@djangocfg/api 2.1.87 → 2.1.89

package/dist/auth.cjs

@@ -59,6 +59,7 @@ __export(auth_exports, {
   useGithubAuth: () => useGithubAuth,
   useLocalStorage: () => useLocalStorage2,
   useSessionStorage: () => useSessionStorage,
+  useTokenRefresh: () => useTokenRefresh,
   useTwoFactor: () => useTwoFactor,
   useTwoFactorSetup: () => useTwoFactorSetup,
   useTwoFactorStatus: () => useTwoFactorStatus,
@@ -69,7 +70,7 @@ module.exports = __toCommonJS(auth_exports);
 
 // src/auth/context/AuthContext.tsx
 var import_navigation = require("next/navigation");
-var import_react3 = require("react");
+var import_react4 = require("react");
 var import_hooks2 = require("@djangocfg/ui-nextjs/hooks");
 
 // src/generated/cfg_accounts/accounts__auth/client.ts
@@ -170,7 +171,9 @@ var UserProfile = class {
    * multipart/form-data with 'avatar' field.
    */
   async accountsProfileAvatarCreate(data) {
-    const response = await this.client.request("POST", "/cfg/accounts/profile/avatar/", { formData: data });
+    const formData = new FormData();
+    formData.append("avatar", data.avatar);
+    const response = await this.client.request("POST", "/cfg/accounts/profile/avatar/", { formData });
     return response;
   }
   /**
@@ -606,8 +609,10 @@ var APIClient = class {
   constructor(baseUrl, options) {
     this.logger = null;
     this.retryConfig = null;
+    this.tokenGetter = null;
     this.baseUrl = baseUrl.replace(/\/$/, "");
     this.httpClient = options?.httpClient || new FetchAdapter();
+    this.tokenGetter = options?.tokenGetter || null;
     if (options?.loggerConfig !== void 0) {
       this.logger = new APILogger(options.loggerConfig);
     }
@@ -636,6 +641,19 @@ var APIClient = class {
     }
     return null;
   }
+  /**
+   * Get the base URL for building streaming/download URLs.
+   */
+  getBaseUrl() {
+    return this.baseUrl;
+  }
+  /**
+   * Get JWT token for URL authentication (used in streaming endpoints).
+   * Returns null if no token getter is configured or no token is available.
+   */
+  getToken() {
+    return this.tokenGetter ? this.tokenGetter() : null;
+  }
   /**
    * Make HTTP request with Django CSRF and session handling.
    * Automatically retries on network errors and 5xx server errors.
@@ -883,168 +901,174 @@ var CentrifugoTokenSchema = import_zod.z.object({
   channels: import_zod.z.array(import_zod.z.string())
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OAuthAuthorizeRequestRequest.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/CfgAccountsProfileAvatarCreateRequest.schema.ts
 var import_zod2 = require("zod");
-var OAuthAuthorizeRequestRequestSchema = import_zod2.z.object({
-  redirect_uri: import_zod2.z.union([import_zod2.z.url(), import_zod2.z.literal("")]).optional(),
-  source_url: import_zod2.z.union([import_zod2.z.url(), import_zod2.z.literal("")]).optional()
+var CfgAccountsProfileAvatarCreateRequestSchema = import_zod2.z.object({
+  avatar: import_zod2.z.union([import_zod2.z.instanceof(File), import_zod2.z.instanceof(Blob)])
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OAuthAuthorizeResponse.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/OAuthAuthorizeRequestRequest.schema.ts
 var import_zod3 = require("zod");
-var OAuthAuthorizeResponseSchema = import_zod3.z.object({
-  authorization_url: import_zod3.z.union([import_zod3.z.url(), import_zod3.z.literal("")]),
-  state: import_zod3.z.string()
+var OAuthAuthorizeRequestRequestSchema = import_zod3.z.object({
+  redirect_uri: import_zod3.z.union([import_zod3.z.url(), import_zod3.z.literal("")]).optional(),
+  source_url: import_zod3.z.union([import_zod3.z.url(), import_zod3.z.literal("")]).optional()
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OAuthCallbackRequestRequest.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/OAuthAuthorizeResponse.schema.ts
 var import_zod4 = require("zod");
-var OAuthCallbackRequestRequestSchema = import_zod4.z.object({
-  code: import_zod4.z.string().min(10).max(500),
-  state: import_zod4.z.string().min(20).max(100),
-  redirect_uri: import_zod4.z.union([import_zod4.z.url(), import_zod4.z.literal("")]).optional()
+var OAuthAuthorizeResponseSchema = import_zod4.z.object({
+  authorization_url: import_zod4.z.union([import_zod4.z.url(), import_zod4.z.literal("")]),
+  state: import_zod4.z.string()
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OAuthConnection.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/OAuthCallbackRequestRequest.schema.ts
 var import_zod5 = require("zod");
-var OAuthConnectionSchema = import_zod5.z.object({
-  id: import_zod5.z.int(),
-  provider: import_zod5.z.nativeEnum(OAuthConnectionProvider),
-  provider_display: import_zod5.z.string(),
-  provider_username: import_zod5.z.string(),
-  provider_email: import_zod5.z.email(),
-  provider_avatar_url: import_zod5.z.union([import_zod5.z.url(), import_zod5.z.literal("")]),
-  connected_at: import_zod5.z.iso.datetime(),
-  last_login_at: import_zod5.z.iso.datetime()
+var OAuthCallbackRequestRequestSchema = import_zod5.z.object({
+  code: import_zod5.z.string().min(10).max(500),
+  state: import_zod5.z.string().min(20).max(100),
+  redirect_uri: import_zod5.z.union([import_zod5.z.url(), import_zod5.z.literal("")]).optional()
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OAuthDisconnectRequestRequest.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/OAuthConnection.schema.ts
 var import_zod6 = require("zod");
-var OAuthDisconnectRequestRequestSchema = import_zod6.z.object({
-  provider: import_zod6.z.nativeEnum(OAuthDisconnectRequestRequestProvider)
+var OAuthConnectionSchema = import_zod6.z.object({
+  id: import_zod6.z.int(),
+  provider: import_zod6.z.nativeEnum(OAuthConnectionProvider),
+  provider_display: import_zod6.z.string(),
+  provider_username: import_zod6.z.string(),
+  provider_email: import_zod6.z.email(),
+  provider_avatar_url: import_zod6.z.union([import_zod6.z.url(), import_zod6.z.literal("")]),
+  connected_at: import_zod6.z.iso.datetime(),
+  last_login_at: import_zod6.z.iso.datetime()
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OAuthError.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/OAuthDisconnectRequestRequest.schema.ts
 var import_zod7 = require("zod");
-var OAuthErrorSchema = import_zod7.z.object({
-  error: import_zod7.z.string(),
-  error_description: import_zod7.z.string().optional()
+var OAuthDisconnectRequestRequestSchema = import_zod7.z.object({
+  provider: import_zod7.z.nativeEnum(OAuthDisconnectRequestRequestProvider)
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OAuthProvidersResponse.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/OAuthError.schema.ts
 var import_zod8 = require("zod");
-var OAuthProvidersResponseSchema = import_zod8.z.object({
-  providers: import_zod8.z.array(import_zod8.z.record(import_zod8.z.string(), import_zod8.z.any()))
+var OAuthErrorSchema = import_zod8.z.object({
+  error: import_zod8.z.string(),
+  error_description: import_zod8.z.string().optional()
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OAuthTokenResponse.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/OAuthProvidersResponse.schema.ts
 var import_zod9 = require("zod");
-var OAuthTokenResponseSchema = import_zod9.z.object({
-  requires_2fa: import_zod9.z.boolean().optional(),
-  session_id: import_zod9.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),
-  access: import_zod9.z.string().nullable().optional(),
-  refresh: import_zod9.z.string().nullable().optional(),
-  user: import_zod9.z.record(import_zod9.z.string(), import_zod9.z.any()).nullable().optional(),
-  is_new_user: import_zod9.z.boolean(),
-  is_new_connection: import_zod9.z.boolean(),
-  should_prompt_2fa: import_zod9.z.boolean().optional()
+var OAuthProvidersResponseSchema = import_zod9.z.object({
+  providers: import_zod9.z.array(import_zod9.z.record(import_zod9.z.string(), import_zod9.z.any()))
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OTPErrorResponse.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/OAuthTokenResponse.schema.ts
 var import_zod10 = require("zod");
-var OTPErrorResponseSchema = import_zod10.z.object({
-  error: import_zod10.z.string()
+var OAuthTokenResponseSchema = import_zod10.z.object({
+  requires_2fa: import_zod10.z.boolean().optional(),
+  session_id: import_zod10.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),
+  access: import_zod10.z.string().nullable().optional(),
+  refresh: import_zod10.z.string().nullable().optional(),
+  user: import_zod10.z.record(import_zod10.z.string(), import_zod10.z.any()).nullable().optional(),
+  is_new_user: import_zod10.z.boolean(),
+  is_new_connection: import_zod10.z.boolean(),
+  should_prompt_2fa: import_zod10.z.boolean().optional()
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OTPRequestRequest.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/OTPErrorResponse.schema.ts
 var import_zod11 = require("zod");
-var OTPRequestRequestSchema = import_zod11.z.object({
-  identifier: import_zod11.z.string().min(1),
-  channel: import_zod11.z.nativeEnum(OTPRequestRequestChannel).optional(),
-  source_url: import_zod11.z.union([import_zod11.z.url(), import_zod11.z.literal("")]).optional()
+var OTPErrorResponseSchema = import_zod11.z.object({
+  error: import_zod11.z.string()
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OTPRequestResponse.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/OTPRequestRequest.schema.ts
 var import_zod12 = require("zod");
-var OTPRequestResponseSchema = import_zod12.z.object({
-  message: import_zod12.z.string()
+var OTPRequestRequestSchema = import_zod12.z.object({
+  identifier: import_zod12.z.string().min(1),
+  channel: import_zod12.z.nativeEnum(OTPRequestRequestChannel).optional(),
+  source_url: import_zod12.z.union([import_zod12.z.url(), import_zod12.z.literal("")]).optional()
 });
 
-// src/generated/cfg_accounts/_utils/schemas/OTPVerifyRequest.schema.ts
+// src/generated/cfg_accounts/_utils/schemas/OTPRequestResponse.schema.ts
 var import_zod13 = require("zod");
-var OTPVerifyRequestSchema = import_zod13.z.object({
-  identifier: import_zod13.z.string().min(1),
-  otp: import_zod13.z.string().min(6).max(6),
-  channel: import_zod13.z.nativeEnum(OTPVerifyRequestChannel).optional(),
-  source_url: import_zod13.z.union([import_zod13.z.url(), import_zod13.z.literal("")]).optional()
+var OTPRequestResponseSchema = import_zod13.z.object({
+  message: import_zod13.z.string()
+});
+
+// src/generated/cfg_accounts/_utils/schemas/OTPVerifyRequest.schema.ts
+var import_zod14 = require("zod");
+var OTPVerifyRequestSchema = import_zod14.z.object({
+  identifier: import_zod14.z.string().min(1),
+  otp: import_zod14.z.string().min(6).max(6),
+  channel: import_zod14.z.nativeEnum(OTPVerifyRequestChannel).optional(),
+  source_url: import_zod14.z.union([import_zod14.z.url(), import_zod14.z.literal("")]).optional()
 });
 
 // src/generated/cfg_accounts/_utils/schemas/OTPVerifyResponse.schema.ts
-var import_zod15 = require("zod");
+var import_zod16 = require("zod");
 
 // src/generated/cfg_accounts/_utils/schemas/User.schema.ts
-var import_zod14 = require("zod");
-var UserSchema = import_zod14.z.object({
-  id: import_zod14.z.int(),
-  email: import_zod14.z.email(),
-  first_name: import_zod14.z.string().max(50).optional(),
-  last_name: import_zod14.z.string().max(50).optional(),
-  full_name: import_zod14.z.string(),
-  initials: import_zod14.z.string(),
-  display_username: import_zod14.z.string(),
-  company: import_zod14.z.string().max(100).optional(),
-  phone: import_zod14.z.string().max(20).optional(),
-  position: import_zod14.z.string().max(100).optional(),
-  avatar: import_zod14.z.union([import_zod14.z.url(), import_zod14.z.literal("")]).nullable(),
-  is_staff: import_zod14.z.boolean(),
-  is_superuser: import_zod14.z.boolean(),
-  date_joined: import_zod14.z.iso.datetime(),
-  last_login: import_zod14.z.iso.datetime().nullable(),
-  unanswered_messages_count: import_zod14.z.int(),
+var import_zod15 = require("zod");
+var UserSchema = import_zod15.z.object({
+  id: import_zod15.z.int(),
+  email: import_zod15.z.email(),
+  first_name: import_zod15.z.string().max(50).optional(),
+  last_name: import_zod15.z.string().max(50).optional(),
+  full_name: import_zod15.z.string(),
+  initials: import_zod15.z.string(),
+  display_username: import_zod15.z.string(),
+  company: import_zod15.z.string().max(100).optional(),
+  phone: import_zod15.z.string().max(20).optional(),
+  position: import_zod15.z.string().max(100).optional(),
+  avatar: import_zod15.z.union([import_zod15.z.url(), import_zod15.z.literal("")]).nullable(),
+  is_staff: import_zod15.z.boolean(),
+  is_superuser: import_zod15.z.boolean(),
+  date_joined: import_zod15.z.iso.datetime(),
+  last_login: import_zod15.z.iso.datetime().nullable(),
+  unanswered_messages_count: import_zod15.z.int(),
   centrifugo: CentrifugoTokenSchema.nullable()
 });
 
 // src/generated/cfg_accounts/_utils/schemas/OTPVerifyResponse.schema.ts
-var OTPVerifyResponseSchema = import_zod15.z.object({
-  requires_2fa: import_zod15.z.boolean().optional(),
-  session_id: import_zod15.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),
-  refresh: import_zod15.z.string().nullable().optional(),
-  access: import_zod15.z.string().nullable().optional(),
+var OTPVerifyResponseSchema = import_zod16.z.object({
+  requires_2fa: import_zod16.z.boolean().optional(),
+  session_id: import_zod16.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),
+  refresh: import_zod16.z.string().nullable().optional(),
+  access: import_zod16.z.string().nullable().optional(),
   user: UserSchema.nullable().optional(),
-  should_prompt_2fa: import_zod15.z.boolean().optional()
+  should_prompt_2fa: import_zod16.z.boolean().optional()
 });
 
 // src/generated/cfg_accounts/_utils/schemas/PatchedUserProfileUpdateRequest.schema.ts
-var import_zod16 = require("zod");
-var PatchedUserProfileUpdateRequestSchema = import_zod16.z.object({
-  first_name: import_zod16.z.string().max(50).optional(),
-  last_name: import_zod16.z.string().max(50).optional(),
-  company: import_zod16.z.string().max(100).optional(),
-  phone: import_zod16.z.string().max(20).optional(),
-  position: import_zod16.z.string().max(100).optional()
+var import_zod17 = require("zod");
+var PatchedUserProfileUpdateRequestSchema = import_zod17.z.object({
+  first_name: import_zod17.z.string().max(50).optional(),
+  last_name: import_zod17.z.string().max(50).optional(),
+  company: import_zod17.z.string().max(100).optional(),
+  phone: import_zod17.z.string().max(20).optional(),
+  position: import_zod17.z.string().max(100).optional()
 });
 
 // src/generated/cfg_accounts/_utils/schemas/TokenRefresh.schema.ts
-var import_zod17 = require("zod");
-var TokenRefreshSchema = import_zod17.z.object({
-  access: import_zod17.z.string(),
-  refresh: import_zod17.z.string()
+var import_zod18 = require("zod");
+var TokenRefreshSchema = import_zod18.z.object({
+  access: import_zod18.z.string(),
+  refresh: import_zod18.z.string()
 });
 
 // src/generated/cfg_accounts/_utils/schemas/TokenRefreshRequest.schema.ts
-var import_zod18 = require("zod");
-var TokenRefreshRequestSchema = import_zod18.z.object({
-  refresh: import_zod18.z.string().min(1)
+var import_zod19 = require("zod");
+var TokenRefreshRequestSchema = import_zod19.z.object({
+  refresh: import_zod19.z.string().min(1)
 });
 
 // src/generated/cfg_accounts/_utils/schemas/UserProfileUpdateRequest.schema.ts
-var import_zod19 = require("zod");
-var UserProfileUpdateRequestSchema = import_zod19.z.object({
-  first_name: import_zod19.z.string().max(50).optional(),
-  last_name: import_zod19.z.string().max(50).optional(),
-  company: import_zod19.z.string().max(100).optional(),
-  phone: import_zod19.z.string().max(20).optional(),
-  position: import_zod19.z.string().max(100).optional()
+var import_zod20 = require("zod");
+var UserProfileUpdateRequestSchema = import_zod20.z.object({
+  first_name: import_zod20.z.string().max(50).optional(),
+  last_name: import_zod20.z.string().max(50).optional(),
+  company: import_zod20.z.string().max(100).optional(),
+  phone: import_zod20.z.string().max(20).optional(),
+  position: import_zod20.z.string().max(100).optional()
 });
 
 // src/generated/cfg_accounts/_utils/fetchers/accounts.ts
@@ -1401,7 +1425,8 @@ var API = class {
     this._loadTokensFromStorage();
     this._client = new APIClient(this.baseUrl, {
       retryConfig: this.options?.retryConfig,
-      loggerConfig: this.options?.loggerConfig
+      loggerConfig: this.options?.loggerConfig,
+      tokenGetter: /* @__PURE__ */ __name(() => this.getToken(), "tokenGetter")
     });
     this._injectAuthHeader();
     this.auth = this._client.auth;
@@ -1419,7 +1444,8 @@ var API = class {
   _reinitClients() {
     this._client = new APIClient(this.baseUrl, {
       retryConfig: this.options?.retryConfig,
-      loggerConfig: this.options?.loggerConfig
+      loggerConfig: this.options?.loggerConfig,
+      tokenGetter: /* @__PURE__ */ __name(() => this.getToken(), "tokenGetter")
     });
     this._injectAuthHeader();
     this.auth = this._client.auth;
@@ -2090,8 +2116,10 @@ var APIClient2 = class {
   constructor(baseUrl, options) {
     this.logger = null;
     this.retryConfig = null;
+    this.tokenGetter = null;
     this.baseUrl = baseUrl.replace(/\/$/, "");
     this.httpClient = options?.httpClient || new FetchAdapter2();
+    this.tokenGetter = options?.tokenGetter || null;
     if (options?.loggerConfig !== void 0) {
       this.logger = new APILogger2(options.loggerConfig);
     }
@@ -2120,6 +2148,19 @@ var APIClient2 = class {
     }
     return null;
   }
+  /**
+   * Get the base URL for building streaming/download URLs.
+   */
+  getBaseUrl() {
+    return this.baseUrl;
+  }
+  /**
+   * Get JWT token for URL authentication (used in streaming endpoints).
+   * Returns null if no token getter is configured or no token is available.
+   */
+  getToken() {
+    return this.tokenGetter ? this.tokenGetter() : null;
+  }
   /**
    * Make HTTP request with Django CSRF and session handling.
    * Automatically retries on network errors and 5xx server errors.
@@ -2332,320 +2373,320 @@ var LocalStorageAdapter2 = class {
 };
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoChannelInfo.schema.ts
-var import_zod20 = require("zod");
-var CentrifugoChannelInfoSchema = import_zod20.z.object({
-  num_clients: import_zod20.z.int()
+var import_zod21 = require("zod");
+var CentrifugoChannelInfoSchema = import_zod21.z.object({
+  num_clients: import_zod21.z.int()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoChannelsRequestRequest.schema.ts
-var import_zod21 = require("zod");
-var CentrifugoChannelsRequestRequestSchema = import_zod21.z.object({
-  pattern: import_zod21.z.string().nullable().optional()
+var import_zod22 = require("zod");
+var CentrifugoChannelsRequestRequestSchema = import_zod22.z.object({
+  pattern: import_zod22.z.string().nullable().optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoChannelsResponse.schema.ts
-var import_zod24 = require("zod");
+var import_zod25 = require("zod");
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoChannelsResult.schema.ts
-var import_zod22 = require("zod");
-var CentrifugoChannelsResultSchema = import_zod22.z.object({
-  channels: import_zod22.z.record(import_zod22.z.string(), CentrifugoChannelInfoSchema)
+var import_zod23 = require("zod");
+var CentrifugoChannelsResultSchema = import_zod23.z.object({
+  channels: import_zod23.z.record(import_zod23.z.string(), CentrifugoChannelInfoSchema)
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoError.schema.ts
-var import_zod23 = require("zod");
-var CentrifugoErrorSchema = import_zod23.z.object({
-  code: import_zod23.z.int().optional(),
-  message: import_zod23.z.string().optional()
+var import_zod24 = require("zod");
+var CentrifugoErrorSchema = import_zod24.z.object({
+  code: import_zod24.z.int().optional(),
+  message: import_zod24.z.string().optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoChannelsResponse.schema.ts
-var CentrifugoChannelsResponseSchema = import_zod24.z.object({
+var CentrifugoChannelsResponseSchema = import_zod25.z.object({
   error: CentrifugoErrorSchema.optional(),
   result: CentrifugoChannelsResultSchema.optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoClientInfo.schema.ts
-var import_zod25 = require("zod");
-var CentrifugoClientInfoSchema = import_zod25.z.object({
-  user: import_zod25.z.string(),
-  client: import_zod25.z.string(),
-  conn_info: import_zod25.z.record(import_zod25.z.string(), import_zod25.z.any()).nullable().optional(),
-  chan_info: import_zod25.z.record(import_zod25.z.string(), import_zod25.z.any()).nullable().optional()
+var import_zod26 = require("zod");
+var CentrifugoClientInfoSchema = import_zod26.z.object({
+  user: import_zod26.z.string(),
+  client: import_zod26.z.string(),
+  conn_info: import_zod26.z.record(import_zod26.z.string(), import_zod26.z.any()).nullable().optional(),
+  chan_info: import_zod26.z.record(import_zod26.z.string(), import_zod26.z.any()).nullable().optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoHealthCheck.schema.ts
-var import_zod26 = require("zod");
-var CentrifugoHealthCheckSchema = import_zod26.z.object({
-  status: import_zod26.z.string(),
-  wrapper_url: import_zod26.z.string(),
-  has_api_key: import_zod26.z.boolean(),
-  timestamp: import_zod26.z.string()
+var import_zod27 = require("zod");
+var CentrifugoHealthCheckSchema = import_zod27.z.object({
+  status: import_zod27.z.string(),
+  wrapper_url: import_zod27.z.string(),
+  has_api_key: import_zod27.z.boolean(),
+  timestamp: import_zod27.z.string()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoHistoryRequestRequest.schema.ts
-var import_zod28 = require("zod");
+var import_zod29 = require("zod");
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoStreamPosition.schema.ts
-var import_zod27 = require("zod");
-var CentrifugoStreamPositionSchema = import_zod27.z.object({
-  offset: import_zod27.z.int(),
-  epoch: import_zod27.z.string()
+var import_zod28 = require("zod");
+var CentrifugoStreamPositionSchema = import_zod28.z.object({
+  offset: import_zod28.z.int(),
+  epoch: import_zod28.z.string()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoHistoryRequestRequest.schema.ts
-var CentrifugoHistoryRequestRequestSchema = import_zod28.z.object({
-  channel: import_zod28.z.string(),
-  limit: import_zod28.z.int().nullable().optional(),
+var CentrifugoHistoryRequestRequestSchema = import_zod29.z.object({
+  channel: import_zod29.z.string(),
+  limit: import_zod29.z.int().nullable().optional(),
   since: CentrifugoStreamPositionSchema.optional(),
-  reverse: import_zod28.z.boolean().nullable().optional()
+  reverse: import_zod29.z.boolean().nullable().optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoHistoryResponse.schema.ts
-var import_zod31 = require("zod");
+var import_zod32 = require("zod");
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoHistoryResult.schema.ts
-var import_zod30 = require("zod");
+var import_zod31 = require("zod");
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoPublication.schema.ts
-var import_zod29 = require("zod");
-var CentrifugoPublicationSchema = import_zod29.z.object({
-  data: import_zod29.z.record(import_zod29.z.string(), import_zod29.z.any()),
+var import_zod30 = require("zod");
+var CentrifugoPublicationSchema = import_zod30.z.object({
+  data: import_zod30.z.record(import_zod30.z.string(), import_zod30.z.any()),
   info: CentrifugoClientInfoSchema.optional(),
-  offset: import_zod29.z.int(),
-  tags: import_zod29.z.record(import_zod29.z.string(), import_zod29.z.any()).nullable().optional()
+  offset: import_zod30.z.int(),
+  tags: import_zod30.z.record(import_zod30.z.string(), import_zod30.z.any()).nullable().optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoHistoryResult.schema.ts
-var CentrifugoHistoryResultSchema = import_zod30.z.object({
-  publications: import_zod30.z.array(CentrifugoPublicationSchema),
-  epoch: import_zod30.z.string(),
-  offset: import_zod30.z.int()
+var CentrifugoHistoryResultSchema = import_zod31.z.object({
+  publications: import_zod31.z.array(CentrifugoPublicationSchema),
+  epoch: import_zod31.z.string(),
+  offset: import_zod31.z.int()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoHistoryResponse.schema.ts
-var CentrifugoHistoryResponseSchema = import_zod31.z.object({
+var CentrifugoHistoryResponseSchema = import_zod32.z.object({
   error: CentrifugoErrorSchema.optional(),
   result: CentrifugoHistoryResultSchema.optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoInfoResponse.schema.ts
-var import_zod36 = require("zod");
+var import_zod37 = require("zod");
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoInfoResult.schema.ts
-var import_zod35 = require("zod");
+var import_zod36 = require("zod");
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoNodeInfo.schema.ts
-var import_zod34 = require("zod");
+var import_zod35 = require("zod");
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoMetrics.schema.ts
-var import_zod32 = require("zod");
-var CentrifugoMetricsSchema = import_zod32.z.object({
-  interval: import_zod32.z.number(),
-  items: import_zod32.z.record(import_zod32.z.string(), import_zod32.z.number())
+var import_zod33 = require("zod");
+var CentrifugoMetricsSchema = import_zod33.z.object({
+  interval: import_zod33.z.number(),
+  items: import_zod33.z.record(import_zod33.z.string(), import_zod33.z.number())
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoProcess.schema.ts
-var import_zod33 = require("zod");
-var CentrifugoProcessSchema = import_zod33.z.object({
-  cpu: import_zod33.z.number(),
-  rss: import_zod33.z.int()
+var import_zod34 = require("zod");
+var CentrifugoProcessSchema = import_zod34.z.object({
+  cpu: import_zod34.z.number(),
+  rss: import_zod34.z.int()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoNodeInfo.schema.ts
-var CentrifugoNodeInfoSchema = import_zod34.z.object({
-  uid: import_zod34.z.string(),
-  name: import_zod34.z.string(),
-  version: import_zod34.z.string(),
-  num_clients: import_zod34.z.int(),
-  num_users: import_zod34.z.int(),
-  num_channels: import_zod34.z.int(),
-  uptime: import_zod34.z.int(),
-  num_subs: import_zod34.z.int(),
+var CentrifugoNodeInfoSchema = import_zod35.z.object({
+  uid: import_zod35.z.string(),
+  name: import_zod35.z.string(),
+  version: import_zod35.z.string(),
+  num_clients: import_zod35.z.int(),
+  num_users: import_zod35.z.int(),
+  num_channels: import_zod35.z.int(),
+  uptime: import_zod35.z.int(),
+  num_subs: import_zod35.z.int(),
   metrics: CentrifugoMetricsSchema.optional(),
   process: CentrifugoProcessSchema.optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoInfoResult.schema.ts
-var CentrifugoInfoResultSchema = import_zod35.z.object({
-  nodes: import_zod35.z.array(CentrifugoNodeInfoSchema)
+var CentrifugoInfoResultSchema = import_zod36.z.object({
+  nodes: import_zod36.z.array(CentrifugoNodeInfoSchema)
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoInfoResponse.schema.ts
-var CentrifugoInfoResponseSchema = import_zod36.z.object({
+var CentrifugoInfoResponseSchema = import_zod37.z.object({
   error: CentrifugoErrorSchema.optional(),
   result: CentrifugoInfoResultSchema.optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoOverviewStats.schema.ts
-var import_zod37 = require("zod");
-var CentrifugoOverviewStatsSchema = import_zod37.z.object({
-  total: import_zod37.z.int(),
-  successful: import_zod37.z.int(),
-  failed: import_zod37.z.int(),
-  timeout: import_zod37.z.int(),
-  success_rate: import_zod37.z.number(),
-  avg_duration_ms: import_zod37.z.number(),
-  avg_acks_received: import_zod37.z.number(),
-  period_hours: import_zod37.z.int()
+var import_zod38 = require("zod");
+var CentrifugoOverviewStatsSchema = import_zod38.z.object({
+  total: import_zod38.z.int(),
+  successful: import_zod38.z.int(),
+  failed: import_zod38.z.int(),
+  timeout: import_zod38.z.int(),
+  success_rate: import_zod38.z.number(),
+  avg_duration_ms: import_zod38.z.number(),
+  avg_acks_received: import_zod38.z.number(),
+  period_hours: import_zod38.z.int()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoPresenceRequestRequest.schema.ts
-var import_zod38 = require("zod");
-var CentrifugoPresenceRequestRequestSchema = import_zod38.z.object({
-  channel: import_zod38.z.string()
+var import_zod39 = require("zod");
+var CentrifugoPresenceRequestRequestSchema = import_zod39.z.object({
+  channel: import_zod39.z.string()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoPresenceResponse.schema.ts
-var import_zod40 = require("zod");
+var import_zod41 = require("zod");
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoPresenceResult.schema.ts
-var import_zod39 = require("zod");
-var CentrifugoPresenceResultSchema = import_zod39.z.object({
-  presence: import_zod39.z.record(import_zod39.z.string(), CentrifugoClientInfoSchema)
+var import_zod40 = require("zod");
+var CentrifugoPresenceResultSchema = import_zod40.z.object({
+  presence: import_zod40.z.record(import_zod40.z.string(), CentrifugoClientInfoSchema)
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoPresenceResponse.schema.ts
-var CentrifugoPresenceResponseSchema = import_zod40.z.object({
+var CentrifugoPresenceResponseSchema = import_zod41.z.object({
   error: CentrifugoErrorSchema.optional(),
   result: CentrifugoPresenceResultSchema.optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoPresenceStatsRequestRequest.schema.ts
-var import_zod41 = require("zod");
-var CentrifugoPresenceStatsRequestRequestSchema = import_zod41.z.object({
-  channel: import_zod41.z.string()
+var import_zod42 = require("zod");
+var CentrifugoPresenceStatsRequestRequestSchema = import_zod42.z.object({
+  channel: import_zod42.z.string()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoPresenceStatsResponse.schema.ts
-var import_zod43 = require("zod");
+var import_zod44 = require("zod");
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoPresenceStatsResult.schema.ts
-var import_zod42 = require("zod");
-var CentrifugoPresenceStatsResultSchema = import_zod42.z.object({
-  num_clients: import_zod42.z.int(),
-  num_users: import_zod42.z.int()
+var import_zod43 = require("zod");
+var CentrifugoPresenceStatsResultSchema = import_zod43.z.object({
+  num_clients: import_zod43.z.int(),
+  num_users: import_zod43.z.int()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/CentrifugoPresenceStatsResponse.schema.ts
-var CentrifugoPresenceStatsResponseSchema = import_zod43.z.object({
+var CentrifugoPresenceStatsResponseSchema = import_zod44.z.object({
   error: CentrifugoErrorSchema.optional(),
   result: CentrifugoPresenceStatsResultSchema.optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/ChannelList.schema.ts
-var import_zod45 = require("zod");
+var import_zod46 = require("zod");
 
 // src/generated/cfg_centrifugo/_utils/schemas/ChannelStats.schema.ts
-var import_zod44 = require("zod");
-var ChannelStatsSchema = import_zod44.z.object({
-  channel: import_zod44.z.string(),
-  total: import_zod44.z.int(),
-  successful: import_zod44.z.int(),
-  failed: import_zod44.z.int(),
-  avg_duration_ms: import_zod44.z.number(),
-  avg_acks: import_zod44.z.number(),
-  last_activity_at: import_zod44.z.string().nullable()
+var import_zod45 = require("zod");
+var ChannelStatsSchema = import_zod45.z.object({
+  channel: import_zod45.z.string(),
+  total: import_zod45.z.int(),
+  successful: import_zod45.z.int(),
+  failed: import_zod45.z.int(),
+  avg_duration_ms: import_zod45.z.number(),
+  avg_acks: import_zod45.z.number(),
+  last_activity_at: import_zod45.z.string().nullable()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/ChannelList.schema.ts
-var ChannelListSchema = import_zod45.z.object({
-  channels: import_zod45.z.array(ChannelStatsSchema),
-  total_channels: import_zod45.z.int()
+var ChannelListSchema = import_zod46.z.object({
+  channels: import_zod46.z.array(ChannelStatsSchema),
+  total_channels: import_zod46.z.int()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/ConnectionTokenResponse.schema.ts
-var import_zod46 = require("zod");
-var ConnectionTokenResponseSchema = import_zod46.z.object({
-  token: import_zod46.z.string(),
-  centrifugo_url: import_zod46.z.string(),
-  expires_at: import_zod46.z.string(),
-  channels: import_zod46.z.array(import_zod46.z.string())
+var import_zod47 = require("zod");
+var ConnectionTokenResponseSchema = import_zod47.z.object({
+  token: import_zod47.z.string(),
+  centrifugo_url: import_zod47.z.string(),
+  expires_at: import_zod47.z.string(),
+  channels: import_zod47.z.array(import_zod47.z.string())
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/ManualAckRequestRequest.schema.ts
-var import_zod47 = require("zod");
-var ManualAckRequestRequestSchema = import_zod47.z.object({
-  message_id: import_zod47.z.string(),
-  client_id: import_zod47.z.string()
+var import_zod48 = require("zod");
+var ManualAckRequestRequestSchema = import_zod48.z.object({
+  message_id: import_zod48.z.string(),
+  client_id: import_zod48.z.string()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/ManualAckResponse.schema.ts
-var import_zod48 = require("zod");
-var ManualAckResponseSchema = import_zod48.z.object({
-  success: import_zod48.z.boolean(),
-  message_id: import_zod48.z.string(),
-  error: import_zod48.z.string().nullable().optional()
+var import_zod49 = require("zod");
+var ManualAckResponseSchema = import_zod49.z.object({
+  success: import_zod49.z.boolean(),
+  message_id: import_zod49.z.string(),
+  error: import_zod49.z.string().nullable().optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/PaginatedPublishList.schema.ts
-var import_zod50 = require("zod");
+var import_zod51 = require("zod");
 
 // src/generated/cfg_centrifugo/_utils/schemas/Publish.schema.ts
-var import_zod49 = require("zod");
-var PublishSchema = import_zod49.z.object({
-  message_id: import_zod49.z.string(),
-  channel: import_zod49.z.string(),
-  status: import_zod49.z.string(),
-  wait_for_ack: import_zod49.z.boolean(),
-  acks_received: import_zod49.z.int(),
-  acks_expected: import_zod49.z.int().nullable(),
-  duration_ms: import_zod49.z.number().nullable(),
-  created_at: import_zod49.z.iso.datetime(),
-  completed_at: import_zod49.z.iso.datetime().nullable(),
-  error_code: import_zod49.z.string().nullable(),
-  error_message: import_zod49.z.string().nullable()
+var import_zod50 = require("zod");
+var PublishSchema = import_zod50.z.object({
+  message_id: import_zod50.z.string(),
+  channel: import_zod50.z.string(),
+  status: import_zod50.z.string(),
+  wait_for_ack: import_zod50.z.boolean(),
+  acks_received: import_zod50.z.int(),
+  acks_expected: import_zod50.z.int().nullable(),
+  duration_ms: import_zod50.z.number().nullable(),
+  created_at: import_zod50.z.iso.datetime(),
+  completed_at: import_zod50.z.iso.datetime().nullable(),
+  error_code: import_zod50.z.string().nullable(),
+  error_message: import_zod50.z.string().nullable()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/PaginatedPublishList.schema.ts
-var PaginatedPublishListSchema = import_zod50.z.object({
-  count: import_zod50.z.int(),
-  page: import_zod50.z.int(),
-  pages: import_zod50.z.int(),
-  page_size: import_zod50.z.int(),
-  has_next: import_zod50.z.boolean(),
-  has_previous: import_zod50.z.boolean(),
-  next_page: import_zod50.z.int().nullable().optional(),
-  previous_page: import_zod50.z.int().nullable().optional(),
-  results: import_zod50.z.array(PublishSchema)
+var PaginatedPublishListSchema = import_zod51.z.object({
+  count: import_zod51.z.int(),
+  page: import_zod51.z.int(),
+  pages: import_zod51.z.int(),
+  page_size: import_zod51.z.int(),
+  has_next: import_zod51.z.boolean(),
+  has_previous: import_zod51.z.boolean(),
+  next_page: import_zod51.z.int().nullable().optional(),
+  previous_page: import_zod51.z.int().nullable().optional(),
+  results: import_zod51.z.array(PublishSchema)
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/PublishTestRequestRequest.schema.ts
-var import_zod51 = require("zod");
-var PublishTestRequestRequestSchema = import_zod51.z.object({
-  channel: import_zod51.z.string(),
-  data: import_zod51.z.record(import_zod51.z.string(), import_zod51.z.any()),
-  wait_for_ack: import_zod51.z.boolean().optional(),
-  ack_timeout: import_zod51.z.int().min(1).max(60).optional()
+var import_zod52 = require("zod");
+var PublishTestRequestRequestSchema = import_zod52.z.object({
+  channel: import_zod52.z.string(),
+  data: import_zod52.z.record(import_zod52.z.string(), import_zod52.z.any()),
+  wait_for_ack: import_zod52.z.boolean().optional(),
+  ack_timeout: import_zod52.z.int().min(1).max(60).optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/PublishTestResponse.schema.ts
-var import_zod52 = require("zod");
-var PublishTestResponseSchema = import_zod52.z.object({
-  success: import_zod52.z.boolean(),
-  message_id: import_zod52.z.string(),
-  channel: import_zod52.z.string(),
-  acks_received: import_zod52.z.int().optional(),
-  delivered: import_zod52.z.boolean().optional(),
-  error: import_zod52.z.string().nullable().optional()
+var import_zod53 = require("zod");
+var PublishTestResponseSchema = import_zod53.z.object({
+  success: import_zod53.z.boolean(),
+  message_id: import_zod53.z.string(),
+  channel: import_zod53.z.string(),
+  acks_received: import_zod53.z.int().optional(),
+  delivered: import_zod53.z.boolean().optional(),
+  error: import_zod53.z.string().nullable().optional()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/TimelineItem.schema.ts
-var import_zod53 = require("zod");
-var TimelineItemSchema = import_zod53.z.object({
-  timestamp: import_zod53.z.string(),
-  count: import_zod53.z.int(),
-  successful: import_zod53.z.int(),
-  failed: import_zod53.z.int(),
-  timeout: import_zod53.z.int()
+var import_zod54 = require("zod");
+var TimelineItemSchema = import_zod54.z.object({
+  timestamp: import_zod54.z.string(),
+  count: import_zod54.z.int(),
+  successful: import_zod54.z.int(),
+  failed: import_zod54.z.int(),
+  timeout: import_zod54.z.int()
 });
 
 // src/generated/cfg_centrifugo/_utils/schemas/TimelineResponse.schema.ts
-var import_zod54 = require("zod");
-var TimelineResponseSchema = import_zod54.z.object({
-  timeline: import_zod54.z.array(TimelineItemSchema),
-  period_hours: import_zod54.z.int(),
-  interval: import_zod54.z.string()
+var import_zod55 = require("zod");
+var TimelineResponseSchema = import_zod55.z.object({
+  timeline: import_zod55.z.array(TimelineItemSchema),
+  period_hours: import_zod55.z.int(),
+  interval: import_zod55.z.string()
 });
 
 // src/generated/cfg_centrifugo/_utils/fetchers/centrifugo__centrifugo_admin_api.ts
@@ -2674,7 +2715,8 @@ var API2 = class {
     this._loadTokensFromStorage();
     this._client = new APIClient2(this.baseUrl, {
       retryConfig: this.options?.retryConfig,
-      loggerConfig: this.options?.loggerConfig
+      loggerConfig: this.options?.loggerConfig,
+      tokenGetter: /* @__PURE__ */ __name(() => this.getToken(), "tokenGetter")
     });
     this._injectAuthHeader();
     this.centrifugo_admin_api = this._client.centrifugo_admin_api;
@@ -2692,7 +2734,8 @@ var API2 = class {
   _reinitClients() {
     this._client = new APIClient2(this.baseUrl, {
       retryConfig: this.options?.retryConfig,
-      loggerConfig: this.options?.loggerConfig
+      loggerConfig: this.options?.loggerConfig,
+      tokenGetter: /* @__PURE__ */ __name(() => this.getToken(), "tokenGetter")
     });
     this._injectAuthHeader();
     this.centrifugo_admin_api = this._client.centrifugo_admin_api;
@@ -3191,8 +3234,10 @@ var APIClient3 = class {
   constructor(baseUrl, options) {
     this.logger = null;
     this.retryConfig = null;
+    this.tokenGetter = null;
     this.baseUrl = baseUrl.replace(/\/$/, "");
     this.httpClient = options?.httpClient || new FetchAdapter3();
+    this.tokenGetter = options?.tokenGetter || null;
     if (options?.loggerConfig !== void 0) {
       this.logger = new APILogger3(options.loggerConfig);
     }
@@ -3218,6 +3263,19 @@ var APIClient3 = class {
     }
     return null;
   }
+  /**
+   * Get the base URL for building streaming/download URLs.
+   */
+  getBaseUrl() {
+    return this.baseUrl;
+  }
+  /**
+   * Get JWT token for URL authentication (used in streaming endpoints).
+   * Returns null if no token getter is configured or no token is available.
+   */
+  getToken() {
+    return this.tokenGetter ? this.tokenGetter() : null;
+  }
   /**
    * Make HTTP request with Django CSRF and session handling.
    * Automatically retries on network errors and 5xx server errors.
@@ -3430,40 +3488,40 @@ var LocalStorageAdapter3 = class {
 };
 
 // src/generated/cfg_webpush/_utils/schemas/SendPushRequestRequest.schema.ts
-var import_zod55 = require("zod");
-var SendPushRequestRequestSchema = import_zod55.z.object({
-  title: import_zod55.z.string().min(1).max(255),
-  body: import_zod55.z.string().min(1),
-  icon: import_zod55.z.union([import_zod55.z.url(), import_zod55.z.literal("")]).nullable().optional(),
-  url: import_zod55.z.union([import_zod55.z.url(), import_zod55.z.literal("")]).nullable().optional()
+var import_zod56 = require("zod");
+var SendPushRequestRequestSchema = import_zod56.z.object({
+  title: import_zod56.z.string().min(1).max(255),
+  body: import_zod56.z.string().min(1),
+  icon: import_zod56.z.union([import_zod56.z.url(), import_zod56.z.literal("")]).nullable().optional(),
+  url: import_zod56.z.union([import_zod56.z.url(), import_zod56.z.literal("")]).nullable().optional()
 });
 
 // src/generated/cfg_webpush/_utils/schemas/SendPushResponse.schema.ts
-var import_zod56 = require("zod");
-var SendPushResponseSchema = import_zod56.z.object({
-  success: import_zod56.z.boolean(),
-  sent_to: import_zod56.z.int()
+var import_zod57 = require("zod");
+var SendPushResponseSchema = import_zod57.z.object({
+  success: import_zod57.z.boolean(),
+  sent_to: import_zod57.z.int()
 });
 
 // src/generated/cfg_webpush/_utils/schemas/SubscribeRequestRequest.schema.ts
-var import_zod57 = require("zod");
-var SubscribeRequestRequestSchema = import_zod57.z.object({
-  endpoint: import_zod57.z.union([import_zod57.z.url(), import_zod57.z.literal("")]),
-  keys: import_zod57.z.record(import_zod57.z.string(), import_zod57.z.string().min(1))
+var import_zod58 = require("zod");
+var SubscribeRequestRequestSchema = import_zod58.z.object({
+  endpoint: import_zod58.z.union([import_zod58.z.url(), import_zod58.z.literal("")]),
+  keys: import_zod58.z.record(import_zod58.z.string(), import_zod58.z.string().min(1))
 });
 
 // src/generated/cfg_webpush/_utils/schemas/SubscribeResponse.schema.ts
-var import_zod58 = require("zod");
-var SubscribeResponseSchema = import_zod58.z.object({
-  success: import_zod58.z.boolean(),
-  subscription_id: import_zod58.z.int(),
-  created: import_zod58.z.boolean()
+var import_zod59 = require("zod");
+var SubscribeResponseSchema = import_zod59.z.object({
+  success: import_zod59.z.boolean(),
+  subscription_id: import_zod59.z.int(),
+  created: import_zod59.z.boolean()
 });
 
 // src/generated/cfg_webpush/_utils/schemas/VapidPublicKeyResponse.schema.ts
-var import_zod59 = require("zod");
-var VapidPublicKeyResponseSchema = import_zod59.z.object({
-  publicKey: import_zod59.z.string()
+var import_zod60 = require("zod");
+var VapidPublicKeyResponseSchema = import_zod60.z.object({
+  publicKey: import_zod60.z.string()
 });
 
 // src/generated/cfg_webpush/_utils/fetchers/webpush__web_push.ts
@@ -3483,7 +3541,8 @@ var API3 = class {
     this._loadTokensFromStorage();
     this._client = new APIClient3(this.baseUrl, {
       retryConfig: this.options?.retryConfig,
-      loggerConfig: this.options?.loggerConfig
+      loggerConfig: this.options?.loggerConfig,
+      tokenGetter: /* @__PURE__ */ __name(() => this.getToken(), "tokenGetter")
     });
     this._injectAuthHeader();
     this.web_push = this._client.web_push;
@@ -3498,7 +3557,8 @@ var API3 = class {
   _reinitClients() {
     this._client = new APIClient3(this.baseUrl, {
       retryConfig: this.options?.retryConfig,
-      loggerConfig: this.options?.loggerConfig
+      loggerConfig: this.options?.loggerConfig,
+      tokenGetter: /* @__PURE__ */ __name(() => this.getToken(), "tokenGetter")
     });
     this._injectAuthHeader();
     this.web_push = this._client.web_push;
@@ -3672,7 +3732,7 @@ __name(useBase64, "useBase64");
 // src/auth/hooks/useProfileCache.ts
 var CACHE_KEY = "user_profile_cache";
 var CACHE_VERSION = 1;
-var DEFAULT_TTL = 36e5;
+var DEFAULT_TTL = 144e5;
 function getCachedProfile() {
   try {
     if (typeof window === "undefined") return null;
@@ -3958,6 +4018,100 @@ var useAuthRedirectManager = /* @__PURE__ */ __name((options = {}) => {
   };
 }, "useAuthRedirectManager");
 
+// src/auth/hooks/useTokenRefresh.ts
+var import_react2 = require("react");
+var TOKEN_REFRESH_THRESHOLD_MS = 10 * 60 * 1e3;
+var CHECK_INTERVAL_MS = 5 * 60 * 1e3;
+function getTokenExpiry(token) {
+  try {
+    const payload = JSON.parse(atob(token.split(".")[1]));
+    return payload.exp * 1e3;
+  } catch {
+    return null;
+  }
+}
+__name(getTokenExpiry, "getTokenExpiry");
+function isTokenExpiringSoon(token, thresholdMs) {
+  const expiry = getTokenExpiry(token);
+  if (!expiry) return false;
+  const timeUntilExpiry = expiry - Date.now();
+  return timeUntilExpiry < thresholdMs;
+}
+__name(isTokenExpiringSoon, "isTokenExpiringSoon");
+function useTokenRefresh(options = {}) {
+  const { enabled = true, onRefresh, onRefreshError } = options;
+  const isRefreshingRef = (0, import_react2.useRef)(false);
+  const refreshToken = (0, import_react2.useCallback)(async () => {
+    if (isRefreshingRef.current) {
+      authLogger.debug("Token refresh already in progress");
+      return false;
+    }
+    const refreshTokenValue = api.getRefreshToken();
+    if (!refreshTokenValue) {
+      authLogger.warn("No refresh token available");
+      return false;
+    }
+    isRefreshingRef.current = true;
+    authLogger.info("Refreshing token...");
+    try {
+      const result = await api.auth.accountsTokenRefreshCreate({
+        refresh: refreshTokenValue
+      });
+      const newAccessToken = result.access;
+      if (!newAccessToken) {
+        throw new Error("No access token in refresh response");
+      }
+      api.setToken(newAccessToken, refreshTokenValue);
+      authLogger.info("Token refreshed successfully");
+      onRefresh?.(newAccessToken);
+      return true;
+    } catch (error) {
+      authLogger.error("Token refresh error:", error);
+      onRefreshError?.(error instanceof Error ? error : new Error(String(error)));
+      return false;
+    } finally {
+      isRefreshingRef.current = false;
+    }
+  }, [onRefresh, onRefreshError]);
+  const checkAndRefresh = (0, import_react2.useCallback)(async () => {
+    const token = api.getToken();
+    if (!token) return;
+    if (isTokenExpiringSoon(token, TOKEN_REFRESH_THRESHOLD_MS)) {
+      authLogger.info("Token expiring soon, refreshing proactively");
+      await refreshToken();
+    }
+  }, [refreshToken]);
+  (0, import_react2.useEffect)(() => {
+    if (!enabled) return;
+    checkAndRefresh();
+    const intervalId = setInterval(checkAndRefresh, CHECK_INTERVAL_MS);
+    return () => clearInterval(intervalId);
+  }, [enabled, checkAndRefresh]);
+  (0, import_react2.useEffect)(() => {
+    if (!enabled) return;
+    const handleFocus = /* @__PURE__ */ __name(() => {
+      authLogger.debug("Window focused, checking token...");
+      checkAndRefresh();
+    }, "handleFocus");
+    window.addEventListener("focus", handleFocus);
+    return () => window.removeEventListener("focus", handleFocus);
+  }, [enabled, checkAndRefresh]);
+  (0, import_react2.useEffect)(() => {
+    if (!enabled) return;
+    const handleOnline = /* @__PURE__ */ __name(() => {
+      authLogger.info("Network reconnected, checking token...");
+      checkAndRefresh();
+    }, "handleOnline");
+    window.addEventListener("online", handleOnline);
+    return () => window.removeEventListener("online", handleOnline);
+  }, [enabled, checkAndRefresh]);
+  return {
+    refreshToken,
+    checkAndRefresh
+  };
+}
+__name(useTokenRefresh, "useTokenRefresh");
+
 // src/auth/utils/analytics.ts
 var AnalyticsEvent = /* @__PURE__ */ ((AnalyticsEvent2) => {
   AnalyticsEvent2["AUTH_OTP_REQUEST"] = "auth_otp_request";
@@ -3995,7 +4149,7 @@ var Analytics = {
 };
 
 // src/auth/context/AccountsContext.tsx
-var import_react2 = require("react");
+var import_react3 = require("react");
 
 // src/generated/cfg_accounts/_utils/hooks/accounts__auth.ts
 var import_swr = require("swr");
@@ -4067,20 +4221,20 @@ __name(useCreateAccountsOtpVerifyCreate, "useCreateAccountsOtpVerifyCreate");
 
 // src/auth/context/AccountsContext.tsx
 var import_jsx_runtime = require("react/jsx-runtime");
-var AccountsContext = (0, import_react2.createContext)(void 0);
+var AccountsContext = (0, import_react3.createContext)(void 0);
 function AccountsProvider({ children }) {
-  const [profile, setProfile] = (0, import_react2.useState)(() => {
+  const [profile, setProfile] = (0, import_react3.useState)(() => {
     const cached = getCachedProfile();
     return cached || void 0;
   });
-  const [isLoadingProfile, setIsLoadingProfile] = (0, import_react2.useState)(false);
-  const [profileError, setProfileError] = (0, import_react2.useState)(null);
-  const profileRef = (0, import_react2.useRef)(profile);
-  const isLoadingRef = (0, import_react2.useRef)(false);
-  (0, import_react2.useEffect)(() => {
+  const [isLoadingProfile, setIsLoadingProfile] = (0, import_react3.useState)(false);
+  const [profileError, setProfileError] = (0, import_react3.useState)(null);
+  const profileRef = (0, import_react3.useRef)(profile);
+  const isLoadingRef = (0, import_react3.useRef)(false);
+  (0, import_react3.useEffect)(() => {
     profileRef.current = profile;
   }, [profile]);
-  (0, import_react2.useEffect)(() => {
+  (0, import_react3.useEffect)(() => {
     isLoadingRef.current = isLoadingProfile;
   }, [isLoadingProfile]);
   const updateMutation = useUpdateAccountsProfileUpdateUpdate();
@@ -4089,7 +4243,7 @@ function AccountsProvider({ children }) {
   const otpRequestMutation = useCreateAccountsOtpRequestCreate();
   const otpVerifyMutation = useCreateAccountsOtpVerifyCreate();
   const tokenRefreshMutation = useCreateAccountsTokenRefreshCreate();
-  const refreshProfile = (0, import_react2.useCallback)(async (callerId) => {
+  const refreshProfile = (0, import_react3.useCallback)(async (callerId) => {
     const currentProfile = profileRef.current;
     const currentLoading = isLoadingRef.current;
     if (currentProfile && !currentLoading) {
@@ -4127,8 +4281,8 @@ function AccountsProvider({ children }) {
     await refreshProfile("AccountsContext.partialUpdateProfile");
     return result;
   }, "partialUpdateProfile");
-  const uploadAvatar = /* @__PURE__ */ __name(async (formData) => {
-    const result = await avatarMutation(formData, api);
+  const uploadAvatar = /* @__PURE__ */ __name(async (avatar) => {
+    const result = await avatarMutation({ avatar }, api);
     await refreshProfile("AccountsContext.uploadAvatar");
     return result;
   }, "uploadAvatar");
@@ -4155,7 +4309,7 @@ function AccountsProvider({ children }) {
     }
     return result;
   }, "refreshToken");
-  const logout = (0, import_react2.useCallback)(() => {
+  const logout = (0, import_react3.useCallback)(() => {
     api.clearTokens();
     setProfile(void 0);
     setProfileError(null);
@@ -4178,7 +4332,7 @@ function AccountsProvider({ children }) {
 }
 __name(AccountsProvider, "AccountsProvider");
 function useAccountsContext() {
-  const context = (0, import_react2.useContext)(AccountsContext);
+  const context = (0, import_react3.useContext)(AccountsContext);
   if (!context) {
     throw new Error("useAccountsContext must be used within AccountsProvider");
   }
@@ -4193,7 +4347,7 @@ var defaultRoutes = {
   defaultCallback: "/dashboard",
   defaultAuthCallback: "/auth"
 };
-var AuthContext = (0, import_react3.createContext)(void 0);
+var AuthContext = (0, import_react4.createContext)(void 0);
 var EMAIL_STORAGE_KEY = "auth_email";
 var PHONE_STORAGE_KEY = "auth_phone";
 var hasValidTokens = /* @__PURE__ */ __name(() => {
@@ -4206,45 +4360,58 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
     fallbackUrl: config?.routes?.defaultCallback || defaultRoutes.defaultCallback,
     clearOnUse: true
   });
-  const [isLoading, setIsLoading] = (0, import_react3.useState)(() => {
+  const [isLoading, setIsLoading] = (0, import_react4.useState)(() => {
     if (typeof window !== "undefined") {
       const hasTokens = hasValidTokens();
       return !hasTokens;
     }
     return true;
   });
-  const [initialized, setInitialized] = (0, import_react3.useState)(false);
+  const [initialized, setInitialized] = (0, import_react4.useState)(false);
   const router = (0, import_hooks2.useCfgRouter)();
   const pathname = (0, import_navigation.usePathname)();
   const queryParams = (0, import_hooks2.useQueryParams)();
   const [storedEmail, setStoredEmail, clearStoredEmail] = (0, import_hooks2.useLocalStorage)(EMAIL_STORAGE_KEY, null);
   const [storedPhone, setStoredPhone, clearStoredPhone] = (0, import_hooks2.useLocalStorage)(PHONE_STORAGE_KEY, null);
+  useTokenRefresh({
+    enabled: true,
+    onRefresh: /* @__PURE__ */ __name((newToken) => {
+      authLogger.info("Token auto-refreshed successfully");
+    }, "onRefresh"),
+    onRefreshError: /* @__PURE__ */ __name((error) => {
+      authLogger.warn("Token auto-refresh failed:", error.message);
+    }, "onRefreshError")
+  });
   const user = accounts.profile;
-  const userRef = (0, import_react3.useRef)(user);
-  const configRef = (0, import_react3.useRef)(config);
-  const isLoadingProfileRef = (0, import_react3.useRef)(false);
-  (0, import_react3.useEffect)(() => {
+  const userRef = (0, import_react4.useRef)(user);
+  const configRef = (0, import_react4.useRef)(config);
+  const isLoadingProfileRef = (0, import_react4.useRef)(false);
+  (0, import_react4.useEffect)(() => {
     userRef.current = user;
   }, [user]);
-  (0, import_react3.useEffect)(() => {
+  (0, import_react4.useEffect)(() => {
     configRef.current = config;
   }, [config]);
-  const clearAuthState = (0, import_react3.useCallback)((caller) => {
+  const clearAuthState = (0, import_react4.useCallback)((caller) => {
     authLogger.info("clearAuthState >> caller", caller);
     api.clearTokens();
     clearProfileCache();
     setInitialized(true);
     setIsLoading(false);
   }, []);
-  const handleGlobalAuthError = (0, import_react3.useCallback)((error, context = "API Request") => {
-    if (error?.success === false) {
-      authLogger.warn(`Error detected in ${context}, clearing tokens`);
+  const handleGlobalAuthError = (0, import_react4.useCallback)((error, context = "API Request") => {
+    const isAuthError = error?.status === 401 || error?.statusCode === 401 || error?.code === "token_not_valid" || error?.code === "authentication_failed";
+    if (isAuthError) {
+      authLogger.warn(`Authentication error in ${context}, clearing tokens`);
       clearAuthState(`globalAuthError:${context}`);
       return true;
     }
+    if (error?.success === false) {
+      authLogger.warn(`Non-auth error in ${context} (not clearing session):`, error?.message || error);
+    }
     return false;
   }, [clearAuthState]);
-  const loadCurrentProfile = (0, import_react3.useCallback)(async (callerId) => {
+  const loadCurrentProfile = (0, import_react4.useCallback)(async (callerId) => {
     const finalCallerId = callerId || "AuthContext.loadCurrentProfile";
     if (isLoadingProfileRef.current) {
       authLogger.debug(`Profile loading already in progress, skipping duplicate call from: ${finalCallerId}`);
@@ -4273,14 +4440,19 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
       setInitialized(true);
     } catch (error) {
       authLogger.error("Failed to load profile:", error);
-      if (!handleGlobalAuthError(error, "loadCurrentProfile")) {
-        clearAuthState("loadCurrentProfile:error");
+      const isAuthError = error?.status === 401 || error?.statusCode === 401 || error?.code === "token_not_valid" || error?.code === "authentication_failed";
+      if (isAuthError) {
+        authLogger.warn("Authentication error, clearing session");
+        clearAuthState("loadCurrentProfile:authError");
+      } else {
+        authLogger.warn("Profile load failed but keeping session (non-auth error)");
+        setInitialized(true);
       }
     } finally {
       isLoadingProfileRef.current = false;
     }
   }, [clearAuthState, handleGlobalAuthError, accounts]);
-  (0, import_react3.useEffect)(() => {
+  (0, import_react4.useEffect)(() => {
     if (initialized) return;
     const initializeAuth = /* @__PURE__ */ __name(async () => {
       authLogger.info("Initializing auth...");
@@ -4320,7 +4492,13 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
           await loadCurrentProfile("AuthContext.initializeAuth");
         } catch (error) {
           authLogger.error("Failed to load profile during initialization:", error);
-          clearAuthState("initializeAuth:loadProfileFailed");
+          const isAuthError = error?.status === 401 || error?.statusCode === 401 || error?.code === "token_not_valid" || error?.code === "authentication_failed";
+          if (isAuthError) {
+            clearAuthState("initializeAuth:authError");
+          } else {
+            authLogger.warn("Init profile load failed but keeping session");
+            setInitialized(true);
+          }
         }
         setIsLoading(false);
       } else {
@@ -4330,7 +4508,7 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
     }, "initializeAuth");
     initializeAuth();
   }, [initialized]);
-  (0, import_react3.useEffect)(() => {
+  (0, import_react4.useEffect)(() => {
     if (!initialized) return;
     const isAuthenticated = api.isAuthenticated();
     const authRoute = config?.routes?.auth || defaultRoutes.auth;
@@ -4341,15 +4519,15 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
       router.push(callbackUrl);
     }
   }, [initialized, pathname, queryParams, config?.routes]);
-  const pushToDefaultCallbackUrl = (0, import_react3.useCallback)(() => {
+  const pushToDefaultCallbackUrl = (0, import_react4.useCallback)(() => {
     const callbackUrl = config?.routes?.defaultCallback || defaultRoutes.defaultCallback;
     router.push(callbackUrl);
   }, [config?.routes, router]);
-  const pushToDefaultAuthCallbackUrl = (0, import_react3.useCallback)(() => {
+  const pushToDefaultAuthCallbackUrl = (0, import_react4.useCallback)(() => {
     const authCallbackUrl = config?.routes?.defaultAuthCallback || defaultRoutes.defaultAuthCallback;
     router.push(authCallbackUrl);
   }, [config?.routes, router]);
-  const checkAuthAndRedirect = (0, import_react3.useCallback)(async () => {
+  const checkAuthAndRedirect = (0, import_react4.useCallback)(async () => {
     try {
       setIsLoading(true);
       const isAuthenticated = api.isAuthenticated();
@@ -4371,7 +4549,7 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
       setIsLoading(false);
     }
   }, [loadCurrentProfile, clearAuthState, pushToDefaultCallbackUrl, pushToDefaultAuthCallbackUrl, handleGlobalAuthError]);
-  const requestOTP = (0, import_react3.useCallback)(
+  const requestOTP = (0, import_react4.useCallback)(
     async (identifier, channel, sourceUrl) => {
       api.clearTokens();
       try {
@@ -4399,7 +4577,7 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
     },
     [accounts]
   );
-  const verifyOTP = (0, import_react3.useCallback)(
+  const verifyOTP = (0, import_react4.useCallback)(
     async (identifier, otpCode, channel, sourceUrl, redirectUrl, skipRedirect) => {
       try {
         const channelValue = channel === "phone" ? enums_exports.OTPVerifyRequestChannel.PHONE : enums_exports.OTPVerifyRequestChannel.EMAIL;
@@ -4466,7 +4644,7 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
     },
     [setStoredEmail, setStoredPhone, clearStoredEmail, clearStoredPhone, config?.routes?.defaultCallback, accounts, router]
   );
-  const refreshToken = (0, import_react3.useCallback)(async () => {
+  const refreshToken = (0, import_react4.useCallback)(async () => {
     try {
       const refreshTokenValue = api.getRefreshToken();
       if (!refreshTokenValue) {
@@ -4499,7 +4677,7 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
       };
     }
   }, [clearAuthState, accounts]);
-  const logout = (0, import_react3.useCallback)(async () => {
+  const logout = (0, import_react4.useCallback)(async () => {
     const performLogout = /* @__PURE__ */ __name(() => {
       Analytics.event("auth_logout" /* AUTH_LOGOUT */, {
         category: "auth" /* AUTH */
@@ -4528,10 +4706,10 @@ var AuthProviderInternal = /* @__PURE__ */ __name(({ children, config }) => {
       }
     }
   }, [accounts, config?.routes?.defaultAuthCallback, router]);
-  const isAdminUser = (0, import_react3.useMemo)(() => {
+  const isAdminUser = (0, import_react4.useMemo)(() => {
     return Boolean(user?.is_staff || user?.is_superuser);
   }, [user]);
-  const value = (0, import_react3.useMemo)(
+  const value = (0, import_react4.useMemo)(
     () => ({
       user,
       isLoading,
@@ -4583,7 +4761,7 @@ var AuthProvider = /* @__PURE__ */ __name(({ children, config }) => {
   return /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(AccountsProvider, { children: /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(AuthProviderInternal, { config, children }) });
 }, "AuthProvider");
 var useAuth = /* @__PURE__ */ __name(() => {
-  const context = (0, import_react3.useContext)(AuthContext);
+  const context = (0, import_react4.useContext)(AuthContext);
   if (context === void 0) {
     throw new Error("useAuth must be used within an AuthProvider");
   }
@@ -4591,20 +4769,20 @@ var useAuth = /* @__PURE__ */ __name(() => {
 }, "useAuth");
 
 // src/auth/hooks/useAuthFormState.ts
-var import_react4 = require("react");
+var import_react5 = require("react");
 var useAuthFormState = /* @__PURE__ */ __name((initialIdentifier = "", initialChannel = "email") => {
-  const [identifier, setIdentifier] = (0, import_react4.useState)(initialIdentifier);
-  const [channel, setChannel] = (0, import_react4.useState)(initialChannel);
-  const [otp, setOtp] = (0, import_react4.useState)("");
-  const [isLoading, setIsLoading] = (0, import_react4.useState)(false);
-  const [acceptedTerms, setAcceptedTerms] = (0, import_react4.useState)(false);
-  const [step, setStep] = (0, import_react4.useState)("identifier");
-  const [error, setError] = (0, import_react4.useState)("");
-  const [twoFactorSessionId, setTwoFactorSessionId] = (0, import_react4.useState)(null);
-  const [shouldPrompt2FA, setShouldPrompt2FA] = (0, import_react4.useState)(false);
-  const [twoFactorCode, setTwoFactorCode] = (0, import_react4.useState)("");
-  const [useBackupCode, setUseBackupCode] = (0, import_react4.useState)(false);
-  const clearError = (0, import_react4.useCallback)(() => setError(""), []);
+  const [identifier, setIdentifier] = (0, import_react5.useState)(initialIdentifier);
+  const [channel, setChannel] = (0, import_react5.useState)(initialChannel);
+  const [otp, setOtp] = (0, import_react5.useState)("");
+  const [isLoading, setIsLoading] = (0, import_react5.useState)(false);
+  const [acceptedTerms, setAcceptedTerms] = (0, import_react5.useState)(false);
+  const [step, setStep] = (0, import_react5.useState)("identifier");
+  const [error, setError] = (0, import_react5.useState)("");
+  const [twoFactorSessionId, setTwoFactorSessionId] = (0, import_react5.useState)(null);
+  const [shouldPrompt2FA, setShouldPrompt2FA] = (0, import_react5.useState)(false);
+  const [twoFactorCode, setTwoFactorCode] = (0, import_react5.useState)("");
+  const [useBackupCode, setUseBackupCode] = (0, import_react5.useState)(false);
+  const clearError = (0, import_react5.useCallback)(() => setError(""), []);
   return {
     // State
     identifier,
@@ -4635,11 +4813,11 @@ var useAuthFormState = /* @__PURE__ */ __name((initialIdentifier = "", initialCh
 }, "useAuthFormState");
 
 // src/auth/hooks/useAuthValidation.ts
-var import_react5 = require("react");
+var import_react6 = require("react");
 var EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
 var PHONE_REGEX = /^\+[1-9]\d{6,14}$/;
 var useAuthValidation = /* @__PURE__ */ __name(() => {
-  const detectChannelFromIdentifier2 = (0, import_react5.useCallback)((id) => {
+  const detectChannelFromIdentifier2 = (0, import_react6.useCallback)((id) => {
     if (!id) return null;
     if (id.includes("@")) {
       return "email";
@@ -4649,7 +4827,7 @@ var useAuthValidation = /* @__PURE__ */ __name(() => {
     }
     return null;
   }, []);
-  const validateIdentifier2 = (0, import_react5.useCallback)((id, channelType) => {
+  const validateIdentifier2 = (0, import_react6.useCallback)((id, channelType) => {
     if (!id) return false;
     const channel = channelType || detectChannelFromIdentifier2(id);
     if (channel === "email") {
@@ -4680,11 +4858,11 @@ var validateIdentifier = /* @__PURE__ */ __name((id, channelType) => {
 }, "validateIdentifier");
 
 // src/auth/hooks/useAuthForm.ts
-var import_react8 = require("react");
+var import_react9 = require("react");
 
 // src/auth/hooks/useAutoAuth.ts
 var import_navigation2 = require("next/navigation");
-var import_react6 = require("react");
+var import_react7 = require("react");
 var import_hooks3 = require("@djangocfg/ui-nextjs/hooks");
 var useAutoAuth = /* @__PURE__ */ __name((options = {}) => {
   const { onOTPDetected, cleanupUrl = true, allowedPaths = ["/auth"] } = options;
@@ -4694,7 +4872,7 @@ var useAutoAuth = /* @__PURE__ */ __name((options = {}) => {
   const isAllowedPath = allowedPaths.some((path) => pathname === path || pathname?.startsWith(path + "/"));
   const hasOTP = !!queryParams.get("otp");
   const isReady = !!pathname && hasOTP && isAllowedPath;
-  (0, import_react6.useEffect)(() => {
+  (0, import_react7.useEffect)(() => {
     if (!isReady) return;
     const queryOtp = queryParams.get("otp");
     if (queryOtp && typeof queryOtp === "string" && queryOtp.length === 6) {
@@ -4716,7 +4894,7 @@ var useAutoAuth = /* @__PURE__ */ __name((options = {}) => {
 }, "useAutoAuth");
 
 // src/auth/hooks/useTwoFactor.ts
-var import_react7 = require("react");
+var import_react8 = require("react");
 var import_hooks4 = require("@djangocfg/ui-nextjs/hooks");
 
 // src/generated/cfg_totp/totp__backup_codes/client.ts
@@ -5211,8 +5389,10 @@ var APIClient4 = class {
   constructor(baseUrl, options) {
     this.logger = null;
     this.retryConfig = null;
+    this.tokenGetter = null;
     this.baseUrl = baseUrl.replace(/\/$/, "");
     this.httpClient = options?.httpClient || new FetchAdapter4();
+    this.tokenGetter = options?.tokenGetter || null;
     if (options?.loggerConfig !== void 0) {
       this.logger = new APILogger4(options.loggerConfig);
     }
@@ -5242,6 +5422,19 @@ var APIClient4 = class {
     }
     return null;
   }
+  /**
+   * Get the base URL for building streaming/download URLs.
+   */
+  getBaseUrl() {
+    return this.baseUrl;
+  }
+  /**
+   * Get JWT token for URL authentication (used in streaming endpoints).
+   * Returns null if no token getter is configured or no token is available.
+   */
+  getToken() {
+    return this.tokenGetter ? this.tokenGetter() : null;
+  }
   /**
    * Make HTTP request with Django CSRF and session handling.
    * Automatically retries on network errors and 5xx server errors.
@@ -5462,112 +5655,112 @@ var DeviceListStatus = /* @__PURE__ */ ((DeviceListStatus2) => {
 })(DeviceListStatus || {});
 
 // src/generated/cfg_totp/_utils/schemas/BackupCodesRegenerateRequest.schema.ts
-var import_zod60 = require("zod");
-var BackupCodesRegenerateRequestSchema = import_zod60.z.object({
-  code: import_zod60.z.string().min(6).max(6)
+var import_zod61 = require("zod");
+var BackupCodesRegenerateRequestSchema = import_zod61.z.object({
+  code: import_zod61.z.string().min(6).max(6)
 });
 
 // src/generated/cfg_totp/_utils/schemas/BackupCodesRegenerateResponse.schema.ts
-var import_zod61 = require("zod");
-var BackupCodesRegenerateResponseSchema = import_zod61.z.object({
-  backup_codes: import_zod61.z.array(import_zod61.z.string()),
-  warning: import_zod61.z.string()
+var import_zod62 = require("zod");
+var BackupCodesRegenerateResponseSchema = import_zod62.z.object({
+  backup_codes: import_zod62.z.array(import_zod62.z.string()),
+  warning: import_zod62.z.string()
 });
 
 // src/generated/cfg_totp/_utils/schemas/BackupCodesStatus.schema.ts
-var import_zod62 = require("zod");
-var BackupCodesStatusSchema = import_zod62.z.object({
-  remaining_count: import_zod62.z.int(),
-  total_generated: import_zod62.z.int(),
-  warning: import_zod62.z.string().nullable().optional()
+var import_zod63 = require("zod");
+var BackupCodesStatusSchema = import_zod63.z.object({
+  remaining_count: import_zod63.z.int(),
+  total_generated: import_zod63.z.int(),
+  warning: import_zod63.z.string().nullable().optional()
 });
 
 // src/generated/cfg_totp/_utils/schemas/ConfirmSetupRequest.schema.ts
-var import_zod63 = require("zod");
-var ConfirmSetupRequestSchema = import_zod63.z.object({
-  device_id: import_zod63.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i),
-  code: import_zod63.z.string().min(6).max(6)
+var import_zod64 = require("zod");
+var ConfirmSetupRequestSchema = import_zod64.z.object({
+  device_id: import_zod64.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i),
+  code: import_zod64.z.string().min(6).max(6)
 });
 
 // src/generated/cfg_totp/_utils/schemas/ConfirmSetupResponse.schema.ts
-var import_zod64 = require("zod");
-var ConfirmSetupResponseSchema = import_zod64.z.object({
-  message: import_zod64.z.string(),
-  backup_codes: import_zod64.z.array(import_zod64.z.string()),
-  backup_codes_warning: import_zod64.z.string()
+var import_zod65 = require("zod");
+var ConfirmSetupResponseSchema = import_zod65.z.object({
+  message: import_zod65.z.string(),
+  backup_codes: import_zod65.z.array(import_zod65.z.string()),
+  backup_codes_warning: import_zod65.z.string()
 });
 
 // src/generated/cfg_totp/_utils/schemas/DeviceList.schema.ts
-var import_zod65 = require("zod");
-var DeviceListSchema = import_zod65.z.object({
-  id: import_zod65.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i),
-  name: import_zod65.z.string(),
-  is_primary: import_zod65.z.boolean(),
-  status: import_zod65.z.nativeEnum(DeviceListStatus),
-  created_at: import_zod65.z.iso.datetime(),
-  confirmed_at: import_zod65.z.iso.datetime().nullable(),
-  last_used_at: import_zod65.z.iso.datetime().nullable()
+var import_zod66 = require("zod");
+var DeviceListSchema = import_zod66.z.object({
+  id: import_zod66.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i),
+  name: import_zod66.z.string(),
+  is_primary: import_zod66.z.boolean(),
+  status: import_zod66.z.nativeEnum(DeviceListStatus),
+  created_at: import_zod66.z.iso.datetime(),
+  confirmed_at: import_zod66.z.iso.datetime().nullable(),
+  last_used_at: import_zod66.z.iso.datetime().nullable()
 });
 
 // src/generated/cfg_totp/_utils/schemas/DisableRequest.schema.ts
-var import_zod66 = require("zod");
-var DisableRequestSchema = import_zod66.z.object({
-  code: import_zod66.z.string().min(6).max(6)
+var import_zod67 = require("zod");
+var DisableRequestSchema = import_zod67.z.object({
+  code: import_zod67.z.string().min(6).max(6)
 });
 
 // src/generated/cfg_totp/_utils/schemas/PaginatedDeviceListList.schema.ts
-var import_zod67 = require("zod");
-var PaginatedDeviceListListSchema = import_zod67.z.object({
-  count: import_zod67.z.int(),
-  page: import_zod67.z.int(),
-  pages: import_zod67.z.int(),
-  page_size: import_zod67.z.int(),
-  has_next: import_zod67.z.boolean(),
-  has_previous: import_zod67.z.boolean(),
-  next_page: import_zod67.z.int().nullable().optional(),
-  previous_page: import_zod67.z.int().nullable().optional(),
-  results: import_zod67.z.array(DeviceListSchema)
+var import_zod68 = require("zod");
+var PaginatedDeviceListListSchema = import_zod68.z.object({
+  count: import_zod68.z.int(),
+  page: import_zod68.z.int(),
+  pages: import_zod68.z.int(),
+  page_size: import_zod68.z.int(),
+  has_next: import_zod68.z.boolean(),
+  has_previous: import_zod68.z.boolean(),
+  next_page: import_zod68.z.int().nullable().optional(),
+  previous_page: import_zod68.z.int().nullable().optional(),
+  results: import_zod68.z.array(DeviceListSchema)
 });
 
 // src/generated/cfg_totp/_utils/schemas/SetupRequest.schema.ts
-var import_zod68 = require("zod");
-var SetupRequestSchema = import_zod68.z.object({
-  device_name: import_zod68.z.string().min(1).max(100).optional()
+var import_zod69 = require("zod");
+var SetupRequestSchema = import_zod69.z.object({
+  device_name: import_zod69.z.string().min(1).max(100).optional()
 });
 
 // src/generated/cfg_totp/_utils/schemas/SetupResponse.schema.ts
-var import_zod69 = require("zod");
-var SetupResponseSchema = import_zod69.z.object({
-  device_id: import_zod69.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i),
-  secret: import_zod69.z.string(),
-  provisioning_uri: import_zod69.z.string(),
-  qr_code_base64: import_zod69.z.string(),
-  expires_in: import_zod69.z.int()
+var import_zod70 = require("zod");
+var SetupResponseSchema = import_zod70.z.object({
+  device_id: import_zod70.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i),
+  secret: import_zod70.z.string(),
+  provisioning_uri: import_zod70.z.string(),
+  qr_code_base64: import_zod70.z.string(),
+  expires_in: import_zod70.z.int()
 });
 
 // src/generated/cfg_totp/_utils/schemas/VerifyBackupRequest.schema.ts
-var import_zod70 = require("zod");
-var VerifyBackupRequestSchema = import_zod70.z.object({
-  session_id: import_zod70.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i),
-  backup_code: import_zod70.z.string().min(8).max(8)
+var import_zod71 = require("zod");
+var VerifyBackupRequestSchema = import_zod71.z.object({
+  session_id: import_zod71.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i),
+  backup_code: import_zod71.z.string().min(8).max(8)
 });
 
 // src/generated/cfg_totp/_utils/schemas/VerifyRequest.schema.ts
-var import_zod71 = require("zod");
-var VerifyRequestSchema = import_zod71.z.object({
-  session_id: import_zod71.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i),
-  code: import_zod71.z.string().min(6).max(6)
+var import_zod72 = require("zod");
+var VerifyRequestSchema = import_zod72.z.object({
+  session_id: import_zod72.z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i),
+  code: import_zod72.z.string().min(6).max(6)
 });
 
 // src/generated/cfg_totp/_utils/schemas/VerifyResponse.schema.ts
-var import_zod72 = require("zod");
-var VerifyResponseSchema = import_zod72.z.object({
-  message: import_zod72.z.string(),
-  access_token: import_zod72.z.string(),
-  refresh_token: import_zod72.z.string(),
-  user: import_zod72.z.record(import_zod72.z.string(), import_zod72.z.any()),
-  remaining_backup_codes: import_zod72.z.int().optional(),
-  warning: import_zod72.z.string().optional()
+var import_zod73 = require("zod");
+var VerifyResponseSchema = import_zod73.z.object({
+  message: import_zod73.z.string(),
+  access_token: import_zod73.z.string(),
+  refresh_token: import_zod73.z.string(),
+  user: import_zod73.z.record(import_zod73.z.string(), import_zod73.z.any()),
+  remaining_backup_codes: import_zod73.z.int().optional(),
+  warning: import_zod73.z.string().optional()
 });
 
 // src/generated/cfg_totp/_utils/fetchers/totp__backup_codes.ts
@@ -5596,7 +5789,8 @@ var API4 = class {
     this._loadTokensFromStorage();
     this._client = new APIClient4(this.baseUrl, {
       retryConfig: this.options?.retryConfig,
-      loggerConfig: this.options?.loggerConfig
+      loggerConfig: this.options?.loggerConfig,
+      tokenGetter: /* @__PURE__ */ __name(() => this.getToken(), "tokenGetter")
     });
     this._injectAuthHeader();
     this.backup_codes = this._client.backup_codes;
@@ -5615,7 +5809,8 @@ var API4 = class {
   _reinitClients() {
     this._client = new APIClient4(this.baseUrl, {
       retryConfig: this.options?.retryConfig,
-      loggerConfig: this.options?.loggerConfig
+      loggerConfig: this.options?.loggerConfig,
+      tokenGetter: /* @__PURE__ */ __name(() => this.getToken(), "tokenGetter")
     });
     this._injectAuthHeader();
     this.backup_codes = this._client.backup_codes;
@@ -5757,14 +5952,14 @@ var apiCentrifugo = new API2(apiUrl2, { storage });
 var useTwoFactor = /* @__PURE__ */ __name((options = {}) => {
   const { onSuccess, onError, redirectUrl, skipRedirect = false } = options;
   const router = (0, import_hooks4.useCfgRouter)();
-  const [isLoading, setIsLoading] = (0, import_react7.useState)(false);
-  const [error, setError] = (0, import_react7.useState)(null);
-  const [warning, setWarning] = (0, import_react7.useState)(null);
-  const [remainingBackupCodes, setRemainingBackupCodes] = (0, import_react7.useState)(null);
-  const clearError = (0, import_react7.useCallback)(() => {
+  const [isLoading, setIsLoading] = (0, import_react8.useState)(false);
+  const [error, setError] = (0, import_react8.useState)(null);
+  const [warning, setWarning] = (0, import_react8.useState)(null);
+  const [remainingBackupCodes, setRemainingBackupCodes] = (0, import_react8.useState)(null);
+  const clearError = (0, import_react8.useCallback)(() => {
     setError(null);
   }, []);
-  const handleSuccess = (0, import_react7.useCallback)((response) => {
+  const handleSuccess = (0, import_react8.useCallback)((response) => {
     apiAccounts.setToken(response.access_token, response.refresh_token);
     if (response.warning) {
       setWarning(response.warning);
@@ -5786,7 +5981,7 @@ var useTwoFactor = /* @__PURE__ */ __name((options = {}) => {
       router.hardPush(finalRedirectUrl);
     }
   }, [onSuccess, redirectUrl, router, skipRedirect]);
-  const verifyTOTP = (0, import_react7.useCallback)(async (sessionId, code) => {
+  const verifyTOTP = (0, import_react8.useCallback)(async (sessionId, code) => {
     if (!sessionId) {
       const msg = "Missing 2FA session ID";
       setError(msg);
@@ -5826,7 +6021,7 @@ var useTwoFactor = /* @__PURE__ */ __name((options = {}) => {
       setIsLoading(false);
     }
   }, [handleSuccess, onError]);
-  const verifyBackupCode = (0, import_react7.useCallback)(async (sessionId, backupCode) => {
+  const verifyBackupCode = (0, import_react8.useCallback)(async (sessionId, backupCode) => {
     if (!sessionId) {
       const msg = "Missing 2FA session ID";
       setError(msg);
@@ -5892,7 +6087,7 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
   } = options;
   const formState = useAuthFormState();
   const validation = useAuthValidation();
-  const isAutoSubmitFromUrlRef = (0, import_react8.useRef)(false);
+  const isAutoSubmitFromUrlRef = (0, import_react9.useRef)(false);
   const {
     requestOTP,
     verifyOTP,
@@ -5939,7 +6134,7 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
     // We handle navigation via success step
   });
   const { detectChannelFromIdentifier: detectChannelFromIdentifier2, validateIdentifier: validateIdentifier2 } = validation;
-  const saveIdentifierToStorage = (0, import_react8.useCallback)((id, ch) => {
+  const saveIdentifierToStorage = (0, import_react9.useCallback)((id, ch) => {
     if (ch === "email") {
       saveEmail(id);
       clearSavedPhone();
@@ -5948,7 +6143,7 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
       clearSavedEmail();
     }
   }, [saveEmail, savePhone, clearSavedEmail, clearSavedPhone]);
-  (0, import_react8.useEffect)(() => {
+  (0, import_react9.useEffect)(() => {
     const savedPhone = getSavedPhone();
     const savedEmail = getSavedEmail();
     if (savedPhone) {
@@ -5959,7 +6154,7 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
       setChannel("email");
     }
   }, [getSavedEmail, getSavedPhone, setIdentifier, setChannel]);
-  (0, import_react8.useEffect)(() => {
+  (0, import_react9.useEffect)(() => {
     if (identifier) {
       const detected = detectChannelFromIdentifier2(identifier);
       if (detected && detected !== channel) {
@@ -5967,7 +6162,7 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
       }
     }
   }, [identifier, channel, detectChannelFromIdentifier2, setChannel]);
-  const handleIdentifierSubmit = (0, import_react8.useCallback)(async (e) => {
+  const handleIdentifierSubmit = (0, import_react9.useCallback)(async (e) => {
     e.preventDefault();
     if (!identifier) {
       const msg = channel === "phone" ? "Please enter your phone number" : "Please enter your email address";
@@ -6022,7 +6217,7 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
     onError,
     sourceUrl
   ]);
-  const submitOTP = (0, import_react8.useCallback)(async (submitIdentifier, submitOtp, submitChannel) => {
+  const submitOTP = (0, import_react9.useCallback)(async (submitIdentifier, submitOtp, submitChannel) => {
     if (!submitOtp || submitOtp.length < 6) {
       const msg = "Please enter the 6-digit verification code";
       setError(msg);
@@ -6072,11 +6267,11 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
       setIsLoading(false);
     }
   }, [verifyOTP, saveIdentifierToStorage, setError, setIsLoading, clearError, onOTPSuccess, onError, sourceUrl, redirectUrl, setTwoFactorSessionId, setShouldPrompt2FA, setStep, enable2FASetup]);
-  const handleOTPSubmit = (0, import_react8.useCallback)(async (e) => {
+  const handleOTPSubmit = (0, import_react9.useCallback)(async (e) => {
     e.preventDefault();
     await submitOTP(identifier, otp, channel);
   }, [identifier, otp, channel, submitOTP]);
-  const handleResendOTP = (0, import_react8.useCallback)(async () => {
+  const handleResendOTP = (0, import_react9.useCallback)(async () => {
     setIsLoading(true);
     clearError();
     try {
@@ -6096,15 +6291,15 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
       setIsLoading(false);
     }
   }, [identifier, channel, requestOTP, saveIdentifierToStorage, setOtp, setError, setIsLoading, clearError, onError, sourceUrl]);
-  const handleBackToIdentifier = (0, import_react8.useCallback)(() => {
+  const handleBackToIdentifier = (0, import_react9.useCallback)(() => {
     setStep("identifier");
     clearError();
   }, [setStep, clearError]);
-  const forceOTPStep = (0, import_react8.useCallback)(() => {
+  const forceOTPStep = (0, import_react9.useCallback)(() => {
     setStep("otp");
     clearError();
   }, [setStep, clearError]);
-  const handle2FASubmit = (0, import_react8.useCallback)(async (e) => {
+  const handle2FASubmit = (0, import_react9.useCallback)(async (e) => {
     e.preventDefault();
     if (!twoFactorSessionId) {
       const msg = "Missing 2FA session";
@@ -6118,12 +6313,12 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
       await twoFactor.verifyTOTP(twoFactorSessionId, twoFactorCode);
     }
   }, [twoFactorSessionId, twoFactorCode, useBackupCode, twoFactor, setError, onError]);
-  const handleUseBackupCode = (0, import_react8.useCallback)(() => {
+  const handleUseBackupCode = (0, import_react9.useCallback)(() => {
     setUseBackupCode(true);
     setTwoFactorCode("");
     clearError();
   }, [setUseBackupCode, setTwoFactorCode, clearError]);
-  const handleUseTOTP = (0, import_react8.useCallback)(() => {
+  const handleUseTOTP = (0, import_react9.useCallback)(() => {
     setUseBackupCode(false);
     setTwoFactorCode("");
     clearError();
@@ -6188,14 +6383,14 @@ var useAuthForm = /* @__PURE__ */ __name((options) => {
 }, "useAuthForm");
 
 // src/auth/hooks/useGithubAuth.ts
-var import_react9 = require("react");
+var import_react10 = require("react");
 var import_hooks5 = require("@djangocfg/ui-nextjs/hooks");
 var useGithubAuth = /* @__PURE__ */ __name((options = {}) => {
   const { sourceUrl, onSuccess, onError, onRequires2FA, redirectUrl, skipRedirect = false } = options;
   const router = (0, import_hooks5.useCfgRouter)();
-  const [isLoading, setIsLoading] = (0, import_react9.useState)(false);
-  const [error, setError] = (0, import_react9.useState)(null);
-  const startGithubAuth = (0, import_react9.useCallback)(async () => {
+  const [isLoading, setIsLoading] = (0, import_react10.useState)(false);
+  const [error, setError] = (0, import_react10.useState)(null);
+  const startGithubAuth = (0, import_react10.useCallback)(async () => {
     setIsLoading(true);
     setError(null);
     try {
@@ -6229,7 +6424,7 @@ var useGithubAuth = /* @__PURE__ */ __name((options = {}) => {
       setIsLoading(false);
     }
   }, [sourceUrl, onError]);
-  const handleGithubCallback = (0, import_react9.useCallback)(async (code, state) => {
+  const handleGithubCallback = (0, import_react10.useCallback)(async (code, state) => {
     setIsLoading(true);
     setError(null);
     try {
@@ -6294,26 +6489,26 @@ var useGithubAuth = /* @__PURE__ */ __name((options = {}) => {
 }, "useGithubAuth");
 
 // src/auth/hooks/useTwoFactorSetup.ts
-var import_react10 = require("react");
+var import_react11 = require("react");
 var useTwoFactorSetup = /* @__PURE__ */ __name((options = {}) => {
   const { onComplete, onError } = options;
-  const [isLoading, setIsLoading] = (0, import_react10.useState)(false);
-  const [error, setError] = (0, import_react10.useState)(null);
-  const [setupData, setSetupData] = (0, import_react10.useState)(null);
-  const [backupCodes, setBackupCodes] = (0, import_react10.useState)(null);
-  const [backupCodesWarning, setBackupCodesWarning] = (0, import_react10.useState)(null);
-  const [setupStep, setSetupStep] = (0, import_react10.useState)("idle");
-  const clearError = (0, import_react10.useCallback)(() => {
+  const [isLoading, setIsLoading] = (0, import_react11.useState)(false);
+  const [error, setError] = (0, import_react11.useState)(null);
+  const [setupData, setSetupData] = (0, import_react11.useState)(null);
+  const [backupCodes, setBackupCodes] = (0, import_react11.useState)(null);
+  const [backupCodesWarning, setBackupCodesWarning] = (0, import_react11.useState)(null);
+  const [setupStep, setSetupStep] = (0, import_react11.useState)("idle");
+  const clearError = (0, import_react11.useCallback)(() => {
     setError(null);
   }, []);
-  const resetSetup = (0, import_react10.useCallback)(() => {
+  const resetSetup = (0, import_react11.useCallback)(() => {
     setSetupData(null);
     setBackupCodes(null);
     setBackupCodesWarning(null);
     setSetupStep("idle");
     setError(null);
   }, []);
-  const startSetup = (0, import_react10.useCallback)(async (deviceName) => {
+  const startSetup = (0, import_react11.useCallback)(async (deviceName) => {
     setIsLoading(true);
     setError(null);
     setSetupStep("scanning");
@@ -6343,7 +6538,7 @@ var useTwoFactorSetup = /* @__PURE__ */ __name((options = {}) => {
       setIsLoading(false);
     }
   }, [onError]);
-  const confirmSetup = (0, import_react10.useCallback)(async (code) => {
+  const confirmSetup = (0, import_react11.useCallback)(async (code) => {
     if (!setupData) {
       const msg = "Setup not started. Call startSetup() first.";
       setError(msg);
@@ -6398,16 +6593,16 @@ var useTwoFactorSetup = /* @__PURE__ */ __name((options = {}) => {
 }, "useTwoFactorSetup");
 
 // src/auth/hooks/useTwoFactorStatus.ts
-var import_react11 = require("react");
+var import_react12 = require("react");
 var useTwoFactorStatus = /* @__PURE__ */ __name(() => {
-  const [isLoading, setIsLoading] = (0, import_react11.useState)(false);
-  const [error, setError] = (0, import_react11.useState)(null);
-  const [has2FAEnabled, setHas2FAEnabled] = (0, import_react11.useState)(null);
-  const [devices, setDevices] = (0, import_react11.useState)([]);
-  const clearError = (0, import_react11.useCallback)(() => {
+  const [isLoading, setIsLoading] = (0, import_react12.useState)(false);
+  const [error, setError] = (0, import_react12.useState)(null);
+  const [has2FAEnabled, setHas2FAEnabled] = (0, import_react12.useState)(null);
+  const [devices, setDevices] = (0, import_react12.useState)([]);
+  const clearError = (0, import_react12.useCallback)(() => {
     setError(null);
   }, []);
-  const fetchStatus = (0, import_react11.useCallback)(async () => {
+  const fetchStatus = (0, import_react12.useCallback)(async () => {
     setIsLoading(true);
     setError(null);
     try {
@@ -6432,7 +6627,7 @@ var useTwoFactorStatus = /* @__PURE__ */ __name(() => {
       setIsLoading(false);
     }
   }, []);
-  const disable2FA = (0, import_react11.useCallback)(async (code) => {
+  const disable2FA = (0, import_react12.useCallback)(async (code) => {
     if (!code || code.length !== 6) {
       setError("Please enter a 6-digit code");
       return false;
@@ -6467,14 +6662,14 @@ var useTwoFactorStatus = /* @__PURE__ */ __name(() => {
 }, "useTwoFactorStatus");
 
 // src/auth/hooks/useAuthGuard.ts
-var import_react12 = require("react");
+var import_react13 = require("react");
 var import_hooks6 = require("@djangocfg/ui-nextjs/hooks");
 var useAuthGuard = /* @__PURE__ */ __name((options = {}) => {
   const { redirectTo = "/auth", requireAuth = true, saveRedirectUrl: shouldSaveUrl = true } = options;
   const { isAuthenticated, isLoading, saveRedirectUrl } = useAuth();
   const router = (0, import_hooks6.useCfgRouter)();
-  const [isRedirecting, setIsRedirecting] = (0, import_react12.useState)(false);
-  (0, import_react12.useEffect)(() => {
+  const [isRedirecting, setIsRedirecting] = (0, import_react13.useState)(false);
+  (0, import_react13.useEffect)(() => {
     if (!isLoading && requireAuth && !isAuthenticated && !isRedirecting) {
       if (shouldSaveUrl && typeof window !== "undefined") {
         const currentUrl = window.location.pathname + window.location.search;
@@ -6488,9 +6683,9 @@ var useAuthGuard = /* @__PURE__ */ __name((options = {}) => {
 }, "useAuthGuard");
 
 // src/auth/hooks/useLocalStorage.ts
-var import_react13 = require("react");
+var import_react14 = require("react");
 function useLocalStorage2(key, initialValue) {
-  const [storedValue, setStoredValue] = (0, import_react13.useState)(() => {
+  const [storedValue, setStoredValue] = (0, import_react14.useState)(() => {
     if (typeof window === "undefined") {
       return initialValue;
     }