cobras-auth-nuxt 1.0.0

package/dist/runtime/components/CobrasDevTools.vue

@@ -0,0 +1,89 @@
+<script setup lang="ts">
+import { useCobrasAuth, useCobrasDevTools } from '#imports'
+
+const { user, isAdmin } = useCobrasAuth()
+const { state, isAvailable, toggle, close, setFeatureFlag, getFeatureFlag, toggleDebugMode } = useCobrasDevTools()
+
+const featureFlagInput = ref('')
+
+function addFeatureFlag() {
+  if (featureFlagInput.value.trim()) {
+    setFeatureFlag(featureFlagInput.value.trim(), true)
+    featureFlagInput.value = ''
+  }
+}
+</script>
+
+<template>
+  <Teleport to="body">
+    <Transition name="slide">
+      <div
+        v-if="isAvailable && state.isOpen"
+        class="cobras-devtools"
+      >
+        <div class="cobras-devtools-header">
+          <span class="cobras-devtools-title">Cobras Dev Tools</span>
+          <button class="cobras-devtools-close" @click="close">&times;</button>
+        </div>
+
+        <div class="cobras-devtools-content">
+          <!-- User Info -->
+          <div class="cobras-devtools-section">
+            <h4>User</h4>
+            <div class="cobras-devtools-info">
+              <span>{{ user?.name || 'Unknown' }}</span>
+              <span class="cobras-devtools-badge">{{ user?.role }}</span>
+            </div>
+            <div class="cobras-devtools-email">{{ user?.email }}</div>
+          </div>
+
+          <!-- Debug Mode -->
+          <div class="cobras-devtools-section">
+            <h4>Debug</h4>
+            <label class="cobras-devtools-toggle">
+              <input
+                type="checkbox"
+                :checked="state.debugMode"
+                @change="toggleDebugMode"
+              />
+              <span>Debug Mode</span>
+            </label>
+          </div>
+
+          <!-- Feature Flags -->
+          <div class="cobras-devtools-section">
+            <h4>Feature Flags</h4>
+            <div class="cobras-devtools-flags">
+              <div
+                v-for="(enabled, key) in state.featureFlags"
+                :key="key"
+                class="cobras-devtools-flag"
+              >
+                <label>
+                  <input
+                    type="checkbox"
+                    :checked="enabled"
+                    @change="setFeatureFlag(String(key), !enabled)"
+                  />
+                  {{ key }}
+                </label>
+              </div>
+            </div>
+            <div class="cobras-devtools-add-flag">
+              <input
+                v-model="featureFlagInput"
+                placeholder="Add flag..."
+                @keyup.enter="addFeatureFlag"
+              />
+              <button @click="addFeatureFlag">+</button>
+            </div>
+          </div>
+        </div>
+      </div>
+    </Transition>
+  </Teleport>
+</template>
+
+<style scoped>
+.cobras-devtools{background:#1a1a2e;border:1px solid #333;border-radius:8px;bottom:20px;box-shadow:0 4px 20px rgba(0,0,0,.5);color:#e0e0e0;font-family:-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,sans-serif;font-size:13px;position:fixed;right:20px;width:320px;z-index:99999}.cobras-devtools-header{align-items:center;background:#16213e;border-bottom:1px solid #333;border-radius:8px 8px 0 0;display:flex;justify-content:space-between;padding:12px 16px}.cobras-devtools-title{color:#fff;font-weight:600}.cobras-devtools-close{background:none;border:none;color:#888;cursor:pointer;font-size:20px;line-height:1;padding:0}.cobras-devtools-close:hover{color:#fff}.cobras-devtools-content{max-height:400px;overflow-y:auto;padding:16px}.cobras-devtools-section{margin-bottom:16px}.cobras-devtools-section:last-child{margin-bottom:0}.cobras-devtools-section h4{color:#888;font-size:11px;letter-spacing:.5px;margin:0 0 8px;text-transform:uppercase}.cobras-devtools-info{align-items:center;display:flex;gap:8px}.cobras-devtools-badge{background:#0f3460;border-radius:4px;font-size:11px;padding:2px 8px;text-transform:uppercase}.cobras-devtools-email{color:#888;font-size:12px;margin-top:4px}.cobras-devtools-toggle{align-items:center;cursor:pointer;display:flex;gap:8px}.cobras-devtools-toggle input{cursor:pointer}.cobras-devtools-flags{display:flex;flex-direction:column;gap:6px}.cobras-devtools-flag label{align-items:center;cursor:pointer;display:flex;gap:8px}.cobras-devtools-add-flag{display:flex;gap:8px;margin-top:8px}.cobras-devtools-add-flag input{background:#16213e;border:1px solid #333;border-radius:4px;color:#e0e0e0;flex:1;font-size:12px;padding:6px 10px}.cobras-devtools-add-flag button{background:#0f3460;border:none;border-radius:4px;color:#fff;cursor:pointer;padding:6px 12px}.cobras-devtools-add-flag button:hover{background:#1a4a7a}.slide-enter-active,.slide-leave-active{transition:all .2s ease}.slide-enter-from,.slide-leave-to{opacity:0;transform:translateY(20px)}
+</style>

package/dist/runtime/composables/useCobrasAuth.js

@@ -0,0 +1,99 @@
+import { useState, useRuntimeConfig, computed } from "#imports";
+export function useCobrasAuth() {
+  const config = useRuntimeConfig();
+  const authConfig = config.public.cobrasAuth;
+  const state = useState("cobras-auth-state", () => ({
+    user: null,
+    initialized: false,
+    loading: false,
+    error: null
+  }));
+  const user = computed({
+    get: () => state.value.user,
+    set: (val) => {
+      state.value.user = val;
+    }
+  });
+  const isAuthenticated = computed(() => !!state.value.user);
+  const isInternalUser = computed(() => !!state.value.user);
+  const isAdmin = computed(() => state.value.user?.role === "admin");
+  async function checkAuth() {
+    if (state.value.loading) return;
+    state.value.loading = true;
+    state.value.error = null;
+    try {
+      const response = await $fetch("/api/_cobras/verify", {
+        credentials: "include"
+      });
+      if (response.valid && response.user) {
+        state.value.user = response.user;
+      } else {
+        state.value.user = null;
+      }
+    } catch (error) {
+      state.value.user = null;
+      state.value.error = error.message || "Auth check failed";
+      if (authConfig.debug) {
+        console.warn("[@cobras/auth-nuxt] Auth check failed:", error);
+      }
+    } finally {
+      state.value.loading = false;
+      state.value.initialized = true;
+    }
+  }
+  function login(redirect) {
+    const currentUrl = redirect || (typeof window !== "undefined" ? window.location.href : "/");
+    const loginUrl = `${authConfig.authServiceUrl}/login?redirect=${encodeURIComponent(currentUrl)}`;
+    if (typeof window !== "undefined") {
+      window.location.href = loginUrl;
+    }
+  }
+  async function logout() {
+    try {
+      await $fetch("/api/_cobras/logout", {
+        method: "POST",
+        credentials: "include"
+      });
+    } catch (error) {
+      if (authConfig.debug) {
+        console.warn("[@cobras/auth-nuxt] Logout error:", error);
+      }
+    }
+    state.value.user = null;
+    if (authConfig.mode === "internal" && typeof window !== "undefined") {
+      window.location.href = authConfig.authServiceUrl;
+    }
+  }
+  async function verifySiteAccess() {
+    if (!state.value.user) return false;
+    if (!authConfig.siteId && !authConfig.siteDomain) return true;
+    try {
+      const response = await $fetch(
+        `${authConfig.authServiceUrl}/api/auth/check-access`,
+        {
+          method: "POST",
+          body: {
+            siteId: authConfig.siteId,
+            siteDomain: authConfig.siteDomain
+          },
+          credentials: "include"
+        }
+      );
+      return response.hasAccess;
+    } catch {
+      return false;
+    }
+  }
+  return {
+    user,
+    state,
+    isAuthenticated,
+    isInternalUser,
+    isAdmin,
+    mode: authConfig.mode,
+    checkAuth,
+    login,
+    logout,
+    verifySiteAccess
+  };
+}

package/dist/runtime/composables/useCobrasDevTools.js

@@ -0,0 +1,69 @@
+import { useState, useRuntimeConfig, computed } from "#imports";
+import { useCobrasAuth } from "./useCobrasAuth.js";
+export function useCobrasDevTools() {
+  const config = useRuntimeConfig();
+  const authConfig = config.public.cobrasAuth;
+  const { isAuthenticated } = useCobrasAuth();
+  const state = useState("cobras-devtools-state", () => ({
+    isOpen: false,
+    featureFlags: {},
+    debugMode: false,
+    showMetrics: false
+  }));
+  const isAvailable = computed(() => {
+    return authConfig.enableDevTools && isAuthenticated.value;
+  });
+  function toggle() {
+    if (!isAvailable.value) return;
+    state.value.isOpen = !state.value.isOpen;
+  }
+  function open() {
+    if (!isAvailable.value) return;
+    state.value.isOpen = true;
+  }
+  function close() {
+    state.value.isOpen = false;
+  }
+  function setFeatureFlag(key, value) {
+    state.value.featureFlags[key] = value;
+    if (typeof window !== "undefined") {
+      localStorage.setItem("cobras-feature-flags", JSON.stringify(state.value.featureFlags));
+    }
+  }
+  function getFeatureFlag(key) {
+    return state.value.featureFlags[key] ?? false;
+  }
+  function toggleDebugMode() {
+    state.value.debugMode = !state.value.debugMode;
+    if (typeof window !== "undefined") {
+      localStorage.setItem("cobras-debug-mode", String(state.value.debugMode));
+    }
+  }
+  function toggleMetrics() {
+    state.value.showMetrics = !state.value.showMetrics;
+  }
+  if (typeof window !== "undefined") {
+    const savedFlags = localStorage.getItem("cobras-feature-flags");
+    if (savedFlags) {
+      try {
+        state.value.featureFlags = JSON.parse(savedFlags);
+      } catch {
+      }
+    }
+    const savedDebug = localStorage.getItem("cobras-debug-mode");
+    if (savedDebug) {
+      state.value.debugMode = savedDebug === "true";
+    }
+  }
+  return {
+    state,
+    isAvailable,
+    toggle,
+    open,
+    close,
+    setFeatureFlag,
+    getFeatureFlag,
+    toggleDebugMode,
+    toggleMetrics
+  };
+}

package/dist/runtime/composables/useCobrasMode.js

@@ -0,0 +1,25 @@
+import { useRuntimeConfig, computed } from "#imports";
+import { useCobrasAuth } from "./useCobrasAuth.js";
+export function useCobrasMode() {
+  const config = useRuntimeConfig();
+  const authConfig = config.public.cobrasAuth;
+  const { isAuthenticated, isAdmin } = useCobrasAuth();
+  const mode = authConfig.mode;
+  const isInternalMode = mode === "internal";
+  const isPublicMode = mode === "public";
+  const showInternalFeatures = computed(() => isAuthenticated.value);
+  const showAdminFeatures = computed(() => isAdmin.value);
+  const devToolsEnabled = computed(() => {
+    if (!authConfig.enableDevTools) return false;
+    if (isPublicMode) return isAuthenticated.value;
+    return isAuthenticated.value;
+  });
+  return {
+    mode,
+    isInternalMode,
+    isPublicMode,
+    showInternalFeatures: showInternalFeatures.value,
+    showAdminFeatures: showAdminFeatures.value,
+    devToolsEnabled: devToolsEnabled.value
+  };
+}

package/dist/runtime/middleware/auth.js

@@ -0,0 +1,36 @@
+import { defineNuxtRouteMiddleware, useRuntimeConfig, useState, navigateTo } from "#imports";
+export default defineNuxtRouteMiddleware(async (to) => {
+  const config = useRuntimeConfig();
+  const authConfig = config.public.cobrasAuth;
+  const state = useState("cobras-auth-state");
+  if (to.query.code) {
+    return;
+  }
+  if (!state.value?.initialized) {
+    return;
+  }
+  if (authConfig.mode === "public") {
+    return;
+  }
+  const isPublicRoute = authConfig.publicRoutes.some((route) => {
+    if (route.endsWith("*")) {
+      return to.path.startsWith(route.slice(0, -1));
+    }
+    return to.path === route;
+  });
+  if (isPublicRoute) {
+    return;
+  }
+  if (!state.value?.user) {
+    let redirectUrl;
+    if (typeof window !== "undefined") {
+      redirectUrl = window.location.href;
+    } else {
+      redirectUrl = to.fullPath;
+    }
+    return navigateTo(
+      `${authConfig.authServiceUrl}/login?redirect_uri=${encodeURIComponent(redirectUrl)}`,
+      { external: true }
+    );
+  }
+});

package/dist/runtime/middleware/internal.js

@@ -0,0 +1,19 @@
+import { defineNuxtRouteMiddleware, useRuntimeConfig, useState, navigateTo } from "#imports";
+export default defineNuxtRouteMiddleware(async (to) => {
+  const config = useRuntimeConfig();
+  const authConfig = config.public.cobrasAuth;
+  const state = useState("cobras-auth-state");
+  if (to.query.code) {
+    return;
+  }
+  if (!state.value?.initialized) {
+    return;
+  }
+  if (!state.value?.user) {
+    const currentUrl = typeof window !== "undefined" ? window.location.href : to.fullPath;
+    return navigateTo(
+      `${authConfig.authServiceUrl}/login?redirect_uri=${encodeURIComponent(currentUrl)}`,
+      { external: true }
+    );
+  }
+});

package/dist/runtime/plugins/auth.client.js

@@ -0,0 +1,122 @@
+import { defineNuxtPlugin, useRuntimeConfig, useState, computed, useRoute, useRouter } from "#imports";
+export default defineNuxtPlugin(async (nuxtApp) => {
+  const config = useRuntimeConfig();
+  const authConfig = config.public.cobrasAuth;
+  const route = useRoute();
+  const router = useRouter();
+  const state = useState("cobras-auth-state", () => ({
+    user: null,
+    initialized: false,
+    loading: false,
+    error: null
+  }));
+  const user = computed(() => state.value.user);
+  const isAuthenticated = computed(() => !!state.value.user);
+  const isInternalUser = computed(() => !!state.value.user);
+  const isAdmin = computed(() => state.value.user?.role === "admin");
+  async function exchangeCode(code2) {
+    try {
+      const response = await $fetch("/api/_cobras/exchange", {
+        method: "POST",
+        body: { code: code2 },
+        credentials: "include"
+      });
+      if (response.success && response.user) {
+        state.value.user = response.user;
+        return true;
+      }
+    } catch (error) {
+      if (authConfig.debug) {
+        console.warn("[@cobras/auth-nuxt] Code exchange failed:", error);
+      }
+    }
+    return false;
+  }
+  async function checkAuth() {
+    if (state.value.loading) return;
+    state.value.loading = true;
+    state.value.error = null;
+    try {
+      const response = await $fetch("/api/_cobras/verify", {
+        credentials: "include"
+      });
+      if (response.valid && response.user) {
+        state.value.user = response.user;
+      } else {
+        state.value.user = null;
+      }
+    } catch (error) {
+      state.value.user = null;
+      if (error.statusCode !== 401 && authConfig.debug) {
+        console.warn("[@cobras/auth-nuxt] Auth check failed:", error);
+      }
+    } finally {
+      state.value.loading = false;
+      state.value.initialized = true;
+    }
+  }
+  function login(redirect) {
+    const currentUrl = redirect || window.location.href;
+    const loginUrl = `${authConfig.authServiceUrl}/login?redirect_uri=${encodeURIComponent(currentUrl)}`;
+    window.location.href = loginUrl;
+  }
+  async function logout() {
+    try {
+      await $fetch("/api/_cobras/logout", {
+        method: "POST",
+        credentials: "include"
+      });
+    } catch (error) {
+      if (authConfig.debug) {
+        console.warn("[@cobras/auth-nuxt] Logout error:", error);
+      }
+    }
+    state.value.user = null;
+    if (authConfig.mode === "internal") {
+      window.location.href = authConfig.authServiceUrl;
+    }
+  }
+  const code = route.query.code;
+  if (code) {
+    const success = await exchangeCode(code);
+    if (success) {
+      const newQuery = { ...route.query };
+      delete newQuery.code;
+      router.replace({ query: newQuery });
+    }
+  }
+  await checkAuth();
+  if (authConfig.enableDevTools && authConfig.devToolsKey) {
+    const keys = authConfig.devToolsKey.toLowerCase().split("+");
+    document.addEventListener("keydown", (e) => {
+      const pressed = [
+        e.ctrlKey && "ctrl",
+        e.shiftKey && "shift",
+        e.altKey && "alt",
+        e.metaKey && "meta",
+        e.key.toLowerCase()
+      ].filter(Boolean);
+      if (keys.every((k) => pressed.includes(k)) && isAuthenticated.value) {
+        const devToolsState = useState("cobras-devtools-state");
+        if (devToolsState.value) {
+          devToolsState.value.isOpen = !devToolsState.value.isOpen;
+        }
+      }
+    });
+  }
+  const cobrasAuth = {
+    user,
+    isAuthenticated,
+    isInternalUser,
+    isAdmin,
+    mode: authConfig.mode,
+    checkAuth,
+    login,
+    logout
+  };
+  return {
+    provide: {
+      cobrasAuth
+    }
+  };
+});

package/dist/runtime/plugins/auth.server.js

@@ -0,0 +1,69 @@
+import { defineNuxtPlugin, useRuntimeConfig, useState, computed, useRequestHeaders } from "#imports";
+export default defineNuxtPlugin(async (nuxtApp) => {
+  const config = useRuntimeConfig();
+  const authConfig = config.public.cobrasAuth;
+  const state = useState("cobras-auth-state", () => ({
+    user: null,
+    initialized: false,
+    loading: false,
+    error: null
+  }));
+  const user = computed(() => state.value.user);
+  const isAuthenticated = computed(() => !!state.value.user);
+  const isInternalUser = computed(() => !!state.value.user);
+  const isAdmin = computed(() => state.value.user?.role === "admin");
+  async function checkAuth() {
+    if (state.value.loading) return;
+    state.value.loading = true;
+    state.value.error = null;
+    try {
+      const headers = useRequestHeaders(["cookie"]);
+      const response = await $fetch(
+        `${authConfig.authServiceUrl}/api/auth/verify`,
+        {
+          headers: {
+            cookie: headers.cookie || ""
+          }
+        }
+      );
+      if (response.valid && response.user) {
+        state.value.user = response.user;
+      } else {
+        state.value.user = null;
+      }
+    } catch (error) {
+      state.value.user = null;
+      if (error.statusCode !== 401 && authConfig.debug) {
+        console.warn("[@cobras/auth-nuxt] SSR auth check failed:", error.message);
+      }
+    } finally {
+      state.value.loading = false;
+      state.value.initialized = true;
+    }
+  }
+  function login(redirect) {
+  }
+  async function logout() {
+    state.value.user = null;
+  }
+  const cobrasAuth = {
+    user,
+    isAuthenticated,
+    isInternalUser,
+    isAdmin,
+    mode: authConfig.mode,
+    checkAuth,
+    login,
+    logout
+  };
+  if (authConfig.mode === "internal") {
+    await checkAuth();
+  } else {
+    state.value.initialized = true;
+  }
+  return {
+    provide: {
+      cobrasAuth
+    }
+  };
+});

package/dist/runtime/server/api/exchange.post.js

@@ -0,0 +1,49 @@
+import { defineEventHandler, readBody, createError, setCookie } from "h3";
+import { useRuntimeConfig } from "#imports";
+export default defineEventHandler(async (event) => {
+  const config = useRuntimeConfig();
+  const authServiceUrl = config.public.cobrasAuth.authServiceUrl;
+  const body = await readBody(event);
+  const { code } = body;
+  if (!code) {
+    throw createError({
+      statusCode: 400,
+      message: "code is required"
+    });
+  }
+  try {
+    const response = await $fetch(`${authServiceUrl}/api/auth/token`, {
+      method: "POST",
+      body: { code }
+    });
+    if (!response.success || !response.user) {
+      throw createError({
+        statusCode: 401,
+        message: "Invalid code"
+      });
+    }
+    const session = {
+      user: response.user,
+      expires_at: response.expires_at
+    };
+    const sessionData = Buffer.from(JSON.stringify(session)).toString("base64");
+    setCookie(event, "cobras_session", sessionData, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+      sameSite: "lax",
+      path: "/",
+      maxAge: 24 * 60 * 60
+      // 24 hours
+    });
+    return {
+      success: true,
+      user: response.user
+    };
+  } catch (error) {
+    console.error("[@cobras/auth-nuxt] Code exchange failed:", error.message);
+    throw createError({
+      statusCode: error.statusCode || 500,
+      message: error.message || "Code exchange failed"
+    });
+  }
+});

package/dist/runtime/server/api/logout.post.js

@@ -0,0 +1,27 @@
+import { defineEventHandler, getHeader, setCookie } from "h3";
+import { useRuntimeConfig } from "#imports";
+export default defineEventHandler(async (event) => {
+  const config = useRuntimeConfig();
+  const authServiceUrl = config.public.cobrasAuth.authServiceUrl;
+  const cookieDomain = config.cobrasAuth?.cookieDomain;
+  const cookieHeader = getHeader(event, "cookie") || "";
+  try {
+    await $fetch(`${authServiceUrl}/api/auth/logout`, {
+      method: "POST",
+      headers: {
+        cookie: cookieHeader
+      }
+    });
+  } catch {
+  }
+  const cookieOptions = {
+    httpOnly: true,
+    secure: true,
+    sameSite: "lax",
+    path: "/",
+    ...cookieDomain ? { domain: cookieDomain } : {}
+  };
+  setCookie(event, "access_token", "", { ...cookieOptions, maxAge: 0 });
+  setCookie(event, "refresh_token", "", { ...cookieOptions, maxAge: 0 });
+  return { success: true };
+});

package/dist/runtime/server/api/refresh.post.js

@@ -0,0 +1,24 @@
+import { defineEventHandler, getHeader, createError } from "h3";
+import { useRuntimeConfig } from "#imports";
+export default defineEventHandler(async (event) => {
+  const config = useRuntimeConfig();
+  const authServiceUrl = config.public.cobrasAuth.authServiceUrl;
+  const cookieHeader = getHeader(event, "cookie") || "";
+  try {
+    const response = await $fetch(
+      `${authServiceUrl}/api/auth/refresh`,
+      {
+        method: "POST",
+        headers: {
+          cookie: cookieHeader
+        }
+      }
+    );
+    return response;
+  } catch (error) {
+    throw createError({
+      statusCode: error.statusCode || 500,
+      message: error.message || "Token refresh failed"
+    });
+  }
+});