@objectstack/plugin-auth 4.0.4 → 4.1.0

package/IMPLEMENTATION_SUMMARY.md

@@ -1,192 +0,0 @@
-# Auth Plugin Implementation Summary
-
-## Overview
-
-Successfully integrated the Better-Auth library (v1.4.18) into `@objectstack/plugin-auth` - an authentication and identity plugin for the ObjectStack ecosystem. The plugin now has the better-auth library integrated with a working AuthManager class and lazy initialization pattern.
-
-## Latest Updates (Phase 1 & 2 Complete)
-
-### Better-Auth Integration
-- ✅ Added better-auth v1.4.18 as runtime dependency
-- ✅ Created AuthManager class wrapping better-auth
-- ✅ Implemented lazy initialization to avoid database errors
-- ✅ Added TypeScript types for all authentication methods
-- ✅ Updated plugin to use real AuthManager (not stub)
-- ✅ All 11 tests passing with no errors
-
-### Technical Improvements
-- Better-auth instance created only when needed (lazy initialization)
-- Proper TypeScript typing for HTTP request/response handlers
-- Support for configuration-based initialization
-- Extensible design for future features (OAuth, 2FA, etc.)
-
-## What Was Implemented
-
-### 1. Package Structure
-- Created new workspace package at `packages/plugins/plugin-auth/`
-- Configured package.json with proper dependencies
-- Set up TypeScript configuration
-- Created comprehensive README and CHANGELOG
-
-### 2. Core Plugin Implementation
-- **AuthPlugin class** - Full plugin lifecycle (init, start, destroy)
-- **AuthManager class** - Real implementation with better-auth integration
-- **Lazy initialization** - Better-auth instance created only when needed
-- **Route registration** - HTTP endpoints for login, register, logout, session
-- **Service registration** - Registers 'auth' service in ObjectKernel
-- **Configuration support** - Uses AuthConfig schema from @objectstack/spec/system
-- **TypeScript types** - Proper typing for IHttpRequest and IHttpResponse
-
-### 3. Testing
-- 11 comprehensive unit tests
-- 100% test coverage of implemented functionality
-- All tests passing (11/11)
-- Proper mocking of dependencies
-
-### 4. Documentation
-- Detailed README with usage examples
-- Implementation status clearly documented
-- Configuration options explained
-- Example usage file (examples/basic-usage.ts)
-- Updated main README to list the new package
-
-### 5. Build & Integration
-- Package builds successfully with tsup
-- Integrated into monorepo build system
-- All dependencies resolved correctly
-- No build or lint errors
-
-## File Structure
-
-```
-packages/plugins/plugin-auth/
-├── CHANGELOG.md
-├── README.md
-├── IMPLEMENTATION_SUMMARY.md
-├── package.json
-├── tsconfig.json
-├── examples/
-│   └── basic-usage.ts
-├── src/
-│   ├── index.ts
-│   ├── auth-plugin.ts        # Main plugin implementation
-│   ├── auth-manager.ts        # NEW: Better-auth wrapper class
-│   └── auth-plugin.test.ts
-└── dist/
-    └── [build outputs]
-```
-
-## Key Design Decisions
-
-1. **Better-Auth Integration**: Integrated better-auth v1.4.18 as the core authentication library
-2. **Lazy Initialization**: AuthManager creates better-auth instance only when needed to avoid database initialization errors
-3. **Flexible Configuration**: Supports custom better-auth instances or automatic creation from config
-4. **IHttpServer Integration**: Routes registered through ObjectStack's IHttpServer interface
-5. **Configuration Protocol**: Uses existing AuthConfig schema from spec package
-6. **Plugin Pattern**: Follows established ObjectStack plugin conventions
-7. **TypeScript-First**: Full type safety with proper interface definitions
-
-## API Routes Registered
-
-- `POST /api/v1/auth/login` - User login (stub)
-- `POST /api/v1/auth/register` - User registration (stub)
-- `POST /api/v1/auth/logout` - User logout (stub)
-- `GET /api/v1/auth/session` - Get current session (stub)
-
-## Dependencies
-
-### Runtime Dependencies
-- `@objectstack/core` - Plugin system
-- `@objectstack/spec` - Protocol schemas
-- `better-auth` ^1.4.18 - Authentication library
-
-### Peer Dependencies (Optional)
-- `drizzle-orm` >=0.41.0 - For database persistence (optional)
-
-### Dev Dependencies
-- `@types/node` ^25.2.2
-- `typescript` ^5.0.0
-- `vitest` ^4.0.18
-
-## Testing Results
-
-```
- ✓ src/auth-plugin.test.ts (11 tests) 13ms
-   ✓ Plugin Metadata (1)
-   ✓ Initialization (4)
-   ✓ Start Phase (3)
-   ✓ Destroy Phase (1)
-   ✓ Configuration Options (2)
-
- Test Files  1 passed (1)
-      Tests  11 passed (11)
-      
-✅ All tests passing with no errors
-✅ Better-auth integration working with lazy initialization
-```
-
-## Next Steps (Future Development)
-
-1. **Phase 3: Complete API Integration**
-   - Wire up better-auth API methods to login/register/logout routes
-   - Implement proper session management
-   - Add request/response transformations
-
-2. **Phase 4: Database Adapter**
-   - Implement drizzle-orm adapter
-   - Add database schema migrations
-   - Support multiple database providers (PostgreSQL, MySQL, SQLite)
-
-3. **Phase 5: OAuth Providers**
-   - Google OAuth integration
-   - GitHub OAuth integration
-   - Generic OAuth provider support
-   - Provider configuration
-
-4. **Phase 6: Advanced Features**
-   - Two-factor authentication (2FA)
-   - Passkey support
-   - Magic link authentication
-   - Organization/team management
-
-5. **Phase 7: Security**
-   - Rate limiting
-   - CSRF protection
-   - Session security
-   - Audit logging
-
-## Current Implementation Status
-
-✅ **Phase 1 & 2: COMPLETE**
-- Better-auth library successfully integrated
-- AuthManager class implemented with lazy initialization
-- All tests passing
-- Build successful
-- Ready for Phase 3 (API Integration)
-
-🔄 **Phase 3: IN PROGRESS**
-- Authentication method structures in place
-- Placeholder responses implemented
-- Need to connect actual better-auth API calls
-## References
-
-- Plugin implementation: `packages/plugins/plugin-auth/src/auth-plugin.ts`
-- AuthManager implementation: `packages/plugins/plugin-auth/src/auth-manager.ts`
-- Tests: `packages/plugins/plugin-auth/src/auth-plugin.test.ts`
-- Schema: `packages/spec/src/system/auth-config.zod.ts`
-- Example: `packages/plugins/plugin-auth/examples/basic-usage.ts`
-- Better-auth docs: https://www.better-auth.com/
-
-## Recent Commits
-
-1. `135a5c6` - feat: add better-auth library integration to auth plugin
-2. `c11398a` - Initial plan
-3. `81dbb51` - docs: update implementation summary with planned features
-
----
-
-**Status**: ✅ Better-Auth Integration Complete (Phase 1 & 2)
-**Version**: 2.0.2  
-**Test Coverage**: 11/11 tests passing (100%)
-**Build Status**: ✅ Passing  
-**Dependencies**: better-auth v1.4.18 integrated

package/examples/basic-usage.ts

@@ -1,107 +0,0 @@
-// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.
-
-/**
- * Auth Plugin Usage Example
- * 
- * This example demonstrates how to use the AuthPlugin with better-auth
- * in an ObjectStack application. All requests are forwarded directly
- * to better-auth's universal handler.
- */
-
-import { ObjectKernel } from '@objectstack/core';
-import { HonoServerPlugin } from '@objectstack/plugin-hono-server';
-import { AuthPlugin } from '@objectstack/plugin-auth';
-
-// Create kernel
-const kernel = new ObjectKernel();
-
-// Initialize the kernel
-async function main() {
-  try {
-    // Register HTTP server plugin
-    await kernel.use(new HonoServerPlugin({
-      port: 3000,
-    }));
-    
-    // Register auth plugin
-    await kernel.use(new AuthPlugin({
-      secret: process.env.AUTH_SECRET || 'your-secret-key-at-least-32-chars',
-      baseUrl: process.env.BASE_URL || 'http://localhost:3000',
-      databaseUrl: process.env.DATABASE_URL,
-      
-      // OAuth providers (optional)
-      providers: [
-        {
-          id: 'google',
-          clientId: process.env.GOOGLE_CLIENT_ID || '',
-          clientSecret: process.env.GOOGLE_CLIENT_SECRET || '',
-          scope: ['email', 'profile'],
-        },
-        {
-          id: 'github',
-          clientId: process.env.GITHUB_CLIENT_ID || '',
-          clientSecret: process.env.GITHUB_CLIENT_SECRET || '',
-        },
-      ],
-      
-      // Additional auth features (optional)
-      plugins: {
-        organization: true,  // Multi-tenant support
-        twoFactor: true,     // 2FA support
-        passkeys: false,     // Passkey support
-        magicLink: true,     // Magic link login
-      },
-      
-      // Session configuration (optional)
-      session: {
-        expiresIn: 60 * 60 * 24 * 7, // 7 days
-        updateAge: 60 * 60 * 24,     // Update every 24 hours
-      },
-      
-      // Route configuration
-      registerRoutes: true,
-      basePath: '/api/v1/auth',
-    }));
-
-    // Bootstrap the kernel
-    await kernel.bootstrap();
-    
-    console.log('🚀 Server started with auth plugin');
-    console.log('📍 Better-auth endpoints available at:');
-    console.log('');
-    console.log('   Email/Password:');
-    console.log('   - POST http://localhost:3000/api/v1/auth/sign-up/email');
-    console.log('   - POST http://localhost:3000/api/v1/auth/sign-in/email');
-    console.log('   - POST http://localhost:3000/api/v1/auth/sign-out');
-    console.log('   - GET  http://localhost:3000/api/v1/auth/get-session');
-    console.log('');
-    console.log('   Password Management:');
-    console.log('   - POST http://localhost:3000/api/v1/auth/forget-password');
-    console.log('   - POST http://localhost:3000/api/v1/auth/reset-password');
-    console.log('');
-    console.log('   OAuth (if configured):');
-    console.log('   - GET  http://localhost:3000/api/v1/auth/authorize/google');
-    console.log('   - GET  http://localhost:3000/api/v1/auth/authorize/github');
-    console.log('');
-    console.log('   See https://www.better-auth.com/docs for complete API reference');
-    console.log('');
-    
-    // Access the auth service from the kernel
-    const authService = kernel.getService('auth');
-    console.log('✅ Auth service registered:', !!authService);
-    
-  } catch (error) {
-    console.error('❌ Failed to start server:', error);
-    process.exit(1);
-  }
-}
-
-// Handle graceful shutdown
-process.on('SIGINT', async () => {
-  console.log('\n🛑 Shutting down...');
-  await kernel.shutdown();
-  process.exit(0);
-});
-
-// Start the application
-main();

package/objectstack.config.ts

@@ -1,24 +0,0 @@
-// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.
-
-import { defineStack } from '@objectstack/spec';
-import * as objects from './src/objects';
-
-/**
- * ObjectStack Configuration for plugin-auth
- * 
- * This configuration defines the authentication and identity kernel objects
- * for the ObjectStack platform.
- */
-export default defineStack({
-  manifest: {
-    id: 'com.objectstack.plugin-auth',
-    namespace: 'auth',
-    version: '3.0.1',
-    type: 'plugin',
-    name: 'Authentication & Identity Plugin',
-    description: 'Core authentication objects for ObjectStack (User, Session, Account, Verification)',
-  },
-
-  // Export all authentication kernel objects
-  objects: Object.values(objects),
-});