npm - @fluid-app/rep-sdk - Versions diffs - 0.1.0 → 0.1.2 - Mend

@fluid-app/rep-sdk 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.cjs CHANGED Viewed

@@ -45,6 +45,45 @@ var HTTP_METHODS = {
   DELETE: "DELETE"
 };
+// src/auth/auth-redirect.ts
+var DEFAULT_AUTH_URL = "https://auth.fluid.app";
+var AUTH_REDIRECT_TOKEN_KEY = "jwt";
+var REDIRECT_TIMESTAMP_KEY = "__fluid_auth_redirect_ts";
+var REDIRECT_COOLDOWN_S = 10;
+function isRedirectLoop() {
+  try {
+    const ts = sessionStorage.getItem(REDIRECT_TIMESTAMP_KEY);
+    if (!ts) return false;
+    const elapsed = (Date.now() - Number(ts)) / 1e3;
+    return elapsed < REDIRECT_COOLDOWN_S;
+  } catch {
+    return false;
+  }
+}
+function markRedirect() {
+  try {
+    sessionStorage.setItem(REDIRECT_TIMESTAMP_KEY, String(Date.now()));
+  } catch {
+  }
+}
+function createDefaultAuthRedirect(authUrl) {
+  return () => {
+    if (isRedirectLoop()) {
+      console.warn(
+        "[FluidAuth] Auth redirect suppressed \u2014 possible redirect loop. Check that your auth server returns a token accepted by the API."
+      );
+      return;
+    }
+    markRedirect();
+    const base = authUrl ?? DEFAULT_AUTH_URL;
+    const currentUrl = encodeURIComponent(window.location.href);
+    window.location.href = `${base}/?redirect_url=${currentUrl}`;
+  };
+}
+function resolveAuthFailureHandler(onAuthFailure, authUrl) {
+  return onAuthFailure ?? createDefaultAuthRedirect(authUrl);
+}
 // src/client/fluid-client.ts
 var ApiError = class _ApiError extends Error {
   status;
@@ -88,6 +127,7 @@ function extractErrorMessage(data, fallback) {
 }
 function createFluidClient(config) {
   const { baseUrl, getAuthToken, onAuthError, defaultHeaders = {} } = config;
+  const effectiveOnAuthError = onAuthError ?? createDefaultAuthRedirect();
   async function buildHeaders(customHeaders) {
     const headers = {
       "Content-Type": "application/json",
@@ -173,8 +213,9 @@ function createFluidClient(config) {
         null
       );
     }
-    if (response.status === 401 && onAuthError) {
-      onAuthError();
+    if (response.status === 401) {
+      effectiveOnAuthError();
+      return null;
     }
     if (!response.ok) {
       try {
@@ -335,6 +376,16 @@ function createFluidClient(config) {
 var ThemeContext = react.createContext(null);
 function applyThemeVariables(theme, container) {
   const target = container ?? document.documentElement;
+  const toRemove = [];
+  for (let i = 0; i < target.style.length; i++) {
+    const prop = target.style[i];
+    if (prop.startsWith("--fluid-")) {
+      toRemove.push(prop);
+    }
+  }
+  for (const prop of toRemove) {
+    target.style.removeProperty(prop);
+  }
   for (const [key, value] of Object.entries(theme.config)) {
     target.style.setProperty(`--fluid-${key}`, value);
   }
@@ -401,7 +452,11 @@ function FluidProvider({
   const configRef = react.useRef(config);
   configRef.current = config;
   const client = react.useMemo(
-    () => createFluidClient(configRef.current),
+    () => createFluidClient({
+      ...configRef.current,
+      getAuthToken: () => configRef.current.getAuthToken?.() ?? null,
+      onAuthError: () => configRef.current.onAuthError?.()
+    }),
     // eslint-disable-next-line react-hooks/exhaustive-deps
     [config.baseUrl]
   );
@@ -454,10 +509,12 @@ var URL_PARAMS = {
   COMPANY_TOKEN: "fluidCompanyToken"
 };
-// src/auth/url-token.ts
+// src/auth/browser-utils.ts
 function isBrowser() {
-  return typeof window !== "undefined";
+  return typeof window !== "undefined" && typeof document !== "undefined";
 }
+// src/auth/url-token.ts
 function extractTokenFromUrl(tokenKey = URL_PARAMS.USER_TOKEN) {
   if (!isBrowser()) {
     return null;
@@ -528,11 +585,8 @@ function extractAllTokensFromUrl(userTokenKey = URL_PARAMS.USER_TOKEN, companyTo
 }
 // src/auth/token-storage.ts
-function isBrowser2() {
-  return typeof window !== "undefined" && typeof document !== "undefined";
-}
 function parseCookies() {
-  if (!isBrowser2()) {
+  if (!isBrowser()) {
     return {};
   }
   const cookies = {};
@@ -549,7 +603,7 @@ function parseCookies() {
   return cookies;
 }
 function setCookie(name, value, options = {}) {
-  if (!isBrowser2()) {
+  if (!isBrowser()) {
     return;
   }
   const {
@@ -568,13 +622,13 @@ function setCookie(name, value, options = {}) {
   document.cookie = cookieString;
 }
 function deleteCookie(name, path = "/") {
-  if (!isBrowser2()) {
+  if (!isBrowser()) {
     return;
   }
   document.cookie = `${name}=; path=${path}; max-age=0`;
 }
 function getStoredToken(config) {
-  if (!isBrowser2()) {
+  if (!isBrowser()) {
     return null;
   }
   const cookieKey = config?.cookieKey ?? STORAGE_KEYS.AUTH_COOKIE;
@@ -591,7 +645,7 @@ function getStoredToken(config) {
   }
 }
 function storeToken(token, config) {
-  if (!isBrowser2()) {
+  if (!isBrowser()) {
     return;
   }
   const cookieKey = config?.cookieKey ?? STORAGE_KEYS.AUTH_COOKIE;
@@ -614,7 +668,7 @@ function storeToken(token, config) {
   }
 }
 function clearTokens(config) {
-  if (!isBrowser2()) {
+  if (!isBrowser()) {
     return;
   }
   const cookieKey = config?.cookieKey ?? STORAGE_KEYS.AUTH_COOKIE;
@@ -631,16 +685,31 @@ function clearTokens(config) {
 function hasStoredToken(config) {
   return getStoredToken(config) !== null;
 }
+// src/auth/types.ts
+var USER_TYPES = {
+  admin: "admin",
+  rep: "rep",
+  root_admin: "root_admin",
+  customer: "customer"
+};
+function isUserType(value) {
+  return Object.values(USER_TYPES).includes(value);
+}
+// src/auth/token-utils.ts
 function extractPayloadFromJose(decoded) {
+  const rawUserType = decoded.user_type;
+  const rawOgUserType = decoded.og_user_type;
   return {
-    id: decoded.id,
-    email: decoded.email,
-    full_name: decoded.full_name,
-    user_type: decoded.user_type ?? "rep",
-    og_user_type: decoded.og_user_type,
-    company_id: decoded.company_id,
+    id: typeof decoded.id === "number" ? decoded.id : void 0,
+    email: typeof decoded.email === "string" ? decoded.email : void 0,
+    full_name: typeof decoded.full_name === "string" ? decoded.full_name : void 0,
+    user_type: typeof rawUserType === "string" && isUserType(rawUserType) ? rawUserType : "rep",
+    og_user_type: typeof rawOgUserType === "string" && isUserType(rawOgUserType) ? rawOgUserType : void 0,
+    company_id: typeof decoded.company_id === "number" ? decoded.company_id : void 0,
     exp: decoded.exp,
-    auth_type: decoded.auth_type
+    auth_type: typeof decoded.auth_type === "string" ? decoded.auth_type : void 0
   };
 }
 function decodeToken(token) {
@@ -730,17 +799,6 @@ async function verifyToken(token, jwksUrl) {
   }
 }
-// src/auth/types.ts
-var USER_TYPES = {
-  admin: "admin",
-  rep: "rep",
-  root_admin: "root_admin",
-  customer: "customer"
-};
-function isUserType(value) {
-  return Object.values(USER_TYPES).includes(value);
-}
 // src/auth/dev-utils.ts
 function isDevBypassActive(devBypass) {
   if (!devBypass) return false;
@@ -752,12 +810,14 @@ function isDevBypassActive(devBypass) {
 }
 function createDevUser() {
   return {
-    id: 0,
+    id: 99999,
+    // Dev placeholder — avoids falsy 0
     email: "dev@localhost",
     full_name: "Dev User",
     user_type: USER_TYPES.rep,
     og_user_type: void 0,
-    company_id: 0,
+    company_id: 99999,
+    // Dev placeholder — avoids falsy 0
     exp: void 0,
     // Never expires
     auth_type: "dev_bypass"
@@ -776,6 +836,11 @@ function FluidAuthProvider({
   const [error, setError] = react.useState(null);
   react.useEffect(() => {
     const initializeAuth = async () => {
+      const handleAuthFailure = () => {
+        const current = configRef.current;
+        const handler = resolveAuthFailureHandler(current?.onAuthFailure, current?.authUrl);
+        handler();
+      };
       try {
         if (isDevBypassActive(config?.devBypass)) {
           const envToken = undefined.VITE_DEV_TOKEN;
@@ -803,7 +868,11 @@ function FluidAuthProvider({
         }
         const tokenKey = config?.tokenKey ?? "fluidUserToken";
         let candidateToken = extractTokenFromUrl(tokenKey);
+        if (!candidateToken && tokenKey !== AUTH_REDIRECT_TOKEN_KEY) {
+          candidateToken = extractTokenFromUrl(AUTH_REDIRECT_TOKEN_KEY);
+        }
         cleanTokenFromUrl(tokenKey);
+        cleanTokenFromUrl(AUTH_REDIRECT_TOKEN_KEY);
         if (!candidateToken) {
           candidateToken = getStoredToken(config);
         }
@@ -816,7 +885,7 @@ function FluidAuthProvider({
               setToken(null);
               setUser(null);
               setError(new Error("JWT signature verification failed"));
-              config?.onAuthFailure?.();
+              handleAuthFailure();
               return;
             }
             if (isTokenExpired(candidateToken, config?.gracePeriodMs)) {
@@ -824,7 +893,7 @@ function FluidAuthProvider({
               setToken(null);
               setUser(null);
               setError(new Error("Token has expired"));
-              config?.onAuthFailure?.();
+              handleAuthFailure();
               return;
             }
           } else {
@@ -839,7 +908,7 @@ function FluidAuthProvider({
               setToken(null);
               setUser(null);
               setError(new Error(validation.error ?? "Invalid token"));
-              config?.onAuthFailure?.();
+              handleAuthFailure();
               return;
             }
           }
@@ -851,14 +920,14 @@ function FluidAuthProvider({
           setToken(null);
           setUser(null);
           setError(new Error("No authentication token found"));
-          config?.onAuthFailure?.();
+          handleAuthFailure();
         }
       } catch (err) {
         const error2 = err instanceof Error ? err : new Error("Authentication error");
         setError(error2);
         setToken(null);
         setUser(null);
-        config?.onAuthFailure?.();
+        handleAuthFailure();
       } finally {
         setIsLoading(false);
       }
@@ -1894,7 +1963,19 @@ function AuthError({
     }
   );
 }
+var SPIN_STYLE_ID = "fluid-auth-loading-spin";
+function ensureSpinStyle() {
+  if (typeof document === "undefined") return;
+  if (document.getElementById(SPIN_STYLE_ID)) return;
+  const style = document.createElement("style");
+  style.id = SPIN_STYLE_ID;
+  style.textContent = `@keyframes spin { to { transform: rotate(360deg); } }`;
+  document.head.appendChild(style);
+}
 function AuthLoading() {
+  react.useEffect(() => {
+    ensureSpinStyle();
+  }, []);
   return /* @__PURE__ */ jsxRuntime.jsxs(
     "div",
     {
@@ -1931,12 +2012,7 @@ function AuthLoading() {
             },
             children: "Authenticating..."
           }
-        ),
-        /* @__PURE__ */ jsxRuntime.jsx("style", { children: `
-        @keyframes spin {
-          to { transform: rotate(360deg); }
-        }
-      ` })
+        )
       ]
     }
   );
@@ -2353,6 +2429,7 @@ exports.BUILT_IN_THEMES = export_BUILT_IN_THEMES;
 exports.CORE_COLOR_KEYS = export_CORE_COLOR_KEYS;
 exports.CORE_PAGE_IDS = CORE_PAGE_IDS;
 exports.CURRENT_REP_QUERY_KEY = CURRENT_REP_QUERY_KEY;
+exports.DEFAULT_AUTH_URL = DEFAULT_AUTH_URL;
 exports.DEFAULT_CORE_COLORS = export_DEFAULT_CORE_COLORS;
 exports.FluidAuthProvider = FluidAuthProvider;
 exports.FluidProvider = FluidProvider;
@@ -2370,6 +2447,7 @@ exports.catppuccinMocha = export_catppuccinMocha;
 exports.clampChroma = export_clampChroma;
 exports.cleanTokenFromUrl = cleanTokenFromUrl;
 exports.clearTokens = clearTokens;
+exports.createDefaultAuthRedirect = createDefaultAuthRedirect;
 exports.createFluidClient = createFluidClient;
 exports.decodeToken = decodeToken;
 exports.defaultTheme = export_defaultTheme;