npm - @blocklet/js-sdk - Versions diffs - 1.17.3-beta-20251125-042047-1bcefd39 → 1.17.3-beta-20251127-063055-94957209 - Mend

@blocklet/js-sdk 1.17.3-beta-20251125-042047-1bcefd39 → 1.17.3-beta-20251127-063055-94957209

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.d.mts CHANGED Viewed

@@ -335,6 +335,11 @@ declare class FederatedService {
 }
 declare function getCSRFToken(): string;
+declare function getLoginToken(): string;
+declare function getCSRFTokenByLoginToken(): Promise<{
+    loginToken: string;
+    csrfToken: string | null;
+}>;
 declare class BlockletSDK {
     api: Axios;
@@ -351,4 +356,4 @@ declare function createFetch(options?: RequestInit, requestParams?: RequestParam
 }) => Promise<Response>;
 declare const getBlockletSDK: () => BlockletSDK;
-export { AuthService, BlockletSDK, BlockletService, ComponentService, FederatedService, type NotificationConfig, OrgQueryType, type PrivacyConfig, type SpaceGateway, TokenService, type UserPublicInfo, type UserSession, type UserSessionList, type UserSessionQuery, UserSessionService, type UserSessionUser, type Webhook, createAxios, createFetch, getBlockletSDK, getCSRFToken };
+export { AuthService, BlockletSDK, BlockletService, ComponentService, FederatedService, type NotificationConfig, OrgQueryType, type PrivacyConfig, type SpaceGateway, TokenService, type UserPublicInfo, type UserSession, type UserSessionList, type UserSessionQuery, UserSessionService, type UserSessionUser, type Webhook, createAxios, createFetch, getBlockletSDK, getCSRFToken, getCSRFTokenByLoginToken, getLoginToken };

package/dist/index.d.ts CHANGED Viewed

@@ -335,6 +335,11 @@ declare class FederatedService {
 }
 declare function getCSRFToken(): string;
+declare function getLoginToken(): string;
+declare function getCSRFTokenByLoginToken(): Promise<{
+    loginToken: string;
+    csrfToken: string | null;
+}>;
 declare class BlockletSDK {
     api: Axios;
@@ -351,4 +356,4 @@ declare function createFetch(options?: RequestInit, requestParams?: RequestParam
 }) => Promise<Response>;
 declare const getBlockletSDK: () => BlockletSDK;
-export { AuthService, BlockletSDK, BlockletService, ComponentService, FederatedService, type NotificationConfig, OrgQueryType, type PrivacyConfig, type SpaceGateway, TokenService, type UserPublicInfo, type UserSession, type UserSessionList, type UserSessionQuery, UserSessionService, type UserSessionUser, type Webhook, createAxios, createFetch, getBlockletSDK, getCSRFToken };
+export { AuthService, BlockletSDK, BlockletService, ComponentService, FederatedService, type NotificationConfig, OrgQueryType, type PrivacyConfig, type SpaceGateway, TokenService, type UserPublicInfo, type UserSession, type UserSessionList, type UserSessionQuery, UserSessionService, type UserSessionUser, type Webhook, createAxios, createFetch, getBlockletSDK, getCSRFToken, getCSRFTokenByLoginToken, getLoginToken };

package/dist/index.mjs CHANGED Viewed

@@ -4,6 +4,9 @@ import Cookie from 'js-cookie';
 import QuickLRU from 'quick-lru';
 import isEmpty from 'lodash/isEmpty';
 import axios from 'axios';
+import Keyv from 'keyv';
+import { KeyvLocalStorage } from 'keyv-browser';
+import isNumber from 'lodash/isNumber';
 import omit from 'lodash/omit';
 import isObject from 'lodash/isObject';
 import stableStringify from 'json-stable-stringify';
@@ -475,7 +478,33 @@ const verifyResponse = async (response, onInvalid) => {
 function getCSRFToken() {
   return Cookie.get("x-csrf-token");
 }
+function getLoginToken() {
+  return Cookie.get("login_token");
+}
+async function getCSRFTokenByLoginToken() {
+  const csrfToken = getCSRFToken();
+  try {
+    const url = joinURL(window.location.origin, WELLKNOWN_SERVICE_PATH_PREFIX, "/api/did/csrfToken");
+    const { data } = await axios.get(url, {
+      headers: {
+        "x-csrf-token": csrfToken
+      }
+    });
+    return data;
+  } catch (error) {
+    console.error(error);
+    return {
+      loginToken: getLoginToken(),
+      csrfToken: null
+    };
+  }
+}
+const cacheTtl = window?.blocklet?.settings?.session?.cacheTtl;
+const csrfTokenCache = new Keyv({
+  store: new KeyvLocalStorage(),
+  ttl: isNumber(cacheTtl) ? cacheTtl * 1e3 : 1e3 * 60 * 60
+});
 async function sleepForLoading(config, lazyTime = 300) {
   config.metaData.endTime = +/* @__PURE__ */ new Date();
   const { startTime, endTime } = config.metaData;
@@ -518,11 +547,33 @@ const createAxios$1 = (options, requestParams) => {
     );
   }
   instance.interceptors.request.use(
-    (config) => {
+    async (config) => {
       const componentDid = requestParams?.componentDid ?? window.blocklet?.componentId?.split("/").pop();
       config.baseURL = config.baseURL || componentService.getComponentMountPoint(componentDid);
       config.timeout = config.timeout || 20 * 1e3;
-      config.headers["x-csrf-token"] = getCSRFToken();
+      const loginToken = getLoginToken();
+      const csrfToken = getCSRFToken();
+      if (loginToken && csrfToken) {
+        const loginTokenKey = loginToken.slice(-32);
+        const csrfTokenFromCache = await csrfTokenCache.get(loginTokenKey);
+        if (csrfTokenFromCache) {
+          config.headers["x-csrf-token"] = csrfTokenFromCache;
+        } else {
+          const { loginToken: newLoginToken, csrfToken: newCsrfToken } = await getCSRFTokenByLoginToken();
+          if (newCsrfToken) {
+            await csrfTokenCache.set(newLoginToken.slice(-32), newCsrfToken);
+            config.headers["x-csrf-token"] = newCsrfToken;
+          } else {
+            config.headers["x-csrf-token"] = csrfToken;
+          }
+        }
+        if (config.headers["x-csrf-token"] && config.headers["x-csrf-token"] !== getCSRFToken()) {
+          Cookie.set("x-csrf-token", config.headers["x-csrf-token"], {
+            sameSite: "strict",
+            secure: true
+          });
+        }
+      }
       const visitorId = getVisitorId();
       if (![void 0, null].includes(visitorId)) {
         config.headers["x-blocklet-visitor-id"] = visitorId;
@@ -847,4 +898,4 @@ const getBlockletSDK = /* @__PURE__ */ (() => {
   };
 })();
-export { BlockletSDK, createAxios, createFetch, getBlockletSDK, getCSRFToken };
+export { BlockletSDK, createAxios, createFetch, getBlockletSDK, getCSRFToken, getCSRFTokenByLoginToken, getLoginToken };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@blocklet/js-sdk",
-  "version": "1.17.3-beta-20251125-042047-1bcefd39",
+  "version": "1.17.3-beta-20251127-063055-94957209",
   "main": "dist/index.mjs",
   "module": "dist/index.mjs",
   "types": "./dist/index.d.ts",
@@ -36,14 +36,16 @@
     "watch": "nodemon -w src -e ts -x 'npm run build'"
   },
   "dependencies": {
-    "@abtnode/constant": "1.17.3-beta-20251125-042047-1bcefd39",
-    "@arcblock/did": "^1.27.7",
-    "@blocklet/meta": "1.17.3-beta-20251125-042047-1bcefd39",
-    "@ocap/wallet": "^1.27.7",
+    "@abtnode/constant": "1.17.3-beta-20251127-063055-94957209",
+    "@arcblock/did": "^1.27.12",
+    "@blocklet/meta": "1.17.3-beta-20251127-063055-94957209",
+    "@ocap/wallet": "^1.27.12",
     "axios": "^1.7.9",
     "is-url": "^1.2.4",
     "js-cookie": "^3.0.5",
     "json-stable-stringify": "^1.0.1",
+    "keyv": "^4.5.4",
+    "keyv-browser": "^0.1.1",
     "lodash": "^4.17.21",
     "quick-lru": "^7.0.0",
     "ufo": "^1.5.3"
@@ -62,5 +64,5 @@
     "typescript": "^5.6.3",
     "unbuild": "^2.0.0"
   },
-  "gitHead": "aa12c79fd75c9e7e06c3f3255bb73e278eec02d4"
+  "gitHead": "80dac020e9642b7e51c6a142c526cdecb75217a9"
 }