@djangocfg/api 2.1.331 → 2.1.333

package/src/_api/generated/helpers/auth.ts

@@ -0,0 +1,240 @@
+// AUTO-GENERATED by django_generator / ts_extras.wrapper
+// Global auth store. Wired into the shared `client` from `client.gen.ts`
+// via `installAuthOnClient(client)` — called synchronously by the
+// post-processed bottom of client.gen.ts. No circular import here.
+// DO NOT EDIT — re-run `make gen`.
+
+const ACCESS_KEY = 'cfg.access_token';
+const REFRESH_KEY = 'cfg.refresh_token';
+const API_KEY_KEY = 'cfg.api_key';
+
+const isBrowser = typeof window !== 'undefined';
+
+export type StorageMode = 'localStorage' | 'cookie';
+
+// ── Storage backends (browser-only; server-side reads return null) ─────────
+
+interface KVStore {
+  get(key: string): string | null;
+  set(key: string, value: string | null): void;
+}
+
+const localStorageBackend: KVStore = {
+  get(key) {
+    if (!isBrowser) return null;
+    try { return window.localStorage.getItem(key); } catch { return null; }
+  },
+  set(key, value) {
+    if (!isBrowser) return;
+    try {
+      if (value === null) window.localStorage.removeItem(key);
+      else window.localStorage.setItem(key, value);
+    } catch {}
+  },
+};
+
+/** 30 days, matches typical refresh-token lifetime. */
+const COOKIE_MAX_AGE = 60 * 60 * 24 * 30;
+
+const cookieBackend: KVStore = {
+  get(key) {
+    if (!isBrowser) return null;
+    try {
+      const re = new RegExp(`(?:^|;\\s*)${encodeURIComponent(key)}=([^;]*)`);
+      const m = document.cookie.match(re);
+      return m ? decodeURIComponent(m[1]) : null;
+    } catch { return null; }
+  },
+  set(key, value) {
+    if (!isBrowser) return;
+    try {
+      const k = encodeURIComponent(key);
+      const secure = window.location.protocol === 'https:' ? '; Secure' : '';
+      if (value === null) {
+        document.cookie = `${k}=; Path=/; Max-Age=0; SameSite=Lax${secure}`;
+      } else {
+        const v = encodeURIComponent(value);
+        document.cookie = `${k}=${v}; Path=/; Max-Age=${COOKIE_MAX_AGE}; SameSite=Lax${secure}`;
+      }
+    } catch {}
+  },
+};
+
+let _storage: KVStore = localStorageBackend;
+let _storageMode: StorageMode = 'localStorage';
+
+/** Detect locale from `NEXT_LOCALE` cookie or `navigator.language`. */
+function detectLocale(): string | null {
+  try {
+    if (typeof document !== 'undefined') {
+      const m = document.cookie.match(/(?:^|;\s*)NEXT_LOCALE=([^;]*)/);
+      if (m) return decodeURIComponent(m[1]);
+    }
+    if (typeof navigator !== 'undefined' && navigator.language) {
+      return navigator.language;
+    }
+  } catch {}
+  return null;
+}
+
+/** Default baseUrl from `NEXT_PUBLIC_API_URL` (empty for static builds). */
+function defaultBaseUrl(): string {
+  try {
+    if (typeof process !== 'undefined' && process.env) {
+      if (process.env.NEXT_PUBLIC_STATIC_BUILD === 'true') return '';
+      return process.env.NEXT_PUBLIC_API_URL || '';
+    }
+  } catch {}
+  return '';
+}
+
+/** Default API key fallback from `NEXT_PUBLIC_API_KEY`. */
+function defaultApiKey(): string | null {
+  try {
+    if (typeof process !== 'undefined' && process.env?.NEXT_PUBLIC_API_KEY) {
+      return process.env.NEXT_PUBLIC_API_KEY;
+    }
+  } catch {}
+  return null;
+}
+
+// ── In-memory overrides (win over storage / env) ───────────────────────────
+let _localeOverride: string | null = null;
+let _apiKeyOverride: string | null = null;
+let _baseUrlOverride: string | null = null;
+let _withCredentials = true;
+let _onUnauthorized: ((response: Response) => void) | null = null;
+
+/**
+ * Captured reference to the shared Hey API client. Set exactly once by
+ * `installAuthOnClient(client)` (called from client.gen.ts). All `auth.set*`
+ * methods that mutate transport config (baseUrl / credentials) push through
+ * this reference. Until installed, those mutations are silently buffered as
+ * in-memory state — the next request after install will pick them up.
+ */
+type HeyClient = {
+  setConfig(opts: Record<string, unknown>): void;
+  interceptors: {
+    request: { use(fn: (req: Request) => Request | Promise<Request>): void };
+    response: { use(fn: (res: Response, req: Request) => Response | Promise<Response>): void };
+  };
+};
+let _client: HeyClient | null = null;
+
+function pushClientConfig(): void {
+  if (!_client) return;
+  _client.setConfig({
+    baseUrl: auth.getBaseUrl(),
+    credentials: _withCredentials ? 'include' : 'same-origin',
+  });
+}
+
+/**
+ * Global auth/config store. All getters read live state every call —
+ * the interceptor below uses these to attach headers per-request.
+ *
+ * Default storage backend is `localStorage`. Switch to cookies (e.g.
+ * for Next.js SSR cookie access) via `auth.setStorageMode('cookie')`
+ * early in the app bootstrap.
+ *
+ * @example
+ *   import { auth } from '@your/api';
+ *   auth.setToken(jwt);
+ *   auth.clearTokens();
+ *   auth.setStorageMode('cookie');
+ */
+export const auth = {
+  // ── Storage mode ──────────────────────────────────────────────────
+  getStorageMode(): StorageMode { return _storageMode; },
+  setStorageMode(mode: StorageMode): void {
+    _storageMode = mode;
+    _storage = mode === 'cookie' ? cookieBackend : localStorageBackend;
+  },
+
+  // ── Bearer token ──────────────────────────────────────────────────
+  getToken(): string | null { return _storage.get(ACCESS_KEY); },
+  setToken(token: string | null): void { _storage.set(ACCESS_KEY, token); },
+  getRefreshToken(): string | null { return _storage.get(REFRESH_KEY); },
+  setRefreshToken(token: string | null): void { _storage.set(REFRESH_KEY, token); },
+  clearTokens(): void { _storage.set(ACCESS_KEY, null); _storage.set(REFRESH_KEY, null); },
+  isAuthenticated(): boolean { return _storage.get(ACCESS_KEY) !== null; },
+
+  // ── API key ───────────────────────────────────────────────────────
+  getApiKey(): string | null {
+    return _apiKeyOverride ?? _storage.get(API_KEY_KEY) ?? defaultApiKey();
+  },
+  setApiKey(key: string | null): void { _apiKeyOverride = key; },
+  setApiKeyPersist(key: string | null): void {
+    _apiKeyOverride = key;
+    _storage.set(API_KEY_KEY, key);
+  },
+  clearApiKey(): void { _apiKeyOverride = null; _storage.set(API_KEY_KEY, null); },
+
+  // ── Locale ────────────────────────────────────────────────────────
+  getLocale(): string | null { return _localeOverride ?? detectLocale(); },
+  setLocale(locale: string | null): void { _localeOverride = locale; },
+
+  // ── Base URL ──────────────────────────────────────────────────────
+  getBaseUrl(): string {
+    const url = (_baseUrlOverride ?? defaultBaseUrl());
+    return url.replace(/\/$/, '');
+  },
+  setBaseUrl(url: string | null): void {
+    _baseUrlOverride = url ? url.replace(/\/$/, '') : null;
+    pushClientConfig();
+  },
+
+  // ── Credentials toggle ────────────────────────────────────────────
+  getWithCredentials(): boolean { return _withCredentials; },
+  setWithCredentials(value: boolean): void {
+    _withCredentials = value;
+    pushClientConfig();
+  },
+
+  // ── 401 handler ───────────────────────────────────────────────────
+  onUnauthorized(cb: ((response: Response) => void) | null): void {
+    _onUnauthorized = cb;
+  },
+};
+
+/**
+ * Wire the shared client to the global auth store. Called exactly
+ * once from `client.gen.ts` (post-processed) right after
+ * `createClient()`. Synchronous — no microtask, no TDZ races.
+ *
+ * Safe to call from server / SSR: storage backends short-circuit on
+ * non-browser environments, so headers populated by the interceptor
+ * are simply absent server-side (which is the correct behaviour
+ * unless the caller explicitly sets a server-side token).
+ */
+export function installAuthOnClient(client: HeyClient): void {
+  if (_client) return; // idempotent
+  _client = client;
+
+  client.setConfig({
+    baseUrl: auth.getBaseUrl(),
+    credentials: _withCredentials ? 'include' : 'same-origin',
+  });
+
+  client.interceptors.request.use((request) => {
+    const token = auth.getToken();
+    if (token) request.headers.set('Authorization', `Bearer ${token}`);
+
+    const locale = auth.getLocale();
+    if (locale) request.headers.set('Accept-Language', locale);
+
+    const apiKey = auth.getApiKey();
+    if (apiKey) request.headers.set('X-API-Key', apiKey);
+
+    return request;
+  });
+
+  client.interceptors.response.use((response) => {
+    if (response.status === 401 && _onUnauthorized) {
+      try { _onUnauthorized(response); } catch {}
+    }
+    return response;
+  });
+}
+
+export type Auth = typeof auth;

package/src/_api/generated/helpers/index.ts

@@ -1,6 +1,7 @@
 // AUTO-GENERATED by django_generator / ts_extras.wrapper
 // Shared utilities barrel. DO NOT EDIT — re-run `make gen`.
 
+export { auth, type Auth } from './auth';
 export {
   type StorageAdapter,
   LocalStorageAdapter,

package/src/_api/generated/index.ts

@@ -1,27 +1,31 @@
 // AUTO-GENERATED by django_generator / ts_extras.wrapper
-// Top-level barrel — one singleton API per group, baseUrl from Next.js env.
+// Top-level barrel — global `auth` + per-group facades.
 // DO NOT EDIT — re-run `make gen`.
 
-import { API as CfgAccountsAPI, LocalStorageAdapter as CfgAccountsStorage } from './_cfg_accounts';
-import { API as CfgCentrifugoAPI, LocalStorageAdapter as CfgCentrifugoStorage } from './_cfg_centrifugo';
-import { API as CfgTotpAPI, LocalStorageAdapter as CfgTotpStorage } from './_cfg_totp';
+// Side-effect: ensure auth interceptor is installed even if consumers
+// only ever import this barrel (it'll also load via client.gen.ts).
+import './helpers/auth';
 
-const isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === 'true';
-const baseUrl = isStaticBuild ? '' : process.env.NEXT_PUBLIC_API_URL || '';
+// Global auth/config store — single source of truth.
+export { auth, type Auth } from './helpers/auth';
 
-export const CfgAccountsApi = new CfgAccountsAPI(baseUrl, { storage: new CfgAccountsStorage() });
-export const CfgCentrifugoApi = new CfgCentrifugoAPI(baseUrl, { storage: new CfgCentrifugoStorage() });
-export const CfgTotpApi = new CfgTotpAPI(baseUrl, { storage: new CfgTotpStorage() });
+import { API as CfgAccountsAPI } from './_cfg_accounts';
+import { API as CfgCentrifugoAPI } from './_cfg_centrifugo';
+import { API as CfgTotpAPI } from './_cfg_totp';
 
-// API wrapper classes — for users who need to construct their own
-// instance (e.g. with MemoryStorageAdapter in SSR/tests).
+// Singletons for ergonomic access (`import { apiAccounts } from '@your/api'`).
+// All instances share the same global `auth` store.
+export const CfgAccountsApi = new CfgAccountsAPI();
+export const CfgCentrifugoApi = new CfgCentrifugoAPI();
+export const CfgTotpApi = new CfgTotpAPI();
+
+// Per-group wrapper classes (e.g. for tests / SSR isolation of options).
 export { API as CfgAccountsAPI } from './_cfg_accounts';
 export { API as CfgCentrifugoAPI } from './_cfg_centrifugo';
 export { API as CfgTotpAPI } from './_cfg_totp';
 
 // Hey API SDK classes — one per OpenAPI tag. Lets consumers call
-// `Centrifugo.cfgCentrifugoAuthTokenRetrieve({...})` directly without
-// going through the wrapper singleton.
+// `Centrifugo.cfgCentrifugoAuthTokenRetrieve({...})` directly.
 
 
 // Shared utilities (errors, storage adapters, logger).