next-api-layer 0.1.5

package/dist/client.d.ts

@@ -0,0 +1,169 @@
+import React$1 from 'react';
+
+/**
+ * Client-side types - Generic for any backend format
+ */
+/** Default user data structure (can be overridden with generics) */
+interface DefaultUserData {
+    id?: number | string;
+    name?: string;
+    email?: string;
+    token_type?: string;
+    type?: string;
+    [key: string]: unknown;
+}
+interface AuthContextValue<TUser = DefaultUserData> {
+    /** Current user data, null if not authenticated */
+    user: TUser | null;
+    /** Loading state for initial auth check */
+    isLoading: boolean;
+    /** True if user is authenticated (not guest) */
+    isAuthenticated: boolean;
+    /** True if user is a guest */
+    isGuest: boolean;
+    /** Error from last auth operation */
+    error: Error | null;
+    /** Login function */
+    login: (credentials: LoginCredentials) => Promise<AuthResult<TUser>>;
+    /** Register function */
+    register: (data: RegisterData) => Promise<AuthResult<TUser>>;
+    /** Logout function */
+    logout: () => Promise<void>;
+    /** Refresh user data */
+    refresh: () => Promise<void>;
+    /** SWR mutate function for manual revalidation */
+    mutate: () => Promise<void>;
+}
+interface AuthResult<TUser = DefaultUserData> {
+    success: boolean;
+    message?: string;
+    user?: TUser;
+    errors?: Record<string, unknown>;
+}
+interface AuthProviderProps<TUser = DefaultUserData> {
+    children: React.ReactNode;
+    /** Initial user data from server (SSR) */
+    initialUser?: TUser | null;
+    /** Endpoint to fetch user data */
+    userEndpoint?: string;
+    /** Endpoint for login */
+    loginEndpoint?: string;
+    /** Endpoint for register */
+    registerEndpoint?: string;
+    /** Endpoint for logout */
+    logoutEndpoint?: string;
+    /** Redirect to this path after logout (uses window.location.href) */
+    logoutRedirect?: string;
+    /**
+     * Function to check if user is a guest
+     * @default (user) => user?.token_type === 'guest' || user?.type === 'guest'
+     */
+    isGuestFn?: (user: TUser | null) => boolean;
+    /**
+     * Function to parse API response and extract user data
+     * @default (response) => response.data || response.user || response
+     */
+    parseResponse?: (response: unknown) => TUser | null;
+    /** SWR config overrides */
+    swrConfig?: {
+        refreshInterval?: number;
+        revalidateOnFocus?: boolean;
+        revalidateOnReconnect?: boolean;
+    };
+    /** Called when user logs in */
+    onLogin?: (user: TUser) => void;
+    /** Called when user logs out */
+    onLogout?: () => void;
+    /** Called on auth error */
+    onError?: (error: Error) => void;
+}
+interface LoginCredentials {
+    email?: string;
+    username?: string;
+    password: string;
+    remember?: boolean;
+    [key: string]: unknown;
+}
+interface RegisterData {
+    name?: string;
+    email?: string;
+    password?: string;
+    password_confirmation?: string;
+    [key: string]: unknown;
+}
+interface UseAuthOptions {
+    /** Redirect to this path if not authenticated */
+    redirectTo?: string;
+    /** Redirect to this path if authenticated */
+    redirectIfFound?: string;
+}
+interface ApiResponse<T = unknown> {
+    success: boolean;
+    data?: T;
+    message?: string;
+    errors?: Record<string, unknown>;
+}
+/** @deprecated Use DefaultUserData or your own type */
+type UserData = DefaultUserData;
+
+/**
+ * AuthProvider - Generic React context for any backend format
+ *
+ * @example Basic usage
+ * ```tsx
+ * <AuthProvider>
+ *   {children}
+ * </AuthProvider>
+ * ```
+ *
+ * @example With custom user type
+ * ```tsx
+ * interface MyUser {
+ *   type: 'guest' | 'superadmin';
+ *   user?: { name: string; email: string; };
+ * }
+ *
+ * <AuthProvider<MyUser>
+ *   initialUser={serverUser}
+ *   isGuestFn={(u) => u?.type === 'guest'}
+ *   parseResponse={(res) => res.data}
+ * >
+ *   {children}
+ * </AuthProvider>
+ * ```
+ */
+
+declare const AuthContext: React$1.Context<AuthContextValue<any> | undefined>;
+declare function AuthProvider<TUser = DefaultUserData>({ children, initialUser, userEndpoint, loginEndpoint, registerEndpoint, logoutEndpoint, logoutRedirect, isGuestFn, parseResponse, swrConfig, onLogin, onLogout, onError, }: AuthProviderProps<TUser>): React$1.ReactElement;
+
+/**
+ * Hook to access authentication state and methods
+ *
+ * @typeParam TUser - User data type (defaults to DefaultUserData)
+ */
+declare function useAuth<TUser = DefaultUserData>(options?: UseAuthOptions): AuthContextValue<TUser>;
+/**
+ * Hook to get only the user object
+ *
+ * @typeParam TUser - User data type
+ */
+declare function useUser<TUser = DefaultUserData>(): {
+    user: TUser | null;
+    isLoading: boolean;
+    isAuthenticated: boolean;
+    isGuest: boolean;
+};
+/**
+ * Hook for protected pages - redirects if not authenticated
+ *
+ * @typeParam TUser - User data type
+ */
+declare function useRequireAuth<TUser = DefaultUserData>(redirectTo?: string): AuthContextValue<TUser>;
+/**
+ * Hook for auth pages - redirects if already authenticated
+ *
+ * @typeParam TUser - User data type
+ */
+declare function useRedirectIfAuth<TUser = DefaultUserData>(redirectTo?: string): AuthContextValue<TUser>;
+
+export { type ApiResponse, AuthContext, type AuthContextValue, AuthProvider, type AuthProviderProps, type AuthResult, type DefaultUserData, type LoginCredentials, type RegisterData, type UseAuthOptions, type UserData, useAuth, useRedirectIfAuth, useRequireAuth, useUser };

package/dist/client.js

@@ -0,0 +1,3 @@
+"use client";
+import {createContext,useCallback,useMemo,useContext}from'react';import S from'swr';import {jsx}from'react/jsx-runtime';import {useRouter}from'next/navigation';var m=createContext(void 0);function E(t){if(!t||typeof t!="object")return null;let e=t;return e.success&&e.data?e.data:e.user?e.user:"id"in e||"email"in e||"name"in e||"type"in e?e:null}function F(t){if(!t||typeof t!="object")return  false;let e=t;return e.token_type==="guest"||e.type==="guest"}function G({children:t,initialUser:e,userEndpoint:c="/api/auth/me",loginEndpoint:o="/api/auth/login",registerEndpoint:l="/api/auth/register",logoutEndpoint:g="/api/auth/logout",logoutRedirect:w,isGuestFn:j=F,parseResponse:f=E,swrConfig:b={},onLogin:p,onLogout:x,onError:i}){let V=useCallback(async n=>{let r=await fetch(n);if(!r.ok){if(r.status===401)return null;throw new Error("Failed to fetch user")}let s=await r.json();return f(s)},[f]),{data:A,error:D,isLoading:R,mutate:u}=S(c,V,{fallbackData:e??void 0,revalidateOnFocus:true,revalidateOnReconnect:true,revalidateOnMount:!e,refreshInterval:0,shouldRetryOnError:false,...b,onError:n=>{i?.(n);}}),P=useCallback(async n=>{try{let s=await(await fetch(o,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(n)})).json(),a=f(s);if(a)return await u(a,!1),p?.(a),{success:!0,user:a};let d=s;return {success:!1,message:d.message||"Login failed",errors:d.errors}}catch(r){let s=r instanceof Error?r:new Error("Login failed");return i?.(s),{success:false,message:s.message}}},[o,u,p,i,f]),C=useCallback(async n=>{try{let s=await(await fetch(l,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(n)})).json(),a=f(s);if(a)return await u(a,!1),p?.(a),{success:!0,user:a};let d=s;return {success:!1,message:d.message||"Registration failed",errors:d.errors}}catch(r){let s=r instanceof Error?r:new Error("Registration failed");return i?.(s),{success:false,message:s.message}}},[l,u,p,i,f]),v=useCallback(async()=>{try{await fetch(g,{method:"POST"}),await u(null,!1),x?.(),w&&typeof window<"u"&&(window.location.href=w);}catch(n){let r=n instanceof Error?n:new Error("Logout failed");throw i?.(r),r}},[g,w,u,x,i]),y=useCallback(async()=>{await u();},[u]),T=j(A??null),O=!!A&&!T,k=useMemo(()=>({user:A??null,isLoading:R,isAuthenticated:O,isGuest:T,error:D??null,login:P,register:C,logout:v,refresh:y,mutate:y}),[A,R,O,T,D,P,C,v,y]);return jsx(m.Provider,{value:k,children:t})}function U(t={}){let e=useContext(m),c=useRouter();if(!e)throw new Error("useAuth must be used within an AuthProvider. Wrap your app with <AuthProvider> from next-api-layer/client");let{redirectTo:o,redirectIfFound:l}=t;return e.isLoading||(o&&!e.isAuthenticated&&!e.isGuest&&typeof window<"u"&&c.replace(o),l&&e.isAuthenticated&&typeof window<"u"&&c.replace(l)),e}function N(){let{user:t,isLoading:e,isAuthenticated:c,isGuest:o}=U();return {user:t,isLoading:e,isAuthenticated:c,isGuest:o}}function W(t="/login"){let e=U({redirectTo:t});if(!e.isLoading&&!e.isAuthenticated)throw new Error("Authentication required");return e}function _(t="/"){return U({redirectIfFound:t})}export{m as AuthContext,G as AuthProvider,U as useAuth,_ as useRedirectIfAuth,W as useRequireAuth,N as useUser};//# sourceMappingURL=client.js.map
+//# sourceMappingURL=client.js.map

package/dist/client.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/client/AuthProvider.tsx","../src/client/useAuth.ts"],"names":["AuthContext","createContext","defaultParseResponse","response","res","defaultIsGuest","user","u","AuthProvider","children","initialUser","userEndpoint","loginEndpoint","registerEndpoint","logoutEndpoint","logoutRedirect","isGuestFn","parseResponse","swrConfig","onLogin","onLogout","onError","fetcher","useCallback","url","json","error","isLoading","mutate","useSWR","err","login","credentials","userData","errorResponse","register","data","logout","refresh","isGuest","isAuthenticated","contextValue","useMemo","jsx","useAuth","options","context","useContext","router","useRouter","redirectTo","redirectIfFound","useUser","useRequireAuth","auth","useRedirectIfAuth"],"mappings":"gKA8CO,IAAMA,CAAAA,CAAcC,cAAiD,MAAS,EAKrF,SAASC,CAAAA,CAA4BC,EAAiC,CACpE,GAAI,CAACA,CAAAA,EAAY,OAAOA,CAAAA,EAAa,QAAA,CAAU,OAAO,IAAA,CAEtD,IAAMC,CAAAA,CAAMD,CAAAA,CAGZ,OAAIC,CAAAA,CAAI,OAAA,EAAWA,EAAI,IAAA,CACdA,CAAAA,CAAI,IAAA,CAITA,CAAAA,CAAI,KACCA,CAAAA,CAAI,IAAA,CAIT,IAAA,GAAQA,CAAAA,EAAO,UAAWA,CAAAA,EAAO,MAAA,GAAUA,CAAAA,EAAO,MAAA,GAAUA,EACvDA,CAAAA,CAGF,IACT,CAGA,SAASC,EAAsBC,CAAAA,CAA6B,CAC1D,GAAI,CAACA,GAAQ,OAAOA,CAAAA,EAAS,QAAA,CAAU,OAAO,OAE9C,IAAMC,CAAAA,CAAID,CAAAA,CAMV,OAHIC,EAAE,UAAA,GAAe,OAAA,EAGjBA,EAAE,IAAA,GAAS,OAGjB,CAIO,SAASC,CAAAA,CAAsC,CACpD,QAAA,CAAAC,EACA,WAAA,CAAAC,CAAAA,CACA,YAAA,CAAAC,CAAAA,CAAe,eACf,aAAA,CAAAC,CAAAA,CAAgB,iBAAA,CAChB,gBAAA,CAAAC,EAAmB,oBAAA,CACnB,cAAA,CAAAC,CAAAA,CAAiB,kBAAA,CACjB,eAAAC,CAAAA,CACA,SAAA,CAAAC,CAAAA,CAAYX,CAAAA,CACZ,cAAAY,CAAAA,CAAgBf,CAAAA,CAChB,SAAA,CAAAgB,CAAAA,CAAY,EAAC,CACb,OAAA,CAAAC,CAAAA,CACA,QAAA,CAAAC,EACA,OAAA,CAAAC,CACF,EAAiD,CAG/C,IAAMC,EAAUC,WAAAA,CAAY,MAAOC,CAAAA,EAAuC,CACxE,IAAMpB,CAAAA,CAAM,MAAM,KAAA,CAAMoB,CAAG,EAE3B,GAAI,CAACpB,CAAAA,CAAI,EAAA,CAAI,CACX,GAAIA,CAAAA,CAAI,SAAW,GAAA,CACjB,OAAO,KAET,MAAM,IAAI,KAAA,CAAM,sBAAsB,CACxC,CAEA,IAAMqB,CAAAA,CAAO,MAAMrB,EAAI,IAAA,EAAK,CAC5B,OAAOa,CAAAA,CAAcQ,CAAI,CAC3B,CAAA,CAAG,CAACR,CAAa,CAAC,EAGZ,CACJ,IAAA,CAAMX,CAAAA,CACN,KAAA,CAAAoB,EACA,SAAA,CAAAC,CAAAA,CACA,MAAA,CAAAC,CACF,EAAIC,CAAAA,CACFlB,CAAAA,CACAW,CAAAA,CACA,CACE,aAAcZ,CAAAA,EAAe,MAAA,CAC7B,iBAAA,CAAmB,IAAA,CACnB,sBAAuB,IAAA,CACvB,iBAAA,CAAmB,CAACA,CAAAA,CACpB,gBAAiB,CAAA,CACjB,kBAAA,CAAoB,KAAA,CACpB,GAAGQ,EACH,OAAA,CAAUY,CAAAA,EAAe,CACvBT,CAAAA,GAAUS,CAAG,EACf,CACF,CACF,CAAA,CAGMC,CAAAA,CAAQR,YAAY,MAAOS,CAAAA,EAA8D,CAC7F,GAAI,CAOF,IAAMP,CAAAA,CAAO,KAAA,CAND,MAAM,MAAMb,CAAAA,CAAe,CACrC,MAAA,CAAQ,MAAA,CACR,QAAS,CAAE,cAAA,CAAgB,kBAAmB,CAAA,CAC9C,IAAA,CAAM,KAAK,SAAA,CAAUoB,CAAW,CAClC,CAAC,GAEsB,IAAA,EAAK,CACtBC,CAAAA,CAAWhB,CAAAA,CAAcQ,CAAI,CAAA,CAEnC,GAAIQ,CAAAA,CACF,OAAA,MAAML,EAAOK,CAAAA,CAAU,CAAA,CAAK,EAC5Bd,CAAAA,GAAUc,CAAQ,EACX,CAAE,OAAA,CAAS,CAAA,CAAA,CAAM,IAAA,CAAMA,CAAS,CAAA,CAGzC,IAAMC,CAAAA,CAAgBT,CAAAA,CACtB,OAAO,CACL,OAAA,CAAS,CAAA,CAAA,CACT,OAAA,CAASS,EAAc,OAAA,EAAW,cAAA,CAClC,MAAA,CAAQA,CAAAA,CAAc,MACxB,CACF,CAAA,MAASJ,CAAAA,CAAK,CACZ,IAAMJ,CAAAA,CAAQI,CAAAA,YAAe,KAAA,CAAQA,CAAAA,CAAM,IAAI,KAAA,CAAM,cAAc,CAAA,CACnE,OAAAT,IAAUK,CAAK,CAAA,CACR,CAAE,OAAA,CAAS,KAAA,CAAO,QAASA,CAAAA,CAAM,OAAQ,CAClD,CACF,EAAG,CAACd,CAAAA,CAAegB,CAAAA,CAAQT,CAAAA,CAASE,EAASJ,CAAa,CAAC,CAAA,CAGrDkB,CAAAA,CAAWZ,YAAY,MAAOa,CAAAA,EAAmD,CACrF,GAAI,CAOF,IAAMX,CAAAA,CAAO,KAAA,CAND,MAAM,KAAA,CAAMZ,EAAkB,CACxC,MAAA,CAAQ,MAAA,CACR,OAAA,CAAS,CAAE,cAAA,CAAgB,kBAAmB,CAAA,CAC9C,IAAA,CAAM,KAAK,SAAA,CAAUuB,CAAI,CAC3B,CAAC,CAAA,EAEsB,MAAK,CACtBH,CAAAA,CAAWhB,CAAAA,CAAcQ,CAAI,EAEnC,GAAIQ,CAAAA,CACF,OAAA,MAAML,CAAAA,CAAOK,EAAU,CAAA,CAAK,CAAA,CAC5Bd,CAAAA,GAAUc,CAAQ,EACX,CAAE,OAAA,CAAS,CAAA,CAAA,CAAM,IAAA,CAAMA,CAAS,CAAA,CAGzC,IAAMC,CAAAA,CAAgBT,CAAAA,CACtB,OAAO,CACL,OAAA,CAAS,CAAA,CAAA,CACT,OAAA,CAASS,EAAc,OAAA,EAAW,qBAAA,CAClC,MAAA,CAAQA,CAAAA,CAAc,MACxB,CACF,CAAA,MAASJ,EAAK,CACZ,IAAMJ,EAAQI,CAAAA,YAAe,KAAA,CAAQA,CAAAA,CAAM,IAAI,MAAM,qBAAqB,CAAA,CAC1E,OAAAT,CAAAA,GAAUK,CAAK,CAAA,CACR,CAAE,OAAA,CAAS,KAAA,CAAO,QAASA,CAAAA,CAAM,OAAQ,CAClD,CACF,CAAA,CAAG,CAACb,CAAAA,CAAkBe,CAAAA,CAAQT,CAAAA,CAASE,CAAAA,CAASJ,CAAa,CAAC,CAAA,CAGxDoB,CAAAA,CAASd,WAAAA,CAAY,SAA2B,CACpD,GAAI,CACF,MAAM,MAAMT,CAAAA,CAAgB,CAAE,OAAQ,MAAO,CAAC,EAC9C,MAAMc,CAAAA,CAAO,IAAA,CAAM,CAAA,CAAK,EACxBR,CAAAA,IAAW,CAGPL,CAAAA,EAAkB,OAAO,OAAW,GAAA,GACtC,MAAA,CAAO,QAAA,CAAS,IAAA,CAAOA,GAE3B,CAAA,MAASe,CAAAA,CAAK,CACZ,IAAMJ,EAAQI,CAAAA,YAAe,KAAA,CAAQA,CAAAA,CAAM,IAAI,MAAM,eAAe,CAAA,CACpE,MAAAT,CAAAA,GAAUK,CAAK,CAAA,CACTA,CACR,CACF,CAAA,CAAG,CAACZ,CAAAA,CAAgBC,CAAAA,CAAgBa,EAAQR,CAAAA,CAAUC,CAAO,CAAC,CAAA,CAGxDiB,CAAAA,CAAUf,WAAAA,CAAY,SAA2B,CACrD,MAAMK,CAAAA,GACR,CAAA,CAAG,CAACA,CAAM,CAAC,CAAA,CAGLW,CAAAA,CAAUvB,EAAUV,CAAAA,EAAQ,IAAI,EAChCkC,CAAAA,CAAkB,CAAC,CAAClC,CAAAA,EAAQ,CAACiC,CAAAA,CAG7BE,CAAAA,CAAeC,QAAiC,KAAO,CAC3D,IAAA,CAAMpC,CAAAA,EAAQ,KACd,SAAA,CAAAqB,CAAAA,CACA,eAAA,CAAAa,CAAAA,CACA,QAAAD,CAAAA,CACA,KAAA,CAAOb,GAAS,IAAA,CAChB,KAAA,CAAAK,EACA,QAAA,CAAAI,CAAAA,CACA,MAAA,CAAAE,CAAAA,CACA,QAAAC,CAAAA,CACA,MAAA,CAAQA,CACV,CAAA,CAAA,CAAI,CAAChC,CAAAA,CAAMqB,CAAAA,CAAWa,CAAAA,CAAiBD,CAAAA,CAASb,EAAOK,CAAAA,CAAOI,CAAAA,CAAUE,CAAAA,CAAQC,CAAO,CAAC,CAAA,CAExF,OACEK,GAAAA,CAAC3C,CAAAA,CAAY,SAAZ,CAAqB,KAAA,CAAOyC,CAAAA,CAC1B,QAAA,CAAAhC,EACH,CAEJ,CC7NO,SAASmC,CAAAA,CACdC,CAAAA,CAA0B,EAAC,CACF,CACzB,IAAMC,CAAAA,CAAUC,UAAAA,CAAW/C,CAAW,EAChCgD,CAAAA,CAASC,SAAAA,EAAU,CAEzB,GAAI,CAACH,CAAAA,CACH,MAAM,IAAI,KAAA,CACR,2GAEF,EAGF,GAAM,CAAE,UAAA,CAAAI,CAAAA,CAAY,gBAAAC,CAAgB,CAAA,CAAIN,CAAAA,CAGxC,OAAKC,EAAQ,SAAA,GACPI,CAAAA,EAAc,CAACJ,CAAAA,CAAQ,iBAAmB,CAACA,CAAAA,CAAQ,SACjD,OAAO,MAAA,CAAW,KACpBE,CAAAA,CAAO,OAAA,CAAQE,CAAU,CAAA,CAIzBC,GAAmBL,CAAAA,CAAQ,eAAA,EACzB,OAAO,MAAA,CAAW,KACpBE,CAAAA,CAAO,OAAA,CAAQG,CAAe,CAAA,CAAA,CAK7BL,CACT,CAOO,SAASM,CAAAA,EAAmC,CACjD,GAAM,CAAE,IAAA,CAAA9C,CAAAA,CAAM,SAAA,CAAAqB,EAAW,eAAA,CAAAa,CAAAA,CAAiB,OAAA,CAAAD,CAAQ,EAAIK,CAAAA,EAAe,CACrE,OAAO,CAAE,KAAAtC,CAAAA,CAAM,SAAA,CAAAqB,EAAW,eAAA,CAAAa,CAAAA,CAAiB,QAAAD,CAAQ,CACrD,CAOO,SAASc,EAAwCH,CAAAA,CAAa,QAAA,CAAU,CAC7E,IAAMI,EAAOV,CAAAA,CAAe,CAAE,UAAA,CAAAM,CAAW,CAAC,CAAA,CAE1C,GAAI,CAACI,CAAAA,CAAK,SAAA,EAAa,CAACA,CAAAA,CAAK,eAAA,CAC3B,MAAM,IAAI,MAAM,yBAAyB,CAAA,CAG3C,OAAOA,CACT,CAOO,SAASC,CAAAA,CAA2CL,CAAAA,CAAa,GAAA,CAAK,CAC3E,OAAON,CAAAA,CAAe,CAAE,eAAA,CAAiBM,CAAW,CAAC,CACvD","file":"client.js","sourcesContent":["'use client';\r\n\r\n/**\r\n * AuthProvider - Generic React context for any backend format\r\n * \r\n * @example Basic usage\r\n * ```tsx\r\n * <AuthProvider>\r\n *   {children}\r\n * </AuthProvider>\r\n * ```\r\n * \r\n * @example With custom user type\r\n * ```tsx\r\n * interface MyUser {\r\n *   type: 'guest' | 'superadmin';\r\n *   user?: { name: string; email: string; };\r\n * }\r\n * \r\n * <AuthProvider<MyUser>\r\n *   initialUser={serverUser}\r\n *   isGuestFn={(u) => u?.type === 'guest'}\r\n *   parseResponse={(res) => res.data}\r\n * >\r\n *   {children}\r\n * </AuthProvider>\r\n * ```\r\n */\r\n\r\nimport React, { createContext, useCallback, useMemo } from 'react';\r\nimport useSWR from 'swr';\r\nimport type { \r\n  AuthContextValue, \r\n  AuthProviderProps, \r\n  LoginCredentials,\r\n  RegisterData,\r\n  AuthResult,\r\n  DefaultUserData,\r\n  ApiResponse,\r\n} from './types';\r\n\r\n// ==================== Context ====================\r\n\r\n// We use 'any' here because the context needs to work with any user type\r\n// The actual type safety comes from useAuth<TUser>() hook\r\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\r\nexport const AuthContext = createContext<AuthContextValue<any> | undefined>(undefined);\r\n\r\n// ==================== Default Functions ====================\r\n\r\n/** Default response parser - handles common API formats */\r\nfunction defaultParseResponse<TUser>(response: unknown): TUser | null {\r\n  if (!response || typeof response !== 'object') return null;\r\n  \r\n  const res = response as Record<string, unknown>;\r\n  \r\n  // Format: { success: true, data: user }\r\n  if (res.success && res.data) {\r\n    return res.data as TUser;\r\n  }\r\n  \r\n  // Format: { user: {...} }\r\n  if (res.user) {\r\n    return res.user as TUser;\r\n  }\r\n  \r\n  // Format: user object directly\r\n  if ('id' in res || 'email' in res || 'name' in res || 'type' in res) {\r\n    return res as TUser;\r\n  }\r\n  \r\n  return null;\r\n}\r\n\r\n/** Default guest check - handles common patterns */\r\nfunction defaultIsGuest<TUser>(user: TUser | null): boolean {\r\n  if (!user || typeof user !== 'object') return false;\r\n  \r\n  const u = user as Record<string, unknown>;\r\n  \r\n  // Check token_type (flat structure)\r\n  if (u.token_type === 'guest') return true;\r\n  \r\n  // Check type (nested structure)\r\n  if (u.type === 'guest') return true;\r\n  \r\n  return false;\r\n}\r\n\r\n// ==================== Provider Component ====================\r\n\r\nexport function AuthProvider<TUser = DefaultUserData>({\r\n  children,\r\n  initialUser,\r\n  userEndpoint = '/api/auth/me',\r\n  loginEndpoint = '/api/auth/login',\r\n  registerEndpoint = '/api/auth/register',\r\n  logoutEndpoint = '/api/auth/logout',\r\n  logoutRedirect,\r\n  isGuestFn = defaultIsGuest,\r\n  parseResponse = defaultParseResponse,\r\n  swrConfig = {},\r\n  onLogin,\r\n  onLogout,\r\n  onError,\r\n}: AuthProviderProps<TUser>): React.ReactElement {\r\n  \r\n  // Create fetcher with custom parser\r\n  const fetcher = useCallback(async (url: string): Promise<TUser | null> => {\r\n    const res = await fetch(url);\r\n    \r\n    if (!res.ok) {\r\n      if (res.status === 401) {\r\n        return null;\r\n      }\r\n      throw new Error('Failed to fetch user');\r\n    }\r\n    \r\n    const json = await res.json();\r\n    return parseResponse(json);\r\n  }, [parseResponse]);\r\n\r\n  // Fetch user data with SWR\r\n  const {\r\n    data: user,\r\n    error,\r\n    isLoading,\r\n    mutate,\r\n  } = useSWR<TUser | null>(\r\n    userEndpoint,\r\n    fetcher,\r\n    {\r\n      fallbackData: initialUser ?? undefined,\r\n      revalidateOnFocus: true,\r\n      revalidateOnReconnect: true,\r\n      revalidateOnMount: !initialUser,\r\n      refreshInterval: 0,\r\n      shouldRetryOnError: false,\r\n      ...swrConfig,\r\n      onError: (err: Error) => {\r\n        onError?.(err);\r\n      },\r\n    }\r\n  );\r\n\r\n  // Login function\r\n  const login = useCallback(async (credentials: LoginCredentials): Promise<AuthResult<TUser>> => {\r\n    try {\r\n      const res = await fetch(loginEndpoint, {\r\n        method: 'POST',\r\n        headers: { 'Content-Type': 'application/json' },\r\n        body: JSON.stringify(credentials),\r\n      });\r\n\r\n      const json = await res.json();\r\n      const userData = parseResponse(json);\r\n\r\n      if (userData) {\r\n        await mutate(userData, false);\r\n        onLogin?.(userData);\r\n        return { success: true, user: userData };\r\n      }\r\n\r\n      const errorResponse = json as ApiResponse;\r\n      return {\r\n        success: false,\r\n        message: errorResponse.message || 'Login failed',\r\n        errors: errorResponse.errors,\r\n      };\r\n    } catch (err) {\r\n      const error = err instanceof Error ? err : new Error('Login failed');\r\n      onError?.(error);\r\n      return { success: false, message: error.message };\r\n    }\r\n  }, [loginEndpoint, mutate, onLogin, onError, parseResponse]);\r\n\r\n  // Register function\r\n  const register = useCallback(async (data: RegisterData): Promise<AuthResult<TUser>> => {\r\n    try {\r\n      const res = await fetch(registerEndpoint, {\r\n        method: 'POST',\r\n        headers: { 'Content-Type': 'application/json' },\r\n        body: JSON.stringify(data),\r\n      });\r\n\r\n      const json = await res.json();\r\n      const userData = parseResponse(json);\r\n\r\n      if (userData) {\r\n        await mutate(userData, false);\r\n        onLogin?.(userData);\r\n        return { success: true, user: userData };\r\n      }\r\n\r\n      const errorResponse = json as ApiResponse;\r\n      return {\r\n        success: false,\r\n        message: errorResponse.message || 'Registration failed',\r\n        errors: errorResponse.errors,\r\n      };\r\n    } catch (err) {\r\n      const error = err instanceof Error ? err : new Error('Registration failed');\r\n      onError?.(error);\r\n      return { success: false, message: error.message };\r\n    }\r\n  }, [registerEndpoint, mutate, onLogin, onError, parseResponse]);\r\n\r\n  // Logout function\r\n  const logout = useCallback(async (): Promise<void> => {\r\n    try {\r\n      await fetch(logoutEndpoint, { method: 'POST' });\r\n      await mutate(null, false);\r\n      onLogout?.();\r\n      \r\n      // Redirect after logout if configured\r\n      if (logoutRedirect && typeof window !== 'undefined') {\r\n        window.location.href = logoutRedirect;\r\n      }\r\n    } catch (err) {\r\n      const error = err instanceof Error ? err : new Error('Logout failed');\r\n      onError?.(error);\r\n      throw error;\r\n    }\r\n  }, [logoutEndpoint, logoutRedirect, mutate, onLogout, onError]);\r\n\r\n  // Refresh user data\r\n  const refresh = useCallback(async (): Promise<void> => {\r\n    await mutate();\r\n  }, [mutate]);\r\n\r\n  // Compute derived state using custom isGuestFn\r\n  const isGuest = isGuestFn(user ?? null);\r\n  const isAuthenticated = !!user && !isGuest;\r\n\r\n  // Memoize context value\r\n  const contextValue = useMemo<AuthContextValue<TUser>>(() => ({\r\n    user: user ?? null,\r\n    isLoading,\r\n    isAuthenticated,\r\n    isGuest,\r\n    error: error ?? null,\r\n    login,\r\n    register,\r\n    logout,\r\n    refresh,\r\n    mutate: refresh,\r\n  }), [user, isLoading, isAuthenticated, isGuest, error, login, register, logout, refresh]);\r\n\r\n  return (\r\n    <AuthContext.Provider value={contextValue}>\r\n      {children}\r\n    </AuthContext.Provider>\r\n  );\r\n}\r\n","'use client';\r\n\r\n/**\r\n * useAuth Hook - Generic for any user type\r\n * \r\n * @example Basic usage\r\n * ```tsx\r\n * const { user, isAuthenticated, logout } = useAuth();\r\n * ```\r\n * \r\n * @example With custom type\r\n * ```tsx\r\n * interface MyUser {\r\n *   type: 'guest' | 'superadmin';\r\n *   user?: { name: string; };\r\n * }\r\n * \r\n * const { user } = useAuth<MyUser>();\r\n * // user is MyUser | null\r\n * ```\r\n */\r\n\r\nimport { useContext } from 'react';\r\nimport { useRouter } from 'next/navigation';\r\nimport { AuthContext } from './AuthProvider';\r\nimport type { AuthContextValue, UseAuthOptions, DefaultUserData } from './types';\r\n\r\n/**\r\n * Hook to access authentication state and methods\r\n * \r\n * @typeParam TUser - User data type (defaults to DefaultUserData)\r\n */\r\nexport function useAuth<TUser = DefaultUserData>(\r\n  options: UseAuthOptions = {}\r\n): AuthContextValue<TUser> {\r\n  const context = useContext(AuthContext) as AuthContextValue<TUser> | undefined;\r\n  const router = useRouter();\r\n\r\n  if (!context) {\r\n    throw new Error(\r\n      'useAuth must be used within an AuthProvider. ' +\r\n      'Wrap your app with <AuthProvider> from next-api-layer/client'\r\n    );\r\n  }\r\n\r\n  const { redirectTo, redirectIfFound } = options;\r\n\r\n  // Handle redirects based on auth state\r\n  if (!context.isLoading) {\r\n    if (redirectTo && !context.isAuthenticated && !context.isGuest) {\r\n      if (typeof window !== 'undefined') {\r\n        router.replace(redirectTo);\r\n      }\r\n    }\r\n\r\n    if (redirectIfFound && context.isAuthenticated) {\r\n      if (typeof window !== 'undefined') {\r\n        router.replace(redirectIfFound);\r\n      }\r\n    }\r\n  }\r\n\r\n  return context;\r\n}\r\n\r\n/**\r\n * Hook to get only the user object\r\n * \r\n * @typeParam TUser - User data type\r\n */\r\nexport function useUser<TUser = DefaultUserData>() {\r\n  const { user, isLoading, isAuthenticated, isGuest } = useAuth<TUser>();\r\n  return { user, isLoading, isAuthenticated, isGuest };\r\n}\r\n\r\n/**\r\n * Hook for protected pages - redirects if not authenticated\r\n * \r\n * @typeParam TUser - User data type\r\n */\r\nexport function useRequireAuth<TUser = DefaultUserData>(redirectTo = '/login') {\r\n  const auth = useAuth<TUser>({ redirectTo });\r\n  \r\n  if (!auth.isLoading && !auth.isAuthenticated) {\r\n    throw new Error('Authentication required');\r\n  }\r\n  \r\n  return auth;\r\n}\r\n\r\n/**\r\n * Hook for auth pages - redirects if already authenticated\r\n * \r\n * @typeParam TUser - User data type\r\n */\r\nexport function useRedirectIfAuth<TUser = DefaultUserData>(redirectTo = '/') {\r\n  return useAuth<TUser>({ redirectIfFound: redirectTo });\r\n}\r\n"]}

package/dist/createApiClient-CIDYcpNI.d.cts

@@ -0,0 +1,383 @@
+import { NextRequest, NextResponse } from 'next/server';
+
+/**
+ * Shared Types
+ * Core type definitions used across the library
+ */
+interface CookieOptions {
+    httpOnly?: boolean;
+    secure?: boolean;
+    sameSite?: 'lax' | 'strict' | 'none';
+    path?: string;
+    maxAge?: number;
+}
+interface CookieConfig {
+    user: string;
+    guest: string;
+    options?: CookieOptions;
+}
+interface TokenInfo {
+    isValid: boolean;
+    tokenType: string | null;
+    exp: number | null;
+    userData: Record<string, unknown> | null;
+    timestamp?: number;
+}
+interface RefreshResult {
+    success: boolean;
+    newToken: string | null;
+}
+interface ApiResponse<T = unknown> {
+    success: boolean;
+    message?: string;
+    data?: T;
+    errors?: Record<string, unknown>;
+}
+interface EndpointConfig {
+    validate?: string;
+    refresh?: string;
+    guest?: string;
+}
+interface GuestTokenConfig {
+    enabled: boolean;
+    credentials?: {
+        username: string;
+        password: string;
+    };
+}
+interface AccessConfig {
+    /** Token types allowed to access the app (e.g., ['superadmin', 'admin']) */
+    allowedTokenTypes?: string[];
+    /** Routes that require authentication */
+    protectedRoutes?: string[];
+    /** Auth pages (login, register) - authenticated users redirected away */
+    authRoutes?: string[];
+    /** Routes accessible without authentication */
+    publicRoutes?: string[];
+    /**
+     * If true, all routes are protected by default (except publicRoutes and authRoutes)
+     * Useful for admin panels where everything requires auth
+     * @default false
+     */
+    protectedByDefault?: boolean;
+}
+interface I18nConfig {
+    enabled: boolean;
+    locales?: string[];
+    defaultLocale?: string;
+}
+
+/** Result of auth validation passed to afterAuth hook */
+interface AuthResult {
+    isAuthenticated: boolean;
+    isGuest: boolean;
+    tokenType: string | null;
+    user: Record<string, unknown> | null;
+}
+/**
+ * Response mappers for different backend formats
+ * Allows adapting any backend response format to library's internal format
+ */
+interface ResponseMappers {
+    /**
+     * Parse auth/me response to extract token info
+     * @param response - Raw response from backend
+     * @returns TokenInfo or null if invalid
+     *
+     * @example Laravel format
+     * ```ts
+     * parseAuthMe: (res) => ({
+     *   isValid: res.success,
+     *   tokenType: res.data?.token_type || 'user',
+     *   exp: res.data?.expires_at,
+     *   userData: res.data?.user,
+     * })
+     * ```
+     *
+     * @example Django format
+     * ```ts
+     * parseAuthMe: (res) => ({
+     *   isValid: !!res.user,
+     *   tokenType: res.is_guest ? 'guest' : 'user',
+     *   exp: res.exp,
+     *   userData: res.user,
+     * })
+     * ```
+     */
+    parseAuthMe?: (response: unknown) => TokenInfo | null;
+    /**
+     * Parse refresh token response
+     * @returns The new access token or null
+     */
+    parseRefreshToken?: (response: unknown) => string | null;
+    /**
+     * Parse guest token response
+     * @returns The guest access token or null
+     */
+    parseGuestToken?: (response: unknown) => string | null;
+}
+interface AuthProxyConfig {
+    apiBaseUrl: string;
+    cookies: CookieConfig;
+    endpoints?: EndpointConfig;
+    guestToken?: GuestTokenConfig;
+    access?: AccessConfig;
+    i18n?: I18nConfig;
+    excludedPaths?: string[];
+    onError?: (error: Error) => void;
+    /**
+     * Block browser direct access to API routes (when Accept: text/html)
+     * Redirects to home page. Default: false
+     */
+    blockBrowserApiAccess?: boolean;
+    /**
+     * CSRF Protection configuration
+     * Protects against Cross-Site Request Forgery attacks
+     */
+    csrf?: CsrfConfig;
+    /**
+     * Rate Limiting configuration
+     * Prevents abuse and DoS attacks
+     */
+    rateLimit?: RateLimitConfig;
+    /**
+     * Audit Logging configuration
+     * For security monitoring and compliance
+     */
+    audit?: AuditConfig;
+    /**
+     * Custom response parsers for different backend formats.
+     * If not provided, expects standard format:
+     * - auth/me: { success: true, data: { type, exp, ...user } }
+     * - refresh: { success: true, data: { accessToken } }
+     * - guest:   { success: true, data: { accessToken } }
+     */
+    responseMappers?: ResponseMappers;
+    /**
+     * Hook that runs BEFORE auth validation.
+     * Return a NextResponse to bypass auth, or null/undefined to continue.
+     * Use this for custom route handling, logging, rate limiting, etc.
+     */
+    beforeAuth?: (req: NextRequest) => NextResponse | null | undefined | Promise<NextResponse | null | undefined>;
+    /**
+     * Hook that runs AFTER auth validation.
+     * Allows modifying the response or adding custom headers.
+     * Receives the auth result for conditional logic.
+     */
+    afterAuth?: (req: NextRequest, response: NextResponse, authResult: AuthResult) => NextResponse | Promise<NextResponse>;
+}
+interface SanitizationConfig {
+    /** Enable/disable sanitization. Default: true */
+    enabled?: boolean;
+    /**
+     * Sanitization mode:
+     * - 'escape': Escapes HTML entities (default, safest)
+     * - 'strip': Removes all HTML tags
+     * - 'allowList': Only allows specified tags in allowedTags
+     */
+    mode?: 'escape' | 'strip' | 'allowList';
+    /** Tags to allow when mode is 'allowList' */
+    allowedTags?: string[];
+    /** Fields to skip sanitization (e.g., ['html_content', 'markdown']) */
+    skipFields?: string[];
+    /**
+     * Endpoints to skip sanitization entirely (glob-like matching)
+     * e.g., ['cms/*', 'pages/raw', 'content/**']
+     */
+    skipEndpoints?: string[];
+}
+interface UserProfile {
+    id: number;
+    name: string;
+    email: string;
+    [key: string]: unknown;
+}
+/** User data returned from auth endpoints */
+interface UserData extends UserProfile {
+    token_type?: string;
+}
+interface AuthData {
+    type: string;
+    user?: UserProfile;
+    exp?: number;
+    [key: string]: unknown;
+}
+/**
+ * CSRF Protection Configuration
+ * Uses Fetch Metadata (primary) + Signed Double-Submit Cookie (fallback)
+ */
+interface CsrfConfig {
+    /** Enable CSRF protection. Default: false */
+    enabled: boolean;
+    /**
+     * CSRF strategy:
+     * - 'fetch-metadata': Modern browsers (Sec-Fetch-Site header check)
+     * - 'double-submit': Signed HMAC cookie pattern
+     * - 'both': Use both (recommended for max compatibility)
+     * @default 'both'
+     */
+    strategy?: 'fetch-metadata' | 'double-submit' | 'both';
+    /** Secret for HMAC signing. Auto-generated if not provided. */
+    secret?: string;
+    /** Cookie name for CSRF token. @default '__csrf' */
+    cookieName?: string;
+    /** Header name for CSRF token. @default 'x-csrf-token' */
+    headerName?: string;
+    /** HTTP methods that don't need CSRF check. @default ['GET', 'HEAD', 'OPTIONS'] */
+    ignoreMethods?: string[];
+    /** Trust same-site requests (less strict). @default false */
+    trustSameSite?: boolean;
+}
+/**
+ * Rate Limiting Configuration
+ * Token bucket algorithm with configurable windows
+ */
+interface RateLimitConfig {
+    /** Enable rate limiting. Default: false */
+    enabled: boolean;
+    /** Time window in milliseconds. @default 60000 (1 minute) */
+    windowMs?: number;
+    /** Max requests per window. @default 100 */
+    maxRequests?: number;
+    /**
+     * Function to generate rate limit key (IP, token, user ID, etc.)
+     * @default IP-based
+     */
+    keyFn?: (req: NextRequest) => string;
+    /** Routes to skip rate limiting (glob patterns) */
+    skipRoutes?: string[];
+    /** Custom response when rate limited */
+    onRateLimited?: (req: NextRequest) => NextResponse;
+}
+/**
+ * Audit Logging Configuration
+ * Event-based logging for security monitoring
+ */
+interface AuditConfig {
+    /** Enable audit logging. Default: false */
+    enabled: boolean;
+    /** Event types to log */
+    events?: AuditEventType[];
+    /** Logger function */
+    logger?: (event: AuditEvent) => void | Promise<void>;
+}
+type AuditEventType = 'auth:success' | 'auth:fail' | 'auth:refresh' | 'auth:guest' | 'access:denied' | 'csrf:fail' | 'rateLimit:exceeded' | 'error';
+interface AuditEvent {
+    type: AuditEventType;
+    timestamp: Date;
+    ip: string | null;
+    userId?: string;
+    path: string;
+    method: string;
+    success: boolean;
+    metadata?: Record<string, unknown>;
+}
+type ResolvedCookieOptions = Required<CookieOptions>;
+interface ResolvedCsrfConfig {
+    enabled: boolean;
+    strategy: 'fetch-metadata' | 'double-submit' | 'both';
+    secret: string;
+    cookieName: string;
+    headerName: string;
+    ignoreMethods: string[];
+    trustSameSite: boolean;
+}
+interface ResolvedRateLimitConfig {
+    enabled: boolean;
+    windowMs: number;
+    maxRequests: number;
+    keyFn: (req: NextRequest) => string;
+    skipRoutes: string[];
+    onRateLimited?: (req: NextRequest) => NextResponse;
+}
+interface ResolvedAuditConfig {
+    enabled: boolean;
+    events: AuditEventType[];
+    logger?: (event: AuditEvent) => void | Promise<void>;
+}
+interface InternalProxyConfig extends AuthProxyConfig {
+    _resolved: {
+        cookieOptions: ResolvedCookieOptions;
+        endpoints: Required<EndpointConfig>;
+        csrf: ResolvedCsrfConfig;
+        rateLimit: ResolvedRateLimitConfig;
+        audit: ResolvedAuditConfig;
+    };
+}
+
+/**
+ * createApiClient
+ * Server-side API client for Route Handlers
+ *
+ * Makes requests directly to backend with auth token from cookies/headers.
+ * Returns Response objects that can be directly returned from route handlers.
+ */
+
+interface ApiClientConfig {
+    /** Backend API base URL */
+    apiBaseUrl: string;
+    /** Cookie names for token retrieval */
+    cookies: {
+        user: string;
+        guest: string;
+    };
+    /** Sanitization options */
+    sanitization?: SanitizationConfig;
+    /** Enable Laravel method spoofing for PUT/PATCH */
+    methodSpoofing?: boolean;
+    /** Custom error messages */
+    errorMessages?: {
+        noToken?: string;
+        connectionError?: string;
+    };
+    /** i18n configuration - auto-append locale to API requests */
+    i18n?: I18nConfig & {
+        /** Query parameter name (default: 'lang') */
+        paramName?: string;
+    };
+}
+interface RequestOptions {
+    /** Form data mode (use FormData, skip Content-Type header) */
+    isFormData?: boolean;
+    /** Use method spoofing for this request */
+    methodSpoofing?: boolean;
+    /** Skip authentication for this request */
+    skipAuth?: boolean;
+}
+interface ApiClient {
+    get: (endpoint: string) => Promise<Response>;
+    post: (endpoint: string, body?: Record<string, unknown> | FormData, options?: RequestOptions) => Promise<Response>;
+    put: (endpoint: string, body?: Record<string, unknown> | FormData, options?: RequestOptions) => Promise<Response>;
+    patch: (endpoint: string, body?: Record<string, unknown>) => Promise<Response>;
+    delete: (endpoint: string) => Promise<Response>;
+}
+/**
+ * Creates a server-side API client for Next.js Route Handlers
+ *
+ * @example
+ * ```ts
+ * // lib/api.ts
+ * import { createApiClient } from 'next-api-layer';
+ *
+ * export const api = createApiClient({
+ *   apiBaseUrl: process.env.API_BASE_URL!,
+ *   cookies: {
+ *     user: process.env.COOKIE_USER_AUTH_TOKEN_NAME!,
+ *     guest: process.env.COOKIE_PUBLIC_AUTH_TOKEN_NAME!,
+ *   },
+ * });
+ *
+ * // Usage in route handler - direct return!
+ * export async function GET() {
+ *   return api.get('superadmin/home/list');
+ * }
+ *
+ * export async function POST(request: Request) {
+ *   const body = await request.json();
+ *   return api.post('donations/create', body);
+ * }
+ * ```
+ */
+declare function createApiClient(config: ApiClientConfig): ApiClient;
+
+export { type AuthProxyConfig as A, type CookieOptions as C, type EndpointConfig as E, type GuestTokenConfig as G, type InternalProxyConfig as I, type ResolvedRateLimitConfig as R, type SanitizationConfig as S, type TokenInfo as T, type UserData as U, type ResolvedCsrfConfig as a, type AuditEventType as b, type ResolvedAuditConfig as c, type RefreshResult as d, type AccessConfig as e, type ApiClient as f, type ApiClientConfig as g, type ApiResponse as h, type AuditConfig as i, type AuditEvent as j, type AuthData as k, type AuthResult as l, type CookieConfig as m, type CsrfConfig as n, type I18nConfig as o, type RateLimitConfig as p, type ResponseMappers as q, createApiClient as r, type RequestOptions as s };