npm - @basictech/react - Versions diffs - 0.7.0-beta.1 → 0.7.0-beta.3 - Mend

@basictech/react 0.7.0-beta.1 → 0.7.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/AUTH_IMPLEMENTATION_GUIDE.md +2009 -0
package/changelog.md +12 -0
package/dist/index.d.mts +1 -0
package/dist/index.d.ts +1 -0
package/dist/index.js +362 -363
package/dist/index.js.map +1 -1
package/dist/index.mjs +360 -351
package/dist/index.mjs.map +1 -1
package/package.json +1 -1
package/src/AuthContext.tsx +242 -404
package/src/index.ts +11 -32
package/src/sync/index.ts +1 -1
package/src/updater/updateMigrations.ts +22 -0
package/src/updater/versionUpdater.ts +160 -0
package/src/utils/network.ts +82 -0
package/src/utils/schema.ts +120 -0
package/src/utils/storage.ts +63 -0
package/src/schema.ts +0 -159

package/src/AuthContext.tsx CHANGED Viewed

@@ -2,31 +2,28 @@ import React, { createContext, useContext, useEffect, useState, useRef } from 'r
 import { jwtDecode } from 'jwt-decode'
 import { BasicSync } from './sync'
-import { get, add, update, deleteRecord } from './db'
-import { validateSchema, compareSchemas } from '@basictech/schema'
 import { log } from './config'
-import {version as currentVersion} from '../package.json'
-export interface BasicStorage {
-    get(key: string): Promise<string | null>
-    set(key: string, value: string): Promise<void>
-    remove(key: string): Promise<void>
+import { version as currentVersion } from '../package.json'
+import { createVersionUpdater } from './updater/versionUpdater'
+import { getMigrations } from './updater/updateMigrations'
+import { BasicStorage, LocalStorageAdapter, STORAGE_KEYS, getCookie, setCookie, clearCookie } from './utils/storage'
+import { isDevelopment, checkForNewVersion, cleanOAuthParamsFromUrl, getSyncStatus } from './utils/network'
+import { getSchemaStatus, validateAndCheckSchema } from './utils/schema'
+export type { BasicStorage, LocalStorageAdapter } from './utils/storage'
+export type AuthConfig = {
+    scopes?: string | string[];
+    server_url?: string;
 }
-export class LocalStorageAdapter implements BasicStorage {
-    async get(key: string): Promise<string | null> {
-        return localStorage.getItem(key)
-    }
-    async set(key: string, value: string): Promise<void> {
-        localStorage.setItem(key, value)
-    }
-    async remove(key: string): Promise<void> {
-        localStorage.removeItem(key)
-    }
+const DEFAULT_AUTH_CONFIG: Required<AuthConfig> = {
+    scopes: 'profile email app:admin',
+    server_url: 'https://api.basic.tech'
 }
 type BasicSyncType = {
     basic_schema: any;
     connect: (options: { access_token: string }) => void;
@@ -92,171 +89,26 @@ export const BasicContext = createContext<{
     dbStatus: DBStatus.LOADING
 });
-const EmptyDB: BasicSyncType = {
-    basic_schema: {},
-    connect: () => {},
-    debugeroo: () => {},
-    isOpen: false,
-    collection: () => {
-        return {
-            ref: {
-                toArray: () => Promise.resolve([]),
-                count: () => Promise.resolve(0)
-            }
-        }
-    }
-}
-async function getSchemaStatus(schema: any) {
-    const projectId = schema.project_id
-    let status = ''
-    const valid = validateSchema(schema)
-    if (!valid.valid) {
-        console.warn('BasicDB Error: your local schema is invalid. Please fix errors and try again - sync is disabled')
-        return {
-            valid: false,
-            status: 'invalid',
-            latest: null
-        }
-    }
-    const latestSchema = await fetch(`https://api.basic.tech/project/${projectId}/schema`)
-    .then(res => res.json())
-    .then(data => data.data[0].schema)
-    .catch(err => {
-        return {
-            valid: false,
-            status: 'error',
-            latest: null
-        }
-    })
-    console.log('latestSchema', latestSchema)
-    if (!latestSchema.version) {
-        return {
-            valid: false,
-            status: 'error',
-            latest: null
-        }
-    }
-    if (latestSchema.version > schema.version) {
-        // error_code: schema_behind
-        console.warn('BasicDB Error: your local schema version is behind the latest. Found version:', schema.version, 'but expected', latestSchema.version, " - sync is disabled")
-        return {
-            valid: false,
-            status: 'behind',
-            latest: latestSchema
-        }
-    } else if (latestSchema.version < schema.version) {
-        // error_code: schema_ahead
-        console.warn('BasicDB Error: your local schema version is ahead of the latest. Found version:', schema.version, 'but expected', latestSchema.version, " - sync is disabled")
-        return {
-            valid: false,
-            status: 'ahead',
-            latest: latestSchema
-        }
-    } else if (latestSchema.version === schema.version) {
-        const changes = compareSchemas(schema, latestSchema)
-        if (changes.valid) {
-            return {
-                valid: true,
-                status: 'current',
-                latest: latestSchema
-            }
-        } else {
-            // error_code: schema_conflict
-            console.warn('BasicDB Error: your local schema is conflicting with the latest. Your version:', schema.version, 'does not match origin version', latestSchema.version, " - sync is disabled")
-            return {
-                valid: false,
-                status: 'conflict',
-                latest: latestSchema
-            }
-        }
-    } else {
-        return {
-            valid: false,
-            status: 'error',
-            latest: null
-        }
-    }
-}
-function getSyncStatus(statusCode: number): string {
-    switch (statusCode) {
-        case -1:
-            return "ERROR";
-        case 0:
-            return "OFFLINE";
-        case 1:
-            return "CONNECTING";
-        case 2:
-            return "ONLINE";
-        case 3:
-            return "SYNCING";
-        case 4:
-            return "ERROR_WILL_RETRY";
-        default:
-            return "UNKNOWN";
-    }
-}
 type ErrorObject = {
     code: string;
     title: string;
     message: string;
 }
-async function checkForNewVersion(): Promise<{ hasNewVersion: boolean, latestVersion: string | null, currentVersion: string | null }> {
-    try {
-        const isBeta = currentVersion.includes('beta')
-        const response = await fetch(`https://registry.npmjs.org/@basictech/react/${isBeta ? 'beta' : 'latest'}`);
-        if (!response.ok) {
-            throw new Error('Failed to fetch version from npm');
-        }
-        const data = await response.json();
-        const latestVersion = data.version;
-        if (latestVersion !== currentVersion) {
-            console.warn('[basic] New version available:', latestVersion, `\nrun "npm install @basictech/react@${latestVersion}" to update`);
-        }
-        if (isBeta) {
-            log('thank you for being on basictech/react beta :)')
-        }
-        return {
-            hasNewVersion: currentVersion !== latestVersion,
-            latestVersion,
-            currentVersion
-        };
-    } catch (error) {
-        log('Error checking for new version:', error);
-        return {
-            hasNewVersion: false,
-            latestVersion: null,
-            currentVersion: null
-        };
-    }
-}
-export function BasicProvider({
-    children,
-    project_id,
-    schema,
-    debug = false,
-    storage
-}: {
-    children: React.ReactNode,
-    project_id?: string,
-    schema?: any,
+export function BasicProvider({
+    children,
+    project_id,
+    schema,
+    debug = false,
+    storage,
+    auth
+}: {
+    children: React.ReactNode,
+    project_id?: string,
+    schema?: any,
     debug?: boolean,
-    storage?: BasicStorage
+    storage?: BasicStorage,
+    auth?: AuthConfig
 }) {
     const [isAuthReady, setIsAuthReady] = useState(false)
     const [isSignedIn, setIsSignedIn] = useState<boolean>(false)
@@ -272,34 +124,21 @@ export function BasicProvider({
     const syncRef = useRef<BasicSync | null>(null);
     const storageAdapter = storage || new LocalStorageAdapter();
-    const STORAGE_KEYS = {
-        REFRESH_TOKEN: 'basic_refresh_token',
-        USER_INFO: 'basic_user_info',
-        AUTH_STATE: 'basic_auth_state',
-        DEBUG: 'basic_debug'
+    // Merge auth config with defaults
+    const authConfig: Required<AuthConfig> = {
+        scopes: auth?.scopes || DEFAULT_AUTH_CONFIG.scopes,
+        server_url: auth?.server_url || DEFAULT_AUTH_CONFIG.server_url
     }
+    // Normalize scopes to space-separated string
+    const scopesString = Array.isArray(authConfig.scopes)
+        ? authConfig.scopes.join(' ')
+        : authConfig.scopes;
-    const isDevelopment = () => {
-        return (
-            window.location.hostname === 'localhost' ||
-            window.location.hostname === '127.0.0.1' ||
-            window.location.hostname.includes('localhost') ||
-            window.location.hostname.includes('127.0.0.1') ||
-            window.location.hostname.includes('.local') ||
-            process.env.NODE_ENV === 'development' ||
-            debug === true
-        )
-    }
+    const isDevMode = () => isDevelopment(debug)
-    const cleanOAuthParamsFromUrl = () => {
-        if (window.location.search.includes('code') || window.location.search.includes('state')) {
-            const url = new URL(window.location.href)
-            url.searchParams.delete('code')
-            url.searchParams.delete('state')
-            window.history.pushState({}, document.title, url.pathname + url.search)
-            log('Cleaned OAuth parameters from URL')
-        }
-    }
+    const cleanOAuthParams = () => cleanOAuthParamsFromUrl()
     useEffect(() => {
         const handleOnline = () => {
@@ -311,14 +150,14 @@ export function BasicProvider({
                 if (token) {
                     const refreshToken = token.refresh_token || localStorage.getItem('basic_refresh_token')
                     if (refreshToken) {
-                        fetchToken(refreshToken).catch(error => {
+                        fetchToken(refreshToken, true).catch(error => {
                             log('Retry refresh failed:', error)
                         })
                     }
                 }
             }
         }
         const handleOffline = () => {
             log('Network went offline')
             setIsOnline(false)
@@ -338,18 +177,18 @@ export function BasicProvider({
             if (!syncRef.current) {
                 log('Initializing Basic DB')
                 syncRef.current = new BasicSync('basicdb', { schema: schema });
                 syncRef.current.syncable.on('statusChanged', (status: number, url: string) => {
                     setDbStatus(getSyncStatus(status) as DBStatus)
                 })
                 // syncRef.current.syncable.getStatus().then((status: number) => {
                 //     setDbStatus(getSyncStatus(status) as DBStatus)
                 // })
-                if (options.shouldConnect) {
+                if (options.shouldConnect) {
                     setShouldConnect(true)
-                } else {
+                } else {
                     log('Sync is disabled')
                 }
@@ -358,16 +197,15 @@ export function BasicProvider({
         }
         async function checkSchema() {
-            const valid = validateSchema(schema)
-            if (!valid.valid) {
-                log('Basic Schema is invalid!', valid.errors)
-                console.group('Schema Errors')
+            const result = await validateAndCheckSchema(schema)
+            if (!result.isValid) {
                 let errorMessage = ''
-                valid.errors.forEach((error, index) => {
-                    log(`${index + 1}:`, error.message, ` - at ${error.instancePath}`)
-                    errorMessage += `${index + 1}: ${error.message} - at ${error.instancePath}\n`
-                })
-                console.groupEnd()
+                if (result.errors) {
+                    result.errors.forEach((error, index) => {
+                        errorMessage += `${index + 1}: ${error.message} - at ${error.instancePath}\n`
+                    })
+                }
                 setError({
                     code: 'schema_invalid',
                     title: 'Basic Schema is invalid!',
@@ -377,22 +215,13 @@ export function BasicProvider({
                 return null
             }
-            let schemaStatus = { valid: false }
-            if (schema.version !== 0) {
-                schemaStatus = await getSchemaStatus(schema)
-                log('schemaStatus', schemaStatus)
-            }else {
-                log("schema not published - at version 0")
-            }
-            if (schemaStatus.valid) {
+            if (result.schemaStatus.valid) {
                 initDb({ shouldConnect: true })
             } else {
-                log('Schema is invalid!', schemaStatus)
+                log('Schema is invalid!', result.schemaStatus)
                 initDb({ shouldConnect: false })
             }
             checkForNewVersion()
         }
@@ -403,100 +232,110 @@ export function BasicProvider({
         }
     }, []);
     useEffect(() => {
-        if (token && syncRef.current && isSignedIn && shouldConnect) {
-            connectToDb()
-        }
-    }, [isSignedIn, shouldConnect])
+        async function connectToDb() {
+            if (token && syncRef.current && isSignedIn && shouldConnect) {
+                const tok = await getToken()
+                if (!tok) {
+                    log('no token found')
+                    return
+                }
-    const connectToDb = async () => {
-        const tok = await getToken()
-        if (!tok) {
-            log('no token found')
-            return
-        }
+                log('connecting to db...')
-        log('connecting to db...')
+                syncRef.current?.connect({ access_token: tok })
+                    .catch((e) => {
+                        log('error connecting to db', e)
+                    })
+            }
+        }
+        connectToDb()
-        syncRef.current?.connect({ access_token: tok })
-            .catch((e) => {
-                log('error connecting to db', e)
-            })
-    }
+    }, [isSignedIn, shouldConnect])
     useEffect(() => {
         const initializeAuth = async () => {
             await storageAdapter.set(STORAGE_KEYS.DEBUG, debug ? 'true' : 'false')
             try {
-            if (window.location.search.includes('code')) {
-                let code = window.location?.search?.split('code=')[1]?.split('&')[0]
-                if (!code) return
+                const versionUpdater = createVersionUpdater(storageAdapter, currentVersion, getMigrations())
+                const updateResult = await versionUpdater.checkAndUpdate()
+                if (updateResult.updated) {
+                    log(`App updated from ${updateResult.fromVersion} to ${updateResult.toVersion}`)
+                } else {
+                    log(`App version ${updateResult.toVersion} is current`)
+                }
+            } catch (error) {
+                log('Version update failed:', error)
+            }
+            try {
+                if (window.location.search.includes('code')) {
+                    let code = window.location?.search?.split('code=')[1]?.split('&')[0]
+                    if (!code) return
+                    const state = await storageAdapter.get(STORAGE_KEYS.AUTH_STATE)
+                    const urlState = window.location.search.split('state=')[1]?.split('&')[0]
+                    if (!state || state !== urlState) {
+                        log('error: auth state does not match')
+                        setIsAuthReady(true)
-                const state = await storageAdapter.get(STORAGE_KEYS.AUTH_STATE)
-                const urlState = window.location.search.split('state=')[1]?.split('&')[0]
-                if (!state || state !== urlState) {
-                    log('error: auth state does not match')
-                    setIsAuthReady(true)
+                        await storageAdapter.remove(STORAGE_KEYS.AUTH_STATE)
+                        cleanOAuthParams()
+                        return
+                    }
                     await storageAdapter.remove(STORAGE_KEYS.AUTH_STATE)
-                    // Clean OAuth parameters from URL
-                    cleanOAuthParamsFromUrl()
-                    return
-                }
+                    cleanOAuthParams()
-                await storageAdapter.remove(STORAGE_KEYS.AUTH_STATE)
-                // Clean OAuth parameters from URL
-                cleanOAuthParamsFromUrl()
-                fetchToken(code).catch((error) => {
-                    log('Error fetching token:', error)
-                })
-            } else {
-                const refreshToken = await storageAdapter.get(STORAGE_KEYS.REFRESH_TOKEN)
-                if (refreshToken) {
-                    log('Found refresh token in storage, attempting to refresh access token')
-                    fetchToken(refreshToken).catch((error) => {
-                        log('Error fetching refresh token:', error)
+                    fetchToken(code, false).catch((error) => {
+                        log('Error fetching token:', error)
                     })
                 } else {
-                    let cookie_token = getCookie('basic_token')
-                    if (cookie_token !== '') {
-                        const tokenData = JSON.parse(cookie_token)
-                        setToken(tokenData)
-                        if (tokenData.refresh_token) {
-                            await storageAdapter.set(STORAGE_KEYS.REFRESH_TOKEN, tokenData.refresh_token)
-                        }
-                    } else {
-                        const cachedUserInfo = await storageAdapter.get(STORAGE_KEYS.USER_INFO)
-                        if (cachedUserInfo) {
-                            try {
-                                const userData = JSON.parse(cachedUserInfo)
-                                setUser(userData)
-                                setIsSignedIn(true)
-                                log('Loaded cached user info for offline mode')
-                            } catch (error) {
-                                log('Error parsing cached user info:', error)
+                    const refreshToken = await storageAdapter.get(STORAGE_KEYS.REFRESH_TOKEN)
+                    if (refreshToken) {
+                        log('Found refresh token in storage, attempting to refresh access token')
+                        fetchToken(refreshToken, true).catch((error) => {
+                            log('Error fetching refresh token:', error)
+                        })
+                    } else {
+                        let cookie_token = getCookie('basic_token')
+                        if (cookie_token !== '') {
+                            const tokenData = JSON.parse(cookie_token)
+                            setToken(tokenData)
+                            if (tokenData.refresh_token) {
+                                await storageAdapter.set(STORAGE_KEYS.REFRESH_TOKEN, tokenData.refresh_token)
+                            }
+                        } else {
+                            const cachedUserInfo = await storageAdapter.get(STORAGE_KEYS.USER_INFO)
+                            if (cachedUserInfo) {
+                                try {
+                                    const userData = JSON.parse(cachedUserInfo)
+                                    setUser(userData)
+                                    setIsSignedIn(true)
+                                    log('Loaded cached user info for offline mode')
+                                } catch (error) {
+                                    log('Error parsing cached user info:', error)
+                                }
                             }
+                            setIsAuthReady(true)
                         }
-                        setIsAuthReady(true)
                     }
                 }
-            }
             } catch (e) {
                 log('error getting token', e)
             }
         }
         initializeAuth()
     }, [])
     useEffect(() => {
         async function fetchUser(acc_token: string) {
             console.info('fetching user')
-            const user = await fetch('https://api.basic.tech/auth/userInfo', {
+            const user = await fetch(`${authConfig.server_url}/auth/userInfo`, {
                 method: 'GET',
                 headers: {
                     'Authorization': `Bearer ${acc_token}`
@@ -512,13 +351,13 @@ export function BasicProvider({
                 if (token?.refresh_token) {
                     await storageAdapter.set(STORAGE_KEYS.REFRESH_TOKEN, token.refresh_token)
                 }
                 await storageAdapter.set(STORAGE_KEYS.USER_INFO, JSON.stringify(user))
                 log('Cached user info in storage')
-                document.cookie = `basic_access_token=${token?.access_token}; Secure; SameSite=Strict; HttpOnly=false`;
-                document.cookie = `basic_token=${JSON.stringify(token)}; Secure; SameSite=Strict`;
+                setCookie('basic_access_token', token?.access_token || '', { httpOnly: false });
+                setCookie('basic_token', JSON.stringify(token));
                 setUser(user)
                 setIsSignedIn(true)
@@ -540,11 +379,11 @@ export function BasicProvider({
             if (isExpired) {
                 log('token is expired - refreshing ...')
                 try {
-                    const newToken = await fetchToken(token?.refresh_token || '')
+                    const newToken = await fetchToken(token?.refresh_token || '', true)
                     fetchUser(newToken?.access_token || '')
                 } catch (error) {
                     log('Failed to refresh token in checkToken:', error)
                     if ((error as Error).message.includes('offline') || (error as Error).message.includes('Network')) {
                         log('Network issue - continuing with expired token until online')
                         fetchUser(token?.access_token || '')
@@ -559,7 +398,7 @@ export function BasicProvider({
         if (token) {
             checkToken()
-        }
+        }
     }, [token])
     const getSignInLink = async (redirectUri?: string) => {
@@ -579,14 +418,18 @@ export function BasicProvider({
                 throw new Error('Invalid redirect URI provided')
             }
-            let baseUrl = "https://api.basic.tech/auth/authorize"
+            // Store redirect_uri for token exchange
+            await storageAdapter.set(STORAGE_KEYS.REDIRECT_URI, redirectUrl)
+            log('Stored redirect_uri for token exchange:', redirectUrl)
+            let baseUrl = `${authConfig.server_url}/auth/authorize`
             baseUrl += `?client_id=${project_id}`
             baseUrl += `&redirect_uri=${encodeURIComponent(redirectUrl)}`
             baseUrl += `&response_type=code`
-            baseUrl += `&scope=profile`
+            baseUrl += `&scope=${encodeURIComponent(scopesString)}`
             baseUrl += `&state=${randomState}`
-            log('Generated sign-in link successfully')
+            log('Generated sign-in link successfully with scopes:', scopesString)
             return baseUrl;
         } catch (error) {
@@ -598,33 +441,33 @@ export function BasicProvider({
     const signin = async () => {
         try {
             log('signing in...')
             if (!project_id) {
                 log('Error: project_id is required for sign-in')
                 throw new Error('Project ID is required for authentication')
             }
             const signInLink = await getSignInLink()
             log('Generated sign-in link:', signInLink)
             if (!signInLink || !signInLink.startsWith('https://')) {
                 log('Error: Invalid sign-in link generated')
                 throw new Error('Failed to generate valid sign-in URL')
             }
             window.location.href = signInLink
         } catch (error) {
             log('Error during sign-in:', error)
-            if (isDevelopment()) {
+            if (isDevMode()) {
                 setError({
                     code: 'signin_error',
                     title: 'Sign-in Failed',
                     message: (error as Error).message || 'An error occurred during sign-in. Please try again.'
                 })
             }
             throw error
         }
     }
@@ -632,7 +475,7 @@ export function BasicProvider({
     const signinWithCode = async (code: string, state?: string): Promise<{ success: boolean, error?: string }> => {
         try {
             log('signinWithCode called with code:', code)
             if (!code || typeof code !== 'string') {
                 return { success: false, error: 'Invalid authorization code' }
             }
@@ -646,10 +489,10 @@ export function BasicProvider({
             }
             await storageAdapter.remove(STORAGE_KEYS.AUTH_STATE)
-            cleanOAuthParamsFromUrl()
+            cleanOAuthParams()
+            const token = await fetchToken(code, false)
-            const token = await fetchToken(code)
             if (token) {
                 log('signinWithCode successful')
                 return { success: true }
@@ -658,9 +501,9 @@ export function BasicProvider({
             }
         } catch (error) {
             log('signinWithCode error:', error)
-            return {
-                success: false,
-                error: (error as Error).message || 'Authentication failed'
+            return {
+                success: false,
+                error: (error as Error).message || 'Authentication failed'
             }
         }
     }
@@ -670,17 +513,18 @@ export function BasicProvider({
         setUser({})
         setIsSignedIn(false)
         setToken(null)
-        document.cookie = `basic_token=; Secure; SameSite=Strict`;
-        document.cookie = `basic_access_token=; Secure; SameSite=Strict`;
+        clearCookie('basic_token');
+        clearCookie('basic_access_token');
         await storageAdapter.remove(STORAGE_KEYS.AUTH_STATE)
         await storageAdapter.remove(STORAGE_KEYS.REFRESH_TOKEN)
         await storageAdapter.remove(STORAGE_KEYS.USER_INFO)
+        await storageAdapter.remove(STORAGE_KEYS.REDIRECT_URI)
         if (syncRef.current) {
             (async () => {
                 try {
                     await syncRef.current?.close()
-                    await syncRef.current?.delete({disableAutoOpen: false})
+                    await syncRef.current?.delete({ disableAutoOpen: false })
                     syncRef.current = null
                     window?.location?.reload()
                 } catch (error) {
@@ -693,20 +537,19 @@ export function BasicProvider({
     const getToken = async (): Promise<string> => {
         log('getting token...')
         if (!token) {
             // Try to recover from storage refresh token
             const refreshToken = await storageAdapter.get(STORAGE_KEYS.REFRESH_TOKEN)
             if (refreshToken) {
                 log('No token in memory, attempting to refresh from storage')
                 try {
-                    const newToken = await fetchToken(refreshToken)
+                    const newToken = await fetchToken(refreshToken, true)
                     if (newToken?.access_token) {
                         return newToken.access_token
                     }
                 } catch (error) {
                     log('Failed to refresh token from storage:', error)
                     if ((error as Error).message.includes('offline') || (error as Error).message.includes('Network')) {
                         log('Network issue - continuing with potentially expired token')
                         const lastToken = localStorage.getItem('basic_access_token')
@@ -715,7 +558,7 @@ export function BasicProvider({
                         }
                         throw new Error('Network offline - authentication will be retried when online')
                     }
                     throw new Error('Authentication expired. Please sign in again.')
                 }
             }
@@ -731,16 +574,16 @@ export function BasicProvider({
             const refreshToken = token?.refresh_token || await storageAdapter.get(STORAGE_KEYS.REFRESH_TOKEN)
             if (refreshToken) {
                 try {
-                    const newToken = await fetchToken(refreshToken)
+                    const newToken = await fetchToken(refreshToken, true)
                     return newToken?.access_token || ''
                 } catch (error) {
                     log('Failed to refresh expired token:', error)
                     if ((error as Error).message.includes('offline') || (error as Error).message.includes('Network')) {
                         log('Network issue - using expired token until network is restored')
                         return token.access_token
                     }
                     throw new Error('Authentication expired. Please sign in again.')
                 }
             } else {
@@ -751,22 +594,7 @@ export function BasicProvider({
         return token?.access_token || ''
     }
-    function getCookie(name: string) {
-        let cookieValue = '';
-        if (document.cookie && document.cookie !== '') {
-            const cookies = document.cookie.split(';');
-            for (let i = 0; i < cookies.length; i++) {
-                const cookie = cookies[i]?.trim();
-                if (cookie && cookie.substring(0, name.length + 1) === (name + '=')) {
-                    cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
-                    break;
-                }
-            }
-        }
-        return cookieValue;
-    }
-    const fetchToken = async (code: string) => {
+    const fetchToken = async (codeOrRefreshToken: string, isRefreshToken: boolean = false) => {
         try {
             if (!isOnline) {
                 log('Network is offline, marking refresh as pending')
@@ -774,12 +602,48 @@ export function BasicProvider({
                 throw new Error('Network offline - refresh will be retried when online')
             }
-            const token = await fetch('https://api.basic.tech/auth/token', {
+            let requestBody: any
+            if (isRefreshToken) {
+                // Refresh token request
+                requestBody = {
+                    grant_type: 'refresh_token',
+                    refresh_token: codeOrRefreshToken
+                }
+                // Include client_id if available for validation
+                if (project_id) {
+                    requestBody.client_id = project_id
+                }
+            } else {
+                // Authorization code exchange
+                requestBody = {
+                    grant_type: 'authorization_code',
+                    code: codeOrRefreshToken
+                }
+                // Retrieve stored redirect_uri (required by OAuth2 spec)
+                const storedRedirectUri = await storageAdapter.get(STORAGE_KEYS.REDIRECT_URI)
+                if (storedRedirectUri) {
+                    requestBody.redirect_uri = storedRedirectUri
+                    log('Including redirect_uri in token exchange:', storedRedirectUri)
+                } else {
+                    log('Warning: No redirect_uri found in storage for token exchange')
+                }
+                // Include client_id for validation
+                if (project_id) {
+                    requestBody.client_id = project_id
+                }
+            }
+            log('Token exchange request body:', { ...requestBody, refresh_token: isRefreshToken ? '[REDACTED]' : undefined, code: !isRefreshToken ? '[REDACTED]' : undefined })
+            const token = await fetch(`${authConfig.server_url}/auth/token`, {
                 method: 'POST',
                 headers: {
                     'Content-Type': 'application/json'
                 },
-                body: JSON.stringify({ code: code })
+                body: JSON.stringify(requestBody)
             })
                 .then(response => response.json())
                 .catch(error => {
@@ -793,90 +657,64 @@ export function BasicProvider({
             if (token.error) {
                 log('error fetching token', token.error)
                 if (token.error.includes('network') || token.error.includes('timeout')) {
                     setPendingRefresh(true)
                     throw new Error('Network issue - refresh will be retried when online')
                 }
                 await storageAdapter.remove(STORAGE_KEYS.REFRESH_TOKEN)
                 await storageAdapter.remove(STORAGE_KEYS.USER_INFO)
-                document.cookie = `basic_token=; Secure; SameSite=Strict`;
-                document.cookie = `basic_access_token=; Secure; SameSite=Strict`;
+                await storageAdapter.remove(STORAGE_KEYS.REDIRECT_URI)
+                clearCookie('basic_token');
+                clearCookie('basic_access_token');
                 setUser({})
                 setIsSignedIn(false)
                 setToken(null)
                 setIsAuthReady(true)
                 throw new Error(`Token refresh failed: ${token.error}`)
             } else {
                 setToken(token)
                 setPendingRefresh(false)
                 if (token.refresh_token) {
                     await storageAdapter.set(STORAGE_KEYS.REFRESH_TOKEN, token.refresh_token)
                     log('Updated refresh token in storage')
                 }
-                document.cookie = `basic_access_token=${token.access_token}; Secure; SameSite=Strict; HttpOnly=false`;
+                // Clean up redirect_uri after successful token exchange
+                if (!isRefreshToken) {
+                    await storageAdapter.remove(STORAGE_KEYS.REDIRECT_URI)
+                    log('Cleaned up redirect_uri from storage after successful exchange')
+                }
+                setCookie('basic_access_token', token.access_token, { httpOnly: false });
                 log('Updated access token in cookie')
             }
             return token
         } catch (error) {
             log('Token refresh error:', error)
             if (!(error as Error).message.includes('offline') && !(error as Error).message.includes('Network')) {
                 await storageAdapter.remove(STORAGE_KEYS.REFRESH_TOKEN)
                 await storageAdapter.remove(STORAGE_KEYS.USER_INFO)
-                document.cookie = `basic_token=; Secure; SameSite=Strict`;
-                document.cookie = `basic_access_token=; Secure; SameSite=Strict`;
+                await storageAdapter.remove(STORAGE_KEYS.REDIRECT_URI)
+                clearCookie('basic_token');
+                clearCookie('basic_access_token');
                 setUser({})
                 setIsSignedIn(false)
                 setToken(null)
                 setIsAuthReady(true)
             }
-            throw error
-        }
-    }
-    const db_ = (tableName: string) => {
-        const checkSignIn = () => {
-            if (!isSignedIn) {
-                throw new Error('cannot use db. user not logged in.')
-            }
-        }
-        return {
-            get: async () => {
-                checkSignIn()
-                const tok = await getToken()
-                return get({ projectId: project_id, accountId: user?.id, tableName: tableName, token: tok })
-            },
-            add: async (value: any) => {
-                checkSignIn()
-                const tok = await getToken()
-                return add({ projectId: project_id, accountId: user?.id, tableName: tableName, value: value, token: tok })
-            },
-            update: async (id: string, value: any) => {
-                checkSignIn()
-                const tok = await getToken()
-                return update({ projectId: project_id, accountId: user?.id, tableName: tableName, id: id, value: value, token: tok })
-            },
-            delete: async (id: string) => {
-                checkSignIn()
-                const tok = await getToken()
-                return deleteRecord({ projectId: project_id, accountId: user?.id, tableName: tableName, id: id, token: tok })
-            }
+            throw error
         }
     }
-    const noDb = ({
+    const noDb = ({
         collection: () => {
             throw new Error('no basicdb found - initialization failed. double check your schema.')
         }
@@ -896,17 +734,17 @@ export function BasicProvider({
             db: syncRef.current ? syncRef.current : noDb,
             dbStatus
         }}>
-            {error && isDevelopment() && <ErrorDisplay error={error} />}
+            {error && isDevMode() && <ErrorDisplay error={error} />}
             {isReady && children}
         </BasicContext.Provider>
     )
 }
 function ErrorDisplay({ error }: { error: ErrorObject }) {
-    return <div style={{
+    return <div style={{
         position: 'absolute',
-        top: 20,
+        top: 20,
         left: 20,
         color: 'black',
         backgroundColor: '#f8d7da',
@@ -916,10 +754,10 @@ function ErrorDisplay({ error }: { error: ErrorObject }) {
         maxWidth: '400px',
         margin: '20px auto',
         boxShadow: '0 2px 4px rgba(0, 0, 0, 0.1)',
-        fontFamily: 'monospace',
-     }}>
-        <h3 style={{fontSize: '0.8rem', opacity: 0.8}}>code: {error.code}</h3>
-        <h1 style={{fontSize: '1.2rem', lineHeight: '1.5'}}>{error.title}</h1>
+        fontFamily: 'monospace',
+    }}>
+        <h3 style={{ fontSize: '0.8rem', opacity: 0.8 }}>code: {error.code}</h3>
+        <h1 style={{ fontSize: '1.2rem', lineHeight: '1.5' }}>{error.title}</h1>
         <p>{error.message}</p>
     </div>
 }