@djangocfg/api 2.1.426 → 2.1.428

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/README.md +56 -0
  2. package/dist/auth-server.cjs +248 -32
  3. package/dist/auth-server.cjs.map +1 -1
  4. package/dist/auth-server.mjs +248 -32
  5. package/dist/auth-server.mjs.map +1 -1
  6. package/dist/auth.cjs +271 -29
  7. package/dist/auth.cjs.map +1 -1
  8. package/dist/auth.mjs +271 -29
  9. package/dist/auth.mjs.map +1 -1
  10. package/dist/clients.cjs +222 -25
  11. package/dist/clients.cjs.map +1 -1
  12. package/dist/clients.d.cts +35 -28
  13. package/dist/clients.d.ts +35 -28
  14. package/dist/clients.mjs +222 -25
  15. package/dist/clients.mjs.map +1 -1
  16. package/dist/hooks.cjs +117 -4
  17. package/dist/hooks.cjs.map +1 -1
  18. package/dist/hooks.mjs +117 -4
  19. package/dist/hooks.mjs.map +1 -1
  20. package/dist/index.cjs +277 -26
  21. package/dist/index.cjs.map +1 -1
  22. package/dist/index.d.cts +98 -29
  23. package/dist/index.d.ts +98 -29
  24. package/dist/index.mjs +277 -26
  25. package/dist/index.mjs.map +1 -1
  26. package/package.json +2 -2
  27. package/src/_api/generated/client/index.ts +1 -0
  28. package/src/_api/generated/client/utils.gen.ts +2 -2
  29. package/src/_api/generated/client.gen.ts +2 -2
  30. package/src/_api/generated/core/auth.gen.ts +7 -0
  31. package/src/_api/generated/core/params.gen.ts +10 -8
  32. package/src/_api/generated/core/pathSerializer.gen.ts +6 -6
  33. package/src/_api/generated/core/queryKeySerializer.gen.ts +1 -1
  34. package/src/_api/generated/core/utils.gen.ts +4 -4
  35. package/src/_api/generated/helpers/auth.ts +127 -1
  36. package/src/_api/generated/sdk.gen.ts +149 -53
  37. package/src/auth/context/AuthContext.tsx +8 -0
  38. package/src/auth/utils/env.ts +18 -0
  39. package/src/auth/utils/logger.ts +11 -4
  40. package/src/index.ts +12 -0
  41. package/src/log-control.ts +81 -0
package/dist/index.mjs CHANGED
@@ -304,6 +304,99 @@ async function tryRefresh() {
304
304
  return _refreshInflight;
305
305
  }
306
306
  __name(tryRefresh, "tryRefresh");
307
+ function dpopEnabled() {
308
+ try {
309
+ return typeof process !== "undefined" && process.env?.NEXT_PUBLIC_DPOP_ENABLED === "true";
310
+ } catch {
311
+ return false;
312
+ }
313
+ }
314
+ __name(dpopEnabled, "dpopEnabled");
315
+ var _DPOP_DB = "cfg-auth";
316
+ var _DPOP_STORE = "keys";
317
+ var _DPOP_KEY_ID = "dpop-ec-p256";
318
+ function _idbOpen() {
319
+ return new Promise((resolve, reject) => {
320
+ const req = indexedDB.open(_DPOP_DB, 1);
321
+ req.onupgradeneeded = () => req.result.createObjectStore(_DPOP_STORE);
322
+ req.onsuccess = () => resolve(req.result);
323
+ req.onerror = () => reject(req.error);
324
+ });
325
+ }
326
+ __name(_idbOpen, "_idbOpen");
327
+ function _idbGet(key) {
328
+ return _idbOpen().then((db) => new Promise((resolve, reject) => {
329
+ const tx = db.transaction(_DPOP_STORE, "readonly");
330
+ const req = tx.objectStore(_DPOP_STORE).get(key);
331
+ req.onsuccess = () => resolve(req.result);
332
+ req.onerror = () => reject(req.error);
333
+ }));
334
+ }
335
+ __name(_idbGet, "_idbGet");
336
+ function _idbPut(key, value) {
337
+ return _idbOpen().then((db) => new Promise((resolve, reject) => {
338
+ const tx = db.transaction(_DPOP_STORE, "readwrite");
339
+ tx.objectStore(_DPOP_STORE).put(value, key);
340
+ tx.oncomplete = () => resolve();
341
+ tx.onerror = () => reject(tx.error);
342
+ }));
343
+ }
344
+ __name(_idbPut, "_idbPut");
345
+ var _dpopKeyPromise = null;
346
+ function _getDpopKeyPair() {
347
+ if (_dpopKeyPromise) return _dpopKeyPromise;
348
+ _dpopKeyPromise = (async () => {
349
+ const existing = await _idbGet(_DPOP_KEY_ID).catch(() => void 0);
350
+ if (existing) return existing;
351
+ const pair = await crypto.subtle.generateKey(
352
+ { name: "ECDSA", namedCurve: "P-256" },
353
+ false,
354
+ // extractable:false — JS can sign but never export the private key
355
+ ["sign"]
356
+ );
357
+ await _idbPut(_DPOP_KEY_ID, pair).catch(() => {
358
+ });
359
+ return pair;
360
+ })();
361
+ return _dpopKeyPromise;
362
+ }
363
+ __name(_getDpopKeyPair, "_getDpopKeyPair");
364
+ function _b64urlFromBytes(bytes) {
365
+ const arr = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes);
366
+ let s = "";
367
+ for (let i = 0; i < arr.length; i++) s += String.fromCharCode(arr[i]);
368
+ return btoa(s).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
369
+ }
370
+ __name(_b64urlFromBytes, "_b64urlFromBytes");
371
+ function _b64urlFromString(str) {
372
+ return _b64urlFromBytes(new TextEncoder().encode(str));
373
+ }
374
+ __name(_b64urlFromString, "_b64urlFromString");
375
+ async function _publicJwk(pub) {
376
+ const jwk = await crypto.subtle.exportKey("jwk", pub);
377
+ return { kty: "EC", crv: "P-256", x: jwk.x, y: jwk.y };
378
+ }
379
+ __name(_publicJwk, "_publicJwk");
380
+ async function _makeDpopProof(method, url) {
381
+ try {
382
+ const pair = await _getDpopKeyPair();
383
+ const jwk = await _publicJwk(pair.publicKey);
384
+ const header = { typ: "dpop+jwt", alg: "ES256", jwk };
385
+ const htu = url.split("#")[0].split("?")[0];
386
+ const jti = crypto.randomUUID && crypto.randomUUID() || _b64urlFromBytes(crypto.getRandomValues(new Uint8Array(16)));
387
+ const payload = { htm: method.toUpperCase(), htu, iat: Math.floor(Date.now() / 1e3), jti };
388
+ const signingInput = `${_b64urlFromString(JSON.stringify(header))}.${_b64urlFromString(JSON.stringify(payload))}`;
389
+ const sig = await crypto.subtle.sign(
390
+ { name: "ECDSA", hash: "SHA-256" },
391
+ pair.privateKey,
392
+ new TextEncoder().encode(signingInput)
393
+ );
394
+ return `${signingInput}.${_b64urlFromBytes(sig)}`;
395
+ } catch {
396
+ return null;
397
+ }
398
+ }
399
+ __name(_makeDpopProof, "_makeDpopProof");
307
400
  function installAuthOnClient(client2) {
308
401
  if (_client) return;
309
402
  _client = client2;
@@ -311,7 +404,7 @@ function installAuthOnClient(client2) {
311
404
  baseUrl: auth.getBaseUrl(),
312
405
  credentials: _withCredentials ? "include" : "same-origin"
313
406
  });
314
- client2.interceptors.request.use((request) => {
407
+ client2.interceptors.request.use(async (request) => {
315
408
  const token = auth.getToken();
316
409
  if (token) request.headers.set("Authorization", `Bearer ${token}`);
317
410
  const locale = auth.getLocale();
@@ -324,6 +417,10 @@ function installAuthOnClient(client2) {
324
417
  } catch {
325
418
  }
326
419
  request.headers.set("X-Client-Time", (/* @__PURE__ */ new Date()).toISOString());
420
+ if (dpopEnabled() && typeof window !== "undefined") {
421
+ const proof = await _makeDpopProof(request.method, request.url);
422
+ if (proof) request.headers.set("DPoP", proof);
423
+ }
327
424
  return request;
328
425
  });
329
426
  client2.interceptors.error.use((err, res, req) => {
@@ -357,6 +454,10 @@ function installAuthOnClient(client2) {
357
454
  const retry = request.clone();
358
455
  retry.headers.set("Authorization", `Bearer ${newToken}`);
359
456
  retry.headers.set(RETRY_MARKER, "1");
457
+ if (dpopEnabled() && typeof window !== "undefined") {
458
+ const proof = await _makeDpopProof(retry.method, retry.url);
459
+ if (proof) retry.headers.set("DPoP", proof);
460
+ }
360
461
  try {
361
462
  const retried = await fetch(retry);
362
463
  if (retried.status === 401 && _onUnauthorized) {
@@ -1306,7 +1407,11 @@ var CfgAccountsApiKey = class {
1306
1407
  static cfgAccountsApiKeyRetrieve(options) {
1307
1408
  return (options?.client ?? client).get({
1308
1409
  security: [
1309
- { scheme: "bearer", type: "http" },
1410
+ {
1411
+ key: "jwtAuth",
1412
+ scheme: "bearer",
1413
+ type: "http"
1414
+ },
1310
1415
  {
1311
1416
  in: "cookie",
1312
1417
  name: "sessionid",
@@ -1326,7 +1431,11 @@ var CfgAccountsApiKey = class {
1326
1431
  static cfgAccountsApiKeyRegenerateCreate(options) {
1327
1432
  return (options.client ?? client).post({
1328
1433
  security: [
1329
- { scheme: "bearer", type: "http" },
1434
+ {
1435
+ key: "jwtAuth",
1436
+ scheme: "bearer",
1437
+ type: "http"
1438
+ },
1330
1439
  {
1331
1440
  in: "cookie",
1332
1441
  name: "sessionid",
@@ -1350,7 +1459,11 @@ var CfgAccountsApiKey = class {
1350
1459
  static cfgAccountsApiKeyTestCreate(options) {
1351
1460
  return (options.client ?? client).post({
1352
1461
  security: [
1353
- { scheme: "bearer", type: "http" },
1462
+ {
1463
+ key: "jwtAuth",
1464
+ scheme: "bearer",
1465
+ type: "http"
1466
+ },
1354
1467
  {
1355
1468
  in: "cookie",
1356
1469
  name: "sessionid",
@@ -1378,7 +1491,11 @@ var CfgAccountsOauth = class {
1378
1491
  */
1379
1492
  static cfgAccountsOauthConnectionsList(options) {
1380
1493
  return (options?.client ?? client).get({
1381
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1494
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1495
+ key: "jwtAuthWithLastLogin",
1496
+ scheme: "bearer",
1497
+ type: "http"
1498
+ }],
1382
1499
  url: "/cfg/accounts/oauth/connections/",
1383
1500
  ...options
1384
1501
  });
@@ -1390,7 +1507,11 @@ var CfgAccountsOauth = class {
1390
1507
  */
1391
1508
  static cfgAccountsOauthDisconnectCreate(options) {
1392
1509
  return (options.client ?? client).post({
1393
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1510
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1511
+ key: "jwtAuthWithLastLogin",
1512
+ scheme: "bearer",
1513
+ type: "http"
1514
+ }],
1394
1515
  url: "/cfg/accounts/oauth/disconnect/",
1395
1516
  ...options,
1396
1517
  headers: {
@@ -1447,7 +1568,11 @@ var CfgAccounts = class {
1447
1568
  */
1448
1569
  static cfgAccountsOtpRequestCreate(options) {
1449
1570
  return (options.client ?? client).post({
1450
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1571
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1572
+ key: "jwtAuthWithLastLogin",
1573
+ scheme: "bearer",
1574
+ type: "http"
1575
+ }],
1451
1576
  url: "/cfg/accounts/otp/request/",
1452
1577
  ...options,
1453
1578
  headers: {
@@ -1468,7 +1593,11 @@ var CfgAccounts = class {
1468
1593
  */
1469
1594
  static cfgAccountsOtpVerifyCreate(options) {
1470
1595
  return (options.client ?? client).post({
1471
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1596
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1597
+ key: "jwtAuthWithLastLogin",
1598
+ scheme: "bearer",
1599
+ type: "http"
1600
+ }],
1472
1601
  url: "/cfg/accounts/otp/verify/",
1473
1602
  ...options,
1474
1603
  headers: {
@@ -1489,7 +1618,11 @@ var CfgAccountsProfile = class {
1489
1618
  */
1490
1619
  static cfgAccountsProfileRetrieve(options) {
1491
1620
  return (options?.client ?? client).get({
1492
- security: [{ scheme: "bearer", type: "http" }, {
1621
+ security: [{
1622
+ key: "jwtAuth",
1623
+ scheme: "bearer",
1624
+ type: "http"
1625
+ }, {
1493
1626
  in: "cookie",
1494
1627
  name: "sessionid",
1495
1628
  type: "apiKey"
@@ -1506,7 +1639,11 @@ var CfgAccountsProfile = class {
1506
1639
  static cfgAccountsProfileAvatarCreate(options) {
1507
1640
  return (options?.client ?? client).post({
1508
1641
  ...formDataBodySerializer,
1509
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1642
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1643
+ key: "jwtAuthWithLastLogin",
1644
+ scheme: "bearer",
1645
+ type: "http"
1646
+ }],
1510
1647
  url: "/cfg/accounts/profile/avatar/",
1511
1648
  ...options,
1512
1649
  headers: {
@@ -1532,7 +1669,11 @@ var CfgAccountsProfile = class {
1532
1669
  */
1533
1670
  static cfgAccountsProfileDeleteCreate(options) {
1534
1671
  return (options?.client ?? client).post({
1535
- security: [{ scheme: "bearer", type: "http" }, {
1672
+ security: [{
1673
+ key: "jwtAuth",
1674
+ scheme: "bearer",
1675
+ type: "http"
1676
+ }, {
1536
1677
  in: "cookie",
1537
1678
  name: "sessionid",
1538
1679
  type: "apiKey"
@@ -1548,7 +1689,11 @@ var CfgAccountsProfile = class {
1548
1689
  */
1549
1690
  static cfgAccountsProfilePartialPartialUpdate(options) {
1550
1691
  return (options?.client ?? client).patch({
1551
- security: [{ scheme: "bearer", type: "http" }, {
1692
+ security: [{
1693
+ key: "jwtAuth",
1694
+ scheme: "bearer",
1695
+ type: "http"
1696
+ }, {
1552
1697
  in: "cookie",
1553
1698
  name: "sessionid",
1554
1699
  type: "apiKey"
@@ -1568,7 +1713,11 @@ var CfgAccountsProfile = class {
1568
1713
  */
1569
1714
  static cfgAccountsProfilePartialUpdate(options) {
1570
1715
  return (options?.client ?? client).put({
1571
- security: [{ scheme: "bearer", type: "http" }, {
1716
+ security: [{
1717
+ key: "jwtAuth",
1718
+ scheme: "bearer",
1719
+ type: "http"
1720
+ }, {
1572
1721
  in: "cookie",
1573
1722
  name: "sessionid",
1574
1723
  type: "apiKey"
@@ -1588,7 +1737,11 @@ var CfgAccountsProfile = class {
1588
1737
  */
1589
1738
  static cfgAccountsProfileUpdatePartialUpdate(options) {
1590
1739
  return (options?.client ?? client).patch({
1591
- security: [{ scheme: "bearer", type: "http" }, {
1740
+ security: [{
1741
+ key: "jwtAuth",
1742
+ scheme: "bearer",
1743
+ type: "http"
1744
+ }, {
1592
1745
  in: "cookie",
1593
1746
  name: "sessionid",
1594
1747
  type: "apiKey"
@@ -1608,7 +1761,11 @@ var CfgAccountsProfile = class {
1608
1761
  */
1609
1762
  static cfgAccountsProfileUpdateUpdate(options) {
1610
1763
  return (options?.client ?? client).put({
1611
- security: [{ scheme: "bearer", type: "http" }, {
1764
+ security: [{
1765
+ key: "jwtAuth",
1766
+ scheme: "bearer",
1767
+ type: "http"
1768
+ }, {
1612
1769
  in: "cookie",
1613
1770
  name: "sessionid",
1614
1771
  type: "apiKey"
@@ -1651,7 +1808,11 @@ var CfgCentrifugo = class {
1651
1808
  */
1652
1809
  static cfgCentrifugoAuthTokenRetrieve(options) {
1653
1810
  return (options?.client ?? client).get({
1654
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1811
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1812
+ key: "jwtAuthWithLastLogin",
1813
+ scheme: "bearer",
1814
+ type: "http"
1815
+ }],
1655
1816
  url: "/cfg/centrifugo/auth/token/",
1656
1817
  ...options
1657
1818
  });
@@ -1666,7 +1827,11 @@ var CfgTotpBackupCodes = class {
1666
1827
  */
1667
1828
  static cfgTotpBackupCodesRetrieve(options) {
1668
1829
  return (options?.client ?? client).get({
1669
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1830
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1831
+ key: "jwtAuthWithLastLogin",
1832
+ scheme: "bearer",
1833
+ type: "http"
1834
+ }],
1670
1835
  url: "/cfg/totp/backup-codes/",
1671
1836
  ...options
1672
1837
  });
@@ -1679,7 +1844,11 @@ var CfgTotpBackupCodes = class {
1679
1844
  */
1680
1845
  static cfgTotpBackupCodesRegenerateCreate(options) {
1681
1846
  return (options.client ?? client).post({
1682
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1847
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1848
+ key: "jwtAuthWithLastLogin",
1849
+ scheme: "bearer",
1850
+ type: "http"
1851
+ }],
1683
1852
  url: "/cfg/totp/backup-codes/regenerate/",
1684
1853
  ...options,
1685
1854
  headers: {
@@ -1698,7 +1867,11 @@ var CfgTotp = class {
1698
1867
  */
1699
1868
  static cfgTotpDevicesRetrieve(options) {
1700
1869
  return (options?.client ?? client).get({
1701
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1870
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1871
+ key: "jwtAuthWithLastLogin",
1872
+ scheme: "bearer",
1873
+ type: "http"
1874
+ }],
1702
1875
  url: "/cfg/totp/devices/",
1703
1876
  ...options
1704
1877
  });
@@ -1710,7 +1883,11 @@ var CfgTotp = class {
1710
1883
  */
1711
1884
  static cfgTotpDevicesDestroy(options) {
1712
1885
  return (options.client ?? client).delete({
1713
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1886
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1887
+ key: "jwtAuthWithLastLogin",
1888
+ scheme: "bearer",
1889
+ type: "http"
1890
+ }],
1714
1891
  url: "/cfg/totp/devices/{id}/",
1715
1892
  ...options
1716
1893
  });
@@ -1722,7 +1899,11 @@ var CfgTotp = class {
1722
1899
  */
1723
1900
  static cfgTotpDisableCreate(options) {
1724
1901
  return (options.client ?? client).post({
1725
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1902
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1903
+ key: "jwtAuthWithLastLogin",
1904
+ scheme: "bearer",
1905
+ type: "http"
1906
+ }],
1726
1907
  url: "/cfg/totp/disable/",
1727
1908
  ...options,
1728
1909
  headers: {
@@ -1743,7 +1924,11 @@ var CfgTotpSetup = class {
1743
1924
  */
1744
1925
  static cfgTotpSetupCreate(options) {
1745
1926
  return (options?.client ?? client).post({
1746
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1927
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1928
+ key: "jwtAuthWithLastLogin",
1929
+ scheme: "bearer",
1930
+ type: "http"
1931
+ }],
1747
1932
  url: "/cfg/totp/setup/",
1748
1933
  ...options,
1749
1934
  headers: {
@@ -1759,7 +1944,11 @@ var CfgTotpSetup = class {
1759
1944
  */
1760
1945
  static cfgTotpSetupConfirmCreate(options) {
1761
1946
  return (options.client ?? client).post({
1762
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1947
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1948
+ key: "jwtAuthWithLastLogin",
1949
+ scheme: "bearer",
1950
+ type: "http"
1951
+ }],
1763
1952
  url: "/cfg/totp/setup/confirm/",
1764
1953
  ...options,
1765
1954
  headers: {
@@ -1780,7 +1969,11 @@ var CfgTotpVerify = class {
1780
1969
  */
1781
1970
  static cfgTotpVerifyCreate(options) {
1782
1971
  return (options.client ?? client).post({
1783
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1972
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1973
+ key: "jwtAuthWithLastLogin",
1974
+ scheme: "bearer",
1975
+ type: "http"
1976
+ }],
1784
1977
  url: "/cfg/totp/verify/",
1785
1978
  ...options,
1786
1979
  headers: {
@@ -1796,7 +1989,11 @@ var CfgTotpVerify = class {
1796
1989
  */
1797
1990
  static cfgTotpVerifyBackupCreate(options) {
1798
1991
  return (options.client ?? client).post({
1799
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1992
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1993
+ key: "jwtAuthWithLastLogin",
1994
+ scheme: "bearer",
1995
+ type: "http"
1996
+ }],
1800
1997
  url: "/cfg/totp/verify/backup/",
1801
1998
  ...options,
1802
1999
  headers: {
@@ -2137,6 +2334,51 @@ var API3 = class {
2137
2334
  var CfgAccountsApi = new API();
2138
2335
  var CfgCentrifugoApi = new API2();
2139
2336
  var CfgTotpApi = new API3();
2337
+
2338
+ // src/auth/utils/env.ts
2339
+ var isDev = process.env.NODE_ENV === "development";
2340
+ var isProd = !isDev;
2341
+ var isBrowser2 = typeof window !== "undefined";
2342
+ var isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === "true";
2343
+ var dpopEnabled2 = process.env.NEXT_PUBLIC_DPOP_ENABLED === "true";
2344
+
2345
+ // src/log-control.ts
2346
+ var verboseByDefault = isDev || isStaticBuild;
2347
+ var DEFAULT_LEVEL = verboseByDefault ? 4 : 1;
2348
+ var _level = DEFAULT_LEVEL;
2349
+ var _subscribers = /* @__PURE__ */ new Set();
2350
+ function getLogLevel() {
2351
+ return _level;
2352
+ }
2353
+ __name(getLogLevel, "getLogLevel");
2354
+ function setLogLevel(level) {
2355
+ _level = level;
2356
+ for (const fn of _subscribers) {
2357
+ try {
2358
+ fn(level);
2359
+ } catch {
2360
+ }
2361
+ }
2362
+ }
2363
+ __name(setLogLevel, "setLogLevel");
2364
+ function onLogLevelChange(fn) {
2365
+ _subscribers.add(fn);
2366
+ try {
2367
+ fn(_level);
2368
+ } catch {
2369
+ }
2370
+ return () => _subscribers.delete(fn);
2371
+ }
2372
+ __name(onLogLevelChange, "onLogLevelChange");
2373
+ function applyRoleLogPolicy(opts) {
2374
+ const devMode = opts.isDev ?? verboseByDefault;
2375
+ if (opts.isAdmin || devMode) {
2376
+ setLogLevel(4);
2377
+ } else {
2378
+ setLogLevel(1);
2379
+ }
2380
+ }
2381
+ __name(applyRoleLogPolicy, "applyRoleLogPolicy");
2140
2382
  export {
2141
2383
  APIError,
2142
2384
  APILogger,
@@ -2161,10 +2403,19 @@ export {
2161
2403
  MemoryStorageAdapter,
2162
2404
  NetworkError,
2163
2405
  CfgAccountsApi as api,
2406
+ applyRoleLogPolicy,
2164
2407
  auth,
2165
2408
  defaultLogger,
2166
2409
  dispatchValidationError,
2410
+ dpopEnabled2 as dpopEnabled,
2167
2411
  formatZodError,
2168
- onValidationError
2412
+ getLogLevel,
2413
+ isBrowser2 as isBrowser,
2414
+ isDev,
2415
+ isProd,
2416
+ isStaticBuild,
2417
+ onLogLevelChange,
2418
+ onValidationError,
2419
+ setLogLevel
2169
2420
  };
2170
2421
  //# sourceMappingURL=index.mjs.map