@insforge/sdk 1.0.1-refresh.4 → 1.0.1-refresh.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +14 -8
- package/dist/index.d.ts +14 -8
- package/dist/index.js +33 -15
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +33 -15
- package/dist/index.mjs.map +1 -1
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -228,7 +228,7 @@ var SecureSessionStorage = class {
|
|
|
228
228
|
if (this.accessToken) return false;
|
|
229
229
|
return this.hasAuthFlag();
|
|
230
230
|
}
|
|
231
|
-
// --- Private: Auth Flag Cookie Detection (
|
|
231
|
+
// --- Private: Auth Flag Cookie Detection (SDK-managed on frontend domain) ---
|
|
232
232
|
hasAuthFlag() {
|
|
233
233
|
if (typeof document === "undefined") return false;
|
|
234
234
|
return document.cookie.split(";").some(
|
|
@@ -492,17 +492,24 @@ var Auth = class {
|
|
|
492
492
|
this.detectAuthCallback();
|
|
493
493
|
}
|
|
494
494
|
/**
|
|
495
|
-
*
|
|
495
|
+
* Set the isAuthenticated cookie flag on the frontend domain
|
|
496
|
+
* This is managed by SDK, not backend, to work in cross-origin scenarios
|
|
496
497
|
*/
|
|
497
|
-
|
|
498
|
-
if (typeof document === "undefined") return
|
|
499
|
-
|
|
500
|
-
|
|
501
|
-
|
|
498
|
+
setAuthenticatedCookie() {
|
|
499
|
+
if (typeof document === "undefined") return;
|
|
500
|
+
const maxAge = 7 * 24 * 60 * 60;
|
|
501
|
+
document.cookie = `${AUTH_FLAG_COOKIE}=true; path=/; max-age=${maxAge}; SameSite=Lax`;
|
|
502
|
+
}
|
|
503
|
+
/**
|
|
504
|
+
* Clear the isAuthenticated cookie flag from the frontend domain
|
|
505
|
+
*/
|
|
506
|
+
clearAuthenticatedCookie() {
|
|
507
|
+
if (typeof document === "undefined") return;
|
|
508
|
+
document.cookie = `${AUTH_FLAG_COOKIE}=; path=/; max-age=0; SameSite=Lax`;
|
|
502
509
|
}
|
|
503
510
|
/**
|
|
504
511
|
* Switch to SecureSessionStorage (cookie-based auth)
|
|
505
|
-
* Called when
|
|
512
|
+
* Called when backend returns sessionMode: 'secure'
|
|
506
513
|
* @internal
|
|
507
514
|
*/
|
|
508
515
|
_switchToSecureStorage() {
|
|
@@ -513,6 +520,7 @@ var Auth = class {
|
|
|
513
520
|
localStorage.removeItem(TOKEN_KEY);
|
|
514
521
|
localStorage.removeItem(USER_KEY);
|
|
515
522
|
}
|
|
523
|
+
this.setAuthenticatedCookie();
|
|
516
524
|
if (currentSession) {
|
|
517
525
|
this.tokenManager.saveSession(currentSession);
|
|
518
526
|
}
|
|
@@ -526,17 +534,18 @@ var Auth = class {
|
|
|
526
534
|
if (this.tokenManager.getStrategyId() === "local") return;
|
|
527
535
|
const currentSession = this.tokenManager.getSession();
|
|
528
536
|
this.tokenManager.setStrategy(new LocalSessionStorage());
|
|
537
|
+
this.clearAuthenticatedCookie();
|
|
529
538
|
if (currentSession) {
|
|
530
539
|
this.tokenManager.saveSession(currentSession);
|
|
531
540
|
}
|
|
532
541
|
}
|
|
533
542
|
/**
|
|
534
|
-
* Detect storage strategy
|
|
535
|
-
*
|
|
543
|
+
* Detect storage strategy based on backend response
|
|
544
|
+
* @param sessionMode - The sessionMode returned by backend ('secure' or undefined)
|
|
536
545
|
* @internal
|
|
537
546
|
*/
|
|
538
|
-
|
|
539
|
-
if (
|
|
547
|
+
_detectStorageFromResponse(sessionMode) {
|
|
548
|
+
if (sessionMode === "secure") {
|
|
540
549
|
this._switchToSecureStorage();
|
|
541
550
|
}
|
|
542
551
|
}
|
|
@@ -553,8 +562,9 @@ var Auth = class {
|
|
|
553
562
|
const userId = params.get("user_id");
|
|
554
563
|
const email = params.get("email");
|
|
555
564
|
const name = params.get("name");
|
|
565
|
+
const sessionMode = params.get("session_mode");
|
|
556
566
|
if (accessToken && userId && email) {
|
|
557
|
-
this.
|
|
567
|
+
this._detectStorageFromResponse(sessionMode || void 0);
|
|
558
568
|
const session = {
|
|
559
569
|
accessToken,
|
|
560
570
|
user: {
|
|
@@ -575,6 +585,7 @@ var Auth = class {
|
|
|
575
585
|
url.searchParams.delete("user_id");
|
|
576
586
|
url.searchParams.delete("email");
|
|
577
587
|
url.searchParams.delete("name");
|
|
588
|
+
url.searchParams.delete("session_mode");
|
|
578
589
|
if (params.has("error")) {
|
|
579
590
|
url.searchParams.delete("error");
|
|
580
591
|
}
|
|
@@ -590,6 +601,8 @@ var Auth = class {
|
|
|
590
601
|
async signUp(request) {
|
|
591
602
|
try {
|
|
592
603
|
const response = await this.http.post("/api/auth/users", request);
|
|
604
|
+
const sessionMode = response.sessionMode;
|
|
605
|
+
this._detectStorageFromResponse(sessionMode);
|
|
593
606
|
if (response.accessToken && response.user) {
|
|
594
607
|
const session = {
|
|
595
608
|
accessToken: response.accessToken,
|
|
@@ -599,7 +612,6 @@ var Auth = class {
|
|
|
599
612
|
this.tokenManager.saveSession(session);
|
|
600
613
|
}
|
|
601
614
|
this.http.setAuthToken(response.accessToken);
|
|
602
|
-
this._detectStorageAfterAuth();
|
|
603
615
|
}
|
|
604
616
|
return {
|
|
605
617
|
data: response,
|
|
@@ -625,6 +637,8 @@ var Auth = class {
|
|
|
625
637
|
async signInWithPassword(request) {
|
|
626
638
|
try {
|
|
627
639
|
const response = await this.http.post("/api/auth/sessions", request);
|
|
640
|
+
const sessionMode = response.sessionMode;
|
|
641
|
+
this._detectStorageFromResponse(sessionMode);
|
|
628
642
|
const session = {
|
|
629
643
|
accessToken: response.accessToken || "",
|
|
630
644
|
user: response.user || {
|
|
@@ -640,7 +654,6 @@ var Auth = class {
|
|
|
640
654
|
this.tokenManager.saveSession(session);
|
|
641
655
|
}
|
|
642
656
|
this.http.setAuthToken(response.accessToken || "");
|
|
643
|
-
this._detectStorageAfterAuth();
|
|
644
657
|
return {
|
|
645
658
|
data: response,
|
|
646
659
|
error: null
|
|
@@ -707,6 +720,7 @@ var Auth = class {
|
|
|
707
720
|
}
|
|
708
721
|
this.tokenManager.clearSession();
|
|
709
722
|
this.http.setAuthToken(null);
|
|
723
|
+
this.clearAuthenticatedCookie();
|
|
710
724
|
return { error: null };
|
|
711
725
|
} catch (error) {
|
|
712
726
|
return {
|
|
@@ -730,6 +744,7 @@ var Auth = class {
|
|
|
730
744
|
"/api/auth/refresh"
|
|
731
745
|
);
|
|
732
746
|
if (response.accessToken) {
|
|
747
|
+
this._detectStorageFromResponse(response.sessionMode);
|
|
733
748
|
this.tokenManager.setAccessToken(response.accessToken);
|
|
734
749
|
this.http.setAuthToken(response.accessToken);
|
|
735
750
|
if (response.user) {
|
|
@@ -747,6 +762,7 @@ var Auth = class {
|
|
|
747
762
|
if (error.statusCode === 401 || error.statusCode === 403) {
|
|
748
763
|
this.tokenManager.clearSession();
|
|
749
764
|
this.http.setAuthToken(null);
|
|
765
|
+
this.clearAuthenticatedCookie();
|
|
750
766
|
}
|
|
751
767
|
throw error;
|
|
752
768
|
}
|
|
@@ -1080,6 +1096,8 @@ var Auth = class {
|
|
|
1080
1096
|
"/api/auth/email/verify",
|
|
1081
1097
|
request
|
|
1082
1098
|
);
|
|
1099
|
+
const sessionMode = response.sessionMode;
|
|
1100
|
+
this._detectStorageFromResponse(sessionMode);
|
|
1083
1101
|
if (response.accessToken) {
|
|
1084
1102
|
const session = {
|
|
1085
1103
|
accessToken: response.accessToken,
|