@jasperoosthoek/zustand-auth-registry 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/authConfig.d.ts +2 -1
  2. package/dist/index.js +1 -1
  3. package/dist/index.js.map +1 -1
  4. package/package.json +1 -1
  5. package/src/authConfig.ts +16 -2
  6. package/src/authStore.ts +25 -0
  7. package/src/useAuth.ts +4 -16
package/dist/authConfig.d.ts CHANGED
@@ -23,6 +23,7 @@ export type AuthConfig<U> = {
23
23
  enabled: boolean;
24
24
  headerName?: string;
25
25
  cookieName?: string;
26
+ getToken?: () => string | null;
26
27
  };
27
28
  };
28
29
  persistence?: {
@@ -54,7 +55,7 @@ export type ValidatedAuthConfig<U> = {
54
55
  csrf: {
55
56
  enabled: boolean;
56
57
  headerName: string;
57
- cookieName: string;
58
+ getToken: () => string | null;
58
59
  };
59
60
  };
60
61
  persistence: {
package/dist/index.js CHANGED
@@ -1,2 +1,2 @@
1
- !function(e,r){"object"==typeof exports&&"object"==typeof module?module.exports=r(require("zustand"),require("react")):"function"==typeof define&&define.amd?define(["zustand","react"],r):"object"==typeof exports?exports["@jasperoosthoek/zustand-auth-registry"]=r(require("zustand"),require("react")):e["@jasperoosthoek/zustand-auth-registry"]=r(e.zustand,e.react)}(this,(e,r)=>(()=>{"use strict";var t={155:e=>{e.exports=r},287:r=>{r.exports=e}},n={};function o(e){var r=n[e];if(void 0!==r)return r.exports;var i=n[e]={exports:{}};return t[e](i,i.exports,o),i.exports}o.d=(e,r)=>{for(var t in r)o.o(r,t)&&!o.o(e,t)&&Object.defineProperty(e,t,{enumerable:!0,get:r[t]})},o.o=(e,r)=>Object.prototype.hasOwnProperty.call(e,r),o.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})};var i={};o.r(i),o.d(i,{AuthError:()=>b,AuthErrorCode:()=>T,createAuthError:()=>A,createAuthRegistry:()=>c,createAuthStore:()=>l,useAuth:()=>p,validateAuthConfig:()=>s});var s=function(e){var r,t,n,o,i,s,a,l,c,d,f,v,h,p,k,y,g,T,E,b,A;if(!e.axios)throw new Error("AuthConfig: axios instance is required");if(!e.loginUrl)throw new Error("AuthConfig: loginUrl is required");var N,x=(null===(r=e.cookieAuth)||void 0===r?void 0:r.enabled)?{enabled:!0,csrf:{enabled:null!==(n=null===(t=e.cookieAuth.csrf)||void 0===t?void 0:t.enabled)&&void 0!==n&&n,headerName:(null===(o=e.cookieAuth.csrf)||void 0===o?void 0:o.headerName)||"X-CSRFToken",cookieName:(null===(i=e.cookieAuth.csrf)||void 0===i?void 0:i.cookieName)||"csrftoken"}}:void 0,m={enabled:null!==(a=null===(s=e.persistence)||void 0===s?void 0:s.enabled)&&void 0!==a&&a,storage:null!==(c=null===(l=e.persistence)||void 0===l?void 0:l.storage)&&void 0!==c?c:"undefined"!=typeof window&&window.localStorage?window.localStorage:{},tokenKey:null!==(f=null===(d=e.persistence)||void 0===d?void 0:d.tokenKey)&&void 0!==f?f:"token",refreshTokenKey:null!==(h=null===(v=e.persistence)||void 0===v?void 0:v.refreshTokenKey)&&void 0!==h?h:"refresh_token",userKey:null!==(k=null===(p=e.persistence)||void 0===p?void 0:p.userKey)&&void 0!==k?k:"user",expiryKey:null!==(g=null===(y=e.persistence)||void 0===y?void 0:y.expiryKey)&&void 0!==g?g:"expires_at"};return{axios:e.axios,loginUrl:e.loginUrl,logoutUrl:e.logoutUrl,refreshUrl:e.refreshUrl,getUserUrl:e.getUserUrl,authCheckUrl:e.authCheckUrl,extractTokens:null!==(T=e.extractTokens)&&void 0!==T?T:u,extractUser:(N=e.extractUser,"string"==typeof N?function(e){var r;return null!==(r=e[N])&&void 0!==r?r:null}:N),formatAuthHeader:null!==(E=e.formatAuthHeader)&&void 0!==E?E:function(e,r){return void 0===r&&(r="Bearer"),"".concat(r," ").concat(e)},autoRefresh:null===(b=e.autoRefresh)||void 0===b||b,refreshThreshold:null!==(A=e.refreshThreshold)&&void 0!==A?A:3e5,cookieAuth:x,persistence:m,onError:e.onError,onLogin:e.onLogin,onLogout:e.onLogout}};function u(e){if(e.access_token)return{accessToken:e.access_token,refreshToken:e.refresh_token,expiresAt:e.expires_in?Date.now()+1e3*e.expires_in:void 0,tokenType:e.token_type||"Bearer"};var r=e.token||e.auth_token;if(r)return{accessToken:r,tokenType:"Bearer"};throw new Error("No token found in response. Provide extractTokens or ensure response contains access_token/token field.")}var a=o(287),l=function(e){var r=e.persistence,t=e.cookieAuth,n=function(){if(null==t?void 0:t.enabled)return null;if(!r.enabled)return null;try{var e=r.storage.getItem(r.tokenKey);if(!e)return null;var n=r.storage.getItem(r.refreshTokenKey),o=r.storage.getItem(r.expiryKey),i=o?parseInt(o,10):void 0;return{accessToken:e,refreshToken:n||void 0,expiresAt:i&&!isNaN(i)?i:void 0,tokenType:"Bearer"}}catch(e){return null}}(),o=function(){if(!r.enabled)return null;try{var e=r.storage.getItem(r.userKey);return e?JSON.parse(e):null}catch(e){return null}}(),i=(null==t?void 0:t.enabled)?null:!!(null==n?void 0:n.accessToken),s=(0,a.create)(function(s,u){return{tokens:n,user:o,isAuthenticated:i,setTokens:function(n){var o;if(s({tokens:n,isAuthenticated:!0}),!(null==t?void 0:t.enabled)&&r.enabled)try{r.storage.setItem(r.tokenKey,n.accessToken),n.refreshToken?r.storage.setItem(r.refreshTokenKey,n.refreshToken):r.storage.removeItem(r.refreshTokenKey),n.expiresAt?r.storage.setItem(r.expiryKey,n.expiresAt.toString()):r.storage.removeItem(r.expiryKey)}catch(r){null===(o=e.onError)||void 0===o||o.call(e,r)}},setBearerToken:function(e){u().setTokens({accessToken:e,tokenType:"Bearer"})},setAuthenticated:function(e){s({isAuthenticated:e})},setUser:function(t){var n;if(s({user:t}),r.enabled)try{r.storage.setItem(r.userKey,JSON.stringify(t))}catch(r){null===(n=e.onError)||void 0===n||n.call(e,r)}},unsetUser:function(){var t;if(s({user:null,tokens:null,isAuthenticated:!1}),r.enabled)try{r.storage.removeItem(r.tokenKey),r.storage.removeItem(r.refreshTokenKey),r.storage.removeItem(r.userKey),r.storage.removeItem(r.expiryKey)}catch(r){null===(t=e.onError)||void 0===t||t.call(e,r)}},isTokenExpired:function(){var e=u().tokens;return!!(null==e?void 0:e.expiresAt)&&Date.now()>=e.expiresAt}}});return Object.assign(s,{config:e})};function c(){var e={};return function(r,t){var n=String(r);if(!e[n]){var o=s(t);e[n]=l(o)}return e[n]}}var d=o(155),f=function(e,r,t,n){return new(t||(t=Promise))(function(o,i){function s(e){try{a(n.next(e))}catch(e){i(e)}}function u(e){try{a(n.throw(e))}catch(e){i(e)}}function a(e){var r;e.done?o(e.value):(r=e.value,r instanceof t?r:new t(function(e){e(r)})).then(s,u)}a((n=n.apply(e,r||[])).next())})},v=function(e,r){var t,n,o,i,s={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return i={next:u(0),throw:u(1),return:u(2)},"function"==typeof Symbol&&(i[Symbol.iterator]=function(){return this}),i;function u(u){return function(a){return function(u){if(t)throw new TypeError("Generator is already executing.");for(;i&&(i=0,u[0]&&(s=0)),s;)try{if(t=1,n&&(o=2&u[0]?n.return:u[0]?n.throw||((o=n.return)&&o.call(n),0):n.next)&&!(o=o.call(n,u[1])).done)return o;switch(n=0,o&&(u=[2&u[0],o.value]),u[0]){case 0:case 1:o=u;break;case 4:return s.label++,{value:u[1],done:!1};case 5:s.label++,n=u[1],u=[0];continue;case 7:u=s.ops.pop(),s.trys.pop();continue;default:if(!((o=(o=s.trys).length>0&&o[o.length-1])||6!==u[0]&&2!==u[0])){s=0;continue}if(3===u[0]&&(!o||u[1]>o[0]&&u[1]<o[3])){s.label=u[1];break}if(6===u[0]&&s.label<o[1]){s.label=o[1],o=u;break}if(o&&s.label<o[2]){s.label=o[2],s.ops.push(u);break}o[2]&&s.ops.pop(),s.trys.pop();continue}u=r.call(e,s)}catch(e){u=[6,e],n=0}finally{t=o=0}if(5&u[0])throw u[1];return{value:u[0]?u[1]:void 0,done:!0}}([u,a])}}},h=new WeakMap;function p(e){var r=this,t=e(),n=t.setTokens,o=t.setAuthenticated,i=t.setUser,s=t.unsetUser,u=t.tokens,a=t.user,l=t.isAuthenticated,c=t.isTokenExpired,p=e.config,g=(0,d.useCallback)(function(e,r){var t;if(null===(t=p.cookieAuth)||void 0===t?void 0:t.enabled){if(p.cookieAuth.csrf.enabled){var n=k(p.cookieAuth.csrf.cookieName);n&&(p.axios.defaults.headers.common[p.cookieAuth.csrf.headerName]=n)}}else e?p.axios.defaults.headers.common.Authorization=p.formatAuthHeader(e,r):delete p.axios.defaults.headers.common.Authorization},[p]),T=(0,d.useCallback)(function(){return f(r,void 0,void 0,function(){var e,r,t,o,i,a;return v(this,function(l){switch(l.label){case 0:if(!p.refreshUrl)return[2,!1];l.label=1;case 1:return l.trys.push([1,5,,6]),(null===(i=p.cookieAuth)||void 0===i?void 0:i.enabled)?(e=y(p),[4,p.axios.post(p.refreshUrl,{},{headers:e})]):[3,3];case 2:return l.sent(),[2,!0];case 3:return(null==u?void 0:u.refreshToken)?[4,p.axios.post(p.refreshUrl,{refresh_token:u.refreshToken})]:[2,!1];case 4:return r=l.sent(),t=p.extractTokens(r.data),n(t),g(t.accessToken,t.tokenType),[2,!0];case 5:return o=l.sent(),s(),g(),null===(a=p.onError)||void 0===a||a.call(p,o),[2,!1];case 6:return[2]}})})},[u,p,n,s,g]),E=(0,d.useCallback)(function(){return f(r,void 0,void 0,function(){var r,t,n,s,u,a=this;return v(this,function(l){return r=p.authCheckUrl,(null===(u=p.cookieAuth)||void 0===u?void 0:u.enabled)&&r?(t=h.get(e))?[2,t]:(n=function(){return f(a,void 0,void 0,function(){var t,n,s,u,a,l;return v(this,function(c){switch(c.label){case 0:return c.trys.push([0,6,7,8]),t=y(p),[4,p.axios.get(r,{headers:t})];case 1:return(n=c.sent()).data.authenticated?(o(!0),(s=null===(a=p.extractUser)||void 0===a?void 0:a.call(p,n.data))?(i(s),[3,4]):[3,2]):[3,5];case 2:return p.getUserUrl?[4,b()]:[3,4];case 3:c.sent(),c.label=4;case 4:return[2,!0];case 5:return o(!1),[2,!1];case 6:return u=c.sent(),o(!1),null===(l=p.onError)||void 0===l||l.call(p,u),[2,!1];case 7:return h.delete(e),[7];case 8:return[2]}})})},s=n(),h.set(e,s),[2,s]):[2,!1]})})},[e,p,o,i]),b=(0,d.useCallback)(function(){return f(r,void 0,void 0,function(){var e,r,t;return v(this,function(n){switch(n.label){case 0:if(!p.getUserUrl)return[2];n.label=1;case 1:return n.trys.push([1,3,,4]),[4,p.axios.get(p.getUserUrl)];case 2:return e=n.sent(),i(e.data),[3,4];case 3:throw r=n.sent(),s(),g(),null===(t=p.onError)||void 0===t||t.call(p,r),r;case 4:return[2]}})})},[p,i,s,g]);return(0,d.useEffect)(function(){var e;if(null===(e=p.cookieAuth)||void 0===e?void 0:e.enabled)null===l&&E();else if(null==u?void 0:u.accessToken){if(g(u.accessToken,u.tokenType),c())return void(u.refreshToken&&p.autoRefresh?T():s());if(u.expiresAt&&u.refreshToken&&p.autoRefresh){var r=u.expiresAt-Date.now(),t=Math.max(r-p.refreshThreshold,0),n=setTimeout(T,t);return function(){return clearTimeout(n)}}!a&&p.getUserUrl&&b().catch(function(){})}},[u,a,l,p,c,T,E,b,g,s]),{login:function(t,u){return f(r,void 0,void 0,function(){var r,a,l,c,d,f,h,k,T,E,A,N;return v(this,function(v){switch(v.label){case 0:return v.trys.push([0,5,,6]),r=(null===(h=p.cookieAuth)||void 0===h?void 0:h.enabled)?y(p):{},[4,p.axios.post(p.loginUrl,t,{headers:r})];case 1:return a=v.sent(),(null===(k=p.cookieAuth)||void 0===k?void 0:k.enabled)?o(!0):(l=p.extractTokens(a.data),n(l),g(l.accessToken,l.tokenType)),(c=null===(T=p.extractUser)||void 0===T?void 0:T.call(p,a.data))?(i(c),null===(E=p.onLogin)||void 0===E||E.call(p,c),[3,4]):[3,2];case 2:return p.getUserUrl?[4,b()]:[3,4];case 3:v.sent(),(d=e.getState().user)&&(null===(A=p.onLogin)||void 0===A||A.call(p,d)),v.label=4;case 4:return null==u||u(),[3,6];case 5:throw f=v.sent(),s(),g(),null===(N=p.onError)||void 0===N||N.call(p,f),f;case 6:return[2]}})})},logout:function(){return f(r,void 0,void 0,function(){var e,r,t,n,o;return v(this,function(i){switch(i.label){case 0:return i.trys.push([0,3,4,5]),p.logoutUrl?(e=(null===(t=p.cookieAuth)||void 0===t?void 0:t.enabled)?y(p):{},[4,p.axios.post(p.logoutUrl,{},{headers:e})]):[3,2];case 1:i.sent(),i.label=2;case 2:return[3,5];case 3:return r=i.sent(),null===(n=p.onError)||void 0===n||n.call(p,r),[3,5];case 4:return s(),g(),null===(o=p.onLogout)||void 0===o||o.call(p),[7];case 5:return[2]}})})},refresh:T,checkAuth:E,getCurrentUser:b}}function k(e){if("undefined"==typeof document)return null;var r=document.cookie.match(new RegExp("(^| )".concat(e,"=([^;]+)")));return r?r[2]:null}function y(e){var r,t,n={};if(null===(t=null===(r=e.cookieAuth)||void 0===r?void 0:r.csrf)||void 0===t?void 0:t.enabled){var o=k(e.cookieAuth.csrf.cookieName);o&&(n[e.cookieAuth.csrf.headerName]=o)}return n}var g,T,E=(g=function(e,r){return g=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,r){e.__proto__=r}||function(e,r){for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])},g(e,r)},function(e,r){if("function"!=typeof r&&null!==r)throw new TypeError("Class extends value "+String(r)+" is not a constructor or null");function t(){this.constructor=e}g(e,r),e.prototype=null===r?Object.create(r):(t.prototype=r.prototype,new t)});!function(e){e.INVALID_CREDENTIALS="INVALID_CREDENTIALS",e.TOKEN_EXPIRED="TOKEN_EXPIRED",e.TOKEN_INVALID="TOKEN_INVALID",e.REFRESH_FAILED="REFRESH_FAILED",e.NETWORK_ERROR="NETWORK_ERROR",e.USER_NOT_FOUND="USER_NOT_FOUND",e.UNAUTHORIZED="UNAUTHORIZED",e.CSRF_TOKEN_MISSING="CSRF_TOKEN_MISSING",e.FORBIDDEN="FORBIDDEN",e.UNKNOWN="UNKNOWN"}(T||(T={}));var b=function(e){function r(t,n,o){var i=e.call(this,o||t)||this;return i.code=t,i.originalError=n,i.name="AuthError",Error.captureStackTrace&&Error.captureStackTrace(i,r),i}return E(r,e),r.prototype.toJSON=function(){return{code:this.code,message:this.message,name:this.name}},r.isAuthError=function(e){return e instanceof r},r}(Error);function A(e){var r,t,n,o,i,s;if(b.isAuthError(e))return e;if(e.response){var u=e.response.status,a=e.response.data;switch(u){case 401:return(null===(r=null==a?void 0:a.detail)||void 0===r?void 0:r.toLowerCase().includes("expired"))||(null===(t=null==a?void 0:a.message)||void 0===t?void 0:t.toLowerCase().includes("expired"))?new b(T.TOKEN_EXPIRED,e,"Token has expired"):(null===(n=null==a?void 0:a.detail)||void 0===n?void 0:n.toLowerCase().includes("invalid"))||(null===(o=null==a?void 0:a.detail)||void 0===o?void 0:o.toLowerCase().includes("credentials"))?new b(T.INVALID_CREDENTIALS,e,"Invalid credentials"):new b(T.UNAUTHORIZED,e,"Unauthorized");case 403:return(null===(i=null==a?void 0:a.detail)||void 0===i?void 0:i.toLowerCase().includes("csrf"))?new b(T.CSRF_TOKEN_MISSING,e,"CSRF token missing or invalid"):new b(T.FORBIDDEN,e,"Access forbidden");case 404:return(null===(s=null==a?void 0:a.detail)||void 0===s?void 0:s.toLowerCase().includes("user"))?new b(T.USER_NOT_FOUND,e,"User not found"):new b(T.UNKNOWN,e,"Resource not found");default:return new b(T.UNKNOWN,e,"HTTP ".concat(u," error"))}}return e.request?new b(T.NETWORK_ERROR,e,"Network error - no response received"):new b(T.UNKNOWN,e,e.message||"Unknown error")}return i})());
1
+ !function(e,r){"object"==typeof exports&&"object"==typeof module?module.exports=r(require("zustand"),require("react")):"function"==typeof define&&define.amd?define(["zustand","react"],r):"object"==typeof exports?exports["@jasperoosthoek/zustand-auth-registry"]=r(require("zustand"),require("react")):e["@jasperoosthoek/zustand-auth-registry"]=r(e.zustand,e.react)}(this,(e,r)=>(()=>{"use strict";var t={155:e=>{e.exports=r},287:r=>{r.exports=e}},n={};function o(e){var r=n[e];if(void 0!==r)return r.exports;var i=n[e]={exports:{}};return t[e](i,i.exports,o),i.exports}o.d=(e,r)=>{for(var t in r)o.o(r,t)&&!o.o(e,t)&&Object.defineProperty(e,t,{enumerable:!0,get:r[t]})},o.o=(e,r)=>Object.prototype.hasOwnProperty.call(e,r),o.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})};var i={};o.r(i),o.d(i,{AuthError:()=>b,AuthErrorCode:()=>T,createAuthError:()=>A,createAuthRegistry:()=>d,createAuthStore:()=>c,useAuth:()=>k,validateAuthConfig:()=>s});var s=function(e){var r,t,n,o,i,s,a,l,c,d,f,v,h,p,k,y,g,T,E,b,A,x,N;if(!e.axios)throw new Error("AuthConfig: axios instance is required");if(!e.loginUrl)throw new Error("AuthConfig: loginUrl is required");var U,w,m=(null===(r=e.cookieAuth)||void 0===r?void 0:r.enabled)?{enabled:!0,csrf:{enabled:null!==(n=null===(t=e.cookieAuth.csrf)||void 0===t?void 0:t.enabled)&&void 0!==n&&n,headerName:(null===(o=e.cookieAuth.csrf)||void 0===o?void 0:o.headerName)||"X-CSRFToken",getToken:null!==(s=null===(i=e.cookieAuth.csrf)||void 0===i?void 0:i.getToken)&&void 0!==s?s:(U=(null===(a=e.cookieAuth.csrf)||void 0===a?void 0:a.cookieName)||"csrftoken",function(){if("undefined"==typeof document)return null;var e=document.cookie.match(new RegExp("".concat(U,"=([^;]+)")));return e?e[1]:null})}}:void 0,I={enabled:null!==(c=null===(l=e.persistence)||void 0===l?void 0:l.enabled)&&void 0!==c&&c,storage:null!==(f=null===(d=e.persistence)||void 0===d?void 0:d.storage)&&void 0!==f?f:"undefined"!=typeof window&&window.localStorage?window.localStorage:{},tokenKey:null!==(h=null===(v=e.persistence)||void 0===v?void 0:v.tokenKey)&&void 0!==h?h:"token",refreshTokenKey:null!==(k=null===(p=e.persistence)||void 0===p?void 0:p.refreshTokenKey)&&void 0!==k?k:"refresh_token",userKey:null!==(g=null===(y=e.persistence)||void 0===y?void 0:y.userKey)&&void 0!==g?g:"user",expiryKey:null!==(E=null===(T=e.persistence)||void 0===T?void 0:T.expiryKey)&&void 0!==E?E:"expires_at"};return{axios:e.axios,loginUrl:e.loginUrl,logoutUrl:e.logoutUrl,refreshUrl:e.refreshUrl,getUserUrl:e.getUserUrl,authCheckUrl:e.authCheckUrl,extractTokens:null!==(b=e.extractTokens)&&void 0!==b?b:u,extractUser:(w=e.extractUser,"string"==typeof w?function(e){var r;return null!==(r=e[w])&&void 0!==r?r:null}:w),formatAuthHeader:null!==(A=e.formatAuthHeader)&&void 0!==A?A:function(e,r){return void 0===r&&(r="Bearer"),"".concat(r," ").concat(e)},autoRefresh:null===(x=e.autoRefresh)||void 0===x||x,refreshThreshold:null!==(N=e.refreshThreshold)&&void 0!==N?N:3e5,cookieAuth:m,persistence:I,onError:e.onError,onLogin:e.onLogin,onLogout:e.onLogout}};function u(e){if(e.access_token)return{accessToken:e.access_token,refreshToken:e.refresh_token,expiresAt:e.expires_in?Date.now()+1e3*e.expires_in:void 0,tokenType:e.token_type||"Bearer"};var r=e.token||e.auth_token;if(r)return{accessToken:r,tokenType:"Bearer"};throw new Error("No token found in response. Provide extractTokens or ensure response contains access_token/token field.")}var a=o(287),l=["post","put","patch","delete"],c=function(e){var r=e.persistence,t=e.cookieAuth;!function(e){var r;if(!(null===(r=e.cookieAuth)||void 0===r?void 0:r.csrf.enabled))return null;var t=e.cookieAuth.csrf,n=t.headerName,o=t.getToken;e.axios.interceptors.request.use(function(e){var r,t=null===(r=e.method)||void 0===r?void 0:r.toLowerCase();if(t&&l.includes(t)){var i=o();i&&(e.headers[n]=i)}return e})}(e);var n=function(){if(null==t?void 0:t.enabled)return null;if(!r.enabled)return null;try{var e=r.storage.getItem(r.tokenKey);if(!e)return null;var n=r.storage.getItem(r.refreshTokenKey),o=r.storage.getItem(r.expiryKey),i=o?parseInt(o,10):void 0;return{accessToken:e,refreshToken:n||void 0,expiresAt:i&&!isNaN(i)?i:void 0,tokenType:"Bearer"}}catch(e){return null}}(),o=function(){if(!r.enabled)return null;try{var e=r.storage.getItem(r.userKey);return e?JSON.parse(e):null}catch(e){return null}}(),i=(null==t?void 0:t.enabled)?null:!!(null==n?void 0:n.accessToken),s=(0,a.create)(function(s,u){return{tokens:n,user:o,isAuthenticated:i,setTokens:function(n){var o;if(s({tokens:n,isAuthenticated:!0}),!(null==t?void 0:t.enabled)&&r.enabled)try{r.storage.setItem(r.tokenKey,n.accessToken),n.refreshToken?r.storage.setItem(r.refreshTokenKey,n.refreshToken):r.storage.removeItem(r.refreshTokenKey),n.expiresAt?r.storage.setItem(r.expiryKey,n.expiresAt.toString()):r.storage.removeItem(r.expiryKey)}catch(r){null===(o=e.onError)||void 0===o||o.call(e,r)}},setBearerToken:function(e){u().setTokens({accessToken:e,tokenType:"Bearer"})},setAuthenticated:function(e){s({isAuthenticated:e})},setUser:function(t){var n;if(s({user:t}),r.enabled)try{r.storage.setItem(r.userKey,JSON.stringify(t))}catch(r){null===(n=e.onError)||void 0===n||n.call(e,r)}},unsetUser:function(){var t;if(s({user:null,tokens:null,isAuthenticated:!1}),r.enabled)try{r.storage.removeItem(r.tokenKey),r.storage.removeItem(r.refreshTokenKey),r.storage.removeItem(r.userKey),r.storage.removeItem(r.expiryKey)}catch(r){null===(t=e.onError)||void 0===t||t.call(e,r)}},isTokenExpired:function(){var e=u().tokens;return!!(null==e?void 0:e.expiresAt)&&Date.now()>=e.expiresAt}}});return Object.assign(s,{config:e})};function d(){var e={};return function(r,t){var n=String(r);if(!e[n]){var o=s(t);e[n]=c(o)}return e[n]}}var f=o(155),v=function(e,r,t,n){return new(t||(t=Promise))(function(o,i){function s(e){try{a(n.next(e))}catch(e){i(e)}}function u(e){try{a(n.throw(e))}catch(e){i(e)}}function a(e){var r;e.done?o(e.value):(r=e.value,r instanceof t?r:new t(function(e){e(r)})).then(s,u)}a((n=n.apply(e,r||[])).next())})},h=function(e,r){var t,n,o,i,s={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return i={next:u(0),throw:u(1),return:u(2)},"function"==typeof Symbol&&(i[Symbol.iterator]=function(){return this}),i;function u(u){return function(a){return function(u){if(t)throw new TypeError("Generator is already executing.");for(;i&&(i=0,u[0]&&(s=0)),s;)try{if(t=1,n&&(o=2&u[0]?n.return:u[0]?n.throw||((o=n.return)&&o.call(n),0):n.next)&&!(o=o.call(n,u[1])).done)return o;switch(n=0,o&&(u=[2&u[0],o.value]),u[0]){case 0:case 1:o=u;break;case 4:return s.label++,{value:u[1],done:!1};case 5:s.label++,n=u[1],u=[0];continue;case 7:u=s.ops.pop(),s.trys.pop();continue;default:if(!((o=(o=s.trys).length>0&&o[o.length-1])||6!==u[0]&&2!==u[0])){s=0;continue}if(3===u[0]&&(!o||u[1]>o[0]&&u[1]<o[3])){s.label=u[1];break}if(6===u[0]&&s.label<o[1]){s.label=o[1],o=u;break}if(o&&s.label<o[2]){s.label=o[2],s.ops.push(u);break}o[2]&&s.ops.pop(),s.trys.pop();continue}u=r.call(e,s)}catch(e){u=[6,e],n=0}finally{t=o=0}if(5&u[0])throw u[1];return{value:u[0]?u[1]:void 0,done:!0}}([u,a])}}},p=new WeakMap;function k(e){var r=this,t=e(),n=t.setTokens,o=t.setAuthenticated,i=t.setUser,s=t.unsetUser,u=t.tokens,a=t.user,l=t.isAuthenticated,c=t.isTokenExpired,d=e.config,k=(0,f.useCallback)(function(e,r){var t;(null===(t=d.cookieAuth)||void 0===t?void 0:t.enabled)||(e?d.axios.defaults.headers.common.Authorization=d.formatAuthHeader(e,r):delete d.axios.defaults.headers.common.Authorization)},[d]),g=(0,f.useCallback)(function(){return v(r,void 0,void 0,function(){var e,r,t,o,i,a;return h(this,function(l){switch(l.label){case 0:if(!d.refreshUrl)return[2,!1];l.label=1;case 1:return l.trys.push([1,5,,6]),(null===(i=d.cookieAuth)||void 0===i?void 0:i.enabled)?(e=y(d),[4,d.axios.post(d.refreshUrl,{},{headers:e})]):[3,3];case 2:return l.sent(),[2,!0];case 3:return(null==u?void 0:u.refreshToken)?[4,d.axios.post(d.refreshUrl,{refresh_token:u.refreshToken})]:[2,!1];case 4:return r=l.sent(),t=d.extractTokens(r.data),n(t),k(t.accessToken,t.tokenType),[2,!0];case 5:return o=l.sent(),s(),k(),null===(a=d.onError)||void 0===a||a.call(d,o),[2,!1];case 6:return[2]}})})},[u,d,n,s,k]),T=(0,f.useCallback)(function(){return v(r,void 0,void 0,function(){var r,t,n,s,u,a=this;return h(this,function(l){return r=d.authCheckUrl,(null===(u=d.cookieAuth)||void 0===u?void 0:u.enabled)&&r?(t=p.get(e))?[2,t]:(n=function(){return v(a,void 0,void 0,function(){var t,n,s,u,a,l;return h(this,function(c){switch(c.label){case 0:return c.trys.push([0,6,7,8]),t=y(d),[4,d.axios.get(r,{headers:t})];case 1:return(n=c.sent()).data.authenticated?(o(!0),(s=null===(a=d.extractUser)||void 0===a?void 0:a.call(d,n.data))?(i(s),[3,4]):[3,2]):[3,5];case 2:return d.getUserUrl?[4,E()]:[3,4];case 3:c.sent(),c.label=4;case 4:return[2,!0];case 5:return o(!1),[2,!1];case 6:return u=c.sent(),o(!1),null===(l=d.onError)||void 0===l||l.call(d,u),[2,!1];case 7:return p.delete(e),[7];case 8:return[2]}})})},s=n(),p.set(e,s),[2,s]):[2,!1]})})},[e,d,o,i]),E=(0,f.useCallback)(function(){return v(r,void 0,void 0,function(){var e,r,t;return h(this,function(n){switch(n.label){case 0:if(!d.getUserUrl)return[2];n.label=1;case 1:return n.trys.push([1,3,,4]),[4,d.axios.get(d.getUserUrl)];case 2:return e=n.sent(),i(e.data),[3,4];case 3:throw r=n.sent(),s(),k(),null===(t=d.onError)||void 0===t||t.call(d,r),r;case 4:return[2]}})})},[d,i,s,k]);return(0,f.useEffect)(function(){var e;if(null===(e=d.cookieAuth)||void 0===e?void 0:e.enabled)null===l&&T();else if(null==u?void 0:u.accessToken){if(k(u.accessToken,u.tokenType),c())return void(u.refreshToken&&d.autoRefresh?g():s());if(u.expiresAt&&u.refreshToken&&d.autoRefresh){var r=u.expiresAt-Date.now(),t=Math.max(r-d.refreshThreshold,0),n=setTimeout(g,t);return function(){return clearTimeout(n)}}!a&&d.getUserUrl&&E().catch(function(){})}},[u,a,l,d,c,g,T,E,k,s]),{login:function(t,u){return v(r,void 0,void 0,function(){var r,a,l,c,f,v,p,g,T,b,A,x;return h(this,function(h){switch(h.label){case 0:return h.trys.push([0,5,,6]),r=(null===(p=d.cookieAuth)||void 0===p?void 0:p.enabled)?y(d):{},[4,d.axios.post(d.loginUrl,t,{headers:r})];case 1:return a=h.sent(),(null===(g=d.cookieAuth)||void 0===g?void 0:g.enabled)?o(!0):(l=d.extractTokens(a.data),n(l),k(l.accessToken,l.tokenType)),(c=null===(T=d.extractUser)||void 0===T?void 0:T.call(d,a.data))?(i(c),null===(b=d.onLogin)||void 0===b||b.call(d,c),[3,4]):[3,2];case 2:return d.getUserUrl?[4,E()]:[3,4];case 3:h.sent(),(f=e.getState().user)&&(null===(A=d.onLogin)||void 0===A||A.call(d,f)),h.label=4;case 4:return null==u||u(),[3,6];case 5:throw v=h.sent(),s(),k(),null===(x=d.onError)||void 0===x||x.call(d,v),v;case 6:return[2]}})})},logout:function(){return v(r,void 0,void 0,function(){var e,r,t,n,o;return h(this,function(i){switch(i.label){case 0:return i.trys.push([0,3,4,5]),d.logoutUrl?(e=(null===(t=d.cookieAuth)||void 0===t?void 0:t.enabled)?y(d):{},[4,d.axios.post(d.logoutUrl,{},{headers:e})]):[3,2];case 1:i.sent(),i.label=2;case 2:return[3,5];case 3:return r=i.sent(),null===(n=d.onError)||void 0===n||n.call(d,r),[3,5];case 4:return s(),k(),null===(o=d.onLogout)||void 0===o||o.call(d),[7];case 5:return[2]}})})},refresh:g,checkAuth:T,getCurrentUser:E}}function y(e){var r,t,n={};if(null===(t=null===(r=e.cookieAuth)||void 0===r?void 0:r.csrf)||void 0===t?void 0:t.enabled){var o=e.cookieAuth.csrf.getToken();o&&(n[e.cookieAuth.csrf.headerName]=o)}return n}var g,T,E=(g=function(e,r){return g=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,r){e.__proto__=r}||function(e,r){for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])},g(e,r)},function(e,r){if("function"!=typeof r&&null!==r)throw new TypeError("Class extends value "+String(r)+" is not a constructor or null");function t(){this.constructor=e}g(e,r),e.prototype=null===r?Object.create(r):(t.prototype=r.prototype,new t)});!function(e){e.INVALID_CREDENTIALS="INVALID_CREDENTIALS",e.TOKEN_EXPIRED="TOKEN_EXPIRED",e.TOKEN_INVALID="TOKEN_INVALID",e.REFRESH_FAILED="REFRESH_FAILED",e.NETWORK_ERROR="NETWORK_ERROR",e.USER_NOT_FOUND="USER_NOT_FOUND",e.UNAUTHORIZED="UNAUTHORIZED",e.CSRF_TOKEN_MISSING="CSRF_TOKEN_MISSING",e.FORBIDDEN="FORBIDDEN",e.UNKNOWN="UNKNOWN"}(T||(T={}));var b=function(e){function r(t,n,o){var i=e.call(this,o||t)||this;return i.code=t,i.originalError=n,i.name="AuthError",Error.captureStackTrace&&Error.captureStackTrace(i,r),i}return E(r,e),r.prototype.toJSON=function(){return{code:this.code,message:this.message,name:this.name}},r.isAuthError=function(e){return e instanceof r},r}(Error);function A(e){var r,t,n,o,i,s;if(b.isAuthError(e))return e;if(e.response){var u=e.response.status,a=e.response.data;switch(u){case 401:return(null===(r=null==a?void 0:a.detail)||void 0===r?void 0:r.toLowerCase().includes("expired"))||(null===(t=null==a?void 0:a.message)||void 0===t?void 0:t.toLowerCase().includes("expired"))?new b(T.TOKEN_EXPIRED,e,"Token has expired"):(null===(n=null==a?void 0:a.detail)||void 0===n?void 0:n.toLowerCase().includes("invalid"))||(null===(o=null==a?void 0:a.detail)||void 0===o?void 0:o.toLowerCase().includes("credentials"))?new b(T.INVALID_CREDENTIALS,e,"Invalid credentials"):new b(T.UNAUTHORIZED,e,"Unauthorized");case 403:return(null===(i=null==a?void 0:a.detail)||void 0===i?void 0:i.toLowerCase().includes("csrf"))?new b(T.CSRF_TOKEN_MISSING,e,"CSRF token missing or invalid"):new b(T.FORBIDDEN,e,"Access forbidden");case 404:return(null===(s=null==a?void 0:a.detail)||void 0===s?void 0:s.toLowerCase().includes("user"))?new b(T.USER_NOT_FOUND,e,"User not found"):new b(T.UNKNOWN,e,"Resource not found");default:return new b(T.UNKNOWN,e,"HTTP ".concat(u," error"))}}return e.request?new b(T.NETWORK_ERROR,e,"Network error - no response received"):new b(T.UNKNOWN,e,e.message||"Unknown error")}return i})());
2
2
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","mappings":"CAAA,SAA2CA,EAAMC,GAC1B,iBAAZC,SAA0C,iBAAXC,OACxCA,OAAOD,QAAUD,EAAQG,QAAQ,WAAYA,QAAQ,UAC5B,mBAAXC,QAAyBA,OAAOC,IAC9CD,OAAO,CAAC,UAAW,SAAUJ,GACH,iBAAZC,QACdA,QAAQ,yCAA2CD,EAAQG,QAAQ,WAAYA,QAAQ,UAEvFJ,EAAK,yCAA2CC,EAAQD,EAAc,QAAGA,EAAY,MACtF,CATD,CASGO,KAAM,CAACC,EAAkCC,I,kCCT5CN,EAAOD,QAAUO,C,UCAjBN,EAAOD,QAAUM,C,GCCbE,EAA2B,CAAC,EAGhC,SAASC,EAAoBC,GAE5B,IAAIC,EAAeH,EAAyBE,GAC5C,QAAqBE,IAAjBD,EACH,OAAOA,EAAaX,QAGrB,IAAIC,EAASO,EAAyBE,GAAY,CAGjDV,QAAS,CAAC,GAOX,OAHAa,EAAoBH,GAAUT,EAAQA,EAAOD,QAASS,GAG/CR,EAAOD,OACf,CCrBAS,EAAoBK,EAAI,CAACd,EAASe,KACjC,IAAI,IAAIC,KAAOD,EACXN,EAAoBQ,EAAEF,EAAYC,KAASP,EAAoBQ,EAAEjB,EAASgB,IAC5EE,OAAOC,eAAenB,EAASgB,EAAK,CAAEI,YAAY,EAAMC,IAAKN,EAAWC,MCJ3EP,EAAoBQ,EAAI,CAACK,EAAKC,IAAUL,OAAOM,UAAUC,eAAeC,KAAKJ,EAAKC,GCClFd,EAAoBkB,EAAK3B,IACH,oBAAX4B,QAA0BA,OAAOC,aAC1CX,OAAOC,eAAenB,EAAS4B,OAAOC,YAAa,CAAEC,MAAO,WAE7DZ,OAAOC,eAAenB,EAAS,aAAc,CAAE8B,OAAO,K,yKCsGhD,IAAMC,EAAqB,SAAIC,G,8CACpC,IAAKA,EAAOC,MACV,MAAM,IAAIC,MAAM,0CAGlB,IAAKF,EAAOG,SACV,MAAM,IAAID,MAAM,oCAIlB,IAmEAE,EAnEMC,GAA8B,QAAjB,EAAAL,EAAOK,kBAAU,eAAEC,SAAU,CAC9CA,SAAS,EACTC,KAAM,CACJD,QAAwC,QAA/B,EAAsB,QAAtB,EAAAN,EAAOK,WAAWE,YAAI,eAAED,eAAO,SACxCE,YAAkC,QAAtB,EAAAR,EAAOK,WAAWE,YAAI,eAAEC,aAAc,cAClDC,YAAkC,QAAtB,EAAAT,EAAOK,WAAWE,YAAI,eAAEE,aAAc,mBAElD7B,EAGE8B,EAAc,CAClBJ,QAAoC,QAA3B,EAAkB,QAAlB,EAAAN,EAAOU,mBAAW,eAAEJ,eAAO,SACpCK,QAAoC,QAA3B,EAAkB,QAAlB,EAAAX,EAAOU,mBAAW,eAAEC,eAAO,QACf,oBAAXC,QAA0BA,OAAOC,aAAeD,OAAOC,aAAe,CAAC,EACjFC,SAAsC,QAA5B,EAAkB,QAAlB,EAAAd,EAAOU,mBAAW,eAAEI,gBAAQ,QAAI,QAC1CC,gBAAoD,QAAnC,EAAkB,QAAlB,EAAAf,EAAOU,mBAAW,eAAEK,uBAAe,QAAI,gBACxDC,QAAoC,QAA3B,EAAkB,QAAlB,EAAAhB,EAAOU,mBAAW,eAAEM,eAAO,QAAI,OACxCC,UAAwC,QAA7B,EAAkB,QAAlB,EAAAjB,EAAOU,mBAAW,eAAEO,iBAAS,QAAI,cAG9C,MAAO,CACLhB,MAAOD,EAAOC,MACdE,SAAUH,EAAOG,SACjBe,UAAWlB,EAAOkB,UAClBC,WAAYnB,EAAOmB,WACnBC,WAAYpB,EAAOoB,WACnBC,aAAcrB,EAAOqB,aACrBC,cAAmC,QAApB,EAAAtB,EAAOsB,qBAAa,QAAIC,EACvCnB,aAuCFA,EAvCoCJ,EAAOI,YAyChB,iBAAhBA,EACF,SAACoB,GAAS,MAAK,OAAiB,QAAjB,EAAAA,EAAKpB,UAAY,QAAI,IAAI,EAE1CA,GA3CLqB,iBAAyC,QAAvB,EAAAzB,EAAOyB,wBAAgB,QACvC,SAAEC,EAAeC,GAAiC,YAAjC,IAAAA,IAAAA,EAAA,UAAiC,UAAGA,EAAS,YAAID,EAAO,EAC3EE,YAA+B,QAAlB,EAAA5B,EAAO4B,mBAAW,SAC/BC,iBAAyC,QAAvB,EAAA7B,EAAO6B,wBAAgB,QAAI,IAC7CxB,WAAU,EACVK,YAAW,EACXoB,QAAS9B,EAAO8B,QAChBC,QAAS/B,EAAO+B,QAChBC,SAAUhC,EAAOgC,SAErB,EAGA,SAAST,EAAqBC,GAE5B,GAAIA,EAAKS,aACP,MAAO,CACLC,YAAaV,EAAKS,aAClBE,aAAcX,EAAKY,cACnBC,UAAWb,EAAKc,WAAaC,KAAKC,MAA2B,IAAlBhB,EAAKc,gBAAqB1D,EACrE+C,UAAWH,EAAKiB,YAAc,UAKlC,IAAMf,EAAQF,EAAKE,OAASF,EAAKkB,WACjC,GAAIhB,EACF,MAAO,CACLQ,YAAaR,EACbC,UAAW,UAIf,MAAM,IAAIzB,MAAM,0GAClB,C,aC/JayC,EAAkB,SAAI3C,GACzB,IAAAU,EAA4BV,EAAM,YAArBK,EAAeL,EAAM,WAuCpC4C,EArCkB,WAEtB,GAAIvC,aAAU,EAAVA,EAAYC,QACd,OAAO,KAIT,IAAKI,EAAYJ,QAAS,OAAO,KACjC,IACE,IAAM4B,EAAcxB,EAAYC,QAAQkC,QAAQnC,EAAYI,UAC5D,IAAKoB,EAAa,OAAO,KAEzB,IAAMC,EAAezB,EAAYC,QAAQkC,QAAQnC,EAAYK,iBACvD+B,EAAepC,EAAYC,QAAQkC,QAAQnC,EAAYO,WACvDoB,EAAYS,EAAeC,SAASD,EAAc,SAAMlE,EAE9D,MAAO,CACLsD,YAAW,EACXC,aAAcA,QAAgBvD,EAC9ByD,UAAWA,IAAcW,MAAMX,GAAaA,OAAYzD,EACxD+C,UAAW,S,CAEb,SACA,OAAO,I,CAEX,CAYsBsB,GAChBC,EAXgB,WACpB,IAAKxC,EAAYJ,QAAS,OAAO,KACjC,IACE,IAAM6C,EAAazC,EAAYC,QAAQkC,QAAQnC,EAAYM,SAC3D,OAAOmC,EAAcC,KAAKC,MAAMF,GAAoB,I,CACpD,SACA,OAAO,I,CAEX,CAGoBG,GAIdC,GAAyBlD,aAAU,EAAVA,EAAYC,SACvC,QACEsC,aAAa,EAAbA,EAAeV,aAEfsB,GAAQ,IAAAC,QAAqB,SAACC,EAAKrE,GAAQ,OAC/CsE,OAAQf,EACRgB,KAAMV,EACNW,gBAAiBN,EAEjBO,UAAW,SAACH,G,MAIV,GAHAD,EAAI,CAAEC,OAAM,EAAEE,iBAAiB,MAG3BxD,aAAU,EAAVA,EAAYC,UAKZI,EAAYJ,QACd,IACEI,EAAYC,QAAQoD,QAAQrD,EAAYI,SAAU6C,EAAOzB,aAErDyB,EAAOxB,aACTzB,EAAYC,QAAQoD,QAAQrD,EAAYK,gBAAiB4C,EAAOxB,cAEhEzB,EAAYC,QAAQqD,WAAWtD,EAAYK,iBAGzC4C,EAAOtB,UACT3B,EAAYC,QAAQoD,QAAQrD,EAAYO,UAAW0C,EAAOtB,UAAU4B,YAEpEvD,EAAYC,QAAQqD,WAAWtD,EAAYO,U,CAE7C,MAAOiD,GACO,QAAd,EAAAlE,EAAO8B,eAAO,gBAAGoC,E,CAGvB,EAEAC,eAAgB,SAACzC,GACfrC,IAAMyE,UAAU,CAAE5B,YAAaR,EAAOC,UAAW,UACnD,EAEAyC,iBAAkB,SAACC,GACjBX,EAAI,CAAEG,gBAAiBQ,GACzB,EAEAC,QAAS,SAACV,G,MAGR,GAFAF,EAAI,CAAEE,KAAI,IAENlD,EAAYJ,QACd,IACEI,EAAYC,QAAQoD,QAAQrD,EAAYM,QAASoC,KAAKmB,UAAUX,G,CAChE,MAAOM,GACO,QAAd,EAAAlE,EAAO8B,eAAO,gBAAGoC,E,CAGvB,EAEAM,UAAW,W,MAGT,GAFAd,EAAI,CAAEE,KAAM,KAAMD,OAAQ,KAAME,iBAAiB,IAE7CnD,EAAYJ,QACd,IACEI,EAAYC,QAAQqD,WAAWtD,EAAYI,UAC3CJ,EAAYC,QAAQqD,WAAWtD,EAAYK,iBAC3CL,EAAYC,QAAQqD,WAAWtD,EAAYM,SAC3CN,EAAYC,QAAQqD,WAAWtD,EAAYO,U,CAC3C,MAAOiD,GACO,QAAd,EAAAlE,EAAO8B,eAAO,gBAAGoC,E,CAGvB,EAEAO,eAAgB,WACd,IAAMd,EAAStE,IAAMsE,OACrB,SAAKA,aAAM,EAANA,EAAQtB,YACNE,KAAKC,OAASmB,EAAOtB,SAC9B,EA1E+C,GA6EjD,OAAOnD,OAAOwF,OAAOlB,EAAO,CAAExD,OAAM,GACtC,ECjJO,SAAS2E,IACd,IAAMC,EAA2C,CAAC,EAgBlD,OAdA,SACE5F,EACAgB,GAEA,IAAM6E,EAAYC,OAAO9F,GAEzB,IAAK4F,EAASC,GAAY,CACxB,IAAME,EAAkBhF,EAAmBC,GAC3C4E,EAASC,GAAalC,EAAgBoC,E,CAGxC,OAAOH,EAASC,EAClB,CAGF,C,22CCjBMG,EAAmB,IAAIC,QAEtB,SAASC,EAAW1B,GAA3B,WACQ,EAAqGA,IAAnGM,EAAS,YAAEM,EAAgB,mBAAEE,EAAO,UAAEE,EAAS,YAAEb,EAAM,SAAEC,EAAI,OAAEC,EAAe,kBAAEY,EAAc,iBAChGzE,EAASwD,EAAMxD,OAGfmF,GAAe,IAAAC,aAAY,SAAC1D,EAAgBC,G,MAChD,GAAqB,QAAjB,EAAA3B,EAAOK,kBAAU,eAAEC,SAErB,GAAIN,EAAOK,WAAWE,KAAKD,QAAS,CAClC,IAAM+E,EAAYC,EAAUtF,EAAOK,WAAWE,KAAKE,YAC/C4E,IACFrF,EAAOC,MAAMsF,SAASC,QAAQC,OAAOzF,EAAOK,WAAWE,KAAKC,YAAc6E,E,OAO5E3D,EACF1B,EAAOC,MAAMsF,SAASC,QAAQC,OAAsB,cAAIzF,EAAOyB,iBAAiBC,EAAOC,UAEhF3B,EAAOC,MAAMsF,SAASC,QAAQC,OAAsB,aAE/D,EAAG,CAACzF,IAGE0F,GAAU,IAAAN,aAAY,+C,iEAC1B,IAAKpF,EAAOmB,WAAY,MAAO,CAAP,GAAO,G,+CAIR,QAAjB,EAAAnB,EAAOK,kBAAU,eAAEC,UACfkF,EAAUG,EAAe3F,GAC/B,GAAMA,EAAOC,MAAM2F,KAAK5F,EAAOmB,WAAY,CAAC,EAAG,CAAEqE,QAAO,MAFtD,M,OAGF,OADA,SACO,CAAP,GAAO,G,OAIT,OAAK7B,aAAM,EAANA,EAAQxB,cAEI,GAAMnC,EAAOC,MAAM2F,KAAK5F,EAAOmB,WAAY,CAC1DiB,cAAeuB,EAAOxB,gBAHU,CAAP,GAAO,G,OASlC,OAPM0D,EAAW,SAIXC,EAAY9F,EAAOsB,cAAcuE,EAASrE,MAChDsC,EAAUgC,GACVX,EAAaW,EAAU5D,YAAa4D,EAAUnE,WACvC,CAAP,GAAO,G,OAKP,O,WAHA6C,IACAW,IACc,QAAd,EAAAnF,EAAO8B,eAAO,gBAAG,GACV,CAAP,GAAO,G,uBAER,CAAC6B,EAAQ3D,EAAQ8D,EAAWU,EAAWW,IAGpCY,GAAY,IAAAX,aAAY,+C,+CAE5B,OADM/D,EAAerB,EAAOqB,cACN,QAAjB,EAAArB,EAAOK,kBAAU,eAAEC,UAAYe,GAK9B2E,EAAUhB,EAAiB3F,IAAImE,IAE5B,CAAP,EAAOwC,IAGHC,EAAU,+C,iEAGK,O,uBADXT,EAAUG,EAAe3F,GACd,GAAMA,EAAOC,MAAMZ,IAAIgC,EAAc,CAAEmE,QAAO,K,cAAzDK,EAAW,UAEJrE,KAAK6C,eAChBD,GAAiB,IAEX8B,EAAkC,QAAlB,EAAAlG,EAAOI,mBAAW,sBAAGyF,EAASrE,QAElD8C,EAAQ4B,G,OADN,OAJF,M,cAMSlG,EAAOoB,WAChB,GAAM+E,KADG,M,OACT,S,iBAGF,MAAO,CAAP,GAAO,G,OAIT,OADA/B,GAAiB,GACV,CAAP,GAAO,G,OAIP,O,WAFAA,GAAiB,GACH,QAAd,EAAApE,EAAO8B,eAAO,gBAAG,GACV,CAAP,GAAO,G,cAEPkD,EAAiBoB,OAAO5C,G,2BAItB6C,EAAUJ,IAChBjB,EAAiBtB,IAAIF,EAAO6C,GACrB,CAAP,EAAOA,IAxCE,CAAP,GAAO,E,MAyCR,CAAC7C,EAAOxD,EAAQoE,EAAkBE,IAG/B6B,GAAiB,IAAAf,aAAY,+C,2DACjC,IAAKpF,EAAOoB,WAAY,U,iBAGV,O,sBAAA,GAAMpB,EAAOC,MAAMZ,IAAOW,EAAOoB,a,cAAvCkF,EAAM,SACZhC,EAAQgC,EAAI9E,M,aAKZ,M,WAHAgD,IACAW,IACc,QAAd,EAAAnF,EAAO8B,eAAO,gBAAG,GACX,E,uBAEP,CAAC9B,EAAQsE,EAASE,EAAWW,IA8FhC,OAvCA,IAAAoB,WAAU,W,MAER,GAAqB,QAAjB,EAAAvG,EAAOK,kBAAU,eAAEC,QACG,OAApBuD,GACFkC,SAMJ,GAAIpC,aAAM,EAANA,EAAQzB,YAAa,CAIvB,GAHAiD,EAAaxB,EAAOzB,YAAayB,EAAOhC,WAGpC8C,IAMF,YALId,EAAOxB,cAAgBnC,EAAO4B,YAChC8D,IAEAlB,KAMJ,GAAIb,EAAOtB,WAAasB,EAAOxB,cAAgBnC,EAAO4B,YAAa,CACjE,IAAM4E,EAAkB7C,EAAOtB,UAAYE,KAAKC,MAC1CiE,EAAcC,KAAKC,IAAIH,EAAkBxG,EAAO6B,iBAAkB,GAElE,EAAQ+E,WAAWlB,EAASe,GAClC,OAAO,WAAM,OAAAI,aAAa,EAAb,C,EAIVjD,GAAQ5D,EAAOoB,YAClB+E,IAAiBW,MAAM,WAAO,E,CAGpC,EAAG,CAACnD,EAAQC,EAAMC,EAAiB7D,EAAQyE,EAAgBiB,EAASK,EAAWI,EAAgBhB,EAAcX,IAEtG,CAAEuC,MA3FK,SAAOC,EAAqCC,GAAqB,oC,6EAG/D,O,sBADNzB,GAA2B,QAAjB,EAAAxF,EAAOK,kBAAU,eAAEC,SAAUqF,EAAe3F,GAAU,CAAC,EAC3D,GAAMA,EAAOC,MAAM2F,KAAK5F,EAAOG,SAAU6G,EAAa,CAAExB,QAAO,K,cAArEc,EAAM,UAES,QAAjB,EAAAtG,EAAOK,kBAAU,eAAEC,SAErB8D,GAAiB,IAGX0B,EAAY9F,EAAOsB,cAAcgF,EAAI9E,MAC3CsC,EAAUgC,GACVX,EAAaW,EAAU5D,YAAa4D,EAAUnE,aAI1CuE,EAAkC,QAAlB,EAAAlG,EAAOI,mBAAW,sBAAGkG,EAAI9E,QAE7C8C,EAAQ4B,GACM,QAAd,EAAAlG,EAAO+B,eAAO,gBAAGmE,G,OAFf,M,cAGOlG,EAAOoB,WAChB,GAAM+E,KADG,M,OACT,UACMe,EAAc1D,EAAM2D,WAAWvD,QACN,QAAd,EAAA5D,EAAO+B,eAAO,gBAAGmF,I,wBAGpCD,SAAAA,I,aAKA,M,WAHAzC,IACAW,IACc,QAAd,EAAAnF,EAAO8B,eAAO,gBAAG,GACX,E,uBA4DMsF,OAvDD,+C,6FAEPpH,EAAOkB,WACHsE,GAA2B,QAAjB,EAAAxF,EAAOK,kBAAU,eAAEC,SAAUqF,EAAe3F,GAAU,CAAC,EACvE,GAAMA,EAAOC,MAAM2F,KAAK5F,EAAOkB,UAAW,CAAC,EAAG,CAAEsE,QAAO,MAFrD,M,OAEF,S,sDAGY,QAAd,EAAAxF,EAAO8B,eAAO,gBAAG,G,oBAEjB0C,IACAW,IACe,QAAf,EAAAnF,EAAOgC,gBAAQ,iB,2BA4CK0D,QAAO,EAAEK,UAAS,EAAEI,eAAc,EAC5D,CAGA,SAASb,EAAU+B,GACjB,GAAwB,oBAAbC,SAA0B,OAAO,KAC5C,IAAMC,EAAQD,SAASE,OAAOD,MAAM,IAAIE,OAAO,eAAQJ,EAAI,cAC3D,OAAOE,EAAQA,EAAM,GAAK,IAC5B,CAGA,SAAS5B,EAAe3F,G,QAChBwF,EAAkC,CAAC,EACzC,GAA2B,QAAvB,EAAiB,QAAjB,EAAAxF,EAAOK,kBAAU,eAAEE,YAAI,eAAED,QAAS,CACpC,IAAM+E,EAAYC,EAAUtF,EAAOK,WAAWE,KAAKE,YAC/C4E,IACFG,EAAQxF,EAAOK,WAAWE,KAAKC,YAAc6E,E,CAGjD,OAAOG,CACT,C,MCzOYkC,E,ocAAZ,SAAYA,GACV,4CACA,gCACA,gCACA,kCACA,gCACA,kCACA,8BACA,0CACA,wBACA,mBACD,CAXD,CAAYA,IAAAA,EAAa,KAgBzB,kBACE,WACSC,EACAC,EACPC,GAHF,MAKE,YAAMA,GAAWF,IAAK,K,OAJf,EAAAA,KAAAA,EACA,EAAAC,cAAAA,EAIP,EAAKP,KAAO,YAGRnH,MAAM4H,mBACR5H,MAAM4H,kBAAkB,EAAMC,G,CAElC,CAmBF,OAhC+B,OAkB7B,YAAAC,OAAA,WACE,MAAO,CACLL,KAAMtJ,KAAKsJ,KACXE,QAASxJ,KAAKwJ,QACdR,KAAMhJ,KAAKgJ,KAEf,EAKO,EAAAY,YAAP,SAAmB/D,GACjB,OAAOA,aAAiB6D,CAC1B,EACF,EAhCA,CAA+B7H,OAqCxB,SAASgI,EAAgBhE,G,gBAC9B,GAAI6D,EAAUE,YAAY/D,GACxB,OAAOA,EAIT,GAAIA,EAAM2B,SAAU,CAClB,IAAM,EAAS3B,EAAM2B,SAASsC,OACxB3G,EAAO0C,EAAM2B,SAASrE,KAE5B,OAAQ,GACN,KAAK,IAEH,OAAgB,QAAZ,EAAAA,aAAI,EAAJA,EAAM4G,cAAM,eAAEC,cAAcC,SAAS,cACxB,QAAb,EAAA9G,aAAI,EAAJA,EAAMqG,eAAO,eAAEQ,cAAcC,SAAS,YACjC,IAAIP,EAAUL,EAAca,cAAerE,EAAO,sBAE3C,QAAZ,EAAA1C,aAAI,EAAJA,EAAM4G,cAAM,eAAEC,cAAcC,SAAS,cACzB,QAAZ,EAAA9G,aAAI,EAAJA,EAAM4G,cAAM,eAAEC,cAAcC,SAAS,gBAChC,IAAIP,EAAUL,EAAcc,oBAAqBtE,EAAO,uBAE1D,IAAI6D,EAAUL,EAAce,aAAcvE,EAAO,gBAE1D,KAAK,IACH,OAAgB,QAAZ,EAAA1C,aAAI,EAAJA,EAAM4G,cAAM,eAAEC,cAAcC,SAAS,SAChC,IAAIP,EAAUL,EAAcgB,mBAAoBxE,EAAO,iCAEzD,IAAI6D,EAAUL,EAAciB,UAAWzE,EAAO,oBAEvD,KAAK,IACH,OAAgB,QAAZ,EAAA1C,aAAI,EAAJA,EAAM4G,cAAM,eAAEC,cAAcC,SAAS,SAChC,IAAIP,EAAUL,EAAckB,eAAgB1E,EAAO,kBAErD,IAAI6D,EAAUL,EAAcmB,QAAS3E,EAAO,sBAErD,QACE,OAAO,IAAI6D,EAAUL,EAAcmB,QAAS3E,EAAO,eAAQ,EAAM,W,CAKvE,OAAIA,EAAM4E,QACD,IAAIf,EAAUL,EAAcqB,cAAe7E,EAAO,wCAIpD,IAAI6D,EAAUL,EAAcmB,QAAS3E,EAAOA,EAAM2D,SAAW,gBACtE,C","sources":["webpack://@jasperoosthoek/zustand-auth-registry/webpack/universalModuleDefinition","webpack://@jasperoosthoek/zustand-auth-registry/external umd \"react\"","webpack://@jasperoosthoek/zustand-auth-registry/external umd \"zustand\"","webpack://@jasperoosthoek/zustand-auth-registry/webpack/bootstrap","webpack://@jasperoosthoek/zustand-auth-registry/webpack/runtime/define property getters","webpack://@jasperoosthoek/zustand-auth-registry/webpack/runtime/hasOwnProperty shorthand","webpack://@jasperoosthoek/zustand-auth-registry/webpack/runtime/make namespace object","webpack://@jasperoosthoek/zustand-auth-registry/./src/authConfig.ts","webpack://@jasperoosthoek/zustand-auth-registry/./src/authStore.ts","webpack://@jasperoosthoek/zustand-auth-registry/./src/createAuthRegistry.ts","webpack://@jasperoosthoek/zustand-auth-registry/./src/useAuth.ts","webpack://@jasperoosthoek/zustand-auth-registry/./src/errors.ts"],"sourcesContent":["(function webpackUniversalModuleDefinition(root, factory) {\n\tif(typeof exports === 'object' && typeof module === 'object')\n\t\tmodule.exports = factory(require(\"zustand\"), require(\"react\"));\n\telse if(typeof define === 'function' && define.amd)\n\t\tdefine([\"zustand\", \"react\"], factory);\n\telse if(typeof exports === 'object')\n\t\texports[\"@jasperoosthoek/zustand-auth-registry\"] = factory(require(\"zustand\"), require(\"react\"));\n\telse\n\t\troot[\"@jasperoosthoek/zustand-auth-registry\"] = factory(root[\"zustand\"], root[\"react\"]);\n})(this, (__WEBPACK_EXTERNAL_MODULE__287__, __WEBPACK_EXTERNAL_MODULE__155__) => {\nreturn ","module.exports = __WEBPACK_EXTERNAL_MODULE__155__;","module.exports = __WEBPACK_EXTERNAL_MODULE__287__;","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\t__webpack_modules__[moduleId](module, module.exports, __webpack_require__);\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","// define getter functions for harmony exports\n__webpack_require__.d = (exports, definition) => {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","__webpack_require__.o = (obj, prop) => (Object.prototype.hasOwnProperty.call(obj, prop))","// define __esModule on exports\n__webpack_require__.r = (exports) => {\n\tif(typeof Symbol !== 'undefined' && Symbol.toStringTag) {\n\t\tObject.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });\n\t}\n\tObject.defineProperty(exports, '__esModule', { value: true });\n};","import { AxiosInstance } from 'axios';\n\n// Token data structure\nexport type TokenData = {\n accessToken: string;\n refreshToken?: string;\n expiresAt?: number;\n tokenType: string;\n};\n\nexport type AuthConfig<U> = {\n axios: AxiosInstance;\n\n // Endpoints\n loginUrl: string;\n logoutUrl?: string;\n refreshUrl?: string;\n getUserUrl?: string;\n authCheckUrl?: string; // For cookie auth verification\n\n // Token extraction from login response\n extractTokens?: (data: any) => TokenData;\n\n // User extraction from responses (login, checkAuth)\n // Can be a function or a string key (e.g., \"user\" extracts data.user)\n extractUser?: ((data: any) => U | null) | string;\n\n // Auth header format (default: \"Bearer {token}\")\n formatAuthHeader?: (token: string, tokenType?: string) => string;\n\n // Auto-refresh settings\n autoRefresh?: boolean;\n refreshThreshold?: number; // ms before expiry to refresh (default: 5 min)\n\n // Cookie-based authentication (alternative to localStorage)\n cookieAuth?: {\n enabled: boolean;\n csrf?: {\n enabled: boolean;\n headerName?: string; // Default: 'X-CSRFToken'\n cookieName?: string; // Default: 'csrftoken'\n };\n };\n\n // Token persistence (localStorage)\n persistence?: {\n enabled: boolean;\n storage?: Storage;\n tokenKey?: string;\n refreshTokenKey?: string;\n userKey?: string;\n expiryKey?: string;\n };\n\n // Callbacks\n onError?: (error: any) => void;\n onLogin?: (user: U) => void;\n onLogout?: () => void;\n};\n\nexport type ValidatedAuthConfig<U> = {\n axios: AxiosInstance;\n\n // Endpoints\n loginUrl: string;\n logoutUrl?: string;\n refreshUrl?: string;\n getUserUrl?: string;\n authCheckUrl?: string;\n\n // Extraction functions\n extractTokens: (data: any) => TokenData;\n extractUser?: (data: any) => U | null;\n\n // Auth header format\n formatAuthHeader: (token: string, tokenType?: string) => string;\n\n // Auto-refresh\n autoRefresh: boolean;\n refreshThreshold: number;\n\n // Cookie auth\n cookieAuth?: {\n enabled: boolean;\n csrf: {\n enabled: boolean;\n headerName: string;\n cookieName: string;\n };\n };\n\n // Persistence\n persistence: {\n enabled: boolean;\n storage: Storage;\n tokenKey: string;\n refreshTokenKey: string;\n userKey: string;\n expiryKey: string;\n };\n\n // Callbacks\n onError?: (error: any) => void;\n onLogin?: (user: U) => void;\n onLogout?: () => void;\n};\n\nexport const validateAuthConfig = <U>(config: AuthConfig<U>): ValidatedAuthConfig<U> => {\n if (!config.axios) {\n throw new Error('AuthConfig: axios instance is required');\n }\n\n if (!config.loginUrl) {\n throw new Error('AuthConfig: loginUrl is required');\n }\n\n // Cookie auth config\n const cookieAuth = config.cookieAuth?.enabled ? {\n enabled: true,\n csrf: {\n enabled: config.cookieAuth.csrf?.enabled ?? false,\n headerName: config.cookieAuth.csrf?.headerName || 'X-CSRFToken',\n cookieName: config.cookieAuth.csrf?.cookieName || 'csrftoken',\n },\n } : undefined;\n\n // Persistence config (disabled by default)\n const persistence = {\n enabled: config.persistence?.enabled ?? false,\n storage: config.persistence?.storage ??\n (typeof window !== 'undefined' && window.localStorage ? window.localStorage : {} as Storage),\n tokenKey: config.persistence?.tokenKey ?? 'token',\n refreshTokenKey: config.persistence?.refreshTokenKey ?? 'refresh_token',\n userKey: config.persistence?.userKey ?? 'user',\n expiryKey: config.persistence?.expiryKey ?? 'expires_at',\n };\n\n return {\n axios: config.axios,\n loginUrl: config.loginUrl,\n logoutUrl: config.logoutUrl,\n refreshUrl: config.refreshUrl,\n getUserUrl: config.getUserUrl,\n authCheckUrl: config.authCheckUrl,\n extractTokens: config.extractTokens ?? defaultExtractTokens,\n extractUser: normalizeExtractUser(config.extractUser),\n formatAuthHeader: config.formatAuthHeader ??\n ((token: string, tokenType: string = 'Bearer') => `${tokenType} ${token}`),\n autoRefresh: config.autoRefresh ?? true,\n refreshThreshold: config.refreshThreshold ?? 300000, // 5 minutes\n cookieAuth,\n persistence,\n onError: config.onError,\n onLogin: config.onLogin,\n onLogout: config.onLogout,\n };\n};\n\n// Default token extraction - handles common response formats\nfunction defaultExtractTokens(data: any): TokenData {\n // OAuth 2.0 format: { access_token, refresh_token, expires_in, token_type }\n if (data.access_token) {\n return {\n accessToken: data.access_token,\n refreshToken: data.refresh_token,\n expiresAt: data.expires_in ? Date.now() + (data.expires_in * 1000) : undefined,\n tokenType: data.token_type || 'Bearer',\n };\n }\n\n // Simple format: { token } or { auth_token }\n const token = data.token || data.auth_token;\n if (token) {\n return {\n accessToken: token,\n tokenType: 'Bearer',\n };\n }\n\n throw new Error('No token found in response. Provide extractTokens or ensure response contains access_token/token field.');\n}\n\n// Normalize extractUser: string becomes key accessor, function passed through\nfunction normalizeExtractUser<U>(\n extractUser?: ((data: any) => U | null) | string\n): ((data: any) => U | null) | undefined {\n if (typeof extractUser === 'string') {\n return (data: any) => data[extractUser] ?? null;\n }\n return extractUser;\n}\n","import { create, StoreApi, UseBoundStore } from 'zustand';\nimport { ValidatedAuthConfig, TokenData } from './authConfig';\n\nexport type AuthState<U> = {\n isAuthenticated: boolean | null; // null = not checked yet (cookie mode)\n user: U | null;\n tokens: TokenData | null; // null in cookie mode or when logged out\n\n // Methods\n setTokens: (tokens: TokenData) => void;\n setBearerToken: (token: string) => void; // Convenience for simple Bearer token auth\n setAuthenticated: (authenticated: boolean) => void; // For cookie mode\n setUser: (user: U) => void;\n unsetUser: () => void;\n isTokenExpired: () => boolean;\n};\n\nexport type AuthStore<U> = UseBoundStore<StoreApi<AuthState<U>>> & {\n config: ValidatedAuthConfig<U>;\n};\n\nexport const createAuthStore = <U>(config: ValidatedAuthConfig<U>): AuthStore<U> => {\n const { persistence, cookieAuth } = config;\n\n const getStoredTokens = (): TokenData | null => {\n // Cookie mode: No client-side tokens\n if (cookieAuth?.enabled) {\n return null;\n }\n\n // Token mode: Read from storage\n if (!persistence.enabled) return null;\n try {\n const accessToken = persistence.storage.getItem(persistence.tokenKey);\n if (!accessToken) return null;\n\n const refreshToken = persistence.storage.getItem(persistence.refreshTokenKey);\n const expiryString = persistence.storage.getItem(persistence.expiryKey);\n const expiresAt = expiryString ? parseInt(expiryString, 10) : undefined;\n\n return {\n accessToken,\n refreshToken: refreshToken || undefined,\n expiresAt: expiresAt && !isNaN(expiresAt) ? expiresAt : undefined,\n tokenType: 'Bearer',\n };\n } catch {\n return null;\n }\n };\n\n const getStoredUser = (): U | null => {\n if (!persistence.enabled) return null;\n try {\n const userString = persistence.storage.getItem(persistence.userKey);\n return userString ? (JSON.parse(userString) as U) : null;\n } catch {\n return null;\n }\n };\n\n const initialTokens = getStoredTokens();\n const initialUser = getStoredUser();\n\n // Cookie mode: null (unknown until checkAuth)\n // Token mode: true/false based on token presence\n const initialIsAuthenticated = cookieAuth?.enabled\n ? null\n : !!initialTokens?.accessToken;\n\n const store = create<AuthState<U>>((set, get) => ({\n tokens: initialTokens,\n user: initialUser,\n isAuthenticated: initialIsAuthenticated,\n\n setTokens: (tokens: TokenData) => {\n set({ tokens, isAuthenticated: true });\n\n // Cookie mode: No localStorage persistence for tokens\n if (cookieAuth?.enabled) {\n return;\n }\n\n // Token mode: Persist to storage\n if (persistence.enabled) {\n try {\n persistence.storage.setItem(persistence.tokenKey, tokens.accessToken);\n\n if (tokens.refreshToken) {\n persistence.storage.setItem(persistence.refreshTokenKey, tokens.refreshToken);\n } else {\n persistence.storage.removeItem(persistence.refreshTokenKey);\n }\n\n if (tokens.expiresAt) {\n persistence.storage.setItem(persistence.expiryKey, tokens.expiresAt.toString());\n } else {\n persistence.storage.removeItem(persistence.expiryKey);\n }\n } catch (error) {\n config.onError?.(error);\n }\n }\n },\n\n setBearerToken: (token: string) => {\n get().setTokens({ accessToken: token, tokenType: 'Bearer' });\n },\n\n setAuthenticated: (authenticated: boolean) => {\n set({ isAuthenticated: authenticated });\n },\n\n setUser: (user: U) => {\n set({ user });\n\n if (persistence.enabled) {\n try {\n persistence.storage.setItem(persistence.userKey, JSON.stringify(user));\n } catch (error) {\n config.onError?.(error);\n }\n }\n },\n\n unsetUser: () => {\n set({ user: null, tokens: null, isAuthenticated: false });\n\n if (persistence.enabled) {\n try {\n persistence.storage.removeItem(persistence.tokenKey);\n persistence.storage.removeItem(persistence.refreshTokenKey);\n persistence.storage.removeItem(persistence.userKey);\n persistence.storage.removeItem(persistence.expiryKey);\n } catch (error) {\n config.onError?.(error);\n }\n }\n },\n\n isTokenExpired: () => {\n const tokens = get().tokens;\n if (!tokens?.expiresAt) return false;\n return Date.now() >= tokens.expiresAt;\n },\n }));\n\n return Object.assign(store, { config });\n};\n","import { AuthConfig, validateAuthConfig } from './authConfig';\nimport { createAuthStore, AuthStore } from './authStore';\n\nexport function createAuthRegistry<AuthModels extends Record<string, any>>() {\n const registry: Record<string, AuthStore<any>> = {};\n\n function getAuthStore<K extends keyof AuthModels>(\n key: K,\n config: AuthConfig<AuthModels[K]>\n ): AuthStore<AuthModels[K]> {\n const stringKey = String(key);\n \n if (!registry[stringKey]) {\n const validatedConfig = validateAuthConfig(config);\n registry[stringKey] = createAuthStore(validatedConfig);\n }\n \n return registry[stringKey];\n }\n\n return getAuthStore;\n}\n","import { useEffect, useCallback } from 'react';\nimport { AuthStore } from './authStore';\n\n// Promise deduplication: prevents multiple concurrent checkAuth calls per store\nconst pendingCheckAuth = new WeakMap<AuthStore<any>, Promise<boolean>>();\n\nexport function useAuth<U>(store: AuthStore<U>) {\n const { setTokens, setAuthenticated, setUser, unsetUser, tokens, user, isAuthenticated, isTokenExpired } = store();\n const config = store.config;\n\n // Set axios Authorization header (token mode only)\n const setAxiosAuth = useCallback((token?: string, tokenType?: string) => {\n if (config.cookieAuth?.enabled) {\n // Cookie mode: CSRF header if enabled, no Authorization header\n if (config.cookieAuth.csrf.enabled) {\n const csrfToken = getCookie(config.cookieAuth.csrf.cookieName);\n if (csrfToken) {\n config.axios.defaults.headers.common[config.cookieAuth.csrf.headerName] = csrfToken;\n }\n }\n return;\n }\n\n // Token mode: Set Authorization header\n if (token) {\n config.axios.defaults.headers.common['Authorization'] = config.formatAuthHeader(token, tokenType);\n } else {\n delete config.axios.defaults.headers.common['Authorization'];\n }\n }, [config]);\n\n // Refresh tokens\n const refresh = useCallback(async (): Promise<boolean> => {\n if (!config.refreshUrl) return false;\n\n try {\n // Cookie mode: Just call refresh endpoint, server handles cookie\n if (config.cookieAuth?.enabled) {\n const headers = getCsrfHeaders(config);\n await config.axios.post(config.refreshUrl, {}, { headers });\n return true;\n }\n\n // Token mode: Send refresh token, get new tokens\n if (!tokens?.refreshToken) return false;\n\n const response = await config.axios.post(config.refreshUrl, {\n refresh_token: tokens.refreshToken,\n });\n\n const newTokens = config.extractTokens(response.data);\n setTokens(newTokens);\n setAxiosAuth(newTokens.accessToken, newTokens.tokenType);\n return true;\n } catch (error) {\n unsetUser();\n setAxiosAuth();\n config.onError?.(error);\n return false;\n }\n }, [tokens, config, setTokens, unsetUser, setAxiosAuth]);\n\n // Check authentication (cookie mode) - with promise deduplication\n const checkAuth = useCallback(async (): Promise<boolean> => {\n const authCheckUrl = config.authCheckUrl;\n if (!config.cookieAuth?.enabled || !authCheckUrl) {\n return false;\n }\n\n // Return existing promise if check is already in progress\n const pending = pendingCheckAuth.get(store);\n if (pending) {\n return pending;\n }\n\n const doCheck = async (): Promise<boolean> => {\n try {\n const headers = getCsrfHeaders(config);\n const response = await config.axios.get(authCheckUrl, { headers });\n\n if (response.data.authenticated) {\n setAuthenticated(true);\n\n const extractedUser = config.extractUser?.(response.data);\n if (extractedUser) {\n setUser(extractedUser);\n } else if (config.getUserUrl) {\n await getCurrentUser();\n }\n\n return true;\n }\n\n setAuthenticated(false);\n return false;\n } catch (error) {\n setAuthenticated(false);\n config.onError?.(error);\n return false;\n } finally {\n pendingCheckAuth.delete(store);\n }\n };\n\n const promise = doCheck();\n pendingCheckAuth.set(store, promise);\n return promise;\n }, [store, config, setAuthenticated, setUser]);\n\n // Get current user\n const getCurrentUser = useCallback(async () => {\n if (!config.getUserUrl) return;\n\n try {\n const res = await config.axios.get<U>(config.getUserUrl);\n setUser(res.data);\n } catch (error) {\n unsetUser();\n setAxiosAuth();\n config.onError?.(error);\n throw error;\n }\n }, [config, setUser, unsetUser, setAxiosAuth]);\n\n // Login\n const login = async (credentials: Record<string, string>, callback?: () => void) => {\n try {\n const headers = config.cookieAuth?.enabled ? getCsrfHeaders(config) : {};\n const res = await config.axios.post(config.loginUrl, credentials, { headers });\n\n if (config.cookieAuth?.enabled) {\n // Cookie mode: Server sets httpOnly cookie, just mark as authenticated\n setAuthenticated(true);\n } else {\n // Token mode: Extract and store tokens\n const newTokens = config.extractTokens(res.data);\n setTokens(newTokens);\n setAxiosAuth(newTokens.accessToken, newTokens.tokenType);\n }\n\n // Extract user from response\n const extractedUser = config.extractUser?.(res.data);\n if (extractedUser) {\n setUser(extractedUser);\n config.onLogin?.(extractedUser);\n } else if (config.getUserUrl) {\n await getCurrentUser();\n const currentUser = store.getState().user;\n if (currentUser) config.onLogin?.(currentUser);\n }\n\n callback?.();\n } catch (error) {\n unsetUser();\n setAxiosAuth();\n config.onError?.(error);\n throw error;\n }\n };\n\n // Logout\n const logout = async () => {\n try {\n if (config.logoutUrl) {\n const headers = config.cookieAuth?.enabled ? getCsrfHeaders(config) : {};\n await config.axios.post(config.logoutUrl, {}, { headers });\n }\n } catch (error) {\n config.onError?.(error);\n } finally {\n unsetUser();\n setAxiosAuth();\n config.onLogout?.();\n }\n };\n\n // Auto-setup on mount\n useEffect(() => {\n // Cookie mode: Check authentication if not yet determined\n if (config.cookieAuth?.enabled) {\n if (isAuthenticated === null) {\n checkAuth();\n }\n return;\n }\n\n // Token mode: Setup headers and auto-refresh\n if (tokens?.accessToken) {\n setAxiosAuth(tokens.accessToken, tokens.tokenType);\n\n // Check if expired\n if (isTokenExpired()) {\n if (tokens.refreshToken && config.autoRefresh) {\n refresh();\n } else {\n unsetUser();\n }\n return;\n }\n\n // Setup auto-refresh timer\n if (tokens.expiresAt && tokens.refreshToken && config.autoRefresh) {\n const timeUntilExpiry = tokens.expiresAt - Date.now();\n const refreshTime = Math.max(timeUntilExpiry - config.refreshThreshold, 0);\n\n const timer = setTimeout(refresh, refreshTime);\n return () => clearTimeout(timer);\n }\n\n // Fetch user if missing\n if (!user && config.getUserUrl) {\n getCurrentUser().catch(() => {});\n }\n }\n }, [tokens, user, isAuthenticated, config, isTokenExpired, refresh, checkAuth, getCurrentUser, setAxiosAuth, unsetUser]);\n\n return { login, logout, refresh, checkAuth, getCurrentUser };\n}\n\n// Helper: Get cookie value\nfunction getCookie(name: string): string | null {\n if (typeof document === 'undefined') return null;\n const match = document.cookie.match(new RegExp(`(^| )${name}=([^;]+)`));\n return match ? match[2] : null;\n}\n\n// Helper: Get CSRF headers if enabled\nfunction getCsrfHeaders(config: any): Record<string, string> {\n const headers: Record<string, string> = {};\n if (config.cookieAuth?.csrf?.enabled) {\n const csrfToken = getCookie(config.cookieAuth.csrf.cookieName);\n if (csrfToken) {\n headers[config.cookieAuth.csrf.headerName] = csrfToken;\n }\n }\n return headers;\n}\n","/**\n * Authentication error codes\n */\nexport enum AuthErrorCode {\n INVALID_CREDENTIALS = 'INVALID_CREDENTIALS',\n TOKEN_EXPIRED = 'TOKEN_EXPIRED',\n TOKEN_INVALID = 'TOKEN_INVALID',\n REFRESH_FAILED = 'REFRESH_FAILED',\n NETWORK_ERROR = 'NETWORK_ERROR',\n USER_NOT_FOUND = 'USER_NOT_FOUND',\n UNAUTHORIZED = 'UNAUTHORIZED',\n CSRF_TOKEN_MISSING = 'CSRF_TOKEN_MISSING',\n FORBIDDEN = 'FORBIDDEN',\n UNKNOWN = 'UNKNOWN',\n}\n\n/**\n * Typed authentication error\n */\nexport class AuthError extends Error {\n constructor(\n public code: AuthErrorCode,\n public originalError?: any,\n message?: string\n ) {\n super(message || code);\n this.name = 'AuthError';\n\n // Maintain proper stack trace for where our error was thrown (only available on V8)\n if (Error.captureStackTrace) {\n Error.captureStackTrace(this, AuthError);\n }\n }\n\n /**\n * Convert error to JSON (excludes originalError in production)\n */\n toJSON() {\n return {\n code: this.code,\n message: this.message,\n name: this.name,\n };\n }\n\n /**\n * Check if error is an AuthError\n */\n static isAuthError(error: any): error is AuthError {\n return error instanceof AuthError;\n }\n}\n\n/**\n * Create typed AuthError from any error\n */\nexport function createAuthError(error: any): AuthError {\n if (AuthError.isAuthError(error)) {\n return error;\n }\n\n // Axios error\n if (error.response) {\n const status = error.response.status;\n const data = error.response.data;\n\n switch (status) {\n case 401:\n // Check if it's an expired token\n if (data?.detail?.toLowerCase().includes('expired') ||\n data?.message?.toLowerCase().includes('expired')) {\n return new AuthError(AuthErrorCode.TOKEN_EXPIRED, error, 'Token has expired');\n }\n if (data?.detail?.toLowerCase().includes('invalid') ||\n data?.detail?.toLowerCase().includes('credentials')) {\n return new AuthError(AuthErrorCode.INVALID_CREDENTIALS, error, 'Invalid credentials');\n }\n return new AuthError(AuthErrorCode.UNAUTHORIZED, error, 'Unauthorized');\n\n case 403:\n if (data?.detail?.toLowerCase().includes('csrf')) {\n return new AuthError(AuthErrorCode.CSRF_TOKEN_MISSING, error, 'CSRF token missing or invalid');\n }\n return new AuthError(AuthErrorCode.FORBIDDEN, error, 'Access forbidden');\n\n case 404:\n if (data?.detail?.toLowerCase().includes('user')) {\n return new AuthError(AuthErrorCode.USER_NOT_FOUND, error, 'User not found');\n }\n return new AuthError(AuthErrorCode.UNKNOWN, error, 'Resource not found');\n\n default:\n return new AuthError(AuthErrorCode.UNKNOWN, error, `HTTP ${status} error`);\n }\n }\n\n // Network error (no response received)\n if (error.request) {\n return new AuthError(AuthErrorCode.NETWORK_ERROR, error, 'Network error - no response received');\n }\n\n // Other errors\n return new AuthError(AuthErrorCode.UNKNOWN, error, error.message || 'Unknown error');\n}\n"],"names":["root","factory","exports","module","require","define","amd","this","__WEBPACK_EXTERNAL_MODULE__287__","__WEBPACK_EXTERNAL_MODULE__155__","__webpack_module_cache__","__webpack_require__","moduleId","cachedModule","undefined","__webpack_modules__","d","definition","key","o","Object","defineProperty","enumerable","get","obj","prop","prototype","hasOwnProperty","call","r","Symbol","toStringTag","value","validateAuthConfig","config","axios","Error","loginUrl","extractUser","cookieAuth","enabled","csrf","headerName","cookieName","persistence","storage","window","localStorage","tokenKey","refreshTokenKey","userKey","expiryKey","logoutUrl","refreshUrl","getUserUrl","authCheckUrl","extractTokens","defaultExtractTokens","data","formatAuthHeader","token","tokenType","autoRefresh","refreshThreshold","onError","onLogin","onLogout","access_token","accessToken","refreshToken","refresh_token","expiresAt","expires_in","Date","now","token_type","auth_token","createAuthStore","initialTokens","getItem","expiryString","parseInt","isNaN","getStoredTokens","initialUser","userString","JSON","parse","getStoredUser","initialIsAuthenticated","store","create","set","tokens","user","isAuthenticated","setTokens","setItem","removeItem","toString","error","setBearerToken","setAuthenticated","authenticated","setUser","stringify","unsetUser","isTokenExpired","assign","createAuthRegistry","registry","stringKey","String","validatedConfig","pendingCheckAuth","WeakMap","useAuth","setAxiosAuth","useCallback","csrfToken","getCookie","defaults","headers","common","refresh","getCsrfHeaders","post","response","newTokens","checkAuth","pending","doCheck","extractedUser","getCurrentUser","delete","promise","res","useEffect","timeUntilExpiry","refreshTime","Math","max","setTimeout","clearTimeout","catch","login","credentials","callback","currentUser","getState","logout","name","document","match","cookie","RegExp","AuthErrorCode","code","originalError","message","captureStackTrace","AuthError","toJSON","isAuthError","createAuthError","status","detail","toLowerCase","includes","TOKEN_EXPIRED","INVALID_CREDENTIALS","UNAUTHORIZED","CSRF_TOKEN_MISSING","FORBIDDEN","USER_NOT_FOUND","UNKNOWN","request","NETWORK_ERROR"],"sourceRoot":""}
1
+ {"version":3,"file":"index.js","mappings":"CAAA,SAA2CA,EAAMC,GAC1B,iBAAZC,SAA0C,iBAAXC,OACxCA,OAAOD,QAAUD,EAAQG,QAAQ,WAAYA,QAAQ,UAC5B,mBAAXC,QAAyBA,OAAOC,IAC9CD,OAAO,CAAC,UAAW,SAAUJ,GACH,iBAAZC,QACdA,QAAQ,yCAA2CD,EAAQG,QAAQ,WAAYA,QAAQ,UAEvFJ,EAAK,yCAA2CC,EAAQD,EAAc,QAAGA,EAAY,MACtF,CATD,CASGO,KAAM,CAACC,EAAkCC,I,kCCT5CN,EAAOD,QAAUO,C,UCAjBN,EAAOD,QAAUM,C,GCCbE,EAA2B,CAAC,EAGhC,SAASC,EAAoBC,GAE5B,IAAIC,EAAeH,EAAyBE,GAC5C,QAAqBE,IAAjBD,EACH,OAAOA,EAAaX,QAGrB,IAAIC,EAASO,EAAyBE,GAAY,CAGjDV,QAAS,CAAC,GAOX,OAHAa,EAAoBH,GAAUT,EAAQA,EAAOD,QAASS,GAG/CR,EAAOD,OACf,CCrBAS,EAAoBK,EAAI,CAACd,EAASe,KACjC,IAAI,IAAIC,KAAOD,EACXN,EAAoBQ,EAAEF,EAAYC,KAASP,EAAoBQ,EAAEjB,EAASgB,IAC5EE,OAAOC,eAAenB,EAASgB,EAAK,CAAEI,YAAY,EAAMC,IAAKN,EAAWC,MCJ3EP,EAAoBQ,EAAI,CAACK,EAAKC,IAAUL,OAAOM,UAAUC,eAAeC,KAAKJ,EAAKC,GCClFd,EAAoBkB,EAAK3B,IACH,oBAAX4B,QAA0BA,OAAOC,aAC1CX,OAAOC,eAAenB,EAAS4B,OAAOC,YAAa,CAAEC,MAAO,WAE7DZ,OAAOC,eAAenB,EAAS,aAAc,CAAE8B,OAAO,K,yKCyGhD,IAAMC,EAAqB,SAAIC,G,kDACpC,IAAKA,EAAOC,MACV,MAAM,IAAIC,MAAM,0CAGlB,IAAKF,EAAOG,SACV,MAAM,IAAID,MAAM,oCAIlB,IA8E+BE,EAT/BC,EArEMC,GAA8B,QAAjB,EAAAN,EAAOM,kBAAU,eAAEC,SAAU,CAC9CA,SAAS,EACTC,KAAM,CACJD,QAAwC,QAA/B,EAAsB,QAAtB,EAAAP,EAAOM,WAAWE,YAAI,eAAED,eAAO,SACxCE,YAAkC,QAAtB,EAAAT,EAAOM,WAAWE,YAAI,eAAEC,aAAc,cAClDC,SAA0C,QAAhC,EAAsB,QAAtB,EAAAV,EAAOM,WAAWE,YAAI,eAAEE,gBAAQ,SAyEfN,GAxEH,QAAtB,EAAAJ,EAAOM,WAAWE,YAAI,eAAEJ,aAAc,YAyErC,WACL,GAAwB,oBAAbO,SAA0B,OAAO,KAC5C,IAAMC,EAAQD,SAASE,OAAOD,MAAM,IAAIE,OAAO,UAAGV,EAAU,cAC5D,OAAOQ,EAAQA,EAAM,GAAK,IAC5B,UA1EIhC,EAGEmC,EAAc,CAClBR,QAAoC,QAA3B,EAAkB,QAAlB,EAAAP,EAAOe,mBAAW,eAAER,eAAO,SACpCS,QAAoC,QAA3B,EAAkB,QAAlB,EAAAhB,EAAOe,mBAAW,eAAEC,eAAO,QACf,oBAAXC,QAA0BA,OAAOC,aAAeD,OAAOC,aAAe,CAAC,EACjFC,SAAsC,QAA5B,EAAkB,QAAlB,EAAAnB,EAAOe,mBAAW,eAAEI,gBAAQ,QAAI,QAC1CC,gBAAoD,QAAnC,EAAkB,QAAlB,EAAApB,EAAOe,mBAAW,eAAEK,uBAAe,QAAI,gBACxDC,QAAoC,QAA3B,EAAkB,QAAlB,EAAArB,EAAOe,mBAAW,eAAEM,eAAO,QAAI,OACxCC,UAAwC,QAA7B,EAAkB,QAAlB,EAAAtB,EAAOe,mBAAW,eAAEO,iBAAS,QAAI,cAG9C,MAAO,CACLrB,MAAOD,EAAOC,MACdE,SAAUH,EAAOG,SACjBoB,UAAWvB,EAAOuB,UAClBC,WAAYxB,EAAOwB,WACnBC,WAAYzB,EAAOyB,WACnBC,aAAc1B,EAAO0B,aACrBC,cAAmC,QAApB,EAAA3B,EAAO2B,qBAAa,QAAIC,EACvCvB,aAuCFA,EAvCoCL,EAAOK,YAyChB,iBAAhBA,EACF,SAACwB,GAAS,MAAK,OAAiB,QAAjB,EAAAA,EAAKxB,UAAY,QAAI,IAAI,EAE1CA,GA3CLyB,iBAAyC,QAAvB,EAAA9B,EAAO8B,wBAAgB,QACvC,SAAEC,EAAeC,GAAiC,YAAjC,IAAAA,IAAAA,EAAA,UAAiC,UAAGA,EAAS,YAAID,EAAO,EAC3EE,YAA+B,QAAlB,EAAAjC,EAAOiC,mBAAW,SAC/BC,iBAAyC,QAAvB,EAAAlC,EAAOkC,wBAAgB,QAAI,IAC7C5B,WAAU,EACVS,YAAW,EACXoB,QAASnC,EAAOmC,QAChBC,QAASpC,EAAOoC,QAChBC,SAAUrC,EAAOqC,SAErB,EAGA,SAAST,EAAqBC,GAE5B,GAAIA,EAAKS,aACP,MAAO,CACLC,YAAaV,EAAKS,aAClBE,aAAcX,EAAKY,cACnBC,UAAWb,EAAKc,WAAaC,KAAKC,MAA2B,IAAlBhB,EAAKc,gBAAqB/D,EACrEoD,UAAWH,EAAKiB,YAAc,UAKlC,IAAMf,EAAQF,EAAKE,OAASF,EAAKkB,WACjC,GAAIhB,EACF,MAAO,CACLQ,YAAaR,EACbC,UAAW,UAIf,MAAM,IAAI9B,MAAM,0GAClB,C,aCnKM8C,EAAe,CAAC,OAAQ,MAAO,QAAS,UAqBjCC,EAAkB,SAAIjD,GACzB,IAAAe,EAA4Bf,EAAM,YAArBM,EAAeN,EAAM,YApBf,SAAIA,G,MAC/B,KAAsB,QAAjB,EAAAA,EAAOM,kBAAU,eAAEE,KAAKD,SAC3B,OAAO,KAGH,MAA2BP,EAAOM,WAAWE,KAA3CC,EAAU,aAAEC,EAAQ,WAErBV,EAAOC,MAAMiD,aAAaC,QAAQC,IAAI,SAACC,G,MACtCC,EAA6B,QAApB,EAAAD,EAAcC,cAAM,eAAEC,cACrC,GAAID,GAAUN,EAAaQ,SAASF,GAAS,CAC3C,IAAMG,EAAY/C,IACd+C,IACFJ,EAAcK,QAAQjD,GAAcgD,E,CAGxC,OAAOJ,CACT,EACF,CAMEM,CAAqB3D,GAErB,IAqCM4D,EArCkB,WAEtB,GAAItD,aAAU,EAAVA,EAAYC,QACd,OAAO,KAIT,IAAKQ,EAAYR,QAAS,OAAO,KACjC,IACE,IAAMgC,EAAcxB,EAAYC,QAAQ6C,QAAQ9C,EAAYI,UAC5D,IAAKoB,EAAa,OAAO,KAEzB,IAAMC,EAAezB,EAAYC,QAAQ6C,QAAQ9C,EAAYK,iBACvD0C,EAAe/C,EAAYC,QAAQ6C,QAAQ9C,EAAYO,WACvDoB,EAAYoB,EAAeC,SAASD,EAAc,SAAMlF,EAE9D,MAAO,CACL2D,YAAW,EACXC,aAAcA,QAAgB5D,EAC9B8D,UAAWA,IAAcsB,MAAMtB,GAAaA,OAAY9D,EACxDoD,UAAW,S,CAEb,SACA,OAAO,I,CAEX,CAYsBiC,GAChBC,EAXgB,WACpB,IAAKnD,EAAYR,QAAS,OAAO,KACjC,IACE,IAAM4D,EAAapD,EAAYC,QAAQ6C,QAAQ9C,EAAYM,SAC3D,OAAO8C,EAAcC,KAAKC,MAAMF,GAAoB,I,CACpD,SACA,OAAO,I,CAEX,CAGoBG,GAIdC,GAAyBjE,aAAU,EAAVA,EAAYC,SACvC,QACEqD,aAAa,EAAbA,EAAerB,aAEfiC,GAAQ,IAAAC,QAAqB,SAACC,EAAKrF,GAAQ,OAC/CsF,OAAQf,EACRgB,KAAMV,EACNW,gBAAiBN,EAEjBO,UAAW,SAACH,G,MAIV,GAHAD,EAAI,CAAEC,OAAM,EAAEE,iBAAiB,MAG3BvE,aAAU,EAAVA,EAAYC,UAKZQ,EAAYR,QACd,IACEQ,EAAYC,QAAQ+D,QAAQhE,EAAYI,SAAUwD,EAAOpC,aAErDoC,EAAOnC,aACTzB,EAAYC,QAAQ+D,QAAQhE,EAAYK,gBAAiBuD,EAAOnC,cAEhEzB,EAAYC,QAAQgE,WAAWjE,EAAYK,iBAGzCuD,EAAOjC,UACT3B,EAAYC,QAAQ+D,QAAQhE,EAAYO,UAAWqD,EAAOjC,UAAUuC,YAEpElE,EAAYC,QAAQgE,WAAWjE,EAAYO,U,CAE7C,MAAO4D,GACO,QAAd,EAAAlF,EAAOmC,eAAO,gBAAG+C,E,CAGvB,EAEAC,eAAgB,SAACpD,GACf1C,IAAMyF,UAAU,CAAEvC,YAAaR,EAAOC,UAAW,UACnD,EAEAoD,iBAAkB,SAACC,GACjBX,EAAI,CAAEG,gBAAiBQ,GACzB,EAEAC,QAAS,SAACV,G,MAGR,GAFAF,EAAI,CAAEE,KAAI,IAEN7D,EAAYR,QACd,IACEQ,EAAYC,QAAQ+D,QAAQhE,EAAYM,QAAS+C,KAAKmB,UAAUX,G,CAChE,MAAOM,GACO,QAAd,EAAAlF,EAAOmC,eAAO,gBAAG+C,E,CAGvB,EAEAM,UAAW,W,MAGT,GAFAd,EAAI,CAAEE,KAAM,KAAMD,OAAQ,KAAME,iBAAiB,IAE7C9D,EAAYR,QACd,IACEQ,EAAYC,QAAQgE,WAAWjE,EAAYI,UAC3CJ,EAAYC,QAAQgE,WAAWjE,EAAYK,iBAC3CL,EAAYC,QAAQgE,WAAWjE,EAAYM,SAC3CN,EAAYC,QAAQgE,WAAWjE,EAAYO,U,CAC3C,MAAO4D,GACO,QAAd,EAAAlF,EAAOmC,eAAO,gBAAG+C,E,CAGvB,EAEAO,eAAgB,WACd,IAAMd,EAAStF,IAAMsF,OACrB,SAAKA,aAAM,EAANA,EAAQjC,YACNE,KAAKC,OAAS8B,EAAOjC,SAC9B,EA1E+C,GA6EjD,OAAOxD,OAAOwG,OAAOlB,EAAO,CAAExE,OAAM,GACtC,EC1KO,SAAS2F,IACd,IAAMC,EAA2C,CAAC,EAgBlD,OAdA,SACE5G,EACAgB,GAEA,IAAM6F,EAAYC,OAAO9G,GAEzB,IAAK4G,EAASC,GAAY,CACxB,IAAME,EAAkBhG,EAAmBC,GAC3C4F,EAASC,GAAa5C,EAAgB8C,E,CAGxC,OAAOH,EAASC,EAClB,CAGF,C,22CCjBMG,EAAmB,IAAIC,QAEtB,SAASC,EAAW1B,GAA3B,WACQ,EAAqGA,IAAnGM,EAAS,YAAEM,EAAgB,mBAAEE,EAAO,UAAEE,EAAS,YAAEb,EAAM,SAAEC,EAAI,OAAEC,EAAe,kBAAEY,EAAc,iBAChGzF,EAASwE,EAAMxE,OAIfmG,GAAe,IAAAC,aAAY,SAACrE,EAAgBC,G,OAC3B,QAAjB,EAAAhC,EAAOM,kBAAU,eAAEC,WAMnBwB,EACF/B,EAAOC,MAAMoG,SAAS3C,QAAQ4C,OAAsB,cAAItG,EAAO8B,iBAAiBC,EAAOC,UAEhFhC,EAAOC,MAAMoG,SAAS3C,QAAQ4C,OAAsB,cAE/D,EAAG,CAACtG,IAGEuG,GAAU,IAAAH,aAAY,+C,iEAC1B,IAAKpG,EAAOwB,WAAY,MAAO,CAAP,GAAO,G,+CAIR,QAAjB,EAAAxB,EAAOM,kBAAU,eAAEC,UACfmD,EAAU8C,EAAexG,GAC/B,GAAMA,EAAOC,MAAMwG,KAAKzG,EAAOwB,WAAY,CAAC,EAAG,CAAEkC,QAAO,MAFtD,M,OAGF,OADA,SACO,CAAP,GAAO,G,OAIT,OAAKiB,aAAM,EAANA,EAAQnC,cAEI,GAAMxC,EAAOC,MAAMwG,KAAKzG,EAAOwB,WAAY,CAC1DiB,cAAekC,EAAOnC,gBAHU,CAAP,GAAO,G,OASlC,OAPMkE,EAAW,SAIXC,EAAY3G,EAAO2B,cAAc+E,EAAS7E,MAChDiD,EAAU6B,GACVR,EAAaQ,EAAUpE,YAAaoE,EAAU3E,WACvC,CAAP,GAAO,G,OAKP,O,WAHAwD,IACAW,IACc,QAAd,EAAAnG,EAAOmC,eAAO,gBAAG,GACV,CAAP,GAAO,G,uBAER,CAACwC,EAAQ3E,EAAQ8E,EAAWU,EAAWW,IAGpCS,GAAY,IAAAR,aAAY,+C,+CAE5B,OADM1E,EAAe1B,EAAO0B,cACN,QAAjB,EAAA1B,EAAOM,kBAAU,eAAEC,UAAYmB,GAK9BmF,EAAUb,EAAiB3G,IAAImF,IAE5B,CAAP,EAAOqC,IAGHC,EAAU,+C,iEAGK,O,uBADXpD,EAAU8C,EAAexG,GACd,GAAMA,EAAOC,MAAMZ,IAAIqC,EAAc,CAAEgC,QAAO,K,cAAzDgD,EAAW,UAEJ7E,KAAKwD,eAChBD,GAAiB,IAEX2B,EAAkC,QAAlB,EAAA/G,EAAOK,mBAAW,sBAAGqG,EAAS7E,QAElDyD,EAAQyB,G,OADN,OAJF,M,cAMS/G,EAAOyB,WAChB,GAAMuF,KADG,M,OACT,S,iBAGF,MAAO,CAAP,GAAO,G,OAIT,OADA5B,GAAiB,GACV,CAAP,GAAO,G,OAIP,O,WAFAA,GAAiB,GACH,QAAd,EAAApF,EAAOmC,eAAO,gBAAG,GACV,CAAP,GAAO,G,cAEP6D,EAAiBiB,OAAOzC,G,2BAItB0C,EAAUJ,IAChBd,EAAiBtB,IAAIF,EAAO0C,GACrB,CAAP,EAAOA,IAxCE,CAAP,GAAO,E,MAyCR,CAAC1C,EAAOxE,EAAQoF,EAAkBE,IAG/B0B,GAAiB,IAAAZ,aAAY,+C,2DACjC,IAAKpG,EAAOyB,WAAY,U,iBAGV,O,sBAAA,GAAMzB,EAAOC,MAAMZ,IAAOW,EAAOyB,a,cAAvC0F,EAAM,SACZ7B,EAAQ6B,EAAItF,M,aAKZ,M,WAHA2D,IACAW,IACc,QAAd,EAAAnG,EAAOmC,eAAO,gBAAG,GACX,E,uBAEP,CAACnC,EAAQsF,EAASE,EAAWW,IA8FhC,OAvCA,IAAAiB,WAAU,W,MAER,GAAqB,QAAjB,EAAApH,EAAOM,kBAAU,eAAEC,QACG,OAApBsE,GACF+B,SAMJ,GAAIjC,aAAM,EAANA,EAAQpC,YAAa,CAIvB,GAHA4D,EAAaxB,EAAOpC,YAAaoC,EAAO3C,WAGpCyD,IAMF,YALId,EAAOnC,cAAgBxC,EAAOiC,YAChCsE,IAEAf,KAMJ,GAAIb,EAAOjC,WAAaiC,EAAOnC,cAAgBxC,EAAOiC,YAAa,CACjE,IAAMoF,EAAkB1C,EAAOjC,UAAYE,KAAKC,MAC1CyE,EAAcC,KAAKC,IAAIH,EAAkBrH,EAAOkC,iBAAkB,GAElE,EAAQuF,WAAWlB,EAASe,GAClC,OAAO,WAAM,OAAAI,aAAa,EAAb,C,EAIV9C,GAAQ5E,EAAOyB,YAClBuF,IAAiBW,MAAM,WAAO,E,CAGpC,EAAG,CAAChD,EAAQC,EAAMC,EAAiB7E,EAAQyF,EAAgBc,EAASK,EAAWI,EAAgBb,EAAcX,IAEtG,CAAEoC,MA3FK,SAAOC,EAAqCC,GAAqB,oC,6EAG/D,O,sBADNpE,GAA2B,QAAjB,EAAA1D,EAAOM,kBAAU,eAAEC,SAAUiG,EAAexG,GAAU,CAAC,EAC3D,GAAMA,EAAOC,MAAMwG,KAAKzG,EAAOG,SAAU0H,EAAa,CAAEnE,QAAO,K,cAArEyD,EAAM,UAES,QAAjB,EAAAnH,EAAOM,kBAAU,eAAEC,SAErB6E,GAAiB,IAGXuB,EAAY3G,EAAO2B,cAAcwF,EAAItF,MAC3CiD,EAAU6B,GACVR,EAAaQ,EAAUpE,YAAaoE,EAAU3E,aAI1C+E,EAAkC,QAAlB,EAAA/G,EAAOK,mBAAW,sBAAG8G,EAAItF,QAE7CyD,EAAQyB,GACM,QAAd,EAAA/G,EAAOoC,eAAO,gBAAG2E,G,OAFf,M,cAGO/G,EAAOyB,WAChB,GAAMuF,KADG,M,OACT,UACMe,EAAcvD,EAAMwD,WAAWpD,QACN,QAAd,EAAA5E,EAAOoC,eAAO,gBAAG2F,I,wBAGpCD,SAAAA,I,aAKA,M,WAHAtC,IACAW,IACc,QAAd,EAAAnG,EAAOmC,eAAO,gBAAG,GACX,E,uBA4DM8F,OAvDD,+C,6FAEPjI,EAAOuB,WACHmC,GAA2B,QAAjB,EAAA1D,EAAOM,kBAAU,eAAEC,SAAUiG,EAAexG,GAAU,CAAC,EACvE,GAAMA,EAAOC,MAAMwG,KAAKzG,EAAOuB,UAAW,CAAC,EAAG,CAAEmC,QAAO,MAFrD,M,OAEF,S,sDAGY,QAAd,EAAA1D,EAAOmC,eAAO,gBAAG,G,oBAEjBqD,IACAW,IACe,QAAf,EAAAnG,EAAOqC,gBAAQ,iB,2BA4CKkE,QAAO,EAAEK,UAAS,EAAEI,eAAc,EAC5D,CAGA,SAASR,EAAexG,G,QAChB0D,EAAkC,CAAC,EACzC,GAA2B,QAAvB,EAAiB,QAAjB,EAAA1D,EAAOM,kBAAU,eAAEE,YAAI,eAAED,QAAS,CACpC,IAAMkD,EAAYzD,EAAOM,WAAWE,KAAKE,WACrC+C,IACFC,EAAQ1D,EAAOM,WAAWE,KAAKC,YAAcgD,E,CAGjD,OAAOC,CACT,C,MC7NYwE,E,ocAAZ,SAAYA,GACV,4CACA,gCACA,gCACA,kCACA,gCACA,kCACA,8BACA,0CACA,wBACA,mBACD,CAXD,CAAYA,IAAAA,EAAa,KAgBzB,kBACE,WACSC,EACAC,EACPC,GAHF,MAKE,YAAMA,GAAWF,IAAK,K,OAJf,EAAAA,KAAAA,EACA,EAAAC,cAAAA,EAIP,EAAKE,KAAO,YAGRpI,MAAMqI,mBACRrI,MAAMqI,kBAAkB,EAAMC,G,CAElC,CAmBF,OAhC+B,OAkB7B,YAAAC,OAAA,WACE,MAAO,CACLN,KAAM9J,KAAK8J,KACXE,QAAShK,KAAKgK,QACdC,KAAMjK,KAAKiK,KAEf,EAKO,EAAAI,YAAP,SAAmBxD,GACjB,OAAOA,aAAiBsD,CAC1B,EACF,EAhCA,CAA+BtI,OAqCxB,SAASyI,EAAgBzD,G,gBAC9B,GAAIsD,EAAUE,YAAYxD,GACxB,OAAOA,EAIT,GAAIA,EAAMwB,SAAU,CAClB,IAAM,EAASxB,EAAMwB,SAASkC,OACxB/G,EAAOqD,EAAMwB,SAAS7E,KAE5B,OAAQ,GACN,KAAK,IAEH,OAAgB,QAAZ,EAAAA,aAAI,EAAJA,EAAMgH,cAAM,eAAEtF,cAAcC,SAAS,cACxB,QAAb,EAAA3B,aAAI,EAAJA,EAAMwG,eAAO,eAAE9E,cAAcC,SAAS,YACjC,IAAIgF,EAAUN,EAAcY,cAAe5D,EAAO,sBAE3C,QAAZ,EAAArD,aAAI,EAAJA,EAAMgH,cAAM,eAAEtF,cAAcC,SAAS,cACzB,QAAZ,EAAA3B,aAAI,EAAJA,EAAMgH,cAAM,eAAEtF,cAAcC,SAAS,gBAChC,IAAIgF,EAAUN,EAAca,oBAAqB7D,EAAO,uBAE1D,IAAIsD,EAAUN,EAAcc,aAAc9D,EAAO,gBAE1D,KAAK,IACH,OAAgB,QAAZ,EAAArD,aAAI,EAAJA,EAAMgH,cAAM,eAAEtF,cAAcC,SAAS,SAChC,IAAIgF,EAAUN,EAAce,mBAAoB/D,EAAO,iCAEzD,IAAIsD,EAAUN,EAAcgB,UAAWhE,EAAO,oBAEvD,KAAK,IACH,OAAgB,QAAZ,EAAArD,aAAI,EAAJA,EAAMgH,cAAM,eAAEtF,cAAcC,SAAS,SAChC,IAAIgF,EAAUN,EAAciB,eAAgBjE,EAAO,kBAErD,IAAIsD,EAAUN,EAAckB,QAASlE,EAAO,sBAErD,QACE,OAAO,IAAIsD,EAAUN,EAAckB,QAASlE,EAAO,eAAQ,EAAM,W,CAKvE,OAAIA,EAAM/B,QACD,IAAIqF,EAAUN,EAAcmB,cAAenE,EAAO,wCAIpD,IAAIsD,EAAUN,EAAckB,QAASlE,EAAOA,EAAMmD,SAAW,gBACtE,C","sources":["webpack://@jasperoosthoek/zustand-auth-registry/webpack/universalModuleDefinition","webpack://@jasperoosthoek/zustand-auth-registry/external umd \"react\"","webpack://@jasperoosthoek/zustand-auth-registry/external umd \"zustand\"","webpack://@jasperoosthoek/zustand-auth-registry/webpack/bootstrap","webpack://@jasperoosthoek/zustand-auth-registry/webpack/runtime/define property getters","webpack://@jasperoosthoek/zustand-auth-registry/webpack/runtime/hasOwnProperty shorthand","webpack://@jasperoosthoek/zustand-auth-registry/webpack/runtime/make namespace object","webpack://@jasperoosthoek/zustand-auth-registry/./src/authConfig.ts","webpack://@jasperoosthoek/zustand-auth-registry/./src/authStore.ts","webpack://@jasperoosthoek/zustand-auth-registry/./src/createAuthRegistry.ts","webpack://@jasperoosthoek/zustand-auth-registry/./src/useAuth.ts","webpack://@jasperoosthoek/zustand-auth-registry/./src/errors.ts"],"sourcesContent":["(function webpackUniversalModuleDefinition(root, factory) {\n\tif(typeof exports === 'object' && typeof module === 'object')\n\t\tmodule.exports = factory(require(\"zustand\"), require(\"react\"));\n\telse if(typeof define === 'function' && define.amd)\n\t\tdefine([\"zustand\", \"react\"], factory);\n\telse if(typeof exports === 'object')\n\t\texports[\"@jasperoosthoek/zustand-auth-registry\"] = factory(require(\"zustand\"), require(\"react\"));\n\telse\n\t\troot[\"@jasperoosthoek/zustand-auth-registry\"] = factory(root[\"zustand\"], root[\"react\"]);\n})(this, (__WEBPACK_EXTERNAL_MODULE__287__, __WEBPACK_EXTERNAL_MODULE__155__) => {\nreturn ","module.exports = __WEBPACK_EXTERNAL_MODULE__155__;","module.exports = __WEBPACK_EXTERNAL_MODULE__287__;","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\t__webpack_modules__[moduleId](module, module.exports, __webpack_require__);\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","// define getter functions for harmony exports\n__webpack_require__.d = (exports, definition) => {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","__webpack_require__.o = (obj, prop) => (Object.prototype.hasOwnProperty.call(obj, prop))","// define __esModule on exports\n__webpack_require__.r = (exports) => {\n\tif(typeof Symbol !== 'undefined' && Symbol.toStringTag) {\n\t\tObject.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });\n\t}\n\tObject.defineProperty(exports, '__esModule', { value: true });\n};","import { AxiosInstance } from 'axios';\n\n// Token data structure\nexport type TokenData = {\n accessToken: string;\n refreshToken?: string;\n expiresAt?: number;\n tokenType: string;\n};\n\nexport type AuthConfig<U> = {\n axios: AxiosInstance;\n\n // Endpoints\n loginUrl: string;\n logoutUrl?: string;\n refreshUrl?: string;\n getUserUrl?: string;\n authCheckUrl?: string; // For cookie auth verification\n\n // Token extraction from login response\n extractTokens?: (data: any) => TokenData;\n\n // User extraction from responses (login, checkAuth)\n // Can be a function or a string key (e.g., \"user\" extracts data.user)\n extractUser?: ((data: any) => U | null) | string;\n\n // Auth header format (default: \"Bearer {token}\")\n formatAuthHeader?: (token: string, tokenType?: string) => string;\n\n // Auto-refresh settings\n autoRefresh?: boolean;\n refreshThreshold?: number; // ms before expiry to refresh (default: 5 min)\n\n // Cookie-based authentication (alternative to localStorage)\n cookieAuth?: {\n enabled: boolean;\n csrf?: {\n enabled: boolean;\n headerName?: string; // Default: 'X-CSRFToken'\n // Option 1: Provide cookie name (web only, uses document.cookie)\n cookieName?: string; // Default: 'csrftoken'\n // Option 2: Provide custom token getter (platform-agnostic)\n getToken?: () => string | null;\n };\n };\n\n // Token persistence (localStorage)\n persistence?: {\n enabled: boolean;\n storage?: Storage;\n tokenKey?: string;\n refreshTokenKey?: string;\n userKey?: string;\n expiryKey?: string;\n };\n\n // Callbacks\n onError?: (error: any) => void;\n onLogin?: (user: U) => void;\n onLogout?: () => void;\n};\n\nexport type ValidatedAuthConfig<U> = {\n axios: AxiosInstance;\n\n // Endpoints\n loginUrl: string;\n logoutUrl?: string;\n refreshUrl?: string;\n getUserUrl?: string;\n authCheckUrl?: string;\n\n // Extraction functions\n extractTokens: (data: any) => TokenData;\n extractUser?: (data: any) => U | null;\n\n // Auth header format\n formatAuthHeader: (token: string, tokenType?: string) => string;\n\n // Auto-refresh\n autoRefresh: boolean;\n refreshThreshold: number;\n\n // Cookie auth\n cookieAuth?: {\n enabled: boolean;\n csrf: {\n enabled: boolean;\n headerName: string;\n getToken: () => string | null;\n };\n };\n\n // Persistence\n persistence: {\n enabled: boolean;\n storage: Storage;\n tokenKey: string;\n refreshTokenKey: string;\n userKey: string;\n expiryKey: string;\n };\n\n // Callbacks\n onError?: (error: any) => void;\n onLogin?: (user: U) => void;\n onLogout?: () => void;\n};\n\nexport const validateAuthConfig = <U>(config: AuthConfig<U>): ValidatedAuthConfig<U> => {\n if (!config.axios) {\n throw new Error('AuthConfig: axios instance is required');\n }\n\n if (!config.loginUrl) {\n throw new Error('AuthConfig: loginUrl is required');\n }\n\n // Cookie auth config\n const cookieAuth = config.cookieAuth?.enabled ? {\n enabled: true,\n csrf: {\n enabled: config.cookieAuth.csrf?.enabled ?? false,\n headerName: config.cookieAuth.csrf?.headerName || 'X-CSRFToken',\n getToken: config.cookieAuth.csrf?.getToken ?? createCookieTokenGetter(\n config.cookieAuth.csrf?.cookieName || 'csrftoken'\n ),\n },\n } : undefined;\n\n // Persistence config (disabled by default)\n const persistence = {\n enabled: config.persistence?.enabled ?? false,\n storage: config.persistence?.storage ??\n (typeof window !== 'undefined' && window.localStorage ? window.localStorage : {} as Storage),\n tokenKey: config.persistence?.tokenKey ?? 'token',\n refreshTokenKey: config.persistence?.refreshTokenKey ?? 'refresh_token',\n userKey: config.persistence?.userKey ?? 'user',\n expiryKey: config.persistence?.expiryKey ?? 'expires_at',\n };\n\n return {\n axios: config.axios,\n loginUrl: config.loginUrl,\n logoutUrl: config.logoutUrl,\n refreshUrl: config.refreshUrl,\n getUserUrl: config.getUserUrl,\n authCheckUrl: config.authCheckUrl,\n extractTokens: config.extractTokens ?? defaultExtractTokens,\n extractUser: normalizeExtractUser(config.extractUser),\n formatAuthHeader: config.formatAuthHeader ??\n ((token: string, tokenType: string = 'Bearer') => `${tokenType} ${token}`),\n autoRefresh: config.autoRefresh ?? true,\n refreshThreshold: config.refreshThreshold ?? 300000, // 5 minutes\n cookieAuth,\n persistence,\n onError: config.onError,\n onLogin: config.onLogin,\n onLogout: config.onLogout,\n };\n};\n\n// Default token extraction - handles common response formats\nfunction defaultExtractTokens(data: any): TokenData {\n // OAuth 2.0 format: { access_token, refresh_token, expires_in, token_type }\n if (data.access_token) {\n return {\n accessToken: data.access_token,\n refreshToken: data.refresh_token,\n expiresAt: data.expires_in ? Date.now() + (data.expires_in * 1000) : undefined,\n tokenType: data.token_type || 'Bearer',\n };\n }\n\n // Simple format: { token } or { auth_token }\n const token = data.token || data.auth_token;\n if (token) {\n return {\n accessToken: token,\n tokenType: 'Bearer',\n };\n }\n\n throw new Error('No token found in response. Provide extractTokens or ensure response contains access_token/token field.');\n}\n\n// Normalize extractUser: string becomes key accessor, function passed through\nfunction normalizeExtractUser<U>(\n extractUser?: ((data: any) => U | null) | string\n): ((data: any) => U | null) | undefined {\n if (typeof extractUser === 'string') {\n return (data: any) => data[extractUser] ?? null;\n }\n return extractUser;\n}\n\n// Create a cookie-based CSRF token getter (web only)\nfunction createCookieTokenGetter(cookieName: string): () => string | null {\n return () => {\n if (typeof document === 'undefined') return null;\n const match = document.cookie.match(new RegExp(`${cookieName}=([^;]+)`));\n return match ? match[1] : null;\n };\n}\n","import { create, StoreApi, UseBoundStore } from 'zustand';\nimport { ValidatedAuthConfig, TokenData } from './authConfig';\n\nexport type AuthState<U> = {\n isAuthenticated: boolean | null; // null = not checked yet (cookie mode)\n user: U | null;\n tokens: TokenData | null; // null in cookie mode or when logged out\n\n // Methods\n setTokens: (tokens: TokenData) => void;\n setBearerToken: (token: string) => void; // Convenience for simple Bearer token auth\n setAuthenticated: (authenticated: boolean) => void; // For cookie mode\n setUser: (user: U) => void;\n unsetUser: () => void;\n isTokenExpired: () => boolean;\n};\n\nexport type AuthStore<U> = UseBoundStore<StoreApi<AuthState<U>>> & {\n config: ValidatedAuthConfig<U>;\n};\n\n// Methods that modify state (require CSRF protection)\nconst CSRF_METHODS = ['post', 'put', 'patch', 'delete'];\n\nconst setupCsrfInterceptor = <U>(config: ValidatedAuthConfig<U>): number | null => {\n if (!config.cookieAuth?.csrf.enabled) {\n return null;\n }\n\n const { headerName, getToken } = config.cookieAuth.csrf;\n\n return config.axios.interceptors.request.use((requestConfig) => {\n const method = requestConfig.method?.toLowerCase();\n if (method && CSRF_METHODS.includes(method)) {\n const csrfToken = getToken();\n if (csrfToken) {\n requestConfig.headers[headerName] = csrfToken;\n }\n }\n return requestConfig;\n });\n};\n\nexport const createAuthStore = <U>(config: ValidatedAuthConfig<U>): AuthStore<U> => {\n const { persistence, cookieAuth } = config;\n\n // Set up CSRF interceptor if enabled\n setupCsrfInterceptor(config);\n\n const getStoredTokens = (): TokenData | null => {\n // Cookie mode: No client-side tokens\n if (cookieAuth?.enabled) {\n return null;\n }\n\n // Token mode: Read from storage\n if (!persistence.enabled) return null;\n try {\n const accessToken = persistence.storage.getItem(persistence.tokenKey);\n if (!accessToken) return null;\n\n const refreshToken = persistence.storage.getItem(persistence.refreshTokenKey);\n const expiryString = persistence.storage.getItem(persistence.expiryKey);\n const expiresAt = expiryString ? parseInt(expiryString, 10) : undefined;\n\n return {\n accessToken,\n refreshToken: refreshToken || undefined,\n expiresAt: expiresAt && !isNaN(expiresAt) ? expiresAt : undefined,\n tokenType: 'Bearer',\n };\n } catch {\n return null;\n }\n };\n\n const getStoredUser = (): U | null => {\n if (!persistence.enabled) return null;\n try {\n const userString = persistence.storage.getItem(persistence.userKey);\n return userString ? (JSON.parse(userString) as U) : null;\n } catch {\n return null;\n }\n };\n\n const initialTokens = getStoredTokens();\n const initialUser = getStoredUser();\n\n // Cookie mode: null (unknown until checkAuth)\n // Token mode: true/false based on token presence\n const initialIsAuthenticated = cookieAuth?.enabled\n ? null\n : !!initialTokens?.accessToken;\n\n const store = create<AuthState<U>>((set, get) => ({\n tokens: initialTokens,\n user: initialUser,\n isAuthenticated: initialIsAuthenticated,\n\n setTokens: (tokens: TokenData) => {\n set({ tokens, isAuthenticated: true });\n\n // Cookie mode: No localStorage persistence for tokens\n if (cookieAuth?.enabled) {\n return;\n }\n\n // Token mode: Persist to storage\n if (persistence.enabled) {\n try {\n persistence.storage.setItem(persistence.tokenKey, tokens.accessToken);\n\n if (tokens.refreshToken) {\n persistence.storage.setItem(persistence.refreshTokenKey, tokens.refreshToken);\n } else {\n persistence.storage.removeItem(persistence.refreshTokenKey);\n }\n\n if (tokens.expiresAt) {\n persistence.storage.setItem(persistence.expiryKey, tokens.expiresAt.toString());\n } else {\n persistence.storage.removeItem(persistence.expiryKey);\n }\n } catch (error) {\n config.onError?.(error);\n }\n }\n },\n\n setBearerToken: (token: string) => {\n get().setTokens({ accessToken: token, tokenType: 'Bearer' });\n },\n\n setAuthenticated: (authenticated: boolean) => {\n set({ isAuthenticated: authenticated });\n },\n\n setUser: (user: U) => {\n set({ user });\n\n if (persistence.enabled) {\n try {\n persistence.storage.setItem(persistence.userKey, JSON.stringify(user));\n } catch (error) {\n config.onError?.(error);\n }\n }\n },\n\n unsetUser: () => {\n set({ user: null, tokens: null, isAuthenticated: false });\n\n if (persistence.enabled) {\n try {\n persistence.storage.removeItem(persistence.tokenKey);\n persistence.storage.removeItem(persistence.refreshTokenKey);\n persistence.storage.removeItem(persistence.userKey);\n persistence.storage.removeItem(persistence.expiryKey);\n } catch (error) {\n config.onError?.(error);\n }\n }\n },\n\n isTokenExpired: () => {\n const tokens = get().tokens;\n if (!tokens?.expiresAt) return false;\n return Date.now() >= tokens.expiresAt;\n },\n }));\n\n return Object.assign(store, { config });\n};\n","import { AuthConfig, validateAuthConfig } from './authConfig';\nimport { createAuthStore, AuthStore } from './authStore';\n\nexport function createAuthRegistry<AuthModels extends Record<string, any>>() {\n const registry: Record<string, AuthStore<any>> = {};\n\n function getAuthStore<K extends keyof AuthModels>(\n key: K,\n config: AuthConfig<AuthModels[K]>\n ): AuthStore<AuthModels[K]> {\n const stringKey = String(key);\n \n if (!registry[stringKey]) {\n const validatedConfig = validateAuthConfig(config);\n registry[stringKey] = createAuthStore(validatedConfig);\n }\n \n return registry[stringKey];\n }\n\n return getAuthStore;\n}\n","import { useEffect, useCallback } from 'react';\nimport { AuthStore } from './authStore';\n\n// Promise deduplication: prevents multiple concurrent checkAuth calls per store\nconst pendingCheckAuth = new WeakMap<AuthStore<any>, Promise<boolean>>();\n\nexport function useAuth<U>(store: AuthStore<U>) {\n const { setTokens, setAuthenticated, setUser, unsetUser, tokens, user, isAuthenticated, isTokenExpired } = store();\n const config = store.config;\n\n // Set axios Authorization header (token mode only)\n // Note: CSRF is handled by interceptor in authStore.ts\n const setAxiosAuth = useCallback((token?: string, tokenType?: string) => {\n if (config.cookieAuth?.enabled) {\n // Cookie mode: CSRF handled by interceptor, no Authorization header needed\n return;\n }\n\n // Token mode: Set Authorization header\n if (token) {\n config.axios.defaults.headers.common['Authorization'] = config.formatAuthHeader(token, tokenType);\n } else {\n delete config.axios.defaults.headers.common['Authorization'];\n }\n }, [config]);\n\n // Refresh tokens\n const refresh = useCallback(async (): Promise<boolean> => {\n if (!config.refreshUrl) return false;\n\n try {\n // Cookie mode: Just call refresh endpoint, server handles cookie\n if (config.cookieAuth?.enabled) {\n const headers = getCsrfHeaders(config);\n await config.axios.post(config.refreshUrl, {}, { headers });\n return true;\n }\n\n // Token mode: Send refresh token, get new tokens\n if (!tokens?.refreshToken) return false;\n\n const response = await config.axios.post(config.refreshUrl, {\n refresh_token: tokens.refreshToken,\n });\n\n const newTokens = config.extractTokens(response.data);\n setTokens(newTokens);\n setAxiosAuth(newTokens.accessToken, newTokens.tokenType);\n return true;\n } catch (error) {\n unsetUser();\n setAxiosAuth();\n config.onError?.(error);\n return false;\n }\n }, [tokens, config, setTokens, unsetUser, setAxiosAuth]);\n\n // Check authentication (cookie mode) - with promise deduplication\n const checkAuth = useCallback(async (): Promise<boolean> => {\n const authCheckUrl = config.authCheckUrl;\n if (!config.cookieAuth?.enabled || !authCheckUrl) {\n return false;\n }\n\n // Return existing promise if check is already in progress\n const pending = pendingCheckAuth.get(store);\n if (pending) {\n return pending;\n }\n\n const doCheck = async (): Promise<boolean> => {\n try {\n const headers = getCsrfHeaders(config);\n const response = await config.axios.get(authCheckUrl, { headers });\n\n if (response.data.authenticated) {\n setAuthenticated(true);\n\n const extractedUser = config.extractUser?.(response.data);\n if (extractedUser) {\n setUser(extractedUser);\n } else if (config.getUserUrl) {\n await getCurrentUser();\n }\n\n return true;\n }\n\n setAuthenticated(false);\n return false;\n } catch (error) {\n setAuthenticated(false);\n config.onError?.(error);\n return false;\n } finally {\n pendingCheckAuth.delete(store);\n }\n };\n\n const promise = doCheck();\n pendingCheckAuth.set(store, promise);\n return promise;\n }, [store, config, setAuthenticated, setUser]);\n\n // Get current user\n const getCurrentUser = useCallback(async () => {\n if (!config.getUserUrl) return;\n\n try {\n const res = await config.axios.get<U>(config.getUserUrl);\n setUser(res.data);\n } catch (error) {\n unsetUser();\n setAxiosAuth();\n config.onError?.(error);\n throw error;\n }\n }, [config, setUser, unsetUser, setAxiosAuth]);\n\n // Login\n const login = async (credentials: Record<string, string>, callback?: () => void) => {\n try {\n const headers = config.cookieAuth?.enabled ? getCsrfHeaders(config) : {};\n const res = await config.axios.post(config.loginUrl, credentials, { headers });\n\n if (config.cookieAuth?.enabled) {\n // Cookie mode: Server sets httpOnly cookie, just mark as authenticated\n setAuthenticated(true);\n } else {\n // Token mode: Extract and store tokens\n const newTokens = config.extractTokens(res.data);\n setTokens(newTokens);\n setAxiosAuth(newTokens.accessToken, newTokens.tokenType);\n }\n\n // Extract user from response\n const extractedUser = config.extractUser?.(res.data);\n if (extractedUser) {\n setUser(extractedUser);\n config.onLogin?.(extractedUser);\n } else if (config.getUserUrl) {\n await getCurrentUser();\n const currentUser = store.getState().user;\n if (currentUser) config.onLogin?.(currentUser);\n }\n\n callback?.();\n } catch (error) {\n unsetUser();\n setAxiosAuth();\n config.onError?.(error);\n throw error;\n }\n };\n\n // Logout\n const logout = async () => {\n try {\n if (config.logoutUrl) {\n const headers = config.cookieAuth?.enabled ? getCsrfHeaders(config) : {};\n await config.axios.post(config.logoutUrl, {}, { headers });\n }\n } catch (error) {\n config.onError?.(error);\n } finally {\n unsetUser();\n setAxiosAuth();\n config.onLogout?.();\n }\n };\n\n // Auto-setup on mount\n useEffect(() => {\n // Cookie mode: Check authentication if not yet determined\n if (config.cookieAuth?.enabled) {\n if (isAuthenticated === null) {\n checkAuth();\n }\n return;\n }\n\n // Token mode: Setup headers and auto-refresh\n if (tokens?.accessToken) {\n setAxiosAuth(tokens.accessToken, tokens.tokenType);\n\n // Check if expired\n if (isTokenExpired()) {\n if (tokens.refreshToken && config.autoRefresh) {\n refresh();\n } else {\n unsetUser();\n }\n return;\n }\n\n // Setup auto-refresh timer\n if (tokens.expiresAt && tokens.refreshToken && config.autoRefresh) {\n const timeUntilExpiry = tokens.expiresAt - Date.now();\n const refreshTime = Math.max(timeUntilExpiry - config.refreshThreshold, 0);\n\n const timer = setTimeout(refresh, refreshTime);\n return () => clearTimeout(timer);\n }\n\n // Fetch user if missing\n if (!user && config.getUserUrl) {\n getCurrentUser().catch(() => {});\n }\n }\n }, [tokens, user, isAuthenticated, config, isTokenExpired, refresh, checkAuth, getCurrentUser, setAxiosAuth, unsetUser]);\n\n return { login, logout, refresh, checkAuth, getCurrentUser };\n}\n\n// Helper: Get CSRF headers if enabled (uses getToken from config)\nfunction getCsrfHeaders(config: any): Record<string, string> {\n const headers: Record<string, string> = {};\n if (config.cookieAuth?.csrf?.enabled) {\n const csrfToken = config.cookieAuth.csrf.getToken();\n if (csrfToken) {\n headers[config.cookieAuth.csrf.headerName] = csrfToken;\n }\n }\n return headers;\n}\n","/**\n * Authentication error codes\n */\nexport enum AuthErrorCode {\n INVALID_CREDENTIALS = 'INVALID_CREDENTIALS',\n TOKEN_EXPIRED = 'TOKEN_EXPIRED',\n TOKEN_INVALID = 'TOKEN_INVALID',\n REFRESH_FAILED = 'REFRESH_FAILED',\n NETWORK_ERROR = 'NETWORK_ERROR',\n USER_NOT_FOUND = 'USER_NOT_FOUND',\n UNAUTHORIZED = 'UNAUTHORIZED',\n CSRF_TOKEN_MISSING = 'CSRF_TOKEN_MISSING',\n FORBIDDEN = 'FORBIDDEN',\n UNKNOWN = 'UNKNOWN',\n}\n\n/**\n * Typed authentication error\n */\nexport class AuthError extends Error {\n constructor(\n public code: AuthErrorCode,\n public originalError?: any,\n message?: string\n ) {\n super(message || code);\n this.name = 'AuthError';\n\n // Maintain proper stack trace for where our error was thrown (only available on V8)\n if (Error.captureStackTrace) {\n Error.captureStackTrace(this, AuthError);\n }\n }\n\n /**\n * Convert error to JSON (excludes originalError in production)\n */\n toJSON() {\n return {\n code: this.code,\n message: this.message,\n name: this.name,\n };\n }\n\n /**\n * Check if error is an AuthError\n */\n static isAuthError(error: any): error is AuthError {\n return error instanceof AuthError;\n }\n}\n\n/**\n * Create typed AuthError from any error\n */\nexport function createAuthError(error: any): AuthError {\n if (AuthError.isAuthError(error)) {\n return error;\n }\n\n // Axios error\n if (error.response) {\n const status = error.response.status;\n const data = error.response.data;\n\n switch (status) {\n case 401:\n // Check if it's an expired token\n if (data?.detail?.toLowerCase().includes('expired') ||\n data?.message?.toLowerCase().includes('expired')) {\n return new AuthError(AuthErrorCode.TOKEN_EXPIRED, error, 'Token has expired');\n }\n if (data?.detail?.toLowerCase().includes('invalid') ||\n data?.detail?.toLowerCase().includes('credentials')) {\n return new AuthError(AuthErrorCode.INVALID_CREDENTIALS, error, 'Invalid credentials');\n }\n return new AuthError(AuthErrorCode.UNAUTHORIZED, error, 'Unauthorized');\n\n case 403:\n if (data?.detail?.toLowerCase().includes('csrf')) {\n return new AuthError(AuthErrorCode.CSRF_TOKEN_MISSING, error, 'CSRF token missing or invalid');\n }\n return new AuthError(AuthErrorCode.FORBIDDEN, error, 'Access forbidden');\n\n case 404:\n if (data?.detail?.toLowerCase().includes('user')) {\n return new AuthError(AuthErrorCode.USER_NOT_FOUND, error, 'User not found');\n }\n return new AuthError(AuthErrorCode.UNKNOWN, error, 'Resource not found');\n\n default:\n return new AuthError(AuthErrorCode.UNKNOWN, error, `HTTP ${status} error`);\n }\n }\n\n // Network error (no response received)\n if (error.request) {\n return new AuthError(AuthErrorCode.NETWORK_ERROR, error, 'Network error - no response received');\n }\n\n // Other errors\n return new AuthError(AuthErrorCode.UNKNOWN, error, error.message || 'Unknown error');\n}\n"],"names":["root","factory","exports","module","require","define","amd","this","__WEBPACK_EXTERNAL_MODULE__287__","__WEBPACK_EXTERNAL_MODULE__155__","__webpack_module_cache__","__webpack_require__","moduleId","cachedModule","undefined","__webpack_modules__","d","definition","key","o","Object","defineProperty","enumerable","get","obj","prop","prototype","hasOwnProperty","call","r","Symbol","toStringTag","value","validateAuthConfig","config","axios","Error","loginUrl","cookieName","extractUser","cookieAuth","enabled","csrf","headerName","getToken","document","match","cookie","RegExp","persistence","storage","window","localStorage","tokenKey","refreshTokenKey","userKey","expiryKey","logoutUrl","refreshUrl","getUserUrl","authCheckUrl","extractTokens","defaultExtractTokens","data","formatAuthHeader","token","tokenType","autoRefresh","refreshThreshold","onError","onLogin","onLogout","access_token","accessToken","refreshToken","refresh_token","expiresAt","expires_in","Date","now","token_type","auth_token","CSRF_METHODS","createAuthStore","interceptors","request","use","requestConfig","method","toLowerCase","includes","csrfToken","headers","setupCsrfInterceptor","initialTokens","getItem","expiryString","parseInt","isNaN","getStoredTokens","initialUser","userString","JSON","parse","getStoredUser","initialIsAuthenticated","store","create","set","tokens","user","isAuthenticated","setTokens","setItem","removeItem","toString","error","setBearerToken","setAuthenticated","authenticated","setUser","stringify","unsetUser","isTokenExpired","assign","createAuthRegistry","registry","stringKey","String","validatedConfig","pendingCheckAuth","WeakMap","useAuth","setAxiosAuth","useCallback","defaults","common","refresh","getCsrfHeaders","post","response","newTokens","checkAuth","pending","doCheck","extractedUser","getCurrentUser","delete","promise","res","useEffect","timeUntilExpiry","refreshTime","Math","max","setTimeout","clearTimeout","catch","login","credentials","callback","currentUser","getState","logout","AuthErrorCode","code","originalError","message","name","captureStackTrace","AuthError","toJSON","isAuthError","createAuthError","status","detail","TOKEN_EXPIRED","INVALID_CREDENTIALS","UNAUTHORIZED","CSRF_TOKEN_MISSING","FORBIDDEN","USER_NOT_FOUND","UNKNOWN","NETWORK_ERROR"],"sourceRoot":""}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@jasperoosthoek/zustand-auth-registry",
3
- "version": "0.0.2",
3
+ "version": "0.0.3",
4
4
  "author": "jasperoosthoek",
5
5
  "license": "MIT",
6
6
  "repository": "https://github.com/jasperoosthoek/zustand-auth-registry",
package/src/authConfig.ts CHANGED
@@ -38,7 +38,10 @@ export type AuthConfig<U> = {
38
38
  csrf?: {
39
39
  enabled: boolean;
40
40
  headerName?: string; // Default: 'X-CSRFToken'
41
+ // Option 1: Provide cookie name (web only, uses document.cookie)
41
42
  cookieName?: string; // Default: 'csrftoken'
43
+ // Option 2: Provide custom token getter (platform-agnostic)
44
+ getToken?: () => string | null;
42
45
  };
43
46
  };
44
47
 
@@ -85,7 +88,7 @@ export type ValidatedAuthConfig<U> = {
85
88
  csrf: {
86
89
  enabled: boolean;
87
90
  headerName: string;
88
- cookieName: string;
91
+ getToken: () => string | null;
89
92
  };
90
93
  };
91
94
 
@@ -120,7 +123,9 @@ export const validateAuthConfig = <U>(config: AuthConfig<U>): ValidatedAuthConfi
120
123
  csrf: {
121
124
  enabled: config.cookieAuth.csrf?.enabled ?? false,
122
125
  headerName: config.cookieAuth.csrf?.headerName || 'X-CSRFToken',
123
- cookieName: config.cookieAuth.csrf?.cookieName || 'csrftoken',
126
+ getToken: config.cookieAuth.csrf?.getToken ?? createCookieTokenGetter(
127
+ config.cookieAuth.csrf?.cookieName || 'csrftoken'
128
+ ),
124
129
  },
125
130
  } : undefined;
126
131
 
@@ -189,3 +194,12 @@ function normalizeExtractUser<U>(
189
194
  }
190
195
  return extractUser;
191
196
  }
197
+
198
+ // Create a cookie-based CSRF token getter (web only)
199
+ function createCookieTokenGetter(cookieName: string): () => string | null {
200
+ return () => {
201
+ if (typeof document === 'undefined') return null;
202
+ const match = document.cookie.match(new RegExp(`${cookieName}=([^;]+)`));
203
+ return match ? match[1] : null;
204
+ };
205
+ }
package/src/authStore.ts CHANGED
@@ -19,9 +19,34 @@ export type AuthStore<U> = UseBoundStore<StoreApi<AuthState<U>>> & {
19
19
  config: ValidatedAuthConfig<U>;
20
20
  };
21
21
 
22
+ // Methods that modify state (require CSRF protection)
23
+ const CSRF_METHODS = ['post', 'put', 'patch', 'delete'];
24
+
25
+ const setupCsrfInterceptor = <U>(config: ValidatedAuthConfig<U>): number | null => {
26
+ if (!config.cookieAuth?.csrf.enabled) {
27
+ return null;
28
+ }
29
+
30
+ const { headerName, getToken } = config.cookieAuth.csrf;
31
+
32
+ return config.axios.interceptors.request.use((requestConfig) => {
33
+ const method = requestConfig.method?.toLowerCase();
34
+ if (method && CSRF_METHODS.includes(method)) {
35
+ const csrfToken = getToken();
36
+ if (csrfToken) {
37
+ requestConfig.headers[headerName] = csrfToken;
38
+ }
39
+ }
40
+ return requestConfig;
41
+ });
42
+ };
43
+
22
44
  export const createAuthStore = <U>(config: ValidatedAuthConfig<U>): AuthStore<U> => {
23
45
  const { persistence, cookieAuth } = config;
24
46
 
47
+ // Set up CSRF interceptor if enabled
48
+ setupCsrfInterceptor(config);
49
+
25
50
  const getStoredTokens = (): TokenData | null => {
26
51
  // Cookie mode: No client-side tokens
27
52
  if (cookieAuth?.enabled) {
package/src/useAuth.ts CHANGED
@@ -9,15 +9,10 @@ export function useAuth<U>(store: AuthStore<U>) {
9
9
  const config = store.config;
10
10
 
11
11
  // Set axios Authorization header (token mode only)
12
+ // Note: CSRF is handled by interceptor in authStore.ts
12
13
  const setAxiosAuth = useCallback((token?: string, tokenType?: string) => {
13
14
  if (config.cookieAuth?.enabled) {
14
- // Cookie mode: CSRF header if enabled, no Authorization header
15
- if (config.cookieAuth.csrf.enabled) {
16
- const csrfToken = getCookie(config.cookieAuth.csrf.cookieName);
17
- if (csrfToken) {
18
- config.axios.defaults.headers.common[config.cookieAuth.csrf.headerName] = csrfToken;
19
- }
20
- }
15
+ // Cookie mode: CSRF handled by interceptor, no Authorization header needed
21
16
  return;
22
17
  }
23
18
 
@@ -217,18 +212,11 @@ export function useAuth<U>(store: AuthStore<U>) {
217
212
  return { login, logout, refresh, checkAuth, getCurrentUser };
218
213
  }
219
214
 
220
- // Helper: Get cookie value
221
- function getCookie(name: string): string | null {
222
- if (typeof document === 'undefined') return null;
223
- const match = document.cookie.match(new RegExp(`(^| )${name}=([^;]+)`));
224
- return match ? match[2] : null;
225
- }
226
-
227
- // Helper: Get CSRF headers if enabled
215
+ // Helper: Get CSRF headers if enabled (uses getToken from config)
228
216
  function getCsrfHeaders(config: any): Record<string, string> {
229
217
  const headers: Record<string, string> = {};
230
218
  if (config.cookieAuth?.csrf?.enabled) {
231
- const csrfToken = getCookie(config.cookieAuth.csrf.cookieName);
219
+ const csrfToken = config.cookieAuth.csrf.getToken();
232
220
  if (csrfToken) {
233
221
  headers[config.cookieAuth.csrf.headerName] = csrfToken;
234
222
  }