@veloxts/web 0.6.68 → 0.6.70

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/CHANGELOG.md +91 -0
  2. package/package.json +9 -9
package/CHANGELOG.md CHANGED
@@ -1,5 +1,96 @@
1
1
  # @veloxts/web
2
2
 
3
+ ## 0.6.70
4
+
5
+ ### Patch Changes
6
+
7
+ - ### feat(auth): Unified Adapter-Only Architecture
8
+
9
+ **New Features:**
10
+
11
+ - Add `JwtAdapter` implementing the `AuthAdapter` interface for unified JWT authentication
12
+ - Add `jwtAuth()` convenience function for direct adapter usage with optional built-in routes (`/api/auth/refresh`, `/api/auth/logout`)
13
+ - Add `AuthContext` discriminated union (`NativeAuthContext | AdapterAuthContext`) for type-safe auth mode handling
14
+ - Add double-registration protection to prevent conflicting auth system setups
15
+ - Add shared decoration utilities (`decorateAuth`, `setRequestAuth`, `checkDoubleRegistration`)
16
+
17
+ **Architecture Changes:**
18
+
19
+ - `authPlugin` now uses `JwtAdapter` internally - all authentication flows through the adapter pattern
20
+ - Single code path for authentication (no more dual native/adapter modes)
21
+ - `authContext.authMode` is now always `'adapter'` with `providerId='jwt'` when using `authPlugin`
22
+
23
+ **Breaking Changes:**
24
+
25
+ - Remove deprecated `LegacySessionConfig` interface (use `sessionMiddleware` instead)
26
+ - Remove deprecated `session` field from `AuthConfig`
27
+ - `User` interface no longer has index signature (extend via declaration merging)
28
+
29
+ **Type Safety Improvements:**
30
+
31
+ - `AuthContext` discriminated union enables exhaustive type narrowing based on `authMode`
32
+ - Export `NativeAuthContext` and `AdapterAuthContext` types for explicit typing
33
+
34
+ **Migration:**
35
+
36
+ - Existing `authPlugin` usage remains backward-compatible
37
+ - If checking `authContext.token`, use `authContext.session` instead (token stored in session for adapter mode)
38
+
39
+ - Updated dependencies
40
+ - @veloxts/auth@0.6.70
41
+ - @veloxts/client@0.6.70
42
+ - @veloxts/core@0.6.70
43
+ - @veloxts/router@0.6.70
44
+
45
+ ## 0.6.69
46
+
47
+ ### Patch Changes
48
+
49
+ - implement user feedback improvements across packages
50
+
51
+ ## Summary
52
+
53
+ Addresses 9 user feedback items to improve DX, reduce boilerplate, and eliminate template duplications.
54
+
55
+ ### Phase 1: Validation Helpers (`@veloxts/validation`)
56
+
57
+ - Add `prismaDecimal()`, `prismaDecimalNullable()`, `prismaDecimalOptional()` for Prisma Decimal → number conversion
58
+ - Add `dateToIso`, `dateToIsoNullable`, `dateToIsoOptional` aliases for consistency
59
+
60
+ ### Phase 2: Template Deduplication (`@veloxts/auth`)
61
+
62
+ - Export `createEnhancedTokenStore()` with token revocation and refresh token reuse detection
63
+ - Export `parseUserRoles()` and `DEFAULT_ALLOWED_ROLES`
64
+ - Fix memory leak: track pending timeouts for proper cleanup on `destroy()`
65
+ - Update templates to import from `@veloxts/auth` instead of duplicating code
66
+ - Fix jwtManager singleton pattern in templates
67
+
68
+ ### Phase 3: Router Helpers (`@veloxts/router`)
69
+
70
+ - Add `createRouter()` returning `{ collections, router }` for DRY setup
71
+ - Add `toRouter()` for router-only use cases
72
+ - Update all router templates to use `createRouter()`
73
+
74
+ ### Phase 4: Guard Type Narrowing - Experimental (`@veloxts/auth`, `@veloxts/router`)
75
+
76
+ - Add `NarrowingGuard` interface with phantom `_narrows` type
77
+ - Add `authenticatedNarrow` and `hasRoleNarrow()` guards
78
+ - Add `guardNarrow()` method to `ProcedureBuilder` for context narrowing
79
+ - Enables `ctx.user` to be non-null after guard passes
80
+
81
+ ### Phase 5: Documentation (`@veloxts/router`)
82
+
83
+ - Document `.rest()` override patterns
84
+ - Document `createRouter()` helper usage
85
+ - Document `guardNarrow()` experimental API
86
+ - Add schema browser-safety patterns for RSC apps
87
+
88
+ - Updated dependencies
89
+ - @veloxts/auth@0.6.69
90
+ - @veloxts/client@0.6.69
91
+ - @veloxts/core@0.6.69
92
+ - @veloxts/router@0.6.69
93
+
3
94
  ## 0.6.68
4
95
 
5
96
  ### Patch Changes
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@veloxts/web",
3
- "version": "0.6.68",
3
+ "version": "0.6.70",
4
4
  "description": "React Server Components integration for VeloxTS framework using Vinxi",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",
@@ -72,10 +72,10 @@
72
72
  "peerDependencies": {
73
73
  "react": ">=19.2.0",
74
74
  "react-dom": ">=19.2.0",
75
- "@veloxts/router": "0.6.68",
76
- "@veloxts/auth": "0.6.68",
77
- "@veloxts/client": "0.6.68",
78
- "@veloxts/core": "0.6.68"
75
+ "@veloxts/auth": "0.6.70",
76
+ "@veloxts/client": "0.6.70",
77
+ "@veloxts/core": "0.6.70",
78
+ "@veloxts/router": "0.6.70"
79
79
  },
80
80
  "peerDependenciesMeta": {
81
81
  "@veloxts/auth": {
@@ -98,10 +98,10 @@
98
98
  "react-server-dom-webpack": "19.2.3",
99
99
  "typescript": "5.9.3",
100
100
  "vitest": "4.0.16",
101
- "@veloxts/client": "0.6.68",
102
- "@veloxts/router": "0.6.68",
103
- "@veloxts/core": "0.6.68",
104
- "@veloxts/auth": "0.6.68"
101
+ "@veloxts/auth": "0.6.70",
102
+ "@veloxts/client": "0.6.70",
103
+ "@veloxts/core": "0.6.70",
104
+ "@veloxts/router": "0.6.70"
105
105
  },
106
106
  "keywords": [
107
107
  "velox",