npm - @payez/next-mvp - Versions diffs - 3.0.0 - Mend

@payez/next-mvp 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (654) hide show

package/README.md +782 -0
package/dist/api/auth-handler.d.ts +67 -0
package/dist/api/auth-handler.js +397 -0
package/dist/api/index.d.ts +10 -0
package/dist/api/index.js +19 -0
package/dist/api-handlers/account/change-password.d.ts +9 -0
package/dist/api-handlers/account/change-password.js +112 -0
package/dist/api-handlers/account/masked-info.d.ts +2 -0
package/dist/api-handlers/account/masked-info.js +41 -0
package/dist/api-handlers/account/profile.d.ts +3 -0
package/dist/api-handlers/account/profile.js +63 -0
package/dist/api-handlers/account/recovery/initiate.d.ts +2 -0
package/dist/api-handlers/account/recovery/initiate.js +26 -0
package/dist/api-handlers/account/recovery/send-code.d.ts +2 -0
package/dist/api-handlers/account/recovery/send-code.js +28 -0
package/dist/api-handlers/account/recovery/verify-code.d.ts +2 -0
package/dist/api-handlers/account/recovery/verify-code.js +28 -0
package/dist/api-handlers/account/reset-password.d.ts +2 -0
package/dist/api-handlers/account/reset-password.js +26 -0
package/dist/api-handlers/account/send-code.d.ts +24 -0
package/dist/api-handlers/account/send-code.js +60 -0
package/dist/api-handlers/account/update-phone.d.ts +27 -0
package/dist/api-handlers/account/update-phone.js +64 -0
package/dist/api-handlers/account/validate-password.d.ts +17 -0
package/dist/api-handlers/account/validate-password.js +81 -0
package/dist/api-handlers/account/verify-email.d.ts +26 -0
package/dist/api-handlers/account/verify-email.js +106 -0
package/dist/api-handlers/account/verify-sms.d.ts +26 -0
package/dist/api-handlers/account/verify-sms.js +106 -0
package/dist/api-handlers/admin/analytics.d.ts +20 -0
package/dist/api-handlers/admin/analytics.js +379 -0
package/dist/api-handlers/admin/audit.d.ts +20 -0
package/dist/api-handlers/admin/audit.js +214 -0
package/dist/api-handlers/admin/index.d.ts +21 -0
package/dist/api-handlers/admin/index.js +41 -0
package/dist/api-handlers/admin/redis-sessions.d.ts +36 -0
package/dist/api-handlers/admin/redis-sessions.js +204 -0
package/dist/api-handlers/admin/sessions.d.ts +21 -0
package/dist/api-handlers/admin/sessions.js +284 -0
package/dist/api-handlers/admin/site-logs.d.ts +46 -0
package/dist/api-handlers/admin/site-logs.js +318 -0
package/dist/api-handlers/admin/users.d.ts +20 -0
package/dist/api-handlers/admin/users.js +222 -0
package/dist/api-handlers/admin/vibe-data.d.ts +80 -0
package/dist/api-handlers/admin/vibe-data.js +268 -0
package/dist/api-handlers/anon/preferences.d.ts +37 -0
package/dist/api-handlers/anon/preferences.js +96 -0
package/dist/api-handlers/auth/jwks.d.ts +2 -0
package/dist/api-handlers/auth/jwks.js +24 -0
package/dist/api-handlers/auth/login.d.ts +42 -0
package/dist/api-handlers/auth/login.js +178 -0
package/dist/api-handlers/auth/refresh.d.ts +74 -0
package/dist/api-handlers/auth/refresh.js +635 -0
package/dist/api-handlers/auth/signout.d.ts +37 -0
package/dist/api-handlers/auth/signout.js +187 -0
package/dist/api-handlers/auth/status.d.ts +8 -0
package/dist/api-handlers/auth/status.js +26 -0
package/dist/api-handlers/auth/update-session.d.ts +37 -0
package/dist/api-handlers/auth/update-session.js +95 -0
package/dist/api-handlers/auth/validate.d.ts +6 -0
package/dist/api-handlers/auth/validate.js +43 -0
package/dist/api-handlers/auth/verify-code.d.ts +43 -0
package/dist/api-handlers/auth/verify-code.js +94 -0
package/dist/api-handlers/session/refresh-viability.d.ts +14 -0
package/dist/api-handlers/session/refresh-viability.js +39 -0
package/dist/api-handlers/session/viability.d.ts +13 -0
package/dist/api-handlers/session/viability.js +146 -0
package/dist/api-handlers/test/force-expire.d.ts +23 -0
package/dist/api-handlers/test/force-expire.js +65 -0
package/dist/auth/auth-decision.d.ts +39 -0
package/dist/auth/auth-decision.js +182 -0
package/dist/auth/auth-options.d.ts +57 -0
package/dist/auth/auth-options.js +213 -0
package/dist/auth/callbacks/index.d.ts +6 -0
package/dist/auth/callbacks/index.js +12 -0
package/dist/auth/callbacks/jwt.d.ts +45 -0
package/dist/auth/callbacks/jwt.js +305 -0
package/dist/auth/callbacks/session.d.ts +60 -0
package/dist/auth/callbacks/session.js +170 -0
package/dist/auth/callbacks/signin.d.ts +23 -0
package/dist/auth/callbacks/signin.js +44 -0
package/dist/auth/events/index.d.ts +4 -0
package/dist/auth/events/index.js +8 -0
package/dist/auth/events/signout.d.ts +17 -0
package/dist/auth/events/signout.js +32 -0
package/dist/auth/providers/credentials.d.ts +32 -0
package/dist/auth/providers/credentials.js +223 -0
package/dist/auth/providers/index.d.ts +5 -0
package/dist/auth/providers/index.js +21 -0
package/dist/auth/providers/oauth.d.ts +26 -0
package/dist/auth/providers/oauth.js +105 -0
package/dist/auth/route-config.d.ts +66 -0
package/dist/auth/route-config.js +190 -0
package/dist/auth/types/auth-types.d.ts +417 -0
package/dist/auth/types/auth-types.js +53 -0
package/dist/auth/types/index.d.ts +6 -0
package/dist/auth/types/index.js +22 -0
package/dist/auth/unauthenticated-routes.d.ts +1 -0
package/dist/auth/unauthenticated-routes.js +19 -0
package/dist/auth/utils/idp-client.d.ts +94 -0
package/dist/auth/utils/idp-client.js +383 -0
package/dist/auth/utils/index.d.ts +5 -0
package/dist/auth/utils/index.js +21 -0
package/dist/auth/utils/token-utils.d.ts +84 -0
package/dist/auth/utils/token-utils.js +219 -0
package/dist/client/AuthContext.d.ts +19 -0
package/dist/client/AuthContext.js +112 -0
package/dist/client/fetch-with-auth.d.ts +11 -0
package/dist/client/fetch-with-auth.js +44 -0
package/dist/client/fetchWithSession.d.ts +3 -0
package/dist/client/fetchWithSession.js +24 -0
package/dist/client/index.d.ts +9 -0
package/dist/client/index.js +20 -0
package/dist/client/useAnonSession.d.ts +36 -0
package/dist/client/useAnonSession.js +99 -0
package/dist/components/SessionSync.d.ts +13 -0
package/dist/components/SessionSync.js +119 -0
package/dist/components/SignalRHealthCheck.d.ts +10 -0
package/dist/components/SignalRHealthCheck.js +97 -0
package/dist/components/account/UserAvatarMenu.d.ts +20 -0
package/dist/components/account/UserAvatarMenu.js +80 -0
package/dist/components/account/index.d.ts +7 -0
package/dist/components/account/index.js +10 -0
package/dist/components/admin/AlertSettingsTab.d.ts +48 -0
package/dist/components/admin/AlertSettingsTab.js +351 -0
package/dist/components/admin/AnalyticsTab.d.ts +22 -0
package/dist/components/admin/AnalyticsTab.js +167 -0
package/dist/components/admin/DataBrowserTab.d.ts +19 -0
package/dist/components/admin/DataBrowserTab.js +252 -0
package/dist/components/admin/LoggingSettingsTab.d.ts +73 -0
package/dist/components/admin/LoggingSettingsTab.js +339 -0
package/dist/components/admin/SessionsTab.d.ts +37 -0
package/dist/components/admin/SessionsTab.js +165 -0
package/dist/components/admin/StatsTab.d.ts +53 -0
package/dist/components/admin/StatsTab.js +161 -0
package/dist/components/admin/VibeAdminContext.d.ts +32 -0
package/dist/components/admin/VibeAdminContext.js +38 -0
package/dist/components/admin/VibeAdminLayout.d.ts +11 -0
package/dist/components/admin/VibeAdminLayout.js +69 -0
package/dist/components/admin/index.d.ts +29 -0
package/dist/components/admin/index.js +44 -0
package/dist/components/auth/FederatedAuthSection.d.ts +8 -0
package/dist/components/auth/FederatedAuthSection.js +45 -0
package/dist/components/auth/ModeAwareLoginPage.d.ts +10 -0
package/dist/components/auth/ModeAwareLoginPage.js +42 -0
package/dist/components/auth/ModeAwareSignupPage.d.ts +9 -0
package/dist/components/auth/ModeAwareSignupPage.js +78 -0
package/dist/components/auth/TraditionalAuthSection.d.ts +14 -0
package/dist/components/auth/TraditionalAuthSection.js +20 -0
package/dist/components/recovery/CompleteStep.d.ts +5 -0
package/dist/components/recovery/CompleteStep.js +8 -0
package/dist/components/recovery/InitiateRecoveryStep.d.ts +8 -0
package/dist/components/recovery/InitiateRecoveryStep.js +20 -0
package/dist/components/recovery/SelectMethodStep.d.ts +8 -0
package/dist/components/recovery/SelectMethodStep.js +8 -0
package/dist/components/recovery/SetPasswordStep.d.ts +6 -0
package/dist/components/recovery/SetPasswordStep.js +20 -0
package/dist/components/recovery/VerifyCodeStep.d.ts +10 -0
package/dist/components/recovery/VerifyCodeStep.js +24 -0
package/dist/components/reserved/ReservedRecoveryWarning.d.ts +38 -0
package/dist/components/reserved/ReservedRecoveryWarning.js +92 -0
package/dist/components/reserved/ReservedStatusBox.d.ts +30 -0
package/dist/components/reserved/ReservedStatusBox.js +71 -0
package/dist/components/ui/BetaBadge.d.ts +29 -0
package/dist/components/ui/BetaBadge.js +38 -0
package/dist/components/ui/Footer.d.ts +37 -0
package/dist/components/ui/Footer.js +41 -0
package/dist/config/env.d.ts +66 -0
package/dist/config/env.js +57 -0
package/dist/config/logger.d.ts +57 -0
package/dist/config/logger.js +73 -0
package/dist/config/logging-config.d.ts +30 -0
package/dist/config/logging-config.js +122 -0
package/dist/config/unauthenticated-routes.d.ts +17 -0
package/dist/config/unauthenticated-routes.js +24 -0
package/dist/config/vibe-log-transport.d.ts +79 -0
package/dist/config/vibe-log-transport.js +203 -0
package/dist/edge/internal-api-url.d.ts +53 -0
package/dist/edge/internal-api-url.js +63 -0
package/dist/edge/middleware.d.ts +14 -0
package/dist/edge/middleware.js +32 -0
package/dist/hooks/useAuth.d.ts +23 -0
package/dist/hooks/useAuth.js +81 -0
package/dist/hooks/useAuthSettings.d.ts +59 -0
package/dist/hooks/useAuthSettings.js +93 -0
package/dist/hooks/useAvailableProviders.d.ts +45 -0
package/dist/hooks/useAvailableProviders.js +108 -0
package/dist/hooks/usePasswordValidation.d.ts +27 -0
package/dist/hooks/usePasswordValidation.js +102 -0
package/dist/hooks/useProfile.d.ts +15 -0
package/dist/hooks/useProfile.js +59 -0
package/dist/hooks/usePublicAuthSettings.d.ts +56 -0
package/dist/hooks/usePublicAuthSettings.js +131 -0
package/dist/hooks/useSessionExpiration.d.ts +57 -0
package/dist/hooks/useSessionExpiration.js +72 -0
package/dist/hooks/useViabilitySession.d.ts +75 -0
package/dist/hooks/useViabilitySession.js +268 -0
package/dist/index.d.ts +12 -0
package/dist/index.js +54 -0
package/dist/lib/anon-session.d.ts +74 -0
package/dist/lib/anon-session.js +169 -0
package/dist/lib/api-handler.d.ts +123 -0
package/dist/lib/api-handler.js +478 -0
package/dist/lib/app-slug.d.ts +95 -0
package/dist/lib/app-slug.js +172 -0
package/dist/lib/demo-mode.d.ts +6 -0
package/dist/lib/demo-mode.js +16 -0
package/dist/lib/geolocation.d.ts +64 -0
package/dist/lib/geolocation.js +235 -0
package/dist/lib/idp-client-config.d.ts +75 -0
package/dist/lib/idp-client-config.js +351 -0
package/dist/lib/idp-fetch.d.ts +14 -0
package/dist/lib/idp-fetch.js +91 -0
package/dist/lib/internal-api.d.ts +87 -0
package/dist/lib/internal-api.js +122 -0
package/dist/lib/jwt-decode-client.d.ts +10 -0
package/dist/lib/jwt-decode-client.js +46 -0
package/dist/lib/jwt-decode.d.ts +48 -0
package/dist/lib/jwt-decode.js +57 -0
package/dist/lib/nextauth-secret.d.ts +10 -0
package/dist/lib/nextauth-secret.js +104 -0
package/dist/lib/rate-limit-service.d.ts +23 -0
package/dist/lib/rate-limit-service.js +6 -0
package/dist/lib/redis.d.ts +5 -0
package/dist/lib/redis.js +28 -0
package/dist/lib/refresh-token-validator.d.ts +13 -0
package/dist/lib/refresh-token-validator.js +117 -0
package/dist/lib/roles.d.ts +145 -0
package/dist/lib/roles.js +168 -0
package/dist/lib/secret-validation.d.ts +4 -0
package/dist/lib/secret-validation.js +14 -0
package/dist/lib/session-store.d.ts +166 -0
package/dist/lib/session-store.js +537 -0
package/dist/lib/session.d.ts +21 -0
package/dist/lib/session.js +26 -0
package/dist/lib/site-logger.d.ts +214 -0
package/dist/lib/site-logger.js +210 -0
package/dist/lib/standardized-client-api.d.ts +161 -0
package/dist/lib/standardized-client-api.js +786 -0
package/dist/lib/startup-init.d.ts +40 -0
package/dist/lib/startup-init.js +261 -0
package/dist/lib/test-aware-get-token.d.ts +2 -0
package/dist/lib/test-aware-get-token.js +81 -0
package/dist/lib/token-expiry.d.ts +14 -0
package/dist/lib/token-expiry.js +39 -0
package/dist/lib/token-lifecycle.d.ts +52 -0
package/dist/lib/token-lifecycle.js +398 -0
package/dist/lib/types/api-responses.d.ts +128 -0
package/dist/lib/types/api-responses.js +171 -0
package/dist/lib/user-agent-parser.d.ts +50 -0
package/dist/lib/user-agent-parser.js +220 -0
package/dist/logging/api/admin-analytics.d.ts +3 -0
package/dist/logging/api/admin-analytics.js +45 -0
package/dist/logging/api/audit-log.d.ts +3 -0
package/dist/logging/api/audit-log.js +52 -0
package/dist/logging/components/AdminAnalyticsLayout.d.ts +10 -0
package/dist/logging/components/AdminAnalyticsLayout.js +11 -0
package/dist/logging/components/AuditLogViewer.d.ts +7 -0
package/dist/logging/components/AuditLogViewer.js +51 -0
package/dist/logging/components/ErrorMetricsCard.d.ts +7 -0
package/dist/logging/components/ErrorMetricsCard.js +16 -0
package/dist/logging/components/HealthMetricsCard.d.ts +7 -0
package/dist/logging/components/HealthMetricsCard.js +19 -0
package/dist/logging/hooks/useAdminAnalytics.d.ts +24 -0
package/dist/logging/hooks/useAdminAnalytics.js +22 -0
package/dist/logging/hooks/useAuditLog.d.ts +6 -0
package/dist/logging/hooks/useAuditLog.js +25 -0
package/dist/logging/hooks/useErrorMetrics.d.ts +6 -0
package/dist/logging/hooks/useErrorMetrics.js +38 -0
package/dist/logging/hooks/useHealthMetrics.d.ts +6 -0
package/dist/logging/hooks/useHealthMetrics.js +41 -0
package/dist/logging/index.d.ts +11 -0
package/dist/logging/index.js +40 -0
package/dist/logging/types/analytics.d.ts +68 -0
package/dist/logging/types/analytics.js +3 -0
package/dist/logging/types/audit.d.ts +29 -0
package/dist/logging/types/audit.js +2 -0
package/dist/logging/types/index.d.ts +2 -0
package/dist/logging/types/index.js +19 -0
package/dist/middleware/auth-decision.d.ts +33 -0
package/dist/middleware/auth-decision.js +65 -0
package/dist/middleware/create-middleware.d.ts +100 -0
package/dist/middleware/create-middleware.js +445 -0
package/dist/middleware/rbac-check.d.ts +44 -0
package/dist/middleware/rbac-check.js +191 -0
package/dist/middleware/twofa-presets.d.ts +134 -0
package/dist/middleware/twofa-presets.js +175 -0
package/dist/models/DecodedAccessToken.d.ts +17 -0
package/dist/models/DecodedAccessToken.js +2 -0
package/dist/models/SessionModel.d.ts +122 -0
package/dist/models/SessionModel.js +136 -0
package/dist/pages/admin-login/page.d.ts +31 -0
package/dist/pages/admin-login/page.js +83 -0
package/dist/pages/admin-roles/RolesAdminPage.d.ts +15 -0
package/dist/pages/admin-roles/RolesAdminPage.js +78 -0
package/dist/pages/admin-roles/index.d.ts +8 -0
package/dist/pages/admin-roles/index.js +15 -0
package/dist/pages/admin-roles/modals.d.ts +72 -0
package/dist/pages/admin-roles/modals.js +154 -0
package/dist/pages/client-admin/ClientSiteAdminPage.d.ts +79 -0
package/dist/pages/client-admin/ClientSiteAdminPage.js +177 -0
package/dist/pages/client-admin/index.d.ts +32 -0
package/dist/pages/client-admin/index.js +37 -0
package/dist/pages/login/page.d.ts +22 -0
package/dist/pages/login/page.js +239 -0
package/dist/pages/profile/EnhancedProfilePage.d.ts +13 -0
package/dist/pages/profile/EnhancedProfilePage.js +150 -0
package/dist/pages/profile/index.d.ts +8 -0
package/dist/pages/profile/index.js +16 -0
package/dist/pages/profile/page.d.ts +19 -0
package/dist/pages/profile/page.js +47 -0
package/dist/pages/profile/profile-patch.d.ts +1 -0
package/dist/pages/profile/profile-patch.js +281 -0
package/dist/pages/recovery/page.d.ts +1 -0
package/dist/pages/recovery/page.js +142 -0
package/dist/pages/roles/MyRolesPage.d.ts +24 -0
package/dist/pages/roles/MyRolesPage.js +71 -0
package/dist/pages/roles/components.d.ts +63 -0
package/dist/pages/roles/components.js +108 -0
package/dist/pages/roles/index.d.ts +8 -0
package/dist/pages/roles/index.js +19 -0
package/dist/pages/security/EnhancedSecurityPage.d.ts +14 -0
package/dist/pages/security/EnhancedSecurityPage.js +248 -0
package/dist/pages/security/index.d.ts +8 -0
package/dist/pages/security/index.js +16 -0
package/dist/pages/security/page.d.ts +21 -0
package/dist/pages/security/page.js +212 -0
package/dist/pages/security/security-patch.d.ts +1 -0
package/dist/pages/security/security-patch.js +302 -0
package/dist/pages/settings/EnhancedSettingsPage.d.ts +46 -0
package/dist/pages/settings/EnhancedSettingsPage.js +231 -0
package/dist/pages/settings/index.d.ts +8 -0
package/dist/pages/settings/index.js +16 -0
package/dist/pages/settings/page.d.ts +7 -0
package/dist/pages/settings/page.js +26 -0
package/dist/pages/showcase/ShowcasePage.d.ts +13 -0
package/dist/pages/showcase/ShowcasePage.js +140 -0
package/dist/pages/showcase/index.d.ts +12 -0
package/dist/pages/showcase/index.js +17 -0
package/dist/pages/test-env/EmergencyLogoutPage.d.ts +14 -0
package/dist/pages/test-env/EmergencyLogoutPage.js +98 -0
package/dist/pages/test-env/JwtInspectPage.d.ts +14 -0
package/dist/pages/test-env/JwtInspectPage.js +114 -0
package/dist/pages/test-env/RefreshTokenPage.d.ts +15 -0
package/dist/pages/test-env/RefreshTokenPage.js +91 -0
package/dist/pages/test-env/TestEnvPage.d.ts +13 -0
package/dist/pages/test-env/TestEnvPage.js +49 -0
package/dist/pages/test-env/index.d.ts +24 -0
package/dist/pages/test-env/index.js +32 -0
package/dist/pages/verify-code/page.d.ts +30 -0
package/dist/pages/verify-code/page.js +408 -0
package/dist/routes/account/index.d.ts +28 -0
package/dist/routes/account/index.js +71 -0
package/dist/routes/account/masked-info.d.ts +33 -0
package/dist/routes/account/masked-info.js +39 -0
package/dist/routes/account/send-code.d.ts +37 -0
package/dist/routes/account/send-code.js +42 -0
package/dist/routes/account/update-phone.d.ts +13 -0
package/dist/routes/account/update-phone.js +17 -0
package/dist/routes/account/verify-email.d.ts +38 -0
package/dist/routes/account/verify-email.js +43 -0
package/dist/routes/account/verify-sms.d.ts +38 -0
package/dist/routes/account/verify-sms.js +43 -0
package/dist/routes/auth/index.d.ts +19 -0
package/dist/routes/auth/index.js +64 -0
package/dist/routes/auth/logout.d.ts +31 -0
package/dist/routes/auth/logout.js +113 -0
package/dist/routes/auth/nextauth.d.ts +19 -0
package/dist/routes/auth/nextauth.js +72 -0
package/dist/routes/auth/refresh.d.ts +30 -0
package/dist/routes/auth/refresh.js +51 -0
package/dist/routes/auth/session.d.ts +72 -0
package/dist/routes/auth/session.js +180 -0
package/dist/routes/auth/settings.d.ts +25 -0
package/dist/routes/auth/settings.js +55 -0
package/dist/routes/auth/viability.d.ts +52 -0
package/dist/routes/auth/viability.js +201 -0
package/dist/routes/index.d.ts +12 -0
package/dist/routes/index.js +54 -0
package/dist/routes/session/index.d.ts +6 -0
package/dist/routes/session/index.js +10 -0
package/dist/routes/session/refresh-viability.d.ts +16 -0
package/dist/routes/session/refresh-viability.js +20 -0
package/dist/services/signalrActivityService.d.ts +44 -0
package/dist/services/signalrActivityService.js +257 -0
package/dist/stores/authStore.d.ts +154 -0
package/dist/stores/authStore.js +1531 -0
package/dist/theme/ThemeProvider.d.ts +14 -0
package/dist/theme/ThemeProvider.js +28 -0
package/dist/theme/default.d.ts +8 -0
package/dist/theme/default.js +33 -0
package/dist/theme/index.d.ts +15 -0
package/dist/theme/index.js +25 -0
package/dist/theme/types.d.ts +56 -0
package/dist/theme/types.js +8 -0
package/dist/theme/useTheme.d.ts +60 -0
package/dist/theme/useTheme.js +63 -0
package/dist/theme/utils.d.ts +13 -0
package/dist/theme/utils.js +39 -0
package/dist/types/api.d.ts +134 -0
package/dist/types/api.js +44 -0
package/dist/types/auth.d.ts +19 -0
package/dist/types/auth.js +2 -0
package/dist/types/logging.d.ts +42 -0
package/dist/types/logging.js +2 -0
package/dist/types/recovery.d.ts +48 -0
package/dist/types/recovery.js +2 -0
package/dist/types/security.d.ts +1 -0
package/dist/types/security.js +2 -0
package/dist/utils/api.d.ts +85 -0
package/dist/utils/api.js +287 -0
package/dist/utils/circuitBreaker.d.ts +43 -0
package/dist/utils/circuitBreaker.js +91 -0
package/dist/utils/error-message.d.ts +1 -0
package/dist/utils/error-message.js +103 -0
package/dist/utils/layout/reservedSpace.d.ts +59 -0
package/dist/utils/layout/reservedSpace.js +102 -0
package/dist/utils/logout.d.ts +14 -0
package/dist/utils/logout.js +32 -0
package/dist/vibe/client.d.ts +261 -0
package/dist/vibe/client.js +445 -0
package/dist/vibe/errors.d.ts +83 -0
package/dist/vibe/errors.js +146 -0
package/dist/vibe/generic.d.ts +234 -0
package/dist/vibe/generic.js +369 -0
package/dist/vibe/hooks/index.d.ts +169 -0
package/dist/vibe/hooks/index.js +252 -0
package/dist/vibe/index.d.ts +23 -0
package/dist/vibe/index.js +67 -0
package/dist/vibe/sessions.d.ts +161 -0
package/dist/vibe/sessions.js +391 -0
package/dist/vibe/types.d.ts +353 -0
package/dist/vibe/types.js +315 -0
package/package.json +855 -0
package/scripts/check-internal-url-usage.sh +73 -0
package/scripts/dev-broker.ps1 +35 -0
package/scripts/dev-local.ps1 +45 -0
package/src/api/auth-handler.ts +550 -0
package/src/api/index.ts +18 -0
package/src/api-handlers/account/change-password.ts +145 -0
package/src/api-handlers/account/masked-info.ts +45 -0
package/src/api-handlers/account/profile.ts +80 -0
package/src/api-handlers/account/recovery/initiate.ts +23 -0
package/src/api-handlers/account/recovery/send-code.ts +25 -0
package/src/api-handlers/account/recovery/verify-code.ts +25 -0
package/src/api-handlers/account/reset-password.ts +23 -0
package/src/api-handlers/account/send-code.ts +76 -0
package/src/api-handlers/account/update-phone.ts +79 -0
package/src/api-handlers/account/validate-password.ts +118 -0
package/src/api-handlers/account/verify-email.ts +125 -0
package/src/api-handlers/account/verify-sms.ts +125 -0
package/src/api-handlers/admin/analytics.ts +445 -0
package/src/api-handlers/admin/audit.ts +225 -0
package/src/api-handlers/admin/index.ts +59 -0
package/src/api-handlers/admin/redis-sessions.ts +253 -0
package/src/api-handlers/admin/sessions.ts +320 -0
package/src/api-handlers/admin/site-logs.ts +367 -0
package/src/api-handlers/admin/users.ts +244 -0
package/src/api-handlers/admin/vibe-data.ts +326 -0
package/src/api-handlers/anon/preferences.ts +123 -0
package/src/api-handlers/auth/jwks.ts +20 -0
package/src/api-handlers/auth/login.ts +240 -0
package/src/api-handlers/auth/refresh.ts +687 -0
package/src/api-handlers/auth/signout.ts +212 -0
package/src/api-handlers/auth/status.ts +23 -0
package/src/api-handlers/auth/update-session.ts +125 -0
package/src/api-handlers/auth/validate.ts +44 -0
package/src/api-handlers/auth/verify-code.ts +129 -0
package/src/api-handlers/session/refresh-viability.ts +36 -0
package/src/api-handlers/session/viability.ts +166 -0
package/src/api-handlers/test/force-expire.ts +67 -0
package/src/auth/auth-decision.ts +230 -0
package/src/auth/auth-options.ts +237 -0
package/src/auth/callbacks/index.ts +7 -0
package/src/auth/callbacks/jwt.ts +382 -0
package/src/auth/callbacks/session.ts +243 -0
package/src/auth/callbacks/signin.ts +56 -0
package/src/auth/events/index.ts +5 -0
package/src/auth/events/signout.ts +33 -0
package/src/auth/providers/credentials.ts +256 -0
package/src/auth/providers/index.ts +6 -0
package/src/auth/providers/oauth.ts +114 -0
package/src/auth/route-config.ts +220 -0
package/src/auth/types/auth-types.ts +555 -0
package/src/auth/types/index.ts +7 -0
package/src/auth/unauthenticated-routes.ts +3 -0
package/src/auth/utils/idp-client.ts +444 -0
package/src/auth/utils/index.ts +6 -0
package/src/auth/utils/token-utils.ts +244 -0
package/src/client/AuthContext.tsx +140 -0
package/src/client/fetch-with-auth.ts +48 -0
package/src/client/fetchWithSession.ts +21 -0
package/src/client/index.ts +13 -0
package/src/client/useAnonSession.ts +131 -0
package/src/components/SessionSync.tsx +137 -0
package/src/components/SignalRHealthCheck.tsx +131 -0
package/src/components/account/UserAvatarMenu.tsx +217 -0
package/src/components/account/index.ts +8 -0
package/src/components/admin/AlertSettingsTab.tsx +728 -0
package/src/components/admin/AnalyticsTab.tsx +703 -0
package/src/components/admin/DataBrowserTab.tsx +505 -0
package/src/components/admin/LoggingSettingsTab.tsx +665 -0
package/src/components/admin/SessionsTab.tsx +414 -0
package/src/components/admin/StatsTab.tsx +379 -0
package/src/components/admin/VibeAdminContext.tsx +87 -0
package/src/components/admin/VibeAdminLayout.tsx +185 -0
package/src/components/admin/index.ts +59 -0
package/src/components/auth/FederatedAuthSection.tsx +95 -0
package/src/components/auth/ModeAwareLoginPage.tsx +135 -0
package/src/components/auth/ModeAwareSignupPage.tsx +267 -0
package/src/components/auth/TraditionalAuthSection.tsx +99 -0
package/src/components/recovery/CompleteStep.tsx +36 -0
package/src/components/recovery/InitiateRecoveryStep.tsx +68 -0
package/src/components/recovery/SelectMethodStep.tsx +73 -0
package/src/components/recovery/SetPasswordStep.tsx +97 -0
package/src/components/recovery/VerifyCodeStep.tsx +90 -0
package/src/components/reserved/ReservedRecoveryWarning.tsx +160 -0
package/src/components/reserved/ReservedStatusBox.tsx +118 -0
package/src/components/ui/BetaBadge.tsx +58 -0
package/src/components/ui/Footer.tsx +93 -0
package/src/config/env.ts +57 -0
package/src/config/logger.ts +62 -0
package/src/config/logging-config.ts +82 -0
package/src/config/unauthenticated-routes.ts +19 -0
package/src/config/vibe-log-transport.ts +250 -0
package/src/edge/internal-api-url.ts +65 -0
package/src/edge/middleware.ts +42 -0
package/src/hooks/useAuth.ts +115 -0
package/src/hooks/useAuthSettings.ts +97 -0
package/src/hooks/useAvailableProviders.ts +118 -0
package/src/hooks/usePasswordValidation.ts +127 -0
package/src/hooks/useProfile.ts +75 -0
package/src/hooks/usePublicAuthSettings.ts +149 -0
package/src/hooks/useSessionExpiration.ts +102 -0
package/src/hooks/useViabilitySession.ts +335 -0
package/src/index.ts +63 -0
package/src/lib/anon-session.ts +213 -0
package/src/lib/api-handler.ts +625 -0
package/src/lib/app-slug.ts +178 -0
package/src/lib/demo-mode.ts +13 -0
package/src/lib/geolocation.ts +265 -0
package/src/lib/idp-client-config.ts +442 -0
package/src/lib/idp-fetch.ts +101 -0
package/src/lib/internal-api.ts +171 -0
package/src/lib/jwt-decode-client.ts +45 -0
package/src/lib/jwt-decode.ts +83 -0
package/src/lib/nextauth-secret.ts +126 -0
package/src/lib/rate-limit-service.ts +9 -0
package/src/lib/redis.ts +27 -0
package/src/lib/refresh-token-validator.ts +64 -0
package/src/lib/roles.ts +177 -0
package/src/lib/secret-validation.ts +8 -0
package/src/lib/session-store.ts +637 -0
package/src/lib/session.ts +34 -0
package/src/lib/site-logger.ts +245 -0
package/src/lib/standardized-client-api.ts +896 -0
package/src/lib/startup-init.ts +247 -0
package/src/lib/test-aware-get-token.ts +30 -0
package/src/lib/token-expiry.ts +40 -0
package/src/lib/token-lifecycle.ts +477 -0
package/src/lib/types/api-responses.ts +336 -0
package/src/lib/user-agent-parser.ts +252 -0
package/src/logging/api/admin-analytics.ts +51 -0
package/src/logging/api/audit-log.ts +53 -0
package/src/logging/components/AdminAnalyticsLayout.tsx +49 -0
package/src/logging/components/AuditLogViewer.tsx +125 -0
package/src/logging/components/ErrorMetricsCard.tsx +98 -0
package/src/logging/components/HealthMetricsCard.tsx +70 -0
package/src/logging/hooks/useAdminAnalytics.ts +22 -0
package/src/logging/hooks/useAuditLog.ts +24 -0
package/src/logging/hooks/useErrorMetrics.ts +40 -0
package/src/logging/hooks/useHealthMetrics.ts +44 -0
package/src/logging/index.ts +18 -0
package/src/logging/types/analytics.ts +81 -0
package/src/logging/types/audit.ts +31 -0
package/src/logging/types/index.ts +3 -0
package/src/middleware/auth-decision.ts +43 -0
package/src/middleware/create-middleware.ts +626 -0
package/src/middleware/rbac-check.ts +244 -0
package/src/middleware/twofa-presets.ts +224 -0
package/src/models/DecodedAccessToken.ts +17 -0
package/src/models/SessionModel.ts +258 -0
package/src/pages/admin-login/page.tsx +229 -0
package/src/pages/admin-roles/RolesAdminPage.tsx +357 -0
package/src/pages/admin-roles/index.ts +9 -0
package/src/pages/admin-roles/modals.tsx +469 -0
package/src/pages/client-admin/ClientSiteAdminPage.tsx +380 -0
package/src/pages/client-admin/index.ts +33 -0
package/src/pages/login/page.tsx +463 -0
package/src/pages/profile/EnhancedProfilePage.tsx +479 -0
package/src/pages/profile/index.ts +9 -0
package/src/pages/profile/page.tsx +166 -0
package/src/pages/recovery/page.tsx +234 -0
package/src/pages/roles/MyRolesPage.tsx +211 -0
package/src/pages/roles/components.tsx +294 -0
package/src/pages/roles/index.ts +17 -0
package/src/pages/security/EnhancedSecurityPage.tsx +574 -0
package/src/pages/security/index.ts +9 -0
package/src/pages/security/page.tsx +507 -0
package/src/pages/settings/EnhancedSettingsPage.tsx +642 -0
package/src/pages/settings/index.ts +9 -0
package/src/pages/settings/page.tsx +47 -0
package/src/pages/showcase/ShowcasePage.tsx +530 -0
package/src/pages/showcase/index.ts +13 -0
package/src/pages/test-env/EmergencyLogoutPage.tsx +179 -0
package/src/pages/test-env/JwtInspectPage.tsx +418 -0
package/src/pages/test-env/RefreshTokenPage.tsx +155 -0
package/src/pages/test-env/TestEnvPage.tsx +116 -0
package/src/pages/test-env/index.ts +25 -0
package/src/pages/verify-code/page.tsx +648 -0
package/src/routes/account/index.ts +32 -0
package/src/routes/account/masked-info.ts +37 -0
package/src/routes/account/send-code.ts +40 -0
package/src/routes/account/update-phone.ts +13 -0
package/src/routes/account/verify-email.ts +41 -0
package/src/routes/account/verify-sms.ts +41 -0
package/src/routes/auth/index.ts +23 -0
package/src/routes/auth/logout.ts +127 -0
package/src/routes/auth/nextauth.ts +71 -0
package/src/routes/auth/refresh.ts +54 -0
package/src/routes/auth/session.ts +193 -0
package/src/routes/auth/settings.ts +75 -0
package/src/routes/auth/viability.ts +220 -0
package/src/routes/index.ts +18 -0
package/src/routes/session/index.ts +7 -0
package/src/routes/session/refresh-viability.ts +17 -0
package/src/services/signalrActivityService.ts +258 -0
package/src/stores/authStore.ts +1904 -0
package/src/templates/instrumentation.ts +41 -0
package/src/theme/ThemeProvider.tsx +39 -0
package/src/theme/default.ts +33 -0
package/src/theme/index.ts +31 -0
package/src/theme/types.ts +69 -0
package/src/theme/useTheme.ts +57 -0
package/src/theme/utils.ts +40 -0
package/src/types/api.ts +13 -0
package/src/types/auth.d.ts +15 -0
package/src/types/auth.ts +22 -0
package/src/types/logging.ts +11 -0
package/src/types/next-auth.d.ts +15 -0
package/src/types/recovery.ts +54 -0
package/src/types/security.ts +1 -0
package/src/utils/api.ts +353 -0
package/src/utils/circuitBreaker.ts +40 -0
package/src/utils/error-message.ts +108 -0
package/src/utils/layout/reservedSpace.ts +124 -0
package/src/utils/logout.ts +30 -0
package/src/vibe/client.ts +590 -0
package/src/vibe/errors.ts +185 -0
package/src/vibe/generic.ts +429 -0
package/src/vibe/hooks/index.ts +367 -0
package/src/vibe/index.ts +121 -0
package/src/vibe/sessions.ts +551 -0
package/src/vibe/types.ts +577 -0

package/src/hooks/usePublicAuthSettings.ts ADDED Viewed

@@ -0,0 +1,149 @@
+/**
+ * usePublicAuthSettings Hook
+ *
+ * Fetches public auth settings for pre-login pages (signup, login).
+ * Does NOT require authentication - settings are fetched via API.
+ */
+'use client';
+import { useState, useEffect } from 'react';
+import type { FederatedProvider } from '../types/auth';
+export interface PublicAuthSettings {
+    enabledProviders: FederatedProvider[];
+    allowPublicRegistration: boolean;
+    allowSocialLogin: boolean;
+    enablePasswordReset: boolean;
+    require2FA: boolean;
+    allowed2FAMethods: string[];
+}
+export interface UsePublicAuthSettingsResult {
+    settings: PublicAuthSettings | null;
+    isLoading: boolean;
+    error: Error | null;
+}
+// Map provider strings to FederatedProvider type
+const PROVIDER_MAP: Record<string, FederatedProvider> = {
+    'google': 'google',
+    'apple': 'apple',
+    'facebook': 'facebook',
+    'github': 'github',
+    'microsoft': 'microsoft',
+    'azure-ad': 'microsoft',
+};
+const DEFAULT_SETTINGS: PublicAuthSettings = {
+    enabledProviders: [],
+    allowPublicRegistration: true,
+    allowSocialLogin: false,
+    enablePasswordReset: true,
+    require2FA: true,
+    allowed2FAMethods: ['email', 'sms'],
+};
+/**
+ * Hook to fetch public auth settings for login/signup pages.
+ *
+ * @example
+ * ```tsx
+ * function SignupPage() {
+ *   const { settings, isLoading } = usePublicAuthSettings();
+ *
+ *   if (isLoading) return <Spinner />;
+ *
+ *   return (
+ *     <>
+ *       {settings?.allowSocialLogin && (
+ *         <FederatedAuthSection providers={settings.enabledProviders} />
+ *       )}
+ *       {settings?.allowPublicRegistration && (
+ *         <EmailSignupForm />
+ *       )}
+ *     </>
+ *   );
+ * }
+ * ```
+ */
+export function usePublicAuthSettings(): UsePublicAuthSettingsResult {
+    const [settings, setSettings] = useState<PublicAuthSettings | null>(null);
+    const [isLoading, setIsLoading] = useState(true);
+    const [error, setError] = useState<Error | null>(null);
+    useEffect(() => {
+        let mounted = true;
+        async function fetchSettings() {
+            try {
+                const response = await fetch('/api/auth/settings');
+                if (!mounted) return;
+                if (!response.ok) {
+                    throw new Error(`Failed to fetch auth settings: ${response.status}`);
+                }
+                const data = await response.json();
+                if (data.success && data.data) {
+                    // Map provider strings to FederatedProvider type
+                    const providers = (data.data.enabledProviders || [])
+                        .map((p: string) => PROVIDER_MAP[p.toLowerCase()])
+                        .filter((p: FederatedProvider | undefined): p is FederatedProvider => p !== undefined);
+                    setSettings({
+                        ...data.data,
+                        enabledProviders: providers,
+                    });
+                } else {
+                    setSettings(DEFAULT_SETTINGS);
+                }
+                setError(null);
+            } catch (err) {
+                if (!mounted) return;
+                console.warn('[usePublicAuthSettings] Failed to fetch settings:', err);
+                setError(err instanceof Error ? err : new Error(String(err)));
+                setSettings(DEFAULT_SETTINGS);
+            } finally {
+                if (mounted) {
+                    setIsLoading(false);
+                }
+            }
+        }
+        fetchSettings();
+        return () => {
+            mounted = false;
+        };
+    }, []);
+    return { settings, isLoading, error };
+}
+/**
+ * Hook to check if social login is enabled.
+ */
+export function useSocialLoginEnabled(): boolean {
+    const { settings } = usePublicAuthSettings();
+    return settings?.allowSocialLogin ?? false;
+}
+/**
+ * Hook to check if public registration is enabled.
+ */
+export function usePublicRegistrationEnabled(): boolean {
+    const { settings } = usePublicAuthSettings();
+    return settings?.allowPublicRegistration ?? true;
+}
+/**
+ * Hook to check if password reset is enabled.
+ */
+export function usePasswordResetEnabled(): boolean {
+    const { settings } = usePublicAuthSettings();
+    return settings?.enablePasswordReset ?? true;
+}

package/src/hooks/useSessionExpiration.ts ADDED Viewed

@@ -0,0 +1,102 @@
+/**
+ * Hook to detect and handle stale/expired sessions during 2FA flow
+ *
+ * Use this in verify-code pages to automatically redirect to login
+ * when the provisional bearer token has expired.
+ *
+ * @example
+ * ```tsx
+ * import { useSessionExpiration } from '@payez/next-mvp/hooks/useSessionExpiration';
+ *
+ * function VerifyCodePage() {
+ *   const { data: session } = useSession();
+ *   const router = useRouter();
+ *   const searchParams = useSearchParams();
+ *   const [error, setError] = useState<string | null>(null);
+ *
+ *   const callbackUrl = searchParams?.get('callbackUrl') || '/dashboard';
+ *
+ *   // Automatically handles session expiration
+ *   const sessionValid = useSessionExpiration({
+ *     session,
+ *     router,
+ *     callbackUrl,
+ *     onExpired: (message) => setError(message)
+ *   });
+ *
+ *   if (!sessionValid) return null; // Will redirect
+ *   // ... rest of component
+ * }
+ * ```
+ */
+import { useEffect } from 'react';
+import { signOut } from 'next-auth/react';
+import type { Session } from 'next-auth';
+export interface UseSessionExpirationOptions {
+  /** NextAuth session object */
+  session: Session | null | undefined;
+  /** Next.js router for navigation */
+  router: {
+    push: (url: string) => void;
+  };
+  /** URL to redirect to after login */
+  callbackUrl?: string;
+  /** Callback when session expires - use to set error state */
+  onExpired?: (message: string) => void;
+  /** Delay before redirect in milliseconds (default: 1500) */
+  redirectDelay?: number;
+  /** Custom redirect URL (default: /account-auth/login) */
+  loginUrl?: string;
+}
+/**
+ * Detects stale sessions and redirects to login
+ *
+ * Returns:
+ * - `true` if session is valid (has accessToken)
+ * - `false` if session is loading (no session yet)
+ * - `null` if session is stale (will trigger redirect)
+ */
+export function useSessionExpiration({
+  session,
+  router,
+  callbackUrl = '/dashboard',
+  onExpired,
+  redirectDelay = 1500,
+  loginUrl = '/account-auth/login'
+}: UseSessionExpirationOptions): boolean | null {
+  useEffect(() => {
+    // If session exists but no accessToken, the token is stale/expired
+    if (session && !(session as any).accessToken) {
+      const message = 'Your session has expired. Redirecting to login...';
+      if (onExpired) {
+        onExpired(message);
+      }
+      setTimeout(async () => {
+        // Clear the session before redirecting
+        await signOut({ redirect: false });
+        const params = new URLSearchParams({
+          callbackUrl,
+          error: 'SessionExpired'
+        });
+        router.push(`${loginUrl}?${params.toString()}`);
+      }, redirectDelay);
+    }
+  }, [session, router, callbackUrl, onExpired, redirectDelay, loginUrl]);
+  // Return session validity state
+  if (session && !(session as any).accessToken) {
+    return null; // Stale session - will redirect
+  }
+  if ((session as any)?.accessToken) {
+    return true; // Valid session
+  }
+  return false; // No session yet - loading
+}

package/src/hooks/useViabilitySession.ts ADDED Viewed

@@ -0,0 +1,335 @@
+/**
+ * useViabilitySession - Redis-backed session state hook
+ *
+ * This hook provides the REAL session state by consulting Redis via /api/session/viability
+ * instead of relying on the potentially stale NextAuth JWT cookie.
+ *
+ * Redis is the single source of truth. This hook:
+ * 1. Polls /api/session/viability to get actual session state from Redis
+ * 2. Returns consistent auth state across all components
+ * 3. Triggers callback when session state changes unexpectedly
+ *
+ * Usage:
+ * ```tsx
+ * const { isAuthenticated, isLoading } = useViabilitySession();
+ * ```
+ */
+'use client';
+import { useState, useEffect, useRef } from 'react';
+import { useSession } from 'next-auth/react';
+export interface ViabilityState {
+  /** Whether the user is authenticated according to Redis */
+  isAuthenticated: boolean;
+  /** Whether the viability check is in progress */
+  isLoading: boolean;
+  /** Whether 2FA is required for this client */
+  requires2FA: boolean;
+  /** Whether 2FA has been completed for this session */
+  twoFactorComplete: boolean;
+  /** Whether the access token has expired (refresh may be needed) */
+  accessTokenExpired: boolean;
+  /** Whether a refresh token is available */
+  hasRefreshToken: boolean;
+  /** Error message if viability check failed */
+  error: string | null;
+  /** Timestamp of last successful viability check */
+  lastChecked: number | null;
+  /** Force a viability check now */
+  refresh: () => void;
+}
+interface ViabilityResponse {
+  authenticated: boolean;
+  sessionToken?: string;
+  requires2FA?: boolean;
+  twoFactorComplete?: boolean;
+  accessTokenExpired?: boolean;
+  hasRefreshToken?: boolean;
+}
+export interface UseViabilitySessionOptions {
+  /** Polling interval in milliseconds (default: 30000 = 30 seconds) */
+  pollInterval?: number;
+  /** Whether to poll automatically (default: true) */
+  enablePolling?: boolean;
+  /** Callback when session becomes invalid */
+  onSessionInvalid?: () => void;
+}
+// Use window to persist state across HMR in development
+declare global {
+  interface Window {
+    __viabilitySessionState?: {
+      isAuthenticated: boolean;
+      isLoading: boolean;
+      requires2FA: boolean;
+      twoFactorComplete: boolean;
+      accessTokenExpired: boolean;
+      hasRefreshToken: boolean;
+      error: string | null;
+      lastChecked: number | null;
+      checkInProgress: boolean;
+      prevAuth: boolean | null;
+      intervalId: ReturnType<typeof setInterval> | null;
+      listeners: Set<() => void>;
+      onSessionInvalidCallbacks: Set<() => void>;
+    };
+  }
+}
+function getGlobalState() {
+  if (typeof window === 'undefined') {
+    // SSR - return default state
+    return {
+      isAuthenticated: false,
+      isLoading: true,
+      requires2FA: false,
+      twoFactorComplete: false,
+      accessTokenExpired: false,
+      hasRefreshToken: false,
+      error: null,
+      lastChecked: null,
+      checkInProgress: false,
+      prevAuth: null,
+      intervalId: null,
+      listeners: new Set<() => void>(),
+      onSessionInvalidCallbacks: new Set<() => void>()
+    };
+  }
+  // Initialize global state on window if not present
+  if (!window.__viabilitySessionState) {
+    window.__viabilitySessionState = {
+      isAuthenticated: false,
+      isLoading: true,
+      requires2FA: false,
+      twoFactorComplete: false,
+      accessTokenExpired: false,
+      hasRefreshToken: false,
+      error: null,
+      lastChecked: null,
+      checkInProgress: false,
+      prevAuth: null,
+      intervalId: null,
+      listeners: new Set<() => void>(),
+      onSessionInvalidCallbacks: new Set<() => void>()
+    };
+  }
+  return window.__viabilitySessionState;
+}
+async function doViabilityCheck(): Promise<void> {
+  const state = getGlobalState();
+  // Prevent concurrent checks
+  if (state.checkInProgress) return;
+  state.checkInProgress = true;
+  try {
+    const response = await fetch('/api/session/viability', {
+      method: 'GET',
+      headers: {
+        'Accept': 'application/json',
+        'Cache-Control': 'no-store'
+      },
+      credentials: 'include'
+    });
+    if (!response.ok) {
+      state.isLoading = false;
+      state.error = `Viability check failed: ${response.status}`;
+      state.lastChecked = Date.now();
+      notifyListeners();
+      return;
+    }
+    const data: ViabilityResponse = await response.json();
+    // Detect auth state change
+    if (state.prevAuth !== null && state.prevAuth !== data.authenticated) {
+      console.log('[useViabilitySession] Auth state changed:', {
+        was: state.prevAuth,
+        now: data.authenticated
+      });
+      if (!data.authenticated) {
+        // Notify all callbacks
+        state.onSessionInvalidCallbacks.forEach(cb => {
+          try { cb(); } catch (e) { console.error('[useViabilitySession] onSessionInvalid error:', e); }
+        });
+      }
+    }
+    state.prevAuth = data.authenticated;
+    state.isAuthenticated = data.authenticated;
+    state.isLoading = false;
+    state.requires2FA = data.requires2FA ?? false;
+    state.twoFactorComplete = data.twoFactorComplete ?? false;
+    state.accessTokenExpired = data.accessTokenExpired ?? false;
+    state.hasRefreshToken = data.hasRefreshToken ?? false;
+    state.error = null;
+    state.lastChecked = Date.now();
+    notifyListeners();
+  } catch (error) {
+    console.error('[useViabilitySession] Error checking viability:', error);
+    const state = getGlobalState();
+    state.isLoading = false;
+    state.error = error instanceof Error ? error.message : 'Unknown error';
+    state.lastChecked = Date.now();
+    notifyListeners();
+  } finally {
+    getGlobalState().checkInProgress = false;
+  }
+}
+function notifyListeners() {
+  const state = getGlobalState();
+  state.listeners.forEach(listener => {
+    try { listener(); } catch (e) { /* ignore */ }
+  });
+}
+function startPolling(interval: number) {
+  const state = getGlobalState();
+  if (state.intervalId !== null) return; // Already polling
+  state.intervalId = setInterval(() => {
+    doViabilityCheck();
+  }, interval);
+}
+function stopPolling() {
+  const state = getGlobalState();
+  if (state.intervalId !== null) {
+    clearInterval(state.intervalId);
+    state.intervalId = null;
+  }
+}
+/**
+ * Hook that provides Redis-backed session state
+ */
+export function useViabilitySession(options: UseViabilitySessionOptions = {}): ViabilityState {
+  const {
+    pollInterval = 30000,
+    enablePolling = true,
+    onSessionInvalid
+  } = options;
+  const { status: nextAuthStatus } = useSession();
+  const [, forceUpdate] = useState(0);
+  const mountedRef = useRef(true);
+  const initializedRef = useRef(false);
+  // Register this component's onSessionInvalid callback
+  useEffect(() => {
+    if (onSessionInvalid) {
+      const state = getGlobalState();
+      state.onSessionInvalidCallbacks.add(onSessionInvalid);
+      return () => {
+        state.onSessionInvalidCallbacks.delete(onSessionInvalid);
+      };
+    }
+  }, [onSessionInvalid]);
+  // Subscribe to global state changes
+  useEffect(() => {
+    mountedRef.current = true;
+    const listener = () => {
+      if (mountedRef.current) {
+        forceUpdate(n => n + 1);
+      }
+    };
+    const state = getGlobalState();
+    state.listeners.add(listener);
+    return () => {
+      mountedRef.current = false;
+      state.listeners.delete(listener);
+    };
+  }, []);
+  // Initial check when NextAuth status is determined - only once!
+  useEffect(() => {
+    if (nextAuthStatus === 'loading') {
+      return;
+    }
+    const state = getGlobalState();
+    // Only do initial check once globally
+    if (!initializedRef.current && state.lastChecked === null) {
+      initializedRef.current = true;
+      doViabilityCheck();
+    }
+  }, [nextAuthStatus]);
+  // Manage polling - only one interval for all hook instances
+  useEffect(() => {
+    if (!enablePolling || nextAuthStatus === 'loading') {
+      return;
+    }
+    // Start polling if not already started
+    startPolling(pollInterval);
+    // Cleanup: only stop if this is the last listener
+    return () => {
+      const state = getGlobalState();
+      // Small delay to allow other components to register
+      setTimeout(() => {
+        if (state.listeners.size === 0) {
+          stopPolling();
+        }
+      }, 100);
+    };
+  }, [enablePolling, pollInterval, nextAuthStatus]);
+  // Check viability on focus (user returns to tab) - with debounce
+  useEffect(() => {
+    const handleFocus = () => {
+      const state = getGlobalState();
+      // Debounce: only check if last check was > 10 seconds ago
+      if (state.lastChecked !== null &&
+          Date.now() - state.lastChecked > 10000) {
+        doViabilityCheck();
+      }
+    };
+    window.addEventListener('focus', handleFocus);
+    return () => window.removeEventListener('focus', handleFocus);
+  }, []);
+  // Return current state
+  const state = getGlobalState();
+  return {
+    isAuthenticated: state.isAuthenticated,
+    isLoading: state.isLoading,
+    requires2FA: state.requires2FA,
+    twoFactorComplete: state.twoFactorComplete,
+    accessTokenExpired: state.accessTokenExpired,
+    hasRefreshToken: state.hasRefreshToken,
+    error: state.error,
+    lastChecked: state.lastChecked,
+    refresh: doViabilityCheck
+  };
+}
+/**
+ * Simplified hook that just returns authentication status
+ * Use this in components that only need to know if user is logged in
+ */
+export function useIsAuthenticated(): { isAuthenticated: boolean; isLoading: boolean } {
+  const { isAuthenticated, isLoading } = useViabilitySession({
+    pollInterval: 60000, // Less frequent polling for simple status
+    enablePolling: true
+  });
+  return { isAuthenticated, isLoading };
+}

package/src/index.ts ADDED Viewed

@@ -0,0 +1,63 @@
+// Type augmentation for NextAuth - included via ambient module declaration
+// Note: Type declarations are picked up automatically via tsconfig.json, no explicit import needed
+// NOTE: Server-only exports are NOT exported from the root to prevent bundling Node.js modules in client code.
+// Server-side code should import from subpath exports:
+// - Session management: import { sessionStore } from '@payez/next-mvp/lib/session-store'
+// - Redis client: import { redis } from '@payez/next-mvp/lib/redis'
+// - Token expiry: import { computeTokenExpiries } from '@payez/next-mvp/lib/token-expiry'
+// - Refresh validation: import { validateRefreshToken } from '@payez/next-mvp/lib/refresh-token-validator'
+// - Auth options: import { authOptions } from '@payez/next-mvp/auth/auth-options'
+// - Auth handler: import { createAuthHandler } from '@payez/next-mvp/api/auth-handler'
+// Client-safe exports only
+// Client-side utilities
+export { fetchWithAuth } from './client/fetch-with-auth';
+// Anonymous session hook (for pre-login preferences like theme)
+export { useAnonSession } from './client/useAnonSession';
+export type { AnonPreferences, AnonMetrics, AnonSession, UseAnonSessionReturn } from './client/useAnonSession';
+// Authentication Context and Hooks
+export { AuthProvider, useAuthConfig, useAuthMode, useFederatedProviders, useFederatedAuthEnabled, useTraditionalAuthEnabled } from './client/AuthContext';
+export type { AuthConfig } from './types/auth';
+// Route configuration (client-safe)
+export { makeAuthDecision } from './auth/auth-decision';
+export { isUnauthenticatedRoute, configurePublicRoutes, getRouteConfig } from './auth/route-config';
+export { createMvpMiddleware } from './middleware/create-middleware';
+// Account Components
+export { UserAvatarMenu } from './components/account';
+export type { UserAvatarMenuProps } from './components/account';
+// Admin Logging & Analytics (client-side components and hooks)
+export {
+  ErrorMetricsCard,
+  HealthMetricsCard,
+  AuditLogViewer,
+  AdminAnalyticsLayout,
+  useErrorMetrics,
+  useHealthMetrics,
+  useAuditLog,
+  useAdminAnalytics,
+  getErrorMetrics,
+  getHealthMetrics,
+  writeAuditLog,
+  queryAuditLog,
+} from './logging';
+export type {
+  ErrorMetrics,
+  HealthMetrics,
+  AuditLogEntry,
+  AuditLogQuery,
+  AuditLogResponse,
+  TimeRange,
+  RouteError,
+  LevelCount,
+  CategoryCount,
+  ErrorDetail,
+  EndpointHealth,
+  SlowRequest,
+} from './logging';