@payez/next-mvp 4.0.1 → 4.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api/auth-handler.d.ts +66 -0
- package/dist/api/auth-handler.js +397 -0
- package/dist/api/index.d.ts +10 -0
- package/dist/api/index.js +19 -0
- package/dist/api-handlers/account/change-password.d.ts +9 -0
- package/dist/api-handlers/account/change-password.js +110 -0
- package/dist/api-handlers/account/masked-info.d.ts +2 -0
- package/dist/api-handlers/account/masked-info.js +41 -0
- package/dist/api-handlers/account/profile.d.ts +3 -0
- package/dist/api-handlers/account/profile.js +63 -0
- package/dist/api-handlers/account/recovery/initiate.d.ts +2 -0
- package/dist/api-handlers/account/recovery/initiate.js +26 -0
- package/dist/api-handlers/account/recovery/send-code.d.ts +2 -0
- package/dist/api-handlers/account/recovery/send-code.js +28 -0
- package/dist/api-handlers/account/recovery/verify-code.d.ts +2 -0
- package/dist/api-handlers/account/recovery/verify-code.js +28 -0
- package/dist/api-handlers/account/reset-password.d.ts +2 -0
- package/dist/api-handlers/account/reset-password.js +26 -0
- package/dist/api-handlers/account/send-code.d.ts +24 -0
- package/dist/api-handlers/account/send-code.js +60 -0
- package/dist/api-handlers/account/update-phone.d.ts +27 -0
- package/dist/api-handlers/account/update-phone.js +64 -0
- package/dist/api-handlers/account/validate-password.d.ts +17 -0
- package/dist/api-handlers/account/validate-password.js +81 -0
- package/dist/api-handlers/account/verify-email.d.ts +26 -0
- package/dist/api-handlers/account/verify-email.js +106 -0
- package/dist/api-handlers/account/verify-sms.d.ts +26 -0
- package/dist/api-handlers/account/verify-sms.js +106 -0
- package/dist/api-handlers/admin/analytics.d.ts +19 -0
- package/dist/api-handlers/admin/analytics.js +378 -0
- package/dist/api-handlers/admin/audit.d.ts +19 -0
- package/dist/api-handlers/admin/audit.js +213 -0
- package/dist/api-handlers/admin/index.d.ts +21 -0
- package/dist/api-handlers/admin/index.js +42 -0
- package/dist/api-handlers/admin/redis-sessions.d.ts +35 -0
- package/dist/api-handlers/admin/redis-sessions.js +203 -0
- package/dist/api-handlers/admin/sessions.d.ts +20 -0
- package/dist/api-handlers/admin/sessions.js +283 -0
- package/dist/api-handlers/admin/site-logs.d.ts +45 -0
- package/dist/api-handlers/admin/site-logs.js +317 -0
- package/dist/api-handlers/admin/stats.d.ts +20 -0
- package/dist/api-handlers/admin/stats.js +239 -0
- package/dist/api-handlers/admin/users.d.ts +19 -0
- package/dist/api-handlers/admin/users.js +221 -0
- package/dist/api-handlers/admin/vibe-data.d.ts +79 -0
- package/dist/api-handlers/admin/vibe-data.js +267 -0
- package/dist/api-handlers/anon/preferences.d.ts +37 -0
- package/dist/api-handlers/anon/preferences.js +96 -0
- package/dist/api-handlers/auth/jwks.d.ts +2 -0
- package/dist/api-handlers/auth/jwks.js +24 -0
- package/dist/api-handlers/auth/login.d.ts +42 -0
- package/dist/api-handlers/auth/login.js +178 -0
- package/dist/api-handlers/auth/refresh.d.ts +74 -0
- package/dist/api-handlers/auth/refresh.js +633 -0
- package/dist/api-handlers/auth/signout.d.ts +37 -0
- package/dist/api-handlers/auth/signout.js +186 -0
- package/dist/api-handlers/auth/status.d.ts +8 -0
- package/dist/api-handlers/auth/status.js +23 -0
- package/dist/api-handlers/auth/update-session.d.ts +37 -0
- package/dist/api-handlers/auth/update-session.js +93 -0
- package/dist/api-handlers/auth/validate.d.ts +6 -0
- package/dist/api-handlers/auth/validate.js +43 -0
- package/dist/api-handlers/auth/verify-code.d.ts +43 -0
- package/dist/api-handlers/auth/verify-code.js +90 -0
- package/dist/api-handlers/session/refresh-viability.d.ts +14 -0
- package/dist/api-handlers/session/refresh-viability.js +39 -0
- package/dist/api-handlers/session/viability.d.ts +13 -0
- package/dist/api-handlers/session/viability.js +114 -0
- package/dist/api-handlers/test/force-expire.d.ts +23 -0
- package/dist/api-handlers/test/force-expire.js +59 -0
- package/dist/auth/auth-decision.d.ts +39 -0
- package/dist/auth/auth-decision.js +182 -0
- package/dist/auth/better-auth.d.ts +79 -0
- package/dist/auth/better-auth.js +119 -0
- package/dist/auth/route-config.d.ts +66 -0
- package/dist/auth/route-config.js +190 -0
- package/dist/auth/types/auth-types.d.ts +417 -0
- package/dist/auth/types/auth-types.js +53 -0
- package/dist/auth/types/index.d.ts +6 -0
- package/dist/auth/types/index.js +22 -0
- package/dist/auth/unauthenticated-routes.d.ts +1 -0
- package/dist/auth/unauthenticated-routes.js +19 -0
- package/dist/auth/utils/idp-client.d.ts +94 -0
- package/dist/auth/utils/idp-client.js +384 -0
- package/dist/auth/utils/index.d.ts +5 -0
- package/dist/auth/utils/index.js +21 -0
- package/dist/auth/utils/token-utils.d.ts +83 -0
- package/dist/auth/utils/token-utils.js +218 -0
- package/dist/client/AuthContext.d.ts +19 -0
- package/dist/client/AuthContext.js +115 -0
- package/dist/client/better-auth-client.d.ts +1020 -0
- package/dist/client/better-auth-client.js +68 -0
- package/dist/client/fetch-with-auth.d.ts +11 -0
- package/dist/client/fetch-with-auth.js +44 -0
- package/dist/client/fetchWithSession.d.ts +3 -0
- package/dist/client/fetchWithSession.js +24 -0
- package/dist/client/index.d.ts +9 -0
- package/dist/client/index.js +20 -0
- package/dist/client/useAnonSession.d.ts +36 -0
- package/dist/client/useAnonSession.js +99 -0
- package/dist/components/SessionSync.d.ts +13 -0
- package/dist/components/SessionSync.js +121 -0
- package/dist/components/SignalRHealthCheck.d.ts +10 -0
- package/dist/components/SignalRHealthCheck.js +97 -0
- package/dist/components/account/MobileNavDrawer.d.ts +32 -0
- package/dist/components/account/MobileNavDrawer.js +81 -0
- package/dist/components/account/UserAvatarMenu.d.ts +20 -0
- package/dist/components/account/UserAvatarMenu.js +91 -0
- package/dist/components/account/index.d.ts +9 -0
- package/dist/components/account/index.js +13 -0
- package/dist/components/admin/AlertSettingsTab.d.ts +48 -0
- package/dist/components/admin/AlertSettingsTab.js +351 -0
- package/dist/components/admin/AnalyticsTab.d.ts +22 -0
- package/dist/components/admin/AnalyticsTab.js +167 -0
- package/dist/components/admin/DataBrowserTab.d.ts +19 -0
- package/dist/components/admin/DataBrowserTab.js +252 -0
- package/dist/components/admin/LoggingSettingsTab.d.ts +73 -0
- package/dist/components/admin/LoggingSettingsTab.js +339 -0
- package/dist/components/admin/SessionsTab.d.ts +37 -0
- package/dist/components/admin/SessionsTab.js +165 -0
- package/dist/components/admin/StatsTab.d.ts +53 -0
- package/dist/components/admin/StatsTab.js +161 -0
- package/dist/components/admin/VibeAdminContext.d.ts +32 -0
- package/dist/components/admin/VibeAdminContext.js +38 -0
- package/dist/components/admin/VibeAdminLayout.d.ts +11 -0
- package/dist/components/admin/VibeAdminLayout.js +71 -0
- package/dist/components/admin/index.d.ts +29 -0
- package/dist/components/admin/index.js +44 -0
- package/dist/components/auth/FederatedAuthSection.d.ts +8 -0
- package/dist/components/auth/FederatedAuthSection.js +45 -0
- package/dist/components/auth/ModeAwareLoginPage.d.ts +10 -0
- package/dist/components/auth/ModeAwareLoginPage.js +42 -0
- package/dist/components/auth/ModeAwareSignupPage.d.ts +9 -0
- package/dist/components/auth/ModeAwareSignupPage.js +78 -0
- package/dist/components/auth/TraditionalAuthSection.d.ts +14 -0
- package/dist/components/auth/TraditionalAuthSection.js +20 -0
- package/dist/components/recovery/CompleteStep.d.ts +5 -0
- package/dist/components/recovery/CompleteStep.js +8 -0
- package/dist/components/recovery/InitiateRecoveryStep.d.ts +8 -0
- package/dist/components/recovery/InitiateRecoveryStep.js +20 -0
- package/dist/components/recovery/SelectMethodStep.d.ts +8 -0
- package/dist/components/recovery/SelectMethodStep.js +8 -0
- package/dist/components/recovery/SetPasswordStep.d.ts +6 -0
- package/dist/components/recovery/SetPasswordStep.js +20 -0
- package/dist/components/recovery/VerifyCodeStep.d.ts +10 -0
- package/dist/components/recovery/VerifyCodeStep.js +24 -0
- package/dist/components/reserved/ReservedRecoveryWarning.d.ts +38 -0
- package/dist/components/reserved/ReservedRecoveryWarning.js +92 -0
- package/dist/components/reserved/ReservedStatusBox.d.ts +30 -0
- package/dist/components/reserved/ReservedStatusBox.js +71 -0
- package/dist/components/ui/BetaBadge.d.ts +29 -0
- package/dist/components/ui/BetaBadge.js +38 -0
- package/dist/components/ui/Footer.d.ts +37 -0
- package/dist/components/ui/Footer.js +41 -0
- package/dist/config/env.d.ts +66 -0
- package/dist/config/env.js +57 -0
- package/dist/config/logger.d.ts +57 -0
- package/dist/config/logger.js +73 -0
- package/dist/config/logging-config.d.ts +30 -0
- package/dist/config/logging-config.js +122 -0
- package/dist/config/unauthenticated-routes.d.ts +17 -0
- package/dist/config/unauthenticated-routes.js +24 -0
- package/dist/config/vibe-log-transport.d.ts +81 -0
- package/dist/config/vibe-log-transport.js +212 -0
- package/dist/edge/internal-api-url.d.ts +53 -0
- package/dist/edge/internal-api-url.js +63 -0
- package/dist/edge/middleware.d.ts +14 -0
- package/dist/edge/middleware.js +32 -0
- package/dist/hooks/useAuth.d.ts +23 -0
- package/dist/hooks/useAuth.js +83 -0
- package/dist/hooks/useAuthSettings.d.ts +59 -0
- package/dist/hooks/useAuthSettings.js +93 -0
- package/dist/hooks/useAvailableProviders.d.ts +43 -0
- package/dist/hooks/useAvailableProviders.js +112 -0
- package/dist/hooks/usePasswordValidation.d.ts +27 -0
- package/dist/hooks/usePasswordValidation.js +102 -0
- package/dist/hooks/useProfile.d.ts +15 -0
- package/dist/hooks/useProfile.js +59 -0
- package/dist/hooks/usePublicAuthSettings.d.ts +56 -0
- package/dist/hooks/usePublicAuthSettings.js +131 -0
- package/dist/hooks/useSessionExpiration.d.ts +56 -0
- package/dist/hooks/useSessionExpiration.js +72 -0
- package/dist/hooks/useViabilitySession.d.ts +75 -0
- package/dist/hooks/useViabilitySession.js +269 -0
- package/dist/index.d.ts +12 -0
- package/dist/index.js +53 -0
- package/dist/lib/anon-session.d.ts +74 -0
- package/dist/lib/anon-session.js +169 -0
- package/dist/lib/api-handler.d.ts +123 -0
- package/dist/lib/api-handler.js +478 -0
- package/dist/lib/app-slug.d.ts +95 -0
- package/dist/lib/app-slug.js +172 -0
- package/dist/lib/demo-mode.d.ts +6 -0
- package/dist/lib/demo-mode.js +16 -0
- package/dist/lib/geolocation.d.ts +64 -0
- package/dist/lib/geolocation.js +235 -0
- package/dist/lib/idp-client-config.d.ts +75 -0
- package/dist/lib/idp-client-config.js +425 -0
- package/dist/lib/idp-fetch.d.ts +14 -0
- package/dist/lib/idp-fetch.js +91 -0
- package/dist/lib/internal-api.d.ts +87 -0
- package/dist/lib/internal-api.js +122 -0
- package/dist/lib/jwt-decode-client.d.ts +10 -0
- package/dist/lib/jwt-decode-client.js +46 -0
- package/dist/lib/jwt-decode.d.ts +48 -0
- package/dist/lib/jwt-decode.js +57 -0
- package/dist/lib/rate-limit-service.d.ts +23 -0
- package/dist/lib/rate-limit-service.js +6 -0
- package/dist/lib/redis.d.ts +5 -0
- package/dist/lib/redis.js +28 -0
- package/dist/lib/refresh-token-validator.d.ts +13 -0
- package/dist/lib/refresh-token-validator.js +117 -0
- package/dist/lib/roles.d.ts +145 -0
- package/dist/lib/roles.js +168 -0
- package/dist/lib/secret-validation.d.ts +4 -0
- package/dist/lib/secret-validation.js +14 -0
- package/dist/lib/session-store.d.ts +170 -0
- package/dist/lib/session-store.js +545 -0
- package/dist/lib/session.d.ts +21 -0
- package/dist/lib/session.js +26 -0
- package/dist/lib/site-logger.d.ts +214 -0
- package/dist/lib/site-logger.js +210 -0
- package/dist/lib/standardized-client-api.d.ts +161 -0
- package/dist/lib/standardized-client-api.js +791 -0
- package/dist/lib/startup-init.d.ts +40 -0
- package/dist/lib/startup-init.js +257 -0
- package/dist/lib/test-aware-get-token.d.ts +2 -0
- package/dist/lib/test-aware-get-token.js +86 -0
- package/dist/lib/token-expiry.d.ts +14 -0
- package/dist/lib/token-expiry.js +39 -0
- package/dist/lib/token-lifecycle.d.ts +78 -0
- package/dist/lib/token-lifecycle.js +360 -0
- package/dist/lib/types/api-responses.d.ts +128 -0
- package/dist/lib/types/api-responses.js +171 -0
- package/dist/lib/user-agent-parser.d.ts +50 -0
- package/dist/lib/user-agent-parser.js +220 -0
- package/dist/logging/api/admin-analytics.d.ts +3 -0
- package/dist/logging/api/admin-analytics.js +45 -0
- package/dist/logging/api/audit-log.d.ts +3 -0
- package/dist/logging/api/audit-log.js +52 -0
- package/dist/logging/components/AdminAnalyticsLayout.d.ts +10 -0
- package/dist/logging/components/AdminAnalyticsLayout.js +11 -0
- package/dist/logging/components/AuditLogViewer.d.ts +7 -0
- package/dist/logging/components/AuditLogViewer.js +51 -0
- package/dist/logging/components/ErrorMetricsCard.d.ts +7 -0
- package/dist/logging/components/ErrorMetricsCard.js +16 -0
- package/dist/logging/components/HealthMetricsCard.d.ts +7 -0
- package/dist/logging/components/HealthMetricsCard.js +19 -0
- package/dist/logging/hooks/useAdminAnalytics.d.ts +24 -0
- package/dist/logging/hooks/useAdminAnalytics.js +22 -0
- package/dist/logging/hooks/useAuditLog.d.ts +6 -0
- package/dist/logging/hooks/useAuditLog.js +25 -0
- package/dist/logging/hooks/useErrorMetrics.d.ts +6 -0
- package/dist/logging/hooks/useErrorMetrics.js +38 -0
- package/dist/logging/hooks/useHealthMetrics.d.ts +6 -0
- package/dist/logging/hooks/useHealthMetrics.js +41 -0
- package/dist/logging/index.d.ts +11 -0
- package/dist/logging/index.js +40 -0
- package/dist/logging/types/analytics.d.ts +68 -0
- package/dist/logging/types/analytics.js +3 -0
- package/dist/logging/types/audit.d.ts +29 -0
- package/dist/logging/types/audit.js +2 -0
- package/dist/logging/types/index.d.ts +2 -0
- package/dist/logging/types/index.js +19 -0
- package/dist/middleware/auth-decision.d.ts +33 -0
- package/dist/middleware/auth-decision.js +65 -0
- package/dist/middleware/create-middleware.d.ts +102 -0
- package/dist/middleware/create-middleware.js +469 -0
- package/dist/middleware/rbac-check.d.ts +51 -0
- package/dist/middleware/rbac-check.js +219 -0
- package/dist/middleware/twofa-presets.d.ts +134 -0
- package/dist/middleware/twofa-presets.js +175 -0
- package/dist/models/DecodedAccessToken.d.ts +17 -0
- package/dist/models/DecodedAccessToken.js +2 -0
- package/dist/models/SessionModel.d.ts +122 -0
- package/dist/models/SessionModel.js +136 -0
- package/dist/pages/admin-login/page.d.ts +31 -0
- package/dist/pages/admin-login/page.js +73 -0
- package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.d.ts +18 -0
- package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.js +276 -0
- package/dist/pages/admin-page-permissions/index.d.ts +6 -0
- package/dist/pages/admin-page-permissions/index.js +13 -0
- package/dist/pages/admin-roles/RolesAdminPage.d.ts +16 -0
- package/dist/pages/admin-roles/RolesAdminPage.js +261 -0
- package/dist/pages/admin-roles/index.d.ts +8 -0
- package/dist/pages/admin-roles/index.js +15 -0
- package/dist/pages/admin-roles/modals.d.ts +72 -0
- package/dist/pages/admin-roles/modals.js +154 -0
- package/dist/pages/client-admin/ClientSiteAdminPage.d.ts +79 -0
- package/dist/pages/client-admin/ClientSiteAdminPage.js +179 -0
- package/dist/pages/client-admin/index.d.ts +32 -0
- package/dist/pages/client-admin/index.js +37 -0
- package/dist/pages/coming-soon/page.d.ts +8 -0
- package/dist/pages/coming-soon/page.js +28 -0
- package/dist/pages/login/page.d.ts +22 -0
- package/dist/pages/login/page.js +230 -0
- package/dist/pages/profile/EnhancedProfilePage.d.ts +13 -0
- package/dist/pages/profile/EnhancedProfilePage.js +150 -0
- package/dist/pages/profile/index.d.ts +8 -0
- package/dist/pages/profile/index.js +16 -0
- package/dist/pages/profile/page.d.ts +19 -0
- package/dist/pages/profile/page.js +47 -0
- package/dist/pages/recovery/page.d.ts +1 -0
- package/dist/pages/recovery/page.js +142 -0
- package/dist/pages/roles/MyRolesPage.d.ts +24 -0
- package/dist/pages/roles/MyRolesPage.js +71 -0
- package/dist/pages/roles/components.d.ts +63 -0
- package/dist/pages/roles/components.js +108 -0
- package/dist/pages/roles/index.d.ts +8 -0
- package/dist/pages/roles/index.js +19 -0
- package/dist/pages/security/EnhancedSecurityPage.d.ts +14 -0
- package/dist/pages/security/EnhancedSecurityPage.js +248 -0
- package/dist/pages/security/index.d.ts +8 -0
- package/dist/pages/security/index.js +16 -0
- package/dist/pages/security/page.d.ts +21 -0
- package/dist/pages/security/page.js +212 -0
- package/dist/pages/settings/EnhancedSettingsPage.d.ts +46 -0
- package/dist/pages/settings/EnhancedSettingsPage.js +231 -0
- package/dist/pages/settings/index.d.ts +8 -0
- package/dist/pages/settings/index.js +16 -0
- package/dist/pages/settings/page.d.ts +7 -0
- package/dist/pages/settings/page.js +26 -0
- package/dist/pages/showcase/ShowcasePage.d.ts +13 -0
- package/dist/pages/showcase/ShowcasePage.js +142 -0
- package/dist/pages/showcase/index.d.ts +12 -0
- package/dist/pages/showcase/index.js +17 -0
- package/dist/pages/test-env/EmergencyLogoutPage.d.ts +14 -0
- package/dist/pages/test-env/EmergencyLogoutPage.js +99 -0
- package/dist/pages/test-env/JwtInspectPage.d.ts +14 -0
- package/dist/pages/test-env/JwtInspectPage.js +116 -0
- package/dist/pages/test-env/RefreshTokenPage.d.ts +15 -0
- package/dist/pages/test-env/RefreshTokenPage.js +93 -0
- package/dist/pages/test-env/TestEnvPage.d.ts +13 -0
- package/dist/pages/test-env/TestEnvPage.js +51 -0
- package/dist/pages/test-env/index.d.ts +24 -0
- package/dist/pages/test-env/index.js +32 -0
- package/dist/pages/verify-code/page.d.ts +30 -0
- package/dist/pages/verify-code/page.js +412 -0
- package/dist/routes/account/index.d.ts +28 -0
- package/dist/routes/account/index.js +71 -0
- package/dist/routes/account/masked-info.d.ts +33 -0
- package/dist/routes/account/masked-info.js +39 -0
- package/dist/routes/account/send-code.d.ts +37 -0
- package/dist/routes/account/send-code.js +42 -0
- package/dist/routes/account/update-phone.d.ts +13 -0
- package/dist/routes/account/update-phone.js +17 -0
- package/dist/routes/account/verify-email.d.ts +38 -0
- package/dist/routes/account/verify-email.js +43 -0
- package/dist/routes/account/verify-sms.d.ts +38 -0
- package/dist/routes/account/verify-sms.js +43 -0
- package/dist/routes/auth/index.d.ts +19 -0
- package/dist/routes/auth/index.js +64 -0
- package/dist/routes/auth/logout.d.ts +31 -0
- package/dist/routes/auth/logout.js +98 -0
- package/dist/routes/auth/nextauth.d.ts +22 -0
- package/dist/routes/auth/nextauth.js +40 -0
- package/dist/routes/auth/refresh.d.ts +30 -0
- package/dist/routes/auth/refresh.js +51 -0
- package/dist/routes/auth/session.d.ts +43 -0
- package/dist/routes/auth/session.js +157 -0
- package/dist/routes/auth/settings.d.ts +25 -0
- package/dist/routes/auth/settings.js +55 -0
- package/dist/routes/auth/viability.d.ts +52 -0
- package/dist/routes/auth/viability.js +190 -0
- package/dist/routes/index.d.ts +12 -0
- package/dist/routes/index.js +54 -0
- package/dist/routes/session/index.d.ts +6 -0
- package/dist/routes/session/index.js +10 -0
- package/dist/routes/session/refresh-viability.d.ts +16 -0
- package/dist/routes/session/refresh-viability.js +20 -0
- package/dist/server/auth-guard.d.ts +46 -0
- package/dist/server/auth-guard.js +128 -0
- package/dist/server/auth.d.ts +50 -0
- package/dist/server/auth.js +62 -0
- package/dist/server/decode-session.d.ts +30 -0
- package/dist/server/decode-session.js +78 -0
- package/dist/server/slim-middleware.d.ts +23 -0
- package/dist/server/slim-middleware.js +89 -0
- package/dist/server/with-auth.d.ts +33 -0
- package/dist/server/with-auth.js +59 -0
- package/dist/services/signalrActivityService.d.ts +44 -0
- package/dist/services/signalrActivityService.js +257 -0
- package/dist/stores/authStore.d.ts +154 -0
- package/dist/stores/authStore.js +1527 -0
- package/dist/theme/ThemeProvider.d.ts +14 -0
- package/dist/theme/ThemeProvider.js +28 -0
- package/dist/theme/default.d.ts +8 -0
- package/dist/theme/default.js +33 -0
- package/dist/theme/index.d.ts +15 -0
- package/dist/theme/index.js +25 -0
- package/dist/theme/types.d.ts +56 -0
- package/dist/theme/types.js +8 -0
- package/dist/theme/useTheme.d.ts +60 -0
- package/dist/theme/useTheme.js +63 -0
- package/dist/theme/utils.d.ts +13 -0
- package/dist/theme/utils.js +39 -0
- package/dist/types/api.d.ts +134 -0
- package/dist/types/api.js +44 -0
- package/dist/types/auth.d.ts +19 -0
- package/dist/types/auth.js +2 -0
- package/dist/types/logging.d.ts +42 -0
- package/dist/types/logging.js +2 -0
- package/dist/types/recovery.d.ts +48 -0
- package/dist/types/recovery.js +2 -0
- package/dist/types/security.d.ts +1 -0
- package/dist/types/security.js +2 -0
- package/dist/utils/api.d.ts +85 -0
- package/dist/utils/api.js +287 -0
- package/dist/utils/circuitBreaker.d.ts +43 -0
- package/dist/utils/circuitBreaker.js +91 -0
- package/dist/utils/error-message.d.ts +1 -0
- package/dist/utils/error-message.js +103 -0
- package/dist/utils/layout/reservedSpace.d.ts +59 -0
- package/dist/utils/layout/reservedSpace.js +102 -0
- package/dist/utils/logout.d.ts +14 -0
- package/dist/utils/logout.js +32 -0
- package/dist/vibe/client.d.ts +261 -0
- package/dist/vibe/client.js +445 -0
- package/dist/vibe/enterprise-auth.d.ts +106 -0
- package/dist/vibe/enterprise-auth.js +173 -0
- package/dist/vibe/errors.d.ts +83 -0
- package/dist/vibe/errors.js +146 -0
- package/dist/vibe/generic.d.ts +234 -0
- package/dist/vibe/generic.js +369 -0
- package/dist/vibe/hooks/index.d.ts +169 -0
- package/dist/vibe/hooks/index.js +252 -0
- package/dist/vibe/index.d.ts +25 -0
- package/dist/vibe/index.js +72 -0
- package/dist/vibe/sessions.d.ts +161 -0
- package/dist/vibe/sessions.js +391 -0
- package/dist/vibe/types.d.ts +353 -0
- package/dist/vibe/types.js +315 -0
- package/package.json +1 -1
- package/src/auth/better-auth.ts +2 -2
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Authentication Signout API Handler
|
|
3
|
+
*
|
|
4
|
+
* Handles user session termination and cookie cleanup.
|
|
5
|
+
* This handler is designed to be imported and used by Next.js applications
|
|
6
|
+
* using the @payez/next-mvp package.
|
|
7
|
+
*
|
|
8
|
+
* @version 2.0
|
|
9
|
+
* @requires No authentication (public endpoint)
|
|
10
|
+
*/
|
|
11
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
12
|
+
interface SignoutConfig {
|
|
13
|
+
nextAuthSecret: string;
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* Creates a signout handler for Next.js API routes
|
|
17
|
+
*
|
|
18
|
+
* @param config Configuration for NextAuth
|
|
19
|
+
* @returns Next.js POST handler function
|
|
20
|
+
*
|
|
21
|
+
* @example
|
|
22
|
+
* ```typescript
|
|
23
|
+
* // In your app's /app/api/auth/signout/route.ts
|
|
24
|
+
* import { createSignoutHandler } from '@payez/next-mvp/api-handlers/auth/signout';
|
|
25
|
+
*
|
|
26
|
+
* export const POST = createSignoutHandler({
|
|
27
|
+
* nextAuthSecret: process.env.NEXTAUTH_SECRET!
|
|
28
|
+
* });
|
|
29
|
+
* ```
|
|
30
|
+
*/
|
|
31
|
+
export declare function createSignoutHandler(config: SignoutConfig): (req: NextRequest) => Promise<NextResponse<unknown>>;
|
|
32
|
+
/**
|
|
33
|
+
* Default export for backward compatibility
|
|
34
|
+
* Requires environment variable: NEXTAUTH_SECRET
|
|
35
|
+
*/
|
|
36
|
+
export declare const POST: (req: NextRequest) => Promise<NextResponse<unknown>>;
|
|
37
|
+
export {};
|
|
@@ -0,0 +1,186 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Authentication Signout API Handler
|
|
4
|
+
*
|
|
5
|
+
* Handles user session termination and cookie cleanup.
|
|
6
|
+
* This handler is designed to be imported and used by Next.js applications
|
|
7
|
+
* using the @payez/next-mvp package.
|
|
8
|
+
*
|
|
9
|
+
* @version 2.0
|
|
10
|
+
* @requires No authentication (public endpoint)
|
|
11
|
+
*/
|
|
12
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
13
|
+
exports.POST = void 0;
|
|
14
|
+
exports.createSignoutHandler = createSignoutHandler;
|
|
15
|
+
const server_1 = require("next/server");
|
|
16
|
+
const headers_1 = require("next/headers");
|
|
17
|
+
const session_store_1 = require("../../lib/session-store");
|
|
18
|
+
const auth_1 = require("../../server/auth");
|
|
19
|
+
const app_slug_1 = require("../../lib/app-slug");
|
|
20
|
+
// JWT decode helper - simple base64 decode without verification
|
|
21
|
+
function jwtDecode(token) {
|
|
22
|
+
try {
|
|
23
|
+
const parts = token.split('.');
|
|
24
|
+
if (parts.length !== 3)
|
|
25
|
+
return null;
|
|
26
|
+
const payload = parts[1];
|
|
27
|
+
const decoded = Buffer.from(payload, 'base64').toString('utf-8');
|
|
28
|
+
return JSON.parse(decoded);
|
|
29
|
+
}
|
|
30
|
+
catch (e) {
|
|
31
|
+
return null;
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
// Add protection headers to all responses
|
|
35
|
+
function addSecurityHeaders(response) {
|
|
36
|
+
response.headers.set('Content-Security-Policy', "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';");
|
|
37
|
+
response.headers.set('X-Frame-Options', 'DENY');
|
|
38
|
+
response.headers.set('X-Content-Type-Options', 'nosniff');
|
|
39
|
+
response.headers.set('X-XSS-Protection', '1; mode=block');
|
|
40
|
+
response.headers.set('Strict-Transport-Security', 'max-age=31536000; includeSubDomains; preload');
|
|
41
|
+
response.headers.set('Referrer-Policy', 'strict-origin-when-cross-origin');
|
|
42
|
+
response.headers.set('Permissions-Policy', 'geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=()');
|
|
43
|
+
response.headers.set('Cache-Control', 'no-store, no-cache, must-revalidate, proxy-revalidate');
|
|
44
|
+
response.headers.set('Pragma', 'no-cache');
|
|
45
|
+
response.headers.set('Expires', '0');
|
|
46
|
+
return response;
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* Creates a signout handler for Next.js API routes
|
|
50
|
+
*
|
|
51
|
+
* @param config Configuration for NextAuth
|
|
52
|
+
* @returns Next.js POST handler function
|
|
53
|
+
*
|
|
54
|
+
* @example
|
|
55
|
+
* ```typescript
|
|
56
|
+
* // In your app's /app/api/auth/signout/route.ts
|
|
57
|
+
* import { createSignoutHandler } from '@payez/next-mvp/api-handlers/auth/signout';
|
|
58
|
+
*
|
|
59
|
+
* export const POST = createSignoutHandler({
|
|
60
|
+
* nextAuthSecret: process.env.NEXTAUTH_SECRET!
|
|
61
|
+
* });
|
|
62
|
+
* ```
|
|
63
|
+
*/
|
|
64
|
+
function createSignoutHandler(config) {
|
|
65
|
+
const { nextAuthSecret } = config;
|
|
66
|
+
return async function POST(req) {
|
|
67
|
+
const cookieStore = await (0, headers_1.cookies)();
|
|
68
|
+
// Get app-slug prefixed cookie names
|
|
69
|
+
const sessionCookieName = (0, app_slug_1.getSessionCookieName)();
|
|
70
|
+
const secureSessionCookieName = (0, app_slug_1.getSecureSessionCookieName)();
|
|
71
|
+
// Handle chunked session tokens (for large JWTs)
|
|
72
|
+
let sessionToken;
|
|
73
|
+
const sessionTokenCookie = cookieStore.get(sessionCookieName);
|
|
74
|
+
if (sessionTokenCookie?.value) {
|
|
75
|
+
// Single cookie case
|
|
76
|
+
sessionToken = sessionTokenCookie.value;
|
|
77
|
+
}
|
|
78
|
+
else {
|
|
79
|
+
// Chunked cookie case - reconstruct from parts
|
|
80
|
+
const chunkCookies = cookieStore.getAll()
|
|
81
|
+
.filter(cookie => cookie.name.startsWith(`${sessionCookieName}.`))
|
|
82
|
+
.sort((a, b) => {
|
|
83
|
+
const aIndex = parseInt(a.name.split('.').pop() || '0');
|
|
84
|
+
const bIndex = parseInt(b.name.split('.').pop() || '0');
|
|
85
|
+
return aIndex - bIndex;
|
|
86
|
+
});
|
|
87
|
+
if (chunkCookies.length > 0) {
|
|
88
|
+
sessionToken = chunkCookies.map(cookie => cookie.value).join('');
|
|
89
|
+
}
|
|
90
|
+
}
|
|
91
|
+
// Get chunk cookies for cleanup count
|
|
92
|
+
const chunkCookies = cookieStore.getAll()
|
|
93
|
+
.filter(cookie => cookie.name.startsWith(`${sessionCookieName}.`));
|
|
94
|
+
// Decode NextAuth JWT to extract the Redis session UUID before deletion
|
|
95
|
+
let redisSessionToken = null;
|
|
96
|
+
// First attempt: Better Auth getSession
|
|
97
|
+
try {
|
|
98
|
+
const betterAuthSession = await (0, auth_1.getSession)(req);
|
|
99
|
+
redisSessionToken = betterAuthSession?.session?.token || null;
|
|
100
|
+
}
|
|
101
|
+
catch (e) {
|
|
102
|
+
console.warn('[SIGNOUT] getSession() failed to extract session token (will try manual decode)');
|
|
103
|
+
}
|
|
104
|
+
// Second attempt: manual decode of the session cookie JWT (no verification)
|
|
105
|
+
if (!redisSessionToken && (sessionToken || cookieStore.getAll().some(c => c.name.startsWith(`${sessionCookieName}.`)))) {
|
|
106
|
+
try {
|
|
107
|
+
// Reconstruct raw JWT from chunked cookies if necessary
|
|
108
|
+
let rawJwt = null;
|
|
109
|
+
const direct = cookieStore.get(sessionCookieName);
|
|
110
|
+
if (direct?.value) {
|
|
111
|
+
rawJwt = direct.value;
|
|
112
|
+
}
|
|
113
|
+
else {
|
|
114
|
+
const chunks = cookieStore.getAll()
|
|
115
|
+
.filter(c => c.name.startsWith(`${sessionCookieName}.`))
|
|
116
|
+
.sort((a, b) => {
|
|
117
|
+
const ai = parseInt(a.name.split('.').pop() || '0');
|
|
118
|
+
const bi = parseInt(b.name.split('.').pop() || '0');
|
|
119
|
+
return ai - bi;
|
|
120
|
+
})
|
|
121
|
+
.map(c => c.value);
|
|
122
|
+
if (chunks.length > 0)
|
|
123
|
+
rawJwt = chunks.join('');
|
|
124
|
+
}
|
|
125
|
+
if (rawJwt) {
|
|
126
|
+
const decoded = jwtDecode(rawJwt);
|
|
127
|
+
if (decoded && typeof decoded === 'object' && typeof decoded.sessionToken === 'string') {
|
|
128
|
+
redisSessionToken = decoded.sessionToken;
|
|
129
|
+
}
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
catch (e) {
|
|
133
|
+
console.warn('[SIGNOUT] Manual JWT decode failed to extract session token');
|
|
134
|
+
}
|
|
135
|
+
}
|
|
136
|
+
// Delete Redis session if UUID was extracted
|
|
137
|
+
if (redisSessionToken) {
|
|
138
|
+
try {
|
|
139
|
+
await (0, session_store_1.deleteSession)(redisSessionToken);
|
|
140
|
+
console.info('[SIGNOUT] Redis session cleanup successful', {
|
|
141
|
+
sessionToken: redisSessionToken.substring(0, 8) + '...'
|
|
142
|
+
});
|
|
143
|
+
}
|
|
144
|
+
catch (sessionError) {
|
|
145
|
+
// Log error but don't fail the signout process
|
|
146
|
+
console.error('[SIGNOUT] Redis session cleanup failed', { error: sessionError });
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
else {
|
|
150
|
+
console.warn('[SIGNOUT] No Redis session token (UUID) extracted from cookie; skipping Redis deletion');
|
|
151
|
+
}
|
|
152
|
+
// Build response
|
|
153
|
+
const responseData = {
|
|
154
|
+
success: true,
|
|
155
|
+
message: sessionToken ? 'Session deleted successfully' : 'No active session found',
|
|
156
|
+
sessionDeleted: !!sessionToken,
|
|
157
|
+
chunkCookiesDeleted: chunkCookies.length
|
|
158
|
+
};
|
|
159
|
+
const response = server_1.NextResponse.json(responseData);
|
|
160
|
+
// Always clear cookies, regardless of success/failure (using app-slug prefixed names)
|
|
161
|
+
try {
|
|
162
|
+
response.cookies.delete(sessionCookieName);
|
|
163
|
+
response.cookies.delete(secureSessionCookieName);
|
|
164
|
+
response.cookies.delete((0, app_slug_1.getCsrfCookieName)());
|
|
165
|
+
response.cookies.delete((0, app_slug_1.getSecureCsrfCookieName)());
|
|
166
|
+
response.cookies.delete((0, app_slug_1.getCallbackUrlCookieName)());
|
|
167
|
+
response.cookies.delete(`__Secure-${(0, app_slug_1.getCallbackUrlCookieName)()}`);
|
|
168
|
+
response.cookies.delete('twoFactorSessionVerified');
|
|
169
|
+
// Delete chunked session cookies
|
|
170
|
+
chunkCookies.forEach(cookie => {
|
|
171
|
+
response.cookies.delete(cookie.name);
|
|
172
|
+
});
|
|
173
|
+
}
|
|
174
|
+
catch (cookieError) {
|
|
175
|
+
console.error('[SIGNOUT] Cookie cleanup failed:', cookieError);
|
|
176
|
+
}
|
|
177
|
+
return addSecurityHeaders(response);
|
|
178
|
+
};
|
|
179
|
+
}
|
|
180
|
+
/**
|
|
181
|
+
* Default export for backward compatibility
|
|
182
|
+
* Requires environment variable: NEXTAUTH_SECRET
|
|
183
|
+
*/
|
|
184
|
+
exports.POST = createSignoutHandler({
|
|
185
|
+
nextAuthSecret: process.env.NEXTAUTH_SECRET || ''
|
|
186
|
+
});
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.GET = GET;
|
|
4
|
+
const server_1 = require("next/server");
|
|
5
|
+
const auth_1 = require("../../server/auth");
|
|
6
|
+
const session_store_1 = require("../../lib/session-store");
|
|
7
|
+
async function GET(req) {
|
|
8
|
+
try {
|
|
9
|
+
const betterAuthSession = await (0, auth_1.getSession)(req);
|
|
10
|
+
const sessionToken = betterAuthSession?.session?.token;
|
|
11
|
+
if (!sessionToken) {
|
|
12
|
+
return server_1.NextResponse.json({ success: false, error: 'No session token' }, { status: 401 });
|
|
13
|
+
}
|
|
14
|
+
const sessionModel = await (0, session_store_1.getSession)(sessionToken);
|
|
15
|
+
if (!sessionModel) {
|
|
16
|
+
return server_1.NextResponse.json({ success: false, error: 'Session missing in Redis' }, { status: 401 });
|
|
17
|
+
}
|
|
18
|
+
return server_1.NextResponse.json({ success: true, userId: betterAuthSession?.user?.id || sessionModel.userId || null });
|
|
19
|
+
}
|
|
20
|
+
catch (err) {
|
|
21
|
+
return server_1.NextResponse.json({ success: false, error: err instanceof Error ? err.message : 'Unknown error' }, { status: 500 });
|
|
22
|
+
}
|
|
23
|
+
}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Authentication Update Session API Handler
|
|
3
|
+
*
|
|
4
|
+
* Handles session updates, particularly for 2FA status changes.
|
|
5
|
+
* This handler is designed to be imported and used by Next.js applications
|
|
6
|
+
* using the @payez/next-mvp package.
|
|
7
|
+
*
|
|
8
|
+
* @version 2.0
|
|
9
|
+
* @requires Authentication (authenticated endpoint)
|
|
10
|
+
*/
|
|
11
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
12
|
+
interface UpdateSessionConfig {
|
|
13
|
+
nextAuthSecret?: string;
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* Creates an update-session handler for Next.js API routes
|
|
17
|
+
*
|
|
18
|
+
* @param config Configuration for NextAuth
|
|
19
|
+
* @returns Next.js POST handler function
|
|
20
|
+
*
|
|
21
|
+
* @example
|
|
22
|
+
* ```typescript
|
|
23
|
+
* // In your app's /app/api/auth/update-session/route.ts
|
|
24
|
+
* import { createUpdateSessionHandler } from '@payez/next-mvp/api-handlers/auth/update-session';
|
|
25
|
+
*
|
|
26
|
+
* export const POST = createUpdateSessionHandler({
|
|
27
|
+
* nextAuthSecret: process.env.NEXTAUTH_SECRET!
|
|
28
|
+
* });
|
|
29
|
+
* ```
|
|
30
|
+
*/
|
|
31
|
+
export declare function createUpdateSessionHandler(config: UpdateSessionConfig): (req: NextRequest) => Promise<NextResponse<unknown>>;
|
|
32
|
+
/**
|
|
33
|
+
* Default export for backward compatibility
|
|
34
|
+
* Requires environment variable: NEXTAUTH_SECRET
|
|
35
|
+
*/
|
|
36
|
+
export declare const POST: (req: NextRequest) => Promise<NextResponse<unknown>>;
|
|
37
|
+
export {};
|
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Authentication Update Session API Handler
|
|
4
|
+
*
|
|
5
|
+
* Handles session updates, particularly for 2FA status changes.
|
|
6
|
+
* This handler is designed to be imported and used by Next.js applications
|
|
7
|
+
* using the @payez/next-mvp package.
|
|
8
|
+
*
|
|
9
|
+
* @version 2.0
|
|
10
|
+
* @requires Authentication (authenticated endpoint)
|
|
11
|
+
*/
|
|
12
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
13
|
+
exports.POST = void 0;
|
|
14
|
+
exports.createUpdateSessionHandler = createUpdateSessionHandler;
|
|
15
|
+
const server_1 = require("next/server");
|
|
16
|
+
const auth_1 = require("../../server/auth");
|
|
17
|
+
// Add protection headers to all responses
|
|
18
|
+
function addSecurityHeaders(response) {
|
|
19
|
+
response.headers.set('Content-Security-Policy', "default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';");
|
|
20
|
+
response.headers.set('X-Frame-Options', 'DENY');
|
|
21
|
+
response.headers.set('X-Content-Type-Options', 'nosniff');
|
|
22
|
+
response.headers.set('X-XSS-Protection', '1; mode=block');
|
|
23
|
+
response.headers.set('Strict-Transport-Security', 'max-age=31536000; includeSubDomains; preload');
|
|
24
|
+
response.headers.set('Referrer-Policy', 'strict-origin-when-cross-origin');
|
|
25
|
+
response.headers.set('Permissions-Policy', 'geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=()');
|
|
26
|
+
response.headers.set('Cache-Control', 'no-store, no-cache, must-revalidate, proxy-revalidate');
|
|
27
|
+
response.headers.set('Pragma', 'no-cache');
|
|
28
|
+
response.headers.set('Expires', '0');
|
|
29
|
+
return response;
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* Creates an update-session handler for Next.js API routes
|
|
33
|
+
*
|
|
34
|
+
* @param config Configuration for NextAuth
|
|
35
|
+
* @returns Next.js POST handler function
|
|
36
|
+
*
|
|
37
|
+
* @example
|
|
38
|
+
* ```typescript
|
|
39
|
+
* // In your app's /app/api/auth/update-session/route.ts
|
|
40
|
+
* import { createUpdateSessionHandler } from '@payez/next-mvp/api-handlers/auth/update-session';
|
|
41
|
+
*
|
|
42
|
+
* export const POST = createUpdateSessionHandler({
|
|
43
|
+
* nextAuthSecret: process.env.NEXTAUTH_SECRET!
|
|
44
|
+
* });
|
|
45
|
+
* ```
|
|
46
|
+
*/
|
|
47
|
+
function createUpdateSessionHandler(config) {
|
|
48
|
+
const { nextAuthSecret } = config;
|
|
49
|
+
return async function POST(req) {
|
|
50
|
+
try {
|
|
51
|
+
let body;
|
|
52
|
+
try {
|
|
53
|
+
body = await req.json();
|
|
54
|
+
}
|
|
55
|
+
catch (parseError) {
|
|
56
|
+
return addSecurityHeaders(server_1.NextResponse.json({ error: 'Invalid JSON format' }, { status: 400 }));
|
|
57
|
+
}
|
|
58
|
+
const { twoFactorSessionVerified, twoFactorMethod } = body;
|
|
59
|
+
// Get the current session from Better Auth
|
|
60
|
+
const session = await (0, auth_1.getSession)(req);
|
|
61
|
+
if (!session) {
|
|
62
|
+
return addSecurityHeaders(server_1.NextResponse.json({ error: 'No session token available' }, { status: 401 }));
|
|
63
|
+
}
|
|
64
|
+
// Update the session with 2FA challenge completion status
|
|
65
|
+
const updatedSession = {
|
|
66
|
+
twoFactorSessionVerified: !!twoFactorSessionVerified,
|
|
67
|
+
twoFactorMethod: twoFactorMethod || session.twoFactorMethod
|
|
68
|
+
};
|
|
69
|
+
console.info('[UPDATE-SESSION] Session updated successfully', {
|
|
70
|
+
userId: session.user?.id,
|
|
71
|
+
twoFactorSessionVerified: updatedSession.twoFactorSessionVerified,
|
|
72
|
+
twoFactorMethod: updatedSession.twoFactorMethod
|
|
73
|
+
});
|
|
74
|
+
const responseData = {
|
|
75
|
+
success: true,
|
|
76
|
+
twoFactorSessionVerified: updatedSession.twoFactorSessionVerified,
|
|
77
|
+
twoFactorMethod: updatedSession.twoFactorMethod
|
|
78
|
+
};
|
|
79
|
+
return addSecurityHeaders(server_1.NextResponse.json(responseData));
|
|
80
|
+
}
|
|
81
|
+
catch (error) {
|
|
82
|
+
console.error('[UPDATE-SESSION] Error updating session', { error });
|
|
83
|
+
return addSecurityHeaders(server_1.NextResponse.json({ error: 'Failed to update session' }, { status: 500 }));
|
|
84
|
+
}
|
|
85
|
+
};
|
|
86
|
+
}
|
|
87
|
+
/**
|
|
88
|
+
* Default export for backward compatibility
|
|
89
|
+
* Requires environment variable: NEXTAUTH_SECRET
|
|
90
|
+
*/
|
|
91
|
+
exports.POST = createUpdateSessionHandler({
|
|
92
|
+
nextAuthSecret: process.env.NEXTAUTH_SECRET || ''
|
|
93
|
+
});
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
+
/**
|
|
3
|
+
* Validates current access token with the IDP and returns normalized info.
|
|
4
|
+
* Sources access token from Authorization header or Redis session via cookie.
|
|
5
|
+
*/
|
|
6
|
+
export declare function GET(req: NextRequest): Promise<NextResponse<any>>;
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.GET = GET;
|
|
4
|
+
const server_1 = require("next/server");
|
|
5
|
+
const idp_fetch_1 = require("../../lib/idp-fetch");
|
|
6
|
+
const env_1 = require("../../config/env");
|
|
7
|
+
const test_aware_get_token_1 = require("../../lib/test-aware-get-token");
|
|
8
|
+
const session_store_1 = require("../../lib/session-store");
|
|
9
|
+
/**
|
|
10
|
+
* Validates current access token with the IDP and returns normalized info.
|
|
11
|
+
* Sources access token from Authorization header or Redis session via cookie.
|
|
12
|
+
*/
|
|
13
|
+
async function GET(req) {
|
|
14
|
+
try {
|
|
15
|
+
// 1) Prefer Authorization header if present
|
|
16
|
+
let bearer = undefined;
|
|
17
|
+
const authHeader = req.headers.get('authorization') || req.headers.get('Authorization');
|
|
18
|
+
if (authHeader && /^Bearer\s+/i.test(authHeader))
|
|
19
|
+
bearer = authHeader.replace(/^Bearer\s+/i, '').trim();
|
|
20
|
+
// 2) If not, resolve from session
|
|
21
|
+
if (!bearer) {
|
|
22
|
+
const tok = await (0, test_aware_get_token_1.getTokenTestAware)(req);
|
|
23
|
+
const sessionToken = tok?.sessionToken;
|
|
24
|
+
if (sessionToken) {
|
|
25
|
+
const sess = await (0, session_store_1.getSession)(sessionToken);
|
|
26
|
+
bearer = sess?.accessToken;
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
if (!bearer) {
|
|
30
|
+
return server_1.NextResponse.json({ success: false, error: { code: 'UNAUTHORIZED', message: 'No access token available' } }, { status: 401 });
|
|
31
|
+
}
|
|
32
|
+
const url = `${env_1.ENV_CONFIG.IDP_URL}${env_1.API_ENDPOINTS.externalAuth.validate}`;
|
|
33
|
+
const result = await (0, idp_fetch_1.idpFetchJSON)(req, url, { method: 'GET', headers: { Authorization: `Bearer ${bearer}` } });
|
|
34
|
+
if (!result.ok) {
|
|
35
|
+
return server_1.NextResponse.json({ success: false, error: { code: 'UPSTREAM_SERVICE_ERROR', status: result.status }, data: result.json }, { status: result.status });
|
|
36
|
+
}
|
|
37
|
+
// Passthrough normalized
|
|
38
|
+
return server_1.NextResponse.json(result.json ?? { success: true }, { status: 200 });
|
|
39
|
+
}
|
|
40
|
+
catch (e) {
|
|
41
|
+
return server_1.NextResponse.json({ success: false, error: { code: 'INTERNAL_SERVER_ERROR', message: e?.message || 'validate error' } }, { status: 500 });
|
|
42
|
+
}
|
|
43
|
+
}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Authentication Verify Code / Complete 2FA API Handler
|
|
3
|
+
*
|
|
4
|
+
* Handles 2FA verification and token updates after successful verification.
|
|
5
|
+
* This handler is designed to be imported and used by Next.js applications
|
|
6
|
+
* using the @payez/next-mvp package.
|
|
7
|
+
*
|
|
8
|
+
* @version 2.0
|
|
9
|
+
* @requires Authentication (authenticated endpoint)
|
|
10
|
+
*/
|
|
11
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
12
|
+
interface VerifyCodeConfig {
|
|
13
|
+
nextAuthSecret?: string;
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* Creates a verify-code/complete-2FA handler for Next.js API routes
|
|
17
|
+
*
|
|
18
|
+
* @param config Configuration for NextAuth
|
|
19
|
+
* @returns Next.js POST handler function
|
|
20
|
+
*
|
|
21
|
+
* @example
|
|
22
|
+
* ```typescript
|
|
23
|
+
* // In your app's /app/api/auth/verify-code/route.ts
|
|
24
|
+
* import { createVerifyCodeHandler } from '@payez/next-mvp/api-handlers/auth/verify-code';
|
|
25
|
+
*
|
|
26
|
+
* export const POST = createVerifyCodeHandler({
|
|
27
|
+
* nextAuthSecret: process.env.NEXTAUTH_SECRET!
|
|
28
|
+
* });
|
|
29
|
+
* ```
|
|
30
|
+
*/
|
|
31
|
+
export declare function createVerifyCodeHandler(config: VerifyCodeConfig): (req: NextRequest) => Promise<NextResponse<{
|
|
32
|
+
success: boolean;
|
|
33
|
+
message: string;
|
|
34
|
+
}>>;
|
|
35
|
+
/**
|
|
36
|
+
* Default export for backward compatibility
|
|
37
|
+
* Requires environment variable: NEXTAUTH_SECRET
|
|
38
|
+
*/
|
|
39
|
+
export declare const POST: (req: NextRequest) => Promise<NextResponse<{
|
|
40
|
+
success: boolean;
|
|
41
|
+
message: string;
|
|
42
|
+
}>>;
|
|
43
|
+
export {};
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Authentication Verify Code / Complete 2FA API Handler
|
|
4
|
+
*
|
|
5
|
+
* Handles 2FA verification and token updates after successful verification.
|
|
6
|
+
* This handler is designed to be imported and used by Next.js applications
|
|
7
|
+
* using the @payez/next-mvp package.
|
|
8
|
+
*
|
|
9
|
+
* @version 2.0
|
|
10
|
+
* @requires Authentication (authenticated endpoint)
|
|
11
|
+
*/
|
|
12
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
13
|
+
exports.POST = void 0;
|
|
14
|
+
exports.createVerifyCodeHandler = createVerifyCodeHandler;
|
|
15
|
+
const server_1 = require("next/server");
|
|
16
|
+
const auth_1 = require("../../server/auth");
|
|
17
|
+
const session_store_1 = require("../../lib/session-store");
|
|
18
|
+
/**
|
|
19
|
+
* Creates a verify-code/complete-2FA handler for Next.js API routes
|
|
20
|
+
*
|
|
21
|
+
* @param config Configuration for NextAuth
|
|
22
|
+
* @returns Next.js POST handler function
|
|
23
|
+
*
|
|
24
|
+
* @example
|
|
25
|
+
* ```typescript
|
|
26
|
+
* // In your app's /app/api/auth/verify-code/route.ts
|
|
27
|
+
* import { createVerifyCodeHandler } from '@payez/next-mvp/api-handlers/auth/verify-code';
|
|
28
|
+
*
|
|
29
|
+
* export const POST = createVerifyCodeHandler({
|
|
30
|
+
* nextAuthSecret: process.env.NEXTAUTH_SECRET!
|
|
31
|
+
* });
|
|
32
|
+
* ```
|
|
33
|
+
*/
|
|
34
|
+
function createVerifyCodeHandler(config) {
|
|
35
|
+
const { nextAuthSecret } = config;
|
|
36
|
+
return async function POST(req) {
|
|
37
|
+
try {
|
|
38
|
+
let body;
|
|
39
|
+
try {
|
|
40
|
+
body = await req.json();
|
|
41
|
+
}
|
|
42
|
+
catch (parseError) {
|
|
43
|
+
return server_1.NextResponse.json({ success: false, message: 'Invalid JSON format' }, { status: 400 });
|
|
44
|
+
}
|
|
45
|
+
const { accessToken, refreshToken, accessTokenExpires, refreshTokenExpires } = body;
|
|
46
|
+
// Get current session from Better Auth
|
|
47
|
+
const betterAuthSession = await (0, auth_1.getSession)(req);
|
|
48
|
+
const sessionToken = betterAuthSession?.session?.token;
|
|
49
|
+
if (!sessionToken) {
|
|
50
|
+
console.error('[VERIFY-CODE] No session token found', {
|
|
51
|
+
hasSession: !!betterAuthSession,
|
|
52
|
+
});
|
|
53
|
+
return server_1.NextResponse.json({ success: false, message: 'No session found' }, { status: 401 });
|
|
54
|
+
}
|
|
55
|
+
console.info('[VERIFY-CODE] Updating session with new tokens after 2FA', {
|
|
56
|
+
sessionToken: sessionToken.substring(0, 8) + '...',
|
|
57
|
+
userId: betterAuthSession?.user?.id,
|
|
58
|
+
hasAccessToken: !!accessToken,
|
|
59
|
+
hasRefreshToken: !!refreshToken,
|
|
60
|
+
accessTokenLength: accessToken?.length,
|
|
61
|
+
refreshTokenLength: refreshToken?.length
|
|
62
|
+
});
|
|
63
|
+
// Update tokens in Redis
|
|
64
|
+
await (0, session_store_1.updateTokens)(sessionToken, accessToken, refreshToken, accessTokenExpires, refreshTokenExpires);
|
|
65
|
+
// Mark 2FA as complete
|
|
66
|
+
await (0, session_store_1.mark2FAComplete)(sessionToken);
|
|
67
|
+
console.info('[VERIFY-CODE] 2FA completion successful', {
|
|
68
|
+
sessionToken: sessionToken.substring(0, 8) + '...',
|
|
69
|
+
userId: betterAuthSession?.user?.id
|
|
70
|
+
});
|
|
71
|
+
return server_1.NextResponse.json({
|
|
72
|
+
success: true,
|
|
73
|
+
message: '2FA verification complete'
|
|
74
|
+
});
|
|
75
|
+
}
|
|
76
|
+
catch (error) {
|
|
77
|
+
console.error('[VERIFY-CODE] Failed to complete 2FA', {
|
|
78
|
+
error: error instanceof Error ? error.message : String(error)
|
|
79
|
+
});
|
|
80
|
+
return server_1.NextResponse.json({ success: false, message: 'Failed to complete 2FA' }, { status: 500 });
|
|
81
|
+
}
|
|
82
|
+
};
|
|
83
|
+
}
|
|
84
|
+
/**
|
|
85
|
+
* Default export for backward compatibility
|
|
86
|
+
* Requires environment variable: NEXTAUTH_SECRET
|
|
87
|
+
*/
|
|
88
|
+
exports.POST = createVerifyCodeHandler({
|
|
89
|
+
nextAuthSecret: process.env.NEXTAUTH_SECRET || ''
|
|
90
|
+
});
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
+
export declare function GET(req: NextRequest): Promise<NextResponse<{
|
|
3
|
+
canRefresh: boolean;
|
|
4
|
+
reason: string;
|
|
5
|
+
sessionToken: null;
|
|
6
|
+
}> | NextResponse<{
|
|
7
|
+
canRefresh: boolean;
|
|
8
|
+
reason: string;
|
|
9
|
+
sessionToken: string;
|
|
10
|
+
}> | NextResponse<{
|
|
11
|
+
canRefresh: boolean;
|
|
12
|
+
reason: string;
|
|
13
|
+
error: string;
|
|
14
|
+
}>>;
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.GET = GET;
|
|
4
|
+
const server_1 = require("next/server");
|
|
5
|
+
const session_store_1 = require("../../lib/session-store");
|
|
6
|
+
const refresh_token_validator_1 = require("../../lib/refresh-token-validator");
|
|
7
|
+
const test_aware_get_token_1 = require("../../lib/test-aware-get-token");
|
|
8
|
+
const logger_1 = require("../../config/logger");
|
|
9
|
+
async function GET(req) {
|
|
10
|
+
try {
|
|
11
|
+
const sessionToken = req.nextUrl.searchParams.get('token');
|
|
12
|
+
let finalSessionToken = sessionToken;
|
|
13
|
+
if (!finalSessionToken) {
|
|
14
|
+
const token = await (0, test_aware_get_token_1.getTokenTestAware)(req);
|
|
15
|
+
// Support both field names: sessionToken (auth.ts JWT) and redisSessionId (legacy)
|
|
16
|
+
finalSessionToken = (token?.sessionToken || token?.redisSessionId);
|
|
17
|
+
}
|
|
18
|
+
if (!finalSessionToken) {
|
|
19
|
+
return server_1.NextResponse.json({ canRefresh: false, reason: 'not_logged_in', sessionToken: null }, { status: 200 });
|
|
20
|
+
}
|
|
21
|
+
const refreshInProgress = await (0, session_store_1.isRefreshInProgress)(finalSessionToken);
|
|
22
|
+
if (refreshInProgress) {
|
|
23
|
+
// Still need to get session data for twoFactorComplete even when refresh is in progress
|
|
24
|
+
const sessionData = await (0, session_store_1.getSession)(finalSessionToken);
|
|
25
|
+
logger_1.logger.info('[REFRESH-VIABILITY] Refresh already in progress, telling middleware to wait', { sessionToken: finalSessionToken.substring(0, 8) + '...' });
|
|
26
|
+
return server_1.NextResponse.json({ canRefresh: true, reason: 'refresh_in_progress', refreshInProgress: true, sessionToken: finalSessionToken, twoFactorComplete: sessionData?.mfaVerified ?? sessionData?.twoFactorComplete ?? false }, { status: 200 });
|
|
27
|
+
}
|
|
28
|
+
const sessionData = await (0, session_store_1.getSession)(finalSessionToken);
|
|
29
|
+
if (!sessionData) {
|
|
30
|
+
return server_1.NextResponse.json({ canRefresh: false, reason: 'session_not_found', sessionToken: finalSessionToken }, { status: 200 });
|
|
31
|
+
}
|
|
32
|
+
const viabilityCheck = (0, refresh_token_validator_1.checkRefreshViability)(sessionData);
|
|
33
|
+
return server_1.NextResponse.json({ canRefresh: viabilityCheck.canRefresh, reason: viabilityCheck.reason, timeRemaining: viabilityCheck.timeRemaining, expiresAt: viabilityCheck.expiresAt, accessTokenExpired: viabilityCheck.accessTokenExpired, accessTokenTimeRemaining: viabilityCheck.accessTokenTimeRemaining, sessionToken: finalSessionToken, twoFactorComplete: sessionData.mfaVerified ?? sessionData.twoFactorComplete ?? false, userId: sessionData.userId, refreshInProgress: false });
|
|
34
|
+
}
|
|
35
|
+
catch (error) {
|
|
36
|
+
logger_1.logger.error('[REFRESH-VIABILITY] Error checking refresh viability', { error: error instanceof Error ? error.message : String(error) });
|
|
37
|
+
return server_1.NextResponse.json({ canRefresh: false, reason: 'check_error', error: error instanceof Error ? error.message : String(error) }, { status: 500 });
|
|
38
|
+
}
|
|
39
|
+
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Session Viability Check API Handler for `@payez/next-mvp`
|
|
3
|
+
*
|
|
4
|
+
* This API route is called by the middleware to securely check if a session is valid.
|
|
5
|
+
*/
|
|
6
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
7
|
+
export declare function GET(req: NextRequest): Promise<NextResponse<{
|
|
8
|
+
error: string;
|
|
9
|
+
message: string;
|
|
10
|
+
code: string;
|
|
11
|
+
}> | NextResponse<{
|
|
12
|
+
authenticated: boolean;
|
|
13
|
+
}>>;
|