@payez/next-mvp 3.9.0 → 4.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api/auth-handler.d.ts +1 -2
- package/dist/api/auth-handler.js +9 -9
- package/dist/api-handlers/account/change-password.js +110 -112
- package/dist/api-handlers/admin/analytics.d.ts +19 -20
- package/dist/api-handlers/admin/analytics.js +378 -379
- package/dist/api-handlers/admin/audit.d.ts +19 -20
- package/dist/api-handlers/admin/audit.js +213 -214
- package/dist/api-handlers/admin/index.d.ts +21 -22
- package/dist/api-handlers/admin/index.js +42 -43
- package/dist/api-handlers/admin/redis-sessions.d.ts +35 -36
- package/dist/api-handlers/admin/redis-sessions.js +203 -204
- package/dist/api-handlers/admin/sessions.d.ts +20 -21
- package/dist/api-handlers/admin/sessions.js +283 -284
- package/dist/api-handlers/admin/site-logs.d.ts +45 -46
- package/dist/api-handlers/admin/site-logs.js +317 -318
- package/dist/api-handlers/admin/stats.d.ts +20 -21
- package/dist/api-handlers/admin/stats.js +239 -240
- package/dist/api-handlers/admin/users.d.ts +19 -20
- package/dist/api-handlers/admin/users.js +221 -222
- package/dist/api-handlers/admin/vibe-data.d.ts +79 -80
- package/dist/api-handlers/admin/vibe-data.js +267 -268
- package/dist/api-handlers/auth/refresh.js +633 -635
- package/dist/api-handlers/auth/signout.js +186 -187
- package/dist/api-handlers/auth/status.js +4 -7
- package/dist/api-handlers/auth/update-session.d.ts +1 -1
- package/dist/api-handlers/auth/update-session.js +12 -14
- package/dist/api-handlers/auth/verify-code.d.ts +43 -43
- package/dist/api-handlers/auth/verify-code.js +90 -94
- package/dist/api-handlers/session/viability.js +114 -146
- package/dist/api-handlers/test/force-expire.js +59 -65
- package/dist/auth/auth-decision.js +182 -182
- package/dist/auth/better-auth.d.ts +3 -6
- package/dist/auth/better-auth.js +3 -6
- package/dist/auth/route-config.js +2 -2
- package/dist/auth/utils/token-utils.d.ts +83 -84
- package/dist/auth/utils/token-utils.js +218 -219
- package/dist/client/AuthContext.js +115 -112
- package/dist/client/better-auth-client.d.ts +1020 -961
- package/dist/client/better-auth-client.js +54 -7
- package/dist/client/fetch-with-auth.js +2 -2
- package/dist/components/SessionSync.js +121 -119
- package/dist/components/account/MobileNavDrawer.js +64 -64
- package/dist/components/account/UserAvatarMenu.js +91 -88
- package/dist/components/admin/VibeAdminLayout.js +71 -69
- package/dist/hooks/useAuth.js +9 -7
- package/dist/hooks/useAuthSettings.js +93 -93
- package/dist/hooks/useAvailableProviders.d.ts +43 -45
- package/dist/hooks/useAvailableProviders.js +112 -108
- package/dist/hooks/useSessionExpiration.d.ts +2 -3
- package/dist/hooks/useSessionExpiration.js +2 -2
- package/dist/hooks/useViabilitySession.js +3 -2
- package/dist/index.js +4 -6
- package/dist/lib/app-slug.d.ts +95 -95
- package/dist/lib/app-slug.js +172 -172
- package/dist/lib/standardized-client-api.js +10 -5
- package/dist/lib/startup-init.js +21 -25
- package/dist/lib/test-aware-get-token.js +86 -81
- package/dist/lib/token-lifecycle.d.ts +78 -52
- package/dist/lib/token-lifecycle.js +360 -398
- package/dist/pages/admin-login/page.js +73 -83
- package/dist/pages/client-admin/ClientSiteAdminPage.js +179 -177
- package/dist/pages/login/page.js +202 -211
- package/dist/pages/showcase/ShowcasePage.js +142 -140
- package/dist/pages/test-env/EmergencyLogoutPage.js +99 -98
- package/dist/pages/test-env/JwtInspectPage.js +116 -114
- package/dist/pages/test-env/RefreshTokenPage.js +4 -2
- package/dist/pages/test-env/TestEnvPage.js +51 -49
- package/dist/pages/verify-code/page.js +412 -408
- package/dist/routes/auth/logout.d.ts +31 -31
- package/dist/routes/auth/logout.js +98 -113
- package/dist/routes/auth/nextauth.d.ts +14 -11
- package/dist/routes/auth/nextauth.js +25 -57
- package/dist/routes/auth/session.js +157 -179
- package/dist/routes/auth/viability.js +190 -201
- package/dist/server/auth.d.ts +50 -0
- package/dist/server/auth.js +62 -0
- package/dist/stores/authStore.js +19 -23
- package/dist/utils/logout.js +5 -5
- package/package.json +1 -3
- package/src/api/auth-handler.ts +550 -549
- package/src/api-handlers/account/change-password.ts +5 -8
- package/src/api-handlers/admin/analytics.ts +4 -6
- package/src/api-handlers/admin/audit.ts +5 -7
- package/src/api-handlers/admin/index.ts +1 -2
- package/src/api-handlers/admin/redis-sessions.ts +6 -8
- package/src/api-handlers/admin/sessions.ts +5 -7
- package/src/api-handlers/admin/site-logs.ts +8 -10
- package/src/api-handlers/admin/stats.ts +4 -6
- package/src/api-handlers/admin/users.ts +5 -7
- package/src/api-handlers/admin/vibe-data.ts +10 -12
- package/src/api-handlers/auth/refresh.ts +5 -7
- package/src/api-handlers/auth/signout.ts +5 -6
- package/src/api-handlers/auth/status.ts +4 -7
- package/src/api-handlers/auth/update-session.ts +123 -125
- package/src/api-handlers/auth/verify-code.ts +9 -13
- package/src/api-handlers/session/viability.ts +10 -47
- package/src/api-handlers/test/force-expire.ts +4 -11
- package/src/auth/auth-decision.ts +1 -1
- package/src/auth/better-auth.ts +138 -141
- package/src/auth/route-config.ts +219 -219
- package/src/auth/utils/token-utils.ts +0 -1
- package/src/client/AuthContext.tsx +6 -2
- package/src/client/better-auth-client.ts +54 -7
- package/src/client/fetch-with-auth.ts +47 -47
- package/src/components/SessionSync.tsx +6 -5
- package/src/components/account/MobileNavDrawer.tsx +3 -3
- package/src/components/account/UserAvatarMenu.tsx +6 -3
- package/src/components/admin/VibeAdminLayout.tsx +4 -2
- package/src/config/logger.ts +1 -1
- package/src/hooks/useAuth.ts +117 -115
- package/src/hooks/useAuthSettings.ts +2 -2
- package/src/hooks/useAvailableProviders.ts +9 -5
- package/src/hooks/useSessionExpiration.ts +101 -102
- package/src/hooks/useViabilitySession.ts +336 -335
- package/src/index.ts +60 -63
- package/src/lib/api-handler.ts +0 -1
- package/src/lib/app-slug.ts +6 -6
- package/src/lib/standardized-client-api.ts +901 -895
- package/src/lib/startup-init.ts +243 -247
- package/src/lib/test-aware-get-token.ts +22 -12
- package/src/lib/token-lifecycle.ts +12 -53
- package/src/pages/admin-login/page.tsx +9 -17
- package/src/pages/client-admin/ClientSiteAdminPage.tsx +4 -2
- package/src/pages/login/page.tsx +21 -28
- package/src/pages/showcase/ShowcasePage.tsx +4 -2
- package/src/pages/test-env/EmergencyLogoutPage.tsx +7 -6
- package/src/pages/test-env/JwtInspectPage.tsx +5 -3
- package/src/pages/test-env/RefreshTokenPage.tsx +157 -155
- package/src/pages/test-env/TestEnvPage.tsx +4 -2
- package/src/pages/verify-code/page.tsx +10 -6
- package/src/routes/auth/logout.ts +7 -25
- package/src/routes/auth/nextauth.ts +45 -71
- package/src/routes/auth/session.ts +25 -50
- package/src/routes/auth/viability.ts +7 -19
- package/src/server/auth.ts +60 -0
- package/src/stores/authStore.ts +1899 -1904
- package/src/utils/logout.ts +30 -30
- package/src/auth/auth-options.ts +0 -237
- package/src/auth/callbacks/index.ts +0 -7
- package/src/auth/callbacks/jwt.ts +0 -382
- package/src/auth/callbacks/session.ts +0 -243
- package/src/auth/callbacks/signin.ts +0 -56
- package/src/auth/events/index.ts +0 -5
- package/src/auth/events/signout.ts +0 -33
- package/src/auth/providers/credentials.ts +0 -256
- package/src/auth/providers/index.ts +0 -6
- package/src/auth/providers/oauth.ts +0 -114
- package/src/lib/nextauth-secret.ts +0 -121
- package/src/types/next-auth.d.ts +0 -15
|
@@ -13,9 +13,8 @@
|
|
|
13
13
|
* @since auth-ready-v2
|
|
14
14
|
*/
|
|
15
15
|
import { NextRequest, NextResponse } from 'next/server';
|
|
16
|
-
import { JWT } from 'next-auth/jwt';
|
|
17
16
|
export interface AuthContext {
|
|
18
|
-
token:
|
|
17
|
+
token: any;
|
|
19
18
|
accessToken: string;
|
|
20
19
|
userId: string;
|
|
21
20
|
sessionToken: string;
|
package/dist/api/auth-handler.js
CHANGED
|
@@ -16,10 +16,9 @@
|
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
17
|
exports.createAuthHandler = createAuthHandler;
|
|
18
18
|
const server_1 = require("next/server");
|
|
19
|
-
const
|
|
19
|
+
const auth_1 = require("../server/auth");
|
|
20
20
|
const nanoid_1 = require("nanoid");
|
|
21
21
|
const session_store_1 = require("../lib/session-store");
|
|
22
|
-
const app_slug_1 = require("../lib/app-slug");
|
|
23
22
|
/**
|
|
24
23
|
* Creates an auth-aware handler with automatic token refresh
|
|
25
24
|
*
|
|
@@ -262,14 +261,15 @@ function createAuthHandler(options = {}) {
|
|
|
262
261
|
return {
|
|
263
262
|
handle: (handler) => {
|
|
264
263
|
return async (req, context = {}) => {
|
|
265
|
-
// Extract
|
|
266
|
-
const
|
|
264
|
+
// Extract session from Better Auth
|
|
265
|
+
const betterAuthSession = await (0, auth_1.getSession)(req);
|
|
266
|
+
const token = betterAuthSession ? { ...betterAuthSession.user, ...betterAuthSession.session } : null;
|
|
267
267
|
// Check if auth is required
|
|
268
|
-
if (requireAuth && !
|
|
268
|
+
if (requireAuth && !betterAuthSession) {
|
|
269
269
|
return server_1.NextResponse.json({ error: 'Authentication required', code: 'UNAUTHORIZED' }, { status: 401 });
|
|
270
270
|
}
|
|
271
|
-
// If no
|
|
272
|
-
if (!
|
|
271
|
+
// If no session and auth not required, call handler without auth context
|
|
272
|
+
if (!betterAuthSession) {
|
|
273
273
|
return handler(req, context, null);
|
|
274
274
|
}
|
|
275
275
|
// Validate client_slug (token confusion attack prevention)
|
|
@@ -305,8 +305,8 @@ function createAuthHandler(options = {}) {
|
|
|
305
305
|
let authContext = {
|
|
306
306
|
token,
|
|
307
307
|
accessToken: token.accessToken || '',
|
|
308
|
-
userId:
|
|
309
|
-
sessionToken: token
|
|
308
|
+
userId: betterAuthSession.user?.id || token.userId || '',
|
|
309
|
+
sessionToken: betterAuthSession.session?.token || '',
|
|
310
310
|
refreshToken: token.refreshToken,
|
|
311
311
|
};
|
|
312
312
|
// Check if token needs refresh
|
|
@@ -1,112 +1,110 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.POST = POST;
|
|
4
|
-
const server_1 = require("next/server");
|
|
5
|
-
const
|
|
6
|
-
const session_store_1 = require("../../lib/session-store");
|
|
7
|
-
const
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
}
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
'
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
}
|
|
112
|
-
}
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.POST = POST;
|
|
4
|
+
const server_1 = require("next/server");
|
|
5
|
+
const auth_1 = require("../../server/auth");
|
|
6
|
+
const session_store_1 = require("../../lib/session-store");
|
|
7
|
+
const nanoid_1 = require("nanoid");
|
|
8
|
+
// ...
|
|
9
|
+
async function POST(req) {
|
|
10
|
+
const requestId = (0, nanoid_1.nanoid)();
|
|
11
|
+
try {
|
|
12
|
+
// Get session from Better Auth
|
|
13
|
+
const betterAuthSession = await (0, auth_1.getSession)(req);
|
|
14
|
+
const sessionToken = betterAuthSession?.session?.token;
|
|
15
|
+
if (!betterAuthSession || typeof sessionToken !== 'string') {
|
|
16
|
+
return server_1.NextResponse.json({ success: false, message: 'Unauthorized' }, { status: 401 });
|
|
17
|
+
}
|
|
18
|
+
const sessionData = await (0, session_store_1.getSession)(sessionToken);
|
|
19
|
+
// NOTE: Field is idpAccessToken (not accessToken) per normalized naming convention
|
|
20
|
+
if (!sessionData?.idpAccessToken) {
|
|
21
|
+
return server_1.NextResponse.json({
|
|
22
|
+
success: false,
|
|
23
|
+
message: 'Authentication required - no access token available',
|
|
24
|
+
error_code: 'UNAUTHORIZED',
|
|
25
|
+
request_id: requestId,
|
|
26
|
+
}, { status: 401 });
|
|
27
|
+
}
|
|
28
|
+
const body = await req.json();
|
|
29
|
+
const { current_password, new_password, confirm_password } = body;
|
|
30
|
+
// Validate input
|
|
31
|
+
if (!current_password || !new_password || !confirm_password) {
|
|
32
|
+
return server_1.NextResponse.json({
|
|
33
|
+
success: false,
|
|
34
|
+
message: 'Current password, new password, and confirmation are required',
|
|
35
|
+
error_code: 'VALIDATION_ERROR',
|
|
36
|
+
request_id: requestId,
|
|
37
|
+
}, { status: 400 });
|
|
38
|
+
}
|
|
39
|
+
if (new_password !== confirm_password) {
|
|
40
|
+
return server_1.NextResponse.json({
|
|
41
|
+
success: false,
|
|
42
|
+
message: 'New password and confirmation do not match',
|
|
43
|
+
error_code: 'VALIDATION_ERROR',
|
|
44
|
+
request_id: requestId,
|
|
45
|
+
}, { status: 400 });
|
|
46
|
+
}
|
|
47
|
+
// Get IDP base URL from environment
|
|
48
|
+
const idpBaseUrl = process.env.IDP_URL;
|
|
49
|
+
if (!idpBaseUrl) {
|
|
50
|
+
console.error('[CHANGE_PASSWORD] IDP_URL not configured');
|
|
51
|
+
return server_1.NextResponse.json({
|
|
52
|
+
success: false,
|
|
53
|
+
message: 'Service configuration error',
|
|
54
|
+
error_code: 'CONFIGURATION_ERROR',
|
|
55
|
+
request_id: requestId,
|
|
56
|
+
}, { status: 500 });
|
|
57
|
+
}
|
|
58
|
+
// Proxy request to IDP
|
|
59
|
+
const idpUrl = `${idpBaseUrl}/api/Account/change-password`;
|
|
60
|
+
const idpResponse = await fetch(idpUrl, {
|
|
61
|
+
method: 'POST',
|
|
62
|
+
headers: {
|
|
63
|
+
'Content-Type': 'application/json',
|
|
64
|
+
'Authorization': `Bearer ${sessionData.idpAccessToken}`,
|
|
65
|
+
'x-request-id': requestId,
|
|
66
|
+
},
|
|
67
|
+
body: JSON.stringify({
|
|
68
|
+
current_password,
|
|
69
|
+
new_password,
|
|
70
|
+
confirm_password,
|
|
71
|
+
}),
|
|
72
|
+
});
|
|
73
|
+
const responseData = await idpResponse.json().catch(() => ({}));
|
|
74
|
+
if (!idpResponse.ok) {
|
|
75
|
+
// Extract error message from IDP response
|
|
76
|
+
let errorMessage = 'Failed to change password';
|
|
77
|
+
if (responseData.message) {
|
|
78
|
+
errorMessage = responseData.message;
|
|
79
|
+
}
|
|
80
|
+
else if (responseData.details?.value && Array.isArray(responseData.details.value) && responseData.details.value.length > 0) {
|
|
81
|
+
errorMessage = responseData.details.value[0].message || errorMessage;
|
|
82
|
+
}
|
|
83
|
+
else if (responseData.details?.message) {
|
|
84
|
+
errorMessage = responseData.details.message;
|
|
85
|
+
}
|
|
86
|
+
return server_1.NextResponse.json({
|
|
87
|
+
success: false,
|
|
88
|
+
message: errorMessage,
|
|
89
|
+
error_code: responseData.error_code || 'CHANGE_PASSWORD_FAILED',
|
|
90
|
+
request_id: requestId,
|
|
91
|
+
details: responseData.details,
|
|
92
|
+
}, { status: idpResponse.status });
|
|
93
|
+
}
|
|
94
|
+
return server_1.NextResponse.json({
|
|
95
|
+
success: true,
|
|
96
|
+
message: responseData.message || 'Password changed successfully',
|
|
97
|
+
request_id: requestId,
|
|
98
|
+
});
|
|
99
|
+
}
|
|
100
|
+
catch (error) {
|
|
101
|
+
console.error('[CHANGE_PASSWORD] Error:', error);
|
|
102
|
+
const requestId = req.headers.get('x-request-id') ?? crypto.randomUUID();
|
|
103
|
+
return server_1.NextResponse.json({
|
|
104
|
+
success: false,
|
|
105
|
+
message: error instanceof Error ? error.message : 'Failed to change password',
|
|
106
|
+
error_code: 'INTERNAL_ERROR',
|
|
107
|
+
request_id: requestId,
|
|
108
|
+
}, { status: 500 });
|
|
109
|
+
}
|
|
110
|
+
}
|
|
@@ -1,20 +1,19 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Admin Analytics API Handler
|
|
3
|
-
*
|
|
4
|
-
* Provides admin-level analytics data using service account credentials.
|
|
5
|
-
* Supports: geo stats, login stats, revenue stats, feature usage.
|
|
6
|
-
*
|
|
7
|
-
* @version 1.0
|
|
8
|
-
* @requires Admin role (vibe_app_admin or payez_admin)
|
|
9
|
-
*/
|
|
10
|
-
import { NextRequest, NextResponse } from 'next/server';
|
|
11
|
-
export interface AdminAnalyticsHandlerConfig {
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
*
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
};
|
|
1
|
+
/**
|
|
2
|
+
* Admin Analytics API Handler
|
|
3
|
+
*
|
|
4
|
+
* Provides admin-level analytics data using service account credentials.
|
|
5
|
+
* Supports: geo stats, login stats, revenue stats, feature usage.
|
|
6
|
+
*
|
|
7
|
+
* @version 1.0
|
|
8
|
+
* @requires Admin role (vibe_app_admin or payez_admin)
|
|
9
|
+
*/
|
|
10
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
11
|
+
export interface AdminAnalyticsHandlerConfig {
|
|
12
|
+
}
|
|
13
|
+
/**
|
|
14
|
+
* POST /api/admin/analytics
|
|
15
|
+
* Body: { type: 'geo' | 'logins' | 'revenue' | 'features', period?: string }
|
|
16
|
+
*/
|
|
17
|
+
export declare function createAnalyticsHandler(config: AdminAnalyticsHandlerConfig): {
|
|
18
|
+
POST(request: NextRequest): Promise<NextResponse<unknown>>;
|
|
19
|
+
};
|