@howone/sdk 0.1.0 → 0.1.2

package/dist/index.js

@@ -5,6 +5,9 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
@@ -27,10 +30,224 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
 ));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
+// src/auth/index.ts
+var auth_exports = {};
+__export(auth_exports, {
+  AUTH_TOKEN_KEY: () => AUTH_TOKEN_KEY,
+  getToken: () => getToken,
+  isTokenValid: () => isTokenValid,
+  onAuthStateChanged: () => onAuthStateChanged,
+  parseUserFromToken: () => parseUserFromToken,
+  setToken: () => setToken,
+  useAuth: () => useAuth
+});
+function setCookie(name, value, days = 30) {
+  try {
+    if (typeof document === "undefined") return;
+    if (!value) {
+      document.cookie = `${name}=; Max-Age=0; path=/; SameSite=Lax`;
+      return;
+    }
+    const expires = new Date(Date.now() + days * 24 * 60 * 60 * 1e3).toUTCString();
+    document.cookie = `${name}=${encodeURIComponent(value)}; Expires=${expires}; Path=/; SameSite=Lax`;
+  } catch (e) {
+    void e;
+  }
+}
+function getCookie(name) {
+  try {
+    if (typeof document === "undefined") return null;
+    const match = document.cookie.match(new RegExp("(?:^|; )" + name.replace(/([.$?*|{}()\[\]\\/+^])/g, "\\$1") + "=([^;]*)"));
+    return match ? decodeURIComponent(match[1]) : null;
+  } catch (e) {
+    return null;
+  }
+}
+function setToken(token) {
+  try {
+    setCookie(AUTH_TOKEN_KEY, token, 30);
+  } catch (e) {
+    void e;
+  }
+  if (!token) {
+    try {
+      notifyAuthStateChanged();
+    } catch {
+    }
+    return;
+  }
+  try {
+    notifyAuthStateChanged();
+  } catch {
+  }
+}
+function getToken() {
+  try {
+    const cookie = getCookie(AUTH_TOKEN_KEY);
+    if (cookie) return cookie;
+  } catch (e) {
+    void e;
+  }
+  return null;
+}
+function decodeJwtPayload(token) {
+  try {
+    const payload = token.split(".")[1];
+    if (!payload) return null;
+    let base64 = payload.replace(/-/g, "+").replace(/_/g, "/");
+    const pad = base64.length % 4;
+    if (pad === 2) base64 += "==";
+    else if (pad === 3) base64 += "=";
+    else if (pad !== 0) return null;
+    const json = atob(base64);
+    return JSON.parse(json);
+  } catch {
+    return null;
+  }
+}
+function parseUserFromToken(token) {
+  if (!token) return null;
+  const payload = decodeJwtPayload(token);
+  if (!payload) return null;
+  return {
+    id: payload.userId || payload.sub || "",
+    email: payload.email || "",
+    name: payload.name || "",
+    avatar: payload.avatar || payload.picture || ""
+  };
+}
+function isTokenValid(token) {
+  if (!token) return false;
+  const payload = decodeJwtPayload(token);
+  if (!payload) return false;
+  const now = Math.floor(Date.now() / 1e3);
+  const expCandidate = payload.exp ?? payload.expires_at;
+  const exp = Number(expCandidate);
+  if (!exp || !Number.isFinite(exp)) return true;
+  return exp > now;
+}
+function useAuth() {
+  const [token, setTokenState] = (0, import_react.useState)(() => getToken());
+  const [user, setUser] = (0, import_react.useState)(() => parseUserFromToken(getToken()));
+  (0, import_react.useEffect)(() => {
+    const onStorage = () => {
+      const t = getToken();
+      setTokenState(t);
+      setUser(parseUserFromToken(t));
+    };
+    window.addEventListener("storage", onStorage);
+    const unsubscribe = onAuthStateChanged(() => {
+      setTokenState(getToken());
+      setUser(parseUserFromToken(getToken()));
+    });
+    return () => {
+      window.removeEventListener("storage", onStorage);
+      unsubscribe();
+    };
+  }, []);
+  const logout = () => {
+    setToken(null);
+    setTokenState(null);
+    setUser(null);
+    notifyAuthStateChanged();
+  };
+  return {
+    token,
+    user,
+    isAuthenticated: !!token && isTokenValid(token),
+    logout
+  };
+}
+function onAuthStateChanged(cb) {
+  try {
+    const current = { user: parseUserFromToken(getToken()), isLoading: false };
+    cb(current);
+  } catch {
+  }
+  authSubscribers.add(cb);
+  return () => {
+    authSubscribers.delete(cb);
+  };
+}
+function notifyAuthStateChanged() {
+  const state = { user: parseUserFromToken(getToken()), isLoading: false };
+  for (const cb of Array.from(authSubscribers)) {
+    try {
+      cb(state);
+    } catch {
+    }
+  }
+}
+var import_react, AUTH_TOKEN_KEY, authSubscribers;
+var init_auth = __esm({
+  "src/auth/index.ts"() {
+    "use strict";
+    import_react = require("react");
+    AUTH_TOKEN_KEY = "auth_token";
+    authSubscribers = /* @__PURE__ */ new Set();
+  }
+});
+
+// src/config.ts
+var config_exports = {};
+__export(config_exports, {
+  AUTH_ROOT: () => AUTH_ROOT,
+  default: () => config_default,
+  getAuthRoot: () => getAuthRoot,
+  getDefaultProjectId: () => getDefaultProjectId,
+  setAuthRoot: () => setAuthRoot,
+  setDefaultProjectId: () => setDefaultProjectId
+});
+function setAuthRoot(url) {
+  AUTH_ROOT_VALUE = url.replace(/\/+$/g, "");
+}
+function getAuthRoot() {
+  return AUTH_ROOT_VALUE;
+}
+function setDefaultProjectId(id) {
+  DEFAULT_PROJECT_ID = id;
+}
+function getDefaultProjectId() {
+  try {
+    if (DEFAULT_PROJECT_ID) return DEFAULT_PROJECT_ID;
+    const g = globalThis.__HOWONE_PROJECT_ID__;
+    if (typeof g === "string" && g.length > 0) return String(g);
+    return null;
+  } catch {
+    return DEFAULT_PROJECT_ID;
+  }
+}
+var AUTH_ROOT_VALUE, DEFAULT_PROJECT_ID, AUTH_ROOT, config_default;
+var init_config = __esm({
+  "src/config.ts"() {
+    "use strict";
+    AUTH_ROOT_VALUE = "http://localhost:3000";
+    DEFAULT_PROJECT_ID = null;
+    AUTH_ROOT = getAuthRoot();
+    try {
+      const g = globalThis.__HOWONE_AUTH_ROOT__;
+      if (typeof g === "string" && g.length > 0) {
+        setAuthRoot(g);
+      }
+    } catch {
+    }
+    config_default = {
+      getAuthRoot,
+      setAuthRoot,
+      AUTH_ROOT: () => AUTH_ROOT_VALUE
+    };
+  }
+});
+
 // src/index.ts
 var index_exports = {};
 __export(index_exports, {
+  AUTH_ROOT: () => AUTH_ROOT,
+  AUTH_TOKEN_KEY: () => AUTH_TOKEN_KEY,
   AuthGuard: () => AuthGuard,
+  AuthProvider: () => AuthProvider,
+  AuthRedirector: () => AuthRedirector,
+  AuthRedirectorDefault: () => AuthRedirector_default,
   DefaultErrorFallback: () => DefaultErrorFallback,
   ErrorBoundary: () => ErrorBoundary,
   FloatingButton: () => FloatingButton,
@@ -44,13 +261,25 @@ __export(index_exports, {
   createAIWorkflowClientAxios: () => createAIWorkflowClientAxios,
   createArtifactsClient: () => createArtifactsClient,
   createClient: () => createClient,
+  getAuthRoot: () => getAuthRoot,
   getCodeStatus: () => getCodeStatus,
+  getDefaultProjectId: () => getDefaultProjectId,
+  getToken: () => getToken,
+  howone: () => client_default,
   injectEarlyErrorHandler: () => injectEarlyErrorHandler,
+  isTokenValid: () => isTokenValid,
   loginWithEmailCode: () => loginWithEmailCode,
+  onAuthStateChanged: () => onAuthStateChanged,
+  parseUserFromToken: () => parseUserFromToken,
   request: () => request,
   sendEmailVerificationCode: () => sendEmailVerificationCode,
+  setAuthRoot: () => setAuthRoot,
+  setDefaultProjectId: () => setDefaultProjectId,
+  setToken: () => setToken,
   unifiedAuth: () => unifiedAuth,
   unifiedOAuth: () => unifiedOAuth,
+  useAuth: () => useAuth,
+  useAuthContext: () => useAuthContext,
   useDebounce: () => useDebounce,
   useIsMobile: () => useIsMobile,
   useLocalStorage: () => useLocalStorage,
@@ -342,9 +571,21 @@ var UnifiedAuthService = class {
   checkOAuthCallback() {
     const urlParams = new URLSearchParams(window.location.search);
     const token = urlParams.get("token");
+    const accessTokenQuery = urlParams.get("access_token");
     const error = urlParams.get("error");
     const userParam = urlParams.get("user");
-    if (token) {
+    let hashToken = null;
+    try {
+      if (window.location.hash && window.location.hash.length > 1) {
+        const hash = window.location.hash.slice(1);
+        const hashParams = new URLSearchParams(hash);
+        hashToken = hashParams.get("access_token") || hashParams.get("token") || null;
+      }
+    } catch {
+      hashToken = null;
+    }
+    const finalToken = accessTokenQuery || token || hashToken;
+    if (finalToken) {
       let user = null;
       if (userParam) {
         try {
@@ -352,9 +593,20 @@ var UnifiedAuthService = class {
         } catch (e) {
         }
       }
-      this.saveAuthData(token, user);
-      window.history.replaceState({}, document.title, window.location.pathname);
-      return { success: true, token, user };
+      this.saveAuthData(finalToken);
+      try {
+        const u = new URL(window.location.href);
+        u.searchParams.delete("token");
+        u.searchParams.delete("access_token");
+        u.hash = "";
+        window.history.replaceState({}, document.title, u.toString());
+      } catch (e) {
+        try {
+          window.history.replaceState({}, document.title, window.location.pathname);
+        } catch {
+        }
+      }
+      return { success: true, token: finalToken, user };
     }
     if (error) {
       window.history.replaceState({}, document.title, window.location.pathname);
@@ -395,18 +647,15 @@ var UnifiedAuthService = class {
   */
   getSavedAuthData() {
     try {
-      const token = localStorage.getItem("auth_token");
-      if (!token) return null;
-      let user = null;
-      const userJson = localStorage.getItem("auth_user");
-      if (userJson) {
-        try {
-          user = JSON.parse(userJson);
-        } catch (e) {
-          console.error("Failed to parse saved user data:", e);
-        }
+      let token = null;
+      try {
+        const { getToken: getToken2 } = (init_auth(), __toCommonJS(auth_exports));
+        if (getToken2) token = getToken2();
+      } catch {
+        token = null;
       }
-      return { token, user };
+      if (!token) return null;
+      return { token };
     } catch (e) {
       console.error("Failed to get auth data from localStorage:", e);
       return null;
@@ -415,10 +664,13 @@ var UnifiedAuthService = class {
   /**
   * 保存认证数据到本地存储
   */
-  saveAuthData(token, user) {
+  saveAuthData(token) {
     try {
-      localStorage.setItem("auth_token", token);
-      localStorage.setItem("auth_user", JSON.stringify(user || {}));
+      try {
+        const { setToken: setToken2 } = (init_auth(), __toCommonJS(auth_exports));
+        if (setToken2) setToken2(token);
+      } catch {
+      }
     } catch (e) {
       console.error("Failed to save auth data to localStorage:", e);
     }
@@ -691,6 +943,9 @@ function createArtifactsClient(req) {
 }
 
 // src/services/index.ts
+init_auth();
+init_config();
+init_config();
 var request = new request_default({
   baseURL: "https://create-x-backend.fly.dev/api",
   timeout: 6e4,
@@ -734,6 +989,12 @@ function createClient(opts) {
   const biz = opts?.requestInstance || request;
   const ai = opts?.aiRequestInstance || aiRequest;
   let token = null;
+  try {
+    if (opts?.projectId) {
+      setDefaultProjectId(String(opts.projectId));
+    }
+  } catch {
+  }
   function applyToken(t) {
     try {
       try {
@@ -813,6 +1074,8 @@ function createClient(opts) {
   } catch (_e) {
   }
   return {
+    // expose projectId so consumers can read it from the client instance
+    projectId: opts?.projectId ?? null,
     request: biz,
     aiRequest: ai,
     workflowRequest: ai,
@@ -828,11 +1091,19 @@ function createClient(opts) {
       isAuthenticated: () => Boolean(token),
       // minimal login/logout stubs - consumers can override behavior
       login: (redirect) => {
-        if (opts?.authRequired) {
-          if (typeof window !== "undefined") {
-            const loc = redirect || window.location.href;
-            window.location.href = `/login?redirect=${encodeURIComponent(loc)}`;
-          }
+        if (typeof window === "undefined") return;
+        const loc = redirect || window.location.href;
+        try {
+          const root = getAuthRoot() || "http://localhost:3000";
+          const authUrl = new URL("/auth", String(root));
+          authUrl.searchParams.set("redirect_uri", String(loc));
+          if (opts?.projectId) authUrl.searchParams.set("project_id", String(opts.projectId));
+          window.location.href = authUrl.toString();
+        } catch {
+          const encoded = encodeURIComponent(String(loc));
+          const pid = opts?.projectId ? `&project_id=${encodeURIComponent(String(opts.projectId))}` : "";
+          const root = "http://localhost:3000";
+          window.location.href = `${root}/auth?redirect_uri=${encoded}${pid}`;
         }
       },
       logout: () => {
@@ -844,8 +1115,8 @@ function createClient(opts) {
 }
 
 // src/components/auth/LoginForm.tsx
-var import_react = require("react");
-var import_react2 = require("@iconify/react");
+var import_react2 = require("react");
+var import_react3 = require("@iconify/react");
 var import_lucide_react = require("lucide-react");
 var import_jsx_runtime2 = require("react/jsx-runtime");
 var LoginForm = ({
@@ -853,12 +1124,12 @@ var LoginForm = ({
   appName = "AI Application Platform",
   className = ""
 }) => {
-  const [email, setEmail] = (0, import_react.useState)("");
-  const [code, setCode] = (0, import_react.useState)("");
-  const [validationErrors, setValidationErrors] = (0, import_react.useState)({});
-  const [isAnyLoading, setIsAnyLoading] = (0, import_react.useState)(false);
-  const [codeSent, setCodeSent] = (0, import_react.useState)(false);
-  const [loginError, setLoginError] = (0, import_react.useState)(null);
+  const [email, setEmail] = (0, import_react2.useState)("");
+  const [code, setCode] = (0, import_react2.useState)("");
+  const [validationErrors, setValidationErrors] = (0, import_react2.useState)({});
+  const [isAnyLoading, setIsAnyLoading] = (0, import_react2.useState)(false);
+  const [codeSent, setCodeSent] = (0, import_react2.useState)(false);
+  const [loginError, setLoginError] = (0, import_react2.useState)(null);
   const googleLogin = async () => {
     console.log("Google login clicked");
   };
@@ -877,7 +1148,7 @@ var LoginForm = ({
     setLoginError(null);
     setValidationErrors({});
   };
-  (0, import_react.useEffect)(() => {
+  (0, import_react2.useEffect)(() => {
     if (loginError) {
       try {
         const errorObj = JSON.parse(loginError);
@@ -999,7 +1270,7 @@ var LoginForm = ({
         validationErrors.code && /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("p", { className: "text-red-600 text-sm", children: validationErrors.code })
       ] }),
       validationErrors.form && /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { className: "text-red-600 text-sm p-3 bg-red-50 rounded-md border border-red-200", children: /* @__PURE__ */ (0, import_jsx_runtime2.jsxs)("div", { className: "flex items-center", children: [
-        /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_react2.Icon, { icon: "material-symbols:error", className: "text-red-600 mr-2" }),
+        /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_react3.Icon, { icon: "material-symbols:error", className: "text-red-600 mr-2" }),
         /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("span", { children: validationErrors.form })
       ] }) }),
       /* @__PURE__ */ (0, import_jsx_runtime2.jsxs)(
@@ -1033,7 +1304,7 @@ var LoginForm = ({
           },
           disabled: isAnyLoading,
           children: [
-            isAnyLoading ? /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_lucide_react.Loader2, { className: "mr-2 h-4 w-4 animate-spin" }) : /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_react2.Icon, { icon: "flat-color-icons:google", className: "w-6 h-6 mr-2" }),
+            isAnyLoading ? /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_lucide_react.Loader2, { className: "mr-2 h-4 w-4 animate-spin" }) : /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_react3.Icon, { icon: "flat-color-icons:google", className: "w-6 h-6 mr-2" }),
             isAnyLoading ? "Connecting..." : "Log in with Google"
           ]
         }
@@ -1050,7 +1321,7 @@ var LoginForm = ({
           },
           disabled: isAnyLoading,
           children: [
-            isAnyLoading ? /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_lucide_react.Loader2, { className: "mr-2 h-4 w-4 animate-spin" }) : /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_react2.Icon, { icon: "mdi:github", className: "w-6 h-6 mr-2" }),
+            isAnyLoading ? /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_lucide_react.Loader2, { className: "mr-2 h-4 w-4 animate-spin" }) : /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(import_react3.Icon, { icon: "mdi:github", className: "w-6 h-6 mr-2" }),
             isAnyLoading ? "Connecting..." : "Log in with GitHub"
           ]
         }
@@ -1061,6 +1332,8 @@ var LoginForm = ({
 
 // src/components/auth/AuthGuard.tsx
 var import_react_router_dom = require("react-router-dom");
+init_auth();
+init_config();
 var import_jsx_runtime3 = require("react/jsx-runtime");
 var AuthGuard = ({
   children,
@@ -1070,8 +1343,8 @@ var AuthGuard = ({
   roles = [],
   permissions = []
 }) => {
-  const isAuthenticated = false;
-  const user = null;
+  const { user: parsedUser, isAuthenticated } = useAuth();
+  const user = parsedUser;
   const isLoading = false;
   const location = (0, import_react_router_dom.useLocation)();
   if (isLoading) {
@@ -1081,6 +1354,47 @@ var AuthGuard = ({
     return /* @__PURE__ */ (0, import_jsx_runtime3.jsx)("div", { className: "min-h-screen flex items-center justify-center", children: /* @__PURE__ */ (0, import_jsx_runtime3.jsx)("div", { className: "animate-spin rounded-full h-12 w-12 border-b-2 border-blue-600" }) });
   }
   if (requireAuth && !isAuthenticated) {
+    try {
+      const urlParams = new URLSearchParams(window.location.search);
+      const tokenInUrl = urlParams.get("token") || urlParams.get("access_token");
+      let tokenInHash = null;
+      try {
+        if (window.location.hash && window.location.hash.length > 1) {
+          const hashParams = new URLSearchParams(window.location.hash.slice(1));
+          tokenInHash = hashParams.get("access_token") || hashParams.get("token");
+        }
+      } catch {
+        tokenInHash = null;
+      }
+      const localToken = getToken();
+      if (tokenInUrl || tokenInHash) {
+        try {
+          const res = unifiedAuth.checkOAuthCallback();
+          if (res && res.success) {
+            return null;
+          }
+        } catch {
+        }
+      }
+      if (localToken) {
+        return null;
+      }
+    } catch (e) {
+      void e;
+    }
+    if (redirectTo === "/login") {
+      const root = getAuthRoot() || "http://localhost:3000";
+      try {
+        const authUrl = new URL("/auth", String(root));
+        authUrl.searchParams.set("redirect_uri", window.location.href);
+        const pid = getDefaultProjectId();
+        if (pid) authUrl.searchParams.set("project_id", pid);
+        window.location.replace(authUrl.toString());
+      } catch {
+        window.location.replace(root);
+      }
+      return null;
+    }
     return /* @__PURE__ */ (0, import_jsx_runtime3.jsx)(import_react_router_dom.Navigate, { to: redirectTo, state: { from: location }, replace: true });
   }
   if (roles.length > 0 && user !== null) {
@@ -1116,8 +1430,207 @@ var AuthGuard = ({
   return /* @__PURE__ */ (0, import_jsx_runtime3.jsx)(import_jsx_runtime3.Fragment, { children });
 };
 
-// src/components/ui/Loading.tsx
+// src/components/auth/AuthRedirector.tsx
+var import_react4 = require("react");
+init_auth();
+init_config();
 var import_jsx_runtime4 = require("react/jsx-runtime");
+var AuthRedirector = ({ fallback }) => {
+  (0, import_react4.useEffect)(() => {
+    try {
+      const cb = unifiedAuth.checkOAuthCallback();
+      if (cb && cb.success) return;
+      const unsubscribe = onAuthStateChanged((state) => {
+        if (!state.user) {
+          try {
+            const root = getAuthRoot() || "http://localhost:3000";
+            const authUrl = new URL("/auth", String(root));
+            authUrl.searchParams.set("redirect_uri", window.location.href);
+            const pid = getDefaultProjectId && getDefaultProjectId();
+            if (pid) authUrl.searchParams.set("project_id", pid);
+            window.location.replace(authUrl.toString());
+          } catch {
+          }
+        }
+      });
+      return () => {
+        try {
+          unsubscribe();
+        } catch {
+        }
+      };
+    } catch {
+    }
+  }, []);
+  return /* @__PURE__ */ (0, import_jsx_runtime4.jsx)("div", { className: "min-h-screen flex items-center justify-center bg-white", children: fallback ?? /* @__PURE__ */ (0, import_jsx_runtime4.jsx)("div", { className: "text-center", children: /* @__PURE__ */ (0, import_jsx_runtime4.jsx)("h2", { className: "text-lg font-semibold", children: "Redirecting to authentication..." }) }) });
+};
+var AuthRedirector_default = AuthRedirector;
+
+// src/components/auth/AuthProvider.tsx
+var import_react5 = require("react");
+init_auth();
+init_config();
+var import_jsx_runtime5 = require("react/jsx-runtime");
+var AuthContext = (0, import_react5.createContext)(null);
+var AuthProvider = ({ children, autoRedirect = true, showFloatingButton = true, projectId }) => {
+  const [user, setUser] = (0, import_react5.useState)(() => parseUserFromToken(getToken()));
+  const [token, setTokenState] = (0, import_react5.useState)(() => getToken());
+  const [isLoading, setIsLoading] = (0, import_react5.useState)(false);
+  (0, import_react5.useEffect)(() => {
+    try {
+      if (projectId) setDefaultProjectId(String(projectId));
+    } catch {
+    }
+    setIsLoading(true);
+    try {
+      const cb = unifiedAuth.checkOAuthCallback();
+      if (cb && cb.success) {
+        setTokenState(cb.token ?? getToken());
+        setUser(cb.user ?? parseUserFromToken(cb.token ?? getToken()));
+        setIsLoading(false);
+        return;
+      }
+    } catch {
+    }
+    const unsubscribe = onAuthStateChanged((state) => {
+      try {
+        setTokenState(getToken());
+        setUser(state.user ?? parseUserFromToken(getToken()));
+      } catch {
+      }
+      setIsLoading(false);
+      if (autoRedirect && !state.user) {
+        try {
+          const root = getAuthRoot() || "http://localhost:3000";
+          const authUrl = new URL("/auth", String(root));
+          authUrl.searchParams.set("redirect_uri", window.location.href);
+          const pid = getDefaultProjectId();
+          if (pid) authUrl.searchParams.set("project_id", pid);
+          window.location.replace(authUrl.toString());
+        } catch {
+        }
+      }
+    });
+    return () => {
+      try {
+        unsubscribe();
+      } catch {
+      }
+    };
+  }, [autoRedirect]);
+  const logout = () => {
+    try {
+      setToken(null);
+    } catch {
+    }
+    setTokenState(null);
+    setUser(null);
+  };
+  const value = {
+    user,
+    token,
+    isAuthenticated: !!token,
+    isLoading,
+    logout
+  };
+  return /* @__PURE__ */ (0, import_jsx_runtime5.jsxs)(AuthContext.Provider, { value, children: [
+    children,
+    showFloatingButton && /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(FloatingButton, { onClick: () => window.open("https://howone.ai", "_blank") })
+  ] });
+};
+function useAuthContext() {
+  const ctx = (0, import_react5.useContext)(AuthContext);
+  if (!ctx) {
+    const t = getToken();
+    return {
+      user: parseUserFromToken(t),
+      token: t,
+      isAuthenticated: !!t,
+      isLoading: false,
+      logout: () => {
+        try {
+          setToken(null);
+        } catch {
+        }
+      }
+    };
+  }
+  return ctx;
+}
+
+// src/components/index.ts
+init_auth();
+
+// src/howone/client.ts
+init_auth();
+init_config();
+var HowoneAuthClient = class {
+  constructor() {
+    this.listeners = /* @__PURE__ */ new Set();
+    this.loading = false;
+  }
+  emit() {
+    const state = {
+      user: parseUserFromToken(getToken()),
+      isLoading: this.loading
+    };
+    for (const l of this.listeners) {
+      try {
+        l(state);
+      } catch (e) {
+        void e;
+      }
+    }
+  }
+  onAuthStateChanged(listener) {
+    this.listeners.add(listener);
+    try {
+      listener({ user: parseUserFromToken(getToken()), isLoading: this.loading });
+    } catch (e) {
+      void e;
+    }
+    return () => {
+      this.listeners.delete(listener);
+    };
+  }
+  // Simple redirect-based login trigger (consumer can override)
+  login() {
+    const root = getAuthRoot() || "http://localhost:3000";
+    try {
+      const loc = window.location.href;
+      const authUrl = new URL("/auth", String(root));
+      authUrl.searchParams.set("redirect_uri", String(loc));
+      try {
+        const cfg = (init_config(), __toCommonJS(config_exports));
+        const pid = cfg.getDefaultProjectId && cfg.getDefaultProjectId();
+        if (pid) authUrl.searchParams.set("project_id", String(pid));
+      } catch {
+      }
+      window.location.replace(authUrl.toString());
+    } catch {
+      window.location.replace(String(root));
+    }
+  }
+  logout() {
+    setToken(null);
+    this.emit();
+  }
+  getUser() {
+    return parseUserFromToken(getToken());
+  }
+  // helper to programmatically set token (e.g., after callback handling)
+  setToken(token) {
+    setToken(token);
+    this.emit();
+  }
+};
+var howone = {
+  auth: new HowoneAuthClient()
+};
+var client_default = howone;
+
+// src/components/ui/Loading.tsx
+var import_jsx_runtime6 = require("react/jsx-runtime");
 var Loading = ({
   size = "md",
   text = "Loading...",
@@ -1130,14 +1643,14 @@ var Loading = ({
     lg: "h-12 w-12"
   };
   const containerClasses = fullScreen ? "fixed inset-0 flex items-center justify-center bg-white/80 backdrop-blur-sm z-50" : "flex items-center justify-center p-4";
-  return /* @__PURE__ */ (0, import_jsx_runtime4.jsx)("div", { className: `${containerClasses} ${className}`, children: /* @__PURE__ */ (0, import_jsx_runtime4.jsxs)("div", { className: "text-center", children: [
-    /* @__PURE__ */ (0, import_jsx_runtime4.jsx)(
+  return /* @__PURE__ */ (0, import_jsx_runtime6.jsx)("div", { className: `${containerClasses} ${className}`, children: /* @__PURE__ */ (0, import_jsx_runtime6.jsxs)("div", { className: "text-center", children: [
+    /* @__PURE__ */ (0, import_jsx_runtime6.jsx)(
       "div",
       {
         className: `animate-spin rounded-full border-2 border-gray-300 border-t-blue-600 mx-auto ${sizeClasses[size]}`
       }
     ),
-    text && /* @__PURE__ */ (0, import_jsx_runtime4.jsx)("p", { className: "mt-2 text-sm text-gray-600", children: text })
+    text && /* @__PURE__ */ (0, import_jsx_runtime6.jsx)("p", { className: "mt-2 text-sm text-gray-600", children: text })
   ] }) });
 };
 var LoadingSpinner = ({
@@ -1149,7 +1662,7 @@ var LoadingSpinner = ({
     md: "h-8 w-8",
     lg: "h-12 w-12"
   };
-  return /* @__PURE__ */ (0, import_jsx_runtime4.jsx)(
+  return /* @__PURE__ */ (0, import_jsx_runtime6.jsx)(
     "div",
     {
       className: `animate-spin rounded-full border-2 border-gray-300 border-t-blue-600 ${sizeClasses[size]} ${className}`
@@ -1158,9 +1671,9 @@ var LoadingSpinner = ({
 };
 
 // src/components/ui/ErrorBoundary.tsx
-var import_react3 = require("react");
-var import_jsx_runtime5 = require("react/jsx-runtime");
-var ErrorBoundary = class extends import_react3.Component {
+var import_react6 = require("react");
+var import_jsx_runtime7 = require("react/jsx-runtime");
+var ErrorBoundary = class extends import_react6.Component {
   constructor(props) {
     super(props);
     this.handleRetry = () => {
@@ -1182,13 +1695,13 @@ var ErrorBoundary = class extends import_react3.Component {
     if (this.state.hasError) {
       if (this.props.fallback) {
         const FallbackComponent = this.props.fallback;
-        return /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(FallbackComponent, { error: this.state.error, retry: this.handleRetry });
+        return /* @__PURE__ */ (0, import_jsx_runtime7.jsx)(FallbackComponent, { error: this.state.error, retry: this.handleRetry });
       }
-      return /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("div", { className: "min-h-[400px] flex items-center justify-center p-4", children: /* @__PURE__ */ (0, import_jsx_runtime5.jsxs)("div", { className: "text-center max-w-md", children: [
-        /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("div", { className: "text-red-500 text-6xl mb-4", children: "\u26A0\uFE0F" }),
-        /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("h2", { className: "text-xl font-semibold text-gray-900 mb-2", children: "Something went wrong" }),
-        /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("p", { className: "text-gray-600 mb-4", children: "An unexpected error occurred. Please try refreshing the page." }),
-        /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(
+      return /* @__PURE__ */ (0, import_jsx_runtime7.jsx)("div", { className: "min-h-[400px] flex items-center justify-center p-4", children: /* @__PURE__ */ (0, import_jsx_runtime7.jsxs)("div", { className: "text-center max-w-md", children: [
+        /* @__PURE__ */ (0, import_jsx_runtime7.jsx)("div", { className: "text-red-500 text-6xl mb-4", children: "\u26A0\uFE0F" }),
+        /* @__PURE__ */ (0, import_jsx_runtime7.jsx)("h2", { className: "text-xl font-semibold text-gray-900 mb-2", children: "Something went wrong" }),
+        /* @__PURE__ */ (0, import_jsx_runtime7.jsx)("p", { className: "text-gray-600 mb-4", children: "An unexpected error occurred. Please try refreshing the page." }),
+        /* @__PURE__ */ (0, import_jsx_runtime7.jsx)(
           "button",
           {
             onClick: this.handleRetry,
@@ -1202,10 +1715,10 @@ var ErrorBoundary = class extends import_react3.Component {
     return this.props.children;
   }
 };
-var DefaultErrorFallback = ({ retry }) => /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("div", { className: "min-h-[200px] flex items-center justify-center p-4", children: /* @__PURE__ */ (0, import_jsx_runtime5.jsxs)("div", { className: "text-center", children: [
-  /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("div", { className: "text-red-500 text-4xl mb-2", children: "\u26A0\uFE0F" }),
-  /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("p", { className: "text-gray-600 mb-2", children: "Something went wrong" }),
-  retry && /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(
+var DefaultErrorFallback = ({ retry }) => /* @__PURE__ */ (0, import_jsx_runtime7.jsx)("div", { className: "min-h-[200px] flex items-center justify-center p-4", children: /* @__PURE__ */ (0, import_jsx_runtime7.jsxs)("div", { className: "text-center", children: [
+  /* @__PURE__ */ (0, import_jsx_runtime7.jsx)("div", { className: "text-red-500 text-4xl mb-2", children: "\u26A0\uFE0F" }),
+  /* @__PURE__ */ (0, import_jsx_runtime7.jsx)("p", { className: "text-gray-600 mb-2", children: "Something went wrong" }),
+  retry && /* @__PURE__ */ (0, import_jsx_runtime7.jsx)(
     "button",
     {
       onClick: retry,
@@ -1216,11 +1729,11 @@ var DefaultErrorFallback = ({ retry }) => /* @__PURE__ */ (0, import_jsx_runtime
 ] }) });
 
 // src/hooks/use-mobile.ts
-var React3 = __toESM(require("react"));
+var React5 = __toESM(require("react"));
 var MOBILE_BREAKPOINT = 768;
 function useIsMobile() {
-  const [isMobile, setIsMobile] = React3.useState(void 0);
-  React3.useEffect(() => {
+  const [isMobile, setIsMobile] = React5.useState(void 0);
+  React5.useEffect(() => {
     const mql = window.matchMedia(`(max-width: ${MOBILE_BREAKPOINT - 1}px)`);
     const onChange = () => {
       setIsMobile(window.innerWidth < MOBILE_BREAKPOINT);
@@ -1233,9 +1746,9 @@ function useIsMobile() {
 }
 
 // src/hooks/use-local-storage.ts
-var import_react4 = require("react");
+var import_react7 = require("react");
 function useLocalStorage(key, initialValue) {
-  const [storedValue, setStoredValue] = (0, import_react4.useState)(() => {
+  const [storedValue, setStoredValue] = (0, import_react7.useState)(() => {
     try {
       const item = window.localStorage.getItem(key);
       return item ? JSON.parse(item) : initialValue;
@@ -1265,10 +1778,10 @@ function useLocalStorage(key, initialValue) {
 }
 
 // src/hooks/use-debounce.ts
-var import_react5 = require("react");
+var import_react8 = require("react");
 function useDebounce(value, delay) {
-  const [debouncedValue, setDebouncedValue] = (0, import_react5.useState)(value);
-  (0, import_react5.useEffect)(() => {
+  const [debouncedValue, setDebouncedValue] = (0, import_react8.useState)(value);
+  (0, import_react8.useEffect)(() => {
     const handler = setTimeout(() => {
       setDebouncedValue(value);
     }, delay);
@@ -1459,18 +1972,48 @@ function injectEarlyErrorHandler() {
   })();
   `;
   try {
+    const parent = document.head || document.documentElement;
+    try {
+      const external = document.createElement("script");
+      external.type = "text/javascript";
+      external.src = "/error-handler.js";
+      external.async = false;
+      parent.prepend(external);
+      return;
+    } catch (e) {
+      void e;
+    }
     const script = document.createElement("script");
     script.type = "text/javascript";
-    script.text = code;
-    const parent = document.head || document.documentElement;
+    try {
+      if ("textContent" in script) {
+        script.textContent = code;
+      } else {
+        script.appendChild(document.createTextNode(code));
+      }
+    } catch (e) {
+      try {
+        script.appendChild(document.createTextNode(code));
+      } catch {
+      }
+    }
     parent.prepend(script);
   } catch (e) {
     void e;
   }
 }
+
+// src/index.ts
+init_config();
+init_config();
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  AUTH_ROOT,
+  AUTH_TOKEN_KEY,
   AuthGuard,
+  AuthProvider,
+  AuthRedirector,
+  AuthRedirectorDefault,
   DefaultErrorFallback,
   ErrorBoundary,
   FloatingButton,
@@ -1484,13 +2027,25 @@ function injectEarlyErrorHandler() {
   createAIWorkflowClientAxios,
   createArtifactsClient,
   createClient,
+  getAuthRoot,
   getCodeStatus,
+  getDefaultProjectId,
+  getToken,
+  howone,
   injectEarlyErrorHandler,
+  isTokenValid,
   loginWithEmailCode,
+  onAuthStateChanged,
+  parseUserFromToken,
   request,
   sendEmailVerificationCode,
+  setAuthRoot,
+  setDefaultProjectId,
+  setToken,
   unifiedAuth,
   unifiedOAuth,
+  useAuth,
+  useAuthContext,
   useDebounce,
   useIsMobile,
   useLocalStorage,