npm - securepool - Versions diffs - 1.0.0 - Mend

securepool 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (126) hide show

package/.dockerignore +7 -0
package/.env.example +20 -0
package/ARCHITECTURE.md +279 -0
package/DEPLOYMENT.md +441 -0
package/README.md +283 -0
package/SETUP.md +388 -0
package/apps/demo-backend/Dockerfile +33 -0
package/apps/demo-backend/package.json +19 -0
package/apps/demo-backend/src/index.ts +71 -0
package/apps/demo-backend/tsconfig.json +8 -0
package/apps/demo-frontend/.env.example +2 -0
package/apps/demo-frontend/README.md +73 -0
package/apps/demo-frontend/eslint.config.js +23 -0
package/apps/demo-frontend/index.html +13 -0
package/apps/demo-frontend/package.json +24 -0
package/apps/demo-frontend/public/favicon.svg +1 -0
package/apps/demo-frontend/public/icons.svg +24 -0
package/apps/demo-frontend/src/App.tsx +33 -0
package/apps/demo-frontend/src/assets/hero.png +0 -0
package/apps/demo-frontend/src/assets/vite.svg +1 -0
package/apps/demo-frontend/src/components/AccountSwitcher.tsx +373 -0
package/apps/demo-frontend/src/components/ChangePasswordModal.tsx +128 -0
package/apps/demo-frontend/src/index.css +272 -0
package/apps/demo-frontend/src/main.tsx +10 -0
package/apps/demo-frontend/src/pages/DashboardPage.tsx +141 -0
package/apps/demo-frontend/src/pages/ForgotPasswordPage.tsx +183 -0
package/apps/demo-frontend/src/pages/LoginPage.tsx +158 -0
package/apps/demo-frontend/src/pages/OtpLoginPage.tsx +114 -0
package/apps/demo-frontend/src/pages/SignupPage.tsx +95 -0
package/apps/demo-frontend/src/pages/VerifyEmailPage.tsx +84 -0
package/apps/demo-frontend/tsconfig.app.json +28 -0
package/apps/demo-frontend/tsconfig.json +7 -0
package/apps/demo-frontend/tsconfig.node.json +26 -0
package/apps/demo-frontend/vite.config.ts +15 -0
package/docs/DATABASE_MONGODB.md +280 -0
package/docs/DATABASE_SQL.md +472 -0
package/package.json +21 -0
package/packages/api/package.json +30 -0
package/packages/api/src/createSecurePool.ts +113 -0
package/packages/api/src/index.ts +8 -0
package/packages/api/src/middleware/authMiddleware.ts +26 -0
package/packages/api/src/middleware/authorize.ts +24 -0
package/packages/api/src/middleware/rateLimiter.ts +25 -0
package/packages/api/src/middleware/tenantMiddleware.ts +12 -0
package/packages/api/src/routes/authRoutes.ts +229 -0
package/packages/api/src/routes/sessionRoutes.ts +30 -0
package/packages/api/src/swagger.ts +529 -0
package/packages/api/tsconfig.json +8 -0
package/packages/application/package.json +16 -0
package/packages/application/src/index.ts +17 -0
package/packages/application/src/interfaces/IAuditLogRepository.ts +6 -0
package/packages/application/src/interfaces/IAuthPlugin.ts +4 -0
package/packages/application/src/interfaces/IEmailService.ts +3 -0
package/packages/application/src/interfaces/IGoogleAuthService.ts +3 -0
package/packages/application/src/interfaces/IOtpRepository.ts +8 -0
package/packages/application/src/interfaces/IOtpService.ts +4 -0
package/packages/application/src/interfaces/IPasswordHasher.ts +4 -0
package/packages/application/src/interfaces/IRoleRepository.ts +8 -0
package/packages/application/src/interfaces/ISessionRepository.ts +8 -0
package/packages/application/src/interfaces/ITokenRepository.ts +9 -0
package/packages/application/src/interfaces/ITokenService.ts +5 -0
package/packages/application/src/interfaces/IUserRepository.ts +8 -0
package/packages/application/src/services/AuthService.ts +323 -0
package/packages/application/src/services/RefreshTokenService.ts +53 -0
package/packages/application/tsconfig.json +8 -0
package/packages/core/package.json +13 -0
package/packages/core/src/entities/AuditLog.ts +11 -0
package/packages/core/src/entities/OtpCode.ts +10 -0
package/packages/core/src/entities/RefreshToken.ts +9 -0
package/packages/core/src/entities/Role.ts +6 -0
package/packages/core/src/entities/Session.ts +10 -0
package/packages/core/src/entities/Tenant.ts +7 -0
package/packages/core/src/entities/User.ts +10 -0
package/packages/core/src/entities/UserRole.ts +6 -0
package/packages/core/src/enums/index.ts +22 -0
package/packages/core/src/index.ts +10 -0
package/packages/core/tsconfig.json +8 -0
package/packages/infrastructure/package.json +24 -0
package/packages/infrastructure/src/email/NodemailerEmailService.ts +55 -0
package/packages/infrastructure/src/google/GoogleAuthServiceImpl.ts +28 -0
package/packages/infrastructure/src/hashing/BcryptHasher.ts +18 -0
package/packages/infrastructure/src/index.ts +6 -0
package/packages/infrastructure/src/jwt/JwtTokenService.ts +32 -0
package/packages/infrastructure/src/otp/OtpServiceImpl.ts +50 -0
package/packages/infrastructure/tsconfig.json +8 -0
package/packages/persistence/package.json +22 -0
package/packages/persistence/prisma/schema.prisma +88 -0
package/packages/persistence/src/factory.ts +48 -0
package/packages/persistence/src/index.ts +30 -0
package/packages/persistence/src/mongo/connection.ts +9 -0
package/packages/persistence/src/mongo/models/AuditLogModel.ts +21 -0
package/packages/persistence/src/mongo/models/OtpModel.ts +19 -0
package/packages/persistence/src/mongo/models/RefreshTokenModel.ts +17 -0
package/packages/persistence/src/mongo/models/RoleModel.ts +11 -0
package/packages/persistence/src/mongo/models/SessionModel.ts +19 -0
package/packages/persistence/src/mongo/models/UserModel.ts +21 -0
package/packages/persistence/src/mongo/models/UserRoleModel.ts +15 -0
package/packages/persistence/src/mongo/repositories/MongoAuditLogRepository.ts +29 -0
package/packages/persistence/src/mongo/repositories/MongoOtpRepository.ts +34 -0
package/packages/persistence/src/mongo/repositories/MongoRoleRepository.ts +32 -0
package/packages/persistence/src/mongo/repositories/MongoSessionRepository.ts +29 -0
package/packages/persistence/src/mongo/repositories/MongoTokenRepository.ts +34 -0
package/packages/persistence/src/mongo/repositories/MongoUserRepository.ts +37 -0
package/packages/persistence/src/prisma/repositories/PrismaAuditLogRepository.ts +37 -0
package/packages/persistence/src/prisma/repositories/PrismaOtpRepository.ts +43 -0
package/packages/persistence/src/prisma/repositories/PrismaRoleRepository.ts +36 -0
package/packages/persistence/src/prisma/repositories/PrismaSessionRepository.ts +39 -0
package/packages/persistence/src/prisma/repositories/PrismaTokenRepository.ts +50 -0
package/packages/persistence/src/prisma/repositories/PrismaUserRepository.ts +45 -0
package/packages/persistence/tsconfig.json +8 -0
package/packages/react-sdk/package.json +23 -0
package/packages/react-sdk/src/components/GoogleLoginButton.tsx +54 -0
package/packages/react-sdk/src/components/LoginForm.tsx +67 -0
package/packages/react-sdk/src/components/OTPVerification.tsx +104 -0
package/packages/react-sdk/src/components/SessionList.tsx +64 -0
package/packages/react-sdk/src/components/SignupForm.tsx +95 -0
package/packages/react-sdk/src/context/AuthContext.ts +4 -0
package/packages/react-sdk/src/context/SecurePoolProvider.tsx +492 -0
package/packages/react-sdk/src/hooks/useAuth.ts +11 -0
package/packages/react-sdk/src/index.ts +22 -0
package/packages/react-sdk/src/types.ts +53 -0
package/packages/react-sdk/tsconfig.json +12 -0
package/scripts/setup.js +285 -0
package/scripts/setup.sh +309 -0
package/tsconfig.base.json +16 -0
package/turbo.json +16 -0

package/apps/demo-frontend/src/pages/LoginPage.tsx ADDED Viewed

@@ -0,0 +1,158 @@
+import { useState, useEffect, type FormEvent } from "react";
+import { useAuth } from "@securepool/react-sdk";
+import { useNavigate, Link } from "react-router-dom";
+function getInitials(email: string): string {
+  return email.split("@")[0].slice(0, 2).toUpperCase();
+}
+function getAvatarUrl(email: string): string {
+  const initials = getInitials(email);
+  return `https://ui-avatars.com/api/?name=${encodeURIComponent(initials)}&size=80&background=3b82f6&color=fff&bold=true&format=svg`;
+}
+export default function LoginPage() {
+  const { login, accounts, switchAccount, isLoading, error, clearError } = useAuth();
+  const navigate = useNavigate();
+  const [email, setEmail] = useState("");
+  useEffect(() => { clearError(); }, [clearError]);
+  const [password, setPassword] = useState("");
+  const handleSubmit = async (e: FormEvent) => {
+    e.preventDefault();
+    try {
+      await login(email, password);
+      navigate("/dashboard");
+    } catch {
+      // error is set in context
+    }
+  };
+  const handleSwitchTo = (accountId: string) => {
+    switchAccount(accountId);
+    navigate("/dashboard");
+    window.location.reload();
+  };
+  return (
+    <div className="auth-layout">
+      <div className="auth-card">
+        <h1>Welcome back</h1>
+        <p className="subtitle">Sign in to your SecurePool account</p>
+        {/* Show existing logged-in accounts */}
+        {accounts.length > 0 && (
+          <>
+            <div style={{ marginBottom: 16 }}>
+              <div style={{ fontSize: 12, color: "#64748b", marginBottom: 8, textTransform: "uppercase", letterSpacing: 0.5 }}>
+                Switch to an existing account
+              </div>
+              {accounts.map((account) => (
+                <div
+                  key={account.id}
+                  onClick={() => handleSwitchTo(account.id)}
+                  style={{
+                    display: "flex",
+                    alignItems: "center",
+                    gap: 12,
+                    padding: "10px 12px",
+                    background: "rgba(59,130,246,0.06)",
+                    border: "1px solid #334155",
+                    borderRadius: 10,
+                    cursor: "pointer",
+                    marginBottom: 6,
+                    transition: "all 0.15s",
+                  }}
+                  onMouseEnter={(e) => {
+                    e.currentTarget.style.background = "rgba(59,130,246,0.15)";
+                    e.currentTarget.style.borderColor = "#3b82f6";
+                  }}
+                  onMouseLeave={(e) => {
+                    e.currentTarget.style.background = "rgba(59,130,246,0.06)";
+                    e.currentTarget.style.borderColor = "#334155";
+                  }}
+                >
+                  <img
+                    src={getAvatarUrl(account.email)}
+                    alt=""
+                    style={{ width: 36, height: 36, borderRadius: "50%", flexShrink: 0 }}
+                  />
+                  <div style={{ flex: 1, minWidth: 0 }}>
+                    <div style={{
+                      fontSize: 14,
+                      color: "#e2e8f0",
+                      fontWeight: 500,
+                      overflow: "hidden",
+                      textOverflow: "ellipsis",
+                      whiteSpace: "nowrap",
+                    }}>
+                      {account.email.trim().toLowerCase()}
+                    </div>
+                    <div style={{ fontSize: 11, color: "#64748b" }}>Click to open dashboard</div>
+                  </div>
+                  <span style={{
+                    fontSize: 18,
+                    color: "#3b82f6",
+                  }}>
+                    →
+                  </span>
+                </div>
+              ))}
+            </div>
+            <div className="divider"><span>or sign in with another account</span></div>
+          </>
+        )}
+        {error && <div className="error-msg">{error}</div>}
+        <form onSubmit={handleSubmit}>
+          <div className="form-group">
+            <label htmlFor="email">Email</label>
+            <input
+              id="email"
+              type="email"
+              value={email}
+              onChange={(e) => setEmail(e.target.value)}
+              placeholder="you@example.com"
+              required
+              disabled={isLoading}
+            />
+          </div>
+          <div className="form-group">
+            <label htmlFor="password">Password</label>
+            <input
+              id="password"
+              type="password"
+              value={password}
+              onChange={(e) => setPassword(e.target.value)}
+              placeholder="Enter your password"
+              required
+              disabled={isLoading}
+            />
+          </div>
+          <div style={{ textAlign: "right", marginBottom: 8 }}>
+            <Link to="/forgot-password" style={{ fontSize: 13, color: "#60a5fa" }}>
+              Forgot password?
+            </Link>
+          </div>
+          <button type="submit" className="btn btn-primary" disabled={isLoading}>
+            {isLoading ? "Signing in..." : "Sign In"}
+          </button>
+        </form>
+        <div className="divider"><span>or</span></div>
+        <Link to="/otp-login">
+          <button type="button" className="btn btn-outline">
+            Sign in with OTP
+          </button>
+        </Link>
+        <div className="auth-links">
+          Don't have an account? <Link to="/signup">Sign up</Link>
+        </div>
+      </div>
+    </div>
+  );
+}

package/apps/demo-frontend/src/pages/OtpLoginPage.tsx ADDED Viewed

@@ -0,0 +1,114 @@
+import { useState, useEffect, type FormEvent } from "react";
+import { useAuth } from "@securepool/react-sdk";
+import { useNavigate, Link } from "react-router-dom";
+export default function OtpLoginPage() {
+  const { requestOtp, verifyOtp, isLoading, error, clearError } = useAuth();
+  const navigate = useNavigate();
+  useEffect(() => { clearError(); }, [clearError]);
+  const [email, setEmail] = useState("");
+  const [code, setCode] = useState("");
+  const [otpSent, setOtpSent] = useState(false);
+  const handleRequestOtp = async (e: FormEvent) => {
+    e.preventDefault();
+    try {
+      await requestOtp(email);
+      setOtpSent(true);
+    } catch {
+      // error set in context
+    }
+  };
+  const handleVerifyOtp = async (e: FormEvent) => {
+    e.preventDefault();
+    try {
+      await verifyOtp(email, code);
+      navigate("/dashboard");
+    } catch {
+      // error set in context
+    }
+  };
+  if (!otpSent) {
+    return (
+      <div className="auth-layout">
+        <div className="auth-card">
+          <h1>OTP Login</h1>
+          <p className="subtitle">We'll send a 6-digit code to your email</p>
+          {error && <div className="error-msg">{error}</div>}
+          <form onSubmit={handleRequestOtp}>
+            <div className="form-group">
+              <label htmlFor="email">Email</label>
+              <input
+                id="email"
+                type="email"
+                value={email}
+                onChange={(e) => setEmail(e.target.value)}
+                placeholder="you@example.com"
+                required
+                disabled={isLoading}
+              />
+            </div>
+            <button type="submit" className="btn btn-primary" disabled={isLoading}>
+              {isLoading ? "Sending..." : "Send OTP"}
+            </button>
+          </form>
+          <div className="auth-links">
+            <Link to="/login">Back to password login</Link>
+          </div>
+        </div>
+      </div>
+    );
+  }
+  return (
+    <div className="auth-layout">
+      <div className="auth-card">
+        <h1>Enter OTP</h1>
+        <p className="subtitle">
+          Code sent to <strong>{email}</strong>. Check your inbox.
+        </p>
+        {error && <div className="error-msg">{error}</div>}
+        <form onSubmit={handleVerifyOtp}>
+          <div className="form-group">
+            <label htmlFor="otp">6-digit Code</label>
+            <input
+              id="otp"
+              type="text"
+              className="otp-input"
+              value={code}
+              onChange={(e) => setCode(e.target.value.replace(/\D/g, "").slice(0, 6))}
+              placeholder="000000"
+              maxLength={6}
+              required
+              disabled={isLoading}
+            />
+          </div>
+          <button type="submit" className="btn btn-primary" disabled={isLoading || code.length !== 6}>
+            {isLoading ? "Verifying..." : "Verify & Sign In"}
+          </button>
+        </form>
+        <button
+          type="button"
+          className="btn btn-outline"
+          style={{ marginTop: 12 }}
+          onClick={() => {
+            setOtpSent(false);
+            setCode("");
+          }}
+          disabled={isLoading}
+        >
+          Use different email
+        </button>
+      </div>
+    </div>
+  );
+}

package/apps/demo-frontend/src/pages/SignupPage.tsx ADDED Viewed

@@ -0,0 +1,95 @@
+import { useState, useEffect, type FormEvent } from "react";
+import { useAuth } from "@securepool/react-sdk";
+import { useNavigate, Link } from "react-router-dom";
+export default function SignupPage() {
+  const { register, isLoading, error, clearError } = useAuth();
+  const navigate = useNavigate();
+  useEffect(() => { clearError(); }, [clearError]);
+  const [email, setEmail] = useState("");
+  const [password, setPassword] = useState("");
+  const [confirmPassword, setConfirmPassword] = useState("");
+  const [localError, setLocalError] = useState<string | null>(null);
+  const handleSubmit = async (e: FormEvent) => {
+    e.preventDefault();
+    setLocalError(null);
+    if (password !== confirmPassword) {
+      setLocalError("Passwords do not match");
+      return;
+    }
+    if (password.length < 8) {
+      setLocalError("Password must be at least 8 characters");
+      return;
+    }
+    try {
+      await register(email, password);
+      // Redirect to verify email page with the email
+      navigate("/verify-email", { state: { email } });
+    } catch {
+      // error in context
+    }
+  };
+  const displayError = localError || error;
+  return (
+    <div className="auth-layout">
+      <div className="auth-card">
+        <h1>Create account</h1>
+        <p className="subtitle">Get started with SecurePool</p>
+        {displayError && <div className="error-msg">{displayError}</div>}
+        <form onSubmit={handleSubmit}>
+          <div className="form-group">
+            <label htmlFor="email">Email</label>
+            <input
+              id="email"
+              type="email"
+              value={email}
+              onChange={(e) => setEmail(e.target.value)}
+              placeholder="you@example.com"
+              required
+              disabled={isLoading}
+            />
+          </div>
+          <div className="form-group">
+            <label htmlFor="password">Password</label>
+            <input
+              id="password"
+              type="password"
+              value={password}
+              onChange={(e) => setPassword(e.target.value)}
+              placeholder="Min 8 characters"
+              required
+              disabled={isLoading}
+            />
+          </div>
+          <div className="form-group">
+            <label htmlFor="confirm">Confirm Password</label>
+            <input
+              id="confirm"
+              type="password"
+              value={confirmPassword}
+              onChange={(e) => setConfirmPassword(e.target.value)}
+              placeholder="Re-enter your password"
+              required
+              disabled={isLoading}
+            />
+          </div>
+          <button type="submit" className="btn btn-primary" disabled={isLoading}>
+            {isLoading ? "Creating account..." : "Sign Up"}
+          </button>
+        </form>
+        <div className="auth-links">
+          Already have an account? <Link to="/login">Sign in</Link>
+        </div>
+      </div>
+    </div>
+  );
+}

package/apps/demo-frontend/src/pages/VerifyEmailPage.tsx ADDED Viewed

@@ -0,0 +1,84 @@
+import { useState, useEffect, type FormEvent } from "react";
+import { useAuth } from "@securepool/react-sdk";
+import { useNavigate, useLocation, Link } from "react-router-dom";
+export default function VerifyEmailPage() {
+  const { verifyEmail, requestOtp, isLoading, error, clearError } = useAuth();
+  const navigate = useNavigate();
+  useEffect(() => { clearError(); }, [clearError]);
+  const location = useLocation();
+  const passedEmail = (location.state as any)?.email || "";
+  const [email] = useState(passedEmail);
+  const [code, setCode] = useState("");
+  const [resent, setResent] = useState(false);
+  const handleVerify = async (e: FormEvent) => {
+    e.preventDefault();
+    try {
+      await verifyEmail(email, code);
+      navigate("/dashboard");
+    } catch {
+      // error in context
+    }
+  };
+  const handleResend = async () => {
+    try {
+      await requestOtp(email);
+      setResent(true);
+      setTimeout(() => setResent(false), 3000);
+    } catch {
+      // error in context
+    }
+  };
+  return (
+    <div className="auth-layout">
+      <div className="auth-card">
+        <h1>Verify your email</h1>
+        <p className="subtitle">
+          We sent a 6-digit code to <strong>{email}</strong>
+        </p>
+        {resent && <div className="success-msg">OTP resent to your email</div>}
+        {error && <div className="error-msg">{error}</div>}
+        <form onSubmit={handleVerify}>
+          <div className="form-group">
+            <label htmlFor="otp">Verification Code</label>
+            <input
+              id="otp"
+              type="text"
+              className="otp-input"
+              value={code}
+              onChange={(e) => setCode(e.target.value.replace(/\D/g, "").slice(0, 6))}
+              placeholder="000000"
+              maxLength={6}
+              required
+              disabled={isLoading}
+            />
+          </div>
+          <button type="submit" className="btn btn-primary" disabled={isLoading || code.length !== 6}>
+            {isLoading ? "Verifying..." : "Verify & Continue"}
+          </button>
+        </form>
+        <button
+          type="button"
+          className="btn btn-outline"
+          style={{ marginTop: 12 }}
+          onClick={handleResend}
+          disabled={isLoading}
+        >
+          Resend OTP
+        </button>
+        <div className="auth-links">
+          <Link to="/login">Back to login</Link>
+        </div>
+      </div>
+    </div>
+  );
+}

package/apps/demo-frontend/tsconfig.app.json ADDED Viewed

@@ -0,0 +1,28 @@
+{
+  "compilerOptions": {
+    "tsBuildInfoFile": "./node_modules/.tmp/tsconfig.app.tsbuildinfo",
+    "target": "ES2023",
+    "useDefineForClassFields": true,
+    "lib": ["ES2023", "DOM", "DOM.Iterable"],
+    "module": "ESNext",
+    "types": ["vite/client"],
+    "skipLibCheck": true,
+    /* Bundler mode */
+    "moduleResolution": "bundler",
+    "allowImportingTsExtensions": true,
+    "verbatimModuleSyntax": true,
+    "moduleDetection": "force",
+    "noEmit": true,
+    "jsx": "react-jsx",
+    /* Linting */
+    "strict": true,
+    "noUnusedLocals": true,
+    "noUnusedParameters": true,
+    "erasableSyntaxOnly": true,
+    "noFallthroughCasesInSwitch": true,
+    "noUncheckedSideEffectImports": true
+  },
+  "include": ["src"]
+}

package/apps/demo-frontend/tsconfig.json ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "files": [],
+  "references": [
+    { "path": "./tsconfig.app.json" },
+    { "path": "./tsconfig.node.json" }
+  ]
+}

package/apps/demo-frontend/tsconfig.node.json ADDED Viewed

@@ -0,0 +1,26 @@
+{
+  "compilerOptions": {
+    "tsBuildInfoFile": "./node_modules/.tmp/tsconfig.node.tsbuildinfo",
+    "target": "ES2023",
+    "lib": ["ES2023"],
+    "module": "ESNext",
+    "types": ["node"],
+    "skipLibCheck": true,
+    /* Bundler mode */
+    "moduleResolution": "bundler",
+    "allowImportingTsExtensions": true,
+    "verbatimModuleSyntax": true,
+    "moduleDetection": "force",
+    "noEmit": true,
+    /* Linting */
+    "strict": true,
+    "noUnusedLocals": true,
+    "noUnusedParameters": true,
+    "erasableSyntaxOnly": true,
+    "noFallthroughCasesInSwitch": true,
+    "noUncheckedSideEffectImports": true
+  },
+  "include": ["vite.config.ts"]
+}

package/apps/demo-frontend/vite.config.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import { defineConfig } from 'vite'
+import react from '@vitejs/plugin-react'
+import path from 'path'
+// https://vite.dev/config/
+export default defineConfig({
+  plugins: [react()],
+  resolve: {
+    dedupe: ['react', 'react-dom'],
+    alias: {
+      react: path.resolve(__dirname, 'node_modules/react'),
+      'react-dom': path.resolve(__dirname, 'node_modules/react-dom'),
+    },
+  },
+})