICATION_NOT_FOUND: {\n    title: 'Verification Not Found',\n    description:\n      'We could not find a pending verification request. Please restart the process.',\n  },\n  TOO_MANY_ATTEMPTS: {\n    title: 'Too Many Attempts',\n    description:\n      'You have made too many requests recently. Please wait a moment before trying again.',\n  },\n  REQUIRES_VERIFICATION: {\n    title: 'Verification Required',\n    description:\n      'You need to verify your account before you can continue. Please check your email or phone.',\n  },\n  UNAUTHORIZED: {\n    title: 'Unauthorized',\n    description:\n      'You are not authorized to perform this action. Please sign in again.',\n  },\n  ACCESS_DENIED: {\n    title: 'Access Denied',\n    description:\n      'You do not have permission to access this resource. Please contact support if you believe this is an error.',\n  },\n  HAS_NO_PASSWORD: {\n    title: 'No Password Set',\n    description:\n      'Your account does not have a password yet. Continue to set a password before signing in.',\n  },\n  PASSWORD_ALREADY_SET: {\n    title: 'Password Already Set',\n    description:\n      'This account already has a password. Use the normal sign-in form instead.',\n  },\n};\n\nexport const validCodes = Object.keys(AUTH_ERROR_MAPPING);\n","import { AUTH_ERROR_MAPPING, validCodes } from '../constants/auth.error.codes';\nimport type { AuthError } from '../types';\n\nexport type AuthErrorContent = {\n  title: string;\n  description: string;\n};\n\ntype TranslatorFunction = (\n  key: string,\n  params?: Record<string, string | number>,\n) => string;\n\n// Type guard to check if error is an AuthError\nfunction isAuthError(err: unknown): err is AuthError {\n  return (\n    typeof err === 'object' &&\n    err !== null &&\n    'message' in err &&\n    typeof (err as { message: unknown }).message === 'string'\n  );\n}\n\nfunction extractErrorCode(err: AuthError): string {\n  if (err.code && validCodes.includes(err.code)) {\n    return err.code;\n  }\n  if (err.message) {\n    const messageUpper = err.message.toUpperCase().trim();\n    if (validCodes.includes(messageUpper)) {\n      return messageUpper;\n    }\n  }\n  return '';\n}\n\nfunction sanitizeErrorMessage(message: string): string {\n  const lowerMessage = message.toLowerCase();\n  const isDatabaseError =\n    lowerMessage.includes('failed query') ||\n    lowerMessage.includes('select') ||\n    lowerMessage.includes('insert') ||\n    lowerMessage.includes('update') ||\n    lowerMessage.includes('delete') ||\n    lowerMessage.includes('from') ||\n    lowerMessage.includes('where') ||\n    lowerMessage.includes('limit') ||\n    lowerMessage.includes('params:') ||\n    lowerMessage.includes('query') ||\n    message.includes('\"iam\".') ||\n    message.includes('\"tenants\"') ||\n    message.includes('\"users\"') ||\n    message.includes('\"sessions\"') ||\n    message.includes('\"accounts\"') ||\n    lowerMessage.includes('relation') ||\n    lowerMessage.includes('column') ||\n    lowerMessage.includes('syntax error') ||\n    lowerMessage.includes('database') ||\n    lowerMessage.includes('postgres') ||\n    lowerMessage.includes('sql');\n\n  if (isDatabaseError) {\n    return 'An error occurred while processing your request';\n  }\n\n  return message;\n}\n\nfunction handleAuthError(\n  err: AuthError,\n  setError: (error: AuthErrorContent | null) => void,\n  t: TranslatorFunction,\n) {\n  const errorCode = extractErrorCode(err);\n\n  if (errorCode && AUTH_ERROR_MAPPING[errorCode]) {\n    const mapping = AUTH_ERROR_MAPPING[errorCode];\n    setError({\n      title: mapping.title,\n      description: mapping.description,\n    });\n    return;\n  }\n\n  const sanitizedMessage = sanitizeErrorMessage(\n    err.message || t('errors.fallback'),\n  );\n  setError({\n    title: t('errors.fallback'),\n    description: sanitizedMessage,\n  });\n}\n\nfunction handleGenericError(\n  err: unknown,\n  setError: (error: AuthErrorContent | null) => void,\n  t: TranslatorFunction,\n) {\n  const rawMessage = err instanceof Error ? err.message : t('errors.fallback');\n  const sanitizedMessage = sanitizeErrorMessage(rawMessage);\n  setError({\n    title: 'Error',\n    description: sanitizedMessage,\n  });\n}\n\nexport const handleError = (\n  err: unknown,\n  setError: (error: AuthErrorContent | null) => void,\n  t: TranslatorFunction,\n) => {\n  if (isAuthError(err)) {\n    handleAuthError(err, setError, t);\n  } else {\n    handleGenericError(err, setError, t);\n  }\n};\n","export function normalizePhone(phone: string): string {\n  const cleaned = phone.trim().replace(/\\s/g, '');\n  if (cleaned.startsWith('+2519') || cleaned.startsWith('+2517')) {\n    return cleaned;\n  }\n  if (cleaned.startsWith('2519') || cleaned.startsWith('2517')) {\n    return `+${cleaned}`;\n  }\n  if (cleaned.startsWith('09') || cleaned.startsWith('07')) {\n    return `+251${cleaned.slice(1)}`;\n  }\n  if (\n    (cleaned.startsWith('9') || cleaned.startsWith('7')) &&\n    cleaned.length === 9\n  ) {\n    return `+251${cleaned}`;\n  }\n  return cleaned;\n}\n","'use client';\n\nimport type { ReactNode } from 'react';\n\ntype AuthLayoutProps = {\n  title: ReactNode;\n  description?: string;\n  children: ReactNode;\n  footer?: ReactNode;\n  logoImage?: string;\n};\n\nexport const AuthLayout = ({\n  title,\n  description,\n  children,\n  footer,\n  logoImage,\n}: AuthLayoutProps) => {\n  return (\n    <div className=\"space-y-4\">\n      <div className=\"flex size-8 mb-6 w-full items-center justify-center rounded-md\">\n        {/** biome-ignore lint/performance/noImgElement: logo image */}\n        <img\n          src={logoImage || ''}\n          alt={title as string}\n          width={42}\n          height={42}\n        />\n      </div>\n      <div className=\"text-center\">\n        <h1 className=\"text-2xl font-bold tracking-tight\">{title}</h1>\n        {description && (\n          <p className=\"mt-2 text-sm text-muted-foreground\">{description}</p>\n        )}\n      </div>\n\n      {children}\n\n      {footer && (\n        <div className=\"mt-2 w-full\">\n          <div className=\"w-full text-center text-sm text-muted-foreground\">\n            {footer}\n          </div>\n        </div>\n      )}\n    </div>\n  );\n};\n"],"mappings":";;;AAEA,SAAS,mBAAmB;AAC5B;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,YAAAA,iBAAgB;AACzB,SAAS,iBAAiB,SAAS,kBAAkB;AAErD,SAAS,WAAW,gBAAgB,YAAAC,iBAAgB;AACpD,SAAS,eAAe;AACxB,SAAS,aAAa;AACtB,SAAS,SAAS;;;ACvBlB,SAAS,gBAAgB;;;ACElB,SAAS,iBAAiB,UAAoB,WAAoB;AACvE,SAAO,CAAC,KAAa,WAAqD;AACxE,UAAM,UAAU,YAAY,GAAG,SAAS,IAAI,GAAG,KAAK;AACpD,UAAM,OAAO,QAAQ,MAAM,GAAG;AAE9B,QAAI,QAAiB;AACrB,eAAW,KAAK,MAAM;AACpB,UAAI,SAAS,OAAO,UAAU,YAAY,UAAU,MAAM;AACxD,gBAAS,MAAkC,CAAC;AAAA,MAC9C,OAAO;AACL,eAAO;AAAA,MACT;AAAA,IACF;AAEA,QAAI,OAAO,UAAU,UAAU;AAC7B,aAAO;AAAA,IACT;AAGA,QAAI,QAAQ;AACV,aAAO,MAAM;AAAA,QAAQ;AAAA,QAAc,CAAC,GAAG,UACrC,OAAO,OAAO,KAAK,KAAK,IAAI,KAAK,GAAG;AAAA,MACtC;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AACF;;;AC3BA,SAAS,aAAa,2BAA2B;AACjD,SAAS,iBAAiB;AAC1B,OAAO,uBAAuB;AAC9B,OAAO,kBAAkB;AAEzB,SAAS,eAAe,YAAY,SAAS,gBAAgB;;;ACL7D,IAAM,eACJ,OAAO,YAAY,eAAe,QAAQ,IAAI,aAAa;;;AD4JvD;AA1FN,IAAM,iBAAiB,cAA0C,IAAI;AACrE,IAAM,aAAa,cAAsC,IAAI;AAC7D,IAAM,gBAAgB,cAAyC,IAAI;AAEnE,IAAM,cAAc,IAAI,YAAY;AAAA,EAClC,gBAAgB;AAAA,IACd,SAAS;AAAA,MACP,sBAAsB;AAAA,IACxB;AAAA,EACF;AACF,CAAC;AAkBM,SAAS,SAA0B;AACxC,QAAM,UAAU,WAAW,UAAU;AACrC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,8CAA8C;AAAA,EAChE;AACA,SAAO;AACT;AAEO,SAAS,YAAgC;AAC9C,QAAM,UAAU,WAAW,aAAa;AACxC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,iDAAiD;AAAA,EACnE;AACA,SAAO;AACT;;;AF3GO,SAAS,cAAc,WAAoB;AAChD,QAAM,QAAQ,SAAS;AACvB,QAAM,EAAE,OAAO,IAAI,UAAU;AAE7B,MAAI,OAAO,GAAG;AACZ,WAAO,CAAC,KAAa,WAAqD;AACxE,YAAM,UAAU,YAAY,GAAG,SAAS,IAAI,GAAG,KAAK;AACpD,aAAO,MAAM,IAAI,SAAS,MAAM,KAAK;AAAA,IACvC;AAAA,EACF;AAEA,SAAO,iBAAiB,OAAO,YAAY,CAAC,GAAG,SAAS;AAC1D;;;AIhBO,IAAM,qBAGT;AAAA,EACF,gBAAgB;AAAA,IACd,OAAO;AAAA,IACP,aACE;AAAA,EACJ;AAAA,EACA,kBAAkB;AAAA,IAChB,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA,aAAa;AAAA,IACX,OAAO;AAAA,IACP,aACE;AAAA,EACJ;AAAA,EACA,sBAAsB;AAAA,IACpB,OAAO;AAAA,IACP,aACE;AAAA,EACJ;AAAA,EACA,uBAAuB;AAAA,IACrB,OAAO;AAAA,IACP,aACE;AAAA,EACJ;AAAA,EACA,wBAAwB;AAAA,IACtB,OAAO;AAAA,IACP,aACE;AAAA,EACJ;AAAA,EACA,mBAAmB;AAAA,IACjB,OAAO;AAAA,IACP,aACE;AAAA,EACJ;AAAA,EACA,uBAAuB;AAAA,IACrB,OAAO;AAAA,IACP,aACE;AAAA,EACJ;AAAA,EACA,cAAc;AAAA,IACZ,OAAO;AAAA,IACP,aACE;AAAA,EACJ;AAAA,EACA,eAAe;AAAA,IACb,OAAO;AAAA,IACP,aACE;AAAA,EACJ;AAAA,EACA,iBAAiB;AAAA,IACf,OAAO;AAAA,IACP,aACE;AAAA,EACJ;AAAA,EACA,sBAAsB;AAAA,IACpB,OAAO;AAAA,IACP,aACE;AAAA,EACJ;AACF;AAEO,IAAM,aAAa,OAAO,KAAK,kBAAkB;;;ACnDxD,SAAS,YAAY,KAAgC;AACnD,SACE,OAAO,QAAQ,YACf,QAAQ,QACR,aAAa,OACb,OAAQ,IAA6B,YAAY;AAErD;AAEA,SAAS,iBAAiB,KAAwB;AAChD,MAAI,IAAI,QAAQ,WAAW,SAAS,IAAI,IAAI,GAAG;AAC7C,WAAO,IAAI;AAAA,EACb;AACA,MAAI,IAAI,SAAS;AACf,UAAM,eAAe,IAAI,QAAQ,YAAY,EAAE,KAAK;AACpD,QAAI,WAAW,SAAS,YAAY,GAAG;AACrC,aAAO;AAAA,IACT;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,qBAAqB,SAAyB;AACrD,QAAM,eAAe,QAAQ,YAAY;AACzC,QAAM,kBACJ,aAAa,SAAS,cAAc,KACpC,aAAa,SAAS,QAAQ,KAC9B,aAAa,SAAS,QAAQ,KAC9B,aAAa,SAAS,QAAQ,KAC9B,aAAa,SAAS,QAAQ,KAC9B,aAAa,SAAS,MAAM,KAC5B,aAAa,SAAS,OAAO,KAC7B,aAAa,SAAS,OAAO,KAC7B,aAAa,SAAS,SAAS,KAC/B,aAAa,SAAS,OAAO,KAC7B,QAAQ,SAAS,QAAQ,KACzB,QAAQ,SAAS,WAAW,KAC5B,QAAQ,SAAS,SAAS,KAC1B,QAAQ,SAAS,YAAY,KAC7B,QAAQ,SAAS,YAAY,KAC7B,aAAa,SAAS,UAAU,KAChC,aAAa,SAAS,QAAQ,KAC9B,aAAa,SAAS,cAAc,KACpC,aAAa,SAAS,UAAU,KAChC,aAAa,SAAS,UAAU,KAChC,aAAa,SAAS,KAAK;AAE7B,MAAI,iBAAiB;AACnB,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAEA,SAAS,gBACP,KACA,UACA,GACA;AACA,QAAM,YAAY,iBAAiB,GAAG;AAEtC,MAAI,aAAa,mBAAmB,SAAS,GAAG;AAC9C,UAAM,UAAU,mBAAmB,SAAS;AAC5C,aAAS;AAAA,MACP,OAAO,QAAQ;AAAA,MACf,aAAa,QAAQ;AAAA,IACvB,CAAC;AACD;AAAA,EACF;AAEA,QAAM,mBAAmB;AAAA,IACvB,IAAI,WAAW,EAAE,iBAAiB;AAAA,EACpC;AACA,WAAS;AAAA,IACP,OAAO,EAAE,iBAAiB;AAAA,IAC1B,aAAa;AAAA,EACf,CAAC;AACH;AAEA,SAAS,mBACP,KACA,UACA,GACA;AACA,QAAM,aAAa,eAAe,QAAQ,IAAI,UAAU,EAAE,iBAAiB;AAC3E,QAAM,mBAAmB,qBAAqB,UAAU;AACxD,WAAS;AAAA,IACP,OAAO;AAAA,IACP,aAAa;AAAA,EACf,CAAC;AACH;AAEO,IAAM,cAAc,CACzB,KACA,UACA,MACG;AACH,MAAI,YAAY,GAAG,GAAG;AACpB,oBAAgB,KAAK,UAAU,CAAC;AAAA,EAClC,OAAO;AACL,uBAAmB,KAAK,UAAU,CAAC;AAAA,EACrC;AACF;;;ACpHO,SAAS,eAAe,OAAuB;AACpD,QAAM,UAAU,MAAM,KAAK,EAAE,QAAQ,OAAO,EAAE;AAC9C,MAAI,QAAQ,WAAW,OAAO,KAAK,QAAQ,WAAW,OAAO,GAAG;AAC9D,WAAO;AAAA,EACT;AACA,MAAI,QAAQ,WAAW,MAAM,KAAK,QAAQ,WAAW,MAAM,GAAG;AAC5D,WAAO,IAAI,OAAO;AAAA,EACpB;AACA,MAAI,QAAQ,WAAW,IAAI,KAAK,QAAQ,WAAW,IAAI,GAAG;AACxD,WAAO,OAAO,QAAQ,MAAM,CAAC,CAAC;AAAA,EAChC;AACA,OACG,QAAQ,WAAW,GAAG,KAAK,QAAQ,WAAW,GAAG,MAClD,QAAQ,WAAW,GACnB;AACA,WAAO,OAAO,OAAO;AAAA,EACvB;AACA,SAAO;AACT;;;ACKQ,gBAAAC,MAOF,YAPE;AAXD,IAAM,aAAa,CAAC;AAAA,EACzB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,MAAuB;AACrB,SACE,qBAAC,SAAI,WAAU,aACb;AAAA,oBAAAA,KAAC,SAAI,WAAU,kEAEb,0BAAAA;AAAA,MAAC;AAAA;AAAA,QACC,KAAK,aAAa;AAAA,QAClB,KAAK;AAAA,QACL,OAAO;AAAA,QACP,QAAQ;AAAA;AAAA,IACV,GACF;AAAA,IACA,qBAAC,SAAI,WAAU,eACb;AAAA,sBAAAA,KAAC,QAAG,WAAU,qCAAqC,iBAAM;AAAA,MACxD,eACC,gBAAAA,KAAC,OAAE,WAAU,sCAAsC,uBAAY;AAAA,OAEnE;AAAA,IAEC;AAAA,IAEA,UACC,gBAAAA,KAAC,SAAI,WAAU,eACb,0BAAAA,KAAC,SAAI,WAAU,oDACZ,kBACH,GACF;AAAA,KAEJ;AAEJ;;;ARJI,SACE,OAAAC,MADF,QAAAC,aAAA;AAHJ,SAAS,cAAc,EAAE,OAAO,MAAM,SAAS,GAAuB;AACpE,QAAM,EAAE,YAAY,MAAM,IAAI,aAAa;AAC3C,SACE,gBAAAA,MAAC,SAAI,WAAU,YACb;AAAA,oBAAAD;AAAA,MAAC;AAAA;AAAA,QACE,GAAG;AAAA,QACJ,IAAI;AAAA,QACJ,MAAM,OAAO,SAAS;AAAA,QACtB,gBAAc,CAAC,CAAC;AAAA,QAChB,WAAU;AAAA;AAAA,IACZ;AAAA,IACA,gBAAAA;AAAA,MAAC;AAAA;AAAA,QACC,MAAK;AAAA,QACL,SAAQ;AAAA,QACR,MAAK;AAAA,QACL,WAAU;AAAA,QACV,SAAS;AAAA,QACT,cAAY,OAAO,kBAAkB;AAAA,QAEpC,iBACC,gBAAAA,KAAC,cAAW,WAAU,WAAU,IAEhC,gBAAAA,KAAC,WAAQ,WAAU,WAAU;AAAA;AAAA,IAEjC;AAAA,KACF;AAEJ;AAEA,IAAM,oBAAoB,CAAC,MACzB,EACG,OAAO;AAAA,EACN,UAAU,EACP,OAAO,EACP,IAAI,GAAG,EAAE,uBAAuB,CAAC,EACjC,IAAI,KAAK,EAAE,0BAA0B,CAAC;AAAA,EACzC,iBAAiB,EAAE,OAAO;AAC5B,CAAC,EACA,OAAO,CAAC,SAAS,KAAK,aAAa,KAAK,iBAAiB;AAAA,EACxD,SAAS,EAAE,0BAA0B;AAAA,EACrC,MAAM,CAAC,iBAAiB;AAC1B,CAAC;AAeL,IAAM,gBAAgB,CAAC,eAA4C;AACjE,MAAI,OAAO,eAAe,UAAU;AAClC,WAAO,IAAI,OAAO,UAAU;AAAA,EAC9B;AAEA,SAAO,cAAc;AACvB;AAEA,IAAM,sBAAsB,CAC1B,YACA,eACG;AACH,QAAM,qBAAqB,cAAc,UAAU;AACnD,SAAO,mBAAmB,KAAK,UAAU,IACrC,eAAe,UAAU,IACzB;AACN;AAEO,IAAM,cAAc,SAASE,aAAY;AAAA,EAC9C;AAAA,EACA;AACF,IAAsB,CAAC,GAAG;AACxB,QAAM,EAAE,OAAO,QAAQ,IAAI,OAAO;AAClC,QAAM,EAAE,OAAO,IAAI,UAAU;AAC7B,QAAM,QAAQC,UAAS;AACvB,QAAM,IAAI,cAAc,kBAAkB;AAC1C,QAAM,OAAO,OAAO,YAAY;AAChC,QAAM,CAAC,OAAO,QAAQ,IAAIC,UAAkC,IAAI;AAChE,QAAM,CAAC,WAAW,YAAY,IAAIA,UAAS,KAAK;AAChD,QAAM,CAAC,YAAY,aAAa,IAAIA,UAAS,IAAI;AACjD,QAAM,CAAC,cAAc,eAAe,IAAIA,UAAS,KAAK;AACtD,QAAM,CAAC,qBAAqB,sBAAsB,IAAIA,UAAS,KAAK;AACpE,QAAM,CAAC,SAAS,UAAU,IAAIA,UAA8B,IAAI;AAEhE,QAAM,uBAAuB,MAAM,YAAY,QAAQ,gBAAgB;AACvE,QAAM,sBAAsB,MAAM,YAAY,QAAQ,eAAe;AAErE,QAAM,aACJ,OAAO,YAAY,eAClB,CAAC,SAAiB;AACjB,QAAI,OAAO,WAAW,aAAa;AACjC,aAAO,SAAS,OAAO;AAAA,IACzB;AAAA,EACF;AACF,QAAM,aAAa,OAAO,YAAY,OAAO,UAAU;AACvD,QAAM,YAAY,OAAO,GAAG;AAC5B,QAAM,kBACJ,eAAe,OAAO,YAAY,sBAAsB;AAC1D,QAAM,OAAO,QAA+B;AAAA,IAC1C,UAAU,YAAY,kBAAkB,CAAC,CAAC;AAAA,IAC1C,eAAe;AAAA,MACb,UAAU;AAAA,MACV,iBAAiB;AAAA,IACnB;AAAA,EACF,CAAC;AAED,YAAU,MAAM;AACd,QAAI,OAAO;AACT,YAAM,MAAM,MAAM,SAAS,SAAS;AAAA,QAClC,aAAa,MAAM;AAAA,MACrB,CAAC;AAAA,IACH;AAAA,EACF,GAAG,CAAC,KAAK,CAAC;AAEV,QAAM,cAAc,eAAe,YAAY;AAC7C,QAAI,CAAC,YAAY;AACf,eAAS;AAAA,QACP,OAAO,EAAE,iBAAiB;AAAA,QAC1B,aAAa,EAAE,0BAA0B;AAAA,MAC3C,CAAC;AACD,oBAAc,KAAK;AACnB;AAAA,IACF;AAEA,QAAI;AACF,YAAM,uBAAuB;AAAA,QAC3B;AAAA,QACA,OAAO;AAAA,MACT;AACA,YAAM,MAAM,MAAM,qBAAqB,YAAY;AAAA,QACjD,MAAM,EAAE,UAAU,qBAAqB;AAAA,MACzC,CAAC;AAED,UAAI,EAAE,IAAI,UAAU,IAAI,WAAW,IAAI,wBAAwB;AAC7D,iBAAS;AAAA,UACP,OAAO,EAAE,iBAAiB;AAAA,UAC1B,aAAa,EAAE,2BAA2B;AAAA,QAC5C,CAAC;AACD,sBAAc,KAAK;AACnB;AAAA,MACF;AAEA,iBAAW;AAAA,QACT,UAAU,IAAI,QAAQ;AAAA,QACtB,OAAO,IAAI,QAAQ;AAAA,QACnB,OAAO,IAAI,QAAQ;AAAA,MACrB,CAAC;AAAA,IACH,QAAQ;AACN,eAAS;AAAA,QACP,OAAO,EAAE,iBAAiB;AAAA,QAC1B,aAAa,EAAE,4BAA4B;AAAA,MAC7C,CAAC;AAAA,IACH,UAAE;AACA,oBAAc,KAAK;AAAA,IACrB;AAAA,EACF,CAAC;AAGD,YAAU,MAAM;AACd,gBAAY,EAAE,MAAM,MAAM;AACxB,oBAAc,KAAK;AAAA,IACrB,CAAC;AAAA,EACH,GAAG,CAAC,UAAU,CAAC;AAEf,QAAM,eAAe,KAAK,aAAa,OAAO,WAAW;AACvD,QAAI,CAAC,YAAY;AACf;AAAA,IACF;AAEA,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,YAAM,uBAAuB;AAAA,QAC3B;AAAA,QACA,OAAO;AAAA,MACT;AACA,YAAM,MAAM,MAAM,oBAAoB,YAAY;AAAA,QAChD,MAAM;AAAA,UACJ,YAAY;AAAA,UACZ,UAAU,OAAO;AAAA,QACnB;AAAA,MACF,CAAC;AAED,UAAI,UAAU,OAAO,aAAa,KAAK;AACrC,gBAAQ,GAAG;AAAA,MACb;AACA,iBAAW,eAAe;AAAA,IAC5B,SAAS,KAAK;AACZ,kBAAY,KAAK,UAAU,CAAC;AAAA,IAC9B,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,CAAC;AAED,QAAM,eAAe,SAAS,QAC1B,EAAE,iBAAiB,IACnB,EAAE,iBAAiB;AACvB,QAAM,eAAe,SAAS,SAAS,SAAS,SAAS,cAAc;AAEvE,MAAI,eAAwC;AAC5C,MAAI,OAAO;AACT,mBACE,OAAO,UAAU,WACb,EAAE,OAAO,SAAS,aAAa,MAAM,IACrC;AAAA,EACR;AACA,QAAM,YAAY,CAAC,cAAc,CAAC,CAAC;AACnC,QAAM,aAAa,aAAa,gBAC9B,gBAAAH,MAAC,SAAM,SAAQ,eAAc,WAAU,QACrC;AAAA,oBAAAD,KAAC,mBAAgB,WAAU,WAAU;AAAA,IACrC,gBAAAA,KAAC,cAAY,uBAAa,OAAM;AAAA,IAChC,gBAAAA,KAAC,oBAAkB,uBAAa,aAAY;AAAA,KAC9C;AAGF,SACE,gBAAAC;AAAA,IAAC;AAAA;AAAA,MACC,OAAO,OAAO,GAAG;AAAA,MACjB,aAAa,EAAE,aAAa;AAAA,MAC5B;AAAA,MACA,QACE,gBAAAA,MAAC,OACE;AAAA,UAAE,oBAAoB;AAAA,QAAG;AAAA,QACzB,OACC,gBAAAD,KAAC,QAAK,MAAM,YAAY,WAAU,gCAC/B,YAAE,kBAAkB,GACvB,IAEA,gBAAAA;AAAA,UAAC;AAAA;AAAA,YACC,MAAM;AAAA,YACN,SAAS,CAAC,MAAM;AACd,gBAAE,eAAe;AACjB,yBAAW,UAAU;AAAA,YACvB;AAAA,YACA,WAAU;AAAA,YAET,YAAE,kBAAkB;AAAA;AAAA,QACvB;AAAA,SAEJ;AAAA,MAGF;AAAA,wBAAAA,KAAC,QAAM,GAAG,MACR,0BAAAC;AAAA,UAAC;AAAA;AAAA,YACC,IAAG;AAAA,YACH,UAAU;AAAA,YACV,WAAU;AAAA,YAEV;AAAA,8BAAAA,MAAC,YACC;AAAA,gCAAAD,KAAC,aAAW,YAAE,oBAAoB,GAAE;AAAA,gBACpC,gBAAAA,KAAC,eACC,0BAAAA,KAAC,SAAM,OAAO,SAAS,YAAY,IAAI,UAAQ,MAAC,GAClD;AAAA,iBACF;AAAA,cACA,gBAAAC,MAAC,YACC;AAAA,gCAAAD,KAAC,aAAW,wBAAa;AAAA,gBACzB,gBAAAA,KAAC,eACC,0BAAAA,KAAC,SAAM,OAAO,cAAc,UAAQ,MAAC,GACvC;AAAA,iBACF;AAAA,cACA,gBAAAA;AAAA,gBAAC;AAAA;AAAA,kBACC,SAAS,KAAK;AAAA,kBACd,MAAK;AAAA,kBACL,QAAQ,CAAC,EAAE,MAAM,MACf,gBAAAC,MAAC,YACC;AAAA,oCAAAD,KAAC,aAAW,YAAE,oBAAoB,GAAE;AAAA,oBACpC,gBAAAA;AAAA,sBAAC;AAAA;AAAA,wBACC;AAAA,wBACA,MAAM;AAAA,wBACN,UAAU,MAAM,gBAAgB,CAAC,YAAY;AAAA;AAAA,oBAC/C;AAAA,oBACA,gBAAAA,KAAC,eAAY;AAAA,qBACf;AAAA;AAAA,cAEJ;AAAA,cACA,gBAAAA;AAAA,gBAAC;AAAA;AAAA,kBACC,SAAS,KAAK;AAAA,kBACd,MAAK;AAAA,kBACL,QAAQ,CAAC,EAAE,MAAM,MACf,gBAAAC,MAAC,YACC;AAAA,oCAAAD,KAAC,aAAW,YAAE,2BAA2B,GAAE;AAAA,oBAC3C,gBAAAA;AAAA,sBAAC;AAAA;AAAA,wBACC;AAAA,wBACA,MAAM;AAAA,wBACN,UAAU,MAAM,uBAAuB,CAAC,mBAAmB;AAAA;AAAA,oBAC7D;AAAA,oBACA,gBAAAA,KAAC,eAAY;AAAA,qBACf;AAAA;AAAA,cAEJ;AAAA,cACA,gBAAAA;AAAA,gBAAC;AAAA;AAAA,kBACC,MAAK;AAAA,kBACL,MAAK;AAAA,kBACL,WAAU;AAAA,kBACV,UACE,cACA,CAAC,WACD,aACA,oBAAoB;AAAA,kBAGrB,uBAAa,oBAAoB,YAC9B,EAAE,iBAAiB,IACnB,EAAE,aAAa;AAAA;AAAA,cACrB;AAAA;AAAA;AAAA,QACF,GACF;AAAA,QACC;AAAA;AAAA;AAAA,EACH;AAEJ;","names":["useMesob","useState","jsx","jsx","jsxs","SetPassword","useMesob","useState"]}

package/dist/components/auth/sign-in.js

@@ -146,7 +146,11 @@ var AUTH_ERROR_MAPPING = {
   },
   HAS_NO_PASSWORD: {
     title: "No Password Set",
-    description: "Your account does not have a password set (e.g. social login). Please sign in with your provider or reset your password."
+    description: "Your account does not have a password yet. Continue to set a password before signing in."
+  },
+  PASSWORD_ALREADY_SET: {
+    title: "Password Already Set",
+    description: "This account already has a password. Use the normal sign-in form instead."
   }
 };
 var validCodes = Object.keys(AUTH_ERROR_MAPPING);
@@ -318,6 +322,7 @@ var SignIn = ({ redirectUrl } = {}) => {
   const defaultRedirect = redirectUrl || config.navigation?.defaultRedirectUrl || "/dashboard";
   const forgotPasswordLink = config.navigation?.links?.forgotPassword || "/auth/forgot-password";
   const signUpLink = config.navigation?.links?.signUp || "/auth/sign-up";
+  const setPasswordLink = config.navigation?.links?.setPassword || "/auth/set-password";
   const onNavigate = config.navigation?.onNavigate || ((path) => {
     if (typeof window !== "undefined") {
       window.location.href = path;
@@ -346,6 +351,13 @@ var SignIn = ({ redirectUrl } = {}) => {
         }
       });
       if (result.exists) {
+        if (result.requiresPasswordSetup) {
+          const redirectParam = defaultRedirect ? `&redirect=${encodeURIComponent(defaultRedirect)}` : "";
+          onNavigate(
+            `${setPasswordLink}?identifier=${encodeURIComponent(normalizedUsername)}${redirectParam}`
+          );
+          return;
+        }
         setUsername(normalizedUsername);
         form.setValue("username", normalizedUsername);
         setShowPasswordField(true);
@@ -401,6 +413,15 @@ var SignIn = ({ redirectUrl } = {}) => {
       }
       onNavigate(defaultRedirect);
     } catch (err) {
+      const authError = err;
+      const errorCode = authError.code || authError.message;
+      if (errorCode === "HAS_NO_PASSWORD") {
+        const redirectParam = defaultRedirect ? `&redirect=${encodeURIComponent(defaultRedirect)}` : "";
+        onNavigate(
+          `${setPasswordLink}?identifier=${encodeURIComponent(username)}${redirectParam}`
+        );
+        return;
+      }
       handleError(err, setError, t);
     } finally {
       setIsLoading(false);