npm - hightjs - Versions diffs - 0.2.42 → 0.2.45 - Mend

hightjs 0.2.42 → 0.2.45

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

package/.idea/copilotDiffState.xml +67 -0
package/README.md +26 -514
package/dist/auth/core.js +3 -3
package/dist/auth/index.d.ts +1 -1
package/dist/auth/index.js +2 -1
package/dist/auth/providers/google.d.ts +63 -0
package/dist/auth/providers/google.js +186 -0
package/dist/auth/providers.d.ts +1 -0
package/dist/auth/providers.js +3 -1
package/dist/auth/types.d.ts +6 -7
package/dist/bin/hightjs.js +393 -0
package/dist/client/entry.client.js +11 -1
package/dist/hotReload.d.ts +8 -1
package/dist/hotReload.js +304 -144
package/dist/index.d.ts +2 -1
package/dist/index.js +20 -33
package/dist/renderer.js +1 -1
package/dist/router.d.ts +24 -1
package/dist/router.js +201 -2
package/dist/types.d.ts +19 -1
package/docs/README.md +59 -0
package/docs/adapters.md +7 -0
package/docs/arquivos-especiais.md +10 -0
package/docs/autenticacao.md +212 -0
package/docs/checklist.md +9 -0
package/docs/cli.md +21 -0
package/docs/estrutura.md +20 -0
package/docs/faq.md +10 -0
package/docs/hot-reload.md +5 -0
package/docs/middlewares.md +73 -0
package/docs/rotas-backend.md +45 -0
package/docs/rotas-frontend.md +66 -0
package/docs/seguranca.md +8 -0
package/docs/websocket.md +45 -0
package/package.json +1 -1
package/src/auth/core.ts +3 -3
package/src/auth/index.ts +2 -3
package/src/auth/providers/google.ts +218 -0
package/src/auth/providers.ts +1 -1
package/src/auth/types.ts +3 -8
package/src/bin/hightjs.js +475 -0
package/src/client/entry.client.tsx +12 -1
package/src/hotReload.ts +333 -147
package/src/index.ts +58 -51
package/src/renderer.tsx +1 -1
package/src/router.ts +230 -3
package/src/types.ts +24 -1
package/dist/adapters/starters/express.d.ts +0 -0
package/dist/adapters/starters/express.js +0 -1
package/dist/adapters/starters/factory.d.ts +0 -0
package/dist/adapters/starters/factory.js +0 -1
package/dist/adapters/starters/fastify.d.ts +0 -0
package/dist/adapters/starters/fastify.js +0 -1
package/dist/adapters/starters/index.d.ts +0 -0
package/dist/adapters/starters/index.js +0 -1
package/dist/adapters/starters/native.d.ts +0 -0
package/dist/adapters/starters/native.js +0 -1
package/dist/auth/example.d.ts +0 -40
package/dist/auth/example.js +0 -104
package/dist/client/ErrorBoundary.d.ts +0 -16
package/dist/client/ErrorBoundary.js +0 -181
package/dist/client/routerContext.d.ts +0 -26
package/dist/client/routerContext.js +0 -62
package/dist/eslint/index.d.ts +0 -32
package/dist/eslint/index.js +0 -15
package/dist/eslint/use-client-rule.d.ts +0 -19
package/dist/eslint/use-client-rule.js +0 -99
package/dist/eslintSetup.d.ts +0 -0
package/dist/eslintSetup.js +0 -1
package/dist/example/src/web/routes/index.d.ts +0 -3
package/dist/example/src/web/routes/index.js +0 -15
package/dist/typescript/use-client-plugin.d.ts +0 -5
package/dist/typescript/use-client-plugin.js +0 -113
package/dist/validation.d.ts +0 -0
package/dist/validation.js +0 -1
package/src/auth/example.ts +0 -115

package/src/auth/providers/google.ts ADDED Viewed

@@ -0,0 +1,218 @@
+import type {AuthProviderClass, AuthRoute, User} from '../types';
+import {HightJSRequest, HightJSResponse} from '../../api/http';
+export interface GoogleConfig {
+    id?: string;
+    name?: string;
+    clientId: string;
+    clientSecret: string;
+    callbackUrl?: string;
+    successUrl?: string;
+    // Escopos OAuth do Google, padrão: ['openid', 'email', 'profile']
+    scope?: string[];
+}
+/**
+ * Provider para autenticação com Google OAuth2
+ *
+ * Este provider permite autenticação usando Google OAuth2.
+ * Automaticamente gerencia o fluxo OAuth completo e rotas necessárias.
+ *
+ * Exemplo de uso:
+ * ```typescript
+ * new GoogleProvider({
+ * clientId: process.env.GOOGLE_CLIENT_ID!,
+ * clientSecret: process.env.GOOGLE_CLIENT_SECRET!,
+ * callbackUrl: "http://localhost:3000/api/auth/callback/google"
+ * })
+ * ```
+ *
+ * Fluxo de autenticação:
+ * 1. GET /api/auth/signin/google - Gera URL e redireciona para Google
+ * 2. Google redireciona para /api/auth/callback/google com código
+ * 3. Provider troca código por token e busca dados do usuário
+ * 4. Retorna objeto User com dados do Google
+ */
+export class GoogleProvider implements AuthProviderClass {
+    public readonly id: string;
+    public readonly name: string;
+    public readonly type: string = 'google';
+    private config: GoogleConfig;
+    private readonly defaultScope = [
+        'openid',
+        'https://www.googleapis.com/auth/userinfo.email',
+        'https://www.googleapis.com/auth/userinfo.profile'
+    ];
+    constructor(config: GoogleConfig) {
+        this.config = config;
+        this.id = config.id || 'google';
+        this.name = config.name || 'Google';
+    }
+    /**
+     * Método para gerar URL OAuth (usado pelo handleSignIn)
+     */
+    handleOauth(credentials: Record<string, string> = {}): string {
+        return this.getAuthorizationUrl();
+    }
+    /**
+     * Método principal - redireciona para OAuth ou processa o callback
+     */
+    async handleSignIn(credentials: Record<string, string>): Promise<User | string | null> {
+        // Se tem código, é o callback - processa a autenticação
+        if (credentials.code) {
+            return await this.processOAuthCallback(credentials);
+        }
+        // Se não tem código, é o início do OAuth - retorna a URL
+        return this.handleOauth(credentials);
+    }
+    /**
+     * Processa o callback do OAuth (troca o código pelo usuário)
+     */
+    private async processOAuthCallback(credentials: Record<string, string>): Promise<User | null> {
+        try {
+            const { code } = credentials;
+            if (!code) {
+                throw new Error('Authorization code not provided');
+            }
+            // Troca o código por um access token
+            const tokenResponse = await fetch('https://oauth2.googleapis.com/token', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/x-www-form-urlencoded',
+                },
+                body: new URLSearchParams({
+                    client_id: this.config.clientId,
+                    client_secret: this.config.clientSecret,
+                    grant_type: 'authorization_code',
+                    code,
+                    redirect_uri: this.config.callbackUrl || '',
+                }),
+            });
+            if (!tokenResponse.ok) {
+                const error = await tokenResponse.text();
+                throw new Error(`Failed to exchange code for token: ${error}`);
+            }
+            const tokens = await tokenResponse.json();
+            // Busca os dados do usuário com o access token
+            const userResponse = await fetch('https://www.googleapis.com/oauth2/v2/userinfo', {
+                headers: {
+                    'Authorization': `Bearer ${tokens.access_token}`,
+                },
+            });
+            if (!userResponse.ok) {
+                throw new Error('Failed to fetch user data');
+            }
+            const googleUser = await userResponse.json();
+            // Retorna o objeto User padronizado
+            return {
+                id: googleUser.id,
+                name: googleUser.name,
+                email: googleUser.email,
+                image: googleUser.picture || null,
+                provider: this.id,
+                providerId: googleUser.id,
+                accessToken: tokens.access_token,
+                refreshToken: tokens.refresh_token
+            };
+        } catch (error) {
+            console.error(`[${this.id} Provider] Error during OAuth callback:`, error);
+            return null;
+        }
+    }
+    /**
+     * Rotas adicionais específicas do Google OAuth
+     */
+    public additionalRoutes: AuthRoute[] = [
+        // Rota de callback do Google
+        {
+            method: 'GET',
+            path: '/api/auth/callback/google',
+            handler: async (req: HightJSRequest, params: any) => {
+                const url = new URL(req.url || '', 'http://localhost');
+                const code = url.searchParams.get('code');
+                if (!code) {
+                    return HightJSResponse.json({ error: 'Authorization code not provided' }, { status: 400 });
+                }
+                try {
+                    // Delega o 'code' para o endpoint de signin principal
+                    const authResponse = await fetch(`${req.headers.origin || 'http://localhost:3000'}/api/auth/signin`, {
+                        method: 'POST',
+                        headers: {
+                            'Content-Type': 'application/json',
+                        },
+                        body: JSON.stringify({
+                            provider: this.id,
+                            code,
+                        })
+                    });
+                    if (authResponse.ok) {
+                        // Propaga o cookie de sessão e redireciona para a URL de sucesso
+                        const setCookieHeader = authResponse.headers.get('set-cookie');
+                        if(this.config.successUrl) {
+                            return HightJSResponse
+                                .redirect(this.config.successUrl)
+                                .header('Set-Cookie', setCookieHeader || '');
+                        }
+                        return HightJSResponse.json({ success: true })
+                            .header('Set-Cookie', setCookieHeader || '');
+                    } else {
+                        const errorText = await authResponse.text();
+                        console.error(`[${this.id} Provider] Session creation failed during callback. Status: ${authResponse.status}, Body: ${errorText}`);
+                        return HightJSResponse.json({ error: 'Session creation failed' }, { status: 500 });
+                    }
+                } catch (error) {
+                    console.error(`[${this.id} Provider] Callback handler fetch error:`, error);
+                    return HightJSResponse.json({ error: 'Internal server error' }, { status: 500 });
+                }
+            }
+        }
+    ];
+    /**
+     * Gera a URL de autorização do Google
+     */
+    getAuthorizationUrl(): string {
+        const params = new URLSearchParams({
+            client_id: this.config.clientId,
+            redirect_uri: this.config.callbackUrl || '',
+            response_type: 'code',
+            scope: (this.config.scope || this.defaultScope).join(' ')
+        });
+        return `https://accounts.google.com/o/oauth2/v2/auth?${params.toString()}`;
+    }
+    /**
+     * Retorna a configuração pública do provider
+     */
+    getConfig(): any {
+        return {
+            id: this.id,
+            name: this.name,
+            type: this.type,
+            clientId: this.config.clientId, // Público
+            scope: this.config.scope || this.defaultScope,
+            callbackUrl: this.config.callbackUrl
+        };
+    }
+}

package/src/auth/providers.ts CHANGED Viewed

@@ -1,4 +1,4 @@
 // Exportações dos providers
 export { CredentialsProvider } from './providers/credentials';
 export { DiscordProvider } from './providers/discord';
+export { GoogleProvider } from './providers/google';

package/src/auth/types.ts CHANGED Viewed

@@ -63,7 +63,7 @@ export interface AuthConfig {
     };
     callbacks?: {
         signIn?: (user: User, account: any, profile: any) => boolean | Promise<boolean>;
-        session?: (session: Session, user: User) => Session | Promise<Session>;
+        session?: ({session, user, provider}: {session: Session, user: User, provider: string}) => Session | Promise<Session>;
         jwt?: (token: any, user: User, account: any, profile: any) => any | Promise<any>;
     };
     session?: {
@@ -73,15 +73,10 @@ export interface AuthConfig {
     };
     secret?: string;
     debug?: boolean;
+    secureCookies?: boolean;
 }
-// Interface legada para compatibilidade
-export interface AuthProvider {
-    id: string;
-    name: string;
-    type: 'credentials';
-    authorize?: (credentials: Record<string, string>) => Promise<User | null> | User | null;
-}
 // Provider para credenciais
 export interface CredentialsConfig {