hightjs 0.4.0 → 0.5.1

package/src/auth/client.ts

@@ -1,171 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-import type { SignInOptions, SignInResult, Session } from './types';
-// Configuração global do client
-let basePath = '/api/auth';
-
-export function setBasePath(path: string) {
-    basePath = path;
-}
-
-/**
- * Função para obter a sessão atual (similar ao NextAuth getSession)
- */
-export async function getSession(): Promise<Session | null> {
-    try {
-        const response = await fetch(`${basePath}/session`, {
-            credentials: 'include'
-        });
-
-        if (!response.ok) {
-            return null;
-        }
-
-        const data = await response.json();
-        return data.session || null;
-    } catch (error) {
-        console.error('[hweb-auth] Error fetching session:', error);
-        return null;
-    }
-}
-
-/**
- * Função para obter token CSRF
- */
-export async function getCsrfToken(): Promise<string | null> {
-    try {
-        const response = await fetch(`${basePath}/csrf`, {
-            credentials: 'include'
-        });
-
-        if (!response.ok) {
-            return null;
-        }
-
-        const data = await response.json();
-        return data.csrfToken || null;
-    } catch (error) {
-        console.error('[hweb-auth] Error fetching CSRF token:', error);
-        return null;
-    }
-}
-
-/**
- * Função para obter providers disponíveis
- */
-export async function getProviders(): Promise<any[] | null> {
-    try {
-        const response = await fetch(`${basePath}/providers`, {
-            credentials: 'include'
-        });
-
-        if (!response.ok) {
-            return null;
-        }
-
-        const data = await response.json();
-        return data.providers || [];
-    } catch (error) {
-        console.error('[hweb-auth] Error searching for providers:', error);
-        return null;
-    }
-}
-
-/**
- * Função para fazer login (similar ao NextAuth signIn)
- */
-export async function signIn(
-    provider: string = 'credentials',
-    options: SignInOptions = {}
-): Promise<SignInResult | undefined> {
-    try {
-        const { redirect = true, callbackUrl, ...credentials } = options;
-
-        const response = await fetch(`${basePath}/signin`, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-            },
-            credentials: 'include',
-            body: JSON.stringify({
-                provider,
-                ...credentials
-            })
-        });
-
-        const data = await response.json();
-
-        if (response.ok && data.success) {
-            // Se é OAuth, redireciona para URL fornecida
-            if (data.type === 'oauth' && data.redirectUrl) {
-                if (redirect && typeof window !== 'undefined') {
-                    window.location.href = data.redirectUrl;
-                }
-
-                return {
-                    ok: true,
-                    status: 200,
-                    url: data.redirectUrl
-                };
-            }
-
-            // Se é sessão (credentials), redireciona para callbackUrl
-            if (data.type === 'session') {
-                if (redirect && typeof window !== 'undefined') {
-                    window.location.href = callbackUrl || '/';
-                }
-
-                return {
-                    ok: true,
-                    status: 200,
-                    url: callbackUrl || '/'
-                };
-            }
-        } else {
-            return {
-                error: data.error || 'Authentication failed',
-                status: response.status,
-                ok: false
-            };
-        }
-    } catch (error) {
-        console.error('[hweb-auth] Error on signIn:', error);
-        return {
-            error: 'Network error',
-            status: 500,
-            ok: false
-        };
-    }
-}
-
-/**
- * Função para fazer logout (similar ao NextAuth signOut)
- */
-export async function signOut(options: { callbackUrl?: string } = {}): Promise<void> {
-    try {
-        await fetch(`${basePath}/signout`, {
-            method: 'POST',
-            credentials: 'include'
-        });
-
-        if (typeof window !== 'undefined') {
-            window.location.href = options.callbackUrl || '/';
-        }
-    } catch (error) {
-        console.error('[hweb-auth] Error on signOut:', error);
-    }
-}

package/src/auth/components.tsx

@@ -1,125 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-import React, { ReactNode } from 'react';
-import { useAuth } from './react';
-import { router } from '../client/clientRouter';
-interface ProtectedRouteProps {
-    children: ReactNode;
-    fallback?: ReactNode;
-    redirectTo?: string;
-    requireAuth?: boolean;
-}
-
-/**
- * Componente para proteger rotas que requerem autenticação
- */
-export function ProtectedRoute({
-    children,
-    fallback,
-    redirectTo = '/auth/signin',
-    requireAuth = true
-}: ProtectedRouteProps) {
-    const { isAuthenticated, isLoading } = useAuth();
-
-    // Ainda carregando
-    if (isLoading) {
-        return fallback || <div>Loading...</div>;
-    }
-
-    // Requer auth mas não está autenticado
-    if (requireAuth && !isAuthenticated) {
-        if (typeof window !== 'undefined' && redirectTo) {
-            window.location.href = redirectTo;
-            return null;
-        }
-        return fallback || <div>Unauthorized</div>;
-    }
-
-    // Não requer auth mas está autenticado (ex: página de login)
-    if (!requireAuth && isAuthenticated && redirectTo) {
-        if (typeof window !== 'undefined') {
-            window.location.href = redirectTo;
-            return null;
-        }
-    }
-
-    return <>{children}</>;
-}
-
-interface GuardProps {
-    children: ReactNode;
-    fallback?: ReactNode;
-    redirectTo?: string;
-}
-
-/**
- * Guard simples que só renderiza children se estiver autenticado
- */
-export function AuthGuard({ children, fallback, redirectTo }: GuardProps) {
-    const { isAuthenticated, isLoading } = useAuth();
-
-    if(redirectTo && !isLoading && !isAuthenticated) {
-        router.push(redirectTo);
-    }
-
-    if (isLoading) {
-        return fallback || <div></div>;
-    }
-
-    if (!isAuthenticated) {
-        return fallback || null;
-    }
-
-    return <>{children}</>;
-}
-
-/**
- * Componente para mostrar conteúdo apenas para usuários não autenticados
- */
-export function GuestOnly({ children, fallback, redirectTo }: GuardProps) {
-    const { isAuthenticated, isLoading } = useAuth();
-
-    if(redirectTo && !isLoading && isAuthenticated) {
-        router.push(redirectTo);
-    }
-
-    if (isLoading || isAuthenticated) {
-        return fallback || <div></div>;
-    }
-
-    return <>{children}</>;
-}
-
-/**
- * Hook para redirecionar baseado no status de autenticação
- */
-export function useAuthRedirect(
-    authenticatedRedirect?: string,
-    unauthenticatedRedirect?: string
-) {
-    const { isAuthenticated, isLoading } = useAuth();
-
-    React.useEffect(() => {
-        if (isLoading) return;
-
-        if (isAuthenticated && authenticatedRedirect) {
-            window.location.href = authenticatedRedirect;
-        } else if (!isAuthenticated && unauthenticatedRedirect) {
-            window.location.href = unauthenticatedRedirect;
-        }
-    }, [isAuthenticated, isLoading, authenticatedRedirect, unauthenticatedRedirect]);
-}

package/src/auth/core.ts

@@ -1,215 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-import { HightJSRequest, HightJSResponse } from '../api/http';
-import type { AuthConfig, AuthProviderClass, User, Session } from './types';
-import { SessionManager } from './jwt';
-
-export class HWebAuth {
-    private config: AuthConfig;
-    private sessionManager: SessionManager;
-
-    constructor(config: AuthConfig) {
-        this.config = {
-            session: { strategy: 'jwt', maxAge: 86400, ...config.session },
-            pages: { signIn: '/auth/signin', signOut: '/auth/signout', ...config.pages },
-            ...config
-        };
-
-        this.sessionManager = new SessionManager(
-            config.secret,
-            this.config.session?.maxAge || 86400
-        );
-    }
-
-    /**
-     * Middleware para adicionar autenticação às rotas
-     */
-    private async middleware(req: HightJSRequest): Promise<{ session: Session | null; user: User | null }> {
-        const token = this.getTokenFromRequest(req);
-
-        if (!token) {
-            return { session: null, user: null };
-        }
-
-        const session = this.sessionManager.verifySession(token);
-        return {
-            session,
-            user: session?.user || null
-        };
-    }
-
-    /**
-     * Autentica um usuário usando um provider específico
-     */
-    async signIn(providerId: string, credentials: Record<string, string>): Promise<{ session: Session; token: string } | { redirectUrl: string } | null> {
-        const provider = this.config.providers.find(p => p.id === providerId);
-        if (!provider) {
-            console.error(`[hweb-auth] Provider not found: ${providerId}`);
-            return null;
-        }
-
-        try {
-            // Usa o método handleSignIn do provider
-            const result = await provider.handleSignIn(credentials);
-
-            if (!result) return null;
-
-            // Se resultado é string, é URL de redirecionamento OAuth
-            if (typeof result === 'string') {
-                return { redirectUrl: result };
-            }
-
-            // Se resultado é User, cria sessão
-            const user = result as User;
-
-            // Callback de signIn se definido
-            if (this.config.callbacks?.signIn) {
-                const allowed = await this.config.callbacks.signIn(user, { provider: providerId }, {});
-                if (!allowed) return null;
-            }
-
-            const sessionResult = this.sessionManager.createSession(user);
-
-            // Callback de sessão se definido
-            if (this.config.callbacks?.session) {
-                sessionResult.session = await this.config.callbacks.session({session: sessionResult.session, user, provider: providerId});
-            }
-
-            return sessionResult;
-        } catch (error) {
-            console.error(`[hweb-auth] Error signing in with provider ${providerId}:`, error);
-            return null;
-        }
-    }
-
-    /**
-     * Faz logout do usuário
-     */
-    async signOut(req: HightJSRequest): Promise<HightJSResponse> {
-        // Busca a sessão atual para saber qual provider usar
-        const { session } = await this.middleware(req);
-
-        if (session?.user?.provider) {
-            const provider = this.config.providers.find(p => p.id === session.user.provider);
-            if (provider && provider.handleSignOut) {
-                try {
-                    await provider.handleSignOut();
-                } catch (error) {
-                    console.error(`[hweb-auth] Signout error on provider ${provider.id}:`, error);
-                }
-            }
-        }
-
-        return HightJSResponse
-            .json({ success: true })
-            .clearCookie('hweb-auth-token', {
-                path: '/',
-                httpOnly: true,
-                secure: this.config.secureCookies || false,
-                sameSite: 'strict'
-            });
-    }
-
-    /**
-     * Obtém a sessão atual
-     */
-    async getSession(req: HightJSRequest): Promise<Session | null> {
-        const { session } = await this.middleware(req);
-        return session;
-    }
-
-    /**
-     * Verifica se o usuário está autenticado
-     */
-    async isAuthenticated(req: HightJSRequest): Promise<boolean> {
-        const session = await this.getSession(req);
-        return session !== null;
-    }
-
-    /**
-     * Retorna todos os providers disponíveis (dados públicos)
-     */
-    getProviders(): any[] {
-        return this.config.providers.map(provider => ({
-            id: provider.id,
-            name: provider.name,
-            type: provider.type,
-            config: provider.getConfig ? provider.getConfig() : {}
-        }));
-    }
-
-    /**
-     * Busca um provider específico
-     */
-    getProvider(id: string): AuthProviderClass | null {
-        return this.config.providers.find(p => p.id === id) || null;
-    }
-
-    /**
-     * Retorna todas as rotas adicionais dos providers
-     */
-    getAllAdditionalRoutes(): Array<{ provider: string; route: any }> {
-        const routes: Array<{ provider: string; route: any }> = [];
-
-        for (const provider of this.config.providers) {
-            if (provider.additionalRoutes) {
-                for (const route of provider.additionalRoutes) {
-                    routes.push({ provider: provider.id, route });
-                }
-            }
-        }
-
-        return routes;
-    }
-
-    /**
-     * Cria resposta com cookie de autenticação - Secure implementation
-     */
-    createAuthResponse(token: string, data: any): HightJSResponse {
-        return HightJSResponse
-            .json(data)
-            .cookie('hweb-auth-token', token, {
-                httpOnly: true,
-                secure: this.config.secureCookies || false, // Always secure, even in development
-                sameSite: 'strict', // Prevent CSRF attacks
-                maxAge: (this.config.session?.maxAge || 86400) * 1000,
-                path: '/',
-                domain: undefined // Let browser set automatically for security
-            })
-            .header('X-Content-Type-Options', 'nosniff')
-            .header('X-Frame-Options', 'DENY')
-            .header('X-XSS-Protection', '1; mode=block')
-            .header('Referrer-Policy', 'strict-origin-when-cross-origin');
-    }
-
-    /**
-     * Extrai token da requisição (cookie ou header)
-     */
-    private getTokenFromRequest(req: HightJSRequest): string | null {
-        // Primeiro tenta pegar do cookie
-        const cookieToken = req.cookie('hweb-auth-token');
-        if (cookieToken) return cookieToken;
-
-        // Depois tenta do header Authorization
-        const authHeader = req.header('authorization');
-        if (authHeader && typeof authHeader === 'string' && authHeader.startsWith('Bearer ')) {
-            return authHeader.substring(7);
-        }
-
-        return null;
-    }
-}

package/src/auth/index.ts

@@ -1,25 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-// Exportações principais do sistema de autenticação
-export * from './types';
-export * from './providers';
-export * from './core';
-export * from './routes';
-export * from './jwt';
-
-export { CredentialsProvider, DiscordProvider, GoogleProvider } from './providers';
-export { createAuthRoutes } from './routes';