@thetechfossil/auth2 1.2.3 → 1.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (27) hide show
  1. package/dist/index.components.d.ts +14 -1
  2. package/dist/index.components.js +1284 -638
  3. package/dist/index.components.js.map +1 -1
  4. package/dist/index.components.mjs +1186 -543
  5. package/dist/index.components.mjs.map +1 -1
  6. package/dist/index.d.ts +48 -5
  7. package/dist/index.js +1364 -669
  8. package/dist/index.js.map +1 -1
  9. package/dist/index.mjs +1237 -544
  10. package/dist/index.mjs.map +1 -1
  11. package/dist/index.next.d.ts +41 -6
  12. package/dist/index.next.js +1382 -687
  13. package/dist/index.next.js.map +1 -1
  14. package/dist/index.next.mjs +1234 -544
  15. package/dist/index.next.mjs.map +1 -1
  16. package/dist/index.next.server.d.ts +16 -5
  17. package/dist/index.next.server.js +16 -9
  18. package/dist/index.next.server.js.map +1 -1
  19. package/dist/index.next.server.mjs +16 -9
  20. package/dist/index.next.server.mjs.map +1 -1
  21. package/dist/index.node.d.ts +16 -5
  22. package/dist/index.node.js +15 -9
  23. package/dist/index.node.js.map +1 -1
  24. package/dist/index.node.mjs +15 -9
  25. package/dist/index.node.mjs.map +1 -1
  26. package/package.json +90 -87
  27. package/README.NEW.md +0 -365
package/dist/index.next.server.d.ts CHANGED
@@ -7,9 +7,12 @@ interface LinkedAccount {
7
7
  avatar?: string;
8
8
  }
9
9
  interface User {
10
- _id: string;
10
+ id: string;
11
+ _id?: string;
11
12
  name: string;
12
13
  email: string;
14
+ phoneNumber?: string;
15
+ avatar?: string;
13
16
  role: string;
14
17
  linkedAccounts?: LinkedAccount[];
15
18
  createdAt: string;
@@ -23,21 +26,28 @@ interface AuthResponse {
23
26
  csrfToken?: string;
24
27
  }
25
28
  interface LoginData {
26
- email: string;
29
+ email?: string;
30
+ phoneNumber?: string;
27
31
  password?: string;
28
32
  otp?: string;
29
33
  }
30
34
  interface VerifyData {
31
- email: string;
35
+ email?: string;
36
+ phoneNumber?: string;
32
37
  otp: string;
33
38
  }
34
39
  interface RegisterData {
35
40
  name: string;
36
- email: string;
41
+ email?: string;
42
+ phoneNumber?: string;
37
43
  password: string;
38
44
  }
39
45
  interface UpdateUserData {
40
- name: string;
46
+ name?: string;
47
+ avatar?: string;
48
+ email?: string;
49
+ username?: string;
50
+ phoneNumber?: string;
41
51
  }
42
52
  type OAuthProvider = 'google' | 'github';
43
53
  interface OAuthConfig {
@@ -172,6 +182,7 @@ declare class HttpClient {
172
182
  private axiosInstance;
173
183
  private csrfToken;
174
184
  private frontendBaseUrl;
185
+ private baseUrl;
175
186
  constructor(baseUrl: string, defaultHeaders?: Record<string, string>);
176
187
  get<T>(endpoint: string, headers?: Record<string, string>): Promise<T>;
177
188
  post<T>(endpoint: string, data?: any, headers?: Record<string, string>): Promise<T>;
package/dist/index.next.server.js CHANGED
@@ -14,8 +14,9 @@ var HttpClient = class {
14
14
  constructor(baseUrl, defaultHeaders = {}) {
15
15
  this.csrfToken = null;
16
16
  this.frontendBaseUrl = null;
17
+ this.baseUrl = baseUrl.replace(/\/$/, "");
17
18
  this.axiosInstance = axios__default.default.create({
18
- baseURL: baseUrl.replace(/\/$/, ""),
19
+ baseURL: this.baseUrl,
19
20
  headers: {
20
21
  "Content-Type": "application/json",
21
22
  ...defaultHeaders
@@ -26,8 +27,16 @@ var HttpClient = class {
26
27
  // 30 second timeout
27
28
  });
28
29
  this.axiosInstance.interceptors.request.use(
29
- (config) => {
30
- if (this.csrfToken && ["post", "put", "delete", "patch"].includes(config.method?.toLowerCase() || "")) {
30
+ async (config) => {
31
+ const isMutatingRequest = ["post", "put", "delete", "patch"].includes(config.method?.toLowerCase() || "");
32
+ if (isMutatingRequest && !this.csrfToken && typeof window !== "undefined") {
33
+ try {
34
+ await this.refreshCsrfToken();
35
+ } catch (error) {
36
+ console.warn("Failed to fetch CSRF token:", error);
37
+ }
38
+ }
39
+ if (this.csrfToken && isMutatingRequest) {
31
40
  config.headers["x-csrf-token"] = this.csrfToken;
32
41
  }
33
42
  if (this.frontendBaseUrl) {
@@ -125,9 +134,6 @@ var AuthService = class {
125
134
  this.httpClient.setFrontendBaseUrl(frontendBaseUrl);
126
135
  }
127
136
  }
128
- if (this.config.csrfEnabled && typeof window !== "undefined") {
129
- this.refreshCsrfToken();
130
- }
131
137
  }
132
138
  loadTokenFromStorage() {
133
139
  if (typeof window !== "undefined" && this.config.localStorageKey) {
@@ -229,7 +235,7 @@ var AuthService = class {
229
235
  this.saveTokenToStorage(response.token);
230
236
  return response;
231
237
  }
232
- if (response.success && response.message === "OTP sent to your email.") {
238
+ if (response.success && (response.message === "OTP sent to your email." || response.message === "OTP sent to your phone number.")) {
233
239
  return response;
234
240
  }
235
241
  if (response.success && response.message === "OTP verified successfully." && response.token) {
@@ -300,7 +306,7 @@ var AuthService = class {
300
306
  if (!this.token) {
301
307
  throw new Error("Not authenticated");
302
308
  }
303
- const response = await this.httpClient.post("/api/v1/user/update/user", data);
309
+ const response = await this.httpClient.post("/api/v1/user/update/profile", data);
304
310
  if (response.success && response.token) {
305
311
  this.token = response.token;
306
312
  this.httpClient.setAuthToken(response.token);
@@ -341,7 +347,7 @@ var AuthService = class {
341
347
  if (!this.token) {
342
348
  throw new Error("Not authenticated");
343
349
  }
344
- const response = await this.httpClient.post("/api/v1/user/update/avatar", { avatar });
350
+ const response = await this.httpClient.post("/api/v1/user/update/profile", { avatar });
345
351
  if (response.success && response.token) {
346
352
  this.token = response.token;
347
353
  this.httpClient.setAuthToken(response.token);
@@ -635,6 +641,7 @@ var AuthServer = class {
635
641
  if (!user) {
636
642
  const loginPath = redirectTo || process.env.NEXT_PUBLIC_AUTH_REDIRECT_TO_LOGIN || "/auth/login";
637
643
  navigation.redirect(loginPath);
644
+ throw new Error("Redirecting to login");
638
645
  }
639
646
  return user;
640
647
  }
package/dist/index.next.server.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/core/http-client.ts","../src/core/auth-service.ts","../src/node/auth-client.ts","../src/nextjs/server-auth.ts","../src/nextjs/server.ts","../src/nextjs/middleware.ts"],"names":["cookies","auth"],"mappings":";AAAA,OAAO,WAA8D;AAE9D,IAAM,aAAN,MAAiB;AAAA,EAKtB,YAAY,SAAiB,iBAAyC,CAAC,GAAG;AAH1E,SAAQ,YAA2B;AACnC,SAAQ,kBAAiC;AAGvC,SAAK,gBAAgB,MAAM,OAAO;AAAA,MAChC,SAAS,QAAQ,QAAQ,OAAO,EAAE;AAAA,MAClC,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,GAAG;AAAA,MACL;AAAA,MACA,iBAAiB;AAAA;AAAA,MACjB,SAAS;AAAA;AAAA,IACX,CAAC;AAGD,SAAK,cAAc,aAAa,QAAQ;AAAA,MACtC,CAAC,WAAW;AAEV,YAAI,KAAK,aAAa,CAAC,QAAQ,OAAO,UAAU,OAAO,EAAE,SAAS,OAAO,QAAQ,YAAY,KAAK,EAAE,GAAG;AACrG,iBAAO,QAAQ,cAAc,IAAI,KAAK;AAAA,QACxC;AAGA,YAAI,KAAK,iBAAiB;AACxB,iBAAO,QAAQ,gBAAgB,IAAI,KAAK;AAAA,QAC1C;AAEA,eAAO;AAAA,MACT;AAAA,MACA,CAAC,UAAU,QAAQ,OAAO,KAAK;AAAA,IACjC;AAGA,SAAK,cAAc,aAAa,SAAS;AAAA,MACvC,CAAC,aAAa;AAAA,MACd,OAAO,UAAsB;AAC3B,cAAM,kBAAkB,MAAM;AAG9B,YAAI,MAAM,UAAU,WAAW,OAAO,CAAC,gBAAgB,QAAQ;AAC7D,0BAAgB,SAAS;AAEzB,cAAI;AACF,kBAAM,KAAK,iBAAiB;AAC5B,gBAAI,gBAAgB,SAAS;AAC3B,8BAAgB,QAAQ,cAAc,IAAI,KAAK;AAAA,YACjD;AACA,mBAAO,KAAK,cAAc,eAAe;AAAA,UAC3C,SAAS,cAAP;AACA,mBAAO,QAAQ,OAAO,YAAY;AAAA,UACpC;AAAA,QACF;AAEA,eAAO,QAAQ,OAAO,KAAK;AAAA,MAC7B;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,IAAO,UAAkB,SAA8C;AAClF,UAAM,WAAW,MAAM,KAAK,cAAc,IAAO,UAAU,EAAE,QAAQ,CAAC;AACtE,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,KAAQ,UAAkB,MAAY,SAA8C;AAC/F,UAAM,WAAW,MAAM,KAAK,cAAc,KAAQ,UAAU,MAAM,EAAE,QAAQ,CAAC;AAC7E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,IAAO,UAAkB,MAAY,SAA8C;AAC9F,UAAM,WAAW,MAAM,KAAK,cAAc,IAAO,UAAU,MAAM,EAAE,QAAQ,CAAC;AAC5E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,OAAU,UAAkB,SAA8C;AACrF,UAAM,WAAW,MAAM,KAAK,cAAc,OAAU,UAAU,EAAE,QAAQ,CAAC;AACzE,WAAO,SAAS;AAAA,EAClB;AAAA,EAEO,aAAa,OAAqB;AACvC,SAAK,cAAc,SAAS,QAAQ,OAAO,eAAe,IAAI,UAAU;AAAA,EAC1E;AAAA,EAEO,kBAAwB;AAC7B,WAAO,KAAK,cAAc,SAAS,QAAQ,OAAO,eAAe;AAAA,EACnE;AAAA,EAEO,aAAa,OAAqB;AACvC,SAAK,YAAY;AAAA,EACnB;AAAA,EAEO,eAA8B;AACnC,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,kBAAwB;AAC7B,SAAK,YAAY;AAAA,EACnB;AAAA,EAEO,mBAAmB,KAAmB;AAC3C,SAAK,kBAAkB;AAAA,EACzB;AAAA,EAEO,qBAAoC;AACzC,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,wBAA8B;AACnC,SAAK,kBAAkB;AAAA,EACzB;AAAA,EAEA,MAAc,mBAAkC;AAC9C,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,cAAc,IAA2B,yBAAyB;AAC9F,WAAK,YAAY,SAAS,KAAK;AAAA,IACjC,SAAS,OAAP;AACA,cAAQ,MAAM,iCAAiC,KAAK;AACpD,YAAM;AAAA,IACR;AAAA,EACF;AACF;;;AC9GO,IAAM,cAAN,MAAkB;AAAA,EAKvB,YAAY,QAAoB;AAFhC,SAAQ,QAAuB;AAG7B,SAAK,SAAS;AAAA,MACZ,iBAAiB;AAAA,MACjB,aAAa;AAAA,MACb,GAAG;AAAA,IACL;AAEA,SAAK,aAAa,IAAI,WAAW,KAAK,OAAO,OAAO;AACpD,SAAK,qBAAqB;AAG1B,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,kBACJ,QAAQ,IAAI,iCACZ,QAAQ,IAAI,+BACZ,QAAQ,IAAI,uBACZ,OAAO,SAAS;AAElB,UAAI,iBAAiB;AACnB,aAAK,WAAW,mBAAmB,eAAe;AAAA,MACpD;AAAA,IACF;AAGA,QAAI,KAAK,OAAO,eAAe,OAAO,WAAW,aAAa;AAC5D,WAAK,iBAAiB;AAAA,IACxB;AAAA,EACF;AAAA,EAEQ,uBAA6B;AACnC,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,cAAM,QAAQ,aAAa,QAAQ,KAAK,OAAO,eAAe;AAC9D,YAAI,OAAO;AACT,eAAK,QAAQ;AACb,eAAK,WAAW,aAAa,KAAK;AAAA,QACpC;AAAA,MACF,SAAS,OAAP;AACA,gBAAQ,KAAK,sCAAsC,KAAK;AAAA,MAC1D;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,mBAAmB,OAAqB;AAC9C,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,qBAAa,QAAQ,KAAK,OAAO,iBAAiB,KAAK;AAAA,MACzD,SAAS,OAAP;AACA,gBAAQ,KAAK,oCAAoC,KAAK;AAAA,MACxD;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,yBAA+B;AACrC,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,qBAAa,WAAW,KAAK,OAAO,eAAe;AAAA,MACrD,SAAS,OAAP;AACA,gBAAQ,KAAK,wCAAwC,KAAK;AAAA,MAC5D;AAAA,IACF;AAAA,EACF;AAAA,EAEO,kBAA2B;AAChC,WAAO,CAAC,CAAC,KAAK;AAAA,EAChB;AAAA,EAEO,WAA0B;AAC/B,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,iBAA8B;AACnC,QAAI,CAAC,KAAK;AAAO,aAAO;AAExB,QAAI;AACF,YAAM,UAAU,KAAK,MAAM,KAAK,KAAK,MAAM,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC;AACzD,aAAO,QAAQ,QAAQ;AAAA,IACzB,SAAS,OAAP;AACA,cAAQ,MAAM,oCAAoC,KAAK;AACvD,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA,EAGA,MAAa,mBAAkC;AAC7C,QAAI,CAAC,KAAK,OAAO;AAAa;AAE9B,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,WAAW,IAAuB,yBAAyB;AACvF,UAAI,SAAS,WAAW;AACtB,aAAK,WAAW,aAAa,SAAS,SAAS;AAAA,MACjD;AAAA,IACF,SAAS,OAAP;AACA,cAAQ,MAAM,6BAA6B,KAAK;AAAA,IAClD;AAAA,EACF;AAAA,EAEO,eAA8B;AACnC,WAAO,KAAK,WAAW,aAAa;AAAA,EACtC;AAAA;AAAA,EAGO,eAAe,UAA+B;AACnD,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,IAAI,MAAM,uDAAuD;AAAA,IACzE;AAEA,UAAM,WAAW,GAAG,KAAK,OAAO,6BAA6B;AAC7D,WAAO,SAAS,OAAO;AAAA,EACzB;AAAA,EAEO,kBAAkB,UAA+B;AACtD,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,IAAI,MAAM,yDAAyD;AAAA,IAC3E;AAEA,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,8CAA8C;AAAA,IAChE;AAEA,UAAM,UAAU,GAAG,KAAK,OAAO,6BAA6B;AAC5D,WAAO,SAAS,OAAO;AAAA,EACzB;AAAA,EAEA,MAAa,oBAAoB,UAAgD;AAC/E,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC,sBAAsB;AAAA,IACxB;AACA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,MAAM,MAAwC;AACzD,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sBAAsB,IAAI;AAEpF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AACtC,aAAO;AAAA,IACT;AAEA,QAAI,SAAS,WAAW,SAAS,YAAY,2BAA2B;AACtE,aAAO;AAAA,IACT;AAEA,QAAI,SAAS,WAAW,SAAS,YAAY,gCAAgC,SAAS,OAAO;AAC3F,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AACtC,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,cAAc;AAAA,EACpD;AAAA,EAEA,MAAa,SAAS,MAA2C;AAE/D,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,yBAAyB,IAAI;AAEvF,QAAI,SAAS,WAAW,SAAS,YAAY,8EAA8E;AACzH,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,qBAAqB;AAAA,EAC3D;AAAA,EAEA,MAAa,OAAO,MAAyC;AAC3D,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,uBAAuB,IAAI;AAErF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,iBAAiB,OAAsC;AAClE,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,WAAW,IAAkB,mCAAmC,OAAO;AAEnG,UAAI,SAAS,WAAW,SAAS,OAAO;AACtC,aAAK,QAAQ,SAAS;AACtB,aAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,aAAK,mBAAmB,SAAS,KAAK;AAAA,MACxC;AAEA,aAAO;AAAA,IACT,SAAS,OAAP;AAEA,UAAI,MAAM,UAAU,MAAM;AACxB,eAAO;AAAA,UACL,SAAS;AAAA,UACT,SAAS,MAAM,SAAS,KAAK,WAAW;AAAA,QAC1C;AAAA,MACF;AAGA,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS,MAAM,WAAW;AAAA,MAC5B;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,SAAwB;AAEnC,QAAI;AACF,YAAM,KAAK,WAAW,KAAK,uBAAuB,CAAC,CAAC;AAAA,IACtD,SAAS,OAAP;AACA,cAAQ,KAAK,mCAAmC,KAAK;AAAA,IACvD;AAEA,SAAK,QAAQ;AACb,SAAK,WAAW,gBAAgB;AAChC,SAAK,WAAW,gBAAgB;AAChC,SAAK,uBAAuB;AAAA,EAC9B;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAAoB,iBAAiB;AAC5E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,cAAc,MAA6C;AACtE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,4BAA4B,IAAI;AAE1F,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAA+B;AAC1C,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAAuB,kBAAkB;AAChF,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,YAAY,IAA2B;AAClD,UAAM,WAAW,MAAM,KAAK,WAAW,IAAoB,gBAAgB,IAAI;AAC/E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,eAAe,OAAsC;AAEhE,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,gCAAgC,EAAE,MAAM,CAAC;AACnG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAAc,OAAe,UAAyC;AACjF,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,EAAE,OAAO,SAAS,CAAC;AAC5G,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,eAAe,aAAqB,aAA4C;AAC3F,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,gCAAgC;AAAA,MACxF;AAAA,MACA;AAAA,IACF,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,aAAa,QAAuC;AAC/D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,8BAA8B,EAAE,OAAO,CAAC;AAElG,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,mBAAmB,UAAyC;AACvE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,qCAAqC;AAAA,MAC7F;AAAA,IACF,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,kBAAkB,OAAsC;AACnE,UAAM,WAAW,MAAM,KAAK,WAAW,IAAkB,0CAA0C,OAAO;AAE1G,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,cAAgG;AAC3G,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC;AAAA,MACA,CAAC;AAAA,IACH;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,UAAU,OAAsC;AAC3D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sBAAsB,EAAE,MAAM,CAAC;AACzF,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,WAAW,OAAsC;AAC5D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,uBAAuB,EAAE,MAAM,CAAC;AAC1F,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,YAAY,OAAsC;AAC7D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,wBAAwB,EAAE,MAAM,CAAC;AAC3F,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,cAA8D;AACzE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAA2C,kBAAkB;AACpG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAAc,WAA0C;AACnE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,OAAqB,oBAAoB,WAAW;AAC3F,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,oBAA2C;AACtD,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,OAAqB,6BAA6B;AAGzF,SAAK,QAAQ;AACb,SAAK,WAAW,gBAAgB;AAChC,SAAK,uBAAuB;AAE5B,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,aAAa,SAA2D;AACnF,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC;AAAA,MACA;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,gBAAgB,QAAuC;AAClE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,6BAA6B,UAAU,CAAC,CAAC;AACnG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,wBAAwB,QAAuC;AAC1E,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sCAAsC,UAAU,CAAC,CAAC;AAC5G,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,iBAAiB,QAAuC;AACnE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,8BAA8B,UAAU,CAAC,CAAC;AACpG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,kBAAkB,QAAuC;AACpE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,UAAU,CAAC,CAAC;AACrG,WAAO;AAAA,EACT;AACF;;;ACvcO,IAAM,aAAN,cAAyB,YAAY;AAAA,EAC1C,YAAY,QAAoB;AAC9B,UAAM,MAAM;AAAA,EACd;AAAA;AAAA;AAAA,EAKA,MAAa,SAAS,MAA2C;AAE/D,UAAM,kBACJ,QAAQ,IAAI,qBACZ,QAAQ,IAAI,iCACZ,QAAQ,IAAI;AAEd,QAAI,iBAAiB;AACnB,WAAK,YAAY,EAAE,mBAAmB,eAAe;AAAA,IACvD;AAGA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,yBAAyB,IAAI;AAE1F,QAAI,SAAS,WAAW,SAAS,YAAY,8EAA8E;AACzH,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,qBAAqB;AAAA,EAC3D;AAAA,EAEA,MAAa,MAAM,MAAwC;AACzD,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,sBAAsB,IAAI;AAGvF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAE9C,aAAO;AAAA,IACT;AAGA,QAAI,SAAS,WAAW,SAAS,YAAY,2BAA2B;AACtE,aAAO;AAAA,IACT;AAGA,QAAI,SAAS,WAAW,SAAS,YAAY,gCAAgC,SAAS,OAAO;AAC3F,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAE9C,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,cAAc;AAAA,EACpD;AAAA,EAEA,MAAa,OAAO,MAAyC;AAC3D,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,uBAAuB,IAAI;AAExF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAAA,IAEhD;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,SAAwB;AACnC,SAAK,OAAO,IAAI;AAChB,SAAK,YAAY,EAAE,gBAAgB;AAAA,EAErC;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAoB,iBAAiB;AAC/E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,YAAY,IAA2B;AAClD,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAoB,gBAAgB,IAAI;AAClF,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,cAAc,MAA6C;AACtE,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,4BAA4B,IAAI;AAE7F,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAAA,IAEhD;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAA+B;AAC1C,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAuB,kBAAkB;AACnF,WAAO,SAAS;AAAA,EAClB;AACF;;;ACvHO,IAAM,iBAAN,cAA6B,WAAW;AAAA,EAC7C,YAAY,QAAoB;AAC9B,UAAM,MAAM;AAAA,EACd;AAAA;AAAA,EAGA,OAAc,sBAAsB,SAAiC;AACnE,UAAM,aAAa,QAAQ,IAAI,eAAe;AAC9C,QAAI,CAAC,cAAc,CAAC,WAAW,WAAW,SAAS,GAAG;AACpD,aAAO;AAAA,IACT;AACA,WAAO,WAAW,UAAU,CAAC;AAAA,EAC/B;AAAA;AAAA,EAGA,OAAc,sBAAsBA,UAAgC;AAClE,UAAM,cAAcA,SAAQ,MAAM,GAAG;AACrC,eAAW,UAAU,aAAa;AAChC,YAAM,CAAC,MAAM,KAAK,IAAI,OAAO,KAAK,EAAE,MAAM,GAAG;AAC7C,UAAI,SAAS,cAAc;AACzB,eAAO,mBAAmB,KAAK;AAAA,MACjC;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,OAAc,sBAAsB,KAAyB;AAE3D,QAAI,IAAI,SAAS;AACf,YAAM,aAAa,IAAI,QAAQ,iBAAiB,IAAI,QAAQ;AAC5D,UAAI,cAAc,WAAW,WAAW,SAAS,GAAG;AAClD,eAAO,WAAW,UAAU,CAAC;AAAA,MAC/B;AAAA,IACF;AAGA,QAAI,IAAI,SAAS;AACf,aAAO,IAAI,QAAQ,cAAc;AAAA,IACnC;AAGA,QAAI,IAAI,WAAW,IAAI,QAAQ,QAAQ;AACrC,aAAO,KAAK,sBAAsB,IAAI,QAAQ,MAAM;AAAA,IACtD;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,YAAY,OAAqC;AAC5D,QAAI;AAEF,MAAC,KAAa,YAAY,EAAE,aAAa,KAAK;AAG9C,YAAM,OAAO,MAAM,KAAK,WAAW;AACnC,aAAO;AAAA,IACT,SAAS,OAAP;AACA,cAAQ,MAAM,8BAA8B,KAAK;AACjD,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA,EAGA,OAAc,0BAA0B,QAAoB,OAA+B;AACzF,UAAM,SAAS,IAAI,eAAe,MAAM;AACxC,IAAC,OAAe,YAAY,EAAE,aAAa,KAAK;AAChD,IAAC,OAAe,OAAO,IAAI;AAC3B,WAAO;AAAA,EACT;AACF;;;AC3EA,SAAS,eAAe;AACxB,SAAS,gBAAgB;AAQlB,IAAM,aAAN,MAAiB;AAAA,EAGtB,YAAY,QAA2B;AACrC,SAAK,SAAS;AAAA,MACZ,YAAY,QAAQ,cAAc,QAAQ,IAAI,gBAAgB;AAAA,MAC9D,iBAAiB,QAAQ,mBAAmB;AAAA,IAC9C;AAAA,EACF;AAAA,EAEA,MAAM,WAAmC;AACvC,UAAM,cAAc,MAAM,QAAQ;AAClC,UAAM,QAAQ,YAAY,IAAI,KAAK,OAAO,eAAgB;AAC1D,WAAO,OAAO,SAAS;AAAA,EACzB;AAAA,EAEA,MAAM,iBAAuC;AAC3C,UAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,QAAI,CAAC;AAAO,aAAO;AAEnB,QAAI;AACF,YAAM,UAAU,KAAK,MAAM,OAAO,KAAK,MAAM,MAAM,GAAG,EAAE,CAAC,GAAG,QAAQ,EAAE,SAAS,CAAC;AAChF,aAAO,QAAQ,QAAQ;AAAA,IACzB,SAAS,OAAP;AACA,cAAQ,MAAM,oCAAoC,KAAK;AACvD,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,kBAAoC;AACxC,UAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,WAAO,CAAC,CAAC;AAAA,EACX;AAAA,EAEA,MAAM,YAAY,YAAoC;AACpD,UAAM,OAAO,MAAM,KAAK,eAAe;AACvC,QAAI,CAAC,MAAM;AACT,YAAM,YAAY,cAChB,QAAQ,IAAI,sCACZ;AACF,eAAS,SAAS;AAAA,IACpB;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,wBAAwB,YAAoC;AAChE,UAAM,SAAS,MAAM,KAAK,gBAAgB;AAC1C,QAAI,QAAQ;AACV,YAAM,gBAAgB,cACpB,QAAQ,IAAI,yCACZ;AACF,eAAS,aAAa;AAAA,IACxB;AAAA,EACF;AAAA,EAEA,MAAM,aAAmC;AACvC,UAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,QAAI,CAAC;AAAO,aAAO;AAEnB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,6BAA6B;AAAA,QACvE,SAAS;AAAA,UACP,iBAAiB,UAAU;AAAA,QAC7B;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,eAAO;AAAA,MACT;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO,KAAK;AAAA,IACd,SAAS,OAAP;AACA,cAAQ,MAAM,4BAA4B,KAAK;AAC/C,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAGA,IAAI,qBAAwC;AAErC,SAAS,cAAc,QAAuC;AACnE,MAAI,CAAC,oBAAoB;AACvB,yBAAqB,IAAI,WAAW,MAAM;AAAA,EAC5C;AACA,SAAO;AACT;AAGA,eAAsB,cAAoC;AACxD,QAAMC,QAAO,cAAc;AAC3B,SAAOA,MAAK,eAAe;AAC7B;AAEA,eAAsB,OAAO;AAC3B,QAAM,aAAa,cAAc;AACjC,QAAM,OAAO,MAAM,WAAW,eAAe;AAC7C,QAAM,QAAQ,MAAM,WAAW,SAAS;AAExC,SAAO;AAAA,IACL;AAAA,IACA,QAAQ,MAAM,OAAO;AAAA,IACrB,iBAAiB,CAAC,CAAC;AAAA,IACnB;AAAA,EACF;AACF;AAEA,eAAsB,YAAY,YAAoC;AACpE,QAAM,aAAa,cAAc;AACjC,SAAO,WAAW,YAAY,UAAU;AAC1C;AAEA,eAAsB,wBAAwB,YAAoC;AAChF,QAAM,aAAa,cAAc;AACjC,SAAO,WAAW,wBAAwB,UAAU;AACtD;;;AC7HA,SAAsB,oBAAoB;AAUnC,SAAS,eAAe,QAA+B;AAC5D,QAAM;AAAA,IACJ,eAAe,CAAC,eAAe,kBAAkB,sBAAsB,yBAAyB,sBAAsB;AAAA,IACtH,kBAAkB,CAAC,YAAY;AAAA,IAC/B,WAAW;AAAA,IACX,gBAAgB;AAAA,IAChB,kBAAkB;AAAA,EACpB,IAAI,UAAU,CAAC;AAEf,SAAO,SAAS,WAAW,SAAsB;AAC/C,UAAM,EAAE,SAAS,IAAI,QAAQ;AAC7B,UAAM,QAAQ,QAAQ,QAAQ,IAAI,eAAe,GAAG;AACpD,UAAM,kBAAkB,CAAC,CAAC;AAG1B,UAAM,gBAAgB,aAAa,KAAK,WAAS;AAC/C,UAAI,MAAM,SAAS,GAAG,GAAG;AACvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AACA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAGD,UAAM,mBAAmB,gBAAgB,KAAK,WAAS;AACrD,UAAI,MAAM,SAAS,GAAG,GAAG;AACvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AACA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAGD,QAAI,mBAAmB,eAAe;AACpC,aAAO,aAAa,SAAS,IAAI,IAAI,eAAe,QAAQ,GAAG,CAAC;AAAA,IAClE;AAGA,QAAI,CAAC,mBAAmB,kBAAkB;AACxC,YAAM,uBAAuB,IAAI,IAAI,UAAU,QAAQ,GAAG;AAC1D,2BAAqB,aAAa,IAAI,YAAY,QAAQ;AAC1D,aAAO,aAAa,SAAS,oBAAoB;AAAA,IACnD;AAEA,WAAO,aAAa,KAAK;AAAA,EAC3B;AACF;AAGO,SAAS,qBAAqB,QAA+B;AAClE,SAAO,eAAe,MAAM;AAC9B","sourcesContent":["import axios, { AxiosInstance, AxiosRequestConfig, AxiosError } from 'axios';\r\n\r\nexport class HttpClient {\r\n private axiosInstance: AxiosInstance;\r\n private csrfToken: string | null = null;\r\n private frontendBaseUrl: string | null = null;\r\n\r\n constructor(baseUrl: string, defaultHeaders: Record<string, string> = {}) {\r\n this.axiosInstance = axios.create({\r\n baseURL: baseUrl.replace(/\\/$/, ''),\r\n headers: {\r\n 'Content-Type': 'application/json',\r\n ...defaultHeaders\r\n },\r\n withCredentials: true, // Include cookies for CSRF\r\n timeout: 30000 // 30 second timeout\r\n });\r\n\r\n // Request interceptor to add CSRF token and frontend URL\r\n this.axiosInstance.interceptors.request.use(\r\n (config) => {\r\n // Add CSRF token to mutating requests\r\n if (this.csrfToken && ['post', 'put', 'delete', 'patch'].includes(config.method?.toLowerCase() || '')) {\r\n config.headers['x-csrf-token'] = this.csrfToken;\r\n }\r\n \r\n // Add frontend base URL header if available\r\n if (this.frontendBaseUrl) {\r\n config.headers['X-Frontend-URL'] = this.frontendBaseUrl;\r\n }\r\n \r\n return config;\r\n },\r\n (error) => Promise.reject(error)\r\n );\r\n\r\n // Response interceptor for error handling and CSRF token refresh\r\n this.axiosInstance.interceptors.response.use(\r\n (response) => response,\r\n async (error: AxiosError) => {\r\n const originalRequest = error.config as AxiosRequestConfig & { _retry?: boolean };\r\n\r\n // Handle CSRF token refresh on 403\r\n if (error.response?.status === 403 && !originalRequest._retry) {\r\n originalRequest._retry = true;\r\n\r\n try {\r\n await this.refreshCsrfToken();\r\n if (originalRequest.headers) {\r\n originalRequest.headers['x-csrf-token'] = this.csrfToken!;\r\n }\r\n return this.axiosInstance(originalRequest);\r\n } catch (refreshError) {\r\n return Promise.reject(refreshError);\r\n }\r\n }\r\n\r\n return Promise.reject(error);\r\n }\r\n );\r\n }\r\n\r\n public async get<T>(endpoint: string, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.get<T>(endpoint, { headers });\r\n return response.data;\r\n }\r\n\r\n public async post<T>(endpoint: string, data?: any, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.post<T>(endpoint, data, { headers });\r\n return response.data;\r\n }\r\n\r\n public async put<T>(endpoint: string, data?: any, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.put<T>(endpoint, data, { headers });\r\n return response.data;\r\n }\r\n\r\n public async delete<T>(endpoint: string, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.delete<T>(endpoint, { headers });\r\n return response.data;\r\n }\r\n\r\n public setAuthToken(token: string): void {\r\n this.axiosInstance.defaults.headers.common['Authorization'] = `Bearer ${token}`;\r\n }\r\n\r\n public removeAuthToken(): void {\r\n delete this.axiosInstance.defaults.headers.common['Authorization'];\r\n }\r\n\r\n public setCsrfToken(token: string): void {\r\n this.csrfToken = token;\r\n }\r\n\r\n public getCsrfToken(): string | null {\r\n return this.csrfToken;\r\n }\r\n\r\n public removeCsrfToken(): void {\r\n this.csrfToken = null;\r\n }\r\n\r\n public setFrontendBaseUrl(url: string): void {\r\n this.frontendBaseUrl = url;\r\n }\r\n\r\n public getFrontendBaseUrl(): string | null {\r\n return this.frontendBaseUrl;\r\n }\r\n\r\n public removeFrontendBaseUrl(): void {\r\n this.frontendBaseUrl = null;\r\n }\r\n\r\n private async refreshCsrfToken(): Promise<void> {\r\n try {\r\n const response = await this.axiosInstance.get<{ csrfToken: string }>('/api/v1/auth/csrf-token');\r\n this.csrfToken = response.data.csrfToken;\r\n } catch (error) {\r\n console.error('Failed to refresh CSRF token:', error);\r\n throw error;\r\n }\r\n }\r\n}","import { HttpClient } from './http-client';\r\nimport {\r\n AuthResponse,\r\n LoginData,\r\n VerifyData,\r\n UpdateUserData,\r\n User,\r\n AuthConfig,\r\n RegisterData,\r\n OAuthProvider,\r\n CsrfTokenResponse\r\n} from '../types';\r\n\r\nexport class AuthService {\r\n private httpClient: HttpClient;\r\n private config: AuthConfig;\r\n private token: string | null = null;\r\n\r\n constructor(config: AuthConfig) {\r\n this.config = {\r\n localStorageKey: 'auth_token',\r\n csrfEnabled: true,\r\n ...config\r\n };\r\n\r\n this.httpClient = new HttpClient(this.config.baseUrl);\r\n this.loadTokenFromStorage();\r\n\r\n // Set frontend base URL if available\r\n if (typeof window !== 'undefined') {\r\n const frontendBaseUrl = \r\n process.env.NEXT_PUBLIC_FRONTEND_BASE_URL ||\r\n process.env.REACT_APP_FRONTEND_BASE_URL ||\r\n process.env.NEXT_PUBLIC_APP_URL ||\r\n window.location.origin;\r\n \r\n if (frontendBaseUrl) {\r\n this.httpClient.setFrontendBaseUrl(frontendBaseUrl);\r\n }\r\n }\r\n\r\n // Initialize CSRF token if enabled\r\n if (this.config.csrfEnabled && typeof window !== 'undefined') {\r\n this.refreshCsrfToken();\r\n }\r\n }\r\n\r\n private loadTokenFromStorage(): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n const token = localStorage.getItem(this.config.localStorageKey);\r\n if (token) {\r\n this.token = token;\r\n this.httpClient.setAuthToken(token);\r\n }\r\n } catch (error) {\r\n console.warn('Failed to load token from storage:', error);\r\n }\r\n }\r\n }\r\n\r\n private saveTokenToStorage(token: string): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n localStorage.setItem(this.config.localStorageKey, token);\r\n } catch (error) {\r\n console.warn('Failed to save token to storage:', error);\r\n }\r\n }\r\n }\r\n\r\n private removeTokenFromStorage(): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n localStorage.removeItem(this.config.localStorageKey);\r\n } catch (error) {\r\n console.warn('Failed to remove token from storage:', error);\r\n }\r\n }\r\n }\r\n\r\n public isAuthenticated(): boolean {\r\n return !!this.token;\r\n }\r\n\r\n public getToken(): string | null {\r\n return this.token;\r\n }\r\n\r\n public getCurrentUser(): User | null {\r\n if (!this.token) return null;\r\n\r\n try {\r\n const payload = JSON.parse(atob(this.token.split('.')[1]));\r\n return payload.user || null;\r\n } catch (error) {\r\n console.error('Failed to parse user from token:', error);\r\n return null;\r\n }\r\n }\r\n\r\n // CSRF Token Management\r\n public async refreshCsrfToken(): Promise<void> {\r\n if (!this.config.csrfEnabled) return;\r\n\r\n try {\r\n const response = await this.httpClient.get<CsrfTokenResponse>('/api/v1/auth/csrf-token');\r\n if (response.csrfToken) {\r\n this.httpClient.setCsrfToken(response.csrfToken);\r\n }\r\n } catch (error) {\r\n console.error('Failed to get CSRF token:', error);\r\n }\r\n }\r\n\r\n public getCsrfToken(): string | null {\r\n return this.httpClient.getCsrfToken();\r\n }\r\n\r\n // OAuth Methods\r\n public loginWithOAuth(provider: OAuthProvider): void {\r\n if (typeof window === 'undefined') {\r\n throw new Error('OAuth login is only available in browser environments');\r\n }\r\n\r\n const oauthUrl = `${this.config.baseUrl}/api/v1/auth/oauth/${provider}`;\r\n window.location.href = oauthUrl;\r\n }\r\n\r\n public linkOAuthProvider(provider: OAuthProvider): void {\r\n if (typeof window === 'undefined') {\r\n throw new Error('OAuth linking is only available in browser environments');\r\n }\r\n\r\n if (!this.token) {\r\n throw new Error('Must be authenticated to link OAuth provider');\r\n }\r\n\r\n const linkUrl = `${this.config.baseUrl}/api/v1/auth/oauth/${provider}/link`;\r\n window.location.href = linkUrl;\r\n }\r\n\r\n public async unlinkOAuthProvider(provider: OAuthProvider): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>(\r\n `/api/v1/auth/oauth/${provider}/unlink`\r\n );\r\n return response;\r\n }\r\n\r\n // Standard Auth Methods\r\n public async login(data: LoginData): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/login', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n return response;\r\n }\r\n\r\n if (response.success && response.message === 'OTP sent to your email.') {\r\n return response;\r\n }\r\n\r\n if (response.success && response.message === 'OTP verified successfully.' && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n return response;\r\n }\r\n\r\n throw new Error(response.message || 'Login failed');\r\n }\r\n\r\n public async register(data: RegisterData): Promise<AuthResponse> {\r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/register', data);\r\n\r\n if (response.success && response.message === 'Registration data saved. Verification email sent. Please check your inbox.') {\r\n return response;\r\n }\r\n\r\n throw new Error(response.message || 'Registration failed');\r\n }\r\n\r\n public async verify(data: VerifyData): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/verify', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async verifyEmailToken(token: string): Promise<AuthResponse> {\r\n try {\r\n const response = await this.httpClient.get<AuthResponse>(`/api/v1/auth/verify-email?token=${token}`);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n } catch (error: any) {\r\n // Handle axios error response\r\n if (error.response?.data) {\r\n return {\r\n success: false,\r\n message: error.response.data.message || 'Email verification failed',\r\n };\r\n }\r\n \r\n // Handle network or other errors\r\n return {\r\n success: false,\r\n message: error.message || 'Network error occurred',\r\n };\r\n }\r\n }\r\n\r\n public async logout(): Promise<void> {\r\n // Call backend to clear cookie\r\n try {\r\n await this.httpClient.post('/api/v1/auth/logout', {});\r\n } catch (error) {\r\n console.warn('Failed to call logout endpoint:', error);\r\n }\r\n\r\n this.token = null;\r\n this.httpClient.removeAuthToken();\r\n this.httpClient.removeCsrfToken();\r\n this.removeTokenFromStorage();\r\n }\r\n\r\n public async getProfile(): Promise<User> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ user: User }>('/api/v1/user/me');\r\n return response.user;\r\n }\r\n\r\n public async updateProfile(data: UpdateUserData): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/update/user', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async getAllUsers(): Promise<User[]> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ users: User[] }>('/api/v1/user/all');\r\n return response.users;\r\n }\r\n\r\n public async getUserById(id: string): Promise<User> {\r\n const response = await this.httpClient.get<{ user: User }>(`/api/v1/user/${id}`);\r\n return response.user;\r\n }\r\n\r\n public async forgotPassword(email: string): Promise<AuthResponse> {\r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/forgot-password', { email });\r\n return response;\r\n }\r\n\r\n public async resetPassword(token: string, password: string): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/reset-password', { token, password });\r\n return response;\r\n }\r\n\r\n public async changePassword(oldPassword: string, newPassword: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/change-password', { \r\n oldPassword, \r\n newPassword \r\n });\r\n return response;\r\n }\r\n\r\n public async updateAvatar(avatar: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/update/avatar', { avatar });\r\n \r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async requestEmailChange(newEmail: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/request-email-change', { \r\n newEmail \r\n });\r\n return response;\r\n }\r\n\r\n public async verifyEmailChange(token: string): Promise<AuthResponse> {\r\n const response = await this.httpClient.get<AuthResponse>(`/api/v1/user/verify-email-change?token=${token}`);\r\n \r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n // 2FA / MFA Methods\r\n public async generate2FA(): Promise<{ success: boolean; qrCode?: string; secret?: string; message: string }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<{ success: boolean; qrCode?: string; secret?: string; message: string }>(\r\n '/api/v1/mfa/generate', \r\n {}\r\n );\r\n return response;\r\n }\r\n\r\n public async enable2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/enable', { token });\r\n return response;\r\n }\r\n\r\n public async disable2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/disable', { token });\r\n return response;\r\n }\r\n\r\n public async validate2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/validate', { token });\r\n return response;\r\n }\r\n\r\n // Session Management Methods\r\n public async getSessions(): Promise<{ success: boolean; sessions: any[] }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ success: boolean; sessions: any[] }>('/api/v1/sessions');\r\n return response;\r\n }\r\n\r\n public async revokeSession(sessionId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>(`/api/v1/sessions/${sessionId}`);\r\n return response;\r\n }\r\n\r\n public async revokeAllSessions(): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>('/api/v1/sessions/revoke/all');\r\n \r\n // After revoking all sessions, current session is also revoked\r\n this.token = null;\r\n this.httpClient.removeAuthToken();\r\n this.removeTokenFromStorage();\r\n \r\n return response;\r\n }\r\n\r\n // Admin Methods\r\n public async getAuditLogs(filters?: any): Promise<{ success: boolean; logs: any[] }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ success: boolean; logs: any[] }>(\r\n '/api/v1/admin/audit-logs',\r\n filters\r\n );\r\n return response;\r\n }\r\n\r\n public async adminVerifyUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/verify-user/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminForcePasswordReset(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/force-password-reset/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminSuspendUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/suspend-user/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminActivateUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/activate-user/${userId}`, {});\r\n return response;\r\n }\r\n}","import { AuthService } from '../core/auth-service';\r\nimport { \r\n AuthResponse, \r\n LoginData, \r\n VerifyData, \r\n UpdateUserData, \r\n User,\r\n AuthConfig,\r\n RegisterData\r\n} from '../types';\r\n\r\nexport class AuthClient extends AuthService {\r\n constructor(config: AuthConfig) {\r\n super(config);\r\n }\r\n\r\n // Override methods that require browser-specific features\r\n // For Node.js, token persistence must be handled manually\r\n \r\n public async register(data: RegisterData): Promise<AuthResponse> {\r\n // For Node.js server-side usage, set frontend base URL from environment\r\n const frontendBaseUrl = \r\n process.env.FRONTEND_BASE_URL || \r\n process.env.NEXT_PUBLIC_FRONTEND_BASE_URL ||\r\n process.env.REACT_APP_FRONTEND_BASE_URL;\r\n \r\n if (frontendBaseUrl) {\r\n this['httpClient'].setFrontendBaseUrl(frontendBaseUrl);\r\n }\r\n \r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/register', data);\r\n \r\n if (response.success && response.message === 'Registration data saved. Verification email sent. Please check your inbox.') {\r\n return response;\r\n }\r\n \r\n throw new Error(response.message || 'Registration failed');\r\n }\r\n\r\n public async login(data: LoginData): Promise<AuthResponse> {\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/login', data);\r\n \r\n // Handle successful login with token\r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n return response;\r\n }\r\n \r\n // Handle OTP sent response\r\n if (response.success && response.message === 'OTP sent to your email.') {\r\n return response;\r\n }\r\n \r\n // Handle verification response\r\n if (response.success && response.message === 'OTP verified successfully.' && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n return response;\r\n }\r\n \r\n throw new Error(response.message || 'Login failed');\r\n }\r\n\r\n public async verify(data: VerifyData): Promise<AuthResponse> {\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/verify', data);\r\n \r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n }\r\n \r\n return response;\r\n }\r\n\r\n public async logout(): Promise<void> {\r\n this['token'] = null;\r\n this['httpClient'].removeAuthToken();\r\n // Note: In Node.js, you need to handle token removal manually\r\n }\r\n\r\n public async getProfile(): Promise<User> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].get<{ user: User }>('/api/v1/user/me');\r\n return response.user;\r\n }\r\n\r\n public async getUserById(id: string): Promise<User> {\r\n const response = await this['httpClient'].get<{ user: User }>(`/api/v1/user/${id}`);\r\n return response.user;\r\n }\r\n\r\n public async updateProfile(data: UpdateUserData): Promise<AuthResponse> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/user/update/name', data);\r\n \r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n }\r\n \r\n return response;\r\n }\r\n\r\n public async getAllUsers(): Promise<User[]> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].get<{ users: User[] }>('/api/v1/user/all');\r\n return response.users;\r\n }\r\n}","import { AuthClient } from '../node/auth-client';\r\nimport { AuthConfig, User, RegisterData } from '../types';\r\n\r\n// Server-side authentication utility for Next.js\r\nexport class NextServerAuth extends AuthClient {\r\n constructor(config: AuthConfig) {\r\n super(config);\r\n }\r\n\r\n // Parse token from request headers\r\n public static parseTokenFromHeaders(headers: Headers): string | null {\r\n const authHeader = headers.get('authorization');\r\n if (!authHeader || !authHeader.startsWith('Bearer ')) {\r\n return null;\r\n }\r\n return authHeader.substring(7); // Remove 'Bearer ' prefix\r\n }\r\n\r\n // Parse token from cookies\r\n public static parseTokenFromCookies(cookies: string): string | null {\r\n const cookieArray = cookies.split(';');\r\n for (const cookie of cookieArray) {\r\n const [name, value] = cookie.trim().split('=');\r\n if (name === 'auth_token') {\r\n return decodeURIComponent(value);\r\n }\r\n }\r\n return null;\r\n }\r\n\r\n // Parse token from Next.js request object\r\n public static parseTokenFromRequest(req: any): string | null {\r\n // Try to get token from headers first\r\n if (req.headers) {\r\n const authHeader = req.headers.authorization || req.headers.Authorization;\r\n if (authHeader && authHeader.startsWith('Bearer ')) {\r\n return authHeader.substring(7);\r\n }\r\n }\r\n\r\n // Try to get token from cookies\r\n if (req.cookies) {\r\n return req.cookies.auth_token || null;\r\n }\r\n\r\n // Try to get token from cookie header\r\n if (req.headers && req.headers.cookie) {\r\n return this.parseTokenFromCookies(req.headers.cookie);\r\n }\r\n\r\n return null;\r\n }\r\n\r\n // Verify token and get user\r\n public async verifyToken(token: string): Promise<User | null> {\r\n try {\r\n // Set the token for this request\r\n (this as any)['httpClient'].setAuthToken(token);\r\n \r\n // Get user profile to verify token\r\n const user = await this.getProfile();\r\n return user;\r\n } catch (error) {\r\n console.error('Token verification failed:', error);\r\n return null;\r\n }\r\n }\r\n\r\n // Create authenticated client with token\r\n public static createAuthenticatedClient(config: AuthConfig, token: string): NextServerAuth {\r\n const client = new NextServerAuth(config);\r\n (client as any)['httpClient'].setAuthToken(token);\r\n (client as any)['token'] = token;\r\n return client;\r\n }\r\n}","import { cookies } from 'next/headers';\r\nimport { redirect } from 'next/navigation';\r\nimport { User } from '../types';\r\n\r\ninterface AuthServerConfig {\r\n authApiUrl?: string;\r\n tokenCookieName?: string;\r\n}\r\n\r\nexport class AuthServer {\r\n private config: AuthServerConfig;\r\n\r\n constructor(config?: AuthServerConfig) {\r\n this.config = {\r\n authApiUrl: config?.authApiUrl || process.env.AUTH_API_URL || 'http://localhost:7000',\r\n tokenCookieName: config?.tokenCookieName || 'auth_token',\r\n };\r\n }\r\n\r\n async getToken(): Promise<string | null> {\r\n const cookieStore = await cookies();\r\n const token = cookieStore.get(this.config.tokenCookieName!);\r\n return token?.value || null;\r\n }\r\n\r\n async getCurrentUser(): Promise<User | null> {\r\n const token = await this.getToken();\r\n if (!token) return null;\r\n\r\n try {\r\n const payload = JSON.parse(Buffer.from(token.split('.')[1], 'base64').toString());\r\n return payload.user || null;\r\n } catch (error) {\r\n console.error('Failed to parse user from token:', error);\r\n return null;\r\n }\r\n }\r\n\r\n async isAuthenticated(): Promise<boolean> {\r\n const token = await this.getToken();\r\n return !!token;\r\n }\r\n\r\n async requireAuth(redirectTo?: string): Promise<User> {\r\n const user = await this.getCurrentUser();\r\n if (!user) {\r\n const loginPath = redirectTo || \r\n process.env.NEXT_PUBLIC_AUTH_REDIRECT_TO_LOGIN || \r\n '/auth/login';\r\n redirect(loginPath);\r\n }\r\n return user;\r\n }\r\n\r\n async redirectIfAuthenticated(redirectTo?: string): Promise<void> {\r\n const isAuth = await this.isAuthenticated();\r\n if (isAuth) {\r\n const dashboardPath = redirectTo || \r\n process.env.NEXT_PUBLIC_AUTH_REDIRECT_AFTER_LOGIN || \r\n '/dashboard';\r\n redirect(dashboardPath);\r\n }\r\n }\r\n\r\n async getProfile(): Promise<User | null> {\r\n const token = await this.getToken();\r\n if (!token) return null;\r\n\r\n try {\r\n const response = await fetch(`${this.config.authApiUrl}/api/v1/user/me`, {\r\n headers: {\r\n 'Authorization': `Bearer ${token}`,\r\n },\r\n });\r\n\r\n if (!response.ok) {\r\n return null;\r\n }\r\n\r\n const data = await response.json();\r\n return data.user;\r\n } catch (error) {\r\n console.error('Failed to fetch profile:', error);\r\n return null;\r\n }\r\n }\r\n}\r\n\r\n// Singleton instance\r\nlet authServerInstance: AuthServer | null = null;\r\n\r\nexport function getAuthServer(config?: AuthServerConfig): AuthServer {\r\n if (!authServerInstance) {\r\n authServerInstance = new AuthServer(config);\r\n }\r\n return authServerInstance;\r\n}\r\n\r\n// Convenience functions\r\nexport async function currentUser(): Promise<User | null> {\r\n const auth = getAuthServer();\r\n return auth.getCurrentUser();\r\n}\r\n\r\nexport async function auth() {\r\n const authServer = getAuthServer();\r\n const user = await authServer.getCurrentUser();\r\n const token = await authServer.getToken();\r\n \r\n return {\r\n user,\r\n userId: user?._id || null,\r\n isAuthenticated: !!user,\r\n token,\r\n };\r\n}\r\n\r\nexport async function requireAuth(redirectTo?: string): Promise<User> {\r\n const authServer = getAuthServer();\r\n return authServer.requireAuth(redirectTo);\r\n}\r\n\r\nexport async function redirectIfAuthenticated(redirectTo?: string): Promise<void> {\r\n const authServer = getAuthServer();\r\n return authServer.redirectIfAuthenticated(redirectTo);\r\n}\r\n","import { NextRequest, NextResponse } from 'next/server';\r\n\r\ninterface AuthMiddlewareConfig {\r\n publicRoutes?: string[];\r\n protectedRoutes?: string[];\r\n loginUrl?: string;\r\n afterLoginUrl?: string;\r\n tokenCookieName?: string;\r\n}\r\n\r\nexport function authMiddleware(config?: AuthMiddlewareConfig) {\r\n const {\r\n publicRoutes = ['/auth/login', '/auth/register', '/auth/verify-email', '/auth/forgot-password', '/auth/reset-password'],\r\n protectedRoutes = ['/dashboard'],\r\n loginUrl = '/auth/login',\r\n afterLoginUrl = '/dashboard',\r\n tokenCookieName = 'auth_token',\r\n } = config || {};\r\n\r\n return function middleware(request: NextRequest) {\r\n const { pathname } = request.nextUrl;\r\n const token = request.cookies.get(tokenCookieName)?.value;\r\n const isAuthenticated = !!token;\r\n\r\n // Check if current path is public\r\n const isPublicRoute = publicRoutes.some(route => {\r\n if (route.endsWith('*')) {\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n return pathname === route || pathname.startsWith(route + '/');\r\n });\r\n\r\n // Check if current path is protected\r\n const isProtectedRoute = protectedRoutes.some(route => {\r\n if (route.endsWith('*')) {\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n return pathname === route || pathname.startsWith(route + '/');\r\n });\r\n\r\n // Redirect authenticated users away from public routes\r\n if (isAuthenticated && isPublicRoute) {\r\n return NextResponse.redirect(new URL(afterLoginUrl, request.url));\r\n }\r\n\r\n // Redirect unauthenticated users away from protected routes\r\n if (!isAuthenticated && isProtectedRoute) {\r\n const loginUrlWithRedirect = new URL(loginUrl, request.url);\r\n loginUrlWithRedirect.searchParams.set('redirect', pathname);\r\n return NextResponse.redirect(loginUrlWithRedirect);\r\n }\r\n\r\n return NextResponse.next();\r\n };\r\n}\r\n\r\n// Helper to create middleware config\r\nexport function createAuthMiddleware(config?: AuthMiddlewareConfig) {\r\n return authMiddleware(config);\r\n}\r\n"]}
1
+ {"version":3,"sources":["../src/core/http-client.ts","../src/core/auth-service.ts","../src/node/auth-client.ts","../src/nextjs/server-auth.ts","../src/nextjs/server.ts","../src/nextjs/middleware.ts"],"names":["cookies","auth"],"mappings":";AAAA,OAAO,WAA8D;AAE9D,IAAM,aAAN,MAAiB;AAAA,EAMtB,YAAY,SAAiB,iBAAyC,CAAC,GAAG;AAJ1E,SAAQ,YAA2B;AACnC,SAAQ,kBAAiC;AAIvC,SAAK,UAAU,QAAQ,QAAQ,OAAO,EAAE;AAExC,SAAK,gBAAgB,MAAM,OAAO;AAAA,MAChC,SAAS,KAAK;AAAA,MACd,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,GAAG;AAAA,MACL;AAAA,MACA,iBAAiB;AAAA;AAAA,MACjB,SAAS;AAAA;AAAA,IACX,CAAC;AAGD,SAAK,cAAc,aAAa,QAAQ;AAAA,MACtC,OAAO,WAAW;AAEhB,cAAM,oBAAoB,CAAC,QAAQ,OAAO,UAAU,OAAO,EAAE,SAAS,OAAO,QAAQ,YAAY,KAAK,EAAE;AACxG,YAAI,qBAAqB,CAAC,KAAK,aAAa,OAAO,WAAW,aAAa;AACzE,cAAI;AACF,kBAAM,KAAK,iBAAiB;AAAA,UAC9B,SAAS,OAAP;AACA,oBAAQ,KAAK,+BAA+B,KAAK;AAAA,UACnD;AAAA,QACF;AAGA,YAAI,KAAK,aAAa,mBAAmB;AACvC,iBAAO,QAAQ,cAAc,IAAI,KAAK;AAAA,QACxC;AAGA,YAAI,KAAK,iBAAiB;AACxB,iBAAO,QAAQ,gBAAgB,IAAI,KAAK;AAAA,QAC1C;AAEA,eAAO;AAAA,MACT;AAAA,MACA,CAAC,UAAU,QAAQ,OAAO,KAAK;AAAA,IACjC;AAGA,SAAK,cAAc,aAAa,SAAS;AAAA,MACvC,CAAC,aAAa;AAAA,MACd,OAAO,UAAsB;AAC3B,cAAM,kBAAkB,MAAM;AAG9B,YAAI,MAAM,UAAU,WAAW,OAAO,CAAC,gBAAgB,QAAQ;AAC7D,0BAAgB,SAAS;AAEzB,cAAI;AACF,kBAAM,KAAK,iBAAiB;AAC5B,gBAAI,gBAAgB,SAAS;AAC3B,8BAAgB,QAAQ,cAAc,IAAI,KAAK;AAAA,YACjD;AACA,mBAAO,KAAK,cAAc,eAAe;AAAA,UAC3C,SAAS,cAAP;AACA,mBAAO,QAAQ,OAAO,YAAY;AAAA,UACpC;AAAA,QACF;AAEA,eAAO,QAAQ,OAAO,KAAK;AAAA,MAC7B;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,IAAO,UAAkB,SAA8C;AAClF,UAAM,WAAW,MAAM,KAAK,cAAc,IAAO,UAAU,EAAE,QAAQ,CAAC;AACtE,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,KAAQ,UAAkB,MAAY,SAA8C;AAC/F,UAAM,WAAW,MAAM,KAAK,cAAc,KAAQ,UAAU,MAAM,EAAE,QAAQ,CAAC;AAC7E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,IAAO,UAAkB,MAAY,SAA8C;AAC9F,UAAM,WAAW,MAAM,KAAK,cAAc,IAAO,UAAU,MAAM,EAAE,QAAQ,CAAC;AAC5E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,OAAU,UAAkB,SAA8C;AACrF,UAAM,WAAW,MAAM,KAAK,cAAc,OAAU,UAAU,EAAE,QAAQ,CAAC;AACzE,WAAO,SAAS;AAAA,EAClB;AAAA,EAEO,aAAa,OAAqB;AACvC,SAAK,cAAc,SAAS,QAAQ,OAAO,eAAe,IAAI,UAAU;AAAA,EAC1E;AAAA,EAEO,kBAAwB;AAC7B,WAAO,KAAK,cAAc,SAAS,QAAQ,OAAO,eAAe;AAAA,EACnE;AAAA,EAEO,aAAa,OAAqB;AACvC,SAAK,YAAY;AAAA,EACnB;AAAA,EAEO,eAA8B;AACnC,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,kBAAwB;AAC7B,SAAK,YAAY;AAAA,EACnB;AAAA,EAEO,mBAAmB,KAAmB;AAC3C,SAAK,kBAAkB;AAAA,EACzB;AAAA,EAEO,qBAAoC;AACzC,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,wBAA8B;AACnC,SAAK,kBAAkB;AAAA,EACzB;AAAA,EAEA,MAAc,mBAAkC;AAC9C,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,cAAc,IAA2B,yBAAyB;AAC9F,WAAK,YAAY,SAAS,KAAK;AAAA,IACjC,SAAS,OAAP;AACA,cAAQ,MAAM,iCAAiC,KAAK;AACpD,YAAM;AAAA,IACR;AAAA,EACF;AACF;;;AC3HO,IAAM,cAAN,MAAkB;AAAA,EAKvB,YAAY,QAAoB;AAFhC,SAAQ,QAAuB;AAG7B,SAAK,SAAS;AAAA,MACZ,iBAAiB;AAAA,MACjB,aAAa;AAAA,MACb,GAAG;AAAA,IACL;AAEA,SAAK,aAAa,IAAI,WAAW,KAAK,OAAO,OAAO;AACpD,SAAK,qBAAqB;AAG1B,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,kBACJ,QAAQ,IAAI,iCACZ,QAAQ,IAAI,+BACZ,QAAQ,IAAI,uBACZ,OAAO,SAAS;AAElB,UAAI,iBAAiB;AACnB,aAAK,WAAW,mBAAmB,eAAe;AAAA,MACpD;AAAA,IACF;AAAA,EAIF;AAAA,EAEQ,uBAA6B;AACnC,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,cAAM,QAAQ,aAAa,QAAQ,KAAK,OAAO,eAAe;AAC9D,YAAI,OAAO;AACT,eAAK,QAAQ;AACb,eAAK,WAAW,aAAa,KAAK;AAAA,QACpC;AAAA,MACF,SAAS,OAAP;AACA,gBAAQ,KAAK,sCAAsC,KAAK;AAAA,MAC1D;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,mBAAmB,OAAqB;AAC9C,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,qBAAa,QAAQ,KAAK,OAAO,iBAAiB,KAAK;AAAA,MACzD,SAAS,OAAP;AACA,gBAAQ,KAAK,oCAAoC,KAAK;AAAA,MACxD;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,yBAA+B;AACrC,QAAI,OAAO,WAAW,eAAe,KAAK,OAAO,iBAAiB;AAChE,UAAI;AACF,qBAAa,WAAW,KAAK,OAAO,eAAe;AAAA,MACrD,SAAS,OAAP;AACA,gBAAQ,KAAK,wCAAwC,KAAK;AAAA,MAC5D;AAAA,IACF;AAAA,EACF;AAAA,EAEO,kBAA2B;AAChC,WAAO,CAAC,CAAC,KAAK;AAAA,EAChB;AAAA,EAEO,WAA0B;AAC/B,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,iBAA8B;AACnC,QAAI,CAAC,KAAK;AAAO,aAAO;AAExB,QAAI;AACF,YAAM,UAAU,KAAK,MAAM,KAAK,KAAK,MAAM,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC;AACzD,aAAO,QAAQ,QAAQ;AAAA,IACzB,SAAS,OAAP;AACA,cAAQ,MAAM,oCAAoC,KAAK;AACvD,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA,EAGA,MAAa,mBAAkC;AAC7C,QAAI,CAAC,KAAK,OAAO;AAAa;AAE9B,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,WAAW,IAAuB,yBAAyB;AACvF,UAAI,SAAS,WAAW;AACtB,aAAK,WAAW,aAAa,SAAS,SAAS;AAAA,MACjD;AAAA,IACF,SAAS,OAAP;AACA,cAAQ,MAAM,6BAA6B,KAAK;AAAA,IAClD;AAAA,EACF;AAAA,EAEO,eAA8B;AACnC,WAAO,KAAK,WAAW,aAAa;AAAA,EACtC;AAAA;AAAA,EAGO,eAAe,UAA+B;AACnD,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,IAAI,MAAM,uDAAuD;AAAA,IACzE;AAEA,UAAM,WAAW,GAAG,KAAK,OAAO,6BAA6B;AAC7D,WAAO,SAAS,OAAO;AAAA,EACzB;AAAA,EAEO,kBAAkB,UAA+B;AACtD,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,IAAI,MAAM,yDAAyD;AAAA,IAC3E;AAEA,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,8CAA8C;AAAA,IAChE;AAEA,UAAM,UAAU,GAAG,KAAK,OAAO,6BAA6B;AAC5D,WAAO,SAAS,OAAO;AAAA,EACzB;AAAA,EAEA,MAAa,oBAAoB,UAAgD;AAC/E,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC,sBAAsB;AAAA,IACxB;AACA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,MAAM,MAAwC;AACzD,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sBAAsB,IAAI;AAEpF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AACtC,aAAO;AAAA,IACT;AAEA,QAAI,SAAS,YAAY,SAAS,YAAY,6BAA6B,SAAS,YAAY,mCAAmC;AACjI,aAAO;AAAA,IACT;AAEA,QAAI,SAAS,WAAW,SAAS,YAAY,gCAAgC,SAAS,OAAO;AAC3F,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AACtC,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,cAAc;AAAA,EACpD;AAAA,EAEA,MAAa,SAAS,MAA2C;AAE/D,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,yBAAyB,IAAI;AAEvF,QAAI,SAAS,WAAW,SAAS,YAAY,8EAA8E;AACzH,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,qBAAqB;AAAA,EAC3D;AAAA,EAEA,MAAa,OAAO,MAAyC;AAC3D,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,uBAAuB,IAAI;AAErF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,iBAAiB,OAAsC;AAClE,QAAI;AACF,YAAM,WAAW,MAAM,KAAK,WAAW,IAAkB,mCAAmC,OAAO;AAEnG,UAAI,SAAS,WAAW,SAAS,OAAO;AACtC,aAAK,QAAQ,SAAS;AACtB,aAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,aAAK,mBAAmB,SAAS,KAAK;AAAA,MACxC;AAEA,aAAO;AAAA,IACT,SAAS,OAAP;AAEA,UAAI,MAAM,UAAU,MAAM;AACxB,eAAO;AAAA,UACL,SAAS;AAAA,UACT,SAAS,MAAM,SAAS,KAAK,WAAW;AAAA,QAC1C;AAAA,MACF;AAGA,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS,MAAM,WAAW;AAAA,MAC5B;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,SAAwB;AAEnC,QAAI;AACF,YAAM,KAAK,WAAW,KAAK,uBAAuB,CAAC,CAAC;AAAA,IACtD,SAAS,OAAP;AACA,cAAQ,KAAK,mCAAmC,KAAK;AAAA,IACvD;AAEA,SAAK,QAAQ;AACb,SAAK,WAAW,gBAAgB;AAChC,SAAK,WAAW,gBAAgB;AAChC,SAAK,uBAAuB;AAAA,EAC9B;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAAoB,iBAAiB;AAC5E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,cAAc,MAA6C;AACtE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,IAAI;AAE7F,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAA+B;AAC1C,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAAuB,kBAAkB;AAChF,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,YAAY,IAA2B;AAClD,UAAM,WAAW,MAAM,KAAK,WAAW,IAAoB,gBAAgB,IAAI;AAC/E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,eAAe,OAAsC;AAEhE,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,gCAAgC,EAAE,MAAM,CAAC;AACnG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAAc,OAAe,UAAyC;AACjF,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,EAAE,OAAO,SAAS,CAAC;AAC5G,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,eAAe,aAAqB,aAA4C;AAC3F,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,gCAAgC;AAAA,MACxF;AAAA,MACA;AAAA,IACF,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,aAAa,QAAuC;AAC/D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,EAAE,OAAO,CAAC;AAEnG,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,mBAAmB,UAAyC;AACvE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,qCAAqC;AAAA,MAC7F;AAAA,IACF,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,kBAAkB,OAAsC;AACnE,UAAM,WAAW,MAAM,KAAK,WAAW,IAAkB,0CAA0C,OAAO;AAE1G,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,QAAQ,SAAS;AACtB,WAAK,WAAW,aAAa,SAAS,KAAK;AAC3C,WAAK,mBAAmB,SAAS,KAAK;AAAA,IACxC;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,cAAgG;AAC3G,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC;AAAA,MACA,CAAC;AAAA,IACH;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,UAAU,OAAsC;AAC3D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sBAAsB,EAAE,MAAM,CAAC;AACzF,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,WAAW,OAAsC;AAC5D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,uBAAuB,EAAE,MAAM,CAAC;AAC1F,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,YAAY,OAAsC;AAC7D,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,wBAAwB,EAAE,MAAM,CAAC;AAC3F,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,cAA8D;AACzE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,IAA2C,kBAAkB;AACpG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAAc,WAA0C;AACnE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,OAAqB,oBAAoB,WAAW;AAC3F,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,oBAA2C;AACtD,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,OAAqB,6BAA6B;AAGzF,SAAK,QAAQ;AACb,SAAK,WAAW,gBAAgB;AAChC,SAAK,uBAAuB;AAE5B,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,aAAa,SAA2D;AACnF,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW;AAAA,MACrC;AAAA,MACA;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,gBAAgB,QAAuC;AAClE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,6BAA6B,UAAU,CAAC,CAAC;AACnG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,wBAAwB,QAAuC;AAC1E,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,sCAAsC,UAAU,CAAC,CAAC;AAC5G,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,iBAAiB,QAAuC;AACnE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,8BAA8B,UAAU,CAAC,CAAC;AACpG,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,kBAAkB,QAAuC;AACpE,QAAI,CAAC,KAAK,OAAO;AACf,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,WAAW,KAAmB,+BAA+B,UAAU,CAAC,CAAC;AACrG,WAAO;AAAA,EACT;AACF;;;ACrcO,IAAM,aAAN,cAAyB,YAAY;AAAA,EAC1C,YAAY,QAAoB;AAC9B,UAAM,MAAM;AAAA,EACd;AAAA;AAAA;AAAA,EAKA,MAAa,SAAS,MAA2C;AAE/D,UAAM,kBACJ,QAAQ,IAAI,qBACZ,QAAQ,IAAI,iCACZ,QAAQ,IAAI;AAEd,QAAI,iBAAiB;AACnB,WAAK,YAAY,EAAE,mBAAmB,eAAe;AAAA,IACvD;AAGA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,yBAAyB,IAAI;AAE1F,QAAI,SAAS,WAAW,SAAS,YAAY,8EAA8E;AACzH,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,qBAAqB;AAAA,EAC3D;AAAA,EAEA,MAAa,MAAM,MAAwC;AACzD,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,sBAAsB,IAAI;AAGvF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAE9C,aAAO;AAAA,IACT;AAGA,QAAI,SAAS,WAAW,SAAS,YAAY,2BAA2B;AACtE,aAAO;AAAA,IACT;AAGA,QAAI,SAAS,WAAW,SAAS,YAAY,gCAAgC,SAAS,OAAO;AAC3F,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAE9C,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,SAAS,WAAW,cAAc;AAAA,EACpD;AAAA,EAEA,MAAa,OAAO,MAAyC;AAC3D,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,uBAAuB,IAAI;AAExF,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAAA,IAEhD;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,SAAwB;AACnC,SAAK,OAAO,IAAI;AAChB,SAAK,YAAY,EAAE,gBAAgB;AAAA,EAErC;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAoB,iBAAiB;AAC/E,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,YAAY,IAA2B;AAClD,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAoB,gBAAgB,IAAI;AAClF,WAAO,SAAS;AAAA,EAClB;AAAA,EAEA,MAAa,cAAc,MAA6C;AACtE,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,KAAmB,4BAA4B,IAAI;AAE7F,QAAI,SAAS,WAAW,SAAS,OAAO;AACtC,WAAK,OAAO,IAAI,SAAS;AACzB,WAAK,YAAY,EAAE,aAAa,SAAS,KAAK;AAAA,IAEhD;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,cAA+B;AAC1C,QAAI,CAAC,KAAK,OAAO,GAAG;AAClB,YAAM,IAAI,MAAM,mBAAmB;AAAA,IACrC;AAEA,UAAM,WAAW,MAAM,KAAK,YAAY,EAAE,IAAuB,kBAAkB;AACnF,WAAO,SAAS;AAAA,EAClB;AACF;;;ACvHO,IAAM,iBAAN,cAA6B,WAAW;AAAA,EAC7C,YAAY,QAAoB;AAC9B,UAAM,MAAM;AAAA,EACd;AAAA;AAAA,EAGA,OAAc,sBAAsB,SAAiC;AACnE,UAAM,aAAa,QAAQ,IAAI,eAAe;AAC9C,QAAI,CAAC,cAAc,CAAC,WAAW,WAAW,SAAS,GAAG;AACpD,aAAO;AAAA,IACT;AACA,WAAO,WAAW,UAAU,CAAC;AAAA,EAC/B;AAAA;AAAA,EAGA,OAAc,sBAAsBA,UAAgC;AAClE,UAAM,cAAcA,SAAQ,MAAM,GAAG;AACrC,eAAW,UAAU,aAAa;AAChC,YAAM,CAAC,MAAM,KAAK,IAAI,OAAO,KAAK,EAAE,MAAM,GAAG;AAC7C,UAAI,SAAS,cAAc;AACzB,eAAO,mBAAmB,KAAK;AAAA,MACjC;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,OAAc,sBAAsB,KAAyB;AAE3D,QAAI,IAAI,SAAS;AACf,YAAM,aAAa,IAAI,QAAQ,iBAAiB,IAAI,QAAQ;AAC5D,UAAI,cAAc,WAAW,WAAW,SAAS,GAAG;AAClD,eAAO,WAAW,UAAU,CAAC;AAAA,MAC/B;AAAA,IACF;AAGA,QAAI,IAAI,SAAS;AACf,aAAO,IAAI,QAAQ,cAAc;AAAA,IACnC;AAGA,QAAI,IAAI,WAAW,IAAI,QAAQ,QAAQ;AACrC,aAAO,KAAK,sBAAsB,IAAI,QAAQ,MAAM;AAAA,IACtD;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAa,YAAY,OAAqC;AAC5D,QAAI;AAEF,MAAC,KAAa,YAAY,EAAE,aAAa,KAAK;AAG9C,YAAM,OAAO,MAAM,KAAK,WAAW;AACnC,aAAO;AAAA,IACT,SAAS,OAAP;AACA,cAAQ,MAAM,8BAA8B,KAAK;AACjD,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA,EAGA,OAAc,0BAA0B,QAAoB,OAA+B;AACzF,UAAM,SAAS,IAAI,eAAe,MAAM;AACxC,IAAC,OAAe,YAAY,EAAE,aAAa,KAAK;AAChD,IAAC,OAAe,OAAO,IAAI;AAC3B,WAAO;AAAA,EACT;AACF;;;AC3EA,SAAS,eAAe;AACxB,SAAS,gBAAgB;AAQlB,IAAM,aAAN,MAAiB;AAAA,EAGtB,YAAY,QAA2B;AACrC,SAAK,SAAS;AAAA,MACZ,YAAY,QAAQ,cAAc,QAAQ,IAAI,gBAAgB;AAAA,MAC9D,iBAAiB,QAAQ,mBAAmB;AAAA,IAC9C;AAAA,EACF;AAAA,EAEA,MAAM,WAAmC;AACvC,UAAM,cAAc,MAAM,QAAQ;AAClC,UAAM,QAAQ,YAAY,IAAI,KAAK,OAAO,eAAgB;AAC1D,WAAO,OAAO,SAAS;AAAA,EACzB;AAAA,EAEA,MAAM,iBAAuC;AAC3C,UAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,QAAI,CAAC;AAAO,aAAO;AAEnB,QAAI;AACF,YAAM,UAAU,KAAK,MAAM,OAAO,KAAK,MAAM,MAAM,GAAG,EAAE,CAAC,GAAG,QAAQ,EAAE,SAAS,CAAC;AAChF,aAAO,QAAQ,QAAQ;AAAA,IACzB,SAAS,OAAP;AACA,cAAQ,MAAM,oCAAoC,KAAK;AACvD,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,kBAAoC;AACxC,UAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,WAAO,CAAC,CAAC;AAAA,EACX;AAAA,EAEA,MAAM,YAAY,YAAoC;AACpD,UAAM,OAAO,MAAM,KAAK,eAAe;AACvC,QAAI,CAAC,MAAM;AACT,YAAM,YAAY,cAChB,QAAQ,IAAI,sCACZ;AACF,eAAS,SAAS;AAClB,YAAM,IAAI,MAAM,sBAAsB;AAAA,IACxC;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,wBAAwB,YAAoC;AAChE,UAAM,SAAS,MAAM,KAAK,gBAAgB;AAC1C,QAAI,QAAQ;AACV,YAAM,gBAAgB,cACpB,QAAQ,IAAI,yCACZ;AACF,eAAS,aAAa;AAAA,IACxB;AAAA,EACF;AAAA,EAEA,MAAM,aAAmC;AACvC,UAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,QAAI,CAAC;AAAO,aAAO;AAEnB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,6BAA6B;AAAA,QACvE,SAAS;AAAA,UACP,iBAAiB,UAAU;AAAA,QAC7B;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,eAAO;AAAA,MACT;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO,KAAK;AAAA,IACd,SAAS,OAAP;AACA,cAAQ,MAAM,4BAA4B,KAAK;AAC/C,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAGA,IAAI,qBAAwC;AAErC,SAAS,cAAc,QAAuC;AACnE,MAAI,CAAC,oBAAoB;AACvB,yBAAqB,IAAI,WAAW,MAAM;AAAA,EAC5C;AACA,SAAO;AACT;AAGA,eAAsB,cAAoC;AACxD,QAAMC,QAAO,cAAc;AAC3B,SAAOA,MAAK,eAAe;AAC7B;AAEA,eAAsB,OAAO;AAC3B,QAAM,aAAa,cAAc;AACjC,QAAM,OAAO,MAAM,WAAW,eAAe;AAC7C,QAAM,QAAQ,MAAM,WAAW,SAAS;AAExC,SAAO;AAAA,IACL;AAAA,IACA,QAAQ,MAAM,OAAO;AAAA,IACrB,iBAAiB,CAAC,CAAC;AAAA,IACnB;AAAA,EACF;AACF;AAEA,eAAsB,YAAY,YAAoC;AACpE,QAAM,aAAa,cAAc;AACjC,SAAO,WAAW,YAAY,UAAU;AAC1C;AAEA,eAAsB,wBAAwB,YAAoC;AAChF,QAAM,aAAa,cAAc;AACjC,SAAO,WAAW,wBAAwB,UAAU;AACtD;;;AC9HA,SAAsB,oBAAoB;AAUnC,SAAS,eAAe,QAA+B;AAC5D,QAAM;AAAA,IACJ,eAAe,CAAC,eAAe,kBAAkB,sBAAsB,yBAAyB,sBAAsB;AAAA,IACtH,kBAAkB,CAAC,YAAY;AAAA,IAC/B,WAAW;AAAA,IACX,gBAAgB;AAAA,IAChB,kBAAkB;AAAA,EACpB,IAAI,UAAU,CAAC;AAEf,SAAO,SAAS,WAAW,SAAsB;AAC/C,UAAM,EAAE,SAAS,IAAI,QAAQ;AAC7B,UAAM,QAAQ,QAAQ,QAAQ,IAAI,eAAe,GAAG;AACpD,UAAM,kBAAkB,CAAC,CAAC;AAG1B,UAAM,gBAAgB,aAAa,KAAK,WAAS;AAC/C,UAAI,MAAM,SAAS,GAAG,GAAG;AACvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AACA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAGD,UAAM,mBAAmB,gBAAgB,KAAK,WAAS;AACrD,UAAI,MAAM,SAAS,GAAG,GAAG;AACvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AACA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAGD,QAAI,mBAAmB,eAAe;AACpC,aAAO,aAAa,SAAS,IAAI,IAAI,eAAe,QAAQ,GAAG,CAAC;AAAA,IAClE;AAGA,QAAI,CAAC,mBAAmB,kBAAkB;AACxC,YAAM,uBAAuB,IAAI,IAAI,UAAU,QAAQ,GAAG;AAC1D,2BAAqB,aAAa,IAAI,YAAY,QAAQ;AAC1D,aAAO,aAAa,SAAS,oBAAoB;AAAA,IACnD;AAEA,WAAO,aAAa,KAAK;AAAA,EAC3B;AACF;AAGO,SAAS,qBAAqB,QAA+B;AAClE,SAAO,eAAe,MAAM;AAC9B","sourcesContent":["import axios, { AxiosInstance, AxiosRequestConfig, AxiosError } from 'axios';\r\n\r\nexport class HttpClient {\r\n private axiosInstance: AxiosInstance;\r\n private csrfToken: string | null = null;\r\n private frontendBaseUrl: string | null = null;\r\n private baseUrl: string;\r\n\r\n constructor(baseUrl: string, defaultHeaders: Record<string, string> = {}) {\r\n this.baseUrl = baseUrl.replace(/\\/$/, '');\r\n\r\n this.axiosInstance = axios.create({\r\n baseURL: this.baseUrl,\r\n headers: {\r\n 'Content-Type': 'application/json',\r\n ...defaultHeaders\r\n },\r\n withCredentials: true, // Include cookies for CSRF\r\n timeout: 30000 // 30 second timeout\r\n });\r\n\r\n // Request interceptor to add CSRF token and frontend URL\r\n this.axiosInstance.interceptors.request.use(\r\n async (config) => {\r\n // Fetch CSRF token lazily on first mutating request (only on client side)\r\n const isMutatingRequest = ['post', 'put', 'delete', 'patch'].includes(config.method?.toLowerCase() || '');\r\n if (isMutatingRequest && !this.csrfToken && typeof window !== 'undefined') {\r\n try {\r\n await this.refreshCsrfToken();\r\n } catch (error) {\r\n console.warn('Failed to fetch CSRF token:', error);\r\n }\r\n }\r\n\r\n // Add CSRF token to mutating requests\r\n if (this.csrfToken && isMutatingRequest) {\r\n config.headers['x-csrf-token'] = this.csrfToken;\r\n }\r\n\r\n // Add frontend base URL header if available\r\n if (this.frontendBaseUrl) {\r\n config.headers['X-Frontend-URL'] = this.frontendBaseUrl;\r\n }\r\n\r\n return config;\r\n },\r\n (error) => Promise.reject(error)\r\n );\r\n\r\n // Response interceptor for error handling and CSRF token refresh\r\n this.axiosInstance.interceptors.response.use(\r\n (response) => response,\r\n async (error: AxiosError) => {\r\n const originalRequest = error.config as AxiosRequestConfig & { _retry?: boolean };\r\n\r\n // Handle CSRF token refresh on 403\r\n if (error.response?.status === 403 && !originalRequest._retry) {\r\n originalRequest._retry = true;\r\n\r\n try {\r\n await this.refreshCsrfToken();\r\n if (originalRequest.headers) {\r\n originalRequest.headers['x-csrf-token'] = this.csrfToken!;\r\n }\r\n return this.axiosInstance(originalRequest);\r\n } catch (refreshError) {\r\n return Promise.reject(refreshError);\r\n }\r\n }\r\n\r\n return Promise.reject(error);\r\n }\r\n );\r\n }\r\n\r\n public async get<T>(endpoint: string, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.get<T>(endpoint, { headers });\r\n return response.data;\r\n }\r\n\r\n public async post<T>(endpoint: string, data?: any, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.post<T>(endpoint, data, { headers });\r\n return response.data;\r\n }\r\n\r\n public async put<T>(endpoint: string, data?: any, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.put<T>(endpoint, data, { headers });\r\n return response.data;\r\n }\r\n\r\n public async delete<T>(endpoint: string, headers?: Record<string, string>): Promise<T> {\r\n const response = await this.axiosInstance.delete<T>(endpoint, { headers });\r\n return response.data;\r\n }\r\n\r\n public setAuthToken(token: string): void {\r\n this.axiosInstance.defaults.headers.common['Authorization'] = `Bearer ${token}`;\r\n }\r\n\r\n public removeAuthToken(): void {\r\n delete this.axiosInstance.defaults.headers.common['Authorization'];\r\n }\r\n\r\n public setCsrfToken(token: string): void {\r\n this.csrfToken = token;\r\n }\r\n\r\n public getCsrfToken(): string | null {\r\n return this.csrfToken;\r\n }\r\n\r\n public removeCsrfToken(): void {\r\n this.csrfToken = null;\r\n }\r\n\r\n public setFrontendBaseUrl(url: string): void {\r\n this.frontendBaseUrl = url;\r\n }\r\n\r\n public getFrontendBaseUrl(): string | null {\r\n return this.frontendBaseUrl;\r\n }\r\n\r\n public removeFrontendBaseUrl(): void {\r\n this.frontendBaseUrl = null;\r\n }\r\n\r\n private async refreshCsrfToken(): Promise<void> {\r\n try {\r\n const response = await this.axiosInstance.get<{ csrfToken: string }>('/api/v1/auth/csrf-token');\r\n this.csrfToken = response.data.csrfToken;\r\n } catch (error) {\r\n console.error('Failed to refresh CSRF token:', error);\r\n throw error;\r\n }\r\n }\r\n}","import { HttpClient } from './http-client';\r\nimport {\r\n AuthResponse,\r\n LoginData,\r\n VerifyData,\r\n UpdateUserData,\r\n User,\r\n AuthConfig,\r\n RegisterData,\r\n OAuthProvider,\r\n CsrfTokenResponse\r\n} from '../types';\r\n\r\nexport class AuthService {\r\n private httpClient: HttpClient;\r\n private config: AuthConfig;\r\n private token: string | null = null;\r\n\r\n constructor(config: AuthConfig) {\r\n this.config = {\r\n localStorageKey: 'auth_token',\r\n csrfEnabled: true,\r\n ...config\r\n };\r\n\r\n this.httpClient = new HttpClient(this.config.baseUrl);\r\n this.loadTokenFromStorage();\r\n\r\n // Set frontend base URL if available\r\n if (typeof window !== 'undefined') {\r\n const frontendBaseUrl = \r\n process.env.NEXT_PUBLIC_FRONTEND_BASE_URL ||\r\n process.env.REACT_APP_FRONTEND_BASE_URL ||\r\n process.env.NEXT_PUBLIC_APP_URL ||\r\n window.location.origin;\r\n \r\n if (frontendBaseUrl) {\r\n this.httpClient.setFrontendBaseUrl(frontendBaseUrl);\r\n }\r\n }\r\n\r\n // CSRF token will be fetched lazily on first mutating request\r\n // This prevents SSR issues and ensures proper initialization\r\n }\r\n\r\n private loadTokenFromStorage(): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n const token = localStorage.getItem(this.config.localStorageKey);\r\n if (token) {\r\n this.token = token;\r\n this.httpClient.setAuthToken(token);\r\n }\r\n } catch (error) {\r\n console.warn('Failed to load token from storage:', error);\r\n }\r\n }\r\n }\r\n\r\n private saveTokenToStorage(token: string): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n localStorage.setItem(this.config.localStorageKey, token);\r\n } catch (error) {\r\n console.warn('Failed to save token to storage:', error);\r\n }\r\n }\r\n }\r\n\r\n private removeTokenFromStorage(): void {\r\n if (typeof window !== 'undefined' && this.config.localStorageKey) {\r\n try {\r\n localStorage.removeItem(this.config.localStorageKey);\r\n } catch (error) {\r\n console.warn('Failed to remove token from storage:', error);\r\n }\r\n }\r\n }\r\n\r\n public isAuthenticated(): boolean {\r\n return !!this.token;\r\n }\r\n\r\n public getToken(): string | null {\r\n return this.token;\r\n }\r\n\r\n public getCurrentUser(): User | null {\r\n if (!this.token) return null;\r\n\r\n try {\r\n const payload = JSON.parse(atob(this.token.split('.')[1]));\r\n return payload.user || null;\r\n } catch (error) {\r\n console.error('Failed to parse user from token:', error);\r\n return null;\r\n }\r\n }\r\n\r\n // CSRF Token Management\r\n public async refreshCsrfToken(): Promise<void> {\r\n if (!this.config.csrfEnabled) return;\r\n\r\n try {\r\n const response = await this.httpClient.get<CsrfTokenResponse>('/api/v1/auth/csrf-token');\r\n if (response.csrfToken) {\r\n this.httpClient.setCsrfToken(response.csrfToken);\r\n }\r\n } catch (error) {\r\n console.error('Failed to get CSRF token:', error);\r\n }\r\n }\r\n\r\n public getCsrfToken(): string | null {\r\n return this.httpClient.getCsrfToken();\r\n }\r\n\r\n // OAuth Methods\r\n public loginWithOAuth(provider: OAuthProvider): void {\r\n if (typeof window === 'undefined') {\r\n throw new Error('OAuth login is only available in browser environments');\r\n }\r\n\r\n const oauthUrl = `${this.config.baseUrl}/api/v1/auth/oauth/${provider}`;\r\n window.location.href = oauthUrl;\r\n }\r\n\r\n public linkOAuthProvider(provider: OAuthProvider): void {\r\n if (typeof window === 'undefined') {\r\n throw new Error('OAuth linking is only available in browser environments');\r\n }\r\n\r\n if (!this.token) {\r\n throw new Error('Must be authenticated to link OAuth provider');\r\n }\r\n\r\n const linkUrl = `${this.config.baseUrl}/api/v1/auth/oauth/${provider}/link`;\r\n window.location.href = linkUrl;\r\n }\r\n\r\n public async unlinkOAuthProvider(provider: OAuthProvider): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>(\r\n `/api/v1/auth/oauth/${provider}/unlink`\r\n );\r\n return response;\r\n }\r\n\r\n // Standard Auth Methods\r\n public async login(data: LoginData): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/login', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n return response;\r\n }\r\n\r\n if (response.success && (response.message === 'OTP sent to your email.' || response.message === 'OTP sent to your phone number.')) {\r\n return response;\r\n }\r\n\r\n if (response.success && response.message === 'OTP verified successfully.' && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n return response;\r\n }\r\n\r\n throw new Error(response.message || 'Login failed');\r\n }\r\n\r\n public async register(data: RegisterData): Promise<AuthResponse> {\r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/register', data);\r\n\r\n if (response.success && response.message === 'Registration data saved. Verification email sent. Please check your inbox.') {\r\n return response;\r\n }\r\n\r\n throw new Error(response.message || 'Registration failed');\r\n }\r\n\r\n public async verify(data: VerifyData): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/verify', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async verifyEmailToken(token: string): Promise<AuthResponse> {\r\n try {\r\n const response = await this.httpClient.get<AuthResponse>(`/api/v1/auth/verify-email?token=${token}`);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n } catch (error: any) {\r\n // Handle axios error response\r\n if (error.response?.data) {\r\n return {\r\n success: false,\r\n message: error.response.data.message || 'Email verification failed',\r\n };\r\n }\r\n \r\n // Handle network or other errors\r\n return {\r\n success: false,\r\n message: error.message || 'Network error occurred',\r\n };\r\n }\r\n }\r\n\r\n public async logout(): Promise<void> {\r\n // Call backend to clear cookie\r\n try {\r\n await this.httpClient.post('/api/v1/auth/logout', {});\r\n } catch (error) {\r\n console.warn('Failed to call logout endpoint:', error);\r\n }\r\n\r\n this.token = null;\r\n this.httpClient.removeAuthToken();\r\n this.httpClient.removeCsrfToken();\r\n this.removeTokenFromStorage();\r\n }\r\n\r\n public async getProfile(): Promise<User> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ user: User }>('/api/v1/user/me');\r\n return response.user;\r\n }\r\n\r\n public async updateProfile(data: UpdateUserData): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/update/profile', data);\r\n\r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async getAllUsers(): Promise<User[]> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ users: User[] }>('/api/v1/user/all');\r\n return response.users;\r\n }\r\n\r\n public async getUserById(id: string): Promise<User> {\r\n const response = await this.httpClient.get<{ user: User }>(`/api/v1/user/${id}`);\r\n return response.user;\r\n }\r\n\r\n public async forgotPassword(email: string): Promise<AuthResponse> {\r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/forgot-password', { email });\r\n return response;\r\n }\r\n\r\n public async resetPassword(token: string, password: string): Promise<AuthResponse> {\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/auth/reset-password', { token, password });\r\n return response;\r\n }\r\n\r\n public async changePassword(oldPassword: string, newPassword: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/change-password', { \r\n oldPassword, \r\n newPassword \r\n });\r\n return response;\r\n }\r\n\r\n public async updateAvatar(avatar: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/update/profile', { avatar });\r\n \r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n public async requestEmailChange(newEmail: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/user/request-email-change', { \r\n newEmail \r\n });\r\n return response;\r\n }\r\n\r\n public async verifyEmailChange(token: string): Promise<AuthResponse> {\r\n const response = await this.httpClient.get<AuthResponse>(`/api/v1/user/verify-email-change?token=${token}`);\r\n \r\n if (response.success && response.token) {\r\n this.token = response.token;\r\n this.httpClient.setAuthToken(response.token);\r\n this.saveTokenToStorage(response.token);\r\n }\r\n\r\n return response;\r\n }\r\n\r\n // 2FA / MFA Methods\r\n public async generate2FA(): Promise<{ success: boolean; qrCode?: string; secret?: string; message: string }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<{ success: boolean; qrCode?: string; secret?: string; message: string }>(\r\n '/api/v1/mfa/generate', \r\n {}\r\n );\r\n return response;\r\n }\r\n\r\n public async enable2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/enable', { token });\r\n return response;\r\n }\r\n\r\n public async disable2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/disable', { token });\r\n return response;\r\n }\r\n\r\n public async validate2FA(token: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>('/api/v1/mfa/validate', { token });\r\n return response;\r\n }\r\n\r\n // Session Management Methods\r\n public async getSessions(): Promise<{ success: boolean; sessions: any[] }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ success: boolean; sessions: any[] }>('/api/v1/sessions');\r\n return response;\r\n }\r\n\r\n public async revokeSession(sessionId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>(`/api/v1/sessions/${sessionId}`);\r\n return response;\r\n }\r\n\r\n public async revokeAllSessions(): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.delete<AuthResponse>('/api/v1/sessions/revoke/all');\r\n \r\n // After revoking all sessions, current session is also revoked\r\n this.token = null;\r\n this.httpClient.removeAuthToken();\r\n this.removeTokenFromStorage();\r\n \r\n return response;\r\n }\r\n\r\n // Admin Methods\r\n public async getAuditLogs(filters?: any): Promise<{ success: boolean; logs: any[] }> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.get<{ success: boolean; logs: any[] }>(\r\n '/api/v1/admin/audit-logs',\r\n filters\r\n );\r\n return response;\r\n }\r\n\r\n public async adminVerifyUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/verify-user/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminForcePasswordReset(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/force-password-reset/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminSuspendUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/suspend-user/${userId}`, {});\r\n return response;\r\n }\r\n\r\n public async adminActivateUser(userId: string): Promise<AuthResponse> {\r\n if (!this.token) {\r\n throw new Error('Not authenticated');\r\n }\r\n\r\n const response = await this.httpClient.post<AuthResponse>(`/api/v1/admin/activate-user/${userId}`, {});\r\n return response;\r\n }\r\n}","import { AuthService } from '../core/auth-service';\r\nimport { \r\n AuthResponse, \r\n LoginData, \r\n VerifyData, \r\n UpdateUserData, \r\n User,\r\n AuthConfig,\r\n RegisterData\r\n} from '../types';\r\n\r\nexport class AuthClient extends AuthService {\r\n constructor(config: AuthConfig) {\r\n super(config);\r\n }\r\n\r\n // Override methods that require browser-specific features\r\n // For Node.js, token persistence must be handled manually\r\n \r\n public async register(data: RegisterData): Promise<AuthResponse> {\r\n // For Node.js server-side usage, set frontend base URL from environment\r\n const frontendBaseUrl = \r\n process.env.FRONTEND_BASE_URL || \r\n process.env.NEXT_PUBLIC_FRONTEND_BASE_URL ||\r\n process.env.REACT_APP_FRONTEND_BASE_URL;\r\n \r\n if (frontendBaseUrl) {\r\n this['httpClient'].setFrontendBaseUrl(frontendBaseUrl);\r\n }\r\n \r\n // Frontend base URL is now automatically sent via X-Frontend-URL header\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/register', data);\r\n \r\n if (response.success && response.message === 'Registration data saved. Verification email sent. Please check your inbox.') {\r\n return response;\r\n }\r\n \r\n throw new Error(response.message || 'Registration failed');\r\n }\r\n\r\n public async login(data: LoginData): Promise<AuthResponse> {\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/login', data);\r\n \r\n // Handle successful login with token\r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n return response;\r\n }\r\n \r\n // Handle OTP sent response\r\n if (response.success && response.message === 'OTP sent to your email.') {\r\n return response;\r\n }\r\n \r\n // Handle verification response\r\n if (response.success && response.message === 'OTP verified successfully.' && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n return response;\r\n }\r\n \r\n throw new Error(response.message || 'Login failed');\r\n }\r\n\r\n public async verify(data: VerifyData): Promise<AuthResponse> {\r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/auth/verify', data);\r\n \r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n }\r\n \r\n return response;\r\n }\r\n\r\n public async logout(): Promise<void> {\r\n this['token'] = null;\r\n this['httpClient'].removeAuthToken();\r\n // Note: In Node.js, you need to handle token removal manually\r\n }\r\n\r\n public async getProfile(): Promise<User> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].get<{ user: User }>('/api/v1/user/me');\r\n return response.user;\r\n }\r\n\r\n public async getUserById(id: string): Promise<User> {\r\n const response = await this['httpClient'].get<{ user: User }>(`/api/v1/user/${id}`);\r\n return response.user;\r\n }\r\n\r\n public async updateProfile(data: UpdateUserData): Promise<AuthResponse> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].post<AuthResponse>('/api/v1/user/update/name', data);\r\n \r\n if (response.success && response.token) {\r\n this['token'] = response.token;\r\n this['httpClient'].setAuthToken(response.token);\r\n // Note: In Node.js, you need to handle token persistence manually\r\n }\r\n \r\n return response;\r\n }\r\n\r\n public async getAllUsers(): Promise<User[]> {\r\n if (!this['token']) {\r\n throw new Error('Not authenticated');\r\n }\r\n \r\n const response = await this['httpClient'].get<{ users: User[] }>('/api/v1/user/all');\r\n return response.users;\r\n }\r\n}","import { AuthClient } from '../node/auth-client';\r\nimport { AuthConfig, User, RegisterData } from '../types';\r\n\r\n// Server-side authentication utility for Next.js\r\nexport class NextServerAuth extends AuthClient {\r\n constructor(config: AuthConfig) {\r\n super(config);\r\n }\r\n\r\n // Parse token from request headers\r\n public static parseTokenFromHeaders(headers: Headers): string | null {\r\n const authHeader = headers.get('authorization');\r\n if (!authHeader || !authHeader.startsWith('Bearer ')) {\r\n return null;\r\n }\r\n return authHeader.substring(7); // Remove 'Bearer ' prefix\r\n }\r\n\r\n // Parse token from cookies\r\n public static parseTokenFromCookies(cookies: string): string | null {\r\n const cookieArray = cookies.split(';');\r\n for (const cookie of cookieArray) {\r\n const [name, value] = cookie.trim().split('=');\r\n if (name === 'auth_token') {\r\n return decodeURIComponent(value);\r\n }\r\n }\r\n return null;\r\n }\r\n\r\n // Parse token from Next.js request object\r\n public static parseTokenFromRequest(req: any): string | null {\r\n // Try to get token from headers first\r\n if (req.headers) {\r\n const authHeader = req.headers.authorization || req.headers.Authorization;\r\n if (authHeader && authHeader.startsWith('Bearer ')) {\r\n return authHeader.substring(7);\r\n }\r\n }\r\n\r\n // Try to get token from cookies\r\n if (req.cookies) {\r\n return req.cookies.auth_token || null;\r\n }\r\n\r\n // Try to get token from cookie header\r\n if (req.headers && req.headers.cookie) {\r\n return this.parseTokenFromCookies(req.headers.cookie);\r\n }\r\n\r\n return null;\r\n }\r\n\r\n // Verify token and get user\r\n public async verifyToken(token: string): Promise<User | null> {\r\n try {\r\n // Set the token for this request\r\n (this as any)['httpClient'].setAuthToken(token);\r\n \r\n // Get user profile to verify token\r\n const user = await this.getProfile();\r\n return user;\r\n } catch (error) {\r\n console.error('Token verification failed:', error);\r\n return null;\r\n }\r\n }\r\n\r\n // Create authenticated client with token\r\n public static createAuthenticatedClient(config: AuthConfig, token: string): NextServerAuth {\r\n const client = new NextServerAuth(config);\r\n (client as any)['httpClient'].setAuthToken(token);\r\n (client as any)['token'] = token;\r\n return client;\r\n }\r\n}","import { cookies } from 'next/headers';\r\nimport { redirect } from 'next/navigation';\r\nimport { User } from '../types';\r\n\r\ninterface AuthServerConfig {\r\n authApiUrl?: string;\r\n tokenCookieName?: string;\r\n}\r\n\r\nexport class AuthServer {\r\n private config: AuthServerConfig;\r\n\r\n constructor(config?: AuthServerConfig) {\r\n this.config = {\r\n authApiUrl: config?.authApiUrl || process.env.AUTH_API_URL || 'http://localhost:7000',\r\n tokenCookieName: config?.tokenCookieName || 'auth_token',\r\n };\r\n }\r\n\r\n async getToken(): Promise<string | null> {\r\n const cookieStore = await cookies();\r\n const token = cookieStore.get(this.config.tokenCookieName!);\r\n return token?.value || null;\r\n }\r\n\r\n async getCurrentUser(): Promise<User | null> {\r\n const token = await this.getToken();\r\n if (!token) return null;\r\n\r\n try {\r\n const payload = JSON.parse(Buffer.from(token.split('.')[1], 'base64').toString());\r\n return payload.user || null;\r\n } catch (error) {\r\n console.error('Failed to parse user from token:', error);\r\n return null;\r\n }\r\n }\r\n\r\n async isAuthenticated(): Promise<boolean> {\r\n const token = await this.getToken();\r\n return !!token;\r\n }\r\n\r\n async requireAuth(redirectTo?: string): Promise<User> {\r\n const user = await this.getCurrentUser();\r\n if (!user) {\r\n const loginPath = redirectTo || \r\n process.env.NEXT_PUBLIC_AUTH_REDIRECT_TO_LOGIN || \r\n '/auth/login';\r\n redirect(loginPath);\r\n throw new Error('Redirecting to login'); // This line never executes but satisfies TypeScript\r\n }\r\n return user;\r\n }\r\n\r\n async redirectIfAuthenticated(redirectTo?: string): Promise<void> {\r\n const isAuth = await this.isAuthenticated();\r\n if (isAuth) {\r\n const dashboardPath = redirectTo || \r\n process.env.NEXT_PUBLIC_AUTH_REDIRECT_AFTER_LOGIN || \r\n '/dashboard';\r\n redirect(dashboardPath);\r\n }\r\n }\r\n\r\n async getProfile(): Promise<User | null> {\r\n const token = await this.getToken();\r\n if (!token) return null;\r\n\r\n try {\r\n const response = await fetch(`${this.config.authApiUrl}/api/v1/user/me`, {\r\n headers: {\r\n 'Authorization': `Bearer ${token}`,\r\n },\r\n });\r\n\r\n if (!response.ok) {\r\n return null;\r\n }\r\n\r\n const data = await response.json();\r\n return data.user;\r\n } catch (error) {\r\n console.error('Failed to fetch profile:', error);\r\n return null;\r\n }\r\n }\r\n}\r\n\r\n// Singleton instance\r\nlet authServerInstance: AuthServer | null = null;\r\n\r\nexport function getAuthServer(config?: AuthServerConfig): AuthServer {\r\n if (!authServerInstance) {\r\n authServerInstance = new AuthServer(config);\r\n }\r\n return authServerInstance;\r\n}\r\n\r\n// Convenience functions\r\nexport async function currentUser(): Promise<User | null> {\r\n const auth = getAuthServer();\r\n return auth.getCurrentUser();\r\n}\r\n\r\nexport async function auth() {\r\n const authServer = getAuthServer();\r\n const user = await authServer.getCurrentUser();\r\n const token = await authServer.getToken();\r\n \r\n return {\r\n user,\r\n userId: user?._id || null,\r\n isAuthenticated: !!user,\r\n token,\r\n };\r\n}\r\n\r\nexport async function requireAuth(redirectTo?: string): Promise<User> {\r\n const authServer = getAuthServer();\r\n return authServer.requireAuth(redirectTo);\r\n}\r\n\r\nexport async function redirectIfAuthenticated(redirectTo?: string): Promise<void> {\r\n const authServer = getAuthServer();\r\n return authServer.redirectIfAuthenticated(redirectTo);\r\n}\r\n","import { NextRequest, NextResponse } from 'next/server';\r\n\r\ninterface AuthMiddlewareConfig {\r\n publicRoutes?: string[];\r\n protectedRoutes?: string[];\r\n loginUrl?: string;\r\n afterLoginUrl?: string;\r\n tokenCookieName?: string;\r\n}\r\n\r\nexport function authMiddleware(config?: AuthMiddlewareConfig) {\r\n const {\r\n publicRoutes = ['/auth/login', '/auth/register', '/auth/verify-email', '/auth/forgot-password', '/auth/reset-password'],\r\n protectedRoutes = ['/dashboard'],\r\n loginUrl = '/auth/login',\r\n afterLoginUrl = '/dashboard',\r\n tokenCookieName = 'auth_token',\r\n } = config || {};\r\n\r\n return function middleware(request: NextRequest) {\r\n const { pathname } = request.nextUrl;\r\n const token = request.cookies.get(tokenCookieName)?.value;\r\n const isAuthenticated = !!token;\r\n\r\n // Check if current path is public\r\n const isPublicRoute = publicRoutes.some(route => {\r\n if (route.endsWith('*')) {\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n return pathname === route || pathname.startsWith(route + '/');\r\n });\r\n\r\n // Check if current path is protected\r\n const isProtectedRoute = protectedRoutes.some(route => {\r\n if (route.endsWith('*')) {\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n return pathname === route || pathname.startsWith(route + '/');\r\n });\r\n\r\n // Redirect authenticated users away from public routes\r\n if (isAuthenticated && isPublicRoute) {\r\n return NextResponse.redirect(new URL(afterLoginUrl, request.url));\r\n }\r\n\r\n // Redirect unauthenticated users away from protected routes\r\n if (!isAuthenticated && isProtectedRoute) {\r\n const loginUrlWithRedirect = new URL(loginUrl, request.url);\r\n loginUrlWithRedirect.searchParams.set('redirect', pathname);\r\n return NextResponse.redirect(loginUrlWithRedirect);\r\n }\r\n\r\n return NextResponse.next();\r\n };\r\n}\r\n\r\n// Helper to create middleware config\r\nexport function createAuthMiddleware(config?: AuthMiddlewareConfig) {\r\n return authMiddleware(config);\r\n}\r\n"]}
package/dist/index.next.server.mjs CHANGED
@@ -8,8 +8,9 @@ var HttpClient = class {
8
8
  constructor(baseUrl, defaultHeaders = {}) {
9
9
  this.csrfToken = null;
10
10
  this.frontendBaseUrl = null;
11
+ this.baseUrl = baseUrl.replace(/\/$/, "");
11
12
  this.axiosInstance = axios.create({
12
- baseURL: baseUrl.replace(/\/$/, ""),
13
+ baseURL: this.baseUrl,
13
14
  headers: {
14
15
  "Content-Type": "application/json",
15
16
  ...defaultHeaders
@@ -20,8 +21,16 @@ var HttpClient = class {
20
21
  // 30 second timeout
21
22
  });
22
23
  this.axiosInstance.interceptors.request.use(
23
- (config) => {
24
- if (this.csrfToken && ["post", "put", "delete", "patch"].includes(config.method?.toLowerCase() || "")) {
24
+ async (config) => {
25
+ const isMutatingRequest = ["post", "put", "delete", "patch"].includes(config.method?.toLowerCase() || "");
26
+ if (isMutatingRequest && !this.csrfToken && typeof window !== "undefined") {
27
+ try {
28
+ await this.refreshCsrfToken();
29
+ } catch (error) {
30
+ console.warn("Failed to fetch CSRF token:", error);
31
+ }
32
+ }
33
+ if (this.csrfToken && isMutatingRequest) {
25
34
  config.headers["x-csrf-token"] = this.csrfToken;
26
35
  }
27
36
  if (this.frontendBaseUrl) {
@@ -119,9 +128,6 @@ var AuthService = class {
119
128
  this.httpClient.setFrontendBaseUrl(frontendBaseUrl);
120
129
  }
121
130
  }
122
- if (this.config.csrfEnabled && typeof window !== "undefined") {
123
- this.refreshCsrfToken();
124
- }
125
131
  }
126
132
  loadTokenFromStorage() {
127
133
  if (typeof window !== "undefined" && this.config.localStorageKey) {
@@ -223,7 +229,7 @@ var AuthService = class {
223
229
  this.saveTokenToStorage(response.token);
224
230
  return response;
225
231
  }
226
- if (response.success && response.message === "OTP sent to your email.") {
232
+ if (response.success && (response.message === "OTP sent to your email." || response.message === "OTP sent to your phone number.")) {
227
233
  return response;
228
234
  }
229
235
  if (response.success && response.message === "OTP verified successfully." && response.token) {
@@ -294,7 +300,7 @@ var AuthService = class {
294
300
  if (!this.token) {
295
301
  throw new Error("Not authenticated");
296
302
  }
297
- const response = await this.httpClient.post("/api/v1/user/update/user", data);
303
+ const response = await this.httpClient.post("/api/v1/user/update/profile", data);
298
304
  if (response.success && response.token) {
299
305
  this.token = response.token;
300
306
  this.httpClient.setAuthToken(response.token);
@@ -335,7 +341,7 @@ var AuthService = class {
335
341
  if (!this.token) {
336
342
  throw new Error("Not authenticated");
337
343
  }
338
- const response = await this.httpClient.post("/api/v1/user/update/avatar", { avatar });
344
+ const response = await this.httpClient.post("/api/v1/user/update/profile", { avatar });
339
345
  if (response.success && response.token) {
340
346
  this.token = response.token;
341
347
  this.httpClient.setAuthToken(response.token);
@@ -629,6 +635,7 @@ var AuthServer = class {
629
635
  if (!user) {
630
636
  const loginPath = redirectTo || process.env.NEXT_PUBLIC_AUTH_REDIRECT_TO_LOGIN || "/auth/login";
631
637
  redirect(loginPath);
638
+ throw new Error("Redirecting to login");
632
639
  }
633
640
  return user;
634
641
  }