@tern-secure/backend 1.1.0 → 1.1.2

package/.turbo/turbo-build.log

@@ -1,48 +0,0 @@
-
-> @tern-secure/backend@1.1.0 build /home/runner/work/typescript/typescript/packages/backend
-> pnpm clean && tsup && tsc -p tsconfig.add.json
-
-
-> @tern-secure/backend@1.1.0 clean /home/runner/work/typescript/typescript/packages/backend
-> rimraf dist
-
-CLI Building entry: src/index.ts, src/ternsecureauth.ts, src/admin/sessionTernSecure.ts, src/admin/tenant.ts, src/utils/admin-init.ts, src/utils/config.ts
-CLI Using tsconfig: tsconfig.json
-CLI tsup v8.5.0
-CLI Using tsup config: /home/runner/work/typescript/typescript/packages/backend/tsup.config.ts
-CLI Building entry: src/index.ts, src/ternsecureauth.ts, src/admin/sessionTernSecure.ts, src/admin/tenant.ts, src/utils/admin-init.ts, src/utils/config.ts
-CLI Using tsconfig: tsconfig.json
-CLI tsup v8.5.0
-CLI Using tsup config: /home/runner/work/typescript/typescript/packages/backend/tsup.config.ts
-CLI Target: node16
-CLI Target: node16
-CLI Cleaning output folder
-ESM Build start
-CLI Cleaning output folder
-CJS Build start
-ESM dist/esm/admin/sessionTernSecure.js     6.87 KB
-ESM dist/esm/index.js                       593.00 B
-ESM dist/esm/utils/admin-init.js            688.00 B
-ESM dist/esm/ternsecureauth.js              407.00 B
-ESM dist/esm/admin/tenant.js                1.19 KB
-ESM dist/esm/utils/config.js                2.26 KB
-ESM dist/esm/admin/sessionTernSecure.js.map 13.36 KB
-ESM dist/esm/index.js.map                   593.00 B
-ESM dist/esm/utils/admin-init.js.map        1.32 KB
-ESM dist/esm/admin/tenant.js.map            2.42 KB
-ESM dist/esm/ternsecureauth.js.map          842.00 B
-ESM dist/esm/utils/config.js.map            5.25 KB
-ESM ⚡️ Build success in 34ms
-CJS dist/cjs/index.js                       2.01 KB
-CJS dist/cjs/admin/tenant.js                2.25 KB
-CJS dist/cjs/utils/config.js                3.48 KB
-CJS dist/cjs/utils/admin-init.js            2.55 KB
-CJS dist/cjs/ternsecureauth.js              1.43 KB
-CJS dist/cjs/admin/sessionTernSecure.js     8.57 KB
-CJS dist/cjs/admin/tenant.js.map            2.46 KB
-CJS dist/cjs/utils/config.js.map            5.32 KB
-CJS dist/cjs/index.js.map                   593.00 B
-CJS dist/cjs/utils/admin-init.js.map        1.42 KB
-CJS dist/cjs/ternsecureauth.js.map          885.00 B
-CJS dist/cjs/admin/sessionTernSecure.js.map 13.49 KB
-CJS ⚡️ Build success in 34ms

package/CHANGELOG.md

@@ -1,41 +0,0 @@
-# @tern-secure/backend
-
-## 1.1.0
-
-### Minor Changes
-
-- 5f29862: advanced Auth cookies and session management
-
-### Patch Changes
-
-- Updated dependencies [5f29862]
-  - @tern-secure/types@1.0.2
-
-## 1.0.1
-
-### Patch Changes
-
-- 367a100: fix: Update ternUIgetScriptUrl to use TernSecureDev flag and switch CDN to HTTPS.
-- Updated dependencies [367a100]
-  - @tern-secure/types@1.0.1
-
-## 1.0.0
-
-### Major Changes
-
-- 2603f2b: Initial stable release of TernSecure Authentication SDK
-
-  This marks the first major release of the TernSecure Authentication monorepo, introducing a complete TypeScript SDK built on Firebase Authentication. The release includes:
-
-  - Core authentication utilities and types
-  - React hooks and components for seamless integration
-  - UI components library with form handling
-  - Backend utilities for server-side operations
-  - Comprehensive TypeScript support
-
-  All packages are now stable and ready for production use in React applications, Next.js projects, and general JavaScript/TypeScript environments.
-
-### Patch Changes
-
-- Updated dependencies [2603f2b]
-  - @tern-secure/types@1.0.0

package/src/admin/sessionTernSecure.ts

@@ -1,300 +0,0 @@
-'use server'
-
-import { cookies } from 'next/headers';
-import { adminTernSecureAuth as adminAuth } from '../utils/admin-init';
-import { handleFirebaseAuthError, type AuthErrorResponse, type SessionParams, type SessionResult } from '@tern-secure/types';
-
-interface FirebaseAuthError extends Error {
-  code?: string;
-}
-
-export interface User {
-    uid: string | null;
-    email: string | null;
-  }
-
-export interface Session {
-    user: User | null;
-    token: string | null;
-    error: Error | null;
-}
-
-interface TernVerificationResult extends User {
-  valid: boolean
-  authTime?: number
-  error?: AuthErrorResponse
-}
-
-
-// DRY Constants
-const SESSION_CONSTANTS = {
-  COOKIE_NAME: '_session_cookie',
-  DEFAULT_EXPIRES_IN_MS: 60 * 60 * 24 * 5 * 1000, // 5 days
-  DEFAULT_EXPIRES_IN_SECONDS: 60 * 60 * 24 * 5,
-} as const;
-
-const COOKIE_OPTIONS = {
-  httpOnly: true,
-  secure: process.env.NODE_ENV === 'production',
-  sameSite: 'strict' as const,
-  path: '/',
-} as const;
-
-
-
-export async function createSessionCookie(params: SessionParams | string): Promise<SessionResult> {
-  try {
-    // Handle both old string format and new object format for backward compatibility
-    const idToken = typeof params === 'string' ? params : params.idToken;
-    
-    if (!idToken) {
-      const error = new Error('ID token is required for session creation');
-      console.error('[createSessionCookie] Missing ID token:', error);
-      return {
-        success: false,
-        message: 'ID token is required',
-        error: 'INVALID_TOKEN',
-        cookieSet: false
-      };
-    }
-
-    // Verify the ID token first
-    let decodedToken;
-    try {
-      decodedToken = await adminAuth.verifyIdToken(idToken);
-    } catch (verifyError) {
-      console.error('[createSessionCookie] ID token verification failed:', verifyError);
-      const authError = handleFirebaseAuthError(verifyError);
-      return {
-        success: false,
-        message: authError.message,
-        error: authError.code,
-        cookieSet: false
-      };
-    }
-    
-    if (!decodedToken) {
-      const error = new Error('Invalid ID token - verification returned null');
-      console.error('[createSessionCookie] Token verification returned null:', error);
-      return {
-        success: false,
-        message: 'Invalid ID token',
-        error: 'INVALID_TOKEN',
-        cookieSet: false
-      };
-    }
-
-    // Create session cookie
-    let sessionCookie;
-    try {
-      sessionCookie = await adminAuth.createSessionCookie(idToken, { 
-        expiresIn: SESSION_CONSTANTS.DEFAULT_EXPIRES_IN_MS 
-      });
-    } catch (sessionError) {
-      console.error('[createSessionCookie] Firebase session cookie creation failed:', sessionError);
-      const authError = handleFirebaseAuthError(sessionError);
-      return {
-        success: false,
-        message: authError.message,
-        error: authError.code,
-        cookieSet: false
-      };
-    }
-
-    // Set the cookie and verify it was set
-    let cookieSetSuccessfully = false;
-    try {
-      const cookieStore = await cookies();
-      cookieStore.set(SESSION_CONSTANTS.COOKIE_NAME, sessionCookie, {
-        maxAge: SESSION_CONSTANTS.DEFAULT_EXPIRES_IN_SECONDS,
-        ...COOKIE_OPTIONS,
-      });
-
-      // Verify the cookie was actually set
-      const verifySetCookie = cookieStore.get(SESSION_CONSTANTS.COOKIE_NAME);
-      cookieSetSuccessfully = !!verifySetCookie?.value;
-      
-      if (!cookieSetSuccessfully) {
-        const error = new Error('Session cookie was not set successfully');
-        console.error('[createSessionCookie] Cookie verification failed:', error);
-        throw error;
-      }
-
-    } catch (cookieError) {
-      console.error('[createSessionCookie] Failed to set session cookie:', cookieError);
-      return {
-        success: false,
-        message: 'Failed to set session cookie',
-        error: 'COOKIE_SET_FAILED',
-        cookieSet: false
-      };
-    }
-
-    console.log(`[createSessionCookie] Session cookie created successfully for user: ${decodedToken.uid}`);
-    return {
-      success: true,
-      message: 'Session created successfully',
-      expiresIn: SESSION_CONSTANTS.DEFAULT_EXPIRES_IN_SECONDS,
-      cookieSet: cookieSetSuccessfully
-    };
-
-  } catch (error) {
-    console.error('[createSessionCookie] Unexpected error:', error);
-    const authError = handleFirebaseAuthError(error);
-    return {
-      success: false,
-      message: authError.message || 'Failed to create session',
-      error: authError.code || 'INTERNAL_ERROR',
-      cookieSet: false
-    };
-  }
-}
-
-
-
-export async function getServerSessionCookie() {
-  const cookieStore = await cookies();
-  const sessionCookie = cookieStore.get('_session_cookie')?.value;
-
-  if (!sessionCookie) {
-    throw new Error('No session cookie found')
-  }
-    
-  try {
-    const decondeClaims = await adminAuth.verifySessionCookie(sessionCookie, true)
-    return {
-      token: sessionCookie,
-      userId: decondeClaims.uid
-    }
-  } catch (error) {
-    console.error('Error verifying session:', error)
-    throw new Error('Invalid Session')
-  }
-}
-
-
-export async function getIdToken() {
-  const cookieStore = await cookies();
-  const token = cookieStore.get('_session_token')?.value;
-
-  if (!token) {
-    throw new Error('No session cookie found')
-  }
-    
-  try {
-    const decodedClaims = await adminAuth.verifyIdToken(token)
-    return {
-      token: token,
-      userId: decodedClaims.uid
-    }
-  } catch (error) {
-    console.error('Error verifying session:', error)
-    throw new Error('Invalid Session')
-  }
-}
-
-export async function setServerSession(token: string) {
-  try {
-    const cookieStore = await cookies();
-    cookieStore.set('_session_token', token, {
-      httpOnly: true,
-      secure: process.env.NODE_ENV === 'production',
-      sameSite: 'strict',
-      maxAge: 60 * 60, // 1 hour
-      path: '/',
-    });
-    return { success: true, message: 'Session created' };
-  } catch {
-    return { success: false, message: 'Failed to create session' };
-  }
-}
-
-  export async function verifyTernIdToken(token: string): Promise<TernVerificationResult> {
-    try {
-      const decodedToken = await adminAuth.verifyIdToken(token);
-      return {
-        valid: true,
-        uid: decodedToken.uid,
-        email: decodedToken.email || null,
-        authTime: decodedToken.auth_time
-      };
-    } catch (error) {
-      const errorResponse = handleFirebaseAuthError(error)
-      return {
-        valid: false,
-        uid: null,
-        email: null,
-        error: errorResponse
-      };
-    }
-  }
-  
-
-  export async function verifyTernSessionCookie(session: string): Promise<TernVerificationResult>{
-    try {
-      const res = await adminAuth.verifySessionCookie(session);
-      return { 
-          valid: true, 
-          uid: res.uid,
-          email: res.email || null,
-          authTime: res.auth_time
-        };
-    } catch (error) {
-      const errorResponse = handleFirebaseAuthError(error)
-      return {
-        valid: false, 
-        uid: null,
-        email: null,
-        error: errorResponse
-      };
-    }
-  }
-
-
-  export async function clearSessionCookie() {
-    const cookieStore = await cookies()
-    
-    cookieStore.delete('_session_cookie')
-    cookieStore.delete('_session_token')
-    cookieStore.delete('_session')
-  
-    try {
-      // Verify if there's an active session before revoking
-      const sessionCookie = cookieStore.get('_session_cookie')?.value
-      if (sessionCookie) {
-        // Get the decoded claims to get the user's ID
-        const decodedClaims = await adminAuth.verifySessionCookie(sessionCookie)
-        
-        // Revoke all sessions for the user
-        await adminAuth.revokeRefreshTokens(decodedClaims.uid)
-      }
-      
-      return { success: true, message: 'Session cleared successfully' }
-    } catch (error) {
-      console.error('Error clearing session:', error)
-      // Still return success even if revoking fails, as cookies are cleared
-      return { success: true, message: 'Session cookies cleared' }
-    }
-  }
-
-
-
-/*
-  export async function GET(request: NextRequest) {
-    const cookieStore = await cookies();
-    const sessionCookie = cookieStore.get('session')?.value
-  
-    if (!sessionCookie) {
-      return NextResponse.json({ isAuthenticated: false }, { status: 401 })
-    }
-  
-    try {
-      const decodedClaims = await adminAuth.verifySessionCookie(sessionCookie, true)
-      return NextResponse.json({ isAuthenticated: true, user: decodedClaims }, { status: 200 })
-    } catch (error) {
-      console.error('Error verifying session cookie:', error)
-      return NextResponse.json({ isAuthenticated: false }, { status: 401 })
-    }
-  }
-
-*/

package/src/admin/tenant.ts

@@ -1,63 +0,0 @@
-import { TernSecureTenantManager } from "../utils/admin-init";
-import type { SignInResponse } from '@tern-secure/types';
-
-
-export async function createTenant(
-  displayName: string,
-  emailSignInConfig: {
-    enabled: boolean;
-    passwordRequired: boolean;
-  },
-  multiFactorConfig?: {
-    state: 'ENABLED' | 'DISABLED';
-    factorIds: "phone"[];
-    testPhoneNumbers?: {
-        [phoneNumber: string]: string;
-    }
-  }
-) {
-  try {
-    const tenantConfig = {
-      displayName,
-      emailSignInConfig,
-      ...(multiFactorConfig && { multiFactorConfig })
-    };
-
-    const tenant = await TernSecureTenantManager.createTenant(tenantConfig);
-    
-    return {
-      success: true,
-      tenantId: tenant.tenantId,
-      displayName: tenant.displayName,
-    };
-  } catch (error) {
-    console.error('Error creating tenant:', error);
-    throw new Error('Failed to create tenant');
-  }
-}
-
-export async function createTenantUser(
-  email: string,
-  password: string,
-  tenantId: string
-): Promise<SignInResponse> {
-  try {
-    const tenantAuth = TernSecureTenantManager.authForTenant(tenantId);
-    
-    const userRecord = await tenantAuth.createUser({
-      email,
-      password,
-      emailVerified: false,
-      disabled: false
-    });
-
-    return {
-      success: true,
-      message: 'Tenant user created successfully',
-      user: userRecord.uid,
-    };
-  } catch (error) {
-    console.error('Error creating tenant user:', error);
-    throw new Error('Failed to create tenant user');
-  }
-}

package/src/index.ts

@@ -1,12 +0,0 @@
-export { 
-    verifyTernSessionCookie,
-    createSessionCookie, 
-    clearSessionCookie 
-} from './admin/sessionTernSecure'
-export { 
-    adminTernSecureAuth, 
-    adminTernSecureDb, 
-    TernSecureTenantManager 
-} from './utils/admin-init'
-export { initializeAdminConfig } from './utils/config'
-export { createTenant, createTenantUser } from './admin/tenant'

package/src/ternsecureauth.ts

@@ -1,18 +0,0 @@
-/**
- * Firebase implementation of the TernSecureAuthProvider interface
- */
-export class TernSecureAuthProvider  {
-    private static instance: TernSecureAuthProvider | null;
-
-    public static getOrCreateInstance(): TernSecureAuthProvider {
-        if (!TernSecureAuthProvider.instance) {
-            TernSecureAuthProvider.instance = new TernSecureAuthProvider();
-        }
-        return TernSecureAuthProvider.instance;
-    }
-
-    static clearInstance() {
-        TernSecureAuthProvider.instance = null;
-    }
-
-}

package/src/utils/admin-init.ts

@@ -1,22 +0,0 @@
-import admin from 'firebase-admin';
-import { initializeAdminConfig } from './config';
-
-// Initialize Firebase Admin if not already initialized
-if (!admin.apps.length) {
-  try {
-    const config = initializeAdminConfig();
-    admin.initializeApp({
-      credential: admin.credential.cert({
-        ...config,
-        privateKey: config.privateKey.replace(/\\n/g, '\n'),
-      }),
-    });
-  } catch (error) {
-    console.error('Firebase admin initialization error', error);
-  }
-}
-
-// Add explicit type annotations using the types from the admin namespace
-export const adminTernSecureAuth: admin.auth.Auth = admin.auth();
-export const adminTernSecureDb: admin.firestore.Firestore = admin.firestore();
-export const TernSecureTenantManager: admin.auth.TenantManager = admin.auth().tenantManager();

package/src/utils/config.ts

@@ -1,122 +0,0 @@
-import { 
-  TernSecureConfig, 
-  ConfigValidationResult, 
-  TernSecureAdminConfig, 
-  AdminConfigValidationResult 
-} from '@tern-secure/types'
-
-/**
- * Loads Firebase configuration from environment variables
- * @returns {TernSecureConfig} Firebase configuration object
- */
-export const loadFireConfig = (): TernSecureConfig => ({
-  apiKey: process.env.NEXT_PUBLIC_FIREBASE_API_KEY || '',
-  authDomain: process.env.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN || '',
-  projectId: process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID || '',
-  storageBucket: process.env.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET || '',
-  messagingSenderId: process.env.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID || '',
-  appId: process.env.NEXT_PUBLIC_FIREBASE_APP_ID || '',
-  measurementId: process.env.NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID || undefined,
-})
-
-/**
- * Validates Firebase configuration
- * @param {TernSecureConfig} config - Firebase configuration object
- * @throws {Error} If required configuration values are missing
- * @returns {TernSecureConfig} Validated configuration object
- */
-export const validateConfig = (config: TernSecureConfig): ConfigValidationResult => {
-  const requiredFields: (keyof TernSecureConfig)[] = [
-    'apiKey',
-    'authDomain',
-    'projectId',
-    'storageBucket',
-    'messagingSenderId',
-    'appId'
-  ]
-
-  const errors: string[] = []
-  
-  requiredFields.forEach(field => {
-    if (!config[field]) {
-      errors.push(`Missing required field: NEXT_PUBLIC_FIREBASE_${String(field).toUpperCase()}`)
-    }
-  })
-
-  return {
-    isValid: errors.length === 0,
-    errors,
-    config
-  }
-}
-
-/**
- * Initializes configuration with validation
- * @throws {Error} If configuration is invalid
- */
-export const initializeConfig = (): TernSecureConfig => {
-  const config = loadFireConfig()
-  const validationResult = validateConfig(config)
-
-  if (!validationResult.isValid) {
-    throw new Error(
-      `Firebase configuration validation failed:\n${validationResult.errors.join('\n')}`
-    )
-  }
-
-  return config
-}
-
-/**
- * Loads Firebase Admin configuration from environment variables
- * @returns {AdminConfig} Firebase Admin configuration object
- */
-export const loadAdminConfig = (): TernSecureAdminConfig => ({
-  projectId: process.env.FIREBASE_PROJECT_ID || '',
-  clientEmail: process.env.FIREBASE_CLIENT_EMAIL || '',
-  privateKey: process.env.FIREBASE_PRIVATE_KEY || '',
-})
-
-/**
- * Validates Firebase Admin configuration
- * @param {AdminConfig} config - Firebase Admin configuration object
- * @returns {ConfigValidationResult} Validation result
- */
-export const validateAdminConfig = (config: TernSecureAdminConfig): AdminConfigValidationResult => {
-  const requiredFields: (keyof TernSecureAdminConfig)[] = [
-    'projectId',
-    'clientEmail',
-    'privateKey'
-  ]
-
-  const errors: string[] = []
-  
-  requiredFields.forEach(field => {
-    if (!config[field]) {
-      errors.push(`Missing required field: FIREBASE_${String(field).toUpperCase()}`)
-    }
-  })
-
-  return {
-    isValid: errors.length === 0,
-    errors,
-    config
-  }
-}
-
-/**
- * Initializes admin configuration with validation
- * @throws {Error} If configuration is invalid
- */
-export const initializeAdminConfig = (): TernSecureAdminConfig => {
-  const config = loadAdminConfig()
-  const validationResult = validateAdminConfig(config)
-
-  if (!validationResult.isValid) {
-    throw new Error(
-      `Firebase Admin configuration validation failed:\n${validationResult.errors.join('\n')}`
-    )
-  }
-
-  return config
-}

package/tsconfig.add.json

@@ -1,13 +0,0 @@
-{
-  "extends": "./tsconfig.json",
-  "compilerOptions": {
-    "declaration": true,
-    "declarationDir": "./dist/types",
-    "declarationMap": true,
-    "emitDeclarationOnly": true,
-    "noEmit": false,
-    "skipLibCheck": true,
-    "sourceMap": false
-  },
-  "exclude": ["node_modules", "dist"]
-}

package/tsconfig.json

@@ -1,25 +0,0 @@
-{
-  "compilerOptions": {
-    "allowJs": true,
-    "allowSyntheticDefaultImports": true,
-    "baseUrl": ".",
-    "esModuleInterop": true,
-    "forceConsistentCasingInFileNames": true,
-    "importHelpers": true,
-    "isolatedModules": true,
-    "lib": ["es2020"],
-    "module": "NodeNext",
-    "moduleResolution": "nodenext",
-    "noImplicitReturns": true,
-    "noUnusedLocals": false,
-    "noUnusedParameters": false,
-    "outDir": "dist",
-    "resolveJsonModule": true,
-    "rootDir": "src",
-    "skipLibCheck": true,
-    "sourceMap": false,
-    "strict": true,
-  },
-  "include": ["src"],
-  "exclude": ["node_modules"]
-}