@netlify/identity 0.1.1-alpha.8 → 0.1.1

package/dist/index.js

@@ -3,26 +3,6 @@ var AUTH_PROVIDERS = ["google", "github", "gitlab", "bitbucket", "facebook", "sa
 
 // src/environment.ts
 import GoTrue from "gotrue-js";
-
-// src/errors.ts
-var AuthError = class extends Error {
-  constructor(message, status, options) {
-    super(message);
-    this.name = "AuthError";
-    this.status = status;
-    if (options && "cause" in options) {
-      this.cause = options.cause;
-    }
-  }
-};
-var MissingIdentityError = class extends Error {
-  constructor(message = "Identity is not available in this environment") {
-    super(message);
-    this.name = "MissingIdentityError";
-  }
-};
-
-// src/environment.ts
 var IDENTITY_PATH = "/.netlify/identity";
 var goTrueClient = null;
 var cachedApiUrl;
@@ -57,11 +37,6 @@ var getGoTrueClient = () => {
   goTrueClient = new GoTrue({ APIUrl: apiUrl, setCookie: isBrowser() });
   return goTrueClient;
 };
-var getClient = () => {
-  const client = getGoTrueClient();
-  if (!client) throw new MissingIdentityError();
-  return client;
-};
 var getIdentityContext = () => {
   const identityContext = globalThis.netlifyIdentityContext;
   if (identityContext?.url) {
@@ -76,43 +51,6 @@ var getIdentityContext = () => {
   return null;
 };
 
-// src/cookies.ts
-var NF_JWT_COOKIE = "nf_jwt";
-var NF_REFRESH_COOKIE = "nf_refresh";
-var getCookie = (name) => {
-  const match = document.cookie.match(new RegExp(`(?:^|; )${name.replace(/[.*+?^${}()|[\]\\]/g, "\\$&")}=([^;]*)`));
-  return match ? decodeURIComponent(match[1]) : null;
-};
-var setAuthCookies = (cookies, accessToken, refreshToken) => {
-  cookies.set({
-    name: NF_JWT_COOKIE,
-    value: accessToken,
-    httpOnly: false,
-    secure: true,
-    path: "/",
-    sameSite: "Lax"
-  });
-  if (refreshToken) {
-    cookies.set({
-      name: NF_REFRESH_COOKIE,
-      value: refreshToken,
-      httpOnly: false,
-      secure: true,
-      path: "/",
-      sameSite: "Lax"
-    });
-  }
-};
-var deleteAuthCookies = (cookies) => {
-  cookies.delete(NF_JWT_COOKIE);
-  cookies.delete(NF_REFRESH_COOKIE);
-};
-var getServerCookie = (name) => {
-  const cookies = globalThis.Netlify?.context?.cookies;
-  if (!cookies || typeof cookies.get !== "function") return null;
-  return cookies.get(name) ?? null;
-};
-
 // src/user.ts
 var toAuthProvider = (value) => typeof value === "string" && AUTH_PROVIDERS.includes(value) ? value : void 0;
 var toUser = (userData) => {
@@ -145,42 +83,36 @@ var claimsToUser = (claims) => {
     metadata: userMeta
   };
 };
-var decodeJwtPayload = (token) => {
-  try {
-    const parts = token.split(".");
-    if (parts.length !== 3) return null;
-    const payload = atob(parts[1].replace(/-/g, "+").replace(/_/g, "/"));
-    return JSON.parse(payload);
-  } catch {
-    return null;
-  }
-};
 var getUser = () => {
   if (isBrowser()) {
     const client = getGoTrueClient();
     const currentUser = client?.currentUser() ?? null;
-    if (currentUser) return toUser(currentUser);
-    const jwt2 = getCookie(NF_JWT_COOKIE);
-    if (!jwt2) return null;
-    const claims = decodeJwtPayload(jwt2);
-    if (!claims) return null;
-    return claimsToUser(claims);
+    if (!currentUser) return null;
+    return toUser(currentUser);
   }
   const identityContext = globalThis.netlifyIdentityContext;
-  if (identityContext?.user) {
-    return claimsToUser(identityContext.user);
+  if (!identityContext?.user) return null;
+  return claimsToUser(identityContext.user);
+};
+var isAuthenticated = () => getUser() !== null;
+
+// src/errors.ts
+var AuthError = class extends Error {
+  constructor(message, status, options) {
+    super(message);
+    this.name = "AuthError";
+    this.status = status;
+    if (options && "cause" in options) {
+      this.cause = options.cause;
+    }
   }
-  const jwt = getServerCookie(NF_JWT_COOKIE);
-  if (jwt) {
-    console.debug(
-      `[@netlify/identity] getUser: no identityContext.user, but nf_jwt cookie found on request. Decoding JWT from cookie. (identityContext: ${identityContext ? `{ url: ${!!identityContext.url}, token: ${!!identityContext.token}, user: ${!!identityContext.user} }` : "null"}, Netlify.context: ${!!globalThis.Netlify?.context})`
-    );
-    const claims = decodeJwtPayload(jwt);
-    if (claims) return claimsToUser(claims);
+};
+var MissingIdentityError = class extends Error {
+  constructor(message = "Identity is not available in this environment") {
+    super(message);
+    this.name = "MissingIdentityError";
   }
-  return null;
 };
-var isAuthenticated = () => getUser() !== null;
 
 // src/config.ts
 var getIdentityConfig = () => {
@@ -190,7 +122,8 @@ var getIdentityConfig = () => {
   return getIdentityContext();
 };
 var getSettings = async () => {
-  const client = getClient();
+  const client = getGoTrueClient();
+  if (!client) throw new MissingIdentityError();
   try {
     const raw = await client.settings();
     const external = raw.external ?? {};
@@ -211,408 +144,12 @@ var getSettings = async () => {
     throw new AuthError(err instanceof Error ? err.message : "Failed to fetch identity settings", 502, { cause: err });
   }
 };
-
-// src/auth.ts
-var getCookies = () => {
-  const cookies = globalThis.Netlify?.context?.cookies;
-  if (!cookies) {
-    throw new AuthError("Server-side auth requires Netlify Functions runtime");
-  }
-  return cookies;
-};
-var getServerIdentityUrl = () => {
-  const ctx = getIdentityContext();
-  if (!ctx?.url) {
-    throw new AuthError("Could not determine the Identity endpoint URL on the server");
-  }
-  return ctx.url;
-};
-var persistSession = true;
-var listeners = /* @__PURE__ */ new Set();
-var emitAuthEvent = (event, user) => {
-  for (const listener of listeners) {
-    listener(event, user);
-  }
-};
-var storageListenerAttached = false;
-var attachStorageListener = () => {
-  if (storageListenerAttached) return;
-  storageListenerAttached = true;
-  window.addEventListener("storage", (event) => {
-    if (event.key !== "gotrue.user") return;
-    if (event.newValue) {
-      const client = getGoTrueClient();
-      const currentUser = client?.currentUser();
-      emitAuthEvent("login", currentUser ? toUser(currentUser) : null);
-    } else {
-      emitAuthEvent("logout", null);
-    }
-  });
-};
-var onAuthChange = (callback) => {
-  if (!isBrowser()) {
-    return () => {
-    };
-  }
-  listeners.add(callback);
-  attachStorageListener();
-  return () => {
-    listeners.delete(callback);
-  };
-};
-var login = async (email, password) => {
-  if (!isBrowser()) {
-    const identityUrl = getServerIdentityUrl();
-    const cookies = getCookies();
-    const body = new URLSearchParams({
-      grant_type: "password",
-      username: email,
-      password
-    });
-    let res;
-    try {
-      res = await fetch(`${identityUrl}/token`, {
-        method: "POST",
-        headers: { "Content-Type": "application/x-www-form-urlencoded" },
-        body: body.toString()
-      });
-    } catch (error) {
-      throw new AuthError(error.message, void 0, { cause: error });
-    }
-    if (!res.ok) {
-      const errorBody = await res.json().catch(() => ({}));
-      throw new AuthError(
-        errorBody.msg || errorBody.error_description || `Login failed (${res.status})`,
-        res.status
-      );
-    }
-    const data = await res.json();
-    const accessToken = data.access_token;
-    let userRes;
-    try {
-      userRes = await fetch(`${identityUrl}/user`, {
-        headers: { Authorization: `Bearer ${accessToken}` }
-      });
-    } catch (error) {
-      throw new AuthError(error.message, void 0, { cause: error });
-    }
-    if (!userRes.ok) {
-      const errorBody = await userRes.json().catch(() => ({}));
-      throw new AuthError(
-        errorBody.msg || `Failed to fetch user data (${userRes.status})`,
-        userRes.status
-      );
-    }
-    const userData = await userRes.json();
-    const user = toUser(userData);
-    setAuthCookies(cookies, accessToken, data.refresh_token);
-    return user;
-  }
-  const client = getClient();
-  try {
-    const gotrueUser = await client.login(email, password, persistSession);
-    const user = toUser(gotrueUser);
-    emitAuthEvent("login", user);
-    return user;
-  } catch (error) {
-    throw new AuthError(error.message, void 0, { cause: error });
-  }
-};
-var signup = async (email, password, data) => {
-  if (!isBrowser()) {
-    const identityUrl = getServerIdentityUrl();
-    const cookies = getCookies();
-    let res;
-    try {
-      res = await fetch(`${identityUrl}/signup`, {
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify({ email, password, data })
-      });
-    } catch (error) {
-      throw new AuthError(error.message, void 0, { cause: error });
-    }
-    if (!res.ok) {
-      const errorBody = await res.json().catch(() => ({}));
-      throw new AuthError(errorBody.msg || `Signup failed (${res.status})`, res.status);
-    }
-    const responseData = await res.json();
-    const user = toUser(responseData);
-    if (responseData.confirmed_at) {
-      const responseRecord = responseData;
-      const accessToken = responseRecord.access_token;
-      if (accessToken) {
-        setAuthCookies(cookies, accessToken, responseRecord.refresh_token);
-      }
-    }
-    return user;
-  }
-  const client = getClient();
-  try {
-    const response = await client.signup(email, password, data);
-    const user = toUser(response);
-    if (response.confirmed_at) {
-      emitAuthEvent("login", user);
-    }
-    return user;
-  } catch (error) {
-    throw new AuthError(error.message, void 0, { cause: error });
-  }
-};
-var logout = async () => {
-  if (!isBrowser()) {
-    const identityUrl = getServerIdentityUrl();
-    const cookies = getCookies();
-    const jwt = cookies.get(NF_JWT_COOKIE);
-    if (jwt) {
-      try {
-        await fetch(`${identityUrl}/logout`, {
-          method: "POST",
-          headers: { Authorization: `Bearer ${jwt}` }
-        });
-      } catch (error) {
-        throw new AuthError(error.message, void 0, { cause: error });
-      }
-    }
-    deleteAuthCookies(cookies);
-    return;
-  }
-  const client = getClient();
-  try {
-    const currentUser = client.currentUser();
-    if (currentUser) {
-      await currentUser.logout();
-    }
-    emitAuthEvent("logout", null);
-  } catch (error) {
-    throw new AuthError(error.message, void 0, { cause: error });
-  }
-};
-var oauthLogin = (provider) => {
-  if (!isBrowser()) {
-    throw new Error("oauthLogin() is only available in the browser");
-  }
-  const client = getClient();
-  window.location.href = client.loginExternalUrl(provider);
-  throw new Error("Redirecting to OAuth provider");
-};
-var handleAuthCallback = async () => {
-  if (!isBrowser()) return null;
-  const hash = window.location.hash.substring(1);
-  if (!hash) return null;
-  const client = getClient();
-  try {
-    const params = new URLSearchParams(hash);
-    const accessToken = params.get("access_token");
-    if (accessToken) {
-      const gotrueUser = await client.createUser(
-        {
-          access_token: accessToken,
-          token_type: params.get("token_type") ?? "bearer",
-          expires_in: Number(params.get("expires_in")),
-          expires_at: Number(params.get("expires_at")),
-          refresh_token: params.get("refresh_token") ?? ""
-        },
-        persistSession
-      );
-      const user = toUser(gotrueUser);
-      clearHash();
-      emitAuthEvent("login", user);
-      return { type: "oauth", user };
-    }
-    const confirmationToken = params.get("confirmation_token");
-    if (confirmationToken) {
-      const gotrueUser = await client.confirm(confirmationToken, persistSession);
-      const user = toUser(gotrueUser);
-      clearHash();
-      emitAuthEvent("login", user);
-      return { type: "confirmation", user };
-    }
-    const recoveryToken = params.get("recovery_token");
-    if (recoveryToken) {
-      const gotrueUser = await client.recover(recoveryToken, persistSession);
-      const user = toUser(gotrueUser);
-      clearHash();
-      emitAuthEvent("login", user);
-      return { type: "recovery", user };
-    }
-    const inviteToken = params.get("invite_token");
-    if (inviteToken) {
-      clearHash();
-      return { type: "invite", user: null, token: inviteToken };
-    }
-    const emailChangeToken = params.get("email_change_token");
-    if (emailChangeToken) {
-      const currentUser = client.currentUser();
-      if (!currentUser) {
-        throw new AuthError("Email change verification requires an active browser session");
-      }
-      const jwt = await currentUser.jwt();
-      const identityUrl = `${window.location.origin}${IDENTITY_PATH}`;
-      const emailChangeRes = await fetch(`${identityUrl}/user`, {
-        method: "PUT",
-        headers: {
-          "Content-Type": "application/json",
-          Authorization: `Bearer ${jwt}`
-        },
-        body: JSON.stringify({ email_change_token: emailChangeToken })
-      });
-      if (!emailChangeRes.ok) {
-        const errorBody = await emailChangeRes.json().catch(() => ({}));
-        throw new AuthError(
-          errorBody.msg || `Email change verification failed (${emailChangeRes.status})`,
-          emailChangeRes.status
-        );
-      }
-      const emailChangeData = await emailChangeRes.json();
-      const user = toUser(emailChangeData);
-      clearHash();
-      emitAuthEvent("user_updated", user);
-      return { type: "email_change", user };
-    }
-    return null;
-  } catch (error) {
-    throw new AuthError(error.message, void 0, { cause: error });
-  }
-};
-var clearHash = () => {
-  history.replaceState(null, "", window.location.pathname + window.location.search);
-};
-var hydrateSession = async () => {
-  if (!isBrowser()) return null;
-  const client = getClient();
-  const currentUser = client.currentUser();
-  if (currentUser) return toUser(currentUser);
-  const accessToken = getCookie(NF_JWT_COOKIE);
-  if (!accessToken) return null;
-  const refreshToken = getCookie(NF_REFRESH_COOKIE) ?? "";
-  const gotrueUser = await client.createUser(
-    {
-      access_token: accessToken,
-      token_type: "bearer",
-      expires_in: 3600,
-      expires_at: Math.floor(Date.now() / 1e3) + 3600,
-      refresh_token: refreshToken
-    },
-    persistSession
-  );
-  const user = toUser(gotrueUser);
-  emitAuthEvent("login", user);
-  return user;
-};
-
-// src/account.ts
-var ensureCurrentUser = async () => {
-  const client = getClient();
-  let currentUser = client.currentUser();
-  if (!currentUser && isBrowser()) {
-    await hydrateSession();
-    currentUser = client.currentUser();
-  }
-  if (!currentUser) throw new AuthError("No user is currently logged in");
-  return currentUser;
-};
-var requestPasswordRecovery = async (email) => {
-  const client = getClient();
-  try {
-    await client.requestPasswordRecovery(email);
-  } catch (error) {
-    throw new AuthError(error.message, void 0, { cause: error });
-  }
-};
-var recoverPassword = async (token, newPassword) => {
-  const client = getClient();
-  try {
-    const gotrueUser = await client.recover(token, persistSession);
-    const updatedUser = await gotrueUser.update({ password: newPassword });
-    const user = toUser(updatedUser);
-    emitAuthEvent("login", user);
-    return user;
-  } catch (error) {
-    throw new AuthError(error.message, void 0, { cause: error });
-  }
-};
-var confirmEmail = async (token) => {
-  const client = getClient();
-  try {
-    const gotrueUser = await client.confirm(token, persistSession);
-    const user = toUser(gotrueUser);
-    emitAuthEvent("login", user);
-    return user;
-  } catch (error) {
-    throw new AuthError(error.message, void 0, { cause: error });
-  }
-};
-var acceptInvite = async (token, password) => {
-  const client = getClient();
-  try {
-    const gotrueUser = await client.acceptInvite(token, password, persistSession);
-    const user = toUser(gotrueUser);
-    emitAuthEvent("login", user);
-    return user;
-  } catch (error) {
-    throw new AuthError(error.message, void 0, { cause: error });
-  }
-};
-var verifyEmailChange = async (token) => {
-  if (!isBrowser()) throw new AuthError("verifyEmailChange() is only available in the browser");
-  const currentUser = await ensureCurrentUser();
-  const jwt = await currentUser.jwt();
-  const identityUrl = `${window.location.origin}${IDENTITY_PATH}`;
-  try {
-    const res = await fetch(`${identityUrl}/user`, {
-      method: "PUT",
-      headers: {
-        "Content-Type": "application/json",
-        Authorization: `Bearer ${jwt}`
-      },
-      body: JSON.stringify({ email_change_token: token })
-    });
-    if (!res.ok) {
-      const errorBody = await res.json().catch(() => ({}));
-      throw new AuthError(
-        errorBody.msg || `Email change verification failed (${res.status})`,
-        res.status
-      );
-    }
-    const userData = await res.json();
-    const user = toUser(userData);
-    emitAuthEvent("user_updated", user);
-    return user;
-  } catch (error) {
-    if (error instanceof AuthError) throw error;
-    throw new AuthError(error.message, void 0, { cause: error });
-  }
-};
-var updateUser = async (updates) => {
-  const currentUser = await ensureCurrentUser();
-  try {
-    const updatedUser = await currentUser.update(updates);
-    const user = toUser(updatedUser);
-    emitAuthEvent("user_updated", user);
-    return user;
-  } catch (error) {
-    throw new AuthError(error.message, void 0, { cause: error });
-  }
-};
 export {
   AuthError,
   MissingIdentityError,
-  acceptInvite,
-  confirmEmail,
   getIdentityConfig,
   getSettings,
   getUser,
-  handleAuthCallback,
-  isAuthenticated,
-  login,
-  logout,
-  oauthLogin,
-  onAuthChange,
-  recoverPassword,
-  requestPasswordRecovery,
-  signup,
-  updateUser,
-  verifyEmailChange
+  isAuthenticated
 };
 //# sourceMappingURL=index.js.map