npm - @payez/next-mvp - Versions diffs - 4.0.0 → 4.0.1 - Mend

@payez/next-mvp 4.0.0 → 4.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (459) hide show

package/package.json +6 -16
package/dist/api/auth-handler.d.ts +0 -66
package/dist/api/auth-handler.js +0 -397
package/dist/api/index.d.ts +0 -10
package/dist/api/index.js +0 -19
package/dist/api-handlers/account/change-password.d.ts +0 -9
package/dist/api-handlers/account/change-password.js +0 -110
package/dist/api-handlers/account/masked-info.d.ts +0 -2
package/dist/api-handlers/account/masked-info.js +0 -41
package/dist/api-handlers/account/profile.d.ts +0 -3
package/dist/api-handlers/account/profile.js +0 -63
package/dist/api-handlers/account/recovery/initiate.d.ts +0 -2
package/dist/api-handlers/account/recovery/initiate.js +0 -26
package/dist/api-handlers/account/recovery/send-code.d.ts +0 -2
package/dist/api-handlers/account/recovery/send-code.js +0 -28
package/dist/api-handlers/account/recovery/verify-code.d.ts +0 -2
package/dist/api-handlers/account/recovery/verify-code.js +0 -28
package/dist/api-handlers/account/reset-password.d.ts +0 -2
package/dist/api-handlers/account/reset-password.js +0 -26
package/dist/api-handlers/account/send-code.d.ts +0 -24
package/dist/api-handlers/account/send-code.js +0 -60
package/dist/api-handlers/account/update-phone.d.ts +0 -27
package/dist/api-handlers/account/update-phone.js +0 -64
package/dist/api-handlers/account/validate-password.d.ts +0 -17
package/dist/api-handlers/account/validate-password.js +0 -81
package/dist/api-handlers/account/verify-email.d.ts +0 -26
package/dist/api-handlers/account/verify-email.js +0 -106
package/dist/api-handlers/account/verify-sms.d.ts +0 -26
package/dist/api-handlers/account/verify-sms.js +0 -106
package/dist/api-handlers/admin/analytics.d.ts +0 -19
package/dist/api-handlers/admin/analytics.js +0 -378
package/dist/api-handlers/admin/audit.d.ts +0 -19
package/dist/api-handlers/admin/audit.js +0 -213
package/dist/api-handlers/admin/index.d.ts +0 -21
package/dist/api-handlers/admin/index.js +0 -42
package/dist/api-handlers/admin/redis-sessions.d.ts +0 -35
package/dist/api-handlers/admin/redis-sessions.js +0 -203
package/dist/api-handlers/admin/sessions.d.ts +0 -20
package/dist/api-handlers/admin/sessions.js +0 -283
package/dist/api-handlers/admin/site-logs.d.ts +0 -45
package/dist/api-handlers/admin/site-logs.js +0 -317
package/dist/api-handlers/admin/stats.d.ts +0 -20
package/dist/api-handlers/admin/stats.js +0 -239
package/dist/api-handlers/admin/users.d.ts +0 -19
package/dist/api-handlers/admin/users.js +0 -221
package/dist/api-handlers/admin/vibe-data.d.ts +0 -79
package/dist/api-handlers/admin/vibe-data.js +0 -267
package/dist/api-handlers/anon/preferences.d.ts +0 -37
package/dist/api-handlers/anon/preferences.js +0 -96
package/dist/api-handlers/auth/jwks.d.ts +0 -2
package/dist/api-handlers/auth/jwks.js +0 -24
package/dist/api-handlers/auth/login.d.ts +0 -42
package/dist/api-handlers/auth/login.js +0 -178
package/dist/api-handlers/auth/refresh.d.ts +0 -74
package/dist/api-handlers/auth/refresh.js +0 -633
package/dist/api-handlers/auth/signout.d.ts +0 -37
package/dist/api-handlers/auth/signout.js +0 -186
package/dist/api-handlers/auth/status.d.ts +0 -8
package/dist/api-handlers/auth/status.js +0 -23
package/dist/api-handlers/auth/update-session.d.ts +0 -37
package/dist/api-handlers/auth/update-session.js +0 -93
package/dist/api-handlers/auth/validate.d.ts +0 -6
package/dist/api-handlers/auth/validate.js +0 -43
package/dist/api-handlers/auth/verify-code.d.ts +0 -43
package/dist/api-handlers/auth/verify-code.js +0 -90
package/dist/api-handlers/session/refresh-viability.d.ts +0 -14
package/dist/api-handlers/session/refresh-viability.js +0 -39
package/dist/api-handlers/session/viability.d.ts +0 -13
package/dist/api-handlers/session/viability.js +0 -114
package/dist/api-handlers/test/force-expire.d.ts +0 -23
package/dist/api-handlers/test/force-expire.js +0 -59
package/dist/auth/auth-decision.d.ts +0 -39
package/dist/auth/auth-decision.js +0 -182
package/dist/auth/auth-options.d.ts +0 -57
package/dist/auth/auth-options.js +0 -213
package/dist/auth/better-auth.d.ts +0 -79
package/dist/auth/better-auth.js +0 -119
package/dist/auth/callbacks/index.d.ts +0 -6
package/dist/auth/callbacks/index.js +0 -12
package/dist/auth/callbacks/jwt.d.ts +0 -45
package/dist/auth/callbacks/jwt.js +0 -305
package/dist/auth/callbacks/session.d.ts +0 -60
package/dist/auth/callbacks/session.js +0 -170
package/dist/auth/callbacks/signin.d.ts +0 -23
package/dist/auth/callbacks/signin.js +0 -44
package/dist/auth/events/index.d.ts +0 -4
package/dist/auth/events/index.js +0 -8
package/dist/auth/events/signout.d.ts +0 -17
package/dist/auth/events/signout.js +0 -32
package/dist/auth/providers/credentials.d.ts +0 -32
package/dist/auth/providers/credentials.js +0 -223
package/dist/auth/providers/index.d.ts +0 -5
package/dist/auth/providers/index.js +0 -21
package/dist/auth/providers/oauth.d.ts +0 -26
package/dist/auth/providers/oauth.js +0 -105
package/dist/auth/route-config.d.ts +0 -66
package/dist/auth/route-config.js +0 -190
package/dist/auth/types/auth-types.d.ts +0 -417
package/dist/auth/types/auth-types.js +0 -53
package/dist/auth/types/index.d.ts +0 -6
package/dist/auth/types/index.js +0 -22
package/dist/auth/unauthenticated-routes.d.ts +0 -1
package/dist/auth/unauthenticated-routes.js +0 -19
package/dist/auth/utils/idp-client.d.ts +0 -94
package/dist/auth/utils/idp-client.js +0 -384
package/dist/auth/utils/index.d.ts +0 -5
package/dist/auth/utils/index.js +0 -21
package/dist/auth/utils/token-utils.d.ts +0 -83
package/dist/auth/utils/token-utils.js +0 -218
package/dist/client/AuthContext.d.ts +0 -19
package/dist/client/AuthContext.js +0 -115
package/dist/client/better-auth-client.d.ts +0 -1020
package/dist/client/better-auth-client.js +0 -68
package/dist/client/fetch-with-auth.d.ts +0 -11
package/dist/client/fetch-with-auth.js +0 -44
package/dist/client/fetchWithSession.d.ts +0 -3
package/dist/client/fetchWithSession.js +0 -24
package/dist/client/index.d.ts +0 -9
package/dist/client/index.js +0 -20
package/dist/client/useAnonSession.d.ts +0 -36
package/dist/client/useAnonSession.js +0 -99
package/dist/components/SessionSync.d.ts +0 -13
package/dist/components/SessionSync.js +0 -121
package/dist/components/SignalRHealthCheck.d.ts +0 -10
package/dist/components/SignalRHealthCheck.js +0 -97
package/dist/components/account/MobileNavDrawer.d.ts +0 -32
package/dist/components/account/MobileNavDrawer.js +0 -81
package/dist/components/account/UserAvatarMenu.d.ts +0 -20
package/dist/components/account/UserAvatarMenu.js +0 -91
package/dist/components/account/index.d.ts +0 -9
package/dist/components/account/index.js +0 -13
package/dist/components/admin/AlertSettingsTab.d.ts +0 -48
package/dist/components/admin/AlertSettingsTab.js +0 -351
package/dist/components/admin/AnalyticsTab.d.ts +0 -22
package/dist/components/admin/AnalyticsTab.js +0 -167
package/dist/components/admin/DataBrowserTab.d.ts +0 -19
package/dist/components/admin/DataBrowserTab.js +0 -252
package/dist/components/admin/LoggingSettingsTab.d.ts +0 -73
package/dist/components/admin/LoggingSettingsTab.js +0 -339
package/dist/components/admin/SessionsTab.d.ts +0 -37
package/dist/components/admin/SessionsTab.js +0 -165
package/dist/components/admin/StatsTab.d.ts +0 -53
package/dist/components/admin/StatsTab.js +0 -161
package/dist/components/admin/VibeAdminContext.d.ts +0 -32
package/dist/components/admin/VibeAdminContext.js +0 -38
package/dist/components/admin/VibeAdminLayout.d.ts +0 -11
package/dist/components/admin/VibeAdminLayout.js +0 -71
package/dist/components/admin/index.d.ts +0 -29
package/dist/components/admin/index.js +0 -44
package/dist/components/auth/FederatedAuthSection.d.ts +0 -8
package/dist/components/auth/FederatedAuthSection.js +0 -45
package/dist/components/auth/ModeAwareLoginPage.d.ts +0 -10
package/dist/components/auth/ModeAwareLoginPage.js +0 -42
package/dist/components/auth/ModeAwareSignupPage.d.ts +0 -9
package/dist/components/auth/ModeAwareSignupPage.js +0 -78
package/dist/components/auth/TraditionalAuthSection.d.ts +0 -14
package/dist/components/auth/TraditionalAuthSection.js +0 -20
package/dist/components/recovery/CompleteStep.d.ts +0 -5
package/dist/components/recovery/CompleteStep.js +0 -8
package/dist/components/recovery/InitiateRecoveryStep.d.ts +0 -8
package/dist/components/recovery/InitiateRecoveryStep.js +0 -20
package/dist/components/recovery/SelectMethodStep.d.ts +0 -8
package/dist/components/recovery/SelectMethodStep.js +0 -8
package/dist/components/recovery/SetPasswordStep.d.ts +0 -6
package/dist/components/recovery/SetPasswordStep.js +0 -20
package/dist/components/recovery/VerifyCodeStep.d.ts +0 -10
package/dist/components/recovery/VerifyCodeStep.js +0 -24
package/dist/components/reserved/ReservedRecoveryWarning.d.ts +0 -38
package/dist/components/reserved/ReservedRecoveryWarning.js +0 -92
package/dist/components/reserved/ReservedStatusBox.d.ts +0 -30
package/dist/components/reserved/ReservedStatusBox.js +0 -71
package/dist/components/ui/BetaBadge.d.ts +0 -29
package/dist/components/ui/BetaBadge.js +0 -38
package/dist/components/ui/Footer.d.ts +0 -37
package/dist/components/ui/Footer.js +0 -41
package/dist/config/env.d.ts +0 -66
package/dist/config/env.js +0 -57
package/dist/config/logger.d.ts +0 -57
package/dist/config/logger.js +0 -73
package/dist/config/logging-config.d.ts +0 -30
package/dist/config/logging-config.js +0 -122
package/dist/config/unauthenticated-routes.d.ts +0 -17
package/dist/config/unauthenticated-routes.js +0 -24
package/dist/config/vibe-log-transport.d.ts +0 -81
package/dist/config/vibe-log-transport.js +0 -212
package/dist/edge/internal-api-url.d.ts +0 -53
package/dist/edge/internal-api-url.js +0 -63
package/dist/edge/middleware.d.ts +0 -14
package/dist/edge/middleware.js +0 -32
package/dist/hooks/useAuth.d.ts +0 -23
package/dist/hooks/useAuth.js +0 -83
package/dist/hooks/useAuthSettings.d.ts +0 -59
package/dist/hooks/useAuthSettings.js +0 -93
package/dist/hooks/useAvailableProviders.d.ts +0 -43
package/dist/hooks/useAvailableProviders.js +0 -112
package/dist/hooks/usePasswordValidation.d.ts +0 -27
package/dist/hooks/usePasswordValidation.js +0 -102
package/dist/hooks/useProfile.d.ts +0 -15
package/dist/hooks/useProfile.js +0 -59
package/dist/hooks/usePublicAuthSettings.d.ts +0 -56
package/dist/hooks/usePublicAuthSettings.js +0 -131
package/dist/hooks/useSessionExpiration.d.ts +0 -56
package/dist/hooks/useSessionExpiration.js +0 -72
package/dist/hooks/useViabilitySession.d.ts +0 -75
package/dist/hooks/useViabilitySession.js +0 -269
package/dist/index.d.ts +0 -12
package/dist/index.js +0 -53
package/dist/lib/anon-session.d.ts +0 -74
package/dist/lib/anon-session.js +0 -169
package/dist/lib/api-handler.d.ts +0 -123
package/dist/lib/api-handler.js +0 -478
package/dist/lib/app-slug.d.ts +0 -95
package/dist/lib/app-slug.js +0 -172
package/dist/lib/demo-mode.d.ts +0 -6
package/dist/lib/demo-mode.js +0 -16
package/dist/lib/geolocation.d.ts +0 -64
package/dist/lib/geolocation.js +0 -235
package/dist/lib/idp-client-config.d.ts +0 -75
package/dist/lib/idp-client-config.js +0 -425
package/dist/lib/idp-fetch.d.ts +0 -14
package/dist/lib/idp-fetch.js +0 -91
package/dist/lib/internal-api.d.ts +0 -87
package/dist/lib/internal-api.js +0 -122
package/dist/lib/jwt-decode-client.d.ts +0 -10
package/dist/lib/jwt-decode-client.js +0 -46
package/dist/lib/jwt-decode.d.ts +0 -48
package/dist/lib/jwt-decode.js +0 -57
package/dist/lib/nextauth-secret.d.ts +0 -10
package/dist/lib/nextauth-secret.js +0 -100
package/dist/lib/rate-limit-service.d.ts +0 -23
package/dist/lib/rate-limit-service.js +0 -6
package/dist/lib/redis.d.ts +0 -5
package/dist/lib/redis.js +0 -28
package/dist/lib/refresh-token-validator.d.ts +0 -13
package/dist/lib/refresh-token-validator.js +0 -117
package/dist/lib/roles.d.ts +0 -145
package/dist/lib/roles.js +0 -168
package/dist/lib/secret-validation.d.ts +0 -4
package/dist/lib/secret-validation.js +0 -14
package/dist/lib/session-store.d.ts +0 -170
package/dist/lib/session-store.js +0 -545
package/dist/lib/session.d.ts +0 -21
package/dist/lib/session.js +0 -26
package/dist/lib/site-logger.d.ts +0 -214
package/dist/lib/site-logger.js +0 -210
package/dist/lib/standardized-client-api.d.ts +0 -161
package/dist/lib/standardized-client-api.js +0 -791
package/dist/lib/startup-init.d.ts +0 -40
package/dist/lib/startup-init.js +0 -257
package/dist/lib/test-aware-get-token.d.ts +0 -2
package/dist/lib/test-aware-get-token.js +0 -86
package/dist/lib/token-expiry.d.ts +0 -14
package/dist/lib/token-expiry.js +0 -39
package/dist/lib/token-lifecycle.d.ts +0 -78
package/dist/lib/token-lifecycle.js +0 -360
package/dist/lib/types/api-responses.d.ts +0 -128
package/dist/lib/types/api-responses.js +0 -171
package/dist/lib/user-agent-parser.d.ts +0 -50
package/dist/lib/user-agent-parser.js +0 -220
package/dist/logging/api/admin-analytics.d.ts +0 -3
package/dist/logging/api/admin-analytics.js +0 -45
package/dist/logging/api/audit-log.d.ts +0 -3
package/dist/logging/api/audit-log.js +0 -52
package/dist/logging/components/AdminAnalyticsLayout.d.ts +0 -10
package/dist/logging/components/AdminAnalyticsLayout.js +0 -11
package/dist/logging/components/AuditLogViewer.d.ts +0 -7
package/dist/logging/components/AuditLogViewer.js +0 -51
package/dist/logging/components/ErrorMetricsCard.d.ts +0 -7
package/dist/logging/components/ErrorMetricsCard.js +0 -16
package/dist/logging/components/HealthMetricsCard.d.ts +0 -7
package/dist/logging/components/HealthMetricsCard.js +0 -19
package/dist/logging/hooks/useAdminAnalytics.d.ts +0 -24
package/dist/logging/hooks/useAdminAnalytics.js +0 -22
package/dist/logging/hooks/useAuditLog.d.ts +0 -6
package/dist/logging/hooks/useAuditLog.js +0 -25
package/dist/logging/hooks/useErrorMetrics.d.ts +0 -6
package/dist/logging/hooks/useErrorMetrics.js +0 -38
package/dist/logging/hooks/useHealthMetrics.d.ts +0 -6
package/dist/logging/hooks/useHealthMetrics.js +0 -41
package/dist/logging/index.d.ts +0 -11
package/dist/logging/index.js +0 -40
package/dist/logging/types/analytics.d.ts +0 -68
package/dist/logging/types/analytics.js +0 -3
package/dist/logging/types/audit.d.ts +0 -29
package/dist/logging/types/audit.js +0 -2
package/dist/logging/types/index.d.ts +0 -2
package/dist/logging/types/index.js +0 -19
package/dist/middleware/auth-decision.d.ts +0 -33
package/dist/middleware/auth-decision.js +0 -65
package/dist/middleware/create-middleware.d.ts +0 -102
package/dist/middleware/create-middleware.js +0 -469
package/dist/middleware/rbac-check.d.ts +0 -51
package/dist/middleware/rbac-check.js +0 -219
package/dist/middleware/twofa-presets.d.ts +0 -134
package/dist/middleware/twofa-presets.js +0 -175
package/dist/models/DecodedAccessToken.d.ts +0 -17
package/dist/models/DecodedAccessToken.js +0 -2
package/dist/models/SessionModel.d.ts +0 -122
package/dist/models/SessionModel.js +0 -136
package/dist/pages/admin-login/page.d.ts +0 -31
package/dist/pages/admin-login/page.js +0 -73
package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.d.ts +0 -18
package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.js +0 -276
package/dist/pages/admin-page-permissions/index.d.ts +0 -6
package/dist/pages/admin-page-permissions/index.js +0 -13
package/dist/pages/admin-roles/RolesAdminPage.d.ts +0 -16
package/dist/pages/admin-roles/RolesAdminPage.js +0 -261
package/dist/pages/admin-roles/index.d.ts +0 -8
package/dist/pages/admin-roles/index.js +0 -15
package/dist/pages/admin-roles/modals.d.ts +0 -72
package/dist/pages/admin-roles/modals.js +0 -154
package/dist/pages/client-admin/ClientSiteAdminPage.d.ts +0 -79
package/dist/pages/client-admin/ClientSiteAdminPage.js +0 -179
package/dist/pages/client-admin/index.d.ts +0 -32
package/dist/pages/client-admin/index.js +0 -37
package/dist/pages/coming-soon/page.d.ts +0 -8
package/dist/pages/coming-soon/page.js +0 -28
package/dist/pages/login/page.d.ts +0 -22
package/dist/pages/login/page.js +0 -230
package/dist/pages/profile/EnhancedProfilePage.d.ts +0 -13
package/dist/pages/profile/EnhancedProfilePage.js +0 -150
package/dist/pages/profile/index.d.ts +0 -8
package/dist/pages/profile/index.js +0 -16
package/dist/pages/profile/page.d.ts +0 -19
package/dist/pages/profile/page.js +0 -47
package/dist/pages/profile/profile-patch.d.ts +0 -1
package/dist/pages/profile/profile-patch.js +0 -281
package/dist/pages/recovery/page.d.ts +0 -1
package/dist/pages/recovery/page.js +0 -142
package/dist/pages/roles/MyRolesPage.d.ts +0 -24
package/dist/pages/roles/MyRolesPage.js +0 -71
package/dist/pages/roles/components.d.ts +0 -63
package/dist/pages/roles/components.js +0 -108
package/dist/pages/roles/index.d.ts +0 -8
package/dist/pages/roles/index.js +0 -19
package/dist/pages/security/EnhancedSecurityPage.d.ts +0 -14
package/dist/pages/security/EnhancedSecurityPage.js +0 -248
package/dist/pages/security/index.d.ts +0 -8
package/dist/pages/security/index.js +0 -16
package/dist/pages/security/page.d.ts +0 -21
package/dist/pages/security/page.js +0 -212
package/dist/pages/security/security-patch.d.ts +0 -1
package/dist/pages/security/security-patch.js +0 -302
package/dist/pages/settings/EnhancedSettingsPage.d.ts +0 -46
package/dist/pages/settings/EnhancedSettingsPage.js +0 -231
package/dist/pages/settings/index.d.ts +0 -8
package/dist/pages/settings/index.js +0 -16
package/dist/pages/settings/page.d.ts +0 -7
package/dist/pages/settings/page.js +0 -26
package/dist/pages/showcase/ShowcasePage.d.ts +0 -13
package/dist/pages/showcase/ShowcasePage.js +0 -142
package/dist/pages/showcase/index.d.ts +0 -12
package/dist/pages/showcase/index.js +0 -17
package/dist/pages/test-env/EmergencyLogoutPage.d.ts +0 -14
package/dist/pages/test-env/EmergencyLogoutPage.js +0 -99
package/dist/pages/test-env/JwtInspectPage.d.ts +0 -14
package/dist/pages/test-env/JwtInspectPage.js +0 -116
package/dist/pages/test-env/RefreshTokenPage.d.ts +0 -15
package/dist/pages/test-env/RefreshTokenPage.js +0 -93
package/dist/pages/test-env/TestEnvPage.d.ts +0 -13
package/dist/pages/test-env/TestEnvPage.js +0 -51
package/dist/pages/test-env/index.d.ts +0 -24
package/dist/pages/test-env/index.js +0 -32
package/dist/pages/verify-code/page.d.ts +0 -30
package/dist/pages/verify-code/page.js +0 -412
package/dist/routes/account/index.d.ts +0 -28
package/dist/routes/account/index.js +0 -71
package/dist/routes/account/masked-info.d.ts +0 -33
package/dist/routes/account/masked-info.js +0 -39
package/dist/routes/account/send-code.d.ts +0 -37
package/dist/routes/account/send-code.js +0 -42
package/dist/routes/account/update-phone.d.ts +0 -13
package/dist/routes/account/update-phone.js +0 -17
package/dist/routes/account/verify-email.d.ts +0 -38
package/dist/routes/account/verify-email.js +0 -43
package/dist/routes/account/verify-sms.d.ts +0 -38
package/dist/routes/account/verify-sms.js +0 -43
package/dist/routes/auth/index.d.ts +0 -19
package/dist/routes/auth/index.js +0 -64
package/dist/routes/auth/logout.d.ts +0 -31
package/dist/routes/auth/logout.js +0 -98
package/dist/routes/auth/nextauth.d.ts +0 -22
package/dist/routes/auth/nextauth.js +0 -40
package/dist/routes/auth/refresh.d.ts +0 -30
package/dist/routes/auth/refresh.js +0 -51
package/dist/routes/auth/session.d.ts +0 -43
package/dist/routes/auth/session.js +0 -157
package/dist/routes/auth/settings.d.ts +0 -25
package/dist/routes/auth/settings.js +0 -55
package/dist/routes/auth/viability.d.ts +0 -52
package/dist/routes/auth/viability.js +0 -190
package/dist/routes/index.d.ts +0 -12
package/dist/routes/index.js +0 -54
package/dist/routes/session/index.d.ts +0 -6
package/dist/routes/session/index.js +0 -10
package/dist/routes/session/refresh-viability.d.ts +0 -16
package/dist/routes/session/refresh-viability.js +0 -20
package/dist/server/auth-guard.d.ts +0 -46
package/dist/server/auth-guard.js +0 -128
package/dist/server/auth.d.ts +0 -50
package/dist/server/auth.js +0 -62
package/dist/server/decode-session.d.ts +0 -30
package/dist/server/decode-session.js +0 -78
package/dist/server/slim-middleware.d.ts +0 -23
package/dist/server/slim-middleware.js +0 -89
package/dist/server/with-auth.d.ts +0 -33
package/dist/server/with-auth.js +0 -59
package/dist/services/signalrActivityService.d.ts +0 -44
package/dist/services/signalrActivityService.js +0 -257
package/dist/stores/authStore.d.ts +0 -154
package/dist/stores/authStore.js +0 -1527
package/dist/theme/ThemeProvider.d.ts +0 -14
package/dist/theme/ThemeProvider.js +0 -28
package/dist/theme/default.d.ts +0 -8
package/dist/theme/default.js +0 -33
package/dist/theme/index.d.ts +0 -15
package/dist/theme/index.js +0 -25
package/dist/theme/types.d.ts +0 -56
package/dist/theme/types.js +0 -8
package/dist/theme/useTheme.d.ts +0 -60
package/dist/theme/useTheme.js +0 -63
package/dist/theme/utils.d.ts +0 -13
package/dist/theme/utils.js +0 -39
package/dist/types/api.d.ts +0 -134
package/dist/types/api.js +0 -44
package/dist/types/auth.d.ts +0 -19
package/dist/types/auth.js +0 -2
package/dist/types/logging.d.ts +0 -42
package/dist/types/logging.js +0 -2
package/dist/types/recovery.d.ts +0 -48
package/dist/types/recovery.js +0 -2
package/dist/types/security.d.ts +0 -1
package/dist/types/security.js +0 -2
package/dist/utils/api.d.ts +0 -85
package/dist/utils/api.js +0 -287
package/dist/utils/circuitBreaker.d.ts +0 -43
package/dist/utils/circuitBreaker.js +0 -91
package/dist/utils/error-message.d.ts +0 -1
package/dist/utils/error-message.js +0 -103
package/dist/utils/layout/reservedSpace.d.ts +0 -59
package/dist/utils/layout/reservedSpace.js +0 -102
package/dist/utils/logout.d.ts +0 -14
package/dist/utils/logout.js +0 -32
package/dist/vibe/client.d.ts +0 -261
package/dist/vibe/client.js +0 -445
package/dist/vibe/enterprise-auth.d.ts +0 -106
package/dist/vibe/enterprise-auth.js +0 -173
package/dist/vibe/errors.d.ts +0 -83
package/dist/vibe/errors.js +0 -146
package/dist/vibe/generic.d.ts +0 -234
package/dist/vibe/generic.js +0 -369
package/dist/vibe/hooks/index.d.ts +0 -169
package/dist/vibe/hooks/index.js +0 -252
package/dist/vibe/index.d.ts +0 -25
package/dist/vibe/index.js +0 -72
package/dist/vibe/sessions.d.ts +0 -161
package/dist/vibe/sessions.js +0 -391
package/dist/vibe/types.d.ts +0 -353
package/dist/vibe/types.js +0 -315

package/dist/api-handlers/account/masked-info.js DELETED Viewed

@@ -1,41 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.POST = POST;
-const server_1 = require("next/server");
-const idp_fetch_1 = require("../../lib/idp-fetch");
-const env_1 = require("../../config/env");
-// IDP masked-info is POST and uses capital 'A' in /api/Account
-async function POST(req) {
-    const url = `${env_1.ENV_CONFIG.IDP_URL}/api/Account/masked-info`;
-    // Forward request body if present; IDP often accepts empty object
-    let body = '{}';
-    try {
-        const raw = await req.text();
-        if (raw && raw.trim().length > 0)
-            body = raw;
-    }
-    catch { }
-    const result = await (0, idp_fetch_1.idpFetchJSON)(req, url, {
-        method: 'POST',
-        headers: { 'Content-Type': 'application/json' },
-        body
-    });
-    if (!result.ok) {
-        return server_1.NextResponse.json({
-            success: false,
-            message: 'Upstream error',
-            error: { code: 'UPSTREAM_SERVICE_ERROR', status: result.status, details: result.json },
-            meta: { attemptedRefresh: result.attemptedRefresh },
-        }, { status: result.status });
-    }
-    const bodyJson = result.json;
-    // Unwrap if IDP returns envelope { success, data }
-    if (bodyJson && typeof bodyJson === 'object' && 'success' in bodyJson && 'data' in bodyJson) {
-        if (bodyJson.success === true) {
-            return server_1.NextResponse.json(bodyJson.data, { status: 200 });
-        }
-        return server_1.NextResponse.json(bodyJson, { status: 200 });
-    }
-    // Passthrough otherwise
-    return server_1.NextResponse.json(bodyJson ?? {}, { status: 200 });
-}

package/dist/api-handlers/account/profile.d.ts DELETED Viewed

@@ -1,3 +0,0 @@
-import { NextRequest, NextResponse } from 'next/server';
-export declare function GET(req: NextRequest): Promise<NextResponse<any>>;
-export declare function PUT(req: NextRequest): Promise<NextResponse<any>>;

package/dist/api-handlers/account/profile.js DELETED Viewed

@@ -1,63 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.GET = GET;
-exports.PUT = PUT;
-const server_1 = require("next/server");
-/**
- * Account Profile API Handler
- * Simple proxy to IDP profile endpoint
- *
- * GET /api/account/profile - Get user profile
- * PUT /api/account/profile - Update user profile
- */
-function getIdpUrl() {
-    const url = process.env.IDP_URL;
-    if (!url) {
-        throw new Error('[IDP_URL] FATAL: IDP_URL environment variable is REQUIRED.');
-    }
-    return url;
-}
-async function GET(req) {
-    const IDP_URL = getIdpUrl();
-    const authHeader = req.headers.get('authorization');
-    if (!authHeader) {
-        return server_1.NextResponse.json({ success: false, error: { code: 'UNAUTHORIZED', message: 'Authentication required' } }, { status: 401 });
-    }
-    try {
-        const upstream = await fetch(`${IDP_URL}/api/Account/profile`, {
-            method: 'GET',
-            headers: {
-                'Content-Type': 'application/json',
-                'Authorization': authHeader,
-            },
-        });
-        const data = await upstream.json().catch(() => ({}));
-        return server_1.NextResponse.json(data, { status: upstream.status });
-    }
-    catch (error) {
-        return server_1.NextResponse.json({ success: false, error: { code: 'UPSTREAM_ERROR', message: 'Failed to fetch profile' } }, { status: 500 });
-    }
-}
-async function PUT(req) {
-    const IDP_URL = getIdpUrl();
-    const authHeader = req.headers.get('authorization');
-    if (!authHeader) {
-        return server_1.NextResponse.json({ success: false, error: { code: 'UNAUTHORIZED', message: 'Authentication required' } }, { status: 401 });
-    }
-    try {
-        const body = await req.text();
-        const upstream = await fetch(`${IDP_URL}/api/Account/profile`, {
-            method: 'PUT',
-            headers: {
-                'Content-Type': 'application/json',
-                'Authorization': authHeader,
-            },
-            body,
-        });
-        const data = await upstream.json().catch(() => ({}));
-        return server_1.NextResponse.json(data, { status: upstream.status });
-    }
-    catch (error) {
-        return server_1.NextResponse.json({ success: false, error: { code: 'UPSTREAM_ERROR', message: 'Failed to update profile' } }, { status: 500 });
-    }
-}

package/dist/api-handlers/account/recovery/initiate.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- import { NextRequest, NextResponse } from 'next/server';
2	- export declare function POST(req: NextRequest): Promise<NextResponse<any>>;

package/dist/api-handlers/account/recovery/initiate.js DELETED Viewed

@@ -1,26 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.POST = POST;
-const server_1 = require("next/server");
-function getIdpUrl() {
-    const url = process.env.IDP_URL;
-    if (!url)
-        throw new Error('[IDP_URL] FATAL: IDP_URL environment variable is REQUIRED.');
-    return url;
-}
-async function POST(req) {
-    const IDP_URL = getIdpUrl();
-    try {
-        const { email } = await req.json();
-        const upstream = await fetch(`${IDP_URL}/api/Account/recovery/initiate`, {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({ email }),
-        });
-        const data = await upstream.json().catch(() => ({}));
-        return server_1.NextResponse.json(data, { status: upstream.status });
-    }
-    catch (e) {
-        return server_1.NextResponse.json({ success: false, error: 'initiate_failed' }, { status: 500 });
-    }
-}

package/dist/api-handlers/account/recovery/send-code.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- import { NextRequest, NextResponse } from 'next/server';
2	- export declare function POST(req: NextRequest): Promise<NextResponse<any>>;

package/dist/api-handlers/account/recovery/send-code.js DELETED Viewed

@@ -1,28 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.POST = POST;
-const server_1 = require("next/server");
-function getIdpUrl() {
-    const url = process.env.IDP_URL;
-    if (!url)
-        throw new Error('[IDP_URL] FATAL: IDP_URL environment variable is REQUIRED.');
-    return url;
-}
-async function POST(req) {
-    const IDP_URL = getIdpUrl();
-    try {
-        const auth = req.headers.get('authorization') || '';
-        const token = auth.startsWith('Bearer ') ? auth.slice(7) : '';
-        const { method } = await req.json();
-        const upstream = await fetch(`${IDP_URL}/api/Account/recovery/send-code`, {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${token}` },
-            body: JSON.stringify({ method }),
-        });
-        const data = await upstream.json().catch(() => ({}));
-        return server_1.NextResponse.json(data, { status: upstream.status });
-    }
-    catch {
-        return server_1.NextResponse.json({ success: false, error: 'send_code_failed' }, { status: 500 });
-    }
-}

package/dist/api-handlers/account/recovery/verify-code.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- import { NextRequest, NextResponse } from 'next/server';
2	- export declare function POST(req: NextRequest): Promise<NextResponse<any>>;

package/dist/api-handlers/account/recovery/verify-code.js DELETED Viewed

@@ -1,28 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.POST = POST;
-const server_1 = require("next/server");
-function getIdpUrl() {
-    const url = process.env.IDP_URL;
-    if (!url)
-        throw new Error('[IDP_URL] FATAL: IDP_URL environment variable is REQUIRED.');
-    return url;
-}
-async function POST(req) {
-    const IDP_URL = getIdpUrl();
-    try {
-        const auth = req.headers.get('authorization') || '';
-        const token = auth.startsWith('Bearer ') ? auth.slice(7) : '';
-        const { code, method } = await req.json();
-        const upstream = await fetch(`${IDP_URL}/api/Account/recovery/verify-code`, {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${token}` },
-            body: JSON.stringify({ code, method }),
-        });
-        const data = await upstream.json().catch(() => ({}));
-        return server_1.NextResponse.json(data, { status: upstream.status });
-    }
-    catch {
-        return server_1.NextResponse.json({ success: false, error: 'verify_code_failed' }, { status: 500 });
-    }
-}

package/dist/api-handlers/account/reset-password.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- import { NextRequest, NextResponse } from 'next/server';
2	- export declare function POST(req: NextRequest): Promise<NextResponse<any>>;

package/dist/api-handlers/account/reset-password.js DELETED Viewed

@@ -1,26 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.POST = POST;
-const server_1 = require("next/server");
-function getIdpUrl() {
-    const url = process.env.IDP_URL;
-    if (!url)
-        throw new Error('[IDP_URL] FATAL: IDP_URL environment variable is REQUIRED.');
-    return url;
-}
-async function POST(req) {
-    const IDP_URL = getIdpUrl();
-    try {
-        const payload = await req.json();
-        const upstream = await fetch(`${IDP_URL}/api/Account/reset-password`, {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify(payload),
-        });
-        const data = await upstream.json().catch(() => ({}));
-        return server_1.NextResponse.json(data, { status: upstream.status });
-    }
-    catch {
-        return server_1.NextResponse.json({ success: false, error: 'reset_password_failed' }, { status: 500 });
-    }
-}

package/dist/api-handlers/account/send-code.d.ts DELETED Viewed

@@ -1,24 +0,0 @@
-/**
- * Send 2FA Verification Code Handler
- *
- * Sends a verification code via email or SMS to the authenticated user.
- * Requires a provisional Bearer token (ACR=1) from initial login.
- *
- * @package @payez/next-mvp
- */
-import { NextRequest, NextResponse } from 'next/server';
-export declare function POST(req: NextRequest): Promise<NextResponse<{
-    success: boolean;
-    error: string;
-    code: string;
-}> | NextResponse<{
-    success: boolean;
-    error: any;
-    code: any;
-    meta: {
-        attemptedRefresh: boolean;
-    };
-}> | NextResponse<{
-    success: boolean;
-    message: string;
-}>>;

package/dist/api-handlers/account/send-code.js DELETED Viewed

@@ -1,60 +0,0 @@
-"use strict";
-/**
- * Send 2FA Verification Code Handler
- *
- * Sends a verification code via email or SMS to the authenticated user.
- * Requires a provisional Bearer token (ACR=1) from initial login.
- *
- * @package @payez/next-mvp
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.POST = POST;
-const server_1 = require("next/server");
-const idp_fetch_1 = require("../../lib/idp-fetch");
-const env_1 = require("../../config/env");
-async function POST(req) {
-    try {
-        // Parse request body
-        const body = await req.json();
-        const method = String(body.method || '').toLowerCase();
-        if (method !== 'sms' && method !== 'email') {
-            return server_1.NextResponse.json({
-                success: false,
-                error: 'Method must be either "sms" or "email"',
-                code: 'INVALID_METHOD',
-            }, { status: 400 });
-        }
-        // Build IDP endpoint URL
-        const idpEndpoint = method === 'sms'
-            ? '/api/ExternalAuth/twofa/sms/send'
-            : '/api/ExternalAuth/twofa/email/send';
-        // Send client_id in body (lower_snake_case per PayEz standards)
-        const idpBody = JSON.stringify({ client_id: env_1.ENV_CONFIG.CLIENT_ID });
-        // Call IDP using idpFetchJSON which auto-injects Bearer token from Redis session
-        const result = await (0, idp_fetch_1.idpFetchJSON)(req, `${env_1.ENV_CONFIG.IDP_URL}${idpEndpoint}`, {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: idpBody,
-        });
-        if (!result.ok) {
-            return server_1.NextResponse.json({
-                success: false,
-                error: result.json?.message || `Failed to send ${method} code`,
-                code: result.json?.code || 'IDP_ERROR',
-                meta: { attemptedRefresh: result.attemptedRefresh },
-            }, { status: result.status });
-        }
-        return server_1.NextResponse.json({
-            success: true,
-            message: `Verification code sent via ${method}`,
-        }, { status: 200 });
-    }
-    catch (error) {
-        console.error('[SEND_CODE] Error:', error);
-        return server_1.NextResponse.json({
-            success: false,
-            error: 'Failed to send verification code',
-            code: 'INTERNAL_ERROR',
-        }, { status: 500 });
-    }
-}

package/dist/api-handlers/account/update-phone.d.ts DELETED Viewed

@@ -1,27 +0,0 @@
-import { NextRequest, NextResponse } from 'next/server';
-/**
- * Update Phone Number API Handler
- *
- * PATCH /api/account/update-phone - Update user's phone number
- * Used for 2FA setup - users need to add a phone to enable SMS verification.
- */
-export declare function POST(req: NextRequest): Promise<NextResponse<{
-    success: boolean;
-    error: {
-        code: string;
-        message: string;
-    };
-}> | NextResponse<{
-    success: boolean;
-    error: {
-        code: any;
-        message: any;
-    };
-    meta: {
-        attemptedRefresh: boolean;
-    };
-}> | NextResponse<{
-    success: boolean;
-    message: string;
-    data: any;
-}>>;

package/dist/api-handlers/account/update-phone.js DELETED Viewed

@@ -1,64 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.POST = POST;
-const server_1 = require("next/server");
-const idp_fetch_1 = require("../../lib/idp-fetch");
-const env_1 = require("../../config/env");
-/**
- * Update Phone Number API Handler
- *
- * PATCH /api/account/update-phone - Update user's phone number
- * Used for 2FA setup - users need to add a phone to enable SMS verification.
- */
-async function POST(req) {
-    try {
-        // Parse request body
-        let body;
-        try {
-            body = await req.json();
-        }
-        catch {
-            return server_1.NextResponse.json({ success: false, error: { code: 'INVALID_JSON', message: 'Invalid request body' } }, { status: 400 });
-        }
-        const { phoneNumber } = body;
-        if (!phoneNumber) {
-            return server_1.NextResponse.json({ success: false, error: { code: 'INVALID_INPUT', message: 'Phone number is required' } }, { status: 400 });
-        }
-        // PATCH profile with phone_number only
-        const url = `${env_1.ENV_CONFIG.IDP_URL}/api/Account/profile`;
-        const result = await (0, idp_fetch_1.idpFetchJSON)(req, url, {
-            method: 'PATCH',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({ phone_number: phoneNumber }),
-        });
-        if (!result.ok) {
-            console.error('[UPDATE_PHONE] IDP error:', result.status, result.json);
-            return server_1.NextResponse.json({
-                success: false,
-                error: {
-                    code: result.json?.error?.code || 'UPDATE_FAILED',
-                    message: result.json?.error?.message || 'Failed to update phone number',
-                },
-                meta: { attemptedRefresh: result.attemptedRefresh },
-            }, { status: result.status });
-        }
-        const responseData = result.json;
-        // Unwrap if IDP returns envelope { success, data }
-        if (responseData && typeof responseData === 'object' && 'success' in responseData && 'data' in responseData) {
-            return server_1.NextResponse.json({
-                success: true,
-                message: 'Phone number updated successfully',
-                data: responseData.data,
-            });
-        }
-        return server_1.NextResponse.json({
-            success: true,
-            message: 'Phone number updated successfully',
-            data: responseData,
-        });
-    }
-    catch (error) {
-        console.error('[UPDATE_PHONE] Error:', error);
-        return server_1.NextResponse.json({ success: false, error: { code: 'INTERNAL_ERROR', message: 'Failed to update phone number' } }, { status: 500 });
-    }
-}

package/dist/api-handlers/account/validate-password.d.ts DELETED Viewed

@@ -1,17 +0,0 @@
-import { NextRequest, NextResponse } from 'next/server';
-interface ValidatePasswordResponse {
-    is_valid: boolean;
-    score: number;
-    failed_requirements: string[];
-    tip?: string;
-    policy?: {
-        min_length?: number;
-        require_uppercase?: boolean;
-        require_lowercase?: boolean;
-        require_digit?: boolean;
-        require_special?: boolean;
-        min_strength_score?: number;
-    };
-}
-export declare function POST(req: NextRequest): Promise<NextResponse<ValidatePasswordResponse>>;
-export {};

package/dist/api-handlers/account/validate-password.js DELETED Viewed

@@ -1,81 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.POST = POST;
-const server_1 = require("next/server");
-async function POST(req) {
-    try {
-        const body = await req.json();
-        const { password } = body;
-        const requestId = req.headers.get('x-request-id') ?? crypto.randomUUID();
-        // Validate input
-        if (!password || typeof password !== 'string') {
-            return server_1.NextResponse.json({
-                is_valid: false,
-                score: 0,
-                failed_requirements: ['Password is required'],
-            }, {
-                status: 200, // Return 200 even for validation errors to keep UI responsive
-                headers: { 'Cache-Control': 'no-store' },
-            });
-        }
-        // Get IDP base URL and client ID from environment
-        const idpBaseUrl = process.env.IDP_URL;
-        const clientId = process.env.CLIENT_ID || process.env.NEXT_PUBLIC_CLIENT_ID;
-        if (!idpBaseUrl) {
-            console.error('[VALIDATE_PASSWORD] IDP_URL not configured');
-            return server_1.NextResponse.json({
-                is_valid: false,
-                score: 0,
-                failed_requirements: ['Password validation service unavailable'],
-            }, {
-                status: 200,
-                headers: { 'Cache-Control': 'no-store' },
-            });
-        }
-        // Proxy request to IDP
-        const idpUrl = `${idpBaseUrl}/api/Account/validate-password`;
-        const payload = {
-            password,
-            client_id: clientId,
-        };
-        const idpResponse = await fetch(idpUrl, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-                'x-request-id': requestId,
-            },
-            body: JSON.stringify(payload),
-        });
-        const responseData = await idpResponse.json().catch(() => ({}));
-        if (!idpResponse.ok) {
-            console.error('[VALIDATE_PASSWORD] IDP error:', {
-                status: idpResponse.status,
-                response: responseData,
-            });
-            return server_1.NextResponse.json({
-                is_valid: false,
-                score: 0,
-                failed_requirements: ['Password validation failed'],
-            }, {
-                status: 200,
-                headers: { 'Cache-Control': 'no-store' },
-            });
-        }
-        // Return the IDP response with proper structure
-        return server_1.NextResponse.json(responseData, {
-            status: 200,
-            headers: { 'Cache-Control': 'no-store' },
-        });
-    }
-    catch (error) {
-        console.error('[VALIDATE_PASSWORD] Error:', error);
-        return server_1.NextResponse.json({
-            is_valid: false,
-            score: 0,
-            failed_requirements: ['Password validation failed'],
-        }, {
-            status: 200,
-            headers: { 'Cache-Control': 'no-store' },
-        });
-    }
-}

package/dist/api-handlers/account/verify-email.d.ts DELETED Viewed

@@ -1,26 +0,0 @@
-/**
- * Verify Email 2FA Code Handler
- *
- * Verifies the 2FA email verification code and completes the 2FA flow.
- * Updates the session with new tokens upon successful verification.
- *
- * @package @payez/next-mvp
- */
-import { NextRequest, NextResponse } from 'next/server';
-export declare function POST(req: NextRequest): Promise<NextResponse<{
-    success: boolean;
-    error: string;
-    code: string;
-}> | NextResponse<{
-    success: boolean;
-    error: any;
-    code: any;
-    meta: {
-        attemptedRefresh: boolean;
-    };
-}> | NextResponse<{
-    success: boolean;
-    verificationSuccessful: boolean;
-    twoFactorSessionVerified: boolean;
-    message: any;
-}>>;

package/dist/api-handlers/account/verify-email.js DELETED Viewed

@@ -1,106 +0,0 @@
-"use strict";
-/**
- * Verify Email 2FA Code Handler
- *
- * Verifies the 2FA email verification code and completes the 2FA flow.
- * Updates the session with new tokens upon successful verification.
- *
- * @package @payez/next-mvp
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.POST = POST;
-const server_1 = require("next/server");
-const idp_fetch_1 = require("../../lib/idp-fetch");
-const env_1 = require("../../config/env");
-const test_aware_get_token_1 = require("../../lib/test-aware-get-token");
-const session_store_1 = require("../../lib/session-store");
-const jwt_decode_1 = require("../../lib/jwt-decode");
-async function POST(req) {
-    try {
-        // Parse request body
-        const body = await req.json();
-        const verificationCode = body.verificationCode || body.verification_code;
-        if (!verificationCode) {
-            return server_1.NextResponse.json({
-                success: false,
-                error: 'Verification code is required',
-                code: 'INVALID_REQUEST',
-            }, { status: 400 });
-        }
-        // Call IDP using idpFetchJSON which auto-injects Bearer token from Redis session
-        const result = await (0, idp_fetch_1.idpFetchJSON)(req, `${env_1.ENV_CONFIG.IDP_URL}/api/ExternalAuth/twofa/email/verify`, {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({ verification_code: verificationCode }),
-        });
-        if (!result.ok) {
-            return server_1.NextResponse.json({
-                success: false,
-                error: result.json?.message || 'Verification failed',
-                code: result.json?.code || 'IDP_ERROR',
-                meta: { attemptedRefresh: result.attemptedRefresh },
-            }, { status: result.status });
-        }
-        // Unwrap IDP envelope
-        const unwrappedData = result.json?.data || result.json;
-        // If we have new tokens, update the session to complete 2FA
-        if (unwrappedData.access_token && unwrappedData.refresh_token) {
-            // Get session token from NextAuth
-            // Support both field names: sessionToken (auth.ts JWT) and redisSessionId (legacy)
-            const token = await (0, test_aware_get_token_1.getTokenTestAware)(req);
-            const sessionToken = (token?.sessionToken || token?.redisSessionId);
-            if (sessionToken) {
-                console.log('[VERIFY_EMAIL] Updating session with new tokens');
-                // Decode access token to get actual expiration
-                let accessTokenExpires = Date.now() + (15 * 60 * 1000); // Default: 15 minutes
-                try {
-                    const decoded = (0, jwt_decode_1.jwtDecode)(unwrappedData.access_token);
-                    if (decoded?.exp) {
-                        accessTokenExpires = decoded.exp * 1000; // Convert to milliseconds
-                    }
-                }
-                catch (err) {
-                    console.warn('[VERIFY_EMAIL] Could not decode access token, using default expiration');
-                }
-                // Decode refresh token to get actual expiration (optional)
-                let refreshTokenExpires = Date.now() + (3 * 24 * 60 * 60 * 1000); // Default: 3 days
-                try {
-                    const decoded = (0, jwt_decode_1.jwtDecode)(unwrappedData.refresh_token);
-                    if (decoded?.exp) {
-                        refreshTokenExpires = decoded.exp * 1000;
-                    }
-                }
-                catch {
-                    // Refresh token may not have exp claim, use default
-                }
-                // Update session with new tokens and mark 2FA complete
-                await (0, session_store_1.transitionTo2FASession)(sessionToken, {
-                    accessToken: unwrappedData.access_token,
-                    refreshToken: unwrappedData.refresh_token,
-                    accessTokenExpires,
-                    refreshTokenExpires
-                }, 'email' // Store 2FA method for refresh token flow
-                );
-                console.log('[VERIFY_EMAIL] Session updated successfully', {
-                    accessTokenExpires: new Date(accessTokenExpires).toISOString(),
-                    refreshTokenExpires: new Date(refreshTokenExpires).toISOString()
-                });
-            }
-        }
-        // Return simplified success response (don't expose tokens to client)
-        return server_1.NextResponse.json({
-            success: true,
-            verificationSuccessful: true,
-            twoFactorSessionVerified: true,
-            message: unwrappedData.message || 'Email code verified successfully'
-        }, { status: 200 });
-    }
-    catch (error) {
-        console.error('[VERIFY_EMAIL] Error:', error);
-        return server_1.NextResponse.json({
-            success: false,
-            error: 'Failed to verify code',
-            code: 'INTERNAL_ERROR',
-        }, { status: 500 });
-    }
-}