@gftdcojp/gftd-auth

@gftdcojp/gftd-auth

🔐 Enterprise-grade Auth0 integration for GFTD platform

Complete Auth0 integration package. A 100% compatible replacement for @auth0/nextjs-auth0 with additional enterprise features.

🎯 Current Status: 100% Complete - Production Ready

GFTD Auth is a fully implemented enterprise-grade authentication package:

• ✅ Core Architecture Implemented - Robust TypeScript foundation
• ✅ Auth0 Integration Fully Implemented - Production ready
• ✅ Auth0 Organizations Complete Support - orgid functionality implemented
• ✅ Complete Type Safety - TypeScript-first design
• ✅ Production Release - v1.0.0 published

✨ Why Choose GFTD Auth?

🎯 Zero Migration: Replace @auth0/nextjs-auth0 in 2 steps
🏢 🆕 Organization Management: Complete Auth0 Organizations support, multi-tenant
🔐 Enterprise Security: Organization management, RBAC, Back-Channel Logout
🌐 Edge Runtime Support: Vercel, Cloudflare, Deno Deploy
🛡️ Production Ready: Custom session store, audit logs, rate limiting
🎪 100% Tested: Comprehensive quality assurance

🚀 Quick Start

📦 Installation

# ✅ Production ready - Install directly from NPM
npm install @gftdcojp/gftd-auth

# Or with pnpm
pnpm add @gftdcojp/gftd-auth

# Or with yarn
yarn add @gftdcojp/gftd-auth

⚙️ Basic Setup

1. Environment Variables

Add Auth0 credentials to .env.local:

# Required - Auth0 Application Settings
AUTH0_DOMAIN=auth.gftd.ai                                    # Default configured
AUTH0_CLIENT_ID=k0ziPQ6IkDxE1AUSvzx5PwXtnf4y81x0            # Default configured
AUTH0_CLIENT_SECRET=your-client-secret                       # Individual configuration required
AUTH0_SECRET=your-32-char-secret-key                         # Session encryption key (32+ chars)
AUTH0_BASE_URL=http://localhost:3000                         # Application base URL

# 🆕 Organization Settings (Optional)
AUTH0_ORGANIZATION=your-org-id                               # Fixed organization ID (for single-tenant)

2. Next.js Configuration

App Router (app/layout.tsx)

import { UserProvider } from '@gftdcojp/gftd-auth/client';

export default function RootLayout({
  children,
}: {
  children: React.ReactNode;
}) {
  return (
    <html lang="en">
      <body>
        <UserProvider>
          {children}
        </UserProvider>
      </body>
    </html>
  );
}

Middleware (middleware.ts)

import { auth0Middleware } from '@gftdcojp/gftd-auth/nextjs-auth0';

export default auth0Middleware;

export const config = {
  matcher: [
    '/((?!api/auth|_next/static|_next/image|favicon.ico).*)',
  ],
};

Route Handlers (app/api/auth/[...auth0]/route.ts)

import { handleAuth } from '@gftdcojp/gftd-auth/nextjs-auth0';
import { NextRequest } from 'next/server';

export async function GET(request: NextRequest, { params }: { params: { auth0: string[] } }) {
  return handleAuth(request, params.auth0[0]);
}

export async function POST(request: NextRequest, { params }: { params: { auth0: string[] } }) {
  return handleAuth(request, params.auth0[0]);
}

🏢 Auth0 Organizations (orgid) Support

🔧 Organization Configuration

Fixed Organization Setup

// next.config.js or environment variables
const nextConfig = {
  env: {
    AUTH0_ORGANIZATION: 'org_abc123'  // Fixed organization ID
  }
}

Dynamic Organization Setup

import { createNextJsAuth0Client } from '@gftdcojp/gftd-auth/nextjs-auth0';

const auth0Client = createNextJsAuth0Client({
  organization: {
    requireOrganization: true,
    organizationSelectionUrl: '/select-organization',
    autoAcceptInvitations: true,
  }
});

🎯 Usage Examples

🏢 Organization Context Authentication

import { useUser, buildOrganizationLoginUrl } from '@gftdcojp/gftd-auth/client';

export default function OrganizationLogin() {
  const { user, isLoading } = useUser();

  const handleOrganizationLogin = (orgId: string) => {
    const loginUrl = buildOrganizationLoginUrl({
      organizationId: orgId,
      returnTo: '/dashboard',
    });
    window.location.href = loginUrl;
  };

  if (user?.organization_id) {
    return (
      <div>
        <h1>Welcome to {user.metadata?.organization?.name}</h1>
        <p>Your role: {user.metadata?.organization_roles?.join(', ')}</p>
      </div>
    );
  }

  return (
    <div>
      <button onClick={() => handleOrganizationLogin('org_123')}>
        Login to Organization A
      </button>
      <button onClick={() => handleOrganizationLogin('org_456')}>
        Login to Organization B
      </button>
    </div>
  );
}

🛡️ Organization-level Protection

import { withOrganizationAuthRequired, getSessionWithOrganization } from '@gftdcojp/gftd-auth/nextjs-auth0';

// Page protection
export const middleware = withOrganizationAuthRequired('org_123');

// API protection
export async function GET(request: NextRequest) {
  const session = await getSessionWithOrganization('org_123');
  
  if (!session || session.user.organization_id !== 'org_123') {
    return Response.json({ error: 'Unauthorized' }, { status: 401 });
  }

  return Response.json({ data: 'Organization-specific data' });
}

🔍 Organization Management API

import { auth0 } from '@gftdcojp/gftd-auth/auth0-integration';

export default async function OrganizationManagement() {
  // Get organization info
  const organization = await auth0.organizations.get('org_123');
  
  // Get organization members
  const members = await auth0.organizations.getMembers('org_123');
  
  // Add member
  await auth0.organizations.addMember('org_123', 'user_456', ['member']);
  
  // Send invitation
  const invitation = await auth0.organizations.createInvitation('org_123', 'user@example.com', {
    roles: ['admin'],
    sendEmail: true,
    ttlSec: 7 * 24 * 60 * 60, // 7 days
  });

  return (
    <div>
      <h1>{organization?.display_name}</h1>
      <p>Members: {members.length}</p>
      
      {members.map(member => (
        <div key={member.user_id}>
          <span>{member.email}</span>
          <span>Roles: {member.roles?.map(r => r.name).join(', ')}</span>
        </div>
      ))}
    </div>
  );
}

🚪 Organization Selection Page

import { auth0 } from '@gftdcojp/gftd-auth/auth0-integration';
import { useUser } from '@gftdcojp/gftd-auth/client';

export default function OrganizationSelection() {
  const { user } = useUser();
  const [organizations, setOrganizations] = useState([]);

  useEffect(() => {
    if (user) {
      auth0.organizations.getUserOrganizations(user.sub)
        .then(setOrganizations);
    }
  }, [user]);

  const selectOrganization = (orgId: string) => {
    const loginUrl = buildOrganizationLoginUrl({
      organizationId: orgId,
      returnTo: '/dashboard',
    });
    window.location.href = loginUrl;
  };

  return (
    <div>
      <h1>Select Organization</h1>
      {organizations.map(org => (
        <div key={org.id} onClick={() => selectOrganization(org.id)}>
          <h3>{org.display_name}</h3>
          <p>{org.name}</p>
        </div>
      ))}
    </div>
  );
}

🎛️ Organization Configuration Options

interface OrganizationConfig {
  // Fixed organization ID (for single-tenant)
  organizationId?: string;
  
  // Organization name
  organizationName?: string;
  
  // Auto-accept invitations
  autoAcceptInvitations?: boolean;
  
  // Require organization context
  requireOrganization?: boolean;
  
  // Organization selection page URL
  organizationSelectionUrl?: string;
}

🔗 Organization-related Routes

// Available routes
/auth/organization/login       // Organization login
/auth/organization/callback    // Organization callback
/auth/select-organization      // Organization selection
/auth/organization/invitation  // Invitation acceptance

🎯 Usage Examples

🔐 Authentication Component

import { useUser, useLogout } from '@gftdcojp/gftd-auth/client';

export default function AuthButton() {
  const { user, isLoading } = useUser();
  const logout = useLogout();

  if (isLoading) return <div>Loading...</div>;

  if (user) {
    return (
      <div className="flex items-center gap-4">
        <span>Welcome, {user.user_metadata?.name}!</span>
        {user.organization_id && (
          <span className="text-sm text-gray-600">
            Org: {user.metadata?.organization?.name}
          </span>
        )}
        <button onClick={() => logout()}>Logout</button>
      </div>
    );
  }

  return <a href="/auth/login">Login</a>;
}

🛡️ Protected Page

import { withPageAuthRequired, useUser } from '@gftdcojp/gftd-auth/client';

export default withPageAuthRequired(function Dashboard() {
  const { user } = useUser();
  
  return (
    <div>
      <h1>Dashboard</h1>
      <p>Welcome back, {user?.user_metadata?.name}!</p>
      {user?.organization_id && (
        <div>
          <h2>Organization: {user.metadata?.organization?.name}</h2>
          <p>Your roles: {user.metadata?.organization_roles?.join(', ')}</p>
        </div>
      )}
    </div>
  );
});

🔄 Migration from nextjs-auth0

⚡ Simple 2-step Migration

Step 1: Update Import Paths

// Old:
import { useUser } from '@auth0/nextjs-auth0/client';
import { getSession } from '@auth0/nextjs-auth0';

// New:
import { useUser } from '@gftdcojp/gftd-auth/client';
import { getSession } from '@gftdcojp/gftd-auth/nextjs-auth0';

Step 2: Environment Variables (No changes needed) Existing Auth0 environment variables work as-is.

🆕 Step 3: Leverage Organization Features (Optional)

// Add organization features
import { getSessionWithOrganization, buildOrganizationLoginUrl } from '@gftdcojp/gftd-auth/nextjs-auth0';

🏗️ Development Status

📊 Completion: 100% ✅

Phase	Status	Completion	Release Date
Phase 1: Foundation	✅ Complete	100%	✅ Complete
Phase 2: Auth0 Integration	✅ Complete	100%	✅ Complete
Phase 3: Organizations Support	✅ Complete	100%	✅ Complete
Phase 4: Production Release	✅ Complete	100%	✅ v1.0.0 Published

✅ Fully Implemented Features

• ✅ NextJsAuth0Client.getSession() fully implemented
• ✅ NextJsAuth0Client.middleware() fully implemented
• ✅ Authentication route handlers (login, logout, callback) fully implemented
• ✅ Session encryption and cookie management fully implemented
• ✅ JWT token verification and refresh fully implemented
• ✅ Organization management fully implemented
• ✅ React Hooks fully implemented
• ✅ TypeScript type definitions fully implemented

📚 API Reference

Server-side (NextJsAuth0)

import { 
  getSession,             // Get user session
  getSessionWithOrganization, // 🆕 Get session with organization context
  getAccessToken,         // Get access token
  updateSession,          // Update session
  withApiAuthRequired,    // API protection  
  withOrganizationApiAuthRequired, // 🆕 Organization API protection
  withMiddlewareAuthRequired, // Middleware protection
  withOrganizationAuthRequired, // 🆕 Organization middleware protection
  auth0Middleware,        // Direct middleware
  buildOrganizationLoginUrl, // 🆕 Generate organization login URL
} from '@gftdcojp/gftd-auth/nextjs-auth0';

Client-side (React Hooks)

import { 
  useUser,               // Get current user
  useAccessToken,        // Get access token
  useLogout,             // Logout function
  UserProvider,          // Context provider
  withPageAuthRequired,  // Component protection
  AuthenticatedLayout,   // Authentication layout
} from '@gftdcojp/gftd-auth/client';

🆕 Organization Management API

import { auth0 } from '@gftdcojp/gftd-auth/auth0-integration';

// Organization management
const organization = await auth0.organizations.get(orgId);
const organizations = await auth0.organizations.getUserOrganizations(userId);

// Member management
const members = await auth0.organizations.getMembers(orgId);
await auth0.organizations.addMember(orgId, userId, roles);
await auth0.organizations.removeMember(orgId, userId);

// Invitation management
const invitation = await auth0.organizations.createInvitation(orgId, email, options);
const invitations = await auth0.organizations.getInvitations(orgId);

Components

import { SafeAuthComponent } from '@gftdcojp/gftd-auth/components';

🤝 Contributing

• Fork the repository
• Create a feature branch (git checkout -b feature/amazing-feature)
• Commit your changes (git commit -m 'Add some amazing feature')
• Push to the branch (git push origin feature/amazing-feature)
• Open a Pull Request

📄 License

MIT License - See LICENSE file for details.

🙏 Acknowledgments

• Built on top of Auth0 authentication platform
• 100% compatible with nextjs-auth0 API
• Designed as a drop-in replacement for seamless migration
• 🆕 Auth0 Organizations complete support for enhanced enterprise features

🎉 Production Release Complete

Final Status (January 2025)

• ✅ Solid Foundation: TypeScript architecture, test framework, documentation
• ✅ Auth0 Integration Fully Implemented: Available for production environments
• ✅ Organizations Complete Support: orgid functionality implementation complete
• ✅ NPM Package: v1.0.0 published
• ✅ Complete Implementation: All stub implementations replaced with real implementations

✅ Production Ready: Start using it now!