@umituz/react-native-auth 3.4.31 → 3.4.33

package/src/presentation/hooks/useAccountManagement.md

@@ -1,380 +1,337 @@
 # useAccountManagement
 
-Hesap yönetimi işlemleri için hook. Çıkış yapma ve hesap silme işlevselliği sağlar.
+Hook for account management operations (logout, delete account).
 
-## Özellikler
+---
 
-- Güvenli çıkış yapma
-- Hesap silme (reauthentication gerektirir)
-- Reauthentication callback desteği
-- Loading state yönetimi
+## Strategy
 
-## Kullanım
+**Purpose**: Provides safe account management operations including sign out and account deletion with proper confirmations and reauthentication.
 
+**When to Use**:
+- Account settings screens
+- Logout functionality
+- Account deletion flows
+- Need user account operations
+
+**Import Path**:
 ```typescript
 import { useAccountManagement } from '@umituz/react-native-auth';
-
-function AccountSettings() {
-  const { logout, deleteAccount, isLoading, isDeletingAccount } = useAccountManagement({
-    onReauthRequired: async () => {
-      // Google/Apple ile yeniden authentication
-      const result = await reauthenticateWithGoogle();
-      return result.success;
-    },
-    onPasswordRequired: async () => {
-      // Şifre prompt göster
-      const password = await showPasswordPrompt();
-      return password;
-    },
-  });
-
-  const handleLogout = async () => {
-    Alert.alert(
-      'Çıkış Yap',
-      'Çıkış yapmak istediğinizden emin misiniz?',
-      [
-        { text: 'İptal', style: 'cancel' },
-        {
-          text: 'Çıkış',
-          onPress: logout,
-        },
-      ]
-    );
-  };
-
-  const handleDeleteAccount = async () => {
-    Alert.alert(
-      'Hesabı Sil',
-      'Bu işlem geri alınamaz. Hesabınızı silmek istediğinizden emin misiniz?',
-      [
-        { text: 'İptal', style: 'cancel' },
-        {
-          text: 'Sil',
-          style: 'destructive',
-          onPress: deleteAccount,
-        },
-      ]
-    );
-  };
-
-  return (
-    <View>
-      <Button onPress={handleLogout} disabled={isLoading}>
-        Çıkış Yap
-      </Button>
-      <Button
-        onPress={handleDeleteAccount}
-        disabled={isDeletingAccount}
-        style={{ backgroundColor: 'red' }}
-      >
-        {isDeletingAccount ? 'Siliniyor...' : 'Hesabı Sil'}
-      </Button>
-    </View>
-  );
-}
 ```
 
-## API
+**Hook Location**: `src/presentation/hooks/useAccountManagement.ts`
+
+---
+
+## Core Operations
+
+### logout
+
+**Purpose**: Sign out user and clear authentication state.
+
+**Rules**:
+- MUST confirm with user before signing out
+- MUST handle loading state during operation
+- MUST clear local user data after sign out
+- MUST navigate to login screen after sign out
+- MUST handle errors gracefully
+
+**MUST NOT**:
+- Sign out without user confirmation
+- Clear user data before sign out complete
+- Block app functionality on error
+- Lose navigation context
 
-### Parameters
+**Constraints**:
+- Clears Firebase Auth session
+- Resets auth store state
+- Anonymous users: Loses all data
+- Authenticated users: Can sign back in
+- No server-side data deletion
 
-| Param | Tip | Required | Açıklama |
-|-------|------|----------|----------|
-| `onReauthRequired` | `() => Promise<boolean>` | No | Google/Apple ile yeniden authentication callback'i |
-| `onPasswordRequired` | `() => Promise<string \| null>` | No | Şifre ile yeniden authentication callback'i |
+---
 
-### Return Value
+### deleteAccount
 
-| Prop | Tip | Açıklama |
-|------|-----|----------|
-| `logout` | `() => Promise<void>` | Çıkış yapma fonksiyonu |
-| `deleteAccount` | `() => Promise<void>` | Hesap silme fonksiyonu |
-| `isLoading` | `boolean` | Genel loading durumu |
-| `isDeletingAccount` | `boolean` | Hesap silme loading durumu |
+**Purpose**: Permanently delete user account and all associated data.
+
+**Rules**:
+- MUST require double confirmation
+- MUST show clear warning about irreversibility
+- MUST require recent authentication
+- MUST handle reauthentication if needed
+- MUST provide error messages on failure
+- MUST hide option for anonymous users
+
+**MUST NOT**:
+- Delete account without confirmation
+- Delete without recent authentication
+- Show to anonymous users
+- Expose technical error details
+- Allow account recovery
+
+**Constraints**:
+- Firebase requirement: Recent authentication (< 5 minutes)
+- Double confirmation: Warning + Confirm
+- Permanent deletion: Cannot undo
+- Reauthentication: May be required
+- Anonymous accounts: Cannot be deleted
+
+---
 
 ## Reauthentication
 
-Hesap silme işlemi hassas bir işlem olduğu için Firebase, kullanıcının son zamanlarda giriş yapmasını gerektirir. Bu hook size reauthentication için callback'ler sağlar.
+### Strategy
 
-### onReauthRequired
+**Purpose**: Handle Firebase requirement for recent authentication before sensitive operations.
 
-Google veya Apple ile giriş yapmış kullanıcılar için:
+**Rules**:
+- MUST provide reauthentication callbacks
+- MUST support both password and social auth reauth
+- MUST show reauthentication UI when required
+- MUST block operation until reauth complete
+- MUST handle reauth failure gracefully
 
-```typescript
-const { deleteAccount } = useAccountManagement({
-  onReauthRequired: async () => {
-    try {
-      // Google ile yeniden authentication
-      const result = await signInWithGooglePopup();
-
-      if (result.user) {
-        Alert.alert('Başarılı', 'Lütfen hesap silme işlemine devam edin');
-        return true;
-      }
-
-      return false;
-    } catch (error) {
-      Alert.alert('Hata', 'Reauthentication başarısız');
-      return false;
-    }
-  },
-});
-```
+**MUST NOT**:
+- Skip reauthentication requirement
+- Allow operation without recent auth
+- Hide reauthentication prompt from user
+- Confuse reauth with initial login
 
-### onPasswordRequired
+### Constraints
 
-Email/password ile giriş yapmış kullanıcılar için:
+**REAUTHENTICATION TRIGGERS**:
+- Account deletion
+- Password change (if implementing)
+- Sensitive account operations
+- Firebase-determined requirement
 
-```typescript
-const { deleteAccount } = useAccountManagement({
-  onPasswordRequired: async () => {
-    return new Promise((resolve) => {
-      // Şifre prompt göster
-      Alert.prompt(
-        'Şifre Girin',
-        'Hesabınızı silmek için şifrenizi girin',
-        [
-          {
-            text: 'İptal',
-            onPress: () => resolve(null),
-            style: 'cancel',
-          },
-          {
-            text: 'Tamam',
-            onPress: (password) => resolve(password || null),
-          },
-        ],
-        'secure-text'
-      );
-    });
-  },
-});
-```
+**CALLBACK TYPES**:
 
-## Örnekler
+**onReauthRequired**
+- Used for: Google/Apple social auth users
+- Purpose: Re-sign in with social provider
+- Must return: `boolean` (success status)
+- Called when: Social auth needs reauth
 
-### Basit Hesap Ayarları Ekranı
+**onPasswordRequired**
+- Used for: Email/password users
+- Purpose: Get current password
+- Must return: `string | null` (password or cancel)
+- Called when: Email auth needs reauth
 
-```typescript
-function AccountSettingsScreen() {
-  const { logout, deleteAccount, isDeletingAccount } = useAccountManagement();
-  const navigation = useNavigation();
-
-  const handleLogout = async () => {
-    try {
-      await logout();
-      navigation.replace('Login');
-    } catch (error) {
-      Alert.alert('Hata', 'Çıkış yapılamadı');
-    }
-  };
-
-  const handleDeleteAccount = async () => {
-    try {
-      await deleteAccount();
-      navigation.replace('Login');
-      Alert.alert('Başarılı', 'Hesabınız silindi');
-    } catch (error) {
-      Alert.alert('Hata', 'Hesap silinemedi');
-    }
-  };
-
-  return (
-    <ScrollView style={styles.container}>
-      <Section title="Oturum">
-        <MenuItem
-          title="Çıkış Yap"
-          icon="log-out"
-          onPress={handleLogout}
-        />
-      </Section>
-
-      <Section title="Tehlikeli Bölge">
-        <MenuItem
-          title="Hesabı Sil"
-          icon="trash"
-          onPress={handleDeleteAccount}
-          destructive
-          disabled={isDeletingAccount}
-        />
-        {isDeletingAccount && <ActivityIndicator />}
-      </Section>
-    </ScrollView>
-  );
-}
-```
+**REAUTH FLOW**:
+1. User initiates sensitive operation
+2. Firebase requires recent authentication
+3. Hook calls appropriate callback
+4. App shows reauthentication UI
+5. User reauthenticates
+6. Operation proceeds if successful
 
-### Custom Reauthentication UI
+---
 
-```typescript
-function DeleteAccountScreen() {
-  const [showReauth, setShowReauth] = useState(false);
-  const [reauthMethod, setReauthMethod] = useState<'password' | 'google' | 'apple'>('password');
-
-  const { deleteAccount, isDeletingAccount } = useAccountManagement({
-    onReauthRequired: async () => {
-      setShowReauth(true);
-      return new Promise((resolve) => {
-        // Custom reauthentication UI
-        const handleResult = (success: boolean) => {
-          setShowReauth(false);
-          resolve(success);
-        };
-
-        // UI'ı göster ve sonucu bekle
-        showCustomReauthUI(reauthMethod, handleResult);
-      });
-    },
-    onPasswordRequired: async () => {
-      setShowReauth(true);
-      return new Promise((resolve) => {
-        // Custom password prompt
-        showPasswordPrompt((password) => {
-          setShowReauth(false);
-          resolve(password);
-        });
-      });
-    },
-  });
-
-  const handleDelete = async () => {
-    try {
-      await deleteAccount();
-      Alert.alert('Başarılı', 'Hesabınız silindi');
-    } catch (error) {
-      Alert.alert('Hata', error.message);
-    }
-  };
-
-  return (
-    <View>
-      <Button onPress={handleDelete} disabled={isDeletingAccount}>
-        Hesabı Sil
-      </Button>
-
-      {showReauth && (
-        <ReauthenticationModal
-          method={reauthMethod}
-          onComplete={() => {
-            // Reauthentication başarılı, deleteAccount devam eder
-          }}
-        />
-      )}
-    </View>
-  );
-}
-```
+## Loading States
 
-### Hesap Silme Onayı
+### Strategy
 
-```typescript
-function DeleteAccountConfirmation() {
-  const { deleteAccount, isDeletingAccount } = useAccountManagement();
-  const [agreed, setAgreed] = useState(false);
-
-  const handleDelete = async () => {
-    if (!agreed) {
-      Alert.alert('Uyarı', 'Lütfen koşulları kabul edin');
-      return;
-    }
-
-    Alert.alert(
-      'Hesabı Sil',
-      'Bu işlem geri alınamaz. Devam etmek istediğinizden emin misiniz?',
-      [
-        { text: 'İptal', style: 'cancel' },
-        {
-          text: 'Sil',
-          style: 'destructive',
-          onPress: deleteAccount,
-        },
-      ]
-    );
-  };
-
-  return (
-    <View>
-      <Text style={styles.warning}>
-        Hesabınızı silerseniz:
-      </Text>
-      <Text>• Tüm verileriniz kalıcı olarak silinir</Text>
-      <Text>• İşlemler geri alınamaz</Text>
-      <Text>• Aynı hesapla tekrar giriş yapamazsınız</Text>
-
-      <CheckBox
-        value={agreed}
-        onValueChange={setAgreed}
-        label="Hesap silme koşullarını kabul ediyorum"
-      />
-
-      <Button
-        onPress={handleDelete}
-        disabled={!agreed || isDeletingAccount}
-        style={{ backgroundColor: 'red' }}
-      >
-        {isDeletingAccount ? 'Siliniyor...' : 'Hesabı Kalıcı Olarak Sil'}
-      </Button>
-    </View>
-  );
-}
-```
+**Purpose**: Proper UX during account management operations.
 
-## Hata Yönetimi
+**Rules**:
+- MUST show loading indicator during operations
+- MUST disable buttons during operation
+- MUST prevent concurrent operations
+- MUST re-enable after completion
 
-```typescript
-function AccountSettings() {
-  const { logout, deleteAccount } = useAccountManagement();
-
-  const handleLogout = async () => {
-    try {
-      await logout();
-    } catch (error) {
-      if (error.code === 'auth/network-request-failed') {
-        Alert.alert('Bağlantı Hatası', 'İnternet bağlantınızı kontrol edin');
-      } else {
-        Alert.alert('Hata', 'Çıkış yapılamadı');
-      }
-    }
-  };
-
-  const handleDeleteAccount = async () => {
-    try {
-      await deleteAccount();
-    } catch (error) {
-      if (error.code === 'auth/requires-recent-login') {
-        Alert.alert(
-          'Giriş Gerekiyor',
-          'Hesabınızı silmek için lütfen tekrar giriş yapın'
-        );
-      } else if (error.code === 'auth/too-many-requests') {
-        Alert.alert(
-          'Çok Fazla Deneme',
-          'Çok fazla başarısız deneme. Lütfen daha sonra tekrar deneyin'
-        );
-      } else {
-        Alert.alert('Hata', 'Hesap silinemedi');
-      }
-    }
-  };
-
-  return (
-    <View>
-      <Button onPress={handleLogout}>Çıkış Yap</Button>
-      <Button onPress={handleDeleteAccount}>Hesabı Sil</Button>
-    </View>
-  );
-}
-```
+**MUST NOT**:
+- Allow multiple simultaneous operations
+- Leave loading state indefinitely
+- Block UI without indication
+- Allow operation during loading
+
+### Constraints
+
+**LOADING STATES**:
+- `isLoading: boolean` - General loading state
+- `isDeletingAccount: boolean` - Specific to deletion
+
+**OPERATION DURATION**:
+- Sign out: < 2 seconds
+- Account deletion: 5-10 seconds
+- Reauthentication: Variable (user-controlled)
+
+**DISABLED STATES**:
+- Disable all account actions during operation
+- Disable navigation during operation
+- Show progress indication
+- Maintain interactivity for cancel
+
+---
+
+## Anonymous User Handling
+
+### Strategy
+
+**Purpose**: Proper handling for anonymous users vs authenticated users.
+
+**Rules**:
+- MUST hide account deletion for anonymous users
+- MUST show "Create Account" option instead
+- MUST explain anonymous limitations
+- MUST preserve data during upgrade
+
+**MUST NOT**:
+- Show account deletion to anonymous users
+- Allow sign out without warning
+- Treat anonymous users as authenticated
+- Hide anonymous status
+
+### Constraints
+
+**ANONYMOUS LIMITATIONS**:
+- Cannot delete anonymous account
+- Cannot change password (no password)
+- Sign out loses all data
+- Limited account settings
+
+**UPGRADE PATH**:
+- Anonymous → Registered
+- Link credentials to anonymous account
+- Preserve existing user ID
+- Migrate existing data
+- Seamless transition
+
+---
+
+## Error Handling
+
+### Strategy
+
+**Purpose**: Graceful handling of account operation failures.
+
+**Rules**:
+- MUST handle operation errors gracefully
+- MUST show user-friendly error messages
+- MUST allow retry after failures
+- MUST not crash on errors
+- MUST distinguish error types
+
+**MUST NOT**:
+- Show raw error messages to users
+- Block retry indefinitely
+- Crash on operation failures
+- Expose sensitive error details
+
+### Constraints
+
+**ERROR CATEGORIES**:
+- Network errors: Connection issues
+- Reauth errors: Authentication required
+- Permission errors: Insufficient permissions
+- Firebase errors: Service issues
+
+**RECOVERY OPTIONS**:
+- Retry operation automatically
+- Show error with retry button
+- Reauthenticate if required
+- Support contact for persistent issues
+
+**ERROR DISPLAY**:
+- Alert/Modal for critical errors
+- Inline text for non-critical
+- Toast for success/cancellation
+- Console logging for debugging
+
+---
+
+## Security Requirements
+
+### Strategy
+
+**Purpose**: Ensure account operations are secure.
+
+**Rules**:
+- MUST require recent authentication for deletion
+- MUST validate permissions before operations
+- MUST log security events
+- MUST use secure token handling
+- MUST implement proper error handling
+
+**MUST NOT**:
+- Allow deletion without reauthentication
+- Skip permission checks
+- Log sensitive data
+- Expose tokens in errors
+- Bypass Firebase security
+
+### Constraints
+
+**REAUTHENTICATION REQUIREMENTS**:
+- Account deletion: Recent auth required
+- Timeout: Typically 5 minutes
+- Methods: Re-sign in with credentials
+- Failure: Block destructive action
+
+**SECURITY LOGGING**:
+- Log: Account views, settings access
+- Log: Sign out, deletion attempts
+- Never log: Passwords, tokens, credentials
+- Purpose: Security audit, debugging
+
+**DATA HANDLING**:
+- Tokens managed by Firebase SDK
+- Secure storage for credentials
+- No plaintext password storage
+- Proper session cleanup
+
+---
+
+## Navigation Integration
+
+### Strategy
+
+**Purpose**: Proper navigation flow for account operations.
+
+**Rules**:
+- MUST navigate to login after sign out
+- MUST navigate to welcome after deletion
+- MUST handle back navigation properly
+- MUST maintain navigation context
+
+**MUST NOT**:
+- Break navigation stack
+- Leave modals open after operations
+- Lose user context
+- Create navigation loops
+
+### Constraints
+
+**SIGN OUT FLOW**:
+1. User confirms sign out
+2. Clear auth state
+3. Navigate to login screen
+4. Replace entire navigation stack
+5. Clear any deep links
+
+**DELETION FLOW**:
+1. User confirms deletion (twice)
+2. Reauthenticate if required
+3. Delete account
+4. Navigate to welcome/login
+5. Replace entire navigation stack
+
+**STACK MANAGEMENT**:
+- Sign out: Replace stack with login
+- Delete account: Replace stack with welcome
+- No back navigation to authenticated screens
+
+---
 
-## Önemli Notlar
+## Related Hooks
 
-1. **Reauthentication Gerekli**: Firebase, hesap silme işlemi için son zamanlarda giriş yapmayı gerektirir
-2. **Anonymous Kullanıcılar**: Anonymous hesaplar silinemez
-3. **Geri Alınamaz**: Hesap silme işlemi geri alınamaz
-4. **Callback'ler**: `onReauthRequired` ve `onPasswordRequired` callback'lerini sağlamazsanız, hatalar fırlatılır
+- **`useAuth`** (`src/presentation/hooks/useAuth.ts`) - Authentication state
+- **`useUserProfile`** (`src/presentation/hooks/useUserProfile.ts`) - Profile data
+- **`useProfileUpdate`** (`src/presentation/hooks/useProfileUpdate.md`) - Profile editing
 
-## İlgili Hooks
+## Related Components
 
-- [`useAuth`](./useAuth.md) - Ana auth state yönetimi
-- [`useSignOut`](./useAuth.md) - Çıkış yapma fonksiyonu
-- [`useUserProfile`](./useUserProfile.md) - Profil bilgileri
+- **`AccountActions`** (`src/presentation/components/ProfileComponents.md`) - Account management UI