nextauthz 1.2.1 → 1.2.4

package/dist/index.d.mts

@@ -6,35 +6,41 @@ type User$1 = {
     [key: string]: any;
 };
 
-type AuthContextType<UserType extends User$1> = {
+type AuthContextType<UserType extends User$1 = User$1> = {
     user: UserType | null;
-    login: (tokens: Record<string, string>, userData: UserType) => void;
+    role: string | null;
+    isAuthenticated: boolean;
+    login: (tokens: Record<string, string>, userData: UserType, role: string) => void;
     logout: () => void;
-    setUser: (user: UserType) => void;
-    loading: boolean;
-    error: Error | null;
+    setUser: (user: UserType | null) => void;
+    tokenKey: string;
 };
 
 type AuthGuardProps = {
     children: React__default.ReactNode;
     redirectTo?: string;
-    tokenKey?: string;
+    fallback?: React__default.ReactNode;
 };
-declare const AuthGuard: ({ children, redirectTo, tokenKey, }: AuthGuardProps) => react_jsx_runtime.JSX.Element;
+declare const AuthGuard: ({ children, redirectTo, fallback, }: AuthGuardProps) => react_jsx_runtime.JSX.Element | null;
 
 type RoleGuardProps = {
     children: React__default.ReactNode;
     allowedRoles: string[];
     redirectTo?: string;
+    fallback?: React__default.ReactNode;
 };
-declare const RoleGuard: ({ children, allowedRoles, redirectTo, }: RoleGuardProps) => react_jsx_runtime.JSX.Element | null;
+declare const RoleGuard: ({ children, allowedRoles, redirectTo, fallback, }: RoleGuardProps) => react_jsx_runtime.JSX.Element | null;
 
-type User = any;
-declare function createAppAuth(storage?: 'localStorage' | 'sessionStorage' | 'cookie'): {
+type User = Record<string, any>;
+/**
+ * Factory to create isolated auth instance
+ */
+declare function createAppAuth(storage?: 'localStorage' | 'sessionStorage' | 'cookie', tokenKey?: string): {
     AuthProvider: ({ children }: {
         children: React.ReactNode;
     }) => react_jsx_runtime.JSX.Element;
     useAuth: () => AuthContextType<User$1>;
+    tokenKey: string;
 };
 
 export { AuthGuard, RoleGuard, type User, createAppAuth };

package/dist/index.d.ts

@@ -6,35 +6,41 @@ type User$1 = {
     [key: string]: any;
 };
 
-type AuthContextType<UserType extends User$1> = {
+type AuthContextType<UserType extends User$1 = User$1> = {
     user: UserType | null;
-    login: (tokens: Record<string, string>, userData: UserType) => void;
+    role: string | null;
+    isAuthenticated: boolean;
+    login: (tokens: Record<string, string>, userData: UserType, role: string) => void;
     logout: () => void;
-    setUser: (user: UserType) => void;
-    loading: boolean;
-    error: Error | null;
+    setUser: (user: UserType | null) => void;
+    tokenKey: string;
 };
 
 type AuthGuardProps = {
     children: React__default.ReactNode;
     redirectTo?: string;
-    tokenKey?: string;
+    fallback?: React__default.ReactNode;
 };
-declare const AuthGuard: ({ children, redirectTo, tokenKey, }: AuthGuardProps) => react_jsx_runtime.JSX.Element;
+declare const AuthGuard: ({ children, redirectTo, fallback, }: AuthGuardProps) => react_jsx_runtime.JSX.Element | null;
 
 type RoleGuardProps = {
     children: React__default.ReactNode;
     allowedRoles: string[];
     redirectTo?: string;
+    fallback?: React__default.ReactNode;
 };
-declare const RoleGuard: ({ children, allowedRoles, redirectTo, }: RoleGuardProps) => react_jsx_runtime.JSX.Element | null;
+declare const RoleGuard: ({ children, allowedRoles, redirectTo, fallback, }: RoleGuardProps) => react_jsx_runtime.JSX.Element | null;
 
-type User = any;
-declare function createAppAuth(storage?: 'localStorage' | 'sessionStorage' | 'cookie'): {
+type User = Record<string, any>;
+/**
+ * Factory to create isolated auth instance
+ */
+declare function createAppAuth(storage?: 'localStorage' | 'sessionStorage' | 'cookie', tokenKey?: string): {
     AuthProvider: ({ children }: {
         children: React.ReactNode;
     }) => react_jsx_runtime.JSX.Element;
     useAuth: () => AuthContextType<User$1>;
+    tokenKey: string;
 };
 
 export { AuthGuard, RoleGuard, type User, createAppAuth };

package/dist/index.js

@@ -35,18 +35,20 @@ var import_react_token_manager = require("react-token-manager");
 var import_zustand = require("zustand");
 var useAuthStore = (0, import_zustand.create)((set) => ({
   user: null,
+  role: null,
   isAuthenticated: false,
   isAuthChecked: false,
   loading: true,
-  // start as loading
   error: null,
   setUser: (user) => set({ user }),
+  setRole: (role) => set({ role }),
   setAuth: (isAuth) => set({ isAuthenticated: isAuth }),
   setAuthChecked: (checked) => set({ isAuthChecked: checked }),
   setLoading: (loading) => set({ loading }),
   setError: (err) => set({ error: err }),
   resetAuth: () => set({
     user: null,
+    role: null,
     isAuthenticated: false,
     isAuthChecked: false,
     loading: false,
@@ -56,99 +58,104 @@ var useAuthStore = (0, import_zustand.create)((set) => ({
 
 // src/AuthProvider.tsx
 var import_jsx_runtime = require("react/jsx-runtime");
-function createAuthContext(options = {}) {
-  const { storage = "cookie" } = options;
-  const AuthContext = (0, import_react.createContext)(
-    void 0
-  );
+function createAuthContext(option) {
+  const AuthContext = (0, import_react.createContext)(void 0);
   const AuthProvider = ({ children }) => {
-    const configuredRef = (0, import_react.useRef)(false);
-    const manager = (0, import_react_token_manager.useTokenManager)();
-    const { user, loading, error, setUser, setLoading, setError, resetAuth } = useAuthStore();
+    const storage = option?.storage ?? "cookie";
+    const tokenKey = option?.tokenKey ?? "access_token";
     (0, import_react.useEffect)(() => {
-      if (!configuredRef.current) {
-        (0, import_react_token_manager.configureTokenManager)({ storage });
-        configuredRef.current = true;
-      }
+      (0, import_react_token_manager.configureTokenManager)({ storage });
     }, [storage]);
+    const manager = (0, import_react_token_manager.useTokenManager)();
+    const {
+      user,
+      role,
+      setUser,
+      setRole,
+      resetAuth,
+      isAuthenticated,
+      setAuth,
+      setAuthChecked
+    } = useAuthStore();
     (0, import_react.useEffect)(() => {
-      try {
-        const savedUser = manager.getSingleToken("user");
-        if (savedUser) {
-          setUser(JSON.parse(savedUser));
+      const storedUser = manager.getSingleToken("user");
+      const token = manager.getSingleToken(tokenKey);
+      if (storedUser && token && !manager.isExpired(token)) {
+        try {
+          const parsedUser = JSON.parse(storedUser);
+          setUser(parsedUser);
+          setRole(parsedUser?.role ?? null);
+          setAuth(true);
+        } catch {
+          resetAuth();
         }
-      } catch (err) {
-        setError(err instanceof Error ? err : new Error(String(err)));
-      } finally {
-        setLoading(false);
-      }
-    }, [manager, setUser, setLoading, setError]);
-    const login = (tokens, userData) => {
-      try {
-        manager.setTokens({ ...tokens, user: JSON.stringify(userData) });
-        setUser(userData);
-      } catch (err) {
-        setError(err instanceof Error ? err : new Error(String(err)));
+      } else {
+        resetAuth();
       }
+      setAuthChecked(true);
+    }, [tokenKey]);
+    const login = (tokens, userData, role2) => {
+      const tokenValue = tokens[tokenKey] ?? tokens["access_token"] ?? Object.values(tokens)[0];
+      manager.setTokens({
+        ...tokens,
+        [tokenKey]: tokenValue,
+        user: JSON.stringify(userData)
+      });
+      setUser(userData);
+      setRole(role2);
+      setAuth(true);
     };
     const logout = () => {
-      try {
-        manager.clearTokens();
-        resetAuth();
-      } catch (err) {
-        setError(err instanceof Error ? err : new Error(String(err)));
-      }
+      manager.clearTokens();
+      resetAuth();
     };
     return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(
       AuthContext.Provider,
       {
         value: {
           user,
+          role,
+          isAuthenticated,
           login,
           logout,
           setUser: (u) => setUser(u),
-          loading,
-          error
+          tokenKey
         },
         children
       }
     );
   };
   const useAuth = () => {
-    const ctx = (0, import_react.useContext)(AuthContext);
-    if (!ctx) throw new Error("useAuth must be used inside AuthProvider");
-    return ctx;
+    const context = (0, import_react.useContext)(AuthContext);
+    if (!context) throw new Error("useAuth must be used within AuthProvider");
+    return context;
+  };
+  return {
+    AuthProvider,
+    useAuth,
+    tokenKey: option?.tokenKey ?? "access_token"
   };
-  return { AuthProvider, useAuth };
 }
 
 // src/AuthGuard.tsx
 var import_react2 = require("react");
 var import_navigation = require("next/navigation");
-var import_react_token_manager2 = require("react-token-manager");
 var import_jsx_runtime2 = require("react/jsx-runtime");
 var AuthGuard = ({
   children,
   redirectTo = "/login",
-  tokenKey = "access_token"
+  fallback = null
 }) => {
   const router = (0, import_navigation.useRouter)();
-  const manager = (0, import_react_token_manager2.useTokenManager)();
-  const setAuth = useAuthStore((state) => state.setAuth);
-  const setAuthChecked = useAuthStore((state) => state.setAuthChecked);
-  const [loading, setLoading] = (0, import_react2.useState)(true);
+  const { isAuthenticated, isAuthChecked } = useAuthStore();
   (0, import_react2.useEffect)(() => {
-    const token = manager.getSingleToken(tokenKey);
-    const isValid = Boolean(token) && !manager.isExpired(token);
-    setAuth(Boolean(isValid));
-    setAuthChecked(true);
-    if (!isValid) {
+    if (!isAuthChecked) return;
+    if (!isAuthenticated) {
       router.replace(redirectTo);
-    } else {
-      setLoading(false);
     }
-  }, [manager, tokenKey, redirectTo, router, setAuth, setAuthChecked]);
-  if (loading) return /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { children: "Loading..." });
+  }, [isAuthenticated, isAuthChecked, redirectTo, router]);
+  if (!isAuthChecked) return /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_jsx_runtime2.Fragment, { children: fallback });
+  if (!isAuthenticated) return null;
   return /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_jsx_runtime2.Fragment, { children });
 };
 var AuthGuard_default = AuthGuard;
@@ -160,32 +167,26 @@ var import_jsx_runtime3 = require("react/jsx-runtime");
 var RoleGuard = ({
   children,
   allowedRoles,
-  redirectTo = "/unauthorized"
+  redirectTo = "/unauthorized",
+  fallback = null
 }) => {
   const router = (0, import_navigation2.useRouter)();
-  const { user, isAuthChecked, isAuthenticated } = useAuthStore();
+  const { role, isAuthChecked } = useAuthStore();
   (0, import_react3.useEffect)(() => {
     if (!isAuthChecked) return;
-    if (!isAuthenticated || !user) {
-      router.replace("/login");
-      return;
-    }
-    const role2 = user?.role;
-    if (!allowedRoles.includes(role2)) {
+    if (!role || !allowedRoles.includes(role)) {
       router.replace(redirectTo);
     }
-  }, [isAuthChecked, isAuthenticated, user, allowedRoles, redirectTo, router]);
-  if (!isAuthChecked) return /* @__PURE__ */ (0, import_jsx_runtime3.jsx)("div", { children: "Loading..." });
-  if (!isAuthenticated || !user) return null;
-  const role = user?.role;
-  if (!allowedRoles.includes(role)) return null;
+  }, [role, isAuthChecked, allowedRoles, redirectTo, router]);
+  if (!isAuthChecked) return /* @__PURE__ */ (0, import_jsx_runtime3.jsx)(import_jsx_runtime3.Fragment, { children: fallback });
+  if (!role || !allowedRoles.includes(role)) return null;
   return /* @__PURE__ */ (0, import_jsx_runtime3.jsx)(import_jsx_runtime3.Fragment, { children });
 };
 var RoleGuard_default = RoleGuard;
 
 // src/index.ts
-function createAppAuth(storage = "cookie") {
-  return createAuthContext({ storage });
+function createAppAuth(storage = "cookie", tokenKey = "access_token") {
+  return createAuthContext({ storage, tokenKey });
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/index.mjs

@@ -1,30 +1,27 @@
 "use client";
 
 // src/AuthProvider.tsx
-import {
-  createContext,
-  useContext,
-  useEffect,
-  useRef
-} from "react";
+import { createContext, useContext, useEffect } from "react";
 import { configureTokenManager, useTokenManager } from "react-token-manager";
 
 // store/useGuardStore.ts
 import { create } from "zustand";
 var useAuthStore = create((set) => ({
   user: null,
+  role: null,
   isAuthenticated: false,
   isAuthChecked: false,
   loading: true,
-  // start as loading
   error: null,
   setUser: (user) => set({ user }),
+  setRole: (role) => set({ role }),
   setAuth: (isAuth) => set({ isAuthenticated: isAuth }),
   setAuthChecked: (checked) => set({ isAuthChecked: checked }),
   setLoading: (loading) => set({ loading }),
   setError: (err) => set({ error: err }),
   resetAuth: () => set({
     user: null,
+    role: null,
     isAuthenticated: false,
     isAuthChecked: false,
     loading: false,
@@ -34,99 +31,104 @@ var useAuthStore = create((set) => ({
 
 // src/AuthProvider.tsx
 import { jsx } from "react/jsx-runtime";
-function createAuthContext(options = {}) {
-  const { storage = "cookie" } = options;
-  const AuthContext = createContext(
-    void 0
-  );
+function createAuthContext(option) {
+  const AuthContext = createContext(void 0);
   const AuthProvider = ({ children }) => {
-    const configuredRef = useRef(false);
-    const manager = useTokenManager();
-    const { user, loading, error, setUser, setLoading, setError, resetAuth } = useAuthStore();
+    const storage = option?.storage ?? "cookie";
+    const tokenKey = option?.tokenKey ?? "access_token";
     useEffect(() => {
-      if (!configuredRef.current) {
-        configureTokenManager({ storage });
-        configuredRef.current = true;
-      }
+      configureTokenManager({ storage });
     }, [storage]);
+    const manager = useTokenManager();
+    const {
+      user,
+      role,
+      setUser,
+      setRole,
+      resetAuth,
+      isAuthenticated,
+      setAuth,
+      setAuthChecked
+    } = useAuthStore();
     useEffect(() => {
-      try {
-        const savedUser = manager.getSingleToken("user");
-        if (savedUser) {
-          setUser(JSON.parse(savedUser));
+      const storedUser = manager.getSingleToken("user");
+      const token = manager.getSingleToken(tokenKey);
+      if (storedUser && token && !manager.isExpired(token)) {
+        try {
+          const parsedUser = JSON.parse(storedUser);
+          setUser(parsedUser);
+          setRole(parsedUser?.role ?? null);
+          setAuth(true);
+        } catch {
+          resetAuth();
         }
-      } catch (err) {
-        setError(err instanceof Error ? err : new Error(String(err)));
-      } finally {
-        setLoading(false);
-      }
-    }, [manager, setUser, setLoading, setError]);
-    const login = (tokens, userData) => {
-      try {
-        manager.setTokens({ ...tokens, user: JSON.stringify(userData) });
-        setUser(userData);
-      } catch (err) {
-        setError(err instanceof Error ? err : new Error(String(err)));
+      } else {
+        resetAuth();
       }
+      setAuthChecked(true);
+    }, [tokenKey]);
+    const login = (tokens, userData, role2) => {
+      const tokenValue = tokens[tokenKey] ?? tokens["access_token"] ?? Object.values(tokens)[0];
+      manager.setTokens({
+        ...tokens,
+        [tokenKey]: tokenValue,
+        user: JSON.stringify(userData)
+      });
+      setUser(userData);
+      setRole(role2);
+      setAuth(true);
     };
     const logout = () => {
-      try {
-        manager.clearTokens();
-        resetAuth();
-      } catch (err) {
-        setError(err instanceof Error ? err : new Error(String(err)));
-      }
+      manager.clearTokens();
+      resetAuth();
     };
     return /* @__PURE__ */ jsx(
       AuthContext.Provider,
       {
         value: {
           user,
+          role,
+          isAuthenticated,
           login,
           logout,
           setUser: (u) => setUser(u),
-          loading,
-          error
+          tokenKey
         },
         children
       }
     );
   };
   const useAuth = () => {
-    const ctx = useContext(AuthContext);
-    if (!ctx) throw new Error("useAuth must be used inside AuthProvider");
-    return ctx;
+    const context = useContext(AuthContext);
+    if (!context) throw new Error("useAuth must be used within AuthProvider");
+    return context;
+  };
+  return {
+    AuthProvider,
+    useAuth,
+    tokenKey: option?.tokenKey ?? "access_token"
   };
-  return { AuthProvider, useAuth };
 }
 
 // src/AuthGuard.tsx
-import { useEffect as useEffect2, useState } from "react";
+import { useEffect as useEffect2 } from "react";
 import { useRouter } from "next/navigation";
-import { useTokenManager as useTokenManager2 } from "react-token-manager";
 import { Fragment, jsx as jsx2 } from "react/jsx-runtime";
 var AuthGuard = ({
   children,
   redirectTo = "/login",
-  tokenKey = "access_token"
+  fallback = null
 }) => {
   const router = useRouter();
-  const manager = useTokenManager2();
-  const setAuth = useAuthStore((state) => state.setAuth);
-  const setAuthChecked = useAuthStore((state) => state.setAuthChecked);
-  const [loading, setLoading] = useState(true);
+  const { isAuthenticated, isAuthChecked } = useAuthStore();
   useEffect2(() => {
-    const token = manager.getSingleToken(tokenKey);
-    const isValid = Boolean(token) && !manager.isExpired(token);
-    setAuth(Boolean(isValid));
-    setAuthChecked(true);
-    if (!isValid) {
+    if (!isAuthChecked) return;
+    if (!isAuthenticated) {
       router.replace(redirectTo);
-    } else {
-      setLoading(false);
     }
-  }, [manager, tokenKey, redirectTo, router, setAuth, setAuthChecked]);
-  if (loading) return /* @__PURE__ */ jsx2("div", { children: "Loading..." });
+  }, [isAuthenticated, isAuthChecked, redirectTo, router]);
+  if (!isAuthChecked) return /* @__PURE__ */ jsx2(Fragment, { children: fallback });
+  if (!isAuthenticated) return null;
   return /* @__PURE__ */ jsx2(Fragment, { children });
 };
 var AuthGuard_default = AuthGuard;
@@ -138,32 +140,26 @@ import { Fragment as Fragment2, jsx as jsx3 } from "react/jsx-runtime";
 var RoleGuard = ({
   children,
   allowedRoles,
-  redirectTo = "/unauthorized"
+  redirectTo = "/unauthorized",
+  fallback = null
 }) => {
   const router = useRouter2();
-  const { user, isAuthChecked, isAuthenticated } = useAuthStore();
+  const { role, isAuthChecked } = useAuthStore();
   useEffect3(() => {
     if (!isAuthChecked) return;
-    if (!isAuthenticated || !user) {
-      router.replace("/login");
-      return;
-    }
-    const role2 = user?.role;
-    if (!allowedRoles.includes(role2)) {
+    if (!role || !allowedRoles.includes(role)) {
       router.replace(redirectTo);
     }
-  }, [isAuthChecked, isAuthenticated, user, allowedRoles, redirectTo, router]);
-  if (!isAuthChecked) return /* @__PURE__ */ jsx3("div", { children: "Loading..." });
-  if (!isAuthenticated || !user) return null;
-  const role = user?.role;
-  if (!allowedRoles.includes(role)) return null;
+  }, [role, isAuthChecked, allowedRoles, redirectTo, router]);
+  if (!isAuthChecked) return /* @__PURE__ */ jsx3(Fragment2, { children: fallback });
+  if (!role || !allowedRoles.includes(role)) return null;
   return /* @__PURE__ */ jsx3(Fragment2, { children });
 };
 var RoleGuard_default = RoleGuard;
 
 // src/index.ts
-function createAppAuth(storage = "cookie") {
-  return createAuthContext({ storage });
+function createAppAuth(storage = "cookie", tokenKey = "access_token") {
+  return createAuthContext({ storage, tokenKey });
 }
 export {
   AuthGuard_default as AuthGuard,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nextauthz",
-  "version": "1.2.1",
+  "version": "1.2.4",
   "description": "",
   "main": "dist/index.js",
   "module": "dist/index.mjs",

package/readme.md

@@ -31,21 +31,17 @@ Wrap your application with AuthProvider to provide global auth state (user, load
 import { createAppAuth } from 'nextauthz'
 
 // Choose storage type
-const { AuthProvider } = createAppAuth('localStorage')
-// Options: 'localStorage' | 'sessionStorage' | 'cookie'
-
+const { AuthProvider, useAuth } = createAppAuth('cookie', 'access_token')
 
-If no storage is passed, default is:
-
-createAppAuth() // defaults to 'cookie'
 
+// Options: 'localStorage' | 'sessionStorage' | 'cookie'
+// Defaults to 'cookie' if no storage is passed
 
 function App({ children }: { children: React.ReactNode }) {
   return <AuthProvider>{children}</AuthProvider>
 }
 
 export default App
-
 ```
 
 ## Hook: useAuth
@@ -53,25 +49,25 @@ export default App
 ```bash 
 import { useAuth } from 'nextauthz'
 
-const { user, login, logout, setUser, loading, error } = useAuth()
+const { user, role, login, logout, setUser, isAuthenticated } = useAuth()
 ```
 
 Available Properties
 
-| Name      | Type                     | Description                                  |                            |
-| --------- | ------------------------ | -------------------------------------------- | -------------------------- |
-| `user`    | `User                    | null`                                        | Current authenticated user |
-| `login`   | `(tokens, user) => void` | Login and save tokens + user                 |                            |
-| `logout`  | `() => void`             | Clear auth tokens and reset state            |                            |
-| `setUser` | `(user) => void`         | Update user state manually                   |                            |
-| `loading` | `boolean`                | True while restoring user from token storage |                            |
-| `error`   | `Error                   | null`                                        | Last auth error            |
+| Name              | Type                               | Description                            |                            |
+| ----------------- | ---------------------------------- | -------------------------------------- | -------------------------- |
+| `user`            | `User                              | null`                                  | Current authenticated user |
+| `role`            | `string                            | null`                                  | User role                  |
+| `isAuthenticated` | `boolean`                          | True if the user is logged in          |                            |
+| `login`           | `(tokens, userData, role) => void` | Logs in a user and saves tokens + role |                            |
+| `logout`          | `() => void`                       | Clears auth tokens and resets state    |                            |
+| `setUser`         | `(user: User                       | null) => void`                         | Update user state manually |
 
 
 Example: Logging in
 
 ```bash 
-const handleLogin = async () => {
+const handleLogin = () => {
   const tokens = {
     access_token: 'abc123',
     refresh_token: 'xyz789',
@@ -83,9 +79,8 @@ const handleLogin = async () => {
     role: 'admin',
   }
 
-  login(tokens, user)
+  login(tokens, user, user.role)
 }
-
 ```
 
 ## AuthGuard
@@ -96,13 +91,11 @@ Protect routes/pages to ensure only authenticated users can access them.
 
 Props
 
-| Name           | Type                    | Default        | Description                            |
-| -------------- | ----------------------- | -------------- | -------------------------------------- |
-| `children`     | `ReactNode`             | required       | Components to render if authenticated  |
-| `redirectTo`   | `string`                | `/login`       | Page to redirect unauthenticated users |
-| `tokenKey`     | `string`                | `access_token` | Token key to validate                  |
-| `refreshToken` | `() => Promise<string>` | optional       | Function to refresh expired token      |
-
+| Name         | Type        | Default  | Description                            |
+| ------------ | ----------- | -------- | -------------------------------------- |
+| `children`   | `ReactNode` | required | Components to render if authenticated  |
+| `redirectTo` | `string`    | `/login` | Page to redirect unauthenticated users |
+| `fallback`   | `ReactNode` | `null`   | Optional loading or fallback UI        |
 
 ## Usage Example
 
@@ -111,7 +104,7 @@ import AuthGuard from 'nextauthz'
 
 function DashboardPage() {
   return (
-    <AuthGuard>
+    <AuthGuard fallback={<p>Loading...</p>}>
       <h1>Dashboard</h1>
     </AuthGuard>
   )
@@ -121,37 +114,45 @@ Behavior:
 
     ** Redirects to /login if the user is not authenticated.
 
-    ** Supports token refresh with refreshToken callback.
-
 
 ## RoleGuard
 
 Purpose
 
-Restrict access to specific roles after authentication.
+RoleGuard restricts access to certain pages or components based on a user’s role. It assumes authentication is already handled (e.g., via AuthGuard or useAuth) and only checks whether the user’s role is allowed to access the content.
 
-| Name           | Type        | Default         | Description                                  |
-| -------------- | ----------- | --------------- | -------------------------------------------- |
-| `children`     | `ReactNode` | required        | Components to render if user role is allowed |
-| `allowedRoles` | `string[]`  | required        | Roles allowed to access this page            |
-| `redirectTo`   | `string`    | `/unauthorized` | Redirect page for unauthorized roles         |
+| Name           | Type        | Default         | Description                                                   |
+| -------------- | ----------- | --------------- | ------------------------------------------------------------- |
+| `children`     | `ReactNode` | required        | Components to render if the user role is allowed              |
+| `allowedRoles` | `string[]`  | required        | List of roles allowed to access this page                     |
+| `redirectTo`   | `string`    | `/unauthorized` | Redirect page for unauthorized roles                          |
+| `fallback`     | `ReactNode` | `null`          | Optional loading or fallback UI displayed while checking role |
 
 
 Usage Example
 
 ```bash
-import RoleGuard from '@/auth/RoleGuard'
-import { useAuth } from '@/auth'
+import RoleGuard from 'nextauthz'
+import { useAuth } from 'nextauthz'
 
 function AdminPage() {
+  const { user } = useAuth()
+
   return (
-    <RoleGuard allowedRoles={['admin']}>
+    <RoleGuard allowedRoles={['admin']} fallback={<p>Checking permissions...</p>}>
       <h1>Admin Dashboard</h1>
+      <p>Welcome, {user?.name}</p>
     </RoleGuard>
   )
 }
 ```
 
+Behavior:
+
+    ** RoleGuard will show the fallback UI while the authentication state is loading (isAuthChecked is false).
+    ** 
+
+
 ## Storage Options
 
 You can configure token storage:

package/src/AuthGuard.tsx

@@ -1,42 +1,35 @@
 'use client'
 
-import React, { useEffect, useState } from 'react'
+import React, { useEffect } from 'react'
 import { useRouter } from 'next/navigation'
-import { useTokenManager } from 'react-token-manager'
 import { useAuthStore } from '../store/useGuardStore'
 
 type AuthGuardProps = {
   children: React.ReactNode
   redirectTo?: string
-  tokenKey?: string
+  fallback?: React.ReactNode
 }
 
 const AuthGuard = ({
   children,
   redirectTo = '/login',
-  tokenKey = 'access_token',
+  fallback = null,
 }: AuthGuardProps) => {
   const router = useRouter()
-  const manager = useTokenManager()
-  const setAuth = useAuthStore((state) => state.setAuth)
-  const setAuthChecked = useAuthStore((state) => state.setAuthChecked)
-  const [loading, setLoading] = useState(true)
 
-  useEffect(() => {
-    const token = manager.getSingleToken(tokenKey)
-    const isValid = Boolean(token) && !manager.isExpired(token as any)
+  const { isAuthenticated, isAuthChecked } = useAuthStore()
 
-    setAuth(Boolean(isValid))
-    setAuthChecked(true)
+  useEffect(() => {
+    if (!isAuthChecked) return
 
-    if (!isValid) {
+    if (!isAuthenticated) {
       router.replace(redirectTo)
-    } else {
-      setLoading(false)
     }
-  }, [manager, tokenKey, redirectTo, router, setAuth, setAuthChecked])
+  }, [isAuthenticated, isAuthChecked, redirectTo, router])
+
+  if (!isAuthChecked) return <>{fallback}</>
 
-  if (loading) return <div>Loading...</div>
+  if (!isAuthenticated) return null
 
   return <>{children}</>
 }

package/src/AuthProvider.tsx

@@ -1,93 +1,117 @@
 'use client'
 
-import React, {
-  createContext,
-  useContext,
-  ReactNode,
-  useEffect,
-  useRef,
-} from 'react'
+import React, { createContext, useContext, ReactNode, useEffect } from 'react'
 import { configureTokenManager, useTokenManager } from 'react-token-manager'
 import { useAuthStore, User } from '../store/useGuardStore'
 
-export type AuthContextType<UserType extends User> = {
+/* ---------------------------------- */
+/* Types */
+/* ---------------------------------- */
+
+export type AuthContextType<UserType extends User = User> = {
   user: UserType | null
-  login: (tokens: Record<string, string>, userData: UserType) => void
+  role: string | null
+  isAuthenticated: boolean
+  login: (tokens: Record<string, string>, userData: UserType, role: string) => void
   logout: () => void
-  setUser: (user: UserType) => void
-  loading: boolean
-  error: Error | null
+  setUser: (user: UserType | null) => void
+  tokenKey: string
 }
 
-type CreateAuthOptions = {
+/* ---------------------------------- */
+/* Factory */
+/* ---------------------------------- */
+
+export function createAuthContext<UserType extends User = User>(option?: {
   storage?: 'localStorage' | 'sessionStorage' | 'cookie'
-}
+  tokenKey?: string
+}) {
+  const AuthContext = createContext<AuthContextType<UserType> | undefined>(undefined)
 
-export function createAuthContext<UserType extends User = User>(
-  options: CreateAuthOptions = {}
-) {
-  const { storage = 'cookie' } = options
+  const AuthProvider = ({ children }: { children: ReactNode }) => {
+    const storage = option?.storage ?? 'cookie'
+    const tokenKey = option?.tokenKey ?? 'access_token'
 
-  const AuthContext = createContext<AuthContextType<UserType> | undefined>(
-    undefined
-  )
+    useEffect(() => {
+      configureTokenManager({ storage })
+    }, [storage])
 
-  const AuthProvider = ({ children }: { children: ReactNode }) => {
-    const configuredRef = useRef(false)
     const manager = useTokenManager()
 
-    const { user, loading, error, setUser, setLoading, setError, resetAuth } =
-      useAuthStore()
+    const {
+      user,
+      role,
+      setUser,
+      setRole,
+      resetAuth,
+      isAuthenticated,
+      setAuth,
+      setAuthChecked,
+    } = useAuthStore()
 
-    // Configure token manager once
-    useEffect(() => {
-      if (!configuredRef.current) {
-        configureTokenManager({ storage })
-        configuredRef.current = true
-      }
-    }, [storage])
+    /* ---------------------------------- */
+    /* Hydrate user from storage */
+    /* ---------------------------------- */
 
-    // Restore user from token storage
     useEffect(() => {
-      try {
-        const savedUser = manager.getSingleToken('user')
-        if (savedUser) {
-          setUser(JSON.parse(savedUser) as UserType)
+      const storedUser = manager.getSingleToken('user')
+      const token = manager.getSingleToken(tokenKey)
+    
+      if (storedUser && token && !manager.isExpired(token)) {
+        try {
+          const parsedUser = JSON.parse(storedUser) as UserType
+          setUser(parsedUser)
+          setRole((parsedUser as any)?.role ?? null)
+          setAuth(true)
+        } catch {
+          resetAuth()
         }
-      } catch (err) {
-        setError(err instanceof Error ? err : new Error(String(err)))
-      } finally {
-        setLoading(false)
-      }
-    }, [manager, setUser, setLoading, setError])
-
-    const login = (tokens: Record<string, string>, userData: UserType) => {
-      try {
-        manager.setTokens({ ...tokens, user: JSON.stringify(userData) })
-        setUser(userData)
-      } catch (err) {
-        setError(err instanceof Error ? err : new Error(String(err)))
+      } else {
+        resetAuth()
       }
+    
+      setAuthChecked(true)
+      // eslint-disable-next-line react-hooks/exhaustive-deps
+    }, [tokenKey])    
+
+    /* ---------------------------------- */
+    /* Login */
+    /* ---------------------------------- */
+
+    const login = (tokens: Record<string, string>, userData: UserType, role: string) => {
+      // Use dynamic token key
+      const tokenValue = tokens[tokenKey] ?? tokens['access_token'] ?? Object.values(tokens)[0]
+
+      manager.setTokens({
+        ...tokens,
+        [tokenKey]: tokenValue,
+        user: JSON.stringify(userData),
+      })
+
+      setUser(userData)
+      setRole(role)
+      setAuth(true)
     }
 
+    /* ---------------------------------- */
+    /* Logout */
+    /* ---------------------------------- */
+
     const logout = () => {
-      try {
-        manager.clearTokens()
-        resetAuth()
-      } catch (err) {
-        setError(err instanceof Error ? err : new Error(String(err)))
-      }
+      manager.clearTokens()
+      resetAuth()
     }
 
     return (
       <AuthContext.Provider
         value={{
           user: user as UserType | null,
+          role,
+          isAuthenticated,
           login,
           logout,
-          setUser: (u: UserType) => setUser(u),
-          loading,
-          error,
+          setUser: (u) => setUser(u),
+          tokenKey,
         }}
       >
         {children}
@@ -95,11 +119,19 @@ export function createAuthContext<UserType extends User = User>(
     )
   }
 
-  const useAuth = (): AuthContextType<UserType> => {
-    const ctx = useContext(AuthContext)
-    if (!ctx) throw new Error('useAuth must be used inside AuthProvider')
-    return ctx
+  /* ---------------------------------- */
+  /* Hook */
+  /* ---------------------------------- */
+
+  const useAuth = () => {
+    const context = useContext(AuthContext)
+    if (!context) throw new Error('useAuth must be used within AuthProvider')
+    return context
   }
 
-  return { AuthProvider, useAuth }
+  return {
+    AuthProvider,
+    useAuth,
+    tokenKey: option?.tokenKey ?? 'access_token',
+  }
 }

package/src/RoleGuard.tsx

@@ -8,44 +8,32 @@ type RoleGuardProps = {
   children: React.ReactNode
   allowedRoles: string[]
   redirectTo?: string
+  fallback?: React.ReactNode
 }
 
 const RoleGuard = ({
   children,
   allowedRoles,
   redirectTo = '/unauthorized',
+  fallback = null,
 }: RoleGuardProps) => {
   const router = useRouter()
-
-  // Get auth state from Zustand
-  const { user, isAuthChecked, isAuthenticated } = useAuthStore()
+  const { role, isAuthChecked } = useAuthStore()
 
   useEffect(() => {
-    // Wait until auth is checked
     if (!isAuthChecked) return
 
-    // Not authenticated
-    if (!isAuthenticated || !user) {
-      router.replace('/login')
-      return
-    }
-
-    // Role check
-    const role = user?.role
-    if (!allowedRoles.includes(role)) {
+    // If role not allowed, redirect
+    if (!role || !allowedRoles.includes(role)) {
       router.replace(redirectTo)
     }
-  }, [isAuthChecked, isAuthenticated, user, allowedRoles, redirectTo, router])
-
-  // Show loading until auth is checked
-  if (!isAuthChecked) return <div>Loading...</div>
+  }, [role, isAuthChecked, allowedRoles, redirectTo, router])
 
-  // Not authenticated
-  if (!isAuthenticated || !user) return null
+  // Show fallback while loading
+  if (!isAuthChecked) return <>{fallback}</>
 
-  // Role not allowed
-  const role = (user as any)?.role
-  if (!allowedRoles.includes(role)) return null
+  // Block rendering if role is not allowed
+  if (!role || !allowedRoles.includes(role)) return null
 
   return <>{children}</>
 }

package/src/index.ts

@@ -5,10 +5,14 @@ import { createAuthContext } from './AuthProvider'
 export { default as AuthGuard } from './AuthGuard'
 export { default as RoleGuard } from './RoleGuard'
 
-export type User = any
+export type User = Record<string, any>
 
+/**
+ * Factory to create isolated auth instance
+ */
 export function createAppAuth(
-  storage: 'localStorage' | 'sessionStorage' | 'cookie' = 'cookie'
+  storage: 'localStorage' | 'sessionStorage' | 'cookie' = 'cookie',
+  tokenKey: string = 'access_token' // <-- default token key
 ) {
-  return createAuthContext({ storage })
+  return createAuthContext({ storage, tokenKey })
 }

package/store/useGuardStore.ts

@@ -7,12 +7,16 @@ export type User = {
 }
 
 type AuthState = {
-  user: User | null        // user can be null
+  user: User | null
+  role: string | null   // ✅ explicit role
+
   isAuthenticated: boolean
   isAuthChecked: boolean
-  loading: boolean         // new loading state
+  loading: boolean
   error: Error | null
+
   setUser: (user: User | null) => void
+  setRole: (role: string | null) => void  // ✅ new setter
   setAuth: (isAuth: boolean) => void
   setAuthChecked: (checked: boolean) => void
   setLoading: (loading: boolean) => void
@@ -22,12 +26,16 @@ type AuthState = {
 
 export const useAuthStore = create<AuthState>((set) => ({
   user: null,
+  role: null,
+
   isAuthenticated: false,
   isAuthChecked: false,
-  loading: true, // start as loading
+  loading: true,
   error: null,
 
   setUser: (user) => set({ user }),
+  setRole: (role) => set({ role }),
+
   setAuth: (isAuth) => set({ isAuthenticated: isAuth }),
   setAuthChecked: (checked) => set({ isAuthChecked: checked }),
   setLoading: (loading) => set({ loading }),
@@ -36,6 +44,7 @@ export const useAuthStore = create<AuthState>((set) => ({
   resetAuth: () =>
     set({
       user: null,
+      role: null,
       isAuthenticated: false,
       isAuthChecked: false,
       loading: false,