@hipnation-truth/sdk 0.26.4 → 0.26.7

package/dist/react.d.ts

@@ -591,23 +591,6 @@ interface UsePatientMedicalOptions {
      */
     skipRefresh?: boolean;
 }
-/**
- * Composite hook that returns a patient's medical records — medications,
- * problems, allergies, appointments — from the Convex cache.
- *
- * On mount (and when `elationId` changes) fires a background refresh
- * against Truth's `/api/patients/medical/refresh` endpoint so stale data
- * is pulled in without blocking render. Returns cached data immediately;
- * Convex subscription updates the UI when refresh completes.
- *
- * OFFLINE-READS POLICY: these medical-record queries ARE mirrored offline
- * via `usePersistentQuery`, so medications, problems, allergies and
- * appointments render from the at-rest mirror when the device is offline.
- * Full medical records are the most sensitive PHI we hold, so they are
- * only ever written to the encrypted-at-rest store (256-bit MMKV key held
- * in the device keychain), never to any plaintext storage. Keep them on
- * the encrypted mirror only — do not relax the store's encryption.
- */
 declare function usePatientMedical(elationId: number | undefined, options?: UsePatientMedicalOptions): {
     medications: unknown[] | undefined;
     problems: unknown[] | undefined;
@@ -1262,8 +1245,15 @@ type Environment = (typeof ENVIRONMENTS)[keyof typeof ENVIRONMENTS];
  * your identity provider's Clerk JWT template named "convex"
  * (e.g. `getToken({ template: "convex" })` from `@clerk/expo`), or
  * `null` when no user is signed in.
+ *
+ * Convex invokes this with `{ forceRefreshToken: true }` when the cached
+ * token has expired — forward it to your provider (e.g. Clerk's
+ * `getToken({ template: "convex", skipCache: opts?.forceRefreshToken })`)
+ * so the refresh returns a fresh token rather than a stale cached one.
  */
-type AuthTokenFetcher = () => Promise<string | null | undefined>;
+type AuthTokenFetcher = (opts?: {
+    forceRefreshToken?: boolean;
+}) => Promise<string | null | undefined>;
 /**
  * Configuration for initializing a TruthClient.
  */
@@ -2771,6 +2761,13 @@ interface TruthSdkContextValue {
     apiKey: string;
     environment: string;
     client: TruthClient;
+    /**
+     * Clerk token fetcher (template "convex"), if wired. Hooks that make their
+     * own HTTP calls (e.g. the patient `…/refresh` endpoints) use this to attach
+     * `Authorization: Bearer <jwt>` so they work under a publishable `hn_pk_*`
+     * key, which the API gate accepts only with a verified user JWT.
+     */
+    getAuthToken?: AuthTokenFetcher;
     /** Injected offline mirror (or the Noop default on web / flag off). */
     offlineStore: OfflineStore;
     /** Whether the offline-reads layer is active for this provider. */

package/dist/react.js

@@ -2296,26 +2296,34 @@ function TruthProvider({
   getAuthTokenRef.current = getAuthToken;
   const hasAuthFetcher = Boolean(getAuthToken);
   const stableGetAuthToken = (0, import_react2.useMemo)(
-    () => hasAuthFetcher ? () => __async(null, null, function* () {
+    () => hasAuthFetcher ? (opts) => __async(null, null, function* () {
       var _a2, _b2;
-      return (_b2 = yield (_a2 = getAuthTokenRef.current) == null ? void 0 : _a2.call(getAuthTokenRef)) != null ? _b2 : null;
+      return (_b2 = yield (_a2 = getAuthTokenRef.current) == null ? void 0 : _a2.call(getAuthTokenRef, opts)) != null ? _b2 : null;
     }) : void 0,
     [hasAuthFetcher]
   );
   const [convexAuthed, setConvexAuthed] = (0, import_react2.useState)(false);
   (0, import_react2.useEffect)(() => {
-    if (stableGetAuthToken) {
-      convexClient.setAuth(
-        () => __async(null, null, function* () {
-          var _a2;
-          return (_a2 = yield stableGetAuthToken()) != null ? _a2 : null;
-        }),
-        (isAuthenticated) => setConvexAuthed(isAuthenticated)
-      );
-    } else {
+    if (!stableGetAuthToken) {
       convexClient.clearAuth();
       setConvexAuthed(false);
+      return;
     }
+    const fetchToken = (opts) => __async(null, null, function* () {
+      for (let attempt = 0; attempt < 6; attempt++) {
+        try {
+          const token = yield stableGetAuthToken(opts);
+          if (token) return token;
+        } catch (e) {
+        }
+        yield new Promise((resolve) => setTimeout(resolve, 200 + attempt * 150));
+      }
+      return null;
+    });
+    convexClient.setAuth(
+      fetchToken,
+      (isAuthenticated) => setConvexAuthed(isAuthenticated)
+    );
   }, [convexClient, stableGetAuthToken]);
   const convexQueryClient = (0, import_react2.useMemo)(
     () => new import_react_query.ConvexQueryClient(convexClient),
@@ -2390,6 +2398,7 @@ function TruthProvider({
       client: truthClient,
       offlineStore,
       offlineEnabled,
+      getAuthToken: stableGetAuthToken,
       authGated: hasAuthFetcher,
       authReady: convexAuthed
     }),
@@ -2400,6 +2409,7 @@ function TruthProvider({
       truthClient,
       offlineStore,
       offlineEnabled,
+      stableGetAuthToken,
       hasAuthFetcher,
       convexAuthed
     ]
@@ -2739,11 +2749,33 @@ var medicationsByPatientRef = (0, import_server5.makeFunctionReference)("medical
 var problemsByPatientRef = (0, import_server5.makeFunctionReference)("medicalRecords:getProblemsByElationPatient");
 var allergiesByPatientRef = (0, import_server5.makeFunctionReference)("medicalRecords:getAllergiesByElationPatient");
 var appointmentsByPatientRef = (0, import_server5.makeFunctionReference)("medicalRecords:getAppointmentsByElationPatient");
+function postPatientRefresh(url, apiKey, getAuthToken, body, signal) {
+  return __async(this, null, function* () {
+    const headers = {
+      "Content-Type": "application/json",
+      "X-API-Key": apiKey
+    };
+    try {
+      const token = yield getAuthToken == null ? void 0 : getAuthToken();
+      if (token) {
+        headers.Authorization = `Bearer ${token}`;
+      }
+    } catch (e) {
+    }
+    yield fetch(url, {
+      method: "POST",
+      headers,
+      body: JSON.stringify(body),
+      signal
+    });
+  });
+}
 function usePatientMedical(elationId, options) {
   var _a, _b;
   const sdkContext = useTruthSdkContext();
   const apiBaseUrl = (_a = options == null ? void 0 : options.apiBaseUrl) != null ? _a : sdkContext == null ? void 0 : sdkContext.apiBaseUrl;
   const apiKey = (_b = options == null ? void 0 : options.apiKey) != null ? _b : sdkContext == null ? void 0 : sdkContext.apiKey;
+  const getAuthToken = sdkContext == null ? void 0 : sdkContext.getAuthToken;
   const medications = usePersistentQuery(
     medicationsByPatientRef,
     elationId !== void 0 ? { elationPatientId: elationId } : "skip"
@@ -2768,18 +2800,16 @@ function usePatientMedical(elationId, options) {
       return;
     }
     const controller = new AbortController();
-    void fetch(`${apiBaseUrl}/api/patients/medical/refresh`, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        "X-API-Key": apiKey
-      },
-      body: JSON.stringify({ elationId }),
-      signal: controller.signal
-    }).catch(() => {
+    void postPatientRefresh(
+      `${apiBaseUrl}/api/patients/medical/refresh`,
+      apiKey,
+      getAuthToken,
+      { elationId },
+      controller.signal
+    ).catch(() => {
     });
     return () => controller.abort();
-  }, [elationId, apiBaseUrl, apiKey, options == null ? void 0 : options.skipRefresh]);
+  }, [elationId, apiBaseUrl, apiKey, getAuthToken, options == null ? void 0 : options.skipRefresh]);
   return { medications, problems, allergies, appointments };
 }
 var elationPatientByIdRef = (0, import_server5.makeFunctionReference)("elationPatients:getByElationId");
@@ -2791,6 +2821,7 @@ function usePatientBasic(input, options) {
   const sdkContext = useTruthSdkContext();
   const apiBaseUrl = (_a = options == null ? void 0 : options.apiBaseUrl) != null ? _a : sdkContext == null ? void 0 : sdkContext.apiBaseUrl;
   const apiKey = (_b = options == null ? void 0 : options.apiKey) != null ? _b : sdkContext == null ? void 0 : sdkContext.apiKey;
+  const getAuthToken = sdkContext == null ? void 0 : sdkContext.getAuthToken;
   const elationRow = usePersistentQuery(
     elationPatientByIdRef,
     input.elationId !== void 0 ? { elationId: input.elationId } : "skip"
@@ -2810,21 +2841,23 @@ function usePatientBasic(input, options) {
       return;
     }
     const controller = new AbortController();
-    void fetch(`${apiBaseUrl}/api/patients/basic/refresh`, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        "X-API-Key": apiKey
-      },
-      body: JSON.stringify({
-        hintId: input.hintId,
-        elationId: input.elationId
-      }),
-      signal: controller.signal
-    }).catch(() => {
+    void postPatientRefresh(
+      `${apiBaseUrl}/api/patients/basic/refresh`,
+      apiKey,
+      getAuthToken,
+      { hintId: input.hintId, elationId: input.elationId },
+      controller.signal
+    ).catch(() => {
     });
     return () => controller.abort();
-  }, [input.hintId, input.elationId, apiBaseUrl, apiKey, options == null ? void 0 : options.skipRefresh]);
+  }, [
+    input.hintId,
+    input.elationId,
+    apiBaseUrl,
+    apiKey,
+    getAuthToken,
+    options == null ? void 0 : options.skipRefresh
+  ]);
   const elationPatient = elationRow === void 0 ? void 0 : elationRow === null ? null : (_c = elationRow.raw) != null ? _c : null;
   const hintPatient = hintRow === void 0 ? void 0 : hintRow === null ? null : (_d = hintRow.raw) != null ? _d : null;
   const elationLoading = input.elationId !== void 0 && elationRow === void 0;
@@ -2848,6 +2881,7 @@ function usePatientPhoto(elationId, options) {
   const sdkContext = useTruthSdkContext();
   const apiBaseUrl = (_a = options == null ? void 0 : options.apiBaseUrl) != null ? _a : sdkContext == null ? void 0 : sdkContext.apiBaseUrl;
   const apiKey = (_b = options == null ? void 0 : options.apiKey) != null ? _b : sdkContext == null ? void 0 : sdkContext.apiKey;
+  const getAuthToken = sdkContext == null ? void 0 : sdkContext.getAuthToken;
   const photo = usePersistentQuery(
     patientPhotoByIdRef,
     elationId !== void 0 ? { elationPatientId: elationId } : "skip"
@@ -2863,18 +2897,16 @@ function usePatientPhoto(elationId, options) {
       return;
     }
     const controller = new AbortController();
-    void fetch(`${apiBaseUrl}/api/patients/photo/refresh`, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        "X-API-Key": apiKey
-      },
-      body: JSON.stringify({ elationId }),
-      signal: controller.signal
-    }).catch(() => {
+    void postPatientRefresh(
+      `${apiBaseUrl}/api/patients/photo/refresh`,
+      apiKey,
+      getAuthToken,
+      { elationId },
+      controller.signal
+    ).catch(() => {
     });
     return () => controller.abort();
-  }, [elationId, apiBaseUrl, apiKey, options == null ? void 0 : options.skipRefresh]);
+  }, [elationId, apiBaseUrl, apiKey, getAuthToken, options == null ? void 0 : options.skipRefresh]);
   return photo;
 }
 var messagesByPhonesRef = (0, import_server5.makeFunctionReference)("conversationMessages:getByPhones");