@insforge/react 1.1.7-dev.0 → 1.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +17 -0
- package/dist/index.cjs.map +1 -1
- package/dist/index.js +17 -0
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -544,10 +544,27 @@ var InsforgeManager = class _InsforgeManager {
|
|
|
544
544
|
const state = this.getState();
|
|
545
545
|
this.listeners.forEach((listener) => listener(state));
|
|
546
546
|
}
|
|
547
|
+
/**
|
|
548
|
+
* Clean up sensitive auth parameters from URL
|
|
549
|
+
* This is needed because SDK's detectAuthCallback may not run in Next.js
|
|
550
|
+
* when the SDK client is created at module level (before hydration)
|
|
551
|
+
*/
|
|
552
|
+
cleanUrlParams() {
|
|
553
|
+
if (typeof window === "undefined") return;
|
|
554
|
+
const params = new URLSearchParams(window.location.search);
|
|
555
|
+
const authParams = ["access_token", "user_id", "email", "name", "csrf_token", "error"];
|
|
556
|
+
const hasAuthParams = authParams.some((p) => params.has(p));
|
|
557
|
+
if (hasAuthParams) {
|
|
558
|
+
const url = new URL(window.location.href);
|
|
559
|
+
authParams.forEach((p) => url.searchParams.delete(p));
|
|
560
|
+
window.history.replaceState({}, document.title, url.toString());
|
|
561
|
+
}
|
|
562
|
+
}
|
|
547
563
|
// Load auth state
|
|
548
564
|
// Gets session and user data from getCurrentSession()
|
|
549
565
|
// Called after hydration to restore authentication state
|
|
550
566
|
async loadAuthState() {
|
|
567
|
+
this.cleanUrlParams();
|
|
551
568
|
try {
|
|
552
569
|
const {
|
|
553
570
|
data: { session }
|