hightjs 0.4.0 → 0.5.0

package/src/auth/react.tsx

@@ -1,234 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-import React, { createContext, useContext, useEffect, useState, useCallback, ReactNode } from 'react';
-import type { Session, SessionContextType, SignInOptions, SignInResult, User } from './types';
-import { router } from "../client/clientRouter";
-
-const SessionContext = createContext<SessionContextType | undefined>(undefined);
-
-interface SessionProviderProps {
-    children: ReactNode;
-    basePath?: string;
-    refetchInterval?: number;
-    refetchOnWindowFocus?: boolean;
-}
-
-export function SessionProvider({
-    children,
-    basePath = '/api/auth',
-    refetchInterval = 0,
-    refetchOnWindowFocus = true
-}: SessionProviderProps) {
-    const [session, setSession] = useState<Session | null>(null);
-    const [status, setStatus] = useState<'loading' | 'authenticated' | 'unauthenticated'>('loading');
-
-    // Fetch da sessão atual
-    const fetchSession = useCallback(async (): Promise<Session | null> => {
-        try {
-            const response = await fetch(`${basePath}/session`, {
-                credentials: 'include'
-            });
-
-            if (!response.ok) {
-                setStatus('unauthenticated');
-                return null;
-            }
-
-            const data = await response.json();
-            const sessionData = data.session;
-
-            if (sessionData) {
-                setSession(sessionData);
-                setStatus('authenticated');
-                return sessionData;
-            } else {
-                setSession(null);
-                setStatus('unauthenticated');
-                return null;
-            }
-        } catch (error) {
-            console.error('[hweb-auth] Error fetching session:', error);
-            setSession(null);
-            setStatus('unauthenticated');
-            return null;
-        }
-    }, [basePath]);
-
-    // SignIn function
-    const signIn = useCallback(async (
-        provider: string = 'credentials',
-        options: SignInOptions = {}
-    ): Promise<SignInResult | undefined> => {
-        try {
-            const { redirect = true, callbackUrl, ...credentials } = options;
-
-            const response = await fetch(`${basePath}/signin`, {
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                },
-                credentials: 'include',
-                body: JSON.stringify({
-                    provider,
-                    ...credentials
-                })
-            });
-
-            const data = await response.json();
-
-            if (response.ok && data.success) {
-                await fetchSession();
-                // Se é OAuth, redireciona para URL fornecida
-                if (data.type === 'oauth' && data.redirectUrl) {
-                    if (redirect && typeof window !== 'undefined') {
-                        window.location.href = data.redirectUrl;
-                    }
-
-                    return {
-                        ok: true,
-                        status: 200,
-                        url: data.redirectUrl
-                    };
-                }
-
-                // Se é sessão (credentials), redireciona para callbackUrl
-                if (data.type === 'session') {
-                    if (redirect && typeof window !== 'undefined') {
-                        window.location.href = callbackUrl || '/';
-                    }
-
-                    return {
-                        ok: true,
-                        status: 200,
-                        url: callbackUrl || '/'
-                    };
-                }
-            } else {
-                return {
-                    error: data.error || 'Authentication failed',
-                    status: response.status,
-                    ok: false
-                };
-            }
-        } catch (error) {
-            console.error('[hweb-auth] Error on signIn:', error);
-            return {
-                error: 'Network error',
-                status: 500,
-                ok: false
-            };
-        }
-    }, [basePath, fetchSession]);
-
-    // SignOut function
-    const signOut = useCallback(async (options: { callbackUrl?: string } = {}): Promise<void> => {
-        try {
-            await fetch(`${basePath}/signout`, {
-                method: 'POST',
-                credentials: 'include'
-            });
-
-            setSession(null);
-            setStatus('unauthenticated');
-
-            if (typeof window !== 'undefined') {
-                try {
-                    router.push(options.callbackUrl || '/');
-                } catch (e) {
-                    window.location.href = options.callbackUrl || '/';
-                }
-            }
-        } catch (error) {
-            console.error('[hweb-auth] Error on signOut:', error);
-        }
-    }, [basePath]);
-
-    // Update session
-    const update = useCallback(async (): Promise<Session | null> => {
-        return await fetchSession();
-    }, [fetchSession]);
-
-    // Initial session fetch
-    useEffect(() => {
-        fetchSession();
-    }, [fetchSession]);
-
-    // Refetch interval
-    useEffect(() => {
-        if (refetchInterval > 0) {
-            const interval = setInterval(() => {
-                if (status === 'authenticated') {
-                    fetchSession();
-                }
-            }, refetchInterval * 1000);
-
-            return () => clearInterval(interval);
-        }
-    }, [refetchInterval, status, fetchSession]);
-
-    // Refetch on window focus
-    useEffect(() => {
-        if (refetchOnWindowFocus) {
-            const handleFocus = () => {
-                if (status === 'authenticated') {
-                    fetchSession();
-                }
-            };
-
-            window.addEventListener('focus', handleFocus);
-            return () => window.removeEventListener('focus', handleFocus);
-        }
-    }, [refetchOnWindowFocus, status, fetchSession]);
-
-    const value: SessionContextType = {
-        data: session,
-        status,
-        signIn,
-        signOut,
-        update
-    };
-
-    return (
-        <SessionContext.Provider value={value}>
-            {children}
-        </SessionContext.Provider>
-    );
-}
-
-/**
- * Hook para acessar a sessão atual
- */
-export function useSession(): SessionContextType {
-    const context = useContext(SessionContext);
-    if (context === undefined) {
-        throw new Error('useSession must be used inside a SessionProvider');
-    }
-    return context;
-}
-
-/**
- * Hook para verificar se o usuário está autenticado
- */
-export function useAuth(): { user: User | null; isAuthenticated: boolean; isLoading: boolean } {
-    const { data: session, status } = useSession();
-
-    return {
-        user: session?.user || null,
-        isAuthenticated: status === 'authenticated',
-        isLoading: status === 'loading'
-    };
-}

package/src/auth/routes.ts

@@ -1,183 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-import { HightJSRequest, HightJSResponse } from '../api/http';
-import type { AuthConfig } from './types';
-import { HWebAuth } from './core';
-import Console from "../api/console";
-
-/**
- * Cria o handler catch-all para /api/auth/[...value]
- */
-export function createAuthRoutes(config: AuthConfig) {
-    const auth = new HWebAuth(config);
-
-    /**
-     * Handler principal que gerencia todas as rotas de auth
-     * Uso: /api/auth/[...value].ts
-     */
-    return {
-        pattern: '/api/auth/[...value]',
-
-        async GET(req: HightJSRequest, params: { [key: string]: string }) {
-
-            const path = params["value"];
-            const route = Array.isArray(path) ? path.join('/') : path || '';
-
-            // Verifica rotas adicionais dos providers primeiro
-            const additionalRoutes = auth.getAllAdditionalRoutes();
-            for (const { provider, route: additionalRoute } of additionalRoutes) {
-
-                if (additionalRoute.method === 'GET' && additionalRoute.path.includes(route)) {
-                    try {
-                        return await additionalRoute.handler(req, params);
-                    } catch (error) {
-                        console.error(`[${provider} Provider] Error in additional route:`, error);
-                        return HightJSResponse.json({ error: 'Provider route error' }, { status: 500 });
-                    }
-                }
-            }
-
-            // Rotas padrão do sistema
-            switch (route) {
-                case 'session':
-                    return await handleSession(req, auth);
-
-                case 'csrf':
-                    return await handleCsrf(req);
-
-                case 'providers':
-                    return await handleProviders(auth);
-
-                default:
-                    return HightJSResponse.json({ error: 'Route not found' }, { status: 404 });
-            }
-        },
-
-        async POST(req: HightJSRequest, params: { [key: string]: string }) {
-            const path = params["value"];
-            const route = Array.isArray(path) ? path.join('/') : path || '';
-
-            // Verifica rotas adicionais dos providers primeiro
-            const additionalRoutes = auth.getAllAdditionalRoutes();
-            for (const { provider, route: additionalRoute } of additionalRoutes) {
-                if (additionalRoute.method === 'POST' && additionalRoute.path.includes(route)) {
-                    try {
-                        return await additionalRoute.handler(req, params);
-                    } catch (error) {
-                        console.error(`[${provider} Provider] Error in additional route:`, error);
-                        return HightJSResponse.json({ error: 'Provider route error' }, { status: 500 });
-                    }
-                }
-            }
-
-            // Rotas padrão do sistema
-            switch (route) {
-                case 'signin':
-                    return await handleSignIn(req, auth);
-
-                case 'signout':
-                    return await handleSignOut(req, auth);
-
-                default:
-                    return HightJSResponse.json({ error: 'Route not found' }, { status: 404 });
-            }
-        },
-
-        // Instância do auth para uso manual
-        auth
-    };
-}
-
-/**
- * Handler para GET /api/auth/session
- */
-async function handleSession(req: HightJSRequest, auth: HWebAuth) {
-    const session = await auth.getSession(req);
-
-    if (!session) {
-        return HightJSResponse.json({ session: null });
-    }
-
-    return HightJSResponse.json({ session });
-}
-
-/**
- * Handler para GET /api/auth/csrf
- */
-async function handleCsrf(req: HightJSRequest) {
-    // Token CSRF simples para proteção
-    const csrfToken = Math.random().toString(36).substring(2, 15) +
-        Math.random().toString(36).substring(2, 15);
-
-    return HightJSResponse.json({ csrfToken });
-}
-
-/**
- * Handler para GET /api/auth/providers
- */
-async function handleProviders(auth: HWebAuth) {
-    const providers = auth.getProviders();
-
-    return HightJSResponse.json({ providers });
-}
-
-/**
- * Handler para POST /api/auth/signin
- */
-async function handleSignIn(req: HightJSRequest, auth: HWebAuth) {
-    try {
-        const { provider = 'credentials', ...credentials } = await req.json();
-
-        const result = await auth.signIn(provider, credentials);
-
-        if (!result) {
-            return HightJSResponse.json(
-                { error: 'Invalid credentials' },
-                { status: 401 }
-            );
-        }
-
-        // Se tem redirectUrl, é OAuth - retorna URL para redirecionamento
-        if ('redirectUrl' in result) {
-            return HightJSResponse.json({
-                success: true,
-                redirectUrl: result.redirectUrl,
-                type: 'oauth'
-            });
-        }
-
-        // Se tem session, é credentials - retorna sessão
-        return auth.createAuthResponse(result.token, {
-            success: true,
-            user: result.session.user,
-            type: 'session'
-        });
-    } catch (error) {
-        console.error('[hweb-auth] Error on handleSignIn:', error);
-        return HightJSResponse.json(
-            { error: 'Authentication failed' },
-            { status: 500 }
-        );
-    }
-}
-
-/**
- * Handler para POST /api/auth/signout
- */
-async function handleSignOut(req: HightJSRequest, auth: HWebAuth) {
-    return await auth.signOut(req);
-}

package/src/auth/types.ts

@@ -1,108 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-// Tipos para o sistema de autenticação
-export type User = Record<string, any>;
-
-export interface Session {
-    user: User;
-    expires: string;
-    accessToken?: string;
-}
-
-// Client-side types
-export interface SignInOptions {
-    redirect?: boolean;
-    callbackUrl?: string;
-    [key: string]: any;
-}
-
-export interface SignInResult {
-    error?: string;
-    status?: number;
-    ok?: boolean;
-    url?: string;
-}
-
-export interface SessionContextType {
-    data: Session | null;
-    status: 'loading' | 'authenticated' | 'unauthenticated';
-    signIn: (provider?: string, options?: SignInOptions) => Promise<SignInResult | undefined>;
-    signOut: (options?: { callbackUrl?: string }) => Promise<void>;
-    update: () => Promise<Session | null>;
-}
-
-export interface AuthRoute {
-    method: 'GET' | 'POST' | 'PUT' | 'DELETE';
-    path: string;
-    handler: (req: any, params: any) => Promise<any>;
-}
-
-export interface AuthProviderClass {
-    id: string;
-    name: string;
-    type: string;
-
-    // Para providers OAuth - retorna URL de redirecionamento
-    handleOauth?(credentials: Record<string, string>): Promise<string> | string;
-
-    // Métodos principais
-    handleSignIn(credentials: Record<string, string>): Promise<User | string | null>;
-    handleSignOut?(): Promise<void>;
-
-    // Rotas adicionais que o provider pode ter
-    additionalRoutes?: AuthRoute[];
-
-    // Configurações específicas do provider
-    getConfig?(): any;
-}
-
-export interface AuthConfig {
-    providers: AuthProviderClass[];
-    pages?: {
-        signIn?: string;
-        signOut?: string;
-        error?: string;
-    };
-    callbacks?: {
-        signIn?: (user: User, account: any, profile: any) => boolean | Promise<boolean>;
-        session?: ({session, user, provider}: {session: Session, user: User, provider: string}) => Session | Promise<Session>;
-        jwt?: (token: any, user: User, account: any, profile: any) => any | Promise<any>;
-    };
-    session?: {
-        strategy?: 'jwt' | 'database';
-        maxAge?: number;
-        updateAge?: number;
-    };
-    secret?: string;
-    debug?: boolean;
-    secureCookies?: boolean;
-}
-
-
-
-// Provider para credenciais
-export interface CredentialsConfig {
-    id?: string;
-    name?: string;
-    credentials: Record<string, {
-        label: string;
-        type: string;
-        placeholder?: string;
-    }>;
-    authorize: (credentials: Record<string, string>) => Promise<User | null> | User | null;
-}