@commercengine/storefront-sdk 0.3.6 → 0.3.7

package/dist/index.d.ts

@@ -6,7 +6,7 @@ import { OrderClient } from "./lib/order";
 import { ShippingClient } from "./lib/shipping";
 import { HelpersClient } from "./lib/helper";
 import { CustomerClient } from "./lib/customer";
-import { TokenStorage, MemoryTokenStorage, BrowserTokenStorage } from "./lib/middleware";
+import { TokenStorage, MemoryTokenStorage, BrowserTokenStorage, CookieTokenStorage } from "./lib/middleware";
 import { type UserInfo } from "./lib/jwt-utils";
 /**
  * SDK initialization options
@@ -168,9 +168,10 @@ export declare class StorefrontSDK {
     getCustomerGroupId(): Promise<string | null>;
 }
 export default StorefrontSDK;
-export { StorefrontAPIClient, AuthClient, CartClient, CatalogClient, CustomerClient, HelpersClient, ShippingClient, OrderClient };
+export { StorefrontAPIClient, AuthClient, CartClient, CatalogClient, CustomerClient, HelpersClient, ShippingClient, OrderClient, };
 export { Environment };
-export { TokenStorage, MemoryTokenStorage, BrowserTokenStorage };
+export { TokenStorage, MemoryTokenStorage, BrowserTokenStorage, CookieTokenStorage, };
+export type { CookieTokenStorageOptions } from "./lib/middleware";
 export type { UserInfo } from "./lib/jwt-utils";
 export type { components, operations, paths } from "./types/storefront";
 export type * from "./types/storefront-api-types";

package/dist/index.js

@@ -1,4 +1,4 @@
-import { StorefrontAPIClient, Environment, } from "./lib/client";
+import { StorefrontAPIClient, Environment } from "./lib/client";
 import { CatalogClient } from "./lib/catalog";
 import { CartClient } from "./lib/cart";
 import { AuthClient } from "./lib/auth";
@@ -6,7 +6,7 @@ import { OrderClient } from "./lib/order";
 import { ShippingClient } from "./lib/shipping";
 import { HelpersClient } from "./lib/helper";
 import { CustomerClient } from "./lib/customer";
-import { MemoryTokenStorage, BrowserTokenStorage, } from "./lib/middleware";
+import { MemoryTokenStorage, BrowserTokenStorage, CookieTokenStorage, } from "./lib/middleware";
 import { extractUserInfoFromToken, getUserIdFromToken, isUserLoggedIn, isUserAnonymous, } from "./lib/jwt-utils";
 /**
  * Main SDK class for the Storefront API
@@ -132,7 +132,9 @@ export class StorefrontSDK {
      * Get the current access token if using token storage
      */
     async getAccessToken() {
-        return await this.auth.getAuthorizationHeader().then(header => header.startsWith('Bearer ') ? header.substring(7) : null);
+        return await this.auth
+            .getAuthorizationHeader()
+            .then((header) => header.startsWith("Bearer ") ? header.substring(7) : null);
     }
     /**
      * Get user information from the current access token
@@ -200,8 +202,8 @@ export class StorefrontSDK {
 // Export the main SDK class
 export default StorefrontSDK;
 // Export individual clients for advanced usage
-export { StorefrontAPIClient, AuthClient, CartClient, CatalogClient, CustomerClient, HelpersClient, ShippingClient, OrderClient };
+export { StorefrontAPIClient, AuthClient, CartClient, CatalogClient, CustomerClient, HelpersClient, ShippingClient, OrderClient, };
 // Export environment enum
 export { Environment };
 // Export token storage types
-export { MemoryTokenStorage, BrowserTokenStorage };
+export { MemoryTokenStorage, BrowserTokenStorage, CookieTokenStorage, };

package/dist/lib/middleware.d.ts

@@ -34,6 +34,52 @@ export declare class BrowserTokenStorage implements TokenStorage {
     setRefreshToken(token: string): Promise<void>;
     clearTokens(): Promise<void>;
 }
+/**
+ * Cookie-based token storage implementation
+ */
+export declare class CookieTokenStorage implements TokenStorage {
+    private accessTokenKey;
+    private refreshTokenKey;
+    private options;
+    constructor(options?: CookieTokenStorageOptions);
+    getAccessToken(): Promise<string | null>;
+    setAccessToken(token: string): Promise<void>;
+    getRefreshToken(): Promise<string | null>;
+    setRefreshToken(token: string): Promise<void>;
+    clearTokens(): Promise<void>;
+    private getCookie;
+    private setCookie;
+    private deleteCookie;
+}
+/**
+ * Configuration options for CookieTokenStorage
+ */
+export interface CookieTokenStorageOptions {
+    /**
+     * Prefix for cookie names (default: "storefront_")
+     */
+    prefix?: string;
+    /**
+     * Maximum age of cookies in seconds (default: 7 days)
+     */
+    maxAge?: number;
+    /**
+     * Cookie path (default: "/")
+     */
+    path?: string;
+    /**
+     * Cookie domain (default: current domain)
+     */
+    domain?: string;
+    /**
+     * Whether cookies should be secure (default: auto-detect based on protocol)
+     */
+    secure?: boolean;
+    /**
+     * SameSite cookie attribute (default: "Lax")
+     */
+    sameSite?: "Strict" | "Lax" | "None";
+}
 /**
  * Configuration for the auth middleware
  */

package/dist/lib/middleware.js

@@ -1,5 +1,5 @@
 import { isTokenExpired } from "./jwt-utils";
-import { getPathnameFromUrl, isAnonymousAuthEndpoint, isTokenReturningEndpoint, isLogoutEndpoint } from "./auth-utils";
+import { getPathnameFromUrl, isAnonymousAuthEndpoint, isTokenReturningEndpoint, isLogoutEndpoint, } from "./auth-utils";
 /**
  * Simple in-memory token storage implementation
  */
@@ -60,6 +60,90 @@ export class BrowserTokenStorage {
         }
     }
 }
+/**
+ * Cookie-based token storage implementation
+ */
+export class CookieTokenStorage {
+    accessTokenKey;
+    refreshTokenKey;
+    options;
+    constructor(options = {}) {
+        const prefix = options.prefix || "storefront_";
+        this.accessTokenKey = `${prefix}access_token`;
+        this.refreshTokenKey = `${prefix}refresh_token`;
+        this.options = {
+            maxAge: options.maxAge || 7 * 24 * 60 * 60, // 7 days default
+            path: options.path || "/",
+            domain: options.domain,
+            secure: options.secure ??
+                (typeof window !== "undefined" &&
+                    window.location?.protocol === "https:"),
+            sameSite: options.sameSite || "Lax",
+            httpOnly: false, // Must be false for client-side access
+        };
+    }
+    async getAccessToken() {
+        return this.getCookie(this.accessTokenKey);
+    }
+    async setAccessToken(token) {
+        this.setCookie(this.accessTokenKey, token);
+    }
+    async getRefreshToken() {
+        return this.getCookie(this.refreshTokenKey);
+    }
+    async setRefreshToken(token) {
+        this.setCookie(this.refreshTokenKey, token);
+    }
+    async clearTokens() {
+        this.deleteCookie(this.accessTokenKey);
+        this.deleteCookie(this.refreshTokenKey);
+    }
+    getCookie(name) {
+        if (typeof document === "undefined")
+            return null;
+        const value = `; ${document.cookie}`;
+        const parts = value.split(`; ${name}=`);
+        if (parts.length === 2) {
+            const cookieValue = parts.pop()?.split(";").shift();
+            return cookieValue ? decodeURIComponent(cookieValue) : null;
+        }
+        return null;
+    }
+    setCookie(name, value) {
+        if (typeof document === "undefined")
+            return;
+        const encodedValue = encodeURIComponent(value);
+        let cookieString = `${name}=${encodedValue}`;
+        if (this.options.maxAge) {
+            cookieString += `; Max-Age=${this.options.maxAge}`;
+        }
+        if (this.options.path) {
+            cookieString += `; Path=${this.options.path}`;
+        }
+        if (this.options.domain) {
+            cookieString += `; Domain=${this.options.domain}`;
+        }
+        if (this.options.secure) {
+            cookieString += `; Secure`;
+        }
+        if (this.options.sameSite) {
+            cookieString += `; SameSite=${this.options.sameSite}`;
+        }
+        document.cookie = cookieString;
+    }
+    deleteCookie(name) {
+        if (typeof document === "undefined")
+            return;
+        let cookieString = `${name}=; Max-Age=0`;
+        if (this.options.path) {
+            cookieString += `; Path=${this.options.path}`;
+        }
+        if (this.options.domain) {
+            cookieString += `; Domain=${this.options.domain}`;
+        }
+        document.cookie = cookieString;
+    }
+}
 /**
  * Create authentication middleware for openapi-fetch
  */
@@ -115,7 +199,7 @@ export function createAuthMiddleware(config) {
                         headers: {
                             "Content-Type": "application/json",
                             ...(config.apiKey && { "X-Api-Key": config.apiKey }),
-                            "Authorization": `Bearer ${currentAccessToken}`, // For user_id continuity
+                            Authorization: `Bearer ${currentAccessToken}`, // For user_id continuity
                         },
                     });
                     if (!response.ok) {
@@ -184,7 +268,8 @@ export function createAuthMiddleware(config) {
             const pathname = getPathnameFromUrl(request.url);
             // Handle successful responses that return tokens
             if (response.ok) {
-                if (isTokenReturningEndpoint(pathname) || isAnonymousAuthEndpoint(pathname)) {
+                if (isTokenReturningEndpoint(pathname) ||
+                    isAnonymousAuthEndpoint(pathname)) {
                     try {
                         const data = await response.clone().json();
                         const content = data.content;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@commercengine/storefront-sdk",
-  "version": "0.3.6",
+  "version": "0.3.7",
   "description": "TypeScript SDK for the Storefront API",
   "type": "module",
   "main": "dist/index.js",