@wpnuxt/auth 2.0.0-alpha.4 → 2.0.0-alpha.6

package/dist/module.json

@@ -1,7 +1,10 @@
 {
   "name": "@wpnuxt/auth",
   "configKey": "wpNuxtAuth",
-  "version": "2.0.0-alpha.3",
+  "compatibility": {
+    "nuxt": ">=3.0.0"
+  },
+  "version": "2.0.0-alpha.5",
   "builder": {
     "@nuxt/module-builder": "1.0.2",
     "unbuild": "3.6.1"

package/dist/module.mjs

@@ -38,7 +38,7 @@ function validateAuthSchema(schemaPath, options = {}) {
   const capabilities = detectAuthCapabilities(schemaPath);
   if (capabilities === null) {
     throw new Error(
-      `[WPNuxt Auth] Cannot validate GraphQL schema - file not found or unreadable.
+      `[wpnuxt:auth] Cannot validate GraphQL schema - file not found or unreadable.
 
 Schema path: ${schemaPath}
 
@@ -50,7 +50,7 @@ To fix this, run: pnpm dev:prepare`
   }
   if (!capabilities.hasHeadlessLogin) {
     throw new Error(
-      `[WPNuxt Auth] Headless Login for WPGraphQL plugin not detected.
+      `[wpnuxt:auth] Headless Login for WPGraphQL plugin not detected.
 
 The @wpnuxt/auth module requires this WordPress plugin for authentication.
 Your WordPress GraphQL schema is missing the required 'loginClients' query.
@@ -65,7 +65,7 @@ To disable @wpnuxt/auth, remove it from your nuxt.config.ts modules.`
   }
   if (options.requirePassword && !capabilities.hasPasswordAuth) {
     throw new Error(
-      `[WPNuxt Auth] Password authentication not available in GraphQL schema.
+      `[wpnuxt:auth] Password authentication not available in GraphQL schema.
 
 The 'login' mutation is missing from your WordPress GraphQL schema.
 Make sure Headless Login for WPGraphQL is properly configured with PASSWORD provider enabled.`
@@ -73,7 +73,7 @@ Make sure Headless Login for WPGraphQL is properly configured with PASSWORD prov
   }
   if (options.requireHeadlessLogin && capabilities.detectedProviders.length === 0) {
     throw new Error(
-      `[WPNuxt Auth] No OAuth providers detected in GraphQL schema.
+      `[wpnuxt:auth] No OAuth providers detected in GraphQL schema.
 
 Headless Login is installed but no providers are configured.
 Configure OAuth providers (Google, GitHub, etc.) in WordPress admin under:
@@ -97,7 +97,10 @@ const DEFAULT_HEADLESS_LOGIN_CONFIG = {
 const module$1 = defineNuxtModule({
   meta: {
     name: "@wpnuxt/auth",
-    configKey: "wpNuxtAuth"
+    configKey: "wpNuxtAuth",
+    compatibility: {
+      nuxt: ">=3.0.0"
+    }
   },
   defaults: {
     enabled: true,
@@ -183,38 +186,31 @@ const module$1 = defineNuxtModule({
       { name: "useWPAuth", from: resolver.resolve("./runtime/composables/useWPAuth") },
       { name: "useWPUser", from: resolver.resolve("./runtime/composables/useWPUser") }
     ]);
-    if (passwordEnabled) {
-      addServerHandler({
-        route: "/api/auth/login",
-        method: "post",
-        handler: resolver.resolve("./runtime/server/api/auth/login.post")
-      });
-    }
     addServerHandler({
-      route: "/api/auth/logout",
+      route: "/api/_wpnuxt-auth/logout",
       method: "post",
       handler: resolver.resolve("./runtime/server/api/auth/logout.post")
     });
     if (oauthEnabled) {
       addServerHandler({
-        route: "/api/auth/oauth/authorize",
+        route: "/api/_wpnuxt-auth/oauth/authorize",
         method: "get",
         handler: resolver.resolve("./runtime/server/api/auth/oauth/authorize.get")
       });
       addServerHandler({
-        route: "/api/auth/oauth/callback",
+        route: "/api/_wpnuxt-auth/oauth/callback",
         method: "get",
         handler: resolver.resolve("./runtime/server/api/auth/oauth/callback.get")
       });
     }
     if (headlessLoginEnabled) {
       addServerHandler({
-        route: "/api/auth/provider/:provider/authorize",
+        route: "/api/_wpnuxt-auth/provider/:provider/authorize",
         method: "get",
         handler: resolver.resolve("./runtime/server/api/auth/provider/[provider]/authorize.get")
       });
       addServerHandler({
-        route: "/api/auth/provider/:provider/callback",
+        route: "/api/_wpnuxt-auth/provider/:provider/callback",
         method: "get",
         handler: resolver.resolve("./runtime/server/api/auth/provider/[provider]/callback.get")
       });

package/dist/runtime/composables/useWPAuth.js

@@ -27,34 +27,30 @@ export function useWPAuth() {
     authState.value.isLoading = true;
     authState.value.error = null;
     try {
-      const response = await $fetch("/api/auth/login", {
-        method: "POST",
-        body: {
-          username: credentials.username,
-          password: credentials.password
-        }
+      const { data, errors } = await useGraphqlMutation("Login", {
+        username: credentials.username,
+        password: credentials.password
       });
-      const data = response.data;
-      const errors = response.errors;
       if (errors?.length) {
         const errorMessage = errors[0]?.message || "Login failed";
         authState.value.error = errorMessage;
         authState.value.isLoading = false;
         return { success: false, error: errorMessage };
       }
-      if (data?.login) {
-        authToken.value = data.login.authToken;
-        refreshTokenCookie.value = data.login.refreshToken;
-        userDataCookie.value = JSON.stringify(data.login.user);
-        authState.value.user = data.login.user;
+      const loginData = data;
+      if (loginData?.login) {
+        authToken.value = loginData.login.authToken;
+        refreshTokenCookie.value = loginData.login.refreshToken;
+        userDataCookie.value = JSON.stringify(loginData.login.user);
+        authState.value.user = loginData.login.user;
         authState.value.isAuthenticated = true;
         authState.value.isLoading = false;
         return {
           success: true,
-          user: data.login.user,
+          user: loginData.login.user,
           tokens: {
-            authToken: data.login.authToken,
-            refreshToken: data.login.refreshToken
+            authToken: loginData.login.authToken,
+            refreshToken: loginData.login.refreshToken
           }
         };
       }
@@ -68,7 +64,7 @@ export function useWPAuth() {
     }
   }
   async function logout() {
-    await $fetch("/api/auth/logout", { method: "POST" }).catch(() => {
+    await $fetch("/api/_wpnuxt-auth/logout", { method: "POST" }).catch(() => {
     });
     authToken.value = null;
     refreshTokenCookie.value = null;
@@ -82,22 +78,45 @@ export function useWPAuth() {
   }
   async function refresh() {
     if (!refreshTokenCookie.value) {
-      return false;
+      return { success: false, error: "No refresh token available" };
     }
     try {
       const { data, errors } = await useGraphqlMutation("RefreshToken", {
         refreshToken: refreshTokenCookie.value
       });
+      if (errors?.length) {
+        const errorMessage = errors[0]?.message || "Token refresh failed";
+        authToken.value = null;
+        refreshTokenCookie.value = null;
+        userDataCookie.value = null;
+        authState.value.isAuthenticated = false;
+        authState.value.user = null;
+        authState.value.error = errorMessage;
+        return { success: false, error: errorMessage };
+      }
       const refreshData = data;
-      if (errors?.length || !refreshData?.refreshToken?.success) {
-        await logout();
-        return false;
+      if (!refreshData?.refreshToken?.success) {
+        const errorMessage = "Token refresh was not successful";
+        authToken.value = null;
+        refreshTokenCookie.value = null;
+        userDataCookie.value = null;
+        authState.value.isAuthenticated = false;
+        authState.value.user = null;
+        authState.value.error = errorMessage;
+        return { success: false, error: errorMessage };
       }
       authToken.value = refreshData.refreshToken.authToken;
-      return true;
-    } catch {
-      await logout();
-      return false;
+      authState.value.error = null;
+      return { success: true };
+    } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : "Token refresh failed unexpectedly";
+      authToken.value = null;
+      refreshTokenCookie.value = null;
+      userDataCookie.value = null;
+      authState.value.isAuthenticated = false;
+      authState.value.user = null;
+      authState.value.error = errorMessage;
+      return { success: false, error: errorMessage };
     }
   }
   function getToken() {
@@ -117,7 +136,7 @@ export function useWPAuth() {
       logger.warn("OAuth is not enabled");
       return;
     }
-    await navigateTo("/api/auth/oauth/authorize", { external: true });
+    await navigateTo("/api/_wpnuxt-auth/oauth/authorize", { external: true });
   }
   function hasPasswordAuth() {
     return getProviders().password;
@@ -179,7 +198,7 @@ export function useWPAuth() {
       logger.warn("Headless Login is not enabled");
       return;
     }
-    await navigateTo(`/api/auth/provider/${provider.toLowerCase()}/authorize`, { external: true });
+    await navigateTo(`/api/_wpnuxt-auth/provider/${provider.toLowerCase()}/authorize`, { external: true });
   }
   return {
     // State

package/dist/runtime/server/api/auth/oauth/authorize.get.js

@@ -1,14 +1,20 @@
-import { defineEventHandler, setCookie, getRequestURL, setResponseStatus, setResponseHeader } from "h3";
+import { defineEventHandler, setCookie, getRequestURL, setResponseStatus, setResponseHeader, createError } from "h3";
 import { useRuntimeConfig } from "#imports";
 export default defineEventHandler(async (event) => {
   const config = useRuntimeConfig();
   const publicConfig = config.public.wpNuxtAuth;
   const wordpressUrl = config.public.wordpressUrl;
   if (!wordpressUrl) {
-    throw new Error("WordPress URL not configured");
+    throw createError({
+      statusCode: 500,
+      message: "[wpnuxt:auth] WordPress URL not configured"
+    });
   }
   if (!publicConfig.providers.oauth.enabled) {
-    throw new Error("OAuth authentication is not enabled");
+    throw createError({
+      statusCode: 403,
+      message: "[wpnuxt:auth] OAuth authentication is not enabled"
+    });
   }
   const state = crypto.randomUUID();
   setCookie(event, "wpnuxt-oauth-state", state, {
@@ -20,7 +26,7 @@ export default defineEventHandler(async (event) => {
     path: "/"
   });
   const requestUrl = getRequestURL(event);
-  const callbackUrl = `${requestUrl.origin}/api/auth/oauth/callback`;
+  const callbackUrl = `${requestUrl.origin}/api/_wpnuxt-auth/oauth/callback`;
   const authUrl = new URL(
     publicConfig.providers.oauth.authorizationEndpoint,
     wordpressUrl

package/dist/runtime/server/api/auth/oauth/callback.get.js

@@ -28,7 +28,7 @@ export default defineEventHandler(async (event) => {
   }
   deleteCookie(event, "wpnuxt-oauth-state");
   const requestUrl = getRequestURL(event);
-  const callbackUrl = `${requestUrl.origin}/api/auth/oauth/callback`;
+  const callbackUrl = `${requestUrl.origin}/api/_wpnuxt-auth/oauth/callback`;
   const tokenUrl = new URL(privateConfig.tokenEndpoint, wordpressUrl);
   const tokenResponse = await $fetch(tokenUrl.toString(), {
     method: "POST",

package/dist/runtime/server/api/auth/provider/[provider]/authorize.get.js

@@ -76,7 +76,7 @@ export default defineEventHandler(async (event) => {
   const authUrl = new URL(loginClient.authorizationUrl);
   authUrl.searchParams.set("state", state);
   const requestUrl = getRequestURL(event);
-  const callbackUrl = `${requestUrl.origin}/api/auth/provider/${provider}/callback`;
+  const callbackUrl = `${requestUrl.origin}/api/_wpnuxt-auth/provider/${provider}/callback`;
   authUrl.searchParams.set("redirect_uri", callbackUrl);
   return sendRedirect(event, authUrl.toString());
 });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wpnuxt/auth",
-  "version": "2.0.0-alpha.4",
+  "version": "2.0.0-alpha.6",
   "description": "Authentication module for WPNuxt using WPGraphQL JWT",
   "keywords": [
     "nuxt",
@@ -39,13 +39,13 @@
   "devDependencies": {
     "@nuxt/module-builder": "^1.0.2",
     "@nuxt/schema": "4.2.2",
-    "@types/node": "^25.0.3",
+    "@types/node": "^25.0.9",
     "nuxt": "4.2.2",
-    "vue-tsc": "^3.2.1"
+    "vue-tsc": "^3.2.2"
   },
   "peerDependencies": {
     "nuxt": "^4.0.0",
-    "@wpnuxt/core": "2.0.0-alpha.4"
+    "@wpnuxt/core": "2.0.0-alpha.6"
   },
   "scripts": {
     "build": "nuxt-module-build build",

package/dist/runtime/server/api/auth/login.post.js

@@ -1,51 +0,0 @@
-import { defineEventHandler, readBody, createError } from "h3";
-import { useRuntimeConfig } from "#imports";
-const LOGIN_MUTATION = `
-mutation Login($username: String!, $password: String!) {
-  login(input: {
-    provider: PASSWORD
-    credentials: {
-      username: $username
-      password: $password
-    }
-  }) {
-    authToken
-    authTokenExpiration
-    refreshToken
-    refreshTokenExpiration
-    user {
-      id
-      databaseId
-      name
-      email
-      firstName
-      lastName
-      username
-      avatar { url }
-      roles { nodes { name } }
-    }
-  }
-}
-`;
-export default defineEventHandler(async (event) => {
-  const config = useRuntimeConfig();
-  const body = await readBody(event);
-  if (!body?.username || !body?.password) {
-    throw createError({
-      statusCode: 400,
-      message: "Username and password are required"
-    });
-  }
-  const response = await $fetch(config.graphqlMiddleware.graphqlEndpoint, {
-    method: "POST",
-    body: {
-      query: LOGIN_MUTATION,
-      variables: {
-        username: body.username,
-        password: body.password
-      },
-      operationName: "Login"
-    }
-  });
-  return response;
-});