@djangocfg/api 2.1.447 → 2.1.449

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. package/dist/auth-server.cjs +1 -2272
  2. package/dist/auth-server.cjs.map +1 -1
  3. package/dist/auth-server.d.cts +1 -35
  4. package/dist/auth-server.d.ts +1 -35
  5. package/dist/auth-server.mjs +1 -2272
  6. package/dist/auth-server.mjs.map +1 -1
  7. package/dist/auth.cjs +207 -128
  8. package/dist/auth.cjs.map +1 -1
  9. package/dist/auth.d.cts +135 -2
  10. package/dist/auth.d.ts +135 -2
  11. package/dist/auth.mjs +216 -137
  12. package/dist/auth.mjs.map +1 -1
  13. package/dist/clients.cjs +35 -0
  14. package/dist/clients.cjs.map +1 -1
  15. package/dist/clients.d.cts +147 -2
  16. package/dist/clients.d.ts +147 -2
  17. package/dist/clients.mjs +35 -0
  18. package/dist/clients.mjs.map +1 -1
  19. package/dist/hooks.cjs +11 -0
  20. package/dist/hooks.cjs.map +1 -1
  21. package/dist/hooks.mjs +11 -0
  22. package/dist/hooks.mjs.map +1 -1
  23. package/dist/index.cjs +35 -0
  24. package/dist/index.cjs.map +1 -1
  25. package/dist/index.d.cts +169 -6
  26. package/dist/index.d.ts +169 -6
  27. package/dist/index.mjs +35 -0
  28. package/dist/index.mjs.map +1 -1
  29. package/package.json +7 -4
  30. package/src/_api/generated/_cfg_accounts/api.ts +8 -0
  31. package/src/_api/generated/_cfg_accounts/openapi.json +84 -5
  32. package/src/_api/generated/_cfg_accounts/schemas/OAuthTokenResponse.ts +2 -2
  33. package/src/_api/generated/_cfg_accounts/schemas/OTPRequestResponse.ts +2 -0
  34. package/src/_api/generated/_cfg_accounts/schemas/WebmailLink.ts +15 -0
  35. package/src/_api/generated/_cfg_accounts/schemas/WebmailLinkProviderEnum.ts +9 -0
  36. package/src/_api/generated/_cfg_accounts/schemas/index.ts +2 -0
  37. package/src/_api/generated/_cfg_centrifugo/api.ts +8 -0
  38. package/src/_api/generated/_cfg_totp/api.ts +8 -0
  39. package/src/_api/generated/helpers/auth.ts +12 -0
  40. package/src/_api/generated/openapi.json +84 -5
  41. package/src/_api/generated/types.gen.ts +131 -2
  42. package/src/auth/__tests__/refreshRotation.test.ts +119 -0
  43. package/src/auth/context/AuthContext.tsx +10 -1
  44. package/src/auth/hooks/useAuthForm.ts +5 -2
  45. package/src/auth/hooks/useAuthFormState.ts +4 -1
  46. package/src/auth/hooks/useTokenRefresh.ts +29 -45
  47. package/src/auth/middlewares/index.ts +7 -7
  48. package/src/auth/refreshHandler.ts +79 -0
  49. package/src/auth/types/form.ts +10 -0
  50. package/src/auth/types/index.ts +1 -0
  51. package/src/auth/middlewares/tokenRefresh.ts +0 -161
@@ -813,11 +813,11 @@ type OAuthTokenResponse = {
813
813
  /**
814
814
  * True if a new user was created during this OAuth flow
815
815
  */
816
- is_new_user: boolean;
816
+ is_new_user?: boolean;
817
817
  /**
818
818
  * True if a new OAuth connection was created
819
819
  */
820
- is_new_connection: boolean;
820
+ is_new_connection?: boolean;
821
821
  /**
822
822
  * True if user should be prompted to enable 2FA
823
823
  */
@@ -871,6 +871,10 @@ type OtpRequestResponse = {
871
871
  * Success message
872
872
  */
873
873
  message: string;
874
+ /**
875
+ * Webmail deep-link for the recipient's provider, or null if the domain is unknown.
876
+ */
877
+ webmail?: WebmailLink | null;
874
878
  };
875
879
  /**
876
880
  * Serializer for OTP verification.
@@ -1120,6 +1124,129 @@ type VerifyResponse = {
1120
1124
  */
1121
1125
  warning?: string;
1122
1126
  };
1127
+ /**
1128
+ * Deep-link that opens the user's webmail on a search for our login email.
1129
+ *
1130
+ * Present only when the recipient's email domain maps to a known webmail
1131
+ * provider (Gmail, Outlook, Mail.ru, Yandex, iCloud, …). For unknown/corporate
1132
+ * domains this whole object is null and the frontend shows no button.
1133
+ */
1134
+ type WebmailLink = {
1135
+ /**
1136
+ * Provider slug (e.g. 'gmail', 'outlook', 'mail_ru'). Also selects the brand icon on the frontend.
1137
+ *
1138
+ * * `gmail` - gmail
1139
+ * * `outlook` - outlook
1140
+ * * `yahoo` - yahoo
1141
+ * * `icloud` - icloud
1142
+ * * `proton` - proton
1143
+ * * `zoho` - zoho
1144
+ * * `aol` - aol
1145
+ * * `fastmail` - fastmail
1146
+ * * `gmx` - gmx
1147
+ * * `mailcom` - mailcom
1148
+ * * `mail_ru` - mail_ru
1149
+ * * `yandex` - yandex
1150
+ * * `rambler` - rambler
1151
+ * * `qq` - qq
1152
+ * * `netease` - netease
1153
+ * * `sina` - sina
1154
+ * * `aliyun` - aliyun
1155
+ * * `naver` - naver
1156
+ * * `daum` - daum
1157
+ * * `web_de` - web_de
1158
+ * * `tonline` - tonline
1159
+ * * `seznam` - seznam
1160
+ * * `wp_pl` - wp_pl
1161
+ * * `o2_pl` - o2_pl
1162
+ * * `interia` - interia
1163
+ * * `libero` - libero
1164
+ * * `virgilio` - virgilio
1165
+ * * `orange` - orange
1166
+ * * `laposte` - laposte
1167
+ * * `free_fr` - free_fr
1168
+ * * `sfr` - sfr
1169
+ */
1170
+ provider: WebmailLinkProviderEnum;
1171
+ /**
1172
+ * Human-facing provider name, e.g. 'Gmail'.
1173
+ */
1174
+ provider_name: string;
1175
+ /**
1176
+ * Absolute URL to open in a new tab (a sender-filtered search, or the inbox as fallback).
1177
+ */
1178
+ url: string;
1179
+ /**
1180
+ * True if the URL opens a search filtered to our sender; False if it only opens the inbox.
1181
+ */
1182
+ is_search: boolean;
1183
+ };
1184
+ /**
1185
+ * * `gmail` - gmail
1186
+ * * `outlook` - outlook
1187
+ * * `yahoo` - yahoo
1188
+ * * `icloud` - icloud
1189
+ * * `proton` - proton
1190
+ * * `zoho` - zoho
1191
+ * * `aol` - aol
1192
+ * * `fastmail` - fastmail
1193
+ * * `gmx` - gmx
1194
+ * * `mailcom` - mailcom
1195
+ * * `mail_ru` - mail_ru
1196
+ * * `yandex` - yandex
1197
+ * * `rambler` - rambler
1198
+ * * `qq` - qq
1199
+ * * `netease` - netease
1200
+ * * `sina` - sina
1201
+ * * `aliyun` - aliyun
1202
+ * * `naver` - naver
1203
+ * * `daum` - daum
1204
+ * * `web_de` - web_de
1205
+ * * `tonline` - tonline
1206
+ * * `seznam` - seznam
1207
+ * * `wp_pl` - wp_pl
1208
+ * * `o2_pl` - o2_pl
1209
+ * * `interia` - interia
1210
+ * * `libero` - libero
1211
+ * * `virgilio` - virgilio
1212
+ * * `orange` - orange
1213
+ * * `laposte` - laposte
1214
+ * * `free_fr` - free_fr
1215
+ * * `sfr` - sfr
1216
+ */
1217
+ declare enum WebmailLinkProviderEnum {
1218
+ GMAIL = "gmail",
1219
+ OUTLOOK = "outlook",
1220
+ YAHOO = "yahoo",
1221
+ ICLOUD = "icloud",
1222
+ PROTON = "proton",
1223
+ ZOHO = "zoho",
1224
+ AOL = "aol",
1225
+ FASTMAIL = "fastmail",
1226
+ GMX = "gmx",
1227
+ MAILCOM = "mailcom",
1228
+ MAIL_RU = "mail_ru",
1229
+ YANDEX = "yandex",
1230
+ RAMBLER = "rambler",
1231
+ QQ = "qq",
1232
+ NETEASE = "netease",
1233
+ SINA = "sina",
1234
+ ALIYUN = "aliyun",
1235
+ NAVER = "naver",
1236
+ DAUM = "daum",
1237
+ WEB_DE = "web_de",
1238
+ TONLINE = "tonline",
1239
+ SEZNAM = "seznam",
1240
+ WP_PL = "wp_pl",
1241
+ O2_PL = "o2_pl",
1242
+ INTERIA = "interia",
1243
+ LIBERO = "libero",
1244
+ VIRGILIO = "virgilio",
1245
+ ORANGE = "orange",
1246
+ LAPOSTE = "laposte",
1247
+ FREE_FR = "free_fr",
1248
+ SFR = "sfr"
1249
+ }
1123
1250
  type CfgAccountsOauthConnectionsResponse200AutoRef = Array<OAuthConnection>;
1124
1251
  type CfgAccountsOauthDisconnectResponse200AutoRef = {
1125
1252
  message?: string;
@@ -1822,6 +1949,12 @@ declare class API$2 {
1822
1949
  access: string;
1823
1950
  refresh?: string;
1824
1951
  } | null>) | null): void;
1952
+ /**
1953
+ * Proactively refresh now via the registered handler, sharing the single
1954
+ * 401-recovery flight (rotation + dedup + rotated-token persistence).
1955
+ * See `auth.refreshNow`.
1956
+ */
1957
+ refreshNow(): Promise<string | null>;
1825
1958
  }
1826
1959
 
1827
1960
  interface APIOptions$1 {
@@ -1867,6 +2000,12 @@ declare class API$1 {
1867
2000
  access: string;
1868
2001
  refresh?: string;
1869
2002
  } | null>) | null): void;
2003
+ /**
2004
+ * Proactively refresh now via the registered handler, sharing the single
2005
+ * 401-recovery flight (rotation + dedup + rotated-token persistence).
2006
+ * See `auth.refreshNow`.
2007
+ */
2008
+ refreshNow(): Promise<string | null>;
1870
2009
  }
1871
2010
 
1872
2011
  interface APIOptions {
@@ -1915,6 +2054,12 @@ declare class API {
1915
2054
  access: string;
1916
2055
  refresh?: string;
1917
2056
  } | null>) | null): void;
2057
+ /**
2058
+ * Proactively refresh now via the registered handler, sharing the single
2059
+ * 401-recovery flight (rotation + dedup + rotated-token persistence).
2060
+ * See `auth.refreshNow`.
2061
+ */
2062
+ refreshNow(): Promise<string | null>;
1918
2063
  }
1919
2064
 
1920
2065
  declare const CfgAccountsApi: API$2;
package/dist/clients.d.ts CHANGED
@@ -813,11 +813,11 @@ type OAuthTokenResponse = {
813
813
  /**
814
814
  * True if a new user was created during this OAuth flow
815
815
  */
816
- is_new_user: boolean;
816
+ is_new_user?: boolean;
817
817
  /**
818
818
  * True if a new OAuth connection was created
819
819
  */
820
- is_new_connection: boolean;
820
+ is_new_connection?: boolean;
821
821
  /**
822
822
  * True if user should be prompted to enable 2FA
823
823
  */
@@ -871,6 +871,10 @@ type OtpRequestResponse = {
871
871
  * Success message
872
872
  */
873
873
  message: string;
874
+ /**
875
+ * Webmail deep-link for the recipient's provider, or null if the domain is unknown.
876
+ */
877
+ webmail?: WebmailLink | null;
874
878
  };
875
879
  /**
876
880
  * Serializer for OTP verification.
@@ -1120,6 +1124,129 @@ type VerifyResponse = {
1120
1124
  */
1121
1125
  warning?: string;
1122
1126
  };
1127
+ /**
1128
+ * Deep-link that opens the user's webmail on a search for our login email.
1129
+ *
1130
+ * Present only when the recipient's email domain maps to a known webmail
1131
+ * provider (Gmail, Outlook, Mail.ru, Yandex, iCloud, …). For unknown/corporate
1132
+ * domains this whole object is null and the frontend shows no button.
1133
+ */
1134
+ type WebmailLink = {
1135
+ /**
1136
+ * Provider slug (e.g. 'gmail', 'outlook', 'mail_ru'). Also selects the brand icon on the frontend.
1137
+ *
1138
+ * * `gmail` - gmail
1139
+ * * `outlook` - outlook
1140
+ * * `yahoo` - yahoo
1141
+ * * `icloud` - icloud
1142
+ * * `proton` - proton
1143
+ * * `zoho` - zoho
1144
+ * * `aol` - aol
1145
+ * * `fastmail` - fastmail
1146
+ * * `gmx` - gmx
1147
+ * * `mailcom` - mailcom
1148
+ * * `mail_ru` - mail_ru
1149
+ * * `yandex` - yandex
1150
+ * * `rambler` - rambler
1151
+ * * `qq` - qq
1152
+ * * `netease` - netease
1153
+ * * `sina` - sina
1154
+ * * `aliyun` - aliyun
1155
+ * * `naver` - naver
1156
+ * * `daum` - daum
1157
+ * * `web_de` - web_de
1158
+ * * `tonline` - tonline
1159
+ * * `seznam` - seznam
1160
+ * * `wp_pl` - wp_pl
1161
+ * * `o2_pl` - o2_pl
1162
+ * * `interia` - interia
1163
+ * * `libero` - libero
1164
+ * * `virgilio` - virgilio
1165
+ * * `orange` - orange
1166
+ * * `laposte` - laposte
1167
+ * * `free_fr` - free_fr
1168
+ * * `sfr` - sfr
1169
+ */
1170
+ provider: WebmailLinkProviderEnum;
1171
+ /**
1172
+ * Human-facing provider name, e.g. 'Gmail'.
1173
+ */
1174
+ provider_name: string;
1175
+ /**
1176
+ * Absolute URL to open in a new tab (a sender-filtered search, or the inbox as fallback).
1177
+ */
1178
+ url: string;
1179
+ /**
1180
+ * True if the URL opens a search filtered to our sender; False if it only opens the inbox.
1181
+ */
1182
+ is_search: boolean;
1183
+ };
1184
+ /**
1185
+ * * `gmail` - gmail
1186
+ * * `outlook` - outlook
1187
+ * * `yahoo` - yahoo
1188
+ * * `icloud` - icloud
1189
+ * * `proton` - proton
1190
+ * * `zoho` - zoho
1191
+ * * `aol` - aol
1192
+ * * `fastmail` - fastmail
1193
+ * * `gmx` - gmx
1194
+ * * `mailcom` - mailcom
1195
+ * * `mail_ru` - mail_ru
1196
+ * * `yandex` - yandex
1197
+ * * `rambler` - rambler
1198
+ * * `qq` - qq
1199
+ * * `netease` - netease
1200
+ * * `sina` - sina
1201
+ * * `aliyun` - aliyun
1202
+ * * `naver` - naver
1203
+ * * `daum` - daum
1204
+ * * `web_de` - web_de
1205
+ * * `tonline` - tonline
1206
+ * * `seznam` - seznam
1207
+ * * `wp_pl` - wp_pl
1208
+ * * `o2_pl` - o2_pl
1209
+ * * `interia` - interia
1210
+ * * `libero` - libero
1211
+ * * `virgilio` - virgilio
1212
+ * * `orange` - orange
1213
+ * * `laposte` - laposte
1214
+ * * `free_fr` - free_fr
1215
+ * * `sfr` - sfr
1216
+ */
1217
+ declare enum WebmailLinkProviderEnum {
1218
+ GMAIL = "gmail",
1219
+ OUTLOOK = "outlook",
1220
+ YAHOO = "yahoo",
1221
+ ICLOUD = "icloud",
1222
+ PROTON = "proton",
1223
+ ZOHO = "zoho",
1224
+ AOL = "aol",
1225
+ FASTMAIL = "fastmail",
1226
+ GMX = "gmx",
1227
+ MAILCOM = "mailcom",
1228
+ MAIL_RU = "mail_ru",
1229
+ YANDEX = "yandex",
1230
+ RAMBLER = "rambler",
1231
+ QQ = "qq",
1232
+ NETEASE = "netease",
1233
+ SINA = "sina",
1234
+ ALIYUN = "aliyun",
1235
+ NAVER = "naver",
1236
+ DAUM = "daum",
1237
+ WEB_DE = "web_de",
1238
+ TONLINE = "tonline",
1239
+ SEZNAM = "seznam",
1240
+ WP_PL = "wp_pl",
1241
+ O2_PL = "o2_pl",
1242
+ INTERIA = "interia",
1243
+ LIBERO = "libero",
1244
+ VIRGILIO = "virgilio",
1245
+ ORANGE = "orange",
1246
+ LAPOSTE = "laposte",
1247
+ FREE_FR = "free_fr",
1248
+ SFR = "sfr"
1249
+ }
1123
1250
  type CfgAccountsOauthConnectionsResponse200AutoRef = Array<OAuthConnection>;
1124
1251
  type CfgAccountsOauthDisconnectResponse200AutoRef = {
1125
1252
  message?: string;
@@ -1822,6 +1949,12 @@ declare class API$2 {
1822
1949
  access: string;
1823
1950
  refresh?: string;
1824
1951
  } | null>) | null): void;
1952
+ /**
1953
+ * Proactively refresh now via the registered handler, sharing the single
1954
+ * 401-recovery flight (rotation + dedup + rotated-token persistence).
1955
+ * See `auth.refreshNow`.
1956
+ */
1957
+ refreshNow(): Promise<string | null>;
1825
1958
  }
1826
1959
 
1827
1960
  interface APIOptions$1 {
@@ -1867,6 +2000,12 @@ declare class API$1 {
1867
2000
  access: string;
1868
2001
  refresh?: string;
1869
2002
  } | null>) | null): void;
2003
+ /**
2004
+ * Proactively refresh now via the registered handler, sharing the single
2005
+ * 401-recovery flight (rotation + dedup + rotated-token persistence).
2006
+ * See `auth.refreshNow`.
2007
+ */
2008
+ refreshNow(): Promise<string | null>;
1870
2009
  }
1871
2010
 
1872
2011
  interface APIOptions {
@@ -1915,6 +2054,12 @@ declare class API {
1915
2054
  access: string;
1916
2055
  refresh?: string;
1917
2056
  } | null>) | null): void;
2057
+ /**
2058
+ * Proactively refresh now via the registered handler, sharing the single
2059
+ * 401-recovery flight (rotation + dedup + rotated-token persistence).
2060
+ * See `auth.refreshNow`.
2061
+ */
2062
+ refreshNow(): Promise<string | null>;
1918
2063
  }
1919
2064
 
1920
2065
  declare const CfgAccountsApi: API$2;
package/dist/clients.mjs CHANGED
@@ -271,6 +271,17 @@ var auth = {
271
271
  */
272
272
  setRefreshHandler(fn) {
273
273
  _refreshHandler = fn;
274
+ },
275
+ /**
276
+ * Proactively run the registered refresh handler right now, reusing the
277
+ * SAME single-flight promise as the 401-recovery interceptor. Callers
278
+ * (e.g. an expiry timer / focus / reconnect) get token rotation,
279
+ * de-duplication and rotated-token persistence for free — they must NOT
280
+ * re-implement any of it. Returns the fresh access token, or null if
281
+ * there is no handler / no refresh token / the refresh failed.
282
+ */
283
+ refreshNow() {
284
+ return tryRefresh();
274
285
  }
275
286
  };
276
287
  async function tryRefresh() {
@@ -1994,6 +2005,14 @@ var API = class {
1994
2005
  setRefreshHandler(fn) {
1995
2006
  auth.setRefreshHandler(fn);
1996
2007
  }
2008
+ /**
2009
+ * Proactively refresh now via the registered handler, sharing the single
2010
+ * 401-recovery flight (rotation + dedup + rotated-token persistence).
2011
+ * See `auth.refreshNow`.
2012
+ */
2013
+ refreshNow() {
2014
+ return auth.refreshNow();
2015
+ }
1997
2016
  };
1998
2017
 
1999
2018
  // src/_api/generated/_cfg_centrifugo/api.ts
@@ -2058,6 +2077,14 @@ var API2 = class {
2058
2077
  setRefreshHandler(fn) {
2059
2078
  auth.setRefreshHandler(fn);
2060
2079
  }
2080
+ /**
2081
+ * Proactively refresh now via the registered handler, sharing the single
2082
+ * 401-recovery flight (rotation + dedup + rotated-token persistence).
2083
+ * See `auth.refreshNow`.
2084
+ */
2085
+ refreshNow() {
2086
+ return auth.refreshNow();
2087
+ }
2061
2088
  };
2062
2089
 
2063
2090
  // src/_api/generated/_cfg_totp/api.ts
@@ -2125,6 +2152,14 @@ var API3 = class {
2125
2152
  setRefreshHandler(fn) {
2126
2153
  auth.setRefreshHandler(fn);
2127
2154
  }
2155
+ /**
2156
+ * Proactively refresh now via the registered handler, sharing the single
2157
+ * 401-recovery flight (rotation + dedup + rotated-token persistence).
2158
+ * See `auth.refreshNow`.
2159
+ */
2160
+ refreshNow() {
2161
+ return auth.refreshNow();
2162
+ }
2128
2163
  };
2129
2164
 
2130
2165
  // src/_api/generated/index.ts