@shokirovr16/frontend-library 0.1.2

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Mirjalolbek Qosimov
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,98 @@
+# @shokirovr16/frontend-library
+
+Shared frontend package for:
+
+- browser auth helpers used by the support/operator frontends
+- CLI tooling for Comfort UI component bootstrap and maintenance
+
+## Package Identity
+
+- npm package name: `@shokirovr16/frontend-library`
+- auth exports: `@shokirovr16/frontend-library/auth`, `@shokirovr16/frontend-library/auth/react`
+- CLI aliases: `frontend-library`, `cmfrt`
+- generated config/doc filenames still remain `cmfrt.json` and `cmfrt-doc.md`
+
+Important:
+
+- this repository is now published and consumed as `@shokirovr16/frontend-library`
+- the old public `cmfrt` package is not the source of truth for this repository anymore
+
+## Install
+
+```bash
+npm install @shokirovr16/frontend-library
+```
+
+Peer dependencies:
+
+- `react >= 18`
+- `react-router-dom >= 6`
+- `axios >= 1` for the axios helper only
+
+## Auth Usage
+
+```js
+import { initializeAuth } from '@shokirovr16/frontend-library/auth';
+import { AuthProvider } from '@shokirovr16/frontend-library/auth/react';
+```
+
+See [src/auth/README.md](D:/MIO%20BEAUTY%20ERP%202.0.0/frontend-library/src/auth/README.md) for the auth runtime contract and examples.
+
+## CLI Usage
+
+Both commands are valid after installation:
+
+```bash
+npx frontend-library init
+npx cmfrt init
+```
+
+The CLI still manages the same generated files:
+
+- `cmfrt.json`
+- `cmfrt-doc.md`
+
+## Local Workspace Development
+
+Current workspace rule:
+
+- [cx-admin-frontend/package.json](D:/MIO%20BEAUTY%20ERP%202.0.0/cx-admin-frontend/package.json) uses `"@shokirovr16/frontend-library": "file:../frontend-library"` during active auth-library work
+- after changing this package, run `npm install` in both `frontend-library` and `cx-admin-frontend`
+- `cx-admin-frontend` dev mode uses `vite --force` to avoid stale optimized deps while the local file dependency changes
+
+Recommended local loop:
+
+```bash
+cd frontend-library
+npm install
+
+cd ../cx-admin-frontend
+npm install
+npm run build
+```
+
+## Publishing
+
+Publish this repository under the package name `@shokirovr16/frontend-library`.
+
+Recommended release flow:
+
+```bash
+cd frontend-library
+npm install
+npm version patch
+npm publish
+git push origin main --tags
+```
+
+Before publishing:
+
+- make sure `git status` is clean
+- verify `npm pack --json` produces `shokirovr16-frontend-library-<version>.tgz`
+- verify `cx-admin-frontend` still builds against either the local file dependency or the published version
+
+After publishing:
+
+1. Replace the local dependency in [cx-admin-frontend/package.json](D:/MIO%20BEAUTY%20ERP%202.0.0/cx-admin-frontend/package.json) with a semver range such as `"@shokirovr16/frontend-library": "^0.1.2"`.
+2. Run `npm install` in `cx-admin-frontend`.
+3. Run `npm run build` in `cx-admin-frontend`.

package/bin/cmfrt.js

@@ -0,0 +1,69 @@
+#!/usr/bin/env node
+import { Command } from 'commander';
+import initCommand from '../src/commands/init.js';
+import addCommand from '../src/commands/add.js';
+import updateCommand from '../src/commands/update.js';
+import statusCommand from '../src/commands/status.js';
+import listCommand from '../src/commands/list.js';
+import uninstallCommand from '../src/commands/uninstall.js';
+import themeCommand from '../src/commands/theme.js';
+
+const program = new Command();
+
+program
+  .name('cmfrt')
+  .description('Comfort UI komponentlarini loyiha ichiga qo‘shish uchun CLI')
+  .version('0.0.1');
+
+program
+  .command('init')
+  .description('Vite + React + Tailwind loyihasi uchun boshlang‘ich sozlash')
+  .action(() => initCommand());
+
+program
+  .command('add <component>')
+  .description('Ro‘yxatdagi komponentni loyihaga qo‘shish')
+  .action((component) => addCommand(component));
+
+program
+  .command('update [component]')
+  .description('Komponentlarni yangilash')
+  .option('--all', 'Barcha o‘rnatilgan komponentlarni yangilash')
+  .action((component, options) => updateCommand(component, options));
+
+program
+  .command('status')
+  .description('O‘rnatilgan komponentlar holatini ko‘rsatish')
+  .option('--json', 'Natijani JSON ko‘rinishida chiqarish')
+  .option('--only-updates', 'Faqat yangilanishi borlarini ko‘rsatish')
+  .action((options) => statusCommand(options));
+
+program
+  .command('list')
+  .description('Registrydagi barcha komponentlarni ko‘rsatish')
+  .option('-c, --category <name>', 'Kategoriya bo‘yicha filtrlash')
+  .option('--search <text>', 'Nom yoki tavsif bo‘yicha qidirish')
+  .option('--json', 'Natijani JSON ko‘rinishida chiqarish')
+  .action((options) => listCommand(options));
+
+program
+  .command('theme')
+  .description('Theme mode bilan ishlash')
+  .option('--list', 'Mavjud mode ro‘yxatini ko‘rsatish')
+  .option('--set <mode>', 'Mode tanlash va qo‘llash')
+  .action((options) => themeCommand(options));
+
+program
+  .command('uninstall [name]')
+  .description('O‘rnatilgan komponentni o‘chirish')
+  .option('--all', 'Barcha o‘rnatilgan komponentlarni o‘chirish')
+  .option('--prune', 'Foydalanilmaydigan dependencylarni o‘chirish')
+  .option('--yes', 'Tasdiqlashsiz o‘chirish')
+  .action((name, options) => uninstallCommand(name, options));
+
+program.addHelpText(
+  'after',
+  `\nMisollar:\n  cmfrt init\n  cmfrt add button\n  cmfrt update --all\n  cmfrt status --only-updates\n  cmfrt list -c forms\n  cmfrt theme --list\n  cmfrt theme --set "Client light"\n  cmfrt uninstall button --prune\n  cmfrt uninstall --all\n`
+);
+
+await program.parseAsync(process.argv);

package/package.json

@@ -0,0 +1,47 @@
+{
+  "name": "@shokirovr16/frontend-library",
+  "version": "0.1.2",
+  "type": "module",
+  "description": "CLI for bootstrapping comfort UI components into Vite + React + Tailwind projects.",
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public"
+  },
+  "bin": {
+    "frontend-library": "./bin/cmfrt.js",
+    "cmfrt": "./bin/cmfrt.js"
+  },
+  "exports": {
+    "./auth": "./src/auth/index.js",
+    "./auth/react": "./src/auth/react/index.js",
+    "./package.json": "./package.json"
+  },
+  "files": [
+    "bin",
+    "src",
+    "templates",
+    "README.md",
+    "LICENSE"
+  ],
+  "engines": {
+    "node": ">=18"
+  },
+  "dependencies": {
+    "commander": "^10.0.0",
+    "execa": "^7.1.1",
+    "fs-extra": "^11.1.1",
+    "picocolors": "^1.1.1",
+    "prompts": "^2.4.2",
+    "semver": "^7.7.4"
+  },
+  "peerDependencies": {
+    "react": ">=18",
+    "react-router-dom": ">=6",
+    "axios": ">=1"
+  },
+  "peerDependenciesMeta": {
+    "axios": {
+      "optional": true
+    }
+  }
+}

package/src/auth/README.md

@@ -0,0 +1,193 @@
+# @shokirovr16/frontend-library/auth
+
+Shared React SPA auth layer for Keycloak / generic OIDC Authorization Code + PKCE flows.
+
+Package identity:
+
+- npm package: `@shokirovr16/frontend-library`
+- core import: `@shokirovr16/frontend-library/auth`
+- React helpers: `@shokirovr16/frontend-library/auth/react`
+
+## What It Provides
+
+- OIDC discovery from `issuer`
+- Authorization Code Flow + PKCE
+- in-memory access/refresh token handling
+- silent SSO bootstrap through an iframe callback page
+- fetch and axios helpers
+- React provider, hooks, and route guards
+- same-origin session sync through `BroadcastChannel`
+
+## Peer Dependencies
+
+- `react >= 18`
+- `react-router-dom >= 6`
+- `axios >= 1` only if you use the axios helper
+
+## Quick Start
+
+Initialize before rendering protected UI:
+
+```js
+import { initializeAuth } from '@shokirovr16/frontend-library/auth';
+
+initializeAuth({
+  runtimeConfig: async () => {
+    const res = await fetch('/runtime/auth-config', {
+      headers: { accept: 'application/json' },
+    });
+
+    if (!res.ok) {
+      throw new Error('runtime config fetch failed');
+    }
+
+    return res.json();
+  },
+});
+```
+
+Wrap the app:
+
+```jsx
+import { AuthProvider } from '@shokirovr16/frontend-library/auth/react';
+
+root.render(
+  <AuthProvider loading={null}>
+    <App />
+  </AuthProvider>
+);
+```
+
+Read auth state:
+
+```jsx
+import { useAuth } from '@shokirovr16/frontend-library/auth/react';
+
+function Header() {
+  const auth = useAuth();
+
+  return auth.isAuthenticated ? (
+    <button onClick={() => auth.logout()}>Logout</button>
+  ) : (
+    <button onClick={() => auth.login()}>Login</button>
+  );
+}
+```
+
+## Callback Route
+
+Your `redirectUri` route should call `handleCallback()`:
+
+```js
+import { getAuth } from '@shokirovr16/frontend-library/auth';
+
+async function onCallbackPage(navigate) {
+  const engine = getAuth();
+  const { returnTo } = await engine.handleCallback();
+  navigate(returnTo || '/');
+}
+```
+
+## Silent SSO
+
+If you use `silentCheckSsoRedirectUri`, create a page that runs:
+
+```js
+import { createSilentCheckSsoCallback } from '@shokirovr16/frontend-library/auth';
+
+createSilentCheckSsoCallback();
+```
+
+## HTTP Helpers
+
+`fetch` helper:
+
+```js
+import { authFetch } from '@shokirovr16/frontend-library/auth';
+
+const res = await authFetch('/api/me', { method: 'GET' });
+```
+
+Axios helper:
+
+```js
+import axios from 'axios';
+import { getAuth, createAuthHttpClient } from '@shokirovr16/frontend-library/auth';
+
+const api = createAuthHttpClient({
+  axios,
+  engine: getAuth(),
+});
+```
+
+## Guards
+
+```jsx
+import { RequireAuth, RequirePermission } from '@shokirovr16/frontend-library/auth/react';
+```
+
+Examples:
+
+```jsx
+<RequireAuth fallback={null}>
+  <ProtectedPage />
+</RequireAuth>
+```
+
+```jsx
+<RequirePermission permission="billing:read" fallback={null}>
+  <Billing />
+</RequirePermission>
+```
+
+## Runtime Config Contract
+
+Minimum required fields:
+
+- `tenantId`
+- `issuer`
+- `clientId`
+- `redirectUri`
+
+Recommended example:
+
+```json
+{
+  "tenantId": "acme",
+  "tenantSlug": "acme",
+  "mode": "spa-direct",
+  "issuer": "https://sso.example.com/realms/acme",
+  "clientId": "spa-web",
+  "apiAudience": "api",
+  "scopes": ["openid", "profile", "email"],
+  "redirectUri": "https://app.example.com/auth/callback",
+  "postLogoutRedirectUri": "https://app.example.com/",
+  "silentCheckSsoRedirectUri": "https://app.example.com/auth/silent-callback",
+  "checkSsoPolicy": "onLoad",
+  "tokenPolicy": {
+    "minValiditySec": 30,
+    "refreshLeewaySec": 5
+  },
+  "logoutPolicy": {
+    "frontChannel": true,
+    "broadcast": true
+  }
+}
+```
+
+## Events
+
+```js
+import { subscribeAuthEvents } from '@shokirovr16/frontend-library/auth';
+
+const unsub = subscribeAuthEvents((event) => {
+  console.log(event.type, event);
+});
+```
+
+## Security Notes
+
+- refresh tokens stay in memory by default
+- `sessionStorage` is used only for redirect transaction state such as `state`, `code_verifier`, and `returnTo`
+- retry on `401` is intentionally limited
+- token sync is same-origin only