stackkit 0.3.4 → 0.3.6

package/modules/auth/better-auth/files/shared/features/queries/auth.mutations.tsx

@@ -0,0 +1,312 @@
+{{#if framework == "nextjs"}}
+"use client";
+
+import { setTokens } from "@/features/auth/services/auth.service";
+{{/if}}
+import {
+  forgetPasswordRequest,
+  loginRequest,
+  logoutRequest,
+  registerRequest,
+  resendOTPRequest,
+  resetPasswordRequest,
+  verifyEmailRequest,
+} from "@/features/auth/services/auth.api";
+import { envVars } from "@/lib/env";
+import { useMutation, useQueryClient } from "@tanstack/react-query";
+{{#if framework == "nextjs"}}
+import { useRouter } from "next/navigation";
+{{else}}
+import { useNavigate } from "react-router";
+{{/if}}
+import { toast } from "sonner";
+import type { ILoginResponse, SocialProvider } from "../types/auth.type";
+import type { ILoginPayload } from "../validators/login.validator";
+import { ChangePassword, updateProfile } from "../services/auth.api";
+
+export const AUTH_QUERY_KEYS = {
+  me: ["auth", "me"] as const,
+};
+
+export const AUTH_MUTATION_KEYS = {
+  register: ["auth", "register"] as const,
+  login: ["auth", "login"] as const,
+  forgotPassword: ["auth", "forgot-password"] as const,
+  resetPassword: ["auth", "reset-password"] as const,
+  verifyEmail: ["auth", "verify-email"] as const,
+  resendOTP: ["auth", "resend-otp"] as const,
+  socialLogin: ["auth", "social-login"] as const,
+  changePassword: ["auth", "change-password"] as const,
+  updateProfile: ["auth", "update-profile"] as const,
+  logout: ["auth", "logout"] as const,
+};
+
+export const useRegisterMutation = () => {
+  {{#if framework == "nextjs"}}
+  const router = useRouter();
+  const navigate = (path: string) => router.push(path);
+  {{else}}
+  const navigate = useNavigate();
+  {{/if}}
+
+  return useMutation({
+    mutationKey: AUTH_MUTATION_KEYS.register,
+    mutationFn: registerRequest,
+    onSuccess: (_data, variables) => {
+      navigate(`/verify-email?email=${encodeURIComponent(variables.email)}`);
+      toast.success("Registration successful! Please verify your email.");
+    },
+    onError: (error: unknown) => {
+      toast.error(
+        error instanceof Error
+          ? error.message
+          : "Registration failed. Please check your details and try again.",
+      );
+    },
+  });
+};
+
+export const useLoginMutation = () => {
+  {{#if framework == "nextjs"}}
+  const router = useRouter();
+  const navigate = (path: string) => router.push(path);
+  {{else}}
+  const navigate = useNavigate();
+  {{/if}}
+  const queryClient = useQueryClient();
+
+  return useMutation<ILoginResponse, unknown, ILoginPayload & { redirectPath?: string }>(
+    {
+      mutationKey: AUTH_MUTATION_KEYS.login,
+      mutationFn: loginRequest,
+      onSuccess: async (data, variables) => {
+        toast.success("Login successful!");
+
+        {{#if framework == "nextjs"}}
+        try {
+          await setTokens({
+            accessToken: data?.accessToken,
+            refreshToken: data?.refreshToken,
+            token: data?.token,
+          });
+        } catch (err) {
+          console.error("Failed to set tokens in cookies:", err);
+        }
+        {{/if}}
+
+        await queryClient.invalidateQueries({ queryKey: AUTH_QUERY_KEYS.me });
+        await new Promise((resolve) => setTimeout(resolve, 100));
+
+        const defaultRoute = data?.user?.role === "ADMIN" ? "/dashboard/admin" : "/dashboard";
+        navigate(variables?.redirectPath || defaultRoute);
+      },
+      onError: (error: unknown, variables) => {
+        if (error instanceof Error && error.message === "Email not verified") {
+          navigate(`/verify-email?email=${encodeURIComponent(variables.email)}`);
+          return;
+        }
+        toast.error(
+          error instanceof Error
+            ? error.message
+            : "Login failed. Please check your credentials and try again.",
+        );
+      },
+    },
+  );
+};
+
+export const useForgotPasswordMutation = () => {
+  {{#if framework == "nextjs"}}
+  const router = useRouter();
+  const navigate = (path: string) => router.push(path);
+  {{else}}
+  const navigate = useNavigate();
+  {{/if}}
+  const queryClient = useQueryClient();
+
+  return useMutation({
+    mutationKey: AUTH_MUTATION_KEYS.forgotPassword,
+    mutationFn: forgetPasswordRequest,
+    onSuccess: async () => {
+      toast.success("Password reset OTP sent to your email!");
+      await queryClient.invalidateQueries({ queryKey: AUTH_QUERY_KEYS.me });
+      navigate("/reset-password");
+    },
+    onError: (error: Error) => {
+      toast.error(
+        error.message ||
+          "Failed to send password reset email. Please check the email and try again.",
+      );
+    },
+  });
+};
+
+export const useResetPasswordMutation = () => {
+  {{#if framework == "nextjs"}}
+  const router = useRouter();
+  const navigate = (path: string) => router.push(path);
+  {{else}}
+  const navigate = useNavigate();
+  {{/if}}
+
+  return useMutation({
+    mutationKey: AUTH_MUTATION_KEYS.resetPassword,
+    mutationFn: resetPasswordRequest,
+    onSuccess: () => {
+      toast.success("Password reset successful! Please log in with your new password.");
+      navigate("/login");
+    },
+    onError: (error: Error) => {
+      toast.error(
+        error.message || "Failed to reset password. Please check your details and try again.",
+      );
+    },
+  });
+};
+
+export const useVerifyEmailMutation = () => {
+  {{#if framework == "nextjs"}}
+  const router = useRouter();
+  const navigate = (path: string) => router.push(path);
+  {{else}}
+  const navigate = useNavigate();
+  {{/if}}
+
+  return useMutation({
+    mutationKey: AUTH_MUTATION_KEYS.verifyEmail,
+    mutationFn: verifyEmailRequest,
+    onSuccess: () => {
+      toast.success("Email verified successfully! Please log in.");
+      navigate("/login");
+    },
+    onError: (error: Error) => {
+      toast.error(
+        error.message || "Email verification failed. Please check your details and try again.",
+      );
+    },
+  });
+};
+
+export const useResendOTPMutation = () => {
+  return useMutation({
+    mutationKey: AUTH_MUTATION_KEYS.resendOTP,
+    mutationFn: resendOTPRequest,
+    onSuccess: () => {
+      toast.success("Verification OTP resent successfully!");
+    },
+    onError: (error) => {
+      toast.error(
+        error.message ||
+          "Failed to resend verification OTP. Please check the email and try again.",
+      );
+    },
+  });
+};
+
+export const useSocialLoginMutation = () => {
+  return useMutation<string, Error, SocialProvider>({
+    mutationKey: AUTH_MUTATION_KEYS.socialLogin,
+    mutationFn: async (provider) => {
+      const payloadRes = await fetch(
+        `${envVars.API_URL}/v1/auth/login/${provider}?redirect=/dashboard`,
+      );
+      if (!payloadRes.ok) throw new Error("Failed to initiate social login.");
+      const { data: payload } = await payloadRes.json();
+
+      const authRes = await fetch(
+        `${envVars.BETTER_AUTH_URL}${payload.signInEndpoint}`,
+        {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          credentials: "include",
+          body: JSON.stringify({
+            provider: payload.provider,
+            callbackURL: payload.callbackURL,
+          }),
+        },
+      );
+      if (!authRes.ok) throw new Error("Social login request failed.");
+
+      const json = await authRes.json();
+      const redirectUrl: string | undefined = json?.url || json?.redirectUrl;
+
+      if (!redirectUrl)
+        throw new Error("No redirect URL returned from social login.");
+
+      return redirectUrl;
+    },
+    onSuccess: (redirectUrl) => {
+      window.location.href = redirectUrl;
+    },
+    onError: (error) => {
+      toast.error(error.message || "Social login failed. Please try again.");
+    },
+  });
+};
+
+export const useChangePasswordMutation = () => {
+  {{#if framework == "nextjs"}}
+  const router = useRouter();
+  const navigate = (path: string) => router.push(path);
+  {{else}}
+  const navigate = useNavigate();
+  {{/if}}
+
+  return useMutation({
+    mutationKey: AUTH_MUTATION_KEYS.changePassword,
+    mutationFn: ChangePassword,
+    onSuccess: () => {
+      toast.success(
+        "Password changed successfully! Please log in with your new password.",
+      );
+      navigate("/login");
+    },
+    onError: (error) => {
+      toast.error(
+        error.message ||
+          "Failed to change password. Please check your details and try again.",
+      );
+    },
+  });
+};
+
+export const useUpdateProfileMutation = () => {
+  const queryClient = useQueryClient();
+
+  return useMutation({
+    mutationKey: AUTH_MUTATION_KEYS.updateProfile,
+    mutationFn: updateProfile,
+    onSuccess: async () => {
+      await queryClient.invalidateQueries({ queryKey: AUTH_QUERY_KEYS.me });
+      toast.success("Profile updated successfully");
+    },
+    onError: (error) => {
+      toast.error(
+        error.message || "Failed to update profile. Please check your details and try again.",
+      );
+    },
+  });
+};
+
+export const useLogoutMutation = () => {
+  {{#if framework == "nextjs"}}
+  const router = useRouter();
+  const navigate = (path: string) => router.push(path);
+  {{else}}
+  const navigate = useNavigate();
+  {{/if}}
+  const queryClient = useQueryClient();
+
+  return useMutation({
+    mutationKey: AUTH_MUTATION_KEYS.logout,
+    mutationFn: logoutRequest,
+    onSuccess: async () => {
+      queryClient.clear();
+      toast.success("Logged out successfully");
+      navigate("/login");
+    },
+    onError: (error: Error) => {
+      toast.error(error.message || "Failed to log out. Please try again.");
+    },
+  });
+};

package/modules/auth/better-auth/files/shared/features/queries/auth.querie.ts

@@ -0,0 +1,19 @@
+{{#if framework == "nextjs"}}
+"use client";
+{{/if}}
+
+import type { IUserResponse } from "../types/auth.type";
+import { useQuery } from "@tanstack/react-query";
+import { getMeRequest } from "../services/auth.api";
+
+export const AUTH_QUERY_KEYS = {
+  me: ["auth", "me"] as const,
+};
+
+export const useMeQuery = () => {
+  return useQuery<IUserResponse>({
+    queryKey: AUTH_QUERY_KEYS.me,
+    queryFn: getMeRequest,
+    retry: false,
+  });
+};

package/modules/auth/better-auth/files/shared/features/services/auth.api.ts

@@ -0,0 +1,81 @@
+{{#if framework == "nextjs"}}
+"use server";
+
+import { deleteCookie } from "@/lib/utils/cookie";
+{{/if}}
+import type { ILoginResponse, IUserResponse } from "../types/auth.type";
+import { api } from "@/lib/axios/http";
+
+export async function loginRequest(payload: {
+  email: string;
+  password: string;
+}) {
+  const res = await api.post<ILoginResponse>("/v1/auth/login", payload);
+  return res.data;
+}
+
+export async function registerRequest(payload: {
+  name: string;
+  email: string;
+  password: string;
+}) {
+  const res = await api.post("/v1/auth/register", payload);
+  return res.data;
+}
+
+export async function forgetPasswordRequest(payload: { email: string }) {
+  const res = await api.post("/v1/auth/forget-password", payload);
+  return res.data;
+}
+
+export async function resetPasswordRequest(payload: {
+  email: string;
+  otp: string;
+  newPassword: string;
+}) {
+  const res = await api.post("/v1/auth/reset-password", payload);
+  return res.data;
+}
+
+export async function verifyEmailRequest(payload: {
+  email: string;
+  otp: string;
+}) {
+  const res = await api.post("/v1/auth/verify-email", payload);
+  return res.data;
+}
+
+export async function resendOTPRequest(payload: { email: string }) {
+  const res = await api.post("/v1/auth/resend-otp", payload);
+  return res.data;
+}
+
+export async function ChangePassword(payload: {
+  currentPassword: string;
+  newPassword: string;
+}) {
+  const res = await api.post("/v1/auth/change-password", payload);
+  return res.data;
+}
+
+export async function updateProfile(payload: { name: string; image?: string }) {
+  const res = await api.patch("/v1/auth/profile", payload);
+  return res.data;
+}
+
+export async function logoutRequest() {
+  const res = await api.post("/v1/auth/logout", {});
+  {{#if framework == "nextjs"}}
+  // remove local cookies used for auth
+  await deleteCookie("accessToken");
+  await deleteCookie("refreshToken");
+  await deleteCookie("better-auth.session_token");
+  await deleteCookie("better-auth.session_data");
+  {{/if}}
+  return res.data;
+}
+
+export async function getMeRequest(): Promise<IUserResponse> {
+  const res = await api.get<IUserResponse>("/v1/auth/me");
+  return res.data;
+}

package/modules/auth/better-auth/files/shared/features/types/auth.type.ts

@@ -0,0 +1,47 @@
+export type SocialProvider =
+  | "google"
+  | "github"
+  | "facebook"
+  | "twitter"
+  | "discord";
+
+export interface ILoginResponse {
+  token: string;
+  accessToken: string;
+  refreshToken: string;
+  user: {
+    needPasswordChange: boolean;
+    email: string;
+    name: string;
+    role: string;
+    image: string;
+    status: string;
+    isDeleted: boolean;
+    emailVerified: boolean;
+  };
+}
+
+export interface IUserResponse {
+  id: string;
+  needPasswordChange: boolean;
+  email: string;
+  name: string;
+  role: string;
+  image: string;
+  status: string;
+  isDeleted: boolean;
+  emailVerified: boolean;
+  createdAt?: string;
+}
+
+export type OAuthLoginPayload = {
+  provider: SocialProvider;
+  callbackURL: string;
+  signInEndpoint: string;
+};
+
+export type OAuthPayloadResponse = {
+  success: boolean;
+  message: string;
+  data: OAuthLoginPayload;
+};

package/modules/auth/better-auth/files/shared/features/validators/change-password.validator.ts

@@ -0,0 +1,18 @@
+import { z } from "zod";
+
+export const changePasswordZodSchema = z
+  .object({
+    currentPassword: z.string().min(1, "Current password is required"),
+    newPassword: z.string().min(8, "Password must be at least 8 characters"),
+    confirmPassword: z.string().min(1, "Please confirm your password"),
+  })
+  .refine((data) => data.newPassword === data.confirmPassword, {
+    message: "Passwords do not match",
+    path: ["confirmPassword"],
+  })
+  .refine((data) => data.currentPassword !== data.newPassword, {
+    message: "New password must be different from current password",
+    path: ["newPassword"],
+  });
+
+export type IChangePasswordPayload = z.infer<typeof changePasswordZodSchema>;

package/modules/auth/better-auth/files/shared/features/validators/forgot.validator.ts

@@ -0,0 +1,7 @@
+import { z } from "zod";
+
+export const forgotZodSchema = z.object({
+  email: z.string().email("Invalid email address"),
+});
+
+export type IForgotPayload = z.infer<typeof forgotZodSchema>;

package/modules/auth/better-auth/files/shared/features/validators/login.validator.ts

@@ -0,0 +1,14 @@
+import { z } from "zod";
+
+export const loginZodSchema = z.object({
+  email: z.string().email("Invalid email address"),
+  password: z
+    .string()
+    .min(1, "Password is required")
+    .min(8, "Password must be at least 8 characters long")
+    .regex(/[A-Z]/, "Password must contain at least one uppercase letter")
+    .regex(/[a-z]/, "Password must contain at least one lowercase letter")
+    .regex(/[0-9]/, "Password must contain at least one number"),
+});
+
+export type ILoginPayload = z.infer<typeof loginZodSchema>;

package/modules/auth/better-auth/files/shared/features/validators/profile.validator.ts

@@ -0,0 +1,8 @@
+import { z } from "zod";
+
+export const profileZodSchema = z.object({
+  name: z.string().min(1, "Name is required"),
+  image: z.string().optional(),
+});
+
+export type IProfilePayload = z.infer<typeof profileZodSchema>;

package/modules/auth/better-auth/files/shared/features/validators/register.validator.ts

@@ -0,0 +1,9 @@
+import { z } from "zod";
+
+export const registerZodSchema = z.object({
+  name: z.string().min(1, "Name is required"),
+  email: z.string().email("Invalid email address"),
+  password: z.string().min(8, "Password must be at least 8 characters"),
+});
+
+export type IRegisterPayload = z.infer<typeof registerZodSchema>;

package/modules/auth/better-auth/files/shared/features/validators/reset.validator.ts

@@ -0,0 +1,9 @@
+import { z } from "zod";
+
+export const resetZodSchema = z.object({
+  email: z.string().email("Invalid email address"),
+  otp: z.string().min(1, "OTP is required"),
+  newPassword: z.string().min(8, "Password must be at least 8 characters"),
+});
+
+export type IResetPayload = z.infer<typeof resetZodSchema>;

package/modules/auth/better-auth/files/shared/features/validators/verify.validator.ts

@@ -0,0 +1,8 @@
+import { z } from "zod";
+
+export const verifyZodSchema = z.object({
+  email: z.string().email("Invalid email address"),
+  otp: z.string().min(1, "OTP is required"),
+});
+
+export type IVerifyPayload = z.infer<typeof verifyZodSchema>;

package/modules/auth/better-auth/files/shared/lib/auth-client.ts

@@ -1,7 +1,8 @@
 import { createAuthClient } from "better-auth/react";
+import { envVars } from "../env";
 
 export const authClient = createAuthClient({
-  baseURL: process.env.BETTER_AUTH_URL || "http://localhost:5000",
+  baseURL: envVars.BETTER_AUTH_URL || "http://localhost:5000",
 });
 
 export const { signIn, signUp, signOut, useSession } = authClient;

package/modules/auth/better-auth/files/shared/lib/auth.ts

@@ -7,13 +7,6 @@ import { sendEmail } from "../shared/utils/email";
 import { prisma } from "../database/prisma";
 import { prismaAdapter } from "better-auth/adapters/prisma";
 {{/if}}
-{{#if combo == "prisma:nextjs"}}
-import { Role, UserStatus } from "@prisma/client";
-import { sendEmail } from "@/lib/utils/email";
-import { prisma } from "../database/prisma";
-import { envVars } from "@/lib/env";
-import { prismaAdapter } from "better-auth/adapters/prisma";
-{{/if}}
 {{#if combo == "mongoose:express"}}
 import { envVars } from "../config/env";
 import { Role, UserStatus } from "../modules/auth/auth.constants";
@@ -21,13 +14,6 @@ import { sendEmail } from "../shared/utils/email";
 import { getMongoClient, getMongoDb, mongoose } from "../database/mongoose";
 import { mongodbAdapter } from "better-auth/adapters/mongodb";
 {{/if}}
-{{#if combo == "mongoose:nextjs"}}
-import { sendEmail } from "../service/email/email-service";
-import { getMongoClient, getMongoDb, mongoose } from "../database/mongoose";
-import { Role, UserStatus } from "@/lib/auth/auth-constants";
-import { envVars } from "@/lib/env";
-import { mongodbAdapter } from "better-auth/adapters/mongodb";
-{{/if}}
 
 {{#if database == "mongoose"}}
 await mongoose();
@@ -133,20 +119,14 @@ export const auth = betterAuth({
             return;
           }
 
-          if (user && user.role === Role.SUPER_ADMIN) {
-            console.log(
-              `User with email ${email} is a super admin. Skipping sending verification OTP.`,
-            );
-            return;
-          }
-
           if (user && !user.emailVerified) {
             sendEmail({
               to: email,
               subject: "Verify your email",
               templateName: "otp",
               templateData: {
-                name: user.name,
+                userName: user.name,
+                appName: envVars.APP_NAME as string,
                 otp,
               },
             });
@@ -169,14 +149,15 @@ export const auth = betterAuth({
               subject: "Password Reset OTP",
               templateName: "otp",
               templateData: {
-                name: user.name,
+                userName: user.name,
+                appName: envVars.APP_NAME as string,
                 otp,
               },
             });
           }
         }
       },
-      expiresIn: 2 * 60, // 2 minutes in seconds
+      expiresIn: 5 * 60, // 5 minutes in seconds
       otpLength: 6,
     }),
   ],
@@ -192,20 +173,20 @@ export const auth = betterAuth({
     signIn: `${envVars.BETTER_AUTH_URL}/api/v1/auth/google/success`,
   },
   advanced: {
-    useSecureCookies: false,
+    useSecureCookies: envVars.NODE_ENV === "production",
     cookies: {
       state: {
         attributes: {
-          sameSite: "none",
-          secure: true,
+          sameSite: envVars.NODE_ENV === "production" ? "none" : "lax",
+          secure: envVars.NODE_ENV === "production",
           httpOnly: true,
           path: "/",
         },
       },
       sessionToken: {
         attributes: {
-          sameSite: "none",
-          secure: true,
+          sameSite: envVars.NODE_ENV === "production" ? "none" : "lax",
+          secure: envVars.NODE_ENV === "production",
           httpOnly: true,
           path: "/",
         },