@rebasepro/auth 0.2.3 → 0.2.5

package/dist/api.d.ts

@@ -132,7 +132,11 @@ export interface AuthConfigResponse {
     /** Whether new user registration is enabled */
     registrationEnabled: boolean;
     /** Whether email service is configured */
-    emailServiceEnabled: boolean;
+    emailServiceEnabled?: boolean;
+    /** Whether password reset is supported */
+    passwordReset?: boolean;
+    /** Whether email verification is supported */
+    emailVerification?: boolean;
     /** Complete list of enabled OAuth provider IDs (e.g. ["google", "github", "discord"]) */
     enabledProviders: string[];
 }

package/dist/hooks/useBackendUserManagement.d.ts

@@ -1,10 +1,11 @@
-import { Role, User } from "@rebasepro/types";
+import type { User } from "@rebasepro/types";
 /**
  * UserManagement interface - compatible with @rebasepro/user_management
  * Defined inline to avoid dependency on that package
  */
 export interface UserManagement<USER extends User = User> {
     loading: boolean;
+    hasAdminUsers?: boolean;
     users: USER[];
     saveUser: (user: USER) => Promise<USER>;
     createUser?: (user: USER) => Promise<{
@@ -18,13 +19,9 @@ export interface UserManagement<USER extends User = User> {
         temporaryPassword?: string;
     }>;
     deleteUser: (user: USER) => Promise<void>;
-    roles: Role[];
-    saveRole: (role: Role) => Promise<void>;
-    deleteRole: (role: Role) => Promise<void>;
     isAdmin?: boolean;
     allowDefaultRolesCreation?: boolean;
-    includeCollectionConfigPermissions?: boolean;
-    defineRolesFor: (user: User) => Promise<Role[] | undefined> | Role[] | undefined;
+    defineRolesFor: (user: User) => Promise<string[] | undefined> | string[] | undefined;
     getUser: (uid: string) => User | null;
     /**
      * Search users with server-side pagination.
@@ -43,14 +40,16 @@ export interface UserManagement<USER extends User = User> {
         total: number;
     }>;
     usersError?: Error;
-    rolesError?: Error;
     bootstrapAdmin?: () => Promise<void>;
 }
 export interface BackendUserManagementConfig {
     /**
      * The Rebase Client instance
      */
-    client?: any;
+    client?: {
+        baseUrl?: string;
+        resolveToken?: () => Promise<string | null>;
+    };
     /**
      * Base API URL for the backend (optional, extracted from client if not provided)
      */

package/dist/index.d.ts

@@ -10,5 +10,5 @@ export type { RebaseAuthController, RebaseAuthControllerProps, AuthTokens, UserI
 export { useRebaseAuthController } from "./hooks/useRebaseAuthController";
 export { useBackendUserManagement } from "./hooks/useBackendUserManagement";
 export type { BackendUserManagementConfig, UserManagement } from "./hooks/useBackendUserManagement";
-export { setApiUrl, getApiUrl, fetchAuthConfig, clearAuthConfigCache, AuthApiError } from "./api";
+export { setApiUrl, getApiUrl, fetchAuthConfig, AuthApiError } from "./api";
 export type { AuthConfigResponse } from "./api";

package/dist/index.es.js

@@ -214,11 +214,7 @@ async function fetchAuthConfig() {
     authConfigInflight = null;
   }
 }
-function clearAuthConfigCache() {
-  authConfigCached = null;
-  authConfigInflight = null;
-}
-const STORAGE_KEY = "rebase_auth";
+const STORAGE_KEY = "rebase_react_auth";
 const TOKEN_REFRESH_BUFFER_MS = 2 * 60 * 1e3;
 function convertToUser(userInfo) {
   return {
@@ -276,12 +272,11 @@ function useRebaseAuthController(props = {}) {
   const refreshPromiseRef = useRef(null);
   const isMountedRef = useRef(true);
   useEffect(() => {
-    if (client) {
-      setApiUrl(client.baseUrl);
-    } else if (apiUrl) {
-      setApiUrl(apiUrl);
+    const url = client?.baseUrl || apiUrl;
+    if (url) {
+      setApiUrl(url);
     }
-  }, [client, apiUrl]);
+  }, [client, client?.baseUrl, apiUrl]);
   const clearError = useCallback(() => {
     setAuthProviderError(null);
   }, []);
@@ -397,7 +392,7 @@ function useRebaseAuthController(props = {}) {
   }, [initialLoading, refreshAccessToken$1, clearSessionAndSignOut]);
   useEffect(() => {
     if (client) {
-      client.setAuthTokenGetter(async () => {
+      client.setAuthTokenGetter?.(async () => {
         try {
           return await getAuthToken();
         } catch {
@@ -430,7 +425,7 @@ function useRebaseAuthController(props = {}) {
     if (defineRolesFor) {
       const customRoles = await defineRolesFor(convertedUser);
       if (customRoles) {
-        convertedUser = { ...convertedUser, roles: customRoles.map((r) => r.id) };
+        convertedUser = { ...convertedUser, roles: customRoles };
       }
     }
     saveAuthToStorage(tokens, userInfo);
@@ -561,7 +556,7 @@ function useRebaseAuthController(props = {}) {
         if (customRoles) {
           convertedUser = {
             ...convertedUser,
-            roles: customRoles.map((r) => r.id)
+            roles: customRoles
           };
         }
       }
@@ -635,7 +630,7 @@ function useRebaseAuthController(props = {}) {
           if (customRoles) {
             userToSet = {
               ...userToSet,
-              roles: customRoles.map((r) => r.id)
+              roles: customRoles
             };
           }
         }
@@ -667,12 +662,16 @@ function useRebaseAuthController(props = {}) {
             if (customRoles) {
               userToSet = {
                 ...userToSet,
-                roles: customRoles.map((r) => r.id)
+                roles: customRoles
               };
             }
           }
         } catch (meError) {
           if (!isMountedRef.current) return;
+          if (meError instanceof AuthApiError && (meError.code === "NOT_FOUND" || meError.code === "UNAUTHORIZED")) {
+            clearSessionAndSignOut();
+            return;
+          }
           userToSet = convertToUser(stored.user);
         }
         if (!isMountedRef.current) return;
@@ -772,10 +771,10 @@ function useRebaseAuthController(props = {}) {
       emailPasswordLogin: true,
       googleLogin: !!props.googleClientId,
       registration: authConfig?.registrationEnabled ?? false,
-      passwordReset: true,
+      passwordReset: authConfig?.passwordReset ?? false,
       sessionManagement: true,
       profileUpdate: true,
-      emailVerification: false,
+      emailVerification: authConfig?.emailVerification ?? false,
       enabledProviders: authConfig?.enabledProviders ?? []
     }
   };
@@ -792,22 +791,29 @@ function convertUser(apiUser) {
     createdAt: apiUser.createdAt ? new Date(apiUser.createdAt) : null
   };
 }
-function convertRole(apiRole) {
-  return {
-    id: apiRole.id,
-    name: apiRole.name,
-    isAdmin: apiRole.isAdmin ?? false,
-    config: apiRole.config ?? void 0
-  };
-}
 function useBackendUserManagement(config) {
   const { client, apiUrl, getAuthToken, currentUser } = config;
-  const [users, setUsers] = useState([]);
-  const [roles, setRoles] = useState([]);
-  const [loading, setLoading] = useState(true);
+  const [userCache, setUserCache] = useState(/* @__PURE__ */ new Map());
+  const [hasAdminUsers, setHasAdminUsers] = useState(false);
+  const userRoles = currentUser?.roles ?? [];
+  const isUserAdmin = userRoles.some((r) => r === "admin" || r === "schema-admin");
+  const [loading, setLoading] = useState(() => {
+    if (!currentUser) return false;
+    if (!isUserAdmin) return false;
+    return true;
+  });
   const [usersError, setUsersError] = useState();
-  const [rolesError, setRolesError] = useState();
   const lastLoadedUidRef = useRef(null);
+  const effectiveLoading = loading || !!(currentUser && isUserAdmin && lastLoadedUidRef.current !== currentUser.uid);
+  const mergeIntoCache = useCallback((incoming) => {
+    setUserCache((prev) => {
+      const next = new Map(prev);
+      for (const u of incoming) {
+        next.set(u.uid, u);
+      }
+      return next;
+    });
+  }, []);
   const apiRequestRef = useRef(null);
   const apiRequest = useCallback(async (endpoint, method = "GET", body, retryCount = 6, signal) => {
     let lastError = null;
@@ -818,7 +824,7 @@ function useBackendUserManagement(config) {
         throw error;
       }
       try {
-        const token = getAuthToken ? await getAuthToken() : client ? await client.resolveToken() : null;
+        const token = getAuthToken ? await getAuthToken() : client?.resolveToken ? await client.resolveToken() : null;
         const baseUrl = apiUrl || (client?.baseUrl ? client.baseUrl : "");
         const response = await fetch(`${baseUrl}/api/admin${endpoint}`, {
           method,
@@ -877,37 +883,29 @@ function useBackendUserManagement(config) {
     throw lastError;
   }, [apiUrl, getAuthToken]);
   apiRequestRef.current = apiRequest;
-  useCallback(async (signal) => {
+  const checkAdminExists = useCallback(async (signal) => {
     try {
-      const data = await apiRequest("/roles", "GET", void 0, 6, signal);
-      setRoles(data.roles.map(convertRole));
-      setRolesError(void 0);
-    } catch (error) {
-      if (error instanceof Error && error.name === "AbortError") return;
-      console.error("Failed to load roles:", error);
-      setRolesError(error instanceof Error ? error : new Error(String(error)));
-    }
-  }, [apiRequest]);
-  const loadUsers = useCallback(async (signal) => {
-    try {
-      const data = await apiRequest("/users", "GET", void 0, 6, signal);
-      const allUsers = data.users.map((u) => convertUser(u));
-      setUsers(allUsers);
+      const data = await apiRequest("/users?role=admin&limit=1", "GET", void 0, 6, signal);
+      const adminUsers = data.users.map((u) => convertUser(u));
+      setHasAdminUsers(adminUsers.length > 0);
+      if (adminUsers.length > 0) {
+        mergeIntoCache(adminUsers);
+      }
       setUsersError(void 0);
     } catch (error) {
       if (error instanceof Error && error.name === "AbortError") return;
-      console.error("Failed to load users:", error);
+      console.error("Failed to check admin users:", error);
       setUsersError(error instanceof Error ? error : new Error(String(error)));
     }
-  }, [apiRequest]);
+  }, [apiRequest, mergeIntoCache]);
   useEffect(() => {
     if (!currentUser) {
       setLoading(false);
       return;
     }
-    const userRoles = currentUser.roles ?? [];
-    const isUserAdmin = userRoles.some((r) => r === "admin" || r === "schema-admin");
-    if (!isUserAdmin) {
+    const userRoles2 = currentUser.roles ?? [];
+    const isUserAdmin2 = userRoles2.some((r) => r === "admin" || r === "schema-admin");
+    if (!isUserAdmin2) {
       setLoading(false);
       return;
     }
@@ -919,30 +917,18 @@ function useBackendUserManagement(config) {
     const load = async () => {
       setLoading(true);
       const request = apiRequestRef.current;
-      try {
-        const data = await request("/roles", "GET", void 0, 6, abortController.signal);
-        setRoles(data.roles.map(convertRole));
-        setRolesError(void 0);
-      } catch (error) {
-        if (error instanceof Error && error.name === "AbortError") return;
-        console.error("Failed to load roles:", error);
-        setRolesError(error instanceof Error ? error : new Error(String(error)));
-        const status = error.status;
-        if (status === 403 || status === 401) {
-          setUsersError(error instanceof Error ? error : new Error(String(error)));
-          setLoading(false);
-          return;
-        }
-      }
       if (!abortController.signal.aborted) {
         try {
-          const data = await request("/users", "GET", void 0, 6, abortController.signal);
-          const allUsers = data.users.map((u) => convertUser(u));
-          setUsers(allUsers);
+          const data = await request("/users?role=admin&limit=1", "GET", void 0, 6, abortController.signal);
+          const adminUsers = data.users.map((u) => convertUser(u));
+          setHasAdminUsers(adminUsers.length > 0);
+          if (adminUsers.length > 0) {
+            mergeIntoCache(adminUsers);
+          }
           setUsersError(void 0);
         } catch (error) {
           if (error instanceof Error && error.name === "AbortError") return;
-          console.error("Failed to load users:", error);
+          console.error("Failed to check admin users:", error);
           setUsersError(error instanceof Error ? error : new Error(String(error)));
         }
       }
@@ -966,34 +952,24 @@ function useBackendUserManagement(config) {
     if (options.roleId) params.set("role", options.roleId);
     const qs = params.toString();
     const data = await apiRequest("/users" + (qs ? "?" + qs : ""), "GET");
+    const converted = data.users.map((u) => convertUser(u));
+    mergeIntoCache(converted);
     return {
-      users: data.users.map((u) => convertUser(u)),
+      users: converted,
       total: data.total
     };
-  }, [apiRequest]);
+  }, [apiRequest, mergeIntoCache]);
   const saveUser = useCallback(async (user) => {
     const roleIds = user.roles ?? [];
-    const existingUser = users.find((u) => u.uid === user.uid);
-    if (existingUser) {
-      const data = await apiRequest(`/users/${user.uid}`, "PUT", {
-        email: user.email,
-        displayName: user.displayName,
-        roles: roleIds
-      });
-      const updated = convertUser(data.user);
-      setUsers((prev) => prev.map((u) => u.uid === updated.uid ? updated : u));
-      return updated;
-    } else {
-      const data = await apiRequest("/users", "POST", {
-        email: user.email,
-        displayName: user.displayName,
-        roles: roleIds
-      });
-      const created = convertUser(data.user);
-      setUsers((prev) => [...prev, created]);
-      return created;
-    }
-  }, [apiRequest, users, roles]);
+    const data = await apiRequest(`/users/${user.uid}`, "PUT", {
+      email: user.email,
+      displayName: user.displayName,
+      roles: roleIds
+    });
+    const updated = convertUser(data.user);
+    mergeIntoCache([updated]);
+    return updated;
+  }, [apiRequest, mergeIntoCache]);
   const createUser = useCallback(async (user) => {
     const roleIds = user.roles ?? [];
     const data = await apiRequest("/users", "POST", {
@@ -1002,98 +978,78 @@ function useBackendUserManagement(config) {
       roles: roleIds
     });
     const created = convertUser(data.user);
-    setUsers((prev) => [...prev, created]);
+    mergeIntoCache([created]);
     return {
       user: created,
       invitationSent: data.invitationSent ?? false,
       temporaryPassword: data.temporaryPassword
     };
-  }, [apiRequest, roles]);
+  }, [apiRequest, mergeIntoCache]);
   const resetPassword2 = useCallback(async (user) => {
     const data = await apiRequest(`/users/${user.uid}/reset-password`, "POST");
     const updatedUser = convertUser(data.user);
-    setUsers((prev) => prev.map((u) => u.uid === updatedUser.uid ? updatedUser : u));
+    mergeIntoCache([updatedUser]);
     return {
       user: updatedUser,
       invitationSent: data.invitationSent ?? false,
       temporaryPassword: data.temporaryPassword
     };
-  }, [apiRequest]);
+  }, [apiRequest, mergeIntoCache]);
   const deleteUser = useCallback(async (user) => {
     await apiRequest(`/users/${user.uid}`, "DELETE");
-    setUsers((prev) => prev.filter((u) => u.uid !== user.uid));
-  }, [apiRequest]);
-  const saveRole = useCallback(async (role) => {
-    const existingRole = roles.find((r) => r.id === role.id);
-    if (existingRole) {
-      const data = await apiRequest(`/roles/${role.id}`, "PUT", {
-        name: role.name,
-        isAdmin: role.isAdmin,
-        config: role.config
-      });
-      const updated = convertRole(data.role);
-      setRoles((prev) => prev.map((r) => r.id === updated.id ? updated : r));
-    } else {
-      const data = await apiRequest("/roles", "POST", {
-        id: role.id,
-        name: role.name,
-        isAdmin: role.isAdmin ?? false,
-        config: role.config
-      });
-      const created = convertRole(data.role);
-      setRoles((prev) => [...prev, created]);
-    }
-  }, [apiRequest, roles]);
-  const deleteRole = useCallback(async (role) => {
-    await apiRequest(`/roles/${role.id}`, "DELETE");
-    setRoles((prev) => prev.filter((r) => r.id !== role.id));
+    setUserCache((prev) => {
+      const next = new Map(prev);
+      next.delete(user.uid);
+      return next;
+    });
   }, [apiRequest]);
   const getUser = useCallback((uid) => {
-    return users.find((u) => u.uid === uid) ?? null;
-  }, [users]);
+    return userCache.get(uid) ?? null;
+  }, [userCache]);
   const defineRolesFor = useCallback(async (user) => {
-    const existingUser = users.find((u) => u.uid === user.uid || u.email === user.email);
-    if (!existingUser) return void 0;
+    let existingUser = userCache.get(user.uid) ?? Array.from(userCache.values()).find((u) => u.email === user.email);
+    if (!existingUser) {
+      try {
+        const data = await apiRequest(`/users/${user.uid}`, "GET");
+        existingUser = convertUser(data.user);
+        mergeIntoCache([existingUser]);
+      } catch {
+        return void 0;
+      }
+    }
     const userRoleIds = existingUser.roles ?? [];
-    return roles.filter((r) => userRoleIds.includes(r.id));
-  }, [users, roles]);
+    return userRoleIds;
+  }, [userCache, apiRequest, mergeIntoCache]);
   const isAdmin = currentUser?.roles?.includes("admin") ?? false;
   const bootstrapAdmin = useCallback(async () => {
     try {
       await apiRequest("/bootstrap", "POST");
-      const data = await apiRequest("/roles");
-      const loadedRoles = data.roles.map(convertRole);
-      setRoles(loadedRoles);
-      await loadUsers();
+      await checkAdminExists();
     } catch (error) {
       console.error("Failed to bootstrap admin:", error);
       throw error;
     }
-  }, [apiRequest, loadUsers]);
+  }, [apiRequest, checkAdminExists]);
+  const users = Array.from(userCache.values());
   return {
-    loading,
+    loading: effectiveLoading,
     users,
+    hasAdminUsers,
     saveUser,
     createUser,
     resetPassword: resetPassword2,
     deleteUser,
-    roles,
-    saveRole,
-    deleteRole,
     isAdmin,
     allowDefaultRolesCreation: isAdmin,
-    includeCollectionConfigPermissions: true,
     defineRolesFor,
     getUser,
     searchUsers,
     usersError,
-    rolesError,
     bootstrapAdmin
   };
 }
 export {
   AuthApiError,
-  clearAuthConfigCache,
   fetchAuthConfig,
   getApiUrl,
   setApiUrl,