@forge-connect/react 0.1.0 → 1.0.0

package/dist/index.js

@@ -1,12 +1,5 @@
-var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
-  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
-}) : x)(function(x) {
-  if (typeof require !== "undefined") return require.apply(this, arguments);
-  throw Error('Dynamic require of "' + x + '" is not supported');
-});
-
 // src/provider.tsx
-import { useState as useState4, useCallback, useEffect as useEffect3, useRef as useRef3 } from "react";
+import { useState as useState16, useCallback as useCallback8, useEffect as useEffect12, useRef as useRef8, useMemo as useMemo3 } from "react";
 
 // src/context.ts
 import { createContext } from "react";
@@ -25,7 +18,22 @@ var ForgeConnectApiError = class extends Error {
 };
 function createApiClient(apiUrl) {
   const base = apiUrl.replace(/\/+$/, "");
+  const inflightRequests = /* @__PURE__ */ new Map();
   async function request(path, options = {}) {
+    const { method = "GET", body, token } = options;
+    if (method === "GET" && token) {
+      const dedupKey = `${path}:${token}`;
+      const inflight = inflightRequests.get(dedupKey);
+      if (inflight) return inflight;
+      const promise = doRequest(path, options).finally(() => {
+        inflightRequests.delete(dedupKey);
+      });
+      inflightRequests.set(dedupKey, promise);
+      return promise;
+    }
+    return doRequest(path, options);
+  }
+  async function doRequest(path, options = {}) {
     const { method = "GET", body, token } = options;
     const headers = {
       "Content-Type": "application/json"
@@ -50,6 +58,28 @@ function createApiClient(apiUrl) {
     }
     return res.json();
   }
+  async function serviceRequest(path, options) {
+    const { method = "GET", body, serviceKey } = options;
+    const headers = {
+      "Content-Type": "application/json",
+      "x-service-key": serviceKey
+    };
+    const res = await fetch(`${base}${path}`, {
+      method,
+      headers,
+      body: body ? JSON.stringify(body) : void 0
+    });
+    if (!res.ok) {
+      let errorBody;
+      try {
+        errorBody = await res.json();
+      } catch {
+        throw new ForgeConnectApiError(res.status, "UNKNOWN", res.statusText);
+      }
+      throw new ForgeConnectApiError(res.status, errorBody.error.code, errorBody.error.message);
+    }
+    return res.json();
+  }
   return {
     // ── Auth: Email ──
     register(email, password, displayName) {
@@ -89,6 +119,31 @@ function createApiClient(apiUrl) {
         body: { challengeId, signature, walletAddress }
       });
     },
+    walletChallengeTx(walletAddress, chain = "solana") {
+      return request("/auth/wallet/challenge-tx", {
+        method: "POST",
+        body: { walletAddress, chain }
+      });
+    },
+    walletVerifyTx(challengeId, signedTransaction, walletAddress) {
+      return request("/auth/wallet/verify-tx", {
+        method: "POST",
+        body: { challengeId, signedTransaction, walletAddress }
+      });
+    },
+    // ── Auth: OAuth ──
+    exchangeOAuthCode(code) {
+      return request("/auth/oauth/exchange", {
+        method: "POST",
+        body: { code }
+      });
+    },
+    createLinkIntent(token) {
+      return request("/auth/oauth/link-intent", {
+        method: "POST",
+        token
+      });
+    },
     // ── Auth: Session ──
     refresh() {
       return request("/auth/refresh", { method: "POST" });
@@ -112,6 +167,13 @@ function createApiClient(apiUrl) {
         { method: "PATCH", token, body: data }
       );
     },
+    setPassword(token, newPassword, currentPassword) {
+      return request("/users/me/password", {
+        method: "POST",
+        token,
+        body: { newPassword, ...currentPassword ? { currentPassword } : {} }
+      });
+    },
     getAuthMethods(token) {
       return request(
         "/users/me/auth-methods",
@@ -125,6 +187,20 @@ function createApiClient(apiUrl) {
         body: data
       });
     },
+    linkOtpSend(token, email) {
+      return request("/users/me/auth-methods/otp/send", {
+        method: "POST",
+        token,
+        body: { email }
+      });
+    },
+    linkOtpVerify(token, email, code) {
+      return request("/users/me/auth-methods/otp/verify", {
+        method: "POST",
+        token,
+        body: { email, code }
+      });
+    },
     unlinkAuthMethod(token, id) {
       return request(`/users/me/auth-methods/${id}`, {
         method: "DELETE",
@@ -154,6 +230,173 @@ function createApiClient(apiUrl) {
         method: "DELETE",
         token
       });
+    },
+    // ── Auth: Email Verification & Password Reset ──
+    verifyEmailToken(token) {
+      return request("/auth/email/verify", {
+        method: "POST",
+        body: { token }
+      });
+    },
+    forgotPassword(email) {
+      return request("/auth/email/forgot-password", {
+        method: "POST",
+        body: { email }
+      });
+    },
+    resetPassword(token, password) {
+      return request("/auth/email/reset-password", {
+        method: "POST",
+        body: { token, password }
+      });
+    },
+    // ── 2FA ──
+    get2FAStatus(token) {
+      return request("/users/me/2fa/status", { token });
+    },
+    setup2FA(token) {
+      return request("/users/me/2fa/setup", { method: "POST", token });
+    },
+    enable2FA(token, code) {
+      return request("/users/me/2fa/enable", { method: "POST", token, body: { code } });
+    },
+    disable2FA(token, code) {
+      return request("/users/me/2fa", { method: "DELETE", token, body: { code } });
+    },
+    verify2FA(challengeToken, code) {
+      return request("/auth/2fa/verify", { method: "POST", body: { challengeToken, code } });
+    },
+    verifyRecoveryCode(challengeToken, code) {
+      return request("/auth/2fa/verify-recovery", { method: "POST", body: { challengeToken, code } });
+    },
+    regenerateRecoveryCodes(token, code) {
+      return request("/users/me/2fa/recovery-codes", { method: "POST", token, body: { code } });
+    },
+    // ── Passkeys ──
+    getPasskeys(token) {
+      return request("/users/me/passkeys", { token });
+    },
+    getPasskeyRegisterOptions(token, rpId, origin) {
+      return request("/auth/passkeys/register/options", { method: "POST", token, body: { rpId, origin } });
+    },
+    verifyPasskeyRegistration(token, challengeKey, response, name, rpId, origin) {
+      return request("/auth/passkeys/register/verify", { method: "POST", token, body: { challengeKey, response, name, rpId, origin } });
+    },
+    getPasskeyLoginOptions(rpId) {
+      return request("/auth/passkeys/login/options", { method: "POST", body: { rpId } });
+    },
+    verifyPasskeyLogin(challengeKey, response, rpId, origin) {
+      return request("/auth/passkeys/login/verify", { method: "POST", body: { challengeKey, response, rpId, origin } });
+    },
+    renamePasskey(token, id, name) {
+      return request(`/users/me/passkeys/${id}`, { method: "PATCH", token, body: { name } });
+    },
+    deletePasskey(token, id) {
+      return request(`/users/me/passkeys/${id}`, { method: "DELETE", token });
+    },
+    // ── Account Deletion ──
+    requestAccountDeletion(token) {
+      return request("/users/me/delete-request", {
+        method: "POST",
+        token
+      });
+    },
+    confirmAccountDeletion(token, code) {
+      return request("/users/me/delete-confirm", {
+        method: "POST",
+        token,
+        body: code ? { code } : {}
+      });
+    },
+    // ── Admin ──
+    adminListUsers(token, params) {
+      const query = new URLSearchParams();
+      if (params?.page) query.set("page", String(params.page));
+      if (params?.limit) query.set("limit", String(params.limit));
+      if (params?.search) query.set("search", params.search);
+      const qs = query.toString();
+      return request(`/admin/users${qs ? `?${qs}` : ""}`, { token });
+    },
+    adminGetUser(token, id) {
+      return request(`/admin/users/${id}`, { token });
+    },
+    adminUpdateUserStatus(token, id, status) {
+      return request(`/admin/users/${id}/status`, {
+        method: "PATCH",
+        token,
+        body: { status }
+      });
+    },
+    adminGetUserSessions(token, id) {
+      return request(`/admin/users/${id}/sessions`, { token });
+    },
+    adminRevokeUserSessions(token, id) {
+      return request(`/admin/users/${id}/sessions`, {
+        method: "DELETE",
+        token
+      });
+    },
+    // ── Roles ──
+    adminListRoles(token, tenantId) {
+      const query = new URLSearchParams();
+      if (tenantId) query.set("tenantId", tenantId);
+      const qs = query.toString();
+      return request(`/admin/roles${qs ? `?${qs}` : ""}`, { token });
+    },
+    adminGetRole(token, id) {
+      return request(`/admin/roles/${id}`, { token });
+    },
+    adminGetRoleUsers(token, id) {
+      return request(`/admin/roles/${id}/users`, { token });
+    },
+    adminCreateRole(token, data) {
+      return request("/admin/roles", { method: "POST", token, body: data });
+    },
+    adminUpdateRole(token, id, data) {
+      return request(`/admin/roles/${id}`, { method: "PATCH", token, body: data });
+    },
+    adminDeleteRole(token, id) {
+      return request(`/admin/roles/${id}`, { method: "DELETE", token });
+    },
+    adminGetPermissions(token) {
+      return request("/admin/roles/permissions", { token });
+    },
+    adminGetUserRoles(token, userId, tenantId) {
+      const query = new URLSearchParams();
+      if (tenantId) query.set("tenantId", tenantId);
+      const qs = query.toString();
+      return request(`/admin/users/${userId}/roles${qs ? `?${qs}` : ""}`, { token });
+    },
+    adminAssignRole(token, userId, roleId, tenantId) {
+      return request(`/admin/users/${userId}/roles`, {
+        method: "POST",
+        token,
+        body: { roleId, ...tenantId ? { tenantId } : {} }
+      });
+    },
+    adminRevokeRole(token, userId, roleId, tenantId) {
+      const query = new URLSearchParams();
+      if (tenantId) query.set("tenantId", tenantId);
+      const qs = query.toString();
+      return request(`/admin/users/${userId}/roles/${roleId}${qs ? `?${qs}` : ""}`, {
+        method: "DELETE",
+        token
+      });
+    },
+    // ── Service ──
+    serviceVerifyToken(serviceKey, accessToken, tenantId) {
+      return serviceRequest("/service/verify-token", {
+        method: "POST",
+        serviceKey,
+        body: { token: accessToken, ...tenantId ? { tenantId } : {} }
+      });
+    },
+    serviceUserByWallet(serviceKey, walletAddress, chain) {
+      return serviceRequest("/service/user-by-wallet", {
+        method: "POST",
+        serviceKey,
+        body: { walletAddress, chain }
+      });
     }
   };
 }
@@ -198,6 +441,9 @@ function getRefreshDelay(token) {
   return delay > 0 ? delay : 0;
 }
 
+// src/components/login-modal.tsx
+import { useState as useState6 } from "react";
+
 // src/hooks/use-forge-connect.ts
 import { useContext } from "react";
 function useForgeConnect() {
@@ -223,7 +469,9 @@ function ModalOverlay({ isOpen, onClose, children }) {
     document.body.style.overflow = "hidden";
     return () => {
       document.removeEventListener("keydown", handleKeyDown);
-      document.body.style.overflow = "";
+      if (!document.querySelector(".fc-overlay")) {
+        document.body.style.overflow = "";
+      }
     };
   }, [isOpen, onClose]);
   if (!isOpen) return null;
@@ -241,9 +489,66 @@ function ModalOverlay({ isOpen, onClose, children }) {
 
 // src/components/tabs/email-password.tsx
 import { useState } from "react";
+
+// src/resolve-config.ts
+var OAUTH_PROVIDERS = /* @__PURE__ */ new Set(["google", "discord", "twitter", "apple", "telegram"]);
+function isOAuthMethod(method) {
+  return OAUTH_PROVIDERS.has(method);
+}
+function resolveLoginMethods(config) {
+  if (config.loginMethods && config.loginMethods.length > 0) {
+    return config.loginMethods;
+  }
+  const methods = [];
+  if (config.oauthProviders) {
+    for (const p of config.oauthProviders) {
+      methods.push(p);
+    }
+  }
+  methods.push("email");
+  if (config.passwordlessLogin !== false) {
+    methods.push("otp");
+  }
+  if (config.walletLogin !== false) {
+    methods.push("wallet");
+  }
+  return methods;
+}
+function loginMethodToStep(method) {
+  switch (method) {
+    case "email":
+      return "email-login";
+    case "otp":
+      return "email-otp";
+    case "wallet":
+      return "wallet-connect";
+    case "passkey":
+      return "method-select";
+    // Passkey triggers browser API directly
+    default:
+      return "method-select";
+  }
+}
+function resolveInitialStep(config, methods) {
+  if (methods.length === 1 && !isOAuthMethod(methods[0])) {
+    return loginMethodToStep(methods[0]);
+  }
+  const defaultMethod = config.defaultLoginMethod;
+  if (!defaultMethod || !methods.includes(defaultMethod)) {
+    return "method-select";
+  }
+  if (isOAuthMethod(defaultMethod)) {
+    return "method-select";
+  }
+  return loginMethodToStep(defaultMethod);
+}
+
+// src/components/tabs/email-password.tsx
 import { jsx as jsx2, jsxs as jsxs2 } from "react/jsx-runtime";
 function EmailLoginForm() {
-  const { loginWithEmail, setModalStep } = useForgeConnect();
+  const { loginWithEmail, setModalStep, config } = useForgeConnect();
+  const methods = resolveLoginMethods(config);
+  const showBack = methods.length > 1;
   const [email, setEmail] = useState("");
   const [password, setPassword] = useState("");
   const [error, setError] = useState("");
@@ -255,7 +560,7 @@ function EmailLoginForm() {
     try {
       await loginWithEmail(email, password);
     } catch (err) {
-      setError(err instanceof Error ? err.message : "Login failed");
+      setError(err instanceof Error ? err.message : "Something went wrong. Please try again.");
     } finally {
       setLoading(false);
     }
@@ -297,11 +602,13 @@ function EmailLoginForm() {
       error && /* @__PURE__ */ jsx2("p", { className: "fc-error", children: error }),
       /* @__PURE__ */ jsx2("button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading, children: loading ? "Signing in..." : "Sign in" })
     ] }),
+    /* @__PURE__ */ jsx2("p", { className: "fc-switch", children: /* @__PURE__ */ jsx2("button", { type: "button", className: "fc-link", onClick: () => setModalStep("forgot-password"), children: "Forgot password?" }) }),
     /* @__PURE__ */ jsxs2("p", { className: "fc-switch", children: [
       "Don't have an account?",
       " ",
       /* @__PURE__ */ jsx2("button", { type: "button", className: "fc-link", onClick: () => setModalStep("email-register"), children: "Sign up" })
-    ] })
+    ] }),
+    showBack && /* @__PURE__ */ jsx2("p", { className: "fc-switch", children: /* @__PURE__ */ jsx2("button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
   ] });
 }
 function EmailRegisterForm() {
@@ -320,7 +627,7 @@ function EmailRegisterForm() {
       await register(email, password, displayName || void 0);
       setSuccess(true);
     } catch (err) {
-      setError(err instanceof Error ? err.message : "Registration failed");
+      setError(err instanceof Error ? err.message : "Something went wrong. Please try again.");
     } finally {
       setLoading(false);
     }
@@ -399,7 +706,9 @@ function EmailRegisterForm() {
 import { useState as useState2, useRef as useRef2 } from "react";
 import { jsx as jsx3, jsxs as jsxs3 } from "react/jsx-runtime";
 function EmailOtpForm() {
-  const { sendOtp, verifyOtp, setModalStep } = useForgeConnect();
+  const { sendOtp, verifyOtp, setModalStep, config } = useForgeConnect();
+  const methods = resolveLoginMethods(config);
+  const showBack = methods.length > 1;
   const [email, setEmail] = useState2("");
   const [code, setCode] = useState2(["", "", "", "", "", ""]);
   const [step, setStep] = useState2("email");
@@ -414,7 +723,7 @@ function EmailOtpForm() {
       await sendOtp(email);
       setStep("code");
     } catch (err) {
-      setError(err instanceof Error ? err.message : "Failed to send code");
+      setError(err instanceof Error ? err.message : "Could not send the code. Please try again.");
     } finally {
       setLoading(false);
     }
@@ -427,7 +736,7 @@ function EmailOtpForm() {
     try {
       await verifyOtp(email, codeStr);
     } catch (err) {
-      setError(err instanceof Error ? err.message : "Invalid code");
+      setError(err instanceof Error ? err.message : "This code is incorrect. Please check and try again.");
       setLoading(false);
     }
   };
@@ -484,7 +793,7 @@ function EmailOtpForm() {
         error && /* @__PURE__ */ jsx3("p", { className: "fc-error", children: error }),
         /* @__PURE__ */ jsx3("button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading, children: loading ? "Sending..." : "Send code" })
       ] }),
-      /* @__PURE__ */ jsx3("p", { className: "fc-switch", children: /* @__PURE__ */ jsx3("button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
+      showBack && /* @__PURE__ */ jsx3("p", { className: "fc-switch", children: /* @__PURE__ */ jsx3("button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
     ] });
   }
   return /* @__PURE__ */ jsxs3("div", { className: "fc-tab", children: [
@@ -522,254 +831,2917 @@ function EmailOtpForm() {
 }
 
 // src/components/tabs/wallet-connect.tsx
-import { useState as useState3 } from "react";
-import { Fragment, jsx as jsx4, jsxs as jsxs4 } from "react/jsx-runtime";
-function tryGetUseWallet() {
-  try {
-    const mod = __require("@solana/wallet-adapter-react");
-    return mod.useWallet;
-  } catch {
-    return void 0;
+import { useState as useState3, useMemo, useRef as useRef3, useCallback } from "react";
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/bufferToBase64URLString.js
+function bufferToBase64URLString(buffer) {
+  const bytes = new Uint8Array(buffer);
+  let str = "";
+  for (const charCode of bytes) {
+    str += String.fromCharCode(charCode);
   }
+  const base64String = btoa(str);
+  return base64String.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
 }
-var resolvedUseWallet = tryGetUseWallet();
-function WalletConnectForm() {
-  const { setModalStep } = useForgeConnect();
-  if (resolvedUseWallet) {
-    return /* @__PURE__ */ jsx4(WalletAdapterFlow, { useWallet: resolvedUseWallet });
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/base64URLStringToBuffer.js
+function base64URLStringToBuffer(base64URLString) {
+  const base64 = base64URLString.replace(/-/g, "+").replace(/_/g, "/");
+  const padLength = (4 - base64.length % 4) % 4;
+  const padded = base64.padEnd(base64.length + padLength, "=");
+  const binary = atob(padded);
+  const buffer = new ArrayBuffer(binary.length);
+  const bytes = new Uint8Array(buffer);
+  for (let i = 0; i < binary.length; i++) {
+    bytes[i] = binary.charCodeAt(i);
   }
-  return /* @__PURE__ */ jsxs4("div", { className: "fc-tab", children: [
-    /* @__PURE__ */ jsx4("h3", { className: "fc-tab-title", children: "Connect wallet" }),
-    /* @__PURE__ */ jsxs4("p", { className: "fc-text", children: [
-      "Install a Solana wallet extension (Phantom, Solflare, etc.) and ensure",
-      " ",
-      /* @__PURE__ */ jsx4("code", { children: "@solana/wallet-adapter-react" }),
-      " is configured in your app."
-    ] }),
-    /* @__PURE__ */ jsx4("p", { className: "fc-text fc-text-muted", children: "Wallet connection requires the Solana wallet adapter provider in your app." }),
-    /* @__PURE__ */ jsx4("p", { className: "fc-switch", children: /* @__PURE__ */ jsx4("button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
-  ] });
+  return buffer;
 }
-function WalletAdapterFlow({ useWallet }) {
-  const { loginWithWallet, setModalStep } = useForgeConnect();
-  const wallet = useWallet();
-  const [error, setError] = useState3("");
-  const [loading, setLoading] = useState3(false);
-  const handleConnect = async () => {
-    if (!wallet.publicKey || !wallet.signMessage) {
-      setError("Please connect your wallet first");
-      return;
-    }
-    setError("");
-    setLoading(true);
-    try {
-      await loginWithWallet(
-        wallet.publicKey.toBase58(),
-        wallet.signMessage,
-        "solana"
-      );
-    } catch (err) {
-      setError(err instanceof Error ? err.message : "Wallet verification failed");
-    } finally {
-      setLoading(false);
-    }
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/browserSupportsWebAuthn.js
+function browserSupportsWebAuthn() {
+  return _browserSupportsWebAuthnInternals.stubThis(globalThis?.PublicKeyCredential !== void 0 && typeof globalThis.PublicKeyCredential === "function");
+}
+var _browserSupportsWebAuthnInternals = {
+  stubThis: (value) => value
+};
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/toPublicKeyCredentialDescriptor.js
+function toPublicKeyCredentialDescriptor(descriptor) {
+  const { id } = descriptor;
+  return {
+    ...descriptor,
+    id: base64URLStringToBuffer(id),
+    /**
+     * `descriptor.transports` is an array of our `AuthenticatorTransportFuture` that includes newer
+     * transports that TypeScript's DOM lib is ignorant of. Convince TS that our list of transports
+     * are fine to pass to WebAuthn since browsers will recognize the new value.
+     */
+    transports: descriptor.transports
   };
-  return /* @__PURE__ */ jsxs4("div", { className: "fc-tab", children: [
-    /* @__PURE__ */ jsx4("h3", { className: "fc-tab-title", children: "Connect wallet" }),
-    wallet.publicKey ? /* @__PURE__ */ jsxs4(Fragment, { children: [
-      /* @__PURE__ */ jsxs4("p", { className: "fc-text fc-wallet-address", children: [
-        wallet.publicKey.toBase58().slice(0, 4),
-        "...",
-        wallet.publicKey.toBase58().slice(-4)
-      ] }),
-      error && /* @__PURE__ */ jsx4("p", { className: "fc-error", children: error }),
-      /* @__PURE__ */ jsx4(
-        "button",
-        {
-          type: "button",
-          className: "fc-btn fc-btn-primary",
-          onClick: handleConnect,
-          disabled: loading,
-          children: loading ? "Signing..." : "Sign to verify"
-        }
-      )
-    ] }) : /* @__PURE__ */ jsxs4(Fragment, { children: [
-      /* @__PURE__ */ jsx4("div", { className: "fc-wallet-list", children: wallet.wallets.filter((w) => w.readyState === "Installed").map((w) => /* @__PURE__ */ jsxs4(
-        "button",
-        {
-          type: "button",
-          className: "fc-btn fc-btn-wallet",
-          onClick: async () => {
-            wallet.select(w.adapter.name);
-            try {
-              await wallet.connect();
-            } catch {
-              setError("Failed to connect wallet");
-            }
-          },
-          children: [
-            /* @__PURE__ */ jsx4("img", { src: w.adapter.icon, alt: "", className: "fc-wallet-icon" }),
-            w.adapter.name
-          ]
-        },
-        w.adapter.name
-      )) }),
-      wallet.wallets.filter((w) => w.readyState === "Installed").length === 0 && /* @__PURE__ */ jsx4("p", { className: "fc-text", children: "No wallets detected. Install a Solana wallet extension." }),
-      error && /* @__PURE__ */ jsx4("p", { className: "fc-error", children: error })
-    ] }),
-    /* @__PURE__ */ jsx4("p", { className: "fc-switch", children: /* @__PURE__ */ jsx4("button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
-  ] });
 }
 
-// src/components/tabs/oauth-buttons.tsx
-import { jsx as jsx5, jsxs as jsxs5 } from "react/jsx-runtime";
-var PROVIDER_INFO = {
-  google: {
-    label: "Google",
-    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92a5.06 5.06 0 0 1-2.2 3.32v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.1z" fill="#4285F4"/><path d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z" fill="#34A853"/><path d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z" fill="#FBBC05"/><path d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z" fill="#EA4335"/></svg>'
-  },
-  discord: {
-    label: "Discord",
-    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M20.317 4.37a19.791 19.791 0 0 0-4.885-1.515.074.074 0 0 0-.079.037c-.21.375-.444.864-.608 1.25a18.27 18.27 0 0 0-5.487 0 12.64 12.64 0 0 0-.617-1.25.077.077 0 0 0-.079-.037A19.736 19.736 0 0 0 3.677 4.37a.07.07 0 0 0-.032.027C.533 9.046-.32 13.58.099 18.057a.082.082 0 0 0 .031.057 19.9 19.9 0 0 0 5.993 3.03.078.078 0 0 0 .084-.028c.462-.63.874-1.295 1.226-1.994a.076.076 0 0 0-.041-.106 13.107 13.107 0 0 1-1.872-.892.077.077 0 0 1-.008-.128c.126-.094.252-.192.372-.292a.074.074 0 0 1 .077-.01c3.928 1.793 8.18 1.793 12.062 0a.074.074 0 0 1 .078.01c.12.098.246.198.373.292a.077.077 0 0 1-.006.127 12.299 12.299 0 0 1-1.873.892.077.077 0 0 0-.041.107c.36.698.772 1.362 1.225 1.993a.076.076 0 0 0 .084.028 19.839 19.839 0 0 0 6.002-3.03.077.077 0 0 0 .032-.054c.5-5.177-.838-9.674-3.549-13.66a.061.061 0 0 0-.031-.03z" fill="#5865F2"/></svg>'
-  },
-  twitter: {
-    label: "Twitter",
-    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M18.244 2.25h3.308l-7.227 8.26 8.502 11.24H16.17l-5.214-6.817L4.99 21.75H1.68l7.73-8.835L1.254 2.25H8.08l4.713 6.231zm-1.161 17.52h1.833L7.084 4.126H5.117z" fill="currentColor"/></svg>'
-  },
-  apple: {
-    label: "Apple",
-    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M17.05 20.28c-.98.95-2.05.88-3.08.4-1.09-.5-2.08-.52-3.23 0-1.44.64-2.2.45-3.06-.4C3.79 16.17 4.36 9.02 8.8 8.78c1.27.06 2.15.72 2.91.76.93-.19 1.82-.88 2.83-.8 1.21.1 2.12.58 2.72 1.49-2.46 1.48-1.88 4.73.52 5.64-.42 1.13-.98 2.24-1.73 3.41zM12.03 8.7c-.12-2.35 1.82-4.38 4.04-4.54.29 2.56-2.34 4.68-4.04 4.54z" fill="currentColor"/></svg>'
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/isValidDomain.js
+function isValidDomain(hostname) {
+  return (
+    // Consider localhost valid as well since it's okay wrt Secure Contexts
+    hostname === "localhost" || /^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(hostname)
+  );
+}
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/webAuthnError.js
+var WebAuthnError = class extends Error {
+  constructor({ message, code, cause, name }) {
+    super(message, { cause });
+    Object.defineProperty(this, "code", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: void 0
+    });
+    this.name = name ?? cause.name;
+    this.code = code;
   }
 };
-function OAuthButtons() {
-  const { config, loginWithOAuth } = useForgeConnect();
-  const providers = config.oauthProviders ?? [];
-  if (providers.length === 0) return null;
-  return /* @__PURE__ */ jsx5("div", { className: "fc-oauth-buttons", children: providers.map((provider) => {
-    const info = PROVIDER_INFO[provider];
-    return /* @__PURE__ */ jsxs5(
-      "button",
-      {
-        type: "button",
-        className: "fc-btn fc-btn-oauth",
-        onClick: () => loginWithOAuth(provider),
-        children: [
-          /* @__PURE__ */ jsx5("span", { className: "fc-oauth-icon", dangerouslySetInnerHTML: { __html: info.icon } }),
-          "Continue with ",
-          info.label
-        ]
-      },
-      provider
-    );
-  }) });
-}
 
-// src/components/login-modal.tsx
-import { jsx as jsx6, jsxs as jsxs6 } from "react/jsx-runtime";
-function LoginModal() {
-  const { modal, closeModal, setModalStep, config } = useForgeConnect();
-  const renderStep = () => {
-    switch (modal.step) {
-      case "email-login":
-        return /* @__PURE__ */ jsx6(EmailLoginForm, {});
-      case "email-register":
-        return /* @__PURE__ */ jsx6(EmailRegisterForm, {});
-      case "email-otp":
-        return /* @__PURE__ */ jsx6(EmailOtpForm, {});
-      case "wallet-connect":
-        return /* @__PURE__ */ jsx6(WalletConnectForm, {});
-      case "method-select":
-      default:
-        return /* @__PURE__ */ jsx6(MethodSelect, {});
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/identifyRegistrationError.js
+function identifyRegistrationError({ error, options }) {
+  const { publicKey } = options;
+  if (!publicKey) {
+    throw Error("options was missing required publicKey property");
+  }
+  if (error.name === "AbortError") {
+    if (options.signal instanceof AbortSignal) {
+      return new WebAuthnError({
+        message: "Registration ceremony was sent an abort signal",
+        code: "ERROR_CEREMONY_ABORTED",
+        cause: error
+      });
     }
-  };
-  return /* @__PURE__ */ jsx6(ModalOverlay, { isOpen: modal.isOpen, onClose: closeModal, children: /* @__PURE__ */ jsxs6(
-    "div",
-    {
-      className: "fc-modal-content",
-      style: {
-        "--fc-accent": config.appearance?.accentColor ?? "#8b5cf6"
-      },
-      "data-theme": config.appearance?.theme ?? "light",
-      children: [
-        config.appearance?.logo && /* @__PURE__ */ jsx6("img", { src: config.appearance.logo, alt: "", className: "fc-logo" }),
-        /* @__PURE__ */ jsx6("h2", { className: "fc-modal-title", children: config.appearance?.title ?? "Sign in" }),
-        renderStep()
-      ]
+  } else if (error.name === "ConstraintError") {
+    if (publicKey.authenticatorSelection?.requireResidentKey === true) {
+      return new WebAuthnError({
+        message: "Discoverable credentials were required but no available authenticator supported it",
+        code: "ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",
+        cause: error
+      });
+    } else if (
+      // @ts-ignore: `mediation` doesn't yet exist on CredentialCreationOptions but it's possible as of Sept 2024
+      options.mediation === "conditional" && publicKey.authenticatorSelection?.userVerification === "required"
+    ) {
+      return new WebAuthnError({
+        message: "User verification was required during automatic registration but it could not be performed",
+        code: "ERROR_AUTO_REGISTER_USER_VERIFICATION_FAILURE",
+        cause: error
+      });
+    } else if (publicKey.authenticatorSelection?.userVerification === "required") {
+      return new WebAuthnError({
+        message: "User verification was required but no available authenticator supported it",
+        code: "ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",
+        cause: error
+      });
     }
-  ) });
-}
-function MethodSelect() {
-  const { setModalStep, config } = useForgeConnect();
-  return /* @__PURE__ */ jsxs6("div", { className: "fc-method-select", children: [
-    /* @__PURE__ */ jsx6(OAuthButtons, {}),
-    (config.oauthProviders?.length ?? 0) > 0 && /* @__PURE__ */ jsx6("div", { className: "fc-divider", children: /* @__PURE__ */ jsx6("span", { children: "or" }) }),
-    /* @__PURE__ */ jsxs6(
-      "button",
+  } else if (error.name === "InvalidStateError") {
+    return new WebAuthnError({
+      message: "The authenticator was previously registered",
+      code: "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",
+      cause: error
+    });
+  } else if (error.name === "NotAllowedError") {
+    return new WebAuthnError({
+      message: error.message,
+      code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
+      cause: error
+    });
+  } else if (error.name === "NotSupportedError") {
+    const validPubKeyCredParams = publicKey.pubKeyCredParams.filter((param) => param.type === "public-key");
+    if (validPubKeyCredParams.length === 0) {
+      return new WebAuthnError({
+        message: 'No entry in pubKeyCredParams was of type "public-key"',
+        code: "ERROR_MALFORMED_PUBKEYCREDPARAMS",
+        cause: error
+      });
+    }
+    return new WebAuthnError({
+      message: "No available authenticator supported any of the specified pubKeyCredParams algorithms",
+      code: "ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",
+      cause: error
+    });
+  } else if (error.name === "SecurityError") {
+    const effectiveDomain = globalThis.location.hostname;
+    if (!isValidDomain(effectiveDomain)) {
+      return new WebAuthnError({
+        message: `${globalThis.location.hostname} is an invalid domain`,
+        code: "ERROR_INVALID_DOMAIN",
+        cause: error
+      });
+    } else if (publicKey.rp.id !== effectiveDomain) {
+      return new WebAuthnError({
+        message: `The RP ID "${publicKey.rp.id}" is invalid for this domain`,
+        code: "ERROR_INVALID_RP_ID",
+        cause: error
+      });
+    }
+  } else if (error.name === "TypeError") {
+    if (publicKey.user.id.byteLength < 1 || publicKey.user.id.byteLength > 64) {
+      return new WebAuthnError({
+        message: "User ID was not between 1 and 64 characters",
+        code: "ERROR_INVALID_USER_ID_LENGTH",
+        cause: error
+      });
+    }
+  } else if (error.name === "UnknownError") {
+    return new WebAuthnError({
+      message: "The authenticator was unable to process the specified options, or could not create a new credential",
+      code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
+      cause: error
+    });
+  }
+  return error;
+}
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/webAuthnAbortService.js
+var BaseWebAuthnAbortService = class {
+  constructor() {
+    Object.defineProperty(this, "controller", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: void 0
+    });
+  }
+  createNewAbortSignal() {
+    if (this.controller) {
+      const abortError = new Error("Cancelling existing WebAuthn API call for new one");
+      abortError.name = "AbortError";
+      this.controller.abort(abortError);
+    }
+    const newController = new AbortController();
+    this.controller = newController;
+    return newController.signal;
+  }
+  cancelCeremony() {
+    if (this.controller) {
+      const abortError = new Error("Manually cancelling existing WebAuthn API call");
+      abortError.name = "AbortError";
+      this.controller.abort(abortError);
+      this.controller = void 0;
+    }
+  }
+};
+var WebAuthnAbortService = new BaseWebAuthnAbortService();
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/toAuthenticatorAttachment.js
+var attachments = ["cross-platform", "platform"];
+function toAuthenticatorAttachment(attachment) {
+  if (!attachment) {
+    return;
+  }
+  if (attachments.indexOf(attachment) < 0) {
+    return;
+  }
+  return attachment;
+}
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/methods/startRegistration.js
+async function startRegistration(options) {
+  if (!options.optionsJSON && options.challenge) {
+    console.warn("startRegistration() was not called correctly. It will try to continue with the provided options, but this call should be refactored to use the expected call structure instead. See https://simplewebauthn.dev/docs/packages/browser#typeerror-cannot-read-properties-of-undefined-reading-challenge for more information.");
+    options = { optionsJSON: options };
+  }
+  const { optionsJSON, useAutoRegister = false } = options;
+  if (!browserSupportsWebAuthn()) {
+    throw new Error("WebAuthn is not supported in this browser");
+  }
+  const publicKey = {
+    ...optionsJSON,
+    challenge: base64URLStringToBuffer(optionsJSON.challenge),
+    user: {
+      ...optionsJSON.user,
+      id: base64URLStringToBuffer(optionsJSON.user.id)
+    },
+    excludeCredentials: optionsJSON.excludeCredentials?.map(toPublicKeyCredentialDescriptor)
+  };
+  const createOptions = {};
+  if (useAutoRegister) {
+    createOptions.mediation = "conditional";
+  }
+  createOptions.publicKey = publicKey;
+  createOptions.signal = WebAuthnAbortService.createNewAbortSignal();
+  let credential;
+  try {
+    credential = await navigator.credentials.create(createOptions);
+  } catch (err) {
+    throw identifyRegistrationError({ error: err, options: createOptions });
+  }
+  if (!credential) {
+    throw new Error("Registration was not completed");
+  }
+  const { id, rawId, response, type } = credential;
+  let transports = void 0;
+  if (typeof response.getTransports === "function") {
+    transports = response.getTransports();
+  }
+  let responsePublicKeyAlgorithm = void 0;
+  if (typeof response.getPublicKeyAlgorithm === "function") {
+    try {
+      responsePublicKeyAlgorithm = response.getPublicKeyAlgorithm();
+    } catch (error) {
+      warnOnBrokenImplementation("getPublicKeyAlgorithm()", error);
+    }
+  }
+  let responsePublicKey = void 0;
+  if (typeof response.getPublicKey === "function") {
+    try {
+      const _publicKey = response.getPublicKey();
+      if (_publicKey !== null) {
+        responsePublicKey = bufferToBase64URLString(_publicKey);
+      }
+    } catch (error) {
+      warnOnBrokenImplementation("getPublicKey()", error);
+    }
+  }
+  let responseAuthenticatorData;
+  if (typeof response.getAuthenticatorData === "function") {
+    try {
+      responseAuthenticatorData = bufferToBase64URLString(response.getAuthenticatorData());
+    } catch (error) {
+      warnOnBrokenImplementation("getAuthenticatorData()", error);
+    }
+  }
+  return {
+    id,
+    rawId: bufferToBase64URLString(rawId),
+    response: {
+      attestationObject: bufferToBase64URLString(response.attestationObject),
+      clientDataJSON: bufferToBase64URLString(response.clientDataJSON),
+      transports,
+      publicKeyAlgorithm: responsePublicKeyAlgorithm,
+      publicKey: responsePublicKey,
+      authenticatorData: responseAuthenticatorData
+    },
+    type,
+    clientExtensionResults: credential.getClientExtensionResults(),
+    authenticatorAttachment: toAuthenticatorAttachment(credential.authenticatorAttachment)
+  };
+}
+function warnOnBrokenImplementation(methodName, cause) {
+  console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${methodName}. You should report this error to them.
+`, cause);
+}
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/browserSupportsWebAuthnAutofill.js
+function browserSupportsWebAuthnAutofill() {
+  if (!browserSupportsWebAuthn()) {
+    return _browserSupportsWebAuthnAutofillInternals.stubThis(new Promise((resolve) => resolve(false)));
+  }
+  const globalPublicKeyCredential = globalThis.PublicKeyCredential;
+  if (globalPublicKeyCredential?.isConditionalMediationAvailable === void 0) {
+    return _browserSupportsWebAuthnAutofillInternals.stubThis(new Promise((resolve) => resolve(false)));
+  }
+  return _browserSupportsWebAuthnAutofillInternals.stubThis(globalPublicKeyCredential.isConditionalMediationAvailable());
+}
+var _browserSupportsWebAuthnAutofillInternals = {
+  stubThis: (value) => value
+};
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/identifyAuthenticationError.js
+function identifyAuthenticationError({ error, options }) {
+  const { publicKey } = options;
+  if (!publicKey) {
+    throw Error("options was missing required publicKey property");
+  }
+  if (error.name === "AbortError") {
+    if (options.signal instanceof AbortSignal) {
+      return new WebAuthnError({
+        message: "Authentication ceremony was sent an abort signal",
+        code: "ERROR_CEREMONY_ABORTED",
+        cause: error
+      });
+    }
+  } else if (error.name === "NotAllowedError") {
+    return new WebAuthnError({
+      message: error.message,
+      code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
+      cause: error
+    });
+  } else if (error.name === "SecurityError") {
+    const effectiveDomain = globalThis.location.hostname;
+    if (!isValidDomain(effectiveDomain)) {
+      return new WebAuthnError({
+        message: `${globalThis.location.hostname} is an invalid domain`,
+        code: "ERROR_INVALID_DOMAIN",
+        cause: error
+      });
+    } else if (publicKey.rpId !== effectiveDomain) {
+      return new WebAuthnError({
+        message: `The RP ID "${publicKey.rpId}" is invalid for this domain`,
+        code: "ERROR_INVALID_RP_ID",
+        cause: error
+      });
+    }
+  } else if (error.name === "UnknownError") {
+    return new WebAuthnError({
+      message: "The authenticator was unable to process the specified options, or could not create a new assertion signature",
+      code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
+      cause: error
+    });
+  }
+  return error;
+}
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/methods/startAuthentication.js
+async function startAuthentication(options) {
+  if (!options.optionsJSON && options.challenge) {
+    console.warn("startAuthentication() was not called correctly. It will try to continue with the provided options, but this call should be refactored to use the expected call structure instead. See https://simplewebauthn.dev/docs/packages/browser#typeerror-cannot-read-properties-of-undefined-reading-challenge for more information.");
+    options = { optionsJSON: options };
+  }
+  const { optionsJSON, useBrowserAutofill = false, verifyBrowserAutofillInput = true } = options;
+  if (!browserSupportsWebAuthn()) {
+    throw new Error("WebAuthn is not supported in this browser");
+  }
+  let allowCredentials;
+  if (optionsJSON.allowCredentials?.length !== 0) {
+    allowCredentials = optionsJSON.allowCredentials?.map(toPublicKeyCredentialDescriptor);
+  }
+  const publicKey = {
+    ...optionsJSON,
+    challenge: base64URLStringToBuffer(optionsJSON.challenge),
+    allowCredentials
+  };
+  const getOptions = {};
+  if (useBrowserAutofill) {
+    if (!await browserSupportsWebAuthnAutofill()) {
+      throw Error("Browser does not support WebAuthn autofill");
+    }
+    const eligibleInputs = document.querySelectorAll("input[autocomplete$='webauthn']");
+    if (eligibleInputs.length < 1 && verifyBrowserAutofillInput) {
+      throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');
+    }
+    getOptions.mediation = "conditional";
+    publicKey.allowCredentials = [];
+  }
+  getOptions.publicKey = publicKey;
+  getOptions.signal = WebAuthnAbortService.createNewAbortSignal();
+  let credential;
+  try {
+    credential = await navigator.credentials.get(getOptions);
+  } catch (err) {
+    throw identifyAuthenticationError({ error: err, options: getOptions });
+  }
+  if (!credential) {
+    throw new Error("Authentication was not completed");
+  }
+  const { id, rawId, response, type } = credential;
+  let userHandle = void 0;
+  if (response.userHandle) {
+    userHandle = bufferToBase64URLString(response.userHandle);
+  }
+  return {
+    id,
+    rawId: bufferToBase64URLString(rawId),
+    response: {
+      authenticatorData: bufferToBase64URLString(response.authenticatorData),
+      clientDataJSON: bufferToBase64URLString(response.clientDataJSON),
+      signature: bufferToBase64URLString(response.signature),
+      userHandle
+    },
+    type,
+    clientExtensionResults: credential.getClientExtensionResults(),
+    authenticatorAttachment: toAuthenticatorAttachment(credential.authenticatorAttachment)
+  };
+}
+
+// src/runtime-imports.ts
+var importSolanaWeb3 = () => new Function('return import("@solana/web3.js")')();
+
+// src/components/tabs/wallet-connect.tsx
+import { Fragment, jsx as jsx4, jsxs as jsxs4 } from "react/jsx-runtime";
+var MOBILE_WALLETS = [
+  {
+    name: "Phantom",
+    icon: "data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTA4IiBoZWlnaHQ9IjEwOCIgdmlld0JveD0iMCAwIDEwOCAxMDgiIGZpbGw9Im5vbmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CjxyZWN0IHdpZHRoPSIxMDgiIGhlaWdodD0iMTA4IiByeD0iMjYiIGZpbGw9IiNBQjlGRjIiLz4KPHBhdGggZmlsbC1ydWxlPSJldmVub2RkIiBjbGlwLXJ1bGU9ImV2ZW5vZGQiIGQ9Ik00Ni41MjY3IDY5LjkyMjlDNDIuMDA1NCA3Ni44NTA5IDM0LjQyOTIgODUuNjE4MiAyNC4zNDggODUuNjE4MkMxOS41ODI0IDg1LjYxODIgMTUgODMuNjU2MyAxNSA3NS4xMzQyQzE1IDUzLjQzMDUgNDQuNjMyNiAxOS44MzI3IDcyLjEyNjggMTkuODMyN0M4Ny43NjggMTkuODMyNyA5NCAzMC42ODQ2IDk0IDQzLjAwNzlDOTQgNTguODI1OCA4My43MzU1IDc2LjkxMjIgNzMuNTMyMSA3Ni45MTIyQzcwLjI5MzkgNzYuOTEyMiA2OC43MDUzIDc1LjEzNDIgNjguNzA1MyA3Mi4zMTRDNjguNzA1MyA3MS41NzgzIDY4LjgyNzUgNzAuNzgxMiA2OS4wNzE5IDY5LjkyMjlDNjUuNTg5MyA3NS44Njk5IDU4Ljg2ODUgODEuMzg3OCA1Mi41NzU0IDgxLjM4NzhDNDcuOTkzIDgxLjM4NzggNDUuNjcxMyA3OC41MDYzIDQ1LjY3MTMgNzQuNDU5OEM0NS42NzEzIDcyLjk4ODQgNDUuOTc2OCA3MS40NTU2IDQ2LjUyNjcgNjkuOTIyOVpNODMuNjc2MSA0Mi41Nzk0QzgzLjY3NjEgNDYuMTcwNCA4MS41NTc1IDQ3Ljk2NTggNzkuMTg3NSA0Ny45NjU4Qzc2Ljc4MTYgNDcuOTY1OCA3NC42OTg5IDQ2LjE3MDQgNzQuNjk4OSA0Mi41Nzk0Qzc0LjY5ODkgMzguOTg4NSA3Ni43ODE2IDM3LjE5MzEgNzkuMTg3NSAzNy4xOTMxQzgxLjU1NzUgMzcuMTkzMSA4My42NzYxIDM4Ljk4ODUgODMuNjc2MSA0Mi41Nzk0Wk03MC4yMTAzIDQyLjU3OTVDNzAuMjEwMyA0Ni4xNzA0IDY4LjA5MTYgNDcuOTY1OCA2NS43MjE2IDQ3Ljk2NThDNjMuMzE1NyA0Ny45NjU4IDYxLjIzMyA0Ni4xNzA0IDYxLjIzMyA0Mi41Nzk1QzYxLjIzMyAzOC45ODg1IDYzLjMxNTcgMzcuMTkzMSA2NS43MjE2IDM3LjE5MzFDNjguMDkxNiAzNy4xOTMxIDcwLjIxMDMgMzguOTg4NSA3MC4yMTAzIDQyLjU3OTVaIiBmaWxsPSIjRkZGREY4Ii8+Cjwvc3ZnPgo=",
+    buildUrl: (url) => `https://phantom.app/ul/browse/${encodeURIComponent(url)}?ref=${encodeURIComponent(url)}`
+  },
+  {
+    name: "Solflare",
+    icon: "data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c3ZnIGlkPSJTIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA1MCA1MCI+PGRlZnM+PHN0eWxlPi5jbHMtMXtmaWxsOiMwMjA1MGE7c3Ryb2tlOiNmZmVmNDY7c3Ryb2tlLW1pdGVybGltaXQ6MTA7c3Ryb2tlLXdpZHRoOi41cHg7fS5jbHMtMntmaWxsOiNmZmVmNDY7fTwvc3R5bGU+PC9kZWZzPjxyZWN0IGNsYXNzPSJjbHMtMiIgeD0iMCIgd2lkdGg9IjUwIiBoZWlnaHQ9IjUwIiByeD0iMTIiIHJ5PSIxMiIvPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTI0LjIzLDI2LjQybDIuNDYtMi4zOCw0LjU5LDEuNWMzLjAxLDEsNC41MSwyLjg0LDQuNTEsNS40MywwLDEuOTYtLjc1LDMuMjYtMi4yNSw0LjkzbC0uNDYuNS4xNy0xLjE3Yy42Ny00LjI2LS41OC02LjA5LTQuNzItNy40M2wtNC4zLTEuMzhoMFpNMTguMDUsMTEuODVsMTIuNTIsNC4xNy0yLjcxLDIuNTktNi41MS0yLjE3Yy0yLjI1LS43NS0zLjAxLTEuOTYtMy4zLTQuNTF2LS4wOGgwWk0xNy4zLDMzLjA2bDIuODQtMi43MSw1LjM0LDEuNzVjMi44LjkyLDMuNzYsMi4xMywzLjQ2LDUuMThsLTExLjY1LTQuMjJoMFpNMTMuNzEsMjAuOTVjMC0uNzkuNDItMS41NCwxLjEzLTIuMTcuNzUsMS4wOSwyLjA1LDIuMDUsNC4wOSwyLjcxbDQuNDIsMS40Ni0yLjQ2LDIuMzgtNC4zNC0xLjQyYy0yLS42Ny0yLjg0LTEuNjctMi44NC0yLjk2TTI2LjgyLDQyLjg3YzkuMTgtNi4wOSwxNC4xMS0xMC4yMywxNC4xMS0xNS4zMiwwLTMuMzgtMi01LjI2LTYuNDMtNi43MmwtMy4zNC0xLjEzLDkuMTQtOC43Ny0xLjg0LTEuOTYtMi43MSwyLjM4LTEyLjgxLTQuMjJjLTMuOTcsMS4yOS04Ljk3LDUuMDktOC45Nyw4Ljg5LDAsLjQyLjA0LjgzLjE3LDEuMjktMy4zLDEuODgtNC42MywzLjYzLTQuNjMsNS44LDAsMi4wNSwxLjA5LDQuMDksNC41NSw1LjIybDIuNzUuOTItOS41Miw5LjE0LDEuODQsMS45NiwyLjk2LTIuNzEsMTQuNzMsNS4yMmgwWiIvPjwvc3ZnPg==",
+    buildUrl: (url) => `https://solflare.com/ul/v1/browse/${encodeURIComponent(url)}?ref=${encodeURIComponent(url)}`
+  },
+  {
+    name: "Backpack",
+    icon: "data:image/webp;base64,UklGRlgCAABXRUJQVlA4WAoAAAAQAAAAOwAAOwAAQUxQSC8AAAABL6CmbQOGP75e/cti0oiIOI0KBto2+a8ACZjAAQ7wL2gCSCL6PwER2t+KmZpFDwBWUDggAgIAAPALAJ0BKjwAPAA+SSCMRKKiIRYKrTQoBISyAGp7nL12mKuwHiZ/pX71XoA8m7rXfQA8q39lfhJ/cL0ZimIeNSGxOaSWtqEDDdJ++ARG5/LVm6OquItoAu4rpz8VksUr1NEDJ0CeZucwAP7+VdYX7J5e8V3cJZ9QoY9vj8KsNGOvZSm+khDZOvwCeiDFjGweq/8KIUmVQk3T/qW3ONyMcepN2uwyEXpZZiidST0x705r7ZnNuWX42r8oi+FEshvXGWm6DabjfrMbiaxJ15irl2Gj3nKWbZ2v3k/jd172plSBejBs7dNt90Re/m+nmv5kNjM/SPfa4EpzvOdu/8BR+hTnR4qe4eWhTsh/oecEfN31OExdi/6AYrsth4nlx/qGEP70b1/TNKmgaB/18+c9ntTfhku9wYpy17/wN3r+B/1geZPzth+AtNsMDXE99PaPLWdFP9MOIMD6ME+MpZu2H7WSfzY7MkWs/N/NNzAZ0P/9vMvxgcdzFHvs/doeUU9WyVv+Ll8QDJbn9NZl86ZZNYtfP4Ol1hiJHWosWyj/66vhMUeFIcDheXIOSRTzvKwj5ffEl7fn/QwflNU556SEjM8MriwSFJ/nrFBrr8O1/pqdrYGqPijG6tjsBVBHp+EDAbtNLL375I2jnG9i3Xb1ZphsFYNjdRaknYdFf4g5iJBoAAA=",
+    buildUrl: (url) => `https://backpack.app/ul/browse/${encodeURIComponent(url)}`
+  }
+];
+function isMobile() {
+  if (typeof navigator === "undefined") return false;
+  return /Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent);
+}
+function WalletConnectForm() {
+  const { walletAdapter, setModalStep, config } = useForgeConnect();
+  const methods = resolveLoginMethods(config);
+  const showBack = methods.length > 1;
+  if (!walletAdapter && isMobile()) {
+    return /* @__PURE__ */ jsx4(MobileWalletFlow, {});
+  }
+  if (walletAdapter) {
+    return /* @__PURE__ */ jsx4(WalletAdapterFlow, {});
+  }
+  return /* @__PURE__ */ jsxs4("div", { className: "fc-tab", children: [
+    /* @__PURE__ */ jsx4("h3", { className: "fc-tab-title", children: "Connect wallet" }),
+    /* @__PURE__ */ jsxs4("p", { className: "fc-text", children: [
+      "No wallet adapter detected. Pass ",
+      /* @__PURE__ */ jsx4("code", { children: "walletAdapter" }),
+      " to",
+      " ",
+      /* @__PURE__ */ jsx4("code", { children: "<ForgeConnectProvider>" }),
+      " to enable wallet login."
+    ] }),
+    showBack && /* @__PURE__ */ jsx4("p", { className: "fc-switch", children: /* @__PURE__ */ jsx4("button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
+  ] });
+}
+function MobileWalletFlow() {
+  const { setModalStep, config } = useForgeConnect();
+  const methods = resolveLoginMethods(config);
+  const showBack = methods.length > 1;
+  const walletConfig = config.walletConfig;
+  const preferred = walletConfig?.preferredWallets ?? [];
+  const onlyPreferred = walletConfig?.onlyPreferred ?? false;
+  const walletsToShow = useMemo(() => {
+    if (preferred.length > 0) {
+      const prefList = preferred.map((name) => MOBILE_WALLETS.find((mw) => mw.name === name)).filter(Boolean);
+      if (onlyPreferred) return prefList;
+      const prefNames = new Set(preferred);
+      const others = MOBILE_WALLETS.filter((mw) => !prefNames.has(mw.name));
+      return [...prefList, ...others];
+    }
+    return MOBILE_WALLETS;
+  }, [preferred, onlyPreferred]);
+  const handleOpen = (mw) => {
+    const pageUrl = window.location.href;
+    window.location.href = mw.buildUrl(pageUrl);
+  };
+  return /* @__PURE__ */ jsxs4("div", { className: "fc-tab", children: [
+    /* @__PURE__ */ jsx4("div", { className: "fc-wallet-list", children: walletsToShow.map((mw) => /* @__PURE__ */ jsxs4(
+      "button",
+      {
+        type: "button",
+        className: "fc-btn fc-btn-wallet",
+        onClick: () => handleOpen(mw),
+        children: [
+          /* @__PURE__ */ jsx4("span", { style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ jsx4("img", { src: mw.icon, alt: "", className: "fc-wallet-icon" }) }),
+          /* @__PURE__ */ jsx4("span", { className: "fc-wallet-name", children: mw.name }),
+          /* @__PURE__ */ jsx4("span", { className: "fc-badge-preferred", children: "Open app" })
+        ]
+      },
+      mw.name
+    )) }),
+    /* @__PURE__ */ jsx4("p", { className: "fc-text", style: { textAlign: "center", fontSize: 12, opacity: 0.6 }, children: "You'll be redirected to the wallet app to sign in." }),
+    showBack && /* @__PURE__ */ jsx4("p", { className: "fc-switch", children: /* @__PURE__ */ jsx4("button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
+  ] });
+}
+function WalletAdapterFlow() {
+  const { walletAdapter, loginWithWallet, setModalStep, config } = useForgeConnect();
+  const wallet = walletAdapter;
+  const walletConfig = config.walletConfig;
+  const methods = resolveLoginMethods(config);
+  const showBack = methods.length > 1;
+  const [error, setError] = useState3("");
+  const [loading, setLoading] = useState3(false);
+  const [showOther, setShowOther] = useState3(false);
+  const [coldWallet, setColdWallet] = useState3(false);
+  const mobile = useMemo(() => isMobile(), []);
+  const coldWalletRef = useRef3(coldWallet);
+  coldWalletRef.current = coldWallet;
+  const buildSignTxFnForAdapter = useCallback((adapter) => {
+    if (!adapter.signTransaction) return void 0;
+    return async (txBase64) => {
+      const { Transaction } = await importSolanaWeb3();
+      const bytes = Uint8Array.from(atob(txBase64), (c) => c.charCodeAt(0));
+      const tx = Transaction.from(bytes);
+      const signedTx = await adapter.signTransaction(tx);
+      return btoa(String.fromCharCode(...new Uint8Array(signedTx.serialize())));
+    };
+  }, []);
+  const handleConnect = async (w) => {
+    if (w.readyState !== "Installed") {
+      if (mobile) {
+        const mw = MOBILE_WALLETS.find((m) => m.name === w.adapter.name);
+        if (mw) {
+          window.location.href = mw.buildUrl(window.location.href);
+          return;
+        }
+      }
+      const url = w.adapter.url;
+      if (url) window.open(url, "_blank");
+      return;
+    }
+    setError("");
+    setLoading(true);
+    try {
+      if (!w.adapter.connected) {
+        await w.adapter.connect();
+      }
+      const pk = w.adapter.publicKey;
+      if (!pk) throw new Error("Wallet did not provide a public key.");
+      const address = pk.toBase58();
+      const useCold = coldWalletRef.current;
+      const adapterSignMessage = w.adapter.signMessage ? (msg) => w.adapter.signMessage(msg) : void 0;
+      await loginWithWallet(
+        address,
+        useCold ? void 0 : adapterSignMessage,
+        "solana",
+        useCold ? buildSignTxFnForAdapter(w.adapter) : void 0
+      );
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Could not verify your wallet. Please try again.");
+      setLoading(false);
+    }
+  };
+  const handleMobileOpen = (mw) => {
+    window.location.href = mw.buildUrl(window.location.href);
+  };
+  const preferred = walletConfig?.preferredWallets ?? [];
+  const onlyPreferred = walletConfig?.onlyPreferred ?? false;
+  const preferredSet = new Set(preferred);
+  const connectedWalletName = wallet.publicKey ? wallet.wallets.find((w) => w.adapter.connected)?.adapter.name ?? null : null;
+  const { preferredWallets, otherWallets } = useMemo(() => {
+    const all = wallet.wallets;
+    const prefList = preferred.map((name) => all.find((w) => w.adapter.name === name)).filter(Boolean);
+    if (onlyPreferred && preferred.length > 0) {
+      return { preferredWallets: prefList, otherWallets: [] };
+    }
+    const others = all.filter(
+      (w) => !preferredSet.has(w.adapter.name) && w.readyState === "Installed"
+    );
+    return { preferredWallets: prefList, otherWallets: others };
+  }, [wallet.wallets, walletConfig]);
+  const mobileExtraWallets = useMemo(() => {
+    if (!mobile) return [];
+    const adapterNames = new Set(wallet.wallets.map((w) => w.adapter.name));
+    return MOBILE_WALLETS.filter((mw) => !adapterNames.has(mw.name));
+  }, [mobile, wallet.wallets]);
+  return /* @__PURE__ */ jsxs4("div", { className: "fc-tab", children: [
+    loading ? /* @__PURE__ */ jsxs4("div", { style: { textAlign: "center", padding: "24px 0" }, children: [
+      /* @__PURE__ */ jsx4("p", { className: "fc-tab-title", children: "Connecting..." }),
+      /* @__PURE__ */ jsx4("p", { className: "fc-text", children: coldWallet ? "Confirm the transaction on your device" : "Approve the connection, then sign the verification request in your wallet" }),
+      error && /* @__PURE__ */ jsxs4(Fragment, { children: [
+        /* @__PURE__ */ jsx4("p", { className: "fc-error", children: error }),
+        /* @__PURE__ */ jsx4(
+          "button",
+          {
+            type: "button",
+            className: "fc-btn fc-btn-secondary",
+            onClick: () => {
+              setLoading(false);
+              setError("");
+            },
+            style: { marginTop: 8 },
+            children: "Try again"
+          }
+        )
+      ] })
+    ] }) : /* @__PURE__ */ jsxs4(Fragment, { children: [
+      /* @__PURE__ */ jsxs4("div", { className: "fc-wallet-list", children: [
+        preferredWallets.map((w) => {
+          const installed = w.readyState === "Installed";
+          const isConnected = w.adapter.name === connectedWalletName;
+          return /* @__PURE__ */ jsxs4(
+            "button",
+            {
+              type: "button",
+              className: "fc-btn fc-btn-wallet",
+              onClick: () => handleConnect(w),
+              children: [
+                /* @__PURE__ */ jsx4("span", { className: installed ? "fc-installed-dot" : "", style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ jsx4("img", { src: w.adapter.icon, alt: "", className: "fc-wallet-icon" }) }),
+                /* @__PURE__ */ jsx4("span", { className: "fc-wallet-name", children: w.adapter.name }),
+                isConnected ? /* @__PURE__ */ jsx4("span", { className: "fc-badge-preferred", children: "Last used" }) : /* @__PURE__ */ jsx4("span", { className: "fc-badge-preferred", children: "Preferred" }),
+                !installed && mobile && MOBILE_WALLETS.some((mw) => mw.name === w.adapter.name) ? /* @__PURE__ */ jsx4("span", { className: "fc-badge-install", children: "Open app" }) : !installed && /* @__PURE__ */ jsx4("span", { className: "fc-badge-install", children: "Install" })
+              ]
+            },
+            w.adapter.name
+          );
+        }),
+        mobileExtraWallets.map((mw) => /* @__PURE__ */ jsxs4(
+          "button",
+          {
+            type: "button",
+            className: "fc-btn fc-btn-wallet",
+            onClick: () => handleMobileOpen(mw),
+            children: [
+              /* @__PURE__ */ jsx4("span", { style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ jsx4("img", { src: mw.icon, alt: "", className: "fc-wallet-icon" }) }),
+              /* @__PURE__ */ jsx4("span", { className: "fc-wallet-name", children: mw.name }),
+              /* @__PURE__ */ jsx4("span", { className: "fc-badge-install", children: "Open app" })
+            ]
+          },
+          mw.name
+        )),
+        otherWallets.length > 0 && !showOther && /* @__PURE__ */ jsxs4(
+          "button",
+          {
+            type: "button",
+            className: "fc-btn fc-btn-wallet",
+            onClick: () => setShowOther(true),
+            children: [
+              /* @__PURE__ */ jsx4("span", { className: "fc-other-wallets-icon", children: /* @__PURE__ */ jsxs4("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", children: [
+                /* @__PURE__ */ jsx4("rect", { x: "2", y: "3", width: "16", height: "14", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
+                /* @__PURE__ */ jsx4("path", { d: "M2 7h16", stroke: "currentColor", strokeWidth: "1.5" }),
+                /* @__PURE__ */ jsx4("rect", { x: "11", y: "10", width: "7", height: "4", rx: "1", stroke: "currentColor", strokeWidth: "1.5" })
+              ] }) }),
+              /* @__PURE__ */ jsx4("span", { className: "fc-wallet-name", children: "Other wallets" })
+            ]
+          }
+        ),
+        showOther && otherWallets.map((w) => {
+          const isConnected = w.adapter.name === connectedWalletName;
+          return /* @__PURE__ */ jsxs4(
+            "button",
+            {
+              type: "button",
+              className: "fc-btn fc-btn-wallet",
+              onClick: () => handleConnect(w),
+              children: [
+                /* @__PURE__ */ jsx4("span", { className: "fc-installed-dot", style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ jsx4("img", { src: w.adapter.icon, alt: "", className: "fc-wallet-icon" }) }),
+                /* @__PURE__ */ jsx4("span", { className: "fc-wallet-name", children: w.adapter.name }),
+                isConnected && /* @__PURE__ */ jsx4("span", { className: "fc-badge-preferred", children: "Last used" })
+              ]
+            },
+            w.adapter.name
+          );
+        })
+      ] }),
+      preferredWallets.length === 0 && otherWallets.length === 0 && mobileExtraWallets.length === 0 && /* @__PURE__ */ jsx4("p", { className: "fc-text", children: "No wallet found. Please install a Solana wallet (like Phantom) to continue." }),
+      /* @__PURE__ */ jsxs4("label", { className: "fc-cold-wallet-toggle", children: [
+        /* @__PURE__ */ jsx4(
+          "input",
+          {
+            type: "checkbox",
+            checked: coldWallet,
+            onChange: (e) => setColdWallet(e.target.checked)
+          }
+        ),
+        /* @__PURE__ */ jsx4("span", { className: "fc-toggle-track" }),
+        /* @__PURE__ */ jsxs4("span", { className: "fc-cold-wallet-label", children: [
+          /* @__PURE__ */ jsx4("span", { children: "Hardware wallet" }),
+          /* @__PURE__ */ jsx4("span", { children: "Ledger, Trezor, Keystone..." })
+        ] })
+      ] }),
+      error && /* @__PURE__ */ jsx4("p", { className: "fc-error", children: error })
+    ] }),
+    showBack && !loading && /* @__PURE__ */ jsx4("p", { className: "fc-switch", children: /* @__PURE__ */ jsx4("button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
+  ] });
+}
+
+// src/components/tabs/forgot-password.tsx
+import { useState as useState4 } from "react";
+import { jsx as jsx5, jsxs as jsxs5 } from "react/jsx-runtime";
+function ForgotPasswordForm() {
+  const { forgotPassword, resetPassword, setModalStep } = useForgeConnect();
+  const [step, setStep] = useState4("email");
+  const [email, setEmail] = useState4("");
+  const [token, setToken] = useState4("");
+  const [password, setPassword] = useState4("");
+  const [error, setError] = useState4("");
+  const [loading, setLoading] = useState4(false);
+  const handleSendCode = async (e) => {
+    e.preventDefault();
+    setError("");
+    setLoading(true);
+    try {
+      await forgotPassword(email);
+      setStep("reset");
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Could not send the reset code. Please try again.");
+    } finally {
+      setLoading(false);
+    }
+  };
+  const handleReset = async (e) => {
+    e.preventDefault();
+    setError("");
+    setLoading(true);
+    try {
+      await resetPassword(token.trim(), password);
+      setStep("done");
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Could not reset your password. Please try again.");
+    } finally {
+      setLoading(false);
+    }
+  };
+  if (step === "done") {
+    return /* @__PURE__ */ jsxs5("div", { className: "fc-tab", children: [
+      /* @__PURE__ */ jsx5("h3", { className: "fc-tab-title", children: "Password updated" }),
+      /* @__PURE__ */ jsx5("p", { className: "fc-text", children: "Your password has been reset. You can now sign in." }),
+      /* @__PURE__ */ jsx5("button", { type: "button", className: "fc-btn fc-btn-primary", onClick: () => setModalStep("email-login"), children: "Sign in" })
+    ] });
+  }
+  if (step === "reset") {
+    return /* @__PURE__ */ jsxs5("div", { className: "fc-tab", children: [
+      /* @__PURE__ */ jsx5("h3", { className: "fc-tab-title", children: "Set new password" }),
+      /* @__PURE__ */ jsxs5("p", { className: "fc-text", children: [
+        "We sent a reset code to ",
+        /* @__PURE__ */ jsx5("strong", { children: email }),
+        ". Paste it below with your new password."
+      ] }),
+      /* @__PURE__ */ jsxs5("form", { onSubmit: handleReset, className: "fc-form", children: [
+        /* @__PURE__ */ jsxs5("label", { className: "fc-label", children: [
+          "Reset code",
+          /* @__PURE__ */ jsx5(
+            "input",
+            {
+              type: "text",
+              className: "fc-input",
+              value: token,
+              onChange: (e) => setToken(e.target.value),
+              placeholder: "Paste the code from your email",
+              required: true,
+              autoComplete: "off"
+            }
+          )
+        ] }),
+        /* @__PURE__ */ jsxs5("label", { className: "fc-label", children: [
+          "New password",
+          /* @__PURE__ */ jsx5(
+            "input",
+            {
+              type: "password",
+              className: "fc-input",
+              value: password,
+              onChange: (e) => setPassword(e.target.value),
+              placeholder: "8+ characters",
+              required: true,
+              autoComplete: "new-password",
+              minLength: 8
+            }
+          )
+        ] }),
+        error && /* @__PURE__ */ jsx5("p", { className: "fc-error", children: error }),
+        /* @__PURE__ */ jsx5("button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading, children: loading ? "Resetting..." : "Reset password" })
+      ] }),
+      /* @__PURE__ */ jsx5("p", { className: "fc-switch", children: /* @__PURE__ */ jsx5("button", { type: "button", className: "fc-link", onClick: () => setStep("email"), children: "Resend code" }) })
+    ] });
+  }
+  return /* @__PURE__ */ jsxs5("div", { className: "fc-tab", children: [
+    /* @__PURE__ */ jsx5("h3", { className: "fc-tab-title", children: "Reset your password" }),
+    /* @__PURE__ */ jsx5("p", { className: "fc-text", children: "Enter your email and we'll send you a reset code." }),
+    /* @__PURE__ */ jsxs5("form", { onSubmit: handleSendCode, className: "fc-form", children: [
+      /* @__PURE__ */ jsxs5("label", { className: "fc-label", children: [
+        "Email",
+        /* @__PURE__ */ jsx5(
+          "input",
+          {
+            type: "email",
+            className: "fc-input",
+            value: email,
+            onChange: (e) => setEmail(e.target.value),
+            placeholder: "you@example.com",
+            required: true,
+            autoComplete: "email"
+          }
+        )
+      ] }),
+      error && /* @__PURE__ */ jsx5("p", { className: "fc-error", children: error }),
+      /* @__PURE__ */ jsx5("button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading, children: loading ? "Sending..." : "Send reset code" })
+    ] }),
+    /* @__PURE__ */ jsx5("p", { className: "fc-switch", children: /* @__PURE__ */ jsx5("button", { type: "button", className: "fc-link", onClick: () => setModalStep("email-login"), children: "Back to sign in" }) })
+  ] });
+}
+
+// src/components/tabs/verify-2fa.tsx
+import { useState as useState5, useRef as useRef4, useEffect as useEffect3, useCallback as useCallback2 } from "react";
+import { jsx as jsx6, jsxs as jsxs6 } from "react/jsx-runtime";
+function Verify2FAForm() {
+  const { verify2FA, verifyRecoveryCode, setModalStep } = useForgeConnect();
+  const [code, setCode] = useState5("");
+  const [loading, setLoading] = useState5(false);
+  const [error, setError] = useState5("");
+  const [useRecovery, setUseRecovery] = useState5(false);
+  const inputRef = useRef4(null);
+  const submittingRef = useRef4(false);
+  useEffect3(() => {
+    inputRef.current?.focus();
+  }, [useRecovery]);
+  const submitCode = useCallback2(async (codeValue, isRecovery) => {
+    if (submittingRef.current || !codeValue.trim()) return;
+    submittingRef.current = true;
+    setLoading(true);
+    setError("");
+    try {
+      if (isRecovery) {
+        await verifyRecoveryCode(codeValue.trim());
+      } else {
+        await verify2FA(codeValue.trim());
+      }
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Verification failed. Please try again.");
+    } finally {
+      setLoading(false);
+      submittingRef.current = false;
+    }
+  }, [verify2FA, verifyRecoveryCode]);
+  const handleSubmit = async (e) => {
+    e?.preventDefault();
+    await submitCode(code, useRecovery);
+  };
+  const handleCodeChange = (value) => {
+    setCode(value);
+    if (!useRecovery && value.length === 6 && /^\d{6}$/.test(value)) {
+      submitCode(value, false);
+    }
+  };
+  return /* @__PURE__ */ jsxs6("div", { className: "fc-tab", children: [
+    /* @__PURE__ */ jsxs6("button", { type: "button", className: "fc-back", onClick: () => setModalStep("method-select"), children: [
+      /* @__PURE__ */ jsx6("svg", { width: "16", height: "16", viewBox: "0 0 16 16", fill: "none", children: /* @__PURE__ */ jsx6("path", { d: "M10 12L6 8l4-4", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" }) }),
+      "Back"
+    ] }),
+    /* @__PURE__ */ jsx6("p", { className: "fc-account-section-desc", style: { marginTop: 8 }, children: useRecovery ? "Enter one of your recovery codes." : "Enter the 6-digit code from your authenticator app." }),
+    error && /* @__PURE__ */ jsx6("p", { className: "fc-error", children: error }),
+    /* @__PURE__ */ jsxs6("form", { onSubmit: handleSubmit, className: "fc-form", children: [
+      /* @__PURE__ */ jsx6(
+        "input",
+        {
+          ref: inputRef,
+          className: "fc-input fc-input-code",
+          type: "text",
+          inputMode: useRecovery ? "text" : "numeric",
+          autoComplete: "one-time-code",
+          placeholder: useRecovery ? "Recovery code" : "000000",
+          maxLength: useRecovery ? 20 : 6,
+          value: code,
+          onChange: (e) => handleCodeChange(e.target.value),
+          style: useRecovery ? {} : { textAlign: "center", letterSpacing: "0.3em", fontSize: "1.25rem" }
+        }
+      ),
+      /* @__PURE__ */ jsx6("button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading || !code.trim(), children: loading ? "Verifying..." : "Verify" })
+    ] }),
+    /* @__PURE__ */ jsx6(
+      "button",
+      {
+        type: "button",
+        className: "fc-link",
+        onClick: () => {
+          setUseRecovery(!useRecovery);
+          setCode("");
+          setError("");
+        },
+        style: { marginTop: 12 },
+        children: useRecovery ? "Use authenticator code instead" : "Use a recovery code"
+      }
+    )
+  ] });
+}
+
+// src/components/svg-icon.tsx
+import { useRef as useRef5, useEffect as useEffect4 } from "react";
+import { jsx as jsx7 } from "react/jsx-runtime";
+function SvgIcon({ svg, className }) {
+  const ref = useRef5(null);
+  useEffect4(() => {
+    if (!ref.current || !svg) return;
+    try {
+      const doc = new DOMParser().parseFromString(svg, "text/html");
+      const svgEl = doc.body.querySelector("svg");
+      if (!svgEl) {
+        ref.current.textContent = "";
+        return;
+      }
+      const dangerous = svgEl.querySelectorAll("script,iframe,object,embed,foreignObject");
+      dangerous.forEach((el) => el.remove());
+      const all = svgEl.querySelectorAll("*");
+      all.forEach((el) => {
+        for (const attr of Array.from(el.attributes)) {
+          if (attr.name.startsWith("on")) {
+            el.removeAttribute(attr.name);
+          }
+        }
+      });
+      ref.current.textContent = "";
+      ref.current.appendChild(svgEl);
+    } catch {
+      ref.current.textContent = "";
+    }
+  }, [svg]);
+  return /* @__PURE__ */ jsx7("span", { ref, className });
+}
+
+// src/components/tabs/oauth-buttons.tsx
+import { jsx as jsx8, jsxs as jsxs7 } from "react/jsx-runtime";
+var PROVIDER_INFO = {
+  google: {
+    label: "Google",
+    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92a5.06 5.06 0 0 1-2.2 3.32v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.1z" fill="#4285F4"/><path d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z" fill="#34A853"/><path d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z" fill="#FBBC05"/><path d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z" fill="#EA4335"/></svg>'
+  },
+  discord: {
+    label: "Discord",
+    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M20.317 4.37a19.791 19.791 0 0 0-4.885-1.515.074.074 0 0 0-.079.037c-.21.375-.444.864-.608 1.25a18.27 18.27 0 0 0-5.487 0 12.64 12.64 0 0 0-.617-1.25.077.077 0 0 0-.079-.037A19.736 19.736 0 0 0 3.677 4.37a.07.07 0 0 0-.032.027C.533 9.046-.32 13.58.099 18.057a.082.082 0 0 0 .031.057 19.9 19.9 0 0 0 5.993 3.03.078.078 0 0 0 .084-.028c.462-.63.874-1.295 1.226-1.994a.076.076 0 0 0-.041-.106 13.107 13.107 0 0 1-1.872-.892.077.077 0 0 1-.008-.128c.126-.094.252-.192.372-.292a.074.074 0 0 1 .077-.01c3.928 1.793 8.18 1.793 12.062 0a.074.074 0 0 1 .078.01c.12.098.246.198.373.292a.077.077 0 0 1-.006.127 12.299 12.299 0 0 1-1.873.892.077.077 0 0 0-.041.107c.36.698.772 1.362 1.225 1.993a.076.076 0 0 0 .084.028 19.839 19.839 0 0 0 6.002-3.03.077.077 0 0 0 .032-.054c.5-5.177-.838-9.674-3.549-13.66a.061.061 0 0 0-.031-.03z" fill="#5865F2"/></svg>'
+  },
+  twitter: {
+    label: "Twitter",
+    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M18.244 2.25h3.308l-7.227 8.26 8.502 11.24H16.17l-5.214-6.817L4.99 21.75H1.68l7.73-8.835L1.254 2.25H8.08l4.713 6.231zm-1.161 17.52h1.833L7.084 4.126H5.117z" fill="currentColor"/></svg>'
+  },
+  apple: {
+    label: "Apple",
+    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M17.05 20.28c-.98.95-2.05.88-3.08.4-1.09-.5-2.08-.52-3.23 0-1.44.64-2.2.45-3.06-.4C3.79 16.17 4.36 9.02 8.8 8.78c1.27.06 2.15.72 2.91.76.93-.19 1.82-.88 2.83-.8 1.21.1 2.12.58 2.72 1.49-2.46 1.48-1.88 4.73.52 5.64-.42 1.13-.98 2.24-1.73 3.41zM12.03 8.7c-.12-2.35 1.82-4.38 4.04-4.54.29 2.56-2.34 4.68-4.04 4.54z" fill="currentColor"/></svg>'
+  },
+  telegram: {
+    label: "Telegram",
+    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M11.944 0A12 12 0 0 0 0 12a12 12 0 0 0 12 12 12 12 0 0 0 12-12A12 12 0 0 0 12 0a12 12 0 0 0-.056 0zm4.962 7.224c.1-.002.321.023.465.14a.506.506 0 0 1 .171.325c.016.093.036.306.02.472-.18 1.898-.962 6.502-1.36 8.627-.168.9-.499 1.201-.82 1.23-.696.065-1.225-.46-1.9-.902-1.056-.693-1.653-1.124-2.678-1.8-1.185-.78-.417-1.21.258-1.91.177-.184 3.247-2.977 3.307-3.23.007-.032.014-.15-.056-.212s-.174-.041-.249-.024c-.106.024-1.793 1.14-5.061 3.345-.479.33-.913.49-1.302.48-.428-.008-1.252-.241-1.865-.44-.752-.245-1.349-.374-1.297-.789.027-.216.325-.437.893-.663 3.498-1.524 5.83-2.529 6.998-3.014 3.332-1.386 4.025-1.627 4.476-1.635z" fill="#2AABEE"/></svg>'
+  }
+};
+function OAuthButton({ provider }) {
+  const { loginWithOAuth } = useForgeConnect();
+  const info = PROVIDER_INFO[provider];
+  return /* @__PURE__ */ jsxs7(
+    "button",
+    {
+      type: "button",
+      className: "fc-btn fc-btn-oauth",
+      onClick: () => loginWithOAuth(provider),
+      children: [
+        /* @__PURE__ */ jsx8(SvgIcon, { svg: info.icon, className: "fc-oauth-icon" }),
+        /* @__PURE__ */ jsx8("span", { className: "fc-btn-name", children: info.label })
+      ]
+    }
+  );
+}
+
+// src/components/login-modal.tsx
+import { Fragment as Fragment2, jsx as jsx9, jsxs as jsxs8 } from "react/jsx-runtime";
+function LoginModal() {
+  const { modal, closeModal, config } = useForgeConnect();
+  const renderStep = () => {
+    switch (modal.step) {
+      case "email-login":
+        return /* @__PURE__ */ jsx9(EmailLoginForm, {});
+      case "email-register":
+        return /* @__PURE__ */ jsx9(EmailRegisterForm, {});
+      case "email-otp":
+        return /* @__PURE__ */ jsx9(EmailOtpForm, {});
+      case "wallet-connect":
+        return /* @__PURE__ */ jsx9(WalletConnectForm, {});
+      case "forgot-password":
+        return /* @__PURE__ */ jsx9(ForgotPasswordForm, {});
+      case "verify-2fa":
+        return /* @__PURE__ */ jsx9(Verify2FAForm, {});
+      case "oauth":
+        return /* @__PURE__ */ jsx9(OAuthLoadingView, {});
+      case "success":
+        return /* @__PURE__ */ jsx9(SuccessView, {});
+      case "method-select":
+      default:
+        return /* @__PURE__ */ jsx9(MethodSelect, {});
+    }
+  };
+  const renderLogo = () => {
+    if (config.appearance?.logoNode) {
+      return /* @__PURE__ */ jsx9("div", { className: "fc-logo", children: config.appearance.logoNode });
+    }
+    if (config.appearance?.logo) {
+      return /* @__PURE__ */ jsx9("img", { src: config.appearance.logo, alt: "", className: "fc-logo" });
+    }
+    return null;
+  };
+  return /* @__PURE__ */ jsx9(ModalOverlay, { isOpen: modal.isOpen, onClose: closeModal, children: /* @__PURE__ */ jsx9(
+    "div",
+    {
+      className: "fc-modal-content",
+      style: {
+        "--fc-accent": config.appearance?.accentColor ?? "#8b5cf6"
+      },
+      "data-theme": config.appearance?.theme ?? "light",
+      children: modal.step === "success" || modal.step === "oauth" ? renderStep() : /* @__PURE__ */ jsxs8(Fragment2, { children: [
+        renderLogo(),
+        /* @__PURE__ */ jsx9("h2", { className: "fc-modal-title", children: config.appearance?.title ?? "Log in or sign up" }),
+        renderStep(),
+        (config.appearance?.termsUrl || config.appearance?.privacyUrl) && /* @__PURE__ */ jsxs8("p", { className: "fc-legal", children: [
+          "By continuing, you agree to our",
+          " ",
+          config.appearance.termsUrl && /* @__PURE__ */ jsx9("a", { href: config.appearance.termsUrl, target: "_blank", rel: "noopener noreferrer", className: "fc-legal-link", children: "Terms" }),
+          config.appearance.termsUrl && config.appearance.privacyUrl && " and ",
+          config.appearance.privacyUrl && /* @__PURE__ */ jsx9("a", { href: config.appearance.privacyUrl, target: "_blank", rel: "noopener noreferrer", className: "fc-legal-link", children: "Privacy Policy" })
+        ] })
+      ] })
+    }
+  ) });
+}
+var EmailIcon = () => /* @__PURE__ */ jsx9("div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ jsxs8("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
+  /* @__PURE__ */ jsx9("rect", { x: "2", y: "4", width: "16", height: "12", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
+  /* @__PURE__ */ jsx9("path", { d: "M2 6l8 5 8-5", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
+] }) });
+var OtpIcon = () => /* @__PURE__ */ jsx9("div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ jsxs8("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
+  /* @__PURE__ */ jsx9("rect", { x: "3", y: "6", width: "14", height: "9", rx: "1.5", stroke: "currentColor", strokeWidth: "1.5" }),
+  /* @__PURE__ */ jsx9("circle", { cx: "6.5", cy: "10.5", r: "1", fill: "currentColor" }),
+  /* @__PURE__ */ jsx9("circle", { cx: "10", cy: "10.5", r: "1", fill: "currentColor" }),
+  /* @__PURE__ */ jsx9("circle", { cx: "13.5", cy: "10.5", r: "1", fill: "currentColor" })
+] }) });
+var WalletIcon = () => /* @__PURE__ */ jsx9("div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ jsxs8("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
+  /* @__PURE__ */ jsx9("rect", { x: "2", y: "5", width: "16", height: "11", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
+  /* @__PURE__ */ jsx9("rect", { x: "13", y: "9", width: "5", height: "3", rx: "1", stroke: "currentColor", strokeWidth: "1.5" })
+] }) });
+var PasskeyIcon = () => /* @__PURE__ */ jsx9("div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ jsxs8("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
+  /* @__PURE__ */ jsx9("circle", { cx: "8", cy: "7", r: "3", stroke: "currentColor", strokeWidth: "1.5" }),
+  /* @__PURE__ */ jsx9("path", { d: "M13 13.5a5 5 0 0 0-10 0", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" }),
+  /* @__PURE__ */ jsx9("path", { d: "M15 10v4m0 0l-1.5-1m1.5 1l1.5-1", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" })
+] }) });
+var LoadingSpinner = () => /* @__PURE__ */ jsx9("div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ jsx9("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon fc-spin", children: /* @__PURE__ */ jsx9("path", { d: "M10 2a8 8 0 0 1 8 8", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" }) }) });
+function MethodSelect() {
+  const { setModalStep, loginWithPasskey, config } = useForgeConnect();
+  const methods = resolveLoginMethods(config);
+  const [passkeyLoading, setPasskeyLoading] = useState6(false);
+  const [passkeyError, setPasskeyError] = useState6("");
+  const handlePasskey = async () => {
+    setPasskeyLoading(true);
+    setPasskeyError("");
+    try {
+      await loginWithPasskey();
+    } catch (err) {
+      setPasskeyError(err instanceof Error ? err.message : "Passkey authentication failed.");
+    } finally {
+      setPasskeyLoading(false);
+    }
+  };
+  const elements = [];
+  let i = 0;
+  while (i < methods.length) {
+    const method = methods[i];
+    if (isOAuthMethod(method)) {
+      const oauthGroup = [];
+      while (i < methods.length && isOAuthMethod(methods[i])) {
+        oauthGroup.push(methods[i]);
+        i++;
+      }
+      if (elements.length > 0) {
+        elements.push(/* @__PURE__ */ jsx9("div", { className: "fc-divider", children: /* @__PURE__ */ jsx9("span", { children: "or" }) }, `div-before-${oauthGroup[0]}`));
+      }
+      elements.push(
+        /* @__PURE__ */ jsx9("div", { className: "fc-oauth-group", children: oauthGroup.map((p) => /* @__PURE__ */ jsx9(OAuthButton, { provider: p }, p)) }, `oauth-${oauthGroup.join("-")}`)
+      );
+    } else {
+      if (elements.length > 0) {
+        const prev = methods[i - 1];
+        if (prev && isOAuthMethod(prev)) {
+          elements.push(/* @__PURE__ */ jsx9("div", { className: "fc-divider", children: /* @__PURE__ */ jsx9("span", { children: "or" }) }, `div-after-${prev}`));
+        }
+      }
+      switch (method) {
+        case "email":
+          elements.push(
+            /* @__PURE__ */ jsxs8("button", { type: "button", className: "fc-btn fc-btn-method", onClick: () => setModalStep("email-login"), children: [
+              /* @__PURE__ */ jsx9(EmailIcon, {}),
+              " ",
+              /* @__PURE__ */ jsx9("span", { className: "fc-btn-name", children: "Password" })
+            ] }, "email")
+          );
+          break;
+        case "otp":
+          elements.push(
+            /* @__PURE__ */ jsxs8("button", { type: "button", className: "fc-btn fc-btn-method", onClick: () => setModalStep("email-otp"), children: [
+              /* @__PURE__ */ jsx9(OtpIcon, {}),
+              " ",
+              /* @__PURE__ */ jsx9("span", { className: "fc-btn-name", children: "Magic code" })
+            ] }, "otp")
+          );
+          break;
+        case "wallet":
+          elements.push(
+            /* @__PURE__ */ jsxs8("button", { type: "button", className: "fc-btn fc-btn-method", onClick: () => setModalStep("wallet-connect"), children: [
+              /* @__PURE__ */ jsx9(WalletIcon, {}),
+              " ",
+              /* @__PURE__ */ jsx9("span", { className: "fc-btn-name", children: "Wallet" })
+            ] }, "wallet")
+          );
+          break;
+        case "passkey":
+          elements.push(
+            /* @__PURE__ */ jsxs8("button", { type: "button", className: "fc-btn fc-btn-method", onClick: handlePasskey, disabled: passkeyLoading, children: [
+              passkeyLoading ? /* @__PURE__ */ jsx9(LoadingSpinner, {}) : /* @__PURE__ */ jsx9(PasskeyIcon, {}),
+              /* @__PURE__ */ jsx9("span", { className: "fc-btn-name", children: passkeyLoading ? "Waiting for passkey..." : "Passkey" })
+            ] }, "passkey")
+          );
+          break;
+      }
+      i++;
+    }
+  }
+  return /* @__PURE__ */ jsxs8("div", { className: "fc-method-select", children: [
+    passkeyError && /* @__PURE__ */ jsx9("p", { className: "fc-error", children: passkeyError }),
+    elements
+  ] });
+}
+function OAuthLoadingView() {
+  const { setModalStep } = useForgeConnect();
+  return /* @__PURE__ */ jsxs8("div", { className: "fc-success", children: [
+    /* @__PURE__ */ jsx9("div", { className: "fc-success-icon", children: /* @__PURE__ */ jsx9("svg", { width: "52", height: "52", viewBox: "0 0 52 52", className: "fc-spin", children: /* @__PURE__ */ jsx9("circle", { cx: "26", cy: "26", r: "24", fill: "none", stroke: "var(--fc-accent, #8b5cf6)", strokeWidth: "3", strokeLinecap: "round", strokeDasharray: "100", strokeDashoffset: "30" }) }) }),
+    /* @__PURE__ */ jsx9("p", { className: "fc-success-text", children: "Completing sign in..." }),
+    /* @__PURE__ */ jsx9("button", { type: "button", className: "fc-btn fc-btn-secondary", style: { marginTop: "16px" }, onClick: () => setModalStep("method-select"), children: "Cancel" })
+  ] });
+}
+function SuccessView() {
+  return /* @__PURE__ */ jsxs8("div", { className: "fc-success", children: [
+    /* @__PURE__ */ jsx9("div", { className: "fc-success-icon", children: /* @__PURE__ */ jsxs8("svg", { viewBox: "0 0 52 52", className: "fc-success-check", children: [
+      /* @__PURE__ */ jsx9("circle", { className: "fc-success-circle", cx: "26", cy: "26", r: "24", fill: "none" }),
+      /* @__PURE__ */ jsx9("path", { className: "fc-success-tick", fill: "none", d: "M15 26l7.5 7.5L37 19" })
+    ] }) }),
+    /* @__PURE__ */ jsx9("p", { className: "fc-success-text", children: "You're in" })
+  ] });
+}
+
+// src/components/account-modal.tsx
+import { useState as useState14, useEffect as useEffect10, useRef as useRef7, useCallback as useCallback7 } from "react";
+
+// src/hooks/use-user.ts
+import { useState as useState7, useCallback as useCallback3, useEffect as useEffect5, useRef as useRef6 } from "react";
+function useUser() {
+  const { auth, api, config, getAccessToken } = useForgeConnect();
+  const [authMethods, setAuthMethods] = useState7(null);
+  const [loading, setLoading] = useState7(false);
+  const pendingRefreshRef = useRef6(false);
+  const updateProfile = useCallback3(
+    async (data) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      return api.updateMe(token, data);
+    },
+    [api, getAccessToken]
+  );
+  const fetchAuthMethods = useCallback3(async () => {
+    const token = getAccessToken();
+    if (!token) throw new Error("Please sign in to continue.");
+    setLoading(true);
+    try {
+      const methods = await api.getAuthMethods(token);
+      setAuthMethods(methods);
+      return methods;
+    } finally {
+      setLoading(false);
+    }
+  }, [api, getAccessToken]);
+  const linkAuthMethod = useCallback3(
+    async (data) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.linkAuthMethod(token, data);
+      await fetchAuthMethods();
+    },
+    [api, getAccessToken, fetchAuthMethods]
+  );
+  const linkOtpSend = useCallback3(
+    async (email) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.linkOtpSend(token, email);
+    },
+    [api, getAccessToken]
+  );
+  const linkOtpVerify = useCallback3(
+    async (email, code) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.linkOtpVerify(token, email, code);
+      await fetchAuthMethods();
+    },
+    [api, getAccessToken, fetchAuthMethods]
+  );
+  const unlinkAuthMethod = useCallback3(
+    async (id) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.unlinkAuthMethod(token, id);
+      await fetchAuthMethods();
+    },
+    [api, getAccessToken, fetchAuthMethods]
+  );
+  const linkOAuth = useCallback3(
+    async (provider) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      const { intentToken } = await api.createLinkIntent(token);
+      const redirectUri = encodeURIComponent(window.location.origin + "/fc-oauth-callback");
+      const url = `${config.apiUrl}/auth/oauth/${provider}/link?intent=${encodeURIComponent(intentToken)}&redirect_uri=${redirectUri}`;
+      const width = 500;
+      const height = 600;
+      const left = window.screenX + (window.innerWidth - width) / 2;
+      const top = window.screenY + (window.innerHeight - height) / 2;
+      window.open(url, "fc_oauth_link", `width=${width},height=${height},left=${left},top=${top}`);
+      pendingRefreshRef.current = true;
+    },
+    [api, config.apiUrl, getAccessToken]
+  );
+  useEffect5(() => {
+    const handleMessage = (event) => {
+      if (event.origin !== window.location.origin) return;
+      if (event.data?.type === "fc_oauth_link_success" && pendingRefreshRef.current) {
+        pendingRefreshRef.current = false;
+        fetchAuthMethods().catch(() => {
+        });
+      }
+    };
+    window.addEventListener("message", handleMessage);
+    return () => window.removeEventListener("message", handleMessage);
+  }, [fetchAuthMethods]);
+  return {
+    user: auth.user,
+    authMethods,
+    loading,
+    updateProfile,
+    fetchAuthMethods,
+    linkAuthMethod,
+    linkOtpSend,
+    linkOtpVerify,
+    unlinkAuthMethod,
+    linkOAuth
+  };
+}
+
+// src/hooks/use-wallets.ts
+import { useState as useState8, useCallback as useCallback4 } from "react";
+
+// src/lib/utils.ts
+var BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+function uint8ArrayToBase58(bytes) {
+  const digits = [0];
+  for (const byte of bytes) {
+    let carry = byte;
+    for (let j = 0; j < digits.length; j++) {
+      carry += digits[j] << 8;
+      digits[j] = carry % 58;
+      carry = carry / 58 | 0;
+    }
+    while (carry > 0) {
+      digits.push(carry % 58);
+      carry = carry / 58 | 0;
+    }
+  }
+  let str = "";
+  for (let i = 0; i < bytes.length && bytes[i] === 0; i++) {
+    str += "1";
+  }
+  for (let i = digits.length - 1; i >= 0; i--) {
+    str += BASE58_ALPHABET[digits[i]];
+  }
+  return str;
+}
+function timeAgo(dateStr) {
+  const now = Date.now();
+  const then = new Date(dateStr).getTime();
+  const diff = now - then;
+  const mins = Math.floor(diff / 6e4);
+  if (mins < 1) return "just now";
+  if (mins < 60) return `${mins}m ago`;
+  const hours = Math.floor(mins / 60);
+  if (hours < 24) return `${hours}h ago`;
+  const days = Math.floor(hours / 24);
+  if (days < 30) return `${days}d ago`;
+  return new Date(dateStr).toLocaleDateString();
+}
+
+// src/hooks/use-wallets.ts
+function useWallets() {
+  const { api, getAccessToken } = useForgeConnect();
+  const [wallets, setWallets] = useState8(null);
+  const [loading, setLoading] = useState8(false);
+  const fetchWallets = useCallback4(async () => {
+    const token = getAccessToken();
+    if (!token) throw new Error("Please sign in to continue.");
+    setLoading(true);
+    try {
+      const data = await api.getWallets(token);
+      setWallets(data);
+      return data;
+    } finally {
+      setLoading(false);
+    }
+  }, [api, getAccessToken]);
+  const updateWallet = useCallback4(
+    async (id, data) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.updateWallet(token, id, data);
+      await fetchWallets();
+    },
+    [api, getAccessToken, fetchWallets]
+  );
+  const linkWallet = useCallback4(
+    async (walletAddress, signMessage, chain = "solana") => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      const { challengeId, message: challengeMessage } = await api.walletChallenge(walletAddress, chain);
+      const encoded = new TextEncoder().encode(challengeMessage);
+      const signatureBytes = await signMessage(encoded);
+      const signature = chain === "solana" ? uint8ArrayToBase58(signatureBytes) : Array.from(signatureBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+      await api.linkAuthMethod(token, {
+        provider: `${chain}_wallet`,
+        challengeId,
+        signature,
+        walletAddress
+      });
+      await fetchWallets();
+    },
+    [api, getAccessToken, fetchWallets]
+  );
+  return {
+    wallets,
+    loading,
+    fetchWallets,
+    updateWallet,
+    linkWallet
+  };
+}
+
+// src/hooks/use-sessions.ts
+import { useState as useState9, useCallback as useCallback5 } from "react";
+function useSessions() {
+  const { api, getAccessToken } = useForgeConnect();
+  const [sessions, setSessions] = useState9(null);
+  const [loading, setLoading] = useState9(false);
+  const fetchSessions = useCallback5(async () => {
+    const token = getAccessToken();
+    if (!token) throw new Error("Please sign in to continue.");
+    setLoading(true);
+    try {
+      const data = await api.getSessions(token);
+      setSessions(data);
+      return data;
+    } finally {
+      setLoading(false);
+    }
+  }, [api, getAccessToken]);
+  const revokeSession = useCallback5(
+    async (id) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.revokeSession(token, id);
+      await fetchSessions();
+    },
+    [api, getAccessToken, fetchSessions]
+  );
+  return {
+    sessions,
+    loading,
+    fetchSessions,
+    revokeSession
+  };
+}
+
+// src/components/two-factor-modal.tsx
+import { useState as useState10, useEffect as useEffect6 } from "react";
+import { Fragment as Fragment3, jsx as jsx10, jsxs as jsxs9 } from "react/jsx-runtime";
+function TwoFactorModal({ isOpen, onClose, initialEnabled, onStatusChange }) {
+  const { api, getAccessToken, config } = useForgeConnect();
+  const theme = config.appearance?.theme ?? "light";
+  const [step, setStep] = useState10(initialEnabled ? "manage" : "setup");
+  const [setupData, setSetupData] = useState10(null);
+  const [code, setCode] = useState10("");
+  const [loading, setLoading] = useState10(false);
+  const [msg, setMsg] = useState10(null);
+  const [showSecret, setShowSecret] = useState10(false);
+  const [recoveryCodes, setRecoveryCodes] = useState10([]);
+  useEffect6(() => {
+    if (isOpen) {
+      setStep(initialEnabled ? "manage" : "setup");
+      setSetupData(null);
+      setCode("");
+      setMsg(null);
+      setLoading(false);
+      setShowSecret(false);
+      setRecoveryCodes([]);
+      if (!initialEnabled) {
+        const token = getAccessToken();
+        if (token) {
+          setLoading(true);
+          api.setup2FA(token).then((data) => {
+            setSetupData(data);
+            setRecoveryCodes(data.recoveryCodes);
+          }).catch((err) => {
+            setMsg({ text: err instanceof Error ? err.message : "Could not set up 2FA.", ok: false });
+          }).finally(() => setLoading(false));
+        }
+      }
+    }
+  }, [isOpen, initialEnabled, api, getAccessToken]);
+  const handleEnable = async () => {
+    const token = getAccessToken();
+    if (!token || !code) return;
+    setLoading(true);
+    setMsg(null);
+    try {
+      await api.enable2FA(token, code);
+      onStatusChange(true);
+      setStep("recovery-codes");
+      setCode("");
+    } catch (err) {
+      setMsg({ text: err instanceof Error ? err.message : "Invalid code.", ok: false });
+    } finally {
+      setLoading(false);
+    }
+  };
+  const handleDisable = async () => {
+    const token = getAccessToken();
+    if (!token || !code) return;
+    setLoading(true);
+    setMsg(null);
+    try {
+      await api.disable2FA(token, code);
+      onStatusChange(false);
+      setCode("");
+      onClose();
+    } catch (err) {
+      setMsg({ text: err instanceof Error ? err.message : "Invalid code.", ok: false });
+    } finally {
+      setLoading(false);
+    }
+  };
+  const handleRegenerate = async () => {
+    const token = getAccessToken();
+    if (!token || !code) return;
+    setLoading(true);
+    setMsg(null);
+    try {
+      const { recoveryCodes: codes } = await api.regenerateRecoveryCodes(token, code);
+      setRecoveryCodes(codes);
+      setStep("recovery-codes");
+      setCode("");
+    } catch (err) {
+      setMsg({ text: err instanceof Error ? err.message : "Invalid code.", ok: false });
+    } finally {
+      setLoading(false);
+    }
+  };
+  const handleCopyAll = () => {
+    navigator.clipboard.writeText(recoveryCodes.join("\n")).catch(() => {
+    });
+  };
+  const goBack = () => {
+    setCode("");
+    setMsg(null);
+    setStep("manage");
+  };
+  if (!isOpen) return null;
+  return /* @__PURE__ */ jsx10(ModalOverlay, { isOpen, onClose, children: /* @__PURE__ */ jsxs9(
+    "div",
+    {
+      className: "fc-modal-content",
+      style: { "--fc-accent": config.appearance?.accentColor ?? "#8b5cf6" },
+      "data-theme": theme,
+      children: [
+        step === "setup" && /* @__PURE__ */ jsxs9(Fragment3, { children: [
+          /* @__PURE__ */ jsx10("h2", { className: "fc-modal-title", children: "Set up 2FA" }),
+          msg && /* @__PURE__ */ jsx10("p", { className: msg.ok ? "fc-text" : "fc-error", children: msg.text }),
+          loading && !setupData && /* @__PURE__ */ jsx10("p", { className: "fc-text", children: "Loading..." }),
+          setupData && /* @__PURE__ */ jsxs9("div", { className: "fc-tab", children: [
+            /* @__PURE__ */ jsx10("p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Scan this QR code with your authenticator app" }),
+            /* @__PURE__ */ jsx10("div", { style: { display: "flex", justifyContent: "center", margin: "12px 0" }, children: /* @__PURE__ */ jsx10(
+              "img",
+              {
+                src: setupData.qrCodeDataUrl,
+                alt: "TOTP QR code",
+                style: { width: 180, height: 180, borderRadius: 12 }
+              }
+            ) }),
+            /* @__PURE__ */ jsxs9("div", { style: { textAlign: "center", marginBottom: 12 }, children: [
+              /* @__PURE__ */ jsx10("button", { type: "button", className: "fc-link", onClick: () => setShowSecret(!showSecret), children: showSecret ? "Hide code" : "Can't scan? Enter manually" }),
+              showSecret && /* @__PURE__ */ jsx10("p", { style: { margin: "8px 0 0", fontFamily: "monospace", fontSize: 12, opacity: 0.7, wordBreak: "break-all" }, children: setupData.secret })
+            ] }),
+            /* @__PURE__ */ jsx10(
+              "input",
+              {
+                className: "fc-input",
+                type: "text",
+                inputMode: "numeric",
+                placeholder: "Enter 6-digit code",
+                maxLength: 6,
+                value: code,
+                onChange: (e) => setCode(e.target.value.replace(/\D/g, "")),
+                style: { textAlign: "center", letterSpacing: "0.2em" },
+                autoFocus: true
+              }
+            ),
+            /* @__PURE__ */ jsx10(
+              "button",
+              {
+                type: "button",
+                className: "fc-btn fc-btn-primary",
+                onClick: handleEnable,
+                disabled: loading || code.length !== 6,
+                style: { marginTop: 10 },
+                children: loading ? "Verifying..." : "Verify & Enable"
+              }
+            )
+          ] })
+        ] }),
+        step === "manage" && /* @__PURE__ */ jsxs9(Fragment3, { children: [
+          /* @__PURE__ */ jsx10("h2", { className: "fc-modal-title", children: "Two-factor authentication" }),
+          /* @__PURE__ */ jsx10("div", { style: { textAlign: "center", marginBottom: 20 }, children: /* @__PURE__ */ jsx10("span", { className: "fc-badge-verified", style: { fontSize: 12, padding: "4px 12px" }, children: "Enabled" }) }),
+          /* @__PURE__ */ jsxs9("div", { className: "fc-tab", children: [
+            /* @__PURE__ */ jsxs9(
+              "button",
+              {
+                type: "button",
+                className: "fc-security-card",
+                onClick: () => {
+                  setCode("");
+                  setMsg(null);
+                  setStep("confirm-regenerate");
+                },
+                children: [
+                  /* @__PURE__ */ jsx10("span", { className: "fc-security-card-icon", children: /* @__PURE__ */ jsxs9("svg", { viewBox: "0 0 20 20", fill: "none", children: [
+                    /* @__PURE__ */ jsx10("path", { d: "M3 10a7 7 0 0 1 7-7m0 14a7 7 0 0 1-7-7m14 0a7 7 0 0 1-7 7m0-14a7 7 0 0 1 7 7", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" }),
+                    /* @__PURE__ */ jsx10("path", { d: "M14 3l-1 3h3", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" })
+                  ] }) }),
+                  /* @__PURE__ */ jsxs9("span", { className: "fc-security-card-info", children: [
+                    /* @__PURE__ */ jsx10("span", { className: "fc-security-card-label", children: "Regenerate recovery codes" }),
+                    /* @__PURE__ */ jsx10("span", { className: "fc-security-card-detail", children: "Get new backup codes" })
+                  ] }),
+                  /* @__PURE__ */ jsx10("span", { className: "fc-security-card-chevron", children: /* @__PURE__ */ jsx10("svg", { viewBox: "0 0 16 16", fill: "none", children: /* @__PURE__ */ jsx10("path", { d: "M6 4l4 4-4 4", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" }) }) })
+                ]
+              }
+            ),
+            /* @__PURE__ */ jsxs9(
+              "button",
+              {
+                type: "button",
+                className: "fc-security-card",
+                onClick: () => {
+                  setCode("");
+                  setMsg(null);
+                  setStep("confirm-disable");
+                },
+                children: [
+                  /* @__PURE__ */ jsx10("span", { className: "fc-security-card-icon", style: { color: "#dc2626" }, children: /* @__PURE__ */ jsxs9("svg", { viewBox: "0 0 20 20", fill: "none", children: [
+                    /* @__PURE__ */ jsx10("path", { d: "M10 2l6 3v4c0 4.42-2.56 8.22-6 9.5C6.56 17.22 4 13.42 4 9V5l6-3z", stroke: "currentColor", strokeWidth: "1.5", strokeLinejoin: "round" }),
+                    /* @__PURE__ */ jsx10("path", { d: "M7.5 7.5l5 5M12.5 7.5l-5 5", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
+                  ] }) }),
+                  /* @__PURE__ */ jsxs9("span", { className: "fc-security-card-info", children: [
+                    /* @__PURE__ */ jsx10("span", { className: "fc-security-card-label", style: { color: "#dc2626" }, children: "Disable 2FA" }),
+                    /* @__PURE__ */ jsx10("span", { className: "fc-security-card-detail", children: "Remove two-factor authentication" })
+                  ] }),
+                  /* @__PURE__ */ jsx10("span", { className: "fc-security-card-chevron", children: /* @__PURE__ */ jsx10("svg", { viewBox: "0 0 16 16", fill: "none", children: /* @__PURE__ */ jsx10("path", { d: "M6 4l4 4-4 4", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" }) }) })
+                ]
+              }
+            )
+          ] })
+        ] }),
+        step === "confirm-regenerate" && /* @__PURE__ */ jsxs9(Fragment3, { children: [
+          /* @__PURE__ */ jsx10("h2", { className: "fc-modal-title", children: "Regenerate recovery codes" }),
+          /* @__PURE__ */ jsx10("p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Enter your 2FA code to generate new recovery codes. Your old codes will stop working." }),
+          msg && /* @__PURE__ */ jsx10("p", { className: msg.ok ? "fc-text" : "fc-error", children: msg.text }),
+          /* @__PURE__ */ jsxs9("div", { className: "fc-tab", children: [
+            /* @__PURE__ */ jsx10(
+              "input",
+              {
+                className: "fc-input",
+                type: "text",
+                inputMode: "numeric",
+                placeholder: "Enter 6-digit code",
+                maxLength: 6,
+                value: code,
+                onChange: (e) => setCode(e.target.value.replace(/\D/g, "")),
+                style: { textAlign: "center", letterSpacing: "0.2em" },
+                autoFocus: true
+              }
+            ),
+            /* @__PURE__ */ jsx10(
+              "button",
+              {
+                type: "button",
+                className: "fc-btn fc-btn-primary",
+                onClick: handleRegenerate,
+                disabled: loading || code.length !== 6,
+                style: { marginTop: 10 },
+                children: loading ? "Generating..." : "Regenerate codes"
+              }
+            ),
+            /* @__PURE__ */ jsx10("div", { className: "fc-switch", style: { marginTop: 12 }, children: /* @__PURE__ */ jsx10("button", { type: "button", className: "fc-link", onClick: goBack, children: "Back" }) })
+          ] })
+        ] }),
+        step === "confirm-disable" && /* @__PURE__ */ jsxs9(Fragment3, { children: [
+          /* @__PURE__ */ jsx10("h2", { className: "fc-modal-title", children: "Disable 2FA" }),
+          /* @__PURE__ */ jsx10("p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Enter your 2FA code to disable two-factor authentication." }),
+          msg && /* @__PURE__ */ jsx10("p", { className: msg.ok ? "fc-text" : "fc-error", children: msg.text }),
+          /* @__PURE__ */ jsxs9("div", { className: "fc-tab", children: [
+            /* @__PURE__ */ jsx10(
+              "input",
+              {
+                className: "fc-input",
+                type: "text",
+                inputMode: "numeric",
+                placeholder: "Enter 6-digit code",
+                maxLength: 6,
+                value: code,
+                onChange: (e) => setCode(e.target.value.replace(/\D/g, "")),
+                style: { textAlign: "center", letterSpacing: "0.2em" },
+                autoFocus: true
+              }
+            ),
+            /* @__PURE__ */ jsx10(
+              "button",
+              {
+                type: "button",
+                className: "fc-btn fc-btn-secondary",
+                onClick: handleDisable,
+                disabled: loading || code.length !== 6,
+                style: { marginTop: 10, background: "rgba(220, 38, 38, 0.1)", color: "#dc2626", borderColor: "rgba(220, 38, 38, 0.2)" },
+                children: loading ? "Disabling..." : "Disable 2FA"
+              }
+            ),
+            /* @__PURE__ */ jsx10("div", { className: "fc-switch", style: { marginTop: 12 }, children: /* @__PURE__ */ jsx10("button", { type: "button", className: "fc-link", onClick: goBack, children: "Back" }) })
+          ] })
+        ] }),
+        step === "recovery-codes" && /* @__PURE__ */ jsxs9(Fragment3, { children: [
+          /* @__PURE__ */ jsx10("h2", { className: "fc-modal-title", children: "Save your recovery codes" }),
+          /* @__PURE__ */ jsx10("p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Store these codes somewhere safe. Each code can only be used once." }),
+          /* @__PURE__ */ jsx10("div", { className: "fc-recovery-grid", children: recoveryCodes.map((c, i) => /* @__PURE__ */ jsx10("div", { className: "fc-recovery-code", children: c }, i)) }),
+          /* @__PURE__ */ jsx10("div", { style: { textAlign: "center", margin: "8px 0 12px" }, children: /* @__PURE__ */ jsx10("button", { type: "button", className: "fc-link", onClick: handleCopyAll, children: "Copy all" }) }),
+          /* @__PURE__ */ jsx10("button", { type: "button", className: "fc-btn fc-btn-primary", onClick: onClose, children: "Done" })
+        ] })
+      ]
+    }
+  ) });
+}
+
+// src/components/passkeys-modal.tsx
+import { useState as useState11, useEffect as useEffect7, useCallback as useCallback6 } from "react";
+import { jsx as jsx11, jsxs as jsxs10 } from "react/jsx-runtime";
+function PasskeysModal({ isOpen, onClose, onCountChange }) {
+  const { api, getAccessToken, config } = useForgeConnect();
+  const theme = config.appearance?.theme ?? "light";
+  const [passkeys, setPasskeys] = useState11([]);
+  const [loading, setLoading] = useState11(false);
+  const [addLoading, setAddLoading] = useState11(false);
+  const [msg, setMsg] = useState11("");
+  const fetchPasskeys = useCallback6(async () => {
+    const token = getAccessToken();
+    if (!token) return;
+    setLoading(true);
+    try {
+      const list = await api.getPasskeys(token);
+      setPasskeys(list);
+      onCountChange(list.length);
+    } catch {
+    } finally {
+      setLoading(false);
+    }
+  }, [api, getAccessToken, onCountChange]);
+  useEffect7(() => {
+    if (isOpen) {
+      setMsg("");
+      fetchPasskeys();
+    }
+  }, [isOpen, fetchPasskeys]);
+  const handleAdd = async () => {
+    const token = getAccessToken();
+    if (!token) return;
+    setAddLoading(true);
+    setMsg("");
+    try {
+      const { options, challengeKey } = await api.getPasskeyRegisterOptions(token, config.webauthnRpId, config.webauthnOrigin);
+      const regResponse = await startRegistration({ optionsJSON: options });
+      const passkey = await api.verifyPasskeyRegistration(token, challengeKey, regResponse, void 0, config.webauthnRpId, config.webauthnOrigin);
+      const updated = [...passkeys, passkey];
+      setPasskeys(updated);
+      onCountChange(updated.length);
+    } catch (err) {
+      setMsg(err instanceof Error ? err.message : "Could not add passkey.");
+    } finally {
+      setAddLoading(false);
+    }
+  };
+  const handleDelete = async (id) => {
+    const token = getAccessToken();
+    if (!token) return;
+    setMsg("");
+    try {
+      await api.deletePasskey(token, id);
+      const updated = passkeys.filter((p) => p.id !== id);
+      setPasskeys(updated);
+      onCountChange(updated.length);
+    } catch (err) {
+      setMsg(err instanceof Error ? err.message : "Could not remove passkey.");
+    }
+  };
+  if (!isOpen) return null;
+  return /* @__PURE__ */ jsx11(ModalOverlay, { isOpen, onClose, children: /* @__PURE__ */ jsxs10(
+    "div",
+    {
+      className: "fc-modal-content",
+      style: { "--fc-accent": config.appearance?.accentColor ?? "#8b5cf6" },
+      "data-theme": theme,
+      children: [
+        /* @__PURE__ */ jsx11("h2", { className: "fc-modal-title", children: "Passkeys" }),
+        /* @__PURE__ */ jsx11("p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Sign in without a password using biometrics or a security key." }),
+        msg && /* @__PURE__ */ jsx11("p", { className: "fc-error", children: msg }),
+        loading && /* @__PURE__ */ jsx11("p", { className: "fc-text", children: "Loading..." }),
+        /* @__PURE__ */ jsxs10("div", { className: "fc-tab", children: [
+          passkeys.map((pk) => /* @__PURE__ */ jsxs10("div", { className: "fc-account-item", children: [
+            /* @__PURE__ */ jsx11("span", { className: "fc-account-item-icon", children: /* @__PURE__ */ jsxs10("svg", { width: "16", height: "16", viewBox: "0 0 20 20", fill: "none", children: [
+              /* @__PURE__ */ jsx11("circle", { cx: "8", cy: "7", r: "3", stroke: "currentColor", strokeWidth: "1.5" }),
+              /* @__PURE__ */ jsx11("path", { d: "M13 13.5a5 5 0 0 0-10 0", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" }),
+              /* @__PURE__ */ jsx11("path", { d: "M15 10v4m0 0l-1.5-1m1.5 1l1.5-1", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" })
+            ] }) }),
+            /* @__PURE__ */ jsxs10("div", { className: "fc-account-item-info", children: [
+              /* @__PURE__ */ jsx11("span", { className: "fc-account-item-label", children: pk.name || "Passkey" }),
+              /* @__PURE__ */ jsxs10("span", { className: "fc-account-item-detail", children: [
+                pk.deviceType ?? "Unknown device",
+                pk.lastUsedAt ? ` \xB7 Last used ${timeAgo(pk.lastUsedAt)}` : ""
+              ] })
+            ] }),
+            /* @__PURE__ */ jsxs10("div", { className: "fc-account-item-actions", children: [
+              pk.backedUp && /* @__PURE__ */ jsx11("span", { className: "fc-badge-verified", children: "Synced" }),
+              /* @__PURE__ */ jsx11("button", { type: "button", className: "fc-btn-danger-sm", onClick: () => handleDelete(pk.id), children: "Remove" })
+            ] })
+          ] }, pk.id)),
+          !loading && passkeys.length === 0 && /* @__PURE__ */ jsx11("p", { className: "fc-account-empty", children: "No passkeys yet" }),
+          /* @__PURE__ */ jsx11(
+            "button",
+            {
+              type: "button",
+              className: "fc-btn fc-btn-secondary",
+              onClick: handleAdd,
+              disabled: addLoading,
+              style: { marginTop: 8 },
+              children: addLoading ? "Adding..." : "+ Add passkey"
+            }
+          )
+        ] })
+      ]
+    }
+  ) });
+}
+
+// src/components/password-modal.tsx
+import { useState as useState12, useEffect as useEffect8 } from "react";
+
+// src/components/error-view.tsx
+import { jsx as jsx12, jsxs as jsxs11 } from "react/jsx-runtime";
+function ErrorView({
+  title = "Something went wrong",
+  message,
+  onRetry,
+  onClose
+}) {
+  return /* @__PURE__ */ jsxs11("div", { className: "fc-error-view", children: [
+    /* @__PURE__ */ jsx12("div", { className: "fc-error-icon", children: /* @__PURE__ */ jsxs11("svg", { viewBox: "0 0 52 52", className: "fc-error-check", children: [
+      /* @__PURE__ */ jsx12("circle", { className: "fc-error-circle", cx: "26", cy: "26", r: "24", fill: "none" }),
+      /* @__PURE__ */ jsx12("line", { className: "fc-error-cross-1", x1: "16", y1: "16", x2: "36", y2: "36" }),
+      /* @__PURE__ */ jsx12("line", { className: "fc-error-cross-2", x1: "36", y1: "16", x2: "16", y2: "36" })
+    ] }) }),
+    /* @__PURE__ */ jsx12("p", { className: "fc-error-text", children: title }),
+    message && /* @__PURE__ */ jsx12("p", { className: "fc-error-subtext", children: message }),
+    (onRetry || onClose) && /* @__PURE__ */ jsxs11("div", { className: "fc-error-actions", children: [
+      onRetry && /* @__PURE__ */ jsx12("button", { type: "button", className: "fc-btn fc-btn-primary", onClick: onRetry, children: "Try again" }),
+      onClose && /* @__PURE__ */ jsx12("button", { type: "button", className: "fc-btn fc-btn-secondary", onClick: onClose, children: "Close" })
+    ] })
+  ] });
+}
+
+// src/components/password-modal.tsx
+import { Fragment as Fragment4, jsx as jsx13, jsxs as jsxs12 } from "react/jsx-runtime";
+function PasswordModal({ isOpen, onClose, hasPassword }) {
+  const { api, getAccessToken, config } = useForgeConnect();
+  const theme = config.appearance?.theme ?? "light";
+  const [step, setStep] = useState12("form");
+  const [currentPassword, setCurrentPassword] = useState12("");
+  const [newPassword, setNewPassword] = useState12("");
+  const [loading, setLoading] = useState12(false);
+  const [error, setError] = useState12("");
+  useEffect8(() => {
+    if (isOpen) {
+      setStep("form");
+      setCurrentPassword("");
+      setNewPassword("");
+      setError("");
+      setLoading(false);
+    }
+  }, [isOpen]);
+  const handleSubmit = async (e) => {
+    e.preventDefault();
+    setError("");
+    setLoading(true);
+    try {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.setPassword(token, newPassword, hasPassword ? currentPassword : void 0);
+      setStep("done");
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : "Could not set your password. Please try again.";
+      setError(msg);
+      setStep("error");
+    } finally {
+      setLoading(false);
+    }
+  };
+  const title = hasPassword ? "Change password" : "Set a password";
+  return /* @__PURE__ */ jsx13(ModalOverlay, { isOpen, onClose, children: /* @__PURE__ */ jsx13(
+    "div",
+    {
+      className: "fc-modal-content",
+      style: { "--fc-accent": config.appearance?.accentColor ?? "#8b5cf6" },
+      "data-theme": theme,
+      children: step === "done" ? /* @__PURE__ */ jsxs12("div", { className: "fc-tab", style: { textAlign: "center", padding: "24px 0" }, children: [
+        /* @__PURE__ */ jsxs12("div", { className: "fc-success", children: [
+          /* @__PURE__ */ jsx13("div", { className: "fc-success-icon", children: /* @__PURE__ */ jsxs12("svg", { viewBox: "0 0 52 52", className: "fc-success-check", children: [
+            /* @__PURE__ */ jsx13("circle", { className: "fc-success-circle", cx: "26", cy: "26", r: "24", fill: "none" }),
+            /* @__PURE__ */ jsx13("path", { className: "fc-success-tick", fill: "none", d: "M15 26l7.5 7.5L37 19" })
+          ] }) }),
+          /* @__PURE__ */ jsxs12("p", { className: "fc-success-text", children: [
+            "Password ",
+            hasPassword ? "updated" : "set"
+          ] })
+        ] }),
+        /* @__PURE__ */ jsx13("button", { type: "button", className: "fc-btn fc-btn-primary", onClick: onClose, style: { marginTop: 16 }, children: "Done" })
+      ] }) : step === "error" ? /* @__PURE__ */ jsx13(
+        ErrorView,
+        {
+          title: "Password update failed",
+          message: error,
+          onRetry: () => setStep("form"),
+          onClose
+        }
+      ) : /* @__PURE__ */ jsxs12(Fragment4, { children: [
+        /* @__PURE__ */ jsx13("h2", { className: "fc-modal-title", children: title }),
+        /* @__PURE__ */ jsx13("div", { className: "fc-tab", children: /* @__PURE__ */ jsxs12("form", { onSubmit: handleSubmit, className: "fc-form", children: [
+          hasPassword && /* @__PURE__ */ jsxs12("label", { className: "fc-label", children: [
+            "Current password",
+            /* @__PURE__ */ jsx13(
+              "input",
+              {
+                type: "password",
+                className: "fc-input",
+                value: currentPassword,
+                onChange: (e) => setCurrentPassword(e.target.value),
+                placeholder: "Enter current password",
+                required: true,
+                autoComplete: "current-password"
+              }
+            )
+          ] }),
+          /* @__PURE__ */ jsxs12("label", { className: "fc-label", children: [
+            "New password",
+            /* @__PURE__ */ jsx13(
+              "input",
+              {
+                type: "password",
+                className: "fc-input",
+                value: newPassword,
+                onChange: (e) => setNewPassword(e.target.value),
+                placeholder: "8+ characters",
+                required: true,
+                autoComplete: "new-password",
+                minLength: 8
+              }
+            )
+          ] }),
+          error && /* @__PURE__ */ jsx13("p", { className: "fc-error", children: error }),
+          /* @__PURE__ */ jsx13("button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading, children: loading ? "Saving..." : hasPassword ? "Update password" : "Set password" })
+        ] }) })
+      ] })
+    }
+  ) });
+}
+
+// src/components/delete-account-modal.tsx
+import { useState as useState13, useEffect as useEffect9 } from "react";
+import { Fragment as Fragment5, jsx as jsx14, jsxs as jsxs13 } from "react/jsx-runtime";
+function DeleteAccountModal({ isOpen, onClose, onDeleted }) {
+  const { api, getAccessToken, config, logout } = useForgeConnect();
+  const theme = config.appearance?.theme ?? "light";
+  const [step, setStep] = useState13("confirm");
+  const [code, setCode] = useState13("");
+  const [loading, setLoading] = useState13(false);
+  const [error, setError] = useState13("");
+  useEffect9(() => {
+    if (isOpen) {
+      setStep("confirm");
+      setCode("");
+      setError("");
+      setLoading(false);
+    }
+  }, [isOpen]);
+  const handleDelete = async () => {
+    setError("");
+    setLoading(true);
+    try {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      const { requiresVerification } = await api.requestAccountDeletion(token);
+      if (requiresVerification) {
+        setStep("code");
+      } else {
+        await api.confirmAccountDeletion(token);
+        setStep("done");
+      }
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : "Something went wrong. Please try again.";
+      setError(msg);
+      setStep("error");
+    } finally {
+      setLoading(false);
+    }
+  };
+  const handleConfirmCode = async (e) => {
+    e.preventDefault();
+    setError("");
+    setLoading(true);
+    try {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.confirmAccountDeletion(token, code);
+      setStep("done");
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : "Something went wrong. Please try again.";
+      setError(msg);
+      setStep("error");
+    } finally {
+      setLoading(false);
+    }
+  };
+  const handleDone = () => {
+    logout();
+    onDeleted();
+  };
+  if (!isOpen) return null;
+  return /* @__PURE__ */ jsx14(ModalOverlay, { isOpen, onClose: step === "done" ? handleDone : onClose, children: /* @__PURE__ */ jsxs13(
+    "div",
+    {
+      className: "fc-modal-content",
+      style: { "--fc-accent": config.appearance?.accentColor ?? "#8b5cf6" },
+      "data-theme": theme,
+      children: [
+        step === "confirm" && /* @__PURE__ */ jsxs13(Fragment5, { children: [
+          /* @__PURE__ */ jsx14("h2", { className: "fc-modal-title", children: "Delete account" }),
+          /* @__PURE__ */ jsxs13("div", { className: "fc-tab", style: { textAlign: "center" }, children: [
+            /* @__PURE__ */ jsx14("p", { className: "fc-account-section-desc", children: "This will permanently delete your account and all associated data. This action cannot be undone." }),
+            error && /* @__PURE__ */ jsx14("p", { className: "fc-error", children: error }),
+            /* @__PURE__ */ jsx14(
+              "button",
+              {
+                type: "button",
+                className: "fc-btn fc-btn-secondary",
+                onClick: handleDelete,
+                disabled: loading,
+                style: { marginTop: 12, background: "rgba(220, 38, 38, 0.1)", color: "#dc2626", borderColor: "rgba(220, 38, 38, 0.2)" },
+                children: loading ? "Processing..." : "Delete my account"
+              }
+            ),
+            /* @__PURE__ */ jsx14("div", { style: { marginTop: 12 }, children: /* @__PURE__ */ jsx14("button", { type: "button", className: "fc-link", onClick: onClose, children: "Cancel" }) })
+          ] })
+        ] }),
+        step === "code" && /* @__PURE__ */ jsxs13(Fragment5, { children: [
+          /* @__PURE__ */ jsx14("h2", { className: "fc-modal-title", children: "Verify your identity" }),
+          /* @__PURE__ */ jsxs13("div", { className: "fc-tab", children: [
+            /* @__PURE__ */ jsx14("p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Enter the 6-digit code sent to your email to confirm deletion." }),
+            error && /* @__PURE__ */ jsx14("p", { className: "fc-error", children: error }),
+            /* @__PURE__ */ jsxs13("form", { onSubmit: handleConfirmCode, className: "fc-form", children: [
+              /* @__PURE__ */ jsx14(
+                "input",
+                {
+                  className: "fc-input",
+                  type: "text",
+                  inputMode: "numeric",
+                  placeholder: "Enter 6-digit code",
+                  maxLength: 6,
+                  value: code,
+                  onChange: (e) => setCode(e.target.value.replace(/\D/g, "")),
+                  style: { textAlign: "center", letterSpacing: "0.2em" },
+                  autoFocus: true
+                }
+              ),
+              /* @__PURE__ */ jsx14(
+                "button",
+                {
+                  type: "submit",
+                  className: "fc-btn fc-btn-secondary",
+                  disabled: loading || code.length !== 6,
+                  style: { marginTop: 10, background: "rgba(220, 38, 38, 0.1)", color: "#dc2626", borderColor: "rgba(220, 38, 38, 0.2)" },
+                  children: loading ? "Deleting..." : "Delete my account"
+                }
+              )
+            ] }),
+            /* @__PURE__ */ jsx14("div", { style: { marginTop: 12, textAlign: "center" }, children: /* @__PURE__ */ jsx14("button", { type: "button", className: "fc-link", onClick: onClose, children: "Cancel" }) })
+          ] })
+        ] }),
+        step === "done" && /* @__PURE__ */ jsxs13("div", { className: "fc-tab", style: { textAlign: "center", padding: "24px 0" }, children: [
+          /* @__PURE__ */ jsxs13("div", { className: "fc-success", children: [
+            /* @__PURE__ */ jsx14("div", { className: "fc-success-icon", children: /* @__PURE__ */ jsxs13("svg", { viewBox: "0 0 52 52", className: "fc-success-check", children: [
+              /* @__PURE__ */ jsx14("circle", { className: "fc-success-circle", cx: "26", cy: "26", r: "24", fill: "none" }),
+              /* @__PURE__ */ jsx14("path", { className: "fc-success-tick", fill: "none", d: "M15 26l7.5 7.5L37 19" })
+            ] }) }),
+            /* @__PURE__ */ jsx14("p", { className: "fc-success-text", children: "Account deleted" })
+          ] }),
+          /* @__PURE__ */ jsx14("button", { type: "button", className: "fc-btn fc-btn-primary", onClick: handleDone, style: { marginTop: 16 }, children: "Done" })
+        ] }),
+        step === "error" && /* @__PURE__ */ jsx14(
+          ErrorView,
+          {
+            title: "Deletion failed",
+            message: error,
+            onRetry: () => setStep("confirm"),
+            onClose
+          }
+        )
+      ]
+    }
+  ) });
+}
+
+// src/components/account-modal.tsx
+import { jsx as jsx15, jsxs as jsxs14 } from "react/jsx-runtime";
+var METHOD_DISPLAY = {
+  email: {
+    label: "Email",
+    iconHtml: '<svg width="16" height="16" viewBox="0 0 20 20" fill="none"><rect x="2" y="4" width="16" height="12" rx="2" stroke="currentColor" stroke-width="1.5"/><path d="M2 6l8 5 8-5" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"/></svg>'
+  },
+  solana_wallet: {
+    label: "Solana Wallet",
+    iconHtml: '<svg width="16" height="16" viewBox="0 0 20 20" fill="none"><rect x="2" y="5" width="16" height="11" rx="2" stroke="currentColor" stroke-width="1.5"/><rect x="13" y="9" width="5" height="3" rx="1" stroke="currentColor" stroke-width="1.5"/></svg>'
+  },
+  ethereum_wallet: {
+    label: "Ethereum Wallet",
+    iconHtml: '<svg width="16" height="16" viewBox="0 0 20 20" fill="none"><rect x="2" y="5" width="16" height="11" rx="2" stroke="currentColor" stroke-width="1.5"/><rect x="13" y="9" width="5" height="3" rx="1" stroke="currentColor" stroke-width="1.5"/></svg>'
+  }
+};
+function getMethodDisplay(provider) {
+  if (provider in PROVIDER_INFO) {
+    const info = PROVIDER_INFO[provider];
+    return { label: info.label, iconHtml: info.icon };
+  }
+  return METHOD_DISPLAY[provider] ?? { label: provider, iconHtml: void 0 };
+}
+function truncate(str, max = 12) {
+  if (str.length <= max) return str;
+  return `${str.slice(0, 6)}...${str.slice(-4)}`;
+}
+var ChevronRight = () => /* @__PURE__ */ jsx15("span", { className: "fc-security-card-chevron", children: /* @__PURE__ */ jsx15("svg", { viewBox: "0 0 16 16", fill: "none", children: /* @__PURE__ */ jsx15("path", { d: "M6 4l4 4-4 4", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" }) }) });
+var TABS = [
+  { key: "profile", label: "Profile" },
+  { key: "auth-methods", label: "Logins" },
+  { key: "wallets", label: "Wallets" },
+  { key: "sessions", label: "Security" }
+];
+function AccountModal() {
+  const { accountModal, closeAccountModal, openLinkModal, linkModal, config, logout } = useForgeConnect();
+  const { user } = useUser();
+  const [activeTab, setActiveTab] = useState14("profile");
+  const [refreshKey, setRefreshKey] = useState14(0);
+  const prevLinkOpen = useRef7(false);
+  useEffect10(() => {
+    if (prevLinkOpen.current && !linkModal.isOpen) {
+      setRefreshKey((k) => k + 1);
+    }
+    prevLinkOpen.current = linkModal.isOpen;
+  }, [linkModal.isOpen]);
+  if (!accountModal.isOpen) return null;
+  const theme = config.appearance?.theme ?? "light";
+  const initial = (user?.displayName ?? user?.primaryEmail ?? "?").charAt(0).toUpperCase();
+  return /* @__PURE__ */ jsx15(ModalOverlay, { isOpen: accountModal.isOpen, onClose: closeAccountModal, children: /* @__PURE__ */ jsxs14(
+    "div",
+    {
+      className: "fc-modal-content",
+      style: { "--fc-accent": config.appearance?.accentColor ?? "#8b5cf6" },
+      "data-theme": theme,
+      children: [
+        /* @__PURE__ */ jsxs14("div", { className: "fc-account-hero", children: [
+          user?.avatarUrl ? /* @__PURE__ */ jsx15("img", { src: user.avatarUrl, alt: "", className: "fc-account-hero-avatar" }) : /* @__PURE__ */ jsx15("span", { className: "fc-account-hero-avatar fc-account-hero-avatar-placeholder", children: initial }),
+          /* @__PURE__ */ jsxs14("div", { className: "fc-account-hero-info", children: [
+            /* @__PURE__ */ jsx15("span", { className: "fc-account-hero-name", children: user?.displayName ?? "Your account" }),
+            user?.primaryEmail && /* @__PURE__ */ jsx15("span", { className: "fc-account-hero-email", children: user.primaryEmail })
+          ] })
+        ] }),
+        /* @__PURE__ */ jsx15("div", { className: "fc-account-tabs", children: TABS.map((tab) => /* @__PURE__ */ jsx15(
+          "button",
+          {
+            type: "button",
+            className: `fc-account-tab${activeTab === tab.key ? " fc-account-tab-active" : ""}`,
+            onClick: () => setActiveTab(tab.key),
+            children: tab.label
+          },
+          tab.key
+        )) }),
+        activeTab === "profile" && /* @__PURE__ */ jsx15(ProfileTab, {}),
+        activeTab === "auth-methods" && /* @__PURE__ */ jsx15(LoginsTab, { onLink: () => openLinkModal("auth"), refreshKey }),
+        activeTab === "wallets" && /* @__PURE__ */ jsx15(WalletsTab, { onLink: () => openLinkModal("wallet"), refreshKey }),
+        activeTab === "sessions" && /* @__PURE__ */ jsx15(SecurityTab, {}),
+        /* @__PURE__ */ jsx15("div", { className: "fc-account-footer", children: /* @__PURE__ */ jsxs14(
+          "button",
+          {
+            type: "button",
+            className: "fc-btn-logout",
+            onClick: () => {
+              logout();
+              closeAccountModal();
+            },
+            children: [
+              /* @__PURE__ */ jsx15("svg", { width: "14", height: "14", viewBox: "0 0 20 20", fill: "none", children: /* @__PURE__ */ jsx15("path", { d: "M7 17H4a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h3M13 14l4-4-4-4M17 10H7", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" }) }),
+              "Log out"
+            ]
+          }
+        ) })
+      ]
+    }
+  ) });
+}
+function ProfileTab() {
+  const { user, updateProfile } = useUser();
+  const [displayName, setDisplayName] = useState14(user?.displayName ?? "");
+  const [avatarUrl, setAvatarUrl] = useState14(user?.avatarUrl ?? "");
+  const [loading, setLoading] = useState14(false);
+  const [msg, setMsg] = useState14(null);
+  useEffect10(() => {
+    setDisplayName(user?.displayName ?? "");
+    setAvatarUrl(user?.avatarUrl ?? "");
+  }, [user]);
+  const handleSave = async () => {
+    setLoading(true);
+    setMsg(null);
+    try {
+      await updateProfile({
+        displayName: displayName || void 0,
+        avatarUrl: avatarUrl || void 0
+      });
+      setMsg({ text: "Profile updated", ok: true });
+    } catch (err) {
+      setMsg({ text: err instanceof Error ? err.message : "Something went wrong. Please try again.", ok: false });
+    } finally {
+      setLoading(false);
+    }
+  };
+  return /* @__PURE__ */ jsx15("div", { className: "fc-tab", children: /* @__PURE__ */ jsxs14("div", { className: "fc-form", children: [
+    /* @__PURE__ */ jsxs14("label", { className: "fc-label", children: [
+      "Name",
+      /* @__PURE__ */ jsx15(
+        "input",
+        {
+          className: "fc-input",
+          value: displayName,
+          onChange: (e) => setDisplayName(e.target.value),
+          placeholder: "How should we call you?"
+        }
+      )
+    ] }),
+    /* @__PURE__ */ jsxs14("label", { className: "fc-label", children: [
+      "Photo URL",
+      /* @__PURE__ */ jsx15(
+        "input",
+        {
+          className: "fc-input",
+          value: avatarUrl,
+          onChange: (e) => setAvatarUrl(e.target.value),
+          placeholder: "Paste a link to your photo"
+        }
+      )
+    ] }),
+    /* @__PURE__ */ jsx15("button", { type: "button", className: "fc-btn fc-btn-primary", onClick: handleSave, disabled: loading, children: loading ? "Saving..." : "Save changes" }),
+    msg && /* @__PURE__ */ jsx15("p", { className: msg.ok ? "fc-text" : "fc-error", children: msg.text })
+  ] }) });
+}
+function LoginsTab({ onLink, refreshKey }) {
+  const { authMethods, loading, fetchAuthMethods, unlinkAuthMethod } = useUser();
+  const [msg, setMsg] = useState14("");
+  useEffect10(() => {
+    fetchAuthMethods().catch(() => {
+    });
+  }, [fetchAuthMethods, refreshKey]);
+  const handleRemove = async (id) => {
+    setMsg("");
+    try {
+      await unlinkAuthMethod(id);
+    } catch (err) {
+      setMsg(err instanceof Error ? err.message : "Could not remove this sign-in method. Please try again.");
+    }
+  };
+  return /* @__PURE__ */ jsxs14("div", { className: "fc-tab", children: [
+    msg && /* @__PURE__ */ jsx15("p", { className: "fc-error", children: msg }),
+    loading && /* @__PURE__ */ jsx15("p", { className: "fc-text", children: "Loading..." }),
+    /* @__PURE__ */ jsx15("p", { className: "fc-account-section-desc", children: "Ways you can sign in to your account." }),
+    authMethods?.map((m) => {
+      const display = getMethodDisplay(m.provider);
+      const detail = m.provider === "email" ? m.providerId : m.provider.endsWith("_wallet") ? truncate(m.providerId) : m.providerId;
+      return /* @__PURE__ */ jsxs14("div", { className: "fc-account-item", children: [
+        display.iconHtml && /* @__PURE__ */ jsx15(SvgIcon, { svg: display.iconHtml, className: "fc-account-item-icon" }),
+        /* @__PURE__ */ jsxs14("div", { className: "fc-account-item-info", children: [
+          /* @__PURE__ */ jsx15("span", { className: "fc-account-item-label", children: display.label }),
+          /* @__PURE__ */ jsx15("span", { className: "fc-account-item-detail", children: detail })
+        ] }),
+        /* @__PURE__ */ jsxs14("div", { className: "fc-account-item-actions", children: [
+          m.isVerified && /* @__PURE__ */ jsx15("span", { className: "fc-badge-verified", children: "Verified" }),
+          /* @__PURE__ */ jsx15("button", { type: "button", className: "fc-btn-danger-sm", onClick: () => handleRemove(m.id), children: "Remove" })
+        ] })
+      ] }, m.id);
+    }),
+    authMethods?.length === 0 && /* @__PURE__ */ jsx15("p", { className: "fc-account-empty", children: "No login methods yet" }),
+    /* @__PURE__ */ jsx15("button", { type: "button", className: "fc-btn fc-btn-secondary", onClick: onLink, style: { marginTop: 8 }, children: "+ Add login method" })
+  ] });
+}
+function WalletsTab({ onLink, refreshKey }) {
+  const { wallets, loading, fetchWallets, updateWallet } = useWallets();
+  const [msg, setMsg] = useState14("");
+  useEffect10(() => {
+    fetchWallets().catch(() => {
+    });
+  }, [fetchWallets, refreshKey]);
+  const handleSetPrimary = async (id) => {
+    setMsg("");
+    try {
+      await updateWallet(id, { isPrimary: true });
+    } catch (err) {
+      setMsg(err instanceof Error ? err.message : "Could not update this wallet. Please try again.");
+    }
+  };
+  return /* @__PURE__ */ jsxs14("div", { className: "fc-tab", children: [
+    msg && /* @__PURE__ */ jsx15("p", { className: "fc-error", children: msg }),
+    loading && /* @__PURE__ */ jsx15("p", { className: "fc-text", children: "Loading..." }),
+    /* @__PURE__ */ jsx15("p", { className: "fc-account-section-desc", children: "Crypto wallets connected to your account." }),
+    wallets?.map((w) => /* @__PURE__ */ jsxs14("div", { className: "fc-account-item", children: [
+      /* @__PURE__ */ jsx15(SvgIcon, { svg: METHOD_DISPLAY[`${w.chain}_wallet`]?.iconHtml ?? "", className: "fc-account-item-icon" }),
+      /* @__PURE__ */ jsxs14("div", { className: "fc-account-item-info", children: [
+        /* @__PURE__ */ jsxs14("span", { className: "fc-account-item-label", children: [
+          w.chain.charAt(0).toUpperCase() + w.chain.slice(1),
+          w.isPrimary && /* @__PURE__ */ jsx15("span", { className: "fc-badge-primary", style: { marginLeft: 6 }, children: "Primary" })
+        ] }),
+        /* @__PURE__ */ jsx15("span", { className: "fc-account-item-detail", children: truncate(w.address) })
+      ] }),
+      /* @__PURE__ */ jsx15("div", { className: "fc-account-item-actions", children: !w.isPrimary && /* @__PURE__ */ jsx15("button", { type: "button", className: "fc-btn-primary-sm", onClick: () => handleSetPrimary(w.id), children: "Make primary" }) })
+    ] }, w.id)),
+    wallets?.length === 0 && /* @__PURE__ */ jsx15("p", { className: "fc-account-empty", children: "No wallets connected" }),
+    /* @__PURE__ */ jsx15("button", { type: "button", className: "fc-btn fc-btn-secondary", onClick: onLink, style: { marginTop: 8 }, children: "+ Connect wallet" })
+  ] });
+}
+function SecurityTab() {
+  const { sessions, loading, fetchSessions, revokeSession } = useSessions();
+  const { logoutAll, logout, closeAccountModal, api, getAccessToken } = useForgeConnect();
+  const { user, authMethods: userAuthMethods, fetchAuthMethods } = useUser();
+  const [msg, setMsg] = useState14("");
+  const [totpEnabled, setTotpEnabled] = useState14(null);
+  const [passkeyCount, setPasskeyCount] = useState14(0);
+  const [show2FAModal, setShow2FAModal] = useState14(false);
+  const [showPasskeyModal, setShowPasskeyModal] = useState14(false);
+  const [showPasswordModal, setShowPasswordModal] = useState14(false);
+  const [showDeleteModal, setShowDeleteModal] = useState14(false);
+  const refreshStatus = useCallback7(() => {
+    const token = getAccessToken();
+    if (!token) return;
+    api.get2FAStatus(token).then((r) => setTotpEnabled(r.enabled)).catch(() => {
+    });
+  }, [api, getAccessToken]);
+  const refreshPasskeyCount = useCallback7(() => {
+    const token = getAccessToken();
+    if (!token) return;
+    api.getPasskeys(token).then((list) => setPasskeyCount(list.length)).catch(() => {
+    });
+  }, [api, getAccessToken]);
+  useEffect10(() => {
+    fetchSessions().catch(() => {
+    });
+    fetchAuthMethods().catch(() => {
+    });
+    refreshStatus();
+    refreshPasskeyCount();
+  }, [fetchSessions, fetchAuthMethods, refreshStatus, refreshPasskeyCount]);
+  const hasPassword = userAuthMethods?.some((m) => m.provider === "email");
+  const handleRevoke = async (id) => {
+    setMsg("");
+    try {
+      await revokeSession(id);
+    } catch (err) {
+      setMsg(err instanceof Error ? err.message : "Could not sign out this session. Please try again.");
+    }
+  };
+  return /* @__PURE__ */ jsxs14("div", { className: "fc-tab", children: [
+    msg && /* @__PURE__ */ jsx15("p", { className: "fc-error", children: msg }),
+    /* @__PURE__ */ jsxs14("button", { type: "button", className: "fc-security-card", onClick: () => setShow2FAModal(true), children: [
+      /* @__PURE__ */ jsx15("span", { className: "fc-security-card-icon", children: /* @__PURE__ */ jsxs14("svg", { viewBox: "0 0 20 20", fill: "none", children: [
+        /* @__PURE__ */ jsx15("path", { d: "M10 2l6 3v4c0 4.42-2.56 8.22-6 9.5C6.56 17.22 4 13.42 4 9V5l6-3z", stroke: "currentColor", strokeWidth: "1.5", strokeLinejoin: "round" }),
+        /* @__PURE__ */ jsx15("path", { d: "M7.5 10.5l2 2 3.5-4", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" })
+      ] }) }),
+      /* @__PURE__ */ jsxs14("span", { className: "fc-security-card-info", children: [
+        /* @__PURE__ */ jsx15("span", { className: "fc-security-card-label", children: "Two-factor authentication" }),
+        /* @__PURE__ */ jsx15("span", { className: "fc-security-card-detail", children: totpEnabled === null ? "Loading..." : totpEnabled ? "Enabled" : "Not enabled" })
+      ] }),
+      /* @__PURE__ */ jsx15(ChevronRight, {})
+    ] }),
+    /* @__PURE__ */ jsxs14("button", { type: "button", className: "fc-security-card", onClick: () => setShowPasskeyModal(true), children: [
+      /* @__PURE__ */ jsx15("span", { className: "fc-security-card-icon", children: /* @__PURE__ */ jsxs14("svg", { viewBox: "0 0 20 20", fill: "none", children: [
+        /* @__PURE__ */ jsx15("circle", { cx: "8", cy: "7", r: "3", stroke: "currentColor", strokeWidth: "1.5" }),
+        /* @__PURE__ */ jsx15("path", { d: "M13 13.5a5 5 0 0 0-10 0", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" }),
+        /* @__PURE__ */ jsx15("path", { d: "M15 10v4m0 0l-1.5-1m1.5 1l1.5-1", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" })
+      ] }) }),
+      /* @__PURE__ */ jsxs14("span", { className: "fc-security-card-info", children: [
+        /* @__PURE__ */ jsx15("span", { className: "fc-security-card-label", children: "Passkeys" }),
+        /* @__PURE__ */ jsx15("span", { className: "fc-security-card-detail", children: passkeyCount === 0 ? "No passkeys" : `${passkeyCount} passkey${passkeyCount !== 1 ? "s" : ""}` })
+      ] }),
+      /* @__PURE__ */ jsx15(ChevronRight, {})
+    ] }),
+    user?.primaryEmail && /* @__PURE__ */ jsxs14(
+      "button",
       {
         type: "button",
-        className: "fc-btn fc-btn-method",
-        onClick: () => setModalStep("email-login"),
+        className: "fc-security-card",
+        onClick: () => setShowPasswordModal(true),
         children: [
-          /* @__PURE__ */ jsxs6("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
-            /* @__PURE__ */ jsx6("rect", { x: "2", y: "4", width: "16", height: "12", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
-            /* @__PURE__ */ jsx6("path", { d: "M2 6l8 5 8-5", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
+          /* @__PURE__ */ jsx15("span", { className: "fc-security-card-icon", children: /* @__PURE__ */ jsxs14("svg", { viewBox: "0 0 20 20", fill: "none", children: [
+            /* @__PURE__ */ jsx15("rect", { x: "3", y: "9", width: "14", height: "8", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
+            /* @__PURE__ */ jsx15("path", { d: "M6 9V6a4 4 0 1 1 8 0v3", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
+          ] }) }),
+          /* @__PURE__ */ jsxs14("span", { className: "fc-security-card-info", children: [
+            /* @__PURE__ */ jsx15("span", { className: "fc-security-card-label", children: "Password" }),
+            /* @__PURE__ */ jsx15("span", { className: "fc-security-card-detail", children: hasPassword ? "Change your password" : "Set a password" })
           ] }),
-          "Continue with email"
+          /* @__PURE__ */ jsx15(ChevronRight, {})
         ]
       }
     ),
-    config.passwordlessLogin !== false && /* @__PURE__ */ jsxs6(
+    /* @__PURE__ */ jsx15("div", { className: "fc-divider", style: { margin: "16px 0" }, children: /* @__PURE__ */ jsx15("span", { children: "active sessions" }) }),
+    loading && /* @__PURE__ */ jsx15("p", { className: "fc-text", children: "Loading..." }),
+    sessions?.map((s) => /* @__PURE__ */ jsxs14("div", { className: "fc-account-item", children: [
+      /* @__PURE__ */ jsx15("span", { className: "fc-account-item-icon", children: /* @__PURE__ */ jsxs14("svg", { width: "16", height: "16", viewBox: "0 0 20 20", fill: "none", children: [
+        /* @__PURE__ */ jsx15("rect", { x: "2", y: "3", width: "16", height: "11", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
+        /* @__PURE__ */ jsx15("path", { d: "M7 17h6M10 14v3", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
+      ] }) }),
+      /* @__PURE__ */ jsxs14("div", { className: "fc-account-item-info", children: [
+        /* @__PURE__ */ jsx15("span", { className: "fc-account-item-label", children: s.ipAddress === "127.0.0.1" || s.ipAddress === "::1" ? "This device" : truncate(s.ipAddress, 20) }),
+        /* @__PURE__ */ jsxs14("span", { className: "fc-account-item-detail", children: [
+          "Active ",
+          timeAgo(s.lastActiveAt),
+          " \xB7 Expires ",
+          new Date(s.expiresAt).toLocaleDateString()
+        ] })
+      ] }),
+      /* @__PURE__ */ jsx15("div", { className: "fc-account-item-actions", children: /* @__PURE__ */ jsx15("button", { type: "button", className: "fc-btn-danger-sm", onClick: () => handleRevoke(s.id), children: "Sign out" }) })
+    ] }, s.id)),
+    sessions?.length === 0 && /* @__PURE__ */ jsx15("p", { className: "fc-account-empty", children: "No active sessions" }),
+    sessions && sessions.length > 1 && /* @__PURE__ */ jsx15(
       "button",
       {
         type: "button",
-        className: "fc-btn fc-btn-method",
-        onClick: () => setModalStep("email-otp"),
-        children: [
-          /* @__PURE__ */ jsxs6("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
-            /* @__PURE__ */ jsx6("rect", { x: "3", y: "6", width: "14", height: "9", rx: "1.5", stroke: "currentColor", strokeWidth: "1.5" }),
-            /* @__PURE__ */ jsx6("circle", { cx: "6.5", cy: "10.5", r: "1", fill: "currentColor" }),
-            /* @__PURE__ */ jsx6("circle", { cx: "10", cy: "10.5", r: "1", fill: "currentColor" }),
-            /* @__PURE__ */ jsx6("circle", { cx: "13.5", cy: "10.5", r: "1", fill: "currentColor" })
-          ] }),
-          "Continue with code"
-        ]
+        className: "fc-btn fc-btn-secondary",
+        onClick: () => {
+          logoutAll();
+        },
+        style: { marginTop: 8 },
+        children: "Sign out of all devices"
       }
     ),
-    config.walletLogin !== false && /* @__PURE__ */ jsxs6(
+    /* @__PURE__ */ jsx15("div", { className: "fc-divider", style: { margin: "16px 0" }, children: /* @__PURE__ */ jsx15("span", { children: "danger zone" }) }),
+    /* @__PURE__ */ jsx15(
+      "button",
+      {
+        type: "button",
+        className: "fc-btn fc-btn-secondary",
+        onClick: () => setShowDeleteModal(true),
+        style: { background: "rgba(220, 38, 38, 0.1)", color: "#dc2626", borderColor: "rgba(220, 38, 38, 0.2)" },
+        children: "Delete account"
+      }
+    ),
+    /* @__PURE__ */ jsx15(
+      TwoFactorModal,
+      {
+        isOpen: show2FAModal,
+        onClose: () => {
+          setShow2FAModal(false);
+          refreshStatus();
+        },
+        initialEnabled: totpEnabled ?? false,
+        onStatusChange: (e) => setTotpEnabled(e)
+      }
+    ),
+    /* @__PURE__ */ jsx15(
+      PasskeysModal,
+      {
+        isOpen: showPasskeyModal,
+        onClose: () => {
+          setShowPasskeyModal(false);
+          refreshPasskeyCount();
+        },
+        onCountChange: (count) => setPasskeyCount(count)
+      }
+    ),
+    user?.primaryEmail && /* @__PURE__ */ jsx15(
+      PasswordModal,
+      {
+        isOpen: showPasswordModal,
+        onClose: () => {
+          setShowPasswordModal(false);
+          fetchAuthMethods().catch(() => {
+          });
+        },
+        hasPassword: hasPassword ?? false
+      }
+    ),
+    /* @__PURE__ */ jsx15(
+      DeleteAccountModal,
+      {
+        isOpen: showDeleteModal,
+        onClose: () => setShowDeleteModal(false),
+        onDeleted: () => {
+          logout();
+          closeAccountModal();
+        }
+      }
+    )
+  ] });
+}
+
+// src/components/link-auth-modal.tsx
+import { useState as useState15, useEffect as useEffect11, useMemo as useMemo2 } from "react";
+import { Fragment as Fragment6, jsx as jsx16, jsxs as jsxs15 } from "react/jsx-runtime";
+function LinkAuthModal() {
+  const { linkModal, closeLinkModal, config } = useForgeConnect();
+  const { linkOAuth, authMethods } = useUser();
+  const mode = linkModal.mode ?? "auth";
+  const [step, setStep] = useState15("method-select");
+  const [fatalError, setFatalError] = useState15("");
+  useEffect11(() => {
+    if (linkModal.isOpen) {
+      setStep(mode === "wallet" ? "wallet" : "method-select");
+      setFatalError("");
+    }
+  }, [linkModal.isOpen, mode]);
+  useEffect11(() => {
+    if (!linkModal.isOpen) return;
+    const handleMessage = (event) => {
+      if (event.origin !== window.location.origin) return;
+      if (event.data?.type === "fc_oauth_link_success") {
+        setStep("success");
+        setTimeout(() => {
+          handleClose();
+        }, 1500);
+      }
+    };
+    window.addEventListener("message", handleMessage);
+    return () => window.removeEventListener("message", handleMessage);
+  }, [linkModal.isOpen]);
+  if (!linkModal.isOpen) return null;
+  const theme = config.appearance?.theme ?? "light";
+  const handleClose = () => {
+    setStep("method-select");
+    closeLinkModal();
+  };
+  const handleSuccess = () => {
+    setStep("success");
+    setTimeout(() => {
+      handleClose();
+    }, 1500);
+  };
+  const handleOAuthDirect = (provider) => {
+    linkOAuth(provider);
+  };
+  const handleFatalError = (msg) => {
+    setFatalError(msg);
+    setStep("error");
+  };
+  const title = step === "success" || step === "error" ? "" : step === "email" ? "Link email" : step === "otp" ? "Link email" : mode === "wallet" || step === "wallet" ? "Connect wallet" : "Link a method";
+  return /* @__PURE__ */ jsx16(ModalOverlay, { isOpen: linkModal.isOpen, onClose: handleClose, children: /* @__PURE__ */ jsx16(
+    "div",
+    {
+      className: "fc-modal-content",
+      style: { "--fc-accent": config.appearance?.accentColor ?? "#8b5cf6" },
+      "data-theme": theme,
+      children: step === "success" ? /* @__PURE__ */ jsx16(SuccessView2, {}) : step === "error" ? /* @__PURE__ */ jsx16(
+        ErrorView,
+        {
+          title: "Linking failed",
+          message: fatalError,
+          onRetry: () => setStep(mode === "wallet" ? "wallet" : "method-select"),
+          onClose: handleClose
+        }
+      ) : /* @__PURE__ */ jsxs15(Fragment6, { children: [
+        /* @__PURE__ */ jsx16("h2", { className: "fc-modal-title", children: title }),
+        step === "method-select" && /* @__PURE__ */ jsx16(
+          AuthMethodSelectStep,
+          {
+            config,
+            connectedProviders: authMethods?.map((m) => m.provider) ?? [],
+            onSelectEmail: () => setStep("email"),
+            onSelectOtp: () => setStep("otp"),
+            onOAuth: handleOAuthDirect
+          }
+        ),
+        step === "email" && /* @__PURE__ */ jsx16(
+          EmailLinkStep,
+          {
+            onBack: mode === "wallet" ? void 0 : () => setStep("method-select"),
+            onSuccess: handleSuccess,
+            onFatalError: handleFatalError
+          }
+        ),
+        step === "otp" && /* @__PURE__ */ jsx16(
+          OtpLinkStep,
+          {
+            onBack: () => setStep("method-select"),
+            onSuccess: handleSuccess,
+            onFatalError: handleFatalError
+          }
+        ),
+        step === "wallet" && /* @__PURE__ */ jsx16(
+          WalletLinkStep,
+          {
+            onBack: mode === "wallet" ? void 0 : () => setStep("method-select"),
+            onSuccess: handleSuccess,
+            onFatalError: handleFatalError
+          }
+        )
+      ] })
+    }
+  ) });
+}
+var EmailIcon2 = () => /* @__PURE__ */ jsx16("div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ jsxs15("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
+  /* @__PURE__ */ jsx16("rect", { x: "2", y: "4", width: "16", height: "12", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
+  /* @__PURE__ */ jsx16("path", { d: "M2 6l8 5 8-5", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
+] }) });
+var MagicCodeIcon = () => /* @__PURE__ */ jsx16("div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ jsxs15("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
+  /* @__PURE__ */ jsx16("rect", { x: "3", y: "5", width: "14", height: "10", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
+  /* @__PURE__ */ jsx16("path", { d: "M7 10h1.5M9.5 10h1M11.5 10h1.5", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
+] }) });
+function AuthMethodSelectStep({
+  config,
+  connectedProviders,
+  onSelectEmail,
+  onSelectOtp,
+  onOAuth
+}) {
+  const methods = resolveLoginMethods(config);
+  const connectedSet = new Set(connectedProviders);
+  const hasEmail = connectedSet.has("email");
+  const availableMethods = methods.filter((m) => {
+    if (m === "wallet" || m === "passkey") return false;
+    if (m === "email") return !hasEmail;
+    if (m === "otp") return !hasEmail;
+    if (isOAuthMethod(m)) return !connectedSet.has(m);
+    return false;
+  });
+  if (availableMethods.length === 0) {
+    return /* @__PURE__ */ jsx16("div", { className: "fc-tab", children: /* @__PURE__ */ jsx16("p", { className: "fc-text", children: "All available login methods are already connected." }) });
+  }
+  return /* @__PURE__ */ jsx16("div", { className: "fc-tab", children: availableMethods.map((method) => {
+    if (method === "email") {
+      return /* @__PURE__ */ jsxs15("button", { type: "button", className: "fc-btn fc-btn-method", onClick: onSelectEmail, children: [
+        /* @__PURE__ */ jsx16(EmailIcon2, {}),
+        " ",
+        /* @__PURE__ */ jsx16("span", { className: "fc-btn-name", children: "Email & password" })
+      ] }, "email");
+    }
+    if (method === "otp") {
+      return /* @__PURE__ */ jsxs15("button", { type: "button", className: "fc-btn fc-btn-method", onClick: onSelectOtp, children: [
+        /* @__PURE__ */ jsx16(MagicCodeIcon, {}),
+        " ",
+        /* @__PURE__ */ jsx16("span", { className: "fc-btn-name", children: "Magic code" })
+      ] }, "otp");
+    }
+    const provider = method;
+    const info = PROVIDER_INFO[provider];
+    if (!info) return null;
+    return /* @__PURE__ */ jsxs15(
       "button",
       {
         type: "button",
         className: "fc-btn fc-btn-method",
-        onClick: () => setModalStep("wallet-connect"),
+        onClick: () => onOAuth(provider),
         children: [
-          /* @__PURE__ */ jsxs6("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
-            /* @__PURE__ */ jsx6("rect", { x: "2", y: "5", width: "16", height: "11", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
-            /* @__PURE__ */ jsx6("rect", { x: "13", y: "9", width: "5", height: "3", rx: "1", stroke: "currentColor", strokeWidth: "1.5" })
-          ] }),
-          "Continue with wallet"
+          /* @__PURE__ */ jsx16(SvgIcon, { svg: info.icon, className: "fc-oauth-icon" }),
+          /* @__PURE__ */ jsx16("span", { className: "fc-btn-name", children: info.label })
         ]
+      },
+      provider
+    );
+  }) });
+}
+function EmailLinkStep({ onBack, onSuccess, onFatalError }) {
+  const { linkAuthMethod } = useUser();
+  const [email, setEmail] = useState15("");
+  const [password, setPassword] = useState15("");
+  const [loading, setLoading] = useState15(false);
+  const [error, setError] = useState15("");
+  const handleSubmit = async (e) => {
+    e.preventDefault();
+    setLoading(true);
+    setError("");
+    try {
+      await linkAuthMethod({ provider: "email", email, password });
+      onSuccess();
+    } catch (err) {
+      onFatalError(err instanceof Error ? err.message : "Could not link this email. Please try again.");
+    } finally {
+      setLoading(false);
+    }
+  };
+  return /* @__PURE__ */ jsxs15("div", { className: "fc-tab", children: [
+    error && /* @__PURE__ */ jsx16("p", { className: "fc-error", children: error }),
+    /* @__PURE__ */ jsxs15("form", { className: "fc-form", onSubmit: handleSubmit, children: [
+      /* @__PURE__ */ jsxs15("label", { className: "fc-label", children: [
+        "Email",
+        /* @__PURE__ */ jsx16("input", { className: "fc-input", type: "email", value: email, onChange: (e) => setEmail(e.target.value), required: true, placeholder: "you@example.com" })
+      ] }),
+      /* @__PURE__ */ jsxs15("label", { className: "fc-label", children: [
+        "Password",
+        /* @__PURE__ */ jsx16("input", { className: "fc-input", type: "password", value: password, onChange: (e) => setPassword(e.target.value), required: true, minLength: 8, placeholder: "8+ characters" })
+      ] }),
+      /* @__PURE__ */ jsx16("button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading, children: loading ? "Linking..." : "Link email" })
+    ] }),
+    onBack && /* @__PURE__ */ jsx16("div", { className: "fc-switch", children: /* @__PURE__ */ jsx16("button", { type: "button", className: "fc-link", onClick: onBack, children: "Back" }) })
+  ] });
+}
+function OtpLinkStep({ onBack, onSuccess, onFatalError }) {
+  const { linkOtpSend, linkOtpVerify } = useUser();
+  const [email, setEmail] = useState15("");
+  const [code, setCode] = useState15("");
+  const [codeSent, setCodeSent] = useState15(false);
+  const [loading, setLoading] = useState15(false);
+  const [error, setError] = useState15("");
+  const handleSendCode = async (e) => {
+    e.preventDefault();
+    setLoading(true);
+    setError("");
+    try {
+      await linkOtpSend(email);
+      setCodeSent(true);
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Could not send code. Please try again.");
+    } finally {
+      setLoading(false);
+    }
+  };
+  const handleVerifyCode = async (e) => {
+    e.preventDefault();
+    setLoading(true);
+    setError("");
+    try {
+      await linkOtpVerify(email, code);
+      onSuccess();
+    } catch (err) {
+      onFatalError(err instanceof Error ? err.message : "Invalid code. Please try again.");
+    } finally {
+      setLoading(false);
+    }
+  };
+  if (!codeSent) {
+    return /* @__PURE__ */ jsxs15("div", { className: "fc-tab", children: [
+      error && /* @__PURE__ */ jsx16("p", { className: "fc-error", children: error }),
+      /* @__PURE__ */ jsxs15("form", { className: "fc-form", onSubmit: handleSendCode, children: [
+        /* @__PURE__ */ jsxs15("label", { className: "fc-label", children: [
+          "Email",
+          /* @__PURE__ */ jsx16("input", { className: "fc-input", type: "email", value: email, onChange: (e) => setEmail(e.target.value), required: true, placeholder: "you@example.com" })
+        ] }),
+        /* @__PURE__ */ jsx16("button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading, children: loading ? "Sending..." : "Send code" })
+      ] }),
+      onBack && /* @__PURE__ */ jsx16("div", { className: "fc-switch", children: /* @__PURE__ */ jsx16("button", { type: "button", className: "fc-link", onClick: onBack, children: "Back" }) })
+    ] });
+  }
+  return /* @__PURE__ */ jsxs15("div", { className: "fc-tab", children: [
+    /* @__PURE__ */ jsxs15("p", { className: "fc-text", children: [
+      "A 6-digit code was sent to ",
+      /* @__PURE__ */ jsx16("strong", { children: email })
+    ] }),
+    error && /* @__PURE__ */ jsx16("p", { className: "fc-error", children: error }),
+    /* @__PURE__ */ jsxs15("form", { className: "fc-form", onSubmit: handleVerifyCode, children: [
+      /* @__PURE__ */ jsxs15("label", { className: "fc-label", children: [
+        "Code",
+        /* @__PURE__ */ jsx16(
+          "input",
+          {
+            className: "fc-input",
+            type: "text",
+            inputMode: "numeric",
+            pattern: "[0-9]{6}",
+            maxLength: 6,
+            value: code,
+            onChange: (e) => setCode(e.target.value.replace(/\D/g, "").slice(0, 6)),
+            required: true,
+            placeholder: "000000",
+            autoFocus: true
+          }
+        )
+      ] }),
+      /* @__PURE__ */ jsx16("button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading || code.length !== 6, children: loading ? "Verifying..." : "Verify & link" })
+    ] }),
+    /* @__PURE__ */ jsx16("div", { className: "fc-switch", children: /* @__PURE__ */ jsx16("button", { type: "button", className: "fc-link", onClick: () => {
+      setCodeSent(false);
+      setCode("");
+      setError("");
+    }, children: "Use a different email" }) })
+  ] });
+}
+function WalletLinkStep({ onBack, onSuccess, onFatalError }) {
+  const { walletAdapter, config } = useForgeConnect();
+  const { linkWallet } = useWallets();
+  const [loading, setLoading] = useState15(false);
+  const [error, setError] = useState15("");
+  const [showOther, setShowOther] = useState15(false);
+  const mobile = useMemo2(() => isMobile(), []);
+  const walletConfig = config.walletConfig;
+  const preferred = walletConfig?.preferredWallets ?? [];
+  const onlyPreferred = walletConfig?.onlyPreferred ?? false;
+  const handleConnect = async (w) => {
+    if (w.readyState !== "Installed") {
+      if (mobile) {
+        const mw = MOBILE_WALLETS.find((m) => m.name === w.adapter.name);
+        if (mw) {
+          window.location.href = mw.buildUrl(window.location.href);
+          return;
+        }
       }
-    )
+      const url = w.adapter.url;
+      if (url) window.open(url, "_blank");
+      return;
+    }
+    setError("");
+    setLoading(true);
+    try {
+      if (!w.adapter.connected) await w.adapter.connect();
+      const pk = w.adapter.publicKey;
+      if (!pk) throw new Error("Wallet did not provide a public key.");
+      const adapterSignMessage = w.adapter.signMessage ? (msg) => w.adapter.signMessage(msg) : void 0;
+      if (!adapterSignMessage) throw new Error("This wallet does not support message signing.");
+      await linkWallet(pk.toBase58(), adapterSignMessage, "solana");
+      onSuccess();
+    } catch (err) {
+      onFatalError(err instanceof Error ? err.message : "Could not link this wallet. Please try again.");
+    }
+  };
+  const { preferredWallets, otherWallets } = useMemo2(() => {
+    if (!walletAdapter) return { preferredWallets: [], otherWallets: [] };
+    const all = walletAdapter.wallets;
+    const prefList = preferred.map((name) => all.find((w) => w.adapter.name === name)).filter(Boolean);
+    if (onlyPreferred && preferred.length > 0) return { preferredWallets: prefList, otherWallets: [] };
+    const prefSet = new Set(preferred);
+    const others = all.filter((w) => !prefSet.has(w.adapter.name) && w.readyState === "Installed");
+    return { preferredWallets: prefList, otherWallets: others };
+  }, [walletAdapter?.wallets, walletConfig]);
+  const mobileExtraWallets = useMemo2(() => {
+    if (!mobile || !walletAdapter) return [];
+    const adapterNames = new Set(walletAdapter.wallets.map((w) => w.adapter.name));
+    return MOBILE_WALLETS.filter((mw) => !adapterNames.has(mw.name));
+  }, [mobile, walletAdapter?.wallets]);
+  if (!walletAdapter && mobile) {
+    return /* @__PURE__ */ jsxs15("div", { className: "fc-tab", children: [
+      /* @__PURE__ */ jsx16("div", { className: "fc-wallet-list", children: MOBILE_WALLETS.map((mw) => /* @__PURE__ */ jsxs15(
+        "button",
+        {
+          type: "button",
+          className: "fc-btn fc-btn-wallet",
+          onClick: () => {
+            window.location.href = mw.buildUrl(window.location.href);
+          },
+          children: [
+            /* @__PURE__ */ jsx16("span", { style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ jsx16("img", { src: mw.icon, alt: "", className: "fc-wallet-icon" }) }),
+            /* @__PURE__ */ jsx16("span", { className: "fc-wallet-name", children: mw.name }),
+            /* @__PURE__ */ jsx16("span", { className: "fc-badge-preferred", children: "Open app" })
+          ]
+        },
+        mw.name
+      )) }),
+      onBack && /* @__PURE__ */ jsx16("div", { className: "fc-switch", children: /* @__PURE__ */ jsx16("button", { type: "button", className: "fc-link", onClick: onBack, children: "Back" }) })
+    ] });
+  }
+  if (!walletAdapter) {
+    return /* @__PURE__ */ jsxs15("div", { className: "fc-tab", children: [
+      /* @__PURE__ */ jsxs15("p", { className: "fc-text", children: [
+        "No wallet adapter detected. Pass ",
+        /* @__PURE__ */ jsx16("code", { children: "walletAdapter" }),
+        " to",
+        " ",
+        /* @__PURE__ */ jsx16("code", { children: "<ForgeConnectProvider>" }),
+        " to enable wallet connection."
+      ] }),
+      onBack && /* @__PURE__ */ jsx16("div", { className: "fc-switch", children: /* @__PURE__ */ jsx16("button", { type: "button", className: "fc-link", onClick: onBack, children: "Back" }) })
+    ] });
+  }
+  return /* @__PURE__ */ jsxs15("div", { className: "fc-tab", children: [
+    loading ? /* @__PURE__ */ jsxs15("div", { style: { textAlign: "center", padding: "24px 0" }, children: [
+      /* @__PURE__ */ jsx16("p", { className: "fc-tab-title", children: "Connecting..." }),
+      /* @__PURE__ */ jsx16("p", { className: "fc-text", children: "Approve the connection, then sign the verification request in your wallet" }),
+      error && /* @__PURE__ */ jsxs15(Fragment6, { children: [
+        /* @__PURE__ */ jsx16("p", { className: "fc-error", children: error }),
+        /* @__PURE__ */ jsx16(
+          "button",
+          {
+            type: "button",
+            className: "fc-btn fc-btn-secondary",
+            onClick: () => {
+              setLoading(false);
+              setError("");
+            },
+            style: { marginTop: 8 },
+            children: "Try again"
+          }
+        )
+      ] })
+    ] }) : /* @__PURE__ */ jsxs15(Fragment6, { children: [
+      /* @__PURE__ */ jsxs15("div", { className: "fc-wallet-list", children: [
+        preferredWallets.map((w) => {
+          const installed = w.readyState === "Installed";
+          return /* @__PURE__ */ jsxs15("button", { type: "button", className: "fc-btn fc-btn-wallet", onClick: () => handleConnect(w), children: [
+            /* @__PURE__ */ jsx16("span", { className: installed ? "fc-installed-dot" : "", style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ jsx16("img", { src: w.adapter.icon, alt: "", className: "fc-wallet-icon" }) }),
+            /* @__PURE__ */ jsx16("span", { className: "fc-wallet-name", children: w.adapter.name }),
+            /* @__PURE__ */ jsx16("span", { className: "fc-badge-preferred", children: "Preferred" }),
+            !installed && mobile && MOBILE_WALLETS.some((mw) => mw.name === w.adapter.name) ? /* @__PURE__ */ jsx16("span", { className: "fc-badge-install", children: "Open app" }) : !installed && /* @__PURE__ */ jsx16("span", { className: "fc-badge-install", children: "Install" })
+          ] }, w.adapter.name);
+        }),
+        mobileExtraWallets.map((mw) => /* @__PURE__ */ jsxs15(
+          "button",
+          {
+            type: "button",
+            className: "fc-btn fc-btn-wallet",
+            onClick: () => {
+              window.location.href = mw.buildUrl(window.location.href);
+            },
+            children: [
+              /* @__PURE__ */ jsx16("span", { style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ jsx16("img", { src: mw.icon, alt: "", className: "fc-wallet-icon" }) }),
+              /* @__PURE__ */ jsx16("span", { className: "fc-wallet-name", children: mw.name }),
+              /* @__PURE__ */ jsx16("span", { className: "fc-badge-install", children: "Open app" })
+            ]
+          },
+          mw.name
+        )),
+        otherWallets.length > 0 && !showOther && /* @__PURE__ */ jsxs15("button", { type: "button", className: "fc-btn fc-btn-wallet", onClick: () => setShowOther(true), children: [
+          /* @__PURE__ */ jsx16("span", { className: "fc-other-wallets-icon", children: /* @__PURE__ */ jsxs15("svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", children: [
+            /* @__PURE__ */ jsx16("rect", { x: "2", y: "3", width: "16", height: "14", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
+            /* @__PURE__ */ jsx16("path", { d: "M2 7h16", stroke: "currentColor", strokeWidth: "1.5" }),
+            /* @__PURE__ */ jsx16("rect", { x: "11", y: "10", width: "7", height: "4", rx: "1", stroke: "currentColor", strokeWidth: "1.5" })
+          ] }) }),
+          /* @__PURE__ */ jsx16("span", { className: "fc-wallet-name", children: "Other wallets" })
+        ] }),
+        showOther && otherWallets.map((w) => /* @__PURE__ */ jsxs15("button", { type: "button", className: "fc-btn fc-btn-wallet", onClick: () => handleConnect(w), children: [
+          /* @__PURE__ */ jsx16("span", { className: "fc-installed-dot", style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ jsx16("img", { src: w.adapter.icon, alt: "", className: "fc-wallet-icon" }) }),
+          /* @__PURE__ */ jsx16("span", { className: "fc-wallet-name", children: w.adapter.name })
+        ] }, w.adapter.name))
+      ] }),
+      preferredWallets.length === 0 && otherWallets.length === 0 && mobileExtraWallets.length === 0 && /* @__PURE__ */ jsx16("p", { className: "fc-text", children: "No wallet found. Please install a Solana wallet (like Phantom) to continue." }),
+      error && /* @__PURE__ */ jsx16("p", { className: "fc-error", children: error })
+    ] }),
+    !loading && onBack && /* @__PURE__ */ jsx16("div", { className: "fc-switch", children: /* @__PURE__ */ jsx16("button", { type: "button", className: "fc-link", onClick: onBack, children: "Back" }) })
+  ] });
+}
+function SuccessView2() {
+  return /* @__PURE__ */ jsxs15("div", { className: "fc-success", children: [
+    /* @__PURE__ */ jsx16("div", { className: "fc-success-icon", children: /* @__PURE__ */ jsxs15("svg", { viewBox: "0 0 52 52", className: "fc-success-check", children: [
+      /* @__PURE__ */ jsx16("circle", { className: "fc-success-circle", cx: "26", cy: "26", r: "24", fill: "none" }),
+      /* @__PURE__ */ jsx16("path", { className: "fc-success-tick", fill: "none", d: "M15 26l7.5 7.5L37 19" })
+    ] }) }),
+    /* @__PURE__ */ jsx16("p", { className: "fc-success-text", children: "Linked" })
   ] });
 }
 
 // src/provider.tsx
-import { jsx as jsx7, jsxs as jsxs7 } from "react/jsx-runtime";
-function ForgeConnectProvider({ config, children, onLogin, onLogout }) {
-  const [auth, setAuth] = useState4({
+import { jsx as jsx17, jsxs as jsxs16 } from "react/jsx-runtime";
+function ForgeConnectProvider({ config, children, onLogin, onLogout, walletAdapter }) {
+  const [auth, setAuth] = useState16({
     status: "loading",
     user: null,
     accessToken: null
   });
-  const [modal, setModal] = useState4({
+  const [modal, setModal] = useState16({
     isOpen: false,
     step: "method-select"
   });
-  const apiRef = useRef3(createApiClient(config.apiUrl));
-  const refreshTimerRef = useRef3(null);
+  const [accountModal, setAccountModal] = useState16({ isOpen: false });
+  const [linkModal, setLinkModal] = useState16({ isOpen: false });
+  const [challengeToken, setChallengeToken] = useState16(null);
+  const apiRef = useRef8(createApiClient(config.apiUrl));
+  const refreshTimerRef = useRef8(null);
   const api = apiRef.current;
-  const scheduleRefresh = useCallback((token) => {
+  const scheduleRefresh = useCallback8((token) => {
     if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
     const delay = getRefreshDelay(token);
     if (delay === null) return;
@@ -785,7 +3757,7 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout }) {
       }
     }, delay);
   }, [api]);
-  useEffect3(() => {
+  useEffect12(() => {
     const init = async () => {
       const token = getStoredToken();
       if (!token) {
@@ -819,13 +3791,21 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout }) {
       if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
     };
   }, [api, scheduleRefresh]);
-  useEffect3(() => {
-    if (window.location.pathname === "/__fc_oauth_callback") {
+  useEffect12(() => {
+    if (window.location.pathname === "/fc-oauth-callback") {
       const params = new URLSearchParams(window.location.search);
-      const token = params.get("fc_token");
-      if (token && window.opener) {
+      if (params.get("fc_link_success") && window.opener) {
+        window.opener.postMessage(
+          { type: "fc_oauth_link_success", provider: params.get("fc_provider") },
+          window.location.origin
+        );
+        window.close();
+        return;
+      }
+      const authCode = params.get("fc_code");
+      if (authCode && window.opener) {
         window.opener.postMessage(
-          { type: "fc_oauth_callback", accessToken: token },
+          { type: "fc_oauth_code", code: authCode },
           window.location.origin
         );
         window.close();
@@ -834,16 +3814,27 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout }) {
     }
     const handleMessage = async (event) => {
       if (event.origin !== window.location.origin) return;
-      if (event.data?.type !== "fc_oauth_callback") return;
-      const token = event.data.accessToken;
-      if (!token) return;
-      setStoredToken(token);
+      if (event.data?.type !== "fc_oauth_code") return;
+      const code = event.data.code;
+      if (!code) return;
       try {
+        const result = await api.exchangeOAuthCode(code);
+        if (result.requires2FA && result.challengeToken) {
+          setChallengeToken(result.challengeToken);
+          setModal({ isOpen: true, step: "verify-2fa" });
+          return;
+        }
+        const token = result.accessToken;
+        if (!token) return;
+        setStoredToken(token);
+        setModal({ isOpen: true, step: "success" });
         const user = await api.getMe(token);
         setAuth({ status: "authenticated", user, accessToken: token });
         scheduleRefresh(token);
-        setModal({ isOpen: false, step: "method-select" });
         onLogin?.(user);
+        setTimeout(() => {
+          setModal({ isOpen: false, step: "method-select" });
+        }, 1500);
       } catch {
         removeStoredToken();
       }
@@ -851,68 +3842,120 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout }) {
     window.addEventListener("message", handleMessage);
     return () => window.removeEventListener("message", handleMessage);
   }, [api, config.apiUrl, scheduleRefresh, onLogin]);
-  const handleAuthSuccess = useCallback(
+  useEffect12(() => {
+    if (config.loginMethods && config.loginMethods.length > 0) {
+      const hasLegacy = config.oauthProviders || config.walletLogin !== void 0 || config.passwordlessLogin !== void 0;
+      if (hasLegacy) {
+        console.warn(
+          "[ForgeConnect] Both loginMethods and legacy fields (oauthProviders, walletLogin, passwordlessLogin) are set. loginMethods takes precedence."
+        );
+      }
+    }
+  }, []);
+  const handleAuthSuccess = useCallback8(
     async (token) => {
       setStoredToken(token);
       const user = await api.getMe(token);
       setAuth({ status: "authenticated", user, accessToken: token });
       scheduleRefresh(token);
-      setModal({ isOpen: false, step: "method-select" });
+      setModal({ isOpen: true, step: "success" });
       onLogin?.(user);
+      setTimeout(() => {
+        setModal({ isOpen: false, step: "method-select" });
+      }, 1500);
     },
     [api, scheduleRefresh, onLogin]
   );
-  const loginWithEmail = useCallback(
+  const loginWithEmail = useCallback8(
     async (email, password) => {
-      const { accessToken } = await api.login(email, password);
-      await handleAuthSuccess(accessToken);
+      const res = await api.login(email, password);
+      if (res.requires2FA) {
+        setChallengeToken(res.challengeToken);
+        setModal((prev) => ({ ...prev, step: "verify-2fa" }));
+        return;
+      }
+      await handleAuthSuccess(res.accessToken);
     },
     [api, handleAuthSuccess]
   );
-  const register = useCallback(
+  const register = useCallback8(
     async (email, password, displayName) => {
       await api.register(email, password, displayName);
     },
     [api]
   );
-  const sendOtp = useCallback(
+  const sendOtp = useCallback8(
     async (email) => {
       await api.sendOtp(email);
     },
     [api]
   );
-  const verifyOtp = useCallback(
+  const verifyOtp = useCallback8(
     async (email, code) => {
-      const { accessToken } = await api.verifyOtp(email, code);
-      await handleAuthSuccess(accessToken);
+      const res = await api.verifyOtp(email, code);
+      if (res.requires2FA) {
+        setChallengeToken(res.challengeToken);
+        setModal((prev) => ({ ...prev, step: "verify-2fa" }));
+        return;
+      }
+      await handleAuthSuccess(res.accessToken);
     },
     [api, handleAuthSuccess]
   );
-  const loginWithWallet = useCallback(
-    async (walletAddress, signMessage, chain = "solana") => {
-      const { challengeId, nonce } = await api.walletChallenge(walletAddress, chain);
-      const message = new TextEncoder().encode(nonce);
-      const signatureBytes = await signMessage(message);
-      const signature = chain === "solana" ? uint8ArrayToBase58(signatureBytes) : Array.from(signatureBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
-      const { accessToken } = await api.walletVerify(challengeId, signature, walletAddress);
-      await handleAuthSuccess(accessToken);
+  const loginWithWallet = useCallback8(
+    async (walletAddress, signMessage, chain = "solana", signTransaction) => {
+      if (signMessage) {
+        const { challengeId: challengeId2, message: challengeMessage } = await api.walletChallenge(walletAddress, chain);
+        const message = new TextEncoder().encode(challengeMessage);
+        const signatureBytes = await signMessage(message);
+        const signature = chain === "solana" ? uint8ArrayToBase58(signatureBytes) : Array.from(signatureBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+        const res2 = await api.walletVerify(challengeId2, signature, walletAddress);
+        if (res2.requires2FA) {
+          setChallengeToken(res2.challengeToken);
+          setModal((prev) => ({ ...prev, step: "verify-2fa" }));
+          return;
+        }
+        await handleAuthSuccess(res2.accessToken);
+        return;
+      }
+      if (!signTransaction) {
+        throw new Error("Wallet does not support message signing or transaction signing.");
+      }
+      const { challengeId, transaction: txBase64 } = await api.walletChallengeTx(walletAddress, chain);
+      const signedTxBase64 = await signTransaction(txBase64);
+      const res = await api.walletVerifyTx(challengeId, signedTxBase64, walletAddress);
+      if (res.requires2FA) {
+        setChallengeToken(res.challengeToken);
+        setModal((prev) => ({ ...prev, step: "verify-2fa" }));
+        return;
+      }
+      await handleAuthSuccess(res.accessToken);
     },
     [api, handleAuthSuccess]
   );
-  const loginWithOAuth = useCallback(
+  const loginWithOAuth = useCallback8(
     (provider) => {
       const callbackUrl = `${config.apiUrl}/auth/oauth/${provider}`;
-      const redirectUri = encodeURIComponent(window.location.origin + "/__fc_oauth_callback");
+      const redirectUri = encodeURIComponent(window.location.origin + "/fc-oauth-callback");
       const url = `${callbackUrl}?redirect_uri=${redirectUri}`;
       const width = 500;
       const height = 600;
       const left = window.screenX + (window.innerWidth - width) / 2;
       const top = window.screenY + (window.innerHeight - height) / 2;
-      window.open(url, "fc_oauth", `width=${width},height=${height},left=${left},top=${top}`);
+      const popup = window.open(url, "fc_oauth", `width=${width},height=${height},left=${left},top=${top}`);
+      setModal({ isOpen: true, step: "oauth" });
+      if (popup) {
+        const poll = setInterval(() => {
+          if (popup.closed) {
+            clearInterval(poll);
+            setModal((prev) => prev.step === "oauth" ? { isOpen: true, step: "method-select" } : prev);
+          }
+        }, 500);
+      }
     },
     [config.apiUrl]
   );
-  const logout = useCallback(async () => {
+  const logout = useCallback8(async () => {
     const token = auth.accessToken;
     removeStoredToken();
     if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
@@ -925,7 +3968,49 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout }) {
       }
     }
   }, [auth.accessToken, api, onLogout]);
-  const logoutAll = useCallback(async () => {
+  const forgotPassword = useCallback8(
+    async (email) => {
+      await api.forgotPassword(email);
+    },
+    [api]
+  );
+  const resetPassword = useCallback8(
+    async (token, password) => {
+      await api.resetPassword(token, password);
+    },
+    [api]
+  );
+  const verifyEmailToken = useCallback8(
+    async (token) => {
+      const res = await api.verifyEmailToken(token);
+      if (res.requires2FA) {
+        setChallengeToken(res.challengeToken);
+        setModal({ isOpen: true, step: "verify-2fa" });
+        return;
+      }
+      await handleAuthSuccess(res.accessToken);
+    },
+    [api, handleAuthSuccess]
+  );
+  const loginWithPasskey = useCallback8(async () => {
+    const { options, challengeKey } = await api.getPasskeyLoginOptions(config.webauthnRpId);
+    const authResponse = await startAuthentication({ optionsJSON: options });
+    const { accessToken } = await api.verifyPasskeyLogin(challengeKey, authResponse, config.webauthnRpId, config.webauthnOrigin);
+    await handleAuthSuccess(accessToken);
+  }, [api, handleAuthSuccess, config.webauthnRpId, config.webauthnOrigin]);
+  const verify2FA = useCallback8(async (code) => {
+    if (!challengeToken) throw new Error("No 2FA challenge active");
+    const { accessToken } = await api.verify2FA(challengeToken, code);
+    setChallengeToken(null);
+    await handleAuthSuccess(accessToken);
+  }, [api, challengeToken, handleAuthSuccess]);
+  const verifyRecoveryCode = useCallback8(async (code) => {
+    if (!challengeToken) throw new Error("No 2FA challenge active");
+    const { accessToken } = await api.verifyRecoveryCode(challengeToken, code);
+    setChallengeToken(null);
+    await handleAuthSuccess(accessToken);
+  }, [api, challengeToken, handleAuthSuccess]);
+  const logoutAll = useCallback8(async () => {
     const token = auth.accessToken;
     removeStoredToken();
     if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
@@ -938,17 +4023,39 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout }) {
       }
     }
   }, [auth.accessToken, api, onLogout]);
-  const openModal = useCallback(() => {
-    setModal({ isOpen: true, step: "method-select" });
-  }, []);
-  const closeModal = useCallback(() => {
+  const openModal = useCallback8(() => {
+    const methods = resolveLoginMethods(config);
+    if (methods.length === 1 && isOAuthMethod(methods[0])) {
+      loginWithOAuth(methods[0]);
+      return;
+    }
+    if (config.defaultLoginMethod && isOAuthMethod(config.defaultLoginMethod) && methods.includes(config.defaultLoginMethod)) {
+      loginWithOAuth(config.defaultLoginMethod);
+      return;
+    }
+    const step = resolveInitialStep(config, methods);
+    setModal({ isOpen: true, step });
+  }, [config, loginWithOAuth]);
+  const closeModal = useCallback8(() => {
     setModal({ isOpen: false, step: "method-select" });
   }, []);
-  const setModalStep = useCallback((step) => {
+  const setModalStep = useCallback8((step) => {
     setModal((prev) => ({ ...prev, step }));
   }, []);
-  const getAccessToken = useCallback(() => auth.accessToken, [auth.accessToken]);
-  const value = {
+  const openAccountModal = useCallback8(() => {
+    setAccountModal({ isOpen: true });
+  }, []);
+  const closeAccountModal = useCallback8(() => {
+    setAccountModal({ isOpen: false });
+  }, []);
+  const openLinkModal = useCallback8((mode) => {
+    setLinkModal({ isOpen: true, mode: mode ?? "auth" });
+  }, []);
+  const closeLinkModal = useCallback8(() => {
+    setLinkModal({ isOpen: false });
+  }, []);
+  const getAccessToken = useCallback8(() => auth.accessToken, [auth.accessToken]);
+  const value = useMemo3(() => ({
     auth,
     modal,
     config,
@@ -959,189 +4066,367 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout }) {
     verifyOtp,
     loginWithWallet,
     loginWithOAuth,
+    loginWithPasskey,
     logout,
     logoutAll,
+    forgotPassword,
+    resetPassword,
+    verifyEmailToken,
+    challengeToken,
+    verify2FA,
+    verifyRecoveryCode,
     openModal,
     closeModal,
     setModalStep,
-    getAccessToken
-  };
-  return /* @__PURE__ */ jsxs7(ForgeConnectContext.Provider, { value, children: [
+    accountModal,
+    openAccountModal,
+    closeAccountModal,
+    linkModal,
+    openLinkModal,
+    closeLinkModal,
+    getAccessToken,
+    walletAdapter: walletAdapter ?? null
+  }), [
+    auth,
+    modal,
+    config,
+    api,
+    challengeToken,
+    accountModal,
+    linkModal,
+    loginWithEmail,
+    register,
+    sendOtp,
+    verifyOtp,
+    loginWithWallet,
+    loginWithOAuth,
+    loginWithPasskey,
+    logout,
+    logoutAll,
+    forgotPassword,
+    resetPassword,
+    verifyEmailToken,
+    verify2FA,
+    verifyRecoveryCode,
+    openModal,
+    closeModal,
+    setModalStep,
+    openAccountModal,
+    closeAccountModal,
+    openLinkModal,
+    closeLinkModal,
+    getAccessToken,
+    walletAdapter
+  ]);
+  return /* @__PURE__ */ jsxs16(ForgeConnectContext.Provider, { value, children: [
     children,
-    /* @__PURE__ */ jsx7(LoginModal, {})
+    /* @__PURE__ */ jsx17(LoginModal, {}),
+    /* @__PURE__ */ jsx17(AccountModal, {}),
+    /* @__PURE__ */ jsx17(LinkAuthModal, {})
   ] });
 }
-var BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
-function uint8ArrayToBase58(bytes) {
-  const digits = [0];
-  for (const byte of bytes) {
-    let carry = byte;
-    for (let j = 0; j < digits.length; j++) {
-      carry += digits[j] << 8;
-      digits[j] = carry % 58;
-      carry = carry / 58 | 0;
-    }
-    while (carry > 0) {
-      digits.push(carry % 58);
-      carry = carry / 58 | 0;
-    }
-  }
-  let str = "";
-  for (let i = 0; i < bytes.length && bytes[i] === 0; i++) {
-    str += "1";
-  }
-  for (let i = digits.length - 1; i >= 0; i--) {
-    str += BASE58_ALPHABET[digits[i]];
-  }
-  return str;
-}
 
 // src/components/login-button.tsx
-import { jsx as jsx8 } from "react/jsx-runtime";
+import { jsx as jsx18 } from "react/jsx-runtime";
 function LoginButton({ className, label }) {
   const { auth, openModal, logout } = useForgeConnect();
   if (auth.status === "loading") {
-    return /* @__PURE__ */ jsx8("button", { type: "button", className: className ?? "fc-btn fc-btn-login", disabled: true, children: "Loading..." });
+    return /* @__PURE__ */ jsx18("button", { type: "button", className: className ?? "fc-btn fc-btn-login", disabled: true, children: "Loading..." });
   }
   if (auth.status === "authenticated") {
-    return /* @__PURE__ */ jsx8("button", { type: "button", className: className ?? "fc-btn fc-btn-login", onClick: logout, children: label ?? "Log out" });
+    return /* @__PURE__ */ jsx18("button", { type: "button", className: className ?? "fc-btn fc-btn-login", onClick: logout, children: label ?? "Log out" });
   }
-  return /* @__PURE__ */ jsx8("button", { type: "button", className: className ?? "fc-btn fc-btn-login", onClick: openModal, children: label ?? "Sign in" });
+  return /* @__PURE__ */ jsx18("button", { type: "button", className: className ?? "fc-btn fc-btn-login", onClick: openModal, children: label ?? "Sign in" });
 }
 
-// src/hooks/use-user.ts
-import { useState as useState5, useCallback as useCallback2 } from "react";
-function useUser() {
-  const { auth, api, getAccessToken } = useForgeConnect();
-  const [authMethods, setAuthMethods] = useState5(null);
-  const [loading, setLoading] = useState5(false);
-  const updateProfile = useCallback2(
-    async (data) => {
+// src/components/account-button.tsx
+import { jsx as jsx19, jsxs as jsxs17 } from "react/jsx-runtime";
+function AccountButton({ className, loginLabel, compact }) {
+  const { auth, openModal, openAccountModal } = useForgeConnect();
+  if (auth.status === "loading") {
+    return /* @__PURE__ */ jsx19("button", { type: "button", className: className ?? "fc-btn fc-btn-login", disabled: true, children: "Loading..." });
+  }
+  if (auth.status === "authenticated" && auth.user) {
+    const user = auth.user;
+    const initial = (user.displayName ?? user.primaryEmail ?? "?").charAt(0).toUpperCase();
+    return /* @__PURE__ */ jsxs17("button", { type: "button", className: className ?? "fc-btn-account", onClick: openAccountModal, children: [
+      user.avatarUrl ? /* @__PURE__ */ jsx19("img", { src: user.avatarUrl, alt: "", className: "fc-account-avatar" }) : /* @__PURE__ */ jsx19("span", { className: "fc-account-avatar-placeholder", children: initial }),
+      !compact && /* @__PURE__ */ jsx19("span", { children: user.displayName ?? user.primaryEmail ?? "Account" })
+    ] });
+  }
+  return /* @__PURE__ */ jsx19("button", { type: "button", className: className ?? "fc-btn fc-btn-login", onClick: openModal, children: loginLabel ?? "Sign in" });
+}
+
+// src/hooks/use-admin.ts
+import { useState as useState17, useCallback as useCallback9 } from "react";
+function useAdmin() {
+  const { api, getAccessToken } = useForgeConnect();
+  const [users, setUsers] = useState17(null);
+  const [selectedUser, setSelectedUser] = useState17(null);
+  const [userSessions, setUserSessions] = useState17(null);
+  const [loading, setLoading] = useState17(false);
+  const listUsers = useCallback9(
+    async (params) => {
       const token = getAccessToken();
-      if (!token) throw new Error("Not authenticated");
-      return api.updateMe(token, data);
+      if (!token) throw new Error("Please sign in to continue.");
+      setLoading(true);
+      try {
+        const data = await api.adminListUsers(token, params);
+        setUsers(data);
+        return data;
+      } finally {
+        setLoading(false);
+      }
     },
     [api, getAccessToken]
   );
-  const fetchAuthMethods = useCallback2(async () => {
-    const token = getAccessToken();
-    if (!token) throw new Error("Not authenticated");
-    setLoading(true);
-    try {
-      const methods = await api.getAuthMethods(token);
-      setAuthMethods(methods);
-      return methods;
-    } finally {
-      setLoading(false);
-    }
-  }, [api, getAccessToken]);
-  const linkAuthMethod = useCallback2(
-    async (data) => {
+  const getUser = useCallback9(
+    async (id) => {
       const token = getAccessToken();
-      if (!token) throw new Error("Not authenticated");
-      await api.linkAuthMethod(token, data);
-      await fetchAuthMethods();
+      if (!token) throw new Error("Please sign in to continue.");
+      setLoading(true);
+      try {
+        const data = await api.adminGetUser(token, id);
+        setSelectedUser(data);
+        return data;
+      } finally {
+        setLoading(false);
+      }
     },
-    [api, getAccessToken, fetchAuthMethods]
+    [api, getAccessToken]
+  );
+  const updateUserStatus = useCallback9(
+    async (id, status) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.adminUpdateUserStatus(token, id, status);
+      if (selectedUser?.id === id) {
+        await getUser(id);
+      }
+    },
+    [api, getAccessToken, selectedUser?.id, getUser]
   );
-  const unlinkAuthMethod = useCallback2(
+  const getUserSessions = useCallback9(
     async (id) => {
       const token = getAccessToken();
-      if (!token) throw new Error("Not authenticated");
-      await api.unlinkAuthMethod(token, id);
-      await fetchAuthMethods();
+      if (!token) throw new Error("Please sign in to continue.");
+      setLoading(true);
+      try {
+        const data = await api.adminGetUserSessions(token, id);
+        setUserSessions(data);
+        return data;
+      } finally {
+        setLoading(false);
+      }
     },
-    [api, getAccessToken, fetchAuthMethods]
+    [api, getAccessToken]
+  );
+  const revokeUserSessions = useCallback9(
+    async (id) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.adminRevokeUserSessions(token, id);
+      setUserSessions([]);
+    },
+    [api, getAccessToken]
   );
   return {
-    user: auth.user,
-    authMethods,
+    users,
+    selectedUser,
+    userSessions,
     loading,
-    updateProfile,
-    fetchAuthMethods,
-    linkAuthMethod,
-    unlinkAuthMethod
+    listUsers,
+    getUser,
+    updateUserStatus,
+    getUserSessions,
+    revokeUserSessions
   };
 }
 
-// src/hooks/use-wallets.ts
-import { useState as useState6, useCallback as useCallback3 } from "react";
-function useWallets() {
+// src/hooks/use-roles.ts
+import { useState as useState18, useCallback as useCallback10 } from "react";
+function useRoles() {
   const { api, getAccessToken } = useForgeConnect();
-  const [wallets, setWallets] = useState6(null);
-  const [loading, setLoading] = useState6(false);
-  const fetchWallets = useCallback3(async () => {
-    const token = getAccessToken();
-    if (!token) throw new Error("Not authenticated");
-    setLoading(true);
-    try {
-      const data = await api.getWallets(token);
-      setWallets(data);
-      return data;
-    } finally {
-      setLoading(false);
-    }
-  }, [api, getAccessToken]);
-  const updateWallet = useCallback3(
+  const [roles, setRoles] = useState18(null);
+  const [selectedRole, setSelectedRole] = useState18(null);
+  const [userRoleAssignments, setUserRoleAssignments] = useState18(null);
+  const [roleUsers, setRoleUsers] = useState18(null);
+  const [permissionDomains, setPermissionDomains] = useState18(null);
+  const [loading, setLoading] = useState18(false);
+  const listRoles = useCallback10(
+    async (tenantId) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      setLoading(true);
+      try {
+        const data = await api.adminListRoles(token, tenantId);
+        setRoles(data.data);
+        return data.data;
+      } finally {
+        setLoading(false);
+      }
+    },
+    [api, getAccessToken]
+  );
+  const getRoleUsers = useCallback10(
+    async (id) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      const data = await api.adminGetRoleUsers(token, id);
+      setRoleUsers(data.data);
+      return data.data;
+    },
+    [api, getAccessToken]
+  );
+  const getRole = useCallback10(
+    async (id) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      setLoading(true);
+      try {
+        const data = await api.adminGetRole(token, id);
+        setSelectedRole(data);
+        getRoleUsers(id).catch(() => {
+        });
+        return data;
+      } finally {
+        setLoading(false);
+      }
+    },
+    [api, getAccessToken, getRoleUsers]
+  );
+  const createRole = useCallback10(
+    async (data) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      const role = await api.adminCreateRole(token, data);
+      await listRoles(data.tenantId);
+      return role;
+    },
+    [api, getAccessToken, listRoles]
+  );
+  const updateRole = useCallback10(
     async (id, data) => {
       const token = getAccessToken();
-      if (!token) throw new Error("Not authenticated");
-      await api.updateWallet(token, id, data);
-      await fetchWallets();
+      if (!token) throw new Error("Please sign in to continue.");
+      const role = await api.adminUpdateRole(token, id, data);
+      setSelectedRole(role);
+      return role;
     },
-    [api, getAccessToken, fetchWallets]
+    [api, getAccessToken]
   );
-  return {
-    wallets,
-    loading,
-    fetchWallets,
-    updateWallet
-  };
-}
-
-// src/hooks/use-sessions.ts
-import { useState as useState7, useCallback as useCallback4 } from "react";
-function useSessions() {
-  const { api, getAccessToken } = useForgeConnect();
-  const [sessions, setSessions] = useState7(null);
-  const [loading, setLoading] = useState7(false);
-  const fetchSessions = useCallback4(async () => {
-    const token = getAccessToken();
-    if (!token) throw new Error("Not authenticated");
-    setLoading(true);
-    try {
-      const data = await api.getSessions(token);
-      setSessions(data);
-      return data;
-    } finally {
-      setLoading(false);
-    }
-  }, [api, getAccessToken]);
-  const revokeSession = useCallback4(
+  const deleteRole = useCallback10(
     async (id) => {
       const token = getAccessToken();
-      if (!token) throw new Error("Not authenticated");
-      await api.revokeSession(token, id);
-      await fetchSessions();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.adminDeleteRole(token, id);
+      if (selectedRole?.id === id) setSelectedRole(null);
     },
-    [api, getAccessToken, fetchSessions]
+    [api, getAccessToken, selectedRole?.id]
+  );
+  const getPermissions = useCallback10(
+    async () => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      const data = await api.adminGetPermissions(token);
+      setPermissionDomains(data.domains);
+      return data.domains;
+    },
+    [api, getAccessToken]
+  );
+  const getUserRoles = useCallback10(
+    async (userId, tenantId) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      setLoading(true);
+      try {
+        const data = await api.adminGetUserRoles(token, userId, tenantId);
+        setUserRoleAssignments(data.data);
+        return data.data;
+      } finally {
+        setLoading(false);
+      }
+    },
+    [api, getAccessToken]
+  );
+  const assignRole = useCallback10(
+    async (userId, roleId, tenantId) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.adminAssignRole(token, userId, roleId, tenantId);
+    },
+    [api, getAccessToken]
+  );
+  const revokeRole = useCallback10(
+    async (userId, roleId, tenantId) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.adminRevokeRole(token, userId, roleId, tenantId);
+    },
+    [api, getAccessToken]
   );
   return {
-    sessions,
+    roles,
+    selectedRole,
+    roleUsers,
+    userRoleAssignments,
+    permissionDomains,
     loading,
-    fetchSessions,
-    revokeSession
+    listRoles,
+    getRole,
+    getRoleUsers,
+    createRole,
+    updateRole,
+    deleteRole,
+    getPermissions,
+    getUserRoles,
+    assignRole,
+    revokeRole
   };
 }
+
+// src/lib/permissions.ts
+function hasPermission(required, granted) {
+  for (const g of granted) {
+    if (g === "*") return true;
+    if (g === required) return true;
+    if (g.endsWith(":*")) {
+      const gDomain = g.slice(0, -2);
+      const rDomain = required.split(":")[0];
+      if (gDomain === rDomain) return true;
+    }
+  }
+  return false;
+}
+function hasAllPermissions(required, granted) {
+  return required.every((r) => hasPermission(r, granted));
+}
+function hasAnyPermission(required, granted) {
+  return required.some((r) => hasPermission(r, granted));
+}
 export {
+  AccountButton,
+  AccountModal,
+  DeleteAccountModal,
+  ErrorView,
   ForgeConnectApiError,
   ForgeConnectContext,
   ForgeConnectProvider,
+  LinkAuthModal,
   LoginButton,
   LoginModal,
   ModalOverlay,
+  PasskeysModal,
+  TwoFactorModal,
   createApiClient,
+  hasAllPermissions,
+  hasAnyPermission,
+  hasPermission,
+  isOAuthMethod,
+  resolveLoginMethods,
+  useAdmin,
   useForgeConnect,
+  useRoles,
   useSessions,
   useUser,
   useWallets