@robelest/convex-auth 0.0.2-preview.0 → 0.0.2-preview.2

package/dist/bin.cjs

@@ -27170,7 +27170,7 @@ new Command().name("@robelest/convex-auth").description(
   await configureSiteUrl(config, options.siteUrl);
   await configureKeys(config);
   await modifyTsConfig(config);
-  await configureAuthConfig(config);
+  await configureConvexConfig(config);
   await initializeAuth(config);
   await configureHttp(config);
   if (options.variables !== void 0) {
@@ -27378,27 +27378,27 @@ function addCompilerOption(tsconfig, existingValue, pattern, optionAndValue) {
     return tsconfig.replace(pattern, optionAndValue);
   }
 }
-async function configureAuthConfig(config) {
-  logStep(config, "Configure auth config file");
-  const sourceTemplate = `export default {
-  providers: [$$
-    {
-      domain: process.env.CONVEX_SITE_URL,
-      applicationID: "convex",
-    },$$
-  ],
-};
+async function configureConvexConfig(config) {
+  logStep(config, "Configure convex config file");
+  const sourceTemplate = `import { defineApp } from "convex/server";
+import auth from "@robelest/convex-auth/component/convex.config";
+
+const app = defineApp();
+
+app.use(auth);
+
+export default app;
 `;
   const source = templateToSource(sourceTemplate);
-  const authConfigPath = import_path.default.join(config.convexFolderPath, "auth.config");
-  const existingConfigPath = await existingNonEmptySourcePath(authConfigPath);
+  const convexConfigPath = import_path.default.join(config.convexFolderPath, "convex.config");
+  const existingConfigPath = await existingNonEmptySourcePath(convexConfigPath);
   if (existingConfigPath !== null) {
     const existingConfig = (0, import_fs2.readFileSync)(existingConfigPath, "utf8");
     if (doesAlreadyMatchTemplate(existingConfig, sourceTemplate)) {
       logSuccess(`The ${source_default.bold(existingConfigPath)} is already set up.`);
     } else {
       logInfo(
-        `You already have a ${source_default.bold(existingConfigPath)}, make sure the \`providers\` include the following config:`
+        `You already have a ${source_default.bold(existingConfigPath)}, make sure it registers the auth component like this:`
       );
       print(indent(`
 ${source}
@@ -27406,7 +27406,7 @@ ${source}
       await promptForConfirmationOrExit("Ready to continue?");
     }
   } else {
-    const newConfigPath = config.usesTypeScript ? `${authConfigPath}.ts` : `${authConfigPath}.js`;
+    const newConfigPath = config.usesTypeScript ? `${convexConfigPath}.ts` : `${convexConfigPath}.js`;
     (0, import_fs2.writeFileSync)(newConfigPath, source);
     logSuccess(`Created ${source_default.bold(newConfigPath)}`);
   }
@@ -27414,8 +27414,10 @@ ${source}
 async function initializeAuth(config) {
   logStep(config, "Initialize auth file");
   const sourceTemplate = `import { Auth } from "@robelest/convex-auth/component";
+import { components } from "./_generated/api";
 
 export const { auth, signIn, signOut, store } = Auth({$$
+  component: components.auth,$$
   providers: [$$],$$
 });
 `;

package/dist/client/index.d.ts

@@ -1,49 +1,103 @@
-import { FunctionReference, OptionalRestArgs } from "convex/server";
 import { Value } from "convex/values";
-type AuthActionCaller = {
-    authenticatedCall<Action extends FunctionReference<"action", "public">>(action: Action, ...args: OptionalRestArgs<Action>): Promise<Action["_returnType"]>;
-    unauthenticatedCall<Action extends FunctionReference<"action", "public">>(action: Action, ...args: OptionalRestArgs<Action>): Promise<Action["_returnType"]>;
-    verbose?: boolean;
-    logger?: {
-        logVerbose?: (message: string) => void;
-    };
-};
-export interface TokenStorage {
+/**
+ * Structural interface for any Convex client.
+ * Satisfied by both `ConvexClient` (`convex/browser`) and
+ * `ConvexReactClient` (`convex/react`).
+ */
+interface ConvexTransport {
+    action(action: any, args: any): Promise<any>;
+    setAuth(fetchToken: (args: {
+        forceRefreshToken: boolean;
+    }) => Promise<string | null | undefined>, onChange?: (isAuthenticated: boolean) => void): void;
+    clearAuth(): void;
+}
+/** Pluggable key-value storage (defaults to `localStorage`). */
+export interface Storage {
     getItem(key: string): string | null | undefined | Promise<string | null | undefined>;
     setItem(key: string, value: string): void | Promise<void>;
     removeItem(key: string): void | Promise<void>;
 }
-export type AuthSession = {
-    token: string;
-    refreshToken: string;
-};
-export type SignInResult = {
+type SignInResult = {
     signingIn: boolean;
     redirect?: URL;
 };
-export type AuthSnapshot = {
+/** Reactive auth state snapshot returned by `auth.state` and `auth.onChange`. */
+export type AuthState = {
     isLoading: boolean;
     isAuthenticated: boolean;
     token: string | null;
 };
-export type AuthClientOptions = {
-    transport: AuthActionCaller;
-    storage?: TokenStorage | null;
-    storageNamespace: string;
+/** Options for {@link client}. */
+export type ClientOptions = {
+    /** Any Convex client (`ConvexClient` or `ConvexReactClient`). */
+    convex: ConvexTransport;
+    /**
+     * Convex deployment URL. Derived automatically from the client internals
+     * when omitted — pass explicitly only if auto-detection fails.
+     */
+    url?: string;
+    /**
+     * Key-value storage for persisting tokens.
+     *
+     * - Defaults to `localStorage` in SPA mode.
+     * - Defaults to `null` (in-memory only) when `proxy` is set,
+     *   since httpOnly cookies handle persistence.
+     */
+    storage?: Storage | null;
+    /** Override how the URL bar is updated after OAuth code exchange. */
     replaceURL?: (relativeUrl: string) => void | Promise<void>;
-    shouldHandleCode?: (() => boolean) | boolean;
-    onChange?: () => Promise<unknown>;
+    /**
+     * SSR proxy endpoint (e.g. `"/api/auth"`).
+     *
+     * When set, `signIn`/`signOut`/token refresh POST to this URL
+     * (with `credentials: "include"`) instead of calling Convex directly.
+     * The server handles httpOnly cookies for token persistence.
+     *
+     * Pair with {@link ClientOptions.token} for flash-free SSR hydration.
+     */
+    proxy?: string;
+    /**
+     * JWT from server-side hydration.
+     *
+     * In proxy mode the server reads the JWT from an httpOnly cookie
+     * and passes it to the client during SSR. This avoids a loading
+     * flash on first render — the client is immediately authenticated.
+     */
+    token?: string | null;
 };
-export declare function createAuthClient(options: AuthClientOptions): {
+/**
+ * Create a framework-agnostic auth client.
+ *
+ * ### SPA mode (default)
+ *
+ * ```ts
+ * import { ConvexClient } from 'convex/browser'
+ * import { client } from '\@robelest/convex-auth/client'
+ *
+ * const convex = new ConvexClient(CONVEX_URL)
+ * const auth = client({ convex })
+ * ```
+ *
+ * ### SSR / proxy mode
+ *
+ * ```ts
+ * const auth = client({
+ *   convex,
+ *   proxy: '/api/auth',
+ *   initialToken: tokenFromServer, // read from httpOnly cookie during SSR
+ * })
+ * ```
+ *
+ * In proxy mode all auth operations go through the proxy URL.
+ * Tokens are stored in httpOnly cookies server-side — the client
+ * only holds the JWT in memory.
+ */
+export declare function client(options: ClientOptions): {
+    /** Current auth state snapshot. */
+    readonly state: AuthState;
     signIn: (provider?: string, args?: FormData | Record<string, Value>) => Promise<SignInResult>;
     signOut: () => Promise<void>;
-    fetchAccessToken: ({ forceRefreshToken, }: {
-        forceRefreshToken: boolean;
-    }) => Promise<string | null>;
-    handleCodeFlow: () => Promise<void>;
-    hydrateFromStorage: () => Promise<void>;
-    getSnapshot: () => AuthSnapshot;
-    subscribe: (cb: () => void) => () => boolean;
+    onChange: (cb: (state: AuthState) => void) => (() => void);
 };
 export {};
 //# sourceMappingURL=index.d.ts.map

package/dist/client/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACpE,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAMtC,KAAK,gBAAgB,GAAG;IACtB,iBAAiB,CAAC,MAAM,SAAS,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,EACpE,MAAM,EAAE,MAAM,EACd,GAAG,IAAI,EAAE,gBAAgB,CAAC,MAAM,CAAC,GAChC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;IAClC,mBAAmB,CAAC,MAAM,SAAS,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,EACtE,MAAM,EAAE,MAAM,EACd,GAAG,IAAI,EAAE,gBAAgB,CAAC,MAAM,CAAC,GAChC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;IAClC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,MAAM,CAAC,EAAE;QACP,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;KACxC,CAAC;CACH,CAAC;AAEF,MAAM,WAAW,YAAY;IAC3B,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,GAAG,SAAS,CAAC,CAAC;IACrF,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1D,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC/C;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,GAAG,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,eAAe,EAAE,OAAO,CAAC;IACzB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,SAAS,EAAE,gBAAgB,CAAC;IAC5B,OAAO,CAAC,EAAE,YAAY,GAAG,IAAI,CAAC;IAC9B,gBAAgB,EAAE,MAAM,CAAC;IACzB,UAAU,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3D,gBAAgB,CAAC,EAAE,CAAC,MAAM,OAAO,CAAC,GAAG,OAAO,CAAC;IAC7C,QAAQ,CAAC,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;CACnC,CAAC;AASF,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,iBAAiB;wBAoI5C,MAAM,SACV,QAAQ,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,KACtC,OAAO,CAAC,YAAY,CAAC;;+CAiDrB;QACD,iBAAiB,EAAE,OAAO,CAAC;KAC5B,KAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;;;uBAoDF,YAAY;oBAEb,MAAM,IAAI;EA8BlC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAEtC;;;;GAIG;AACH,UAAU,eAAe;IACvB,MAAM,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IAC7C,OAAO,CACL,UAAU,EAAE,CAAC,IAAI,EAAE;QACjB,iBAAiB,EAAE,OAAO,CAAC;KAC5B,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,GAAG,SAAS,CAAC,EACxC,QAAQ,CAAC,EAAE,CAAC,eAAe,EAAE,OAAO,KAAK,IAAI,GAC5C,IAAI,CAAC;IACR,SAAS,IAAI,IAAI,CAAC;CACnB;AAED,gEAAgE;AAChE,MAAM,WAAW,OAAO;IACtB,OAAO,CACL,GAAG,EAAE,MAAM,GACV,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,GAAG,SAAS,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1D,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC/C;AAOD,KAAK,YAAY,GAAG;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,GAAG,CAAC;CAChB,CAAC;AAEF,iFAAiF;AACjF,MAAM,MAAM,SAAS,GAAG;IACtB,SAAS,EAAE,OAAO,CAAC;IACnB,eAAe,EAAE,OAAO,CAAC;IACzB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB,CAAC;AAEF,kCAAkC;AAClC,MAAM,MAAM,aAAa,GAAG;IAC1B,iEAAiE;IACjE,MAAM,EAAE,eAAe,CAAC;IACxB;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;;;;;OAMG;IACH,OAAO,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;IACzB,qEAAqE;IACrE,UAAU,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3D;;;;;;;;OAQG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;;;;;;OAMG;IACH,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACvB,CAAC;AAyBF;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAgB,MAAM,CAAC,OAAO,EAAE,aAAa;IAoazC,mCAAmC;oBACtB,SAAS;wBAlPX,MAAM,SACV,QAAQ,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,KACtC,OAAO,CAAC,YAAY,CAAC;;mBA4LF,CAAC,KAAK,EAAE,SAAS,KAAK,IAAI,KAAG,CAAC,MAAM,IAAI,CAAC;EA2DhE"}