@victusvinceere/saas-core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/dist/auth/index.d.mts +40 -0
  2. package/dist/auth/index.d.ts +40 -0
  3. package/dist/auth/index.js +147 -0
  4. package/dist/auth/index.js.map +1 -0
  5. package/dist/auth/index.mjs +111 -0
  6. package/dist/auth/index.mjs.map +1 -0
  7. package/dist/authorization/index.d.mts +78 -0
  8. package/dist/authorization/index.d.ts +78 -0
  9. package/dist/authorization/index.js +137 -0
  10. package/dist/authorization/index.js.map +1 -0
  11. package/dist/authorization/index.mjs +104 -0
  12. package/dist/authorization/index.mjs.map +1 -0
  13. package/dist/components/auth/index.d.mts +26 -0
  14. package/dist/components/auth/index.d.ts +26 -0
  15. package/dist/components/auth/index.js +733 -0
  16. package/dist/components/auth/index.js.map +1 -0
  17. package/dist/components/auth/index.mjs +696 -0
  18. package/dist/components/auth/index.mjs.map +1 -0
  19. package/dist/components/dashboard/index.d.mts +32 -0
  20. package/dist/components/dashboard/index.d.ts +32 -0
  21. package/dist/components/dashboard/index.js +440 -0
  22. package/dist/components/dashboard/index.js.map +1 -0
  23. package/dist/components/dashboard/index.mjs +401 -0
  24. package/dist/components/dashboard/index.mjs.map +1 -0
  25. package/dist/components/ui/index.d.mts +351 -0
  26. package/dist/components/ui/index.d.ts +351 -0
  27. package/dist/components/ui/index.js +14342 -0
  28. package/dist/components/ui/index.js.map +1 -0
  29. package/dist/components/ui/index.mjs +14173 -0
  30. package/dist/components/ui/index.mjs.map +1 -0
  31. package/dist/config/index.d.mts +45 -0
  32. package/dist/config/index.d.ts +45 -0
  33. package/dist/config/index.js +71 -0
  34. package/dist/config/index.js.map +1 -0
  35. package/dist/config/index.mjs +44 -0
  36. package/dist/config/index.mjs.map +1 -0
  37. package/dist/hooks/index.d.mts +20 -0
  38. package/dist/hooks/index.d.ts +20 -0
  39. package/dist/hooks/index.js +103 -0
  40. package/dist/hooks/index.js.map +1 -0
  41. package/dist/hooks/index.mjs +65 -0
  42. package/dist/hooks/index.mjs.map +1 -0
  43. package/dist/index.d.mts +21 -0
  44. package/dist/index.d.ts +21 -0
  45. package/dist/index.js +459 -0
  46. package/dist/index.js.map +1 -0
  47. package/dist/index.mjs +401 -0
  48. package/dist/index.mjs.map +1 -0
  49. package/dist/prisma/index.d.mts +11 -0
  50. package/dist/prisma/index.d.ts +11 -0
  51. package/dist/prisma/index.js +46 -0
  52. package/dist/prisma/index.js.map +1 -0
  53. package/dist/prisma/index.mjs +20 -0
  54. package/dist/prisma/index.mjs.map +1 -0
  55. package/dist/providers/index.d.mts +37 -0
  56. package/dist/providers/index.d.ts +37 -0
  57. package/dist/providers/index.js +97 -0
  58. package/dist/providers/index.js.map +1 -0
  59. package/dist/providers/index.mjs +69 -0
  60. package/dist/providers/index.mjs.map +1 -0
  61. package/dist/sidebar-ttX_iZ40.d.mts +22 -0
  62. package/dist/sidebar-ttX_iZ40.d.ts +22 -0
  63. package/package.json +122 -0
  64. package/prisma/schema.prisma +106 -0
package/dist/auth/index.d.mts ADDED
@@ -0,0 +1,40 @@
1
+ import { NextAuthConfig } from 'next-auth';
2
+ import { Adapter } from 'next-auth/adapters';
3
+
4
+ type AuthProvider = "google" | "github" | "email" | "credentials";
5
+ interface AuthConfigOptions {
6
+ adapter: Adapter;
7
+ providers: AuthProvider[];
8
+ pages?: {
9
+ signIn?: string;
10
+ signOut?: string;
11
+ error?: string;
12
+ verifyRequest?: string;
13
+ newUser?: string;
14
+ };
15
+ callbacks?: {
16
+ onUserCreated?: (user: {
17
+ id: string;
18
+ email: string;
19
+ }) => Promise<void>;
20
+ getUserRole?: (userId: string) => Promise<string>;
21
+ };
22
+ session?: {
23
+ strategy?: "jwt" | "database";
24
+ maxAge?: number;
25
+ };
26
+ credentials?: {
27
+ authorize: (credentials: Record<string, string>) => Promise<{
28
+ id: string;
29
+ email: string;
30
+ name?: string;
31
+ image?: string;
32
+ } | null>;
33
+ };
34
+ email?: {
35
+ from?: string;
36
+ };
37
+ }
38
+ declare function createAuthConfig(options: AuthConfigOptions): NextAuthConfig;
39
+
40
+ export { type AuthConfigOptions, type AuthProvider, createAuthConfig };
package/dist/auth/index.d.ts ADDED
@@ -0,0 +1,40 @@
1
+ import { NextAuthConfig } from 'next-auth';
2
+ import { Adapter } from 'next-auth/adapters';
3
+
4
+ type AuthProvider = "google" | "github" | "email" | "credentials";
5
+ interface AuthConfigOptions {
6
+ adapter: Adapter;
7
+ providers: AuthProvider[];
8
+ pages?: {
9
+ signIn?: string;
10
+ signOut?: string;
11
+ error?: string;
12
+ verifyRequest?: string;
13
+ newUser?: string;
14
+ };
15
+ callbacks?: {
16
+ onUserCreated?: (user: {
17
+ id: string;
18
+ email: string;
19
+ }) => Promise<void>;
20
+ getUserRole?: (userId: string) => Promise<string>;
21
+ };
22
+ session?: {
23
+ strategy?: "jwt" | "database";
24
+ maxAge?: number;
25
+ };
26
+ credentials?: {
27
+ authorize: (credentials: Record<string, string>) => Promise<{
28
+ id: string;
29
+ email: string;
30
+ name?: string;
31
+ image?: string;
32
+ } | null>;
33
+ };
34
+ email?: {
35
+ from?: string;
36
+ };
37
+ }
38
+ declare function createAuthConfig(options: AuthConfigOptions): NextAuthConfig;
39
+
40
+ export { type AuthConfigOptions, type AuthProvider, createAuthConfig };
package/dist/auth/index.js ADDED
@@ -0,0 +1,147 @@
1
+ "use client";
2
+ "use strict";
3
+ var __create = Object.create;
4
+ var __defProp = Object.defineProperty;
5
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
6
+ var __getOwnPropNames = Object.getOwnPropertyNames;
7
+ var __getProtoOf = Object.getPrototypeOf;
8
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
9
+ var __export = (target, all) => {
10
+ for (var name in all)
11
+ __defProp(target, name, { get: all[name], enumerable: true });
12
+ };
13
+ var __copyProps = (to, from, except, desc) => {
14
+ if (from && typeof from === "object" || typeof from === "function") {
15
+ for (let key of __getOwnPropNames(from))
16
+ if (!__hasOwnProp.call(to, key) && key !== except)
17
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
18
+ }
19
+ return to;
20
+ };
21
+ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
22
+ // If the importer is in node compatibility mode or this is not an ESM
23
+ // file that has been converted to a CommonJS file using a Babel-
24
+ // compatible transform (i.e. "__esModule" has not been set), then set
25
+ // "default" to the CommonJS "module.exports" for node compatibility.
26
+ isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
27
+ mod
28
+ ));
29
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
30
+
31
+ // src/auth/index.ts
32
+ var auth_exports = {};
33
+ __export(auth_exports, {
34
+ createAuthConfig: () => createAuthConfig
35
+ });
36
+ module.exports = __toCommonJS(auth_exports);
37
+
38
+ // src/auth/create-auth-config.ts
39
+ var import_google = __toESM(require("next-auth/providers/google"));
40
+ var import_resend = __toESM(require("next-auth/providers/resend"));
41
+ var import_github = __toESM(require("next-auth/providers/github"));
42
+ var import_credentials = __toESM(require("next-auth/providers/credentials"));
43
+ function createProviders(options) {
44
+ const providers = [];
45
+ for (const provider of options.providers) {
46
+ switch (provider) {
47
+ case "google":
48
+ providers.push(
49
+ (0, import_google.default)({
50
+ clientId: process.env.GOOGLE_CLIENT_ID,
51
+ clientSecret: process.env.GOOGLE_CLIENT_SECRET
52
+ })
53
+ );
54
+ break;
55
+ case "github":
56
+ providers.push(
57
+ (0, import_github.default)({
58
+ clientId: process.env.GITHUB_CLIENT_ID,
59
+ clientSecret: process.env.GITHUB_CLIENT_SECRET
60
+ })
61
+ );
62
+ break;
63
+ case "email":
64
+ providers.push(
65
+ (0, import_resend.default)({
66
+ apiKey: process.env.AUTH_RESEND_KEY,
67
+ from: options.email?.from || process.env.EMAIL_FROM || "no-reply@example.com"
68
+ })
69
+ );
70
+ break;
71
+ case "credentials":
72
+ if (options.credentials?.authorize) {
73
+ providers.push(
74
+ (0, import_credentials.default)({
75
+ credentials: {
76
+ email: { label: "Email", type: "email" },
77
+ password: { label: "Password", type: "password" }
78
+ },
79
+ authorize: async (credentials) => {
80
+ if (!credentials?.email || !credentials?.password) {
81
+ return null;
82
+ }
83
+ return options.credentials.authorize(credentials);
84
+ }
85
+ })
86
+ );
87
+ }
88
+ break;
89
+ }
90
+ }
91
+ return providers;
92
+ }
93
+ function createAuthConfig(options) {
94
+ return {
95
+ adapter: options.adapter,
96
+ session: {
97
+ strategy: options.session?.strategy || "jwt",
98
+ maxAge: options.session?.maxAge || 30 * 24 * 60 * 60
99
+ // 30 days
100
+ },
101
+ providers: createProviders(options),
102
+ pages: {
103
+ signIn: options.pages?.signIn || "/login",
104
+ error: options.pages?.error || "/auth-error",
105
+ verifyRequest: options.pages?.verifyRequest || "/verify-request",
106
+ newUser: options.pages?.newUser
107
+ },
108
+ callbacks: {
109
+ async jwt({ token, user, trigger }) {
110
+ if (user) {
111
+ token.id = user.id;
112
+ if (options.callbacks?.getUserRole) {
113
+ token.role = await options.callbacks.getUserRole(user.id);
114
+ } else {
115
+ token.role = "USER";
116
+ }
117
+ }
118
+ if (trigger === "update" && token.id && options.callbacks?.getUserRole) {
119
+ token.role = await options.callbacks.getUserRole(token.id);
120
+ }
121
+ return token;
122
+ },
123
+ session({ session, token }) {
124
+ if (session.user && token.id) {
125
+ session.user.id = token.id;
126
+ session.user.role = token.role;
127
+ }
128
+ return session;
129
+ }
130
+ },
131
+ events: {
132
+ async createUser({ user }) {
133
+ if (options.callbacks?.onUserCreated && user.email) {
134
+ await options.callbacks.onUserCreated({
135
+ id: user.id,
136
+ email: user.email
137
+ });
138
+ }
139
+ }
140
+ }
141
+ };
142
+ }
143
+ // Annotate the CommonJS export names for ESM import in node:
144
+ 0 && (module.exports = {
145
+ createAuthConfig
146
+ });
147
+ //# sourceMappingURL=index.js.map
package/dist/auth/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../src/auth/index.ts","../../src/auth/create-auth-config.ts"],"sourcesContent":["export { createAuthConfig } from \"./create-auth-config\";\nexport type { AuthConfigOptions, AuthProvider } from \"./create-auth-config\";\n","import type { NextAuthConfig } from \"next-auth\";\nimport type { Adapter } from \"next-auth/adapters\";\nimport type { Provider } from \"next-auth/providers\";\nimport Google from \"next-auth/providers/google\";\nimport Resend from \"next-auth/providers/resend\";\nimport GitHub from \"next-auth/providers/github\";\nimport Credentials from \"next-auth/providers/credentials\";\n\nexport type AuthProvider = \"google\" | \"github\" | \"email\" | \"credentials\";\n\nexport interface AuthConfigOptions {\n adapter: Adapter;\n providers: AuthProvider[];\n pages?: {\n signIn?: string;\n signOut?: string;\n error?: string;\n verifyRequest?: string;\n newUser?: string;\n };\n callbacks?: {\n onUserCreated?: (user: { id: string; email: string }) => Promise<void>;\n getUserRole?: (userId: string) => Promise<string>;\n };\n session?: {\n strategy?: \"jwt\" | \"database\";\n maxAge?: number;\n };\n credentials?: {\n authorize: (credentials: Record<string, string>) => Promise<{\n id: string;\n email: string;\n name?: string;\n image?: string;\n } | null>;\n };\n email?: {\n from?: string;\n };\n}\n\nfunction createProviders(\n options: AuthConfigOptions\n): Provider[] {\n const providers: Provider[] = [];\n\n for (const provider of options.providers) {\n switch (provider) {\n case \"google\":\n providers.push(\n Google({\n clientId: process.env.GOOGLE_CLIENT_ID!,\n clientSecret: process.env.GOOGLE_CLIENT_SECRET!,\n })\n );\n break;\n case \"github\":\n providers.push(\n GitHub({\n clientId: process.env.GITHUB_CLIENT_ID!,\n clientSecret: process.env.GITHUB_CLIENT_SECRET!,\n })\n );\n break;\n case \"email\":\n providers.push(\n Resend({\n apiKey: process.env.AUTH_RESEND_KEY!,\n from: options.email?.from || process.env.EMAIL_FROM || \"no-reply@example.com\",\n })\n );\n break;\n case \"credentials\":\n if (options.credentials?.authorize) {\n providers.push(\n Credentials({\n credentials: {\n email: { label: \"Email\", type: \"email\" },\n password: { label: \"Password\", type: \"password\" },\n },\n authorize: async (credentials) => {\n if (!credentials?.email || !credentials?.password) {\n return null;\n }\n return options.credentials!.authorize(credentials as Record<string, string>);\n },\n })\n );\n }\n break;\n }\n }\n\n return providers;\n}\n\nexport function createAuthConfig(options: AuthConfigOptions): NextAuthConfig {\n return {\n adapter: options.adapter,\n session: {\n strategy: options.session?.strategy || \"jwt\",\n maxAge: options.session?.maxAge || 30 * 24 * 60 * 60, // 30 days\n },\n providers: createProviders(options),\n pages: {\n signIn: options.pages?.signIn || \"/login\",\n error: options.pages?.error || \"/auth-error\",\n verifyRequest: options.pages?.verifyRequest || \"/verify-request\",\n newUser: options.pages?.newUser,\n },\n callbacks: {\n async jwt({ token, user, trigger }) {\n if (user) {\n token.id = user.id;\n // Get user role from callback or default to USER\n if (options.callbacks?.getUserRole) {\n token.role = await options.callbacks.getUserRole(user.id);\n } else {\n token.role = \"USER\";\n }\n }\n // Refresh role on explicit update trigger\n if (trigger === \"update\" && token.id && options.callbacks?.getUserRole) {\n token.role = await options.callbacks.getUserRole(token.id as string);\n }\n return token;\n },\n session({ session, token }) {\n if (session.user && token.id) {\n session.user.id = token.id as string;\n session.user.role = token.role as string;\n }\n return session;\n },\n },\n events: {\n async createUser({ user }) {\n if (options.callbacks?.onUserCreated && user.email) {\n await options.callbacks.onUserCreated({\n id: user.id!,\n email: user.email,\n });\n }\n },\n },\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACGA,oBAAmB;AACnB,oBAAmB;AACnB,oBAAmB;AACnB,yBAAwB;AAmCxB,SAAS,gBACP,SACY;AACZ,QAAM,YAAwB,CAAC;AAE/B,aAAW,YAAY,QAAQ,WAAW;AACxC,YAAQ,UAAU;AAAA,MAChB,KAAK;AACH,kBAAU;AAAA,cACR,cAAAA,SAAO;AAAA,YACL,UAAU,QAAQ,IAAI;AAAA,YACtB,cAAc,QAAQ,IAAI;AAAA,UAC5B,CAAC;AAAA,QACH;AACA;AAAA,MACF,KAAK;AACH,kBAAU;AAAA,cACR,cAAAC,SAAO;AAAA,YACL,UAAU,QAAQ,IAAI;AAAA,YACtB,cAAc,QAAQ,IAAI;AAAA,UAC5B,CAAC;AAAA,QACH;AACA;AAAA,MACF,KAAK;AACH,kBAAU;AAAA,cACR,cAAAC,SAAO;AAAA,YACL,QAAQ,QAAQ,IAAI;AAAA,YACpB,MAAM,QAAQ,OAAO,QAAQ,QAAQ,IAAI,cAAc;AAAA,UACzD,CAAC;AAAA,QACH;AACA;AAAA,MACF,KAAK;AACH,YAAI,QAAQ,aAAa,WAAW;AAClC,oBAAU;AAAA,gBACR,mBAAAC,SAAY;AAAA,cACV,aAAa;AAAA,gBACX,OAAO,EAAE,OAAO,SAAS,MAAM,QAAQ;AAAA,gBACvC,UAAU,EAAE,OAAO,YAAY,MAAM,WAAW;AAAA,cAClD;AAAA,cACA,WAAW,OAAO,gBAAgB;AAChC,oBAAI,CAAC,aAAa,SAAS,CAAC,aAAa,UAAU;AACjD,yBAAO;AAAA,gBACT;AACA,uBAAO,QAAQ,YAAa,UAAU,WAAqC;AAAA,cAC7E;AAAA,YACF,CAAC;AAAA,UACH;AAAA,QACF;AACA;AAAA,IACJ;AAAA,EACF;AAEA,SAAO;AACT;AAEO,SAAS,iBAAiB,SAA4C;AAC3E,SAAO;AAAA,IACL,SAAS,QAAQ;AAAA,IACjB,SAAS;AAAA,MACP,UAAU,QAAQ,SAAS,YAAY;AAAA,MACvC,QAAQ,QAAQ,SAAS,UAAU,KAAK,KAAK,KAAK;AAAA;AAAA,IACpD;AAAA,IACA,WAAW,gBAAgB,OAAO;AAAA,IAClC,OAAO;AAAA,MACL,QAAQ,QAAQ,OAAO,UAAU;AAAA,MACjC,OAAO,QAAQ,OAAO,SAAS;AAAA,MAC/B,eAAe,QAAQ,OAAO,iBAAiB;AAAA,MAC/C,SAAS,QAAQ,OAAO;AAAA,IAC1B;AAAA,IACA,WAAW;AAAA,MACT,MAAM,IAAI,EAAE,OAAO,MAAM,QAAQ,GAAG;AAClC,YAAI,MAAM;AACR,gBAAM,KAAK,KAAK;AAEhB,cAAI,QAAQ,WAAW,aAAa;AAClC,kBAAM,OAAO,MAAM,QAAQ,UAAU,YAAY,KAAK,EAAE;AAAA,UAC1D,OAAO;AACL,kBAAM,OAAO;AAAA,UACf;AAAA,QACF;AAEA,YAAI,YAAY,YAAY,MAAM,MAAM,QAAQ,WAAW,aAAa;AACtE,gBAAM,OAAO,MAAM,QAAQ,UAAU,YAAY,MAAM,EAAY;AAAA,QACrE;AACA,eAAO;AAAA,MACT;AAAA,MACA,QAAQ,EAAE,SAAS,MAAM,GAAG;AAC1B,YAAI,QAAQ,QAAQ,MAAM,IAAI;AAC5B,kBAAQ,KAAK,KAAK,MAAM;AACxB,kBAAQ,KAAK,OAAO,MAAM;AAAA,QAC5B;AACA,eAAO;AAAA,MACT;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,MAAM,WAAW,EAAE,KAAK,GAAG;AACzB,YAAI,QAAQ,WAAW,iBAAiB,KAAK,OAAO;AAClD,gBAAM,QAAQ,UAAU,cAAc;AAAA,YACpC,IAAI,KAAK;AAAA,YACT,OAAO,KAAK;AAAA,UACd,CAAC;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;","names":["Google","GitHub","Resend","Credentials"]}
package/dist/auth/index.mjs ADDED
@@ -0,0 +1,111 @@
1
+ "use client";
2
+
3
+ // src/auth/create-auth-config.ts
4
+ import Google from "next-auth/providers/google";
5
+ import Resend from "next-auth/providers/resend";
6
+ import GitHub from "next-auth/providers/github";
7
+ import Credentials from "next-auth/providers/credentials";
8
+ function createProviders(options) {
9
+ const providers = [];
10
+ for (const provider of options.providers) {
11
+ switch (provider) {
12
+ case "google":
13
+ providers.push(
14
+ Google({
15
+ clientId: process.env.GOOGLE_CLIENT_ID,
16
+ clientSecret: process.env.GOOGLE_CLIENT_SECRET
17
+ })
18
+ );
19
+ break;
20
+ case "github":
21
+ providers.push(
22
+ GitHub({
23
+ clientId: process.env.GITHUB_CLIENT_ID,
24
+ clientSecret: process.env.GITHUB_CLIENT_SECRET
25
+ })
26
+ );
27
+ break;
28
+ case "email":
29
+ providers.push(
30
+ Resend({
31
+ apiKey: process.env.AUTH_RESEND_KEY,
32
+ from: options.email?.from || process.env.EMAIL_FROM || "no-reply@example.com"
33
+ })
34
+ );
35
+ break;
36
+ case "credentials":
37
+ if (options.credentials?.authorize) {
38
+ providers.push(
39
+ Credentials({
40
+ credentials: {
41
+ email: { label: "Email", type: "email" },
42
+ password: { label: "Password", type: "password" }
43
+ },
44
+ authorize: async (credentials) => {
45
+ if (!credentials?.email || !credentials?.password) {
46
+ return null;
47
+ }
48
+ return options.credentials.authorize(credentials);
49
+ }
50
+ })
51
+ );
52
+ }
53
+ break;
54
+ }
55
+ }
56
+ return providers;
57
+ }
58
+ function createAuthConfig(options) {
59
+ return {
60
+ adapter: options.adapter,
61
+ session: {
62
+ strategy: options.session?.strategy || "jwt",
63
+ maxAge: options.session?.maxAge || 30 * 24 * 60 * 60
64
+ // 30 days
65
+ },
66
+ providers: createProviders(options),
67
+ pages: {
68
+ signIn: options.pages?.signIn || "/login",
69
+ error: options.pages?.error || "/auth-error",
70
+ verifyRequest: options.pages?.verifyRequest || "/verify-request",
71
+ newUser: options.pages?.newUser
72
+ },
73
+ callbacks: {
74
+ async jwt({ token, user, trigger }) {
75
+ if (user) {
76
+ token.id = user.id;
77
+ if (options.callbacks?.getUserRole) {
78
+ token.role = await options.callbacks.getUserRole(user.id);
79
+ } else {
80
+ token.role = "USER";
81
+ }
82
+ }
83
+ if (trigger === "update" && token.id && options.callbacks?.getUserRole) {
84
+ token.role = await options.callbacks.getUserRole(token.id);
85
+ }
86
+ return token;
87
+ },
88
+ session({ session, token }) {
89
+ if (session.user && token.id) {
90
+ session.user.id = token.id;
91
+ session.user.role = token.role;
92
+ }
93
+ return session;
94
+ }
95
+ },
96
+ events: {
97
+ async createUser({ user }) {
98
+ if (options.callbacks?.onUserCreated && user.email) {
99
+ await options.callbacks.onUserCreated({
100
+ id: user.id,
101
+ email: user.email
102
+ });
103
+ }
104
+ }
105
+ }
106
+ };
107
+ }
108
+ export {
109
+ createAuthConfig
110
+ };
111
+ //# sourceMappingURL=index.mjs.map
package/dist/auth/index.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../src/auth/create-auth-config.ts"],"sourcesContent":["import type { NextAuthConfig } from \"next-auth\";\nimport type { Adapter } from \"next-auth/adapters\";\nimport type { Provider } from \"next-auth/providers\";\nimport Google from \"next-auth/providers/google\";\nimport Resend from \"next-auth/providers/resend\";\nimport GitHub from \"next-auth/providers/github\";\nimport Credentials from \"next-auth/providers/credentials\";\n\nexport type AuthProvider = \"google\" | \"github\" | \"email\" | \"credentials\";\n\nexport interface AuthConfigOptions {\n adapter: Adapter;\n providers: AuthProvider[];\n pages?: {\n signIn?: string;\n signOut?: string;\n error?: string;\n verifyRequest?: string;\n newUser?: string;\n };\n callbacks?: {\n onUserCreated?: (user: { id: string; email: string }) => Promise<void>;\n getUserRole?: (userId: string) => Promise<string>;\n };\n session?: {\n strategy?: \"jwt\" | \"database\";\n maxAge?: number;\n };\n credentials?: {\n authorize: (credentials: Record<string, string>) => Promise<{\n id: string;\n email: string;\n name?: string;\n image?: string;\n } | null>;\n };\n email?: {\n from?: string;\n };\n}\n\nfunction createProviders(\n options: AuthConfigOptions\n): Provider[] {\n const providers: Provider[] = [];\n\n for (const provider of options.providers) {\n switch (provider) {\n case \"google\":\n providers.push(\n Google({\n clientId: process.env.GOOGLE_CLIENT_ID!,\n clientSecret: process.env.GOOGLE_CLIENT_SECRET!,\n })\n );\n break;\n case \"github\":\n providers.push(\n GitHub({\n clientId: process.env.GITHUB_CLIENT_ID!,\n clientSecret: process.env.GITHUB_CLIENT_SECRET!,\n })\n );\n break;\n case \"email\":\n providers.push(\n Resend({\n apiKey: process.env.AUTH_RESEND_KEY!,\n from: options.email?.from || process.env.EMAIL_FROM || \"no-reply@example.com\",\n })\n );\n break;\n case \"credentials\":\n if (options.credentials?.authorize) {\n providers.push(\n Credentials({\n credentials: {\n email: { label: \"Email\", type: \"email\" },\n password: { label: \"Password\", type: \"password\" },\n },\n authorize: async (credentials) => {\n if (!credentials?.email || !credentials?.password) {\n return null;\n }\n return options.credentials!.authorize(credentials as Record<string, string>);\n },\n })\n );\n }\n break;\n }\n }\n\n return providers;\n}\n\nexport function createAuthConfig(options: AuthConfigOptions): NextAuthConfig {\n return {\n adapter: options.adapter,\n session: {\n strategy: options.session?.strategy || \"jwt\",\n maxAge: options.session?.maxAge || 30 * 24 * 60 * 60, // 30 days\n },\n providers: createProviders(options),\n pages: {\n signIn: options.pages?.signIn || \"/login\",\n error: options.pages?.error || \"/auth-error\",\n verifyRequest: options.pages?.verifyRequest || \"/verify-request\",\n newUser: options.pages?.newUser,\n },\n callbacks: {\n async jwt({ token, user, trigger }) {\n if (user) {\n token.id = user.id;\n // Get user role from callback or default to USER\n if (options.callbacks?.getUserRole) {\n token.role = await options.callbacks.getUserRole(user.id);\n } else {\n token.role = \"USER\";\n }\n }\n // Refresh role on explicit update trigger\n if (trigger === \"update\" && token.id && options.callbacks?.getUserRole) {\n token.role = await options.callbacks.getUserRole(token.id as string);\n }\n return token;\n },\n session({ session, token }) {\n if (session.user && token.id) {\n session.user.id = token.id as string;\n session.user.role = token.role as string;\n }\n return session;\n },\n },\n events: {\n async createUser({ user }) {\n if (options.callbacks?.onUserCreated && user.email) {\n await options.callbacks.onUserCreated({\n id: user.id!,\n email: user.email,\n });\n }\n },\n },\n };\n}\n"],"mappings":";;;AAGA,OAAO,YAAY;AACnB,OAAO,YAAY;AACnB,OAAO,YAAY;AACnB,OAAO,iBAAiB;AAmCxB,SAAS,gBACP,SACY;AACZ,QAAM,YAAwB,CAAC;AAE/B,aAAW,YAAY,QAAQ,WAAW;AACxC,YAAQ,UAAU;AAAA,MAChB,KAAK;AACH,kBAAU;AAAA,UACR,OAAO;AAAA,YACL,UAAU,QAAQ,IAAI;AAAA,YACtB,cAAc,QAAQ,IAAI;AAAA,UAC5B,CAAC;AAAA,QACH;AACA;AAAA,MACF,KAAK;AACH,kBAAU;AAAA,UACR,OAAO;AAAA,YACL,UAAU,QAAQ,IAAI;AAAA,YACtB,cAAc,QAAQ,IAAI;AAAA,UAC5B,CAAC;AAAA,QACH;AACA;AAAA,MACF,KAAK;AACH,kBAAU;AAAA,UACR,OAAO;AAAA,YACL,QAAQ,QAAQ,IAAI;AAAA,YACpB,MAAM,QAAQ,OAAO,QAAQ,QAAQ,IAAI,cAAc;AAAA,UACzD,CAAC;AAAA,QACH;AACA;AAAA,MACF,KAAK;AACH,YAAI,QAAQ,aAAa,WAAW;AAClC,oBAAU;AAAA,YACR,YAAY;AAAA,cACV,aAAa;AAAA,gBACX,OAAO,EAAE,OAAO,SAAS,MAAM,QAAQ;AAAA,gBACvC,UAAU,EAAE,OAAO,YAAY,MAAM,WAAW;AAAA,cAClD;AAAA,cACA,WAAW,OAAO,gBAAgB;AAChC,oBAAI,CAAC,aAAa,SAAS,CAAC,aAAa,UAAU;AACjD,yBAAO;AAAA,gBACT;AACA,uBAAO,QAAQ,YAAa,UAAU,WAAqC;AAAA,cAC7E;AAAA,YACF,CAAC;AAAA,UACH;AAAA,QACF;AACA;AAAA,IACJ;AAAA,EACF;AAEA,SAAO;AACT;AAEO,SAAS,iBAAiB,SAA4C;AAC3E,SAAO;AAAA,IACL,SAAS,QAAQ;AAAA,IACjB,SAAS;AAAA,MACP,UAAU,QAAQ,SAAS,YAAY;AAAA,MACvC,QAAQ,QAAQ,SAAS,UAAU,KAAK,KAAK,KAAK;AAAA;AAAA,IACpD;AAAA,IACA,WAAW,gBAAgB,OAAO;AAAA,IAClC,OAAO;AAAA,MACL,QAAQ,QAAQ,OAAO,UAAU;AAAA,MACjC,OAAO,QAAQ,OAAO,SAAS;AAAA,MAC/B,eAAe,QAAQ,OAAO,iBAAiB;AAAA,MAC/C,SAAS,QAAQ,OAAO;AAAA,IAC1B;AAAA,IACA,WAAW;AAAA,MACT,MAAM,IAAI,EAAE,OAAO,MAAM,QAAQ,GAAG;AAClC,YAAI,MAAM;AACR,gBAAM,KAAK,KAAK;AAEhB,cAAI,QAAQ,WAAW,aAAa;AAClC,kBAAM,OAAO,MAAM,QAAQ,UAAU,YAAY,KAAK,EAAE;AAAA,UAC1D,OAAO;AACL,kBAAM,OAAO;AAAA,UACf;AAAA,QACF;AAEA,YAAI,YAAY,YAAY,MAAM,MAAM,QAAQ,WAAW,aAAa;AACtE,gBAAM,OAAO,MAAM,QAAQ,UAAU,YAAY,MAAM,EAAY;AAAA,QACrE;AACA,eAAO;AAAA,MACT;AAAA,MACA,QAAQ,EAAE,SAAS,MAAM,GAAG;AAC1B,YAAI,QAAQ,QAAQ,MAAM,IAAI;AAC5B,kBAAQ,KAAK,KAAK,MAAM;AACxB,kBAAQ,KAAK,OAAO,MAAM;AAAA,QAC5B;AACA,eAAO;AAAA,MACT;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,MAAM,WAAW,EAAE,KAAK,GAAG;AACzB,YAAI,QAAQ,WAAW,iBAAiB,KAAK,OAAO;AAClD,gBAAM,QAAQ,UAAU,cAAc;AAAA,YACpC,IAAI,KAAK;AAAA,YACT,OAAO,KAAK;AAAA,UACd,CAAC;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;","names":[]}
package/dist/authorization/index.d.mts ADDED
@@ -0,0 +1,78 @@
1
+ import { NextResponse } from 'next/server';
2
+
3
+ type Role = "USER" | "MODERATOR" | "ADMIN" | "SUPER_ADMIN";
4
+ interface AuthorizationConfig {
5
+ roleHierarchy?: string[];
6
+ permissions?: Record<string, string[]>;
7
+ }
8
+ /**
9
+ * Configure the authorization system
10
+ */
11
+ declare function configureAuthorization(options: AuthorizationConfig): void;
12
+ /**
13
+ * Check if a role has at least the minimum required role level
14
+ */
15
+ declare function hasMinRole(userRole: string, minRole: string): boolean;
16
+ /**
17
+ * Check if user has one of the allowed roles
18
+ */
19
+ declare function hasRole(userRole: string, allowedRoles: string[]): boolean;
20
+ /**
21
+ * Check if user is admin (ADMIN or SUPER_ADMIN)
22
+ */
23
+ declare function isAdmin(role: string): boolean;
24
+ /**
25
+ * Check if user is super admin
26
+ */
27
+ declare function isSuperAdmin(role: string): boolean;
28
+ /**
29
+ * Check if user is moderator or higher
30
+ */
31
+ declare function isModerator(role: string): boolean;
32
+ /**
33
+ * Check if user has a specific permission
34
+ */
35
+ declare function hasPermission(userRole: string, permission: string): boolean;
36
+ /**
37
+ * Default permissions configuration
38
+ */
39
+ declare const PERMISSIONS: {
40
+ readonly "users:read": readonly ["MODERATOR", "ADMIN", "SUPER_ADMIN"];
41
+ readonly "users:update": readonly ["ADMIN", "SUPER_ADMIN"];
42
+ readonly "users:delete": readonly ["SUPER_ADMIN"];
43
+ readonly "users:updateRole": readonly ["SUPER_ADMIN"];
44
+ readonly "posts:create": readonly ["MODERATOR", "ADMIN", "SUPER_ADMIN"];
45
+ readonly "posts:update": readonly ["MODERATOR", "ADMIN", "SUPER_ADMIN"];
46
+ readonly "posts:delete": readonly ["ADMIN", "SUPER_ADMIN"];
47
+ readonly "posts:publish": readonly ["ADMIN", "SUPER_ADMIN"];
48
+ readonly "admin:access": readonly ["ADMIN", "SUPER_ADMIN"];
49
+ readonly "admin:settings": readonly ["SUPER_ADMIN"];
50
+ readonly "subscriptions:read": readonly ["ADMIN", "SUPER_ADMIN"];
51
+ readonly "subscriptions:manage": readonly ["SUPER_ADMIN"];
52
+ };
53
+ type Permission = keyof typeof PERMISSIONS;
54
+ /**
55
+ * Higher-order function for protecting API routes
56
+ * Returns unauthorized response if user doesn't have required role
57
+ */
58
+ interface WithRoleResult<T = unknown> {
59
+ authorized: boolean;
60
+ response: NextResponse | null;
61
+ session: T | null;
62
+ }
63
+ interface WithRoleOptions {
64
+ getSession: () => Promise<{
65
+ user?: {
66
+ id?: string;
67
+ role?: string;
68
+ };
69
+ } | null>;
70
+ minRole: string;
71
+ }
72
+ declare function withRole(options: WithRoleOptions): Promise<WithRoleResult>;
73
+ /**
74
+ * Create a custom permission checker
75
+ */
76
+ declare function createPermissionChecker(permissions: Record<string, string[]>): (userRole: string, permission: string) => boolean;
77
+
78
+ export { type AuthorizationConfig, PERMISSIONS, type Permission, type Role, type WithRoleOptions, type WithRoleResult, configureAuthorization, createPermissionChecker, hasMinRole, hasPermission, hasRole, isAdmin, isModerator, isSuperAdmin, withRole };
package/dist/authorization/index.d.ts ADDED
@@ -0,0 +1,78 @@
1
+ import { NextResponse } from 'next/server';
2
+
3
+ type Role = "USER" | "MODERATOR" | "ADMIN" | "SUPER_ADMIN";
4
+ interface AuthorizationConfig {
5
+ roleHierarchy?: string[];
6
+ permissions?: Record<string, string[]>;
7
+ }
8
+ /**
9
+ * Configure the authorization system
10
+ */
11
+ declare function configureAuthorization(options: AuthorizationConfig): void;
12
+ /**
13
+ * Check if a role has at least the minimum required role level
14
+ */
15
+ declare function hasMinRole(userRole: string, minRole: string): boolean;
16
+ /**
17
+ * Check if user has one of the allowed roles
18
+ */
19
+ declare function hasRole(userRole: string, allowedRoles: string[]): boolean;
20
+ /**
21
+ * Check if user is admin (ADMIN or SUPER_ADMIN)
22
+ */
23
+ declare function isAdmin(role: string): boolean;
24
+ /**
25
+ * Check if user is super admin
26
+ */
27
+ declare function isSuperAdmin(role: string): boolean;
28
+ /**
29
+ * Check if user is moderator or higher
30
+ */
31
+ declare function isModerator(role: string): boolean;
32
+ /**
33
+ * Check if user has a specific permission
34
+ */
35
+ declare function hasPermission(userRole: string, permission: string): boolean;
36
+ /**
37
+ * Default permissions configuration
38
+ */
39
+ declare const PERMISSIONS: {
40
+ readonly "users:read": readonly ["MODERATOR", "ADMIN", "SUPER_ADMIN"];
41
+ readonly "users:update": readonly ["ADMIN", "SUPER_ADMIN"];
42
+ readonly "users:delete": readonly ["SUPER_ADMIN"];
43
+ readonly "users:updateRole": readonly ["SUPER_ADMIN"];
44
+ readonly "posts:create": readonly ["MODERATOR", "ADMIN", "SUPER_ADMIN"];
45
+ readonly "posts:update": readonly ["MODERATOR", "ADMIN", "SUPER_ADMIN"];
46
+ readonly "posts:delete": readonly ["ADMIN", "SUPER_ADMIN"];
47
+ readonly "posts:publish": readonly ["ADMIN", "SUPER_ADMIN"];
48
+ readonly "admin:access": readonly ["ADMIN", "SUPER_ADMIN"];
49
+ readonly "admin:settings": readonly ["SUPER_ADMIN"];
50
+ readonly "subscriptions:read": readonly ["ADMIN", "SUPER_ADMIN"];
51
+ readonly "subscriptions:manage": readonly ["SUPER_ADMIN"];
52
+ };
53
+ type Permission = keyof typeof PERMISSIONS;
54
+ /**
55
+ * Higher-order function for protecting API routes
56
+ * Returns unauthorized response if user doesn't have required role
57
+ */
58
+ interface WithRoleResult<T = unknown> {
59
+ authorized: boolean;
60
+ response: NextResponse | null;
61
+ session: T | null;
62
+ }
63
+ interface WithRoleOptions {
64
+ getSession: () => Promise<{
65
+ user?: {
66
+ id?: string;
67
+ role?: string;
68
+ };
69
+ } | null>;
70
+ minRole: string;
71
+ }
72
+ declare function withRole(options: WithRoleOptions): Promise<WithRoleResult>;
73
+ /**
74
+ * Create a custom permission checker
75
+ */
76
+ declare function createPermissionChecker(permissions: Record<string, string[]>): (userRole: string, permission: string) => boolean;
77
+
78
+ export { type AuthorizationConfig, PERMISSIONS, type Permission, type Role, type WithRoleOptions, type WithRoleResult, configureAuthorization, createPermissionChecker, hasMinRole, hasPermission, hasRole, isAdmin, isModerator, isSuperAdmin, withRole };
package/dist/authorization/index.js ADDED
@@ -0,0 +1,137 @@
1
+ "use client";
2
+ "use strict";
3
+ var __defProp = Object.defineProperty;
4
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
5
+ var __getOwnPropNames = Object.getOwnPropertyNames;
6
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
7
+ var __export = (target, all) => {
8
+ for (var name in all)
9
+ __defProp(target, name, { get: all[name], enumerable: true });
10
+ };
11
+ var __copyProps = (to, from, except, desc) => {
12
+ if (from && typeof from === "object" || typeof from === "function") {
13
+ for (let key of __getOwnPropNames(from))
14
+ if (!__hasOwnProp.call(to, key) && key !== except)
15
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
16
+ }
17
+ return to;
18
+ };
19
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
20
+
21
+ // src/authorization/index.ts
22
+ var authorization_exports = {};
23
+ __export(authorization_exports, {
24
+ PERMISSIONS: () => PERMISSIONS,
25
+ configureAuthorization: () => configureAuthorization,
26
+ createPermissionChecker: () => createPermissionChecker,
27
+ hasMinRole: () => hasMinRole,
28
+ hasPermission: () => hasPermission,
29
+ hasRole: () => hasRole,
30
+ isAdmin: () => isAdmin,
31
+ isModerator: () => isModerator,
32
+ isSuperAdmin: () => isSuperAdmin,
33
+ withRole: () => withRole
34
+ });
35
+ module.exports = __toCommonJS(authorization_exports);
36
+ var import_server = require("next/server");
37
+ var DEFAULT_ROLE_HIERARCHY = ["USER", "MODERATOR", "ADMIN", "SUPER_ADMIN"];
38
+ var config = {
39
+ roleHierarchy: DEFAULT_ROLE_HIERARCHY,
40
+ permissions: {}
41
+ };
42
+ function configureAuthorization(options) {
43
+ config = { ...config, ...options };
44
+ }
45
+ function hasMinRole(userRole, minRole) {
46
+ const hierarchy = config.roleHierarchy || DEFAULT_ROLE_HIERARCHY;
47
+ const userLevel = hierarchy.indexOf(userRole);
48
+ const minLevel = hierarchy.indexOf(minRole);
49
+ if (userLevel === -1 || minLevel === -1) {
50
+ return false;
51
+ }
52
+ return userLevel >= minLevel;
53
+ }
54
+ function hasRole(userRole, allowedRoles) {
55
+ return allowedRoles.includes(userRole);
56
+ }
57
+ function isAdmin(role) {
58
+ return hasMinRole(role, "ADMIN");
59
+ }
60
+ function isSuperAdmin(role) {
61
+ return role === "SUPER_ADMIN";
62
+ }
63
+ function isModerator(role) {
64
+ return hasMinRole(role, "MODERATOR");
65
+ }
66
+ function hasPermission(userRole, permission) {
67
+ const permissions = config.permissions || {};
68
+ const allowedRoles = permissions[permission];
69
+ if (!allowedRoles) {
70
+ return false;
71
+ }
72
+ return allowedRoles.includes(userRole);
73
+ }
74
+ var PERMISSIONS = {
75
+ // User management
76
+ "users:read": ["MODERATOR", "ADMIN", "SUPER_ADMIN"],
77
+ "users:update": ["ADMIN", "SUPER_ADMIN"],
78
+ "users:delete": ["SUPER_ADMIN"],
79
+ "users:updateRole": ["SUPER_ADMIN"],
80
+ // Content management
81
+ "posts:create": ["MODERATOR", "ADMIN", "SUPER_ADMIN"],
82
+ "posts:update": ["MODERATOR", "ADMIN", "SUPER_ADMIN"],
83
+ "posts:delete": ["ADMIN", "SUPER_ADMIN"],
84
+ "posts:publish": ["ADMIN", "SUPER_ADMIN"],
85
+ // Admin panel access
86
+ "admin:access": ["ADMIN", "SUPER_ADMIN"],
87
+ "admin:settings": ["SUPER_ADMIN"],
88
+ // Subscription management
89
+ "subscriptions:read": ["ADMIN", "SUPER_ADMIN"],
90
+ "subscriptions:manage": ["SUPER_ADMIN"]
91
+ };
92
+ async function withRole(options) {
93
+ const session = await options.getSession();
94
+ if (!session?.user?.id) {
95
+ return {
96
+ authorized: false,
97
+ response: import_server.NextResponse.json({ error: "Unauthorized" }, { status: 401 }),
98
+ session: null
99
+ };
100
+ }
101
+ const userRole = session.user.role || "USER";
102
+ if (!hasMinRole(userRole, options.minRole)) {
103
+ return {
104
+ authorized: false,
105
+ response: import_server.NextResponse.json({ error: "Forbidden" }, { status: 403 }),
106
+ session
107
+ };
108
+ }
109
+ return {
110
+ authorized: true,
111
+ response: null,
112
+ session
113
+ };
114
+ }
115
+ function createPermissionChecker(permissions) {
116
+ return function checkPermission(userRole, permission) {
117
+ const allowedRoles = permissions[permission];
118
+ if (!allowedRoles) {
119
+ return false;
120
+ }
121
+ return allowedRoles.includes(userRole);
122
+ };
123
+ }
124
+ // Annotate the CommonJS export names for ESM import in node:
125
+ 0 && (module.exports = {
126
+ PERMISSIONS,
127
+ configureAuthorization,
128
+ createPermissionChecker,
129
+ hasMinRole,
130
+ hasPermission,
131
+ hasRole,
132
+ isAdmin,
133
+ isModerator,
134
+ isSuperAdmin,
135
+ withRole
136
+ });
137
+ //# sourceMappingURL=index.js.map