@thetechfossil/auth2 1.2.2 → 1.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.components.d.ts +14 -1
- package/dist/index.components.js +1288 -642
- package/dist/index.components.js.map +1 -1
- package/dist/index.components.mjs +1190 -547
- package/dist/index.components.mjs.map +1 -1
- package/dist/index.d.ts +51 -7
- package/dist/index.js +1368 -672
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +1241 -547
- package/dist/index.mjs.map +1 -1
- package/dist/index.next.d.ts +44 -65
- package/dist/index.next.js +1402 -988
- package/dist/index.next.js.map +1 -1
- package/dist/index.next.mjs +1254 -836
- package/dist/index.next.mjs.map +1 -1
- package/dist/index.next.server.d.ts +57 -8
- package/dist/index.next.server.js +163 -14
- package/dist/index.next.server.js.map +1 -1
- package/dist/index.next.server.mjs +156 -15
- package/dist/index.next.server.mjs.map +1 -1
- package/dist/index.node.d.ts +19 -7
- package/dist/index.node.js +18 -12
- package/dist/index.node.js.map +1 -1
- package/dist/index.node.mjs +18 -12
- package/dist/index.node.mjs.map +1 -1
- package/next/index.js +2 -0
- package/next/index.mjs +2 -0
- package/next/package.json +5 -0
- package/next/server/package.json +5 -0
- package/next/server.js +2 -0
- package/next/server.mjs +2 -0
- package/package.json +21 -18
- package/README.NEW.md +0 -365
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
+
|
|
1
3
|
interface LinkedAccount {
|
|
2
4
|
provider: 'google' | 'github';
|
|
3
5
|
providerId: string;
|
|
@@ -8,6 +10,8 @@ interface User {
|
|
|
8
10
|
_id: string;
|
|
9
11
|
name: string;
|
|
10
12
|
email: string;
|
|
13
|
+
phoneNumber?: string;
|
|
14
|
+
avatar?: string;
|
|
11
15
|
role: string;
|
|
12
16
|
linkedAccounts?: LinkedAccount[];
|
|
13
17
|
createdAt: string;
|
|
@@ -21,21 +25,28 @@ interface AuthResponse {
|
|
|
21
25
|
csrfToken?: string;
|
|
22
26
|
}
|
|
23
27
|
interface LoginData {
|
|
24
|
-
email
|
|
28
|
+
email?: string;
|
|
29
|
+
phoneNumber?: string;
|
|
25
30
|
password?: string;
|
|
26
31
|
otp?: string;
|
|
27
32
|
}
|
|
28
33
|
interface VerifyData {
|
|
29
|
-
email
|
|
34
|
+
email?: string;
|
|
35
|
+
phoneNumber?: string;
|
|
30
36
|
otp: string;
|
|
31
37
|
}
|
|
32
38
|
interface RegisterData {
|
|
33
39
|
name: string;
|
|
34
|
-
email
|
|
40
|
+
email?: string;
|
|
41
|
+
phoneNumber?: string;
|
|
35
42
|
password: string;
|
|
36
43
|
}
|
|
37
44
|
interface UpdateUserData {
|
|
38
|
-
name
|
|
45
|
+
name?: string;
|
|
46
|
+
avatar?: string;
|
|
47
|
+
email?: string;
|
|
48
|
+
username?: string;
|
|
49
|
+
phoneNumber?: string;
|
|
39
50
|
}
|
|
40
51
|
type OAuthProvider = 'google' | 'github';
|
|
41
52
|
interface OAuthConfig {
|
|
@@ -54,11 +65,13 @@ interface AuthConfig {
|
|
|
54
65
|
}
|
|
55
66
|
interface Session {
|
|
56
67
|
id: string;
|
|
57
|
-
userId
|
|
58
|
-
|
|
68
|
+
userId?: string;
|
|
69
|
+
token?: string;
|
|
70
|
+
userAgent?: string;
|
|
59
71
|
ipAddress?: string;
|
|
60
|
-
|
|
72
|
+
expiresAt: string;
|
|
61
73
|
createdAt: string;
|
|
74
|
+
updatedAt?: string;
|
|
62
75
|
}
|
|
63
76
|
interface MFASetup {
|
|
64
77
|
success: boolean;
|
|
@@ -168,6 +181,7 @@ declare class HttpClient {
|
|
|
168
181
|
private axiosInstance;
|
|
169
182
|
private csrfToken;
|
|
170
183
|
private frontendBaseUrl;
|
|
184
|
+
private baseUrl;
|
|
171
185
|
constructor(baseUrl: string, defaultHeaders?: Record<string, string>);
|
|
172
186
|
get<T>(endpoint: string, headers?: Record<string, string>): Promise<T>;
|
|
173
187
|
post<T>(endpoint: string, data?: any, headers?: Record<string, string>): Promise<T>;
|
|
@@ -205,4 +219,39 @@ declare class NextServerAuth extends AuthClient {
|
|
|
205
219
|
static createAuthenticatedClient(config: AuthConfig, token: string): NextServerAuth;
|
|
206
220
|
}
|
|
207
221
|
|
|
208
|
-
|
|
222
|
+
interface AuthServerConfig {
|
|
223
|
+
authApiUrl?: string;
|
|
224
|
+
tokenCookieName?: string;
|
|
225
|
+
}
|
|
226
|
+
declare class AuthServer {
|
|
227
|
+
private config;
|
|
228
|
+
constructor(config?: AuthServerConfig);
|
|
229
|
+
getToken(): Promise<string | null>;
|
|
230
|
+
getCurrentUser(): Promise<User | null>;
|
|
231
|
+
isAuthenticated(): Promise<boolean>;
|
|
232
|
+
requireAuth(redirectTo?: string): Promise<User>;
|
|
233
|
+
redirectIfAuthenticated(redirectTo?: string): Promise<void>;
|
|
234
|
+
getProfile(): Promise<User | null>;
|
|
235
|
+
}
|
|
236
|
+
declare function getAuthServer(config?: AuthServerConfig): AuthServer;
|
|
237
|
+
declare function currentUser(): Promise<User | null>;
|
|
238
|
+
declare function auth(): Promise<{
|
|
239
|
+
user: User | null;
|
|
240
|
+
userId: string | null;
|
|
241
|
+
isAuthenticated: boolean;
|
|
242
|
+
token: string | null;
|
|
243
|
+
}>;
|
|
244
|
+
declare function requireAuth(redirectTo?: string): Promise<User>;
|
|
245
|
+
declare function redirectIfAuthenticated(redirectTo?: string): Promise<void>;
|
|
246
|
+
|
|
247
|
+
interface AuthMiddlewareConfig {
|
|
248
|
+
publicRoutes?: string[];
|
|
249
|
+
protectedRoutes?: string[];
|
|
250
|
+
loginUrl?: string;
|
|
251
|
+
afterLoginUrl?: string;
|
|
252
|
+
tokenCookieName?: string;
|
|
253
|
+
}
|
|
254
|
+
declare function authMiddleware(config?: AuthMiddlewareConfig): (request: NextRequest) => NextResponse<unknown>;
|
|
255
|
+
declare function createAuthMiddleware(config?: AuthMiddlewareConfig): (request: NextRequest) => NextResponse<unknown>;
|
|
256
|
+
|
|
257
|
+
export { AuditLog, AuthClient, AuthConfig, AuthResponse, AuthServer, AuthService, CsrfTokenResponse, HttpClient, LinkedAccount, LoginData, MFASetup, NextServerAuth, OAuthConfig, OAuthProvider, RegisterData, Session, UpdateUserData, UseAuthReturn, User, VerifyData, auth, authMiddleware, createAuthMiddleware, currentUser, getAuthServer, redirectIfAuthenticated, requireAuth };
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
3
|
var axios = require('axios');
|
|
4
|
+
var headers = require('next/headers');
|
|
5
|
+
var navigation = require('next/navigation');
|
|
6
|
+
var server = require('next/server');
|
|
4
7
|
|
|
5
8
|
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
6
9
|
|
|
@@ -11,8 +14,9 @@ var HttpClient = class {
|
|
|
11
14
|
constructor(baseUrl, defaultHeaders = {}) {
|
|
12
15
|
this.csrfToken = null;
|
|
13
16
|
this.frontendBaseUrl = null;
|
|
17
|
+
this.baseUrl = baseUrl.replace(/\/$/, "");
|
|
14
18
|
this.axiosInstance = axios__default.default.create({
|
|
15
|
-
baseURL: baseUrl
|
|
19
|
+
baseURL: this.baseUrl,
|
|
16
20
|
headers: {
|
|
17
21
|
"Content-Type": "application/json",
|
|
18
22
|
...defaultHeaders
|
|
@@ -23,8 +27,16 @@ var HttpClient = class {
|
|
|
23
27
|
// 30 second timeout
|
|
24
28
|
});
|
|
25
29
|
this.axiosInstance.interceptors.request.use(
|
|
26
|
-
(config) => {
|
|
27
|
-
|
|
30
|
+
async (config) => {
|
|
31
|
+
const isMutatingRequest = ["post", "put", "delete", "patch"].includes(config.method?.toLowerCase() || "");
|
|
32
|
+
if (isMutatingRequest && !this.csrfToken && typeof window !== "undefined") {
|
|
33
|
+
try {
|
|
34
|
+
await this.refreshCsrfToken();
|
|
35
|
+
} catch (error) {
|
|
36
|
+
console.warn("Failed to fetch CSRF token:", error);
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
if (this.csrfToken && isMutatingRequest) {
|
|
28
40
|
config.headers["x-csrf-token"] = this.csrfToken;
|
|
29
41
|
}
|
|
30
42
|
if (this.frontendBaseUrl) {
|
|
@@ -122,9 +134,6 @@ var AuthService = class {
|
|
|
122
134
|
this.httpClient.setFrontendBaseUrl(frontendBaseUrl);
|
|
123
135
|
}
|
|
124
136
|
}
|
|
125
|
-
if (this.config.csrfEnabled && typeof window !== "undefined") {
|
|
126
|
-
this.refreshCsrfToken();
|
|
127
|
-
}
|
|
128
137
|
}
|
|
129
138
|
loadTokenFromStorage() {
|
|
130
139
|
if (typeof window !== "undefined" && this.config.localStorageKey) {
|
|
@@ -226,7 +235,7 @@ var AuthService = class {
|
|
|
226
235
|
this.saveTokenToStorage(response.token);
|
|
227
236
|
return response;
|
|
228
237
|
}
|
|
229
|
-
if (response.success && response.message === "OTP sent to your email.") {
|
|
238
|
+
if (response.success && (response.message === "OTP sent to your email." || response.message === "OTP sent to your phone number.")) {
|
|
230
239
|
return response;
|
|
231
240
|
}
|
|
232
241
|
if (response.success && response.message === "OTP verified successfully." && response.token) {
|
|
@@ -297,7 +306,7 @@ var AuthService = class {
|
|
|
297
306
|
if (!this.token) {
|
|
298
307
|
throw new Error("Not authenticated");
|
|
299
308
|
}
|
|
300
|
-
const response = await this.httpClient.post("/api/v1/user/update/
|
|
309
|
+
const response = await this.httpClient.post("/api/v1/user/update/profile", data);
|
|
301
310
|
if (response.success && response.token) {
|
|
302
311
|
this.token = response.token;
|
|
303
312
|
this.httpClient.setAuthToken(response.token);
|
|
@@ -338,7 +347,7 @@ var AuthService = class {
|
|
|
338
347
|
if (!this.token) {
|
|
339
348
|
throw new Error("Not authenticated");
|
|
340
349
|
}
|
|
341
|
-
const response = await this.httpClient.post("/api/v1/user/update/
|
|
350
|
+
const response = await this.httpClient.post("/api/v1/user/update/profile", { avatar });
|
|
342
351
|
if (response.success && response.token) {
|
|
343
352
|
this.token = response.token;
|
|
344
353
|
this.httpClient.setAuthToken(response.token);
|
|
@@ -401,21 +410,21 @@ var AuthService = class {
|
|
|
401
410
|
if (!this.token) {
|
|
402
411
|
throw new Error("Not authenticated");
|
|
403
412
|
}
|
|
404
|
-
const response = await this.httpClient.get("/api/v1/
|
|
413
|
+
const response = await this.httpClient.get("/api/v1/sessions");
|
|
405
414
|
return response;
|
|
406
415
|
}
|
|
407
416
|
async revokeSession(sessionId) {
|
|
408
417
|
if (!this.token) {
|
|
409
418
|
throw new Error("Not authenticated");
|
|
410
419
|
}
|
|
411
|
-
const response = await this.httpClient.delete(`/api/v1/
|
|
420
|
+
const response = await this.httpClient.delete(`/api/v1/sessions/${sessionId}`);
|
|
412
421
|
return response;
|
|
413
422
|
}
|
|
414
423
|
async revokeAllSessions() {
|
|
415
424
|
if (!this.token) {
|
|
416
425
|
throw new Error("Not authenticated");
|
|
417
426
|
}
|
|
418
|
-
const response = await this.httpClient.delete("/api/v1/
|
|
427
|
+
const response = await this.httpClient.delete("/api/v1/sessions/revoke/all");
|
|
419
428
|
this.token = null;
|
|
420
429
|
this.httpClient.removeAuthToken();
|
|
421
430
|
this.removeTokenFromStorage();
|
|
@@ -554,8 +563,8 @@ var NextServerAuth = class extends AuthClient {
|
|
|
554
563
|
return authHeader.substring(7);
|
|
555
564
|
}
|
|
556
565
|
// Parse token from cookies
|
|
557
|
-
static parseTokenFromCookies(
|
|
558
|
-
const cookieArray =
|
|
566
|
+
static parseTokenFromCookies(cookies2) {
|
|
567
|
+
const cookieArray = cookies2.split(";");
|
|
559
568
|
for (const cookie of cookieArray) {
|
|
560
569
|
const [name, value] = cookie.trim().split("=");
|
|
561
570
|
if (name === "auth_token") {
|
|
@@ -599,10 +608,150 @@ var NextServerAuth = class extends AuthClient {
|
|
|
599
608
|
return client;
|
|
600
609
|
}
|
|
601
610
|
};
|
|
611
|
+
var AuthServer = class {
|
|
612
|
+
constructor(config) {
|
|
613
|
+
this.config = {
|
|
614
|
+
authApiUrl: config?.authApiUrl || process.env.AUTH_API_URL || "http://localhost:7000",
|
|
615
|
+
tokenCookieName: config?.tokenCookieName || "auth_token"
|
|
616
|
+
};
|
|
617
|
+
}
|
|
618
|
+
async getToken() {
|
|
619
|
+
const cookieStore = await headers.cookies();
|
|
620
|
+
const token = cookieStore.get(this.config.tokenCookieName);
|
|
621
|
+
return token?.value || null;
|
|
622
|
+
}
|
|
623
|
+
async getCurrentUser() {
|
|
624
|
+
const token = await this.getToken();
|
|
625
|
+
if (!token)
|
|
626
|
+
return null;
|
|
627
|
+
try {
|
|
628
|
+
const payload = JSON.parse(Buffer.from(token.split(".")[1], "base64").toString());
|
|
629
|
+
return payload.user || null;
|
|
630
|
+
} catch (error) {
|
|
631
|
+
console.error("Failed to parse user from token:", error);
|
|
632
|
+
return null;
|
|
633
|
+
}
|
|
634
|
+
}
|
|
635
|
+
async isAuthenticated() {
|
|
636
|
+
const token = await this.getToken();
|
|
637
|
+
return !!token;
|
|
638
|
+
}
|
|
639
|
+
async requireAuth(redirectTo) {
|
|
640
|
+
const user = await this.getCurrentUser();
|
|
641
|
+
if (!user) {
|
|
642
|
+
const loginPath = redirectTo || process.env.NEXT_PUBLIC_AUTH_REDIRECT_TO_LOGIN || "/auth/login";
|
|
643
|
+
navigation.redirect(loginPath);
|
|
644
|
+
}
|
|
645
|
+
return user;
|
|
646
|
+
}
|
|
647
|
+
async redirectIfAuthenticated(redirectTo) {
|
|
648
|
+
const isAuth = await this.isAuthenticated();
|
|
649
|
+
if (isAuth) {
|
|
650
|
+
const dashboardPath = redirectTo || process.env.NEXT_PUBLIC_AUTH_REDIRECT_AFTER_LOGIN || "/dashboard";
|
|
651
|
+
navigation.redirect(dashboardPath);
|
|
652
|
+
}
|
|
653
|
+
}
|
|
654
|
+
async getProfile() {
|
|
655
|
+
const token = await this.getToken();
|
|
656
|
+
if (!token)
|
|
657
|
+
return null;
|
|
658
|
+
try {
|
|
659
|
+
const response = await fetch(`${this.config.authApiUrl}/api/v1/user/me`, {
|
|
660
|
+
headers: {
|
|
661
|
+
"Authorization": `Bearer ${token}`
|
|
662
|
+
}
|
|
663
|
+
});
|
|
664
|
+
if (!response.ok) {
|
|
665
|
+
return null;
|
|
666
|
+
}
|
|
667
|
+
const data = await response.json();
|
|
668
|
+
return data.user;
|
|
669
|
+
} catch (error) {
|
|
670
|
+
console.error("Failed to fetch profile:", error);
|
|
671
|
+
return null;
|
|
672
|
+
}
|
|
673
|
+
}
|
|
674
|
+
};
|
|
675
|
+
var authServerInstance = null;
|
|
676
|
+
function getAuthServer(config) {
|
|
677
|
+
if (!authServerInstance) {
|
|
678
|
+
authServerInstance = new AuthServer(config);
|
|
679
|
+
}
|
|
680
|
+
return authServerInstance;
|
|
681
|
+
}
|
|
682
|
+
async function currentUser() {
|
|
683
|
+
const auth2 = getAuthServer();
|
|
684
|
+
return auth2.getCurrentUser();
|
|
685
|
+
}
|
|
686
|
+
async function auth() {
|
|
687
|
+
const authServer = getAuthServer();
|
|
688
|
+
const user = await authServer.getCurrentUser();
|
|
689
|
+
const token = await authServer.getToken();
|
|
690
|
+
return {
|
|
691
|
+
user,
|
|
692
|
+
userId: user?._id || null,
|
|
693
|
+
isAuthenticated: !!user,
|
|
694
|
+
token
|
|
695
|
+
};
|
|
696
|
+
}
|
|
697
|
+
async function requireAuth(redirectTo) {
|
|
698
|
+
const authServer = getAuthServer();
|
|
699
|
+
return authServer.requireAuth(redirectTo);
|
|
700
|
+
}
|
|
701
|
+
async function redirectIfAuthenticated(redirectTo) {
|
|
702
|
+
const authServer = getAuthServer();
|
|
703
|
+
return authServer.redirectIfAuthenticated(redirectTo);
|
|
704
|
+
}
|
|
705
|
+
function authMiddleware(config) {
|
|
706
|
+
const {
|
|
707
|
+
publicRoutes = ["/auth/login", "/auth/register", "/auth/verify-email", "/auth/forgot-password", "/auth/reset-password"],
|
|
708
|
+
protectedRoutes = ["/dashboard"],
|
|
709
|
+
loginUrl = "/auth/login",
|
|
710
|
+
afterLoginUrl = "/dashboard",
|
|
711
|
+
tokenCookieName = "auth_token"
|
|
712
|
+
} = config || {};
|
|
713
|
+
return function middleware(request) {
|
|
714
|
+
const { pathname } = request.nextUrl;
|
|
715
|
+
const token = request.cookies.get(tokenCookieName)?.value;
|
|
716
|
+
const isAuthenticated = !!token;
|
|
717
|
+
const isPublicRoute = publicRoutes.some((route) => {
|
|
718
|
+
if (route.endsWith("*")) {
|
|
719
|
+
return pathname.startsWith(route.slice(0, -1));
|
|
720
|
+
}
|
|
721
|
+
return pathname === route || pathname.startsWith(route + "/");
|
|
722
|
+
});
|
|
723
|
+
const isProtectedRoute = protectedRoutes.some((route) => {
|
|
724
|
+
if (route.endsWith("*")) {
|
|
725
|
+
return pathname.startsWith(route.slice(0, -1));
|
|
726
|
+
}
|
|
727
|
+
return pathname === route || pathname.startsWith(route + "/");
|
|
728
|
+
});
|
|
729
|
+
if (isAuthenticated && isPublicRoute) {
|
|
730
|
+
return server.NextResponse.redirect(new URL(afterLoginUrl, request.url));
|
|
731
|
+
}
|
|
732
|
+
if (!isAuthenticated && isProtectedRoute) {
|
|
733
|
+
const loginUrlWithRedirect = new URL(loginUrl, request.url);
|
|
734
|
+
loginUrlWithRedirect.searchParams.set("redirect", pathname);
|
|
735
|
+
return server.NextResponse.redirect(loginUrlWithRedirect);
|
|
736
|
+
}
|
|
737
|
+
return server.NextResponse.next();
|
|
738
|
+
};
|
|
739
|
+
}
|
|
740
|
+
function createAuthMiddleware(config) {
|
|
741
|
+
return authMiddleware(config);
|
|
742
|
+
}
|
|
602
743
|
|
|
603
744
|
exports.AuthClient = AuthClient;
|
|
745
|
+
exports.AuthServer = AuthServer;
|
|
604
746
|
exports.AuthService = AuthService;
|
|
605
747
|
exports.HttpClient = HttpClient;
|
|
606
748
|
exports.NextServerAuth = NextServerAuth;
|
|
749
|
+
exports.auth = auth;
|
|
750
|
+
exports.authMiddleware = authMiddleware;
|
|
751
|
+
exports.createAuthMiddleware = createAuthMiddleware;
|
|
752
|
+
exports.currentUser = currentUser;
|
|
753
|
+
exports.getAuthServer = getAuthServer;
|
|
754
|
+
exports.redirectIfAuthenticated = redirectIfAuthenticated;
|
|
755
|
+
exports.requireAuth = requireAuth;
|
|
607
756
|
//# sourceMappingURL=out.js.map
|
|
608
757
|
//# sourceMappingURL=index.next.server.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/core/http-client.ts","../src/core/auth-service.ts","../src/node/auth-client.ts","../src/nextjs/server-auth.ts"],"names":[],"mappings":";AAAA,OAAO,WAA8D;AAE9D,IAAM,aAAN,MAAiB;AAAA,EAKtB,YAAY,SAAiB,iBAAyC,CAAC,GAAG;AAH1E,SAAQ,YAA2B;AACnC,SAAQ,kBAAiC;AAGvC,SAAK,gBAAgB,MAAM,OAAO;AAAA,MAChC,SAAS,QAAQ,QAAQ,OAAO,EAAE;AAAA,MAClC,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,GAAG;AAAA,MACL;AAAA,MACA,iBAAiB;AAAA;AAAA,MACjB,SAAS;AAAA;AAAA,IACX,CAAC;AAGD,SAAK,cAAc,aAAa,QAAQ;AAAA,MACtC,CAAC,WAAW;AAEV,YAAI,KAAK,aAAa,CAAC,QAAQ,OAAO,UAAU,OAAO,EAAE,SAAS,OAAO,QAAQ,YAAY,KAAK,EAAE,GAAG;AACrG,iBAAO,QAAQ,cAAc,IAAI,KAAK;AAAA,QACxC;AAGA,YAAI,KAAK,iBAAiB;AACxB,iBAAO,QAAQ,gBAAgB,IAAI,KAAK;AAAA,QAC1C;AAEA,eAAO;AAAA,MACT;AAAA,MACA,CAAC,UAAU,QAAQ,OAAO,KAAK;AAAA,IACjC;AAGA,SAAK,cAAc,aAAa,SAAS;AAAA,MACvC,CAAC,aAAa;AAAA,MACd,OAAO,UAAsB;AAC3B,cAAM,kBAAkB,MAAM;AAG9B,YAAI,MAAM,UAAU,WAAW,OAAO,CAAC,gBAAgB,QAAQ;AAC7D,0BAAgB,SAAS;AAEzB,cAAI;AACF,kBAAM,KAAK,iBAAiB;AAC5B,gBAAI,gBAAgB,SAAS;AAC3B,8BAAgB,QAAQ,cAAc,IAAI,KAAK;AAAA,YACjD;AACA,mBAAO,KAAK,cAAc,eAAe;AAAA,UAC3C,SAAS,cAAP;AACA,mBAAO,QAAQ,OAAO,YAAY;AAAA,UACpC;AAAA,QACF;AAEA,eAAO,QAAQ,OAAO,KAAK;AAAA,MAC7B;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,IAAO,UAAkB,SAA8C;AAClF,UAAM,WAAW,MAAM,KAAK,cAAc,IAAO,UAAU,EAAE,QAAQ,CAAC;AACtE,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,KAAQ,UAAkB,MAAY,SAA8C;AAC/F,UAAM,WAAW,MAAM,KAAK,cAAc,KAAQ,UAAU,MAAM,EAAE,QAAQ,CAAC;AAC7E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,IAAO,UAAkB,MAAY,SAA8C;AAC9F,UAAM,WAAW,MAAM,KAAK,cAAc,IAAO,UAAU,MAAM,EAAE,QAAQ,CAAC;AAC5E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,OAAU,UAAkB,SAA8C;AACrF,UAAM,WAAW,MAAM,KAAK,cAAc,OAAU,UAAU,EAAE,QAAQ,CAAC;AACzE,WAAO,SAAS;AAAA,EAClB;AAAA,EAEO,aAAa,OAAqB;AACvC,SAAK,cAAc,SAAS,QAAQ,OAAO,eAAe,IAAI,UAAU;AAAA,EAC1E;AAAA,EAEO,kBAAwB;AAC7B,WAAO,KAAK,cAAc,SAAS,QAAQ,OAAO,eAAe;AAAA,EACnE;AAAA,EAEO,aAAa,OAAqB;AACvC,SAAK,YAAY;AAAA,EACnB;AAAA,EAEO,eAA8B;AACnC,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,kBAAwB;AAC7B,SAAK,YAAY;AAAA,EACnB;AAAA,EAEO,mBAAmB,KAAmB;AAC3C,SAAK,kBAAkB;AAAA,EACzB;AAAA,EAEO,qBAAoC;AACzC,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,wBAA8B;AACnC,SAAK,kBAAkB;AAAA,EACzB;AAAA,EAEA,MAAc,mBAAkC;AAC9C,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,cAAc,IAA2B,yBAAyB;AAC9F,WAAK,YAAY,SAAS,KAAK;AAAA,IACjC,SAAS,OAAP;AACA,cAAQ,MAAM,iCAAiC,KAAK;AACpD,YAAM;AAAA,IACR;AAAA,EACF;AACF;;;AC9GO,IAAM,cAAN,MAAkB;AAAA,EAKvB,YAAY,QAAoB;AAFhC,SAAQ,QAAuB;AAG7B,SAAK,SAAS;AAAA,MACZ,iBAAiB;AAAA,MACjB,aAAa;AAAA,MACb,GAAG;AAAA,IACL;AAEA,SAAK,aAAa,IAAI,WAAW,KAAK,OAAO,OAAO;AACpD,SAAK,qBAAqB;AAG1B,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,kBACJ,QAAQ,IAAI,iCACZ,QAAQ,IAAI,+BACZ,QAAQ,IAAI,uBACZ,OAAO,SAAS;AAElB,UAAI,iBAAiB;AACnB,aAAK,WAAW,mBAAmB,eAAe;AAAA,MACpD;AAAA,IACF;AAGA,QAAI,KAAK,OAAO,eAAe,OAAO,WAAW,aAAa;AAC5D,WAAK,iBAAiB;AAAA,IACxB;AAAA,EACF;AAAA,EAEQ,uBAA6B;AACnC,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,cAAM,QAAQ,aAAa,QAAQ,KAAK,OAAO,eAAe;AAC9D,YAAI,OAAO;AACT,eAAK,QAAQ;AACb,eAAK,WAAW,aAAa,KAAK;AAAA,QACpC;AAAA,MACF,SAAS,OAAP;AACA,gBAAQ,KAAK,sCAAsC,KAAK;AAAA,MAC1D;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,mBAAmB,OAAqB;AAC9C,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,qBAAa,QAAQ,KAAK,OAAO,iBAAiB,KAAK;AAAA,MACzD,SAAS,OAAP;AACA,gBAAQ,KAAK,oCAAoC,KAAK;AAAA,MACxD;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,yBAA+B;AACrC,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,qBAAa,WAAW,KAAK,OAAO,eAAe;AAAA,MACrD,SAAS,OAAP;AACA,gBAAQ,KAAK,wCAAwC,KAAK;AAAA,MAC5D;AAAA,IACF;AAAA,EACF;AAAA,EAEO,kBAA2B;AAChC,WAAO,CAAC,CAAC,KAAK;AAAA,EAChB;AAAA,EAEO,WAA0B;AAC/B,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,iBAA8B;AACnC,QAAI,CAAC,KAAK;AAAO,aAAO;AAExB,QAAI;AACF,YAAM,UAAU,KAAK,MAAM,KAAK,KAAK,MAAM,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC;AACzD,aAAO,QAAQ,QAAQ;AAAA,IACzB,SAAS,OAAP;AACA,cAAQ,MAAM,oCAAoC,KAAK;AACvD,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA,EAGA,MAAa,mBAAkC;AAC7C,QAAI,CAAC,KAAK,OAAO;AAAa;AAE9B,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,WAAW,IAAuB,yBAAyB;AACvF,UAAI,SAAS,WAAW;AACtB,aAAK,WAAW,aAAa,SAAS,SAAS;AAAA,MACjD;AAAA,IACF,SAAS,OAAP;AACA,cAAQ,MAAM,6BAA6B,KAAK;AAAA,IAClD;AAAA,EACF;AAAA,EAEO,eAA8B;AACnC,WAAO,KAAK,WAAW,aAAa;AAAA,EACtC;AAAA;AAAA,EAGO,eAAe,UAA+B;AACnD,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,IAAI,MAAM,uDAAuD;AAAA,IACzE;AAEA,UAAM,WAAW,GAAG,KAAK,OAAO,6BAA6B;AAC7D,WAAO,SAAS,OAAO;AAAA,EACzB;AAAA,EAEO,kBAAkB,UAA+B;AACtD,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,IAAI,MAAM,yDAAyD;AAAA,IAC3E;AAEA,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,8CAA8C;AAAA,IAChE;AAEA,UAAM,UAAU,GAAG,KAAK,OAAO,6BAA6B;AAC5D,WAAO,SAAS,OAAO;AAAA,EACzB;AAAA,EAEA,MAAa,oBAAoB,UAAgD;AAC/E,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC,sBAAsB;AAAA,IACxB;AACA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,MAAM,MAAwC;AACzD,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sBAAsB,IAAI;AAEpF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AACtC,aAAO;AAAA,IACT;AAEA,QAAI,SAAS,WAAW,SAAS,YAAY,2BAA2B;AACtE,aAAO;AAAA,IACT;AAEA,QAAI,SAAS,WAAW,SAAS,YAAY,gCAAgC,SAAS,OAAO;AAC3F,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AACtC,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,cAAc;AAAA,EACpD;AAAA,EAEA,MAAa,SAAS,MAA2C;AAE/D,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,yBAAyB,IAAI;AAEvF,QAAI,SAAS,WAAW,SAAS,YAAY,8EAA8E;AACzH,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,qBAAqB;AAAA,EAC3D;AAAA,EAEA,MAAa,OAAO,MAAyC;AAC3D,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,uBAAuB,IAAI;AAErF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,iBAAiB,OAAsC;AAClE,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,WAAW,IAAkB,mCAAmC,OAAO;AAEnG,UAAI,SAAS,WAAW,SAAS,OAAO;AACtC,aAAK,QAAQ,SAAS;AACtB,aAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,aAAK,mBAAmB,SAAS,KAAK;AAAA,MACxC;AAEA,aAAO;AAAA,IACT,SAAS,OAAP;AAEA,UAAI,MAAM,UAAU,MAAM;AACxB,eAAO;AAAA,UACL,SAAS;AAAA,UACT,SAAS,MAAM,SAAS,KAAK,WAAW;AAAA,QAC1C;AAAA,MACF;AAGA,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS,MAAM,WAAW;AAAA,MAC5B;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,SAAwB;AAEnC,QAAI;AACF,YAAM,KAAK,WAAW,KAAK,uBAAuB,CAAC,CAAC;AAAA,IACtD,SAAS,OAAP;AACA,cAAQ,KAAK,mCAAmC,KAAK;AAAA,IACvD;AAEA,SAAK,QAAQ;AACb,SAAK,WAAW,gBAAgB;AAChC,SAAK,WAAW,gBAAgB;AAChC,SAAK,uBAAuB;AAAA,EAC9B;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAAoB,iBAAiB;AAC5E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,cAAc,MAA6C;AACtE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,4BAA4B,IAAI;AAE1F,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAA+B;AAC1C,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAAuB,kBAAkB;AAChF,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,YAAY,IAA2B;AAClD,UAAM,WAAW,MAAM,KAAK,WAAW,IAAoB,gBAAgB,IAAI;AAC/E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,eAAe,OAAsC;AAEhE,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,gCAAgC,EAAE,MAAM,CAAC;AACnG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAAc,OAAe,UAAyC;AACjF,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,EAAE,OAAO,SAAS,CAAC;AAC5G,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,eAAe,aAAqB,aAA4C;AAC3F,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,gCAAgC;AAAA,MACxF;AAAA,MACA;AAAA,IACF,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,aAAa,QAAuC;AAC/D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,8BAA8B,EAAE,OAAO,CAAC;AAElG,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,mBAAmB,UAAyC;AACvE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,qCAAqC;AAAA,MAC7F;AAAA,IACF,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,kBAAkB,OAAsC;AACnE,UAAM,WAAW,MAAM,KAAK,WAAW,IAAkB,0CAA0C,OAAO;AAE1G,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,cAAgG;AAC3G,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC;AAAA,MACA,CAAC;AAAA,IACH;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,UAAU,OAAsC;AAC3D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sBAAsB,EAAE,MAAM,CAAC;AACzF,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,WAAW,OAAsC;AAC5D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,uBAAuB,EAAE,MAAM,CAAC;AAC1F,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,YAAY,OAAsC;AAC7D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,wBAAwB,EAAE,MAAM,CAAC;AAC3F,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,cAA8D;AACzE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAA2C,iBAAiB;AACnG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAAc,WAA0C;AACnE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,OAAqB,mBAAmB,WAAW;AAC1F,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,oBAA2C;AACtD,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,OAAqB,4BAA4B;AAGxF,SAAK,QAAQ;AACb,SAAK,WAAW,gBAAgB;AAChC,SAAK,uBAAuB;AAE5B,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,aAAa,SAA2D;AACnF,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC;AAAA,MACA;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,gBAAgB,QAAuC;AAClE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,6BAA6B,UAAU,CAAC,CAAC;AACnG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,wBAAwB,QAAuC;AAC1E,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sCAAsC,UAAU,CAAC,CAAC;AAC5G,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,iBAAiB,QAAuC;AACnE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,8BAA8B,UAAU,CAAC,CAAC;AACpG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,kBAAkB,QAAuC;AACpE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,UAAU,CAAC,CAAC;AACrG,WAAO;AAAA,EACT;AACF;;;ACvcO,IAAM,aAAN,cAAyB,YAAY;AAAA,EAC1C,YAAY,QAAoB;AAC9B,UAAM,MAAM;AAAA,EACd;AAAA;AAAA;AAAA,EAKA,MAAa,SAAS,MAA2C;AAE/D,UAAM,kBACJ,QAAQ,IAAI,qBACZ,QAAQ,IAAI,iCACZ,QAAQ,IAAI;AAEd,QAAI,iBAAiB;AACnB,WAAK,YAAY,EAAE,mBAAmB,eAAe;AAAA,IACvD;AAGA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,yBAAyB,IAAI;AAE1F,QAAI,SAAS,WAAW,SAAS,YAAY,8EAA8E;AACzH,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,qBAAqB;AAAA,EAC3D;AAAA,EAEA,MAAa,MAAM,MAAwC;AACzD,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,sBAAsB,IAAI;AAGvF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAE9C,aAAO;AAAA,IACT;AAGA,QAAI,SAAS,WAAW,SAAS,YAAY,2BAA2B;AACtE,aAAO;AAAA,IACT;AAGA,QAAI,SAAS,WAAW,SAAS,YAAY,gCAAgC,SAAS,OAAO;AAC3F,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAE9C,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,cAAc;AAAA,EACpD;AAAA,EAEA,MAAa,OAAO,MAAyC;AAC3D,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,uBAAuB,IAAI;AAExF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAAA,IAEhD;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,SAAwB;AACnC,SAAK,OAAO,IAAI;AAChB,SAAK,YAAY,EAAE,gBAAgB;AAAA,EAErC;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAoB,iBAAiB;AAC/E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,YAAY,IAA2B;AAClD,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAoB,gBAAgB,IAAI;AAClF,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,cAAc,MAA6C;AACtE,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,4BAA4B,IAAI;AAE7F,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAAA,IAEhD;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAA+B;AAC1C,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAuB,kBAAkB;AACnF,WAAO,SAAS;AAAA,EAClB;AACF;;;ACvHO,IAAM,iBAAN,cAA6B,WAAW;AAAA,EAC7C,YAAY,QAAoB;AAC9B,UAAM,MAAM;AAAA,EACd;AAAA;AAAA,EAGA,OAAc,sBAAsB,SAAiC;AACnE,UAAM,aAAa,QAAQ,IAAI,eAAe;AAC9C,QAAI,CAAC,cAAc,CAAC,WAAW,WAAW,SAAS,GAAG;AACpD,aAAO;AAAA,IACT;AACA,WAAO,WAAW,UAAU,CAAC;AAAA,EAC/B;AAAA;AAAA,EAGA,OAAc,sBAAsB,SAAgC;AAClE,UAAM,cAAc,QAAQ,MAAM,GAAG;AACrC,eAAW,UAAU,aAAa;AAChC,YAAM,CAAC,MAAM,KAAK,IAAI,OAAO,KAAK,EAAE,MAAM,GAAG;AAC7C,UAAI,SAAS,cAAc;AACzB,eAAO,mBAAmB,KAAK;AAAA,MACjC;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,OAAc,sBAAsB,KAAyB;AAE3D,QAAI,IAAI,SAAS;AACf,YAAM,aAAa,IAAI,QAAQ,iBAAiB,IAAI,QAAQ;AAC5D,UAAI,cAAc,WAAW,WAAW,SAAS,GAAG;AAClD,eAAO,WAAW,UAAU,CAAC;AAAA,MAC/B;AAAA,IACF;AAGA,QAAI,IAAI,SAAS;AACf,aAAO,IAAI,QAAQ,cAAc;AAAA,IACnC;AAGA,QAAI,IAAI,WAAW,IAAI,QAAQ,QAAQ;AACrC,aAAO,KAAK,sBAAsB,IAAI,QAAQ,MAAM;AAAA,IACtD;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,YAAY,OAAqC;AAC5D,QAAI;AAEF,MAAC,KAAa,YAAY,EAAE,aAAa,KAAK;AAG9C,YAAM,OAAO,MAAM,KAAK,WAAW;AACnC,aAAO;AAAA,IACT,SAAS,OAAP;AACA,cAAQ,MAAM,8BAA8B,KAAK;AACjD,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA,EAGA,OAAc,0BAA0B,QAAoB,OAA+B;AACzF,UAAM,SAAS,IAAI,eAAe,MAAM;AACxC,IAAC,OAAe,YAAY,EAAE,aAAa,KAAK;AAChD,IAAC,OAAe,OAAO,IAAI;AAC3B,WAAO;AAAA,EACT;AACF","sourcesContent":["import axios, { AxiosInstance, AxiosRequestConfig, AxiosError } from 'axios';\r\n\r\nexport class HttpClient {\r\n private axiosInstance: AxiosInstance;\r\n private csrfToken: string | null = null;\r\n private frontendBaseUrl: string | null = null;\r\n\r\n constructor(baseUrl: string, defaultHeaders: Record<string, string> = {}) {\r\n this.axiosInstance = axios.create({\r\n baseURL: baseUrl.replace(/\\/$/, ''),\r\n headers: {\r\n 'Content-Type': 'application/json',\r\n ...defaultHeaders\r\n },\r\n withCredentials: true, // Include cookies for CSRF\r\n timeout: 30000 // 30 second timeout\r\n });\r\n\r\n // Request interceptor to add CSRF token and frontend URL\r\n this.axiosInstance.interceptors.request.use(\r\n (config) => {\r\n // Add CSRF token to mutating requests\r\n if (this.csrfToken && ['post', 'put', 'delete', 'patch'].includes(config.method?.toLowerCase() || '')) {\r\n config.headers['x-csrf-token'] = this.csrfToken;\r\n }\r\n \r\n // Add frontend base URL header if available\r\n if (this.frontendBaseUrl) {\r\n config.headers['X-Frontend-URL'] = this.frontendBaseUrl;\r\n }\r\n \r\n return config;\r\n },\r\n (error) => Promise.reject(error)\r\n );\r\n\r\n // Response interceptor for error handling and CSRF token refresh\r\n this.axiosInstance.interceptors.response.use(\r\n (response) => response,\r\n async (error: AxiosError) => {\r\n const originalRequest = error.config as AxiosRequestConfig & { _retry?: boolean };\r\n\r\n // Handle CSRF token refresh on 403\r\n if (error.response?.status === 403 && !originalRequest._retry) {\r\n originalRequest._retry = true;\r\n\r\n try {\r\n await this.refreshCsrfToken();\r\n if (originalRequest.headers) {\r\n originalRequest.headers['x-csrf-token'] = this.csrfToken!;\r\n }\r\n return this.axiosInstance(originalRequest);\r\n } catch (refreshError) {\r\n return Promise.reject(refreshError);\r\n }\r\n }\r\n\r\n return Promise.reject(error);\r\n }\r\n );\r\n }\r\n\r\n public async get<T>(endpoint: string, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.get<T>(endpoint, { headers });\r\n return response.data;\r\n }\r\n\r\n public async post<T>(endpoint: string, data?: any, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.post<T>(endpoint, data, { headers });\r\n return response.data;\r\n }\r\n\r\n public async put<T>(endpoint: string, data?: any, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.put<T>(endpoint, data, { headers });\r\n return response.data;\r\n }\r\n\r\n public async delete<T>(endpoint: string, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.delete<T>(endpoint, { headers });\r\n return response.data;\r\n }\r\n\r\n public setAuthToken(token: string): void {\r\n this.axiosInstance.defaults.headers.common['Authorization'] = `Bearer ${token}`;\r\n }\r\n\r\n public removeAuthToken(): void {\r\n delete this.axiosInstance.defaults.headers.common['Authorization'];\r\n }\r\n\r\n public setCsrfToken(token: string): void {\r\n this.csrfToken = token;\r\n }\r\n\r\n public getCsrfToken(): string | null {\r\n return this.csrfToken;\r\n }\r\n\r\n public removeCsrfToken(): void {\r\n this.csrfToken = null;\r\n }\r\n\r\n public setFrontendBaseUrl(url: string): void {\r\n this.frontendBaseUrl = url;\r\n }\r\n\r\n public getFrontendBaseUrl(): string | null {\r\n return this.frontendBaseUrl;\r\n }\r\n\r\n public removeFrontendBaseUrl(): void {\r\n this.frontendBaseUrl = null;\r\n }\r\n\r\n private async refreshCsrfToken(): Promise<void> {\r\n try {\r\n const response = await this.axiosInstance.get<{ csrfToken: string }>('/api/v1/auth/csrf-token');\r\n this.csrfToken = response.data.csrfToken;\r\n } catch (error) {\r\n console.error('Failed to refresh CSRF token:', error);\r\n throw error;\r\n }\r\n }\r\n}","import { HttpClient } from './http-client';\r\nimport {\r\n AuthResponse,\r\n LoginData,\r\n VerifyData,\r\n UpdateUserData,\r\n User,\r\n AuthConfig,\r\n RegisterData,\r\n OAuthProvider,\r\n CsrfTokenResponse\r\n} from '../types';\r\n\r\nexport class AuthService {\r\n private httpClient: HttpClient;\r\n private config: AuthConfig;\r\n private token: string | null = null;\r\n\r\n constructor(config: AuthConfig) {\r\n this.config = {\r\n localStorageKey: 'auth_token',\r\n csrfEnabled: true,\r\n ...config\r\n };\r\n\r\n this.httpClient = new HttpClient(this.config.baseUrl);\r\n this.loadTokenFromStorage();\r\n\r\n // Set frontend base URL if available\r\n if (typeof window !== 'undefined') {\r\n const frontendBaseUrl = \r\n process.env.NEXT_PUBLIC_FRONTEND_BASE_URL ||\r\n process.env.REACT_APP_FRONTEND_BASE_URL ||\r\n process.env.NEXT_PUBLIC_APP_URL ||\r\n window.location.origin;\r\n \r\n if (frontendBaseUrl) {\r\n this.httpClient.setFrontendBaseUrl(frontendBaseUrl);\r\n }\r\n }\r\n\r\n // Initialize CSRF token if enabled\r\n if (this.config.csrfEnabled && typeof window !== 'undefined') {\r\n this.refreshCsrfToken();\r\n }\r\n }\r\n\r\n private loadTokenFromStorage(): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n const token = localStorage.getItem(this.config.localStorageKey);\r\n if (token) {\r\n this.token = token;\r\n this.httpClient.setAuthToken(token);\r\n }\r\n } catch (error) {\r\n console.warn('Failed to load token from storage:', error);\r\n }\r\n }\r\n }\r\n\r\n private saveTokenToStorage(token: string): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n localStorage.setItem(this.config.localStorageKey, token);\r\n } catch (error) {\r\n console.warn('Failed to save token to storage:', error);\r\n }\r\n }\r\n }\r\n\r\n private removeTokenFromStorage(): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n localStorage.removeItem(this.config.localStorageKey);\r\n } catch (error) {\r\n console.warn('Failed to remove token from storage:', error);\r\n }\r\n }\r\n }\r\n\r\n public isAuthenticated(): boolean {\r\n return !!this.token;\r\n }\r\n\r\n public getToken(): string | null {\r\n return this.token;\r\n }\r\n\r\n public getCurrentUser(): User | null {\r\n if (!this.token) return null;\r\n\r\n try {\r\n const payload = JSON.parse(atob(this.token.split('.')[1]));\r\n return payload.user || null;\r\n } catch (error) {\r\n console.error('Failed to parse user from token:', error);\r\n return null;\r\n }\r\n }\r\n\r\n // CSRF Token Management\r\n public async refreshCsrfToken(): Promise<void> {\r\n if (!this.config.csrfEnabled) return;\r\n\r\n try {\r\n const response = await this.httpClient.get<CsrfTokenResponse>('/api/v1/auth/csrf-token');\r\n if (response.csrfToken) {\r\n this.httpClient.setCsrfToken(response.csrfToken);\r\n }\r\n } catch (error) {\r\n console.error('Failed to get CSRF token:', error);\r\n }\r\n }\r\n\r\n public getCsrfToken(): string | null {\r\n return this.httpClient.getCsrfToken();\r\n }\r\n\r\n // OAuth Methods\r\n public loginWithOAuth(provider: OAuthProvider): void {\r\n if (typeof window === 'undefined') {\r\n throw new Error('OAuth login is only available in browser environments');\r\n }\r\n\r\n const oauthUrl = `${this.config.baseUrl}/api/v1/auth/oauth/${provider}`;\r\n window.location.href = oauthUrl;\r\n }\r\n\r\n public linkOAuthProvider(provider: OAuthProvider): void {\r\n if (typeof window === 'undefined') {\r\n throw new Error('OAuth linking is only available in browser environments');\r\n }\r\n\r\n if (!this.token) {\r\n throw new Error('Must be authenticated to link OAuth provider');\r\n }\r\n\r\n const linkUrl = `${this.config.baseUrl}/api/v1/auth/oauth/${provider}/link`;\r\n window.location.href = linkUrl;\r\n }\r\n\r\n public async unlinkOAuthProvider(provider: OAuthProvider): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>(\r\n `/api/v1/auth/oauth/${provider}/unlink`\r\n );\r\n return response;\r\n }\r\n\r\n // Standard Auth Methods\r\n public async login(data: LoginData): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/login', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n return response;\r\n }\r\n\r\n if (response.success && response.message === 'OTP sent to your email.') {\r\n return response;\r\n }\r\n\r\n if (response.success && response.message === 'OTP verified successfully.' && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n return response;\r\n }\r\n\r\n throw new Error(response.message || 'Login failed');\r\n }\r\n\r\n public async register(data: RegisterData): Promise<AuthResponse> {\r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/register', data);\r\n\r\n if (response.success && response.message === 'Registration data saved. Verification email sent. Please check your inbox.') {\r\n return response;\r\n }\r\n\r\n throw new Error(response.message || 'Registration failed');\r\n }\r\n\r\n public async verify(data: VerifyData): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/verify', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async verifyEmailToken(token: string): Promise<AuthResponse> {\r\n try {\r\n const response = await this.httpClient.get<AuthResponse>(`/api/v1/auth/verify-email?token=${token}`);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n } catch (error: any) {\r\n // Handle axios error response\r\n if (error.response?.data) {\r\n return {\r\n success: false,\r\n message: error.response.data.message || 'Email verification failed',\r\n };\r\n }\r\n \r\n // Handle network or other errors\r\n return {\r\n success: false,\r\n message: error.message || 'Network error occurred',\r\n };\r\n }\r\n }\r\n\r\n public async logout(): Promise<void> {\r\n // Call backend to clear cookie\r\n try {\r\n await this.httpClient.post('/api/v1/auth/logout', {});\r\n } catch (error) {\r\n console.warn('Failed to call logout endpoint:', error);\r\n }\r\n\r\n this.token = null;\r\n this.httpClient.removeAuthToken();\r\n this.httpClient.removeCsrfToken();\r\n this.removeTokenFromStorage();\r\n }\r\n\r\n public async getProfile(): Promise<User> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ user: User }>('/api/v1/user/me');\r\n return response.user;\r\n }\r\n\r\n public async updateProfile(data: UpdateUserData): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/update/user', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async getAllUsers(): Promise<User[]> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ users: User[] }>('/api/v1/user/all');\r\n return response.users;\r\n }\r\n\r\n public async getUserById(id: string): Promise<User> {\r\n const response = await this.httpClient.get<{ user: User }>(`/api/v1/user/${id}`);\r\n return response.user;\r\n }\r\n\r\n public async forgotPassword(email: string): Promise<AuthResponse> {\r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/forgot-password', { email });\r\n return response;\r\n }\r\n\r\n public async resetPassword(token: string, password: string): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/reset-password', { token, password });\r\n return response;\r\n }\r\n\r\n public async changePassword(oldPassword: string, newPassword: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/change-password', { \r\n oldPassword, \r\n newPassword \r\n });\r\n return response;\r\n }\r\n\r\n public async updateAvatar(avatar: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/update/avatar', { avatar });\r\n \r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async requestEmailChange(newEmail: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/request-email-change', { \r\n newEmail \r\n });\r\n return response;\r\n }\r\n\r\n public async verifyEmailChange(token: string): Promise<AuthResponse> {\r\n const response = await this.httpClient.get<AuthResponse>(`/api/v1/user/verify-email-change?token=${token}`);\r\n \r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n // 2FA / MFA Methods\r\n public async generate2FA(): Promise<{ success: boolean; qrCode?: string; secret?: string; message: string }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<{ success: boolean; qrCode?: string; secret?: string; message: string }>(\r\n '/api/v1/mfa/generate', \r\n {}\r\n );\r\n return response;\r\n }\r\n\r\n public async enable2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/enable', { token });\r\n return response;\r\n }\r\n\r\n public async disable2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/disable', { token });\r\n return response;\r\n }\r\n\r\n public async validate2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/validate', { token });\r\n return response;\r\n }\r\n\r\n // Session Management Methods\r\n public async getSessions(): Promise<{ success: boolean; sessions: any[] }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ success: boolean; sessions: any[] }>('/api/v1/session');\r\n return response;\r\n }\r\n\r\n public async revokeSession(sessionId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>(`/api/v1/session/${sessionId}`);\r\n return response;\r\n }\r\n\r\n public async revokeAllSessions(): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>('/api/v1/session/revoke/all');\r\n \r\n // After revoking all sessions, current session is also revoked\r\n this.token = null;\r\n this.httpClient.removeAuthToken();\r\n this.removeTokenFromStorage();\r\n \r\n return response;\r\n }\r\n\r\n // Admin Methods\r\n public async getAuditLogs(filters?: any): Promise<{ success: boolean; logs: any[] }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ success: boolean; logs: any[] }>(\r\n '/api/v1/admin/audit-logs',\r\n filters\r\n );\r\n return response;\r\n }\r\n\r\n public async adminVerifyUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/verify-user/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminForcePasswordReset(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/force-password-reset/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminSuspendUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/suspend-user/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminActivateUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/activate-user/${userId}`, {});\r\n return response;\r\n }\r\n}","import { AuthService } from '../core/auth-service';\r\nimport { \r\n AuthResponse, \r\n LoginData, \r\n VerifyData, \r\n UpdateUserData, \r\n User,\r\n AuthConfig,\r\n RegisterData\r\n} from '../types';\r\n\r\nexport class AuthClient extends AuthService {\r\n constructor(config: AuthConfig) {\r\n super(config);\r\n }\r\n\r\n // Override methods that require browser-specific features\r\n // For Node.js, token persistence must be handled manually\r\n \r\n public async register(data: RegisterData): Promise<AuthResponse> {\r\n // For Node.js server-side usage, set frontend base URL from environment\r\n const frontendBaseUrl = \r\n process.env.FRONTEND_BASE_URL || \r\n process.env.NEXT_PUBLIC_FRONTEND_BASE_URL ||\r\n process.env.REACT_APP_FRONTEND_BASE_URL;\r\n \r\n if (frontendBaseUrl) {\r\n this['httpClient'].setFrontendBaseUrl(frontendBaseUrl);\r\n }\r\n \r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/register', data);\r\n \r\n if (response.success && response.message === 'Registration data saved. Verification email sent. Please check your inbox.') {\r\n return response;\r\n }\r\n \r\n throw new Error(response.message || 'Registration failed');\r\n }\r\n\r\n public async login(data: LoginData): Promise<AuthResponse> {\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/login', data);\r\n \r\n // Handle successful login with token\r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n return response;\r\n }\r\n \r\n // Handle OTP sent response\r\n if (response.success && response.message === 'OTP sent to your email.') {\r\n return response;\r\n }\r\n \r\n // Handle verification response\r\n if (response.success && response.message === 'OTP verified successfully.' && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n return response;\r\n }\r\n \r\n throw new Error(response.message || 'Login failed');\r\n }\r\n\r\n public async verify(data: VerifyData): Promise<AuthResponse> {\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/verify', data);\r\n \r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n }\r\n \r\n return response;\r\n }\r\n\r\n public async logout(): Promise<void> {\r\n this['token'] = null;\r\n this['httpClient'].removeAuthToken();\r\n // Note: In Node.js, you need to handle token removal manually\r\n }\r\n\r\n public async getProfile(): Promise<User> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].get<{ user: User }>('/api/v1/user/me');\r\n return response.user;\r\n }\r\n\r\n public async getUserById(id: string): Promise<User> {\r\n const response = await this['httpClient'].get<{ user: User }>(`/api/v1/user/${id}`);\r\n return response.user;\r\n }\r\n\r\n public async updateProfile(data: UpdateUserData): Promise<AuthResponse> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/user/update/name', data);\r\n \r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n }\r\n \r\n return response;\r\n }\r\n\r\n public async getAllUsers(): Promise<User[]> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].get<{ users: User[] }>('/api/v1/user/all');\r\n return response.users;\r\n }\r\n}","import { AuthClient } from '../node/auth-client';\r\nimport { AuthConfig, User, RegisterData } from '../types';\r\n\r\n// Server-side authentication utility for Next.js\r\nexport class NextServerAuth extends AuthClient {\r\n constructor(config: AuthConfig) {\r\n super(config);\r\n }\r\n\r\n // Parse token from request headers\r\n public static parseTokenFromHeaders(headers: Headers): string | null {\r\n const authHeader = headers.get('authorization');\r\n if (!authHeader || !authHeader.startsWith('Bearer ')) {\r\n return null;\r\n }\r\n return authHeader.substring(7); // Remove 'Bearer ' prefix\r\n }\r\n\r\n // Parse token from cookies\r\n public static parseTokenFromCookies(cookies: string): string | null {\r\n const cookieArray = cookies.split(';');\r\n for (const cookie of cookieArray) {\r\n const [name, value] = cookie.trim().split('=');\r\n if (name === 'auth_token') {\r\n return decodeURIComponent(value);\r\n }\r\n }\r\n return null;\r\n }\r\n\r\n // Parse token from Next.js request object\r\n public static parseTokenFromRequest(req: any): string | null {\r\n // Try to get token from headers first\r\n if (req.headers) {\r\n const authHeader = req.headers.authorization || req.headers.Authorization;\r\n if (authHeader && authHeader.startsWith('Bearer ')) {\r\n return authHeader.substring(7);\r\n }\r\n }\r\n\r\n // Try to get token from cookies\r\n if (req.cookies) {\r\n return req.cookies.auth_token || null;\r\n }\r\n\r\n // Try to get token from cookie header\r\n if (req.headers && req.headers.cookie) {\r\n return this.parseTokenFromCookies(req.headers.cookie);\r\n }\r\n\r\n return null;\r\n }\r\n\r\n // Verify token and get user\r\n public async verifyToken(token: string): Promise<User | null> {\r\n try {\r\n // Set the token for this request\r\n (this as any)['httpClient'].setAuthToken(token);\r\n \r\n // Get user profile to verify token\r\n const user = await this.getProfile();\r\n return user;\r\n } catch (error) {\r\n console.error('Token verification failed:', error);\r\n return null;\r\n }\r\n }\r\n\r\n // Create authenticated client with token\r\n public static createAuthenticatedClient(config: AuthConfig, token: string): NextServerAuth {\r\n const client = new NextServerAuth(config);\r\n (client as any)['httpClient'].setAuthToken(token);\r\n (client as any)['token'] = token;\r\n return client;\r\n }\r\n}"]}
|
|
1
|
+
{"version":3,"sources":["../src/core/http-client.ts","../src/core/auth-service.ts","../src/node/auth-client.ts","../src/nextjs/server-auth.ts","../src/nextjs/server.ts","../src/nextjs/middleware.ts"],"names":["cookies","auth"],"mappings":";AAAA,OAAO,WAA8D;AAE9D,IAAM,aAAN,MAAiB;AAAA,EAMtB,YAAY,SAAiB,iBAAyC,CAAC,GAAG;AAJ1E,SAAQ,YAA2B;AACnC,SAAQ,kBAAiC;AAIvC,SAAK,UAAU,QAAQ,QAAQ,OAAO,EAAE;AAExC,SAAK,gBAAgB,MAAM,OAAO;AAAA,MAChC,SAAS,KAAK;AAAA,MACd,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,GAAG;AAAA,MACL;AAAA,MACA,iBAAiB;AAAA;AAAA,MACjB,SAAS;AAAA;AAAA,IACX,CAAC;AAGD,SAAK,cAAc,aAAa,QAAQ;AAAA,MACtC,OAAO,WAAW;AAEhB,cAAM,oBAAoB,CAAC,QAAQ,OAAO,UAAU,OAAO,EAAE,SAAS,OAAO,QAAQ,YAAY,KAAK,EAAE;AACxG,YAAI,qBAAqB,CAAC,KAAK,aAAa,OAAO,WAAW,aAAa;AACzE,cAAI;AACF,kBAAM,KAAK,iBAAiB;AAAA,UAC9B,SAAS,OAAP;AACA,oBAAQ,KAAK,+BAA+B,KAAK;AAAA,UACnD;AAAA,QACF;AAGA,YAAI,KAAK,aAAa,mBAAmB;AACvC,iBAAO,QAAQ,cAAc,IAAI,KAAK;AAAA,QACxC;AAGA,YAAI,KAAK,iBAAiB;AACxB,iBAAO,QAAQ,gBAAgB,IAAI,KAAK;AAAA,QAC1C;AAEA,eAAO;AAAA,MACT;AAAA,MACA,CAAC,UAAU,QAAQ,OAAO,KAAK;AAAA,IACjC;AAGA,SAAK,cAAc,aAAa,SAAS;AAAA,MACvC,CAAC,aAAa;AAAA,MACd,OAAO,UAAsB;AAC3B,cAAM,kBAAkB,MAAM;AAG9B,YAAI,MAAM,UAAU,WAAW,OAAO,CAAC,gBAAgB,QAAQ;AAC7D,0BAAgB,SAAS;AAEzB,cAAI;AACF,kBAAM,KAAK,iBAAiB;AAC5B,gBAAI,gBAAgB,SAAS;AAC3B,8BAAgB,QAAQ,cAAc,IAAI,KAAK;AAAA,YACjD;AACA,mBAAO,KAAK,cAAc,eAAe;AAAA,UAC3C,SAAS,cAAP;AACA,mBAAO,QAAQ,OAAO,YAAY;AAAA,UACpC;AAAA,QACF;AAEA,eAAO,QAAQ,OAAO,KAAK;AAAA,MAC7B;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,IAAO,UAAkB,SAA8C;AAClF,UAAM,WAAW,MAAM,KAAK,cAAc,IAAO,UAAU,EAAE,QAAQ,CAAC;AACtE,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,KAAQ,UAAkB,MAAY,SAA8C;AAC/F,UAAM,WAAW,MAAM,KAAK,cAAc,KAAQ,UAAU,MAAM,EAAE,QAAQ,CAAC;AAC7E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,IAAO,UAAkB,MAAY,SAA8C;AAC9F,UAAM,WAAW,MAAM,KAAK,cAAc,IAAO,UAAU,MAAM,EAAE,QAAQ,CAAC;AAC5E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,OAAU,UAAkB,SAA8C;AACrF,UAAM,WAAW,MAAM,KAAK,cAAc,OAAU,UAAU,EAAE,QAAQ,CAAC;AACzE,WAAO,SAAS;AAAA,EAClB;AAAA,EAEO,aAAa,OAAqB;AACvC,SAAK,cAAc,SAAS,QAAQ,OAAO,eAAe,IAAI,UAAU;AAAA,EAC1E;AAAA,EAEO,kBAAwB;AAC7B,WAAO,KAAK,cAAc,SAAS,QAAQ,OAAO,eAAe;AAAA,EACnE;AAAA,EAEO,aAAa,OAAqB;AACvC,SAAK,YAAY;AAAA,EACnB;AAAA,EAEO,eAA8B;AACnC,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,kBAAwB;AAC7B,SAAK,YAAY;AAAA,EACnB;AAAA,EAEO,mBAAmB,KAAmB;AAC3C,SAAK,kBAAkB;AAAA,EACzB;AAAA,EAEO,qBAAoC;AACzC,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,wBAA8B;AACnC,SAAK,kBAAkB;AAAA,EACzB;AAAA,EAEA,MAAc,mBAAkC;AAC9C,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,cAAc,IAA2B,yBAAyB;AAC9F,WAAK,YAAY,SAAS,KAAK;AAAA,IACjC,SAAS,OAAP;AACA,cAAQ,MAAM,iCAAiC,KAAK;AACpD,YAAM;AAAA,IACR;AAAA,EACF;AACF;;;AC3HO,IAAM,cAAN,MAAkB;AAAA,EAKvB,YAAY,QAAoB;AAFhC,SAAQ,QAAuB;AAG7B,SAAK,SAAS;AAAA,MACZ,iBAAiB;AAAA,MACjB,aAAa;AAAA,MACb,GAAG;AAAA,IACL;AAEA,SAAK,aAAa,IAAI,WAAW,KAAK,OAAO,OAAO;AACpD,SAAK,qBAAqB;AAG1B,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,kBACJ,QAAQ,IAAI,iCACZ,QAAQ,IAAI,+BACZ,QAAQ,IAAI,uBACZ,OAAO,SAAS;AAElB,UAAI,iBAAiB;AACnB,aAAK,WAAW,mBAAmB,eAAe;AAAA,MACpD;AAAA,IACF;AAAA,EAIF;AAAA,EAEQ,uBAA6B;AACnC,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,cAAM,QAAQ,aAAa,QAAQ,KAAK,OAAO,eAAe;AAC9D,YAAI,OAAO;AACT,eAAK,QAAQ;AACb,eAAK,WAAW,aAAa,KAAK;AAAA,QACpC;AAAA,MACF,SAAS,OAAP;AACA,gBAAQ,KAAK,sCAAsC,KAAK;AAAA,MAC1D;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,mBAAmB,OAAqB;AAC9C,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,qBAAa,QAAQ,KAAK,OAAO,iBAAiB,KAAK;AAAA,MACzD,SAAS,OAAP;AACA,gBAAQ,KAAK,oCAAoC,KAAK;AAAA,MACxD;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,yBAA+B;AACrC,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,qBAAa,WAAW,KAAK,OAAO,eAAe;AAAA,MACrD,SAAS,OAAP;AACA,gBAAQ,KAAK,wCAAwC,KAAK;AAAA,MAC5D;AAAA,IACF;AAAA,EACF;AAAA,EAEO,kBAA2B;AAChC,WAAO,CAAC,CAAC,KAAK;AAAA,EAChB;AAAA,EAEO,WAA0B;AAC/B,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,iBAA8B;AACnC,QAAI,CAAC,KAAK;AAAO,aAAO;AAExB,QAAI;AACF,YAAM,UAAU,KAAK,MAAM,KAAK,KAAK,MAAM,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC;AACzD,aAAO,QAAQ,QAAQ;AAAA,IACzB,SAAS,OAAP;AACA,cAAQ,MAAM,oCAAoC,KAAK;AACvD,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA,EAGA,MAAa,mBAAkC;AAC7C,QAAI,CAAC,KAAK,OAAO;AAAa;AAE9B,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,WAAW,IAAuB,yBAAyB;AACvF,UAAI,SAAS,WAAW;AACtB,aAAK,WAAW,aAAa,SAAS,SAAS;AAAA,MACjD;AAAA,IACF,SAAS,OAAP;AACA,cAAQ,MAAM,6BAA6B,KAAK;AAAA,IAClD;AAAA,EACF;AAAA,EAEO,eAA8B;AACnC,WAAO,KAAK,WAAW,aAAa;AAAA,EACtC;AAAA;AAAA,EAGO,eAAe,UAA+B;AACnD,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,IAAI,MAAM,uDAAuD;AAAA,IACzE;AAEA,UAAM,WAAW,GAAG,KAAK,OAAO,6BAA6B;AAC7D,WAAO,SAAS,OAAO;AAAA,EACzB;AAAA,EAEO,kBAAkB,UAA+B;AACtD,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,IAAI,MAAM,yDAAyD;AAAA,IAC3E;AAEA,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,8CAA8C;AAAA,IAChE;AAEA,UAAM,UAAU,GAAG,KAAK,OAAO,6BAA6B;AAC5D,WAAO,SAAS,OAAO;AAAA,EACzB;AAAA,EAEA,MAAa,oBAAoB,UAAgD;AAC/E,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC,sBAAsB;AAAA,IACxB;AACA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,MAAM,MAAwC;AACzD,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sBAAsB,IAAI;AAEpF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AACtC,aAAO;AAAA,IACT;AAEA,QAAI,SAAS,YAAY,SAAS,YAAY,6BAA6B,SAAS,YAAY,mCAAmC;AACjI,aAAO;AAAA,IACT;AAEA,QAAI,SAAS,WAAW,SAAS,YAAY,gCAAgC,SAAS,OAAO;AAC3F,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AACtC,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,cAAc;AAAA,EACpD;AAAA,EAEA,MAAa,SAAS,MAA2C;AAE/D,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,yBAAyB,IAAI;AAEvF,QAAI,SAAS,WAAW,SAAS,YAAY,8EAA8E;AACzH,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,qBAAqB;AAAA,EAC3D;AAAA,EAEA,MAAa,OAAO,MAAyC;AAC3D,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,uBAAuB,IAAI;AAErF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,iBAAiB,OAAsC;AAClE,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,WAAW,IAAkB,mCAAmC,OAAO;AAEnG,UAAI,SAAS,WAAW,SAAS,OAAO;AACtC,aAAK,QAAQ,SAAS;AACtB,aAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,aAAK,mBAAmB,SAAS,KAAK;AAAA,MACxC;AAEA,aAAO;AAAA,IACT,SAAS,OAAP;AAEA,UAAI,MAAM,UAAU,MAAM;AACxB,eAAO;AAAA,UACL,SAAS;AAAA,UACT,SAAS,MAAM,SAAS,KAAK,WAAW;AAAA,QAC1C;AAAA,MACF;AAGA,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS,MAAM,WAAW;AAAA,MAC5B;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,SAAwB;AAEnC,QAAI;AACF,YAAM,KAAK,WAAW,KAAK,uBAAuB,CAAC,CAAC;AAAA,IACtD,SAAS,OAAP;AACA,cAAQ,KAAK,mCAAmC,KAAK;AAAA,IACvD;AAEA,SAAK,QAAQ;AACb,SAAK,WAAW,gBAAgB;AAChC,SAAK,WAAW,gBAAgB;AAChC,SAAK,uBAAuB;AAAA,EAC9B;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAAoB,iBAAiB;AAC5E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,cAAc,MAA6C;AACtE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,IAAI;AAE7F,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAA+B;AAC1C,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAAuB,kBAAkB;AAChF,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,YAAY,IAA2B;AAClD,UAAM,WAAW,MAAM,KAAK,WAAW,IAAoB,gBAAgB,IAAI;AAC/E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,eAAe,OAAsC;AAEhE,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,gCAAgC,EAAE,MAAM,CAAC;AACnG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAAc,OAAe,UAAyC;AACjF,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,EAAE,OAAO,SAAS,CAAC;AAC5G,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,eAAe,aAAqB,aAA4C;AAC3F,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,gCAAgC;AAAA,MACxF;AAAA,MACA;AAAA,IACF,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,aAAa,QAAuC;AAC/D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,EAAE,OAAO,CAAC;AAEnG,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,mBAAmB,UAAyC;AACvE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,qCAAqC;AAAA,MAC7F;AAAA,IACF,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,kBAAkB,OAAsC;AACnE,UAAM,WAAW,MAAM,KAAK,WAAW,IAAkB,0CAA0C,OAAO;AAE1G,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,cAAgG;AAC3G,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC;AAAA,MACA,CAAC;AAAA,IACH;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,UAAU,OAAsC;AAC3D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sBAAsB,EAAE,MAAM,CAAC;AACzF,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,WAAW,OAAsC;AAC5D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,uBAAuB,EAAE,MAAM,CAAC;AAC1F,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,YAAY,OAAsC;AAC7D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,wBAAwB,EAAE,MAAM,CAAC;AAC3F,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,cAA8D;AACzE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAA2C,kBAAkB;AACpG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAAc,WAA0C;AACnE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,OAAqB,oBAAoB,WAAW;AAC3F,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,oBAA2C;AACtD,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,OAAqB,6BAA6B;AAGzF,SAAK,QAAQ;AACb,SAAK,WAAW,gBAAgB;AAChC,SAAK,uBAAuB;AAE5B,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,aAAa,SAA2D;AACnF,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC;AAAA,MACA;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,gBAAgB,QAAuC;AAClE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,6BAA6B,UAAU,CAAC,CAAC;AACnG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,wBAAwB,QAAuC;AAC1E,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sCAAsC,UAAU,CAAC,CAAC;AAC5G,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,iBAAiB,QAAuC;AACnE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,8BAA8B,UAAU,CAAC,CAAC;AACpG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,kBAAkB,QAAuC;AACpE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,UAAU,CAAC,CAAC;AACrG,WAAO;AAAA,EACT;AACF;;;ACrcO,IAAM,aAAN,cAAyB,YAAY;AAAA,EAC1C,YAAY,QAAoB;AAC9B,UAAM,MAAM;AAAA,EACd;AAAA;AAAA;AAAA,EAKA,MAAa,SAAS,MAA2C;AAE/D,UAAM,kBACJ,QAAQ,IAAI,qBACZ,QAAQ,IAAI,iCACZ,QAAQ,IAAI;AAEd,QAAI,iBAAiB;AACnB,WAAK,YAAY,EAAE,mBAAmB,eAAe;AAAA,IACvD;AAGA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,yBAAyB,IAAI;AAE1F,QAAI,SAAS,WAAW,SAAS,YAAY,8EAA8E;AACzH,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,qBAAqB;AAAA,EAC3D;AAAA,EAEA,MAAa,MAAM,MAAwC;AACzD,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,sBAAsB,IAAI;AAGvF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAE9C,aAAO;AAAA,IACT;AAGA,QAAI,SAAS,WAAW,SAAS,YAAY,2BAA2B;AACtE,aAAO;AAAA,IACT;AAGA,QAAI,SAAS,WAAW,SAAS,YAAY,gCAAgC,SAAS,OAAO;AAC3F,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAE9C,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,cAAc;AAAA,EACpD;AAAA,EAEA,MAAa,OAAO,MAAyC;AAC3D,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,uBAAuB,IAAI;AAExF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAAA,IAEhD;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,SAAwB;AACnC,SAAK,OAAO,IAAI;AAChB,SAAK,YAAY,EAAE,gBAAgB;AAAA,EAErC;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAoB,iBAAiB;AAC/E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,YAAY,IAA2B;AAClD,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAoB,gBAAgB,IAAI;AAClF,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,cAAc,MAA6C;AACtE,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,4BAA4B,IAAI;AAE7F,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAAA,IAEhD;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAA+B;AAC1C,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAuB,kBAAkB;AACnF,WAAO,SAAS;AAAA,EAClB;AACF;;;ACvHO,IAAM,iBAAN,cAA6B,WAAW;AAAA,EAC7C,YAAY,QAAoB;AAC9B,UAAM,MAAM;AAAA,EACd;AAAA;AAAA,EAGA,OAAc,sBAAsB,SAAiC;AACnE,UAAM,aAAa,QAAQ,IAAI,eAAe;AAC9C,QAAI,CAAC,cAAc,CAAC,WAAW,WAAW,SAAS,GAAG;AACpD,aAAO;AAAA,IACT;AACA,WAAO,WAAW,UAAU,CAAC;AAAA,EAC/B;AAAA;AAAA,EAGA,OAAc,sBAAsBA,UAAgC;AAClE,UAAM,cAAcA,SAAQ,MAAM,GAAG;AACrC,eAAW,UAAU,aAAa;AAChC,YAAM,CAAC,MAAM,KAAK,IAAI,OAAO,KAAK,EAAE,MAAM,GAAG;AAC7C,UAAI,SAAS,cAAc;AACzB,eAAO,mBAAmB,KAAK;AAAA,MACjC;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,OAAc,sBAAsB,KAAyB;AAE3D,QAAI,IAAI,SAAS;AACf,YAAM,aAAa,IAAI,QAAQ,iBAAiB,IAAI,QAAQ;AAC5D,UAAI,cAAc,WAAW,WAAW,SAAS,GAAG;AAClD,eAAO,WAAW,UAAU,CAAC;AAAA,MAC/B;AAAA,IACF;AAGA,QAAI,IAAI,SAAS;AACf,aAAO,IAAI,QAAQ,cAAc;AAAA,IACnC;AAGA,QAAI,IAAI,WAAW,IAAI,QAAQ,QAAQ;AACrC,aAAO,KAAK,sBAAsB,IAAI,QAAQ,MAAM;AAAA,IACtD;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,YAAY,OAAqC;AAC5D,QAAI;AAEF,MAAC,KAAa,YAAY,EAAE,aAAa,KAAK;AAG9C,YAAM,OAAO,MAAM,KAAK,WAAW;AACnC,aAAO;AAAA,IACT,SAAS,OAAP;AACA,cAAQ,MAAM,8BAA8B,KAAK;AACjD,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA,EAGA,OAAc,0BAA0B,QAAoB,OAA+B;AACzF,UAAM,SAAS,IAAI,eAAe,MAAM;AACxC,IAAC,OAAe,YAAY,EAAE,aAAa,KAAK;AAChD,IAAC,OAAe,OAAO,IAAI;AAC3B,WAAO;AAAA,EACT;AACF;;;AC3EA,SAAS,eAAe;AACxB,SAAS,gBAAgB;AAQlB,IAAM,aAAN,MAAiB;AAAA,EAGtB,YAAY,QAA2B;AACrC,SAAK,SAAS;AAAA,MACZ,YAAY,QAAQ,cAAc,QAAQ,IAAI,gBAAgB;AAAA,MAC9D,iBAAiB,QAAQ,mBAAmB;AAAA,IAC9C;AAAA,EACF;AAAA,EAEA,MAAM,WAAmC;AACvC,UAAM,cAAc,MAAM,QAAQ;AAClC,UAAM,QAAQ,YAAY,IAAI,KAAK,OAAO,eAAgB;AAC1D,WAAO,OAAO,SAAS;AAAA,EACzB;AAAA,EAEA,MAAM,iBAAuC;AAC3C,UAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,QAAI,CAAC;AAAO,aAAO;AAEnB,QAAI;AACF,YAAM,UAAU,KAAK,MAAM,OAAO,KAAK,MAAM,MAAM,GAAG,EAAE,CAAC,GAAG,QAAQ,EAAE,SAAS,CAAC;AAChF,aAAO,QAAQ,QAAQ;AAAA,IACzB,SAAS,OAAP;AACA,cAAQ,MAAM,oCAAoC,KAAK;AACvD,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,kBAAoC;AACxC,UAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,WAAO,CAAC,CAAC;AAAA,EACX;AAAA,EAEA,MAAM,YAAY,YAAoC;AACpD,UAAM,OAAO,MAAM,KAAK,eAAe;AACvC,QAAI,CAAC,MAAM;AACT,YAAM,YAAY,cAChB,QAAQ,IAAI,sCACZ;AACF,eAAS,SAAS;AAAA,IACpB;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,wBAAwB,YAAoC;AAChE,UAAM,SAAS,MAAM,KAAK,gBAAgB;AAC1C,QAAI,QAAQ;AACV,YAAM,gBAAgB,cACpB,QAAQ,IAAI,yCACZ;AACF,eAAS,aAAa;AAAA,IACxB;AAAA,EACF;AAAA,EAEA,MAAM,aAAmC;AACvC,UAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,QAAI,CAAC;AAAO,aAAO;AAEnB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,6BAA6B;AAAA,QACvE,SAAS;AAAA,UACP,iBAAiB,UAAU;AAAA,QAC7B;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,eAAO;AAAA,MACT;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO,KAAK;AAAA,IACd,SAAS,OAAP;AACA,cAAQ,MAAM,4BAA4B,KAAK;AAC/C,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAGA,IAAI,qBAAwC;AAErC,SAAS,cAAc,QAAuC;AACnE,MAAI,CAAC,oBAAoB;AACvB,yBAAqB,IAAI,WAAW,MAAM;AAAA,EAC5C;AACA,SAAO;AACT;AAGA,eAAsB,cAAoC;AACxD,QAAMC,QAAO,cAAc;AAC3B,SAAOA,MAAK,eAAe;AAC7B;AAEA,eAAsB,OAAO;AAC3B,QAAM,aAAa,cAAc;AACjC,QAAM,OAAO,MAAM,WAAW,eAAe;AAC7C,QAAM,QAAQ,MAAM,WAAW,SAAS;AAExC,SAAO;AAAA,IACL;AAAA,IACA,QAAQ,MAAM,OAAO;AAAA,IACrB,iBAAiB,CAAC,CAAC;AAAA,IACnB;AAAA,EACF;AACF;AAEA,eAAsB,YAAY,YAAoC;AACpE,QAAM,aAAa,cAAc;AACjC,SAAO,WAAW,YAAY,UAAU;AAC1C;AAEA,eAAsB,wBAAwB,YAAoC;AAChF,QAAM,aAAa,cAAc;AACjC,SAAO,WAAW,wBAAwB,UAAU;AACtD;;;AC7HA,SAAsB,oBAAoB;AAUnC,SAAS,eAAe,QAA+B;AAC5D,QAAM;AAAA,IACJ,eAAe,CAAC,eAAe,kBAAkB,sBAAsB,yBAAyB,sBAAsB;AAAA,IACtH,kBAAkB,CAAC,YAAY;AAAA,IAC/B,WAAW;AAAA,IACX,gBAAgB;AAAA,IAChB,kBAAkB;AAAA,EACpB,IAAI,UAAU,CAAC;AAEf,SAAO,SAAS,WAAW,SAAsB;AAC/C,UAAM,EAAE,SAAS,IAAI,QAAQ;AAC7B,UAAM,QAAQ,QAAQ,QAAQ,IAAI,eAAe,GAAG;AACpD,UAAM,kBAAkB,CAAC,CAAC;AAG1B,UAAM,gBAAgB,aAAa,KAAK,WAAS;AAC/C,UAAI,MAAM,SAAS,GAAG,GAAG;AACvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AACA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAGD,UAAM,mBAAmB,gBAAgB,KAAK,WAAS;AACrD,UAAI,MAAM,SAAS,GAAG,GAAG;AACvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AACA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAGD,QAAI,mBAAmB,eAAe;AACpC,aAAO,aAAa,SAAS,IAAI,IAAI,eAAe,QAAQ,GAAG,CAAC;AAAA,IAClE;AAGA,QAAI,CAAC,mBAAmB,kBAAkB;AACxC,YAAM,uBAAuB,IAAI,IAAI,UAAU,QAAQ,GAAG;AAC1D,2BAAqB,aAAa,IAAI,YAAY,QAAQ;AAC1D,aAAO,aAAa,SAAS,oBAAoB;AAAA,IACnD;AAEA,WAAO,aAAa,KAAK;AAAA,EAC3B;AACF;AAGO,SAAS,qBAAqB,QAA+B;AAClE,SAAO,eAAe,MAAM;AAC9B","sourcesContent":["import axios, { AxiosInstance, AxiosRequestConfig, AxiosError } from 'axios';\r\n\r\nexport class HttpClient {\r\n private axiosInstance: AxiosInstance;\r\n private csrfToken: string | null = null;\r\n private frontendBaseUrl: string | null = null;\r\n private baseUrl: string;\r\n\r\n constructor(baseUrl: string, defaultHeaders: Record<string, string> = {}) {\r\n this.baseUrl = baseUrl.replace(/\\/$/, '');\r\n\r\n this.axiosInstance = axios.create({\r\n baseURL: this.baseUrl,\r\n headers: {\r\n 'Content-Type': 'application/json',\r\n ...defaultHeaders\r\n },\r\n withCredentials: true, // Include cookies for CSRF\r\n timeout: 30000 // 30 second timeout\r\n });\r\n\r\n // Request interceptor to add CSRF token and frontend URL\r\n this.axiosInstance.interceptors.request.use(\r\n async (config) => {\r\n // Fetch CSRF token lazily on first mutating request (only on client side)\r\n const isMutatingRequest = ['post', 'put', 'delete', 'patch'].includes(config.method?.toLowerCase() || '');\r\n if (isMutatingRequest && !this.csrfToken && typeof window !== 'undefined') {\r\n try {\r\n await this.refreshCsrfToken();\r\n } catch (error) {\r\n console.warn('Failed to fetch CSRF token:', error);\r\n }\r\n }\r\n\r\n // Add CSRF token to mutating requests\r\n if (this.csrfToken && isMutatingRequest) {\r\n config.headers['x-csrf-token'] = this.csrfToken;\r\n }\r\n\r\n // Add frontend base URL header if available\r\n if (this.frontendBaseUrl) {\r\n config.headers['X-Frontend-URL'] = this.frontendBaseUrl;\r\n }\r\n\r\n return config;\r\n },\r\n (error) => Promise.reject(error)\r\n );\r\n\r\n // Response interceptor for error handling and CSRF token refresh\r\n this.axiosInstance.interceptors.response.use(\r\n (response) => response,\r\n async (error: AxiosError) => {\r\n const originalRequest = error.config as AxiosRequestConfig & { _retry?: boolean };\r\n\r\n // Handle CSRF token refresh on 403\r\n if (error.response?.status === 403 && !originalRequest._retry) {\r\n originalRequest._retry = true;\r\n\r\n try {\r\n await this.refreshCsrfToken();\r\n if (originalRequest.headers) {\r\n originalRequest.headers['x-csrf-token'] = this.csrfToken!;\r\n }\r\n return this.axiosInstance(originalRequest);\r\n } catch (refreshError) {\r\n return Promise.reject(refreshError);\r\n }\r\n }\r\n\r\n return Promise.reject(error);\r\n }\r\n );\r\n }\r\n\r\n public async get<T>(endpoint: string, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.get<T>(endpoint, { headers });\r\n return response.data;\r\n }\r\n\r\n public async post<T>(endpoint: string, data?: any, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.post<T>(endpoint, data, { headers });\r\n return response.data;\r\n }\r\n\r\n public async put<T>(endpoint: string, data?: any, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.put<T>(endpoint, data, { headers });\r\n return response.data;\r\n }\r\n\r\n public async delete<T>(endpoint: string, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.delete<T>(endpoint, { headers });\r\n return response.data;\r\n }\r\n\r\n public setAuthToken(token: string): void {\r\n this.axiosInstance.defaults.headers.common['Authorization'] = `Bearer ${token}`;\r\n }\r\n\r\n public removeAuthToken(): void {\r\n delete this.axiosInstance.defaults.headers.common['Authorization'];\r\n }\r\n\r\n public setCsrfToken(token: string): void {\r\n this.csrfToken = token;\r\n }\r\n\r\n public getCsrfToken(): string | null {\r\n return this.csrfToken;\r\n }\r\n\r\n public removeCsrfToken(): void {\r\n this.csrfToken = null;\r\n }\r\n\r\n public setFrontendBaseUrl(url: string): void {\r\n this.frontendBaseUrl = url;\r\n }\r\n\r\n public getFrontendBaseUrl(): string | null {\r\n return this.frontendBaseUrl;\r\n }\r\n\r\n public removeFrontendBaseUrl(): void {\r\n this.frontendBaseUrl = null;\r\n }\r\n\r\n private async refreshCsrfToken(): Promise<void> {\r\n try {\r\n const response = await this.axiosInstance.get<{ csrfToken: string }>('/api/v1/auth/csrf-token');\r\n this.csrfToken = response.data.csrfToken;\r\n } catch (error) {\r\n console.error('Failed to refresh CSRF token:', error);\r\n throw error;\r\n }\r\n }\r\n}","import { HttpClient } from './http-client';\r\nimport {\r\n AuthResponse,\r\n LoginData,\r\n VerifyData,\r\n UpdateUserData,\r\n User,\r\n AuthConfig,\r\n RegisterData,\r\n OAuthProvider,\r\n CsrfTokenResponse\r\n} from '../types';\r\n\r\nexport class AuthService {\r\n private httpClient: HttpClient;\r\n private config: AuthConfig;\r\n private token: string | null = null;\r\n\r\n constructor(config: AuthConfig) {\r\n this.config = {\r\n localStorageKey: 'auth_token',\r\n csrfEnabled: true,\r\n ...config\r\n };\r\n\r\n this.httpClient = new HttpClient(this.config.baseUrl);\r\n this.loadTokenFromStorage();\r\n\r\n // Set frontend base URL if available\r\n if (typeof window !== 'undefined') {\r\n const frontendBaseUrl = \r\n process.env.NEXT_PUBLIC_FRONTEND_BASE_URL ||\r\n process.env.REACT_APP_FRONTEND_BASE_URL ||\r\n process.env.NEXT_PUBLIC_APP_URL ||\r\n window.location.origin;\r\n \r\n if (frontendBaseUrl) {\r\n this.httpClient.setFrontendBaseUrl(frontendBaseUrl);\r\n }\r\n }\r\n\r\n // CSRF token will be fetched lazily on first mutating request\r\n // This prevents SSR issues and ensures proper initialization\r\n }\r\n\r\n private loadTokenFromStorage(): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n const token = localStorage.getItem(this.config.localStorageKey);\r\n if (token) {\r\n this.token = token;\r\n this.httpClient.setAuthToken(token);\r\n }\r\n } catch (error) {\r\n console.warn('Failed to load token from storage:', error);\r\n }\r\n }\r\n }\r\n\r\n private saveTokenToStorage(token: string): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n localStorage.setItem(this.config.localStorageKey, token);\r\n } catch (error) {\r\n console.warn('Failed to save token to storage:', error);\r\n }\r\n }\r\n }\r\n\r\n private removeTokenFromStorage(): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n localStorage.removeItem(this.config.localStorageKey);\r\n } catch (error) {\r\n console.warn('Failed to remove token from storage:', error);\r\n }\r\n }\r\n }\r\n\r\n public isAuthenticated(): boolean {\r\n return !!this.token;\r\n }\r\n\r\n public getToken(): string | null {\r\n return this.token;\r\n }\r\n\r\n public getCurrentUser(): User | null {\r\n if (!this.token) return null;\r\n\r\n try {\r\n const payload = JSON.parse(atob(this.token.split('.')[1]));\r\n return payload.user || null;\r\n } catch (error) {\r\n console.error('Failed to parse user from token:', error);\r\n return null;\r\n }\r\n }\r\n\r\n // CSRF Token Management\r\n public async refreshCsrfToken(): Promise<void> {\r\n if (!this.config.csrfEnabled) return;\r\n\r\n try {\r\n const response = await this.httpClient.get<CsrfTokenResponse>('/api/v1/auth/csrf-token');\r\n if (response.csrfToken) {\r\n this.httpClient.setCsrfToken(response.csrfToken);\r\n }\r\n } catch (error) {\r\n console.error('Failed to get CSRF token:', error);\r\n }\r\n }\r\n\r\n public getCsrfToken(): string | null {\r\n return this.httpClient.getCsrfToken();\r\n }\r\n\r\n // OAuth Methods\r\n public loginWithOAuth(provider: OAuthProvider): void {\r\n if (typeof window === 'undefined') {\r\n throw new Error('OAuth login is only available in browser environments');\r\n }\r\n\r\n const oauthUrl = `${this.config.baseUrl}/api/v1/auth/oauth/${provider}`;\r\n window.location.href = oauthUrl;\r\n }\r\n\r\n public linkOAuthProvider(provider: OAuthProvider): void {\r\n if (typeof window === 'undefined') {\r\n throw new Error('OAuth linking is only available in browser environments');\r\n }\r\n\r\n if (!this.token) {\r\n throw new Error('Must be authenticated to link OAuth provider');\r\n }\r\n\r\n const linkUrl = `${this.config.baseUrl}/api/v1/auth/oauth/${provider}/link`;\r\n window.location.href = linkUrl;\r\n }\r\n\r\n public async unlinkOAuthProvider(provider: OAuthProvider): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>(\r\n `/api/v1/auth/oauth/${provider}/unlink`\r\n );\r\n return response;\r\n }\r\n\r\n // Standard Auth Methods\r\n public async login(data: LoginData): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/login', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n return response;\r\n }\r\n\r\n if (response.success && (response.message === 'OTP sent to your email.' || response.message === 'OTP sent to your phone number.')) {\r\n return response;\r\n }\r\n\r\n if (response.success && response.message === 'OTP verified successfully.' && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n return response;\r\n }\r\n\r\n throw new Error(response.message || 'Login failed');\r\n }\r\n\r\n public async register(data: RegisterData): Promise<AuthResponse> {\r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/register', data);\r\n\r\n if (response.success && response.message === 'Registration data saved. Verification email sent. Please check your inbox.') {\r\n return response;\r\n }\r\n\r\n throw new Error(response.message || 'Registration failed');\r\n }\r\n\r\n public async verify(data: VerifyData): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/verify', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async verifyEmailToken(token: string): Promise<AuthResponse> {\r\n try {\r\n const response = await this.httpClient.get<AuthResponse>(`/api/v1/auth/verify-email?token=${token}`);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n } catch (error: any) {\r\n // Handle axios error response\r\n if (error.response?.data) {\r\n return {\r\n success: false,\r\n message: error.response.data.message || 'Email verification failed',\r\n };\r\n }\r\n \r\n // Handle network or other errors\r\n return {\r\n success: false,\r\n message: error.message || 'Network error occurred',\r\n };\r\n }\r\n }\r\n\r\n public async logout(): Promise<void> {\r\n // Call backend to clear cookie\r\n try {\r\n await this.httpClient.post('/api/v1/auth/logout', {});\r\n } catch (error) {\r\n console.warn('Failed to call logout endpoint:', error);\r\n }\r\n\r\n this.token = null;\r\n this.httpClient.removeAuthToken();\r\n this.httpClient.removeCsrfToken();\r\n this.removeTokenFromStorage();\r\n }\r\n\r\n public async getProfile(): Promise<User> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ user: User }>('/api/v1/user/me');\r\n return response.user;\r\n }\r\n\r\n public async updateProfile(data: UpdateUserData): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/update/profile', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async getAllUsers(): Promise<User[]> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ users: User[] }>('/api/v1/user/all');\r\n return response.users;\r\n }\r\n\r\n public async getUserById(id: string): Promise<User> {\r\n const response = await this.httpClient.get<{ user: User }>(`/api/v1/user/${id}`);\r\n return response.user;\r\n }\r\n\r\n public async forgotPassword(email: string): Promise<AuthResponse> {\r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/forgot-password', { email });\r\n return response;\r\n }\r\n\r\n public async resetPassword(token: string, password: string): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/reset-password', { token, password });\r\n return response;\r\n }\r\n\r\n public async changePassword(oldPassword: string, newPassword: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/change-password', { \r\n oldPassword, \r\n newPassword \r\n });\r\n return response;\r\n }\r\n\r\n public async updateAvatar(avatar: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/update/profile', { avatar });\r\n \r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async requestEmailChange(newEmail: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/request-email-change', { \r\n newEmail \r\n });\r\n return response;\r\n }\r\n\r\n public async verifyEmailChange(token: string): Promise<AuthResponse> {\r\n const response = await this.httpClient.get<AuthResponse>(`/api/v1/user/verify-email-change?token=${token}`);\r\n \r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n // 2FA / MFA Methods\r\n public async generate2FA(): Promise<{ success: boolean; qrCode?: string; secret?: string; message: string }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<{ success: boolean; qrCode?: string; secret?: string; message: string }>(\r\n '/api/v1/mfa/generate', \r\n {}\r\n );\r\n return response;\r\n }\r\n\r\n public async enable2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/enable', { token });\r\n return response;\r\n }\r\n\r\n public async disable2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/disable', { token });\r\n return response;\r\n }\r\n\r\n public async validate2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/validate', { token });\r\n return response;\r\n }\r\n\r\n // Session Management Methods\r\n public async getSessions(): Promise<{ success: boolean; sessions: any[] }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ success: boolean; sessions: any[] }>('/api/v1/sessions');\r\n return response;\r\n }\r\n\r\n public async revokeSession(sessionId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>(`/api/v1/sessions/${sessionId}`);\r\n return response;\r\n }\r\n\r\n public async revokeAllSessions(): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>('/api/v1/sessions/revoke/all');\r\n \r\n // After revoking all sessions, current session is also revoked\r\n this.token = null;\r\n this.httpClient.removeAuthToken();\r\n this.removeTokenFromStorage();\r\n \r\n return response;\r\n }\r\n\r\n // Admin Methods\r\n public async getAuditLogs(filters?: any): Promise<{ success: boolean; logs: any[] }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ success: boolean; logs: any[] }>(\r\n '/api/v1/admin/audit-logs',\r\n filters\r\n );\r\n return response;\r\n }\r\n\r\n public async adminVerifyUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/verify-user/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminForcePasswordReset(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/force-password-reset/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminSuspendUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/suspend-user/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminActivateUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/activate-user/${userId}`, {});\r\n return response;\r\n }\r\n}","import { AuthService } from '../core/auth-service';\r\nimport { \r\n AuthResponse, \r\n LoginData, \r\n VerifyData, \r\n UpdateUserData, \r\n User,\r\n AuthConfig,\r\n RegisterData\r\n} from '../types';\r\n\r\nexport class AuthClient extends AuthService {\r\n constructor(config: AuthConfig) {\r\n super(config);\r\n }\r\n\r\n // Override methods that require browser-specific features\r\n // For Node.js, token persistence must be handled manually\r\n \r\n public async register(data: RegisterData): Promise<AuthResponse> {\r\n // For Node.js server-side usage, set frontend base URL from environment\r\n const frontendBaseUrl = \r\n process.env.FRONTEND_BASE_URL || \r\n process.env.NEXT_PUBLIC_FRONTEND_BASE_URL ||\r\n process.env.REACT_APP_FRONTEND_BASE_URL;\r\n \r\n if (frontendBaseUrl) {\r\n this['httpClient'].setFrontendBaseUrl(frontendBaseUrl);\r\n }\r\n \r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/register', data);\r\n \r\n if (response.success && response.message === 'Registration data saved. Verification email sent. Please check your inbox.') {\r\n return response;\r\n }\r\n \r\n throw new Error(response.message || 'Registration failed');\r\n }\r\n\r\n public async login(data: LoginData): Promise<AuthResponse> {\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/login', data);\r\n \r\n // Handle successful login with token\r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n return response;\r\n }\r\n \r\n // Handle OTP sent response\r\n if (response.success && response.message === 'OTP sent to your email.') {\r\n return response;\r\n }\r\n \r\n // Handle verification response\r\n if (response.success && response.message === 'OTP verified successfully.' && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n return response;\r\n }\r\n \r\n throw new Error(response.message || 'Login failed');\r\n }\r\n\r\n public async verify(data: VerifyData): Promise<AuthResponse> {\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/verify', data);\r\n \r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n }\r\n \r\n return response;\r\n }\r\n\r\n public async logout(): Promise<void> {\r\n this['token'] = null;\r\n this['httpClient'].removeAuthToken();\r\n // Note: In Node.js, you need to handle token removal manually\r\n }\r\n\r\n public async getProfile(): Promise<User> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].get<{ user: User }>('/api/v1/user/me');\r\n return response.user;\r\n }\r\n\r\n public async getUserById(id: string): Promise<User> {\r\n const response = await this['httpClient'].get<{ user: User }>(`/api/v1/user/${id}`);\r\n return response.user;\r\n }\r\n\r\n public async updateProfile(data: UpdateUserData): Promise<AuthResponse> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/user/update/name', data);\r\n \r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n }\r\n \r\n return response;\r\n }\r\n\r\n public async getAllUsers(): Promise<User[]> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].get<{ users: User[] }>('/api/v1/user/all');\r\n return response.users;\r\n }\r\n}","import { AuthClient } from '../node/auth-client';\r\nimport { AuthConfig, User, RegisterData } from '../types';\r\n\r\n// Server-side authentication utility for Next.js\r\nexport class NextServerAuth extends AuthClient {\r\n constructor(config: AuthConfig) {\r\n super(config);\r\n }\r\n\r\n // Parse token from request headers\r\n public static parseTokenFromHeaders(headers: Headers): string | null {\r\n const authHeader = headers.get('authorization');\r\n if (!authHeader || !authHeader.startsWith('Bearer ')) {\r\n return null;\r\n }\r\n return authHeader.substring(7); // Remove 'Bearer ' prefix\r\n }\r\n\r\n // Parse token from cookies\r\n public static parseTokenFromCookies(cookies: string): string | null {\r\n const cookieArray = cookies.split(';');\r\n for (const cookie of cookieArray) {\r\n const [name, value] = cookie.trim().split('=');\r\n if (name === 'auth_token') {\r\n return decodeURIComponent(value);\r\n }\r\n }\r\n return null;\r\n }\r\n\r\n // Parse token from Next.js request object\r\n public static parseTokenFromRequest(req: any): string | null {\r\n // Try to get token from headers first\r\n if (req.headers) {\r\n const authHeader = req.headers.authorization || req.headers.Authorization;\r\n if (authHeader && authHeader.startsWith('Bearer ')) {\r\n return authHeader.substring(7);\r\n }\r\n }\r\n\r\n // Try to get token from cookies\r\n if (req.cookies) {\r\n return req.cookies.auth_token || null;\r\n }\r\n\r\n // Try to get token from cookie header\r\n if (req.headers && req.headers.cookie) {\r\n return this.parseTokenFromCookies(req.headers.cookie);\r\n }\r\n\r\n return null;\r\n }\r\n\r\n // Verify token and get user\r\n public async verifyToken(token: string): Promise<User | null> {\r\n try {\r\n // Set the token for this request\r\n (this as any)['httpClient'].setAuthToken(token);\r\n \r\n // Get user profile to verify token\r\n const user = await this.getProfile();\r\n return user;\r\n } catch (error) {\r\n console.error('Token verification failed:', error);\r\n return null;\r\n }\r\n }\r\n\r\n // Create authenticated client with token\r\n public static createAuthenticatedClient(config: AuthConfig, token: string): NextServerAuth {\r\n const client = new NextServerAuth(config);\r\n (client as any)['httpClient'].setAuthToken(token);\r\n (client as any)['token'] = token;\r\n return client;\r\n }\r\n}","import { cookies } from 'next/headers';\r\nimport { redirect } from 'next/navigation';\r\nimport { User } from '../types';\r\n\r\ninterface AuthServerConfig {\r\n authApiUrl?: string;\r\n tokenCookieName?: string;\r\n}\r\n\r\nexport class AuthServer {\r\n private config: AuthServerConfig;\r\n\r\n constructor(config?: AuthServerConfig) {\r\n this.config = {\r\n authApiUrl: config?.authApiUrl || process.env.AUTH_API_URL || 'http://localhost:7000',\r\n tokenCookieName: config?.tokenCookieName || 'auth_token',\r\n };\r\n }\r\n\r\n async getToken(): Promise<string | null> {\r\n const cookieStore = await cookies();\r\n const token = cookieStore.get(this.config.tokenCookieName!);\r\n return token?.value || null;\r\n }\r\n\r\n async getCurrentUser(): Promise<User | null> {\r\n const token = await this.getToken();\r\n if (!token) return null;\r\n\r\n try {\r\n const payload = JSON.parse(Buffer.from(token.split('.')[1], 'base64').toString());\r\n return payload.user || null;\r\n } catch (error) {\r\n console.error('Failed to parse user from token:', error);\r\n return null;\r\n }\r\n }\r\n\r\n async isAuthenticated(): Promise<boolean> {\r\n const token = await this.getToken();\r\n return !!token;\r\n }\r\n\r\n async requireAuth(redirectTo?: string): Promise<User> {\r\n const user = await this.getCurrentUser();\r\n if (!user) {\r\n const loginPath = redirectTo || \r\n process.env.NEXT_PUBLIC_AUTH_REDIRECT_TO_LOGIN || \r\n '/auth/login';\r\n redirect(loginPath);\r\n }\r\n return user;\r\n }\r\n\r\n async redirectIfAuthenticated(redirectTo?: string): Promise<void> {\r\n const isAuth = await this.isAuthenticated();\r\n if (isAuth) {\r\n const dashboardPath = redirectTo || \r\n process.env.NEXT_PUBLIC_AUTH_REDIRECT_AFTER_LOGIN || \r\n '/dashboard';\r\n redirect(dashboardPath);\r\n }\r\n }\r\n\r\n async getProfile(): Promise<User | null> {\r\n const token = await this.getToken();\r\n if (!token) return null;\r\n\r\n try {\r\n const response = await fetch(`${this.config.authApiUrl}/api/v1/user/me`, {\r\n headers: {\r\n 'Authorization': `Bearer ${token}`,\r\n },\r\n });\r\n\r\n if (!response.ok) {\r\n return null;\r\n }\r\n\r\n const data = await response.json();\r\n return data.user;\r\n } catch (error) {\r\n console.error('Failed to fetch profile:', error);\r\n return null;\r\n }\r\n }\r\n}\r\n\r\n// Singleton instance\r\nlet authServerInstance: AuthServer | null = null;\r\n\r\nexport function getAuthServer(config?: AuthServerConfig): AuthServer {\r\n if (!authServerInstance) {\r\n authServerInstance = new AuthServer(config);\r\n }\r\n return authServerInstance;\r\n}\r\n\r\n// Convenience functions\r\nexport async function currentUser(): Promise<User | null> {\r\n const auth = getAuthServer();\r\n return auth.getCurrentUser();\r\n}\r\n\r\nexport async function auth() {\r\n const authServer = getAuthServer();\r\n const user = await authServer.getCurrentUser();\r\n const token = await authServer.getToken();\r\n \r\n return {\r\n user,\r\n userId: user?._id || null,\r\n isAuthenticated: !!user,\r\n token,\r\n };\r\n}\r\n\r\nexport async function requireAuth(redirectTo?: string): Promise<User> {\r\n const authServer = getAuthServer();\r\n return authServer.requireAuth(redirectTo);\r\n}\r\n\r\nexport async function redirectIfAuthenticated(redirectTo?: string): Promise<void> {\r\n const authServer = getAuthServer();\r\n return authServer.redirectIfAuthenticated(redirectTo);\r\n}\r\n","import { NextRequest, NextResponse } from 'next/server';\r\n\r\ninterface AuthMiddlewareConfig {\r\n publicRoutes?: string[];\r\n protectedRoutes?: string[];\r\n loginUrl?: string;\r\n afterLoginUrl?: string;\r\n tokenCookieName?: string;\r\n}\r\n\r\nexport function authMiddleware(config?: AuthMiddlewareConfig) {\r\n const {\r\n publicRoutes = ['/auth/login', '/auth/register', '/auth/verify-email', '/auth/forgot-password', '/auth/reset-password'],\r\n protectedRoutes = ['/dashboard'],\r\n loginUrl = '/auth/login',\r\n afterLoginUrl = '/dashboard',\r\n tokenCookieName = 'auth_token',\r\n } = config || {};\r\n\r\n return function middleware(request: NextRequest) {\r\n const { pathname } = request.nextUrl;\r\n const token = request.cookies.get(tokenCookieName)?.value;\r\n const isAuthenticated = !!token;\r\n\r\n // Check if current path is public\r\n const isPublicRoute = publicRoutes.some(route => {\r\n if (route.endsWith('*')) {\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n return pathname === route || pathname.startsWith(route + '/');\r\n });\r\n\r\n // Check if current path is protected\r\n const isProtectedRoute = protectedRoutes.some(route => {\r\n if (route.endsWith('*')) {\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n return pathname === route || pathname.startsWith(route + '/');\r\n });\r\n\r\n // Redirect authenticated users away from public routes\r\n if (isAuthenticated && isPublicRoute) {\r\n return NextResponse.redirect(new URL(afterLoginUrl, request.url));\r\n }\r\n\r\n // Redirect unauthenticated users away from protected routes\r\n if (!isAuthenticated && isProtectedRoute) {\r\n const loginUrlWithRedirect = new URL(loginUrl, request.url);\r\n loginUrlWithRedirect.searchParams.set('redirect', pathname);\r\n return NextResponse.redirect(loginUrlWithRedirect);\r\n }\r\n\r\n return NextResponse.next();\r\n };\r\n}\r\n\r\n// Helper to create middleware config\r\nexport function createAuthMiddleware(config?: AuthMiddlewareConfig) {\r\n return authMiddleware(config);\r\n}\r\n"]}
|