npm - hazo_auth - Versions diffs - 1.4.2 → 1.6.1 - Mend

hazo_auth 1.4.2 → 1.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (354) hide show

package/README.md +65 -19
package/SETUP_CHECKLIST.md +779 -0
package/dist/app/api/hazo_auth/change_password/route.d.ts +8 -0
package/dist/app/api/hazo_auth/change_password/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/change_password/route.js +98 -0
package/dist/app/api/hazo_auth/forgot_password/route.d.ts +8 -0
package/dist/app/api/hazo_auth/forgot_password/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/forgot_password/route.js +78 -0
package/dist/app/api/hazo_auth/get_auth/route.d.ts +10 -0
package/dist/app/api/hazo_auth/get_auth/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/get_auth/route.js +63 -0
package/dist/app/api/hazo_auth/invalidate_cache/route.d.ts +14 -0
package/dist/app/api/hazo_auth/invalidate_cache/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/invalidate_cache/route.js +96 -0
package/dist/app/api/hazo_auth/library_photo/[category]/[filename]/route.d.ts +9 -0
package/dist/app/api/hazo_auth/library_photo/[category]/[filename]/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/library_photo/[category]/[filename]/route.js +82 -0
package/dist/app/api/hazo_auth/library_photos/route.d.ts +22 -0
package/dist/app/api/hazo_auth/library_photos/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/library_photos/route.js +80 -0
package/dist/app/api/hazo_auth/login/route.d.ts +12 -0
package/dist/app/api/hazo_auth/login/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/login/route.js +140 -0
package/dist/app/api/hazo_auth/logout/route.d.ts +8 -0
package/dist/app/api/hazo_auth/logout/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/logout/route.js +71 -0
package/dist/app/api/hazo_auth/me/route.d.ts +3 -0
package/dist/app/api/hazo_auth/me/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/me/route.js +34 -0
package/dist/app/api/hazo_auth/profile_picture/[filename]/route.d.ts +7 -0
package/dist/app/api/hazo_auth/profile_picture/[filename]/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/profile_picture/[filename]/route.js +43 -0
package/dist/app/api/hazo_auth/register/route.d.ts +9 -0
package/dist/app/api/hazo_auth/register/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/register/route.js +80 -0
package/dist/app/api/hazo_auth/remove_profile_picture/route.d.ts +8 -0
package/dist/app/api/hazo_auth/remove_profile_picture/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/remove_profile_picture/route.js +64 -0
package/dist/app/api/hazo_auth/resend_verification/route.d.ts +8 -0
package/dist/app/api/hazo_auth/resend_verification/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/resend_verification/route.js +79 -0
package/dist/app/api/hazo_auth/reset_password/route.d.ts +8 -0
package/dist/app/api/hazo_auth/reset_password/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/reset_password/route.js +76 -0
package/dist/app/api/hazo_auth/update_user/route.d.ts +9 -0
package/dist/app/api/hazo_auth/update_user/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/update_user/route.js +95 -0
package/dist/app/api/hazo_auth/upload_profile_picture/route.d.ts +9 -0
package/dist/app/api/hazo_auth/upload_profile_picture/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/upload_profile_picture/route.js +204 -0
package/dist/app/api/hazo_auth/validate_reset_token/route.d.ts +6 -0
package/dist/app/api/hazo_auth/validate_reset_token/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/validate_reset_token/route.js +58 -0
package/dist/app/api/hazo_auth/verify_email/route.d.ts +11 -0
package/dist/app/api/hazo_auth/verify_email/route.d.ts.map +1 -0
package/dist/app/api/hazo_auth/verify_email/route.js +63 -0
package/dist/cli/generate.d.ts +7 -0
package/dist/cli/generate.d.ts.map +1 -0
package/dist/cli/generate.js +184 -0
package/dist/cli/index.d.ts +3 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +173 -0
package/dist/cli/init.d.ts +2 -0
package/dist/cli/init.d.ts.map +1 -0
package/dist/cli/init.js +201 -0
package/dist/cli/validate.d.ts +15 -0
package/dist/cli/validate.d.ts.map +1 -0
package/dist/cli/validate.js +509 -0
package/dist/components/ui/card.d.ts +9 -0
package/dist/components/ui/card.d.ts.map +1 -0
package/dist/components/ui/card.js +45 -0
package/dist/hooks/use-mobile.d.ts.map +1 -1
package/dist/hooks/use-mobile.js +17 -3
package/dist/lib/services/profile_picture_service.d.ts +34 -2
package/dist/lib/services/profile_picture_service.d.ts.map +1 -1
package/dist/lib/services/profile_picture_service.js +157 -15
package/dist/page_components/forgot_password.d.ts +19 -0
package/dist/page_components/forgot_password.d.ts.map +1 -0
package/dist/page_components/forgot_password.js +36 -0
package/dist/page_components/index.d.ts +7 -0
package/dist/page_components/index.d.ts.map +1 -0
package/dist/page_components/index.js +9 -0
package/dist/page_components/login.d.ts +26 -0
package/dist/page_components/login.d.ts.map +1 -0
package/dist/page_components/login.js +40 -0
package/dist/page_components/my_settings.d.ts +64 -0
package/dist/page_components/my_settings.d.ts.map +1 -0
package/dist/page_components/my_settings.js +67 -0
package/dist/page_components/register.d.ts +25 -0
package/dist/page_components/register.d.ts.map +1 -0
package/dist/page_components/register.js +43 -0
package/dist/page_components/reset_password.d.ts +25 -0
package/dist/page_components/reset_password.d.ts.map +1 -0
package/dist/page_components/reset_password.js +43 -0
package/dist/page_components/verify_email.d.ts +21 -0
package/dist/page_components/verify_email.d.ts.map +1 -0
package/dist/page_components/verify_email.js +36 -0
package/dist/server/routes/change_password.d.ts +2 -0
package/dist/server/routes/change_password.d.ts.map +1 -0
package/dist/server/routes/change_password.js +2 -0
package/dist/server/routes/forgot_password.d.ts +2 -0
package/dist/server/routes/forgot_password.d.ts.map +1 -0
package/dist/server/routes/forgot_password.js +2 -0
package/dist/server/routes/get_auth.d.ts +2 -0
package/dist/server/routes/get_auth.d.ts.map +1 -0
package/dist/server/routes/get_auth.js +2 -0
package/dist/server/routes/index.d.ts +19 -0
package/dist/server/routes/index.d.ts.map +1 -0
package/dist/server/routes/index.js +25 -0
package/dist/server/routes/invalidate_cache.d.ts +2 -0
package/dist/server/routes/invalidate_cache.d.ts.map +1 -0
package/dist/server/routes/invalidate_cache.js +2 -0
package/dist/server/routes/library_photo.d.ts +2 -0
package/dist/server/routes/library_photo.d.ts.map +1 -0
package/dist/server/routes/library_photo.js +3 -0
package/dist/server/routes/library_photos.d.ts +2 -0
package/dist/server/routes/library_photos.d.ts.map +1 -0
package/dist/server/routes/library_photos.js +2 -0
package/dist/server/routes/login.d.ts +2 -0
package/dist/server/routes/login.d.ts.map +1 -0
package/dist/server/routes/login.js +2 -0
package/dist/server/routes/logout.d.ts +2 -0
package/dist/server/routes/logout.d.ts.map +1 -0
package/dist/server/routes/logout.js +2 -0
package/dist/server/routes/me.d.ts +2 -0
package/dist/server/routes/me.d.ts.map +1 -0
package/dist/server/routes/me.js +2 -0
package/dist/server/routes/profile_picture_filename.d.ts +2 -0
package/dist/server/routes/profile_picture_filename.d.ts.map +1 -0
package/dist/server/routes/profile_picture_filename.js +3 -0
package/dist/server/routes/register.d.ts +2 -0
package/dist/server/routes/register.d.ts.map +1 -0
package/dist/server/routes/register.js +2 -0
package/dist/server/routes/remove_profile_picture.d.ts +2 -0
package/dist/server/routes/remove_profile_picture.d.ts.map +1 -0
package/dist/server/routes/remove_profile_picture.js +2 -0
package/dist/server/routes/resend_verification.d.ts +2 -0
package/dist/server/routes/resend_verification.d.ts.map +1 -0
package/dist/server/routes/resend_verification.js +2 -0
package/dist/server/routes/reset_password.d.ts +2 -0
package/dist/server/routes/reset_password.d.ts.map +1 -0
package/dist/server/routes/reset_password.js +2 -0
package/dist/server/routes/update_user.d.ts +2 -0
package/dist/server/routes/update_user.d.ts.map +1 -0
package/dist/server/routes/update_user.js +2 -0
package/dist/server/routes/upload_profile_picture.d.ts +2 -0
package/dist/server/routes/upload_profile_picture.d.ts.map +1 -0
package/dist/server/routes/upload_profile_picture.js +2 -0
package/dist/server/routes/validate_reset_token.d.ts +2 -0
package/dist/server/routes/validate_reset_token.d.ts.map +1 -0
package/dist/server/routes/validate_reset_token.js +2 -0
package/dist/server/routes/verify_email.d.ts +2 -0
package/dist/server/routes/verify_email.d.ts.map +1 -0
package/dist/server/routes/verify_email.js +2 -0
package/package.json +40 -17
package/components.json +0 -22
package/instrumentation.ts +0 -32
package/migrations/001_add_token_type_to_refresh_tokens.sql +0 -14
package/migrations/002_add_name_to_hazo_users.sql +0 -7
package/migrations/003_add_url_on_logon_to_hazo_users.sql +0 -8
package/next.config.mjs +0 -67
package/postcss.config.mjs +0 -8
package/public/file.svg +0 -1
package/public/globe.svg +0 -1
package/public/next.svg +0 -1
package/public/vercel.svg +0 -1
package/public/window.svg +0 -1
package/scripts/apply_migration.ts +0 -118
package/scripts/init_users.ts +0 -378
package/src/app/api/hazo_auth/auth/upload_profile_picture/route.ts +0 -268
package/src/app/api/hazo_auth/change_password/route.ts +0 -132
package/src/app/api/hazo_auth/forgot_password/route.ts +0 -107
package/src/app/api/hazo_auth/get_auth/route.ts +0 -89
package/src/app/api/hazo_auth/invalidate_cache/route.ts +0 -139
package/src/app/api/hazo_auth/library_photos/route.ts +0 -73
package/src/app/api/hazo_auth/login/route.ts +0 -181
package/src/app/api/hazo_auth/logout/route.ts +0 -89
package/src/app/api/hazo_auth/me/route.ts +0 -47
package/src/app/api/hazo_auth/profile_picture/[filename]/route.ts +0 -67
package/src/app/api/hazo_auth/register/route.ts +0 -109
package/src/app/api/hazo_auth/remove_profile_picture/route.ts +0 -86
package/src/app/api/hazo_auth/resend_verification/route.ts +0 -108
package/src/app/api/hazo_auth/reset_password/route.ts +0 -107
package/src/app/api/hazo_auth/update_user/route.ts +0 -126
package/src/app/api/hazo_auth/upload_profile_picture/route.ts +0 -268
package/src/app/api/hazo_auth/user_management/permissions/route.ts +0 -367
package/src/app/api/hazo_auth/user_management/roles/route.ts +0 -442
package/src/app/api/hazo_auth/user_management/users/roles/route.ts +0 -367
package/src/app/api/hazo_auth/user_management/users/route.ts +0 -239
package/src/app/api/hazo_auth/validate_reset_token/route.ts +0 -83
package/src/app/api/hazo_auth/verify_email/route.ts +0 -88
package/src/app/api/migrations/apply/route.ts +0 -91
package/src/app/favicon.ico +0 -0
package/src/app/fonts/GeistMonoVF.woff +0 -0
package/src/app/fonts/GeistVF.woff +0 -0
package/src/app/globals.css +0 -89
package/src/app/hazo_auth/forgot_password/forgot_password_page_client.tsx +0 -60
package/src/app/hazo_auth/forgot_password/page.tsx +0 -24
package/src/app/hazo_auth/login/login_page_client.tsx +0 -86
package/src/app/hazo_auth/login/page.tsx +0 -38
package/src/app/hazo_auth/my_settings/my_settings_page_client.tsx +0 -120
package/src/app/hazo_auth/my_settings/page.tsx +0 -40
package/src/app/hazo_auth/register/page.tsx +0 -36
package/src/app/hazo_auth/register/register_page_client.tsx +0 -81
package/src/app/hazo_auth/reset_password/page.tsx +0 -29
package/src/app/hazo_auth/reset_password/reset_password_page_client.tsx +0 -81
package/src/app/hazo_auth/user_management/page.tsx +0 -14
package/src/app/hazo_auth/user_management/user_management_page_client.tsx +0 -16
package/src/app/hazo_auth/verify_email/page.tsx +0 -24
package/src/app/hazo_auth/verify_email/verify_email_page_client.tsx +0 -60
package/src/app/hazo_connect/api/sqlite/data/route.ts +0 -203
package/src/app/hazo_connect/api/sqlite/schema/route.ts +0 -45
package/src/app/hazo_connect/api/sqlite/tables/route.ts +0 -36
package/src/app/hazo_connect/sqlite_admin/page.tsx +0 -51
package/src/app/hazo_connect/sqlite_admin/sqlite-admin-client.tsx +0 -984
package/src/app/layout.tsx +0 -43
package/src/app/page.tsx +0 -170
package/src/components/index.ts +0 -7
package/src/components/layouts/email_verification/config/email_verification_field_config.ts +0 -86
package/src/components/layouts/email_verification/hooks/use_email_verification.ts +0 -297
package/src/components/layouts/email_verification/index.tsx +0 -297
package/src/components/layouts/forgot_password/config/forgot_password_field_config.ts +0 -58
package/src/components/layouts/forgot_password/hooks/use_forgot_password_form.ts +0 -179
package/src/components/layouts/forgot_password/index.tsx +0 -168
package/src/components/layouts/index.ts +0 -26
package/src/components/layouts/login/config/login_field_config.ts +0 -67
package/src/components/layouts/login/hooks/use_login_form.ts +0 -286
package/src/components/layouts/login/index.tsx +0 -252
package/src/components/layouts/my_settings/components/editable_field.tsx +0 -177
package/src/components/layouts/my_settings/components/password_change_dialog.tsx +0 -301
package/src/components/layouts/my_settings/components/profile_picture_dialog.tsx +0 -385
package/src/components/layouts/my_settings/components/profile_picture_display.tsx +0 -66
package/src/components/layouts/my_settings/components/profile_picture_gravatar_tab.tsx +0 -143
package/src/components/layouts/my_settings/components/profile_picture_library_tab.tsx +0 -311
package/src/components/layouts/my_settings/components/profile_picture_upload_tab.tsx +0 -341
package/src/components/layouts/my_settings/config/my_settings_field_config.ts +0 -61
package/src/components/layouts/my_settings/hooks/use_my_settings.ts +0 -458
package/src/components/layouts/my_settings/index.tsx +0 -351
package/src/components/layouts/register/config/register_field_config.ts +0 -101
package/src/components/layouts/register/hooks/use_register_form.ts +0 -275
package/src/components/layouts/register/index.tsx +0 -226
package/src/components/layouts/reset_password/config/reset_password_field_config.ts +0 -86
package/src/components/layouts/reset_password/hooks/use_reset_password_form.ts +0 -276
package/src/components/layouts/reset_password/index.tsx +0 -294
package/src/components/layouts/shared/components/already_logged_in_guard.tsx +0 -95
package/src/components/layouts/shared/components/auth_page_shell.tsx +0 -36
package/src/components/layouts/shared/components/field_error_message.tsx +0 -29
package/src/components/layouts/shared/components/form_action_buttons.tsx +0 -64
package/src/components/layouts/shared/components/form_field_wrapper.tsx +0 -44
package/src/components/layouts/shared/components/form_header.tsx +0 -36
package/src/components/layouts/shared/components/logout_button.tsx +0 -76
package/src/components/layouts/shared/components/password_field.tsx +0 -72
package/src/components/layouts/shared/components/profile_pic_menu.tsx +0 -321
package/src/components/layouts/shared/components/profile_pic_menu_wrapper.tsx +0 -40
package/src/components/layouts/shared/components/sidebar_layout_wrapper.tsx +0 -214
package/src/components/layouts/shared/components/standalone_layout_wrapper.tsx +0 -53
package/src/components/layouts/shared/components/two_column_auth_layout.tsx +0 -44
package/src/components/layouts/shared/components/unauthorized_guard.tsx +0 -78
package/src/components/layouts/shared/components/visual_panel.tsx +0 -41
package/src/components/layouts/shared/config/layout_customization.ts +0 -95
package/src/components/layouts/shared/data/layout_data_client.ts +0 -19
package/src/components/layouts/shared/hooks/use_auth_status.ts +0 -103
package/src/components/layouts/shared/hooks/use_hazo_auth.ts +0 -158
package/src/components/layouts/shared/index.ts +0 -34
package/src/components/layouts/shared/utils/ip_address.ts +0 -37
package/src/components/layouts/shared/utils/validation.ts +0 -66
package/src/components/layouts/user_management/components/roles_matrix.tsx +0 -607
package/src/components/layouts/user_management/index.tsx +0 -1295
package/src/components/ui/alert-dialog.tsx +0 -141
package/src/components/ui/avatar.tsx +0 -50
package/src/components/ui/button.tsx +0 -57
package/src/components/ui/checkbox.tsx +0 -30
package/src/components/ui/dialog.tsx +0 -122
package/src/components/ui/dropdown-menu.tsx +0 -201
package/src/components/ui/hazo_ui_tooltip.tsx +0 -67
package/src/components/ui/index.ts +0 -22
package/src/components/ui/input.tsx +0 -22
package/src/components/ui/label.tsx +0 -26
package/src/components/ui/separator.tsx +0 -31
package/src/components/ui/sheet.tsx +0 -139
package/src/components/ui/sidebar.tsx +0 -773
package/src/components/ui/skeleton.tsx +0 -15
package/src/components/ui/sonner.tsx +0 -31
package/src/components/ui/switch.tsx +0 -29
package/src/components/ui/table.tsx +0 -120
package/src/components/ui/tabs.tsx +0 -55
package/src/components/ui/tooltip.tsx +0 -32
package/src/components/ui/vertical-tabs.tsx +0 -59
package/src/hooks/use-mobile.tsx +0 -19
package/src/index.ts +0 -7
package/src/lib/already_logged_in_config.server.ts +0 -46
package/src/lib/app_logger.ts +0 -24
package/src/lib/auth/auth_cache.ts +0 -220
package/src/lib/auth/auth_rate_limiter.ts +0 -121
package/src/lib/auth/auth_types.ts +0 -65
package/src/lib/auth/auth_utils.server.ts +0 -196
package/src/lib/auth/hazo_get_auth.server.ts +0 -333
package/src/lib/auth/index.ts +0 -23
package/src/lib/auth/server_auth.ts +0 -88
package/src/lib/auth_utility_config.server.ts +0 -136
package/src/lib/config/config_loader.server.ts +0 -164
package/src/lib/email_verification_config.server.ts +0 -32
package/src/lib/file_types_config.server.ts +0 -25
package/src/lib/forgot_password_config.server.ts +0 -32
package/src/lib/hazo_connect_instance.server.ts +0 -101
package/src/lib/hazo_connect_setup.server.ts +0 -194
package/src/lib/hazo_connect_setup.ts +0 -54
package/src/lib/index.ts +0 -44
package/src/lib/login_config.server.ts +0 -71
package/src/lib/messages_config.server.ts +0 -45
package/src/lib/migrations/apply_migration.ts +0 -105
package/src/lib/my_settings_config.server.ts +0 -135
package/src/lib/password_requirements_config.server.ts +0 -39
package/src/lib/profile_pic_menu_config.server.ts +0 -138
package/src/lib/profile_picture_config.server.ts +0 -56
package/src/lib/register_config.server.ts +0 -73
package/src/lib/reset_password_config.server.ts +0 -75
package/src/lib/services/email_service.ts +0 -581
package/src/lib/services/email_verification_service.ts +0 -270
package/src/lib/services/index.ts +0 -15
package/src/lib/services/login_service.ts +0 -134
package/src/lib/services/password_change_service.ts +0 -154
package/src/lib/services/password_reset_service.ts +0 -405
package/src/lib/services/profile_picture_remove_service.ts +0 -120
package/src/lib/services/profile_picture_service.ts +0 -215
package/src/lib/services/profile_picture_source_mapper.ts +0 -62
package/src/lib/services/registration_service.ts +0 -184
package/src/lib/services/token_service.ts +0 -240
package/src/lib/services/user_profiles_service.ts +0 -143
package/src/lib/services/user_update_service.ts +0 -141
package/src/lib/ui_shell_config.server.ts +0 -73
package/src/lib/ui_sizes_config.server.ts +0 -37
package/src/lib/user_fields_config.server.ts +0 -31
package/src/lib/user_management_config.server.ts +0 -39
package/src/lib/utils/api_route_helpers.ts +0 -60
package/src/lib/utils/error_sanitizer.ts +0 -75
package/src/lib/utils.ts +0 -11
package/src/middleware.ts +0 -94
package/src/routes/index.ts +0 -34
package/src/server/config/config_loader.ts +0 -496
package/src/server/index.ts +0 -38
package/src/server/logging/logger_service.ts +0 -56
package/src/server/routes/root_router.ts +0 -16
package/src/server/server.ts +0 -28
package/src/server/types/app_types.ts +0 -74
package/src/server/types/express.d.ts +0 -16
package/src/stories/email_verification_layout.stories.tsx +0 -137
package/src/stories/forgot_password_layout.stories.tsx +0 -85
package/src/stories/login_layout.stories.tsx +0 -85
package/src/stories/project_overview.stories.tsx +0 -33
package/src/stories/register_layout.stories.tsx +0 -107
package/tailwind.config.ts +0 -77
package/tsconfig.build.json +0 -36
package/tsconfig.json +0 -28

package/dist/app/api/hazo_auth/login/route.js ADDED Viewed

@@ -0,0 +1,140 @@
+// file_description: API route for user login authentication using hazo_connect
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { authenticate_user } from "../../../../lib/services/login_service";
+import { createCrudService } from "hazo_connect/server";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+import { get_login_config } from "../../../../lib/login_config.server";
+// section: api_handler
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        const body = await request.json();
+        const { email, password, url_on_logon } = body;
+        // Validate input
+        if (!email || !password) {
+            logger.warn("login_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email: email || "missing",
+                has_password: !!password,
+            });
+            return NextResponse.json({ error: "Email and password are required" }, { status: 400 });
+        }
+        // Validate email format
+        const email_pattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+        if (!email_pattern.test(email)) {
+            logger.warn("login_invalid_email", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+            });
+            return NextResponse.json({ error: "Invalid email address format" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance (reuses same connection across all routes)
+        const hazoConnect = get_hazo_connect_instance();
+        // Authenticate user using the login service
+        const result = await authenticate_user(hazoConnect, {
+            email,
+            password,
+        });
+        if (!result.success) {
+            const status_code = result.error === "Invalid email or password" ? 401 : 500;
+            logger.warn("login_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+                error: result.error,
+                email_not_verified: result.email_not_verified || false,
+            });
+            return NextResponse.json({
+                error: result.error || "Login failed",
+                email_not_verified: result.email_not_verified || false,
+            }, { status: status_code });
+        }
+        // TypeScript assertion: user_id is guaranteed to be present when success is true
+        // However, we need to check it to satisfy TypeScript's type checking
+        if (!result.user_id) {
+            logger.error("login_user_id_missing", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+                note: "Login succeeded but user_id is missing - this should not happen",
+            });
+            return NextResponse.json({ error: "Login failed - user ID not found" }, { status: 500 });
+        }
+        const user_id = result.user_id;
+        logger.info("login_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id: user_id,
+            email,
+        });
+        // Reuse the existing hazoConnect instance from above
+        const users_service = createCrudService(hazoConnect, "hazo_users");
+        const users = await users_service.findBy({
+            id: user_id,
+        });
+        const user = users && users.length > 0 ? users[0] : null;
+        const user_name = user === null || user === void 0 ? void 0 : user.name;
+        // Determine redirect URL priority:
+        // 1. url_on_logon from request body (if valid)
+        // 2. stored_url_on_logon from database (if available)
+        // 3. redirect_route_on_successful_login from config
+        // 4. Default to "/"
+        let redirectUrl = "/";
+        // Check priority 1: Request body
+        if (url_on_logon && typeof url_on_logon === "string" && url_on_logon.startsWith("/") && !url_on_logon.startsWith("//")) {
+            redirectUrl = url_on_logon;
+        }
+        // Check priority 2: Stored URL from DB
+        else if (result.stored_url_on_logon && typeof result.stored_url_on_logon === "string") {
+            redirectUrl = result.stored_url_on_logon;
+        }
+        // Check priority 3: Config
+        else {
+            const loginConfig = get_login_config();
+            if (loginConfig.redirectRoute) {
+                redirectUrl = loginConfig.redirectRoute;
+            }
+        }
+        // Create response with cookies
+        const response = NextResponse.json({
+            success: true,
+            message: "Login successful",
+            user_id: user_id,
+            email,
+            name: user_name,
+            redirectUrl,
+        }, { status: 200 });
+        // Set authentication cookies
+        response.cookies.set("hazo_auth_user_id", user_id, {
+            httpOnly: true,
+            secure: process.env.NODE_ENV === "production",
+            sameSite: "lax",
+            path: "/",
+            maxAge: 60 * 60 * 24 * 30, // 30 days
+        });
+        response.cookies.set("hazo_auth_user_email", email, {
+            httpOnly: true,
+            secure: process.env.NODE_ENV === "production",
+            sameSite: "lax",
+            path: "/",
+            maxAge: 60 * 60 * 24 * 30, // 30 days
+        });
+        return response;
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("login_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Login failed. Please try again." }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/logout/route.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    success: boolean;
+    message: string;
+}> | NextResponse<{
+    error: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/logout/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/logout/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;IA8E9C"}

package/dist/app/api/hazo_auth/logout/route.js ADDED Viewed

@@ -0,0 +1,71 @@
+// file_description: API route for user logout
+// section: imports
+import { NextResponse } from "next/server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+import { get_auth_cache } from "../../../../lib/auth/auth_cache";
+import { get_auth_utility_config } from "../../../../lib/auth_utility_config.server";
+// section: api_handler
+export async function POST(request) {
+    var _a, _b;
+    const logger = create_app_logger();
+    try {
+        // Get user info from cookie before clearing
+        const user_email = (_a = request.cookies.get("hazo_auth_user_email")) === null || _a === void 0 ? void 0 : _a.value;
+        const user_id = (_b = request.cookies.get("hazo_auth_user_id")) === null || _b === void 0 ? void 0 : _b.value;
+        // Clear authentication cookies
+        const response = NextResponse.json({
+            success: true,
+            message: "Logout successful",
+        }, { status: 200 });
+        // Clear cookies by setting them to expire in the past
+        response.cookies.set("hazo_auth_user_email", "", {
+            expires: new Date(0),
+            path: "/",
+        });
+        response.cookies.set("hazo_auth_user_id", "", {
+            expires: new Date(0),
+            path: "/",
+        });
+        // Invalidate user cache
+        if (user_id) {
+            try {
+                const config = get_auth_utility_config();
+                const cache = get_auth_cache(config.cache_max_users, config.cache_ttl_minutes, config.cache_max_age_minutes);
+                cache.invalidate_user(user_id);
+            }
+            catch (cache_error) {
+                // Log but don't fail logout if cache invalidation fails
+                const cache_error_message = cache_error instanceof Error
+                    ? cache_error.message
+                    : "Unknown error";
+                logger.warn("logout_cache_invalidation_failed", {
+                    filename: get_filename(),
+                    line_number: get_line_number(),
+                    user_id,
+                    error: cache_error_message,
+                });
+            }
+        }
+        if (user_email || user_id) {
+            logger.info("logout_successful", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id: user_id || "unknown",
+                email: user_email || "unknown",
+            });
+        }
+        return response;
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("logout_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Logout failed. Please try again." }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/me/route.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function GET(request: NextRequest): Promise<NextResponse<unknown>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/me/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/me/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAIxD,wBAAsB,GAAG,CAAC,OAAO,EAAE,WAAW,kCAuC7C"}

package/dist/app/api/hazo_auth/me/route.js ADDED Viewed

@@ -0,0 +1,34 @@
+// file_description: API route to get current authenticated user information
+// section: imports
+import { NextResponse } from "next/server";
+import { get_authenticated_user_with_response } from "../../../../lib/auth/auth_utils.server";
+// section: api_handler
+export async function GET(request) {
+    try {
+        // Use centralized auth utility
+        const { auth_result, response } = await get_authenticated_user_with_response(request);
+        // If response is provided, it means cookies were cleared (invalid auth)
+        if (response) {
+            return response;
+        }
+        // If not authenticated, return false
+        if (!auth_result.authenticated) {
+            return NextResponse.json({ authenticated: false }, { status: 200 });
+        }
+        // Return user info
+        return NextResponse.json({
+            authenticated: true,
+            user_id: auth_result.user_id,
+            email: auth_result.email,
+            name: auth_result.name,
+            email_verified: auth_result.email_verified,
+            last_logon: auth_result.last_logon,
+            profile_picture_url: auth_result.profile_picture_url,
+            profile_source: auth_result.profile_source,
+        }, { status: 200 });
+    }
+    catch (error) {
+        // On error, assume not authenticated
+        return NextResponse.json({ authenticated: false }, { status: 200 });
+    }
+}

package/dist/app/api/hazo_auth/profile_picture/[filename]/route.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function GET(request: NextRequest, { params }: {
+    params: {
+        filename: string;
+    };
+}): Promise<NextResponse<unknown>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/profile_picture/[filename]/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../src/app/api/hazo_auth/profile_picture/[filename]/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAMxD,wBAAsB,GAAG,CACvB,OAAO,EAAE,WAAW,EACpB,EAAE,MAAM,EAAE,EAAE;IAAE,MAAM,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,kCAuD7C"}

package/dist/app/api/hazo_auth/profile_picture/[filename]/route.js ADDED Viewed

@@ -0,0 +1,43 @@
+// file_description: API route to serve uploaded profile pictures
+// section: imports
+import { NextResponse } from "next/server";
+import { get_profile_picture_config } from "../../../../../lib/profile_picture_config.server";
+import fs from "fs";
+import path from "path";
+// section: api_handler
+export async function GET(request, { params }) {
+    try {
+        const config = get_profile_picture_config();
+        if (!config.allow_photo_upload || !config.upload_photo_path) {
+            return NextResponse.json({ error: "Profile picture upload is not enabled" }, { status: 404 });
+        }
+        const filename = params.filename;
+        // Validate filename (prevent path traversal)
+        if (filename.includes("..") || filename.includes("/") || filename.includes("\\")) {
+            return NextResponse.json({ error: "Invalid filename" }, { status: 400 });
+        }
+        // Resolve upload path
+        const uploadPath = path.isAbsolute(config.upload_photo_path)
+            ? config.upload_photo_path
+            : path.resolve(process.cwd(), config.upload_photo_path);
+        const filePath = path.join(uploadPath, filename);
+        // Check if file exists
+        if (!fs.existsSync(filePath)) {
+            return NextResponse.json({ error: "File not found" }, { status: 404 });
+        }
+        // Read file
+        const fileBuffer = fs.readFileSync(filePath);
+        const fileExt = path.extname(filename).toLowerCase();
+        const contentType = fileExt === ".png" ? "image/png" : "image/jpeg";
+        // Return file with appropriate content type
+        return new NextResponse(fileBuffer, {
+            headers: {
+                "Content-Type": contentType,
+                "Cache-Control": "public, max-age=31536000, immutable",
+            },
+        });
+    }
+    catch (error) {
+        return NextResponse.json({ error: "Failed to serve profile picture" }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/register/route.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+    user_id: string | undefined;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/register/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/register/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAQxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;;IAiG9C"}

package/dist/app/api/hazo_auth/register/route.js ADDED Viewed

@@ -0,0 +1,80 @@
+// file_description: API route for user registration using hazo_connect to insert into hazo_users table
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { register_user } from "../../../../lib/services/registration_service";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+import { sanitize_error_for_user } from "../../../../lib/utils/error_sanitizer";
+// section: api_handler
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        const body = await request.json();
+        const { name, email, password, url_on_logon } = body;
+        // Validate input
+        if (!email || !password) {
+            logger.warn("registration_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email: email || "missing",
+                has_password: !!password,
+            });
+            return NextResponse.json({ error: "Email and password are required" }, { status: 400 });
+        }
+        // Validate email format
+        const email_pattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+        if (!email_pattern.test(email)) {
+            logger.warn("registration_invalid_email", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+            });
+            return NextResponse.json({ error: "Invalid email address format" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance (reuses same connection across all routes)
+        const hazoConnect = get_hazo_connect_instance();
+        // Register user using the registration service
+        const result = await register_user(hazoConnect, {
+            email,
+            password,
+            name,
+            url_on_logon,
+        });
+        if (!result.success) {
+            const status_code = result.error === "Email address already registered" ? 409 : 500;
+            logger.warn("registration_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+                error: result.error,
+            });
+            return NextResponse.json({ error: result.error || "Registration failed" }, { status: status_code });
+        }
+        logger.info("registration_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id: result.user_id,
+            email,
+            has_name: !!name,
+        });
+        return NextResponse.json({
+            success: true,
+            message: "Registration successful",
+            user_id: result.user_id,
+        }, { status: 201 });
+    }
+    catch (error) {
+        const user_friendly_error = sanitize_error_for_user(error, {
+            logToConsole: true,
+            logToLogger: true,
+            logger,
+            context: {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                operation: "register_api_route",
+            },
+        });
+        return NextResponse.json({ error: user_friendly_error }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/remove_profile_picture/route.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function DELETE(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/remove_profile_picture/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/remove_profile_picture/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,wBAAsB,MAAM,CAAC,OAAO,EAAE,WAAW;;;;;IA2EhD"}

package/dist/app/api/hazo_auth/remove_profile_picture/route.js ADDED Viewed

@@ -0,0 +1,64 @@
+// file_description: API route for removing profile pictures
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { remove_user_profile_picture } from "../../../../lib/services/profile_picture_remove_service";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+// section: api_handler
+export async function DELETE(request) {
+    const logger = create_app_logger();
+    try {
+        // Use centralized auth check
+        let user_id;
+        try {
+            const { require_auth } = await import("../../../../lib/auth/auth_utils.server");
+            const user = await require_auth(request);
+            user_id = user.user_id;
+        }
+        catch (error) {
+            if (error instanceof Error && error.message === "Authentication required") {
+                logger.warn("profile_picture_remove_authentication_failed", {
+                    filename: get_filename(),
+                    line_number: get_line_number(),
+                    error: "User not authenticated",
+                });
+                return NextResponse.json({ error: "Authentication required" }, { status: 401 });
+            }
+            throw error;
+        }
+        // Get singleton hazo_connect instance
+        const hazoConnect = get_hazo_connect_instance();
+        // Remove profile picture
+        const result = await remove_user_profile_picture(hazoConnect, user_id);
+        if (!result.success) {
+            logger.warn("profile_picture_remove_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id,
+                error: result.error,
+            });
+            return NextResponse.json({ error: result.error || "Failed to remove profile picture" }, { status: 400 });
+        }
+        logger.info("profile_picture_remove_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id,
+        });
+        return NextResponse.json({
+            success: true,
+            message: "Profile picture removed successfully",
+        }, { status: 200 });
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("profile_picture_remove_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Failed to remove profile picture. Please try again." }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/resend_verification/route.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/resend_verification/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/resend_verification/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;IAiG9C"}

package/dist/app/api/hazo_auth/resend_verification/route.js ADDED Viewed

@@ -0,0 +1,79 @@
+// file_description: API route for resending email verification using hazo_connect
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { resend_verification_email } from "../../../../lib/services/email_verification_service";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+// section: api_handler
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        const body = await request.json();
+        const { email } = body;
+        // Validate input
+        if (!email) {
+            logger.warn("resend_verification_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email: email || "missing",
+            });
+            return NextResponse.json({ error: "Email is required" }, { status: 400 });
+        }
+        // Validate email format
+        const email_pattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+        if (!email_pattern.test(email)) {
+            logger.warn("resend_verification_invalid_email", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+            });
+            return NextResponse.json({ error: "Invalid email address format" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance (reuses same connection across all routes)
+        const hazoConnect = get_hazo_connect_instance();
+        // Resend verification email using the email verification service
+        const result = await resend_verification_email(hazoConnect, {
+            email,
+        });
+        if (!result.success) {
+            logger.error("resend_verification_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+                error: result.error,
+            });
+            // Return error response (500) when email sending fails
+            // This is a technical error, not a security issue, so we can reveal it
+            return NextResponse.json({
+                success: false,
+                error: result.error || "Failed to resend verification email",
+            }, { status: 500 });
+        }
+        logger.info("resend_verification_requested", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            email,
+        });
+        // Always return success to prevent email enumeration attacks
+        return NextResponse.json({
+            success: true,
+            message: "If an account with that email exists and is not verified, a verification link has been sent.",
+        }, { status: 200 });
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("resend_verification_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        // Still return 200 OK to prevent email enumeration attacks
+        return NextResponse.json({
+            success: true,
+            message: "If an account with that email exists and is not verified, a verification link has been sent.",
+        }, { status: 200 });
+    }
+}

package/dist/app/api/hazo_auth/reset_password/route.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/reset_password/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/reset_password/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAQxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;IA+F9C"}