@insforge/sdk 0.0.58-dev.8 → 0.0.59-dev.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +63 -16
- package/dist/index.d.ts +63 -16
- package/dist/index.js +104 -23
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +104 -23
- package/dist/index.mjs.map +1 -1
- package/package.json +2 -2
package/dist/index.mjs
CHANGED
|
@@ -259,12 +259,12 @@ function convertDbProfileToCamelCase(dbProfile) {
|
|
|
259
259
|
const result = {
|
|
260
260
|
id: dbProfile.id
|
|
261
261
|
};
|
|
262
|
-
if (dbProfile.created_at !== void 0) result.createdAt = dbProfile.created_at;
|
|
263
|
-
if (dbProfile.updated_at !== void 0) result.updatedAt = dbProfile.updated_at;
|
|
264
262
|
Object.keys(dbProfile).forEach((key) => {
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
263
|
+
result[key] = dbProfile[key];
|
|
264
|
+
if (key.includes("_")) {
|
|
265
|
+
const camelKey = key.replace(/_([a-z])/g, (_, letter) => letter.toUpperCase());
|
|
266
|
+
result[camelKey] = dbProfile[key];
|
|
267
|
+
}
|
|
268
268
|
});
|
|
269
269
|
return result;
|
|
270
270
|
}
|
|
@@ -282,14 +282,14 @@ var Auth = class {
|
|
|
282
282
|
this.http = http;
|
|
283
283
|
this.tokenManager = tokenManager;
|
|
284
284
|
this.database = new Database(http, tokenManager);
|
|
285
|
-
this.
|
|
285
|
+
this.detectAuthCallback();
|
|
286
286
|
}
|
|
287
287
|
/**
|
|
288
288
|
* Automatically detect and handle OAuth callback parameters in the URL
|
|
289
289
|
* This runs on initialization to seamlessly complete the OAuth flow
|
|
290
290
|
* Matches the backend's OAuth callback response (backend/src/api/routes/auth.ts:540-544)
|
|
291
291
|
*/
|
|
292
|
-
|
|
292
|
+
detectAuthCallback() {
|
|
293
293
|
if (typeof window === "undefined") return;
|
|
294
294
|
try {
|
|
295
295
|
const params = new URLSearchParams(window.location.search);
|
|
@@ -591,14 +591,10 @@ var Auth = class {
|
|
|
591
591
|
session.user = {
|
|
592
592
|
id: data2.user.id,
|
|
593
593
|
email: data2.user.email,
|
|
594
|
-
name:
|
|
595
|
-
// Fallback - profile structure is dynamic
|
|
594
|
+
name: "",
|
|
596
595
|
emailVerified: false,
|
|
597
|
-
// Not available from API, but required by UserSchema
|
|
598
596
|
createdAt: (/* @__PURE__ */ new Date()).toISOString(),
|
|
599
|
-
// Fallback
|
|
600
597
|
updatedAt: (/* @__PURE__ */ new Date()).toISOString()
|
|
601
|
-
// Fallback
|
|
602
598
|
};
|
|
603
599
|
this.tokenManager.saveSession(session);
|
|
604
600
|
}
|
|
@@ -611,13 +607,48 @@ var Auth = class {
|
|
|
611
607
|
return { data: null, error };
|
|
612
608
|
}
|
|
613
609
|
/**
|
|
614
|
-
* Send
|
|
615
|
-
*
|
|
610
|
+
* Send email verification (code or link based on config)
|
|
611
|
+
*
|
|
612
|
+
* Send email verification using the method configured in auth settings (verifyEmailMethod).
|
|
613
|
+
* When method is 'code', sends a 6-digit numeric code. When method is 'link', sends a magic link.
|
|
614
|
+
* Prevents user enumeration by returning success even if email doesn't exist.
|
|
616
615
|
*/
|
|
617
|
-
async
|
|
616
|
+
async sendVerificationEmail(request) {
|
|
618
617
|
try {
|
|
619
618
|
const response = await this.http.post(
|
|
620
|
-
"/api/auth/email/send-
|
|
619
|
+
"/api/auth/email/send-verification",
|
|
620
|
+
request
|
|
621
|
+
);
|
|
622
|
+
return {
|
|
623
|
+
data: response,
|
|
624
|
+
error: null
|
|
625
|
+
};
|
|
626
|
+
} catch (error) {
|
|
627
|
+
if (error instanceof InsForgeError) {
|
|
628
|
+
return { data: null, error };
|
|
629
|
+
}
|
|
630
|
+
return {
|
|
631
|
+
data: null,
|
|
632
|
+
error: new InsForgeError(
|
|
633
|
+
"An unexpected error occurred while sending verification code",
|
|
634
|
+
500,
|
|
635
|
+
"UNEXPECTED_ERROR"
|
|
636
|
+
)
|
|
637
|
+
};
|
|
638
|
+
}
|
|
639
|
+
}
|
|
640
|
+
/**
|
|
641
|
+
* Send password reset (code or link based on config)
|
|
642
|
+
*
|
|
643
|
+
* Send password reset email using the method configured in auth settings (resetPasswordMethod).
|
|
644
|
+
* When method is 'code', sends a 6-digit numeric code for two-step flow.
|
|
645
|
+
* When method is 'link', sends a magic link.
|
|
646
|
+
* Prevents user enumeration by returning success even if email doesn't exist.
|
|
647
|
+
*/
|
|
648
|
+
async sendResetPasswordEmail(request) {
|
|
649
|
+
try {
|
|
650
|
+
const response = await this.http.post(
|
|
651
|
+
"/api/auth/email/send-reset-password",
|
|
621
652
|
request
|
|
622
653
|
);
|
|
623
654
|
return {
|
|
@@ -639,13 +670,55 @@ var Auth = class {
|
|
|
639
670
|
}
|
|
640
671
|
}
|
|
641
672
|
/**
|
|
642
|
-
*
|
|
643
|
-
*
|
|
673
|
+
* Exchange reset password code for reset token
|
|
674
|
+
*
|
|
675
|
+
* Step 1 of two-step password reset flow (only used when resetPasswordMethod is 'code'):
|
|
676
|
+
* 1. Verify the 6-digit code sent to user's email
|
|
677
|
+
* 2. Return a reset token that can be used to actually reset the password
|
|
678
|
+
*
|
|
679
|
+
* This endpoint is not used when resetPasswordMethod is 'link' (magic link flow is direct).
|
|
680
|
+
*/
|
|
681
|
+
async exchangeResetPasswordToken(request) {
|
|
682
|
+
try {
|
|
683
|
+
const response = await this.http.post(
|
|
684
|
+
"/api/auth/email/exchange-reset-password-token",
|
|
685
|
+
request
|
|
686
|
+
);
|
|
687
|
+
return {
|
|
688
|
+
data: response,
|
|
689
|
+
error: null
|
|
690
|
+
};
|
|
691
|
+
} catch (error) {
|
|
692
|
+
if (error instanceof InsForgeError) {
|
|
693
|
+
return { data: null, error };
|
|
694
|
+
}
|
|
695
|
+
return {
|
|
696
|
+
data: null,
|
|
697
|
+
error: new InsForgeError(
|
|
698
|
+
"An unexpected error occurred while verifying reset code",
|
|
699
|
+
500,
|
|
700
|
+
"UNEXPECTED_ERROR"
|
|
701
|
+
)
|
|
702
|
+
};
|
|
703
|
+
}
|
|
704
|
+
}
|
|
705
|
+
/**
|
|
706
|
+
* Reset password with token
|
|
707
|
+
*
|
|
708
|
+
* Reset user password with a token. The token can be:
|
|
709
|
+
* - Magic link token (64-character hex token from send-reset-password when method is 'link')
|
|
710
|
+
* - Reset token (from exchange-reset-password-token after code verification when method is 'code')
|
|
711
|
+
*
|
|
712
|
+
* Both token types use RESET_PASSWORD purpose and are verified the same way.
|
|
713
|
+
*
|
|
714
|
+
* Flow summary:
|
|
715
|
+
* - Code method: send-reset-password → exchange-reset-password-token → reset-password (with resetToken)
|
|
716
|
+
* - Link method: send-reset-password → reset-password (with link token directly)
|
|
644
717
|
*/
|
|
645
718
|
async resetPassword(request) {
|
|
646
719
|
try {
|
|
647
720
|
const response = await this.http.post(
|
|
648
|
-
"/api/auth/reset-password",
|
|
721
|
+
"/api/auth/email/reset-password",
|
|
649
722
|
request
|
|
650
723
|
);
|
|
651
724
|
return {
|
|
@@ -667,14 +740,22 @@ var Auth = class {
|
|
|
667
740
|
}
|
|
668
741
|
}
|
|
669
742
|
/**
|
|
670
|
-
* Verify email with
|
|
671
|
-
*
|
|
672
|
-
*
|
|
743
|
+
* Verify email with code or link
|
|
744
|
+
*
|
|
745
|
+
* Verify email address using the method configured in auth settings (verifyEmailMethod):
|
|
746
|
+
* - Code verification: Provide both `email` and `otp` (6-digit numeric code)
|
|
747
|
+
* - Link verification: Provide only `otp` (64-character hex token from magic link)
|
|
748
|
+
*
|
|
749
|
+
* Successfully verified users will receive a session token.
|
|
750
|
+
*
|
|
751
|
+
* The email verification link sent to users always points to the backend API endpoint.
|
|
752
|
+
* If `verifyEmailRedirectTo` is configured, the backend will redirect to that URL after successful verification.
|
|
753
|
+
* Otherwise, a default success page is displayed.
|
|
673
754
|
*/
|
|
674
755
|
async verifyEmail(request) {
|
|
675
756
|
try {
|
|
676
757
|
const response = await this.http.post(
|
|
677
|
-
"/api/auth/verify
|
|
758
|
+
"/api/auth/email/verify",
|
|
678
759
|
request
|
|
679
760
|
);
|
|
680
761
|
if (response.accessToken) {
|