@fenelabs/fene-sdk 0.7.3 → 0.8.0

package/README.md

@@ -40,14 +40,22 @@ const client = createResonanceClient({
 });
 
 // 1. Get nonce
-const { message } = await client.getNonce("0x...");
+const { nonce, message } = await client.getNonce("0x...");
 
 // 2. Sign message (using viem or wagmi)
 const signature = await signMessage({ message });
 
-// 3. Verify and get JWT
-const auth = await client.verify("0x...", signature);
-console.log(`Logged in as: ${auth.role}`);
+// 3. Verify signature (API sets secure httpOnly cookies)
+const auth = await client.verify({
+  address: "0x...",
+  signature,
+  nonce,
+});
+console.log(`Session expires at: ${auth.expires_at}`);
+
+// 4. Optional: fetch current session metadata
+const session = await client.getSession();
+console.log(`Logged in as: ${session.role}`);
 
 // Now authenticated requests work
 await client.updateGeoLocation({ latitude: 0, longitude: 0, node_type: "rpc" });
@@ -120,16 +128,17 @@ The SDK uses a standard Web3 authentication flow:
 1. Request a nonce from the API (`getNonce`)
 2. Sign the message with your wallet (using viem, wagmi, etc.)
 3. Submit signature for verification (`verify`)
-4. Receive JWT token for authenticated requests
+4. API stores auth in secure httpOnly cookies
 
-The token is automatically included in all subsequent requests and managed by the client.
+The SDK sends credentials automatically (`credentials: include`) and handles refresh flow for 401 responses.
 
 ## API Reference
 
 ### Auth
 
 - `getNonce(address)` - Get authentication nonce
-- `verify(address, signature)` - Verify signature and get JWT
+- `verify({ address, signature, nonce })` - Verify signature and establish cookie-based session
+- `getSession()` - Get current session metadata
 
 ### Validators
 

package/dist/index.d.mts

@@ -18,13 +18,21 @@ interface AuthVerifyRequest {
     nonce: string;
 }
 interface AuthResponse {
-    token: string;
-    role: "validator" | "delegator";
+    success: boolean;
+    address: string;
     expires_at: number;
 }
 interface RefreshResponse {
     success: boolean;
     expires_at?: number;
+    error?: string;
+    requires_login?: boolean;
+}
+interface SessionResponse {
+    authenticated: boolean;
+    address: string;
+    role: "validator" | "delegator";
+    expires_at: number;
 }
 declare enum ValidatorStatus {
     NOT_EXIST = 0,
@@ -298,6 +306,10 @@ declare class ResonanceClient {
     private executeRequest;
     getNonce(address: Address): Promise<NonceResponse>;
     verify(params: AuthVerifyRequest): Promise<AuthResponse>;
+    /**
+     * Get current authenticated session metadata from server.
+     */
+    getSession(): Promise<SessionResponse>;
     /**
      * Refresh the access token using the refresh token cookie.
      * Returns { success: boolean, expires_at?: number }
@@ -446,4 +458,4 @@ declare class EventBus {
 }
 declare const eventBus: EventBus;
 
-export { type APIErrorResponse, type Address, type AuthResponse, type AuthVerifyRequest, type AvatarResponse, type DailyBlockStats, type Delegator, type DelegatorRewards, type DelegatorStake, DelegatorStatus, type EpochInfo, ErrorCode, type ErrorCodeType, type GeoNode, type GeoStats, type GeoUpdateRequest, type NetworkAPR, type NetworkStats, type NonceResponse, type PaginatedResponse, type PriceResponse, type ReferralKey, type RefreshResponse, type RequestContext, ResonanceClient, type ResonanceClientConfig, ResonanceError, type ResponseContext, type RewardHistory, type Transaction, type TransactionStats, type TransactionsList, type TransactionsParams, type UploadResponse, type Validator, type ValidatorAPR, ValidatorStatus, type ValidatorSummary, type WhitelistCheckRequest, type WhitelistCheckResponse, createResonanceClient, eventBus, hasErrorCode, isAuthError, isNetworkError, isNotFoundError, isResonanceError };
+export { type APIErrorResponse, type Address, type AuthResponse, type AuthVerifyRequest, type AvatarResponse, type DailyBlockStats, type Delegator, type DelegatorRewards, type DelegatorStake, DelegatorStatus, type EpochInfo, ErrorCode, type ErrorCodeType, type GeoNode, type GeoStats, type GeoUpdateRequest, type NetworkAPR, type NetworkStats, type NonceResponse, type PaginatedResponse, type PriceResponse, type ReferralKey, type RefreshResponse, type RequestContext, ResonanceClient, type ResonanceClientConfig, ResonanceError, type ResponseContext, type RewardHistory, type SessionResponse, type Transaction, type TransactionStats, type TransactionsList, type TransactionsParams, type UploadResponse, type Validator, type ValidatorAPR, ValidatorStatus, type ValidatorSummary, type WhitelistCheckRequest, type WhitelistCheckResponse, createResonanceClient, eventBus, hasErrorCode, isAuthError, isNetworkError, isNotFoundError, isResonanceError };

package/dist/index.d.ts

@@ -18,13 +18,21 @@ interface AuthVerifyRequest {
     nonce: string;
 }
 interface AuthResponse {
-    token: string;
-    role: "validator" | "delegator";
+    success: boolean;
+    address: string;
     expires_at: number;
 }
 interface RefreshResponse {
     success: boolean;
     expires_at?: number;
+    error?: string;
+    requires_login?: boolean;
+}
+interface SessionResponse {
+    authenticated: boolean;
+    address: string;
+    role: "validator" | "delegator";
+    expires_at: number;
 }
 declare enum ValidatorStatus {
     NOT_EXIST = 0,
@@ -298,6 +306,10 @@ declare class ResonanceClient {
     private executeRequest;
     getNonce(address: Address): Promise<NonceResponse>;
     verify(params: AuthVerifyRequest): Promise<AuthResponse>;
+    /**
+     * Get current authenticated session metadata from server.
+     */
+    getSession(): Promise<SessionResponse>;
     /**
      * Refresh the access token using the refresh token cookie.
      * Returns { success: boolean, expires_at?: number }
@@ -446,4 +458,4 @@ declare class EventBus {
 }
 declare const eventBus: EventBus;
 
-export { type APIErrorResponse, type Address, type AuthResponse, type AuthVerifyRequest, type AvatarResponse, type DailyBlockStats, type Delegator, type DelegatorRewards, type DelegatorStake, DelegatorStatus, type EpochInfo, ErrorCode, type ErrorCodeType, type GeoNode, type GeoStats, type GeoUpdateRequest, type NetworkAPR, type NetworkStats, type NonceResponse, type PaginatedResponse, type PriceResponse, type ReferralKey, type RefreshResponse, type RequestContext, ResonanceClient, type ResonanceClientConfig, ResonanceError, type ResponseContext, type RewardHistory, type Transaction, type TransactionStats, type TransactionsList, type TransactionsParams, type UploadResponse, type Validator, type ValidatorAPR, ValidatorStatus, type ValidatorSummary, type WhitelistCheckRequest, type WhitelistCheckResponse, createResonanceClient, eventBus, hasErrorCode, isAuthError, isNetworkError, isNotFoundError, isResonanceError };
+export { type APIErrorResponse, type Address, type AuthResponse, type AuthVerifyRequest, type AvatarResponse, type DailyBlockStats, type Delegator, type DelegatorRewards, type DelegatorStake, DelegatorStatus, type EpochInfo, ErrorCode, type ErrorCodeType, type GeoNode, type GeoStats, type GeoUpdateRequest, type NetworkAPR, type NetworkStats, type NonceResponse, type PaginatedResponse, type PriceResponse, type ReferralKey, type RefreshResponse, type RequestContext, ResonanceClient, type ResonanceClientConfig, ResonanceError, type ResponseContext, type RewardHistory, type SessionResponse, type Transaction, type TransactionStats, type TransactionsList, type TransactionsParams, type UploadResponse, type Validator, type ValidatorAPR, ValidatorStatus, type ValidatorSummary, type WhitelistCheckRequest, type WhitelistCheckResponse, createResonanceClient, eventBus, hasErrorCode, isAuthError, isNetworkError, isNotFoundError, isResonanceError };

package/dist/index.js

@@ -215,7 +215,7 @@ var ResonanceClient = class {
         if (attempt >= this.retries) {
           throw error;
         }
-        const delay = this.retryDelay * Math.pow(2, attempt);
+        const delay = this.retryDelay * 2 ** attempt;
         await new Promise((resolve) => setTimeout(resolve, delay));
       }
     }
@@ -239,28 +239,53 @@ var ResonanceClient = class {
       timestamp: startTime,
       attemptNumber
     };
+    const reportError = (error) => {
+      try {
+        this.onError?.(error, requestContext);
+      } catch (hookError) {
+        console.error("onError hook error:", hookError);
+      }
+    };
     try {
       this.onRequest?.(requestContext);
     } catch (hookError) {
       console.error("onRequest hook error:", hookError);
     }
     const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+    let timeoutId = null;
+    const timeoutPromise = new Promise((_, reject) => {
+      timeoutId = setTimeout(() => {
+        controller.abort();
+        reject(
+          new ResonanceError(
+            ErrorCode.TIMEOUT,
+            `Request timed out after ${this.timeout}ms`,
+            { url, timeout: this.timeout },
+            408
+          )
+        );
+      }, this.timeout);
+    });
     try {
-      const response = await fetch(url, {
-        ...options,
-        headers,
-        credentials: "include",
-        // ✅ Send httpOnly cookies automatically
-        signal: controller.signal
-      });
-      clearTimeout(timeoutId);
+      const response = await Promise.race([
+        fetch(url, {
+          ...options,
+          headers,
+          credentials: "include",
+          // Send httpOnly cookies automatically
+          signal: controller.signal
+        }),
+        timeoutPromise
+      ]);
+      if (timeoutId) {
+        clearTimeout(timeoutId);
+      }
       const duration = Date.now() - startTime;
       if (response.status === 401 && !this.isRefreshing) {
         this.isRefreshing = true;
-        const refreshed = await this.refresh();
+        const refreshResult = await this.refresh();
         this.isRefreshing = false;
-        if (refreshed) {
+        if (refreshResult.success) {
           return this.executeRequest(path, options, attemptNumber);
         }
         eventBus.emit("api:unauthorized", {
@@ -271,22 +296,13 @@ var ResonanceClient = class {
       }
       if (!response.ok) {
         const error = await response.json().catch(() => null);
-        const resonanceError = error && typeof error === "object" && "code" in error && "message" in error ? new ResonanceError(
-          error.code,
-          error.message,
-          error.details,
-          response.status
-        ) : new ResonanceError(
+        const resonanceError = error && typeof error === "object" && "code" in error && "message" in error ? new ResonanceError(error.code, error.message, error.details, response.status) : new ResonanceError(
           "INTERNAL_ERROR",
           error?.error || `HTTP ${response.status}`,
           void 0,
           response.status
         );
-        try {
-          this.onError?.(resonanceError, requestContext);
-        } catch (hookError) {
-          console.error("onError hook error:", hookError);
-        }
+        reportError(resonanceError);
         throw resonanceError;
       }
       const data = await response.json();
@@ -304,28 +320,38 @@ var ResonanceClient = class {
       }
       return data;
     } catch (error) {
-      clearTimeout(timeoutId);
+      if (timeoutId) {
+        clearTimeout(timeoutId);
+      }
+      if (error instanceof ResonanceError) {
+        if (error.code === ErrorCode.TIMEOUT) {
+          reportError(error);
+        }
+        throw error;
+      }
       if (error instanceof Error && error.name === "AbortError") {
         const timeoutError = new ResonanceError(
-          "TIMEOUT",
+          ErrorCode.TIMEOUT,
           `Request timed out after ${this.timeout}ms`,
           { url, timeout: this.timeout },
           408
         );
-        try {
-          this.onError?.(timeoutError, requestContext);
-        } catch (hookError) {
-          console.error("onError hook error:", hookError);
-        }
+        reportError(timeoutError);
+        throw timeoutError;
+      }
+      if (controller.signal.aborted) {
+        const timeoutError = new ResonanceError(
+          ErrorCode.TIMEOUT,
+          `Request timed out after ${this.timeout}ms`,
+          { url, timeout: this.timeout },
+          408
+        );
+        reportError(timeoutError);
         throw timeoutError;
       }
       if (error instanceof Error) {
-        const networkError = error instanceof ResonanceError ? error : new ResonanceError("NETWORK_ERROR", error.message, void 0, 0);
-        try {
-          this.onError?.(networkError, requestContext);
-        } catch (hookError) {
-          console.error("onError hook error:", hookError);
-        }
+        const networkError = new ResonanceError(ErrorCode.NETWORK_ERROR, error.message, void 0, 0);
+        reportError(networkError);
         throw networkError;
       }
       throw error;
@@ -347,6 +373,12 @@ var ResonanceClient = class {
       })
     });
   }
+  /**
+   * Get current authenticated session metadata from server.
+   */
+  async getSession() {
+    return this.request("/eth/v1/auth/session");
+  }
   /**
    * Refresh the access token using the refresh token cookie.
    * Returns { success: boolean, expires_at?: number }
@@ -360,13 +392,18 @@ var ResonanceClient = class {
         headers: { "Content-Type": "application/json" }
       });
       if (response.ok) {
-        const data = await response.json();
+        const data2 = await response.json();
         return {
-          success: data.success === true,
-          expires_at: data.expires_at
+          success: data2.success === true,
+          expires_at: data2.expires_at
         };
       }
-      return { success: false };
+      const data = await response.json().catch(() => ({}));
+      return {
+        success: false,
+        error: typeof data.error === "string" ? data.error : "refresh_failed",
+        requires_login: data.requires_login === true
+      };
     } catch {
       return { success: false };
     }
@@ -436,7 +473,7 @@ var ResonanceClient = class {
     return this.request(`/eth/v1/referral/key/${key}`);
   }
   async getValidatorKeys(address) {
-    return this.request(`/eth/v1/referral/validator/${address}`);
+    return this.request(`/eth/v1/referral/validator/${address}/keys`);
   }
   async checkWhitelist(data) {
     return this.request("/eth/v1/referral/whitelist", {
@@ -469,23 +506,15 @@ var ResonanceClient = class {
   async uploadUserAvatar(address, file) {
     const formData = new FormData();
     formData.append("file", file);
-    const response = await fetch(
-      `${this.baseUrl}/eth/v1/user/${address}/avatar`,
-      {
-        method: "POST",
-        credentials: "include",
-        // Send httpOnly cookies
-        body: formData
-      }
-    );
+    const response = await fetch(`${this.baseUrl}/eth/v1/user/${address}/avatar`, {
+      method: "POST",
+      credentials: "include",
+      // Send httpOnly cookies
+      body: formData
+    });
     if (!response.ok) {
       const error = await response.json().catch(() => ({ error: "Upload failed" }));
-      throw new ResonanceError(
-        "UPLOAD_FAILED",
-        error.error || "Failed to upload avatar",
-        void 0,
-        response.status
-      );
+      throw new ResonanceError("UPLOAD_FAILED", error.error || "Failed to upload avatar", void 0, response.status);
     }
     return response.json();
   }

package/dist/index.mjs

@@ -179,7 +179,7 @@ var ResonanceClient = class {
         if (attempt >= this.retries) {
           throw error;
         }
-        const delay = this.retryDelay * Math.pow(2, attempt);
+        const delay = this.retryDelay * 2 ** attempt;
         await new Promise((resolve) => setTimeout(resolve, delay));
       }
     }
@@ -203,28 +203,53 @@ var ResonanceClient = class {
       timestamp: startTime,
       attemptNumber
     };
+    const reportError = (error) => {
+      try {
+        this.onError?.(error, requestContext);
+      } catch (hookError) {
+        console.error("onError hook error:", hookError);
+      }
+    };
     try {
       this.onRequest?.(requestContext);
     } catch (hookError) {
       console.error("onRequest hook error:", hookError);
     }
     const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+    let timeoutId = null;
+    const timeoutPromise = new Promise((_, reject) => {
+      timeoutId = setTimeout(() => {
+        controller.abort();
+        reject(
+          new ResonanceError(
+            ErrorCode.TIMEOUT,
+            `Request timed out after ${this.timeout}ms`,
+            { url, timeout: this.timeout },
+            408
+          )
+        );
+      }, this.timeout);
+    });
     try {
-      const response = await fetch(url, {
-        ...options,
-        headers,
-        credentials: "include",
-        // ✅ Send httpOnly cookies automatically
-        signal: controller.signal
-      });
-      clearTimeout(timeoutId);
+      const response = await Promise.race([
+        fetch(url, {
+          ...options,
+          headers,
+          credentials: "include",
+          // Send httpOnly cookies automatically
+          signal: controller.signal
+        }),
+        timeoutPromise
+      ]);
+      if (timeoutId) {
+        clearTimeout(timeoutId);
+      }
       const duration = Date.now() - startTime;
       if (response.status === 401 && !this.isRefreshing) {
         this.isRefreshing = true;
-        const refreshed = await this.refresh();
+        const refreshResult = await this.refresh();
         this.isRefreshing = false;
-        if (refreshed) {
+        if (refreshResult.success) {
           return this.executeRequest(path, options, attemptNumber);
         }
         eventBus.emit("api:unauthorized", {
@@ -235,22 +260,13 @@ var ResonanceClient = class {
       }
       if (!response.ok) {
         const error = await response.json().catch(() => null);
-        const resonanceError = error && typeof error === "object" && "code" in error && "message" in error ? new ResonanceError(
-          error.code,
-          error.message,
-          error.details,
-          response.status
-        ) : new ResonanceError(
+        const resonanceError = error && typeof error === "object" && "code" in error && "message" in error ? new ResonanceError(error.code, error.message, error.details, response.status) : new ResonanceError(
           "INTERNAL_ERROR",
           error?.error || `HTTP ${response.status}`,
           void 0,
           response.status
         );
-        try {
-          this.onError?.(resonanceError, requestContext);
-        } catch (hookError) {
-          console.error("onError hook error:", hookError);
-        }
+        reportError(resonanceError);
         throw resonanceError;
       }
       const data = await response.json();
@@ -268,28 +284,38 @@ var ResonanceClient = class {
       }
       return data;
     } catch (error) {
-      clearTimeout(timeoutId);
+      if (timeoutId) {
+        clearTimeout(timeoutId);
+      }
+      if (error instanceof ResonanceError) {
+        if (error.code === ErrorCode.TIMEOUT) {
+          reportError(error);
+        }
+        throw error;
+      }
       if (error instanceof Error && error.name === "AbortError") {
         const timeoutError = new ResonanceError(
-          "TIMEOUT",
+          ErrorCode.TIMEOUT,
           `Request timed out after ${this.timeout}ms`,
           { url, timeout: this.timeout },
           408
         );
-        try {
-          this.onError?.(timeoutError, requestContext);
-        } catch (hookError) {
-          console.error("onError hook error:", hookError);
-        }
+        reportError(timeoutError);
+        throw timeoutError;
+      }
+      if (controller.signal.aborted) {
+        const timeoutError = new ResonanceError(
+          ErrorCode.TIMEOUT,
+          `Request timed out after ${this.timeout}ms`,
+          { url, timeout: this.timeout },
+          408
+        );
+        reportError(timeoutError);
         throw timeoutError;
       }
       if (error instanceof Error) {
-        const networkError = error instanceof ResonanceError ? error : new ResonanceError("NETWORK_ERROR", error.message, void 0, 0);
-        try {
-          this.onError?.(networkError, requestContext);
-        } catch (hookError) {
-          console.error("onError hook error:", hookError);
-        }
+        const networkError = new ResonanceError(ErrorCode.NETWORK_ERROR, error.message, void 0, 0);
+        reportError(networkError);
         throw networkError;
       }
       throw error;
@@ -311,6 +337,12 @@ var ResonanceClient = class {
       })
     });
   }
+  /**
+   * Get current authenticated session metadata from server.
+   */
+  async getSession() {
+    return this.request("/eth/v1/auth/session");
+  }
   /**
    * Refresh the access token using the refresh token cookie.
    * Returns { success: boolean, expires_at?: number }
@@ -324,13 +356,18 @@ var ResonanceClient = class {
         headers: { "Content-Type": "application/json" }
       });
       if (response.ok) {
-        const data = await response.json();
+        const data2 = await response.json();
         return {
-          success: data.success === true,
-          expires_at: data.expires_at
+          success: data2.success === true,
+          expires_at: data2.expires_at
         };
       }
-      return { success: false };
+      const data = await response.json().catch(() => ({}));
+      return {
+        success: false,
+        error: typeof data.error === "string" ? data.error : "refresh_failed",
+        requires_login: data.requires_login === true
+      };
     } catch {
       return { success: false };
     }
@@ -400,7 +437,7 @@ var ResonanceClient = class {
     return this.request(`/eth/v1/referral/key/${key}`);
   }
   async getValidatorKeys(address) {
-    return this.request(`/eth/v1/referral/validator/${address}`);
+    return this.request(`/eth/v1/referral/validator/${address}/keys`);
   }
   async checkWhitelist(data) {
     return this.request("/eth/v1/referral/whitelist", {
@@ -433,23 +470,15 @@ var ResonanceClient = class {
   async uploadUserAvatar(address, file) {
     const formData = new FormData();
     formData.append("file", file);
-    const response = await fetch(
-      `${this.baseUrl}/eth/v1/user/${address}/avatar`,
-      {
-        method: "POST",
-        credentials: "include",
-        // Send httpOnly cookies
-        body: formData
-      }
-    );
+    const response = await fetch(`${this.baseUrl}/eth/v1/user/${address}/avatar`, {
+      method: "POST",
+      credentials: "include",
+      // Send httpOnly cookies
+      body: formData
+    });
     if (!response.ok) {
       const error = await response.json().catch(() => ({ error: "Upload failed" }));
-      throw new ResonanceError(
-        "UPLOAD_FAILED",
-        error.error || "Failed to upload avatar",
-        void 0,
-        response.status
-      );
+      throw new ResonanceError("UPLOAD_FAILED", error.error || "Failed to upload avatar", void 0, response.status);
     }
     return response.json();
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fenelabs/fene-sdk",
-  "version": "0.7.3",
+  "version": "0.8.0",
   "description": "TypeScript SDK for Fene API",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -12,9 +12,7 @@
       "types": "./dist/index.d.ts"
     }
   },
-  "files": [
-    "dist"
-  ],
+  "files": ["dist"],
   "scripts": {
     "build": "tsup src/index.ts --format cjs,esm --dts --clean",
     "dev": "tsup src/index.ts --format cjs,esm --dts --watch",
@@ -23,13 +21,7 @@
     "watch": "esbuild src/app.ts --bundle --sourcemap --outdir=www --servedir=www --watch",
     "prepublishOnly": "pnpm run build"
   },
-  "keywords": [
-    "resonance",
-    "api",
-    "sdk",
-    "blockchain",
-    "fene"
-  ],
+  "keywords": ["resonance", "api", "sdk", "blockchain", "fene"],
   "author": "Fene Labs",
   "license": "MIT",
   "repository": {