@wacht/types 0.0.1-alpha.1

package/package.json

@@ -0,0 +1,13 @@
+{
+  "name": "@wacht/types",
+  "version": "0.0.1-alpha.1",
+  "description": "Shared TypeScript types for wacht libraries",
+  "main": "./src/index.ts",
+  "types": "./src/index.ts",
+  "files": [
+    "src"
+  ],
+  "devDependencies": {
+    "typescript": "^5.8.3"
+  }
+}

package/src/auth.ts

@@ -0,0 +1,40 @@
+export interface SignUpParams {
+  first_name?: string;
+  last_name?: string;
+  username?: string;
+  phone_number?: string;
+  email?: string;
+  password?: string;
+}
+
+export interface SSOResponse {
+  oauth_url: string;
+  session: unknown;
+}
+
+export interface SignInParams {
+  email?: string;
+  username?: string;
+  password?: string;
+  phone?: string;
+  strategy?: string;
+}
+
+export interface SignInResponse {
+  session: unknown;
+}
+
+export interface SSOCallbackResponse {
+  session: unknown;
+}
+
+export type SocialConnectionProvider =
+  | "x_oauth"
+  | "github_oauth"
+  | "gitlab_oauth"
+  | "google_oauth"
+  | "facebook_oauth"
+  | "microsoft_oauth"
+  | "linkedin_oauth"
+  | "discord_oauth"
+  | "apple_oauth"

package/src/client.ts

@@ -0,0 +1,60 @@
+export type Client = (
+  url: URL | string,
+  options?: RequestInit
+) => Promise<Response>;
+
+export type ClinetReponse<T> = {
+  status: number;
+  message: string;
+  data: T;
+};
+
+export type ErrorInterface = {
+  message: string;
+  code: ErrorCode;
+};
+
+export enum ErrorCode {
+  Unknown = "unknown",
+  UserNotFound = "USER_NOT_FOUND",
+  UserDisabled = "USER_DISABLED",
+  MissingVerificationCode = "missing_verification_code",
+  VerificationCodeExpired = "verification_code_expired",
+  UsernameExists = "USERNAME_EXISTS",
+  EmailExists = "EMAIL_EXISTS",
+  InvalidCredentials = "INVALID_CREDENTIALS",
+  UserAlreadySignedIn = "USER_ALREADY_SIGNED_IN",
+  PhoneNumberExists = "PHONE_NUMBER_EXISTS",
+  OauthCompletionFailed = "OAUTH_COMPLETION_FAILED",
+  ProviderRequired = "PROVIDER_REQUIRED",
+  CodeRequired = "CODE_REQUIRED",
+  VerificationStrategyRequired = "VERIFICATION_STRATEGY_REQUIRED",
+  InvalidState = "INVALID_STATE",
+  InvalidCode = "INVALID_CODE",
+  RequiredField = "REQUIRED_FIELD",
+  BadRequestBody = "BAD_REQUEST_BODY",
+  ProviderNotConfigured = "PROVIDER_NOT_CONFIGURED",
+  SignupRestricted = "SIGNUP_RESTRICTED",
+  SignupWaitlistOnly = "SIGNUP_WAITLIST_ONLY",
+  EmailNotAllowed = "EMAIL_NOT_ALLOWED",
+  EmailBlocked = "EMAIL_BLOCKED",
+  DisposableEmailBlocked = "DISPOSABLE_EMAIL_BLOCKED",
+  CountryRestricted = "COUNTRY_RESTRICTED",
+  VoipNumberBlocked = "VOIP_NUMBER_BLOCKED",
+  BannedKeyword = "BANNED_KEYWORD",
+  NoAlternativeAuthMethod = "NO_ALTERNATIVE_AUTH_METHOD",
+  Internal = "INTERNAL",
+  BadSignInAttempt = "BAD_SIGN_IN_ATTEMPT",
+}
+
+export type ResultInterface<T, E> =
+  | {
+      data: never;
+      errors: E[];
+    }
+  | {
+      data: T;
+      errors: never;
+    };
+
+export type ApiResult<T, E = ErrorInterface> = ResultInterface<T, E>;

package/src/deployment.ts

@@ -0,0 +1,196 @@
+export interface B2BSettings {
+  id: number;
+  created_at: string;
+  updated_at: string;
+  deleted_at: null;
+  deployment_id: number;
+  organizations_enabled: boolean;
+  workspaces_enabled: boolean;
+  ip_allowlist_per_org_enabled: boolean;
+  allow_users_to_create_orgs: boolean;
+  max_orgs_per_user: number;
+  max_allowed_org_members: number;
+  max_allowed_workspace_members: number;
+  allow_org_deletion: boolean;
+  allow_workspace_deletion: boolean;
+  custom_org_role_enabled: boolean;
+  limit_org_creation_per_user: boolean;
+  limit_workspace_creation_per_org: boolean;
+  org_creation_per_user_count: number;
+  workspaces_per_org_count: number;
+  custom_workspace_role_enabled: boolean;
+  default_workspace_creator_role_id: number;
+  default_workspace_member_role_id: number;
+  default_org_creator_role_id: number;
+  default_org_member_role_id: number;
+  workspace_permissions: string[];
+  organization_permissions: string[];
+}
+
+export interface AuthFactorsEnabled {
+  email_password: boolean;
+  username_password: boolean;
+  email_magic_link: boolean;
+  email_otp: boolean;
+  phone_otp: boolean;
+  web3_wallet: boolean;
+  backup_code: boolean;
+  authenticator: boolean;
+}
+
+export interface VerificationPolicy {
+  phone_number: boolean;
+  email: boolean;
+}
+
+export interface AuthField {
+  enabled: boolean;
+  required: boolean;
+}
+
+export type SecondFactor =
+  | "none"
+  | "phone_otp"
+  | "backup_code"
+  | "authenticator";
+export type FirstFactor =
+  | "email_password"
+  | "username_password"
+  | "email_otp"
+  | "email_magic_link"
+  | "phone_otp";
+
+export type SecondFactorPolicy = "none" | "optional" | "enforced";
+
+export interface MultiSessionSupport {
+  enabled: boolean;
+  max_accounts_per_session: number;
+  max_sessions_per_account: number;
+}
+
+export interface AuthSettings {
+  id: number;
+  created_at: string;
+  updated_at: string;
+  deleted_at: null;
+  email_address: AuthField;
+  phone_number: AuthField;
+  username: AuthField;
+  first_name: AuthField;
+  last_name: AuthField;
+  password: AuthField;
+  backup_code: AuthField;
+  web3_wallet: AuthField;
+  password_policy: AuthField;
+  magic_link: AuthField;
+  passkey: AuthField;
+  auth_factors_enabled: AuthFactorsEnabled;
+  verification_policy: VerificationPolicy;
+  second_factor_policy: SecondFactorPolicy;
+  first_factor: FirstFactor;
+  second_factor: SecondFactor | null;
+  alternate_first_factors: FirstFactor[] | null;
+  alternate_second_factors: SecondFactor[] | null;
+  multi_session_support: MultiSessionSupport;
+  deployment_id: number;
+}
+
+export interface DeploymentSocialConnection {
+  id: number;
+  created_at: string;
+  updated_at: string;
+  deleted_at: null;
+  deployment_id: number;
+  provider: string;
+  enabled: boolean;
+  user_defined_scopes: null;
+  custom_credentials_set: boolean;
+}
+
+export interface CountryRestriction {
+  enabled: boolean;
+  country_codes: string[];
+}
+
+export type SignUpMode = "public" | "restricted" | "waitlist";
+
+export interface DeploymentRestrictions {
+  id: number;
+  created_at: string;
+  updated_at: string;
+  deleted_at: null;
+  deployment_id: number;
+  allowlist_enabled: boolean;
+  blocklist_enabled: boolean;
+  block_subaddresses: boolean;
+  block_disposable_emails: boolean;
+  block_voip_numbers: boolean;
+  country_restrictions: CountryRestriction;
+  banned_keywords: string[];
+  allowlisted_resources: string[];
+  blocklisted_resources: string[];
+  sign_up_mode: SignUpMode;
+}
+
+export interface LightModeSettings {
+  primary_color: string;
+  background_color: string;
+  text_color: string;
+}
+
+export interface DarkModeSettings {
+  primary_color: string;
+  background_color: string;
+  text_color: string;
+}
+
+export interface DeploymentUISettings {
+  deployment_id: number;
+  app_name: string;
+  privacy_policy_url: string;
+  tos_page_url: string;
+  sign_in_page_url: string;
+  sign_up_page_url: string;
+  waitlist_page_url: string;
+  support_page_url: string;
+  after_logo_click_url: string;
+  user_profile_url: string;
+  organization_profile_url: string;
+  create_organization_url: string;
+  after_sign_out_one_page_url: string;
+  after_sign_out_all_page_url: string;
+  after_signup_redirect_url: string;
+  after_signin_redirect_url: string;
+  after_create_organization_redirect_url: string;
+  favicon_image_url: string;
+  default_user_profile_image_url: string;
+  default_organization_profile_image_url: string;
+  default_workspace_profile_image_url: string;
+  use_initials_for_user_profile_image: boolean;
+  use_initials_for_organization_profile_image: boolean;
+  logo_image_url: string;
+  signup_terms_statement: string;
+  signup_terms_statement_shown: boolean;
+  light_mode_settings: LightModeSettings;
+  dark_mode_settings: DarkModeSettings;
+}
+
+export interface Deployment {
+  id: number;
+  created_at: string;
+  updated_at: string;
+  deleted_at: null;
+  maintenance_mode: boolean;
+  backend_host: string;
+  frontend_host: string;
+  mail_from_host: string;
+  publishable_key: string;
+  b2b_settings: B2BSettings;
+  auth_settings: AuthSettings;
+  restrictions: DeploymentRestrictions;
+  social_connections: DeploymentSocialConnection[];
+  ui_settings: DeploymentUISettings;
+  project_id: number;
+  mode: "production" | "staging";
+}
+

package/src/index.ts

@@ -0,0 +1,7 @@
+export * from "./auth";
+export * from "./client";
+export * from "./deployment";
+export * from "./organization";
+export * from "./profile";
+export * from "./session";
+export * from "./user";

package/src/organization.ts

@@ -0,0 +1,139 @@
+import type { PublicUserData } from "./user";
+
+export interface Organization {
+  id: string;
+  name: string;
+  image_url: string;
+  description: string;
+  member_count: number;
+  public_metadata: Record<string, unknown>;
+  private_metadata: Record<string, unknown>;
+  enforce_mfa: boolean;
+  enable_ip_restriction: boolean;
+  whitelisted_ips: string[];
+  auto_assigned_workspace_id: string;
+  created_at: string;
+  updated_at: string;
+}
+
+export interface OrganizationRole {
+  id: string;
+  organization_id: string;
+  name: string;
+  permissions: string[];
+  created_at: string;
+  updated_at: string;
+}
+
+export interface OrganizationMembershipWithOrganization {
+  id: string;
+  organization: Organization;
+  user_id: string;
+  role: OrganizationRole[];
+  created_at: string;
+  updated_at: string;
+}
+
+export interface OrganizationMembership {
+  id: string;
+  organization: Organization;
+  user: PublicUserData;
+  roles: OrganizationRole[];
+  created_at: string;
+  updated_at: string;
+}
+
+export interface OrganizationInvitation {
+  id: string;
+  created_at: string;
+  updated_at: string;
+  organization_id: string;
+  email: string;
+  initial_organization_role: OrganizationRole;
+  inviter: OrganizationMembership;
+  workspace: Workspace;
+  initial_workspace_role: WorkspaceRole;
+  expired: boolean;
+}
+
+export interface OrganizationDomain {
+  id: string;
+  organization_id: string;
+  fqdn: string;
+  verified: boolean;
+  verification_dns_record_type: string;
+  verification_dns_record_name: string;
+  verification_dns_record_data: string;
+  verification_attempts: number;
+  created_at: string;
+  updated_at: string;
+}
+
+export interface Workspace {
+  id: string;
+  name: string;
+  image_url: string;
+  description: string;
+  member_count: number;
+  public_metadata: Record<string, unknown>;
+  private_metadata: Record<string, unknown>;
+  created_at: string;
+  updated_at: string;
+}
+
+export interface WorkspaceWithOrganization extends Workspace {
+  organization: Organization;
+}
+
+export interface WorkspaceRole {
+  id: string;
+  name: string;
+  permissions: string[];
+  created_at: string;
+  updated_at: string;
+}
+
+export interface WorkspaceMembership {
+  id: string;
+  workspace: Workspace;
+  organization_id: string;
+  user_id: string;
+  role: WorkspaceRole[];
+  organization: Organization;
+  created_at: string;
+  updated_at: string;
+}
+
+export interface OrganizationUpdate {
+  image?: File;
+  name?: string;
+  description?: string;
+  whitelisted_ips?: string[];
+  auto_assigned_workspace_id?: string;
+  enable_ip_restriction?: boolean;
+  enforce_mfa_setup?: boolean;
+}
+
+export interface RoleCreate {
+  name: string;
+  permissions?: string[];
+}
+
+export type RoleUpdate = Partial<RoleCreate>;
+
+export interface NewOrgnization {
+  name: string;
+  description?: string;
+  image?: File;
+}
+
+export interface NewDomain {
+  fqdn: string;
+}
+
+export interface OrganizationInvitationPayload {
+  email: string;
+  organizationRole: OrganizationRole;
+  workspace?: Workspace;
+  workspaceRole?: WorkspaceRole;
+}

package/src/profile.ts

@@ -0,0 +1,32 @@
+import { SigninAttempt, Session } from './session';
+import { ApiResult } from './client';
+
+export interface ProfileCompletionData {
+  first_name?: string;
+  last_name?: string;
+  username?: string;
+  phone_number?: string;
+  phone_country_code?: string;
+  email?: string;
+}
+
+// Match the actual VerificationParams type from use-signin
+type VerificationParams =
+  | { strategy: "email_otp"; redirectUri?: string }
+  | { strategy: "phone_otp"; lastDigits?: string }
+  | { strategy: "magic_link"; redirectUri?: string };
+
+type PrepareVerificationResponse = {
+  otp_sent?: boolean;
+  masked_phone?: string;
+  masked_email?: string;
+  verification_method?: string;
+};
+
+export interface ProfileCompletionProps {
+  attempt: SigninAttempt;
+  onBack?: () => void;
+  completeProfile: (data: ProfileCompletionData) => Promise<Session>;
+  completeVerification: (code: string) => Promise<Session>;
+  prepareVerification: (params: VerificationParams) => Promise<ApiResult<PrepareVerificationResponse>>;
+}

package/src/session.ts

@@ -0,0 +1,98 @@
+import type { CurrentUser } from "./user";
+import type { ProfileCompletionData } from "./profile";
+
+export interface SignIn {
+  id: string;
+  user_id: string;
+  active_organization_membership_id: string;
+  active_workspace_membership_id: string;
+  user: CurrentUser;
+  expiresAt: string;
+  lastActiveAt: string;
+  ipAddress: string;
+  browser: string;
+  device: string;
+  city: string;
+  region: string;
+  regionCode: string;
+  country: string;
+  countryCode: string;
+}
+
+export type SignInMethod = "plain" | "sso" | "passkey";
+
+export type SSOProvider =
+  | "x_oauth"
+  | "github_oauth"
+  | "gitlab_oauth"
+  | "google_oauth"
+  | "facebook_oauth"
+  | "microsoft_oauth"
+  | "linkedin_oauth"
+  | "discord_oauth";
+
+export type CurrentSessionStep =
+  | "verify_password"
+  | "verify_email"
+  | "verify_email_link"
+  | "verify_email_otp"
+  | "verify_phone"
+  | "verify_phone_otp"
+  | "verify_second_factor"
+  | "add_second_factor"
+  | "complete_profile";
+
+export interface SigninAttempt {
+  id: string;
+  email: string;
+  session_id: number;
+  method: SignInMethod;
+  sso_provider: SSOProvider;
+  expires_at: string;
+  first_method_authenticated: boolean;
+  second_method_authenticated: boolean;
+  second_method_authentication_required: boolean;
+  available_2fa_methods?: string[];
+  user_id: number;
+  last_active_org_id: number;
+  current_step: CurrentSessionStep;
+  completed: boolean;
+  requires_completion?: boolean;
+  missing_fields?: string[];
+  required_fields?: string[];
+  profile_completion_data?: ProfileCompletionData;
+}
+
+export type SignupAttemptStep =
+  | "verify_email"
+  | "verify_phone"
+  | "verify_authenticator";
+
+export interface SignupAttempt {
+  id: string;
+  session_id: number;
+  first_name: string;
+  last_name: string;
+  email: string;
+  username: string;
+  phone_number: string;
+  password: string;
+  required_fields: string[];
+  missing_fields: string[];
+  current_step: SignupAttemptStep;
+  remaining_steps: SignupAttemptStep[];
+  completed: boolean;
+}
+
+export interface Session {
+  id: number;
+  active_signin: SignIn | null;
+  signins?: SignIn[];
+  signin_attempts?: SigninAttempt[];
+  signup_attempts?: SignupAttempt[];
+}
+
+export interface SessionToken {
+  token: string;
+  expires: number;
+}

package/src/user.ts

@@ -0,0 +1,82 @@
+import type { SocialConnectionProvider } from "./auth";
+import type { SecondFactorPolicy } from "./deployment";
+
+export type VerificationStrategy =
+  | "otp"
+  | "oath_google"
+  | "oath_github"
+  | "oauth_microsoft"
+  | "oauth_facebook"
+  | "oauth_linkedin"
+  | "oauth_discord"
+  | "oauth_apple";
+
+export interface SocialConnection {
+  id: number;
+  provider: SocialConnectionProvider;
+  email_address: string;
+  first_name: string;
+  last_name: string;
+}
+
+export interface UserEmailAddress {
+  id: string;
+  email: string;
+  is_primary: boolean;
+  verified: boolean;
+  verified_at: string;
+  verification_strategy: VerificationStrategy;
+}
+
+export interface UserPhoneNumber {
+  id: string;
+  phone_number: string;
+  country_code: string;
+  verified: boolean;
+  verified_at: string;
+}
+
+export interface UserAuthenticator {
+  id: string;
+  created_at: string;
+  totp_secret?: string;
+  otp_url?: string;
+}
+
+export interface CurrentUser {
+  id: string;
+  first_name: string;
+  last_name: string;
+  username: string;
+  availability: "available" | "busy" | "away";
+  has_profile_picture: string;
+  profile_picture_url: string;
+  primary_email_address_id: string;
+  primary_phone_number_id: string;
+  primary_email_address: UserEmailAddress;
+  primary_phone_number?: UserPhoneNumber;
+  second_factor_policy: SecondFactorPolicy;
+  user_email_addresses: UserEmailAddress[];
+  user_phone_numbers: UserPhoneNumber[];
+  email_addresses?: UserEmailAddress[];
+  phone_numbers?: UserPhoneNumber[];
+  social_connections: SocialConnection[];
+  user_authenticator?: UserAuthenticator;
+  authenticators?: UserAuthenticator[];
+  backup_codes_generated?: boolean;
+  backup_codes?: string[];
+  has_password: boolean;
+  public_metadata: Record<string, unknown>;
+}
+
+export interface PublicUserData {
+  id: string;
+  first_name: string;
+  last_name: string;
+  username: string;
+  availability: "available" | "busy" | "away";
+  has_profile_picture: string;
+  profile_picture_url: string;
+  primary_phone_number: UserPhoneNumber;
+  primary_email_address: UserEmailAddress;
+}