@payez/next-mvp 4.0.21 → 4.0.23

package/dist/auth/better-auth.js

@@ -217,7 +217,7 @@ async function getBetterAuthInstance() {
     if (cachedInstance)
         return cachedInstance;
     if (!initPromise) {
-        initPromise = (0, idp_client_config_1.getIDPClientConfig)().then(config => {
+        initPromise = (0, idp_client_config_1.getIDPClientConfig)(true).then(config => {
             const instance = createBetterAuthInstance(config);
             exports.__betterAuthInstance = cachedInstance = instance;
             console.log('[BETTER_AUTH] Instance created for', config.clientSlug || config.clientId);

package/dist/client/AuthContext.d.ts

@@ -4,9 +4,8 @@ interface AuthProviderProps {
     children: ReactNode;
     config?: Partial<AuthConfig>;
     /**
-     * If true, providers will be fetched dynamically from NextAuth
+     * If true, providers will be loaded dynamically from IDP config
      * instead of using the static providers array from config.
-     * Defaults to true for dynamic provider loading from IDP.
      */
     useDynamicProviders?: boolean;
 }

package/dist/client/AuthContext.js

@@ -18,7 +18,7 @@ const defaultConfig = {
     enableEmailSignup: true,
     allowPasswordReset: true,
 };
-// Map NextAuth provider IDs to our FederatedProvider type
+// Map provider IDs to our FederatedProvider type
 const PROVIDER_MAP = {
     'google': 'google',
     'apple': 'apple',
@@ -42,7 +42,7 @@ function AuthProvider({ children, config, useDynamicProviders = true }) {
             },
         },
     }));
-    // Fetch dynamic providers from NextAuth on mount
+    // Load available providers on mount
     (0, react_1.useEffect)(() => {
         if (!useDynamicProviders)
             return;

package/dist/client/better-auth-client.d.ts

@@ -956,6 +956,14 @@ export declare const useSession: () => {
     code?: string | undefined;
     message?: string | undefined;
 }, FetchOptions["throw"] extends true ? true : false>>;
+/**
+ * Sign in with a specific OAuth provider via direct redirect.
+ *
+ * better-auth exposes per-provider endpoints at /api/auth/sign-in/{provider}
+ * (e.g. /api/auth/sign-in/google). The generic signIn.social() method POSTs
+ * to /api/auth/sign-in/social which doesn't exist — use this instead.
+ */
+export declare function signInWithProvider(provider: string, callbackURL?: string): void;
 /**
  * NextAuth-compatible useSession wrapper.
  *

package/dist/client/better-auth-client.js

@@ -10,6 +10,7 @@
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.signOut = exports.signIn = exports.useSession = exports.authClient = void 0;
+exports.signInWithProvider = signInWithProvider;
 exports.useSessionCompat = useSessionCompat;
 exports.signOutCompat = signOutCompat;
 const react_1 = require("better-auth/react");
@@ -19,6 +20,20 @@ exports.authClient = (0, react_1.createAuthClient)({
 });
 // Convenience exports
 exports.useSession = exports.authClient.useSession, exports.signIn = exports.authClient.signIn, exports.signOut = exports.authClient.signOut;
+/**
+ * Sign in with a specific OAuth provider via direct redirect.
+ *
+ * better-auth exposes per-provider endpoints at /api/auth/sign-in/{provider}
+ * (e.g. /api/auth/sign-in/google). The generic signIn.social() method POSTs
+ * to /api/auth/sign-in/social which doesn't exist — use this instead.
+ */
+function signInWithProvider(provider, callbackURL) {
+    const params = new URLSearchParams();
+    if (callbackURL)
+        params.set('callbackURL', callbackURL);
+    const qs = params.toString();
+    window.location.href = `/api/auth/sign-in/${provider}${qs ? '?' + qs : ''}`;
+}
 /**
  * NextAuth-compatible useSession wrapper.
  *

package/dist/components/account/MobileNavDrawer.js

@@ -44,7 +44,7 @@ function MobileNavDrawer({ isOpen, onClose, navItems, customSections, basePath =
             onSignIn();
         }
         else {
-            better_auth_client_1.authClient.signIn.social({ provider: 'google', callbackURL: signInCallbackUrl });
+            (0, better_auth_client_1.signInWithProvider)('google', signInCallbackUrl);
         }
     };
     const handleSectionItemClick = (item) => {

package/dist/hooks/useAvailableProviders.d.ts

@@ -1,8 +1,8 @@
 /**
  * useAvailableProviders Hook
  *
- * Fetches the list of OAuth providers actually configured in NextAuth.
- * This ensures UI only shows buttons for providers that are enabled in IDP.
+ * Returns the list of OAuth providers configured for this client.
+ * Ensures UI only shows buttons for providers that are enabled in IDP.
  */
 import type { FederatedProvider } from '../types/auth';
 export interface UseAvailableProvidersResult {
@@ -12,10 +12,9 @@ export interface UseAvailableProvidersResult {
     rawProviders: Record<string, any> | null;
 }
 /**
- * Hook to get available OAuth providers from NextAuth.
+ * Hook to get available federated OAuth providers.
  *
- * Returns only the providers that are actually configured in auth-options,
- * which reflects what's enabled in IDP config.
+ * Returns only the providers that are enabled in IDP config.
  *
  * @example
  * ```tsx

package/dist/hooks/useAvailableProviders.js

@@ -2,21 +2,21 @@
 /**
  * useAvailableProviders Hook
  *
- * Fetches the list of OAuth providers actually configured in NextAuth.
- * This ensures UI only shows buttons for providers that are enabled in IDP.
+ * Returns the list of OAuth providers configured for this client.
+ * Ensures UI only shows buttons for providers that are enabled in IDP.
  */
 'use client';
 /**
  * useAvailableProviders Hook
  *
- * Fetches the list of OAuth providers actually configured in NextAuth.
- * This ensures UI only shows buttons for providers that are enabled in IDP.
+ * Returns the list of OAuth providers configured for this client.
+ * Ensures UI only shows buttons for providers that are enabled in IDP.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.useAvailableProviders = useAvailableProviders;
 exports.useIsProviderAvailable = useIsProviderAvailable;
 const react_1 = require("react");
-// Map NextAuth provider IDs to our FederatedProvider type
+// Map provider IDs to our FederatedProvider type
 const PROVIDER_MAP = {
     'google': 'google',
     'apple': 'apple',
@@ -28,10 +28,9 @@ const PROVIDER_MAP = {
 // Providers we support in UI (excludes credentials)
 const OAUTH_PROVIDERS = ['google', 'apple', 'facebook', 'github', 'azure-ad', 'microsoft-entra-id'];
 /**
- * Hook to get available OAuth providers from NextAuth.
+ * Hook to get available federated OAuth providers.
  *
- * Returns only the providers that are actually configured in auth-options,
- * which reflects what's enabled in IDP config.
+ * Returns only the providers that are enabled in IDP config.
  *
  * @example
  * ```tsx

package/dist/hooks/usePublicAuthSettings.d.ts

@@ -8,7 +8,7 @@ import type { FederatedProvider } from '../types/auth';
 export interface PublicAuthSettings {
     enabledProviders: FederatedProvider[];
     allowPublicRegistration: boolean;
-    allowSocialLogin: boolean;
+    allowFederatedLogin: boolean;
     enablePasswordReset: boolean;
     require2FA: boolean;
     allowed2FAMethods: string[];
@@ -30,7 +30,7 @@ export interface UsePublicAuthSettingsResult {
  *
  *   return (
  *     <>
- *       {settings?.allowSocialLogin && (
+ *       {settings?.allowFederatedLogin && (
  *         <FederatedAuthSection providers={settings.enabledProviders} />
  *       )}
  *       {settings?.allowPublicRegistration && (
@@ -43,9 +43,9 @@ export interface UsePublicAuthSettingsResult {
  */
 export declare function usePublicAuthSettings(): UsePublicAuthSettingsResult;
 /**
- * Hook to check if social login is enabled.
+ * Hook to check if federated (OAuth) login is enabled.
  */
-export declare function useSocialLoginEnabled(): boolean;
+export declare function useFederatedLoginEnabled(): boolean;
 /**
  * Hook to check if public registration is enabled.
  */

package/dist/hooks/usePublicAuthSettings.js

@@ -14,7 +14,7 @@
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.usePublicAuthSettings = usePublicAuthSettings;
-exports.useSocialLoginEnabled = useSocialLoginEnabled;
+exports.useFederatedLoginEnabled = useFederatedLoginEnabled;
 exports.usePublicRegistrationEnabled = usePublicRegistrationEnabled;
 exports.usePasswordResetEnabled = usePasswordResetEnabled;
 const react_1 = require("react");
@@ -30,7 +30,7 @@ const PROVIDER_MAP = {
 const DEFAULT_SETTINGS = {
     enabledProviders: [],
     allowPublicRegistration: true,
-    allowSocialLogin: false,
+    allowFederatedLogin: false,
     enablePasswordReset: true,
     require2FA: true,
     allowed2FAMethods: ['email', 'sms'],
@@ -47,7 +47,7 @@ const DEFAULT_SETTINGS = {
  *
  *   return (
  *     <>
- *       {settings?.allowSocialLogin && (
+ *       {settings?.allowFederatedLogin && (
  *         <FederatedAuthSection providers={settings.enabledProviders} />
  *       )}
  *       {settings?.allowPublicRegistration && (
@@ -109,11 +109,11 @@ function usePublicAuthSettings() {
     return { settings, isLoading, error };
 }
 /**
- * Hook to check if social login is enabled.
+ * Hook to check if federated (OAuth) login is enabled.
  */
-function useSocialLoginEnabled() {
+function useFederatedLoginEnabled() {
     const { settings } = usePublicAuthSettings();
-    return settings?.allowSocialLogin ?? false;
+    return settings?.allowFederatedLogin ?? false;
 }
 /**
  * Hook to check if public registration is enabled.

package/dist/lib/idp-client-config.d.ts

@@ -69,6 +69,10 @@ export declare function getIDPClientConfig(forceRefresh?: boolean): Promise<IDPC
  * Clear the config cache (useful for testing or forced refresh)
  */
 export declare function clearConfigCache(): void;
+/**
+ * Clear the Redis config cache so the next fetch always goes to IDP.
+ */
+export declare function clearConfigRedisCache(): Promise<void>;
 /**
  * Get enabled OAuth providers from config
  */

package/dist/lib/idp-client-config.js

@@ -24,6 +24,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getIDPClientConfig = getIDPClientConfig;
 exports.clearConfigCache = clearConfigCache;
+exports.clearConfigRedisCache = clearConfigRedisCache;
 exports.getEnabledProviders = getEnabledProviders;
 require("server-only");
 const crypto_1 = require("crypto");
@@ -176,6 +177,19 @@ function clearConfigCache() {
     cachedConfig = null;
     cacheExpiry = 0;
 }
+/**
+ * Clear the Redis config cache so the next fetch always goes to IDP.
+ */
+async function clearConfigRedisCache() {
+    try {
+        const key = getRedisConfigKey();
+        await redis_1.default.del(key);
+        console.log('[IDP_CONFIG] Redis cache cleared:', key);
+    }
+    catch (error) {
+        console.warn('[IDP_CONFIG] Failed to clear Redis cache:', error);
+    }
+}
 /**
  * Get enabled OAuth providers from config
  */

package/dist/lib/startup-init.js

@@ -136,6 +136,8 @@ async function performInitialization() {
     try {
         // Step 1: Fetch full client config from IDP (includes secret, providers, settings)
         console.log('[STARTUP] Step 1/2: Fetching client config from IDP...');
+        // Clear any stale Redis cache so startup always gets fresh IDP data
+        await (0, idp_client_config_1.clearConfigRedisCache)();
         try {
             const config = await (0, idp_client_config_1.getIDPClientConfig)(true);
             cachedIDPConfig = config;
@@ -206,25 +208,25 @@ async function performInitialization() {
         const connectionLine = isConnectionError
             ? '║   🔌 CONNECTION REFUSED - IDP appears to be down             ║\n║                                                              ║\n'
             : '';
-        console.error(`
-╔══════════════════════════════════════════════════════════════╗
-║   ❌ FATAL: NEXTAUTH_SECRET NOT AVAILABLE                     ║
-║                                                              ║
-║   The app cannot start without a valid NEXTAUTH_SECRET.      ║
-║   This should be fetched from IDP at startup.                ║
-║                                                              ║
-${connectionLine}║   Possible causes:                                           ║
-║   • IDP is not running or unreachable                        ║
-║   • CLIENT_ID is not registered in IDP                       ║
-║   • IDP_URL is incorrect                                     ║
-║   • Network connectivity issue                               ║
-║                                                              ║
-║   Current config:                                            ║
-║   • IDP_URL: ${idpUrl}║
-║   • CLIENT_ID: ${clientId}║
-╚══════════════════════════════════════════════════════════════╝
-
-[STARTUP] Error: ${errorMsg}
+        console.error(`
+╔══════════════════════════════════════════════════════════════╗
+║   ❌ FATAL: NEXTAUTH_SECRET NOT AVAILABLE                     ║
+║                                                              ║
+║   The app cannot start without a valid NEXTAUTH_SECRET.      ║
+║   This should be fetched from IDP at startup.                ║
+║                                                              ║
+${connectionLine}║   Possible causes:                                           ║
+║   • IDP is not running or unreachable                        ║
+║   • CLIENT_ID is not registered in IDP                       ║
+║   • IDP_URL is incorrect                                     ║
+║   • Network connectivity issue                               ║
+║                                                              ║
+║   Current config:                                            ║
+║   • IDP_URL: ${idpUrl}║
+║   • CLIENT_ID: ${clientId}║
+╚══════════════════════════════════════════════════════════════╝
+
+[STARTUP] Error: ${errorMsg}
 `);
         // Re-throw so callers know initialization failed
         throw lastInitError;

package/dist/routes/auth/settings.d.ts

@@ -8,7 +8,7 @@ import { NextResponse } from 'next/server';
 export interface PublicAuthSettings {
     enabledProviders: string[];
     allowPublicRegistration: boolean;
-    allowSocialLogin: boolean;
+    allowFederatedLogin: boolean;
     enablePasswordReset: boolean;
     require2FA: boolean;
     allowed2FAMethods: string[];

package/dist/routes/auth/settings.js

@@ -25,7 +25,7 @@ async function GET() {
                 .map(p => p.provider) ?? [],
             // Registration - default to true if not specified
             allowPublicRegistration: true, // Could come from config.authSettings in future
-            allowSocialLogin: config.oauthProviders?.some(p => p.enabled) ?? false,
+            allowFederatedLogin: config.oauthProviders?.some(p => p.enabled) ?? false,
             // Password reset
             enablePasswordReset: true, // Could come from config.authSettings in future
             // 2FA
@@ -45,7 +45,7 @@ async function GET() {
             data: {
                 enabledProviders: [],
                 allowPublicRegistration: true,
-                allowSocialLogin: false,
+                allowFederatedLogin: false,
                 enablePasswordReset: true,
                 require2FA: true,
                 allowed2FAMethods: ['email', 'sms'],

package/dist/server/auth.js

@@ -57,7 +57,7 @@ async function getAuthInstance() {
     if (authInstance)
         return authInstance;
     if (!authInitPromise) {
-        authInitPromise = (0, idp_client_config_1.getIDPClientConfig)().then(config => {
+        authInitPromise = (0, idp_client_config_1.getIDPClientConfig)(true).then(config => {
             authInstance = (0, better_auth_1.createBetterAuthInstance)(config);
             return authInstance;
         });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@payez/next-mvp",
-  "version": "4.0.21",
+  "version": "4.0.23",
   "sideEffects": false,
   "main": "dist/index.js",
   "types": "dist/index.d.ts",