binoauth 0.0.11 → 0.0.13

package/dist/core/src/auth/flows/otp.d.ts

@@ -0,0 +1,172 @@
+/**
+ * OTP (One-Time Password) authentication flow
+ *
+ * Handles authentication via SMS OTP codes using actual tenant-sdk APIs.
+ * Note: Email OTP is handled through the email verification flow.
+ */
+import type { OTPRequest, AuthResult, BinoAuthConfig } from "../types";
+import { BaseAuthFlow } from "./base-flow";
+/**
+ * OTP authentication flow
+ *
+ * Provides authentication using one-time passwords sent via SMS using actual tenant-sdk APIs.
+ * Uses AuthenticationApi.requestOtpViaPhoneApiV1AuthPhonePost for sending OTP and
+ * AuthenticationApi.verifyPhoneOtpApiV1AuthPhoneVerifyPost for verification.
+ *
+ * @example
+ * ```typescript
+ * const otpFlow = new OTPFlow(config);
+ *
+ * // Send OTP via SMS
+ * await otpFlow.sendPhoneOTP('+1234567890');
+ *
+ * // User enters the OTP code
+ * const userEnteredCode = '123456';
+ * const result = await otpFlow.verifyPhoneOTP(userEnteredCode);
+ *
+ * if (result.success) {
+ *   console.log('Authentication successful:', result.user);
+ * }
+ * ```
+ */
+export declare class OTPFlow extends BaseAuthFlow {
+    constructor(config: BinoAuthConfig);
+    /**
+     * Note: Email OTP functionality is handled through the email verification flow.
+     * Use the PasswordFlow.resendEmailVerification() and PasswordFlow.verifyEmail() methods
+     * for email-based verification instead.
+     *
+     * The tenant-sdk uses email verification tokens rather than OTP codes for email verification.
+     */
+    /**
+     * Sends an OTP code to the user's phone number using tenant-sdk AuthenticationApi.requestOtpViaPhoneApiV1AuthPhonePost
+     *
+     * @param phone - User's phone number (with country code, e.g., +1234567890)
+     * @param allowedCountries - Optional array of allowed country codes
+     * @returns Promise resolving when OTP is sent
+     *
+     * @example
+     * ```typescript
+     * await otpFlow.sendPhoneOTP('+1234567890');
+     * console.log('Verification code sent to your phone');
+     *
+     * // With allowed countries restriction
+     * await otpFlow.sendPhoneOTP('+1234567890', ['US', 'CA']);
+     * ```
+     *
+     * @throws {AuthError} When sending OTP fails
+     */
+    sendPhoneOTP(phone: string, allowedCountries?: string[]): Promise<void>;
+    /**
+     * Sends an OTP using the provided request configuration
+     *
+     * Note: Only SMS OTP is supported. For email verification, use the PasswordFlow class.
+     *
+     * @param request - OTP request with phone and method
+     * @returns Promise resolving when OTP is sent
+     *
+     * @example
+     * ```typescript
+     * // SMS OTP
+     * await otpFlow.sendOTP({
+     *   phone: '+1234567890',
+     *   method: 'sms',
+     *   allowedCountries: ['US', 'CA']
+     * });
+     * ```
+     *
+     * @throws {AuthError} When sending OTP fails
+     */
+    sendOTP(request: OTPRequest): Promise<void>;
+    /**
+     * Verifies a phone OTP code using tenant-sdk AuthenticationApi.verifyPhoneOtpApiV1AuthPhoneVerifyPost
+     *
+     * Note: Only SMS OTP verification is supported. For email verification, use PasswordFlow.verifyEmail().
+     *
+     * @param code - OTP code entered by the user
+     * @returns Promise resolving to authentication result
+     *
+     * @example
+     * ```typescript
+     * try {
+     *   const result = await otpFlow.verifyPhoneOTP('123456');
+     *   if (result.success) {
+     *     console.log('Welcome,', result.user.name);
+     *     localStorage.setItem('accessToken', result.accessToken);
+     *   }
+     * } catch (error) {
+     *   if (error.code === AuthErrorCode.INVALID_OTP) {
+     *     console.log('Invalid verification code. Please try again.');
+     *   } else if (error.code === AuthErrorCode.EXPIRED_OTP) {
+     *     console.log('Verification code has expired. Please request a new one.');
+     *   }
+     * }
+     * ```
+     *
+     * @throws {AuthError} When OTP verification fails
+     */
+    verifyPhoneOTP(code: string): Promise<AuthResult>;
+    /**
+     * Note: Email OTP verification is not supported.
+     * Use PasswordFlow.verifyEmail() for email verification instead.
+     */
+    /**
+     * Note: Email OTP resending is not supported.
+     * Use PasswordFlow.resendEmailVerification() for email verification instead.
+     */
+    /**
+     * Resends an OTP to the same phone number
+     *
+     * @param phone - Phone number to resend OTP to
+     * @param allowedCountries - Optional array of allowed country codes
+     * @returns Promise resolving when OTP is resent
+     *
+     * @example
+     * ```typescript
+     * // User clicks "Resend code" button
+     * await otpFlow.resendPhoneOTP('+1234567890');
+     * console.log('New verification code sent to your phone');
+     * ```
+     */
+    resendPhoneOTP(phone: string, allowedCountries?: string[]): Promise<void>;
+    /**
+     * Validates an OTP code format without verifying it
+     *
+     * @param code - OTP code to validate
+     * @returns True if format is valid, false otherwise
+     *
+     * @example
+     * ```typescript
+     * const userInput = '123456';
+     * if (otpFlow.validateOTPFormat(userInput)) {
+     *   // Proceed with verification
+     *   const result = await otpFlow.verifyPhoneOTP(userInput);
+     * } else {
+     *   console.log('Please enter a valid 6-digit code');
+     * }
+     * ```
+     */
+    validateOTPFormat(code: string): boolean;
+    /**
+     * Gets remaining time before OTP expires (if available from server)
+     *
+     * This is a placeholder method that would typically query the server
+     * for OTP expiration information. The tenant-sdk doesn't currently
+     * provide an endpoint for checking OTP status.
+     *
+     * @param phone - Phone number that received the OTP
+     * @returns Promise resolving to remaining seconds, or null if unknown
+     *
+     * @example
+     * ```typescript
+     * const remainingTime = await otpFlow.getOTPRemainingTime('+1234567890');
+     * if (remainingTime && remainingTime > 0) {
+     *   console.log(`Code expires in ${remainingTime} seconds`);
+     * } else {
+     *   console.log('Code may have expired');
+     * }
+     * ```
+     */
+    getOTPRemainingTime(phone: string): Promise<number | null>;
+}
+//# sourceMappingURL=otp.d.ts.map

package/dist/core/src/auth/flows/otp.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"otp.d.ts","sourceRoot":"","sources":["../../../../../src/auth/flows/otp.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAmB,UAAU,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAExF,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,qBAAa,OAAQ,SAAQ,YAAY;gBAE3B,MAAM,EAAE,cAAc;IAIlC;;;;;;OAMG;IAEH;;;;;;;;;;;;;;;;;OAiBG;IACG,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,gBAAgB,CAAC,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAc7E;;;;;;;;;;;;;;;;;;;OAmBG;IACG,OAAO,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAiBjD;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACG,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAuBvD;;;OAGG;IAEH;;;OAGG;IAEH;;;;;;;;;;;;;OAaG;IACG,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,gBAAgB,CAAC,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAI/E;;;;;;;;;;;;;;;;OAgBG;IACH,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAQxC;;;;;;;;;;;;;;;;;;;OAmBG;IACG,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CAKjE"}

package/dist/core/src/auth/flows/otp.js

@@ -0,0 +1,222 @@
+/**
+ * OTP (One-Time Password) authentication flow
+ *
+ * Handles authentication via SMS OTP codes using actual tenant-sdk APIs.
+ * Note: Email OTP is handled through the email verification flow.
+ */
+import { AuthError, AuthErrorCode } from "../error";
+import { BaseAuthFlow } from "./base-flow";
+/**
+ * OTP authentication flow
+ *
+ * Provides authentication using one-time passwords sent via SMS using actual tenant-sdk APIs.
+ * Uses AuthenticationApi.requestOtpViaPhoneApiV1AuthPhonePost for sending OTP and
+ * AuthenticationApi.verifyPhoneOtpApiV1AuthPhoneVerifyPost for verification.
+ *
+ * @example
+ * ```typescript
+ * const otpFlow = new OTPFlow(config);
+ *
+ * // Send OTP via SMS
+ * await otpFlow.sendPhoneOTP('+1234567890');
+ *
+ * // User enters the OTP code
+ * const userEnteredCode = '123456';
+ * const result = await otpFlow.verifyPhoneOTP(userEnteredCode);
+ *
+ * if (result.success) {
+ *   console.log('Authentication successful:', result.user);
+ * }
+ * ```
+ */
+export class OTPFlow extends BaseAuthFlow {
+    constructor(config) {
+        super(config);
+    }
+    /**
+     * Note: Email OTP functionality is handled through the email verification flow.
+     * Use the PasswordFlow.resendEmailVerification() and PasswordFlow.verifyEmail() methods
+     * for email-based verification instead.
+     *
+     * The tenant-sdk uses email verification tokens rather than OTP codes for email verification.
+     */
+    /**
+     * Sends an OTP code to the user's phone number using tenant-sdk AuthenticationApi.requestOtpViaPhoneApiV1AuthPhonePost
+     *
+     * @param phone - User's phone number (with country code, e.g., +1234567890)
+     * @param allowedCountries - Optional array of allowed country codes
+     * @returns Promise resolving when OTP is sent
+     *
+     * @example
+     * ```typescript
+     * await otpFlow.sendPhoneOTP('+1234567890');
+     * console.log('Verification code sent to your phone');
+     *
+     * // With allowed countries restriction
+     * await otpFlow.sendPhoneOTP('+1234567890', ['US', 'CA']);
+     * ```
+     *
+     * @throws {AuthError} When sending OTP fails
+     */
+    async sendPhoneOTP(phone, allowedCountries) {
+        this.validatePhone(phone);
+        await this.safeApiCall(async () => {
+            // Use the actual tenant-sdk AuthenticationApi.requestOtpViaPhoneApiV1AuthPhonePost method
+            await this.authApi.requestOtpViaPhoneApiV1AuthPhonePost({
+                phoneOTPRequest: {
+                    phone,
+                    allowedCountries: allowedCountries || null,
+                },
+            });
+        }, AuthErrorCode.ACCOUNT_NOT_FOUND);
+    }
+    /**
+     * Sends an OTP using the provided request configuration
+     *
+     * Note: Only SMS OTP is supported. For email verification, use the PasswordFlow class.
+     *
+     * @param request - OTP request with phone and method
+     * @returns Promise resolving when OTP is sent
+     *
+     * @example
+     * ```typescript
+     * // SMS OTP
+     * await otpFlow.sendOTP({
+     *   phone: '+1234567890',
+     *   method: 'sms',
+     *   allowedCountries: ['US', 'CA']
+     * });
+     * ```
+     *
+     * @throws {AuthError} When sending OTP fails
+     */
+    async sendOTP(request) {
+        if (request.method === 'sms') {
+            if (!request.phone) {
+                throw new AuthError(AuthErrorCode.MISSING_REQUIRED_FIELD, 'Phone number is required for SMS OTP');
+            }
+            await this.sendPhoneOTP(request.phone, request.allowedCountries);
+        }
+        else {
+            throw new AuthError(AuthErrorCode.INVALID_CONFIG, 'Invalid OTP method. Only "sms" is supported.');
+        }
+    }
+    /**
+     * Verifies a phone OTP code using tenant-sdk AuthenticationApi.verifyPhoneOtpApiV1AuthPhoneVerifyPost
+     *
+     * Note: Only SMS OTP verification is supported. For email verification, use PasswordFlow.verifyEmail().
+     *
+     * @param code - OTP code entered by the user
+     * @returns Promise resolving to authentication result
+     *
+     * @example
+     * ```typescript
+     * try {
+     *   const result = await otpFlow.verifyPhoneOTP('123456');
+     *   if (result.success) {
+     *     console.log('Welcome,', result.user.name);
+     *     localStorage.setItem('accessToken', result.accessToken);
+     *   }
+     * } catch (error) {
+     *   if (error.code === AuthErrorCode.INVALID_OTP) {
+     *     console.log('Invalid verification code. Please try again.');
+     *   } else if (error.code === AuthErrorCode.EXPIRED_OTP) {
+     *     console.log('Verification code has expired. Please request a new one.');
+     *   }
+     * }
+     * ```
+     *
+     * @throws {AuthError} When OTP verification fails
+     */
+    async verifyPhoneOTP(code) {
+        if (!code || code.length < 4) {
+            throw new AuthError(AuthErrorCode.INVALID_OTP, 'Valid OTP code is required');
+        }
+        // Normalize the code (remove spaces, ensure it's a string)
+        const normalizedCode = code.replace(/\s+/g, '').toString();
+        return this.safeApiCall(async () => {
+            // Use the actual tenant-sdk AuthenticationApi.verifyPhoneOtpApiV1AuthPhoneVerifyPost method
+            const response = await this.authApi.verifyPhoneOtpApiV1AuthPhoneVerifyPost({
+                phoneOTPVerificationRequest: {
+                    otp: normalizedCode,
+                },
+            });
+            return this.processAuthResponse(response);
+        }, AuthErrorCode.INVALID_OTP);
+    }
+    /**
+     * Note: Email OTP verification is not supported.
+     * Use PasswordFlow.verifyEmail() for email verification instead.
+     */
+    /**
+     * Note: Email OTP resending is not supported.
+     * Use PasswordFlow.resendEmailVerification() for email verification instead.
+     */
+    /**
+     * Resends an OTP to the same phone number
+     *
+     * @param phone - Phone number to resend OTP to
+     * @param allowedCountries - Optional array of allowed country codes
+     * @returns Promise resolving when OTP is resent
+     *
+     * @example
+     * ```typescript
+     * // User clicks "Resend code" button
+     * await otpFlow.resendPhoneOTP('+1234567890');
+     * console.log('New verification code sent to your phone');
+     * ```
+     */
+    async resendPhoneOTP(phone, allowedCountries) {
+        return this.sendPhoneOTP(phone, allowedCountries);
+    }
+    /**
+     * Validates an OTP code format without verifying it
+     *
+     * @param code - OTP code to validate
+     * @returns True if format is valid, false otherwise
+     *
+     * @example
+     * ```typescript
+     * const userInput = '123456';
+     * if (otpFlow.validateOTPFormat(userInput)) {
+     *   // Proceed with verification
+     *   const result = await otpFlow.verifyPhoneOTP(userInput);
+     * } else {
+     *   console.log('Please enter a valid 6-digit code');
+     * }
+     * ```
+     */
+    validateOTPFormat(code) {
+        if (!code)
+            return false;
+        // Remove spaces and check if it's all digits and appropriate length
+        const normalizedCode = code.replace(/\s+/g, '');
+        return /^\d{4,8}$/.test(normalizedCode);
+    }
+    /**
+     * Gets remaining time before OTP expires (if available from server)
+     *
+     * This is a placeholder method that would typically query the server
+     * for OTP expiration information. The tenant-sdk doesn't currently
+     * provide an endpoint for checking OTP status.
+     *
+     * @param phone - Phone number that received the OTP
+     * @returns Promise resolving to remaining seconds, or null if unknown
+     *
+     * @example
+     * ```typescript
+     * const remainingTime = await otpFlow.getOTPRemainingTime('+1234567890');
+     * if (remainingTime && remainingTime > 0) {
+     *   console.log(`Code expires in ${remainingTime} seconds`);
+     * } else {
+     *   console.log('Code may have expired');
+     * }
+     * ```
+     */
+    async getOTPRemainingTime(phone) {
+        // The tenant-sdk doesn't provide an endpoint for checking OTP status
+        // This would need to be implemented on the server side
+        return null;
+    }
+}
+//# sourceMappingURL=otp.js.map

package/dist/core/src/auth/flows/otp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"otp.js","sourceRoot":"","sources":["../../../../../src/auth/flows/otp.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,OAAO,OAAQ,SAAQ,YAAY;IAEvC,YAAY,MAAsB;QAChC,KAAK,CAAC,MAAM,CAAC,CAAC;IAChB,CAAC;IAED;;;;;;OAMG;IAEH;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,YAAY,CAAC,KAAa,EAAE,gBAA2B;QAC3D,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAE1B,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,EAAE;YAChC,0FAA0F;YAC1F,MAAM,IAAI,CAAC,OAAO,CAAC,oCAAoC,CAAC;gBACtD,eAAe,EAAE;oBACf,KAAK;oBACL,gBAAgB,EAAE,gBAAgB,IAAI,IAAI;iBAC3C;aACF,CAAC,CAAC;QACL,CAAC,EAAE,aAAa,CAAC,iBAAiB,CAAC,CAAC;IACtC,CAAC;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACH,KAAK,CAAC,OAAO,CAAC,OAAmB;QAC/B,IAAI,OAAO,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YAC7B,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACnB,MAAM,IAAI,SAAS,CACjB,aAAa,CAAC,sBAAsB,EACpC,sCAAsC,CACvC,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAC;QACnE,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,SAAS,CACjB,aAAa,CAAC,cAAc,EAC5B,8CAA8C,CAC/C,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,KAAK,CAAC,cAAc,CAAC,IAAY;QAC/B,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,SAAS,CACjB,aAAa,CAAC,WAAW,EACzB,4BAA4B,CAC7B,CAAC;QACJ,CAAC;QAED,2DAA2D;QAC3D,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC;QAE3D,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,EAAE;YACjC,4FAA4F;YAC5F,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,sCAAsC,CAAC;gBACzE,2BAA2B,EAAE;oBAC3B,GAAG,EAAE,cAAc;iBACpB;aACF,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC,EAAE,aAAa,CAAC,WAAW,CAAC,CAAC;IAChC,CAAC;IAED;;;OAGG;IAEH;;;OAGG;IAEH;;;;;;;;;;;;;OAaG;IACH,KAAK,CAAC,cAAc,CAAC,KAAa,EAAE,gBAA2B;QAC7D,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAC;IACpD,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACH,iBAAiB,CAAC,IAAY;QAC5B,IAAI,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QAExB,oEAAoE;QACpE,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAChD,OAAO,WAAW,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC1C,CAAC;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACH,KAAK,CAAC,mBAAmB,CAAC,KAAa;QACrC,qEAAqE;QACrE,uDAAuD;QACvD,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}

package/dist/core/src/auth/flows/password.d.ts

@@ -0,0 +1,242 @@
+/**
+ * Password-based authentication flow
+ *
+ * Handles email/password login, registration using the actual tenant-sdk APIs.
+ */
+import type { LoginRequest, SignupRequest, AuthResult, User, PasswordResetRequest, PasswordResetData, BinoAuthConfig } from "../types";
+import { BaseAuthFlow } from "./base-flow";
+/**
+ * Password authentication flow
+ *
+ * Provides email/password authentication using the actual tenant-sdk AuthenticationApi.
+ * All methods use the real API endpoints available in the tenant-sdk.
+ *
+ * @example
+ * ```typescript
+ * const passwordFlow = new PasswordFlow(config);
+ *
+ * // Login with email and password
+ * try {
+ *   const result = await passwordFlow.login('user@example.com', 'password123');
+ *   if (result.success) {
+ *     console.log('Login successful:', result.user);
+ *     console.log('Access token:', result.accessToken);
+ *   }
+ * } catch (error) {
+ *   if (error instanceof AuthError) {
+ *     console.log('Login failed:', error.message);
+ *   }
+ * }
+ *
+ * // Register new user
+ * const userData = {
+ *   email: 'newuser@example.com',
+ *   password: 'securepassword',
+ *   name: 'John Doe',
+ *   acceptTerms: true
+ * };
+ *
+ * const registerResult = await passwordFlow.register(userData);
+ * ```
+ */
+export declare class PasswordFlow extends BaseAuthFlow {
+    constructor(config: BinoAuthConfig);
+    /**
+     * Authenticates a user with email and password using tenant-sdk AuthenticationApi.loginApiV1AuthLoginPost
+     *
+     * @param email - User's email address
+     * @param password - User's password
+     * @param rememberMe - Whether to remember the user (longer token expiry)
+     * @returns Promise resolving to authentication result
+     *
+     * @example
+     * ```typescript
+     * try {
+     *   const result = await passwordFlow.login('user@example.com', 'password123');
+     *   if (result.success) {
+     *     localStorage.setItem('accessToken', result.accessToken);
+     *     console.log('Welcome,', result.user.name);
+     *   }
+     * } catch (error) {
+     *   if (error.code === AuthErrorCode.INVALID_CREDENTIALS) {
+     *     console.log('Invalid email or password');
+     *   } else if (error.code === AuthErrorCode.MFA_REQUIRED) {
+     *     console.log('MFA required:', error.details);
+     *   }
+     * }
+     * ```
+     *
+     * @throws {AuthError} When credentials are invalid or authentication fails
+     */
+    login(email: string, password: string, rememberMe?: boolean): Promise<AuthResult>;
+    /**
+     * Authenticates a user with credentials object using tenant-sdk LoginRequest
+     *
+     * @param credentials - Login credentials from tenant-sdk
+     * @returns Promise resolving to authentication result
+     *
+     * @example
+     * ```typescript
+     * const credentials: LoginRequest = {
+     *   email: 'user@example.com',
+     *   password: 'password123',
+     *   rememberMe: true
+     * };
+     *
+     * const result = await passwordFlow.loginWithCredentials(credentials);
+     * ```
+     */
+    loginWithCredentials(credentials: LoginRequest): Promise<AuthResult>;
+    /**
+     * Registers a new user account using tenant-sdk AuthenticationApi.signupApiV1AuthSignupPost
+     *
+     * @param userData - User registration data using tenant-sdk SignupRequest
+     * @returns Promise resolving to authentication result
+     *
+     * @example
+     * ```typescript
+     * const userData: SignupRequest = {
+     *   email: 'newuser@example.com',
+     *   password: 'securepassword123',
+     *   confirmPassword: 'securepassword123',
+     *   name: 'John Doe',
+     *   returnTo: 'https://myapp.com/welcome'
+     * };
+     *
+     * try {
+     *   const result = await passwordFlow.register(userData);
+     *   console.log('Registration successful:', result);
+     * } catch (error) {
+     *   if (error.code === AuthErrorCode.EMAIL_ALREADY_EXISTS) {
+     *     console.log('Account with this email already exists');
+     *   } else if (error.code === AuthErrorCode.WEAK_PASSWORD) {
+     *     console.log('Password is too weak');
+     *   }
+     * }
+     * ```
+     *
+     * @throws {AuthError} When registration fails
+     */
+    register(userData: SignupRequest): Promise<AuthResult>;
+    /**
+     * Requests email verification resend using tenant-sdk AuthenticationApi.resendVerificationApiV1AuthResendVerificationPost
+     *
+     * @param email - User's email address
+     * @returns Promise resolving when verification email is sent
+     *
+     * @example
+     * ```typescript
+     * await passwordFlow.resendEmailVerification('user@example.com');
+     * console.log('Verification email sent');
+     * ```
+     *
+     * @throws {AuthError} When resend request fails
+     */
+    resendEmailVerification(email: string): Promise<void>;
+    /**
+     * Verifies email address using tenant-sdk AuthenticationApi.verifyEmailApiV1AuthVerifyEmailPost
+     *
+     * @param token - Email verification token
+     * @returns Promise resolving to authentication result
+     *
+     * @example
+     * ```typescript
+     * // Token comes from email link
+     * const result = await passwordFlow.verifyEmail(token);
+     * if (result.success) {
+     *   console.log('Email verified successfully');
+     * }
+     * ```
+     *
+     * @throws {AuthError} When email verification fails
+     */
+    verifyEmail(token: string): Promise<AuthResult>;
+    /**
+     * Logs out the current user using tenant-sdk AuthenticationApi.logoutApiV1AuthLogoutPost
+     *
+     * @returns Promise resolving when logout is complete
+     *
+     * @example
+     * ```typescript
+     * await passwordFlow.logout();
+     * console.log('Logged out successfully');
+     * ```
+     *
+     * @throws {AuthError} When logout fails
+     */
+    logout(): Promise<void>;
+    /**
+     * Gets current user information using tenant-sdk UserProfileApi.getCurrentUserApiV1AuthUserinfoGet
+     *
+     * @returns Promise resolving to user information
+     *
+     * @example
+     * ```typescript
+     * const user = await passwordFlow.getCurrentUser();
+     * console.log('Current user:', user.name, user.email);
+     * ```
+     *
+     * @throws {AuthError} When user info fetch fails
+     */
+    getCurrentUser(): Promise<User>;
+    /**
+     * Note: Password reset functionality depends on magic link flow
+     * The tenant-sdk doesn't have dedicated password reset endpoints,
+     * instead it uses magic links for password reset flows.
+     *
+     * For password reset, use the MagicLinkFlow class which uses:
+     * - AuthenticationApi.requestMagicLinkApiV1AuthMlPost for reset request
+     * - AuthenticationApi.verifyMagicLinkApiV1AuthMlVerifyPost for reset verification
+     */
+    /**
+     * Initiates password reset process using magic link
+     *
+     * @param request - Password reset request
+     * @returns Promise resolving when reset email is sent
+     *
+     * @example
+     * ```typescript
+     * await passwordFlow.requestPasswordReset({
+     *   email: 'user@example.com',
+     *   returnTo: 'https://myapp.com/reset-complete'
+     * });
+     *
+     * console.log('Password reset email sent');
+     * ```
+     *
+     * @throws {AuthError} When reset request fails
+     */
+    requestPasswordReset(request: PasswordResetRequest): Promise<void>;
+    /**
+     * Completes password reset with magic link token
+     *
+     * @param resetData - Password reset completion data
+     * @returns Promise resolving to authentication result
+     *
+     * @example
+     * ```typescript
+     * // Token comes from magic link
+     * const resetData = {
+     *   token: 'magic_link_token_from_email',
+     *   newPassword: 'newsecurepassword123',
+     *   confirmPassword: 'newsecurepassword123'
+     * };
+     *
+     * try {
+     *   const result = await passwordFlow.resetPassword(resetData);
+     *   if (result.success) {
+     *     console.log('Password reset successful');
+     *     // User is automatically logged in after password reset
+     *   }
+     * } catch (error) {
+     *   if (error.code === AuthErrorCode.INVALID_TOKEN) {
+     *     console.log('Reset token is invalid or expired');
+     *   }
+     * }
+     * ```
+     *
+     * @throws {AuthError} When password reset fails
+     */
+    resetPassword(resetData: PasswordResetData): Promise<AuthResult>;
+}
+//# sourceMappingURL=password.d.ts.map

package/dist/core/src/auth/flows/password.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"password.d.ts","sourceRoot":"","sources":["../../../../../src/auth/flows/password.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EACV,YAAY,EACZ,aAAa,EACb,UAAU,EACV,IAAI,EACJ,oBAAoB,EACpB,iBAAiB,EACjB,cAAc,EACf,MAAM,UAAU,CAAC;AAElB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,qBAAa,YAAa,SAAQ,YAAY;gBAEhC,MAAM,EAAE,cAAc;IAIlC;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACG,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,GAAE,OAAe,GAAG,OAAO,CAAC,UAAU,CAAC;IAwB9F;;;;;;;;;;;;;;;;OAgBG;IACG,oBAAoB,CAAC,WAAW,EAAE,YAAY,GAAG,OAAO,CAAC,UAAU,CAAC;IAW1E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;IACG,QAAQ,CAAC,QAAQ,EAAE,aAAa,GAAG,OAAO,CAAC,UAAU,CAAC;IAsB5D;;;;;;;;;;;;;OAaG;IACG,uBAAuB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAa3D;;;;;;;;;;;;;;;;OAgBG;IACG,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAoBrD;;;;;;;;;;;;OAYG;IACG,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAO7B;;;;;;;;;;;;OAYG;IACG,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC;IASrC;;;;;;;;OAQG;IAEH;;;;;;;;;;;;;;;;;OAiBG;IACG,oBAAoB,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC;IAcxE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;IACG,aAAa,CAAC,SAAS,EAAE,iBAAiB,GAAG,OAAO,CAAC,UAAU,CAAC;CA6BvE"}