@tern-secure/nextjs 3.4.3 → 4.1.0

package/dist/cjs/app-router/client/TernSecureProvider.js

@@ -23,8 +23,23 @@ __export(TernSecureProvider_exports, {
 module.exports = __toCommonJS(TernSecureProvider_exports);
 var import_jsx_runtime = require("react/jsx-runtime");
 var import_TernSecureClientProvider = require("../../boundary/TernSecureClientProvider");
-async function TernSecureProvider({ children }) {
-  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_TernSecureClientProvider.TernSecureClientProvider, { children });
+async function TernSecureProvider({
+  children,
+  requiresVerification = true,
+  loginPath,
+  signUpPath,
+  loadingComponent
+}) {
+  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(
+    import_TernSecureClientProvider.TernSecureClientProvider,
+    {
+      requiresVerification,
+      loginPath,
+      signUpPath,
+      loadingComponent,
+      children
+    }
+  );
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/cjs/app-router/client/TernSecureProvider.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/app-router/client/TernSecureProvider.tsx"],"sourcesContent":["import React from \"react\"\nimport { TernSecureClientProvider } from \"../../boundary/TernSecureClientProvider\"\n\n\n// Loading fallback component\n/*function TernSecureLoadingFallback() {\n  return (\n    <div>\n      <span className=\"sr-only\">Loading...</span>\n    </div>\n  )\n}*/\n/**\n * Root Provider for TernSecure\n * Use this in your Next.js App Router root layout\n * Automatically handles client/server boundary and authentication state\n * \n * @example\n * /// app/layout.tsx\n * import { TernSecureProvider } from '@tern/secure'\n * \n * export default function RootLayout({ children }) {\n *   return (\n *     <html>\n *       <body>\n *         <TernSecureProvider>\n *           {children}\n *         </TernSecureProvider>\n *       </body>\n *     </html>\n *   )\n * }\n */\nexport async function TernSecureProvider({ children }: { children: React.ReactNode }) {\n  return (\n    <TernSecureClientProvider>\n        {children}\n    </TernSecureClientProvider>\n  )\n}"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAmCI;AAlCJ,sCAAyC;AAgCzC,eAAsB,mBAAmB,EAAE,SAAS,GAAkC;AACpF,SACE,4CAAC,4DACI,UACL;AAEJ;","names":[]}
+{"version":3,"sources":["../../../../src/app-router/client/TernSecureProvider.tsx"],"sourcesContent":["import React from \"react\"\nimport { TernSecureClientProvider } from \"../../boundary/TernSecureClientProvider\"\n\n\n/**\n * Configuration options for TernSecure authentication\n */\nexport interface TernSecureConfig {\n  /** Whether email verification is required (defaults to true) */\n  requiresVerification?: boolean\n  /** Custom path for login page (defaults to /sign-in) */\n  loginPath?: string\n  /** Custom path for signup page (defaults to /sign-up) */\n  signUpPath?: string\n  /** Custom loading component */\n  loadingComponent?: React.ReactNode\n}\n\n// Loading fallback component\n/*function TernSecureLoadingFallback() {\n  return (\n    <div>\n      <span className=\"sr-only\">Loading...</span>\n    </div>\n  )\n}*/\n/**\n * Root Provider for TernSecure\n * Use this in your Next.js App Router root layout\n * Automatically handles client/server boundary and authentication state\n * \n * @example\n * /// app/layout.tsx\n * import { TernSecureProvider } from '@tern/secure'\n * \n * export default function RootLayout({ children }) {\n *   return (\n *     <html>\n *       <body>\n *         <TernSecureProvider>\n *           {children}\n *         </TernSecureProvider>\n *       </body>\n *     </html>\n *   )\n * }\n */\nexport async function TernSecureProvider({ \n  children,\n  requiresVerification = true,\n  loginPath,\n  signUpPath,\n  loadingComponent,\n }: React.PropsWithChildren<TernSecureConfig>) {\n  return (\n    <TernSecureClientProvider\n      requiresVerification={requiresVerification}\n      loginPath={loginPath}\n      signUpPath={signUpPath}\n      loadingComponent={loadingComponent}\n    >\n        {children}\n    </TernSecureClientProvider>\n  )\n}"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAuDI;AAtDJ,sCAAyC;AA8CzC,eAAsB,mBAAmB;AAAA,EACvC;AAAA,EACA,uBAAuB;AAAA,EACvB;AAAA,EACA;AAAA,EACA;AACD,GAA8C;AAC7C,SACE;AAAA,IAAC;AAAA;AAAA,MACC;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MAEG;AAAA;AAAA,EACL;AAEJ;","names":[]}

package/dist/cjs/app-router/client/actions.js

@@ -28,7 +28,7 @@ __export(actions_exports, {
 module.exports = __toCommonJS(actions_exports);
 var import_client_init = require("../../utils/client-init");
 var import_auth = require("firebase/auth");
-var import_sessionTernSecure = require("../server/sessionTernSecure");
+var import_errors = require("../../errors");
 async function createUser(email, password) {
   const auth = (0, import_client_init.TernSecureAuth)();
   try {
@@ -38,43 +38,40 @@ async function createUser(email, password) {
     };
     const userCredential = await (0, import_auth.createUserWithEmailAndPassword)(auth, email, password);
     await (0, import_auth.sendEmailVerification)(userCredential.user, actionCodeSettings);
-    return { success: true, message: "Account created successfully.", user: userCredential.user };
+    return {
+      success: true,
+      message: "Account created successfully. Please check your email for verification",
+      user: userCredential.user
+    };
   } catch (error) {
-    if (error instanceof Error) {
-      switch (error.message) {
-        case "auth/too-many-requests":
-          throw new Error("Too many attempts. Please try again later.");
-        case "auth/network-request-failed":
-          throw new Error("Network disconnected. Please try again later.");
-        case "auth/email-already-in-use":
-          throw new Error("Email is already registered.");
-        case "auth/invalid-email":
-          throw new Error("Invalid email address.");
-        case "auth/operation-not-allowed":
-          throw new Error("Email/password accounts are not enabled.");
-        case "auth/weak-password":
-          throw new Error("Password is too weak.");
-        default:
-          throw new Error(error.message);
-      }
-    }
-    throw new Error("Failed to create account");
+    const authError = (0, import_errors.handleFirebaseAuthError)(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 async function signInWithEmail(email, password) {
   const auth = (0, import_client_init.TernSecureAuth)();
   try {
     const UserCredential = await (0, import_auth.signInWithEmailAndPassword)(auth, email, password);
-    const idToken = await UserCredential.user.getIdToken();
-    const res = await (0, import_sessionTernSecure.createSessionCookie)(idToken);
-    if (res.success) {
-      return { success: true, message: "Connected." };
-    } else {
-      throw new Error(res.message);
-    }
+    const user = UserCredential.user;
+    return {
+      success: true,
+      message: "Authentication successful",
+      user,
+      error: !user.emailVerified ? "REQUIRES_VERIFICATION" : "AUTHENTICATED"
+    };
   } catch (error) {
-    const errorMessage = error instanceof Error ? error.message : "Failed to sign in";
-    throw new Error(errorMessage);
+    const authError = (0, import_errors.handleFirebaseAuthError)(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 async function signInWithRedirectGoogle() {
@@ -88,8 +85,13 @@ async function signInWithRedirectGoogle() {
     await (0, import_auth.signInWithRedirect)(auth, provider);
     return { success: true, message: "Redirect initiated" };
   } catch (error) {
-    console.error("Error during Google sign-in:", error);
-    return { success: false, error: "Failed to sign in with Google" };
+    const authError = (0, import_errors.handleFirebaseAuthError)(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 async function signInWithMicrosoft() {
@@ -102,8 +104,13 @@ async function signInWithMicrosoft() {
     await (0, import_auth.signInWithRedirect)(auth, provider);
     return { success: true, message: "Redirect initiated" };
   } catch (error) {
-    console.error("Error during Google sign-in:", error);
-    return { success: false, error: "Failed to sign in with Google" };
+    const authError = (0, import_errors.handleFirebaseAuthError)(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 async function handleAuthRedirectResult() {
@@ -117,8 +124,13 @@ async function handleAuthRedirectResult() {
       return { success: false, error: "No redirect result" };
     }
   } catch (error) {
-    console.error("Error handling auth redirect result:", error);
-    return { success: false, error: error.message || "Failed to handle auth redirect", code: error.code };
+    const authError = (0, import_errors.handleFirebaseAuthError)(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 async function resendEmailVerification() {
@@ -147,25 +159,13 @@ async function resendEmailVerification() {
       isVerified: false
     };
   } catch (error) {
-    if (error instanceof Error) {
-      switch (error.message) {
-        case "auth/too-many-requests":
-          throw new Error("Too many attempts. Please try again later.");
-        case "auth/network-request-failed":
-          throw new Error("Network disconnected. Please try again later.");
-        case "auth/email-already-in-use":
-          throw new Error("Email is already registered.");
-        case "auth/invalid-email":
-          throw new Error("Invalid email address.");
-        case "auth/operation-not-allowed":
-          throw new Error("Email/password accounts are not enabled.");
-        case "auth/weak-password":
-          throw new Error("Password is too weak.");
-        default:
-          throw new Error(error.message);
-      }
-    }
-    throw new Error("Failed to resend verification email.");
+    const authError = (0, import_errors.handleFirebaseAuthError)(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 // Annotate the CommonJS export names for ESM import in node:

package/dist/cjs/app-router/client/actions.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/app-router/client/actions.ts"],"sourcesContent":["import { TernSecureAuth } from '../../utils/client-init'\nimport { signInWithEmailAndPassword, signInWithRedirect, getRedirectResult, GoogleAuthProvider, OAuthProvider, createUserWithEmailAndPassword, sendEmailVerification } from 'firebase/auth'\nimport { createSessionCookie } from '../server/sessionTernSecure'\n\nexport async function createUser(email: string, password: string) {\n  const auth = TernSecureAuth()\n  try {\n    \n    const actionCodeSettings = {\n      url: `${window.location.origin}/sign-in`,\n      handleCodeInApp: true\n    };\n\n    const userCredential = await createUserWithEmailAndPassword(auth, email, password);\n\n    await sendEmailVerification(userCredential.user, actionCodeSettings)\n    \n    return { success: true, message: 'Account created successfully.', user: userCredential.user };\n\n  } catch (error) {\n    // Handle specific Firebase auth errors\n    if (error instanceof Error) {\n      switch (error.message) {\n        case 'auth/too-many-requests':\n          throw new Error('Too many attempts. Please try again later.');\n        case 'auth/network-request-failed':\n            throw new Error('Network disconnected. Please try again later.');\n        case 'auth/email-already-in-use':\n          throw new Error('Email is already registered.');\n        case 'auth/invalid-email':\n          throw new Error('Invalid email address.');\n        case 'auth/operation-not-allowed':\n          throw new Error('Email/password accounts are not enabled.');\n        case 'auth/weak-password':\n          throw new Error('Password is too weak.');\n        default:\n          throw new Error(error.message);\n      }\n    }\n    throw new Error('Failed to create account');\n  }\n}\n\n\nexport async function signInWithEmail(email: string, password: string){\n  const auth = TernSecureAuth()\n  try {\n  const UserCredential = await signInWithEmailAndPassword(auth, email, password)\n  const idToken = await UserCredential.user.getIdToken();\n\n  const res = await createSessionCookie(idToken);\n\n  if(res.success) {\n    return { success: true, message: 'Connected.' };\n  } else {\n    throw new Error(res.message);\n  }\n} catch (error){\n  const errorMessage = error instanceof Error ? error.message : 'Failed to sign in';\n  throw new Error(errorMessage);\n}\n} \n\nexport async function signInWithRedirectGoogle() {\n  const auth = TernSecureAuth()\n  const provider = new GoogleAuthProvider()\n  provider.setCustomParameters({\n    login_hint: 'user@example.com',\n    prompt: 'select_account'\n  })\n\n  try {\n    await signInWithRedirect(auth, provider)\n    return { success: true, message: 'Redirect initiated' }\n  } catch (error) {\n    console.error('Error during Google sign-in:', error)\n    return { success: false, error: 'Failed to sign in with Google' }\n  }\n}\n\n\nexport async function signInWithMicrosoft() {\n  const auth = TernSecureAuth()\n  const provider = new OAuthProvider('microsoft.com')\n  provider.setCustomParameters({\n    prompt: 'consent'\n  })\n\n  try {\n    await signInWithRedirect(auth, provider)\n    return { success: true, message: 'Redirect initiated' }\n  } catch (error) {\n    console.error('Error during Google sign-in:', error)\n    return { success: false, error: 'Failed to sign in with Google' }\n  }\n}\n\n\nexport async function handleAuthRedirectResult() {\n  const auth = TernSecureAuth()\n  try {\n    const result = await getRedirectResult(auth)\n    if (result) {\n      const user = result.user\n      return { success: true, user }\n    } else {\n      return { success: false, error: 'No redirect result' }\n    }\n  } catch (error: any) {\n    console.error('Error handling auth redirect result:', error)\n    return { success: false, error: error.message || 'Failed to handle auth redirect', code: error.code }\n  }\n}\n\n\nexport async function resendEmailVerification() {\n  const auth = TernSecureAuth()\n  try {\n    const user = auth.currentUser;\n    if (!user) {\n      throw new Error('No user found. Please try signing up again.');\n    }\n\n    await user.reload();\n\n    if (user.emailVerified) {\n      return { \n        success: true, \n        message: 'Email is already verified. You can sign in.',\n        isVerified: true \n      };\n    }\n\n    const actionCodeSettings = {\n      url: `${window.location.origin}/sign-in`,\n      handleCodeInApp: true,\n    };\n\n    await sendEmailVerification(user, actionCodeSettings);\n    return { \n      success: true, \n      message: 'Verification email sent successfully.',\n      isVerified: false\n     };\n    } catch (error) {\n      if (error instanceof Error) {\n        switch (error.message) {\n          case 'auth/too-many-requests':\n            throw new Error('Too many attempts. Please try again later.');\n          case 'auth/network-request-failed':\n              throw new Error('Network disconnected. Please try again later.');\n          case 'auth/email-already-in-use':\n            throw new Error('Email is already registered.');\n          case 'auth/invalid-email':\n            throw new Error('Invalid email address.');\n          case 'auth/operation-not-allowed':\n            throw new Error('Email/password accounts are not enabled.');\n          case 'auth/weak-password':\n            throw new Error('Password is too weak.');\n          default:\n            throw new Error(error.message);\n        }\n      }\n      throw new Error('Failed to resend verification email.');\n    }\n}"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,yBAA+B;AAC/B,kBAA4K;AAC5K,+BAAoC;AAEpC,eAAsB,WAAW,OAAe,UAAkB;AAChE,QAAM,WAAO,mCAAe;AAC5B,MAAI;AAEF,UAAM,qBAAqB;AAAA,MACzB,KAAK,GAAG,OAAO,SAAS,MAAM;AAAA,MAC9B,iBAAiB;AAAA,IACnB;AAEA,UAAM,iBAAiB,UAAM,4CAA+B,MAAM,OAAO,QAAQ;AAEjF,cAAM,mCAAsB,eAAe,MAAM,kBAAkB;AAEnE,WAAO,EAAE,SAAS,MAAM,SAAS,iCAAiC,MAAM,eAAe,KAAK;AAAA,EAE9F,SAAS,OAAO;AAEd,QAAI,iBAAiB,OAAO;AAC1B,cAAQ,MAAM,SAAS;AAAA,QACrB,KAAK;AACH,gBAAM,IAAI,MAAM,4CAA4C;AAAA,QAC9D,KAAK;AACD,gBAAM,IAAI,MAAM,+CAA+C;AAAA,QACnE,KAAK;AACH,gBAAM,IAAI,MAAM,8BAA8B;AAAA,QAChD,KAAK;AACH,gBAAM,IAAI,MAAM,wBAAwB;AAAA,QAC1C,KAAK;AACH,gBAAM,IAAI,MAAM,0CAA0C;AAAA,QAC5D,KAAK;AACH,gBAAM,IAAI,MAAM,uBAAuB;AAAA,QACzC;AACE,gBAAM,IAAI,MAAM,MAAM,OAAO;AAAA,MACjC;AAAA,IACF;AACA,UAAM,IAAI,MAAM,0BAA0B;AAAA,EAC5C;AACF;AAGA,eAAsB,gBAAgB,OAAe,UAAiB;AACpE,QAAM,WAAO,mCAAe;AAC5B,MAAI;AACJ,UAAM,iBAAiB,UAAM,wCAA2B,MAAM,OAAO,QAAQ;AAC7E,UAAM,UAAU,MAAM,eAAe,KAAK,WAAW;AAErD,UAAM,MAAM,UAAM,8CAAoB,OAAO;AAE7C,QAAG,IAAI,SAAS;AACd,aAAO,EAAE,SAAS,MAAM,SAAS,aAAa;AAAA,IAChD,OAAO;AACL,YAAM,IAAI,MAAM,IAAI,OAAO;AAAA,IAC7B;AAAA,EACF,SAAS,OAAM;AACb,UAAM,eAAe,iBAAiB,QAAQ,MAAM,UAAU;AAC9D,UAAM,IAAI,MAAM,YAAY;AAAA,EAC9B;AACA;AAEA,eAAsB,2BAA2B;AAC/C,QAAM,WAAO,mCAAe;AAC5B,QAAM,WAAW,IAAI,+BAAmB;AACxC,WAAS,oBAAoB;AAAA,IAC3B,YAAY;AAAA,IACZ,QAAQ;AAAA,EACV,CAAC;AAED,MAAI;AACF,cAAM,gCAAmB,MAAM,QAAQ;AACvC,WAAO,EAAE,SAAS,MAAM,SAAS,qBAAqB;AAAA,EACxD,SAAS,OAAO;AACd,YAAQ,MAAM,gCAAgC,KAAK;AACnD,WAAO,EAAE,SAAS,OAAO,OAAO,gCAAgC;AAAA,EAClE;AACF;AAGA,eAAsB,sBAAsB;AAC1C,QAAM,WAAO,mCAAe;AAC5B,QAAM,WAAW,IAAI,0BAAc,eAAe;AAClD,WAAS,oBAAoB;AAAA,IAC3B,QAAQ;AAAA,EACV,CAAC;AAED,MAAI;AACF,cAAM,gCAAmB,MAAM,QAAQ;AACvC,WAAO,EAAE,SAAS,MAAM,SAAS,qBAAqB;AAAA,EACxD,SAAS,OAAO;AACd,YAAQ,MAAM,gCAAgC,KAAK;AACnD,WAAO,EAAE,SAAS,OAAO,OAAO,gCAAgC;AAAA,EAClE;AACF;AAGA,eAAsB,2BAA2B;AAC/C,QAAM,WAAO,mCAAe;AAC5B,MAAI;AACF,UAAM,SAAS,UAAM,+BAAkB,IAAI;AAC3C,QAAI,QAAQ;AACV,YAAM,OAAO,OAAO;AACpB,aAAO,EAAE,SAAS,MAAM,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,EAAE,SAAS,OAAO,OAAO,qBAAqB;AAAA,IACvD;AAAA,EACF,SAAS,OAAY;AACnB,YAAQ,MAAM,wCAAwC,KAAK;AAC3D,WAAO,EAAE,SAAS,OAAO,OAAO,MAAM,WAAW,kCAAkC,MAAM,MAAM,KAAK;AAAA,EACtG;AACF;AAGA,eAAsB,0BAA0B;AAC9C,QAAM,WAAO,mCAAe;AAC5B,MAAI;AACF,UAAM,OAAO,KAAK;AAClB,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,MAAM,6CAA6C;AAAA,IAC/D;AAEA,UAAM,KAAK,OAAO;AAElB,QAAI,KAAK,eAAe;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS;AAAA,QACT,YAAY;AAAA,MACd;AAAA,IACF;AAEA,UAAM,qBAAqB;AAAA,MACzB,KAAK,GAAG,OAAO,SAAS,MAAM;AAAA,MAC9B,iBAAiB;AAAA,IACnB;AAEA,cAAM,mCAAsB,MAAM,kBAAkB;AACpD,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS;AAAA,MACT,YAAY;AAAA,IACb;AAAA,EACD,SAAS,OAAO;AACd,QAAI,iBAAiB,OAAO;AAC1B,cAAQ,MAAM,SAAS;AAAA,QACrB,KAAK;AACH,gBAAM,IAAI,MAAM,4CAA4C;AAAA,QAC9D,KAAK;AACD,gBAAM,IAAI,MAAM,+CAA+C;AAAA,QACnE,KAAK;AACH,gBAAM,IAAI,MAAM,8BAA8B;AAAA,QAChD,KAAK;AACH,gBAAM,IAAI,MAAM,wBAAwB;AAAA,QAC1C,KAAK;AACH,gBAAM,IAAI,MAAM,0CAA0C;AAAA,QAC5D,KAAK;AACH,gBAAM,IAAI,MAAM,uBAAuB;AAAA,QACzC;AACE,gBAAM,IAAI,MAAM,MAAM,OAAO;AAAA,MACjC;AAAA,IACF;AACA,UAAM,IAAI,MAAM,sCAAsC;AAAA,EACxD;AACJ;","names":[]}
+{"version":3,"sources":["../../../../src/app-router/client/actions.ts"],"sourcesContent":["import { TernSecureAuth } from '../../utils/client-init'\nimport { \n  signInWithEmailAndPassword, \n  signInWithRedirect, \n  getRedirectResult, \n  GoogleAuthProvider, \n  OAuthProvider, \n  createUserWithEmailAndPassword, \n  sendEmailVerification } from 'firebase/auth'\nimport type { SignInResponse } from '../../types'\nimport { handleFirebaseAuthError } from '../../errors'\n\n\nexport async function createUser(email: string, password: string): Promise<SignInResponse> {\n  const auth = TernSecureAuth()\n  try {\n    \n    const actionCodeSettings = {\n      url: `${window.location.origin}/sign-in`,\n      handleCodeInApp: true\n    };\n\n    const userCredential = await createUserWithEmailAndPassword(auth, email, password);\n\n    await sendEmailVerification(userCredential.user, actionCodeSettings)\n    \n    return { \n      success: true, \n      message: 'Account created successfully. Please check your email for verification', \n      user: userCredential.user \n    };\n\n  } catch (error) {\n    const authError = handleFirebaseAuthError(error)\n    return { \n      success: false, \n      message: authError.message, \n      error: authError.code,\n      user: null\n     }\n  }\n}\n\n\nexport async function signInWithEmail(email: string, password: string): Promise<SignInResponse> {\n  const auth = TernSecureAuth()\n  try {\n  const UserCredential = await signInWithEmailAndPassword(auth, email, password)\n  const user = UserCredential.user\n  \n  return { \n    success: true, \n    message: 'Authentication successful',\n    user: user,\n    error: !user.emailVerified ? 'REQUIRES_VERIFICATION' : 'AUTHENTICATED'\n  };\n\n} catch (error){\n  const authError = handleFirebaseAuthError(error)\n  return { \n    success: false,\n    message: authError.message,\n    error: authError.code,\n    user: null\n  }\n}\n}\n\nexport async function signInWithRedirectGoogle() {\n  const auth = TernSecureAuth()\n  const provider = new GoogleAuthProvider()\n  provider.setCustomParameters({\n    login_hint: 'user@example.com',\n    prompt: 'select_account'\n  })\n\n  try {\n    await signInWithRedirect(auth, provider)\n    return { success: true, message: 'Redirect initiated' }\n  } catch (error) {\n    const authError = handleFirebaseAuthError(error)\n    return {\n      success: false,\n      message: authError.message,\n      error: authError.code,\n      user: null\n    }\n  }\n}\n\n\nexport async function signInWithMicrosoft() {\n  const auth = TernSecureAuth()\n  const provider = new OAuthProvider('microsoft.com')\n  provider.setCustomParameters({\n    prompt: 'consent'\n  })\n\n  try {\n    await signInWithRedirect(auth, provider)\n    return { success: true, message: 'Redirect initiated' }\n  } catch (error) {\n    const authError = handleFirebaseAuthError(error)\n    return {\n      success: false, \n      message: authError.message,\n      error: authError.code,\n      user: null\n    }\n  }\n}\n\n\nexport async function handleAuthRedirectResult() {\n  const auth = TernSecureAuth()\n  try {\n    const result = await getRedirectResult(auth)\n    if (result) {\n      const user = result.user\n      return { success: true, user }\n    } else {\n      return { success: false, error: 'No redirect result' }\n    }\n  } catch (error: any) {\n    const authError = handleFirebaseAuthError(error)\n    return {\n      success: false,\n      message: authError.message,\n      error: authError.code,\n      user: null\n    }\n  }\n}\n\n\nexport async function resendEmailVerification() {\n  const auth = TernSecureAuth()\n  try {\n    const user = auth.currentUser;\n    if (!user) {\n      throw new Error('No user found. Please try signing up again.');\n    }\n\n    await user.reload();\n\n    if (user.emailVerified) {\n      return { \n        success: true, \n        message: 'Email is already verified. You can sign in.',\n        isVerified: true \n      };\n    }\n\n    const actionCodeSettings = {\n      url: `${window.location.origin}/sign-in`,\n      handleCodeInApp: true,\n    };\n\n    await sendEmailVerification(user, actionCodeSettings);\n    return { \n      success: true, \n      message: 'Verification email sent successfully.',\n      isVerified: false\n     };\n    } catch (error) {\n      const authError = handleFirebaseAuthError(error)\n      return {\n        success: false,\n        message: authError.message,\n        error: authError.code,\n        user: null\n      }\n    }\n}"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,yBAA+B;AAC/B,kBAO+B;AAE/B,oBAAwC;AAGxC,eAAsB,WAAW,OAAe,UAA2C;AACzF,QAAM,WAAO,mCAAe;AAC5B,MAAI;AAEF,UAAM,qBAAqB;AAAA,MACzB,KAAK,GAAG,OAAO,SAAS,MAAM;AAAA,MAC9B,iBAAiB;AAAA,IACnB;AAEA,UAAM,iBAAiB,UAAM,4CAA+B,MAAM,OAAO,QAAQ;AAEjF,cAAM,mCAAsB,eAAe,MAAM,kBAAkB;AAEnE,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS;AAAA,MACT,MAAM,eAAe;AAAA,IACvB;AAAA,EAEF,SAAS,OAAO;AACd,UAAM,gBAAY,uCAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACP;AAAA,EACH;AACF;AAGA,eAAsB,gBAAgB,OAAe,UAA2C;AAC9F,QAAM,WAAO,mCAAe;AAC5B,MAAI;AACJ,UAAM,iBAAiB,UAAM,wCAA2B,MAAM,OAAO,QAAQ;AAC7E,UAAM,OAAO,eAAe;AAE5B,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS;AAAA,MACT;AAAA,MACA,OAAO,CAAC,KAAK,gBAAgB,0BAA0B;AAAA,IACzD;AAAA,EAEF,SAAS,OAAM;AACb,UAAM,gBAAY,uCAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACR;AAAA,EACF;AACA;AAEA,eAAsB,2BAA2B;AAC/C,QAAM,WAAO,mCAAe;AAC5B,QAAM,WAAW,IAAI,+BAAmB;AACxC,WAAS,oBAAoB;AAAA,IAC3B,YAAY;AAAA,IACZ,QAAQ;AAAA,EACV,CAAC;AAED,MAAI;AACF,cAAM,gCAAmB,MAAM,QAAQ;AACvC,WAAO,EAAE,SAAS,MAAM,SAAS,qBAAqB;AAAA,EACxD,SAAS,OAAO;AACd,UAAM,gBAAY,uCAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACR;AAAA,EACF;AACF;AAGA,eAAsB,sBAAsB;AAC1C,QAAM,WAAO,mCAAe;AAC5B,QAAM,WAAW,IAAI,0BAAc,eAAe;AAClD,WAAS,oBAAoB;AAAA,IAC3B,QAAQ;AAAA,EACV,CAAC;AAED,MAAI;AACF,cAAM,gCAAmB,MAAM,QAAQ;AACvC,WAAO,EAAE,SAAS,MAAM,SAAS,qBAAqB;AAAA,EACxD,SAAS,OAAO;AACd,UAAM,gBAAY,uCAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACR;AAAA,EACF;AACF;AAGA,eAAsB,2BAA2B;AAC/C,QAAM,WAAO,mCAAe;AAC5B,MAAI;AACF,UAAM,SAAS,UAAM,+BAAkB,IAAI;AAC3C,QAAI,QAAQ;AACV,YAAM,OAAO,OAAO;AACpB,aAAO,EAAE,SAAS,MAAM,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,EAAE,SAAS,OAAO,OAAO,qBAAqB;AAAA,IACvD;AAAA,EACF,SAAS,OAAY;AACnB,UAAM,gBAAY,uCAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACR;AAAA,EACF;AACF;AAGA,eAAsB,0BAA0B;AAC9C,QAAM,WAAO,mCAAe;AAC5B,MAAI;AACF,UAAM,OAAO,KAAK;AAClB,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,MAAM,6CAA6C;AAAA,IAC/D;AAEA,UAAM,KAAK,OAAO;AAElB,QAAI,KAAK,eAAe;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS;AAAA,QACT,YAAY;AAAA,MACd;AAAA,IACF;AAEA,UAAM,qBAAqB;AAAA,MACzB,KAAK,GAAG,OAAO,SAAS,MAAM;AAAA,MAC9B,iBAAiB;AAAA,IACnB;AAEA,cAAM,mCAAsB,MAAM,kBAAkB;AACpD,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS;AAAA,MACT,YAAY;AAAA,IACb;AAAA,EACD,SAAS,OAAO;AACd,UAAM,gBAAY,uCAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACR;AAAA,EACF;AACJ;","names":[]}

package/dist/cjs/app-router/route-handler/internal-route.js

@@ -19,16 +19,32 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var internal_route_exports = {};
 __export(internal_route_exports, {
   handleInternalRoute: () => handleInternalRoute,
-  internalRoutes: () => internalRoutes
+  internalRoutes: () => internalRoutes,
+  isAuthRoute: () => isAuthRoute,
+  isBaseAuthRoute: () => isBaseAuthRoute,
+  isInternalRoute: () => isInternalRoute
 });
 module.exports = __toCommonJS(internal_route_exports);
 var import_verify = require("../../components/verify");
 const internalRoutes = {
-  verify: {
+  signUpVerify: {
     pattern: /^\/sign-up\/verify$/,
     component: import_verify.Verify
+  },
+  signInVerify: {
+    pattern: /^\/sign-in\/verify$/,
+    component: import_verify.Verify
   }
 };
+function isInternalRoute(pathname) {
+  return Object.values(internalRoutes).some((route) => route.pattern.test(pathname));
+}
+function isAuthRoute(pathname) {
+  return pathname.startsWith("/sign-in") || pathname.startsWith("/sign-up");
+}
+function isBaseAuthRoute(pathname) {
+  return pathname === "/sign-in" || pathname === "/sign-up";
+}
 function handleInternalRoute(pathname) {
   for (const [key, route] of Object.entries(internalRoutes)) {
     if (route.pattern.test(pathname)) {
@@ -40,6 +56,9 @@ function handleInternalRoute(pathname) {
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   handleInternalRoute,
-  internalRoutes
+  internalRoutes,
+  isAuthRoute,
+  isBaseAuthRoute,
+  isInternalRoute
 });
 //# sourceMappingURL=internal-route.js.map

package/dist/cjs/app-router/route-handler/internal-route.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/app-router/route-handler/internal-route.tsx"],"sourcesContent":["import { Verify } from \"../../components/verify\"\n\n// Internal route mapping\nexport const internalRoutes = {\n  verify: {\n    pattern: /^\\/sign-up\\/verify$/,\n    component: Verify,\n  },\n}\n\n// Internal route handler\nexport function handleInternalRoute(pathname: string) {\n  for (const [key, route] of Object.entries(internalRoutes)) {\n    if (route.pattern.test(pathname)) {\n      return route.component\n    }\n  }\n  return null\n}\n\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAAuB;AAGhB,MAAM,iBAAiB;AAAA,EAC5B,QAAQ;AAAA,IACN,SAAS;AAAA,IACT,WAAW;AAAA,EACb;AACF;AAGO,SAAS,oBAAoB,UAAkB;AACpD,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,cAAc,GAAG;AACzD,QAAI,MAAM,QAAQ,KAAK,QAAQ,GAAG;AAChC,aAAO,MAAM;AAAA,IACf;AAAA,EACF;AACA,SAAO;AACT;","names":[]}
+{"version":3,"sources":["../../../../src/app-router/route-handler/internal-route.tsx"],"sourcesContent":["import { Verify } from \"../../components/verify\"\n\n// Internal route mapping\nexport const internalRoutes = {\n  signUpVerify: {\n    pattern: /^\\/sign-up\\/verify$/,\n    component: Verify,\n  },\n  signInVerify: {\n    pattern: /^\\/sign-in\\/verify$/,\n    component: Verify,\n  },\n}\n\n// Check if path is an internal route\nexport function isInternalRoute(pathname: string): boolean {\n  return Object.values(internalRoutes).some((route) => route.pattern.test(pathname))\n}\n\n// Check if path is within auth routes\nexport function isAuthRoute(pathname: string): boolean {\n  return pathname.startsWith(\"/sign-in\") || pathname.startsWith(\"/sign-up\")\n}\n\n// Check if path is exactly the base auth route\nexport function isBaseAuthRoute(pathname: string): boolean {\n  return pathname === \"/sign-in\" || pathname === \"/sign-up\"\n}\n\n// Internal route handler\nexport function handleInternalRoute(pathname: string) {\n  for (const [key, route] of Object.entries(internalRoutes)) {\n    if (route.pattern.test(pathname)) {\n      return route.component\n    }\n  }\n  return null\n}"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAAuB;AAGhB,MAAM,iBAAiB;AAAA,EAC5B,cAAc;AAAA,IACZ,SAAS;AAAA,IACT,WAAW;AAAA,EACb;AAAA,EACA,cAAc;AAAA,IACZ,SAAS;AAAA,IACT,WAAW;AAAA,EACb;AACF;AAGO,SAAS,gBAAgB,UAA2B;AACzD,SAAO,OAAO,OAAO,cAAc,EAAE,KAAK,CAAC,UAAU,MAAM,QAAQ,KAAK,QAAQ,CAAC;AACnF;AAGO,SAAS,YAAY,UAA2B;AACrD,SAAO,SAAS,WAAW,UAAU,KAAK,SAAS,WAAW,UAAU;AAC1E;AAGO,SAAS,gBAAgB,UAA2B;AACzD,SAAO,aAAa,cAAc,aAAa;AACjD;AAGO,SAAS,oBAAoB,UAAkB;AACpD,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,cAAc,GAAG;AACzD,QAAI,MAAM,QAAQ,KAAK,QAAQ,GAAG;AAChC,aAAO,MAAM;AAAA,IACf;AAAA,EACF;AACA,SAAO;AACT;","names":[]}

package/dist/cjs/boundary/TernSecureClientProvider.js

@@ -28,22 +28,79 @@ var import_client_init = require("../utils/client-init");
 var import_auth = require("firebase/auth");
 var import_TernSecureCtx = require("./TernSecureCtx");
 var import_navigation = require("next/navigation");
+var import_internal_route = require("../app-router/route-handler/internal-route");
+var import_construct = require("../utils/construct");
 function TernSecureClientProvider({
   children,
-  loginPath = "/sign-in",
-  loadingComponent
+  loginPath = process.env.NEXT_PUBLIC_SIGN_IN_PATH || "/sign-in",
+  signUpPath = process.env.NEXT_PUBLIC_SIGN_UP_PATH || "/sign-up",
+  loadingComponent,
+  requiresVerification
 }) {
   const auth = (0, import_react.useMemo)(() => import_client_init.ternSecureAuth, []);
   const router = (0, import_navigation.useRouter)();
+  const pathname = (0, import_navigation.usePathname)();
+  const [isRedirecting, setIsRedirecting] = (0, import_react.useState)(false);
   const [authState, setAuthState] = (0, import_react.useState)(() => ({
     userId: null,
     isLoaded: false,
     error: null,
     isValid: false,
+    isVerified: false,
+    isAuthenticated: false,
     token: null,
-    email: null
+    email: null,
+    status: "loading",
+    requiresVerification
   }));
+  const constructUrlWithRedirect = (0, import_react.useCallback)(
+    (loginPath2, currentPath, loginPathParam, signUpPathParam) => {
+      const baseUrl = window.location.origin;
+      const signInUrl = new URL(loginPath2, baseUrl);
+      if (!currentPath.includes(loginPathParam) && !currentPath.includes(signUpPathParam)) {
+        signInUrl.searchParams.set("redirect", currentPath);
+      }
+      return signInUrl.toString();
+    },
+    []
+  );
+  const shouldRedirect = (0, import_react.useCallback)(
+    (pathname2, isVerified) => {
+      const searchParams = new URLSearchParams(window.location.search);
+      if ((0, import_internal_route.isBaseAuthRoute)(pathname2) && !searchParams.has("redirect")) {
+        return false;
+      }
+      if ((0, import_internal_route.isInternalRoute)(pathname2)) {
+        return false;
+      }
+      if ((0, import_internal_route.isAuthRoute)(pathname2) && (!requiresVerification || isVerified)) {
+        return false;
+      }
+      return true;
+    },
+    [requiresVerification]
+  );
+  const redirectToLogin = (0, import_react.useCallback)(
+    (currentPath) => {
+      const path = currentPath || pathname || "/";
+      if ((0, import_internal_route.isInternalRoute)(path)) {
+        return;
+      }
+      if ((0, import_construct.hasRedirectLoop)(path, loginPath)) {
+        return;
+      }
+      setIsRedirecting(true);
+      const loginUrl = constructUrlWithRedirect(loginPath, path, loginPath, signUpPath);
+      if (process.env.NODE_ENV === "production") {
+        window.location.href = loginUrl;
+      } else {
+        router.push(loginUrl);
+      }
+    },
+    [router, loginPath, signUpPath, pathname, constructUrlWithRedirect]
+  );
   const handleSignOut = (0, import_react.useCallback)(async (error) => {
+    const currentPath = window.location.pathname;
     await auth.signOut();
     setAuthState({
       isLoaded: true,
@@ -51,50 +108,126 @@ function TernSecureClientProvider({
       error: error || null,
       isValid: false,
       token: null,
-      email: null
+      email: null,
+      isVerified: false,
+      isAuthenticated: false,
+      status: "unauthenticated",
+      requiresVerification
     });
-    router.push(loginPath);
-  }, [auth, router, loginPath]);
+    redirectToLogin(currentPath);
+  }, [auth, redirectToLogin, requiresVerification]);
   const setEmail = (0, import_react.useCallback)((email) => {
     setAuthState((prev) => ({
       ...prev,
       email
     }));
   }, []);
+  const getAuthError = (0, import_react.useCallback)(() => {
+    if (authState.error) {
+      const error = authState.error;
+      return {
+        success: false,
+        message: error.message,
+        error: error.code,
+        user: null
+      };
+    }
+    if (authState.requiresVerification && authState.isValid && !authState.isVerified) {
+      return {
+        success: false,
+        message: "Email verification required",
+        error: "EMAIL_NOT_VERIFIED",
+        user: null
+      };
+    }
+    if (!authState.isAuthenticated && authState.status !== "loading") {
+      return {
+        success: false,
+        message: "User is not authenticated",
+        error: "AUTHENTICATED",
+        user: null
+      };
+    }
+    return {
+      success: true,
+      user: import_client_init.ternSecureAuth.currentUser
+    };
+  }, [
+    authState.error,
+    authState.isValid,
+    authState.isVerified,
+    authState.isAuthenticated,
+    authState.status,
+    authState.requiresVerification
+  ]);
   (0, import_react.useEffect)(() => {
-    const unsubscribe = (0, import_auth.onAuthStateChanged)(auth, async (user) => {
-      if (user) {
-        setAuthState({
-          isLoaded: true,
-          userId: user.uid,
-          isValid: true,
-          token: user.getIdToken(),
-          error: null,
-          email: user.email
-        });
-      } else {
-        setAuthState({
-          isLoaded: true,
-          userId: null,
-          isValid: false,
-          token: null,
-          error: new Error("User is not authenticated"),
-          email: null
-        });
-        if (!window.location.pathname.includes("/sign-up")) {
-          router.push(loginPath);
+    let mounted = true;
+    let initialLoad = true;
+    const unsubscribe = (0, import_auth.onAuthStateChanged)(
+      auth,
+      async (user) => {
+        if (!mounted) return;
+        try {
+          if (user) {
+            const isValid = !!user.uid;
+            const isVerified = user.emailVerified;
+            const isAuthenticated = isValid && (!requiresVerification || isVerified);
+            setAuthState({
+              isLoaded: true,
+              userId: user.uid,
+              isValid,
+              isVerified,
+              isAuthenticated: isValid && isVerified,
+              token: user.getIdToken(),
+              error: null,
+              email: user.email,
+              status: isAuthenticated ? "authenticated" : "unverified",
+              requiresVerification
+            });
+            if (requiresVerification && !isVerified && shouldRedirect(pathname || "", isVerified)) {
+              if (initialLoad || !isRedirecting) {
+                redirectToLogin(pathname);
+              }
+            }
+          } else {
+            setAuthState({
+              isLoaded: true,
+              userId: null,
+              isValid: false,
+              isVerified: false,
+              isAuthenticated: false,
+              token: null,
+              error: null,
+              email: null,
+              status: "unauthenticated",
+              requiresVerification
+            });
+            if (shouldRedirect(pathname || "", false) && initialLoad) {
+              redirectToLogin();
+            }
+          }
+        } catch (error) {
+          console.error("Auth state change error:", error);
+          if (mounted) {
+            handleSignOut(error instanceof Error ? error : new Error("Authentication error occurred"));
+          }
+        } finally {
+          initialLoad = false;
         }
       }
-    }, (error) => {
-      handleSignOut(error instanceof Error ? error : new Error("Authentication error occurred"));
-    });
-    return () => unsubscribe();
-  }, [auth, handleSignOut, router, loginPath]);
+    );
+    return () => {
+      mounted = false;
+      unsubscribe();
+    };
+  }, [auth, handleSignOut, redirectToLogin, requiresVerification, pathname, isRedirecting, shouldRedirect]);
   const contextValue = (0, import_react.useMemo)(() => ({
     ...authState,
     signOut: handleSignOut,
-    setEmail
-  }), [authState, auth, handleSignOut, setEmail]);
+    setEmail,
+    getAuthError,
+    redirectToLogin
+  }), [authState, handleSignOut, setEmail, getAuthError, redirectToLogin]);
   if (!authState.isLoaded) {
     return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_TernSecureCtx.TernSecureCtx.Provider, { value: contextValue, children: loadingComponent || /* @__PURE__ */ (0, import_jsx_runtime.jsx)("div", { "aria-live": "polite", "aria-busy": "true", children: /* @__PURE__ */ (0, import_jsx_runtime.jsx)("span", { className: "sr-only", children: "Loading authentication state..." }) }) });
   }

package/dist/cjs/boundary/TernSecureClientProvider.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/boundary/TernSecureClientProvider.tsx"],"sourcesContent":["\"use client\"\n\nimport React, { useState, useEffect, useMemo, useCallback } from 'react'\nimport { ternSecureAuth } from '../utils/client-init'\nimport { onAuthStateChanged, User } from \"firebase/auth\"\nimport { TernSecureCtx, TernSecureCtxValue, TernSecureState } from './TernSecureCtx'\nimport { useRouter } from 'next/navigation'\n\ninterface TernSecureClientProviderProps {\n  children: React.ReactNode;\n  onUserChanged?: (user: User | null) => Promise<void>;\n  loginPath?: string;\n  loadingComponent?: React.ReactNode;\n}\n\nexport function TernSecureClientProvider({ \n  children, \n  loginPath = '/sign-in',\n  loadingComponent\n}: TernSecureClientProviderProps) {\n  const auth = useMemo(() => ternSecureAuth, []);\n  const router = useRouter();\n  const [authState, setAuthState] = useState<TernSecureState>(() => ({\n    userId: null,\n    isLoaded: false,\n    error: null,\n    isValid: false,\n    token: null,\n    email: null\n  }));\n\n  const handleSignOut = useCallback(async (error?: Error) => {\n    await auth.signOut();\n    setAuthState({\n      isLoaded: true,\n      userId: null,\n      error: error || null,\n      isValid: false,\n      token: null,\n      email: null\n    });\n    router.push(loginPath);\n  }, [auth, router, loginPath]);\n\n  const setEmail = useCallback((email: string) => {\n    setAuthState((prev) => ({\n      ...prev,\n      email,\n    }))\n  }, [])\n\nuseEffect(() => {\n    const unsubscribe = onAuthStateChanged(auth, async (user: User | null) => {\n      if (user) {\n        setAuthState({\n          isLoaded: true,\n          userId: user.uid,\n          isValid: true,\n          token: user.getIdToken(),\n          error: null,\n          email: user.email,\n        })\n      } else {\n        setAuthState({\n          isLoaded: true,\n          userId: null,\n          isValid: false,\n          token: null,\n          error: new Error('User is not authenticated'),\n          email: null\n        })\n        if (!window.location.pathname.includes(\"/sign-up\")) {\n          router.push(loginPath)\n        }\n      }\n    }, (error) => {\n      handleSignOut(error instanceof Error ? error : new Error('Authentication error occurred'));\n    })\n    \n    return () => unsubscribe()\n  }, [auth, handleSignOut, router, loginPath])\n\n  const contextValue: TernSecureCtxValue = useMemo(() => ({\n    ...authState,\n    signOut: handleSignOut,\n    setEmail\n  }), [authState, auth, handleSignOut, setEmail]);\n\n  if (!authState.isLoaded) {\n    return (\n      <TernSecureCtx.Provider value={contextValue}>\n        {loadingComponent || (\n          <div aria-live=\"polite\" aria-busy=\"true\">\n            <span className=\"sr-only\">Loading authentication state...</span>\n          </div>\n        )}\n      </TernSecureCtx.Provider>\n    );\n  }\n\n  return (\n      <TernSecureCtx.Provider value={contextValue}>\n       {children}\n      </TernSecureCtx.Provider>\n  )\n}"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AA6FY;AA3FZ,mBAAiE;AACjE,yBAA+B;AAC/B,kBAAyC;AACzC,2BAAmE;AACnE,wBAA0B;AASnB,SAAS,yBAAyB;AAAA,EACvC;AAAA,EACA,YAAY;AAAA,EACZ;AACF,GAAkC;AAChC,QAAM,WAAO,sBAAQ,MAAM,mCAAgB,CAAC,CAAC;AAC7C,QAAM,aAAS,6BAAU;AACzB,QAAM,CAAC,WAAW,YAAY,QAAI,uBAA0B,OAAO;AAAA,IACjE,QAAQ;AAAA,IACR,UAAU;AAAA,IACV,OAAO;AAAA,IACP,SAAS;AAAA,IACT,OAAO;AAAA,IACP,OAAO;AAAA,EACT,EAAE;AAEF,QAAM,oBAAgB,0BAAY,OAAO,UAAkB;AACzD,UAAM,KAAK,QAAQ;AACnB,iBAAa;AAAA,MACX,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,OAAO,SAAS;AAAA,MAChB,SAAS;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,IACT,CAAC;AACD,WAAO,KAAK,SAAS;AAAA,EACvB,GAAG,CAAC,MAAM,QAAQ,SAAS,CAAC;AAE5B,QAAM,eAAW,0BAAY,CAAC,UAAkB;AAC9C,iBAAa,CAAC,UAAU;AAAA,MACtB,GAAG;AAAA,MACH;AAAA,IACF,EAAE;AAAA,EACJ,GAAG,CAAC,CAAC;AAEP,8BAAU,MAAM;AACZ,UAAM,kBAAc,gCAAmB,MAAM,OAAO,SAAsB;AACxE,UAAI,MAAM;AACR,qBAAa;AAAA,UACX,UAAU;AAAA,UACV,QAAQ,KAAK;AAAA,UACb,SAAS;AAAA,UACT,OAAO,KAAK,WAAW;AAAA,UACvB,OAAO;AAAA,UACP,OAAO,KAAK;AAAA,QACd,CAAC;AAAA,MACH,OAAO;AACL,qBAAa;AAAA,UACX,UAAU;AAAA,UACV,QAAQ;AAAA,UACR,SAAS;AAAA,UACT,OAAO;AAAA,UACP,OAAO,IAAI,MAAM,2BAA2B;AAAA,UAC5C,OAAO;AAAA,QACT,CAAC;AACD,YAAI,CAAC,OAAO,SAAS,SAAS,SAAS,UAAU,GAAG;AAClD,iBAAO,KAAK,SAAS;AAAA,QACvB;AAAA,MACF;AAAA,IACF,GAAG,CAAC,UAAU;AACZ,oBAAc,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,+BAA+B,CAAC;AAAA,IAC3F,CAAC;AAED,WAAO,MAAM,YAAY;AAAA,EAC3B,GAAG,CAAC,MAAM,eAAe,QAAQ,SAAS,CAAC;AAE3C,QAAM,mBAAmC,sBAAQ,OAAO;AAAA,IACtD,GAAG;AAAA,IACH,SAAS;AAAA,IACT;AAAA,EACF,IAAI,CAAC,WAAW,MAAM,eAAe,QAAQ,CAAC;AAE9C,MAAI,CAAC,UAAU,UAAU;AACvB,WACE,4CAAC,mCAAc,UAAd,EAAuB,OAAO,cAC5B,8BACC,4CAAC,SAAI,aAAU,UAAS,aAAU,QAChC,sDAAC,UAAK,WAAU,WAAU,6CAA+B,GAC3D,GAEJ;AAAA,EAEJ;AAEA,SACI,4CAAC,mCAAc,UAAd,EAAuB,OAAO,cAC7B,UACF;AAEN;","names":[]}
+{"version":3,"sources":["../../../src/boundary/TernSecureClientProvider.tsx"],"sourcesContent":["\"use client\"\n\nimport React, { useState, useEffect, useMemo, useCallback } from 'react'\nimport { ternSecureAuth } from '../utils/client-init'\nimport { onAuthStateChanged, User } from \"firebase/auth\"\nimport { TernSecureCtx, TernSecureCtxValue } from './TernSecureCtx'\nimport type { TernSecureState, AuthError, SignInResponse } from \"../types\"\nimport type { ERRORS } from '../errors'\nimport { useRouter, usePathname } from 'next/navigation'\nimport { isBaseAuthRoute, isInternalRoute, isAuthRoute} from '../app-router/route-handler/internal-route'\nimport { hasRedirectLoop } from '../utils/construct'\n\n\n\n/**\n * @internal\n * Internal provider props - not meant for direct usage\n */\ninterface TernSecureClientProviderProps {\n  children: React.ReactNode\n  /** Callback when user state changes */\n  onUserChanged?: (user: User | null) => Promise<void>\n  /** Login page path */\n  loginPath?: string\n  /** Signup page path */\n  signUpPath?: string\n  /** Custom loading component */\n  loadingComponent?: React.ReactNode\n  /** Whether email verification is required */\n  requiresVerification: boolean\n}\n\n/**\n * @internal\n * Internal provider component that handles authentication state\n * This is wrapped by the public TernSecureProvider\n */\n\nexport function TernSecureClientProvider({ \n  children, \n  loginPath = process.env.NEXT_PUBLIC_SIGN_IN_PATH || '/sign-in',\n  signUpPath = process.env.NEXT_PUBLIC_SIGN_UP_PATH || '/sign-up',\n  loadingComponent,\n  requiresVerification,\n}: TernSecureClientProviderProps) {\n  const auth = useMemo(() => ternSecureAuth, []);\n  const router = useRouter();\n  const pathname = usePathname() // Get current pathname\n  const [isRedirecting, setIsRedirecting] = useState(false)\n\n  const [authState, setAuthState] = useState<TernSecureState>(() => ({\n    userId: null,\n    isLoaded: false,\n    error: null,\n    isValid: false,\n    isVerified: false,\n    isAuthenticated: false,\n    token: null,\n    email: null,\n    status: \"loading\",\n    requiresVerification,\n  }));\n\n  const constructUrlWithRedirect = useCallback(\n    (loginPath: string, currentPath: string, loginPathParam: string, signUpPathParam: string): string => {\n      const baseUrl = window.location.origin\n      const signInUrl = new URL(loginPath, baseUrl)\n\n      // Only add redirect if not already on login or signup page\n      if (!currentPath.includes(loginPathParam) && !currentPath.includes(signUpPathParam)) {\n        signInUrl.searchParams.set(\"redirect\", currentPath)\n      }\n      return signInUrl.toString()\n    },\n    [],\n  )\n\n\n  const shouldRedirect = useCallback(\n    (pathname: string, isVerified: boolean) => {\n      // Get current search params\n      const searchParams = new URLSearchParams(window.location.search)\n\n      // Don't redirect if we're on the base sign-in page with no redirect param\n      if (isBaseAuthRoute(pathname) && !searchParams.has(\"redirect\")) {\n        return false\n      }\n\n      // Don't redirect if we're on an internal route\n      if (isInternalRoute(pathname)) {\n        return false\n      }\n\n      // Don't redirect if we're in auth routes (except when handling verification)\n      if (isAuthRoute(pathname) && (!requiresVerification || isVerified)) {\n        return false\n      }\n\n      return true\n    },\n    [requiresVerification],\n  )\n\n  const redirectToLogin = useCallback(\n    (currentPath?: string) => {\n      const path = currentPath || pathname || \"/\"\n\n\n      if (isInternalRoute(path)) {  // Don't redirect if we're already on an internal route\n        return\n      }\n\n       // Check for redirect loops\n      if (hasRedirectLoop(path, loginPath)) {\n        return\n      }\n\n      setIsRedirecting(true)\n\n      const loginUrl = constructUrlWithRedirect(loginPath, path, loginPath, signUpPath)\n\n      if (process.env.NODE_ENV === \"production\") {\n        window.location.href = loginUrl\n      } else {\n        // Use router.push for development\n        router.push(loginUrl)\n      }\n  }, \n  [router, loginPath, signUpPath, pathname, constructUrlWithRedirect]\n)\n\n  const handleSignOut = useCallback(async (error?: Error) => {\n    const currentPath = window.location.pathname\n    await auth.signOut();\n    setAuthState({\n      isLoaded: true,\n      userId: null,\n      error: error || null,\n      isValid: false,\n      token: null,\n      email: null,\n      isVerified: false,\n      isAuthenticated: false,\n      status: \"unauthenticated\",\n      requiresVerification,\n    })\n    redirectToLogin(currentPath)\n  }, [auth, redirectToLogin, requiresVerification])\n\n  const setEmail = useCallback((email: string) => {\n    setAuthState((prev) => ({\n      ...prev,\n      email,\n    }))\n  }, [])\n\n  const getAuthError = useCallback((): SignInResponse => {\n    if (authState.error) {\n      const error = authState.error as AuthError;\n      return {\n        success: false,\n        message: error.message,\n        error: error.code as keyof typeof ERRORS,\n        user: null,\n      }\n    }\n\n    if (authState.requiresVerification && authState.isValid && !authState.isVerified) {\n      return {\n        success: false,\n        message: 'Email verification required',\n        error: 'EMAIL_NOT_VERIFIED',\n        user: null,\n      }\n    }\n\n    if (!authState.isAuthenticated && authState.status !== \"loading\") {\n      return {\n        success: false,\n        message: 'User is not authenticated',\n        error: 'AUTHENTICATED',\n        user: null,\n      }\n    }\n\n    return {\n      success: true,\n      user: ternSecureAuth.currentUser,\n    }\n  }, [\n    authState.error,\n    authState.isValid,\n    authState.isVerified,\n    authState.isAuthenticated,\n    authState.status,\n    authState.requiresVerification,\n  ])\n\nuseEffect(() => {\n  let mounted = true\n  let initialLoad = true\n\n  const unsubscribe = onAuthStateChanged(\n    auth,\n      async (user: User | null) => {\n       if (!mounted) return\n       try {\n        if (user) {\n        const isValid = !!user.uid;\n        const isVerified = user.emailVerified;\n        const isAuthenticated = isValid && (!requiresVerification || isVerified) // Consider user authenticated if verification is not required or if email is verified\n\n        setAuthState({\n          isLoaded: true,\n          userId: user.uid,\n          isValid,\n          isVerified,\n          isAuthenticated: isValid && isVerified,\n          token: user.getIdToken(),\n          error: null,\n          email: user.email,\n          status: isAuthenticated ? \"authenticated\" : \"unverified\",\n          requiresVerification,\n        })\n       \n        if (requiresVerification && !isVerified && shouldRedirect(pathname || \"\", isVerified)) {\n          if(initialLoad || !isRedirecting) {\n            redirectToLogin(pathname)\n        }\n      }\n      } else {\n        setAuthState({\n          isLoaded: true,\n          userId: null,\n          isValid: false,\n          isVerified: false,\n          isAuthenticated: false,\n          token: null,\n          error: null,\n          email: null,\n          status: \"unauthenticated\",\n          requiresVerification,\n        })\n        \n        if (shouldRedirect(pathname || \"\", false) && initialLoad) {\n          redirectToLogin()\n        }\n      }\n    } catch (error){\n      console.error(\"Auth state change error:\", error)\n      if (mounted) {\n        handleSignOut(error instanceof Error ? error : new Error(\"Authentication error occurred\"))\n      }\n    } finally {\n      initialLoad = false\n    }\n  })\n    \n  return () => {\n    mounted = false\n    unsubscribe()\n  }\n  }, [auth, handleSignOut, redirectToLogin, requiresVerification, pathname, isRedirecting, shouldRedirect])\n\n  const contextValue: TernSecureCtxValue = useMemo(() => ({\n    ...authState,\n    signOut: handleSignOut,\n    setEmail,\n    getAuthError,\n    redirectToLogin,\n  }), [authState, handleSignOut, setEmail, getAuthError, redirectToLogin]);\n\n  if (!authState.isLoaded) {\n    return (\n      <TernSecureCtx.Provider value={contextValue}>\n        {loadingComponent || (\n          <div aria-live=\"polite\" aria-busy=\"true\">\n            <span className=\"sr-only\">Loading authentication state...</span>\n          </div>\n        )}\n      </TernSecureCtx.Provider>\n    );\n  }\n\n  return (\n      <TernSecureCtx.Provider value={contextValue}>\n       {children}\n      </TernSecureCtx.Provider>\n  )\n}"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAqRY;AAnRZ,mBAAiE;AACjE,yBAA+B;AAC/B,kBAAyC;AACzC,2BAAkD;AAGlD,wBAAuC;AACvC,4BAA6D;AAC7D,uBAAgC;AA4BzB,SAAS,yBAAyB;AAAA,EACvC;AAAA,EACA,YAAY,QAAQ,IAAI,4BAA4B;AAAA,EACpD,aAAa,QAAQ,IAAI,4BAA4B;AAAA,EACrD;AAAA,EACA;AACF,GAAkC;AAChC,QAAM,WAAO,sBAAQ,MAAM,mCAAgB,CAAC,CAAC;AAC7C,QAAM,aAAS,6BAAU;AACzB,QAAM,eAAW,+BAAY;AAC7B,QAAM,CAAC,eAAe,gBAAgB,QAAI,uBAAS,KAAK;AAExD,QAAM,CAAC,WAAW,YAAY,QAAI,uBAA0B,OAAO;AAAA,IACjE,QAAQ;AAAA,IACR,UAAU;AAAA,IACV,OAAO;AAAA,IACP,SAAS;AAAA,IACT,YAAY;AAAA,IACZ,iBAAiB;AAAA,IACjB,OAAO;AAAA,IACP,OAAO;AAAA,IACP,QAAQ;AAAA,IACR;AAAA,EACF,EAAE;AAEF,QAAM,+BAA2B;AAAA,IAC/B,CAACA,YAAmB,aAAqB,gBAAwB,oBAAoC;AACnG,YAAM,UAAU,OAAO,SAAS;AAChC,YAAM,YAAY,IAAI,IAAIA,YAAW,OAAO;AAG5C,UAAI,CAAC,YAAY,SAAS,cAAc,KAAK,CAAC,YAAY,SAAS,eAAe,GAAG;AACnF,kBAAU,aAAa,IAAI,YAAY,WAAW;AAAA,MACpD;AACA,aAAO,UAAU,SAAS;AAAA,IAC5B;AAAA,IACA,CAAC;AAAA,EACH;AAGA,QAAM,qBAAiB;AAAA,IACrB,CAACC,WAAkB,eAAwB;AAEzC,YAAM,eAAe,IAAI,gBAAgB,OAAO,SAAS,MAAM;AAG/D,cAAI,uCAAgBA,SAAQ,KAAK,CAAC,aAAa,IAAI,UAAU,GAAG;AAC9D,eAAO;AAAA,MACT;AAGA,cAAI,uCAAgBA,SAAQ,GAAG;AAC7B,eAAO;AAAA,MACT;AAGA,cAAI,mCAAYA,SAAQ,MAAM,CAAC,wBAAwB,aAAa;AAClE,eAAO;AAAA,MACT;AAEA,aAAO;AAAA,IACT;AAAA,IACA,CAAC,oBAAoB;AAAA,EACvB;AAEA,QAAM,sBAAkB;AAAA,IACtB,CAAC,gBAAyB;AACxB,YAAM,OAAO,eAAe,YAAY;AAGxC,cAAI,uCAAgB,IAAI,GAAG;AACzB;AAAA,MACF;AAGA,cAAI,kCAAgB,MAAM,SAAS,GAAG;AACpC;AAAA,MACF;AAEA,uBAAiB,IAAI;AAErB,YAAM,WAAW,yBAAyB,WAAW,MAAM,WAAW,UAAU;AAEhF,UAAI,QAAQ,IAAI,aAAa,cAAc;AACzC,eAAO,SAAS,OAAO;AAAA,MACzB,OAAO;AAEL,eAAO,KAAK,QAAQ;AAAA,MACtB;AAAA,IACJ;AAAA,IACA,CAAC,QAAQ,WAAW,YAAY,UAAU,wBAAwB;AAAA,EACpE;AAEE,QAAM,oBAAgB,0BAAY,OAAO,UAAkB;AACzD,UAAM,cAAc,OAAO,SAAS;AACpC,UAAM,KAAK,QAAQ;AACnB,iBAAa;AAAA,MACX,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,OAAO,SAAS;AAAA,MAChB,SAAS;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,YAAY;AAAA,MACZ,iBAAiB;AAAA,MACjB,QAAQ;AAAA,MACR;AAAA,IACF,CAAC;AACD,oBAAgB,WAAW;AAAA,EAC7B,GAAG,CAAC,MAAM,iBAAiB,oBAAoB,CAAC;AAEhD,QAAM,eAAW,0BAAY,CAAC,UAAkB;AAC9C,iBAAa,CAAC,UAAU;AAAA,MACtB,GAAG;AAAA,MACH;AAAA,IACF,EAAE;AAAA,EACJ,GAAG,CAAC,CAAC;AAEL,QAAM,mBAAe,0BAAY,MAAsB;AACrD,QAAI,UAAU,OAAO;AACnB,YAAM,QAAQ,UAAU;AACxB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS,MAAM;AAAA,QACf,OAAO,MAAM;AAAA,QACb,MAAM;AAAA,MACR;AAAA,IACF;AAEA,QAAI,UAAU,wBAAwB,UAAU,WAAW,CAAC,UAAU,YAAY;AAChF,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS;AAAA,QACT,OAAO;AAAA,QACP,MAAM;AAAA,MACR;AAAA,IACF;AAEA,QAAI,CAAC,UAAU,mBAAmB,UAAU,WAAW,WAAW;AAChE,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS;AAAA,QACT,OAAO;AAAA,QACP,MAAM;AAAA,MACR;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,MAAM,kCAAe;AAAA,IACvB;AAAA,EACF,GAAG;AAAA,IACD,UAAU;AAAA,IACV,UAAU;AAAA,IACV,UAAU;AAAA,IACV,UAAU;AAAA,IACV,UAAU;AAAA,IACV,UAAU;AAAA,EACZ,CAAC;AAEH,8BAAU,MAAM;AACd,QAAI,UAAU;AACd,QAAI,cAAc;AAElB,UAAM,kBAAc;AAAA,MAClB;AAAA,MACE,OAAO,SAAsB;AAC5B,YAAI,CAAC,QAAS;AACd,YAAI;AACH,cAAI,MAAM;AACV,kBAAM,UAAU,CAAC,CAAC,KAAK;AACvB,kBAAM,aAAa,KAAK;AACxB,kBAAM,kBAAkB,YAAY,CAAC,wBAAwB;AAE7D,yBAAa;AAAA,cACX,UAAU;AAAA,cACV,QAAQ,KAAK;AAAA,cACb;AAAA,cACA;AAAA,cACA,iBAAiB,WAAW;AAAA,cAC5B,OAAO,KAAK,WAAW;AAAA,cACvB,OAAO;AAAA,cACP,OAAO,KAAK;AAAA,cACZ,QAAQ,kBAAkB,kBAAkB;AAAA,cAC5C;AAAA,YACF,CAAC;AAED,gBAAI,wBAAwB,CAAC,cAAc,eAAe,YAAY,IAAI,UAAU,GAAG;AACrF,kBAAG,eAAe,CAAC,eAAe;AAChC,gCAAgB,QAAQ;AAAA,cAC5B;AAAA,YACF;AAAA,UACA,OAAO;AACL,yBAAa;AAAA,cACX,UAAU;AAAA,cACV,QAAQ;AAAA,cACR,SAAS;AAAA,cACT,YAAY;AAAA,cACZ,iBAAiB;AAAA,cACjB,OAAO;AAAA,cACP,OAAO;AAAA,cACP,OAAO;AAAA,cACP,QAAQ;AAAA,cACR;AAAA,YACF,CAAC;AAED,gBAAI,eAAe,YAAY,IAAI,KAAK,KAAK,aAAa;AACxD,8BAAgB;AAAA,YAClB;AAAA,UACF;AAAA,QACF,SAAS,OAAM;AACb,kBAAQ,MAAM,4BAA4B,KAAK;AAC/C,cAAI,SAAS;AACX,0BAAc,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,+BAA+B,CAAC;AAAA,UAC3F;AAAA,QACF,UAAE;AACA,wBAAc;AAAA,QAChB;AAAA,MACF;AAAA,IAAC;AAED,WAAO,MAAM;AACX,gBAAU;AACV,kBAAY;AAAA,IACd;AAAA,EACA,GAAG,CAAC,MAAM,eAAe,iBAAiB,sBAAsB,UAAU,eAAe,cAAc,CAAC;AAExG,QAAM,mBAAmC,sBAAQ,OAAO;AAAA,IACtD,GAAG;AAAA,IACH,SAAS;AAAA,IACT;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI,CAAC,WAAW,eAAe,UAAU,cAAc,eAAe,CAAC;AAEvE,MAAI,CAAC,UAAU,UAAU;AACvB,WACE,4CAAC,mCAAc,UAAd,EAAuB,OAAO,cAC5B,8BACC,4CAAC,SAAI,aAAU,UAAS,aAAU,QAChC,sDAAC,UAAK,WAAU,WAAU,6CAA+B,GAC3D,GAEJ;AAAA,EAEJ;AAEA,SACI,4CAAC,mCAAc,UAAd,EAAuB,OAAO,cAC7B,UACF;AAEN;","names":["loginPath","pathname"]}

package/dist/cjs/boundary/TernSecureCtx.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/boundary/TernSecureCtx.tsx"],"sourcesContent":["\"use client\"\n\nimport { createContext, useContext } from 'react'\nimport { ternSecureAuth } from '../utils/client-init';\nimport { User } from 'firebase/auth';\n\nexport const TernSecureUser = (): User | null => {\n  return ternSecureAuth.currentUser;\n}\n\nexport interface TernSecureState {\n  userId: string | null\n  isLoaded: boolean\n  error: Error | null\n  isValid: boolean\n  token: any | null\n  email: string | null\n}\n\nexport interface TernSecureCtxValue extends TernSecureState {\n signOut: () => Promise<void>\n setEmail: (email: string) => void\n}\n\nexport const TernSecureCtx = createContext<TernSecureCtxValue | null>(null)\n\nTernSecureCtx.displayName = 'TernSecureCtx'\n\nexport const useTernSecure = (hookName: string) => {\n  const context = useContext(TernSecureCtx)\n  \n  if (!context) {\n    throw new Error(\n      `${hookName} must be used within TernSecureProvider`\n    )\n  }\n\n  return context\n}\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,mBAA0C;AAC1C,yBAA+B;AAGxB,MAAM,iBAAiB,MAAmB;AAC/C,SAAO,kCAAe;AACxB;AAgBO,MAAM,oBAAgB,4BAAyC,IAAI;AAE1E,cAAc,cAAc;AAErB,MAAM,gBAAgB,CAAC,aAAqB;AACjD,QAAM,cAAU,yBAAW,aAAa;AAExC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI;AAAA,MACR,GAAG,QAAQ;AAAA,IACb;AAAA,EACF;AAEA,SAAO;AACT;","names":[]}
+{"version":3,"sources":["../../../src/boundary/TernSecureCtx.tsx"],"sourcesContent":["\"use client\"\n\nimport { createContext, useContext } from 'react'\nimport { ternSecureAuth } from '../utils/client-init';\nimport { User } from 'firebase/auth';\nimport type { TernSecureState, SignInResponse } from '../types';\n\nexport const TernSecureUser = (): User | null => {\n  return ternSecureAuth.currentUser;\n}\n\nexport interface TernSecureCtxValue extends TernSecureState {\n signOut: () => Promise<void>\n setEmail: (email: string) => void\n getAuthError: () => SignInResponse\n redirectToLogin: () => void\n}\n\nexport const TernSecureCtx = createContext<TernSecureCtxValue | null>(null)\n\nTernSecureCtx.displayName = 'TernSecureCtx'\n\nexport const useTernSecure = (hookName: string) => {\n  const context = useContext(TernSecureCtx)\n  \n  if (!context) {\n    throw new Error(\n      `${hookName} must be used within TernSecureProvider`\n    )\n  }\n\n  return context\n}\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,mBAA0C;AAC1C,yBAA+B;AAIxB,MAAM,iBAAiB,MAAmB;AAC/C,SAAO,kCAAe;AACxB;AASO,MAAM,oBAAgB,4BAAyC,IAAI;AAE1E,cAAc,cAAc;AAErB,MAAM,gBAAgB,CAAC,aAAqB;AACjD,QAAM,cAAU,yBAAW,aAAa;AAExC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI;AAAA,MACR,GAAG,QAAQ;AAAA,IACb;AAAA,EACF;AAEA,SAAO;AACT;","names":[]}

package/dist/cjs/boundary/hooks/useAuth.js

@@ -30,17 +30,30 @@ function useAuth() {
     isLoaded,
     error,
     isValid,
+    isVerified,
+    isAuthenticated,
     token,
+    getAuthError,
+    status,
+    requiresVerification,
     signOut
   } = (0, import_TernSecureCtx.useTernSecure)("useAuth");
   const user = (0, import_TernSecureCtx2.TernSecureUser)();
+  const authResponse = getAuthError();
   return {
     user,
     userId,
     isLoaded,
-    error,
-    isAuthenticated: isValid,
+    error: authResponse.success ? null : authResponse,
+    isValid,
+    // User is signed in
+    isVerified,
+    // Email is verified
+    isAuthenticated,
+    // User is both signed in and verified
     token,
+    status,
+    requiresVerification,
     signOut
   };
 }

package/dist/cjs/boundary/hooks/useAuth.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/boundary/hooks/useAuth.ts"],"sourcesContent":["\"use client\"\n\nimport { useTernSecure } from '../TernSecureCtx'\nimport {  User } from 'firebase/auth'\nimport { TernSecureUser } from '../TernSecureCtx'\n\nexport function useAuth() {\n  const {\n    userId,\n    isLoaded,\n    error,\n    isValid,\n    token,\n    signOut\n  } = useTernSecure('useAuth')\n\n  const user: User | null = TernSecureUser()\n\n  return {\n    user,\n    userId,\n    isLoaded,\n    error,\n    isAuthenticated: isValid,\n    token,\n    signOut\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,2BAA8B;AAE9B,IAAAA,wBAA+B;AAExB,SAAS,UAAU;AACxB,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,QAAI,oCAAc,SAAS;AAE3B,QAAM,WAAoB,sCAAe;AAEzC,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,iBAAiB;AAAA,IACjB;AAAA,IACA;AAAA,EACF;AACF;","names":["import_TernSecureCtx"]}
+{"version":3,"sources":["../../../../src/boundary/hooks/useAuth.ts"],"sourcesContent":["\"use client\"\n\nimport { useTernSecure } from '../TernSecureCtx'\nimport {  User } from 'firebase/auth'\nimport { TernSecureUser } from '../TernSecureCtx'\nimport type { SignInResponse } from '../../types'\n\n\nexport function useAuth() {\n  const {\n    userId,\n    isLoaded,\n    error,\n    isValid,\n    isVerified,\n    isAuthenticated,\n    token,\n    getAuthError,\n    status,\n    requiresVerification,\n    signOut\n  } = useTernSecure('useAuth')\n\n  const user: User | null = TernSecureUser()\n  const authResponse: SignInResponse = getAuthError()\n\n\n  return {\n    user,\n    userId,\n    isLoaded,\n    error: authResponse.success ? null : authResponse,\n    isValid,         // User is signed in\n    isVerified,      // Email is verified\n    isAuthenticated, // User is both signed in and verified\n    token,\n    status,\n    requiresVerification,\n    signOut\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,2BAA8B;AAE9B,IAAAA,wBAA+B;AAIxB,SAAS,UAAU;AACxB,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,QAAI,oCAAc,SAAS;AAE3B,QAAM,WAAoB,sCAAe;AACzC,QAAM,eAA+B,aAAa;AAGlD,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA,OAAO,aAAa,UAAU,OAAO;AAAA,IACrC;AAAA;AAAA,IACA;AAAA;AAAA,IACA;AAAA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;","names":["import_TernSecureCtx"]}