Clean up codebase and prepare as template

Remove unused files and code:
- Delete test/debug endpoints (test.get.ts, public.get.ts, user.get.ts, debug-config backup)
- Remove unused OAuth wrapper (oauth-authentik.ts)
- Clean up debug console.log statements
- Simplify code comments

Fix TypeScript errors:
- Add @types/node dependency
- Create index.d.ts with User interface extension
- Fix UButton color props (red→error, gray→neutral)
- Add type assertions in protected.get.ts

Update documentation:
- Enhance README.md as template documentation
- Update SETUP.md with correct API routes (/api/auth/* instead of /auth/*)
- Add NUXT_OAUTH_AUTHENTIK_SERVER_URL_INTERNAL documentation
- Update endpoint documentation

This commit prepares the repository to be used as a template for future Nuxt 4 + Authentik OAuth projects.

nuxt4-app/server/api/auth/authentik.get.ts

@@ -3,15 +3,12 @@ import { withQuery } from 'ufo'
 
 /**
  * OAuth Authentik Login Handler
- * Ruta: /api/auth/authentik
- *
- * Este endpoint inicia el flujo OAuth con Authentik
+ * Handles OAuth flow: initial redirect and callback
  */
 export default defineEventHandler(async (event) => {
   const runtimeConfig = useRuntimeConfig(event)
   const query = getQuery(event)
 
-  // Configuración de Authentik
   const config = {
     clientId: runtimeConfig.oauth.authentik.clientId,
     clientSecret: runtimeConfig.oauth.authentik.clientSecret,
@@ -21,13 +18,6 @@ export default defineEventHandler(async (event) => {
     scope: ['openid', 'profile', 'email'],
   }
 
-  console.log('OAuth Authentik - Iniciando flujo:', {
-    serverUrl: config.serverUrl,
-    serverUrlInternal: config.serverUrlInternal,
-    redirectURL: config.redirectURL,
-    hasCode: !!query.code
-  })
-
   // Handle OAuth callback
   if (query.code) {
     try {
@@ -70,7 +60,6 @@ export default defineEventHandler(async (event) => {
         loggedInAt: Date.now()
       })
 
-      // Redirigir al dashboard después del login
       return sendRedirect(event, '/')
     } catch (error: any) {
       console.error('Authentik OAuth error:', error)
@@ -89,6 +78,5 @@ export default defineEventHandler(async (event) => {
     }
   )
 
-  console.log('Redirecting to:', authorizationUrl)
   return sendRedirect(event, authorizationUrl)
 })

nuxt4-app/server/api/auth/logout.get.ts

@@ -1,8 +1,6 @@
 /**
  * Logout Handler
- * Ruta: /api/auth/logout
- *
- * Limpia la sesión del usuario y redirige a la página de inicio
+ * Clears user session and redirects to home
  */
 export default defineEventHandler(async (event) => {
   await clearUserSession(event)

nuxt4-app/server/api/auth/test.get.ts

@@ -1,7 +0,0 @@
-/**
- * Test endpoint
- * Ruta: /api/auth/test
- */
-export default defineEventHandler(() => {
-  return { message: 'Auth subfolder works!' }
-})

nuxt4-app/server/api/debug-config.get.ts.bak

@@ -1,31 +0,0 @@
-/**
- * Debug Config Endpoint
- * Ruta: /api/debug-config
- *
- * TEMPORAL: Para verificar que las variables de entorno se estén cargando
- * BORRAR EN PRODUCCIÓN
- */
-export default defineEventHandler((event) => {
-  const runtimeConfig = useRuntimeConfig(event)
-
-  return {
-    oauth: {
-      authentik: {
-        clientId: runtimeConfig.oauth.authentik.clientId ? 'SET (hidden)' : 'MISSING',
-        clientSecret: runtimeConfig.oauth.authentik.clientSecret ? 'SET (hidden)' : 'MISSING',
-        serverUrl: runtimeConfig.oauth.authentik.serverUrl || 'MISSING',
-        redirectURL: runtimeConfig.oauth.authentik.redirectURL || 'MISSING',
-      }
-    },
-    public: {
-      appUrl: runtimeConfig.public.appUrl || 'MISSING'
-    },
-    env: {
-      NODE_ENV: process.env.NODE_ENV,
-      // Verificar directamente las env vars
-      NUXT_OAUTH_AUTHENTIK_SERVER_URL: process.env.NUXT_OAUTH_AUTHENTIK_SERVER_URL || 'MISSING',
-      NUXT_OAUTH_AUTHENTIK_REDIRECT_URL: process.env.NUXT_OAUTH_AUTHENTIK_REDIRECT_URL || 'MISSING',
-      NUXT_PUBLIC_APP_URL: process.env.NUXT_PUBLIC_APP_URL || 'MISSING',
-    }
-  }
-})

nuxt4-app/server/api/protected.get.ts

@@ -1,21 +1,16 @@
 /**
  * Protected API Endpoint
- * Ruta: /api/protected
- *
- * Endpoint protegido que requiere autenticación
- * Retorna datos sensibles solo para usuarios autenticados
+ * Requires authentication - returns user-specific data
  */
 export default defineEventHandler(async (event) => {
-  // Verificar autenticación
   const session = await requireUserSession(event)
 
   return {
     message: 'Datos protegidos del usuario',
-    user: session.user.username,
+    user: (session.user as any).username,
     data: {
-      // Aquí puedes añadir datos específicos del usuario
       lotes: [],
-      permissions: session.user.groups || []
+      permissions: (session.user as any).groups || []
     },
     timestamp: new Date().toISOString()
   }

nuxt4-app/server/api/public.get.ts

@@ -1,13 +0,0 @@
-/**
- * Public API Endpoint
- * Ruta: /api/public
- *
- * Endpoint público que no requiere autenticación
- * Útil para datos que deben estar disponibles offline
- */
-export default defineEventHandler(async (event) => {
-  return {
-    message: 'Este endpoint es público y funciona offline',
-    timestamp: new Date().toISOString()
-  }
-})

nuxt4-app/server/api/user.get.ts

@@ -1,15 +0,0 @@
-/**
- * Get Current User API
- * Ruta: /api/user
- *
- * Endpoint protegido que devuelve la información del usuario autenticado
- */
-export default defineEventHandler(async (event) => {
-  // Obtener sesión del usuario (requiere autenticación)
-  const session = await requireUserSession(event)
-
-  return {
-    user: session.user,
-    loggedInAt: session.loggedInAt
-  }
-})