@oxyhq/services 5.7.4 → 5.8.1

package/src/node/middleware.ts

@@ -1,234 +0,0 @@
-/**
- * Zero-config Express middleware for OxyHQ Services authentication
- * 
- * This provides a simple, one-line solution for adding authentication to Express apps.
- * Simply import and use: app.use('/api', createOxyAuth())
- */
-
-import { OxyServices } from '../core';
-import { ApiError } from '../models/interfaces';
-
-export interface OxyAuthConfig {
-  /** Base URL of your Oxy API server */
-  baseURL?: string;
-  /** Whether to load full user data (default: true) */
-  loadUser?: boolean;
-  /** Routes that don't require authentication */
-  publicPaths?: string[];
-  /** Custom error handler */
-  onError?: (error: ApiError, req: any, res: any) => void;
-}
-
-export interface AuthenticatedRequest {
-  user?: any;
-  userId?: string;
-  accessToken?: string;
-}
-
-/**
- * Creates zero-config authentication middleware for Express.js
- * 
- * @example
- * ```typescript
- * import express from 'express';
- * import { createOxyAuth } from '@oxyhq/services/node';
- * 
- * const app = express();
- * 
- * // Zero-config auth for all /api routes
- * app.use('/api', createOxyAuth());
- * 
- * // Now all routes under /api automatically have req.user available
- * app.get('/api/profile', (req, res) => {
- *   res.json({ user: req.user }); // req.user is automatically available
- * });
- * ```
- */
-export function createOxyAuth(config: OxyAuthConfig = {}) {
-  const {
-    baseURL = process.env.OXY_API_URL || 'http://localhost:3001',
-    loadUser = true,
-    publicPaths = [],
-    onError
-  } = config;
-
-  const oxy = new OxyServices({ baseURL });
-
-  return async (req: any, res: any, next: any) => {
-    // Check if this is a public path
-    const isPublicPath = publicPaths.some(path => 
-      req.path === path || req.path.startsWith(path + '/')
-    );
-
-    if (isPublicPath) {
-      return next();
-    }
-
-    try {
-      const authHeader = req.headers['authorization'];
-      const token = authHeader && authHeader.split(' ')[1]; // Bearer TOKEN
-
-      if (!token) {
-        const error: ApiError = {
-          message: 'Access token required',
-          code: 'MISSING_TOKEN',
-          status: 401
-        };
-
-        if (onError) {
-          return onError(error, req, res);
-        }
-
-        return res.status(401).json({
-          error: 'Access token required',
-          code: 'MISSING_TOKEN'
-        });
-      }
-
-      // Validate token using the OxyServices client
-      const authResult = await oxy.authenticateToken(token);
-
-      if (!authResult.valid) {
-        const error: ApiError = {
-          message: authResult.error || 'Invalid token',
-          code: 'INVALID_TOKEN',
-          status: 403
-        };
-
-        if (onError) {
-          return onError(error, req, res);
-        }
-
-        return res.status(403).json({
-          error: authResult.error || 'Invalid token',
-          code: 'INVALID_TOKEN'
-        });
-      }
-
-      // Attach user data to request
-      req.userId = authResult.userId;
-      req.accessToken = token;
-
-      if (loadUser && authResult.user) {
-        req.user = authResult.user;
-      } else {
-        req.user = { id: authResult.userId };
-      }
-
-      next();
-    } catch (error: any) {
-      const apiError: ApiError = {
-        message: error.message || 'Authentication failed',
-        code: error.code || 'AUTH_ERROR',
-        status: error.status || 500
-      };
-
-      if (onError) {
-        return onError(apiError, req, res);
-      }
-
-      res.status(apiError.status).json({
-        error: apiError.message,
-        code: apiError.code
-      });
-    }
-  };
-}
-
-/**
- * Creates optional authentication middleware
- * This middleware will attach user data if a valid token is present, but won't fail if missing
- * 
- * @example
- * ```typescript
- * import { createOptionalOxyAuth } from '@oxyhq/services/node';
- * 
- * app.use('/api', createOptionalOxyAuth());
- * 
- * app.get('/api/content', (req, res) => {
- *   if (req.user) {
- *     // User is authenticated, show personalized content
- *     res.json({ content: 'personalized', user: req.user });
- *   } else {
- *     // Anonymous user, show public content
- *     res.json({ content: 'public' });
- *   }
- * });
- * ```
- */
-export function createOptionalOxyAuth(config: OxyAuthConfig = {}) {
-  const {
-    baseURL = process.env.OXY_API_URL || 'http://localhost:3001',
-    loadUser = true
-  } = config;
-
-  const oxy = new OxyServices({ baseURL });
-
-  return async (req: any, res: any, next: any) => {
-    try {
-      const authHeader = req.headers['authorization'];
-      const token = authHeader && authHeader.split(' ')[1]; // Bearer TOKEN
-
-      if (!token) {
-        // No token provided, continue without authentication
-        return next();
-      }
-
-      // Validate token using the OxyServices client
-      const authResult = await oxy.authenticateToken(token);
-
-      if (authResult.valid) {
-        // Attach user data to request if token is valid
-        req.userId = authResult.userId;
-        req.accessToken = token;
-
-        if (loadUser && authResult.user) {
-          req.user = authResult.user;
-        } else {
-          req.user = { id: authResult.userId };
-        }
-      }
-
-      next();
-    } catch (error) {
-      // If there's an error, continue without authentication
-      // This makes the middleware truly optional
-      next();
-    }
-  };
-}
-
-/**
- * Utility function to quickly set up a complete Express app with authentication
- * 
- * @example
- * ```typescript
- * import { createOxyExpressApp } from '@oxyhq/services/node';
- * 
- * const app = createOxyExpressApp();
- * 
- * // All routes automatically have authentication and req.user available
- * app.get('/api/profile', (req, res) => {
- *   res.json({ user: req.user });
- * });
- * 
- * app.listen(3000);
- * ```
- */
-export function createOxyExpressApp(config: OxyAuthConfig & {
-  /** Express app configuration */
-  cors?: boolean;
-  /** JSON body parser limit */
-  jsonLimit?: string;
-  /** Additional middleware to apply */
-  middleware?: any[];
-} = {}) {
-  // This is a lightweight helper - users should import express themselves
-  // We'll provide the middleware setup instructions instead
-  
-  throw new Error('createOxyExpressApp is not implemented yet. Please use createOxyAuth() middleware with your existing Express app.');
-}
-
-// Re-export for convenience
-export { OxyServices } from '../core';
-export * from '../models/interfaces';

package/src/ui/zero-config/index.ts

@@ -1,11 +0,0 @@
-/**
- * Zero-config exports for OxyHQ Services
- */
-
-export {
-  OxyZeroConfigProvider,
-  useOxyZeroConfig,
-  useOxyApi,
-  type OxyZeroConfigState,
-  type OxyZeroConfigProviderProps
-} from './provider';

package/src/ui/zero-config/provider.tsx

@@ -1,310 +0,0 @@
-/**
- * Zero-config OxyHQ Provider and Hook for React/React Native
- * 
- * This provides a simplified, one-line setup for frontend authentication
- * with automatic token management and API integration.
- */
-
-import React, { createContext, useContext, useEffect, useState, ReactNode, useCallback } from 'react';
-import { OxyServices } from '../../core';
-import { User, LoginResponse } from '../../models/interfaces';
-
-export interface OxyZeroConfigState {
-  // Authentication state
-  user: User | null;
-  isAuthenticated: boolean;
-  isLoading: boolean;
-  error: string | null;
-
-  // Simple auth methods
-  login: (username: string, password: string) => Promise<User>;
-  logout: () => Promise<void>;
-  register: (username: string, email: string, password: string) => Promise<User>;
-
-  // Access to the OxyServices client
-  api: OxyServices;
-}
-
-const OxyZeroConfigContext = createContext<OxyZeroConfigState | null>(null);
-
-export interface OxyZeroConfigProviderProps {
-  children: ReactNode;
-  /** Base URL of your Oxy API server (defaults to process.env.REACT_APP_OXY_API_URL or http://localhost:3001) */
-  apiUrl?: string;
-  /** Called when authentication state changes */
-  onAuthChange?: (user: User | null) => void;
-  /** Storage key prefix (default: 'oxy_zero') */
-  storagePrefix?: string;
-}
-
-/**
- * Zero-config provider for OxyHQ Services
- * 
- * @example
- * ```tsx
- * import { OxyZeroConfigProvider } from '@oxyhq/services/ui';
- * 
- * function App() {
- *   return (
- *     <OxyZeroConfigProvider>
- *       <MyApp />
- *     </OxyZeroConfigProvider>
- *   );
- * }
- * ```
- */
-export const OxyZeroConfigProvider: React.FC<OxyZeroConfigProviderProps> = ({
-  children,
-  apiUrl,
-  onAuthChange,
-  storagePrefix = 'oxy_zero'
-}) => {
-  // Determine API URL with fallbacks
-  const finalApiUrl = apiUrl || 
-    (typeof process !== 'undefined' && process.env?.REACT_APP_OXY_API_URL) ||
-    'http://localhost:3001';
-
-  // Initialize OxyServices
-  const [api] = useState(() => new OxyServices({ baseURL: finalApiUrl }));
-  
-  // State
-  const [user, setUser] = useState<User | null>(null);
-  const [isLoading, setIsLoading] = useState(true);
-  const [error, setError] = useState<string | null>(null);
-
-  const isAuthenticated = user !== null;
-
-  // Storage helpers
-  const getStorageKey = (key: string) => `${storagePrefix}_${key}`;
-
-  const saveToStorage = useCallback((key: string, value: string) => {
-    try {
-      if (typeof localStorage !== 'undefined') {
-        localStorage.setItem(getStorageKey(key), value);
-      }
-    } catch (error) {
-      console.warn('Failed to save to storage:', error);
-    }
-  }, [storagePrefix]);
-
-  const getFromStorage = useCallback((key: string): string | null => {
-    try {
-      if (typeof localStorage !== 'undefined') {
-        return localStorage.getItem(getStorageKey(key));
-      }
-    } catch (error) {
-      console.warn('Failed to read from storage:', error);
-    }
-    return null;
-  }, [storagePrefix]);
-
-  const removeFromStorage = useCallback((key: string) => {
-    try {
-      if (typeof localStorage !== 'undefined') {
-        localStorage.removeItem(getStorageKey(key));
-      }
-    } catch (error) {
-      console.warn('Failed to remove from storage:', error);
-    }
-  }, [storagePrefix]);
-
-  // Initialize authentication state
-  useEffect(() => {
-    const initAuth = async () => {
-      try {
-        setIsLoading(true);
-        setError(null);
-
-        // Try to restore tokens from storage
-        const savedAccessToken = getFromStorage('accessToken');
-        const savedRefreshToken = getFromStorage('refreshToken');
-
-        if (savedAccessToken && savedRefreshToken) {
-          // Set tokens in the API client
-          api.setTokens(savedAccessToken, savedRefreshToken);
-
-          // Validate the token
-          const isValid = await api.validate();
-          if (isValid) {
-            // Load user data
-            const currentUser = await api.getCurrentUser();
-            setUser(currentUser);
-            
-            if (onAuthChange) {
-              onAuthChange(currentUser);
-            }
-          } else {
-            // Invalid token, clear storage
-            removeFromStorage('accessToken');
-            removeFromStorage('refreshToken');
-            api.clearTokens();
-          }
-        }
-      } catch (error: any) {
-        console.warn('Failed to restore authentication:', error);
-        setError('Failed to restore authentication');
-        
-        // Clear invalid tokens
-        removeFromStorage('accessToken');
-        removeFromStorage('refreshToken');
-        api.clearTokens();
-      } finally {
-        setIsLoading(false);
-      }
-    };
-
-    initAuth();
-  }, [api, getFromStorage, removeFromStorage, onAuthChange]);
-
-  // Login method
-  const login = useCallback(async (username: string, password: string): Promise<User> => {
-    try {
-      setIsLoading(true);
-      setError(null);
-
-      const response: LoginResponse = await api.login(username, password);
-      
-      // Save tokens to storage
-      if (response.accessToken) {
-        saveToStorage('accessToken', response.accessToken);
-      }
-      if (response.refreshToken) {
-        saveToStorage('refreshToken', response.refreshToken);
-      }
-
-      // Update state
-      setUser(response.user);
-      
-      if (onAuthChange) {
-        onAuthChange(response.user);
-      }
-
-      return response.user;
-    } catch (error: any) {
-      const errorMessage = error.message || 'Login failed';
-      setError(errorMessage);
-      throw new Error(errorMessage);
-    } finally {
-      setIsLoading(false);
-    }
-  }, [api, saveToStorage, onAuthChange]);
-
-  // Logout method
-  const logout = useCallback(async (): Promise<void> => {
-    try {
-      setIsLoading(true);
-      await api.logout();
-    } catch (error) {
-      console.warn('Logout API call failed:', error);
-    } finally {
-      // Always clean up local state and storage
-      removeFromStorage('accessToken');
-      removeFromStorage('refreshToken');
-      api.clearTokens();
-      setUser(null);
-      setError(null);
-      setIsLoading(false);
-      
-      if (onAuthChange) {
-        onAuthChange(null);
-      }
-    }
-  }, [api, removeFromStorage, onAuthChange]);
-
-  // Register method
-  const register = useCallback(async (username: string, email: string, password: string): Promise<User> => {
-    try {
-      setIsLoading(true);
-      setError(null);
-
-      const response = await api.signUp(username, email, password);
-      
-      // Save token from registration
-      if (response.token) {
-        saveToStorage('accessToken', response.token);
-        // Note: signUp doesn't return refreshToken in current API
-      }
-
-      // Update state
-      setUser(response.user);
-      
-      if (onAuthChange) {
-        onAuthChange(response.user);
-      }
-
-      return response.user;
-    } catch (error: any) {
-      const errorMessage = error.message || 'Registration failed';
-      setError(errorMessage);
-      throw new Error(errorMessage);
-    } finally {
-      setIsLoading(false);
-    }
-  }, [api, saveToStorage, onAuthChange]);
-
-  const contextValue: OxyZeroConfigState = {
-    user,
-    isAuthenticated,
-    isLoading,
-    error,
-    login,
-    logout,
-    register,
-    api
-  };
-
-  return (
-    <OxyZeroConfigContext.Provider value={contextValue}>
-      {children}
-    </OxyZeroConfigContext.Provider>
-  );
-};
-
-/**
- * Zero-config hook for OxyHQ Services
- * 
- * @example
- * ```tsx
- * function MyComponent() {
- *   const { user, login, logout, isAuthenticated } = useOxyZeroConfig();
- *   
- *   const handleLogin = () => {
- *     login('username', 'password');
- *   };
- *   
- *   if (isAuthenticated) {
- *     return <div>Welcome, {user?.username}!</div>;
- *   }
- *   
- *   return <button onClick={handleLogin}>Login</button>;
- * }
- * ```
- */
-export const useOxyZeroConfig = (): OxyZeroConfigState => {
-  const context = useContext(OxyZeroConfigContext);
-  if (!context) {
-    throw new Error('useOxyZeroConfig must be used within an OxyZeroConfigProvider');
-  }
-  return context;
-};
-
-/**
- * Hook for automatic API client with authentication
- * This automatically includes the auth token in requests
- * 
- * @example
- * ```tsx
- * function ProfileComponent() {
- *   const api = useOxyApi();
- *   
- *   const updateProfile = async (data) => {
- *     const user = await api.updateProfile(data);
- *     // Token is automatically included
- *   };
- * }
- * ```
- */
-export const useOxyApi = (): OxyServices => {
-  const { api } = useOxyZeroConfig();
-  return api;
-};