npm - @payez/next-mvp - Versions diffs - 3.0.0 - Mend

@payez/next-mvp 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (654) hide show

package/README.md +782 -0
package/dist/api/auth-handler.d.ts +67 -0
package/dist/api/auth-handler.js +397 -0
package/dist/api/index.d.ts +10 -0
package/dist/api/index.js +19 -0
package/dist/api-handlers/account/change-password.d.ts +9 -0
package/dist/api-handlers/account/change-password.js +112 -0
package/dist/api-handlers/account/masked-info.d.ts +2 -0
package/dist/api-handlers/account/masked-info.js +41 -0
package/dist/api-handlers/account/profile.d.ts +3 -0
package/dist/api-handlers/account/profile.js +63 -0
package/dist/api-handlers/account/recovery/initiate.d.ts +2 -0
package/dist/api-handlers/account/recovery/initiate.js +26 -0
package/dist/api-handlers/account/recovery/send-code.d.ts +2 -0
package/dist/api-handlers/account/recovery/send-code.js +28 -0
package/dist/api-handlers/account/recovery/verify-code.d.ts +2 -0
package/dist/api-handlers/account/recovery/verify-code.js +28 -0
package/dist/api-handlers/account/reset-password.d.ts +2 -0
package/dist/api-handlers/account/reset-password.js +26 -0
package/dist/api-handlers/account/send-code.d.ts +24 -0
package/dist/api-handlers/account/send-code.js +60 -0
package/dist/api-handlers/account/update-phone.d.ts +27 -0
package/dist/api-handlers/account/update-phone.js +64 -0
package/dist/api-handlers/account/validate-password.d.ts +17 -0
package/dist/api-handlers/account/validate-password.js +81 -0
package/dist/api-handlers/account/verify-email.d.ts +26 -0
package/dist/api-handlers/account/verify-email.js +106 -0
package/dist/api-handlers/account/verify-sms.d.ts +26 -0
package/dist/api-handlers/account/verify-sms.js +106 -0
package/dist/api-handlers/admin/analytics.d.ts +20 -0
package/dist/api-handlers/admin/analytics.js +379 -0
package/dist/api-handlers/admin/audit.d.ts +20 -0
package/dist/api-handlers/admin/audit.js +214 -0
package/dist/api-handlers/admin/index.d.ts +21 -0
package/dist/api-handlers/admin/index.js +41 -0
package/dist/api-handlers/admin/redis-sessions.d.ts +36 -0
package/dist/api-handlers/admin/redis-sessions.js +204 -0
package/dist/api-handlers/admin/sessions.d.ts +21 -0
package/dist/api-handlers/admin/sessions.js +284 -0
package/dist/api-handlers/admin/site-logs.d.ts +46 -0
package/dist/api-handlers/admin/site-logs.js +318 -0
package/dist/api-handlers/admin/users.d.ts +20 -0
package/dist/api-handlers/admin/users.js +222 -0
package/dist/api-handlers/admin/vibe-data.d.ts +80 -0
package/dist/api-handlers/admin/vibe-data.js +268 -0
package/dist/api-handlers/anon/preferences.d.ts +37 -0
package/dist/api-handlers/anon/preferences.js +96 -0
package/dist/api-handlers/auth/jwks.d.ts +2 -0
package/dist/api-handlers/auth/jwks.js +24 -0
package/dist/api-handlers/auth/login.d.ts +42 -0
package/dist/api-handlers/auth/login.js +178 -0
package/dist/api-handlers/auth/refresh.d.ts +74 -0
package/dist/api-handlers/auth/refresh.js +635 -0
package/dist/api-handlers/auth/signout.d.ts +37 -0
package/dist/api-handlers/auth/signout.js +187 -0
package/dist/api-handlers/auth/status.d.ts +8 -0
package/dist/api-handlers/auth/status.js +26 -0
package/dist/api-handlers/auth/update-session.d.ts +37 -0
package/dist/api-handlers/auth/update-session.js +95 -0
package/dist/api-handlers/auth/validate.d.ts +6 -0
package/dist/api-handlers/auth/validate.js +43 -0
package/dist/api-handlers/auth/verify-code.d.ts +43 -0
package/dist/api-handlers/auth/verify-code.js +94 -0
package/dist/api-handlers/session/refresh-viability.d.ts +14 -0
package/dist/api-handlers/session/refresh-viability.js +39 -0
package/dist/api-handlers/session/viability.d.ts +13 -0
package/dist/api-handlers/session/viability.js +146 -0
package/dist/api-handlers/test/force-expire.d.ts +23 -0
package/dist/api-handlers/test/force-expire.js +65 -0
package/dist/auth/auth-decision.d.ts +39 -0
package/dist/auth/auth-decision.js +182 -0
package/dist/auth/auth-options.d.ts +57 -0
package/dist/auth/auth-options.js +213 -0
package/dist/auth/callbacks/index.d.ts +6 -0
package/dist/auth/callbacks/index.js +12 -0
package/dist/auth/callbacks/jwt.d.ts +45 -0
package/dist/auth/callbacks/jwt.js +305 -0
package/dist/auth/callbacks/session.d.ts +60 -0
package/dist/auth/callbacks/session.js +170 -0
package/dist/auth/callbacks/signin.d.ts +23 -0
package/dist/auth/callbacks/signin.js +44 -0
package/dist/auth/events/index.d.ts +4 -0
package/dist/auth/events/index.js +8 -0
package/dist/auth/events/signout.d.ts +17 -0
package/dist/auth/events/signout.js +32 -0
package/dist/auth/providers/credentials.d.ts +32 -0
package/dist/auth/providers/credentials.js +223 -0
package/dist/auth/providers/index.d.ts +5 -0
package/dist/auth/providers/index.js +21 -0
package/dist/auth/providers/oauth.d.ts +26 -0
package/dist/auth/providers/oauth.js +105 -0
package/dist/auth/route-config.d.ts +66 -0
package/dist/auth/route-config.js +190 -0
package/dist/auth/types/auth-types.d.ts +417 -0
package/dist/auth/types/auth-types.js +53 -0
package/dist/auth/types/index.d.ts +6 -0
package/dist/auth/types/index.js +22 -0
package/dist/auth/unauthenticated-routes.d.ts +1 -0
package/dist/auth/unauthenticated-routes.js +19 -0
package/dist/auth/utils/idp-client.d.ts +94 -0
package/dist/auth/utils/idp-client.js +383 -0
package/dist/auth/utils/index.d.ts +5 -0
package/dist/auth/utils/index.js +21 -0
package/dist/auth/utils/token-utils.d.ts +84 -0
package/dist/auth/utils/token-utils.js +219 -0
package/dist/client/AuthContext.d.ts +19 -0
package/dist/client/AuthContext.js +112 -0
package/dist/client/fetch-with-auth.d.ts +11 -0
package/dist/client/fetch-with-auth.js +44 -0
package/dist/client/fetchWithSession.d.ts +3 -0
package/dist/client/fetchWithSession.js +24 -0
package/dist/client/index.d.ts +9 -0
package/dist/client/index.js +20 -0
package/dist/client/useAnonSession.d.ts +36 -0
package/dist/client/useAnonSession.js +99 -0
package/dist/components/SessionSync.d.ts +13 -0
package/dist/components/SessionSync.js +119 -0
package/dist/components/SignalRHealthCheck.d.ts +10 -0
package/dist/components/SignalRHealthCheck.js +97 -0
package/dist/components/account/UserAvatarMenu.d.ts +20 -0
package/dist/components/account/UserAvatarMenu.js +80 -0
package/dist/components/account/index.d.ts +7 -0
package/dist/components/account/index.js +10 -0
package/dist/components/admin/AlertSettingsTab.d.ts +48 -0
package/dist/components/admin/AlertSettingsTab.js +351 -0
package/dist/components/admin/AnalyticsTab.d.ts +22 -0
package/dist/components/admin/AnalyticsTab.js +167 -0
package/dist/components/admin/DataBrowserTab.d.ts +19 -0
package/dist/components/admin/DataBrowserTab.js +252 -0
package/dist/components/admin/LoggingSettingsTab.d.ts +73 -0
package/dist/components/admin/LoggingSettingsTab.js +339 -0
package/dist/components/admin/SessionsTab.d.ts +37 -0
package/dist/components/admin/SessionsTab.js +165 -0
package/dist/components/admin/StatsTab.d.ts +53 -0
package/dist/components/admin/StatsTab.js +161 -0
package/dist/components/admin/VibeAdminContext.d.ts +32 -0
package/dist/components/admin/VibeAdminContext.js +38 -0
package/dist/components/admin/VibeAdminLayout.d.ts +11 -0
package/dist/components/admin/VibeAdminLayout.js +69 -0
package/dist/components/admin/index.d.ts +29 -0
package/dist/components/admin/index.js +44 -0
package/dist/components/auth/FederatedAuthSection.d.ts +8 -0
package/dist/components/auth/FederatedAuthSection.js +45 -0
package/dist/components/auth/ModeAwareLoginPage.d.ts +10 -0
package/dist/components/auth/ModeAwareLoginPage.js +42 -0
package/dist/components/auth/ModeAwareSignupPage.d.ts +9 -0
package/dist/components/auth/ModeAwareSignupPage.js +78 -0
package/dist/components/auth/TraditionalAuthSection.d.ts +14 -0
package/dist/components/auth/TraditionalAuthSection.js +20 -0
package/dist/components/recovery/CompleteStep.d.ts +5 -0
package/dist/components/recovery/CompleteStep.js +8 -0
package/dist/components/recovery/InitiateRecoveryStep.d.ts +8 -0
package/dist/components/recovery/InitiateRecoveryStep.js +20 -0
package/dist/components/recovery/SelectMethodStep.d.ts +8 -0
package/dist/components/recovery/SelectMethodStep.js +8 -0
package/dist/components/recovery/SetPasswordStep.d.ts +6 -0
package/dist/components/recovery/SetPasswordStep.js +20 -0
package/dist/components/recovery/VerifyCodeStep.d.ts +10 -0
package/dist/components/recovery/VerifyCodeStep.js +24 -0
package/dist/components/reserved/ReservedRecoveryWarning.d.ts +38 -0
package/dist/components/reserved/ReservedRecoveryWarning.js +92 -0
package/dist/components/reserved/ReservedStatusBox.d.ts +30 -0
package/dist/components/reserved/ReservedStatusBox.js +71 -0
package/dist/components/ui/BetaBadge.d.ts +29 -0
package/dist/components/ui/BetaBadge.js +38 -0
package/dist/components/ui/Footer.d.ts +37 -0
package/dist/components/ui/Footer.js +41 -0
package/dist/config/env.d.ts +66 -0
package/dist/config/env.js +57 -0
package/dist/config/logger.d.ts +57 -0
package/dist/config/logger.js +73 -0
package/dist/config/logging-config.d.ts +30 -0
package/dist/config/logging-config.js +122 -0
package/dist/config/unauthenticated-routes.d.ts +17 -0
package/dist/config/unauthenticated-routes.js +24 -0
package/dist/config/vibe-log-transport.d.ts +79 -0
package/dist/config/vibe-log-transport.js +203 -0
package/dist/edge/internal-api-url.d.ts +53 -0
package/dist/edge/internal-api-url.js +63 -0
package/dist/edge/middleware.d.ts +14 -0
package/dist/edge/middleware.js +32 -0
package/dist/hooks/useAuth.d.ts +23 -0
package/dist/hooks/useAuth.js +81 -0
package/dist/hooks/useAuthSettings.d.ts +59 -0
package/dist/hooks/useAuthSettings.js +93 -0
package/dist/hooks/useAvailableProviders.d.ts +45 -0
package/dist/hooks/useAvailableProviders.js +108 -0
package/dist/hooks/usePasswordValidation.d.ts +27 -0
package/dist/hooks/usePasswordValidation.js +102 -0
package/dist/hooks/useProfile.d.ts +15 -0
package/dist/hooks/useProfile.js +59 -0
package/dist/hooks/usePublicAuthSettings.d.ts +56 -0
package/dist/hooks/usePublicAuthSettings.js +131 -0
package/dist/hooks/useSessionExpiration.d.ts +57 -0
package/dist/hooks/useSessionExpiration.js +72 -0
package/dist/hooks/useViabilitySession.d.ts +75 -0
package/dist/hooks/useViabilitySession.js +268 -0
package/dist/index.d.ts +12 -0
package/dist/index.js +54 -0
package/dist/lib/anon-session.d.ts +74 -0
package/dist/lib/anon-session.js +169 -0
package/dist/lib/api-handler.d.ts +123 -0
package/dist/lib/api-handler.js +478 -0
package/dist/lib/app-slug.d.ts +95 -0
package/dist/lib/app-slug.js +172 -0
package/dist/lib/demo-mode.d.ts +6 -0
package/dist/lib/demo-mode.js +16 -0
package/dist/lib/geolocation.d.ts +64 -0
package/dist/lib/geolocation.js +235 -0
package/dist/lib/idp-client-config.d.ts +75 -0
package/dist/lib/idp-client-config.js +351 -0
package/dist/lib/idp-fetch.d.ts +14 -0
package/dist/lib/idp-fetch.js +91 -0
package/dist/lib/internal-api.d.ts +87 -0
package/dist/lib/internal-api.js +122 -0
package/dist/lib/jwt-decode-client.d.ts +10 -0
package/dist/lib/jwt-decode-client.js +46 -0
package/dist/lib/jwt-decode.d.ts +48 -0
package/dist/lib/jwt-decode.js +57 -0
package/dist/lib/nextauth-secret.d.ts +10 -0
package/dist/lib/nextauth-secret.js +104 -0
package/dist/lib/rate-limit-service.d.ts +23 -0
package/dist/lib/rate-limit-service.js +6 -0
package/dist/lib/redis.d.ts +5 -0
package/dist/lib/redis.js +28 -0
package/dist/lib/refresh-token-validator.d.ts +13 -0
package/dist/lib/refresh-token-validator.js +117 -0
package/dist/lib/roles.d.ts +145 -0
package/dist/lib/roles.js +168 -0
package/dist/lib/secret-validation.d.ts +4 -0
package/dist/lib/secret-validation.js +14 -0
package/dist/lib/session-store.d.ts +166 -0
package/dist/lib/session-store.js +537 -0
package/dist/lib/session.d.ts +21 -0
package/dist/lib/session.js +26 -0
package/dist/lib/site-logger.d.ts +214 -0
package/dist/lib/site-logger.js +210 -0
package/dist/lib/standardized-client-api.d.ts +161 -0
package/dist/lib/standardized-client-api.js +786 -0
package/dist/lib/startup-init.d.ts +40 -0
package/dist/lib/startup-init.js +261 -0
package/dist/lib/test-aware-get-token.d.ts +2 -0
package/dist/lib/test-aware-get-token.js +81 -0
package/dist/lib/token-expiry.d.ts +14 -0
package/dist/lib/token-expiry.js +39 -0
package/dist/lib/token-lifecycle.d.ts +52 -0
package/dist/lib/token-lifecycle.js +398 -0
package/dist/lib/types/api-responses.d.ts +128 -0
package/dist/lib/types/api-responses.js +171 -0
package/dist/lib/user-agent-parser.d.ts +50 -0
package/dist/lib/user-agent-parser.js +220 -0
package/dist/logging/api/admin-analytics.d.ts +3 -0
package/dist/logging/api/admin-analytics.js +45 -0
package/dist/logging/api/audit-log.d.ts +3 -0
package/dist/logging/api/audit-log.js +52 -0
package/dist/logging/components/AdminAnalyticsLayout.d.ts +10 -0
package/dist/logging/components/AdminAnalyticsLayout.js +11 -0
package/dist/logging/components/AuditLogViewer.d.ts +7 -0
package/dist/logging/components/AuditLogViewer.js +51 -0
package/dist/logging/components/ErrorMetricsCard.d.ts +7 -0
package/dist/logging/components/ErrorMetricsCard.js +16 -0
package/dist/logging/components/HealthMetricsCard.d.ts +7 -0
package/dist/logging/components/HealthMetricsCard.js +19 -0
package/dist/logging/hooks/useAdminAnalytics.d.ts +24 -0
package/dist/logging/hooks/useAdminAnalytics.js +22 -0
package/dist/logging/hooks/useAuditLog.d.ts +6 -0
package/dist/logging/hooks/useAuditLog.js +25 -0
package/dist/logging/hooks/useErrorMetrics.d.ts +6 -0
package/dist/logging/hooks/useErrorMetrics.js +38 -0
package/dist/logging/hooks/useHealthMetrics.d.ts +6 -0
package/dist/logging/hooks/useHealthMetrics.js +41 -0
package/dist/logging/index.d.ts +11 -0
package/dist/logging/index.js +40 -0
package/dist/logging/types/analytics.d.ts +68 -0
package/dist/logging/types/analytics.js +3 -0
package/dist/logging/types/audit.d.ts +29 -0
package/dist/logging/types/audit.js +2 -0
package/dist/logging/types/index.d.ts +2 -0
package/dist/logging/types/index.js +19 -0
package/dist/middleware/auth-decision.d.ts +33 -0
package/dist/middleware/auth-decision.js +65 -0
package/dist/middleware/create-middleware.d.ts +100 -0
package/dist/middleware/create-middleware.js +445 -0
package/dist/middleware/rbac-check.d.ts +44 -0
package/dist/middleware/rbac-check.js +191 -0
package/dist/middleware/twofa-presets.d.ts +134 -0
package/dist/middleware/twofa-presets.js +175 -0
package/dist/models/DecodedAccessToken.d.ts +17 -0
package/dist/models/DecodedAccessToken.js +2 -0
package/dist/models/SessionModel.d.ts +122 -0
package/dist/models/SessionModel.js +136 -0
package/dist/pages/admin-login/page.d.ts +31 -0
package/dist/pages/admin-login/page.js +83 -0
package/dist/pages/admin-roles/RolesAdminPage.d.ts +15 -0
package/dist/pages/admin-roles/RolesAdminPage.js +78 -0
package/dist/pages/admin-roles/index.d.ts +8 -0
package/dist/pages/admin-roles/index.js +15 -0
package/dist/pages/admin-roles/modals.d.ts +72 -0
package/dist/pages/admin-roles/modals.js +154 -0
package/dist/pages/client-admin/ClientSiteAdminPage.d.ts +79 -0
package/dist/pages/client-admin/ClientSiteAdminPage.js +177 -0
package/dist/pages/client-admin/index.d.ts +32 -0
package/dist/pages/client-admin/index.js +37 -0
package/dist/pages/login/page.d.ts +22 -0
package/dist/pages/login/page.js +239 -0
package/dist/pages/profile/EnhancedProfilePage.d.ts +13 -0
package/dist/pages/profile/EnhancedProfilePage.js +150 -0
package/dist/pages/profile/index.d.ts +8 -0
package/dist/pages/profile/index.js +16 -0
package/dist/pages/profile/page.d.ts +19 -0
package/dist/pages/profile/page.js +47 -0
package/dist/pages/profile/profile-patch.d.ts +1 -0
package/dist/pages/profile/profile-patch.js +281 -0
package/dist/pages/recovery/page.d.ts +1 -0
package/dist/pages/recovery/page.js +142 -0
package/dist/pages/roles/MyRolesPage.d.ts +24 -0
package/dist/pages/roles/MyRolesPage.js +71 -0
package/dist/pages/roles/components.d.ts +63 -0
package/dist/pages/roles/components.js +108 -0
package/dist/pages/roles/index.d.ts +8 -0
package/dist/pages/roles/index.js +19 -0
package/dist/pages/security/EnhancedSecurityPage.d.ts +14 -0
package/dist/pages/security/EnhancedSecurityPage.js +248 -0
package/dist/pages/security/index.d.ts +8 -0
package/dist/pages/security/index.js +16 -0
package/dist/pages/security/page.d.ts +21 -0
package/dist/pages/security/page.js +212 -0
package/dist/pages/security/security-patch.d.ts +1 -0
package/dist/pages/security/security-patch.js +302 -0
package/dist/pages/settings/EnhancedSettingsPage.d.ts +46 -0
package/dist/pages/settings/EnhancedSettingsPage.js +231 -0
package/dist/pages/settings/index.d.ts +8 -0
package/dist/pages/settings/index.js +16 -0
package/dist/pages/settings/page.d.ts +7 -0
package/dist/pages/settings/page.js +26 -0
package/dist/pages/showcase/ShowcasePage.d.ts +13 -0
package/dist/pages/showcase/ShowcasePage.js +140 -0
package/dist/pages/showcase/index.d.ts +12 -0
package/dist/pages/showcase/index.js +17 -0
package/dist/pages/test-env/EmergencyLogoutPage.d.ts +14 -0
package/dist/pages/test-env/EmergencyLogoutPage.js +98 -0
package/dist/pages/test-env/JwtInspectPage.d.ts +14 -0
package/dist/pages/test-env/JwtInspectPage.js +114 -0
package/dist/pages/test-env/RefreshTokenPage.d.ts +15 -0
package/dist/pages/test-env/RefreshTokenPage.js +91 -0
package/dist/pages/test-env/TestEnvPage.d.ts +13 -0
package/dist/pages/test-env/TestEnvPage.js +49 -0
package/dist/pages/test-env/index.d.ts +24 -0
package/dist/pages/test-env/index.js +32 -0
package/dist/pages/verify-code/page.d.ts +30 -0
package/dist/pages/verify-code/page.js +408 -0
package/dist/routes/account/index.d.ts +28 -0
package/dist/routes/account/index.js +71 -0
package/dist/routes/account/masked-info.d.ts +33 -0
package/dist/routes/account/masked-info.js +39 -0
package/dist/routes/account/send-code.d.ts +37 -0
package/dist/routes/account/send-code.js +42 -0
package/dist/routes/account/update-phone.d.ts +13 -0
package/dist/routes/account/update-phone.js +17 -0
package/dist/routes/account/verify-email.d.ts +38 -0
package/dist/routes/account/verify-email.js +43 -0
package/dist/routes/account/verify-sms.d.ts +38 -0
package/dist/routes/account/verify-sms.js +43 -0
package/dist/routes/auth/index.d.ts +19 -0
package/dist/routes/auth/index.js +64 -0
package/dist/routes/auth/logout.d.ts +31 -0
package/dist/routes/auth/logout.js +113 -0
package/dist/routes/auth/nextauth.d.ts +19 -0
package/dist/routes/auth/nextauth.js +72 -0
package/dist/routes/auth/refresh.d.ts +30 -0
package/dist/routes/auth/refresh.js +51 -0
package/dist/routes/auth/session.d.ts +72 -0
package/dist/routes/auth/session.js +180 -0
package/dist/routes/auth/settings.d.ts +25 -0
package/dist/routes/auth/settings.js +55 -0
package/dist/routes/auth/viability.d.ts +52 -0
package/dist/routes/auth/viability.js +201 -0
package/dist/routes/index.d.ts +12 -0
package/dist/routes/index.js +54 -0
package/dist/routes/session/index.d.ts +6 -0
package/dist/routes/session/index.js +10 -0
package/dist/routes/session/refresh-viability.d.ts +16 -0
package/dist/routes/session/refresh-viability.js +20 -0
package/dist/services/signalrActivityService.d.ts +44 -0
package/dist/services/signalrActivityService.js +257 -0
package/dist/stores/authStore.d.ts +154 -0
package/dist/stores/authStore.js +1531 -0
package/dist/theme/ThemeProvider.d.ts +14 -0
package/dist/theme/ThemeProvider.js +28 -0
package/dist/theme/default.d.ts +8 -0
package/dist/theme/default.js +33 -0
package/dist/theme/index.d.ts +15 -0
package/dist/theme/index.js +25 -0
package/dist/theme/types.d.ts +56 -0
package/dist/theme/types.js +8 -0
package/dist/theme/useTheme.d.ts +60 -0
package/dist/theme/useTheme.js +63 -0
package/dist/theme/utils.d.ts +13 -0
package/dist/theme/utils.js +39 -0
package/dist/types/api.d.ts +134 -0
package/dist/types/api.js +44 -0
package/dist/types/auth.d.ts +19 -0
package/dist/types/auth.js +2 -0
package/dist/types/logging.d.ts +42 -0
package/dist/types/logging.js +2 -0
package/dist/types/recovery.d.ts +48 -0
package/dist/types/recovery.js +2 -0
package/dist/types/security.d.ts +1 -0
package/dist/types/security.js +2 -0
package/dist/utils/api.d.ts +85 -0
package/dist/utils/api.js +287 -0
package/dist/utils/circuitBreaker.d.ts +43 -0
package/dist/utils/circuitBreaker.js +91 -0
package/dist/utils/error-message.d.ts +1 -0
package/dist/utils/error-message.js +103 -0
package/dist/utils/layout/reservedSpace.d.ts +59 -0
package/dist/utils/layout/reservedSpace.js +102 -0
package/dist/utils/logout.d.ts +14 -0
package/dist/utils/logout.js +32 -0
package/dist/vibe/client.d.ts +261 -0
package/dist/vibe/client.js +445 -0
package/dist/vibe/errors.d.ts +83 -0
package/dist/vibe/errors.js +146 -0
package/dist/vibe/generic.d.ts +234 -0
package/dist/vibe/generic.js +369 -0
package/dist/vibe/hooks/index.d.ts +169 -0
package/dist/vibe/hooks/index.js +252 -0
package/dist/vibe/index.d.ts +23 -0
package/dist/vibe/index.js +67 -0
package/dist/vibe/sessions.d.ts +161 -0
package/dist/vibe/sessions.js +391 -0
package/dist/vibe/types.d.ts +353 -0
package/dist/vibe/types.js +315 -0
package/package.json +855 -0
package/scripts/check-internal-url-usage.sh +73 -0
package/scripts/dev-broker.ps1 +35 -0
package/scripts/dev-local.ps1 +45 -0
package/src/api/auth-handler.ts +550 -0
package/src/api/index.ts +18 -0
package/src/api-handlers/account/change-password.ts +145 -0
package/src/api-handlers/account/masked-info.ts +45 -0
package/src/api-handlers/account/profile.ts +80 -0
package/src/api-handlers/account/recovery/initiate.ts +23 -0
package/src/api-handlers/account/recovery/send-code.ts +25 -0
package/src/api-handlers/account/recovery/verify-code.ts +25 -0
package/src/api-handlers/account/reset-password.ts +23 -0
package/src/api-handlers/account/send-code.ts +76 -0
package/src/api-handlers/account/update-phone.ts +79 -0
package/src/api-handlers/account/validate-password.ts +118 -0
package/src/api-handlers/account/verify-email.ts +125 -0
package/src/api-handlers/account/verify-sms.ts +125 -0
package/src/api-handlers/admin/analytics.ts +445 -0
package/src/api-handlers/admin/audit.ts +225 -0
package/src/api-handlers/admin/index.ts +59 -0
package/src/api-handlers/admin/redis-sessions.ts +253 -0
package/src/api-handlers/admin/sessions.ts +320 -0
package/src/api-handlers/admin/site-logs.ts +367 -0
package/src/api-handlers/admin/users.ts +244 -0
package/src/api-handlers/admin/vibe-data.ts +326 -0
package/src/api-handlers/anon/preferences.ts +123 -0
package/src/api-handlers/auth/jwks.ts +20 -0
package/src/api-handlers/auth/login.ts +240 -0
package/src/api-handlers/auth/refresh.ts +687 -0
package/src/api-handlers/auth/signout.ts +212 -0
package/src/api-handlers/auth/status.ts +23 -0
package/src/api-handlers/auth/update-session.ts +125 -0
package/src/api-handlers/auth/validate.ts +44 -0
package/src/api-handlers/auth/verify-code.ts +129 -0
package/src/api-handlers/session/refresh-viability.ts +36 -0
package/src/api-handlers/session/viability.ts +166 -0
package/src/api-handlers/test/force-expire.ts +67 -0
package/src/auth/auth-decision.ts +230 -0
package/src/auth/auth-options.ts +237 -0
package/src/auth/callbacks/index.ts +7 -0
package/src/auth/callbacks/jwt.ts +382 -0
package/src/auth/callbacks/session.ts +243 -0
package/src/auth/callbacks/signin.ts +56 -0
package/src/auth/events/index.ts +5 -0
package/src/auth/events/signout.ts +33 -0
package/src/auth/providers/credentials.ts +256 -0
package/src/auth/providers/index.ts +6 -0
package/src/auth/providers/oauth.ts +114 -0
package/src/auth/route-config.ts +220 -0
package/src/auth/types/auth-types.ts +555 -0
package/src/auth/types/index.ts +7 -0
package/src/auth/unauthenticated-routes.ts +3 -0
package/src/auth/utils/idp-client.ts +444 -0
package/src/auth/utils/index.ts +6 -0
package/src/auth/utils/token-utils.ts +244 -0
package/src/client/AuthContext.tsx +140 -0
package/src/client/fetch-with-auth.ts +48 -0
package/src/client/fetchWithSession.ts +21 -0
package/src/client/index.ts +13 -0
package/src/client/useAnonSession.ts +131 -0
package/src/components/SessionSync.tsx +137 -0
package/src/components/SignalRHealthCheck.tsx +131 -0
package/src/components/account/UserAvatarMenu.tsx +217 -0
package/src/components/account/index.ts +8 -0
package/src/components/admin/AlertSettingsTab.tsx +728 -0
package/src/components/admin/AnalyticsTab.tsx +703 -0
package/src/components/admin/DataBrowserTab.tsx +505 -0
package/src/components/admin/LoggingSettingsTab.tsx +665 -0
package/src/components/admin/SessionsTab.tsx +414 -0
package/src/components/admin/StatsTab.tsx +379 -0
package/src/components/admin/VibeAdminContext.tsx +87 -0
package/src/components/admin/VibeAdminLayout.tsx +185 -0
package/src/components/admin/index.ts +59 -0
package/src/components/auth/FederatedAuthSection.tsx +95 -0
package/src/components/auth/ModeAwareLoginPage.tsx +135 -0
package/src/components/auth/ModeAwareSignupPage.tsx +267 -0
package/src/components/auth/TraditionalAuthSection.tsx +99 -0
package/src/components/recovery/CompleteStep.tsx +36 -0
package/src/components/recovery/InitiateRecoveryStep.tsx +68 -0
package/src/components/recovery/SelectMethodStep.tsx +73 -0
package/src/components/recovery/SetPasswordStep.tsx +97 -0
package/src/components/recovery/VerifyCodeStep.tsx +90 -0
package/src/components/reserved/ReservedRecoveryWarning.tsx +160 -0
package/src/components/reserved/ReservedStatusBox.tsx +118 -0
package/src/components/ui/BetaBadge.tsx +58 -0
package/src/components/ui/Footer.tsx +93 -0
package/src/config/env.ts +57 -0
package/src/config/logger.ts +62 -0
package/src/config/logging-config.ts +82 -0
package/src/config/unauthenticated-routes.ts +19 -0
package/src/config/vibe-log-transport.ts +250 -0
package/src/edge/internal-api-url.ts +65 -0
package/src/edge/middleware.ts +42 -0
package/src/hooks/useAuth.ts +115 -0
package/src/hooks/useAuthSettings.ts +97 -0
package/src/hooks/useAvailableProviders.ts +118 -0
package/src/hooks/usePasswordValidation.ts +127 -0
package/src/hooks/useProfile.ts +75 -0
package/src/hooks/usePublicAuthSettings.ts +149 -0
package/src/hooks/useSessionExpiration.ts +102 -0
package/src/hooks/useViabilitySession.ts +335 -0
package/src/index.ts +63 -0
package/src/lib/anon-session.ts +213 -0
package/src/lib/api-handler.ts +625 -0
package/src/lib/app-slug.ts +178 -0
package/src/lib/demo-mode.ts +13 -0
package/src/lib/geolocation.ts +265 -0
package/src/lib/idp-client-config.ts +442 -0
package/src/lib/idp-fetch.ts +101 -0
package/src/lib/internal-api.ts +171 -0
package/src/lib/jwt-decode-client.ts +45 -0
package/src/lib/jwt-decode.ts +83 -0
package/src/lib/nextauth-secret.ts +126 -0
package/src/lib/rate-limit-service.ts +9 -0
package/src/lib/redis.ts +27 -0
package/src/lib/refresh-token-validator.ts +64 -0
package/src/lib/roles.ts +177 -0
package/src/lib/secret-validation.ts +8 -0
package/src/lib/session-store.ts +637 -0
package/src/lib/session.ts +34 -0
package/src/lib/site-logger.ts +245 -0
package/src/lib/standardized-client-api.ts +896 -0
package/src/lib/startup-init.ts +247 -0
package/src/lib/test-aware-get-token.ts +30 -0
package/src/lib/token-expiry.ts +40 -0
package/src/lib/token-lifecycle.ts +477 -0
package/src/lib/types/api-responses.ts +336 -0
package/src/lib/user-agent-parser.ts +252 -0
package/src/logging/api/admin-analytics.ts +51 -0
package/src/logging/api/audit-log.ts +53 -0
package/src/logging/components/AdminAnalyticsLayout.tsx +49 -0
package/src/logging/components/AuditLogViewer.tsx +125 -0
package/src/logging/components/ErrorMetricsCard.tsx +98 -0
package/src/logging/components/HealthMetricsCard.tsx +70 -0
package/src/logging/hooks/useAdminAnalytics.ts +22 -0
package/src/logging/hooks/useAuditLog.ts +24 -0
package/src/logging/hooks/useErrorMetrics.ts +40 -0
package/src/logging/hooks/useHealthMetrics.ts +44 -0
package/src/logging/index.ts +18 -0
package/src/logging/types/analytics.ts +81 -0
package/src/logging/types/audit.ts +31 -0
package/src/logging/types/index.ts +3 -0
package/src/middleware/auth-decision.ts +43 -0
package/src/middleware/create-middleware.ts +626 -0
package/src/middleware/rbac-check.ts +244 -0
package/src/middleware/twofa-presets.ts +224 -0
package/src/models/DecodedAccessToken.ts +17 -0
package/src/models/SessionModel.ts +258 -0
package/src/pages/admin-login/page.tsx +229 -0
package/src/pages/admin-roles/RolesAdminPage.tsx +357 -0
package/src/pages/admin-roles/index.ts +9 -0
package/src/pages/admin-roles/modals.tsx +469 -0
package/src/pages/client-admin/ClientSiteAdminPage.tsx +380 -0
package/src/pages/client-admin/index.ts +33 -0
package/src/pages/login/page.tsx +463 -0
package/src/pages/profile/EnhancedProfilePage.tsx +479 -0
package/src/pages/profile/index.ts +9 -0
package/src/pages/profile/page.tsx +166 -0
package/src/pages/recovery/page.tsx +234 -0
package/src/pages/roles/MyRolesPage.tsx +211 -0
package/src/pages/roles/components.tsx +294 -0
package/src/pages/roles/index.ts +17 -0
package/src/pages/security/EnhancedSecurityPage.tsx +574 -0
package/src/pages/security/index.ts +9 -0
package/src/pages/security/page.tsx +507 -0
package/src/pages/settings/EnhancedSettingsPage.tsx +642 -0
package/src/pages/settings/index.ts +9 -0
package/src/pages/settings/page.tsx +47 -0
package/src/pages/showcase/ShowcasePage.tsx +530 -0
package/src/pages/showcase/index.ts +13 -0
package/src/pages/test-env/EmergencyLogoutPage.tsx +179 -0
package/src/pages/test-env/JwtInspectPage.tsx +418 -0
package/src/pages/test-env/RefreshTokenPage.tsx +155 -0
package/src/pages/test-env/TestEnvPage.tsx +116 -0
package/src/pages/test-env/index.ts +25 -0
package/src/pages/verify-code/page.tsx +648 -0
package/src/routes/account/index.ts +32 -0
package/src/routes/account/masked-info.ts +37 -0
package/src/routes/account/send-code.ts +40 -0
package/src/routes/account/update-phone.ts +13 -0
package/src/routes/account/verify-email.ts +41 -0
package/src/routes/account/verify-sms.ts +41 -0
package/src/routes/auth/index.ts +23 -0
package/src/routes/auth/logout.ts +127 -0
package/src/routes/auth/nextauth.ts +71 -0
package/src/routes/auth/refresh.ts +54 -0
package/src/routes/auth/session.ts +193 -0
package/src/routes/auth/settings.ts +75 -0
package/src/routes/auth/viability.ts +220 -0
package/src/routes/index.ts +18 -0
package/src/routes/session/index.ts +7 -0
package/src/routes/session/refresh-viability.ts +17 -0
package/src/services/signalrActivityService.ts +258 -0
package/src/stores/authStore.ts +1904 -0
package/src/templates/instrumentation.ts +41 -0
package/src/theme/ThemeProvider.tsx +39 -0
package/src/theme/default.ts +33 -0
package/src/theme/index.ts +31 -0
package/src/theme/types.ts +69 -0
package/src/theme/useTheme.ts +57 -0
package/src/theme/utils.ts +40 -0
package/src/types/api.ts +13 -0
package/src/types/auth.d.ts +15 -0
package/src/types/auth.ts +22 -0
package/src/types/logging.ts +11 -0
package/src/types/next-auth.d.ts +15 -0
package/src/types/recovery.ts +54 -0
package/src/types/security.ts +1 -0
package/src/utils/api.ts +353 -0
package/src/utils/circuitBreaker.ts +40 -0
package/src/utils/error-message.ts +108 -0
package/src/utils/layout/reservedSpace.ts +124 -0
package/src/utils/logout.ts +30 -0
package/src/vibe/client.ts +590 -0
package/src/vibe/errors.ts +185 -0
package/src/vibe/generic.ts +429 -0
package/src/vibe/hooks/index.ts +367 -0
package/src/vibe/index.ts +121 -0
package/src/vibe/sessions.ts +551 -0
package/src/vibe/types.ts +577 -0

package/src/pages/verify-code/page.tsx ADDED Viewed

@@ -0,0 +1,648 @@
+/**
+ * Themed 2FA Verification Page for @payez/next-mvp
+ *
+ * PLAIN STYLING, FULL FUNCTIONALITY
+ * - Clean, professional appearance
+ * - All functional patterns from website-membership
+ * - Themeable via ThemeProvider
+ *
+ * DEPENDENCIES: Only React, Next.js, next-auth, and Tailwind CSS
+ * NO shadcn/ui or other UI library required!
+ *
+ * FEATURES:
+ * ✅ Progressive disclosure: method selection → code input
+ * ✅ Method locking after selection (prevents accidental multi-send)
+ * ✅ Masked contact info display (informational only)
+ * ✅ Auto-submit when code reaches 6 digits
+ * ✅ Cooldown timers (30s) on resend buttons
+ * ✅ Stale session detection (401 → redirect to login)
+ * ✅ JWT-specific error detection and messaging
+ * ✅ Session viability polling (every 30s) to detect expiration early
+ * ✅ Duplicate submission prevention
+ * ✅ Success/error states with atomic management
+ * ✅ "Change method" action
+ * ✅ Session cleanup on success/expiry
+ *
+ * USAGE:
+ * 1. Import from @payez/next-mvp/pages/verify-code
+ * 2. Wrap your app with ThemeProvider to customize branding
+ */
+'use client';
+import React, { useState, useEffect, useRef } from 'react';
+import { useRouter, useSearchParams } from 'next/navigation';
+import { useSession, signOut, getSession } from 'next-auth/react';
+import { Suspense } from 'react';
+import { useColors } from '../../theme/useTheme';
+/**
+ * Session storage key to track that user intentionally navigated to verify-code.
+ * Prevents auto-redirect back to dashboard when session refreshes in background.
+ */
+const VERIFY_IN_PROGRESS_KEY = 'idealvibe_2fa_verify_in_progress';
+// Masked info structure from IDP
+interface MaskedInfo {
+  masked_email?: string;
+  masked_phone_number?: string;
+  has_authenticator?: boolean;
+}
+function VerifyCodeForm() {
+  const router = useRouter();
+  const searchParams = useSearchParams();
+  const callbackUrl = searchParams?.get('callbackUrl') || '/dashboard';
+  const { data: session, status, update: updateSession } = useSession();
+  const colors = useColors();
+  // Method selection
+  type Method = 'email' | 'sms' | null;
+  const [method, setMethod] = useState<Method>(null);
+  const [methodLocked, setMethodLocked] = useState(false);
+  // Form state
+  const [code, setCode] = useState('');
+  const [maskedInfo, setMaskedInfo] = useState<MaskedInfo | null>(null);
+  const [loadingMasked, setLoadingMasked] = useState(true);
+  // Atomic state - only one active at a time
+  const [sending, setSending] = useState(false);
+  const [verifying, setVerifying] = useState(false);
+  const [success, setSuccess] = useState(false);
+  const [error, setError] = useState<string | null>(null);
+  // Cooldown timers
+  const [emailCooldown, setEmailCooldown] = useState(0);
+  const [smsCooldown, setSmsCooldown] = useState(0);
+  // Toast notifications
+  const [toast, setToast] = useState<{ type: 'success' | 'error'; message: string } | null>(null);
+  // Refs
+  const codeInputRef = useRef<HTMLInputElement>(null);
+  const lastSubmittedCode = useRef<string>('');
+  // Track that user is intentionally on this page
+  const [verifyInProgress, setVerifyInProgress] = useState(false);
+  // ==========================================================================
+  // CRITICAL FIX: Mark that user is intentionally on verify page
+  // This prevents auto-redirect when background token refresh updates session
+  // ==========================================================================
+  useEffect(() => {
+    // On mount, mark that verification is in progress
+    if (typeof window !== 'undefined') {
+      const wasInProgress = sessionStorage.getItem(VERIFY_IN_PROGRESS_KEY) === 'true';
+      if (!wasInProgress) {
+        console.log('[2FA] User navigated to verify-code page, marking verify in progress');
+        sessionStorage.setItem(VERIFY_IN_PROGRESS_KEY, 'true');
+      }
+      setVerifyInProgress(true);
+    }
+  }, []);
+  // Auto-dismiss toast
+  useEffect(() => {
+    if (toast) {
+      const timer = setTimeout(() => setToast(null), 2500);
+      return () => clearTimeout(timer);
+    }
+  }, [toast]);
+  // Cooldown countdown
+  useEffect(() => {
+    if (emailCooldown > 0) {
+      const timer = setTimeout(() => setEmailCooldown(emailCooldown - 1), 1000);
+      return () => clearTimeout(timer);
+    }
+  }, [emailCooldown]);
+  useEffect(() => {
+    if (smsCooldown > 0) {
+      const timer = setTimeout(() => setSmsCooldown(smsCooldown - 1), 1000);
+      return () => clearTimeout(timer);
+    }
+  }, [smsCooldown]);
+  // Fetch masked info on mount
+  useEffect(() => {
+    const fetchMaskedInfo = async () => {
+      // BUGFIX: Always set loadingMasked=false, even if not authenticated
+      // Otherwise page stays stuck in loading spinner
+      if (status !== 'authenticated' || !session) {
+        setLoadingMasked(false);
+        return;
+      }
+      try {
+        const res = await fetch('/api/account/masked-info', {
+          method: 'POST',
+          credentials: 'include',
+        });
+        if (res.status === 401) {
+          // Session expired - redirect to login
+          setError('Your session has expired. Redirecting to login...');
+          setTimeout(async () => {
+            await signOut({ redirect: false });
+            const safeCallback = callbackUrl.startsWith('/account-auth/') ? '/dashboard' : callbackUrl;
+            router.push(`/account-auth/login?callbackUrl=${encodeURIComponent(safeCallback)}`);
+          }, 1200);
+          return;
+        }
+        if (!res.ok) {
+          throw new Error('Failed to load contact information');
+        }
+        const data = await res.json();
+        setMaskedInfo(data);
+      } catch (err) {
+        console.error('[2FA] Error fetching masked info:', err);
+        setError('Could not load your contact information. Please try again.');
+      } finally {
+        setLoadingMasked(false);
+      }
+    };
+    fetchMaskedInfo();
+  }, [status, session, callbackUrl, router]);
+  // Auto-submit when code is 6 digits
+  useEffect(() => {
+    if (code.length === 6 && method && !verifying) {
+      handleVerifyCode();
+    }
+  }, [code, method, verifying]);
+  // ==========================================================================
+  // Session viability check - detect expiration early and warn user
+  // ==========================================================================
+  useEffect(() => {
+    if (status !== 'authenticated') return;
+    // Check session viability every 30 seconds
+    const checkSession = async () => {
+      try {
+        const res = await fetch('/api/session/viability', {
+          credentials: 'include',
+        });
+        if (res.status === 401) {
+          const data = await res.json().catch(() => ({}));
+          // Session is no longer valid - warn user and redirect
+          if (data.valid === false || data.mfaExpired === true) {
+            setError('Your session has expired. Redirecting to login...');
+            setTimeout(async () => {
+              await signOut({ redirect: false });
+              if (typeof window !== 'undefined') {
+                sessionStorage.removeItem(VERIFY_IN_PROGRESS_KEY);
+              }
+              router.push(`/account-auth/login?error=SessionExpired`);
+            }, 2000);
+          }
+        }
+      } catch (err) {
+        // Silent fail - let the next actual API call handle the error
+        console.log('[2FA] Session viability check failed:', err);
+      }
+    };
+    // Initial check after 5 seconds, then every 30 seconds
+    const initialTimeout = setTimeout(checkSession, 5000);
+    const interval = setInterval(checkSession, 30000);
+    return () => {
+      clearTimeout(initialTimeout);
+      clearInterval(interval);
+    };
+  }, [status, router]);
+  const handleSendCode = async (selectedMethod: 'email' | 'sms') => {
+    setSending(true);
+    setError(null);
+    try {
+      const res = await fetch('/api/account/send-code', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ method: selectedMethod }),
+        credentials: 'include',
+      });
+      if (res.status === 401) {
+        const errorData = await res.json().catch(() => ({}));
+        const isJwtExpired = errorData?.error?.includes('JWT') || errorData?.message?.includes('JWT') || errorData?.error?.includes('expired');
+        setError(isJwtExpired
+          ? 'Your 2FA session has expired. Please sign in again.'
+          : 'Your session has expired. Redirecting to login...'
+        );
+        setTimeout(async () => {
+          await signOut({ redirect: false });
+          if (typeof window !== 'undefined') {
+            sessionStorage.removeItem(VERIFY_IN_PROGRESS_KEY);
+          }
+          const safeCallback = callbackUrl.startsWith('/account-auth/') ? '/dashboard' : callbackUrl;
+          const errorParam = isJwtExpired ? '&error=SessionExpired' : '';
+          router.push(`/account-auth/login?callbackUrl=${encodeURIComponent(safeCallback)}${errorParam}`);
+        }, 1500);
+        return;
+      }
+      if (!res.ok) {
+        const data = await res.json();
+        throw new Error(data.message || data.error || 'Failed to send code');
+      }
+      // Lock method and set cooldown
+      setMethod(selectedMethod);
+      setMethodLocked(true);
+      if (selectedMethod === 'email') {
+        setEmailCooldown(30);
+      } else {
+        setSmsCooldown(30);
+      }
+      setToast({
+        type: 'success',
+        message: `Verification code sent to your ${selectedMethod === 'email' ? 'email' : 'phone'}`,
+      });
+      // Focus code input
+      setTimeout(() => codeInputRef.current?.focus(), 100);
+    } catch (err) {
+      setError(err instanceof Error ? err.message : 'Failed to send verification code');
+    } finally {
+      setSending(false);
+    }
+  };
+  const handleVerifyCode = async () => {
+    if (!code || !method || code.length !== 6) {
+      return;
+    }
+    // Prevent duplicate submissions
+    if (lastSubmittedCode.current === code) {
+      console.log('[2FA] Duplicate submission prevented');
+      return;
+    }
+    lastSubmittedCode.current = code;
+    setVerifying(true);
+    setError(null);
+    try {
+      const endpoint = method === 'sms' ? '/api/account/verify-sms' : '/api/account/verify-email';
+      const res = await fetch(endpoint, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ verificationCode: code }),
+        credentials: 'include',
+      });
+      if (res.status === 401) {
+        const errorData = await res.json().catch(() => ({}));
+        const isJwtExpired = errorData?.error?.includes('JWT') || errorData?.message?.includes('JWT') || errorData?.error?.includes('expired');
+        setError(isJwtExpired
+          ? 'Your 2FA session has expired. Please sign in again.'
+          : 'Your session has expired. Redirecting to login...'
+        );
+        setTimeout(async () => {
+          await signOut({ redirect: false });
+          if (typeof window !== 'undefined') {
+            sessionStorage.removeItem(VERIFY_IN_PROGRESS_KEY);
+          }
+          const safeCallback = callbackUrl.startsWith('/account-auth/') ? '/dashboard' : callbackUrl;
+          const errorParam = isJwtExpired ? '&error=SessionExpired' : '';
+          router.push(`/account-auth/login?callbackUrl=${encodeURIComponent(safeCallback)}${errorParam}`);
+        }, 1500);
+        return;
+      }
+      if (!res.ok) {
+        const data = await res.json();
+        throw new Error(data.error || data.message || 'Verification failed');
+      }
+      const result = await res.json();
+      // Normalize response: support both enveloped and unwrapped payloads
+      const payload = (result && typeof result === 'object' && 'data' in result)
+        ? (result as any).data
+        : result;
+      // Check if verification was successful
+      const verified =
+        payload?.verificationSuccessful === true ||
+        payload?.twoFactorSessionVerified === true ||
+        payload?.success === true ||
+        // Accept token-based success (unwrapped raw tokens from backend)
+        (!!payload?.access_token && !!payload?.refresh_token);
+      if (!verified) {
+        throw new Error('Verification failed. Please try again.');
+      }
+      // CRITICAL: If tokens are included (unwrapped response), persist them in server session
+      if (payload?.access_token && payload?.refresh_token) {
+        try {
+          console.log('[2FA] Updating session with new MFA tokens...');
+          const updateRes = await fetch('/api/auth/update-session', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            credentials: 'include',
+            body: JSON.stringify({
+              access_token: payload.access_token,
+              refresh_token: payload.refresh_token
+            })
+          });
+          if (!updateRes.ok) {
+            console.warn('[2FA] update-session returned non-OK status:', updateRes.status);
+            const errorData = await updateRes.json();
+            console.warn('[2FA] update-session error:', errorData);
+          } else {
+            console.log('[2FA] Session updated successfully with MFA tokens');
+          }
+        } catch (e) {
+          console.warn('[2FA] Failed to call update-session:', e);
+        }
+      }
+      // Show success state
+      setSuccess(true);
+      setError(null);
+      // CRITICAL: Force NextAuth to refetch session from server
+      // This ensures useSession() gets the updated twoFactorComplete: true
+      console.log('[2FA] Forcing session refresh after verification...');
+      try {
+        await updateSession(); // This triggers /api/auth/session and updates useSession() state
+        console.log('[2FA] Session refresh completed');
+      } catch (e) {
+        console.warn('[2FA] updateSession failed:', e);
+      }
+      // Clear verify-in-progress flag before redirect
+      if (typeof window !== 'undefined') {
+        sessionStorage.removeItem(VERIFY_IN_PROGRESS_KEY);
+      }
+      // Redirect after showing success state
+      setTimeout(() => {
+        window.location.href = callbackUrl;
+      }, 1500);
+    } catch (err) {
+      setError(err instanceof Error ? err.message : 'Failed to verify code');
+      lastSubmittedCode.current = ''; // Allow retry
+    } finally {
+      setVerifying(false);
+    }
+  };
+  const handleResetMethod = () => {
+    setMethod(null);
+    setMethodLocked(false);
+    setCode('');
+    setError(null);
+    setEmailCooldown(0);
+    setSmsCooldown(0);
+    lastSubmittedCode.current = '';
+  };
+  const handleCodeChange = (e: React.ChangeEvent<HTMLInputElement>) => {
+    const value = e.target.value.replace(/[^0-9]/g, '').slice(0, 6);
+    setCode(value);
+  };
+  // Loading state
+  if (status === 'loading' || loadingMasked) {
+    return (
+      <div className="flex flex-col items-center justify-center py-8" style={{ background: 'hsl(var(--background))' }}>
+        <svg className="animate-spin h-10 w-10" style={{ color: 'hsl(var(--primary))' }} viewBox="0 0 24 24" fill="none">
+          <circle className="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" strokeWidth="4" />
+          <path className="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8v4a4 4 0 00-4 4H4z" />
+        </svg>
+        <p className="mt-4 text-sm" style={{ color: 'hsl(var(--muted-foreground))' }}>Loading...</p>
+      </div>
+    );
+  }
+  return (
+    <div className="flex items-center justify-center px-4 py-8" style={{ background: 'hsl(var(--background))' }}>
+      <div className="max-w-md w-full">
+        {/* Toast Notification */}
+        {toast && (
+          <div
+            className={`fixed top-4 right-4 p-4 rounded border transition-all duration-300 ${
+              toast.type === 'success' ? 'bg-green-50 text-green-800 border-green-200' : 'bg-red-50 text-red-800 border-red-200'
+            }`}
+          >
+            {toast.message}
+          </div>
+        )}
+        {/* Card */}
+        <div className="rounded-2xl border p-8" style={{ background: 'hsl(var(--card))', borderColor: 'hsl(var(--border))' }}>
+          {/* Header */}
+          <div className="mb-6">
+            <h1 className="text-2xl font-semibold mb-2" style={{ color: 'hsl(var(--foreground))' }}>Verify Your Identity</h1>
+            <p className="text-sm" style={{ color: 'hsl(var(--muted-foreground))' }}>Choose how you'd like to receive your verification code</p>
+          </div>
+          {/* Masked Info Display */}
+          {maskedInfo && (
+            <div className="mb-6 p-3 rounded border text-sm" style={{ background: 'hsl(var(--muted) / 0.1)', borderColor: 'hsl(var(--border))', color: 'hsl(var(--foreground))' }}>
+              {maskedInfo.masked_email && (
+                <div className="mb-1">
+                  Email: <span className="font-mono">{maskedInfo.masked_email}</span>
+                </div>
+              )}
+              {maskedInfo.masked_phone_number && (
+                <div>
+                  Phone: <span className="font-mono">{maskedInfo.masked_phone_number}</span>
+                </div>
+              )}
+            </div>
+          )}
+          {/* Method Selection or Code Input */}
+          {!method ? (
+            /* Method Selection */
+            <div className="space-y-3">
+              <button
+                type="button"
+                onClick={() => handleSendCode('email')}
+                disabled={sending || !maskedInfo?.masked_email}
+                className="w-full flex items-center justify-between p-3 border rounded disabled:opacity-50 disabled:cursor-not-allowed transition-colors"
+                style={{
+                  background: 'hsl(var(--card))',
+                  borderColor: 'hsl(var(--border))',
+                  color: 'hsl(var(--foreground))'
+                }}
+              >
+                <div className="text-left">
+                  <p className="font-medium" style={{ color: 'hsl(var(--foreground))' }}>Email</p>
+                  <p className="text-sm" style={{ color: 'hsl(var(--muted-foreground))' }}>{maskedInfo?.masked_email || 'Not available'}</p>
+                </div>
+                <span style={{ color: 'hsl(var(--muted-foreground))' }}>→</span>
+              </button>
+              <button
+                type="button"
+                onClick={() => handleSendCode('sms')}
+                disabled={sending || !maskedInfo?.masked_phone_number}
+                className="w-full flex items-center justify-between p-3 border rounded disabled:opacity-50 disabled:cursor-not-allowed transition-colors"
+                style={{
+                  background: 'hsl(var(--card))',
+                  borderColor: 'hsl(var(--border))',
+                  color: 'hsl(var(--foreground))'
+                }}
+              >
+                <div className="text-left">
+                  <p className="font-medium" style={{ color: 'hsl(var(--foreground))' }}>SMS</p>
+                  <p className="text-sm" style={{ color: 'hsl(var(--muted-foreground))' }}>{maskedInfo?.masked_phone_number || 'Not available'}</p>
+                </div>
+                <span style={{ color: 'hsl(var(--muted-foreground))' }}>→</span>
+              </button>
+            </div>
+          ) : (
+            /* Code Input */
+            <div className="space-y-4">
+              {/* Method indicator */}
+              <div className="flex items-center justify-between p-3 rounded border" style={{ background: 'hsl(var(--muted) / 0.1)', borderColor: 'hsl(var(--border))' }}>
+                <span className="text-sm" style={{ color: 'hsl(var(--foreground))' }}>
+                  Code sent to your {method === 'email' ? 'email' : 'phone'}
+                </span>
+                <button type="button" onClick={handleResetMethod} className="text-sm hover:underline font-medium" style={{ color: 'hsl(var(--primary))' }}>
+                  Change method
+                </button>
+              </div>
+              {/* Code input */}
+              <div>
+                <label htmlFor="code" className="block text-sm font-medium mb-2" style={{ color: 'hsl(var(--foreground))' }}>
+                  Verification Code
+                </label>
+                <input
+                  ref={codeInputRef}
+                  id="code"
+                  type="text"
+                  inputMode="numeric"
+                  pattern="[0-9]*"
+                  maxLength={6}
+                  value={code}
+                  onChange={handleCodeChange}
+                  className="w-full px-4 py-3 text-center text-2xl font-mono border rounded focus:ring-2 tracking-widest"
+                  style={{
+                    background: 'hsl(var(--input))',
+                    borderColor: 'hsl(var(--border))',
+                    color: 'hsl(var(--foreground))',
+                    caretColor: 'hsl(var(--foreground))'
+                  }}
+                  placeholder="000000"
+                  disabled={verifying || success}
+                  autoComplete="one-time-code"
+                  autoFocus
+                />
+                <p className="mt-2 text-sm text-center" style={{ color: 'hsl(var(--muted-foreground))' }}>Enter the 6-digit code</p>
+              </div>
+              {/* Status Display - Pre-sized container to prevent layout shift */}
+              <div className="min-h-[3.5rem] flex items-center">
+                {verifying ? (
+                  <div className="w-full flex items-start space-x-2 p-3 rounded border" style={{ background: 'hsl(var(--muted) / 0.1)', borderColor: 'hsl(var(--border))' }}>
+                    <svg className="animate-spin w-4 h-4 mt-0.5" style={{ color: 'hsl(var(--primary))' }} fill="none" viewBox="0 0 24 24">
+                      <circle className="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" strokeWidth="4" />
+                      <path
+                        className="opacity-75"
+                        fill="currentColor"
+                        d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
+                      />
+                    </svg>
+                    <span className="text-sm" style={{ color: 'hsl(var(--foreground))' }}>Verifying code...</span>
+                  </div>
+                ) : error ? (
+                  <div className="w-full flex items-start space-x-2 p-3 rounded bg-red-50 border border-red-200">
+                    <span className="text-red-700 text-sm font-medium">✗</span>
+                    <span className="text-red-700 text-sm">{error}</span>
+                  </div>
+                ) : success ? (
+                  <div className="w-full flex items-start space-x-2 p-2.5 rounded bg-green-50 border border-green-200">
+                    <span className="text-green-700 text-xs font-medium">✓</span>
+                    <span className="text-green-700 text-xs">Verification successful! Redirecting...</span>
+                  </div>
+                ) : null}
+              </div>
+              {/* Resend button */}
+              {methodLocked && (
+                <button
+                  type="button"
+                  onClick={() => handleSendCode(method)}
+                  disabled={sending || (method === 'email' ? emailCooldown > 0 : smsCooldown > 0)}
+                  className="w-full text-sm hover:underline font-medium disabled:no-underline disabled:cursor-not-allowed disabled:opacity-50"
+                  style={{ color: 'hsl(var(--primary))' }}
+                >
+                  {sending
+                    ? 'Sending...'
+                    : method === 'email'
+                    ? emailCooldown > 0
+                      ? `Resend code in ${emailCooldown}s`
+                      : 'Resend code'
+                    : smsCooldown > 0
+                    ? `Resend code in ${smsCooldown}s`
+                    : 'Resend code'}
+                </button>
+              )}
+            </div>
+          )}
+        </div>
+        {/* Back to login */}
+        <p className="mt-4 text-center text-sm" style={{ color: 'hsl(var(--muted-foreground))' }}>
+          <a href="/account-auth/login" className="hover:underline font-medium" style={{ color: 'hsl(var(--primary))' }}>
+            Back to login
+          </a>
+        </p>
+      </div>
+    </div>
+  );
+}
+function VerifyCodePageFallback() {
+  const colors = useColors();
+  return (
+    <div className="flex items-center justify-center py-8" style={{ background: 'hsl(var(--background))' }}>
+      <div className="text-center">
+        <svg className="animate-spin h-10 w-10 mx-auto" style={{ color: 'hsl(var(--primary))' }} xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+          <circle className="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" strokeWidth="4" />
+          <path
+            className="opacity-75"
+            fill="currentColor"
+            d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
+          />
+        </svg>
+        <p className="mt-4" style={{ color: 'hsl(var(--muted-foreground))' }}>Loading...</p>
+      </div>
+    </div>
+  );
+}
+export default function VerifyCodePage() {
+  return (
+    <Suspense fallback={<VerifyCodePageFallback />}>
+      <VerifyCodeForm />
+    </Suspense>
+  );
+}

package/src/routes/account/index.ts ADDED Viewed

@@ -0,0 +1,32 @@
+/**
+ * Account Route Exports
+ *
+ * Provides ready-to-use route exports for all 2FA/account management endpoints.
+ * These routes handle the complete 2FA flow with zero configuration.
+ *
+ * @example
+ * ```typescript
+ * // Import individual routes
+ * export { POST } from '@payez/next-mvp/routes/account/masked-info';
+ * export { POST } from '@payez/next-mvp/routes/account/send-code';
+ * export { POST } from '@payez/next-mvp/routes/account/verify-email';
+ * export { POST } from '@payez/next-mvp/routes/account/verify-sms';
+ * ```
+ *
+ * @version 2.3.0
+ * @since auth-ready-v2
+ */
+// Export individual route modules
+export * as maskedInfo from './masked-info';
+export * as sendCode from './send-code';
+export * as verifyEmail from './verify-email';
+export * as verifySms from './verify-sms';
+export * as updatePhone from './update-phone';
+// Re-export POST handlers for convenience (all 2FA endpoints use POST)
+export { POST as maskedInfoPOST } from './masked-info';
+export { POST as sendCodePOST } from './send-code';
+export { POST as verifyEmailPOST } from './verify-email';
+export { POST as verifySmsPOST } from './verify-sms';
+export { POST as updatePhonePOST } from './update-phone';