@insforge/react 1.1.7-dev.0 → 1.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +17 -0
- package/dist/index.cjs.map +1 -1
- package/dist/index.js +17 -0
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.cjs
CHANGED
|
@@ -565,10 +565,27 @@ var InsforgeManager = class _InsforgeManager {
|
|
|
565
565
|
const state = this.getState();
|
|
566
566
|
this.listeners.forEach((listener) => listener(state));
|
|
567
567
|
}
|
|
568
|
+
/**
|
|
569
|
+
* Clean up sensitive auth parameters from URL
|
|
570
|
+
* This is needed because SDK's detectAuthCallback may not run in Next.js
|
|
571
|
+
* when the SDK client is created at module level (before hydration)
|
|
572
|
+
*/
|
|
573
|
+
cleanUrlParams() {
|
|
574
|
+
if (typeof window === "undefined") return;
|
|
575
|
+
const params = new URLSearchParams(window.location.search);
|
|
576
|
+
const authParams = ["access_token", "user_id", "email", "name", "csrf_token", "error"];
|
|
577
|
+
const hasAuthParams = authParams.some((p) => params.has(p));
|
|
578
|
+
if (hasAuthParams) {
|
|
579
|
+
const url = new URL(window.location.href);
|
|
580
|
+
authParams.forEach((p) => url.searchParams.delete(p));
|
|
581
|
+
window.history.replaceState({}, document.title, url.toString());
|
|
582
|
+
}
|
|
583
|
+
}
|
|
568
584
|
// Load auth state
|
|
569
585
|
// Gets session and user data from getCurrentSession()
|
|
570
586
|
// Called after hydration to restore authentication state
|
|
571
587
|
async loadAuthState() {
|
|
588
|
+
this.cleanUrlParams();
|
|
572
589
|
try {
|
|
573
590
|
const {
|
|
574
591
|
data: { session }
|