@insforge/sdk 1.0.1-refresh.1 → 1.0.1-refresh.3

package/dist/index.mjs

@@ -140,9 +140,11 @@ var HttpClient = class {
     this.isRefreshing = true;
     try {
       const newToken = await this.refreshCallback();
-      this.refreshQueue.forEach(({ resolve }) => {
+      this.refreshQueue.forEach(({ resolve, reject }) => {
         if (newToken) {
           resolve(newToken);
+        } else {
+          reject(new Error("Token refresh failed"));
         }
       });
       this.refreshQueue = [];
@@ -243,9 +245,9 @@ var SecureSessionStorage = class {
     return document.cookie.includes(`${AUTH_FLAG_COOKIE}=true`);
   }
 };
-var PersistentSessionStorage = class {
+var LocalSessionStorage = class {
   constructor(storage) {
-    this.strategyId = "persistent";
+    this.strategyId = "local";
     if (storage) {
       this.storage = storage;
     } else if (typeof window !== "undefined" && window.localStorage) {
@@ -311,10 +313,10 @@ var PersistentSessionStorage = class {
 var TokenManager = class {
   /**
    * Create a new TokenManager
-   * @param storage - Optional custom storage adapter (used for initial PersistentSessionStorage)
+   * @param storage - Optional custom storage adapter (used for initial LocalSessionStorage)
    */
   constructor(storage) {
-    this.strategy = new PersistentSessionStorage(storage);
+    this.strategy = new LocalSessionStorage(storage);
   }
   /**
    * Set the storage strategy
@@ -386,12 +388,12 @@ var TokenManager = class {
   }
 };
 
-// src/lib/capability-discovery.ts
-var DEFAULT_CAPABILITIES = {
+// src/lib/backend-config.ts
+var DEFAULT_CONFIG = {
   secureSessionStorage: false,
   refreshTokens: false
 };
-async function discoverCapabilities(baseUrl, fetchImpl = globalThis.fetch) {
+async function discoverBackendConfig(baseUrl, fetchImpl = globalThis.fetch) {
   try {
     const response = await fetchImpl(`${baseUrl}/api/health`, {
       method: "GET",
@@ -400,25 +402,25 @@ async function discoverCapabilities(baseUrl, fetchImpl = globalThis.fetch) {
       }
     });
     if (!response.ok) {
-      return DEFAULT_CAPABILITIES;
+      return DEFAULT_CONFIG;
     }
     const health = await response.json();
-    if (health.capabilities) {
-      return health.capabilities;
+    if (health.config) {
+      return health.config;
     }
-    return DEFAULT_CAPABILITIES;
+    return DEFAULT_CONFIG;
   } catch {
-    return DEFAULT_CAPABILITIES;
+    return DEFAULT_CONFIG;
   }
 }
-function createSessionStorage(capabilities, storage) {
-  if (capabilities.secureSessionStorage && capabilities.refreshTokens) {
+function createSessionStorage(config, storage) {
+  if (config.secureSessionStorage && config.refreshTokens) {
     return new SecureSessionStorage();
   }
-  return new PersistentSessionStorage(storage);
+  return new LocalSessionStorage(storage);
 }
-function getDefaultCapabilities() {
-  return { ...DEFAULT_CAPABILITIES };
+function getDefaultBackendConfig() {
+  return { ...DEFAULT_CONFIG };
 }
 
 // src/modules/database-postgrest.ts
@@ -527,37 +529,102 @@ function isHostedAuthEnvironment() {
   return false;
 }
 var Auth = class {
-  constructor(http, tokenManager) {
+  constructor(http, tokenManager, initializePromise) {
     this.http = http;
     this.tokenManager = tokenManager;
-    this.initPromise = null;
+    this.authStateListeners = /* @__PURE__ */ new Set();
     this.database = new Database(http, tokenManager);
+    this.initializePromise = initializePromise ?? Promise.resolve();
+  }
+  /**
+   * Subscribe to auth state changes
+   * 
+   * New subscribers will receive an INITIAL_SESSION event after initialization completes.
+   * This ensures no race condition where subscribers miss the initial state.
+   * 
+   * @param callback - Function called when auth state changes
+   * @returns Unsubscribe function
+   * 
+   * @example
+   * ```typescript
+   * const { data: { subscription } } = client.auth.onAuthStateChange((event, session) => {
+   *   if (event === 'SIGNED_IN') {
+   *     console.log('User signed in:', session?.user.email);
+   *   } else if (event === 'SIGNED_OUT') {
+   *     console.log('User signed out');
+   *   }
+   * });
+   * 
+   * // Later: unsubscribe
+   * subscription.unsubscribe();
+   * ```
+   */
+  onAuthStateChange(callback) {
+    this.authStateListeners.add(callback);
+    ;
+    (async () => {
+      await this.initializePromise;
+      if (this.authStateListeners.has(callback)) {
+        const session = this.tokenManager.getSession();
+        try {
+          callback("INITIAL_SESSION", session);
+        } catch (error) {
+          console.error("[Auth] Error in auth state change listener:", error);
+        }
+      }
+    })();
+    return {
+      data: {
+        subscription: {
+          unsubscribe: () => {
+            this.authStateListeners.delete(callback);
+          }
+        }
+      }
+    };
   }
   /**
-   * Set the initialization promise that auth operations should wait for
-   * This ensures TokenManager mode is set before any auth operations
+   * Emit auth state change to all listeners
+   * @internal
    */
-  setInitPromise(promise) {
-    this.initPromise = promise;
-    this.detectAuthCallbackAsync();
+  _emitAuthStateChange(event, session) {
+    this.authStateListeners.forEach((callback) => {
+      try {
+        callback(event, session);
+      } catch (error) {
+        console.error("[Auth] Error in auth state change listener:", error);
+      }
+    });
   }
   /**
-   * Wait for initialization to complete (if set)
+   * Check if an error represents an authentication failure
+   * Used to determine appropriate HTTP status code (401 vs 500)
    */
-  async waitForInit() {
-    if (this.initPromise) {
-      await this.initPromise;
+  isAuthenticationError(error) {
+    if (error instanceof Error) {
+      const message = error.message.toLowerCase();
+      const authKeywords = [
+        "unauthorized",
+        "invalid token",
+        "expired token",
+        "token expired",
+        "invalid refresh token",
+        "refresh token",
+        "authentication",
+        "not authenticated",
+        "session expired"
+      ];
+      return authKeywords.some((keyword) => message.includes(keyword));
     }
+    return false;
   }
   /**
-   * Automatically detect and handle OAuth callback parameters in the URL
-   * This runs after initialization to seamlessly complete the OAuth flow
-   * Matches the backend's OAuth callback response (backend/src/api/routes/auth.ts:540-544)
+   * Detect and handle OAuth callback parameters in the URL.
+   * Called by client after initialization.
    */
-  async detectAuthCallbackAsync() {
+  detectAuthCallback() {
     if (typeof window === "undefined") return;
     try {
-      await this.waitForInit();
       const params = new URLSearchParams(window.location.search);
       const accessToken = params.get("access_token");
       const userId = params.get("user_id");
@@ -588,6 +655,7 @@ var Auth = class {
           url.searchParams.delete("error");
         }
         window.history.replaceState({}, document.title, url.toString());
+        this._emitAuthStateChange("SIGNED_IN", session);
       }
     } catch {
     }
@@ -597,7 +665,6 @@ var Auth = class {
    */
   async signUp(request) {
     try {
-      await this.waitForInit();
       const response = await this.http.post("/api/auth/users", request);
       if (response.accessToken && response.user) {
         const session = {
@@ -608,6 +675,7 @@ var Auth = class {
           this.tokenManager.saveSession(session);
         }
         this.http.setAuthToken(response.accessToken);
+        this._emitAuthStateChange("SIGNED_IN", session);
       }
       return {
         data: response,
@@ -632,7 +700,6 @@ var Auth = class {
    */
   async signInWithPassword(request) {
     try {
-      await this.waitForInit();
       const response = await this.http.post("/api/auth/sessions", request);
       const session = {
         accessToken: response.accessToken || "",
@@ -649,6 +716,7 @@ var Auth = class {
         this.tokenManager.saveSession(session);
       }
       this.http.setAuthToken(response.accessToken || "");
+      this._emitAuthStateChange("SIGNED_IN", session);
       return {
         data: response,
         error: null
@@ -715,6 +783,7 @@ var Auth = class {
       }
       this.tokenManager.clearSession();
       this.http.setAuthToken(null);
+      this._emitAuthStateChange("SIGNED_OUT", null);
       return { error: null };
     } catch (error) {
       return {
@@ -743,6 +812,8 @@ var Auth = class {
         if (response.user) {
           this.tokenManager.setUser(response.user);
         }
+        const session = this.tokenManager.getSession();
+        this._emitAuthStateChange("TOKEN_REFRESHED", session);
         return response.accessToken;
       }
       throw new InsForgeError(
@@ -751,14 +822,22 @@ var Auth = class {
         "REFRESH_FAILED"
       );
     } catch (error) {
-      this.tokenManager.clearSession();
-      this.http.setAuthToken(null);
       if (error instanceof InsForgeError) {
+        if (error.statusCode === 401 || error.statusCode === 403) {
+          this.tokenManager.clearSession();
+          this.http.setAuthToken(null);
+        }
         throw error;
       }
+      const errorMessage = error instanceof Error ? error.message : "Token refresh failed";
+      const isAuthError = this.isAuthenticationError(error);
+      if (isAuthError) {
+        this.tokenManager.clearSession();
+        this.http.setAuthToken(null);
+      }
       throw new InsForgeError(
-        error instanceof Error ? error.message : "Token refresh failed",
-        401,
+        errorMessage,
+        isAuthError ? 401 : 500,
         "REFRESH_FAILED"
       );
     }
@@ -1069,7 +1148,6 @@ var Auth = class {
    */
   async verifyEmail(request) {
     try {
-      await this.waitForInit();
       const response = await this.http.post(
         "/api/auth/email/verify",
         request
@@ -1081,6 +1159,7 @@ var Auth = class {
         };
         this.tokenManager.saveSession(session);
         this.http.setAuthToken(response.accessToken);
+        this._emitAuthStateChange("SIGNED_IN", session);
       }
       return {
         data: response,
@@ -1626,11 +1705,13 @@ var Functions = class {
 // src/client.ts
 var InsForgeClient = class {
   constructor(config = {}) {
-    this.initialized = false;
-    this.initializationPromise = null;
-    this.capabilities = null;
+    this.backendConfig = null;
+    this.initializePromise = new Promise((resolve) => {
+      this.initializeResolve = resolve;
+    });
     this.http = new HttpClient(config);
     this.tokenManager = new TokenManager(config.storage);
+    this.auth = new Auth(this.http, this.tokenManager, this.initializePromise);
     if (config.edgeFunctionToken) {
       this.http.setAuthToken(config.edgeFunctionToken);
       this.tokenManager.saveSession({
@@ -1639,7 +1720,6 @@ var InsForgeClient = class {
         // Will be populated by getCurrentUser()
       });
     }
-    this.auth = new Auth(this.http, this.tokenManager);
     this.http.setRefreshCallback(async () => {
       try {
         return await this.auth.refreshToken();
@@ -1655,67 +1735,58 @@ var InsForgeClient = class {
     this.storage = new Storage(this.http);
     this.ai = new AI(this.http);
     this.functions = new Functions(this.http);
-    this.initializationPromise = this.initializeAsync();
-    this.auth.setInitPromise(this.initializationPromise);
+    this._initializeAsync();
   }
   /**
-   * Initialize the client by discovering backend capabilities
-   * This is called automatically on construction but can be awaited for guaranteed initialization
-   * 
-   * @example
-   * ```typescript
-   * const client = new InsForgeClient({ baseUrl: 'https://api.example.com' });
-   * await client.initialize(); // Wait for capability discovery
-   * ```
+   * Internal async initialization - discovers backend config and recovers session.
+   * Emits INITIAL_SESSION event when complete.
+   * @internal
    */
-  async initialize() {
-    if (this.initializationPromise) {
-      await this.initializationPromise;
-    }
-  }
-  /**
-   * Internal async initialization - discovers capabilities and configures storage strategy
-   */
-  async initializeAsync() {
-    if (this.initialized) return;
+  async _initializeAsync() {
     try {
-      this.capabilities = await discoverCapabilities(
+      this.backendConfig = await discoverBackendConfig(
         this.http.baseUrl,
         this.http.fetch
       );
-      const strategy = createSessionStorage(this.capabilities);
+      const strategy = createSessionStorage(this.backendConfig);
       this.tokenManager.setStrategy(strategy);
-      if (this.capabilities.refreshTokens && this.tokenManager.shouldAttemptRefresh()) {
-        try {
-          const newToken = await this.auth.refreshToken();
-          this.http.setAuthToken(newToken);
-        } catch {
-          this.tokenManager.clearSession();
-          this.http.setAuthToken(null);
+      this.auth.detectAuthCallback();
+      let currentSession = this.tokenManager.getSession();
+      if (!currentSession?.accessToken && this.backendConfig.refreshTokens) {
+        if (this.tokenManager.shouldAttemptRefresh()) {
+          try {
+            await this.auth.refreshToken();
+            currentSession = this.tokenManager.getSession();
+          } catch {
+            this.tokenManager.clearSession();
+            this.http.setAuthToken(null);
+          }
         }
       }
-      this.initialized = true;
+      this.initializeResolve();
     } catch {
-      this.initialized = true;
+      this.auth.detectAuthCallback();
+      this.initializeResolve();
     }
   }
+  /**
+   * Wait for client initialization to complete
+   * @returns Promise that resolves when initialization is done
+   */
+  async waitForInitialization() {
+    return this.initializePromise;
+  }
   /**
    * Get the underlying HTTP client for custom requests
-   * 
-   * @example
-   * ```typescript
-   * const httpClient = client.getHttpClient();
-   * const customData = await httpClient.get('/api/custom-endpoint');
-   * ```
    */
   getHttpClient() {
     return this.http;
   }
   /**
-   * Get the discovered backend capabilities
+   * Get the discovered backend configuration
    */
-  getCapabilities() {
-    return this.capabilities;
+  getBackendConfig() {
+    return this.backendConfig;
   }
   /**
    * Get the current storage strategy identifier
@@ -1723,18 +1794,12 @@ var InsForgeClient = class {
   getStorageStrategy() {
     return this.tokenManager.getStrategyId();
   }
-  /**
-   * Check if the client has been fully initialized
-   */
-  isInitialized() {
-    return this.initialized;
-  }
 };
-
-// src/index.ts
-function createClient(config) {
+function createClient(config = {}) {
   return new InsForgeClient(config);
 }
+
+// src/index.ts
 var index_default = InsForgeClient;
 export {
   AI,
@@ -1744,7 +1809,7 @@ export {
   HttpClient,
   InsForgeClient,
   InsForgeError,
-  PersistentSessionStorage,
+  LocalSessionStorage,
   SecureSessionStorage,
   Storage,
   StorageBucket,
@@ -1752,7 +1817,7 @@ export {
   createClient,
   createSessionStorage,
   index_default as default,
-  discoverCapabilities,
-  getDefaultCapabilities
+  discoverBackendConfig,
+  getDefaultBackendConfig
 };
 //# sourceMappingURL=index.mjs.map