@reauth-dev/sdk 0.1.0

package/dist/index.d.ts

@@ -0,0 +1,127 @@
+import { R as ReauthConfig, a as ReauthSession, T as TokenResponse, S as SubscriptionPlan, U as UserSubscription, C as CheckoutSession, b as TransactionsPaginationOptions, B as BalanceTransaction } from './types-D8oOYbeC.js';
+export { A as AuthResult, h as ChargeOptions, i as DepositOptions, D as DomainEndUserClaims, e as ReauthServerConfig, f as RequestLike, g as SubscriptionInfo, c as User, d as UserDetails } from './types-D8oOYbeC.js';
+
+/**
+ * Create a reauth client for browser-side authentication.
+ *
+ * @example
+ * ```typescript
+ * const reauth = createReauthClient({ domain: 'yourdomain.com' });
+ *
+ * // Check if user is authenticated
+ * const session = await reauth.getSession();
+ * if (!session.valid) {
+ *   reauth.login(); // Redirect to login page
+ * }
+ *
+ * // Log out
+ * await reauth.logout();
+ * ```
+ */
+declare function createReauthClient(config: ReauthConfig): {
+    /**
+     * Redirect the user to the reauth.dev login page.
+     * After successful login, they'll be redirected back to your configured redirect URL.
+     */
+    login(): void;
+    /**
+     * Check if the user is authenticated.
+     * Returns session info including user ID, email, and roles.
+     */
+    getSession(): Promise<ReauthSession>;
+    /**
+     * Refresh the access token using the refresh token.
+     * Call this when getSession() returns valid: false but no error_code.
+     * @returns true if refresh succeeded, false otherwise
+     */
+    refresh(): Promise<boolean>;
+    /**
+     * Get an access token for Bearer authentication.
+     * Use this when calling your own API that uses local token verification.
+     *
+     * @returns TokenResponse with access token, or null if not authenticated
+     *
+     * @example
+     * ```typescript
+     * const tokenResponse = await reauth.getToken();
+     * if (tokenResponse) {
+     *   fetch('/api/data', {
+     *     headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
+     *   });
+     * }
+     * ```
+     */
+    getToken(): Promise<TokenResponse | null>;
+    /**
+     * Log out the user by clearing all session cookies.
+     */
+    logout(): Promise<void>;
+    /**
+     * Delete the user's own account (self-service).
+     * @returns true if deletion succeeded, false otherwise
+     */
+    deleteAccount(): Promise<boolean>;
+    /**
+     * Get available subscription plans for the domain.
+     * Only returns public plans sorted by display order.
+     */
+    getPlans(): Promise<SubscriptionPlan[]>;
+    /**
+     * Get the current user's subscription status.
+     */
+    getSubscription(): Promise<UserSubscription>;
+    /**
+     * Create a Stripe checkout session to subscribe to a plan.
+     * @param planCode The plan code to subscribe to
+     * @param successUrl URL to redirect to after successful payment
+     * @param cancelUrl URL to redirect to if checkout is canceled
+     * @returns Checkout session with URL to redirect the user to
+     */
+    createCheckout(planCode: string, successUrl: string, cancelUrl: string): Promise<CheckoutSession>;
+    /**
+     * Redirect user to subscribe to a plan.
+     * Creates a checkout session and redirects to Stripe.
+     * @param planCode The plan code to subscribe to
+     */
+    subscribe(planCode: string): Promise<void>;
+    /**
+     * Open the Stripe customer portal for managing subscription.
+     * @param returnUrl URL to return to after leaving the portal
+     */
+    openBillingPortal(returnUrl?: string): Promise<void>;
+    /**
+     * Cancel the user's subscription at period end.
+     * @returns true if cancellation succeeded
+     */
+    cancelSubscription(): Promise<boolean>;
+    /**
+     * Get the current user's balance.
+     * @returns Object with the current balance
+     */
+    getBalance(): Promise<{
+        balance: number;
+    }>;
+    /**
+     * Get the current user's balance transaction history.
+     * @param opts - Optional pagination (limit, offset)
+     * @returns Object with array of transactions (newest first)
+     */
+    getTransactions(opts?: TransactionsPaginationOptions): Promise<{
+        transactions: BalanceTransaction[];
+    }>;
+};
+type ReauthClient = ReturnType<typeof createReauthClient>;
+
+declare enum ReauthErrorCode {
+    /**
+     * OAuth retry window expired. The OAuth flow must be restarted.
+     */
+    OAUTH_RETRY_EXPIRED = "OAUTH_RETRY_EXPIRED"
+}
+type ReauthError = {
+    code: ReauthErrorCode | string;
+    message?: string;
+};
+declare function requiresOAuthRestart(error: ReauthError | null | undefined): boolean;
+
+export { BalanceTransaction, type ReauthClient, ReauthConfig, type ReauthError, ReauthErrorCode, ReauthSession, TokenResponse, TransactionsPaginationOptions, createReauthClient, requiresOAuthRestart };

package/dist/index.js

@@ -0,0 +1,308 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var src_exports = {};
+__export(src_exports, {
+  ReauthErrorCode: () => ReauthErrorCode,
+  createReauthClient: () => createReauthClient,
+  requiresOAuthRestart: () => requiresOAuthRestart
+});
+module.exports = __toCommonJS(src_exports);
+
+// src/client.ts
+function createReauthClient(config) {
+  const { domain } = config;
+  const baseUrl = `https://reauth.${domain}/api/public`;
+  return {
+    /**
+     * Redirect the user to the reauth.dev login page.
+     * After successful login, they'll be redirected back to your configured redirect URL.
+     */
+    login() {
+      if (typeof window === "undefined") {
+        throw new Error("login() can only be called in browser");
+      }
+      window.location.href = `https://reauth.${domain}/`;
+    },
+    /**
+     * Check if the user is authenticated.
+     * Returns session info including user ID, email, and roles.
+     */
+    async getSession() {
+      const res = await fetch(`${baseUrl}/auth/session`, {
+        credentials: "include"
+      });
+      return res.json();
+    },
+    /**
+     * Refresh the access token using the refresh token.
+     * Call this when getSession() returns valid: false but no error_code.
+     * @returns true if refresh succeeded, false otherwise
+     */
+    async refresh() {
+      const res = await fetch(`${baseUrl}/auth/refresh`, {
+        method: "POST",
+        credentials: "include"
+      });
+      return res.ok;
+    },
+    /**
+     * Get an access token for Bearer authentication.
+     * Use this when calling your own API that uses local token verification.
+     *
+     * @returns TokenResponse with access token, or null if not authenticated
+     *
+     * @example
+     * ```typescript
+     * const tokenResponse = await reauth.getToken();
+     * if (tokenResponse) {
+     *   fetch('/api/data', {
+     *     headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
+     *   });
+     * }
+     * ```
+     */
+    async getToken() {
+      try {
+        const res = await fetch(`${baseUrl}/auth/token`, {
+          method: "GET",
+          credentials: "include"
+        });
+        if (!res.ok) {
+          if (res.status === 401) return null;
+          throw new Error(`Failed to get token: ${res.status}`);
+        }
+        const data = await res.json();
+        return {
+          accessToken: data.access_token,
+          expiresIn: data.expires_in,
+          tokenType: data.token_type
+        };
+      } catch {
+        return null;
+      }
+    },
+    /**
+     * Log out the user by clearing all session cookies.
+     */
+    async logout() {
+      await fetch(`${baseUrl}/auth/logout`, {
+        method: "POST",
+        credentials: "include"
+      });
+    },
+    /**
+     * Delete the user's own account (self-service).
+     * @returns true if deletion succeeded, false otherwise
+     */
+    async deleteAccount() {
+      const res = await fetch(`${baseUrl}/auth/account`, {
+        method: "DELETE",
+        credentials: "include"
+      });
+      return res.ok;
+    },
+    // ========================================================================
+    // Billing Methods
+    // ========================================================================
+    /**
+     * Get available subscription plans for the domain.
+     * Only returns public plans sorted by display order.
+     */
+    async getPlans() {
+      const res = await fetch(`${baseUrl}/billing/plans`, {
+        credentials: "include"
+      });
+      if (!res.ok) return [];
+      const data = await res.json();
+      return data.map(
+        (p) => ({
+          id: p.id,
+          code: p.code,
+          name: p.name,
+          description: p.description,
+          priceCents: p.price_cents,
+          currency: p.currency,
+          interval: p.interval,
+          intervalCount: p.interval_count,
+          trialDays: p.trial_days,
+          features: p.features,
+          displayOrder: p.display_order
+        })
+      );
+    },
+    /**
+     * Get the current user's subscription status.
+     */
+    async getSubscription() {
+      const res = await fetch(`${baseUrl}/billing/subscription`, {
+        credentials: "include"
+      });
+      const data = await res.json();
+      return {
+        id: data.id,
+        planCode: data.plan_code,
+        planName: data.plan_name,
+        status: data.status,
+        currentPeriodEnd: data.current_period_end,
+        trialEnd: data.trial_end,
+        cancelAtPeriodEnd: data.cancel_at_period_end
+      };
+    },
+    /**
+     * Create a Stripe checkout session to subscribe to a plan.
+     * @param planCode The plan code to subscribe to
+     * @param successUrl URL to redirect to after successful payment
+     * @param cancelUrl URL to redirect to if checkout is canceled
+     * @returns Checkout session with URL to redirect the user to
+     */
+    async createCheckout(planCode, successUrl, cancelUrl) {
+      const res = await fetch(`${baseUrl}/billing/checkout`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        credentials: "include",
+        body: JSON.stringify({
+          plan_code: planCode,
+          success_url: successUrl,
+          cancel_url: cancelUrl
+        })
+      });
+      if (!res.ok) {
+        const err = await res.json().catch(() => ({}));
+        throw new Error(err.message || "Failed to create checkout session");
+      }
+      const data = await res.json();
+      return { checkoutUrl: data.checkout_url };
+    },
+    /**
+     * Redirect user to subscribe to a plan.
+     * Creates a checkout session and redirects to Stripe.
+     * @param planCode The plan code to subscribe to
+     */
+    async subscribe(planCode) {
+      if (typeof window === "undefined") {
+        throw new Error("subscribe() can only be called in browser");
+      }
+      const currentUrl = window.location.href;
+      const { checkoutUrl } = await this.createCheckout(
+        planCode,
+        currentUrl,
+        currentUrl
+      );
+      window.location.href = checkoutUrl;
+    },
+    /**
+     * Open the Stripe customer portal for managing subscription.
+     * @param returnUrl URL to return to after leaving the portal
+     */
+    async openBillingPortal(returnUrl) {
+      if (typeof window === "undefined") {
+        throw new Error("openBillingPortal() can only be called in browser");
+      }
+      const res = await fetch(`${baseUrl}/billing/portal`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        credentials: "include",
+        body: JSON.stringify({
+          return_url: returnUrl || window.location.href
+        })
+      });
+      if (!res.ok) {
+        throw new Error("Failed to open billing portal");
+      }
+      const data = await res.json();
+      window.location.href = data.portal_url;
+    },
+    /**
+     * Cancel the user's subscription at period end.
+     * @returns true if cancellation succeeded
+     */
+    async cancelSubscription() {
+      const res = await fetch(`${baseUrl}/billing/cancel`, {
+        method: "POST",
+        credentials: "include"
+      });
+      return res.ok;
+    },
+    // ========================================================================
+    // Balance Methods
+    // ========================================================================
+    /**
+     * Get the current user's balance.
+     * @returns Object with the current balance
+     */
+    async getBalance() {
+      const res = await fetch(`${baseUrl}/balance`, {
+        credentials: "include"
+      });
+      if (!res.ok) {
+        if (res.status === 401) throw new Error("Not authenticated");
+        throw new Error(`Failed to get balance: ${res.status}`);
+      }
+      return res.json();
+    },
+    /**
+     * Get the current user's balance transaction history.
+     * @param opts - Optional pagination (limit, offset)
+     * @returns Object with array of transactions (newest first)
+     */
+    async getTransactions(opts) {
+      const params = new URLSearchParams();
+      if (opts?.limit !== void 0) params.set("limit", String(opts.limit));
+      if (opts?.offset !== void 0) params.set("offset", String(opts.offset));
+      const qs = params.toString();
+      const res = await fetch(
+        `${baseUrl}/balance/transactions${qs ? `?${qs}` : ""}`,
+        { credentials: "include" }
+      );
+      if (!res.ok) {
+        if (res.status === 401) throw new Error("Not authenticated");
+        throw new Error(`Failed to get transactions: ${res.status}`);
+      }
+      const data = await res.json();
+      return {
+        transactions: data.transactions.map(
+          (t) => ({
+            id: t.id,
+            amountDelta: t.amount_delta,
+            reason: t.reason,
+            balanceAfter: t.balance_after,
+            createdAt: t.created_at
+          })
+        )
+      };
+    }
+  };
+}
+
+// src/errors.ts
+var ReauthErrorCode = /* @__PURE__ */ ((ReauthErrorCode2) => {
+  ReauthErrorCode2["OAUTH_RETRY_EXPIRED"] = "OAUTH_RETRY_EXPIRED";
+  return ReauthErrorCode2;
+})(ReauthErrorCode || {});
+function requiresOAuthRestart(error) {
+  return error?.code === "OAUTH_RETRY_EXPIRED" /* OAUTH_RETRY_EXPIRED */;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ReauthErrorCode,
+  createReauthClient,
+  requiresOAuthRestart
+});

package/dist/index.mjs

@@ -0,0 +1,17 @@
+import {
+  createReauthClient
+} from "./chunk-JX2J36FS.mjs";
+
+// src/errors.ts
+var ReauthErrorCode = /* @__PURE__ */ ((ReauthErrorCode2) => {
+  ReauthErrorCode2["OAUTH_RETRY_EXPIRED"] = "OAUTH_RETRY_EXPIRED";
+  return ReauthErrorCode2;
+})(ReauthErrorCode || {});
+function requiresOAuthRestart(error) {
+  return error?.code === "OAUTH_RETRY_EXPIRED" /* OAUTH_RETRY_EXPIRED */;
+}
+export {
+  ReauthErrorCode,
+  createReauthClient,
+  requiresOAuthRestart
+};

package/dist/react/index.d.mts

@@ -0,0 +1,123 @@
+import { R as ReauthConfig, c as User } from '../types-D8oOYbeC.mjs';
+import * as react_jsx_runtime from 'react/jsx-runtime';
+import { ReactNode } from 'react';
+
+/**
+ * React hook for authentication state management.
+ *
+ * @example
+ * ```typescript
+ * function MyComponent() {
+ *   const { user, loading, login, logout } = useAuth({ domain: 'yourdomain.com' });
+ *
+ *   if (loading) return <div>Loading...</div>;
+ *   if (!user) return <button onClick={login}>Sign in</button>;
+ *
+ *   return (
+ *     <div>
+ *       Welcome {user.email}
+ *       <button onClick={logout}>Sign out</button>
+ *     </div>
+ *   );
+ * }
+ * ```
+ */
+declare function useAuth(config: ReauthConfig): {
+    login: () => void;
+    logout: () => Promise<void>;
+    refetch: () => Promise<void>;
+    user: User | null;
+    loading: boolean;
+    error: string | null;
+    isOnWaitlist: boolean;
+    waitlistPosition: number | null;
+};
+
+type AuthContextType = {
+    user: User | null;
+    loading: boolean;
+    error: string | null;
+    isOnWaitlist: boolean;
+    waitlistPosition: number | null;
+    login: () => void;
+    logout: () => Promise<void>;
+    refetch: () => Promise<void>;
+};
+type AuthProviderProps = {
+    config: ReauthConfig;
+    children: ReactNode;
+};
+/**
+ * Provider component that wraps your app and provides auth context.
+ *
+ * @example
+ * ```typescript
+ * // app/layout.tsx
+ * import { AuthProvider } from '@reauth-dev/sdk/react';
+ *
+ * export default function RootLayout({ children }) {
+ *   return (
+ *     <AuthProvider config={{ domain: 'yourdomain.com' }}>
+ *       {children}
+ *     </AuthProvider>
+ *   );
+ * }
+ * ```
+ */
+declare function AuthProvider({ config, children }: AuthProviderProps): react_jsx_runtime.JSX.Element;
+/**
+ * Hook to access auth context from within AuthProvider.
+ *
+ * @example
+ * ```typescript
+ * function UserMenu() {
+ *   const { user, logout } = useAuthContext();
+ *
+ *   return (
+ *     <div>
+ *       {user?.email}
+ *       <button onClick={logout}>Sign out</button>
+ *     </div>
+ *   );
+ * }
+ * ```
+ */
+declare function useAuthContext(): AuthContextType;
+
+type ProtectedRouteProps = {
+    children: ReactNode;
+    /** Content to show while loading */
+    fallback?: ReactNode;
+    /** Custom handler when user is not authenticated (default: redirect to login) */
+    onUnauthenticated?: () => void;
+    /** Custom handler when user is on waitlist */
+    onWaitlist?: () => void;
+};
+/**
+ * Component that protects its children from unauthenticated access.
+ * Automatically redirects to login if user is not authenticated.
+ *
+ * @example
+ * ```typescript
+ * // Basic usage
+ * <ProtectedRoute>
+ *   <Dashboard />
+ * </ProtectedRoute>
+ *
+ * // With loading fallback
+ * <ProtectedRoute fallback={<LoadingSpinner />}>
+ *   <Dashboard />
+ * </ProtectedRoute>
+ *
+ * // With custom handlers
+ * <ProtectedRoute
+ *   onUnauthenticated={() => router.push('/login')}
+ *   onWaitlist={() => router.push('/waitlist')}
+ * >
+ *   <Dashboard />
+ * </ProtectedRoute>
+ * ```
+ */
+declare function ProtectedRoute({ children, fallback, onUnauthenticated, onWaitlist, }: ProtectedRouteProps): react_jsx_runtime.JSX.Element | null;
+
+export { AuthProvider, ProtectedRoute, useAuth, useAuthContext };

package/dist/react/index.d.ts

@@ -0,0 +1,123 @@
+import { R as ReauthConfig, c as User } from '../types-D8oOYbeC.js';
+import * as react_jsx_runtime from 'react/jsx-runtime';
+import { ReactNode } from 'react';
+
+/**
+ * React hook for authentication state management.
+ *
+ * @example
+ * ```typescript
+ * function MyComponent() {
+ *   const { user, loading, login, logout } = useAuth({ domain: 'yourdomain.com' });
+ *
+ *   if (loading) return <div>Loading...</div>;
+ *   if (!user) return <button onClick={login}>Sign in</button>;
+ *
+ *   return (
+ *     <div>
+ *       Welcome {user.email}
+ *       <button onClick={logout}>Sign out</button>
+ *     </div>
+ *   );
+ * }
+ * ```
+ */
+declare function useAuth(config: ReauthConfig): {
+    login: () => void;
+    logout: () => Promise<void>;
+    refetch: () => Promise<void>;
+    user: User | null;
+    loading: boolean;
+    error: string | null;
+    isOnWaitlist: boolean;
+    waitlistPosition: number | null;
+};
+
+type AuthContextType = {
+    user: User | null;
+    loading: boolean;
+    error: string | null;
+    isOnWaitlist: boolean;
+    waitlistPosition: number | null;
+    login: () => void;
+    logout: () => Promise<void>;
+    refetch: () => Promise<void>;
+};
+type AuthProviderProps = {
+    config: ReauthConfig;
+    children: ReactNode;
+};
+/**
+ * Provider component that wraps your app and provides auth context.
+ *
+ * @example
+ * ```typescript
+ * // app/layout.tsx
+ * import { AuthProvider } from '@reauth-dev/sdk/react';
+ *
+ * export default function RootLayout({ children }) {
+ *   return (
+ *     <AuthProvider config={{ domain: 'yourdomain.com' }}>
+ *       {children}
+ *     </AuthProvider>
+ *   );
+ * }
+ * ```
+ */
+declare function AuthProvider({ config, children }: AuthProviderProps): react_jsx_runtime.JSX.Element;
+/**
+ * Hook to access auth context from within AuthProvider.
+ *
+ * @example
+ * ```typescript
+ * function UserMenu() {
+ *   const { user, logout } = useAuthContext();
+ *
+ *   return (
+ *     <div>
+ *       {user?.email}
+ *       <button onClick={logout}>Sign out</button>
+ *     </div>
+ *   );
+ * }
+ * ```
+ */
+declare function useAuthContext(): AuthContextType;
+
+type ProtectedRouteProps = {
+    children: ReactNode;
+    /** Content to show while loading */
+    fallback?: ReactNode;
+    /** Custom handler when user is not authenticated (default: redirect to login) */
+    onUnauthenticated?: () => void;
+    /** Custom handler when user is on waitlist */
+    onWaitlist?: () => void;
+};
+/**
+ * Component that protects its children from unauthenticated access.
+ * Automatically redirects to login if user is not authenticated.
+ *
+ * @example
+ * ```typescript
+ * // Basic usage
+ * <ProtectedRoute>
+ *   <Dashboard />
+ * </ProtectedRoute>
+ *
+ * // With loading fallback
+ * <ProtectedRoute fallback={<LoadingSpinner />}>
+ *   <Dashboard />
+ * </ProtectedRoute>
+ *
+ * // With custom handlers
+ * <ProtectedRoute
+ *   onUnauthenticated={() => router.push('/login')}
+ *   onWaitlist={() => router.push('/waitlist')}
+ * >
+ *   <Dashboard />
+ * </ProtectedRoute>
+ * ```
+ */
+declare function ProtectedRoute({ children, fallback, onUnauthenticated, onWaitlist, }: ProtectedRouteProps): react_jsx_runtime.JSX.Element | null;
+
+export { AuthProvider, ProtectedRoute, useAuth, useAuthContext };