nextjs-django-client
Version:
A comprehensive, type-safe SDK for seamlessly integrating Next.js 15+ applications with Django REST Framework backends
1,649 lines (1,626 loc) • 78.8 kB
TypeScript
import * as react_jsx_runtime from 'react/jsx-runtime';
import React, { ReactNode } from 'react';
interface RequestOptions {
headers?: Record<string, string>;
timeout?: number;
signal?: AbortSignal;
params?: Record<string, string | number | boolean>;
retries?: number;
retryDelay?: number;
}
interface UploadOptions extends RequestOptions {
onProgress?: (progress: ProgressEvent) => void;
}
interface DownloadOptions extends RequestOptions {
onProgress?: (progress: ProgressEvent) => void;
responseType?: 'blob' | 'arraybuffer' | 'text';
}
interface StreamOptions extends RequestOptions {
delimiter?: string;
}
interface BatchRequest {
method: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
endpoint: string;
data?: unknown;
options?: RequestOptions;
}
interface BatchResponse<T = unknown> {
success: boolean;
data?: T;
error?: Error;
status: number;
}
interface ApiResponse<T = unknown> {
data: T;
status: number;
statusText: string;
headers: Record<string, string>;
}
interface ApiError extends Error {
status?: number;
statusText?: string;
response?: {
data?: unknown;
status: number;
statusText: string;
headers: Record<string, string>;
};
}
interface HttpClientConfig {
baseURL: string;
timeout?: number;
defaultHeaders?: Record<string, string>;
retries?: number;
retryDelay?: number;
}
type HttpMethod = 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE' | 'HEAD' | 'OPTIONS';
interface RequestConfig extends RequestOptions {
method: HttpMethod;
url: string;
data?: unknown;
baseURL?: string;
}
interface Interceptor {
request?: (config: RequestConfig) => RequestConfig | Promise<RequestConfig>;
response?: (response: Response) => Response | Promise<Response>;
error?: (error: Error) => Error | Promise<Error>;
}
interface AuthInterceptorConfig {
getAccessToken: () => string | null;
getCsrfToken?: () => string | null;
refreshToken: () => Promise<string>;
onAuthError?: (error: Error) => void;
tokenPrefix?: string;
csrfHeaderName?: string;
}
declare class ApiClient {
private baseURL;
private defaultHeaders;
private timeout;
private interceptors;
constructor(config: HttpClientConfig);
/**
* GET request
*/
get<T>(endpoint: string, options?: RequestOptions): Promise<T>;
/**
* POST request
*/
post<T>(endpoint: string, data?: unknown, options?: RequestOptions): Promise<T>;
/**
* PUT request
*/
put<T>(endpoint: string, data?: unknown, options?: RequestOptions): Promise<T>;
/**
* PATCH request
*/
patch<T>(endpoint: string, data?: unknown, options?: RequestOptions): Promise<T>;
/**
* DELETE request
*/
delete<T>(endpoint: string, options?: RequestOptions): Promise<T>;
/**
* File upload with progress tracking
*/
upload<T>(endpoint: string, file: File | FormData, options?: UploadOptions): Promise<T>;
/**
* File download with progress tracking
*/
download(endpoint: string, options?: DownloadOptions): Promise<Blob>;
/**
* Batch requests
*/
batch(requests: BatchRequest[]): Promise<BatchResponse[]>;
/**
* Stream data (placeholder for future implementation)
*/
stream<T>(endpoint: string, options?: StreamOptions): AsyncGenerator<T>;
/**
* Set base URL
*/
setBaseURL(url: string): void;
/**
* Set default headers
*/
setDefaultHeaders(headers: Record<string, string>): void;
/**
* Add an interceptor
*/
addInterceptor(interceptor: Interceptor): number;
/**
* Remove an interceptor by index
*/
removeInterceptor(index: number): void;
/**
* Clear all interceptors
*/
clearInterceptors(): void;
/**
* Core request method
*/
private request;
private buildURL;
private buildHeaders;
private buildBody;
private executeRequest;
private handleResponse;
private createApiError;
private handleError;
}
interface AuthEndpoints {
login: string;
refresh: string;
logout: string;
user: string;
register?: string;
passwordReset?: string;
passwordResetConfirm?: string;
emailVerification?: string;
changePassword?: string;
}
interface AuthFieldMapping {
username: string;
password: string;
email?: string;
firstName?: string;
lastName?: string;
confirmPassword?: string;
refreshToken?: string;
}
interface AuthResponseMapping {
user: string;
accessToken: string;
refreshToken: string;
permissions?: string;
roles?: string;
}
type AuthProvider$1 = 'django-rest-framework' | 'django-allauth' | 'custom' | 'firebase' | 'auth0' | 'supabase';
interface TokenStorageConfig {
type?: 'cookie' | 'localStorage' | 'sessionStorage';
secure?: boolean;
sameSite?: 'strict' | 'lax' | 'none';
domain?: string;
path?: string;
maxAge?: number;
prefix?: string;
}
interface AutoRefreshConfig {
enabled?: boolean;
threshold?: number;
maxRetries?: number;
retryDelay?: number;
}
interface AuthConfig {
provider?: AuthProvider$1;
endpoints?: Partial<AuthEndpoints>;
baseAuthURL?: string;
fieldMapping?: Partial<AuthFieldMapping>;
responseMapping?: Partial<AuthResponseMapping>;
fieldMappings?: Partial<AuthFieldMapping & AuthResponseMapping>;
useEmailAsUsername?: boolean;
tokenPrefix?: string;
accessTokenLifetime?: number;
refreshTokenLifetime?: number;
tokenStorage?: TokenStorageConfig;
autoRefresh?: boolean | AutoRefreshConfig;
refreshThreshold?: number;
maxRefreshRetries?: number;
refreshRetryDelay?: number;
csrfEnabled?: boolean;
secureTokens?: boolean;
validateUser?: (user: unknown) => boolean;
transformUser?: (user: unknown) => unknown;
loginEndpoint?: string;
refreshEndpoint?: string;
logoutEndpoint?: string;
userEndpoint?: string;
usernameField?: string;
passwordField?: string;
auth0?: {
domain: string;
clientId: string;
audience?: string;
scope?: string;
};
supabase?: {
projectUrl: string;
anonKey: string;
};
}
interface LoginCredentials {
username?: string;
email?: string;
password: string;
}
interface User$1 {
id: string | number;
username: string;
email: string;
first_name?: string;
last_name?: string;
is_active?: boolean;
is_staff?: boolean;
is_superuser?: boolean;
date_joined?: string;
last_login?: string;
[key: string]: unknown;
}
interface AuthTokens$1 {
access: string;
refresh: string;
}
interface AuthState {
user: User$1 | null;
tokens: AuthTokens$1 | null;
isAuthenticated: boolean;
isLoading: boolean;
error: string | null;
}
interface UseAuthOptions$1 {
autoRefresh?: boolean;
refreshThreshold?: number;
onAuthError?: (error: Error) => void;
onTokenRefresh?: (newToken: string) => void;
}
interface UseAuthReturn$1<TUser = User$1> {
user: TUser | null;
isAuthenticated: boolean;
isLoading: boolean;
login: (credentials: LoginCredentials) => Promise<void>;
logout: () => Promise<void>;
refresh: () => Promise<void>;
updateUser: (userData: Partial<TUser>) => Promise<void>;
serverAccessToken: string | null;
tokenExpiryTime: number;
isRefreshing: boolean;
lastError: Error | null;
clearError: () => void;
checkTokenExpiry: () => boolean;
forceRefresh: () => Promise<void>;
}
interface AuthProviderProps {
children: ReactNode;
apiClient: ApiClient;
config?: Partial<AuthConfig>;
}
/**
* Authentication Provider Component
*/
declare function AuthProvider({ children, apiClient, config }: AuthProviderProps): react_jsx_runtime.JSX.Element;
interface AuthError {
type: 'login' | 'refresh' | 'logout' | 'network' | 'unknown';
message: string;
code?: string | number;
timestamp: number;
retryable: boolean;
}
interface UseAuthErrorOptions {
autoRetry?: boolean;
maxRetries?: number;
retryDelay?: number;
onError?: (error: AuthError) => void;
onRetry?: (attempt: number) => void;
}
/**
* Hook for managing authentication errors with retry logic
*/
declare function useAuthError(options?: UseAuthErrorOptions): {
errors: AuthError[];
latestError: AuthError;
hasErrors: boolean;
isRetrying: boolean;
retryCount: number;
canRetry: boolean;
addError: (error: Error, type?: AuthError["type"]) => AuthError;
addLoginError: (error: Error) => AuthError;
addRefreshError: (error: Error) => AuthError;
addLogoutError: (error: Error) => AuthError;
addNetworkError: (error: Error) => AuthError;
clearErrors: () => void;
clearError: (timestamp: number) => void;
retry: (retryFn?: () => Promise<void>) => Promise<boolean>;
};
/**
* Hook for displaying user-friendly error messages
*/
declare function useAuthErrorMessages(): {
getErrorMessage: (error: AuthError) => string;
getErrorTitle: (error: AuthError) => string;
getErrorSeverity: (error: AuthError) => "error" | "warning" | "info";
};
interface UseAuthOptions {
autoRefresh?: boolean | AutoRefreshConfig;
refreshThreshold?: number;
onAuthError?: (error: AuthError) => void;
onTokenRefresh?: (newToken: string) => void;
}
interface UseAuthReturn<TUser = User$1> {
user: TUser | null;
isAuthenticated: boolean;
isLoading: boolean;
login: (credentials: LoginCredentials) => Promise<void>;
logout: () => Promise<void>;
refresh: () => Promise<void>;
updateUser: (userData: Partial<TUser>) => Promise<void>;
serverAccessToken: string | null;
tokenExpiryTime: number;
isRefreshing: boolean;
error: AuthError | null;
lastError: AuthError | null;
clearError: () => void;
checkTokenExpiry: () => boolean;
forceRefresh: () => Promise<void>;
}
/**
* Enhanced useAuth hook with auto-refresh and better error handling
*/
declare function useAuth<TUser = User$1>(options?: UseAuthOptions): UseAuthReturn<TUser>;
/**
* Simple useAuth hook for basic usage (backward compatibility)
*/
declare function useSimpleAuth<TUser = User$1>(): {
user: TUser | null;
isAuthenticated: boolean;
isLoading: boolean;
login: (credentials: LoginCredentials) => Promise<void>;
logout: () => Promise<void>;
refresh: () => Promise<void>;
updateUser: (userData: Partial<TUser>) => Promise<void>;
serverAccessToken: string | null;
error: AuthError | null;
clearError: () => void;
};
interface AuthStatus {
isAuthenticated: boolean;
isLoading: boolean;
hasValidToken: boolean;
tokenExpiresIn: number;
needsRefresh: boolean;
}
interface UseAuthStatusOptions {
refreshThreshold?: number;
pollInterval?: number;
}
/**
* Hook for monitoring authentication status and token health
*/
declare function useAuthStatus(options?: UseAuthStatusOptions): AuthStatus;
/**
* Hook for checking if user has specific permissions
*/
declare function useAuthPermissions(requiredPermissions?: string[]): {
hasPermission: (permission: string) => boolean;
hasAllPermissions: () => boolean;
hasAnyPermission: () => boolean;
isAuthorized: boolean;
};
/**
* Hook for handling authentication redirects
*/
declare function useAuthRedirect(redirectTo?: string): {
shouldRedirect: boolean;
redirect: () => void;
};
/**
* Permission represents a specific action that can be performed
*/
interface Permission {
id: string;
name: string;
description?: string;
resource?: string;
action?: string;
conditions?: Record<string, any>;
}
/**
* Role represents a collection of permissions
*/
interface Role {
id: string;
name: string;
description?: string;
permissions: Permission[];
isDefault?: boolean;
priority?: number;
}
/**
* User with RBAC information
*/
interface RBACUser {
id: string | number;
username: string;
email: string;
roles: Role[];
permissions: Permission[];
isActive?: boolean;
isSuperuser?: boolean;
}
/**
* Permission check context
*/
interface PermissionContext {
user: RBACUser;
resource?: string;
resourceId?: string | number;
action?: string;
data?: Record<string, any>;
}
/**
* RBAC configuration
*/
interface RBACConfig {
strategy?: 'permissive' | 'restrictive';
superuserBypassesRBAC?: boolean;
enableRoleHierarchy?: boolean;
inheritPermissions?: boolean;
customEvaluators?: Record<string, PermissionEvaluator>;
enableCaching?: boolean;
cacheTTL?: number;
}
/**
* RBAC hook options
*/
interface UseRBACOptions$1 {
rbacManager?: RBACManager;
autoConvertUser?: boolean;
enableCaching?: boolean;
onPermissionDenied?: (permission: string, user: RBACUser) => void;
}
/**
* Custom permission evaluator function
*/
type PermissionEvaluator = (permission: Permission, context: PermissionContext) => boolean | Promise<boolean>;
/**
* Permission query builder
*/
interface PermissionQuery {
resource?: string;
action?: string;
conditions?: Record<string, any>;
}
/**
* RBAC events
*/
type RBACEvent = {
type: 'role_assigned';
userId: string | number;
roleId: string;
} | {
type: 'role_revoked';
userId: string | number;
roleId: string;
} | {
type: 'permission_granted';
userId: string | number;
permissionId: string;
} | {
type: 'permission_revoked';
userId: string | number;
permissionId: string;
} | {
type: 'permission_checked';
userId: string | number;
permission: string;
granted: boolean;
};
/**
* RBAC event handler
*/
type RBACEventHandler = (event: RBACEvent) => void | Promise<void>;
/**
* Permission string format: resource:action or just action
* Examples: 'users:read', 'posts:write', 'admin', 'delete'
*/
type PermissionString = string;
/**
* Role string format
*/
type RoleString = string;
/**
* Utility type for permission checks
*/
type PermissionCheck = PermissionString | Permission | PermissionQuery | PermissionString[] | Permission[] | PermissionQuery[];
/**
* RBAC manager interface
*/
interface RBACManager {
hasPermission(user: RBACUser, permission: PermissionCheck, context?: Partial<PermissionContext>): Promise<boolean>;
hasAnyPermission(user: RBACUser, permissions: PermissionCheck[], context?: Partial<PermissionContext>): Promise<boolean>;
hasAllPermissions(user: RBACUser, permissions: PermissionCheck[], context?: Partial<PermissionContext>): Promise<boolean>;
hasRole(user: RBACUser, role: RoleString | Role): boolean;
hasAnyRole(user: RBACUser, roles: (RoleString | Role)[]): boolean;
hasAllRoles(user: RBACUser, roles: (RoleString | Role)[]): boolean;
grantPermission(userId: string | number, permission: PermissionString | Permission): Promise<void>;
revokePermission(userId: string | number, permission: PermissionString | Permission): Promise<void>;
assignRole(userId: string | number, role: RoleString | Role): Promise<void>;
revokeRole(userId: string | number, role: RoleString | Role): Promise<void>;
getUserPermissions(user: RBACUser): Permission[];
getUserRoles(user: RBACUser): Role[];
on(event: RBACEvent['type'], handler: RBACEventHandler): void;
off(event: RBACEvent['type'], handler: RBACEventHandler): void;
}
/**
* Supported social login providers
*/
type SocialProvider = 'google' | 'github' | 'facebook' | 'twitter' | 'linkedin' | 'microsoft' | 'apple' | 'discord' | 'custom';
/**
* OAuth2 flow types
*/
type OAuth2Flow = 'authorization_code' | 'implicit' | 'pkce';
/**
* Social login configuration for a provider
*/
interface SocialProviderConfig {
provider: SocialProvider;
clientId: string;
clientSecret?: string;
authorizationUrl: string;
tokenUrl: string;
userInfoUrl: string;
revokeUrl?: string;
flow: OAuth2Flow;
scopes: string[];
redirectUri: string;
usePKCE?: boolean;
codeChallenge?: string;
codeChallengeMethod?: 'S256' | 'plain';
additionalParams?: Record<string, string>;
responseType?: 'code' | 'token';
responseMode?: 'query' | 'fragment' | 'form_post';
userFieldMapping?: {
id?: string;
email?: string;
name?: string;
firstName?: string;
lastName?: string;
avatar?: string;
username?: string;
};
}
/**
* Social login state for OAuth2 flow
*/
interface SocialLoginState {
provider: SocialProvider;
state: string;
codeVerifier?: string;
redirectUri: string;
scopes: string[];
timestamp: number;
}
/**
* OAuth2 authorization response
*/
interface OAuth2AuthResponse {
code?: string;
state?: string;
error?: string;
error_description?: string;
access_token?: string;
token_type?: string;
expires_in?: number;
scope?: string;
}
/**
* OAuth2 token response
*/
interface OAuth2TokenResponse {
access_token: string;
token_type: string;
expires_in?: number;
refresh_token?: string;
scope?: string;
id_token?: string;
}
/**
* Social user profile data
*/
interface SocialUserProfile {
id: string;
email?: string;
name?: string;
firstName?: string;
lastName?: string;
username?: string;
avatar?: string;
provider: SocialProvider;
providerData: Record<string, any>;
}
/**
* Social login result
*/
interface SocialLoginResult {
success: boolean;
user?: SocialUserProfile;
tokens?: OAuth2TokenResponse;
error?: string;
provider: SocialProvider;
}
/**
* Social login manager configuration
*/
interface SocialLoginConfig {
providers: Record<SocialProvider, SocialProviderConfig>;
defaultFlow?: OAuth2Flow;
defaultScopes?: string[];
enableStateValidation?: boolean;
stateStorageKey?: string;
popupWidth?: number;
popupHeight?: number;
popupFeatures?: string;
usePopup?: boolean;
redirectTimeout?: number;
onSuccess?: (result: SocialLoginResult) => void | Promise<void>;
onError?: (error: string, provider: SocialProvider) => void;
onCancel?: (provider: SocialProvider) => void;
}
/**
* Social login manager interface
*/
interface SocialLoginManager {
configure(config: Partial<SocialLoginConfig>): void;
addProvider(provider: SocialProvider, config: SocialProviderConfig): void;
removeProvider(provider: SocialProvider): void;
login(provider: SocialProvider, options?: SocialLoginOptions): Promise<SocialLoginResult>;
logout(provider: SocialProvider): Promise<void>;
refreshToken(provider: SocialProvider, refreshToken: string): Promise<OAuth2TokenResponse>;
revokeToken(provider: SocialProvider, token: string): Promise<void>;
getUserProfile(provider: SocialProvider, accessToken: string): Promise<SocialUserProfile>;
getAuthorizationUrl(provider: SocialProvider, options?: SocialLoginOptions): string;
handleCallback(provider: SocialProvider, response: OAuth2AuthResponse): Promise<SocialLoginResult>;
saveState(state: SocialLoginState): void;
getState(stateId: string): SocialLoginState | null;
clearState(stateId: string): void;
}
/**
* Social login options
*/
interface SocialLoginOptions {
scopes?: string[];
additionalParams?: Record<string, string>;
usePopup?: boolean;
redirectUri?: string;
state?: string;
}
/**
* Social login hook options
*/
interface UseSocialLoginOptions$1 {
manager?: SocialLoginManager;
config?: Partial<SocialLoginConfig>;
onSuccess?: (result: SocialLoginResult) => void | Promise<void>;
onError?: (error: string, provider: SocialProvider) => void;
onCancel?: (provider: SocialProvider) => void;
}
/**
* Social login events
*/
type SocialLoginEvent = {
type: 'login_started';
provider: SocialProvider;
} | {
type: 'login_success';
provider: SocialProvider;
user: SocialUserProfile;
} | {
type: 'login_error';
provider: SocialProvider;
error: string;
} | {
type: 'login_cancelled';
provider: SocialProvider;
} | {
type: 'token_refreshed';
provider: SocialProvider;
tokens: OAuth2TokenResponse;
} | {
type: 'logout';
provider: SocialProvider;
};
/**
* Social login event handler
*/
type SocialLoginEventHandler = (event: SocialLoginEvent) => void | Promise<void>;
/**
* Endpoint configuration manager
*/
declare class EndpointManager {
private provider;
private baseURL;
private endpoints;
private fieldMapping;
private responseMapping;
constructor(provider?: AuthProvider$1, baseURL?: string, customEndpoints?: Partial<AuthEndpoints>, customFieldMapping?: Partial<AuthFieldMapping>, customResponseMapping?: Partial<AuthResponseMapping>);
/**
* Get full URL for an endpoint
*/
getEndpointURL(endpoint: keyof AuthEndpoints): string;
/**
* Get field name for a logical field
*/
getFieldName(field: keyof AuthFieldMapping): string;
/**
* Get response field path for a logical field
*/
getResponseField(field: keyof AuthResponseMapping): string;
/**
* Extract value from response using configured mapping
*/
extractFromResponse(response: any, field: keyof AuthResponseMapping): any;
/**
* Map request data using field mapping
*/
mapRequestData(data: Record<string, any>): Record<string, any>;
/**
* Get all configured endpoints
*/
getAllEndpoints(): AuthEndpoints;
/**
* Update endpoint configuration
*/
updateEndpoints(updates: Partial<AuthEndpoints>): void;
/**
* Update field mapping
*/
updateFieldMapping(updates: Partial<AuthFieldMapping>): void;
/**
* Update response mapping
*/
updateResponseMapping(updates: Partial<AuthResponseMapping>): void;
/**
* Get provider information
*/
getProvider(): AuthProvider$1;
/**
* Helper to get nested value from object using dot notation
*/
private getNestedValue;
}
/**
* Advanced auth hook options
*/
interface UseAdvancedAuthOptions {
authConfig?: Partial<AuthConfig>;
rbacOptions?: UseRBACOptions$1;
socialOptions?: UseSocialLoginOptions$1;
enableRBAC?: boolean;
enableSocialLogin?: boolean;
enableEndpointManagement?: boolean;
onLogin?: (user: User$1, tokens: AuthTokens$1) => void;
onLogout?: () => void;
onSocialLogin?: (result: SocialLoginResult) => void;
onPermissionDenied?: (permission: string, user: RBACUser) => void;
onError?: (error: AuthError, context: string) => void;
}
/**
* Advanced auth hook return type
*/
interface UseAdvancedAuthReturn {
user: User$1 | null;
isAuthenticated: boolean;
isLoading: boolean;
login: (credentials: LoginCredentials) => Promise<void>;
logout: () => Promise<void>;
refresh: () => Promise<void>;
rbacUser: RBACUser | null;
permissions: Permission[];
roles: Role[];
hasPermission: (permission: PermissionCheck, context?: Partial<PermissionContext>) => Promise<boolean>;
hasRole: (role: RoleString | Role) => boolean;
socialLogin: (provider: SocialProvider, options?: SocialLoginOptions) => Promise<SocialLoginResult>;
socialLogout: (provider: SocialProvider) => Promise<void>;
endpointManager: EndpointManager | null;
updateEndpoints: (updates: Partial<AuthConfig>) => void;
error: AuthError | null;
lastSocialResult: SocialLoginResult | null;
clearError: () => void;
isFeatureEnabled: (feature: 'rbac' | 'social' | 'endpoints') => boolean;
}
/**
* Advanced authentication hook that combines all auth features
*/
declare function useAdvancedAuth(options?: UseAdvancedAuthOptions): UseAdvancedAuthReturn;
/**
* Hook for authentication with automatic feature detection
*/
declare function useSmartAuth(config?: Partial<AuthConfig>): UseAdvancedAuthReturn;
/**
* Advanced auth context type
*/
interface AdvancedAuthContextType extends UseAdvancedAuthReturn {
config: AdvancedAuthConfig;
updateConfig: (updates: Partial<AdvancedAuthConfig>) => void;
}
/**
* Advanced auth configuration
*/
interface AdvancedAuthConfig {
auth?: Partial<AuthConfig>;
rbac?: Partial<RBACConfig>;
social?: Partial<SocialLoginConfig>;
features?: {
rbac?: boolean;
socialLogin?: boolean;
endpointManagement?: boolean;
};
ui?: {
theme?: 'light' | 'dark' | 'auto';
showDebugInfo?: boolean;
errorDisplayMode?: 'toast' | 'inline' | 'console';
};
}
/**
* Advanced auth provider props
*/
interface AdvancedAuthProviderProps {
children: ReactNode;
apiClient: ApiClient;
config?: AdvancedAuthConfig;
onConfigChange?: (config: AdvancedAuthConfig) => void;
}
/**
* Advanced authentication provider that combines all auth features
*/
declare function AdvancedAuthProvider({ children, apiClient, config: initialConfig, onConfigChange, }: AdvancedAuthProviderProps): react_jsx_runtime.JSX.Element;
/**
* Hook to use the advanced auth context
*/
declare function useAdvancedAuthContext(): AdvancedAuthContextType;
/**
* HOC for advanced auth protection
*/
declare function withAdvancedAuth<P extends object>(Component: React.ComponentType<P>, options?: {
requireAuth?: boolean;
requiredPermissions?: string[];
requiredRoles?: string[];
fallback?: ReactNode;
onAccessDenied?: () => void;
}): (props: P) => react_jsx_runtime.JSX.Element;
/**
* Debug component for advanced auth
*/
declare function AdvancedAuthDebug(): react_jsx_runtime.JSX.Element | null;
/**
* Utility component for feature-based rendering
*/
interface FeatureGateProps {
feature: 'rbac' | 'social' | 'endpoints';
children: ReactNode;
fallback?: ReactNode;
}
declare function FeatureGate({ feature, children, fallback }: FeatureGateProps): react_jsx_runtime.JSX.Element;
/**
* Quick setup configurations
*/
declare const AdvancedAuthConfigs: {
/**
* Full-featured configuration with all features enabled
*/
full: () => AdvancedAuthConfig;
/**
* Basic configuration with only core auth
*/
basic: () => AdvancedAuthConfig;
/**
* RBAC-only configuration
*/
rbacOnly: () => AdvancedAuthConfig;
/**
* Social login only configuration
*/
socialOnly: () => AdvancedAuthConfig;
};
/**
* RBAC hook options
*/
interface UseRBACOptions {
rbacManager?: RBACManager;
autoConvertUser?: boolean;
enableCaching?: boolean;
onPermissionDenied?: (permission: string, user: RBACUser) => void;
}
/**
* RBAC hook return type
*/
interface UseRBACReturn {
rbacUser: RBACUser | null;
permissions: Permission[];
roles: Role[];
hasPermission: (permission: PermissionCheck, context?: Partial<PermissionContext>) => Promise<boolean>;
hasAnyPermission: (permissions: PermissionCheck[], context?: Partial<PermissionContext>) => Promise<boolean>;
hasAllPermissions: (permissions: PermissionCheck[], context?: Partial<PermissionContext>) => Promise<boolean>;
hasRole: (role: RoleString | Role) => boolean;
hasAnyRole: (roles: (RoleString | Role)[]) => boolean;
hasAllRoles: (roles: (RoleString | Role)[]) => boolean;
grantPermission: (permission: string | Permission) => Promise<void>;
revokePermission: (permission: string | Permission) => Promise<void>;
assignRole: (role: string | Role) => Promise<void>;
revokeRole: (role: string | Role) => Promise<void>;
isLoading: boolean;
error: Error | null;
refresh: () => Promise<void>;
}
/**
* Main RBAC hook
*/
declare function useRBAC(options?: UseRBACOptions): UseRBACReturn;
/**
* Hook for checking a specific permission
*/
declare function usePermission(permission: PermissionCheck, context?: Partial<PermissionContext>, options?: UseRBACOptions): {
hasPermission: boolean;
isChecking: boolean;
rbacUser: RBACUser | null;
error: Error | null;
};
/**
* Hook for checking a specific role
*/
declare function useRole(role: RoleString | Role, options?: UseRBACOptions): {
hasRole: boolean;
rbacUser: RBACUser | null;
roles: Role[];
error: Error | null;
};
/**
* Hook for admin-level access checking
*/
declare function useAdminAccess(options?: UseRBACOptions): {
isAdmin: boolean;
isSuperuser: boolean;
rbacUser: RBACUser | null;
error: Error | null;
};
/**
* Default RBAC Manager implementation
*/
declare class DefaultRBACManager implements RBACManager {
private config;
private permissionCache;
private eventHandlers;
constructor(config?: Partial<RBACConfig>);
/**
* Check if user has a specific permission
*/
hasPermission(user: RBACUser, permission: PermissionCheck, context?: Partial<PermissionContext>): Promise<boolean>;
/**
* Check if user has any of the specified permissions
*/
hasAnyPermission(user: RBACUser, permissions: PermissionCheck[], context?: Partial<PermissionContext>): Promise<boolean>;
/**
* Check if user has all of the specified permissions
*/
hasAllPermissions(user: RBACUser, permissions: PermissionCheck[], context?: Partial<PermissionContext>): Promise<boolean>;
/**
* Check if user has a specific role
*/
hasRole(user: RBACUser, role: RoleString | Role): boolean;
/**
* Check if user has any of the specified roles
*/
hasAnyRole(user: RBACUser, roles: (RoleString | Role)[]): boolean;
/**
* Check if user has all of the specified roles
*/
hasAllRoles(user: RBACUser, roles: (RoleString | Role)[]): boolean;
/**
* Grant permission to user (placeholder - would typically interact with backend)
*/
grantPermission(userId: string | number, permission: PermissionString | Permission): Promise<void>;
/**
* Revoke permission from user (placeholder - would typically interact with backend)
*/
revokePermission(userId: string | number, permission: PermissionString | Permission): Promise<void>;
/**
* Assign role to user (placeholder - would typically interact with backend)
*/
assignRole(userId: string | number, role: RoleString | Role): Promise<void>;
/**
* Revoke role from user (placeholder - would typically interact with backend)
*/
revokeRole(userId: string | number, role: RoleString | Role): Promise<void>;
/**
* Get all permissions for a user (from roles and direct permissions)
*/
getUserPermissions(user: RBACUser): Permission[];
/**
* Get all roles for a user
*/
getUserRoles(user: RBACUser): Role[];
/**
* Add event listener
*/
on(event: RBACEvent['type'], handler: RBACEventHandler): void;
/**
* Remove event listener
*/
off(event: RBACEvent['type'], handler: RBACEventHandler): void;
/**
* Check a single permission
*/
private checkSinglePermission;
/**
* Evaluate a permission against user's permissions and roles
*/
private evaluatePermission;
/**
* Check if a user permission matches the required permission
*/
private matchesPermission;
/**
* Check if permission conditions match
*/
private matchesConditions;
/**
* Normalize permission to query format
*/
private normalizePermission;
/**
* Generate cache key for permission check
*/
private getCacheKey;
/**
* Convert permission to string representation
*/
private stringifyPermission;
/**
* Emit RBAC event
*/
private emitEvent;
}
/**
* Create a permission object from string or partial permission
*/
declare function createPermission(input: PermissionString | Partial<Permission>, defaults?: Partial<Permission>): Permission;
/**
* Create a role object from string or partial role
*/
declare function createRole(input: RoleString | Partial<Role>, permissions?: (PermissionString | Permission)[], defaults?: Partial<Role>): Role;
/**
* Create an RBAC user from basic user data
*/
declare function createRBACUser(userData: {
id: string | number;
username: string;
email: string;
isActive?: boolean;
isSuperuser?: boolean;
}, roles?: (RoleString | Role)[], permissions?: (PermissionString | Permission)[]): RBACUser;
/**
* Predefined common permissions
*/
declare const CommonPermissions: {
create: (resource: string) => Permission;
read: (resource: string) => Permission;
update: (resource: string) => Permission;
delete: (resource: string) => Permission;
admin: (resource?: string) => Permission;
manage: (resource: string) => Permission;
viewProfile: () => Permission;
editProfile: () => Permission;
changePassword: () => Permission;
viewLogs: () => Permission;
manageUsers: () => Permission;
manageRoles: () => Permission;
systemConfig: () => Permission;
};
/**
* Predefined common roles
*/
declare const CommonRoles: {
admin: () => Role;
moderator: () => Role;
user: () => Role;
guest: () => Role;
owner: (resource: string) => Role;
editor: (resource: string) => Role;
viewer: (resource: string) => Role;
};
/**
* Permission string builders
*/
declare const PermissionBuilder: {
/**
* Build CRUD permissions for a resource
*/
crud: (resource: string) => Permission[];
/**
* Build management permissions for a resource
*/
manage: (resource: string) => Permission[];
/**
* Build read-only permissions for a resource
*/
readOnly: (resource: string) => Permission[];
/**
* Build custom permission set
*/
custom: (resource: string, actions: string[]) => Permission[];
};
/**
* Role hierarchy utilities
*/
declare const RoleHierarchy: {
/**
* Check if role A inherits from role B
*/
inherits: (roleA: Role, roleB: Role) => boolean;
/**
* Get effective permissions considering role hierarchy
*/
getEffectivePermissions: (roles: Role[]) => Permission[];
};
/**
* Permission validation utilities
*/
declare const PermissionValidator: {
/**
* Validate permission format
*/
isValidPermission: (permission: any) => permission is Permission;
/**
* Validate role format
*/
isValidRole: (role: any) => role is Role;
/**
* Validate RBAC user format
*/
isValidRBACUser: (user: any) => user is RBACUser;
};
/**
* Permission comparison utilities
*/
declare const PermissionComparator: {
/**
* Check if two permissions are equal
*/
equals: (a: Permission, b: Permission) => boolean;
/**
* Check if permission A includes permission B (A is broader than B)
*/
includes: (a: Permission, b: Permission) => boolean;
/**
* Find overlapping permissions between two sets
*/
findOverlap: (setA: Permission[], setB: Permission[]) => Permission[];
};
/**
* Utility to convert legacy user to RBAC user
*/
declare function convertToRBACUser(user: any, roleMapping?: Record<string, Role>, permissionMapping?: Record<string, Permission>): RBACUser;
/**
* Social login hook options
*/
interface UseSocialLoginOptions {
manager?: SocialLoginManager;
config?: Partial<SocialLoginConfig>;
onSuccess?: (result: SocialLoginResult) => void | Promise<void>;
onError?: (error: string, provider: SocialProvider) => void;
onCancel?: (provider: SocialProvider) => void;
}
/**
* Social login hook return type
*/
interface UseSocialLoginReturn {
login: (provider: SocialProvider, options?: SocialLoginOptions) => Promise<SocialLoginResult>;
logout: (provider: SocialProvider) => Promise<void>;
isLoading: boolean;
error: string | null;
lastResult: SocialLoginResult | null;
addProvider: (provider: SocialProvider, config: any) => void;
removeProvider: (provider: SocialProvider) => void;
getAuthUrl: (provider: SocialProvider, options?: SocialLoginOptions) => string;
handleCallback: (provider: SocialProvider, response: any) => Promise<SocialLoginResult>;
manager: SocialLoginManager;
}
/**
* Main social login hook
*/
declare function useSocialLogin(options?: UseSocialLoginOptions): UseSocialLoginReturn;
/**
* Hook for a specific social provider
*/
declare function useSocialProvider(provider: SocialProvider, options?: UseSocialLoginOptions): {
login: (loginOptions?: SocialLoginOptions) => Promise<SocialLoginResult>;
logout: () => Promise<void>;
getAuthUrl: (loginOptions?: SocialLoginOptions) => string;
isLoading: boolean;
error: string | null;
result: SocialLoginResult | null;
manager: SocialLoginManager;
};
/**
* Hook for Google login
*/
declare function useGoogleLogin(options?: UseSocialLoginOptions): {
login: (loginOptions?: SocialLoginOptions) => Promise<SocialLoginResult>;
logout: () => Promise<void>;
getAuthUrl: (loginOptions?: SocialLoginOptions) => string;
isLoading: boolean;
error: string | null;
result: SocialLoginResult | null;
manager: SocialLoginManager;
};
/**
* Hook for GitHub login
*/
declare function useGitHubLogin(options?: UseSocialLoginOptions): {
login: (loginOptions?: SocialLoginOptions) => Promise<SocialLoginResult>;
logout: () => Promise<void>;
getAuthUrl: (loginOptions?: SocialLoginOptions) => string;
isLoading: boolean;
error: string | null;
result: SocialLoginResult | null;
manager: SocialLoginManager;
};
/**
* Hook for Facebook login
*/
declare function useFacebookLogin(options?: UseSocialLoginOptions): {
login: (loginOptions?: SocialLoginOptions) => Promise<SocialLoginResult>;
logout: () => Promise<void>;
getAuthUrl: (loginOptions?: SocialLoginOptions) => string;
isLoading: boolean;
error: string | null;
result: SocialLoginResult | null;
manager: SocialLoginManager;
};
/**
* Hook for Twitter login
*/
declare function useTwitterLogin(options?: UseSocialLoginOptions): {
login: (loginOptions?: SocialLoginOptions) => Promise<SocialLoginResult>;
logout: () => Promise<void>;
getAuthUrl: (loginOptions?: SocialLoginOptions) => string;
isLoading: boolean;
error: string | null;
result: SocialLoginResult | null;
manager: SocialLoginManager;
};
/**
* Hook for LinkedIn login
*/
declare function useLinkedInLogin(options?: UseSocialLoginOptions): {
login: (loginOptions?: SocialLoginOptions) => Promise<SocialLoginResult>;
logout: () => Promise<void>;
getAuthUrl: (loginOptions?: SocialLoginOptions) => string;
isLoading: boolean;
error: string | null;
result: SocialLoginResult | null;
manager: SocialLoginManager;
};
/**
* Hook for Microsoft login
*/
declare function useMicrosoftLogin(options?: UseSocialLoginOptions): {
login: (loginOptions?: SocialLoginOptions) => Promise<SocialLoginResult>;
logout: () => Promise<void>;
getAuthUrl: (loginOptions?: SocialLoginOptions) => string;
isLoading: boolean;
error: string | null;
result: SocialLoginResult | null;
manager: SocialLoginManager;
};
/**
* Hook for Apple login
*/
declare function useAppleLogin(options?: UseSocialLoginOptions): {
login: (loginOptions?: SocialLoginOptions) => Promise<SocialLoginResult>;
logout: () => Promise<void>;
getAuthUrl: (loginOptions?: SocialLoginOptions) => string;
isLoading: boolean;
error: string | null;
result: SocialLoginResult | null;
manager: SocialLoginManager;
};
/**
* Hook for Discord login
*/
declare function useDiscordLogin(options?: UseSocialLoginOptions): {
login: (loginOptions?: SocialLoginOptions) => Promise<SocialLoginResult>;
logout: () => Promise<void>;
getAuthUrl: (loginOptions?: SocialLoginOptions) => string;
isLoading: boolean;
error: string | null;
result: SocialLoginResult | null;
manager: SocialLoginManager;
};
/**
* Hook for handling OAuth callback
*/
declare function useSocialCallback(): {
processCallback: (manager: SocialLoginManager, provider: SocialProvider, callbackData: any) => Promise<SocialLoginResult>;
isProcessing: boolean;
result: SocialLoginResult | null;
error: string | null;
};
/**
* Default social login manager implementation
*/
declare class DefaultSocialLoginManager implements SocialLoginManager {
private config;
private providers;
private eventHandlers;
constructor(config?: Partial<SocialLoginConfig>);
/**
* Configure the social login manager
*/
configure(config: Partial<SocialLoginConfig>): void;
/**
* Add a social provider
*/
addProvider(provider: SocialProvider, config: SocialProviderConfig): void;
/**
* Remove a social provider
*/
removeProvider(provider: SocialProvider): void;
/**
* Initiate social login
*/
login(provider: SocialProvider, options?: SocialLoginOptions): Promise<SocialLoginResult>;
/**
* Logout from social provider
*/
logout(provider: SocialProvider): Promise<void>;
/**
* Refresh OAuth2 token
*/
refreshToken(provider: SocialProvider, refreshToken: string): Promise<OAuth2TokenResponse>;
/**
* Revoke OAuth2 token
*/
revokeToken(provider: SocialProvider, token: string): Promise<void>;
/**
* Get user profile from social provider
*/
getUserProfile(provider: SocialProvider, accessToken: string): Promise<SocialUserProfile>;
/**
* Get authorization URL for OAuth2 flow
*/
getAuthorizationUrl(provider: SocialProvider, options?: SocialLoginOptions): string;
/**
* Handle OAuth2 callback
*/
handleCallback(provider: SocialProvider, response: OAuth2AuthResponse): Promise<SocialLoginResult>;
/**
* Save login state
*/
saveState(state: SocialLoginState): void;
/**
* Get login state
*/
getState(stateId: string): SocialLoginState | null;
/**
* Clear login state
*/
clearState(stateId: string): void;
/**
* Add event listener
*/
on(event: SocialLoginEvent['type'], handler: SocialLoginEventHandler): void;
/**
* Remove event listener
*/
off(event: SocialLoginEvent['type'], handler: SocialLoginEventHandler): void;
/**
* Login with popup window
*/
private loginWithPopup;
/**
* Login with redirect
*/
private loginWithRedirect;
/**
* Exchange authorization code for tokens
*/
private exchangeCodeForTokens;
/**
* Map provider user data to standard format
*/
private mapUserProfile;
/**
* Generate random state for CSRF protection
*/
private generateState;
/**
* Generate PKCE challenge
*/
private generatePKCEChallenge;
/**
* Generate PKCE code verifier
*/
private generateCodeVerifier;
/**
* Generate PKCE code challenge
*/
private generateCodeChallenge;
/**
* Get stored states from localStorage
*/
private getStoredStates;
/**
* Clear provider tokens from storage
*/
private clearProviderTokens;
/**
* Emit social login event
*/
private emitEvent;
}
/**
* Base guard props
*/
interface BaseGuardProps {
children: ReactNode;
fallback?: ReactNode;
loading?: ReactNode;
onAccessDenied?: () => void;
rbacOptions?: UseRBACOptions$1;
}
/**
* Permission-based access guard
*/
interface PermissionGuardProps extends BaseGuardProps {
permission: PermissionCheck;
context?: Partial<PermissionContext>;
requireAll?: boolean;
}
declare function PermissionGuard({ children, permission, context, requireAll, fallback, loading, onAccessDenied, rbacOptions, }: PermissionGuardProps): react_jsx_runtime.JSX.Element;
/**
* Role-based access guard
*/
interface RoleGuardProps extends BaseGuardProps {
role: RoleString | Role | (RoleString | Role)[];
requireAll?: boolean;
}
declare function RoleGuard({ children, role, requireAll, fallback, loading, onAccessDenied, rbacOptions, }: RoleGuardProps): react_jsx_runtime.JSX.Element;
/**
* Admin-only access guard
*/
interface AdminGuardProps extends BaseGuardProps {
requireSuperuser?: boolean;
}
declare function AdminGuard({ children, requireSuperuser, fallback, loading, onAccessDenied, rbacOptions, }: AdminGuardProps): react_jsx_runtime.JSX.Element;
/**
* Authenticated user guard (requires any valid user)
*/
interface AuthenticatedGuardProps extends BaseGuardProps {
requireActive?: boolean;
}
declare function AuthenticatedGuard({ children, requireActive, fallback, loading, onAccessDenied, rbacOptions, }: AuthenticatedGuardProps): react_jsx_runtime.JSX.Element;
/**
* Conditional access guard with custom logic
*/
interface ConditionalGuardProps extends BaseGuardProps {
condition: (rbacUser: any) => boolean | Promise<boolean>;
}
declare function ConditionalGuard({ children, condition, fallback, loading, onAccessDenied, rbacOptions, }: ConditionalGuardProps): react_jsx_runtime.JSX.Element;
/**
* Higher-order component for RBAC protection
*/
declare function withRBACGuard<P extends object>(Component: React.ComponentType<P>, guardProps: Omit<PermissionGuardProps, 'children'> | Omit<RoleGuardProps, 'children'> | Omit<AdminGuardProps, 'children'>): (props: P) => react_jsx_runtime.JSX.Element;
/**
* Utility component to show different content based on permissions
*/
interface RBACContentProps {
rbacOptions?: UseRBACOptions$1;
children: {
admin?: ReactNode;
user?: ReactNode;
guest?: ReactNode;
denied?: ReactNode;
};
}
declare function RBACContent({ children, rbacOptions }: RBACContentProps): react_jsx_runtime.JSX.Element;
/**
* Debug component to show current user's permissions and roles
*/
interface RBACDebugProps {
rbacOptions?: UseRBACOptions$1;
showPermissions?: boolean;
showRoles?: boolean;
showUser?: boolean;
}
declare function RBACDebug({ rbacOptions, showPermissions, showRoles, showUser, }: RBACDebugProps): react_jsx_runtime.JSX.Element;
/**
* Base social login button props
*/
interface BaseSocialLoginButtonProps {
children?: ReactNode;
className?: string;
style?: React.CSSProperties;
disabled?: boolean;
loading?: ReactNode;
loginOptions?: SocialLoginOptions;
onSuccess?: (result: SocialLoginResult) => void;
onError?: (error: string) => void;
onCancel?: () => void;
socialOptions?: UseSocialLoginOptions$1;
}
/**
* Generic social login button
*/
interface SocialLoginButtonProps extends BaseSocialLoginButtonProps {
provider: SocialProvider;
}
declare function SocialLoginButton({ provider, children, className, style, disabled, loading, loginOptions, onSuccess, onError, onCancel, socialOptions, }: SocialLoginButtonProps): react_jsx_runtime.JSX.Element;
/**
* Google login button
*/
declare function GoogleLoginButton({ children, className, ...props }: Omit<BaseSocialLoginButtonProps, 'provider'>): react_jsx_runtime.JSX.Element;
/**
* GitHub login button
*/
declare function GitHubLoginButton({ children, className, ...props }: Omit<BaseSocialLoginButtonProps, 'provider'>): react_jsx_runtime.JSX.Element;
/**
* Facebook login button
*/
declare function FacebookLoginButton({ children, className, ...props }: Omit<BaseSocialLoginButtonProps, 'provider'>): react_jsx_runtime.JSX.Element;
/**
* Twitter login button
*/
declare function TwitterLoginButton({ children, className, ...props }: Omit<BaseSocialLoginButtonProps, 'provider'>): react_jsx_runtime.JSX.Element;
/**
* LinkedIn login button
*/
declare function LinkedInLoginButton({ children, className, ...props }: Omit<BaseSocialLoginButtonProps, 'provider'>): react_jsx_runtime.JSX.Element;
/**
* Microsoft login button
*/
declare function MicrosoftLoginButton({ children, className, ...props }: Omit<BaseSocialLoginButtonProps, 'provider'>): react_jsx_runtime.JSX.Element;
/**
* Apple login button
*/
declare function AppleLoginButton({ children, className, ...props }: Omit<BaseSocialLoginButtonProps, 'provider'>): react_jsx_runtime.JSX.Element;
/**
* Discord login button
*/
declare function DiscordLoginButton({ children, className, ...props }: Omit<BaseSocialLoginButtonProps, 'provider'>): react_jsx_runtime.JSX.Element;
/**
* Create an authentication interceptor that automatically:
* - Adds auth tokens to requests
* - Handles 401 responses with token refresh
* - Adds CSRF tokens when needed
*/
declare function createAuthInterceptor(config: AuthInterceptorConfig): Interceptor;
/**
* Create a retry interceptor that retries requests after token refresh
*/
declare function createRetryInterceptor(maxRetries?: number, shouldRetry?: (error: Error) => boolean): Interceptor;
/**
* Create a logging interceptor for debugging authentication issues
*/
declare function createAuthLoggingInterceptor(enabled?: boolean): Interceptor;
/**
* Basic authentication interceptor - adds auth token to requests
* @deprecated Use createAuthInterceptor for more advanced functionality
*/
declare const authInterceptor: Interceptor;
/**
* Retry interceptor - retries failed requests
*/
declare const retryInterceptor: Interceptor;
/**
* Cache interceptor - caches responses
*/
declare const cacheInterceptor: Interceptor;
/**
* Logging interceptor - logs requests and responses
*/
declare const loggingInterceptor: Interceptor;
declare class AuthService {
private apiClient;
private config;
private tokenStorage;
private tokenManager;
private endpointManager;
constructor(apiClient: ApiClient, config?: Partial<AuthConfig>);
/**
* Normalize configuration to handle both current and documented formats
*/
private normalizeConfig;
private getDefaultConfig;
/**
* Login with credentials
*/
login(credentials: LoginCredentials): Prom