@abtnode/blocklet-services 1.16.37-beta-20250104-120451-e4049aeb → 1.16.37-beta-20250106-134442-ea92021c

package/LICENSE

@@ -1,4 +1,4 @@
-Copyright 2018-2020 ArcBlock
+Copyright 2018-2025 ArcBlock
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

package/api/index.js

@@ -416,6 +416,7 @@ module.exports = function createServer(node, serverOptions = {}) {
   createConnectRelayRoutes.init(server, node, options, wsRouter);
   authRoutes.attachDidAuthHandlers(server);
   authRoutes.createPassportRoutes.init(server, node);
+  authRoutes.createPasskeyRoutes.init(server, node);
   authRoutes.createCommonRoutes.init(server, node);
 
   // API: gql

package/api/libs/auth/utils.js

@@ -33,38 +33,40 @@ async function transferPassport(fromUser, toUser, { req, teamDid, node, nodeInfo
     return;
   }
 
-  const attachments = waitPassportList.map((x) => {
-    const vcParams = {
-      issuerName,
-      issuerWallet,
-      ownerDid: toUser.did,
-      passport: { ...pick(x, ['name', 'title', 'specVersion']), endpoint: x.endpoint || blockletInfo.appUrl },
-      endpoint: getPassportStatusEndpoint({
-        baseUrl: x.endpoint || blockletInfo.appUrl,
-        userDid: toUser.did,
-        teamDid,
-      }),
-      ownerProfile: {
-        email: toUser.email,
-        fullName: toUser.fullName,
-        avatar: getUserAvatarUrl(x.endpoint || blockletInfo.appUrl, toUser.avatar),
-      },
-      preferredColor: passportColor,
-      types: teamDid === nodeInfo.did ? [VC_TYPE_NODE_PASSPORT] : x.types,
-      purpose: teamDid === nodeInfo.did || isEmpty(x.types) ? 'login' : 'verification',
-      display: x.display,
-    };
-
-    const vc = createPassportVC(vcParams);
-    return {
-      type: 'vc',
-      data: {
-        credential: vc,
-        tag: x.name,
+  const attachments = await Promise.all(
+    waitPassportList.map(async (x) => {
+      const vcParams = {
+        issuerName,
+        issuerWallet,
+        ownerDid: toUser.did,
+        passport: { ...pick(x, ['name', 'title', 'specVersion']), endpoint: x.endpoint || blockletInfo.appUrl },
+        endpoint: getPassportStatusEndpoint({
+          baseUrl: x.endpoint || blockletInfo.appUrl,
+          userDid: toUser.did,
+          teamDid,
+        }),
+        ownerProfile: {
+          email: toUser.email,
+          fullName: toUser.fullName,
+          avatar: getUserAvatarUrl(x.endpoint || blockletInfo.appUrl, toUser.avatar),
+        },
+        preferredColor: passportColor,
+        types: teamDid === nodeInfo.did ? [VC_TYPE_NODE_PASSPORT] : x.types,
+        purpose: teamDid === nodeInfo.did || isEmpty(x.types) ? 'login' : 'verification',
         display: x.display,
-      },
-    };
-  });
+      };
+
+      const vc = await createPassportVC(vcParams);
+      return {
+        type: 'vc',
+        data: {
+          credential: vc,
+          tag: x.name,
+          display: x.display,
+        },
+      };
+    })
+  );
   const insertPassportList = attachments.map((item, index) => {
     return {
       ...createUserPassport(item.data.credential, { role: item.data.tag, display: item.data.display }),

package/api/libs/connect/session.js

@@ -393,7 +393,7 @@ module.exports = {
 
         const profile = claims.find((x) => x.type === 'profile');
 
-        vc = createPassportVC({
+        vc = await createPassportVC({
           issuerName: name,
           issuerWallet: wallet,
           issuerAvatarUrl: getAppAvatarUrl(baseUrl),

package/api/routes/blocklet.js

@@ -244,7 +244,7 @@ module.exports = {
         const hasOwnerPassport = (user.passports || []).some((x) => x.name === role);
         if (hasOwnerPassport === false) {
           // create vc
-          const vc = createPassportVC({
+          const vc = await createPassportVC({
             issuerName: name,
             issuerWallet: wallet,
             issuerAvatarUrl: getAppAvatarUrl(appUrl),

package/api/routes/oauth.js

@@ -1,27 +1,25 @@
 const { handleInvitationReceive, getApplicationInfo } = require('@abtnode/auth/lib/auth');
-const { upsertToPassports, createPassportSvg } = require('@abtnode/auth/lib/passport');
+const { createPassportList, createPassportSwitcher } = require('@abtnode/auth/lib/oauth');
 const {
   WELLKNOWN_SERVICE_PATH_PREFIX,
   PASSPORT_STATUS,
   ROLES,
   SECURITY_RULE_DEFAULT_ID,
 } = require('@abtnode/constant');
-const { extractUserAvatar, getUserAvatarUrl, getAppAvatarUrl } = require('@abtnode/util/lib/user');
+const { extractUserAvatar, getUserAvatarUrl } = require('@abtnode/util/lib/user');
 const { fromAppDid } = require('@arcblock/did-ext');
-const { getBlockletAppIdList } = require('@blocklet/meta/lib/util');
-const uniq = require('lodash/uniq');
 const last = require('lodash/last');
 const pick = require('lodash/pick');
 const sortBy = require('lodash/sortBy');
 const cloneDeep = require('lodash/cloneDeep');
 const { joinURL } = require('ufo');
+const { upsertToPassports } = require('@abtnode/auth/lib/passport');
 const { getWalletDid, getConnectedAccounts, getSourceProvider } = require('@blocklet/meta/lib/did-utils');
 const formatContext = require('@abtnode/util/lib/format-context');
 const createTranslator = require('@abtnode/util/lib/translate');
 const getRequestIP = require('@abtnode/util/lib/get-request-ip');
 const CustomError = require('@abtnode/util/lib/custom-error');
 const { LOGIN_PROVIDER } = require('@blocklet/constant');
-const { getActivePassports } = require('@abtnode/util/lib/passport');
 const { withHttps, withTrailingSlash } = require('ufo');
 
 const logger = require('../libs/logger')('oauth');
@@ -768,67 +766,25 @@ async function unbind(req, node) {
 }
 
 module.exports = {
-  init(server, node, options) {
-    server.get(`${prefixApi}/configs`, async (req, res) => {
+  checkUser,
+
+  init(router, node, options) {
+    const { createSessionToken } = initJwt(node, options);
+
+    router.get(`${prefixApi}/configs`, async (req, res) => {
       const blocklet = await req.getBlocklet();
       const oauthConfig = blocklet?.settings?.oauth || {};
       res.send(oauthConfig);
     });
 
-    server.get(`${prefixApi}/passports`, checkUser, async (req, res) => {
-      const userDid = req.user.did;
-      const blockletInfo = await req.getBlockletInfo();
-      const nodeInfo = await req.getNodeInfo();
-      const { did: teamDid, wallet: blockletWallet, appUrl } = blockletInfo;
-      const { passportColor } = await getApplicationInfo({ node, nodeInfo, teamDid });
-      const issuerDidList = uniq([blockletWallet.address, ...getBlockletAppIdList(blockletInfo)]);
-      // NOTICE: 这里获取的 did 是当前登录用户的永久 did，无需查询 connectedAccount
-      const user = await node.getUser({ teamDid, user: { did: userDid } });
-      let ownerAvatarUrl = getUserAvatarUrl(appUrl, user.avatar);
-      try {
-        // FIXME: @zhanghan 暂时将 imageFilter 等 queryString 参数移除
-        const ownerAvatarUrlInstance = new URL(ownerAvatarUrl);
-        ownerAvatarUrlInstance.search = '';
-        ownerAvatarUrl = ownerAvatarUrlInstance.href;
-      } catch {
-        /* empty */
-      }
-      let issuerAvatarUrl = getAppAvatarUrl(appUrl);
-      try {
-        // FIXME: @zhanghan 暂时将 imageFilter 等 queryString 参数移除
-        const issuerAvatarUrlInstance = new URL(issuerAvatarUrl);
-        issuerAvatarUrlInstance.search = '';
-        issuerAvatarUrl = issuerAvatarUrlInstance.href;
-      } catch {
-        /* empty */
-      }
+    router.get(`${prefixApi}/passports`, checkUser, createPassportList(node, 'service'));
+    router.post(
+      `${prefixApi}/switch`,
+      checkUser,
+      createPassportSwitcher(node, createTokenFn(createSessionToken), 'service')
+    );
 
-      const { passports = [] } = user || {};
-      const passportTypes = getActivePassports({ passports }, issuerDidList).map((x) => {
-        return {
-          ...pick(x, ['id', 'name', 'title', 'role', 'scope', 'role']),
-          display:
-            x.scope === 'custom'
-              ? x.display
-              : createPassportSvg({
-                  scope: x.scope,
-                  role: x.role,
-                  title: x.scope === 'kyc' ? x.name : x.title,
-                  issuer: x.issuer.name,
-                  issuerDid: x.issuer.id,
-                  issuerAvatarUrl,
-                  ownerName: user?.fullName,
-                  ownerDid: userDid,
-                  ownerAvatarUrl,
-                  isDataUrl: true,
-                  preferredColor: passportColor || 'auto',
-                }),
-        };
-      });
-      res.send(passportTypes);
-    });
-
-    server.post(`${prefixApi}/bind`, checkUser, async (req, res) => {
+    router.post(`${prefixApi}/bind`, checkUser, async (req, res) => {
       try {
         await bind(req, node, options);
         res.status(200).json({});
@@ -842,7 +798,7 @@ module.exports = {
       }
     });
 
-    server.post(`${prefixApi}/unbind`, checkUser, async (req, res) => {
+    router.post(`${prefixApi}/unbind`, checkUser, async (req, res) => {
       try {
         await unbind(req, node, options);
         res.status(200).json({});
@@ -856,58 +812,12 @@ module.exports = {
       }
     });
 
-    server.post(`${prefixApi}/switch`, checkUser, async (req, res) => {
-      const { did: userDid, provider } = req.user;
-      const { passportId } = req.body;
-      const blocklet = await req.getBlocklet();
-      const { did: teamDid, secret } = await req.getBlockletInfo();
-      // NOTICE: 这里获取的 did 是当前登录用户的永久 did，无需查询 connectedAccount
-      const user = await node.getUser({ teamDid, user: { did: userDid } });
-      const { passports = [] } = user || {};
-      const passport = passportId
-        ? passports.find((item) => item.id === passportId)
-        : { name: 'Guest', role: 'guest', scope: 'passport' };
-      await node.createAuditLog(
-        {
-          action: 'switchPassport',
-          args: { teamDid, userDid, passport, provider: user?.sourceProvider },
-          context: formatContext(Object.assign(req, { user })),
-          result: user,
-        },
-        node
-      );
-      const { createSessionToken } = initJwt(node, options);
-      const createToken = createTokenFn(createSessionToken);
-      const sessionConfig = blocklet.settings?.session || {};
-      const { sessionToken, refreshToken } = createToken(
-        userDid,
-        {
-          secret,
-          passport,
-          role: passport.scope === 'passport' ? passport.role : ROLES.GUEST,
-          fullName: user?.fullName,
-          provider,
-          walletOS: 'web',
-          emailVerified: !!user?.emailVerified,
-          phoneVerified: !!user?.phoneVerified,
-        },
-        { ...sessionConfig, didConnectVersion: getDidConnectVersion(req) }
-      );
-
-      // for backward compatibility
-      if (!getDidConnectVersion(req)) {
-        res.status(200).send(sessionToken);
-      }
-
-      res.status(200).json({ sessionToken, refreshToken });
-    });
-
     /**
      * oauth 方式登录
      * 1. 普通配置下，登录/注册是同样的流程，登录过程中会自动注册账号
      * 2. 仅邀请可登录模式下，只允许登录，不允许注册
      */
-    server.post(`${prefixApi}/login`, async (req, res) => {
+    router.post(`${prefixApi}/login`, async (req, res) => {
       const { action = 'login' } = req.body;
       const actionMap = {
         login,
@@ -931,7 +841,7 @@ module.exports = {
       }
     });
 
-    server.post(`${prefixApi}/getUser`, async (req, res) => {
+    router.post(`${prefixApi}/getUser`, async (req, res) => {
       const { provider, token, idToken, code, appPid } = req.body;
       const blocklet = await req.getBlocklet();
       const oauthInfo = await getOAuthUserInfo({ blocklet, provider, token, idToken, code, appPid });
@@ -959,7 +869,7 @@ module.exports = {
       };
     };
 
-    server.get(`${prefix}/login/:provider`, checkReferrerMiddleware(), async (req, res) => {
+    router.get(`${prefix}/login/:provider`, checkReferrerMiddleware(), async (req, res) => {
       const { provider } = req.params;
       const blocklet = await req.getBlocklet();
       const availableProviderList = Object.keys(blocklet.settings?.oauth).filter(
@@ -977,7 +887,7 @@ module.exports = {
 
     // HACK: apple 需要特殊处理，callback 使用的是 post 请求返回的，通过特殊处理转为 get 请求，转由前端继续处理
     // 此处改为所有 provider 都兼容的模式
-    server.post(`${prefix}/callback/:provider`, (req, res) => {
+    router.post(`${prefix}/callback/:provider`, (req, res) => {
       /**
        * @type {{code?: string, user?: {name: {firstName: string, lastName: string}, email: string}}}
        */

package/api/routes/user.js

@@ -4,13 +4,13 @@ const { fromAppDid } = require('@arcblock/did-ext');
 const { extractUserAvatar } = require('@abtnode/util/lib/user');
 const formatContext = require('@abtnode/util/lib/format-context');
 const createTranslator = require('@abtnode/util/lib/translate');
+const { fromBase64 } = require('@ocap/util');
 const { isFromPublicKey } = require('@arcblock/did');
 const { LOGIN_PROVIDER } = require('@blocklet/constant');
-const sortBy = require('lodash/sortBy');
-const head = require('lodash/head');
 const pick = require('lodash/pick');
 const merge = require('lodash/merge');
 const omitBy = require('lodash/omitBy');
+const { getLastUsedPassport } = require('@abtnode/auth/lib/passport');
 const { verify, decode } = require('@arcblock/jwt');
 const { getWallet } = require('@blocklet/meta/lib/did-utils');
 const { Joi } = require('@arcblock/validator');
@@ -33,7 +33,12 @@ const { Profile } = require('../state/profile');
 
 const validateUser = (user) => {
   try {
-    return user && user.did && user.pk && isFromPublicKey(user.did, user.pk);
+    return (
+      user &&
+      user.did &&
+      user.pk &&
+      (isFromPublicKey(user.did, user.pk) || isFromPublicKey(user.did, fromBase64(user.pk)))
+    );
   } catch (e) {
     return false;
   }
@@ -524,28 +529,7 @@ module.exports = {
       const { createSessionToken } = initJwt(node, options);
       const createToken = createTokenFn(createSessionToken);
       const sessionConfig = blocklet.settings?.session || {};
-      const passports = currentUser?.passports || [];
-
-      let passport = null;
-      if (passportId) {
-        passport = passports.find((x) => x.status === 'valid' && x.passportId === passportId);
-      }
-      if (!passport) {
-        const now = new Date().getTime();
-        passport = head(
-          sortBy(passports, (x) => {
-            const lastLoginAt = new Date(x.lastLoginAt).getTime();
-            if (typeof lastLoginAt === 'number') {
-              return now - lastLoginAt;
-            }
-            return now;
-          })
-        );
-      }
-
-      if (!passport) {
-        passport = { name: 'Guest', role: 'guest' };
-      }
+      const passport = getLastUsedPassport(currentUser?.passports || [], passportId);
 
       const lastLoginIp = getRequestIP(req);
       const loggedInUser = await node.loginUser({

package/api/services/auth/connect/receive-transfer-app-owner.js

@@ -236,8 +236,7 @@ module.exports = function createRoutes(node, _, createSessionToken) {
         preferredColor: passportColor,
       };
 
-      const vc = createPassportVC(vcParams);
-
+      const vc = await createPassportVC(vcParams);
       const role = getRoleFromLocalPassport(get(vc, 'credentialSubject.passport'));
       const passport = createUserPassport(vc, { role });
 

package/api/services/auth/connect/setup.js

@@ -30,7 +30,7 @@ const checkOwner = async ({ node, userDid, blocklet }) => {
   return user;
 };
 
-module.exports = function createRoutes(node, _authenticator, createSessionToken) {
+module.exports = function createRoutes(node, authenticator, createSessionToken) {
   return {
     action: 'setup',
     onConnect: async ({ req, userDid, extraParams: { locale } }) => {
@@ -113,7 +113,12 @@ module.exports = function createRoutes(node, _authenticator, createSessionToken)
 
         // Generate new session token that client can save to localStorage
         // HACK: 此处没有 passportId，所以特意不设置 refreshToken，失效后下次登录就能选择合适的 passport
-        const sessionToken = await createSessionToken(userDid, { secret, role: 'owner', fullName: profile?.fullName });
+        const sessionToken = await createSessionToken(userDid, {
+          secret,
+          role: 'owner',
+          fullName: profile?.fullName,
+          elevated: true,
+        });
         await updateSession({ sessionToken }, true);
         logger.info('setup.connect.success', { userDid });
       } catch (err) {

package/api/services/auth/connect/verify-destroy.js

@@ -1,6 +1,6 @@
 const { messages } = require('@abtnode/auth/lib/auth');
-const { authenticateByVc, getVerifyAccessClaims } = require('@abtnode/auth/lib/server');
-const { ROLES, MFA_PROTECTED_METHODS } = require('@abtnode/constant');
+const { authenticateByVc, getVerifyAccessClaims, validateVerifyDestroyRequest } = require('@abtnode/auth/lib/server');
+const { ROLES } = require('@abtnode/constant');
 const { getSourceAppPid } = require('@blocklet/sdk/lib/util/login');
 const { fromBase64 } = require('@ocap/util');
 const { LOGIN_PROVIDER } = require('@blocklet/constant');
@@ -26,20 +26,7 @@ module.exports = function createRoutes(node, authenticator, createSessionToken)
         throw new Error(messages.notAuthorized[locale]);
       }
 
-      // ensure payload is valid
-      const parsed = JSON.parse(fromBase64(payload).toString());
-      if (!MFA_PROTECTED_METHODS.includes(parsed.action)) {
-        throw new Error(messages.notAllowed[locale]);
-      }
-
-      // ensure roles are valid
-      const expected = roles
-        .split(',')
-        .map((x) => x.trim())
-        .filter(Boolean);
-      if (expected.some((x) => !ALLOWED_ROLES.includes(x))) {
-        throw new Error(messages.notAllowed[locale]);
-      }
+      const expected = validateVerifyDestroyRequest({ payload, roles, locale, allowedRoles: ALLOWED_ROLES });
 
       const sourceAppPid = getSourceAppPid(request);
       return {

package/api/services/auth/index.js

@@ -37,6 +37,7 @@ const createVerifyDestroyAuth = require('./connect/verify-destroy');
 const createReceiveTransferAppOwnerRoutes = require('./connect/receive-transfer-app-owner');
 const createSessionRoutes = require('./session');
 const createPassportRoutes = require('./passport');
+const createPasskeyRoutes = require('./passkey');
 const { getRedirectUrl, shouldIgnoreUrl, redirectWithoutCache } = require('../../util');
 const { createConnectToDidSpacesForUserRoute } = require('./connect/connect-to-did-spaces-for-user');
 const { isEmailKycRequired, isPhoneKycRequired } = require('../../libs/kyc');
@@ -249,6 +250,9 @@ const init = ({ node, options }) => {
 
   // public http api
   routes.createPassportRoutes = createPassportRoutes;
+  routes.createPasskeyRoutes = {
+    init: (router) => createPasskeyRoutes.init(router, node, options, createSessionToken),
+  };
   routes.createSessionRoutes = {
     // eslint-disable-next-line no-shadow
     init: (router, node) =>

package/api/services/auth/passkey.js

@@ -0,0 +1,31 @@
+const { createPasskeyHandlers } = require('@abtnode/auth/lib/passkey');
+const { WELLKNOWN_SERVICE_PATH_PREFIX } = require('@abtnode/constant');
+const { createPassportList, createPassportSwitcher } = require('@abtnode/auth/lib/oauth');
+const { createTokenFn } = require('../../util');
+const { checkUser } = require('../../routes/oauth');
+
+module.exports = {
+  init(router, node, options, createSessionToken) {
+    const createToken = createTokenFn(createSessionToken);
+
+    const {
+      ensurePasskeySession,
+      ensureUser,
+      handleRegisterRequest,
+      handleRegisterResponse,
+      handleAuthRequest,
+      handleAuthResponse,
+    } = createPasskeyHandlers(node, 'service', createToken);
+
+    const prefix = `${WELLKNOWN_SERVICE_PATH_PREFIX}/api/passkey`;
+
+    router.get(`${prefix}/register`, handleRegisterRequest);
+    router.post(`${prefix}/register`, ensurePasskeySession, handleRegisterResponse);
+    router.get(`${prefix}/auth`, ensureUser, handleAuthRequest);
+    router.post(`${prefix}/auth`, ensurePasskeySession, handleAuthResponse);
+
+    // Following routes are same as oauth routes
+    router.get(`${prefix}/passports`, checkUser, createPassportList(node, 'service'));
+    router.post(`${prefix}/switch`, checkUser, createPassportSwitcher(node, createToken, 'service'));
+  },
+};

package/api/services/auth/passport.js

@@ -2,8 +2,8 @@ const { getPassportStatus } = require('@abtnode/auth/lib/auth');
 const { WELLKNOWN_SERVICE_PATH_PREFIX } = require('@abtnode/constant');
 
 module.exports = {
-  init(server, node) {
-    server.get(`${WELLKNOWN_SERVICE_PATH_PREFIX}/api/passport/status`, async (req, res) => {
+  init(router, node) {
+    router.get(`${WELLKNOWN_SERVICE_PATH_PREFIX}/api/passport/status`, async (req, res) => {
       const { vcId, userDid, locale } = req.query;
       const teamDid = req.headers['x-blocklet-did'];
 

package/api/services/notification/index.js

@@ -23,14 +23,15 @@ const authenticateConnect = (req, cb) => {
     return;
   }
 
-  if (!JWT.verify(token, pk)) {
-    cb(new Error('token verify failed'));
-    return;
-  }
-
-  const decoded = JWT.decode(token);
-  const info = getTokenInfo(decoded);
-  cb(null, info);
+  JWT.verify(token, pk)
+    .then(() => {
+      const decoded = JWT.decode(token);
+      const info = getTokenInfo(decoded);
+      cb(null, info);
+    })
+    .catch((err) => {
+      cb(err, null);
+    });
 };
 
 const authenticateJoinChannel = async ({ topic: channel, payload, node }) => {
@@ -45,7 +46,7 @@ const authenticateJoinChannel = async ({ topic: channel, payload, node }) => {
   // so we need to support token is valid for one day
   const tolerance = 3600 * 24;
 
-  if (!JWT.verify(payload.token, payload.pk, { tolerance })) {
+  if (!(await JWT.verify(payload.token, payload.pk, { tolerance }))) {
     throw new Error(`verify did failed: ${info.did}`);
   }
 

package/api/socket/util.js

@@ -60,7 +60,7 @@ const ensureSenderApp = async ({ sender, node, nodeInfo }) => {
   }
 
   const { wallet } = appInfo;
-  if (!JWT.verify(sender.token, wallet.publicKey)) {
+  if (!(await JWT.verify(sender.token, wallet.publicKey))) {
     throw new Error(`Invalid authentication token for sender blocklet: ${sender.appDid}`);
   }
 

package/api/util/attach-shared-utils.js

@@ -159,6 +159,7 @@ module.exports = ({ node, req, options }) => {
         };
 
         const user = await verifySessionToken(token, secret, opt);
+
         if (user && visitorId) {
           const [userSession] = await node.getUserSession({
             teamDid,
@@ -166,14 +167,14 @@ module.exports = ({ node, req, options }) => {
             userDid: user.did,
             visitorId,
           });
-          if (!userSession) return;
-
-          req.userSession = userSession;
+          if (userSession) {
+            req.userSession = userSession;
+          }
         }
         req.user = user;
       }
     } catch (error) {
-      logger.debug('Failed to ensureUser', { error });
+      console.error('Failed to ensureUser', error);
     }
   };
 

package/api/util/index.js

@@ -84,6 +84,7 @@ const getRedirectUrl = ({ req, pagePath, params = {} }) => {
   const launchType = redirectUrlObj.searchParams.get('launchType');
   const chainHost = redirectUrlObj.searchParams.get('chainHost');
   const visitorId = redirectUrlObj.searchParams.get('visitorId');
+  const inviter = redirectUrlObj.searchParams.get('inviter');
 
   const nftId = redirectUrlObj.searchParams.get('nftId');
   redirectUrlObj.searchParams.delete('__start__');
@@ -133,6 +134,10 @@ const getRedirectUrl = ({ req, pagePath, params = {} }) => {
     url.searchParams.set('visitorId', visitorId);
   }
 
+  if (inviter) {
+    url.searchParams.set('inviter', inviter);
+  }
+
   Object.keys(params).forEach((key) => {
     if (params[key] === undefined) {
       return;

package/dist/assets/Add-BWCYHsqO.js

@@ -0,0 +1 @@
+import{a1 as r,j as a}from"./vendor-mui-core-BHQ3rDZc.js";import{ai as t}from"./vendor-arcblock-DrV4Yh4h.js";var e={},o=r;Object.defineProperty(e,"__esModule",{value:!0});var u=e.default=void 0,d=o(t()),v=a;u=e.default=(0,d.default)((0,v.jsx)("path",{d:"M19 13h-6v6h-2v-6H5v-2h6V5h2v6h6z"}),"Add");export{u as d};

package/dist/assets/ArrowDropDown-BpEWICfl.js

@@ -0,0 +1 @@
+import{a1 as r,j as a}from"./vendor-mui-core-BHQ3rDZc.js";import{ai as t}from"./vendor-arcblock-DrV4Yh4h.js";var e={},o=r;Object.defineProperty(e,"__esModule",{value:!0});var u=e.default=void 0,i=o(t()),p=a;u=e.default=(0,i.default)((0,p.jsx)("path",{d:"m7 10 5 5 5-5z"}),"ArrowDropDown");export{u as d};

package/dist/assets/CheckCircle-CwD9Ke3p.js

@@ -0,0 +1 @@
+import{a1 as r,j as a}from"./vendor-mui-core-BHQ3rDZc.js";import{ai as t}from"./vendor-arcblock-DrV4Yh4h.js";var e={},i=r;Object.defineProperty(e,"__esModule",{value:!0});var o=e.default=void 0,u=i(t()),l=a;o=e.default=(0,u.default)((0,l.jsx)("path",{d:"M12 2C6.48 2 2 6.48 2 12s4.48 10 10 10 10-4.48 10-10S17.52 2 12 2m-2 15-5-5 1.41-1.41L10 14.17l7.59-7.59L19 8z"}),"CheckCircle");export{o as d};

package/dist/assets/ChevronLeft-DSkEbRl3.js

@@ -0,0 +1 @@
+import{a1 as r,j as t}from"./vendor-mui-core-BHQ3rDZc.js";import{ai as a}from"./vendor-arcblock-DrV4Yh4h.js";var e={},o=r;Object.defineProperty(e,"__esModule",{value:!0});var u=e.default=void 0,i=o(a()),f=t;u=e.default=(0,i.default)((0,f.jsx)("path",{d:"M15.41 7.41 14 6l-6 6 6 6 1.41-1.41L10.83 12z"}),"ChevronLeft");export{u as d};

package/dist/assets/ChevronRight-D0L8yvDK.js

@@ -0,0 +1 @@
+import{a1 as r,j as t}from"./vendor-mui-core-BHQ3rDZc.js";import{ai as a}from"./vendor-arcblock-DrV4Yh4h.js";var e={},o=r;Object.defineProperty(e,"__esModule",{value:!0});var i=e.default=void 0,u=o(a()),v=t;i=e.default=(0,u.default)((0,v.jsx)("path",{d:"M10 6 8.59 7.41 13.17 12l-4.58 4.59L10 18l6-6z"}),"ChevronRight");export{i as d};

package/dist/assets/DeleteOutline-CXidpj4T.js

@@ -0,0 +1 @@
+import{a1 as t,j as r}from"./vendor-mui-core-BHQ3rDZc.js";import{ai as a}from"./vendor-arcblock-DrV4Yh4h.js";var e={},u=t;Object.defineProperty(e,"__esModule",{value:!0});var i=e.default=void 0,o=u(a()),l=r;i=e.default=(0,o.default)((0,l.jsx)("path",{d:"M6 19c0 1.1.9 2 2 2h8c1.1 0 2-.9 2-2V7H6zM8 9h8v10H8zm7.5-5-1-1h-5l-1 1H5v2h14V4z"}),"DeleteOutline");export{i as d};

package/dist/assets/Done-C64D3evS.js

@@ -0,0 +1 @@
+import{a1 as r,j as a}from"./vendor-mui-core-BHQ3rDZc.js";import{ai as t}from"./vendor-arcblock-DrV4Yh4h.js";var e={},o=r;Object.defineProperty(e,"__esModule",{value:!0});var u=e.default=void 0,i=o(t()),l=a;u=e.default=(0,i.default)((0,l.jsx)("path",{d:"M9 16.2 4.8 12l-1.4 1.4L9 19 21 7l-1.4-1.4z"}),"Done");export{u as d};

package/dist/assets/Download-Dw32CPvU.js

@@ -0,0 +1 @@
+import{a1 as a,j as r}from"./vendor-mui-core-BHQ3rDZc.js";import{ai as t}from"./vendor-arcblock-DrV4Yh4h.js";var e={},o=a;Object.defineProperty(e,"__esModule",{value:!0});var u=e.default=void 0,i=o(t()),d=r;u=e.default=(0,i.default)((0,d.jsx)("path",{d:"M5 20h14v-2H5zM19 9h-4V3H9v6H5l7 7z"}),"Download");export{u as d};

package/dist/assets/EditIcon-tG6wkTV8.js

@@ -0,0 +1 @@
+import{r as f}from"./vendor-react-D-afvo_7.js";import{j as s}from"./vendor-mui-core-BHQ3rDZc.js";var o={};Object.defineProperty(o,"__esModule",{value:!0});var l=o.default=void 0;b(f);var u=s;function b(e){return e&&e.__esModule?e:{default:e}}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter(function(p){return Object.getOwnPropertyDescriptor(e,p).enumerable})),r.push.apply(r,n)}return r}function c(e){for(var t=1;t<arguments.length;t++){var r=arguments[t]!=null?arguments[t]:{};t%2?a(Object(r),!0).forEach(function(n){m(e,n,r[n])}):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(r)):a(Object(r)).forEach(function(n){Object.defineProperty(e,n,Object.getOwnPropertyDescriptor(r,n))})}return e}function m(e,t,r){return(t=y(t))in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function y(e){var t=d(e,"string");return typeof t=="symbol"?t:t+""}function d(e,t){if(typeof e!="object"||!e)return e;var r=e[Symbol.toPrimitive];if(r!==void 0){var n=r.call(e,t||"default");if(typeof n!="object")return n;throw new TypeError("@@toPrimitive must return a primitive value.")}return(t==="string"?String:Number)(e)}var i=function(t){return(0,u.jsx)("svg",c(c({},t),{},{children:(0,u.jsx)("path",{d:"M6.03984 17.625C6.08672 17.625 6.13359 17.6203 6.18047 17.6133L10.1227 16.9219C10.1695 16.9125 10.2141 16.8914 10.2469 16.8563L20.182 6.92109C20.2038 6.89941 20.221 6.87366 20.2328 6.8453C20.2445 6.81695 20.2506 6.78656 20.2506 6.75586C20.2506 6.72516 20.2445 6.69477 20.2328 6.66642C20.221 6.63806 20.2038 6.61231 20.182 6.59063L16.2867 2.69297C16.2422 2.64844 16.1836 2.625 16.1203 2.625C16.057 2.625 15.9984 2.64844 15.9539 2.69297L6.01875 12.6281C5.98359 12.6633 5.9625 12.7055 5.95312 12.7523L5.26172 16.6945C5.23892 16.8201 5.24707 16.9493 5.28545 17.071C5.32384 17.1927 5.39132 17.3032 5.48203 17.393C5.63672 17.543 5.83125 17.625 6.03984 17.625ZM7.61953 13.5375L16.1203 5.03906L17.8383 6.75703L9.3375 15.2555L7.25391 15.6234L7.61953 13.5375ZM20.625 19.5938H3.375C2.96016 19.5938 2.625 19.9289 2.625 20.3438V21.1875C2.625 21.2906 2.70937 21.375 2.8125 21.375H21.1875C21.2906 21.375 21.375 21.2906 21.375 21.1875V20.3438C21.375 19.9289 21.0398 19.5938 20.625 19.5938Z"})}))};i.defaultProps={width:"24",height:"24",viewBox:"0 0 24 24",xmlns:"http://www.w3.org/2000/svg"};i.displayName="edit";l=o.default=i;export{l as d};

package/dist/assets/Error-DJ3gIUKv.js

@@ -0,0 +1 @@
+import{a1 as r,j as a}from"./vendor-mui-core-BHQ3rDZc.js";import{ai as t}from"./vendor-arcblock-DrV4Yh4h.js";var e={},o=r;Object.defineProperty(e,"__esModule",{value:!0});var u=e.default=void 0,i=o(t()),s=a;u=e.default=(0,i.default)((0,s.jsx)("path",{d:"M12 2C6.48 2 2 6.48 2 12s4.48 10 10 10 10-4.48 10-10S17.52 2 12 2m1 15h-2v-2h2zm0-4h-2V7h2z"}),"Error");export{u as d};