@revenexx/cover 0.1.13 → 0.1.15

package/app/components/auth/AuthForgotPasswordPanel.vue

@@ -19,8 +19,6 @@ const state = reactive<ForgotPasswordFormState>({
 	email: "",
 });
 
-const { validate } = useFormValidation<ForgotPasswordFormState>("forgotPassword");
-
 async function onSubmit(): Promise<void> {
 	try {
 		const url = new URL(localePath("/reset-password"), window.location.origin).toString();
@@ -39,25 +37,21 @@ async function onSubmit(): Promise<void> {
 			{{ t('auth.forgotPassword.title') }}
 		</h2>
 
-		<UForm
-			:state="state"
-			:validate="validate"
+		<FormKit
+			type="form"
+			:actions="false"
 			class="space-y-4 pt-6"
 			@submit="onSubmit"
 		>
-			<UFormField
+			<FormKit
+				v-model="state.email"
+				type="email"
 				:label="t('auth.forgotPassword.fields.email')"
 				name="email"
-				required
-			>
-				<UInput
-					v-model="state.email"
-					type="email"
-					autocomplete="email"
-					class="w-full"
-					:placeholder="t('auth.forgotPassword.fields.emailPlaceholder')"
-				/>
-			</UFormField>
+				validation="required|email"
+				autocomplete="email"
+				:placeholder="t('auth.forgotPassword.fields.emailPlaceholder')"
+			/>
 
 			<UAlert
 				v-if="error"
@@ -83,6 +77,6 @@ async function onSubmit(): Promise<void> {
 					{{ t('auth.forgotPassword.backToLogin') }}
 				</NuxtLink>
 			</div>
-		</UForm>
+		</FormKit>
 	</div>
 </template>

package/app/components/auth/AuthLoginPanel.vue

@@ -20,8 +20,6 @@ const state = reactive<LoginFormState>({
 	password: "",
 });
 
-const { validate } = useFormValidation<LoginFormState>("login");
-
 async function onSubmit(): Promise<void> {
 	try {
 		await auth.login({
@@ -42,37 +40,31 @@ async function onSubmit(): Promise<void> {
 			{{ t('auth.login.existingCustomer') }}
 		</h2>
 
-		<UForm
-			:state="state"
-			:validate="validate"
+		<FormKit
+			type="form"
+			:actions="false"
 			class="space-y-4 pt-6"
 			@submit="onSubmit"
 		>
-			<UFormField
+			<FormKit
+				v-model="state.email"
+				type="email"
 				:label="t('auth.login.fields.email')"
 				name="email"
-				required
-			>
-				<UInput
-					v-model="state.email"
-					type="email"
-					autocomplete="email"
-					class="w-full"
-					:placeholder="t('auth.login.fields.emailPlaceholder')"
-				/>
-			</UFormField>
+				validation="required|email"
+				autocomplete="email"
+				:placeholder="t('auth.login.fields.emailPlaceholder')"
+			/>
 
-			<UFormField
+			<FormKit
+				v-model="state.password"
+				type="password"
 				:label="t('auth.login.fields.password')"
 				name="password"
-				required
-			>
-				<UiFormsPasswordInput
-					v-model="state.password"
-					autocomplete="current-password"
-					:placeholder="t('auth.login.fields.passwordPlaceholder')"
-				/>
-			</UFormField>
+				validation="required|length:8"
+				autocomplete="current-password"
+				:placeholder="t('auth.login.fields.passwordPlaceholder')"
+			/>
 
 			<UAlert
 				v-if="error"
@@ -98,6 +90,6 @@ async function onSubmit(): Promise<void> {
 					{{ t('auth.login.forgotPassword') }}
 				</NuxtLink>
 			</div>
-		</UForm>
+		</FormKit>
 	</div>
 </template>

package/app/components/auth/AuthResetPasswordPanel.vue

@@ -27,8 +27,6 @@ const state = reactive<ResetPasswordFormState>({
 	passwordConfirm: "",
 });
 
-const { validate } = useFormValidation<ResetPasswordFormState>("resetPassword");
-
 async function onSubmit(): Promise<void> {
 	try {
 		await auth.confirmRecovery(props.userId, props.secret, state.password);
@@ -54,37 +52,32 @@ async function onSubmit(): Promise<void> {
 			:title="t('auth.resetPassword.errors.invalidLink')"
 		/>
 
-		<UForm
+		<FormKit
 			v-else
-			:state="state"
-			:validate="validate"
+			type="form"
+			:actions="false"
 			class="space-y-4 pt-6"
 			@submit="onSubmit"
 		>
-			<UFormField
+			<FormKit
+				v-model="state.password"
+				type="password"
 				:label="t('auth.resetPassword.fields.password')"
 				name="password"
-				required
-			>
-				<UiFormsPasswordInput
-					v-model="state.password"
-					autocomplete="new-password"
-					:placeholder="t('auth.resetPassword.fields.passwordPlaceholder')"
-					show-strength
-				/>
-			</UFormField>
+				validation="required|length:8"
+				autocomplete="new-password"
+				:placeholder="t('auth.resetPassword.fields.passwordPlaceholder')"
+			/>
 
-			<UFormField
+			<FormKit
+				v-model="state.passwordConfirm"
+				type="password"
 				:label="t('auth.resetPassword.fields.passwordConfirm')"
 				name="passwordConfirm"
-				required
-			>
-				<UiFormsPasswordInput
-					v-model="state.passwordConfirm"
-					autocomplete="new-password"
-					:placeholder="t('auth.resetPassword.fields.passwordConfirmPlaceholder')"
-				/>
-			</UFormField>
+				validation="required|confirm:password"
+				autocomplete="new-password"
+				:placeholder="t('auth.resetPassword.fields.passwordConfirmPlaceholder')"
+			/>
 
 			<UAlert
 				v-if="error"
@@ -110,6 +103,6 @@ async function onSubmit(): Promise<void> {
 					{{ t('auth.forgotPassword.backToLogin') }}
 				</NuxtLink>
 			</div>
-		</UForm>
+		</FormKit>
 	</div>
 </template>

package/app/interfaces/auth.ts

@@ -10,6 +10,12 @@ export interface AuthUser {
 	name: string;
 	email: string;
 	role?: AuthRole;
+	/** The customers-app contact (system of record for orders/cart ownership).
+	 * Lets server routes attribute actions to the contact even when the session
+	 * cookie predates the contact link. */
+	contactId?: string;
+	/** The contact's B2B organization, when one applies. */
+	organizationId?: string;
 }
 
 /**

package/app/plugins/auth-init.client.ts

@@ -0,0 +1,7 @@
+export default defineNuxtPlugin(() => {
+	const auth = useAuthStore();
+	const cart = useCartStore();
+	// auth.init() must complete first: it detects auth-session expiry and clears
+	// the cart (case 2) before cart.initFromServer() tries to restore from server.
+	void auth.init().then(() => cart.initFromServer());
+});

package/app/plugins/auth-session.server.ts

@@ -0,0 +1,24 @@
+import { getCookie } from "h3";
+
+import type { StoredSession } from "../interfaces/auth";
+
+export default defineNuxtPlugin(() => {
+	const event = useRequestEvent();
+	if (!event) {
+		return;
+	}
+
+	const raw = getCookie(event, "cover-session");
+	if (!raw) {
+		return;
+	}
+
+	try {
+		const parsed = JSON.parse(raw) as StoredSession;
+		const auth = useAuthStore();
+		auth.session = parsed;
+	}
+	catch {
+		// Invalid cookie value — ignore
+	}
+});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@revenexx/cover",
-  "version": "0.1.13",
+  "version": "0.1.15",
   "description": "Cover \u2014 revenexx design system for Nuxt. Distributed as a Nuxt layer: generic UI components, theming tokens and stores shared by the demo shop, custom storefronts and the Blokkli theme.",
   "type": "module",
   "main": "./nuxt.config.ts",

package/server/api/account/orders.get.ts

@@ -6,7 +6,15 @@ const LIVE_HISTORY_LIMIT = 20;
 export default defineEventHandler(async (event): Promise<AccountOrderListResponse> => {
 	if (resolveOrderServiceKey(event) === "api") {
 		const refs = sessionOrderRefs(event);
-		if (!refs.contact_id) {
+		// Mirror the order-placement fallback: when the session cookie carries no
+		// contact link, resolve it from the authenticated user — otherwise a
+		// logged-in customer with a late-linked contact sees an empty history.
+		let contactId = refs.contact_id;
+		if (!contactId) {
+			const user = await getAuthService(event).me(event);
+			contactId = user?.contactId;
+		}
+		if (!contactId) {
 			return { orders: [] };
 		}
 		try {
@@ -14,7 +22,7 @@ export default defineEventHandler(async (event): Promise<AccountOrderListRespons
 			// Raw call: orders.list does not declare its query parameters in
 			// the contract yet, so ordersList() cannot filter by contact.
 			const { items } = await sdk.call<{ items: LiveOrder[] }>("GET", "/v1/orders", {
-				query: { contact_id: refs.contact_id, limit: LIVE_HISTORY_LIMIT },
+				query: { contact_id: contactId, limit: LIVE_HISTORY_LIMIT },
 			});
 			// The list rows carry no positions — load the aggregates (the
 			// history is capped, so this stays a bounded fan-out).

package/server/api/orders/index.post.ts

@@ -205,9 +205,17 @@ export default defineEventHandler(async (event) => {
 			const shippingRow = calculation.totals.find(row => row.key === "shipping");
 			try {
 				const refs = sessionOrderRefs(event);
+				// Attribute the order to the acting contact. The session cookie is
+				// the fast path, but it can lack the contact link (cookie predates
+				// the contact, or login resolved it late) — fall back to the
+				// authenticated user's resolved contact so a logged-in order is
+				// never stored contactless (which would orphan it from the account
+				// order history, filtered strictly by contact_id).
+				const contactId = refs.contact_id ?? user?.contactId;
+				const organizationId = refs.organization_id ?? user?.organizationId;
 				const placed = await useRevenexxSdk().orders.ordersPlace({
-					...(refs.contact_id ? { contactId: refs.contact_id } : {}),
-					...(refs.organization_id ? { organizationId: refs.organization_id } : {}),
+					...(contactId ? { contactId } : {}),
+					...(organizationId ? { organizationId } : {}),
 					currency: calculation.currency,
 					...(body.orderNumber ? { customerOrderNumber: body.orderNumber } : {}),
 					buyer: user ? { name: user.name, email: user.email } : { email: body.contactEmail ?? null },

package/server/services/ApiAuthService.ts

@@ -106,6 +106,8 @@ export class ApiAuthService implements IAuthService {
 				name: contactName(contact, user.name ?? user.email),
 				email: user.email,
 				role: toAuthRole(contact?.role),
+				...(contact?.id ? { contactId: contact.id } : {}),
+				...(contact?.organization_id ? { organizationId: contact.organization_id } : {}),
 			};
 		}
 		catch (err) {

package/app/composables/useFormValidation.ts

@@ -1,29 +0,0 @@
-import type { FormError } from "@nuxt/ui";
-
-import type { FormKey } from "../interfaces/validation";
-import { formValidationConfig } from "../validations/formValidationConfig";
-
-export function useFormValidation<TState extends object>(formKey: FormKey) {
-	const { t } = useI18n();
-	const config = formValidationConfig[formKey];
-
-	function validate(state: TState): FormError[] {
-		const errors: FormError[] = [];
-		const stateRecord = state as Record<string, unknown>;
-		for (const fieldConfig of config) {
-			const value = stateRecord[fieldConfig.field];
-			for (const rule of fieldConfig.rules) {
-				const key = rule.kind === "cross"
-					? rule.fn(value, stateRecord, rule.options)
-					: rule.fn(value, rule.options);
-				if (key !== null) {
-					errors.push({ name: fieldConfig.field, message: t(key, rule.options ?? {}) });
-					break;
-				}
-			}
-		}
-		return errors;
-	}
-
-	return { validate };
-}

package/app/interfaces/validation.ts

@@ -1,14 +0,0 @@
-import type { CrossFieldValidator, SimpleValidator } from "../validations/types";
-
-export type FormKey = "login" | "forgotPassword" | "resetPassword";
-
-export interface FieldValidationRule {
-	readonly kind: "simple" | "cross";
-	readonly fn: SimpleValidator | CrossFieldValidator;
-	readonly options?: Readonly<Record<string, unknown>>;
-}
-
-export interface FieldConfig {
-	readonly field: string;
-	readonly rules: ReadonlyArray<FieldValidationRule>;
-}

package/app/validations/emailFormat.ts

@@ -1,10 +0,0 @@
-import { EMAIL_VALIDATION_REGEX } from "../shared/constants";
-
-import type { SimpleValidator } from "./types";
-
-export const emailFormat: SimpleValidator = (value) => {
-	if (typeof value !== "string" || !EMAIL_VALIDATION_REGEX.test(value)) {
-		return "auth.register.errors.emailFormat";
-	}
-	return null;
-};

package/app/validations/formValidationConfig.ts

@@ -1,20 +0,0 @@
-import type { FieldConfig, FormKey } from "../interfaces/validation";
-
-import { emailFormat } from "./emailFormat";
-import { minLength } from "./minLength";
-import { passwordsMatch } from "./passwordsMatch";
-import { required } from "./required";
-
-export const formValidationConfig: Record<FormKey, FieldConfig[]> = {
-	login: [
-		{ field: "email", rules: [{ kind: "simple", fn: required }, { kind: "simple", fn: emailFormat }] },
-		{ field: "password", rules: [{ kind: "simple", fn: required }, { kind: "simple", fn: minLength, options: { min: 8 } }] },
-	],
-	forgotPassword: [
-		{ field: "email", rules: [{ kind: "simple", fn: required }, { kind: "simple", fn: emailFormat }] },
-	],
-	resetPassword: [
-		{ field: "password", rules: [{ kind: "simple", fn: required }, { kind: "simple", fn: minLength, options: { min: 8 } }] },
-		{ field: "passwordConfirm", rules: [{ kind: "cross", fn: passwordsMatch }] },
-	],
-};

package/app/validations/minLength.ts

@@ -1,9 +0,0 @@
-import type { SimpleValidator } from "./types";
-
-export const minLength: SimpleValidator = (value, options) => {
-	const min = (options?.min as number) ?? 0;
-	if (typeof value !== "string" || value.length < min) {
-		return "minLength";
-	}
-	return null;
-};

package/app/validations/passwordsMatch.ts

@@ -1,5 +0,0 @@
-import type { CrossFieldValidator } from "./types";
-
-export const passwordsMatch: CrossFieldValidator = (value, state) => {
-	return value !== state.password ? "auth.register.errors.passwordsMismatch" : null;
-};

package/app/validations/required.ts

@@ -1,11 +0,0 @@
-import type { SimpleValidator } from "./types";
-
-export const required: SimpleValidator = (value) => {
-	if (typeof value === "boolean") {
-		return value === false ? "required" : null;
-	}
-	if (typeof value === "string") {
-		return value.trim() === "" ? "required" : null;
-	}
-	return value === null || value === undefined ? "required" : null;
-};

package/app/validations/types.ts

@@ -1,10 +0,0 @@
-export type SimpleValidator = (
-	value: unknown,
-	options?: Record<string, unknown>,
-) => string | null;
-
-export type CrossFieldValidator = (
-	value: unknown,
-	state: Record<string, unknown>,
-	options?: Record<string, unknown>,
-) => string | null;