@djangocfg/api 2.1.356 → 2.1.358

package/dist/auth.mjs

@@ -20,10 +20,11 @@ var isBrowser = typeof window !== "undefined";
 import { usePathname as usePathname3 } from "next/navigation";
 import {
   createContext as createContext2,
+  memo as memo2,
   useCallback as useCallback12,
   useContext as useContext2,
   useEffect as useEffect9,
-  useMemo as useMemo2,
+  useMemo as useMemo3,
   useRef as useRef6,
   useState as useState12
 } from "react";
@@ -643,260 +644,6 @@ var APILogger = class {
 };
 var defaultLogger = new APILogger();
 
-// src/_api/generated/_cfg_accounts/api.ts
-var API = class {
-  static {
-    __name(this, "API");
-  }
-  logger;
-  constructor(_baseUrl, opts = {}) {
-    this.logger = new APILogger(opts.logger);
-    if (_baseUrl) auth.setBaseUrl(_baseUrl);
-    if (opts.locale !== void 0) auth.setLocale(opts.locale);
-    if (opts.apiKey !== void 0) auth.setApiKey(opts.apiKey);
-    if (opts.withCredentials !== void 0) auth.setWithCredentials(opts.withCredentials);
-  }
-  // ── Base URL ────────────────────────────────────────────────────────────
-  getBaseUrl() {
-    return auth.getBaseUrl();
-  }
-  setBaseUrl(url) {
-    auth.setBaseUrl(url);
-  }
-  // ── Tokens ──────────────────────────────────────────────────────────────
-  getToken() {
-    return auth.getToken();
-  }
-  setToken(token) {
-    auth.setToken(token);
-  }
-  getRefreshToken() {
-    return auth.getRefreshToken();
-  }
-  setRefreshToken(token) {
-    auth.setRefreshToken(token);
-  }
-  clearToken() {
-    auth.clearTokens();
-  }
-  isAuthenticated() {
-    return auth.isAuthenticated();
-  }
-  // ── Locale / API key ────────────────────────────────────────────────────
-  getLocale() {
-    return auth.getLocale();
-  }
-  setLocale(locale) {
-    auth.setLocale(locale);
-  }
-  getApiKey() {
-    return auth.getApiKey();
-  }
-  setApiKey(key) {
-    auth.setApiKey(key);
-  }
-  // ── 401 handling ────────────────────────────────────────────────────────
-  /** Fired only on terminal 401 (after refresh+retry path is exhausted). */
-  onUnauthorized(cb) {
-    auth.onUnauthorized(cb);
-  }
-  /** Provide a refresh strategy. See `auth.setRefreshHandler` for the contract. */
-  setRefreshHandler(fn) {
-    auth.setRefreshHandler(fn);
-  }
-};
-
-// src/_api/generated/helpers/errors.ts
-var APIError = class extends Error {
-  constructor(statusCode, statusText, response, url, message) {
-    super(message || `HTTP ${statusCode}: ${statusText}`);
-    this.statusCode = statusCode;
-    this.statusText = statusText;
-    this.response = response;
-    this.url = url;
-    this.name = "APIError";
-  }
-  static {
-    __name(this, "APIError");
-  }
-  get details() {
-    if (typeof this.response === "object" && this.response !== null) {
-      return this.response;
-    }
-    return null;
-  }
-  get fieldErrors() {
-    const details = this.details;
-    if (!details) return null;
-    const fieldErrors = {};
-    for (const [key, value] of Object.entries(details)) {
-      if (Array.isArray(value)) fieldErrors[key] = value;
-    }
-    return Object.keys(fieldErrors).length > 0 ? fieldErrors : null;
-  }
-  get errorMessage() {
-    const details = this.details;
-    if (!details) return this.message;
-    if (details.detail) {
-      return Array.isArray(details.detail) ? details.detail.join(", ") : String(details.detail);
-    }
-    if (details.error) return String(details.error);
-    if (details.message) return String(details.message);
-    const fieldErrors = this.fieldErrors;
-    if (fieldErrors) {
-      const firstField = Object.keys(fieldErrors)[0];
-      if (firstField) return `${firstField}: ${fieldErrors[firstField]?.join(", ")}`;
-    }
-    return this.message;
-  }
-  get isValidationError() {
-    return this.statusCode === 400;
-  }
-  get isAuthError() {
-    return this.statusCode === 401;
-  }
-  get isPermissionError() {
-    return this.statusCode === 403;
-  }
-  get isNotFoundError() {
-    return this.statusCode === 404;
-  }
-  get isServerError() {
-    return this.statusCode >= 500 && this.statusCode < 600;
-  }
-};
-
-// src/_api/generated/_cfg_centrifugo/api.ts
-var API2 = class {
-  static {
-    __name(this, "API");
-  }
-  logger;
-  constructor(_baseUrl, opts = {}) {
-    this.logger = new APILogger(opts.logger);
-    if (_baseUrl) auth.setBaseUrl(_baseUrl);
-    if (opts.locale !== void 0) auth.setLocale(opts.locale);
-    if (opts.apiKey !== void 0) auth.setApiKey(opts.apiKey);
-    if (opts.withCredentials !== void 0) auth.setWithCredentials(opts.withCredentials);
-  }
-  // ── Base URL ────────────────────────────────────────────────────────────
-  getBaseUrl() {
-    return auth.getBaseUrl();
-  }
-  setBaseUrl(url) {
-    auth.setBaseUrl(url);
-  }
-  // ── Tokens ──────────────────────────────────────────────────────────────
-  getToken() {
-    return auth.getToken();
-  }
-  setToken(token) {
-    auth.setToken(token);
-  }
-  getRefreshToken() {
-    return auth.getRefreshToken();
-  }
-  setRefreshToken(token) {
-    auth.setRefreshToken(token);
-  }
-  clearToken() {
-    auth.clearTokens();
-  }
-  isAuthenticated() {
-    return auth.isAuthenticated();
-  }
-  // ── Locale / API key ────────────────────────────────────────────────────
-  getLocale() {
-    return auth.getLocale();
-  }
-  setLocale(locale) {
-    auth.setLocale(locale);
-  }
-  getApiKey() {
-    return auth.getApiKey();
-  }
-  setApiKey(key) {
-    auth.setApiKey(key);
-  }
-  // ── 401 handling ────────────────────────────────────────────────────────
-  /** Fired only on terminal 401 (after refresh+retry path is exhausted). */
-  onUnauthorized(cb) {
-    auth.onUnauthorized(cb);
-  }
-  /** Provide a refresh strategy. See `auth.setRefreshHandler` for the contract. */
-  setRefreshHandler(fn) {
-    auth.setRefreshHandler(fn);
-  }
-};
-
-// src/_api/generated/_cfg_totp/api.ts
-var API3 = class {
-  static {
-    __name(this, "API");
-  }
-  logger;
-  constructor(_baseUrl, opts = {}) {
-    this.logger = new APILogger(opts.logger);
-    if (_baseUrl) auth.setBaseUrl(_baseUrl);
-    if (opts.locale !== void 0) auth.setLocale(opts.locale);
-    if (opts.apiKey !== void 0) auth.setApiKey(opts.apiKey);
-    if (opts.withCredentials !== void 0) auth.setWithCredentials(opts.withCredentials);
-  }
-  // ── Base URL ────────────────────────────────────────────────────────────
-  getBaseUrl() {
-    return auth.getBaseUrl();
-  }
-  setBaseUrl(url) {
-    auth.setBaseUrl(url);
-  }
-  // ── Tokens ──────────────────────────────────────────────────────────────
-  getToken() {
-    return auth.getToken();
-  }
-  setToken(token) {
-    auth.setToken(token);
-  }
-  getRefreshToken() {
-    return auth.getRefreshToken();
-  }
-  setRefreshToken(token) {
-    auth.setRefreshToken(token);
-  }
-  clearToken() {
-    auth.clearTokens();
-  }
-  isAuthenticated() {
-    return auth.isAuthenticated();
-  }
-  // ── Locale / API key ────────────────────────────────────────────────────
-  getLocale() {
-    return auth.getLocale();
-  }
-  setLocale(locale) {
-    auth.setLocale(locale);
-  }
-  getApiKey() {
-    return auth.getApiKey();
-  }
-  setApiKey(key) {
-    auth.setApiKey(key);
-  }
-  // ── 401 handling ────────────────────────────────────────────────────────
-  /** Fired only on terminal 401 (after refresh+retry path is exhausted). */
-  onUnauthorized(cb) {
-    auth.onUnauthorized(cb);
-  }
-  /** Provide a refresh strategy. See `auth.setRefreshHandler` for the contract. */
-  setRefreshHandler(fn) {
-    auth.setRefreshHandler(fn);
-  }
-};
-
-// src/_api/generated/index.ts
-var CfgAccountsApi = new API();
-var CfgCentrifugoApi = new API2();
-var CfgTotpApi = new API3();
-
 // src/_api/generated/core/bodySerializer.gen.ts
 var serializeFormDataPair = /* @__PURE__ */ __name((data, key, value) => {
   if (typeof value === "string" || value instanceof Blob) {
@@ -1723,18 +1470,79 @@ var client = createClient(createConfig({ baseUrl: "http://localhost:8000" }));
 installAuthOnClient(client);
 
 // src/_api/generated/sdk.gen.ts
-var Cfg = class {
+var CfgAccountsApiKey = class {
   static {
-    __name(this, "Cfg");
+    __name(this, "CfgAccountsApiKey");
   }
   /**
-   * List OAuth connections
+   * Get API key details
+   *
+   * Retrieve the current user's API key (masked) and metadata.
+   */
+  static cfgAccountsApiKeyRetrieve(options) {
+    return (options?.client ?? client).get({
+      security: [{ scheme: "bearer", type: "http" }, {
+        in: "cookie",
+        name: "sessionid",
+        type: "apiKey"
+      }],
+      url: "/cfg/accounts/api-key/",
+      ...options
+    });
+  }
+  /**
+   * Regenerate API key
+   *
+   * Generate a new API key. The full key is returned only once.
+   */
+  static cfgAccountsApiKeyRegenerateCreate(options) {
+    return (options.client ?? client).post({
+      security: [{ scheme: "bearer", type: "http" }, {
+        in: "cookie",
+        name: "sessionid",
+        type: "apiKey"
+      }],
+      url: "/cfg/accounts/api-key/regenerate/",
+      ...options,
+      headers: {
+        "Content-Type": "application/json",
+        ...options.headers
+      }
+    });
+  }
+  /**
+   * Test API key
+   *
+   * Test whether an API key is valid without consuming it.
+   */
+  static cfgAccountsApiKeyTestCreate(options) {
+    return (options.client ?? client).post({
+      security: [{ scheme: "bearer", type: "http" }, {
+        in: "cookie",
+        name: "sessionid",
+        type: "apiKey"
+      }],
+      url: "/cfg/accounts/api-key/test/",
+      ...options,
+      headers: {
+        "Content-Type": "application/json",
+        ...options.headers
+      }
+    });
+  }
+};
+var CfgAccountsOauth = class {
+  static {
+    __name(this, "CfgAccountsOauth");
+  }
+  /**
+   * List OAuth connections
    *
    * Get all OAuth connections for the current user.
    */
   static cfgAccountsOauthConnectionsList(options) {
     return (options?.client ?? client).get({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/accounts/oauth/connections/",
       ...options
     });
@@ -1746,7 +1554,7 @@ var Cfg = class {
    */
   static cfgAccountsOauthDisconnectCreate(options) {
     return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/accounts/oauth/disconnect/",
       ...options,
       headers: {
@@ -1793,12 +1601,17 @@ var Cfg = class {
   static cfgAccountsOauthProvidersRetrieve(options) {
     return (options?.client ?? client).get({ url: "/cfg/accounts/oauth/providers/", ...options });
   }
+};
+var CfgAccounts = class {
+  static {
+    __name(this, "CfgAccounts");
+  }
   /**
    * Request OTP code to email.
    */
   static cfgAccountsOtpRequestCreate(options) {
     return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/accounts/otp/request/",
       ...options,
       headers: {
@@ -1819,7 +1632,7 @@ var Cfg = class {
    */
   static cfgAccountsOtpVerifyCreate(options) {
     return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/accounts/otp/verify/",
       ...options,
       headers: {
@@ -1828,6 +1641,11 @@ var Cfg = class {
       }
     });
   }
+};
+var CfgAccountsProfile = class {
+  static {
+    __name(this, "CfgAccountsProfile");
+  }
   /**
    * Get current user profile
    *
@@ -1852,7 +1670,7 @@ var Cfg = class {
   static cfgAccountsProfileAvatarCreate(options) {
     return (options?.client ?? client).post({
       ...formDataBodySerializer,
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/accounts/profile/avatar/",
       ...options,
       headers: {
@@ -1967,6 +1785,11 @@ var Cfg = class {
       }
     });
   }
+};
+var CfgAccountsAuth = class {
+  static {
+    __name(this, "CfgAccountsAuth");
+  }
   /**
    * Refresh JWT token.
    */
@@ -1980,6 +1803,11 @@ var Cfg = class {
       }
     });
   }
+};
+var CfgCentrifugo = class {
+  static {
+    __name(this, "CfgCentrifugo");
+  }
   /**
    * Get Centrifugo connection token
    *
@@ -1987,17 +1815,22 @@ var Cfg = class {
    */
   static cfgCentrifugoAuthTokenRetrieve(options) {
     return (options?.client ?? client).get({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/centrifugo/auth/token/",
       ...options
     });
   }
+};
+var CfgTotpBackupCodes = class {
+  static {
+    __name(this, "CfgTotpBackupCodes");
+  }
   /**
    * Get backup codes status for user.
    */
   static cfgTotpBackupCodesRetrieve(options) {
     return (options?.client ?? client).get({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/totp/backup-codes/",
       ...options
     });
@@ -2010,7 +1843,7 @@ var Cfg = class {
    */
   static cfgTotpBackupCodesRegenerateCreate(options) {
     return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/totp/backup-codes/regenerate/",
       ...options,
       headers: {
@@ -2019,12 +1852,17 @@ var Cfg = class {
       }
     });
   }
+};
+var CfgTotp = class {
+  static {
+    __name(this, "CfgTotp");
+  }
   /**
    * List all TOTP devices for user.
    */
   static cfgTotpDevicesRetrieve(options) {
     return (options?.client ?? client).get({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/totp/devices/",
       ...options
     });
@@ -2036,7 +1874,7 @@ var Cfg = class {
    */
   static cfgTotpDevicesDestroy(options) {
     return (options.client ?? client).delete({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/totp/devices/{id}/",
       ...options
     });
@@ -2048,7 +1886,7 @@ var Cfg = class {
    */
   static cfgTotpDisableCreate(options) {
     return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/totp/disable/",
       ...options,
       headers: {
@@ -2057,6 +1895,11 @@ var Cfg = class {
       }
     });
   }
+};
+var CfgTotpSetup = class {
+  static {
+    __name(this, "CfgTotpSetup");
+  }
   /**
    * Start 2FA setup process.
    *
@@ -2064,7 +1907,7 @@ var Cfg = class {
    */
   static cfgTotpSetupCreate(options) {
     return (options?.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/totp/setup/",
       ...options,
       headers: {
@@ -2080,7 +1923,7 @@ var Cfg = class {
    */
   static cfgTotpSetupConfirmCreate(options) {
     return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/totp/setup/confirm/",
       ...options,
       headers: {
@@ -2089,6 +1932,11 @@ var Cfg = class {
       }
     });
   }
+};
+var CfgTotpVerify = class {
+  static {
+    __name(this, "CfgTotpVerify");
+  }
   /**
    * Verify TOTP code for 2FA session.
    *
@@ -2096,7 +1944,7 @@ var Cfg = class {
    */
   static cfgTotpVerifyCreate(options) {
     return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/totp/verify/",
       ...options,
       headers: {
@@ -2112,7 +1960,7 @@ var Cfg = class {
    */
   static cfgTotpVerifyBackupCreate(options) {
     return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
+      security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
       url: "/cfg/totp/verify/backup/",
       ...options,
       headers: {
@@ -2122,345 +1970,271 @@ var Cfg = class {
     });
   }
 };
-var OAuth = class {
+
+// src/_api/generated/_cfg_accounts/api.ts
+var API = class {
   static {
-    __name(this, "OAuth");
+    __name(this, "API");
   }
-  /**
-   * List OAuth connections
-   *
-   * Get all OAuth connections for the current user.
-   */
-  static cfgAccountsOauthConnectionsList(options) {
-    return (options?.client ?? client).get({
-      security: [{ scheme: "bearer", type: "http" }],
-      url: "/cfg/accounts/oauth/connections/",
-      ...options
-    });
+  logger;
+  cfgAccountsApiKey = CfgAccountsApiKey;
+  cfgAccountsOauth = CfgAccountsOauth;
+  cfgAccounts = CfgAccounts;
+  cfgAccountsProfile = CfgAccountsProfile;
+  cfgAccountsAuth = CfgAccountsAuth;
+  constructor(_baseUrl, opts = {}) {
+    this.logger = new APILogger(opts.logger);
+    if (_baseUrl) auth.setBaseUrl(_baseUrl);
+    if (opts.locale !== void 0) auth.setLocale(opts.locale);
+    if (opts.apiKey !== void 0) auth.setApiKey(opts.apiKey);
+    if (opts.withCredentials !== void 0) auth.setWithCredentials(opts.withCredentials);
   }
-  /**
-   * Disconnect OAuth provider
-   *
-   * Remove OAuth connection for the specified provider.
-   */
-  static cfgAccountsOauthDisconnectCreate(options) {
-    return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
-      url: "/cfg/accounts/oauth/disconnect/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options.headers
-      }
-    });
+  // ── Base URL ────────────────────────────────────────────────────────────
+  getBaseUrl() {
+    return auth.getBaseUrl();
   }
-  /**
-   * Start GitHub OAuth
-   *
-   * Generate GitHub OAuth authorization URL. Redirect user to this URL to start authentication.
-   */
-  static cfgAccountsOauthGithubAuthorizeCreate(options) {
-    return (options?.client ?? client).post({
-      url: "/cfg/accounts/oauth/github/authorize/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options?.headers
-      }
-    });
+  setBaseUrl(url) {
+    auth.setBaseUrl(url);
   }
-  /**
-   * Complete GitHub OAuth
-   *
-   * Exchange authorization code for JWT tokens. Call this after GitHub redirects back with code.
-   */
-  static cfgAccountsOauthGithubCallbackCreate(options) {
-    return (options.client ?? client).post({
-      url: "/cfg/accounts/oauth/github/callback/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options.headers
-      }
-    });
+  // ── Tokens ──────────────────────────────────────────────────────────────
+  getToken() {
+    return auth.getToken();
   }
-  /**
-   * List OAuth providers
-   *
-   * Get list of available OAuth providers for authentication.
-   */
-  static cfgAccountsOauthProvidersRetrieve(options) {
-    return (options?.client ?? client).get({ url: "/cfg/accounts/oauth/providers/", ...options });
+  setToken(token) {
+    auth.setToken(token);
   }
-};
-var UserProfile = class {
-  static {
-    __name(this, "UserProfile");
+  getRefreshToken() {
+    return auth.getRefreshToken();
   }
-  /**
-   * Get current user profile
-   *
-   * Retrieve the current authenticated user's profile information.
-   */
-  static cfgAccountsProfileRetrieve(options) {
-    return (options?.client ?? client).get({
-      security: [{ scheme: "bearer", type: "http" }, {
-        in: "cookie",
-        name: "sessionid",
-        type: "apiKey"
-      }],
-      url: "/cfg/accounts/profile/",
-      ...options
-    });
+  setRefreshToken(token) {
+    auth.setRefreshToken(token);
   }
-  /**
-   * Upload user avatar
-   *
-   * Upload avatar image for the current authenticated user. Accepts multipart/form-data with 'avatar' field.
-   */
-  static cfgAccountsProfileAvatarCreate(options) {
-    return (options?.client ?? client).post({
-      ...formDataBodySerializer,
-      security: [{ scheme: "bearer", type: "http" }],
-      url: "/cfg/accounts/profile/avatar/",
-      ...options,
-      headers: {
-        "Content-Type": null,
-        ...options?.headers
-      }
-    });
+  clearToken() {
+    auth.clearTokens();
   }
-  /**
-   * Delete user account
-   *
-   *
-   * Permanently delete the current user's account.
-   *
-   * This operation:
-   * - Deactivates the account (user cannot log in)
-   * - Anonymizes personal data (GDPR compliance)
-   * - Frees up the email address for re-registration
-   * - Preserves audit trail
-   *
-   * The account can be restored by an administrator if needed.
-   *
-   */
-  static cfgAccountsProfileDeleteCreate(options) {
-    return (options?.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }, {
-        in: "cookie",
-        name: "sessionid",
-        type: "apiKey"
-      }],
-      url: "/cfg/accounts/profile/delete/",
-      ...options
-    });
+  isAuthenticated() {
+    return auth.isAuthenticated();
   }
-  /**
-   * Partial update user profile
-   *
-   * Partially update the current authenticated user's profile information. Supports avatar upload.
-   */
-  static cfgAccountsProfilePartialPartialUpdate(options) {
-    return (options?.client ?? client).patch({
-      security: [{ scheme: "bearer", type: "http" }, {
-        in: "cookie",
-        name: "sessionid",
-        type: "apiKey"
-      }],
-      url: "/cfg/accounts/profile/partial/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options?.headers
-      }
-    });
+  // ── Locale / API key ────────────────────────────────────────────────────
+  getLocale() {
+    return auth.getLocale();
   }
-  /**
-   * Partial update user profile
-   *
-   * Partially update the current authenticated user's profile information. Supports avatar upload.
-   */
-  static cfgAccountsProfilePartialUpdate(options) {
-    return (options?.client ?? client).put({
-      security: [{ scheme: "bearer", type: "http" }, {
-        in: "cookie",
-        name: "sessionid",
-        type: "apiKey"
-      }],
-      url: "/cfg/accounts/profile/partial/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options?.headers
-      }
-    });
+  setLocale(locale) {
+    auth.setLocale(locale);
   }
-  /**
-   * Update user profile
-   *
-   * Update the current authenticated user's profile information.
-   */
-  static cfgAccountsProfileUpdatePartialUpdate(options) {
-    return (options?.client ?? client).patch({
-      security: [{ scheme: "bearer", type: "http" }, {
-        in: "cookie",
-        name: "sessionid",
-        type: "apiKey"
-      }],
-      url: "/cfg/accounts/profile/update/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options?.headers
-      }
-    });
+  getApiKey() {
+    return auth.getApiKey();
   }
-  /**
-   * Update user profile
-   *
-   * Update the current authenticated user's profile information.
-   */
-  static cfgAccountsProfileUpdateUpdate(options) {
-    return (options?.client ?? client).put({
-      security: [{ scheme: "bearer", type: "http" }, {
-        in: "cookie",
-        name: "sessionid",
-        type: "apiKey"
-      }],
-      url: "/cfg/accounts/profile/update/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options?.headers
-      }
-    });
+  setApiKey(key) {
+    auth.setApiKey(key);
   }
-};
-var Auth = class {
-  static {
-    __name(this, "Auth");
+  // ── 401 handling ────────────────────────────────────────────────────────
+  /** Fired only on terminal 401 (after refresh+retry path is exhausted). */
+  onUnauthorized(cb) {
+    auth.onUnauthorized(cb);
   }
-  /**
-   * Refresh JWT token.
-   */
-  static cfgAccountsTokenRefreshCreate(options) {
-    return (options.client ?? client).post({
-      url: "/cfg/accounts/token/refresh/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options.headers
-      }
-    });
+  /** Provide a refresh strategy. See `auth.setRefreshHandler` for the contract. */
+  setRefreshHandler(fn) {
+    auth.setRefreshHandler(fn);
   }
 };
-var TotpManagement = class {
+
+// src/_api/generated/helpers/errors.ts
+var APIError = class extends Error {
+  constructor(statusCode, statusText, response, url, message) {
+    super(message || `HTTP ${statusCode}: ${statusText}`);
+    this.statusCode = statusCode;
+    this.statusText = statusText;
+    this.response = response;
+    this.url = url;
+    this.name = "APIError";
+  }
   static {
-    __name(this, "TotpManagement");
+    __name(this, "APIError");
   }
-  /**
-   * List all TOTP devices for user.
-   */
-  static cfgTotpDevicesRetrieve(options) {
-    return (options?.client ?? client).get({
-      security: [{ scheme: "bearer", type: "http" }],
-      url: "/cfg/totp/devices/",
-      ...options
-    });
+  get details() {
+    if (typeof this.response === "object" && this.response !== null) {
+      return this.response;
+    }
+    return null;
   }
-  /**
-   * Completely disable 2FA for account.
-   *
-   * Requires verification code.
-   */
-  static cfgTotpDisableCreate(options) {
-    return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
-      url: "/cfg/totp/disable/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options.headers
-      }
-    });
+  get fieldErrors() {
+    const details = this.details;
+    if (!details) return null;
+    const fieldErrors = {};
+    for (const [key, value] of Object.entries(details)) {
+      if (Array.isArray(value)) fieldErrors[key] = value;
+    }
+    return Object.keys(fieldErrors).length > 0 ? fieldErrors : null;
+  }
+  get errorMessage() {
+    const details = this.details;
+    if (!details) return this.message;
+    if (details.detail) {
+      return Array.isArray(details.detail) ? details.detail.join(", ") : String(details.detail);
+    }
+    if (details.error) return String(details.error);
+    if (details.message) return String(details.message);
+    const fieldErrors = this.fieldErrors;
+    if (fieldErrors) {
+      const firstField = Object.keys(fieldErrors)[0];
+      if (firstField) return `${firstField}: ${fieldErrors[firstField]?.join(", ")}`;
+    }
+    return this.message;
+  }
+  get isValidationError() {
+    return this.statusCode === 400;
+  }
+  get isAuthError() {
+    return this.statusCode === 401;
+  }
+  get isPermissionError() {
+    return this.statusCode === 403;
+  }
+  get isNotFoundError() {
+    return this.statusCode === 404;
+  }
+  get isServerError() {
+    return this.statusCode >= 500 && this.statusCode < 600;
   }
 };
-var TotpSetup = class {
+
+// src/_api/generated/_cfg_centrifugo/api.ts
+var API2 = class {
   static {
-    __name(this, "TotpSetup");
+    __name(this, "API");
   }
-  /**
-   * Start 2FA setup process.
-   *
-   * Creates a new TOTP device and returns QR code for scanning.
-   */
-  static cfgTotpSetupCreate(options) {
-    return (options?.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
-      url: "/cfg/totp/setup/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options?.headers
-      }
-    });
+  logger;
+  cfgCentrifugo = CfgCentrifugo;
+  constructor(_baseUrl, opts = {}) {
+    this.logger = new APILogger(opts.logger);
+    if (_baseUrl) auth.setBaseUrl(_baseUrl);
+    if (opts.locale !== void 0) auth.setLocale(opts.locale);
+    if (opts.apiKey !== void 0) auth.setApiKey(opts.apiKey);
+    if (opts.withCredentials !== void 0) auth.setWithCredentials(opts.withCredentials);
   }
-  /**
-   * Confirm 2FA setup with first valid code.
-   *
-   * Activates the device and generates backup codes.
-   */
-  static cfgTotpSetupConfirmCreate(options) {
-    return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
-      url: "/cfg/totp/setup/confirm/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options.headers
-      }
-    });
+  // ── Base URL ────────────────────────────────────────────────────────────
+  getBaseUrl() {
+    return auth.getBaseUrl();
+  }
+  setBaseUrl(url) {
+    auth.setBaseUrl(url);
+  }
+  // ── Tokens ──────────────────────────────────────────────────────────────
+  getToken() {
+    return auth.getToken();
+  }
+  setToken(token) {
+    auth.setToken(token);
+  }
+  getRefreshToken() {
+    return auth.getRefreshToken();
+  }
+  setRefreshToken(token) {
+    auth.setRefreshToken(token);
+  }
+  clearToken() {
+    auth.clearTokens();
+  }
+  isAuthenticated() {
+    return auth.isAuthenticated();
+  }
+  // ── Locale / API key ────────────────────────────────────────────────────
+  getLocale() {
+    return auth.getLocale();
+  }
+  setLocale(locale) {
+    auth.setLocale(locale);
+  }
+  getApiKey() {
+    return auth.getApiKey();
+  }
+  setApiKey(key) {
+    auth.setApiKey(key);
+  }
+  // ── 401 handling ────────────────────────────────────────────────────────
+  /** Fired only on terminal 401 (after refresh+retry path is exhausted). */
+  onUnauthorized(cb) {
+    auth.onUnauthorized(cb);
+  }
+  /** Provide a refresh strategy. See `auth.setRefreshHandler` for the contract. */
+  setRefreshHandler(fn) {
+    auth.setRefreshHandler(fn);
   }
 };
-var TotpVerification = class {
+
+// src/_api/generated/_cfg_totp/api.ts
+var API3 = class {
   static {
-    __name(this, "TotpVerification");
+    __name(this, "API");
   }
-  /**
-   * Verify TOTP code for 2FA session.
-   *
-   * Completes authentication and returns JWT tokens on success.
-   */
-  static cfgTotpVerifyCreate(options) {
-    return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
-      url: "/cfg/totp/verify/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options.headers
-      }
-    });
+  logger;
+  cfgTotpBackupCodes = CfgTotpBackupCodes;
+  cfgTotp = CfgTotp;
+  cfgTotpSetup = CfgTotpSetup;
+  cfgTotpVerify = CfgTotpVerify;
+  constructor(_baseUrl, opts = {}) {
+    this.logger = new APILogger(opts.logger);
+    if (_baseUrl) auth.setBaseUrl(_baseUrl);
+    if (opts.locale !== void 0) auth.setLocale(opts.locale);
+    if (opts.apiKey !== void 0) auth.setApiKey(opts.apiKey);
+    if (opts.withCredentials !== void 0) auth.setWithCredentials(opts.withCredentials);
+  }
+  // ── Base URL ────────────────────────────────────────────────────────────
+  getBaseUrl() {
+    return auth.getBaseUrl();
+  }
+  setBaseUrl(url) {
+    auth.setBaseUrl(url);
+  }
+  // ── Tokens ──────────────────────────────────────────────────────────────
+  getToken() {
+    return auth.getToken();
+  }
+  setToken(token) {
+    auth.setToken(token);
+  }
+  getRefreshToken() {
+    return auth.getRefreshToken();
+  }
+  setRefreshToken(token) {
+    auth.setRefreshToken(token);
+  }
+  clearToken() {
+    auth.clearTokens();
+  }
+  isAuthenticated() {
+    return auth.isAuthenticated();
+  }
+  // ── Locale / API key ────────────────────────────────────────────────────
+  getLocale() {
+    return auth.getLocale();
+  }
+  setLocale(locale) {
+    auth.setLocale(locale);
+  }
+  getApiKey() {
+    return auth.getApiKey();
+  }
+  setApiKey(key) {
+    auth.setApiKey(key);
+  }
+  // ── 401 handling ────────────────────────────────────────────────────────
+  /** Fired only on terminal 401 (after refresh+retry path is exhausted). */
+  onUnauthorized(cb) {
+    auth.onUnauthorized(cb);
   }
-  /**
-   * Verify backup recovery code for 2FA session.
-   *
-   * Alternative verification method when TOTP device unavailable.
-   */
-  static cfgTotpVerifyBackupCreate(options) {
-    return (options.client ?? client).post({
-      security: [{ scheme: "bearer", type: "http" }],
-      url: "/cfg/totp/verify/backup/",
-      ...options,
-      headers: {
-        "Content-Type": "application/json",
-        ...options.headers
-      }
-    });
+  /** Provide a refresh strategy. See `auth.setRefreshHandler` for the contract. */
+  setRefreshHandler(fn) {
+    auth.setRefreshHandler(fn);
   }
 };
 
+// src/_api/generated/index.ts
+var CfgAccountsApi = new API();
+var CfgCentrifugoApi = new API2();
+var CfgTotpApi = new API3();
+
 // src/auth/utils/analytics.ts
 var AnalyticsEvent = /* @__PURE__ */ ((AnalyticsEvent2) => {
   AnalyticsEvent2["AUTH_OTP_REQUEST"] = "auth_otp_request";
@@ -2549,7 +2323,7 @@ var useTwoFactor = /* @__PURE__ */ __name((options = {}) => {
     setError(null);
     try {
       authLogger.info("Verifying TOTP code...");
-      const result = await TotpVerification.cfgTotpVerifyCreate({
+      const result = await CfgTotpVerify.cfgTotpVerifyCreate({
         body: { session_id: sessionId, code },
         throwOnError: true
       });
@@ -2593,7 +2367,7 @@ var useTwoFactor = /* @__PURE__ */ __name((options = {}) => {
     setError(null);
     try {
       authLogger.info("Verifying backup code...");
-      const result = await TotpVerification.cfgTotpVerifyBackupCreate({
+      const result = await CfgTotpVerify.cfgTotpVerifyBackupCreate({
         body: {
           session_id: sessionId,
           backup_code: backupCode.replace(/\s+/g, "")
@@ -2937,7 +2711,7 @@ var useGithubAuth = /* @__PURE__ */ __name((options = {}) => {
         category: "auth" /* AUTH */,
         label: "github"
       });
-      const result = await OAuth.cfgAccountsOauthGithubAuthorizeCreate({
+      const result = await CfgAccountsOauth.cfgAccountsOauthGithubAuthorizeCreate({
         body: {
           source_url: sourceUrl || (typeof window !== "undefined" ? window.location.href : "")
         },
@@ -2979,7 +2753,7 @@ var useGithubAuth = /* @__PURE__ */ __name((options = {}) => {
         sessionStorage.removeItem("oauth_state");
         sessionStorage.removeItem("oauth_provider");
       }
-      const result = await OAuth.cfgAccountsOauthGithubCallbackCreate({
+      const result = await CfgAccountsOauth.cfgAccountsOauthGithubCallbackCreate({
         body: { code, state },
         throwOnError: true
       });
@@ -3058,7 +2832,7 @@ var useTwoFactorSetup = /* @__PURE__ */ __name((options = {}) => {
     setSetupStep("scanning");
     try {
       authLogger.info("Starting 2FA setup...");
-      const result = await TotpSetup.cfgTotpSetupCreate({
+      const result = await CfgTotpSetup.cfgTotpSetupCreate({
         body: { device_name: deviceName },
         throwOnError: true
       });
@@ -3102,7 +2876,7 @@ var useTwoFactorSetup = /* @__PURE__ */ __name((options = {}) => {
     setSetupStep("confirming");
     try {
       authLogger.info("Confirming 2FA setup...");
-      const result = await TotpSetup.cfgTotpSetupConfirmCreate({
+      const result = await CfgTotpSetup.cfgTotpSetupConfirmCreate({
         body: { device_id: setupData.deviceId, code },
         throwOnError: true
       });
@@ -3165,7 +2939,7 @@ var useTwoFactorStatus = /* @__PURE__ */ __name(() => {
     setError(null);
     try {
       authLogger.info("Fetching 2FA status...");
-      const result = await TotpManagement.cfgTotpDevicesRetrieve({ throwOnError: true });
+      const result = await CfgTotp.cfgTotpDevicesRetrieve({ throwOnError: true });
       const response = result.data;
       const mappedDevices = response.devices.map((device) => ({
         id: device.id,
@@ -3194,7 +2968,7 @@ var useTwoFactorStatus = /* @__PURE__ */ __name(() => {
     setError(null);
     try {
       authLogger.info("Disabling 2FA...");
-      await TotpManagement.cfgTotpDisableCreate({ body: { code }, throwOnError: true });
+      await CfgTotp.cfgTotpDisableCreate({ body: { code }, throwOnError: true });
       setHas2FAEnabled(false);
       setDevices([]);
       authLogger.info("2FA disabled successfully");
@@ -3773,7 +3547,7 @@ function useTokenRefresh(options = {}) {
     isRefreshingRef.current = true;
     authLogger.info("Refreshing token...");
     try {
-      const result = await Auth.cfgAccountsTokenRefreshCreate({
+      const result = await CfgAccountsAuth.cfgAccountsTokenRefreshCreate({
         body: { refresh: refreshTokenValue },
         throwOnError: true
       });
@@ -3847,7 +3621,7 @@ var useDeleteAccount = /* @__PURE__ */ __name(() => {
     setError(null);
     try {
       authLogger.info("Deleting account...");
-      const result = await UserProfile.cfgAccountsProfileDeleteCreate({ throwOnError: true });
+      const result = await CfgAccountsProfile.cfgAccountsProfileDeleteCreate({ throwOnError: true });
       const response = result.data;
       if (!response.success) {
         authLogger.error("Failed to delete account:", response.message);
@@ -3877,33 +3651,164 @@ import {
   useCallback as useCallback11,
   useContext,
   useEffect as useEffect8,
+  useMemo as useMemo2,
   useRef as useRef5,
   useState as useState11
 } from "react";
 
-// src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthConnectionsList.ts
+// src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyRegenerateCreate.ts
+import useSWRMutation from "swr/mutation";
+
+// src/_api/generated/_cfg_accounts/schemas/APIKeyRegenerate.ts
+import { z } from "zod";
+var APIKeyRegenerateSchema = z.object({
+  key: z.string(),
+  reissued_at: z.string().datetime({ offset: true })
+});
+
+// src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyRetrieve.ts
 import useSWR from "swr";
 
+// src/_api/generated/_cfg_accounts/schemas/APIKey.ts
+import { z as z2 } from "zod";
+var APIKeySchema = z2.object({
+  key: z2.string(),
+  reissued_at: z2.string().datetime({ offset: true }).nullable(),
+  created_at: z2.string().datetime({ offset: true })
+});
+
+// src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyTestCreate.ts
+import useSWRMutation2 from "swr/mutation";
+
+// src/_api/generated/_cfg_accounts/schemas/APIKeyTestResult.ts
+import { z as z3 } from "zod";
+var APIKeyTestResultSchema = z3.object({
+  valid: z3.boolean(),
+  user_id: z3.string().nullable()
+});
+
+// src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthConnectionsList.ts
+import useSWR2 from "swr";
+
+// src/_api/generated/_cfg_accounts/schemas/cfg_accounts_oauth_connections_response_200_AutoRef.ts
+import { z as z6 } from "zod";
+
+// src/_api/generated/_cfg_accounts/schemas/OAuthConnection.ts
+import { z as z5 } from "zod";
+
+// src/_api/generated/_cfg_accounts/schemas/OAuthProviderEnum.ts
+import { z as z4 } from "zod";
+var OAuthProviderEnumSchema = z4.enum(["github"]);
+
+// src/_api/generated/_cfg_accounts/schemas/OAuthConnection.ts
+var OAuthConnectionSchema = z5.object({
+  id: z5.number().int(),
+  provider: OAuthProviderEnumSchema,
+  provider_display: z5.string(),
+  provider_username: z5.string(),
+  provider_email: z5.email(),
+  provider_avatar_url: z5.string(),
+  connected_at: z5.string().datetime({ offset: true }),
+  last_login_at: z5.string().datetime({ offset: true })
+});
+
+// src/_api/generated/_cfg_accounts/schemas/cfg_accounts_oauth_connections_response_200_AutoRef.ts
+var cfg_accounts_oauth_connections_response_200_AutoRefSchema = z6.array(OAuthConnectionSchema);
+
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthDisconnectCreate.ts
-import useSWRMutation from "swr/mutation";
+import useSWRMutation3 from "swr/mutation";
+
+// src/_api/generated/_cfg_accounts/schemas/cfg_accounts_oauth_disconnect_response_200_AutoRef.ts
+import { z as z7 } from "zod";
+var cfg_accounts_oauth_disconnect_response_200_AutoRefSchema = z7.object({
+  message: z7.string().optional()
+});
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthGithubAuthorizeCreate.ts
-import useSWRMutation2 from "swr/mutation";
+import useSWRMutation4 from "swr/mutation";
+
+// src/_api/generated/_cfg_accounts/schemas/OAuthAuthorizeResponse.ts
+import { z as z8 } from "zod";
+var OAuthAuthorizeResponseSchema = z8.object({
+  authorization_url: z8.string(),
+  state: z8.string()
+});
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthGithubCallbackCreate.ts
-import useSWRMutation3 from "swr/mutation";
+import useSWRMutation5 from "swr/mutation";
+
+// src/_api/generated/_cfg_accounts/schemas/OAuthTokenResponse.ts
+import { z as z9 } from "zod";
+var OAuthTokenResponseSchema = z9.object({
+  requires_2fa: z9.boolean().default(false).optional(),
+  session_id: z9.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),
+  access: z9.string().nullable().optional(),
+  refresh: z9.string().nullable().optional(),
+  user: z9.object({}).passthrough().nullable().optional(),
+  is_new_user: z9.boolean(),
+  is_new_connection: z9.boolean(),
+  should_prompt_2fa: z9.boolean().optional()
+});
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthProvidersRetrieve.ts
-import useSWR2 from "swr";
+import useSWR3 from "swr";
+
+// src/_api/generated/_cfg_accounts/schemas/OAuthProvidersResponse.ts
+import { z as z10 } from "zod";
+var OAuthProvidersResponseSchema = z10.object({
+  providers: z10.array(z10.object({}).passthrough())
+});
+
+// src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOtpRequestCreate.ts
+import useSWRMutation6 from "swr/mutation";
+
+// src/_api/generated/_cfg_accounts/schemas/OTPRequestResponse.ts
+import { z as z11 } from "zod";
+var OTPRequestResponseSchema = z11.object({
+  message: z11.string()
+});
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOtpRequestCreate.ts
-import useSWRMutation4 from "swr/mutation";
 function useCfgAccountsOtpRequestCreate(config) {
-  return useSWRMutation4(
+  return useSWRMutation6(
     ["cfg_accounts_otp_request_create"],
     async (_key, { arg }) => {
-      const res = await Cfg.cfgAccountsOtpRequestCreate({ ...arg, throwOnError: true });
-      return res.data;
+      const res = await CfgAccounts.cfgAccountsOtpRequestCreate({ ...arg, throwOnError: true });
+      const data = res.data;
+      const parsed = OTPRequestResponseSchema.safeParse(data);
+      if (!parsed.success) {
+        console.warn(
+          "[zod] response did not match schema",
+          {
+            operation: "cfg_accounts_otp_request_create",
+            method: "POST",
+            path: "/cfg/accounts/otp/request/",
+            issues: parsed.error.issues,
+            data
+          }
+        );
+        if (typeof window !== "undefined") {
+          try {
+            window.dispatchEvent(
+              new CustomEvent("zod-validation-error", {
+                detail: {
+                  operation: "cfg_accounts_otp_request_create",
+                  method: "POST",
+                  path: "/cfg/accounts/otp/request/",
+                  issues: parsed.error.issues,
+                  data,
+                  timestamp: /* @__PURE__ */ new Date()
+                },
+                bubbles: true,
+                cancelable: false
+              })
+            );
+          } catch {
+          }
+        }
+        return data;
+      }
+      return parsed.data;
     },
     config
   );
@@ -3911,13 +3816,98 @@ function useCfgAccountsOtpRequestCreate(config) {
 __name(useCfgAccountsOtpRequestCreate, "useCfgAccountsOtpRequestCreate");
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOtpVerifyCreate.ts
-import useSWRMutation5 from "swr/mutation";
+import useSWRMutation7 from "swr/mutation";
+
+// src/_api/generated/_cfg_accounts/schemas/OTPVerifyResponse.ts
+import { z as z14 } from "zod";
+
+// src/_api/generated/_cfg_accounts/schemas/User.ts
+import { z as z13 } from "zod";
+
+// src/_api/generated/_cfg_accounts/schemas/CentrifugoToken.ts
+import { z as z12 } from "zod";
+var CentrifugoTokenSchema = z12.object({
+  token: z12.string(),
+  centrifugo_url: z12.string(),
+  expires_at: z12.string().datetime({ offset: true }),
+  channels: z12.array(z12.string())
+});
+
+// src/_api/generated/_cfg_accounts/schemas/User.ts
+var UserSchema = z13.object({
+  id: z13.number().int(),
+  email: z13.email(),
+  first_name: z13.string().max(50).optional(),
+  last_name: z13.string().max(50).optional(),
+  full_name: z13.string(),
+  initials: z13.string(),
+  display_username: z13.string(),
+  company: z13.string().max(100).optional(),
+  phone: z13.string().max(20).optional(),
+  position: z13.string().max(100).optional(),
+  language: z13.string().max(10).optional(),
+  timezone: z13.string().max(64).optional(),
+  avatar: z13.string().nullable(),
+  is_staff: z13.boolean(),
+  is_superuser: z13.boolean(),
+  date_joined: z13.string().datetime({ offset: true }),
+  last_login: z13.string().datetime({ offset: true }).nullable(),
+  unanswered_messages_count: z13.number().int().default(0),
+  centrifugo: CentrifugoTokenSchema.nullable(),
+  api_key: z13.string().nullable()
+});
+
+// src/_api/generated/_cfg_accounts/schemas/OTPVerifyResponse.ts
+var OTPVerifyResponseSchema = z14.object({
+  requires_2fa: z14.boolean().default(false).optional(),
+  session_id: z14.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),
+  refresh: z14.string().nullable().optional(),
+  access: z14.string().nullable().optional(),
+  user: UserSchema.nullable().optional(),
+  should_prompt_2fa: z14.boolean().optional()
+});
+
+// src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOtpVerifyCreate.ts
 function useCfgAccountsOtpVerifyCreate(config) {
-  return useSWRMutation5(
+  return useSWRMutation7(
     ["cfg_accounts_otp_verify_create"],
     async (_key, { arg }) => {
-      const res = await Cfg.cfgAccountsOtpVerifyCreate({ ...arg, throwOnError: true });
-      return res.data;
+      const res = await CfgAccounts.cfgAccountsOtpVerifyCreate({ ...arg, throwOnError: true });
+      const data = res.data;
+      const parsed = OTPVerifyResponseSchema.safeParse(data);
+      if (!parsed.success) {
+        console.warn(
+          "[zod] response did not match schema",
+          {
+            operation: "cfg_accounts_otp_verify_create",
+            method: "POST",
+            path: "/cfg/accounts/otp/verify/",
+            issues: parsed.error.issues,
+            data
+          }
+        );
+        if (typeof window !== "undefined") {
+          try {
+            window.dispatchEvent(
+              new CustomEvent("zod-validation-error", {
+                detail: {
+                  operation: "cfg_accounts_otp_verify_create",
+                  method: "POST",
+                  path: "/cfg/accounts/otp/verify/",
+                  issues: parsed.error.issues,
+                  data,
+                  timestamp: /* @__PURE__ */ new Date()
+                },
+                bubbles: true,
+                cancelable: false
+              })
+            );
+          } catch {
+          }
+        }
+        return data;
+      }
+      return parsed.data;
     },
     config
   );
@@ -3925,13 +3915,47 @@ function useCfgAccountsOtpVerifyCreate(config) {
 __name(useCfgAccountsOtpVerifyCreate, "useCfgAccountsOtpVerifyCreate");
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileAvatarCreate.ts
-import useSWRMutation6 from "swr/mutation";
+import useSWRMutation8 from "swr/mutation";
 function useCfgAccountsProfileAvatarCreate(config) {
-  return useSWRMutation6(
+  return useSWRMutation8(
     ["cfg_accounts_profile_avatar_create"],
     async (_key, { arg }) => {
-      const res = await Cfg.cfgAccountsProfileAvatarCreate({ ...arg, throwOnError: true });
-      return res.data;
+      const res = await CfgAccountsProfile.cfgAccountsProfileAvatarCreate({ ...arg, throwOnError: true });
+      const data = res.data;
+      const parsed = UserSchema.safeParse(data);
+      if (!parsed.success) {
+        console.warn(
+          "[zod] response did not match schema",
+          {
+            operation: "cfg_accounts_profile_avatar_create",
+            method: "POST",
+            path: "/cfg/accounts/profile/avatar/",
+            issues: parsed.error.issues,
+            data
+          }
+        );
+        if (typeof window !== "undefined") {
+          try {
+            window.dispatchEvent(
+              new CustomEvent("zod-validation-error", {
+                detail: {
+                  operation: "cfg_accounts_profile_avatar_create",
+                  method: "POST",
+                  path: "/cfg/accounts/profile/avatar/",
+                  issues: parsed.error.issues,
+                  data,
+                  timestamp: /* @__PURE__ */ new Date()
+                },
+                bubbles: true,
+                cancelable: false
+              })
+            );
+          } catch {
+          }
+        }
+        return data;
+      }
+      return parsed.data;
     },
     config
   );
@@ -3939,19 +3963,60 @@ function useCfgAccountsProfileAvatarCreate(config) {
 __name(useCfgAccountsProfileAvatarCreate, "useCfgAccountsProfileAvatarCreate");
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileDeleteCreate.ts
-import useSWRMutation7 from "swr/mutation";
+import useSWRMutation9 from "swr/mutation";
+
+// src/_api/generated/_cfg_accounts/schemas/AccountDeleteResponse.ts
+import { z as z15 } from "zod";
+var AccountDeleteResponseSchema = z15.object({
+  success: z15.boolean(),
+  message: z15.string()
+});
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfilePartialPartialUpdate.ts
-import useSWRMutation8 from "swr/mutation";
+import useSWRMutation10 from "swr/mutation";
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfilePartialUpdate.ts
-import useSWRMutation9 from "swr/mutation";
+import useSWRMutation11 from "swr/mutation";
 function useCfgAccountsProfilePartialUpdate(config) {
-  return useSWRMutation9(
+  return useSWRMutation11(
     ["cfg_accounts_profile_partial_update"],
     async (_key, { arg }) => {
-      const res = await Cfg.cfgAccountsProfilePartialUpdate({ ...arg, throwOnError: true });
-      return res.data;
+      const res = await CfgAccountsProfile.cfgAccountsProfilePartialUpdate({ ...arg, throwOnError: true });
+      const data = res.data;
+      const parsed = UserSchema.safeParse(data);
+      if (!parsed.success) {
+        console.warn(
+          "[zod] response did not match schema",
+          {
+            operation: "cfg_accounts_profile_partial_update",
+            method: "PUT",
+            path: "/cfg/accounts/profile/partial/",
+            issues: parsed.error.issues,
+            data
+          }
+        );
+        if (typeof window !== "undefined") {
+          try {
+            window.dispatchEvent(
+              new CustomEvent("zod-validation-error", {
+                detail: {
+                  operation: "cfg_accounts_profile_partial_update",
+                  method: "PUT",
+                  path: "/cfg/accounts/profile/partial/",
+                  issues: parsed.error.issues,
+                  data,
+                  timestamp: /* @__PURE__ */ new Date()
+                },
+                bubbles: true,
+                cancelable: false
+              })
+            );
+          } catch {
+          }
+        }
+        return data;
+      }
+      return parsed.data;
     },
     config
   );
@@ -3959,19 +4024,53 @@ function useCfgAccountsProfilePartialUpdate(config) {
 __name(useCfgAccountsProfilePartialUpdate, "useCfgAccountsProfilePartialUpdate");
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileRetrieve.ts
-import useSWR3 from "swr";
+import useSWR4 from "swr";
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileUpdatePartialUpdate.ts
-import useSWRMutation10 from "swr/mutation";
+import useSWRMutation12 from "swr/mutation";
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileUpdateUpdate.ts
-import useSWRMutation11 from "swr/mutation";
+import useSWRMutation13 from "swr/mutation";
 function useCfgAccountsProfileUpdateUpdate(config) {
-  return useSWRMutation11(
+  return useSWRMutation13(
     ["cfg_accounts_profile_update_update"],
     async (_key, { arg }) => {
-      const res = await Cfg.cfgAccountsProfileUpdateUpdate({ ...arg, throwOnError: true });
-      return res.data;
+      const res = await CfgAccountsProfile.cfgAccountsProfileUpdateUpdate({ ...arg, throwOnError: true });
+      const data = res.data;
+      const parsed = UserSchema.safeParse(data);
+      if (!parsed.success) {
+        console.warn(
+          "[zod] response did not match schema",
+          {
+            operation: "cfg_accounts_profile_update_update",
+            method: "PUT",
+            path: "/cfg/accounts/profile/update/",
+            issues: parsed.error.issues,
+            data
+          }
+        );
+        if (typeof window !== "undefined") {
+          try {
+            window.dispatchEvent(
+              new CustomEvent("zod-validation-error", {
+                detail: {
+                  operation: "cfg_accounts_profile_update_update",
+                  method: "PUT",
+                  path: "/cfg/accounts/profile/update/",
+                  issues: parsed.error.issues,
+                  data,
+                  timestamp: /* @__PURE__ */ new Date()
+                },
+                bubbles: true,
+                cancelable: false
+              })
+            );
+          } catch {
+          }
+        }
+        return data;
+      }
+      return parsed.data;
     },
     config
   );
@@ -3979,206 +4078,155 @@ function useCfgAccountsProfileUpdateUpdate(config) {
 __name(useCfgAccountsProfileUpdateUpdate, "useCfgAccountsProfileUpdateUpdate");
 
 // src/_api/generated/_cfg_accounts/hooks/useCfgAccountsTokenRefreshCreate.ts
-import useSWRMutation12 from "swr/mutation";
+import useSWRMutation14 from "swr/mutation";
+
+// src/_api/generated/_cfg_accounts/schemas/TokenRefresh.ts
+import { z as z16 } from "zod";
+var TokenRefreshSchema = z16.object({
+  access: z16.string(),
+  refresh: z16.string()
+});
+
+// src/_api/generated/_cfg_accounts/hooks/useCfgAccountsTokenRefreshCreate.ts
 function useCfgAccountsTokenRefreshCreate(config) {
-  return useSWRMutation12(
+  return useSWRMutation14(
     ["cfg_accounts_token_refresh_create"],
     async (_key, { arg }) => {
-      const res = await Cfg.cfgAccountsTokenRefreshCreate({ ...arg, throwOnError: true });
-      return res.data;
+      const res = await CfgAccountsAuth.cfgAccountsTokenRefreshCreate({ ...arg, throwOnError: true });
+      const data = res.data;
+      const parsed = TokenRefreshSchema.safeParse(data);
+      if (!parsed.success) {
+        console.warn(
+          "[zod] response did not match schema",
+          {
+            operation: "cfg_accounts_token_refresh_create",
+            method: "POST",
+            path: "/cfg/accounts/token/refresh/",
+            issues: parsed.error.issues,
+            data
+          }
+        );
+        if (typeof window !== "undefined") {
+          try {
+            window.dispatchEvent(
+              new CustomEvent("zod-validation-error", {
+                detail: {
+                  operation: "cfg_accounts_token_refresh_create",
+                  method: "POST",
+                  path: "/cfg/accounts/token/refresh/",
+                  issues: parsed.error.issues,
+                  data,
+                  timestamp: /* @__PURE__ */ new Date()
+                },
+                bubbles: true,
+                cancelable: false
+              })
+            );
+          } catch {
+          }
+        }
+        return data;
+      }
+      return parsed.data;
     },
     config
   );
 }
 __name(useCfgAccountsTokenRefreshCreate, "useCfgAccountsTokenRefreshCreate");
 
-// src/_api/generated/_cfg_accounts/schemas/AccountDeleteResponse.ts
-import { z } from "zod";
-var AccountDeleteResponseSchema = z.object({
-  message: z.string(),
-  success: z.boolean()
+// src/_api/generated/_cfg_accounts/schemas/APIKeyRequest.ts
+import { z as z17 } from "zod";
+var APIKeyRequestSchema = z17.object({
+  key: z17.string().min(1),
+  reissued_at: z17.string().datetime({ offset: true }).nullable(),
+  created_at: z17.string().datetime({ offset: true })
 });
 
-// src/_api/generated/_cfg_accounts/schemas/CentrifugoToken.ts
-import { z as z2 } from "zod";
-var CentrifugoTokenSchema = z2.object({
-  centrifugo_url: z2.string(),
-  channels: z2.array(z2.string()),
-  expires_at: z2.string().datetime({ offset: true }),
-  token: z2.string()
+// src/_api/generated/_cfg_accounts/schemas/APIKeyTestRequest.ts
+import { z as z18 } from "zod";
+var APIKeyTestRequestSchema = z18.object({
+  key: z18.string().min(1)
 });
 
 // src/_api/generated/_cfg_accounts/schemas/CfgUserUpdateRequest.ts
-import { z as z3 } from "zod";
-var CfgUserUpdateRequestSchema = z3.object({
-  company: z3.string().max(100).optional(),
-  first_name: z3.string().max(50).optional(),
-  language: z3.string().max(10).optional(),
-  last_name: z3.string().max(50).optional(),
-  phone: z3.string().max(20).optional(),
-  position: z3.string().max(100).optional()
+import { z as z19 } from "zod";
+var CfgUserUpdateRequestSchema = z19.object({
+  first_name: z19.string().max(50).optional(),
+  last_name: z19.string().max(50).optional(),
+  company: z19.string().max(100).optional(),
+  phone: z19.string().max(20).optional(),
+  position: z19.string().max(100).optional(),
+  language: z19.string().max(10).optional(),
+  timezone: z19.string().max(64).optional()
 });
 
 // src/_api/generated/_cfg_accounts/schemas/OAuthAuthorizeRequestRequest.ts
-import { z as z4 } from "zod";
-var OAuthAuthorizeRequestRequestSchema = z4.object({
-  redirect_uri: z4.string().optional(),
-  source_url: z4.string().optional()
-});
-
-// src/_api/generated/_cfg_accounts/schemas/OAuthAuthorizeResponse.ts
-import { z as z5 } from "zod";
-var OAuthAuthorizeResponseSchema = z5.object({
-  authorization_url: z5.string(),
-  state: z5.string()
+import { z as z20 } from "zod";
+var OAuthAuthorizeRequestRequestSchema = z20.object({
+  redirect_uri: z20.string().optional(),
+  source_url: z20.string().optional()
 });
 
 // src/_api/generated/_cfg_accounts/schemas/OAuthCallbackRequestRequest.ts
-import { z as z6 } from "zod";
-var OAuthCallbackRequestRequestSchema = z6.object({
-  code: z6.string().min(10).max(500),
-  redirect_uri: z6.string().optional(),
-  state: z6.string().min(20).max(100)
-});
-
-// src/_api/generated/_cfg_accounts/schemas/OAuthConnection.ts
-import { z as z8 } from "zod";
-
-// src/_api/generated/_cfg_accounts/schemas/ProviderEnum.ts
-import { z as z7 } from "zod";
-var ProviderEnumSchema = z7.enum(["github"]);
-
-// src/_api/generated/_cfg_accounts/schemas/OAuthConnection.ts
-var OAuthConnectionSchema = z8.object({
-  connected_at: z8.string().datetime({ offset: true }),
-  id: z8.number().int(),
-  last_login_at: z8.string().datetime({ offset: true }),
-  provider: ProviderEnumSchema,
-  provider_avatar_url: z8.string(),
-  provider_display: z8.string(),
-  provider_email: z8.email(),
-  provider_username: z8.string()
+import { z as z21 } from "zod";
+var OAuthCallbackRequestRequestSchema = z21.object({
+  code: z21.string().min(10).max(500),
+  state: z21.string().min(20).max(100),
+  redirect_uri: z21.string().optional()
 });
 
 // src/_api/generated/_cfg_accounts/schemas/OAuthDisconnectRequestRequest.ts
-import { z as z9 } from "zod";
-var OAuthDisconnectRequestRequestSchema = z9.object({
-  provider: ProviderEnumSchema
+import { z as z22 } from "zod";
+var OAuthDisconnectRequestRequestSchema = z22.object({
+  provider: OAuthProviderEnumSchema
 });
 
 // src/_api/generated/_cfg_accounts/schemas/OAuthError.ts
-import { z as z10 } from "zod";
-var OAuthErrorSchema = z10.object({
-  error: z10.string(),
-  error_description: z10.string().optional()
-});
-
-// src/_api/generated/_cfg_accounts/schemas/OAuthProvidersResponse.ts
-import { z as z11 } from "zod";
-var OAuthProvidersResponseSchema = z11.object({
-  providers: z11.array(z11.object({}).passthrough())
-});
-
-// src/_api/generated/_cfg_accounts/schemas/OAuthTokenResponse.ts
-import { z as z12 } from "zod";
-var OAuthTokenResponseSchema = z12.object({
-  access: z12.string().nullable().optional(),
-  is_new_connection: z12.boolean(),
-  is_new_user: z12.boolean(),
-  refresh: z12.string().nullable().optional(),
-  requires_2fa: z12.boolean().default(false).optional(),
-  session_id: z12.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),
-  should_prompt_2fa: z12.boolean().optional(),
-  user: z12.object({}).passthrough().nullable().optional()
+import { z as z23 } from "zod";
+var OAuthErrorSchema = z23.object({
+  error: z23.string(),
+  error_description: z23.string().optional()
 });
 
 // src/_api/generated/_cfg_accounts/schemas/OTPErrorResponse.ts
-import { z as z13 } from "zod";
-var OTPErrorResponseSchema = z13.object({
-  error: z13.string(),
-  error_code: z13.string().nullable().optional(),
-  retry_after: z13.number().int().nullable().optional()
+import { z as z24 } from "zod";
+var OTPErrorResponseSchema = z24.object({
+  error: z24.string(),
+  error_code: z24.string().nullable().optional(),
+  retry_after: z24.number().int().nullable().optional()
 });
 
 // src/_api/generated/_cfg_accounts/schemas/OTPRequestRequest.ts
-import { z as z14 } from "zod";
-var OTPRequestRequestSchema = z14.object({
-  identifier: z14.string().min(1),
-  source_url: z14.string().optional()
-});
-
-// src/_api/generated/_cfg_accounts/schemas/OTPRequestResponse.ts
-import { z as z15 } from "zod";
-var OTPRequestResponseSchema = z15.object({
-  message: z15.string()
+import { z as z25 } from "zod";
+var OTPRequestRequestSchema = z25.object({
+  identifier: z25.string().min(1),
+  source_url: z25.string().optional()
 });
 
 // src/_api/generated/_cfg_accounts/schemas/OTPVerifyRequest.ts
-import { z as z16 } from "zod";
-var OTPVerifyRequestSchema = z16.object({
-  identifier: z16.string().min(1),
-  otp: z16.string().min(6).max(6),
-  source_url: z16.string().optional()
-});
-
-// src/_api/generated/_cfg_accounts/schemas/OTPVerifyResponse.ts
-import { z as z18 } from "zod";
-
-// src/_api/generated/_cfg_accounts/schemas/User.ts
-import { z as z17 } from "zod";
-var UserSchema = z17.object({
-  avatar: z17.string().nullable(),
-  centrifugo: CentrifugoTokenSchema.nullable(),
-  company: z17.string().max(100).optional(),
-  date_joined: z17.string().datetime({ offset: true }),
-  display_username: z17.string(),
-  email: z17.email(),
-  first_name: z17.string().max(50).optional(),
-  full_name: z17.string(),
-  id: z17.number().int(),
-  initials: z17.string(),
-  is_staff: z17.boolean(),
-  is_superuser: z17.boolean(),
-  language: z17.string().max(10).optional(),
-  last_login: z17.string().datetime({ offset: true }).nullable(),
-  last_name: z17.string().max(50).optional(),
-  phone: z17.string().max(20).optional(),
-  position: z17.string().max(100).optional(),
-  unanswered_messages_count: z17.number().int().default(0)
-});
-
-// src/_api/generated/_cfg_accounts/schemas/OTPVerifyResponse.ts
-var OTPVerifyResponseSchema = z18.object({
-  access: z18.string().nullable().optional(),
-  refresh: z18.string().nullable().optional(),
-  requires_2fa: z18.boolean().default(false).optional(),
-  session_id: z18.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),
-  should_prompt_2fa: z18.boolean().optional(),
-  user: UserSchema.nullable().optional()
+import { z as z26 } from "zod";
+var OTPVerifyRequestSchema = z26.object({
+  identifier: z26.string().min(1),
+  otp: z26.string().min(4).max(4),
+  source_url: z26.string().optional()
 });
 
 // src/_api/generated/_cfg_accounts/schemas/PatchedCfgUserUpdateRequest.ts
-import { z as z19 } from "zod";
-var PatchedCfgUserUpdateRequestSchema = z19.object({
-  company: z19.string().max(100).optional(),
-  first_name: z19.string().max(50).optional(),
-  language: z19.string().max(10).optional(),
-  last_name: z19.string().max(50).optional(),
-  phone: z19.string().max(20).optional(),
-  position: z19.string().max(100).optional()
-});
-
-// src/_api/generated/_cfg_accounts/schemas/TokenRefresh.ts
-import { z as z20 } from "zod";
-var TokenRefreshSchema = z20.object({
-  access: z20.string(),
-  refresh: z20.string()
+import { z as z27 } from "zod";
+var PatchedCfgUserUpdateRequestSchema = z27.object({
+  first_name: z27.string().max(50).optional(),
+  last_name: z27.string().max(50).optional(),
+  company: z27.string().max(100).optional(),
+  phone: z27.string().max(20).optional(),
+  position: z27.string().max(100).optional(),
+  language: z27.string().max(10).optional(),
+  timezone: z27.string().max(64).optional()
 });
 
 // src/_api/generated/_cfg_accounts/schemas/TokenRefreshRequest.ts
-import { z as z21 } from "zod";
-var TokenRefreshRequestSchema = z21.object({
-  refresh: z21.string().min(1)
+import { z as z28 } from "zod";
+var TokenRefreshRequestSchema = z28.object({
+  refresh: z28.string().min(1)
 });
 
 // src/auth/context/AccountsContext.tsx
@@ -4216,7 +4264,7 @@ function AccountsProvider({ children }) {
     setProfileError(null);
     try {
       authLogger.debug(`Fetching profile from API (caller: ${callerId}, force: ${force})`);
-      const res = await UserProfile.cfgAccountsProfileRetrieve({ throwOnError: true });
+      const res = await CfgAccountsProfile.cfgAccountsProfileRetrieve({ throwOnError: true });
       const result = res.data;
       setProfile(result);
       profileRef.current = result;
@@ -4282,7 +4330,7 @@ function AccountsProvider({ children }) {
     setProfileError(null);
     clearProfileCache();
   }, []);
-  const value = {
+  const value = useMemo2(() => ({
     profile,
     isLoadingProfile,
     profileError,
@@ -4294,7 +4342,19 @@ function AccountsProvider({ children }) {
     verifyOTP,
     refreshToken,
     logout
-  };
+  }), [
+    profile,
+    isLoadingProfile,
+    profileError,
+    updateProfile,
+    partialUpdateProfile,
+    uploadAvatar,
+    refreshProfile,
+    requestOTP,
+    verifyOTP,
+    refreshToken,
+    logout
+  ]);
   return /* @__PURE__ */ jsx(AccountsContext.Provider, { value, children });
 }
 __name(AccountsProvider, "AccountsProvider");
@@ -4387,7 +4447,7 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
       router.hardReplace(authCallbackUrl);
     }
   }, [clearAuthState, router]);
-  const swrConfig = useMemo2(() => ({ onError: swrOnError }), [swrOnError]);
+  const swrConfig = useMemo3(() => ({ onError: swrOnError }), [swrOnError]);
   const loadCurrentProfile = useCallback12(async (callerId) => {
     const finalCallerId = callerId || "AuthContext.loadCurrentProfile";
     if (isLoadingProfileRef.current) {
@@ -4671,7 +4731,7 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
     const authCallbackUrl = config?.routes?.defaultAuthCallback || defaultRoutes.defaultAuthCallback;
     router.hardReplace(authCallbackUrl);
   }, [accounts, config?.routes?.defaultAuthCallback, router]);
-  const isAdminUser = useMemo2(() => {
+  const isAdminUser = useMemo3(() => {
     return Boolean(user?.is_staff || user?.is_superuser);
   }, [user]);
   const updateProfile = useCallback12(
@@ -4688,7 +4748,7 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
     },
     [accounts]
   );
-  const value = useMemo2(
+  const value = useMemo3(
     () => ({
       user,
       isLoading,
@@ -4735,9 +4795,11 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
   );
   return /* @__PURE__ */ jsx2(AuthContext.Provider, { value, children: /* @__PURE__ */ jsx2(SWRConfig, { value: swrConfig, children }) });
 }, "AuthProviderInternal");
-var AuthProvider = /* @__PURE__ */ __name(({ children, config }) => {
+function AuthProviderRaw({ children, config }) {
   return /* @__PURE__ */ jsx2(AccountsProvider, { children: /* @__PURE__ */ jsx2(AuthProviderInternal, { config, children }) });
-}, "AuthProvider");
+}
+__name(AuthProviderRaw, "AuthProviderRaw");
+var AuthProvider = memo2(AuthProviderRaw);
 var defaultAuthState = {
   user: null,
   isLoading: false,