@01.software/sdk 0.2.9-dev.260314.f493447 → 0.4.0

package/README.md

@@ -10,6 +10,7 @@ npm install @01.software/sdk
 pnpm add @01.software/sdk
 ```
 
+
 ## Features
 
 - Full TypeScript type inference
@@ -47,6 +48,7 @@ import { Image } from '@01.software/sdk/ui/image'
 import { FormRenderer } from '@01.software/sdk/ui/form'
 import { CodeBlock } from '@01.software/sdk/ui/code-block'
 import { FlowRenderer } from '@01.software/sdk/ui/flow'
+import { VideoPlayer } from '@01.software/sdk/ui/video'
 ```
 
 ## Getting Started
@@ -79,11 +81,12 @@ const client = createServerClient({
 
 // Create order (server only)
 const order = await client.api.createOrder({
-  paymentId: 'pay_123',
   orderNumber: generateOrderNumber(),
-  email: 'user@example.com',
+  customerSnapshot: { email: 'user@example.com' },
+  shippingAddress: { recipientName: 'John', phone: '010-1234-5678', postalCode: '12345', address1: 'Seoul', address2: 'Apt 101' },
   orderProducts: [...],
   totalAmount: 10000,
+  paymentId: 'pay_123', // optional (omit for free orders)
   discountCode: 'WELCOME10', // optional
 })
 

package/dist/auth.d.cts

@@ -1,4 +1,4 @@
-import './payload-types-ggU6BNuH.cjs';
+import './payload-types-CZiaL4Wr.cjs';
 
 interface JwtPayload {
     clientKey: string;

package/dist/auth.d.ts

@@ -1,4 +1,4 @@
-import './payload-types-ggU6BNuH.js';
+import './payload-types-CZiaL4Wr.js';
 
 interface JwtPayload {
     clientKey: string;

package/dist/const-BpirbGBD.d.cts

@@ -0,0 +1,19 @@
+import { C as Config } from './payload-types-CZiaL4Wr.cjs';
+
+/**
+ * Collection type derived from Payload Config.
+ * This ensures type safety and automatic synchronization with payload-types.ts
+ */
+type Collection = keyof Config['collections'];
+/**
+ * Array of all public collection names for runtime use (e.g., Zod enum validation).
+ * This is the single source of truth for which collections are publicly accessible via SDK.
+ */
+declare const COLLECTIONS: readonly ["tenants", "tenant-metadata", "tenant-logos", "products", "product-variants", "product-options", "product-categories", "product-tags", "product-collections", "brands", "brand-logos", "orders", "order-products", "returns", "return-products", "exchanges", "exchange-products", "fulfillments", "fulfillment-items", "transactions", "customers", "customer-addresses", "customer-groups", "carts", "cart-items", "discounts", "shipping-policies", "documents", "document-categories", "document-types", "posts", "post-authors", "post-categories", "post-tags", "playlists", "playlist-categories", "playlist-tags", "musics", "galleries", "gallery-categories", "gallery-tags", "gallery-items", "flows", "flow-node-types", "flow-edge-types", "flow-categories", "flow-tags", "videos", "video-categories", "video-tags", "live-streams", "images", "forms", "form-submissions"];
+/**
+ * Public collections available for SDK access.
+ * Derived from the COLLECTIONS array (single source of truth).
+ */
+type PublicCollection = (typeof COLLECTIONS)[number];
+
+export { type Collection as C, type PublicCollection as P, COLLECTIONS as a };

package/dist/const-qZSQiSSC.d.ts

@@ -0,0 +1,19 @@
+import { C as Config } from './payload-types-CZiaL4Wr.js';
+
+/**
+ * Collection type derived from Payload Config.
+ * This ensures type safety and automatic synchronization with payload-types.ts
+ */
+type Collection = keyof Config['collections'];
+/**
+ * Array of all public collection names for runtime use (e.g., Zod enum validation).
+ * This is the single source of truth for which collections are publicly accessible via SDK.
+ */
+declare const COLLECTIONS: readonly ["tenants", "tenant-metadata", "tenant-logos", "products", "product-variants", "product-options", "product-categories", "product-tags", "product-collections", "brands", "brand-logos", "orders", "order-products", "returns", "return-products", "exchanges", "exchange-products", "fulfillments", "fulfillment-items", "transactions", "customers", "customer-addresses", "customer-groups", "carts", "cart-items", "discounts", "shipping-policies", "documents", "document-categories", "document-types", "posts", "post-authors", "post-categories", "post-tags", "playlists", "playlist-categories", "playlist-tags", "musics", "galleries", "gallery-categories", "gallery-tags", "gallery-items", "flows", "flow-node-types", "flow-edge-types", "flow-categories", "flow-tags", "videos", "video-categories", "video-tags", "live-streams", "images", "forms", "form-submissions"];
+/**
+ * Public collections available for SDK access.
+ * Derived from the COLLECTIONS array (single source of truth).
+ */
+type PublicCollection = (typeof COLLECTIONS)[number];
+
+export { type Collection as C, type PublicCollection as P, COLLECTIONS as a };

package/dist/index.cjs

@@ -87,6 +87,7 @@ __export(src_exports, {
   OrderApi: () => OrderApi,
   ProductApi: () => ProductApi,
   QueryHooks: () => QueryHooks,
+  RealtimeConnection: () => RealtimeConnection,
   SDKError: () => SDKError,
   ServerClient: () => ServerClient,
   ServiceUnavailableError: () => ServiceUnavailableError,
@@ -215,7 +216,7 @@ function parseApiKey(apiKey) {
 }
 
 // src/core/internal/errors/index.ts
-var SDKError = class _SDKError extends Error {
+var SDKError = class extends Error {
   constructor(code, message, status, details, userMessage, suggestion) {
     super(message);
     this.name = "SDKError";
@@ -225,7 +226,7 @@ var SDKError = class _SDKError extends Error {
     this.userMessage = userMessage;
     this.suggestion = suggestion;
     if (Error.captureStackTrace) {
-      Error.captureStackTrace(this, _SDKError);
+      Error.captureStackTrace(this, new.target);
     }
   }
   getUserMessage() {
@@ -345,7 +346,7 @@ function resolveApiUrl() {
   if (envUrl) {
     return envUrl.replace(/\/$/, "");
   }
-  return "https://api-dev.01.software";
+  return "https://api.01.software";
 }
 
 // src/core/internal/utils/http.ts
@@ -423,7 +424,7 @@ function httpFetch(url, options) {
         const redactedHeaders = Object.fromEntries(headers.entries());
         if (redactedHeaders["authorization"]) {
           const token = redactedHeaders["authorization"];
-          redactedHeaders["authorization"] = token.length > 15 ? `${token.slice(0, 15)}...****` : "****";
+          redactedHeaders["authorization"] = token.length > 20 ? `Bearer ...****${token.slice(-8)}` : "****";
         }
         debugLog(debug, "request", url, {
           method: requestInit.method || "GET",
@@ -562,6 +563,35 @@ function httpFetch(url, options) {
   });
 }
 
+// src/core/api/parse-response.ts
+function parseApiResponse(response, endpoint) {
+  return __async(this, null, function* () {
+    let data;
+    try {
+      data = yield response.json();
+    } catch (e) {
+      throw createApiError(
+        `Invalid JSON response from ${endpoint}`,
+        response.status,
+        void 0,
+        "Server returned an invalid response.",
+        "Check if the API endpoint is available."
+      );
+    }
+    if (data.error) {
+      const errorMessage = typeof data.error === "string" ? data.error : "Unknown API error";
+      throw createApiError(
+        errorMessage,
+        response.status,
+        data,
+        errorMessage,
+        "An error occurred while processing the request."
+      );
+    }
+    return data;
+  });
+}
+
 // src/core/api/base-api.ts
 var BaseApi = class {
   constructor(apiName, options) {
@@ -575,38 +605,17 @@ var BaseApi = class {
     this.secretKey = options.secretKey;
     this.baseUrl = options.baseUrl;
   }
-  request(endpoint, body) {
+  request(endpoint, body, options) {
     return __async(this, null, function* () {
-      const response = yield httpFetch(endpoint, {
-        method: "POST",
+      var _a;
+      const method = (_a = options == null ? void 0 : options.method) != null ? _a : "POST";
+      const response = yield httpFetch(endpoint, __spreadValues(__spreadValues({
+        method,
         clientKey: this.clientKey,
         secretKey: this.secretKey,
-        baseUrl: this.baseUrl,
-        body: JSON.stringify(body)
-      });
-      let data;
-      try {
-        data = yield response.json();
-      } catch (e) {
-        throw createApiError(
-          `Invalid JSON response from ${endpoint}`,
-          response.status,
-          void 0,
-          "Server returned an invalid response.",
-          "Check if the API endpoint is available."
-        );
-      }
-      if (data.error) {
-        const errorMessage = typeof data.error === "string" ? data.error : "Unknown API error";
-        throw createApiError(
-          errorMessage,
-          response.status,
-          data,
-          errorMessage,
-          "An error occurred while processing the request."
-        );
-      }
-      return data;
+        baseUrl: this.baseUrl
+      }, body !== void 0 && { body: JSON.stringify(body) }), (options == null ? void 0 : options.headers) && { headers: options.headers }));
+      return parseApiResponse(response, endpoint);
     });
   }
 };
@@ -696,29 +705,7 @@ var CartApi = class {
         customerToken: token != null ? token : void 0,
         baseUrl: this.baseUrl
       }, token && this.onUnauthorized && { onUnauthorized: this.onUnauthorized }), body !== void 0 && { body: JSON.stringify(body) }));
-      let data;
-      try {
-        data = yield response.json();
-      } catch (e) {
-        throw createApiError(
-          `Invalid JSON response from ${endpoint}`,
-          response.status,
-          void 0,
-          "Server returned an invalid response.",
-          "Check if the API endpoint is available."
-        );
-      }
-      if (data.error) {
-        const errorMessage = typeof data.error === "string" ? data.error : "Unknown API error";
-        throw createApiError(
-          errorMessage,
-          response.status,
-          data,
-          errorMessage,
-          "An error occurred while processing the request."
-        );
-      }
-      return data;
+      return parseApiResponse(response, endpoint);
     });
   }
   getCart(cartId) {
@@ -1018,7 +1005,7 @@ var HttpClient = class {
    */
   parseFindResponse(response) {
     return __async(this, null, function* () {
-      var _a, _b;
+      var _a, _b, _c, _d, _e, _f;
       const contentType = response.headers.get("content-type");
       try {
         this.assertJsonResponse(response);
@@ -1030,15 +1017,15 @@ var HttpClient = class {
         }
         return {
           docs: jsonData.docs,
-          totalDocs: jsonData.totalDocs || 0,
+          totalDocs: (_a = jsonData.totalDocs) != null ? _a : 0,
           limit: jsonData.limit || 20,
-          totalPages: jsonData.totalPages || 0,
+          totalPages: (_b = jsonData.totalPages) != null ? _b : 0,
           page: jsonData.page || 1,
           pagingCounter: jsonData.pagingCounter || 1,
-          hasPrevPage: jsonData.hasPrevPage || false,
-          hasNextPage: jsonData.hasNextPage || false,
-          prevPage: (_a = jsonData.prevPage) != null ? _a : null,
-          nextPage: (_b = jsonData.nextPage) != null ? _b : null
+          hasPrevPage: (_c = jsonData.hasPrevPage) != null ? _c : false,
+          hasNextPage: (_d = jsonData.hasNextPage) != null ? _d : false,
+          prevPage: (_e = jsonData.prevPage) != null ? _e : null,
+          nextPage: (_f = jsonData.nextPage) != null ? _f : null
         };
       } catch (error) {
         if (error instanceof SDKError) throw error;
@@ -1283,6 +1270,7 @@ var COLLECTIONS = [
   "document-categories",
   "document-types",
   "posts",
+  "post-authors",
   "post-categories",
   "post-tags",
   "playlists",
@@ -1309,23 +1297,33 @@ var COLLECTIONS = [
 
 // src/core/customer/customer-auth.ts
 var DEFAULT_TIMEOUT2 = 15e3;
+function safeGetItem(key) {
+  try {
+    return localStorage.getItem(key);
+  } catch (e) {
+    return null;
+  }
+}
 var CustomerAuth = class {
   constructor(clientKey, baseUrl, options) {
     this.refreshPromise = null;
-    var _a, _b, _c;
+    var _a, _b;
     this.clientKey = clientKey;
     this.baseUrl = baseUrl;
     const persist = (_a = options == null ? void 0 : options.persist) != null ? _a : true;
     if (persist) {
       const key = typeof persist === "string" ? persist : "customer-token";
       const isBrowser = typeof window !== "undefined";
-      this.token = isBrowser ? (_b = localStorage.getItem(key)) != null ? _b : null : null;
+      this.token = isBrowser ? safeGetItem(key) : null;
       this.onTokenChange = isBrowser ? (token) => {
-        if (token) localStorage.setItem(key, token);
-        else localStorage.removeItem(key);
+        try {
+          if (token) localStorage.setItem(key, token);
+          else localStorage.removeItem(key);
+        } catch (e) {
+        }
       } : void 0;
     } else {
-      this.token = (_c = options == null ? void 0 : options.token) != null ? _c : null;
+      this.token = (_b = options == null ? void 0 : options.token) != null ? _b : null;
       this.onTokenChange = options == null ? void 0 : options.onTokenChange;
     }
   }
@@ -2121,6 +2119,157 @@ function createServerClient(options) {
   return new ServerClient(options);
 }
 
+// src/core/query/realtime.ts
+var INITIAL_RECONNECT_DELAY = 1e3;
+var MAX_RECONNECT_DELAY = 3e4;
+var RECONNECT_BACKOFF_FACTOR = 2;
+var MAX_NO_TOKEN_RETRIES = 5;
+var RealtimeConnection = class {
+  constructor(baseUrl, clientKey, getToken, collections) {
+    this.baseUrl = baseUrl;
+    this.clientKey = clientKey;
+    this.getToken = getToken;
+    this.collections = collections;
+    this.abortController = null;
+    this.reconnectAttempt = 0;
+    this.noTokenAttempts = 0;
+    this.reconnectTimer = null;
+    this.listeners = /* @__PURE__ */ new Set();
+    this._connected = false;
+  }
+  get connected() {
+    return this._connected;
+  }
+  addListener(fn) {
+    this.listeners.add(fn);
+    return () => this.listeners.delete(fn);
+  }
+  connect() {
+    if (this.abortController) return;
+    this.abortController = new AbortController();
+    this.startStream(this.abortController.signal);
+  }
+  disconnect() {
+    this._connected = false;
+    if (this.reconnectTimer) {
+      clearTimeout(this.reconnectTimer);
+      this.reconnectTimer = null;
+    }
+    if (this.abortController) {
+      this.abortController.abort();
+      this.abortController = null;
+    }
+    this.reconnectAttempt = 0;
+    this.noTokenAttempts = 0;
+  }
+  startStream(signal) {
+    return __async(this, null, function* () {
+      var _a;
+      const token = this.getToken();
+      if (!token) {
+        this.noTokenAttempts++;
+        if (this.noTokenAttempts >= MAX_NO_TOKEN_RETRIES) {
+          this._connected = false;
+          this.abortController = null;
+          return;
+        }
+        this.scheduleReconnect();
+        return;
+      }
+      this.noTokenAttempts = 0;
+      const params = ((_a = this.collections) == null ? void 0 : _a.length) ? `?collections=${this.collections.join(",")}` : "";
+      const url = `${this.baseUrl}/api/events/stream${params}`;
+      try {
+        const response = yield fetch(url, {
+          headers: {
+            "X-Client-Key": this.clientKey,
+            Authorization: `Bearer ${token}`
+          },
+          signal
+        });
+        if (!response.ok) {
+          if (response.status === 401) {
+            this.scheduleReconnect();
+            return;
+          }
+          throw new Error(`SSE connection failed: ${response.status}`);
+        }
+        if (!response.body) {
+          throw new Error("SSE response has no body");
+        }
+        this._connected = true;
+        this.reconnectAttempt = 0;
+        yield this.readStream(response.body, signal);
+      } catch (e) {
+        if (signal.aborted) return;
+        this._connected = false;
+        this.scheduleReconnect();
+      }
+    });
+  }
+  readStream(body, signal) {
+    return __async(this, null, function* () {
+      var _a;
+      const reader = body.getReader();
+      const decoder = new TextDecoder();
+      let buffer = "";
+      let currentEvent = "";
+      let currentData = "";
+      try {
+        while (true) {
+          const { done, value } = yield reader.read();
+          if (done || signal.aborted) break;
+          buffer += decoder.decode(value, { stream: true });
+          const lines = buffer.split("\n");
+          buffer = (_a = lines.pop()) != null ? _a : "";
+          for (const line of lines) {
+            if (line.startsWith("event: ")) {
+              currentEvent = line.slice(7);
+            } else if (line.startsWith("data: ")) {
+              currentData += (currentData ? "\n" : "") + line.slice(6);
+            } else if (line === "") {
+              if (currentEvent === "collection:change" && currentData) {
+                try {
+                  const event = JSON.parse(currentData);
+                  for (const listener of this.listeners) {
+                    try {
+                      listener(event);
+                    } catch (e) {
+                    }
+                  }
+                } catch (e) {
+                }
+              }
+              currentEvent = "";
+              currentData = "";
+            }
+          }
+        }
+      } catch (e) {
+      } finally {
+        reader.releaseLock();
+        this._connected = false;
+        if (!signal.aborted) {
+          this.scheduleReconnect();
+        }
+      }
+    });
+  }
+  scheduleReconnect() {
+    if (this.reconnectTimer) return;
+    const delay2 = Math.min(
+      INITIAL_RECONNECT_DELAY * Math.pow(RECONNECT_BACKOFF_FACTOR, this.reconnectAttempt),
+      MAX_RECONNECT_DELAY
+    );
+    this.reconnectAttempt++;
+    this.reconnectTimer = setTimeout(() => {
+      this.reconnectTimer = null;
+      this.abortController = new AbortController();
+      this.startStream(this.abortController.signal);
+    }, delay2);
+  }
+};
+
 // src/core/webhook/index.ts
 function isValidWebhookEvent(data) {
   if (typeof data !== "object" || data === null) return false;
@@ -2129,22 +2278,22 @@ function isValidWebhookEvent(data) {
 }
 function verifySignature(payload, secret, signature) {
   return __async(this, null, function* () {
+    var _a;
     const encoder = new TextEncoder();
     const key = yield crypto.subtle.importKey(
       "raw",
       encoder.encode(secret),
       { name: "HMAC", hash: "SHA-256" },
       false,
-      ["sign"]
+      ["verify"]
     );
-    const sig = yield crypto.subtle.sign("HMAC", key, encoder.encode(payload));
-    const expected = Array.from(new Uint8Array(sig)).map((b) => b.toString(16).padStart(2, "0")).join("");
-    let result = expected.length !== signature.length ? 1 : 0;
-    const len = Math.max(expected.length, signature.length);
-    for (let i = 0; i < len; i++) {
-      result |= (expected.charCodeAt(i) || 0) ^ (signature.charCodeAt(i) || 0);
+    if (signature.length % 2 !== 0 || !/^[0-9a-fA-F]*$/.test(signature)) {
+      return false;
     }
-    return result === 0;
+    const sigBytes = new Uint8Array(
+      ((_a = signature.match(/.{2}/g)) != null ? _a : []).map((byte) => parseInt(byte, 16))
+    );
+    return crypto.subtle.verify("HMAC", key, sigBytes, encoder.encode(payload));
   });
 }
 function handleWebhook(request, handler, options) {
@@ -2266,9 +2415,10 @@ function getImagePlaceholderStyle(image, options) {
 // src/utils/order/generateOrderNumber.ts
 var generateOrderNumber = () => {
   var _a;
-  const year = (/* @__PURE__ */ new Date()).getFullYear().toString().slice(-2);
-  const month = ((/* @__PURE__ */ new Date()).getMonth() + 1).toString().padStart(2, "0");
-  const day = (/* @__PURE__ */ new Date()).getDate().toString().padStart(2, "0");
+  const now = /* @__PURE__ */ new Date();
+  const year = now.getFullYear().toString().slice(-2);
+  const month = (now.getMonth() + 1).toString().padStart(2, "0");
+  const day = now.getDate().toString().padStart(2, "0");
   const array = new Uint32Array(1);
   globalThis.crypto.getRandomValues(array);
   const random = (((_a = array[0]) != null ? _a : 0) % 1e6).toString().padStart(6, "0");