@callforge/tracking-client 0.5.0 → 0.6.0

package/README.md

@@ -2,7 +2,7 @@
 
 Lightweight client library for the CallForge tracking API. Handles location-aware phone number assignment with aggressive caching and preload optimization.
 
-**v0.4.1** - Simplified GA4 capture: uses gtag callback when `ga4MeasurementId` configured, no polling fallback.
+**v0.6.0** - Adds `createCallIntent()` helper for click/callback deterministic attribution and fixes ESM/CJS exports.
 
 ## Installation
 

package/dist/index.d.mts

@@ -6,6 +6,8 @@ interface CallForgeConfig {
     categoryId: string;
     /** Optional - API endpoint. Defaults to 'https://tracking.callforge.io' */
     endpoint?: string;
+    /** Optional - explicit site key for cache partitioning. Defaults to window.location.hostname */
+    siteKey?: string;
     /** Optional - GA4 Measurement ID (e.g., "G-XXXXXXXXXX"). Enables gtag callback instead of cookie polling. */
     ga4MeasurementId?: string;
 }
@@ -41,8 +43,10 @@ interface TrackingParams {
  * Session data returned by getSession().
  */
 interface TrackingSession {
-    /** Session ID from the tracking API */
-    sessionId: string | null;
+    /** Signed session token */
+    sessionToken: string;
+    /** Lease ID for deterministic number assignment */
+    leaseId: string | null;
     /** Assigned phone number, or null if no number available */
     phoneNumber: string | null;
     /** Location data, or null if location could not be resolved */
@@ -52,7 +56,8 @@ interface TrackingSession {
  * Internal API response format (includes expiresAt).
  */
 interface ApiResponse {
-    sessionId: string;
+    sessionToken: string;
+    leaseId: string | null;
     phoneNumber: string | null;
     location: {
         city: string;
@@ -61,6 +66,14 @@ interface ApiResponse {
     } | null;
     expiresAt: number;
 }
+interface CallIntentResponse {
+    callIntentToken: string;
+    intentId: string;
+    sessionId: string;
+    leaseId: string | null;
+    expiresAt: string;
+    attributionVersion: 'v1';
+}
 /**
  * Callback function for onReady subscription.
  */
@@ -80,8 +93,6 @@ declare class CallForge {
     private readonly cache;
     private sessionPromise;
     private customParams;
-    private sessionId;
-    private sessionCreated;
     private constructor();
     /**
      * Initialize the CallForge tracking client.
@@ -92,22 +103,23 @@ declare class CallForge {
      * Returns cached data if valid, otherwise fetches from API.
      */
     getSession(): Promise<TrackingSession>;
+    /**
+     * Create a short-lived call intent token for click/callback deterministic attribution.
+     */
+    createCallIntent(): Promise<CallIntentResponse>;
     /**
      * Subscribe to session ready event.
      * Callback is called once session data is available.
      */
     onReady(callback: ReadyCallback): void;
     /**
-     * Set custom tracking parameters.
-     * If session already exists, sends PATCH to update.
-     * Otherwise queues params for next session request.
+     * Set custom tracking parameters for the next session fetch.
      */
     setParams(params: Record<string, string>): Promise<void>;
     /**
      * Get the currently queued custom params.
      */
     getQueuedParams(): TrackingParams;
-    private patchSession;
     /**
      * Capture the GA4 client ID using gtag callback.
      * Only runs if ga4MeasurementId is configured.
@@ -126,18 +138,7 @@ declare class CallForge {
 /**
  * Generate HTML snippet for preloading tracking data.
  * Add this to the <head> of your HTML for optimal performance.
- *
- * The generated snippet:
- * - Checks for loc_physical_ms URL parameter
- * - Checks localStorage cache for valid session
- * - If cache valid, resolves Promise.resolve(cached) immediately
- * - If cache expired but same location, includes sessionId for refresh
- * - Otherwise fetches fresh session data
- * - Sets window.__cfTracking with the session promise
- *
- * @throws {Error} If categoryId contains invalid characters
- * @throws {Error} If endpoint is not a valid HTTPS URL
  */
 declare function getPreloadSnippet(config: CallForgeConfig): string;
 
-export { CallForge, type CallForgeConfig, type ReadyCallback, type TrackingLocation, type TrackingParams, type TrackingSession, getPreloadSnippet };
+export { CallForge, type CallForgeConfig, type CallIntentResponse, type ReadyCallback, type TrackingLocation, type TrackingParams, type TrackingSession, getPreloadSnippet };

package/dist/index.d.ts

@@ -6,6 +6,8 @@ interface CallForgeConfig {
     categoryId: string;
     /** Optional - API endpoint. Defaults to 'https://tracking.callforge.io' */
     endpoint?: string;
+    /** Optional - explicit site key for cache partitioning. Defaults to window.location.hostname */
+    siteKey?: string;
     /** Optional - GA4 Measurement ID (e.g., "G-XXXXXXXXXX"). Enables gtag callback instead of cookie polling. */
     ga4MeasurementId?: string;
 }
@@ -41,8 +43,10 @@ interface TrackingParams {
  * Session data returned by getSession().
  */
 interface TrackingSession {
-    /** Session ID from the tracking API */
-    sessionId: string | null;
+    /** Signed session token */
+    sessionToken: string;
+    /** Lease ID for deterministic number assignment */
+    leaseId: string | null;
     /** Assigned phone number, or null if no number available */
     phoneNumber: string | null;
     /** Location data, or null if location could not be resolved */
@@ -52,7 +56,8 @@ interface TrackingSession {
  * Internal API response format (includes expiresAt).
  */
 interface ApiResponse {
-    sessionId: string;
+    sessionToken: string;
+    leaseId: string | null;
     phoneNumber: string | null;
     location: {
         city: string;
@@ -61,6 +66,14 @@ interface ApiResponse {
     } | null;
     expiresAt: number;
 }
+interface CallIntentResponse {
+    callIntentToken: string;
+    intentId: string;
+    sessionId: string;
+    leaseId: string | null;
+    expiresAt: string;
+    attributionVersion: 'v1';
+}
 /**
  * Callback function for onReady subscription.
  */
@@ -80,8 +93,6 @@ declare class CallForge {
     private readonly cache;
     private sessionPromise;
     private customParams;
-    private sessionId;
-    private sessionCreated;
     private constructor();
     /**
      * Initialize the CallForge tracking client.
@@ -92,22 +103,23 @@ declare class CallForge {
      * Returns cached data if valid, otherwise fetches from API.
      */
     getSession(): Promise<TrackingSession>;
+    /**
+     * Create a short-lived call intent token for click/callback deterministic attribution.
+     */
+    createCallIntent(): Promise<CallIntentResponse>;
     /**
      * Subscribe to session ready event.
      * Callback is called once session data is available.
      */
     onReady(callback: ReadyCallback): void;
     /**
-     * Set custom tracking parameters.
-     * If session already exists, sends PATCH to update.
-     * Otherwise queues params for next session request.
+     * Set custom tracking parameters for the next session fetch.
      */
     setParams(params: Record<string, string>): Promise<void>;
     /**
      * Get the currently queued custom params.
      */
     getQueuedParams(): TrackingParams;
-    private patchSession;
     /**
      * Capture the GA4 client ID using gtag callback.
      * Only runs if ga4MeasurementId is configured.
@@ -126,18 +138,7 @@ declare class CallForge {
 /**
  * Generate HTML snippet for preloading tracking data.
  * Add this to the <head> of your HTML for optimal performance.
- *
- * The generated snippet:
- * - Checks for loc_physical_ms URL parameter
- * - Checks localStorage cache for valid session
- * - If cache valid, resolves Promise.resolve(cached) immediately
- * - If cache expired but same location, includes sessionId for refresh
- * - Otherwise fetches fresh session data
- * - Sets window.__cfTracking with the session promise
- *
- * @throws {Error} If categoryId contains invalid characters
- * @throws {Error} If endpoint is not a valid HTTPS URL
  */
 declare function getPreloadSnippet(config: CallForgeConfig): string;
 
-export { CallForge, type CallForgeConfig, type ReadyCallback, type TrackingLocation, type TrackingParams, type TrackingSession, getPreloadSnippet };
+export { CallForge, type CallForgeConfig, type CallIntentResponse, type ReadyCallback, type TrackingLocation, type TrackingParams, type TrackingSession, getPreloadSnippet };

package/dist/index.js

@@ -42,10 +42,11 @@ module.exports = __toCommonJS(index_exports);
 // src/cache.ts
 var EXPIRY_BUFFER_MS = 3e4;
 var TrackingCache = class {
-  constructor(categoryId) {
+  constructor(categoryId, siteKey) {
     this.memoryCache = null;
     this.useMemory = false;
-    this.key = `cf_tracking_${categoryId}`;
+    const resolvedSiteKey = siteKey || (typeof window !== "undefined" ? window.location.hostname : "unknown-site");
+    this.key = `cf_tracking_v1_${resolvedSiteKey}_${categoryId}`;
     this.useMemory = !this.isLocalStorageAvailable();
   }
   isLocalStorageAvailable() {
@@ -78,17 +79,15 @@ var TrackingCache = class {
     return cached;
   }
   /**
-   * Get sessionId for refresh if location matches (regardless of expiry).
-   * Used when cache is expired but location is same - send sessionId to server.
-   *
-   * Only returns sessionId if locationId is provided AND matches cached locId.
-   * (IP-based sessions don't send sessionId for refresh since location may differ)
+   * Get sessionToken for refresh if location matches (regardless of expiry).
+   * Used when cache is expired but location is same - send token to server.
    */
-  getSessionId(locationId) {
+  getSessionToken(locationId) {
     const cached = this.read();
     if (!cached) return null;
-    if (!locationId || cached.locId !== locationId) return null;
-    return cached.sessionId;
+    if (!locationId) return cached.sessionToken;
+    if (cached.locId !== locationId) return null;
+    return cached.sessionToken;
   }
   /**
    * Get cached params (for merging with new params).
@@ -142,19 +141,19 @@ var TrackingCache = class {
 // src/client.ts
 var DEFAULT_ENDPOINT = "https://tracking.callforge.io";
 var FETCH_TIMEOUT_MS = 1e4;
+var CALL_INTENT_TIMEOUT_MS = 8e3;
 var AUTO_PARAMS = ["gclid", "gbraid", "wbraid", "msclkid", "fbclid", "gad_campaignid", "gad_source"];
 var CallForge = class _CallForge {
   constructor(config) {
     this.sessionPromise = null;
     this.customParams = {};
-    this.sessionId = null;
-    this.sessionCreated = false;
     this.config = {
       categoryId: config.categoryId,
       endpoint: config.endpoint || DEFAULT_ENDPOINT,
-      ga4MeasurementId: config.ga4MeasurementId
+      ga4MeasurementId: config.ga4MeasurementId,
+      siteKey: config.siteKey
     };
-    this.cache = new TrackingCache(config.categoryId);
+    this.cache = new TrackingCache(config.categoryId, config.siteKey);
     this.captureGA4ClientId();
   }
   /**
@@ -174,6 +173,33 @@ var CallForge = class _CallForge {
     this.sessionPromise = this.fetchSession();
     return this.sessionPromise;
   }
+  /**
+   * Create a short-lived call intent token for click/callback deterministic attribution.
+   */
+  async createCallIntent() {
+    const session = await this.getSession();
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), CALL_INTENT_TIMEOUT_MS);
+    try {
+      const response = await fetch(`${this.config.endpoint}/v1/tracking/call-intent`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+        },
+        credentials: "omit",
+        signal: controller.signal,
+        body: JSON.stringify({
+          sessionToken: session.sessionToken
+        })
+      });
+      if (!response.ok) {
+        throw new Error(`Call intent API error: ${response.status} ${response.statusText}`);
+      }
+      return await response.json();
+    } finally {
+      clearTimeout(timeoutId);
+    }
+  }
   /**
    * Subscribe to session ready event.
    * Callback is called once session data is available.
@@ -183,15 +209,10 @@ var CallForge = class _CallForge {
     });
   }
   /**
-   * Set custom tracking parameters.
-   * If session already exists, sends PATCH to update.
-   * Otherwise queues params for next session request.
+   * Set custom tracking parameters for the next session fetch.
    */
   async setParams(params) {
     this.customParams = __spreadValues(__spreadValues({}, this.customParams), params);
-    if (this.sessionCreated && this.sessionId) {
-      await this.patchSession(params);
-    }
   }
   /**
    * Get the currently queued custom params.
@@ -199,23 +220,6 @@ var CallForge = class _CallForge {
   getQueuedParams() {
     return __spreadValues({}, this.customParams);
   }
-  async patchSession(params) {
-    try {
-      const response = await fetch(
-        `${this.config.endpoint}/v1/tracking/session/${this.sessionId}`,
-        {
-          method: "PATCH",
-          headers: { "Content-Type": "application/json" },
-          body: JSON.stringify(params)
-        }
-      );
-      if (!response.ok) {
-        console.warn("[CallForge] Failed to patch session:", response.status);
-      }
-    } catch (error) {
-      console.warn("[CallForge] Failed to patch session:", error);
-    }
-  }
   /**
    * Capture the GA4 client ID using gtag callback.
    * Only runs if ga4MeasurementId is configured.
@@ -234,31 +238,30 @@ var CallForge = class _CallForge {
     });
   }
   async fetchSession() {
+    var _a;
     const locationId = this.getLocationId();
-    const cached = this.cache.get(locationId);
-    if (cached) {
-      this.sessionId = cached.sessionId;
-      this.sessionCreated = true;
-      return this.formatSession(cached);
-    }
-    const autoParams = this.getAutoParams();
-    const cachedParams = this.cache.getParams();
-    const params = __spreadValues(__spreadValues(__spreadValues({}, autoParams), cachedParams), this.customParams);
     if (typeof window !== "undefined" && window.__cfTracking) {
       try {
         const data2 = await window.__cfTracking;
-        this.saveToCache(locationId, data2, params);
-        this.sessionId = data2.sessionId;
-        this.sessionCreated = true;
+        const dataWithExtras = data2;
+        const effectiveLocId = (_a = dataWithExtras.locId) != null ? _a : locationId;
+        const autoParams2 = this.getAutoParams();
+        const params2 = __spreadValues(__spreadValues(__spreadValues({}, autoParams2), dataWithExtras.params), this.customParams);
+        this.saveToCache(effectiveLocId, data2, params2);
         return this.formatApiResponse(data2);
       } catch (e) {
       }
     }
-    const cachedSessionId = this.cache.getSessionId(locationId);
-    const data = await this.fetchFromApi(locationId, cachedSessionId, params);
+    const cached = this.cache.get(locationId);
+    if (cached) {
+      return this.formatSession(cached);
+    }
+    const autoParams = this.getAutoParams();
+    const cachedParams = this.cache.getParams();
+    const params = __spreadValues(__spreadValues(__spreadValues({}, autoParams), cachedParams), this.customParams);
+    const cachedSessionToken = this.cache.getSessionToken(locationId);
+    const data = await this.fetchFromApi(locationId, cachedSessionToken, params);
     this.saveToCache(locationId, data, params);
-    this.sessionId = data.sessionId;
-    this.sessionCreated = true;
     return this.formatApiResponse(data);
   }
   getLocationId() {
@@ -278,8 +281,8 @@ var CallForge = class _CallForge {
     }
     return params;
   }
-  async fetchFromApi(locationId, sessionId, params) {
-    const url = this.buildUrl(locationId, sessionId, params);
+  async fetchFromApi(locationId, sessionToken, params) {
+    const url = this.buildUrl(locationId, sessionToken, params);
     const controller = new AbortController();
     const timeoutId = setTimeout(() => controller.abort(), FETCH_TIMEOUT_MS);
     try {
@@ -297,30 +300,34 @@ var CallForge = class _CallForge {
   }
   saveToCache(locationId, data, params) {
     const cached = {
-      locId: locationId,
-      sessionId: data.sessionId,
+      locId: locationId != null ? locationId : null,
+      sessionToken: data.sessionToken,
+      leaseId: data.leaseId,
       phoneNumber: data.phoneNumber,
       location: data.location,
       expiresAt: data.expiresAt,
+      tokenVersion: "v1",
       params
     };
     this.cache.set(cached);
   }
   formatSession(cached) {
     return {
-      sessionId: cached.sessionId,
+      sessionToken: cached.sessionToken,
+      leaseId: cached.leaseId,
       phoneNumber: cached.phoneNumber,
       location: cached.location
     };
   }
   formatApiResponse(data) {
     return {
-      sessionId: data.sessionId,
+      sessionToken: data.sessionToken,
+      leaseId: data.leaseId,
       phoneNumber: data.phoneNumber,
       location: data.location
     };
   }
-  buildUrl(locationId, sessionId, params) {
+  buildUrl(locationId, sessionToken, params) {
     const { categoryId, endpoint } = this.config;
     const queryParams = {
       categoryId
@@ -328,8 +335,8 @@ var CallForge = class _CallForge {
     if (locationId) {
       queryParams.loc_physical_ms = locationId;
     }
-    if (sessionId) {
-      queryParams.sessionId = sessionId;
+    if (sessionToken) {
+      queryParams.sessionToken = sessionToken;
     }
     for (const [key, value] of Object.entries(params)) {
       if (value !== void 0) {
@@ -359,29 +366,29 @@ function getPreloadSnippet(config) {
       `Invalid endpoint: "${endpoint}". Must be a valid HTTPS URL`
     );
   }
-  const cacheKey = `cf_tracking_${categoryId}`;
   const script = `(function(){
 var u=new URLSearchParams(location.search);
 var loc=u.get('loc_physical_ms');
 var ap=['gclid','gbraid','wbraid','msclkid','fbclid','gad_campaignid','gad_source'];
 var p={};
 for(var i=0;i<ap.length;i++){var v=u.get(ap[i]);if(v)p[ap[i]]=v}
-var key='${cacheKey}';
-var sid=null;
+var site='${config.siteKey || ""}'||location.hostname||'unknown-site';
+var key='cf_tracking_v1_'+site+'_${categoryId}';
+var token=null;
 try{
 var c=JSON.parse(localStorage.getItem(key));
 if(c&&c.expiresAt>Date.now()+30000){
 if(!loc||(loc&&c.locId===loc)){c.params=Object.assign({},c.params,p);window.__cfTracking=Promise.resolve(c);return}
-sid=(c.locId===loc)?c.sessionId:null;
+token=(!loc||c.locId===loc)?c.sessionToken:null;
 var cp=c.params||{};
 p=Object.assign({},cp,p);
 }}catch(e){}
 var url='${endpoint}/v1/tracking/session?categoryId=${categoryId}';
 if(loc)url+='&loc_physical_ms='+loc;
-if(sid)url+='&sessionId='+sid;
+if(token)url+='&sessionToken='+encodeURIComponent(token);
 var ks=Object.keys(p).sort();
 for(var j=0;j<ks.length;j++)url+='&'+ks[j]+'='+encodeURIComponent(p[ks[j]]);
-window.__cfTracking=fetch(url,{credentials:'omit'}).then(function(r){return r.json()}).then(function(d){d.params=p;try{localStorage.setItem(key,JSON.stringify({locId:loc,sessionId:d.sessionId,phoneNumber:d.phoneNumber,location:d.location,expiresAt:d.expiresAt,params:p}))}catch(e){}return d});
+window.__cfTracking=fetch(url,{credentials:'omit'}).then(function(r){if(!r.ok)throw new Error('tracking preload failed');return r.json()}).then(function(d){d.params=p;d.locId=loc;try{localStorage.setItem(key,JSON.stringify({locId:loc,sessionToken:d.sessionToken,leaseId:d.leaseId,phoneNumber:d.phoneNumber,location:d.location,expiresAt:d.expiresAt,tokenVersion:'v1',params:p}))}catch(e){}return d});
 })();`.replace(/\n/g, "");
   return `<link rel="preconnect" href="${endpoint}">
 <script>${script}</script>`;

package/dist/index.mjs

@@ -18,10 +18,11 @@ var __spreadValues = (a, b) => {
 // src/cache.ts
 var EXPIRY_BUFFER_MS = 3e4;
 var TrackingCache = class {
-  constructor(categoryId) {
+  constructor(categoryId, siteKey) {
     this.memoryCache = null;
     this.useMemory = false;
-    this.key = `cf_tracking_${categoryId}`;
+    const resolvedSiteKey = siteKey || (typeof window !== "undefined" ? window.location.hostname : "unknown-site");
+    this.key = `cf_tracking_v1_${resolvedSiteKey}_${categoryId}`;
     this.useMemory = !this.isLocalStorageAvailable();
   }
   isLocalStorageAvailable() {
@@ -54,17 +55,15 @@ var TrackingCache = class {
     return cached;
   }
   /**
-   * Get sessionId for refresh if location matches (regardless of expiry).
-   * Used when cache is expired but location is same - send sessionId to server.
-   *
-   * Only returns sessionId if locationId is provided AND matches cached locId.
-   * (IP-based sessions don't send sessionId for refresh since location may differ)
+   * Get sessionToken for refresh if location matches (regardless of expiry).
+   * Used when cache is expired but location is same - send token to server.
    */
-  getSessionId(locationId) {
+  getSessionToken(locationId) {
     const cached = this.read();
     if (!cached) return null;
-    if (!locationId || cached.locId !== locationId) return null;
-    return cached.sessionId;
+    if (!locationId) return cached.sessionToken;
+    if (cached.locId !== locationId) return null;
+    return cached.sessionToken;
   }
   /**
    * Get cached params (for merging with new params).
@@ -118,19 +117,19 @@ var TrackingCache = class {
 // src/client.ts
 var DEFAULT_ENDPOINT = "https://tracking.callforge.io";
 var FETCH_TIMEOUT_MS = 1e4;
+var CALL_INTENT_TIMEOUT_MS = 8e3;
 var AUTO_PARAMS = ["gclid", "gbraid", "wbraid", "msclkid", "fbclid", "gad_campaignid", "gad_source"];
 var CallForge = class _CallForge {
   constructor(config) {
     this.sessionPromise = null;
     this.customParams = {};
-    this.sessionId = null;
-    this.sessionCreated = false;
     this.config = {
       categoryId: config.categoryId,
       endpoint: config.endpoint || DEFAULT_ENDPOINT,
-      ga4MeasurementId: config.ga4MeasurementId
+      ga4MeasurementId: config.ga4MeasurementId,
+      siteKey: config.siteKey
     };
-    this.cache = new TrackingCache(config.categoryId);
+    this.cache = new TrackingCache(config.categoryId, config.siteKey);
     this.captureGA4ClientId();
   }
   /**
@@ -150,6 +149,33 @@ var CallForge = class _CallForge {
     this.sessionPromise = this.fetchSession();
     return this.sessionPromise;
   }
+  /**
+   * Create a short-lived call intent token for click/callback deterministic attribution.
+   */
+  async createCallIntent() {
+    const session = await this.getSession();
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), CALL_INTENT_TIMEOUT_MS);
+    try {
+      const response = await fetch(`${this.config.endpoint}/v1/tracking/call-intent`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+        },
+        credentials: "omit",
+        signal: controller.signal,
+        body: JSON.stringify({
+          sessionToken: session.sessionToken
+        })
+      });
+      if (!response.ok) {
+        throw new Error(`Call intent API error: ${response.status} ${response.statusText}`);
+      }
+      return await response.json();
+    } finally {
+      clearTimeout(timeoutId);
+    }
+  }
   /**
    * Subscribe to session ready event.
    * Callback is called once session data is available.
@@ -159,15 +185,10 @@ var CallForge = class _CallForge {
     });
   }
   /**
-   * Set custom tracking parameters.
-   * If session already exists, sends PATCH to update.
-   * Otherwise queues params for next session request.
+   * Set custom tracking parameters for the next session fetch.
    */
   async setParams(params) {
     this.customParams = __spreadValues(__spreadValues({}, this.customParams), params);
-    if (this.sessionCreated && this.sessionId) {
-      await this.patchSession(params);
-    }
   }
   /**
    * Get the currently queued custom params.
@@ -175,23 +196,6 @@ var CallForge = class _CallForge {
   getQueuedParams() {
     return __spreadValues({}, this.customParams);
   }
-  async patchSession(params) {
-    try {
-      const response = await fetch(
-        `${this.config.endpoint}/v1/tracking/session/${this.sessionId}`,
-        {
-          method: "PATCH",
-          headers: { "Content-Type": "application/json" },
-          body: JSON.stringify(params)
-        }
-      );
-      if (!response.ok) {
-        console.warn("[CallForge] Failed to patch session:", response.status);
-      }
-    } catch (error) {
-      console.warn("[CallForge] Failed to patch session:", error);
-    }
-  }
   /**
    * Capture the GA4 client ID using gtag callback.
    * Only runs if ga4MeasurementId is configured.
@@ -210,31 +214,30 @@ var CallForge = class _CallForge {
     });
   }
   async fetchSession() {
+    var _a;
     const locationId = this.getLocationId();
-    const cached = this.cache.get(locationId);
-    if (cached) {
-      this.sessionId = cached.sessionId;
-      this.sessionCreated = true;
-      return this.formatSession(cached);
-    }
-    const autoParams = this.getAutoParams();
-    const cachedParams = this.cache.getParams();
-    const params = __spreadValues(__spreadValues(__spreadValues({}, autoParams), cachedParams), this.customParams);
     if (typeof window !== "undefined" && window.__cfTracking) {
       try {
         const data2 = await window.__cfTracking;
-        this.saveToCache(locationId, data2, params);
-        this.sessionId = data2.sessionId;
-        this.sessionCreated = true;
+        const dataWithExtras = data2;
+        const effectiveLocId = (_a = dataWithExtras.locId) != null ? _a : locationId;
+        const autoParams2 = this.getAutoParams();
+        const params2 = __spreadValues(__spreadValues(__spreadValues({}, autoParams2), dataWithExtras.params), this.customParams);
+        this.saveToCache(effectiveLocId, data2, params2);
         return this.formatApiResponse(data2);
       } catch (e) {
       }
     }
-    const cachedSessionId = this.cache.getSessionId(locationId);
-    const data = await this.fetchFromApi(locationId, cachedSessionId, params);
+    const cached = this.cache.get(locationId);
+    if (cached) {
+      return this.formatSession(cached);
+    }
+    const autoParams = this.getAutoParams();
+    const cachedParams = this.cache.getParams();
+    const params = __spreadValues(__spreadValues(__spreadValues({}, autoParams), cachedParams), this.customParams);
+    const cachedSessionToken = this.cache.getSessionToken(locationId);
+    const data = await this.fetchFromApi(locationId, cachedSessionToken, params);
     this.saveToCache(locationId, data, params);
-    this.sessionId = data.sessionId;
-    this.sessionCreated = true;
     return this.formatApiResponse(data);
   }
   getLocationId() {
@@ -254,8 +257,8 @@ var CallForge = class _CallForge {
     }
     return params;
   }
-  async fetchFromApi(locationId, sessionId, params) {
-    const url = this.buildUrl(locationId, sessionId, params);
+  async fetchFromApi(locationId, sessionToken, params) {
+    const url = this.buildUrl(locationId, sessionToken, params);
     const controller = new AbortController();
     const timeoutId = setTimeout(() => controller.abort(), FETCH_TIMEOUT_MS);
     try {
@@ -273,30 +276,34 @@ var CallForge = class _CallForge {
   }
   saveToCache(locationId, data, params) {
     const cached = {
-      locId: locationId,
-      sessionId: data.sessionId,
+      locId: locationId != null ? locationId : null,
+      sessionToken: data.sessionToken,
+      leaseId: data.leaseId,
       phoneNumber: data.phoneNumber,
       location: data.location,
       expiresAt: data.expiresAt,
+      tokenVersion: "v1",
       params
     };
     this.cache.set(cached);
   }
   formatSession(cached) {
     return {
-      sessionId: cached.sessionId,
+      sessionToken: cached.sessionToken,
+      leaseId: cached.leaseId,
       phoneNumber: cached.phoneNumber,
       location: cached.location
     };
   }
   formatApiResponse(data) {
     return {
-      sessionId: data.sessionId,
+      sessionToken: data.sessionToken,
+      leaseId: data.leaseId,
       phoneNumber: data.phoneNumber,
       location: data.location
     };
   }
-  buildUrl(locationId, sessionId, params) {
+  buildUrl(locationId, sessionToken, params) {
     const { categoryId, endpoint } = this.config;
     const queryParams = {
       categoryId
@@ -304,8 +311,8 @@ var CallForge = class _CallForge {
     if (locationId) {
       queryParams.loc_physical_ms = locationId;
     }
-    if (sessionId) {
-      queryParams.sessionId = sessionId;
+    if (sessionToken) {
+      queryParams.sessionToken = sessionToken;
     }
     for (const [key, value] of Object.entries(params)) {
       if (value !== void 0) {
@@ -335,29 +342,29 @@ function getPreloadSnippet(config) {
       `Invalid endpoint: "${endpoint}". Must be a valid HTTPS URL`
     );
   }
-  const cacheKey = `cf_tracking_${categoryId}`;
   const script = `(function(){
 var u=new URLSearchParams(location.search);
 var loc=u.get('loc_physical_ms');
 var ap=['gclid','gbraid','wbraid','msclkid','fbclid','gad_campaignid','gad_source'];
 var p={};
 for(var i=0;i<ap.length;i++){var v=u.get(ap[i]);if(v)p[ap[i]]=v}
-var key='${cacheKey}';
-var sid=null;
+var site='${config.siteKey || ""}'||location.hostname||'unknown-site';
+var key='cf_tracking_v1_'+site+'_${categoryId}';
+var token=null;
 try{
 var c=JSON.parse(localStorage.getItem(key));
 if(c&&c.expiresAt>Date.now()+30000){
 if(!loc||(loc&&c.locId===loc)){c.params=Object.assign({},c.params,p);window.__cfTracking=Promise.resolve(c);return}
-sid=(c.locId===loc)?c.sessionId:null;
+token=(!loc||c.locId===loc)?c.sessionToken:null;
 var cp=c.params||{};
 p=Object.assign({},cp,p);
 }}catch(e){}
 var url='${endpoint}/v1/tracking/session?categoryId=${categoryId}';
 if(loc)url+='&loc_physical_ms='+loc;
-if(sid)url+='&sessionId='+sid;
+if(token)url+='&sessionToken='+encodeURIComponent(token);
 var ks=Object.keys(p).sort();
 for(var j=0;j<ks.length;j++)url+='&'+ks[j]+'='+encodeURIComponent(p[ks[j]]);
-window.__cfTracking=fetch(url,{credentials:'omit'}).then(function(r){return r.json()}).then(function(d){d.params=p;try{localStorage.setItem(key,JSON.stringify({locId:loc,sessionId:d.sessionId,phoneNumber:d.phoneNumber,location:d.location,expiresAt:d.expiresAt,params:p}))}catch(e){}return d});
+window.__cfTracking=fetch(url,{credentials:'omit'}).then(function(r){if(!r.ok)throw new Error('tracking preload failed');return r.json()}).then(function(d){d.params=p;d.locId=loc;try{localStorage.setItem(key,JSON.stringify({locId:loc,sessionToken:d.sessionToken,leaseId:d.leaseId,phoneNumber:d.phoneNumber,location:d.location,expiresAt:d.expiresAt,tokenVersion:'v1',params:p}))}catch(e){}return d});
 })();`.replace(/\n/g, "");
   return `<link rel="preconnect" href="${endpoint}">
 <script>${script}</script>`;

package/package.json

@@ -1,30 +1,33 @@
 {
   "name": "@callforge/tracking-client",
-  "version": "0.5.0",
+  "version": "0.6.0",
   "main": "dist/index.js",
-  "module": "dist/index.js",
+  "module": "dist/index.mjs",
   "types": "dist/index.d.ts",
   "exports": {
     ".": {
       "types": "./dist/index.d.ts",
-      "import": "./dist/index.js",
-      "require": "./dist/index.cjs"
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
     }
   },
+  "publishConfig": {
+    "access": "public"
+  },
   "files": [
     "dist"
   ],
-  "devDependencies": {
-    "jsdom": "^27.4.0",
-    "tsup": "^8.0.0",
-    "typescript": "^5.3.0",
-    "vitest": "^1.6.0",
-    "@callforge/tsconfig": "0.0.0"
-  },
   "scripts": {
     "build": "tsup src/index.ts --format esm,cjs --dts",
     "clean": "rm -rf dist",
     "test": "vitest run",
     "test:watch": "vitest"
+  },
+  "devDependencies": {
+    "@callforge/tsconfig": "workspace:*",
+    "jsdom": "^27.4.0",
+    "tsup": "^8.0.0",
+    "typescript": "^5.3.0",
+    "vitest": "^1.6.0"
   }
-}
+}