npm - @payez/next-mvp - Versions diffs - 3.9.1 → 4.0.1 - Mend

@payez/next-mvp 3.9.1 → 4.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (526) hide show

package/package.json +6 -18
package/src/api/auth-handler.ts +550 -549
package/src/api-handlers/account/change-password.ts +5 -8
package/src/api-handlers/admin/analytics.ts +4 -6
package/src/api-handlers/admin/audit.ts +5 -7
package/src/api-handlers/admin/index.ts +1 -2
package/src/api-handlers/admin/redis-sessions.ts +6 -8
package/src/api-handlers/admin/sessions.ts +5 -7
package/src/api-handlers/admin/site-logs.ts +8 -10
package/src/api-handlers/admin/stats.ts +4 -6
package/src/api-handlers/admin/users.ts +5 -7
package/src/api-handlers/admin/vibe-data.ts +10 -12
package/src/api-handlers/auth/refresh.ts +5 -7
package/src/api-handlers/auth/signout.ts +5 -6
package/src/api-handlers/auth/status.ts +4 -7
package/src/api-handlers/auth/update-session.ts +123 -125
package/src/api-handlers/auth/verify-code.ts +9 -13
package/src/api-handlers/session/viability.ts +10 -47
package/src/api-handlers/test/force-expire.ts +4 -11
package/src/auth/auth-decision.ts +1 -1
package/src/auth/better-auth.ts +138 -141
package/src/auth/route-config.ts +219 -219
package/src/auth/utils/token-utils.ts +0 -1
package/src/client/AuthContext.tsx +6 -2
package/src/client/fetch-with-auth.ts +47 -47
package/src/components/SessionSync.tsx +6 -5
package/src/components/account/MobileNavDrawer.tsx +3 -3
package/src/components/account/UserAvatarMenu.tsx +6 -3
package/src/components/admin/VibeAdminLayout.tsx +4 -2
package/src/config/logger.ts +1 -1
package/src/hooks/useAuth.ts +117 -115
package/src/hooks/useAuthSettings.ts +2 -2
package/src/hooks/useAvailableProviders.ts +9 -5
package/src/hooks/useSessionExpiration.ts +101 -102
package/src/hooks/useViabilitySession.ts +336 -335
package/src/index.ts +60 -63
package/src/lib/api-handler.ts +0 -1
package/src/lib/app-slug.ts +6 -6
package/src/lib/standardized-client-api.ts +901 -895
package/src/lib/startup-init.ts +243 -247
package/src/lib/test-aware-get-token.ts +22 -12
package/src/lib/token-lifecycle.ts +12 -53
package/src/pages/admin-login/page.tsx +9 -17
package/src/pages/client-admin/ClientSiteAdminPage.tsx +4 -2
package/src/pages/login/page.tsx +21 -28
package/src/pages/showcase/ShowcasePage.tsx +4 -2
package/src/pages/test-env/EmergencyLogoutPage.tsx +7 -6
package/src/pages/test-env/JwtInspectPage.tsx +5 -3
package/src/pages/test-env/RefreshTokenPage.tsx +157 -155
package/src/pages/test-env/TestEnvPage.tsx +4 -2
package/src/pages/verify-code/page.tsx +10 -6
package/src/routes/auth/logout.ts +7 -25
package/src/routes/auth/nextauth.ts +45 -71
package/src/routes/auth/session.ts +25 -50
package/src/routes/auth/viability.ts +7 -19
package/src/server/auth.ts +60 -0
package/src/stores/authStore.ts +1899 -1904
package/src/utils/logout.ts +30 -30
package/dist/api/auth-handler.d.ts +0 -67
package/dist/api/auth-handler.js +0 -397
package/dist/api/index.d.ts +0 -10
package/dist/api/index.js +0 -19
package/dist/api-handlers/account/change-password.d.ts +0 -9
package/dist/api-handlers/account/change-password.js +0 -112
package/dist/api-handlers/account/masked-info.d.ts +0 -2
package/dist/api-handlers/account/masked-info.js +0 -41
package/dist/api-handlers/account/profile.d.ts +0 -3
package/dist/api-handlers/account/profile.js +0 -63
package/dist/api-handlers/account/recovery/initiate.d.ts +0 -2
package/dist/api-handlers/account/recovery/initiate.js +0 -26
package/dist/api-handlers/account/recovery/send-code.d.ts +0 -2
package/dist/api-handlers/account/recovery/send-code.js +0 -28
package/dist/api-handlers/account/recovery/verify-code.d.ts +0 -2
package/dist/api-handlers/account/recovery/verify-code.js +0 -28
package/dist/api-handlers/account/reset-password.d.ts +0 -2
package/dist/api-handlers/account/reset-password.js +0 -26
package/dist/api-handlers/account/send-code.d.ts +0 -24
package/dist/api-handlers/account/send-code.js +0 -60
package/dist/api-handlers/account/update-phone.d.ts +0 -27
package/dist/api-handlers/account/update-phone.js +0 -64
package/dist/api-handlers/account/validate-password.d.ts +0 -17
package/dist/api-handlers/account/validate-password.js +0 -81
package/dist/api-handlers/account/verify-email.d.ts +0 -26
package/dist/api-handlers/account/verify-email.js +0 -106
package/dist/api-handlers/account/verify-sms.d.ts +0 -26
package/dist/api-handlers/account/verify-sms.js +0 -106
package/dist/api-handlers/admin/analytics.d.ts +0 -20
package/dist/api-handlers/admin/analytics.js +0 -379
package/dist/api-handlers/admin/audit.d.ts +0 -20
package/dist/api-handlers/admin/audit.js +0 -214
package/dist/api-handlers/admin/index.d.ts +0 -22
package/dist/api-handlers/admin/index.js +0 -43
package/dist/api-handlers/admin/redis-sessions.d.ts +0 -36
package/dist/api-handlers/admin/redis-sessions.js +0 -204
package/dist/api-handlers/admin/sessions.d.ts +0 -21
package/dist/api-handlers/admin/sessions.js +0 -284
package/dist/api-handlers/admin/site-logs.d.ts +0 -46
package/dist/api-handlers/admin/site-logs.js +0 -318
package/dist/api-handlers/admin/stats.d.ts +0 -21
package/dist/api-handlers/admin/stats.js +0 -240
package/dist/api-handlers/admin/users.d.ts +0 -20
package/dist/api-handlers/admin/users.js +0 -222
package/dist/api-handlers/admin/vibe-data.d.ts +0 -80
package/dist/api-handlers/admin/vibe-data.js +0 -268
package/dist/api-handlers/anon/preferences.d.ts +0 -37
package/dist/api-handlers/anon/preferences.js +0 -96
package/dist/api-handlers/auth/jwks.d.ts +0 -2
package/dist/api-handlers/auth/jwks.js +0 -24
package/dist/api-handlers/auth/login.d.ts +0 -42
package/dist/api-handlers/auth/login.js +0 -178
package/dist/api-handlers/auth/refresh.d.ts +0 -74
package/dist/api-handlers/auth/refresh.js +0 -635
package/dist/api-handlers/auth/signout.d.ts +0 -37
package/dist/api-handlers/auth/signout.js +0 -187
package/dist/api-handlers/auth/status.d.ts +0 -8
package/dist/api-handlers/auth/status.js +0 -26
package/dist/api-handlers/auth/update-session.d.ts +0 -37
package/dist/api-handlers/auth/update-session.js +0 -95
package/dist/api-handlers/auth/validate.d.ts +0 -6
package/dist/api-handlers/auth/validate.js +0 -43
package/dist/api-handlers/auth/verify-code.d.ts +0 -43
package/dist/api-handlers/auth/verify-code.js +0 -94
package/dist/api-handlers/session/refresh-viability.d.ts +0 -14
package/dist/api-handlers/session/refresh-viability.js +0 -39
package/dist/api-handlers/session/viability.d.ts +0 -13
package/dist/api-handlers/session/viability.js +0 -146
package/dist/api-handlers/test/force-expire.d.ts +0 -23
package/dist/api-handlers/test/force-expire.js +0 -65
package/dist/auth/auth-decision.d.ts +0 -39
package/dist/auth/auth-decision.js +0 -182
package/dist/auth/auth-options.d.ts +0 -57
package/dist/auth/auth-options.js +0 -213
package/dist/auth/better-auth.d.ts +0 -82
package/dist/auth/better-auth.js +0 -122
package/dist/auth/callbacks/index.d.ts +0 -6
package/dist/auth/callbacks/index.js +0 -12
package/dist/auth/callbacks/jwt.d.ts +0 -45
package/dist/auth/callbacks/jwt.js +0 -305
package/dist/auth/callbacks/session.d.ts +0 -60
package/dist/auth/callbacks/session.js +0 -170
package/dist/auth/callbacks/signin.d.ts +0 -23
package/dist/auth/callbacks/signin.js +0 -44
package/dist/auth/events/index.d.ts +0 -4
package/dist/auth/events/index.js +0 -8
package/dist/auth/events/signout.d.ts +0 -17
package/dist/auth/events/signout.js +0 -32
package/dist/auth/providers/credentials.d.ts +0 -32
package/dist/auth/providers/credentials.js +0 -223
package/dist/auth/providers/index.d.ts +0 -5
package/dist/auth/providers/index.js +0 -21
package/dist/auth/providers/oauth.d.ts +0 -26
package/dist/auth/providers/oauth.js +0 -105
package/dist/auth/route-config.d.ts +0 -66
package/dist/auth/route-config.js +0 -190
package/dist/auth/types/auth-types.d.ts +0 -417
package/dist/auth/types/auth-types.js +0 -53
package/dist/auth/types/index.d.ts +0 -6
package/dist/auth/types/index.js +0 -22
package/dist/auth/unauthenticated-routes.d.ts +0 -1
package/dist/auth/unauthenticated-routes.js +0 -19
package/dist/auth/utils/idp-client.d.ts +0 -94
package/dist/auth/utils/idp-client.js +0 -384
package/dist/auth/utils/index.d.ts +0 -5
package/dist/auth/utils/index.js +0 -21
package/dist/auth/utils/token-utils.d.ts +0 -84
package/dist/auth/utils/token-utils.js +0 -219
package/dist/client/AuthContext.d.ts +0 -19
package/dist/client/AuthContext.js +0 -112
package/dist/client/better-auth-client.d.ts +0 -1020
package/dist/client/better-auth-client.js +0 -68
package/dist/client/fetch-with-auth.d.ts +0 -11
package/dist/client/fetch-with-auth.js +0 -44
package/dist/client/fetchWithSession.d.ts +0 -3
package/dist/client/fetchWithSession.js +0 -24
package/dist/client/index.d.ts +0 -9
package/dist/client/index.js +0 -20
package/dist/client/useAnonSession.d.ts +0 -36
package/dist/client/useAnonSession.js +0 -99
package/dist/components/SessionSync.d.ts +0 -13
package/dist/components/SessionSync.js +0 -119
package/dist/components/SignalRHealthCheck.d.ts +0 -10
package/dist/components/SignalRHealthCheck.js +0 -97
package/dist/components/account/MobileNavDrawer.d.ts +0 -32
package/dist/components/account/MobileNavDrawer.js +0 -81
package/dist/components/account/UserAvatarMenu.d.ts +0 -20
package/dist/components/account/UserAvatarMenu.js +0 -88
package/dist/components/account/index.d.ts +0 -9
package/dist/components/account/index.js +0 -13
package/dist/components/admin/AlertSettingsTab.d.ts +0 -48
package/dist/components/admin/AlertSettingsTab.js +0 -351
package/dist/components/admin/AnalyticsTab.d.ts +0 -22
package/dist/components/admin/AnalyticsTab.js +0 -167
package/dist/components/admin/DataBrowserTab.d.ts +0 -19
package/dist/components/admin/DataBrowserTab.js +0 -252
package/dist/components/admin/LoggingSettingsTab.d.ts +0 -73
package/dist/components/admin/LoggingSettingsTab.js +0 -339
package/dist/components/admin/SessionsTab.d.ts +0 -37
package/dist/components/admin/SessionsTab.js +0 -165
package/dist/components/admin/StatsTab.d.ts +0 -53
package/dist/components/admin/StatsTab.js +0 -161
package/dist/components/admin/VibeAdminContext.d.ts +0 -32
package/dist/components/admin/VibeAdminContext.js +0 -38
package/dist/components/admin/VibeAdminLayout.d.ts +0 -11
package/dist/components/admin/VibeAdminLayout.js +0 -69
package/dist/components/admin/index.d.ts +0 -29
package/dist/components/admin/index.js +0 -44
package/dist/components/auth/FederatedAuthSection.d.ts +0 -8
package/dist/components/auth/FederatedAuthSection.js +0 -45
package/dist/components/auth/ModeAwareLoginPage.d.ts +0 -10
package/dist/components/auth/ModeAwareLoginPage.js +0 -42
package/dist/components/auth/ModeAwareSignupPage.d.ts +0 -9
package/dist/components/auth/ModeAwareSignupPage.js +0 -78
package/dist/components/auth/TraditionalAuthSection.d.ts +0 -14
package/dist/components/auth/TraditionalAuthSection.js +0 -20
package/dist/components/recovery/CompleteStep.d.ts +0 -5
package/dist/components/recovery/CompleteStep.js +0 -8
package/dist/components/recovery/InitiateRecoveryStep.d.ts +0 -8
package/dist/components/recovery/InitiateRecoveryStep.js +0 -20
package/dist/components/recovery/SelectMethodStep.d.ts +0 -8
package/dist/components/recovery/SelectMethodStep.js +0 -8
package/dist/components/recovery/SetPasswordStep.d.ts +0 -6
package/dist/components/recovery/SetPasswordStep.js +0 -20
package/dist/components/recovery/VerifyCodeStep.d.ts +0 -10
package/dist/components/recovery/VerifyCodeStep.js +0 -24
package/dist/components/reserved/ReservedRecoveryWarning.d.ts +0 -38
package/dist/components/reserved/ReservedRecoveryWarning.js +0 -92
package/dist/components/reserved/ReservedStatusBox.d.ts +0 -30
package/dist/components/reserved/ReservedStatusBox.js +0 -71
package/dist/components/ui/BetaBadge.d.ts +0 -29
package/dist/components/ui/BetaBadge.js +0 -38
package/dist/components/ui/Footer.d.ts +0 -37
package/dist/components/ui/Footer.js +0 -41
package/dist/config/env.d.ts +0 -66
package/dist/config/env.js +0 -57
package/dist/config/logger.d.ts +0 -57
package/dist/config/logger.js +0 -73
package/dist/config/logging-config.d.ts +0 -30
package/dist/config/logging-config.js +0 -122
package/dist/config/unauthenticated-routes.d.ts +0 -17
package/dist/config/unauthenticated-routes.js +0 -24
package/dist/config/vibe-log-transport.d.ts +0 -81
package/dist/config/vibe-log-transport.js +0 -212
package/dist/edge/internal-api-url.d.ts +0 -53
package/dist/edge/internal-api-url.js +0 -63
package/dist/edge/middleware.d.ts +0 -14
package/dist/edge/middleware.js +0 -32
package/dist/hooks/useAuth.d.ts +0 -23
package/dist/hooks/useAuth.js +0 -81
package/dist/hooks/useAuthSettings.d.ts +0 -59
package/dist/hooks/useAuthSettings.js +0 -93
package/dist/hooks/useAvailableProviders.d.ts +0 -45
package/dist/hooks/useAvailableProviders.js +0 -108
package/dist/hooks/usePasswordValidation.d.ts +0 -27
package/dist/hooks/usePasswordValidation.js +0 -102
package/dist/hooks/useProfile.d.ts +0 -15
package/dist/hooks/useProfile.js +0 -59
package/dist/hooks/usePublicAuthSettings.d.ts +0 -56
package/dist/hooks/usePublicAuthSettings.js +0 -131
package/dist/hooks/useSessionExpiration.d.ts +0 -57
package/dist/hooks/useSessionExpiration.js +0 -72
package/dist/hooks/useViabilitySession.d.ts +0 -75
package/dist/hooks/useViabilitySession.js +0 -268
package/dist/index.d.ts +0 -12
package/dist/index.js +0 -55
package/dist/lib/anon-session.d.ts +0 -74
package/dist/lib/anon-session.js +0 -169
package/dist/lib/api-handler.d.ts +0 -123
package/dist/lib/api-handler.js +0 -478
package/dist/lib/app-slug.d.ts +0 -95
package/dist/lib/app-slug.js +0 -172
package/dist/lib/demo-mode.d.ts +0 -6
package/dist/lib/demo-mode.js +0 -16
package/dist/lib/geolocation.d.ts +0 -64
package/dist/lib/geolocation.js +0 -235
package/dist/lib/idp-client-config.d.ts +0 -75
package/dist/lib/idp-client-config.js +0 -425
package/dist/lib/idp-fetch.d.ts +0 -14
package/dist/lib/idp-fetch.js +0 -91
package/dist/lib/internal-api.d.ts +0 -87
package/dist/lib/internal-api.js +0 -122
package/dist/lib/jwt-decode-client.d.ts +0 -10
package/dist/lib/jwt-decode-client.js +0 -46
package/dist/lib/jwt-decode.d.ts +0 -48
package/dist/lib/jwt-decode.js +0 -57
package/dist/lib/nextauth-secret.d.ts +0 -10
package/dist/lib/nextauth-secret.js +0 -100
package/dist/lib/rate-limit-service.d.ts +0 -23
package/dist/lib/rate-limit-service.js +0 -6
package/dist/lib/redis.d.ts +0 -5
package/dist/lib/redis.js +0 -28
package/dist/lib/refresh-token-validator.d.ts +0 -13
package/dist/lib/refresh-token-validator.js +0 -117
package/dist/lib/roles.d.ts +0 -145
package/dist/lib/roles.js +0 -168
package/dist/lib/secret-validation.d.ts +0 -4
package/dist/lib/secret-validation.js +0 -14
package/dist/lib/session-store.d.ts +0 -170
package/dist/lib/session-store.js +0 -545
package/dist/lib/session.d.ts +0 -21
package/dist/lib/session.js +0 -26
package/dist/lib/site-logger.d.ts +0 -214
package/dist/lib/site-logger.js +0 -210
package/dist/lib/standardized-client-api.d.ts +0 -161
package/dist/lib/standardized-client-api.js +0 -786
package/dist/lib/startup-init.d.ts +0 -40
package/dist/lib/startup-init.js +0 -261
package/dist/lib/test-aware-get-token.d.ts +0 -2
package/dist/lib/test-aware-get-token.js +0 -81
package/dist/lib/token-expiry.d.ts +0 -14
package/dist/lib/token-expiry.js +0 -39
package/dist/lib/token-lifecycle.d.ts +0 -52
package/dist/lib/token-lifecycle.js +0 -398
package/dist/lib/types/api-responses.d.ts +0 -128
package/dist/lib/types/api-responses.js +0 -171
package/dist/lib/user-agent-parser.d.ts +0 -50
package/dist/lib/user-agent-parser.js +0 -220
package/dist/logging/api/admin-analytics.d.ts +0 -3
package/dist/logging/api/admin-analytics.js +0 -45
package/dist/logging/api/audit-log.d.ts +0 -3
package/dist/logging/api/audit-log.js +0 -52
package/dist/logging/components/AdminAnalyticsLayout.d.ts +0 -10
package/dist/logging/components/AdminAnalyticsLayout.js +0 -11
package/dist/logging/components/AuditLogViewer.d.ts +0 -7
package/dist/logging/components/AuditLogViewer.js +0 -51
package/dist/logging/components/ErrorMetricsCard.d.ts +0 -7
package/dist/logging/components/ErrorMetricsCard.js +0 -16
package/dist/logging/components/HealthMetricsCard.d.ts +0 -7
package/dist/logging/components/HealthMetricsCard.js +0 -19
package/dist/logging/hooks/useAdminAnalytics.d.ts +0 -24
package/dist/logging/hooks/useAdminAnalytics.js +0 -22
package/dist/logging/hooks/useAuditLog.d.ts +0 -6
package/dist/logging/hooks/useAuditLog.js +0 -25
package/dist/logging/hooks/useErrorMetrics.d.ts +0 -6
package/dist/logging/hooks/useErrorMetrics.js +0 -38
package/dist/logging/hooks/useHealthMetrics.d.ts +0 -6
package/dist/logging/hooks/useHealthMetrics.js +0 -41
package/dist/logging/index.d.ts +0 -11
package/dist/logging/index.js +0 -40
package/dist/logging/types/analytics.d.ts +0 -68
package/dist/logging/types/analytics.js +0 -3
package/dist/logging/types/audit.d.ts +0 -29
package/dist/logging/types/audit.js +0 -2
package/dist/logging/types/index.d.ts +0 -2
package/dist/logging/types/index.js +0 -19
package/dist/middleware/auth-decision.d.ts +0 -33
package/dist/middleware/auth-decision.js +0 -65
package/dist/middleware/create-middleware.d.ts +0 -102
package/dist/middleware/create-middleware.js +0 -469
package/dist/middleware/rbac-check.d.ts +0 -51
package/dist/middleware/rbac-check.js +0 -219
package/dist/middleware/twofa-presets.d.ts +0 -134
package/dist/middleware/twofa-presets.js +0 -175
package/dist/models/DecodedAccessToken.d.ts +0 -17
package/dist/models/DecodedAccessToken.js +0 -2
package/dist/models/SessionModel.d.ts +0 -122
package/dist/models/SessionModel.js +0 -136
package/dist/pages/admin-login/page.d.ts +0 -31
package/dist/pages/admin-login/page.js +0 -83
package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.d.ts +0 -18
package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.js +0 -276
package/dist/pages/admin-page-permissions/index.d.ts +0 -6
package/dist/pages/admin-page-permissions/index.js +0 -13
package/dist/pages/admin-roles/RolesAdminPage.d.ts +0 -16
package/dist/pages/admin-roles/RolesAdminPage.js +0 -261
package/dist/pages/admin-roles/index.d.ts +0 -8
package/dist/pages/admin-roles/index.js +0 -15
package/dist/pages/admin-roles/modals.d.ts +0 -72
package/dist/pages/admin-roles/modals.js +0 -154
package/dist/pages/client-admin/ClientSiteAdminPage.d.ts +0 -79
package/dist/pages/client-admin/ClientSiteAdminPage.js +0 -177
package/dist/pages/client-admin/index.d.ts +0 -32
package/dist/pages/client-admin/index.js +0 -37
package/dist/pages/coming-soon/page.d.ts +0 -8
package/dist/pages/coming-soon/page.js +0 -28
package/dist/pages/login/page.d.ts +0 -22
package/dist/pages/login/page.js +0 -239
package/dist/pages/profile/EnhancedProfilePage.d.ts +0 -13
package/dist/pages/profile/EnhancedProfilePage.js +0 -150
package/dist/pages/profile/index.d.ts +0 -8
package/dist/pages/profile/index.js +0 -16
package/dist/pages/profile/page.d.ts +0 -19
package/dist/pages/profile/page.js +0 -47
package/dist/pages/profile/profile-patch.d.ts +0 -1
package/dist/pages/profile/profile-patch.js +0 -281
package/dist/pages/recovery/page.d.ts +0 -1
package/dist/pages/recovery/page.js +0 -142
package/dist/pages/roles/MyRolesPage.d.ts +0 -24
package/dist/pages/roles/MyRolesPage.js +0 -71
package/dist/pages/roles/components.d.ts +0 -63
package/dist/pages/roles/components.js +0 -108
package/dist/pages/roles/index.d.ts +0 -8
package/dist/pages/roles/index.js +0 -19
package/dist/pages/security/EnhancedSecurityPage.d.ts +0 -14
package/dist/pages/security/EnhancedSecurityPage.js +0 -248
package/dist/pages/security/index.d.ts +0 -8
package/dist/pages/security/index.js +0 -16
package/dist/pages/security/page.d.ts +0 -21
package/dist/pages/security/page.js +0 -212
package/dist/pages/security/security-patch.d.ts +0 -1
package/dist/pages/security/security-patch.js +0 -302
package/dist/pages/settings/EnhancedSettingsPage.d.ts +0 -46
package/dist/pages/settings/EnhancedSettingsPage.js +0 -231
package/dist/pages/settings/index.d.ts +0 -8
package/dist/pages/settings/index.js +0 -16
package/dist/pages/settings/page.d.ts +0 -7
package/dist/pages/settings/page.js +0 -26
package/dist/pages/showcase/ShowcasePage.d.ts +0 -13
package/dist/pages/showcase/ShowcasePage.js +0 -140
package/dist/pages/showcase/index.d.ts +0 -12
package/dist/pages/showcase/index.js +0 -17
package/dist/pages/test-env/EmergencyLogoutPage.d.ts +0 -14
package/dist/pages/test-env/EmergencyLogoutPage.js +0 -98
package/dist/pages/test-env/JwtInspectPage.d.ts +0 -14
package/dist/pages/test-env/JwtInspectPage.js +0 -114
package/dist/pages/test-env/RefreshTokenPage.d.ts +0 -15
package/dist/pages/test-env/RefreshTokenPage.js +0 -91
package/dist/pages/test-env/TestEnvPage.d.ts +0 -13
package/dist/pages/test-env/TestEnvPage.js +0 -49
package/dist/pages/test-env/index.d.ts +0 -24
package/dist/pages/test-env/index.js +0 -32
package/dist/pages/verify-code/page.d.ts +0 -30
package/dist/pages/verify-code/page.js +0 -408
package/dist/routes/account/index.d.ts +0 -28
package/dist/routes/account/index.js +0 -71
package/dist/routes/account/masked-info.d.ts +0 -33
package/dist/routes/account/masked-info.js +0 -39
package/dist/routes/account/send-code.d.ts +0 -37
package/dist/routes/account/send-code.js +0 -42
package/dist/routes/account/update-phone.d.ts +0 -13
package/dist/routes/account/update-phone.js +0 -17
package/dist/routes/account/verify-email.d.ts +0 -38
package/dist/routes/account/verify-email.js +0 -43
package/dist/routes/account/verify-sms.d.ts +0 -38
package/dist/routes/account/verify-sms.js +0 -43
package/dist/routes/auth/index.d.ts +0 -19
package/dist/routes/auth/index.js +0 -64
package/dist/routes/auth/logout.d.ts +0 -31
package/dist/routes/auth/logout.js +0 -113
package/dist/routes/auth/nextauth.d.ts +0 -19
package/dist/routes/auth/nextauth.js +0 -72
package/dist/routes/auth/refresh.d.ts +0 -30
package/dist/routes/auth/refresh.js +0 -51
package/dist/routes/auth/session.d.ts +0 -43
package/dist/routes/auth/session.js +0 -179
package/dist/routes/auth/settings.d.ts +0 -25
package/dist/routes/auth/settings.js +0 -55
package/dist/routes/auth/viability.d.ts +0 -52
package/dist/routes/auth/viability.js +0 -201
package/dist/routes/index.d.ts +0 -12
package/dist/routes/index.js +0 -54
package/dist/routes/session/index.d.ts +0 -6
package/dist/routes/session/index.js +0 -10
package/dist/routes/session/refresh-viability.d.ts +0 -16
package/dist/routes/session/refresh-viability.js +0 -20
package/dist/server/auth-guard.d.ts +0 -46
package/dist/server/auth-guard.js +0 -128
package/dist/server/decode-session.d.ts +0 -30
package/dist/server/decode-session.js +0 -78
package/dist/server/slim-middleware.d.ts +0 -23
package/dist/server/slim-middleware.js +0 -89
package/dist/server/with-auth.d.ts +0 -33
package/dist/server/with-auth.js +0 -59
package/dist/services/signalrActivityService.d.ts +0 -44
package/dist/services/signalrActivityService.js +0 -257
package/dist/stores/authStore.d.ts +0 -154
package/dist/stores/authStore.js +0 -1531
package/dist/theme/ThemeProvider.d.ts +0 -14
package/dist/theme/ThemeProvider.js +0 -28
package/dist/theme/default.d.ts +0 -8
package/dist/theme/default.js +0 -33
package/dist/theme/index.d.ts +0 -15
package/dist/theme/index.js +0 -25
package/dist/theme/types.d.ts +0 -56
package/dist/theme/types.js +0 -8
package/dist/theme/useTheme.d.ts +0 -60
package/dist/theme/useTheme.js +0 -63
package/dist/theme/utils.d.ts +0 -13
package/dist/theme/utils.js +0 -39
package/dist/types/api.d.ts +0 -134
package/dist/types/api.js +0 -44
package/dist/types/auth.d.ts +0 -19
package/dist/types/auth.js +0 -2
package/dist/types/logging.d.ts +0 -42
package/dist/types/logging.js +0 -2
package/dist/types/recovery.d.ts +0 -48
package/dist/types/recovery.js +0 -2
package/dist/types/security.d.ts +0 -1
package/dist/types/security.js +0 -2
package/dist/utils/api.d.ts +0 -85
package/dist/utils/api.js +0 -287
package/dist/utils/circuitBreaker.d.ts +0 -43
package/dist/utils/circuitBreaker.js +0 -91
package/dist/utils/error-message.d.ts +0 -1
package/dist/utils/error-message.js +0 -103
package/dist/utils/layout/reservedSpace.d.ts +0 -59
package/dist/utils/layout/reservedSpace.js +0 -102
package/dist/utils/logout.d.ts +0 -14
package/dist/utils/logout.js +0 -32
package/dist/vibe/client.d.ts +0 -261
package/dist/vibe/client.js +0 -445
package/dist/vibe/enterprise-auth.d.ts +0 -106
package/dist/vibe/enterprise-auth.js +0 -173
package/dist/vibe/errors.d.ts +0 -83
package/dist/vibe/errors.js +0 -146
package/dist/vibe/generic.d.ts +0 -234
package/dist/vibe/generic.js +0 -369
package/dist/vibe/hooks/index.d.ts +0 -169
package/dist/vibe/hooks/index.js +0 -252
package/dist/vibe/index.d.ts +0 -25
package/dist/vibe/index.js +0 -72
package/dist/vibe/sessions.d.ts +0 -161
package/dist/vibe/sessions.js +0 -391
package/dist/vibe/types.d.ts +0 -353
package/dist/vibe/types.js +0 -315
package/src/auth/auth-options.ts +0 -237
package/src/auth/callbacks/index.ts +0 -7
package/src/auth/callbacks/jwt.ts +0 -382
package/src/auth/callbacks/session.ts +0 -243
package/src/auth/callbacks/signin.ts +0 -56
package/src/auth/events/index.ts +0 -5
package/src/auth/events/signout.ts +0 -33
package/src/auth/providers/credentials.ts +0 -256
package/src/auth/providers/index.ts +0 -6
package/src/auth/providers/oauth.ts +0 -114
package/src/lib/nextauth-secret.ts +0 -121
package/src/types/next-auth.d.ts +0 -15

package/dist/auth/auth-options.js DELETED Viewed

@@ -1,213 +0,0 @@
-"use strict";
-/**
- * NextAuth Configuration (Refactored)
- *
- * This is the composition layer that wires together all auth modules.
- * Individual logic lives in dedicated modules:
- * - providers/ - Credentials and OAuth provider builders
- * - callbacks/ - JWT, session, signIn callbacks
- * - events/ - SignOut event handler
- * - utils/ - Token utilities, IDP client
- * - types/ - Type definitions
- *
- * CARGO CULT PATTERNS REMOVED:
- * ============================
- * The original auth-options.ts (1186 lines) had several anti-patterns that
- * added complexity without benefit:
- *
- * 1. CALLBACK CONCURRENCY PROTECTION (removed)
- *    - shouldExecuteCallback() / markCallbackComplete()
- *    - A debouncing mechanism that tried to prevent callbacks from running
- *      too frequently. NextAuth already handles this properly.
- *    - Added complexity, caused race condition bugs, and leaked memory
- *      (Map entries never cleaned up).
- *
- * 2. SESSION RESTORATION (removed)
- *    - attemptSessionRestoration()
- *    - Tried to restore sessions by calling refresh endpoint from JWT callback.
- *    - Created circular dependencies and made debugging impossible.
- *    - Clean approach: Session missing = user re-authenticates. Simple.
- *
- * 3. VARIABLE NAME SOUP (normalized in Phase 3)
- *    - accessToken vs idpAccessToken vs oauthAccessToken
- *    - twoFactorComplete vs mfaVerified vs requiresTwoFactor
- *    - sessionToken vs redisSessionId
- *    - Now: Clear prefixes (idp*, oauth*, mfa*) with documented meanings.
- *
- * 4. INLINE EVERYTHING (modularized in Phase 2)
- *    - All logic was in one giant file with no separation of concerns.
- *    - Now: Each module has one job and can be tested independently.
- *
- * @version 2.0.0
- * @since auth-refactor-2026-01
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.authOptions = void 0;
-exports.getAuthOptions = getAuthOptions;
-exports.clearAuthOptionsCache = clearAuthOptionsCache;
-const jwt_1 = require("next-auth/jwt");
-const idp_client_config_1 = require("../lib/idp-client-config");
-const app_slug_1 = require("../lib/app-slug");
-// Module imports
-const providers_1 = require("./providers");
-const callbacks_1 = require("./callbacks");
-const events_1 = require("./events");
-// ============================================================================
-// ENVIRONMENT HELPERS
-// ============================================================================
-/**
- * Get AUTH_ISSUER_URL for JWT issuer claim.
- * Required for SSO across apps.
- */
-function getAuthIssuerUrl() {
-    const url = process.env.AUTH_ISSUER_URL;
-    if (!url) {
-        throw new Error('AUTH_ISSUER_URL environment variable is REQUIRED');
-    }
-    return url;
-}
-// ============================================================================
-// BASE AUTH OPTIONS
-// ============================================================================
-/**
- * Base NextAuth configuration.
- * Use getAuthOptions() for dynamic provider loading from IDP.
- */
-exports.authOptions = {
-    // Session uses JWT strategy - JWT contains only redisSessionId
-    session: {
-        strategy: 'jwt',
-        maxAge: 30 * 24 * 60 * 60, // 30 days default, overridden by IDP config
-    },
-    // Custom JWT handling for SSO issuer
-    jwt: {
-        encode: async (params) => {
-            try {
-                const issuer = getAuthIssuerUrl();
-                console.log('[JWT_ENCODE] Encoding token:', {
-                    hasToken: !!params.token,
-                    hasSecret: !!params.secret,
-                    secretLength: params.secret?.length || 0,
-                    issuer,
-                    tokenKeys: params.token ? Object.keys(params.token) : [],
-                });
-                const encoded = await (0, jwt_1.encode)({
-                    ...params,
-                    secret: params.secret,
-                    token: {
-                        ...params.token,
-                        iss: issuer,
-                    },
-                });
-                console.log('[JWT_ENCODE] Success, encoded length:', encoded?.length || 0);
-                return encoded;
-            }
-            catch (error) {
-                console.error('[JWT_ENCODE] FAILED:', error);
-                throw error;
-            }
-        },
-        decode: async (params) => {
-            const decoded = await (0, jwt_1.decode)(params);
-            if (decoded?.iss && decoded.iss !== getAuthIssuerUrl()) {
-                console.error('[JWT] Invalid issuer. Expected:', getAuthIssuerUrl(), 'Got:', decoded.iss);
-                return null; // Hard enforcement - reject mismatched issuers
-            }
-            return decoded;
-        },
-    },
-    // Cookie configuration for multi-app support
-    // In production, use __Secure- prefixed cookie names for enhanced security
-    cookies: {
-        sessionToken: {
-            name: process.env.NODE_ENV === 'production' ? (0, app_slug_1.getSecureSessionCookieName)() : (0, app_slug_1.getSessionCookieName)(),
-            options: {
-                httpOnly: true,
-                sameSite: 'lax',
-                path: '/',
-                secure: process.env.NODE_ENV === 'production',
-            },
-        },
-        csrfToken: {
-            name: process.env.NODE_ENV === 'production' ? (0, app_slug_1.getSecureCsrfCookieName)() : (0, app_slug_1.getCsrfCookieName)(),
-            options: {
-                httpOnly: true,
-                sameSite: 'lax',
-                path: '/',
-                secure: process.env.NODE_ENV === 'production',
-            },
-        },
-        callbackUrl: {
-            name: (0, app_slug_1.getCallbackUrlCookieName)(),
-            options: {
-                sameSite: 'lax',
-                path: '/',
-                secure: process.env.NODE_ENV === 'production',
-            },
-        },
-    },
-    // Providers - credentials only in base, OAuth added dynamically
-    providers: [(0, providers_1.createCredentialsProvider)()],
-    // Callbacks wired to modular implementations
-    callbacks: {
-        jwt: callbacks_1.jwtCallback,
-        session: callbacks_1.sessionCallback, // Type cast needed for NextAuth compatibility
-        signIn: callbacks_1.signInCallback,
-    },
-    // Events
-    events: {
-        signOut: events_1.handleSignOut,
-    },
-    // Custom pages
-    pages: {
-        signIn: '/account-auth/login',
-        error: '/account-auth/login',
-    },
-    debug: false,
-};
-// ============================================================================
-// DYNAMIC AUTH OPTIONS (WITH IDP OAUTH PROVIDERS)
-// ============================================================================
-let cachedAuthOptions = null;
-let authOptionsPromise = null;
-/**
- * Get auth options with dynamically loaded OAuth providers from IDP.
- * Uses caching to avoid rebuilding on every request.
- */
-async function getAuthOptions() {
-    if (cachedAuthOptions) {
-        return cachedAuthOptions;
-    }
-    if (authOptionsPromise) {
-        return authOptionsPromise;
-    }
-    authOptionsPromise = buildDynamicAuthOptions();
-    cachedAuthOptions = await authOptionsPromise;
-    authOptionsPromise = null;
-    return cachedAuthOptions;
-}
-/**
- * Build auth options with dynamic OAuth providers from IDP.
- */
-async function buildDynamicAuthOptions() {
-    const idpConfig = await (0, idp_client_config_1.getIDPClientConfig)();
-    const oauthProviders = (0, providers_1.buildOAuthProviders)(idpConfig);
-    return {
-        ...exports.authOptions,
-        secret: idpConfig.nextAuthSecret || process.env.NEXTAUTH_SECRET,
-        session: {
-            ...exports.authOptions.session,
-            maxAge: idpConfig.authSettings?.rememberMeDays
-                ? idpConfig.authSettings.rememberMeDays * 24 * 60 * 60
-                : 30 * 24 * 60 * 60,
-        },
-        providers: [(0, providers_1.createCredentialsProvider)(), ...oauthProviders],
-    };
-}
-/**
- * Clear cached auth options (when IDP config changes).
- */
-function clearAuthOptionsCache() {
-    cachedAuthOptions = null;
-    authOptionsPromise = null;
-}

package/dist/auth/better-auth.d.ts DELETED Viewed

@@ -1,82 +0,0 @@
-/**
- * Better Auth Configuration (Phase 1 — parallel install)
- *
- * NOT wired to routes yet. Exists alongside auth-options.ts for testing.
- * Wired in Phase 2 behind USE_BETTER_AUTH flag.
- *
- * Architecture: No database adapter — Better Auth runs in stateless mode
- * with JWE cookie cache. User management stays on IDP, sessions on Redis.
- *
- * @see BETTER-AUTH-MIGRATION-SPEC.md
- */
-import 'server-only';
-import type { IDPClientConfig } from '../lib/idp-client-config';
-/**
- * Better Auth social provider config shape.
- */
-export interface BetterAuthSocialProvider {
-    clientId: string;
-    clientSecret: string;
-    scope?: string[];
-}
-/**
- * Build Better Auth social providers from IDP config.
- * Replaces buildOAuthProviders() from providers/oauth.ts.
- */
-export declare function buildBetterAuthProviders(config: IDPClientConfig): Record<string, BetterAuthSocialProvider>;
-/**
- * Create Better Auth instance from IDP config.
- *
- * No database — runs in stateless mode with JWE cookie cache.
- * Call after getIDPClientConfig() resolves.
- */
-export declare function createBetterAuthInstance(idpConfig: IDPClientConfig): import("better-auth").Auth<{
-    secret: string;
-    socialProviders: Record<string, BetterAuthSocialProvider>;
-    trustedOrigins: string[];
-    session: {
-        cookieCache: {
-            enabled: true;
-            maxAge: number;
-            refreshCache: true;
-        };
-    };
-    plugins: [{
-        id: "next-cookies";
-        hooks: {
-            before: {
-                matcher(ctx: import("better-auth").HookEndpointContext): boolean;
-                handler: (inputContext: import("better-auth").MiddlewareInputContext<import("better-auth").MiddlewareOptions>) => Promise<void>;
-            }[];
-            after: {
-                matcher(ctx: import("better-auth").HookEndpointContext): true;
-                handler: (inputContext: import("better-auth").MiddlewareInputContext<import("better-auth").MiddlewareOptions>) => Promise<void>;
-            }[];
-        };
-    }];
-}>;
-/**
- * Check if Better Auth is enabled via flag.
- */
-export declare function isBetterAuthEnabled(): boolean;
-/**
- * Get flag-gated auth handler for Next.js route.
- *
- * When USE_BETTER_AUTH=true, returns Better Auth handlers.
- * Otherwise returns null (caller uses NextAuth).
- *
- * Usage in host app route:
- * ```ts
- * import { getBetterAuthHandler } from '@payez/next-mvp/auth/better-auth';
- *
- * export async function GET(req: Request) {
- *   const ba = await getBetterAuthHandler();
- *   if (ba) return ba.GET(req);
- *   // ... existing NextAuth handler
- * }
- * ```
- */
-export declare function getBetterAuthHandler(): Promise<{
-    GET: (req: Request) => Promise<Response>;
-    POST: (req: Request) => Promise<Response>;
-} | null>;

package/dist/auth/better-auth.js DELETED Viewed

@@ -1,122 +0,0 @@
-"use strict";
-/**
- * Better Auth Configuration (Phase 1 — parallel install)
- *
- * NOT wired to routes yet. Exists alongside auth-options.ts for testing.
- * Wired in Phase 2 behind USE_BETTER_AUTH flag.
- *
- * Architecture: No database adapter — Better Auth runs in stateless mode
- * with JWE cookie cache. User management stays on IDP, sessions on Redis.
- *
- * @see BETTER-AUTH-MIGRATION-SPEC.md
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.buildBetterAuthProviders = buildBetterAuthProviders;
-exports.createBetterAuthInstance = createBetterAuthInstance;
-exports.isBetterAuthEnabled = isBetterAuthEnabled;
-exports.getBetterAuthHandler = getBetterAuthHandler;
-require("server-only");
-const better_auth_1 = require("better-auth");
-const next_js_1 = require("better-auth/next-js");
-const next_js_2 = require("better-auth/next-js");
-const idp_client_config_1 = require("../lib/idp-client-config");
-/**
- * Build Better Auth social providers from IDP config.
- * Replaces buildOAuthProviders() from providers/oauth.ts.
- */
-function buildBetterAuthProviders(config) {
-    const providers = {};
-    for (const oauth of config.oauthProviders || []) {
-        if (!oauth.enabled)
-            continue;
-        const name = oauth.provider.toLowerCase();
-        providers[name] = {
-            clientId: oauth.clientId,
-            clientSecret: oauth.clientSecret,
-            scope: oauth.scopes?.split(' '),
-        };
-    }
-    return providers;
-}
-/**
- * Create Better Auth instance from IDP config.
- *
- * No database — runs in stateless mode with JWE cookie cache.
- * Call after getIDPClientConfig() resolves.
- */
-function createBetterAuthInstance(idpConfig) {
-    return (0, better_auth_1.betterAuth)({
-        secret: idpConfig.nextAuthSecret,
-        socialProviders: buildBetterAuthProviders(idpConfig),
-        // Trust the app's own origin + any configured base URL
-        trustedOrigins: [
-            ...(idpConfig.baseClientUrl ? [idpConfig.baseClientUrl] : []),
-            ...(process.env.BETTER_AUTH_URL ? [process.env.BETTER_AUTH_URL] : []),
-            'http://localhost:3000',
-            'http://localhost:3400',
-            'http://localhost:3600',
-        ],
-        // No database — stateless mode. Better Auth defaults to JWE cookie cache.
-        // Session cookie cache with refreshCache for DB-less setup.
-        session: {
-            cookieCache: {
-                enabled: true,
-                maxAge: 300,
-                refreshCache: true,
-            },
-        },
-        plugins: [
-            (0, next_js_1.nextCookies)(),
-        ],
-    });
-}
-/**
- * Check if Better Auth is enabled via flag.
- */
-function isBetterAuthEnabled() {
-    return process.env.USE_BETTER_AUTH === 'true';
-}
-/**
- * Get Better Auth Next.js route handlers (GET, POST).
- * Initializes Better Auth from IDP config on first call, caches the instance.
- */
-// eslint-disable-next-line @typescript-eslint/no-explicit-any
-let cachedInstance = null;
-// eslint-disable-next-line @typescript-eslint/no-explicit-any
-let initPromise = null;
-async function getBetterAuthInstance() {
-    if (cachedInstance)
-        return cachedInstance;
-    if (!initPromise) {
-        initPromise = (0, idp_client_config_1.getIDPClientConfig)().then(config => {
-            const instance = createBetterAuthInstance(config);
-            cachedInstance = instance;
-            console.log('[BETTER_AUTH] Instance created for', config.clientSlug || config.clientId);
-            return instance;
-        });
-    }
-    return initPromise;
-}
-/**
- * Get flag-gated auth handler for Next.js route.
- *
- * When USE_BETTER_AUTH=true, returns Better Auth handlers.
- * Otherwise returns null (caller uses NextAuth).
- *
- * Usage in host app route:
- * ```ts
- * import { getBetterAuthHandler } from '@payez/next-mvp/auth/better-auth';
- *
- * export async function GET(req: Request) {
- *   const ba = await getBetterAuthHandler();
- *   if (ba) return ba.GET(req);
- *   // ... existing NextAuth handler
- * }
- * ```
- */
-async function getBetterAuthHandler() {
-    if (!isBetterAuthEnabled())
-        return null;
-    const auth = await getBetterAuthInstance();
-    return (0, next_js_2.toNextJsHandler)(auth);
-}

package/dist/auth/callbacks/index.d.ts DELETED Viewed

@@ -1,6 +0,0 @@
-/**
- * Auth Callbacks - Public Exports
- */
-export { jwtCallback } from './jwt';
-export { sessionCallback } from './session';
-export { signInCallback } from './signin';

package/dist/auth/callbacks/index.js DELETED Viewed

@@ -1,12 +0,0 @@
-"use strict";
-/**
- * Auth Callbacks - Public Exports
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.signInCallback = exports.sessionCallback = exports.jwtCallback = void 0;
-var jwt_1 = require("./jwt");
-Object.defineProperty(exports, "jwtCallback", { enumerable: true, get: function () { return jwt_1.jwtCallback; } });
-var session_1 = require("./session");
-Object.defineProperty(exports, "sessionCallback", { enumerable: true, get: function () { return session_1.sessionCallback; } });
-var signin_1 = require("./signin");
-Object.defineProperty(exports, "signInCallback", { enumerable: true, get: function () { return signin_1.signInCallback; } });

package/dist/auth/callbacks/jwt.d.ts DELETED Viewed

@@ -1,45 +0,0 @@
-/**
- * JWT Callback
- *
- * Minimal token strategy - only store redisSessionId in JWT.
- * All session data lives in Redis, not in the browser cookie.
- *
- * HANDLES:
- * - Initial sign-in (credentials): Store redisSessionId from authorize()
- * - Initial sign-in (OAuth): Register with IDP, create session, store redisSessionId
- * - Subsequent requests: Validate session exists, return token
- *
- * @version 1.0.0
- * @since auth-refactor-2026-01
- */
-import type { JWT } from 'next-auth/jwt';
-import type { User, Account } from 'next-auth';
-interface JwtCallbackParams {
-    token: JWT;
-    user?: User | any;
-    account?: Account | null;
-    trigger?: 'signIn' | 'signUp' | 'update';
-}
-interface JwtCallbackResult extends JWT {
-    /** Redis session ID - the key to look up session data */
-    redisSessionId?: string;
-    /** User ID from IDP */
-    sub: string;
-    /** Error code if session validation failed */
-    error?: string;
-    /** Flag for OAuth users who need immediate 2FA redirect */
-    requiresTwoFactorRedirect?: boolean;
-}
-/**
- * JWT callback - builds the NextAuth JWT token.
- *
- * MINIMAL TOKEN STRATEGY:
- * - Only store redisSessionId (key to Redis session)
- * - All tokens and user data live in Redis
- * - Browser cookie stays small and secure
- *
- * @param params - JWT callback parameters from NextAuth
- * @returns JWT payload to store in browser cookie
- */
-export declare function jwtCallback({ token, user, account, trigger, }: JwtCallbackParams): Promise<JwtCallbackResult>;
-export {};