hazo_auth 0.1.0

package/src/lib/config/config_loader.server.ts

@@ -0,0 +1,149 @@
+// file_description: shared utility for reading configuration from hazo_auth_config.ini using hazo_config
+// section: imports
+import { HazoConfig } from "hazo_config/dist/lib";
+import path from "path";
+import fs from "fs";
+import { create_app_logger } from "../app_logger";
+
+// section: constants
+const DEFAULT_CONFIG_FILE = "hazo_auth_config.ini";
+
+// section: helpers
+/**
+ * Gets the default config file path
+ * @param custom_path - Optional custom config file path
+ * @returns Resolved config file path
+ */
+function get_config_file_path(custom_path?: string): string {
+  if (custom_path) {
+    return path.isAbsolute(custom_path) ? custom_path : path.resolve(process.cwd(), custom_path);
+  }
+  return path.resolve(process.cwd(), DEFAULT_CONFIG_FILE);
+}
+
+/**
+ * Reads a section from the config file
+ * @param section_name - Name of the section to read (e.g., "hazo_auth__register_layout")
+ * @param file_path - Optional custom config file path (defaults to hazo_auth_config.ini)
+ * @returns Section data as Record<string, string> or undefined if not found
+ */
+export function read_config_section(
+  section_name: string,
+  file_path?: string,
+): Record<string, string> | undefined {
+  const config_path = get_config_file_path(file_path);
+  const logger = create_app_logger();
+
+  if (!fs.existsSync(config_path)) {
+    return undefined;
+  }
+
+  try {
+    const hazo_config = new HazoConfig({
+      filePath: config_path,
+    });
+    return hazo_config.getSection(section_name);
+  } catch (error) {
+    const error_message = error instanceof Error ? error.message : "Unknown error";
+    logger.warn("config_loader_read_section_failed", {
+      filename: "config_loader.server.ts",
+      line_number: 0,
+      section_name,
+      config_path,
+      error: error_message,
+    });
+    return undefined;
+  }
+}
+
+/**
+ * Gets a single config value from a section
+ * @param section_name - Name of the section
+ * @param key - Key name within the section
+ * @param default_value - Default value if key is not found
+ * @param file_path - Optional custom config file path
+ * @returns Config value as string or default value
+ */
+export function get_config_value(
+  section_name: string,
+  key: string,
+  default_value: string,
+  file_path?: string,
+): string {
+  const section = read_config_section(section_name, file_path);
+  return section?.[key]?.trim() || default_value;
+}
+
+/**
+ * Gets a boolean config value from a section
+ * @param section_name - Name of the section
+ * @param key - Key name within the section
+ * @param default_value - Default boolean value if key is not found
+ * @param file_path - Optional custom config file path
+ * @returns Config value as boolean
+ */
+export function get_config_boolean(
+  section_name: string,
+  key: string,
+  default_value: boolean,
+  file_path?: string,
+): boolean {
+  const section = read_config_section(section_name, file_path);
+  const value = section?.[key]?.trim().toLowerCase();
+  
+  if (value === undefined) {
+    return default_value;
+  }
+  
+  return value !== "false" && value !== "0" && value !== "";
+}
+
+/**
+ * Gets a number config value from a section
+ * @param section_name - Name of the section
+ * @param key - Key name within the section
+ * @param default_value - Default number value if key is not found or invalid
+ * @param file_path - Optional custom config file path
+ * @returns Config value as number
+ */
+export function get_config_number(
+  section_name: string,
+  key: string,
+  default_value: number,
+  file_path?: string,
+): number {
+  const section = read_config_section(section_name, file_path);
+  const value = section?.[key]?.trim();
+  
+  if (!value) {
+    return default_value;
+  }
+  
+  const parsed = parseFloat(value);
+  return isNaN(parsed) ? default_value : parsed;
+}
+
+/**
+ * Gets a comma-separated list config value from a section
+ * @param section_name - Name of the section
+ * @param key - Key name within the section
+ * @param default_value - Default array value if key is not found
+ * @param file_path - Optional custom config file path
+ * @returns Config value as array of strings
+ */
+export function get_config_array(
+  section_name: string,
+  key: string,
+  default_value: string[],
+  file_path?: string,
+): string[] {
+  const section = read_config_section(section_name, file_path);
+  const value = section?.[key]?.trim();
+  
+  if (!value) {
+    return default_value;
+  }
+  
+  return value.split(",").map((item) => item.trim()).filter((item) => item.length > 0);
+}
+

package/src/lib/email_verification_config.server.ts

@@ -0,0 +1,32 @@
+// file_description: server-only helper to read email verification layout configuration from hazo_auth_config.ini
+// section: imports
+import { get_already_logged_in_config } from "./already_logged_in_config.server";
+
+// section: types
+export type EmailVerificationConfig = {
+  alreadyLoggedInMessage: string;
+  showLogoutButton: boolean;
+  showReturnHomeButton: boolean;
+  returnHomeButtonLabel: string;
+  returnHomePath: string;
+};
+
+// section: helpers
+/**
+ * Reads email verification layout configuration from hazo_auth_config.ini file
+ * Falls back to defaults if hazo_auth_config.ini is not found or section is missing
+ * @returns Email verification configuration options
+ */
+export function get_email_verification_config(): EmailVerificationConfig {
+  // Get shared already logged in config
+  const alreadyLoggedInConfig = get_already_logged_in_config();
+
+  return {
+    alreadyLoggedInMessage: alreadyLoggedInConfig.message,
+    showLogoutButton: alreadyLoggedInConfig.showLogoutButton,
+    showReturnHomeButton: alreadyLoggedInConfig.showReturnHomeButton,
+    returnHomeButtonLabel: alreadyLoggedInConfig.returnHomeButtonLabel,
+    returnHomePath: alreadyLoggedInConfig.returnHomePath,
+  };
+}
+

package/src/lib/file_types_config.server.ts

@@ -0,0 +1,25 @@
+// file_description: server-only helper to read file type configuration from hazo_auth_config.ini
+// section: imports
+import { get_config_array } from "./config/config_loader.server";
+
+// section: types
+export type FileTypesConfig = {
+  allowed_image_extensions: string[];
+  allowed_image_mime_types: string[];
+};
+
+// section: helpers
+/**
+ * Reads file type configuration from hazo_auth_config.ini file
+ * Falls back to defaults if hazo_auth_config.ini is not found or section is missing
+ * @returns File types configuration options
+ */
+export function get_file_types_config(): FileTypesConfig {
+  const section = "hazo_auth__file_types";
+
+  return {
+    allowed_image_extensions: get_config_array(section, "allowed_image_extensions", ["jpg", "jpeg", "png"]),
+    allowed_image_mime_types: get_config_array(section, "allowed_image_mime_types", ["image/jpeg", "image/jpg", "image/png"]),
+  };
+}
+

package/src/lib/forgot_password_config.server.ts

@@ -0,0 +1,32 @@
+// file_description: server-only helper to read forgot password layout configuration from hazo_auth_config.ini
+// section: imports
+import { get_already_logged_in_config } from "./already_logged_in_config.server";
+
+// section: types
+export type ForgotPasswordConfig = {
+  alreadyLoggedInMessage: string;
+  showLogoutButton: boolean;
+  showReturnHomeButton: boolean;
+  returnHomeButtonLabel: string;
+  returnHomePath: string;
+};
+
+// section: helpers
+/**
+ * Reads forgot password layout configuration from hazo_auth_config.ini file
+ * Falls back to defaults if hazo_auth_config.ini is not found or section is missing
+ * @returns Forgot password configuration options
+ */
+export function get_forgot_password_config(): ForgotPasswordConfig {
+  // Get shared already logged in config
+  const alreadyLoggedInConfig = get_already_logged_in_config();
+
+  return {
+    alreadyLoggedInMessage: alreadyLoggedInConfig.message,
+    showLogoutButton: alreadyLoggedInConfig.showLogoutButton,
+    showReturnHomeButton: alreadyLoggedInConfig.showReturnHomeButton,
+    returnHomeButtonLabel: alreadyLoggedInConfig.returnHomeButtonLabel,
+    returnHomePath: alreadyLoggedInConfig.returnHomePath,
+  };
+}
+

package/src/lib/hazo_connect_instance.server.ts

@@ -0,0 +1,77 @@
+// file_description: singleton instance of hazo_connect adapter - initialized once and reused across all routes
+// This ensures all routes/components use the same database connection
+// Uses the new hazo_connect singleton API from hazo_connect/nextjs/setup
+// Reads configuration from hazo_auth_config.ini using hazo_config
+// section: imports
+import type { HazoConnectAdapter } from "hazo_connect";
+import { getHazoConnectSingleton } from "hazo_connect/nextjs/setup";
+import { create_sqlite_hazo_connect_server, get_hazo_connect_config_options } from "./hazo_connect_setup.server";
+import { initializeAdminService, getSqliteAdminService } from "hazo_connect/server";
+import { create_app_logger } from "./app_logger";
+
+// section: singleton_state
+let hazoConnectInstance: HazoConnectAdapter | null = null;
+let isInitialized = false;
+
+// section: helpers
+/**
+ * Gets or creates the singleton hazo_connect adapter instance
+ * This ensures all routes/components use the same database connection
+ * 
+ * Uses the new hazo_connect singleton API which:
+ * - Automatically reuses the adapter instance
+ * - Automatically registers SQLite adapters with the admin service
+ * - Is thread-safe for Next.js serverless environments
+ * - Reads configuration from hazo_auth_config.ini using hazo_config (falls back to environment variables)
+ * 
+ * Falls back to manual singleton if the new API is not available
+ * 
+ * @returns The singleton HazoConnectAdapter instance
+ */
+export function get_hazo_connect_instance(): HazoConnectAdapter {
+  // Use the new singleton API from hazo_connect
+  // This automatically handles:
+  // - Instance reuse
+  // - Admin service registration (via registerSqliteAdapter)
+  // - Thread-safety for Next.js serverless
+  // - Configuration from hazo_auth_config.ini (via hazo_config) or environment variables
+  try {
+    // Get configuration from hazo_auth_config.ini (falls back to environment variables)
+    const config_options = get_hazo_connect_config_options();
+    return getHazoConnectSingleton(config_options);
+  } catch (error) {
+    // Fallback: Manual singleton implementation if new API fails
+    // This should not happen with the updated package, but kept for safety
+    if (!hazoConnectInstance) {
+      // Initialize admin service first (if not already done)
+      if (!isInitialized) {
+        initializeAdminService({ enable_admin_ui: true });
+        isInitialized = true;
+      }
+      
+      // Create the adapter instance (reads from hazo_auth_config.ini)
+      hazoConnectInstance = create_sqlite_hazo_connect_server();
+
+      // Note: Database migrations should be applied manually via SQLite Admin UI
+      // or through a separate migration script. The token_service has fallback
+      // logic to work without the token_type column if migration hasn't been applied.
+
+      // Finalize initialization by getting the admin service.
+      try {
+        getSqliteAdminService();
+      } catch (adminError) {
+        const logger = create_app_logger();
+        const error_message = adminError instanceof Error ? adminError.message : "Unknown error";
+        logger.warn("hazo_connect_instance_admin_service_init_failed", {
+          filename: "hazo_connect_instance.server.ts",
+          line_number: 0,
+          error: error_message,
+          note: "Could not get SqliteAdminService during initialization, continuing...",
+        });
+      }
+    }
+    
+    return hazoConnectInstance;
+  }
+}
+

package/src/lib/hazo_connect_setup.server.ts

@@ -0,0 +1,181 @@
+// file_description: server-only helper to create hazo_connect instance (imports server-side code)
+// This file should only be imported in server contexts (API routes, server components)
+// Reads configuration from hazo_auth_config.ini using hazo_config
+// section: imports
+import { createHazoConnect } from "hazo_connect/server";
+import { HazoConfig } from "hazo_config/dist/lib";
+import path from "path";
+import fs from "fs";
+import { create_app_logger } from "./app_logger";
+import { read_config_section } from "./config/config_loader.server";
+
+// section: helpers
+/**
+ * Reads hazo_connect configuration from hazo_auth_config.ini file
+ * Falls back to environment variables if hazo_auth_config.ini is not found or section is missing
+ * @returns Configuration options for hazo_connect
+ */
+function get_hazo_connect_config(): {
+  type: "sqlite" | "postgrest";
+  sqlitePath?: string;
+  enableAdminUi: boolean;
+  readOnly?: boolean;
+  postgrestUrl?: string;
+  postgrestApiKey?: string;
+} {
+  const default_config_path = path.resolve(process.cwd(), "hazo_auth_config.ini");
+  let hazo_connect_section: Record<string, string> | undefined;
+
+  // Try to read from hazo_auth_config.ini
+  const logger = create_app_logger();
+  hazo_connect_section = read_config_section("hazo_connect");
+
+  // Read type (defaults to sqlite)
+  const type = (
+    hazo_connect_section?.type ||
+    process.env.HAZO_CONNECT_TYPE ||
+    "sqlite"
+  ).toLowerCase() as "sqlite" | "postgrest";
+
+  // Read enable_admin_ui (defaults to true)
+  const enable_admin_ui_str =
+    hazo_connect_section?.enable_admin_ui ||
+    process.env.HAZO_CONNECT_ENABLE_ADMIN_UI ||
+    "true";
+  const enableAdminUi = enable_admin_ui_str.toLowerCase() === "true";
+
+  // Read read_only (defaults to false)
+  const read_only_str =
+    hazo_connect_section?.read_only ||
+    process.env.HAZO_CONNECT_SQLITE_READONLY ||
+    "false";
+  const readOnly = read_only_str.toLowerCase() === "true";
+
+  // SQLite configuration
+  if (type === "sqlite") {
+    const sqlite_path_config =
+      hazo_connect_section?.sqlite_path || process.env.HAZO_CONNECT_SQLITE_PATH;
+
+    let sqlite_path: string | undefined;
+
+    if (sqlite_path_config) {
+      // If path is absolute, use as-is; otherwise resolve relative to process.cwd()
+      sqlite_path = path.isAbsolute(sqlite_path_config)
+        ? sqlite_path_config
+        : path.resolve(process.cwd(), sqlite_path_config);
+
+      // Normalize the path to ensure consistency (resolves .., ., etc.)
+      sqlite_path = path.normalize(sqlite_path);
+    } else {
+      // Fallback to test fixture database
+      const ui_component_path = path.resolve(
+        process.cwd(),
+        "ui_component",
+        "__tests__",
+        "fixtures",
+        "hazo_auth.sqlite"
+      );
+      sqlite_path = path.normalize(ui_component_path);
+    }
+
+    // Log the resolved path for debugging
+    logger.debug("hazo_connect_sqlite_path_resolved", {
+      filename: "hazo_connect_setup.server.ts",
+      line_number: 0,
+      sqlite_path,
+      process_cwd: process.cwd(),
+      config_source: hazo_connect_section ? "hazo_auth_config.ini" : "environment variables",
+    });
+
+    return {
+      type: "sqlite",
+      sqlitePath: sqlite_path,
+      enableAdminUi,
+      readOnly,
+    };
+  }
+
+  // PostgREST configuration
+  if (type === "postgrest") {
+    const postgrest_url =
+      hazo_connect_section?.postgrest_url ||
+      process.env.HAZO_CONNECT_POSTGREST_URL ||
+      process.env.POSTGREST_URL;
+    const postgrest_api_key =
+      hazo_connect_section?.postgrest_api_key ||
+      process.env.HAZO_CONNECT_POSTGREST_API_KEY ||
+      process.env.POSTGREST_API_KEY;
+
+    if (!postgrest_url) {
+      throw new Error(
+        "PostgREST URL is required. Set postgrest_url in [hazo_connect] section of hazo_auth_config.ini or HAZO_CONNECT_POSTGREST_URL environment variable."
+      );
+    }
+
+    return {
+      type: "postgrest",
+      postgrestUrl: postgrest_url,
+      postgrestApiKey: postgrest_api_key,
+      enableAdminUi,
+    };
+  }
+
+  throw new Error(
+    `Unsupported HAZO_CONNECT_TYPE: ${type}. Supported types: sqlite, postgrest`
+  );
+}
+
+/**
+ * Server-only function to create hazo_connect adapter
+ * Reads configuration from hazo_auth_config.ini using hazo_config, falls back to environment variables
+ * This should only be called from server-side code (API routes, server components)
+ */
+export function create_sqlite_hazo_connect_server() {
+  const config = get_hazo_connect_config();
+
+  if (config.type === "sqlite") {
+    return createHazoConnect({
+      type: "sqlite",
+      database: config.sqlitePath!,
+      enable_admin_ui: config.enableAdminUi,
+    });
+  }
+
+  if (config.type === "postgrest") {
+    return createHazoConnect({
+      type: "postgrest",
+      baseUrl: config.postgrestUrl!,
+      apiKey: config.postgrestApiKey,
+    });
+  }
+
+  throw new Error(`Unsupported database type: ${config.type}`);
+}
+
+/**
+ * Gets hazo_connect configuration options for use with singleton API
+ * Reads from hazo_auth_config.ini using hazo_config, falls back to environment variables
+ * @returns Configuration options compatible with getHazoConnectSingleton
+ */
+export function get_hazo_connect_config_options(): {
+  type?: "sqlite" | "postgrest";
+  sqlitePath?: string;
+  enableAdminUi?: boolean;
+  readOnly?: boolean;
+} {
+  const config = get_hazo_connect_config();
+
+  if (config.type === "sqlite") {
+    return {
+      type: "sqlite",
+      sqlitePath: config.sqlitePath,
+      enableAdminUi: config.enableAdminUi,
+      readOnly: config.readOnly,
+    };
+  }
+
+  // PostgREST is not supported by the singleton API options yet
+  // Return empty object to let it use environment variables
+  return {};
+}
+

package/src/lib/hazo_connect_setup.ts

@@ -0,0 +1,54 @@
+// file_description: helper function to create hazo_connect instance with configuration from environment variables
+// This file provides a client-safe wrapper that returns a mock on client-side
+// section: imports
+// Note: We don't import server-side code here to avoid client-side bundling issues
+
+// section: helpers
+/**
+ * Creates a hazo_connect instance configured from environment variables
+ * 
+ * Environment variables:
+ * - HAZO_CONNECT_TYPE: Database type ("sqlite" | "postgrest") - defaults to "sqlite"
+ * - HAZO_CONNECT_SQLITE_PATH: Path to SQLite database file (relative to process.cwd() or absolute)
+ * - HAZO_CONNECT_POSTGREST_URL: PostgREST API URL (for postgrest type)
+ * - HAZO_CONNECT_POSTGREST_API_KEY: PostgREST API key (for postgrest type)
+ * 
+ * Falls back to test fixture database if HAZO_CONNECT_SQLITE_PATH is not set
+ * 
+ * Note: For client-side usage (Next.js pages), this returns a mock adapter
+ * since SQLite cannot run in browser environments. Use PostgREST for client-side database access.
+ */
+// Lazy loader for server module - prevents webpack from statically analyzing the require
+function loadServerModule() {
+  // Use Function constructor to create a dynamic require that webpack can't analyze
+  // eslint-disable-next-line no-new-func
+  const requireFunc = new Function('modulePath', 'return require(modulePath)');
+  return requireFunc('./hazo_connect_setup.server');
+}
+
+export function create_sqlite_hazo_connect() {
+  // Check if we're in a browser/client environment
+  if (typeof window !== "undefined") {
+    // Return a mock adapter for client-side usage
+    return create_client_mock_hazo_connect();
+  }
+
+  // Server-side: dynamically load server module
+  // Using Function constructor prevents webpack from statically analyzing the require
+  const serverModule = loadServerModule();
+  return serverModule.create_sqlite_hazo_connect_server();
+}
+
+/**
+ * Creates a mock hazo_connect adapter for client-side usage
+ * This satisfies the LayoutDataClient interface without requiring SQLite
+ */
+function create_client_mock_hazo_connect() {
+  return {
+    healthCheck: async () => {
+      // Mock health check for client-side - no-op
+      return Promise.resolve();
+    },
+  };
+}
+

package/src/lib/login_config.server.ts

@@ -0,0 +1,46 @@
+// file_description: server-only helper to read login layout configuration from hazo_auth_config.ini
+// section: imports
+import { get_config_value } from "./config/config_loader.server";
+import { get_already_logged_in_config } from "./already_logged_in_config.server";
+
+// section: types
+export type LoginConfig = {
+  redirectRoute?: string;
+  successMessage: string;
+  alreadyLoggedInMessage: string;
+  showLogoutButton: boolean;
+  showReturnHomeButton: boolean;
+  returnHomeButtonLabel: string;
+  returnHomePath: string;
+};
+
+// section: helpers
+/**
+ * Reads login layout configuration from hazo_auth_config.ini file
+ * Falls back to defaults if hazo_auth_config.ini is not found or section is missing
+ * @returns Login configuration options
+ */
+export function get_login_config(): LoginConfig {
+  const section = "hazo_auth__login_layout";
+
+  // Read redirect route (optional)
+  const redirectRouteValue = get_config_value(section, "redirect_route_on_successful_login", "");
+  const redirectRoute = redirectRouteValue || undefined;
+
+  // Read success message (defaults to "Successfully logged in")
+  const successMessage = get_config_value(section, "success_message", "Successfully logged in");
+
+  // Get shared already logged in config
+  const alreadyLoggedInConfig = get_already_logged_in_config();
+
+  return {
+    redirectRoute,
+    successMessage,
+    alreadyLoggedInMessage: alreadyLoggedInConfig.message,
+    showLogoutButton: alreadyLoggedInConfig.showLogoutButton,
+    showReturnHomeButton: alreadyLoggedInConfig.showReturnHomeButton,
+    returnHomeButtonLabel: alreadyLoggedInConfig.returnHomeButtonLabel,
+    returnHomePath: alreadyLoggedInConfig.returnHomePath,
+  };
+}
+

package/src/lib/messages_config.server.ts

@@ -0,0 +1,45 @@
+// file_description: server-only helper to read user-facing messages from hazo_auth_config.ini
+// section: imports
+import { get_config_value } from "./config/config_loader.server";
+
+// section: types
+export type MessagesConfig = {
+  photo_upload_disabled_message: string;
+  gravatar_setup_message: string;
+  gravatar_no_account_message: string;
+  library_tooltip_message: string;
+};
+
+// section: helpers
+/**
+ * Reads user-facing messages from hazo_auth_config.ini file
+ * Falls back to defaults if hazo_auth_config.ini is not found or section is missing
+ * @returns Messages configuration options
+ */
+export function get_messages_config(): MessagesConfig {
+  const section = "hazo_auth__messages";
+
+  return {
+    photo_upload_disabled_message: get_config_value(
+      section,
+      "photo_upload_disabled_message",
+      "Photo upload is not enabled. Please contact your administrator."
+    ),
+    gravatar_setup_message: get_config_value(
+      section,
+      "gravatar_setup_message",
+      "To set up your Gravatar:"
+    ),
+    gravatar_no_account_message: get_config_value(
+      section,
+      "gravatar_no_account_message",
+      "You don't have a Gravatar account set up for this email address."
+    ),
+    library_tooltip_message: get_config_value(
+      section,
+      "library_tooltip_message",
+      "Select another tab image style to remove this image"
+    ),
+  };
+}
+