@djangocfg/api 2.1.426 → 2.1.428

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/README.md +56 -0
  2. package/dist/auth-server.cjs +248 -32
  3. package/dist/auth-server.cjs.map +1 -1
  4. package/dist/auth-server.mjs +248 -32
  5. package/dist/auth-server.mjs.map +1 -1
  6. package/dist/auth.cjs +271 -29
  7. package/dist/auth.cjs.map +1 -1
  8. package/dist/auth.mjs +271 -29
  9. package/dist/auth.mjs.map +1 -1
  10. package/dist/clients.cjs +222 -25
  11. package/dist/clients.cjs.map +1 -1
  12. package/dist/clients.d.cts +35 -28
  13. package/dist/clients.d.ts +35 -28
  14. package/dist/clients.mjs +222 -25
  15. package/dist/clients.mjs.map +1 -1
  16. package/dist/hooks.cjs +117 -4
  17. package/dist/hooks.cjs.map +1 -1
  18. package/dist/hooks.mjs +117 -4
  19. package/dist/hooks.mjs.map +1 -1
  20. package/dist/index.cjs +277 -26
  21. package/dist/index.cjs.map +1 -1
  22. package/dist/index.d.cts +98 -29
  23. package/dist/index.d.ts +98 -29
  24. package/dist/index.mjs +277 -26
  25. package/dist/index.mjs.map +1 -1
  26. package/package.json +2 -2
  27. package/src/_api/generated/client/index.ts +1 -0
  28. package/src/_api/generated/client/utils.gen.ts +2 -2
  29. package/src/_api/generated/client.gen.ts +2 -2
  30. package/src/_api/generated/core/auth.gen.ts +7 -0
  31. package/src/_api/generated/core/params.gen.ts +10 -8
  32. package/src/_api/generated/core/pathSerializer.gen.ts +6 -6
  33. package/src/_api/generated/core/queryKeySerializer.gen.ts +1 -1
  34. package/src/_api/generated/core/utils.gen.ts +4 -4
  35. package/src/_api/generated/helpers/auth.ts +127 -1
  36. package/src/_api/generated/sdk.gen.ts +149 -53
  37. package/src/auth/context/AuthContext.tsx +8 -0
  38. package/src/auth/utils/env.ts +18 -0
  39. package/src/auth/utils/logger.ts +11 -4
  40. package/src/index.ts +12 -0
  41. package/src/log-control.ts +81 -0
package/dist/auth.mjs CHANGED
@@ -15,6 +15,8 @@ var AUTH_CONSTANTS = {
15
15
  // src/auth/utils/env.ts
16
16
  var isDev = process.env.NODE_ENV === "development";
17
17
  var isBrowser = typeof window !== "undefined";
18
+ var isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === "true";
19
+ var dpopEnabled = process.env.NEXT_PUBLIC_DPOP_ENABLED === "true";
18
20
 
19
21
  // src/auth/context/AuthContext.tsx
20
22
  import { usePathname as usePathname3 } from "next/navigation";
@@ -218,12 +220,52 @@ import { useCallback as useCallback5, useEffect as useEffect4, useRef as useRef3
218
220
 
219
221
  // src/auth/utils/logger.ts
220
222
  import { createConsola } from "consola";
221
- var isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === "true";
222
- var showLogs = isDev || isStaticBuild;
223
+
224
+ // src/log-control.ts
225
+ var verboseByDefault = isDev || isStaticBuild;
226
+ var DEFAULT_LEVEL = verboseByDefault ? 4 : 1;
227
+ var _level = DEFAULT_LEVEL;
228
+ var _subscribers = /* @__PURE__ */ new Set();
229
+ function getLogLevel() {
230
+ return _level;
231
+ }
232
+ __name(getLogLevel, "getLogLevel");
233
+ function setLogLevel(level) {
234
+ _level = level;
235
+ for (const fn of _subscribers) {
236
+ try {
237
+ fn(level);
238
+ } catch {
239
+ }
240
+ }
241
+ }
242
+ __name(setLogLevel, "setLogLevel");
243
+ function onLogLevelChange(fn) {
244
+ _subscribers.add(fn);
245
+ try {
246
+ fn(_level);
247
+ } catch {
248
+ }
249
+ return () => _subscribers.delete(fn);
250
+ }
251
+ __name(onLogLevelChange, "onLogLevelChange");
252
+ function applyRoleLogPolicy(opts) {
253
+ const devMode = opts.isDev ?? verboseByDefault;
254
+ if (opts.isAdmin || devMode) {
255
+ setLogLevel(4);
256
+ } else {
257
+ setLogLevel(1);
258
+ }
259
+ }
260
+ __name(applyRoleLogPolicy, "applyRoleLogPolicy");
261
+
262
+ // src/auth/utils/logger.ts
223
263
  var logger = createConsola({
224
- level: showLogs ? 4 : 1
225
- // dev: debug, production: errors only
264
+ level: getLogLevel()
226
265
  }).withTag("api");
266
+ onLogLevelChange((level) => {
267
+ logger.level = level;
268
+ });
227
269
  var authLogger = logger.withTag("auth");
228
270
 
229
271
  // src/auth/hooks/useAutoAuth.ts
@@ -565,6 +607,99 @@ async function tryRefresh() {
565
607
  return _refreshInflight;
566
608
  }
567
609
  __name(tryRefresh, "tryRefresh");
610
+ function dpopEnabled2() {
611
+ try {
612
+ return typeof process !== "undefined" && process.env?.NEXT_PUBLIC_DPOP_ENABLED === "true";
613
+ } catch {
614
+ return false;
615
+ }
616
+ }
617
+ __name(dpopEnabled2, "dpopEnabled");
618
+ var _DPOP_DB = "cfg-auth";
619
+ var _DPOP_STORE = "keys";
620
+ var _DPOP_KEY_ID = "dpop-ec-p256";
621
+ function _idbOpen() {
622
+ return new Promise((resolve, reject) => {
623
+ const req = indexedDB.open(_DPOP_DB, 1);
624
+ req.onupgradeneeded = () => req.result.createObjectStore(_DPOP_STORE);
625
+ req.onsuccess = () => resolve(req.result);
626
+ req.onerror = () => reject(req.error);
627
+ });
628
+ }
629
+ __name(_idbOpen, "_idbOpen");
630
+ function _idbGet(key) {
631
+ return _idbOpen().then((db) => new Promise((resolve, reject) => {
632
+ const tx = db.transaction(_DPOP_STORE, "readonly");
633
+ const req = tx.objectStore(_DPOP_STORE).get(key);
634
+ req.onsuccess = () => resolve(req.result);
635
+ req.onerror = () => reject(req.error);
636
+ }));
637
+ }
638
+ __name(_idbGet, "_idbGet");
639
+ function _idbPut(key, value) {
640
+ return _idbOpen().then((db) => new Promise((resolve, reject) => {
641
+ const tx = db.transaction(_DPOP_STORE, "readwrite");
642
+ tx.objectStore(_DPOP_STORE).put(value, key);
643
+ tx.oncomplete = () => resolve();
644
+ tx.onerror = () => reject(tx.error);
645
+ }));
646
+ }
647
+ __name(_idbPut, "_idbPut");
648
+ var _dpopKeyPromise = null;
649
+ function _getDpopKeyPair() {
650
+ if (_dpopKeyPromise) return _dpopKeyPromise;
651
+ _dpopKeyPromise = (async () => {
652
+ const existing = await _idbGet(_DPOP_KEY_ID).catch(() => void 0);
653
+ if (existing) return existing;
654
+ const pair = await crypto.subtle.generateKey(
655
+ { name: "ECDSA", namedCurve: "P-256" },
656
+ false,
657
+ // extractable:false — JS can sign but never export the private key
658
+ ["sign"]
659
+ );
660
+ await _idbPut(_DPOP_KEY_ID, pair).catch(() => {
661
+ });
662
+ return pair;
663
+ })();
664
+ return _dpopKeyPromise;
665
+ }
666
+ __name(_getDpopKeyPair, "_getDpopKeyPair");
667
+ function _b64urlFromBytes(bytes) {
668
+ const arr = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes);
669
+ let s = "";
670
+ for (let i = 0; i < arr.length; i++) s += String.fromCharCode(arr[i]);
671
+ return btoa(s).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
672
+ }
673
+ __name(_b64urlFromBytes, "_b64urlFromBytes");
674
+ function _b64urlFromString(str) {
675
+ return _b64urlFromBytes(new TextEncoder().encode(str));
676
+ }
677
+ __name(_b64urlFromString, "_b64urlFromString");
678
+ async function _publicJwk(pub) {
679
+ const jwk = await crypto.subtle.exportKey("jwk", pub);
680
+ return { kty: "EC", crv: "P-256", x: jwk.x, y: jwk.y };
681
+ }
682
+ __name(_publicJwk, "_publicJwk");
683
+ async function _makeDpopProof(method, url) {
684
+ try {
685
+ const pair = await _getDpopKeyPair();
686
+ const jwk = await _publicJwk(pair.publicKey);
687
+ const header = { typ: "dpop+jwt", alg: "ES256", jwk };
688
+ const htu = url.split("#")[0].split("?")[0];
689
+ const jti = crypto.randomUUID && crypto.randomUUID() || _b64urlFromBytes(crypto.getRandomValues(new Uint8Array(16)));
690
+ const payload = { htm: method.toUpperCase(), htu, iat: Math.floor(Date.now() / 1e3), jti };
691
+ const signingInput = `${_b64urlFromString(JSON.stringify(header))}.${_b64urlFromString(JSON.stringify(payload))}`;
692
+ const sig = await crypto.subtle.sign(
693
+ { name: "ECDSA", hash: "SHA-256" },
694
+ pair.privateKey,
695
+ new TextEncoder().encode(signingInput)
696
+ );
697
+ return `${signingInput}.${_b64urlFromBytes(sig)}`;
698
+ } catch {
699
+ return null;
700
+ }
701
+ }
702
+ __name(_makeDpopProof, "_makeDpopProof");
568
703
  function installAuthOnClient(client2) {
569
704
  if (_client) return;
570
705
  _client = client2;
@@ -572,7 +707,7 @@ function installAuthOnClient(client2) {
572
707
  baseUrl: auth.getBaseUrl(),
573
708
  credentials: _withCredentials ? "include" : "same-origin"
574
709
  });
575
- client2.interceptors.request.use((request) => {
710
+ client2.interceptors.request.use(async (request) => {
576
711
  const token = auth.getToken();
577
712
  if (token) request.headers.set("Authorization", `Bearer ${token}`);
578
713
  const locale = auth.getLocale();
@@ -585,6 +720,10 @@ function installAuthOnClient(client2) {
585
720
  } catch {
586
721
  }
587
722
  request.headers.set("X-Client-Time", (/* @__PURE__ */ new Date()).toISOString());
723
+ if (dpopEnabled2() && typeof window !== "undefined") {
724
+ const proof = await _makeDpopProof(request.method, request.url);
725
+ if (proof) request.headers.set("DPoP", proof);
726
+ }
588
727
  return request;
589
728
  });
590
729
  client2.interceptors.error.use((err, res, req) => {
@@ -618,6 +757,10 @@ function installAuthOnClient(client2) {
618
757
  const retry = request.clone();
619
758
  retry.headers.set("Authorization", `Bearer ${newToken}`);
620
759
  retry.headers.set(RETRY_MARKER, "1");
760
+ if (dpopEnabled2() && typeof window !== "undefined") {
761
+ const proof = await _makeDpopProof(retry.method, retry.url);
762
+ if (proof) retry.headers.set("DPoP", proof);
763
+ }
621
764
  try {
622
765
  const retried = await fetch(retry);
623
766
  if (retried.status === 401 && _onUnauthorized) {
@@ -1567,7 +1710,11 @@ var CfgAccountsApiKey = class {
1567
1710
  static cfgAccountsApiKeyRetrieve(options) {
1568
1711
  return (options?.client ?? client).get({
1569
1712
  security: [
1570
- { scheme: "bearer", type: "http" },
1713
+ {
1714
+ key: "jwtAuth",
1715
+ scheme: "bearer",
1716
+ type: "http"
1717
+ },
1571
1718
  {
1572
1719
  in: "cookie",
1573
1720
  name: "sessionid",
@@ -1587,7 +1734,11 @@ var CfgAccountsApiKey = class {
1587
1734
  static cfgAccountsApiKeyRegenerateCreate(options) {
1588
1735
  return (options.client ?? client).post({
1589
1736
  security: [
1590
- { scheme: "bearer", type: "http" },
1737
+ {
1738
+ key: "jwtAuth",
1739
+ scheme: "bearer",
1740
+ type: "http"
1741
+ },
1591
1742
  {
1592
1743
  in: "cookie",
1593
1744
  name: "sessionid",
@@ -1611,7 +1762,11 @@ var CfgAccountsApiKey = class {
1611
1762
  static cfgAccountsApiKeyTestCreate(options) {
1612
1763
  return (options.client ?? client).post({
1613
1764
  security: [
1614
- { scheme: "bearer", type: "http" },
1765
+ {
1766
+ key: "jwtAuth",
1767
+ scheme: "bearer",
1768
+ type: "http"
1769
+ },
1615
1770
  {
1616
1771
  in: "cookie",
1617
1772
  name: "sessionid",
@@ -1639,7 +1794,11 @@ var CfgAccountsOauth = class {
1639
1794
  */
1640
1795
  static cfgAccountsOauthConnectionsList(options) {
1641
1796
  return (options?.client ?? client).get({
1642
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1797
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1798
+ key: "jwtAuthWithLastLogin",
1799
+ scheme: "bearer",
1800
+ type: "http"
1801
+ }],
1643
1802
  url: "/cfg/accounts/oauth/connections/",
1644
1803
  ...options
1645
1804
  });
@@ -1651,7 +1810,11 @@ var CfgAccountsOauth = class {
1651
1810
  */
1652
1811
  static cfgAccountsOauthDisconnectCreate(options) {
1653
1812
  return (options.client ?? client).post({
1654
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1813
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1814
+ key: "jwtAuthWithLastLogin",
1815
+ scheme: "bearer",
1816
+ type: "http"
1817
+ }],
1655
1818
  url: "/cfg/accounts/oauth/disconnect/",
1656
1819
  ...options,
1657
1820
  headers: {
@@ -1708,7 +1871,11 @@ var CfgAccounts = class {
1708
1871
  */
1709
1872
  static cfgAccountsOtpRequestCreate(options) {
1710
1873
  return (options.client ?? client).post({
1711
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1874
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1875
+ key: "jwtAuthWithLastLogin",
1876
+ scheme: "bearer",
1877
+ type: "http"
1878
+ }],
1712
1879
  url: "/cfg/accounts/otp/request/",
1713
1880
  ...options,
1714
1881
  headers: {
@@ -1729,7 +1896,11 @@ var CfgAccounts = class {
1729
1896
  */
1730
1897
  static cfgAccountsOtpVerifyCreate(options) {
1731
1898
  return (options.client ?? client).post({
1732
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1899
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1900
+ key: "jwtAuthWithLastLogin",
1901
+ scheme: "bearer",
1902
+ type: "http"
1903
+ }],
1733
1904
  url: "/cfg/accounts/otp/verify/",
1734
1905
  ...options,
1735
1906
  headers: {
@@ -1750,7 +1921,11 @@ var CfgAccountsProfile = class {
1750
1921
  */
1751
1922
  static cfgAccountsProfileRetrieve(options) {
1752
1923
  return (options?.client ?? client).get({
1753
- security: [{ scheme: "bearer", type: "http" }, {
1924
+ security: [{
1925
+ key: "jwtAuth",
1926
+ scheme: "bearer",
1927
+ type: "http"
1928
+ }, {
1754
1929
  in: "cookie",
1755
1930
  name: "sessionid",
1756
1931
  type: "apiKey"
@@ -1767,7 +1942,11 @@ var CfgAccountsProfile = class {
1767
1942
  static cfgAccountsProfileAvatarCreate(options) {
1768
1943
  return (options?.client ?? client).post({
1769
1944
  ...formDataBodySerializer,
1770
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
1945
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
1946
+ key: "jwtAuthWithLastLogin",
1947
+ scheme: "bearer",
1948
+ type: "http"
1949
+ }],
1771
1950
  url: "/cfg/accounts/profile/avatar/",
1772
1951
  ...options,
1773
1952
  headers: {
@@ -1793,7 +1972,11 @@ var CfgAccountsProfile = class {
1793
1972
  */
1794
1973
  static cfgAccountsProfileDeleteCreate(options) {
1795
1974
  return (options?.client ?? client).post({
1796
- security: [{ scheme: "bearer", type: "http" }, {
1975
+ security: [{
1976
+ key: "jwtAuth",
1977
+ scheme: "bearer",
1978
+ type: "http"
1979
+ }, {
1797
1980
  in: "cookie",
1798
1981
  name: "sessionid",
1799
1982
  type: "apiKey"
@@ -1809,7 +1992,11 @@ var CfgAccountsProfile = class {
1809
1992
  */
1810
1993
  static cfgAccountsProfilePartialPartialUpdate(options) {
1811
1994
  return (options?.client ?? client).patch({
1812
- security: [{ scheme: "bearer", type: "http" }, {
1995
+ security: [{
1996
+ key: "jwtAuth",
1997
+ scheme: "bearer",
1998
+ type: "http"
1999
+ }, {
1813
2000
  in: "cookie",
1814
2001
  name: "sessionid",
1815
2002
  type: "apiKey"
@@ -1829,7 +2016,11 @@ var CfgAccountsProfile = class {
1829
2016
  */
1830
2017
  static cfgAccountsProfilePartialUpdate(options) {
1831
2018
  return (options?.client ?? client).put({
1832
- security: [{ scheme: "bearer", type: "http" }, {
2019
+ security: [{
2020
+ key: "jwtAuth",
2021
+ scheme: "bearer",
2022
+ type: "http"
2023
+ }, {
1833
2024
  in: "cookie",
1834
2025
  name: "sessionid",
1835
2026
  type: "apiKey"
@@ -1849,7 +2040,11 @@ var CfgAccountsProfile = class {
1849
2040
  */
1850
2041
  static cfgAccountsProfileUpdatePartialUpdate(options) {
1851
2042
  return (options?.client ?? client).patch({
1852
- security: [{ scheme: "bearer", type: "http" }, {
2043
+ security: [{
2044
+ key: "jwtAuth",
2045
+ scheme: "bearer",
2046
+ type: "http"
2047
+ }, {
1853
2048
  in: "cookie",
1854
2049
  name: "sessionid",
1855
2050
  type: "apiKey"
@@ -1869,7 +2064,11 @@ var CfgAccountsProfile = class {
1869
2064
  */
1870
2065
  static cfgAccountsProfileUpdateUpdate(options) {
1871
2066
  return (options?.client ?? client).put({
1872
- security: [{ scheme: "bearer", type: "http" }, {
2067
+ security: [{
2068
+ key: "jwtAuth",
2069
+ scheme: "bearer",
2070
+ type: "http"
2071
+ }, {
1873
2072
  in: "cookie",
1874
2073
  name: "sessionid",
1875
2074
  type: "apiKey"
@@ -1912,7 +2111,11 @@ var CfgCentrifugo = class {
1912
2111
  */
1913
2112
  static cfgCentrifugoAuthTokenRetrieve(options) {
1914
2113
  return (options?.client ?? client).get({
1915
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
2114
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
2115
+ key: "jwtAuthWithLastLogin",
2116
+ scheme: "bearer",
2117
+ type: "http"
2118
+ }],
1916
2119
  url: "/cfg/centrifugo/auth/token/",
1917
2120
  ...options
1918
2121
  });
@@ -1927,7 +2130,11 @@ var CfgTotpBackupCodes = class {
1927
2130
  */
1928
2131
  static cfgTotpBackupCodesRetrieve(options) {
1929
2132
  return (options?.client ?? client).get({
1930
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
2133
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
2134
+ key: "jwtAuthWithLastLogin",
2135
+ scheme: "bearer",
2136
+ type: "http"
2137
+ }],
1931
2138
  url: "/cfg/totp/backup-codes/",
1932
2139
  ...options
1933
2140
  });
@@ -1940,7 +2147,11 @@ var CfgTotpBackupCodes = class {
1940
2147
  */
1941
2148
  static cfgTotpBackupCodesRegenerateCreate(options) {
1942
2149
  return (options.client ?? client).post({
1943
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
2150
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
2151
+ key: "jwtAuthWithLastLogin",
2152
+ scheme: "bearer",
2153
+ type: "http"
2154
+ }],
1944
2155
  url: "/cfg/totp/backup-codes/regenerate/",
1945
2156
  ...options,
1946
2157
  headers: {
@@ -1959,7 +2170,11 @@ var CfgTotp = class {
1959
2170
  */
1960
2171
  static cfgTotpDevicesRetrieve(options) {
1961
2172
  return (options?.client ?? client).get({
1962
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
2173
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
2174
+ key: "jwtAuthWithLastLogin",
2175
+ scheme: "bearer",
2176
+ type: "http"
2177
+ }],
1963
2178
  url: "/cfg/totp/devices/",
1964
2179
  ...options
1965
2180
  });
@@ -1971,7 +2186,11 @@ var CfgTotp = class {
1971
2186
  */
1972
2187
  static cfgTotpDevicesDestroy(options) {
1973
2188
  return (options.client ?? client).delete({
1974
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
2189
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
2190
+ key: "jwtAuthWithLastLogin",
2191
+ scheme: "bearer",
2192
+ type: "http"
2193
+ }],
1975
2194
  url: "/cfg/totp/devices/{id}/",
1976
2195
  ...options
1977
2196
  });
@@ -1983,7 +2202,11 @@ var CfgTotp = class {
1983
2202
  */
1984
2203
  static cfgTotpDisableCreate(options) {
1985
2204
  return (options.client ?? client).post({
1986
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
2205
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
2206
+ key: "jwtAuthWithLastLogin",
2207
+ scheme: "bearer",
2208
+ type: "http"
2209
+ }],
1987
2210
  url: "/cfg/totp/disable/",
1988
2211
  ...options,
1989
2212
  headers: {
@@ -2004,7 +2227,11 @@ var CfgTotpSetup = class {
2004
2227
  */
2005
2228
  static cfgTotpSetupCreate(options) {
2006
2229
  return (options?.client ?? client).post({
2007
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
2230
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
2231
+ key: "jwtAuthWithLastLogin",
2232
+ scheme: "bearer",
2233
+ type: "http"
2234
+ }],
2008
2235
  url: "/cfg/totp/setup/",
2009
2236
  ...options,
2010
2237
  headers: {
@@ -2020,7 +2247,11 @@ var CfgTotpSetup = class {
2020
2247
  */
2021
2248
  static cfgTotpSetupConfirmCreate(options) {
2022
2249
  return (options.client ?? client).post({
2023
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
2250
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
2251
+ key: "jwtAuthWithLastLogin",
2252
+ scheme: "bearer",
2253
+ type: "http"
2254
+ }],
2024
2255
  url: "/cfg/totp/setup/confirm/",
2025
2256
  ...options,
2026
2257
  headers: {
@@ -2041,7 +2272,11 @@ var CfgTotpVerify = class {
2041
2272
  */
2042
2273
  static cfgTotpVerifyCreate(options) {
2043
2274
  return (options.client ?? client).post({
2044
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
2275
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
2276
+ key: "jwtAuthWithLastLogin",
2277
+ scheme: "bearer",
2278
+ type: "http"
2279
+ }],
2045
2280
  url: "/cfg/totp/verify/",
2046
2281
  ...options,
2047
2282
  headers: {
@@ -2057,7 +2292,11 @@ var CfgTotpVerify = class {
2057
2292
  */
2058
2293
  static cfgTotpVerifyBackupCreate(options) {
2059
2294
  return (options.client ?? client).post({
2060
- security: [{ name: "X-API-Key", type: "apiKey" }, { scheme: "bearer", type: "http" }],
2295
+ security: [{ name: "X-API-Key", type: "apiKey" }, {
2296
+ key: "jwtAuthWithLastLogin",
2297
+ scheme: "bearer",
2298
+ type: "http"
2299
+ }],
2061
2300
  url: "/cfg/totp/verify/backup/",
2062
2301
  ...options,
2063
2302
  headers: {
@@ -4758,6 +4997,9 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
4758
4997
  const isAdminUser = useMemo3(() => {
4759
4998
  return Boolean(user?.is_staff || user?.is_superuser);
4760
4999
  }, [user]);
5000
+ useEffect9(() => {
5001
+ applyRoleLogPolicy({ isAdmin: isAdminUser });
5002
+ }, [isAdminUser]);
4761
5003
  const updateProfile = useCallback12(
4762
5004
  async (data) => {
4763
5005
  const result = await accounts.partialUpdateProfile(data);