hazo_auth 1.4.1 → 1.6.0

package/dist/app/api/hazo_auth/change_password/route.js

@@ -0,0 +1,98 @@
+// file_description: API route for changing user password
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { change_password } from "../../../../lib/services/password_change_service";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+import { require_auth } from "../../../../lib/auth/auth_utils.server";
+import { get_auth_cache } from "../../../../lib/auth/auth_cache";
+import { get_auth_utility_config } from "../../../../lib/auth_utility_config.server";
+// section: api_handler
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        // Use centralized auth check
+        let user_id;
+        try {
+            const user = await require_auth(request);
+            user_id = user.user_id;
+        }
+        catch (error) {
+            if (error instanceof Error && error.message === "Authentication required") {
+                logger.warn("password_change_authentication_failed", {
+                    filename: get_filename(),
+                    line_number: get_line_number(),
+                    error: "User not authenticated",
+                });
+                return NextResponse.json({ error: "Authentication required" }, { status: 401 });
+            }
+            throw error;
+        }
+        const body = await request.json();
+        const { current_password, new_password } = body;
+        // Validate input
+        if (!current_password || !new_password) {
+            logger.warn("password_change_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: "Missing required fields",
+                has_current_password: !!current_password,
+                has_new_password: !!new_password,
+            });
+            return NextResponse.json({ error: "Current password and new password are required" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance
+        const hazoConnect = get_hazo_connect_instance();
+        // Change password
+        const result = await change_password(hazoConnect, user_id, {
+            current_password,
+            new_password,
+        });
+        if (!result.success) {
+            logger.warn("password_change_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: result.error,
+                user_id,
+            });
+            return NextResponse.json({ error: result.error || "Failed to change password" }, { status: 400 });
+        }
+        // Invalidate user cache after password change
+        try {
+            const config = get_auth_utility_config();
+            const cache = get_auth_cache(config.cache_max_users, config.cache_ttl_minutes, config.cache_max_age_minutes);
+            cache.invalidate_user(user_id);
+        }
+        catch (cache_error) {
+            // Log but don't fail password change if cache invalidation fails
+            const cache_error_message = cache_error instanceof Error ? cache_error.message : "Unknown error";
+            logger.warn("password_change_cache_invalidation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id,
+                error: cache_error_message,
+            });
+        }
+        logger.info("password_change_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id,
+        });
+        return NextResponse.json({
+            success: true,
+            message: "Password changed successfully",
+        }, { status: 200 });
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("password_change_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Failed to change password. Please try again." }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/forgot_password/route.d.ts

@@ -0,0 +1,8 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/forgot_password/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/forgot_password/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;IAgG9C"}

package/dist/app/api/hazo_auth/forgot_password/route.js

@@ -0,0 +1,78 @@
+// file_description: API route for password reset requests using hazo_connect
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { request_password_reset } from "../../../../lib/services/password_reset_service";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+// section: api_handler
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        const body = await request.json();
+        const { email } = body;
+        // Validate input
+        if (!email) {
+            logger.warn("password_reset_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email: email || "missing",
+            });
+            return NextResponse.json({ error: "Email is required" }, { status: 400 });
+        }
+        // Validate email format
+        const email_pattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+        if (!email_pattern.test(email)) {
+            logger.warn("password_reset_invalid_email", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+            });
+            return NextResponse.json({ error: "Invalid email address format" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance (reuses same connection across all routes)
+        const hazoConnect = get_hazo_connect_instance();
+        // Request password reset using the password reset service
+        const result = await request_password_reset(hazoConnect, {
+            email,
+        });
+        if (!result.success) {
+            logger.warn("password_reset_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+                error: result.error,
+            });
+            // Still return 200 OK to prevent email enumeration attacks
+            return NextResponse.json({
+                success: true,
+                message: "If an account with that email exists, a password reset link has been sent.",
+            }, { status: 200 });
+        }
+        logger.info("password_reset_requested", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            email,
+        });
+        // Always return success to prevent email enumeration attacks
+        return NextResponse.json({
+            success: true,
+            message: "If an account with that email exists, a password reset link has been sent.",
+        }, { status: 200 });
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("password_reset_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        // Still return 200 OK to prevent email enumeration attacks
+        return NextResponse.json({
+            success: true,
+            message: "If an account with that email exists, a password reset link has been sent.",
+        }, { status: 200 });
+    }
+}

package/dist/app/api/hazo_auth/get_auth/route.d.ts

@@ -0,0 +1,10 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare const dynamic = "force-dynamic";
+/**
+ * POST - Get authentication status and permissions
+ * Body: { required_permissions?: string[], strict?: boolean }
+ */
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<import("../../../..").HazoAuthResult>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/get_auth/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/get_auth/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,eAAO,MAAM,OAAO,kBAAkB,CAAC;AAGvC;;;GAGG;AACH,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;yDAuE9C"}

package/dist/app/api/hazo_auth/get_auth/route.js

@@ -0,0 +1,63 @@
+// file_description: API route for hazo_get_auth utility (client-side calls)
+// section: imports
+import { NextResponse } from "next/server";
+import { hazo_get_auth } from "../../../../lib/auth/hazo_get_auth.server";
+import { PermissionError } from "../../../../lib/auth/auth_types";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+// section: route_config
+export const dynamic = "force-dynamic";
+// section: api_handler
+/**
+ * POST - Get authentication status and permissions
+ * Body: { required_permissions?: string[], strict?: boolean }
+ */
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        const body = await request.json();
+        const { required_permissions, strict } = body;
+        // Validate required_permissions if provided
+        if (required_permissions !== undefined &&
+            (!Array.isArray(required_permissions) ||
+                !required_permissions.every((p) => typeof p === "string"))) {
+            return NextResponse.json({ error: "required_permissions must be an array of strings" }, { status: 400 });
+        }
+        // Validate strict if provided
+        if (strict !== undefined && typeof strict !== "boolean") {
+            return NextResponse.json({ error: "strict must be a boolean" }, { status: 400 });
+        }
+        // Call hazo_get_auth
+        const result = await hazo_get_auth(request, {
+            required_permissions,
+            strict,
+        });
+        return NextResponse.json(result, { status: 200 });
+    }
+    catch (error) {
+        // Handle PermissionError (strict mode)
+        if (error instanceof PermissionError) {
+            logger.warn("auth_utility_permission_error", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                missing_permissions: error.missing_permissions,
+                required_permissions: error.required_permissions,
+            });
+            return NextResponse.json({
+                error: "Permission denied",
+                missing_permissions: error.missing_permissions,
+                user_friendly_message: error.user_friendly_message,
+            }, { status: 403 });
+        }
+        // Handle other errors
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("auth_utility_api_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: error_message }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/invalidate_cache/route.d.ts

@@ -0,0 +1,14 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare const dynamic = "force-dynamic";
+/**
+ * POST - Manually invalidate auth cache
+ * Body: { user_id?: string, role_ids?: number[], invalidate_all?: boolean }
+ * Requires admin permission (checked via hazo_get_auth)
+ */
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/invalidate_cache/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/invalidate_cache/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAQxD,eAAO,MAAM,OAAO,kBAAkB,CAAC;AAGvC;;;;GAIG;AACH,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;IAuH9C"}

package/dist/app/api/hazo_auth/invalidate_cache/route.js

@@ -0,0 +1,96 @@
+// file_description: API route for manual cache invalidation (admin endpoint)
+// section: imports
+import { NextResponse } from "next/server";
+import { get_auth_cache } from "../../../../lib/auth/auth_cache";
+import { get_auth_utility_config } from "../../../../lib/auth_utility_config.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+import { hazo_get_auth } from "../../../../lib/auth/hazo_get_auth.server";
+// section: route_config
+export const dynamic = "force-dynamic";
+// section: api_handler
+/**
+ * POST - Manually invalidate auth cache
+ * Body: { user_id?: string, role_ids?: number[], invalidate_all?: boolean }
+ * Requires admin permission (checked via hazo_get_auth)
+ */
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        // Check authentication and admin permission
+        const auth_result = await hazo_get_auth(request, {
+            required_permissions: ["admin_user_management"], // Require admin permission
+            strict: true, // Throw error if not authorized
+        });
+        if (!auth_result.authenticated) {
+            return NextResponse.json({ error: "Authentication required" }, { status: 401 });
+        }
+        const body = await request.json();
+        const { user_id, role_ids, invalidate_all } = body;
+        // Validate input
+        if (invalidate_all !== undefined && typeof invalidate_all !== "boolean") {
+            return NextResponse.json({ error: "invalidate_all must be a boolean" }, { status: 400 });
+        }
+        if (user_id !== undefined && typeof user_id !== "string") {
+            return NextResponse.json({ error: "user_id must be a string" }, { status: 400 });
+        }
+        if (role_ids !== undefined &&
+            (!Array.isArray(role_ids) ||
+                !role_ids.every((id) => typeof id === "number"))) {
+            return NextResponse.json({ error: "role_ids must be an array of numbers" }, { status: 400 });
+        }
+        const config = get_auth_utility_config();
+        const cache = get_auth_cache(config.cache_max_users, config.cache_ttl_minutes, config.cache_max_age_minutes);
+        // Perform invalidation
+        if (invalidate_all === true) {
+            cache.invalidate_all();
+            logger.info("auth_cache_invalidated_all", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id: auth_result.user.id,
+            });
+        }
+        else if (user_id) {
+            cache.invalidate_user(user_id);
+            logger.info("auth_cache_invalidated_user", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                invalidated_user_id: user_id,
+                admin_user_id: auth_result.user.id,
+            });
+        }
+        else if (role_ids && role_ids.length > 0) {
+            cache.invalidate_by_roles(role_ids);
+            logger.info("auth_cache_invalidated_roles", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                role_ids,
+                admin_user_id: auth_result.user.id,
+            });
+        }
+        else {
+            return NextResponse.json({
+                error: "Must provide user_id, role_ids, or invalidate_all=true",
+            }, { status: 400 });
+        }
+        return NextResponse.json({
+            success: true,
+            message: "Cache invalidated successfully",
+        }, { status: 200 });
+    }
+    catch (error) {
+        // Handle PermissionError (strict mode)
+        if (error instanceof Error && error.name === "PermissionError") {
+            return NextResponse.json({ error: "Permission denied. Admin access required." }, { status: 403 });
+        }
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("auth_cache_invalidation_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Failed to invalidate cache" }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/library_photos/route.d.ts

@@ -0,0 +1,13 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare const dynamic = "force-dynamic";
+export declare function GET(request: NextRequest): Promise<NextResponse<{
+    success: boolean;
+    category: string;
+    photos: string[];
+}> | NextResponse<{
+    success: boolean;
+    categories: string[];
+}> | NextResponse<{
+    error: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/library_photos/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/library_photos/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAMxD,eAAO,MAAM,OAAO,kBAAkB,CAAC;AAGvC,wBAAsB,GAAG,CAAC,OAAO,EAAE,WAAW;;;;;;;;;IA4D7C"}

package/dist/app/api/hazo_auth/library_photos/route.js

@@ -0,0 +1,55 @@
+// file_description: API route for listing library photo categories and photos in categories
+// section: imports
+import { NextResponse } from "next/server";
+import { get_library_categories, get_library_photos } from "../../../../lib/services/profile_picture_service";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+// section: route_config
+export const dynamic = 'force-dynamic';
+// section: api_handler
+export async function GET(request) {
+    const logger = create_app_logger();
+    try {
+        const { searchParams } = new URL(request.url);
+        const category = searchParams.get("category");
+        if (category) {
+            // Return photos in the specified category
+            const photos = get_library_photos(category);
+            logger.info("library_photos_category_requested", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                category,
+                photoCount: photos.length,
+            });
+            return NextResponse.json({
+                success: true,
+                category,
+                photos,
+            }, { status: 200 });
+        }
+        else {
+            // Return list of categories
+            const categories = get_library_categories();
+            logger.info("library_categories_requested", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                categoryCount: categories.length,
+            });
+            return NextResponse.json({
+                success: true,
+                categories,
+            }, { status: 200 });
+        }
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("library_photos_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Failed to fetch library photos" }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/login/route.d.ts

@@ -0,0 +1,12 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+    user_id: string;
+    email: any;
+    name: string | undefined;
+    redirectUrl: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/login/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/login/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AASxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;;;;;IAwK9C"}

package/dist/app/api/hazo_auth/login/route.js

@@ -0,0 +1,140 @@
+// file_description: API route for user login authentication using hazo_connect
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { authenticate_user } from "../../../../lib/services/login_service";
+import { createCrudService } from "hazo_connect/server";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+import { get_login_config } from "../../../../lib/login_config.server";
+// section: api_handler
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        const body = await request.json();
+        const { email, password, url_on_logon } = body;
+        // Validate input
+        if (!email || !password) {
+            logger.warn("login_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email: email || "missing",
+                has_password: !!password,
+            });
+            return NextResponse.json({ error: "Email and password are required" }, { status: 400 });
+        }
+        // Validate email format
+        const email_pattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+        if (!email_pattern.test(email)) {
+            logger.warn("login_invalid_email", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+            });
+            return NextResponse.json({ error: "Invalid email address format" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance (reuses same connection across all routes)
+        const hazoConnect = get_hazo_connect_instance();
+        // Authenticate user using the login service
+        const result = await authenticate_user(hazoConnect, {
+            email,
+            password,
+        });
+        if (!result.success) {
+            const status_code = result.error === "Invalid email or password" ? 401 : 500;
+            logger.warn("login_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+                error: result.error,
+                email_not_verified: result.email_not_verified || false,
+            });
+            return NextResponse.json({
+                error: result.error || "Login failed",
+                email_not_verified: result.email_not_verified || false,
+            }, { status: status_code });
+        }
+        // TypeScript assertion: user_id is guaranteed to be present when success is true
+        // However, we need to check it to satisfy TypeScript's type checking
+        if (!result.user_id) {
+            logger.error("login_user_id_missing", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+                note: "Login succeeded but user_id is missing - this should not happen",
+            });
+            return NextResponse.json({ error: "Login failed - user ID not found" }, { status: 500 });
+        }
+        const user_id = result.user_id;
+        logger.info("login_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id: user_id,
+            email,
+        });
+        // Reuse the existing hazoConnect instance from above
+        const users_service = createCrudService(hazoConnect, "hazo_users");
+        const users = await users_service.findBy({
+            id: user_id,
+        });
+        const user = users && users.length > 0 ? users[0] : null;
+        const user_name = user === null || user === void 0 ? void 0 : user.name;
+        // Determine redirect URL priority:
+        // 1. url_on_logon from request body (if valid)
+        // 2. stored_url_on_logon from database (if available)
+        // 3. redirect_route_on_successful_login from config
+        // 4. Default to "/"
+        let redirectUrl = "/";
+        // Check priority 1: Request body
+        if (url_on_logon && typeof url_on_logon === "string" && url_on_logon.startsWith("/") && !url_on_logon.startsWith("//")) {
+            redirectUrl = url_on_logon;
+        }
+        // Check priority 2: Stored URL from DB
+        else if (result.stored_url_on_logon && typeof result.stored_url_on_logon === "string") {
+            redirectUrl = result.stored_url_on_logon;
+        }
+        // Check priority 3: Config
+        else {
+            const loginConfig = get_login_config();
+            if (loginConfig.redirectRoute) {
+                redirectUrl = loginConfig.redirectRoute;
+            }
+        }
+        // Create response with cookies
+        const response = NextResponse.json({
+            success: true,
+            message: "Login successful",
+            user_id: user_id,
+            email,
+            name: user_name,
+            redirectUrl,
+        }, { status: 200 });
+        // Set authentication cookies
+        response.cookies.set("hazo_auth_user_id", user_id, {
+            httpOnly: true,
+            secure: process.env.NODE_ENV === "production",
+            sameSite: "lax",
+            path: "/",
+            maxAge: 60 * 60 * 24 * 30, // 30 days
+        });
+        response.cookies.set("hazo_auth_user_email", email, {
+            httpOnly: true,
+            secure: process.env.NODE_ENV === "production",
+            sameSite: "lax",
+            path: "/",
+            maxAge: 60 * 60 * 24 * 30, // 30 days
+        });
+        return response;
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("login_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Login failed. Please try again." }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/logout/route.d.ts

@@ -0,0 +1,8 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    success: boolean;
+    message: string;
+}> | NextResponse<{
+    error: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/logout/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/logout/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;IA8E9C"}