npm - @payez/next-mvp - Versions diffs - 3.9.1 → 4.0.1 - Mend

@payez/next-mvp 3.9.1 → 4.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (526) hide show

package/package.json +6 -18
package/src/api/auth-handler.ts +550 -549
package/src/api-handlers/account/change-password.ts +5 -8
package/src/api-handlers/admin/analytics.ts +4 -6
package/src/api-handlers/admin/audit.ts +5 -7
package/src/api-handlers/admin/index.ts +1 -2
package/src/api-handlers/admin/redis-sessions.ts +6 -8
package/src/api-handlers/admin/sessions.ts +5 -7
package/src/api-handlers/admin/site-logs.ts +8 -10
package/src/api-handlers/admin/stats.ts +4 -6
package/src/api-handlers/admin/users.ts +5 -7
package/src/api-handlers/admin/vibe-data.ts +10 -12
package/src/api-handlers/auth/refresh.ts +5 -7
package/src/api-handlers/auth/signout.ts +5 -6
package/src/api-handlers/auth/status.ts +4 -7
package/src/api-handlers/auth/update-session.ts +123 -125
package/src/api-handlers/auth/verify-code.ts +9 -13
package/src/api-handlers/session/viability.ts +10 -47
package/src/api-handlers/test/force-expire.ts +4 -11
package/src/auth/auth-decision.ts +1 -1
package/src/auth/better-auth.ts +138 -141
package/src/auth/route-config.ts +219 -219
package/src/auth/utils/token-utils.ts +0 -1
package/src/client/AuthContext.tsx +6 -2
package/src/client/fetch-with-auth.ts +47 -47
package/src/components/SessionSync.tsx +6 -5
package/src/components/account/MobileNavDrawer.tsx +3 -3
package/src/components/account/UserAvatarMenu.tsx +6 -3
package/src/components/admin/VibeAdminLayout.tsx +4 -2
package/src/config/logger.ts +1 -1
package/src/hooks/useAuth.ts +117 -115
package/src/hooks/useAuthSettings.ts +2 -2
package/src/hooks/useAvailableProviders.ts +9 -5
package/src/hooks/useSessionExpiration.ts +101 -102
package/src/hooks/useViabilitySession.ts +336 -335
package/src/index.ts +60 -63
package/src/lib/api-handler.ts +0 -1
package/src/lib/app-slug.ts +6 -6
package/src/lib/standardized-client-api.ts +901 -895
package/src/lib/startup-init.ts +243 -247
package/src/lib/test-aware-get-token.ts +22 -12
package/src/lib/token-lifecycle.ts +12 -53
package/src/pages/admin-login/page.tsx +9 -17
package/src/pages/client-admin/ClientSiteAdminPage.tsx +4 -2
package/src/pages/login/page.tsx +21 -28
package/src/pages/showcase/ShowcasePage.tsx +4 -2
package/src/pages/test-env/EmergencyLogoutPage.tsx +7 -6
package/src/pages/test-env/JwtInspectPage.tsx +5 -3
package/src/pages/test-env/RefreshTokenPage.tsx +157 -155
package/src/pages/test-env/TestEnvPage.tsx +4 -2
package/src/pages/verify-code/page.tsx +10 -6
package/src/routes/auth/logout.ts +7 -25
package/src/routes/auth/nextauth.ts +45 -71
package/src/routes/auth/session.ts +25 -50
package/src/routes/auth/viability.ts +7 -19
package/src/server/auth.ts +60 -0
package/src/stores/authStore.ts +1899 -1904
package/src/utils/logout.ts +30 -30
package/dist/api/auth-handler.d.ts +0 -67
package/dist/api/auth-handler.js +0 -397
package/dist/api/index.d.ts +0 -10
package/dist/api/index.js +0 -19
package/dist/api-handlers/account/change-password.d.ts +0 -9
package/dist/api-handlers/account/change-password.js +0 -112
package/dist/api-handlers/account/masked-info.d.ts +0 -2
package/dist/api-handlers/account/masked-info.js +0 -41
package/dist/api-handlers/account/profile.d.ts +0 -3
package/dist/api-handlers/account/profile.js +0 -63
package/dist/api-handlers/account/recovery/initiate.d.ts +0 -2
package/dist/api-handlers/account/recovery/initiate.js +0 -26
package/dist/api-handlers/account/recovery/send-code.d.ts +0 -2
package/dist/api-handlers/account/recovery/send-code.js +0 -28
package/dist/api-handlers/account/recovery/verify-code.d.ts +0 -2
package/dist/api-handlers/account/recovery/verify-code.js +0 -28
package/dist/api-handlers/account/reset-password.d.ts +0 -2
package/dist/api-handlers/account/reset-password.js +0 -26
package/dist/api-handlers/account/send-code.d.ts +0 -24
package/dist/api-handlers/account/send-code.js +0 -60
package/dist/api-handlers/account/update-phone.d.ts +0 -27
package/dist/api-handlers/account/update-phone.js +0 -64
package/dist/api-handlers/account/validate-password.d.ts +0 -17
package/dist/api-handlers/account/validate-password.js +0 -81
package/dist/api-handlers/account/verify-email.d.ts +0 -26
package/dist/api-handlers/account/verify-email.js +0 -106
package/dist/api-handlers/account/verify-sms.d.ts +0 -26
package/dist/api-handlers/account/verify-sms.js +0 -106
package/dist/api-handlers/admin/analytics.d.ts +0 -20
package/dist/api-handlers/admin/analytics.js +0 -379
package/dist/api-handlers/admin/audit.d.ts +0 -20
package/dist/api-handlers/admin/audit.js +0 -214
package/dist/api-handlers/admin/index.d.ts +0 -22
package/dist/api-handlers/admin/index.js +0 -43
package/dist/api-handlers/admin/redis-sessions.d.ts +0 -36
package/dist/api-handlers/admin/redis-sessions.js +0 -204
package/dist/api-handlers/admin/sessions.d.ts +0 -21
package/dist/api-handlers/admin/sessions.js +0 -284
package/dist/api-handlers/admin/site-logs.d.ts +0 -46
package/dist/api-handlers/admin/site-logs.js +0 -318
package/dist/api-handlers/admin/stats.d.ts +0 -21
package/dist/api-handlers/admin/stats.js +0 -240
package/dist/api-handlers/admin/users.d.ts +0 -20
package/dist/api-handlers/admin/users.js +0 -222
package/dist/api-handlers/admin/vibe-data.d.ts +0 -80
package/dist/api-handlers/admin/vibe-data.js +0 -268
package/dist/api-handlers/anon/preferences.d.ts +0 -37
package/dist/api-handlers/anon/preferences.js +0 -96
package/dist/api-handlers/auth/jwks.d.ts +0 -2
package/dist/api-handlers/auth/jwks.js +0 -24
package/dist/api-handlers/auth/login.d.ts +0 -42
package/dist/api-handlers/auth/login.js +0 -178
package/dist/api-handlers/auth/refresh.d.ts +0 -74
package/dist/api-handlers/auth/refresh.js +0 -635
package/dist/api-handlers/auth/signout.d.ts +0 -37
package/dist/api-handlers/auth/signout.js +0 -187
package/dist/api-handlers/auth/status.d.ts +0 -8
package/dist/api-handlers/auth/status.js +0 -26
package/dist/api-handlers/auth/update-session.d.ts +0 -37
package/dist/api-handlers/auth/update-session.js +0 -95
package/dist/api-handlers/auth/validate.d.ts +0 -6
package/dist/api-handlers/auth/validate.js +0 -43
package/dist/api-handlers/auth/verify-code.d.ts +0 -43
package/dist/api-handlers/auth/verify-code.js +0 -94
package/dist/api-handlers/session/refresh-viability.d.ts +0 -14
package/dist/api-handlers/session/refresh-viability.js +0 -39
package/dist/api-handlers/session/viability.d.ts +0 -13
package/dist/api-handlers/session/viability.js +0 -146
package/dist/api-handlers/test/force-expire.d.ts +0 -23
package/dist/api-handlers/test/force-expire.js +0 -65
package/dist/auth/auth-decision.d.ts +0 -39
package/dist/auth/auth-decision.js +0 -182
package/dist/auth/auth-options.d.ts +0 -57
package/dist/auth/auth-options.js +0 -213
package/dist/auth/better-auth.d.ts +0 -82
package/dist/auth/better-auth.js +0 -122
package/dist/auth/callbacks/index.d.ts +0 -6
package/dist/auth/callbacks/index.js +0 -12
package/dist/auth/callbacks/jwt.d.ts +0 -45
package/dist/auth/callbacks/jwt.js +0 -305
package/dist/auth/callbacks/session.d.ts +0 -60
package/dist/auth/callbacks/session.js +0 -170
package/dist/auth/callbacks/signin.d.ts +0 -23
package/dist/auth/callbacks/signin.js +0 -44
package/dist/auth/events/index.d.ts +0 -4
package/dist/auth/events/index.js +0 -8
package/dist/auth/events/signout.d.ts +0 -17
package/dist/auth/events/signout.js +0 -32
package/dist/auth/providers/credentials.d.ts +0 -32
package/dist/auth/providers/credentials.js +0 -223
package/dist/auth/providers/index.d.ts +0 -5
package/dist/auth/providers/index.js +0 -21
package/dist/auth/providers/oauth.d.ts +0 -26
package/dist/auth/providers/oauth.js +0 -105
package/dist/auth/route-config.d.ts +0 -66
package/dist/auth/route-config.js +0 -190
package/dist/auth/types/auth-types.d.ts +0 -417
package/dist/auth/types/auth-types.js +0 -53
package/dist/auth/types/index.d.ts +0 -6
package/dist/auth/types/index.js +0 -22
package/dist/auth/unauthenticated-routes.d.ts +0 -1
package/dist/auth/unauthenticated-routes.js +0 -19
package/dist/auth/utils/idp-client.d.ts +0 -94
package/dist/auth/utils/idp-client.js +0 -384
package/dist/auth/utils/index.d.ts +0 -5
package/dist/auth/utils/index.js +0 -21
package/dist/auth/utils/token-utils.d.ts +0 -84
package/dist/auth/utils/token-utils.js +0 -219
package/dist/client/AuthContext.d.ts +0 -19
package/dist/client/AuthContext.js +0 -112
package/dist/client/better-auth-client.d.ts +0 -1020
package/dist/client/better-auth-client.js +0 -68
package/dist/client/fetch-with-auth.d.ts +0 -11
package/dist/client/fetch-with-auth.js +0 -44
package/dist/client/fetchWithSession.d.ts +0 -3
package/dist/client/fetchWithSession.js +0 -24
package/dist/client/index.d.ts +0 -9
package/dist/client/index.js +0 -20
package/dist/client/useAnonSession.d.ts +0 -36
package/dist/client/useAnonSession.js +0 -99
package/dist/components/SessionSync.d.ts +0 -13
package/dist/components/SessionSync.js +0 -119
package/dist/components/SignalRHealthCheck.d.ts +0 -10
package/dist/components/SignalRHealthCheck.js +0 -97
package/dist/components/account/MobileNavDrawer.d.ts +0 -32
package/dist/components/account/MobileNavDrawer.js +0 -81
package/dist/components/account/UserAvatarMenu.d.ts +0 -20
package/dist/components/account/UserAvatarMenu.js +0 -88
package/dist/components/account/index.d.ts +0 -9
package/dist/components/account/index.js +0 -13
package/dist/components/admin/AlertSettingsTab.d.ts +0 -48
package/dist/components/admin/AlertSettingsTab.js +0 -351
package/dist/components/admin/AnalyticsTab.d.ts +0 -22
package/dist/components/admin/AnalyticsTab.js +0 -167
package/dist/components/admin/DataBrowserTab.d.ts +0 -19
package/dist/components/admin/DataBrowserTab.js +0 -252
package/dist/components/admin/LoggingSettingsTab.d.ts +0 -73
package/dist/components/admin/LoggingSettingsTab.js +0 -339
package/dist/components/admin/SessionsTab.d.ts +0 -37
package/dist/components/admin/SessionsTab.js +0 -165
package/dist/components/admin/StatsTab.d.ts +0 -53
package/dist/components/admin/StatsTab.js +0 -161
package/dist/components/admin/VibeAdminContext.d.ts +0 -32
package/dist/components/admin/VibeAdminContext.js +0 -38
package/dist/components/admin/VibeAdminLayout.d.ts +0 -11
package/dist/components/admin/VibeAdminLayout.js +0 -69
package/dist/components/admin/index.d.ts +0 -29
package/dist/components/admin/index.js +0 -44
package/dist/components/auth/FederatedAuthSection.d.ts +0 -8
package/dist/components/auth/FederatedAuthSection.js +0 -45
package/dist/components/auth/ModeAwareLoginPage.d.ts +0 -10
package/dist/components/auth/ModeAwareLoginPage.js +0 -42
package/dist/components/auth/ModeAwareSignupPage.d.ts +0 -9
package/dist/components/auth/ModeAwareSignupPage.js +0 -78
package/dist/components/auth/TraditionalAuthSection.d.ts +0 -14
package/dist/components/auth/TraditionalAuthSection.js +0 -20
package/dist/components/recovery/CompleteStep.d.ts +0 -5
package/dist/components/recovery/CompleteStep.js +0 -8
package/dist/components/recovery/InitiateRecoveryStep.d.ts +0 -8
package/dist/components/recovery/InitiateRecoveryStep.js +0 -20
package/dist/components/recovery/SelectMethodStep.d.ts +0 -8
package/dist/components/recovery/SelectMethodStep.js +0 -8
package/dist/components/recovery/SetPasswordStep.d.ts +0 -6
package/dist/components/recovery/SetPasswordStep.js +0 -20
package/dist/components/recovery/VerifyCodeStep.d.ts +0 -10
package/dist/components/recovery/VerifyCodeStep.js +0 -24
package/dist/components/reserved/ReservedRecoveryWarning.d.ts +0 -38
package/dist/components/reserved/ReservedRecoveryWarning.js +0 -92
package/dist/components/reserved/ReservedStatusBox.d.ts +0 -30
package/dist/components/reserved/ReservedStatusBox.js +0 -71
package/dist/components/ui/BetaBadge.d.ts +0 -29
package/dist/components/ui/BetaBadge.js +0 -38
package/dist/components/ui/Footer.d.ts +0 -37
package/dist/components/ui/Footer.js +0 -41
package/dist/config/env.d.ts +0 -66
package/dist/config/env.js +0 -57
package/dist/config/logger.d.ts +0 -57
package/dist/config/logger.js +0 -73
package/dist/config/logging-config.d.ts +0 -30
package/dist/config/logging-config.js +0 -122
package/dist/config/unauthenticated-routes.d.ts +0 -17
package/dist/config/unauthenticated-routes.js +0 -24
package/dist/config/vibe-log-transport.d.ts +0 -81
package/dist/config/vibe-log-transport.js +0 -212
package/dist/edge/internal-api-url.d.ts +0 -53
package/dist/edge/internal-api-url.js +0 -63
package/dist/edge/middleware.d.ts +0 -14
package/dist/edge/middleware.js +0 -32
package/dist/hooks/useAuth.d.ts +0 -23
package/dist/hooks/useAuth.js +0 -81
package/dist/hooks/useAuthSettings.d.ts +0 -59
package/dist/hooks/useAuthSettings.js +0 -93
package/dist/hooks/useAvailableProviders.d.ts +0 -45
package/dist/hooks/useAvailableProviders.js +0 -108
package/dist/hooks/usePasswordValidation.d.ts +0 -27
package/dist/hooks/usePasswordValidation.js +0 -102
package/dist/hooks/useProfile.d.ts +0 -15
package/dist/hooks/useProfile.js +0 -59
package/dist/hooks/usePublicAuthSettings.d.ts +0 -56
package/dist/hooks/usePublicAuthSettings.js +0 -131
package/dist/hooks/useSessionExpiration.d.ts +0 -57
package/dist/hooks/useSessionExpiration.js +0 -72
package/dist/hooks/useViabilitySession.d.ts +0 -75
package/dist/hooks/useViabilitySession.js +0 -268
package/dist/index.d.ts +0 -12
package/dist/index.js +0 -55
package/dist/lib/anon-session.d.ts +0 -74
package/dist/lib/anon-session.js +0 -169
package/dist/lib/api-handler.d.ts +0 -123
package/dist/lib/api-handler.js +0 -478
package/dist/lib/app-slug.d.ts +0 -95
package/dist/lib/app-slug.js +0 -172
package/dist/lib/demo-mode.d.ts +0 -6
package/dist/lib/demo-mode.js +0 -16
package/dist/lib/geolocation.d.ts +0 -64
package/dist/lib/geolocation.js +0 -235
package/dist/lib/idp-client-config.d.ts +0 -75
package/dist/lib/idp-client-config.js +0 -425
package/dist/lib/idp-fetch.d.ts +0 -14
package/dist/lib/idp-fetch.js +0 -91
package/dist/lib/internal-api.d.ts +0 -87
package/dist/lib/internal-api.js +0 -122
package/dist/lib/jwt-decode-client.d.ts +0 -10
package/dist/lib/jwt-decode-client.js +0 -46
package/dist/lib/jwt-decode.d.ts +0 -48
package/dist/lib/jwt-decode.js +0 -57
package/dist/lib/nextauth-secret.d.ts +0 -10
package/dist/lib/nextauth-secret.js +0 -100
package/dist/lib/rate-limit-service.d.ts +0 -23
package/dist/lib/rate-limit-service.js +0 -6
package/dist/lib/redis.d.ts +0 -5
package/dist/lib/redis.js +0 -28
package/dist/lib/refresh-token-validator.d.ts +0 -13
package/dist/lib/refresh-token-validator.js +0 -117
package/dist/lib/roles.d.ts +0 -145
package/dist/lib/roles.js +0 -168
package/dist/lib/secret-validation.d.ts +0 -4
package/dist/lib/secret-validation.js +0 -14
package/dist/lib/session-store.d.ts +0 -170
package/dist/lib/session-store.js +0 -545
package/dist/lib/session.d.ts +0 -21
package/dist/lib/session.js +0 -26
package/dist/lib/site-logger.d.ts +0 -214
package/dist/lib/site-logger.js +0 -210
package/dist/lib/standardized-client-api.d.ts +0 -161
package/dist/lib/standardized-client-api.js +0 -786
package/dist/lib/startup-init.d.ts +0 -40
package/dist/lib/startup-init.js +0 -261
package/dist/lib/test-aware-get-token.d.ts +0 -2
package/dist/lib/test-aware-get-token.js +0 -81
package/dist/lib/token-expiry.d.ts +0 -14
package/dist/lib/token-expiry.js +0 -39
package/dist/lib/token-lifecycle.d.ts +0 -52
package/dist/lib/token-lifecycle.js +0 -398
package/dist/lib/types/api-responses.d.ts +0 -128
package/dist/lib/types/api-responses.js +0 -171
package/dist/lib/user-agent-parser.d.ts +0 -50
package/dist/lib/user-agent-parser.js +0 -220
package/dist/logging/api/admin-analytics.d.ts +0 -3
package/dist/logging/api/admin-analytics.js +0 -45
package/dist/logging/api/audit-log.d.ts +0 -3
package/dist/logging/api/audit-log.js +0 -52
package/dist/logging/components/AdminAnalyticsLayout.d.ts +0 -10
package/dist/logging/components/AdminAnalyticsLayout.js +0 -11
package/dist/logging/components/AuditLogViewer.d.ts +0 -7
package/dist/logging/components/AuditLogViewer.js +0 -51
package/dist/logging/components/ErrorMetricsCard.d.ts +0 -7
package/dist/logging/components/ErrorMetricsCard.js +0 -16
package/dist/logging/components/HealthMetricsCard.d.ts +0 -7
package/dist/logging/components/HealthMetricsCard.js +0 -19
package/dist/logging/hooks/useAdminAnalytics.d.ts +0 -24
package/dist/logging/hooks/useAdminAnalytics.js +0 -22
package/dist/logging/hooks/useAuditLog.d.ts +0 -6
package/dist/logging/hooks/useAuditLog.js +0 -25
package/dist/logging/hooks/useErrorMetrics.d.ts +0 -6
package/dist/logging/hooks/useErrorMetrics.js +0 -38
package/dist/logging/hooks/useHealthMetrics.d.ts +0 -6
package/dist/logging/hooks/useHealthMetrics.js +0 -41
package/dist/logging/index.d.ts +0 -11
package/dist/logging/index.js +0 -40
package/dist/logging/types/analytics.d.ts +0 -68
package/dist/logging/types/analytics.js +0 -3
package/dist/logging/types/audit.d.ts +0 -29
package/dist/logging/types/audit.js +0 -2
package/dist/logging/types/index.d.ts +0 -2
package/dist/logging/types/index.js +0 -19
package/dist/middleware/auth-decision.d.ts +0 -33
package/dist/middleware/auth-decision.js +0 -65
package/dist/middleware/create-middleware.d.ts +0 -102
package/dist/middleware/create-middleware.js +0 -469
package/dist/middleware/rbac-check.d.ts +0 -51
package/dist/middleware/rbac-check.js +0 -219
package/dist/middleware/twofa-presets.d.ts +0 -134
package/dist/middleware/twofa-presets.js +0 -175
package/dist/models/DecodedAccessToken.d.ts +0 -17
package/dist/models/DecodedAccessToken.js +0 -2
package/dist/models/SessionModel.d.ts +0 -122
package/dist/models/SessionModel.js +0 -136
package/dist/pages/admin-login/page.d.ts +0 -31
package/dist/pages/admin-login/page.js +0 -83
package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.d.ts +0 -18
package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.js +0 -276
package/dist/pages/admin-page-permissions/index.d.ts +0 -6
package/dist/pages/admin-page-permissions/index.js +0 -13
package/dist/pages/admin-roles/RolesAdminPage.d.ts +0 -16
package/dist/pages/admin-roles/RolesAdminPage.js +0 -261
package/dist/pages/admin-roles/index.d.ts +0 -8
package/dist/pages/admin-roles/index.js +0 -15
package/dist/pages/admin-roles/modals.d.ts +0 -72
package/dist/pages/admin-roles/modals.js +0 -154
package/dist/pages/client-admin/ClientSiteAdminPage.d.ts +0 -79
package/dist/pages/client-admin/ClientSiteAdminPage.js +0 -177
package/dist/pages/client-admin/index.d.ts +0 -32
package/dist/pages/client-admin/index.js +0 -37
package/dist/pages/coming-soon/page.d.ts +0 -8
package/dist/pages/coming-soon/page.js +0 -28
package/dist/pages/login/page.d.ts +0 -22
package/dist/pages/login/page.js +0 -239
package/dist/pages/profile/EnhancedProfilePage.d.ts +0 -13
package/dist/pages/profile/EnhancedProfilePage.js +0 -150
package/dist/pages/profile/index.d.ts +0 -8
package/dist/pages/profile/index.js +0 -16
package/dist/pages/profile/page.d.ts +0 -19
package/dist/pages/profile/page.js +0 -47
package/dist/pages/profile/profile-patch.d.ts +0 -1
package/dist/pages/profile/profile-patch.js +0 -281
package/dist/pages/recovery/page.d.ts +0 -1
package/dist/pages/recovery/page.js +0 -142
package/dist/pages/roles/MyRolesPage.d.ts +0 -24
package/dist/pages/roles/MyRolesPage.js +0 -71
package/dist/pages/roles/components.d.ts +0 -63
package/dist/pages/roles/components.js +0 -108
package/dist/pages/roles/index.d.ts +0 -8
package/dist/pages/roles/index.js +0 -19
package/dist/pages/security/EnhancedSecurityPage.d.ts +0 -14
package/dist/pages/security/EnhancedSecurityPage.js +0 -248
package/dist/pages/security/index.d.ts +0 -8
package/dist/pages/security/index.js +0 -16
package/dist/pages/security/page.d.ts +0 -21
package/dist/pages/security/page.js +0 -212
package/dist/pages/security/security-patch.d.ts +0 -1
package/dist/pages/security/security-patch.js +0 -302
package/dist/pages/settings/EnhancedSettingsPage.d.ts +0 -46
package/dist/pages/settings/EnhancedSettingsPage.js +0 -231
package/dist/pages/settings/index.d.ts +0 -8
package/dist/pages/settings/index.js +0 -16
package/dist/pages/settings/page.d.ts +0 -7
package/dist/pages/settings/page.js +0 -26
package/dist/pages/showcase/ShowcasePage.d.ts +0 -13
package/dist/pages/showcase/ShowcasePage.js +0 -140
package/dist/pages/showcase/index.d.ts +0 -12
package/dist/pages/showcase/index.js +0 -17
package/dist/pages/test-env/EmergencyLogoutPage.d.ts +0 -14
package/dist/pages/test-env/EmergencyLogoutPage.js +0 -98
package/dist/pages/test-env/JwtInspectPage.d.ts +0 -14
package/dist/pages/test-env/JwtInspectPage.js +0 -114
package/dist/pages/test-env/RefreshTokenPage.d.ts +0 -15
package/dist/pages/test-env/RefreshTokenPage.js +0 -91
package/dist/pages/test-env/TestEnvPage.d.ts +0 -13
package/dist/pages/test-env/TestEnvPage.js +0 -49
package/dist/pages/test-env/index.d.ts +0 -24
package/dist/pages/test-env/index.js +0 -32
package/dist/pages/verify-code/page.d.ts +0 -30
package/dist/pages/verify-code/page.js +0 -408
package/dist/routes/account/index.d.ts +0 -28
package/dist/routes/account/index.js +0 -71
package/dist/routes/account/masked-info.d.ts +0 -33
package/dist/routes/account/masked-info.js +0 -39
package/dist/routes/account/send-code.d.ts +0 -37
package/dist/routes/account/send-code.js +0 -42
package/dist/routes/account/update-phone.d.ts +0 -13
package/dist/routes/account/update-phone.js +0 -17
package/dist/routes/account/verify-email.d.ts +0 -38
package/dist/routes/account/verify-email.js +0 -43
package/dist/routes/account/verify-sms.d.ts +0 -38
package/dist/routes/account/verify-sms.js +0 -43
package/dist/routes/auth/index.d.ts +0 -19
package/dist/routes/auth/index.js +0 -64
package/dist/routes/auth/logout.d.ts +0 -31
package/dist/routes/auth/logout.js +0 -113
package/dist/routes/auth/nextauth.d.ts +0 -19
package/dist/routes/auth/nextauth.js +0 -72
package/dist/routes/auth/refresh.d.ts +0 -30
package/dist/routes/auth/refresh.js +0 -51
package/dist/routes/auth/session.d.ts +0 -43
package/dist/routes/auth/session.js +0 -179
package/dist/routes/auth/settings.d.ts +0 -25
package/dist/routes/auth/settings.js +0 -55
package/dist/routes/auth/viability.d.ts +0 -52
package/dist/routes/auth/viability.js +0 -201
package/dist/routes/index.d.ts +0 -12
package/dist/routes/index.js +0 -54
package/dist/routes/session/index.d.ts +0 -6
package/dist/routes/session/index.js +0 -10
package/dist/routes/session/refresh-viability.d.ts +0 -16
package/dist/routes/session/refresh-viability.js +0 -20
package/dist/server/auth-guard.d.ts +0 -46
package/dist/server/auth-guard.js +0 -128
package/dist/server/decode-session.d.ts +0 -30
package/dist/server/decode-session.js +0 -78
package/dist/server/slim-middleware.d.ts +0 -23
package/dist/server/slim-middleware.js +0 -89
package/dist/server/with-auth.d.ts +0 -33
package/dist/server/with-auth.js +0 -59
package/dist/services/signalrActivityService.d.ts +0 -44
package/dist/services/signalrActivityService.js +0 -257
package/dist/stores/authStore.d.ts +0 -154
package/dist/stores/authStore.js +0 -1531
package/dist/theme/ThemeProvider.d.ts +0 -14
package/dist/theme/ThemeProvider.js +0 -28
package/dist/theme/default.d.ts +0 -8
package/dist/theme/default.js +0 -33
package/dist/theme/index.d.ts +0 -15
package/dist/theme/index.js +0 -25
package/dist/theme/types.d.ts +0 -56
package/dist/theme/types.js +0 -8
package/dist/theme/useTheme.d.ts +0 -60
package/dist/theme/useTheme.js +0 -63
package/dist/theme/utils.d.ts +0 -13
package/dist/theme/utils.js +0 -39
package/dist/types/api.d.ts +0 -134
package/dist/types/api.js +0 -44
package/dist/types/auth.d.ts +0 -19
package/dist/types/auth.js +0 -2
package/dist/types/logging.d.ts +0 -42
package/dist/types/logging.js +0 -2
package/dist/types/recovery.d.ts +0 -48
package/dist/types/recovery.js +0 -2
package/dist/types/security.d.ts +0 -1
package/dist/types/security.js +0 -2
package/dist/utils/api.d.ts +0 -85
package/dist/utils/api.js +0 -287
package/dist/utils/circuitBreaker.d.ts +0 -43
package/dist/utils/circuitBreaker.js +0 -91
package/dist/utils/error-message.d.ts +0 -1
package/dist/utils/error-message.js +0 -103
package/dist/utils/layout/reservedSpace.d.ts +0 -59
package/dist/utils/layout/reservedSpace.js +0 -102
package/dist/utils/logout.d.ts +0 -14
package/dist/utils/logout.js +0 -32
package/dist/vibe/client.d.ts +0 -261
package/dist/vibe/client.js +0 -445
package/dist/vibe/enterprise-auth.d.ts +0 -106
package/dist/vibe/enterprise-auth.js +0 -173
package/dist/vibe/errors.d.ts +0 -83
package/dist/vibe/errors.js +0 -146
package/dist/vibe/generic.d.ts +0 -234
package/dist/vibe/generic.js +0 -369
package/dist/vibe/hooks/index.d.ts +0 -169
package/dist/vibe/hooks/index.js +0 -252
package/dist/vibe/index.d.ts +0 -25
package/dist/vibe/index.js +0 -72
package/dist/vibe/sessions.d.ts +0 -161
package/dist/vibe/sessions.js +0 -391
package/dist/vibe/types.d.ts +0 -353
package/dist/vibe/types.js +0 -315
package/src/auth/auth-options.ts +0 -237
package/src/auth/callbacks/index.ts +0 -7
package/src/auth/callbacks/jwt.ts +0 -382
package/src/auth/callbacks/session.ts +0 -243
package/src/auth/callbacks/signin.ts +0 -56
package/src/auth/events/index.ts +0 -5
package/src/auth/events/signout.ts +0 -33
package/src/auth/providers/credentials.ts +0 -256
package/src/auth/providers/index.ts +0 -6
package/src/auth/providers/oauth.ts +0 -114
package/src/lib/nextauth-secret.ts +0 -121
package/src/types/next-auth.d.ts +0 -15

package/dist/lib/api-handler.d.ts DELETED Viewed

@@ -1,123 +0,0 @@
-/**
- * Unified API Handler for PayEz Next.js Applications
- *
- * Provides a single, comprehensive API handler with:
- * - Coordinated token refresh with Redis locks
- * - Role-based access control
- * - Middleware queue support
- * - Timeout handling
- * - Standardized PayEz API response format
- * - Client slug validation (security)
- *
- * @version 1.0.0
- * @since Consolidated from website-membership simple-api-handler + MVP auth-handler
- */
-import { NextRequest, NextResponse } from 'next/server';
-export interface ApiHandlerConfig {
-    /** Whether authentication is required (default: true) */
-    requireAuth?: boolean;
-    /** Roles required to access this endpoint */
-    requiredRoles?: string[];
-    /** Request timeout in milliseconds (default: 30000) */
-    timeout?: number;
-    /** Validate client_slug in token matches expected (default: true) */
-    validateClientSlug?: boolean;
-}
-export interface ApiRequestContext {
-    requestId: string;
-    startTime: number;
-    endpoint: string;
-    method: string;
-    userId?: string;
-    sessionId?: string;
-    userAgent?: string;
-    ipAddress?: string;
-    params?: Record<string, string>;
-}
-export interface ApiAuthContext {
-    accessToken: string | null;
-    userId?: string;
-    roles: string[];
-    sessionId?: string;
-    tokenType: string;
-    refreshToken: string | null;
-}
-export interface ApiMiddleware {
-    name: string;
-    execute: (context: ApiRequestContext, config: ApiHandlerConfig) => Promise<void>;
-}
-export type ApiHandlerFunction<T = any> = (req: NextRequest, ctx: ApiRequestContext, auth: ApiAuthContext, responseBuilder: any) => Promise<T>;
-export declare class ApiResponseBuilder {
-    private context;
-    constructor(context: ApiRequestContext);
-    success<T>(data: T, meta?: {
-        operation?: string;
-        version?: string;
-        [key: string]: any;
-    }): {
-        success: true;
-        data: T;
-        message: string;
-        operation_code: string;
-        meta: any;
-        timestamp: string;
-        request_id: string;
-    };
-    error(code: string, message?: string, details?: Record<string, any>): {
-        success: false;
-        error: any;
-        meta: any;
-        timestamp: string;
-        request_id: string;
-    };
-}
-export declare class ApiHandler {
-    private config;
-    private middlewareQueue;
-    constructor(config?: ApiHandlerConfig);
-    /**
-     * Add middleware to the handler chain
-     */
-    use(middleware: ApiMiddleware): this;
-    /**
-     * Create the route handler
-     */
-    handle<T = any>(handler: ApiHandlerFunction<T>): (req: NextRequest) => Promise<NextResponse>;
-    private handleAuthentication;
-    private validateClientSlug;
-    private handleNoSessionToken;
-    private handleCoordinatedRefresh;
-    private waitForRefresh;
-    private createEmptyAuth;
-    private executeWithTimeout;
-    private successResponse;
-    private errorResponse;
-    private getStatusFromError;
-    private getErrorCode;
-}
-/**
- * Create an API handler with the specified configuration
- *
- * @example
- * ```typescript
- * export const GET = createApiHandler({ requireAuth: true })
- *   .handle(async (req, ctx, auth) => {
- *     return { data: 'hello' };
- *   });
- * ```
- */
-export declare function createApiHandler(config?: ApiHandlerConfig): ApiHandler;
-/**
- * Pre-configured API handler presets for common use cases
- */
-export declare const API_PRESETS: {
-    /** Public endpoint - no authentication required */
-    readonly PUBLIC: () => ApiHandler;
-    /** Authenticated endpoint - any logged-in user */
-    readonly AUTHENTICATED: () => ApiHandler;
-    /** User endpoint - requires payez_user or payez_admin role */
-    readonly USER: () => ApiHandler;
-    /** Admin endpoint - requires payez_admin role */
-    readonly ADMIN: () => ApiHandler;
-};
-export default createApiHandler;

package/dist/lib/api-handler.js DELETED Viewed

@@ -1,478 +0,0 @@
-"use strict";
-/**
- * Unified API Handler for PayEz Next.js Applications
- *
- * Provides a single, comprehensive API handler with:
- * - Coordinated token refresh with Redis locks
- * - Role-based access control
- * - Middleware queue support
- * - Timeout handling
- * - Standardized PayEz API response format
- * - Client slug validation (security)
- *
- * @version 1.0.0
- * @since Consolidated from website-membership simple-api-handler + MVP auth-handler
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.API_PRESETS = exports.ApiHandler = exports.ApiResponseBuilder = void 0;
-exports.createApiHandler = createApiHandler;
-const server_1 = require("next/server");
-const nanoid_1 = require("nanoid");
-const session_store_1 = require("./session-store");
-const test_aware_get_token_1 = require("./test-aware-get-token");
-const internal_api_1 = require("./internal-api");
-// ============================================================================
-// API Response Builder (for backward compatibility)
-// ============================================================================
-class ApiResponseBuilder {
-    context;
-    constructor(context) {
-        this.context = context;
-    }
-    success(data, meta) {
-        return {
-            success: true,
-            data,
-            message: meta?.operation ? `${meta.operation.replace(/-/g, ' ')} completed successfully` : 'Operation completed successfully',
-            operation_code: meta?.operation || 'unknown-operation',
-            meta: {
-                version: '1.0',
-                responseTime: Date.now() - this.context.startTime,
-                ...meta
-            },
-            timestamp: new Date().toISOString(),
-            request_id: this.context.requestId
-        };
-    }
-    error(code, message, details) {
-        return {
-            success: false,
-            error: {
-                code,
-                message: message || code,
-                details
-            },
-            meta: {
-                version: '1.0',
-                responseTime: Date.now() - this.context.startTime
-            },
-            timestamp: new Date().toISOString(),
-            request_id: this.context.requestId
-        };
-    }
-}
-exports.ApiResponseBuilder = ApiResponseBuilder;
-// ============================================================================
-// API Handler Class
-// ============================================================================
-class ApiHandler {
-    config;
-    middlewareQueue = [];
-    constructor(config = {}) {
-        this.config = {
-            requireAuth: config.requireAuth ?? true,
-            requiredRoles: config.requiredRoles ?? [],
-            timeout: config.timeout ?? 30000,
-            validateClientSlug: config.validateClientSlug ?? true,
-        };
-    }
-    /**
-     * Add middleware to the handler chain
-     */
-    use(middleware) {
-        this.middlewareQueue.push(middleware);
-        return this;
-    }
-    /**
-     * Create the route handler
-     */
-    handle(handler) {
-        return async (req) => {
-            const startTime = Date.now();
-            const requestId = (0, nanoid_1.nanoid)();
-            const ctx = {
-                requestId,
-                startTime,
-                endpoint: req.nextUrl.pathname,
-                method: req.method,
-                userAgent: req.headers.get('user-agent') || undefined,
-                ipAddress: req.headers.get('x-forwarded-for') || req.headers.get('x-real-ip') || undefined,
-            };
-            try {
-                // Execute middleware chain
-                for (const middleware of this.middlewareQueue) {
-                    await middleware.execute(ctx, this.config);
-                }
-                // Handle authentication
-                const authResult = await this.handleAuthentication(req, ctx);
-                if (!authResult.success) {
-                    if (authResult.reason === 'REFRESH_IN_PROGRESS') {
-                        const response = this.errorResponse('SERVICE_UNAVAILABLE', 'Token refresh in progress', 503, requestId);
-                        response.headers.set('Retry-After', '1');
-                        return response;
-                    }
-                    if (this.config.requireAuth) {
-                        return this.errorResponse('UNAUTHORIZED', 'Authentication required', 401, requestId);
-                    }
-                }
-                const auth = authResult.auth || this.createEmptyAuth();
-                // Attach auth context to request for downstream use
-                if (auth.accessToken) {
-                    req.__authContext = { accessToken: auth.accessToken };
-                }
-                // Check roles
-                if (this.config.requiredRoles.length > 0 && auth) {
-                    const hasRequiredRole = this.config.requiredRoles.some(role => auth.roles.includes(role));
-                    if (!hasRequiredRole) {
-                        return this.errorResponse('FORBIDDEN', 'Insufficient permissions', 403, requestId);
-                    }
-                }
-                // Create response builder for backward compatibility
-                const responseBuilder = new ApiResponseBuilder(ctx);
-                // Execute handler with timeout
-                const result = await this.executeWithTimeout(handler(req, ctx, auth, responseBuilder), this.config.timeout);
-                return this.successResponse(result, requestId, ctx);
-            }
-            catch (error) {
-                if (error instanceof Error && error.message === 'Request timeout') {
-                    return this.errorResponse('TIMEOUT', 'Request timeout', 408, requestId);
-                }
-                const statusCode = error instanceof Error ? this.getStatusFromError(error) : 500;
-                const message = error instanceof Error ? error.message : 'An unexpected error occurred';
-                return this.errorResponse(this.getErrorCode(statusCode), message, statusCode, requestId);
-            }
-        };
-    }
-    // ==========================================================================
-    // Authentication
-    // ==========================================================================
-    async handleAuthentication(req, ctx) {
-        try {
-            const token = await (0, test_aware_get_token_1.getTokenTestAware)(req);
-            if (!token) {
-                if (this.config.requireAuth) {
-                    return { success: false, reason: 'NO_TOKEN' };
-                }
-                return { success: true, auth: this.createEmptyAuth() };
-            }
-            // Client slug validation (security feature from auth-handler)
-            if (this.config.validateClientSlug) {
-                const validationResult = this.validateClientSlug(token);
-                if (!validationResult.valid) {
-                    return { success: false, reason: validationResult.reason };
-                }
-            }
-            // Support both field names: sessionToken (auth.ts JWT) and redisSessionId (legacy)
-            const sessionToken = token.sessionToken || token.redisSessionId;
-            if (!sessionToken) {
-                return this.handleNoSessionToken(token, ctx);
-            }
-            // Get session with version for coordinated refresh
-            const sessionWithVersion = await (0, session_store_1.getSessionWithVersion)(sessionToken);
-            if (!sessionWithVersion) {
-                return { success: false, reason: 'SESSION_EXPIRED' };
-            }
-            const { session: sessionData } = sessionWithVersion;
-            let accessToken = sessionData.idpAccessToken || null;
-            let userRoles = Array.isArray(sessionData.roles) ? sessionData.roles : [];
-            // Merge roles from JWT token
-            try {
-                const tokenRoles = Array.isArray(token.roles) ? token.roles : [];
-                if (tokenRoles.length > 0) {
-                    userRoles = Array.from(new Set([...userRoles, ...tokenRoles]));
-                }
-            }
-            catch { /* ignore */ }
-            // Check if token needs refresh
-            const thresholdMs = 5 * 60 * 1000;
-            const expires = sessionData.idpAccessTokenExpires || 0;
-            const needsRefresh = !accessToken || (expires - Date.now()) <= thresholdMs;
-            if (needsRefresh) {
-                const refreshResult = await this.handleCoordinatedRefresh(req, token, sessionData, ctx);
-                if (refreshResult.blocked) {
-                    return { success: false, reason: 'REFRESH_IN_PROGRESS' };
-                }
-                if (refreshResult.accessToken) {
-                    accessToken = refreshResult.accessToken;
-                    if (refreshResult.roles) {
-                        userRoles = Array.from(new Set([...userRoles, ...refreshResult.roles]));
-                    }
-                }
-            }
-            if (!accessToken) {
-                return { success: false, reason: 'NO_ACCESS_TOKEN' };
-            }
-            ctx.userId = token.sub;
-            ctx.sessionId = sessionToken;
-            return {
-                success: true,
-                auth: {
-                    accessToken,
-                    userId: token.sub,
-                    roles: userRoles,
-                    sessionId: sessionToken,
-                    tokenType: 'bearer',
-                    refreshToken: sessionData?.refreshToken || null,
-                }
-            };
-        }
-        catch (error) {
-            return { success: false, reason: 'AUTH_ERROR' };
-        }
-    }
-    validateClientSlug(token) {
-        const expectedClientSlug = process.env.NEXT_PUBLIC_EXPECTED_CLIENT_SLUG;
-        // If not configured, skip validation (backward compat)
-        if (!expectedClientSlug) {
-            return { valid: true, reason: '' };
-        }
-        const tokenClientSlug = token.client_slug || token.clientSlug;
-        if (!tokenClientSlug) {
-            return { valid: false, reason: 'TOKEN_MISSING_CLIENT_SLUG' };
-        }
-        if (tokenClientSlug.toLowerCase() !== expectedClientSlug.toLowerCase()) {
-            return { valid: false, reason: 'TOKEN_CLIENT_MISMATCH' };
-        }
-        return { valid: true, reason: '' };
-    }
-    handleNoSessionToken(token, ctx) {
-        const allowTestFallback = process.env.TEST_MODE === 'true' || process.env.NODE_ENV === 'test';
-        if (allowTestFallback && token.accessToken) {
-            return {
-                success: true,
-                auth: {
-                    accessToken: token.accessToken,
-                    userId: token.sub,
-                    roles: token.roles || [],
-                    sessionId: undefined,
-                    tokenType: 'bearer',
-                    refreshToken: null,
-                }
-            };
-        }
-        if (this.config.requireAuth) {
-            return { success: false, reason: 'NO_SESSION_TOKEN' };
-        }
-        return { success: true, auth: this.createEmptyAuth() };
-    }
-    // ==========================================================================
-    // Coordinated Refresh
-    // ==========================================================================
-    async handleCoordinatedRefresh(req, token, sessionData, ctx) {
-        // Support both field names: sessionToken (auth.ts JWT) and redisSessionId (legacy)
-        const sessionToken = token.sessionToken || token.redisSessionId;
-        const existingLock = await (0, session_store_1.checkRefreshLock)(sessionToken);
-        if (existingLock) {
-            // Wait for existing refresh to complete
-            const waitResult = await this.waitForRefresh(sessionToken, 10000);
-            if (waitResult.success) {
-                const refreshed = await (0, session_store_1.getSession)(sessionToken);
-                if (refreshed?.accessToken) {
-                    return {
-                        accessToken: refreshed.accessToken,
-                        roles: Array.isArray(refreshed.roles) ? refreshed.roles : [],
-                    };
-                }
-            }
-            return { blocked: true };
-        }
-        // Try to acquire lock
-        const lockResult = await (0, session_store_1.acquireRefreshLock)(sessionToken, ctx.requestId, 5000);
-        if (!lockResult.acquired || !lockResult.lockInfo) {
-            const waitResult = await this.waitForRefresh(sessionToken, 10000);
-            if (waitResult.success) {
-                const refreshed = await (0, session_store_1.getSession)(sessionToken);
-                if (refreshed?.accessToken) {
-                    return {
-                        accessToken: refreshed.accessToken,
-                        roles: Array.isArray(refreshed.roles) ? refreshed.roles : [],
-                    };
-                }
-            }
-            return { blocked: true };
-        }
-        try {
-            // Double-check if still needs refresh
-            const latest = await (0, session_store_1.getSession)(sessionToken);
-            const thresholdMs = 5 * 60 * 1000;
-            const stillNeeds = !latest?.accessToken || ((latest?.accessTokenExpires || 0) - Date.now()) <= thresholdMs;
-            if (!stillNeeds && latest?.accessToken) {
-                return {
-                    accessToken: latest.accessToken,
-                    roles: Array.isArray(latest.roles) ? latest.roles : [],
-                };
-            }
-            // Use centralized internal API helper for server-to-server refresh calls
-            const refreshResponse = await (0, internal_api_1.internalRefresh)(req.headers.get('cookie') || '', sessionToken, sessionData.idpRefreshToken, ctx.requestId);
-            if (!refreshResponse.ok) {
-                return {};
-            }
-            const refreshed = await (0, session_store_1.getSession)(sessionToken);
-            if (refreshed?.accessToken) {
-                return {
-                    accessToken: refreshed.accessToken,
-                    roles: Array.isArray(refreshed.roles) ? refreshed.roles : [],
-                };
-            }
-            return {};
-        }
-        finally {
-            await (0, session_store_1.releaseRefreshLock)(sessionToken, ctx.requestId, lockResult.lockInfo.lockVersion);
-        }
-    }
-    async waitForRefresh(sessionToken, maxWaitMs) {
-        const startTime = Date.now();
-        const pollInterval = 100;
-        while (Date.now() - startTime < maxWaitMs) {
-            const lockExists = await (0, session_store_1.checkRefreshLock)(sessionToken);
-            if (!lockExists) {
-                const session = await (0, session_store_1.getSession)(sessionToken);
-                if (session?.accessToken) {
-                    const expires = session.accessTokenExpires || 0;
-                    if ((expires - Date.now()) > (5 * 60 * 1000)) {
-                        return { success: true };
-                    }
-                }
-                return { success: false };
-            }
-            await new Promise(resolve => setTimeout(resolve, pollInterval));
-        }
-        return { success: false };
-    }
-    // ==========================================================================
-    // Response Helpers
-    // ==========================================================================
-    createEmptyAuth() {
-        return {
-            accessToken: null,
-            roles: [],
-            tokenType: 'bearer',
-            refreshToken: null,
-        };
-    }
-    async executeWithTimeout(promise, timeoutMs) {
-        const timeoutPromise = new Promise((_, reject) => {
-            setTimeout(() => reject(new Error('Request timeout')), timeoutMs);
-        });
-        return Promise.race([promise, timeoutPromise]);
-    }
-    successResponse(data, requestId, ctx) {
-        // Pass through Response objects unchanged
-        if (data instanceof Response) {
-            return data;
-        }
-        // Handle nested success/error flags
-        if (data && typeof data === 'object') {
-            if (Object.prototype.hasOwnProperty.call(data, 'success')) {
-                if (data.success === false) {
-                    const msg = data.error?.message || data.message || 'Upstream service error';
-                    const code = data.error?.code || 'UPSTREAM_SERVICE_ERROR';
-                    return this.errorResponse(code, msg, 400, requestId);
-                }
-            }
-        }
-        return server_1.NextResponse.json({
-            success: true,
-            data,
-            message: 'Operation completed successfully',
-            operation_code: 'api_handler_operation',
-            timestamp: new Date().toISOString(),
-            request_id: requestId,
-            meta: {
-                version: '1.0',
-                responseTime: Date.now() - ctx.startTime,
-            }
-        }, { status: 200 });
-    }
-    errorResponse(code, message, status, requestId) {
-        const now = new Date().toISOString();
-        return server_1.NextResponse.json({
-            success: false,
-            message,
-            operation_code: 'api_handler_error',
-            timestamp: now,
-            request_id: requestId,
-            error: {
-                code,
-                message,
-                support: { request_id: requestId, timestamp: now }
-            },
-            meta: { version: '1.0' }
-        }, { status });
-    }
-    getStatusFromError(error) {
-        const msg = error.message.toLowerCase();
-        if (msg.includes('unauthorized'))
-            return 401;
-        if (msg.includes('forbidden') || msg.includes('insufficient permissions'))
-            return 403;
-        if (msg.includes('not found'))
-            return 404;
-        if (msg.includes('timeout'))
-            return 408;
-        if (msg.includes('rate limit'))
-            return 429;
-        if (msg.includes('bad gateway') || msg.includes('upstream'))
-            return 502;
-        if (msg.includes('service unavailable'))
-            return 503;
-        return 500;
-    }
-    getErrorCode(status) {
-        switch (status) {
-            case 400: return 'BAD_REQUEST';
-            case 401: return 'UNAUTHORIZED';
-            case 403: return 'FORBIDDEN';
-            case 404: return 'NOT_FOUND';
-            case 408: return 'TIMEOUT';
-            case 429: return 'RATE_LIMIT_EXCEEDED';
-            case 502: return 'BAD_GATEWAY';
-            case 503: return 'SERVICE_UNAVAILABLE';
-            default: return 'INTERNAL_SERVER_ERROR';
-        }
-    }
-}
-exports.ApiHandler = ApiHandler;
-// ============================================================================
-// Factory Function
-// ============================================================================
-/**
- * Create an API handler with the specified configuration
- *
- * @example
- * ```typescript
- * export const GET = createApiHandler({ requireAuth: true })
- *   .handle(async (req, ctx, auth) => {
- *     return { data: 'hello' };
- *   });
- * ```
- */
-function createApiHandler(config = {}) {
-    return new ApiHandler(config);
-}
-// ============================================================================
-// Pre-configured Presets
-// ============================================================================
-/**
- * Pre-configured API handler presets for common use cases
- */
-exports.API_PRESETS = {
-    /** Public endpoint - no authentication required */
-    PUBLIC: () => createApiHandler({ requireAuth: false, validateClientSlug: false }),
-    /** Authenticated endpoint - any logged-in user */
-    AUTHENTICATED: () => createApiHandler({ requireAuth: true }),
-    /** User endpoint - requires payez_user or payez_admin role */
-    USER: () => createApiHandler({
-        requireAuth: true,
-        requiredRoles: ['payez_user', 'payez_admin'],
-    }),
-    /** Admin endpoint - requires payez_admin role */
-    ADMIN: () => createApiHandler({
-        requireAuth: true,
-        requiredRoles: ['payez_admin'],
-    }),
-};
-// ============================================================================
-// Default Export
-// ============================================================================
-exports.default = createApiHandler;

package/dist/lib/app-slug.d.ts DELETED Viewed

@@ -1,95 +0,0 @@
-/**
- * App Slug Utility for `@payez/next-mvp`
- *
- * Provides app-specific namespacing for Redis keys and cookies to prevent
- * collisions when multiple MVP-based apps run on the same host (e.g., localhost).
- *
- * The slug is derived from:
- * 1. APP_SLUG environment variable (preferred)
- * 2. CLIENT_ID environment variable (fallback)
- * 3. 'payez' (default fallback)
- */
-/**
- * Gets the app slug for namespacing.
- * Caches the result for performance.
- */
-export declare function getAppSlug(): string;
-/**
- * Clears the cached slug (useful for testing).
- */
-export declare function clearSlugCache(): void;
-/**
- * Gets the prefix for session keys.
- * Format: {slug}:sess:
- */
-export declare function getSessionPrefix(): string;
-/**
- * Gets the prefix for anonymous session keys.
- * Format: {slug}:anon:
- */
-export declare function getAnonPrefix(): string;
-/**
- * Gets the prefix for refresh lock keys.
- * Format: {slug}:refresh_lock:
- */
-export declare function getRefreshLockPrefix(): string;
-/**
- * THE session cookie name - SINGLE SOURCE OF TRUTH.
- *
- * This is used by:
- * - auth-options.ts (cookies.sessionToken.name)
- * - getToken() calls (cookieName parameter)
- * - getJwtCookieName() (alias for consistency)
- *
- * Format: {slug}.session-token
- */
-export declare function getSessionCookieName(): string;
-/**
- * Gets the JWT cookie name for getToken() calls.
- *
- * CRITICAL: This MUST match what auth-options.ts configures:
- * - Production: __Secure-{slug}.session-token
- * - Development: {slug}.session-token
- *
- * This is the cookie name that getToken() should use to READ the JWT.
- */
-export declare function getJwtCookieName(): string;
-/**
- * Validates that cookie names are consistent with auth-options.ts.
- * Call this at startup to catch mismatches early.
- */
-export declare function validateCookieNameConsistency(): void;
-/**
- * Gets the __Secure- prefixed cookie name.
- *
- * WARNING: This is ONLY for clearing cookies during logout.
- * DO NOT use this for reading cookies - use getSessionCookieName().
- * NextAuth does NOT automatically use this prefix.
- *
- * Format: __Secure-{slug}.session-token
- */
-export declare function getSecureSessionCookieName(): string;
-/**
- * Gets the anonymous session cookie name.
- * Format: {slug}_anon_id
- */
-export declare function getAnonCookieName(): string;
-/**
- * Gets the CSRF token cookie name.
- * Format: {slug}.csrf-token
- */
-export declare function getCsrfCookieName(): string;
-/**
- * Gets the __Host- prefixed CSRF cookie name.
- *
- * WARNING: This is ONLY for clearing cookies during logout.
- * DO NOT use this for reading cookies - use getCsrfCookieName().
- *
- * Format: __Host-{slug}.csrf-token
- */
-export declare function getSecureCsrfCookieName(): string;
-/**
- * Gets the callback URL cookie name.
- * Format: {slug}.callback-url
- */
-export declare function getCallbackUrlCookieName(): string;