@wrelik/auth 0.1.0 → 0.2.1

package/.turbo/turbo-build.log

@@ -0,0 +1,31 @@
+
+> @wrelik/auth@0.2.1 build /home/runner/work/wrelik-kit/wrelik-kit/packages/auth
+> tsup src/index.ts src/next.ts src/react-native.ts --format cjs,esm --dts --clean
+
+CLI Building entry: src/index.ts, src/next.ts, src/react-native.ts
+CLI Using tsconfig: tsconfig.json
+CLI tsup v8.5.1
+CLI Target: es2019
+CLI Cleaning output folder
+CJS Build start
+ESM Build start
+CJS dist/index.js        2.23 KB
+CJS dist/react-native.js 2.31 KB
+CJS dist/next.js         1.61 KB
+CJS ⚡️ Build success in 54ms
+ESM dist/index.mjs          239.00 B
+ESM dist/next.mjs           255.00 B
+ESM dist/chunk-HWIZ2Q5U.mjs 391.00 B
+ESM dist/react-native.mjs   593.00 B
+ESM dist/chunk-5WLTDLEP.mjs 748.00 B
+ESM ⚡️ Build success in 55ms
+DTS Build start
+DTS ⚡️ Build success in 4418ms
+DTS dist/index.d.ts            393.00 B
+DTS dist/next.d.ts             134.00 B
+DTS dist/react-native.d.ts     430.00 B
+DTS dist/shared-Z5LN5APr.d.ts  525.00 B
+DTS dist/index.d.mts           395.00 B
+DTS dist/next.d.mts            135.00 B
+DTS dist/react-native.d.mts    432.00 B
+DTS dist/shared-Z5LN5APr.d.mts 525.00 B

package/CHANGELOG.md

@@ -1,5 +1,30 @@
 # @wrelik/auth
 
+## 0.2.1
+
+### Patch Changes
+
+- adb2048: chore: test release flow with real patch version bump
+
+## 0.2.0
+
+### Minor Changes
+
+- a38ebcb: Add React Native / Expo support and enforce server-only boundaries.
+
+### Patch Changes
+
+- Updated dependencies [a38ebcb]
+  - @wrelik/errors@0.2.0
+
+## 0.1.1
+
+### Patch Changes
+
+- Update publishConfig to access:public for all packages.
+- Updated dependencies
+  - @wrelik/errors@0.1.1
+
 ## 0.1.0
 
 ### Minor Changes

package/DRX_Primary.code-workspace

@@ -0,0 +1,14 @@
+{
+  "folders": [
+    {
+      "path": "../../../DRX_Primary",
+    },
+    {
+      "path": "../..",
+    },
+    {
+      "path": "../../../DRX_Mobile_App-1",
+    },
+  ],
+  "settings": {},
+}

package/dist/chunk-5WLTDLEP.mjs

@@ -0,0 +1,31 @@
+// src/shared.ts
+import { AuthRequiredError, PermissionDeniedError, TenantRequiredError } from "@wrelik/errors";
+function requireUser(session) {
+  if (!session || !session.userId) {
+    throw new AuthRequiredError();
+  }
+  return session.userId;
+}
+function requireTenant(session) {
+  requireUser(session);
+  if (!session || !session.tenantId) {
+    throw new TenantRequiredError();
+  }
+  return session.tenantId;
+}
+function hasRole(session, role) {
+  if (!session || !session.userId) return false;
+  return session.roles.includes(role);
+}
+function requireRole(session, role) {
+  if (!hasRole(session, role)) {
+    throw new PermissionDeniedError(`Role ${role} required`);
+  }
+}
+
+export {
+  requireUser,
+  requireTenant,
+  hasRole,
+  requireRole
+};

package/dist/chunk-HWIZ2Q5U.mjs

@@ -0,0 +1,17 @@
+// src/index.ts
+function fromClerkAuth(auth) {
+  var _a, _b;
+  if (!auth || !auth.userId) {
+    return { userId: null, tenantId: null, roles: [] };
+  }
+  const roles = ((_b = (_a = auth.sessionClaims) == null ? void 0 : _a.publicMetadata) == null ? void 0 : _b.roles) || [];
+  return {
+    userId: auth.userId,
+    tenantId: auth.orgId || null,
+    roles
+  };
+}
+
+export {
+  fromClerkAuth
+};

package/dist/index.d.mts

@@ -0,0 +1,7 @@
+import { SignedInAuthObject, SignedOutAuthObject } from '@clerk/backend';
+import { W as WorkflowSession } from './shared-Z5LN5APr.mjs';
+export { h as hasRole, r as requireRole, a as requireTenant, b as requireUser } from './shared-Z5LN5APr.mjs';
+
+declare function fromClerkAuth(auth: SignedInAuthObject | SignedOutAuthObject | null): WorkflowSession;
+
+export { WorkflowSession, fromClerkAuth };

package/dist/index.d.ts

@@ -0,0 +1,7 @@
+import { SignedInAuthObject, SignedOutAuthObject } from '@clerk/backend';
+import { W as WorkflowSession } from './shared-Z5LN5APr.js';
+export { h as hasRole, r as requireRole, a as requireTenant, b as requireUser } from './shared-Z5LN5APr.js';
+
+declare function fromClerkAuth(auth: SignedInAuthObject | SignedOutAuthObject | null): WorkflowSession;
+
+export { WorkflowSession, fromClerkAuth };

package/dist/index.js

@@ -0,0 +1,76 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  fromClerkAuth: () => fromClerkAuth,
+  hasRole: () => hasRole,
+  requireRole: () => requireRole,
+  requireTenant: () => requireTenant,
+  requireUser: () => requireUser
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/shared.ts
+var import_errors = require("@wrelik/errors");
+function requireUser(session) {
+  if (!session || !session.userId) {
+    throw new import_errors.AuthRequiredError();
+  }
+  return session.userId;
+}
+function requireTenant(session) {
+  requireUser(session);
+  if (!session || !session.tenantId) {
+    throw new import_errors.TenantRequiredError();
+  }
+  return session.tenantId;
+}
+function hasRole(session, role) {
+  if (!session || !session.userId) return false;
+  return session.roles.includes(role);
+}
+function requireRole(session, role) {
+  if (!hasRole(session, role)) {
+    throw new import_errors.PermissionDeniedError(`Role ${role} required`);
+  }
+}
+
+// src/index.ts
+function fromClerkAuth(auth) {
+  var _a, _b;
+  if (!auth || !auth.userId) {
+    return { userId: null, tenantId: null, roles: [] };
+  }
+  const roles = ((_b = (_a = auth.sessionClaims) == null ? void 0 : _a.publicMetadata) == null ? void 0 : _b.roles) || [];
+  return {
+    userId: auth.userId,
+    tenantId: auth.orgId || null,
+    roles
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  fromClerkAuth,
+  hasRole,
+  requireRole,
+  requireTenant,
+  requireUser
+});

package/dist/index.mjs

@@ -0,0 +1,16 @@
+import {
+  fromClerkAuth
+} from "./chunk-HWIZ2Q5U.mjs";
+import {
+  hasRole,
+  requireRole,
+  requireTenant,
+  requireUser
+} from "./chunk-5WLTDLEP.mjs";
+export {
+  fromClerkAuth,
+  hasRole,
+  requireRole,
+  requireTenant,
+  requireUser
+};

package/dist/next.d.mts

@@ -0,0 +1,5 @@
+import { W as WorkflowSession } from './shared-Z5LN5APr.mjs';
+
+declare function getSession(): WorkflowSession;
+
+export { getSession };

package/dist/next.d.ts

@@ -0,0 +1,5 @@
+import { W as WorkflowSession } from './shared-Z5LN5APr.js';
+
+declare function getSession(): WorkflowSession;
+
+export { getSession };

package/dist/next.js

@@ -0,0 +1,53 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/next.ts
+var next_exports = {};
+__export(next_exports, {
+  getSession: () => getSession
+});
+module.exports = __toCommonJS(next_exports);
+var import_nextjs = require("@clerk/nextjs");
+
+// src/shared.ts
+var import_errors = require("@wrelik/errors");
+
+// src/index.ts
+function fromClerkAuth(auth2) {
+  var _a, _b;
+  if (!auth2 || !auth2.userId) {
+    return { userId: null, tenantId: null, roles: [] };
+  }
+  const roles = ((_b = (_a = auth2.sessionClaims) == null ? void 0 : _a.publicMetadata) == null ? void 0 : _b.roles) || [];
+  return {
+    userId: auth2.userId,
+    tenantId: auth2.orgId || null,
+    roles
+  };
+}
+
+// src/next.ts
+function getSession() {
+  const clerkAuth = (0, import_nextjs.auth)();
+  return fromClerkAuth(clerkAuth);
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  getSession
+});

package/dist/next.mjs

@@ -0,0 +1,14 @@
+import {
+  fromClerkAuth
+} from "./chunk-HWIZ2Q5U.mjs";
+import "./chunk-5WLTDLEP.mjs";
+
+// src/next.ts
+import { auth } from "@clerk/nextjs";
+function getSession() {
+  const clerkAuth = auth();
+  return fromClerkAuth(clerkAuth);
+}
+export {
+  getSession
+};

package/dist/react-native.d.mts

@@ -0,0 +1,14 @@
+import { W as WorkflowSession } from './shared-Z5LN5APr.mjs';
+export { h as hasRole, r as requireRole, a as requireTenant, b as requireUser } from './shared-Z5LN5APr.mjs';
+
+declare function mapClerkToSession(auth: {
+    userId?: string | null;
+    orgId?: string | null;
+    session?: {
+        user?: {
+            publicMetadata?: any;
+        };
+    };
+} | null): WorkflowSession;
+
+export { WorkflowSession, mapClerkToSession };

package/dist/react-native.d.ts

@@ -0,0 +1,14 @@
+import { W as WorkflowSession } from './shared-Z5LN5APr.js';
+export { h as hasRole, r as requireRole, a as requireTenant, b as requireUser } from './shared-Z5LN5APr.js';
+
+declare function mapClerkToSession(auth: {
+    userId?: string | null;
+    orgId?: string | null;
+    session?: {
+        user?: {
+            publicMetadata?: any;
+        };
+    };
+} | null): WorkflowSession;
+
+export { WorkflowSession, mapClerkToSession };

package/dist/react-native.js

@@ -0,0 +1,76 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/react-native.ts
+var react_native_exports = {};
+__export(react_native_exports, {
+  hasRole: () => hasRole,
+  mapClerkToSession: () => mapClerkToSession,
+  requireRole: () => requireRole,
+  requireTenant: () => requireTenant,
+  requireUser: () => requireUser
+});
+module.exports = __toCommonJS(react_native_exports);
+
+// src/shared.ts
+var import_errors = require("@wrelik/errors");
+function requireUser(session) {
+  if (!session || !session.userId) {
+    throw new import_errors.AuthRequiredError();
+  }
+  return session.userId;
+}
+function requireTenant(session) {
+  requireUser(session);
+  if (!session || !session.tenantId) {
+    throw new import_errors.TenantRequiredError();
+  }
+  return session.tenantId;
+}
+function hasRole(session, role) {
+  if (!session || !session.userId) return false;
+  return session.roles.includes(role);
+}
+function requireRole(session, role) {
+  if (!hasRole(session, role)) {
+    throw new import_errors.PermissionDeniedError(`Role ${role} required`);
+  }
+}
+
+// src/react-native.ts
+function mapClerkToSession(auth) {
+  var _a, _b, _c;
+  if (!auth || !auth.userId) {
+    return { userId: null, tenantId: null, roles: [] };
+  }
+  const roles = ((_c = (_b = (_a = auth.session) == null ? void 0 : _a.user) == null ? void 0 : _b.publicMetadata) == null ? void 0 : _c.roles) || [];
+  return {
+    userId: auth.userId,
+    tenantId: auth.orgId || null,
+    roles
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  hasRole,
+  mapClerkToSession,
+  requireRole,
+  requireTenant,
+  requireUser
+});

package/dist/react-native.mjs

@@ -0,0 +1,27 @@
+import {
+  hasRole,
+  requireRole,
+  requireTenant,
+  requireUser
+} from "./chunk-5WLTDLEP.mjs";
+
+// src/react-native.ts
+function mapClerkToSession(auth) {
+  var _a, _b, _c;
+  if (!auth || !auth.userId) {
+    return { userId: null, tenantId: null, roles: [] };
+  }
+  const roles = ((_c = (_b = (_a = auth.session) == null ? void 0 : _a.user) == null ? void 0 : _b.publicMetadata) == null ? void 0 : _c.roles) || [];
+  return {
+    userId: auth.userId,
+    tenantId: auth.orgId || null,
+    roles
+  };
+}
+export {
+  hasRole,
+  mapClerkToSession,
+  requireRole,
+  requireTenant,
+  requireUser
+};

package/dist/shared-Z5LN5APr.d.mts

@@ -0,0 +1,11 @@
+interface WorkflowSession {
+    userId: string | null;
+    tenantId: string | null;
+    roles: string[];
+}
+declare function requireUser(session: WorkflowSession | null): string;
+declare function requireTenant(session: WorkflowSession | null): string;
+declare function hasRole(session: WorkflowSession | null, role: string): boolean;
+declare function requireRole(session: WorkflowSession | null, role: string): void;
+
+export { type WorkflowSession as W, requireTenant as a, requireUser as b, hasRole as h, requireRole as r };

package/dist/shared-Z5LN5APr.d.ts

@@ -0,0 +1,11 @@
+interface WorkflowSession {
+    userId: string | null;
+    tenantId: string | null;
+    roles: string[];
+}
+declare function requireUser(session: WorkflowSession | null): string;
+declare function requireTenant(session: WorkflowSession | null): string;
+declare function hasRole(session: WorkflowSession | null, role: string): boolean;
+declare function requireRole(session: WorkflowSession | null, role: string): void;
+
+export { type WorkflowSession as W, requireTenant as a, requireUser as b, hasRole as h, requireRole as r };

package/package.json

@@ -1,15 +1,24 @@
 {
   "name": "@wrelik/auth",
-  "version": "0.1.0",
+  "version": "0.2.1",
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/lwhite702/wrelik-kit.git",
+    "directory": "packages/auth"
+  },
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "exports": {
     ".": "./dist/index.js",
-    "./next": "./dist/next.js"
+    "./next": "./dist/next.js",
+    "./react-native": "./dist/react-native.js"
   },
   "dependencies": {
     "@clerk/backend": "^0.38.0",
-    "@wrelik/errors": "0.1.0"
+    "@wrelik/errors": "0.2.0"
   },
   "peerDependencies": {
     "@clerk/nextjs": "^4.29.0"
@@ -17,11 +26,11 @@
   "devDependencies": {
     "tsup": "^8.0.1",
     "vitest": "^1.2.2",
-    "@wrelik/eslint-config": "0.1.0",
-    "@wrelik/tsconfig": "0.1.0"
+    "@wrelik/eslint-config": "0.1.1",
+    "@wrelik/tsconfig": "0.1.1"
   },
   "scripts": {
-    "build": "tsup src/index.ts src/next.ts --format cjs,esm --dts --clean",
+    "build": "tsup src/index.ts src/next.ts src/react-native.ts --format cjs,esm --dts --clean",
     "lint": "eslint src/",
     "test": "vitest run --passWithNoTests"
   }

package/src/index.test.ts

@@ -18,6 +18,7 @@ describe('@wrelik/auth', () => {
       userId: 'user_123',
       orgId: 'org_456',
       sessionClaims: { publicMetadata: { roles: ['admin'] } },
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
     } as any;
 
     const session = fromClerkAuth(clerkAuth);

package/src/index.ts

@@ -1,11 +1,7 @@
-import { AuthRequiredError, PermissionDeniedError, TenantRequiredError } from '@wrelik/errors';
 import type { SignedInAuthObject, SignedOutAuthObject } from '@clerk/backend';
+import { type WorkflowSession } from './shared';
 
-export interface WorkflowSession {
-  userId: string | null;
-  tenantId: string | null;
-  roles: string[];
-}
+export * from './shared';
 
 export function fromClerkAuth(
   auth: SignedInAuthObject | SignedOutAuthObject | null,
@@ -14,6 +10,7 @@ export function fromClerkAuth(
     return { userId: null, tenantId: null, roles: [] };
   }
 
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
   const roles = ((auth.sessionClaims?.publicMetadata as any)?.roles as string[]) || [];
 
   return {
@@ -22,29 +19,3 @@ export function fromClerkAuth(
     roles,
   };
 }
-
-export function requireUser(session: WorkflowSession | null): string {
-  if (!session || !session.userId) {
-    throw new AuthRequiredError();
-  }
-  return session.userId;
-}
-
-export function requireTenant(session: WorkflowSession | null): string {
-  requireUser(session);
-  if (!session || !session.tenantId) {
-    throw new TenantRequiredError();
-  }
-  return session.tenantId;
-}
-
-export function hasRole(session: WorkflowSession | null, role: string): boolean {
-  if (!session || !session.userId) return false;
-  return session.roles.includes(role);
-}
-
-export function requireRole(session: WorkflowSession | null, role: string) {
-  if (!hasRole(session, role)) {
-    throw new PermissionDeniedError(`Role ${role} required`);
-  }
-}

package/src/next.ts

@@ -1,3 +1,4 @@
+/* eslint-disable no-restricted-imports */
 import { auth } from '@clerk/nextjs';
 import { fromClerkAuth, type WorkflowSession } from './index';
 

package/src/react-native.ts

@@ -0,0 +1,28 @@
+import { type WorkflowSession } from './shared';
+
+export * from './shared';
+
+// We accept the `useAuth` or `useUser` return value or similar from Clerk Expo
+// but to be loose coupling, we defined it as any with some shape checks if needed.
+// However, the requirement says "converts the Clerk Expo session/user representation".
+export function mapClerkToSession(
+  auth: {
+    userId?: string | null;
+    orgId?: string | null;
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    session?: { user?: { publicMetadata?: any } };
+  } | null,
+): WorkflowSession {
+  if (!auth || !auth.userId) {
+    return { userId: null, tenantId: null, roles: [] };
+  }
+
+  // The roles might be in publicMetadata of the user object in session
+  const roles = (auth.session?.user?.publicMetadata?.roles as string[]) || [];
+
+  return {
+    userId: auth.userId,
+    tenantId: auth.orgId || null,
+    roles,
+  };
+}

package/src/shared.test.ts

@@ -0,0 +1,27 @@
+import { describe, it, expect } from 'vitest';
+import { requireUser, requireTenant, hasRole } from './shared';
+
+describe('Auth Shared', () => {
+  it('requireUser throws if no user', () => {
+    expect(() => requireUser(null)).toThrow('Authentication required');
+    expect(() => requireUser({ userId: null, tenantId: null, roles: [] })).toThrow(
+      'Authentication required',
+    );
+  });
+
+  it('requireUser returns userId', () => {
+    expect(requireUser({ userId: 'u1', tenantId: null, roles: [] })).toBe('u1');
+  });
+
+  it('requireTenant throws if no tenant', () => {
+    expect(() => requireTenant({ userId: 'u1', tenantId: null, roles: [] })).toThrow(
+      'Tenant context required',
+    );
+  });
+
+  it('hasRole checks roles', () => {
+    const session = { userId: 'u1', tenantId: 't1', roles: ['admin'] };
+    expect(hasRole(session, 'admin')).toBe(true);
+    expect(hasRole(session, 'user')).toBe(false);
+  });
+});

package/src/shared.ts

@@ -0,0 +1,33 @@
+import { AuthRequiredError, PermissionDeniedError, TenantRequiredError } from '@wrelik/errors';
+
+export interface WorkflowSession {
+  userId: string | null;
+  tenantId: string | null;
+  roles: string[];
+}
+
+export function requireUser(session: WorkflowSession | null): string {
+  if (!session || !session.userId) {
+    throw new AuthRequiredError();
+  }
+  return session.userId;
+}
+
+export function requireTenant(session: WorkflowSession | null): string {
+  requireUser(session);
+  if (!session || !session.tenantId) {
+    throw new TenantRequiredError();
+  }
+  return session.tenantId;
+}
+
+export function hasRole(session: WorkflowSession | null, role: string): boolean {
+  if (!session || !session.userId) return false;
+  return session.roles.includes(role);
+}
+
+export function requireRole(session: WorkflowSession | null, role: string) {
+  if (!hasRole(session, role)) {
+    throw new PermissionDeniedError(`Role ${role} required`);
+  }
+}

package/tsconfig.json

@@ -2,7 +2,7 @@
   "extends": "@wrelik/tsconfig/next.json",
   "compilerOptions": {
     "incremental": false,
-    "outDir": "dist"
+    "outDir": "dist", "skipLibCheck": true
   },
   "include": ["src"]
 }