@kawaiininja/fetch 1.0.7 → 1.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/hooks/useFetch.d.ts +5 -0
- package/dist/hooks/useFetch.js +47 -21
- package/package.json +1 -1
package/dist/hooks/useFetch.d.ts
CHANGED
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
import { BaseFetchOptions } from "./types";
|
|
2
2
|
import { ApiSurface } from "./utils";
|
|
3
|
+
/**
|
|
4
|
+
* 🔥 SECURITY UPGRADE: Clear Vault
|
|
5
|
+
* Call this on logout to ensure tokens are purged from memory.
|
|
6
|
+
*/
|
|
7
|
+
export declare const clearNativeAuthVault: () => void;
|
|
3
8
|
/**
|
|
4
9
|
* useFetch Hook
|
|
5
10
|
*
|
package/dist/hooks/useFetch.js
CHANGED
|
@@ -5,6 +5,26 @@ import { isNative } from "./platform";
|
|
|
5
5
|
import { useApiConfig } from "./useApiConfig";
|
|
6
6
|
import { useCsrf } from "./useCsrf";
|
|
7
7
|
import { createApiSurface } from "./utils";
|
|
8
|
+
/**
|
|
9
|
+
* 🛡️ SESSION MEMORY VAULT
|
|
10
|
+
* Caches native tokens in memory for the lifetime of the JS process.
|
|
11
|
+
* This avoids expensive SecureStorage calls on every request.
|
|
12
|
+
*/
|
|
13
|
+
const nativeAuthVault = {
|
|
14
|
+
token: undefined,
|
|
15
|
+
sessionId: undefined,
|
|
16
|
+
loaded: false,
|
|
17
|
+
};
|
|
18
|
+
/**
|
|
19
|
+
* 🔥 SECURITY UPGRADE: Clear Vault
|
|
20
|
+
* Call this on logout to ensure tokens are purged from memory.
|
|
21
|
+
*/
|
|
22
|
+
export const clearNativeAuthVault = () => {
|
|
23
|
+
nativeAuthVault.loaded = false;
|
|
24
|
+
nativeAuthVault.token = undefined;
|
|
25
|
+
nativeAuthVault.sessionId = undefined;
|
|
26
|
+
console.log("[useFetch] [Native] Auth vault cleared.");
|
|
27
|
+
};
|
|
8
28
|
/**
|
|
9
29
|
* useFetch Hook
|
|
10
30
|
*
|
|
@@ -48,29 +68,35 @@ export const useFetch = (endpoint, baseOptions = {}) => {
|
|
|
48
68
|
// 🔒 SECURITY STRATEGY: NATIVE (MOBILE)
|
|
49
69
|
if (_isNative && isInternal) {
|
|
50
70
|
// Mobile relies on manual headers ("Active Courier")
|
|
51
|
-
// 🛡️ S-RANK UPGRADE: Use
|
|
71
|
+
// 🛡️ S-RANK UPGRADE: Use Session Memory Vault (In-Memory Singleton)
|
|
52
72
|
console.log(`[useFetch] [Native] Strategy: Active Courier for ${url}`);
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
+
if (!nativeAuthVault.loaded) {
|
|
74
|
+
try {
|
|
75
|
+
const { value: t } = await SecureStoragePlugin.get({ key: "token" });
|
|
76
|
+
const { value: s } = await SecureStoragePlugin.get({
|
|
77
|
+
key: "session_id",
|
|
78
|
+
});
|
|
79
|
+
nativeAuthVault.token = t || undefined;
|
|
80
|
+
nativeAuthVault.sessionId = s || undefined;
|
|
81
|
+
// Fallback to localStorage if SecureStorage is empty
|
|
82
|
+
if (!nativeAuthVault.token) {
|
|
83
|
+
nativeAuthVault.token = localStorage.getItem("token") || undefined;
|
|
84
|
+
nativeAuthVault.sessionId =
|
|
85
|
+
localStorage.getItem("session_id") || undefined;
|
|
86
|
+
}
|
|
87
|
+
nativeAuthVault.loaded = true;
|
|
88
|
+
console.log("[useFetch] [Native] Auth vault initialized.");
|
|
89
|
+
}
|
|
90
|
+
catch (err) {
|
|
91
|
+
console.warn("[useFetch] [Native] SecureStorage failed, falling back to localStorage:", err);
|
|
92
|
+
nativeAuthVault.token = localStorage.getItem("token") || undefined;
|
|
93
|
+
nativeAuthVault.sessionId =
|
|
94
|
+
localStorage.getItem("session_id") || undefined;
|
|
95
|
+
nativeAuthVault.loaded = true;
|
|
96
|
+
}
|
|
73
97
|
}
|
|
98
|
+
const authToken = nativeAuthVault.token;
|
|
99
|
+
const sessionId = nativeAuthVault.sessionId;
|
|
74
100
|
if (authToken)
|
|
75
101
|
headersConfig["Authorization"] = `Bearer ${authToken}`;
|
|
76
102
|
if (sessionId)
|