@spfn/auth 0.1.0-alpha.87 → 0.2.0-beta.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@spfn/auth",
-  "version": "0.1.0-alpha.87",
+  "version": "0.2.0-beta.1",
   "type": "module",
   "description": "Authentication, authorization, and RBAC module for SPFN",
   "main": "./dist/index.js",
@@ -21,25 +21,25 @@
       "import": "./dist/client.js",
       "require": "./dist/client.js"
     },
-    "./lib": {
-      "types": "./dist/lib.d.ts",
-      "import": "./dist/lib.js",
-      "require": "./dist/lib.js"
+    "./config": {
+      "types": "./dist/config.d.ts",
+      "import": "./dist/config.js",
+      "require": "./dist/config.js"
     },
-    "./adapters": {
-      "types": "./dist/adapters.d.ts",
-      "import": "./dist/adapters.js",
-      "require": "./dist/adapters.js"
+    "./errors": {
+      "types": "./dist/errors.d.ts",
+      "import": "./dist/errors.js",
+      "require": "./dist/errors.js"
     },
     "./nextjs/api": {
-      "types": "./dist/adapters/nextjs/api.d.ts",
-      "import": "./dist/adapters/nextjs/api.js",
-      "require": "./dist/adapters/nextjs/api.js"
+      "types": "./dist/nextjs/api.d.ts",
+      "import": "./dist/nextjs/api.js",
+      "require": "./dist/nextjs/api.js"
     },
     "./nextjs/server": {
-      "types": "./dist/adapters/nextjs/server.d.ts",
-      "import": "./dist/adapters/nextjs/server.js",
-      "require": "./dist/adapters/nextjs/server.js"
+      "types": "./dist/nextjs/server.d.ts",
+      "import": "./dist/nextjs/server.js",
+      "require": "./dist/nextjs/server.js"
     }
   },
   "files": [
@@ -66,66 +66,66 @@
   },
   "homepage": "https://github.com/spfn/spfn/tree/main/packages/auth#readme",
   "spfn": {
-    "prefix": "/_auth",
     "schemas": [
       "./dist/server/entities/*.js"
     ],
-    "routes": {
-      "basePath": "/auth",
-      "dir": "./dist/server/routes"
-    },
     "migrations": {
       "dir": "./migrations"
     },
     "setupMessage": "  📚 Next steps:\n    1. Import auth: import { authMiddleware } from '@spfn/auth/server'\n    2. View tables: pnpm spfn db studio\n    3. API at: http://localhost:8790/_auth"
   },
   "dependencies": {
-    "bcrypt": "^6.0.0",
+    "bcryptjs": "^2.4.3",
     "drizzle-orm": "^0.44.7",
+    "jose": "^6.1.0",
     "jsonwebtoken": "^9.0.2",
     "postgres": "^3.4.0",
-    "jose": "^6.1.0",
-    "@spfn/core": "0.1.0-alpha.86"
+    "@spfn/core": "0.2.0-beta.1"
   },
   "devDependencies": {
-    "@types/bcrypt": "^5.0.2",
+    "@types/bcryptjs": "^2.4.6",
     "@types/jsonwebtoken": "^9.0.6",
     "@types/node": "^20.11.0",
     "@types/react": "^19.2.2",
     "@types/react-dom": "^19.2.2",
     "@vitest/coverage-v8": "^4.0.6",
     "drizzle-kit": "^0.31.6",
-    "glob": "^11.0.3",
-    "hono": "^4.9.0",
-    "next": "^15.0.0",
-    "tsup": "^8.3.5",
-    "tsx": "^4.19.2",
+    "hono": "^4.10.6",
+    "madge": "^8.0.0",
+    "next": "16.0.7",
+    "tsup": "^8.5.0",
+    "tsx": "^4.20.6",
     "typescript": "^5.3.3",
     "vitest": "^4.0.6",
-    "spfn": "0.1.0-alpha.86"
+    "spfn": "0.2.0-beta.1"
   },
   "peerDependencies": {
-    "next": ">=13.0.0"
+    "@aws-sdk/client-sns": "^3.0.0",
+    "next": "^15.0.0 || ^16.0.0"
   },
   "peerDependenciesMeta": {
+    "@aws-sdk/client-sns": {
+      "optional": true
+    },
     "next": {
       "optional": true
     }
   },
   "scripts": {
-    "build": "npm run db:generate && tsup",
+    "build": "pnpm check:circular && npm run db:generate && tsup",
     "watch": "tsup --watch",
     "dev": "tsup --watch",
     "type-check": "tsc --noEmit",
     "clean": "rm -rf dist migrations",
     "db:generate": "drizzle-kit generate",
     "codegen": "spfn codegen run",
-    "test": "vitest",
+    "test": "vitest run",
     "test:coverage": "vitest run --coverage",
     "test:routes": "vitest src/server/routes",
     "docker:test:up": "docker compose -f docker-compose.test.yml up -d",
     "docker:test:down": "docker compose -f docker-compose.test.yml down",
     "docker:test:logs": "docker compose -f docker-compose.test.yml logs -f",
+    "check:circular": "madge --circular --extensions ts src/",
     "publish:alpha": "npm publish --access public --tag alpha",
     "publish:beta": "npm publish --access public --tag beta",
     "publish:latest": "npm publish --access public"

package/dist/adapters/nextjs/api.d.ts

@@ -1,446 +0,0 @@
-import { DeleteInvitationBody } from '../../lib/api/auth-invitations-delete.js';
-export { DeleteInvitationResponse } from '../../lib/api/auth-invitations-delete.js';
-import { ResendInvitationBody } from '../../lib/api/auth-invitations-resend.js';
-export { ResendInvitationResponse } from '../../lib/api/auth-invitations-resend.js';
-import { CancelInvitationBody } from '../../lib/api/auth-invitations-cancel.js';
-export { CancelInvitationResponse } from '../../lib/api/auth-invitations-cancel.js';
-import { AcceptInvitationBody } from '../../lib/api/auth-invitations-accept.js';
-export { AcceptInvitationResponse } from '../../lib/api/auth-invitations-accept.js';
-import { GetInvitationParams, CreateInvitationBody, ListInvitationsQuery } from '../../lib/api/auth-invitations.js';
-export { CreateInvitationResponse, GetInvitationResponse, ListInvitationsResponse } from '../../lib/api/auth-invitations.js';
-import { GetMeBody } from '../../lib/api/auth-me.js';
-import { ChangePasswordBody } from '../../lib/api/auth-password.js';
-export { ChangePasswordResponse } from '../../lib/api/auth-password.js';
-export { RotateKeyResponse } from '../../lib/api/auth-keys-rotate.js';
-export { LogoutResponse } from '../../lib/api/auth-logout.js';
-export { LoginResponse } from '../../lib/api/auth-login.js';
-export { RegisterResponse } from '../../lib/api/auth-register.js';
-import { CheckAccountExistsBody } from '../../lib/api/auth-exists.js';
-export { CheckAccountExistsResponse } from '../../lib/api/auth-exists.js';
-import { VerifyCodeBody } from '../../lib/api/auth-codes-verify.js';
-export { VerifyCodeResponse } from '../../lib/api/auth-codes-verify.js';
-import { SendVerificationCodeBody } from '../../lib/api/auth-codes.js';
-export { SendVerificationCodeResponse } from '../../lib/api/auth-codes.js';
-export { client } from '@spfn/core/client';
-import '@spfn/core';
-import '../../lib/contracts/invitation.js';
-import '@sinclair/typebox';
-import '../../lib/contracts/auth.js';
-
-/**
- * Client-side login types (without key fields)
- */
-type ClientLoginParams = {
-    body: {
-        email?: string;
-        phone?: string;
-        password: string;
-    };
-};
-/**
- * Client-side register types (without key fields)
- */
-type ClientRegisterParams = {
-    body: {
-        email?: string;
-        phone?: string;
-        password: string;
-        verificationToken: string;
-    };
-};
-/**
- * Login with email/password
- *
- * Interceptor automatically generates and injects publicKey fields
- */
-declare const login: (params: ClientLoginParams) => Promise<{
-    success: false;
-    error: {
-        details?: any;
-        code: string;
-        message: string;
-    };
-} | {
-    message?: string | undefined;
-    success: true;
-    data: {
-        email?: string | undefined;
-        phone?: string | undefined;
-        userId: string;
-        passwordChangeRequired: boolean;
-    };
-}>;
-/**
- * Register new account
- *
- * Interceptor automatically generates and injects publicKey fields
- */
-declare const register: (params: ClientRegisterParams) => Promise<{
-    success: false;
-    error: {
-        details?: any;
-        code: string;
-        message: string;
-    };
-} | {
-    message?: string | undefined;
-    success: true;
-    data: {
-        email?: string | undefined;
-        phone?: string | undefined;
-        userId: string;
-    };
-}>;
-/**
- * Logout current session
- *
- * Interceptor automatically adds JWT authentication
- */
-declare const logout: () => Promise<{
-    success: false;
-    error: {
-        details?: any;
-        code: string;
-        message: string;
-    };
-} | {
-    message?: string | undefined;
-    success: true;
-    data: {
-        success: boolean;
-    };
-}>;
-/**
- * Rotate encryption keys
- *
- * Interceptor automatically generates new key pair and adds JWT authentication
- */
-declare const rotateKey: () => Promise<{
-    success: false;
-    error: {
-        details?: any;
-        code: string;
-        message: string;
-    };
-} | {
-    message?: string | undefined;
-    success: true;
-    data: {
-        success: boolean;
-        keyId: string;
-    };
-}>;
-/**
- * Auth API collection
- */
-declare const authApi: {
-    readonly login: (params: ClientLoginParams) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            email?: string | undefined;
-            phone?: string | undefined;
-            userId: string;
-            passwordChangeRequired: boolean;
-        };
-    }>;
-    readonly register: (params: ClientRegisterParams) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            email?: string | undefined;
-            phone?: string | undefined;
-            userId: string;
-        };
-    }>;
-    readonly logout: () => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            success: boolean;
-        };
-    }>;
-    readonly rotateKey: () => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            success: boolean;
-            keyId: string;
-        };
-    }>;
-    readonly sendVerificationCode: (options: {
-        body: SendVerificationCodeBody;
-    }) => Promise<{
-        message?: string | undefined;
-        success: true;
-        data: {
-            success: boolean;
-            expiresAt: string;
-        };
-    } | {
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    }>;
-    readonly verifyCode: (options: {
-        body: VerifyCodeBody;
-    }) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            verificationToken?: string | undefined;
-            valid: boolean;
-        };
-    }>;
-    readonly checkAccountExists: (options: {
-        body: CheckAccountExistsBody;
-    }) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            exists: boolean;
-            identifier: string;
-            identifierType: "email" | "phone";
-        };
-    }>;
-    readonly changePassword: (options: {
-        body: ChangePasswordBody;
-    }) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            success: boolean;
-        };
-    }>;
-    readonly getMe: (options: {
-        body: GetMeBody;
-    }) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            email?: string | undefined;
-            phone?: string | undefined;
-            userId: string;
-            role: {
-                id: number;
-                name: string;
-                displayName: string;
-                priority: number;
-            };
-            permissions: {
-                category?: string | undefined;
-                id: number;
-                name: string;
-                displayName: string;
-            }[];
-        };
-    }>;
-    readonly getInvitation: (options: {
-        params: GetInvitationParams;
-    }) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            metadata?: any;
-            email: string;
-            expiresAt: string;
-            role: string;
-            roleDisplayName: string;
-            invitedBy: string;
-        };
-    }>;
-    readonly createInvitation: (options: {
-        body: CreateInvitationBody;
-    }) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            email: string;
-            expiresAt: string;
-            id: number;
-            token: string;
-            roleId: number;
-            invitationUrl: string;
-        };
-    }>;
-    readonly listInvitations: (options: {
-        query?: ListInvitationsQuery;
-    }) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            page: number;
-            limit: number;
-            invitations: {
-                acceptedAt?: string | undefined;
-                cancelledAt?: string | undefined;
-                email: string;
-                expiresAt: string;
-                role: {
-                    id: number;
-                    name: string;
-                    displayName: string;
-                };
-                id: number;
-                status: string;
-                inviter: {
-                    email: string;
-                    id: number;
-                };
-                createdAt: string;
-            }[];
-            total: number;
-            totalPages: number;
-        };
-    }>;
-    readonly acceptInvitation: (options: {
-        body: AcceptInvitationBody;
-    }) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            email: string;
-            userId: number;
-            role: string;
-        };
-    }>;
-    readonly cancelInvitation: (options: {
-        body: CancelInvitationBody;
-    }) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            success: boolean;
-            cancelledAt: string;
-        };
-    }>;
-    readonly resendInvitation: (options: {
-        body: ResendInvitationBody;
-    }) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            success: boolean;
-            expiresAt: string;
-        };
-    }>;
-    readonly deleteInvitation: (options: {
-        body: DeleteInvitationBody;
-    }) => Promise<{
-        success: false;
-        error: {
-            details?: any;
-            code: string;
-            message: string;
-        };
-    } | {
-        message?: string | undefined;
-        success: true;
-        data: {
-            success: boolean;
-        };
-    }>;
-};
-
-export { AcceptInvitationBody, CancelInvitationBody, ChangePasswordBody, CheckAccountExistsBody, type ClientLoginParams, type ClientRegisterParams, CreateInvitationBody, DeleteInvitationBody, GetInvitationParams, ListInvitationsQuery, ResendInvitationBody, SendVerificationCodeBody, VerifyCodeBody, authApi, login, logout, register, rotateKey };