npm - @blimu/react - Versions diffs - 1.1.0 → 1.1.4 - Mend

@blimu/react 1.1.0 → 1.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (489) hide show

package/dist/client/auth.service.js CHANGED Viewed

@@ -1,152 +1,249 @@
-import { Blimu as _, BlimuError as A } from "@blimu/client";
-import o from "../node_modules/js-cookie/dist/js.cookie.js";
-import { jwtDecode as C } from "../node_modules/jwt-decode/build/esm/index.js";
-const h = "__bli_session", S = "__lh_jwt", u = "__lh_jwt", m = 10, w = 1e3, E = (n) => Math.floor(n * w), b = (n) => Math.floor(n / w), p = () => b(Date.now()), P = (n) => E(n), v = (n, e) => {
-  const s = P(n), r = E(e), t = Date.now();
-  return Math.max(s - r - t, 0);
-}, f = (n, e) => {
-  const s = p();
-  return n - e < s;
+import { Blimu, BlimuError } from "@blimu/client";
+import api from "../node_modules/js-cookie/dist/js.cookie.js";
+import { jwtDecode } from "../node_modules/jwt-decode/build/esm/index.js";
+const SESSION_COOKIE_NAME = "__bli_session";
+const LOCALHOST_JWT_URL_PARAM_NAME = "__lh_jwt";
+const LOCALHOST_JWT_COOKIE_NAME = "__lh_jwt";
+const SESSION_EXPIRATION_BUFFER = 10;
+const SECONDS_TO_MS = 1e3;
+const secondsToMilliseconds = (seconds) => Math.floor(seconds * SECONDS_TO_MS);
+const millisecondsToSeconds = (ms) => Math.floor(ms / SECONDS_TO_MS);
+const nowInSeconds = () => millisecondsToSeconds(Date.now());
+const jwtExpToMilliseconds = (exp) => secondsToMilliseconds(exp);
+const calculateTimeoutDelay = (expirationSeconds, bufferSeconds) => {
+  const expirationMS = jwtExpToMilliseconds(expirationSeconds);
+  const bufferMS = secondsToMilliseconds(bufferSeconds);
+  const nowMS = Date.now();
+  return Math.max(expirationMS - bufferMS - nowMS, 0);
 };
-class x {
-  constructor(e, s, r, t, l) {
-    this.isLive = e, this.client = s, this.store = r, this.pendingRefresher = null, this.refreshPromise = null, this.refreshingSignals = /* @__PURE__ */ new Set(), this.refreshingSignalAbortController = null, this.localClient = new _({
-      baseURL: t,
+const isExpiredIn = (expiration, buffer) => {
+  const now = nowInSeconds();
+  return expiration - buffer < now;
+};
+class AuthSessionService {
+  constructor(isLive, client, store, baseURL, publishableKey) {
+    this.isLive = isLive;
+    this.client = client;
+    this.store = store;
+    this.pendingRefresher = null;
+    this.refreshPromise = null;
+    this.refreshingSignals = /* @__PURE__ */ new Set();
+    this.refreshingSignalAbortController = null;
+    this.localClient = new Blimu({
+      baseURL,
       credentials: "include",
-      headers: { "x-blimu-publishable-key": l }
-    }), this.handleRequestError = this.handleRequestError.bind(this);
+      headers: { "x-blimu-publishable-key": publishableKey }
+    });
+    this.handleRequestError = this.handleRequestError.bind(this);
   }
   /**
    * Set cookie with appropriate security settings based on environment
    */
-  setCookie(e, s, r = {}) {
-    const t = {
+  setCookie(name, value, options = {}) {
+    const cookieOptions = {
       secure: this.isLive,
       // true for live environments, false for localhost
       sameSite: "lax",
       path: "/"
     };
-    r.maxAge !== void 0 && (t.expires = r.maxAge / (1440 * 60)), o.set(e, s, t);
+    if (options.maxAge !== void 0) {
+      cookieOptions.expires = options.maxAge / (24 * 60 * 60);
+    }
+    api.set(name, value, cookieOptions);
   }
   getSessionPayload() {
-    const e = o.get(h);
-    return e ? C(e) : null;
+    const token = api.get(SESSION_COOKIE_NAME);
+    if (!token) {
+      return null;
+    }
+    const decoded = jwtDecode(token);
+    return decoded;
   }
   async getSessionToken() {
-    const e = this.getSessionPayload();
-    if (e)
-      return this.refreshPromise ? (await this.refreshPromise, o.get(h)) : (f(e.exp, 0) && await this.refreshSession(), o.get(h));
+    const sessionPayload = this.getSessionPayload();
+    if (!sessionPayload) {
+      return void 0;
+    }
+    if (this.refreshPromise) {
+      await this.refreshPromise;
+      return api.get(SESSION_COOKIE_NAME);
+    }
+    if (isExpiredIn(sessionPayload.exp, 0)) {
+      await this.refreshSession();
+    }
+    return api.get(SESSION_COOKIE_NAME);
   }
-  async handleRequestError(e) {
-    return e instanceof A && [401, 500].includes(e.status) ? (o.remove(h), o.remove(u), {
-      error: e.message,
-      user: null
-    }) : e instanceof DOMException ? {
-      error: e.message,
-      user: null
-    } : e instanceof Error ? {
-      error: e.message,
-      user: null
-    } : {
+  async handleRequestError(error) {
+    if (error instanceof BlimuError && [401, 500].includes(error.status)) {
+      api.remove(SESSION_COOKIE_NAME);
+      api.remove(LOCALHOST_JWT_COOKIE_NAME);
+      return {
+        error: error.message,
+        user: null
+      };
+    }
+    if (error instanceof DOMException)
+      return {
+        error: error.message,
+        user: null
+      };
+    if (error instanceof Error) {
+      return {
+        error: error.message,
+        user: null
+      };
+    }
+    return {
       error: "unknown error",
       user: null
     };
   }
-  async initialize({ signal: e } = {}) {
-    const s = new URL(window.location.href), r = s.searchParams.get(S) ?? void 0;
-    r && (s.searchParams.delete(S), window.history.replaceState({}, "", s.toString())), r && this.setCookie(u, r, {
-      maxAge: 720 * 60 * 60
-      // 30 days
-    });
-    const t = o.get(u);
-    if (console.log("localhostJWTCookie", t), t && !o.get(h)) {
-      const i = await this.refreshSession({ signal: e }).catch(this.handleRequestError);
-      if ("error" in i) return i;
+  async initialize({ signal } = {}) {
+    const url = new URL(window.location.href);
+    const localhostJWT = url.searchParams.get(LOCALHOST_JWT_URL_PARAM_NAME) ?? void 0;
+    if (localhostJWT) {
+      url.searchParams.delete(LOCALHOST_JWT_URL_PARAM_NAME);
+      window.history.replaceState({}, "", url.toString());
+    }
+    if (localhostJWT) {
+      this.setCookie(LOCALHOST_JWT_COOKIE_NAME, localhostJWT, {
+        maxAge: 30 * 24 * 60 * 60
+        // 30 days
+      });
+    }
+    const localhostJWTCookie = api.get(LOCALHOST_JWT_COOKIE_NAME);
+    if (localhostJWTCookie && !api.get(SESSION_COOKIE_NAME)) {
+      const result2 = await this.refreshSession({ signal }).catch(this.handleRequestError);
+      if ("error" in result2) return result2;
     }
-    const l = this.getSessionPayload();
-    if (!l)
+    const sessionPayload = this.getSessionPayload();
+    if (!sessionPayload) {
       return {
         error: null,
         user: null
       };
-    if (f(l.exp, m)) {
-      const i = await this.refreshSession().catch(this.handleRequestError);
-      if ("error" in i) return i;
     }
-    const a = await this.client.auth.getSession().catch(this.handleRequestError);
-    return "error" in a ? a : {
+    if (isExpiredIn(sessionPayload.exp, SESSION_EXPIRATION_BUFFER)) {
+      const result2 = await this.refreshSession().catch(this.handleRequestError);
+      if ("error" in result2) return result2;
+    }
+    const result = await this.client.auth.getSession().catch(this.handleRequestError);
+    if ("error" in result) return result;
+    return {
       error: null,
-      user: a.user
+      user: result.user
     };
   }
   scheduleRefresh() {
-    const e = new AbortController();
-    let s = !0, r = null;
-    const t = () => {
-      s = !0, this.pendingRefresher && (this.pendingRefresher(), this.pendingRefresher = null);
-    }, l = () => {
-      s = !1;
+    const abortController = new AbortController();
+    let isOnline = true;
+    let timeoutId = null;
+    const onlineHandler = () => {
+      isOnline = true;
+      if (this.pendingRefresher) {
+        this.pendingRefresher();
+        this.pendingRefresher = null;
+      }
+    };
+    const offlineHandler = () => {
+      isOnline = false;
     };
-    window.addEventListener("online", t), window.addEventListener("offline", l);
-    const a = () => {
-      r !== null && (window.clearTimeout(r), r = null);
-      const i = this.getSessionPayload();
-      if (!i || f(i.exp, 0)) return;
-      const d = v(i.exp, m);
-      if (d < 0)
+    window.addEventListener("online", onlineHandler);
+    window.addEventListener("offline", offlineHandler);
+    const refresh = () => {
+      if (timeoutId !== null) {
+        window.clearTimeout(timeoutId);
+        timeoutId = null;
+      }
+      const sessionPayload = this.getSessionPayload();
+      if (!sessionPayload || isExpiredIn(sessionPayload.exp, 0)) return;
+      const timeoutDelayMS = calculateTimeoutDelay(sessionPayload.exp, SESSION_EXPIRATION_BUFFER);
+      if (timeoutDelayMS < 0) {
         return;
-      const g = async () => {
-        if (r = null, !s) {
-          this.pendingRefresher = g;
+      }
+      const refresher = async () => {
+        timeoutId = null;
+        if (!isOnline) {
+          this.pendingRefresher = refresher;
           return;
         }
-        const c = await this.refreshSession({ signal: e.signal });
-        if ("error" in c) {
-          if (c.error === "aborted")
+        const result = await this.refreshSession({ signal: abortController.signal });
+        if ("error" in result) {
+          if (result.error === "aborted") {
             return;
+          }
           this.store.setState({
             status: "error",
             user: null,
-            error: c.error
+            error: result.error
           });
           return;
-        } else
-          a();
+        } else {
+          refresh();
+        }
       };
-      r = window.setTimeout(g, d);
+      timeoutId = window.setTimeout(refresher, timeoutDelayMS);
     };
-    return a(), () => {
-      r && window.clearTimeout(r), e.abort(), window.removeEventListener("online", t), window.removeEventListener("offline", l);
+    refresh();
+    return () => {
+      if (timeoutId) {
+        window.clearTimeout(timeoutId);
+      }
+      abortController.abort();
+      window.removeEventListener("online", onlineHandler);
+      window.removeEventListener("offline", offlineHandler);
     };
   }
-  async refreshSession({ signal: e } = {}) {
-    if (e && (this.refreshingSignals.add(e), e.addEventListener("abort", () => {
-      this.refreshingSignals.delete(e), this.refreshingSignals.size === 0 && this.refreshingSignalAbortController?.abort();
-    })), this.refreshPromise)
+  async refreshSession({ signal } = {}) {
+    if (signal) {
+      this.refreshingSignals.add(signal);
+      signal.addEventListener("abort", () => {
+        this.refreshingSignals.delete(signal);
+        if (this.refreshingSignals.size === 0) {
+          this.refreshingSignalAbortController?.abort();
+        }
+      });
+    }
+    if (this.refreshPromise) {
       return this.refreshPromise;
-    this.refreshingSignalAbortController = new AbortController(), this.refreshingSignalAbortController.signal.addEventListener("abort", () => {
-      this.refreshPromise = null, this.refreshingSignalAbortController = null, this.refreshingSignals.clear();
+    }
+    this.refreshingSignalAbortController = new AbortController();
+    this.refreshingSignalAbortController.signal.addEventListener("abort", () => {
+      this.refreshPromise = null;
+      this.refreshingSignalAbortController = null;
+      this.refreshingSignals.clear();
     });
-    const s = this.isLive ? void 0 : o.get(u), r = {};
-    s && (r.__lh_jwt = s), this.refreshPromise = this.localClient.auth.refresh(r, {
+    const localhostJWT = !this.isLive ? api.get(LOCALHOST_JWT_COOKIE_NAME) : void 0;
+    const queryParams = {};
+    if (localhostJWT) {
+      queryParams.__lh_jwt = localhostJWT;
+    }
+    this.refreshPromise = this.localClient.auth.refresh(queryParams, {
       signal: this.refreshingSignalAbortController.signal
-    }).then((t) => (this.isLive || this.setCookie(h, t.sessionToken, {
-      maxAge: 720 * 60 * 60
-      // 30 days
-    }), t)).catch(this.handleRequestError);
+    }).then((response) => {
+      if (!this.isLive) {
+        this.setCookie(SESSION_COOKIE_NAME, response.sessionToken, {
+          maxAge: 30 * 24 * 60 * 60
+          // 30 days
+        });
+      }
+      return response;
+    }).catch(this.handleRequestError);
     try {
       return await this.refreshPromise;
     } finally {
-      this.refreshPromise = null, this.refreshingSignalAbortController = null, this.refreshingSignals.clear();
+      this.refreshPromise = null;
+      this.refreshingSignalAbortController = null;
+      this.refreshingSignals.clear();
     }
   }
 }
 export {
-  x as AuthSessionService,
-  u as LOCALHOST_JWT_COOKIE_NAME,
-  S as LOCALHOST_JWT_URL_PARAM_NAME,
-  h as SESSION_COOKIE_NAME,
-  m as SESSION_EXPIRATION_BUFFER,
-  f as isExpiredIn
+  AuthSessionService,
+  LOCALHOST_JWT_COOKIE_NAME,
+  LOCALHOST_JWT_URL_PARAM_NAME,
+  SESSION_COOKIE_NAME,
+  SESSION_EXPIRATION_BUFFER,
+  isExpiredIn
 };
 //# sourceMappingURL=auth.service.js.map

package/dist/client/auth.service.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auth.service.js","sources":["../../src/client/auth.service.ts"],"sourcesContent":["import { Blimu, BlimuError } from '@blimu/client';\nimport type { RefreshResponse } from '@blimu/client/schema';\nimport Cookies from 'js-cookie';\nimport { jwtDecode } from 'jwt-decode';\n\nimport type { AuthState, User } from '../types';\nimport { ExternalStore } from './external-store';\n\nexport const SESSION_COOKIE_NAME = '__bli_session';\nexport const LOCALHOST_JWT_URL_PARAM_NAME = '__lh_jwt';\nexport const LOCALHOST_JWT_COOKIE_NAME = '__lh_jwt';\nexport const SESSION_EXPIRATION_BUFFER = 10;\n\n/*\n Time conversion utilities\n * JWT tokens use seconds (Unix timestamp), JavaScript Date uses milliseconds\n /\nconst SECONDS_TO_MS = 1000;\n\n/\n Convert seconds to milliseconds\n /\nconst secondsToMilliseconds = (seconds: number): number => Math.floor(seconds SECONDS_TO_MS);\n\n/*\n Convert milliseconds to seconds\n /\nconst millisecondsToSeconds = (ms: number): number => Math.floor(ms / SECONDS_TO_MS);\n\n/\n Get current time in seconds (Unix timestamp)\n /\nconst nowInSeconds = (): number => millisecondsToSeconds(Date.now());\n\n/\n Convert JWT expiration time (seconds) to milliseconds\n /\nconst jwtExpToMilliseconds = (exp: number): number => secondsToMilliseconds(exp);\n\n/\n Calculate timeout delay in milliseconds for refreshing before expiration\n * @param expirationSeconds - JWT exp claim in seconds\n * @param bufferSeconds - Buffer time in seconds before expiration\n * @returns Timeout delay in milliseconds\n /\nconst calculateTimeoutDelay = (expirationSeconds: number, bufferSeconds: number): number => {\n const expirationMS = jwtExpToMilliseconds(expirationSeconds);\n const bufferMS = secondsToMilliseconds(bufferSeconds);\n const nowMS = Date.now();\n return Math.max(expirationMS - bufferMS - nowMS, 0);\n};\n\n/\n Check if a JWT expiration time (in seconds) is expired or will expire within the buffer\n * @param expiration - JWT exp claim in seconds (Unix timestamp)\n * @param buffer - Buffer time in seconds before expiration to consider it expired\n * @returns true if expired or will expire within buffer\n /\nexport const isExpiredIn = (expiration: number, buffer: number): boolean => {\n const now = nowInSeconds();\n return expiration - buffer < now;\n};\n\nexport class AuthSessionService {\n private pendingRefresher: (() => void) \| null = null;\n private refreshPromise: Promise<RefreshResponse \| { error: string; user: null }> \| null = null;\n private refreshingSignals: Set<AbortSignal> = new Set();\n private refreshingSignalAbortController: AbortController \| null = null;\n // A local client that doesn't call getSessionToken() which calls refreshSession().\n private localClient: Blimu;\n\n constructor(\n private readonly isLive: boolean,\n private readonly client: Blimu,\n private readonly store: ExternalStore<AuthState>,\n baseURL: string,\n publishableKey: string,\n ) {\n this.localClient = new Blimu({\n baseURL,\n credentials: 'include',\n headers: { 'x-blimu-publishable-key': publishableKey },\n });\n this.handleRequestError = this.handleRequestError.bind(this);\n }\n\n /\n Set cookie with appropriate security settings based on environment\n /\n private setCookie(name: string, value: string, options: { maxAge?: number } = {}): void {\n const cookieOptions: Cookies.CookieAttributes = {\n secure: this.isLive, // true for live environments, false for localhost\n sameSite: 'lax',\n path: '/',\n };\n\n if (options.maxAge !== undefined) {\n cookieOptions.expires = options.maxAge / (24 60 * 60); // Convert seconds to days\n }\n\n Cookies.set(name, value, cookieOptions);\n }\n\n getSessionPayload(): {\n sub: string;\n environmentId: string;\n type: string;\n iat: number;\n exp: number;\n } \| null {\n const token = Cookies.get(SESSION_COOKIE_NAME);\n\n if (!token) {\n return null;\n }\n\n const decoded = jwtDecode<{\n sub: string;\n environmentId: string;\n type: string;\n iat: number;\n exp: number;\n }>(token);\n\n return decoded;\n }\n\n async getSessionToken(): Promise<string \| undefined> {\n const sessionPayload = this.getSessionPayload();\n\n if (!sessionPayload) {\n return undefined;\n }\n\n // If a refresh is already in progress, wait for it to complete\n // This prevents infinite recursion when refreshSession() calls client.auth.refresh()\n // which triggers accessToken() which calls getSessionToken()\n if (this.refreshPromise) {\n await this.refreshPromise;\n // After refresh completes, return the updated token from cookie\n return Cookies.get(SESSION_COOKIE_NAME);\n }\n\n if (isExpiredIn(sessionPayload.exp, 0)) {\n await this.refreshSession();\n }\n\n return Cookies.get(SESSION_COOKIE_NAME);\n }\n\n async handleRequestError(error: unknown): Promise<{ error: string; user: null }> {\n if (error instanceof BlimuError && [401, 500].includes(error.status)) {\n Cookies.remove(SESSION_COOKIE_NAME);\n Cookies.remove(LOCALHOST_JWT_COOKIE_NAME);\n\n return {\n error: error.message,\n user: null,\n };\n }\n\n if (error instanceof DOMException)\n return {\n error: error.message,\n user: null,\n };\n\n if (error instanceof Error) {\n return {\n error: error.message,\n user: null,\n };\n }\n\n return {\n error: 'unknown error',\n user: null,\n };\n }\n\n async initialize({ signal }: { signal?: AbortSignal } = {}): Promise<{\n error: string \| null;\n user: User \| null;\n }> {\n const url = new URL(window.location.href);\n const localhostJWT = url.searchParams.get(LOCALHOST_JWT_URL_PARAM_NAME) ?? undefined;\n\n // Clean up URL parameters immediately to prevent re-processing on re-renders\n if (localhostJWT) {\n url.searchParams.delete(LOCALHOST_JWT_URL_PARAM_NAME);\n window.history.replaceState({}, '', url.toString());\n }\n\n // Handle localhost JWT from URL parameter\n if (localhostJWT) {\n // Set localhost JWT cookie on customer app domain\n this.setCookie(LOCALHOST_JWT_COOKIE_NAME, localhostJWT, {\n maxAge: 30 * 24 * 60 * 60, // 30 days\n });\n }\n\n const localhostJWTCookie = Cookies.get(LOCALHOST_JWT_COOKIE_NAME);\n\n console.log('localhostJWTCookie', localhostJWTCookie);\n\n if (localhostJWTCookie && !Cookies.get(SESSION_COOKIE_NAME)) {\n const result = await this.refreshSession({ signal }).catch(this.handleRequestError);\n if ('error' in result) return result;\n }\n\n const sessionPayload = this.getSessionPayload();\n\n if (!sessionPayload) {\n return {\n error: null,\n user: null,\n };\n }\n\n if (isExpiredIn(sessionPayload.exp, SESSION_EXPIRATION_BUFFER)) {\n const result = await this.refreshSession().catch(this.handleRequestError);\n if ('error' in result) return result;\n }\n\n const result = await this.client.auth.getSession().catch(this.handleRequestError);\n if ('error' in result) return result;\n\n return {\n error: null,\n user: result.user,\n };\n }\n\n scheduleRefresh() {\n const abortController = new AbortController();\n let isOnline = true;\n let timeoutId: number \| null = null;\n\n const onlineHandler = () => {\n isOnline = true;\n if (this.pendingRefresher) {\n this.pendingRefresher();\n this.pendingRefresher = null;\n }\n };\n const offlineHandler = () => {\n isOnline = false;\n };\n\n window.addEventListener('online', onlineHandler);\n window.addEventListener('offline', offlineHandler);\n\n const refresh = () => {\n // Clear any existing timeout before scheduling a new one\n // This prevents infinite loops when refresh() is called recursively\n if (timeoutId !== null) {\n window.clearTimeout(timeoutId);\n timeoutId = null;\n }\n\n const sessionPayload = this.getSessionPayload();\n\n if (!sessionPayload \|\| isExpiredIn(sessionPayload.exp, 0)) return;\n\n // Calculate timeout delay: refresh SESSION_EXPIRATION_BUFFER seconds before expiration\n const timeoutDelayMS = calculateTimeoutDelay(sessionPayload.exp, SESSION_EXPIRATION_BUFFER);\n\n // Prevent scheduling if timeout is negative (token already expired)\n // Allow 0ms delays to handle edge cases where we're exactly at the refresh point\n // This prevents immediate re-scheduling that could cause infinite loops\n if (timeoutDelayMS < 0) {\n return;\n }\n\n // Having this function outside timeout, allows us to call refresh immediately when back online\n const refresher = async () => {\n // Clear timeoutId since we're executing now\n timeoutId = null;\n\n if (!isOnline) {\n // Keep closure of refresh function alive\n this.pendingRefresher = refresher;\n return;\n }\n\n const result = await this.refreshSession({ signal: abortController.signal });\n\n if ('error' in result) {\n // If the refresh was aborted (e.g., due to React strict mode unmounting),\n // don't treat it as an error - just return and let the component remount handle it\n if (result.error === 'aborted') {\n return;\n }\n // For real errors, update the store\n this.store.setState({\n status: 'error',\n user: null,\n error: result.error,\n });\n return;\n } else {\n // After successful refresh, schedule the next refresh with the new token\n refresh();\n }\n };\n\n timeoutId = window.setTimeout(refresher, timeoutDelayMS);\n };\n\n refresh();\n\n return () => {\n if (timeoutId) {\n window.clearTimeout(timeoutId);\n }\n abortController.abort();\n window.removeEventListener('online', onlineHandler);\n window.removeEventListener('offline', offlineHandler);\n };\n }\n\n private async refreshSession({ signal }: { signal?: AbortSignal } = {}) {\n if (signal) {\n // Add signal to tracking set (was using .has() instead of .add() - bug fix)\n this.refreshingSignals.add(signal);\n\n signal.addEventListener('abort', () => {\n this.refreshingSignals.delete(signal);\n\n if (this.refreshingSignals.size === 0) {\n this.refreshingSignalAbortController?.abort();\n }\n });\n }\n\n if (this.refreshPromise) {\n return this.refreshPromise;\n }\n\n this.refreshingSignalAbortController = new AbortController();\n\n this.refreshingSignalAbortController.signal.addEventListener('abort', () => {\n this.refreshPromise = null;\n this.refreshingSignalAbortController = null;\n this.refreshingSignals.clear();\n });\n\n // Get localhost_jwt from cookie to send as query parameter (only for non-live environments)\n const localhostJWT = !this.isLive ? Cookies.get(LOCALHOST_JWT_COOKIE_NAME) : undefined;\n\n // Build query parameters - only include __lh_jwt for non-live environments when cookie exists\n const queryParams: { __lh_jwt?: string } = {};\n if (localhostJWT) {\n queryParams.__lh_jwt = localhostJWT;\n }\n\n // Use local client to avoid infinite recursion. Regular client calls getSessionToken() which calls refreshSession().\n // There are hacks to avoid infinite recursion, but they are not reliable.\n // The localhost_jwt is sent as a query parameter only in non-live environments\n // Note: Type assertion needed because the generated SDK type doesn't include 'query' in RequestInit,\n // but the underlying CoreClient.request() method does support it\n this.refreshPromise = this.localClient.auth\n .refresh(queryParams, {\n signal: this.refreshingSignalAbortController.signal,\n })\n .then((response) => {\n // Update cookie with new session token from response body\n // Server also sets it via Set-Cookie header on auth domain, but we set it manually on customer domain\n if (!this.isLive) {\n this.setCookie(SESSION_COOKIE_NAME, response.sessionToken, {\n maxAge: 30 * 24 * 60 * 60, // 30 days\n });\n }\n return response;\n })\n .catch(this.handleRequestError);\n\n try {\n return await this.refreshPromise;\n } finally {\n this.refreshPromise = null;\n this.refreshingSignalAbortController = null;\n this.refreshingSignals.clear();\n }\n }\n}\n"],"names":["SESSION_COOKIE_NAME","LOCALHOST_JWT_URL_PARAM_NAME","LOCALHOST_JWT_COOKIE_NAME","SESSION_EXPIRATION_BUFFER","SECONDS_TO_MS","secondsToMilliseconds","seconds","millisecondsToSeconds","ms","nowInSeconds","jwtExpToMilliseconds","exp","calculateTimeoutDelay","expirationSeconds","bufferSeconds","expirationMS","bufferMS","nowMS","isExpiredIn","expiration","buffer","now","AuthSessionService","isLive","client","store","baseURL","publishableKey","Blimu","name","value","options","cookieOptions","Cookies","token","jwtDecode","sessionPayload","error","BlimuError","signal","url","localhostJWT","localhostJWTCookie","result","abortController","isOnline","timeoutId","onlineHandler","offlineHandler","refresh","timeoutDelayMS","refresher","queryParams","response"],"mappings":";;;AAQO,MAAMA,IAAsB,iBACtBC,IAA+B,YAC/BC,IAA4B,YAC5BC,IAA4B,IAMnCC,IAAgB,KAKhBC,IAAwB,CAACC,MAA4B,KAAK,MAAMA,IAAUF,CAAa,GAKvFG,IAAwB,CAACC,MAAuB,KAAK,MAAMA,IAAKJ,CAAa,GAK7EK,IAAe,MAAcF,EAAsB,KAAK,KAAK,GAK7DG,IAAuB,CAACC,MAAwBN,EAAsBM,CAAG,GAQzEC,IAAwB,CAACC,GAA2BC,MAAkC;AAC1F,QAAMC,IAAeL,EAAqBG,CAAiB,GACrDG,IAAWX,EAAsBS,CAAa,GAC9CG,IAAQ,KAAK,IAAA;AACnB,SAAO,KAAK,IAAIF,IAAeC,IAAWC,GAAO,CAAC;AACpD,GAQaC,IAAc,CAACC,GAAoBC,MAA4B;AAC1E,QAAMC,IAAMZ,EAAA;AACZ,SAAOU,IAAaC,IAASC;AAC/B;AAEO,MAAMC,EAAmB;AAAA,EAQ9B,YACmBC,GACAC,GACAC,GACjBC,GACAC,GACA;AALiB,SAAA,SAAAJ,GACA,KAAA,SAAAC,GACA,KAAA,QAAAC,GAVnB,KAAQ,mBAAwC,MAChD,KAAQ,iBAAkF,MAC1F,KAAQ,wCAA0C,IAAA,GAClD,KAAQ,kCAA0D,MAWhE,KAAK,cAAc,IAAIG,EAAM;AAAA,MAC3B,SAAAF;AAAA,MACA,aAAa;AAAA,MACb,SAAS,EAAE,2BAA2BC,EAAA;AAAA,IAAe,CACtD,GACD,KAAK,qBAAqB,KAAK,mBAAmB,KAAK,IAAI;AAAA,EAC7D;AAAA;AAAA;AAAA;AAAA,EAKQ,UAAUE,GAAcC,GAAeC,IAA+B,CAAA,GAAU;AACtF,UAAMC,IAA0C;AAAA,MAC9C,QAAQ,KAAK;AAAA;AAAA,MACb,UAAU;AAAA,MACV,MAAM;AAAA,IAAA;AAGR,IAAID,EAAQ,WAAW,WACrBC,EAAc,UAAUD,EAAQ,UAAU,OAAU,MAGtDE,EAAQ,IAAIJ,GAAMC,GAAOE,CAAa;AAAA,EACxC;AAAA,EAEA,oBAMS;AACP,UAAME,IAAQD,EAAQ,IAAIjC,CAAmB;AAE7C,WAAKkC,IAIWC,EAMbD,CAAK,IATC;AAAA,EAYX;AAAA,EAEA,MAAM,kBAA+C;AACnD,UAAME,IAAiB,KAAK,kBAAA;AAE5B,QAAKA;AAOL,aAAI,KAAK,kBACP,MAAM,KAAK,gBAEJH,EAAQ,IAAIjC,CAAmB,MAGpCkB,EAAYkB,EAAe,KAAK,CAAC,KACnC,MAAM,KAAK,eAAA,GAGNH,EAAQ,IAAIjC,CAAmB;AAAA,EACxC;AAAA,EAEA,MAAM,mBAAmBqC,GAAwD;AAC/E,WAAIA,aAAiBC,KAAc,CAAC,KAAK,GAAG,EAAE,SAASD,EAAM,MAAM,KACjEJ,EAAQ,OAAOjC,CAAmB,GAClCiC,EAAQ,OAAO/B,CAAyB,GAEjC;AAAA,MACL,OAAOmC,EAAM;AAAA,MACb,MAAM;AAAA,IAAA,KAINA,aAAiB,eACZ;AAAA,MACL,OAAOA,EAAM;AAAA,MACb,MAAM;AAAA,IAAA,IAGNA,aAAiB,QACZ;AAAA,MACL,OAAOA,EAAM;AAAA,MACb,MAAM;AAAA,IAAA,IAIH;AAAA,MACL,OAAO;AAAA,MACP,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA,EAEA,MAAM,WAAW,EAAE,QAAAE,EAAA,IAAqC,IAGrD;AACD,UAAMC,IAAM,IAAI,IAAI,OAAO,SAAS,IAAI,GAClCC,IAAeD,EAAI,aAAa,IAAIvC,CAA4B,KAAK;AAG3E,IAAIwC,MACFD,EAAI,aAAa,OAAOvC,CAA4B,GACpD,OAAO,QAAQ,aAAa,CAAA,GAAI,IAAIuC,EAAI,UAAU,IAIhDC,KAEF,KAAK,UAAUvC,GAA2BuC,GAAc;AAAA,MACtD,QAAQ,MAAU,KAAK;AAAA;AAAA,IAAA,CACxB;AAGH,UAAMC,IAAqBT,EAAQ,IAAI/B,CAAyB;AAIhE,QAFA,QAAQ,IAAI,sBAAsBwC,CAAkB,GAEhDA,KAAsB,CAACT,EAAQ,IAAIjC,CAAmB,GAAG;AAC3D,YAAM2C,IAAS,MAAM,KAAK,eAAe,EAAE,QAAAJ,GAAQ,EAAE,MAAM,KAAK,kBAAkB;AAClF,UAAI,WAAWI,EAAQ,QAAOA;AAAAA,IAChC;AAEA,UAAMP,IAAiB,KAAK,kBAAA;AAE5B,QAAI,CAACA;AACH,aAAO;AAAA,QACL,OAAO;AAAA,QACP,MAAM;AAAA,MAAA;AAIV,QAAIlB,EAAYkB,EAAe,KAAKjC,CAAyB,GAAG;AAC9D,YAAMwC,IAAS,MAAM,KAAK,iBAAiB,MAAM,KAAK,kBAAkB;AACxE,UAAI,WAAWA,EAAQ,QAAOA;AAAAA,IAChC;AAEA,UAAMA,IAAS,MAAM,KAAK,OAAO,KAAK,aAAa,MAAM,KAAK,kBAAkB;AAChF,WAAI,WAAWA,IAAeA,IAEvB;AAAA,MACL,OAAO;AAAA,MACP,MAAMA,EAAO;AAAA,IAAA;AAAA,EAEjB;AAAA,EAEA,kBAAkB;AAChB,UAAMC,IAAkB,IAAI,gBAAA;AAC5B,QAAIC,IAAW,IACXC,IAA2B;AAE/B,UAAMC,IAAgB,MAAM;AAC1B,MAAAF,IAAW,IACP,KAAK,qBACP,KAAK,iBAAA,GACL,KAAK,mBAAmB;AAAA,IAE5B,GACMG,IAAiB,MAAM;AAC3B,MAAAH,IAAW;AAAA,IACb;AAEA,WAAO,iBAAiB,UAAUE,CAAa,GAC/C,OAAO,iBAAiB,WAAWC,CAAc;AAEjD,UAAMC,IAAU,MAAM;AAGpB,MAAIH,MAAc,SAChB,OAAO,aAAaA,CAAS,GAC7BA,IAAY;AAGd,YAAMV,IAAiB,KAAK,kBAAA;AAE5B,UAAI,CAACA,KAAkBlB,EAAYkB,EAAe,KAAK,CAAC,EAAG;AAG3D,YAAMc,IAAiBtC,EAAsBwB,EAAe,KAAKjC,CAAyB;AAK1F,UAAI+C,IAAiB;AACnB;AAIF,YAAMC,IAAY,YAAY;AAI5B,YAFAL,IAAY,MAER,CAACD,GAAU;AAEb,eAAK,mBAAmBM;AACxB;AAAA,QACF;AAEA,cAAMR,IAAS,MAAM,KAAK,eAAe,EAAE,QAAQC,EAAgB,QAAQ;AAE3E,YAAI,WAAWD,GAAQ;AAGrB,cAAIA,EAAO,UAAU;AACnB;AAGF,eAAK,MAAM,SAAS;AAAA,YAClB,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,OAAOA,EAAO;AAAA,UAAA,CACf;AACD;AAAA,QACF;AAEE,UAAAM,EAAA;AAAA,MAEJ;AAEA,MAAAH,IAAY,OAAO,WAAWK,GAAWD,CAAc;AAAA,IACzD;AAEA,WAAAD,EAAA,GAEO,MAAM;AACX,MAAIH,KACF,OAAO,aAAaA,CAAS,GAE/BF,EAAgB,MAAA,GAChB,OAAO,oBAAoB,UAAUG,CAAa,GAClD,OAAO,oBAAoB,WAAWC,CAAc;AAAA,IACtD;AAAA,EACF;AAAA,EAEA,MAAc,eAAe,EAAE,QAAAT,EAAA,IAAqC,IAAI;AActE,QAbIA,MAEF,KAAK,kBAAkB,IAAIA,CAAM,GAEjCA,EAAO,iBAAiB,SAAS,MAAM;AACrC,WAAK,kBAAkB,OAAOA,CAAM,GAEhC,KAAK,kBAAkB,SAAS,KAClC,KAAK,iCAAiC,MAAA;AAAA,IAE1C,CAAC,IAGC,KAAK;AACP,aAAO,KAAK;AAGd,SAAK,kCAAkC,IAAI,gBAAA,GAE3C,KAAK,gCAAgC,OAAO,iBAAiB,SAAS,MAAM;AAC1E,WAAK,iBAAiB,MACtB,KAAK,kCAAkC,MACvC,KAAK,kBAAkB,MAAA;AAAA,IACzB,CAAC;AAGD,UAAME,IAAgB,KAAK,SAAkD,SAAzCR,EAAQ,IAAI/B,CAAyB,GAGnEkD,IAAqC,CAAA;AAC3C,IAAIX,MACFW,EAAY,WAAWX,IAQzB,KAAK,iBAAiB,KAAK,YAAY,KACpC,QAAQW,GAAa;AAAA,MACpB,QAAQ,KAAK,gCAAgC;AAAA,IAAA,CAC9C,EACA,KAAK,CAACC,OAGA,KAAK,UACR,KAAK,UAAUrD,GAAqBqD,EAAS,cAAc;AAAA,MACzD,QAAQ,MAAU,KAAK;AAAA;AAAA,IAAA,CACxB,GAEIA,EACR,EACA,MAAM,KAAK,kBAAkB;AAEhC,QAAI;AACF,aAAO,MAAM,KAAK;AAAA,IACpB,UAAA;AACE,WAAK,iBAAiB,MACtB,KAAK,kCAAkC,MACvC,KAAK,kBAAkB,MAAA;AAAA,IACzB;AAAA,EACF;AACF;"}
1	+ {"version":3,"file":"auth.service.js","sources":["../../src/client/auth.service.ts"],"sourcesContent":["import { Blimu, BlimuError } from '@blimu/client';\nimport type { RefreshResponse } from '@blimu/client/schema';\nimport Cookies from 'js-cookie';\nimport { jwtDecode } from 'jwt-decode';\n\nimport type { AuthState, User } from '../types';\nimport { ExternalStore } from './external-store';\n\nexport const SESSION_COOKIE_NAME = '__bli_session';\nexport const LOCALHOST_JWT_URL_PARAM_NAME = '__lh_jwt';\nexport const LOCALHOST_JWT_COOKIE_NAME = '__lh_jwt';\nexport const SESSION_EXPIRATION_BUFFER = 10;\n\n/*\n Time conversion utilities\n * JWT tokens use seconds (Unix timestamp), JavaScript Date uses milliseconds\n /\nconst SECONDS_TO_MS = 1000;\n\n/\n Convert seconds to milliseconds\n /\nconst secondsToMilliseconds = (seconds: number): number => Math.floor(seconds SECONDS_TO_MS);\n\n/*\n Convert milliseconds to seconds\n /\nconst millisecondsToSeconds = (ms: number): number => Math.floor(ms / SECONDS_TO_MS);\n\n/\n Get current time in seconds (Unix timestamp)\n /\nconst nowInSeconds = (): number => millisecondsToSeconds(Date.now());\n\n/\n Convert JWT expiration time (seconds) to milliseconds\n /\nconst jwtExpToMilliseconds = (exp: number): number => secondsToMilliseconds(exp);\n\n/\n Calculate timeout delay in milliseconds for refreshing before expiration\n * @param expirationSeconds - JWT exp claim in seconds\n * @param bufferSeconds - Buffer time in seconds before expiration\n * @returns Timeout delay in milliseconds\n /\nconst calculateTimeoutDelay = (expirationSeconds: number, bufferSeconds: number): number => {\n const expirationMS = jwtExpToMilliseconds(expirationSeconds);\n const bufferMS = secondsToMilliseconds(bufferSeconds);\n const nowMS = Date.now();\n return Math.max(expirationMS - bufferMS - nowMS, 0);\n};\n\n/\n Check if a JWT expiration time (in seconds) is expired or will expire within the buffer\n * @param expiration - JWT exp claim in seconds (Unix timestamp)\n * @param buffer - Buffer time in seconds before expiration to consider it expired\n * @returns true if expired or will expire within buffer\n /\nexport const isExpiredIn = (expiration: number, buffer: number): boolean => {\n const now = nowInSeconds();\n return expiration - buffer < now;\n};\n\nexport class AuthSessionService {\n private pendingRefresher: (() => void) \| null = null;\n private refreshPromise: Promise<RefreshResponse \| { error: string; user: null }> \| null = null;\n private refreshingSignals: Set<AbortSignal> = new Set();\n private refreshingSignalAbortController: AbortController \| null = null;\n // A local client that doesn't call getSessionToken() which calls refreshSession().\n private localClient: Blimu;\n\n constructor(\n private readonly isLive: boolean,\n private readonly client: Blimu,\n private readonly store: ExternalStore<AuthState>,\n baseURL: string,\n publishableKey: string,\n ) {\n this.localClient = new Blimu({\n baseURL,\n credentials: 'include',\n headers: { 'x-blimu-publishable-key': publishableKey },\n });\n this.handleRequestError = this.handleRequestError.bind(this);\n }\n\n /\n Set cookie with appropriate security settings based on environment\n /\n private setCookie(name: string, value: string, options: { maxAge?: number } = {}): void {\n const cookieOptions: Cookies.CookieAttributes = {\n secure: this.isLive, // true for live environments, false for localhost\n sameSite: 'lax',\n path: '/',\n };\n\n if (options.maxAge !== undefined) {\n cookieOptions.expires = options.maxAge / (24 60 * 60); // Convert seconds to days\n }\n\n Cookies.set(name, value, cookieOptions);\n }\n\n getSessionPayload(): {\n sub: string;\n environmentId: string;\n type: string;\n iat: number;\n exp: number;\n } \| null {\n const token = Cookies.get(SESSION_COOKIE_NAME);\n\n if (!token) {\n return null;\n }\n\n const decoded = jwtDecode<{\n sub: string;\n environmentId: string;\n type: string;\n iat: number;\n exp: number;\n }>(token);\n\n return decoded;\n }\n\n async getSessionToken(): Promise<string \| undefined> {\n const sessionPayload = this.getSessionPayload();\n\n if (!sessionPayload) {\n return undefined;\n }\n\n // If a refresh is already in progress, wait for it to complete\n // This prevents infinite recursion when refreshSession() calls client.auth.refresh()\n // which triggers accessToken() which calls getSessionToken()\n if (this.refreshPromise) {\n await this.refreshPromise;\n // After refresh completes, return the updated token from cookie\n return Cookies.get(SESSION_COOKIE_NAME);\n }\n\n if (isExpiredIn(sessionPayload.exp, 0)) {\n await this.refreshSession();\n }\n\n return Cookies.get(SESSION_COOKIE_NAME);\n }\n\n async handleRequestError(error: unknown): Promise<{ error: string; user: null }> {\n if (error instanceof BlimuError && [401, 500].includes(error.status)) {\n Cookies.remove(SESSION_COOKIE_NAME);\n Cookies.remove(LOCALHOST_JWT_COOKIE_NAME);\n\n return {\n error: error.message,\n user: null,\n };\n }\n\n if (error instanceof DOMException)\n return {\n error: error.message,\n user: null,\n };\n\n if (error instanceof Error) {\n return {\n error: error.message,\n user: null,\n };\n }\n\n return {\n error: 'unknown error',\n user: null,\n };\n }\n\n async initialize({ signal }: { signal?: AbortSignal } = {}): Promise<{\n error: string \| null;\n user: User \| null;\n }> {\n const url = new URL(window.location.href);\n const localhostJWT = url.searchParams.get(LOCALHOST_JWT_URL_PARAM_NAME) ?? undefined;\n\n // Clean up URL parameters immediately to prevent re-processing on re-renders\n if (localhostJWT) {\n url.searchParams.delete(LOCALHOST_JWT_URL_PARAM_NAME);\n window.history.replaceState({}, '', url.toString());\n }\n\n // Handle localhost JWT from URL parameter\n if (localhostJWT) {\n // Set localhost JWT cookie on customer app domain\n this.setCookie(LOCALHOST_JWT_COOKIE_NAME, localhostJWT, {\n maxAge: 30 * 24 * 60 * 60, // 30 days\n });\n }\n\n const localhostJWTCookie = Cookies.get(LOCALHOST_JWT_COOKIE_NAME);\n\n if (localhostJWTCookie && !Cookies.get(SESSION_COOKIE_NAME)) {\n const result = await this.refreshSession({ signal }).catch(this.handleRequestError);\n if ('error' in result) return result;\n }\n\n const sessionPayload = this.getSessionPayload();\n\n if (!sessionPayload) {\n return {\n error: null,\n user: null,\n };\n }\n\n if (isExpiredIn(sessionPayload.exp, SESSION_EXPIRATION_BUFFER)) {\n const result = await this.refreshSession().catch(this.handleRequestError);\n if ('error' in result) return result;\n }\n\n const result = await this.client.auth.getSession().catch(this.handleRequestError);\n if ('error' in result) return result;\n\n return {\n error: null,\n user: result.user,\n };\n }\n\n scheduleRefresh() {\n const abortController = new AbortController();\n let isOnline = true;\n let timeoutId: number \| null = null;\n\n const onlineHandler = () => {\n isOnline = true;\n if (this.pendingRefresher) {\n this.pendingRefresher();\n this.pendingRefresher = null;\n }\n };\n const offlineHandler = () => {\n isOnline = false;\n };\n\n window.addEventListener('online', onlineHandler);\n window.addEventListener('offline', offlineHandler);\n\n const refresh = () => {\n // Clear any existing timeout before scheduling a new one\n // This prevents infinite loops when refresh() is called recursively\n if (timeoutId !== null) {\n window.clearTimeout(timeoutId);\n timeoutId = null;\n }\n\n const sessionPayload = this.getSessionPayload();\n\n if (!sessionPayload \|\| isExpiredIn(sessionPayload.exp, 0)) return;\n\n // Calculate timeout delay: refresh SESSION_EXPIRATION_BUFFER seconds before expiration\n const timeoutDelayMS = calculateTimeoutDelay(sessionPayload.exp, SESSION_EXPIRATION_BUFFER);\n\n // Prevent scheduling if timeout is negative (token already expired)\n // Allow 0ms delays to handle edge cases where we're exactly at the refresh point\n // This prevents immediate re-scheduling that could cause infinite loops\n if (timeoutDelayMS < 0) {\n return;\n }\n\n // Having this function outside timeout, allows us to call refresh immediately when back online\n const refresher = async () => {\n // Clear timeoutId since we're executing now\n timeoutId = null;\n\n if (!isOnline) {\n // Keep closure of refresh function alive\n this.pendingRefresher = refresher;\n return;\n }\n\n const result = await this.refreshSession({ signal: abortController.signal });\n\n if ('error' in result) {\n // If the refresh was aborted (e.g., due to React strict mode unmounting),\n // don't treat it as an error - just return and let the component remount handle it\n if (result.error === 'aborted') {\n return;\n }\n // For real errors, update the store\n this.store.setState({\n status: 'error',\n user: null,\n error: result.error,\n });\n return;\n } else {\n // After successful refresh, schedule the next refresh with the new token\n refresh();\n }\n };\n\n timeoutId = window.setTimeout(refresher, timeoutDelayMS);\n };\n\n refresh();\n\n return () => {\n if (timeoutId) {\n window.clearTimeout(timeoutId);\n }\n abortController.abort();\n window.removeEventListener('online', onlineHandler);\n window.removeEventListener('offline', offlineHandler);\n };\n }\n\n private async refreshSession({ signal }: { signal?: AbortSignal \| undefined } = {}) {\n if (signal) {\n // Add signal to tracking set (was using .has() instead of .add() - bug fix)\n this.refreshingSignals.add(signal);\n\n signal.addEventListener('abort', () => {\n this.refreshingSignals.delete(signal);\n\n if (this.refreshingSignals.size === 0) {\n this.refreshingSignalAbortController?.abort();\n }\n });\n }\n\n if (this.refreshPromise) {\n return this.refreshPromise;\n }\n\n this.refreshingSignalAbortController = new AbortController();\n\n this.refreshingSignalAbortController.signal.addEventListener('abort', () => {\n this.refreshPromise = null;\n this.refreshingSignalAbortController = null;\n this.refreshingSignals.clear();\n });\n\n // Get localhost_jwt from cookie to send as query parameter (only for non-live environments)\n const localhostJWT = !this.isLive ? Cookies.get(LOCALHOST_JWT_COOKIE_NAME) : undefined;\n\n // Build query parameters - only include __lh_jwt for non-live environments when cookie exists\n const queryParams: { __lh_jwt?: string } = {};\n if (localhostJWT) {\n queryParams.__lh_jwt = localhostJWT;\n }\n\n // Use local client to avoid infinite recursion. Regular client calls getSessionToken() which calls refreshSession().\n // There are hacks to avoid infinite recursion, but they are not reliable.\n // The localhost_jwt is sent as a query parameter only in non-live environments\n // Note: Type assertion needed because the generated SDK type doesn't include 'query' in RequestInit,\n // but the underlying CoreClient.request() method does support it\n this.refreshPromise = this.localClient.auth\n .refresh(queryParams, {\n signal: this.refreshingSignalAbortController.signal,\n })\n .then((response) => {\n // Update cookie with new session token from response body\n // Server also sets it via Set-Cookie header on auth domain, but we set it manually on customer domain\n if (!this.isLive) {\n this.setCookie(SESSION_COOKIE_NAME, response.sessionToken, {\n maxAge: 30 * 24 * 60 * 60, // 30 days\n });\n }\n return response;\n })\n .catch(this.handleRequestError);\n\n try {\n return await this.refreshPromise;\n } finally {\n this.refreshPromise = null;\n this.refreshingSignalAbortController = null;\n this.refreshingSignals.clear();\n }\n }\n}\n"],"names":["Cookies","result"],"mappings":";;;AAQO,MAAM,sBAAsB;AAC5B,MAAM,+BAA+B;AACrC,MAAM,4BAA4B;AAClC,MAAM,4BAA4B;AAMzC,MAAM,gBAAgB;AAKtB,MAAM,wBAAwB,CAAC,YAA4B,KAAK,MAAM,UAAU,aAAa;AAK7F,MAAM,wBAAwB,CAAC,OAAuB,KAAK,MAAM,KAAK,aAAa;AAKnF,MAAM,eAAe,MAAc,sBAAsB,KAAK,KAAK;AAKnE,MAAM,uBAAuB,CAAC,QAAwB,sBAAsB,GAAG;AAQ/E,MAAM,wBAAwB,CAAC,mBAA2B,kBAAkC;AAC1F,QAAM,eAAe,qBAAqB,iBAAiB;AAC3D,QAAM,WAAW,sBAAsB,aAAa;AACpD,QAAM,QAAQ,KAAK,IAAA;AACnB,SAAO,KAAK,IAAI,eAAe,WAAW,OAAO,CAAC;AACpD;AAQO,MAAM,cAAc,CAAC,YAAoB,WAA4B;AAC1E,QAAM,MAAM,aAAA;AACZ,SAAO,aAAa,SAAS;AAC/B;AAEO,MAAM,mBAAmB;AAAA,EAQ9B,YACmB,QACA,QACA,OACjB,SACA,gBACA;AALiB,SAAA,SAAA;AACA,SAAA,SAAA;AACA,SAAA,QAAA;AAVnB,SAAQ,mBAAwC;AAChD,SAAQ,iBAAkF;AAC1F,SAAQ,wCAA0C,IAAA;AAClD,SAAQ,kCAA0D;AAWhE,SAAK,cAAc,IAAI,MAAM;AAAA,MAC3B;AAAA,MACA,aAAa;AAAA,MACb,SAAS,EAAE,2BAA2B,eAAA;AAAA,IAAe,CACtD;AACD,SAAK,qBAAqB,KAAK,mBAAmB,KAAK,IAAI;AAAA,EAC7D;AAAA;AAAA;AAAA;AAAA,EAKQ,UAAU,MAAc,OAAe,UAA+B,CAAA,GAAU;AACtF,UAAM,gBAA0C;AAAA,MAC9C,QAAQ,KAAK;AAAA;AAAA,MACb,UAAU;AAAA,MACV,MAAM;AAAA,IAAA;AAGR,QAAI,QAAQ,WAAW,QAAW;AAChC,oBAAc,UAAU,QAAQ,UAAU,KAAK,KAAK;AAAA,IACtD;AAEAA,QAAQ,IAAI,MAAM,OAAO,aAAa;AAAA,EACxC;AAAA,EAEA,oBAMS;AACP,UAAM,QAAQA,IAAQ,IAAI,mBAAmB;AAE7C,QAAI,CAAC,OAAO;AACV,aAAO;AAAA,IACT;AAEA,UAAM,UAAU,UAMb,KAAK;AAER,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,kBAA+C;AACnD,UAAM,iBAAiB,KAAK,kBAAA;AAE5B,QAAI,CAAC,gBAAgB;AACnB,aAAO;AAAA,IACT;AAKA,QAAI,KAAK,gBAAgB;AACvB,YAAM,KAAK;AAEX,aAAOA,IAAQ,IAAI,mBAAmB;AAAA,IACxC;AAEA,QAAI,YAAY,eAAe,KAAK,CAAC,GAAG;AACtC,YAAM,KAAK,eAAA;AAAA,IACb;AAEA,WAAOA,IAAQ,IAAI,mBAAmB;AAAA,EACxC;AAAA,EAEA,MAAM,mBAAmB,OAAwD;AAC/E,QAAI,iBAAiB,cAAc,CAAC,KAAK,GAAG,EAAE,SAAS,MAAM,MAAM,GAAG;AACpEA,UAAQ,OAAO,mBAAmB;AAClCA,UAAQ,OAAO,yBAAyB;AAExC,aAAO;AAAA,QACL,OAAO,MAAM;AAAA,QACb,MAAM;AAAA,MAAA;AAAA,IAEV;AAEA,QAAI,iBAAiB;AACnB,aAAO;AAAA,QACL,OAAO,MAAM;AAAA,QACb,MAAM;AAAA,MAAA;AAGV,QAAI,iBAAiB,OAAO;AAC1B,aAAO;AAAA,QACL,OAAO,MAAM;AAAA,QACb,MAAM;AAAA,MAAA;AAAA,IAEV;AAEA,WAAO;AAAA,MACL,OAAO;AAAA,MACP,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA,EAEA,MAAM,WAAW,EAAE,OAAA,IAAqC,IAGrD;AACD,UAAM,MAAM,IAAI,IAAI,OAAO,SAAS,IAAI;AACxC,UAAM,eAAe,IAAI,aAAa,IAAI,4BAA4B,KAAK;AAG3E,QAAI,cAAc;AAChB,UAAI,aAAa,OAAO,4BAA4B;AACpD,aAAO,QAAQ,aAAa,CAAA,GAAI,IAAI,IAAI,UAAU;AAAA,IACpD;AAGA,QAAI,cAAc;AAEhB,WAAK,UAAU,2BAA2B,cAAc;AAAA,QACtD,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,MAAA,CACxB;AAAA,IACH;AAEA,UAAM,qBAAqBA,IAAQ,IAAI,yBAAyB;AAEhE,QAAI,sBAAsB,CAACA,IAAQ,IAAI,mBAAmB,GAAG;AAC3D,YAAMC,UAAS,MAAM,KAAK,eAAe,EAAE,QAAQ,EAAE,MAAM,KAAK,kBAAkB;AAClF,UAAI,WAAWA,QAAQ,QAAOA;AAAAA,IAChC;AAEA,UAAM,iBAAiB,KAAK,kBAAA;AAE5B,QAAI,CAAC,gBAAgB;AACnB,aAAO;AAAA,QACL,OAAO;AAAA,QACP,MAAM;AAAA,MAAA;AAAA,IAEV;AAEA,QAAI,YAAY,eAAe,KAAK,yBAAyB,GAAG;AAC9D,YAAMA,UAAS,MAAM,KAAK,iBAAiB,MAAM,KAAK,kBAAkB;AACxE,UAAI,WAAWA,QAAQ,QAAOA;AAAAA,IAChC;AAEA,UAAM,SAAS,MAAM,KAAK,OAAO,KAAK,aAAa,MAAM,KAAK,kBAAkB;AAChF,QAAI,WAAW,OAAQ,QAAO;AAE9B,WAAO;AAAA,MACL,OAAO;AAAA,MACP,MAAM,OAAO;AAAA,IAAA;AAAA,EAEjB;AAAA,EAEA,kBAAkB;AAChB,UAAM,kBAAkB,IAAI,gBAAA;AAC5B,QAAI,WAAW;AACf,QAAI,YAA2B;AAE/B,UAAM,gBAAgB,MAAM;AAC1B,iBAAW;AACX,UAAI,KAAK,kBAAkB;AACzB,aAAK,iBAAA;AACL,aAAK,mBAAmB;AAAA,MAC1B;AAAA,IACF;AACA,UAAM,iBAAiB,MAAM;AAC3B,iBAAW;AAAA,IACb;AAEA,WAAO,iBAAiB,UAAU,aAAa;AAC/C,WAAO,iBAAiB,WAAW,cAAc;AAEjD,UAAM,UAAU,MAAM;AAGpB,UAAI,cAAc,MAAM;AACtB,eAAO,aAAa,SAAS;AAC7B,oBAAY;AAAA,MACd;AAEA,YAAM,iBAAiB,KAAK,kBAAA;AAE5B,UAAI,CAAC,kBAAkB,YAAY,eAAe,KAAK,CAAC,EAAG;AAG3D,YAAM,iBAAiB,sBAAsB,eAAe,KAAK,yBAAyB;AAK1F,UAAI,iBAAiB,GAAG;AACtB;AAAA,MACF;AAGA,YAAM,YAAY,YAAY;AAE5B,oBAAY;AAEZ,YAAI,CAAC,UAAU;AAEb,eAAK,mBAAmB;AACxB;AAAA,QACF;AAEA,cAAM,SAAS,MAAM,KAAK,eAAe,EAAE,QAAQ,gBAAgB,QAAQ;AAE3E,YAAI,WAAW,QAAQ;AAGrB,cAAI,OAAO,UAAU,WAAW;AAC9B;AAAA,UACF;AAEA,eAAK,MAAM,SAAS;AAAA,YAClB,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,OAAO,OAAO;AAAA,UAAA,CACf;AACD;AAAA,QACF,OAAO;AAEL,kBAAA;AAAA,QACF;AAAA,MACF;AAEA,kBAAY,OAAO,WAAW,WAAW,cAAc;AAAA,IACzD;AAEA,YAAA;AAEA,WAAO,MAAM;AACX,UAAI,WAAW;AACb,eAAO,aAAa,SAAS;AAAA,MAC/B;AACA,sBAAgB,MAAA;AAChB,aAAO,oBAAoB,UAAU,aAAa;AAClD,aAAO,oBAAoB,WAAW,cAAc;AAAA,IACtD;AAAA,EACF;AAAA,EAEA,MAAc,eAAe,EAAE,OAAA,IAAiD,IAAI;AAClF,QAAI,QAAQ;AAEV,WAAK,kBAAkB,IAAI,MAAM;AAEjC,aAAO,iBAAiB,SAAS,MAAM;AACrC,aAAK,kBAAkB,OAAO,MAAM;AAEpC,YAAI,KAAK,kBAAkB,SAAS,GAAG;AACrC,eAAK,iCAAiC,MAAA;AAAA,QACxC;AAAA,MACF,CAAC;AAAA,IACH;AAEA,QAAI,KAAK,gBAAgB;AACvB,aAAO,KAAK;AAAA,IACd;AAEA,SAAK,kCAAkC,IAAI,gBAAA;AAE3C,SAAK,gCAAgC,OAAO,iBAAiB,SAAS,MAAM;AAC1E,WAAK,iBAAiB;AACtB,WAAK,kCAAkC;AACvC,WAAK,kBAAkB,MAAA;AAAA,IACzB,CAAC;AAGD,UAAM,eAAe,CAAC,KAAK,SAASD,IAAQ,IAAI,yBAAyB,IAAI;AAG7E,UAAM,cAAqC,CAAA;AAC3C,QAAI,cAAc;AAChB,kBAAY,WAAW;AAAA,IACzB;AAOA,SAAK,iBAAiB,KAAK,YAAY,KACpC,QAAQ,aAAa;AAAA,MACpB,QAAQ,KAAK,gCAAgC;AAAA,IAAA,CAC9C,EACA,KAAK,CAAC,aAAa;AAGlB,UAAI,CAAC,KAAK,QAAQ;AAChB,aAAK,UAAU,qBAAqB,SAAS,cAAc;AAAA,UACzD,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,QAAA,CACxB;AAAA,MACH;AACA,aAAO;AAAA,IACT,CAAC,EACA,MAAM,KAAK,kBAAkB;AAEhC,QAAI;AACF,aAAO,MAAM,KAAK;AAAA,IACpB,UAAA;AACE,WAAK,iBAAiB;AACtB,WAAK,kCAAkC;AACvC,WAAK,kBAAkB,MAAA;AAAA,IACzB;AAAA,EACF;AACF;"}

package/dist/client/external-store.cjs CHANGED Viewed

@@ -1,2 +1,27 @@
-"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});class i{constructor(e){this.listeners=new Set,this.subscribe=t=>(this.listeners.add(t),()=>{this.listeners.delete(t)}),this.setState=t=>{typeof t=="function"?this.state=t(this.state):this.state=t,this.listeners.forEach(s=>s(this.state))},this.getSnapshot=()=>this.state,this.state=e}}exports.ExternalStore=i;
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+class ExternalStore {
+  constructor(initialState) {
+    this.listeners = /* @__PURE__ */ new Set();
+    this.subscribe = (listener) => {
+      this.listeners.add(listener);
+      return () => {
+        this.listeners.delete(listener);
+      };
+    };
+    this.setState = (state) => {
+      if (typeof state === "function") {
+        this.state = state(this.state);
+      } else {
+        this.state = state;
+      }
+      this.listeners.forEach((listener) => listener(this.state));
+    };
+    this.getSnapshot = () => {
+      return this.state;
+    };
+    this.state = initialState;
+  }
+}
+exports.ExternalStore = ExternalStore;
 //# sourceMappingURL=external-store.cjs.map

package/dist/client/external-store.cjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"external-store.cjs","sources":["../../src/client/external-store.ts"],"sourcesContent":["export class ExternalStore<T> {\n private state: T;\n private listeners: Set<(state: T) => void> = new Set();\n\n constructor(initialState: T) {\n this.state = initialState;\n }\n\n /*\n Subscribe to state changes\n * Returns an unsubscribe function\n /\n subscribe = (listener: (state: T) => void): (() => void) => {\n this.listeners.add(listener);\n // Return unsubscribe function\n return () => {\n this.listeners.delete(listener);\n };\n };\n\n /\n Update state and notify all listeners\n * Accepts either a new state value or a function updater\n /\n setState = (state: T \| ((state: T) => T)) => {\n if (typeof state === 'function') {\n this.state = (state as (prev: T) => T)(this.state);\n } else {\n this.state = state;\n }\n // Notify all listeners\n this.listeners.forEach((listener) => listener(this.state));\n };\n\n /\n Get current state without subscribing\n */\n getSnapshot = (): T => {\n return this.state;\n };\n}\n"],"names":[~~"ExternalStore","initialState","listener","state"~~],"mappings":"~~gFAAO~~,~~MAAMA~~,~~CAAiB~~,~~CAI5B~~,~~YAAYC~~,~~EAAiB~~,~~CAF7B~~,~~KAAQ~~,~~cAAyC~~,~~IAUjD~~,~~KAAA~~,~~UAAaC~~,~~IACX~~,~~KAAK~~,UAAU,~~IAAIA~~,~~CAAQ~~,~~EAEpB~~,~~IAAM~~,~~CACX~~,~~KAAK,~~UAAU,~~OAAOA~~,~~CAAQ~~,~~CAChC~~,~~GAOF~~,~~KAAA~~,~~SAAYC~~,~~GAAiC~~,~~CACvC~~,~~OAAOA~~,~~GAAU~~,~~WACnB~~,~~KAAK~~,~~MAASA~~,~~EAAyB~~,KAAK,KAAK,~~EAEjD~~,~~KAAK~~,~~MAAQA~~,~~EAGf~~,~~KAAK~~,UAAU,~~QAASD~~,~~GAAaA~~,~~EAAS~~,KAAK,KAAK,CAAC,~~CAC3D~~,~~EAKA~~,~~KAAA~~,~~YAAc~~,~~IACL~~,KAAK,~~MAjCZ~~,~~KAAK~~,~~MAAQD~~,~~CACf,CAkCF~~"}
1	+ {"version":3,"file":"external-store.cjs","sources":["../../src/client/external-store.ts"],"sourcesContent":["export class ExternalStore<T> {\n private state: T;\n private listeners: Set<(state: T) => void> = new Set();\n\n constructor(initialState: T) {\n this.state = initialState;\n }\n\n /*\n Subscribe to state changes\n * Returns an unsubscribe function\n /\n subscribe = (listener: (state: T) => void): (() => void) => {\n this.listeners.add(listener);\n // Return unsubscribe function\n return () => {\n this.listeners.delete(listener);\n };\n };\n\n /\n Update state and notify all listeners\n * Accepts either a new state value or a function updater\n /\n setState = (state: T \| ((state: T) => T)) => {\n if (typeof state === 'function') {\n this.state = (state as (prev: T) => T)(this.state);\n } else {\n this.state = state;\n }\n // Notify all listeners\n this.listeners.forEach((listener) => listener(this.state));\n };\n\n /\n Get current state without subscribing\n */\n getSnapshot = (): T => {\n return this.state;\n };\n}\n"],"names":[],"mappings":";;AAAO,MAAM,cAAiB;AAAA,EAI5B,YAAY,cAAiB;AAF7B,SAAQ,gCAAyC,IAAA;AAUjD,SAAA,YAAY,CAAC,aAA+C;AAC1D,WAAK,UAAU,IAAI,QAAQ;AAE3B,aAAO,MAAM;AACX,aAAK,UAAU,OAAO,QAAQ;AAAA,MAChC;AAAA,IACF;AAMA,SAAA,WAAW,CAAC,UAAiC;AAC3C,UAAI,OAAO,UAAU,YAAY;AAC/B,aAAK,QAAS,MAAyB,KAAK,KAAK;AAAA,MACnD,OAAO;AACL,aAAK,QAAQ;AAAA,MACf;AAEA,WAAK,UAAU,QAAQ,CAAC,aAAa,SAAS,KAAK,KAAK,CAAC;AAAA,IAC3D;AAKA,SAAA,cAAc,MAAS;AACrB,aAAO,KAAK;AAAA,IACd;AAlCE,SAAK,QAAQ;AAAA,EACf;AAkCF;;"}

package/dist/client/external-store.js CHANGED Viewed

@@ -1,13 +1,27 @@
-class h {
-  constructor(s) {
-    this.listeners = /* @__PURE__ */ new Set(), this.subscribe = (t) => (this.listeners.add(t), () => {
-      this.listeners.delete(t);
-    }), this.setState = (t) => {
-      typeof t == "function" ? this.state = t(this.state) : this.state = t, this.listeners.forEach((e) => e(this.state));
-    }, this.getSnapshot = () => this.state, this.state = s;
+class ExternalStore {
+  constructor(initialState) {
+    this.listeners = /* @__PURE__ */ new Set();
+    this.subscribe = (listener) => {
+      this.listeners.add(listener);
+      return () => {
+        this.listeners.delete(listener);
+      };
+    };
+    this.setState = (state) => {
+      if (typeof state === "function") {
+        this.state = state(this.state);
+      } else {
+        this.state = state;
+      }
+      this.listeners.forEach((listener) => listener(this.state));
+    };
+    this.getSnapshot = () => {
+      return this.state;
+    };
+    this.state = initialState;
   }
 }
 export {
-  h as ExternalStore
+  ExternalStore
 };
 //# sourceMappingURL=external-store.js.map

package/dist/client/external-store.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"external-store.js","sources":["../../src/client/external-store.ts"],"sourcesContent":["export class ExternalStore<T> {\n private state: T;\n private listeners: Set<(state: T) => void> = new Set();\n\n constructor(initialState: T) {\n this.state = initialState;\n }\n\n /*\n Subscribe to state changes\n * Returns an unsubscribe function\n /\n subscribe = (listener: (state: T) => void): (() => void) => {\n this.listeners.add(listener);\n // Return unsubscribe function\n return () => {\n this.listeners.delete(listener);\n };\n };\n\n /\n Update state and notify all listeners\n * Accepts either a new state value or a function updater\n /\n setState = (state: T \| ((state: T) => T)) => {\n if (typeof state === 'function') {\n this.state = (state as (prev: T) => T)(this.state);\n } else {\n this.state = state;\n }\n // Notify all listeners\n this.listeners.forEach((listener) => listener(this.state));\n };\n\n /\n Get current state without subscribing\n */\n getSnapshot = (): T => {\n return this.state;\n };\n}\n"],"names":[~~"ExternalStore","initialState","listener","state"~~],"mappings":"AAAO,~~MAAMA~~,~~EAAiB~~;AAAA,EAI5B,~~YAAYC~~,~~GAAiB~~;AAF7B,SAAQ,gCAAyC,IAAA,~~GAUjD~~,~~KAAA,~~YAAY,~~CAACC~~,~~OACX~~,~~KAAK~~,UAAU,~~IAAIA~~,~~CAAQ~~,~~GAEpB~~,MAAM;AACX,~~WAAK~~,UAAU,~~OAAOA~~,~~CAAQ~~;AAAA,~~IAChC~~,~~IAOF~~,~~KAAA~~,WAAW,~~CAACC~~,~~MAAiC~~;AAC3C,~~MAAI~~,~~OAAOA~~,~~KAAU~~,~~aACnB~~,~~KAAK~~,~~QAASA~~,~~EAAyB~~,KAAK,KAAK,~~IAEjD~~,~~KAAK~~,~~QAAQA~~,~~GAGf~~,~~KAAK~~,UAAU,QAAQ,~~CAACD~~,~~MAAaA~~,~~EAAS~~,KAAK,KAAK,CAAC;AAAA,IAC3D,~~GAKA~~,~~KAAA,~~cAAc,~~MACL~~,KAAK,~~OAjCZ~~,~~KAAK~~,~~QAAQD~~;AAAA,EACf;AAkCF;"}
1	+ {"version":3,"file":"external-store.js","sources":["../../src/client/external-store.ts"],"sourcesContent":["export class ExternalStore<T> {\n private state: T;\n private listeners: Set<(state: T) => void> = new Set();\n\n constructor(initialState: T) {\n this.state = initialState;\n }\n\n /*\n Subscribe to state changes\n * Returns an unsubscribe function\n /\n subscribe = (listener: (state: T) => void): (() => void) => {\n this.listeners.add(listener);\n // Return unsubscribe function\n return () => {\n this.listeners.delete(listener);\n };\n };\n\n /\n Update state and notify all listeners\n * Accepts either a new state value or a function updater\n /\n setState = (state: T \| ((state: T) => T)) => {\n if (typeof state === 'function') {\n this.state = (state as (prev: T) => T)(this.state);\n } else {\n this.state = state;\n }\n // Notify all listeners\n this.listeners.forEach((listener) => listener(this.state));\n };\n\n /\n Get current state without subscribing\n */\n getSnapshot = (): T => {\n return this.state;\n };\n}\n"],"names":[],"mappings":"AAAO,MAAM,cAAiB;AAAA,EAI5B,YAAY,cAAiB;AAF7B,SAAQ,gCAAyC,IAAA;AAUjD,SAAA,YAAY,CAAC,aAA+C;AAC1D,WAAK,UAAU,IAAI,QAAQ;AAE3B,aAAO,MAAM;AACX,aAAK,UAAU,OAAO,QAAQ;AAAA,MAChC;AAAA,IACF;AAMA,SAAA,WAAW,CAAC,UAAiC;AAC3C,UAAI,OAAO,UAAU,YAAY;AAC/B,aAAK,QAAS,MAAyB,KAAK,KAAK;AAAA,MACnD,OAAO;AACL,aAAK,QAAQ;AAAA,MACf;AAEA,WAAK,UAAU,QAAQ,CAAC,aAAa,SAAS,KAAK,KAAK,CAAC;AAAA,IAC3D;AAKA,SAAA,cAAc,MAAS;AACrB,aAAO,KAAK;AAAA,IACd;AAlCE,SAAK,QAAQ;AAAA,EACf;AAkCF;"}