@salesforce/webapp-template-feature-react-authentication-experimental 1.43.1 → 1.45.0

package/dist/force-app/main/default/webapplications/feature-react-authentication/src/pages/ResetPassword.tsx

@@ -6,8 +6,9 @@ import { CenteredPageLayout } from "../components/layout/centered-page-layout";
 import { AuthForm } from "../components/forms/auth-form";
 import { StatusAlert } from "../components/alerts/status-alert";
 import { useAppForm } from "../hooks/form";
-import { ROUTES, AUTH_PLACEHOLDERS } from "../utils/authenticationConfig";
-import { newPasswordSchema, handleApiResponse, getErrorMessage } from "../utils/helpers";
+import { ROUTES, AUTH_PLACEHOLDERS } from "../components/auth/authenticationConfig";
+import { newPasswordSchema } from "../components/auth/authHelpers";
+import { handleApiResponse, getErrorMessage } from "../utils/helpers";
 
 export default function ResetPassword() {
 	const [searchParams] = useSearchParams();

package/dist/force-app/main/default/webapplications/feature-react-authentication/src/routes.tsx

@@ -1,21 +1,21 @@
 import type { RouteObject } from 'react-router';
-import AppLayout from './appLayout';
 import Home from './pages/Home';
 import NotFound from './pages/NotFound';
+import AuthAppLayout from "./layouts/AuthAppLayout";
 import Login from "./pages/Login";
 import Register from "./pages/Register";
 import ForgotPassword from "./pages/ForgotPassword";
 import ResetPassword from "./pages/ResetPassword";
 import Profile from "./pages/Profile";
 import ChangePassword from "./pages/ChangePassword";
-import AuthenticationRoute from "./components/auth/authentication-route";
-import PrivateRoute from "./components/auth/private-route";
-import { ROUTES } from "./utils/authenticationConfig";
+import AuthenticationRoute from "./components/auth/authenticationRouteLayout";
+import PrivateRoute from "./components/auth/privateRouteLayout";
+import { ROUTES } from "./components/auth/authenticationConfig";
 
 export const routes: RouteObject[] = [
   {
     path: "/",
-    element: <AppLayout />,
+    element: <AuthAppLayout />,
     children: [
       {
         index: true,

package/dist/force-app/main/default/webapplications/feature-react-authentication/src/utils/helpers.ts

@@ -1,66 +1,3 @@
-import { AUTH_REDIRECT_PARAM } from "./authenticationConfig";
-import { z } from "zod";
-
-/** Email field validation */
-export const emailSchema = z.string().trim().email("Please enter a valid email address");
-
-/** Password field validation (minimum 8 characters) */
-export const passwordSchema = z.string().min(8, "Password must be at least 8 characters");
-
-/**
- * Shared schema for new password + confirmation fields.
- * Validates password length and matching confirmation.
- */
-export const newPasswordSchema = z
-	.object({
-		newPassword: passwordSchema,
-		confirmPassword: z.string().min(1, "Please confirm your password"),
-	})
-	.refine((data) => data.newPassword === data.confirmPassword, {
-		message: "Passwords do not match",
-		path: ["confirmPassword"],
-	});
-
-/**
- *
- * Extracts the startUrl from URLSearchParams, defaulting to '/'.
- *
- * SECURITY NOTE: This function strictly validates the URL to prevent
- * Open Redirect vulnerabilities. It allows only relative paths.
- *
- * @param searchParams - The URLSearchParams object from useSearchParams()
- * @returns The start URL for post-authentication redirect
- */
-export function getStartUrl(searchParams: URLSearchParams): string {
-	// 1. Check for the standard redirect parameter
-	const url = searchParams.get(AUTH_REDIRECT_PARAM);
-	// 2. Security Check: Validation Logic
-	if (url && isValidRedirect(url)) {
-		return url;
-	}
-	// 3. Fallback: Default to root
-	return "/";
-}
-
-/**
- * [Dev Note] Security: Validates that the redirect URL is a relative path
- * to prevent Open Redirect vulnerabilities.
- *
- * Security Checks:
- * 1. Rejects protocol-relative URLs (//)
- * 2. Rejects backslash usage which some browsers treat as slashes (/\)
- * 3. Rejects control characters
- */
-function isValidRedirect(url: string): boolean {
-	// Basic structure check
-	if (!url.startsWith("/") || url.startsWith("//")) return false;
-	// Security: Reject backslashes to prevent /\example.com bypasses
-	if (url.includes("\\")) return false;
-	// Robustness: Ensure it doesn't contain whitespace/control characters
-	if (/[^\u0021-\u00ff]/.test(url)) return false;
-	return true;
-}
-
 /**
  * MAINTAINABILITY: Robust error extraction.
  * Handles strings, objects, and standard Error instances.
@@ -112,17 +49,6 @@ export async function handleApiResponse<T = unknown>(
 	return data as T;
 }
 
-/**
- * Shared response type for authentication endpoints (login/register).
- * Success responses contain `success: true` and `redirectUrl`.
- * Error responses contain `errors` array.
- */
-export interface AuthResponse {
-	success?: boolean;
-	redirectUrl?: string | null;
-	errors?: string[];
-}
-
 /**
  * UI API Record response structure.
  */

package/dist/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@salesforce/webapp-template-base-sfdx-project-experimental",
-  "version": "1.43.1",
+  "version": "1.45.0",
   "description": "Base SFDX project template",
   "private": true,
   "files": [

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@salesforce/webapp-template-feature-react-authentication-experimental",
-  "version": "1.43.1",
+  "version": "1.45.0",
   "description": "Authentication feature for web applications",
   "license": "SEE LICENSE IN LICENSE.txt",
   "author": "",
@@ -16,7 +16,7 @@
     "clean": "rm -rf dist"
   },
   "devDependencies": {
-    "@salesforce/webapp-experimental": "^1.43.1",
+    "@salesforce/webapp-experimental": "^1.45.0",
     "@tanstack/react-form": "^1.27.7",
     "@types/react": "^19.2.7",
     "@types/react-dom": "^19.2.3",
@@ -40,5 +40,5 @@
       }
     }
   },
-  "gitHead": "639c5bac6d7004d13246a86c9db4b33667da7c30"
+  "gitHead": "7c993c5088a22672b43d457613fbbbbdfd46a755"
 }