@vaiftech/auth 1.0.0

package/dist/index.d.ts

@@ -0,0 +1,83 @@
+import { S as StorageAdapter, A as AsyncStorageAdapter, a as Session } from './client-28ISGmu6.js';
+export { z as AuthChangeEvent, E as AuthClientConfig, G as AuthError, F as AuthErrorCode, y as AuthEventType, e as AuthResponse, B as AuthStateChangeCallback, D as AuthSubscription, C as ConfirmEmailChangeOptions, I as InvalidCredentialsError, M as MFAChallenge, w as MFAChallengeOptions, x as MFAChallengeResponse, t as MFAFactor, s as MFAMethod, u as MFASetupResponse, v as MFAVerifyOptions, r as OAuthIdentity, O as OAuthProviderType, q as OAuthResponse, R as ResetPasswordOptions, H as SessionExpiredError, d as SessionInfo, o as SetPasswordOptions, m as SignInAnonymouslyOptions, i as SignInWithMagicLinkOptions, h as SignInWithOAuthOptions, j as SignInWithOTPOptions, g as SignInWithPasswordOptions, l as SignInWithSSOOptions, f as SignUpOptions, T as TokenRefreshResponse, n as UpdatePasswordOptions, p as UpdateUserOptions, U as User, b as UserInfo, V as VaifAuthClient, k as VerifyOTPOptions, c as createAuthClient, J as isMFAChallenge } from './client-28ISGmu6.js';
+
+/**
+ * @vaiftech/auth - Storage utilities
+ */
+
+/**
+ * Check if running in browser environment
+ */
+declare function isBrowser(): boolean;
+/**
+ * In-memory storage fallback
+ */
+declare class MemoryStorage implements StorageAdapter {
+    private storage;
+    getItem(key: string): string | null;
+    setItem(key: string, value: string): void;
+    removeItem(key: string): void;
+    clear(): void;
+}
+/**
+ * Local storage adapter
+ */
+declare class LocalStorageAdapter implements StorageAdapter {
+    getItem(key: string): string | null;
+    setItem(key: string, value: string): void;
+    removeItem(key: string): void;
+}
+/**
+ * Session storage adapter
+ */
+declare class SessionStorageAdapter implements StorageAdapter {
+    getItem(key: string): string | null;
+    setItem(key: string, value: string): void;
+    removeItem(key: string): void;
+}
+/**
+ * Cookie storage options
+ */
+interface CookieStorageOptions {
+    secure?: boolean;
+    sameSite?: 'strict' | 'lax' | 'none';
+    path?: string;
+    domain?: string;
+    maxAge?: number;
+}
+/**
+ * Cookie storage adapter with secure defaults
+ */
+declare class CookieStorageAdapter implements StorageAdapter {
+    private options;
+    constructor(options?: CookieStorageOptions);
+    getItem(key: string): string | null;
+    setItem(key: string, value: string): void;
+    removeItem(key: string): void;
+}
+/**
+ * Get default storage adapter
+ */
+declare function getDefaultStorage(): StorageAdapter;
+/**
+ * Storage helper with session serialization
+ */
+declare class SessionStorage {
+    private adapter;
+    private keyPrefix;
+    constructor(adapter: StorageAdapter | AsyncStorageAdapter, keyPrefix?: string);
+    private key;
+    getSession(): Promise<Session | null>;
+    setSession(session: Session): Promise<void>;
+    removeSession(): Promise<void>;
+    getRefreshToken(): Promise<string | null>;
+    setRefreshToken(token: string): Promise<void>;
+    removeRefreshToken(): Promise<void>;
+    clear(): Promise<void>;
+}
+declare const memoryStorage: MemoryStorage;
+declare const localStorage: MemoryStorage | LocalStorageAdapter;
+declare const sessionStorage: MemoryStorage | SessionStorageAdapter;
+declare const cookieStorage: (options?: CookieStorageOptions) => CookieStorageAdapter;
+
+export { AsyncStorageAdapter, type CookieStorageOptions, Session, SessionStorage, StorageAdapter, cookieStorage, getDefaultStorage, isBrowser, localStorage, memoryStorage, sessionStorage };

package/dist/index.js

@@ -0,0 +1 @@
+'use strict';function c(i){return "mfaRequired"in i&&i.mfaRequired===true}var a=class i extends Error{constructor(e,t,s,r){super(e),this.name="AuthError",this.code=t,this.status=s,this.details=r;}static isAuthError(e){return e instanceof i}},g=class extends a{constructor(e="Session has expired"){super(e,"session_expired",401),this.name="SessionExpiredError";}},f=class extends a{constructor(e="Invalid email or password"){super(e,"invalid_credentials",401),this.name="InvalidCredentialsError";}};function n(){return typeof window<"u"&&typeof window.document<"u"}function _(){if(!n())return  false;try{let i="__vaif_test__";return window.localStorage.setItem(i,i),window.localStorage.removeItem(i),!0}catch{return  false}}var p=class{constructor(){this.storage=new Map;}getItem(e){return this.storage.get(e)??null}setItem(e,t){this.storage.set(e,t);}removeItem(e){this.storage.delete(e);}clear(){this.storage.clear();}},l=class{getItem(e){if(!n())return null;try{return window.localStorage.getItem(e)}catch{return null}}setItem(e,t){if(n())try{window.localStorage.setItem(e,t);}catch{}}removeItem(e){if(n())try{window.localStorage.removeItem(e);}catch{}}},m=class{getItem(e){if(!n())return null;try{return window.sessionStorage.getItem(e)}catch{return null}}setItem(e,t){if(n())try{window.sessionStorage.setItem(e,t);}catch{}}removeItem(e){if(n())try{window.sessionStorage.removeItem(e);}catch{}}},S=class{constructor(e){this.options={secure:n()&&window.location.protocol==="https:",sameSite:"lax",path:"/",...e};}getItem(e){if(!n())return null;try{let t=document.cookie.split(";");for(let s of t){let[r,o]=s.trim().split("=");if(r===e)return decodeURIComponent(o)}return null}catch{return null}}setItem(e,t){if(n())try{let s=`${e}=${encodeURIComponent(t)}`;s+=`; path=${this.options.path}`,s+=`; samesite=${this.options.sameSite}`,this.options.secure&&(s+="; secure"),this.options.domain&&(s+=`; domain=${this.options.domain}`),this.options.maxAge&&(s+=`; max-age=${this.options.maxAge}`),document.cookie=s;}catch{}}removeItem(e){if(n())try{document.cookie=`${e}=; path=${this.options.path}; expires=Thu, 01 Jan 1970 00:00:00 GMT`;}catch{}}};function y(){return _()?new l:new p}var u=class{constructor(e,t="vaif.auth."){this.adapter=e,this.keyPrefix=t;}key(e){return `${this.keyPrefix}${e}`}async getSession(){try{let e=await this.adapter.getItem(this.key("session"));if(!e)return null;let t=JSON.parse(e);return t.expiresAt&&t.expiresAt<Date.now()?(await this.removeSession(),null):t}catch{return null}}async setSession(e){try{await this.adapter.setItem(this.key("session"),JSON.stringify(e));}catch{}}async removeSession(){try{await this.adapter.removeItem(this.key("session"));}catch{}}async getRefreshToken(){try{return await this.adapter.getItem(this.key("refresh_token"))}catch{return null}}async setRefreshToken(e){try{await this.adapter.setItem(this.key("refresh_token"),e);}catch{}}async removeRefreshToken(){try{await this.adapter.removeItem(this.key("refresh_token"));}catch{}}async clear(){await this.removeSession(),await this.removeRefreshToken();}},A=new p,O=_()?new l:A,k=n()?new m:A,v=i=>new S(i);var P={storageKey:"vaif.auth.",autoRefreshToken:true,persistSession:true,detectSessionInUrl:true,flowType:"implicit",debug:false},I=60*1e3,d=class{constructor(e){this.refreshTimer=null;this.listeners=new Set;this.initialized=false;this.initPromise=null;this.currentSession=null;this.config={...P,...e,headers:e.headers||{},storage:e.storage||y()},this.storage=new u(this.config.storage,this.config.storageKey);}async initialize(){return this.initPromise?this.initPromise.then(()=>this.currentSession):(this.initPromise=this._initialize(),await this.initPromise,this.currentSession)}async _initialize(){if(!this.initialized){if(this.config.detectSessionInUrl&&n()){let e=await this._handleUrlSession();if(e){this.currentSession=e,await this._persistSession(e),this._notifyListeners("SIGNED_IN",e),this._setupAutoRefresh(e),this.initialized=true;return}}if(this.config.persistSession){let e=await this.storage.getSession();e&&(this.currentSession=e,this._notifyListeners("INITIAL_SESSION",e),this._setupAutoRefresh(e));}this.initialized=true;}}async getSession(){return await this.initialize(),this.currentSession}async getUser(){return (await this.getSession())?.user??null}async setSession(e,t){let s=await this._fetchUser(e),r={accessToken:e,refreshToken:t,expiresAt:Date.now()+3600*1e3,expiresIn:3600,tokenType:"bearer",user:s};return this.currentSession=r,await this._persistSession(r),this._notifyListeners("SIGNED_IN",r),this._setupAutoRefresh(r),{session:r,user:s}}async refreshSession(){let e=await this.getSession();if(!e?.refreshToken)return null;try{let t=await this._refreshToken(e.refreshToken),s={...e,accessToken:t.accessToken,refreshToken:t.refreshToken||e.refreshToken,expiresAt:t.expiresAt,expiresIn:t.expiresIn};return this.currentSession=s,await this._persistSession(s),this._notifyListeners("TOKEN_REFRESHED",s),this._setupAutoRefresh(s),s}catch(t){return this._log("Failed to refresh session:",t),await this.signOut(),null}}async signUp(e){let t=await this._fetch("/auth/signup",{method:"POST",body:JSON.stringify({email:e.email,password:e.password,name:e.name,phone:e.phone,metadata:e.metadata,redirectUrl:e.redirectUrl||e.emailRedirectTo})});return c(t)||(this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("SIGNED_IN",t.session),this._setupAutoRefresh(t.session)),t}async signInWithPassword(e){let t=await this._fetch("/auth/login",{method:"POST",body:JSON.stringify({email:e.email,password:e.password,mfaCode:e.mfaCode,rememberMe:e.rememberMe})});return c(t)||(this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("SIGNED_IN",t.session),this._setupAutoRefresh(t.session)),t}async signInWithOAuth(e){let t=await this._fetch("/auth/oauth/authorize",{method:"POST",body:JSON.stringify({provider:e.provider,redirectUrl:e.redirectTo,scopes:e.scopes,queryParams:e.queryParams,flowType:this.config.flowType})});return n()&&(window.location.href=t.url),t}async signInWithMagicLink(e){return this._fetch("/auth/magic-link/send",{method:"POST",body:JSON.stringify({email:e.email,redirectUrl:e.redirectTo,shouldCreateUser:e.shouldCreateUser})})}async signInWithOTP(e){let t=e.phone?"/auth/phone/send":"/auth/otp/send";return this._fetch(t,{method:"POST",body:JSON.stringify({email:e.email,phone:e.phone,channel:e.channel,shouldCreateUser:e.shouldCreateUser})})}async verifyOTP(e){let t=await this._fetch("/auth/otp/verify",{method:"POST",body:JSON.stringify({email:e.email,phone:e.phone,token:e.token,type:e.type})});return this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("SIGNED_IN",t.session),this._setupAutoRefresh(t.session),t}async signInAnonymously(e){let t=await this._fetch("/auth/anonymous",{method:"POST",body:JSON.stringify({metadata:e?.metadata})});return this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("SIGNED_IN",t.session),this._setupAutoRefresh(t.session),t}async signOut(){try{this.currentSession&&await this._fetch("/auth/logout",{method:"POST"});}catch{}this._clearRefreshTimer(),this.currentSession=null,await this.storage.clear(),this._notifyListeners("SIGNED_OUT",null);}async signOutAll(){try{await this._fetch("/auth/logout-all",{method:"POST"});}catch{}this._clearRefreshTimer(),this.currentSession=null,await this.storage.clear(),this._notifyListeners("SIGNED_OUT",null);}async resetPasswordForEmail(e){return this._fetch("/auth/forgot-password",{method:"POST",body:JSON.stringify({email:e.email,redirectUrl:e.redirectTo})})}async updatePassword(e){return this._fetch("/users/me/change-password",{method:"POST",body:JSON.stringify({currentPassword:e.currentPassword,newPassword:e.newPassword})})}async setPassword(e){let t=await this._fetch("/auth/reset-password",{method:"POST",body:JSON.stringify({token:e.token,password:e.password})});return this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("PASSWORD_RECOVERY",t.session),this._setupAutoRefresh(t.session),t}async updateUser(e){let t=await this._fetch("/users/me",{method:"PATCH",body:JSON.stringify(e)});return this.currentSession&&(this.currentSession={...this.currentSession,user:t.user},await this._persistSession(this.currentSession),this._notifyListeners("USER_UPDATED",this.currentSession)),t.user}async getUserIdentities(){return (await this._fetch("/auth/oauth/providers")).identities}async linkIdentity(e,t){let s=await this._fetch("/auth/oauth/link",{method:"POST",body:JSON.stringify({provider:e,redirectUrl:t?.redirectTo})});return n()&&(window.location.href=s.url),s}async unlinkIdentity(e){return this._fetch(`/auth/oauth/unlink/${e}`,{method:"POST"})}async listMFAFactors(){return (await this._fetch("/auth/mfa/factors")).factors}async enrollMFA(e){return this._fetch("/auth/mfa/setup",{method:"POST",body:JSON.stringify({method:e.type,friendlyName:e.friendlyName})})}async verifyMFA(e){return this._fetch("/auth/mfa/enable",{method:"POST",body:JSON.stringify({factorId:e.factorId,code:e.code})})}async challengeMFA(e){return this._fetch("/auth/mfa/challenge",{method:"POST",body:JSON.stringify({factorId:e.factorId})})}async verifyMFAChallenge(e,t){let s=await this._fetch("/auth/mfa/verify",{method:"POST",body:JSON.stringify({mfaToken:e,code:t})});return this.currentSession=s.session,await this._persistSession(s.session),this._notifyListeners("MFA_CHALLENGE_VERIFIED",s.session),this._setupAutoRefresh(s.session),s}async unenrollMFA(e,t){return this._fetch("/auth/mfa/disable",{method:"POST",body:JSON.stringify({factorId:e,code:t})})}async regenerateBackupCodes(){return this._fetch("/auth/mfa/backup-codes",{method:"POST"})}async listSessions(){return (await this._fetch("/auth/sessions")).sessions}async revokeSession(e){return this._fetch(`/auth/sessions/${e}`,{method:"DELETE"})}async revokeOtherSessions(){return this._fetch("/auth/sessions/revoke-others",{method:"POST"})}async resendEmailVerification(e){return this._fetch("/auth/verify-email/send",{method:"POST",body:JSON.stringify({redirectUrl:e?.redirectTo})})}async verifyEmail(e){let t=await this._fetch("/auth/verify-email/confirm",{method:"POST",body:JSON.stringify({token:e})});return this.currentSession&&(this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("USER_UPDATED",t.session)),t}onAuthStateChange(e){return this.listeners.add(e),this.initialized&&e({event:this.currentSession?"INITIAL_SESSION":"SIGNED_OUT",session:this.currentSession}),{unsubscribe:()=>{this.listeners.delete(e);}}}async _fetch(e,t={}){let s=`${this.config.url}${e}`,r={"Content-Type":"application/json",...this.config.headers};this.config.apiKey&&(r["x-vaif-key"]=this.config.apiKey),this.currentSession?.accessToken&&(r.Authorization=`Bearer ${this.currentSession.accessToken}`);let o=await fetch(s,{...t,headers:r});if(!o.ok){let h=await o.json().catch(()=>({}));throw new a(h.message||"Request failed",this._mapErrorCode(o.status,h.code),o.status,h)}return o.json()}async _fetchUser(e){let t=await fetch(`${this.config.url}/auth/me`,{headers:{Authorization:`Bearer ${e}`,...this.config.headers}});if(!t.ok)throw new a("Failed to fetch user","invalid_token",t.status);return (await t.json()).user}async _refreshToken(e){let t=await fetch(`${this.config.url}/auth/refresh`,{method:"POST",headers:{"Content-Type":"application/json",...this.config.headers},body:JSON.stringify({refreshToken:e})});if(!t.ok)throw new a("Failed to refresh token","token_expired",t.status);return t.json()}async _handleUrlSession(){if(!n())return null;let e=new URLSearchParams(window.location.hash.substring(1)),t=new URLSearchParams(window.location.search),s=e.get("access_token")||t.get("access_token"),r=e.get("refresh_token")||t.get("refresh_token"),o=e.get("expires_in")||t.get("expires_in");if(!s)return null;try{let h=await this._fetchUser(s),w={accessToken:s,refreshToken:r||void 0,expiresAt:Date.now()+(o?parseInt(o,10)*1e3:36e5),expiresIn:o?parseInt(o,10):3600,tokenType:"bearer",user:h};return window.history.replaceState(null,"",window.location.pathname),w}catch(h){return this._log("Failed to handle URL session:",h),null}}async _persistSession(e){this.config.persistSession&&(await this.storage.setSession(e),e.refreshToken&&await this.storage.setRefreshToken(e.refreshToken));}_setupAutoRefresh(e){if(!this.config.autoRefreshToken||!e.refreshToken)return;this._clearRefreshTimer();let t=e.expiresAt,s=Date.now(),r=Math.max(0,t-s-I);this._log(`Setting up auto refresh in ${Math.round(r/1e3)}s`),this.refreshTimer=setTimeout(()=>{this.refreshSession();},r);}_clearRefreshTimer(){this.refreshTimer&&(clearTimeout(this.refreshTimer),this.refreshTimer=null);}_notifyListeners(e,t){let s={event:e,session:t};this.listeners.forEach(r=>{try{r(s);}catch(o){this._log("Error in auth state change listener:",o);}});}_mapErrorCode(e,t){if(t){let s={invalid_credentials:"invalid_credentials",user_not_found:"user_not_found",user_already_exists:"user_already_exists",email_not_verified:"email_not_verified",phone_not_verified:"phone_not_verified",invalid_token:"invalid_token",token_expired:"token_expired",mfa_required:"mfa_required",mfa_invalid:"mfa_invalid",rate_limited:"rate_limited",weak_password:"weak_password",invalid_email:"invalid_email",invalid_phone:"invalid_phone"};if(s[t])return s[t]}switch(e){case 401:return "invalid_credentials";case 403:return "token_expired";case 404:return "user_not_found";case 409:return "user_already_exists";case 429:return "rate_limited";default:return "unknown_error"}}_log(...e){this.config.debug&&console.log("[VaifAuth]",...e);}};function T(i){return new d(i)}exports.AuthError=a;exports.InvalidCredentialsError=f;exports.SessionExpiredError=g;exports.SessionStorage=u;exports.VaifAuthClient=d;exports.cookieStorage=v;exports.createAuthClient=T;exports.getDefaultStorage=y;exports.isBrowser=n;exports.isMFAChallenge=c;exports.localStorage=O;exports.memoryStorage=A;exports.sessionStorage=k;

package/dist/index.mjs

@@ -0,0 +1 @@
+export{b as AuthError,d as InvalidCredentialsError,c as SessionExpiredError,g as SessionStorage,l as VaifAuthClient,k as cookieStorage,m as createAuthClient,f as getDefaultStorage,e as isBrowser,a as isMFAChallenge,i as localStorage,h as memoryStorage,j as sessionStorage}from'./chunk-JF55RF72.mjs';

package/dist/react.d.mts

@@ -0,0 +1,158 @@
+import { E as AuthClientConfig, V as VaifAuthClient, a as Session, U as User, f as SignUpOptions, e as AuthResponse, M as MFAChallenge, g as SignInWithPasswordOptions, h as SignInWithOAuthOptions, i as SignInWithMagicLinkOptions, t as MFAFactor, u as MFASetupResponse, r as OAuthIdentity, O as OAuthProviderType, q as OAuthResponse, d as SessionInfo } from './client-28ISGmu6.mjs';
+export { z as AuthChangeEvent, y as AuthEventType, D as AuthSubscription, c as createAuthClient } from './client-28ISGmu6.mjs';
+import * as react_jsx_runtime from 'react/jsx-runtime';
+import { ReactNode } from 'react';
+
+interface AuthProviderProps {
+    children: ReactNode;
+    /**
+     * Auth client configuration
+     */
+    config?: AuthClientConfig;
+    /**
+     * Pre-configured auth client instance
+     */
+    client?: VaifAuthClient;
+    /**
+     * Initial session (for SSR)
+     */
+    initialSession?: Session | null;
+}
+/**
+ * Auth provider component
+ *
+ * @example
+ * ```tsx
+ * import { AuthProvider } from '@vaiftech/auth/react';
+ *
+ * function App() {
+ *   return (
+ *     <AuthProvider config={{ url: 'https://api.vaif.studio', apiKey: 'your-key' }}>
+ *       <YourApp />
+ *     </AuthProvider>
+ *   );
+ * }
+ * ```
+ */
+declare function AuthProvider({ children, config, client: providedClient, initialSession, }: AuthProviderProps): react_jsx_runtime.JSX.Element;
+/**
+ * Get the auth client instance
+ */
+declare function useAuthClient(): VaifAuthClient;
+/**
+ * Main auth hook with all auth state and methods
+ *
+ * @example
+ * ```tsx
+ * function LoginPage() {
+ *   const {
+ *     user,
+ *     isLoading,
+ *     isAuthenticated,
+ *     signInWithPassword,
+ *     signInWithOAuth,
+ *     signOut,
+ *   } = useAuth();
+ *
+ *   if (isLoading) return <Loading />;
+ *   if (isAuthenticated) return <Redirect to="/dashboard" />;
+ *
+ *   return (
+ *     <form onSubmit={(e) => {
+ *       e.preventDefault();
+ *       signInWithPassword({ email, password });
+ *     }}>
+ *       ...
+ *     </form>
+ *   );
+ * }
+ * ```
+ */
+declare function useAuth(): {
+    session: Session | null;
+    user: User | null;
+    isLoading: boolean;
+    isAuthenticated: boolean;
+    error: Error | null;
+    signUp: (options: SignUpOptions) => Promise<AuthResponse | MFAChallenge>;
+    signInWithPassword: (options: SignInWithPasswordOptions) => Promise<AuthResponse | MFAChallenge>;
+    signInWithOAuth: (options: SignInWithOAuthOptions) => Promise<void>;
+    signInWithMagicLink: (options: SignInWithMagicLinkOptions) => Promise<{
+        ok: boolean;
+    }>;
+    signOut: () => Promise<void>;
+    refreshSession: () => Promise<Session | null>;
+    client: VaifAuthClient;
+};
+/**
+ * Get the current user
+ */
+declare function useUser(): User | null;
+/**
+ * Get the current session
+ */
+declare function useSession(): Session | null;
+/**
+ * Check if user is authenticated
+ */
+declare function useIsAuthenticated(): boolean;
+/**
+ * Password management hook
+ */
+declare function usePassword(): {
+    resetPassword: (email: string, redirectTo?: string) => Promise<{
+        ok: boolean;
+    }>;
+    updatePassword: (currentPassword: string, newPassword: string) => Promise<{
+        ok: boolean;
+    }>;
+    isLoading: boolean;
+    error: Error | null;
+};
+/**
+ * MFA management hook
+ */
+declare function useMFA(): {
+    factors: MFAFactor[];
+    isLoading: boolean;
+    error: Error | null;
+    enrollTOTP: (friendlyName?: string) => Promise<MFASetupResponse>;
+    verifyMFA: (factorId: string, code: string) => Promise<{
+        ok: boolean;
+        backupCodes?: string[];
+    }>;
+    unenroll: (factorId: string, code: string) => Promise<{
+        ok: boolean;
+    }>;
+    refresh: () => Promise<void>;
+};
+/**
+ * OAuth identities management hook
+ */
+declare function useIdentities(): {
+    identities: OAuthIdentity[];
+    isLoading: boolean;
+    error: Error | null;
+    linkIdentity: (provider: OAuthProviderType, redirectTo?: string) => Promise<OAuthResponse>;
+    unlinkIdentity: (provider: OAuthProviderType) => Promise<{
+        ok: boolean;
+    }>;
+    refresh: () => Promise<void>;
+};
+/**
+ * Sessions management hook
+ */
+declare function useSessions(): {
+    sessions: SessionInfo[];
+    isLoading: boolean;
+    error: Error | null;
+    revokeSession: (sessionId: string) => Promise<{
+        ok: boolean;
+    }>;
+    revokeOtherSessions: () => Promise<{
+        ok: boolean;
+    }>;
+    refresh: () => Promise<void>;
+};
+
+export { AuthClientConfig, AuthProvider, type AuthProviderProps, AuthResponse, MFAChallenge, MFAFactor, Session, User, VaifAuthClient, useAuth, useAuthClient, useIdentities, useIsAuthenticated, useMFA, usePassword, useSession, useSessions, useUser };

package/dist/react.d.ts

@@ -0,0 +1,158 @@
+import { E as AuthClientConfig, V as VaifAuthClient, a as Session, U as User, f as SignUpOptions, e as AuthResponse, M as MFAChallenge, g as SignInWithPasswordOptions, h as SignInWithOAuthOptions, i as SignInWithMagicLinkOptions, t as MFAFactor, u as MFASetupResponse, r as OAuthIdentity, O as OAuthProviderType, q as OAuthResponse, d as SessionInfo } from './client-28ISGmu6.js';
+export { z as AuthChangeEvent, y as AuthEventType, D as AuthSubscription, c as createAuthClient } from './client-28ISGmu6.js';
+import * as react_jsx_runtime from 'react/jsx-runtime';
+import { ReactNode } from 'react';
+
+interface AuthProviderProps {
+    children: ReactNode;
+    /**
+     * Auth client configuration
+     */
+    config?: AuthClientConfig;
+    /**
+     * Pre-configured auth client instance
+     */
+    client?: VaifAuthClient;
+    /**
+     * Initial session (for SSR)
+     */
+    initialSession?: Session | null;
+}
+/**
+ * Auth provider component
+ *
+ * @example
+ * ```tsx
+ * import { AuthProvider } from '@vaiftech/auth/react';
+ *
+ * function App() {
+ *   return (
+ *     <AuthProvider config={{ url: 'https://api.vaif.studio', apiKey: 'your-key' }}>
+ *       <YourApp />
+ *     </AuthProvider>
+ *   );
+ * }
+ * ```
+ */
+declare function AuthProvider({ children, config, client: providedClient, initialSession, }: AuthProviderProps): react_jsx_runtime.JSX.Element;
+/**
+ * Get the auth client instance
+ */
+declare function useAuthClient(): VaifAuthClient;
+/**
+ * Main auth hook with all auth state and methods
+ *
+ * @example
+ * ```tsx
+ * function LoginPage() {
+ *   const {
+ *     user,
+ *     isLoading,
+ *     isAuthenticated,
+ *     signInWithPassword,
+ *     signInWithOAuth,
+ *     signOut,
+ *   } = useAuth();
+ *
+ *   if (isLoading) return <Loading />;
+ *   if (isAuthenticated) return <Redirect to="/dashboard" />;
+ *
+ *   return (
+ *     <form onSubmit={(e) => {
+ *       e.preventDefault();
+ *       signInWithPassword({ email, password });
+ *     }}>
+ *       ...
+ *     </form>
+ *   );
+ * }
+ * ```
+ */
+declare function useAuth(): {
+    session: Session | null;
+    user: User | null;
+    isLoading: boolean;
+    isAuthenticated: boolean;
+    error: Error | null;
+    signUp: (options: SignUpOptions) => Promise<AuthResponse | MFAChallenge>;
+    signInWithPassword: (options: SignInWithPasswordOptions) => Promise<AuthResponse | MFAChallenge>;
+    signInWithOAuth: (options: SignInWithOAuthOptions) => Promise<void>;
+    signInWithMagicLink: (options: SignInWithMagicLinkOptions) => Promise<{
+        ok: boolean;
+    }>;
+    signOut: () => Promise<void>;
+    refreshSession: () => Promise<Session | null>;
+    client: VaifAuthClient;
+};
+/**
+ * Get the current user
+ */
+declare function useUser(): User | null;
+/**
+ * Get the current session
+ */
+declare function useSession(): Session | null;
+/**
+ * Check if user is authenticated
+ */
+declare function useIsAuthenticated(): boolean;
+/**
+ * Password management hook
+ */
+declare function usePassword(): {
+    resetPassword: (email: string, redirectTo?: string) => Promise<{
+        ok: boolean;
+    }>;
+    updatePassword: (currentPassword: string, newPassword: string) => Promise<{
+        ok: boolean;
+    }>;
+    isLoading: boolean;
+    error: Error | null;
+};
+/**
+ * MFA management hook
+ */
+declare function useMFA(): {
+    factors: MFAFactor[];
+    isLoading: boolean;
+    error: Error | null;
+    enrollTOTP: (friendlyName?: string) => Promise<MFASetupResponse>;
+    verifyMFA: (factorId: string, code: string) => Promise<{
+        ok: boolean;
+        backupCodes?: string[];
+    }>;
+    unenroll: (factorId: string, code: string) => Promise<{
+        ok: boolean;
+    }>;
+    refresh: () => Promise<void>;
+};
+/**
+ * OAuth identities management hook
+ */
+declare function useIdentities(): {
+    identities: OAuthIdentity[];
+    isLoading: boolean;
+    error: Error | null;
+    linkIdentity: (provider: OAuthProviderType, redirectTo?: string) => Promise<OAuthResponse>;
+    unlinkIdentity: (provider: OAuthProviderType) => Promise<{
+        ok: boolean;
+    }>;
+    refresh: () => Promise<void>;
+};
+/**
+ * Sessions management hook
+ */
+declare function useSessions(): {
+    sessions: SessionInfo[];
+    isLoading: boolean;
+    error: Error | null;
+    revokeSession: (sessionId: string) => Promise<{
+        ok: boolean;
+    }>;
+    revokeOtherSessions: () => Promise<{
+        ok: boolean;
+    }>;
+    refresh: () => Promise<void>;
+};
+
+export { AuthClientConfig, AuthProvider, type AuthProviderProps, AuthResponse, MFAChallenge, MFAFactor, Session, User, VaifAuthClient, useAuth, useAuthClient, useIdentities, useIsAuthenticated, useMFA, usePassword, useSession, useSessions, useUser };

package/dist/react.js

@@ -0,0 +1 @@
+'use strict';var react=require('react'),jsxRuntime=require('react/jsx-runtime');function I(s){return "mfaRequired"in s&&s.mfaRequired===true}var m=class s extends Error{constructor(e,t,r,n){super(e),this.name="AuthError",this.code=t,this.status=r,this.details=n;}static isAuthError(e){return e instanceof s}};function f(){return typeof window<"u"&&typeof window.document<"u"}function C(){if(!f())return  false;try{let s="__vaif_test__";return window.localStorage.setItem(s,s),window.localStorage.removeItem(s),!0}catch{return  false}}var w=class{constructor(){this.storage=new Map;}getItem(e){return this.storage.get(e)??null}setItem(e,t){this.storage.set(e,t);}removeItem(e){this.storage.delete(e);}clear(){this.storage.clear();}},_=class{getItem(e){if(!f())return null;try{return window.localStorage.getItem(e)}catch{return null}}setItem(e,t){if(f())try{window.localStorage.setItem(e,t);}catch{}}removeItem(e){if(f())try{window.localStorage.removeItem(e);}catch{}}};function R(){return C()?new _:new w}var v=class{constructor(e,t="vaif.auth."){this.adapter=e,this.keyPrefix=t;}key(e){return `${this.keyPrefix}${e}`}async getSession(){try{let e=await this.adapter.getItem(this.key("session"));if(!e)return null;let t=JSON.parse(e);return t.expiresAt&&t.expiresAt<Date.now()?(await this.removeSession(),null):t}catch{return null}}async setSession(e){try{await this.adapter.setItem(this.key("session"),JSON.stringify(e));}catch{}}async removeSession(){try{await this.adapter.removeItem(this.key("session"));}catch{}}async getRefreshToken(){try{return await this.adapter.getItem(this.key("refresh_token"))}catch{return null}}async setRefreshToken(e){try{await this.adapter.setItem(this.key("refresh_token"),e);}catch{}}async removeRefreshToken(){try{await this.adapter.removeItem(this.key("refresh_token"));}catch{}}async clear(){await this.removeSession(),await this.removeRefreshToken();}},b=new w;C()?new _:b;var U={storageKey:"vaif.auth.",autoRefreshToken:true,persistSession:true,detectSessionInUrl:true,flowType:"implicit",debug:false},F=60*1e3,P=class{constructor(e){this.refreshTimer=null;this.listeners=new Set;this.initialized=false;this.initPromise=null;this.currentSession=null;this.config={...U,...e,headers:e.headers||{},storage:e.storage||R()},this.storage=new v(this.config.storage,this.config.storageKey);}async initialize(){return this.initPromise?this.initPromise.then(()=>this.currentSession):(this.initPromise=this._initialize(),await this.initPromise,this.currentSession)}async _initialize(){if(!this.initialized){if(this.config.detectSessionInUrl&&f()){let e=await this._handleUrlSession();if(e){this.currentSession=e,await this._persistSession(e),this._notifyListeners("SIGNED_IN",e),this._setupAutoRefresh(e),this.initialized=true;return}}if(this.config.persistSession){let e=await this.storage.getSession();e&&(this.currentSession=e,this._notifyListeners("INITIAL_SESSION",e),this._setupAutoRefresh(e));}this.initialized=true;}}async getSession(){return await this.initialize(),this.currentSession}async getUser(){return (await this.getSession())?.user??null}async setSession(e,t){let r=await this._fetchUser(e),n={accessToken:e,refreshToken:t,expiresAt:Date.now()+3600*1e3,expiresIn:3600,tokenType:"bearer",user:r};return this.currentSession=n,await this._persistSession(n),this._notifyListeners("SIGNED_IN",n),this._setupAutoRefresh(n),{session:n,user:r}}async refreshSession(){let e=await this.getSession();if(!e?.refreshToken)return null;try{let t=await this._refreshToken(e.refreshToken),r={...e,accessToken:t.accessToken,refreshToken:t.refreshToken||e.refreshToken,expiresAt:t.expiresAt,expiresIn:t.expiresIn};return this.currentSession=r,await this._persistSession(r),this._notifyListeners("TOKEN_REFRESHED",r),this._setupAutoRefresh(r),r}catch(t){return this._log("Failed to refresh session:",t),await this.signOut(),null}}async signUp(e){let t=await this._fetch("/auth/signup",{method:"POST",body:JSON.stringify({email:e.email,password:e.password,name:e.name,phone:e.phone,metadata:e.metadata,redirectUrl:e.redirectUrl||e.emailRedirectTo})});return I(t)||(this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("SIGNED_IN",t.session),this._setupAutoRefresh(t.session)),t}async signInWithPassword(e){let t=await this._fetch("/auth/login",{method:"POST",body:JSON.stringify({email:e.email,password:e.password,mfaCode:e.mfaCode,rememberMe:e.rememberMe})});return I(t)||(this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("SIGNED_IN",t.session),this._setupAutoRefresh(t.session)),t}async signInWithOAuth(e){let t=await this._fetch("/auth/oauth/authorize",{method:"POST",body:JSON.stringify({provider:e.provider,redirectUrl:e.redirectTo,scopes:e.scopes,queryParams:e.queryParams,flowType:this.config.flowType})});return f()&&(window.location.href=t.url),t}async signInWithMagicLink(e){return this._fetch("/auth/magic-link/send",{method:"POST",body:JSON.stringify({email:e.email,redirectUrl:e.redirectTo,shouldCreateUser:e.shouldCreateUser})})}async signInWithOTP(e){let t=e.phone?"/auth/phone/send":"/auth/otp/send";return this._fetch(t,{method:"POST",body:JSON.stringify({email:e.email,phone:e.phone,channel:e.channel,shouldCreateUser:e.shouldCreateUser})})}async verifyOTP(e){let t=await this._fetch("/auth/otp/verify",{method:"POST",body:JSON.stringify({email:e.email,phone:e.phone,token:e.token,type:e.type})});return this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("SIGNED_IN",t.session),this._setupAutoRefresh(t.session),t}async signInAnonymously(e){let t=await this._fetch("/auth/anonymous",{method:"POST",body:JSON.stringify({metadata:e?.metadata})});return this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("SIGNED_IN",t.session),this._setupAutoRefresh(t.session),t}async signOut(){try{this.currentSession&&await this._fetch("/auth/logout",{method:"POST"});}catch{}this._clearRefreshTimer(),this.currentSession=null,await this.storage.clear(),this._notifyListeners("SIGNED_OUT",null);}async signOutAll(){try{await this._fetch("/auth/logout-all",{method:"POST"});}catch{}this._clearRefreshTimer(),this.currentSession=null,await this.storage.clear(),this._notifyListeners("SIGNED_OUT",null);}async resetPasswordForEmail(e){return this._fetch("/auth/forgot-password",{method:"POST",body:JSON.stringify({email:e.email,redirectUrl:e.redirectTo})})}async updatePassword(e){return this._fetch("/users/me/change-password",{method:"POST",body:JSON.stringify({currentPassword:e.currentPassword,newPassword:e.newPassword})})}async setPassword(e){let t=await this._fetch("/auth/reset-password",{method:"POST",body:JSON.stringify({token:e.token,password:e.password})});return this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("PASSWORD_RECOVERY",t.session),this._setupAutoRefresh(t.session),t}async updateUser(e){let t=await this._fetch("/users/me",{method:"PATCH",body:JSON.stringify(e)});return this.currentSession&&(this.currentSession={...this.currentSession,user:t.user},await this._persistSession(this.currentSession),this._notifyListeners("USER_UPDATED",this.currentSession)),t.user}async getUserIdentities(){return (await this._fetch("/auth/oauth/providers")).identities}async linkIdentity(e,t){let r=await this._fetch("/auth/oauth/link",{method:"POST",body:JSON.stringify({provider:e,redirectUrl:t?.redirectTo})});return f()&&(window.location.href=r.url),r}async unlinkIdentity(e){return this._fetch(`/auth/oauth/unlink/${e}`,{method:"POST"})}async listMFAFactors(){return (await this._fetch("/auth/mfa/factors")).factors}async enrollMFA(e){return this._fetch("/auth/mfa/setup",{method:"POST",body:JSON.stringify({method:e.type,friendlyName:e.friendlyName})})}async verifyMFA(e){return this._fetch("/auth/mfa/enable",{method:"POST",body:JSON.stringify({factorId:e.factorId,code:e.code})})}async challengeMFA(e){return this._fetch("/auth/mfa/challenge",{method:"POST",body:JSON.stringify({factorId:e.factorId})})}async verifyMFAChallenge(e,t){let r=await this._fetch("/auth/mfa/verify",{method:"POST",body:JSON.stringify({mfaToken:e,code:t})});return this.currentSession=r.session,await this._persistSession(r.session),this._notifyListeners("MFA_CHALLENGE_VERIFIED",r.session),this._setupAutoRefresh(r.session),r}async unenrollMFA(e,t){return this._fetch("/auth/mfa/disable",{method:"POST",body:JSON.stringify({factorId:e,code:t})})}async regenerateBackupCodes(){return this._fetch("/auth/mfa/backup-codes",{method:"POST"})}async listSessions(){return (await this._fetch("/auth/sessions")).sessions}async revokeSession(e){return this._fetch(`/auth/sessions/${e}`,{method:"DELETE"})}async revokeOtherSessions(){return this._fetch("/auth/sessions/revoke-others",{method:"POST"})}async resendEmailVerification(e){return this._fetch("/auth/verify-email/send",{method:"POST",body:JSON.stringify({redirectUrl:e?.redirectTo})})}async verifyEmail(e){let t=await this._fetch("/auth/verify-email/confirm",{method:"POST",body:JSON.stringify({token:e})});return this.currentSession&&(this.currentSession=t.session,await this._persistSession(t.session),this._notifyListeners("USER_UPDATED",t.session)),t}onAuthStateChange(e){return this.listeners.add(e),this.initialized&&e({event:this.currentSession?"INITIAL_SESSION":"SIGNED_OUT",session:this.currentSession}),{unsubscribe:()=>{this.listeners.delete(e);}}}async _fetch(e,t={}){let r=`${this.config.url}${e}`,n={"Content-Type":"application/json",...this.config.headers};this.config.apiKey&&(n["x-vaif-key"]=this.config.apiKey),this.currentSession?.accessToken&&(n.Authorization=`Bearer ${this.currentSession.accessToken}`);let o=await fetch(r,{...t,headers:n});if(!o.ok){let h=await o.json().catch(()=>({}));throw new m(h.message||"Request failed",this._mapErrorCode(o.status,h.code),o.status,h)}return o.json()}async _fetchUser(e){let t=await fetch(`${this.config.url}/auth/me`,{headers:{Authorization:`Bearer ${e}`,...this.config.headers}});if(!t.ok)throw new m("Failed to fetch user","invalid_token",t.status);return (await t.json()).user}async _refreshToken(e){let t=await fetch(`${this.config.url}/auth/refresh`,{method:"POST",headers:{"Content-Type":"application/json",...this.config.headers},body:JSON.stringify({refreshToken:e})});if(!t.ok)throw new m("Failed to refresh token","token_expired",t.status);return t.json()}async _handleUrlSession(){if(!f())return null;let e=new URLSearchParams(window.location.hash.substring(1)),t=new URLSearchParams(window.location.search),r=e.get("access_token")||t.get("access_token"),n=e.get("refresh_token")||t.get("refresh_token"),o=e.get("expires_in")||t.get("expires_in");if(!r)return null;try{let h=await this._fetchUser(r),i={accessToken:r,refreshToken:n||void 0,expiresAt:Date.now()+(o?parseInt(o,10)*1e3:36e5),expiresIn:o?parseInt(o,10):3600,tokenType:"bearer",user:h};return window.history.replaceState(null,"",window.location.pathname),i}catch(h){return this._log("Failed to handle URL session:",h),null}}async _persistSession(e){this.config.persistSession&&(await this.storage.setSession(e),e.refreshToken&&await this.storage.setRefreshToken(e.refreshToken));}_setupAutoRefresh(e){if(!this.config.autoRefreshToken||!e.refreshToken)return;this._clearRefreshTimer();let t=e.expiresAt,r=Date.now(),n=Math.max(0,t-r-F);this._log(`Setting up auto refresh in ${Math.round(n/1e3)}s`),this.refreshTimer=setTimeout(()=>{this.refreshSession();},n);}_clearRefreshTimer(){this.refreshTimer&&(clearTimeout(this.refreshTimer),this.refreshTimer=null);}_notifyListeners(e,t){let r={event:e,session:t};this.listeners.forEach(n=>{try{n(r);}catch(o){this._log("Error in auth state change listener:",o);}});}_mapErrorCode(e,t){if(t){let r={invalid_credentials:"invalid_credentials",user_not_found:"user_not_found",user_already_exists:"user_already_exists",email_not_verified:"email_not_verified",phone_not_verified:"phone_not_verified",invalid_token:"invalid_token",token_expired:"token_expired",mfa_required:"mfa_required",mfa_invalid:"mfa_invalid",rate_limited:"rate_limited",weak_password:"weak_password",invalid_email:"invalid_email",invalid_phone:"invalid_phone"};if(r[t])return r[t]}switch(e){case 401:return "invalid_credentials";case 403:return "token_expired";case 404:return "user_not_found";case 409:return "user_already_exists";case 429:return "rate_limited";default:return "unknown_error"}}_log(...e){this.config.debug&&console.log("[VaifAuth]",...e);}};function x(s){return new P(s)}var E=react.createContext(null);function B({children:s,config:e,client:t,initialSession:r=null}){let[n]=react.useState(()=>{if(t)return t;if(!e)throw new Error("AuthProvider requires either config or client prop");return x(e)}),[o,h]=react.useState(r),[i,g]=react.useState(!r),[c,a]=react.useState(null);react.useEffect(()=>{let d=true;n.initialize().then(S=>{d&&(h(S),g(false));}).catch(S=>{d&&(a(S),g(false));});let{unsubscribe:y}=n.onAuthStateChange(S=>{d&&(h(S.session),a(null));});return ()=>{d=false,y();}},[n]);let u=react.useMemo(()=>({client:n,session:o,user:o?.user??null,isLoading:i,isAuthenticated:!!o,error:c}),[n,o,i,c]);return jsxRuntime.jsx(E.Provider,{value:u,children:s})}function A(){let s=react.useContext(E);if(!s)throw new Error("useAuth must be used within an AuthProvider");return s}function O(){let{client:s}=A();return s}function Y(){let{client:s,session:e,user:t,isLoading:r,isAuthenticated:n,error:o}=A(),h=react.useCallback(async d=>s.signUp(d),[s]),i=react.useCallback(async d=>s.signInWithPassword(d),[s]),g=react.useCallback(async d=>{await s.signInWithOAuth(d);},[s]),c=react.useCallback(async d=>s.signInWithMagicLink(d),[s]),a=react.useCallback(async()=>s.signOut(),[s]),u=react.useCallback(async()=>s.refreshSession(),[s]);return {session:e,user:t,isLoading:r,isAuthenticated:n,error:o,signUp:h,signInWithPassword:i,signInWithOAuth:g,signInWithMagicLink:c,signOut:a,refreshSession:u,client:s}}function Q(){let{user:s}=A();return s}function X(){let{session:s}=A();return s}function Z(){let{isAuthenticated:s}=A();return s}function ee(){let s=O(),[e,t]=react.useState(false),[r,n]=react.useState(null),o=react.useCallback(async(i,g)=>{t(true),n(null);try{return await s.resetPasswordForEmail({email:i,redirectTo:g})}catch(c){throw n(c),c}finally{t(false);}},[s]),h=react.useCallback(async(i,g)=>{t(true),n(null);try{return await s.updatePassword({currentPassword:i,newPassword:g})}catch(c){throw n(c),c}finally{t(false);}},[s]);return {resetPassword:o,updatePassword:h,isLoading:e,error:r}}function te(){let s=O(),[e,t]=react.useState([]),[r,n]=react.useState(false),[o,h]=react.useState(null),i=react.useCallback(async()=>{n(true);try{let u=await s.listMFAFactors();t(u);}catch(u){h(u);}finally{n(false);}},[s]),g=react.useCallback(async u=>s.enrollMFA({type:"totp",friendlyName:u}),[s]),c=react.useCallback(async(u,d)=>{let y=await s.verifyMFA({factorId:u,code:d});return await i(),y},[s,i]),a=react.useCallback(async(u,d)=>{let y=await s.unenrollMFA(u,d);return await i(),y},[s,i]);return react.useEffect(()=>{i();},[i]),{factors:e,isLoading:r,error:o,enrollTOTP:g,verifyMFA:c,unenroll:a,refresh:i}}function se(){let s=O(),[e,t]=react.useState([]),[r,n]=react.useState(true),[o,h]=react.useState(null),i=react.useCallback(async()=>{n(true);try{let a=await s.getUserIdentities();t(a);}catch(a){h(a);}finally{n(false);}},[s]),g=react.useCallback(async(a,u)=>s.linkIdentity(a,{redirectTo:u}),[s]),c=react.useCallback(async a=>{let u=await s.unlinkIdentity(a);return await i(),u},[s,i]);return react.useEffect(()=>{i();},[i]),{identities:e,isLoading:r,error:o,linkIdentity:g,unlinkIdentity:c,refresh:i}}function re(){let s=O(),[e,t]=react.useState([]),[r,n]=react.useState(true),[o,h]=react.useState(null),i=react.useCallback(async()=>{n(true);try{let a=await s.listSessions();t(a);}catch(a){h(a);}finally{n(false);}},[s]),g=react.useCallback(async a=>{let u=await s.revokeSession(a);return await i(),u},[s,i]),c=react.useCallback(async()=>{let a=await s.revokeOtherSessions();return await i(),a},[s,i]);return react.useEffect(()=>{i();},[i]),{sessions:e,isLoading:r,error:o,revokeSession:g,revokeOtherSessions:c,refresh:i}}exports.AuthProvider=B;exports.VaifAuthClient=P;exports.createAuthClient=x;exports.useAuth=Y;exports.useAuthClient=O;exports.useIdentities=se;exports.useIsAuthenticated=Z;exports.useMFA=te;exports.usePassword=ee;exports.useSession=X;exports.useSessions=re;exports.useUser=Q;

package/dist/react.mjs

@@ -0,0 +1 @@
+import {m}from'./chunk-JF55RF72.mjs';export{l as VaifAuthClient,m as createAuthClient}from'./chunk-JF55RF72.mjs';import {createContext,useState,useEffect,useMemo,useCallback,useContext}from'react';import {jsx}from'react/jsx-runtime';var P=createContext(null);function k({children:t,config:A,client:a,initialSession:f=null}){let[s]=useState(()=>{if(a)return a;if(!A)throw new Error("AuthProvider requires either config or client prop");return m(A)}),[c,d]=useState(f),[e,h]=useState(!f),[o,n]=useState(null);useEffect(()=>{let u=true;s.initialize().then(p=>{u&&(d(p),h(false));}).catch(p=>{u&&(n(p),h(false));});let{unsubscribe:g}=s.onAuthStateChange(p=>{u&&(d(p.session),n(null));});return ()=>{u=false,g();}},[s]);let r=useMemo(()=>({client:s,session:c,user:c?.user??null,isLoading:e,isAuthenticated:!!c,error:o}),[s,c,e,o]);return jsx(P.Provider,{value:r,children:t})}function y(){let t=useContext(P);if(!t)throw new Error("useAuth must be used within an AuthProvider");return t}function S(){let{client:t}=y();return t}function L(){let{client:t,session:A,user:a,isLoading:f,isAuthenticated:s,error:c}=y(),d=useCallback(async u=>t.signUp(u),[t]),e=useCallback(async u=>t.signInWithPassword(u),[t]),h=useCallback(async u=>{await t.signInWithOAuth(u);},[t]),o=useCallback(async u=>t.signInWithMagicLink(u),[t]),n=useCallback(async()=>t.signOut(),[t]),r=useCallback(async()=>t.refreshSession(),[t]);return {session:A,user:a,isLoading:f,isAuthenticated:s,error:c,signUp:d,signInWithPassword:e,signInWithOAuth:h,signInWithMagicLink:o,signOut:n,refreshSession:r,client:t}}function b(){let{user:t}=y();return t}function W(){let{session:t}=y();return t}function U(){let{isAuthenticated:t}=y();return t}function T(){let t=S(),[A,a]=useState(false),[f,s]=useState(null),c=useCallback(async(e,h)=>{a(true),s(null);try{return await t.resetPasswordForEmail({email:e,redirectTo:h})}catch(o){throw s(o),o}finally{a(false);}},[t]),d=useCallback(async(e,h)=>{a(true),s(null);try{return await t.updatePassword({currentPassword:e,newPassword:h})}catch(o){throw s(o),o}finally{a(false);}},[t]);return {resetPassword:c,updatePassword:d,isLoading:A,error:f}}function R(){let t=S(),[A,a]=useState([]),[f,s]=useState(false),[c,d]=useState(null),e=useCallback(async()=>{s(true);try{let r=await t.listMFAFactors();a(r);}catch(r){d(r);}finally{s(false);}},[t]),h=useCallback(async r=>t.enrollMFA({type:"totp",friendlyName:r}),[t]),o=useCallback(async(r,u)=>{let g=await t.verifyMFA({factorId:r,code:u});return await e(),g},[t,e]),n=useCallback(async(r,u)=>{let g=await t.unenrollMFA(r,u);return await e(),g},[t,e]);return useEffect(()=>{e();},[e]),{factors:A,isLoading:f,error:c,enrollTOTP:h,verifyMFA:o,unenroll:n,refresh:e}}function V(){let t=S(),[A,a]=useState([]),[f,s]=useState(true),[c,d]=useState(null),e=useCallback(async()=>{s(true);try{let n=await t.getUserIdentities();a(n);}catch(n){d(n);}finally{s(false);}},[t]),h=useCallback(async(n,r)=>t.linkIdentity(n,{redirectTo:r}),[t]),o=useCallback(async n=>{let r=await t.unlinkIdentity(n);return await e(),r},[t,e]);return useEffect(()=>{e();},[e]),{identities:A,isLoading:f,error:c,linkIdentity:h,unlinkIdentity:o,refresh:e}}function N(){let t=S(),[A,a]=useState([]),[f,s]=useState(true),[c,d]=useState(null),e=useCallback(async()=>{s(true);try{let n=await t.listSessions();a(n);}catch(n){d(n);}finally{s(false);}},[t]),h=useCallback(async n=>{let r=await t.revokeSession(n);return await e(),r},[t,e]),o=useCallback(async()=>{let n=await t.revokeOtherSessions();return await e(),n},[t,e]);return useEffect(()=>{e();},[e]),{sessions:A,isLoading:f,error:c,revokeSession:h,revokeOtherSessions:o,refresh:e}}export{k as AuthProvider,L as useAuth,S as useAuthClient,V as useIdentities,U as useIsAuthenticated,R as useMFA,T as usePassword,W as useSession,N as useSessions,b as useUser};

package/package.json

@@ -0,0 +1,71 @@
+{
+  "name": "@vaiftech/auth",
+  "version": "1.0.0",
+  "description": "Comprehensive authentication SDK for VAIF - Session management, OAuth, MFA, and more",
+  "main": "dist/index.js",
+  "module": "dist/index.mjs",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
+    },
+    "./react": {
+      "types": "./dist/react.d.ts",
+      "import": "./dist/react.mjs",
+      "require": "./dist/react.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "lint": "tsc --noEmit",
+    "typecheck": "tsc --noEmit"
+  },
+  "devDependencies": {
+    "@types/node": "^22.14.0",
+    "@types/react": "^18.2.0",
+    "react": "^18.2.0",
+    "tsup": "^8.5.1",
+    "typescript": "^5.5.4"
+  },
+  "peerDependencies": {
+    "react": ">=18.0.0"
+  },
+  "peerDependenciesMeta": {
+    "react": {
+      "optional": true
+    }
+  },
+  "engines": {
+    "node": ">=19.0.0"
+  },
+  "keywords": [
+    "vaif",
+    "auth",
+    "authentication",
+    "oauth",
+    "jwt",
+    "session",
+    "mfa",
+    "two-factor",
+    "social-login",
+    "magic-link",
+    "passwordless"
+  ],
+  "author": "VAIF Technologies",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vaifllc/vaif-studio",
+    "directory": "packages/auth"
+  },
+  "bugs": {
+    "url": "https://github.com/vaifllc/vaif-studio/issues"
+  },
+  "homepage": "https://vaif.studio"
+}