create-fluxstack 1.5.0 → 1.5.2

package/plugins/crypto-auth/client/components/AuthProvider.tsx

@@ -1,131 +0,0 @@
-/**
- * Provedor de Contexto de Autenticação
- * Context Provider React para gerenciar chaves criptográficas
- */
-
-import React, { createContext, useContext, useEffect, useState, type ReactNode } from 'react'
-import { CryptoAuthClient, type KeyPair, type AuthConfig } from '../CryptoAuthClient'
-
-export interface AuthContextValue {
-  client: CryptoAuthClient
-  keys: KeyPair | null
-  hasKeys: boolean
-  isLoading: boolean
-  error: string | null
-  createKeys: () => void
-  clearKeys: () => void
-}
-
-const AuthContext = createContext<AuthContextValue | null>(null)
-
-export interface AuthProviderProps {
-  children: ReactNode
-  config?: AuthConfig
-  onKeysChange?: (hasKeys: boolean, keys: KeyPair | null) => void
-  onError?: (error: string) => void
-}
-
-export const AuthProvider: React.FC<AuthProviderProps> = ({
-  children,
-  config = {},
-  onKeysChange,
-  onError
-}) => {
-  const [client] = useState(() => new CryptoAuthClient({ ...config, autoInit: false }))
-  const [keys, setKeys] = useState<KeyPair | null>(null)
-  const [isLoading, setIsLoading] = useState(true)
-  const [error, setError] = useState<string | null>(null)
-
-  const hasKeys = keys !== null
-
-  useEffect(() => {
-    initializeKeys()
-  }, [])
-
-  useEffect(() => {
-    onKeysChange?.(hasKeys, keys)
-  }, [hasKeys, keys, onKeysChange])
-
-  const initializeKeys = () => {
-    setIsLoading(true)
-    setError(null)
-
-    try {
-      const existingKeys = client.getKeys()
-      if (existingKeys) {
-        setKeys(existingKeys)
-      }
-    } catch (err) {
-      const errorMessage = err instanceof Error ? err.message : 'Erro desconhecido'
-      setError(errorMessage)
-      onError?.(errorMessage)
-      console.error('Erro ao inicializar chaves:', err)
-    } finally {
-      setIsLoading(false)
-    }
-  }
-
-  const createKeys = () => {
-    setIsLoading(true)
-    setError(null)
-
-    try {
-      const newKeys = client.createNewKeys()
-      setKeys(newKeys)
-    } catch (err) {
-      const errorMessage = err instanceof Error ? err.message : 'Erro ao criar chaves'
-      setError(errorMessage)
-      onError?.(errorMessage)
-      throw err
-    } finally {
-      setIsLoading(false)
-    }
-  }
-
-  const clearKeys = () => {
-    setIsLoading(true)
-    setError(null)
-
-    try {
-      client.clearKeys()
-      setKeys(null)
-    } catch (err) {
-      const errorMessage = err instanceof Error ? err.message : 'Erro ao limpar chaves'
-      setError(errorMessage)
-      onError?.(errorMessage)
-      // Mesmo com erro, limpar as chaves locais
-      setKeys(null)
-    } finally {
-      setIsLoading(false)
-    }
-  }
-
-  const contextValue: AuthContextValue = {
-    client,
-    keys,
-    hasKeys,
-    isLoading,
-    error,
-    createKeys,
-    clearKeys
-  }
-
-  return (
-    <AuthContext.Provider value={contextValue}>
-      {children}
-    </AuthContext.Provider>
-  )
-}
-
-/**
- * Hook para usar o contexto de autenticação
- */
-export const useAuth = (): AuthContextValue => {
-  const context = useContext(AuthContext)
-  if (!context) {
-    throw new Error('useAuth deve ser usado dentro de um AuthProvider')
-  }
-  return context
-}
-
-export default AuthProvider

package/plugins/crypto-auth/client/components/LoginButton.tsx

@@ -1,138 +0,0 @@
-/**
- * Componente de Botão de Login
- * Componente React para autenticação criptográfica baseada em keypair
- */
-
-import React, { useState, useEffect } from 'react'
-import { CryptoAuthClient, type KeyPair } from '../CryptoAuthClient'
-
-export interface LoginButtonProps {
-  onLogin?: (keys: KeyPair) => void
-  onLogout?: () => void
-  onError?: (error: string) => void
-  className?: string
-  loginText?: string
-  logoutText?: string
-  loadingText?: string
-  authClient?: CryptoAuthClient
-}
-
-export const LoginButton: React.FC<LoginButtonProps> = ({
-  onLogin,
-  onLogout,
-  onError,
-  className = '',
-  loginText = 'Gerar Chaves',
-  logoutText = 'Limpar Chaves',
-  loadingText = 'Carregando...',
-  authClient
-}) => {
-  const [client] = useState(() => authClient || new CryptoAuthClient({ autoInit: false }))
-  const [hasKeys, setHasKeys] = useState(false)
-  const [isLoading, setIsLoading] = useState(false)
-  const [keys, setKeys] = useState<KeyPair | null>(null)
-
-  useEffect(() => {
-    checkKeysStatus()
-  }, [])
-
-  const checkKeysStatus = () => {
-    try {
-      const existingKeys = client.getKeys()
-      if (existingKeys) {
-        setHasKeys(true)
-        setKeys(existingKeys)
-      } else {
-        setHasKeys(false)
-        setKeys(null)
-      }
-    } catch (error) {
-      console.error('Erro ao verificar chaves:', error)
-      setHasKeys(false)
-      setKeys(null)
-    }
-  }
-
-  const handleLogin = () => {
-    setIsLoading(true)
-    try {
-      const newKeys = client.createNewKeys()
-      setHasKeys(true)
-      setKeys(newKeys)
-      onLogin?.(newKeys)
-    } catch (error) {
-      const errorMessage = error instanceof Error ? error.message : 'Erro desconhecido'
-      console.error('Erro ao gerar chaves:', error)
-      onError?.(errorMessage)
-    } finally {
-      setIsLoading(false)
-    }
-  }
-
-  const handleLogout = () => {
-    setIsLoading(true)
-    try {
-      client.clearKeys()
-      setHasKeys(false)
-      setKeys(null)
-      onLogout?.()
-    } catch (error) {
-      const errorMessage = error instanceof Error ? error.message : 'Erro desconhecido'
-      console.error('Erro ao limpar chaves:', error)
-      onError?.(errorMessage)
-    } finally {
-      setIsLoading(false)
-    }
-  }
-
-  const baseClassName = `
-    px-4 py-2 rounded-md font-medium transition-colors duration-200
-    focus:outline-none focus:ring-2 focus:ring-offset-2
-    disabled:opacity-50 disabled:cursor-not-allowed
-  `.trim()
-
-  if (isLoading) {
-    return (
-      <button
-        disabled
-        className={`${baseClassName} bg-gray-400 text-white cursor-not-allowed ${className}`}
-      >
-        {loadingText}
-      </button>
-    )
-  }
-
-  if (hasKeys && keys) {
-    return (
-      <div className="flex items-center gap-3">
-        <div className="flex items-center gap-2">
-          <div className="w-2 h-2 bg-green-500 rounded-full"></div>
-          <span className="text-sm text-gray-600">
-            Autenticado
-          </span>
-          <code className="text-xs bg-gray-100 px-2 py-1 rounded">
-            {keys.publicKey.substring(0, 16)}...
-          </code>
-        </div>
-
-        <button
-          onClick={handleLogout}
-          className={`${baseClassName} bg-red-600 hover:bg-red-700 text-white focus:ring-red-500 ${className}`}
-        >
-          {logoutText}
-        </button>
-      </div>
-    )
-  }
-
-  return (
-    <button
-      onClick={handleLogin}
-      className={`${baseClassName} bg-blue-600 hover:bg-blue-700 text-white focus:ring-blue-500 ${className}`}
-    >
-      {loginText}
-    </button>
-  )
-}
-
-export default LoginButton

package/plugins/crypto-auth/client/components/ProtectedRoute.tsx

@@ -1,89 +0,0 @@
-/**
- * Componente de Rota Protegida
- * Protege componentes que requerem chaves criptográficas no client-side
- *
- * NOTA: Este componente apenas verifica se há chaves locais.
- * A autenticação real acontece no backend via validação de assinatura.
- */
-
-import React, { type ReactNode } from 'react'
-import { useAuth } from './AuthProvider'
-
-export interface ProtectedRouteProps {
-  children: ReactNode
-  fallback?: ReactNode
-  loadingComponent?: ReactNode
-  unauthorizedComponent?: ReactNode
-}
-
-export const ProtectedRoute: React.FC<ProtectedRouteProps> = ({
-  children,
-  fallback,
-  loadingComponent,
-  unauthorizedComponent
-}) => {
-  const { hasKeys, isLoading, error } = useAuth()
-
-  // Componente de loading padrão
-  const defaultLoadingComponent = (
-    <div className="flex items-center justify-center p-8">
-      <div className="animate-spin rounded-full h-8 w-8 border-b-2 border-blue-600"></div>
-      <span className="ml-3 text-gray-600">Verificando chaves...</span>
-    </div>
-  )
-
-  // Componente de não autorizado padrão
-  const defaultUnauthorizedComponent = (
-    <div className="flex flex-col items-center justify-center p-8 bg-red-50 border border-red-200 rounded-lg">
-      <div className="text-red-600 mb-4">
-        <svg className="w-12 h-12" fill="none" stroke="currentColor" viewBox="0 0 24 24">
-          <path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M12 15v2m-6 4h12a2 2 0 002-2v-6a2 2 0 00-2-2H6a2 2 0 00-2 2v6a2 2 0 002 2zm10-10V7a4 4 0 00-8 0v4h8z" />
-        </svg>
-      </div>
-      <h3 className="text-lg font-semibold text-red-800 mb-2">Chaves Não Encontradas</h3>
-      <p className="text-red-600 text-center">
-        Você precisa gerar chaves criptográficas para acessar esta página.
-      </p>
-      {error && (
-        <p className="text-red-500 text-sm mt-2">
-          Erro: {error}
-        </p>
-      )}
-    </div>
-  )
-
-  // Mostrar loading enquanto verifica
-  if (isLoading) {
-    return <>{loadingComponent || defaultLoadingComponent}</>
-  }
-
-  // Verificar se tem chaves
-  if (!hasKeys) {
-    return <>{unauthorizedComponent || fallback || defaultUnauthorizedComponent}</>
-  }
-
-  // Tem chaves, renderizar children
-  // NOTA: Isso não garante autenticação no backend!
-  // O backend ainda validará a assinatura em cada requisição.
-  return <>{children}</>
-}
-
-/**
- * HOC para proteger componentes
- */
-export function withAuth<P extends object>(
-  Component: React.ComponentType<P>,
-  options: Omit<ProtectedRouteProps, 'children'> = {}
-) {
-  const WrappedComponent = (props: P) => (
-    <ProtectedRoute {...options}>
-      <Component {...props} />
-    </ProtectedRoute>
-  )
-
-  WrappedComponent.displayName = `withAuth(${Component.displayName || Component.name})`
-
-  return WrappedComponent
-}
-
-export default ProtectedRoute

package/plugins/crypto-auth/client/components/index.ts

@@ -1,12 +0,0 @@
-/**
- * Exportações dos componentes do cliente
- */
-
-export { LoginButton } from './LoginButton'
-export type { LoginButtonProps } from './LoginButton'
-
-export { AuthProvider, useAuth } from './AuthProvider'
-export type { AuthProviderProps, AuthContextValue } from './AuthProvider'
-
-export { ProtectedRoute, withAuth } from './ProtectedRoute'
-export type { ProtectedRouteProps } from './ProtectedRoute'

package/plugins/crypto-auth/client/index.ts

@@ -1,12 +0,0 @@
-/**
- * Exportações principais do cliente de autenticação
- */
-
-export { CryptoAuthClient } from './CryptoAuthClient'
-export type { KeyPair, AuthConfig, SignedRequestOptions } from './CryptoAuthClient'
-
-// Componentes React
-export * from './components'
-
-// Re-exportar para compatibilidade
-export { CryptoAuthClient as default } from './CryptoAuthClient'

package/plugins/crypto-auth/config/index.ts

@@ -1,34 +0,0 @@
-/**
- * Crypto Auth Plugin Configuration
- * Declarative config using FluxStack config system
- */
-
-import { defineConfig, config } from '@/core/utils/config-schema'
-
-const cryptoAuthConfigSchema = {
-  // Enable/disable plugin
-  enabled: config.boolean('CRYPTO_AUTH_ENABLED', true),
-
-  // Security settings
-  maxTimeDrift: config.number('CRYPTO_AUTH_MAX_TIME_DRIFT', 300000, false), // 5 minutes in ms
-
-  // Admin keys (array of public keys in hex format)
-  adminKeys: config.array('CRYPTO_AUTH_ADMIN_KEYS', []),
-
-  // Metrics and monitoring
-  enableMetrics: config.boolean('CRYPTO_AUTH_ENABLE_METRICS', true),
-
-  // Session configuration (for future features)
-  sessionTimeout: config.number('CRYPTO_AUTH_SESSION_TIMEOUT', 1800000, false), // 30 minutes
-
-  // Nonce configuration
-  nonceLength: config.number('CRYPTO_AUTH_NONCE_LENGTH', 16, false), // bytes
-
-  // Rate limiting (requests per minute per public key)
-  rateLimitPerMinute: config.number('CRYPTO_AUTH_RATE_LIMIT', 100, false),
-} as const
-
-export const cryptoAuthConfig = defineConfig(cryptoAuthConfigSchema)
-
-export type CryptoAuthConfig = typeof cryptoAuthConfig
-export default cryptoAuthConfig

package/plugins/crypto-auth/index.ts

@@ -1,162 +0,0 @@
-/**
- * FluxStack Crypto Auth Plugin
- * Sistema de autenticação baseado em criptografia Ed25519
- */
-
-import type { FluxStack, PluginContext, RequestContext, ResponseContext } from "../../core/plugins/types"
-
-type Plugin = FluxStack.Plugin
-import { Elysia, t } from "elysia"
-import { CryptoAuthService, AuthMiddleware } from "./server"
-import { makeProtectedRouteCommand } from "./cli/make-protected-route.command"
-
-// ✅ Plugin carrega sua própria configuração (da pasta config/ do plugin)
-import { cryptoAuthConfig } from "./config"
-
-// Store config globally for hooks to access
-let pluginConfig: any = cryptoAuthConfig
-
-export const cryptoAuthPlugin: Plugin = {
-  name: "crypto-auth",
-  version: "1.0.0",
-  description: "Sistema de autenticação baseado em criptografia Ed25519 para FluxStack",
-  author: "FluxStack Team",
-  priority: 100, // Alta prioridade para autenticação
-  category: "auth",
-  tags: ["authentication", "ed25519", "cryptography", "security"],
-  dependencies: [],
-  
-  configSchema: {
-    type: "object",
-    properties: {
-      enabled: {
-        type: "boolean",
-        description: "Habilitar autenticação criptográfica"
-      },
-      maxTimeDrift: {
-        type: "number",
-        minimum: 30000,
-        description: "Máximo drift de tempo permitido em millisegundos (previne replay attacks)"
-      },
-      adminKeys: {
-        type: "array",
-        items: { type: "string" },
-        description: "Chaves públicas dos administradores (hex 64 caracteres)"
-      },
-      enableMetrics: {
-        type: "boolean",
-        description: "Habilitar métricas de autenticação"
-      }
-    },
-    additionalProperties: false
-  },
-
-  defaultConfig: {
-    enabled: true,
-    maxTimeDrift: 300000, // 5 minutos
-    adminKeys: [],
-    enableMetrics: true
-  },
-
-  // CLI Commands
-  commands: [
-    makeProtectedRouteCommand
-  ],
-
-  setup: async (context: PluginContext) => {
-    // ✅ Plugin usa sua própria configuração (já importada no topo)
-    if (!cryptoAuthConfig.enabled) {
-      context.logger.info('Crypto Auth plugin desabilitado por configuração')
-      return
-    }
-
-    // Inicializar serviço de autenticação (SEM SESSÕES)
-    const authService = new CryptoAuthService({
-      maxTimeDrift: cryptoAuthConfig.maxTimeDrift,
-      adminKeys: cryptoAuthConfig.adminKeys,
-      logger: context.logger
-    })
-
-    // Inicializar middleware de autenticação (sem path matching)
-    const authMiddleware = new AuthMiddleware(authService, {
-      logger: context.logger
-    })
-
-    // Armazenar instâncias no contexto global
-    ;(global as any).cryptoAuthService = authService
-    ;(global as any).cryptoAuthMiddleware = authMiddleware
-
-    context.logger.info("✅ Crypto Auth plugin inicializado", {
-      mode: 'middleware-based',
-      maxTimeDrift: cryptoAuthConfig.maxTimeDrift,
-      adminKeys: cryptoAuthConfig.adminKeys.length,
-      usage: 'Use cryptoAuthRequired(), cryptoAuthAdmin(), cryptoAuthOptional() nas rotas'
-    })
-  },
-
-  // @ts-ignore - plugin property não está no tipo oficial mas é suportada
-  plugin: new Elysia({ prefix: "/api/auth" })
-    .get("/info", () => ({
-      name: "FluxStack Crypto Auth",
-      description: "Autenticação baseada em assinatura Ed25519",
-      version: "1.0.0",
-      mode: "middleware-based",
-      how_it_works: {
-        step1: "Cliente gera par de chaves Ed25519 (pública + privada) localmente",
-        step2: "Cliente armazena chave privada no navegador (NUNCA envia ao servidor)",
-        step3: "Para cada requisição, cliente assina com chave privada",
-        step4: "Cliente envia: chave pública + assinatura + dados",
-        step5: "Servidor valida assinatura usando chave pública recebida"
-      },
-      required_headers: {
-        "x-public-key": "Chave pública Ed25519 (hex 64 chars)",
-        "x-timestamp": "Timestamp da requisição (milliseconds)",
-        "x-nonce": "Nonce aleatório (previne replay)",
-        "x-signature": "Assinatura Ed25519 da mensagem (hex)"
-      },
-      admin_keys: (global as any).cryptoAuthService?.getStats().adminKeys || 0,
-      usage: {
-        required: "import { cryptoAuthRequired } from '@/plugins/crypto-auth/server'",
-        admin: "import { cryptoAuthAdmin } from '@/plugins/crypto-auth/server'",
-        optional: "import { cryptoAuthOptional } from '@/plugins/crypto-auth/server'",
-        permissions: "import { cryptoAuthPermissions } from '@/plugins/crypto-auth/server'"
-      }
-    })),
-
-  onResponse: async (context: ResponseContext) => {
-    if (!cryptoAuthConfig.enableMetrics) return
-
-    // Log métricas de autenticação
-    const user = (context as any).user
-    const authError = (context as any).authError
-
-    if (user) {
-      console.debug("Requisição autenticada", {
-        publicKey: user.publicKey?.substring(0, 8) + "...",
-        isAdmin: user.isAdmin,
-        path: context.path,
-        method: context.method,
-        duration: context.duration
-      })
-    } else if (authError) {
-      console.warn("Falha na autenticação", {
-        error: authError,
-        path: context.path,
-        method: context.method
-      })
-    }
-  },
-
-  onServerStart: async (context: PluginContext) => {
-    if (cryptoAuthConfig.enabled) {
-      context.logger.info("✅ Crypto Auth plugin ativo", {
-        mode: 'middleware-based',
-        adminKeys: cryptoAuthConfig.adminKeys.length,
-        maxTimeDrift: `${cryptoAuthConfig.maxTimeDrift}ms`,
-        usage: 'Use cryptoAuthRequired(), cryptoAuthAdmin() nas rotas'
-      })
-    }
-  }
-}
-
-export default cryptoAuthPlugin

package/plugins/crypto-auth/package.json

@@ -1,66 +0,0 @@
-{
-  "name": "@fluxstack/crypto-auth-plugin",
-  "version": "1.0.0",
-  "description": "Plugin de autenticação criptográfica Ed25519 para FluxStack",
-  "main": "index.ts",
-  "types": "index.ts",
-  "exports": {
-    ".": {
-      "import": "./index.ts",
-      "types": "./index.ts"
-    },
-    "./client": {
-      "import": "./client/index.ts",
-      "types": "./client/index.ts"
-    },
-    "./server": {
-      "import": "./server/index.ts",
-      "types": "./server/index.ts"
-    }
-  },
-  "keywords": [
-    "fluxstack",
-    "plugin",
-    "authentication",
-    "ed25519",
-    "cryptography",
-    "security",
-    "react",
-    "typescript"
-  ],
-  "author": "FluxStack Team",
-  "license": "MIT",
-  "peerDependencies": {
-    "react": ">=16.8.0"
-  },
-  "peerDependenciesMeta": {
-    "react": {
-      "optional": true
-    }
-  },
-  "dependencies": {
-    "@noble/curves": "1.2.0",
-    "@noble/hashes": "1.3.2"
-  },
-  "devDependencies": {
-    "@types/react": "^18.0.0",
-    "typescript": "^5.0.0"
-  },
-  "fluxstack": {
-    "plugin": true,
-    "version": "^1.0.0",
-    "hooks": [
-      "setup",
-      "onServerStart",
-      "onRequest",
-      "onResponse"
-    ],
-    "category": "auth",
-    "tags": [
-      "authentication",
-      "ed25519",
-      "cryptography",
-      "security"
-    ]
-  }
-}