npm - @fluid-app/rep-sdk - Versions diffs - 0.1.0 → 0.1.1 - Mend

@fluid-app/rep-sdk 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.cjs CHANGED Viewed

@@ -45,6 +45,45 @@ var HTTP_METHODS = {
   DELETE: "DELETE"
 };
+// src/auth/auth-redirect.ts
+var DEFAULT_AUTH_URL = "https://auth.fluid.app";
+var AUTH_REDIRECT_TOKEN_KEY = "jwt";
+var REDIRECT_TIMESTAMP_KEY = "__fluid_auth_redirect_ts";
+var REDIRECT_COOLDOWN_S = 10;
+function isRedirectLoop() {
+  try {
+    const ts = sessionStorage.getItem(REDIRECT_TIMESTAMP_KEY);
+    if (!ts) return false;
+    const elapsed = (Date.now() - Number(ts)) / 1e3;
+    return elapsed < REDIRECT_COOLDOWN_S;
+  } catch {
+    return false;
+  }
+}
+function markRedirect() {
+  try {
+    sessionStorage.setItem(REDIRECT_TIMESTAMP_KEY, String(Date.now()));
+  } catch {
+  }
+}
+function createDefaultAuthRedirect(authUrl) {
+  return () => {
+    if (isRedirectLoop()) {
+      console.warn(
+        "[FluidAuth] Auth redirect suppressed \u2014 possible redirect loop. Check that your auth server returns a token accepted by the API."
+      );
+      return;
+    }
+    markRedirect();
+    const base = authUrl ?? DEFAULT_AUTH_URL;
+    const currentUrl = encodeURIComponent(window.location.href);
+    window.location.href = `${base}/?redirect_url=${currentUrl}`;
+  };
+}
+function resolveAuthFailureHandler(onAuthFailure, authUrl) {
+  return onAuthFailure ?? createDefaultAuthRedirect(authUrl);
+}
 // src/client/fluid-client.ts
 var ApiError = class _ApiError extends Error {
   status;
@@ -88,6 +127,7 @@ function extractErrorMessage(data, fallback) {
 }
 function createFluidClient(config) {
   const { baseUrl, getAuthToken, onAuthError, defaultHeaders = {} } = config;
+  const effectiveOnAuthError = onAuthError ?? createDefaultAuthRedirect();
   async function buildHeaders(customHeaders) {
     const headers = {
       "Content-Type": "application/json",
@@ -173,8 +213,8 @@ function createFluidClient(config) {
         null
       );
     }
-    if (response.status === 401 && onAuthError) {
-      onAuthError();
+    if (response.status === 401) {
+      effectiveOnAuthError();
     }
     if (!response.ok) {
       try {
@@ -776,6 +816,7 @@ function FluidAuthProvider({
   const [error, setError] = react.useState(null);
   react.useEffect(() => {
     const initializeAuth = async () => {
+      const handleAuthFailure = resolveAuthFailureHandler(config?.onAuthFailure, config?.authUrl);
       try {
         if (isDevBypassActive(config?.devBypass)) {
           const envToken = undefined.VITE_DEV_TOKEN;
@@ -803,7 +844,11 @@ function FluidAuthProvider({
         }
         const tokenKey = config?.tokenKey ?? "fluidUserToken";
         let candidateToken = extractTokenFromUrl(tokenKey);
+        if (!candidateToken && tokenKey !== AUTH_REDIRECT_TOKEN_KEY) {
+          candidateToken = extractTokenFromUrl(AUTH_REDIRECT_TOKEN_KEY);
+        }
         cleanTokenFromUrl(tokenKey);
+        cleanTokenFromUrl(AUTH_REDIRECT_TOKEN_KEY);
         if (!candidateToken) {
           candidateToken = getStoredToken(config);
         }
@@ -816,7 +861,7 @@ function FluidAuthProvider({
               setToken(null);
               setUser(null);
               setError(new Error("JWT signature verification failed"));
-              config?.onAuthFailure?.();
+              handleAuthFailure();
               return;
             }
             if (isTokenExpired(candidateToken, config?.gracePeriodMs)) {
@@ -824,7 +869,7 @@ function FluidAuthProvider({
               setToken(null);
               setUser(null);
               setError(new Error("Token has expired"));
-              config?.onAuthFailure?.();
+              handleAuthFailure();
               return;
             }
           } else {
@@ -839,7 +884,7 @@ function FluidAuthProvider({
               setToken(null);
               setUser(null);
               setError(new Error(validation.error ?? "Invalid token"));
-              config?.onAuthFailure?.();
+              handleAuthFailure();
               return;
             }
           }
@@ -851,14 +896,14 @@ function FluidAuthProvider({
           setToken(null);
           setUser(null);
           setError(new Error("No authentication token found"));
-          config?.onAuthFailure?.();
+          handleAuthFailure();
         }
       } catch (err) {
         const error2 = err instanceof Error ? err : new Error("Authentication error");
         setError(error2);
         setToken(null);
         setUser(null);
-        config?.onAuthFailure?.();
+        handleAuthFailure();
       } finally {
         setIsLoading(false);
       }
@@ -2353,6 +2398,7 @@ exports.BUILT_IN_THEMES = export_BUILT_IN_THEMES;
 exports.CORE_COLOR_KEYS = export_CORE_COLOR_KEYS;
 exports.CORE_PAGE_IDS = CORE_PAGE_IDS;
 exports.CURRENT_REP_QUERY_KEY = CURRENT_REP_QUERY_KEY;
+exports.DEFAULT_AUTH_URL = DEFAULT_AUTH_URL;
 exports.DEFAULT_CORE_COLORS = export_DEFAULT_CORE_COLORS;
 exports.FluidAuthProvider = FluidAuthProvider;
 exports.FluidProvider = FluidProvider;
@@ -2370,6 +2416,7 @@ exports.catppuccinMocha = export_catppuccinMocha;
 exports.clampChroma = export_clampChroma;
 exports.cleanTokenFromUrl = cleanTokenFromUrl;
 exports.clearTokens = clearTokens;
+exports.createDefaultAuthRedirect = createDefaultAuthRedirect;
 exports.createFluidClient = createFluidClient;
 exports.decodeToken = decodeToken;
 exports.defaultTheme = export_defaultTheme;