@elvix.is/sdk 0.5.8 → 0.5.9

package/dist/react.d.ts

@@ -432,6 +432,27 @@ type AuthFormProps = {
         redirect?: string;
         token?: string;
     }) => void;
+    /**
+     * Where to send the user after EVERY terminal success path. One prop, one
+     * destination — no per-method customisation. Applies uniformly to:
+     *
+     *   - OTP verify success (with or without an onboarding step).
+     *   - Google sign-in (both the GIS credential and the redirect-OAuth
+     *     return path that consumes `#elvix_token=...` on mount).
+     *   - Passkey sign-in.
+     *   - The onboarding "Add a passkey" success.
+     *   - The onboarding "Skip for now" button on the passkey step.
+     *   - The onboarding username step success.
+     *
+     * Resolution order at the moment of navigation:
+     *   `redirectAfterSignIn ?? <backend-provided redirect> ?? "/"`
+     *
+     * If a host wants different destinations per method, they should switch
+     * on the result inside `onResult`/`onAuthenticated` and call
+     * `router.push(...)` themselves; this prop is the single declarative
+     * fallback that ALL success paths honour.
+     */
+    redirectAfterSignIn?: string;
     /**
      * Fires on every terminal outcome: success AND every error path
      * (invalid OTP, expired challenge, rate-limited, network blip,
@@ -538,14 +559,24 @@ declare const useUserRoles: (opts: Opts) => UseUserListResult;
 declare const useUserScopes: (opts: Opts) => UseUserListResult;
 declare const useUserMemberships: (opts: Opts) => UseUserListResult;
 
-declare function ElvixLifecycleWatcher({ baseUrl, pollMs, onSignedOut, }: {
+type ElvixLifecycleWatcherProps = {
     /** elvix origin. Defaults to "" (same-origin). */
     baseUrl?: string;
-    /** Poll interval in ms. Default 7000. */
+    /** Poll interval in ms when SSE isn't available. Default 7000. */
     pollMs?: number;
+    /**
+     * Application id to subscribe to (SSE mode). When set together with
+     * `userId` AND we're same-origin with `baseUrl`, the watcher opens an
+     * EventSource on `/api/presence/stream` and skips polling entirely.
+     * Omit to force the polling path (the cross-origin SDK case).
+     */
+    applicationId?: string;
+    /** User id to watch — SSE filters by this. Required with `applicationId`. */
+    userId?: string;
     /** Called once with the reason when the session ends. Defaults to a reload. */
     onSignedOut?: (reason: string) => void;
-}): null;
+};
+declare function ElvixLifecycleWatcher({ baseUrl, pollMs, applicationId, userId, onSignedOut, }: ElvixLifecycleWatcherProps): null;
 
 type ElvixUsernameResult = {
     ok: true;

package/dist/react.js

@@ -1383,7 +1383,7 @@ function ElvixSignInForm(props) {
     googleClientId: props.googleClientId ?? app?.googleClientId ?? void 0,
     websiteUrl: props.websiteUrl ?? app?.websiteUrl ?? null
   };
-  const { framed = true, presentation = "card", theme = "light" } = resolved;
+  const { framed = resolved.mode === "preview", presentation = "card", theme = "light" } = resolved;
   const card = /* @__PURE__ */ jsx7(AuthCard, { ...resolved });
   let content = card;
   if (presentation === "drawer") {
@@ -1487,6 +1487,7 @@ function AuthBody({
   belowMethods,
   googleConfig,
   googleClientId,
+  redirectAfterSignIn,
   onAuthenticated,
   onResult
 }) {
@@ -1514,7 +1515,16 @@ function AuthBody({
   const [usernameSuggestions, setUsernameSuggestions] = useState5([]);
   const [usernameCheck, setUsernameCheck] = useState5({ kind: "idle" });
   const [onboardingBusy, setOnboardingBusy] = useState5(null);
-  const [finalRedirect, setFinalRedirect] = useState5("/");
+  const [backendFinalRedirect, setBackendFinalRedirect] = useState5("/");
+  const finalRedirect = useCallback3(
+    (backendRedirect) => {
+      if (redirectAfterSignIn) return redirectAfterSignIn;
+      if (backendRedirect) return backendRedirect;
+      if (backendFinalRedirect) return backendFinalRedirect;
+      return "/";
+    },
+    [redirectAfterSignIn, backendFinalRedirect]
+  );
   useEffect4(() => {
     if (resendIn <= 0) return;
     const t = setInterval(() => setResendIn((s) => Math.max(0, s - 1)), 1e3);
@@ -1537,22 +1547,22 @@ function AuthBody({
       if (body.next_step === "username") {
         setUsernameSuggestions(body.suggestions ?? []);
         setUsernameValue(body.suggestions?.[0] ?? "");
-        setFinalRedirect(body.final ?? "/");
+        setBackendFinalRedirect(body.final ?? "/");
         setStep("username");
         return;
       }
       if (body.next_step === "passkey") {
-        setFinalRedirect(body.final ?? "/");
+        setBackendFinalRedirect(body.final ?? "/");
         setStep("passkey");
         return;
       }
       if (body.next_step === "recover" && body.recover) {
         setRecoverState(body.recover);
-        setFinalRedirect(body.final ?? "/");
+        setBackendFinalRedirect(body.final ?? "/");
         setStep("recover");
         return;
       }
-      const redirect = body.redirect ?? defaultRedirect(intent);
+      const redirect = finalRedirect(body.redirect ?? defaultRedirect(intent));
       onResult?.({ ok: true, redirect });
       if (onAuthenticated) {
         onAuthenticated({ ok: true, redirect, token: body.token });
@@ -1560,7 +1570,7 @@ function AuthBody({
       }
       window.location.href = redirect;
     },
-    [intent, onAuthenticated, onResult]
+    [intent, onAuthenticated, onResult, finalRedirect]
   );
   useEffect4(() => {
     if (isPreview) return;
@@ -1793,12 +1803,13 @@ function AuthBody({
         );
         return;
       }
-      onResult?.({ ok: true, redirect: finalRedirect });
+      const redirect = finalRedirect();
+      onResult?.({ ok: true, redirect });
       if (onAuthenticated) {
-        onAuthenticated({ ok: true, redirect: finalRedirect });
+        onAuthenticated({ ok: true, redirect });
         return;
       }
-      window.location.href = finalRedirect;
+      window.location.href = redirect;
     } finally {
       setOnboardingBusy(null);
     }
@@ -1806,12 +1817,13 @@ function AuthBody({
   const onSkipPasskey = useCallback3(() => {
     if (onboardingBusy) return;
     setOnboardingBusy("skip");
-    onResult?.({ ok: true, redirect: finalRedirect });
+    const redirect = finalRedirect();
+    onResult?.({ ok: true, redirect });
     if (onAuthenticated) {
-      onAuthenticated({ ok: true, redirect: finalRedirect });
+      onAuthenticated({ ok: true, redirect });
       return;
     }
-    window.location.href = finalRedirect;
+    window.location.href = redirect;
   }, [onboardingBusy, finalRedirect, onAuthenticated, onResult]);
   return /* @__PURE__ */ jsxs6(Fragment3, { children: [
     showHeader && /* @__PURE__ */ jsxs6(
@@ -2062,10 +2074,12 @@ function AuthBody({
           state: recoverState.state,
           sinceAt: recoverState.sinceAt,
           onRestore: ({ redirect }) => {
+            const dest = finalRedirect(redirect);
+            onResult?.({ ok: true, redirect: dest });
             if (onAuthenticated) {
-              onAuthenticated({ ok: true, redirect });
+              onAuthenticated({ ok: true, redirect: dest });
             } else {
-              window.location.href = redirect;
+              window.location.href = dest;
             }
           },
           onCancel: ({ redirect }) => {
@@ -2628,26 +2642,81 @@ var useUserMemberships = (opts) => useUserList("memberships", opts);
 
 // src/react/lifecycle-watcher.tsx
 import { useEffect as useEffect6 } from "react";
+var StatusValue = {
+  ACTIVE: "active",
+  PAUSED: "paused",
+  BANNED: "banned",
+  DELETED: "deleted",
+  INACTIVE: "inactive"
+};
+function isSameOrigin2(baseUrl) {
+  if (typeof window === "undefined") return false;
+  if (!baseUrl) return true;
+  try {
+    return new URL(baseUrl, window.location.origin).origin === window.location.origin;
+  } catch {
+    return false;
+  }
+}
 function ElvixLifecycleWatcher({
   baseUrl = "",
   pollMs = 7e3,
+  applicationId,
+  userId,
   onSignedOut
 }) {
   useEffect6(() => {
     let cancelled = false;
     let fired = false;
+    function fire(reason) {
+      if (cancelled || fired) return;
+      fired = true;
+      setElvixToken(null);
+      if (onSignedOut) onSignedOut(reason);
+      else if (typeof window !== "undefined") window.location.reload();
+    }
+    const canSse = applicationId !== void 0 && userId !== void 0 && typeof window !== "undefined" && typeof EventSource !== "undefined" && isSameOrigin2(baseUrl);
+    if (canSse) {
+      let onRecord2 = function(rec) {
+        if (rec.userId !== userId) return;
+        if (rec.status === StatusValue.ACTIVE) return;
+        fire(rec.status);
+      }, handle2 = function(e) {
+        try {
+          onRecord2(JSON.parse(e.data));
+        } catch {
+        }
+      }, handleSnapshot2 = function(e) {
+        try {
+          for (const r of JSON.parse(e.data)) onRecord2(r);
+        } catch {
+        }
+      };
+      var onRecord = onRecord2, handle = handle2, handleSnapshot = handleSnapshot2;
+      const url2 = new URL(`${baseUrl}/api/presence/stream`, window.location.origin);
+      url2.searchParams.set("applicationId", applicationId);
+      url2.searchParams.set("userId", userId);
+      const ev = new EventSource(url2.toString());
+      ev.addEventListener("user.lifecycle.changed", handle2);
+      ev.addEventListener("lifecycle.snapshot", handleSnapshot2);
+      return () => {
+        cancelled = true;
+        ev.removeEventListener("user.lifecycle.changed", handle2);
+        ev.removeEventListener("lifecycle.snapshot", handleSnapshot2);
+        ev.close();
+      };
+    }
     const poll = async () => {
       try {
-        const res = await fetch(`${baseUrl}/api/v1/session`, { method: "POST", ...authInit() });
+        const init = authInit();
+        const res = await fetch(`${baseUrl}/api/v1/session`, {
+          method: "POST",
+          headers: init.headers,
+          credentials: init.credentials
+        });
         const body = await res.json().catch(() => ({}));
         if (cancelled || fired) return;
-        if (!body.ok) {
-          fired = true;
-          setElvixToken(null);
-          const reason = body.error ?? "signed_out";
-          if (onSignedOut) onSignedOut(reason);
-          else if (typeof window !== "undefined") window.location.reload();
-        }
+        if (!body.ok) fire(body.error ?? "signed_out");
       } catch {
       }
     };
@@ -2657,7 +2726,7 @@ function ElvixLifecycleWatcher({
       cancelled = true;
       clearInterval(id);
     };
-  }, [baseUrl, pollMs, onSignedOut]);
+  }, [baseUrl, pollMs, applicationId, userId, onSignedOut]);
   return null;
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@elvix.is/sdk",
-  "version": "0.5.8",
+  "version": "0.5.9",
   "description": "Official elvix SDK. Drop-in React components, server helpers, and an MCP server so AI coding agents integrate elvix on the first try.",
   "license": "MIT",
   "homepage": "https://elvix.is",