@tern-secure/nextjs 3.3.5 → 3.4.1

package/dist/cjs/utils/create-styles.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/utils/create-styles.ts"],"sourcesContent":["'use client'\n\nconst PREFIX = 'tern'\n\n// Singleton to track style injection\nconst styleInjection = {\n  isInjected: false,\n  styleElement: null as HTMLStyleElement | null\n}\n\nexport const defaultClassNames = {\n  container: `${PREFIX}-container`,\n  header: `${PREFIX}-header`,\n  title: `${PREFIX}-title`,\n  formWrapper: `${PREFIX}-formWrapper`,\n  formContainer: `${PREFIX}-formContainer`,\n  form: `${PREFIX}-form`,\n  label: `${PREFIX}-label`,\n  input: `${PREFIX}-input`,\n  button: `${PREFIX}-button`,\n  error: `${PREFIX}-error`\n} as const\n\n// Create styles once and cache them\nfunction createStyleSheet(styles: Record<string, React.CSSProperties>) {\n  if (typeof window === 'undefined') return defaultClassNames\n\n  // Return early if styles are already injected\n  if (styleInjection.isInjected) {\n    return defaultClassNames\n  }\n\n  // Find existing style element or create new one\n  let styleElement = document.querySelector<HTMLStyleElement>('[data-tern-secure]')\n  \n  if (!styleElement) {\n    styleElement = document.createElement('style')\n    styleElement.setAttribute('data-tern-secure', '')\n    document.head.appendChild(styleElement)\n    styleInjection.styleElement = styleElement\n  }\n\n  // Create CSS rules\n  const cssRules = Object.entries(styles).map(([key, rules]) => {\n    const className = defaultClassNames[key as keyof typeof defaultClassNames]\n    const cssProperties = Object.entries(rules).map(([prop, value]) => {\n      const cssProperty = prop.replace(/([A-Z])/g, '-$1').toLowerCase()\n      return `${cssProperty}: ${value};`\n    }).join(' ')\n\n    return `.${className} { ${cssProperties} }`\n  }).join('\\n')\n\n  // Insert styles only once\n  styleElement.textContent = cssRules\n  styleInjection.isInjected = true\n\n  return defaultClassNames\n}\n\n// Style configuration\nexport const styleConfig = {\n  container: {\n    display: 'flex',\n    minHeight: '100%',\n    flex: '1',\n    flexDirection: 'column',\n    justifyContent: 'center',\n    padding: '3rem 1.5rem'\n  },\n  header: {\n    margin: '0 auto',\n    width: '100%',\n    maxWidth: '28rem'\n  },\n  title: {\n    marginTop: '1.5rem',\n    textAlign: 'center',\n    fontSize: '1.875rem',\n    fontWeight: '700',\n    lineHeight: '2.25rem',\n    letterSpacing: '-0.025em',\n    color: 'var(--tern-text-primary, #111827)'\n  },\n  formWrapper: {\n    marginTop: '2.5rem',\n    margin: '0 auto',\n    width: '100%',\n    maxWidth: '30rem'\n  },\n  formContainer: {\n    padding: '3rem 1.5rem',\n    boxShadow: '0 1px 3px 0 rgb(0 0 0 / 0.1)',\n    borderRadius: '0.5rem',\n    backgroundColor: 'var(--tern-background, white)'\n  },\n  form: {\n    display: 'flex',\n    flexDirection: 'column',\n    gap: '1rem'\n  },\n  label: {\n    display: 'block',\n    fontSize: '0.875rem',\n    fontWeight: '500',\n    color: 'var(--tern-text-secondary, #374151)'\n  },\n  input: {\n    marginTop: '0.25rem',\n    display: 'block',\n    width: '100%',\n    padding: '0.5rem 0.75rem',\n    borderRadius: '0.375rem',\n    border: '1px solid var(--tern-border, #D1D5DB)',\n    backgroundColor: 'var(--tern-input-background, white)',\n    color: 'var(--tern-text-primary, #111827)'\n  },\n  button: {\n    display: 'flex',\n    width: '100%',\n    justifyContent: 'center',\n    padding: '0.5rem 1rem',\n    fontSize: '0.875rem',\n    fontWeight: '500',\n    color: 'white',\n    backgroundColor: 'var(--tern-primary, #2563EB)',\n    border: 'none',\n    borderRadius: '0.375rem',\n    cursor: 'pointer'\n  },\n  error: {\n    color: 'var(--tern-error, #DC2626)',\n    fontSize: '0.875rem'\n  }\n} as const\n\n// Export pre-created styles\nexport const styles = createStyleSheet(styleConfig)\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,MAAM,SAAS;AAGf,MAAM,iBAAiB;AAAA,EACrB,YAAY;AAAA,EACZ,cAAc;AAChB;AAEO,MAAM,oBAAoB;AAAA,EAC/B,WAAW,GAAG,MAAM;AAAA,EACpB,QAAQ,GAAG,MAAM;AAAA,EACjB,OAAO,GAAG,MAAM;AAAA,EAChB,aAAa,GAAG,MAAM;AAAA,EACtB,eAAe,GAAG,MAAM;AAAA,EACxB,MAAM,GAAG,MAAM;AAAA,EACf,OAAO,GAAG,MAAM;AAAA,EAChB,OAAO,GAAG,MAAM;AAAA,EAChB,QAAQ,GAAG,MAAM;AAAA,EACjB,OAAO,GAAG,MAAM;AAClB;AAGA,SAAS,iBAAiBA,SAA6C;AACrE,MAAI,OAAO,WAAW,YAAa,QAAO;AAG1C,MAAI,eAAe,YAAY;AAC7B,WAAO;AAAA,EACT;AAGA,MAAI,eAAe,SAAS,cAAgC,oBAAoB;AAEhF,MAAI,CAAC,cAAc;AACjB,mBAAe,SAAS,cAAc,OAAO;AAC7C,iBAAa,aAAa,oBAAoB,EAAE;AAChD,aAAS,KAAK,YAAY,YAAY;AACtC,mBAAe,eAAe;AAAA,EAChC;AAGA,QAAM,WAAW,OAAO,QAAQA,OAAM,EAAE,IAAI,CAAC,CAAC,KAAK,KAAK,MAAM;AAC5D,UAAM,YAAY,kBAAkB,GAAqC;AACzE,UAAM,gBAAgB,OAAO,QAAQ,KAAK,EAAE,IAAI,CAAC,CAAC,MAAM,KAAK,MAAM;AACjE,YAAM,cAAc,KAAK,QAAQ,YAAY,KAAK,EAAE,YAAY;AAChE,aAAO,GAAG,WAAW,KAAK,KAAK;AAAA,IACjC,CAAC,EAAE,KAAK,GAAG;AAEX,WAAO,IAAI,SAAS,MAAM,aAAa;AAAA,EACzC,CAAC,EAAE,KAAK,IAAI;AAGZ,eAAa,cAAc;AAC3B,iBAAe,aAAa;AAE5B,SAAO;AACT;AAGO,MAAM,cAAc;AAAA,EACzB,WAAW;AAAA,IACT,SAAS;AAAA,IACT,WAAW;AAAA,IACX,MAAM;AAAA,IACN,eAAe;AAAA,IACf,gBAAgB;AAAA,IAChB,SAAS;AAAA,EACX;AAAA,EACA,QAAQ;AAAA,IACN,QAAQ;AAAA,IACR,OAAO;AAAA,IACP,UAAU;AAAA,EACZ;AAAA,EACA,OAAO;AAAA,IACL,WAAW;AAAA,IACX,WAAW;AAAA,IACX,UAAU;AAAA,IACV,YAAY;AAAA,IACZ,YAAY;AAAA,IACZ,eAAe;AAAA,IACf,OAAO;AAAA,EACT;AAAA,EACA,aAAa;AAAA,IACX,WAAW;AAAA,IACX,QAAQ;AAAA,IACR,OAAO;AAAA,IACP,UAAU;AAAA,EACZ;AAAA,EACA,eAAe;AAAA,IACb,SAAS;AAAA,IACT,WAAW;AAAA,IACX,cAAc;AAAA,IACd,iBAAiB;AAAA,EACnB;AAAA,EACA,MAAM;AAAA,IACJ,SAAS;AAAA,IACT,eAAe;AAAA,IACf,KAAK;AAAA,EACP;AAAA,EACA,OAAO;AAAA,IACL,SAAS;AAAA,IACT,UAAU;AAAA,IACV,YAAY;AAAA,IACZ,OAAO;AAAA,EACT;AAAA,EACA,OAAO;AAAA,IACL,WAAW;AAAA,IACX,SAAS;AAAA,IACT,OAAO;AAAA,IACP,SAAS;AAAA,IACT,cAAc;AAAA,IACd,QAAQ;AAAA,IACR,iBAAiB;AAAA,IACjB,OAAO;AAAA,EACT;AAAA,EACA,QAAQ;AAAA,IACN,SAAS;AAAA,IACT,OAAO;AAAA,IACP,gBAAgB;AAAA,IAChB,SAAS;AAAA,IACT,UAAU;AAAA,IACV,YAAY;AAAA,IACZ,OAAO;AAAA,IACP,iBAAiB;AAAA,IACjB,QAAQ;AAAA,IACR,cAAc;AAAA,IACd,QAAQ;AAAA,EACV;AAAA,EACA,OAAO;AAAA,IACL,OAAO;AAAA,IACP,UAAU;AAAA,EACZ;AACF;AAGO,MAAM,SAAS,iBAAiB,WAAW;","names":["styles"]}

package/dist/esm/app-router/client/TernSecureProvider.js

@@ -0,0 +1,9 @@
+import { jsx } from "react/jsx-runtime";
+import { TernSecureClientProvider } from "../../boundary/TernSecureClientProvider";
+async function TernSecureProvider({ children }) {
+  return /* @__PURE__ */ jsx(TernSecureClientProvider, { children });
+}
+export {
+  TernSecureProvider
+};
+//# sourceMappingURL=TernSecureProvider.js.map

package/dist/esm/app-router/client/TernSecureProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../src/app-router/client/TernSecureProvider.tsx"],"sourcesContent":["import React from \"react\"\nimport { TernSecureClientProvider } from \"../../boundary/TernSecureClientProvider\"\n\n\n// Loading fallback component\n/*function TernSecureLoadingFallback() {\n  return (\n    <div>\n      <span className=\"sr-only\">Loading...</span>\n    </div>\n  )\n}*/\n/**\n * Root Provider for TernSecure\n * Use this in your Next.js App Router root layout\n * Automatically handles client/server boundary and authentication state\n * \n * @example\n * /// app/layout.tsx\n * import { TernSecureProvider } from '@tern/secure'\n * \n * export default function RootLayout({ children }) {\n *   return (\n *     <html>\n *       <body>\n *         <TernSecureProvider>\n *           {children}\n *         </TernSecureProvider>\n *       </body>\n *     </html>\n *   )\n * }\n */\nexport async function TernSecureProvider({ children }: { children: React.ReactNode }) {\n  return (\n    <TernSecureClientProvider>\n        {children}\n    </TernSecureClientProvider>\n  )\n}"],"mappings":"AAmCI;AAlCJ,SAAS,gCAAgC;AAgCzC,eAAsB,mBAAmB,EAAE,SAAS,GAAkC;AACpF,SACE,oBAAC,4BACI,UACL;AAEJ;","names":[]}

package/dist/esm/app-router/client/actions.js

@@ -0,0 +1,151 @@
+import { TernSecureAuth } from "../../utils/client-init";
+import { signInWithEmailAndPassword, signInWithRedirect, getRedirectResult, GoogleAuthProvider, OAuthProvider, createUserWithEmailAndPassword, sendEmailVerification } from "firebase/auth";
+import { createSessionCookie } from "../server/sessionTernSecure";
+async function createUser(email, password) {
+  const auth = TernSecureAuth();
+  try {
+    const actionCodeSettings = {
+      url: `${window.location.origin}/sign-in`,
+      handleCodeInApp: true
+    };
+    const userCredential = await createUserWithEmailAndPassword(auth, email, password);
+    await sendEmailVerification(userCredential.user, actionCodeSettings);
+    return { success: true, message: "Account created successfully.", user: userCredential.user };
+  } catch (error) {
+    if (error instanceof Error) {
+      switch (error.message) {
+        case "auth/too-many-requests":
+          throw new Error("Too many attempts. Please try again later.");
+        case "auth/network-request-failed":
+          throw new Error("Network disconnected. Please try again later.");
+        case "auth/email-already-in-use":
+          throw new Error("Email is already registered.");
+        case "auth/invalid-email":
+          throw new Error("Invalid email address.");
+        case "auth/operation-not-allowed":
+          throw new Error("Email/password accounts are not enabled.");
+        case "auth/weak-password":
+          throw new Error("Password is too weak.");
+        default:
+          throw new Error(error.message);
+      }
+    }
+    throw new Error("Failed to create account");
+  }
+}
+async function signInWithEmail(email, password) {
+  const auth = TernSecureAuth();
+  try {
+    const UserCredential = await signInWithEmailAndPassword(auth, email, password);
+    const idToken = await UserCredential.user.getIdToken();
+    const res = await createSessionCookie(idToken);
+    if (res.success) {
+      return { success: true, message: "Connected." };
+    } else {
+      throw new Error(res.message);
+    }
+  } catch (error) {
+    const errorMessage = error instanceof Error ? error.message : "Failed to sign in";
+    throw new Error(errorMessage);
+  }
+}
+async function signInWithRedirectGoogle() {
+  const auth = TernSecureAuth();
+  const provider = new GoogleAuthProvider();
+  provider.setCustomParameters({
+    login_hint: "user@example.com",
+    prompt: "select_account"
+  });
+  try {
+    await signInWithRedirect(auth, provider);
+    return { success: true, message: "Redirect initiated" };
+  } catch (error) {
+    console.error("Error during Google sign-in:", error);
+    return { success: false, error: "Failed to sign in with Google" };
+  }
+}
+async function signInWithMicrosoft() {
+  const auth = TernSecureAuth();
+  const provider = new OAuthProvider("microsoft.com");
+  provider.setCustomParameters({
+    prompt: "consent"
+  });
+  try {
+    await signInWithRedirect(auth, provider);
+    return { success: true, message: "Redirect initiated" };
+  } catch (error) {
+    console.error("Error during Google sign-in:", error);
+    return { success: false, error: "Failed to sign in with Google" };
+  }
+}
+async function handleAuthRedirectResult() {
+  const auth = TernSecureAuth();
+  try {
+    const result = await getRedirectResult(auth);
+    if (result) {
+      const user = result.user;
+      return { success: true, user };
+    } else {
+      return { success: false, error: "No redirect result" };
+    }
+  } catch (error) {
+    console.error("Error handling auth redirect result:", error);
+    return { success: false, error: error.message || "Failed to handle auth redirect", code: error.code };
+  }
+}
+async function resendEmailVerification() {
+  const auth = TernSecureAuth();
+  try {
+    const user = auth.currentUser;
+    if (!user) {
+      throw new Error("No user found. Please try signing up again.");
+    }
+    await user.reload();
+    if (user.emailVerified) {
+      return {
+        success: true,
+        message: "Email is already verified. You can sign in.",
+        isVerified: true
+      };
+    }
+    const actionCodeSettings = {
+      url: `${window.location.origin}/sign-in`,
+      handleCodeInApp: true
+    };
+    await sendEmailVerification(user, actionCodeSettings);
+    return {
+      success: true,
+      message: "Verification email sent successfully.",
+      isVerified: false
+    };
+  } catch (error) {
+    if (error instanceof Error) {
+      switch (error.message) {
+        case "auth/too-many-requests":
+          throw new Error("Too many attempts. Please try again later.");
+        case "auth/network-request-failed":
+          throw new Error("Network disconnected. Please try again later.");
+        case "auth/email-already-in-use":
+          throw new Error("Email is already registered.");
+        case "auth/invalid-email":
+          throw new Error("Invalid email address.");
+        case "auth/operation-not-allowed":
+          throw new Error("Email/password accounts are not enabled.");
+        case "auth/weak-password":
+          throw new Error("Password is too weak.");
+        default:
+          throw new Error(error.message);
+      }
+    }
+    throw new Error("Failed to resend verification email.");
+  }
+}
+export {
+  createUser,
+  handleAuthRedirectResult,
+  resendEmailVerification,
+  signInWithEmail,
+  signInWithMicrosoft,
+  signInWithRedirectGoogle
+};
+//# sourceMappingURL=actions.js.map

package/dist/esm/app-router/client/actions.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../src/app-router/client/actions.ts"],"sourcesContent":["import { TernSecureAuth } from '../../utils/client-init'\nimport { signInWithEmailAndPassword, signInWithRedirect, getRedirectResult, GoogleAuthProvider, OAuthProvider, createUserWithEmailAndPassword, sendEmailVerification } from 'firebase/auth'\nimport { createSessionCookie } from '../server/sessionTernSecure'\n\nexport async function createUser(email: string, password: string) {\n  const auth = TernSecureAuth()\n  try {\n    \n    const actionCodeSettings = {\n      url: `${window.location.origin}/sign-in`,\n      handleCodeInApp: true\n    };\n\n    const userCredential = await createUserWithEmailAndPassword(auth, email, password);\n\n    await sendEmailVerification(userCredential.user, actionCodeSettings)\n    \n    return { success: true, message: 'Account created successfully.', user: userCredential.user };\n\n  } catch (error) {\n    // Handle specific Firebase auth errors\n    if (error instanceof Error) {\n      switch (error.message) {\n        case 'auth/too-many-requests':\n          throw new Error('Too many attempts. Please try again later.');\n        case 'auth/network-request-failed':\n            throw new Error('Network disconnected. Please try again later.');\n        case 'auth/email-already-in-use':\n          throw new Error('Email is already registered.');\n        case 'auth/invalid-email':\n          throw new Error('Invalid email address.');\n        case 'auth/operation-not-allowed':\n          throw new Error('Email/password accounts are not enabled.');\n        case 'auth/weak-password':\n          throw new Error('Password is too weak.');\n        default:\n          throw new Error(error.message);\n      }\n    }\n    throw new Error('Failed to create account');\n  }\n}\n\n\nexport async function signInWithEmail(email: string, password: string){\n  const auth = TernSecureAuth()\n  try {\n  const UserCredential = await signInWithEmailAndPassword(auth, email, password)\n  const idToken = await UserCredential.user.getIdToken();\n\n  const res = await createSessionCookie(idToken);\n\n  if(res.success) {\n    return { success: true, message: 'Connected.' };\n  } else {\n    throw new Error(res.message);\n  }\n} catch (error){\n  const errorMessage = error instanceof Error ? error.message : 'Failed to sign in';\n  throw new Error(errorMessage);\n}\n} \n\nexport async function signInWithRedirectGoogle() {\n  const auth = TernSecureAuth()\n  const provider = new GoogleAuthProvider()\n  provider.setCustomParameters({\n    login_hint: 'user@example.com',\n    prompt: 'select_account'\n  })\n\n  try {\n    await signInWithRedirect(auth, provider)\n    return { success: true, message: 'Redirect initiated' }\n  } catch (error) {\n    console.error('Error during Google sign-in:', error)\n    return { success: false, error: 'Failed to sign in with Google' }\n  }\n}\n\n\nexport async function signInWithMicrosoft() {\n  const auth = TernSecureAuth()\n  const provider = new OAuthProvider('microsoft.com')\n  provider.setCustomParameters({\n    prompt: 'consent'\n  })\n\n  try {\n    await signInWithRedirect(auth, provider)\n    return { success: true, message: 'Redirect initiated' }\n  } catch (error) {\n    console.error('Error during Google sign-in:', error)\n    return { success: false, error: 'Failed to sign in with Google' }\n  }\n}\n\n\nexport async function handleAuthRedirectResult() {\n  const auth = TernSecureAuth()\n  try {\n    const result = await getRedirectResult(auth)\n    if (result) {\n      const user = result.user\n      return { success: true, user }\n    } else {\n      return { success: false, error: 'No redirect result' }\n    }\n  } catch (error: any) {\n    console.error('Error handling auth redirect result:', error)\n    return { success: false, error: error.message || 'Failed to handle auth redirect', code: error.code }\n  }\n}\n\n\nexport async function resendEmailVerification() {\n  const auth = TernSecureAuth()\n  try {\n    const user = auth.currentUser;\n    if (!user) {\n      throw new Error('No user found. Please try signing up again.');\n    }\n\n    await user.reload();\n\n    if (user.emailVerified) {\n      return { \n        success: true, \n        message: 'Email is already verified. You can sign in.',\n        isVerified: true \n      };\n    }\n\n    const actionCodeSettings = {\n      url: `${window.location.origin}/sign-in`,\n      handleCodeInApp: true,\n    };\n\n    await sendEmailVerification(user, actionCodeSettings);\n    return { \n      success: true, \n      message: 'Verification email sent successfully.',\n      isVerified: false\n     };\n    } catch (error) {\n      if (error instanceof Error) {\n        switch (error.message) {\n          case 'auth/too-many-requests':\n            throw new Error('Too many attempts. Please try again later.');\n          case 'auth/network-request-failed':\n              throw new Error('Network disconnected. Please try again later.');\n          case 'auth/email-already-in-use':\n            throw new Error('Email is already registered.');\n          case 'auth/invalid-email':\n            throw new Error('Invalid email address.');\n          case 'auth/operation-not-allowed':\n            throw new Error('Email/password accounts are not enabled.');\n          case 'auth/weak-password':\n            throw new Error('Password is too weak.');\n          default:\n            throw new Error(error.message);\n        }\n      }\n      throw new Error('Failed to resend verification email.');\n    }\n}"],"mappings":"AAAA,SAAS,sBAAsB;AAC/B,SAAS,4BAA4B,oBAAoB,mBAAmB,oBAAoB,eAAe,gCAAgC,6BAA6B;AAC5K,SAAS,2BAA2B;AAEpC,eAAsB,WAAW,OAAe,UAAkB;AAChE,QAAM,OAAO,eAAe;AAC5B,MAAI;AAEF,UAAM,qBAAqB;AAAA,MACzB,KAAK,GAAG,OAAO,SAAS,MAAM;AAAA,MAC9B,iBAAiB;AAAA,IACnB;AAEA,UAAM,iBAAiB,MAAM,+BAA+B,MAAM,OAAO,QAAQ;AAEjF,UAAM,sBAAsB,eAAe,MAAM,kBAAkB;AAEnE,WAAO,EAAE,SAAS,MAAM,SAAS,iCAAiC,MAAM,eAAe,KAAK;AAAA,EAE9F,SAAS,OAAO;AAEd,QAAI,iBAAiB,OAAO;AAC1B,cAAQ,MAAM,SAAS;AAAA,QACrB,KAAK;AACH,gBAAM,IAAI,MAAM,4CAA4C;AAAA,QAC9D,KAAK;AACD,gBAAM,IAAI,MAAM,+CAA+C;AAAA,QACnE,KAAK;AACH,gBAAM,IAAI,MAAM,8BAA8B;AAAA,QAChD,KAAK;AACH,gBAAM,IAAI,MAAM,wBAAwB;AAAA,QAC1C,KAAK;AACH,gBAAM,IAAI,MAAM,0CAA0C;AAAA,QAC5D,KAAK;AACH,gBAAM,IAAI,MAAM,uBAAuB;AAAA,QACzC;AACE,gBAAM,IAAI,MAAM,MAAM,OAAO;AAAA,MACjC;AAAA,IACF;AACA,UAAM,IAAI,MAAM,0BAA0B;AAAA,EAC5C;AACF;AAGA,eAAsB,gBAAgB,OAAe,UAAiB;AACpE,QAAM,OAAO,eAAe;AAC5B,MAAI;AACJ,UAAM,iBAAiB,MAAM,2BAA2B,MAAM,OAAO,QAAQ;AAC7E,UAAM,UAAU,MAAM,eAAe,KAAK,WAAW;AAErD,UAAM,MAAM,MAAM,oBAAoB,OAAO;AAE7C,QAAG,IAAI,SAAS;AACd,aAAO,EAAE,SAAS,MAAM,SAAS,aAAa;AAAA,IAChD,OAAO;AACL,YAAM,IAAI,MAAM,IAAI,OAAO;AAAA,IAC7B;AAAA,EACF,SAAS,OAAM;AACb,UAAM,eAAe,iBAAiB,QAAQ,MAAM,UAAU;AAC9D,UAAM,IAAI,MAAM,YAAY;AAAA,EAC9B;AACA;AAEA,eAAsB,2BAA2B;AAC/C,QAAM,OAAO,eAAe;AAC5B,QAAM,WAAW,IAAI,mBAAmB;AACxC,WAAS,oBAAoB;AAAA,IAC3B,YAAY;AAAA,IACZ,QAAQ;AAAA,EACV,CAAC;AAED,MAAI;AACF,UAAM,mBAAmB,MAAM,QAAQ;AACvC,WAAO,EAAE,SAAS,MAAM,SAAS,qBAAqB;AAAA,EACxD,SAAS,OAAO;AACd,YAAQ,MAAM,gCAAgC,KAAK;AACnD,WAAO,EAAE,SAAS,OAAO,OAAO,gCAAgC;AAAA,EAClE;AACF;AAGA,eAAsB,sBAAsB;AAC1C,QAAM,OAAO,eAAe;AAC5B,QAAM,WAAW,IAAI,cAAc,eAAe;AAClD,WAAS,oBAAoB;AAAA,IAC3B,QAAQ;AAAA,EACV,CAAC;AAED,MAAI;AACF,UAAM,mBAAmB,MAAM,QAAQ;AACvC,WAAO,EAAE,SAAS,MAAM,SAAS,qBAAqB;AAAA,EACxD,SAAS,OAAO;AACd,YAAQ,MAAM,gCAAgC,KAAK;AACnD,WAAO,EAAE,SAAS,OAAO,OAAO,gCAAgC;AAAA,EAClE;AACF;AAGA,eAAsB,2BAA2B;AAC/C,QAAM,OAAO,eAAe;AAC5B,MAAI;AACF,UAAM,SAAS,MAAM,kBAAkB,IAAI;AAC3C,QAAI,QAAQ;AACV,YAAM,OAAO,OAAO;AACpB,aAAO,EAAE,SAAS,MAAM,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,EAAE,SAAS,OAAO,OAAO,qBAAqB;AAAA,IACvD;AAAA,EACF,SAAS,OAAY;AACnB,YAAQ,MAAM,wCAAwC,KAAK;AAC3D,WAAO,EAAE,SAAS,OAAO,OAAO,MAAM,WAAW,kCAAkC,MAAM,MAAM,KAAK;AAAA,EACtG;AACF;AAGA,eAAsB,0BAA0B;AAC9C,QAAM,OAAO,eAAe;AAC5B,MAAI;AACF,UAAM,OAAO,KAAK;AAClB,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,MAAM,6CAA6C;AAAA,IAC/D;AAEA,UAAM,KAAK,OAAO;AAElB,QAAI,KAAK,eAAe;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS;AAAA,QACT,YAAY;AAAA,MACd;AAAA,IACF;AAEA,UAAM,qBAAqB;AAAA,MACzB,KAAK,GAAG,OAAO,SAAS,MAAM;AAAA,MAC9B,iBAAiB;AAAA,IACnB;AAEA,UAAM,sBAAsB,MAAM,kBAAkB;AACpD,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS;AAAA,MACT,YAAY;AAAA,IACb;AAAA,EACD,SAAS,OAAO;AACd,QAAI,iBAAiB,OAAO;AAC1B,cAAQ,MAAM,SAAS;AAAA,QACrB,KAAK;AACH,gBAAM,IAAI,MAAM,4CAA4C;AAAA,QAC9D,KAAK;AACD,gBAAM,IAAI,MAAM,+CAA+C;AAAA,QACnE,KAAK;AACH,gBAAM,IAAI,MAAM,8BAA8B;AAAA,QAChD,KAAK;AACH,gBAAM,IAAI,MAAM,wBAAwB;AAAA,QAC1C,KAAK;AACH,gBAAM,IAAI,MAAM,0CAA0C;AAAA,QAC5D,KAAK;AACH,gBAAM,IAAI,MAAM,uBAAuB;AAAA,QACzC;AACE,gBAAM,IAAI,MAAM,MAAM,OAAO;AAAA,MACjC;AAAA,IACF;AACA,UAAM,IAAI,MAAM,sCAAsC;AAAA,EACxD;AACJ;","names":[]}

package/dist/esm/app-router/route-handler/internal-route.js

@@ -0,0 +1,20 @@
+import { Verify } from "../../components/verify";
+const internalRoutes = {
+  verify: {
+    pattern: /^\/sign-up\/verify$/,
+    component: Verify
+  }
+};
+function handleInternalRoute(pathname) {
+  for (const [key, route] of Object.entries(internalRoutes)) {
+    if (route.pattern.test(pathname)) {
+      return route.component;
+    }
+  }
+  return null;
+}
+export {
+  handleInternalRoute,
+  internalRoutes
+};
+//# sourceMappingURL=internal-route.js.map

package/dist/esm/app-router/route-handler/internal-route.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../src/app-router/route-handler/internal-route.tsx"],"sourcesContent":["import { Verify } from \"../../components/verify\"\n\n// Internal route mapping\nexport const internalRoutes = {\n  verify: {\n    pattern: /^\\/sign-up\\/verify$/,\n    component: Verify,\n  },\n}\n\n// Internal route handler\nexport function handleInternalRoute(pathname: string) {\n  for (const [key, route] of Object.entries(internalRoutes)) {\n    if (route.pattern.test(pathname)) {\n      return route.component\n    }\n  }\n  return null\n}\n\n"],"mappings":"AAAA,SAAS,cAAc;AAGhB,MAAM,iBAAiB;AAAA,EAC5B,QAAQ;AAAA,IACN,SAAS;AAAA,IACT,WAAW;AAAA,EACb;AACF;AAGO,SAAS,oBAAoB,UAAkB;AACpD,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,cAAc,GAAG;AACzD,QAAI,MAAM,QAAQ,KAAK,QAAQ,GAAG;AAChC,aAAO,MAAM;AAAA,IACf;AAAA,EACF;AACA,SAAO;AACT;","names":[]}

package/dist/esm/app-router/server/auth.js

@@ -0,0 +1,47 @@
+"use server";
+import { cookies } from "next/headers";
+import { verifyTernIdToken, verifyTernSessionCookie } from "./sessionTernSecure";
+async function auth() {
+  var _a, _b, _c;
+  try {
+    const cookieStore = await cookies();
+    const sessionCookie = (_a = cookieStore.get("_session_cookie")) == null ? void 0 : _a.value;
+    if (sessionCookie) {
+      const sessionResult = await verifyTernSessionCookie(sessionCookie);
+      if (sessionResult.valid) {
+        return {
+          userId: sessionResult.uid,
+          token: sessionCookie,
+          error: null
+        };
+      }
+    }
+    const idToken = (_b = cookieStore.get("_session_token")) == null ? void 0 : _b.value;
+    if (idToken) {
+      const tokenResult = await verifyTernIdToken(idToken);
+      if (tokenResult.valid) {
+        return {
+          userId: (_c = tokenResult.uid) != null ? _c : null,
+          token: idToken,
+          error: null
+        };
+      }
+    }
+    return {
+      userId: null,
+      token: null,
+      error: new Error("No valid session or token found")
+    };
+  } catch (error) {
+    console.error("Error in auth function:", error);
+    return {
+      userId: null,
+      token: null,
+      error: error instanceof Error ? error : new Error("An unknown error occurred")
+    };
+  }
+}
+export {
+  auth
+};
+//# sourceMappingURL=auth.js.map

package/dist/esm/app-router/server/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../src/app-router/server/auth.ts"],"sourcesContent":["'use server'\n\nimport { cookies } from 'next/headers';\nimport {  verifyTernIdToken, verifyTernSessionCookie } from './sessionTernSecure';\n\nexport interface AuthResult {\n  userId: string | null;\n  token: string | null;\n  error: Error | null;\n}\n\nexport async function auth(): Promise<AuthResult> {\n  try {\n    const cookieStore = await cookies();\n    const sessionCookie = cookieStore.get('_session_cookie')?.value;\n    if (sessionCookie) {\n      const sessionResult = await verifyTernSessionCookie(sessionCookie);\n      if (sessionResult.valid) {\n        return {\n          userId: sessionResult.uid,\n          token: sessionCookie,\n          error: null\n        };\n      }\n    }\n\n    // If session cookie is not present or invalid, try the ID token\n    const idToken = cookieStore.get('_session_token')?.value;\n    if (idToken) {\n      const tokenResult = await verifyTernIdToken(idToken);\n      if (tokenResult.valid) {\n        return {\n          userId: tokenResult.uid ?? null,\n          token: idToken,\n          error: null\n        };\n      }\n    }\n\n    /// If both checks fail, return null values\n    return {\n      userId: null,\n      token: null,\n      error: new Error('No valid session or token found')\n    };\n  } catch (error) {\n    console.error('Error in auth function:', error);\n    return {\n      userId: null,\n      token: null,\n      error: error instanceof Error ? error : new Error('An unknown error occurred')\n    };\n  }\n}\n\n"],"mappings":";AAEA,SAAS,eAAe;AACxB,SAAU,mBAAmB,+BAA+B;AAQ5D,eAAsB,OAA4B;AAXlD;AAYE,MAAI;AACF,UAAM,cAAc,MAAM,QAAQ;AAClC,UAAM,iBAAgB,iBAAY,IAAI,iBAAiB,MAAjC,mBAAoC;AAC1D,QAAI,eAAe;AACjB,YAAM,gBAAgB,MAAM,wBAAwB,aAAa;AACjE,UAAI,cAAc,OAAO;AACvB,eAAO;AAAA,UACL,QAAQ,cAAc;AAAA,UACtB,OAAO;AAAA,UACP,OAAO;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAGA,UAAM,WAAU,iBAAY,IAAI,gBAAgB,MAAhC,mBAAmC;AACnD,QAAI,SAAS;AACX,YAAM,cAAc,MAAM,kBAAkB,OAAO;AACnD,UAAI,YAAY,OAAO;AACrB,eAAO;AAAA,UACL,SAAQ,iBAAY,QAAZ,YAAmB;AAAA,UAC3B,OAAO;AAAA,UACP,OAAO;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAGA,WAAO;AAAA,MACL,QAAQ;AAAA,MACR,OAAO;AAAA,MACP,OAAO,IAAI,MAAM,iCAAiC;AAAA,IACpD;AAAA,EACF,SAAS,OAAO;AACd,YAAQ,MAAM,2BAA2B,KAAK;AAC9C,WAAO;AAAA,MACL,QAAQ;AAAA,MACR,OAAO;AAAA,MACP,OAAO,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,2BAA2B;AAAA,IAC/E;AAAA,EACF;AACF;","names":[]}

package/dist/esm/app-router/server/index.js

@@ -0,0 +1,13 @@
+import { adminTernSecureAuth, adminTernSecureDb } from "../../utils/admin-init";
+import { ternSecureMiddleware } from "./ternSecureMiddleware";
+import { verifyTernSessionCookie, createSessionCookie } from "./sessionTernSecure";
+import { auth } from "./auth";
+export {
+  adminTernSecureAuth,
+  adminTernSecureDb,
+  auth,
+  createSessionCookie,
+  ternSecureMiddleware,
+  verifyTernSessionCookie
+};
+//# sourceMappingURL=index.js.map

package/dist/esm/app-router/server/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../src/app-router/server/index.ts"],"sourcesContent":["export { adminTernSecureAuth, adminTernSecureDb } from '../../utils/admin-init'\nexport { ternSecureMiddleware } from './ternSecureMiddleware'\nexport { verifyTernSessionCookie, createSessionCookie } from './sessionTernSecure'\nexport { auth } from './auth'"],"mappings":"AAAA,SAAS,qBAAqB,yBAAyB;AACvD,SAAS,4BAA4B;AACrC,SAAS,yBAAyB,2BAA2B;AAC7D,SAAS,YAAY;","names":[]}

package/dist/esm/app-router/server/sessionTernSecure.js

@@ -0,0 +1,129 @@
+"use server";
+import { cookies } from "next/headers";
+import { adminTernSecureAuth as adminAuth } from "../../utils/admin-init";
+async function createSessionCookie(idToken) {
+  try {
+    const expiresIn = 60 * 60 * 24 * 5 * 1e3;
+    const sessionCookie = await adminAuth.createSessionCookie(idToken, { expiresIn });
+    const cookieStore = await cookies();
+    cookieStore.set("_session_cookie", sessionCookie, {
+      maxAge: expiresIn,
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+      path: "/"
+    });
+    return { success: true, message: "Session created" };
+  } catch (error) {
+    return { success: false, message: "Failed to create session" };
+  }
+}
+async function getServerSessionCookie() {
+  var _a;
+  const cookieStore = await cookies();
+  const sessionCookie = (_a = cookieStore.get("_session_cookie")) == null ? void 0 : _a.value;
+  if (!sessionCookie) {
+    throw new Error("No session cookie found");
+  }
+  try {
+    const decondeClaims = await adminAuth.verifySessionCookie(sessionCookie, true);
+    return {
+      token: sessionCookie,
+      userId: decondeClaims.uid
+    };
+  } catch (error) {
+    console.error("Error verifying session:", error);
+    throw new Error("Invalid Session");
+  }
+}
+async function getIdToken() {
+  var _a;
+  const cookieStore = await cookies();
+  const token = (_a = cookieStore.get("_session_token")) == null ? void 0 : _a.value;
+  if (!token) {
+    throw new Error("No session cookie found");
+  }
+  try {
+    const decodedClaims = await adminAuth.verifyIdToken(token);
+    return {
+      token,
+      userId: decodedClaims.uid
+    };
+  } catch (error) {
+    console.error("Error verifying session:", error);
+    throw new Error("Invalid Session");
+  }
+}
+async function setServerSession(token) {
+  const cookieStore = await cookies();
+  cookieStore.set("_session", token, {
+    httpOnly: true,
+    secure: process.env.NODE_ENV === "production",
+    sameSite: "strict",
+    maxAge: 60 * 60,
+    // 1 hour
+    path: "/"
+  });
+}
+async function verifyTernIdToken(token) {
+  try {
+    const decodedToken = await adminAuth.verifyIdToken(token, true);
+    return { valid: true, uid: decodedToken.uid };
+  } catch (error) {
+    if (error instanceof Error) {
+      const firebaseError = error;
+      if (error.name === "FirebaseAuthError") {
+        switch (firebaseError.code) {
+          case "auth/id-token-expired":
+            return { valid: false, error: "Token has expired" };
+          case "auth/id-token-revoked":
+            return { valid: false, error: "Token has been revoked" };
+          case "auth/user-disabled":
+            return { valid: false, error: "User account has been disabled" };
+          default:
+            return { valid: false, error: "Invalid token" };
+        }
+      }
+    }
+    return { valid: false, error: "Error verifying token" };
+  }
+}
+async function verifyTernSessionCookie(session) {
+  try {
+    const res = await adminAuth.verifySessionCookie(session, true);
+    if (res) {
+      return { valid: true, uid: res.uid };
+    } else {
+      return { valid: false, error: "Invalid session" };
+    }
+  } catch (error) {
+    return { error, valid: false };
+  }
+}
+async function clearSessionCookie() {
+  var _a;
+  const cookieStore = await cookies();
+  cookieStore.delete("_session_cookie");
+  cookieStore.delete("_session_token");
+  cookieStore.delete("_session");
+  try {
+    const sessionCookie = (_a = cookieStore.get("_session_cookie")) == null ? void 0 : _a.value;
+    if (sessionCookie) {
+      const decodedClaims = await adminAuth.verifySessionCookie(sessionCookie);
+      await adminAuth.revokeRefreshTokens(decodedClaims.uid);
+    }
+    return { success: true, message: "Session cleared successfully" };
+  } catch (error) {
+    console.error("Error clearing session:", error);
+    return { success: true, message: "Session cookies cleared" };
+  }
+}
+export {
+  clearSessionCookie,
+  createSessionCookie,
+  getIdToken,
+  getServerSessionCookie,
+  setServerSession,
+  verifyTernIdToken,
+  verifyTernSessionCookie
+};
+//# sourceMappingURL=sessionTernSecure.js.map

package/dist/esm/app-router/server/sessionTernSecure.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../src/app-router/server/sessionTernSecure.ts"],"sourcesContent":["'use server'\n\nimport { cookies } from 'next/headers';\nimport { adminTernSecureAuth as adminAuth } from '../../utils/admin-init';\n\ninterface FirebaseAuthError extends Error {\n  code?: string;\n}\n\nexport interface User {\n    uid: string | null;\n    email: string | null;\n  }\n\nexport interface Session {\n    user: User | null;\n    token: string | null;\n    error: Error | null;\n}\n\nexport async function createSessionCookie(idToken: string) {\n  try {\n    const expiresIn = 60 * 60 * 24 * 5 * 1000;\n      const sessionCookie = await adminAuth.createSessionCookie(idToken, { expiresIn });\n\n      const cookieStore = await cookies();\n      cookieStore.set('_session_cookie', sessionCookie, {\n          maxAge: expiresIn,\n          httpOnly: true,\n          secure: process.env.NODE_ENV === 'production',\n          path: '/',\n      });\n      return { success: true, message: 'Session created' };\n  } catch (error) {\n      return { success: false, message: 'Failed to create session' };\n  }\n}\n\n\n\nexport async function getServerSessionCookie() {\n  const cookieStore = await cookies();\n  const sessionCookie = cookieStore.get('_session_cookie')?.value;\n\n  if (!sessionCookie) {\n    throw new Error('No session cookie found')\n  }\n    \n  try {\n    const decondeClaims = await adminAuth.verifySessionCookie(sessionCookie, true)\n    return {\n      token: sessionCookie,\n      userId: decondeClaims.uid\n    }\n  } catch (error) {\n    console.error('Error verifying session:', error)\n    throw new Error('Invalid Session')\n  }\n}\n\n\nexport async function getIdToken() {\n  const cookieStore = await cookies();\n  const token = cookieStore.get('_session_token')?.value;\n\n  if (!token) {\n    throw new Error('No session cookie found')\n  }\n    \n  try {\n    const decodedClaims = await adminAuth.verifyIdToken(token)\n    return {\n      token: token,\n      userId: decodedClaims.uid\n    }\n  } catch (error) {\n    console.error('Error verifying session:', error)\n    throw new Error('Invalid Session')\n  }\n}\n\nexport async function setServerSession(token: string) {\n    const cookieStore = await cookies();\n    cookieStore.set('_session', token, {\n      httpOnly: true,\n      secure: process.env.NODE_ENV === 'production',\n      sameSite: 'strict',\n      maxAge: 60 * 60, // 1 hour\n      path: '/',\n    });\n  }\n\n  export async function verifyTernIdToken(token: string): Promise<{ valid: boolean; uid?: string; error?: string }> {\n    try {\n      const decodedToken = await adminAuth.verifyIdToken(token, true);\n      return { valid: true, uid: decodedToken.uid };\n    } catch (error) {\n      if (error instanceof Error) {\n        const firebaseError = error as FirebaseAuthError;\n        if (error.name === 'FirebaseAuthError') {\n          // Handle specific Firebase Auth errors\n          switch (firebaseError.code) {\n            case 'auth/id-token-expired':\n              return { valid: false, error: 'Token has expired' };\n            case 'auth/id-token-revoked':\n              return { valid: false, error: 'Token has been revoked' };\n            case 'auth/user-disabled':\n              return { valid: false, error: 'User account has been disabled' };\n            default:\n              return { valid: false, error: 'Invalid token' };\n          }\n        }\n      }\n      return { valid: false, error: 'Error verifying token' };\n    }\n  }\n  \n\n  export async function verifyTernSessionCookie(session: string): Promise<{ valid: boolean; uid?: any; error?: any }>{\n    try {\n      const res = await adminAuth.verifySessionCookie(session, true);\n      if (res) {\n        return { valid: true, uid: res.uid };\n      } else {\n        return { valid: false, error: 'Invalid session'};\n      }\n    } catch (error) {\n      return {error: error, valid: false}\n    }\n  }\n\n\n  export async function clearSessionCookie() {\n    const cookieStore = await cookies()\n    \n    cookieStore.delete('_session_cookie')\n    cookieStore.delete('_session_token')\n    cookieStore.delete('_session')\n  \n    try {\n      // Verify if there's an active session before revoking\n      const sessionCookie = cookieStore.get('_session_cookie')?.value\n      if (sessionCookie) {\n        // Get the decoded claims to get the user's ID\n        const decodedClaims = await adminAuth.verifySessionCookie(sessionCookie)\n        \n        // Revoke all sessions for the user\n        await adminAuth.revokeRefreshTokens(decodedClaims.uid)\n      }\n      \n      return { success: true, message: 'Session cleared successfully' }\n    } catch (error) {\n      console.error('Error clearing session:', error)\n      // Still return success even if revoking fails, as cookies are cleared\n      return { success: true, message: 'Session cookies cleared' }\n    }\n  }\n\n\n\n/*\n  export async function GET(request: NextRequest) {\n    const cookieStore = await cookies();\n    const sessionCookie = cookieStore.get('session')?.value\n  \n    if (!sessionCookie) {\n      return NextResponse.json({ isAuthenticated: false }, { status: 401 })\n    }\n  \n    try {\n      const decodedClaims = await adminAuth.verifySessionCookie(sessionCookie, true)\n      return NextResponse.json({ isAuthenticated: true, user: decodedClaims }, { status: 200 })\n    } catch (error) {\n      console.error('Error verifying session cookie:', error)\n      return NextResponse.json({ isAuthenticated: false }, { status: 401 })\n    }\n  }\n\n*/"],"mappings":";AAEA,SAAS,eAAe;AACxB,SAAS,uBAAuB,iBAAiB;AAiBjD,eAAsB,oBAAoB,SAAiB;AACzD,MAAI;AACF,UAAM,YAAY,KAAK,KAAK,KAAK,IAAI;AACnC,UAAM,gBAAgB,MAAM,UAAU,oBAAoB,SAAS,EAAE,UAAU,CAAC;AAEhF,UAAM,cAAc,MAAM,QAAQ;AAClC,gBAAY,IAAI,mBAAmB,eAAe;AAAA,MAC9C,QAAQ;AAAA,MACR,UAAU;AAAA,MACV,QAAQ,QAAQ,IAAI,aAAa;AAAA,MACjC,MAAM;AAAA,IACV,CAAC;AACD,WAAO,EAAE,SAAS,MAAM,SAAS,kBAAkB;AAAA,EACvD,SAAS,OAAO;AACZ,WAAO,EAAE,SAAS,OAAO,SAAS,2BAA2B;AAAA,EACjE;AACF;AAIA,eAAsB,yBAAyB;AAxC/C;AAyCE,QAAM,cAAc,MAAM,QAAQ;AAClC,QAAM,iBAAgB,iBAAY,IAAI,iBAAiB,MAAjC,mBAAoC;AAE1D,MAAI,CAAC,eAAe;AAClB,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C;AAEA,MAAI;AACF,UAAM,gBAAgB,MAAM,UAAU,oBAAoB,eAAe,IAAI;AAC7E,WAAO;AAAA,MACL,OAAO;AAAA,MACP,QAAQ,cAAc;AAAA,IACxB;AAAA,EACF,SAAS,OAAO;AACd,YAAQ,MAAM,4BAA4B,KAAK;AAC/C,UAAM,IAAI,MAAM,iBAAiB;AAAA,EACnC;AACF;AAGA,eAAsB,aAAa;AA7DnC;AA8DE,QAAM,cAAc,MAAM,QAAQ;AAClC,QAAM,SAAQ,iBAAY,IAAI,gBAAgB,MAAhC,mBAAmC;AAEjD,MAAI,CAAC,OAAO;AACV,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C;AAEA,MAAI;AACF,UAAM,gBAAgB,MAAM,UAAU,cAAc,KAAK;AACzD,WAAO;AAAA,MACL;AAAA,MACA,QAAQ,cAAc;AAAA,IACxB;AAAA,EACF,SAAS,OAAO;AACd,YAAQ,MAAM,4BAA4B,KAAK;AAC/C,UAAM,IAAI,MAAM,iBAAiB;AAAA,EACnC;AACF;AAEA,eAAsB,iBAAiB,OAAe;AAClD,QAAM,cAAc,MAAM,QAAQ;AAClC,cAAY,IAAI,YAAY,OAAO;AAAA,IACjC,UAAU;AAAA,IACV,QAAQ,QAAQ,IAAI,aAAa;AAAA,IACjC,UAAU;AAAA,IACV,QAAQ,KAAK;AAAA;AAAA,IACb,MAAM;AAAA,EACR,CAAC;AACH;AAEA,eAAsB,kBAAkB,OAA0E;AAChH,MAAI;AACF,UAAM,eAAe,MAAM,UAAU,cAAc,OAAO,IAAI;AAC9D,WAAO,EAAE,OAAO,MAAM,KAAK,aAAa,IAAI;AAAA,EAC9C,SAAS,OAAO;AACd,QAAI,iBAAiB,OAAO;AAC1B,YAAM,gBAAgB;AACtB,UAAI,MAAM,SAAS,qBAAqB;AAEtC,gBAAQ,cAAc,MAAM;AAAA,UAC1B,KAAK;AACH,mBAAO,EAAE,OAAO,OAAO,OAAO,oBAAoB;AAAA,UACpD,KAAK;AACH,mBAAO,EAAE,OAAO,OAAO,OAAO,yBAAyB;AAAA,UACzD,KAAK;AACH,mBAAO,EAAE,OAAO,OAAO,OAAO,iCAAiC;AAAA,UACjE;AACE,mBAAO,EAAE,OAAO,OAAO,OAAO,gBAAgB;AAAA,QAClD;AAAA,MACF;AAAA,IACF;AACA,WAAO,EAAE,OAAO,OAAO,OAAO,wBAAwB;AAAA,EACxD;AACF;AAGA,eAAsB,wBAAwB,SAAqE;AACjH,MAAI;AACF,UAAM,MAAM,MAAM,UAAU,oBAAoB,SAAS,IAAI;AAC7D,QAAI,KAAK;AACP,aAAO,EAAE,OAAO,MAAM,KAAK,IAAI,IAAI;AAAA,IACrC,OAAO;AACL,aAAO,EAAE,OAAO,OAAO,OAAO,kBAAiB;AAAA,IACjD;AAAA,EACF,SAAS,OAAO;AACd,WAAO,EAAC,OAAc,OAAO,MAAK;AAAA,EACpC;AACF;AAGA,eAAsB,qBAAqB;AApI7C;AAqII,QAAM,cAAc,MAAM,QAAQ;AAElC,cAAY,OAAO,iBAAiB;AACpC,cAAY,OAAO,gBAAgB;AACnC,cAAY,OAAO,UAAU;AAE7B,MAAI;AAEF,UAAM,iBAAgB,iBAAY,IAAI,iBAAiB,MAAjC,mBAAoC;AAC1D,QAAI,eAAe;AAEjB,YAAM,gBAAgB,MAAM,UAAU,oBAAoB,aAAa;AAGvE,YAAM,UAAU,oBAAoB,cAAc,GAAG;AAAA,IACvD;AAEA,WAAO,EAAE,SAAS,MAAM,SAAS,+BAA+B;AAAA,EAClE,SAAS,OAAO;AACd,YAAQ,MAAM,2BAA2B,KAAK;AAE9C,WAAO,EAAE,SAAS,MAAM,SAAS,0BAA0B;AAAA,EAC7D;AACF;","names":[]}

package/dist/esm/app-router/server/ternSecureMiddleware.js

@@ -0,0 +1,26 @@
+import { NextResponse } from "next/server";
+import { auth } from "./auth";
+function ternSecureMiddleware(options = {}) {
+  const { publicPaths = [], redirectTo = "/login" } = options;
+  return async function middleware(request) {
+    const { pathname } = request.nextUrl;
+    if (publicPaths.includes(pathname)) {
+      return NextResponse.next();
+    }
+    try {
+      const { userId, token, error } = await auth();
+      if (error || !userId || !token) {
+        return NextResponse.redirect(new URL(redirectTo, request.url));
+      }
+      const response = NextResponse.next();
+      return response;
+    } catch (error) {
+      console.error("Error in ternSecureMiddleware:", error);
+      return NextResponse.redirect(new URL(redirectTo, request.url));
+    }
+  };
+}
+export {
+  ternSecureMiddleware
+};
+//# sourceMappingURL=ternSecureMiddleware.js.map

package/dist/esm/app-router/server/ternSecureMiddleware.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../src/app-router/server/ternSecureMiddleware.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\nimport { auth } from './auth';\n\nexport interface TernSecureMiddlewareOptions {\n  publicPaths?: string[];\n  redirectTo?: string;\n}\n\nexport function ternSecureMiddleware(options: TernSecureMiddlewareOptions = {}) {\n  const { publicPaths = [], redirectTo = '/login' } = options;\n\n  return async function middleware(request: NextRequest) {\n    const { pathname } = request.nextUrl;\n\n    // Check if the path is public\n    if (publicPaths.includes(pathname)) {\n      return NextResponse.next();\n    }\n\n    try {\n      const { userId, token, error } = await auth();\n\n      if (error || !userId || !token) {\n        // If there's no valid session, redirect to login\n        return NextResponse.redirect(new URL(redirectTo, request.url));\n      }\n\n      // If there's a valid session, allow the request to proceed\n      const response = NextResponse.next();\n      \n      // Optionally, you can set headers here if needed\n      // response.headers.set('X-User-ID', userId);\n\n      return response;\n    } catch (error) {\n      console.error('Error in ternSecureMiddleware:', error);\n      return NextResponse.redirect(new URL(redirectTo, request.url));\n    }\n  };\n}\n\n"],"mappings":"AAAA,SAAsB,oBAAoB;AAC1C,SAAS,YAAY;AAOd,SAAS,qBAAqB,UAAuC,CAAC,GAAG;AAC9E,QAAM,EAAE,cAAc,CAAC,GAAG,aAAa,SAAS,IAAI;AAEpD,SAAO,eAAe,WAAW,SAAsB;AACrD,UAAM,EAAE,SAAS,IAAI,QAAQ;AAG7B,QAAI,YAAY,SAAS,QAAQ,GAAG;AAClC,aAAO,aAAa,KAAK;AAAA,IAC3B;AAEA,QAAI;AACF,YAAM,EAAE,QAAQ,OAAO,MAAM,IAAI,MAAM,KAAK;AAE5C,UAAI,SAAS,CAAC,UAAU,CAAC,OAAO;AAE9B,eAAO,aAAa,SAAS,IAAI,IAAI,YAAY,QAAQ,GAAG,CAAC;AAAA,MAC/D;AAGA,YAAM,WAAW,aAAa,KAAK;AAKnC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,cAAQ,MAAM,kCAAkC,KAAK;AACrD,aAAO,aAAa,SAAS,IAAI,IAAI,YAAY,QAAQ,GAAG,CAAC;AAAA,IAC/D;AAAA,EACF;AACF;","names":[]}

package/dist/esm/boundary/TernSecureClientProvider.js

@@ -0,0 +1,83 @@
+"use client";
+import { jsx } from "react/jsx-runtime";
+import { useState, useEffect, useMemo, useCallback } from "react";
+import { ternSecureAuth } from "../utils/client-init";
+import { onAuthStateChanged } from "firebase/auth";
+import { TernSecureCtx } from "./TernSecureCtx";
+import { useRouter } from "next/navigation";
+function TernSecureClientProvider({
+  children,
+  loginPath = "/sign-in",
+  loadingComponent
+}) {
+  const auth = useMemo(() => ternSecureAuth, []);
+  const router = useRouter();
+  const [authState, setAuthState] = useState(() => ({
+    userId: null,
+    isLoaded: false,
+    error: null,
+    isValid: false,
+    token: null,
+    email: null
+  }));
+  const handleSignOut = useCallback(async (error) => {
+    await auth.signOut();
+    setAuthState({
+      isLoaded: true,
+      userId: null,
+      error: error || null,
+      isValid: false,
+      token: null,
+      email: null
+    });
+    router.push(loginPath);
+  }, [auth, router, loginPath]);
+  const setEmail = useCallback((email) => {
+    setAuthState((prev) => ({
+      ...prev,
+      email
+    }));
+  }, []);
+  useEffect(() => {
+    const unsubscribe = onAuthStateChanged(auth, async (user) => {
+      if (user) {
+        setAuthState({
+          isLoaded: true,
+          userId: user.uid,
+          isValid: true,
+          token: user.getIdToken(),
+          error: null,
+          email: user.email
+        });
+      } else {
+        setAuthState({
+          isLoaded: true,
+          userId: null,
+          isValid: false,
+          token: null,
+          error: new Error("User is not authenticated"),
+          email: null
+        });
+        if (!window.location.pathname.includes("/sign-up")) {
+          router.push(loginPath);
+        }
+      }
+    }, (error) => {
+      handleSignOut(error instanceof Error ? error : new Error("Authentication error occurred"));
+    });
+    return () => unsubscribe();
+  }, [auth, handleSignOut, router, loginPath]);
+  const contextValue = useMemo(() => ({
+    ...authState,
+    signOut: handleSignOut,
+    setEmail
+  }), [authState, auth, handleSignOut, setEmail]);
+  if (!authState.isLoaded) {
+    return /* @__PURE__ */ jsx(TernSecureCtx.Provider, { value: contextValue, children: loadingComponent || /* @__PURE__ */ jsx("div", { "aria-live": "polite", "aria-busy": "true", children: /* @__PURE__ */ jsx("span", { className: "sr-only", children: "Loading authentication state..." }) }) });
+  }
+  return /* @__PURE__ */ jsx(TernSecureCtx.Provider, { value: contextValue, children });
+}
+export {
+  TernSecureClientProvider
+};
+//# sourceMappingURL=TernSecureClientProvider.js.map

package/dist/esm/boundary/TernSecureClientProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/boundary/TernSecureClientProvider.tsx"],"sourcesContent":["\"use client\"\n\nimport React, { useState, useEffect, useMemo, useCallback } from 'react'\nimport { ternSecureAuth } from '../utils/client-init'\nimport { onAuthStateChanged, User } from \"firebase/auth\"\nimport { TernSecureCtx, TernSecureCtxValue, TernSecureState } from './TernSecureCtx'\nimport { useRouter } from 'next/navigation'\n\ninterface TernSecureClientProviderProps {\n  children: React.ReactNode;\n  onUserChanged?: (user: User | null) => Promise<void>;\n  loginPath?: string;\n  loadingComponent?: React.ReactNode;\n}\n\nexport function TernSecureClientProvider({ \n  children, \n  loginPath = '/sign-in',\n  loadingComponent\n}: TernSecureClientProviderProps) {\n  const auth = useMemo(() => ternSecureAuth, []);\n  const router = useRouter();\n  const [authState, setAuthState] = useState<TernSecureState>(() => ({\n    userId: null,\n    isLoaded: false,\n    error: null,\n    isValid: false,\n    token: null,\n    email: null\n  }));\n\n  const handleSignOut = useCallback(async (error?: Error) => {\n    await auth.signOut();\n    setAuthState({\n      isLoaded: true,\n      userId: null,\n      error: error || null,\n      isValid: false,\n      token: null,\n      email: null\n    });\n    router.push(loginPath);\n  }, [auth, router, loginPath]);\n\n  const setEmail = useCallback((email: string) => {\n    setAuthState((prev) => ({\n      ...prev,\n      email,\n    }))\n  }, [])\n\nuseEffect(() => {\n    const unsubscribe = onAuthStateChanged(auth, async (user: User | null) => {\n      if (user) {\n        setAuthState({\n          isLoaded: true,\n          userId: user.uid,\n          isValid: true,\n          token: user.getIdToken(),\n          error: null,\n          email: user.email,\n        })\n      } else {\n        setAuthState({\n          isLoaded: true,\n          userId: null,\n          isValid: false,\n          token: null,\n          error: new Error('User is not authenticated'),\n          email: null\n        })\n        if (!window.location.pathname.includes(\"/sign-up\")) {\n          router.push(loginPath)\n        }\n      }\n    }, (error) => {\n      handleSignOut(error instanceof Error ? error : new Error('Authentication error occurred'));\n    })\n    \n    return () => unsubscribe()\n  }, [auth, handleSignOut, router, loginPath])\n\n  const contextValue: TernSecureCtxValue = useMemo(() => ({\n    ...authState,\n    signOut: handleSignOut,\n    setEmail\n  }), [authState, auth, handleSignOut, setEmail]);\n\n  if (!authState.isLoaded) {\n    return (\n      <TernSecureCtx.Provider value={contextValue}>\n        {loadingComponent || (\n          <div aria-live=\"polite\" aria-busy=\"true\">\n            <span className=\"sr-only\">Loading authentication state...</span>\n          </div>\n        )}\n      </TernSecureCtx.Provider>\n    );\n  }\n\n  return (\n      <TernSecureCtx.Provider value={contextValue}>\n       {children}\n      </TernSecureCtx.Provider>\n  )\n}"],"mappings":";AA6FY;AA3FZ,SAAgB,UAAU,WAAW,SAAS,mBAAmB;AACjE,SAAS,sBAAsB;AAC/B,SAAS,0BAAgC;AACzC,SAAS,qBAA0D;AACnE,SAAS,iBAAiB;AASnB,SAAS,yBAAyB;AAAA,EACvC;AAAA,EACA,YAAY;AAAA,EACZ;AACF,GAAkC;AAChC,QAAM,OAAO,QAAQ,MAAM,gBAAgB,CAAC,CAAC;AAC7C,QAAM,SAAS,UAAU;AACzB,QAAM,CAAC,WAAW,YAAY,IAAI,SAA0B,OAAO;AAAA,IACjE,QAAQ;AAAA,IACR,UAAU;AAAA,IACV,OAAO;AAAA,IACP,SAAS;AAAA,IACT,OAAO;AAAA,IACP,OAAO;AAAA,EACT,EAAE;AAEF,QAAM,gBAAgB,YAAY,OAAO,UAAkB;AACzD,UAAM,KAAK,QAAQ;AACnB,iBAAa;AAAA,MACX,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,OAAO,SAAS;AAAA,MAChB,SAAS;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,IACT,CAAC;AACD,WAAO,KAAK,SAAS;AAAA,EACvB,GAAG,CAAC,MAAM,QAAQ,SAAS,CAAC;AAE5B,QAAM,WAAW,YAAY,CAAC,UAAkB;AAC9C,iBAAa,CAAC,UAAU;AAAA,MACtB,GAAG;AAAA,MACH;AAAA,IACF,EAAE;AAAA,EACJ,GAAG,CAAC,CAAC;AAEP,YAAU,MAAM;AACZ,UAAM,cAAc,mBAAmB,MAAM,OAAO,SAAsB;AACxE,UAAI,MAAM;AACR,qBAAa;AAAA,UACX,UAAU;AAAA,UACV,QAAQ,KAAK;AAAA,UACb,SAAS;AAAA,UACT,OAAO,KAAK,WAAW;AAAA,UACvB,OAAO;AAAA,UACP,OAAO,KAAK;AAAA,QACd,CAAC;AAAA,MACH,OAAO;AACL,qBAAa;AAAA,UACX,UAAU;AAAA,UACV,QAAQ;AAAA,UACR,SAAS;AAAA,UACT,OAAO;AAAA,UACP,OAAO,IAAI,MAAM,2BAA2B;AAAA,UAC5C,OAAO;AAAA,QACT,CAAC;AACD,YAAI,CAAC,OAAO,SAAS,SAAS,SAAS,UAAU,GAAG;AAClD,iBAAO,KAAK,SAAS;AAAA,QACvB;AAAA,MACF;AAAA,IACF,GAAG,CAAC,UAAU;AACZ,oBAAc,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,+BAA+B,CAAC;AAAA,IAC3F,CAAC;AAED,WAAO,MAAM,YAAY;AAAA,EAC3B,GAAG,CAAC,MAAM,eAAe,QAAQ,SAAS,CAAC;AAE3C,QAAM,eAAmC,QAAQ,OAAO;AAAA,IACtD,GAAG;AAAA,IACH,SAAS;AAAA,IACT;AAAA,EACF,IAAI,CAAC,WAAW,MAAM,eAAe,QAAQ,CAAC;AAE9C,MAAI,CAAC,UAAU,UAAU;AACvB,WACE,oBAAC,cAAc,UAAd,EAAuB,OAAO,cAC5B,8BACC,oBAAC,SAAI,aAAU,UAAS,aAAU,QAChC,8BAAC,UAAK,WAAU,WAAU,6CAA+B,GAC3D,GAEJ;AAAA,EAEJ;AAEA,SACI,oBAAC,cAAc,UAAd,EAAuB,OAAO,cAC7B,UACF;AAEN;","names":[]}

package/dist/esm/boundary/TernSecureCtx.js

@@ -0,0 +1,23 @@
+"use client";
+import { createContext, useContext } from "react";
+import { ternSecureAuth } from "../utils/client-init";
+const TernSecureUser = () => {
+  return ternSecureAuth.currentUser;
+};
+const TernSecureCtx = createContext(null);
+TernSecureCtx.displayName = "TernSecureCtx";
+const useTernSecure = (hookName) => {
+  const context = useContext(TernSecureCtx);
+  if (!context) {
+    throw new Error(
+      `${hookName} must be used within TernSecureProvider`
+    );
+  }
+  return context;
+};
+export {
+  TernSecureCtx,
+  TernSecureUser,
+  useTernSecure
+};
+//# sourceMappingURL=TernSecureCtx.js.map

package/dist/esm/boundary/TernSecureCtx.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/boundary/TernSecureCtx.tsx"],"sourcesContent":["\"use client\"\n\nimport { createContext, useContext } from 'react'\nimport { ternSecureAuth } from '../utils/client-init';\nimport { User } from 'firebase/auth';\n\nexport const TernSecureUser = (): User | null => {\n  return ternSecureAuth.currentUser;\n}\n\nexport interface TernSecureState {\n  userId: string | null\n  isLoaded: boolean\n  error: Error | null\n  isValid: boolean\n  token: any | null\n  email: string | null\n}\n\nexport interface TernSecureCtxValue extends TernSecureState {\n signOut: () => Promise<void>\n setEmail: (email: string) => void\n}\n\nexport const TernSecureCtx = createContext<TernSecureCtxValue | null>(null)\n\nTernSecureCtx.displayName = 'TernSecureCtx'\n\nexport const useTernSecure = (hookName: string) => {\n  const context = useContext(TernSecureCtx)\n  \n  if (!context) {\n    throw new Error(\n      `${hookName} must be used within TernSecureProvider`\n    )\n  }\n\n  return context\n}\n\n"],"mappings":";AAEA,SAAS,eAAe,kBAAkB;AAC1C,SAAS,sBAAsB;AAGxB,MAAM,iBAAiB,MAAmB;AAC/C,SAAO,eAAe;AACxB;AAgBO,MAAM,gBAAgB,cAAyC,IAAI;AAE1E,cAAc,cAAc;AAErB,MAAM,gBAAgB,CAAC,aAAqB;AACjD,QAAM,UAAU,WAAW,aAAa;AAExC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI;AAAA,MACR,GAAG,QAAQ;AAAA,IACb;AAAA,EACF;AAEA,SAAO;AACT;","names":[]}

package/dist/esm/boundary/hooks/useAuth.js

@@ -0,0 +1,27 @@
+"use client";
+import { useTernSecure } from "../TernSecureCtx";
+import { TernSecureUser } from "../TernSecureCtx";
+function useAuth() {
+  const {
+    userId,
+    isLoaded,
+    error,
+    isValid,
+    token,
+    signOut
+  } = useTernSecure("useAuth");
+  const user = TernSecureUser();
+  return {
+    user,
+    userId,
+    isLoaded,
+    error,
+    isAuthenticated: isValid,
+    token,
+    signOut
+  };
+}
+export {
+  useAuth
+};
+//# sourceMappingURL=useAuth.js.map

package/dist/esm/boundary/hooks/useAuth.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../src/boundary/hooks/useAuth.ts"],"sourcesContent":["\"use client\"\n\nimport { useTernSecure } from '../TernSecureCtx'\nimport {  User } from 'firebase/auth'\nimport { TernSecureUser } from '../TernSecureCtx'\n\nexport function useAuth() {\n  const {\n    userId,\n    isLoaded,\n    error,\n    isValid,\n    token,\n    signOut\n  } = useTernSecure('useAuth')\n\n  const user: User | null = TernSecureUser()\n\n  return {\n    user,\n    userId,\n    isLoaded,\n    error,\n    isAuthenticated: isValid,\n    token,\n    signOut\n  }\n}\n"],"mappings":";AAEA,SAAS,qBAAqB;AAE9B,SAAS,sBAAsB;AAExB,SAAS,UAAU;AACxB,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI,cAAc,SAAS;AAE3B,QAAM,OAAoB,eAAe;AAEzC,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,iBAAiB;AAAA,IACjB;AAAA,IACA;AAAA,EACF;AACF;","names":[]}