hazo_auth 0.3.0 → 1.0.1

package/src/app/hazo_connect/api/sqlite/schema/route.ts

@@ -19,11 +19,21 @@ export async function GET(request: NextRequest) {
     // Get singleton hazo_connect instance (initializes admin service if needed)
     get_hazo_connect_instance();
     
-    const service = getSqliteAdminService()
-    const schema = await service.getTableSchema(table)
-    return NextResponse.json({ data: schema })
+    let service;
+    try {
+      service = getSqliteAdminService();
+    } catch (serviceError) {
+      const errorMessage = serviceError instanceof Error ? serviceError.message : "Unknown error";
+      return NextResponse.json(
+        { error: `SQLite Admin Service not available: ${errorMessage}. Make sure enable_admin_ui is set to true in hazo_auth_config.ini.` },
+        { status: 500 }
+      );
+    }
+    
+    const schema = await service.getTableSchema(table);
+    return NextResponse.json({ data: schema });
   } catch (error) {
-    return toErrorResponse(error, `Failed to fetch schema for table '${table}'`)
+    return toErrorResponse(error, `Failed to fetch schema for table '${table}'`);
   }
 }
 

package/src/app/hazo_connect/api/sqlite/tables/route.ts

@@ -10,11 +10,21 @@ export async function GET() {
     // Get singleton hazo_connect instance (initializes admin service if needed)
     get_hazo_connect_instance();
     
-    const service = getSqliteAdminService()
-    const tables = await service.listTables()
-    return NextResponse.json({ data: tables })
+    let service;
+    try {
+      service = getSqliteAdminService();
+    } catch (serviceError) {
+      const errorMessage = serviceError instanceof Error ? serviceError.message : "Unknown error";
+      return NextResponse.json(
+        { error: `SQLite Admin Service not available: ${errorMessage}. Make sure enable_admin_ui is set to true in hazo_auth_config.ini.` },
+        { status: 500 }
+      );
+    }
+    
+    const tables = await service.listTables();
+    return NextResponse.json({ data: tables });
   } catch (error) {
-    return toErrorResponse(error, "Failed to list SQLite tables")
+    return toErrorResponse(error, "Failed to list SQLite tables");
   }
 }
 

package/src/app/hazo_connect/sqlite_admin/sqlite-admin-client.tsx

@@ -91,7 +91,19 @@ export default function SqliteAdminClient({
     try {
       const schemaResponse = await fetch(`/hazo_connect/api/sqlite/schema?table=${encodeURIComponent(tableName)}`)
       if (!schemaResponse.ok) {
-        throw new Error(await schemaResponse.text())
+        const contentType = schemaResponse.headers.get("content-type");
+        if (contentType && contentType.includes("application/json")) {
+          const errorData = await schemaResponse.json();
+          throw new Error(errorData.error || `Failed to fetch schema: ${schemaResponse.statusText}`);
+        } else {
+          const errorText = await schemaResponse.text();
+          throw new Error(`Failed to fetch schema: ${errorText.substring(0, 200)}`);
+        }
+      }
+      const contentType = schemaResponse.headers.get("content-type");
+      if (!contentType || !contentType.includes("application/json")) {
+        const text = await schemaResponse.text();
+        throw new Error(`Expected JSON but received ${contentType || "unknown content type"}. Response: ${text.substring(0, 200)}`);
       }
       const schemaJson = await schemaResponse.json()
       setSchema(schemaJson.data as TableSchema)
@@ -170,7 +182,20 @@ export default function SqliteAdminClient({
 
       const response = await fetch(`/hazo_connect/api/sqlite/data?${params.toString()}`)
       if (!response.ok) {
-        throw new Error(await response.text())
+        const contentType = response.headers.get("content-type");
+        if (contentType && contentType.includes("application/json")) {
+          const errorData = await response.json();
+          throw new Error(errorData.error || `Failed to load data: ${response.statusText}`);
+        } else {
+          const errorText = await response.text();
+          throw new Error(`Failed to load data: ${errorText.substring(0, 200)}`);
+        }
+      }
+
+      const contentType = response.headers.get("content-type");
+      if (!contentType || !contentType.includes("application/json")) {
+        const text = await response.text();
+        throw new Error(`Expected JSON but received ${contentType || "unknown content type"}. Response: ${text.substring(0, 200)}`);
       }
 
       const json = (await response.json()) as DataResponse
@@ -197,7 +222,19 @@ export default function SqliteAdminClient({
     try {
       const response = await fetch("/hazo_connect/api/sqlite/tables")
       if (!response.ok) {
-        throw new Error(await response.text())
+        const contentType = response.headers.get("content-type");
+        if (contentType && contentType.includes("application/json")) {
+          const errorData = await response.json();
+          throw new Error(errorData.error || `Failed to refresh tables: ${response.statusText}`);
+        } else {
+          const errorText = await response.text();
+          throw new Error(`Failed to refresh tables: ${errorText.substring(0, 200)}`);
+        }
+      }
+      const contentType = response.headers.get("content-type");
+      if (!contentType || !contentType.includes("application/json")) {
+        const text = await response.text();
+        throw new Error(`Expected JSON but received ${contentType || "unknown content type"}. Response: ${text.substring(0, 200)}`);
       }
       const json = await response.json()
       setTables(json.data ?? [])

package/src/app/layout.tsx

@@ -1,4 +1,4 @@
-// file_description: define the root layout wrapper for the ui_component project
+// file_description: define the root layout wrapper for the hazo_auth project
 import type { Metadata } from "next";
 import local_font from "next/font/local";
 import { Toaster } from "@/components/ui/sonner";

package/src/app/page.tsx

@@ -41,7 +41,7 @@ export default function home_page() {
                 <SidebarMenuItem className="cls_home_sidebar_test_login_item">
                   <SidebarMenuButton asChild>
                     <Link
-                      href="/login"
+                      href="/hazo_auth/login"
                       className="cls_home_sidebar_test_login_link flex items-center gap-2"
                       aria-label="Test login layout component"
                     >
@@ -53,7 +53,7 @@ export default function home_page() {
                 <SidebarMenuItem className="cls_home_sidebar_test_register_item">
                   <SidebarMenuButton asChild>
                     <Link
-                      href="/register"
+                      href="/hazo_auth/register"
                       className="cls_home_sidebar_test_register_link flex items-center gap-2"
                       aria-label="Test register layout component"
                     >
@@ -65,7 +65,7 @@ export default function home_page() {
                 <SidebarMenuItem className="cls_home_sidebar_test_forgot_password_item">
                   <SidebarMenuButton asChild>
                     <Link
-                      href="/forgot_password"
+                      href="/hazo_auth/forgot_password"
                       className="cls_home_sidebar_test_forgot_password_link flex items-center gap-2"
                       aria-label="Test forgot password layout component"
                     >
@@ -77,7 +77,7 @@ export default function home_page() {
                 <SidebarMenuItem className="cls_home_sidebar_test_email_verification_item">
                   <SidebarMenuButton asChild>
                     <Link
-                      href="/verify_email"
+                      href="/hazo_auth/verify_email"
                       className="cls_home_sidebar_test_email_verification_link flex items-center gap-2"
                       aria-label="Test email verification layout component"
                     >

package/src/components/layouts/email_verification/hooks/use_email_verification.ts

@@ -47,7 +47,7 @@ const buildInitialValues = (initialEmail?: string): EmailVerificationFormValues
 export const use_email_verification = <TClient,>({
   dataClient,
   redirectDelay = 5,
-  loginPath = "/login",
+  loginPath = "/hazo_auth/login",
 }: UseEmailVerificationParams<TClient>): UseEmailVerificationResult => {
   const router = useRouter();
   const searchParams = useSearchParams();
@@ -91,7 +91,7 @@ export const use_email_verification = <TClient,>({
       setErrorMessage(undefined);
 
       try {
-        const response = await fetch(`/api/auth/verify_email?token=${encodeURIComponent(token)}`, {
+        const response = await fetch(`/api/hazo_auth/verify_email?token=${encodeURIComponent(token)}`, {
           method: "GET",
         });
 
@@ -131,7 +131,7 @@ export const use_email_verification = <TClient,>({
 
         // Try to extract email from error response if available
         try {
-          const response = await fetch(`/api/auth/verify_email?token=${encodeURIComponent(token)}`, {
+          const response = await fetch(`/api/hazo_auth/verify_email?token=${encodeURIComponent(token)}`, {
             method: "GET",
           });
           const data = await response.json();
@@ -221,7 +221,7 @@ export const use_email_verification = <TClient,>({
       setErrors({});
 
       try {
-        const response = await fetch("/api/auth/resend_verification", {
+        const response = await fetch("/api/hazo_auth/resend_verification", {
           method: "POST",
           headers: {
             "Content-Type": "application/json",

package/src/components/layouts/email_verification/index.tsx

@@ -69,7 +69,7 @@ export default function email_verification_layout<TClient>({
   success_labels,
   error_labels,
   redirect_delay = 5,
-  login_path = "/login",
+  login_path = "/hazo_auth/login",
   data_client,
   already_logged_in_message,
   showLogoutButton = true,

package/src/components/layouts/forgot_password/hooks/use_forgot_password_form.ts

@@ -113,7 +113,7 @@ export const use_forgot_password_form = <TClient,>({
       setErrors({});
 
       try {
-        const response = await fetch("/api/auth/forgot_password", {
+        const response = await fetch("/api/hazo_auth/forgot_password", {
           method: "POST",
           headers: {
             "Content-Type": "application/json",

package/src/components/layouts/login/hooks/use_login_form.ts

@@ -181,7 +181,7 @@ export const use_login_form = <TClient,>({
         setClientIp(currentIp);
 
         // Attempt login via API route
-        const response = await fetch("/api/auth/login", {
+        const response = await fetch("/api/hazo_auth/login", {
           method: "POST",
           headers: {
             "Content-Type": "application/json",
@@ -202,7 +202,7 @@ export const use_login_form = <TClient,>({
             const messageParam = encodeURIComponent(
               "Your email address has not been verified. Please verify your email to continue."
             );
-            router.push(`/verify_email?email=${emailParam}&message=${messageParam}`);
+            router.push(`/hazo_auth/verify_email?email=${emailParam}&message=${messageParam}`);
             return;
           }
 

package/src/components/layouts/my_settings/components/profile_picture_dialog.tsx

@@ -188,7 +188,7 @@ export function ProfilePictureDialog({
       const formData = new FormData();
       formData.append("file", file);
 
-      const response = await fetch("/api/auth/upload_profile_picture", {
+      const response = await fetch("/api/hazo_auth/upload_profile_picture", {
         method: "POST",
         credentials: "include",
         body: formData,

package/src/components/layouts/my_settings/components/profile_picture_library_tab.tsx

@@ -57,7 +57,7 @@ export function ProfilePictureLibraryTab({
     const loadCategories = async () => {
       setLoadingCategories(true);
       try {
-        const response = await fetch("/api/auth/library_photos");
+        const response = await fetch("/api/hazo_auth/library_photos");
         const data = await response.json();
         if (data.success && data.categories) {
           setCategories(data.categories);
@@ -99,7 +99,7 @@ export function ProfilePictureLibraryTab({
     const loadPhotos = async () => {
       setLoadingPhotos(true);
       try {
-        const response = await fetch(`/api/auth/library_photos?category=${encodeURIComponent(selectedCategory)}`);
+        const response = await fetch(`/api/hazo_auth/library_photos?category=${encodeURIComponent(selectedCategory)}`);
         const data = await response.json();
         if (data.success && data.photos) {
           setPhotos(data.photos);

package/src/components/layouts/my_settings/hooks/use_my_settings.ts

@@ -134,7 +134,7 @@ export function use_my_settings({
     }
 
     try {
-      const response = await fetch("/api/auth/update_user", {
+      const response = await fetch("/api/hazo_auth/update_user", {
         method: "PATCH",
         headers: {
           "Content-Type": "application/json",
@@ -171,7 +171,7 @@ export function use_my_settings({
     }
 
     try {
-      const response = await fetch("/api/auth/update_user", {
+      const response = await fetch("/api/hazo_auth/update_user", {
         method: "PATCH",
         headers: {
           "Content-Type": "application/json",
@@ -304,7 +304,7 @@ export function use_my_settings({
     }
 
     try {
-      const response = await fetch("/api/auth/change_password", {
+      const response = await fetch("/api/hazo_auth/change_password", {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
@@ -371,7 +371,7 @@ export function use_my_settings({
    */
   const handleProfilePictureSave = useCallback(async (profilePictureUrl: string, profileSource: "upload" | "library" | "gravatar") => {
     try {
-      const response = await fetch("/api/auth/update_user", {
+      const response = await fetch("/api/hazo_auth/update_user", {
         method: "PATCH",
         headers: {
           "Content-Type": "application/json",
@@ -408,7 +408,7 @@ export function use_my_settings({
    */
   const handleProfilePictureRemove = useCallback(async () => {
     try {
-      const response = await fetch("/api/auth/remove_profile_picture", {
+      const response = await fetch("/api/hazo_auth/remove_profile_picture", {
         method: "DELETE",
         headers: {
           "Content-Type": "application/json",

package/src/components/layouts/my_settings/index.tsx

@@ -94,7 +94,7 @@ export default function my_settings_layout({
   userFields,
   unauthorizedMessage = "You must be logged in to access this page.",
   loginButtonLabel = "Go to login",
-  loginPath = "/login",
+  loginPath = "/hazo_auth/login",
   heading = "Account Settings",
   subHeading = "Manage your profile, password, and email preferences.",
   profilePhotoLabel = "Profile Photo",

package/src/components/layouts/register/hooks/use_register_form.ts

@@ -194,7 +194,7 @@ export const use_register_form = <TClient,>({
       setErrors({});
 
       try {
-        const response = await fetch("/api/auth/register", {
+        const response = await fetch("/api/hazo_auth/register", {
           method: "POST",
           headers: {
             "Content-Type": "application/json",

package/src/components/layouts/reset_password/hooks/use_reset_password_form.ts

@@ -54,7 +54,7 @@ const buildInitialValues = (): ResetPasswordFormValues => ({
 export const use_reset_password_form = <TClient,>({
   passwordRequirements,
   dataClient,
-  loginPath = "/login",
+  loginPath = "/hazo_auth/login",
 }: UseResetPasswordFormParams<TClient>): UseResetPasswordFormResult => {
   const router = useRouter();
   const searchParams = useSearchParams();
@@ -85,7 +85,7 @@ export const use_reset_password_form = <TClient,>({
       setTokenError(null);
 
       try {
-        const response = await fetch(`/api/auth/validate_reset_token?token=${encodeURIComponent(tokenParam)}`, {
+        const response = await fetch(`/api/hazo_auth/validate_reset_token?token=${encodeURIComponent(tokenParam)}`, {
           method: "GET",
         });
 
@@ -217,7 +217,7 @@ export const use_reset_password_form = <TClient,>({
     setIsSubmitting(true);
 
     try {
-      const response = await fetch("/api/auth/reset_password", {
+      const response = await fetch("/api/hazo_auth/reset_password", {
         method: "POST",
         headers: {
           "Content-Type": "application/json",

package/src/components/layouts/reset_password/index.tsx

@@ -75,8 +75,8 @@ export default function reset_password_layout<TClient>({
   returnHomePath = "/",
   errorMessage = "Reset password link invalid or has expired. Please go to Reset Password page to get a new link.",
   successMessage = "Password reset successfully. Redirecting to login...",
-  loginPath = "/login",
-  forgotPasswordPath = "/forgot_password",
+  loginPath = "/hazo_auth/login",
+  forgotPasswordPath = "/hazo_auth/forgot_password",
 }: ResetPasswordLayoutProps<TClient>) {
   const fieldDefinitions = createResetPasswordFieldDefinitions(field_overrides);
   const resolvedLabels = resolveResetPasswordLabels(labels);

package/src/components/layouts/shared/components/logout_button.tsx

@@ -30,7 +30,7 @@ export function LogoutButton({
     setIsLoggingOut(true);
 
     try {
-      const response = await fetch("/api/auth/logout", {
+      const response = await fetch("/api/hazo_auth/logout", {
         method: "POST",
         headers: {
           "Content-Type": "application/json",

package/src/components/layouts/shared/components/profile_pic_menu.tsx

@@ -47,10 +47,10 @@ export function ProfilePicMenu({
   show_single_button = false,
   sign_up_label = "Sign Up",
   sign_in_label = "Sign In",
-  register_path = "/register",
-  login_path = "/login",
-  settings_path = "/my_settings",
-  logout_path = "/api/auth/logout",
+  register_path = "/hazo_auth/register",
+  login_path = "/hazo_auth/login",
+  settings_path = "/hazo_auth/my_settings",
+  logout_path = "/api/hazo_auth/logout",
   custom_menu_items = [],
   className,
   avatar_size = "default",

package/src/components/layouts/shared/components/sidebar_layout_wrapper.tsx

@@ -17,7 +17,7 @@ import {
   SidebarTrigger,
   SidebarInset,
 } from "@/components/ui/sidebar";
-import { LogIn, UserPlus, BookOpen, ExternalLink, Database, KeyRound, MailCheck, Key, Settings } from "lucide-react";
+import { LogIn, UserPlus, BookOpen, ExternalLink, Database, KeyRound, MailCheck, Key, Settings, User } from "lucide-react";
 import { use_auth_status } from "@/components/layouts/shared/hooks/use_auth_status";
 import { ProfilePicMenu } from "@/components/layouts/shared/components/profile_pic_menu";
 
@@ -50,7 +50,7 @@ export function SidebarLayoutWrapper({ children }: SidebarLayoutWrapperProps) {
                 <SidebarMenuItem className="cls_sidebar_layout_test_login_item">
                   <SidebarMenuButton asChild>
                     <Link
-                      href="/login"
+                      href="/hazo_auth/login"
                       className="cls_sidebar_layout_test_login_link flex items-center gap-2"
                       aria-label="Test login layout component"
                     >
@@ -62,7 +62,7 @@ export function SidebarLayoutWrapper({ children }: SidebarLayoutWrapperProps) {
                 <SidebarMenuItem className="cls_sidebar_layout_test_register_item">
                   <SidebarMenuButton asChild>
                     <Link
-                      href="/register"
+                      href="/hazo_auth/register"
                       className="cls_sidebar_layout_test_register_link flex items-center gap-2"
                       aria-label="Test register layout component"
                     >
@@ -74,7 +74,7 @@ export function SidebarLayoutWrapper({ children }: SidebarLayoutWrapperProps) {
                 <SidebarMenuItem className="cls_sidebar_layout_test_forgot_password_item">
                   <SidebarMenuButton asChild>
                     <Link
-                      href="/forgot_password"
+                      href="/hazo_auth/forgot_password"
                       className="cls_sidebar_layout_test_forgot_password_link flex items-center gap-2"
                       aria-label="Test forgot password layout component"
                     >
@@ -86,7 +86,7 @@ export function SidebarLayoutWrapper({ children }: SidebarLayoutWrapperProps) {
                 <SidebarMenuItem className="cls_sidebar_layout_test_reset_password_item">
                   <SidebarMenuButton asChild>
                     <Link
-                      href="/reset_password"
+                      href="/hazo_auth/reset_password"
                       className="cls_sidebar_layout_test_reset_password_link flex items-center gap-2"
                       aria-label="Test reset password layout component"
                     >
@@ -98,7 +98,7 @@ export function SidebarLayoutWrapper({ children }: SidebarLayoutWrapperProps) {
                 <SidebarMenuItem className="cls_sidebar_layout_test_email_verification_item">
                   <SidebarMenuButton asChild>
                     <Link
-                      href="/verify_email"
+                      href="/hazo_auth/verify_email"
                       className="cls_sidebar_layout_test_email_verification_link flex items-center gap-2"
                       aria-label="Test email verification layout component"
                     >
@@ -119,6 +119,18 @@ export function SidebarLayoutWrapper({ children }: SidebarLayoutWrapperProps) {
                     </Link>
                   </SidebarMenuButton>
                 </SidebarMenuItem>
+                <SidebarMenuItem className="cls_sidebar_layout_user_management_item">
+                  <SidebarMenuButton asChild>
+                    <Link
+                      href="/hazo_auth/user_management"
+                      className="cls_sidebar_layout_user_management_link flex items-center gap-2"
+                      aria-label="Open User Management to manage users, roles, and permissions"
+                    >
+                      <User className="h-4 w-4" aria-hidden="true" />
+                      <span>User Management</span>
+                    </Link>
+                  </SidebarMenuButton>
+                </SidebarMenuItem>
               </SidebarMenu>
             </SidebarGroup>
             {authStatus.authenticated && (
@@ -130,7 +142,7 @@ export function SidebarLayoutWrapper({ children }: SidebarLayoutWrapperProps) {
                   <SidebarMenuItem className="cls_sidebar_layout_my_settings_item">
                     <SidebarMenuButton asChild>
                       <Link
-                        href="/my_settings"
+                        href="/hazo_auth/my_settings"
                         className="cls_sidebar_layout_my_settings_link flex items-center gap-2"
                         aria-label="Open my settings page"
                       >

package/src/components/layouts/shared/components/unauthorized_guard.tsx

@@ -26,7 +26,7 @@ export type UnauthorizedGuardProps = {
 export function UnauthorizedGuard({
   message = "You must be logged in to access this page.",
   loginButtonLabel = "Go to login",
-  loginPath = "/login",
+  loginPath = "/hazo_auth/login",
   children,
 }: UnauthorizedGuardProps) {
   const router = useRouter();

package/src/components/layouts/shared/hooks/use_auth_status.ts

@@ -46,7 +46,7 @@ export function use_auth_status(): AuthStatus {
     setAuthStatus((prev) => ({ ...prev, loading: true }));
 
     try {
-      const response = await fetch("/api/auth/me", {
+      const response = await fetch("/api/hazo_auth/me", {
         method: "GET",
         credentials: "include",
       });

package/src/components/layouts/shared/hooks/use_hazo_auth.ts

@@ -0,0 +1,158 @@
+// file_description: React hook for hazo_get_auth utility (client-side)
+// section: client_directive
+"use client";
+
+// section: imports
+import { useState, useEffect, useCallback } from "react";
+import type { HazoAuthResult } from "@/lib/auth/auth_types";
+
+// section: types
+
+/**
+ * Options for use_hazo_auth hook
+ */
+export type UseHazoAuthOptions = {
+  /**
+   * Array of required permissions to check
+   */
+  required_permissions?: string[];
+  /**
+   * If true, throws error when permissions are missing (default: false)
+   */
+  strict?: boolean;
+  /**
+   * Skip fetch (for conditional use)
+   */
+  skip?: boolean;
+};
+
+/**
+ * Result type for use_hazo_auth hook
+ */
+export type UseHazoAuthResult = HazoAuthResult & {
+  /**
+   * Loading state
+   */
+  loading: boolean;
+  /**
+   * Error state
+   */
+  error: Error | null;
+  /**
+   * Manual refetch function
+   */
+  refetch: () => Promise<void>;
+};
+
+// section: constants
+const AUTH_STATUS_CHANGE_EVENT = "hazo_auth_status_change";
+
+// section: helpers
+
+/**
+ * Triggers a refresh of hazo_auth status across all components
+ * Dispatches a custom event that all use_hazo_auth hooks listen to
+ */
+export function trigger_hazo_auth_refresh(): void {
+  if (typeof window !== "undefined") {
+    window.dispatchEvent(
+      new CustomEvent(AUTH_STATUS_CHANGE_EVENT),
+    );
+  }
+}
+
+// section: hook
+
+/**
+ * React hook for hazo_get_auth utility
+ * Fetches authentication status and permissions from /api/auth/get_auth
+ * @param options - Optional parameters for permission checking
+ * @returns UseHazoAuthResult with auth data, loading state, and refetch function
+ */
+export function use_hazo_auth(
+  options?: UseHazoAuthOptions,
+): UseHazoAuthResult {
+  const [authResult, setAuthResult] = useState<HazoAuthResult>({
+    authenticated: false,
+    user: null,
+    permissions: [],
+    permission_ok: false,
+  });
+  const [loading, setLoading] = useState<boolean>(true);
+  const [error, setError] = useState<Error | null>(null);
+
+  const fetchAuth = useCallback(async () => {
+    if (options?.skip) {
+      setLoading(false);
+      return;
+    }
+
+    setLoading(true);
+    setError(null);
+
+    try {
+      const response = await fetch("/api/hazo_auth/get_auth", {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+        },
+        credentials: "include",
+        body: JSON.stringify({
+          required_permissions: options?.required_permissions,
+          strict: options?.strict || false,
+        }),
+      });
+
+      if (!response.ok) {
+        const error_data = await response.json();
+        throw new Error(
+          error_data.user_friendly_message ||
+            error_data.error ||
+            "Failed to fetch authentication status",
+        );
+      }
+
+      const data = await response.json();
+      setAuthResult(data);
+    } catch (err) {
+      const error_message =
+        err instanceof Error ? err : new Error("Unknown error");
+      setError(error_message);
+      setAuthResult({
+        authenticated: false,
+        user: null,
+        permissions: [],
+        permission_ok: false,
+      });
+    } finally {
+      setLoading(false);
+    }
+  }, [options?.required_permissions, options?.strict, options?.skip]);
+
+  useEffect(() => {
+    // Fetch auth status on mount
+    void fetchAuth();
+
+    // Listen for auth status change events
+    const handleAuthChange = () => {
+      void fetchAuth();
+    };
+
+    window.addEventListener(AUTH_STATUS_CHANGE_EVENT, handleAuthChange);
+
+    return () => {
+      window.removeEventListener(
+        AUTH_STATUS_CHANGE_EVENT,
+        handleAuthChange,
+      );
+    };
+  }, [fetchAuth]);
+
+  return {
+    ...authResult,
+    loading,
+    error,
+    refetch: fetchAuth,
+  };
+}
+