npm - exguard-client - Versions diffs - 1.0.0 - Mend

exguard-client 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/index.cjs ADDED Viewed

@@ -0,0 +1,1002 @@
+'use strict';
+var axios = require('axios');
+var reactRouter = require('react-router');
+var React = require('react');
+var jsxRuntime = require('react/jsx-runtime');
+var lucideReact = require('lucide-react');
+var socket_ioClient = require('socket.io-client');
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+var axios__default = /*#__PURE__*/_interopDefault(axios);
+var React__default = /*#__PURE__*/_interopDefault(React);
+var __defProp = Object.defineProperty;
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
+// src/config/exguard-config.ts
+var DEFAULT_EXGUARD_CONFIG = {
+  apiUrl: "",
+  withCredentials: true
+};
+var configuredApiUrl = "";
+var setExGuardConfig = (config) => {
+  if (config.apiUrl) {
+    configuredApiUrl = config.apiUrl;
+  }
+};
+var getExGuardApiUrl = () => {
+  if (configuredApiUrl) {
+    return configuredApiUrl;
+  }
+  if (typeof window !== "undefined") {
+    if (window.__EXGUARD_API_URL__) {
+      return window.__EXGUARD_API_URL__;
+    }
+  }
+  return "http://localhost:3000";
+};
+var EXGUARD_STORAGE_KEYS = {
+  ACCESS_TOKEN: "access_token",
+  ID_TOKEN: "id_token",
+  REFRESH_TOKEN: "refresh_token"
+};
+// src/config/realtime-rbac-config.ts
+var EXGUARD_RBAC_CHANNELS = {
+  ROLES: "roles",
+  PERMISSIONS: "permissions",
+  RBAC: "rbac"
+};
+var EXGUARD_RBAC_EVENTS = {
+  // Role events
+  ROLE_CREATED: "role:created",
+  ROLE_UPDATED: "role:updated",
+  ROLE_DELETED: "role:deleted",
+  // Permission events
+  PERMISSION_CREATED: "permission:created",
+  PERMISSION_UPDATED: "permission:updated",
+  PERMISSION_DELETED: "permission:deleted",
+  // Role-Permission events
+  ROLE_PERMISSION_ASSIGNED: "role-permission:assigned",
+  ROLE_PERMISSION_REMOVED: "role-permission:removed",
+  // User RBAC events
+  USER_ROLES_UPDATED: "user:roles-updated",
+  USER_PERMISSIONS_CHANGED: "user:permissions-changed",
+  USER_ACCESS_CHANGED: "user:access-changed",
+  RBAC_USER_ASSIGNED_TO_GROUP: "rbac:user-assigned-to-group",
+  RBAC_USER_REMOVED_FROM_GROUP: "rbac:user-removed-from-group",
+  RBAC_PERMISSIONS_UPDATED: "rbac:permissions-updated",
+  // User status events
+  USER_ONLINE: "user:online",
+  USER_OFFLINE: "user:offline",
+  // Group events
+  GROUP_UPDATED: "group:updated"
+};
+var RBAC_RECONNECT_DELAY = 300;
+[
+  EXGUARD_RBAC_EVENTS.ROLE_UPDATED,
+  EXGUARD_RBAC_EVENTS.PERMISSION_UPDATED,
+  EXGUARD_RBAC_EVENTS.USER_ACCESS_CHANGED
+];
+[
+  EXGUARD_RBAC_EVENTS.USER_ROLES_UPDATED,
+  EXGUARD_RBAC_EVENTS.USER_PERMISSIONS_CHANGED,
+  EXGUARD_RBAC_EVENTS.USER_ACCESS_CHANGED,
+  EXGUARD_RBAC_EVENTS.RBAC_USER_ASSIGNED_TO_GROUP,
+  EXGUARD_RBAC_EVENTS.RBAC_USER_REMOVED_FROM_GROUP,
+  EXGUARD_RBAC_EVENTS.RBAC_PERMISSIONS_UPDATED
+];
+[
+  EXGUARD_RBAC_EVENTS.ROLE_CREATED,
+  EXGUARD_RBAC_EVENTS.ROLE_UPDATED,
+  EXGUARD_RBAC_EVENTS.ROLE_DELETED,
+  EXGUARD_RBAC_EVENTS.ROLE_PERMISSION_ASSIGNED
+];
+[
+  EXGUARD_RBAC_EVENTS.PERMISSION_CREATED,
+  EXGUARD_RBAC_EVENTS.PERMISSION_UPDATED,
+  EXGUARD_RBAC_EVENTS.PERMISSION_DELETED
+];
+var guardApiClient = axios__default.default.create({
+  baseURL: getExGuardApiUrl(),
+  withCredentials: true,
+  headers: {
+    "Content-Type": "application/json"
+  }
+});
+guardApiClient.interceptors.request.use(
+  (config) => {
+    const token = window.localStorage.getItem(EXGUARD_STORAGE_KEYS.ACCESS_TOKEN);
+    if (token) {
+      config.headers.Authorization = `Bearer ${token}`;
+    }
+    return config;
+  },
+  (error) => Promise.reject(error instanceof Error ? error : new Error(String(error)))
+);
+async function verifyToken() {
+  try {
+    const idToken = window.localStorage.getItem(EXGUARD_STORAGE_KEYS.ID_TOKEN);
+    const response = await guardApiClient.post("/guard/verify-token", {
+      id_token: idToken
+    });
+    if (response.data.success && response.data.data) {
+      console.log("Token verification response:", response.data.data);
+      const backendData = response.data.data;
+      const mappedResponse = {
+        valid: true,
+        user: backendData.user ? {
+          userId: backendData.user.id,
+          username: backendData.user.username,
+          email: backendData.user.email,
+          givenName: backendData.user.givenName,
+          familyName: backendData.user.familyName
+        } : void 0
+      };
+      console.log("Mapped user data:", mappedResponse.user);
+      return mappedResponse;
+    }
+    throw new Error(response.data.message ?? "Token verification failed");
+  } catch (error) {
+    const axiosError = error;
+    if (axiosError.response?.data) {
+      const errorData = axiosError.response.data;
+      const errorMessage = errorData.message ?? "Token verification failed";
+      throw new Error(errorMessage);
+    }
+    throw error;
+  }
+}
+async function getUserAccess() {
+  try {
+    const response = await guardApiClient.get("/guard/me");
+    if (response.data.success && response.data.data) {
+      console.log("User Access Data:", response.data.data);
+      console.log("User Details:", response.data.data.user);
+      console.log("User Roles:", response.data.data.roles);
+      console.log("User Groups:", response.data.data.groups);
+      console.log("User Modules:", response.data.data.modules);
+      console.log("User Field Offices:", response.data.data.fieldOffices);
+      return response.data.data;
+    }
+    throw new Error(response.data.message ?? "Failed to get user access data");
+  } catch (error) {
+    const axiosError = error;
+    if (axiosError.response?.data) {
+      const errorData = axiosError.response.data;
+      const errorMessage = errorData.message ?? "Failed to get user access data";
+      throw new Error(errorMessage);
+    }
+    throw error;
+  }
+}
+var ExGuardRealtimeContext = React.createContext(void 0);
+// src/hooks/use-user-access.ts
+var useUserAccess = (options = {}) => {
+  const { enabled = true, refetchInterval = 0 } = options;
+  const [userAccess, setUserAccess] = React.useState(null);
+  const [isLoading, setIsLoading] = React.useState(true);
+  const [error, setError] = React.useState(null);
+  const realtimeContext = React.use(ExGuardRealtimeContext);
+  const fetchUserAccess = React.useCallback(async () => {
+    if (!enabled) return;
+    try {
+      console.log("[useUserAccess] \u{1F504} Fetching user access data...");
+      setIsLoading(true);
+      setError(null);
+      const data = await getUserAccess();
+      setUserAccess(data);
+      console.log("[useUserAccess] \u2705 User access refreshed successfully", {
+        userId: data.user.id,
+        username: data.user.username,
+        modulesCount: data.modules.length,
+        modules: data.modules.map((m) => m.key)
+      });
+    } catch (err) {
+      const errorObj = err instanceof Error ? err : new Error("Failed to fetch user access");
+      setError(errorObj);
+      console.error("[useUserAccess] \u274C Failed to fetch user access:", errorObj);
+    } finally {
+      setIsLoading(false);
+    }
+  }, [enabled]);
+  React.useEffect(() => {
+    if (!realtimeContext) {
+      console.warn("[useUserAccess] \u26A0\uFE0F RealtimeContext not available");
+      return;
+    }
+    console.log("[useUserAccess] \u{1F4E1} Registering RBAC refresh callback");
+    const unsubscribe = realtimeContext.registerRbacRefreshCallback(fetchUserAccess);
+    console.log("[useUserAccess] \u2705 RBAC refresh callback registered");
+    return () => {
+      console.log("[useUserAccess] \u{1F507} Unregistering RBAC refresh callback");
+      unsubscribe();
+    };
+  }, [realtimeContext, fetchUserAccess]);
+  React.useEffect(() => {
+    void fetchUserAccess();
+    if (refetchInterval > 0) {
+      const interval = setInterval(() => {
+        void fetchUserAccess();
+      }, refetchInterval);
+      return () => {
+        clearInterval(interval);
+      };
+    }
+  }, [fetchUserAccess, refetchInterval]);
+  const hasModuleAccess = React.useCallback(
+    (moduleKey) => {
+      if (!userAccess) return false;
+      const module = userAccess.modules.find((m) => m.key.toLowerCase() === moduleKey.toLowerCase());
+      return !!module && module.permissions.length > 0;
+    },
+    [userAccess]
+  );
+  const getModulePermissions = React.useCallback(
+    (moduleKey) => {
+      if (!userAccess) return [];
+      const module = userAccess.modules.find((m) => m.key.toLowerCase() === moduleKey.toLowerCase());
+      return module?.permissions ?? [];
+    },
+    [userAccess]
+  );
+  const hasPermission = React.useCallback(
+    (moduleKey, permission) => {
+      const permissions = getModulePermissions(moduleKey);
+      return permissions.includes(permission);
+    },
+    [getModulePermissions]
+  );
+  return {
+    userAccess,
+    isLoading,
+    error,
+    hasModuleAccess,
+    getModulePermissions,
+    hasPermission,
+    refetch: fetchUserAccess
+  };
+};
+function Spinner({ className = "" }) {
+  return /* @__PURE__ */ jsxRuntime.jsx(
+    "div",
+    {
+      className: `animate-spin rounded-full border-4 border-solid border-current border-r-transparent align-[-0.125em] motion-reduce:animate-[spin_1.5s_linear_infinite] ${className}`,
+      role: "status",
+      children: /* @__PURE__ */ jsxRuntime.jsx("span", { className: "!absolute !-m-px !h-px !w-px !overflow-hidden !whitespace-nowrap !border-0 !p-0 ![clip:rect(0,0,0,0)]", children: "Loading..." })
+    }
+  );
+}
+function Button({
+  className = "",
+  variant = "default",
+  size = "default",
+  children,
+  ...props
+}) {
+  const baseStyles = "inline-flex items-center justify-center rounded-md text-sm font-medium ring-offset-background transition-colors focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:pointer-events-none disabled:opacity-50";
+  const variantStyles = {
+    default: "bg-primary text-primary-foreground hover:bg-primary/90",
+    outline: "border border-input bg-background hover:bg-accent hover:text-accent-foreground",
+    destructive: "bg-destructive text-destructive-foreground hover:bg-destructive/90",
+    ghost: "hover:bg-accent hover:text-accent-foreground",
+    link: "text-primary underline-offset-4 hover:underline"
+  };
+  const sizeStyles = {
+    default: "h-10 px-4 py-2",
+    sm: "h-9 rounded-md px-3",
+    lg: "h-11 rounded-md px-8",
+    icon: "h-10 w-10"
+  };
+  return /* @__PURE__ */ jsxRuntime.jsx(
+    "button",
+    {
+      className: `${baseStyles} ${variantStyles[variant]} ${sizeStyles[size]} ${className}`,
+      ...props,
+      children
+    }
+  );
+}
+function Card({ className = "", children, ...props }) {
+  return /* @__PURE__ */ jsxRuntime.jsx(
+    "div",
+    {
+      className: `rounded-lg border bg-card text-card-foreground shadow-sm ${className}`,
+      ...props,
+      children
+    }
+  );
+}
+function CardHeader({ className = "", children, ...props }) {
+  return /* @__PURE__ */ jsxRuntime.jsx("div", { className: `flex flex-col space-y-1.5 p-6 ${className}`, ...props, children });
+}
+function CardTitle({ className = "", children, ...props }) {
+  return /* @__PURE__ */ jsxRuntime.jsx("h3", { className: `text-2xl font-semibold leading-none tracking-tight ${className}`, ...props, children });
+}
+function CardDescription({ className = "", children, ...props }) {
+  return /* @__PURE__ */ jsxRuntime.jsx("p", { className: `text-sm text-muted-foreground ${className}`, ...props, children });
+}
+function CardContent({ className = "", children, ...props }) {
+  return /* @__PURE__ */ jsxRuntime.jsx("div", { className: `p-6 pt-0 ${className}`, ...props, children });
+}
+function PermissionGuard({
+  module,
+  permission,
+  requireModule = true,
+  requirePermission = true,
+  fallbackPath
+}) {
+  const { isLoading, hasModuleAccess, hasPermission } = useUserAccess();
+  if (isLoading) {
+    return /* @__PURE__ */ jsxRuntime.jsx("div", { className: "flex items-center justify-center min-h-[400px]", children: /* @__PURE__ */ jsxRuntime.jsx(Spinner, { className: "size-8" }) });
+  }
+  const hasModule = hasModuleAccess(module);
+  const moduleCheckFailed = requireModule && !hasModule;
+  const hasSpecificPermission = permission ? hasPermission(module, permission) : true;
+  const permissionCheckFailed = permission && requirePermission && !hasSpecificPermission;
+  const accessDenied = moduleCheckFailed || permissionCheckFailed;
+  if (accessDenied && fallbackPath) {
+    return /* @__PURE__ */ jsxRuntime.jsx(reactRouter.Navigate, { to: fallbackPath, replace: true });
+  }
+  if (accessDenied) {
+    const denialReason = moduleCheckFailed ? {
+      title: "Module Access Required",
+      description: `Access to the ${module} module is required to view this page`,
+      detail: `Your current account permissions do not include access to the ${module} module. This module may be restricted to specific roles or user groups.`
+    } : {
+      title: "Permission Required",
+      description: `The permission "${permission ?? "unknown"}" is needed to access this resource`,
+      detail: `Your account has access to the ${module} module but lacks the specific permission required for this action. This permission may need to be assigned to your role or user group.`
+    };
+    return /* @__PURE__ */ jsxRuntime.jsx("div", { className: "flex items-center justify-center min-h-[calc(100vh-4rem)] p-6", children: /* @__PURE__ */ jsxRuntime.jsxs(Card, { className: "w-full max-w-lg", children: [
+      /* @__PURE__ */ jsxRuntime.jsxs(CardHeader, { className: "text-center pb-4", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "mx-auto mb-4 flex size-16 items-center justify-center rounded-full bg-destructive/10", children: moduleCheckFailed ? /* @__PURE__ */ jsxRuntime.jsx(lucideReact.Lock, { className: "size-8 text-destructive" }) : /* @__PURE__ */ jsxRuntime.jsx(lucideReact.ShieldAlert, { className: "size-8 text-destructive" }) }),
+        /* @__PURE__ */ jsxRuntime.jsx(CardTitle, { className: "text-2xl", children: denialReason.title }),
+        /* @__PURE__ */ jsxRuntime.jsx(CardDescription, { className: "text-base", children: denialReason.description })
+      ] }),
+      /* @__PURE__ */ jsxRuntime.jsxs(CardContent, { className: "space-y-4", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "rounded-lg bg-muted p-4", children: /* @__PURE__ */ jsxRuntime.jsx("p", { className: "text-sm text-muted-foreground", children: denialReason.detail }) }),
+        /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex flex-col gap-2 sm:flex-row sm:justify-center", children: [
+          /* @__PURE__ */ jsxRuntime.jsxs(
+            Button,
+            {
+              variant: "outline",
+              onClick: () => {
+                window.history.back();
+              },
+              className: "w-full sm:w-auto",
+              children: [
+                /* @__PURE__ */ jsxRuntime.jsx(lucideReact.ArrowLeft, { className: "mr-2 size-4" }),
+                "Go Back"
+              ]
+            }
+          ),
+          /* @__PURE__ */ jsxRuntime.jsx(
+            Button,
+            {
+              variant: "default",
+              onClick: () => {
+                window.location.href = "/";
+              },
+              className: "w-full sm:w-auto",
+              children: "Return to Dashboard"
+            }
+          )
+        ] })
+      ] })
+    ] }) });
+  }
+  return /* @__PURE__ */ jsxRuntime.jsx(reactRouter.Outlet, {});
+}
+var RealtimeClient = class {
+  constructor(apiUrl) {
+    __publicField(this, "socket", null);
+    __publicField(this, "apiUrl");
+    __publicField(this, "listeners", /* @__PURE__ */ new Map());
+    __publicField(this, "isConnected", false);
+    __publicField(this, "debug", true);
+    // Enable/disable debug logging
+    __publicField(this, "connectionPromise", null);
+    this.apiUrl = apiUrl ?? getExGuardApiUrl();
+    this.log("\u{1F7E2} RealtimeClient initialized", { apiUrl: this.apiUrl });
+  }
+  log(message, data) {
+    if (this.debug) {
+      console.log(`[RealtimeClient] ${message}`, data);
+    }
+  }
+  logError(message, error) {
+    console.error(`[RealtimeClient] ${message}`, error);
+  }
+  logWarn(message, data) {
+    console.warn(`[RealtimeClient] ${message}`, data);
+  }
+  /**
+   * Connect to the realtime server
+   */
+  connect(token, userId) {
+    if (!token) {
+      this.logError("\u274C Cannot connect - token is missing or empty");
+      return Promise.reject(new Error("Missing authentication token"));
+    }
+    if (!userId) {
+      this.logError("\u274C Cannot connect - userId is missing or empty");
+      return Promise.reject(new Error("Missing userId"));
+    }
+    if (this.connectionPromise) {
+      this.log("\u23F3 Connection already in progress, returning existing promise");
+      return this.connectionPromise;
+    }
+    this.connectionPromise = new Promise((resolve, reject) => {
+      try {
+        this.log("\u{1F50C} Attempting to connect...", { apiUrl: this.apiUrl, userId, hasToken: !!token });
+        if (this.socket?.connected) {
+          this.log("\u2705 Already connected");
+          this.connectionPromise = null;
+          resolve();
+          return;
+        }
+        const socketUrl = `${this.apiUrl}/realtime`;
+        this.log("\u{1F680} Creating Socket.IO connection", {
+          url: socketUrl,
+          transports: ["websocket", "polling"],
+          userId
+        });
+        this.socket = socket_ioClient.io(socketUrl, {
+          auth: {
+            token,
+            userId
+          },
+          transports: ["websocket", "polling"],
+          reconnection: true,
+          reconnectionDelay: 1e3,
+          reconnectionDelayMax: 5e3,
+          reconnectionAttempts: 5
+        });
+        this.socket.on("connect", () => {
+          this.isConnected = true;
+          this.log("\u2705 Connected to realtime server", {
+            socketId: this.socket?.id,
+            userId
+          });
+          this.connectionPromise = null;
+          resolve();
+        });
+        this.socket.on("disconnect", (reason) => {
+          this.isConnected = false;
+          this.log("\u274C Disconnected from realtime server", { reason });
+        });
+        this.socket.on("connect_error", (error) => {
+          this.logError("\u274C Connection error (check token and backend)", error);
+          this.connectionPromise = null;
+          const errorMessage = error instanceof Error ? error.message : String(error);
+          reject(new Error(`Connection error: ${errorMessage}`));
+        });
+        this.socket.on("error", (error) => {
+          this.logError("\u274C Realtime error", error);
+          this.connectionPromise = null;
+          const errorMessage = error instanceof Error ? error.message : String(error);
+          reject(new Error(`Socket.IO error: ${errorMessage}`));
+        });
+        this.socket.on("reconnect_attempt", () => {
+          this.log("\u{1F504} Attempting to reconnect...");
+        });
+        this.socket.on("reconnect", () => {
+          this.isConnected = true;
+          this.log("\u{1F501} Reconnected to realtime server", {
+            socketId: this.socket?.id
+          });
+        });
+        this.socket.on("reconnect_failed", () => {
+          this.logError("\u274C Reconnection failed after maximum attempts");
+          this.connectionPromise = null;
+          reject(new Error("Reconnection failed"));
+        });
+        this.socket.onAny((eventName, payload) => {
+          this.log(`\u{1F4E8} Raw event received`, {
+            eventName,
+            payloadType: typeof payload,
+            payload
+          });
+          const payloadObj = typeof payload === "object" && payload !== null ? payload : {};
+          const eventType = eventName;
+          const normalizedPayload = {
+            type: eventType,
+            timestamp: "timestamp" in payloadObj ? typeof payloadObj.timestamp === "number" ? payloadObj.timestamp : new Date(payloadObj.timestamp).getTime() : Date.now(),
+            data: "data" in payloadObj ? payloadObj.data : payload
+          };
+          this.log(`\u{1F4E8} Event processed: ${eventType}`, {
+            type: normalizedPayload.type,
+            timestamp: normalizedPayload.timestamp,
+            dataKeys: typeof normalizedPayload.data === "object" && normalizedPayload.data !== null ? Object.keys(normalizedPayload.data) : "N/A"
+          });
+          this.handleEvent(eventType, normalizedPayload);
+        });
+      } catch (error) {
+        this.logError("Failed to initialize connection", error);
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        reject(new Error(`Connection initialization failed: ${errorMessage}`));
+      }
+    });
+    return this.connectionPromise;
+  }
+  /**
+   * Disconnect from the realtime server
+   */
+  disconnect() {
+    this.log("\u{1F50C} Disconnecting from realtime server...");
+    if (this.socket) {
+      this.socket.disconnect();
+      this.socket = null;
+      this.isConnected = false;
+      this.log("\u2705 Disconnected");
+    }
+  }
+  /**
+   * Check if connected
+   */
+  getIsConnected() {
+    return this.isConnected && this.socket?.connected === true;
+  }
+  /**
+   * Wait for connection to be ready (with timeout)
+   */
+  async waitForConnection(timeoutMs = 3e4) {
+    const startTime = Date.now();
+    while (Date.now() - startTime < timeoutMs) {
+      if (this.getIsConnected()) {
+        this.log("\u2705 Connection ready");
+        return;
+      }
+      await new Promise((resolve) => setTimeout(resolve, 100));
+    }
+    this.logError("\u274C Timeout waiting for connection", { timeoutMs, elapsed: Date.now() - startTime });
+    throw new Error("Connection timeout - failed to establish WebSocket connection");
+  }
+  /**
+   * Subscribe to a specific event type
+   */
+  subscribe(eventType, handler) {
+    if (!this.listeners.has(eventType)) {
+      this.listeners.set(eventType, /* @__PURE__ */ new Set());
+    }
+    this.listeners.get(eventType)?.add(handler);
+    const listenerCount = this.listeners.get(eventType)?.size ?? 0;
+    this.log(`\u{1F4CC} Subscribed to event: ${eventType}`, { totalListeners: listenerCount });
+    return () => {
+      const handlers = this.listeners.get(eventType);
+      if (handlers) {
+        handlers.delete(handler);
+        this.log(`\u{1F4CD} Unsubscribed from event: ${eventType}`, {
+          remainingListeners: handlers.size
+        });
+      }
+    };
+  }
+  /**
+   * Unsubscribe from an event
+   */
+  unsubscribe(eventType, handler) {
+    const handlers = this.listeners.get(eventType);
+    if (handlers) {
+      handlers.delete(handler);
+      this.log(`\u{1F4CD} Unsubscribed from event: ${eventType}`, {
+        remainingListeners: handlers.size
+      });
+    }
+  }
+  /**
+   * Send a subscription message to the server with connection wait
+   */
+  async subscribeToChannel(channel) {
+    try {
+      this.log(`\u{1F4E1} Subscribing to channel: ${channel}`);
+      await this.waitForConnection(15e3);
+      this.log(`\u{1F4E1} Emitting subscribe event for channel: ${channel}`);
+      this.socket?.emit(`subscribe:${channel}`);
+      this.log(`\u2705 Subscribed to channel: ${channel}`);
+    } catch (error) {
+      this.logError(`\u274C Failed to subscribe to channel "${channel}"`, error);
+      throw error;
+    }
+  }
+  /**
+   * Send an unsubscription message to the server
+   */
+  unsubscribeFromChannel(channel) {
+    if (!this.socket?.connected) {
+      this.logWarn(`Cannot unsubscribe from channel "${channel}" - socket not connected`);
+      return;
+    }
+    this.log(`\u{1F4E1} Unsubscribing from channel: ${channel}`);
+    this.socket.emit(`unsubscribe:${channel}`);
+  }
+  /**
+   * Handle incoming events
+   */
+  handleEvent(eventType, payload) {
+    const handlers = this.listeners.get(eventType);
+    if (handlers && handlers.size > 0) {
+      this.log(`\u{1F514} Triggering ${String(handlers.size)} handler(s) for event: ${eventType}`);
+      handlers.forEach((handler) => {
+        try {
+          handler(payload);
+        } catch (error) {
+          this.logError(`Error in event handler for ${eventType}`, error);
+        }
+      });
+    }
+    const wildcardHandlers = this.listeners.get("*");
+    if (wildcardHandlers && wildcardHandlers.size > 0) {
+      this.log(`\u{1F514} Triggering ${String(wildcardHandlers.size)} wildcard handler(s)`);
+      wildcardHandlers.forEach((handler) => {
+        try {
+          handler(payload);
+        } catch (error) {
+          this.logError("Error in wildcard event handler", error);
+        }
+      });
+    }
+  }
+  /**
+   * Get all connected listeners count
+   */
+  getListenerCount(eventType) {
+    if (eventType) {
+      return this.listeners.get(eventType)?.size ?? 0;
+    }
+    let total = 0;
+    this.listeners.forEach((handlers) => {
+      total += handlers.size;
+    });
+    return total;
+  }
+  /**
+   * Enable or disable debug logging
+   */
+  setDebug(enabled) {
+    this.debug = enabled;
+    this.log(`Debug logging ${enabled ? "enabled" : "disabled"}`);
+  }
+  /**
+   * Get connection status summary
+   */
+  getStatus() {
+    const status = {
+      isConnected: this.getIsConnected(),
+      socketId: this.socket?.id ?? "N/A",
+      apiUrl: this.apiUrl,
+      totalListeners: this.getListenerCount(),
+      listeners: Array.from(this.listeners.entries()).map(([event, handlers]) => ({
+        event,
+        count: handlers.size
+      }))
+    };
+    this.log("\u{1F4CA} Connection Status", status);
+    return status;
+  }
+};
+var realtimeClient = new RealtimeClient();
+if (typeof window !== "undefined") {
+  const w = window;
+  w.__realtimeClient = {
+    client: realtimeClient,
+    connect: (token, userId) => realtimeClient.connect(token, userId),
+    disconnect: () => {
+      realtimeClient.disconnect();
+    },
+    isConnected: () => realtimeClient.getIsConnected(),
+    setDebug: (enabled) => {
+      realtimeClient.setDebug(enabled);
+    },
+    status: () => realtimeClient.getStatus(),
+    getListenerCount: (eventType) => realtimeClient.getListenerCount(eventType)
+  };
+  console.log("\u{1F3AF} RealtimeClient debug tools available at: window.__realtimeClient");
+}
+// src/hooks/use-realtime.ts
+function useRealtimeRbac(eventType, handler) {
+  const handlerRef = React.useRef(handler);
+  React.useEffect(() => {
+    handlerRef.current = handler;
+  }, [handler]);
+  React.useEffect(() => {
+    const unsubscribe = realtimeClient.subscribe(eventType, (payload) => {
+      handlerRef.current(payload);
+    });
+    return () => {
+      unsubscribe();
+    };
+  }, [eventType]);
+}
+function useRealtimeSubscription(channel) {
+  React.useEffect(() => {
+    let isMounted = true;
+    realtimeClient.subscribeToChannel(channel).catch((error) => {
+      if (isMounted) {
+        console.error(`Failed to subscribe to channel "${channel}":`, error);
+      }
+    });
+    return () => {
+      isMounted = false;
+      realtimeClient.unsubscribeFromChannel(channel);
+    };
+  }, [channel]);
+}
+function useRealtimeAll(handler) {
+  const handlerRef = React.useRef(handler);
+  React.useEffect(() => {
+    handlerRef.current = handler;
+  }, [handler]);
+  React.useEffect(() => {
+    const unsubscribe = realtimeClient.subscribe("*", (payload) => {
+      handlerRef.current(payload);
+    });
+    return () => {
+      unsubscribe();
+    };
+  }, []);
+}
+function useExGuardRealtime() {
+  const context = React.use(ExGuardRealtimeContext);
+  if (!context) {
+    throw new Error("useExGuardRealtime must be used within a ExGuardRealtimeProvider");
+  }
+  return context;
+}
+// src/hooks/use-exguard-rbac.ts
+function useExGuardRbacChannels() {
+  useRealtimeSubscription(EXGUARD_RBAC_CHANNELS.RBAC);
+  useRealtimeSubscription(EXGUARD_RBAC_CHANNELS.ROLES);
+  useRealtimeSubscription(EXGUARD_RBAC_CHANNELS.PERMISSIONS);
+}
+// src/utils/exguard-realtime-utils.ts
+async function getCurrentUserId() {
+  try {
+    const userAccess = await getUserAccess();
+    console.log("[ExGuardRealtimeUtils] \u{1F4E1} Fetched user access:", {
+      id: userAccess.user.id,
+      cognitoSubId: userAccess.user.cognitoSubId,
+      email: userAccess.user.email
+    });
+    return userAccess.user.cognitoSubId;
+  } catch (error) {
+    console.error("[ExGuardRealtimeUtils] Failed to fetch user:", error);
+    return null;
+  }
+}
+function ExGuardRealtimeProvider({ children }) {
+  const [isConnected, setIsConnected] = React__default.default.useState(false);
+  const connectionAttempted = React.useRef(false);
+  const rbacRefreshCallbacks = React.useRef(/* @__PURE__ */ new Set());
+  const currentUserRef = React.useRef(null);
+  const currentUserIdRef = React.useRef(null);
+  const registerRbacRefreshCallback = (callback) => {
+    rbacRefreshCallbacks.current.add(callback);
+    return () => {
+      rbacRefreshCallbacks.current.delete(callback);
+    };
+  };
+  const triggerRbacRefresh = async () => {
+    console.log("[ExGuardRealtimeProvider] \u{1F504} Triggering RBAC refresh for all listeners", {
+      callbackCount: rbacRefreshCallbacks.current.size
+    });
+    if (rbacRefreshCallbacks.current.size === 0) {
+      console.warn("[ExGuardRealtimeProvider] \u26A0\uFE0F No RBAC refresh callbacks registered!");
+      return;
+    }
+    const refreshPromises = Array.from(rbacRefreshCallbacks.current).map((cb, index) => {
+      console.log(
+        `[ExGuardRealtimeProvider] \u{1F504} Executing callback ${String(index + 1)}/${String(rbacRefreshCallbacks.current.size)}`
+      );
+      return cb().catch((err) => {
+        console.error(`[ExGuardRealtimeProvider] \u274C Error during RBAC refresh callback ${String(index + 1)}:`, err);
+      });
+    });
+    await Promise.all(refreshPromises);
+    console.log("[ExGuardRealtimeProvider] \u2705 All RBAC refresh callbacks completed");
+  };
+  const handleReconnect = async () => {
+    if (!currentUserRef.current) {
+      console.warn("[ExGuardRealtimeProvider] \u26A0\uFE0F No user credentials available for reconnect");
+      return;
+    }
+    const { token, userId } = currentUserRef.current;
+    console.log("[ExGuardRealtimeProvider] \u{1F504} Manual reconnect requested for", { userId });
+    await handleConnect(token, userId);
+  };
+  const handleRefreshRbac = async () => {
+    console.log("[ExGuardRealtimeProvider] \u{1F504} Manual RBAC refresh requested");
+    await triggerRbacRefresh();
+  };
+  React.useEffect(() => {
+    const accessToken = localStorage.getItem("access_token");
+    console.log("[ExGuardRealtimeProvider] \u{1F50D} Checking credentials on mount:", {
+      hasAccessToken: Boolean(accessToken),
+      tokenLength: accessToken?.length
+    });
+    if (!accessToken) {
+      console.warn("[ExGuardRealtimeProvider] \u26A0\uFE0F No access token found in localStorage");
+      return;
+    }
+    if (connectionAttempted.current) {
+      return;
+    }
+    connectionAttempted.current = true;
+    const initializeConnection = async () => {
+      try {
+        const userId = await getCurrentUserId();
+        if (!userId) {
+          console.error("[ExGuardRealtimeProvider] \u274C Failed to get userId from backend");
+          return;
+        }
+        console.log("[ExGuardRealtimeProvider] \u{1F680} Initiating realtime connection", {
+          userId
+        });
+        currentUserRef.current = { token: accessToken, userId };
+        currentUserIdRef.current = userId;
+        await realtimeClient.connect(accessToken, userId);
+        console.log("[ExGuardRealtimeProvider] \u2705 Auto-connection successful");
+        setIsConnected(true);
+        console.log("[ExGuardRealtimeProvider] \u{1F3A7} Setting up INDIVIDUAL user notification listener");
+        realtimeClient.subscribe("user:access-changed", (payload) => {
+          const { userId: eventUserId, roleId, action } = payload.data;
+          console.log("[ExGuardRealtimeProvider] \u{1F3AF} INDIVIDUAL: Your access has been changed!", {
+            eventUserId,
+            roleId,
+            action,
+            currentUserId: currentUserIdRef.current
+          });
+          console.log("[ExGuardRealtimeProvider] \u2705 Event received in our personal room! Refreshing access...");
+          console.log(
+            `[ExGuardRealtimeProvider] \u{1F4E2} Triggering RBAC refresh for ${String(rbacRefreshCallbacks.current.size)} registered callbacks`
+          );
+          void triggerRbacRefresh();
+        });
+        console.log("[ExGuardRealtimeProvider] \u2705 Individual user event listener registered");
+      } catch (error) {
+        console.error("[ExGuardRealtimeProvider] \u274C Failed to establish realtime connection:");
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        const tokenStr = accessToken ? accessToken.substring(0, 20) + "..." : "";
+        console.error("[ExGuardRealtimeProvider] Error details:", {
+          message: errorMessage,
+          token: tokenStr
+        });
+        setIsConnected(false);
+      }
+    };
+    void initializeConnection();
+    let lastConnectedState = realtimeClient.getIsConnected();
+    const interval = setInterval(() => {
+      const currentConnectedState = realtimeClient.getIsConnected();
+      if (currentConnectedState !== lastConnectedState) {
+        console.log("[ExGuardRealtimeProvider] \u{1F504} Connection status changed:", {
+          from: lastConnectedState,
+          to: currentConnectedState
+        });
+        lastConnectedState = currentConnectedState;
+        setIsConnected(currentConnectedState);
+      }
+    }, 1e3);
+    return () => {
+      clearInterval(interval);
+    };
+  }, []);
+  const handleConnect = async (token, userId) => {
+    try {
+      console.log("[ExGuardRealtimeProvider] \u{1F50C} Manual connection requested", { userId });
+      currentUserRef.current = { token, userId };
+      await realtimeClient.connect(token, userId);
+      setIsConnected(true);
+      console.log("[ExGuardRealtimeProvider] \u2705 Manual connection successful");
+    } catch (error) {
+      console.error("[ExGuardRealtimeProvider] \u274C Failed to connect to realtime:", error);
+      setIsConnected(false);
+      throw error;
+    }
+  };
+  const handleDisconnect = () => {
+    console.log("[ExGuardRealtimeProvider] \u{1F50C} Disconnection requested");
+    realtimeClient.disconnect();
+    setIsConnected(false);
+  };
+  const value = {
+    isConnected,
+    connect: handleConnect,
+    disconnect: handleDisconnect,
+    reconnect: handleReconnect,
+    refreshRbac: handleRefreshRbac,
+    registerRbacRefreshCallback
+  };
+  return /* @__PURE__ */ jsxRuntime.jsx(ExGuardRealtimeContext, { value, children });
+}
+function useExGuardRealtimeSubscription(channel = "RBAC", options = {}) {
+  const { registerRbacRefreshCallback } = useExGuardRealtime();
+  const { autoSubscribe = true, events } = options;
+  const channelName = EXGUARD_RBAC_CHANNELS[channel];
+  React.useEffect(() => {
+    if (!autoSubscribe) {
+      return;
+    }
+    console.log(`[useExGuardRealtimeSubscription] \u{1F4E1} Subscribing to channel: ${channelName}`);
+    void realtimeClient.subscribeToChannel(channelName);
+    if (events && events.length > 0) {
+      const unsubscribers2 = [];
+      events.forEach((eventType) => {
+        const unsubscribe = realtimeClient.subscribe(eventType, () => {
+          console.log(`[useExGuardRealtimeSubscription] \u{1F514} Received event: ${eventType}`);
+        });
+        unsubscribers2.push(unsubscribe);
+      });
+      return () => {
+        console.log(`[useExGuardRealtimeSubscription] \u{1F9F9} Cleaning up subscriptions for channel: ${channelName}`);
+        unsubscribers2.forEach((unsubscribe) => {
+          unsubscribe();
+        });
+        realtimeClient.unsubscribeFromChannel(channelName);
+      };
+    }
+    const defaultRbacEvents = [
+      EXGUARD_RBAC_EVENTS.ROLE_CREATED,
+      EXGUARD_RBAC_EVENTS.ROLE_UPDATED,
+      EXGUARD_RBAC_EVENTS.ROLE_DELETED,
+      EXGUARD_RBAC_EVENTS.PERMISSION_CREATED,
+      EXGUARD_RBAC_EVENTS.PERMISSION_UPDATED,
+      EXGUARD_RBAC_EVENTS.PERMISSION_DELETED,
+      EXGUARD_RBAC_EVENTS.ROLE_PERMISSION_ASSIGNED,
+      EXGUARD_RBAC_EVENTS.ROLE_PERMISSION_REMOVED,
+      EXGUARD_RBAC_EVENTS.USER_ONLINE,
+      EXGUARD_RBAC_EVENTS.GROUP_UPDATED
+    ];
+    const unsubscribers = [];
+    defaultRbacEvents.forEach((eventType) => {
+      const unsubscribe = realtimeClient.subscribe(eventType, () => {
+        console.log(`[useExGuardRealtimeSubscription] \u{1F514} Received event: ${eventType}`);
+      });
+      unsubscribers.push(unsubscribe);
+    });
+    const unregisterCallback = registerRbacRefreshCallback(() => {
+      console.log(`[useExGuardRealtimeSubscription] \u{1F504} RBAC refresh triggered for channel: ${channelName}`);
+      return Promise.resolve();
+    });
+    return () => {
+      console.log(`[useExGuardRealtimeSubscription] \u{1F9F9} Cleaning up subscriptions for channel: ${channelName}`);
+      unsubscribers.forEach((unsubscribe) => {
+        unsubscribe();
+      });
+      unregisterCallback();
+      realtimeClient.unsubscribeFromChannel(channelName);
+    };
+  }, [channelName, autoSubscribe, events, registerRbacRefreshCallback]);
+}
+exports.DEFAULT_EXGUARD_CONFIG = DEFAULT_EXGUARD_CONFIG;
+exports.EXGUARD_RBAC_CHANNELS = EXGUARD_RBAC_CHANNELS;
+exports.EXGUARD_RBAC_EVENTS = EXGUARD_RBAC_EVENTS;
+exports.EXGUARD_STORAGE_KEYS = EXGUARD_STORAGE_KEYS;
+exports.ExGuardRealtimeContext = ExGuardRealtimeContext;
+exports.ExGuardRealtimeProvider = ExGuardRealtimeProvider;
+exports.PermissionGuard = PermissionGuard;
+exports.RBAC_RECONNECT_DELAY = RBAC_RECONNECT_DELAY;
+exports.getCurrentUserId = getCurrentUserId;
+exports.getExGuardApiUrl = getExGuardApiUrl;
+exports.getUserAccess = getUserAccess;
+exports.realtimeClient = realtimeClient;
+exports.setExGuardConfig = setExGuardConfig;
+exports.useExGuardRbacChannels = useExGuardRbacChannels;
+exports.useExGuardRealtime = useExGuardRealtime;
+exports.useExGuardRealtimeSubscription = useExGuardRealtimeSubscription;
+exports.useRealtimeAll = useRealtimeAll;
+exports.useRealtimeRbac = useRealtimeRbac;
+exports.useRealtimeSubscription = useRealtimeSubscription;
+exports.useUserAccess = useUserAccess;
+exports.verifyToken = verifyToken;
+//# sourceMappingURL=index.cjs.map
+//# sourceMappingURL=index.cjs.map