hazo_auth 0.1.0

package/src/components/ui/skeleton.tsx

@@ -0,0 +1,15 @@
+import { cn } from "@/lib/utils"
+
+function Skeleton({
+  className,
+  ...props
+}: React.HTMLAttributes<HTMLDivElement>) {
+  return (
+    <div
+      className={cn("animate-pulse rounded-md bg-primary/10", className)}
+      {...props}
+    />
+  )
+}
+
+export { Skeleton }

package/src/components/ui/sonner.tsx

@@ -0,0 +1,31 @@
+"use client"
+
+import { useTheme } from "next-themes"
+import { Toaster as Sonner } from "sonner"
+
+type ToasterProps = React.ComponentProps<typeof Sonner>
+
+const Toaster = ({ ...props }: ToasterProps) => {
+  const { theme = "system" } = useTheme()
+
+  return (
+    <Sonner
+      theme={theme as ToasterProps["theme"]}
+      className="toaster group"
+      toastOptions={{
+        classNames: {
+          toast:
+            "group toast group-[.toaster]:bg-background group-[.toaster]:text-foreground group-[.toaster]:border-border group-[.toaster]:shadow-lg",
+          description: "group-[.toast]:text-muted-foreground",
+          actionButton:
+            "group-[.toast]:bg-primary group-[.toast]:text-primary-foreground",
+          cancelButton:
+            "group-[.toast]:bg-muted group-[.toast]:text-muted-foreground",
+        },
+      }}
+      {...props}
+    />
+  )
+}
+
+export { Toaster }

package/src/components/ui/switch.tsx

@@ -0,0 +1,29 @@
+"use client"
+
+import * as React from "react"
+import * as SwitchPrimitives from "@radix-ui/react-switch"
+
+import { cn } from "@/lib/utils"
+
+const Switch = React.forwardRef<
+  React.ElementRef<typeof SwitchPrimitives.Root>,
+  React.ComponentPropsWithoutRef<typeof SwitchPrimitives.Root>
+>(({ className, ...props }, ref) => (
+  <SwitchPrimitives.Root
+    className={cn(
+      "peer inline-flex h-5 w-9 shrink-0 cursor-pointer items-center rounded-full border-2 border-transparent shadow-sm transition-colors focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 focus-visible:ring-offset-background disabled:cursor-not-allowed disabled:opacity-50 data-[state=checked]:bg-primary data-[state=unchecked]:bg-input",
+      className
+    )}
+    {...props}
+    ref={ref}
+  >
+    <SwitchPrimitives.Thumb
+      className={cn(
+        "pointer-events-none block h-4 w-4 rounded-full bg-background shadow-lg ring-0 transition-transform data-[state=checked]:translate-x-4 data-[state=unchecked]:translate-x-0"
+      )}
+    />
+  </SwitchPrimitives.Root>
+))
+Switch.displayName = SwitchPrimitives.Root.displayName
+
+export { Switch }

package/src/components/ui/tabs.tsx

@@ -0,0 +1,55 @@
+"use client"
+
+import * as React from "react"
+import * as TabsPrimitive from "@radix-ui/react-tabs"
+
+import { cn } from "@/lib/utils"
+
+const Tabs = TabsPrimitive.Root
+
+const TabsList = React.forwardRef<
+  React.ElementRef<typeof TabsPrimitive.List>,
+  React.ComponentPropsWithoutRef<typeof TabsPrimitive.List>
+>(({ className, ...props }, ref) => (
+  <TabsPrimitive.List
+    ref={ref}
+    className={cn(
+      "inline-flex h-9 items-center justify-center rounded-lg bg-muted p-1 text-muted-foreground",
+      className
+    )}
+    {...props}
+  />
+))
+TabsList.displayName = TabsPrimitive.List.displayName
+
+const TabsTrigger = React.forwardRef<
+  React.ElementRef<typeof TabsPrimitive.Trigger>,
+  React.ComponentPropsWithoutRef<typeof TabsPrimitive.Trigger>
+>(({ className, ...props }, ref) => (
+  <TabsPrimitive.Trigger
+    ref={ref}
+    className={cn(
+      "inline-flex items-center justify-center whitespace-nowrap rounded-md px-3 py-1 text-sm font-medium ring-offset-background transition-all focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:pointer-events-none disabled:opacity-50 data-[state=active]:bg-background data-[state=active]:text-foreground data-[state=active]:shadow",
+      className
+    )}
+    {...props}
+  />
+))
+TabsTrigger.displayName = TabsPrimitive.Trigger.displayName
+
+const TabsContent = React.forwardRef<
+  React.ElementRef<typeof TabsPrimitive.Content>,
+  React.ComponentPropsWithoutRef<typeof TabsPrimitive.Content>
+>(({ className, ...props }, ref) => (
+  <TabsPrimitive.Content
+    ref={ref}
+    className={cn(
+      "mt-2 ring-offset-background focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2",
+      className
+    )}
+    {...props}
+  />
+))
+TabsContent.displayName = TabsPrimitive.Content.displayName
+
+export { Tabs, TabsList, TabsTrigger, TabsContent }

package/src/components/ui/tooltip.tsx

@@ -0,0 +1,32 @@
+"use client"
+
+import * as React from "react"
+import * as TooltipPrimitive from "@radix-ui/react-tooltip"
+
+import { cn } from "@/lib/utils"
+
+const TooltipProvider = TooltipPrimitive.Provider
+
+const Tooltip = TooltipPrimitive.Root
+
+const TooltipTrigger = TooltipPrimitive.Trigger
+
+const TooltipContent = React.forwardRef<
+  React.ElementRef<typeof TooltipPrimitive.Content>,
+  React.ComponentPropsWithoutRef<typeof TooltipPrimitive.Content>
+>(({ className, sideOffset = 4, ...props }, ref) => (
+  <TooltipPrimitive.Portal>
+    <TooltipPrimitive.Content
+      ref={ref}
+      sideOffset={sideOffset}
+      className={cn(
+        "z-50 overflow-hidden rounded-md bg-primary px-3 py-1.5 text-xs text-primary-foreground animate-in fade-in-0 zoom-in-95 data-[state=closed]:animate-out data-[state=closed]:fade-out-0 data-[state=closed]:zoom-out-95 data-[side=bottom]:slide-in-from-top-2 data-[side=left]:slide-in-from-right-2 data-[side=right]:slide-in-from-left-2 data-[side=top]:slide-in-from-bottom-2 origin-[--radix-tooltip-content-transform-origin]",
+        className
+      )}
+      {...props}
+    />
+  </TooltipPrimitive.Portal>
+))
+TooltipContent.displayName = TooltipPrimitive.Content.displayName
+
+export { Tooltip, TooltipTrigger, TooltipContent, TooltipProvider }

package/src/components/ui/vertical-tabs.tsx

@@ -0,0 +1,59 @@
+// file_description: vertical tabs component for sidebar-style navigation
+// section: client_directive
+"use client";
+
+// section: imports
+import * as React from "react";
+import * as TabsPrimitive from "@radix-ui/react-tabs";
+import { cn } from "@/lib/utils";
+
+// section: components
+const VerticalTabs = TabsPrimitive.Root;
+
+const VerticalTabsList = React.forwardRef<
+  React.ElementRef<typeof TabsPrimitive.List>,
+  React.ComponentPropsWithoutRef<typeof TabsPrimitive.List>
+>(({ className, ...props }, ref) => (
+  <TabsPrimitive.List
+    ref={ref}
+    className={cn(
+      "inline-flex flex-col items-start justify-start rounded-md bg-muted p-1 text-muted-foreground",
+      className
+    )}
+    {...props}
+  />
+));
+VerticalTabsList.displayName = "VerticalTabsList";
+
+const VerticalTabsTrigger = React.forwardRef<
+  React.ElementRef<typeof TabsPrimitive.Trigger>,
+  React.ComponentPropsWithoutRef<typeof TabsPrimitive.Trigger>
+>(({ className, ...props }, ref) => (
+  <TabsPrimitive.Trigger
+    ref={ref}
+    className={cn(
+      "inline-flex items-center justify-start whitespace-nowrap rounded-sm px-3 py-1.5 text-sm font-medium ring-offset-background transition-all focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:pointer-events-none disabled:opacity-50 data-[state=active]:bg-background data-[state=active]:text-foreground data-[state=active]:shadow",
+      className
+    )}
+    {...props}
+  />
+));
+VerticalTabsTrigger.displayName = "VerticalTabsTrigger";
+
+const VerticalTabsContent = React.forwardRef<
+  React.ElementRef<typeof TabsPrimitive.Content>,
+  React.ComponentPropsWithoutRef<typeof TabsPrimitive.Content>
+>(({ className, ...props }, ref) => (
+  <TabsPrimitive.Content
+    ref={ref}
+    className={cn(
+      "mt-0 ring-offset-background focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2",
+      className
+    )}
+    {...props}
+  />
+));
+VerticalTabsContent.displayName = "VerticalTabsContent";
+
+export { VerticalTabs, VerticalTabsList, VerticalTabsTrigger, VerticalTabsContent };
+

package/src/hooks/use-mobile.tsx

@@ -0,0 +1,19 @@
+import * as React from "react"
+
+const MOBILE_BREAKPOINT = 768
+
+export function useIsMobile() {
+  const [isMobile, setIsMobile] = React.useState<boolean | undefined>(undefined)
+
+  React.useEffect(() => {
+    const mql = window.matchMedia(`(max-width: ${MOBILE_BREAKPOINT - 1}px)`)
+    const onChange = () => {
+      setIsMobile(window.innerWidth < MOBILE_BREAKPOINT)
+    }
+    mql.addEventListener("change", onChange)
+    setIsMobile(window.innerWidth < MOBILE_BREAKPOINT)
+    return () => mql.removeEventListener("change", onChange)
+  }, [])
+
+  return !!isMobile
+}

package/src/lib/already_logged_in_config.server.ts

@@ -0,0 +1,46 @@
+// file_description: server-only helper to read already logged in configuration from hazo_auth_config.ini
+// section: imports
+import { get_config_value, get_config_boolean } from "./config/config_loader.server";
+
+// section: types
+export type AlreadyLoggedInConfig = {
+  message: string;
+  showLogoutButton: boolean;
+  showReturnHomeButton: boolean;
+  returnHomeButtonLabel: string;
+  returnHomePath: string;
+};
+
+// section: helpers
+/**
+ * Reads already logged in configuration from hazo_auth_config.ini file
+ * Falls back to defaults if hazo_auth_config.ini is not found or section is missing
+ * @returns Already logged in configuration options
+ */
+export function get_already_logged_in_config(): AlreadyLoggedInConfig {
+  const section = "hazo_auth__already_logged_in";
+
+  // Read message (defaults to "You're already logged in.")
+  const message = get_config_value(section, "message", "You're already logged in.");
+
+  // Read show logout button (defaults to true)
+  const showLogoutButton = get_config_boolean(section, "show_logout_button", true);
+
+  // Read show return home button (defaults to false)
+  const showReturnHomeButton = get_config_boolean(section, "show_return_home_button", false);
+
+  // Read return home button label (defaults to "Return home")
+  const returnHomeButtonLabel = get_config_value(section, "return_home_button_label", "Return home");
+
+  // Read return home path (defaults to "/")
+  const returnHomePath = get_config_value(section, "return_home_path", "/");
+
+  return {
+    message,
+    showLogoutButton,
+    showReturnHomeButton,
+    returnHomeButtonLabel,
+    returnHomePath,
+  };
+}
+

package/src/lib/app_logger.ts

@@ -0,0 +1,24 @@
+// file_description: client-accessible wrapper for the main app logging service
+// section: imports
+import { create_logger_service } from "@/server/logging/logger_service";
+
+// section: constants
+const APP_NAMESPACE = "hazo_auth_ui";
+
+// section: logger_instance
+/**
+ * Creates a logger service instance for use in UI components
+ * This uses the main app logging service and can be extended with an external logger
+ * when provided as part of component setup
+ */
+export const create_app_logger = (
+  external_logger?: {
+    info?: (message: string, data?: Record<string, unknown>) => void;
+    error?: (message: string, data?: Record<string, unknown>) => void;
+    warn?: (message: string, data?: Record<string, unknown>) => void;
+    debug?: (message: string, data?: Record<string, unknown>) => void;
+  }
+) => {
+  return create_logger_service(APP_NAMESPACE, external_logger);
+};
+

package/src/lib/auth/auth_utils.server.ts

@@ -0,0 +1,196 @@
+// file_description: server-side authentication utilities for checking login status in API routes
+// section: imports
+import { NextRequest, NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../hazo_connect_instance.server";
+import { createCrudService } from "hazo_connect/server";
+import { map_db_source_to_ui } from "../services/profile_picture_source_mapper";
+
+// section: types
+export type AuthUser = {
+  authenticated: true;
+  user_id: string;
+  email: string;
+  name?: string;
+  email_verified: boolean;
+  is_active: boolean;
+  last_logon?: string;
+  profile_picture_url?: string;
+  profile_source?: "upload" | "library" | "gravatar" | "custom";
+};
+
+export type AuthResult = 
+  | AuthUser
+  | { authenticated: false };
+
+// section: helpers
+/**
+ * Clears authentication cookies from response
+ * @param response - NextResponse object to clear cookies from
+ * @returns The response with cleared cookies
+ */
+function clear_auth_cookies(response: NextResponse): NextResponse {
+  response.cookies.set("hazo_auth_user_email", "", {
+    expires: new Date(0),
+    path: "/",
+  });
+  response.cookies.set("hazo_auth_user_id", "", {
+    expires: new Date(0),
+    path: "/",
+  });
+  return response;
+}
+
+// section: functions
+/**
+ * Checks if a user is authenticated from request cookies
+ * Validates user exists, is active, and cookies match
+ * @param request - NextRequest object
+ * @returns AuthResult with user info or authenticated: false
+ */
+export async function get_authenticated_user(request: NextRequest): Promise<AuthResult> {
+  const user_id = request.cookies.get("hazo_auth_user_id")?.value;
+  const user_email = request.cookies.get("hazo_auth_user_email")?.value;
+
+  if (!user_id || !user_email) {
+    return { authenticated: false };
+  }
+
+  try {
+    const hazoConnect = get_hazo_connect_instance();
+    const users_service = createCrudService(hazoConnect, "hazo_users");
+    
+    const users = await users_service.findBy({
+      id: user_id,
+      email_address: user_email,
+    });
+
+    if (!Array.isArray(users) || users.length === 0) {
+      return { authenticated: false };
+    }
+
+    const user = users[0];
+
+    // Check if user is active
+    if (user.is_active === false) {
+      return { authenticated: false };
+    }
+
+    // Map database profile_source to UI representation
+    const profile_source_db = user.profile_source as string | null | undefined;
+    const profile_source_ui = profile_source_db ? map_db_source_to_ui(profile_source_db) : undefined;
+
+    return {
+      authenticated: true,
+      user_id: user.id as string,
+      email: user.email_address as string,
+      name: (user.name as string | null | undefined) || undefined,
+      email_verified: user.email_verified === true,
+      is_active: user.is_active === true,
+      last_logon: (user.last_logon as string | null | undefined) || undefined,
+      profile_picture_url: (user.profile_picture_url as string | null | undefined) || undefined,
+      profile_source: profile_source_ui,
+    };
+  } catch (error) {
+    return { authenticated: false };
+  }
+}
+
+/**
+ * Checks if user is authenticated (simple boolean check)
+ * @param request - NextRequest object
+ * @returns true if authenticated, false otherwise
+ */
+export async function is_authenticated(request: NextRequest): Promise<boolean> {
+  const result = await get_authenticated_user(request);
+  return result.authenticated;
+}
+
+/**
+ * Requires authentication - throws error if not authenticated
+ * Use in API routes that require authentication
+ * @param request - NextRequest object
+ * @returns AuthUser (never returns authenticated: false, throws instead)
+ * @throws Error if not authenticated
+ */
+export async function require_auth(request: NextRequest): Promise<AuthUser> {
+  const result = await get_authenticated_user(request);
+  
+  if (!result.authenticated) {
+    throw new Error("Authentication required");
+  }
+  
+  return result;
+}
+
+/**
+ * Gets authenticated user and returns response with cleared cookies if invalid
+ * Useful for /api/auth/me endpoint that needs to clear cookies on invalid auth
+ * @param request - NextRequest object
+ * @returns Object with auth_result and response (with cleared cookies if invalid)
+ */
+export async function get_authenticated_user_with_response(request: NextRequest): Promise<{
+  auth_result: AuthResult;
+  response?: NextResponse;
+}> {
+  const user_id = request.cookies.get("hazo_auth_user_id")?.value;
+  const user_email = request.cookies.get("hazo_auth_user_email")?.value;
+
+  if (!user_id || !user_email) {
+    return { auth_result: { authenticated: false } };
+  }
+
+  try {
+    const hazoConnect = get_hazo_connect_instance();
+    const users_service = createCrudService(hazoConnect, "hazo_users");
+    
+    const users = await users_service.findBy({
+      id: user_id,
+      email_address: user_email,
+    });
+
+    if (!Array.isArray(users) || users.length === 0) {
+      // User not found - clear cookies
+      const response = NextResponse.json(
+        { authenticated: false },
+        { status: 200 }
+      );
+      clear_auth_cookies(response);
+      return { auth_result: { authenticated: false }, response };
+    }
+
+    const user = users[0];
+
+    // Check if user is still active
+    if (user.is_active === false) {
+      // User is inactive - clear cookies
+      const response = NextResponse.json(
+        { authenticated: false },
+        { status: 200 }
+      );
+      clear_auth_cookies(response);
+      return { auth_result: { authenticated: false }, response };
+    }
+
+    // Map database profile_source to UI representation
+    const profile_source_db = user.profile_source as string | null | undefined;
+    const profile_source_ui = profile_source_db ? map_db_source_to_ui(profile_source_db) : undefined;
+
+    return {
+      auth_result: {
+        authenticated: true,
+        user_id: user.id as string,
+        email: user.email_address as string,
+        name: (user.name as string | null | undefined) || undefined,
+        email_verified: user.email_verified === true,
+        is_active: user.is_active === true,
+        last_logon: (user.last_logon as string | null | undefined) || undefined,
+        profile_picture_url: (user.profile_picture_url as string | null | undefined) || undefined,
+        profile_source: profile_source_ui,
+      },
+    };
+  } catch (error) {
+    // On error, assume not authenticated
+    return { auth_result: { authenticated: false } };
+  }
+}
+

package/src/lib/auth/server_auth.ts

@@ -0,0 +1,88 @@
+// file_description: server-side auth utilities for server components and pages
+// section: imports
+import { cookies } from "next/headers";
+import { get_hazo_connect_instance } from "../hazo_connect_instance.server";
+import { createCrudService } from "hazo_connect/server";
+import { map_db_source_to_ui } from "../services/profile_picture_source_mapper";
+
+// section: types
+export type ServerAuthUser = {
+  authenticated: true;
+  user_id: string;
+  email: string;
+  name?: string;
+  email_verified: boolean;
+  is_active: boolean;
+  last_logon?: string;
+  profile_picture_url?: string;
+  profile_source?: "upload" | "library" | "gravatar" | "custom";
+};
+
+export type ServerAuthResult = 
+  | ServerAuthUser
+  | { authenticated: false };
+
+// section: functions
+/**
+ * Gets authenticated user in server components/pages
+ * Uses Next.js cookies() function to read authentication cookies
+ * @returns ServerAuthResult with user info or authenticated: false
+ */
+export async function get_server_auth_user(): Promise<ServerAuthResult> {
+  const cookie_store = await cookies();
+  const user_id = cookie_store.get("hazo_auth_user_id")?.value;
+  const user_email = cookie_store.get("hazo_auth_user_email")?.value;
+
+  if (!user_id || !user_email) {
+    return { authenticated: false };
+  }
+
+  try {
+    const hazoConnect = get_hazo_connect_instance();
+    const users_service = createCrudService(hazoConnect, "hazo_users");
+    
+    const users = await users_service.findBy({
+      id: user_id,
+      email_address: user_email,
+    });
+
+    if (!Array.isArray(users) || users.length === 0) {
+      return { authenticated: false };
+    }
+
+    const user = users[0];
+
+    // Check if user is active
+    if (user.is_active === false) {
+      return { authenticated: false };
+    }
+
+    // Map database profile_source to UI representation
+    const profile_source_db = user.profile_source as string | null | undefined;
+    const profile_source_ui = profile_source_db ? map_db_source_to_ui(profile_source_db) : undefined;
+
+    return {
+      authenticated: true,
+      user_id: user.id as string,
+      email: user.email_address as string,
+      name: (user.name as string | null | undefined) || undefined,
+      email_verified: user.email_verified === true,
+      is_active: user.is_active === true,
+      last_logon: (user.last_logon as string | null | undefined) || undefined,
+      profile_picture_url: (user.profile_picture_url as string | null | undefined) || undefined,
+      profile_source: profile_source_ui,
+    };
+  } catch (error) {
+    return { authenticated: false };
+  }
+}
+
+/**
+ * Checks if user is authenticated in server components/pages (simple boolean check)
+ * @returns true if authenticated, false otherwise
+ */
+export async function is_server_authenticated(): Promise<boolean> {
+  const result = await get_server_auth_user();
+  return result.authenticated;
+}
+