godgpt-web-auth 0.1.0

package/dist/index.cjs

@@ -0,0 +1,1089 @@
+'use strict';
+
+var react = require('react');
+var jsxRuntime = require('react/jsx-runtime');
+
+// src/auth/components/AuthProvider.tsx
+
+// src/auth/config.ts
+function validateConfig(config) {
+  if (!config.backendUrl) {
+    throw new Error("[Auth] backendUrl is required in AuthConfig");
+  }
+  if (!config.google && !config.apple && !config.email?.enabled) {
+    console.warn(
+      "[Auth] No auth strategies configured. Enable at least one: google, apple, or email."
+    );
+  }
+  if (config.google && !config.google.clientId) {
+    throw new Error("[Auth] google.clientId is required when google is enabled");
+  }
+  if (config.apple && !config.apple.clientId) {
+    throw new Error("[Auth] apple.clientId is required when apple is enabled");
+  }
+  console.log("[Auth] Config validated:", {
+    backendUrl: config.backendUrl,
+    hasGoogle: !!config.google,
+    hasApple: !!config.apple,
+    hasEmail: !!config.email?.enabled
+  });
+}
+
+// src/auth/services/storageService.ts
+var localStorageAdapter = {
+  getItem: (key) => localStorage.getItem(key),
+  setItem: (key, value) => localStorage.setItem(key, value),
+  removeItem: (key) => localStorage.removeItem(key)
+};
+var memoryStorageAdapter = () => {
+  const store = /* @__PURE__ */ new Map();
+  return {
+    getItem: (key) => store.get(key) ?? null,
+    setItem: (key, value) => {
+      store.set(key, value);
+    },
+    removeItem: (key) => {
+      store.delete(key);
+    }
+  };
+};
+var TOKEN_KEY = "auth_token_data";
+function createStorageService(adapter) {
+  return {
+    /**
+     * Save tokens to storage
+     */
+    async saveTokens(tokens) {
+      try {
+        const dataToStore = {
+          ...tokens,
+          stored_at: Date.now()
+        };
+        await adapter.setItem(TOKEN_KEY, JSON.stringify(dataToStore));
+        console.log("[Auth Storage] Tokens saved successfully");
+      } catch (error) {
+        console.error("[Auth Storage] Failed to save tokens:", error);
+        throw error;
+      }
+    },
+    /**
+     * Get tokens from storage
+     * Returns null if no tokens exist or if they're invalid
+     */
+    async getTokens() {
+      try {
+        const data = await adapter.getItem(TOKEN_KEY);
+        if (!data) {
+          return null;
+        }
+        const parsed = JSON.parse(data);
+        const { stored_at: _storedAt, ...tokens } = parsed;
+        return tokens;
+      } catch (error) {
+        console.error("[Auth Storage] Failed to get tokens:", error);
+        await this.clearTokens();
+        return null;
+      }
+    },
+    /**
+     * Get raw stored data (including metadata like stored_at)
+     */
+    async getRawData() {
+      try {
+        const data = await adapter.getItem(TOKEN_KEY);
+        if (!data) {
+          return null;
+        }
+        return JSON.parse(data);
+      } catch (error) {
+        console.error("[Auth Storage] Failed to get raw data:", error);
+        return null;
+      }
+    },
+    /**
+     * Clear tokens from storage
+     */
+    async clearTokens() {
+      try {
+        await adapter.removeItem(TOKEN_KEY);
+        console.log("[Auth Storage] Tokens cleared");
+      } catch (error) {
+        console.error("[Auth Storage] Failed to clear tokens:", error);
+      }
+    },
+    /**
+     * Check if tokens exist in storage
+     */
+    async hasTokens() {
+      const data = await adapter.getItem(TOKEN_KEY);
+      return data !== null;
+    },
+    /**
+     * Check if stored tokens are expired
+     * Uses expires_in from the token data
+     */
+    async isTokenExpired() {
+      try {
+        const rawData = await this.getRawData();
+        if (!rawData) {
+          return true;
+        }
+        const { stored_at, tokens } = rawData;
+        const expiresIn = tokens.expires_in;
+        if (!stored_at || !expiresIn) {
+          return true;
+        }
+        const expirationTime = stored_at + expiresIn * 1e3;
+        const isExpired = Date.now() >= expirationTime;
+        if (isExpired) {
+          console.log("[Auth Storage] Token is expired");
+        }
+        return isExpired;
+      } catch (error) {
+        console.error(
+          "[Auth Storage] Failed to check token expiration:",
+          error
+        );
+        return true;
+      }
+    },
+    /**
+     * Get the time until token expires (in milliseconds)
+     * Returns 0 if token is expired or doesn't exist
+     */
+    async getTimeUntilExpiry() {
+      try {
+        const rawData = await this.getRawData();
+        if (!rawData) {
+          return 0;
+        }
+        const { stored_at, tokens } = rawData;
+        const expiresIn = tokens.expires_in;
+        if (!stored_at || !expiresIn) {
+          return 0;
+        }
+        const expirationTime = stored_at + expiresIn * 1e3;
+        const timeRemaining = expirationTime - Date.now();
+        return Math.max(0, timeRemaining);
+      } catch (error) {
+        console.error("[Auth Storage] Failed to get time until expiry:", error);
+        return 0;
+      }
+    }
+  };
+}
+var storageService = createStorageService(localStorageAdapter);
+var AuthInternalContext = react.createContext(null);
+function AuthProvider({
+  children,
+  config,
+  onLogout
+}) {
+  const [tokens, setTokens] = react.useState(null);
+  const [isLoading, setIsLoading] = react.useState(false);
+  const [isAuthLoaded, setIsAuthLoaded] = react.useState(false);
+  react.useEffect(() => {
+    validateConfig(config);
+    const initializeAuth = async () => {
+      console.log("[AuthProvider] Initializing auth state");
+      try {
+        const storedTokens = await storageService.getTokens();
+        if (storedTokens) {
+          const isExpired = await storageService.isTokenExpired();
+          if (isExpired) {
+            console.log("[AuthProvider] Stored tokens are expired, clearing");
+            await storageService.clearTokens();
+            onLogout?.();
+          } else {
+            console.log("[AuthProvider] Valid tokens found, restoring session");
+            setTokens(storedTokens);
+          }
+        } else {
+          console.log("[AuthProvider] No stored tokens found");
+        }
+      } catch (error) {
+        console.error("[AuthProvider] Error initializing auth:", error);
+        await storageService.clearTokens();
+      } finally {
+        setIsAuthLoaded(true);
+      }
+    };
+    initializeAuth();
+  }, [config, onLogout]);
+  const _setTokens = react.useCallback(async (newTokens) => {
+    console.log("[AuthProvider] Setting tokens");
+    await storageService.saveTokens(newTokens);
+    setTokens(newTokens);
+  }, []);
+  const _setLoading = react.useCallback((loading) => {
+    setIsLoading(loading);
+  }, []);
+  const logout = react.useCallback(async () => {
+    console.log("[AuthProvider] Logging out");
+    await storageService.clearTokens();
+    setTokens(null);
+    onLogout?.();
+  }, [onLogout]);
+  const contextValue = react.useMemo(
+    () => ({
+      // Public API
+      tokens,
+      logout,
+      isLoading,
+      isAuthLoaded,
+      // Internal API (for LoginPage)
+      config,
+      _setTokens,
+      _setLoading
+    }),
+    [tokens, logout, isLoading, isAuthLoaded, config, _setTokens, _setLoading]
+  );
+  return /* @__PURE__ */ jsxRuntime.jsx(AuthInternalContext.Provider, { value: contextValue, children });
+}
+function useAuth() {
+  const context = react.useContext(AuthInternalContext);
+  if (!context) {
+    throw new Error("useAuth must be used within an AuthProvider");
+  }
+  return {
+    tokens: context.tokens,
+    logout: context.logout,
+    isLoading: context.isLoading,
+    isAuthLoaded: context.isAuthLoaded
+  };
+}
+function useAuthInternal() {
+  const context = react.useContext(AuthInternalContext);
+  if (!context) {
+    throw new Error("useAuthInternal must be used within an AuthProvider");
+  }
+  return context;
+}
+
+// src/auth/services/tokenService.ts
+async function exchangeToken(params, provider, config) {
+  console.log(`[Auth Token] Exchanging ${provider} credentials for tokens`);
+  try {
+    const bodyParams = {
+      grant_type: provider,
+      client_id: "AevatarAuthServer",
+      // TODO: Make configurable via config
+      scope: "Aevatar offline_access"
+    };
+    if (provider !== "password") {
+      bodyParams.source = "web";
+    }
+    if (config.google && config.appId) {
+      bodyParams.google_app_id = config.appId;
+    }
+    if (config.apple) {
+      bodyParams.apple_app_id = config.apple.clientId;
+    }
+    if (params.id_token) {
+      bodyParams.id_token = params.id_token;
+    }
+    if (params.code) {
+      bodyParams.code = params.code;
+    }
+    if (params.username) {
+      bodyParams.username = params.username;
+    }
+    if (params.password) {
+      bodyParams.password = params.password;
+    }
+    const body = Object.entries(bodyParams).map(([k, v]) => `${k}=${encodeURIComponent(v)}`).join("&");
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), 15e3);
+    const response = await fetch(`${config.backendUrl}/connect/token`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        Accept: "application/json"
+      },
+      body,
+      signal: controller.signal
+    });
+    clearTimeout(timeoutId);
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => ({}));
+      console.error(
+        `[Auth Token] Exchange failed (${provider}):`,
+        response.status,
+        errorData
+      );
+      return {
+        success: false,
+        state: "error",
+        tokens: null,
+        message: errorData.error_description || errorData.error || `HTTP ${response.status}: ${response.statusText}`,
+        provider
+      };
+    }
+    const tokens = await response.json();
+    console.log(`[Auth Token] Exchange successful for ${provider}`);
+    return {
+      success: true,
+      state: "success",
+      tokens: {
+        access_token: tokens.access_token,
+        refresh_token: tokens.refresh_token,
+        expires_in: tokens.expires_in,
+        token_type: tokens.token_type
+      },
+      message: "Login successful",
+      provider
+    };
+  } catch (error) {
+    const isTimeout = error instanceof Error && error.name === "AbortError";
+    const errorMessage = isTimeout ? "Request timed out. Please check your connection." : error instanceof Error ? error.message : "Login failed";
+    console.error(`[Auth Token] Exchange error (${provider}):`, error);
+    return {
+      success: false,
+      state: "error",
+      tokens: null,
+      message: errorMessage,
+      provider
+    };
+  }
+}
+async function refreshToken(refresh_token, backendUrl) {
+  console.log("[Auth Token] Refreshing access token");
+  try {
+    const body = new URLSearchParams({
+      grant_type: "refresh_token",
+      client_id: "AevatarAuthServer",
+      // TODO: Make configurable
+      refresh_token
+    }).toString();
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), 15e3);
+    const response = await fetch(`${backendUrl}/connect/token`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        Accept: "application/json"
+      },
+      body,
+      signal: controller.signal
+    });
+    clearTimeout(timeoutId);
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => ({}));
+      console.error("[Auth Token] Refresh failed:", response.status, errorData);
+      throw new Error(
+        errorData.error_description || `Refresh failed: ${response.status}`
+      );
+    }
+    const tokens = await response.json();
+    console.log("[Auth Token] Refresh successful");
+    return {
+      access_token: tokens.access_token,
+      refresh_token: tokens.refresh_token,
+      expires_in: tokens.expires_in,
+      token_type: tokens.token_type
+    };
+  } catch (error) {
+    const isTimeout = error instanceof Error && error.name === "AbortError";
+    console.error(
+      "[Auth Token] Refresh error:",
+      isTimeout ? "Request timed out" : error
+    );
+    return null;
+  }
+}
+
+// src/auth/strategies/google.ts
+var googleSDKLoaded = false;
+var googleSDKLoading = null;
+function loadGoogleSDK() {
+  if (googleSDKLoaded && window.google?.accounts) {
+    return Promise.resolve();
+  }
+  if (googleSDKLoading) {
+    return googleSDKLoading;
+  }
+  googleSDKLoading = new Promise((resolve, reject) => {
+    if (window.google?.accounts) {
+      googleSDKLoaded = true;
+      resolve();
+      return;
+    }
+    console.log("[Auth Google] Loading Google Identity Services SDK");
+    const script = document.createElement("script");
+    script.src = "https://accounts.google.com/gsi/client";
+    script.async = true;
+    script.defer = true;
+    script.onload = () => {
+      console.log("[Auth Google] SDK loaded successfully");
+      googleSDKLoaded = true;
+      resolve();
+    };
+    script.onerror = () => {
+      console.error("[Auth Google] Failed to load SDK");
+      googleSDKLoading = null;
+      reject(new Error("Failed to load Google Identity Services SDK"));
+    };
+    document.head.appendChild(script);
+  });
+  return googleSDKLoading;
+}
+async function signInWithGoogle(config) {
+  console.log("[Auth Google] Starting Google sign-in");
+  console.log("[Auth Google] Current origin:", window.location.origin);
+  if (!config.google?.clientId) {
+    console.error("[Auth Google] No client ID configured");
+    return {
+      success: false,
+      state: "error",
+      tokens: null,
+      message: "Google client ID not configured",
+      provider: "google"
+    };
+  }
+  console.log("[Auth Google] Client ID:", config.google.clientId.substring(0, 20) + "...");
+  try {
+    console.log("[Auth Google] Loading SDK...");
+    await loadGoogleSDK();
+    if (!window.google?.accounts) {
+      throw new Error("Google SDK not available after loading");
+    }
+    console.log("[Auth Google] SDK loaded, starting OAuth flow...");
+    return await signInWithGoogleRedirect(config);
+  } catch (error) {
+    console.error("[Auth Google] Sign-in error:", error);
+    return {
+      success: false,
+      state: "error",
+      tokens: null,
+      message: error instanceof Error ? error.message : "Google login failed",
+      provider: "google"
+    };
+  }
+}
+async function signInWithGoogleRedirect(config) {
+  return new Promise((resolve) => {
+    const clientId = config.google.clientId;
+    const redirectUri = window.location.origin;
+    const nonce = Math.random().toString(36).substring(2, 15);
+    console.log("[Auth Google] OAuth redirect flow:");
+    console.log("  - Client ID:", clientId);
+    console.log("  - Redirect URI:", redirectUri);
+    console.log("  \u26A0\uFE0F Make sure this redirect URI is added to Google Cloud Console!");
+    const params = new URLSearchParams({
+      client_id: clientId,
+      redirect_uri: redirectUri,
+      response_type: "id_token",
+      scope: "openid email profile",
+      nonce,
+      prompt: "select_account"
+    });
+    const authUrl = `https://accounts.google.com/o/oauth2/v2/auth?${params}`;
+    console.log("[Auth Google] Auth URL:", authUrl);
+    const width = 500;
+    const height = 600;
+    const left = window.screenX + (window.outerWidth - width) / 2;
+    const top = window.screenY + (window.outerHeight - height) / 2;
+    const popup = window.open(
+      authUrl,
+      "google-auth",
+      `width=${width},height=${height},left=${left},top=${top}`
+    );
+    if (!popup) {
+      resolve({
+        success: false,
+        state: "error",
+        tokens: null,
+        message: "Popup was blocked. Please allow popups for this site.",
+        provider: "google"
+      });
+      return;
+    }
+    const pollInterval = setInterval(() => {
+      try {
+        if (popup.closed) {
+          clearInterval(pollInterval);
+          resolve({
+            success: false,
+            state: "cancelled",
+            tokens: null,
+            message: "Google Sign-In was cancelled",
+            provider: "google"
+          });
+          return;
+        }
+        const url = popup.location.href;
+        if (url.startsWith(redirectUri)) {
+          clearInterval(pollInterval);
+          popup.close();
+          const hash = new URL(url.replace("#", "?")).searchParams;
+          const idToken = hash.get("id_token");
+          const error = hash.get("error");
+          if (error) {
+            resolve({
+              success: false,
+              state: "error",
+              tokens: null,
+              message: hash.get("error_description") || error,
+              provider: "google"
+            });
+            return;
+          }
+          if (idToken) {
+            exchangeToken({ id_token: idToken }, "google", config).then(resolve);
+          } else {
+            resolve({
+              success: false,
+              state: "error",
+              tokens: null,
+              message: "No token received from Google",
+              provider: "google"
+            });
+          }
+        }
+      } catch {
+      }
+    }, 500);
+    setTimeout(() => {
+      clearInterval(pollInterval);
+      if (!popup.closed) {
+        popup.close();
+      }
+      resolve({
+        success: false,
+        state: "error",
+        tokens: null,
+        message: "Google Sign-In timed out",
+        provider: "google"
+      });
+    }, 5 * 60 * 1e3);
+  });
+}
+
+// src/auth/strategies/apple.ts
+var appleSDKLoaded = false;
+var appleSDKLoading = null;
+var appleInitialized = false;
+function loadAppleSDK() {
+  if (appleSDKLoaded && window.AppleID) {
+    return Promise.resolve();
+  }
+  if (appleSDKLoading) {
+    return appleSDKLoading;
+  }
+  appleSDKLoading = new Promise((resolve, reject) => {
+    if (window.AppleID) {
+      appleSDKLoaded = true;
+      resolve();
+      return;
+    }
+    console.log("[Auth Apple] Loading Apple Sign In JS SDK");
+    const script = document.createElement("script");
+    script.src = "https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js";
+    script.async = true;
+    script.onload = () => {
+      console.log("[Auth Apple] SDK loaded successfully");
+      appleSDKLoaded = true;
+      resolve();
+    };
+    script.onerror = () => {
+      console.error("[Auth Apple] Failed to load SDK");
+      appleSDKLoading = null;
+      reject(new Error("Failed to load Apple Sign In JS SDK"));
+    };
+    document.head.appendChild(script);
+  });
+  return appleSDKLoading;
+}
+function initializeApple(config) {
+  if (appleInitialized || !window.AppleID || !config.apple) {
+    return;
+  }
+  const isLocalhost = window.location.hostname === "localhost" || window.location.hostname === "127.0.0.1";
+  const redirectUri = isLocalhost ? window.location.origin : config.apple.redirectUri || window.location.origin;
+  console.log("[Auth Apple] Initializing with config:", {
+    clientId: config.apple.clientId,
+    redirectUri,
+    isLocalhost,
+    currentOrigin: window.location.origin
+  });
+  window.AppleID.auth.init({
+    clientId: config.apple.clientId,
+    scope: "name email",
+    redirectURI: redirectUri,
+    usePopup: true
+  });
+  appleInitialized = true;
+}
+async function signInWithApple(config) {
+  console.log("[Auth Apple] Starting Apple sign-in");
+  if (!config.apple?.clientId) {
+    console.error("[Auth Apple] No client ID configured");
+    return {
+      success: false,
+      state: "error",
+      tokens: null,
+      message: "Apple client ID not configured",
+      provider: "apple"
+    };
+  }
+  const isLocalhost = window.location.hostname === "localhost" || window.location.hostname === "127.0.0.1";
+  if (isLocalhost) {
+    console.warn("[Auth Apple] Running on localhost - Apple Sign In requires:");
+    console.warn("  1. Your Service ID (com.gpt.godweb) must have localhost configured in Apple Developer Portal");
+    console.warn("  2. Return URL must include: http://localhost:5173 (or your port)");
+  }
+  try {
+    console.log("[Auth Apple] Loading SDK...");
+    await loadAppleSDK();
+    if (!window.AppleID) {
+      throw new Error("Apple SDK not available after loading");
+    }
+    appleInitialized = false;
+    initializeApple(config);
+    console.log("[Auth Apple] Calling Apple signIn...");
+    const response = await window.AppleID.auth.signIn();
+    console.log("[Auth Apple] Received response");
+    const code = response.authorization?.code;
+    const idToken = response.authorization?.id_token;
+    if (code) {
+      console.log("[Auth Apple] Exchanging authorization code");
+      return await exchangeToken({ code }, "apple", config);
+    } else if (idToken) {
+      console.log("[Auth Apple] Exchanging id_token");
+      return await exchangeToken({ id_token: idToken }, "apple", config);
+    } else {
+      return {
+        success: false,
+        state: "error",
+        tokens: null,
+        message: "No authorization code or token received from Apple",
+        provider: "apple"
+      };
+    }
+  } catch (error) {
+    const appleError = error;
+    if (appleError?.error === "popup_closed_by_user" || appleError?.error === "user_cancelled_authorize") {
+      console.log("[Auth Apple] Sign-in cancelled by user");
+      return {
+        success: false,
+        state: "cancelled",
+        tokens: null,
+        message: "Apple Sign-In was cancelled",
+        provider: "apple"
+      };
+    }
+    console.error("[Auth Apple] Sign-in error:", error);
+    return {
+      success: false,
+      state: "error",
+      tokens: null,
+      message: appleError?.error || (error instanceof Error ? error.message : "Apple login failed"),
+      provider: "apple"
+    };
+  }
+}
+
+// src/auth/strategies/email.ts
+async function signInWithEmail(email, password, config) {
+  console.log("[Auth Email] Starting email sign-in");
+  if (!email || !email.trim()) {
+    return {
+      success: false,
+      state: "error",
+      tokens: null,
+      message: "Email is required",
+      provider: "password"
+    };
+  }
+  if (!password) {
+    return {
+      success: false,
+      state: "error",
+      tokens: null,
+      message: "Password is required",
+      provider: "password"
+    };
+  }
+  const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+  if (!emailRegex.test(email.trim())) {
+    return {
+      success: false,
+      state: "error",
+      tokens: null,
+      message: "Please enter a valid email address",
+      provider: "password"
+    };
+  }
+  try {
+    const result = await exchangeToken(
+      {
+        username: email.trim(),
+        password
+      },
+      "password",
+      config
+    );
+    if (result.success) {
+      console.log("[Auth Email] Sign-in successful");
+    } else {
+      console.log("[Auth Email] Sign-in failed:", result.message);
+    }
+    return result;
+  } catch (error) {
+    console.error("[Auth Email] Sign-in error:", error);
+    return {
+      success: false,
+      state: "error",
+      tokens: null,
+      message: error instanceof Error ? error.message : "Email login failed",
+      provider: "password"
+    };
+  }
+}
+var GoogleIcon = () => /* @__PURE__ */ jsxRuntime.jsxs("svg", { className: "w-5 h-5", viewBox: "0 0 24 24", fill: "currentColor", children: [
+  /* @__PURE__ */ jsxRuntime.jsx(
+    "path",
+    {
+      d: "M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09z",
+      fill: "#4285F4"
+    }
+  ),
+  /* @__PURE__ */ jsxRuntime.jsx(
+    "path",
+    {
+      d: "M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z",
+      fill: "#34A853"
+    }
+  ),
+  /* @__PURE__ */ jsxRuntime.jsx(
+    "path",
+    {
+      d: "M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z",
+      fill: "#FBBC05"
+    }
+  ),
+  /* @__PURE__ */ jsxRuntime.jsx(
+    "path",
+    {
+      d: "M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z",
+      fill: "#EA4335"
+    }
+  )
+] });
+var AppleIcon = () => /* @__PURE__ */ jsxRuntime.jsx("svg", { className: "w-5 h-5", viewBox: "0 0 24 24", fill: "currentColor", children: /* @__PURE__ */ jsxRuntime.jsx("path", { d: "M17.05 20.28c-.98.95-2.05.88-3.08.4-1.09-.5-2.08-.48-3.24 0-1.44.62-2.2.44-3.06-.4C2.79 15.25 3.51 7.59 9.05 7.31c1.35.07 2.29.74 3.08.8 1.18-.24 2.31-.93 3.57-.84 1.51.12 2.65.72 3.4 1.8-3.12 1.87-2.38 5.98.48 7.13-.57 1.5-1.31 2.99-2.54 4.09l.01-.01zM12.03 7.25c-.15-2.23 1.66-4.07 3.74-4.25.29 2.58-2.34 4.5-3.74 4.25z" }) });
+var LoadingSpinner = () => /* @__PURE__ */ jsxRuntime.jsxs(
+  "svg",
+  {
+    className: "animate-spin h-5 w-5",
+    xmlns: "http://www.w3.org/2000/svg",
+    fill: "none",
+    viewBox: "0 0 24 24",
+    children: [
+      /* @__PURE__ */ jsxRuntime.jsx(
+        "circle",
+        {
+          className: "opacity-25",
+          cx: "12",
+          cy: "12",
+          r: "10",
+          stroke: "currentColor",
+          strokeWidth: "4"
+        }
+      ),
+      /* @__PURE__ */ jsxRuntime.jsx(
+        "path",
+        {
+          className: "opacity-75",
+          fill: "currentColor",
+          d: "M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
+        }
+      )
+    ]
+  }
+);
+var Button = ({
+  variant = "primary",
+  isLoading = false,
+  disabled,
+  children,
+  className = "",
+  ...props
+}) => {
+  const baseClasses = "min-h-[52px] px-6 rounded-[99px] font-semibold text-base transition-all duration-200 flex items-center justify-center gap-2 focus:outline-none";
+  const variantClasses = {
+    primary: "bg-black text-white active:opacity-80 active:scale-[0.98]",
+    secondary: "bg-white text-black border border-black active:opacity-80 active:scale-[0.98]"
+  };
+  const disabledClasses = "opacity-40 cursor-not-allowed pointer-events-none";
+  return /* @__PURE__ */ jsxRuntime.jsx(
+    "button",
+    {
+      className: `${baseClasses} ${variantClasses[variant]} ${disabled || isLoading ? disabledClasses : ""} ${className}`,
+      disabled: disabled || isLoading,
+      ...props,
+      children: isLoading ? /* @__PURE__ */ jsxRuntime.jsxs(jsxRuntime.Fragment, { children: [
+        /* @__PURE__ */ jsxRuntime.jsx(LoadingSpinner, {}),
+        /* @__PURE__ */ jsxRuntime.jsx("span", { children: "Loading..." })
+      ] }) : children
+    }
+  );
+};
+var Input = ({
+  label,
+  error,
+  className = "",
+  ...props
+}) => {
+  return /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "space-y-1", children: [
+    label && /* @__PURE__ */ jsxRuntime.jsx("label", { className: "block text-sm font-medium text-gray-700", children: label }),
+    /* @__PURE__ */ jsxRuntime.jsx(
+      "input",
+      {
+        className: `w-full px-4 py-3 border rounded-lg focus:outline-none focus:ring-2 focus:ring-black focus:border-transparent ${error ? "border-red-500" : "border-gray-300"} ${className}`,
+        ...props
+      }
+    ),
+    error && /* @__PURE__ */ jsxRuntime.jsx("p", { className: "text-sm text-red-500", children: error })
+  ] });
+};
+function LoginPage() {
+  const { config, _setTokens, _setLoading, isLoading } = useAuthInternal();
+  const [view, setView] = react.useState("main");
+  const [email, setEmail] = react.useState("");
+  const [password, setPassword] = react.useState("");
+  const [error, setError] = react.useState(null);
+  const [fieldErrors, setFieldErrors] = react.useState({});
+  const handleGoogleLogin = async () => {
+    if (!config.google) {
+      setError("Google sign-in is not configured");
+      return;
+    }
+    setError(null);
+    _setLoading(true);
+    try {
+      const result = await signInWithGoogle(config);
+      if (result.success && result.tokens) {
+        await _setTokens(result.tokens);
+      } else if (result.state !== "cancelled") {
+        setError(result.message || "Google sign-in failed");
+      }
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Google sign-in failed");
+    } finally {
+      _setLoading(false);
+    }
+  };
+  const handleAppleLogin = async () => {
+    if (!config.apple) {
+      setError("Apple sign-in is not configured");
+      return;
+    }
+    setError(null);
+    _setLoading(true);
+    try {
+      const result = await signInWithApple(config);
+      if (result.success && result.tokens) {
+        await _setTokens(result.tokens);
+      } else if (result.state !== "cancelled") {
+        setError(result.message || "Apple sign-in failed");
+      }
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Apple sign-in failed");
+    } finally {
+      _setLoading(false);
+    }
+  };
+  const handleEmailLogin = async (e) => {
+    e.preventDefault();
+    const errors = {};
+    if (!email.trim()) {
+      errors.email = "Email is required";
+    }
+    if (!password) {
+      errors.password = "Password is required";
+    }
+    if (Object.keys(errors).length > 0) {
+      setFieldErrors(errors);
+      return;
+    }
+    setError(null);
+    setFieldErrors({});
+    _setLoading(true);
+    try {
+      const result = await signInWithEmail(email, password, config);
+      if (result.success && result.tokens) {
+        await _setTokens(result.tokens);
+      } else {
+        setError(result.message || "Email sign-in failed");
+      }
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Email sign-in failed");
+    } finally {
+      _setLoading(false);
+    }
+  };
+  if (view === "email") {
+    return /* @__PURE__ */ jsxRuntime.jsx("div", { className: "min-h-screen bg-white flex flex-col px-5 py-8", children: /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex-1 flex flex-col max-w-md mx-auto w-full", children: [
+      /* @__PURE__ */ jsxRuntime.jsxs(
+        "button",
+        {
+          onClick: () => {
+            setView("main");
+            setError(null);
+            setFieldErrors({});
+          },
+          className: "self-start mb-8 flex items-center text-gray-600 active:opacity-80",
+          children: [
+            /* @__PURE__ */ jsxRuntime.jsx(
+              "svg",
+              {
+                className: "w-5 h-5 mr-2",
+                fill: "none",
+                stroke: "currentColor",
+                viewBox: "0 0 24 24",
+                children: /* @__PURE__ */ jsxRuntime.jsx(
+                  "path",
+                  {
+                    strokeLinecap: "round",
+                    strokeLinejoin: "round",
+                    strokeWidth: 2,
+                    d: "M15 19l-7-7 7-7"
+                  }
+                )
+              }
+            ),
+            "Back"
+          ]
+        }
+      ),
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "mb-12 text-center", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("h1", { className: "text-[30px] font-bold text-black mb-2", children: "Sign In" }),
+        /* @__PURE__ */ jsxRuntime.jsx("p", { className: "text-base text-gray-600", children: "Enter your email and password" })
+      ] }),
+      error && /* @__PURE__ */ jsxRuntime.jsx("div", { className: "mb-6 p-4 bg-red-50 border border-red-200 rounded-lg", children: /* @__PURE__ */ jsxRuntime.jsx("p", { className: "text-sm text-red-600", children: error }) }),
+      /* @__PURE__ */ jsxRuntime.jsxs("form", { onSubmit: handleEmailLogin, className: "space-y-6", children: [
+        /* @__PURE__ */ jsxRuntime.jsx(
+          Input,
+          {
+            type: "email",
+            label: "Email",
+            placeholder: "Enter your email",
+            value: email,
+            onChange: (e) => {
+              setEmail(e.target.value);
+              if (fieldErrors.email)
+                setFieldErrors({ ...fieldErrors, email: void 0 });
+            },
+            error: fieldErrors.email,
+            autoComplete: "email"
+          }
+        ),
+        /* @__PURE__ */ jsxRuntime.jsx(
+          Input,
+          {
+            type: "password",
+            label: "Password",
+            placeholder: "Enter your password",
+            value: password,
+            onChange: (e) => {
+              setPassword(e.target.value);
+              if (fieldErrors.password)
+                setFieldErrors({ ...fieldErrors, password: void 0 });
+            },
+            error: fieldErrors.password,
+            autoComplete: "current-password"
+          }
+        ),
+        /* @__PURE__ */ jsxRuntime.jsx(
+          Button,
+          {
+            type: "submit",
+            variant: "primary",
+            isLoading,
+            className: "w-full mt-8",
+            children: "Sign In"
+          }
+        )
+      ] })
+    ] }) });
+  }
+  return /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "min-h-screen bg-white flex flex-col px-5 py-8", children: [
+    /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex-1 flex flex-col justify-center max-w-md mx-auto w-full", children: [
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "mb-12 text-center", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("h1", { className: "text-[30px] font-bold text-black mb-2", children: "Welcome Back" }),
+        /* @__PURE__ */ jsxRuntime.jsx("p", { className: "text-base text-gray-600", children: "Sign in to continue" })
+      ] }),
+      error && /* @__PURE__ */ jsxRuntime.jsx("div", { className: "mb-6 p-4 bg-red-50 border border-red-200 rounded-lg", children: /* @__PURE__ */ jsxRuntime.jsx("p", { className: "text-sm text-red-600", children: error }) }),
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "space-y-3 mb-8", children: [
+        config.google && /* @__PURE__ */ jsxRuntime.jsxs(
+          Button,
+          {
+            variant: "secondary",
+            onClick: handleGoogleLogin,
+            disabled: isLoading,
+            className: "w-full",
+            children: [
+              /* @__PURE__ */ jsxRuntime.jsx(GoogleIcon, {}),
+              "Continue with Google"
+            ]
+          }
+        ),
+        config.apple && /* @__PURE__ */ jsxRuntime.jsxs(
+          Button,
+          {
+            variant: "secondary",
+            onClick: handleAppleLogin,
+            disabled: isLoading,
+            className: "w-full",
+            children: [
+              /* @__PURE__ */ jsxRuntime.jsx(AppleIcon, {}),
+              "Continue with Apple"
+            ]
+          }
+        )
+      ] }),
+      config.email?.enabled && (config.google || config.apple) && /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "relative mb-8", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "absolute inset-0 flex items-center", children: /* @__PURE__ */ jsxRuntime.jsx("div", { className: "w-full border-t border-gray-300" }) }),
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "relative flex justify-center text-sm", children: /* @__PURE__ */ jsxRuntime.jsx("span", { className: "px-4 bg-white text-gray-500", children: "Or continue with email" }) })
+      ] }),
+      config.email?.enabled && /* @__PURE__ */ jsxRuntime.jsx(
+        Button,
+        {
+          variant: "primary",
+          onClick: () => setView("email"),
+          disabled: isLoading,
+          className: "w-full",
+          children: "Continue with Email"
+        }
+      )
+    ] }),
+    /* @__PURE__ */ jsxRuntime.jsx("div", { className: "pb-[36px] px-5", children: /* @__PURE__ */ jsxRuntime.jsxs("p", { className: "text-xs text-gray-500 text-center leading-relaxed max-w-sm mx-auto", children: [
+      "By signing in, you agree to our",
+      " ",
+      /* @__PURE__ */ jsxRuntime.jsx("button", { className: "text-gray-700 underline underline-offset-2 active:opacity-80", children: "Terms and Conditions" }),
+      " ",
+      "and",
+      " ",
+      /* @__PURE__ */ jsxRuntime.jsx("button", { className: "text-gray-700 underline underline-offset-2 active:opacity-80", children: "Privacy Policy" }),
+      "."
+    ] }) })
+  ] });
+}
+
+exports.AuthProvider = AuthProvider;
+exports.LoginPage = LoginPage;
+exports.createStorageService = createStorageService;
+exports.exchangeToken = exchangeToken;
+exports.loadAppleSDK = loadAppleSDK;
+exports.loadGoogleSDK = loadGoogleSDK;
+exports.localStorageAdapter = localStorageAdapter;
+exports.memoryStorageAdapter = memoryStorageAdapter;
+exports.refreshToken = refreshToken;
+exports.signInWithApple = signInWithApple;
+exports.signInWithEmail = signInWithEmail;
+exports.signInWithGoogle = signInWithGoogle;
+exports.storageService = storageService;
+exports.useAuth = useAuth;
+exports.validateConfig = validateConfig;
+//# sourceMappingURL=index.cjs.map
+//# sourceMappingURL=index.cjs.map