@vibecodiq/cli 0.4.0 → 0.5.1

package/dist/foundation/auth_basic/slices/register/handler.ts

@@ -0,0 +1,61 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { createServerClient } from '@/shared/db/supabase-client';
+import { registerInputSchema } from './schemas';
+import type { RegisterOutput } from './schemas';
+
+// --- ASA GENERATED START ---
+// Route handler for auth/register slice.
+// Uses Supabase Auth signUp — profile created automatically via handle_new_user() trigger.
+// Security: server-side validation, no client trust.
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+export async function POST(request: NextRequest): Promise<NextResponse<RegisterOutput>> {
+  try {
+    const body = await request.json();
+    const parsed = registerInputSchema.safeParse(body);
+
+    if (!parsed.success) {
+      return NextResponse.json(
+        { success: false, error: parsed.error.errors[0]?.message ?? 'Invalid input' },
+        { status: 400 },
+      );
+    }
+
+    const { email, password, display_name } = parsed.data;
+    const supabase = createServerClient();
+
+    const { data, error } = await supabase.auth.signUp({
+      email,
+      password,
+      options: {
+        data: { display_name },
+      },
+    });
+
+    if (error) {
+      return NextResponse.json(
+        { success: false, error: error.message },
+        { status: 400 },
+      );
+    }
+
+    // Check if user already exists (Supabase returns user with identities: [] for duplicates)
+    if (data.user && data.user.identities?.length === 0) {
+      return NextResponse.json(
+        { success: false, error: 'An account with this email already exists' },
+        { status: 409 },
+      );
+    }
+
+    return NextResponse.json({ success: true, error: null }, { status: 201 });
+  } catch {
+    return NextResponse.json(
+      { success: false, error: 'Registration failed. Please try again.' },
+      { status: 500 },
+    );
+  }
+}
+
+// --- USER CODE END ---

package/dist/foundation/auth_basic/slices/register/repository.ts

@@ -0,0 +1,25 @@
+import { createServerClient } from '@/shared/db/supabase-client';
+
+// --- ASA GENERATED START ---
+// Repository for auth/register slice.
+// Profile creation is handled by handle_new_user() database trigger.
+// This repository provides profile query helpers.
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+export async function getProfileByUserId(userId: string) {
+  const supabase = createServerClient();
+  const { data, error } = await supabase
+    .from('profiles')
+    .select('*')
+    .eq('id', userId)
+    .single();
+
+  if (error) {
+    return null;
+  }
+  return data;
+}
+
+// --- USER CODE END ---

package/dist/foundation/auth_basic/slices/register/schemas.ts

@@ -0,0 +1,29 @@
+import { z } from 'zod';
+
+// --- ASA GENERATED START ---
+// Validation schemas for auth/register slice.
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+export const registerInputSchema = z.object({
+  email: z.string().email('Please enter a valid email address'),
+  password: z
+    .string()
+    .min(8, 'Password must be at least 8 characters')
+    .max(72, 'Password must be at most 72 characters'),
+  display_name: z
+    .string()
+    .min(1, 'Display name is required')
+    .max(100, 'Display name must be at most 100 characters'),
+});
+
+export const registerOutputSchema = z.object({
+  success: z.boolean(),
+  error: z.string().nullable(),
+});
+
+export type RegisterInput = z.infer<typeof registerInputSchema>;
+export type RegisterOutput = z.infer<typeof registerOutputSchema>;
+
+// --- USER CODE END ---

package/dist/foundation/auth_basic/slices/register/slice.contract.json

@@ -0,0 +1,21 @@
+{
+  "domain": "auth",
+  "slice": "register",
+  "type": "route",
+  "has_ui": true,
+  "has_repository": true,
+  "description": "User registration with email, password, and display name.",
+  "input": {
+    "email": "string",
+    "password": "string",
+    "display_name": "string"
+  },
+  "output": {
+    "success": "boolean",
+    "error": "string | null"
+  },
+  "side_effects": [
+    "Creates auth.users entry via Supabase Auth",
+    "Triggers handle_new_user() → creates profiles entry"
+  ]
+}

package/dist/foundation/auth_basic/slices/register/ui/AuthRegister.tsx

@@ -0,0 +1,118 @@
+'use client';
+
+import { useState } from 'react';
+import Link from 'next/link';
+import { useRouter } from 'next/navigation';
+import { useRegister } from './hook';
+
+// --- ASA GENERATED START ---
+// UI component for auth/register slice.
+// Uses shadcn/ui-compatible styling with Tailwind CSS.
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+export default function AuthRegister() {
+  const router = useRouter();
+  const { register, loading, error, success } = useRegister();
+  const [form, setForm] = useState({
+    email: '',
+    password: '',
+    display_name: '',
+  });
+
+  async function handleSubmit(e: React.FormEvent) {
+    e.preventDefault();
+    const result = await register(form);
+    if (result.success) {
+      router.push('/auth/login?registered=true');
+    }
+  }
+
+  return (
+    <div className="flex min-h-screen items-center justify-center bg-neutral-50 px-4">
+      <div className="w-full max-w-md rounded-xl border border-neutral-200 bg-white p-8 shadow-sm">
+        <h1 className="text-2xl font-bold text-neutral-900">Create your account</h1>
+        <p className="mt-2 text-sm text-neutral-500">
+          Already have an account?{' '}
+          <Link href="/auth/login" className="font-medium text-neutral-900 underline underline-offset-4">
+            Sign in
+          </Link>
+        </p>
+
+        <form onSubmit={handleSubmit} className="mt-8 space-y-4">
+          <div>
+            <label htmlFor="display_name" className="block text-sm font-medium text-neutral-700">
+              Full name
+            </label>
+            <input
+              id="display_name"
+              type="text"
+              required
+              autoComplete="name"
+              value={form.display_name}
+              onChange={(e) => setForm((f) => ({ ...f, display_name: e.target.value }))}
+              className="mt-1 block w-full rounded-lg border border-neutral-300 px-3 py-2 text-sm shadow-sm placeholder:text-neutral-400 focus:border-neutral-500 focus:outline-none focus:ring-1 focus:ring-neutral-500"
+              placeholder="Jane Doe"
+            />
+          </div>
+
+          <div>
+            <label htmlFor="email" className="block text-sm font-medium text-neutral-700">
+              Email
+            </label>
+            <input
+              id="email"
+              type="email"
+              required
+              autoComplete="email"
+              value={form.email}
+              onChange={(e) => setForm((f) => ({ ...f, email: e.target.value }))}
+              className="mt-1 block w-full rounded-lg border border-neutral-300 px-3 py-2 text-sm shadow-sm placeholder:text-neutral-400 focus:border-neutral-500 focus:outline-none focus:ring-1 focus:ring-neutral-500"
+              placeholder="jane@example.com"
+            />
+          </div>
+
+          <div>
+            <label htmlFor="password" className="block text-sm font-medium text-neutral-700">
+              Password
+            </label>
+            <input
+              id="password"
+              type="password"
+              required
+              autoComplete="new-password"
+              minLength={8}
+              value={form.password}
+              onChange={(e) => setForm((f) => ({ ...f, password: e.target.value }))}
+              className="mt-1 block w-full rounded-lg border border-neutral-300 px-3 py-2 text-sm shadow-sm placeholder:text-neutral-400 focus:border-neutral-500 focus:outline-none focus:ring-1 focus:ring-neutral-500"
+              placeholder="Minimum 8 characters"
+            />
+          </div>
+
+          {error && (
+            <div className="rounded-lg border border-red-200 bg-red-50 px-4 py-3 text-sm text-red-700">
+              {error}
+            </div>
+          )}
+
+          {success && (
+            <div className="rounded-lg border border-green-200 bg-green-50 px-4 py-3 text-sm text-green-700">
+              Check your email for a confirmation link.
+            </div>
+          )}
+
+          <button
+            type="submit"
+            disabled={loading}
+            className="w-full rounded-lg bg-neutral-900 px-4 py-2.5 text-sm font-medium text-white shadow-sm hover:bg-neutral-800 focus:outline-none focus:ring-2 focus:ring-neutral-500 focus:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50"
+          >
+            {loading ? 'Creating account...' : 'Create account'}
+          </button>
+        </form>
+      </div>
+    </div>
+  );
+}
+
+// --- USER CODE END ---

package/dist/foundation/auth_basic/slices/register/ui/hook.ts

@@ -0,0 +1,48 @@
+import { useState } from 'react';
+import type { RegisterInput, RegisterOutput } from '../schemas';
+
+// --- ASA GENERATED START ---
+// React hook for auth/register slice.
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+export function useRegister() {
+  const [loading, setLoading] = useState(false);
+  const [error, setError] = useState<string | null>(null);
+  const [success, setSuccess] = useState(false);
+
+  async function register(input: RegisterInput): Promise<RegisterOutput> {
+    setLoading(true);
+    setError(null);
+    setSuccess(false);
+
+    try {
+      const res = await fetch('/api/auth/register', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify(input),
+      });
+
+      const data: RegisterOutput = await res.json();
+
+      if (!data.success) {
+        setError(data.error);
+      } else {
+        setSuccess(true);
+      }
+
+      return data;
+    } catch {
+      const output: RegisterOutput = { success: false, error: 'Network error. Please try again.' };
+      setError(output.error);
+      return output;
+    } finally {
+      setLoading(false);
+    }
+  }
+
+  return { register, loading, error, success };
+}
+
+// --- USER CODE END ---

package/dist/foundation/auth_basic/slices/reset_password/handler.ts

@@ -0,0 +1,47 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { createServerClient } from '@/shared/db/supabase-client';
+import { resetPasswordInputSchema } from './schemas';
+import type { ResetPasswordOutput } from './schemas';
+
+// --- ASA GENERATED START ---
+// Route handler for auth/reset-password slice.
+// Sends password reset email via Supabase Auth.
+// Security: always returns success to prevent email enumeration.
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+export async function POST(request: NextRequest): Promise<NextResponse<ResetPasswordOutput>> {
+  try {
+    const body = await request.json();
+    const parsed = resetPasswordInputSchema.safeParse(body);
+
+    if (!parsed.success) {
+      return NextResponse.json(
+        { success: false, error: parsed.error.errors[0]?.message ?? 'Invalid input' },
+        { status: 400 },
+      );
+    }
+
+    const { email } = parsed.data;
+    const supabase = createServerClient();
+
+    const { error } = await supabase.auth.resetPasswordForEmail(email, {
+      redirectTo: `${process.env.NEXT_PUBLIC_APP_URL}/auth/update-password`,
+    });
+
+    if (error) {
+      console.error('[auth/reset-password] Supabase error:', error.message);
+    }
+
+    // Always return success to prevent email enumeration attacks
+    return NextResponse.json({ success: true, error: null });
+  } catch {
+    return NextResponse.json(
+      { success: false, error: 'Something went wrong. Please try again.' },
+      { status: 500 },
+    );
+  }
+}
+
+// --- USER CODE END ---

package/dist/foundation/auth_basic/slices/reset_password/schemas.ts

@@ -0,0 +1,21 @@
+import { z } from 'zod';
+
+// --- ASA GENERATED START ---
+// Validation schemas for auth/reset-password slice.
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+export const resetPasswordInputSchema = z.object({
+  email: z.string().email('Please enter a valid email address'),
+});
+
+export const resetPasswordOutputSchema = z.object({
+  success: z.boolean(),
+  error: z.string().nullable(),
+});
+
+export type ResetPasswordInput = z.infer<typeof resetPasswordInputSchema>;
+export type ResetPasswordOutput = z.infer<typeof resetPasswordOutputSchema>;
+
+// --- USER CODE END ---

package/dist/foundation/auth_basic/slices/reset_password/slice.contract.json

@@ -0,0 +1,18 @@
+{
+  "domain": "auth",
+  "slice": "reset-password",
+  "type": "route",
+  "has_ui": true,
+  "has_repository": true,
+  "description": "Password reset flow. Sends reset email via Supabase Auth.",
+  "input": {
+    "email": "string"
+  },
+  "output": {
+    "success": "boolean",
+    "error": "string | null"
+  },
+  "side_effects": [
+    "Sends password reset email via Supabase Auth"
+  ]
+}

package/dist/foundation/auth_basic/slices/reset_password/ui/AuthResetPassword.tsx

@@ -0,0 +1,79 @@
+'use client';
+
+import { useState } from 'react';
+import Link from 'next/link';
+import { useResetPassword } from './hook';
+
+// --- ASA GENERATED START ---
+// UI component for auth/reset-password slice.
+// Uses shadcn/ui-compatible styling with Tailwind CSS.
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+export default function AuthResetPassword() {
+  const { resetPassword, loading, error, success } = useResetPassword();
+  const [email, setEmail] = useState('');
+
+  async function handleSubmit(e: React.FormEvent) {
+    e.preventDefault();
+    await resetPassword({ email });
+  }
+
+  return (
+    <div className="flex min-h-screen items-center justify-center bg-neutral-50 px-4">
+      <div className="w-full max-w-md rounded-xl border border-neutral-200 bg-white p-8 shadow-sm">
+        <h1 className="text-2xl font-bold text-neutral-900">Reset your password</h1>
+        <p className="mt-2 text-sm text-neutral-500">
+          Enter your email and we&apos;ll send you a reset link.
+        </p>
+
+        <form onSubmit={handleSubmit} className="mt-8 space-y-4">
+          <div>
+            <label htmlFor="email" className="block text-sm font-medium text-neutral-700">
+              Email
+            </label>
+            <input
+              id="email"
+              type="email"
+              required
+              autoComplete="email"
+              value={email}
+              onChange={(e) => setEmail(e.target.value)}
+              className="mt-1 block w-full rounded-lg border border-neutral-300 px-3 py-2 text-sm shadow-sm placeholder:text-neutral-400 focus:border-neutral-500 focus:outline-none focus:ring-1 focus:ring-neutral-500"
+              placeholder="jane@example.com"
+            />
+          </div>
+
+          {error && (
+            <div className="rounded-lg border border-red-200 bg-red-50 px-4 py-3 text-sm text-red-700">
+              {error}
+            </div>
+          )}
+
+          {success && (
+            <div className="rounded-lg border border-green-200 bg-green-50 px-4 py-3 text-sm text-green-700">
+              If an account with that email exists, you&apos;ll receive a reset link shortly.
+            </div>
+          )}
+
+          <button
+            type="submit"
+            disabled={loading || success}
+            className="w-full rounded-lg bg-neutral-900 px-4 py-2.5 text-sm font-medium text-white shadow-sm hover:bg-neutral-800 focus:outline-none focus:ring-2 focus:ring-neutral-500 focus:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50"
+          >
+            {loading ? 'Sending...' : 'Send reset link'}
+          </button>
+        </form>
+
+        <p className="mt-6 text-center text-sm text-neutral-500">
+          <Link href="/auth/login" className="font-medium text-neutral-900 underline underline-offset-4">
+            Back to sign in
+          </Link>
+        </p>
+      </div>
+    </div>
+  );
+}
+
+// --- USER CODE END ---

package/dist/foundation/auth_basic/slices/reset_password/ui/hook.ts

@@ -0,0 +1,48 @@
+import { useState } from 'react';
+import type { ResetPasswordInput, ResetPasswordOutput } from '../schemas';
+
+// --- ASA GENERATED START ---
+// React hook for auth/reset-password slice.
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+export function useResetPassword() {
+  const [loading, setLoading] = useState(false);
+  const [error, setError] = useState<string | null>(null);
+  const [success, setSuccess] = useState(false);
+
+  async function resetPassword(input: ResetPasswordInput): Promise<ResetPasswordOutput> {
+    setLoading(true);
+    setError(null);
+    setSuccess(false);
+
+    try {
+      const res = await fetch('/api/auth/reset-password', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify(input),
+      });
+
+      const data: ResetPasswordOutput = await res.json();
+
+      if (!data.success) {
+        setError(data.error);
+      } else {
+        setSuccess(true);
+      }
+
+      return data;
+    } catch {
+      const output: ResetPasswordOutput = { success: false, error: 'Network error. Please try again.' };
+      setError(output.error);
+      return output;
+    } finally {
+      setLoading(false);
+    }
+  }
+
+  return { resetPassword, loading, error, success };
+}
+
+// --- USER CODE END ---

package/dist/foundation/db_basic/manifest.json

@@ -0,0 +1,33 @@
+{
+  "name": "db-basic",
+  "version": "1.0.0",
+  "description": "Basic database layer for SaaS apps — Supabase client, types, utils, migrations",
+  "min_cli_version": "2.0.0",
+  "stack": "asa-native-v1",
+  "internal": true,
+  "dependencies": [],
+  "package_dependencies": {
+    "@supabase/supabase-js": "^2.45.0",
+    "@supabase/ssr": "^0.5.0"
+  },
+  "package_dev_dependencies": {},
+  "slices": [],
+  "shared": [
+    { "src": "shared/supabase-client.ts", "dest": "shared/db/supabase-client.ts", "overwrite": false },
+    { "src": "shared/types.ts", "dest": "shared/db/types.ts", "overwrite": false },
+    { "src": "shared/utils.ts", "dest": "shared/db/utils.ts", "overwrite": false },
+    { "src": "shared/seed.ts", "dest": "shared/db/seed.ts", "overwrite": false }
+  ],
+  "migrations": [],
+  "env_vars": [
+    "NEXT_PUBLIC_SUPABASE_URL",
+    "NEXT_PUBLIC_SUPABASE_ANON_KEY",
+    "SUPABASE_SERVICE_ROLE_KEY",
+    "DATABASE_URL"
+  ],
+  "post_install_notes": [
+    "Create a Supabase project at https://supabase.com",
+    "Copy your project URL and keys to .env.local",
+    "Run: npm install"
+  ]
+}

package/dist/foundation/db_basic/shared/seed.ts

@@ -0,0 +1,27 @@
+// --- ASA GENERATED START ---
+// Seed data template — customize for your project.
+// Run: npx tsx shared/db/seed.ts
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+import { createAdminClient } from './supabase-client';
+
+async function seed() {
+  const supabase = createAdminClient();
+
+  console.log('🌱 Seeding database...');
+
+  // TODO: Add your seed data here
+  // Example:
+  // await supabase.from('profiles').insert([
+  //   { display_name: 'Test User', role: 'user' },
+  //   { display_name: 'Admin', role: 'admin' },
+  // ]);
+
+  console.log('✅ Seed complete');
+}
+
+seed().catch(console.error);
+
+// --- USER CODE END ---

package/dist/foundation/db_basic/shared/supabase-client.ts

@@ -0,0 +1,70 @@
+import { createBrowserClient as createBrowserSupabase } from '@supabase/ssr';
+import { createServerClient as createServerSupabase } from '@supabase/ssr';
+import { createClient } from '@supabase/supabase-js';
+import type { Database } from './types';
+
+// --- ASA GENERATED START ---
+// Canonical Supabase client for entire project.
+// All modules (auth-basic, payments-basic, etc.) use this single client.
+// Do NOT create additional Supabase clients elsewhere.
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+/**
+ * Browser client — for client components and hooks.
+ * Uses ANON key only. Safe for browser.
+ */
+export function createBrowserClient() {
+  return createBrowserSupabase<Database>(
+    process.env.NEXT_PUBLIC_SUPABASE_URL!,
+    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
+  );
+}
+
+/**
+ * Server client — for route handlers, server actions, middleware.
+ * Uses ANON key + cookies for authenticated requests.
+ */
+export function createServerClient(cookieStore: any) {
+  return createServerSupabase<Database>(
+    process.env.NEXT_PUBLIC_SUPABASE_URL!,
+    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
+    {
+      cookies: {
+        getAll() {
+          return cookieStore.getAll();
+        },
+        setAll(cookiesToSet: any[]) {
+          try {
+            cookiesToSet.forEach(({ name, value, options }) =>
+              cookieStore.set(name, value, options),
+            );
+          } catch {
+            // Server Component — ignore
+          }
+        },
+      },
+    },
+  );
+}
+
+/**
+ * Admin client — for privileged operations that bypass RLS.
+ * Uses SERVICE_ROLE key. NEVER import in browser-capable files.
+ * asa lint will flag this as a security violation if used in app/ or ui/.
+ */
+export function createAdminClient() {
+  return createClient<Database>(
+    process.env.NEXT_PUBLIC_SUPABASE_URL!,
+    process.env.SUPABASE_SERVICE_ROLE_KEY!,
+    {
+      auth: {
+        autoRefreshToken: false,
+        persistSession: false,
+      },
+    },
+  );
+}
+
+// --- USER CODE END ---

package/dist/foundation/db_basic/shared/types.ts

@@ -0,0 +1,20 @@
+// --- ASA GENERATED START ---
+// Database types — regenerate with: supabase gen types typescript --local > shared/db/types.ts
+// --- ASA GENERATED END ---
+
+// --- USER CODE START ---
+
+export type Database = {
+  public: {
+    Tables: {
+      // Tables will be added by modules (auth-basic → profiles, payments-basic → subscriptions)
+      // After adding tables, regenerate types with Supabase CLI:
+      // npx supabase gen types typescript --local > shared/db/types.ts
+    };
+    Views: {};
+    Functions: {};
+    Enums: {};
+  };
+};
+
+// --- USER CODE END ---