Add oRPC API contract with Zod schemas

- Create @reviq/api-contract package - Define Zod schemas for all input/output types: - Auth schemas (signup, login, password reset, WebAuthn) - User/profile schemas - Organization schemas (CRUD, members, invites) - Admin procedure schemas - Define oRPC contract with full procedure signatures: - auth.* (signup, login, password reset, WebAuthn) - me.* (profile, sessions, devices, passkeys) - orgs.* (CRUD, members, invites, sites) - admin.* (orgs, users, auth management) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-09 11:44:52 +08:00
parent 392d976812
commit cc5fba0fc7
11 changed files with 706 additions and 0 deletions
--- a/packages/api-contract/README.md
+++ b/packages/api-contract/README.md
@@ -0,0 +1,79 @@
+# @reviq/api-contract
+
+Contract-first API definitions using oRPC and Zod for the Publisher Dashboard authentication system.
+
+## Overview
+
+This package defines the complete API contract for all RPC procedures served at `/api/v1/rpc`. It uses:
+
+- **@orpc/contract** - Contract-first RPC framework
+- **Zod** - Runtime type validation and schema definitions
+- **libphonenumber-js** - Phone number validation and formatting
+
+## Structure
+
+```
+src/
+├── index.ts              # Main exports
+├── contract.ts           # oRPC contract with all procedure signatures
+└── schemas/
+    ├── common.ts         # Shared schemas (email, slug, phone)
+    ├── auth.ts           # Authentication schemas
+    ├── user.ts           # User profile and settings schemas
+    ├── org.ts            # Organization schemas
+    └── admin.ts          # Admin operation schemas
+```
+
+## Usage
+
+```typescript
+import { contract } from "@reviq/api-contract";
+import type { loginRequestInputSchema, loginRequestOutputSchema } from "@reviq/api-contract";
+
+// Use the contract to implement server handlers
+// Use the schemas for validation and type inference
+type LoginRequestInput = z.infer<typeof loginRequestInputSchema>;
+```
+
+## API Procedures
+
+### Auth (`auth.*`)
+- Signup, login, logout flows
+- Email verification
+- Password reset
+- WebAuthn (passkey) support
+
+### User (`me.*`)
+- Profile management
+- Password and passkey management
+- Session and device management
+
+### Organizations (`orgs.*`)
+- Org CRUD operations
+- Member management
+- Invitations
+- Site management
+
+### Admin (`admin.*`)
+- Superuser-only operations
+- User and org management
+- Site assignments
+
+## Development
+
+```bash
+# Build the package
+bun run build
+
+# Watch mode
+bun run dev
+
+# Type checking
+bun run typecheck
+```
+
+## Notes
+
+- All emails are automatically transformed to lowercase
+- Phone numbers are stored in E.164 format
+- Slugs follow domain name rules (2-63 chars, lowercase alphanumeric with hyphens)