@payez/next-mvp 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +782 -0
- package/dist/api/auth-handler.d.ts +67 -0
- package/dist/api/auth-handler.js +397 -0
- package/dist/api/index.d.ts +10 -0
- package/dist/api/index.js +19 -0
- package/dist/api-handlers/account/change-password.d.ts +9 -0
- package/dist/api-handlers/account/change-password.js +112 -0
- package/dist/api-handlers/account/masked-info.d.ts +2 -0
- package/dist/api-handlers/account/masked-info.js +41 -0
- package/dist/api-handlers/account/profile.d.ts +3 -0
- package/dist/api-handlers/account/profile.js +63 -0
- package/dist/api-handlers/account/recovery/initiate.d.ts +2 -0
- package/dist/api-handlers/account/recovery/initiate.js +26 -0
- package/dist/api-handlers/account/recovery/send-code.d.ts +2 -0
- package/dist/api-handlers/account/recovery/send-code.js +28 -0
- package/dist/api-handlers/account/recovery/verify-code.d.ts +2 -0
- package/dist/api-handlers/account/recovery/verify-code.js +28 -0
- package/dist/api-handlers/account/reset-password.d.ts +2 -0
- package/dist/api-handlers/account/reset-password.js +26 -0
- package/dist/api-handlers/account/send-code.d.ts +24 -0
- package/dist/api-handlers/account/send-code.js +60 -0
- package/dist/api-handlers/account/update-phone.d.ts +27 -0
- package/dist/api-handlers/account/update-phone.js +64 -0
- package/dist/api-handlers/account/validate-password.d.ts +17 -0
- package/dist/api-handlers/account/validate-password.js +81 -0
- package/dist/api-handlers/account/verify-email.d.ts +26 -0
- package/dist/api-handlers/account/verify-email.js +106 -0
- package/dist/api-handlers/account/verify-sms.d.ts +26 -0
- package/dist/api-handlers/account/verify-sms.js +106 -0
- package/dist/api-handlers/admin/analytics.d.ts +20 -0
- package/dist/api-handlers/admin/analytics.js +379 -0
- package/dist/api-handlers/admin/audit.d.ts +20 -0
- package/dist/api-handlers/admin/audit.js +214 -0
- package/dist/api-handlers/admin/index.d.ts +21 -0
- package/dist/api-handlers/admin/index.js +41 -0
- package/dist/api-handlers/admin/redis-sessions.d.ts +36 -0
- package/dist/api-handlers/admin/redis-sessions.js +204 -0
- package/dist/api-handlers/admin/sessions.d.ts +21 -0
- package/dist/api-handlers/admin/sessions.js +284 -0
- package/dist/api-handlers/admin/site-logs.d.ts +46 -0
- package/dist/api-handlers/admin/site-logs.js +318 -0
- package/dist/api-handlers/admin/users.d.ts +20 -0
- package/dist/api-handlers/admin/users.js +222 -0
- package/dist/api-handlers/admin/vibe-data.d.ts +80 -0
- package/dist/api-handlers/admin/vibe-data.js +268 -0
- package/dist/api-handlers/anon/preferences.d.ts +37 -0
- package/dist/api-handlers/anon/preferences.js +96 -0
- package/dist/api-handlers/auth/jwks.d.ts +2 -0
- package/dist/api-handlers/auth/jwks.js +24 -0
- package/dist/api-handlers/auth/login.d.ts +42 -0
- package/dist/api-handlers/auth/login.js +178 -0
- package/dist/api-handlers/auth/refresh.d.ts +74 -0
- package/dist/api-handlers/auth/refresh.js +635 -0
- package/dist/api-handlers/auth/signout.d.ts +37 -0
- package/dist/api-handlers/auth/signout.js +187 -0
- package/dist/api-handlers/auth/status.d.ts +8 -0
- package/dist/api-handlers/auth/status.js +26 -0
- package/dist/api-handlers/auth/update-session.d.ts +37 -0
- package/dist/api-handlers/auth/update-session.js +95 -0
- package/dist/api-handlers/auth/validate.d.ts +6 -0
- package/dist/api-handlers/auth/validate.js +43 -0
- package/dist/api-handlers/auth/verify-code.d.ts +43 -0
- package/dist/api-handlers/auth/verify-code.js +94 -0
- package/dist/api-handlers/session/refresh-viability.d.ts +14 -0
- package/dist/api-handlers/session/refresh-viability.js +39 -0
- package/dist/api-handlers/session/viability.d.ts +13 -0
- package/dist/api-handlers/session/viability.js +146 -0
- package/dist/api-handlers/test/force-expire.d.ts +23 -0
- package/dist/api-handlers/test/force-expire.js +65 -0
- package/dist/auth/auth-decision.d.ts +39 -0
- package/dist/auth/auth-decision.js +182 -0
- package/dist/auth/auth-options.d.ts +57 -0
- package/dist/auth/auth-options.js +213 -0
- package/dist/auth/callbacks/index.d.ts +6 -0
- package/dist/auth/callbacks/index.js +12 -0
- package/dist/auth/callbacks/jwt.d.ts +45 -0
- package/dist/auth/callbacks/jwt.js +305 -0
- package/dist/auth/callbacks/session.d.ts +60 -0
- package/dist/auth/callbacks/session.js +170 -0
- package/dist/auth/callbacks/signin.d.ts +23 -0
- package/dist/auth/callbacks/signin.js +44 -0
- package/dist/auth/events/index.d.ts +4 -0
- package/dist/auth/events/index.js +8 -0
- package/dist/auth/events/signout.d.ts +17 -0
- package/dist/auth/events/signout.js +32 -0
- package/dist/auth/providers/credentials.d.ts +32 -0
- package/dist/auth/providers/credentials.js +223 -0
- package/dist/auth/providers/index.d.ts +5 -0
- package/dist/auth/providers/index.js +21 -0
- package/dist/auth/providers/oauth.d.ts +26 -0
- package/dist/auth/providers/oauth.js +105 -0
- package/dist/auth/route-config.d.ts +66 -0
- package/dist/auth/route-config.js +190 -0
- package/dist/auth/types/auth-types.d.ts +417 -0
- package/dist/auth/types/auth-types.js +53 -0
- package/dist/auth/types/index.d.ts +6 -0
- package/dist/auth/types/index.js +22 -0
- package/dist/auth/unauthenticated-routes.d.ts +1 -0
- package/dist/auth/unauthenticated-routes.js +19 -0
- package/dist/auth/utils/idp-client.d.ts +94 -0
- package/dist/auth/utils/idp-client.js +383 -0
- package/dist/auth/utils/index.d.ts +5 -0
- package/dist/auth/utils/index.js +21 -0
- package/dist/auth/utils/token-utils.d.ts +84 -0
- package/dist/auth/utils/token-utils.js +219 -0
- package/dist/client/AuthContext.d.ts +19 -0
- package/dist/client/AuthContext.js +112 -0
- package/dist/client/fetch-with-auth.d.ts +11 -0
- package/dist/client/fetch-with-auth.js +44 -0
- package/dist/client/fetchWithSession.d.ts +3 -0
- package/dist/client/fetchWithSession.js +24 -0
- package/dist/client/index.d.ts +9 -0
- package/dist/client/index.js +20 -0
- package/dist/client/useAnonSession.d.ts +36 -0
- package/dist/client/useAnonSession.js +99 -0
- package/dist/components/SessionSync.d.ts +13 -0
- package/dist/components/SessionSync.js +119 -0
- package/dist/components/SignalRHealthCheck.d.ts +10 -0
- package/dist/components/SignalRHealthCheck.js +97 -0
- package/dist/components/account/UserAvatarMenu.d.ts +20 -0
- package/dist/components/account/UserAvatarMenu.js +80 -0
- package/dist/components/account/index.d.ts +7 -0
- package/dist/components/account/index.js +10 -0
- package/dist/components/admin/AlertSettingsTab.d.ts +48 -0
- package/dist/components/admin/AlertSettingsTab.js +351 -0
- package/dist/components/admin/AnalyticsTab.d.ts +22 -0
- package/dist/components/admin/AnalyticsTab.js +167 -0
- package/dist/components/admin/DataBrowserTab.d.ts +19 -0
- package/dist/components/admin/DataBrowserTab.js +252 -0
- package/dist/components/admin/LoggingSettingsTab.d.ts +73 -0
- package/dist/components/admin/LoggingSettingsTab.js +339 -0
- package/dist/components/admin/SessionsTab.d.ts +37 -0
- package/dist/components/admin/SessionsTab.js +165 -0
- package/dist/components/admin/StatsTab.d.ts +53 -0
- package/dist/components/admin/StatsTab.js +161 -0
- package/dist/components/admin/VibeAdminContext.d.ts +32 -0
- package/dist/components/admin/VibeAdminContext.js +38 -0
- package/dist/components/admin/VibeAdminLayout.d.ts +11 -0
- package/dist/components/admin/VibeAdminLayout.js +69 -0
- package/dist/components/admin/index.d.ts +29 -0
- package/dist/components/admin/index.js +44 -0
- package/dist/components/auth/FederatedAuthSection.d.ts +8 -0
- package/dist/components/auth/FederatedAuthSection.js +45 -0
- package/dist/components/auth/ModeAwareLoginPage.d.ts +10 -0
- package/dist/components/auth/ModeAwareLoginPage.js +42 -0
- package/dist/components/auth/ModeAwareSignupPage.d.ts +9 -0
- package/dist/components/auth/ModeAwareSignupPage.js +78 -0
- package/dist/components/auth/TraditionalAuthSection.d.ts +14 -0
- package/dist/components/auth/TraditionalAuthSection.js +20 -0
- package/dist/components/recovery/CompleteStep.d.ts +5 -0
- package/dist/components/recovery/CompleteStep.js +8 -0
- package/dist/components/recovery/InitiateRecoveryStep.d.ts +8 -0
- package/dist/components/recovery/InitiateRecoveryStep.js +20 -0
- package/dist/components/recovery/SelectMethodStep.d.ts +8 -0
- package/dist/components/recovery/SelectMethodStep.js +8 -0
- package/dist/components/recovery/SetPasswordStep.d.ts +6 -0
- package/dist/components/recovery/SetPasswordStep.js +20 -0
- package/dist/components/recovery/VerifyCodeStep.d.ts +10 -0
- package/dist/components/recovery/VerifyCodeStep.js +24 -0
- package/dist/components/reserved/ReservedRecoveryWarning.d.ts +38 -0
- package/dist/components/reserved/ReservedRecoveryWarning.js +92 -0
- package/dist/components/reserved/ReservedStatusBox.d.ts +30 -0
- package/dist/components/reserved/ReservedStatusBox.js +71 -0
- package/dist/components/ui/BetaBadge.d.ts +29 -0
- package/dist/components/ui/BetaBadge.js +38 -0
- package/dist/components/ui/Footer.d.ts +37 -0
- package/dist/components/ui/Footer.js +41 -0
- package/dist/config/env.d.ts +66 -0
- package/dist/config/env.js +57 -0
- package/dist/config/logger.d.ts +57 -0
- package/dist/config/logger.js +73 -0
- package/dist/config/logging-config.d.ts +30 -0
- package/dist/config/logging-config.js +122 -0
- package/dist/config/unauthenticated-routes.d.ts +17 -0
- package/dist/config/unauthenticated-routes.js +24 -0
- package/dist/config/vibe-log-transport.d.ts +79 -0
- package/dist/config/vibe-log-transport.js +203 -0
- package/dist/edge/internal-api-url.d.ts +53 -0
- package/dist/edge/internal-api-url.js +63 -0
- package/dist/edge/middleware.d.ts +14 -0
- package/dist/edge/middleware.js +32 -0
- package/dist/hooks/useAuth.d.ts +23 -0
- package/dist/hooks/useAuth.js +81 -0
- package/dist/hooks/useAuthSettings.d.ts +59 -0
- package/dist/hooks/useAuthSettings.js +93 -0
- package/dist/hooks/useAvailableProviders.d.ts +45 -0
- package/dist/hooks/useAvailableProviders.js +108 -0
- package/dist/hooks/usePasswordValidation.d.ts +27 -0
- package/dist/hooks/usePasswordValidation.js +102 -0
- package/dist/hooks/useProfile.d.ts +15 -0
- package/dist/hooks/useProfile.js +59 -0
- package/dist/hooks/usePublicAuthSettings.d.ts +56 -0
- package/dist/hooks/usePublicAuthSettings.js +131 -0
- package/dist/hooks/useSessionExpiration.d.ts +57 -0
- package/dist/hooks/useSessionExpiration.js +72 -0
- package/dist/hooks/useViabilitySession.d.ts +75 -0
- package/dist/hooks/useViabilitySession.js +268 -0
- package/dist/index.d.ts +12 -0
- package/dist/index.js +54 -0
- package/dist/lib/anon-session.d.ts +74 -0
- package/dist/lib/anon-session.js +169 -0
- package/dist/lib/api-handler.d.ts +123 -0
- package/dist/lib/api-handler.js +478 -0
- package/dist/lib/app-slug.d.ts +95 -0
- package/dist/lib/app-slug.js +172 -0
- package/dist/lib/demo-mode.d.ts +6 -0
- package/dist/lib/demo-mode.js +16 -0
- package/dist/lib/geolocation.d.ts +64 -0
- package/dist/lib/geolocation.js +235 -0
- package/dist/lib/idp-client-config.d.ts +75 -0
- package/dist/lib/idp-client-config.js +351 -0
- package/dist/lib/idp-fetch.d.ts +14 -0
- package/dist/lib/idp-fetch.js +91 -0
- package/dist/lib/internal-api.d.ts +87 -0
- package/dist/lib/internal-api.js +122 -0
- package/dist/lib/jwt-decode-client.d.ts +10 -0
- package/dist/lib/jwt-decode-client.js +46 -0
- package/dist/lib/jwt-decode.d.ts +48 -0
- package/dist/lib/jwt-decode.js +57 -0
- package/dist/lib/nextauth-secret.d.ts +10 -0
- package/dist/lib/nextauth-secret.js +104 -0
- package/dist/lib/rate-limit-service.d.ts +23 -0
- package/dist/lib/rate-limit-service.js +6 -0
- package/dist/lib/redis.d.ts +5 -0
- package/dist/lib/redis.js +28 -0
- package/dist/lib/refresh-token-validator.d.ts +13 -0
- package/dist/lib/refresh-token-validator.js +117 -0
- package/dist/lib/roles.d.ts +145 -0
- package/dist/lib/roles.js +168 -0
- package/dist/lib/secret-validation.d.ts +4 -0
- package/dist/lib/secret-validation.js +14 -0
- package/dist/lib/session-store.d.ts +166 -0
- package/dist/lib/session-store.js +537 -0
- package/dist/lib/session.d.ts +21 -0
- package/dist/lib/session.js +26 -0
- package/dist/lib/site-logger.d.ts +214 -0
- package/dist/lib/site-logger.js +210 -0
- package/dist/lib/standardized-client-api.d.ts +161 -0
- package/dist/lib/standardized-client-api.js +786 -0
- package/dist/lib/startup-init.d.ts +40 -0
- package/dist/lib/startup-init.js +261 -0
- package/dist/lib/test-aware-get-token.d.ts +2 -0
- package/dist/lib/test-aware-get-token.js +81 -0
- package/dist/lib/token-expiry.d.ts +14 -0
- package/dist/lib/token-expiry.js +39 -0
- package/dist/lib/token-lifecycle.d.ts +52 -0
- package/dist/lib/token-lifecycle.js +398 -0
- package/dist/lib/types/api-responses.d.ts +128 -0
- package/dist/lib/types/api-responses.js +171 -0
- package/dist/lib/user-agent-parser.d.ts +50 -0
- package/dist/lib/user-agent-parser.js +220 -0
- package/dist/logging/api/admin-analytics.d.ts +3 -0
- package/dist/logging/api/admin-analytics.js +45 -0
- package/dist/logging/api/audit-log.d.ts +3 -0
- package/dist/logging/api/audit-log.js +52 -0
- package/dist/logging/components/AdminAnalyticsLayout.d.ts +10 -0
- package/dist/logging/components/AdminAnalyticsLayout.js +11 -0
- package/dist/logging/components/AuditLogViewer.d.ts +7 -0
- package/dist/logging/components/AuditLogViewer.js +51 -0
- package/dist/logging/components/ErrorMetricsCard.d.ts +7 -0
- package/dist/logging/components/ErrorMetricsCard.js +16 -0
- package/dist/logging/components/HealthMetricsCard.d.ts +7 -0
- package/dist/logging/components/HealthMetricsCard.js +19 -0
- package/dist/logging/hooks/useAdminAnalytics.d.ts +24 -0
- package/dist/logging/hooks/useAdminAnalytics.js +22 -0
- package/dist/logging/hooks/useAuditLog.d.ts +6 -0
- package/dist/logging/hooks/useAuditLog.js +25 -0
- package/dist/logging/hooks/useErrorMetrics.d.ts +6 -0
- package/dist/logging/hooks/useErrorMetrics.js +38 -0
- package/dist/logging/hooks/useHealthMetrics.d.ts +6 -0
- package/dist/logging/hooks/useHealthMetrics.js +41 -0
- package/dist/logging/index.d.ts +11 -0
- package/dist/logging/index.js +40 -0
- package/dist/logging/types/analytics.d.ts +68 -0
- package/dist/logging/types/analytics.js +3 -0
- package/dist/logging/types/audit.d.ts +29 -0
- package/dist/logging/types/audit.js +2 -0
- package/dist/logging/types/index.d.ts +2 -0
- package/dist/logging/types/index.js +19 -0
- package/dist/middleware/auth-decision.d.ts +33 -0
- package/dist/middleware/auth-decision.js +65 -0
- package/dist/middleware/create-middleware.d.ts +100 -0
- package/dist/middleware/create-middleware.js +445 -0
- package/dist/middleware/rbac-check.d.ts +44 -0
- package/dist/middleware/rbac-check.js +191 -0
- package/dist/middleware/twofa-presets.d.ts +134 -0
- package/dist/middleware/twofa-presets.js +175 -0
- package/dist/models/DecodedAccessToken.d.ts +17 -0
- package/dist/models/DecodedAccessToken.js +2 -0
- package/dist/models/SessionModel.d.ts +122 -0
- package/dist/models/SessionModel.js +136 -0
- package/dist/pages/admin-login/page.d.ts +31 -0
- package/dist/pages/admin-login/page.js +83 -0
- package/dist/pages/admin-roles/RolesAdminPage.d.ts +15 -0
- package/dist/pages/admin-roles/RolesAdminPage.js +78 -0
- package/dist/pages/admin-roles/index.d.ts +8 -0
- package/dist/pages/admin-roles/index.js +15 -0
- package/dist/pages/admin-roles/modals.d.ts +72 -0
- package/dist/pages/admin-roles/modals.js +154 -0
- package/dist/pages/client-admin/ClientSiteAdminPage.d.ts +79 -0
- package/dist/pages/client-admin/ClientSiteAdminPage.js +177 -0
- package/dist/pages/client-admin/index.d.ts +32 -0
- package/dist/pages/client-admin/index.js +37 -0
- package/dist/pages/login/page.d.ts +22 -0
- package/dist/pages/login/page.js +239 -0
- package/dist/pages/profile/EnhancedProfilePage.d.ts +13 -0
- package/dist/pages/profile/EnhancedProfilePage.js +150 -0
- package/dist/pages/profile/index.d.ts +8 -0
- package/dist/pages/profile/index.js +16 -0
- package/dist/pages/profile/page.d.ts +19 -0
- package/dist/pages/profile/page.js +47 -0
- package/dist/pages/profile/profile-patch.d.ts +1 -0
- package/dist/pages/profile/profile-patch.js +281 -0
- package/dist/pages/recovery/page.d.ts +1 -0
- package/dist/pages/recovery/page.js +142 -0
- package/dist/pages/roles/MyRolesPage.d.ts +24 -0
- package/dist/pages/roles/MyRolesPage.js +71 -0
- package/dist/pages/roles/components.d.ts +63 -0
- package/dist/pages/roles/components.js +108 -0
- package/dist/pages/roles/index.d.ts +8 -0
- package/dist/pages/roles/index.js +19 -0
- package/dist/pages/security/EnhancedSecurityPage.d.ts +14 -0
- package/dist/pages/security/EnhancedSecurityPage.js +248 -0
- package/dist/pages/security/index.d.ts +8 -0
- package/dist/pages/security/index.js +16 -0
- package/dist/pages/security/page.d.ts +21 -0
- package/dist/pages/security/page.js +212 -0
- package/dist/pages/security/security-patch.d.ts +1 -0
- package/dist/pages/security/security-patch.js +302 -0
- package/dist/pages/settings/EnhancedSettingsPage.d.ts +46 -0
- package/dist/pages/settings/EnhancedSettingsPage.js +231 -0
- package/dist/pages/settings/index.d.ts +8 -0
- package/dist/pages/settings/index.js +16 -0
- package/dist/pages/settings/page.d.ts +7 -0
- package/dist/pages/settings/page.js +26 -0
- package/dist/pages/showcase/ShowcasePage.d.ts +13 -0
- package/dist/pages/showcase/ShowcasePage.js +140 -0
- package/dist/pages/showcase/index.d.ts +12 -0
- package/dist/pages/showcase/index.js +17 -0
- package/dist/pages/test-env/EmergencyLogoutPage.d.ts +14 -0
- package/dist/pages/test-env/EmergencyLogoutPage.js +98 -0
- package/dist/pages/test-env/JwtInspectPage.d.ts +14 -0
- package/dist/pages/test-env/JwtInspectPage.js +114 -0
- package/dist/pages/test-env/RefreshTokenPage.d.ts +15 -0
- package/dist/pages/test-env/RefreshTokenPage.js +91 -0
- package/dist/pages/test-env/TestEnvPage.d.ts +13 -0
- package/dist/pages/test-env/TestEnvPage.js +49 -0
- package/dist/pages/test-env/index.d.ts +24 -0
- package/dist/pages/test-env/index.js +32 -0
- package/dist/pages/verify-code/page.d.ts +30 -0
- package/dist/pages/verify-code/page.js +408 -0
- package/dist/routes/account/index.d.ts +28 -0
- package/dist/routes/account/index.js +71 -0
- package/dist/routes/account/masked-info.d.ts +33 -0
- package/dist/routes/account/masked-info.js +39 -0
- package/dist/routes/account/send-code.d.ts +37 -0
- package/dist/routes/account/send-code.js +42 -0
- package/dist/routes/account/update-phone.d.ts +13 -0
- package/dist/routes/account/update-phone.js +17 -0
- package/dist/routes/account/verify-email.d.ts +38 -0
- package/dist/routes/account/verify-email.js +43 -0
- package/dist/routes/account/verify-sms.d.ts +38 -0
- package/dist/routes/account/verify-sms.js +43 -0
- package/dist/routes/auth/index.d.ts +19 -0
- package/dist/routes/auth/index.js +64 -0
- package/dist/routes/auth/logout.d.ts +31 -0
- package/dist/routes/auth/logout.js +113 -0
- package/dist/routes/auth/nextauth.d.ts +19 -0
- package/dist/routes/auth/nextauth.js +72 -0
- package/dist/routes/auth/refresh.d.ts +30 -0
- package/dist/routes/auth/refresh.js +51 -0
- package/dist/routes/auth/session.d.ts +72 -0
- package/dist/routes/auth/session.js +180 -0
- package/dist/routes/auth/settings.d.ts +25 -0
- package/dist/routes/auth/settings.js +55 -0
- package/dist/routes/auth/viability.d.ts +52 -0
- package/dist/routes/auth/viability.js +201 -0
- package/dist/routes/index.d.ts +12 -0
- package/dist/routes/index.js +54 -0
- package/dist/routes/session/index.d.ts +6 -0
- package/dist/routes/session/index.js +10 -0
- package/dist/routes/session/refresh-viability.d.ts +16 -0
- package/dist/routes/session/refresh-viability.js +20 -0
- package/dist/services/signalrActivityService.d.ts +44 -0
- package/dist/services/signalrActivityService.js +257 -0
- package/dist/stores/authStore.d.ts +154 -0
- package/dist/stores/authStore.js +1531 -0
- package/dist/theme/ThemeProvider.d.ts +14 -0
- package/dist/theme/ThemeProvider.js +28 -0
- package/dist/theme/default.d.ts +8 -0
- package/dist/theme/default.js +33 -0
- package/dist/theme/index.d.ts +15 -0
- package/dist/theme/index.js +25 -0
- package/dist/theme/types.d.ts +56 -0
- package/dist/theme/types.js +8 -0
- package/dist/theme/useTheme.d.ts +60 -0
- package/dist/theme/useTheme.js +63 -0
- package/dist/theme/utils.d.ts +13 -0
- package/dist/theme/utils.js +39 -0
- package/dist/types/api.d.ts +134 -0
- package/dist/types/api.js +44 -0
- package/dist/types/auth.d.ts +19 -0
- package/dist/types/auth.js +2 -0
- package/dist/types/logging.d.ts +42 -0
- package/dist/types/logging.js +2 -0
- package/dist/types/recovery.d.ts +48 -0
- package/dist/types/recovery.js +2 -0
- package/dist/types/security.d.ts +1 -0
- package/dist/types/security.js +2 -0
- package/dist/utils/api.d.ts +85 -0
- package/dist/utils/api.js +287 -0
- package/dist/utils/circuitBreaker.d.ts +43 -0
- package/dist/utils/circuitBreaker.js +91 -0
- package/dist/utils/error-message.d.ts +1 -0
- package/dist/utils/error-message.js +103 -0
- package/dist/utils/layout/reservedSpace.d.ts +59 -0
- package/dist/utils/layout/reservedSpace.js +102 -0
- package/dist/utils/logout.d.ts +14 -0
- package/dist/utils/logout.js +32 -0
- package/dist/vibe/client.d.ts +261 -0
- package/dist/vibe/client.js +445 -0
- package/dist/vibe/errors.d.ts +83 -0
- package/dist/vibe/errors.js +146 -0
- package/dist/vibe/generic.d.ts +234 -0
- package/dist/vibe/generic.js +369 -0
- package/dist/vibe/hooks/index.d.ts +169 -0
- package/dist/vibe/hooks/index.js +252 -0
- package/dist/vibe/index.d.ts +23 -0
- package/dist/vibe/index.js +67 -0
- package/dist/vibe/sessions.d.ts +161 -0
- package/dist/vibe/sessions.js +391 -0
- package/dist/vibe/types.d.ts +353 -0
- package/dist/vibe/types.js +315 -0
- package/package.json +855 -0
- package/scripts/check-internal-url-usage.sh +73 -0
- package/scripts/dev-broker.ps1 +35 -0
- package/scripts/dev-local.ps1 +45 -0
- package/src/api/auth-handler.ts +550 -0
- package/src/api/index.ts +18 -0
- package/src/api-handlers/account/change-password.ts +145 -0
- package/src/api-handlers/account/masked-info.ts +45 -0
- package/src/api-handlers/account/profile.ts +80 -0
- package/src/api-handlers/account/recovery/initiate.ts +23 -0
- package/src/api-handlers/account/recovery/send-code.ts +25 -0
- package/src/api-handlers/account/recovery/verify-code.ts +25 -0
- package/src/api-handlers/account/reset-password.ts +23 -0
- package/src/api-handlers/account/send-code.ts +76 -0
- package/src/api-handlers/account/update-phone.ts +79 -0
- package/src/api-handlers/account/validate-password.ts +118 -0
- package/src/api-handlers/account/verify-email.ts +125 -0
- package/src/api-handlers/account/verify-sms.ts +125 -0
- package/src/api-handlers/admin/analytics.ts +445 -0
- package/src/api-handlers/admin/audit.ts +225 -0
- package/src/api-handlers/admin/index.ts +59 -0
- package/src/api-handlers/admin/redis-sessions.ts +253 -0
- package/src/api-handlers/admin/sessions.ts +320 -0
- package/src/api-handlers/admin/site-logs.ts +367 -0
- package/src/api-handlers/admin/users.ts +244 -0
- package/src/api-handlers/admin/vibe-data.ts +326 -0
- package/src/api-handlers/anon/preferences.ts +123 -0
- package/src/api-handlers/auth/jwks.ts +20 -0
- package/src/api-handlers/auth/login.ts +240 -0
- package/src/api-handlers/auth/refresh.ts +687 -0
- package/src/api-handlers/auth/signout.ts +212 -0
- package/src/api-handlers/auth/status.ts +23 -0
- package/src/api-handlers/auth/update-session.ts +125 -0
- package/src/api-handlers/auth/validate.ts +44 -0
- package/src/api-handlers/auth/verify-code.ts +129 -0
- package/src/api-handlers/session/refresh-viability.ts +36 -0
- package/src/api-handlers/session/viability.ts +166 -0
- package/src/api-handlers/test/force-expire.ts +67 -0
- package/src/auth/auth-decision.ts +230 -0
- package/src/auth/auth-options.ts +237 -0
- package/src/auth/callbacks/index.ts +7 -0
- package/src/auth/callbacks/jwt.ts +382 -0
- package/src/auth/callbacks/session.ts +243 -0
- package/src/auth/callbacks/signin.ts +56 -0
- package/src/auth/events/index.ts +5 -0
- package/src/auth/events/signout.ts +33 -0
- package/src/auth/providers/credentials.ts +256 -0
- package/src/auth/providers/index.ts +6 -0
- package/src/auth/providers/oauth.ts +114 -0
- package/src/auth/route-config.ts +220 -0
- package/src/auth/types/auth-types.ts +555 -0
- package/src/auth/types/index.ts +7 -0
- package/src/auth/unauthenticated-routes.ts +3 -0
- package/src/auth/utils/idp-client.ts +444 -0
- package/src/auth/utils/index.ts +6 -0
- package/src/auth/utils/token-utils.ts +244 -0
- package/src/client/AuthContext.tsx +140 -0
- package/src/client/fetch-with-auth.ts +48 -0
- package/src/client/fetchWithSession.ts +21 -0
- package/src/client/index.ts +13 -0
- package/src/client/useAnonSession.ts +131 -0
- package/src/components/SessionSync.tsx +137 -0
- package/src/components/SignalRHealthCheck.tsx +131 -0
- package/src/components/account/UserAvatarMenu.tsx +217 -0
- package/src/components/account/index.ts +8 -0
- package/src/components/admin/AlertSettingsTab.tsx +728 -0
- package/src/components/admin/AnalyticsTab.tsx +703 -0
- package/src/components/admin/DataBrowserTab.tsx +505 -0
- package/src/components/admin/LoggingSettingsTab.tsx +665 -0
- package/src/components/admin/SessionsTab.tsx +414 -0
- package/src/components/admin/StatsTab.tsx +379 -0
- package/src/components/admin/VibeAdminContext.tsx +87 -0
- package/src/components/admin/VibeAdminLayout.tsx +185 -0
- package/src/components/admin/index.ts +59 -0
- package/src/components/auth/FederatedAuthSection.tsx +95 -0
- package/src/components/auth/ModeAwareLoginPage.tsx +135 -0
- package/src/components/auth/ModeAwareSignupPage.tsx +267 -0
- package/src/components/auth/TraditionalAuthSection.tsx +99 -0
- package/src/components/recovery/CompleteStep.tsx +36 -0
- package/src/components/recovery/InitiateRecoveryStep.tsx +68 -0
- package/src/components/recovery/SelectMethodStep.tsx +73 -0
- package/src/components/recovery/SetPasswordStep.tsx +97 -0
- package/src/components/recovery/VerifyCodeStep.tsx +90 -0
- package/src/components/reserved/ReservedRecoveryWarning.tsx +160 -0
- package/src/components/reserved/ReservedStatusBox.tsx +118 -0
- package/src/components/ui/BetaBadge.tsx +58 -0
- package/src/components/ui/Footer.tsx +93 -0
- package/src/config/env.ts +57 -0
- package/src/config/logger.ts +62 -0
- package/src/config/logging-config.ts +82 -0
- package/src/config/unauthenticated-routes.ts +19 -0
- package/src/config/vibe-log-transport.ts +250 -0
- package/src/edge/internal-api-url.ts +65 -0
- package/src/edge/middleware.ts +42 -0
- package/src/hooks/useAuth.ts +115 -0
- package/src/hooks/useAuthSettings.ts +97 -0
- package/src/hooks/useAvailableProviders.ts +118 -0
- package/src/hooks/usePasswordValidation.ts +127 -0
- package/src/hooks/useProfile.ts +75 -0
- package/src/hooks/usePublicAuthSettings.ts +149 -0
- package/src/hooks/useSessionExpiration.ts +102 -0
- package/src/hooks/useViabilitySession.ts +335 -0
- package/src/index.ts +63 -0
- package/src/lib/anon-session.ts +213 -0
- package/src/lib/api-handler.ts +625 -0
- package/src/lib/app-slug.ts +178 -0
- package/src/lib/demo-mode.ts +13 -0
- package/src/lib/geolocation.ts +265 -0
- package/src/lib/idp-client-config.ts +442 -0
- package/src/lib/idp-fetch.ts +101 -0
- package/src/lib/internal-api.ts +171 -0
- package/src/lib/jwt-decode-client.ts +45 -0
- package/src/lib/jwt-decode.ts +83 -0
- package/src/lib/nextauth-secret.ts +126 -0
- package/src/lib/rate-limit-service.ts +9 -0
- package/src/lib/redis.ts +27 -0
- package/src/lib/refresh-token-validator.ts +64 -0
- package/src/lib/roles.ts +177 -0
- package/src/lib/secret-validation.ts +8 -0
- package/src/lib/session-store.ts +637 -0
- package/src/lib/session.ts +34 -0
- package/src/lib/site-logger.ts +245 -0
- package/src/lib/standardized-client-api.ts +896 -0
- package/src/lib/startup-init.ts +247 -0
- package/src/lib/test-aware-get-token.ts +30 -0
- package/src/lib/token-expiry.ts +40 -0
- package/src/lib/token-lifecycle.ts +477 -0
- package/src/lib/types/api-responses.ts +336 -0
- package/src/lib/user-agent-parser.ts +252 -0
- package/src/logging/api/admin-analytics.ts +51 -0
- package/src/logging/api/audit-log.ts +53 -0
- package/src/logging/components/AdminAnalyticsLayout.tsx +49 -0
- package/src/logging/components/AuditLogViewer.tsx +125 -0
- package/src/logging/components/ErrorMetricsCard.tsx +98 -0
- package/src/logging/components/HealthMetricsCard.tsx +70 -0
- package/src/logging/hooks/useAdminAnalytics.ts +22 -0
- package/src/logging/hooks/useAuditLog.ts +24 -0
- package/src/logging/hooks/useErrorMetrics.ts +40 -0
- package/src/logging/hooks/useHealthMetrics.ts +44 -0
- package/src/logging/index.ts +18 -0
- package/src/logging/types/analytics.ts +81 -0
- package/src/logging/types/audit.ts +31 -0
- package/src/logging/types/index.ts +3 -0
- package/src/middleware/auth-decision.ts +43 -0
- package/src/middleware/create-middleware.ts +626 -0
- package/src/middleware/rbac-check.ts +244 -0
- package/src/middleware/twofa-presets.ts +224 -0
- package/src/models/DecodedAccessToken.ts +17 -0
- package/src/models/SessionModel.ts +258 -0
- package/src/pages/admin-login/page.tsx +229 -0
- package/src/pages/admin-roles/RolesAdminPage.tsx +357 -0
- package/src/pages/admin-roles/index.ts +9 -0
- package/src/pages/admin-roles/modals.tsx +469 -0
- package/src/pages/client-admin/ClientSiteAdminPage.tsx +380 -0
- package/src/pages/client-admin/index.ts +33 -0
- package/src/pages/login/page.tsx +463 -0
- package/src/pages/profile/EnhancedProfilePage.tsx +479 -0
- package/src/pages/profile/index.ts +9 -0
- package/src/pages/profile/page.tsx +166 -0
- package/src/pages/recovery/page.tsx +234 -0
- package/src/pages/roles/MyRolesPage.tsx +211 -0
- package/src/pages/roles/components.tsx +294 -0
- package/src/pages/roles/index.ts +17 -0
- package/src/pages/security/EnhancedSecurityPage.tsx +574 -0
- package/src/pages/security/index.ts +9 -0
- package/src/pages/security/page.tsx +507 -0
- package/src/pages/settings/EnhancedSettingsPage.tsx +642 -0
- package/src/pages/settings/index.ts +9 -0
- package/src/pages/settings/page.tsx +47 -0
- package/src/pages/showcase/ShowcasePage.tsx +530 -0
- package/src/pages/showcase/index.ts +13 -0
- package/src/pages/test-env/EmergencyLogoutPage.tsx +179 -0
- package/src/pages/test-env/JwtInspectPage.tsx +418 -0
- package/src/pages/test-env/RefreshTokenPage.tsx +155 -0
- package/src/pages/test-env/TestEnvPage.tsx +116 -0
- package/src/pages/test-env/index.ts +25 -0
- package/src/pages/verify-code/page.tsx +648 -0
- package/src/routes/account/index.ts +32 -0
- package/src/routes/account/masked-info.ts +37 -0
- package/src/routes/account/send-code.ts +40 -0
- package/src/routes/account/update-phone.ts +13 -0
- package/src/routes/account/verify-email.ts +41 -0
- package/src/routes/account/verify-sms.ts +41 -0
- package/src/routes/auth/index.ts +23 -0
- package/src/routes/auth/logout.ts +127 -0
- package/src/routes/auth/nextauth.ts +71 -0
- package/src/routes/auth/refresh.ts +54 -0
- package/src/routes/auth/session.ts +193 -0
- package/src/routes/auth/settings.ts +75 -0
- package/src/routes/auth/viability.ts +220 -0
- package/src/routes/index.ts +18 -0
- package/src/routes/session/index.ts +7 -0
- package/src/routes/session/refresh-viability.ts +17 -0
- package/src/services/signalrActivityService.ts +258 -0
- package/src/stores/authStore.ts +1904 -0
- package/src/templates/instrumentation.ts +41 -0
- package/src/theme/ThemeProvider.tsx +39 -0
- package/src/theme/default.ts +33 -0
- package/src/theme/index.ts +31 -0
- package/src/theme/types.ts +69 -0
- package/src/theme/useTheme.ts +57 -0
- package/src/theme/utils.ts +40 -0
- package/src/types/api.ts +13 -0
- package/src/types/auth.d.ts +15 -0
- package/src/types/auth.ts +22 -0
- package/src/types/logging.ts +11 -0
- package/src/types/next-auth.d.ts +15 -0
- package/src/types/recovery.ts +54 -0
- package/src/types/security.ts +1 -0
- package/src/utils/api.ts +353 -0
- package/src/utils/circuitBreaker.ts +40 -0
- package/src/utils/error-message.ts +108 -0
- package/src/utils/layout/reservedSpace.ts +124 -0
- package/src/utils/logout.ts +30 -0
- package/src/vibe/client.ts +590 -0
- package/src/vibe/errors.ts +185 -0
- package/src/vibe/generic.ts +429 -0
- package/src/vibe/hooks/index.ts +367 -0
- package/src/vibe/index.ts +121 -0
- package/src/vibe/sessions.ts +551 -0
- package/src/vibe/types.ts +577 -0
|
@@ -0,0 +1,469 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Role Modals for @payez/next-mvp
|
|
3
|
+
*
|
|
4
|
+
* - RoleEditorModal: Create/edit roles with permissions
|
|
5
|
+
* - UserRoleAssignerModal: Assign roles to users
|
|
6
|
+
*
|
|
7
|
+
* Security Addendum implemented:
|
|
8
|
+
* - Role name validation (3-50 chars, lowercase alphanumeric + underscore, no payez_ prefix)
|
|
9
|
+
* - Last admin warning
|
|
10
|
+
* - IDP roles read-only
|
|
11
|
+
* - Self-assignment warning
|
|
12
|
+
*
|
|
13
|
+
* @see docs/specs/ROLES_MANAGEMENT_SPEC.md
|
|
14
|
+
*/
|
|
15
|
+
|
|
16
|
+
'use client';
|
|
17
|
+
|
|
18
|
+
import { useState, useEffect } from 'react';
|
|
19
|
+
|
|
20
|
+
// ============================================================================
|
|
21
|
+
// TYPES
|
|
22
|
+
// ============================================================================
|
|
23
|
+
|
|
24
|
+
interface PagePermission {
|
|
25
|
+
page_permission_id: number;
|
|
26
|
+
route_pattern: string;
|
|
27
|
+
display_name: string;
|
|
28
|
+
requires_2fa: boolean;
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
interface Role {
|
|
32
|
+
role_id?: number;
|
|
33
|
+
role_name: string;
|
|
34
|
+
display_name?: string;
|
|
35
|
+
description?: string;
|
|
36
|
+
page_permissions?: string[];
|
|
37
|
+
requires_2fa?: boolean;
|
|
38
|
+
is_system_role?: boolean;
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
interface User {
|
|
42
|
+
user_id: number;
|
|
43
|
+
email: string;
|
|
44
|
+
full_name?: string;
|
|
45
|
+
roles: {
|
|
46
|
+
idp: string[];
|
|
47
|
+
app: string[];
|
|
48
|
+
};
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
// ============================================================================
|
|
52
|
+
// VALIDATION
|
|
53
|
+
// ============================================================================
|
|
54
|
+
|
|
55
|
+
// Role name validation (Security Addendum)
|
|
56
|
+
function validateRoleName(name: string): { valid: boolean; error?: string } {
|
|
57
|
+
if (!name) return { valid: false, error: 'Role name is required' };
|
|
58
|
+
if (name.length < 3) return { valid: false, error: 'Role name must be at least 3 characters' };
|
|
59
|
+
if (name.length > 50) return { valid: false, error: 'Role name must be at most 50 characters' };
|
|
60
|
+
if (!/^[a-z0-9_]+$/.test(name)) return { valid: false, error: 'Only lowercase letters, numbers, and underscores allowed' };
|
|
61
|
+
if (name.startsWith('payez_')) return { valid: false, error: 'Role name cannot start with "payez_"' };
|
|
62
|
+
return { valid: true };
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
// ============================================================================
|
|
66
|
+
// ROLE EDITOR MODAL
|
|
67
|
+
// ============================================================================
|
|
68
|
+
|
|
69
|
+
/**
|
|
70
|
+
* RoleEditorModal - Create or edit a role
|
|
71
|
+
*/
|
|
72
|
+
export function RoleEditorModal({
|
|
73
|
+
role,
|
|
74
|
+
pagePermissions,
|
|
75
|
+
adminAccessiblePages,
|
|
76
|
+
onSave,
|
|
77
|
+
onClose,
|
|
78
|
+
isDark = true,
|
|
79
|
+
}: {
|
|
80
|
+
role?: Role;
|
|
81
|
+
pagePermissions: PagePermission[];
|
|
82
|
+
adminAccessiblePages?: string[];
|
|
83
|
+
onSave: (data: {
|
|
84
|
+
role_name: string;
|
|
85
|
+
display_name?: string;
|
|
86
|
+
description?: string;
|
|
87
|
+
page_permissions: string[];
|
|
88
|
+
requires_2fa: boolean;
|
|
89
|
+
}) => Promise<void>;
|
|
90
|
+
onClose: () => void;
|
|
91
|
+
isDark?: boolean;
|
|
92
|
+
}) {
|
|
93
|
+
const isEditing = !!role?.role_id;
|
|
94
|
+
|
|
95
|
+
// Form state
|
|
96
|
+
const [roleName, setRoleName] = useState(role?.role_name || '');
|
|
97
|
+
const [displayName, setDisplayName] = useState(role?.display_name || '');
|
|
98
|
+
const [description, setDescription] = useState(role?.description || '');
|
|
99
|
+
const [selectedPermissions, setSelectedPermissions] = useState<string[]>(role?.page_permissions || []);
|
|
100
|
+
const [requires2FA, setRequires2FA] = useState(role?.requires_2fa || false);
|
|
101
|
+
const [error, setError] = useState('');
|
|
102
|
+
const [saving, setSaving] = useState(false);
|
|
103
|
+
|
|
104
|
+
// Role name validation
|
|
105
|
+
const [nameValidation, setNameValidation] = useState<{ valid: boolean; error?: string }>({ valid: true });
|
|
106
|
+
|
|
107
|
+
useEffect(() => {
|
|
108
|
+
if (!isEditing && roleName) {
|
|
109
|
+
setNameValidation(validateRoleName(roleName));
|
|
110
|
+
}
|
|
111
|
+
}, [roleName, isEditing]);
|
|
112
|
+
|
|
113
|
+
// Filter permissions based on admin access (Security Addendum)
|
|
114
|
+
const availablePermissions = adminAccessiblePages
|
|
115
|
+
? pagePermissions.filter((p) =>
|
|
116
|
+
adminAccessiblePages.some((ap) => p.route_pattern.startsWith(ap.replace('*', '')))
|
|
117
|
+
)
|
|
118
|
+
: pagePermissions;
|
|
119
|
+
|
|
120
|
+
const handleSubmit = async (e: React.FormEvent) => {
|
|
121
|
+
e.preventDefault();
|
|
122
|
+
setError('');
|
|
123
|
+
|
|
124
|
+
if (!isEditing) {
|
|
125
|
+
const validation = validateRoleName(roleName);
|
|
126
|
+
if (!validation.valid) {
|
|
127
|
+
setError(validation.error || 'Invalid role name');
|
|
128
|
+
return;
|
|
129
|
+
}
|
|
130
|
+
}
|
|
131
|
+
|
|
132
|
+
try {
|
|
133
|
+
setSaving(true);
|
|
134
|
+
await onSave({
|
|
135
|
+
role_name: roleName,
|
|
136
|
+
display_name: displayName || undefined,
|
|
137
|
+
description: description || undefined,
|
|
138
|
+
page_permissions: selectedPermissions,
|
|
139
|
+
requires_2fa: requires2FA,
|
|
140
|
+
});
|
|
141
|
+
onClose();
|
|
142
|
+
} catch (err) {
|
|
143
|
+
setError(err instanceof Error ? err.message : 'Failed to save role');
|
|
144
|
+
} finally {
|
|
145
|
+
setSaving(false);
|
|
146
|
+
}
|
|
147
|
+
};
|
|
148
|
+
|
|
149
|
+
const togglePermission = (pattern: string) => {
|
|
150
|
+
setSelectedPermissions((prev) =>
|
|
151
|
+
prev.includes(pattern) ? prev.filter((p) => p !== pattern) : [...prev, pattern]
|
|
152
|
+
);
|
|
153
|
+
};
|
|
154
|
+
|
|
155
|
+
// Theme colors
|
|
156
|
+
const modalBg = isDark ? 'bg-slate-800' : 'bg-white';
|
|
157
|
+
const borderColor = isDark ? 'border-slate-700' : 'border-gray-200';
|
|
158
|
+
const textPrimary = isDark ? 'text-white' : 'text-gray-900';
|
|
159
|
+
const textMuted = isDark ? 'text-slate-400' : 'text-gray-500';
|
|
160
|
+
const inputBg = isDark ? 'bg-slate-700' : 'bg-white';
|
|
161
|
+
const inputBorder = isDark ? 'border-slate-600' : 'border-gray-300';
|
|
162
|
+
|
|
163
|
+
return (
|
|
164
|
+
<div className="fixed inset-0 z-50 flex items-center justify-center bg-black/50">
|
|
165
|
+
<div className={`w-full max-w-lg mx-4 rounded-lg shadow-xl ${modalBg} border ${borderColor} max-h-[90vh] overflow-hidden flex flex-col`}>
|
|
166
|
+
{/* Header */}
|
|
167
|
+
<div className={`px-6 py-4 border-b ${borderColor} flex items-center justify-between`}>
|
|
168
|
+
<h3 className={`text-lg font-semibold ${textPrimary}`}>
|
|
169
|
+
{isEditing ? `Edit Role: ${role?.role_name}` : 'Create New Role'}
|
|
170
|
+
</h3>
|
|
171
|
+
<button onClick={onClose} className={textMuted}>
|
|
172
|
+
<svg className="w-5 h-5" fill="none" viewBox="0 0 24 24" stroke="currentColor">
|
|
173
|
+
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M6 18L18 6M6 6l12 12" />
|
|
174
|
+
</svg>
|
|
175
|
+
</button>
|
|
176
|
+
</div>
|
|
177
|
+
|
|
178
|
+
{/* Form */}
|
|
179
|
+
<form onSubmit={handleSubmit} className="flex-1 overflow-y-auto">
|
|
180
|
+
<div className="px-6 py-4 space-y-4">
|
|
181
|
+
{/* Role Name */}
|
|
182
|
+
<div>
|
|
183
|
+
<label className={`block text-sm font-medium mb-1 ${textMuted}`}>
|
|
184
|
+
Role Name <span className="text-red-500">*</span>
|
|
185
|
+
</label>
|
|
186
|
+
<input
|
|
187
|
+
type="text"
|
|
188
|
+
value={roleName}
|
|
189
|
+
onChange={(e) => setRoleName(e.target.value.toLowerCase().replace(/[^a-z0-9_]/g, ''))}
|
|
190
|
+
disabled={isEditing}
|
|
191
|
+
className={`w-full px-3 py-2 rounded-md border ${inputBorder} ${inputBg} ${textPrimary} ${isEditing ? 'opacity-50 cursor-not-allowed' : ''} font-mono`}
|
|
192
|
+
placeholder="e.g., content_editor"
|
|
193
|
+
/>
|
|
194
|
+
{!isEditing && roleName && !nameValidation.valid && (
|
|
195
|
+
<p className="mt-1 text-sm text-red-500">{nameValidation.error}</p>
|
|
196
|
+
)}
|
|
197
|
+
{!isEditing && (
|
|
198
|
+
<p className={`mt-1 text-xs ${textMuted}`}>
|
|
199
|
+
3-50 characters, lowercase letters, numbers, underscores only
|
|
200
|
+
</p>
|
|
201
|
+
)}
|
|
202
|
+
</div>
|
|
203
|
+
|
|
204
|
+
{/* Display Name */}
|
|
205
|
+
<div>
|
|
206
|
+
<label className={`block text-sm font-medium mb-1 ${textMuted}`}>Display Name</label>
|
|
207
|
+
<input
|
|
208
|
+
type="text"
|
|
209
|
+
value={displayName}
|
|
210
|
+
onChange={(e) => setDisplayName(e.target.value)}
|
|
211
|
+
className={`w-full px-3 py-2 rounded-md border ${inputBorder} ${inputBg} ${textPrimary}`}
|
|
212
|
+
placeholder="e.g., Content Editor"
|
|
213
|
+
/>
|
|
214
|
+
</div>
|
|
215
|
+
|
|
216
|
+
{/* Description */}
|
|
217
|
+
<div>
|
|
218
|
+
<label className={`block text-sm font-medium mb-1 ${textMuted}`}>Description</label>
|
|
219
|
+
<textarea
|
|
220
|
+
value={description}
|
|
221
|
+
onChange={(e) => setDescription(e.target.value)}
|
|
222
|
+
rows={2}
|
|
223
|
+
className={`w-full px-3 py-2 rounded-md border ${inputBorder} ${inputBg} ${textPrimary}`}
|
|
224
|
+
placeholder="What does this role do?"
|
|
225
|
+
/>
|
|
226
|
+
</div>
|
|
227
|
+
|
|
228
|
+
{/* Page Permissions */}
|
|
229
|
+
<div>
|
|
230
|
+
<label className={`block text-sm font-medium mb-2 ${textMuted}`}>Page Permissions</label>
|
|
231
|
+
<div className={`border ${borderColor} rounded-md max-h-48 overflow-y-auto`}>
|
|
232
|
+
{availablePermissions.length === 0 ? (
|
|
233
|
+
<p className={`p-3 text-sm ${textMuted}`}>No page permissions available</p>
|
|
234
|
+
) : (
|
|
235
|
+
availablePermissions.map((perm) => (
|
|
236
|
+
<label
|
|
237
|
+
key={perm.page_permission_id}
|
|
238
|
+
className={`flex items-center px-3 py-2 border-b last:border-b-0 ${borderColor} cursor-pointer hover:${isDark ? 'bg-slate-700' : 'bg-gray-50'}`}
|
|
239
|
+
>
|
|
240
|
+
<input
|
|
241
|
+
type="checkbox"
|
|
242
|
+
checked={selectedPermissions.includes(perm.route_pattern)}
|
|
243
|
+
onChange={() => togglePermission(perm.route_pattern)}
|
|
244
|
+
className="mr-3"
|
|
245
|
+
/>
|
|
246
|
+
<div>
|
|
247
|
+
<span className={`font-mono text-sm ${textPrimary}`}>{perm.route_pattern}</span>
|
|
248
|
+
{perm.display_name && (
|
|
249
|
+
<span className={`block text-xs ${textMuted}`}>{perm.display_name}</span>
|
|
250
|
+
)}
|
|
251
|
+
</div>
|
|
252
|
+
</label>
|
|
253
|
+
))
|
|
254
|
+
)}
|
|
255
|
+
</div>
|
|
256
|
+
</div>
|
|
257
|
+
|
|
258
|
+
{/* Security Options */}
|
|
259
|
+
<div className={`border-t ${borderColor} pt-4`}>
|
|
260
|
+
<label className={`block text-sm font-medium mb-2 ${textMuted}`}>Security Options</label>
|
|
261
|
+
<label className="flex items-center cursor-pointer">
|
|
262
|
+
<input
|
|
263
|
+
type="checkbox"
|
|
264
|
+
checked={requires2FA}
|
|
265
|
+
onChange={(e) => setRequires2FA(e.target.checked)}
|
|
266
|
+
className="mr-3"
|
|
267
|
+
/>
|
|
268
|
+
<span className={textPrimary}>Requires 2FA for all pages</span>
|
|
269
|
+
</label>
|
|
270
|
+
</div>
|
|
271
|
+
|
|
272
|
+
{/* Error */}
|
|
273
|
+
{error && (
|
|
274
|
+
<div className="bg-red-900/30 border border-red-600 rounded-lg p-3">
|
|
275
|
+
<p className="text-red-400 text-sm">{error}</p>
|
|
276
|
+
</div>
|
|
277
|
+
)}
|
|
278
|
+
</div>
|
|
279
|
+
|
|
280
|
+
{/* Footer */}
|
|
281
|
+
<div className={`px-6 py-4 border-t ${borderColor} flex justify-end gap-3`}>
|
|
282
|
+
<button
|
|
283
|
+
type="button"
|
|
284
|
+
onClick={onClose}
|
|
285
|
+
className={`px-4 py-2 rounded-md border ${borderColor} ${textMuted}`}
|
|
286
|
+
>
|
|
287
|
+
Cancel
|
|
288
|
+
</button>
|
|
289
|
+
<button
|
|
290
|
+
type="submit"
|
|
291
|
+
disabled={saving || (!isEditing && !nameValidation.valid)}
|
|
292
|
+
className="px-4 py-2 bg-blue-600 text-white rounded-md hover:bg-blue-700 disabled:opacity-50"
|
|
293
|
+
>
|
|
294
|
+
{saving ? 'Saving...' : isEditing ? 'Save Changes' : 'Create Role'}
|
|
295
|
+
</button>
|
|
296
|
+
</div>
|
|
297
|
+
</form>
|
|
298
|
+
</div>
|
|
299
|
+
</div>
|
|
300
|
+
);
|
|
301
|
+
}
|
|
302
|
+
|
|
303
|
+
// ============================================================================
|
|
304
|
+
// USER ROLE ASSIGNER MODAL
|
|
305
|
+
// ============================================================================
|
|
306
|
+
|
|
307
|
+
/**
|
|
308
|
+
* UserRoleAssignerModal - Assign roles to a user
|
|
309
|
+
*/
|
|
310
|
+
export function UserRoleAssignerModal({
|
|
311
|
+
user,
|
|
312
|
+
availableRoles,
|
|
313
|
+
isLastAdmin,
|
|
314
|
+
currentUserId,
|
|
315
|
+
onSave,
|
|
316
|
+
onClose,
|
|
317
|
+
isDark = true,
|
|
318
|
+
}: {
|
|
319
|
+
user: User;
|
|
320
|
+
availableRoles: { role_name: string; display_name?: string; description?: string }[];
|
|
321
|
+
isLastAdmin?: boolean;
|
|
322
|
+
currentUserId?: number;
|
|
323
|
+
onSave: (userId: number, appRoles: string[]) => Promise<void>;
|
|
324
|
+
onClose: () => void;
|
|
325
|
+
isDark?: boolean;
|
|
326
|
+
}) {
|
|
327
|
+
const [selectedRoles, setSelectedRoles] = useState<string[]>(user.roles.app);
|
|
328
|
+
const [saving, setSaving] = useState(false);
|
|
329
|
+
const [error, setError] = useState('');
|
|
330
|
+
|
|
331
|
+
const handleSubmit = async (e: React.FormEvent) => {
|
|
332
|
+
e.preventDefault();
|
|
333
|
+
setError('');
|
|
334
|
+
|
|
335
|
+
// Security: Self-assignment warning
|
|
336
|
+
if (user.user_id === currentUserId) {
|
|
337
|
+
if (!confirm('You are modifying your own roles. Changes take effect on next login. Continue?')) {
|
|
338
|
+
return;
|
|
339
|
+
}
|
|
340
|
+
}
|
|
341
|
+
|
|
342
|
+
// Security Addendum: Last admin warning
|
|
343
|
+
const hadAdmin = user.roles.app.some((r) => r.includes('admin'));
|
|
344
|
+
const hasAdmin = selectedRoles.some((r) => r.includes('admin'));
|
|
345
|
+
|
|
346
|
+
if (hadAdmin && !hasAdmin && isLastAdmin) {
|
|
347
|
+
if (!confirm('Warning: This is the last administrator. Removing admin access will lock out admin access. Continue?')) {
|
|
348
|
+
return;
|
|
349
|
+
}
|
|
350
|
+
}
|
|
351
|
+
|
|
352
|
+
try {
|
|
353
|
+
setSaving(true);
|
|
354
|
+
await onSave(user.user_id, selectedRoles);
|
|
355
|
+
onClose();
|
|
356
|
+
} catch (err) {
|
|
357
|
+
setError(err instanceof Error ? err.message : 'Failed to update roles');
|
|
358
|
+
} finally {
|
|
359
|
+
setSaving(false);
|
|
360
|
+
}
|
|
361
|
+
};
|
|
362
|
+
|
|
363
|
+
const toggleRole = (roleName: string) => {
|
|
364
|
+
setSelectedRoles((prev) =>
|
|
365
|
+
prev.includes(roleName) ? prev.filter((r) => r !== roleName) : [...prev, roleName]
|
|
366
|
+
);
|
|
367
|
+
};
|
|
368
|
+
|
|
369
|
+
// Theme colors
|
|
370
|
+
const modalBg = isDark ? 'bg-slate-800' : 'bg-white';
|
|
371
|
+
const borderColor = isDark ? 'border-slate-700' : 'border-gray-200';
|
|
372
|
+
const textPrimary = isDark ? 'text-white' : 'text-gray-900';
|
|
373
|
+
const textMuted = isDark ? 'text-slate-400' : 'text-gray-500';
|
|
374
|
+
|
|
375
|
+
return (
|
|
376
|
+
<div className="fixed inset-0 z-50 flex items-center justify-center bg-black/50">
|
|
377
|
+
<div className={`w-full max-w-md mx-4 rounded-lg shadow-xl ${modalBg} border ${borderColor}`}>
|
|
378
|
+
{/* Header */}
|
|
379
|
+
<div className={`px-6 py-4 border-b ${borderColor} flex items-center justify-between`}>
|
|
380
|
+
<div>
|
|
381
|
+
<h3 className={`text-lg font-semibold ${textPrimary}`}>Edit Roles</h3>
|
|
382
|
+
<p className={`text-sm ${textMuted}`}>{user.full_name || user.email}</p>
|
|
383
|
+
</div>
|
|
384
|
+
<button onClick={onClose} className={textMuted}>
|
|
385
|
+
<svg className="w-5 h-5" fill="none" viewBox="0 0 24 24" stroke="currentColor">
|
|
386
|
+
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M6 18L18 6M6 6l12 12" />
|
|
387
|
+
</svg>
|
|
388
|
+
</button>
|
|
389
|
+
</div>
|
|
390
|
+
|
|
391
|
+
{/* Form */}
|
|
392
|
+
<form onSubmit={handleSubmit}>
|
|
393
|
+
<div className="px-6 py-4 space-y-4">
|
|
394
|
+
{/* IDP Roles (read-only) */}
|
|
395
|
+
{user.roles.idp.length > 0 && (
|
|
396
|
+
<div>
|
|
397
|
+
<label className={`block text-sm font-medium mb-2 ${textMuted}`}>
|
|
398
|
+
IDP Roles (read-only)
|
|
399
|
+
<svg className="inline w-4 h-4 ml-1" fill="none" viewBox="0 0 24 24" stroke="currentColor">
|
|
400
|
+
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M12 15v2m-6 4h12a2 2 0 002-2v-6a2 2 0 00-2-2H6a2 2 0 00-2 2v6a2 2 0 002 2zm10-10V7a4 4 0 00-8 0v4h8z" />
|
|
401
|
+
</svg>
|
|
402
|
+
</label>
|
|
403
|
+
<div className="space-y-1">
|
|
404
|
+
{user.roles.idp.map((role) => (
|
|
405
|
+
<div key={role} className={`flex items-center px-3 py-2 rounded ${isDark ? 'bg-slate-700/50' : 'bg-gray-100'}`}>
|
|
406
|
+
<span className={textMuted}>{role}</span>
|
|
407
|
+
<span className={`ml-auto text-xs ${textMuted}`}>assigned by IDP</span>
|
|
408
|
+
</div>
|
|
409
|
+
))}
|
|
410
|
+
</div>
|
|
411
|
+
</div>
|
|
412
|
+
)}
|
|
413
|
+
|
|
414
|
+
{/* Application Roles */}
|
|
415
|
+
<div>
|
|
416
|
+
<label className={`block text-sm font-medium mb-2 ${textMuted}`}>Application Roles</label>
|
|
417
|
+
<div className={`border ${borderColor} rounded-md`}>
|
|
418
|
+
{availableRoles.map((role) => (
|
|
419
|
+
<label
|
|
420
|
+
key={role.role_name}
|
|
421
|
+
className={`flex items-start px-3 py-2 border-b last:border-b-0 ${borderColor} cursor-pointer hover:${isDark ? 'bg-slate-700' : 'bg-gray-50'}`}
|
|
422
|
+
>
|
|
423
|
+
<input
|
|
424
|
+
type="checkbox"
|
|
425
|
+
checked={selectedRoles.includes(role.role_name)}
|
|
426
|
+
onChange={() => toggleRole(role.role_name)}
|
|
427
|
+
className="mt-1 mr-3"
|
|
428
|
+
/>
|
|
429
|
+
<div>
|
|
430
|
+
<span className={textPrimary}>{role.display_name || role.role_name}</span>
|
|
431
|
+
{role.description && (
|
|
432
|
+
<span className={`block text-xs ${textMuted}`}>{role.description}</span>
|
|
433
|
+
)}
|
|
434
|
+
</div>
|
|
435
|
+
</label>
|
|
436
|
+
))}
|
|
437
|
+
</div>
|
|
438
|
+
</div>
|
|
439
|
+
|
|
440
|
+
{/* Error */}
|
|
441
|
+
{error && (
|
|
442
|
+
<div className="bg-red-900/30 border border-red-600 rounded-lg p-3">
|
|
443
|
+
<p className="text-red-400 text-sm">{error}</p>
|
|
444
|
+
</div>
|
|
445
|
+
)}
|
|
446
|
+
</div>
|
|
447
|
+
|
|
448
|
+
{/* Footer */}
|
|
449
|
+
<div className={`px-6 py-4 border-t ${borderColor} flex justify-end gap-3`}>
|
|
450
|
+
<button
|
|
451
|
+
type="button"
|
|
452
|
+
onClick={onClose}
|
|
453
|
+
className={`px-4 py-2 rounded-md border ${borderColor} ${textMuted}`}
|
|
454
|
+
>
|
|
455
|
+
Cancel
|
|
456
|
+
</button>
|
|
457
|
+
<button
|
|
458
|
+
type="submit"
|
|
459
|
+
disabled={saving}
|
|
460
|
+
className="px-4 py-2 bg-blue-600 text-white rounded-md hover:bg-blue-700 disabled:opacity-50"
|
|
461
|
+
>
|
|
462
|
+
{saving ? 'Saving...' : 'Save Changes'}
|
|
463
|
+
</button>
|
|
464
|
+
</div>
|
|
465
|
+
</form>
|
|
466
|
+
</div>
|
|
467
|
+
</div>
|
|
468
|
+
);
|
|
469
|
+
}
|