hazo_auth 7.0.1 → 7.0.2

package/dist/lib/services/oauth_service.js

@@ -168,33 +168,23 @@ export async function handle_google_oauth_login(adapter, data) {
     }
 }
 /**
- * Handles Facebook OAuth login/registration flow
- * 1. Check if user exists with facebook_id -> login
- * 2. Check if user exists with email -> link Facebook account (respects auto_link_unverified)
- * 3. Create new user with Facebook data (email_verified always false — never trust Facebook)
- *
- * @param adapter - The hazo_connect adapter instance
- * @param data - Facebook OAuth user data
- * @param opts - Options (auto_link_unverified: whether to link unverified accounts)
- * @returns OAuth login result with user_id and status flags
+ * Handles Facebook OAuth login: find-by-facebook_id → find-by-email+link → create new.
+ * Mirrors handle_google_oauth_login exactly. Uses auto_link_unverified_accounts gate.
  */
-export async function handle_facebook_oauth_login(adapter, data, opts) {
+export async function handle_facebook_oauth_login(adapter, data) {
     const logger = create_app_logger();
     try {
-        const { facebook_id, email, name, profile_picture_url } = data;
+        const { facebook_id, email, name, profile_picture_url, email_verified } = data;
+        const oauth_config = get_oauth_config();
         const users_service = createCrudService(adapter, "hazo_users");
         const now = new Date().toISOString();
-        // Step 1: Check if user exists with this facebook_id
-        const users_by_facebook_id = await users_service.findBy({ facebook_id });
-        if (Array.isArray(users_by_facebook_id) && users_by_facebook_id.length > 0) {
-            const user = users_by_facebook_id[0];
-            await users_service.updateById(user.id, {
-                last_logon: now,
-                changed_at: now,
-            });
-            logger.info("oauth_service_facebook_login_existing_facebook_user", {
+        // Step 1: existing user with this facebook_id
+        const users_by_fb_id = await users_service.findBy({ facebook_id });
+        if (Array.isArray(users_by_fb_id) && users_by_fb_id.length > 0) {
+            const user = users_by_fb_id[0];
+            await users_service.updateById(user.id, { last_logon: now, changed_at: now });
+            logger.info("oauth_service_facebook_login_existing_fb_user", {
                 filename: "oauth_service.ts",
-                line_number: get_line_number(),
                 user_id: user.id,
                 email: user.email_address,
             });
@@ -207,91 +197,76 @@ export async function handle_facebook_oauth_login(adapter, data, opts) {
                 name: user.name,
             };
         }
-        // Step 2: Check if user exists with this email
-        if (email) {
-            const users_by_email = await users_service.findBy({ email_address: email });
-            if (Array.isArray(users_by_email) && users_by_email.length > 0) {
-                const user = users_by_email[0];
-                const user_email_verified = user.email_verified;
-                if (!user_email_verified) {
-                    if (!(opts === null || opts === void 0 ? void 0 : opts.auto_link_unverified)) {
-                        return {
-                            success: false,
-                            error: "link_blocked_unverified",
-                        };
-                    }
-                    // auto_link_unverified=true: link but do NOT change email_verified status
-                }
-                // Link Facebook account to existing user
-                const current_auth_providers = user.auth_providers || "email";
-                const new_auth_providers = current_auth_providers.includes("facebook")
-                    ? current_auth_providers
-                    : `${current_auth_providers},facebook`;
-                const update_data = {
-                    facebook_id,
-                    auth_providers: new_auth_providers,
-                    last_logon: now,
-                    changed_at: now,
-                };
-                // Update name if not set and Facebook provides one
-                if (!user.name && name) {
-                    update_data.name = name;
-                }
-                // Update profile picture if not set and Facebook provides one
-                if (!user.profile_picture_url && profile_picture_url) {
-                    update_data.profile_picture_url = profile_picture_url;
-                    update_data.profile_source = "custom";
-                }
-                await users_service.updateById(user.id, update_data);
-                logger.info("oauth_service_facebook_linked_to_existing", {
-                    filename: "oauth_service.ts",
-                    line_number: get_line_number(),
-                    user_id: user.id,
-                    email,
-                    was_unverified: !user_email_verified,
-                });
+        // Step 2: existing user with matching email
+        const users_by_email = await users_service.findBy({ email_address: email });
+        if (Array.isArray(users_by_email) && users_by_email.length > 0) {
+            const user = users_by_email[0];
+            const user_email_verified = user.email_verified;
+            if (!user_email_verified && !oauth_config.auto_link_unverified_accounts) {
                 return {
-                    success: true,
-                    user_id: user.id,
-                    is_new_user: false,
-                    was_linked: true,
-                    email: user.email_address,
-                    name: update_data.name || user.name,
+                    success: false,
+                    error: "An account with this email exists but is not verified. Please verify your email first.",
                 };
             }
+            const current_auth_providers = user.auth_providers || "email";
+            const new_auth_providers = current_auth_providers.includes("facebook")
+                ? current_auth_providers
+                : `${current_auth_providers},facebook`;
+            const update_data = {
+                facebook_id,
+                auth_providers: new_auth_providers,
+                last_logon: now,
+                changed_at: now,
+            };
+            if (!user_email_verified && email_verified) {
+                update_data.email_verified = true;
+            }
+            if (!user.name && name)
+                update_data.name = name;
+            if (!user.profile_picture_url && profile_picture_url) {
+                update_data.profile_picture_url = profile_picture_url;
+                update_data.profile_source = "custom";
+            }
+            await users_service.updateById(user.id, update_data);
+            logger.info("oauth_service_facebook_linked_to_existing", {
+                filename: "oauth_service.ts",
+                user_id: user.id,
+                email,
+                was_unverified: !user_email_verified,
+            });
+            return {
+                success: true,
+                user_id: user.id,
+                is_new_user: false,
+                was_linked: true,
+                email: user.email_address,
+                name: user.name,
+            };
         }
-        // Step 3: Create new user with Facebook data
+        // Step 3: create new user
         const user_id = randomUUID();
         const insert_data = {
             id: user_id,
             email_address: email,
-            password_hash: "", // Empty string for Facebook-only users
-            email_verified: false, // Never trust Facebook's email_verified claim
-            status: "ACTIVE",
-            login_attempts: 0,
             facebook_id,
             auth_providers: "facebook",
+            email_verified: email_verified,
+            last_logon: now,
             created_at: now,
             changed_at: now,
-            last_logon: now,
         };
-        if (name) {
+        if (name)
             insert_data.name = name;
-        }
         if (profile_picture_url) {
             insert_data.profile_picture_url = profile_picture_url;
             insert_data.profile_source = "custom";
         }
-        const inserted_users = await users_service.insert(insert_data);
-        if (!Array.isArray(inserted_users) || inserted_users.length === 0) {
-            return {
-                success: false,
-                error: "Failed to create user account",
-            };
+        const inserted = await users_service.insert(insert_data);
+        if (!Array.isArray(inserted) || inserted.length === 0) {
+            return { success: false, error: "Failed to create user account" };
         }
         logger.info("oauth_service_facebook_new_user_created", {
             filename: "oauth_service.ts",
-            line_number: get_line_number(),
             user_id,
             email,
         });
@@ -300,7 +275,7 @@ export async function handle_facebook_oauth_login(adapter, data, opts) {
             user_id,
             is_new_user: true,
             was_linked: false,
-            email: email !== null && email !== void 0 ? email : undefined,
+            email,
             name,
         };
     }
@@ -309,17 +284,9 @@ export async function handle_facebook_oauth_login(adapter, data, opts) {
             logToConsole: true,
             logToLogger: true,
             logger,
-            context: {
-                filename: "oauth_service.ts",
-                line_number: get_line_number(),
-                email: data.email,
-                operation: "handle_facebook_oauth_login",
-            },
+            context: { filename: "oauth_service.ts", email: data.email, operation: "handle_facebook_oauth_login" },
         });
-        return {
-            success: false,
-            error: user_friendly_error,
-        };
+        return { success: false, error: user_friendly_error };
     }
 }
 /**

package/dist/lib/services/otp_service.d.ts

@@ -36,7 +36,7 @@ export type VerifyEmailOTPResult = {
     session_token: string;
 } | {
     ok: false;
-    error: "invalid_or_expired";
+    error: "invalid_or_expired" | "expired";
 };
 export declare function verify_email_otp(args: {
     email: string;

package/dist/lib/services/otp_service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"otp_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/otp_service.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,CAAC;AAUrB;;;GAGG;AACH,wBAAgB,iBAAiB,IAAI,MAAM,CAG1C;AAED,wBAAsB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAEjE;AAED,wBAAsB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAMtF;AAID,MAAM,MAAM,qBAAqB,GAC7B;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GACZ;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,cAAc,CAAC;IAAC,mBAAmB,EAAE,MAAM,CAAA;CAAE,CAAC;AAItE;;;;;;;;;;;GAWG;AACH,wBAAsB,iBAAiB,CAAC,IAAI,EAAE;IAC5C,KAAK,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,MAAM,CAAC;CACZ,GAAG,OAAO,CAAC,qBAAqB,CAAC,CA8GjC;AAID,MAAM,MAAM,oBAAoB,GAC5B;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,aAAa,EAAE,MAAM,CAAA;CAAE,GACnE;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,oBAAoB,CAAA;CAAE,CAAC;AAE/C,wBAAsB,gBAAgB,CAAC,IAAI,EAAE;IAC3C,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;CACZ,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAsHhC"}
+{"version":3,"file":"otp_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/otp_service.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,CAAC;AAUrB;;;GAGG;AACH,wBAAgB,iBAAiB,IAAI,MAAM,CAG1C;AAED,wBAAsB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAEjE;AAED,wBAAsB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAMtF;AAID,MAAM,MAAM,qBAAqB,GAC7B;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GACZ;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,cAAc,CAAC;IAAC,mBAAmB,EAAE,MAAM,CAAA;CAAE,CAAC;AAItE;;;;;;;;;;;GAWG;AACH,wBAAsB,iBAAiB,CAAC,IAAI,EAAE;IAC5C,KAAK,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,MAAM,CAAC;CACZ,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAmHjC;AAID,MAAM,MAAM,oBAAoB,GAC5B;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,aAAa,EAAE,MAAM,CAAA;CAAE,GACnE;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,oBAAoB,GAAG,SAAS,CAAA;CAAE,CAAC;AAE3D,wBAAsB,gBAAgB,CAAC,IAAI,EAAE;IAC3C,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;CACZ,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAsHhC"}

package/dist/lib/services/otp_service.js

@@ -111,6 +111,11 @@ export async function request_email_otp(args) {
         expires_at,
         attempt_count: 0,
         requester_ip: ip,
+        // Explicitly pass created_at in JS ISO format ("2024-01-01T00:00:00.000Z") rather
+        // than relying on SQLite's DEFAULT (datetime('now') = "2024-01-01 00:00:00").
+        // The space-separated SQLite format compares as less-than the T-separated JS ISO
+        // threshold used in rate-limit WHERE clauses, causing the counter to always read 0.
+        created_at: new Date().toISOString(),
     });
     // 7. Dispatch email — fire-and-forget; errors are logged but do not surface to caller
     try {
@@ -155,7 +160,7 @@ export async function verify_email_otp(args) {
     // 2. Check expiry
     const expires_at_ms = Date.parse(String(row.expires_at));
     if (Number.isNaN(expires_at_ms) || expires_at_ms < Date.now()) {
-        return { ok: false, error: "invalid_or_expired" };
+        return { ok: false, error: "expired" };
     }
     // 3. argon2 verify
     const is_valid = await verify_otp_code(String(row.otp_hash), code);

package/dist/lib/services/session_token_service.d.ts

@@ -16,8 +16,6 @@ export type ValidateSessionTokenResult = {
  * Token includes user_id, email, issued at time, and expiration
  * @param user_id - User ID
  * @param email - User email address
- * @param managed_by_user_id - Optional: ID of the managing user (for impersonation)
- * @param ttl_seconds - Optional: token lifetime in seconds (default: 30 days). Use 604800 for 7-day OTP sessions.
  * @returns JWT token string
  */
 export declare function create_session_token(user_id: string, email: string, managed_by_user_id?: string, ttl_seconds?: number): Promise<string>;

package/dist/lib/services/session_token_service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"session_token_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/session_token_service.ts"],"names":[],"mappings":"AAQA,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,MAAM,MAAM,0BAA0B,GAAG;IACvC,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B,CAAC;AAuCF;;;;;;;;GAQG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,MAAM,EACb,kBAAkB,CAAC,EAAE,MAAM,EAC3B,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,MAAM,CAAC,CA4CjB;AAED;;;;;GAKG;AACH,wBAAsB,sBAAsB,CAC1C,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,0BAA0B,CAAC,CAkDrC"}
+{"version":3,"file":"session_token_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/session_token_service.ts"],"names":[],"mappings":"AAQA,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,MAAM,MAAM,0BAA0B,GAAG;IACvC,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B,CAAC;AAuCF;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,MAAM,EACb,kBAAkB,CAAC,EAAE,MAAM,EAC3B,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,MAAM,CAAC,CA4CjB;AAED;;;;;GAKG;AACH,wBAAsB,sBAAsB,CAC1C,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,0BAA0B,CAAC,CAkDrC"}

package/dist/lib/services/session_token_service.js

@@ -41,8 +41,6 @@ function get_session_token_expiry_seconds() {
  * Token includes user_id, email, issued at time, and expiration
  * @param user_id - User ID
  * @param email - User email address
- * @param managed_by_user_id - Optional: ID of the managing user (for impersonation)
- * @param ttl_seconds - Optional: token lifetime in seconds (default: 30 days). Use 604800 for 7-day OTP sessions.
  * @returns JWT token string
  */
 export async function create_session_token(user_id, email, managed_by_user_id, ttl_seconds) {

package/dist/page_components/create_firm.d.ts

@@ -2,19 +2,7 @@ import "server-only";
 export type CreateFirmPageProps = {
     /** Disable the navbar wrapper */
     disableNavbar?: boolean;
-    /**
-     * Optional theme that controls visual appearance and layout mode.
-     * When `theme.layout` is `"split"`, activates the two-column split layout
-     * with the brand panel on the left.
-     */
-    theme?: import("../theme/theme_types").HazoAuthTheme;
-    /** Override the page heading. Falls back to HazoAuthStringsProvider → DEFAULT_STRINGS. */
-    title?: string;
-    /** Override the page subtitle. Falls back to HazoAuthStringsProvider → DEFAULT_STRINGS. */
-    subtitle?: string;
-    /** Override the submit button label. Falls back to HazoAuthStringsProvider → DEFAULT_STRINGS. */
-    ctaText?: string;
 };
-export default function CreateFirmPage({ disableNavbar, theme, title, subtitle, ctaText }?: CreateFirmPageProps): import("react/jsx-runtime").JSX.Element;
+export default function CreateFirmPage({ disableNavbar }?: CreateFirmPageProps): import("react/jsx-runtime").JSX.Element;
 export { CreateFirmPage };
 //# sourceMappingURL=create_firm.d.ts.map

package/dist/page_components/create_firm.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"create_firm.d.ts","sourceRoot":"","sources":["../../src/page_components/create_firm.tsx"],"names":[],"mappings":"AAEA,OAAO,aAAa,CAAC;AASrB,MAAM,MAAM,mBAAmB,GAAG;IAChC,iCAAiC;IACjC,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB;;;;OAIG;IACH,KAAK,CAAC,EAAE,OAAO,sBAAsB,EAAE,aAAa,CAAC;IACrD,0FAA0F;IAC1F,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,2FAA2F;IAC3F,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,iGAAiG;IACjG,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB,CAAC;AAkCF,MAAM,CAAC,OAAO,UAAU,cAAc,CAAC,EAAE,aAAa,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAE,mBAAwB,2CA6BlH;AAGD,OAAO,EAAE,cAAc,EAAE,CAAC"}
+{"version":3,"file":"create_firm.d.ts","sourceRoot":"","sources":["../../src/page_components/create_firm.tsx"],"names":[],"mappings":"AAEA,OAAO,aAAa,CAAC;AAQrB,MAAM,MAAM,mBAAmB,GAAG;IAChC,iCAAiC;IACjC,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB,CAAC;AAsDF,MAAM,CAAC,OAAO,UAAU,cAAc,CAAC,EAAE,aAAa,EAAE,GAAE,mBAAwB,2CAsBjF;AAGD,OAAO,EAAE,cAAc,EAAE,CAAC"}

package/dist/page_components/create_firm.js

@@ -6,28 +6,24 @@ import "server-only";
 import CreateFirmLayout from "../components/layouts/create_firm/index.js";
 import { AuthPageShell } from "../components/layouts/shared/components/auth_page_shell.js";
 import { get_config_value } from "../lib/config/config_loader.server.js";
-import { DEFAULT_STRINGS, readStrings } from "../strings.js";
 // section: config_loader
 function get_create_firm_config() {
     return {
+        image_src: get_config_value("hazo_auth__create_firm", "image_src", "/hazo_auth/images/new_firm_default.jpg"),
+        heading: get_config_value("hazo_auth__create_firm", "heading", "Create Your Firm"),
+        sub_heading: get_config_value("hazo_auth__create_firm", "sub_heading", "Set up your organisation to get started"),
         firm_name_label: get_config_value("hazo_auth__create_firm", "firm_name_label", "Firm Name"),
         org_structure_label: get_config_value("hazo_auth__create_firm", "org_structure_label", "Organisation Structure"),
         org_structure_default: get_config_value("hazo_auth__create_firm", "org_structure_default", "Headquarters"),
+        submit_button_label: get_config_value("hazo_auth__create_firm", "submit_button_label", "Create Firm"),
         success_message: get_config_value("hazo_auth__create_firm", "success_message", "Your firm has been created successfully!"),
         redirect_route: get_config_value("hazo_auth__create_firm", "redirect_route", "/"),
     };
 }
 // section: component
-export default function CreateFirmPage({ disableNavbar, theme, title, subtitle, ctaText } = {}) {
-    var _a, _b, _c;
-    // Resolve strings: prop > HazoAuthStringsProvider > DEFAULT_STRINGS
-    const strings = readStrings();
-    const cf_strings = strings.create_firm;
-    const resolved_title = (_a = title !== null && title !== void 0 ? title : cf_strings.title) !== null && _a !== void 0 ? _a : DEFAULT_STRINGS.create_firm.title;
-    const resolved_subtitle = (_b = subtitle !== null && subtitle !== void 0 ? subtitle : cf_strings.subtitle) !== null && _b !== void 0 ? _b : DEFAULT_STRINGS.create_firm.subtitle;
-    const resolved_cta = (_c = ctaText !== null && ctaText !== void 0 ? ctaText : cf_strings.ctaText) !== null && _c !== void 0 ? _c : DEFAULT_STRINGS.create_firm.ctaText;
+export default function CreateFirmPage({ disableNavbar } = {}) {
     const config = get_create_firm_config();
-    const layoutContent = (_jsx(CreateFirmLayout, { heading: resolved_title, sub_heading: resolved_subtitle, firm_name_label: config.firm_name_label, org_structure_label: config.org_structure_label, default_org_structure: config.org_structure_default, submit_button_label: resolved_cta, success_message: config.success_message, redirect_route: config.redirect_route, theme: theme }));
+    const layoutContent = (_jsx(CreateFirmLayout, { image_src: config.image_src, heading: config.heading, sub_heading: config.sub_heading, firm_name_label: config.firm_name_label, org_structure_label: config.org_structure_label, default_org_structure: config.org_structure_default, submit_button_label: config.submit_button_label, success_message: config.success_message, redirect_route: config.redirect_route }));
     if (disableNavbar) {
         return layoutContent;
     }

package/dist/page_components/forgot_password.d.ts

@@ -4,6 +4,9 @@ export type ForgotPasswordPageProps = {
     showReturnHomeButton?: boolean;
     returnHomeButtonLabel?: string;
     returnHomePath?: string;
+    imageSrc?: string;
+    imageAlt?: string;
+    imageBackgroundColor?: string;
 };
 /**
  * Zero-config forgot password page component
@@ -11,6 +14,6 @@ export type ForgotPasswordPageProps = {
  * @param props - Optional configuration overrides
  * @returns Forgot password page component
  */
-export declare function ForgotPasswordPage({ alreadyLoggedInMessage, showLogoutButton, showReturnHomeButton, returnHomeButtonLabel, returnHomePath, }?: ForgotPasswordPageProps): import("react/jsx-runtime").JSX.Element;
+export declare function ForgotPasswordPage({ alreadyLoggedInMessage, showLogoutButton, showReturnHomeButton, returnHomeButtonLabel, returnHomePath, imageSrc, imageAlt, imageBackgroundColor, }?: ForgotPasswordPageProps): import("react/jsx-runtime").JSX.Element;
 export default ForgotPasswordPage;
 //# sourceMappingURL=forgot_password.d.ts.map

package/dist/page_components/forgot_password.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"forgot_password.d.ts","sourceRoot":"","sources":["../../src/page_components/forgot_password.tsx"],"names":[],"mappings":"AA0BA,MAAM,MAAM,uBAAuB,GAAG;IACpC,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,CAAC;AAGF;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,EACjC,sBAAoD,EACpD,gBAAuB,EACvB,oBAA4B,EAC5B,qBAAqC,EACrC,cAAoB,GACrB,GAAE,uBAA4B,2CAgC9B;AAED,eAAe,kBAAkB,CAAC"}
+{"version":3,"file":"forgot_password.d.ts","sourceRoot":"","sources":["../../src/page_components/forgot_password.tsx"],"names":[],"mappings":"AA+BA,MAAM,MAAM,uBAAuB,GAAG;IACpC,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B,CAAC;AAGF;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,EACjC,sBAAoD,EACpD,gBAAuB,EACvB,oBAA4B,EAC5B,qBAAqC,EACrC,cAAoB,EACpB,QAA4B,EAC5B,QAA4B,EAC5B,oBAAuC,GACxC,GAAE,uBAA4B,2CAmC9B;AAED,eAAe,kBAAkB,CAAC"}

package/dist/page_components/forgot_password.js

@@ -21,6 +21,10 @@ import { useEffect, useState } from "react";
 import forgot_password_layout from "../components/layouts/forgot_password/index.js";
 import { createLayoutDataClient } from "../components/layouts/shared/data/layout_data_client.js";
 import { create_sqlite_hazo_connect } from "../lib/hazo_connect_setup.js";
+// section: constants
+const DEFAULT_IMAGE_SRC = "/hazo_auth/images/forgot_password_default.jpg";
+const DEFAULT_IMAGE_ALT = "Illustration of a globe representing secure authentication workflows";
+const DEFAULT_IMAGE_BG = "#f1f5f9";
 // section: component
 /**
  * Zero-config forgot password page component
@@ -28,7 +32,7 @@ import { create_sqlite_hazo_connect } from "../lib/hazo_connect_setup.js";
  * @param props - Optional configuration overrides
  * @returns Forgot password page component
  */
-export function ForgotPasswordPage({ alreadyLoggedInMessage = "You are already logged in", showLogoutButton = true, showReturnHomeButton = false, returnHomeButtonLabel = "Return home", returnHomePath = "/", } = {}) {
+export function ForgotPasswordPage({ alreadyLoggedInMessage = "You are already logged in", showLogoutButton = true, showReturnHomeButton = false, returnHomeButtonLabel = "Return home", returnHomePath = "/", imageSrc = DEFAULT_IMAGE_SRC, imageAlt = DEFAULT_IMAGE_ALT, imageBackgroundColor = DEFAULT_IMAGE_BG, } = {}) {
     const [dataClient, setDataClient] = useState(null);
     useEffect(() => {
         // Initialize hazo_connect on client side
@@ -41,6 +45,6 @@ export function ForgotPasswordPage({ alreadyLoggedInMessage = "You are already l
         return (_jsx("div", { className: "cls_forgot_password_page_loading flex items-center justify-center min-h-screen", children: _jsx("div", { className: "text-slate-600 animate-pulse", children: "Loading..." }) }));
     }
     const ForgotPasswordLayout = forgot_password_layout;
-    return (_jsx(ForgotPasswordLayout, { data_client: dataClient, alreadyLoggedInMessage: alreadyLoggedInMessage, showLogoutButton: showLogoutButton, showReturnHomeButton: showReturnHomeButton, returnHomeButtonLabel: returnHomeButtonLabel, returnHomePath: returnHomePath }));
+    return (_jsx(ForgotPasswordLayout, { image_src: imageSrc, image_alt: imageAlt, image_background_color: imageBackgroundColor, data_client: dataClient, alreadyLoggedInMessage: alreadyLoggedInMessage, showLogoutButton: showLogoutButton, showReturnHomeButton: showReturnHomeButton, returnHomeButtonLabel: returnHomeButtonLabel, returnHomePath: returnHomePath }));
 }
 export default ForgotPasswordPage;

package/dist/page_components/login.d.ts

@@ -15,6 +15,9 @@ export type LoginPageProps = {
     createAccountPath?: string;
     createAccountLabel?: string;
     urlOnLogon?: string;
+    imageSrc?: string;
+    imageAlt?: string;
+    imageBackgroundColor?: string;
 };
 /**
  * Zero-config login page component
@@ -22,6 +25,6 @@ export type LoginPageProps = {
  * @param props - Optional configuration overrides
  * @returns Login page component
  */
-export declare function LoginPage({ redirectRoute, successMessage, alreadyLoggedInMessage, showLogoutButton, showReturnHomeButton, returnHomeButtonLabel, returnHomePath, forgotPasswordPath, forgotPasswordLabel, createAccountPath, createAccountLabel, urlOnLogon, }?: LoginPageProps): import("react/jsx-runtime").JSX.Element;
+export declare function LoginPage({ redirectRoute, successMessage, alreadyLoggedInMessage, showLogoutButton, showReturnHomeButton, returnHomeButtonLabel, returnHomePath, forgotPasswordPath, forgotPasswordLabel, createAccountPath, createAccountLabel, urlOnLogon, imageSrc, imageAlt, imageBackgroundColor, }?: LoginPageProps): import("react/jsx-runtime").JSX.Element;
 export default LoginPage;
 //# sourceMappingURL=login.d.ts.map

package/dist/page_components/login.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../src/page_components/login.tsx"],"names":[],"mappings":"AA0BA;;;GAGG;AACH,MAAM,MAAM,cAAc,GAAG;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC;AAGF;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,EACxB,aAAa,EACb,cAAyC,EACzC,sBAAoD,EACpD,gBAAuB,EACvB,oBAA4B,EAC5B,qBAAqC,EACrC,cAAoB,EACpB,kBAAiD,EACjD,mBAAwC,EACxC,iBAAyC,EACzC,kBAAqC,EACrC,UAAU,GACX,GAAE,cAAmB,2CAuCrB;AAED,eAAe,SAAS,CAAC"}
+{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../src/page_components/login.tsx"],"names":[],"mappings":"AA+BA;;;GAGG;AACH,MAAM,MAAM,cAAc,GAAG;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B,CAAC;AAGF;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,EACxB,aAAa,EACb,cAAyC,EACzC,sBAAoD,EACpD,gBAAuB,EACvB,oBAA4B,EAC5B,qBAAqC,EACrC,cAAoB,EACpB,kBAAiD,EACjD,mBAAwC,EACxC,iBAAyC,EACzC,kBAAqC,EACrC,UAAU,EACV,QAA4B,EAC5B,QAA4B,EAC5B,oBAAuC,GACxC,GAAE,cAAmB,2CA0CrB;AAED,eAAe,SAAS,CAAC"}

package/dist/page_components/login.js

@@ -21,6 +21,10 @@ import { useEffect, useState } from "react";
 import login_layout from "../components/layouts/login/index.js";
 import { createLayoutDataClient } from "../components/layouts/shared/data/layout_data_client.js";
 import { create_sqlite_hazo_connect } from "../lib/hazo_connect_setup.js";
+// section: constants
+const DEFAULT_IMAGE_SRC = "/hazo_auth/images/login_default.jpg";
+const DEFAULT_IMAGE_ALT = "Illustration of a globe representing secure authentication workflows";
+const DEFAULT_IMAGE_BG = "#f1f5f9";
 // section: component
 /**
  * Zero-config login page component
@@ -28,7 +32,7 @@ import { create_sqlite_hazo_connect } from "../lib/hazo_connect_setup.js";
  * @param props - Optional configuration overrides
  * @returns Login page component
  */
-export function LoginPage({ redirectRoute, successMessage = "Successfully logged in", alreadyLoggedInMessage = "You are already logged in", showLogoutButton = true, showReturnHomeButton = false, returnHomeButtonLabel = "Return home", returnHomePath = "/", forgotPasswordPath = "/hazo_auth/forgot_password", forgotPasswordLabel = "Forgot password?", createAccountPath = "/hazo_auth/register", createAccountLabel = "Create account", urlOnLogon, } = {}) {
+export function LoginPage({ redirectRoute, successMessage = "Successfully logged in", alreadyLoggedInMessage = "You are already logged in", showLogoutButton = true, showReturnHomeButton = false, returnHomeButtonLabel = "Return home", returnHomePath = "/", forgotPasswordPath = "/hazo_auth/forgot_password", forgotPasswordLabel = "Forgot password?", createAccountPath = "/hazo_auth/register", createAccountLabel = "Create account", urlOnLogon, imageSrc = DEFAULT_IMAGE_SRC, imageAlt = DEFAULT_IMAGE_ALT, imageBackgroundColor = DEFAULT_IMAGE_BG, } = {}) {
     const [dataClient, setDataClient] = useState(null);
     useEffect(() => {
         // Initialize hazo_connect on client side
@@ -41,6 +45,6 @@ export function LoginPage({ redirectRoute, successMessage = "Successfully logged
         return (_jsx("div", { className: "cls_login_page_loading flex items-center justify-center min-h-screen", children: _jsx("div", { className: "text-slate-600 animate-pulse", children: "Loading..." }) }));
     }
     const LoginLayout = login_layout;
-    return (_jsx(LoginLayout, { data_client: dataClient, redirectRoute: redirectRoute, successMessage: successMessage, alreadyLoggedInMessage: alreadyLoggedInMessage, showLogoutButton: showLogoutButton, showReturnHomeButton: showReturnHomeButton, returnHomeButtonLabel: returnHomeButtonLabel, returnHomePath: returnHomePath, forgot_password_path: forgotPasswordPath, forgot_password_label: forgotPasswordLabel, create_account_path: createAccountPath, create_account_label: createAccountLabel, urlOnLogon: urlOnLogon }));
+    return (_jsx(LoginLayout, { image_src: imageSrc, image_alt: imageAlt, image_background_color: imageBackgroundColor, data_client: dataClient, redirectRoute: redirectRoute, successMessage: successMessage, alreadyLoggedInMessage: alreadyLoggedInMessage, showLogoutButton: showLogoutButton, showReturnHomeButton: showReturnHomeButton, returnHomeButtonLabel: returnHomeButtonLabel, returnHomePath: returnHomePath, forgot_password_path: forgotPasswordPath, forgot_password_label: forgotPasswordLabel, create_account_path: createAccountPath, create_account_label: createAccountLabel, urlOnLogon: urlOnLogon }));
 }
 export default LoginPage;

package/dist/page_components/register.d.ts

@@ -10,6 +10,9 @@ export type RegisterPageProps = {
     signInPath?: string;
     signInLabel?: string;
     urlOnLogon?: string;
+    imageSrc?: string;
+    imageAlt?: string;
+    imageBackgroundColor?: string;
 };
 /**
  * Zero-config register page component
@@ -17,6 +20,6 @@ export type RegisterPageProps = {
  * @param props - Optional configuration overrides
  * @returns Register page component
  */
-export declare function RegisterPage({ showNameField, passwordRequirements, alreadyLoggedInMessage, showLogoutButton, showReturnHomeButton, returnHomeButtonLabel, returnHomePath, signInPath, signInLabel, urlOnLogon, }?: RegisterPageProps): import("react/jsx-runtime").JSX.Element;
+export declare function RegisterPage({ showNameField, passwordRequirements, alreadyLoggedInMessage, showLogoutButton, showReturnHomeButton, returnHomeButtonLabel, returnHomePath, signInPath, signInLabel, urlOnLogon, imageSrc, imageAlt, imageBackgroundColor, }?: RegisterPageProps): import("react/jsx-runtime").JSX.Element;
 export default RegisterPage;
 //# sourceMappingURL=register.d.ts.map

package/dist/page_components/register.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"register.d.ts","sourceRoot":"","sources":["../../src/page_components/register.tsx"],"names":[],"mappings":"AAwBA,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,0DAA0D,CAAC;AAW7G,MAAM,MAAM,iBAAiB,GAAG;IAC9B,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,oBAAoB,CAAC,EAAE,4BAA4B,CAAC;IACpD,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC;AAGF;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,EAC3B,aAAoB,EACpB,oBAAoD,EACpD,sBAAoD,EACpD,gBAAuB,EACvB,oBAA4B,EAC5B,qBAAqC,EACrC,cAAoB,EACpB,UAA+B,EAC/B,WAAuB,EACvB,UAAU,GACX,GAAE,iBAAsB,2CAqCxB;AAED,eAAe,YAAY,CAAC"}
+{"version":3,"file":"register.d.ts","sourceRoot":"","sources":["../../src/page_components/register.tsx"],"names":[],"mappings":"AAwBA,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,0DAA0D,CAAC;AAgB7G,MAAM,MAAM,iBAAiB,GAAG;IAC9B,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,oBAAoB,CAAC,EAAE,4BAA4B,CAAC;IACpD,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B,CAAC;AAGF;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,EAC3B,aAAoB,EACpB,oBAAoD,EACpD,sBAAoD,EACpD,gBAAuB,EACvB,oBAA4B,EAC5B,qBAAqC,EACrC,cAAoB,EACpB,UAA+B,EAC/B,WAAuB,EACvB,UAAU,EACV,QAA4B,EAC5B,QAA4B,EAC5B,oBAAuC,GACxC,GAAE,iBAAsB,2CAwCxB;AAED,eAAe,YAAY,CAAC"}

package/dist/page_components/register.js

@@ -21,6 +21,10 @@ import { useEffect, useState } from "react";
 import register_layout from "../components/layouts/register/index.js";
 import { createLayoutDataClient } from "../components/layouts/shared/data/layout_data_client.js";
 import { create_sqlite_hazo_connect } from "../lib/hazo_connect_setup.js";
+// section: constants
+const DEFAULT_IMAGE_SRC = "/hazo_auth/images/register_default.jpg";
+const DEFAULT_IMAGE_ALT = "Illustration of a globe representing secure authentication workflows";
+const DEFAULT_IMAGE_BG = "#e2e8f0";
 const DEFAULT_PASSWORD_REQUIREMENTS = {
     minimum_length: 8,
     require_uppercase: true,
@@ -35,7 +39,7 @@ const DEFAULT_PASSWORD_REQUIREMENTS = {
  * @param props - Optional configuration overrides
  * @returns Register page component
  */
-export function RegisterPage({ showNameField = true, passwordRequirements = DEFAULT_PASSWORD_REQUIREMENTS, alreadyLoggedInMessage = "You are already logged in", showLogoutButton = true, showReturnHomeButton = false, returnHomeButtonLabel = "Return home", returnHomePath = "/", signInPath = "/hazo_auth/login", signInLabel = "Sign in", urlOnLogon, } = {}) {
+export function RegisterPage({ showNameField = true, passwordRequirements = DEFAULT_PASSWORD_REQUIREMENTS, alreadyLoggedInMessage = "You are already logged in", showLogoutButton = true, showReturnHomeButton = false, returnHomeButtonLabel = "Return home", returnHomePath = "/", signInPath = "/hazo_auth/login", signInLabel = "Sign in", urlOnLogon, imageSrc = DEFAULT_IMAGE_SRC, imageAlt = DEFAULT_IMAGE_ALT, imageBackgroundColor = DEFAULT_IMAGE_BG, } = {}) {
     const [dataClient, setDataClient] = useState(null);
     useEffect(() => {
         // Initialize hazo_connect on client side
@@ -48,6 +52,6 @@ export function RegisterPage({ showNameField = true, passwordRequirements = DEFA
         return (_jsx("div", { className: "cls_register_page_loading flex items-center justify-center min-h-screen", children: _jsx("div", { className: "text-slate-600 animate-pulse", children: "Loading..." }) }));
     }
     const RegisterLayout = register_layout;
-    return (_jsx(RegisterLayout, { password_requirements: passwordRequirements, show_name_field: showNameField, data_client: dataClient, alreadyLoggedInMessage: alreadyLoggedInMessage, showLogoutButton: showLogoutButton, showReturnHomeButton: showReturnHomeButton, returnHomeButtonLabel: returnHomeButtonLabel, returnHomePath: returnHomePath, signInPath: signInPath, signInLabel: signInLabel, urlOnLogon: urlOnLogon }));
+    return (_jsx(RegisterLayout, { image_src: imageSrc, image_alt: imageAlt, image_background_color: imageBackgroundColor, password_requirements: passwordRequirements, show_name_field: showNameField, data_client: dataClient, alreadyLoggedInMessage: alreadyLoggedInMessage, showLogoutButton: showLogoutButton, showReturnHomeButton: showReturnHomeButton, returnHomeButtonLabel: returnHomeButtonLabel, returnHomePath: returnHomePath, signInPath: signInPath, signInLabel: signInLabel, urlOnLogon: urlOnLogon }));
 }
 export default RegisterPage;

package/dist/page_components/reset_password.d.ts

@@ -10,6 +10,9 @@ export type ResetPasswordPageProps = {
     showReturnHomeButton?: boolean;
     returnHomeButtonLabel?: string;
     returnHomePath?: string;
+    imageSrc?: string;
+    imageAlt?: string;
+    imageBackgroundColor?: string;
 };
 /**
  * Zero-config reset password page component
@@ -17,6 +20,6 @@ export type ResetPasswordPageProps = {
  * @param props - Optional configuration overrides
  * @returns Reset password page component
  */
-export declare function ResetPasswordPage({ errorMessage, successMessage, loginPath, forgotPasswordPath, passwordRequirements, alreadyLoggedInMessage, showLogoutButton, showReturnHomeButton, returnHomeButtonLabel, returnHomePath, }?: ResetPasswordPageProps): import("react/jsx-runtime").JSX.Element;
+export declare function ResetPasswordPage({ errorMessage, successMessage, loginPath, forgotPasswordPath, passwordRequirements, alreadyLoggedInMessage, showLogoutButton, showReturnHomeButton, returnHomeButtonLabel, returnHomePath, imageSrc, imageAlt, imageBackgroundColor, }?: ResetPasswordPageProps): import("react/jsx-runtime").JSX.Element;
 export default ResetPasswordPage;
 //# sourceMappingURL=reset_password.d.ts.map

package/dist/page_components/reset_password.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"reset_password.d.ts","sourceRoot":"","sources":["../../src/page_components/reset_password.tsx"],"names":[],"mappings":"AAwBA,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,0DAA0D,CAAC;AAW7G,MAAM,MAAM,sBAAsB,GAAG;IACnC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,oBAAoB,CAAC,EAAE,4BAA4B,CAAC;IACpD,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,CAAC;AAGF;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,EAChC,YAAmE,EACnE,cAAwF,EACxF,SAA8B,EAC9B,kBAAiD,EACjD,oBAAoD,EACpD,sBAAoD,EACpD,gBAAuB,EACvB,oBAA4B,EAC5B,qBAAqC,EACrC,cAAoB,GACrB,GAAE,sBAA2B,2CAmC7B;AAED,eAAe,iBAAiB,CAAC"}
+{"version":3,"file":"reset_password.d.ts","sourceRoot":"","sources":["../../src/page_components/reset_password.tsx"],"names":[],"mappings":"AAwBA,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,0DAA0D,CAAC;AAgB7G,MAAM,MAAM,sBAAsB,GAAG;IACnC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,oBAAoB,CAAC,EAAE,4BAA4B,CAAC;IACpD,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B,CAAC;AAGF;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,EAChC,YAAmE,EACnE,cAAwF,EACxF,SAA8B,EAC9B,kBAAiD,EACjD,oBAAoD,EACpD,sBAAoD,EACpD,gBAAuB,EACvB,oBAA4B,EAC5B,qBAAqC,EACrC,cAAoB,EACpB,QAA4B,EAC5B,QAA4B,EAC5B,oBAAuC,GACxC,GAAE,sBAA2B,2CAsC7B;AAED,eAAe,iBAAiB,CAAC"}

package/dist/page_components/reset_password.js

@@ -21,6 +21,10 @@ import { useEffect, useState } from "react";
 import reset_password_layout from "../components/layouts/reset_password/index.js";
 import { createLayoutDataClient } from "../components/layouts/shared/data/layout_data_client.js";
 import { create_sqlite_hazo_connect } from "../lib/hazo_connect_setup.js";
+// section: constants
+const DEFAULT_IMAGE_SRC = "/hazo_auth/images/reset_password_default.jpg";
+const DEFAULT_IMAGE_ALT = "Illustration of a globe representing secure authentication workflows";
+const DEFAULT_IMAGE_BG = "#f1f5f9";
 const DEFAULT_PASSWORD_REQUIREMENTS = {
     minimum_length: 8,
     require_uppercase: true,
@@ -35,7 +39,7 @@ const DEFAULT_PASSWORD_REQUIREMENTS = {
  * @param props - Optional configuration overrides
  * @returns Reset password page component
  */
-export function ResetPasswordPage({ errorMessage = "Your password reset link has expired or is invalid", successMessage = "Password reset successful! You can now log in with your new password.", loginPath = "/hazo_auth/login", forgotPasswordPath = "/hazo_auth/forgot_password", passwordRequirements = DEFAULT_PASSWORD_REQUIREMENTS, alreadyLoggedInMessage = "You are already logged in", showLogoutButton = true, showReturnHomeButton = false, returnHomeButtonLabel = "Return home", returnHomePath = "/", } = {}) {
+export function ResetPasswordPage({ errorMessage = "Your password reset link has expired or is invalid", successMessage = "Password reset successful! You can now log in with your new password.", loginPath = "/hazo_auth/login", forgotPasswordPath = "/hazo_auth/forgot_password", passwordRequirements = DEFAULT_PASSWORD_REQUIREMENTS, alreadyLoggedInMessage = "You are already logged in", showLogoutButton = true, showReturnHomeButton = false, returnHomeButtonLabel = "Return home", returnHomePath = "/", imageSrc = DEFAULT_IMAGE_SRC, imageAlt = DEFAULT_IMAGE_ALT, imageBackgroundColor = DEFAULT_IMAGE_BG, } = {}) {
     const [dataClient, setDataClient] = useState(null);
     useEffect(() => {
         // Initialize hazo_connect on client side
@@ -48,6 +52,6 @@ export function ResetPasswordPage({ errorMessage = "Your password reset link has
         return (_jsx("div", { className: "cls_reset_password_page_loading flex items-center justify-center min-h-screen", children: _jsx("div", { className: "text-slate-600 animate-pulse", children: "Loading..." }) }));
     }
     const ResetPasswordLayout = reset_password_layout;
-    return (_jsx(ResetPasswordLayout, { data_client: dataClient, errorMessage: errorMessage, successMessage: successMessage, password_requirements: passwordRequirements, alreadyLoggedInMessage: alreadyLoggedInMessage, showLogoutButton: showLogoutButton, showReturnHomeButton: showReturnHomeButton, returnHomeButtonLabel: returnHomeButtonLabel, returnHomePath: returnHomePath }));
+    return (_jsx(ResetPasswordLayout, { image_src: imageSrc, image_alt: imageAlt, image_background_color: imageBackgroundColor, data_client: dataClient, errorMessage: errorMessage, successMessage: successMessage, password_requirements: passwordRequirements, alreadyLoggedInMessage: alreadyLoggedInMessage, showLogoutButton: showLogoutButton, showReturnHomeButton: showReturnHomeButton, returnHomeButtonLabel: returnHomeButtonLabel, returnHomePath: returnHomePath }));
 }
 export default ResetPasswordPage;

package/dist/page_components/verify_email.d.ts

@@ -6,6 +6,9 @@ export type VerifyEmailPageProps = {
     returnHomePath?: string;
     redirectDelay?: number;
     loginPath?: string;
+    imageSrc?: string;
+    imageAlt?: string;
+    imageBackgroundColor?: string;
 };
 /**
  * Zero-config verify email page component
@@ -13,6 +16,6 @@ export type VerifyEmailPageProps = {
  * @param props - Optional configuration overrides
  * @returns Verify email page component
  */
-export declare function VerifyEmailPage({ alreadyLoggedInMessage, showLogoutButton, showReturnHomeButton, returnHomeButtonLabel, returnHomePath, redirectDelay, loginPath, }?: VerifyEmailPageProps): import("react/jsx-runtime").JSX.Element;
+export declare function VerifyEmailPage({ alreadyLoggedInMessage, showLogoutButton, showReturnHomeButton, returnHomeButtonLabel, returnHomePath, redirectDelay, loginPath, imageSrc, imageAlt, imageBackgroundColor, }?: VerifyEmailPageProps): import("react/jsx-runtime").JSX.Element;
 export default VerifyEmailPage;
 //# sourceMappingURL=verify_email.d.ts.map

package/dist/page_components/verify_email.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"verify_email.d.ts","sourceRoot":"","sources":["../../src/page_components/verify_email.tsx"],"names":[],"mappings":"AA0BA,MAAM,MAAM,oBAAoB,GAAG;IACjC,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAGF;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,EAC9B,sBAAoD,EACpD,gBAAuB,EACvB,oBAA4B,EAC5B,qBAAqC,EACrC,cAAoB,EACpB,aAAoB,EACpB,SAA8B,GAC/B,GAAE,oBAAyB,2CAkC3B;AAED,eAAe,eAAe,CAAC"}
+{"version":3,"file":"verify_email.d.ts","sourceRoot":"","sources":["../../src/page_components/verify_email.tsx"],"names":[],"mappings":"AA+BA,MAAM,MAAM,oBAAoB,GAAG;IACjC,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B,CAAC;AAGF;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,EAC9B,sBAAoD,EACpD,gBAAuB,EACvB,oBAA4B,EAC5B,qBAAqC,EACrC,cAAoB,EACpB,aAAoB,EACpB,SAA8B,EAC9B,QAA4B,EAC5B,QAA4B,EAC5B,oBAAuC,GACxC,GAAE,oBAAyB,2CAqC3B;AAED,eAAe,eAAe,CAAC"}