@mundogamernetwork/shared-ui 1.0.3 → 1.1.0

package/stores/testimonies.ts

@@ -0,0 +1,40 @@
+import { defineStore } from "pinia";
+import { ref } from "vue";
+import { getUserTestimonials } from "../services/testimoniesService";
+
+export const useTestimoniesStore = defineStore("testimonies-store", () => {
+	const testimonies = ref<any[]>([]);
+	const loading = ref(false);
+	const error = ref<string | null>(null);
+	const total = ref(0);
+	const currentPage = ref(1);
+
+	const fetchTestimonies = async (params: Record<string, any> = {}) => {
+		loading.value = true;
+		error.value = null;
+		try {
+			const response = await getUserTestimonials(params);
+			const data = response.data;
+			testimonies.value = data.data ?? [];
+			total.value = data.meta?.pagination?.total ?? data.meta?.total ?? testimonies.value.length;
+			currentPage.value = data.meta?.pagination?.current_page ?? 1;
+		} catch {
+			error.value = "Failed to fetch testimonials";
+		} finally {
+			loading.value = false;
+		}
+	};
+
+	return {
+		testimonies,
+		loading,
+		error,
+		total,
+		currentPage,
+		fetchTestimonies,
+	};
+});
+
+if (import.meta.hot) {
+	import.meta.hot.accept(acceptHMRUpdate(useTestimoniesStore, import.meta.hot));
+}

package/utils/authRedirect.ts

@@ -0,0 +1,18 @@
+export function buildLoginUrl(baseUrl: string, currentPath?: string): string {
+	const redirectTo = currentPath ?? (typeof window !== "undefined" ? window.location.href : "");
+	const params = new URLSearchParams({ redirect_to: redirectTo });
+	return `${baseUrl}/login?${params}`;
+}
+
+export function buildRegisterUrl(accountsUrl: string, currentPath?: string, systemId?: string): string {
+	const redirectTo = currentPath ?? (typeof window !== "undefined" ? window.location.href : "");
+	const params = new URLSearchParams({ redirect_to: redirectTo });
+	if (systemId) params.set("system_id", systemId);
+	return `${accountsUrl}/register?${params}`;
+}
+
+export function buildLogoutUrl(apiBaseUrl: string, redirectAfter?: string): string {
+	if (!redirectAfter) return `${apiBaseUrl}/logout`;
+	const params = new URLSearchParams({ redirect_to: redirectAfter });
+	return `${apiBaseUrl}/logout?${params}`;
+}

package/utils/clearSession.ts

@@ -0,0 +1,103 @@
+/**
+ * Centralized session-recovery utilities.
+ *
+ * The core problem these solve: a stale/invalid `oauth_token` cookie that the
+ * browser keeps sending makes every request fail (OAuth rejects it), and the
+ * server's Set-Cookie to clear it may not reach the browser (cross-domain /
+ * CDN stripping). The user gets stuck — unable to load the site OR log in.
+ *
+ * The fix: clear the auth credentials CLIENT-SIDE so the next request is a clean
+ * guest request and the user can log in again.
+ */
+
+// Auth-related cookies set across the MGN ecosystem.
+const AUTH_COOKIES = [
+	"oauth_token",
+	"oauth_state",
+	"browser_id",
+	"oauth_version",
+	"mundo_gamer_network_session",
+	"XSRF-TOKEN",
+];
+
+/**
+ * Compute every plausible (domain, path) combination a cookie might have been
+ * set with, so we can reliably expire it regardless of how the backend scoped it.
+ *
+ * e.g. host = api.mundogamer.community →
+ *   domains: ["", "api.mundogamer.community", ".api.mundogamer.community",
+ *             "mundogamer.community", ".mundogamer.community"]
+ */
+function candidateDomains(): string[] {
+	if (typeof location === "undefined") return [""];
+	const host = location.hostname;
+	const domains = new Set<string>([""]); // "" = default (current host, no domain attr)
+	domains.add(host);
+	domains.add(`.${host}`);
+
+	const parts = host.split(".");
+	// Walk up to the registrable domain: a.b.c.com → b.c.com → c.com
+	for (let i = 1; i < parts.length - 1; i++) {
+		const parent = parts.slice(i).join(".");
+		domains.add(parent);
+		domains.add(`.${parent}`);
+	}
+	return Array.from(domains);
+}
+
+/** Expire a single cookie across every plausible domain/path scope. */
+function expireCookie(name: string) {
+	if (typeof document === "undefined") return;
+	const expires = "expires=Thu, 01 Jan 1970 00:00:00 GMT";
+	const paths = ["/", location?.pathname || "/"];
+	for (const domain of candidateDomains()) {
+		for (const path of paths) {
+			const domainAttr = domain ? `;domain=${domain}` : "";
+			document.cookie = `${name}=;${expires};path=${path}${domainAttr};SameSite=Lax`;
+			// Secure variant for cross-site contexts
+			document.cookie = `${name}=;${expires};path=${path}${domainAttr};SameSite=None;Secure`;
+		}
+	}
+}
+
+/**
+ * Clear ONLY the auth credentials (cookies + auth store), leaving the user's
+ * other client state (cart, preferences, theme) intact. Use this on detected
+ * session loss so the user recovers without losing unrelated data.
+ */
+export function clearAuthCredentials() {
+	if (typeof window === "undefined") return;
+	AUTH_COOKIES.forEach(expireCookie);
+	try {
+		const authStore = useAuthStore();
+		authStore.clearUser?.();
+	} catch (_) {
+		// store not available in this context
+	}
+}
+
+/**
+ * Full client reset — auth cookies + localStorage + sessionStorage + auth store.
+ * Use on explicit logout or as the "Reset & Reload" recovery action so a stuck
+ * browser is fully cleaned and the user can start fresh.
+ */
+export function clearClientSession() {
+	if (typeof window === "undefined") return;
+	AUTH_COOKIES.forEach(expireCookie);
+
+	// Also expire ANY cookie currently visible to JS (defensive — catches
+	// renamed/legacy auth cookies we don't know about).
+	try {
+		document.cookie.split(";").forEach((c) => {
+			const name = c.split("=")[0].trim();
+			if (name) expireCookie(name);
+		});
+	} catch (_) {}
+
+	try { localStorage.clear(); } catch (_) {}
+	try { sessionStorage.clear(); } catch (_) {}
+	try {
+		const authStore = useAuthStore();
+		authStore.clearUser?.();
+	} catch (_) {}
+}