@stapel/auth-react 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +56 -0
- package/LICENSE +21 -0
- package/MODULE.md +147 -0
- package/README.md +116 -0
- package/dist/api/authApi.d.ts +68 -0
- package/dist/api/authApi.d.ts.map +1 -0
- package/dist/api/authApi.js +90 -0
- package/dist/api/authApi.js.map +1 -0
- package/dist/api/types.d.ts +238 -0
- package/dist/api/types.d.ts.map +1 -0
- package/dist/api/types.js +14 -0
- package/dist/api/types.js.map +1 -0
- package/dist/api/urls.d.ts +41 -0
- package/dist/api/urls.d.ts.map +1 -0
- package/dist/api/urls.js +86 -0
- package/dist/api/urls.js.map +1 -0
- package/dist/flows/anonymousFlow.d.ts +33 -0
- package/dist/flows/anonymousFlow.d.ts.map +1 -0
- package/dist/flows/anonymousFlow.js +26 -0
- package/dist/flows/anonymousFlow.js.map +1 -0
- package/dist/flows/authenticatorChangeFlow.d.ts +67 -0
- package/dist/flows/authenticatorChangeFlow.d.ts.map +1 -0
- package/dist/flows/authenticatorChangeFlow.js +79 -0
- package/dist/flows/authenticatorChangeFlow.js.map +1 -0
- package/dist/flows/createFlowMachine.d.ts +55 -0
- package/dist/flows/createFlowMachine.d.ts.map +1 -0
- package/dist/flows/createFlowMachine.js +56 -0
- package/dist/flows/createFlowMachine.js.map +1 -0
- package/dist/flows/errors.d.ts +15 -0
- package/dist/flows/errors.d.ts.map +1 -0
- package/dist/flows/errors.js +17 -0
- package/dist/flows/errors.js.map +1 -0
- package/dist/flows/magicLinkFlow.d.ts +41 -0
- package/dist/flows/magicLinkFlow.d.ts.map +1 -0
- package/dist/flows/magicLinkFlow.js +29 -0
- package/dist/flows/magicLinkFlow.js.map +1 -0
- package/dist/flows/oauthFlow.d.ts +58 -0
- package/dist/flows/oauthFlow.d.ts.map +1 -0
- package/dist/flows/oauthFlow.js +53 -0
- package/dist/flows/oauthFlow.js.map +1 -0
- package/dist/flows/otpFlow.d.ts +74 -0
- package/dist/flows/otpFlow.d.ts.map +1 -0
- package/dist/flows/otpFlow.js +68 -0
- package/dist/flows/otpFlow.js.map +1 -0
- package/dist/flows/passkeyFlow.d.ts +75 -0
- package/dist/flows/passkeyFlow.d.ts.map +1 -0
- package/dist/flows/passkeyFlow.js +100 -0
- package/dist/flows/passkeyFlow.js.map +1 -0
- package/dist/flows/passwordChangeFlow.d.ts +53 -0
- package/dist/flows/passwordChangeFlow.d.ts.map +1 -0
- package/dist/flows/passwordChangeFlow.js +51 -0
- package/dist/flows/passwordChangeFlow.js.map +1 -0
- package/dist/flows/passwordLoginFlow.d.ts +62 -0
- package/dist/flows/passwordLoginFlow.d.ts.map +1 -0
- package/dist/flows/passwordLoginFlow.js +55 -0
- package/dist/flows/passwordLoginFlow.js.map +1 -0
- package/dist/flows/passwordResetFlow.d.ts +56 -0
- package/dist/flows/passwordResetFlow.d.ts.map +1 -0
- package/dist/flows/passwordResetFlow.js +57 -0
- package/dist/flows/passwordResetFlow.js.map +1 -0
- package/dist/flows/qrLoginFlow.d.ts +55 -0
- package/dist/flows/qrLoginFlow.d.ts.map +1 -0
- package/dist/flows/qrLoginFlow.js +91 -0
- package/dist/flows/qrLoginFlow.js.map +1 -0
- package/dist/flows/ssoFlow.d.ts +46 -0
- package/dist/flows/ssoFlow.d.ts.map +1 -0
- package/dist/flows/ssoFlow.js +34 -0
- package/dist/flows/ssoFlow.js.map +1 -0
- package/dist/flows/totpSetupFlow.d.ts +49 -0
- package/dist/flows/totpSetupFlow.d.ts.map +1 -0
- package/dist/flows/totpSetupFlow.js +47 -0
- package/dist/flows/totpSetupFlow.js.map +1 -0
- package/dist/flows/useFlow.d.ts +9 -0
- package/dist/flows/useFlow.d.ts.map +1 -0
- package/dist/flows/useFlow.js +11 -0
- package/dist/flows/useFlow.js.map +1 -0
- package/dist/flows/verificationFlow.d.ts +108 -0
- package/dist/flows/verificationFlow.d.ts.map +1 -0
- package/dist/flows/verificationFlow.js +195 -0
- package/dist/flows/verificationFlow.js.map +1 -0
- package/dist/headless/AuthProvider.d.ts +18 -0
- package/dist/headless/AuthProvider.d.ts.map +1 -0
- package/dist/headless/AuthProvider.js +22 -0
- package/dist/headless/AuthProvider.js.map +1 -0
- package/dist/headless/Passkey.d.ts +31 -0
- package/dist/headless/Passkey.d.ts.map +1 -0
- package/dist/headless/Passkey.js +51 -0
- package/dist/headless/Passkey.js.map +1 -0
- package/dist/headless/PasswordChange.d.ts +20 -0
- package/dist/headless/PasswordChange.d.ts.map +1 -0
- package/dist/headless/PasswordChange.js +30 -0
- package/dist/headless/PasswordChange.js.map +1 -0
- package/dist/headless/PasswordLogin.d.ts +17 -0
- package/dist/headless/PasswordLogin.d.ts.map +1 -0
- package/dist/headless/PasswordLogin.js +31 -0
- package/dist/headless/PasswordLogin.js.map +1 -0
- package/dist/headless/PasswordReset.d.ts +19 -0
- package/dist/headless/PasswordReset.d.ts.map +1 -0
- package/dist/headless/PasswordReset.js +34 -0
- package/dist/headless/PasswordReset.js.map +1 -0
- package/dist/headless/PasswordlessLogin.d.ts +28 -0
- package/dist/headless/PasswordlessLogin.d.ts.map +1 -0
- package/dist/headless/PasswordlessLogin.js +42 -0
- package/dist/headless/PasswordlessLogin.js.map +1 -0
- package/dist/headless/QrLogin.d.ts +19 -0
- package/dist/headless/QrLogin.d.ts.map +1 -0
- package/dist/headless/QrLogin.js +32 -0
- package/dist/headless/QrLogin.js.map +1 -0
- package/dist/headless/TotpSetup.d.ts +17 -0
- package/dist/headless/TotpSetup.d.ts.map +1 -0
- package/dist/headless/TotpSetup.js +26 -0
- package/dist/headless/TotpSetup.js.map +1 -0
- package/dist/headless/VerificationChallenge.d.ts +37 -0
- package/dist/headless/VerificationChallenge.d.ts.map +1 -0
- package/dist/headless/VerificationChallenge.js +40 -0
- package/dist/headless/VerificationChallenge.js.map +1 -0
- package/dist/headless/misc.d.ts +47 -0
- package/dist/headless/misc.d.ts.map +1 -0
- package/dist/headless/misc.js +84 -0
- package/dist/headless/misc.js.map +1 -0
- package/dist/i18n/keys.d.ts +34 -0
- package/dist/i18n/keys.d.ts.map +1 -0
- package/dist/i18n/keys.js +83 -0
- package/dist/i18n/keys.js.map +1 -0
- package/dist/index.d.ts +73 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +48 -0
- package/dist/index.js.map +1 -0
- package/dist/model/context.d.ts +22 -0
- package/dist/model/context.d.ts.map +1 -0
- package/dist/model/context.js +34 -0
- package/dist/model/context.js.map +1 -0
- package/dist/model/mutations.d.ts +28 -0
- package/dist/model/mutations.d.ts.map +1 -0
- package/dist/model/mutations.js +108 -0
- package/dist/model/mutations.js.map +1 -0
- package/dist/model/queries.d.ts +30 -0
- package/dist/model/queries.d.ts.map +1 -0
- package/dist/model/queries.js +87 -0
- package/dist/model/queries.js.map +1 -0
- package/dist/model/queryKeys.d.ts +13 -0
- package/dist/model/queryKeys.d.ts.map +1 -0
- package/dist/model/queryKeys.js +21 -0
- package/dist/model/queryKeys.js.map +1 -0
- package/dist/model/runtime.d.ts +39 -0
- package/dist/model/runtime.d.ts.map +1 -0
- package/dist/model/runtime.js +44 -0
- package/dist/model/runtime.js.map +1 -0
- package/dist/model/session.d.ts +50 -0
- package/dist/model/session.d.ts.map +1 -0
- package/dist/model/session.js +124 -0
- package/dist/model/session.js.map +1 -0
- package/package.json +68 -0
- package/src/api/authApi.ts +332 -0
- package/src/api/types.ts +291 -0
- package/src/api/urls.ts +99 -0
- package/src/flows/anonymousFlow.ts +57 -0
- package/src/flows/authenticatorChangeFlow.ts +160 -0
- package/src/flows/createFlowMachine.ts +126 -0
- package/src/flows/errors.ts +29 -0
- package/src/flows/magicLinkFlow.ts +68 -0
- package/src/flows/oauthFlow.ts +114 -0
- package/src/flows/otpFlow.ts +156 -0
- package/src/flows/passkeyFlow.ts +191 -0
- package/src/flows/passwordChangeFlow.ts +114 -0
- package/src/flows/passwordLoginFlow.ts +122 -0
- package/src/flows/passwordResetFlow.ts +123 -0
- package/src/flows/qrLoginFlow.ts +158 -0
- package/src/flows/ssoFlow.ts +84 -0
- package/src/flows/totpSetupFlow.ts +96 -0
- package/src/flows/useFlow.ts +16 -0
- package/src/flows/verificationFlow.ts +341 -0
- package/src/headless/AuthProvider.tsx +30 -0
- package/src/headless/Passkey.tsx +97 -0
- package/src/headless/PasswordChange.tsx +46 -0
- package/src/headless/PasswordLogin.tsx +49 -0
- package/src/headless/PasswordReset.tsx +51 -0
- package/src/headless/PasswordlessLogin.tsx +60 -0
- package/src/headless/QrLogin.tsx +52 -0
- package/src/headless/TotpSetup.tsx +40 -0
- package/src/headless/VerificationChallenge.tsx +54 -0
- package/src/headless/misc.tsx +151 -0
- package/src/i18n/keys.ts +94 -0
- package/src/index.ts +229 -0
- package/src/model/context.tsx +51 -0
- package/src/model/mutations.ts +152 -0
- package/src/model/queries.ts +130 -0
- package/src/model/queryKeys.ts +32 -0
- package/src/model/runtime.ts +93 -0
- package/src/model/session.ts +188 -0
- package/tsconfig.json +26 -0
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
import { useMemo } from "react";
|
|
2
|
+
import { createAnonymousFlow } from "../flows/anonymousFlow.js";
|
|
3
|
+
import { createAuthenticatorChangeFlow } from "../flows/authenticatorChangeFlow.js";
|
|
4
|
+
import { createMagicLinkFlow } from "../flows/magicLinkFlow.js";
|
|
5
|
+
import { createSsoFlow } from "../flows/ssoFlow.js";
|
|
6
|
+
import { useFlow } from "../flows/useFlow.js";
|
|
7
|
+
import { useAuthAnalytics, useAuthApi, useAuthSession } from "../model/context.js";
|
|
8
|
+
/** Headless magic-link request (auth-sa.md §15). */
|
|
9
|
+
export function MagicLink(props) {
|
|
10
|
+
const api = useAuthApi();
|
|
11
|
+
const analytics = useAuthAnalytics();
|
|
12
|
+
const flow = useMemo(() => createMagicLinkFlow({ api, analytics }), [api, analytics]);
|
|
13
|
+
const state = useFlow(flow.machine);
|
|
14
|
+
return props.children({
|
|
15
|
+
state,
|
|
16
|
+
request: (email, redirectUrl) => {
|
|
17
|
+
void flow.request(email, redirectUrl);
|
|
18
|
+
},
|
|
19
|
+
reset: flow.reset,
|
|
20
|
+
});
|
|
21
|
+
}
|
|
22
|
+
/** Headless anonymous session (auth-sa.md §6). */
|
|
23
|
+
export function AnonymousSession(props) {
|
|
24
|
+
const api = useAuthApi();
|
|
25
|
+
const analytics = useAuthAnalytics();
|
|
26
|
+
const session = useAuthSession();
|
|
27
|
+
const flow = useMemo(() => createAnonymousFlow({
|
|
28
|
+
api,
|
|
29
|
+
analytics,
|
|
30
|
+
onAuthenticated: (r) => session.adopt(r),
|
|
31
|
+
}), [api, analytics, session]);
|
|
32
|
+
const state = useFlow(flow.machine);
|
|
33
|
+
return props.children({
|
|
34
|
+
state,
|
|
35
|
+
create: (deviceId) => {
|
|
36
|
+
void flow.create(deviceId);
|
|
37
|
+
},
|
|
38
|
+
reset: flow.reset,
|
|
39
|
+
});
|
|
40
|
+
}
|
|
41
|
+
/** Headless SSO domain discovery + login redirect (auth-sa.md §18). */
|
|
42
|
+
export function SsoDiscovery(props) {
|
|
43
|
+
const api = useAuthApi();
|
|
44
|
+
const analytics = useAuthAnalytics();
|
|
45
|
+
const flow = useMemo(() => createSsoFlow({ api, analytics }), [api, analytics]);
|
|
46
|
+
const state = useFlow(flow.machine);
|
|
47
|
+
return props.children({
|
|
48
|
+
state,
|
|
49
|
+
lookup: (domain) => {
|
|
50
|
+
void flow.lookup(domain);
|
|
51
|
+
},
|
|
52
|
+
beginLogin: flow.beginLogin,
|
|
53
|
+
reset: flow.reset,
|
|
54
|
+
});
|
|
55
|
+
}
|
|
56
|
+
/** Headless instant email/phone change (auth-sa.md §9). */
|
|
57
|
+
export function AuthenticatorChange(props) {
|
|
58
|
+
const api = useAuthApi();
|
|
59
|
+
const analytics = useAuthAnalytics();
|
|
60
|
+
const session = useAuthSession();
|
|
61
|
+
const flow = useMemo(() => createAuthenticatorChangeFlow({
|
|
62
|
+
api,
|
|
63
|
+
analytics,
|
|
64
|
+
onAuthenticated: (r) => session.adopt(r),
|
|
65
|
+
}), [api, analytics, session]);
|
|
66
|
+
const state = useFlow(flow.machine);
|
|
67
|
+
return props.children({
|
|
68
|
+
state,
|
|
69
|
+
startInstant: (channel) => {
|
|
70
|
+
void flow.startInstant(channel);
|
|
71
|
+
},
|
|
72
|
+
submitOldCode: (code) => {
|
|
73
|
+
void flow.submitOldCode(code);
|
|
74
|
+
},
|
|
75
|
+
requestNew: (newValue) => {
|
|
76
|
+
void flow.requestNew(newValue);
|
|
77
|
+
},
|
|
78
|
+
submitNewCode: (code) => {
|
|
79
|
+
void flow.submitNewCode(code);
|
|
80
|
+
},
|
|
81
|
+
reset: flow.reset,
|
|
82
|
+
});
|
|
83
|
+
}
|
|
84
|
+
//# sourceMappingURL=misc.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"misc.js","sourceRoot":"","sources":["../../src/headless/misc.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,OAAO,CAAC;AAGhC,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAEhE,OAAO,EAAE,6BAA6B,EAAE,MAAM,qCAAqC,CAAC;AAEpF,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAEhE,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEpD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAUnF,oDAAoD;AACpD,MAAM,UAAU,SAAS,CAAC,KAEzB;IACC,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;IACzB,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;IACrC,MAAM,IAAI,GAAG,OAAO,CAClB,GAAG,EAAE,CAAC,mBAAmB,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC,EAC7C,CAAC,GAAG,EAAE,SAAS,CAAC,CACjB,CAAC;IACF,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpC,OAAO,KAAK,CAAC,QAAQ,CAAC;QACpB,KAAK;QACL,OAAO,EAAE,CAAC,KAAK,EAAE,WAAW,EAAE,EAAE;YAC9B,KAAK,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;QACxC,CAAC;QACD,KAAK,EAAE,IAAI,CAAC,KAAK;KAClB,CAAC,CAAC;AACL,CAAC;AAUD,kDAAkD;AAClD,MAAM,UAAU,gBAAgB,CAAC,KAEhC;IACC,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;IACzB,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;IACrC,MAAM,OAAO,GAAG,cAAc,EAAE,CAAC;IACjC,MAAM,IAAI,GAAG,OAAO,CAClB,GAAG,EAAE,CACH,mBAAmB,CAAC;QAClB,GAAG;QACH,SAAS;QACT,eAAe,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;KACzC,CAAC,EACJ,CAAC,GAAG,EAAE,SAAS,EAAE,OAAO,CAAC,CAC1B,CAAC;IACF,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpC,OAAO,KAAK,CAAC,QAAQ,CAAC;QACpB,KAAK;QACL,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE;YACnB,KAAK,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC7B,CAAC;QACD,KAAK,EAAE,IAAI,CAAC,KAAK;KAClB,CAAC,CAAC;AACL,CAAC;AAWD,uEAAuE;AACvE,MAAM,UAAU,YAAY,CAAC,KAE5B;IACC,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;IACzB,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;IACrC,MAAM,IAAI,GAAG,OAAO,CAClB,GAAG,EAAE,CAAC,aAAa,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC,EACvC,CAAC,GAAG,EAAE,SAAS,CAAC,CACjB,CAAC;IACF,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpC,OAAO,KAAK,CAAC,QAAQ,CAAC;QACpB,KAAK;QACL,MAAM,EAAE,CAAC,MAAM,EAAE,EAAE;YACjB,KAAK,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC3B,CAAC;QACD,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,KAAK,EAAE,IAAI,CAAC,KAAK;KAClB,CAAC,CAAC;AACL,CAAC;AAaD,2DAA2D;AAC3D,MAAM,UAAU,mBAAmB,CAAC,KAEnC;IACC,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;IACzB,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;IACrC,MAAM,OAAO,GAAG,cAAc,EAAE,CAAC;IACjC,MAAM,IAAI,GAAG,OAAO,CAClB,GAAG,EAAE,CACH,6BAA6B,CAAC;QAC5B,GAAG;QACH,SAAS;QACT,eAAe,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;KACzC,CAAC,EACJ,CAAC,GAAG,EAAE,SAAS,EAAE,OAAO,CAAC,CAC1B,CAAC;IACF,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpC,OAAO,KAAK,CAAC,QAAQ,CAAC;QACpB,KAAK;QACL,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;YACxB,KAAK,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAClC,CAAC;QACD,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE;YACtB,KAAK,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,UAAU,EAAE,CAAC,QAAQ,EAAE,EAAE;YACvB,KAAK,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QACjC,CAAC;QACD,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE;YACtB,KAAK,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,KAAK,EAAE,IAAI,CAAC,KAAK;KAClB,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
import type { I18nDictionary, I18nEngine } from "@stapel/core";
|
|
2
|
+
/**
|
|
3
|
+
* auth-react's own translation KEYS (frontend-standard §4.2): headless
|
|
4
|
+
* components never render literal strings — hosts resolve these via core's
|
|
5
|
+
* i18n engine (`useT`). Backend error codes (auth-sa.md "Error reference")
|
|
6
|
+
* flow through the SAME contour: a `StapelApiError.code` like
|
|
7
|
+
* `error.400.code_expired` is already a key, so the default bundle below ships
|
|
8
|
+
* English fallbacks for both the backend error codes and auth-react's UI keys.
|
|
9
|
+
* Point core's `loadLocale` at stapel-translate to override per locale.
|
|
10
|
+
*/
|
|
11
|
+
export declare const AUTH_I18N_KEYS: {
|
|
12
|
+
readonly otpEnterCode: "auth.otp.enter_code";
|
|
13
|
+
readonly otpResend: "auth.otp.resend";
|
|
14
|
+
readonly otpSentTo: "auth.otp.sent_to";
|
|
15
|
+
readonly passwordLabel: "auth.password.label";
|
|
16
|
+
readonly totpEnterCode: "auth.totp.enter_code";
|
|
17
|
+
readonly totpUseBackup: "auth.totp.use_backup";
|
|
18
|
+
readonly verificationChoose: "auth.verification.choose_factor";
|
|
19
|
+
readonly verificationSuccess: "auth.verification.success";
|
|
20
|
+
readonly sessionThisDevice: "auth.session.this_device";
|
|
21
|
+
readonly sessionSuspicious: "auth.session.suspicious";
|
|
22
|
+
readonly passkeyNoCredentials: "auth.passkey.no_credentials";
|
|
23
|
+
readonly unknownError: "auth.error.unknown";
|
|
24
|
+
};
|
|
25
|
+
export type AuthI18nKey = (typeof AUTH_I18N_KEYS)[keyof typeof AUTH_I18N_KEYS];
|
|
26
|
+
/** English fallback bundle for auth-react UI keys + backend auth error codes. */
|
|
27
|
+
export declare const authI18nBundleEn: I18nDictionary;
|
|
28
|
+
/**
|
|
29
|
+
* Register auth-react's key bundle into a core i18n engine (call once at
|
|
30
|
+
* startup). Registers under the given locale (default `"en"`); a later
|
|
31
|
+
* `loadLocale` from stapel-translate can layer localized overrides.
|
|
32
|
+
*/
|
|
33
|
+
export declare function registerAuthI18n(engine: I18nEngine, locale?: string): void;
|
|
34
|
+
//# sourceMappingURL=keys.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"keys.d.ts","sourceRoot":"","sources":["../../src/i18n/keys.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE/D;;;;;;;;GAQG;AACH,eAAO,MAAM,cAAc;;;;;;;;;;;;;CAcjB,CAAC;AAEX,MAAM,MAAM,WAAW,GACrB,CAAC,OAAO,cAAc,CAAC,CAAC,MAAM,OAAO,cAAc,CAAC,CAAC;AAEvD,iFAAiF;AACjF,eAAO,MAAM,gBAAgB,EAAE,cAqD9B,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,UAAU,EAAE,MAAM,SAAO,GAAG,IAAI,CAExE"}
|
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* auth-react's own translation KEYS (frontend-standard §4.2): headless
|
|
3
|
+
* components never render literal strings — hosts resolve these via core's
|
|
4
|
+
* i18n engine (`useT`). Backend error codes (auth-sa.md "Error reference")
|
|
5
|
+
* flow through the SAME contour: a `StapelApiError.code` like
|
|
6
|
+
* `error.400.code_expired` is already a key, so the default bundle below ships
|
|
7
|
+
* English fallbacks for both the backend error codes and auth-react's UI keys.
|
|
8
|
+
* Point core's `loadLocale` at stapel-translate to override per locale.
|
|
9
|
+
*/
|
|
10
|
+
export const AUTH_I18N_KEYS = {
|
|
11
|
+
// Flow UI keys (auth-react-owned)
|
|
12
|
+
otpEnterCode: "auth.otp.enter_code",
|
|
13
|
+
otpResend: "auth.otp.resend",
|
|
14
|
+
otpSentTo: "auth.otp.sent_to",
|
|
15
|
+
passwordLabel: "auth.password.label",
|
|
16
|
+
totpEnterCode: "auth.totp.enter_code",
|
|
17
|
+
totpUseBackup: "auth.totp.use_backup",
|
|
18
|
+
verificationChoose: "auth.verification.choose_factor",
|
|
19
|
+
verificationSuccess: "auth.verification.success",
|
|
20
|
+
sessionThisDevice: "auth.session.this_device",
|
|
21
|
+
sessionSuspicious: "auth.session.suspicious",
|
|
22
|
+
passkeyNoCredentials: "auth.passkey.no_credentials",
|
|
23
|
+
unknownError: "auth.error.unknown",
|
|
24
|
+
};
|
|
25
|
+
/** English fallback bundle for auth-react UI keys + backend auth error codes. */
|
|
26
|
+
export const authI18nBundleEn = {
|
|
27
|
+
// auth-react UI
|
|
28
|
+
"auth.otp.enter_code": "Enter the code we sent you",
|
|
29
|
+
"auth.otp.resend": "Resend code",
|
|
30
|
+
"auth.otp.sent_to": "Code sent to {target}",
|
|
31
|
+
"auth.password.label": "Password",
|
|
32
|
+
"auth.totp.enter_code": "Enter your 6-digit code",
|
|
33
|
+
"auth.totp.use_backup": "Use a backup code",
|
|
34
|
+
"auth.verification.choose_factor": "Verify it's you",
|
|
35
|
+
"auth.verification.success": "Verified",
|
|
36
|
+
"auth.session.this_device": "This device",
|
|
37
|
+
"auth.session.suspicious": "Unrecognized sign-in",
|
|
38
|
+
"auth.passkey.no_credentials": "Couldn't sign in with a passkey on this device. Add one in Security settings after signing in another way, or pick a different sign-in method below.",
|
|
39
|
+
"auth.error.unknown": "Something went wrong. Please try again.",
|
|
40
|
+
// Backend error codes (auth-sa.md "Error reference")
|
|
41
|
+
"error.401.invalid_credentials": "Incorrect email or password.",
|
|
42
|
+
"error.401.account_disabled": "This account has been disabled.",
|
|
43
|
+
"error.401.refresh_revoked": "Your session ended. Please sign in again.",
|
|
44
|
+
"error.400.code_expired": "That code has expired. Request a new one.",
|
|
45
|
+
"error.400.invalid_code": "That code is incorrect.",
|
|
46
|
+
"error.400.invalid_code_attempts": "That code is incorrect. {attempts_remaining} attempts left.",
|
|
47
|
+
"error.422.blocked": "Too many attempts. Try again in {retry_after_minutes} min.",
|
|
48
|
+
"error.429.rate_limit": "Please wait before requesting another code.",
|
|
49
|
+
"error.400.no_verified_contact": "No verified contact for this method.",
|
|
50
|
+
"error.400.wrong_password": "Your current password is incorrect.",
|
|
51
|
+
"error.400.no_password": "This account has no password set.",
|
|
52
|
+
"error.404.user_for_reset": "No account found for that email or phone.",
|
|
53
|
+
"error.403.mock_otp_admin": "Admin accounts can't use codes in this environment.",
|
|
54
|
+
"error.400.code_required": "A code is required.",
|
|
55
|
+
"error.400.totp_not_pending": "Start two-factor setup first.",
|
|
56
|
+
"error.423.account_locked": "Account locked. Try again in {retry_after_minutes} min.",
|
|
57
|
+
"error.429.magic_link_rate": "Too many login-link requests. Try again later.",
|
|
58
|
+
"error.400.passkey_invalid": "Passkey verification failed.",
|
|
59
|
+
"error.400.passkey_challenge_expired": "Passkey request expired. Try again.",
|
|
60
|
+
"error.409.passkey_already_registered": "This passkey is already registered.",
|
|
61
|
+
"error.400.last_auth_method": "You can't remove your last sign-in method.",
|
|
62
|
+
"error.400.invalid_redirect_url": "Invalid redirect.",
|
|
63
|
+
"error.400.magic_link_invalid": "This login link is invalid or has expired.",
|
|
64
|
+
"error.400.captcha_required": "Please complete the captcha.",
|
|
65
|
+
"error.400.captcha_invalid": "Captcha verification failed.",
|
|
66
|
+
"error.403.verification_required": "Additional verification required.",
|
|
67
|
+
"error.404.verification_challenge_not_found": "This verification expired. Please retry the action.",
|
|
68
|
+
"error.400.verification_invalid_factor": "That verification option isn't available.",
|
|
69
|
+
"error.400.verification_failed": "Verification failed. Try again.",
|
|
70
|
+
"error.423.verification_locked": "Too many attempts. Retry the action later.",
|
|
71
|
+
"error.404.sso_org_not_found": "Organization not found.",
|
|
72
|
+
"error.400.sso_not_configured": "SSO isn't configured for this organization.",
|
|
73
|
+
"error.403.sso_required": "This account must sign in with SSO.",
|
|
74
|
+
};
|
|
75
|
+
/**
|
|
76
|
+
* Register auth-react's key bundle into a core i18n engine (call once at
|
|
77
|
+
* startup). Registers under the given locale (default `"en"`); a later
|
|
78
|
+
* `loadLocale` from stapel-translate can layer localized overrides.
|
|
79
|
+
*/
|
|
80
|
+
export function registerAuthI18n(engine, locale = "en") {
|
|
81
|
+
engine.registerBundle(locale, authI18nBundleEn);
|
|
82
|
+
}
|
|
83
|
+
//# sourceMappingURL=keys.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"keys.js","sourceRoot":"","sources":["../../src/i18n/keys.ts"],"names":[],"mappings":"AAEA;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,kCAAkC;IAClC,YAAY,EAAE,qBAAqB;IACnC,SAAS,EAAE,iBAAiB;IAC5B,SAAS,EAAE,kBAAkB;IAC7B,aAAa,EAAE,qBAAqB;IACpC,aAAa,EAAE,sBAAsB;IACrC,aAAa,EAAE,sBAAsB;IACrC,kBAAkB,EAAE,iCAAiC;IACrD,mBAAmB,EAAE,2BAA2B;IAChD,iBAAiB,EAAE,0BAA0B;IAC7C,iBAAiB,EAAE,yBAAyB;IAC5C,oBAAoB,EAAE,6BAA6B;IACnD,YAAY,EAAE,oBAAoB;CAC1B,CAAC;AAKX,iFAAiF;AACjF,MAAM,CAAC,MAAM,gBAAgB,GAAmB;IAC9C,gBAAgB;IAChB,qBAAqB,EAAE,4BAA4B;IACnD,iBAAiB,EAAE,aAAa;IAChC,kBAAkB,EAAE,uBAAuB;IAC3C,qBAAqB,EAAE,UAAU;IACjC,sBAAsB,EAAE,yBAAyB;IACjD,sBAAsB,EAAE,mBAAmB;IAC3C,iCAAiC,EAAE,iBAAiB;IACpD,2BAA2B,EAAE,UAAU;IACvC,0BAA0B,EAAE,aAAa;IACzC,yBAAyB,EAAE,sBAAsB;IACjD,6BAA6B,EAC3B,sJAAsJ;IACxJ,oBAAoB,EAAE,yCAAyC;IAE/D,qDAAqD;IACrD,+BAA+B,EAAE,8BAA8B;IAC/D,4BAA4B,EAAE,iCAAiC;IAC/D,2BAA2B,EAAE,2CAA2C;IACxE,wBAAwB,EAAE,2CAA2C;IACrE,wBAAwB,EAAE,yBAAyB;IACnD,iCAAiC,EAC/B,6DAA6D;IAC/D,mBAAmB,EAAE,4DAA4D;IACjF,sBAAsB,EAAE,6CAA6C;IACrE,+BAA+B,EAAE,sCAAsC;IACvE,0BAA0B,EAAE,qCAAqC;IACjE,uBAAuB,EAAE,mCAAmC;IAC5D,0BAA0B,EAAE,2CAA2C;IACvE,0BAA0B,EAAE,qDAAqD;IACjF,yBAAyB,EAAE,qBAAqB;IAChD,4BAA4B,EAAE,+BAA+B;IAC7D,0BAA0B,EACxB,yDAAyD;IAC3D,2BAA2B,EAAE,gDAAgD;IAC7E,2BAA2B,EAAE,8BAA8B;IAC3D,qCAAqC,EAAE,qCAAqC;IAC5E,sCAAsC,EAAE,qCAAqC;IAC7E,4BAA4B,EAAE,4CAA4C;IAC1E,gCAAgC,EAAE,mBAAmB;IACrD,8BAA8B,EAAE,4CAA4C;IAC5E,4BAA4B,EAAE,8BAA8B;IAC5D,2BAA2B,EAAE,8BAA8B;IAC3D,iCAAiC,EAAE,mCAAmC;IACtE,4CAA4C,EAC1C,qDAAqD;IACvD,uCAAuC,EAAE,2CAA2C;IACpF,+BAA+B,EAAE,iCAAiC;IAClE,+BAA+B,EAAE,4CAA4C;IAC7E,6BAA6B,EAAE,yBAAyB;IACxD,8BAA8B,EAAE,6CAA6C;IAC7E,wBAAwB,EAAE,qCAAqC;CAChE,CAAC;AAEF;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAkB,EAAE,MAAM,GAAG,IAAI;IAChE,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;AAClD,CAAC"}
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* `@stapel/auth-react` — the headless React flow pair for stapel-auth
|
|
3
|
+
* (frontend-standard §2). Business + state only, zero visual opinion. Built on
|
|
4
|
+
* `@stapel/core`'s StapelClient (verification-403 interception, token refresh,
|
|
5
|
+
* i18n, analytics, query layer).
|
|
6
|
+
*/
|
|
7
|
+
export { createAuthApi } from "./api/authApi.js";
|
|
8
|
+
export type { AuthApi } from "./api/authApi.js";
|
|
9
|
+
export { authUrls, validRedirectUrl, safeNextPath, safeScanRedirect, } from "./api/urls.js";
|
|
10
|
+
export type { AuthUrls } from "./api/urls.js";
|
|
11
|
+
export { isTotpChallenge } from "./api/types.js";
|
|
12
|
+
export type { AuthStatus, StapelUser, AuthTokens, AuthResponse, TOTPChallengeResponse, LoginResponse, OtpRequestResponse, StatusResponse, OtpChannel, OAuthProviderInfo, RegistrationCapabilities, LoginCapabilities, Capabilities, PasswordChangeMethod, PasswordMethodEntry, PasswordMethods, SecurityStatus, SessionDeviceType, AuthSession as AuthSessionRecord, TotpSetupResponse, TotpSetupConfirmResponse, TotpDisableRequest, VerificationFactorId, VerificationEnvelope, VerificationInitiateResponse, VerificationCompleteResponse, QrType, QrGenerateResponse, QrStatusValue, QrStatusResponse, Passkey, PasskeyRegisterBeginResponse, PasskeyAuthenticateBeginResponse, ChangeOldVerifiedResponse, DelayedChangeInitiatedResponse, DelayedChangeStatus, SsoLookupResponse, AuditEvent, AuditPage, RefreshResponse, } from "./api/types.js";
|
|
13
|
+
export { createFlowMachine } from "./flows/createFlowMachine.js";
|
|
14
|
+
export type { FlowMachine, FlowMachineOptions, FlowStateBase, } from "./flows/createFlowMachine.js";
|
|
15
|
+
export { useFlow } from "./flows/useFlow.js";
|
|
16
|
+
export { toFlowError, isErrorCode } from "./flows/errors.js";
|
|
17
|
+
export type { FlowError } from "./flows/errors.js";
|
|
18
|
+
export { createOtpFlow } from "./flows/otpFlow.js";
|
|
19
|
+
export type { OtpFlow, OtpFlowDeps, OtpState } from "./flows/otpFlow.js";
|
|
20
|
+
export { createPasswordLoginFlow } from "./flows/passwordLoginFlow.js";
|
|
21
|
+
export type { PasswordLoginFlow, PasswordLoginFlowDeps, PasswordLoginState, TotpProof, } from "./flows/passwordLoginFlow.js";
|
|
22
|
+
export { createPasswordChangeFlow } from "./flows/passwordChangeFlow.js";
|
|
23
|
+
export type { PasswordChangeFlow, PasswordChangeFlowDeps, PasswordChangeState, } from "./flows/passwordChangeFlow.js";
|
|
24
|
+
export { createPasswordResetFlow } from "./flows/passwordResetFlow.js";
|
|
25
|
+
export type { PasswordResetFlow, PasswordResetFlowDeps, PasswordResetState, } from "./flows/passwordResetFlow.js";
|
|
26
|
+
export { createVerificationController } from "./flows/verificationFlow.js";
|
|
27
|
+
export type { VerificationController, VerificationControllerDeps, VerificationState, } from "./flows/verificationFlow.js";
|
|
28
|
+
export { createTotpSetupFlow } from "./flows/totpSetupFlow.js";
|
|
29
|
+
export type { TotpSetupFlow, TotpSetupFlowDeps, TotpSetupState, } from "./flows/totpSetupFlow.js";
|
|
30
|
+
export { createOAuthFlow } from "./flows/oauthFlow.js";
|
|
31
|
+
export type { OAuthFlow, OAuthFlowDeps, OAuthState } from "./flows/oauthFlow.js";
|
|
32
|
+
export { createQrLoginFlow } from "./flows/qrLoginFlow.js";
|
|
33
|
+
export type { QrLoginFlow, QrLoginFlowDeps, QrLoginState, } from "./flows/qrLoginFlow.js";
|
|
34
|
+
export { createPasskeyRegistrationFlow, createPasskeyLoginFlow, } from "./flows/passkeyFlow.js";
|
|
35
|
+
export type { PasskeyRegistrationFlow, PasskeyRegistrationFlowDeps, PasskeyRegisterState, PasskeyLoginFlow, PasskeyLoginFlowDeps, PasskeyLoginState, } from "./flows/passkeyFlow.js";
|
|
36
|
+
export { createMagicLinkFlow } from "./flows/magicLinkFlow.js";
|
|
37
|
+
export type { MagicLinkFlow, MagicLinkFlowDeps, MagicLinkState, } from "./flows/magicLinkFlow.js";
|
|
38
|
+
export { createAnonymousFlow } from "./flows/anonymousFlow.js";
|
|
39
|
+
export type { AnonymousFlow, AnonymousFlowDeps, AnonymousState, } from "./flows/anonymousFlow.js";
|
|
40
|
+
export { createSsoFlow } from "./flows/ssoFlow.js";
|
|
41
|
+
export type { SsoFlow, SsoFlowDeps, SsoState } from "./flows/ssoFlow.js";
|
|
42
|
+
export { createAuthenticatorChangeFlow } from "./flows/authenticatorChangeFlow.js";
|
|
43
|
+
export type { AuthenticatorChangeFlow, AuthenticatorChangeFlowDeps, AuthenticatorChangeState, } from "./flows/authenticatorChangeFlow.js";
|
|
44
|
+
export { createAuthRuntime } from "./model/runtime.js";
|
|
45
|
+
export type { AuthRuntime, CreateAuthRuntimeOptions } from "./model/runtime.js";
|
|
46
|
+
export { createAuthSession } from "./model/session.js";
|
|
47
|
+
export type { AuthSession, AuthSessionState, AuthSessionOptions, TeardownReason, } from "./model/session.js";
|
|
48
|
+
export { AuthRuntimeContext, useAuthRuntime, useAuthApi, useAuthSession, useVerification, useAuthAnalytics, useAuthSessionState, } from "./model/context.js";
|
|
49
|
+
export { authQueryKeys } from "./model/queryKeys.js";
|
|
50
|
+
export { useCapabilities, useMe, useSecurityStatus, usePasswordMethods, useSessions, usePasskeys, useAuditLog, useDelayedChangeStatus, useSsoLookup, } from "./model/queries.js";
|
|
51
|
+
export { useLogout, useRevokeSession, useRevokeOtherSessions, useConfirmSession, useRemovePasskey, useDisableTotp, useCancelDelayedChange, } from "./model/mutations.js";
|
|
52
|
+
export { AuthProvider } from "./headless/AuthProvider.js";
|
|
53
|
+
export { PasswordlessLogin } from "./headless/PasswordlessLogin.js";
|
|
54
|
+
export type { PasswordlessLoginBag } from "./headless/PasswordlessLogin.js";
|
|
55
|
+
export { PasswordLogin } from "./headless/PasswordLogin.js";
|
|
56
|
+
export type { PasswordLoginBag } from "./headless/PasswordLogin.js";
|
|
57
|
+
export { PasswordReset } from "./headless/PasswordReset.js";
|
|
58
|
+
export type { PasswordResetBag } from "./headless/PasswordReset.js";
|
|
59
|
+
export { PasswordChange } from "./headless/PasswordChange.js";
|
|
60
|
+
export type { PasswordChangeBag } from "./headless/PasswordChange.js";
|
|
61
|
+
export { VerificationChallenge } from "./headless/VerificationChallenge.js";
|
|
62
|
+
export type { VerificationChallengeBag } from "./headless/VerificationChallenge.js";
|
|
63
|
+
export { TotpSetup } from "./headless/TotpSetup.js";
|
|
64
|
+
export type { TotpSetupBag } from "./headless/TotpSetup.js";
|
|
65
|
+
export { QrLogin } from "./headless/QrLogin.js";
|
|
66
|
+
export type { QrLoginBag } from "./headless/QrLogin.js";
|
|
67
|
+
export { PasskeyRegistration, PasskeyLogin } from "./headless/Passkey.js";
|
|
68
|
+
export type { WebauthnBinding, PasskeyRegistrationBag, PasskeyLoginBag, } from "./headless/Passkey.js";
|
|
69
|
+
export { MagicLink, AnonymousSession, SsoDiscovery, AuthenticatorChange, } from "./headless/misc.js";
|
|
70
|
+
export type { MagicLinkBag, AnonymousBag, SsoDiscoveryBag, AuthenticatorChangeBag, } from "./headless/misc.js";
|
|
71
|
+
export { AUTH_I18N_KEYS, authI18nBundleEn, registerAuthI18n, } from "./i18n/keys.js";
|
|
72
|
+
export type { AuthI18nKey } from "./i18n/keys.js";
|
|
73
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,YAAY,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,EACL,QAAQ,EACR,gBAAgB,EAChB,YAAY,EACZ,gBAAgB,GACjB,MAAM,eAAe,CAAC;AACvB,YAAY,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,YAAY,EACV,UAAU,EACV,UAAU,EACV,UAAU,EACV,YAAY,EACZ,qBAAqB,EACrB,aAAa,EACb,kBAAkB,EAClB,cAAc,EACd,UAAU,EACV,iBAAiB,EACjB,wBAAwB,EACxB,iBAAiB,EACjB,YAAY,EACZ,oBAAoB,EACpB,mBAAmB,EACnB,eAAe,EACf,cAAc,EACd,iBAAiB,EACjB,WAAW,IAAI,iBAAiB,EAChC,iBAAiB,EACjB,wBAAwB,EACxB,kBAAkB,EAClB,oBAAoB,EACpB,oBAAoB,EACpB,4BAA4B,EAC5B,4BAA4B,EAC5B,MAAM,EACN,kBAAkB,EAClB,aAAa,EACb,gBAAgB,EAChB,OAAO,EACP,4BAA4B,EAC5B,gCAAgC,EAChC,yBAAyB,EACzB,8BAA8B,EAC9B,mBAAmB,EACnB,iBAAiB,EACjB,UAAU,EACV,SAAS,EACT,eAAe,GAChB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,YAAY,EACV,WAAW,EACX,kBAAkB,EAClB,aAAa,GACd,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAC7D,YAAY,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAEnD,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,YAAY,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AACzE,OAAO,EAAE,uBAAuB,EAAE,MAAM,8BAA8B,CAAC;AACvE,YAAY,EACV,iBAAiB,EACjB,qBAAqB,EACrB,kBAAkB,EAClB,SAAS,GACV,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,wBAAwB,EAAE,MAAM,+BAA+B,CAAC;AACzE,YAAY,EACV,kBAAkB,EAClB,sBAAsB,EACtB,mBAAmB,GACpB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,uBAAuB,EAAE,MAAM,8BAA8B,CAAC;AACvE,YAAY,EACV,iBAAiB,EACjB,qBAAqB,EACrB,kBAAkB,GACnB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,4BAA4B,EAAE,MAAM,6BAA6B,CAAC;AAC3E,YAAY,EACV,sBAAsB,EACtB,0BAA0B,EAC1B,iBAAiB,GAClB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,YAAY,EACV,aAAa,EACb,iBAAiB,EACjB,cAAc,GACf,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,YAAY,EAAE,SAAS,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AACjF,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,YAAY,EACV,WAAW,EACX,eAAe,EACf,YAAY,GACb,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,6BAA6B,EAC7B,sBAAsB,GACvB,MAAM,wBAAwB,CAAC;AAChC,YAAY,EACV,uBAAuB,EACvB,2BAA2B,EAC3B,oBAAoB,EACpB,gBAAgB,EAChB,oBAAoB,EACpB,iBAAiB,GAClB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,YAAY,EACV,aAAa,EACb,iBAAiB,EACjB,cAAc,GACf,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,YAAY,EACV,aAAa,EACb,iBAAiB,EACjB,cAAc,GACf,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,YAAY,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AACzE,OAAO,EAAE,6BAA6B,EAAE,MAAM,oCAAoC,CAAC;AACnF,YAAY,EACV,uBAAuB,EACvB,2BAA2B,EAC3B,wBAAwB,GACzB,MAAM,oCAAoC,CAAC;AAG5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,YAAY,EAAE,WAAW,EAAE,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAChF,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,YAAY,EACV,WAAW,EACX,gBAAgB,EAChB,kBAAkB,EAClB,cAAc,GACf,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,UAAU,EACV,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,mBAAmB,GACpB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EACL,eAAe,EACf,KAAK,EACL,iBAAiB,EACjB,kBAAkB,EAClB,WAAW,EACX,WAAW,EACX,WAAW,EACX,sBAAsB,EACtB,YAAY,GACb,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,sBAAsB,EACtB,iBAAiB,EACjB,gBAAgB,EAChB,cAAc,EACd,sBAAsB,GACvB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACpE,YAAY,EAAE,oBAAoB,EAAE,MAAM,iCAAiC,CAAC;AAC5E,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAC5D,YAAY,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AACpE,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAC5D,YAAY,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AACpE,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,YAAY,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACtE,OAAO,EAAE,qBAAqB,EAAE,MAAM,qCAAqC,CAAC;AAC5E,YAAY,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AACpF,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACpD,YAAY,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAChD,YAAY,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAC1E,YAAY,EACV,eAAe,EACf,sBAAsB,EACtB,eAAe,GAChB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,YAAY,EACZ,mBAAmB,GACpB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,YAAY,EACZ,YAAY,EACZ,eAAe,EACf,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,cAAc,EACd,gBAAgB,EAChB,gBAAgB,GACjB,MAAM,gBAAgB,CAAC;AACxB,YAAY,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC"}
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* `@stapel/auth-react` — the headless React flow pair for stapel-auth
|
|
3
|
+
* (frontend-standard §2). Business + state only, zero visual opinion. Built on
|
|
4
|
+
* `@stapel/core`'s StapelClient (verification-403 interception, token refresh,
|
|
5
|
+
* i18n, analytics, query layer).
|
|
6
|
+
*/
|
|
7
|
+
// ── api ──────────────────────────────────────────────────────────────────────
|
|
8
|
+
export { createAuthApi } from "./api/authApi.js";
|
|
9
|
+
export { authUrls, validRedirectUrl, safeNextPath, safeScanRedirect, } from "./api/urls.js";
|
|
10
|
+
export { isTotpChallenge } from "./api/types.js";
|
|
11
|
+
// ── flows (the reusable machine pattern — first instance) ────────────────────
|
|
12
|
+
export { createFlowMachine } from "./flows/createFlowMachine.js";
|
|
13
|
+
export { useFlow } from "./flows/useFlow.js";
|
|
14
|
+
export { toFlowError, isErrorCode } from "./flows/errors.js";
|
|
15
|
+
export { createOtpFlow } from "./flows/otpFlow.js";
|
|
16
|
+
export { createPasswordLoginFlow } from "./flows/passwordLoginFlow.js";
|
|
17
|
+
export { createPasswordChangeFlow } from "./flows/passwordChangeFlow.js";
|
|
18
|
+
export { createPasswordResetFlow } from "./flows/passwordResetFlow.js";
|
|
19
|
+
export { createVerificationController } from "./flows/verificationFlow.js";
|
|
20
|
+
export { createTotpSetupFlow } from "./flows/totpSetupFlow.js";
|
|
21
|
+
export { createOAuthFlow } from "./flows/oauthFlow.js";
|
|
22
|
+
export { createQrLoginFlow } from "./flows/qrLoginFlow.js";
|
|
23
|
+
export { createPasskeyRegistrationFlow, createPasskeyLoginFlow, } from "./flows/passkeyFlow.js";
|
|
24
|
+
export { createMagicLinkFlow } from "./flows/magicLinkFlow.js";
|
|
25
|
+
export { createAnonymousFlow } from "./flows/anonymousFlow.js";
|
|
26
|
+
export { createSsoFlow } from "./flows/ssoFlow.js";
|
|
27
|
+
export { createAuthenticatorChangeFlow } from "./flows/authenticatorChangeFlow.js";
|
|
28
|
+
// ── model (runtime wiring, session, query hooks) ─────────────────────────────
|
|
29
|
+
export { createAuthRuntime } from "./model/runtime.js";
|
|
30
|
+
export { createAuthSession } from "./model/session.js";
|
|
31
|
+
export { AuthRuntimeContext, useAuthRuntime, useAuthApi, useAuthSession, useVerification, useAuthAnalytics, useAuthSessionState, } from "./model/context.js";
|
|
32
|
+
export { authQueryKeys } from "./model/queryKeys.js";
|
|
33
|
+
export { useCapabilities, useMe, useSecurityStatus, usePasswordMethods, useSessions, usePasskeys, useAuditLog, useDelayedChangeStatus, useSsoLookup, } from "./model/queries.js";
|
|
34
|
+
export { useLogout, useRevokeSession, useRevokeOtherSessions, useConfirmSession, useRemovePasskey, useDisableTotp, useCancelDelayedChange, } from "./model/mutations.js";
|
|
35
|
+
// ── headless (renderless components) ─────────────────────────────────────────
|
|
36
|
+
export { AuthProvider } from "./headless/AuthProvider.js";
|
|
37
|
+
export { PasswordlessLogin } from "./headless/PasswordlessLogin.js";
|
|
38
|
+
export { PasswordLogin } from "./headless/PasswordLogin.js";
|
|
39
|
+
export { PasswordReset } from "./headless/PasswordReset.js";
|
|
40
|
+
export { PasswordChange } from "./headless/PasswordChange.js";
|
|
41
|
+
export { VerificationChallenge } from "./headless/VerificationChallenge.js";
|
|
42
|
+
export { TotpSetup } from "./headless/TotpSetup.js";
|
|
43
|
+
export { QrLogin } from "./headless/QrLogin.js";
|
|
44
|
+
export { PasskeyRegistration, PasskeyLogin } from "./headless/Passkey.js";
|
|
45
|
+
export { MagicLink, AnonymousSession, SsoDiscovery, AuthenticatorChange, } from "./headless/misc.js";
|
|
46
|
+
// ── i18n ─────────────────────────────────────────────────────────────────────
|
|
47
|
+
export { AUTH_I18N_KEYS, authI18nBundleEn, registerAuthI18n, } from "./i18n/keys.js";
|
|
48
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,gFAAgF;AAChF,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,OAAO,EACL,QAAQ,EACR,gBAAgB,EAChB,YAAY,EACZ,gBAAgB,GACjB,MAAM,eAAe,CAAC;AAEvB,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AA4CjD,gFAAgF;AAChF,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AAMjE,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAG7D,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAEnD,OAAO,EAAE,uBAAuB,EAAE,MAAM,8BAA8B,CAAC;AAOvE,OAAO,EAAE,wBAAwB,EAAE,MAAM,+BAA+B,CAAC;AAMzE,OAAO,EAAE,uBAAuB,EAAE,MAAM,8BAA8B,CAAC;AAMvE,OAAO,EAAE,4BAA4B,EAAE,MAAM,6BAA6B,CAAC;AAM3E,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAM/D,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAEvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAM3D,OAAO,EACL,6BAA6B,EAC7B,sBAAsB,GACvB,MAAM,wBAAwB,CAAC;AAShC,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAM/D,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAM/D,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAEnD,OAAO,EAAE,6BAA6B,EAAE,MAAM,oCAAoC,CAAC;AAOnF,gFAAgF;AAChF,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAEvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAOvD,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,UAAU,EACV,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,mBAAmB,GACpB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EACL,eAAe,EACf,KAAK,EACL,iBAAiB,EACjB,kBAAkB,EAClB,WAAW,EACX,WAAW,EACX,WAAW,EACX,sBAAsB,EACtB,YAAY,GACb,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,sBAAsB,EACtB,iBAAiB,EACjB,gBAAgB,EAChB,cAAc,EACd,sBAAsB,GACvB,MAAM,sBAAsB,CAAC;AAE9B,gFAAgF;AAChF,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AAEpE,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5D,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5D,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAE9D,OAAO,EAAE,qBAAqB,EAAE,MAAM,qCAAqC,CAAC;AAE5E,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AAEpD,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAEhD,OAAO,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAM1E,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,YAAY,EACZ,mBAAmB,GACpB,MAAM,oBAAoB,CAAC;AAQ5B,gFAAgF;AAChF,OAAO,EACL,cAAc,EACd,gBAAgB,EAChB,gBAAgB,GACjB,MAAM,gBAAgB,CAAC"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import type { Context } from "react";
|
|
2
|
+
import type { Analytics } from "@stapel/core";
|
|
3
|
+
import type { AuthApi } from "../api/authApi.js";
|
|
4
|
+
import type { VerificationController } from "../flows/verificationFlow.js";
|
|
5
|
+
import type { AuthRuntime } from "./runtime.js";
|
|
6
|
+
import type { AuthSession, AuthSessionState } from "./session.js";
|
|
7
|
+
/**
|
|
8
|
+
* The auth runtime shared through React context by `<AuthProvider>`. Hooks in
|
|
9
|
+
* `model/` and `headless/` read the wired singletons from here; per-flow
|
|
10
|
+
* machines are created by the headless components using `useAuthApi()` +
|
|
11
|
+
* `useAuthAnalytics()`.
|
|
12
|
+
*/
|
|
13
|
+
export declare const AuthRuntimeContext: Context<AuthRuntime | null>;
|
|
14
|
+
export declare function useAuthRuntime(): AuthRuntime;
|
|
15
|
+
export declare function useAuthApi(): AuthApi;
|
|
16
|
+
export declare function useAuthSession(): AuthSession;
|
|
17
|
+
/** The singleton step-up verification controller (one modal per app). */
|
|
18
|
+
export declare function useVerification(): VerificationController;
|
|
19
|
+
export declare function useAuthAnalytics(): Analytics | null;
|
|
20
|
+
/** Reactive session state (user / tokens / status). Re-renders on change. */
|
|
21
|
+
export declare function useAuthSessionState(): AuthSessionState;
|
|
22
|
+
//# sourceMappingURL=context.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../src/model/context.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,OAAO,CAAC;AACrC,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AAC3E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAElE;;;;;GAKG;AACH,eAAO,MAAM,kBAAkB,EAAE,OAAO,CAAC,WAAW,GAAG,IAAI,CAClB,CAAC;AAE1C,wBAAgB,cAAc,IAAI,WAAW,CAM5C;AAED,wBAAgB,UAAU,IAAI,OAAO,CAEpC;AAED,wBAAgB,cAAc,IAAI,WAAW,CAE5C;AAED,yEAAyE;AACzE,wBAAgB,eAAe,IAAI,sBAAsB,CAExD;AAED,wBAAgB,gBAAgB,IAAI,SAAS,GAAG,IAAI,CAEnD;AAED,6EAA6E;AAC7E,wBAAgB,mBAAmB,IAAI,gBAAgB,CAOtD"}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
import { createContext, useContext, useSyncExternalStore } from "react";
|
|
2
|
+
/**
|
|
3
|
+
* The auth runtime shared through React context by `<AuthProvider>`. Hooks in
|
|
4
|
+
* `model/` and `headless/` read the wired singletons from here; per-flow
|
|
5
|
+
* machines are created by the headless components using `useAuthApi()` +
|
|
6
|
+
* `useAuthAnalytics()`.
|
|
7
|
+
*/
|
|
8
|
+
export const AuthRuntimeContext = createContext(null);
|
|
9
|
+
export function useAuthRuntime() {
|
|
10
|
+
const runtime = useContext(AuthRuntimeContext);
|
|
11
|
+
if (runtime === null) {
|
|
12
|
+
throw new Error("Auth hooks must be used within an <AuthProvider>");
|
|
13
|
+
}
|
|
14
|
+
return runtime;
|
|
15
|
+
}
|
|
16
|
+
export function useAuthApi() {
|
|
17
|
+
return useAuthRuntime().api;
|
|
18
|
+
}
|
|
19
|
+
export function useAuthSession() {
|
|
20
|
+
return useAuthRuntime().session;
|
|
21
|
+
}
|
|
22
|
+
/** The singleton step-up verification controller (one modal per app). */
|
|
23
|
+
export function useVerification() {
|
|
24
|
+
return useAuthRuntime().verification;
|
|
25
|
+
}
|
|
26
|
+
export function useAuthAnalytics() {
|
|
27
|
+
return useAuthRuntime().analytics;
|
|
28
|
+
}
|
|
29
|
+
/** Reactive session state (user / tokens / status). Re-renders on change. */
|
|
30
|
+
export function useAuthSessionState() {
|
|
31
|
+
const session = useAuthSession();
|
|
32
|
+
return useSyncExternalStore(session.subscribe, session.getState, session.getState);
|
|
33
|
+
}
|
|
34
|
+
//# sourceMappingURL=context.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"context.js","sourceRoot":"","sources":["../../src/model/context.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,OAAO,CAAC;AAQxE;;;;;GAKG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAC7B,aAAa,CAAqB,IAAI,CAAC,CAAC;AAE1C,MAAM,UAAU,cAAc;IAC5B,MAAM,OAAO,GAAG,UAAU,CAAC,kBAAkB,CAAC,CAAC;IAC/C,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;IACtE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,OAAO,cAAc,EAAE,CAAC,GAAG,CAAC;AAC9B,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,OAAO,cAAc,EAAE,CAAC,OAAO,CAAC;AAClC,CAAC;AAED,yEAAyE;AACzE,MAAM,UAAU,eAAe;IAC7B,OAAO,cAAc,EAAE,CAAC,YAAY,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,OAAO,cAAc,EAAE,CAAC,SAAS,CAAC;AACpC,CAAC;AAED,6EAA6E;AAC7E,MAAM,UAAU,mBAAmB;IACjC,MAAM,OAAO,GAAG,cAAc,EAAE,CAAC;IACjC,OAAO,oBAAoB,CACzB,OAAO,CAAC,SAAS,EACjB,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,QAAQ,CACjB,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import type { UseMutationResult } from "@tanstack/react-query";
|
|
2
|
+
import type { StapelApiError } from "@stapel/core";
|
|
3
|
+
import type { OtpChannel, StatusResponse, TotpDisableRequest } from "../api/types.js";
|
|
4
|
+
/**
|
|
5
|
+
* Write hooks with cache invalidation (frontend-standard §2 — "мутации с
|
|
6
|
+
* инвалидацией"). Each invalidates exactly the keys its effect touches so the
|
|
7
|
+
* security screen / session list stay consistent without a manual refetch.
|
|
8
|
+
*
|
|
9
|
+
* Note: options are built as typed `UseMutationOptions` objects rather than
|
|
10
|
+
* `useMutation<…>()` call-site generics — that keeps `void` (no data / no
|
|
11
|
+
* variables) in *type-reference* position, which `no-invalid-void-type`
|
|
12
|
+
* permits, while call-expression type arguments do not.
|
|
13
|
+
*/
|
|
14
|
+
/** Explicit logout: revoke server-side, tear down the session, drop auth caches. */
|
|
15
|
+
export declare function useLogout(): UseMutationResult<void, StapelApiError, void>;
|
|
16
|
+
/** Revoke one session (auth-sa.md §12). Immediate — token blacklisted. */
|
|
17
|
+
export declare function useRevokeSession(): UseMutationResult<StatusResponse, StapelApiError, string>;
|
|
18
|
+
/** Revoke all sessions except the current one (auth-sa.md §12). */
|
|
19
|
+
export declare function useRevokeOtherSessions(): UseMutationResult<StatusResponse, StapelApiError, void>;
|
|
20
|
+
/** Clear the `is_suspicious` flag ("This was me"). Idempotent (auth-sa.md §12). */
|
|
21
|
+
export declare function useConfirmSession(): UseMutationResult<StatusResponse, StapelApiError, string>;
|
|
22
|
+
/** Remove a passkey (auth-sa.md §17). Guard against `last_auth_method`. */
|
|
23
|
+
export declare function useRemovePasskey(): UseMutationResult<void, StapelApiError, string>;
|
|
24
|
+
/** Disable TOTP via authenticator/backup/SMS recovery (auth-sa.md §11). */
|
|
25
|
+
export declare function useDisableTotp(): UseMutationResult<StatusResponse, StapelApiError, TotpDisableRequest>;
|
|
26
|
+
/** Cancel a pending delayed authenticator change (auth-sa.md §9). */
|
|
27
|
+
export declare function useCancelDelayedChange(channel: OtpChannel): UseMutationResult<StatusResponse, StapelApiError, string>;
|
|
28
|
+
//# sourceMappingURL=mutations.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mutations.d.ts","sourceRoot":"","sources":["../../src/model/mutations.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAEV,iBAAiB,EAClB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,KAAK,EACV,UAAU,EACV,cAAc,EACd,kBAAkB,EACnB,MAAM,iBAAiB,CAAC;AAIzB;;;;;;;;;GASG;AAEH,oFAAoF;AACpF,wBAAgB,SAAS,IAAI,iBAAiB,CAAC,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAUzE;AAED,0EAA0E;AAC1E,wBAAgB,gBAAgB,IAAI,iBAAiB,CACnD,cAAc,EACd,cAAc,EACd,MAAM,CACP,CAaA;AAED,mEAAmE;AACnE,wBAAgB,sBAAsB,IAAI,iBAAiB,CACzD,cAAc,EACd,cAAc,EACd,IAAI,CACL,CAUA;AAED,mFAAmF;AACnF,wBAAgB,iBAAiB,IAAI,iBAAiB,CACpD,cAAc,EACd,cAAc,EACd,MAAM,CACP,CAUA;AAED,2EAA2E;AAC3E,wBAAgB,gBAAgB,IAAI,iBAAiB,CACnD,IAAI,EACJ,cAAc,EACd,MAAM,CACP,CAaA;AAED,2EAA2E;AAC3E,wBAAgB,cAAc,IAAI,iBAAiB,CACjD,cAAc,EACd,cAAc,EACd,kBAAkB,CACnB,CAgBA;AAED,qEAAqE;AACrE,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,UAAU,GAClB,iBAAiB,CAAC,cAAc,EAAE,cAAc,EAAE,MAAM,CAAC,CAa3D"}
|
|
@@ -0,0 +1,108 @@
|
|
|
1
|
+
import { useMutation, useQueryClient } from "@tanstack/react-query";
|
|
2
|
+
import { useAuthApi, useAuthSession } from "./context.js";
|
|
3
|
+
import { authQueryKeys } from "./queryKeys.js";
|
|
4
|
+
/**
|
|
5
|
+
* Write hooks with cache invalidation (frontend-standard §2 — "мутации с
|
|
6
|
+
* инвалидацией"). Each invalidates exactly the keys its effect touches so the
|
|
7
|
+
* security screen / session list stay consistent without a manual refetch.
|
|
8
|
+
*
|
|
9
|
+
* Note: options are built as typed `UseMutationOptions` objects rather than
|
|
10
|
+
* `useMutation<…>()` call-site generics — that keeps `void` (no data / no
|
|
11
|
+
* variables) in *type-reference* position, which `no-invalid-void-type`
|
|
12
|
+
* permits, while call-expression type arguments do not.
|
|
13
|
+
*/
|
|
14
|
+
/** Explicit logout: revoke server-side, tear down the session, drop auth caches. */
|
|
15
|
+
export function useLogout() {
|
|
16
|
+
const session = useAuthSession();
|
|
17
|
+
const queryClient = useQueryClient();
|
|
18
|
+
const options = {
|
|
19
|
+
mutationFn: () => session.logout(),
|
|
20
|
+
onSuccess: () => {
|
|
21
|
+
queryClient.removeQueries({ queryKey: authQueryKeys.all });
|
|
22
|
+
},
|
|
23
|
+
};
|
|
24
|
+
return useMutation(options);
|
|
25
|
+
}
|
|
26
|
+
/** Revoke one session (auth-sa.md §12). Immediate — token blacklisted. */
|
|
27
|
+
export function useRevokeSession() {
|
|
28
|
+
const api = useAuthApi();
|
|
29
|
+
const queryClient = useQueryClient();
|
|
30
|
+
const options = {
|
|
31
|
+
mutationFn: (id) => api.revokeSession(id),
|
|
32
|
+
onSuccess: () => {
|
|
33
|
+
void queryClient.invalidateQueries({ queryKey: authQueryKeys.sessions() });
|
|
34
|
+
void queryClient.invalidateQueries({
|
|
35
|
+
queryKey: authQueryKeys.securityStatus(),
|
|
36
|
+
});
|
|
37
|
+
},
|
|
38
|
+
};
|
|
39
|
+
return useMutation(options);
|
|
40
|
+
}
|
|
41
|
+
/** Revoke all sessions except the current one (auth-sa.md §12). */
|
|
42
|
+
export function useRevokeOtherSessions() {
|
|
43
|
+
const api = useAuthApi();
|
|
44
|
+
const queryClient = useQueryClient();
|
|
45
|
+
const options = {
|
|
46
|
+
mutationFn: () => api.revokeOtherSessions(),
|
|
47
|
+
onSuccess: () => {
|
|
48
|
+
void queryClient.invalidateQueries({ queryKey: authQueryKeys.sessions() });
|
|
49
|
+
},
|
|
50
|
+
};
|
|
51
|
+
return useMutation(options);
|
|
52
|
+
}
|
|
53
|
+
/** Clear the `is_suspicious` flag ("This was me"). Idempotent (auth-sa.md §12). */
|
|
54
|
+
export function useConfirmSession() {
|
|
55
|
+
const api = useAuthApi();
|
|
56
|
+
const queryClient = useQueryClient();
|
|
57
|
+
const options = {
|
|
58
|
+
mutationFn: (id) => api.confirmSession(id),
|
|
59
|
+
onSuccess: () => {
|
|
60
|
+
void queryClient.invalidateQueries({ queryKey: authQueryKeys.sessions() });
|
|
61
|
+
},
|
|
62
|
+
};
|
|
63
|
+
return useMutation(options);
|
|
64
|
+
}
|
|
65
|
+
/** Remove a passkey (auth-sa.md §17). Guard against `last_auth_method`. */
|
|
66
|
+
export function useRemovePasskey() {
|
|
67
|
+
const api = useAuthApi();
|
|
68
|
+
const queryClient = useQueryClient();
|
|
69
|
+
const options = {
|
|
70
|
+
mutationFn: (id) => api.passkeyRemove(id),
|
|
71
|
+
onSuccess: () => {
|
|
72
|
+
void queryClient.invalidateQueries({ queryKey: authQueryKeys.passkeys() });
|
|
73
|
+
void queryClient.invalidateQueries({
|
|
74
|
+
queryKey: authQueryKeys.securityStatus(),
|
|
75
|
+
});
|
|
76
|
+
},
|
|
77
|
+
};
|
|
78
|
+
return useMutation(options);
|
|
79
|
+
}
|
|
80
|
+
/** Disable TOTP via authenticator/backup/SMS recovery (auth-sa.md §11). */
|
|
81
|
+
export function useDisableTotp() {
|
|
82
|
+
const api = useAuthApi();
|
|
83
|
+
const queryClient = useQueryClient();
|
|
84
|
+
const options = {
|
|
85
|
+
mutationFn: (request) => api.totpDisable(request),
|
|
86
|
+
onSuccess: () => {
|
|
87
|
+
void queryClient.invalidateQueries({
|
|
88
|
+
queryKey: authQueryKeys.securityStatus(),
|
|
89
|
+
});
|
|
90
|
+
},
|
|
91
|
+
};
|
|
92
|
+
return useMutation(options);
|
|
93
|
+
}
|
|
94
|
+
/** Cancel a pending delayed authenticator change (auth-sa.md §9). */
|
|
95
|
+
export function useCancelDelayedChange(channel) {
|
|
96
|
+
const api = useAuthApi();
|
|
97
|
+
const queryClient = useQueryClient();
|
|
98
|
+
const options = {
|
|
99
|
+
mutationFn: (changeRequestId) => api.changeDelayedCancel(channel, changeRequestId),
|
|
100
|
+
onSuccess: () => {
|
|
101
|
+
void queryClient.invalidateQueries({
|
|
102
|
+
queryKey: authQueryKeys.delayedChange(channel),
|
|
103
|
+
});
|
|
104
|
+
},
|
|
105
|
+
};
|
|
106
|
+
return useMutation(options);
|
|
107
|
+
}
|
|
108
|
+
//# sourceMappingURL=mutations.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mutations.js","sourceRoot":"","sources":["../../src/model/mutations.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAWpE,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAE/C;;;;;;;;;GASG;AAEH,oFAAoF;AACpF,MAAM,UAAU,SAAS;IACvB,MAAM,OAAO,GAAG,cAAc,EAAE,CAAC;IACjC,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,MAAM,OAAO,GAAmD;QAC9D,UAAU,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE;QAClC,SAAS,EAAE,GAAG,EAAE;YACd,WAAW,CAAC,aAAa,CAAC,EAAE,QAAQ,EAAE,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC;QAC7D,CAAC;KACF,CAAC;IACF,OAAO,WAAW,CAAC,OAAO,CAAC,CAAC;AAC9B,CAAC;AAED,0EAA0E;AAC1E,MAAM,UAAU,gBAAgB;IAK9B,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;IACzB,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,MAAM,OAAO,GAA+D;QAC1E,UAAU,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;QACzC,SAAS,EAAE,GAAG,EAAE;YACd,KAAK,WAAW,CAAC,iBAAiB,CAAC,EAAE,QAAQ,EAAE,aAAa,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YAC3E,KAAK,WAAW,CAAC,iBAAiB,CAAC;gBACjC,QAAQ,EAAE,aAAa,CAAC,cAAc,EAAE;aACzC,CAAC,CAAC;QACL,CAAC;KACF,CAAC;IACF,OAAO,WAAW,CAAC,OAAO,CAAC,CAAC;AAC9B,CAAC;AAED,mEAAmE;AACnE,MAAM,UAAU,sBAAsB;IAKpC,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;IACzB,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,MAAM,OAAO,GAA6D;QACxE,UAAU,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,mBAAmB,EAAE;QAC3C,SAAS,EAAE,GAAG,EAAE;YACd,KAAK,WAAW,CAAC,iBAAiB,CAAC,EAAE,QAAQ,EAAE,aAAa,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAC7E,CAAC;KACF,CAAC;IACF,OAAO,WAAW,CAAC,OAAO,CAAC,CAAC;AAC9B,CAAC;AAED,mFAAmF;AACnF,MAAM,UAAU,iBAAiB;IAK/B,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;IACzB,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,MAAM,OAAO,GAA+D;QAC1E,UAAU,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,CAAC;QAC1C,SAAS,EAAE,GAAG,EAAE;YACd,KAAK,WAAW,CAAC,iBAAiB,CAAC,EAAE,QAAQ,EAAE,aAAa,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAC7E,CAAC;KACF,CAAC;IACF,OAAO,WAAW,CAAC,OAAO,CAAC,CAAC;AAC9B,CAAC;AAED,2EAA2E;AAC3E,MAAM,UAAU,gBAAgB;IAK9B,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;IACzB,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,MAAM,OAAO,GAAqD;QAChE,UAAU,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;QACzC,SAAS,EAAE,GAAG,EAAE;YACd,KAAK,WAAW,CAAC,iBAAiB,CAAC,EAAE,QAAQ,EAAE,aAAa,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YAC3E,KAAK,WAAW,CAAC,iBAAiB,CAAC;gBACjC,QAAQ,EAAE,aAAa,CAAC,cAAc,EAAE;aACzC,CAAC,CAAC;QACL,CAAC;KACF,CAAC;IACF,OAAO,WAAW,CAAC,OAAO,CAAC,CAAC;AAC9B,CAAC;AAED,2EAA2E;AAC3E,MAAM,UAAU,cAAc;IAK5B,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;IACzB,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,MAAM,OAAO,GAIT;QACF,UAAU,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC;QACjD,SAAS,EAAE,GAAG,EAAE;YACd,KAAK,WAAW,CAAC,iBAAiB,CAAC;gBACjC,QAAQ,EAAE,aAAa,CAAC,cAAc,EAAE;aACzC,CAAC,CAAC;QACL,CAAC;KACF,CAAC;IACF,OAAO,WAAW,CAAC,OAAO,CAAC,CAAC;AAC9B,CAAC;AAED,qEAAqE;AACrE,MAAM,UAAU,sBAAsB,CACpC,OAAmB;IAEnB,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;IACzB,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,MAAM,OAAO,GAA+D;QAC1E,UAAU,EAAE,CAAC,eAAe,EAAE,EAAE,CAC9B,GAAG,CAAC,mBAAmB,CAAC,OAAO,EAAE,eAAe,CAAC;QACnD,SAAS,EAAE,GAAG,EAAE;YACd,KAAK,WAAW,CAAC,iBAAiB,CAAC;gBACjC,QAAQ,EAAE,aAAa,CAAC,aAAa,CAAC,OAAO,CAAC;aAC/C,CAAC,CAAC;QACL,CAAC;KACF,CAAC;IACF,OAAO,WAAW,CAAC,OAAO,CAAC,CAAC;AAC9B,CAAC"}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
import type { UseQueryResult } from "@tanstack/react-query";
|
|
2
|
+
import type { StapelApiError } from "@stapel/core";
|
|
3
|
+
import type { AuditPage, AuthSession as AuthSessionRecord, Capabilities, DelayedChangeStatus, OtpChannel, Passkey, PasswordMethods, SecurityStatus, SsoLookupResponse, StapelUser } from "../api/types.js";
|
|
4
|
+
/**
|
|
5
|
+
* Read hooks over the auth API. Staleness follows core's query defaults;
|
|
6
|
+
* override per call site via `options` where a page needs fresher data (e.g.
|
|
7
|
+
* `sessions` after a revoke). Keys are namespaced (see `authQueryKeys`).
|
|
8
|
+
*/
|
|
9
|
+
/** Login-method feature matrix — call on the sign-in page (auth-sa.md §"capabilities"). */
|
|
10
|
+
export declare function useCapabilities(): UseQueryResult<Capabilities, StapelApiError>;
|
|
11
|
+
/** Current user (auth-sa.md §14). Enabled only when a session exists. */
|
|
12
|
+
export declare function useMe(enabled?: boolean): UseQueryResult<StapelUser, StapelApiError>;
|
|
13
|
+
/** Security settings snapshot (auth-sa.md §10). */
|
|
14
|
+
export declare function useSecurityStatus(): UseQueryResult<SecurityStatus, StapelApiError>;
|
|
15
|
+
/** Password-change tabs (auth-sa.md §4). */
|
|
16
|
+
export declare function usePasswordMethods(): UseQueryResult<PasswordMethods, StapelApiError>;
|
|
17
|
+
/** Active sessions (auth-sa.md §12). */
|
|
18
|
+
export declare function useSessions(): UseQueryResult<readonly AuthSessionRecord[], StapelApiError>;
|
|
19
|
+
/** Registered passkeys (auth-sa.md §17). */
|
|
20
|
+
export declare function usePasskeys(): UseQueryResult<readonly Passkey[], StapelApiError>;
|
|
21
|
+
/** A page of the security audit log (auth-sa.md §16). */
|
|
22
|
+
export declare function useAuditLog(page?: number): UseQueryResult<AuditPage, StapelApiError>;
|
|
23
|
+
/** Pending delayed authenticator change (auth-sa.md §9). */
|
|
24
|
+
export declare function useDelayedChangeStatus(channel: OtpChannel): UseQueryResult<DelayedChangeStatus, StapelApiError>;
|
|
25
|
+
/**
|
|
26
|
+
* SSO domain lookup (auth-sa.md §18). Disabled until `domain` is a non-empty
|
|
27
|
+
* value — call after the user finishes typing their email.
|
|
28
|
+
*/
|
|
29
|
+
export declare function useSsoLookup(domain: string): UseQueryResult<SsoLookupResponse, StapelApiError>;
|
|
30
|
+
//# sourceMappingURL=queries.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"queries.d.ts","sourceRoot":"","sources":["../../src/model/queries.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,KAAK,EACV,SAAS,EACT,WAAW,IAAI,iBAAiB,EAChC,YAAY,EACZ,mBAAmB,EACnB,UAAU,EACV,OAAO,EACP,eAAe,EACf,cAAc,EACd,iBAAiB,EACjB,UAAU,EACX,MAAM,iBAAiB,CAAC;AAIzB;;;;GAIG;AAEH,2FAA2F;AAC3F,wBAAgB,eAAe,IAAI,cAAc,CAAC,YAAY,EAAE,cAAc,CAAC,CAO9E;AAED,yEAAyE;AACzE,wBAAgB,KAAK,CACnB,OAAO,UAAO,GACb,cAAc,CAAC,UAAU,EAAE,cAAc,CAAC,CAO5C;AAED,mDAAmD;AACnD,wBAAgB,iBAAiB,IAAI,cAAc,CACjD,cAAc,EACd,cAAc,CACf,CAMA;AAED,4CAA4C;AAC5C,wBAAgB,kBAAkB,IAAI,cAAc,CAClD,eAAe,EACf,cAAc,CACf,CAMA;AAED,wCAAwC;AACxC,wBAAgB,WAAW,IAAI,cAAc,CAC3C,SAAS,iBAAiB,EAAE,EAC5B,cAAc,CACf,CAMA;AAED,4CAA4C;AAC5C,wBAAgB,WAAW,IAAI,cAAc,CAC3C,SAAS,OAAO,EAAE,EAClB,cAAc,CACf,CAMA;AAED,yDAAyD;AACzD,wBAAgB,WAAW,CACzB,IAAI,SAAI,GACP,cAAc,CAAC,SAAS,EAAE,cAAc,CAAC,CAM3C;AAED,4DAA4D;AAC5D,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,UAAU,GAClB,cAAc,CAAC,mBAAmB,EAAE,cAAc,CAAC,CAMrD;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAC1B,MAAM,EAAE,MAAM,GACb,cAAc,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAOnD"}
|