@opexa/portal-components 0.0.1123 → 0.0.1125

package/dist/client/hooks/useSignInMutation.d.ts

@@ -4,5 +4,6 @@ import type { Authenticator, MutationConfig } from '../../types';
 import { type SignInInput } from '../services/signIn';
 export interface UseSignInMutationOptions extends MutationConfig<Authenticator | null, SignInInput> {
     versionSession?: VersionSession;
+    fingerprint?: () => Promise<string | null> | string | null;
 }
 export declare const useSignInMutation: (options?: UseSignInMutationOptions) => UseMutationResult<Authenticator | null, Error, SignInInput>;

package/dist/client/hooks/useSignInMutation.js

@@ -1,7 +1,7 @@
 import { Capacitor } from '@capacitor/core';
 import { useMutation } from '@tanstack/react-query';
 import { useReCaptcha } from 'next-recaptcha-v3';
-import { RECAPTCHA_HEADER_KEY } from '../../constants/index.js';
+import { FINGERPRINT_HEADER_KEY, RECAPTCHA_HEADER_KEY, } from '../../constants/index.js';
 import { getQueryClient } from '../../utils/getQueryClient.js';
 import { getSignInMutationKey } from '../../utils/mutationKeys.js';
 import { getSessionQueryKey } from '../../utils/queryKeys.js';
@@ -10,7 +10,7 @@ import { signIn } from '../services/signIn.js';
 export const useSignInMutation = (options) => {
     const queryClient = getQueryClient();
     const recaptcha = useReCaptcha();
-    const { versionSession, ...config } = options ?? {};
+    const { fingerprint, versionSession, ...config } = options ?? {};
     return useMutation({
         ...config,
         mutationKey: getSignInMutationKey(),
@@ -19,6 +19,9 @@ export const useSignInMutation = (options) => {
             const token = recaptcha.reCaptchaKey
                 ? await recaptcha.executeRecaptcha('submit')
                 : null;
+            const fingerprintValue = versionSession === 'Inplay' && input.type === 'NAME_AND_PASSWORD'
+                ? await Promise.resolve(fingerprint?.()).catch(() => null)
+                : null;
             const authenticator = await signIn(input, {
                 headers: {
                     ...(token && {
@@ -27,6 +30,9 @@ export const useSignInMutation = (options) => {
                     ...(session.domain && {
                         Domain: session.domain,
                     }),
+                    ...(fingerprintValue && {
+                        [FINGERPRINT_HEADER_KEY]: fingerprintValue,
+                    }),
                     ...(Capacitor.getPlatform() === 'android'
                         ? { Channel: 'ANDROID' }
                         : { Channel: 'IOS' }),

package/dist/components/SignIn/CrazyWin/MobileNumberSignIn.js

@@ -45,7 +45,7 @@ export function MobileNumberSignIn() {
         disclaimer: ctx.disclaimer,
     })));
     const signInMutation = useSignInMutation({
-        versionSession: signInProps.versionSession,
+        // versionSession intentionally omitted: only applies to NAME_AND_PASSWORD
         onSuccess: async () => {
             step1Form.reset();
             step2Form.reset();

package/dist/components/SignIn/CrazyWin/NameAndPasswordSignIn.js

@@ -45,6 +45,7 @@ export function NameAndPasswordSignIn() {
         disclaimer: ctx.disclaimer,
     })));
     const signInMutation = useSignInMutation({
+        fingerprint: signInProps.fingerprint,
         versionSession: signInProps.versionSession,
         onSuccess: async (authenticator) => {
             if (authenticator) {

package/dist/components/SignIn/HappyBingo/MobileNumberSignIn.js

@@ -46,7 +46,7 @@ export function MobileNumberSignIn() {
         disclaimer: ctx.disclaimer,
     })));
     const signInMutation = useSignInMutation({
-        versionSession: signInProps.versionSession,
+        // versionSession intentionally omitted: only applies to NAME_AND_PASSWORD
         onSuccess: async () => {
             step1Form.reset();
             step2Form.reset();

package/dist/components/SignIn/HappyBingo/NameAndPasswordSignIn.js

@@ -42,6 +42,7 @@ export function NameAndPasswordSignIn() {
         disclaimer: ctx.disclaimer,
     })));
     const signInMutation = useSignInMutation({
+        fingerprint: signInProps.fingerprint,
         versionSession: signInProps.versionSession,
         onSuccess: async (authenticator) => {
             if (authenticator) {

package/dist/components/SignIn/MobileNumberSignIn.js

@@ -53,7 +53,7 @@ export function MobileNumberSignIn() {
         termsOfUse: ctx.termsOfUse,
     })));
     const signInMutation = useSignInMutation({
-        versionSession: signInProps.versionSession,
+        // versionSession intentionally omitted: only applies to NAME_AND_PASSWORD
         onSuccess: async () => {
             step1Form.reset();
             step2Form.reset();

package/dist/components/SignIn/MobileNumberSignInternational.js

@@ -80,7 +80,7 @@ export function MobileNumberSignInInternational() {
         disclaimer: ctx.disclaimer,
     })));
     const signInMutation = useSignInMutation({
-        versionSession: signInProps.versionSession,
+        // versionSession intentionally omitted: only applies to NAME_AND_PASSWORD
         onSuccess: async () => {
             step1Form.reset();
             step2Form.reset();

package/dist/components/SignIn/NameAndPasswordSignIn.js

@@ -55,6 +55,7 @@ export function NameAndPasswordSignIn() {
     })));
     const [formType, setFormType] = useState('NAME_AND_PASSWORD');
     const signInMutation = useSignInMutation({
+        fingerprint: signInProps.fingerprint,
         versionSession: signInProps.versionSession,
         onSuccess: async (authenticator) => {
             if (authenticator) {

package/dist/components/SignIn/SignIn.lazy.d.ts

@@ -31,5 +31,10 @@ export interface SignInProps extends UseSignInProps {
      * - `Inplay`: `${AUTH_ENDPOINT}/v3/inplay/sessions`
      */
     versionSession?: VersionSession;
+    /**
+     * Optional browser fingerprint provider. For Inplay NAME_AND_PASSWORD
+     * sign-ins, pass `() => sdk.fingerprint()` from the consuming app.
+     */
+    fingerprint?: () => Promise<string | null> | string | null;
 }
 export declare function SignIn(props: SignInProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/UpdateMobilePhoneNumber/UpdateMobilePhoneNumber.js

@@ -30,11 +30,11 @@ export function UpdateMobilePhoneNumber() {
     const accountQuery = useAccountQuery();
     const account = accountQuery.data;
     const isAccountLoading = accountQuery.isLoading;
-    const hasMobileNumber = !!account?.mobileNumber;
+    const isMobileNumberVerified = account?.mobileNumberVerified === true;
     const hasExecuted = useRef(false);
     useEffect(() => {
         if (!isAccountLoading && !!account && !hasExecuted.current) {
-            if (!hasMobileNumber) {
+            if (!isMobileNumberVerified) {
                 globalStore.updateMobilePhoneNumber.setOpen(true);
             }
             else {
@@ -45,7 +45,7 @@ export function UpdateMobilePhoneNumber() {
     }, [
         isAccountLoading,
         account,
-        hasMobileNumber,
+        isMobileNumberVerified,
         globalStore.updateMobilePhoneNumber,
     ]);
     const [step, setStep] = useState(1);

package/dist/constants/HeaderKey.d.ts

@@ -2,3 +2,4 @@ export declare const RECAPTCHA_HEADER_KEY: string;
 export declare const TEST_PASS_HEADER_KEY: string;
 export declare const DOMAIN_HEADER_KEY: string;
 export declare const SESSION_VERSION_HEADER_KEY: string;
+export declare const FINGERPRINT_HEADER_KEY: string;

package/dist/constants/HeaderKey.js

@@ -2,3 +2,4 @@ export const RECAPTCHA_HEADER_KEY = 'Google-Recaptcha-Response';
 export const TEST_PASS_HEADER_KEY = 'Test-Pass';
 export const DOMAIN_HEADER_KEY = 'Domain';
 export const SESSION_VERSION_HEADER_KEY = 'X-Session-Version';
+export const FINGERPRINT_HEADER_KEY = 'Fingerprint';

package/dist/handlers/postSession.js

@@ -1,7 +1,7 @@
 import { addDays, addMinutes, subMinutes } from 'date-fns';
 import { NextResponse } from 'next/server';
 import { z } from 'zod';
-import { ACCESS_TOKEN_COOKIE_NAME, DOMAIN_HEADER_KEY, RECAPTCHA_HEADER_KEY, REFRESH_TOKEN_COOKIE_NAME, SESSION_VERSION_HEADER_KEY, } from '../constants/index.js';
+import { ACCESS_TOKEN_COOKIE_NAME, DOMAIN_HEADER_KEY, FINGERPRINT_HEADER_KEY, RECAPTCHA_HEADER_KEY, REFRESH_TOKEN_COOKIE_NAME, SESSION_VERSION_HEADER_KEY, } from '../constants/index.js';
 import { createSession } from '../services/auth.js';
 const CreateSessionDefinition = z.union([
     z.object({
@@ -41,6 +41,7 @@ export async function postSession(request) {
     }
     const recaptcha = request.headers.get(RECAPTCHA_HEADER_KEY);
     const domain = request.headers.get(DOMAIN_HEADER_KEY);
+    const fingerprint = request.headers.get(FINGERPRINT_HEADER_KEY);
     const versionSessionHeader = request.headers.get(SESSION_VERSION_HEADER_KEY);
     const versionSession = versionSessionHeader === 'Inplay' ? 'Inplay' : 'default';
     try {
@@ -52,6 +53,9 @@ export async function postSession(request) {
                 ...(domain && {
                     [DOMAIN_HEADER_KEY]: domain,
                 }),
+                ...(fingerprint && {
+                    [FINGERPRINT_HEADER_KEY]: fingerprint,
+                }),
                 ...(userAgent && {
                     'User-Agent': userAgent,
                 }),

package/dist/services/auth.js

@@ -1,4 +1,4 @@
-import { AUTH_ENDPOINT } from '../constants/index.js';
+import { AUTH_ENDPOINT, FINGERPRINT_HEADER_KEY } from '../constants/index.js';
 import { httpRequest } from './httpRequest.js';
 import { sha256 } from './sha256.js';
 const SESSION_ENDPOINTS = {
@@ -29,8 +29,42 @@ export async function createSession(input, options, versionSession = 'default')
     new Headers(options?.headers).forEach((value, key) => {
         headers.set(key, value);
     });
+    // `versionSession` only applies to NAME_AND_PASSWORD sign-ins. All other
+    // auth types (MOBILE_NUMBER, MAYA, SOCIALS, CABINET, SINGLE_USE_TOKEN) are
+    // forced to the default `/sessions` endpoint.
+    const effectiveVersionSession = input.type === 'NAME_AND_PASSWORD' ? versionSession : 'default';
+    // The `Fingerprint` header is only meaningful for the Inplay
+    // NAME_AND_PASSWORD endpoint (`/v3/inplay/sessions`). Strip it for any
+    // other combination to avoid leaking it to upstream endpoints that don't
+    // expect it.
+    if (effectiveVersionSession !== 'Inplay' ||
+        input.type !== 'NAME_AND_PASSWORD') {
+        headers.delete(FINGERPRINT_HEADER_KEY);
+    }
     try {
-        return await httpRequest.json(`${AUTH_ENDPOINT}${SESSION_ENDPOINTS[versionSession]}`, {
+        // The Inplay `/v3/inplay/sessions` endpoint wraps its payload in
+        // `{ data: { ... } }` (same shape as `/v2/sessions`), while the
+        // default `/sessions` endpoint returns the flat shape directly.
+        // Unwrap the Inplay response so callers can treat both consistently
+        // via the existing `CreateSessionMutation` union.
+        if (effectiveVersionSession === 'Inplay') {
+            const wrapped = await httpRequest.json(`${AUTH_ENDPOINT}${SESSION_ENDPOINTS[effectiveVersionSession]}`, {
+                ...options,
+                method: 'POST',
+                headers,
+            });
+            if (wrapped.data.authenticator) {
+                return {
+                    authenticator: wrapped.data.authenticator,
+                };
+            }
+            return {
+                session: wrapped.data.session,
+                accessToken: wrapped.data.accessToken,
+                refreshToken: wrapped.data.refreshToken,
+            };
+        }
+        return await httpRequest.json(`${AUTH_ENDPOINT}${SESSION_ENDPOINTS[effectiveVersionSession]}`, {
             ...options,
             method: 'POST',
             headers,