@erikey/react 0.1.6 → 0.2.0

package/dist/index.js

@@ -20,8 +20,9 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/index.ts
 var index_exports = {};
 __export(index_exports, {
-  createAuthClient: () => createAuthClient3,
-  createDashboardClient: () => createDashboardClient
+  createAuthClient: () => createAuthClient2,
+  createDashboardClient: () => createDashboardClient,
+  createKvClient: () => createKvClient
 });
 module.exports = __toCommonJS(index_exports);
 
@@ -1638,284 +1639,151 @@ function createDashboardClient(config) {
   });
 }
 
-// ../js/dist/index.js
-var DEFAULT_BASE_URL = "https://auth.erikey.com";
+// src/lib/cross-origin-auth.ts
+function shouldUseBearerAuth(authApiUrl) {
+  if (typeof window === "undefined") {
+    return false;
+  }
+  try {
+    const currentOrigin = window.location.origin;
+    const authOrigin = new URL(authApiUrl).origin;
+    return currentOrigin !== authOrigin;
+  } catch {
+    return false;
+  }
+}
+function getStorageKey(projectId) {
+  return `erikey.session.${projectId}`;
+}
+function storeToken(projectId, session) {
+  if (typeof window === "undefined") return;
+  const key = getStorageKey(projectId);
+  localStorage.setItem(key, JSON.stringify(session));
+}
+function getStoredToken(projectId) {
+  if (typeof window === "undefined") return null;
+  const key = getStorageKey(projectId);
+  const stored = localStorage.getItem(key);
+  if (!stored) return null;
+  try {
+    const session = JSON.parse(stored);
+    if (new Date(session.expiresAt) < /* @__PURE__ */ new Date()) {
+      localStorage.removeItem(key);
+      return null;
+    }
+    return session.token;
+  } catch {
+    localStorage.removeItem(key);
+    return null;
+  }
+}
+function clearToken(projectId) {
+  if (typeof window === "undefined") return;
+  const key = getStorageKey(projectId);
+  localStorage.removeItem(key);
+}
+
+// src/auth-client.ts
 function createAuthClient2(config) {
-  const { projectId, baseUrl = DEFAULT_BASE_URL } = config;
-  const fetchWithAuth = async (endpoint, options) => {
-    const headers = {
-      "Content-Type": "application/json",
-      "X-Project-Id": projectId,
-      ...options?.headers || {}
-    };
-    const response = await fetch(`${baseUrl}/api/auth${endpoint}`, {
-      ...options,
-      credentials: "include",
-      // Send cookies
-      headers
-    });
-    const data = await response.json();
-    if (!response.ok) {
-      return {
-        success: false,
-        error: data?.error?.message || data?.message || "Request failed"
-      };
+  const { projectId, baseUrl = "https://auth.erikey.com" } = config;
+  const useBearerAuth = shouldUseBearerAuth(baseUrl);
+  const fetchOptions = {
+    // Always send project ID header for multi-tenant routing
+    headers: {
+      "X-Project-Id": projectId
+    },
+    // For cross-origin contexts, use Bearer token auth
+    ...useBearerAuth && {
+      auth: {
+        type: "Bearer",
+        token: () => getStoredToken(projectId) || ""
+      }
     }
-    return {
-      success: true,
-      data
-    };
   };
+  const client = createAuthClient({
+    baseURL: baseUrl,
+    fetchOptions,
+    // For same-origin, include cookies
+    ...!useBearerAuth && { credentials: "include" }
+  });
+  if (!useBearerAuth) {
+    return client;
+  }
   return {
-    /**
-     * Sign up a new user
-     */
-    signUp: async (data) => {
-      return fetchWithAuth("/sign-up/email", {
-        method: "POST",
-        body: JSON.stringify(data)
-      });
-    },
-    /**
-     * Sign in an existing user
-     */
-    signIn: async (data) => {
-      return fetchWithAuth("/sign-in/email", {
-        method: "POST",
-        body: JSON.stringify(data)
-      });
-    },
-    /**
-     * Sign out the current user
-     */
-    signOut: async () => {
-      return fetchWithAuth("/sign-out", {
-        method: "POST"
-      });
-    },
-    /**
-     * Get the current authenticated user
-     */
-    getUser: async () => {
-      return fetchWithAuth("/get-session", {
-        method: "GET"
-      });
-    },
-    /**
-     * Request a password reset email
-     */
-    forgotPassword: async (email) => {
-      const result = await fetchWithAuth("/forget-password", {
-        method: "POST",
-        body: JSON.stringify({ email })
-      });
-      if (!result.success) {
-        return { success: false, message: result.error || "Failed to request password reset" };
-      }
-      return {
-        success: true,
-        message: result.data?.message || "Password reset email sent"
-      };
-    },
-    /**
-     * Reset password with a token from the reset email
-     */
-    resetPassword: async (token, newPassword) => {
-      const result = await fetchWithAuth("/reset-password", {
-        method: "POST",
-        body: JSON.stringify({ token, newPassword })
-      });
-      if (!result.success) {
-        return { success: false, message: result.error || "Failed to reset password" };
-      }
-      return {
-        success: true,
-        message: result.data?.message || "Password reset successful"
-      };
-    },
-    /**
-     * Set a single key-value pair
-     */
-    setValue: async (key, value) => {
-      return fetchWithAuth(`/key-value/${encodeURIComponent(key)}`, {
-        method: "PUT",
-        body: JSON.stringify({ value })
-      });
-    },
-    /**
-     * Get a single key-value pair
-     */
-    getValue: async (key) => {
-      const result = await fetchWithAuth(
-        `/key-value/${encodeURIComponent(key)}`,
-        { method: "GET" }
-      );
-      if (!result.success) {
-        return { success: false, error: result.error };
-      }
-      return {
-        success: true,
-        data: {
-          key: result.data.key,
-          value: result.data.value,
-          createdAt: result.data.createdAt,
-          updatedAt: result.data.updatedAt
+    ...client,
+    signIn: {
+      ...client.signIn,
+      email: async (...args) => {
+        const result = await client.signIn.email(...args);
+        const token = result.data?.token;
+        const sessionId = result.data?.session?.id || "session";
+        if (token) {
+          const session = {
+            id: sessionId,
+            token,
+            expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1e3).toISOString()
+          };
+          storeToken(projectId, session);
         }
-      };
+        return result;
+      },
+      // Social OAuth works as-is (redirect-based, no token in response)
+      social: client.signIn.social
     },
-    /**
-     * Get all key-value pairs for the authenticated user
-     */
-    getValues: async () => {
-      const result = await fetchWithAuth(
-        "/key-value",
-        { method: "GET" }
-      );
-      if (!result.success) {
-        return { success: false, error: result.error };
-      }
-      return {
-        success: true,
-        data: {
-          kvPairs: result.data.kvPairs,
-          total: result.data.total
+    signUp: {
+      ...client.signUp,
+      email: async (...args) => {
+        const result = await client.signUp.email(...args);
+        const token = result.data?.token;
+        const sessionId = result.data?.session?.id || "session";
+        if (token) {
+          const session = {
+            id: sessionId,
+            token,
+            expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1e3).toISOString()
+          };
+          storeToken(projectId, session);
         }
-      };
-    },
-    /**
-     * Delete a single key-value pair
-     */
-    deleteValue: async (key) => {
-      const result = await fetchWithAuth(
-        `/key-value/${encodeURIComponent(key)}`,
-        { method: "DELETE" }
-      );
-      if (!result.success) {
-        return { success: false, error: result.error };
+        return result;
       }
-      return {
-        success: true,
-        data: {
-          message: result.data.message || "KV pair deleted"
-        }
-      };
     },
-    /**
-     * Delete multiple key-value pairs
-     * Note: Makes sequential DELETE requests since no bulk delete endpoint exists
-     */
-    deleteValues: async (keys) => {
-      if (keys.length === 0) {
-        return {
-          success: true,
-          data: {
-            deleted: [],
-            failed: []
-          }
-        };
-      }
-      const results = await Promise.allSettled(
-        keys.map(
-          (key) => fetchWithAuth(
-            `/key-value/${encodeURIComponent(key)}`,
-            { method: "DELETE" }
-          ).then((result) => ({ key, result }))
-        )
-      );
-      const deleted = [];
-      const failed = [];
-      results.forEach((result, index) => {
-        if (result.status === "fulfilled") {
-          const { key, result: deleteResult } = result.value;
-          if (deleteResult.success) {
-            deleted.push(key);
-          } else {
-            failed.push({
-              key,
-              error: deleteResult.error || "Delete failed"
-            });
-          }
-        } else {
-          failed.push({
-            key: keys[index],
-            error: result.reason?.message || "Request failed"
-          });
-        }
-      });
-      return {
-        success: failed.length === 0,
-        data: {
-          deleted,
-          failed
-        }
-      };
+    signOut: async (...args) => {
+      clearToken(projectId);
+      return client.signOut(...args);
     },
-    /**
-     * Set multiple key-value pairs in bulk (max 100 pairs)
-     */
-    setValues: async (kvPairs) => {
-      const result = await fetchWithAuth(
-        "/key-value/bulk",
-        {
-          method: "POST",
-          body: JSON.stringify({ kvPairs })
-        }
-      );
-      if (!result.success) {
-        return { success: false, error: result.error };
-      }
-      return {
-        success: true,
-        data: {
-          results: result.data.results,
-          total: result.data.total
-        }
-      };
-    }
+    // useSession works as-is - it uses the Bearer token from fetchOptions
+    useSession: client.useSession,
+    // Pass through other methods
+    getSession: client.getSession
   };
 }
 
 // ../../sandpack-auth/dist/client/index.js
-function isSandpackEnvironment() {
+function shouldUseBearerAuth2(authApiUrl) {
   if (typeof window === "undefined") {
     return false;
   }
-  if (process.env.NODE_ENV === "production") {
-    console.warn(
-      "[SANDPACK-AUTH] Sandpack detection called in production environment. This should only run in development/preview. Returning false."
-    );
-    return false;
-  }
   try {
-    const inIframe = window.self !== window.top;
-    return inIframe;
-  } catch {
-    return true;
+    const currentOrigin = window.location.origin;
+    const authOrigin = new URL(authApiUrl).origin;
+    const isCrossOrigin = currentOrigin !== authOrigin;
+    if (isCrossOrigin) {
+      console.log("[Sandpack Auth] Cross-origin detected:", {
+        current: currentOrigin,
+        auth: authOrigin
+      });
+    }
+    return isCrossOrigin;
+  } catch (error) {
+    console.error("[Sandpack Auth] Failed to check origin:", error);
+    return false;
   }
 }
-function getStorageKey(projectId) {
+function getStorageKey2(projectId) {
   return `erikey.session.${projectId}`;
 }
-function storeToken(projectId, session) {
-  const key = getStorageKey(projectId);
-  const stored = {
-    token: session.token,
-    expiresAt: session.expiresAt
-  };
-  console.log("[Sandpack Auth] Storing token:", {
-    key,
-    tokenPreview: session.token.substring(0, 20) + "..."
-  });
-  localStorage.setItem(key, JSON.stringify(stored));
-  const check = localStorage.getItem(key);
-  if (!check) {
-    console.error("[Sandpack Auth] Failed to store token in localStorage");
-  } else {
-    console.log("[Sandpack Auth] Token stored successfully");
-  }
-}
-function getStoredToken(projectId) {
-  const key = getStorageKey(projectId);
+function getStoredToken2(projectId) {
+  const key = getStorageKey2(projectId);
   const stored = localStorage.getItem(key);
   if (!stored) {
     return null;
@@ -1934,33 +1802,26 @@ function getStoredToken(projectId) {
     return null;
   }
 }
-function clearToken(projectId) {
-  const key = getStorageKey(projectId);
-  console.log("[Sandpack Auth] Clearing token from localStorage");
-  localStorage.removeItem(key);
-}
 
-// src/auth-client.ts
-function createAuthClient3(config) {
-  const { projectId } = config;
-  const baseUrl = config.baseUrl || "https://auth.erikey.com";
-  const client = createAuthClient2(config);
-  const inSandpack = isSandpackEnvironment();
-  if (!inSandpack) {
-    return client;
-  }
-  const fetchWithBearer = async (endpoint, options) => {
-    const token = getStoredToken(projectId);
+// src/kv-client.ts
+function createKvClient(config) {
+  const { projectId, baseUrl = "https://auth.erikey.com" } = config;
+  const useBearerAuth = shouldUseBearerAuth2(baseUrl);
+  const fetchWithAuth = async (endpoint, options) => {
     const headers = {
       "Content-Type": "application/json",
       "X-Project-Id": projectId,
       ...options?.headers || {}
     };
-    if (token) {
-      headers["Authorization"] = `Bearer ${token}`;
+    if (useBearerAuth) {
+      const token = getStoredToken2(projectId);
+      if (token) {
+        headers["Authorization"] = `Bearer ${token}`;
+      }
     }
     const response = await fetch(`${baseUrl}/api/auth${endpoint}`, {
       ...options,
+      credentials: useBearerAuth ? "omit" : "include",
       headers
     });
     const data = await response.json();
@@ -1976,72 +1837,20 @@ function createAuthClient3(config) {
     };
   };
   return {
-    signUp: async (data) => {
-      const result = await client.signUp(data);
-      const token = result.data?.token || result.data?.session?.token;
-      if (result.success && token) {
-        console.log("[Sandpack Auth] Storing token after sign-up");
-        storeToken(projectId, {
-          token,
-          expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1e3).toISOString()
-          // 7 days
-        });
-      }
-      return result;
-    },
-    signIn: async (data) => {
-      const result = await client.signIn(data);
-      const token = result.data?.token || result.data?.session?.token;
-      if (result.success && token) {
-        console.log("[Sandpack Auth] Storing token after sign-in");
-        storeToken(projectId, {
-          token,
-          expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1e3).toISOString()
-          // 7 days
-        });
-      }
-      return result;
-    },
-    signOut: async () => {
-      const result = await client.signOut();
-      clearToken(projectId);
-      return result;
-    },
-    getUser: async () => {
-      const result = await client.getUser();
-      const hasUser = result.success && result.data && ("email" in result.data || // Direct User object
-      "user" in result.data && result.data.user);
-      if (hasUser) {
-        return result;
-      }
-      const token = getStoredToken(projectId);
-      if (token) {
-        console.log("[Sandpack Auth] Cookie auth returned no user, trying Bearer token");
-        const response = await fetch(`${baseUrl}/api/auth/get-session`, {
-          headers: {
-            "Authorization": `Bearer ${token}`,
-            "X-Project-Id": projectId
-          }
-        });
-        const data = await response.json();
-        if (response.ok && (data?.user || data?.email)) {
-          console.log("[Sandpack Auth] Bearer token auth successful");
-          return { success: true, data };
-        }
-      }
-      return result;
-    },
-    forgotPassword: client.forgotPassword,
-    resetPassword: client.resetPassword,
-    // KV methods - wrapped with Bearer token support for Sandpack
+    /**
+     * Set a single key-value pair
+     */
     setValue: async (key, value) => {
-      return fetchWithBearer(`/key-value/${encodeURIComponent(key)}`, {
+      return fetchWithAuth(`/key-value/${encodeURIComponent(key)}`, {
         method: "PUT",
         body: JSON.stringify({ value })
       });
     },
+    /**
+     * Get a single key-value pair
+     */
     getValue: async (key) => {
-      const result = await fetchWithBearer(
+      const result = await fetchWithAuth(
         `/key-value/${encodeURIComponent(key)}`,
         { method: "GET" }
       );
@@ -2058,8 +1867,11 @@ function createAuthClient3(config) {
         }
       };
     },
+    /**
+     * Get all key-value pairs for the authenticated user
+     */
     getValues: async () => {
-      const result = await fetchWithBearer(
+      const result = await fetchWithAuth(
         "/key-value",
         { method: "GET" }
       );
@@ -2074,8 +1886,11 @@ function createAuthClient3(config) {
         }
       };
     },
+    /**
+     * Delete a single key-value pair
+     */
     deleteValue: async (key) => {
-      const result = await fetchWithBearer(
+      const result = await fetchWithAuth(
         `/key-value/${encodeURIComponent(key)}`,
         { method: "DELETE" }
       );
@@ -2089,6 +1904,9 @@ function createAuthClient3(config) {
         }
       };
     },
+    /**
+     * Delete multiple key-value pairs
+     */
     deleteValues: async (keys) => {
       if (keys.length === 0) {
         return {
@@ -2101,7 +1919,7 @@ function createAuthClient3(config) {
       }
       const results = await Promise.allSettled(
         keys.map(
-          (key) => fetchWithBearer(
+          (key) => fetchWithAuth(
             `/key-value/${encodeURIComponent(key)}`,
             { method: "DELETE" }
           ).then((result) => ({ key, result }))
@@ -2135,8 +1953,11 @@ function createAuthClient3(config) {
         }
       };
     },
+    /**
+     * Set multiple key-value pairs in bulk (max 100 pairs)
+     */
     setValues: async (kvPairs) => {
-      const result = await fetchWithBearer(
+      const result = await fetchWithAuth(
         "/key-value/bulk",
         {
           method: "POST",
@@ -2159,6 +1980,7 @@ function createAuthClient3(config) {
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   createAuthClient,
-  createDashboardClient
+  createDashboardClient,
+  createKvClient
 });
 //# sourceMappingURL=index.js.map