hightjs 0.4.0 → 0.5.1

package/src/auth/providers/google.ts

@@ -1,234 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-import type {AuthProviderClass, AuthRoute, User} from '../types';
-import {HightJSRequest, HightJSResponse} from '../../api/http';
-
-export interface GoogleConfig {
-    id?: string;
-    name?: string;
-    clientId: string;
-    clientSecret: string;
-    callbackUrl?: string;
-    successUrl?: string;
-    // Escopos OAuth do Google, padrão: ['openid', 'email', 'profile']
-    scope?: string[];
-}
-
-/**
- * Provider para autenticação com Google OAuth2
- *
- * Este provider permite autenticação usando Google OAuth2.
- * Automaticamente gerencia o fluxo OAuth completo e rotas necessárias.
- *
- * Exemplo de uso:
- * ```typescript
- * new GoogleProvider({
- * clientId: process.env.GOOGLE_CLIENT_ID!,
- * clientSecret: process.env.GOOGLE_CLIENT_SECRET!,
- * callbackUrl: "http://localhost:3000/api/auth/callback/google"
- * })
- * ```
- *
- * Fluxo de autenticação:
- * 1. GET /api/auth/signin/google - Gera URL e redireciona para Google
- * 2. Google redireciona para /api/auth/callback/google com código
- * 3. Provider troca código por token e busca dados do usuário
- * 4. Retorna objeto User com dados do Google
- */
-export class GoogleProvider implements AuthProviderClass {
-    public readonly id: string;
-    public readonly name: string;
-    public readonly type: string = 'google';
-
-    private config: GoogleConfig;
-    private readonly defaultScope = [
-        'openid',
-        'https://www.googleapis.com/auth/userinfo.email',
-        'https://www.googleapis.com/auth/userinfo.profile'
-    ];
-
-    constructor(config: GoogleConfig) {
-        this.config = config;
-        this.id = config.id || 'google';
-        this.name = config.name || 'Google';
-    }
-
-    /**
-     * Método para gerar URL OAuth (usado pelo handleSignIn)
-     */
-    handleOauth(credentials: Record<string, string> = {}): string {
-        return this.getAuthorizationUrl();
-    }
-
-    /**
-     * Método principal - redireciona para OAuth ou processa o callback
-     */
-    async handleSignIn(credentials: Record<string, string>): Promise<User | string | null> {
-        // Se tem código, é o callback - processa a autenticação
-        if (credentials.code) {
-            return await this.processOAuthCallback(credentials);
-        }
-
-        // Se não tem código, é o início do OAuth - retorna a URL
-        return this.handleOauth(credentials);
-    }
-
-    /**
-     * Processa o callback do OAuth (troca o código pelo usuário)
-     */
-    private async processOAuthCallback(credentials: Record<string, string>): Promise<User | null> {
-        try {
-            const { code } = credentials;
-            if (!code) {
-                throw new Error('Authorization code not provided');
-            }
-
-            // Troca o código por um access token
-            const tokenResponse = await fetch('https://oauth2.googleapis.com/token', {
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/x-www-form-urlencoded',
-                },
-                body: new URLSearchParams({
-                    client_id: this.config.clientId,
-                    client_secret: this.config.clientSecret,
-                    grant_type: 'authorization_code',
-                    code,
-                    redirect_uri: this.config.callbackUrl || '',
-                }),
-            });
-
-            if (!tokenResponse.ok) {
-                const error = await tokenResponse.text();
-                throw new Error(`Failed to exchange code for token: ${error}`);
-            }
-
-            const tokens = await tokenResponse.json();
-
-            // Busca os dados do usuário com o access token
-            const userResponse = await fetch('https://www.googleapis.com/oauth2/v2/userinfo', {
-                headers: {
-                    'Authorization': `Bearer ${tokens.access_token}`,
-                },
-            });
-
-            if (!userResponse.ok) {
-                throw new Error('Failed to fetch user data');
-            }
-
-            const googleUser = await userResponse.json();
-
-            // Retorna o objeto User padronizado
-            return {
-                id: googleUser.id,
-                name: googleUser.name,
-                email: googleUser.email,
-                image: googleUser.picture || null,
-                provider: this.id,
-                providerId: googleUser.id,
-                accessToken: tokens.access_token,
-                refreshToken: tokens.refresh_token
-            };
-
-        } catch (error) {
-            console.error(`[${this.id} Provider] Error during OAuth callback:`, error);
-            return null;
-        }
-    }
-
-    /**
-     * Rotas adicionais específicas do Google OAuth
-     */
-    public additionalRoutes: AuthRoute[] = [
-        // Rota de callback do Google
-        {
-            method: 'GET',
-            path: '/api/auth/callback/google',
-            handler: async (req: HightJSRequest, params: any) => {
-                const url = new URL(req.url || '', 'http://localhost');
-                const code = url.searchParams.get('code');
-
-                if (!code) {
-                    return HightJSResponse.json({ error: 'Authorization code not provided' }, { status: 400 });
-                }
-
-                try {
-                    // Delega o 'code' para o endpoint de signin principal
-                    const authResponse = await fetch(`${req.headers.origin || 'http://localhost:3000'}/api/auth/signin`, {
-                        method: 'POST',
-                        headers: {
-                            'Content-Type': 'application/json',
-                        },
-                        body: JSON.stringify({
-                            provider: this.id,
-                            code,
-                        })
-                    });
-
-                    if (authResponse.ok) {
-                        // Propaga o cookie de sessão e redireciona para a URL de sucesso
-                        const setCookieHeader = authResponse.headers.get('set-cookie');
-
-                        if(this.config.successUrl) {
-                            return HightJSResponse
-                                .redirect(this.config.successUrl)
-                                .header('Set-Cookie', setCookieHeader || '');
-                        }
-                        return HightJSResponse.json({ success: true })
-                            .header('Set-Cookie', setCookieHeader || '');
-                    } else {
-                        const errorText = await authResponse.text();
-                        console.error(`[${this.id} Provider] Session creation failed during callback. Status: ${authResponse.status}, Body: ${errorText}`);
-                        return HightJSResponse.json({ error: 'Session creation failed' }, { status: 500 });
-                    }
-
-                } catch (error) {
-                    console.error(`[${this.id} Provider] Callback handler fetch error:`, error);
-                    return HightJSResponse.json({ error: 'Internal server error' }, { status: 500 });
-                }
-            }
-        }
-    ];
-
-    /**
-     * Gera a URL de autorização do Google
-     */
-    getAuthorizationUrl(): string {
-        const params = new URLSearchParams({
-            client_id: this.config.clientId,
-            redirect_uri: this.config.callbackUrl || '',
-            response_type: 'code',
-            scope: (this.config.scope || this.defaultScope).join(' ')
-        });
-
-        return `https://accounts.google.com/o/oauth2/v2/auth?${params.toString()}`;
-    }
-
-    /**
-     * Retorna a configuração pública do provider
-     */
-    getConfig(): any {
-        return {
-            id: this.id,
-            name: this.name,
-            type: this.type,
-            clientId: this.config.clientId, // Público
-            scope: this.config.scope || this.defaultScope,
-            callbackUrl: this.config.callbackUrl
-        };
-    }
-}

package/src/auth/providers/index.ts

@@ -1,20 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-// Exportações dos providers
-export * from './credentials';
-export * from './discord';
-

package/src/auth/providers.ts

@@ -1,20 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-// Exportações dos providers
-export { CredentialsProvider } from './providers/credentials';
-export { DiscordProvider } from './providers/discord';
-export { GoogleProvider } from './providers/google';

package/src/auth/react/index.ts

@@ -1,25 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-// Exportações do frontend
-export * from '../react';
-export * from '../client';
-export * from '../components';
-
-// Re-exports das funções mais usadas para conveniência
-export { getSession } from '../client';
-export { useSession, useAuth, SessionProvider } from '../react';
-export { ProtectedRoute, AuthGuard, GuestOnly } from '../components';

package/src/auth/react.tsx

@@ -1,234 +0,0 @@
-/*
- * This file is part of the HightJS Project.
- * Copyright (c) 2025 itsmuzin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-import React, { createContext, useContext, useEffect, useState, useCallback, ReactNode } from 'react';
-import type { Session, SessionContextType, SignInOptions, SignInResult, User } from './types';
-import { router } from "../client/clientRouter";
-
-const SessionContext = createContext<SessionContextType | undefined>(undefined);
-
-interface SessionProviderProps {
-    children: ReactNode;
-    basePath?: string;
-    refetchInterval?: number;
-    refetchOnWindowFocus?: boolean;
-}
-
-export function SessionProvider({
-    children,
-    basePath = '/api/auth',
-    refetchInterval = 0,
-    refetchOnWindowFocus = true
-}: SessionProviderProps) {
-    const [session, setSession] = useState<Session | null>(null);
-    const [status, setStatus] = useState<'loading' | 'authenticated' | 'unauthenticated'>('loading');
-
-    // Fetch da sessão atual
-    const fetchSession = useCallback(async (): Promise<Session | null> => {
-        try {
-            const response = await fetch(`${basePath}/session`, {
-                credentials: 'include'
-            });
-
-            if (!response.ok) {
-                setStatus('unauthenticated');
-                return null;
-            }
-
-            const data = await response.json();
-            const sessionData = data.session;
-
-            if (sessionData) {
-                setSession(sessionData);
-                setStatus('authenticated');
-                return sessionData;
-            } else {
-                setSession(null);
-                setStatus('unauthenticated');
-                return null;
-            }
-        } catch (error) {
-            console.error('[hweb-auth] Error fetching session:', error);
-            setSession(null);
-            setStatus('unauthenticated');
-            return null;
-        }
-    }, [basePath]);
-
-    // SignIn function
-    const signIn = useCallback(async (
-        provider: string = 'credentials',
-        options: SignInOptions = {}
-    ): Promise<SignInResult | undefined> => {
-        try {
-            const { redirect = true, callbackUrl, ...credentials } = options;
-
-            const response = await fetch(`${basePath}/signin`, {
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                },
-                credentials: 'include',
-                body: JSON.stringify({
-                    provider,
-                    ...credentials
-                })
-            });
-
-            const data = await response.json();
-
-            if (response.ok && data.success) {
-                await fetchSession();
-                // Se é OAuth, redireciona para URL fornecida
-                if (data.type === 'oauth' && data.redirectUrl) {
-                    if (redirect && typeof window !== 'undefined') {
-                        window.location.href = data.redirectUrl;
-                    }
-
-                    return {
-                        ok: true,
-                        status: 200,
-                        url: data.redirectUrl
-                    };
-                }
-
-                // Se é sessão (credentials), redireciona para callbackUrl
-                if (data.type === 'session') {
-                    if (redirect && typeof window !== 'undefined') {
-                        window.location.href = callbackUrl || '/';
-                    }
-
-                    return {
-                        ok: true,
-                        status: 200,
-                        url: callbackUrl || '/'
-                    };
-                }
-            } else {
-                return {
-                    error: data.error || 'Authentication failed',
-                    status: response.status,
-                    ok: false
-                };
-            }
-        } catch (error) {
-            console.error('[hweb-auth] Error on signIn:', error);
-            return {
-                error: 'Network error',
-                status: 500,
-                ok: false
-            };
-        }
-    }, [basePath, fetchSession]);
-
-    // SignOut function
-    const signOut = useCallback(async (options: { callbackUrl?: string } = {}): Promise<void> => {
-        try {
-            await fetch(`${basePath}/signout`, {
-                method: 'POST',
-                credentials: 'include'
-            });
-
-            setSession(null);
-            setStatus('unauthenticated');
-
-            if (typeof window !== 'undefined') {
-                try {
-                    router.push(options.callbackUrl || '/');
-                } catch (e) {
-                    window.location.href = options.callbackUrl || '/';
-                }
-            }
-        } catch (error) {
-            console.error('[hweb-auth] Error on signOut:', error);
-        }
-    }, [basePath]);
-
-    // Update session
-    const update = useCallback(async (): Promise<Session | null> => {
-        return await fetchSession();
-    }, [fetchSession]);
-
-    // Initial session fetch
-    useEffect(() => {
-        fetchSession();
-    }, [fetchSession]);
-
-    // Refetch interval
-    useEffect(() => {
-        if (refetchInterval > 0) {
-            const interval = setInterval(() => {
-                if (status === 'authenticated') {
-                    fetchSession();
-                }
-            }, refetchInterval * 1000);
-
-            return () => clearInterval(interval);
-        }
-    }, [refetchInterval, status, fetchSession]);
-
-    // Refetch on window focus
-    useEffect(() => {
-        if (refetchOnWindowFocus) {
-            const handleFocus = () => {
-                if (status === 'authenticated') {
-                    fetchSession();
-                }
-            };
-
-            window.addEventListener('focus', handleFocus);
-            return () => window.removeEventListener('focus', handleFocus);
-        }
-    }, [refetchOnWindowFocus, status, fetchSession]);
-
-    const value: SessionContextType = {
-        data: session,
-        status,
-        signIn,
-        signOut,
-        update
-    };
-
-    return (
-        <SessionContext.Provider value={value}>
-            {children}
-        </SessionContext.Provider>
-    );
-}
-
-/**
- * Hook para acessar a sessão atual
- */
-export function useSession(): SessionContextType {
-    const context = useContext(SessionContext);
-    if (context === undefined) {
-        throw new Error('useSession must be used inside a SessionProvider');
-    }
-    return context;
-}
-
-/**
- * Hook para verificar se o usuário está autenticado
- */
-export function useAuth(): { user: User | null; isAuthenticated: boolean; isLoading: boolean } {
-    const { data: session, status } = useSession();
-
-    return {
-        user: session?.user || null,
-        isAuthenticated: status === 'authenticated',
-        isLoading: status === 'loading'
-    };
-}