@insforge/sdk 1.2.10 → 1.3.0-ssr.0

package/dist/index.js

@@ -1172,8 +1172,11 @@ var Auth = class {
    * Browser mode:
    * - Uses httpOnly refresh cookie and optional CSRF header.
    *
-   * Server mode (`isServerMode: true`):
+   * Legacy server mode (`isServerMode: true`):
    * - Uses mobile auth flow and requires `refreshToken` in request body.
+   *
+   * SSR apps should prefer `createRefreshAuthRouter()` / `refreshAuth()` from
+   * `@insforge/sdk/ssr`.
    */
   async refreshSession(options) {
     try {
@@ -1183,7 +1186,7 @@ var Auth = class {
           error: new InsForgeError(
             "refreshToken is required when refreshing session in server mode",
             400,
-            "REFRESH_TOKEN_REQUIRED"
+            import_shared_schemas.ERROR_CODES.AUTH_UNAUTHORIZED
           )
         };
       }
@@ -1645,10 +1648,23 @@ var StorageBucket = class {
    */
   async download(path) {
     try {
-      const strategyResponse = await this.http.post(
-        `/api/storage/buckets/${this.bucketName}/objects/${encodeURIComponent(path)}/download-strategy`,
-        { expiresIn: 3600 }
-      );
+      const encodedKey = encodeURIComponent(path);
+      let strategyResponse;
+      try {
+        strategyResponse = await this.http.get(
+          `/api/storage/buckets/${this.bucketName}/download-strategy/objects/${encodedKey}`
+        );
+      } catch (err) {
+        const status = err instanceof InsForgeError ? err.statusCode : void 0;
+        if (status === 404 || status === 405) {
+          strategyResponse = await this.http.post(
+            `/api/storage/buckets/${this.bucketName}/objects/${encodedKey}/download-strategy`,
+            {}
+          );
+        } else {
+          throw err;
+        }
+      }
       const downloadUrl = strategyResponse.url;
       const headers = {};
       if (strategyResponse.method === "direct") {