@iblai/web-utils 0.3.0 → 1.0.0

package/dist/index.esm.js

@@ -1,7 +1,8 @@
 import * as React from 'react';
 import React__default, { useCallback, useDebugValue, useMemo, useState, useEffect, useRef, useLayoutEffect, createContext, useContext } from 'react';
 import { OpenAPI, CoreService, ReportsService, AiAnalyticsService, AiMentorService, SearchService, AiPromptService, AiIndexService, CatalogService, SkillsService, AiAccountService, CredentialsService, FeaturesService, CommerceService, NotificationsService } from '@iblai/iblai-api';
-import { jsx, Fragment } from 'react/jsx-runtime';
+import { jsx } from 'react/jsx-runtime';
+import axios from 'axios';
 
 const SUBSCRIPTION_TRIGGERS = {
     PRICING_MODAL: "TRIGGER_PRICING_MODAL",
@@ -3380,7 +3381,7 @@ function updateMutationSubstateIfExists(state, id, update) {
     update(substate);
   }
 }
-var initialState$1 = {};
+var initialState$2 = {};
 function buildSlice({
   reducerPath,
   queryThunk,
@@ -3456,7 +3457,7 @@ function buildSlice({
   }
   const querySlice = createSlice$1({
     name: `${reducerPath}/queries`,
-    initialState: initialState$1,
+    initialState: initialState$2,
     reducers: {
       removeQueryResult: {
         reducer(draft, {
@@ -3590,7 +3591,7 @@ function buildSlice({
   });
   const mutationSlice = createSlice$1({
     name: `${reducerPath}/mutations`,
-    initialState: initialState$1,
+    initialState: initialState$2,
     reducers: {
       removeMutationResult: {
         reducer(draft, {
@@ -3759,7 +3760,7 @@ function buildSlice({
   }
   const subscriptionSlice = createSlice$1({
     name: `${reducerPath}/subscriptions`,
-    initialState: initialState$1,
+    initialState: initialState$2,
     reducers: {
       updateSubscriptionOptions(d, a) {
       },
@@ -3771,7 +3772,7 @@ function buildSlice({
   });
   const internalSubscriptionsSlice = createSlice$1({
     name: `${reducerPath}/internalSubscriptions`,
-    initialState: initialState$1,
+    initialState: initialState$2,
     reducers: {
       subscriptionsUpdated: {
         reducer(state, action) {
@@ -6441,6 +6442,25 @@ createApi({
     }),
 });
 
+createApi({
+    reducerPath: 'chatFilesApiSlice',
+    baseQuery: iblFetchBaseQuery,
+    endpoints: (builder) => ({
+        /**
+         * Get presigned S3 URL for file upload
+         * POST /api/ai-mentor/orgs/{org}/users/{userId}/chat/files/upload-url/
+         */
+        getFileUploadUrl: builder.mutation({
+            query: ({ org, userId, requestBody, }) => ({
+                url: `/api/ai-mentor/orgs/${org}/users/${userId}/chat/files/upload-url/`,
+                method: 'POST',
+                body: requestBody,
+                service: SERVICES.DM,
+            }),
+        }),
+    }),
+});
+
 createApi({
     reducerPath: 'llmsApiSlice',
     baseQuery: iblFakeBaseQuery,
@@ -6461,6 +6481,7 @@ const mentorApiSlice = createApi({
         'mentorPublicSettings',
         'shareableLinks',
         'publicMentors',
+        'moderationLogs',
     ],
     endpoints: (builder) => ({
         createMentor: builder.mutation({
@@ -6526,7 +6547,7 @@ const mentorApiSlice = createApi({
                     }));
                 }
                 catch (error) {
-                    console.error(error);
+                    console.error(JSON.stringify(error));
                 }
             },
         }),
@@ -6582,9 +6603,17 @@ const mentorApiSlice = createApi({
             ...buildEndpointFromDmService(AiMentorService.aiMentorOrgsUsersMentorsForkCreate),
             invalidatesTags: ['mentors'],
         }),
+        getRecentlyAccessedMentors: builder.query({
+            ...buildEndpointFromDmService(AiMentorService.aiMentorOrgsUsersRecentlyAccessedMentorsList),
+            providesTags: ['mentors'],
+        }),
+        getModerationLogs: builder.query({
+            ...buildEndpointFromDmService(AiMentorService.aiMentorOrgsUsersModerationLogsList),
+            providesTags: ['moderationLogs'],
+        }),
     }),
 });
-const { useLazyGetMentorsQuery, useLazySeedMentorsQuery, useGetMentorSettingsQuery, useGetMentorPublicSettingsQuery, useLazyGetMentorPublicSettingsQuery, useLazyGetFreeUsageCountQuery} = mentorApiSlice;
+const { useLazyGetMentorsQuery, useLazySeedMentorsQuery, useGetMentorSettingsQuery, useGetMentorPublicSettingsQuery, useLazyGetMentorPublicSettingsQuery, useLazyGetFreeUsageCountQuery, useLazyGetRecentlyAccessedMentorsQuery} = mentorApiSlice;
 
 createApi({
     reducerPath: 'mentorCategoriesApiSlice',
@@ -7051,7 +7080,20 @@ const coreApiSlice = createApi({
             invalidatesTags: ['RbacGroups'],
         }),
         getRbacGroupDetails: builder.query({
-            ...buildEndpointFromDmService(CoreService.coreRbacGroupsRetrieve),
+            ...buildEndpointFromService(SERVICES.DM, async (args) => {
+                const url = `${OpenAPI.BASE}/api/core/rbac/groups/${args.id}/`;
+                const response = await fetch(url, {
+                    method: 'GET',
+                    headers: OpenAPI.HEADERS,
+                });
+                if (!response.ok) {
+                    const error = new Error('Failed to fetch RBAC group details');
+                    error.status = response.status;
+                    error.body = await response.text();
+                    throw error;
+                }
+                return response.json();
+            }),
             providesTags: ['RbacGroups'],
         }),
         //RBAC POLICIES
@@ -7072,7 +7114,22 @@ const coreApiSlice = createApi({
             invalidatesTags: ['RbacPolicies'],
         }),
         getRbacPolicyDetails: builder.query({
-            ...buildEndpointFromDmService(CoreService.coreRbacPoliciesRetrieve),
+            ...buildEndpointFromService(SERVICES.DM, async (args) => {
+                const queryParams = new URLSearchParams({ platform_key: args.platform_key });
+                const queryString = queryParams.toString();
+                const url = `${OpenAPI.BASE}/api/core/rbac/policies/${args.id}/?${queryString}`;
+                const response = await fetch(url, {
+                    method: 'GET',
+                    headers: OpenAPI.HEADERS,
+                });
+                if (!response.ok) {
+                    const error = new Error('Failed to fetch RBAC policy details');
+                    error.status = response.status;
+                    error.body = await response.text();
+                    throw error;
+                }
+                return response.json();
+            }),
             providesTags: ['RbacPolicies'],
         }),
         //RBAC ROLES
@@ -7097,14 +7154,36 @@ const coreApiSlice = createApi({
             invalidatesTags: ['RbacRoles'],
         }),
         getRbacRoleDetails: builder.query({
-            ...buildEndpointFromDmService(CoreService.coreRbacRolesRetrieve),
+            ...buildEndpointFromService(SERVICES.DM, async (args) => {
+                const queryParams = new URLSearchParams({ platform_key: args.platform_key });
+                const queryString = queryParams.toString();
+                const url = `${OpenAPI.BASE}/api/core/rbac/roles/${args.id}/?${queryString}`;
+                const response = await fetch(url, {
+                    method: 'GET',
+                    headers: OpenAPI.HEADERS,
+                });
+                if (!response.ok) {
+                    const error = new Error('Failed to fetch RBAC role details');
+                    error.status = response.status;
+                    error.body = await response.text();
+                    throw error;
+                }
+                return response.json();
+            }),
             providesTags: ['RbacRoles'],
         }),
+        getRbacMentorAccessList: builder.query({
+            ...buildEndpointFromDmService(CoreService.coreRbacMentorAccessList),
+        }),
+        updateRbacMentorAccess: builder.mutation({
+            ...buildEndpointFromDmService(CoreService.coreRbacMentorAccessCreate),
+        }),
     }),
 });
 const { useGetRbacPermissionsMutation} = coreApiSlice;
 
 const CORE_CUSTOM_REDUCER_PATH = 'coreCustomApiSlice';
+const CORE_FAKE_CUSTOM_REDUCER_PATH = 'coreFakeCustomApiSlice';
 const PLATFORM_MEMBERSHIP_TAG = 'PlatformMembership';
 const CORE_CUSTOM_ENDPOINTS = {
     GET_PLATFORM_MEMBERSHIP: {
@@ -7138,7 +7217,13 @@ const CORE_CUSTOM_ENDPOINTS = {
     DELETE_PLATFORM_IMAGE_ASSET: {
         path: (platform_key, asset_id) => `/api/core/platforms/${platform_key}/public-image-assets/${asset_id}/`,
         service: SERVICES.DM,
-    }};
+    },
+    GET_PUBLIC_PLATFORM_IMAGE_ASSET_FILE_URL: {
+        path: (platform_key, asset_id) => `/api/core/platforms/${platform_key}/public-image-assets/${asset_id}/file/`,
+        baseUrl: getServiceUrl(SERVICES.DM),
+        service: SERVICES.DM,
+    },
+};
 
 createApi({
     // TODO: replace to catalogSlice
@@ -7210,7 +7295,13 @@ createApi({
             ...buildEndpointFromDmService(AiAccountService.aiAccountOrgsIntegrationCredentialPartialUpdate),
         }),
         getConnectedServiceAuthUrl: builder.query({
-            ...buildEndpointFromDmService(AiAccountService.aiAccountConnectedServicesOrgsUsersRetrieve),
+            queryFn: async (queryParams, api, extraOptions) => {
+                const url = `/api/ai-account/connected-services/orgs/${queryParams.org}/users/${queryParams.userId}/${queryParams.provider}/${queryParams.service}/`;
+                return iblFetchBaseQuery({
+                    url,
+                    service: SERVICES.DM,
+                }, api, extraOptions);
+            },
         }),
         connectedServicesCallback: builder.query({
             queryFn: async (queryParams, api, extraOptions) => {
@@ -7342,7 +7433,7 @@ const sessionApiSlice = createApi({
         }),
     }),
 });
-const { useCreateSessionIdMutation, useEditSessionMutation, } = sessionApiSlice;
+const { useCreateSessionIdMutation, useLazyGetSessionIdQuery, useEditSessionMutation, } = sessionApiSlice;
 
 createApi({
     reducerPath: 'datasetsApiSlice',
@@ -8279,6 +8370,12 @@ createApi({
 });
 
 const NOTIFICATIONS_CUSTOM_REDUCER_PATH = 'notificationsCustomApiSlice';
+const NOTIFICATIONS_CUSTOM_TAGS = {
+    TEMPLATES: 'NOTIFICATIONS_CUSTOM_TEMPLATES',
+    TEMPLATE_DETAILS: 'NOTIFICATIONS_CUSTOM_TEMPLATE_DETAILS',
+    UPDATE_TEMPLATE: 'NOTIFICATIONS_CUSTOM_UPDATE_TEMPLATE',
+    TOGGLE_TEMPLATE: 'NOTIFICATIONS_CUSTOM_TOGGLE_TEMPLATE',
+};
 const NOTIFICATIONS_CUSTOM_ENDPOINTS = {
     GET_TEMPLATES: {
         service: SERVICES.DM,
@@ -8300,6 +8397,7 @@ const NOTIFICATIONS_CUSTOM_ENDPOINTS = {
 
 createApi({
     reducerPath: NOTIFICATIONS_CUSTOM_REDUCER_PATH,
+    tagTypes: [...Object.values(NOTIFICATIONS_CUSTOM_TAGS)],
     baseQuery: iblFetchBaseQuery,
     endpoints: (builder) => ({
         getTemplates: builder.query({
@@ -8309,6 +8407,7 @@ createApi({
                     service: NOTIFICATIONS_CUSTOM_ENDPOINTS.GET_TEMPLATES.service,
                 };
             },
+            providesTags: [NOTIFICATIONS_CUSTOM_TAGS.TEMPLATES],
         }),
         getTemplateDetails: builder.query({
             query: (args) => {
@@ -8317,6 +8416,7 @@ createApi({
                     service: NOTIFICATIONS_CUSTOM_ENDPOINTS.GET_TEMPLATE_DETAILS.service,
                 };
             },
+            providesTags: [NOTIFICATIONS_CUSTOM_TAGS.TEMPLATE_DETAILS],
         }),
         updateTemplate: builder.mutation({
             query: (args) => {
@@ -8327,6 +8427,7 @@ createApi({
                     body: args.template,
                 };
             },
+            invalidatesTags: [NOTIFICATIONS_CUSTOM_TAGS.TEMPLATE_DETAILS],
         }),
         toggleTemplate: builder.mutation({
             query: (args) => {
@@ -8339,6 +8440,7 @@ createApi({
                     },
                 };
             },
+            invalidatesTags: [NOTIFICATIONS_CUSTOM_TAGS.TEMPLATES],
         }),
     }),
 });
@@ -8619,7 +8721,7 @@ const CUSTOM_DOMAIN_QUERY_KEYS = {
     CREATE_CUSTOM_DOMAIN: () => ['CREATE_CUSTOM_DOMAIN'],
 };
 
-createApi({
+const customDomainApiSlice = createApi({
     reducerPath: CUSTOM_DOMAIN_REDUCER_PATH,
     baseQuery: iblFetchBaseQuery,
     tagTypes: [...CUSTOM_DOMAIN_QUERY_KEYS.GET_CUSTOM_DOMAINS()],
@@ -8658,6 +8760,7 @@ createApi({
         }),
     }),
 });
+const { useGetCustomDomainsQuery} = customDomainApiSlice;
 
 const PLATFORM_CUSTOM_REDUCER_PATH = "platformCustomApiSlice";
 const PLATFORM_CONFIGURATION_TAG = "PlatformConfiguration";
@@ -8720,7 +8823,7 @@ createApi({
 const coreCustomApiSlice = createApi({
     reducerPath: CORE_CUSTOM_REDUCER_PATH,
     baseQuery: iblFetchBaseQuery,
-    tagTypes: [PLATFORM_MEMBERSHIP_TAG],
+    tagTypes: [PLATFORM_MEMBERSHIP_TAG, 'PlatformImageAssetFileUrl'],
     endpoints: (builder) => ({
         getPlatformMembership: builder.query({
             query: ({ platform_key }) => ({
@@ -8793,6 +8896,19 @@ const coreCustomApiSlice = createApi({
 });
 const { useJoinTenantMutation} = coreCustomApiSlice;
 
+createApi({
+    reducerPath: CORE_FAKE_CUSTOM_REDUCER_PATH,
+    baseQuery: iblFakeBaseQuery,
+    endpoints: (builder) => ({
+        getPublicPlatformImageAssetFileUrl: builder.query({
+            ...buildEndpointFromService(SERVICES.DM, async (args) => {
+                const url = `${OpenAPI.BASE}${CORE_CUSTOM_ENDPOINTS.GET_PUBLIC_PLATFORM_IMAGE_ASSET_FILE_URL.path(args.platform_key, args.asset_id)}`;
+                return url;
+            }),
+        }),
+    }),
+});
+
 const EDX_PROCTORING_ENDPOINTS = {
     GET_EXAM_INFO: {
         service: SERVICES.LMS,
@@ -10305,6 +10421,299 @@ const formatRelativeTime = (timestamp) => {
     return `${diffInYears} year${diffInYears === 1 ? "" : "s"} ago`;
 };
 
+/**
+ * Authentication and Authorization Utilities
+ *
+ * This module provides utility functions for handling authentication flows,
+ * including redirects to auth SPA, cookie management, and session handling.
+ */
+/**
+ * Check if the current window is inside an iframe
+ * @returns {boolean} True if running in an iframe, false otherwise
+ */
+function isInIframe() {
+    if (typeof window === "undefined") {
+        return false;
+    }
+    return (window === null || window === void 0 ? void 0 : window.self) !== (window === null || window === void 0 ? void 0 : window.top);
+}
+/**
+ * Send a message to the parent website (when in iframe)
+ * @param payload - The data to send to parent window
+ */
+function sendMessageToParentWebsite(payload) {
+    window.parent.postMessage(payload, "*");
+}
+/**
+ * Delete a cookie with specific name, path, and domain
+ * @param name - Cookie name
+ * @param path - Cookie path
+ * @param domain - Cookie domain
+ */
+function deleteCookie(name, path, domain) {
+    const expires = "expires=Thu, 01 Jan 1970 00:00:00 UTC;";
+    const cookieValue = `${name}=;`;
+    const pathValue = path ? `path=${path};` : "";
+    const domainValue = domain ? `domain=${domain};` : "";
+    document.cookie = cookieValue + expires + pathValue + domainValue;
+}
+/**
+ * Get all possible domain parts for cookie deletion
+ * @param domain - The domain to split
+ * @returns Array of domain parts
+ * @example
+ * getDomainParts('app.example.com') // returns ['app.example.com', 'example.com', 'com']
+ */
+function getDomainParts(domain) {
+    const parts = domain.split(".");
+    const domains = [];
+    for (let i = parts.length - 1; i >= 0; i--) {
+        domains.push(parts.slice(i).join("."));
+    }
+    return domains;
+}
+/**
+ * Delete a cookie across all possible domain variations
+ * @param name - Cookie name to delete
+ * @param childDomain - The current domain
+ */
+function deleteCookieOnAllDomains(name, childDomain) {
+    getDomainParts(childDomain).forEach((domainPart) => {
+        deleteCookie(name, "/", domainPart);
+        deleteCookie(name, "", domainPart);
+    });
+}
+/**
+ * Get the parent domain from a given domain
+ * @param domain - The domain to process
+ * @returns The parent domain (e.g., 'app.example.com' → '.example.com')
+ */
+function getParentDomain(domain) {
+    if (!domain) {
+        return "";
+    }
+    const parts = domain.split(".");
+    return parts.length > 1 ? `.${parts.slice(-2).join(".")}` : domain;
+}
+/**
+ * Set a cookie for authentication with cross-domain support
+ * @param name - Cookie name
+ * @param value - Cookie value
+ * @param days - Number of days until expiration (default: 365)
+ */
+function setCookieForAuth(name, value, days = 365) {
+    const expires = new Date();
+    expires.setTime(expires.getTime() + days * 24 * 60 * 60 * 1000);
+    const hostname = window.location.hostname;
+    let baseDomain = hostname;
+    // Calculate base domain (skip for localhost and IP addresses)
+    if (hostname !== "localhost" && !/^\d+\.\d+\.\d+\.\d+$/.test(hostname)) {
+        const parts = hostname.split(".");
+        if (parts.length > 2) {
+            baseDomain = `.${parts.slice(-2).join(".")}`;
+        }
+    }
+    const domainAttr = baseDomain ? `;domain=${baseDomain}` : "";
+    document.cookie = `${name}=${encodeURIComponent(value)};expires=${expires.toUTCString()};path=/;SameSite=None;Secure${domainAttr}`;
+}
+/**
+ * Clear all cookies for the current domain
+ */
+function clearCookies() {
+    const cookies = document.cookie.split(";");
+    for (let i = 0; i < cookies.length; i++) {
+        const cookie = cookies[i];
+        const eqPos = cookie.indexOf("=");
+        const name = eqPos > -1 ? cookie.substr(0, eqPos) : cookie;
+        deleteCookieOnAllDomains(name, window.location.hostname);
+        document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;Domain=${getParentDomain(window.location.hostname)}`;
+    }
+}
+/**
+ * Check if user is currently logged in
+ * @param tokenKey - The localStorage key for the auth token (default: 'axd_token')
+ * @returns True if logged in, false otherwise
+ */
+function isLoggedIn(tokenKey = "axd_token") {
+    return !!localStorage.getItem(tokenKey);
+}
+/**
+ * Extract platform/tenant key from URL
+ * @param url - The URL to parse
+ * @param pattern - RegExp pattern to match platform key (default matches /platform/[key]/...)
+ * @returns The platform key or null if not found
+ */
+function getPlatformKey(url, pattern = /\/platform\/([^/]+)/) {
+    const match = url.match(pattern);
+    return match ? match[1] : null;
+}
+/**
+ * Redirect to authentication SPA for login/logout
+ *
+ * This function handles the complete authentication flow:
+ * - Clears localStorage and cookies on logout
+ * - Saves redirect path for post-auth return
+ * - Handles iframe scenarios
+ * - Syncs logout across multiple SPAs via cookies
+ *
+ * @param options - Configuration options for the redirect
+ *
+ * @example
+ * ```tsx
+ * // Basic usage
+ * redirectToAuthSpa({
+ *   authUrl: 'https://auth.example.com',
+ *   appName: 'mentor',
+ * });
+ *
+ * // With logout
+ * redirectToAuthSpa({
+ *   authUrl: 'https://auth.example.com',
+ *   appName: 'mentor',
+ *   logout: true,
+ *   platformKey: 'my-tenant',
+ * });
+ *
+ * // With custom redirect
+ * redirectToAuthSpa({
+ *   authUrl: 'https://auth.example.com',
+ *   appName: 'mentor',
+ *   redirectTo: '/dashboard',
+ *   platformKey: 'my-tenant',
+ * });
+ * ```
+ */
+async function redirectToAuthSpa(options) {
+    const { redirectTo, platformKey, logout = false, saveRedirect = true, authUrl, appName, queryParams = {
+        app: "app",
+        redirectTo: "redirect-to",
+        tenant: "tenant",
+    }, redirectPathStorageKey = "redirect_to", cookieNames = {
+        currentTenant: "ibl_current_tenant",
+        userData: "ibl_user_data",
+        tenant: "ibl_tenant",
+        logoutTimestamp: "ibl_logout_timestamp",
+    }, } = options;
+    // Clear localStorage
+    localStorage.clear();
+    if (logout) {
+        // Delete authentication cookies for cross-SPA synchronization
+        const currentDomain = window.location.hostname;
+        if (cookieNames.currentTenant) {
+            deleteCookieOnAllDomains(cookieNames.currentTenant, currentDomain);
+        }
+        if (cookieNames.userData) {
+            deleteCookieOnAllDomains(cookieNames.userData, currentDomain);
+        }
+        if (cookieNames.tenant) {
+            deleteCookieOnAllDomains(cookieNames.tenant, currentDomain);
+        }
+        // Set logout timestamp cookie to trigger logout on other SPAs
+        if (cookieNames.logoutTimestamp) {
+            setCookieForAuth(cookieNames.logoutTimestamp, Date.now().toString());
+        }
+    }
+    // Handle iframe scenario
+    if (isInIframe()) {
+        console.log("[redirectToAuthSpa]: sending authExpired to parent");
+        sendMessageToParentWebsite({ authExpired: true });
+        return;
+    }
+    const redirectPath = redirectTo !== null && redirectTo !== void 0 ? redirectTo : `${window.location.pathname}${window.location.search}`;
+    // Never save sso-login routes as redirect paths
+    if (!redirectPath.startsWith("/sso-login") && saveRedirect) {
+        window.localStorage.setItem(redirectPathStorageKey, redirectPath);
+    }
+    const platform = platformKey !== null && platformKey !== void 0 ? platformKey : getPlatformKey(redirectPath);
+    const redirectToUrl = `${window.location.origin}`;
+    let authRedirectUrl = `${authUrl}/login?${queryParams.app}=${appName}`;
+    authRedirectUrl += `&${queryParams.redirectTo}=${redirectToUrl}`;
+    if (platform) {
+        authRedirectUrl += `&${queryParams.tenant}=${platform}`;
+    }
+    if (logout) {
+        authRedirectUrl += "&logout=1";
+    }
+    // Small delay for any pending operations
+    await new Promise((resolve) => setTimeout(resolve, 100));
+    // Redirect to auth SPA
+    window.location.href = authRedirectUrl;
+}
+/**
+ * Get the URL for joining a tenant (sign up flow)
+ * @param authUrl - Auth SPA base URL
+ * @param tenantKey - Tenant to join
+ * @param redirectUrl - URL to redirect to after joining (defaults to current URL)
+ * @returns The join URL
+ */
+function getAuthSpaJoinUrl(authUrl, tenantKey, redirectUrl) {
+    const resolvedTenant = tenantKey || getPlatformKey(window.location.pathname) || "";
+    if (!resolvedTenant) {
+        return "";
+    }
+    const targetUrl = redirectUrl !== null && redirectUrl !== void 0 ? redirectUrl : window.location.href;
+    const joinUrl = `${authUrl}/join?tenant=${encodeURIComponent(resolvedTenant)}&redirect-to=${encodeURIComponent(targetUrl)}`;
+    return joinUrl;
+}
+/**
+ * Redirect to auth SPA's join/signup page for a specific tenant
+ * @param authUrl - Auth SPA base URL
+ * @param tenantKey - Tenant to join
+ * @param redirectUrl - URL to redirect to after joining (defaults to current URL)
+ */
+function redirectToAuthSpaJoinTenant(authUrl, tenantKey, redirectUrl) {
+    const resolvedTenant = tenantKey || getPlatformKey(window.location.pathname) || "";
+    if (!resolvedTenant) {
+        console.log("[auth-redirect] Missing tenant key for join", {
+            tenantKey,
+            redirectUrl,
+        });
+        redirectToAuthSpa({
+            authUrl,
+            appName: "app", // Will need to be configured
+            redirectTo: redirectUrl,
+        });
+        return;
+    }
+    const targetUrl = redirectUrl !== null && redirectUrl !== void 0 ? redirectUrl : window.location.href;
+    const joinUrl = `${authUrl}/join?tenant=${encodeURIComponent(resolvedTenant)}&redirect-to=${encodeURIComponent(targetUrl)}`;
+    window.location.href = joinUrl;
+}
+/**
+ * Handle user logout
+ *
+ * This function:
+ * - Clears localStorage (preserving tenant)
+ * - Sets logout timestamp cookie for cross-SPA sync
+ * - Clears all cookies
+ * - Redirects to auth SPA logout endpoint
+ *
+ * @param options - Logout configuration options
+ *
+ * @example
+ * ```tsx
+ * handleLogout({
+ *   authUrl: 'https://auth.example.com',
+ *   redirectUrl: 'https://app.example.com',
+ * });
+ * ```
+ */
+function handleLogout(options) {
+    const { redirectUrl = window.location.origin, authUrl, tenantStorageKey = "tenant", logoutTimestampCookie = "ibl_logout_timestamp", callback, } = options;
+    const tenant = window.localStorage.getItem(tenantStorageKey);
+    window.localStorage.clear();
+    if (tenant) {
+        window.localStorage.setItem(tenantStorageKey, tenant);
+    }
+    // Set logout timestamp cookie to trigger logout on other SPAs
+    setCookieForAuth(logoutTimestampCookie, Date.now().toString());
+    clearCookies();
+    callback === null || callback === void 0 ? void 0 : callback();
+    if (!isInIframe()) {
+        window.location.href = `${authUrl}/logout?redirect-to=${redirectUrl}${tenant ? "&tenant=" + tenant : ""}`;
+    }
+}
+
 const useExternalPricingPlan = ({ pricingModalData, userEmail, }) => {
     const pricingBoxIframeRef = useRef(null);
     const getIFrameReadyData = async () => {
@@ -10436,6 +10845,8 @@ function jwtDecode(token, options) {
  * - Polls for cookie changes every 2 seconds
  * - Refreshes the page when cross-SPA changes are detected
  * - Listens for storage events to update cookies when localStorage changes
+ * - Monitors logout timestamp cookie to trigger cross-SPA logout
+ * - Automatically logs out when another SPA initiates logout
  *
  * For React Native:
  * - Relies on AsyncStorage only (handled by StorageService)
@@ -10445,7 +10856,7 @@ function jwtDecode(token, options) {
 /**
  * Check if we're running in a web browser environment
  */
-const isWeb = () => {
+const isWeb$1 = () => {
     return typeof window !== "undefined" && typeof document !== "undefined";
 };
 /**
@@ -10455,6 +10866,7 @@ const COOKIE_KEYS = {
     CURRENT_TENANT: "ibl_current_tenant",
     USER_DATA: "ibl_user_data",
     TENANT: "ibl_tenant",
+    LOGOUT_TIMESTAMP: "ibl_logout_timestamp",
 };
 /**
  * Get the base domain for cookie sharing
@@ -10465,7 +10877,7 @@ const COOKIE_KEYS = {
  */
 const getBaseDomain = () => {
     // Must check for window existence before accessing it
-    if (!isWeb())
+    if (!isWeb$1())
         return "";
     const hostname = window.location.hostname;
     // For localhost or IP addresses, use as-is
@@ -10494,7 +10906,7 @@ const CookieUtils = {
      * Uses SameSite=None for cross-subdomain sharing and base domain
      */
     set(name, value, days = 365) {
-        if (!isWeb())
+        if (!isWeb$1())
             return;
         const expires = new Date();
         expires.setTime(expires.getTime() + days * 24 * 60 * 60 * 1000);
@@ -10506,7 +10918,7 @@ const CookieUtils = {
      * Get a cookie value by name
      */
     get(name) {
-        if (!isWeb())
+        if (!isWeb$1())
             return null;
         const nameEQ = name + "=";
         const cookies = document.cookie.split(";");
@@ -10525,7 +10937,7 @@ const CookieUtils = {
      * Uses same domain logic as set() to ensure proper deletion
      */
     delete(name) {
-        if (!isWeb())
+        if (!isWeb$1())
             return;
         const baseDomain = getBaseDomain();
         const domainAttr = baseDomain ? `;domain=${baseDomain}` : "";
@@ -10538,8 +10950,7 @@ const CookieUtils = {
  * On React Native, this is a no-op
  */
 async function syncAuthToCookies(storageService) {
-    console.log("##################### syncing auth to cookie");
-    if (!isWeb())
+    if (!isWeb$1())
         return;
     try {
         const currentTenant = await storageService.getItem(LOCAL_STORAGE_KEYS.CURRENT_TENANT);
@@ -10568,13 +10979,23 @@ async function syncAuthToCookies(storageService) {
         console.error("[syncAuthToCookies] Error syncing to cookies:", error);
     }
 }
+/**
+ * Clear current tenant cookie only (web only)
+ * Should be called before tenant switching
+ * On React Native, this is a no-op
+ */
+function clearCurrentTenantCookie() {
+    if (!isWeb$1())
+        return;
+    CookieUtils.delete(COOKIE_KEYS.CURRENT_TENANT);
+}
 /**
  * Clear all authentication cookies (web only)
  * Should be called on logout
  * On React Native, this is a no-op
  */
 function clearAuthCookies() {
-    if (!isWeb())
+    if (!isWeb$1())
         return;
     CookieUtils.delete(COOKIE_KEYS.CURRENT_TENANT);
     CookieUtils.delete(COOKIE_KEYS.USER_DATA);
@@ -10586,14 +11007,30 @@ function clearAuthCookies() {
  * On React Native, always returns false (no-op)
  */
 async function syncCookiesToLocalStorage(storageService) {
-    if (!isWeb())
+    if (!isWeb$1())
         return false;
     try {
         let needsRefresh = false;
         // Check current_tenant
         const cookieCurrentTenant = CookieUtils.get(COOKIE_KEYS.CURRENT_TENANT);
+        console.log("[syncCookiesToLocalStorage] cookieCurrentTenant", cookieCurrentTenant);
         const localCurrentTenant = await storageService.getItem(LOCAL_STORAGE_KEYS.CURRENT_TENANT);
-        if (cookieCurrentTenant !== localCurrentTenant) {
+        console.log("[syncCookiesToLocalStorage] localCurrentTenant", localCurrentTenant);
+        // Compare current tenant objects by key field only to avoid false positives from extra fields
+        let currentTenantIsDifferent = false;
+        if (cookieCurrentTenant && localCurrentTenant) {
+            try {
+                const cookieTenant = JSON.parse(cookieCurrentTenant);
+                const localTenant = JSON.parse(localCurrentTenant);
+                // Compare by the tenant key only
+                currentTenantIsDifferent = cookieTenant.key !== localTenant.key;
+            }
+            catch (e) {
+                // If parsing fails, fall back to string comparison
+                currentTenantIsDifferent = cookieCurrentTenant !== localCurrentTenant;
+            }
+        }
+        if (currentTenantIsDifferent) {
             if (cookieCurrentTenant) {
                 await storageService.setItem(LOCAL_STORAGE_KEYS.CURRENT_TENANT, cookieCurrentTenant);
             }
@@ -10605,8 +11042,24 @@ async function syncCookiesToLocalStorage(storageService) {
         }
         // Check userData
         const cookieUserData = CookieUtils.get(COOKIE_KEYS.USER_DATA);
+        console.log("[syncCookiesToLocalStorage] cookieUserData", cookieUserData);
         const localUserData = await storageService.getItem(LOCAL_STORAGE_KEYS.USER_DATA);
-        if (cookieUserData !== localUserData) {
+        console.log("[syncCookiesToLocalStorage] localUserData", localUserData);
+        // Compare userData objects by user_id to avoid false positives from extra fields
+        let userDataIsDifferent = false;
+        if (cookieUserData && localUserData) {
+            try {
+                const cookieUser = JSON.parse(cookieUserData);
+                const localUser = JSON.parse(localUserData);
+                // Compare by user_id - the primary identifier
+                userDataIsDifferent = cookieUser.user_id !== localUser.user_id;
+            }
+            catch (e) {
+                // If parsing fails, fall back to string comparison
+                userDataIsDifferent = cookieUserData !== localUserData;
+            }
+        }
+        if (userDataIsDifferent) {
             if (cookieUserData) {
                 await storageService.setItem(LOCAL_STORAGE_KEYS.USER_DATA, cookieUserData);
             }
@@ -10618,8 +11071,37 @@ async function syncCookiesToLocalStorage(storageService) {
         }
         // Check tenant
         const cookieTenant = CookieUtils.get(COOKIE_KEYS.TENANT);
+        console.log("[syncCookiesToLocalStorage] cookieTenant", cookieTenant);
         const localTenant = await storageService.getItem(LOCAL_STORAGE_KEYS.TENANTS);
-        if (cookieTenant !== localTenant) {
+        console.log("[syncCookiesToLocalStorage] localTenant", localTenant);
+        // Compare tenant arrays by checking length and tenant keys
+        let tenantsAreDifferent = false;
+        if (cookieTenant &&
+            localTenant &&
+            cookieTenant !== "[]" &&
+            localTenant !== "[]") {
+            try {
+                const cookieTenantsArray = JSON.parse(cookieTenant);
+                const localTenantsArray = JSON.parse(localTenant);
+                // Check if arrays have same length
+                if (cookieTenantsArray.length !== localTenantsArray.length) {
+                    tenantsAreDifferent = true;
+                }
+                else {
+                    // Check if all tenant keys match
+                    const cookieKeys = new Set(cookieTenantsArray.map((t) => t.key));
+                    const localKeys = new Set(localTenantsArray.map((t) => t.key));
+                    tenantsAreDifferent =
+                        cookieKeys.size !== localKeys.size ||
+                            [...cookieKeys].some((key) => !localKeys.has(key));
+                }
+            }
+            catch (e) {
+                // If parsing fails, fall back to string comparison
+                tenantsAreDifferent = cookieTenant !== localTenant;
+            }
+        }
+        if (tenantsAreDifferent) {
             if (cookieTenant) {
                 await storageService.setItem(LOCAL_STORAGE_KEYS.TENANTS, cookieTenant);
             }
@@ -10674,6 +11156,7 @@ async function isJwtTokenExpired(storageService) {
 async function validateJwtToken(storageService) {
     try {
         const edxJwtToken = await storageService.getItem(LOCAL_STORAGE_KEYS.EDX_TOKEN_KEY);
+        console.log("[AuthProvider] JWT token ", edxJwtToken);
         const userData = await storageService.getItem(LOCAL_STORAGE_KEYS.USER_DATA);
         if (!edxJwtToken || !userData) {
             return false;
@@ -10696,7 +11179,9 @@ async function validateJwtToken(storageService) {
 function useAuthProvider({ middleware = new Map(), onAuthSuccess, onAuthFailure, redirectToAuthSpa, hasNonExpiredAuthToken, username, pathname, storageService, skipAuthCheck, token, }) {
     const [isAuthenticating, setIsAuthenticating] = useState(true);
     const [userIsAccessingPublicRoute, setUserIsAccessingPublicRoute] = useState(false);
+    const [initialSyncComplete, setInitialSyncComplete] = useState(false);
     const cookieCheckIntervalRef = useRef(null);
+    const lastLogoutTimestampRef = useRef(null);
     // RTK Query hook for refreshing JWT token
     const [refreshJwtToken] = useLazyRefreshJwtTokenQuery();
     /**
@@ -10705,24 +11190,65 @@ function useAuthProvider({ middleware = new Map(), onAuthSuccess, onAuthFailure,
      * On React Native, this is a no-op
      */
     useEffect(() => {
-        console.log("################******* useEffect sync auth");
-        if (!storageService || !isWeb())
+        if (!storageService || !isWeb$1()) {
+            // If no storage service or not web, mark sync as complete immediately
+            setInitialSyncComplete(true);
             return;
+        }
         // Initial sync on mount
         async function initialSync() {
-            const needsRefresh = await syncCookiesToLocalStorage(storageService);
-            if (needsRefresh) {
-                console.log("[AuthProvider] Cookie sync detected changes, refreshing page...");
-                window.location.reload();
+            try {
+                // Initialize last known logout timestamp
+                lastLogoutTimestampRef.current = CookieUtils.get(COOKIE_KEYS.LOGOUT_TIMESTAMP);
+                const needsRefresh = await syncCookiesToLocalStorage(storageService);
+                if (needsRefresh) {
+                    console.log("[auth-redirect] Cookie sync detected changes, refreshing page");
+                    redirectToAuthSpa(undefined, undefined, false, false);
+                }
+                else {
+                    await syncAuthToCookies(storageService);
+                }
+            }
+            finally {
+                // Mark initial sync as complete
+                setInitialSyncComplete(true);
             }
         }
         initialSync();
         // Poll for cookie changes every 2 seconds to detect cross-SPA updates
         cookieCheckIntervalRef.current = setInterval(async () => {
+            // Skip cookie sync checks if user is completing SSO at /sso-login
+            const completingSso = new RegExp("^\/sso-login").test(pathname);
+            if (completingSso) {
+                console.log("[AuthProvider] Skipping cookie sync check for public route");
+                return;
+            }
+            // Check for logout timestamp changes (cross-SPA logout detection)
+            const currentLogoutTimestamp = CookieUtils.get(COOKIE_KEYS.LOGOUT_TIMESTAMP);
+            if (currentLogoutTimestamp &&
+                lastLogoutTimestampRef.current &&
+                currentLogoutTimestamp !== lastLogoutTimestampRef.current) {
+                console.log("[auth-redirect] Logout detected from another SPA", {
+                    previousTimestamp: lastLogoutTimestampRef.current,
+                    newTimestamp: currentLogoutTimestamp,
+                });
+                lastLogoutTimestampRef.current = currentLogoutTimestamp;
+                redirectToAuthSpa(undefined, undefined, true);
+                return;
+            }
             const needsRefresh = await syncCookiesToLocalStorage(storageService);
             if (needsRefresh) {
-                console.log("[AuthProvider] Cookie sync detected changes from another SPA, refreshing page...");
-                window.location.reload();
+                console.log("[auth-redirect] Cookie sync detected changes from another SPA, refreshing page");
+                let cookieTenantKey;
+                try {
+                    const cookieCurrentTenant = JSON.parse(CookieUtils.get(COOKIE_KEYS.CURRENT_TENANT));
+                    cookieTenantKey = cookieCurrentTenant.key;
+                }
+                catch (_a) { }
+                redirectToAuthSpa(undefined, cookieTenantKey, false, false);
+            }
+            else {
+                await syncAuthToCookies(storageService);
             }
         }, 2000);
         // Cleanup interval on unmount
@@ -10731,15 +11257,14 @@ function useAuthProvider({ middleware = new Map(), onAuthSuccess, onAuthFailure,
                 clearInterval(cookieCheckIntervalRef.current);
             }
         };
-    }, [storageService]);
+    }, [storageService, middleware, pathname]);
     /**
      * Listen for storage events from other tabs/windows (web only)
      * This catches same-SPA changes in different tabs
      * On React Native, this is a no-op
      */
     useEffect(() => {
-        console.log("################ useEffect sync auth");
-        if (!storageService || !isWeb())
+        if (!storageService || !isWeb$1())
             return;
         const handleStorageChange = async (event) => {
             // Only handle changes to our auth-related keys
@@ -10770,14 +11295,15 @@ function useAuthProvider({ middleware = new Map(), onAuthSuccess, onAuthFailure,
             if (!hasNonExpiredAuthToken()) {
                 const reason = "Auth token expired";
                 onAuthFailure === null || onAuthFailure === void 0 ? void 0 : onAuthFailure(reason);
-                redirectToAuthSpa();
+                console.log("[auth-redirect] Auth token expired");
+                redirectToAuthSpa(undefined, undefined, true);
                 return;
             }
             // Check JWT token expiry and force logout for protected routes
             if (isProtectedRoute && storageService) {
                 const jwtExpired = await isJwtTokenExpired(storageService);
                 if (jwtExpired) {
-                    console.log("[AuthProvider] JWT token has expired, forcing logout...");
+                    console.log("[auth-redirect] JWT token has expired, forcing logout");
                     // Clear all auth-related storage keys
                     clearAuthCookies();
                     const reason = "JWT token expired";
@@ -10799,11 +11325,18 @@ function useAuthProvider({ middleware = new Map(), onAuthSuccess, onAuthFailure,
                             console.log("[AuthProvider] JWT token refreshed successfully");
                         }
                         else if (result.error) {
-                            console.error("[AuthProvider] Failed to refresh JWT token:", result.error);
+                            console.log("[auth-redirect] Failed to refresh JWT token", {
+                                error: result.error,
+                            });
+                            redirectToAuthSpa(undefined, undefined, true);
+                            return;
                         }
                     }
                     catch (refreshError) {
-                        console.error("[AuthProvider] Failed to refresh JWT token:", refreshError);
+                        console.log("[auth-redirect] JWT token refresh error", {
+                            error: refreshError,
+                        });
+                        redirectToAuthSpa(undefined, undefined, true);
                         // Continue with auth check even if JWT refresh fails
                     }
                 }
@@ -10815,12 +11348,18 @@ function useAuthProvider({ middleware = new Map(), onAuthSuccess, onAuthFailure,
             setIsAuthenticating(false);
         }
         catch (error) {
+            console.error("[AuthProvider] Error performing auth check:", error);
             const errorMessage = error instanceof Error ? error.message : String(error);
             onAuthFailure === null || onAuthFailure === void 0 ? void 0 : onAuthFailure(`Unexpected error: ${errorMessage}`);
             redirectToAuthSpa();
         }
     }
     useEffect(() => {
+        // Wait for initial sync to complete before performing auth check
+        if (!initialSyncComplete) {
+            console.log("[useAuthProvider] Waiting for initial sync to complete...");
+            return;
+        }
         async function checkAuth() {
             setIsAuthenticating(true);
             const authRequired = (await determineAuthRequired(middleware, pathname)) && !token;
@@ -10841,7 +11380,7 @@ function useAuthProvider({ middleware = new Map(), onAuthSuccess, onAuthFailure,
         }
         console.log("[useAuthProvider] performing auth check for ", username);
         checkAuth();
-    }, [username]);
+    }, [username, initialSyncComplete]);
     return {
         isAuthenticating,
         userIsAccessingPublicRoute,
@@ -10909,7 +11448,7 @@ function AuthProvider({ children, fallback, middleware = new Map(), onAuthSucces
     if (isAuthenticating) {
         return fallback;
     }
-    return (jsx(AuthContextProvider, { value: { userIsAccessingPublicRoute, setUserIsAccessingPublicRoute }, children: jsx(Fragment, {}) }));
+    return (jsx(AuthContextProvider, { value: { userIsAccessingPublicRoute, setUserIsAccessingPublicRoute }, children: children }));
 }
 
 /**
@@ -10922,6 +11461,12 @@ function AuthProvider({ children, fallback, middleware = new Map(), onAuthSucces
  * - Tenant metadata retrieval
  * - User-tenant relationship verification
  */
+/**
+ * Check if we're running in a web browser environment
+ */
+const isWeb = () => {
+    return typeof window !== "undefined" && typeof document !== "undefined";
+};
 const TenantContext = createContext(undefined);
 /**
  * Context Provider component that wraps children with tenant context
@@ -10942,7 +11487,7 @@ const useTenantContext = () => useContext(TenantContext);
  * 4. Handles tenant-specific domain redirects
  * 5. Maintains tenant access state
  */
-function TenantProvider({ children, fallback, onAuthSuccess, onAuthFailure, currentTenant, requestedTenant, saveCurrentTenant, saveUserTenants, handleTenantSwitch, saveVisitingTenant, removeVisitingTenant, saveUserTokens, saveTenant, onAutoJoinUserToTenant, }) {
+function TenantProvider({ children, fallback, onAuthSuccess, onAuthFailure, currentTenant, requestedTenant, saveCurrentTenant, saveUserTenants, handleTenantSwitch, saveVisitingTenant, removeVisitingTenant, saveUserTokens, saveTenant, onAutoJoinUserToTenant, redirectToAuthSpa, }) {
     const { userIsAccessingPublicRoute, setUserIsAccessingPublicRoute } = useAuthContext();
     const [determineUserPath, setDetermineUserPath] = useState(false);
     const [isLoading, setIsLoading] = React__default.useState(true);
@@ -10953,6 +11498,26 @@ function TenantProvider({ children, fallback, onAuthSuccess, onAuthFailure, curr
     const [getAppToken] = useGetAppTokensMutation();
     const [tenantKey, setTenantKey] = useState(currentTenant);
     const [metadata, setMetadata] = useState({});
+    // Fetch custom domain to get platform_key
+    const currentDomain = typeof window !== "undefined" ? window.location.hostname : "";
+    const { data: customDomainData, isLoading: isLoadingCustomDomain, isError: isCustomDomainError, } = useGetCustomDomainsQuery({ params: { domain: currentDomain } }, { skip: !isWeb() || !currentDomain });
+    // Extract platform_key from custom domain response to use as requestedTenant
+    const customDomainPlatformKey = React__default.useMemo(() => {
+        if (customDomainData &&
+            typeof customDomainData === "object" &&
+            "custom_domains" in customDomainData) {
+            const domains = customDomainData.custom_domains;
+            if (Array.isArray(domains) &&
+                domains.length > 0 &&
+                domains[0].platform_key) {
+                console.log("[TenantProvider] Using platform_key from custom domain:", domains[0].platform_key);
+                return domains[0].platform_key;
+            }
+        }
+        return undefined;
+    }, [customDomainData]);
+    // Use custom domain platform_key as requested tenant if available, otherwise use provided requestedTenant
+    const effectiveRequestedTenant = customDomainPlatformKey || requestedTenant;
     /**
      * Helper function to enhance tenants with platform metadata from user apps
      */
@@ -11012,24 +11577,32 @@ function TenantProvider({ children, fallback, onAuthSuccess, onAuthFailure, curr
                 const otherTenant = tenants.find((t) => t.key !== MAIN_TENANT_KEY);
                 if (mainTenant &&
                     otherTenant &&
-                    requestedTenant &&
-                    requestedTenant !== otherTenant.key) {
+                    effectiveRequestedTenant &&
+                    effectiveRequestedTenant !== otherTenant.key) {
                     handleTenantSwitch(otherTenant.key, true);
                     console.log("TenantProvider: Triggering tenant switch to newly joined tenant:", otherTenant.key);
                 }
             }
-            // Enhance tenants with platform metadata
+            // Enhance tenants with platform metadatax
             let enhancedTenants = await enhanceTenants(tenants);
+            // if there is customDomainPlatformKey and user doesn't belong to that tenant, trigger logout
+            if (customDomainPlatformKey) {
+                if (!(enhancedTenants === null || enhancedTenants === void 0 ? void 0 : enhancedTenants.find((tenant) => tenant.key === customDomainPlatformKey))) {
+                    redirectToAuthSpa === null || redirectToAuthSpa === void 0 ? void 0 : redirectToAuthSpa(undefined, undefined, true);
+                    return;
+                }
+            }
             saveUserTenants(enhancedTenants);
             // Find requested tenant or fallback to current tenant
-            console.log("checking requested tenant", { requestedTenant });
-            let tenant = enhancedTenants === null || enhancedTenants === void 0 ? void 0 : enhancedTenants.find((tenant) => tenant.key === requestedTenant);
-            console.log("requested tenant", { tenant });
+            console.log("checking requested tenant", JSON.stringify({
+                requestedTenant: effectiveRequestedTenant,
+                customDomainPlatformKey,
+            }));
+            let tenant = enhancedTenants === null || enhancedTenants === void 0 ? void 0 : enhancedTenants.find((tenant) => tenant.key === effectiveRequestedTenant);
+            console.log("requested tenant", tenant);
             if (!tenant && !userIsAccessingPublicRoute) {
                 setDetermineUserPath(true);
-                console.log("no requested tenant, checking current tenant", {
-                    currentTenant,
-                });
+                console.log("no requested tenant, checking current tenant", currentTenant);
                 tenant = enhancedTenants === null || enhancedTenants === void 0 ? void 0 : enhancedTenants.find((tenant) => tenant.key === currentTenant);
                 console.log("current tenant", { tenant });
             }
@@ -11041,7 +11614,7 @@ function TenantProvider({ children, fallback, onAuthSuccess, onAuthFailure, curr
                 tenant = enhancedTenants[0];
             }
             // Fetch and validate tenant metadata
-            console.log("fetching tenant metadata", { tenant });
+            console.log("fetching tenant metadata", JSON.stringify(tenant));
             const { data: tenantMetadata } = await fetchTenantMetadata([
                 {
                     org: (tenant === null || tenant === void 0 ? void 0 : tenant.key) || currentTenant,
@@ -11183,28 +11756,44 @@ function TenantProvider({ children, fallback, onAuthSuccess, onAuthFailure, curr
     }
     // Effect to handle tenant determination when auth state changes
     React__default.useEffect(() => {
+        // Wait for custom domain query to complete (unless skipped or error)
+        const customDomainQuerySkipped = !isWeb() || !currentDomain;
+        if (!customDomainQuerySkipped && isLoadingCustomDomain) {
+            console.log("[TenantProvider] Waiting for custom domain query to complete...");
+            return;
+        }
+        if (isCustomDomainError) {
+            console.warn("[TenantProvider] Custom domain query failed, proceeding without custom domain platform_key");
+        }
         // NOTE: currentTenant comes from local storage.
         // it's the tenant the user is currently signed into.
         console.log("determineWhichTenantToUse", {
             userIsAccessingPublicRoute,
             currentTenant,
             requestedTenant,
+            effectiveRequestedTenant,
+            customDomainPlatformKey,
         });
-        if (userIsAccessingPublicRoute && requestedTenant.length === 0) {
+        if (userIsAccessingPublicRoute && effectiveRequestedTenant.length === 0) {
             setIsLoading(false);
             return;
         }
-        if (userIsAccessingPublicRoute && requestedTenant.length > 0) {
+        if (userIsAccessingPublicRoute && effectiveRequestedTenant.length > 0) {
             setIsLoading(true);
-            setTenantKey(requestedTenant);
-            handleLoadTenantMetadata(requestedTenant);
+            setTenantKey(effectiveRequestedTenant);
+            handleLoadTenantMetadata(effectiveRequestedTenant);
         }
         else {
             setIsLoading(true);
             removeVisitingTenant === null || removeVisitingTenant === void 0 ? void 0 : removeVisitingTenant();
             determineWhichTenantToUse();
         }
-    }, [userIsAccessingPublicRoute, requestedTenant]);
+    }, [
+        userIsAccessingPublicRoute,
+        effectiveRequestedTenant,
+        isLoadingCustomDomain,
+        isCustomDomainError,
+    ]);
     // Show fallback component during tenant determination
     if (isLoading) {
         return fallback;
@@ -11240,21 +11829,14 @@ function TenantProvider({ children, fallback, onAuthSuccess, onAuthFailure, curr
 function MentorProvider({ children, fallback, onAuthSuccess, onAuthFailure, redirectToAuthSpa, redirectToMentor, onLoadMentorsPermissions, redirectToNoMentorsPage, redirectToCreateMentor, username, isAdmin, mainTenantKey, requestedMentorId, handleMentorNotFound, forceDetermineMentor = false, }) {
     const [isLoading, setIsLoading] = useState(true);
     const { userIsAccessingPublicRoute } = useAuthContext();
-    const { determineUserPath, tenantKey } = useTenantContext();
+    const { determineUserPath, tenantKey, metadata } = useTenantContext();
     const isMainTenant = tenantKey === mainTenantKey;
-    console.log("MentorProvider initialized", {
-        username,
-        isAdmin,
-        tenantKey,
-        mainTenantKey,
-        isMainTenant,
-        requestedMentorId,
-        determineUserPath,
-    });
+    console.log("MentorProvider initialized", username, isAdmin, tenantKey, mainTenantKey, isMainTenant, requestedMentorId, determineUserPath);
     const [fetchMentors] = useLazyGetMentorsQuery();
     const [fetchSeedMentors] = useLazySeedMentorsQuery();
     const [getMentorPublicSettings] = useLazyGetMentorPublicSettingsQuery();
     const [getRbacPermissions] = useGetRbacPermissionsMutation();
+    const [getRecentlyAccessedMentors] = useLazyGetRecentlyAccessedMentorsQuery();
     const QUERY_LIMIT = 10;
     const loadMentorsPermissions = async (mentorDbId) => {
         try {
@@ -11281,21 +11863,69 @@ function MentorProvider({ children, fallback, onAuthSuccess, onAuthFailure, redi
      */
     async function determineMentorToRedirectTo() {
         var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s;
-        console.log("starting mentor determination process", {
+        console.log("starting mentor determination process", JSON.stringify({
             tenantKey,
             username,
             isAdmin,
             isMainTenant,
-        });
+        }));
+        console.log("###################### metadata is ", metadata, typeof metadata);
         setIsLoading(true);
         try {
             // Get the user's recent mentors
-            console.log("fetching recent mentors", {
+            console.log("fetching recent mentors", JSON.stringify({
                 tenantKey,
                 username,
                 limit: QUERY_LIMIT,
                 orderBy: "recently_accessed_at",
+            }));
+            if (typeof metadata === "object" &&
+                metadata.skills_embedded_mentor_name) {
+                const defaultMentor = JSON.parse(metadata.skills_embedded_mentor_name);
+                if (defaultMentor === null || defaultMentor === void 0 ? void 0 : defaultMentor.unique_id) {
+                    if (defaultMentor === null || defaultMentor === void 0 ? void 0 : defaultMentor.id) {
+                        const rbacPermissions = await loadMentorsPermissions(defaultMentor === null || defaultMentor === void 0 ? void 0 : defaultMentor.id);
+                        onLoadMentorsPermissions === null || onLoadMentorsPermissions === void 0 ? void 0 : onLoadMentorsPermissions(rbacPermissions);
+                    }
+                    redirectToMentor(tenantKey, defaultMentor.unique_id);
+                    onAuthSuccess === null || onAuthSuccess === void 0 ? void 0 : onAuthSuccess();
+                    return;
+                }
+            }
+            // Check for recently accessed mentors (second choice)
+            console.log("checking recently accessed mentors", JSON.stringify({
+                tenantKey,
+                username,
+            }));
+            const recentlyAccessedResult = await getRecentlyAccessedMentors({
+                org: tenantKey,
+                // @ts-ignore
+                userId: username,
             });
+            // @ts-ignore
+            const recentlyAccessedMentors = recentlyAccessedResult.data;
+            const starredMentors = recentlyAccessedMentors === null || recentlyAccessedMentors === void 0 ? void 0 : recentlyAccessedMentors.starred_mentors;
+            let recentMentors = recentlyAccessedMentors === null || recentlyAccessedMentors === void 0 ? void 0 : recentlyAccessedMentors.recent_mentors;
+            if (starredMentors.length > 0) {
+                const starredMentor = starredMentors[0];
+                if (starredMentor === null || starredMentor === void 0 ? void 0 : starredMentor.unique_id) {
+                    const rbacPermissions = await loadMentorsPermissions(starredMentor === null || starredMentor === void 0 ? void 0 : starredMentor.id);
+                    onLoadMentorsPermissions === null || onLoadMentorsPermissions === void 0 ? void 0 : onLoadMentorsPermissions(rbacPermissions);
+                    redirectToMentor(tenantKey, starredMentor.unique_id);
+                    onAuthSuccess === null || onAuthSuccess === void 0 ? void 0 : onAuthSuccess();
+                    return;
+                }
+            }
+            if (recentMentors.length > 0) {
+                const recentMentor = recentMentors[0];
+                if (recentMentor === null || recentMentor === void 0 ? void 0 : recentMentor.unique_id) {
+                    const rbacPermissions = await loadMentorsPermissions(recentMentor === null || recentMentor === void 0 ? void 0 : recentMentor.id);
+                    onLoadMentorsPermissions === null || onLoadMentorsPermissions === void 0 ? void 0 : onLoadMentorsPermissions(rbacPermissions);
+                    redirectToMentor(tenantKey, recentMentor.unique_id);
+                    onAuthSuccess === null || onAuthSuccess === void 0 ? void 0 : onAuthSuccess();
+                    return;
+                }
+            }
             const recentMentorsResult = await fetchMentors({
                 // @ts-ignore
                 org: tenantKey,
@@ -11303,20 +11933,20 @@ function MentorProvider({ children, fallback, onAuthSuccess, onAuthFailure, redi
                 limit: QUERY_LIMIT,
                 orderBy: "recently_accessed_at",
             });
-            const recentMentors = ((_a = recentMentorsResult.data) === null || _a === void 0 ? void 0 : _a.results) || [];
-            console.log("recent mentors fetched", {
+            recentMentors = ((_a = recentMentorsResult.data) === null || _a === void 0 ? void 0 : _a.results) || [];
+            console.log("recent mentors fetched", JSON.stringify({
                 count: recentMentors.length,
                 mentorIds: recentMentors.map((m) => m === null || m === void 0 ? void 0 : m.unique_id),
-            });
+            }));
             // Check if we found recent mentors for the tenant
             if (recentMentors.length > 0) {
                 const selectedMentorId = ((_b = recentMentors[0]) === null || _b === void 0 ? void 0 : _b.unique_id) || "";
                 const selectedMentorDbId = ((_c = recentMentors[0]) === null || _c === void 0 ? void 0 : _c.id) || "";
-                console.log("redirecting to recent mentor", {
+                console.log("redirecting to recent mentor", JSON.stringify({
                     selectedMentorId,
                     mentorName: (_d = recentMentors[0]) === null || _d === void 0 ? void 0 : _d.name,
                     tenantKey,
-                });
+                }));
                 const rbacPermissions = await loadMentorsPermissions(selectedMentorDbId);
                 // Select the most recent mentor as current mentor
                 onLoadMentorsPermissions === null || onLoadMentorsPermissions === void 0 ? void 0 : onLoadMentorsPermissions(rbacPermissions);
@@ -11518,6 +12148,9 @@ function MentorProvider({ children, fallback, onAuthSuccess, onAuthFailure, redi
                 isAdmin,
             });
             onAuthFailure === null || onAuthFailure === void 0 ? void 0 : onAuthFailure(`Unexpected error: ${errorMessage}`);
+            console.log("[auth-redirect] Unexpected error in mentor provider", {
+                error: errorMessage,
+            });
             redirectToAuthSpa();
         }
         finally {
@@ -11525,11 +12158,7 @@ function MentorProvider({ children, fallback, onAuthSuccess, onAuthFailure, redi
         }
     }
     async function mentorExistsInTenant(tenantKey, requestedMentorId) {
-        console.log("checking if mentor exists in tenant", {
-            tenantKey,
-            requestedMentorId,
-            username,
-        });
+        console.log("checking if mentor exists in tenant", tenantKey, requestedMentorId, username);
         try {
             const response = await getMentorPublicSettings({
                 // @ts-ignore
@@ -11558,11 +12187,7 @@ function MentorProvider({ children, fallback, onAuthSuccess, onAuthFailure, redi
     // Effect to handle mentor determination when tenant path is determined
     React__default.useEffect(() => {
         async function checkMentor() {
-            console.log("starting mentor check process", {
-                determineUserPath,
-                requestedMentorId,
-                tenantKey,
-            });
+            console.log("starting mentor check process", determineUserPath, requestedMentorId, tenantKey);
             if (userIsAccessingPublicRoute && !requestedMentorId) {
                 setIsLoading(false);
                 return;
@@ -11582,11 +12207,11 @@ function MentorProvider({ children, fallback, onAuthSuccess, onAuthFailure, redi
                 const [mentorExists, requestedMentorDbId] = await mentorExistsInTenant(tenantKey, requestedMentorId);
                 // If the mentor does not exist in the tenant, redirect the user to the correct mentor
                 if (!mentorExists) {
-                    console.log("requested mentor not found in tenant", {
+                    console.log("requested mentor not found in tenant", JSON.stringify({
                         requestedMentorId,
                         tenantKey,
                         hasCustomHandler: !!handleMentorNotFound,
-                    });
+                    }));
                     if (handleMentorNotFound) {
                         console.log("calling custom mentor not found handler");
                         await handleMentorNotFound();
@@ -11598,9 +12223,7 @@ function MentorProvider({ children, fallback, onAuthSuccess, onAuthFailure, redi
                     return;
                 }
                 else {
-                    console.log("requested mentor exists in tenant, proceeding", {
-                        requestedMentorId,
-                    });
+                    console.log("requested mentor exists in tenant, proceeding", requestedMentorId);
                     if (requestedMentorDbId) {
                         const rbacPermissions = await loadMentorsPermissions(requestedMentorDbId);
                         onLoadMentorsPermissions === null || onLoadMentorsPermissions === void 0 ? void 0 : onLoadMentorsPermissions(rbacPermissions);
@@ -12072,7 +12695,7 @@ function formatProdErrorMessage(code) {
 
 const defaultSessionIds = Object.fromEntries(Object.keys(advancedTabsProperties).map((key) => [key, ""]));
 const defaultChatState = Object.fromEntries(Object.keys(advancedTabsProperties).map((key) => [key, []]));
-const initialState = {
+const initialState$1 = {
     chats: defaultChatState,
     isTyping: false,
     streaming: false,
@@ -12100,7 +12723,7 @@ const initialState = {
 };
 const chatSlice = createSlice({
     name: "chatSliceShared",
-    initialState,
+    initialState: initialState$1,
     reducers: {
         setChats: (state, action) => {
             state.chats = action.payload;
@@ -12204,6 +12827,25 @@ const chatSlice = createSlice({
         setShowingSharedChat: (state, action) => {
             state.showingSharedChat = action.payload;
         },
+        updateFileUrlInMessage: (state, action) => {
+            const { fileId, fileUrl } = action.payload;
+            // Update all tabs' messages that have this file
+            Object.keys(state.chats).forEach((tab) => {
+                state.chats[tab] = state.chats[tab].map((message) => {
+                    if (message.fileAttachments && message.fileAttachments.length > 0) {
+                        const updatedAttachments = message.fileAttachments.map((attachment) => {
+                            // Match by fileId
+                            if (attachment.fileId === fileId) {
+                                return { ...attachment, uploadUrl: fileUrl };
+                            }
+                            return attachment;
+                        });
+                        return { ...message, fileAttachments: updatedAttachments };
+                    }
+                    return message;
+                });
+            });
+        },
     },
 });
 const chatActions = chatSlice.actions;
@@ -12487,6 +13129,61 @@ function useTimeTrackerNative(config) {
     };
 }
 
+const initialState = {
+    attachedFiles: [],
+};
+const filesSlice = createSlice({
+    name: "files",
+    initialState,
+    reducers: {
+        addFiles: (state, action) => {
+            state.attachedFiles = [...state.attachedFiles, ...action.payload];
+        },
+        updateFileProgress: (state, action) => {
+            state.attachedFiles = state.attachedFiles.map((file) => file.id === action.payload.id
+                ? { ...file, uploadProgress: action.payload.progress }
+                : file);
+        },
+        updateFileStatus: (state, action) => {
+            state.attachedFiles = state.attachedFiles.map((file) => file.id === action.payload.id
+                ? { ...file, uploadStatus: action.payload.status }
+                : file);
+        },
+        updateFileUrl: (state, action) => {
+            state.attachedFiles = state.attachedFiles.map((file) => file.id === action.payload.id
+                ? { ...file, uploadUrl: action.payload.uploadUrl }
+                : file);
+        },
+        updateFileMetadata: (state, action) => {
+            state.attachedFiles = state.attachedFiles.map((file) => file.id === action.payload.id
+                ? {
+                    ...file,
+                    fileKey: action.payload.fileKey,
+                    fileId: action.payload.fileId,
+                }
+                : file);
+        },
+        updateFileRetryCount: (state, action) => {
+            state.attachedFiles = state.attachedFiles.map((file) => file.id === action.payload.id
+                ? { ...file, retryCount: action.payload.retryCount }
+                : file);
+        },
+        updateFileUrlFromWebSocket: (state, action) => {
+            state.attachedFiles = state.attachedFiles.map((file) => file.fileId === action.payload.fileId
+                ? { ...file, fileUrl: action.payload.fileUrl }
+                : file);
+        },
+        removeFile: (state, action) => {
+            state.attachedFiles = state.attachedFiles.filter((file) => file.id !== action.payload);
+        },
+        clearFiles: (state) => {
+            state.attachedFiles = [];
+        },
+    },
+});
+const { addFiles, removeFile, clearFiles, updateFileProgress, updateFileStatus, updateFileUrl, updateFileMetadata, updateFileRetryCount, updateFileUrlFromWebSocket, } = filesSlice.actions;
+const filesReducer = filesSlice.reducer;
+
 const useChat = ({ wsUrl, wsToken, flowConfig, sessionId, stopGenerationWsUrl, enableHaptics = false, hapticFeedback, store, errorHandler, onStatusChange, onStreamingChange, onStreamingMessageUpdate, WebSocketImpl = WebSocket, redirectToAuthSpa, sendMessageToParentWebsite, on402Error, }) => {
     const dispatch = useDispatch();
     const isWebSocketPaused = useRef(false);
@@ -12522,8 +13219,8 @@ const useChat = ({ wsUrl, wsToken, flowConfig, sessionId, stopGenerationWsUrl, e
         }
         if (!wsToken) {
             if (!userIsAccessingPublicRoute) {
-                console.error("Token is missing for non-anonymous user");
-                redirectToAuthSpa();
+                console.log("[auth-redirect] WebSocket token is missing for non-anonymous user");
+                redirectToAuthSpa(undefined, undefined, true);
                 return;
             }
         }
@@ -12578,6 +13275,16 @@ const useChat = ({ wsUrl, wsToken, flowConfig, sessionId, stopGenerationWsUrl, e
                     onStreamingChange(!!messageData.isTyping);
                     return;
                 }
+                // Handle file processing success
+                if (messageData.type === "file_processing_success") {
+                    console.log("🟣 File processing success:", messageData);
+                    dispatch(chatActions.updateFileUrlInMessage({
+                        fileId: messageData.file_id,
+                        fileName: messageData.file_name,
+                        fileUrl: messageData.file_url,
+                    }));
+                    return;
+                }
                 // Handle start of new streaming session
                 if (messageData.generation_id &&
                     !messageData.data &&
@@ -12673,19 +13380,31 @@ const useChat = ({ wsUrl, wsToken, flowConfig, sessionId, stopGenerationWsUrl, e
         };
     };
     const sendMessage = useCallback(async (tab, text, options) => {
-        var _a;
+        var _a, _b;
         dispatch(chatActions.setShowingSharedChat(false));
-        if (!text.trim())
+        // Allow sending if there's text OR file references
+        if (!text.trim() &&
+            (!(options === null || options === void 0 ? void 0 : options.fileReferences) || options.fileReferences.length === 0)) {
             return;
+        }
         onStatusChange("pending");
         isWebSocketPaused.current = false;
         await triggerHapticFeedback();
+        // Create file attachments array from file references if present
+        const fileAttachments = (_a = options === null || options === void 0 ? void 0 : options.fileReferences) === null || _a === void 0 ? void 0 : _a.map((ref) => ({
+            fileName: ref.file_name,
+            fileType: ref.content_type,
+            fileSize: ref.file_size,
+            uploadUrl: ref.upload_url, // Include URL for display
+            fileId: ref.file_id, // Include fileId for matching WebSocket updates
+        }));
         const userMessage = {
             id: `user-${Date.now()}`,
             role: "user",
             content: text,
             timestamp: new Date().toISOString(),
-            visible: (_a = options === null || options === void 0 ? void 0 : options.visible) !== null && _a !== void 0 ? _a : true,
+            visible: (_b = options === null || options === void 0 ? void 0 : options.visible) !== null && _b !== void 0 ? _b : true,
+            fileAttachments,
         };
         // Notify parent to add user message
         // onAddUserMessage?.(tab, userMessage);
@@ -12697,8 +13416,14 @@ const useChat = ({ wsUrl, wsToken, flowConfig, sessionId, stopGenerationWsUrl, e
             flow: flowConfig,
             session_id: sessionId,
             token: wsToken,
-            prompt: text,
+            prompt: text || "", // Allow empty prompt when sending files
         };
+        if ((options === null || options === void 0 ? void 0 : options.fileReferences) && options.fileReferences.length > 0) {
+            messageData = {
+                ...messageData,
+                file_references: options.fileReferences,
+            };
+        }
         if (iframeContext.pageContent) {
             messageData = {
                 ...messageData,
@@ -12883,7 +13608,7 @@ function useMentorSettings({ mentorId, tenantKey, username }) {
     };
 }
 
-function useAdvancedChat({ tenantKey, mentorId, username = ANONYMOUS_USERNAME, token, wsUrl, stopGenerationWsUrl, redirectToAuthSpa, errorHandler, sendMessageToParentWebsite, isPreviewMode, mentorShareableToken, on402Error, }) {
+function useAdvancedChat({ tenantKey, mentorId, username = ANONYMOUS_USERNAME, token, wsUrl, stopGenerationWsUrl, redirectToAuthSpa, errorHandler, sendMessageToParentWebsite, isPreviewMode, mentorShareableToken, on402Error, cachedSessionId, onStartNewChat, }) {
     var _a, _b, _c, _d;
     const dispatch = useDispatch();
     const [createSessionId, { isLoading: isLoadingSessionIds }] = useCreateSessionIdMutation();
@@ -12922,7 +13647,7 @@ function useAdvancedChat({ tenantKey, mentorId, username = ANONYMOUS_USERNAME, t
             username,
             pathway: mentorId,
         },
-        sessionId: sessionIds[activeTab],
+        sessionId: cachedSessionId !== null && cachedSessionId !== void 0 ? cachedSessionId : sessionIds[activeTab],
         activeTab,
         wsToken: token,
         errorHandler,
@@ -12933,6 +13658,49 @@ function useAdvancedChat({ tenantKey, mentorId, username = ANONYMOUS_USERNAME, t
         onStatusChange,
         on402Error,
     });
+    const [getSessionChats, { isError: isErrorGettingSessionChats }] = useLazyGetSessionIdQuery();
+    useEffect(() => {
+        const getChats = async () => {
+            var _a;
+            try {
+                const { data } = await getSessionChats({
+                    sessionId: cachedSessionId !== null && cachedSessionId !== void 0 ? cachedSessionId : "",
+                    org: tenantKey,
+                    share: true,
+                });
+                let previousChats = [];
+                try {
+                    previousChats =
+                        ((_a = data === null || data === void 0 ? void 0 : data.results) === null || _a === void 0 ? void 0 : _a.map((result) => {
+                            return {
+                                ...result,
+                                role: result.type === "human" ? "user" : "assistant",
+                                visible: true,
+                                id: new Date().getTime(),
+                                content: typeof result.content === "object" &&
+                                    result.content.length > 0
+                                    ? result.content[0].text
+                                    : result.content,
+                            };
+                        }).reverse()) || [];
+                }
+                catch (error) {
+                    console.error(JSON.stringify(error));
+                }
+                dispatch(chatActions.setNewMessages(previousChats));
+            }
+            catch (error) {
+                console.error(JSON.stringify(error));
+            }
+        };
+        if (cachedSessionId) {
+            dispatch(chatActions.updateSessionIds(cachedSessionId));
+            getChats();
+        }
+    }, [cachedSessionId]);
+    useEffect(() => {
+    }, [isErrorGettingSessionChats]);
+    useEffect(() => { }, []);
     const startNewChat = React__default.useCallback(async () => {
         // Reset all chat state
         if (!showingSharedChat) {
@@ -12942,6 +13710,7 @@ function useAdvancedChat({ tenantKey, mentorId, username = ANONYMOUS_USERNAME, t
         dispatch(chatActions.setStreaming(false));
         dispatch(chatActions.resetCurrentStreamingMessage(undefined));
         dispatch(chatActions.setTools([]));
+        dispatch(clearFiles(undefined));
         if (isPreviewMode) {
             return;
         }
@@ -12952,6 +13721,7 @@ function useAdvancedChat({ tenantKey, mentorId, username = ANONYMOUS_USERNAME, t
                 // @ts-ignore
                 requestBody["shareable_link_token"] = mentorShareableToken;
             }
+            console.log("[startNewChat] requestBody", tenantKey, username, JSON.stringify(requestBody));
             const response = await createSessionId({
                 org: tenantKey,
                 // @ts-ignore
@@ -12959,10 +13729,12 @@ function useAdvancedChat({ tenantKey, mentorId, username = ANONYMOUS_USERNAME, t
                 requestBody,
             }).unwrap();
             dispatch(chatActions.updateSessionIds(response.session_id));
-            // dispatch(chatActions.setShouldStartNewChat(false));
+            onStartNewChat === null || onStartNewChat === void 0 ? void 0 : onStartNewChat(response.session_id);
         }
         catch (error) {
-            errorHandler === null || errorHandler === void 0 ? void 0 : errorHandler("Failed to start new chat");
+            errorHandler === null || errorHandler === void 0 ? void 0 : errorHandler(`Failed to start new chat: ${JSON.stringify(error)}`);
+            console.log("[auth-redirect] Failed to start new chat", JSON.stringify({ error }));
+            redirectToAuthSpa(undefined, undefined, true);
         }
     }, [
         isPreviewMode,
@@ -12976,7 +13748,7 @@ function useAdvancedChat({ tenantKey, mentorId, username = ANONYMOUS_USERNAME, t
     ]);
     React__default.useEffect(() => {
         if (!showingSharedChat || mentorSettings.allowAnonymous) {
-            if (mentorSettings.allowAnonymous !== undefined) {
+            if (mentorSettings.allowAnonymous !== undefined && !cachedSessionId) {
                 startNewChat();
             }
         }
@@ -13028,7 +13800,7 @@ function useAdvancedChat({ tenantKey, mentorId, username = ANONYMOUS_USERNAME, t
             }
         }
         catch (error) {
-            errorHandler === null || errorHandler === void 0 ? void 0 : errorHandler("Failed to start new chat");
+            errorHandler === null || errorHandler === void 0 ? void 0 : errorHandler(`Failed to start new chat: ${error}`);
             return;
         }
     }
@@ -17918,5 +18690,123 @@ const tenantSchema = z.object({
 });
 const tenantKeySchema = z.string().min(1);
 
-export { ALPHANUMERIC_32_REGEX, ANONYMOUS_USERNAME, AuthContext, AuthContextProvider, AuthProvider, LOCAL_STORAGE_KEYS, MAX_INITIAL_WEBSOCKET_CONNECTION_ATTEMPTS, MENTOR_CHAT_DOCUMENTS_EXTENSIONS, METADATAS, MentorProvider, SUBSCRIPTION_MESSAGES, SUBSCRIPTION_PACKAGES, SUBSCRIPTION_TRIGGERS, SUBSCRIPTION_V2_TRIGGERS, SubscriptionFlow, SubscriptionFlowV2, TOOLS, TenantContext, TenantContextProvider, TenantProvider, TimeTracker, addProtocolToUrl, advancedTabs, advancedTabsProperties, chatActions, chatSliceReducerShared, clearAuthCookies, defaultSessionIds, formatRelativeTime, getInitials, getTimeAgo, getUserName, isAlphaNumeric32, isJSON, loadMetadataConfig, selectActiveChatMessages, selectActiveTab, selectChats, selectCurrentStreamingMessage, selectDocumentFilter, selectIframeContext, selectIsError, selectIsPending, selectIsStopped, selectIsTyping, selectNumberOfActiveChatMessages, selectSessionId, selectSessionIds, selectShouldStartNewChat, selectShowingSharedChat, selectStatus, selectStreaming, selectToken, selectTokenEnabled, selectTools, syncAuthToCookies, tenantKeySchema, tenantSchema, translatePrompt, useAdvancedChat, useAuthContext, useAuthProvider, useChat, useDayJs, useExternalPricingPlan, useMentorSettings, useMentorTools, useProfileImageUpload, useSubscriptionHandler, useSubscriptionHandlerV2, useTenantContext, useTenantMetadata, useTimeTracker, useTimeTrackerNative, useUserProfileUpdate, userDataSchema };
+/**
+ * Chat area size constants
+ */
+const CHAT_AREA_SIZE = {
+    DEFAULT: 672,
+    MIN: 672,
+    MAX: 1024,
+};
+
+/**
+ * Extract file information from File object
+ */
+function getFileInfo(file) {
+    const fileName = file.name;
+    const contentType = file.type || "application/octet-stream";
+    const fileSize = file.size;
+    return {
+        fileName,
+        contentType,
+        fileSize,
+    };
+}
+/**
+ * Request presigned S3 URL from backend
+ * Note: This function should be called via the RTK Query mutation hook
+ * This is a helper to show the data flow
+ */
+async function requestPresignedUrl(sessionId, file, getUploadUrlFn, org, userId) {
+    const { fileName, contentType, fileSize } = getFileInfo(file);
+    return await getUploadUrlFn({
+        org,
+        userId,
+        requestBody: {
+            session_id: sessionId,
+            file_name: fileName,
+            content_type: contentType,
+            file_size: fileSize,
+        },
+    });
+}
+/**
+ * Upload file directly to S3 using presigned URL
+ * Uses axios for cross-platform support (web + React Native)
+ */
+async function uploadToS3(presignedUrl, file, contentType, onProgress) {
+    await axios.put(presignedUrl, file, {
+        headers: {
+            "Content-Type": contentType,
+        },
+        onUploadProgress: (progressEvent) => {
+            if (onProgress && progressEvent.total) {
+                const progress = Math.round((progressEvent.loaded / progressEvent.total) * 100);
+                onProgress(progress);
+            }
+        },
+    });
+}
+/**
+ * Complete file upload flow:
+ * 1. Request presigned URL
+ * 2. Upload to S3
+ * 3. Return file reference
+ */
+async function createFileReference(file, sessionId, getUploadUrlFn, org, userId, onProgress) {
+    // Step 1: Get presigned URL
+    const presignedResponse = await requestPresignedUrl(sessionId, file, getUploadUrlFn, org, userId);
+    // Step 2: Upload to S3
+    const { fileName, contentType, fileSize } = getFileInfo(file);
+    await uploadToS3(presignedResponse.upload_url, file, contentType, onProgress);
+    // Step 3: Return file reference
+    return {
+        file_id: presignedResponse.file_id,
+        file_key: presignedResponse.file_key,
+        file_name: fileName,
+        content_type: contentType,
+        file_size: fileSize,
+    };
+}
+/**
+ * Upload multiple files and return their references
+ */
+async function createMultipleFileReferences(files, sessionId, getUploadUrlFn, org, userId, onFileProgress) {
+    const fileReferences = [];
+    for (let i = 0; i < files.length; i++) {
+        const file = files[i];
+        const onProgress = onFileProgress
+            ? (progress) => onFileProgress(i, progress)
+            : undefined;
+        const fileReference = await createFileReference(file, sessionId, getUploadUrlFn, org, userId, onProgress);
+        fileReferences.push(fileReference);
+    }
+    return fileReferences;
+}
+/**
+ * Validate file before upload
+ * Returns error message if invalid, null if valid
+ */
+function validateFile(file, maxSizeBytes, allowedTypes) {
+    var _a;
+    // Check file size
+    if (maxSizeBytes && file.size > maxSizeBytes) {
+        const maxSizeMB = (maxSizeBytes / (1024 * 1024)).toFixed(2);
+        const fileSizeMB = (file.size / (1024 * 1024)).toFixed(2);
+        return `File size (${fileSizeMB}MB) exceeds maximum allowed size (${maxSizeMB}MB)`;
+    }
+    // Check file type
+    if (allowedTypes && allowedTypes.length > 0) {
+        const fileExtension = (_a = file.name.split(".").pop()) === null || _a === void 0 ? void 0 : _a.toLowerCase();
+        const fileType = file.type.toLowerCase();
+        const isTypeAllowed = allowedTypes.some((allowed) => fileType.includes(allowed.toLowerCase()) ||
+            fileExtension === allowed.toLowerCase().replace(".", ""));
+        if (!isTypeAllowed) {
+            return `File type not allowed. Allowed types: ${allowedTypes.join(", ")}`;
+        }
+    }
+    return null;
+}
+
+export { ALPHANUMERIC_32_REGEX, ANONYMOUS_USERNAME, AuthContext, AuthContextProvider, AuthProvider, CHAT_AREA_SIZE, LOCAL_STORAGE_KEYS, MAX_INITIAL_WEBSOCKET_CONNECTION_ATTEMPTS, MENTOR_CHAT_DOCUMENTS_EXTENSIONS, METADATAS, MentorProvider, SUBSCRIPTION_MESSAGES, SUBSCRIPTION_PACKAGES, SUBSCRIPTION_TRIGGERS, SUBSCRIPTION_V2_TRIGGERS, SubscriptionFlow, SubscriptionFlowV2, TOOLS, TenantContext, TenantContextProvider, TenantProvider, TimeTracker, addFiles, addProtocolToUrl, advancedTabs, advancedTabsProperties, chatActions, chatSliceReducerShared, clearAuthCookies, clearCookies, clearCurrentTenantCookie, clearFiles, createFileReference, createMultipleFileReferences, defaultSessionIds, deleteCookie, deleteCookieOnAllDomains, filesReducer, filesSlice, formatRelativeTime, getAuthSpaJoinUrl, getDomainParts, getFileInfo, getInitials, getParentDomain, getPlatformKey, getTimeAgo, getUserName, handleLogout, isAlphaNumeric32, isInIframe, isJSON, isLoggedIn, loadMetadataConfig, redirectToAuthSpa, redirectToAuthSpaJoinTenant, removeFile, requestPresignedUrl, selectActiveChatMessages, selectActiveTab, selectChats, selectCurrentStreamingMessage, selectDocumentFilter, selectIframeContext, selectIsError, selectIsPending, selectIsStopped, selectIsTyping, selectNumberOfActiveChatMessages, selectSessionId, selectSessionIds, selectShouldStartNewChat, selectShowingSharedChat, selectStatus, selectStreaming, selectToken, selectTokenEnabled, selectTools, sendMessageToParentWebsite, setCookieForAuth, syncAuthToCookies, tenantKeySchema, tenantSchema, translatePrompt, updateFileMetadata, updateFileProgress, updateFileRetryCount, updateFileStatus, updateFileUrl, updateFileUrlFromWebSocket, uploadToS3, useAdvancedChat, useAuthContext, useAuthProvider, useChat, useDayJs, useExternalPricingPlan, useMentorSettings, useMentorTools, useProfileImageUpload, useSubscriptionHandler, useSubscriptionHandlerV2, useTenantContext, useTenantMetadata, useTimeTracker, useTimeTrackerNative, useUserProfileUpdate, userDataSchema, validateFile };
 //# sourceMappingURL=index.esm.js.map