@tern-secure/nextjs 4.0.0 → 4.1.0

package/dist/cjs/utils/redirect.js

@@ -0,0 +1,57 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var redirect_exports = {};
+__export(redirect_exports, {
+  getCurrentPath: () => getCurrentPath,
+  validateRedirectUrl: () => validateRedirectUrl
+});
+module.exports = __toCommonJS(redirect_exports);
+var import_headers = require("next/headers");
+async function validateRedirectUrl(url) {
+  if (!url) return "/";
+  try {
+    if (url.startsWith("/")) {
+      const validPaths = ["/"];
+      return validPaths.includes(url) ? url : "/";
+    }
+    const headersList = await (0, import_headers.headers)();
+    const currentHost = headersList.get("host");
+    const urlObj = new URL(url);
+    if (urlObj.host === currentHost) {
+      return urlObj.pathname;
+    }
+  } catch {
+  }
+  return "/";
+}
+async function getCurrentPath() {
+  try {
+    const headersList = await (0, import_headers.headers)();
+    const pathname = headersList.get("x-pathname") || "/";
+    return pathname;
+  } catch {
+    return "/";
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  getCurrentPath,
+  validateRedirectUrl
+});
+//# sourceMappingURL=redirect.js.map

package/dist/cjs/utils/redirect.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/utils/redirect.ts"],"sourcesContent":["import { headers } from \"next/headers\"\n\n/**\n * Validates and sanitizes redirect URLs\n */\nexport async function validateRedirectUrl(url: string | null): Promise<string> {\n  if (!url) return \"/\"\n\n  try {\n    // Check if it's a relative path\n    if (url.startsWith(\"/\")) {\n      // Basic validation to ensure the path exists in your app\n      // Add more paths as needed\n      const validPaths = [\"/\"]\n      return validPaths.includes(url) ? url : \"/\"\n    }\n\n    // If it's an absolute URL, ensure it's from your domain\n     const headersList = await headers()\n    const currentHost = headersList.get(\"host\")\n    const urlObj = new URL(url)\n    if (urlObj.host === currentHost) {\n      return urlObj.pathname\n    }\n  } catch {\n    // Invalid URL format\n  }\n\n  return \"/\"\n}\n\n/**\n * Gets the current path for redirect purposes\n */\nexport async function getCurrentPath(): Promise<string> {\n  try {\n    const headersList = await headers()\n    const pathname = headersList.get(\"x-pathname\") || \"/\"\n    return pathname\n  } catch {\n    return \"/\"\n  }\n}\n\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,qBAAwB;AAKxB,eAAsB,oBAAoB,KAAqC;AAC7E,MAAI,CAAC,IAAK,QAAO;AAEjB,MAAI;AAEF,QAAI,IAAI,WAAW,GAAG,GAAG;AAGvB,YAAM,aAAa,CAAC,GAAG;AACvB,aAAO,WAAW,SAAS,GAAG,IAAI,MAAM;AAAA,IAC1C;AAGC,UAAM,cAAc,UAAM,wBAAQ;AACnC,UAAM,cAAc,YAAY,IAAI,MAAM;AAC1C,UAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,QAAI,OAAO,SAAS,aAAa;AAC/B,aAAO,OAAO;AAAA,IAChB;AAAA,EACF,QAAQ;AAAA,EAER;AAEA,SAAO;AACT;AAKA,eAAsB,iBAAkC;AACtD,MAAI;AACF,UAAM,cAAc,UAAM,wBAAQ;AAClC,UAAM,WAAW,YAAY,IAAI,YAAY,KAAK;AAClD,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;","names":[]}

package/dist/esm/app-router/client/TernSecureProvider.js

@@ -1,7 +1,22 @@
 import { jsx } from "react/jsx-runtime";
 import { TernSecureClientProvider } from "../../boundary/TernSecureClientProvider";
-async function TernSecureProvider({ children }) {
-  return /* @__PURE__ */ jsx(TernSecureClientProvider, { children });
+async function TernSecureProvider({
+  children,
+  requiresVerification = true,
+  loginPath,
+  signUpPath,
+  loadingComponent
+}) {
+  return /* @__PURE__ */ jsx(
+    TernSecureClientProvider,
+    {
+      requiresVerification,
+      loginPath,
+      signUpPath,
+      loadingComponent,
+      children
+    }
+  );
 }
 export {
   TernSecureProvider

package/dist/esm/app-router/client/TernSecureProvider.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/app-router/client/TernSecureProvider.tsx"],"sourcesContent":["import React from \"react\"\nimport { TernSecureClientProvider } from \"../../boundary/TernSecureClientProvider\"\n\n\n// Loading fallback component\n/*function TernSecureLoadingFallback() {\n  return (\n    <div>\n      <span className=\"sr-only\">Loading...</span>\n    </div>\n  )\n}*/\n/**\n * Root Provider for TernSecure\n * Use this in your Next.js App Router root layout\n * Automatically handles client/server boundary and authentication state\n * \n * @example\n * /// app/layout.tsx\n * import { TernSecureProvider } from '@tern/secure'\n * \n * export default function RootLayout({ children }) {\n *   return (\n *     <html>\n *       <body>\n *         <TernSecureProvider>\n *           {children}\n *         </TernSecureProvider>\n *       </body>\n *     </html>\n *   )\n * }\n */\nexport async function TernSecureProvider({ children }: { children: React.ReactNode }) {\n  return (\n    <TernSecureClientProvider>\n        {children}\n    </TernSecureClientProvider>\n  )\n}"],"mappings":"AAmCI;AAlCJ,SAAS,gCAAgC;AAgCzC,eAAsB,mBAAmB,EAAE,SAAS,GAAkC;AACpF,SACE,oBAAC,4BACI,UACL;AAEJ;","names":[]}
+{"version":3,"sources":["../../../../src/app-router/client/TernSecureProvider.tsx"],"sourcesContent":["import React from \"react\"\nimport { TernSecureClientProvider } from \"../../boundary/TernSecureClientProvider\"\n\n\n/**\n * Configuration options for TernSecure authentication\n */\nexport interface TernSecureConfig {\n  /** Whether email verification is required (defaults to true) */\n  requiresVerification?: boolean\n  /** Custom path for login page (defaults to /sign-in) */\n  loginPath?: string\n  /** Custom path for signup page (defaults to /sign-up) */\n  signUpPath?: string\n  /** Custom loading component */\n  loadingComponent?: React.ReactNode\n}\n\n// Loading fallback component\n/*function TernSecureLoadingFallback() {\n  return (\n    <div>\n      <span className=\"sr-only\">Loading...</span>\n    </div>\n  )\n}*/\n/**\n * Root Provider for TernSecure\n * Use this in your Next.js App Router root layout\n * Automatically handles client/server boundary and authentication state\n * \n * @example\n * /// app/layout.tsx\n * import { TernSecureProvider } from '@tern/secure'\n * \n * export default function RootLayout({ children }) {\n *   return (\n *     <html>\n *       <body>\n *         <TernSecureProvider>\n *           {children}\n *         </TernSecureProvider>\n *       </body>\n *     </html>\n *   )\n * }\n */\nexport async function TernSecureProvider({ \n  children,\n  requiresVerification = true,\n  loginPath,\n  signUpPath,\n  loadingComponent,\n }: React.PropsWithChildren<TernSecureConfig>) {\n  return (\n    <TernSecureClientProvider\n      requiresVerification={requiresVerification}\n      loginPath={loginPath}\n      signUpPath={signUpPath}\n      loadingComponent={loadingComponent}\n    >\n        {children}\n    </TernSecureClientProvider>\n  )\n}"],"mappings":"AAuDI;AAtDJ,SAAS,gCAAgC;AA8CzC,eAAsB,mBAAmB;AAAA,EACvC;AAAA,EACA,uBAAuB;AAAA,EACvB;AAAA,EACA;AAAA,EACA;AACD,GAA8C;AAC7C,SACE;AAAA,IAAC;AAAA;AAAA,MACC;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MAEG;AAAA;AAAA,EACL;AAEJ;","names":[]}

package/dist/esm/app-router/client/actions.js

@@ -1,6 +1,14 @@
 import { TernSecureAuth } from "../../utils/client-init";
-import { signInWithEmailAndPassword, signInWithRedirect, getRedirectResult, GoogleAuthProvider, OAuthProvider, createUserWithEmailAndPassword, sendEmailVerification } from "firebase/auth";
-import { ERRORS } from "../../errors";
+import {
+  signInWithEmailAndPassword,
+  signInWithRedirect,
+  getRedirectResult,
+  GoogleAuthProvider,
+  OAuthProvider,
+  createUserWithEmailAndPassword,
+  sendEmailVerification
+} from "firebase/auth";
+import { handleFirebaseAuthError } from "../../errors";
 async function createUser(email, password) {
   const auth = TernSecureAuth();
   try {
@@ -10,27 +18,19 @@ async function createUser(email, password) {
     };
     const userCredential = await createUserWithEmailAndPassword(auth, email, password);
     await sendEmailVerification(userCredential.user, actionCodeSettings);
-    return { success: true, message: "Account created successfully.", user: userCredential.user };
+    return {
+      success: true,
+      message: "Account created successfully. Please check your email for verification",
+      user: userCredential.user
+    };
   } catch (error) {
-    if (error instanceof Error) {
-      switch (error.message) {
-        case "auth/too-many-requests":
-          throw new Error("Too many attempts. Please try again later.");
-        case "auth/network-request-failed":
-          throw new Error("Network disconnected. Please try again later.");
-        case "auth/email-already-in-use":
-          throw new Error("Email is already registered.");
-        case "auth/invalid-email":
-          throw new Error("Invalid email address.");
-        case "auth/operation-not-allowed":
-          throw new Error("Email/password accounts are not enabled.");
-        case "auth/weak-password":
-          throw new Error("Password is too weak.");
-        default:
-          throw new Error(error.message);
-      }
-    }
-    throw new Error("Failed to create account");
+    const authError = handleFirebaseAuthError(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 async function signInWithEmail(email, password) {
@@ -41,12 +41,17 @@ async function signInWithEmail(email, password) {
     return {
       success: true,
       message: "Authentication successful",
-      user: UserCredential.user,
-      error: !user.emailVerified ? ERRORS.REQUIRES_VERIFICATION : void 0
+      user,
+      error: !user.emailVerified ? "REQUIRES_VERIFICATION" : "AUTHENTICATED"
     };
   } catch (error) {
-    const errorMessage = error instanceof Error ? error.message : "Failed to sign in";
-    throw new Error(errorMessage);
+    const authError = handleFirebaseAuthError(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 async function signInWithRedirectGoogle() {
@@ -60,8 +65,13 @@ async function signInWithRedirectGoogle() {
     await signInWithRedirect(auth, provider);
     return { success: true, message: "Redirect initiated" };
   } catch (error) {
-    console.error("Error during Google sign-in:", error);
-    return { success: false, error: "Failed to sign in with Google" };
+    const authError = handleFirebaseAuthError(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 async function signInWithMicrosoft() {
@@ -74,8 +84,13 @@ async function signInWithMicrosoft() {
     await signInWithRedirect(auth, provider);
     return { success: true, message: "Redirect initiated" };
   } catch (error) {
-    console.error("Error during Google sign-in:", error);
-    return { success: false, error: "Failed to sign in with Google" };
+    const authError = handleFirebaseAuthError(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 async function handleAuthRedirectResult() {
@@ -89,8 +104,13 @@ async function handleAuthRedirectResult() {
       return { success: false, error: "No redirect result" };
     }
   } catch (error) {
-    console.error("Error handling auth redirect result:", error);
-    return { success: false, error: error.message || "Failed to handle auth redirect", code: error.code };
+    const authError = handleFirebaseAuthError(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 async function resendEmailVerification() {
@@ -119,25 +139,13 @@ async function resendEmailVerification() {
       isVerified: false
     };
   } catch (error) {
-    if (error instanceof Error) {
-      switch (error.message) {
-        case "auth/too-many-requests":
-          throw new Error("Too many attempts. Please try again later.");
-        case "auth/network-request-failed":
-          throw new Error("Network disconnected. Please try again later.");
-        case "auth/email-already-in-use":
-          throw new Error("Email is already registered.");
-        case "auth/invalid-email":
-          throw new Error("Invalid email address.");
-        case "auth/operation-not-allowed":
-          throw new Error("Email/password accounts are not enabled.");
-        case "auth/weak-password":
-          throw new Error("Password is too weak.");
-        default:
-          throw new Error(error.message);
-      }
-    }
-    throw new Error("Failed to resend verification email.");
+    const authError = handleFirebaseAuthError(error);
+    return {
+      success: false,
+      message: authError.message,
+      error: authError.code,
+      user: null
+    };
   }
 }
 export {

package/dist/esm/app-router/client/actions.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/app-router/client/actions.ts"],"sourcesContent":["import { TernSecureAuth } from '../../utils/client-init'\nimport { signInWithEmailAndPassword, signInWithRedirect, getRedirectResult, GoogleAuthProvider, OAuthProvider, createUserWithEmailAndPassword, sendEmailVerification } from 'firebase/auth'\nimport { ERRORS } from '../../errors'\n\nexport interface SignInResponse {\n  success: boolean;\n  message?: string;\n  error?: typeof ERRORS[keyof typeof ERRORS];\n  user?: any;\n}\n\nexport async function createUser(email: string, password: string) {\n  const auth = TernSecureAuth()\n  try {\n    \n    const actionCodeSettings = {\n      url: `${window.location.origin}/sign-in`,\n      handleCodeInApp: true\n    };\n\n    const userCredential = await createUserWithEmailAndPassword(auth, email, password);\n\n    await sendEmailVerification(userCredential.user, actionCodeSettings)\n    \n    return { success: true, message: 'Account created successfully.', user: userCredential.user };\n\n  } catch (error) {\n    // Handle specific Firebase auth errors\n    if (error instanceof Error) {\n      switch (error.message) {\n        case 'auth/too-many-requests':\n          throw new Error('Too many attempts. Please try again later.');\n        case 'auth/network-request-failed':\n            throw new Error('Network disconnected. Please try again later.');\n        case 'auth/email-already-in-use':\n          throw new Error('Email is already registered.');\n        case 'auth/invalid-email':\n          throw new Error('Invalid email address.');\n        case 'auth/operation-not-allowed':\n          throw new Error('Email/password accounts are not enabled.');\n        case 'auth/weak-password':\n          throw new Error('Password is too weak.');\n        default:\n          throw new Error(error.message);\n      }\n    }\n    throw new Error('Failed to create account');\n  }\n}\n\n\nexport async function signInWithEmail(email: string, password: string): Promise<SignInResponse> {\n  const auth = TernSecureAuth()\n  try {\n  const UserCredential = await signInWithEmailAndPassword(auth, email, password)\n  const user = UserCredential.user\n  return { \n      success: true, \n      message: 'Authentication successful',\n      user: UserCredential.user,\n      error: !user.emailVerified ? ERRORS.REQUIRES_VERIFICATION : undefined\n    };\n  \n} catch (error){\n  const errorMessage = error instanceof Error ? error.message : 'Failed to sign in';\n  throw new Error(errorMessage);\n}\n} \n\nexport async function signInWithRedirectGoogle() {\n  const auth = TernSecureAuth()\n  const provider = new GoogleAuthProvider()\n  provider.setCustomParameters({\n    login_hint: 'user@example.com',\n    prompt: 'select_account'\n  })\n\n  try {\n    await signInWithRedirect(auth, provider)\n    return { success: true, message: 'Redirect initiated' }\n  } catch (error) {\n    console.error('Error during Google sign-in:', error)\n    return { success: false, error: 'Failed to sign in with Google' }\n  }\n}\n\n\nexport async function signInWithMicrosoft() {\n  const auth = TernSecureAuth()\n  const provider = new OAuthProvider('microsoft.com')\n  provider.setCustomParameters({\n    prompt: 'consent'\n  })\n\n  try {\n    await signInWithRedirect(auth, provider)\n    return { success: true, message: 'Redirect initiated' }\n  } catch (error) {\n    console.error('Error during Google sign-in:', error)\n    return { success: false, error: 'Failed to sign in with Google' }\n  }\n}\n\n\nexport async function handleAuthRedirectResult() {\n  const auth = TernSecureAuth()\n  try {\n    const result = await getRedirectResult(auth)\n    if (result) {\n      const user = result.user\n      return { success: true, user }\n    } else {\n      return { success: false, error: 'No redirect result' }\n    }\n  } catch (error: any) {\n    console.error('Error handling auth redirect result:', error)\n    return { success: false, error: error.message || 'Failed to handle auth redirect', code: error.code }\n  }\n}\n\n\nexport async function resendEmailVerification() {\n  const auth = TernSecureAuth()\n  try {\n    const user = auth.currentUser;\n    if (!user) {\n      throw new Error('No user found. Please try signing up again.');\n    }\n\n    await user.reload();\n\n    if (user.emailVerified) {\n      return { \n        success: true, \n        message: 'Email is already verified. You can sign in.',\n        isVerified: true \n      };\n    }\n\n    const actionCodeSettings = {\n      url: `${window.location.origin}/sign-in`,\n      handleCodeInApp: true,\n    };\n\n    await sendEmailVerification(user, actionCodeSettings);\n    return { \n      success: true, \n      message: 'Verification email sent successfully.',\n      isVerified: false\n     };\n    } catch (error) {\n      if (error instanceof Error) {\n        switch (error.message) {\n          case 'auth/too-many-requests':\n            throw new Error('Too many attempts. Please try again later.');\n          case 'auth/network-request-failed':\n              throw new Error('Network disconnected. Please try again later.');\n          case 'auth/email-already-in-use':\n            throw new Error('Email is already registered.');\n          case 'auth/invalid-email':\n            throw new Error('Invalid email address.');\n          case 'auth/operation-not-allowed':\n            throw new Error('Email/password accounts are not enabled.');\n          case 'auth/weak-password':\n            throw new Error('Password is too weak.');\n          default:\n            throw new Error(error.message);\n        }\n      }\n      throw new Error('Failed to resend verification email.');\n    }\n}"],"mappings":"AAAA,SAAS,sBAAsB;AAC/B,SAAS,4BAA4B,oBAAoB,mBAAmB,oBAAoB,eAAe,gCAAgC,6BAA6B;AAC5K,SAAS,cAAc;AASvB,eAAsB,WAAW,OAAe,UAAkB;AAChE,QAAM,OAAO,eAAe;AAC5B,MAAI;AAEF,UAAM,qBAAqB;AAAA,MACzB,KAAK,GAAG,OAAO,SAAS,MAAM;AAAA,MAC9B,iBAAiB;AAAA,IACnB;AAEA,UAAM,iBAAiB,MAAM,+BAA+B,MAAM,OAAO,QAAQ;AAEjF,UAAM,sBAAsB,eAAe,MAAM,kBAAkB;AAEnE,WAAO,EAAE,SAAS,MAAM,SAAS,iCAAiC,MAAM,eAAe,KAAK;AAAA,EAE9F,SAAS,OAAO;AAEd,QAAI,iBAAiB,OAAO;AAC1B,cAAQ,MAAM,SAAS;AAAA,QACrB,KAAK;AACH,gBAAM,IAAI,MAAM,4CAA4C;AAAA,QAC9D,KAAK;AACD,gBAAM,IAAI,MAAM,+CAA+C;AAAA,QACnE,KAAK;AACH,gBAAM,IAAI,MAAM,8BAA8B;AAAA,QAChD,KAAK;AACH,gBAAM,IAAI,MAAM,wBAAwB;AAAA,QAC1C,KAAK;AACH,gBAAM,IAAI,MAAM,0CAA0C;AAAA,QAC5D,KAAK;AACH,gBAAM,IAAI,MAAM,uBAAuB;AAAA,QACzC;AACE,gBAAM,IAAI,MAAM,MAAM,OAAO;AAAA,MACjC;AAAA,IACF;AACA,UAAM,IAAI,MAAM,0BAA0B;AAAA,EAC5C;AACF;AAGA,eAAsB,gBAAgB,OAAe,UAA2C;AAC9F,QAAM,OAAO,eAAe;AAC5B,MAAI;AACJ,UAAM,iBAAiB,MAAM,2BAA2B,MAAM,OAAO,QAAQ;AAC7E,UAAM,OAAO,eAAe;AAC5B,WAAO;AAAA,MACH,SAAS;AAAA,MACT,SAAS;AAAA,MACT,MAAM,eAAe;AAAA,MACrB,OAAO,CAAC,KAAK,gBAAgB,OAAO,wBAAwB;AAAA,IAC9D;AAAA,EAEJ,SAAS,OAAM;AACb,UAAM,eAAe,iBAAiB,QAAQ,MAAM,UAAU;AAC9D,UAAM,IAAI,MAAM,YAAY;AAAA,EAC9B;AACA;AAEA,eAAsB,2BAA2B;AAC/C,QAAM,OAAO,eAAe;AAC5B,QAAM,WAAW,IAAI,mBAAmB;AACxC,WAAS,oBAAoB;AAAA,IAC3B,YAAY;AAAA,IACZ,QAAQ;AAAA,EACV,CAAC;AAED,MAAI;AACF,UAAM,mBAAmB,MAAM,QAAQ;AACvC,WAAO,EAAE,SAAS,MAAM,SAAS,qBAAqB;AAAA,EACxD,SAAS,OAAO;AACd,YAAQ,MAAM,gCAAgC,KAAK;AACnD,WAAO,EAAE,SAAS,OAAO,OAAO,gCAAgC;AAAA,EAClE;AACF;AAGA,eAAsB,sBAAsB;AAC1C,QAAM,OAAO,eAAe;AAC5B,QAAM,WAAW,IAAI,cAAc,eAAe;AAClD,WAAS,oBAAoB;AAAA,IAC3B,QAAQ;AAAA,EACV,CAAC;AAED,MAAI;AACF,UAAM,mBAAmB,MAAM,QAAQ;AACvC,WAAO,EAAE,SAAS,MAAM,SAAS,qBAAqB;AAAA,EACxD,SAAS,OAAO;AACd,YAAQ,MAAM,gCAAgC,KAAK;AACnD,WAAO,EAAE,SAAS,OAAO,OAAO,gCAAgC;AAAA,EAClE;AACF;AAGA,eAAsB,2BAA2B;AAC/C,QAAM,OAAO,eAAe;AAC5B,MAAI;AACF,UAAM,SAAS,MAAM,kBAAkB,IAAI;AAC3C,QAAI,QAAQ;AACV,YAAM,OAAO,OAAO;AACpB,aAAO,EAAE,SAAS,MAAM,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,EAAE,SAAS,OAAO,OAAO,qBAAqB;AAAA,IACvD;AAAA,EACF,SAAS,OAAY;AACnB,YAAQ,MAAM,wCAAwC,KAAK;AAC3D,WAAO,EAAE,SAAS,OAAO,OAAO,MAAM,WAAW,kCAAkC,MAAM,MAAM,KAAK;AAAA,EACtG;AACF;AAGA,eAAsB,0BAA0B;AAC9C,QAAM,OAAO,eAAe;AAC5B,MAAI;AACF,UAAM,OAAO,KAAK;AAClB,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,MAAM,6CAA6C;AAAA,IAC/D;AAEA,UAAM,KAAK,OAAO;AAElB,QAAI,KAAK,eAAe;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS;AAAA,QACT,YAAY;AAAA,MACd;AAAA,IACF;AAEA,UAAM,qBAAqB;AAAA,MACzB,KAAK,GAAG,OAAO,SAAS,MAAM;AAAA,MAC9B,iBAAiB;AAAA,IACnB;AAEA,UAAM,sBAAsB,MAAM,kBAAkB;AACpD,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS;AAAA,MACT,YAAY;AAAA,IACb;AAAA,EACD,SAAS,OAAO;AACd,QAAI,iBAAiB,OAAO;AAC1B,cAAQ,MAAM,SAAS;AAAA,QACrB,KAAK;AACH,gBAAM,IAAI,MAAM,4CAA4C;AAAA,QAC9D,KAAK;AACD,gBAAM,IAAI,MAAM,+CAA+C;AAAA,QACnE,KAAK;AACH,gBAAM,IAAI,MAAM,8BAA8B;AAAA,QAChD,KAAK;AACH,gBAAM,IAAI,MAAM,wBAAwB;AAAA,QAC1C,KAAK;AACH,gBAAM,IAAI,MAAM,0CAA0C;AAAA,QAC5D,KAAK;AACH,gBAAM,IAAI,MAAM,uBAAuB;AAAA,QACzC;AACE,gBAAM,IAAI,MAAM,MAAM,OAAO;AAAA,MACjC;AAAA,IACF;AACA,UAAM,IAAI,MAAM,sCAAsC;AAAA,EACxD;AACJ;","names":[]}
+{"version":3,"sources":["../../../../src/app-router/client/actions.ts"],"sourcesContent":["import { TernSecureAuth } from '../../utils/client-init'\nimport { \n  signInWithEmailAndPassword, \n  signInWithRedirect, \n  getRedirectResult, \n  GoogleAuthProvider, \n  OAuthProvider, \n  createUserWithEmailAndPassword, \n  sendEmailVerification } from 'firebase/auth'\nimport type { SignInResponse } from '../../types'\nimport { handleFirebaseAuthError } from '../../errors'\n\n\nexport async function createUser(email: string, password: string): Promise<SignInResponse> {\n  const auth = TernSecureAuth()\n  try {\n    \n    const actionCodeSettings = {\n      url: `${window.location.origin}/sign-in`,\n      handleCodeInApp: true\n    };\n\n    const userCredential = await createUserWithEmailAndPassword(auth, email, password);\n\n    await sendEmailVerification(userCredential.user, actionCodeSettings)\n    \n    return { \n      success: true, \n      message: 'Account created successfully. Please check your email for verification', \n      user: userCredential.user \n    };\n\n  } catch (error) {\n    const authError = handleFirebaseAuthError(error)\n    return { \n      success: false, \n      message: authError.message, \n      error: authError.code,\n      user: null\n     }\n  }\n}\n\n\nexport async function signInWithEmail(email: string, password: string): Promise<SignInResponse> {\n  const auth = TernSecureAuth()\n  try {\n  const UserCredential = await signInWithEmailAndPassword(auth, email, password)\n  const user = UserCredential.user\n  \n  return { \n    success: true, \n    message: 'Authentication successful',\n    user: user,\n    error: !user.emailVerified ? 'REQUIRES_VERIFICATION' : 'AUTHENTICATED'\n  };\n\n} catch (error){\n  const authError = handleFirebaseAuthError(error)\n  return { \n    success: false,\n    message: authError.message,\n    error: authError.code,\n    user: null\n  }\n}\n}\n\nexport async function signInWithRedirectGoogle() {\n  const auth = TernSecureAuth()\n  const provider = new GoogleAuthProvider()\n  provider.setCustomParameters({\n    login_hint: 'user@example.com',\n    prompt: 'select_account'\n  })\n\n  try {\n    await signInWithRedirect(auth, provider)\n    return { success: true, message: 'Redirect initiated' }\n  } catch (error) {\n    const authError = handleFirebaseAuthError(error)\n    return {\n      success: false,\n      message: authError.message,\n      error: authError.code,\n      user: null\n    }\n  }\n}\n\n\nexport async function signInWithMicrosoft() {\n  const auth = TernSecureAuth()\n  const provider = new OAuthProvider('microsoft.com')\n  provider.setCustomParameters({\n    prompt: 'consent'\n  })\n\n  try {\n    await signInWithRedirect(auth, provider)\n    return { success: true, message: 'Redirect initiated' }\n  } catch (error) {\n    const authError = handleFirebaseAuthError(error)\n    return {\n      success: false, \n      message: authError.message,\n      error: authError.code,\n      user: null\n    }\n  }\n}\n\n\nexport async function handleAuthRedirectResult() {\n  const auth = TernSecureAuth()\n  try {\n    const result = await getRedirectResult(auth)\n    if (result) {\n      const user = result.user\n      return { success: true, user }\n    } else {\n      return { success: false, error: 'No redirect result' }\n    }\n  } catch (error: any) {\n    const authError = handleFirebaseAuthError(error)\n    return {\n      success: false,\n      message: authError.message,\n      error: authError.code,\n      user: null\n    }\n  }\n}\n\n\nexport async function resendEmailVerification() {\n  const auth = TernSecureAuth()\n  try {\n    const user = auth.currentUser;\n    if (!user) {\n      throw new Error('No user found. Please try signing up again.');\n    }\n\n    await user.reload();\n\n    if (user.emailVerified) {\n      return { \n        success: true, \n        message: 'Email is already verified. You can sign in.',\n        isVerified: true \n      };\n    }\n\n    const actionCodeSettings = {\n      url: `${window.location.origin}/sign-in`,\n      handleCodeInApp: true,\n    };\n\n    await sendEmailVerification(user, actionCodeSettings);\n    return { \n      success: true, \n      message: 'Verification email sent successfully.',\n      isVerified: false\n     };\n    } catch (error) {\n      const authError = handleFirebaseAuthError(error)\n      return {\n        success: false,\n        message: authError.message,\n        error: authError.code,\n        user: null\n      }\n    }\n}"],"mappings":"AAAA,SAAS,sBAAsB;AAC/B;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OAA6B;AAE/B,SAAS,+BAA+B;AAGxC,eAAsB,WAAW,OAAe,UAA2C;AACzF,QAAM,OAAO,eAAe;AAC5B,MAAI;AAEF,UAAM,qBAAqB;AAAA,MACzB,KAAK,GAAG,OAAO,SAAS,MAAM;AAAA,MAC9B,iBAAiB;AAAA,IACnB;AAEA,UAAM,iBAAiB,MAAM,+BAA+B,MAAM,OAAO,QAAQ;AAEjF,UAAM,sBAAsB,eAAe,MAAM,kBAAkB;AAEnE,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS;AAAA,MACT,MAAM,eAAe;AAAA,IACvB;AAAA,EAEF,SAAS,OAAO;AACd,UAAM,YAAY,wBAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACP;AAAA,EACH;AACF;AAGA,eAAsB,gBAAgB,OAAe,UAA2C;AAC9F,QAAM,OAAO,eAAe;AAC5B,MAAI;AACJ,UAAM,iBAAiB,MAAM,2BAA2B,MAAM,OAAO,QAAQ;AAC7E,UAAM,OAAO,eAAe;AAE5B,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS;AAAA,MACT;AAAA,MACA,OAAO,CAAC,KAAK,gBAAgB,0BAA0B;AAAA,IACzD;AAAA,EAEF,SAAS,OAAM;AACb,UAAM,YAAY,wBAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACR;AAAA,EACF;AACA;AAEA,eAAsB,2BAA2B;AAC/C,QAAM,OAAO,eAAe;AAC5B,QAAM,WAAW,IAAI,mBAAmB;AACxC,WAAS,oBAAoB;AAAA,IAC3B,YAAY;AAAA,IACZ,QAAQ;AAAA,EACV,CAAC;AAED,MAAI;AACF,UAAM,mBAAmB,MAAM,QAAQ;AACvC,WAAO,EAAE,SAAS,MAAM,SAAS,qBAAqB;AAAA,EACxD,SAAS,OAAO;AACd,UAAM,YAAY,wBAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACR;AAAA,EACF;AACF;AAGA,eAAsB,sBAAsB;AAC1C,QAAM,OAAO,eAAe;AAC5B,QAAM,WAAW,IAAI,cAAc,eAAe;AAClD,WAAS,oBAAoB;AAAA,IAC3B,QAAQ;AAAA,EACV,CAAC;AAED,MAAI;AACF,UAAM,mBAAmB,MAAM,QAAQ;AACvC,WAAO,EAAE,SAAS,MAAM,SAAS,qBAAqB;AAAA,EACxD,SAAS,OAAO;AACd,UAAM,YAAY,wBAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACR;AAAA,EACF;AACF;AAGA,eAAsB,2BAA2B;AAC/C,QAAM,OAAO,eAAe;AAC5B,MAAI;AACF,UAAM,SAAS,MAAM,kBAAkB,IAAI;AAC3C,QAAI,QAAQ;AACV,YAAM,OAAO,OAAO;AACpB,aAAO,EAAE,SAAS,MAAM,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,EAAE,SAAS,OAAO,OAAO,qBAAqB;AAAA,IACvD;AAAA,EACF,SAAS,OAAY;AACnB,UAAM,YAAY,wBAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACR;AAAA,EACF;AACF;AAGA,eAAsB,0BAA0B;AAC9C,QAAM,OAAO,eAAe;AAC5B,MAAI;AACF,UAAM,OAAO,KAAK;AAClB,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,MAAM,6CAA6C;AAAA,IAC/D;AAEA,UAAM,KAAK,OAAO;AAElB,QAAI,KAAK,eAAe;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS;AAAA,QACT,YAAY;AAAA,MACd;AAAA,IACF;AAEA,UAAM,qBAAqB;AAAA,MACzB,KAAK,GAAG,OAAO,SAAS,MAAM;AAAA,MAC9B,iBAAiB;AAAA,IACnB;AAEA,UAAM,sBAAsB,MAAM,kBAAkB;AACpD,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS;AAAA,MACT,YAAY;AAAA,IACb;AAAA,EACD,SAAS,OAAO;AACd,UAAM,YAAY,wBAAwB,KAAK;AAC/C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,UAAU;AAAA,MACnB,OAAO,UAAU;AAAA,MACjB,MAAM;AAAA,IACR;AAAA,EACF;AACJ;","names":[]}

package/dist/esm/app-router/route-handler/internal-route.js

@@ -9,6 +9,15 @@ const internalRoutes = {
     component: Verify
   }
 };
+function isInternalRoute(pathname) {
+  return Object.values(internalRoutes).some((route) => route.pattern.test(pathname));
+}
+function isAuthRoute(pathname) {
+  return pathname.startsWith("/sign-in") || pathname.startsWith("/sign-up");
+}
+function isBaseAuthRoute(pathname) {
+  return pathname === "/sign-in" || pathname === "/sign-up";
+}
 function handleInternalRoute(pathname) {
   for (const [key, route] of Object.entries(internalRoutes)) {
     if (route.pattern.test(pathname)) {
@@ -19,6 +28,9 @@ function handleInternalRoute(pathname) {
 }
 export {
   handleInternalRoute,
-  internalRoutes
+  internalRoutes,
+  isAuthRoute,
+  isBaseAuthRoute,
+  isInternalRoute
 };
 //# sourceMappingURL=internal-route.js.map

package/dist/esm/app-router/route-handler/internal-route.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/app-router/route-handler/internal-route.tsx"],"sourcesContent":["import { Verify } from \"../../components/verify\"\n\n// Internal route mapping\nexport const internalRoutes = {\n  signUpVerify: {\n    pattern: /^\\/sign-up\\/verify$/,\n    component: Verify,\n  },\n  signInVerify: {\n    pattern: /^\\/sign-in\\/verify$/,\n    component: Verify,\n  },\n}\n\n// Internal route handler\nexport function handleInternalRoute(pathname: string) {\n  for (const [key, route] of Object.entries(internalRoutes)) {\n    if (route.pattern.test(pathname)) {\n      return route.component\n    }\n  }\n  return null\n}\n\n"],"mappings":"AAAA,SAAS,cAAc;AAGhB,MAAM,iBAAiB;AAAA,EAC5B,cAAc;AAAA,IACZ,SAAS;AAAA,IACT,WAAW;AAAA,EACb;AAAA,EACA,cAAc;AAAA,IACZ,SAAS;AAAA,IACT,WAAW;AAAA,EACb;AACF;AAGO,SAAS,oBAAoB,UAAkB;AACpD,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,cAAc,GAAG;AACzD,QAAI,MAAM,QAAQ,KAAK,QAAQ,GAAG;AAChC,aAAO,MAAM;AAAA,IACf;AAAA,EACF;AACA,SAAO;AACT;","names":[]}
+{"version":3,"sources":["../../../../src/app-router/route-handler/internal-route.tsx"],"sourcesContent":["import { Verify } from \"../../components/verify\"\n\n// Internal route mapping\nexport const internalRoutes = {\n  signUpVerify: {\n    pattern: /^\\/sign-up\\/verify$/,\n    component: Verify,\n  },\n  signInVerify: {\n    pattern: /^\\/sign-in\\/verify$/,\n    component: Verify,\n  },\n}\n\n// Check if path is an internal route\nexport function isInternalRoute(pathname: string): boolean {\n  return Object.values(internalRoutes).some((route) => route.pattern.test(pathname))\n}\n\n// Check if path is within auth routes\nexport function isAuthRoute(pathname: string): boolean {\n  return pathname.startsWith(\"/sign-in\") || pathname.startsWith(\"/sign-up\")\n}\n\n// Check if path is exactly the base auth route\nexport function isBaseAuthRoute(pathname: string): boolean {\n  return pathname === \"/sign-in\" || pathname === \"/sign-up\"\n}\n\n// Internal route handler\nexport function handleInternalRoute(pathname: string) {\n  for (const [key, route] of Object.entries(internalRoutes)) {\n    if (route.pattern.test(pathname)) {\n      return route.component\n    }\n  }\n  return null\n}"],"mappings":"AAAA,SAAS,cAAc;AAGhB,MAAM,iBAAiB;AAAA,EAC5B,cAAc;AAAA,IACZ,SAAS;AAAA,IACT,WAAW;AAAA,EACb;AAAA,EACA,cAAc;AAAA,IACZ,SAAS;AAAA,IACT,WAAW;AAAA,EACb;AACF;AAGO,SAAS,gBAAgB,UAA2B;AACzD,SAAO,OAAO,OAAO,cAAc,EAAE,KAAK,CAAC,UAAU,MAAM,QAAQ,KAAK,QAAQ,CAAC;AACnF;AAGO,SAAS,YAAY,UAA2B;AACrD,SAAO,SAAS,WAAW,UAAU,KAAK,SAAS,WAAW,UAAU;AAC1E;AAGO,SAAS,gBAAgB,UAA2B;AACzD,SAAO,aAAa,cAAc,aAAa;AACjD;AAGO,SAAS,oBAAoB,UAAkB;AACpD,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,cAAc,GAAG;AACzD,QAAI,MAAM,QAAQ,KAAK,QAAQ,GAAG;AAChC,aAAO,MAAM;AAAA,IACf;AAAA,EACF;AACA,SAAO;AACT;","names":[]}

package/dist/esm/boundary/TernSecureClientProvider.js

@@ -4,14 +4,20 @@ import { useState, useEffect, useMemo, useCallback } from "react";
 import { ternSecureAuth } from "../utils/client-init";
 import { onAuthStateChanged } from "firebase/auth";
 import { TernSecureCtx } from "./TernSecureCtx";
-import { useRouter } from "next/navigation";
+import { useRouter, usePathname } from "next/navigation";
+import { isBaseAuthRoute, isInternalRoute, isAuthRoute } from "../app-router/route-handler/internal-route";
+import { hasRedirectLoop } from "../utils/construct";
 function TernSecureClientProvider({
   children,
-  loginPath = "/sign-in",
-  loadingComponent
+  loginPath = process.env.NEXT_PUBLIC_SIGN_IN_PATH || "/sign-in",
+  signUpPath = process.env.NEXT_PUBLIC_SIGN_UP_PATH || "/sign-up",
+  loadingComponent,
+  requiresVerification
 }) {
   const auth = useMemo(() => ternSecureAuth, []);
   const router = useRouter();
+  const pathname = usePathname();
+  const [isRedirecting, setIsRedirecting] = useState(false);
   const [authState, setAuthState] = useState(() => ({
     userId: null,
     isLoaded: false,
@@ -20,9 +26,58 @@ function TernSecureClientProvider({
     isVerified: false,
     isAuthenticated: false,
     token: null,
-    email: null
+    email: null,
+    status: "loading",
+    requiresVerification
   }));
+  const constructUrlWithRedirect = useCallback(
+    (loginPath2, currentPath, loginPathParam, signUpPathParam) => {
+      const baseUrl = window.location.origin;
+      const signInUrl = new URL(loginPath2, baseUrl);
+      if (!currentPath.includes(loginPathParam) && !currentPath.includes(signUpPathParam)) {
+        signInUrl.searchParams.set("redirect", currentPath);
+      }
+      return signInUrl.toString();
+    },
+    []
+  );
+  const shouldRedirect = useCallback(
+    (pathname2, isVerified) => {
+      const searchParams = new URLSearchParams(window.location.search);
+      if (isBaseAuthRoute(pathname2) && !searchParams.has("redirect")) {
+        return false;
+      }
+      if (isInternalRoute(pathname2)) {
+        return false;
+      }
+      if (isAuthRoute(pathname2) && (!requiresVerification || isVerified)) {
+        return false;
+      }
+      return true;
+    },
+    [requiresVerification]
+  );
+  const redirectToLogin = useCallback(
+    (currentPath) => {
+      const path = currentPath || pathname || "/";
+      if (isInternalRoute(path)) {
+        return;
+      }
+      if (hasRedirectLoop(path, loginPath)) {
+        return;
+      }
+      setIsRedirecting(true);
+      const loginUrl = constructUrlWithRedirect(loginPath, path, loginPath, signUpPath);
+      if (process.env.NODE_ENV === "production") {
+        window.location.href = loginUrl;
+      } else {
+        router.push(loginUrl);
+      }
+    },
+    [router, loginPath, signUpPath, pathname, constructUrlWithRedirect]
+  );
   const handleSignOut = useCallback(async (error) => {
+    const currentPath = window.location.pathname;
     await auth.signOut();
     setAuthState({
       isLoaded: true,
@@ -32,56 +87,124 @@ function TernSecureClientProvider({
       token: null,
       email: null,
       isVerified: false,
-      isAuthenticated: false
+      isAuthenticated: false,
+      status: "unauthenticated",
+      requiresVerification
     });
-    router.push(loginPath);
-  }, [auth, router, loginPath]);
+    redirectToLogin(currentPath);
+  }, [auth, redirectToLogin, requiresVerification]);
   const setEmail = useCallback((email) => {
     setAuthState((prev) => ({
       ...prev,
       email
     }));
   }, []);
+  const getAuthError = useCallback(() => {
+    if (authState.error) {
+      const error = authState.error;
+      return {
+        success: false,
+        message: error.message,
+        error: error.code,
+        user: null
+      };
+    }
+    if (authState.requiresVerification && authState.isValid && !authState.isVerified) {
+      return {
+        success: false,
+        message: "Email verification required",
+        error: "EMAIL_NOT_VERIFIED",
+        user: null
+      };
+    }
+    if (!authState.isAuthenticated && authState.status !== "loading") {
+      return {
+        success: false,
+        message: "User is not authenticated",
+        error: "AUTHENTICATED",
+        user: null
+      };
+    }
+    return {
+      success: true,
+      user: ternSecureAuth.currentUser
+    };
+  }, [
+    authState.error,
+    authState.isValid,
+    authState.isVerified,
+    authState.isAuthenticated,
+    authState.status,
+    authState.requiresVerification
+  ]);
   useEffect(() => {
-    const unsubscribe = onAuthStateChanged(auth, async (user) => {
-      if (user) {
-        const isValid = !!user.uid;
-        const isVerified = user.emailVerified;
-        setAuthState({
-          isLoaded: true,
-          userId: user.uid,
-          isValid,
-          isVerified,
-          isAuthenticated: isValid && isVerified,
-          token: user.getIdToken(),
-          error: null,
-          email: user.email
-        });
-      } else {
-        setAuthState({
-          isLoaded: true,
-          userId: null,
-          isValid: false,
-          isVerified: false,
-          isAuthenticated: false,
-          token: null,
-          error: new Error("User is not authenticated"),
-          email: null
-        });
-        if (!window.location.pathname.includes("/sign-up")) {
-          router.push(loginPath);
+    let mounted = true;
+    let initialLoad = true;
+    const unsubscribe = onAuthStateChanged(
+      auth,
+      async (user) => {
+        if (!mounted) return;
+        try {
+          if (user) {
+            const isValid = !!user.uid;
+            const isVerified = user.emailVerified;
+            const isAuthenticated = isValid && (!requiresVerification || isVerified);
+            setAuthState({
+              isLoaded: true,
+              userId: user.uid,
+              isValid,
+              isVerified,
+              isAuthenticated: isValid && isVerified,
+              token: user.getIdToken(),
+              error: null,
+              email: user.email,
+              status: isAuthenticated ? "authenticated" : "unverified",
+              requiresVerification
+            });
+            if (requiresVerification && !isVerified && shouldRedirect(pathname || "", isVerified)) {
+              if (initialLoad || !isRedirecting) {
+                redirectToLogin(pathname);
+              }
+            }
+          } else {
+            setAuthState({
+              isLoaded: true,
+              userId: null,
+              isValid: false,
+              isVerified: false,
+              isAuthenticated: false,
+              token: null,
+              error: null,
+              email: null,
+              status: "unauthenticated",
+              requiresVerification
+            });
+            if (shouldRedirect(pathname || "", false) && initialLoad) {
+              redirectToLogin();
+            }
+          }
+        } catch (error) {
+          console.error("Auth state change error:", error);
+          if (mounted) {
+            handleSignOut(error instanceof Error ? error : new Error("Authentication error occurred"));
+          }
+        } finally {
+          initialLoad = false;
         }
       }
-    }, (error) => {
-      handleSignOut(error instanceof Error ? error : new Error("Authentication error occurred"));
-    });
-    return () => unsubscribe();
-  }, [auth, handleSignOut, router, loginPath]);
+    );
+    return () => {
+      mounted = false;
+      unsubscribe();
+    };
+  }, [auth, handleSignOut, redirectToLogin, requiresVerification, pathname, isRedirecting, shouldRedirect]);
   const contextValue = useMemo(() => ({
     ...authState,
     signOut: handleSignOut,
-    setEmail
-  }), [authState, auth, handleSignOut, setEmail]);
+    setEmail,
+    getAuthError,
+    redirectToLogin
+  }), [authState, handleSignOut, setEmail, getAuthError, redirectToLogin]);
   if (!authState.isLoaded) {
     return /* @__PURE__ */ jsx(TernSecureCtx.Provider, { value: contextValue, children: loadingComponent || /* @__PURE__ */ jsx("div", { "aria-live": "polite", "aria-busy": "true", children: /* @__PURE__ */ jsx("span", { className: "sr-only", children: "Loading authentication state..." }) }) });
   }

package/dist/esm/boundary/TernSecureClientProvider.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/boundary/TernSecureClientProvider.tsx"],"sourcesContent":["\"use client\"\n\nimport React, { useState, useEffect, useMemo, useCallback } from 'react'\nimport { ternSecureAuth } from '../utils/client-init'\nimport { onAuthStateChanged, User } from \"firebase/auth\"\nimport { TernSecureCtx, TernSecureCtxValue } from './TernSecureCtx'\nimport { type TernSecureState } from '../types'\nimport { useRouter } from 'next/navigation'\n\ninterface TernSecureClientProviderProps {\n  children: React.ReactNode;\n  onUserChanged?: (user: User | null) => Promise<void>;\n  loginPath?: string;\n  loadingComponent?: React.ReactNode;\n}\n\nexport function TernSecureClientProvider({ \n  children, \n  loginPath = '/sign-in',\n  loadingComponent\n}: TernSecureClientProviderProps) {\n  const auth = useMemo(() => ternSecureAuth, []);\n  const router = useRouter();\n  const [authState, setAuthState] = useState<TernSecureState>(() => ({\n    userId: null,\n    isLoaded: false,\n    error: null,\n    isValid: false,\n    isVerified: false,\n    isAuthenticated: false,\n    token: null,\n    email: null,\n  }));\n\n  const handleSignOut = useCallback(async (error?: Error) => {\n    await auth.signOut();\n    setAuthState({\n      isLoaded: true,\n      userId: null,\n      error: error || null,\n      isValid: false,\n      token: null,\n      email: null,\n      isVerified: false,\n      isAuthenticated: false,\n    });\n    router.push(loginPath);\n  }, [auth, router, loginPath]);\n\n  const setEmail = useCallback((email: string) => {\n    setAuthState((prev) => ({\n      ...prev,\n      email,\n    }))\n  }, [])\n\nuseEffect(() => {\n    const unsubscribe = onAuthStateChanged(auth, async (user: User | null) => {\n      if (user) {\n        const isValid = !!user.uid;\n        const isVerified = user.emailVerified;\n        setAuthState({\n          isLoaded: true,\n          userId: user.uid,\n          isValid,\n          isVerified,\n          isAuthenticated: isValid && isVerified,\n          token: user.getIdToken(),\n          error: null,\n          email: user.email,\n        })\n      } else {\n        setAuthState({\n          isLoaded: true,\n          userId: null,\n          isValid: false,\n          isVerified: false,\n          isAuthenticated: false,\n          token: null,\n          error: new Error('User is not authenticated'),\n          email: null,\n        })\n        if (!window.location.pathname.includes(\"/sign-up\")) {\n          router.push(loginPath)\n        }\n      }\n    }, (error) => {\n      handleSignOut(error instanceof Error ? error : new Error('Authentication error occurred'));\n    })\n    \n    return () => unsubscribe()\n  }, [auth, handleSignOut, router, loginPath])\n\n  const contextValue: TernSecureCtxValue = useMemo(() => ({\n    ...authState,\n    signOut: handleSignOut,\n    setEmail\n  }), [authState, auth, handleSignOut, setEmail]);\n\n  if (!authState.isLoaded) {\n    return (\n      <TernSecureCtx.Provider value={contextValue}>\n        {loadingComponent || (\n          <div aria-live=\"polite\" aria-busy=\"true\">\n            <span className=\"sr-only\">Loading authentication state...</span>\n          </div>\n        )}\n      </TernSecureCtx.Provider>\n    );\n  }\n\n  return (\n      <TernSecureCtx.Provider value={contextValue}>\n       {children}\n      </TernSecureCtx.Provider>\n  )\n}"],"mappings":";AAwGY;AAtGZ,SAAgB,UAAU,WAAW,SAAS,mBAAmB;AACjE,SAAS,sBAAsB;AAC/B,SAAS,0BAAgC;AACzC,SAAS,qBAAyC;AAElD,SAAS,iBAAiB;AASnB,SAAS,yBAAyB;AAAA,EACvC;AAAA,EACA,YAAY;AAAA,EACZ;AACF,GAAkC;AAChC,QAAM,OAAO,QAAQ,MAAM,gBAAgB,CAAC,CAAC;AAC7C,QAAM,SAAS,UAAU;AACzB,QAAM,CAAC,WAAW,YAAY,IAAI,SAA0B,OAAO;AAAA,IACjE,QAAQ;AAAA,IACR,UAAU;AAAA,IACV,OAAO;AAAA,IACP,SAAS;AAAA,IACT,YAAY;AAAA,IACZ,iBAAiB;AAAA,IACjB,OAAO;AAAA,IACP,OAAO;AAAA,EACT,EAAE;AAEF,QAAM,gBAAgB,YAAY,OAAO,UAAkB;AACzD,UAAM,KAAK,QAAQ;AACnB,iBAAa;AAAA,MACX,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,OAAO,SAAS;AAAA,MAChB,SAAS;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,YAAY;AAAA,MACZ,iBAAiB;AAAA,IACnB,CAAC;AACD,WAAO,KAAK,SAAS;AAAA,EACvB,GAAG,CAAC,MAAM,QAAQ,SAAS,CAAC;AAE5B,QAAM,WAAW,YAAY,CAAC,UAAkB;AAC9C,iBAAa,CAAC,UAAU;AAAA,MACtB,GAAG;AAAA,MACH;AAAA,IACF,EAAE;AAAA,EACJ,GAAG,CAAC,CAAC;AAEP,YAAU,MAAM;AACZ,UAAM,cAAc,mBAAmB,MAAM,OAAO,SAAsB;AACxE,UAAI,MAAM;AACR,cAAM,UAAU,CAAC,CAAC,KAAK;AACvB,cAAM,aAAa,KAAK;AACxB,qBAAa;AAAA,UACX,UAAU;AAAA,UACV,QAAQ,KAAK;AAAA,UACb;AAAA,UACA;AAAA,UACA,iBAAiB,WAAW;AAAA,UAC5B,OAAO,KAAK,WAAW;AAAA,UACvB,OAAO;AAAA,UACP,OAAO,KAAK;AAAA,QACd,CAAC;AAAA,MACH,OAAO;AACL,qBAAa;AAAA,UACX,UAAU;AAAA,UACV,QAAQ;AAAA,UACR,SAAS;AAAA,UACT,YAAY;AAAA,UACZ,iBAAiB;AAAA,UACjB,OAAO;AAAA,UACP,OAAO,IAAI,MAAM,2BAA2B;AAAA,UAC5C,OAAO;AAAA,QACT,CAAC;AACD,YAAI,CAAC,OAAO,SAAS,SAAS,SAAS,UAAU,GAAG;AAClD,iBAAO,KAAK,SAAS;AAAA,QACvB;AAAA,MACF;AAAA,IACF,GAAG,CAAC,UAAU;AACZ,oBAAc,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,+BAA+B,CAAC;AAAA,IAC3F,CAAC;AAED,WAAO,MAAM,YAAY;AAAA,EAC3B,GAAG,CAAC,MAAM,eAAe,QAAQ,SAAS,CAAC;AAE3C,QAAM,eAAmC,QAAQ,OAAO;AAAA,IACtD,GAAG;AAAA,IACH,SAAS;AAAA,IACT;AAAA,EACF,IAAI,CAAC,WAAW,MAAM,eAAe,QAAQ,CAAC;AAE9C,MAAI,CAAC,UAAU,UAAU;AACvB,WACE,oBAAC,cAAc,UAAd,EAAuB,OAAO,cAC5B,8BACC,oBAAC,SAAI,aAAU,UAAS,aAAU,QAChC,8BAAC,UAAK,WAAU,WAAU,6CAA+B,GAC3D,GAEJ;AAAA,EAEJ;AAEA,SACI,oBAAC,cAAc,UAAd,EAAuB,OAAO,cAC7B,UACF;AAEN;","names":[]}
+{"version":3,"sources":["../../../src/boundary/TernSecureClientProvider.tsx"],"sourcesContent":["\"use client\"\n\nimport React, { useState, useEffect, useMemo, useCallback } from 'react'\nimport { ternSecureAuth } from '../utils/client-init'\nimport { onAuthStateChanged, User } from \"firebase/auth\"\nimport { TernSecureCtx, TernSecureCtxValue } from './TernSecureCtx'\nimport type { TernSecureState, AuthError, SignInResponse } from \"../types\"\nimport type { ERRORS } from '../errors'\nimport { useRouter, usePathname } from 'next/navigation'\nimport { isBaseAuthRoute, isInternalRoute, isAuthRoute} from '../app-router/route-handler/internal-route'\nimport { hasRedirectLoop } from '../utils/construct'\n\n\n\n/**\n * @internal\n * Internal provider props - not meant for direct usage\n */\ninterface TernSecureClientProviderProps {\n  children: React.ReactNode\n  /** Callback when user state changes */\n  onUserChanged?: (user: User | null) => Promise<void>\n  /** Login page path */\n  loginPath?: string\n  /** Signup page path */\n  signUpPath?: string\n  /** Custom loading component */\n  loadingComponent?: React.ReactNode\n  /** Whether email verification is required */\n  requiresVerification: boolean\n}\n\n/**\n * @internal\n * Internal provider component that handles authentication state\n * This is wrapped by the public TernSecureProvider\n */\n\nexport function TernSecureClientProvider({ \n  children, \n  loginPath = process.env.NEXT_PUBLIC_SIGN_IN_PATH || '/sign-in',\n  signUpPath = process.env.NEXT_PUBLIC_SIGN_UP_PATH || '/sign-up',\n  loadingComponent,\n  requiresVerification,\n}: TernSecureClientProviderProps) {\n  const auth = useMemo(() => ternSecureAuth, []);\n  const router = useRouter();\n  const pathname = usePathname() // Get current pathname\n  const [isRedirecting, setIsRedirecting] = useState(false)\n\n  const [authState, setAuthState] = useState<TernSecureState>(() => ({\n    userId: null,\n    isLoaded: false,\n    error: null,\n    isValid: false,\n    isVerified: false,\n    isAuthenticated: false,\n    token: null,\n    email: null,\n    status: \"loading\",\n    requiresVerification,\n  }));\n\n  const constructUrlWithRedirect = useCallback(\n    (loginPath: string, currentPath: string, loginPathParam: string, signUpPathParam: string): string => {\n      const baseUrl = window.location.origin\n      const signInUrl = new URL(loginPath, baseUrl)\n\n      // Only add redirect if not already on login or signup page\n      if (!currentPath.includes(loginPathParam) && !currentPath.includes(signUpPathParam)) {\n        signInUrl.searchParams.set(\"redirect\", currentPath)\n      }\n      return signInUrl.toString()\n    },\n    [],\n  )\n\n\n  const shouldRedirect = useCallback(\n    (pathname: string, isVerified: boolean) => {\n      // Get current search params\n      const searchParams = new URLSearchParams(window.location.search)\n\n      // Don't redirect if we're on the base sign-in page with no redirect param\n      if (isBaseAuthRoute(pathname) && !searchParams.has(\"redirect\")) {\n        return false\n      }\n\n      // Don't redirect if we're on an internal route\n      if (isInternalRoute(pathname)) {\n        return false\n      }\n\n      // Don't redirect if we're in auth routes (except when handling verification)\n      if (isAuthRoute(pathname) && (!requiresVerification || isVerified)) {\n        return false\n      }\n\n      return true\n    },\n    [requiresVerification],\n  )\n\n  const redirectToLogin = useCallback(\n    (currentPath?: string) => {\n      const path = currentPath || pathname || \"/\"\n\n\n      if (isInternalRoute(path)) {  // Don't redirect if we're already on an internal route\n        return\n      }\n\n       // Check for redirect loops\n      if (hasRedirectLoop(path, loginPath)) {\n        return\n      }\n\n      setIsRedirecting(true)\n\n      const loginUrl = constructUrlWithRedirect(loginPath, path, loginPath, signUpPath)\n\n      if (process.env.NODE_ENV === \"production\") {\n        window.location.href = loginUrl\n      } else {\n        // Use router.push for development\n        router.push(loginUrl)\n      }\n  }, \n  [router, loginPath, signUpPath, pathname, constructUrlWithRedirect]\n)\n\n  const handleSignOut = useCallback(async (error?: Error) => {\n    const currentPath = window.location.pathname\n    await auth.signOut();\n    setAuthState({\n      isLoaded: true,\n      userId: null,\n      error: error || null,\n      isValid: false,\n      token: null,\n      email: null,\n      isVerified: false,\n      isAuthenticated: false,\n      status: \"unauthenticated\",\n      requiresVerification,\n    })\n    redirectToLogin(currentPath)\n  }, [auth, redirectToLogin, requiresVerification])\n\n  const setEmail = useCallback((email: string) => {\n    setAuthState((prev) => ({\n      ...prev,\n      email,\n    }))\n  }, [])\n\n  const getAuthError = useCallback((): SignInResponse => {\n    if (authState.error) {\n      const error = authState.error as AuthError;\n      return {\n        success: false,\n        message: error.message,\n        error: error.code as keyof typeof ERRORS,\n        user: null,\n      }\n    }\n\n    if (authState.requiresVerification && authState.isValid && !authState.isVerified) {\n      return {\n        success: false,\n        message: 'Email verification required',\n        error: 'EMAIL_NOT_VERIFIED',\n        user: null,\n      }\n    }\n\n    if (!authState.isAuthenticated && authState.status !== \"loading\") {\n      return {\n        success: false,\n        message: 'User is not authenticated',\n        error: 'AUTHENTICATED',\n        user: null,\n      }\n    }\n\n    return {\n      success: true,\n      user: ternSecureAuth.currentUser,\n    }\n  }, [\n    authState.error,\n    authState.isValid,\n    authState.isVerified,\n    authState.isAuthenticated,\n    authState.status,\n    authState.requiresVerification,\n  ])\n\nuseEffect(() => {\n  let mounted = true\n  let initialLoad = true\n\n  const unsubscribe = onAuthStateChanged(\n    auth,\n      async (user: User | null) => {\n       if (!mounted) return\n       try {\n        if (user) {\n        const isValid = !!user.uid;\n        const isVerified = user.emailVerified;\n        const isAuthenticated = isValid && (!requiresVerification || isVerified) // Consider user authenticated if verification is not required or if email is verified\n\n        setAuthState({\n          isLoaded: true,\n          userId: user.uid,\n          isValid,\n          isVerified,\n          isAuthenticated: isValid && isVerified,\n          token: user.getIdToken(),\n          error: null,\n          email: user.email,\n          status: isAuthenticated ? \"authenticated\" : \"unverified\",\n          requiresVerification,\n        })\n       \n        if (requiresVerification && !isVerified && shouldRedirect(pathname || \"\", isVerified)) {\n          if(initialLoad || !isRedirecting) {\n            redirectToLogin(pathname)\n        }\n      }\n      } else {\n        setAuthState({\n          isLoaded: true,\n          userId: null,\n          isValid: false,\n          isVerified: false,\n          isAuthenticated: false,\n          token: null,\n          error: null,\n          email: null,\n          status: \"unauthenticated\",\n          requiresVerification,\n        })\n        \n        if (shouldRedirect(pathname || \"\", false) && initialLoad) {\n          redirectToLogin()\n        }\n      }\n    } catch (error){\n      console.error(\"Auth state change error:\", error)\n      if (mounted) {\n        handleSignOut(error instanceof Error ? error : new Error(\"Authentication error occurred\"))\n      }\n    } finally {\n      initialLoad = false\n    }\n  })\n    \n  return () => {\n    mounted = false\n    unsubscribe()\n  }\n  }, [auth, handleSignOut, redirectToLogin, requiresVerification, pathname, isRedirecting, shouldRedirect])\n\n  const contextValue: TernSecureCtxValue = useMemo(() => ({\n    ...authState,\n    signOut: handleSignOut,\n    setEmail,\n    getAuthError,\n    redirectToLogin,\n  }), [authState, handleSignOut, setEmail, getAuthError, redirectToLogin]);\n\n  if (!authState.isLoaded) {\n    return (\n      <TernSecureCtx.Provider value={contextValue}>\n        {loadingComponent || (\n          <div aria-live=\"polite\" aria-busy=\"true\">\n            <span className=\"sr-only\">Loading authentication state...</span>\n          </div>\n        )}\n      </TernSecureCtx.Provider>\n    );\n  }\n\n  return (\n      <TernSecureCtx.Provider value={contextValue}>\n       {children}\n      </TernSecureCtx.Provider>\n  )\n}"],"mappings":";AAqRY;AAnRZ,SAAgB,UAAU,WAAW,SAAS,mBAAmB;AACjE,SAAS,sBAAsB;AAC/B,SAAS,0BAAgC;AACzC,SAAS,qBAAyC;AAGlD,SAAS,WAAW,mBAAmB;AACvC,SAAS,iBAAiB,iBAAiB,mBAAkB;AAC7D,SAAS,uBAAuB;AA4BzB,SAAS,yBAAyB;AAAA,EACvC;AAAA,EACA,YAAY,QAAQ,IAAI,4BAA4B;AAAA,EACpD,aAAa,QAAQ,IAAI,4BAA4B;AAAA,EACrD;AAAA,EACA;AACF,GAAkC;AAChC,QAAM,OAAO,QAAQ,MAAM,gBAAgB,CAAC,CAAC;AAC7C,QAAM,SAAS,UAAU;AACzB,QAAM,WAAW,YAAY;AAC7B,QAAM,CAAC,eAAe,gBAAgB,IAAI,SAAS,KAAK;AAExD,QAAM,CAAC,WAAW,YAAY,IAAI,SAA0B,OAAO;AAAA,IACjE,QAAQ;AAAA,IACR,UAAU;AAAA,IACV,OAAO;AAAA,IACP,SAAS;AAAA,IACT,YAAY;AAAA,IACZ,iBAAiB;AAAA,IACjB,OAAO;AAAA,IACP,OAAO;AAAA,IACP,QAAQ;AAAA,IACR;AAAA,EACF,EAAE;AAEF,QAAM,2BAA2B;AAAA,IAC/B,CAACA,YAAmB,aAAqB,gBAAwB,oBAAoC;AACnG,YAAM,UAAU,OAAO,SAAS;AAChC,YAAM,YAAY,IAAI,IAAIA,YAAW,OAAO;AAG5C,UAAI,CAAC,YAAY,SAAS,cAAc,KAAK,CAAC,YAAY,SAAS,eAAe,GAAG;AACnF,kBAAU,aAAa,IAAI,YAAY,WAAW;AAAA,MACpD;AACA,aAAO,UAAU,SAAS;AAAA,IAC5B;AAAA,IACA,CAAC;AAAA,EACH;AAGA,QAAM,iBAAiB;AAAA,IACrB,CAACC,WAAkB,eAAwB;AAEzC,YAAM,eAAe,IAAI,gBAAgB,OAAO,SAAS,MAAM;AAG/D,UAAI,gBAAgBA,SAAQ,KAAK,CAAC,aAAa,IAAI,UAAU,GAAG;AAC9D,eAAO;AAAA,MACT;AAGA,UAAI,gBAAgBA,SAAQ,GAAG;AAC7B,eAAO;AAAA,MACT;AAGA,UAAI,YAAYA,SAAQ,MAAM,CAAC,wBAAwB,aAAa;AAClE,eAAO;AAAA,MACT;AAEA,aAAO;AAAA,IACT;AAAA,IACA,CAAC,oBAAoB;AAAA,EACvB;AAEA,QAAM,kBAAkB;AAAA,IACtB,CAAC,gBAAyB;AACxB,YAAM,OAAO,eAAe,YAAY;AAGxC,UAAI,gBAAgB,IAAI,GAAG;AACzB;AAAA,MACF;AAGA,UAAI,gBAAgB,MAAM,SAAS,GAAG;AACpC;AAAA,MACF;AAEA,uBAAiB,IAAI;AAErB,YAAM,WAAW,yBAAyB,WAAW,MAAM,WAAW,UAAU;AAEhF,UAAI,QAAQ,IAAI,aAAa,cAAc;AACzC,eAAO,SAAS,OAAO;AAAA,MACzB,OAAO;AAEL,eAAO,KAAK,QAAQ;AAAA,MACtB;AAAA,IACJ;AAAA,IACA,CAAC,QAAQ,WAAW,YAAY,UAAU,wBAAwB;AAAA,EACpE;AAEE,QAAM,gBAAgB,YAAY,OAAO,UAAkB;AACzD,UAAM,cAAc,OAAO,SAAS;AACpC,UAAM,KAAK,QAAQ;AACnB,iBAAa;AAAA,MACX,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,OAAO,SAAS;AAAA,MAChB,SAAS;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,YAAY;AAAA,MACZ,iBAAiB;AAAA,MACjB,QAAQ;AAAA,MACR;AAAA,IACF,CAAC;AACD,oBAAgB,WAAW;AAAA,EAC7B,GAAG,CAAC,MAAM,iBAAiB,oBAAoB,CAAC;AAEhD,QAAM,WAAW,YAAY,CAAC,UAAkB;AAC9C,iBAAa,CAAC,UAAU;AAAA,MACtB,GAAG;AAAA,MACH;AAAA,IACF,EAAE;AAAA,EACJ,GAAG,CAAC,CAAC;AAEL,QAAM,eAAe,YAAY,MAAsB;AACrD,QAAI,UAAU,OAAO;AACnB,YAAM,QAAQ,UAAU;AACxB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS,MAAM;AAAA,QACf,OAAO,MAAM;AAAA,QACb,MAAM;AAAA,MACR;AAAA,IACF;AAEA,QAAI,UAAU,wBAAwB,UAAU,WAAW,CAAC,UAAU,YAAY;AAChF,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS;AAAA,QACT,OAAO;AAAA,QACP,MAAM;AAAA,MACR;AAAA,IACF;AAEA,QAAI,CAAC,UAAU,mBAAmB,UAAU,WAAW,WAAW;AAChE,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS;AAAA,QACT,OAAO;AAAA,QACP,MAAM;AAAA,MACR;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,MAAM,eAAe;AAAA,IACvB;AAAA,EACF,GAAG;AAAA,IACD,UAAU;AAAA,IACV,UAAU;AAAA,IACV,UAAU;AAAA,IACV,UAAU;AAAA,IACV,UAAU;AAAA,IACV,UAAU;AAAA,EACZ,CAAC;AAEH,YAAU,MAAM;AACd,QAAI,UAAU;AACd,QAAI,cAAc;AAElB,UAAM,cAAc;AAAA,MAClB;AAAA,MACE,OAAO,SAAsB;AAC5B,YAAI,CAAC,QAAS;AACd,YAAI;AACH,cAAI,MAAM;AACV,kBAAM,UAAU,CAAC,CAAC,KAAK;AACvB,kBAAM,aAAa,KAAK;AACxB,kBAAM,kBAAkB,YAAY,CAAC,wBAAwB;AAE7D,yBAAa;AAAA,cACX,UAAU;AAAA,cACV,QAAQ,KAAK;AAAA,cACb;AAAA,cACA;AAAA,cACA,iBAAiB,WAAW;AAAA,cAC5B,OAAO,KAAK,WAAW;AAAA,cACvB,OAAO;AAAA,cACP,OAAO,KAAK;AAAA,cACZ,QAAQ,kBAAkB,kBAAkB;AAAA,cAC5C;AAAA,YACF,CAAC;AAED,gBAAI,wBAAwB,CAAC,cAAc,eAAe,YAAY,IAAI,UAAU,GAAG;AACrF,kBAAG,eAAe,CAAC,eAAe;AAChC,gCAAgB,QAAQ;AAAA,cAC5B;AAAA,YACF;AAAA,UACA,OAAO;AACL,yBAAa;AAAA,cACX,UAAU;AAAA,cACV,QAAQ;AAAA,cACR,SAAS;AAAA,cACT,YAAY;AAAA,cACZ,iBAAiB;AAAA,cACjB,OAAO;AAAA,cACP,OAAO;AAAA,cACP,OAAO;AAAA,cACP,QAAQ;AAAA,cACR;AAAA,YACF,CAAC;AAED,gBAAI,eAAe,YAAY,IAAI,KAAK,KAAK,aAAa;AACxD,8BAAgB;AAAA,YAClB;AAAA,UACF;AAAA,QACF,SAAS,OAAM;AACb,kBAAQ,MAAM,4BAA4B,KAAK;AAC/C,cAAI,SAAS;AACX,0BAAc,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,+BAA+B,CAAC;AAAA,UAC3F;AAAA,QACF,UAAE;AACA,wBAAc;AAAA,QAChB;AAAA,MACF;AAAA,IAAC;AAED,WAAO,MAAM;AACX,gBAAU;AACV,kBAAY;AAAA,IACd;AAAA,EACA,GAAG,CAAC,MAAM,eAAe,iBAAiB,sBAAsB,UAAU,eAAe,cAAc,CAAC;AAExG,QAAM,eAAmC,QAAQ,OAAO;AAAA,IACtD,GAAG;AAAA,IACH,SAAS;AAAA,IACT;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI,CAAC,WAAW,eAAe,UAAU,cAAc,eAAe,CAAC;AAEvE,MAAI,CAAC,UAAU,UAAU;AACvB,WACE,oBAAC,cAAc,UAAd,EAAuB,OAAO,cAC5B,8BACC,oBAAC,SAAI,aAAU,UAAS,aAAU,QAChC,8BAAC,UAAK,WAAU,WAAU,6CAA+B,GAC3D,GAEJ;AAAA,EAEJ;AAEA,SACI,oBAAC,cAAc,UAAd,EAAuB,OAAO,cAC7B,UACF;AAEN;","names":["loginPath","pathname"]}

package/dist/esm/boundary/TernSecureCtx.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/boundary/TernSecureCtx.tsx"],"sourcesContent":["\"use client\"\n\nimport { createContext, useContext } from 'react'\nimport { ternSecureAuth } from '../utils/client-init';\nimport { User } from 'firebase/auth';\nimport { type TernSecureState } from '../types';\n\nexport const TernSecureUser = (): User | null => {\n  return ternSecureAuth.currentUser;\n}\n\nexport interface TernSecureCtxValue extends TernSecureState {\n signOut: () => Promise<void>\n setEmail: (email: string) => void\n}\n\nexport const TernSecureCtx = createContext<TernSecureCtxValue | null>(null)\n\nTernSecureCtx.displayName = 'TernSecureCtx'\n\nexport const useTernSecure = (hookName: string) => {\n  const context = useContext(TernSecureCtx)\n  \n  if (!context) {\n    throw new Error(\n      `${hookName} must be used within TernSecureProvider`\n    )\n  }\n\n  return context\n}\n\n"],"mappings":";AAEA,SAAS,eAAe,kBAAkB;AAC1C,SAAS,sBAAsB;AAIxB,MAAM,iBAAiB,MAAmB;AAC/C,SAAO,eAAe;AACxB;AAOO,MAAM,gBAAgB,cAAyC,IAAI;AAE1E,cAAc,cAAc;AAErB,MAAM,gBAAgB,CAAC,aAAqB;AACjD,QAAM,UAAU,WAAW,aAAa;AAExC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI;AAAA,MACR,GAAG,QAAQ;AAAA,IACb;AAAA,EACF;AAEA,SAAO;AACT;","names":[]}
+{"version":3,"sources":["../../../src/boundary/TernSecureCtx.tsx"],"sourcesContent":["\"use client\"\n\nimport { createContext, useContext } from 'react'\nimport { ternSecureAuth } from '../utils/client-init';\nimport { User } from 'firebase/auth';\nimport type { TernSecureState, SignInResponse } from '../types';\n\nexport const TernSecureUser = (): User | null => {\n  return ternSecureAuth.currentUser;\n}\n\nexport interface TernSecureCtxValue extends TernSecureState {\n signOut: () => Promise<void>\n setEmail: (email: string) => void\n getAuthError: () => SignInResponse\n redirectToLogin: () => void\n}\n\nexport const TernSecureCtx = createContext<TernSecureCtxValue | null>(null)\n\nTernSecureCtx.displayName = 'TernSecureCtx'\n\nexport const useTernSecure = (hookName: string) => {\n  const context = useContext(TernSecureCtx)\n  \n  if (!context) {\n    throw new Error(\n      `${hookName} must be used within TernSecureProvider`\n    )\n  }\n\n  return context\n}\n\n"],"mappings":";AAEA,SAAS,eAAe,kBAAkB;AAC1C,SAAS,sBAAsB;AAIxB,MAAM,iBAAiB,MAAmB;AAC/C,SAAO,eAAe;AACxB;AASO,MAAM,gBAAgB,cAAyC,IAAI;AAE1E,cAAc,cAAc;AAErB,MAAM,gBAAgB,CAAC,aAAqB;AACjD,QAAM,UAAU,WAAW,aAAa;AAExC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI;AAAA,MACR,GAAG,QAAQ;AAAA,IACb;AAAA,EACF;AAEA,SAAO;AACT;","names":[]}