brainerce 1.3.3 → 1.4.1

package/AI_BUILDER_PROMPT.md

@@ -675,6 +675,15 @@ if (result.verified) {
 // Resend verification code
 await client.resendVerificationEmail(token);
 
+// Forgot password (on /forgot-password page)
+await client.forgotPassword(email);
+// Always succeeds (prevents email enumeration)
+
+// Reset password (on /reset-password page — user arrives via email link)
+const token = new URLSearchParams(window.location.search).get('token');
+await client.resetPassword(token!, newPassword);
+// On success: redirect to /login
+
 // Logout
 client.setCustomerToken(null);
 localStorage.removeItem('customerToken');
@@ -725,6 +734,8 @@ if (params.get('oauth_success') === 'true') {
 - [ ] **Login** (`/login`) - Email/password + social buttons, handle `requiresVerification`
 - [ ] **Register** (`/register`) - Registration form, handle `requiresVerification`
 - [ ] **Verify Email** (`/verify-email`) - 6-digit code input + resend button. **ALWAYS create this page** even if verification is currently disabled — the store owner can enable it at any time
+- [ ] **Forgot Password** (`/forgot-password`) - Email input, shows success message
+- [ ] **Reset Password** (`/reset-password`) - Token from URL + new password form
 - [ ] **OAuth Callback** (`/auth/callback`) - Handle OAuth redirect with token from URL params
 - [ ] **Account** (`/account`) - Profile + order history
 - [ ] **Header** - Logo, nav, cart icon with count, search
@@ -735,6 +746,7 @@ Some features may not be configured yet, but the store owner can enable them at
 
 - **Email Verification** → `/verify-email` page. `requiresVerification` is checked in login/register flows.
 - **OAuth Buttons** → Social login buttons on Login & Register + `/auth/callback` page. `getAvailableOAuthProviders()` returns `[]` when none configured — buttons just don't render.
+- **Password Reset** → `/forgot-password` + `/reset-password` pages. `forgotPassword()` silently succeeds when no account exists.
 - **Discount Banners** → `getDiscountBanners()` returns `[]` when no rules — component renders nothing.
 - **Product Discount Badges** → `getProductDiscountBadge(id)` returns `null` — renders nothing.
 - **Cart Nudges** → `cart.nudges` is `[]` — renders nothing.

package/README.md

@@ -2037,6 +2037,23 @@ window.location.href = returnUrl;
 
 > **Best Practice:** Before showing login page, save the current URL with `localStorage.setItem('returnUrl', window.location.pathname)`. After login, redirect back to that URL. This is how Amazon, Shopify, and most e-commerce sites work.
 
+#### Forgot Password
+
+```typescript
+await client.forgotPassword('customer@example.com');
+// Always returns success message (prevents email enumeration)
+// If account exists, sends email with reset link
+```
+
+#### Reset Password
+
+```typescript
+// On /reset-password page, extract token from URL
+const token = new URLSearchParams(window.location.search).get('token');
+const result = await client.resetPassword(token!, 'newSecurePassword123');
+// result.message = "Password has been reset successfully"
+```
+
 #### Logout Customer
 
 ```typescript

package/dist/index.d.mts

@@ -176,12 +176,6 @@ interface Product {
     attributes?: string[];
     metafields?: ProductMetafield[];
     channels?: Record<string, Record<string, unknown>>;
-    /** Shopify product ID (admin mode only) */
-    shopifyProductId?: string | null;
-    /** WooCommerce product ID (admin mode only) */
-    woocommerceProductId?: string | null;
-    /** Meta/Facebook Item Group ID (admin mode only) */
-    metaItemGroupId?: string | null;
     /** Whether product needs sync to platforms. Always returned by backend. */
     needsSync: boolean;
     /** Last sync timestamp (admin mode only) */
@@ -761,6 +755,27 @@ interface Order {
     platform?: string;
     /** Whether this order contains downloadable products */
     hasDownloads?: boolean;
+    /** Subtotal before discounts/shipping/tax */
+    subtotal?: string | null;
+    /** Total discount amount */
+    discountAmount?: string | null;
+    /** Applied coupon code */
+    couponCode?: string | null;
+    /** Coupon discount amount */
+    couponDiscount?: string | null;
+    /** Total discount from rules */
+    ruleDiscountAmount?: string | null;
+    /** Per-rule discount snapshots */
+    appliedDiscounts?: Array<{
+        ruleId: string;
+        ruleName: string;
+        type: string;
+        discountAmount: string | null;
+    }> | null;
+    /** Shipping cost */
+    shippingAmount?: string | null;
+    /** Tax amount */
+    taxAmount?: string | null;
     createdAt: string;
 }
 /**
@@ -882,7 +897,7 @@ interface SyncJob {
     platform?: string;
     message?: string;
 }
-type ConnectorPlatform = 'SHOPIFY' | 'TIKTOK' | 'META' | 'WOOCOMMERCE' | 'CUSTOM';
+type ConnectorPlatform = string;
 /**
  * Reference to an entity with ID and name.
  * Used for products, categories, and other related entities.
@@ -925,9 +940,6 @@ interface Coupon {
     lastSyncedAt?: string | null;
     /** Per-platform channel overrides */
     channels?: Record<string, Record<string, unknown>> | null;
-    shopifyCouponId?: string | null;
-    woocommerceCouponId?: string | null;
-    tiktokCouponId?: string | null;
     createdAt: string;
     updatedAt: string;
 }
@@ -1839,8 +1851,8 @@ interface SelectPickupLocationDto {
  * 2. Select shipping method: `selectShippingMethod(id, rateId)`
  * 3. Pay with Stripe: `createPaymentIntent(id)` → `stripe.confirmPayment()` → Order created automatically!
  *
- * **Note:** Order is created automatically via webhook when payment succeeds.
- * No need to call `completeCheckout()` - it happens automatically.
+ * **Note:** Always call `completeGuestCheckout()` on the success page.
+ * It is idempotent — if the payment webhook already created the order, it returns the existing order.
  *
  * **IMPORTANT: Order Summary Display**
  * Always use `checkout.lineItems` for displaying the Order Summary during checkout!
@@ -1906,6 +1918,8 @@ interface Checkout {
     subtotal: string;
     /** Discount amount as string - use parseFloat() */
     discountAmount: string;
+    /** Discount amount from automatic rules as string - use parseFloat() */
+    ruleDiscountAmount?: string;
     /** Shipping cost as string - use parseFloat() */
     shippingAmount: string;
     /** Tax amount as string - use parseFloat() */
@@ -4215,6 +4229,13 @@ declare class BrainerceClient {
     forgotPassword(email: string): Promise<{
         message: string;
     }>;
+    /**
+     * Reset customer password using a reset token received via email
+     * Works in vibe-coded, storefront, and admin mode
+     */
+    resetPassword(token: string, newPassword: string): Promise<{
+        message: string;
+    }>;
     /**
      * Verify customer email with a verification code
      * Only available in vibe-coded mode
@@ -5164,16 +5185,22 @@ declare class BrainerceClient {
      */
     getPaymentStatus(checkoutId: string): Promise<PaymentStatus>;
     /**
-     * Confirm a Grow SDK payment from the frontend.
-     * Call this in the Grow SDK `onSuccess` callback to notify the backend
-     * that payment succeeded, triggering order creation.
+     * Confirm a client-side SDK payment from the frontend.
+     * Call this in the payment SDK's success callback (e.g., Grow onSuccess) to notify the
+     * backend that payment succeeded, triggering order creation.
      *
      * **Vibe-coded mode only** - requires connectionId
      *
      * @param checkoutId - The checkout ID
-     * @param confirmationNumber - Optional confirmation number from Grow onSuccess
+     * @param providerResponseData - Optional payment provider SDK callback data (transactionId, transactionToken, confirmation_number, etc.)
+     */
+    confirmSdkPayment(checkoutId: string, providerResponseData?: Record<string, unknown>): Promise<{
+        confirmed: boolean;
+    }>;
+    /**
+     * @deprecated Use `confirmSdkPayment` instead. This method will be removed in a future version.
      */
-    confirmGrowPayment(checkoutId: string, confirmationNumber?: string): Promise<{
+    confirmGrowPayment(checkoutId: string, confirmationNumber?: string, growResponseData?: Record<string, unknown>): Promise<{
         confirmed: boolean;
     }>;
     /**

package/dist/index.d.ts

@@ -176,12 +176,6 @@ interface Product {
     attributes?: string[];
     metafields?: ProductMetafield[];
     channels?: Record<string, Record<string, unknown>>;
-    /** Shopify product ID (admin mode only) */
-    shopifyProductId?: string | null;
-    /** WooCommerce product ID (admin mode only) */
-    woocommerceProductId?: string | null;
-    /** Meta/Facebook Item Group ID (admin mode only) */
-    metaItemGroupId?: string | null;
     /** Whether product needs sync to platforms. Always returned by backend. */
     needsSync: boolean;
     /** Last sync timestamp (admin mode only) */
@@ -761,6 +755,27 @@ interface Order {
     platform?: string;
     /** Whether this order contains downloadable products */
     hasDownloads?: boolean;
+    /** Subtotal before discounts/shipping/tax */
+    subtotal?: string | null;
+    /** Total discount amount */
+    discountAmount?: string | null;
+    /** Applied coupon code */
+    couponCode?: string | null;
+    /** Coupon discount amount */
+    couponDiscount?: string | null;
+    /** Total discount from rules */
+    ruleDiscountAmount?: string | null;
+    /** Per-rule discount snapshots */
+    appliedDiscounts?: Array<{
+        ruleId: string;
+        ruleName: string;
+        type: string;
+        discountAmount: string | null;
+    }> | null;
+    /** Shipping cost */
+    shippingAmount?: string | null;
+    /** Tax amount */
+    taxAmount?: string | null;
     createdAt: string;
 }
 /**
@@ -882,7 +897,7 @@ interface SyncJob {
     platform?: string;
     message?: string;
 }
-type ConnectorPlatform = 'SHOPIFY' | 'TIKTOK' | 'META' | 'WOOCOMMERCE' | 'CUSTOM';
+type ConnectorPlatform = string;
 /**
  * Reference to an entity with ID and name.
  * Used for products, categories, and other related entities.
@@ -925,9 +940,6 @@ interface Coupon {
     lastSyncedAt?: string | null;
     /** Per-platform channel overrides */
     channels?: Record<string, Record<string, unknown>> | null;
-    shopifyCouponId?: string | null;
-    woocommerceCouponId?: string | null;
-    tiktokCouponId?: string | null;
     createdAt: string;
     updatedAt: string;
 }
@@ -1839,8 +1851,8 @@ interface SelectPickupLocationDto {
  * 2. Select shipping method: `selectShippingMethod(id, rateId)`
  * 3. Pay with Stripe: `createPaymentIntent(id)` → `stripe.confirmPayment()` → Order created automatically!
  *
- * **Note:** Order is created automatically via webhook when payment succeeds.
- * No need to call `completeCheckout()` - it happens automatically.
+ * **Note:** Always call `completeGuestCheckout()` on the success page.
+ * It is idempotent — if the payment webhook already created the order, it returns the existing order.
  *
  * **IMPORTANT: Order Summary Display**
  * Always use `checkout.lineItems` for displaying the Order Summary during checkout!
@@ -1906,6 +1918,8 @@ interface Checkout {
     subtotal: string;
     /** Discount amount as string - use parseFloat() */
     discountAmount: string;
+    /** Discount amount from automatic rules as string - use parseFloat() */
+    ruleDiscountAmount?: string;
     /** Shipping cost as string - use parseFloat() */
     shippingAmount: string;
     /** Tax amount as string - use parseFloat() */
@@ -4215,6 +4229,13 @@ declare class BrainerceClient {
     forgotPassword(email: string): Promise<{
         message: string;
     }>;
+    /**
+     * Reset customer password using a reset token received via email
+     * Works in vibe-coded, storefront, and admin mode
+     */
+    resetPassword(token: string, newPassword: string): Promise<{
+        message: string;
+    }>;
     /**
      * Verify customer email with a verification code
      * Only available in vibe-coded mode
@@ -5164,16 +5185,22 @@ declare class BrainerceClient {
      */
     getPaymentStatus(checkoutId: string): Promise<PaymentStatus>;
     /**
-     * Confirm a Grow SDK payment from the frontend.
-     * Call this in the Grow SDK `onSuccess` callback to notify the backend
-     * that payment succeeded, triggering order creation.
+     * Confirm a client-side SDK payment from the frontend.
+     * Call this in the payment SDK's success callback (e.g., Grow onSuccess) to notify the
+     * backend that payment succeeded, triggering order creation.
      *
      * **Vibe-coded mode only** - requires connectionId
      *
      * @param checkoutId - The checkout ID
-     * @param confirmationNumber - Optional confirmation number from Grow onSuccess
+     * @param providerResponseData - Optional payment provider SDK callback data (transactionId, transactionToken, confirmation_number, etc.)
+     */
+    confirmSdkPayment(checkoutId: string, providerResponseData?: Record<string, unknown>): Promise<{
+        confirmed: boolean;
+    }>;
+    /**
+     * @deprecated Use `confirmSdkPayment` instead. This method will be removed in a future version.
      */
-    confirmGrowPayment(checkoutId: string, confirmationNumber?: string): Promise<{
+    confirmGrowPayment(checkoutId: string, confirmationNumber?: string, growResponseData?: Record<string, unknown>): Promise<{
         confirmed: boolean;
     }>;
     /**

package/dist/index.js

@@ -1487,20 +1487,38 @@ var BrainerceClient = class {
    * Works in vibe-coded, storefront, and admin mode
    */
   async forgotPassword(email) {
+    const resetUrl = typeof window !== "undefined" ? `${window.location.origin}/reset-password` : void 0;
     if (this.isVibeCodedMode()) {
       return this.vibeCodedRequest("POST", "/customers/forgot-password", {
-        email
+        email,
+        resetUrl
       });
     }
     if (this.storeId && !this.apiKey) {
       return this.storefrontRequest("POST", "/customers/forgot-password", {
-        email
+        email,
+        resetUrl
       });
     }
     return this.adminRequest("POST", "/api/v1/customers/forgot-password", {
-      email
+      email,
+      resetUrl
     });
   }
+  /**
+   * Reset customer password using a reset token received via email
+   * Works in vibe-coded, storefront, and admin mode
+   */
+  async resetPassword(token, newPassword) {
+    const body = { token, newPassword };
+    if (this.isVibeCodedMode()) {
+      return this.vibeCodedRequest("POST", "/customers/reset-password", body);
+    }
+    if (this.storeId && !this.apiKey) {
+      return this.storefrontRequest("POST", "/customers/reset-password", body);
+    }
+    return this.adminRequest("POST", "/api/v1/customers/reset-password", body);
+  }
   /**
    * Verify customer email with a verification code
    * Only available in vibe-coded mode
@@ -3431,25 +3449,34 @@ var BrainerceClient = class {
     return this.vibeCodedRequest("GET", `/checkout/${checkoutId}/payment-status`);
   }
   /**
-   * Confirm a Grow SDK payment from the frontend.
-   * Call this in the Grow SDK `onSuccess` callback to notify the backend
-   * that payment succeeded, triggering order creation.
+   * Confirm a client-side SDK payment from the frontend.
+   * Call this in the payment SDK's success callback (e.g., Grow onSuccess) to notify the
+   * backend that payment succeeded, triggering order creation.
    *
    * **Vibe-coded mode only** - requires connectionId
    *
    * @param checkoutId - The checkout ID
-   * @param confirmationNumber - Optional confirmation number from Grow onSuccess
+   * @param providerResponseData - Optional payment provider SDK callback data (transactionId, transactionToken, confirmation_number, etc.)
    */
-  async confirmGrowPayment(checkoutId, confirmationNumber) {
+  async confirmSdkPayment(checkoutId, providerResponseData) {
     if (!this.isVibeCodedMode()) {
       throw new BrainerceError(
-        "confirmGrowPayment is only available in vibe-coded mode (use connectionId)",
+        "confirmSdkPayment is only available in vibe-coded mode (use connectionId)",
         400
       );
     }
-    return this.vibeCodedRequest("POST", "/payment/grow-confirm", {
+    return this.vibeCodedRequest("POST", "/payment/sdk-confirm", {
       checkoutId,
-      confirmationNumber
+      providerResponseData
+    });
+  }
+  /**
+   * @deprecated Use `confirmSdkPayment` instead. This method will be removed in a future version.
+   */
+  async confirmGrowPayment(checkoutId, confirmationNumber, growResponseData) {
+    return this.confirmSdkPayment(checkoutId, {
+      confirmation_number: confirmationNumber,
+      ...growResponseData || {}
     });
   }
   /**

package/dist/index.mjs

@@ -1429,20 +1429,38 @@ var BrainerceClient = class {
    * Works in vibe-coded, storefront, and admin mode
    */
   async forgotPassword(email) {
+    const resetUrl = typeof window !== "undefined" ? `${window.location.origin}/reset-password` : void 0;
     if (this.isVibeCodedMode()) {
       return this.vibeCodedRequest("POST", "/customers/forgot-password", {
-        email
+        email,
+        resetUrl
       });
     }
     if (this.storeId && !this.apiKey) {
       return this.storefrontRequest("POST", "/customers/forgot-password", {
-        email
+        email,
+        resetUrl
       });
     }
     return this.adminRequest("POST", "/api/v1/customers/forgot-password", {
-      email
+      email,
+      resetUrl
     });
   }
+  /**
+   * Reset customer password using a reset token received via email
+   * Works in vibe-coded, storefront, and admin mode
+   */
+  async resetPassword(token, newPassword) {
+    const body = { token, newPassword };
+    if (this.isVibeCodedMode()) {
+      return this.vibeCodedRequest("POST", "/customers/reset-password", body);
+    }
+    if (this.storeId && !this.apiKey) {
+      return this.storefrontRequest("POST", "/customers/reset-password", body);
+    }
+    return this.adminRequest("POST", "/api/v1/customers/reset-password", body);
+  }
   /**
    * Verify customer email with a verification code
    * Only available in vibe-coded mode
@@ -3373,25 +3391,34 @@ var BrainerceClient = class {
     return this.vibeCodedRequest("GET", `/checkout/${checkoutId}/payment-status`);
   }
   /**
-   * Confirm a Grow SDK payment from the frontend.
-   * Call this in the Grow SDK `onSuccess` callback to notify the backend
-   * that payment succeeded, triggering order creation.
+   * Confirm a client-side SDK payment from the frontend.
+   * Call this in the payment SDK's success callback (e.g., Grow onSuccess) to notify the
+   * backend that payment succeeded, triggering order creation.
    *
    * **Vibe-coded mode only** - requires connectionId
    *
    * @param checkoutId - The checkout ID
-   * @param confirmationNumber - Optional confirmation number from Grow onSuccess
+   * @param providerResponseData - Optional payment provider SDK callback data (transactionId, transactionToken, confirmation_number, etc.)
    */
-  async confirmGrowPayment(checkoutId, confirmationNumber) {
+  async confirmSdkPayment(checkoutId, providerResponseData) {
     if (!this.isVibeCodedMode()) {
       throw new BrainerceError(
-        "confirmGrowPayment is only available in vibe-coded mode (use connectionId)",
+        "confirmSdkPayment is only available in vibe-coded mode (use connectionId)",
         400
       );
     }
-    return this.vibeCodedRequest("POST", "/payment/grow-confirm", {
+    return this.vibeCodedRequest("POST", "/payment/sdk-confirm", {
       checkoutId,
-      confirmationNumber
+      providerResponseData
+    });
+  }
+  /**
+   * @deprecated Use `confirmSdkPayment` instead. This method will be removed in a future version.
+   */
+  async confirmGrowPayment(checkoutId, confirmationNumber, growResponseData) {
+    return this.confirmSdkPayment(checkoutId, {
+      confirmation_number: confirmationNumber,
+      ...growResponseData || {}
     });
   }
   /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "brainerce",
-  "version": "1.3.3",
+  "version": "1.4.1",
   "description": "Official SDK for building e-commerce storefronts with Brainerce Platform. Perfect for vibe-coded sites, AI-built stores (Cursor, Lovable, v0), and custom storefronts.",
   "main": "dist/index.js",
   "module": "dist/index.mjs",