npm - nextworks - Versions diffs - 0.0.1 → 0.1.0-alpha.0 - Mend

nextworks 0.0.1 → 0.1.0-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (277) hide show

package/dist/kits/auth-core/lib/auth.ts ADDED Viewed

@@ -0,0 +1,142 @@
+import type { NextAuthOptions } from "next-auth";
+import NextAuth from "next-auth";
+import GitHubProvider from "next-auth/providers/github";
+import CredentialsProvider from "next-auth/providers/credentials";
+import { PrismaAdapter } from "@next-auth/prisma-adapter";
+import { prisma } from "@/lib/prisma";
+import { compare } from "bcryptjs";
+import { z } from "zod";
+import { zodErrorToFieldErrors } from "@/lib/api/errors";
+export const authOptions: NextAuthOptions = {
+  adapter: PrismaAdapter(prisma),
+  providers: [
+    CredentialsProvider({
+      name: "Credentials",
+      credentials: {
+        email: { label: "Email", type: "email" },
+        password: { label: "Password", type: "password" },
+      },
+      async authorize(credentials) {
+        const schema = z.object({
+          email: z.string().email("Invalid email address"),
+          password: z.string().min(1, "Password is required"),
+        });
+        try {
+          const { email, password } = schema.parse(credentials ?? {});
+          const user = await prisma.user.findFirst({
+            where: {
+              email: {
+                equals: email,
+                mode: "insensitive",
+              },
+            },
+            select: {
+              id: true,
+              name: true,
+              email: true,
+              password: true,
+              role: true,
+            },
+          });
+          if (!user || !user.password) {
+            throw new Error(
+              JSON.stringify({
+                message: "Invalid credentials",
+                errors: { email: "Email not found" },
+              }),
+            );
+          }
+          const isValid = await compare(password, user.password);
+          if (!isValid) {
+            throw new Error(
+              JSON.stringify({
+                message: "Invalid credentials",
+                errors: { password: "Incorrect password" },
+              }),
+            );
+          }
+          return {
+            id: user.id,
+            name: user.name,
+            email: user.email,
+            role: user.role,
+          } as any;
+        } catch (err: any) {
+          if (err instanceof z.ZodError) {
+            throw new Error(
+              JSON.stringify({
+                message: "Validation failed",
+                errors: zodErrorToFieldErrors(err),
+              }),
+            );
+          }
+          try {
+            JSON.parse(err?.message);
+            throw err; // already structured
+          } catch {
+            throw new Error(
+              JSON.stringify({
+                message: "Login failed",
+                errors: { email: "Invalid email or password" },
+              }),
+            );
+          }
+        }
+      },
+    }),
+    ...(process.env.GITHUB_ID && process.env.GITHUB_SECRET
+      ? [
+          GitHubProvider({
+            clientId: process.env.GITHUB_ID!,
+            clientSecret: process.env.GITHUB_SECRET!,
+          }),
+        ]
+      : []),
+  ],
+  session: { strategy: "jwt" },
+  callbacks: {
+    async jwt({ token, user, trigger, session }) {
+      if (user) {
+        (token as any).id = (user as any).id;
+        token.name = user.name ?? "";
+        token.email = user.email ?? "";
+        (token as any).role =
+          (user as any).role ?? (token as any).role ?? "user";
+      }
+      if (trigger === "update" && session) {
+        const s = session as any;
+        if (typeof s.name === "string") token.name = s.name;
+        if (typeof s.email === "string") token.email = s.email;
+        if (typeof s.role === "string") (token as any).role = s.role;
+        if (s.image === null || typeof s.image === "string")
+          (token as any).image = s.image ?? null;
+      }
+      return token;
+    },
+    async session({ session, token }) {
+      if (session.user) {
+        (session.user as any).id = (token as any).id as string;
+        session.user.name = token.name ?? null;
+        session.user.email = token.email ?? "";
+        (session.user as any).role = (token as any).role ?? "user";
+      }
+      return session;
+    },
+    async redirect({ url, baseUrl }) {
+      if (url.startsWith("/")) return `${baseUrl}${url}`;
+      if (new URL(url).origin === baseUrl) return url;
+      return baseUrl;
+    },
+  },
+  pages: { signIn: "/auth/login" },
+  secret: process.env.NEXTAUTH_SECRET,
+};
+const handler = NextAuth(authOptions);
+export { handler as GET, handler as POST };

package/dist/kits/auth-core/lib/email/dev-transport.ts ADDED Viewed

@@ -0,0 +1,42 @@
+import nodemailer from "nodemailer";
+import { sendSmtpEmail } from "@/lib/email/provider-smtp";
+let cachedTransport: nodemailer.Transporter | null = null;
+async function getDevTransport() {
+  if (cachedTransport) return cachedTransport;
+  const testAccount = await nodemailer.createTestAccount();
+  const transport = nodemailer.createTransport({
+    host: "smtp.ethereal.email",
+    port: 587,
+    auth: { user: testAccount.user, pass: testAccount.pass },
+  });
+  cachedTransport = transport;
+  return transport;
+}
+export async function sendDevEmail(opts: {
+  to: string;
+  subject: string;
+  text?: string;
+  html?: string;
+  from?: string;
+}) {
+  const smtpConfigured = !!(
+    process.env.SMTP_HOST && process.env.SMTP_USER && process.env.SMTP_PASS
+  );
+  if (smtpConfigured && process.env.NODE_ENV === "production") {
+    return sendSmtpEmail(opts).then((r) => ({ info: r.info, previewUrl: undefined }));
+  }
+  const transport = await getDevTransport();
+  const info = await transport.sendMail({
+    from: opts.from ?? `Nextworks <${process.env.NOREPLY_EMAIL ?? "no-reply@example.com"}>`,
+    to: opts.to,
+    subject: opts.subject,
+    text: opts.text,
+    html: opts.html,
+  });
+  const previewUrl = nodemailer.getTestMessageUrl(info) || undefined;
+  return { info, previewUrl };
+}

package/dist/kits/auth-core/lib/email/index.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import { sendDevEmail } from "@/lib/email/dev-transport";
+import { sendSmtpEmail } from "@/lib/email/provider-smtp";
+export async function sendEmail(opts: {
+  to: string;
+  subject: string;
+  text?: string;
+  html?: string;
+  from?: string;
+}) {
+  const smtpConfigured = !!(
+    process.env.SMTP_HOST && process.env.SMTP_USER && process.env.SMTP_PASS
+  );
+  if (smtpConfigured) {
+    return sendSmtpEmail(opts);
+  }
+  if (process.env.NEXTWORKS_USE_DEV_EMAIL === "1") {
+    return sendDevEmail(opts);
+  }
+  throw new Error("No email transport configured");
+}
+export function isEmailProviderConfigured() {
+  return !!(
+    (process.env.SMTP_HOST && process.env.SMTP_USER && process.env.SMTP_PASS) ||
+    process.env.MAILER_API_KEY
+  );
+}

package/dist/kits/auth-core/lib/email/provider-smtp.ts ADDED Viewed

@@ -0,0 +1,36 @@
+import nodemailer from "nodemailer";
+export async function sendSmtpEmail(opts: {
+  to: string;
+  subject: string;
+  text?: string;
+  html?: string;
+  from?: string;
+}) {
+  const host = process.env.SMTP_HOST;
+  const port = parseInt(process.env.SMTP_PORT || "587", 10);
+  const secure = port === 465;
+  const user = process.env.SMTP_USER;
+  const pass = process.env.SMTP_PASS;
+  if (!host || !user || !pass) throw new Error("SMTP not configured");
+  const transporter = nodemailer.createTransport({
+    host,
+    port,
+    secure,
+    auth: { user, pass },
+  });
+  const info = await transporter.sendMail({
+    from:
+      opts.from ??
+      `No Reply <${process.env.NOREPLY_EMAIL ?? "no-reply@example.com"}>`,
+    to: opts.to,
+    subject: opts.subject,
+    text: opts.text,
+    html: opts.html,
+  });
+  return { info };
+}

package/dist/kits/auth-core/lib/forms/map-errors.ts ADDED Viewed

@@ -0,0 +1,11 @@
+export function mapApiErrorsToForm(methods: any, payload: any) {
+  if (!payload || typeof payload !== "object") return null;
+  const errors = payload.errors || null;
+  const message = payload.message || null;
+  if (errors && typeof errors === "object") {
+    Object.entries(errors).forEach(([field, msg]) => {
+      methods.setError(field as any, { type: "server", message: String(msg) });
+    });
+  }
+  return message;
+}

package/dist/kits/auth-core/lib/hash.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { hash } from "bcryptjs";
+export async function hashPassword(password: string) {
+  const saltRounds = 10;
+  return hash(password, saltRounds);
+}

package/dist/kits/auth-core/lib/prisma.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import "server-only";
+import { PrismaClient } from "@prisma/client";
+const globalForPrisma = globalThis as unknown as {
+  prisma: PrismaClient | undefined;
+};
+export const prisma =
+  globalForPrisma.prisma ??
+  new PrismaClient({
+    log: ["error", "warn"],
+  });
+if (process.env.NODE_ENV !== "production") globalForPrisma.prisma = prisma;

package/dist/kits/auth-core/lib/server/result.ts ADDED Viewed

@@ -0,0 +1,45 @@
+export function jsonOk(data?: any, opts?: { status?: number; message?: string }) {
+  return Response.json({ success: true, data: data ?? null, message: opts?.message ?? null }, { status: opts?.status ?? 200 });
+}
+export function jsonFail(
+  message: string,
+  opts?: { status?: number; code?: string | number; errors?: Record<string, string> | null },
+) {
+  return Response.json(
+    { success: false, data: null, message, code: opts?.code ?? null, errors: opts?.errors ?? null },
+    { status: opts?.status ?? 400 },
+  );
+}
+export function jsonFromZod(err: any, opts?: { status?: number; message?: string }) {
+  const fieldErrors: Record<string, string> = {};
+  if (err?.issues && Array.isArray(err.issues)) {
+    for (const issue of err.issues) {
+      if (issue.path && issue.path.length > 0) {
+        fieldErrors[String(issue.path[0])] = issue.message;
+      }
+    }
+  }
+  return jsonFail(opts?.message || "Validation failed", {
+    status: opts?.status ?? 400,
+    errors: Object.keys(fieldErrors).length > 0 ? fieldErrors : null,
+    code: "VALIDATION_ERROR",
+  });
+}
+export function jsonFromPrisma(err: any) {
+  // Basic unique violation mapping (P2002)
+  const code = (err && err.code) || "PRISMA_ERROR";
+  if (code === "P2002") {
+    const meta = err.meta || {};
+    const target = Array.isArray(meta.target) ? meta.target[0] : meta.target;
+    const field = typeof target === "string" ? target : "field";
+    return jsonFail("Unique constraint violation", {
+      status: 409,
+      errors: { [field]: `${field} already in use` },
+      code: "UNIQUE_CONSTRAINT",
+    });
+  }
+  return jsonFail("Database error", { status: 500, code });
+}

package/dist/kits/auth-core/lib/utils.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { clsx, type ClassValue } from "clsx";
+import { twMerge } from "tailwind-merge";
+export function cn(...inputs: ClassValue[]) {
+  return twMerge(clsx(inputs));
+}

package/dist/kits/auth-core/lib/validation/forms.ts ADDED Viewed

@@ -0,0 +1,88 @@
+import { z } from "zod";
+export const signupSchema = z.object({
+  name: z.string().min(2, "Name must be at least 2 characters"),
+  email: z.string().email("Invalid email address"),
+  password: z.string().min(6, "Password must be at least 6 characters"),
+});
+export const loginSchema = z.object({
+  email: z.string().email("Invalid email address"),
+  password: z.string().min(6, "Password must be at least 6 characters"),
+});
+// Request body for forgot-password endpoint
+export const forgotPasswordSchema = z.object({
+  email: z.string().email("Invalid email address"),
+});
+// Reset password schema (token + new password + confirm)
+export const resetPasswordSchema = z
+  .object({
+    token: z.string().min(1, "Token is required"),
+    password: z.string().min(6, "Password must be at least 6 characters"),
+    confirmPassword: z.string().min(6, "Confirm password is required"),
+  })
+  .refine((data) => data.password === data.confirmPassword, {
+    path: ["confirmPassword"],
+    message: "Passwords do not match",
+  });
+export const contactSchema = z.object({
+  name: z.string().min(2, "Name must be at least 2 characters"),
+  email: z.string().email("Invalid email address"),
+  subject: z.string().min(5, "Subject must be at least 5 characters"),
+  message: z.string().min(10, "Message must be at least 10 characters"),
+});
+export const newsletterSchema = z.object({
+  name: z.string().optional(),
+  email: z.string().email("Invalid email address"),
+});
+export const userSchema = z.object({
+  email: z.string().email("Invalid email address"),
+  name: z
+    .string()
+    .min(2, "Name must be at least 2 characters")
+    .optional()
+    .or(z.literal("")),
+});
+export const userUpdateSchema = z.object({
+  email: z.string().email("Invalid email address").optional(),
+  name: z
+    .string()
+    .min(2, "Name must be at least 2 characters")
+    .optional()
+    .or(z.literal("")),
+  image: z.string().optional().or(z.literal("")),
+  password: z
+    .string()
+    .min(6, "Password must be at least 6 characters")
+    .optional()
+    .or(z.literal("")),
+  emailVerified: z
+    .union([z.date(), z.string().transform((s) => new Date(s)), z.null()])
+    .optional(),
+});
+export const postSchema = z.object({
+  title: z
+    .string()
+    .min(1, "Title is required")
+    .min(3, "Title must be at least 3 characters"),
+  content: z.string().optional().or(z.literal("")),
+  authorId: z.string().min(1, "Author ID is required"),
+  // published is optional in forms/API - defaults to false in the DB
+  published: z.boolean().optional(),
+});
+export type NewsletterFormValues = z.infer<typeof newsletterSchema>;
+export type ContactFormValues = z.infer<typeof contactSchema>;
+export type SignupFormValues = z.infer<typeof signupSchema>;
+export type LoginFormValues = z.infer<typeof loginSchema>;
+export type UserFormValues = z.infer<typeof userSchema>;
+export type PostFormValues = z.infer<typeof postSchema>;
+export type ForgotPasswordFormValues = z.infer<typeof forgotPasswordSchema>;
+export type ResetPasswordFormValues = z.infer<typeof resetPasswordSchema>;

package/dist/kits/auth-core/package-deps.json ADDED Viewed

@@ -0,0 +1,19 @@
+{
+  "dependencies": {
+    "@next-auth/prisma-adapter": "^1.0.7",
+    "@prisma/client": "^6.16.1",
+    "@radix-ui/react-label": "^2.1.7",
+    "@radix-ui/react-slot": "^1.2.3",
+    "bcryptjs": "^3.0.2",
+    "class-variance-authority": "^0.7.1",
+    "clsx": "^2.1.1",
+    "lucide-react": "^0.542.0",
+    "next-auth": "^4.24.13",
+    "tailwind-merge": "^3.3.1",
+    "nodemailer": "^7.0.7",
+    "@nextworks/blocks-core": "*"
+  },
+  "devDependencies": {
+    "prisma": "^6.16.1"
+  }
+}

package/dist/kits/auth-core/prisma/auth-models.prisma ADDED Viewed

@@ -0,0 +1,81 @@
+// ========================================
+// AUTH MODELS FOR NEXT-AUTH + PRISMA
+// ========================================
+//
+// Copy these models to your prisma/schema.prisma file
+//
+// Required models for NextAuth.js with Prisma adapter:
+// - User: Main user model
+// - Account: OAuth provider accounts (GitHub, Google, etc.)
+// - Session: User sessions
+// - VerificationToken: Email verification tokens
+//
+// Optional models:
+// - Post: Example model showing user relationships
+//
+// ========================================
+model User {
+  id            String    @id @default(cuid())
+  email         String    @unique
+  name          String?
+  image         String?
+  emailVerified DateTime?
+  password      String?   // For credentials provider
+  createdAt     DateTime  @default(now())
+  // Relations
+  posts         Post[]
+  accounts      Account[]
+  sessions      Session[]
+}
+model Account {
+  id                String @id @default(cuid())
+  userId            String
+  type              String
+  provider          String
+  providerAccountId String
+  access_token      String?
+  token_type        String?
+  scope             String?
+  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
+  @@unique([provider, providerAccountId])
+}
+model Session {
+  id           String   @id @default(cuid())
+  sessionToken String   @unique
+  userId       String
+  expires      DateTime
+  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
+}
+model VerificationToken {
+  identifier String
+  token      String   @unique
+  expires    DateTime
+  @@unique([identifier, token])
+}
+// ========================================
+// EXAMPLE MODEL (OPTIONAL)
+// ========================================
+// This is an example model showing how to create
+// relationships with the User model. You can remove
+// this if you don't need posts in your app.
+model Post {
+  id        String   @id @default(cuid())
+  title     String
+  content   String?
+  published Boolean  @default(false)
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+  authorId  String
+  author    User     @relation(fields: [authorId], references: [id], onDelete: Cascade)
+}

package/dist/kits/auth-core/prisma/schema.prisma ADDED Viewed

@@ -0,0 +1,81 @@
+generator client {
+  provider = "prisma-client-js"
+}
+datasource db {
+  provider = "postgresql"
+  url      = env("DATABASE_URL")
+}
+model User {
+  id             String          @id @default(cuid())
+  email          String          @unique
+  name           String?
+  image          String?
+  emailVerified  DateTime?
+  password       String?
+  role           String          @default("user")
+  createdAt      DateTime        @default(now())
+  posts          Post[]
+  accounts       Account[]
+  sessions       Session[]
+  // Relation for password reset tokens
+  passwordResets PasswordReset[]
+}
+model Account {
+  id                String  @id @default(cuid())
+  userId            String
+  type              String
+  provider          String
+  providerAccountId String
+  access_token      String?
+  token_type        String?
+  scope             String?
+  user User @relation(fields: [userId], references: [id])
+  @@unique([provider, providerAccountId])
+}
+model Session {
+  id           String   @id @default(cuid())
+  sessionToken String   @unique
+  userId       String
+  expires      DateTime
+  user User @relation(fields: [userId], references: [id])
+}
+model VerificationToken {
+  identifier String
+  token      String   @unique
+  expires    DateTime
+  @@unique([identifier, token])
+}
+model Post {
+  id        String   @id @default(cuid())
+  title     String
+  slug      String?  @unique
+  content   String?
+  excerpt   String?
+  tags      String?
+  published Boolean  @default(false)
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+  authorId  String
+  author    User     @relation(fields: [authorId], references: [id])
+}
+model PasswordReset {
+  id        String   @id @default(cuid())
+  token     String?
+  tokenHash String?  @unique
+  userId    String
+  expires   DateTime
+  used      Boolean  @default(false)
+  user User @relation(fields: [userId], references: [id])
+}

package/dist/kits/auth-core/scripts/populate-tokenhash.mjs ADDED Viewed

@@ -0,0 +1,26 @@
+#!/usr/bin/env node
+import { PrismaClient } from "@prisma/client";
+import { createHash } from "crypto";
+const prisma = new PrismaClient();
+async function main() {
+  console.log("Reading existing PasswordReset rows with token column...");
+  const rows = await prisma.$queryRaw`SELECT id, token FROM "PasswordReset" WHERE token IS NOT NULL`;
+  console.log(`Found ${rows.length} rows`);
+  for (const row of rows) {
+    const id = row.id;
+    const token = row.token;
+    if (!token) continue;
+    const hash = createHash("sha256").update(token).digest("hex");
+    await prisma.passwordReset.update({ where: { id }, data: { tokenHash: hash } });
+    console.log(`Updated ${id}`);
+  }
+  console.log("Done.");
+}
+main().catch((e) => {
+  console.error(e);
+  process.exit(1);
+}).finally(async () => await prisma.$disconnect());

package/dist/kits/auth-core/scripts/promote-admin.mjs ADDED Viewed

@@ -0,0 +1,33 @@
+#!/usr/bin/env node
+import { PrismaClient } from "@prisma/client";
+const prisma = new PrismaClient();
+async function promote(email) {
+  if (!email) {
+    console.error("Usage: node scripts/promote-admin.mjs <email>");
+    process.exit(1);
+  }
+  const user = await prisma.user.findUnique({ where: { email } });
+  if (!user) {
+    console.error(`User not found: ${email}`);
+    process.exit(2);
+  }
+  if (user.role === "admin") {
+    console.log(`User ${email} is already an admin`);
+    process.exit(0);
+  }
+  await prisma.user.update({ where: { email }, data: { role: "admin" } });
+  console.log(`Promoted ${email} to admin`);
+  process.exit(0);
+}
+const email = process.argv[2];
+promote(email).catch((err) => {
+  console.error(err);
+  process.exit(1);
+});