@nhost/nhost-js 4.6.0 → 4.7.0

package/dist/middlewareWithAdminSession-CcuYKs5Y.js

@@ -1,106 +0,0 @@
-import { r as refreshSession } from "./refreshSession-WwGlzgtM.js";
-const attachAccessTokenMiddleware = (storage) => (next) => async (url, options = {}) => {
-  const headers = new Headers(options.headers || {});
-  if (headers.has("Authorization")) {
-    return next(url, options);
-  }
-  const session = storage.get();
-  if (session?.accessToken) {
-    const newOptions = {
-      ...options,
-      headers: addAuthorizationHeader(headers, session)
-    };
-    return next(url, newOptions);
-  }
-  return next(url, options);
-};
-function addAuthorizationHeader(headers, session) {
-  if (session.accessToken) {
-    headers.set("Authorization", `Bearer ${session.accessToken}`);
-  }
-  return headers;
-}
-const sessionRefreshMiddleware = (auth, storage, options) => {
-  const { marginSeconds = 60 } = options || {};
-  return (next) => async (url, options2 = {}) => {
-    if (shouldSkipTokenHandling(url, options2)) {
-      return next(url, options2);
-    }
-    try {
-      await refreshSession(auth, storage, marginSeconds);
-    } catch {
-    }
-    return next(url, options2);
-  };
-};
-function shouldSkipTokenHandling(url, options) {
-  const headers = new Headers(options.headers || {});
-  if (headers.has("Authorization")) {
-    return true;
-  }
-  if (url.endsWith("/v1/token")) {
-    return true;
-  }
-  return false;
-}
-const updateSessionFromResponseMiddleware = (storage) => {
-  const sessionExtractor = (body) => {
-    if (typeof body === "string") {
-      return null;
-    }
-    if ("session" in body) {
-      return body.session || null;
-    }
-    if ("accessToken" in body && "refreshToken" in body && "user" in body) {
-      return body;
-    }
-    return null;
-  };
-  return (next) => async (url, options) => {
-    const response = await next(url, options);
-    try {
-      if (url.endsWith("/signout")) {
-        storage.remove();
-        return response;
-      }
-      if (url.endsWith("/token") || url.includes("/token/exchange") || url.includes("/signin/") || url.includes("/signup/")) {
-        const clonedResponse = response.clone();
-        const body = await clonedResponse.json().catch(() => null);
-        if (body) {
-          const session = sessionExtractor(body);
-          if (session?.accessToken && session.refreshToken) {
-            storage.set(session);
-          }
-        }
-      }
-    } catch (error) {
-      console.warn("Error in session response middleware:", error);
-    }
-    return response;
-  };
-};
-const withAdminSessionMiddleware = (options) => (next) => async (url, requestOptions = {}) => {
-  const headers = new Headers(requestOptions.headers || {});
-  if (!headers.has("x-hasura-admin-secret")) {
-    headers.set("x-hasura-admin-secret", options.adminSecret);
-  }
-  if (options.role && !headers.has("x-hasura-role")) {
-    headers.set("x-hasura-role", options.role);
-  }
-  if (options.sessionVariables) {
-    for (const [key, value] of Object.entries(options.sessionVariables)) {
-      const headerKey = key.startsWith("x-hasura-") ? key : `x-hasura-${key}`;
-      if (!headers.has(headerKey)) {
-        headers.set(headerKey, value);
-      }
-    }
-  }
-  return next(url, { ...requestOptions, headers });
-};
-export {
-  attachAccessTokenMiddleware as a,
-  sessionRefreshMiddleware as s,
-  updateSessionFromResponseMiddleware as u,
-  withAdminSessionMiddleware as w
-};
-//# sourceMappingURL=middlewareWithAdminSession-CcuYKs5Y.js.map

package/dist/middlewareWithAdminSession-CcuYKs5Y.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"middlewareWithAdminSession-CcuYKs5Y.js","sources":["../src/fetch/middlewareAttachAccessToken.ts","../src/fetch/middlewareSessionRefresh.ts","../src/fetch/middlewareUpdateSessionFromResponse.ts","../src/fetch/middlewareWithAdminSession.ts"],"sourcesContent":["/**\n * Authorization token attachment middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically attach\n * authorization tokens to outgoing API requests, ensuring the client\n * is properly authenticated.\n */\n\nimport type { Session } from '../auth';\nimport type { SessionStorage } from '../session/storage';\nimport type { ChainFunction, FetchFunction } from './fetch';\n\n/**\n * Creates a fetch middleware that adds the Authorization header with the current access token.\n *\n * This middleware:\n * 1. Gets the current session from storage\n * 2. Adds the authorization header with the access token to outgoing requests\n *\n * This middleware should be used after the refresh middleware in the chain to\n * ensure the most recent token is used.\n *\n * @param storage - Storage implementation for retrieving session data\n * @returns A middleware function that adds Authorization headers\n */\nexport const attachAccessTokenMiddleware =\n  (storage: SessionStorage): ChainFunction =>\n  (next: FetchFunction): FetchFunction =>\n  async (url: string, options: RequestInit = {}): Promise<Response> => {\n    const headers = new Headers(options.headers || {});\n\n    // Skip if Authorization header is already set\n    if (headers.has('Authorization')) {\n      return next(url, options);\n    }\n\n    // Get current session from storage\n    const session = storage.get();\n\n    if (session?.accessToken) {\n      // Add authorization header\n      const newOptions = {\n        ...options,\n        headers: addAuthorizationHeader(headers, session),\n      };\n\n      // Continue with the fetch chain\n      return next(url, newOptions);\n    }\n\n    // No session or no access token, continue without authorization\n    return next(url, options);\n  };\n\n/**\n * Adds the Authorization header with the access token to the request headers\n *\n * @param headers - Original request headers\n * @param session - Current session containing the access token\n * @returns Modified headers with Authorization header\n */\nfunction addAuthorizationHeader(headers: Headers, session: Session): Headers {\n  if (session.accessToken) {\n    headers.set('Authorization', `Bearer ${session.accessToken}`);\n  }\n  return headers;\n}\n","/**\n * Auth token refresh middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically refresh\n * authentication tokens before they expire, ensuring seamless API access\n * without requiring manual token refresh by the application.\n */\n\nimport type { Client } from '../auth';\nimport { refreshSession } from '../session/refreshSession';\nimport type { SessionStorage } from '../session/storage';\nimport type { ChainFunction, FetchFunction } from './fetch';\n\n/**\n * Creates a fetch middleware that automatically refreshes authentication tokens.\n *\n * This middleware:\n * 1. Checks if the current token is about to expire\n * 2. If so, uses the refresh token to obtain a new access token\n *\n * The middleware handles token refresh transparently, so the application\n * doesn't need to manually refresh tokens.\n *\n * @param auth - Auth API client for token refresh operations\n * @param storage - Storage implementation for persisting session data\n * @param options - Configuration options for token refresh behavior\n * @param options.marginSeconds - Number of seconds before token expiration to trigger a refresh, default is 60 seconds\n * @returns A middleware function that can be used in the fetch chain\n */\nexport const sessionRefreshMiddleware = (\n  auth: Client,\n  storage: SessionStorage,\n  options?: {\n    marginSeconds?: number;\n  },\n): ChainFunction => {\n  const { marginSeconds = 60 } = options || {};\n\n  // Create and return the chain function\n  return (next: FetchFunction): FetchFunction =>\n    async (url: string, options: RequestInit = {}): Promise<Response> => {\n      // Skip token handling for certain requests\n      if (shouldSkipTokenHandling(url, options)) {\n        return next(url, options);\n      }\n\n      try {\n        await refreshSession(auth, storage, marginSeconds);\n      } catch {\n        // do nothing, we still want to call the next function\n      }\n      return next(url, options);\n    };\n};\n\n/**\n * Determines if token handling should be skipped for this request\n *\n * @param url - Request URL\n * @param options - Request options\n * @returns True if token handling should be skipped, false otherwise\n */\nfunction shouldSkipTokenHandling(url: string, options: RequestInit): boolean {\n  const headers = new Headers(options.headers || {});\n\n  // If Authorization header is explicitly set, skip token handling\n  if (headers.has('Authorization')) {\n    return true;\n  }\n\n  // If calling the token endpoint, skip to avoid infinite loops\n  if (url.endsWith('/v1/token')) {\n    return true;\n  }\n\n  return false;\n}\n","/**\n * Session response middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically extract\n * and persist session information from authentication responses, ensuring\n * that new sessions are properly stored after sign-in operations.\n */\n\nimport type { Session, SessionPayload } from '../auth';\nimport type { SessionStorage } from '../session/storage';\nimport type { ChainFunction } from './fetch';\n\n/**\n * Creates a fetch middleware that automatically extracts and stores session data from API responses.\n *\n * This middleware:\n * 1. Monitors responses from authentication-related endpoints\n * 2. Extracts session information when present\n * 3. Stores the session in the provided storage implementation\n * 4. Handles session removal on sign-out\n *\n * This ensures that session data is always up-to-date in storage after operations\n * that create or invalidate sessions.\n *\n * @param storage - Storage implementation for persisting session data\n * @returns A middleware function that can be used in the fetch chain\n */\nexport const updateSessionFromResponseMiddleware = (\n  storage: SessionStorage,\n): ChainFunction => {\n  /**\n   * Helper function to extract session data from various response formats\n   *\n   * @param body - Response data to extract session from\n   * @returns Session object if found, null otherwise\n   */\n  const sessionExtractor = (\n    body: Session | SessionPayload | string,\n  ): Session | null => {\n    if (typeof body === 'string') {\n      return null;\n    }\n\n    if ('session' in body) {\n      // SessionPayload\n      return body.session || null;\n    }\n\n    if ('accessToken' in body && 'refreshToken' in body && 'user' in body) {\n      // Session\n      return body;\n    }\n\n    return null;\n  };\n\n  return (next: (url: string, options?: RequestInit) => Promise<Response>) =>\n    async (url: string, options?: RequestInit) => {\n      // Call the next middleware in the chain\n      const response = await next(url, options);\n\n      try {\n        // Check if this is a logout request\n        if (url.endsWith('/signout')) {\n          // Remove session on sign-out\n          storage.remove();\n          return response;\n        }\n\n        // Check if this is an auth-related endpoint that might return session data\n        if (\n          url.endsWith('/token') ||\n          url.includes('/token/exchange') ||\n          url.includes('/signin/') ||\n          url.includes('/signup/')\n        ) {\n          // Clone the response to avoid consuming it\n          const clonedResponse = response.clone();\n\n          // Parse the JSON data\n          const body = (await clonedResponse.json().catch(() => null)) as\n            | Session\n            | SessionPayload;\n\n          if (body) {\n            // Extract session data from response using provided extractor\n            const session = sessionExtractor(body);\n\n            // If session data is found, store it\n            if (session?.accessToken && session.refreshToken) {\n              storage.set(session);\n            }\n          }\n        }\n      } catch (error) {\n        console.warn('Error in session response middleware:', error);\n      }\n\n      // Return the original response\n      return response;\n    };\n};\n","/**\n * Admin session middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically attach\n * Hasura admin secret for admin permissions in requests.\n */\n\nimport type { ChainFunction, FetchFunction } from './fetch';\n\n/**\n * Configuration options for admin session middleware\n */\nexport interface AdminSessionOptions {\n  /**\n   * Hasura admin secret for elevated permissions (sets x-hasura-admin-secret header)\n   */\n  adminSecret: string;\n\n  /**\n   * Hasura role to use for the request (sets x-hasura-role header)\n   */\n  role?: string;\n\n  /**\n   * Additional Hasura session variables to attach to requests.\n   * Keys will be automatically prefixed with 'x-hasura-' if not already present.\n   *\n   * @example\n   * ```ts\n   * {\n   *   'user-id': '123',\n   *   'org-id': '456'\n   * }\n   * // Results in headers:\n   * // x-hasura-user-id: 123\n   * // x-hasura-org-id: 456\n   * ```\n   */\n  sessionVariables?: Record<string, string>;\n}\n\n/**\n * Creates a fetch middleware that attaches the Hasura admin secret and optional session variables to requests.\n *\n * This middleware:\n * 1. Sets the x-hasura-admin-secret header, which grants full admin access to Hasura\n * 2. Optionally sets the x-hasura-role header if a role is provided\n * 3. Optionally sets additional x-hasura-* headers for custom session variables\n *\n * **Security Warning**: Never use this middleware in client-side code or expose\n * the admin secret to end users. Admin secrets grant unrestricted access to your\n * entire database. This should only be used in trusted server-side environments.\n *\n * The middleware preserves request-specific headers when they conflict with the\n * admin session configuration.\n *\n * @param options - Admin session options including admin secret, role, and session variables\n * @returns A middleware function that can be used in the fetch chain\n *\n * @example\n * ```ts\n * // Create middleware with admin secret only\n * const adminMiddleware = withAdminSessionMiddleware({\n *   adminSecret: process.env.NHOST_ADMIN_SECRET\n * });\n *\n * // Create middleware with admin secret and role\n * const adminUserMiddleware = withAdminSessionMiddleware({\n *   adminSecret: process.env.NHOST_ADMIN_SECRET,\n *   role: 'user'\n * });\n *\n * // Create middleware with admin secret, role, and custom session variables\n * const fullMiddleware = withAdminSessionMiddleware({\n *   adminSecret: process.env.NHOST_ADMIN_SECRET,\n *   role: 'user',\n *   sessionVariables: {\n *     'user-id': '123',\n *     'org-id': '456'\n *   }\n * });\n *\n * // Use with createCustomClient for an admin client\n * const adminClient = createCustomClient({\n *   subdomain: 'myproject',\n *   region: 'eu-central-1',\n *   chainFunctions: [adminMiddleware]\n * });\n * ```\n */\nexport const withAdminSessionMiddleware =\n  (options: AdminSessionOptions): ChainFunction =>\n  (next: FetchFunction): FetchFunction =>\n  async (url: string, requestOptions: RequestInit = {}): Promise<Response> => {\n    const headers = new Headers(requestOptions.headers || {});\n\n    // Set x-hasura-admin-secret if not already present\n    if (!headers.has('x-hasura-admin-secret')) {\n      headers.set('x-hasura-admin-secret', options.adminSecret);\n    }\n\n    // Set x-hasura-role if provided and not already present\n    if (options.role && !headers.has('x-hasura-role')) {\n      headers.set('x-hasura-role', options.role);\n    }\n\n    // Set custom session variables\n    if (options.sessionVariables) {\n      for (const [key, value] of Object.entries(options.sessionVariables)) {\n        // Ensure the key has the x-hasura- prefix\n        const headerKey = key.startsWith('x-hasura-') ? key : `x-hasura-${key}`;\n\n        // Only set if not already present in the request\n        if (!headers.has(headerKey)) {\n          headers.set(headerKey, value);\n        }\n      }\n    }\n\n    return next(url, { ...requestOptions, headers });\n  };\n"],"names":["options"],"mappings":";AAyBO,MAAM,8BACX,CAAC,YACD,CAAC,SACD,OAAO,KAAa,UAAuB,OAA0B;AACnE,QAAM,UAAU,IAAI,QAAQ,QAAQ,WAAW,CAAA,CAAE;AAGjD,MAAI,QAAQ,IAAI,eAAe,GAAG;AAChC,WAAO,KAAK,KAAK,OAAO;AAAA,EAC1B;AAGA,QAAM,UAAU,QAAQ,IAAA;AAExB,MAAI,SAAS,aAAa;AAExB,UAAM,aAAa;AAAA,MACjB,GAAG;AAAA,MACH,SAAS,uBAAuB,SAAS,OAAO;AAAA,IAAA;AAIlD,WAAO,KAAK,KAAK,UAAU;AAAA,EAC7B;AAGA,SAAO,KAAK,KAAK,OAAO;AAC1B;AASF,SAAS,uBAAuB,SAAkB,SAA2B;AAC3E,MAAI,QAAQ,aAAa;AACvB,YAAQ,IAAI,iBAAiB,UAAU,QAAQ,WAAW,EAAE;AAAA,EAC9D;AACA,SAAO;AACT;ACrCO,MAAM,2BAA2B,CACtC,MACA,SACA,YAGkB;AAClB,QAAM,EAAE,gBAAgB,GAAA,IAAO,WAAW,CAAA;AAG1C,SAAO,CAAC,SACN,OAAO,KAAaA,WAAuB,CAAA,MAA0B;AAEnE,QAAI,wBAAwB,KAAKA,QAAO,GAAG;AACzC,aAAO,KAAK,KAAKA,QAAO;AAAA,IAC1B;AAEA,QAAI;AACF,YAAM,eAAe,MAAM,SAAS,aAAa;AAAA,IACnD,QAAQ;AAAA,IAER;AACA,WAAO,KAAK,KAAKA,QAAO;AAAA,EAC1B;AACJ;AASA,SAAS,wBAAwB,KAAa,SAA+B;AAC3E,QAAM,UAAU,IAAI,QAAQ,QAAQ,WAAW,CAAA,CAAE;AAGjD,MAAI,QAAQ,IAAI,eAAe,GAAG;AAChC,WAAO;AAAA,EACT;AAGA,MAAI,IAAI,SAAS,WAAW,GAAG;AAC7B,WAAO;AAAA,EACT;AAEA,SAAO;AACT;ACjDO,MAAM,sCAAsC,CACjD,YACkB;AAOlB,QAAM,mBAAmB,CACvB,SACmB;AACnB,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO;AAAA,IACT;AAEA,QAAI,aAAa,MAAM;AAErB,aAAO,KAAK,WAAW;AAAA,IACzB;AAEA,QAAI,iBAAiB,QAAQ,kBAAkB,QAAQ,UAAU,MAAM;AAErE,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,EACT;AAEA,SAAO,CAAC,SACN,OAAO,KAAa,YAA0B;AAE5C,UAAM,WAAW,MAAM,KAAK,KAAK,OAAO;AAExC,QAAI;AAEF,UAAI,IAAI,SAAS,UAAU,GAAG;AAE5B,gBAAQ,OAAA;AACR,eAAO;AAAA,MACT;AAGA,UACE,IAAI,SAAS,QAAQ,KACrB,IAAI,SAAS,iBAAiB,KAC9B,IAAI,SAAS,UAAU,KACvB,IAAI,SAAS,UAAU,GACvB;AAEA,cAAM,iBAAiB,SAAS,MAAA;AAGhC,cAAM,OAAQ,MAAM,eAAe,OAAO,MAAM,MAAM,IAAI;AAI1D,YAAI,MAAM;AAER,gBAAM,UAAU,iBAAiB,IAAI;AAGrC,cAAI,SAAS,eAAe,QAAQ,cAAc;AAChD,oBAAQ,IAAI,OAAO;AAAA,UACrB;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,KAAK,yCAAyC,KAAK;AAAA,IAC7D;AAGA,WAAO;AAAA,EACT;AACJ;ACXO,MAAM,6BACX,CAAC,YACD,CAAC,SACD,OAAO,KAAa,iBAA8B,OAA0B;AAC1E,QAAM,UAAU,IAAI,QAAQ,eAAe,WAAW,CAAA,CAAE;AAGxD,MAAI,CAAC,QAAQ,IAAI,uBAAuB,GAAG;AACzC,YAAQ,IAAI,yBAAyB,QAAQ,WAAW;AAAA,EAC1D;AAGA,MAAI,QAAQ,QAAQ,CAAC,QAAQ,IAAI,eAAe,GAAG;AACjD,YAAQ,IAAI,iBAAiB,QAAQ,IAAI;AAAA,EAC3C;AAGA,MAAI,QAAQ,kBAAkB;AAC5B,eAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,QAAQ,gBAAgB,GAAG;AAEnE,YAAM,YAAY,IAAI,WAAW,WAAW,IAAI,MAAM,YAAY,GAAG;AAGrE,UAAI,CAAC,QAAQ,IAAI,SAAS,GAAG;AAC3B,gBAAQ,IAAI,WAAW,KAAK;AAAA,MAC9B;AAAA,IACF;AAAA,EACF;AAEA,SAAO,KAAK,KAAK,EAAE,GAAG,gBAAgB,SAAS;AACjD;"}

package/dist/middlewareWithAdminSession-j70iKbBX.cjs

@@ -1,2 +0,0 @@
-"use strict";const e=require("./refreshSession-Bw715ZmX.cjs");function s(e,s){return s.accessToken&&e.set("Authorization",`Bearer ${s.accessToken}`),e}exports.attachAccessTokenMiddleware=e=>n=>async(r,t={})=>{const a=new Headers(t.headers||{});if(a.has("Authorization"))return n(r,t);const i=e.get();if(i?.accessToken){const e={...t,headers:s(a,i)};return n(r,e)}return n(r,t)},exports.sessionRefreshMiddleware=(s,n,r)=>{const{marginSeconds:t=60}=r||{};return r=>async(a,i={})=>{if(function(e,s){const n=new Headers(s.headers||{});if(n.has("Authorization"))return!0;if(e.endsWith("/v1/token"))return!0;return!1}(a,i))return r(a,i);try{await e.refreshSession(s,n,t)}catch{}return r(a,i)}},exports.updateSessionFromResponseMiddleware=e=>s=>async(n,r)=>{const t=await s(n,r);try{if(n.endsWith("/signout"))return e.remove(),t;if(n.endsWith("/token")||n.includes("/token/exchange")||n.includes("/signin/")||n.includes("/signup/")){const s=t.clone(),n=await s.json().catch((()=>null));if(n){const s=(e=>"string"==typeof e?null:"session"in e?e.session||null:"accessToken"in e&&"refreshToken"in e&&"user"in e?e:null)(n);s?.accessToken&&s.refreshToken&&e.set(s)}}}catch(a){console.warn("Error in session response middleware:",a)}return t},exports.withAdminSessionMiddleware=e=>s=>async(n,r={})=>{const t=new Headers(r.headers||{});if(t.has("x-hasura-admin-secret")||t.set("x-hasura-admin-secret",e.adminSecret),e.role&&!t.has("x-hasura-role")&&t.set("x-hasura-role",e.role),e.sessionVariables)for(const[s,a]of Object.entries(e.sessionVariables)){const e=s.startsWith("x-hasura-")?s:`x-hasura-${s}`;t.has(e)||t.set(e,a)}return s(n,{...r,headers:t})};
-//# sourceMappingURL=middlewareWithAdminSession-j70iKbBX.cjs.map

package/dist/middlewareWithAdminSession-j70iKbBX.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"middlewareWithAdminSession-j70iKbBX.cjs","sources":["../src/fetch/middlewareAttachAccessToken.ts","../src/fetch/middlewareSessionRefresh.ts","../src/fetch/middlewareUpdateSessionFromResponse.ts","../src/fetch/middlewareWithAdminSession.ts"],"sourcesContent":["/**\n * Authorization token attachment middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically attach\n * authorization tokens to outgoing API requests, ensuring the client\n * is properly authenticated.\n */\n\nimport type { Session } from '../auth';\nimport type { SessionStorage } from '../session/storage';\nimport type { ChainFunction, FetchFunction } from './fetch';\n\n/**\n * Creates a fetch middleware that adds the Authorization header with the current access token.\n *\n * This middleware:\n * 1. Gets the current session from storage\n * 2. Adds the authorization header with the access token to outgoing requests\n *\n * This middleware should be used after the refresh middleware in the chain to\n * ensure the most recent token is used.\n *\n * @param storage - Storage implementation for retrieving session data\n * @returns A middleware function that adds Authorization headers\n */\nexport const attachAccessTokenMiddleware =\n  (storage: SessionStorage): ChainFunction =>\n  (next: FetchFunction): FetchFunction =>\n  async (url: string, options: RequestInit = {}): Promise<Response> => {\n    const headers = new Headers(options.headers || {});\n\n    // Skip if Authorization header is already set\n    if (headers.has('Authorization')) {\n      return next(url, options);\n    }\n\n    // Get current session from storage\n    const session = storage.get();\n\n    if (session?.accessToken) {\n      // Add authorization header\n      const newOptions = {\n        ...options,\n        headers: addAuthorizationHeader(headers, session),\n      };\n\n      // Continue with the fetch chain\n      return next(url, newOptions);\n    }\n\n    // No session or no access token, continue without authorization\n    return next(url, options);\n  };\n\n/**\n * Adds the Authorization header with the access token to the request headers\n *\n * @param headers - Original request headers\n * @param session - Current session containing the access token\n * @returns Modified headers with Authorization header\n */\nfunction addAuthorizationHeader(headers: Headers, session: Session): Headers {\n  if (session.accessToken) {\n    headers.set('Authorization', `Bearer ${session.accessToken}`);\n  }\n  return headers;\n}\n","/**\n * Auth token refresh middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically refresh\n * authentication tokens before they expire, ensuring seamless API access\n * without requiring manual token refresh by the application.\n */\n\nimport type { Client } from '../auth';\nimport { refreshSession } from '../session/refreshSession';\nimport type { SessionStorage } from '../session/storage';\nimport type { ChainFunction, FetchFunction } from './fetch';\n\n/**\n * Creates a fetch middleware that automatically refreshes authentication tokens.\n *\n * This middleware:\n * 1. Checks if the current token is about to expire\n * 2. If so, uses the refresh token to obtain a new access token\n *\n * The middleware handles token refresh transparently, so the application\n * doesn't need to manually refresh tokens.\n *\n * @param auth - Auth API client for token refresh operations\n * @param storage - Storage implementation for persisting session data\n * @param options - Configuration options for token refresh behavior\n * @param options.marginSeconds - Number of seconds before token expiration to trigger a refresh, default is 60 seconds\n * @returns A middleware function that can be used in the fetch chain\n */\nexport const sessionRefreshMiddleware = (\n  auth: Client,\n  storage: SessionStorage,\n  options?: {\n    marginSeconds?: number;\n  },\n): ChainFunction => {\n  const { marginSeconds = 60 } = options || {};\n\n  // Create and return the chain function\n  return (next: FetchFunction): FetchFunction =>\n    async (url: string, options: RequestInit = {}): Promise<Response> => {\n      // Skip token handling for certain requests\n      if (shouldSkipTokenHandling(url, options)) {\n        return next(url, options);\n      }\n\n      try {\n        await refreshSession(auth, storage, marginSeconds);\n      } catch {\n        // do nothing, we still want to call the next function\n      }\n      return next(url, options);\n    };\n};\n\n/**\n * Determines if token handling should be skipped for this request\n *\n * @param url - Request URL\n * @param options - Request options\n * @returns True if token handling should be skipped, false otherwise\n */\nfunction shouldSkipTokenHandling(url: string, options: RequestInit): boolean {\n  const headers = new Headers(options.headers || {});\n\n  // If Authorization header is explicitly set, skip token handling\n  if (headers.has('Authorization')) {\n    return true;\n  }\n\n  // If calling the token endpoint, skip to avoid infinite loops\n  if (url.endsWith('/v1/token')) {\n    return true;\n  }\n\n  return false;\n}\n","/**\n * Session response middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically extract\n * and persist session information from authentication responses, ensuring\n * that new sessions are properly stored after sign-in operations.\n */\n\nimport type { Session, SessionPayload } from '../auth';\nimport type { SessionStorage } from '../session/storage';\nimport type { ChainFunction } from './fetch';\n\n/**\n * Creates a fetch middleware that automatically extracts and stores session data from API responses.\n *\n * This middleware:\n * 1. Monitors responses from authentication-related endpoints\n * 2. Extracts session information when present\n * 3. Stores the session in the provided storage implementation\n * 4. Handles session removal on sign-out\n *\n * This ensures that session data is always up-to-date in storage after operations\n * that create or invalidate sessions.\n *\n * @param storage - Storage implementation for persisting session data\n * @returns A middleware function that can be used in the fetch chain\n */\nexport const updateSessionFromResponseMiddleware = (\n  storage: SessionStorage,\n): ChainFunction => {\n  /**\n   * Helper function to extract session data from various response formats\n   *\n   * @param body - Response data to extract session from\n   * @returns Session object if found, null otherwise\n   */\n  const sessionExtractor = (\n    body: Session | SessionPayload | string,\n  ): Session | null => {\n    if (typeof body === 'string') {\n      return null;\n    }\n\n    if ('session' in body) {\n      // SessionPayload\n      return body.session || null;\n    }\n\n    if ('accessToken' in body && 'refreshToken' in body && 'user' in body) {\n      // Session\n      return body;\n    }\n\n    return null;\n  };\n\n  return (next: (url: string, options?: RequestInit) => Promise<Response>) =>\n    async (url: string, options?: RequestInit) => {\n      // Call the next middleware in the chain\n      const response = await next(url, options);\n\n      try {\n        // Check if this is a logout request\n        if (url.endsWith('/signout')) {\n          // Remove session on sign-out\n          storage.remove();\n          return response;\n        }\n\n        // Check if this is an auth-related endpoint that might return session data\n        if (\n          url.endsWith('/token') ||\n          url.includes('/token/exchange') ||\n          url.includes('/signin/') ||\n          url.includes('/signup/')\n        ) {\n          // Clone the response to avoid consuming it\n          const clonedResponse = response.clone();\n\n          // Parse the JSON data\n          const body = (await clonedResponse.json().catch(() => null)) as\n            | Session\n            | SessionPayload;\n\n          if (body) {\n            // Extract session data from response using provided extractor\n            const session = sessionExtractor(body);\n\n            // If session data is found, store it\n            if (session?.accessToken && session.refreshToken) {\n              storage.set(session);\n            }\n          }\n        }\n      } catch (error) {\n        console.warn('Error in session response middleware:', error);\n      }\n\n      // Return the original response\n      return response;\n    };\n};\n","/**\n * Admin session middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically attach\n * Hasura admin secret for admin permissions in requests.\n */\n\nimport type { ChainFunction, FetchFunction } from './fetch';\n\n/**\n * Configuration options for admin session middleware\n */\nexport interface AdminSessionOptions {\n  /**\n   * Hasura admin secret for elevated permissions (sets x-hasura-admin-secret header)\n   */\n  adminSecret: string;\n\n  /**\n   * Hasura role to use for the request (sets x-hasura-role header)\n   */\n  role?: string;\n\n  /**\n   * Additional Hasura session variables to attach to requests.\n   * Keys will be automatically prefixed with 'x-hasura-' if not already present.\n   *\n   * @example\n   * ```ts\n   * {\n   *   'user-id': '123',\n   *   'org-id': '456'\n   * }\n   * // Results in headers:\n   * // x-hasura-user-id: 123\n   * // x-hasura-org-id: 456\n   * ```\n   */\n  sessionVariables?: Record<string, string>;\n}\n\n/**\n * Creates a fetch middleware that attaches the Hasura admin secret and optional session variables to requests.\n *\n * This middleware:\n * 1. Sets the x-hasura-admin-secret header, which grants full admin access to Hasura\n * 2. Optionally sets the x-hasura-role header if a role is provided\n * 3. Optionally sets additional x-hasura-* headers for custom session variables\n *\n * **Security Warning**: Never use this middleware in client-side code or expose\n * the admin secret to end users. Admin secrets grant unrestricted access to your\n * entire database. This should only be used in trusted server-side environments.\n *\n * The middleware preserves request-specific headers when they conflict with the\n * admin session configuration.\n *\n * @param options - Admin session options including admin secret, role, and session variables\n * @returns A middleware function that can be used in the fetch chain\n *\n * @example\n * ```ts\n * // Create middleware with admin secret only\n * const adminMiddleware = withAdminSessionMiddleware({\n *   adminSecret: process.env.NHOST_ADMIN_SECRET\n * });\n *\n * // Create middleware with admin secret and role\n * const adminUserMiddleware = withAdminSessionMiddleware({\n *   adminSecret: process.env.NHOST_ADMIN_SECRET,\n *   role: 'user'\n * });\n *\n * // Create middleware with admin secret, role, and custom session variables\n * const fullMiddleware = withAdminSessionMiddleware({\n *   adminSecret: process.env.NHOST_ADMIN_SECRET,\n *   role: 'user',\n *   sessionVariables: {\n *     'user-id': '123',\n *     'org-id': '456'\n *   }\n * });\n *\n * // Use with createCustomClient for an admin client\n * const adminClient = createCustomClient({\n *   subdomain: 'myproject',\n *   region: 'eu-central-1',\n *   chainFunctions: [adminMiddleware]\n * });\n * ```\n */\nexport const withAdminSessionMiddleware =\n  (options: AdminSessionOptions): ChainFunction =>\n  (next: FetchFunction): FetchFunction =>\n  async (url: string, requestOptions: RequestInit = {}): Promise<Response> => {\n    const headers = new Headers(requestOptions.headers || {});\n\n    // Set x-hasura-admin-secret if not already present\n    if (!headers.has('x-hasura-admin-secret')) {\n      headers.set('x-hasura-admin-secret', options.adminSecret);\n    }\n\n    // Set x-hasura-role if provided and not already present\n    if (options.role && !headers.has('x-hasura-role')) {\n      headers.set('x-hasura-role', options.role);\n    }\n\n    // Set custom session variables\n    if (options.sessionVariables) {\n      for (const [key, value] of Object.entries(options.sessionVariables)) {\n        // Ensure the key has the x-hasura- prefix\n        const headerKey = key.startsWith('x-hasura-') ? key : `x-hasura-${key}`;\n\n        // Only set if not already present in the request\n        if (!headers.has(headerKey)) {\n          headers.set(headerKey, value);\n        }\n      }\n    }\n\n    return next(url, { ...requestOptions, headers });\n  };\n"],"names":["addAuthorizationHeader","headers","session","accessToken","set","storage","next","async","url","options","Headers","has","get","newOptions","auth","marginSeconds","endsWith","shouldSkipTokenHandling","refreshSession","response","remove","includes","clonedResponse","clone","body","json","catch","sessionExtractor","refreshToken","error","console","warn","requestOptions","adminSecret","role","sessionVariables","key","value","Object","entries","headerKey","startsWith"],"mappings":"8DA6DA,SAASA,EAAuBC,EAAkBC,GAIhD,OAHIA,EAAQC,aACVF,EAAQG,IAAI,gBAAiB,UAAUF,EAAQC,eAE1CF,CACT,qCAxCGI,GACAC,GACDC,MAAOC,EAAaC,EAAuB,MACzC,MAAMR,EAAU,IAAIS,QAAQD,EAAQR,SAAW,CAAA,GAG/C,GAAIA,EAAQU,IAAI,iBACd,OAAOL,EAAKE,EAAKC,GAInB,MAAMP,EAAUG,EAAQO,MAExB,GAAIV,GAASC,YAAa,CAExB,MAAMU,EAAa,IACdJ,EACHR,QAASD,EAAuBC,EAASC,IAI3C,OAAOI,EAAKE,EAAKK,EACnB,CAGA,OAAOP,EAAKE,EAAKC,EAAO,mCCtBY,CACtCK,EACAT,EACAI,KAIA,MAAMM,cAAEA,EAAgB,IAAON,GAAW,CAAA,EAG1C,OAAQH,GACNC,MAAOC,EAAaC,EAAuB,CAAA,KAEzC,GAoBN,SAAiCD,EAAaC,GAC5C,MAAMR,EAAU,IAAIS,QAAQD,EAAQR,SAAW,CAAA,GAG/C,GAAIA,EAAQU,IAAI,iBACd,OAAO,EAIT,GAAIH,EAAIQ,SAAS,aACf,OAAO,EAGT,OAAO,CACT,CAlCUC,CAAwBT,EAAKC,GAC/B,OAAOH,EAAKE,EAAKC,GAGnB,UACQS,iBAAeJ,EAAMT,EAASU,EACtC,CAAA,MAEA,CACA,OAAOT,EAAKE,EAAKC,EAAO,CAC1B,8CCxBFJ,GA4BQC,GACNC,MAAOC,EAAaC,KAElB,MAAMU,QAAiBb,EAAKE,EAAKC,GAEjC,IAEE,GAAID,EAAIQ,SAAS,YAGf,OADAX,EAAQe,SACDD,EAIT,GACEX,EAAIQ,SAAS,WACbR,EAAIa,SAAS,oBACbb,EAAIa,SAAS,aACbb,EAAIa,SAAS,YACb,CAEA,MAAMC,EAAiBH,EAASI,QAG1BC,QAAcF,EAAeG,OAAOC,OAAM,IAAM,OAItD,GAAIF,EAAM,CAER,MAAMtB,EAlDS,CACvBsB,GAEoB,iBAATA,EACF,KAGL,YAAaA,EAERA,EAAKtB,SAAW,KAGrB,gBAAiBsB,GAAQ,iBAAkBA,GAAQ,SAAUA,EAExDA,EAGF,KAiCiBG,CAAiBH,GAG7BtB,GAASC,aAAeD,EAAQ0B,cAClCvB,EAAQD,IAAIF,EAEhB,CACF,CACF,OAAS2B,GACPC,QAAQC,KAAK,wCAAyCF,EACxD,CAGA,OAAOV,CAAA,qCCRVV,GACAH,GACDC,MAAOC,EAAawB,EAA8B,MAChD,MAAM/B,EAAU,IAAIS,QAAQsB,EAAe/B,SAAW,CAAA,GAatD,GAVKA,EAAQU,IAAI,0BACfV,EAAQG,IAAI,wBAAyBK,EAAQwB,aAI3CxB,EAAQyB,OAASjC,EAAQU,IAAI,kBAC/BV,EAAQG,IAAI,gBAAiBK,EAAQyB,MAInCzB,EAAQ0B,iBACV,IAAA,MAAYC,EAAKC,KAAUC,OAAOC,QAAQ9B,EAAQ0B,kBAAmB,CAEnE,MAAMK,EAAYJ,EAAIK,WAAW,aAAeL,EAAM,YAAYA,IAG7DnC,EAAQU,IAAI6B,IACfvC,EAAQG,IAAIoC,EAAWH,EAE3B,CAGF,OAAO/B,EAAKE,EAAK,IAAKwB,EAAgB/B,WAAS"}

package/dist/nhost-js/fetch.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"fetch.cjs","sources":["../../src/fetch/middlewareWithHeaders.ts","../../src/fetch/middlewareWithRole.ts"],"sourcesContent":["/**\n * Headers middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically attach\n * default headers to all outgoing requests, while allowing request-specific\n * headers to take precedence.\n */\n\nimport type { ChainFunction, FetchFunction } from './fetch';\n\n/**\n * Creates a fetch middleware that attaches default headers to requests.\n *\n * This middleware:\n * 1. Merges default headers with request-specific headers\n * 2. Preserves request-specific headers when they conflict with defaults\n *\n * The middleware ensures consistent headers across requests while allowing\n * individual requests to override defaults as needed.\n *\n * @param defaultHeaders - Default headers to attach to all requests\n * @returns A middleware function that can be used in the fetch chain\n */\nexport const withHeadersMiddleware =\n  (defaultHeaders: HeadersInit): ChainFunction =>\n  (next: FetchFunction): FetchFunction =>\n  async (url: string, options: RequestInit = {}): Promise<Response> => {\n    const headers = new Headers(options.headers || {});\n    const defaults = new Headers(defaultHeaders);\n\n    defaults.forEach((value, key) => {\n      if (!headers.has(key)) {\n        headers.set(key, value);\n      }\n    });\n\n    return next(url, { ...options, headers });\n  };\n","/**\n * Role middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically set\n * the Hasura role for all requests. This is useful when you want to\n * make requests as a specific role without using the admin secret.\n */\n\nimport type { ChainFunction, FetchFunction } from './fetch';\n\n/**\n * Creates a fetch middleware that sets the Hasura role header.\n *\n * This middleware sets the x-hasura-role header for all requests, allowing\n * you to specify which role's permissions should be used. This works with\n * authenticated sessions where the user has access to the specified role.\n *\n * Unlike `withAdminSessionMiddleware`, this does not bypass permission rules\n * but instead uses the permission rules defined for the specified role.\n *\n * The middleware preserves request-specific headers when they conflict with\n * the role configuration.\n *\n * @param role - The Hasura role to use for requests\n * @returns A middleware function that can be used in the fetch chain\n *\n * @example\n * ```ts\n * // Use with createClient to default all requests to a specific role\n * const nhost = createClient({\n *   subdomain: 'myproject',\n *   region: 'eu-central-1',\n *   chainFunctions: [withRoleMiddleware('moderator')]\n * });\n *\n * // Use with createServerClient for server-side requests\n * const serverNhost = createServerClient({\n *   subdomain: 'myproject',\n *   region: 'eu-central-1',\n *   storage: myServerStorage,\n *   chainFunctions: [withRoleMiddleware('moderator')]\n * });\n * ```\n */\nexport const withRoleMiddleware =\n  (role: string): ChainFunction =>\n  (next: FetchFunction): FetchFunction =>\n  async (url: string, requestOptions: RequestInit = {}): Promise<Response> => {\n    const headers = new Headers(requestOptions.headers || {});\n\n    // Set x-hasura-role if not already present\n    if (!headers.has('x-hasura-role')) {\n      headers.set('x-hasura-role', role);\n    }\n\n    return next(url, { ...requestOptions, headers });\n  };\n"],"names":["defaultHeaders","next","async","url","options","headers","Headers","forEach","value","key","has","set","role","requestOptions"],"mappings":"ijBAwBGA,GACAC,GACDC,MAAOC,EAAaC,EAAuB,MACzC,MAAMC,EAAU,IAAIC,QAAQF,EAAQC,SAAW,CAAA,GAS/C,OARiB,IAAIC,QAAQN,GAEpBO,SAAQ,CAACC,EAAOC,KAClBJ,EAAQK,IAAID,IACfJ,EAAQM,IAAIF,EAAKD,EACnB,IAGKP,EAAKE,EAAK,IAAKC,EAASC,WAAS,6BCSzCO,GACAX,GACDC,MAAOC,EAAaU,EAA8B,MAChD,MAAMR,EAAU,IAAIC,QAAQO,EAAeR,SAAW,CAAA,GAOtD,OAJKA,EAAQK,IAAI,kBACfL,EAAQM,IAAI,gBAAiBC,GAGxBX,EAAKE,EAAK,IAAKU,EAAgBR,WAAS"}

package/dist/nhost-js/fetch.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"fetch.js","sources":["../../src/fetch/middlewareWithHeaders.ts","../../src/fetch/middlewareWithRole.ts"],"sourcesContent":["/**\n * Headers middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically attach\n * default headers to all outgoing requests, while allowing request-specific\n * headers to take precedence.\n */\n\nimport type { ChainFunction, FetchFunction } from './fetch';\n\n/**\n * Creates a fetch middleware that attaches default headers to requests.\n *\n * This middleware:\n * 1. Merges default headers with request-specific headers\n * 2. Preserves request-specific headers when they conflict with defaults\n *\n * The middleware ensures consistent headers across requests while allowing\n * individual requests to override defaults as needed.\n *\n * @param defaultHeaders - Default headers to attach to all requests\n * @returns A middleware function that can be used in the fetch chain\n */\nexport const withHeadersMiddleware =\n  (defaultHeaders: HeadersInit): ChainFunction =>\n  (next: FetchFunction): FetchFunction =>\n  async (url: string, options: RequestInit = {}): Promise<Response> => {\n    const headers = new Headers(options.headers || {});\n    const defaults = new Headers(defaultHeaders);\n\n    defaults.forEach((value, key) => {\n      if (!headers.has(key)) {\n        headers.set(key, value);\n      }\n    });\n\n    return next(url, { ...options, headers });\n  };\n","/**\n * Role middleware for the Nhost SDK.\n *\n * This module provides middleware functionality to automatically set\n * the Hasura role for all requests. This is useful when you want to\n * make requests as a specific role without using the admin secret.\n */\n\nimport type { ChainFunction, FetchFunction } from './fetch';\n\n/**\n * Creates a fetch middleware that sets the Hasura role header.\n *\n * This middleware sets the x-hasura-role header for all requests, allowing\n * you to specify which role's permissions should be used. This works with\n * authenticated sessions where the user has access to the specified role.\n *\n * Unlike `withAdminSessionMiddleware`, this does not bypass permission rules\n * but instead uses the permission rules defined for the specified role.\n *\n * The middleware preserves request-specific headers when they conflict with\n * the role configuration.\n *\n * @param role - The Hasura role to use for requests\n * @returns A middleware function that can be used in the fetch chain\n *\n * @example\n * ```ts\n * // Use with createClient to default all requests to a specific role\n * const nhost = createClient({\n *   subdomain: 'myproject',\n *   region: 'eu-central-1',\n *   chainFunctions: [withRoleMiddleware('moderator')]\n * });\n *\n * // Use with createServerClient for server-side requests\n * const serverNhost = createServerClient({\n *   subdomain: 'myproject',\n *   region: 'eu-central-1',\n *   storage: myServerStorage,\n *   chainFunctions: [withRoleMiddleware('moderator')]\n * });\n * ```\n */\nexport const withRoleMiddleware =\n  (role: string): ChainFunction =>\n  (next: FetchFunction): FetchFunction =>\n  async (url: string, requestOptions: RequestInit = {}): Promise<Response> => {\n    const headers = new Headers(requestOptions.headers || {});\n\n    // Set x-hasura-role if not already present\n    if (!headers.has('x-hasura-role')) {\n      headers.set('x-hasura-role', role);\n    }\n\n    return next(url, { ...requestOptions, headers });\n  };\n"],"names":[],"mappings":";;AAuBO,MAAM,wBACX,CAAC,mBACD,CAAC,SACD,OAAO,KAAa,UAAuB,OAA0B;AACnE,QAAM,UAAU,IAAI,QAAQ,QAAQ,WAAW,CAAA,CAAE;AACjD,QAAM,WAAW,IAAI,QAAQ,cAAc;AAE3C,WAAS,QAAQ,CAAC,OAAO,QAAQ;AAC/B,QAAI,CAAC,QAAQ,IAAI,GAAG,GAAG;AACrB,cAAQ,IAAI,KAAK,KAAK;AAAA,IACxB;AAAA,EACF,CAAC;AAED,SAAO,KAAK,KAAK,EAAE,GAAG,SAAS,SAAS;AAC1C;ACOK,MAAM,qBACX,CAAC,SACD,CAAC,SACD,OAAO,KAAa,iBAA8B,OAA0B;AAC1E,QAAM,UAAU,IAAI,QAAQ,eAAe,WAAW,CAAA,CAAE;AAGxD,MAAI,CAAC,QAAQ,IAAI,eAAe,GAAG;AACjC,YAAQ,IAAI,iBAAiB,IAAI;AAAA,EACnC;AAEA,SAAO,KAAK,KAAK,EAAE,GAAG,gBAAgB,SAAS;AACjD;"}

package/dist/nhost-js/graphql.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"graphql.cjs","sources":["../../src/graphql/client.ts"],"sourcesContent":["/**\n * GraphQL client for the Nhost JavaScript SDK.\n *\n * This module provides functionality for executing GraphQL operations against\n * a Hasura GraphQL API.\n */\n\nimport type { TypedDocumentNode } from '@graphql-typed-document-node/core';\nimport {\n  type ChainFunction,\n  createEnhancedFetch,\n  FetchError,\n  type FetchResponse,\n} from '../fetch';\n\n/**\n * Variables object for GraphQL operations.\n * Key-value pairs of variable names and their values.\n */\nexport type GraphQLVariables = Record<string, unknown>;\n\n/**\n * GraphQL request object used for queries and mutations.\n */\nexport interface GraphQLRequest<TVariables = GraphQLVariables> {\n  /** The GraphQL query or mutation string */\n  query: string;\n  /** Optional variables for parameterized queries */\n  variables?: TVariables;\n  /** Optional name of the operation to execute */\n  operationName?: string;\n}\n\n/**\n * Represents a GraphQL error returned from the server.\n */\nexport interface GraphQLError {\n  /** Error message */\n  message: string;\n  /** Source locations in the GraphQL document where the error occurred */\n  locations?: { line: number; column: number }[];\n  /** Path in the query where the error occurred */\n  path?: string[];\n  /** Additional error information specific to the GraphQL implementation */\n  extensions?: { path: string; code: string };\n}\n\n/**\n * Standard GraphQL response format as defined by the GraphQL specification.\n */\nexport interface GraphQLResponse<TResponseData = unknown> {\n  /** The data returned from successful execution */\n  data?: TResponseData;\n  /** Array of errors if execution was unsuccessful or partially successful */\n  errors?: GraphQLError[];\n}\n\n/**\n * GraphQL client interface providing methods for executing queries and mutations\n */\nexport interface Client {\n  /**\n   * Execute a GraphQL query operation\n   *\n   * Queries are used to fetch data and should not modify any data on the server.\n   *\n   * @param request - GraphQL request object containing query and optional variables\n   * @param options - Additional fetch options to apply to the request\n   * @returns Promise with the GraphQL response and metadata\n   */\n  request<TResponseData = unknown, TVariables = GraphQLVariables>(\n    request: GraphQLRequest<TVariables>,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n\n  /**\n   * Execute a GraphQL query operation using a typed document node\n   *\n   * @param document - TypedDocumentNode containing the query and type information\n   * @param variables - Variables for the GraphQL operation\n   * @param options - Additional fetch options to apply to the request\n   * @returns Promise with the GraphQL response and metadata\n   */\n  request<TResponseData, TVariables = GraphQLVariables>(\n    document: TypedDocumentNode<TResponseData, TVariables>,\n    variables?: TVariables,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n\n  /**\n   * URL for the GraphQL endpoint.\n   */\n  url: string;\n\n  /** Add a middleware function to the fetch chain\n   * @param chainFunction - The middleware function to add\n   */\n  pushChainFunction(chainFunction: ChainFunction): void;\n}\n\n/**\n * Creates a GraphQL API client for interacting with a GraphQL endpoint.\n *\n * This client provides methods for executing queries and mutations against\n * a GraphQL API, with support for middleware functions to handle authentication,\n * error handling, and other cross-cutting concerns.\n *\n * @param url - Base URL for the GraphQL endpoint\n * @param chainFunctions - Array of middleware functions for the fetch chain\n * @returns GraphQL client with query and mutation methods\n */\nexport const createAPIClient = (\n  url: string,\n  chainFunctions: ChainFunction[] = [],\n): Client => {\n  let enhancedFetch = createEnhancedFetch(chainFunctions);\n\n  const pushChainFunction = (chainFunction: ChainFunction) => {\n    chainFunctions.push(chainFunction);\n    enhancedFetch = createEnhancedFetch(chainFunctions);\n  };\n\n  const executeOperation = async <\n    TResponseData = unknown,\n    TVariables = GraphQLVariables,\n  >(\n    request: GraphQLRequest<TVariables>,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>> => {\n    const response = await enhancedFetch(`${url}`, {\n      method: 'POST',\n      headers: {\n        'Content-Type': 'application/json',\n      },\n      body: JSON.stringify(request),\n      ...options,\n    });\n\n    const body = await response.text();\n    const data: GraphQLResponse<TResponseData> = (\n      body ? JSON.parse(body) : {}\n    ) as GraphQLResponse<TResponseData>;\n\n    const resp = {\n      body: data,\n      status: response.status,\n      headers: response.headers,\n    };\n\n    if (data.errors) {\n      throw new FetchError(data, response.status, response.headers);\n    }\n\n    return resp;\n  };\n\n  function request<TResponseData = unknown, TVariables = GraphQLVariables>(\n    request: GraphQLRequest<TVariables>,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n  function request<TResponseData, TVariables = GraphQLVariables>(\n    document: TypedDocumentNode<TResponseData, TVariables>,\n    variables?: TVariables,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n  function request<TResponseData, TVariables = GraphQLVariables>(\n    requestOrDocument:\n      | GraphQLRequest<TVariables>\n      | TypedDocumentNode<TResponseData, TVariables>,\n    variablesOrOptions?: TVariables | RequestInit,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>> {\n    if (typeof requestOrDocument === 'object' && 'kind' in requestOrDocument) {\n      const definition = requestOrDocument.definitions[0];\n\n      const request: GraphQLRequest<TVariables> = {\n        query: requestOrDocument.loc?.source.body || '',\n        variables: variablesOrOptions as TVariables,\n        operationName:\n          definition && 'name' in definition\n            ? definition.name?.value\n            : undefined,\n      };\n      return executeOperation(request, options);\n    } else {\n      // Handle GraphQLRequest\n      const request = requestOrDocument;\n      const requestOptions = variablesOrOptions as RequestInit;\n      return executeOperation(request, requestOptions);\n    }\n  }\n\n  return {\n    request,\n    url,\n    pushChainFunction,\n  } as Client;\n};\n"],"names":["url","chainFunctions","enhancedFetch","createEnhancedFetch","executeOperation","async","request","options","response","method","headers","body","JSON","stringify","text","data","parse","resp","status","errors","FetchError","requestOrDocument","variablesOrOptions","definition","definitions","query","loc","source","variables","operationName","name","value","pushChainFunction","chainFunction","push"],"mappings":"iJA+G+B,CAC7BA,EACAC,EAAkC,MAElC,IAAIC,EAAgBC,EAAAA,oBAAoBF,GAExC,MAKMG,EAAmBC,MAIvBC,EACAC,KAEA,MAAMC,QAAiBN,EAAc,GAAGF,IAAO,CAC7CS,OAAQ,OACRC,QAAS,CACP,eAAgB,oBAElBC,KAAMC,KAAKC,UAAUP,MAClBC,IAGCI,QAAaH,EAASM,OACtBC,EACJJ,EAAOC,KAAKI,MAAML,GAAQ,CAAA,EAGtBM,EAAO,CACXN,KAAMI,EACNG,OAAQV,EAASU,OACjBR,QAASF,EAASE,SAGpB,GAAIK,EAAKI,OACP,MAAM,IAAIC,EAAAA,WAAWL,EAAMP,EAASU,OAAQV,EAASE,SAGvD,OAAOO,CAAA,EAuCT,MAAO,CACLX,QA5BF,SACEe,EAGAC,EACAf,GAEA,GAAiC,iBAAtBc,GAAkC,SAAUA,EAAmB,CACxE,MAAME,EAAaF,EAAkBG,YAAY,GAE3ClB,EAAsC,CAC1CmB,MAAOJ,EAAkBK,KAAKC,OAAOhB,MAAQ,GAC7CiB,UAAWN,EACXO,cACEN,GAAc,SAAUA,EACpBA,EAAWO,MAAMC,WACjB,GAER,OAAO3B,EAAiBE,EAASC,EACnC,CAIE,OAAOH,EAFSiB,EACOC,EAG3B,EAIEtB,MACAgC,kBA9EyBC,IACzBhC,EAAeiC,KAAKD,GACpB/B,EAAgBC,EAAAA,oBAAoBF,EAAc,EA4ElD"}

package/dist/nhost-js/graphql.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"graphql.js","sources":["../../src/graphql/client.ts"],"sourcesContent":["/**\n * GraphQL client for the Nhost JavaScript SDK.\n *\n * This module provides functionality for executing GraphQL operations against\n * a Hasura GraphQL API.\n */\n\nimport type { TypedDocumentNode } from '@graphql-typed-document-node/core';\nimport {\n  type ChainFunction,\n  createEnhancedFetch,\n  FetchError,\n  type FetchResponse,\n} from '../fetch';\n\n/**\n * Variables object for GraphQL operations.\n * Key-value pairs of variable names and their values.\n */\nexport type GraphQLVariables = Record<string, unknown>;\n\n/**\n * GraphQL request object used for queries and mutations.\n */\nexport interface GraphQLRequest<TVariables = GraphQLVariables> {\n  /** The GraphQL query or mutation string */\n  query: string;\n  /** Optional variables for parameterized queries */\n  variables?: TVariables;\n  /** Optional name of the operation to execute */\n  operationName?: string;\n}\n\n/**\n * Represents a GraphQL error returned from the server.\n */\nexport interface GraphQLError {\n  /** Error message */\n  message: string;\n  /** Source locations in the GraphQL document where the error occurred */\n  locations?: { line: number; column: number }[];\n  /** Path in the query where the error occurred */\n  path?: string[];\n  /** Additional error information specific to the GraphQL implementation */\n  extensions?: { path: string; code: string };\n}\n\n/**\n * Standard GraphQL response format as defined by the GraphQL specification.\n */\nexport interface GraphQLResponse<TResponseData = unknown> {\n  /** The data returned from successful execution */\n  data?: TResponseData;\n  /** Array of errors if execution was unsuccessful or partially successful */\n  errors?: GraphQLError[];\n}\n\n/**\n * GraphQL client interface providing methods for executing queries and mutations\n */\nexport interface Client {\n  /**\n   * Execute a GraphQL query operation\n   *\n   * Queries are used to fetch data and should not modify any data on the server.\n   *\n   * @param request - GraphQL request object containing query and optional variables\n   * @param options - Additional fetch options to apply to the request\n   * @returns Promise with the GraphQL response and metadata\n   */\n  request<TResponseData = unknown, TVariables = GraphQLVariables>(\n    request: GraphQLRequest<TVariables>,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n\n  /**\n   * Execute a GraphQL query operation using a typed document node\n   *\n   * @param document - TypedDocumentNode containing the query and type information\n   * @param variables - Variables for the GraphQL operation\n   * @param options - Additional fetch options to apply to the request\n   * @returns Promise with the GraphQL response and metadata\n   */\n  request<TResponseData, TVariables = GraphQLVariables>(\n    document: TypedDocumentNode<TResponseData, TVariables>,\n    variables?: TVariables,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n\n  /**\n   * URL for the GraphQL endpoint.\n   */\n  url: string;\n\n  /** Add a middleware function to the fetch chain\n   * @param chainFunction - The middleware function to add\n   */\n  pushChainFunction(chainFunction: ChainFunction): void;\n}\n\n/**\n * Creates a GraphQL API client for interacting with a GraphQL endpoint.\n *\n * This client provides methods for executing queries and mutations against\n * a GraphQL API, with support for middleware functions to handle authentication,\n * error handling, and other cross-cutting concerns.\n *\n * @param url - Base URL for the GraphQL endpoint\n * @param chainFunctions - Array of middleware functions for the fetch chain\n * @returns GraphQL client with query and mutation methods\n */\nexport const createAPIClient = (\n  url: string,\n  chainFunctions: ChainFunction[] = [],\n): Client => {\n  let enhancedFetch = createEnhancedFetch(chainFunctions);\n\n  const pushChainFunction = (chainFunction: ChainFunction) => {\n    chainFunctions.push(chainFunction);\n    enhancedFetch = createEnhancedFetch(chainFunctions);\n  };\n\n  const executeOperation = async <\n    TResponseData = unknown,\n    TVariables = GraphQLVariables,\n  >(\n    request: GraphQLRequest<TVariables>,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>> => {\n    const response = await enhancedFetch(`${url}`, {\n      method: 'POST',\n      headers: {\n        'Content-Type': 'application/json',\n      },\n      body: JSON.stringify(request),\n      ...options,\n    });\n\n    const body = await response.text();\n    const data: GraphQLResponse<TResponseData> = (\n      body ? JSON.parse(body) : {}\n    ) as GraphQLResponse<TResponseData>;\n\n    const resp = {\n      body: data,\n      status: response.status,\n      headers: response.headers,\n    };\n\n    if (data.errors) {\n      throw new FetchError(data, response.status, response.headers);\n    }\n\n    return resp;\n  };\n\n  function request<TResponseData = unknown, TVariables = GraphQLVariables>(\n    request: GraphQLRequest<TVariables>,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n  function request<TResponseData, TVariables = GraphQLVariables>(\n    document: TypedDocumentNode<TResponseData, TVariables>,\n    variables?: TVariables,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n  function request<TResponseData, TVariables = GraphQLVariables>(\n    requestOrDocument:\n      | GraphQLRequest<TVariables>\n      | TypedDocumentNode<TResponseData, TVariables>,\n    variablesOrOptions?: TVariables | RequestInit,\n    options?: RequestInit,\n  ): Promise<FetchResponse<GraphQLResponse<TResponseData>>> {\n    if (typeof requestOrDocument === 'object' && 'kind' in requestOrDocument) {\n      const definition = requestOrDocument.definitions[0];\n\n      const request: GraphQLRequest<TVariables> = {\n        query: requestOrDocument.loc?.source.body || '',\n        variables: variablesOrOptions as TVariables,\n        operationName:\n          definition && 'name' in definition\n            ? definition.name?.value\n            : undefined,\n      };\n      return executeOperation(request, options);\n    } else {\n      // Handle GraphQLRequest\n      const request = requestOrDocument;\n      const requestOptions = variablesOrOptions as RequestInit;\n      return executeOperation(request, requestOptions);\n    }\n  }\n\n  return {\n    request,\n    url,\n    pushChainFunction,\n  } as Client;\n};\n"],"names":["request"],"mappings":";AA+GO,MAAM,kBAAkB,CAC7B,KACA,iBAAkC,OACvB;AACX,MAAI,gBAAgB,oBAAoB,cAAc;AAEtD,QAAM,oBAAoB,CAAC,kBAAiC;AAC1D,mBAAe,KAAK,aAAa;AACjC,oBAAgB,oBAAoB,cAAc;AAAA,EACpD;AAEA,QAAM,mBAAmB,OAIvBA,UACA,YAC2D;AAC3D,UAAM,WAAW,MAAM,cAAc,GAAG,GAAG,IAAI;AAAA,MAC7C,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAAA;AAAA,MAElB,MAAM,KAAK,UAAUA,QAAO;AAAA,MAC5B,GAAG;AAAA,IAAA,CACJ;AAED,UAAM,OAAO,MAAM,SAAS,KAAA;AAC5B,UAAM,OACJ,OAAO,KAAK,MAAM,IAAI,IAAI,CAAA;AAG5B,UAAM,OAAO;AAAA,MACX,MAAM;AAAA,MACN,QAAQ,SAAS;AAAA,MACjB,SAAS,SAAS;AAAA,IAAA;AAGpB,QAAI,KAAK,QAAQ;AACf,YAAM,IAAI,WAAW,MAAM,SAAS,QAAQ,SAAS,OAAO;AAAA,IAC9D;AAEA,WAAO;AAAA,EACT;AAWA,WAAS,QACP,mBAGA,oBACA,SACwD;AACxD,QAAI,OAAO,sBAAsB,YAAY,UAAU,mBAAmB;AACxE,YAAM,aAAa,kBAAkB,YAAY,CAAC;AAElD,YAAMA,WAAsC;AAAA,QAC1C,OAAO,kBAAkB,KAAK,OAAO,QAAQ;AAAA,QAC7C,WAAW;AAAA,QACX,eACE,cAAc,UAAU,aACpB,WAAW,MAAM,QACjB;AAAA,MAAA;AAER,aAAO,iBAAiBA,UAAS,OAAO;AAAA,IAC1C,OAAO;AAEL,YAAMA,WAAU;AAChB,YAAM,iBAAiB;AACvB,aAAO,iBAAiBA,UAAS,cAAc;AAAA,IACjD;AAAA,EACF;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;"}

package/dist/nhost-js/session.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"session.cjs","sources":["../../src/session/session.ts","../../src/session/storageBackend.ts","../../src/session/storage.ts"],"sourcesContent":["import type { Session as AuthSession } from '../auth';\n\n/**\n * Decoded JWT token payload with processed timestamps and Hasura claims\n */\nexport interface DecodedToken {\n  /** Token expiration time as Date object */\n  exp?: number;\n  /** Token issued at time as Date object */\n  iat?: number;\n  /** Token issuer */\n  iss?: string;\n  /** Token subject (user ID) */\n  sub?: string;\n  /** Hasura JWT claims with PostgreSQL arrays converted to JavaScript arrays */\n  'https://hasura.io/jwt/claims'?: Record<string, unknown>;\n  /** Any other JWT claims */\n  [key: string]: unknown;\n}\n\nexport interface Session extends AuthSession {\n  /** Decoded JWT token payload with processed timestamps and Hasura claims */\n  decodedToken: DecodedToken;\n}\n\n/**\n * Decodes a base64url-encoded string (RFC 4648 Section 5) to a UTF-8 string.\n *\n * JWTs use base64url encoding, which differs from standard base64 by using\n * `-` and `_` instead of `+` and `/`, and omitting padding. The browser's\n * native `atob()` does not support base64url, so we must handle the conversion.\n */\nconst decodeBase64Url = (input: string): string => {\n  // Convert base64url to standard base64\n  let base64 = input.replace(/-/g, '+').replace(/_/g, '/');\n  const pad = base64.length % 4;\n  if (pad) {\n    base64 += '='.repeat(4 - pad);\n  }\n\n  // Use TextDecoder for proper UTF-8 support (atob alone mangles multi-byte characters)\n  const binaryString = atob(base64);\n  const bytes = Uint8Array.from(binaryString, (c) => c.charCodeAt(0));\n  return new TextDecoder().decode(bytes);\n};\n\nexport const decodeUserSession = (accessToken: string): DecodedToken => {\n  const s = accessToken.split('.');\n  if (s.length !== 3 || !s[1]) {\n    throw new Error('Invalid access token format');\n  }\n\n  const decodedToken = JSON.parse(decodeBase64Url(s[1])) as Record<\n    string,\n    unknown\n  >;\n\n  // Convert iat and exp to Date objects\n  const iat =\n    typeof decodedToken['iat'] === 'number'\n      ? decodedToken['iat'] * 1000 // Convert seconds to milliseconds\n      : undefined;\n  const exp =\n    typeof decodedToken['exp'] === 'number'\n      ? decodedToken['exp'] * 1000 // Convert seconds to milliseconds\n      : undefined;\n\n  // Process Hasura claims - dynamically convert PostgreSQL array notation to arrays\n  const hasuraClaims = decodedToken['https://hasura.io/jwt/claims'] as\n    | Record<string, unknown>\n    | undefined;\n  const processedClaims = hasuraClaims\n    ? Object.entries(hasuraClaims).reduce(\n        (acc, [key, value]) => {\n          if (typeof value === 'string' && isPostgresArray(value)) {\n            acc[key] = parsePostgresArray(value);\n          } else {\n            acc[key] = value;\n          }\n          return acc;\n        },\n        {} as Record<string, unknown>,\n      )\n    : undefined;\n\n  return {\n    ...decodedToken,\n    iat,\n    exp,\n    'https://hasura.io/jwt/claims': processedClaims,\n  };\n};\n\nconst isPostgresArray = (value: string): boolean => {\n  return value.startsWith('{') && value.endsWith('}');\n};\n\nconst parsePostgresArray = (value: string): string[] => {\n  if (!value || value === '{}') return [];\n  // Remove curly braces and split by comma, handling quoted values\n  return value\n    .slice(1, -1)\n    .split(',')\n    .map((item) => item.trim().replace(/^\"(.*)\"$/, '$1'));\n};\n","/**\n * Storage implementations for session persistence in different environments.\n *\n * This module provides different storage adapters for persisting authentication sessions\n * across page reloads and browser sessions.\n */\n\nimport type { Session } from './session';\n\n/**\n * Session storage interface for session persistence.\n * This interface can be implemented to provide custom storage solutions.\n */\nexport interface SessionStorageBackend {\n  /**\n   * Get the current session from storage\n   * @returns The stored session or null if not found\n   */\n  get(): Session | null;\n\n  /**\n   * Set the session in storage\n   * @param value - The session to store\n   */\n  set(value: Session): void;\n\n  /**\n   * Remove the session from storage\n   */\n  remove(): void;\n}\n\n/**\n * Default storage key used for storing the Nhost session\n */\nexport const DEFAULT_SESSION_KEY = 'nhostSession';\n\n/**\n * Browser localStorage implementation of StorageInterface.\n * Persists the session across page reloads and browser restarts.\n */\nexport class LocalStorage implements SessionStorageBackend {\n  private readonly storageKey: string;\n\n  /**\n   * Creates a new LocalStorage instance\n   * @param options - Configuration options\n   * @param options.storageKey - The key to use in localStorage (defaults to \"nhostSession\")\n   */\n  constructor(options?: { storageKey?: string }) {\n    this.storageKey = options?.storageKey || DEFAULT_SESSION_KEY;\n  }\n\n  /**\n   * Gets the session from localStorage\n   * @returns The stored session or null if not found\n   */\n  get(): Session | null {\n    try {\n      const value = window.localStorage.getItem(this.storageKey);\n      return value ? (JSON.parse(value) as Session) : null;\n    } catch {\n      this.remove();\n      return null;\n    }\n  }\n\n  /**\n   * Sets the session in localStorage\n   * @param value - The session to store\n   */\n  set(value: Session): void {\n    window.localStorage.setItem(this.storageKey, JSON.stringify(value));\n  }\n\n  /**\n   * Removes the session from localStorage\n   */\n  remove(): void {\n    window.localStorage.removeItem(this.storageKey);\n  }\n}\n\n/**\n * In-memory storage implementation for non-browser environments or when\n * persistent storage is not available or desirable.\n */\nexport class MemoryStorage implements SessionStorageBackend {\n  private session: Session | null = null;\n\n  /**\n   * Gets the session from memory\n   * @returns The stored session or null if not set\n   */\n  get(): Session | null {\n    return this.session;\n  }\n\n  /**\n   * Sets the session in memory\n   * @param value - The session to store\n   */\n  set(value: Session): void {\n    this.session = value;\n  }\n\n  /**\n   * Clears the session from memory\n   */\n  remove(): void {\n    this.session = null;\n  }\n}\n\n/**\n * Cookie-based storage implementation.\n * This storage uses web browser cookies to store the session so it's not\n * available in server-side environments. It is useful though for synchronizing\n * sessions between client and server environments.\n */\nexport class CookieStorage implements SessionStorageBackend {\n  private readonly cookieName: string;\n  private readonly expirationDays: number;\n  private readonly secure: boolean;\n  private readonly sameSite: 'strict' | 'lax' | 'none';\n\n  /**\n   * Creates a new CookieStorage instance\n   * @param options - Configuration options\n   * @param options.cookieName - Name of the cookie to use (defaults to \"nhostSession\")\n   * @param options.expirationDays - Number of days until the cookie expires (defaults to 30)\n   * @param options.secure - Whether to set the Secure flag on the cookie (defaults to true)\n   * @param options.sameSite - SameSite policy for the cookie (defaults to \"lax\")\n   */\n  constructor(options?: {\n    cookieName?: string;\n    expirationDays?: number;\n    secure?: boolean;\n    sameSite?: 'strict' | 'lax' | 'none';\n  }) {\n    this.cookieName = options?.cookieName || DEFAULT_SESSION_KEY;\n    this.expirationDays = options?.expirationDays ?? 30;\n    this.secure = options?.secure ?? true;\n    this.sameSite = options?.sameSite || 'lax';\n  }\n\n  /**\n   * Gets the session from cookies\n   * @returns The stored session or null if not found\n   */\n  get(): Session | null {\n    const cookies = document.cookie.split(';');\n    for (const cookie of cookies) {\n      const [name, value] = cookie.trim().split('=');\n      if (name === this.cookieName) {\n        try {\n          return JSON.parse(decodeURIComponent(value || '')) as Session;\n        } catch {\n          this.remove();\n          return null;\n        }\n      }\n    }\n    return null;\n  }\n\n  /**\n   * Sets the session in a cookie\n   * @param value - The session to store\n   */\n  set(value: Session): void {\n    const expires = new Date();\n    expires.setTime(\n      expires.getTime() + this.expirationDays * 24 * 60 * 60 * 1000,\n    );\n\n    const cookieValue = encodeURIComponent(JSON.stringify(value));\n    const cookieString = `${this.cookieName}=${cookieValue}; expires=${expires.toUTCString()}; path=/; ${this.secure ? 'secure; ' : ''}SameSite=${this.sameSite}`;\n\n    // biome-ignore lint/suspicious/noDocumentCookie: this is unnecessary\n    document.cookie = cookieString;\n  }\n\n  /**\n   * Removes the session cookie\n   */\n  remove(): void {\n    // biome-ignore lint/suspicious/noDocumentCookie: this is unnecessary\n    document.cookie = `${this.cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/; ${this.secure ? 'secure; ' : ''}SameSite=${this.sameSite}`;\n  }\n}\n","/**\n * Storage implementations for session persistence in different environments.\n *\n * This module provides different storage adapters for persisting authentication sessions\n * across page reloads and browser sessions.\n */\n\nimport type { Session as AuthSession } from '../auth';\nimport { decodeUserSession, type Session } from './session';\nimport {\n  LocalStorage,\n  MemoryStorage,\n  type SessionStorageBackend,\n} from './storageBackend';\n\n/**\n * Callback function type for session change subscriptions\n */\nexport type SessionChangeCallback = (session: Session | null) => void;\n\n/**\n * A wrapper around any SessionStorageInterface implementation that adds\n * the ability to subscribe to session changes.\n */\nexport class SessionStorage {\n  private readonly storage: SessionStorageBackend;\n  private subscribers = new Set<SessionChangeCallback>();\n\n  /**\n   * Creates a new SessionStorage instance\n   * @param storage - The underlying storage implementation to use\n   */\n  constructor(storage: SessionStorageBackend) {\n    this.storage = storage;\n  }\n\n  /**\n   * Gets the session from the underlying storage\n   * @returns The stored session or null if not found\n   */\n  get(): Session | null {\n    return this.storage.get();\n  }\n\n  /**\n   * Sets the session in the underlying storage and notifies subscribers\n   * @param value - The session to store\n   */\n  set(value: AuthSession): void {\n    const decodedToken = decodeUserSession(value.accessToken);\n    const decodedSession = {\n      ...value,\n      decodedToken: decodedToken,\n    };\n\n    this.storage.set(decodedSession);\n    this.notifySubscribers(decodedSession);\n  }\n\n  /**\n   * Removes the session from the underlying storage and notifies subscribers\n   */\n  remove(): void {\n    this.storage.remove();\n    this.notifySubscribers(null);\n  }\n\n  /**\n   * Subscribe to session changes\n   * @param callback - Function that will be called when the session changes\n   * @returns An unsubscribe function to remove this subscription\n   */\n  onChange(callback: SessionChangeCallback) {\n    this.subscribers.add(callback);\n\n    return () => {\n      this.subscribers.delete(callback);\n    };\n  }\n\n  /**\n   * Notify all subscribers of a session change\n   * @param session - The new session value or null if removed\n   */\n  private notifySubscribers(session: Session | null): void {\n    for (const subscriber of this.subscribers) {\n      try {\n        subscriber(session);\n      } catch (error) {\n        console.error('Error notifying subscriber:', error);\n      }\n    }\n  }\n}\n\n/**\n * Detects the best available storage implementation for the current environment.\n *\n * The detection process follows this order:\n * 1. Try to use localStorage if we're in a browser environment\n * 2. Fall back to in-memory storage if localStorage isn't available\n *\n * @returns The best available storage implementation as a SessionStorageBackend\n */\nexport const detectStorage = (): SessionStorageBackend => {\n  if (typeof window !== 'undefined') {\n    return new LocalStorage();\n  }\n  return new MemoryStorage();\n};\n"],"names":["decodeUserSession","accessToken","s","split","length","Error","decodedToken","JSON","parse","input","base64","replace","pad","repeat","binaryString","atob","bytes","Uint8Array","from","c","charCodeAt","TextDecoder","decode","decodeBase64Url","iat","exp","hasuraClaims","processedClaims","Object","entries","reduce","acc","key","value","isPostgresArray","parsePostgresArray","startsWith","endsWith","slice","map","item","trim","DEFAULT_SESSION_KEY","LocalStorage","storageKey","constructor","options","this","get","window","localStorage","getItem","remove","set","setItem","stringify","removeItem","MemoryStorage","session","cookieName","expirationDays","secure","sameSite","cookies","document","cookie","name","decodeURIComponent","expires","Date","setTime","getTime","cookieValue","encodeURIComponent","cookieString","toUTCString","storage","subscribers","Set","decodedSession","notifySubscribers","onChange","callback","add","delete","subscriber","error","console"],"mappings":"kIA8CaA,EAAqBC,IAChC,MAAMC,EAAID,EAAYE,MAAM,KAC5B,GAAiB,IAAbD,EAAEE,SAAiBF,EAAE,GACvB,MAAM,IAAIG,MAAM,+BAGlB,MAAMC,EAAeC,KAAKC,MApBJ,CAACC,IAEvB,IAAIC,EAASD,EAAME,QAAQ,KAAM,KAAKA,QAAQ,KAAM,KACpD,MAAMC,EAAMF,EAAON,OAAS,EACxBQ,IACFF,GAAU,IAAIG,OAAO,EAAID,IAI3B,MAAME,EAAeC,KAAKL,GACpBM,EAAQC,WAAWC,KAAKJ,GAAeK,GAAMA,EAAEC,WAAW,KAChE,OAAO,IAAIC,aAAcC,OAAON,EAAK,EASLO,CAAgBrB,EAAE,KAM5CsB,EAC2B,iBAAxBlB,EAAkB,IACC,IAAtBA,EAAkB,SAClB,EACAmB,EAC2B,iBAAxBnB,EAAkB,IACC,IAAtBA,EAAkB,SAClB,EAGAoB,EAAepB,EAAa,gCAG5BqB,EAAkBD,EACpBE,OAAOC,QAAQH,GAAcI,QAC3B,CAACC,GAAMC,EAAKC,MACW,iBAAVA,GAAsBC,EAAgBD,GAC/CF,EAAIC,GAAOG,EAAmBF,GAE9BF,EAAIC,GAAOC,EAENF,IAET,CAAA,QAEF,EAEJ,MAAO,IACFzB,EACHkB,MACAC,MACA,+BAAgCE,EAAA,EAI9BO,EAAmBD,GAChBA,EAAMG,WAAW,MAAQH,EAAMI,SAAS,KAG3CF,EAAsBF,GACrBA,GAAmB,OAAVA,EAEPA,EACJK,MAAM,GAAG,GACTnC,MAAM,KACNoC,KAAKC,GAASA,EAAKC,OAAO9B,QAAQ,WAAY,QALZ,GC/D1B+B,EAAsB,eAM5B,MAAMC,EACMC,WAOjB,WAAAC,CAAYC,GACVC,KAAKH,WAAaE,GAASF,YAAcF,CAC3C,CAMA,GAAAM,GACE,IACE,MAAMf,EAAQgB,OAAOC,aAAaC,QAAQJ,KAAKH,YAC/C,OAAOX,EAAS1B,KAAKC,MAAMyB,GAAqB,IAClD,CAAA,MAEE,OADAc,KAAKK,SACE,IACT,CACF,CAMA,GAAAC,CAAIpB,GACFgB,OAAOC,aAAaI,QAAQP,KAAKH,WAAYrC,KAAKgD,UAAUtB,GAC9D,CAKA,MAAAmB,GACEH,OAAOC,aAAaM,WAAWT,KAAKH,WACtC,EAOK,MAAMa,EACHC,QAA0B,KAMlC,GAAAV,GACE,OAAOD,KAAKW,OACd,CAMA,GAAAL,CAAIpB,GACFc,KAAKW,QAAUzB,CACjB,CAKA,MAAAmB,GACEL,KAAKW,QAAU,IACjB,gEASK,MACYC,WACAC,eACAC,OACAC,SAUjB,WAAAjB,CAAYC,GAMVC,KAAKY,WAAab,GAASa,YAAcjB,EACzCK,KAAKa,eAAiBd,GAASc,gBAAkB,GACjDb,KAAKc,OAASf,GAASe,SAAU,EACjCd,KAAKe,SAAWhB,GAASgB,UAAY,KACvC,CAMA,GAAAd,GACE,MAAMe,EAAUC,SAASC,OAAO9D,MAAM,KACtC,IAAA,MAAW8D,KAAUF,EAAS,CAC5B,MAAOG,EAAMjC,GAASgC,EAAOxB,OAAOtC,MAAM,KAC1C,GAAI+D,IAASnB,KAAKY,WAChB,IACE,OAAOpD,KAAKC,MAAM2D,mBAAmBlC,GAAS,IAChD,CAAA,MAEE,OADAc,KAAKK,SACE,IACT,CAEJ,CACA,OAAO,IACT,CAMA,GAAAC,CAAIpB,GACF,MAAMmC,MAAcC,KACpBD,EAAQE,QACNF,EAAQG,UAAkC,GAAtBxB,KAAKa,eAAsB,GAAK,GAAK,KAG3D,MAAMY,EAAcC,mBAAmBlE,KAAKgD,UAAUtB,IAChDyC,EAAe,GAAG3B,KAAKY,cAAca,cAAwBJ,EAAQO,0BAA0B5B,KAAKc,OAAS,WAAa,cAAcd,KAAKe,WAGnJE,SAASC,OAASS,CACpB,CAKA,MAAAtB,GAEEY,SAASC,OAAS,GAAGlB,KAAKY,+DAA+DZ,KAAKc,OAAS,WAAa,cAAcd,KAAKe,UACzI,uGCrKK,MACYc,QACTC,gBAAkBC,IAM1B,WAAAjC,CAAY+B,GACV7B,KAAK6B,QAAUA,CACjB,CAMA,GAAA5B,GACE,OAAOD,KAAK6B,QAAQ5B,KACtB,CAMA,GAAAK,CAAIpB,GACF,MAAM3B,EAAeN,EAAkBiC,EAAMhC,aACvC8E,EAAiB,IAClB9C,EACH3B,gBAGFyC,KAAK6B,QAAQvB,IAAI0B,GACjBhC,KAAKiC,kBAAkBD,EACzB,CAKA,MAAA3B,GACEL,KAAK6B,QAAQxB,SACbL,KAAKiC,kBAAkB,KACzB,CAOA,QAAAC,CAASC,GAGP,OAFAnC,KAAK8B,YAAYM,IAAID,GAEd,KACLnC,KAAK8B,YAAYO,OAAOF,EAAQ,CAEpC,CAMQ,iBAAAF,CAAkBtB,GACxB,IAAA,MAAW2B,KAActC,KAAK8B,YAC5B,IACEQ,EAAW3B,EACb,OAAS4B,GACPC,QAAQD,MAAM,8BAA+BA,EAC/C,CAEJ,yBAY2B,IACL,oBAAXrC,OACF,IAAIN,EAEN,IAAIc"}

package/dist/nhost-js/session.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"session.js","sources":["../../src/session/session.ts","../../src/session/storageBackend.ts","../../src/session/storage.ts"],"sourcesContent":["import type { Session as AuthSession } from '../auth';\n\n/**\n * Decoded JWT token payload with processed timestamps and Hasura claims\n */\nexport interface DecodedToken {\n  /** Token expiration time as Date object */\n  exp?: number;\n  /** Token issued at time as Date object */\n  iat?: number;\n  /** Token issuer */\n  iss?: string;\n  /** Token subject (user ID) */\n  sub?: string;\n  /** Hasura JWT claims with PostgreSQL arrays converted to JavaScript arrays */\n  'https://hasura.io/jwt/claims'?: Record<string, unknown>;\n  /** Any other JWT claims */\n  [key: string]: unknown;\n}\n\nexport interface Session extends AuthSession {\n  /** Decoded JWT token payload with processed timestamps and Hasura claims */\n  decodedToken: DecodedToken;\n}\n\n/**\n * Decodes a base64url-encoded string (RFC 4648 Section 5) to a UTF-8 string.\n *\n * JWTs use base64url encoding, which differs from standard base64 by using\n * `-` and `_` instead of `+` and `/`, and omitting padding. The browser's\n * native `atob()` does not support base64url, so we must handle the conversion.\n */\nconst decodeBase64Url = (input: string): string => {\n  // Convert base64url to standard base64\n  let base64 = input.replace(/-/g, '+').replace(/_/g, '/');\n  const pad = base64.length % 4;\n  if (pad) {\n    base64 += '='.repeat(4 - pad);\n  }\n\n  // Use TextDecoder for proper UTF-8 support (atob alone mangles multi-byte characters)\n  const binaryString = atob(base64);\n  const bytes = Uint8Array.from(binaryString, (c) => c.charCodeAt(0));\n  return new TextDecoder().decode(bytes);\n};\n\nexport const decodeUserSession = (accessToken: string): DecodedToken => {\n  const s = accessToken.split('.');\n  if (s.length !== 3 || !s[1]) {\n    throw new Error('Invalid access token format');\n  }\n\n  const decodedToken = JSON.parse(decodeBase64Url(s[1])) as Record<\n    string,\n    unknown\n  >;\n\n  // Convert iat and exp to Date objects\n  const iat =\n    typeof decodedToken['iat'] === 'number'\n      ? decodedToken['iat'] * 1000 // Convert seconds to milliseconds\n      : undefined;\n  const exp =\n    typeof decodedToken['exp'] === 'number'\n      ? decodedToken['exp'] * 1000 // Convert seconds to milliseconds\n      : undefined;\n\n  // Process Hasura claims - dynamically convert PostgreSQL array notation to arrays\n  const hasuraClaims = decodedToken['https://hasura.io/jwt/claims'] as\n    | Record<string, unknown>\n    | undefined;\n  const processedClaims = hasuraClaims\n    ? Object.entries(hasuraClaims).reduce(\n        (acc, [key, value]) => {\n          if (typeof value === 'string' && isPostgresArray(value)) {\n            acc[key] = parsePostgresArray(value);\n          } else {\n            acc[key] = value;\n          }\n          return acc;\n        },\n        {} as Record<string, unknown>,\n      )\n    : undefined;\n\n  return {\n    ...decodedToken,\n    iat,\n    exp,\n    'https://hasura.io/jwt/claims': processedClaims,\n  };\n};\n\nconst isPostgresArray = (value: string): boolean => {\n  return value.startsWith('{') && value.endsWith('}');\n};\n\nconst parsePostgresArray = (value: string): string[] => {\n  if (!value || value === '{}') return [];\n  // Remove curly braces and split by comma, handling quoted values\n  return value\n    .slice(1, -1)\n    .split(',')\n    .map((item) => item.trim().replace(/^\"(.*)\"$/, '$1'));\n};\n","/**\n * Storage implementations for session persistence in different environments.\n *\n * This module provides different storage adapters for persisting authentication sessions\n * across page reloads and browser sessions.\n */\n\nimport type { Session } from './session';\n\n/**\n * Session storage interface for session persistence.\n * This interface can be implemented to provide custom storage solutions.\n */\nexport interface SessionStorageBackend {\n  /**\n   * Get the current session from storage\n   * @returns The stored session or null if not found\n   */\n  get(): Session | null;\n\n  /**\n   * Set the session in storage\n   * @param value - The session to store\n   */\n  set(value: Session): void;\n\n  /**\n   * Remove the session from storage\n   */\n  remove(): void;\n}\n\n/**\n * Default storage key used for storing the Nhost session\n */\nexport const DEFAULT_SESSION_KEY = 'nhostSession';\n\n/**\n * Browser localStorage implementation of StorageInterface.\n * Persists the session across page reloads and browser restarts.\n */\nexport class LocalStorage implements SessionStorageBackend {\n  private readonly storageKey: string;\n\n  /**\n   * Creates a new LocalStorage instance\n   * @param options - Configuration options\n   * @param options.storageKey - The key to use in localStorage (defaults to \"nhostSession\")\n   */\n  constructor(options?: { storageKey?: string }) {\n    this.storageKey = options?.storageKey || DEFAULT_SESSION_KEY;\n  }\n\n  /**\n   * Gets the session from localStorage\n   * @returns The stored session or null if not found\n   */\n  get(): Session | null {\n    try {\n      const value = window.localStorage.getItem(this.storageKey);\n      return value ? (JSON.parse(value) as Session) : null;\n    } catch {\n      this.remove();\n      return null;\n    }\n  }\n\n  /**\n   * Sets the session in localStorage\n   * @param value - The session to store\n   */\n  set(value: Session): void {\n    window.localStorage.setItem(this.storageKey, JSON.stringify(value));\n  }\n\n  /**\n   * Removes the session from localStorage\n   */\n  remove(): void {\n    window.localStorage.removeItem(this.storageKey);\n  }\n}\n\n/**\n * In-memory storage implementation for non-browser environments or when\n * persistent storage is not available or desirable.\n */\nexport class MemoryStorage implements SessionStorageBackend {\n  private session: Session | null = null;\n\n  /**\n   * Gets the session from memory\n   * @returns The stored session or null if not set\n   */\n  get(): Session | null {\n    return this.session;\n  }\n\n  /**\n   * Sets the session in memory\n   * @param value - The session to store\n   */\n  set(value: Session): void {\n    this.session = value;\n  }\n\n  /**\n   * Clears the session from memory\n   */\n  remove(): void {\n    this.session = null;\n  }\n}\n\n/**\n * Cookie-based storage implementation.\n * This storage uses web browser cookies to store the session so it's not\n * available in server-side environments. It is useful though for synchronizing\n * sessions between client and server environments.\n */\nexport class CookieStorage implements SessionStorageBackend {\n  private readonly cookieName: string;\n  private readonly expirationDays: number;\n  private readonly secure: boolean;\n  private readonly sameSite: 'strict' | 'lax' | 'none';\n\n  /**\n   * Creates a new CookieStorage instance\n   * @param options - Configuration options\n   * @param options.cookieName - Name of the cookie to use (defaults to \"nhostSession\")\n   * @param options.expirationDays - Number of days until the cookie expires (defaults to 30)\n   * @param options.secure - Whether to set the Secure flag on the cookie (defaults to true)\n   * @param options.sameSite - SameSite policy for the cookie (defaults to \"lax\")\n   */\n  constructor(options?: {\n    cookieName?: string;\n    expirationDays?: number;\n    secure?: boolean;\n    sameSite?: 'strict' | 'lax' | 'none';\n  }) {\n    this.cookieName = options?.cookieName || DEFAULT_SESSION_KEY;\n    this.expirationDays = options?.expirationDays ?? 30;\n    this.secure = options?.secure ?? true;\n    this.sameSite = options?.sameSite || 'lax';\n  }\n\n  /**\n   * Gets the session from cookies\n   * @returns The stored session or null if not found\n   */\n  get(): Session | null {\n    const cookies = document.cookie.split(';');\n    for (const cookie of cookies) {\n      const [name, value] = cookie.trim().split('=');\n      if (name === this.cookieName) {\n        try {\n          return JSON.parse(decodeURIComponent(value || '')) as Session;\n        } catch {\n          this.remove();\n          return null;\n        }\n      }\n    }\n    return null;\n  }\n\n  /**\n   * Sets the session in a cookie\n   * @param value - The session to store\n   */\n  set(value: Session): void {\n    const expires = new Date();\n    expires.setTime(\n      expires.getTime() + this.expirationDays * 24 * 60 * 60 * 1000,\n    );\n\n    const cookieValue = encodeURIComponent(JSON.stringify(value));\n    const cookieString = `${this.cookieName}=${cookieValue}; expires=${expires.toUTCString()}; path=/; ${this.secure ? 'secure; ' : ''}SameSite=${this.sameSite}`;\n\n    // biome-ignore lint/suspicious/noDocumentCookie: this is unnecessary\n    document.cookie = cookieString;\n  }\n\n  /**\n   * Removes the session cookie\n   */\n  remove(): void {\n    // biome-ignore lint/suspicious/noDocumentCookie: this is unnecessary\n    document.cookie = `${this.cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/; ${this.secure ? 'secure; ' : ''}SameSite=${this.sameSite}`;\n  }\n}\n","/**\n * Storage implementations for session persistence in different environments.\n *\n * This module provides different storage adapters for persisting authentication sessions\n * across page reloads and browser sessions.\n */\n\nimport type { Session as AuthSession } from '../auth';\nimport { decodeUserSession, type Session } from './session';\nimport {\n  LocalStorage,\n  MemoryStorage,\n  type SessionStorageBackend,\n} from './storageBackend';\n\n/**\n * Callback function type for session change subscriptions\n */\nexport type SessionChangeCallback = (session: Session | null) => void;\n\n/**\n * A wrapper around any SessionStorageInterface implementation that adds\n * the ability to subscribe to session changes.\n */\nexport class SessionStorage {\n  private readonly storage: SessionStorageBackend;\n  private subscribers = new Set<SessionChangeCallback>();\n\n  /**\n   * Creates a new SessionStorage instance\n   * @param storage - The underlying storage implementation to use\n   */\n  constructor(storage: SessionStorageBackend) {\n    this.storage = storage;\n  }\n\n  /**\n   * Gets the session from the underlying storage\n   * @returns The stored session or null if not found\n   */\n  get(): Session | null {\n    return this.storage.get();\n  }\n\n  /**\n   * Sets the session in the underlying storage and notifies subscribers\n   * @param value - The session to store\n   */\n  set(value: AuthSession): void {\n    const decodedToken = decodeUserSession(value.accessToken);\n    const decodedSession = {\n      ...value,\n      decodedToken: decodedToken,\n    };\n\n    this.storage.set(decodedSession);\n    this.notifySubscribers(decodedSession);\n  }\n\n  /**\n   * Removes the session from the underlying storage and notifies subscribers\n   */\n  remove(): void {\n    this.storage.remove();\n    this.notifySubscribers(null);\n  }\n\n  /**\n   * Subscribe to session changes\n   * @param callback - Function that will be called when the session changes\n   * @returns An unsubscribe function to remove this subscription\n   */\n  onChange(callback: SessionChangeCallback) {\n    this.subscribers.add(callback);\n\n    return () => {\n      this.subscribers.delete(callback);\n    };\n  }\n\n  /**\n   * Notify all subscribers of a session change\n   * @param session - The new session value or null if removed\n   */\n  private notifySubscribers(session: Session | null): void {\n    for (const subscriber of this.subscribers) {\n      try {\n        subscriber(session);\n      } catch (error) {\n        console.error('Error notifying subscriber:', error);\n      }\n    }\n  }\n}\n\n/**\n * Detects the best available storage implementation for the current environment.\n *\n * The detection process follows this order:\n * 1. Try to use localStorage if we're in a browser environment\n * 2. Fall back to in-memory storage if localStorage isn't available\n *\n * @returns The best available storage implementation as a SessionStorageBackend\n */\nexport const detectStorage = (): SessionStorageBackend => {\n  if (typeof window !== 'undefined') {\n    return new LocalStorage();\n  }\n  return new MemoryStorage();\n};\n"],"names":[],"mappings":";AAgCA,MAAM,kBAAkB,CAAC,UAA0B;AAEjD,MAAI,SAAS,MAAM,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG;AACvD,QAAM,MAAM,OAAO,SAAS;AAC5B,MAAI,KAAK;AACP,cAAU,IAAI,OAAO,IAAI,GAAG;AAAA,EAC9B;AAGA,QAAM,eAAe,KAAK,MAAM;AAChC,QAAM,QAAQ,WAAW,KAAK,cAAc,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;AAClE,SAAO,IAAI,YAAA,EAAc,OAAO,KAAK;AACvC;AAEO,MAAM,oBAAoB,CAAC,gBAAsC;AACtE,QAAM,IAAI,YAAY,MAAM,GAAG;AAC/B,MAAI,EAAE,WAAW,KAAK,CAAC,EAAE,CAAC,GAAG;AAC3B,UAAM,IAAI,MAAM,6BAA6B;AAAA,EAC/C;AAEA,QAAM,eAAe,KAAK,MAAM,gBAAgB,EAAE,CAAC,CAAC,CAAC;AAMrD,QAAM,MACJ,OAAO,aAAa,KAAK,MAAM,WAC3B,aAAa,KAAK,IAAI,MACtB;AACN,QAAM,MACJ,OAAO,aAAa,KAAK,MAAM,WAC3B,aAAa,KAAK,IAAI,MACtB;AAGN,QAAM,eAAe,aAAa,8BAA8B;AAGhE,QAAM,kBAAkB,eACpB,OAAO,QAAQ,YAAY,EAAE;AAAA,IAC3B,CAAC,KAAK,CAAC,KAAK,KAAK,MAAM;AACrB,UAAI,OAAO,UAAU,YAAY,gBAAgB,KAAK,GAAG;AACvD,YAAI,GAAG,IAAI,mBAAmB,KAAK;AAAA,MACrC,OAAO;AACL,YAAI,GAAG,IAAI;AAAA,MACb;AACA,aAAO;AAAA,IACT;AAAA,IACA,CAAA;AAAA,EAAC,IAEH;AAEJ,SAAO;AAAA,IACL,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA,gCAAgC;AAAA,EAAA;AAEpC;AAEA,MAAM,kBAAkB,CAAC,UAA2B;AAClD,SAAO,MAAM,WAAW,GAAG,KAAK,MAAM,SAAS,GAAG;AACpD;AAEA,MAAM,qBAAqB,CAAC,UAA4B;AACtD,MAAI,CAAC,SAAS,UAAU,aAAa,CAAA;AAErC,SAAO,MACJ,MAAM,GAAG,EAAE,EACX,MAAM,GAAG,EACT,IAAI,CAAC,SAAS,KAAK,KAAA,EAAO,QAAQ,YAAY,IAAI,CAAC;AACxD;ACrEO,MAAM,sBAAsB;AAM5B,MAAM,aAA8C;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOjB,YAAY,SAAmC;AAC7C,SAAK,aAAa,SAAS,cAAc;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAsB;AACpB,QAAI;AACF,YAAM,QAAQ,OAAO,aAAa,QAAQ,KAAK,UAAU;AACzD,aAAO,QAAS,KAAK,MAAM,KAAK,IAAgB;AAAA,IAClD,QAAQ;AACN,WAAK,OAAA;AACL,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAI,OAAsB;AACxB,WAAO,aAAa,QAAQ,KAAK,YAAY,KAAK,UAAU,KAAK,CAAC;AAAA,EACpE;AAAA;AAAA;AAAA;AAAA,EAKA,SAAe;AACb,WAAO,aAAa,WAAW,KAAK,UAAU;AAAA,EAChD;AACF;AAMO,MAAM,cAA+C;AAAA,EAClD,UAA0B;AAAA;AAAA;AAAA;AAAA;AAAA,EAMlC,MAAsB;AACpB,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAI,OAAsB;AACxB,SAAK,UAAU;AAAA,EACjB;AAAA;AAAA;AAAA;AAAA,EAKA,SAAe;AACb,SAAK,UAAU;AAAA,EACjB;AACF;AAQO,MAAM,cAA+C;AAAA,EACzC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUjB,YAAY,SAKT;AACD,SAAK,aAAa,SAAS,cAAc;AACzC,SAAK,iBAAiB,SAAS,kBAAkB;AACjD,SAAK,SAAS,SAAS,UAAU;AACjC,SAAK,WAAW,SAAS,YAAY;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAsB;AACpB,UAAM,UAAU,SAAS,OAAO,MAAM,GAAG;AACzC,eAAW,UAAU,SAAS;AAC5B,YAAM,CAAC,MAAM,KAAK,IAAI,OAAO,KAAA,EAAO,MAAM,GAAG;AAC7C,UAAI,SAAS,KAAK,YAAY;AAC5B,YAAI;AACF,iBAAO,KAAK,MAAM,mBAAmB,SAAS,EAAE,CAAC;AAAA,QACnD,QAAQ;AACN,eAAK,OAAA;AACL,iBAAO;AAAA,QACT;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAI,OAAsB;AACxB,UAAM,8BAAc,KAAA;AACpB,YAAQ;AAAA,MACN,QAAQ,QAAA,IAAY,KAAK,iBAAiB,KAAK,KAAK,KAAK;AAAA,IAAA;AAG3D,UAAM,cAAc,mBAAmB,KAAK,UAAU,KAAK,CAAC;AAC5D,UAAM,eAAe,GAAG,KAAK,UAAU,IAAI,WAAW,aAAa,QAAQ,YAAA,CAAa,aAAa,KAAK,SAAS,aAAa,EAAE,YAAY,KAAK,QAAQ;AAG3J,aAAS,SAAS;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA,EAKA,SAAe;AAEb,aAAS,SAAS,GAAG,KAAK,UAAU,qDAAqD,KAAK,SAAS,aAAa,EAAE,YAAY,KAAK,QAAQ;AAAA,EACjJ;AACF;ACtKO,MAAM,eAAe;AAAA,EACT;AAAA,EACT,kCAAkB,IAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAM1B,YAAY,SAAgC;AAC1C,SAAK,UAAU;AAAA,EACjB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAsB;AACpB,WAAO,KAAK,QAAQ,IAAA;AAAA,EACtB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAI,OAA0B;AAC5B,UAAM,eAAe,kBAAkB,MAAM,WAAW;AACxD,UAAM,iBAAiB;AAAA,MACrB,GAAG;AAAA,MACH;AAAA,IAAA;AAGF,SAAK,QAAQ,IAAI,cAAc;AAC/B,SAAK,kBAAkB,cAAc;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,SAAe;AACb,SAAK,QAAQ,OAAA;AACb,SAAK,kBAAkB,IAAI;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,SAAS,UAAiC;AACxC,SAAK,YAAY,IAAI,QAAQ;AAE7B,WAAO,MAAM;AACX,WAAK,YAAY,OAAO,QAAQ;AAAA,IAClC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMQ,kBAAkB,SAA+B;AACvD,eAAW,cAAc,KAAK,aAAa;AACzC,UAAI;AACF,mBAAW,OAAO;AAAA,MACpB,SAAS,OAAO;AACd,gBAAQ,MAAM,+BAA+B,KAAK;AAAA,MACpD;AAAA,IACF;AAAA,EACF;AACF;AAWO,MAAM,gBAAgB,MAA6B;AACxD,MAAI,OAAO,WAAW,aAAa;AACjC,WAAO,IAAI,aAAA;AAAA,EACb;AACA,SAAO,IAAI,cAAA;AACb;"}

package/dist/refreshSession-Bw715ZmX.cjs

@@ -1,2 +0,0 @@
-"use strict";const e="undefined"!=typeof navigator&&navigator.locks?navigator.locks:new class{async request(e,s,r){return r()}},s=async(s,n,o=60)=>{const{session:t,needsRefresh:i}=await e.request("nhostSessionLock",{mode:"shared"},(async()=>r(n,o)));if(!t)return null;if(!i)return t;return await e.request("nhostSessionLock",{mode:"exclusive"},(async()=>{const{session:e,needsRefresh:t,sessionExpired:i}=r(n,o);if(!e)return null;if(!t)return e;try{const r=await s.refreshToken({refreshToken:e.refreshToken});return n.set(r.body),r.body}catch(d){if(!i)return e;throw d}}))},r=(e,s=60)=>{const r=e.get();if(!r)return{session:null,needsRefresh:!1,sessionExpired:!1};if(!r.decodedToken||!r.decodedToken.exp)return{session:r,needsRefresh:!0,sessionExpired:!0};if(0===s)return{session:r,needsRefresh:!0,sessionExpired:!1};const n=Date.now();return r.decodedToken.exp-n>1e3*s?{session:r,needsRefresh:!1,sessionExpired:!1}:{session:r,needsRefresh:!0,sessionExpired:r.decodedToken.exp<n}};exports.refreshSession=async(e,r,n=60)=>{try{return await s(e,r,n)}catch(o){try{return console.warn("error refreshing session, retrying:",o),await s(e,r,n)}catch(t){const e=t;return 401===e?.status&&(console.error("session probably expired"),r.remove()),null}}};
-//# sourceMappingURL=refreshSession-Bw715ZmX.cjs.map

package/dist/refreshSession-Bw715ZmX.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"refreshSession-Bw715ZmX.cjs","sources":["../src/session/refreshSession.ts"],"sourcesContent":["import type { Client as AuthClient, ErrorResponse } from '../auth';\nimport type { FetchResponse } from '../fetch';\nimport type { Session } from './session';\nimport type { SessionStorage } from './storage';\n\nclass DummyLock implements Lock {\n  async request(\n    _name: string,\n    _options: { mode: 'exclusive' | 'shared' },\n    // biome-ignore lint/suspicious/noExplicitAny: any\n    callback: () => Promise<any>,\n  ) {\n    return callback();\n  }\n}\n\ninterface Lock {\n  request: (\n    name: string,\n    options: { mode: 'exclusive' | 'shared' },\n    // biome-ignore lint/suspicious/noExplicitAny: blah\n    callback: () => Promise<any>,\n    // biome-ignore lint/suspicious/noExplicitAny: blah\n  ) => Promise<any>;\n}\n\nconst lock: Lock =\n  typeof navigator !== 'undefined' && navigator.locks\n    ? navigator.locks\n    : new DummyLock();\n\n/**\n * Refreshes the authentication session if needed\n *\n * This function checks if the current session needs to be refreshed based on\n * the access token expiration time. If a refresh is needed, it will attempt to\n * refresh the token using the provided auth client.\n *\n * @param auth - The authentication client to use for token refresh\n * @param storage - The session storage implementation\n * @param marginSeconds - The number of seconds before the token expiration to refresh the session. If the token is still valid for this duration, it will not be refreshed. Set to 0 to force the refresh.\n * @returns A promise that resolves to the current session (refreshed if needed) or null if no session exists\n */\nexport const refreshSession = async (\n  auth: AuthClient,\n  storage: SessionStorage,\n  marginSeconds = 60,\n): Promise<Session | null> => {\n  try {\n    return await _refreshSession(auth, storage, marginSeconds);\n  } catch (error) {\n    try {\n      // we retry the refresh token in case of transient error\n      // or race conditions\n      console.warn('error refreshing session, retrying:', error);\n      return await _refreshSession(auth, storage, marginSeconds);\n    } catch (error) {\n      const errResponse = error as FetchResponse<ErrorResponse>;\n      if (errResponse?.status === 401) {\n        // this probably means the refresh token is invalid\n        console.error('session probably expired');\n        storage.remove();\n      }\n      return null;\n    }\n  }\n};\n\n/**\n * Internal implementation of the refresh session logic\n *\n * @param auth - The authentication client to use for token refresh\n * @param storage - The session storage implementation\n * @param marginSeconds - How many seconds before expiration to trigger a refresh\n * @returns A promise that resolves to the current session (refreshed if needed) or null if no session exists\n * @private\n */\nconst _refreshSession = async (\n  auth: AuthClient,\n  storage: SessionStorage,\n  marginSeconds = 60,\n): Promise<Session | null> => {\n  const {\n    session,\n    needsRefresh,\n  }: { session: Session | null; needsRefresh: boolean } = await lock.request(\n    'nhostSessionLock',\n    { mode: 'shared' },\n    async () => {\n      return _needsRefresh(storage, marginSeconds);\n    },\n  );\n\n  if (!session) {\n    return null; // No session found\n  }\n\n  if (!needsRefresh) {\n    return session; // No need to refresh\n  }\n\n  const refreshedSession: Session | null = await lock.request(\n    'nhostSessionLock',\n    { mode: 'exclusive' },\n    async () => {\n      const { session, needsRefresh, sessionExpired } = _needsRefresh(\n        storage,\n        marginSeconds,\n      );\n\n      if (!session) {\n        return null; // No session found\n      }\n\n      if (!needsRefresh) {\n        return session; // No need to refresh\n      }\n\n      try {\n        const response = await auth.refreshToken({\n          refreshToken: session.refreshToken,\n        });\n        storage.set(response.body);\n\n        return response.body;\n      } catch (error) {\n        if (!sessionExpired) {\n          return session;\n        }\n\n        throw error;\n      }\n    },\n  );\n\n  return refreshedSession;\n};\n\n/**\n * Checks if the current session needs to be refreshed based on token expiration\n *\n * @param storage - The session storage implementation\n * @param marginSeconds - How many seconds before expiration to trigger a refresh\n * @returns An object containing the session, whether it needs refreshing, and whether it has expired\n * @private\n */\nconst _needsRefresh = (storage: SessionStorage, marginSeconds = 60) => {\n  const session = storage.get();\n  if (!session) {\n    return { session: null, needsRefresh: false, sessionExpired: false };\n  }\n\n  if (!session.decodedToken || !session.decodedToken.exp) {\n    // if the session does not have a valid decoded token, treat it as expired\n    // as we can't determine its validity\n    return { session, needsRefresh: true, sessionExpired: true };\n  }\n\n  // Force refresh if marginSeconds is 0\n  if (marginSeconds === 0) {\n    return { session, needsRefresh: true, sessionExpired: false };\n  }\n\n  const currentTime = Date.now();\n  if (session.decodedToken.exp - currentTime > marginSeconds * 1000) {\n    return { session, needsRefresh: false, sessionExpired: false };\n  }\n\n  return {\n    session,\n    needsRefresh: true,\n    sessionExpired: session.decodedToken.exp < currentTime,\n  };\n};\n"],"names":["lock","navigator","locks","request","_name","_options","callback","_refreshSession","async","auth","storage","marginSeconds","session","needsRefresh","mode","_needsRefresh","sessionExpired","response","refreshToken","set","body","error","get","decodedToken","exp","currentTime","Date","now","console","warn","errResponse","status","remove"],"mappings":"aA0BA,MAAMA,EACiB,oBAAdC,WAA6BA,UAAUC,MAC1CD,UAAUC,MACV,IAxBN,MACE,aAAMC,CACJC,EACAC,EAEAC,GAEA,OAAOA,GACT,GAgEIC,EAAkBC,MACtBC,EACAC,EACAC,EAAgB,MAEhB,MAAMC,QACJA,EAAAC,aACAA,SAC4Db,EAAKG,QACjE,mBACA,CAAEW,KAAM,WACRN,SACSO,EAAcL,EAASC,KAIlC,IAAKC,EACH,OAAO,KAGT,IAAKC,EACH,OAAOD,EAqCT,aAlC+CZ,EAAKG,QAClD,mBACA,CAAEW,KAAM,cACRN,UACE,MAAQI,QAAAA,EAASC,aAAAA,EAAAA,eAAcG,GAAmBD,EAChDL,EACAC,GAGF,IAAKC,EACH,OAAO,KAGT,IAAKC,EACH,OAAOD,EAGT,IACE,MAAMK,QAAiBR,EAAKS,aAAa,CACvCA,aAAcN,EAAQM,eAIxB,OAFAR,EAAQS,IAAIF,EAASG,MAEdH,EAASG,IAClB,OAASC,GACP,IAAKL,EACH,OAAOJ,EAGT,MAAMS,CACR,IAIG,EAWHN,EAAgB,CAACL,EAAyBC,EAAgB,MAC9D,MAAMC,EAAUF,EAAQY,MACxB,IAAKV,EACH,MAAO,CAAEA,QAAS,KAAMC,cAAc,EAAOG,gBAAgB,GAG/D,IAAKJ,EAAQW,eAAiBX,EAAQW,aAAaC,IAGjD,MAAO,CAAEZ,UAASC,cAAc,EAAMG,gBAAgB,GAIxD,GAAsB,IAAlBL,EACF,MAAO,CAAEC,UAASC,cAAc,EAAMG,gBAAgB,GAGxD,MAAMS,EAAcC,KAAKC,MACzB,OAAIf,EAAQW,aAAaC,IAAMC,EAA8B,IAAhBd,EACpC,CAAEC,UAASC,cAAc,EAAOG,gBAAgB,GAGlD,CACLJ,UACAC,cAAc,EACdG,eAAgBJ,EAAQW,aAAaC,IAAMC,EAAA,yBAhIjBjB,MAC5BC,EACAC,EACAC,EAAgB,MAEhB,IACE,aAAaJ,EAAgBE,EAAMC,EAASC,EAC9C,OAASU,GACP,IAIE,OADAO,QAAQC,KAAK,sCAAuCR,SACvCd,EAAgBE,EAAMC,EAASC,EAC9C,OAASU,GACP,MAAMS,EAAcT,EAMpB,OAL4B,MAAxBS,GAAaC,SAEfH,QAAQP,MAAM,4BACdX,EAAQsB,UAEH,IACT,CACF"}

package/dist/refreshSession-WwGlzgtM.js

@@ -1,95 +0,0 @@
-class DummyLock {
-  async request(_name, _options, callback) {
-    return callback();
-  }
-}
-const lock = typeof navigator !== "undefined" && navigator.locks ? navigator.locks : new DummyLock();
-const refreshSession = async (auth, storage, marginSeconds = 60) => {
-  try {
-    return await _refreshSession(auth, storage, marginSeconds);
-  } catch (error) {
-    try {
-      console.warn("error refreshing session, retrying:", error);
-      return await _refreshSession(auth, storage, marginSeconds);
-    } catch (error2) {
-      const errResponse = error2;
-      if (errResponse?.status === 401) {
-        console.error("session probably expired");
-        storage.remove();
-      }
-      return null;
-    }
-  }
-};
-const _refreshSession = async (auth, storage, marginSeconds = 60) => {
-  const {
-    session,
-    needsRefresh
-  } = await lock.request(
-    "nhostSessionLock",
-    { mode: "shared" },
-    async () => {
-      return _needsRefresh(storage, marginSeconds);
-    }
-  );
-  if (!session) {
-    return null;
-  }
-  if (!needsRefresh) {
-    return session;
-  }
-  const refreshedSession = await lock.request(
-    "nhostSessionLock",
-    { mode: "exclusive" },
-    async () => {
-      const { session: session2, needsRefresh: needsRefresh2, sessionExpired } = _needsRefresh(
-        storage,
-        marginSeconds
-      );
-      if (!session2) {
-        return null;
-      }
-      if (!needsRefresh2) {
-        return session2;
-      }
-      try {
-        const response = await auth.refreshToken({
-          refreshToken: session2.refreshToken
-        });
-        storage.set(response.body);
-        return response.body;
-      } catch (error) {
-        if (!sessionExpired) {
-          return session2;
-        }
-        throw error;
-      }
-    }
-  );
-  return refreshedSession;
-};
-const _needsRefresh = (storage, marginSeconds = 60) => {
-  const session = storage.get();
-  if (!session) {
-    return { session: null, needsRefresh: false, sessionExpired: false };
-  }
-  if (!session.decodedToken || !session.decodedToken.exp) {
-    return { session, needsRefresh: true, sessionExpired: true };
-  }
-  if (marginSeconds === 0) {
-    return { session, needsRefresh: true, sessionExpired: false };
-  }
-  const currentTime = Date.now();
-  if (session.decodedToken.exp - currentTime > marginSeconds * 1e3) {
-    return { session, needsRefresh: false, sessionExpired: false };
-  }
-  return {
-    session,
-    needsRefresh: true,
-    sessionExpired: session.decodedToken.exp < currentTime
-  };
-};
-export {
-  refreshSession as r
-};
-//# sourceMappingURL=refreshSession-WwGlzgtM.js.map

package/dist/refreshSession-WwGlzgtM.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"refreshSession-WwGlzgtM.js","sources":["../src/session/refreshSession.ts"],"sourcesContent":["import type { Client as AuthClient, ErrorResponse } from '../auth';\nimport type { FetchResponse } from '../fetch';\nimport type { Session } from './session';\nimport type { SessionStorage } from './storage';\n\nclass DummyLock implements Lock {\n  async request(\n    _name: string,\n    _options: { mode: 'exclusive' | 'shared' },\n    // biome-ignore lint/suspicious/noExplicitAny: any\n    callback: () => Promise<any>,\n  ) {\n    return callback();\n  }\n}\n\ninterface Lock {\n  request: (\n    name: string,\n    options: { mode: 'exclusive' | 'shared' },\n    // biome-ignore lint/suspicious/noExplicitAny: blah\n    callback: () => Promise<any>,\n    // biome-ignore lint/suspicious/noExplicitAny: blah\n  ) => Promise<any>;\n}\n\nconst lock: Lock =\n  typeof navigator !== 'undefined' && navigator.locks\n    ? navigator.locks\n    : new DummyLock();\n\n/**\n * Refreshes the authentication session if needed\n *\n * This function checks if the current session needs to be refreshed based on\n * the access token expiration time. If a refresh is needed, it will attempt to\n * refresh the token using the provided auth client.\n *\n * @param auth - The authentication client to use for token refresh\n * @param storage - The session storage implementation\n * @param marginSeconds - The number of seconds before the token expiration to refresh the session. If the token is still valid for this duration, it will not be refreshed. Set to 0 to force the refresh.\n * @returns A promise that resolves to the current session (refreshed if needed) or null if no session exists\n */\nexport const refreshSession = async (\n  auth: AuthClient,\n  storage: SessionStorage,\n  marginSeconds = 60,\n): Promise<Session | null> => {\n  try {\n    return await _refreshSession(auth, storage, marginSeconds);\n  } catch (error) {\n    try {\n      // we retry the refresh token in case of transient error\n      // or race conditions\n      console.warn('error refreshing session, retrying:', error);\n      return await _refreshSession(auth, storage, marginSeconds);\n    } catch (error) {\n      const errResponse = error as FetchResponse<ErrorResponse>;\n      if (errResponse?.status === 401) {\n        // this probably means the refresh token is invalid\n        console.error('session probably expired');\n        storage.remove();\n      }\n      return null;\n    }\n  }\n};\n\n/**\n * Internal implementation of the refresh session logic\n *\n * @param auth - The authentication client to use for token refresh\n * @param storage - The session storage implementation\n * @param marginSeconds - How many seconds before expiration to trigger a refresh\n * @returns A promise that resolves to the current session (refreshed if needed) or null if no session exists\n * @private\n */\nconst _refreshSession = async (\n  auth: AuthClient,\n  storage: SessionStorage,\n  marginSeconds = 60,\n): Promise<Session | null> => {\n  const {\n    session,\n    needsRefresh,\n  }: { session: Session | null; needsRefresh: boolean } = await lock.request(\n    'nhostSessionLock',\n    { mode: 'shared' },\n    async () => {\n      return _needsRefresh(storage, marginSeconds);\n    },\n  );\n\n  if (!session) {\n    return null; // No session found\n  }\n\n  if (!needsRefresh) {\n    return session; // No need to refresh\n  }\n\n  const refreshedSession: Session | null = await lock.request(\n    'nhostSessionLock',\n    { mode: 'exclusive' },\n    async () => {\n      const { session, needsRefresh, sessionExpired } = _needsRefresh(\n        storage,\n        marginSeconds,\n      );\n\n      if (!session) {\n        return null; // No session found\n      }\n\n      if (!needsRefresh) {\n        return session; // No need to refresh\n      }\n\n      try {\n        const response = await auth.refreshToken({\n          refreshToken: session.refreshToken,\n        });\n        storage.set(response.body);\n\n        return response.body;\n      } catch (error) {\n        if (!sessionExpired) {\n          return session;\n        }\n\n        throw error;\n      }\n    },\n  );\n\n  return refreshedSession;\n};\n\n/**\n * Checks if the current session needs to be refreshed based on token expiration\n *\n * @param storage - The session storage implementation\n * @param marginSeconds - How many seconds before expiration to trigger a refresh\n * @returns An object containing the session, whether it needs refreshing, and whether it has expired\n * @private\n */\nconst _needsRefresh = (storage: SessionStorage, marginSeconds = 60) => {\n  const session = storage.get();\n  if (!session) {\n    return { session: null, needsRefresh: false, sessionExpired: false };\n  }\n\n  if (!session.decodedToken || !session.decodedToken.exp) {\n    // if the session does not have a valid decoded token, treat it as expired\n    // as we can't determine its validity\n    return { session, needsRefresh: true, sessionExpired: true };\n  }\n\n  // Force refresh if marginSeconds is 0\n  if (marginSeconds === 0) {\n    return { session, needsRefresh: true, sessionExpired: false };\n  }\n\n  const currentTime = Date.now();\n  if (session.decodedToken.exp - currentTime > marginSeconds * 1000) {\n    return { session, needsRefresh: false, sessionExpired: false };\n  }\n\n  return {\n    session,\n    needsRefresh: true,\n    sessionExpired: session.decodedToken.exp < currentTime,\n  };\n};\n"],"names":["error","session","needsRefresh"],"mappings":"AAKA,MAAM,UAA0B;AAAA,EAC9B,MAAM,QACJ,OACA,UAEA,UACA;AACA,WAAO,SAAA;AAAA,EACT;AACF;AAYA,MAAM,OACJ,OAAO,cAAc,eAAe,UAAU,QAC1C,UAAU,QACV,IAAI,UAAA;AAcH,MAAM,iBAAiB,OAC5B,MACA,SACA,gBAAgB,OACY;AAC5B,MAAI;AACF,WAAO,MAAM,gBAAgB,MAAM,SAAS,aAAa;AAAA,EAC3D,SAAS,OAAO;AACd,QAAI;AAGF,cAAQ,KAAK,uCAAuC,KAAK;AACzD,aAAO,MAAM,gBAAgB,MAAM,SAAS,aAAa;AAAA,IAC3D,SAASA,QAAO;AACd,YAAM,cAAcA;AACpB,UAAI,aAAa,WAAW,KAAK;AAE/B,gBAAQ,MAAM,0BAA0B;AACxC,gBAAQ,OAAA;AAAA,MACV;AACA,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAWA,MAAM,kBAAkB,OACtB,MACA,SACA,gBAAgB,OACY;AAC5B,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,EAAA,IACsD,MAAM,KAAK;AAAA,IACjE;AAAA,IACA,EAAE,MAAM,SAAA;AAAA,IACR,YAAY;AACV,aAAO,cAAc,SAAS,aAAa;AAAA,IAC7C;AAAA,EAAA;AAGF,MAAI,CAAC,SAAS;AACZ,WAAO;AAAA,EACT;AAEA,MAAI,CAAC,cAAc;AACjB,WAAO;AAAA,EACT;AAEA,QAAM,mBAAmC,MAAM,KAAK;AAAA,IAClD;AAAA,IACA,EAAE,MAAM,YAAA;AAAA,IACR,YAAY;AACV,YAAM,EAAE,SAAAC,UAAS,cAAAC,eAAc,mBAAmB;AAAA,QAChD;AAAA,QACA;AAAA,MAAA;AAGF,UAAI,CAACD,UAAS;AACZ,eAAO;AAAA,MACT;AAEA,UAAI,CAACC,eAAc;AACjB,eAAOD;AAAAA,MACT;AAEA,UAAI;AACF,cAAM,WAAW,MAAM,KAAK,aAAa;AAAA,UACvC,cAAcA,SAAQ;AAAA,QAAA,CACvB;AACD,gBAAQ,IAAI,SAAS,IAAI;AAEzB,eAAO,SAAS;AAAA,MAClB,SAAS,OAAO;AACd,YAAI,CAAC,gBAAgB;AACnB,iBAAOA;AAAAA,QACT;AAEA,cAAM;AAAA,MACR;AAAA,IACF;AAAA,EAAA;AAGF,SAAO;AACT;AAUA,MAAM,gBAAgB,CAAC,SAAyB,gBAAgB,OAAO;AACrE,QAAM,UAAU,QAAQ,IAAA;AACxB,MAAI,CAAC,SAAS;AACZ,WAAO,EAAE,SAAS,MAAM,cAAc,OAAO,gBAAgB,MAAA;AAAA,EAC/D;AAEA,MAAI,CAAC,QAAQ,gBAAgB,CAAC,QAAQ,aAAa,KAAK;AAGtD,WAAO,EAAE,SAAS,cAAc,MAAM,gBAAgB,KAAA;AAAA,EACxD;AAGA,MAAI,kBAAkB,GAAG;AACvB,WAAO,EAAE,SAAS,cAAc,MAAM,gBAAgB,MAAA;AAAA,EACxD;AAEA,QAAM,cAAc,KAAK,IAAA;AACzB,MAAI,QAAQ,aAAa,MAAM,cAAc,gBAAgB,KAAM;AACjE,WAAO,EAAE,SAAS,cAAc,OAAO,gBAAgB,MAAA;AAAA,EACzD;AAEA,SAAO;AAAA,IACL;AAAA,IACA,cAAc;AAAA,IACd,gBAAgB,QAAQ,aAAa,MAAM;AAAA,EAAA;AAE/C;"}