@clianta/sdk 1.6.4 → 1.6.6

package/dist/clianta.cjs.js

@@ -1,5 +1,5 @@
 /*!
- * Clianta SDK v1.6.4
+ * Clianta SDK v1.6.6
  * (c) 2026 Clianta
  * Released under the MIT License.
  */
@@ -13,7 +13,7 @@ var _documentCurrentScript = typeof document !== 'undefined' ? document.currentS
  * @see SDK_VERSION in core/config.ts
  */
 /** SDK Version */
-const SDK_VERSION = '1.6.4';
+const SDK_VERSION = '1.6.6';
 /** Default API endpoint — reads from env or falls back to localhost */
 const getDefaultApiEndpoint = () => {
     // Next.js (process.env)
@@ -52,6 +52,7 @@ const DEFAULT_PLUGINS = [
     'exitIntent',
     'errors',
     'performance',
+    'autoIdentify',
 ];
 /** Default configuration values */
 const DEFAULT_CONFIG = {
@@ -2244,6 +2245,316 @@ class PopupFormsPlugin extends BasePlugin {
     }
 }
 
+/**
+ * Clianta SDK - Auto-Identify Plugin
+ * Automatically detects logged-in users by checking JWT tokens in
+ * cookies, localStorage, and sessionStorage. Works with any auth provider:
+ * Clerk, Firebase, Auth0, Supabase, NextAuth, Passport, custom JWT, etc.
+ *
+ * How it works:
+ * 1. On init + periodically, scans for JWT tokens
+ * 2. Decodes the JWT payload (base64, no secret needed)
+ * 3. Extracts email/name from standard JWT claims
+ * 4. Calls tracker.identify() automatically
+ *
+ * @see SDK_VERSION in core/config.ts
+ */
+/** Known auth cookie patterns and their JWT locations */
+const AUTH_COOKIE_PATTERNS = [
+    // Clerk
+    '__session',
+    '__clerk_db_jwt',
+    // NextAuth
+    'next-auth.session-token',
+    '__Secure-next-auth.session-token',
+    // Supabase
+    'sb-access-token',
+    // Auth0
+    'auth0.is.authenticated',
+    // Firebase — uses localStorage, handled separately
+    // Generic patterns
+    'token',
+    'jwt',
+    'access_token',
+    'session_token',
+    'auth_token',
+    'id_token',
+];
+/** localStorage/sessionStorage key patterns for auth tokens */
+const STORAGE_KEY_PATTERNS = [
+    // Supabase
+    'sb-',
+    'supabase.auth.',
+    // Firebase
+    'firebase:authUser:',
+    // Auth0
+    'auth0spajs',
+    '@@auth0spajs@@',
+    // Generic
+    'token',
+    'jwt',
+    'auth',
+    'user',
+    'session',
+];
+/** Standard JWT claim fields for email */
+const EMAIL_CLAIMS = ['email', 'sub', 'preferred_username', 'user_email', 'mail'];
+const NAME_CLAIMS = ['name', 'full_name', 'display_name', 'given_name'];
+const FIRST_NAME_CLAIMS = ['given_name', 'first_name', 'firstName'];
+const LAST_NAME_CLAIMS = ['family_name', 'last_name', 'lastName'];
+class AutoIdentifyPlugin extends BasePlugin {
+    constructor() {
+        super(...arguments);
+        this.name = 'autoIdentify';
+        this.checkInterval = null;
+        this.identifiedEmail = null;
+        this.checkCount = 0;
+        this.MAX_CHECKS = 30; // Stop checking after ~5 minutes
+        this.CHECK_INTERVAL_MS = 10000; // Check every 10 seconds
+    }
+    init(tracker) {
+        super.init(tracker);
+        if (typeof window === 'undefined')
+            return;
+        // First check after 2 seconds (give auth providers time to init)
+        setTimeout(() => {
+            try {
+                this.checkForAuthUser();
+            }
+            catch { /* silently fail */ }
+        }, 2000);
+        // Then check periodically
+        this.checkInterval = setInterval(() => {
+            this.checkCount++;
+            if (this.checkCount >= this.MAX_CHECKS) {
+                if (this.checkInterval) {
+                    clearInterval(this.checkInterval);
+                    this.checkInterval = null;
+                }
+                return;
+            }
+            try {
+                this.checkForAuthUser();
+            }
+            catch { /* silently fail */ }
+        }, this.CHECK_INTERVAL_MS);
+    }
+    destroy() {
+        if (this.checkInterval) {
+            clearInterval(this.checkInterval);
+            this.checkInterval = null;
+        }
+        super.destroy();
+    }
+    /**
+     * Main check — scan all sources for auth tokens
+     */
+    checkForAuthUser() {
+        if (!this.tracker || this.identifiedEmail)
+            return;
+        try {
+            // 1. Check cookies for JWTs
+            const cookieUser = this.checkCookies();
+            if (cookieUser) {
+                this.identifyUser(cookieUser);
+                return;
+            }
+        }
+        catch { /* cookie access blocked */ }
+        try {
+            // 2. Check localStorage
+            if (typeof localStorage !== 'undefined') {
+                const localUser = this.checkStorage(localStorage);
+                if (localUser) {
+                    this.identifyUser(localUser);
+                    return;
+                }
+            }
+        }
+        catch { /* localStorage access blocked */ }
+        try {
+            // 3. Check sessionStorage
+            if (typeof sessionStorage !== 'undefined') {
+                const sessionUser = this.checkStorage(sessionStorage);
+                if (sessionUser) {
+                    this.identifyUser(sessionUser);
+                    return;
+                }
+            }
+        }
+        catch { /* sessionStorage access blocked */ }
+    }
+    /**
+     * Identify the user and stop checking
+     */
+    identifyUser(user) {
+        if (!this.tracker || this.identifiedEmail === user.email)
+            return;
+        this.identifiedEmail = user.email;
+        this.tracker.identify(user.email, {
+            firstName: user.firstName,
+            lastName: user.lastName,
+        });
+        // Stop interval — we found the user
+        if (this.checkInterval) {
+            clearInterval(this.checkInterval);
+            this.checkInterval = null;
+        }
+    }
+    /**
+     * Scan cookies for JWT tokens
+     */
+    checkCookies() {
+        if (typeof document === 'undefined')
+            return null;
+        try {
+            const cookies = document.cookie.split(';').map(c => c.trim());
+            for (const cookie of cookies) {
+                const [name, ...valueParts] = cookie.split('=');
+                const value = valueParts.join('=');
+                const cookieName = name.trim().toLowerCase();
+                // Check if this cookie matches known auth patterns
+                const isAuthCookie = AUTH_COOKIE_PATTERNS.some(pattern => cookieName.includes(pattern.toLowerCase()));
+                if (isAuthCookie && value) {
+                    const user = this.extractUserFromToken(decodeURIComponent(value));
+                    if (user)
+                        return user;
+                }
+            }
+        }
+        catch {
+            // Cookie access may fail in some environments
+        }
+        return null;
+    }
+    /**
+     * Scan localStorage or sessionStorage for auth tokens
+     */
+    checkStorage(storage) {
+        try {
+            for (let i = 0; i < storage.length; i++) {
+                const key = storage.key(i);
+                if (!key)
+                    continue;
+                const keyLower = key.toLowerCase();
+                const isAuthKey = STORAGE_KEY_PATTERNS.some(pattern => keyLower.includes(pattern.toLowerCase()));
+                if (isAuthKey) {
+                    const value = storage.getItem(key);
+                    if (!value)
+                        continue;
+                    // Try as direct JWT
+                    const user = this.extractUserFromToken(value);
+                    if (user)
+                        return user;
+                    // Try as JSON containing a token
+                    try {
+                        const json = JSON.parse(value);
+                        const user = this.extractUserFromJson(json);
+                        if (user)
+                            return user;
+                    }
+                    catch {
+                        // Not JSON, skip
+                    }
+                }
+            }
+        }
+        catch {
+            // Storage access may fail (iframe, security restrictions)
+        }
+        return null;
+    }
+    /**
+     * Try to extract user info from a JWT token string
+     */
+    extractUserFromToken(token) {
+        // JWT format: header.payload.signature
+        const parts = token.split('.');
+        if (parts.length !== 3)
+            return null;
+        try {
+            const payload = JSON.parse(atob(parts[1].replace(/-/g, '+').replace(/_/g, '/')));
+            return this.extractUserFromClaims(payload);
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Extract user info from a JSON object (e.g., Firebase auth user stored in localStorage)
+     */
+    extractUserFromJson(data) {
+        if (!data || typeof data !== 'object')
+            return null;
+        // Direct user object
+        const user = this.extractUserFromClaims(data);
+        if (user)
+            return user;
+        // Nested: { user: { email } } or { data: { user: { email } } }
+        for (const key of ['user', 'data', 'session', 'currentUser', 'authUser', 'access_token', 'token']) {
+            if (data[key]) {
+                if (typeof data[key] === 'string') {
+                    // Might be a JWT inside JSON
+                    const tokenUser = this.extractUserFromToken(data[key]);
+                    if (tokenUser)
+                        return tokenUser;
+                }
+                else if (typeof data[key] === 'object') {
+                    const nestedUser = this.extractUserFromClaims(data[key]);
+                    if (nestedUser)
+                        return nestedUser;
+                }
+            }
+        }
+        return null;
+    }
+    /**
+     * Extract user from JWT claims or user object
+     */
+    extractUserFromClaims(claims) {
+        if (!claims || typeof claims !== 'object')
+            return null;
+        // Find email
+        let email = null;
+        for (const claim of EMAIL_CLAIMS) {
+            const value = claims[claim];
+            if (value && typeof value === 'string' && value.includes('@') && value.includes('.')) {
+                email = value;
+                break;
+            }
+        }
+        if (!email)
+            return null;
+        // Find name
+        let firstName;
+        let lastName;
+        for (const claim of FIRST_NAME_CLAIMS) {
+            if (claims[claim] && typeof claims[claim] === 'string') {
+                firstName = claims[claim];
+                break;
+            }
+        }
+        for (const claim of LAST_NAME_CLAIMS) {
+            if (claims[claim] && typeof claims[claim] === 'string') {
+                lastName = claims[claim];
+                break;
+            }
+        }
+        // If no first/last name, try full name
+        if (!firstName) {
+            for (const claim of NAME_CLAIMS) {
+                if (claims[claim] && typeof claims[claim] === 'string') {
+                    const parts = claims[claim].split(' ');
+                    firstName = parts[0];
+                    lastName = lastName || parts.slice(1).join(' ') || undefined;
+                    break;
+                }
+            }
+        }
+        return { email, firstName, lastName };
+    }
+}
+
 /**
  * Clianta SDK - Plugins Index
  * Version is defined in core/config.ts as SDK_VERSION
@@ -2273,6 +2584,8 @@ function getPlugin(name) {
             return new PerformancePlugin();
         case 'popupForms':
             return new PopupFormsPlugin();
+        case 'autoIdentify':
+            return new AutoIdentifyPlugin();
         default:
             throw new Error(`Unknown plugin: ${name}`);
     }