@umituz/react-native-auth 1.7.0 → 1.8.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@umituz/react-native-auth",
-  "version": "1.7.0",
+  "version": "1.8.0",
   "description": "Authentication service for React Native apps - Secure, type-safe, and production-ready. Provider-agnostic design supports Firebase Auth and can be adapted for Supabase or other providers.",
   "main": "./src/index.ts",
   "types": "./src/index.ts",

package/src/application/ports/IAuthProvider.ts

@@ -0,0 +1,52 @@
+/**
+ * Auth Provider Interface
+ * Port for provider-agnostic authentication (Firebase, Supabase, etc.)
+ */
+
+import type { AuthUser } from "../../domain/entities/AuthUser";
+
+export interface AuthCredentials {
+  email: string;
+  password: string;
+}
+
+export interface SignUpCredentials extends AuthCredentials {
+  displayName?: string;
+}
+
+export interface IAuthProvider {
+  /**
+   * Initialize the auth provider
+   */
+  initialize(): Promise<void>;
+
+  /**
+   * Check if provider is initialized
+   */
+  isInitialized(): boolean;
+
+  /**
+   * Sign in with email and password
+   */
+  signIn(credentials: AuthCredentials): Promise<AuthUser>;
+
+  /**
+   * Sign up with email, password, and optional display name
+   */
+  signUp(credentials: SignUpCredentials): Promise<AuthUser>;
+
+  /**
+   * Sign out current user
+   */
+  signOut(): Promise<void>;
+
+  /**
+   * Get current authenticated user
+   */
+  getCurrentUser(): AuthUser | null;
+
+  /**
+   * Subscribe to auth state changes
+   */
+  onAuthStateChange(callback: (user: AuthUser | null) => void): () => void;
+}

package/src/application/ports/IAuthService.ts

@@ -1,9 +1,9 @@
 /**
  * Auth Service Interface
- * Port for authentication operations
+ * Port for authentication operations (provider-agnostic)
  */
 
-import type { User } from "firebase/auth";
+import type { AuthUser } from "../../domain/entities/AuthUser";
 
 export interface SignUpParams {
   email: string;
@@ -20,12 +20,12 @@ export interface IAuthService {
   /**
    * Sign up a new user
    */
-  signUp(params: SignUpParams): Promise<User>;
+  signUp(params: SignUpParams): Promise<AuthUser>;
 
   /**
    * Sign in an existing user
    */
-  signIn(params: SignInParams): Promise<User>;
+  signIn(params: SignInParams): Promise<AuthUser>;
 
   /**
    * Sign out current user
@@ -40,12 +40,12 @@ export interface IAuthService {
   /**
    * Get current authenticated user
    */
-  getCurrentUser(): User | null;
+  getCurrentUser(): AuthUser | null;
 
   /**
    * Subscribe to auth state changes
    */
-  onAuthStateChange(callback: (user: User | null) => void): () => void;
+  onAuthStateChange(callback: (user: AuthUser | null) => void): () => void;
 
   /**
    * Check if auth is initialized

package/src/domain/entities/AuthUser.ts

@@ -0,0 +1,13 @@
+/**
+ * Auth User Entity
+ * Provider-agnostic user representation
+ */
+
+export interface AuthUser {
+  uid: string;
+  email: string | null;
+  displayName: string | null;
+  isAnonymous: boolean;
+  emailVerified: boolean;
+  photoURL: string | null;
+}

package/src/domain/value-objects/AuthConfig.ts

@@ -3,24 +3,27 @@
  * Validates and stores authentication configuration
  */
 
+export interface PasswordConfig {
+  minLength: number;
+  requireUppercase: boolean;
+  requireLowercase: boolean;
+  requireNumber: boolean;
+  requireSpecialChar: boolean;
+}
+
 export interface AuthConfig {
-  /** Minimum password length (default: 6) */
-  minPasswordLength?: number;
-  /** Require uppercase letters in password */
-  requireUppercase?: boolean;
-  /** Require lowercase letters in password */
-  requireLowercase?: boolean;
-  /** Require numbers in password */
-  requireNumbers?: boolean;
-  /** Require special characters in password */
-  requireSpecialChars?: boolean;
+  password: PasswordConfig;
 }
 
-export const DEFAULT_AUTH_CONFIG: Required<AuthConfig> = {
-  minPasswordLength: 6,
+export const DEFAULT_PASSWORD_CONFIG: PasswordConfig = {
+  minLength: 6,
   requireUppercase: false,
   requireLowercase: false,
-  requireNumbers: false,
-  requireSpecialChars: false,
+  requireNumber: false,
+  requireSpecialChar: false,
+};
+
+export const DEFAULT_AUTH_CONFIG: AuthConfig = {
+  password: DEFAULT_PASSWORD_CONFIG,
 };
 

package/src/index.ts

@@ -9,7 +9,7 @@
  * Architecture:
  * - domain: Entities, value objects, errors (business logic)
  * - application: Ports (interfaces)
- * - infrastructure: Auth service implementation
+ * - infrastructure: Auth providers and service implementation
  * - presentation: Hooks (React integration)
  *
  * Usage:
@@ -17,7 +17,13 @@
  */
 
 // =============================================================================
-// DOMAIN LAYER - Business Logic
+// DOMAIN LAYER - Entities
+// =============================================================================
+
+export type { AuthUser } from './domain/entities/AuthUser';
+
+// =============================================================================
+// DOMAIN LAYER - Errors
 // =============================================================================
 
 export {
@@ -33,17 +39,32 @@ export {
   AuthInvalidEmailError,
 } from './domain/errors/AuthError';
 
-export type { AuthConfig } from './domain/value-objects/AuthConfig';
-export { DEFAULT_AUTH_CONFIG } from './domain/value-objects/AuthConfig';
+// =============================================================================
+// DOMAIN LAYER - Value Objects
+// =============================================================================
+
+export type { AuthConfig, PasswordConfig } from './domain/value-objects/AuthConfig';
+export { DEFAULT_AUTH_CONFIG, DEFAULT_PASSWORD_CONFIG } from './domain/value-objects/AuthConfig';
 
 // =============================================================================
 // APPLICATION LAYER - Ports
 // =============================================================================
 
 export type { IAuthService, SignUpParams, SignInParams } from './application/ports/IAuthService';
+export type {
+  IAuthProvider,
+  AuthCredentials,
+  SignUpCredentials,
+} from './application/ports/IAuthProvider';
+
+// =============================================================================
+// INFRASTRUCTURE LAYER - Providers
+// =============================================================================
+
+export { FirebaseAuthProvider } from './infrastructure/providers/FirebaseAuthProvider';
 
 // =============================================================================
-// INFRASTRUCTURE LAYER - Implementation
+// INFRASTRUCTURE LAYER - Services
 // =============================================================================
 
 export {
@@ -53,6 +74,24 @@ export {
   resetAuthService,
 } from './infrastructure/services/AuthService';
 
+// =============================================================================
+// INFRASTRUCTURE LAYER - Validation
+// =============================================================================
+
+export {
+  validateEmail,
+  validatePasswordForLogin,
+  validatePasswordForRegister,
+  validatePasswordConfirmation,
+  validateDisplayName,
+} from './infrastructure/utils/AuthValidation';
+
+export type {
+  ValidationResult,
+  PasswordStrengthResult,
+  PasswordRequirements,
+} from './infrastructure/utils/AuthValidation';
+
 // =============================================================================
 // PRESENTATION LAYER - Hooks
 // =============================================================================
@@ -72,6 +111,7 @@ export type {
   AuthNavigatorProps,
 } from './presentation/navigation/AuthNavigator';
 
+// =============================================================================
 // PRESENTATION LAYER - Components
 // =============================================================================
 

package/src/infrastructure/providers/FirebaseAuthProvider.ts

@@ -0,0 +1,131 @@
+/**
+ * Firebase Auth Provider
+ * IAuthProvider implementation for Firebase Authentication
+ */
+
+import {
+  createUserWithEmailAndPassword,
+  signInWithEmailAndPassword,
+  signOut as firebaseSignOut,
+  onAuthStateChanged,
+  updateProfile,
+  type User,
+  type Auth,
+} from "firebase/auth";
+import type {
+  IAuthProvider,
+  AuthCredentials,
+  SignUpCredentials,
+} from "../../application/ports/IAuthProvider";
+import type { AuthUser } from "../../domain/entities/AuthUser";
+import { mapFirebaseAuthError } from "../utils/AuthErrorMapper";
+
+export class FirebaseAuthProvider implements IAuthProvider {
+  private auth: Auth | null = null;
+
+  constructor(auth?: Auth) {
+    if (auth) {
+      this.auth = auth;
+    }
+  }
+
+  async initialize(): Promise<void> {
+    if (!this.auth) {
+      throw new Error("Firebase Auth instance must be provided");
+    }
+  }
+
+  setAuth(auth: Auth): void {
+    this.auth = auth;
+  }
+
+  isInitialized(): boolean {
+    return this.auth !== null;
+  }
+
+  async signIn(credentials: AuthCredentials): Promise<AuthUser> {
+    if (!this.auth) {
+      throw new Error("Firebase Auth is not initialized");
+    }
+
+    try {
+      const userCredential = await signInWithEmailAndPassword(
+        this.auth,
+        credentials.email.trim(),
+        credentials.password
+      );
+      return this.mapFirebaseUser(userCredential.user);
+    } catch (error: unknown) {
+      throw mapFirebaseAuthError(error);
+    }
+  }
+
+  async signUp(credentials: SignUpCredentials): Promise<AuthUser> {
+    if (!this.auth) {
+      throw new Error("Firebase Auth is not initialized");
+    }
+
+    try {
+      const userCredential = await createUserWithEmailAndPassword(
+        this.auth,
+        credentials.email.trim(),
+        credentials.password
+      );
+
+      if (credentials.displayName && userCredential.user) {
+        try {
+          await updateProfile(userCredential.user, {
+            displayName: credentials.displayName.trim(),
+          });
+        } catch {
+          // Don't fail signup if display name update fails
+        }
+      }
+
+      return this.mapFirebaseUser(userCredential.user);
+    } catch (error: unknown) {
+      throw mapFirebaseAuthError(error);
+    }
+  }
+
+  async signOut(): Promise<void> {
+    if (!this.auth) {
+      return;
+    }
+
+    try {
+      await firebaseSignOut(this.auth);
+    } catch (error: unknown) {
+      throw mapFirebaseAuthError(error);
+    }
+  }
+
+  getCurrentUser(): AuthUser | null {
+    if (!this.auth?.currentUser) {
+      return null;
+    }
+    return this.mapFirebaseUser(this.auth.currentUser);
+  }
+
+  onAuthStateChange(callback: (user: AuthUser | null) => void): () => void {
+    if (!this.auth) {
+      callback(null);
+      return () => {};
+    }
+
+    return onAuthStateChanged(this.auth, (user) => {
+      callback(user ? this.mapFirebaseUser(user) : null);
+    });
+  }
+
+  private mapFirebaseUser(user: User): AuthUser {
+    return {
+      uid: user.uid,
+      email: user.email,
+      displayName: user.displayName,
+      isAnonymous: user.isAnonymous,
+      emailVerified: user.emailVerified,
+      photoURL: user.photoURL,
+    };
+  }
+}

package/src/infrastructure/services/AuthService.ts

@@ -1,213 +1,159 @@
 /**
- * Auth Service Implementation
- * Secure Firebase Authentication wrapper
+ * Auth Service
+ * Provider-agnostic authentication orchestrator
  */
 
-import {
-  createUserWithEmailAndPassword,
-  signInWithEmailAndPassword,
-  signOut as firebaseSignOut,
-  onAuthStateChanged,
-  updateProfile,
-  type User,
-  type Auth,
-} from "firebase/auth";
+import type { Auth } from "firebase/auth";
 import type { IAuthService, SignUpParams, SignInParams } from "../../application/ports/IAuthService";
+import type { IAuthProvider } from "../../application/ports/IAuthProvider";
+import type { AuthUser } from "../../domain/entities/AuthUser";
+import type { AuthConfig } from "../../domain/value-objects/AuthConfig";
+import { DEFAULT_AUTH_CONFIG } from "../../domain/value-objects/AuthConfig";
 import {
   AuthInitializationError,
   AuthValidationError,
   AuthWeakPasswordError,
   AuthInvalidEmailError,
 } from "../../domain/errors/AuthError";
-import type { AuthConfig } from "../../domain/value-objects/AuthConfig";
-import { DEFAULT_AUTH_CONFIG } from "../../domain/value-objects/AuthConfig";
-import { validateEmail, validatePassword } from "../utils/AuthValidation";
-import { mapFirebaseAuthError } from "../utils/AuthErrorMapper";
+import {
+  validateEmail,
+  validatePasswordForLogin,
+  validatePasswordForRegister,
+  validateDisplayName,
+} from "../utils/AuthValidation";
+import { FirebaseAuthProvider } from "../providers/FirebaseAuthProvider";
 import { emitUserAuthenticated, emitGuestModeEnabled } from "../utils/AuthEventEmitter";
 import { loadGuestMode, saveGuestMode, clearGuestMode } from "../storage/GuestModeStorage";
 
 export class AuthService implements IAuthService {
-  private auth: Auth | null = null;
+  private provider: IAuthProvider | null = null;
   private config: AuthConfig;
   private isGuestMode: boolean = false;
 
-  constructor(config: AuthConfig = {}) {
-    this.config = { ...DEFAULT_AUTH_CONFIG, ...config };
+  constructor(config: Partial<AuthConfig> = {}) {
+    this.config = {
+      ...DEFAULT_AUTH_CONFIG,
+      ...config,
+      password: {
+        ...DEFAULT_AUTH_CONFIG.password,
+        ...config.password,
+      },
+    };
   }
 
-  /**
-   * Initialize auth service with Firebase Auth instance
-   * Must be called before using any auth methods
-   */
-  async initialize(auth: Auth): Promise<void> {
-    if (!auth) {
-      throw new AuthInitializationError("Auth instance is required");
+  async initialize(providerOrAuth: IAuthProvider | Auth): Promise<void> {
+    if (!providerOrAuth) {
+      throw new AuthInitializationError("Auth provider or Firebase Auth instance is required");
     }
-    this.auth = auth;
+
+    // Check if it's a Firebase Auth instance (has currentUser property)
+    if ("currentUser" in providerOrAuth) {
+      const firebaseProvider = new FirebaseAuthProvider(providerOrAuth as Auth);
+      await firebaseProvider.initialize();
+      this.provider = firebaseProvider;
+    } else {
+      this.provider = providerOrAuth as IAuthProvider;
+      await this.provider.initialize();
+    }
+
     this.isGuestMode = await loadGuestMode();
   }
 
-  /**
-   * Check if auth is initialized
-   */
   isInitialized(): boolean {
-    return this.auth !== null;
+    return this.provider !== null && this.provider.isInitialized();
   }
 
-  private getAuth(): Auth | null {
-    if (!this.auth) {
-      /* eslint-disable-next-line no-console */
-      if (__DEV__) {
-        console.warn("Auth service is not initialized. Call initialize() first.");
-      }
-      return null;
+  private getProvider(): IAuthProvider {
+    if (!this.provider || !this.provider.isInitialized()) {
+      throw new AuthInitializationError("Auth service is not initialized");
     }
-    return this.auth;
+    return this.provider;
   }
 
-  /**
-   * Sign up a new user
-   */
-  async signUp(params: SignUpParams): Promise<User> {
-    const auth = this.getAuth();
-    if (!auth) {
-      throw new AuthInitializationError("Auth service is not initialized");
-    }
+  async signUp(params: SignUpParams): Promise<AuthUser> {
+    const provider = this.getProvider();
 
     // Validate email
-    if (!params.email || !validateEmail(params.email)) {
-      throw new AuthInvalidEmailError();
-    }
-
-    // Validate password
-    const passwordValidation = validatePassword(params.password, this.config as any);
-    if (!passwordValidation.valid) {
-      throw new AuthWeakPasswordError(passwordValidation.error);
+    const emailResult = validateEmail(params.email);
+    if (!emailResult.isValid) {
+      throw new AuthInvalidEmailError(emailResult.error);
     }
 
-    try {
-      // Create user
-      const userCredential = await createUserWithEmailAndPassword(
-        auth,
-        params.email.trim(),
-        params.password
-      );
-
-      // Update display name if provided
-      if (params.displayName && userCredential.user) {
-        try {
-          await updateProfile(userCredential.user, {
-            displayName: params.displayName.trim(),
-          });
-        } catch (updateError) {
-          // Don't fail signup if display name update fails
-          // User can still use the app
-        }
+    // Validate display name if provided
+    if (params.displayName) {
+      const nameResult = validateDisplayName(params.displayName);
+      if (!nameResult.isValid) {
+        throw new AuthValidationError(nameResult.error || "Invalid name", "displayName");
       }
+    }
 
-      // Clear guest mode when user signs up
-      if (this.isGuestMode) {
-        this.isGuestMode = false;
-        await clearGuestMode();
-      }
+    // Validate password strength for registration
+    const passwordResult = validatePasswordForRegister(params.password, this.config.password);
+    if (!passwordResult.isValid) {
+      throw new AuthWeakPasswordError(passwordResult.error);
+    }
 
-      emitUserAuthenticated(userCredential.user.uid);
+    const user = await provider.signUp({
+      email: params.email,
+      password: params.password,
+      displayName: params.displayName,
+    });
 
-      return userCredential.user;
-    } catch (error: any) {
-      throw mapFirebaseAuthError(error);
+    // Clear guest mode when user signs up
+    if (this.isGuestMode) {
+      this.isGuestMode = false;
+      await clearGuestMode();
     }
+
+    emitUserAuthenticated(user.uid);
+    return user;
   }
 
-  /**
-   * Sign in an existing user
-   */
-  async signIn(params: SignInParams): Promise<User> {
-    /* eslint-disable-next-line no-console */
-    if (__DEV__) {
-      console.log("[AuthService] signIn called with email:", params.email);
-    }
-    const auth = this.getAuth();
-    if (!auth) {
-      throw new AuthInitializationError("Auth service is not initialized");
-    }
+  async signIn(params: SignInParams): Promise<AuthUser> {
+    const provider = this.getProvider();
 
-    // Validate email
-    if (!params.email || !validateEmail(params.email)) {
-      throw new AuthInvalidEmailError();
+    // Validate email format
+    const emailResult = validateEmail(params.email);
+    if (!emailResult.isValid) {
+      throw new AuthInvalidEmailError(emailResult.error);
     }
 
-    // Validate password
-    if (!params.password || params.password.length === 0) {
-      throw new AuthValidationError("Password is required", "password");
+    // For login, only check if password is provided (no strength requirements)
+    const passwordResult = validatePasswordForLogin(params.password);
+    if (!passwordResult.isValid) {
+      throw new AuthValidationError(passwordResult.error || "Password is required", "password");
     }
 
-    try {
-      /* eslint-disable-next-line no-console */
-      if (__DEV__) {
-        console.log("[AuthService] Calling signInWithEmailAndPassword");
-      }
-      const userCredential = await signInWithEmailAndPassword(
-        auth,
-        params.email.trim(),
-        params.password
-      );
-
-      /* eslint-disable-next-line no-console */
-      if (__DEV__) {
-        console.log("[AuthService] signInWithEmailAndPassword successful, user:", userCredential.user.uid);
-      }
-
-      // Clear guest mode when user signs in
-      if (this.isGuestMode) {
-        this.isGuestMode = false;
-        await clearGuestMode();
-      }
-
-      emitUserAuthenticated(userCredential.user.uid);
+    const user = await provider.signIn({
+      email: params.email,
+      password: params.password,
+    });
 
-      return userCredential.user;
-    } catch (error: any) {
-      /* eslint-disable-next-line no-console */
-      if (__DEV__) {
-        console.error("[AuthService] signIn error:", error);
-      }
-      throw mapFirebaseAuthError(error);
+    // Clear guest mode when user signs in
+    if (this.isGuestMode) {
+      this.isGuestMode = false;
+      await clearGuestMode();
     }
+
+    emitUserAuthenticated(user.uid);
+    return user;
   }
 
-  /**
-   * Sign out current user
-   */
   async signOut(): Promise<void> {
-    const auth = this.getAuth();
-    if (!auth) {
+    if (!this.provider) {
       this.isGuestMode = false;
       await clearGuestMode();
       return;
     }
 
-    try {
-      await firebaseSignOut(auth);
-    } catch (error: any) {
-      throw mapFirebaseAuthError(error);
-    }
+    await this.provider.signOut();
   }
 
-  /**
-   * Set guest mode (no authentication)
-   */
   async setGuestMode(): Promise<void> {
-    /* eslint-disable-next-line no-console */
-    if (__DEV__) {
-      console.log("[AuthService] setGuestMode called");
-    }
-    const auth = this.getAuth();
-
-    // Sign out from Firebase if logged in
-    if (auth?.currentUser) {
+    // Sign out from provider if logged in
+    if (this.provider?.getCurrentUser()) {
       try {
-        await firebaseSignOut(auth);
+        await this.provider.signOut();
       } catch {
         // Ignore sign out errors when switching to guest mode
       }
@@ -218,35 +164,24 @@ export class AuthService implements IAuthService {
     emitGuestModeEnabled();
   }
 
-  /**
-   * Get current authenticated user
-   */
-  getCurrentUser(): User | null {
-    if (!this.auth) {
+  getCurrentUser(): AuthUser | null {
+    if (!this.provider) {
       return null;
     }
-    return this.auth.currentUser;
+    return this.provider.getCurrentUser();
   }
 
-  /**
-   * Check if user is in guest mode
-   */
   getIsGuestMode(): boolean {
     return this.isGuestMode;
   }
 
-  /**
-   * Subscribe to auth state changes
-   */
-  onAuthStateChange(callback: (user: User | null) => void): () => void {
-    const auth = this.getAuth();
-    if (!auth) {
-      // Return no-op unsubscribe if auth is not initialized
+  onAuthStateChange(callback: (user: AuthUser | null) => void): () => void {
+    if (!this.provider) {
       callback(null);
       return () => {};
     }
 
-    return onAuthStateChanged(auth, (user) => {
+    return this.provider.onAuthStateChange((user) => {
       // Don't update if in guest mode
       if (!this.isGuestMode) {
         callback(user);
@@ -255,54 +190,34 @@ export class AuthService implements IAuthService {
       }
     });
   }
+
+  getConfig(): AuthConfig {
+    return this.config;
+  }
 }
 
-/**
- * Singleton instance
- * Apps should use initializeAuthService() to set up with their Firebase Auth instance
- */
+// Singleton instance
 let authServiceInstance: AuthService | null = null;
 
 /**
- * Initialize auth service with Firebase Auth instance
- * Must be called before using any auth methods
- * 
- * Uses DEFAULT_AUTH_CONFIG if no config is provided:
- * - minPasswordLength: 6
- * - requireUppercase: false
- * - requireLowercase: false
- * - requireNumbers: false
- * - requireSpecialChars: false
- * 
- * @param auth - Firebase Auth instance
- * @param config - Optional auth configuration (defaults to permissive settings)
+ * Initialize auth service with provider or Firebase Auth instance
  */
 export async function initializeAuthService(
-  auth: Auth,
-  config?: AuthConfig
+  providerOrAuth: IAuthProvider | Auth,
+  config?: Partial<AuthConfig>
 ): Promise<AuthService> {
-  // Use default config if not provided (permissive settings for better UX)
-  const finalConfig = config || DEFAULT_AUTH_CONFIG;
-  
   if (!authServiceInstance) {
-    authServiceInstance = new AuthService(finalConfig);
+    authServiceInstance = new AuthService(config);
   }
-  await authServiceInstance.initialize(auth);
+  await authServiceInstance.initialize(providerOrAuth);
   return authServiceInstance;
 }
 
 /**
  * Get auth service instance
- * Returns null if service is not initialized (graceful degradation)
  */
 export function getAuthService(): AuthService | null {
   if (!authServiceInstance || !authServiceInstance.isInitialized()) {
-    /* eslint-disable-next-line no-console */
-    if (__DEV__) {
-      console.warn(
-        "Auth service is not initialized. Call initializeAuthService() first."
-      );
-    }
     return null;
   }
   return authServiceInstance;
@@ -314,4 +229,3 @@ export function getAuthService(): AuthService | null {
 export function resetAuthService(): void {
   authServiceInstance = null;
 }
-

package/src/infrastructure/storage/GuestModeStorage.ts

@@ -3,7 +3,7 @@
  * Single Responsibility: Manage guest mode persistence
  */
 
-import { storageRepository } from "@umituz/react-native-storage";
+import { storageRepository, unwrap } from "@umituz/react-native-storage";
 
 const GUEST_MODE_KEY = "@auth_guest_mode";
 
@@ -12,7 +12,8 @@ const GUEST_MODE_KEY = "@auth_guest_mode";
  */
 export async function loadGuestMode(): Promise<boolean> {
   try {
-    const guestModeValue = await storageRepository.getString(GUEST_MODE_KEY, "false");
+    const result = await storageRepository.getString(GUEST_MODE_KEY, "false");
+    const guestModeValue = unwrap(result, "false");
     return guestModeValue === "true";
   } catch {
     return false;

package/src/infrastructure/utils/AuthErrorMapper.ts

@@ -17,41 +17,85 @@ import {
 /**
  * Map Firebase Auth errors to domain errors
  */
-export function mapFirebaseAuthError(error: any): Error {
-  const code = error?.code || "";
-  const message = error?.message || "Authentication failed";
+export function mapFirebaseAuthError(error: unknown): Error {
+  const errorObj = error as { code?: string; message?: string } | undefined;
+  const code = errorObj?.code || "";
+  const message = errorObj?.message || "Authentication failed";
 
-  if (code === "auth/email-already-in-use") {
-    return new AuthEmailAlreadyInUseError();
-  }
-  if (code === "auth/invalid-email") {
-    return new AuthInvalidEmailError();
-  }
-  if (code === "auth/weak-password") {
-    return new AuthWeakPasswordError();
-  }
-  if (code === "auth/user-disabled") {
-    return new AuthError("User account has been disabled", "AUTH_USER_DISABLED");
-  }
-  if (code === "auth/user-not-found") {
-    return new AuthUserNotFoundError();
-  }
-  if (code === "auth/wrong-password") {
-    return new AuthWrongPasswordError();
-  }
-  if (code === "auth/network-request-failed") {
-    return new AuthNetworkError();
-  }
-  if (code === "auth/too-many-requests") {
-    return new AuthError("Too many requests. Please try again later.", "AUTH_TOO_MANY_REQUESTS");
-  }
-  if (code === "auth/configuration-not-found" || code === "auth/app-not-authorized") {
-    return new AuthConfigurationError("Authentication is not properly configured. Please contact support.");
-  }
-  if (code === "auth/operation-not-allowed") {
-    return new AuthConfigurationError("Email/password authentication is not enabled. Please contact support.");
-  }
+  switch (code) {
+    case "auth/email-already-in-use":
+      return new AuthEmailAlreadyInUseError();
+
+    case "auth/invalid-email":
+      return new AuthInvalidEmailError();
+
+    case "auth/weak-password":
+      return new AuthWeakPasswordError();
+
+    case "auth/user-disabled":
+      return new AuthError(
+        "Your account has been disabled. Please contact support.",
+        "AUTH_USER_DISABLED"
+      );
 
-  return new AuthError(message, code);
+    case "auth/user-not-found":
+      return new AuthUserNotFoundError();
+
+    case "auth/wrong-password":
+      return new AuthWrongPasswordError();
+
+    case "auth/invalid-credential":
+      return new AuthError(
+        "Invalid email or password. Please check your credentials.",
+        "AUTH_INVALID_CREDENTIAL"
+      );
+
+    case "auth/invalid-login-credentials":
+      return new AuthError(
+        "Invalid email or password. Please check your credentials.",
+        "AUTH_INVALID_CREDENTIAL"
+      );
+
+    case "auth/network-request-failed":
+      return new AuthNetworkError();
+
+    case "auth/too-many-requests":
+      return new AuthError(
+        "Too many failed attempts. Please wait a few minutes and try again.",
+        "AUTH_TOO_MANY_REQUESTS"
+      );
+
+    case "auth/configuration-not-found":
+    case "auth/app-not-authorized":
+      return new AuthConfigurationError(
+        "Authentication is not properly configured. Please contact support."
+      );
+
+    case "auth/operation-not-allowed":
+      return new AuthConfigurationError(
+        "Email/password authentication is not enabled. Please contact support."
+      );
+
+    case "auth/requires-recent-login":
+      return new AuthError(
+        "Please sign in again to complete this action.",
+        "AUTH_REQUIRES_RECENT_LOGIN"
+      );
+
+    case "auth/expired-action-code":
+      return new AuthError(
+        "This link has expired. Please request a new one.",
+        "AUTH_EXPIRED_ACTION_CODE"
+      );
+
+    case "auth/invalid-action-code":
+      return new AuthError(
+        "This link is invalid. Please request a new one.",
+        "AUTH_INVALID_ACTION_CODE"
+      );
+
+    default:
+      return new AuthError(message, code || "AUTH_UNKNOWN_ERROR");
+  }
 }
 

package/src/infrastructure/utils/AuthValidation.ts

@@ -1,60 +1,164 @@
 /**
  * Auth Validation Utilities
- * Single Responsibility: Email and password validation
+ * Single Responsibility: Email and password validation for authentication
  */
 
-import type { AuthConfig } from "../../domain/value-objects/AuthConfig";
+import type { PasswordConfig } from "../../domain/value-objects/AuthConfig";
+
+export interface ValidationResult {
+  isValid: boolean;
+  error?: string;
+}
+
+export interface PasswordStrengthResult extends ValidationResult {
+  requirements: PasswordRequirements;
+}
+
+export interface PasswordRequirements {
+  hasMinLength: boolean;
+  hasUppercase: boolean;
+  hasLowercase: boolean;
+  hasNumber: boolean;
+  hasSpecialChar: boolean;
+}
+
+const EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+const UPPERCASE_REGEX = /[A-Z]/;
+const LOWERCASE_REGEX = /[a-z]/;
+const NUMBER_REGEX = /[0-9]/;
+const SPECIAL_CHAR_REGEX = /[!@#$%^&*(),.?":{}|<>]/;
 
 /**
  * Validate email format
  */
-export function validateEmail(email: string): boolean {
-  const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
-  return emailRegex.test(email.trim());
+export function validateEmail(email: string): ValidationResult {
+  if (!email || email.trim() === "") {
+    return { isValid: false, error: "Email is required" };
+  }
+
+  if (!EMAIL_REGEX.test(email.trim())) {
+    return { isValid: false, error: "Please enter a valid email address" };
+  }
+
+  return { isValid: true };
 }
 
 /**
- * Validate password strength
+ * Validate password for login - only checks if password is provided
+ * No strength requirements for login (existing users may have old passwords)
  */
-export function validatePassword(
+export function validatePasswordForLogin(password: string): ValidationResult {
+  if (!password || password.length === 0) {
+    return { isValid: false, error: "Password is required" };
+  }
+
+  return { isValid: true };
+}
+
+/**
+ * Validate password strength for registration
+ * Returns detailed requirements for UI feedback
+ */
+export function validatePasswordForRegister(
   password: string,
-  config: Required<Omit<AuthConfig, "onUserCreated" | "onUserUpdated" | "onSignOut">>
-): { valid: boolean; error?: string } {
-  if (password.length < config.minPasswordLength) {
+  config: PasswordConfig
+): PasswordStrengthResult {
+  const requirements: PasswordRequirements = {
+    hasMinLength: password.length >= config.minLength,
+    hasUppercase: !config.requireUppercase || UPPERCASE_REGEX.test(password),
+    hasLowercase: !config.requireLowercase || LOWERCASE_REGEX.test(password),
+    hasNumber: !config.requireNumber || NUMBER_REGEX.test(password),
+    hasSpecialChar:
+      !config.requireSpecialChar || SPECIAL_CHAR_REGEX.test(password),
+  };
+
+  if (!password || password.length === 0) {
     return {
-      valid: false,
-      error: `Password must be at least ${config.minPasswordLength} characters long`,
+      isValid: false,
+      error: "Password is required",
+      requirements,
     };
   }
 
-  if (config.requireUppercase && !/[A-Z]/.test(password)) {
+  if (!requirements.hasMinLength) {
     return {
-      valid: false,
+      isValid: false,
+      error: `Password must be at least ${config.minLength} characters`,
+      requirements,
+    };
+  }
+
+  if (config.requireUppercase && !UPPERCASE_REGEX.test(password)) {
+    return {
+      isValid: false,
       error: "Password must contain at least one uppercase letter",
+      requirements,
     };
   }
 
-  if (config.requireLowercase && !/[a-z]/.test(password)) {
+  if (config.requireLowercase && !LOWERCASE_REGEX.test(password)) {
     return {
-      valid: false,
+      isValid: false,
       error: "Password must contain at least one lowercase letter",
+      requirements,
     };
   }
 
-  if (config.requireNumbers && !/[0-9]/.test(password)) {
+  if (config.requireNumber && !NUMBER_REGEX.test(password)) {
     return {
-      valid: false,
+      isValid: false,
       error: "Password must contain at least one number",
+      requirements,
     };
   }
 
-  if (config.requireSpecialChars && !/[!@#$%^&*(),.?":{}|<>]/.test(password)) {
+  if (config.requireSpecialChar && !SPECIAL_CHAR_REGEX.test(password)) {
     return {
-      valid: false,
+      isValid: false,
       error: "Password must contain at least one special character",
+      requirements,
+    };
+  }
+
+  return { isValid: true, requirements };
+}
+
+/**
+ * Validate password confirmation
+ */
+export function validatePasswordConfirmation(
+  password: string,
+  confirmPassword: string
+): ValidationResult {
+  if (!confirmPassword) {
+    return { isValid: false, error: "Please confirm your password" };
+  }
+
+  if (password !== confirmPassword) {
+    return { isValid: false, error: "Passwords do not match" };
+  }
+
+  return { isValid: true };
+}
+
+/**
+ * Validate display name
+ */
+export function validateDisplayName(
+  displayName: string,
+  minLength: number = 2
+): ValidationResult {
+  if (!displayName || displayName.trim() === "") {
+    return { isValid: false, error: "Name is required" };
+  }
+
+  if (displayName.trim().length < minLength) {
+    return {
+      isValid: false,
+      error: `Name must be at least ${minLength} characters`,
     };
   }
 
-  return { valid: true };
+  return { isValid: true };
 }
 

package/src/presentation/hooks/useAuth.ts

@@ -1,18 +1,18 @@
 /**
  * useAuth Hook
  * React hook for authentication state management
- * 
- * Uses Firebase Auth's built-in state management via useFirebaseAuth hook.
- * Adds app-specific state (guest mode, error handling) on top of Firebase Auth.
+ *
+ * Uses provider-agnostic AuthUser type.
+ * Adds app-specific state (guest mode, error handling) on top of provider auth.
  */
 
-import type { User } from "firebase/auth";
 import { useAuthState } from "./useAuthState";
 import { useAuthActions } from "./useAuthActions";
+import type { AuthUser } from "../../domain/entities/AuthUser";
 
 export interface UseAuthResult {
   /** Current authenticated user */
-  user: User | null;
+  user: AuthUser | null;
   /** Whether auth state is loading */
   loading: boolean;
   /** Whether user is in guest mode */

package/src/presentation/hooks/useAuthState.ts

@@ -4,13 +4,27 @@
  */
 
 import { useState, useEffect } from "react";
-import type { User } from "firebase/auth";
 import { DeviceEventEmitter } from "react-native";
 import { getAuthService } from "../../infrastructure/services/AuthService";
 import { useFirebaseAuth } from "@umituz/react-native-firebase-auth";
+import type { AuthUser } from "../../domain/entities/AuthUser";
+
+type FirebaseUser = ReturnType<typeof useFirebaseAuth>["user"];
+
+function mapToAuthUser(user: FirebaseUser): AuthUser | null {
+  if (!user) return null;
+  return {
+    uid: user.uid,
+    email: user.email,
+    displayName: user.displayName,
+    isAnonymous: user.isAnonymous,
+    emailVerified: user.emailVerified,
+    photoURL: user.photoURL,
+  };
+}
 
 export interface UseAuthStateResult {
-  user: User | null;
+  user: AuthUser | null;
   isAuthenticated: boolean;
   isGuest: boolean;
   loading: boolean;
@@ -32,7 +46,7 @@ export function useAuthState(): UseAuthStateResult {
   const [error, setError] = useState<string | null>(null);
   const [loading, setLoading] = useState(false);
 
-  const user = isGuest ? null : firebaseUser;
+  const user = isGuest ? null : mapToAuthUser(firebaseUser);
   const isAuthenticated = !!user && !isGuest;
 
   // Reset guest mode when user signs in