npm - @djangocfg/monitor - Versions diffs - 2.1.333 → 2.1.335 - Mend

@djangocfg/monitor 2.1.333 → 2.1.335

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/client.cjs +96 -7
package/dist/client.cjs.map +1 -1
package/dist/client.mjs +96 -7
package/dist/client.mjs.map +1 -1
package/dist/index.cjs +32 -0
package/dist/index.cjs.map +1 -1
package/dist/index.mjs +32 -0
package/dist/index.mjs.map +1 -1
package/dist/server.cjs +95 -6
package/dist/server.cjs.map +1 -1
package/dist/server.mjs +95 -6
package/dist/server.mjs.map +1 -1
package/package.json +2 -2
package/src/_api/generated/_cfg_monitor/api.ts +12 -0
package/src/_api/generated/helpers/auth.ts +103 -4

package/dist/client.cjs CHANGED Viewed

@@ -192,6 +192,9 @@ var _apiKeyOverride = null;
 var _baseUrlOverride = null;
 var _withCredentials = true;
 var _onUnauthorized = null;
+var _refreshHandler = null;
+var _refreshInflight = null;
+var RETRY_MARKER = "X-Auth-Retry";
 var _client = null;
 function pushClientConfig() {
   if (!_client) return;
@@ -270,10 +273,53 @@ var auth = {
     pushClientConfig();
   },
   // ── 401 handler ───────────────────────────────────────────────────
+  /**
+   * Fired when the server returns 401 AND no refresh path recovers it
+   * (no refresh token, no refresh handler, refresh failed, or retry
+   * still 401). The app should clear local state and redirect to login.
+   *
+   * NOT fired for 401 that gets transparently recovered by the refresh
+   * handler — those are invisible to callers.
+   */
   onUnauthorized(cb) {
     _onUnauthorized = cb;
+  },
+  /**
+   * Register the refresh strategy. The handler receives the current
+   * refresh token and must call your refresh endpoint, returning
+   * `{ access, refresh? }` on success or `null` on failure.
+   *
+   * @example
+   *   auth.setRefreshHandler(async (refresh) => {
+   *     const { data } = await Auth.tokenRefreshCreate({ body: { refresh } });
+   *     return data ? { access: data.access, refresh: data.refresh } : null;
+   *   });
+   */
+  setRefreshHandler(fn) {
+    _refreshHandler = fn;
   }
 };
+async function tryRefresh() {
+  if (_refreshInflight) return _refreshInflight;
+  if (!_refreshHandler) return null;
+  const refresh = auth.getRefreshToken();
+  if (!refresh) return null;
+  _refreshInflight = (async () => {
+    try {
+      const result = await _refreshHandler(refresh);
+      if (!result?.access) return null;
+      auth.setToken(result.access);
+      if (result.refresh) auth.setRefreshToken(result.refresh);
+      return result.access;
+    } catch {
+      return null;
+    } finally {
+      _refreshInflight = null;
+    }
+  })();
+  return _refreshInflight;
+}
+__name(tryRefresh, "tryRefresh");
 function installAuthOnClient(client2) {
   if (_client) return;
   _client = client2;
@@ -290,14 +336,48 @@ function installAuthOnClient(client2) {
     if (apiKey) request.headers.set("X-API-Key", apiKey);
     return request;
   });
-  client2.interceptors.response.use((response) => {
-    if (response.status === 401 && _onUnauthorized) {
-      try {
-        _onUnauthorized(response);
-      } catch {
+  client2.interceptors.response.use(async (response, request) => {
+    if (response.status !== 401) return response;
+    if (request.headers.get(RETRY_MARKER)) {
+      if (_onUnauthorized) {
+        try {
+          _onUnauthorized(response);
+        } catch {
+        }
       }
+      return response;
+    }
+    const newToken = await tryRefresh();
+    if (!newToken) {
+      if (_onUnauthorized) {
+        try {
+          _onUnauthorized(response);
+        } catch {
+        }
+      }
+      return response;
+    }
+    const retry = request.clone();
+    retry.headers.set("Authorization", `Bearer ${newToken}`);
+    retry.headers.set(RETRY_MARKER, "1");
+    try {
+      const retried = await fetch(retry);
+      if (retried.status === 401 && _onUnauthorized) {
+        try {
+          _onUnauthorized(retried);
+        } catch {
+        }
+      }
+      return retried;
+    } catch {
+      if (_onUnauthorized) {
+        try {
+          _onUnauthorized(response);
+        } catch {
+        }
+      }
+      return response;
     }
-    return response;
   });
 }
 __name(installAuthOnClient, "installAuthOnClient");
@@ -444,6 +524,15 @@ var _API = class _API {
   setApiKey(key) {
     auth.setApiKey(key);
   }
+  // ── 401 handling ────────────────────────────────────────────────────────
+  /** Fired only on terminal 401 (after refresh+retry path is exhausted). */
+  onUnauthorized(cb) {
+    auth.onUnauthorized(cb);
+  }
+  /** Provide a refresh strategy. See `auth.setRefreshHandler` for the contract. */
+  setRefreshHandler(fn) {
+    auth.setRefreshHandler(fn);
+  }
 };
 __name(_API, "API");
 var API = _API;
@@ -1320,7 +1409,7 @@ __name(sendBatch, "sendBatch");
 // src/client/utils/env.ts
 var isDevelopment = process.env.NODE_ENV === "development";
 var isProduction = !isDevelopment;
-var MONITOR_VERSION = "2.1.333";
+var MONITOR_VERSION = "2.1.335";
 // src/client/constants.ts
 var MONITOR_INGEST_PATTERN = /cfg\/monitor\/ingest/;