@objectstack/plugin-auth 4.0.2 → 4.0.4

package/dist/index.mjs

@@ -372,7 +372,20 @@ var AuthManager = class {
       // better-auth plugins — registered based on AuthPluginConfig flags
       plugins: this.buildPluginList(),
       // Trusted origins for CSRF protection (supports wildcards like "https://*.example.com")
-      ...this.config.trustedOrigins?.length ? { trustedOrigins: this.config.trustedOrigins } : {},
+      // Auto-includes origins from CORS_ORIGIN env var so CORS and CSRF stay in sync.
+      ...(() => {
+        const origins = [...this.config.trustedOrigins || []];
+        const corsOrigin = process.env.CORS_ORIGIN;
+        if (corsOrigin && corsOrigin !== "*") {
+          corsOrigin.split(",").map((s) => s.trim()).filter(Boolean).forEach((o) => {
+            if (!origins.includes(o)) origins.push(o);
+          });
+        }
+        if (!origins.length && (!corsOrigin || corsOrigin === "*")) {
+          origins.push("http://localhost:*");
+        }
+        return origins.length ? { trustedOrigins: origins } : {};
+      })(),
       // Advanced options (cross-subdomain cookies, secure cookies, CSRF, etc.)
       ...this.config.advanced ? {
         advanced: {
@@ -508,6 +521,59 @@ var AuthManager = class {
   get api() {
     return this.getOrCreateAuth().api;
   }
+  /**
+   * Get public authentication configuration
+   * Returns safe, non-sensitive configuration that can be exposed to the frontend
+   *
+   * This allows the frontend to discover:
+   * - Which social/OAuth providers are available
+   * - Whether email/password login is enabled
+   * - Which advanced features are enabled (2FA, magic links, etc.)
+   */
+  getPublicConfig() {
+    const socialProviders = [];
+    if (this.config.socialProviders) {
+      for (const [id, providerConfig] of Object.entries(this.config.socialProviders)) {
+        if (providerConfig.enabled !== false) {
+          const nameMap = {
+            google: "Google",
+            github: "GitHub",
+            microsoft: "Microsoft",
+            apple: "Apple",
+            facebook: "Facebook",
+            twitter: "Twitter",
+            discord: "Discord",
+            gitlab: "GitLab",
+            linkedin: "LinkedIn"
+          };
+          socialProviders.push({
+            id,
+            name: nameMap[id] || id.charAt(0).toUpperCase() + id.slice(1),
+            enabled: true
+          });
+        }
+      }
+    }
+    const emailPasswordConfig = this.config.emailAndPassword ?? {};
+    const emailPassword = {
+      enabled: emailPasswordConfig.enabled !== false,
+      // Default to true
+      disableSignUp: emailPasswordConfig.disableSignUp ?? false,
+      requireEmailVerification: emailPasswordConfig.requireEmailVerification ?? false
+    };
+    const pluginConfig = this.config.plugins ?? {};
+    const features = {
+      twoFactor: pluginConfig.twoFactor ?? false,
+      passkeys: pluginConfig.passkeys ?? false,
+      magicLink: pluginConfig.magicLink ?? false,
+      organization: pluginConfig.organization ?? false
+    };
+    return {
+      emailPassword,
+      socialProviders,
+      features
+    };
+  }
 };
 
 // src/objects/sys-user.object.ts
@@ -1220,6 +1286,65 @@ var SysTwoFactor = ObjectSchema11.create({
   }
 });
 
+// src/objects/sys-user-preference.object.ts
+import { ObjectSchema as ObjectSchema12, Field as Field12 } from "@objectstack/spec/data";
+var SysUserPreference = ObjectSchema12.create({
+  namespace: "sys",
+  name: "user_preference",
+  label: "User Preference",
+  pluralLabel: "User Preferences",
+  icon: "settings",
+  isSystem: true,
+  description: "Per-user key-value preferences (theme, locale, etc.)",
+  titleFormat: "{key}",
+  compactLayout: ["user_id", "key"],
+  fields: {
+    id: Field12.text({
+      label: "Preference ID",
+      required: true,
+      readonly: true
+    }),
+    created_at: Field12.datetime({
+      label: "Created At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    updated_at: Field12.datetime({
+      label: "Updated At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    user_id: Field12.text({
+      label: "User ID",
+      required: true,
+      maxLength: 255,
+      description: "Owner user of this preference"
+    }),
+    key: Field12.text({
+      label: "Key",
+      required: true,
+      maxLength: 255,
+      description: "Preference key (e.g., theme, locale, plugin.ai.auto_save)"
+    }),
+    value: Field12.json({
+      label: "Value",
+      description: "Preference value (any JSON-serializable type)"
+    })
+  },
+  indexes: [
+    { fields: ["user_id", "key"], unique: true },
+    { fields: ["user_id"], unique: false }
+  ],
+  enable: {
+    trackHistory: false,
+    searchable: false,
+    apiEnabled: true,
+    apiMethods: ["get", "list", "create", "update", "delete"],
+    trash: false,
+    mru: false
+  }
+});
+
 // src/auth-plugin.ts
 var AuthPlugin = class {
   constructor(options = {}) {
@@ -1265,7 +1390,8 @@ var AuthPlugin = class {
         SysTeam,
         SysTeamMember,
         SysApiKey,
-        SysTwoFactor
+        SysTwoFactor,
+        SysUserPreference
       ]
     });
     try {
@@ -1365,6 +1491,25 @@ var AuthPlugin = class {
       );
     }
     const rawApp = httpServer.getRawApp();
+    rawApp.get(`${basePath}/config`, async (c) => {
+      try {
+        const config = this.authManager.getPublicConfig();
+        return c.json({
+          success: true,
+          data: config
+        });
+      } catch (error) {
+        const err = error instanceof Error ? error : new Error(String(error));
+        ctx.logger.error("Auth config error:", err);
+        return c.json({
+          success: false,
+          error: {
+            code: "auth_config_error",
+            message: err.message
+          }
+        }, 500);
+      }
+    });
     rawApp.all(`${basePath}/*`, async (c) => {
       try {
         const response = await this.authManager.handleRequest(c.req.raw);
@@ -1425,6 +1570,7 @@ export {
   SysTeamMember,
   SysTwoFactor,
   SysUser,
+  SysUserPreference,
   SysVerification,
   buildOrganizationPluginSchema,
   buildTwoFactorPluginSchema,