@rovela-ai/sdk 0.2.1 → 0.3.1

package/dist/admin/config.js

@@ -25,18 +25,23 @@ const DEFAULT_SESSION_MAX_AGE = 8 * 60 * 60;
 /**
  * Create NextAuth options for store admin authentication.
  *
- * @param options - Configuration options
- * @returns NextAuth options object
+ * @deprecated The Rovela sandbox template mounts exactly ONE NextAuth
+ * endpoint at `/api/auth/[...nextauth]`, wired to `createAuthOptions()`
+ * from `@rovela-ai/sdk/auth` — which already knows both the `credentials`
+ * and `admin-credentials` providers. `requireAdmin()` reads sessions via
+ * that same unified config, so the cookie name and SameSite policy match
+ * between write and read.
  *
- * @example
- * ```typescript
- * // app/api/admin/auth/[...nextauth]/route.ts
- * import NextAuth from 'next-auth'
- * import { createAdminAuthOptions } from '@rovela/sdk/admin'
+ * Mounting a separate `/api/admin/auth/[...nextauth]` with this function
+ * creates a second cookie namespace that will NOT be read by
+ * `requireAdmin()`. Every admin API call will return 401.
  *
- * const handler = NextAuth(createAdminAuthOptions())
- * export { handler as GET, handler as POST }
- * ```
+ * Use `createAuthOptions()` from `@rovela-ai/sdk/auth` instead. This
+ * function is kept to preserve SDK API compatibility for existing
+ * consumers and will be removed in a future major release.
+ *
+ * @param options - Configuration options
+ * @returns NextAuth options object
  */
 export function createAdminAuthOptions(options = {}) {
     const { sessionMaxAge = DEFAULT_SESSION_MAX_AGE, signInPage = '/admin/login', errorPage = '/admin/login', dashboardPage = '/admin', } = options;
@@ -59,12 +64,16 @@ export function createAdminAuthOptions(options = {}) {
                         // Throw error with specific code for frontend handling
                         throw new Error(result.error, { cause: result.code });
                     }
-                    // Return user object for session
+                    // Return user object for session. `sessionVersion` is embedded
+                    // in the JWT at sign-in so `requireAdmin` can detect forced
+                    // logouts after password changes (Phase 4).
+                    const sessionVersion = result.admin.sessionVersion ?? 0;
                     return {
                         id: result.admin.id,
                         email: result.admin.email,
                         name: result.admin.name,
                         role: result.admin.role,
+                        sessionVersion,
                     };
                 },
             }),
@@ -76,6 +85,22 @@ export function createAdminAuthOptions(options = {}) {
         jwt: {
             maxAge: sessionMaxAge,
         },
+        // Distinct cookie name from the customer auth config so admin and
+        // customer sessions never collide in the same app. Before this fix,
+        // both configs used NextAuth's default cookie name which caused
+        // subtle auth bugs. `__Secure-` prefix is auto-added in production
+        // (https) by NextAuth; we specify the base name here.
+        cookies: {
+            sessionToken: {
+                name: 'rovela.admin.session-token',
+                options: {
+                    httpOnly: true,
+                    sameSite: 'lax',
+                    path: '/',
+                    secure: process.env.NODE_ENV === 'production',
+                },
+            },
+        },
         pages: {
             signIn: signInPage,
             error: errorPage,
@@ -91,6 +116,7 @@ export function createAdminAuthOptions(options = {}) {
                     adminToken.email = user.email ?? undefined;
                     adminToken.name = user.name ?? undefined;
                     adminToken.role = adminUser.role;
+                    adminToken.sessionVersion = adminUser.sessionVersion ?? 0;
                 }
                 return token;
             },
@@ -103,6 +129,7 @@ export function createAdminAuthOptions(options = {}) {
                     user.email = adminToken.email;
                     user.name = adminToken.name;
                     user.role = adminToken.role;
+                    user.sessionVersion = adminToken.sessionVersion ?? 0;
                 }
                 return session;
             },

package/dist/admin/config.js.map

@@ -1 +1 @@
-{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/admin/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH,OAAO,mBAAmB,MAAM,iCAAiC,CAAA;AACjE,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAA;AAG/E,gFAAgF;AAChF,YAAY;AACZ,gFAAgF;AAEhF;;;GAGG;AACH,MAAM,uBAAuB,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,CAAA;AAE3C,gFAAgF;AAChF,qBAAqB;AACrB,gFAAgF;AAEhF;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,sBAAsB,CAAC,UAAkC,EAAE;IACzE,MAAM,EACJ,aAAa,GAAG,uBAAuB,EACvC,UAAU,GAAG,cAAc,EAC3B,SAAS,GAAG,cAAc,EAC1B,aAAa,GAAG,QAAQ,GACzB,GAAG,OAAO,CAAA;IAEX,OAAO;QACL,SAAS,EAAE;YACT,mBAAmB,CAAC;gBAClB,4DAA4D;gBAC5D,EAAE,EAAE,mBAAmB;gBACvB,IAAI,EAAE,mBAAmB;gBACzB,WAAW,EAAE;oBACX,KAAK,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE;oBACxC,QAAQ,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE;iBAClD;gBACD,KAAK,CAAC,SAAS,CAAC,WAAW;oBACzB,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,WAAW,EAAE,QAAQ,EAAE,CAAC;wBAClD,OAAO,IAAI,CAAA;oBACb,CAAC;oBAED,MAAM,MAAM,GAAG,MAAM,iBAAiB,CACpC,WAAW,CAAC,KAAK,EACjB,WAAW,CAAC,QAAQ,CACrB,CAAA;oBAED,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;wBACpB,uDAAuD;wBACvD,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,CAAA;oBACvD,CAAC;oBAED,iCAAiC;oBACjC,OAAO;wBACL,EAAE,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE;wBACnB,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,KAAK;wBACzB,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI;wBACvB,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI;qBACL,CAAA;gBACtB,CAAC;aACF,CAAC;SACH;QAED,OAAO,EAAE;YACP,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,aAAa;SACtB;QAED,GAAG,EAAE;YACH,MAAM,EAAE,aAAa;SACtB;QAED,KAAK,EAAE;YACL,MAAM,EAAE,UAAU;YAClB,KAAK,EAAE,SAAS;SACjB;QAED,SAAS,EAAE;YACT,KAAK,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE;gBACvB,6CAA6C;gBAC7C,MAAM,UAAU,GAAG,KAA4B,CAAA;gBAE/C,kBAAkB;gBAClB,IAAI,IAAI,EAAE,CAAC;oBACT,MAAM,SAAS,GAAG,IAAiB,CAAA;oBACnC,UAAU,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAA;oBACvB,UAAU,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,SAAS,CAAA;oBAC1C,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,SAAS,CAAA;oBACxC,UAAU,CAAC,IAAI,GAAG,SAAS,CAAC,IAAI,CAAA;gBAClC,CAAC;gBAED,OAAO,KAAK,CAAA;YACd,CAAC;YAED,KAAK,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE;gBAC9B,iCAAiC;gBACjC,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,UAAU,GAAG,KAA4B,CAAA;oBAC/C,MAAM,IAAI,GAAG,OAAO,CAAC,IAA+B,CAAA;oBACpD,IAAI,CAAC,EAAE,GAAG,UAAU,CAAC,EAAY,CAAA;oBACjC,IAAI,CAAC,KAAK,GAAG,UAAU,CAAC,KAAe,CAAA;oBACvC,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC,IAAc,CAAA;oBACrC,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC,IAAyB,CAAA;gBAClD,CAAC;gBAED,OAAO,OAAO,CAAA;YAChB,CAAC;YAED,KAAK,CAAC,QAAQ,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE;gBAC7B,iCAAiC;gBACjC,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBACxB,OAAO,GAAG,OAAO,GAAG,GAAG,EAAE,CAAA;gBAC3B,CAAC;gBACD,IAAI,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC5B,OAAO,GAAG,CAAA;gBACZ,CAAC;gBACD,OAAO,GAAG,OAAO,GAAG,aAAa,EAAE,CAAA;YACrC,CAAC;SACF;QAED,MAAM,EAAE;YACN,KAAK,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE;gBACnB,OAAO,CAAC,GAAG,CAAC,iCAAiC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAA;YAC5D,CAAC;YACD,KAAK,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE;gBACrB,OAAO,CAAC,GAAG,CAAC,kCAAkC,KAAK,EAAE,KAAK,EAAE,CAAC,CAAA;YAC/D,CAAC;SACF;QAED,8BAA8B;QAC9B,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa;KAC9C,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,OAAe;IAEf,OAAO,mBAAmB,CAAC,OAAO,CAAC,CAAA;AACrC,CAAC;AA0BD,gFAAgF;AAChF,sBAAsB;AACtB,gFAAgF;AAEhF;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAA;AAEvD;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,0BAA0B;IACxC,iCAAiC;IACjC,MAAM,aAAa,GAAG,KAAK,IAAI,EAAE;QAC/B,MAAM,QAAQ,GAAG,CAAC,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAA;QACpD,OAAO,QAAQ,CAAC,eAAe,CAAC,CAAA;IAClC,CAAC,CAAA;IACD,OAAO,aAAa,CAAA;AACtB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,GAAG,EAAE,0BAA0B,EAAE;IACjC,IAAI,EAAE,0BAA0B,EAAE;CACnC,CAAA"}
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/admin/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH,OAAO,mBAAmB,MAAM,iCAAiC,CAAA;AACjE,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAA;AAI/E,gFAAgF;AAChF,YAAY;AACZ,gFAAgF;AAEhF;;;GAGG;AACH,MAAM,uBAAuB,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,CAAA;AAE3C,gFAAgF;AAChF,qBAAqB;AACrB,gFAAgF;AAEhF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,UAAU,sBAAsB,CAAC,UAAkC,EAAE;IACzE,MAAM,EACJ,aAAa,GAAG,uBAAuB,EACvC,UAAU,GAAG,cAAc,EAC3B,SAAS,GAAG,cAAc,EAC1B,aAAa,GAAG,QAAQ,GACzB,GAAG,OAAO,CAAA;IAEX,OAAO;QACL,SAAS,EAAE;YACT,mBAAmB,CAAC;gBAClB,4DAA4D;gBAC5D,EAAE,EAAE,mBAAmB;gBACvB,IAAI,EAAE,mBAAmB;gBACzB,WAAW,EAAE;oBACX,KAAK,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE;oBACxC,QAAQ,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE;iBAClD;gBACD,KAAK,CAAC,SAAS,CAAC,WAAW;oBACzB,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,WAAW,EAAE,QAAQ,EAAE,CAAC;wBAClD,OAAO,IAAI,CAAA;oBACb,CAAC;oBAED,MAAM,MAAM,GAAG,MAAM,iBAAiB,CACpC,WAAW,CAAC,KAAK,EACjB,WAAW,CAAC,QAAQ,CACrB,CAAA;oBAED,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;wBACpB,uDAAuD;wBACvD,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,CAAA;oBACvD,CAAC;oBAED,+DAA+D;oBAC/D,4DAA4D;oBAC5D,4CAA4C;oBAC5C,MAAM,cAAc,GACjB,MAAM,CAAC,KAAqC,CAAC,cAAc,IAAI,CAAC,CAAA;oBACnE,OAAO;wBACL,EAAE,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE;wBACnB,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,KAAK;wBACzB,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI;wBACvB,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI;wBACvB,cAAc;qBACI,CAAA;gBACtB,CAAC;aACF,CAAC;SACH;QAED,OAAO,EAAE;YACP,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,aAAa;SACtB;QAED,GAAG,EAAE;YACH,MAAM,EAAE,aAAa;SACtB;QAED,kEAAkE;QAClE,oEAAoE;QACpE,gEAAgE;QAChE,mEAAmE;QACnE,sDAAsD;QACtD,OAAO,EAAE;YACP,YAAY,EAAE;gBACZ,IAAI,EAAE,4BAA4B;gBAClC,OAAO,EAAE;oBACP,QAAQ,EAAE,IAAI;oBACd,QAAQ,EAAE,KAAK;oBACf,IAAI,EAAE,GAAG;oBACT,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;iBAC9C;aACF;SACF;QAED,KAAK,EAAE;YACL,MAAM,EAAE,UAAU;YAClB,KAAK,EAAE,SAAS;SACjB;QAED,SAAS,EAAE;YACT,KAAK,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE;gBACvB,6CAA6C;gBAC7C,MAAM,UAAU,GAAG,KAA4B,CAAA;gBAE/C,kBAAkB;gBAClB,IAAI,IAAI,EAAE,CAAC;oBACT,MAAM,SAAS,GAAG,IAAiB,CAAA;oBACnC,UAAU,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAA;oBACvB,UAAU,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,SAAS,CAAA;oBAC1C,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,SAAS,CAAA;oBACxC,UAAU,CAAC,IAAI,GAAG,SAAS,CAAC,IAAI,CAAA;oBAChC,UAAU,CAAC,cAAc,GAAG,SAAS,CAAC,cAAc,IAAI,CAAC,CAAA;gBAC3D,CAAC;gBAED,OAAO,KAAK,CAAA;YACd,CAAC;YAED,KAAK,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE;gBAC9B,iCAAiC;gBACjC,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,UAAU,GAAG,KAA4B,CAAA;oBAC/C,MAAM,IAAI,GAAG,OAAO,CAAC,IAA+B,CAAA;oBACpD,IAAI,CAAC,EAAE,GAAG,UAAU,CAAC,EAAY,CAAA;oBACjC,IAAI,CAAC,KAAK,GAAG,UAAU,CAAC,KAAe,CAAA;oBACvC,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC,IAAc,CAAA;oBACrC,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC,IAAiB,CAAA;oBACxC,IAAI,CAAC,cAAc,GAAI,UAAU,CAAC,cAAyB,IAAI,CAAC,CAAA;gBAClE,CAAC;gBAED,OAAO,OAAO,CAAA;YAChB,CAAC;YAED,KAAK,CAAC,QAAQ,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE;gBAC7B,iCAAiC;gBACjC,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBACxB,OAAO,GAAG,OAAO,GAAG,GAAG,EAAE,CAAA;gBAC3B,CAAC;gBACD,IAAI,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC5B,OAAO,GAAG,CAAA;gBACZ,CAAC;gBACD,OAAO,GAAG,OAAO,GAAG,aAAa,EAAE,CAAA;YACrC,CAAC;SACF;QAED,MAAM,EAAE;YACN,KAAK,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE;gBACnB,OAAO,CAAC,GAAG,CAAC,iCAAiC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAA;YAC5D,CAAC;YACD,KAAK,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE;gBACrB,OAAO,CAAC,GAAG,CAAC,kCAAkC,KAAK,EAAE,KAAK,EAAE,CAAC,CAAA;YAC/D,CAAC;SACF;QAED,8BAA8B;QAC9B,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa;KAC9C,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,OAAe;IAEf,OAAO,mBAAmB,CAAC,OAAO,CAAC,CAAA;AACrC,CAAC;AA4BD,gFAAgF;AAChF,sBAAsB;AACtB,gFAAgF;AAEhF;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAA;AAEvD;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,0BAA0B;IACxC,iCAAiC;IACjC,MAAM,aAAa,GAAG,KAAK,IAAI,EAAE;QAC/B,MAAM,QAAQ,GAAG,CAAC,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAA;QACpD,OAAO,QAAQ,CAAC,eAAe,CAAC,CAAA;IAClC,CAAC,CAAA;IACD,OAAO,aAAa,CAAA;AACtB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,GAAG,EAAE,0BAA0B,EAAE;IACjC,IAAI,EAAE,0BAA0B,EAAE;CACnC,CAAA"}

package/dist/admin/hooks/index.d.ts

@@ -9,5 +9,9 @@ export { useAdminOrders } from './useAdminOrders';
 export { useAdminProducts } from './useAdminProducts';
 export { useAdminCategories } from './useAdminCategories';
 export { useAdminCustomers } from './useAdminCustomers';
+export { useAdminUsers } from './useAdminUsers';
+export { useAdminPermissions } from './useAdminPermissions';
+export { useAdminMe } from './useAdminMe';
+export type { AdminMe, UseAdminMeReturn } from './useAdminMe';
 export type { CategoryTreeItem } from './useAdminCategories';
 //# sourceMappingURL=index.d.ts.map

package/dist/admin/hooks/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/admin/hooks/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AAC/C,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AACvD,YAAY,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/admin/hooks/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AAC/C,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AAC/C,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAA;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AACzC,YAAY,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAC7D,YAAY,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA"}

package/dist/admin/hooks/index.js

@@ -9,4 +9,7 @@ export { useAdminOrders } from './useAdminOrders';
 export { useAdminProducts } from './useAdminProducts';
 export { useAdminCategories } from './useAdminCategories';
 export { useAdminCustomers } from './useAdminCustomers';
+export { useAdminUsers } from './useAdminUsers';
+export { useAdminPermissions } from './useAdminPermissions';
+export { useAdminMe } from './useAdminMe';
 //# sourceMappingURL=index.js.map

package/dist/admin/hooks/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/admin/hooks/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AAC/C,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/admin/hooks/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AAC/C,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AAC/C,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAA;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA"}

package/dist/admin/hooks/useAdminMe.d.ts

@@ -0,0 +1,31 @@
+export interface AdminMe {
+    id: string;
+    email: string;
+    name: string;
+    role: string;
+    status: string;
+    createdAt: string;
+    lastLoginAt: string | null;
+}
+export interface UseAdminMeReturn {
+    me: AdminMe | null;
+    isLoading: boolean;
+    error: string | null;
+    refetch: () => Promise<void>;
+    updateProfile: (data: {
+        name?: string;
+        email?: string;
+    }) => Promise<{
+        success: boolean;
+        error?: string;
+    }>;
+    changePassword: (data: {
+        currentPassword: string;
+        newPassword: string;
+    }) => Promise<{
+        success: boolean;
+        error?: string;
+    }>;
+}
+export declare function useAdminMe(): UseAdminMeReturn;
+//# sourceMappingURL=useAdminMe.d.ts.map

package/dist/admin/hooks/useAdminMe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useAdminMe.d.ts","sourceRoot":"","sources":["../../../src/admin/hooks/useAdminMe.ts"],"names":[],"mappings":"AAwBA,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAA;IACV,KAAK,EAAE,MAAM,CAAA;IACb,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;IACjB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;CAC3B;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,OAAO,GAAG,IAAI,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAClB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;IAC5B,aAAa,EAAE,CAAC,IAAI,EAAE;QACpB,IAAI,CAAC,EAAE,MAAM,CAAA;QACb,KAAK,CAAC,EAAE,MAAM,CAAA;KACf,KAAK,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IACnD,cAAc,EAAE,CAAC,IAAI,EAAE;QACrB,eAAe,EAAE,MAAM,CAAA;QACvB,WAAW,EAAE,MAAM,CAAA;KACpB,KAAK,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CACpD;AAMD,wBAAgB,UAAU,IAAI,gBAAgB,CAoG7C"}

package/dist/admin/hooks/useAdminMe.js

@@ -0,0 +1,103 @@
+'use client';
+/**
+ * @rovela/sdk/admin/hooks/useAdminMe
+ *
+ * Client hook for the logged-in admin's self-service data: fetch own
+ * profile, update own profile, change own password.
+ *
+ * Lightweight compared to `useAdminUsers` — no list/pagination state.
+ * Internal state tracks:
+ *   - `me`: the current admin row (fetched on mount)
+ *   - `isLoading`: initial fetch in progress
+ *   - `error`: last fetch/update error
+ *
+ * Mutations return a typed result instead of throwing so the caller can
+ * surface errors in form UI.
+ */
+import { useState, useEffect, useCallback } from 'react';
+// =============================================================================
+// Hook
+// =============================================================================
+export function useAdminMe() {
+    const [me, setMe] = useState(null);
+    const [isLoading, setIsLoading] = useState(true);
+    const [error, setError] = useState(null);
+    const refetch = useCallback(async () => {
+        setIsLoading(true);
+        setError(null);
+        try {
+            const res = await fetch('/api/admin/me');
+            if (!res.ok) {
+                const data = (await res.json().catch(() => ({})));
+                throw new Error(data.error || 'Failed to load profile');
+            }
+            const data = (await res.json());
+            setMe(data);
+        }
+        catch (err) {
+            console.error('[useAdminMe] fetch error:', err);
+            setError(err instanceof Error ? err.message : 'Failed to load profile');
+            setMe(null);
+        }
+        finally {
+            setIsLoading(false);
+        }
+    }, []);
+    useEffect(() => {
+        refetch();
+    }, [refetch]);
+    const updateProfile = useCallback(async (data) => {
+        try {
+            const res = await fetch('/api/admin/me', {
+                method: 'PATCH',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify(data),
+            });
+            const body = (await res.json().catch(() => ({})));
+            if (!res.ok || !body.success) {
+                return {
+                    success: false,
+                    error: body.error || 'Failed to update profile',
+                };
+            }
+            await refetch();
+            return { success: true };
+        }
+        catch (err) {
+            console.error('[useAdminMe] updateProfile error:', err);
+            return {
+                success: false,
+                error: err instanceof Error ? err.message : 'Failed to update profile',
+            };
+        }
+    }, [refetch]);
+    const changePassword = useCallback(async (data) => {
+        try {
+            const res = await fetch('/api/admin/me/password', {
+                method: 'PATCH',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify(data),
+            });
+            const body = (await res.json().catch(() => ({})));
+            if (!res.ok || !body.success) {
+                return {
+                    success: false,
+                    error: body.error || 'Failed to change password',
+                };
+            }
+            // Password change bumps sessionVersion → this session is now
+            // invalid on the very next request. We deliberately DON'T refetch
+            // here — the UI will catch the 401 and redirect to login.
+            return { success: true };
+        }
+        catch (err) {
+            console.error('[useAdminMe] changePassword error:', err);
+            return {
+                success: false,
+                error: err instanceof Error ? err.message : 'Failed to change password',
+            };
+        }
+    }, []);
+    return { me, isLoading, error, refetch, updateProfile, changePassword };
+}
+//# sourceMappingURL=useAdminMe.js.map

package/dist/admin/hooks/useAdminMe.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useAdminMe.js","sourceRoot":"","sources":["../../../src/admin/hooks/useAdminMe.ts"],"names":[],"mappings":"AAAA,YAAY,CAAA;AAEZ;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,OAAO,CAAA;AA+BxD,gFAAgF;AAChF,OAAO;AACP,gFAAgF;AAEhF,MAAM,UAAU,UAAU;IACxB,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,GAAG,QAAQ,CAAiB,IAAI,CAAC,CAAA;IAClD,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAA;IAChD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAgB,IAAI,CAAC,CAAA;IAEvD,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,YAAY,CAAC,IAAI,CAAC,CAAA;QAClB,QAAQ,CAAC,IAAI,CAAC,CAAA;QACd,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,eAAe,CAAC,CAAA;YACxC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAuB,CAAA;gBACvE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,wBAAwB,CAAC,CAAA;YACzD,CAAC;YACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAY,CAAA;YAC1C,KAAK,CAAC,IAAI,CAAC,CAAA;QACb,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAA;YAC/C,QAAQ,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAA;YACvE,KAAK,CAAC,IAAI,CAAC,CAAA;QACb,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,KAAK,CAAC,CAAA;QACrB,CAAC;IACH,CAAC,EAAE,EAAE,CAAC,CAAA;IAEN,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,EAAE,CAAA;IACX,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAA;IAEb,MAAM,aAAa,GAAG,WAAW,CAC/B,KAAK,EAAE,IAGN,EAAiD,EAAE;QAClD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,eAAe,EAAE;gBACvC,MAAM,EAAE,OAAO;gBACf,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;aAC3B,CAAC,CAAA;YACF,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAG/C,CAAA;YACD,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAC7B,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,0BAA0B;iBAChD,CAAA;YACH,CAAC;YACD,MAAM,OAAO,EAAE,CAAA;YACf,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;QAC1B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,GAAG,CAAC,CAAA;YACvD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,0BAA0B;aACvE,CAAA;QACH,CAAC;IACH,CAAC,EACD,CAAC,OAAO,CAAC,CACV,CAAA;IAED,MAAM,cAAc,GAAG,WAAW,CAChC,KAAK,EAAE,IAGN,EAAiD,EAAE;QAClD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,wBAAwB,EAAE;gBAChD,MAAM,EAAE,OAAO;gBACf,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;aAC3B,CAAC,CAAA;YACF,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAG/C,CAAA;YACD,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAC7B,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,2BAA2B;iBACjD,CAAA;YACH,CAAC;YACD,6DAA6D;YAC7D,kEAAkE;YAClE,0DAA0D;YAC1D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;QAC1B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,oCAAoC,EAAE,GAAG,CAAC,CAAA;YACxD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B;aACxE,CAAA;QACH,CAAC;IACH,CAAC,EACD,EAAE,CACH,CAAA;IAED,OAAO,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,CAAA;AACzE,CAAC"}

package/dist/admin/hooks/useAdminPermissions.d.ts

@@ -0,0 +1,3 @@
+import type { UseAdminPermissionsReturn } from '../types';
+export declare function useAdminPermissions(): UseAdminPermissionsReturn;
+//# sourceMappingURL=useAdminPermissions.d.ts.map

package/dist/admin/hooks/useAdminPermissions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useAdminPermissions.d.ts","sourceRoot":"","sources":["../../../src/admin/hooks/useAdminPermissions.ts"],"names":[],"mappings":"AAuCA,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,UAAU,CAAA;AAMzD,wBAAgB,mBAAmB,IAAI,yBAAyB,CA+B/D"}

package/dist/admin/hooks/useAdminPermissions.js

@@ -0,0 +1,51 @@
+'use client';
+/**
+ * @rovela/sdk/admin/hooks/useAdminPermissions
+ *
+ * Client-side permission helpers. Pure wrapper around `admin/permissions.ts`
+ * that reads the current admin's role from `useAdminAuth`.
+ *
+ * No network calls — permissions are a function of the JWT already in memory,
+ * so this hook is cheap and synchronous once the session has loaded.
+ *
+ * Server-side is still the source of truth; this hook exists purely for UI
+ * gating (hide/disable buttons the user couldn't use anyway).
+ *
+ * @example
+ * ```tsx
+ * function UsersPage() {
+ *   const { can, canManageUser, isOwner } = useAdminPermissions()
+ *   if (!can('users.read')) return <NoAccess />
+ *
+ *   return users.map(u => (
+ *     <Row
+ *       user={u}
+ *       canDelete={isOwner && canManageUser(u)}
+ *       canDeactivate={canManageUser(u)}
+ *     />
+ *   ))
+ * }
+ * ```
+ */
+import { useMemo, useCallback } from 'react';
+import { useAdminAuth } from './useAdminAuth';
+import { hasPermission, canManageUser as canManageUserCore, } from '../permissions';
+// =============================================================================
+// Hook
+// =============================================================================
+export function useAdminPermissions() {
+    const { admin } = useAdminAuth();
+    const role = (admin?.role ?? null);
+    const isOwner = role === 'owner';
+    const isAdministrator = role === 'administrator' || role === 'admin'; // legacy alias
+    const can = useCallback((permission) => {
+        return hasPermission(role, permission);
+    }, [role]);
+    const canManageUser = useCallback((target) => {
+        if (!admin)
+            return false;
+        return canManageUserCore({ id: admin.id, role: admin.role }, target);
+    }, [admin]);
+    return useMemo(() => ({ role, isOwner, isAdministrator, can, canManageUser }), [role, isOwner, isAdministrator, can, canManageUser]);
+}
+//# sourceMappingURL=useAdminPermissions.js.map

package/dist/admin/hooks/useAdminPermissions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useAdminPermissions.js","sourceRoot":"","sources":["../../../src/admin/hooks/useAdminPermissions.ts"],"names":[],"mappings":"AAAA,YAAY,CAAA;AAEZ;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,OAAO,CAAA;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EACL,aAAa,EACb,aAAa,IAAI,iBAAiB,GAEnC,MAAM,gBAAgB,CAAA;AAIvB,gFAAgF;AAChF,OAAO;AACP,gFAAgF;AAEhF,MAAM,UAAU,mBAAmB;IACjC,MAAM,EAAE,KAAK,EAAE,GAAG,YAAY,EAAE,CAAA;IAEhC,MAAM,IAAI,GAAG,CAAC,KAAK,EAAE,IAAI,IAAI,IAAI,CAAqB,CAAA;IAEtD,MAAM,OAAO,GAAG,IAAI,KAAK,OAAO,CAAA;IAChC,MAAM,eAAe,GACnB,IAAI,KAAK,eAAe,IAAI,IAAI,KAAK,OAAO,CAAA,CAAC,eAAe;IAE9D,MAAM,GAAG,GAAG,WAAW,CACrB,CAAC,UAAsB,EAAW,EAAE;QAClC,OAAO,aAAa,CAAC,IAAI,EAAE,UAAU,CAAC,CAAA;IACxC,CAAC,EACD,CAAC,IAAI,CAAC,CACP,CAAA;IAED,MAAM,aAAa,GAAG,WAAW,CAC/B,CAAC,MAAuC,EAAW,EAAE;QACnD,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAA;QACxB,OAAO,iBAAiB,CACtB,EAAE,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,IAAiB,EAAE,EAC/C,MAAM,CACP,CAAA;IACH,CAAC,EACD,CAAC,KAAK,CAAC,CACR,CAAA;IAED,OAAO,OAAO,CACZ,GAAG,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,GAAG,EAAE,aAAa,EAAE,CAAC,EAC9D,CAAC,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,GAAG,EAAE,aAAa,CAAC,CACrD,CAAA;AACH,CAAC"}

package/dist/admin/hooks/useAdminUsers.d.ts

@@ -0,0 +1,3 @@
+import type { UseAdminUsersReturn } from '../types';
+export declare function useAdminUsers(): UseAdminUsersReturn;
+//# sourceMappingURL=useAdminUsers.d.ts.map

package/dist/admin/hooks/useAdminUsers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useAdminUsers.d.ts","sourceRoot":"","sources":["../../../src/admin/hooks/useAdminUsers.ts"],"names":[],"mappings":"AA4BA,OAAO,KAAK,EAKV,mBAAmB,EACpB,MAAM,UAAU,CAAA;AAOjB,wBAAgB,aAAa,IAAI,mBAAmB,CAmSnD"}

package/dist/admin/hooks/useAdminUsers.js

@@ -0,0 +1,240 @@
+'use client';
+/**
+ * @rovela/sdk/admin/hooks/useAdminUsers
+ *
+ * Admin user management data hook. Mirrors `useAdminCustomers` — state for
+ * the list, fetchers, and mutation helpers (deactivate, reactivate, delete).
+ *
+ * All mutations optimistically refetch the current page afterward so the
+ * table always reflects server state. Errors from mutations are returned
+ * to the caller so the UI can surface them in a toast or confirm dialog.
+ *
+ * @example
+ * ```tsx
+ * function UsersPage() {
+ *   const { users, isLoading, fetchUsers, deactivate } = useAdminUsers()
+ *
+ *   useEffect(() => { fetchUsers() }, [fetchUsers])
+ *
+ *   const handleDeactivate = async (id: string) => {
+ *     const result = await deactivate(id)
+ *     if (!result.success) toast.error(result.error)
+ *   }
+ * }
+ * ```
+ */
+import { useState, useCallback, useRef } from 'react';
+// =============================================================================
+// Hook
+// =============================================================================
+export function useAdminUsers() {
+    const [users, setUsers] = useState([]);
+    const [total, setTotal] = useState(0);
+    const [page, setPage] = useState(1);
+    const [isLoading, setIsLoading] = useState(false);
+    const [error, setError] = useState(null);
+    // Keep the last fetch options around so mutation handlers can refetch
+    // the exact same view without the caller passing them in again.
+    const lastOptionsRef = useRef({});
+    const fetchUsers = useCallback(async (options = {}) => {
+        const merged = {
+            page: 1,
+            limit: 20,
+            ...options,
+        };
+        lastOptionsRef.current = merged;
+        setIsLoading(true);
+        setError(null);
+        try {
+            const params = new URLSearchParams();
+            if (merged.search)
+                params.set('search', merged.search);
+            if (merged.status && merged.status !== 'all')
+                params.set('status', merged.status);
+            if (merged.role && merged.role !== 'all')
+                params.set('role', merged.role);
+            params.set('page', String(merged.page ?? 1));
+            params.set('limit', String(merged.limit ?? 20));
+            const response = await fetch(`/api/admin/users?${params.toString()}`);
+            if (!response.ok) {
+                const data = (await response.json().catch(() => ({})));
+                throw new Error(data.error || 'Failed to fetch users');
+            }
+            const data = (await response.json());
+            setUsers(data.data ?? []);
+            setTotal(data.total ?? 0);
+            setPage(data.page ?? 1);
+        }
+        catch (err) {
+            console.error('[useAdminUsers] Fetch error:', err);
+            setError(err instanceof Error ? err.message : 'Failed to fetch users');
+            setUsers([]);
+        }
+        finally {
+            setIsLoading(false);
+        }
+    }, []);
+    const getUser = useCallback(async (id) => {
+        try {
+            const response = await fetch(`/api/admin/users/${id}`);
+            if (!response.ok)
+                return null;
+            const data = (await response.json());
+            return data.data ?? null;
+        }
+        catch (err) {
+            console.error('[useAdminUsers] getUser error:', err);
+            return null;
+        }
+    }, []);
+    // Internal helper: PATCH with action discriminator
+    const patchAction = useCallback(async (id, action) => {
+        try {
+            const response = await fetch(`/api/admin/users/${id}`, {
+                method: 'PATCH',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({ action }),
+            });
+            const data = (await response.json().catch(() => ({})));
+            if (!response.ok || !data.success) {
+                return { success: false, error: data.error || `Failed to ${action} user` };
+            }
+            // Refresh current view so the table reflects the new state
+            await fetchUsers(lastOptionsRef.current);
+            return { success: true };
+        }
+        catch (err) {
+            console.error(`[useAdminUsers] ${action} error:`, err);
+            return {
+                success: false,
+                error: err instanceof Error ? err.message : `Failed to ${action} user`,
+            };
+        }
+    }, [fetchUsers]);
+    const deactivate = useCallback((id) => patchAction(id, 'deactivate'), [patchAction]);
+    const reactivate = useCallback((id) => patchAction(id, 'reactivate'), [patchAction]);
+    const deleteUser = useCallback(async (id) => {
+        try {
+            const response = await fetch(`/api/admin/users/${id}`, {
+                method: 'DELETE',
+            });
+            const data = (await response.json().catch(() => ({})));
+            if (!response.ok || !data.success) {
+                return { success: false, error: data.error || 'Failed to delete user' };
+            }
+            await fetchUsers(lastOptionsRef.current);
+            return { success: true };
+        }
+        catch (err) {
+            console.error('[useAdminUsers] delete error:', err);
+            return {
+                success: false,
+                error: err instanceof Error ? err.message : 'Failed to delete user',
+            };
+        }
+    }, [fetchUsers]);
+    // =========================================================================
+    // Phase 3 — invite, resend, cancel, change role
+    // =========================================================================
+    const invite = useCallback(async (payload) => {
+        try {
+            const response = await fetch('/api/admin/users', {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify(payload),
+            });
+            const data = (await response.json().catch(() => ({})));
+            if (!response.ok || !data.success) {
+                return {
+                    success: false,
+                    error: data.error || 'Failed to send invite',
+                };
+            }
+            await fetchUsers(lastOptionsRef.current);
+            return {
+                success: true,
+                adminId: data.adminId,
+                inviteUrl: data.inviteUrl,
+            };
+        }
+        catch (err) {
+            console.error('[useAdminUsers] invite error:', err);
+            return {
+                success: false,
+                error: err instanceof Error ? err.message : 'Failed to send invite',
+            };
+        }
+    }, [fetchUsers]);
+    const resendInvite = useCallback(async (id) => {
+        try {
+            const response = await fetch(`/api/admin/users/${id}`, {
+                method: 'PATCH',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({ action: 'resend_invite' }),
+            });
+            const data = (await response.json().catch(() => ({})));
+            if (!response.ok || !data.success) {
+                return {
+                    success: false,
+                    error: data.error || 'Failed to resend invite',
+                };
+            }
+            await fetchUsers(lastOptionsRef.current);
+            return {
+                success: true,
+                inviteUrl: data.inviteUrl,
+            };
+        }
+        catch (err) {
+            console.error('[useAdminUsers] resendInvite error:', err);
+            return {
+                success: false,
+                error: err instanceof Error ? err.message : 'Failed to resend invite',
+            };
+        }
+    }, [fetchUsers]);
+    const cancelInvite = useCallback((id) => patchAction(id, 'cancel_invite'), [patchAction]);
+    const changeRole = useCallback(async (id, newRole) => {
+        try {
+            const response = await fetch(`/api/admin/users/${id}`, {
+                method: 'PATCH',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({ action: 'change_role', role: newRole }),
+            });
+            const data = (await response.json().catch(() => ({})));
+            if (!response.ok || !data.success) {
+                return {
+                    success: false,
+                    error: data.error || 'Failed to change role',
+                };
+            }
+            await fetchUsers(lastOptionsRef.current);
+            return { success: true };
+        }
+        catch (err) {
+            console.error('[useAdminUsers] changeRole error:', err);
+            return {
+                success: false,
+                error: err instanceof Error ? err.message : 'Failed to change role',
+            };
+        }
+    }, [fetchUsers]);
+    return {
+        users,
+        total,
+        page,
+        isLoading,
+        error,
+        fetchUsers,
+        getUser,
+        deactivate,
+        reactivate,
+        deleteUser,
+        // Phase 3
+        invite,
+        resendInvite,
+        cancelInvite,
+        changeRole,
+    };
+}
+//# sourceMappingURL=useAdminUsers.js.map

package/dist/admin/hooks/useAdminUsers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useAdminUsers.js","sourceRoot":"","sources":["../../../src/admin/hooks/useAdminUsers.ts"],"names":[],"mappings":"AAAA,YAAY,CAAA;AAEZ;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,OAAO,CAAA;AAUrD,gFAAgF;AAChF,OAAO;AACP,gFAAgF;AAEhF,MAAM,UAAU,aAAa;IAC3B,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAkB,EAAE,CAAC,CAAA;IACvD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAA;IACrC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAA;IACnC,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;IACjD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAgB,IAAI,CAAC,CAAA;IAEvD,sEAAsE;IACtE,gEAAgE;IAChE,MAAM,cAAc,GAAG,MAAM,CAAuB,EAAE,CAAC,CAAA;IAEvD,MAAM,UAAU,GAAG,WAAW,CAC5B,KAAK,EAAE,UAAgC,EAAE,EAAiB,EAAE;QAC1D,MAAM,MAAM,GAAyB;YACnC,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,EAAE;YACT,GAAG,OAAO;SACX,CAAA;QACD,cAAc,CAAC,OAAO,GAAG,MAAM,CAAA;QAE/B,YAAY,CAAC,IAAI,CAAC,CAAA;QAClB,QAAQ,CAAC,IAAI,CAAC,CAAA;QAEd,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAA;YACpC,IAAI,MAAM,CAAC,MAAM;gBAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;YACtD,IAAI,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,KAAK;gBAC1C,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;YACrC,IAAI,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK;gBAAE,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAA;YACzE,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;YAC5C,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAA;YAE/C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAC1B,oBAAoB,MAAM,CAAC,QAAQ,EAAE,EAAE,CACxC,CAAA;YAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAEpD,CAAA;gBACD,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,uBAAuB,CAAC,CAAA;YACxD,CAAC;YAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAIlC,CAAA;YAED,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,CAAA;YACzB,QAAQ,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;YACzB,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,CAAA;QACzB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAA;YAClD,QAAQ,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAA;YACtE,QAAQ,CAAC,EAAE,CAAC,CAAA;QACd,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,KAAK,CAAC,CAAA;QACrB,CAAC;IACH,CAAC,EACD,EAAE,CACH,CAAA;IAED,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,EAAE,EAAU,EAAiC,EAAE;QAC9E,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAA;YACtD,IAAI,CAAC,QAAQ,CAAC,EAAE;gBAAE,OAAO,IAAI,CAAA;YAC7B,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA6B,CAAA;YAChE,OAAO,IAAI,CAAC,IAAI,IAAI,IAAI,CAAA;QAC1B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,gCAAgC,EAAE,GAAG,CAAC,CAAA;YACpD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC,EAAE,EAAE,CAAC,CAAA;IAEN,mDAAmD;IACnD,MAAM,WAAW,GAAG,WAAW,CAC7B,KAAK,EACH,EAAU,EACV,MAAqD,EACN,EAAE;QACjD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,oBAAoB,EAAE,EAAE,EAAE;gBACrD,MAAM,EAAE,OAAO;gBACf,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;aACjC,CAAC,CAAA;YAEF,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAGpD,CAAA;YAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,aAAa,MAAM,OAAO,EAAE,CAAA;YAC5E,CAAC;YAED,2DAA2D;YAC3D,MAAM,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,CAAA;YACxC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;QAC1B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,mBAAmB,MAAM,SAAS,EAAE,GAAG,CAAC,CAAA;YACtD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,aAAa,MAAM,OAAO;aACvE,CAAA;QACH,CAAC;IACH,CAAC,EACD,CAAC,UAAU,CAAC,CACb,CAAA;IAED,MAAM,UAAU,GAAG,WAAW,CAC5B,CAAC,EAAU,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,YAAY,CAAC,EAC7C,CAAC,WAAW,CAAC,CACd,CAAA;IAED,MAAM,UAAU,GAAG,WAAW,CAC5B,CAAC,EAAU,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,YAAY,CAAC,EAC7C,CAAC,WAAW,CAAC,CACd,CAAA;IAED,MAAM,UAAU,GAAG,WAAW,CAC5B,KAAK,EAAE,EAAU,EAAiD,EAAE;QAClE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,oBAAoB,EAAE,EAAE,EAAE;gBACrD,MAAM,EAAE,QAAQ;aACjB,CAAC,CAAA;YAEF,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAGpD,CAAA;YAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,uBAAuB,EAAE,CAAA;YACzE,CAAC;YAED,MAAM,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,CAAA;YACxC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;QAC1B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAA;YACnD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB;aACpE,CAAA;QACH,CAAC;IACH,CAAC,EACD,CAAC,UAAU,CAAC,CACb,CAAA;IAED,4EAA4E;IAC5E,gDAAgD;IAChD,4EAA4E;IAE5E,MAAM,MAAM,GAAG,WAAW,CACxB,KAAK,EAAE,OAAwB,EAAkC,EAAE;QACjE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,kBAAkB,EAAE;gBAC/C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;aAC9B,CAAC,CAAA;YAEF,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAKpD,CAAA;YAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClC,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,uBAAuB;iBAC7C,CAAA;YACH,CAAC;YAED,MAAM,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,CAAA;YACxC,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B,CAAA;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAA;YACnD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB;aACpE,CAAA;QACH,CAAC;IACH,CAAC,EACD,CAAC,UAAU,CAAC,CACb,CAAA;IAED,MAAM,YAAY,GAAG,WAAW,CAC9B,KAAK,EAAE,EAAU,EAAkC,EAAE;QACnD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,oBAAoB,EAAE,EAAE,EAAE;gBACrD,MAAM,EAAE,OAAO;gBACf,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;aAClD,CAAC,CAAA;YAEF,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAIpD,CAAA;YAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClC,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,yBAAyB;iBAC/C,CAAA;YACH,CAAC;YAED,MAAM,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,CAAA;YACxC,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B,CAAA;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,GAAG,CAAC,CAAA;YACzD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,yBAAyB;aACtE,CAAA;QACH,CAAC;IACH,CAAC,EACD,CAAC,UAAU,CAAC,CACb,CAAA;IAED,MAAM,YAAY,GAAG,WAAW,CAC9B,CAAC,EAAU,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,eAAe,CAAC,EAChD,CAAC,WAAW,CAAC,CACd,CAAA;IAED,MAAM,UAAU,GAAG,WAAW,CAC5B,KAAK,EACH,EAAU,EACV,OAAkB,EAC6B,EAAE;QACjD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,oBAAoB,EAAE,EAAE,EAAE;gBACrD,MAAM,EAAE,OAAO;gBACf,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;aAC/D,CAAC,CAAA;YAEF,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAGpD,CAAA;YAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClC,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,uBAAuB;iBAC7C,CAAA;YACH,CAAC;YAED,MAAM,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,CAAA;YACxC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;QAC1B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,GAAG,CAAC,CAAA;YACvD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB;aACpE,CAAA;QACH,CAAC;IACH,CAAC,EACD,CAAC,UAAU,CAAC,CACb,CAAA;IAED,OAAO;QACL,KAAK;QACL,KAAK;QACL,IAAI;QACJ,SAAS;QACT,KAAK;QACL,UAAU;QACV,OAAO;QACP,UAAU;QACV,UAAU;QACV,UAAU;QACV,UAAU;QACV,MAAM;QACN,YAAY;QACZ,YAAY;QACZ,UAAU;KACX,CAAA;AACH,CAAC"}