npm - @payez/next-mvp - Versions diffs - 3.9.1 → 4.0.1 - Mend

@payez/next-mvp 3.9.1 → 4.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (526) hide show

package/package.json +6 -18
package/src/api/auth-handler.ts +550 -549
package/src/api-handlers/account/change-password.ts +5 -8
package/src/api-handlers/admin/analytics.ts +4 -6
package/src/api-handlers/admin/audit.ts +5 -7
package/src/api-handlers/admin/index.ts +1 -2
package/src/api-handlers/admin/redis-sessions.ts +6 -8
package/src/api-handlers/admin/sessions.ts +5 -7
package/src/api-handlers/admin/site-logs.ts +8 -10
package/src/api-handlers/admin/stats.ts +4 -6
package/src/api-handlers/admin/users.ts +5 -7
package/src/api-handlers/admin/vibe-data.ts +10 -12
package/src/api-handlers/auth/refresh.ts +5 -7
package/src/api-handlers/auth/signout.ts +5 -6
package/src/api-handlers/auth/status.ts +4 -7
package/src/api-handlers/auth/update-session.ts +123 -125
package/src/api-handlers/auth/verify-code.ts +9 -13
package/src/api-handlers/session/viability.ts +10 -47
package/src/api-handlers/test/force-expire.ts +4 -11
package/src/auth/auth-decision.ts +1 -1
package/src/auth/better-auth.ts +138 -141
package/src/auth/route-config.ts +219 -219
package/src/auth/utils/token-utils.ts +0 -1
package/src/client/AuthContext.tsx +6 -2
package/src/client/fetch-with-auth.ts +47 -47
package/src/components/SessionSync.tsx +6 -5
package/src/components/account/MobileNavDrawer.tsx +3 -3
package/src/components/account/UserAvatarMenu.tsx +6 -3
package/src/components/admin/VibeAdminLayout.tsx +4 -2
package/src/config/logger.ts +1 -1
package/src/hooks/useAuth.ts +117 -115
package/src/hooks/useAuthSettings.ts +2 -2
package/src/hooks/useAvailableProviders.ts +9 -5
package/src/hooks/useSessionExpiration.ts +101 -102
package/src/hooks/useViabilitySession.ts +336 -335
package/src/index.ts +60 -63
package/src/lib/api-handler.ts +0 -1
package/src/lib/app-slug.ts +6 -6
package/src/lib/standardized-client-api.ts +901 -895
package/src/lib/startup-init.ts +243 -247
package/src/lib/test-aware-get-token.ts +22 -12
package/src/lib/token-lifecycle.ts +12 -53
package/src/pages/admin-login/page.tsx +9 -17
package/src/pages/client-admin/ClientSiteAdminPage.tsx +4 -2
package/src/pages/login/page.tsx +21 -28
package/src/pages/showcase/ShowcasePage.tsx +4 -2
package/src/pages/test-env/EmergencyLogoutPage.tsx +7 -6
package/src/pages/test-env/JwtInspectPage.tsx +5 -3
package/src/pages/test-env/RefreshTokenPage.tsx +157 -155
package/src/pages/test-env/TestEnvPage.tsx +4 -2
package/src/pages/verify-code/page.tsx +10 -6
package/src/routes/auth/logout.ts +7 -25
package/src/routes/auth/nextauth.ts +45 -71
package/src/routes/auth/session.ts +25 -50
package/src/routes/auth/viability.ts +7 -19
package/src/server/auth.ts +60 -0
package/src/stores/authStore.ts +1899 -1904
package/src/utils/logout.ts +30 -30
package/dist/api/auth-handler.d.ts +0 -67
package/dist/api/auth-handler.js +0 -397
package/dist/api/index.d.ts +0 -10
package/dist/api/index.js +0 -19
package/dist/api-handlers/account/change-password.d.ts +0 -9
package/dist/api-handlers/account/change-password.js +0 -112
package/dist/api-handlers/account/masked-info.d.ts +0 -2
package/dist/api-handlers/account/masked-info.js +0 -41
package/dist/api-handlers/account/profile.d.ts +0 -3
package/dist/api-handlers/account/profile.js +0 -63
package/dist/api-handlers/account/recovery/initiate.d.ts +0 -2
package/dist/api-handlers/account/recovery/initiate.js +0 -26
package/dist/api-handlers/account/recovery/send-code.d.ts +0 -2
package/dist/api-handlers/account/recovery/send-code.js +0 -28
package/dist/api-handlers/account/recovery/verify-code.d.ts +0 -2
package/dist/api-handlers/account/recovery/verify-code.js +0 -28
package/dist/api-handlers/account/reset-password.d.ts +0 -2
package/dist/api-handlers/account/reset-password.js +0 -26
package/dist/api-handlers/account/send-code.d.ts +0 -24
package/dist/api-handlers/account/send-code.js +0 -60
package/dist/api-handlers/account/update-phone.d.ts +0 -27
package/dist/api-handlers/account/update-phone.js +0 -64
package/dist/api-handlers/account/validate-password.d.ts +0 -17
package/dist/api-handlers/account/validate-password.js +0 -81
package/dist/api-handlers/account/verify-email.d.ts +0 -26
package/dist/api-handlers/account/verify-email.js +0 -106
package/dist/api-handlers/account/verify-sms.d.ts +0 -26
package/dist/api-handlers/account/verify-sms.js +0 -106
package/dist/api-handlers/admin/analytics.d.ts +0 -20
package/dist/api-handlers/admin/analytics.js +0 -379
package/dist/api-handlers/admin/audit.d.ts +0 -20
package/dist/api-handlers/admin/audit.js +0 -214
package/dist/api-handlers/admin/index.d.ts +0 -22
package/dist/api-handlers/admin/index.js +0 -43
package/dist/api-handlers/admin/redis-sessions.d.ts +0 -36
package/dist/api-handlers/admin/redis-sessions.js +0 -204
package/dist/api-handlers/admin/sessions.d.ts +0 -21
package/dist/api-handlers/admin/sessions.js +0 -284
package/dist/api-handlers/admin/site-logs.d.ts +0 -46
package/dist/api-handlers/admin/site-logs.js +0 -318
package/dist/api-handlers/admin/stats.d.ts +0 -21
package/dist/api-handlers/admin/stats.js +0 -240
package/dist/api-handlers/admin/users.d.ts +0 -20
package/dist/api-handlers/admin/users.js +0 -222
package/dist/api-handlers/admin/vibe-data.d.ts +0 -80
package/dist/api-handlers/admin/vibe-data.js +0 -268
package/dist/api-handlers/anon/preferences.d.ts +0 -37
package/dist/api-handlers/anon/preferences.js +0 -96
package/dist/api-handlers/auth/jwks.d.ts +0 -2
package/dist/api-handlers/auth/jwks.js +0 -24
package/dist/api-handlers/auth/login.d.ts +0 -42
package/dist/api-handlers/auth/login.js +0 -178
package/dist/api-handlers/auth/refresh.d.ts +0 -74
package/dist/api-handlers/auth/refresh.js +0 -635
package/dist/api-handlers/auth/signout.d.ts +0 -37
package/dist/api-handlers/auth/signout.js +0 -187
package/dist/api-handlers/auth/status.d.ts +0 -8
package/dist/api-handlers/auth/status.js +0 -26
package/dist/api-handlers/auth/update-session.d.ts +0 -37
package/dist/api-handlers/auth/update-session.js +0 -95
package/dist/api-handlers/auth/validate.d.ts +0 -6
package/dist/api-handlers/auth/validate.js +0 -43
package/dist/api-handlers/auth/verify-code.d.ts +0 -43
package/dist/api-handlers/auth/verify-code.js +0 -94
package/dist/api-handlers/session/refresh-viability.d.ts +0 -14
package/dist/api-handlers/session/refresh-viability.js +0 -39
package/dist/api-handlers/session/viability.d.ts +0 -13
package/dist/api-handlers/session/viability.js +0 -146
package/dist/api-handlers/test/force-expire.d.ts +0 -23
package/dist/api-handlers/test/force-expire.js +0 -65
package/dist/auth/auth-decision.d.ts +0 -39
package/dist/auth/auth-decision.js +0 -182
package/dist/auth/auth-options.d.ts +0 -57
package/dist/auth/auth-options.js +0 -213
package/dist/auth/better-auth.d.ts +0 -82
package/dist/auth/better-auth.js +0 -122
package/dist/auth/callbacks/index.d.ts +0 -6
package/dist/auth/callbacks/index.js +0 -12
package/dist/auth/callbacks/jwt.d.ts +0 -45
package/dist/auth/callbacks/jwt.js +0 -305
package/dist/auth/callbacks/session.d.ts +0 -60
package/dist/auth/callbacks/session.js +0 -170
package/dist/auth/callbacks/signin.d.ts +0 -23
package/dist/auth/callbacks/signin.js +0 -44
package/dist/auth/events/index.d.ts +0 -4
package/dist/auth/events/index.js +0 -8
package/dist/auth/events/signout.d.ts +0 -17
package/dist/auth/events/signout.js +0 -32
package/dist/auth/providers/credentials.d.ts +0 -32
package/dist/auth/providers/credentials.js +0 -223
package/dist/auth/providers/index.d.ts +0 -5
package/dist/auth/providers/index.js +0 -21
package/dist/auth/providers/oauth.d.ts +0 -26
package/dist/auth/providers/oauth.js +0 -105
package/dist/auth/route-config.d.ts +0 -66
package/dist/auth/route-config.js +0 -190
package/dist/auth/types/auth-types.d.ts +0 -417
package/dist/auth/types/auth-types.js +0 -53
package/dist/auth/types/index.d.ts +0 -6
package/dist/auth/types/index.js +0 -22
package/dist/auth/unauthenticated-routes.d.ts +0 -1
package/dist/auth/unauthenticated-routes.js +0 -19
package/dist/auth/utils/idp-client.d.ts +0 -94
package/dist/auth/utils/idp-client.js +0 -384
package/dist/auth/utils/index.d.ts +0 -5
package/dist/auth/utils/index.js +0 -21
package/dist/auth/utils/token-utils.d.ts +0 -84
package/dist/auth/utils/token-utils.js +0 -219
package/dist/client/AuthContext.d.ts +0 -19
package/dist/client/AuthContext.js +0 -112
package/dist/client/better-auth-client.d.ts +0 -1020
package/dist/client/better-auth-client.js +0 -68
package/dist/client/fetch-with-auth.d.ts +0 -11
package/dist/client/fetch-with-auth.js +0 -44
package/dist/client/fetchWithSession.d.ts +0 -3
package/dist/client/fetchWithSession.js +0 -24
package/dist/client/index.d.ts +0 -9
package/dist/client/index.js +0 -20
package/dist/client/useAnonSession.d.ts +0 -36
package/dist/client/useAnonSession.js +0 -99
package/dist/components/SessionSync.d.ts +0 -13
package/dist/components/SessionSync.js +0 -119
package/dist/components/SignalRHealthCheck.d.ts +0 -10
package/dist/components/SignalRHealthCheck.js +0 -97
package/dist/components/account/MobileNavDrawer.d.ts +0 -32
package/dist/components/account/MobileNavDrawer.js +0 -81
package/dist/components/account/UserAvatarMenu.d.ts +0 -20
package/dist/components/account/UserAvatarMenu.js +0 -88
package/dist/components/account/index.d.ts +0 -9
package/dist/components/account/index.js +0 -13
package/dist/components/admin/AlertSettingsTab.d.ts +0 -48
package/dist/components/admin/AlertSettingsTab.js +0 -351
package/dist/components/admin/AnalyticsTab.d.ts +0 -22
package/dist/components/admin/AnalyticsTab.js +0 -167
package/dist/components/admin/DataBrowserTab.d.ts +0 -19
package/dist/components/admin/DataBrowserTab.js +0 -252
package/dist/components/admin/LoggingSettingsTab.d.ts +0 -73
package/dist/components/admin/LoggingSettingsTab.js +0 -339
package/dist/components/admin/SessionsTab.d.ts +0 -37
package/dist/components/admin/SessionsTab.js +0 -165
package/dist/components/admin/StatsTab.d.ts +0 -53
package/dist/components/admin/StatsTab.js +0 -161
package/dist/components/admin/VibeAdminContext.d.ts +0 -32
package/dist/components/admin/VibeAdminContext.js +0 -38
package/dist/components/admin/VibeAdminLayout.d.ts +0 -11
package/dist/components/admin/VibeAdminLayout.js +0 -69
package/dist/components/admin/index.d.ts +0 -29
package/dist/components/admin/index.js +0 -44
package/dist/components/auth/FederatedAuthSection.d.ts +0 -8
package/dist/components/auth/FederatedAuthSection.js +0 -45
package/dist/components/auth/ModeAwareLoginPage.d.ts +0 -10
package/dist/components/auth/ModeAwareLoginPage.js +0 -42
package/dist/components/auth/ModeAwareSignupPage.d.ts +0 -9
package/dist/components/auth/ModeAwareSignupPage.js +0 -78
package/dist/components/auth/TraditionalAuthSection.d.ts +0 -14
package/dist/components/auth/TraditionalAuthSection.js +0 -20
package/dist/components/recovery/CompleteStep.d.ts +0 -5
package/dist/components/recovery/CompleteStep.js +0 -8
package/dist/components/recovery/InitiateRecoveryStep.d.ts +0 -8
package/dist/components/recovery/InitiateRecoveryStep.js +0 -20
package/dist/components/recovery/SelectMethodStep.d.ts +0 -8
package/dist/components/recovery/SelectMethodStep.js +0 -8
package/dist/components/recovery/SetPasswordStep.d.ts +0 -6
package/dist/components/recovery/SetPasswordStep.js +0 -20
package/dist/components/recovery/VerifyCodeStep.d.ts +0 -10
package/dist/components/recovery/VerifyCodeStep.js +0 -24
package/dist/components/reserved/ReservedRecoveryWarning.d.ts +0 -38
package/dist/components/reserved/ReservedRecoveryWarning.js +0 -92
package/dist/components/reserved/ReservedStatusBox.d.ts +0 -30
package/dist/components/reserved/ReservedStatusBox.js +0 -71
package/dist/components/ui/BetaBadge.d.ts +0 -29
package/dist/components/ui/BetaBadge.js +0 -38
package/dist/components/ui/Footer.d.ts +0 -37
package/dist/components/ui/Footer.js +0 -41
package/dist/config/env.d.ts +0 -66
package/dist/config/env.js +0 -57
package/dist/config/logger.d.ts +0 -57
package/dist/config/logger.js +0 -73
package/dist/config/logging-config.d.ts +0 -30
package/dist/config/logging-config.js +0 -122
package/dist/config/unauthenticated-routes.d.ts +0 -17
package/dist/config/unauthenticated-routes.js +0 -24
package/dist/config/vibe-log-transport.d.ts +0 -81
package/dist/config/vibe-log-transport.js +0 -212
package/dist/edge/internal-api-url.d.ts +0 -53
package/dist/edge/internal-api-url.js +0 -63
package/dist/edge/middleware.d.ts +0 -14
package/dist/edge/middleware.js +0 -32
package/dist/hooks/useAuth.d.ts +0 -23
package/dist/hooks/useAuth.js +0 -81
package/dist/hooks/useAuthSettings.d.ts +0 -59
package/dist/hooks/useAuthSettings.js +0 -93
package/dist/hooks/useAvailableProviders.d.ts +0 -45
package/dist/hooks/useAvailableProviders.js +0 -108
package/dist/hooks/usePasswordValidation.d.ts +0 -27
package/dist/hooks/usePasswordValidation.js +0 -102
package/dist/hooks/useProfile.d.ts +0 -15
package/dist/hooks/useProfile.js +0 -59
package/dist/hooks/usePublicAuthSettings.d.ts +0 -56
package/dist/hooks/usePublicAuthSettings.js +0 -131
package/dist/hooks/useSessionExpiration.d.ts +0 -57
package/dist/hooks/useSessionExpiration.js +0 -72
package/dist/hooks/useViabilitySession.d.ts +0 -75
package/dist/hooks/useViabilitySession.js +0 -268
package/dist/index.d.ts +0 -12
package/dist/index.js +0 -55
package/dist/lib/anon-session.d.ts +0 -74
package/dist/lib/anon-session.js +0 -169
package/dist/lib/api-handler.d.ts +0 -123
package/dist/lib/api-handler.js +0 -478
package/dist/lib/app-slug.d.ts +0 -95
package/dist/lib/app-slug.js +0 -172
package/dist/lib/demo-mode.d.ts +0 -6
package/dist/lib/demo-mode.js +0 -16
package/dist/lib/geolocation.d.ts +0 -64
package/dist/lib/geolocation.js +0 -235
package/dist/lib/idp-client-config.d.ts +0 -75
package/dist/lib/idp-client-config.js +0 -425
package/dist/lib/idp-fetch.d.ts +0 -14
package/dist/lib/idp-fetch.js +0 -91
package/dist/lib/internal-api.d.ts +0 -87
package/dist/lib/internal-api.js +0 -122
package/dist/lib/jwt-decode-client.d.ts +0 -10
package/dist/lib/jwt-decode-client.js +0 -46
package/dist/lib/jwt-decode.d.ts +0 -48
package/dist/lib/jwt-decode.js +0 -57
package/dist/lib/nextauth-secret.d.ts +0 -10
package/dist/lib/nextauth-secret.js +0 -100
package/dist/lib/rate-limit-service.d.ts +0 -23
package/dist/lib/rate-limit-service.js +0 -6
package/dist/lib/redis.d.ts +0 -5
package/dist/lib/redis.js +0 -28
package/dist/lib/refresh-token-validator.d.ts +0 -13
package/dist/lib/refresh-token-validator.js +0 -117
package/dist/lib/roles.d.ts +0 -145
package/dist/lib/roles.js +0 -168
package/dist/lib/secret-validation.d.ts +0 -4
package/dist/lib/secret-validation.js +0 -14
package/dist/lib/session-store.d.ts +0 -170
package/dist/lib/session-store.js +0 -545
package/dist/lib/session.d.ts +0 -21
package/dist/lib/session.js +0 -26
package/dist/lib/site-logger.d.ts +0 -214
package/dist/lib/site-logger.js +0 -210
package/dist/lib/standardized-client-api.d.ts +0 -161
package/dist/lib/standardized-client-api.js +0 -786
package/dist/lib/startup-init.d.ts +0 -40
package/dist/lib/startup-init.js +0 -261
package/dist/lib/test-aware-get-token.d.ts +0 -2
package/dist/lib/test-aware-get-token.js +0 -81
package/dist/lib/token-expiry.d.ts +0 -14
package/dist/lib/token-expiry.js +0 -39
package/dist/lib/token-lifecycle.d.ts +0 -52
package/dist/lib/token-lifecycle.js +0 -398
package/dist/lib/types/api-responses.d.ts +0 -128
package/dist/lib/types/api-responses.js +0 -171
package/dist/lib/user-agent-parser.d.ts +0 -50
package/dist/lib/user-agent-parser.js +0 -220
package/dist/logging/api/admin-analytics.d.ts +0 -3
package/dist/logging/api/admin-analytics.js +0 -45
package/dist/logging/api/audit-log.d.ts +0 -3
package/dist/logging/api/audit-log.js +0 -52
package/dist/logging/components/AdminAnalyticsLayout.d.ts +0 -10
package/dist/logging/components/AdminAnalyticsLayout.js +0 -11
package/dist/logging/components/AuditLogViewer.d.ts +0 -7
package/dist/logging/components/AuditLogViewer.js +0 -51
package/dist/logging/components/ErrorMetricsCard.d.ts +0 -7
package/dist/logging/components/ErrorMetricsCard.js +0 -16
package/dist/logging/components/HealthMetricsCard.d.ts +0 -7
package/dist/logging/components/HealthMetricsCard.js +0 -19
package/dist/logging/hooks/useAdminAnalytics.d.ts +0 -24
package/dist/logging/hooks/useAdminAnalytics.js +0 -22
package/dist/logging/hooks/useAuditLog.d.ts +0 -6
package/dist/logging/hooks/useAuditLog.js +0 -25
package/dist/logging/hooks/useErrorMetrics.d.ts +0 -6
package/dist/logging/hooks/useErrorMetrics.js +0 -38
package/dist/logging/hooks/useHealthMetrics.d.ts +0 -6
package/dist/logging/hooks/useHealthMetrics.js +0 -41
package/dist/logging/index.d.ts +0 -11
package/dist/logging/index.js +0 -40
package/dist/logging/types/analytics.d.ts +0 -68
package/dist/logging/types/analytics.js +0 -3
package/dist/logging/types/audit.d.ts +0 -29
package/dist/logging/types/audit.js +0 -2
package/dist/logging/types/index.d.ts +0 -2
package/dist/logging/types/index.js +0 -19
package/dist/middleware/auth-decision.d.ts +0 -33
package/dist/middleware/auth-decision.js +0 -65
package/dist/middleware/create-middleware.d.ts +0 -102
package/dist/middleware/create-middleware.js +0 -469
package/dist/middleware/rbac-check.d.ts +0 -51
package/dist/middleware/rbac-check.js +0 -219
package/dist/middleware/twofa-presets.d.ts +0 -134
package/dist/middleware/twofa-presets.js +0 -175
package/dist/models/DecodedAccessToken.d.ts +0 -17
package/dist/models/DecodedAccessToken.js +0 -2
package/dist/models/SessionModel.d.ts +0 -122
package/dist/models/SessionModel.js +0 -136
package/dist/pages/admin-login/page.d.ts +0 -31
package/dist/pages/admin-login/page.js +0 -83
package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.d.ts +0 -18
package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.js +0 -276
package/dist/pages/admin-page-permissions/index.d.ts +0 -6
package/dist/pages/admin-page-permissions/index.js +0 -13
package/dist/pages/admin-roles/RolesAdminPage.d.ts +0 -16
package/dist/pages/admin-roles/RolesAdminPage.js +0 -261
package/dist/pages/admin-roles/index.d.ts +0 -8
package/dist/pages/admin-roles/index.js +0 -15
package/dist/pages/admin-roles/modals.d.ts +0 -72
package/dist/pages/admin-roles/modals.js +0 -154
package/dist/pages/client-admin/ClientSiteAdminPage.d.ts +0 -79
package/dist/pages/client-admin/ClientSiteAdminPage.js +0 -177
package/dist/pages/client-admin/index.d.ts +0 -32
package/dist/pages/client-admin/index.js +0 -37
package/dist/pages/coming-soon/page.d.ts +0 -8
package/dist/pages/coming-soon/page.js +0 -28
package/dist/pages/login/page.d.ts +0 -22
package/dist/pages/login/page.js +0 -239
package/dist/pages/profile/EnhancedProfilePage.d.ts +0 -13
package/dist/pages/profile/EnhancedProfilePage.js +0 -150
package/dist/pages/profile/index.d.ts +0 -8
package/dist/pages/profile/index.js +0 -16
package/dist/pages/profile/page.d.ts +0 -19
package/dist/pages/profile/page.js +0 -47
package/dist/pages/profile/profile-patch.d.ts +0 -1
package/dist/pages/profile/profile-patch.js +0 -281
package/dist/pages/recovery/page.d.ts +0 -1
package/dist/pages/recovery/page.js +0 -142
package/dist/pages/roles/MyRolesPage.d.ts +0 -24
package/dist/pages/roles/MyRolesPage.js +0 -71
package/dist/pages/roles/components.d.ts +0 -63
package/dist/pages/roles/components.js +0 -108
package/dist/pages/roles/index.d.ts +0 -8
package/dist/pages/roles/index.js +0 -19
package/dist/pages/security/EnhancedSecurityPage.d.ts +0 -14
package/dist/pages/security/EnhancedSecurityPage.js +0 -248
package/dist/pages/security/index.d.ts +0 -8
package/dist/pages/security/index.js +0 -16
package/dist/pages/security/page.d.ts +0 -21
package/dist/pages/security/page.js +0 -212
package/dist/pages/security/security-patch.d.ts +0 -1
package/dist/pages/security/security-patch.js +0 -302
package/dist/pages/settings/EnhancedSettingsPage.d.ts +0 -46
package/dist/pages/settings/EnhancedSettingsPage.js +0 -231
package/dist/pages/settings/index.d.ts +0 -8
package/dist/pages/settings/index.js +0 -16
package/dist/pages/settings/page.d.ts +0 -7
package/dist/pages/settings/page.js +0 -26
package/dist/pages/showcase/ShowcasePage.d.ts +0 -13
package/dist/pages/showcase/ShowcasePage.js +0 -140
package/dist/pages/showcase/index.d.ts +0 -12
package/dist/pages/showcase/index.js +0 -17
package/dist/pages/test-env/EmergencyLogoutPage.d.ts +0 -14
package/dist/pages/test-env/EmergencyLogoutPage.js +0 -98
package/dist/pages/test-env/JwtInspectPage.d.ts +0 -14
package/dist/pages/test-env/JwtInspectPage.js +0 -114
package/dist/pages/test-env/RefreshTokenPage.d.ts +0 -15
package/dist/pages/test-env/RefreshTokenPage.js +0 -91
package/dist/pages/test-env/TestEnvPage.d.ts +0 -13
package/dist/pages/test-env/TestEnvPage.js +0 -49
package/dist/pages/test-env/index.d.ts +0 -24
package/dist/pages/test-env/index.js +0 -32
package/dist/pages/verify-code/page.d.ts +0 -30
package/dist/pages/verify-code/page.js +0 -408
package/dist/routes/account/index.d.ts +0 -28
package/dist/routes/account/index.js +0 -71
package/dist/routes/account/masked-info.d.ts +0 -33
package/dist/routes/account/masked-info.js +0 -39
package/dist/routes/account/send-code.d.ts +0 -37
package/dist/routes/account/send-code.js +0 -42
package/dist/routes/account/update-phone.d.ts +0 -13
package/dist/routes/account/update-phone.js +0 -17
package/dist/routes/account/verify-email.d.ts +0 -38
package/dist/routes/account/verify-email.js +0 -43
package/dist/routes/account/verify-sms.d.ts +0 -38
package/dist/routes/account/verify-sms.js +0 -43
package/dist/routes/auth/index.d.ts +0 -19
package/dist/routes/auth/index.js +0 -64
package/dist/routes/auth/logout.d.ts +0 -31
package/dist/routes/auth/logout.js +0 -113
package/dist/routes/auth/nextauth.d.ts +0 -19
package/dist/routes/auth/nextauth.js +0 -72
package/dist/routes/auth/refresh.d.ts +0 -30
package/dist/routes/auth/refresh.js +0 -51
package/dist/routes/auth/session.d.ts +0 -43
package/dist/routes/auth/session.js +0 -179
package/dist/routes/auth/settings.d.ts +0 -25
package/dist/routes/auth/settings.js +0 -55
package/dist/routes/auth/viability.d.ts +0 -52
package/dist/routes/auth/viability.js +0 -201
package/dist/routes/index.d.ts +0 -12
package/dist/routes/index.js +0 -54
package/dist/routes/session/index.d.ts +0 -6
package/dist/routes/session/index.js +0 -10
package/dist/routes/session/refresh-viability.d.ts +0 -16
package/dist/routes/session/refresh-viability.js +0 -20
package/dist/server/auth-guard.d.ts +0 -46
package/dist/server/auth-guard.js +0 -128
package/dist/server/decode-session.d.ts +0 -30
package/dist/server/decode-session.js +0 -78
package/dist/server/slim-middleware.d.ts +0 -23
package/dist/server/slim-middleware.js +0 -89
package/dist/server/with-auth.d.ts +0 -33
package/dist/server/with-auth.js +0 -59
package/dist/services/signalrActivityService.d.ts +0 -44
package/dist/services/signalrActivityService.js +0 -257
package/dist/stores/authStore.d.ts +0 -154
package/dist/stores/authStore.js +0 -1531
package/dist/theme/ThemeProvider.d.ts +0 -14
package/dist/theme/ThemeProvider.js +0 -28
package/dist/theme/default.d.ts +0 -8
package/dist/theme/default.js +0 -33
package/dist/theme/index.d.ts +0 -15
package/dist/theme/index.js +0 -25
package/dist/theme/types.d.ts +0 -56
package/dist/theme/types.js +0 -8
package/dist/theme/useTheme.d.ts +0 -60
package/dist/theme/useTheme.js +0 -63
package/dist/theme/utils.d.ts +0 -13
package/dist/theme/utils.js +0 -39
package/dist/types/api.d.ts +0 -134
package/dist/types/api.js +0 -44
package/dist/types/auth.d.ts +0 -19
package/dist/types/auth.js +0 -2
package/dist/types/logging.d.ts +0 -42
package/dist/types/logging.js +0 -2
package/dist/types/recovery.d.ts +0 -48
package/dist/types/recovery.js +0 -2
package/dist/types/security.d.ts +0 -1
package/dist/types/security.js +0 -2
package/dist/utils/api.d.ts +0 -85
package/dist/utils/api.js +0 -287
package/dist/utils/circuitBreaker.d.ts +0 -43
package/dist/utils/circuitBreaker.js +0 -91
package/dist/utils/error-message.d.ts +0 -1
package/dist/utils/error-message.js +0 -103
package/dist/utils/layout/reservedSpace.d.ts +0 -59
package/dist/utils/layout/reservedSpace.js +0 -102
package/dist/utils/logout.d.ts +0 -14
package/dist/utils/logout.js +0 -32
package/dist/vibe/client.d.ts +0 -261
package/dist/vibe/client.js +0 -445
package/dist/vibe/enterprise-auth.d.ts +0 -106
package/dist/vibe/enterprise-auth.js +0 -173
package/dist/vibe/errors.d.ts +0 -83
package/dist/vibe/errors.js +0 -146
package/dist/vibe/generic.d.ts +0 -234
package/dist/vibe/generic.js +0 -369
package/dist/vibe/hooks/index.d.ts +0 -169
package/dist/vibe/hooks/index.js +0 -252
package/dist/vibe/index.d.ts +0 -25
package/dist/vibe/index.js +0 -72
package/dist/vibe/sessions.d.ts +0 -161
package/dist/vibe/sessions.js +0 -391
package/dist/vibe/types.d.ts +0 -353
package/dist/vibe/types.js +0 -315
package/src/auth/auth-options.ts +0 -237
package/src/auth/callbacks/index.ts +0 -7
package/src/auth/callbacks/jwt.ts +0 -382
package/src/auth/callbacks/session.ts +0 -243
package/src/auth/callbacks/signin.ts +0 -56
package/src/auth/events/index.ts +0 -5
package/src/auth/events/signout.ts +0 -33
package/src/auth/providers/credentials.ts +0 -256
package/src/auth/providers/index.ts +0 -6
package/src/auth/providers/oauth.ts +0 -114
package/src/lib/nextauth-secret.ts +0 -121
package/src/types/next-auth.d.ts +0 -15

package/dist/auth/utils/idp-client.js DELETED Viewed

@@ -1,384 +0,0 @@
-"use strict";
-/**
- * IDP Client Utilities
- *
- * Functions for calling PayEz IDP API endpoints.
- * Handles login, OAuth callback, token refresh, and 2FA verification.
- *
- * URL USAGE:
- * - IDP_URL: Used for all calls to the PayEz Identity Provider
- * - INTERNAL_API_URL: NOT used here - that's for calling THIS app's own endpoints
- *
- * @version 1.0.0
- * @since auth-refactor-2026-01
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getIdpUrl = getIdpUrl;
-exports.getClientId = getClientId;
-exports.idpLogin = idpLogin;
-exports.idpOAuthCallback = idpOAuthCallback;
-exports.idpRefreshToken = idpRefreshToken;
-exports.idpVerify2FA = idpVerify2FA;
-exports.idpSend2FACode = idpSend2FACode;
-// ============================================================================
-// CONFIGURATION
-// ============================================================================
-/**
- * Get IDP base URL. Throws if not configured.
- */
-function getIdpUrl() {
-    const url = process.env.IDP_URL;
-    if (!url) {
-        throw new Error('[IDP_CLIENT] FATAL: IDP_URL environment variable is REQUIRED');
-    }
-    return url.replace(/\/$/, ''); // Remove trailing slash
-}
-/**
- * Get client ID for this application.
- */
-function getClientId() {
-    const clientId = process.env.CLIENT_ID || process.env.NEXT_PUBLIC_CLIENT_ID;
-    if (!clientId) {
-        throw new Error('[IDP_CLIENT] FATAL: CLIENT_ID environment variable is REQUIRED');
-    }
-    return clientId;
-}
-// ============================================================================
-// LOGIN
-// ============================================================================
-/**
- * Authenticate user with email/password via IDP.
- *
- * @param credentials - User's email and password
- * @param clientHeaders - Headers to forward (IP, User-Agent for audit)
- * @returns IDP login response with tokens or error
- */
-async function idpLogin(credentials, clientHeaders) {
-    const idpUrl = getIdpUrl();
-    const clientId = getClientId();
-    const headers = {
-        'Content-Type': 'application/json',
-        'X-Client-Id': clientId,
-    };
-    // Forward client IP for audit logging
-    if (clientHeaders?.ip) {
-        headers['X-Forwarded-For'] = clientHeaders.ip;
-    }
-    // Forward User-Agent for audit logging
-    if (clientHeaders?.userAgent) {
-        headers['User-Agent'] = clientHeaders.userAgent;
-    }
-    try {
-        const response = await fetch(`${idpUrl}/api/ExternalAuth/login`, {
-            method: 'POST',
-            headers,
-            body: JSON.stringify({
-                username_or_email: credentials.email,
-                password: credentials.password,
-                client_id: clientId,
-            }),
-        });
-        const data = await response.json();
-        // Unwrap PayEz response envelope if present
-        const responseData = data.data || data;
-        if (!response.ok || !responseData.result || !responseData.success) {
-            return {
-                success: false,
-                error: responseData.error || {
-                    code: `HTTP_${response.status}`,
-                    message: getLoginErrorMessage(response.status, responseData),
-                },
-            };
-        }
-        return {
-            success: true,
-            result: responseData.result,
-        };
-    }
-    catch (error) {
-        console.error('[IDP_CLIENT] Login request failed:', error);
-        return {
-            success: false,
-            error: {
-                code: 'NETWORK_ERROR',
-                message: 'Failed to connect to authentication service',
-            },
-        };
-    }
-}
-/**
- * Get user-friendly error message for login failures.
- */
-function getLoginErrorMessage(status, responseData) {
-    // Check for structured error from IDP
-    if (responseData?.error?.message) {
-        return responseData.error.message;
-    }
-    // Fallback to HTTP status-based messages
-    switch (status) {
-        case 401:
-            return 'Invalid email or password. Please try again.';
-        case 403:
-            return 'Account access denied. Please contact support.';
-        case 429:
-            return 'Too many login attempts. Please try again later.';
-        default:
-            if (status >= 500) {
-                return 'Authentication service is temporarily unavailable.';
-            }
-            return 'Authentication failed. Please try again.';
-    }
-}
-// ============================================================================
-// OAUTH CALLBACK
-// ============================================================================
-/**
- * Register/authenticate OAuth user with IDP.
- *
- * Called after OAuth provider (Google, etc.) redirects back.
- * Creates or retrieves IDP user and returns IDP tokens.
- *
- * @param oauthData - Data from OAuth provider
- * @returns IDP response with tokens and user info
- */
-async function idpOAuthCallback(oauthData) {
-    const idpUrl = getIdpUrl();
-    const clientId = getClientId();
-    try {
-        const response = await fetch(`${idpUrl}/api/ExternalAuth/oauth-callback`, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-                'X-Client-Id': clientId,
-            },
-            body: JSON.stringify({
-                provider: oauthData.provider,
-                provider_account_id: oauthData.providerAccountId,
-                email: oauthData.email,
-                name: oauthData.name || '',
-                image: oauthData.image || '',
-                access_token: oauthData.accessToken || '',
-                refresh_token: oauthData.refreshToken || '',
-                expires_at: oauthData.expiresAt || 0,
-                client_id: clientId,
-            }),
-        });
-        if (!response.ok) {
-            const errorText = await response.text().catch(() => 'Unknown error');
-            console.error('[IDP_CLIENT] OAuth callback failed:', response.status, errorText);
-            return {
-                success: false,
-                error: {
-                    code: `HTTP_${response.status}`,
-                    message: 'OAuth registration failed',
-                },
-            };
-        }
-        const data = await response.json();
-        const responseData = data.data || data;
-        // Normalize snake_case to camelCase
-        return {
-            success: responseData.success !== false,
-            data: responseData.success !== false
-                ? {
-                    accessToken: responseData.accessToken || responseData.access_token,
-                    refreshToken: responseData.refreshToken || responseData.refresh_token,
-                    isNewUser: responseData.isNewUser ?? responseData.is_new_user ?? false,
-                    user: responseData.user
-                        ? {
-                            userId: responseData.user.userId || responseData.user.user_id,
-                            email: responseData.user.email || responseData.user.Email,
-                            fullName: responseData.user.fullName || responseData.user.full_name || responseData.user.name,
-                            roles: responseData.user.roles || [],
-                        }
-                        : undefined,
-                }
-                : undefined,
-            error: responseData.error,
-        };
-    }
-    catch (error) {
-        console.error('[IDP_CLIENT] OAuth callback request failed:', error);
-        return {
-            success: false,
-            error: {
-                code: 'NETWORK_ERROR',
-                message: 'Failed to connect to authentication service',
-            },
-        };
-    }
-}
-// ============================================================================
-// TOKEN REFRESH
-// ============================================================================
-/**
- * Refresh an expired access token using the refresh token.
- *
- * @param refreshToken - The refresh token from previous login
- * @param mfaContext - MFA context to preserve across refresh
- * @returns New tokens or error
- */
-async function idpRefreshToken(refreshToken, mfaContext) {
-    const idpUrl = getIdpUrl();
-    const clientId = getClientId();
-    const requestBody = {
-        refresh_token: refreshToken,
-    };
-    // Include MFA context so new token preserves authentication level
-    if (mfaContext) {
-        if (mfaContext.amr) {
-            requestBody.amr = mfaContext.amr;
-        }
-        if (mfaContext.acr) {
-            requestBody.acr = mfaContext.acr;
-        }
-        if (mfaContext.twoFactorVerified) {
-            requestBody.two_factor_verified = true;
-        }
-        if (mfaContext.twoFactorMethod) {
-            requestBody.two_factor_method = mfaContext.twoFactorMethod;
-        }
-        if (mfaContext.twoFactorCompletedAt) {
-            requestBody.two_factor_completed_at = new Date(mfaContext.twoFactorCompletedAt).toISOString();
-        }
-    }
-    try {
-        const response = await fetch(`${idpUrl}/api/ExternalAuth/refresh`, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-                'X-Client-Id': clientId,
-            },
-            body: JSON.stringify(requestBody),
-        });
-        if (!response.ok) {
-            const errorText = await response.text().catch(() => 'Unknown error');
-            console.error('[IDP_CLIENT] Token refresh failed:', response.status, errorText);
-            return {
-                success: false,
-                error: {
-                    code: `HTTP_${response.status}`,
-                    message: response.status === 401 ? 'Refresh token expired' : 'Token refresh failed',
-                },
-            };
-        }
-        const data = await response.json();
-        if (data.success === false) {
-            return {
-                success: false,
-                error: data.error || { code: 'REFRESH_FAILED', message: 'Token refresh failed' },
-            };
-        }
-        const tokenData = data.data || data;
-        return {
-            success: true,
-            data: {
-                access_token: tokenData.access_token,
-                refresh_token: tokenData.refresh_token,
-                expires_in: tokenData.expires_in || 3600,
-            },
-        };
-    }
-    catch (error) {
-        console.error('[IDP_CLIENT] Token refresh request failed:', error);
-        return {
-            success: false,
-            error: {
-                code: 'NETWORK_ERROR',
-                message: 'Failed to connect to authentication service',
-            },
-        };
-    }
-}
-// ============================================================================
-// 2FA VERIFICATION
-// ============================================================================
-/**
- * Verify 2FA code with IDP.
- *
- * @param sessionToken - Redis session ID
- * @param code - The 2FA code entered by user
- * @param method - The 2FA method ('email' | 'sms' | 'totp')
- * @returns Success status and updated tokens
- */
-async function idpVerify2FA(accessToken, code, method) {
-    const idpUrl = getIdpUrl();
-    const clientId = getClientId();
-    try {
-        const response = await fetch(`${idpUrl}/api/ExternalAuth/verify-2fa`, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-                'X-Client-Id': clientId,
-                Authorization: `Bearer ${accessToken}`,
-            },
-            body: JSON.stringify({
-                code,
-                method,
-            }),
-        });
-        if (!response.ok) {
-            const data = await response.json().catch(() => ({}));
-            return {
-                success: false,
-                error: data.error || {
-                    code: `HTTP_${response.status}`,
-                    message: response.status === 401 ? 'Invalid code' : '2FA verification failed',
-                },
-            };
-        }
-        return { success: true };
-    }
-    catch (error) {
-        console.error('[IDP_CLIENT] 2FA verification failed:', error);
-        return {
-            success: false,
-            error: {
-                code: 'NETWORK_ERROR',
-                message: 'Failed to connect to authentication service',
-            },
-        };
-    }
-}
-/**
- * Request a new 2FA code to be sent.
- *
- * @param accessToken - User's access token
- * @param method - How to send the code ('email' | 'sms')
- */
-async function idpSend2FACode(accessToken, method) {
-    const idpUrl = getIdpUrl();
-    const clientId = getClientId();
-    try {
-        const response = await fetch(`${idpUrl}/api/ExternalAuth/send-2fa-code`, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-                'X-Client-Id': clientId,
-                Authorization: `Bearer ${accessToken}`,
-            },
-            body: JSON.stringify({ method }),
-        });
-        if (!response.ok) {
-            const data = await response.json().catch(() => ({}));
-            return {
-                success: false,
-                error: data.error || {
-                    code: `HTTP_${response.status}`,
-                    message: 'Failed to send 2FA code',
-                },
-            };
-        }
-        return { success: true };
-    }
-    catch (error) {
-        console.error('[IDP_CLIENT] Send 2FA code failed:', error);
-        return {
-            success: false,
-            error: {
-                code: 'NETWORK_ERROR',
-                message: 'Failed to connect to authentication service',
-            },
-        };
-    }
-}

package/dist/auth/utils/index.d.ts DELETED Viewed

@@ -1,5 +0,0 @@
-/**
- * Auth Utilities - Public Exports
- */
-export * from './token-utils';
-export * from './idp-client';

package/dist/auth/utils/index.js DELETED Viewed

@@ -1,21 +0,0 @@
-"use strict";
-/**
- * Auth Utilities - Public Exports
- */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./token-utils"), exports);
-__exportStar(require("./idp-client"), exports);

package/dist/auth/utils/token-utils.d.ts DELETED Viewed

@@ -1,84 +0,0 @@
-/**
- * Token Utilities
- *
- * JWT decoding and expiry checking utilities.
- * Extracted from auth-options.ts for clarity.
- *
- * @version 1.0.0
- * @since auth-refactor-2026-01
- */
-import { JwtHeader } from '../../lib/jwt-decode';
-import type { DecodedIdpAccessToken } from '../types/auth-types';
-export { decodeJwtHeader, extractKidFromToken, type JwtHeader } from '../../lib/jwt-decode';
-/**
- * Decode an IDP access token and extract claims.
- *
- * @param token - The JWT access token from IDP
- * @returns Decoded token claims, or null if decode fails
- */
-export declare function decodeIdpAccessToken(token: string): DecodedIdpAccessToken | null;
-/**
- * Decode both JWT header and payload from an IDP access token.
- * Returns the signing key ID (kid) along with payload claims.
- *
- * @param token - The JWT access token from IDP
- * @returns Object with header (including kid) and payload, or null if decode fails
- */
-export declare function decodeIdpAccessTokenFull(token: string): {
-    header: JwtHeader;
-    payload: DecodedIdpAccessToken;
-    bearerKeyId: string | undefined;
-} | null;
-/**
- * Extract user email from decoded token.
- * Handles multiple possible claim names used by IDP.
- */
-export declare function extractEmailFromToken(decoded: DecodedIdpAccessToken): string;
-/**
- * Extract roles from decoded token.
- * Handles both 'role' and 'roles' claims, and both string and array formats.
- */
-export declare function extractRolesFromToken(decoded: DecodedIdpAccessToken): string[];
-/**
- * Extract AMR (Authentication Methods References) from decoded token.
- */
-export declare function extractAmrFromToken(decoded: DecodedIdpAccessToken): string[];
-/**
- * Check if a token expiry timestamp indicates the token needs refresh.
- *
- * @param expiresAt - Token expiry timestamp (Unix milliseconds)
- * @param bufferMs - How early to trigger refresh (default 5 minutes)
- * @returns true if token is expired or will expire within buffer period
- */
-export declare function tokenNeedsRefresh(expiresAt: number | undefined, bufferMs?: number): boolean;
-/**
- * Check if a token is completely expired (past its exp time).
- *
- * @param expiresAt - Token expiry timestamp (Unix milliseconds)
- * @returns true if token is expired
- */
-export declare function tokenIsExpired(expiresAt: number | undefined): boolean;
-/**
- * Calculate milliseconds until token expires.
- *
- * @param expiresAt - Token expiry timestamp (Unix milliseconds)
- * @returns Milliseconds until expiry, or 0 if already expired
- */
-export declare function msUntilExpiry(expiresAt: number | undefined): number;
-/**
- * Convert Unix seconds (from JWT exp claim) to milliseconds.
- */
-export declare function expClaimToMs(exp: number): number;
-/**
- * Validate that an access token's actual JWT exp matches what we have cached.
- * This catches cases where the token was refreshed but cache wasn't updated.
- *
- * @param accessToken - The JWT access token
- * @param cachedExpiresAt - What we think the expiry is (Unix ms)
- * @returns Object with validation result and actual expiry
- */
-export declare function validateTokenExpiry(accessToken: string, cachedExpiresAt: number | undefined): {
-    valid: boolean;
-    actualExpiresAt: number | null;
-    mismatch: boolean;
-};