npm - @fluxbase/sdk - Versions diffs - 0.0.1-rc.116 → 0.0.1-rc.118 - Mend

@fluxbase/sdk 0.0.1-rc.116 → 0.0.1-rc.118

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.cts CHANGED Viewed

@@ -3784,10 +3784,11 @@ declare class FluxbaseAuth {
      * Send password reset email (Supabase-compatible)
      * Sends a password reset link to the provided email address
      * @param email - Email address to send reset link to
-     * @param options - Optional configuration including CAPTCHA token
+     * @param options - Optional configuration including redirect URL and CAPTCHA token
      * @returns Promise with OTP-style response
      */
     sendPasswordReset(email: string, options?: {
+        redirectTo?: string;
         captchaToken?: string;
     }): Promise<DataResponse<PasswordResetResponse>>;
     /**
@@ -3845,8 +3846,9 @@ declare class FluxbaseAuth {
      * Exchange OAuth authorization code for session
      * This is typically called in your OAuth callback handler
      * @param code - Authorization code from OAuth callback
+     * @param state - State parameter from OAuth callback (for CSRF protection)
      */
-    exchangeCodeForSession(code: string): Promise<FluxbaseAuthResponse>;
+    exchangeCodeForSession(code: string, state?: string): Promise<FluxbaseAuthResponse>;
     /**
      * Convenience method to initiate OAuth sign-in
      * Redirects the user to the OAuth provider's authorization page

package/dist/index.d.ts CHANGED Viewed

@@ -3784,10 +3784,11 @@ declare class FluxbaseAuth {
      * Send password reset email (Supabase-compatible)
      * Sends a password reset link to the provided email address
      * @param email - Email address to send reset link to
-     * @param options - Optional configuration including CAPTCHA token
+     * @param options - Optional configuration including redirect URL and CAPTCHA token
      * @returns Promise with OTP-style response
      */
     sendPasswordReset(email: string, options?: {
+        redirectTo?: string;
         captchaToken?: string;
     }): Promise<DataResponse<PasswordResetResponse>>;
     /**
@@ -3845,8 +3846,9 @@ declare class FluxbaseAuth {
      * Exchange OAuth authorization code for session
      * This is typically called in your OAuth callback handler
      * @param code - Authorization code from OAuth callback
+     * @param state - State parameter from OAuth callback (for CSRF protection)
      */
-    exchangeCodeForSession(code: string): Promise<FluxbaseAuthResponse>;
+    exchangeCodeForSession(code: string, state?: string): Promise<FluxbaseAuthResponse>;
     /**
      * Convenience method to initiate OAuth sign-in
      * Redirects the user to the OAuth provider's authorization page

package/dist/index.js CHANGED Viewed

@@ -331,6 +331,7 @@ async function wrapAsyncVoid(operation) {
 // src/auth.ts
 var AUTH_STORAGE_KEY = "fluxbase.auth.session";
+var OAUTH_PROVIDER_KEY = "fluxbase.auth.oauth_provider";
 var AUTO_REFRESH_TICK_THRESHOLD = 10;
 var AUTO_REFRESH_TICK_MINIMUM = 1e3;
 var MAX_REFRESH_RETRIES = 3;
@@ -755,12 +756,15 @@ var FluxbaseAuth = class {
    * Send password reset email (Supabase-compatible)
    * Sends a password reset link to the provided email address
    * @param email - Email address to send reset link to
-   * @param options - Optional configuration including CAPTCHA token
+   * @param options - Optional configuration including redirect URL and CAPTCHA token
    * @returns Promise with OTP-style response
    */
   async sendPasswordReset(email, options) {
     return wrapAsync(async () => {
       const requestBody = { email };
+      if (options?.redirectTo) {
+        requestBody.redirect_to = options.redirectTo;
+      }
       if (options?.captchaToken) {
         requestBody.captcha_token = options.captchaToken;
       }
@@ -776,6 +780,7 @@ var FluxbaseAuth = class {
    */
   async resetPasswordForEmail(email, options) {
     return this.sendPasswordReset(email, {
+      redirectTo: options?.redirectTo,
       captchaToken: options?.captchaToken
     });
   }
@@ -908,13 +913,22 @@ var FluxbaseAuth = class {
    * Exchange OAuth authorization code for session
    * This is typically called in your OAuth callback handler
    * @param code - Authorization code from OAuth callback
+   * @param state - State parameter from OAuth callback (for CSRF protection)
    */
-  async exchangeCodeForSession(code) {
+  async exchangeCodeForSession(code, state) {
     return wrapAsync(async () => {
-      const response = await this.fetch.post(
-        "/api/v1/auth/oauth/callback",
-        { code }
+      const provider = this.storage?.getItem(OAUTH_PROVIDER_KEY);
+      if (!provider) {
+        throw new Error("No OAuth provider found. Call signInWithOAuth first.");
+      }
+      const params = new URLSearchParams({ code });
+      if (state) {
+        params.append("state", state);
+      }
+      const response = await this.fetch.get(
+        `/api/v1/auth/oauth/${provider}/callback?${params.toString()}`
       );
+      this.storage?.removeItem(OAUTH_PROVIDER_KEY);
       const session = {
         ...response,
         expires_at: Date.now() + response.expires_in * 1e3
@@ -937,6 +951,7 @@ var FluxbaseAuth = class {
       }
       const url = result.data.url;
       if (typeof window !== "undefined") {
+        this.storage?.setItem(OAUTH_PROVIDER_KEY, provider);
         window.location.href = url;
       } else {
         throw new Error(