Merge pull request #8 from fells-code/dev

CI update for release flow

Author: Bccorb

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,45 @@
+name: Bug report
+description: Report a problem
+title: '[Bug]: '
+labels: ['bug']
+assignees: []
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to report an issue.
+
+  - type: textarea
+    id: description
+    attributes:
+      label: What happened?
+      description: Describe the bug clearly and concisely.
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Steps to Reproduce
+      description: Provide minimal reproduction steps
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Expected Behavior
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Environment
+      description: Node version, package version, OS
+
+  - type: textarea
+    id: logs
+    attributes:
+      label: Logs / stack traces
+      render: shell
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1 @@
+blank_issues_enabled: false

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,35 @@
+name: Feature request
+description: Suggest an improvement or new capability
+title: '[Feature]: '
+labels: ['enhancement']
+assignees: []
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Feature requests are welcome. Please keep them focused and actionable.
+
+  - type: textarea
+    id: problem
+    attributes:
+      label: Problem statement
+      description: What problem are you trying to solve?
+    validations:
+      required: true
+
+  - type: textarea
+    id: solution
+    attributes:
+      label: Proposed solution
+      description: Describe the behavior you would like to see.
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives considered
+      description: Any workarounds or alternative approaches?
+    validations:
+      required: false

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,18 @@
+## Summary
+
+Describe the change.
+
+## Type of Change
+
+- [ ] Feature
+- [ ] Fix
+- [ ] Refactor
+- [ ] Documentation
+- [ ] Test
+
+## Checklist
+
+- [ ] Tests pass
+- [ ] No breaking changes
+- [ ] Docs updated (if needed)
+- [ ] Security implications considered

.github/workflows/ci.yml

@@ -1,8 +1,6 @@
 name: CI
 
 on:
-  push:
-    branches: ['**']
   pull_request:
     branches: ['**']
 
@@ -29,7 +27,11 @@ jobs:
       - name: Run Tests with Coverage
         run: npm test -- --coverage
 
+      - name: Build
+        run: npm run build
+
       - name: Upload coverage reports to Codecov
+        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
         uses: codecov/codecov-action@v5
         with:
           token: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/release-beta.yml

@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: write
-      id-token: write # for npm provenance (optional)
+      id-token: write
     steps:
       - name: Checkout repo
         uses: actions/checkout@v4

.github/workflows/release.yml

@@ -2,8 +2,8 @@ name: Release
 
 on:
   push:
-    branches:
-      - main
+    tags:
+      - 'v*'
 
 jobs:
   release:
@@ -15,9 +15,8 @@ jobs:
           node-version: 20
           registry-url: https://registry.npmjs.org/
       - run: npm ci
-      - run: npm run build
-      - name: Semantic Release (main)
+
+      - name: Publish to npm
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-        run: npx semantic-release
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: npm publish

CONTRIBUTING.md

@@ -0,0 +1,231 @@
+# Contributing to Seamless Auth
+
+Thank you for contributing to Seamless Auth.
+
+## Philosophy
+
+Seamless Auth is:
+
+- Passwordless-first
+- Security-focused
+- Minimal and intentional
+- Infrastructure-grade software
+
+## Before You Start
+
+For non-trivial changes:
+
+1. Open an issue first
+2. Explain the motivation
+3. Describe your proposed solution
+4. Wait for feedback
+
+## Development Setup (React SDK)
+
+The React SDK is developed against a real Seamless Auth server instance.
+
+Contributors must run the local Seamless Auth server while developing changes to this package.
+
+---
+
+## 1. Fork and Clone
+
+Fork the repository and clone it locally:
+
+```bash
+# Clone the auth server code or your forks
+git clone https://github.com/fells-code/seamless-auth-api.git
+
+# Clone the react SDK
+git clone https://github.com/fells-code/seamless-auth-react.git
+```
+
+---
+
+## 2. Run the Seamless Auth Server
+
+```bash
+cd seamless-auth-api
+cp .env.example .env
+```
+
+> IMPORTANT
+> Change the AUTH_MODE env to "web" NOT "server".
+> Change the APP_ORIGIN env to `http://localhost:5173` to match vite
+> This lets you authenticate between a web app and the auth server with no need for an API.
+
+### If docker and docker compose are avaliable
+
+```bash
+docker compose up -d
+```
+
+> If you are using docker you can stop here and move on to Step 3.
+
+### If not using docker
+
+Start postgres in whatever way your system does e.g. on mac
+
+```bash
+brew services start postgresql
+```
+
+### Prepare the database
+
+```bash
+npm install
+
+npm run db:create
+npm run db:migrate
+
+npm run dev
+```
+
+---
+
+Ensure the server is running locally (default: `http://localhost:5312`).
+
+```bash
+curl http://localhost:5312/health/status
+
+## Expected result
+## {"message":"System up"}
+```
+
+---
+
+## 3. Create a Local Test Application
+
+You will need a web application to integerate the SDK into.
+We recommend using Vite for fast iteration:
+
+```bash
+# If still in the auth directory
+cd ../
+
+npm create vite@latest seamless-auth-dev
+### Select React as the framework, Typescript as the variant
+```
+
+> Web site will be active at http://localhost:5137
+
+---
+
+## 4. Link the React Package
+
+From the `seamless-auth-react` repository:
+
+```bash
+npm install
+npm link
+```
+
+Then inside your test application:
+
+```bash
+npm link @seamless-auth/react
+npm install react-router-dom
+```
+
+---
+
+## 5. Wrap Your Application with AuthProvider
+
+Update `main.tsx`:
+
+```tsx
+// main.tsx
+import { StrictMode } from 'react';
+import { createRoot } from 'react-dom/client';
+import { AuthProvider, AuthRoutes, useAuth } from '@seamless-auth/react';
+import './index.css';
+import App from './App.tsx';
+import { BrowserRouter, Route, Routes } from 'react-router-dom';
+
+// eslint-disable-next-line react-refresh/only-export-components
+function ApplicationRoutes() {
+  const { isAuthenticated } = useAuth();
+
+  return (
+    <Routes>
+      {isAuthenticated ? (
+        <Route path="*" element={<App />} />
+      ) : (
+        <Route path="*" element={<AuthRoutes />} />
+      )}
+    </Routes>
+  );
+}
+
+createRoot(document.getElementById('root')!).render(
+  <StrictMode>
+    <BrowserRouter>
+      <AuthProvider apiHost="http://localhost:5312" mode="web">
+        <ApplicationRoutes />
+      </AuthProvider>
+    </BrowserRouter>
+  </StrictMode>
+);
+```
+
+---
+
+## 6. Run the SDK in Watch Mode
+
+Inside `seamless-auth-react`:
+
+```bash
+npm run build -- --watch
+```
+
+Changes will automatically rebuild and propagate to your linked development application.
+
+## 7. Good working state
+
+If all went well you should have a directory structure like this
+
+```bash
+.
+├── seamless-auth-api
+├── seamless-auth-dev
+└── seamless-auth-react
+```
+
+Navigating to `http://localhost:5173` give you the seamless auth login page.
+
+If so you are ready to start dev work
+
+## Expectations
+
+When submitting a pull request:
+
+- Ensure the SDK works against a running local auth server
+- Verify login, logout, and session behavior
+- Confirm role-based logic works as expected
+- Run lint and tests before submitting
+
+This ensures changes remain aligned with real authentication flows and infrastructure behavior.
+
+## Commit Conventions
+
+- feat:
+- fix:
+- docs:
+- refactor:
+- test:
+- chore:
+
+Example:
+
+feat: add configurable token expiration override
+
+## Pull Requests Must
+
+- Be scoped
+- Include tests
+- Update docs
+- Pass CI
+
+## Licensing
+
+By contributing, you agree your contributions fall under the project license.