npm - @payez/next-mvp - Versions diffs - 3.9.1 → 4.0.1 - Mend

@payez/next-mvp 3.9.1 → 4.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (526) hide show

package/package.json +6 -18
package/src/api/auth-handler.ts +550 -549
package/src/api-handlers/account/change-password.ts +5 -8
package/src/api-handlers/admin/analytics.ts +4 -6
package/src/api-handlers/admin/audit.ts +5 -7
package/src/api-handlers/admin/index.ts +1 -2
package/src/api-handlers/admin/redis-sessions.ts +6 -8
package/src/api-handlers/admin/sessions.ts +5 -7
package/src/api-handlers/admin/site-logs.ts +8 -10
package/src/api-handlers/admin/stats.ts +4 -6
package/src/api-handlers/admin/users.ts +5 -7
package/src/api-handlers/admin/vibe-data.ts +10 -12
package/src/api-handlers/auth/refresh.ts +5 -7
package/src/api-handlers/auth/signout.ts +5 -6
package/src/api-handlers/auth/status.ts +4 -7
package/src/api-handlers/auth/update-session.ts +123 -125
package/src/api-handlers/auth/verify-code.ts +9 -13
package/src/api-handlers/session/viability.ts +10 -47
package/src/api-handlers/test/force-expire.ts +4 -11
package/src/auth/auth-decision.ts +1 -1
package/src/auth/better-auth.ts +138 -141
package/src/auth/route-config.ts +219 -219
package/src/auth/utils/token-utils.ts +0 -1
package/src/client/AuthContext.tsx +6 -2
package/src/client/fetch-with-auth.ts +47 -47
package/src/components/SessionSync.tsx +6 -5
package/src/components/account/MobileNavDrawer.tsx +3 -3
package/src/components/account/UserAvatarMenu.tsx +6 -3
package/src/components/admin/VibeAdminLayout.tsx +4 -2
package/src/config/logger.ts +1 -1
package/src/hooks/useAuth.ts +117 -115
package/src/hooks/useAuthSettings.ts +2 -2
package/src/hooks/useAvailableProviders.ts +9 -5
package/src/hooks/useSessionExpiration.ts +101 -102
package/src/hooks/useViabilitySession.ts +336 -335
package/src/index.ts +60 -63
package/src/lib/api-handler.ts +0 -1
package/src/lib/app-slug.ts +6 -6
package/src/lib/standardized-client-api.ts +901 -895
package/src/lib/startup-init.ts +243 -247
package/src/lib/test-aware-get-token.ts +22 -12
package/src/lib/token-lifecycle.ts +12 -53
package/src/pages/admin-login/page.tsx +9 -17
package/src/pages/client-admin/ClientSiteAdminPage.tsx +4 -2
package/src/pages/login/page.tsx +21 -28
package/src/pages/showcase/ShowcasePage.tsx +4 -2
package/src/pages/test-env/EmergencyLogoutPage.tsx +7 -6
package/src/pages/test-env/JwtInspectPage.tsx +5 -3
package/src/pages/test-env/RefreshTokenPage.tsx +157 -155
package/src/pages/test-env/TestEnvPage.tsx +4 -2
package/src/pages/verify-code/page.tsx +10 -6
package/src/routes/auth/logout.ts +7 -25
package/src/routes/auth/nextauth.ts +45 -71
package/src/routes/auth/session.ts +25 -50
package/src/routes/auth/viability.ts +7 -19
package/src/server/auth.ts +60 -0
package/src/stores/authStore.ts +1899 -1904
package/src/utils/logout.ts +30 -30
package/dist/api/auth-handler.d.ts +0 -67
package/dist/api/auth-handler.js +0 -397
package/dist/api/index.d.ts +0 -10
package/dist/api/index.js +0 -19
package/dist/api-handlers/account/change-password.d.ts +0 -9
package/dist/api-handlers/account/change-password.js +0 -112
package/dist/api-handlers/account/masked-info.d.ts +0 -2
package/dist/api-handlers/account/masked-info.js +0 -41
package/dist/api-handlers/account/profile.d.ts +0 -3
package/dist/api-handlers/account/profile.js +0 -63
package/dist/api-handlers/account/recovery/initiate.d.ts +0 -2
package/dist/api-handlers/account/recovery/initiate.js +0 -26
package/dist/api-handlers/account/recovery/send-code.d.ts +0 -2
package/dist/api-handlers/account/recovery/send-code.js +0 -28
package/dist/api-handlers/account/recovery/verify-code.d.ts +0 -2
package/dist/api-handlers/account/recovery/verify-code.js +0 -28
package/dist/api-handlers/account/reset-password.d.ts +0 -2
package/dist/api-handlers/account/reset-password.js +0 -26
package/dist/api-handlers/account/send-code.d.ts +0 -24
package/dist/api-handlers/account/send-code.js +0 -60
package/dist/api-handlers/account/update-phone.d.ts +0 -27
package/dist/api-handlers/account/update-phone.js +0 -64
package/dist/api-handlers/account/validate-password.d.ts +0 -17
package/dist/api-handlers/account/validate-password.js +0 -81
package/dist/api-handlers/account/verify-email.d.ts +0 -26
package/dist/api-handlers/account/verify-email.js +0 -106
package/dist/api-handlers/account/verify-sms.d.ts +0 -26
package/dist/api-handlers/account/verify-sms.js +0 -106
package/dist/api-handlers/admin/analytics.d.ts +0 -20
package/dist/api-handlers/admin/analytics.js +0 -379
package/dist/api-handlers/admin/audit.d.ts +0 -20
package/dist/api-handlers/admin/audit.js +0 -214
package/dist/api-handlers/admin/index.d.ts +0 -22
package/dist/api-handlers/admin/index.js +0 -43
package/dist/api-handlers/admin/redis-sessions.d.ts +0 -36
package/dist/api-handlers/admin/redis-sessions.js +0 -204
package/dist/api-handlers/admin/sessions.d.ts +0 -21
package/dist/api-handlers/admin/sessions.js +0 -284
package/dist/api-handlers/admin/site-logs.d.ts +0 -46
package/dist/api-handlers/admin/site-logs.js +0 -318
package/dist/api-handlers/admin/stats.d.ts +0 -21
package/dist/api-handlers/admin/stats.js +0 -240
package/dist/api-handlers/admin/users.d.ts +0 -20
package/dist/api-handlers/admin/users.js +0 -222
package/dist/api-handlers/admin/vibe-data.d.ts +0 -80
package/dist/api-handlers/admin/vibe-data.js +0 -268
package/dist/api-handlers/anon/preferences.d.ts +0 -37
package/dist/api-handlers/anon/preferences.js +0 -96
package/dist/api-handlers/auth/jwks.d.ts +0 -2
package/dist/api-handlers/auth/jwks.js +0 -24
package/dist/api-handlers/auth/login.d.ts +0 -42
package/dist/api-handlers/auth/login.js +0 -178
package/dist/api-handlers/auth/refresh.d.ts +0 -74
package/dist/api-handlers/auth/refresh.js +0 -635
package/dist/api-handlers/auth/signout.d.ts +0 -37
package/dist/api-handlers/auth/signout.js +0 -187
package/dist/api-handlers/auth/status.d.ts +0 -8
package/dist/api-handlers/auth/status.js +0 -26
package/dist/api-handlers/auth/update-session.d.ts +0 -37
package/dist/api-handlers/auth/update-session.js +0 -95
package/dist/api-handlers/auth/validate.d.ts +0 -6
package/dist/api-handlers/auth/validate.js +0 -43
package/dist/api-handlers/auth/verify-code.d.ts +0 -43
package/dist/api-handlers/auth/verify-code.js +0 -94
package/dist/api-handlers/session/refresh-viability.d.ts +0 -14
package/dist/api-handlers/session/refresh-viability.js +0 -39
package/dist/api-handlers/session/viability.d.ts +0 -13
package/dist/api-handlers/session/viability.js +0 -146
package/dist/api-handlers/test/force-expire.d.ts +0 -23
package/dist/api-handlers/test/force-expire.js +0 -65
package/dist/auth/auth-decision.d.ts +0 -39
package/dist/auth/auth-decision.js +0 -182
package/dist/auth/auth-options.d.ts +0 -57
package/dist/auth/auth-options.js +0 -213
package/dist/auth/better-auth.d.ts +0 -82
package/dist/auth/better-auth.js +0 -122
package/dist/auth/callbacks/index.d.ts +0 -6
package/dist/auth/callbacks/index.js +0 -12
package/dist/auth/callbacks/jwt.d.ts +0 -45
package/dist/auth/callbacks/jwt.js +0 -305
package/dist/auth/callbacks/session.d.ts +0 -60
package/dist/auth/callbacks/session.js +0 -170
package/dist/auth/callbacks/signin.d.ts +0 -23
package/dist/auth/callbacks/signin.js +0 -44
package/dist/auth/events/index.d.ts +0 -4
package/dist/auth/events/index.js +0 -8
package/dist/auth/events/signout.d.ts +0 -17
package/dist/auth/events/signout.js +0 -32
package/dist/auth/providers/credentials.d.ts +0 -32
package/dist/auth/providers/credentials.js +0 -223
package/dist/auth/providers/index.d.ts +0 -5
package/dist/auth/providers/index.js +0 -21
package/dist/auth/providers/oauth.d.ts +0 -26
package/dist/auth/providers/oauth.js +0 -105
package/dist/auth/route-config.d.ts +0 -66
package/dist/auth/route-config.js +0 -190
package/dist/auth/types/auth-types.d.ts +0 -417
package/dist/auth/types/auth-types.js +0 -53
package/dist/auth/types/index.d.ts +0 -6
package/dist/auth/types/index.js +0 -22
package/dist/auth/unauthenticated-routes.d.ts +0 -1
package/dist/auth/unauthenticated-routes.js +0 -19
package/dist/auth/utils/idp-client.d.ts +0 -94
package/dist/auth/utils/idp-client.js +0 -384
package/dist/auth/utils/index.d.ts +0 -5
package/dist/auth/utils/index.js +0 -21
package/dist/auth/utils/token-utils.d.ts +0 -84
package/dist/auth/utils/token-utils.js +0 -219
package/dist/client/AuthContext.d.ts +0 -19
package/dist/client/AuthContext.js +0 -112
package/dist/client/better-auth-client.d.ts +0 -1020
package/dist/client/better-auth-client.js +0 -68
package/dist/client/fetch-with-auth.d.ts +0 -11
package/dist/client/fetch-with-auth.js +0 -44
package/dist/client/fetchWithSession.d.ts +0 -3
package/dist/client/fetchWithSession.js +0 -24
package/dist/client/index.d.ts +0 -9
package/dist/client/index.js +0 -20
package/dist/client/useAnonSession.d.ts +0 -36
package/dist/client/useAnonSession.js +0 -99
package/dist/components/SessionSync.d.ts +0 -13
package/dist/components/SessionSync.js +0 -119
package/dist/components/SignalRHealthCheck.d.ts +0 -10
package/dist/components/SignalRHealthCheck.js +0 -97
package/dist/components/account/MobileNavDrawer.d.ts +0 -32
package/dist/components/account/MobileNavDrawer.js +0 -81
package/dist/components/account/UserAvatarMenu.d.ts +0 -20
package/dist/components/account/UserAvatarMenu.js +0 -88
package/dist/components/account/index.d.ts +0 -9
package/dist/components/account/index.js +0 -13
package/dist/components/admin/AlertSettingsTab.d.ts +0 -48
package/dist/components/admin/AlertSettingsTab.js +0 -351
package/dist/components/admin/AnalyticsTab.d.ts +0 -22
package/dist/components/admin/AnalyticsTab.js +0 -167
package/dist/components/admin/DataBrowserTab.d.ts +0 -19
package/dist/components/admin/DataBrowserTab.js +0 -252
package/dist/components/admin/LoggingSettingsTab.d.ts +0 -73
package/dist/components/admin/LoggingSettingsTab.js +0 -339
package/dist/components/admin/SessionsTab.d.ts +0 -37
package/dist/components/admin/SessionsTab.js +0 -165
package/dist/components/admin/StatsTab.d.ts +0 -53
package/dist/components/admin/StatsTab.js +0 -161
package/dist/components/admin/VibeAdminContext.d.ts +0 -32
package/dist/components/admin/VibeAdminContext.js +0 -38
package/dist/components/admin/VibeAdminLayout.d.ts +0 -11
package/dist/components/admin/VibeAdminLayout.js +0 -69
package/dist/components/admin/index.d.ts +0 -29
package/dist/components/admin/index.js +0 -44
package/dist/components/auth/FederatedAuthSection.d.ts +0 -8
package/dist/components/auth/FederatedAuthSection.js +0 -45
package/dist/components/auth/ModeAwareLoginPage.d.ts +0 -10
package/dist/components/auth/ModeAwareLoginPage.js +0 -42
package/dist/components/auth/ModeAwareSignupPage.d.ts +0 -9
package/dist/components/auth/ModeAwareSignupPage.js +0 -78
package/dist/components/auth/TraditionalAuthSection.d.ts +0 -14
package/dist/components/auth/TraditionalAuthSection.js +0 -20
package/dist/components/recovery/CompleteStep.d.ts +0 -5
package/dist/components/recovery/CompleteStep.js +0 -8
package/dist/components/recovery/InitiateRecoveryStep.d.ts +0 -8
package/dist/components/recovery/InitiateRecoveryStep.js +0 -20
package/dist/components/recovery/SelectMethodStep.d.ts +0 -8
package/dist/components/recovery/SelectMethodStep.js +0 -8
package/dist/components/recovery/SetPasswordStep.d.ts +0 -6
package/dist/components/recovery/SetPasswordStep.js +0 -20
package/dist/components/recovery/VerifyCodeStep.d.ts +0 -10
package/dist/components/recovery/VerifyCodeStep.js +0 -24
package/dist/components/reserved/ReservedRecoveryWarning.d.ts +0 -38
package/dist/components/reserved/ReservedRecoveryWarning.js +0 -92
package/dist/components/reserved/ReservedStatusBox.d.ts +0 -30
package/dist/components/reserved/ReservedStatusBox.js +0 -71
package/dist/components/ui/BetaBadge.d.ts +0 -29
package/dist/components/ui/BetaBadge.js +0 -38
package/dist/components/ui/Footer.d.ts +0 -37
package/dist/components/ui/Footer.js +0 -41
package/dist/config/env.d.ts +0 -66
package/dist/config/env.js +0 -57
package/dist/config/logger.d.ts +0 -57
package/dist/config/logger.js +0 -73
package/dist/config/logging-config.d.ts +0 -30
package/dist/config/logging-config.js +0 -122
package/dist/config/unauthenticated-routes.d.ts +0 -17
package/dist/config/unauthenticated-routes.js +0 -24
package/dist/config/vibe-log-transport.d.ts +0 -81
package/dist/config/vibe-log-transport.js +0 -212
package/dist/edge/internal-api-url.d.ts +0 -53
package/dist/edge/internal-api-url.js +0 -63
package/dist/edge/middleware.d.ts +0 -14
package/dist/edge/middleware.js +0 -32
package/dist/hooks/useAuth.d.ts +0 -23
package/dist/hooks/useAuth.js +0 -81
package/dist/hooks/useAuthSettings.d.ts +0 -59
package/dist/hooks/useAuthSettings.js +0 -93
package/dist/hooks/useAvailableProviders.d.ts +0 -45
package/dist/hooks/useAvailableProviders.js +0 -108
package/dist/hooks/usePasswordValidation.d.ts +0 -27
package/dist/hooks/usePasswordValidation.js +0 -102
package/dist/hooks/useProfile.d.ts +0 -15
package/dist/hooks/useProfile.js +0 -59
package/dist/hooks/usePublicAuthSettings.d.ts +0 -56
package/dist/hooks/usePublicAuthSettings.js +0 -131
package/dist/hooks/useSessionExpiration.d.ts +0 -57
package/dist/hooks/useSessionExpiration.js +0 -72
package/dist/hooks/useViabilitySession.d.ts +0 -75
package/dist/hooks/useViabilitySession.js +0 -268
package/dist/index.d.ts +0 -12
package/dist/index.js +0 -55
package/dist/lib/anon-session.d.ts +0 -74
package/dist/lib/anon-session.js +0 -169
package/dist/lib/api-handler.d.ts +0 -123
package/dist/lib/api-handler.js +0 -478
package/dist/lib/app-slug.d.ts +0 -95
package/dist/lib/app-slug.js +0 -172
package/dist/lib/demo-mode.d.ts +0 -6
package/dist/lib/demo-mode.js +0 -16
package/dist/lib/geolocation.d.ts +0 -64
package/dist/lib/geolocation.js +0 -235
package/dist/lib/idp-client-config.d.ts +0 -75
package/dist/lib/idp-client-config.js +0 -425
package/dist/lib/idp-fetch.d.ts +0 -14
package/dist/lib/idp-fetch.js +0 -91
package/dist/lib/internal-api.d.ts +0 -87
package/dist/lib/internal-api.js +0 -122
package/dist/lib/jwt-decode-client.d.ts +0 -10
package/dist/lib/jwt-decode-client.js +0 -46
package/dist/lib/jwt-decode.d.ts +0 -48
package/dist/lib/jwt-decode.js +0 -57
package/dist/lib/nextauth-secret.d.ts +0 -10
package/dist/lib/nextauth-secret.js +0 -100
package/dist/lib/rate-limit-service.d.ts +0 -23
package/dist/lib/rate-limit-service.js +0 -6
package/dist/lib/redis.d.ts +0 -5
package/dist/lib/redis.js +0 -28
package/dist/lib/refresh-token-validator.d.ts +0 -13
package/dist/lib/refresh-token-validator.js +0 -117
package/dist/lib/roles.d.ts +0 -145
package/dist/lib/roles.js +0 -168
package/dist/lib/secret-validation.d.ts +0 -4
package/dist/lib/secret-validation.js +0 -14
package/dist/lib/session-store.d.ts +0 -170
package/dist/lib/session-store.js +0 -545
package/dist/lib/session.d.ts +0 -21
package/dist/lib/session.js +0 -26
package/dist/lib/site-logger.d.ts +0 -214
package/dist/lib/site-logger.js +0 -210
package/dist/lib/standardized-client-api.d.ts +0 -161
package/dist/lib/standardized-client-api.js +0 -786
package/dist/lib/startup-init.d.ts +0 -40
package/dist/lib/startup-init.js +0 -261
package/dist/lib/test-aware-get-token.d.ts +0 -2
package/dist/lib/test-aware-get-token.js +0 -81
package/dist/lib/token-expiry.d.ts +0 -14
package/dist/lib/token-expiry.js +0 -39
package/dist/lib/token-lifecycle.d.ts +0 -52
package/dist/lib/token-lifecycle.js +0 -398
package/dist/lib/types/api-responses.d.ts +0 -128
package/dist/lib/types/api-responses.js +0 -171
package/dist/lib/user-agent-parser.d.ts +0 -50
package/dist/lib/user-agent-parser.js +0 -220
package/dist/logging/api/admin-analytics.d.ts +0 -3
package/dist/logging/api/admin-analytics.js +0 -45
package/dist/logging/api/audit-log.d.ts +0 -3
package/dist/logging/api/audit-log.js +0 -52
package/dist/logging/components/AdminAnalyticsLayout.d.ts +0 -10
package/dist/logging/components/AdminAnalyticsLayout.js +0 -11
package/dist/logging/components/AuditLogViewer.d.ts +0 -7
package/dist/logging/components/AuditLogViewer.js +0 -51
package/dist/logging/components/ErrorMetricsCard.d.ts +0 -7
package/dist/logging/components/ErrorMetricsCard.js +0 -16
package/dist/logging/components/HealthMetricsCard.d.ts +0 -7
package/dist/logging/components/HealthMetricsCard.js +0 -19
package/dist/logging/hooks/useAdminAnalytics.d.ts +0 -24
package/dist/logging/hooks/useAdminAnalytics.js +0 -22
package/dist/logging/hooks/useAuditLog.d.ts +0 -6
package/dist/logging/hooks/useAuditLog.js +0 -25
package/dist/logging/hooks/useErrorMetrics.d.ts +0 -6
package/dist/logging/hooks/useErrorMetrics.js +0 -38
package/dist/logging/hooks/useHealthMetrics.d.ts +0 -6
package/dist/logging/hooks/useHealthMetrics.js +0 -41
package/dist/logging/index.d.ts +0 -11
package/dist/logging/index.js +0 -40
package/dist/logging/types/analytics.d.ts +0 -68
package/dist/logging/types/analytics.js +0 -3
package/dist/logging/types/audit.d.ts +0 -29
package/dist/logging/types/audit.js +0 -2
package/dist/logging/types/index.d.ts +0 -2
package/dist/logging/types/index.js +0 -19
package/dist/middleware/auth-decision.d.ts +0 -33
package/dist/middleware/auth-decision.js +0 -65
package/dist/middleware/create-middleware.d.ts +0 -102
package/dist/middleware/create-middleware.js +0 -469
package/dist/middleware/rbac-check.d.ts +0 -51
package/dist/middleware/rbac-check.js +0 -219
package/dist/middleware/twofa-presets.d.ts +0 -134
package/dist/middleware/twofa-presets.js +0 -175
package/dist/models/DecodedAccessToken.d.ts +0 -17
package/dist/models/DecodedAccessToken.js +0 -2
package/dist/models/SessionModel.d.ts +0 -122
package/dist/models/SessionModel.js +0 -136
package/dist/pages/admin-login/page.d.ts +0 -31
package/dist/pages/admin-login/page.js +0 -83
package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.d.ts +0 -18
package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.js +0 -276
package/dist/pages/admin-page-permissions/index.d.ts +0 -6
package/dist/pages/admin-page-permissions/index.js +0 -13
package/dist/pages/admin-roles/RolesAdminPage.d.ts +0 -16
package/dist/pages/admin-roles/RolesAdminPage.js +0 -261
package/dist/pages/admin-roles/index.d.ts +0 -8
package/dist/pages/admin-roles/index.js +0 -15
package/dist/pages/admin-roles/modals.d.ts +0 -72
package/dist/pages/admin-roles/modals.js +0 -154
package/dist/pages/client-admin/ClientSiteAdminPage.d.ts +0 -79
package/dist/pages/client-admin/ClientSiteAdminPage.js +0 -177
package/dist/pages/client-admin/index.d.ts +0 -32
package/dist/pages/client-admin/index.js +0 -37
package/dist/pages/coming-soon/page.d.ts +0 -8
package/dist/pages/coming-soon/page.js +0 -28
package/dist/pages/login/page.d.ts +0 -22
package/dist/pages/login/page.js +0 -239
package/dist/pages/profile/EnhancedProfilePage.d.ts +0 -13
package/dist/pages/profile/EnhancedProfilePage.js +0 -150
package/dist/pages/profile/index.d.ts +0 -8
package/dist/pages/profile/index.js +0 -16
package/dist/pages/profile/page.d.ts +0 -19
package/dist/pages/profile/page.js +0 -47
package/dist/pages/profile/profile-patch.d.ts +0 -1
package/dist/pages/profile/profile-patch.js +0 -281
package/dist/pages/recovery/page.d.ts +0 -1
package/dist/pages/recovery/page.js +0 -142
package/dist/pages/roles/MyRolesPage.d.ts +0 -24
package/dist/pages/roles/MyRolesPage.js +0 -71
package/dist/pages/roles/components.d.ts +0 -63
package/dist/pages/roles/components.js +0 -108
package/dist/pages/roles/index.d.ts +0 -8
package/dist/pages/roles/index.js +0 -19
package/dist/pages/security/EnhancedSecurityPage.d.ts +0 -14
package/dist/pages/security/EnhancedSecurityPage.js +0 -248
package/dist/pages/security/index.d.ts +0 -8
package/dist/pages/security/index.js +0 -16
package/dist/pages/security/page.d.ts +0 -21
package/dist/pages/security/page.js +0 -212
package/dist/pages/security/security-patch.d.ts +0 -1
package/dist/pages/security/security-patch.js +0 -302
package/dist/pages/settings/EnhancedSettingsPage.d.ts +0 -46
package/dist/pages/settings/EnhancedSettingsPage.js +0 -231
package/dist/pages/settings/index.d.ts +0 -8
package/dist/pages/settings/index.js +0 -16
package/dist/pages/settings/page.d.ts +0 -7
package/dist/pages/settings/page.js +0 -26
package/dist/pages/showcase/ShowcasePage.d.ts +0 -13
package/dist/pages/showcase/ShowcasePage.js +0 -140
package/dist/pages/showcase/index.d.ts +0 -12
package/dist/pages/showcase/index.js +0 -17
package/dist/pages/test-env/EmergencyLogoutPage.d.ts +0 -14
package/dist/pages/test-env/EmergencyLogoutPage.js +0 -98
package/dist/pages/test-env/JwtInspectPage.d.ts +0 -14
package/dist/pages/test-env/JwtInspectPage.js +0 -114
package/dist/pages/test-env/RefreshTokenPage.d.ts +0 -15
package/dist/pages/test-env/RefreshTokenPage.js +0 -91
package/dist/pages/test-env/TestEnvPage.d.ts +0 -13
package/dist/pages/test-env/TestEnvPage.js +0 -49
package/dist/pages/test-env/index.d.ts +0 -24
package/dist/pages/test-env/index.js +0 -32
package/dist/pages/verify-code/page.d.ts +0 -30
package/dist/pages/verify-code/page.js +0 -408
package/dist/routes/account/index.d.ts +0 -28
package/dist/routes/account/index.js +0 -71
package/dist/routes/account/masked-info.d.ts +0 -33
package/dist/routes/account/masked-info.js +0 -39
package/dist/routes/account/send-code.d.ts +0 -37
package/dist/routes/account/send-code.js +0 -42
package/dist/routes/account/update-phone.d.ts +0 -13
package/dist/routes/account/update-phone.js +0 -17
package/dist/routes/account/verify-email.d.ts +0 -38
package/dist/routes/account/verify-email.js +0 -43
package/dist/routes/account/verify-sms.d.ts +0 -38
package/dist/routes/account/verify-sms.js +0 -43
package/dist/routes/auth/index.d.ts +0 -19
package/dist/routes/auth/index.js +0 -64
package/dist/routes/auth/logout.d.ts +0 -31
package/dist/routes/auth/logout.js +0 -113
package/dist/routes/auth/nextauth.d.ts +0 -19
package/dist/routes/auth/nextauth.js +0 -72
package/dist/routes/auth/refresh.d.ts +0 -30
package/dist/routes/auth/refresh.js +0 -51
package/dist/routes/auth/session.d.ts +0 -43
package/dist/routes/auth/session.js +0 -179
package/dist/routes/auth/settings.d.ts +0 -25
package/dist/routes/auth/settings.js +0 -55
package/dist/routes/auth/viability.d.ts +0 -52
package/dist/routes/auth/viability.js +0 -201
package/dist/routes/index.d.ts +0 -12
package/dist/routes/index.js +0 -54
package/dist/routes/session/index.d.ts +0 -6
package/dist/routes/session/index.js +0 -10
package/dist/routes/session/refresh-viability.d.ts +0 -16
package/dist/routes/session/refresh-viability.js +0 -20
package/dist/server/auth-guard.d.ts +0 -46
package/dist/server/auth-guard.js +0 -128
package/dist/server/decode-session.d.ts +0 -30
package/dist/server/decode-session.js +0 -78
package/dist/server/slim-middleware.d.ts +0 -23
package/dist/server/slim-middleware.js +0 -89
package/dist/server/with-auth.d.ts +0 -33
package/dist/server/with-auth.js +0 -59
package/dist/services/signalrActivityService.d.ts +0 -44
package/dist/services/signalrActivityService.js +0 -257
package/dist/stores/authStore.d.ts +0 -154
package/dist/stores/authStore.js +0 -1531
package/dist/theme/ThemeProvider.d.ts +0 -14
package/dist/theme/ThemeProvider.js +0 -28
package/dist/theme/default.d.ts +0 -8
package/dist/theme/default.js +0 -33
package/dist/theme/index.d.ts +0 -15
package/dist/theme/index.js +0 -25
package/dist/theme/types.d.ts +0 -56
package/dist/theme/types.js +0 -8
package/dist/theme/useTheme.d.ts +0 -60
package/dist/theme/useTheme.js +0 -63
package/dist/theme/utils.d.ts +0 -13
package/dist/theme/utils.js +0 -39
package/dist/types/api.d.ts +0 -134
package/dist/types/api.js +0 -44
package/dist/types/auth.d.ts +0 -19
package/dist/types/auth.js +0 -2
package/dist/types/logging.d.ts +0 -42
package/dist/types/logging.js +0 -2
package/dist/types/recovery.d.ts +0 -48
package/dist/types/recovery.js +0 -2
package/dist/types/security.d.ts +0 -1
package/dist/types/security.js +0 -2
package/dist/utils/api.d.ts +0 -85
package/dist/utils/api.js +0 -287
package/dist/utils/circuitBreaker.d.ts +0 -43
package/dist/utils/circuitBreaker.js +0 -91
package/dist/utils/error-message.d.ts +0 -1
package/dist/utils/error-message.js +0 -103
package/dist/utils/layout/reservedSpace.d.ts +0 -59
package/dist/utils/layout/reservedSpace.js +0 -102
package/dist/utils/logout.d.ts +0 -14
package/dist/utils/logout.js +0 -32
package/dist/vibe/client.d.ts +0 -261
package/dist/vibe/client.js +0 -445
package/dist/vibe/enterprise-auth.d.ts +0 -106
package/dist/vibe/enterprise-auth.js +0 -173
package/dist/vibe/errors.d.ts +0 -83
package/dist/vibe/errors.js +0 -146
package/dist/vibe/generic.d.ts +0 -234
package/dist/vibe/generic.js +0 -369
package/dist/vibe/hooks/index.d.ts +0 -169
package/dist/vibe/hooks/index.js +0 -252
package/dist/vibe/index.d.ts +0 -25
package/dist/vibe/index.js +0 -72
package/dist/vibe/sessions.d.ts +0 -161
package/dist/vibe/sessions.js +0 -391
package/dist/vibe/types.d.ts +0 -353
package/dist/vibe/types.js +0 -315
package/src/auth/auth-options.ts +0 -237
package/src/auth/callbacks/index.ts +0 -7
package/src/auth/callbacks/jwt.ts +0 -382
package/src/auth/callbacks/session.ts +0 -243
package/src/auth/callbacks/signin.ts +0 -56
package/src/auth/events/index.ts +0 -5
package/src/auth/events/signout.ts +0 -33
package/src/auth/providers/credentials.ts +0 -256
package/src/auth/providers/index.ts +0 -6
package/src/auth/providers/oauth.ts +0 -114
package/src/lib/nextauth-secret.ts +0 -121
package/src/types/next-auth.d.ts +0 -15

package/src/pages/test-env/RefreshTokenPage.tsx CHANGED Viewed

@@ -1,155 +1,157 @@
-"use client";
-import React, { useState, useEffect } from "react";
-import { useSession } from "next-auth/react";
-/**
- * Refresh Token Test Page
- *
- * Debug page for testing OAuth refresh token flow.
- * Shows current session state, allows manual refresh trigger,
- * and can force-expire tokens for testing.
- *
- * Usage:
- * ```typescript
- * // app/test-env/refresh-token/page.tsx
- * export { RefreshTokenPage as default } from '@payez/next-mvp/pages/test-env';
- * ```
- */
-export function RefreshTokenPage() {
-  const { data: session, update } = useSession();
-  const [result, setResult] = useState<any>(null);
-  const [loading, setLoading] = useState(false);
-  const [sessionDetails, setSessionDetails] = useState<any>(null);
-  // Fetch detailed session info on mount
-  useEffect(() => {
-    async function fetchSessionDetails() {
-      try {
-        const res = await fetch("/api/auth/session", { credentials: "include" });
-        const data = await res.json();
-        setSessionDetails(data);
-      } catch (e) {
-        console.error("Failed to fetch session details", e);
-      }
-    }
-    fetchSessionDetails();
-  }, [result]); // Refetch after refresh
-  async function handleRefresh() {
-    setLoading(true);
-    setResult(null);
-    try {
-      const res = await fetch("/api/auth/refresh", {
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        credentials: "include",
-      });
-      const data = await res.json();
-      setResult({ status: res.status, ...data });
-      // Update NextAuth session
-      await update();
-    } catch (e: any) {
-      setResult({ error: e.message });
-    } finally {
-      setLoading(false);
-    }
-  }
-  async function handleForceExpire() {
-    setLoading(true);
-    setResult(null);
-    try {
-      const res = await fetch("/api/test/force-expire", {
-        method: "POST",
-        credentials: "include",
-      });
-      const data = await res.json();
-      setResult({ action: "force_expire", status: res.status, ...data });
-    } catch (e: any) {
-      setResult({ error: e.message });
-    } finally {
-      setLoading(false);
-    }
-  }
-  const formatExpiry = (exp: number | string | undefined) => {
-    if (!exp) return "N/A";
-    const date = new Date(typeof exp === "string" ? exp : exp);
-    const now = new Date();
-    const diffMs = date.getTime() - now.getTime();
-    const diffMins = Math.floor(diffMs / 60000);
-    const diffSecs = Math.floor((diffMs % 60000) / 1000);
-    return `${date.toLocaleTimeString()} (${diffMins}m ${diffSecs}s remaining)`;
-  };
-  return (
-    <div className="p-8 max-w-2xl mx-auto bg-gray-900 min-h-screen text-white">
-      <h1 className="text-2xl font-bold mb-4">Refresh Token Test</h1>
-      {/* Session Info */}
-      <div className="mb-6 rounded border border-blue-500 bg-blue-900/30 p-4">
-        <h2 className="font-semibold mb-2 text-blue-300">Current Session</h2>
-        <div className="text-sm space-y-1 font-mono">
-          <div><span className="text-gray-400">User:</span> {session?.user?.email || "Not logged in"}</div>
-          <div><span className="text-gray-400">2FA Complete:</span> {String((session?.user as any)?.twoFactorSessionVerified ?? "unknown")}</div>
-          <div>
-            <span className="text-gray-400">Access Token:</span>{" "}
-            {sessionDetails?.accessToken ? `${sessionDetails.accessToken.substring(0, 40)}...` : "N/A"}
-          </div>
-          <div>
-            <span className="text-gray-400">Refresh Token:</span>{" "}
-            {sessionDetails?.refreshToken ? `${sessionDetails.refreshToken.substring(0, 40)}...` : "N/A"}
-          </div>
-          <div>
-            <span className="text-gray-400">Access Expires:</span>{" "}
-            {formatExpiry(sessionDetails?.accessTokenExpires)}
-          </div>
-        </div>
-      </div>
-      {/* Actions */}
-      <div className="flex gap-2 mb-4">
-        <button
-          className="bg-blue-600 hover:bg-blue-700 text-white px-4 py-2 rounded disabled:opacity-50"
-          onClick={handleRefresh}
-          disabled={loading}
-        >
-          {loading ? "Refreshing..." : "Test Refresh Token"}
-        </button>
-        <button
-          className="bg-red-600 hover:bg-red-700 text-white px-4 py-2 rounded disabled:opacity-50"
-          onClick={handleForceExpire}
-          disabled={loading}
-        >
-          Force Expire Token
-        </button>
-        <button
-          className="bg-gray-600 hover:bg-gray-700 text-white px-4 py-2 rounded"
-          onClick={() => window.location.reload()}
-        >
-          Reload Page
-        </button>
-      </div>
-      {/* Result */}
-      {result && (
-        <div className="rounded border border-gray-600 bg-gray-800 p-4">
-          <h3 className="font-semibold mb-2 text-gray-300">Result:</h3>
-          <pre className="text-xs overflow-x-auto whitespace-pre-wrap text-green-400">
-            {JSON.stringify(result, null, 2)}
-          </pre>
-        </div>
-      )}
-      {/* Raw Session Details */}
-      <details className="mt-4">
-        <summary className="cursor-pointer text-gray-400 hover:text-white">Raw Session Details</summary>
-        <pre className="mt-2 text-xs bg-gray-800 p-2 rounded overflow-x-auto text-gray-300">
-          {JSON.stringify(sessionDetails, null, 2)}
-        </pre>
-      </details>
-    </div>
-  );
-}
-export default RefreshTokenPage;
+"use client";
+import React, { useState, useEffect } from "react";
+import { authClient } from '../../client/better-auth-client';
+/**
+ * Refresh Token Test Page
+ *
+ * Debug page for testing OAuth refresh token flow.
+ * Shows current session state, allows manual refresh trigger,
+ * and can force-expire tokens for testing.
+ *
+ * Usage:
+ * ```typescript
+ * // app/test-env/refresh-token/page.tsx
+ * export { RefreshTokenPage as default } from '@payez/next-mvp/pages/test-env';
+ * ```
+ */
+export function RefreshTokenPage() {
+  const { data: session } = authClient.useSession();
+  // TODO: Better Auth session refresh
+  const update = async () => { /* no-op: Better Auth handles session refresh internally */ };
+  const [result, setResult] = useState<any>(null);
+  const [loading, setLoading] = useState(false);
+  const [sessionDetails, setSessionDetails] = useState<any>(null);
+  // Fetch detailed session info on mount
+  useEffect(() => {
+    async function fetchSessionDetails() {
+      try {
+        const res = await fetch("/api/auth/session", { credentials: "include" });
+        const data = await res.json();
+        setSessionDetails(data);
+      } catch (e) {
+        console.error("Failed to fetch session details", e);
+      }
+    }
+    fetchSessionDetails();
+  }, [result]); // Refetch after refresh
+  async function handleRefresh() {
+    setLoading(true);
+    setResult(null);
+    try {
+      const res = await fetch("/api/auth/refresh", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        credentials: "include",
+      });
+      const data = await res.json();
+      setResult({ status: res.status, ...data });
+      // Update NextAuth session
+      await update();
+    } catch (e: any) {
+      setResult({ error: e.message });
+    } finally {
+      setLoading(false);
+    }
+  }
+  async function handleForceExpire() {
+    setLoading(true);
+    setResult(null);
+    try {
+      const res = await fetch("/api/test/force-expire", {
+        method: "POST",
+        credentials: "include",
+      });
+      const data = await res.json();
+      setResult({ action: "force_expire", status: res.status, ...data });
+    } catch (e: any) {
+      setResult({ error: e.message });
+    } finally {
+      setLoading(false);
+    }
+  }
+  const formatExpiry = (exp: number | string | undefined) => {
+    if (!exp) return "N/A";
+    const date = new Date(typeof exp === "string" ? exp : exp);
+    const now = new Date();
+    const diffMs = date.getTime() - now.getTime();
+    const diffMins = Math.floor(diffMs / 60000);
+    const diffSecs = Math.floor((diffMs % 60000) / 1000);
+    return `${date.toLocaleTimeString()} (${diffMins}m ${diffSecs}s remaining)`;
+  };
+  return (
+    <div className="p-8 max-w-2xl mx-auto bg-gray-900 min-h-screen text-white">
+      <h1 className="text-2xl font-bold mb-4">Refresh Token Test</h1>
+      {/* Session Info */}
+      <div className="mb-6 rounded border border-blue-500 bg-blue-900/30 p-4">
+        <h2 className="font-semibold mb-2 text-blue-300">Current Session</h2>
+        <div className="text-sm space-y-1 font-mono">
+          <div><span className="text-gray-400">User:</span> {session?.user?.email || "Not logged in"}</div>
+          <div><span className="text-gray-400">2FA Complete:</span> {String((session?.user as any)?.twoFactorSessionVerified ?? "unknown")}</div>
+          <div>
+            <span className="text-gray-400">Access Token:</span>{" "}
+            {sessionDetails?.accessToken ? `${sessionDetails.accessToken.substring(0, 40)}...` : "N/A"}
+          </div>
+          <div>
+            <span className="text-gray-400">Refresh Token:</span>{" "}
+            {sessionDetails?.refreshToken ? `${sessionDetails.refreshToken.substring(0, 40)}...` : "N/A"}
+          </div>
+          <div>
+            <span className="text-gray-400">Access Expires:</span>{" "}
+            {formatExpiry(sessionDetails?.accessTokenExpires)}
+          </div>
+        </div>
+      </div>
+      {/* Actions */}
+      <div className="flex gap-2 mb-4">
+        <button
+          className="bg-blue-600 hover:bg-blue-700 text-white px-4 py-2 rounded disabled:opacity-50"
+          onClick={handleRefresh}
+          disabled={loading}
+        >
+          {loading ? "Refreshing..." : "Test Refresh Token"}
+        </button>
+        <button
+          className="bg-red-600 hover:bg-red-700 text-white px-4 py-2 rounded disabled:opacity-50"
+          onClick={handleForceExpire}
+          disabled={loading}
+        >
+          Force Expire Token
+        </button>
+        <button
+          className="bg-gray-600 hover:bg-gray-700 text-white px-4 py-2 rounded"
+          onClick={() => window.location.reload()}
+        >
+          Reload Page
+        </button>
+      </div>
+      {/* Result */}
+      {result && (
+        <div className="rounded border border-gray-600 bg-gray-800 p-4">
+          <h3 className="font-semibold mb-2 text-gray-300">Result:</h3>
+          <pre className="text-xs overflow-x-auto whitespace-pre-wrap text-green-400">
+            {JSON.stringify(result, null, 2)}
+          </pre>
+        </div>
+      )}
+      {/* Raw Session Details */}
+      <details className="mt-4">
+        <summary className="cursor-pointer text-gray-400 hover:text-white">Raw Session Details</summary>
+        <pre className="mt-2 text-xs bg-gray-800 p-2 rounded overflow-x-auto text-gray-300">
+          {JSON.stringify(sessionDetails, null, 2)}
+        </pre>
+      </details>
+    </div>
+  );
+}
+export default RefreshTokenPage;

package/src/pages/test-env/TestEnvPage.tsx CHANGED Viewed

@@ -1,6 +1,6 @@
 'use client';
-import { useSession } from 'next-auth/react';
+import { authClient } from '../../client/better-auth-client';
 import { useState, useEffect } from 'react';
 import Link from 'next/link';
@@ -16,7 +16,9 @@ import Link from 'next/link';
  * ```
  */
 export function TestEnvPage() {
-  const { data: session, status } = useSession();
+  const { data: sessionData, isPending } = authClient.useSession();
+  const session = sessionData;
+  const status = isPending ? 'loading' : session ? 'authenticated' : 'unauthenticated';
   const [isDarkMode, setIsDarkMode] = useState(false);
   useEffect(() => {

package/src/pages/verify-code/page.tsx CHANGED Viewed

@@ -32,7 +32,7 @@
 import React, { useState, useEffect, useRef } from 'react';
 import { useRouter, useSearchParams } from 'next/navigation';
-import { useSession, signOut, getSession } from 'next-auth/react';
+import { authClient } from '../../client/better-auth-client';
 import { Suspense } from 'react';
 import { useColors } from '../../theme/useTheme';
@@ -54,7 +54,11 @@ function VerifyCodeForm() {
   const searchParams = useSearchParams();
   const callbackUrl = searchParams?.get('callbackUrl') || '/dashboard';
-  const { data: session, status, update: updateSession } = useSession();
+  const { data: sessionData, isPending } = authClient.useSession();
+  const session = sessionData;
+  const status = isPending ? 'loading' : session ? 'authenticated' : 'unauthenticated';
+  // TODO: Better Auth session refresh
+  const updateSession = async () => { return session; };
   const colors = useColors();
   // Method selection
@@ -146,7 +150,7 @@ function VerifyCodeForm() {
           // Session expired - redirect to login
           setError('Your session has expired. Redirecting to login...');
           setTimeout(async () => {
-            await signOut({ redirect: false });
+            await authClient.signOut();
             const safeCallback = callbackUrl.startsWith('/account-auth/') ? '/dashboard' : callbackUrl;
             router.push(`/account-auth/login?callbackUrl=${encodeURIComponent(safeCallback)}`);
           }, 1200);
@@ -197,7 +201,7 @@ function VerifyCodeForm() {
           if (data.valid === false || data.mfaExpired === true) {
             setError('Your session has expired. Redirecting to login...');
             setTimeout(async () => {
-              await signOut({ redirect: false });
+              await authClient.signOut();
               if (typeof window !== 'undefined') {
                 sessionStorage.removeItem(VERIFY_IN_PROGRESS_KEY);
               }
@@ -243,7 +247,7 @@ function VerifyCodeForm() {
         );
         setTimeout(async () => {
-          await signOut({ redirect: false });
+          await authClient.signOut();
           if (typeof window !== 'undefined') {
             sessionStorage.removeItem(VERIFY_IN_PROGRESS_KEY);
           }
@@ -318,7 +322,7 @@ function VerifyCodeForm() {
         );
         setTimeout(async () => {
-          await signOut({ redirect: false });
+          await authClient.signOut();
           if (typeof window !== 'undefined') {
             sessionStorage.removeItem(VERIFY_IN_PROGRESS_KEY);
           }

package/src/routes/auth/logout.ts CHANGED Viewed

@@ -15,7 +15,7 @@
  */
 import { NextRequest, NextResponse } from 'next/server';
-import { getToken } from 'next-auth/jwt';
+import { getSession } from '../../server/auth';
 import { deleteSession } from '../../lib/session-store';
 import {
   getSessionCookieName,
@@ -23,39 +23,22 @@ import {
   getCsrfCookieName,
   getSecureCsrfCookieName,
   getCallbackUrlCookieName,
-  getJwtCookieName
 } from '../../lib/app-slug';
-import { getIDPClientConfig } from '../../lib/idp-client-config';
 import { siteEvents, getClientIp } from '../../lib/site-logger';
-async function getConfig() {
-  const idpConfig = await getIDPClientConfig();
-  const idpBaseUrl = process.env.IDP_URL;
-  if (!idpBaseUrl) {
-    throw new Error('[IDP_URL] FATAL: IDP_URL environment variable is REQUIRED.');
-  }
-  return {
-    nextAuthSecret: idpConfig.nextAuthSecret || '',
-    idpBaseUrl,
-    clientId: process.env.CLIENT_ID || process.env.NEXT_PUBLIC_IDP_CLIENT_ID || '',
-  };
-}
 /**
  * POST /api/auth/logout - Sign out and clean up session
  *
  * Performs complete logout:
  * 1. Revokes tokens at IDP (if refresh token available)
  * 2. Deletes session from store
- * 3. Clears NextAuth session cookie
+ * 3. Clears session cookies
  */
 export async function POST(req: NextRequest) {
-  const { nextAuthSecret, idpBaseUrl, clientId } = await getConfig();
   try {
-    const token = await getToken({ req, secret: nextAuthSecret, cookieName: getJwtCookieName() });
+    const session = await getSession(req);
-    if (!token) {
+    if (!session) {
       // Already logged out
       return NextResponse.json({
         success: true,
@@ -63,8 +46,7 @@ export async function POST(req: NextRequest) {
       });
     }
-    // Support both field names: sessionToken (auth.ts JWT) and redisSessionId (legacy)
-    const sessionId = (token as any).sessionToken || (token as any).redisSessionId;
+    const sessionId = session.session?.token;
     // Delete session from store (this also removes the refresh token)
     if (sessionId) {
@@ -77,7 +59,7 @@ export async function POST(req: NextRequest) {
     }
     // Log logout event (fire-and-forget)
-    const userId = (token as any).sub || (token as any).idpUserId;
+    const userId = session.user?.id;
     if (userId) {
       siteEvents.logout({
         user_id: userId,
@@ -89,7 +71,7 @@ export async function POST(req: NextRequest) {
       });
     }
-    // Build response that clears NextAuth cookies
+    // Build response that clears session cookies
     const response = NextResponse.json({
       success: true,
       message: 'Logged out successfully'

package/src/routes/auth/nextauth.ts CHANGED Viewed

@@ -1,71 +1,45 @@
-/**
- * Ready-to-Use NextAuth Route Handler
- *
- * Provides a pre-configured NextAuth handler that uses dynamic OAuth providers
- * loaded from IDP at startup via getAuthOptions().
- *
- * @version 2.2.0 - Dynamic provider loading from IDP
- * @since auth-ready-v2-hotfix
- */
-import NextAuth from 'next-auth';
-import { authOptions, getAuthOptions } from '../../auth/auth-options';
-// Cached handler - built once with dynamic providers
-let cachedHandler: ReturnType<typeof NextAuth> | null = null;
-let handlerPromise: Promise<ReturnType<typeof NextAuth>> | null = null;
-/**
- * Get or build the NextAuth handler with dynamic providers.
- * Uses caching to avoid rebuilding on every request.
- */
-async function getHandler(): Promise<ReturnType<typeof NextAuth>> {
-    // Return cached if available
-    if (cachedHandler) {
-        return cachedHandler;
-    }
-    // Prevent concurrent builds
-    if (handlerPromise) {
-        return handlerPromise;
-    }
-    handlerPromise = (async () => {
-        try {
-            // Try to get dynamic auth options from IDP
-            const options = await getAuthOptions();
-            console.log('[NEXTAUTH_ROUTE] Built handler with dynamic providers');
-            cachedHandler = NextAuth(options);
-            return cachedHandler;
-        } catch (error) {
-            // Fallback to static options if IDP unavailable
-            console.warn('[NEXTAUTH_ROUTE] Failed to get dynamic options, using static fallback:', {
-                error: error instanceof Error ? error.message : String(error)
-            });
-            cachedHandler = NextAuth(authOptions);
-            return cachedHandler;
-        } finally {
-            handlerPromise = null;
-        }
-    })();
-    return handlerPromise;
-}
-/**
- * GET handler for NextAuth
- * Uses async factory to get dynamic providers from IDP
- */
-export async function GET(request: Request, context: any) {
-    const handler = await getHandler();
-    return handler(request, context);
-}
-/**
- * POST handler for NextAuth
- * Uses async factory to get dynamic providers from IDP
- */
-export async function POST(request: Request, context: any) {
-    const handler = await getHandler();
-    return handler(request, context);
-}
+/**
+ * Ready-to-Use Auth Route Handler (Better Auth)
+ *
+ * Provides a pre-configured Better Auth handler that uses dynamic OAuth providers
+ * loaded from IDP at startup.
+ *
+ * Replaces the former NextAuth handler. The file name is kept as nextauth.ts
+ * to avoid breaking re-exports in routes/auth/index.ts.
+ *
+ * @version 4.0.0 - Better Auth migration
+ * @since better-auth-4.0
+ */
+import { getBetterAuthHandler } from '../../auth/better-auth';
+import { NextResponse } from 'next/server';
+/**
+ * GET handler for auth routes
+ * Delegates to Better Auth instance.
+ */
+export async function GET(request: Request) {
+  const handler = await getBetterAuthHandler();
+  if (!handler) {
+    return NextResponse.json(
+      { error: 'Auth handler not available' },
+      { status: 503 }
+    );
+  }
+  return handler.GET(request);
+}
+/**
+ * POST handler for auth routes
+ * Delegates to Better Auth instance.
+ */
+export async function POST(request: Request) {
+  const handler = await getBetterAuthHandler();
+  if (!handler) {
+    return NextResponse.json(
+      { error: 'Auth handler not available' },
+      { status: 503 }
+    );
+  }
+  return handler.POST(request);
+}