npm - @mindfulauth/core - Versions diffs - 2.0.0-beta.4 → 2.0.0-beta.6 - Mend

@mindfulauth/core 2.0.0-beta.4 → 2.0.0-beta.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

package/dist/astro/ForgotPasswordScript.astro +64 -0
package/dist/astro/LoginScript.astro +209 -0
package/dist/astro/MagicLoginScript.astro +62 -0
package/dist/astro/MagicRegisterScript.astro +73 -0
package/dist/astro/MainScript.astro +236 -0
package/dist/astro/RegisterPasswordScript.astro +118 -0
package/dist/astro/ResendVerificationScript.astro +51 -0
package/dist/astro/ResetPasswordScript.astro +155 -0
package/dist/astro/SecurityScript.astro +490 -0
package/dist/astro/TurnstileInit.astro +112 -0
package/dist/astro/VerifyEmailScript.astro +72 -0
package/dist/astro/VerifyMagicLinkScript.astro +195 -0
package/dist/astro/index.d.ts +13 -0
package/dist/astro/index.d.ts.map +1 -0
package/dist/astro/index.js +15 -0
package/dist/core/auth-handler.d.ts.map +1 -0
package/dist/core/auth.d.ts.map +1 -0
package/dist/{config.d.ts → core/config.d.ts} +0 -1
package/dist/core/config.d.ts.map +1 -0
package/dist/{config.js → core/config.js} +0 -1
package/dist/core/index.d.ts.map +1 -0
package/dist/core/middleware.d.ts.map +1 -0
package/dist/core/security.d.ts.map +1 -0
package/dist/core/types.d.ts.map +1 -0
package/package.json +20 -15
package/dist/auth-handler.d.ts.map +0 -1
package/dist/auth.d.ts.map +0 -1
package/dist/config.d.ts.map +0 -1
package/dist/index.d.ts.map +0 -1
package/dist/middleware.d.ts.map +0 -1
package/dist/security.d.ts.map +0 -1
package/dist/types.d.ts.map +0 -1
/package/dist/{auth-handler.d.ts → core/auth-handler.d.ts} +0 -0
/package/dist/{auth-handler.js → core/auth-handler.js} +0 -0
/package/dist/{auth.d.ts → core/auth.d.ts} +0 -0
/package/dist/{auth.js → core/auth.js} +0 -0
/package/dist/{index.d.ts → core/index.d.ts} +0 -0
/package/dist/{index.js → core/index.js} +0 -0
/package/dist/{middleware.d.ts → core/middleware.d.ts} +0 -0
/package/dist/{middleware.js → core/middleware.js} +0 -0
/package/dist/{security.d.ts → core/security.d.ts} +0 -0
/package/dist/{security.js → core/security.js} +0 -0
/package/dist/{types.d.ts → core/types.d.ts} +0 -0
/package/dist/{types.js → core/types.js} +0 -0

package/dist/astro/RegisterPasswordScript.astro ADDED Viewed

@@ -0,0 +1,118 @@
+---
+// Mindful Auth - Register Password Script Component
+// Provides: Password registration form handling
+---
+<script is:inline>
+// Register password script - Astro Optimized
+async function handleRegisterSubmit(event) {
+    event.preventDefault();
+    const form = event.target;
+    const messageEl = document.querySelector('[data-mindfulauth-field="message"]');
+    const nameInput = form.querySelector('[data-mindfulauth-field="name"]');
+    const emailInput = form.querySelector('[data-mindfulauth-field="email"]');
+    const passwordInput = form.querySelector('[data-mindfulauth-field="password"]');
+    const confirmPasswordInput = form.querySelector('[data-mindfulauth-field="confirm-password"]');
+    const submitBtn = form.querySelector('button[type="submit"]');
+    // Skip API call on localhost to prevent production logs pollution
+    const hostname = window.location.hostname;
+    if (hostname === 'localhost' || hostname === '127.0.0.1' || hostname.endsWith('.local')) {
+        messageEl.textContent = 'Registration is disabled on localhost. Use a real domain for testing.';
+        console.log('[Register] Blocked form submission on localhost');
+        return;
+    }
+    // Clear previous messages
+    messageEl.textContent = '';
+    // Client-side validation
+    if (!nameInput.value.trim()) {
+        messageEl.textContent = 'Name is required.';
+        return;
+    }
+    if (!emailInput.value.trim()) {
+        messageEl.textContent = 'Email is required.';
+        return;
+    }
+    if (passwordInput.value.length < 8) {
+        messageEl.textContent = 'Password must be at least 8 characters.';
+        return;
+    }
+    if (passwordInput.value !== confirmPasswordInput.value) {
+        messageEl.textContent = 'Passwords do not match.';
+        return;
+    }
+    messageEl.textContent = 'Validating password...';
+    submitBtn.disabled = true;
+    try {
+        // First validate password against policy
+        const passwordValidateResponse = await window.apiFetch('/auth/validate-password', {
+            body: JSON.stringify({
+                password: passwordInput.value
+            })
+        });
+        const passwordValidateResult = await passwordValidateResponse.json();
+        if (!passwordValidateResult.success) {
+            throw new Error(passwordValidateResult.message);
+        }
+        messageEl.textContent = 'Creating account...';
+        // Get Turnstile token
+        const turnstileResponse = form.querySelector('[name="cf-turnstile-response"]')?.value;
+        if (!turnstileResponse) {
+            throw new Error('Bot protection validation required.');
+        }
+        // Register user via Mindful Auth API (backend validates Turnstile)
+        const registerResponse = await window.apiFetch('/auth/register-password', {
+            body: JSON.stringify({
+                name: nameInput.value.trim(),
+                email: emailInput.value.trim(),
+                password: passwordInput.value,
+                'cf-turnstile-response': turnstileResponse
+            })
+        });
+        const registerResult = await registerResponse.json();
+        if (!registerResult.success) {
+            throw new Error(registerResult.message || 'Registration failed. Please try again.');
+        }
+        // Success
+        messageEl.textContent = registerResult.message || 'Account created successfully! Please check your email to verify your account.';
+        form.reset();
+        // Don't auto-redirect - user needs to verify email first
+        // Show link to login page (using safe DOM manipulation)
+        setTimeout(() => {
+            const loginLink = document.createElement('p');
+            const anchor = document.createElement('a');
+            anchor.href = '/login';
+            anchor.textContent = 'Return to login page';
+            loginLink.appendChild(anchor);
+            messageEl.appendChild(loginLink);
+        }, 2000);
+    } catch (error) {
+        messageEl.textContent = `Error: ${error.message}`;
+    } finally {
+        submitBtn.disabled = false;
+        window.turnstile?.reset();
+    }
+}
+// --- MAIN EXECUTION ---
+document.addEventListener('DOMContentLoaded', function() {
+    const form = document.querySelector('[data-mindfulauth-form="register"]');
+    if (!form) return;
+    form.addEventListener('submit', handleRegisterSubmit);
+});
+</script>

package/dist/astro/ResendVerificationScript.astro ADDED Viewed

@@ -0,0 +1,51 @@
+---
+// Mindful Auth - Resend Verification Script Component
+// Provides: Resend verification email form handling
+---
+<script is:inline>
+// Resend verification Script - Astro Optimized
+async function handleResendVerificationSubmit(event) {
+    event.preventDefault();
+    const form = event.target;
+    const emailInput = form.querySelector('[data-mindfulauth-field="email"]');
+    const messageEl = document.querySelector('[data-mindfulauth-field="message"]');
+    const submitBtn = form.querySelector('button[type="submit"]');
+    // Skip API call on localhost to prevent production logs pollution
+    const hostname = window.location.hostname;
+    if (hostname === 'localhost' || hostname === '127.0.0.1' || hostname.endsWith('.local')) {
+        messageEl.textContent = 'Resend verification is disabled on localhost. Use a real domain for testing.';
+        console.log('[Resend Verification] Blocked form submission on localhost');
+        return;
+    }
+    messageEl.textContent = 'Sending...';
+    submitBtn.disabled = true;
+    try {
+        const response = await window.apiFetch('/auth/resend-verification', {
+            body: JSON.stringify({
+                'cf-turnstile-response': form.querySelector('[name="cf-turnstile-response"]')?.value,
+                email: emailInput.value
+            })
+        });
+        const result = await response.json();
+        messageEl.textContent = result.message;
+    } catch (error) {
+        messageEl.textContent = 'An error occurred. Please try again.';
+    } finally {
+        submitBtn.disabled = false;
+        window.turnstile?.reset();
+    }
+}
+// --- MAIN EXECUTION ---
+document.addEventListener('DOMContentLoaded', function() {
+    const form = document.querySelector('[data-mindfulauth-form="resend-verification"]');
+    if (!form) return;
+    form.addEventListener('submit', handleResendVerificationSubmit);
+});
+</script>

package/dist/astro/ResetPasswordScript.astro ADDED Viewed

@@ -0,0 +1,155 @@
+---
+// Mindful Auth - Reset Password Script Component
+// Provides: Reset password form handling with 2FA support
+---
+<script is:inline>
+// Reset password script - Astro Optimized
+function getPathParams() {
+    const pathParts = window.location.pathname.split('/');
+    return {
+        recordid: pathParts[2],
+        token: pathParts[3]
+    };
+}
+async function handleResetSubmit(event) {
+    event.preventDefault();
+    const form = event.target;
+    const messageEl = document.querySelector('[data-mindfulauth-field="message"]');
+    const newPasswordEl = form.querySelector('[data-mindfulauth-field="new-password"]');
+    const confirmPasswordEl = form.querySelector('[data-mindfulauth-field="confirm-password"]');
+    const twoFACodeEl = form.querySelector('[data-mindfulauth-field="twofa-code"]');
+    const submitBtn = form.querySelector('button[type="submit"]');
+    // Skip API call on localhost to prevent production logs pollution
+    const hostname = window.location.hostname;
+    if (hostname === 'localhost' || hostname === '127.0.0.1' || hostname.endsWith('.local')) {
+        messageEl.textContent = 'Password reset is disabled on localhost. Use a real domain for testing.';
+        console.log('[Reset Password] Blocked form submission on localhost');
+        return;
+    }
+    if (newPasswordEl.value !== confirmPasswordEl.value) {
+        messageEl.textContent = "Passwords do not match.";
+        return;
+    }
+    const { recordid, token } = getPathParams();
+    if (!recordid || !token) {
+        messageEl.textContent = "Invalid or expired link. Please request a new one.";
+        form.style.display = 'none';
+        return;
+    }
+    if (newPasswordEl.value !== confirmPasswordEl.value) {
+        messageEl.textContent = "Passwords do not match.";
+        return;
+    }
+    messageEl.textContent = "Validating password...";
+    submitBtn.disabled = true;
+    try {
+        // First validate password against policy
+        const passwordValidateResponse = await window.apiFetch('/auth/validate-password', {
+            body: JSON.stringify({ password: newPasswordEl.value })
+        });
+        const passwordValidateResult = await passwordValidateResponse.json();
+        if (!passwordValidateResult.success) {
+            throw new Error(passwordValidateResult.message);
+        }
+        // Check if user has 2FA enabled
+        messageEl.textContent = 'Checking security settings...';
+        const statusResponse = await window.apiFetch('/auth/get-2fa-status-by-record', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ recordid })
+        });
+        const statusResult = await statusResponse.json();
+        // If 2FA is enabled and code not provided yet, show the input and wait
+        let twoFACode = null;
+        if (statusResult.isEnabled) {
+            if (!twoFACodeEl || !twoFACodeEl.value) {
+                // Show the 2FA input field aggressively
+                const twoFAContainer = form.querySelector('[data-mindfulauth-field="twofa-code-container"]');
+                if (twoFAContainer) {
+                    twoFAContainer.removeAttribute('hidden');
+                    twoFAContainer.classList && twoFAContainer.classList.remove('hidden');
+                    twoFAContainer.style.setProperty('display', 'block', 'important');
+                    // Try common display values
+                    if (window.getComputedStyle(twoFAContainer).display === 'none') {
+                        twoFAContainer.style.setProperty('display', 'flex', 'important');
+                    }
+                }
+                if (twoFACodeEl) {
+                    twoFACodeEl.focus();
+                }
+                messageEl.textContent = '2FA code is required for password reset.';
+                submitBtn.textContent = 'Reset Password with 2FA';
+                submitBtn.disabled = false;
+                return;
+            }
+            twoFACode = twoFACodeEl.value;
+            if (twoFACode.length !== 6) {
+                messageEl.textContent = 'Please enter a valid 6-digit 2FA code.';
+                submitBtn.disabled = false;
+                return;
+            }
+        }
+        messageEl.textContent = 'Resetting password...';
+        const requestBody = {
+            'cf-turnstile-response': form.querySelector('[name="cf-turnstile-response"]')?.value,
+            recordid,
+            token,
+            newPassword: newPasswordEl.value
+        };
+        if (twoFACode) {
+            requestBody.twoFACode = twoFACode;
+        }
+        const response = await window.apiFetch('/auth/reset-password', {
+            body: JSON.stringify(requestBody)
+        });
+        const result = await response.json();
+        if (result.success) {
+            messageEl.textContent = result.message;
+            form.style.display = 'none';
+            // Redirect to login page after successful reset
+            if (result.redirect) {
+                setTimeout(() => {
+                    window.location.href = result.redirect;
+                }, 2000);
+            }
+        } else {
+            throw new Error(result.message);
+        }
+    } catch (error) {
+        messageEl.textContent = `Error: ${error.message}`;
+    } finally {
+        submitBtn.disabled = false;
+        window.turnstile?.reset();
+    }
+}
+// --- MAIN EXECUTION ---
+document.addEventListener('DOMContentLoaded', function() {
+    const form = document.querySelector('[data-mindfulauth-form="reset-password"]');
+    if (!form) return;
+    // Initially hide 2FA field - it will be shown during submit if needed
+    const twoFAContainer = form.querySelector('[data-mindfulauth-field="twofa-code-container"]');
+    if (twoFAContainer) {
+        twoFAContainer.style.display = 'none';
+    }
+    form.addEventListener('submit', handleResetSubmit);
+});
+</script>