@pixygon/auth 1.0.0

package/dist/index.mjs

@@ -0,0 +1,28 @@
+import {
+  AuthContext,
+  AuthProvider,
+  createAuthApiClient,
+  createTokenStorage,
+  useAuth,
+  useAuthContext,
+  useAuthError,
+  useAuthStatus,
+  useProfileSync,
+  useRequireAuth,
+  useToken,
+  useUser
+} from "./chunk-E34M2RJD.mjs";
+export {
+  AuthContext,
+  AuthProvider,
+  createAuthApiClient,
+  createTokenStorage,
+  useAuth,
+  useAuthContext,
+  useAuthError,
+  useAuthStatus,
+  useProfileSync,
+  useRequireAuth,
+  useToken,
+  useUser
+};

package/package.json

@@ -0,0 +1,58 @@
+{
+  "name": "@pixygon/auth",
+  "version": "1.0.0",
+  "description": "Shared authentication package for all Pixygon applications",
+  "main": "dist/index.js",
+  "module": "dist/index.mjs",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
+    },
+    "./components": {
+      "types": "./dist/components/index.d.ts",
+      "import": "./dist/components/index.mjs",
+      "require": "./dist/components/index.js"
+    }
+  },
+  "scripts": {
+    "build": "tsup src/index.ts src/components/index.ts --format cjs,esm --dts --clean",
+    "dev": "tsup src/index.ts src/components/index.ts --format cjs,esm --dts --watch",
+    "lint": "eslint src/",
+    "typecheck": "tsc --noEmit"
+  },
+  "peerDependencies": {
+    "react": ">=17.0.0",
+    "react-dom": ">=17.0.0"
+  },
+  "devDependencies": {
+    "@types/react": "^18.2.0",
+    "@types/react-dom": "^18.2.0",
+    "react": "^18.2.0",
+    "react-dom": "^18.2.0",
+    "tsup": "^8.0.0",
+    "typescript": "^5.3.0"
+  },
+  "files": [
+    "dist",
+    "src"
+  ],
+  "keywords": [
+    "pixygon",
+    "auth",
+    "authentication",
+    "react",
+    "typescript"
+  ],
+  "author": "Pixygon",
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/pixygon/pixygon-packages"
+  }
+}

package/src/api/client.ts

@@ -0,0 +1,358 @@
+/**
+ * @pixygon/auth - API Client
+ * Unified API client with automatic token injection and refresh
+ */
+
+import type {
+  AuthConfig,
+  AuthError,
+  AuthErrorCode,
+  LoginRequest,
+  LoginResponse,
+  RegisterRequest,
+  RegisterResponse,
+  VerifyRequest,
+  VerifyResponse,
+  ForgotPasswordRequest,
+  ForgotPasswordResponse,
+  RecoverPasswordRequest,
+  RecoverPasswordResponse,
+  RefreshTokenRequest,
+  RefreshTokenResponse,
+  ResendVerificationRequest,
+  ResendVerificationResponse,
+  User,
+} from '../types';
+import type { TokenStorage } from '../utils/storage';
+
+// ============================================================================
+// Error Handling
+// ============================================================================
+
+function parseErrorCode(status: number, message?: string): AuthErrorCode {
+  if (message?.toLowerCase().includes('not found')) return 'USER_NOT_FOUND';
+  if (message?.toLowerCase().includes('exists')) return 'USER_EXISTS';
+  if (message?.toLowerCase().includes('verified')) return 'EMAIL_NOT_VERIFIED';
+  if (message?.toLowerCase().includes('invalid') && message?.toLowerCase().includes('code')) {
+    return 'INVALID_VERIFICATION_CODE';
+  }
+  if (message?.toLowerCase().includes('expired') && message?.toLowerCase().includes('code')) {
+    return 'EXPIRED_VERIFICATION_CODE';
+  }
+
+  switch (status) {
+    case 401:
+      return 'INVALID_CREDENTIALS';
+    case 403:
+      return 'TOKEN_INVALID';
+    case 404:
+      return 'USER_NOT_FOUND';
+    case 409:
+      return 'USER_EXISTS';
+    case 500:
+      return 'SERVER_ERROR';
+    default:
+      return 'UNKNOWN_ERROR';
+  }
+}
+
+function createAuthError(status: number, message?: string, details?: Record<string, unknown>): AuthError {
+  return {
+    code: parseErrorCode(status, message),
+    message: message || 'An unexpected error occurred',
+    details,
+  };
+}
+
+// ============================================================================
+// API Client
+// ============================================================================
+
+export interface AuthApiClient {
+  // Auth endpoints
+  login: (data: LoginRequest) => Promise<LoginResponse>;
+  register: (data: RegisterRequest) => Promise<RegisterResponse>;
+  verify: (data: VerifyRequest) => Promise<VerifyResponse>;
+  resendVerification: (data: ResendVerificationRequest) => Promise<ResendVerificationResponse>;
+  forgotPassword: (data: ForgotPasswordRequest) => Promise<ForgotPasswordResponse>;
+  recoverPassword: (data: RecoverPasswordRequest) => Promise<RecoverPasswordResponse>;
+  refreshToken: (data: RefreshTokenRequest) => Promise<RefreshTokenResponse>;
+
+  // User endpoints
+  getMe: () => Promise<User>;
+  updateProfile: (data: Partial<User>) => Promise<User>;
+
+  // Utilities
+  setAccessToken: (token: string | null) => void;
+  getAccessToken: () => string | null;
+  request: <T>(endpoint: string, options?: RequestInit) => Promise<T>;
+}
+
+export function createAuthApiClient(config: AuthConfig, tokenStorage: TokenStorage): AuthApiClient {
+  let currentAccessToken: string | null = null;
+  let isRefreshing = false;
+  let refreshPromise: Promise<void> | null = null;
+
+  const log = (...args: unknown[]) => {
+    if (config.debug) {
+      console.log('[PixygonAuth]', ...args);
+    }
+  };
+
+  /**
+   * Make an authenticated request
+   */
+  async function request<T>(endpoint: string, options: RequestInit = {}): Promise<T> {
+    const url = `${config.baseUrl}${endpoint}`;
+    const headers: Record<string, string> = {
+      'Content-Type': 'application/json',
+      ...(options.headers as Record<string, string>),
+    };
+
+    // Add auth header if we have a token
+    if (currentAccessToken) {
+      headers['Authorization'] = `Bearer ${currentAccessToken}`;
+    }
+
+    log(`Request: ${options.method || 'GET'} ${endpoint}`);
+
+    try {
+      const response = await fetch(url, {
+        ...options,
+        headers,
+      });
+
+      // Handle token expiry
+      if (response.status === 401 || response.status === 403) {
+        // Try to refresh token
+        if (currentAccessToken && !isRefreshing) {
+          log('Token expired, attempting refresh...');
+          try {
+            await refreshTokens();
+            // Retry the original request with new token
+            headers['Authorization'] = `Bearer ${currentAccessToken}`;
+            const retryResponse = await fetch(url, { ...options, headers });
+            if (!retryResponse.ok) {
+              const errorData = await retryResponse.json().catch(() => ({}));
+              throw createAuthError(retryResponse.status, errorData.message);
+            }
+            return retryResponse.json();
+          } catch (refreshError) {
+            log('Token refresh failed', refreshError);
+            throw createAuthError(401, 'Session expired. Please log in again.');
+          }
+        }
+        throw createAuthError(response.status, 'Authentication required');
+      }
+
+      if (!response.ok) {
+        const errorData = await response.json().catch(() => ({}));
+        throw createAuthError(response.status, errorData.message, errorData);
+      }
+
+      const data = await response.json();
+      return data;
+    } catch (error) {
+      if ((error as AuthError).code) {
+        throw error;
+      }
+      log('Network error:', error);
+      throw {
+        code: 'NETWORK_ERROR',
+        message: 'Unable to connect to the server',
+        details: { originalError: error },
+      } as AuthError;
+    }
+  }
+
+  /**
+   * Refresh the access token
+   */
+  async function refreshTokens(): Promise<void> {
+    if (isRefreshing && refreshPromise) {
+      return refreshPromise;
+    }
+
+    isRefreshing = true;
+    refreshPromise = (async () => {
+      try {
+        const refreshToken = await tokenStorage.getRefreshToken();
+        if (!refreshToken) {
+          throw new Error('No refresh token available');
+        }
+
+        const response = await fetch(`${config.baseUrl}/auth/refresh`, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ refreshToken }),
+        });
+
+        if (!response.ok) {
+          throw new Error('Refresh failed');
+        }
+
+        const data: RefreshTokenResponse = await response.json();
+        currentAccessToken = data.token;
+
+        await tokenStorage.updateTokens({
+          accessToken: data.token,
+          refreshToken: data.refreshToken,
+          expiresIn: data.expiresIn,
+          refreshExpiresIn: data.expiresIn * 24, // Approximate
+        });
+
+        config.onTokenRefresh?.({
+          accessToken: data.token,
+          refreshToken: data.refreshToken,
+          expiresIn: data.expiresIn,
+          refreshExpiresIn: data.expiresIn * 24,
+        });
+
+        log('Token refreshed successfully');
+      } finally {
+        isRefreshing = false;
+        refreshPromise = null;
+      }
+    })();
+
+    return refreshPromise;
+  }
+
+  return {
+    // ========================================================================
+    // Auth Endpoints
+    // ========================================================================
+
+    async login(data: LoginRequest): Promise<LoginResponse> {
+      const response = await request<LoginResponse>('/auth/login', {
+        method: 'POST',
+        body: JSON.stringify(data),
+      });
+
+      currentAccessToken = response.token;
+      await tokenStorage.setTokens(
+        response.token,
+        response.refreshToken || null,
+        response.expiresIn || null,
+        response.user
+      );
+
+      config.onLogin?.(response.user);
+      log('Login successful:', response.user.userName);
+
+      return response;
+    },
+
+    async register(data: RegisterRequest): Promise<RegisterResponse> {
+      const response = await request<RegisterResponse>('/auth/register', {
+        method: 'POST',
+        body: JSON.stringify(data),
+      });
+
+      log('Registration successful:', response.user.userName);
+      return response;
+    },
+
+    async verify(data: VerifyRequest): Promise<VerifyResponse> {
+      const response = await request<VerifyResponse>('/auth/verify', {
+        method: 'POST',
+        body: JSON.stringify(data),
+      });
+
+      currentAccessToken = response.token;
+      await tokenStorage.setTokens(
+        response.token,
+        response.refreshToken || null,
+        null,
+        response.user
+      );
+
+      config.onLogin?.(response.user);
+      log('Verification successful:', response.user.userName);
+
+      return response;
+    },
+
+    async resendVerification(data: ResendVerificationRequest): Promise<ResendVerificationResponse> {
+      const response = await request<ResendVerificationResponse>('/auth/resendVerificationEmail', {
+        method: 'POST',
+        body: JSON.stringify(data),
+      });
+
+      log('Verification email resent');
+      return response;
+    },
+
+    async forgotPassword(data: ForgotPasswordRequest): Promise<ForgotPasswordResponse> {
+      const response = await request<ForgotPasswordResponse>('/auth/forgotPassword', {
+        method: 'POST',
+        body: JSON.stringify(data),
+      });
+
+      log('Password reset email sent');
+      return response;
+    },
+
+    async recoverPassword(data: RecoverPasswordRequest): Promise<RecoverPasswordResponse> {
+      const response = await request<RecoverPasswordResponse>('/auth/recoverPassword', {
+        method: 'POST',
+        body: JSON.stringify(data),
+      });
+
+      log('Password recovered successfully');
+      return response;
+    },
+
+    async refreshToken(data: RefreshTokenRequest): Promise<RefreshTokenResponse> {
+      const response = await request<RefreshTokenResponse>('/auth/refresh', {
+        method: 'POST',
+        body: JSON.stringify(data),
+      });
+
+      currentAccessToken = response.token;
+      await tokenStorage.updateTokens({
+        accessToken: response.token,
+        refreshToken: response.refreshToken,
+        expiresIn: response.expiresIn,
+        refreshExpiresIn: response.expiresIn * 24,
+      });
+
+      return response;
+    },
+
+    // ========================================================================
+    // User Endpoints
+    // ========================================================================
+
+    async getMe(): Promise<User> {
+      const response = await request<User>('/users/me');
+      await tokenStorage.updateUser(response);
+      return response;
+    },
+
+    async updateProfile(data: Partial<User>): Promise<User> {
+      const response = await request<User>('/users/me', {
+        method: 'PATCH',
+        body: JSON.stringify(data),
+      });
+      await tokenStorage.updateUser(response);
+      return response;
+    },
+
+    // ========================================================================
+    // Utilities
+    // ========================================================================
+
+    setAccessToken(token: string | null) {
+      currentAccessToken = token;
+    },
+
+    getAccessToken() {
+      return currentAccessToken;
+    },
+
+    request,
+  };
+}
+
+export type { TokenStorage };