@oxyhq/auth 2.0.3 → 2.0.5

package/dist/cjs/hooks/useFileDownloadUrl.js

@@ -1,42 +1,19 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.useFileDownloadUrl = exports.setOxyFileUrlInstance = void 0;
+exports.useFileDownloadUrl = void 0;
 const react_1 = require("react");
-const core_1 = require("@oxyhq/core");
-let oxyInstance = null;
-const setOxyFileUrlInstance = (instance) => {
-    oxyInstance = instance;
-};
-exports.setOxyFileUrlInstance = setOxyFileUrlInstance;
 /**
  * Hook to resolve a file's download URL asynchronously.
  *
- * Prefers the provided `oxyServices` instance, falls back to the module-level
- * singleton set via `setOxyFileUrlInstance`.
- *
  * Uses `getFileDownloadUrlAsync` first, falling back to the synchronous
  * `getFileDownloadUrl` if the async call fails.
  */
-const useFileDownloadUrl = (fileIdOrServices, fileIdOrOptions, maybeOptions) => {
-    // Support two call signatures:
-    // 1. useFileDownloadUrl(oxyServices, fileId, options)  — preferred
-    // 2. useFileDownloadUrl(fileId, options)               — legacy (uses singleton)
-    let services;
-    let fileId;
-    let options;
-    if (fileIdOrServices instanceof core_1.OxyServices) {
-        services = fileIdOrServices;
-        fileId = typeof fileIdOrOptions === 'string' ? fileIdOrOptions : null;
-        options = maybeOptions;
-    }
-    else {
-        services = oxyInstance;
-        fileId = typeof fileIdOrServices === 'string' ? fileIdOrServices : null;
-        options = typeof fileIdOrOptions === 'object' && fileIdOrOptions !== null ? fileIdOrOptions : undefined;
-    }
+const useFileDownloadUrl = (oxyServices, fileId, options) => {
     const [url, setUrl] = (0, react_1.useState)(null);
     const [loading, setLoading] = (0, react_1.useState)(false);
     const [error, setError] = (0, react_1.useState)(null);
+    const variant = options?.variant;
+    const expiresIn = options?.expiresIn;
     (0, react_1.useEffect)(() => {
         if (!fileId) {
             setUrl(null);
@@ -44,25 +21,25 @@ const useFileDownloadUrl = (fileIdOrServices, fileIdOrOptions, maybeOptions) =>
             setError(null);
             return;
         }
-        if (!services) {
+        if (!oxyServices) {
             setUrl(null);
             setLoading(false);
             setError(new Error('OxyServices instance not configured for useFileDownloadUrl'));
             return;
         }
         let cancelled = false;
-        const instance = services;
+        const instance = oxyServices;
+        const targetFileId = fileId;
         const load = async () => {
             setLoading(true);
             setError(null);
             try {
-                const { variant, expiresIn } = options || {};
                 let resolvedUrl = null;
                 if (typeof instance.getFileDownloadUrlAsync === 'function') {
-                    resolvedUrl = await instance.getFileDownloadUrlAsync(fileId, variant, expiresIn);
+                    resolvedUrl = await instance.getFileDownloadUrlAsync(targetFileId, variant, expiresIn);
                 }
                 if (!resolvedUrl && typeof instance.getFileDownloadUrl === 'function') {
-                    resolvedUrl = instance.getFileDownloadUrl(fileId, variant, expiresIn);
+                    resolvedUrl = instance.getFileDownloadUrl(targetFileId, variant, expiresIn);
                 }
                 if (!cancelled) {
                     setUrl(resolvedUrl || null);
@@ -72,8 +49,7 @@ const useFileDownloadUrl = (fileIdOrServices, fileIdOrOptions, maybeOptions) =>
                 // Fallback to sync URL on error where possible
                 try {
                     if (typeof instance.getFileDownloadUrl === 'function') {
-                        const { variant, expiresIn } = options || {};
-                        const fallbackUrl = instance.getFileDownloadUrl(fileId, variant, expiresIn);
+                        const fallbackUrl = instance.getFileDownloadUrl(targetFileId, variant, expiresIn);
                         if (!cancelled) {
                             setUrl(fallbackUrl || null);
                             setError(err instanceof Error ? err : new Error(String(err)));
@@ -82,7 +58,7 @@ const useFileDownloadUrl = (fileIdOrServices, fileIdOrOptions, maybeOptions) =>
                     }
                 }
                 catch {
-                    // ignore secondary failure
+                    // Secondary failure: surface the original error below.
                 }
                 if (!cancelled) {
                     setError(err instanceof Error ? err : new Error(String(err)));
@@ -98,7 +74,7 @@ const useFileDownloadUrl = (fileIdOrServices, fileIdOrOptions, maybeOptions) =>
         return () => {
             cancelled = true;
         };
-    }, [fileId, services, options?.variant, options?.expiresIn]);
+    }, [fileId, oxyServices, variant, expiresIn]);
     return { url, loading, error };
 };
 exports.useFileDownloadUrl = useFileDownloadUrl;

package/dist/cjs/hooks/useSessionSocket.js

@@ -1,11 +1,40 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.useSessionSocket = useSessionSocket;
 const react_1 = require("react");
-const socket_io_client_1 = __importDefault(require("socket.io-client"));
 const sonner_1 = require("sonner");
 const core_1 = require("@oxyhq/core");
 const core_2 = require("@oxyhq/core");
@@ -14,6 +43,47 @@ const react_query_1 = require("@tanstack/react-query");
 const useServicesQueries_1 = require("./queries/useServicesQueries");
 const queryKeys_1 = require("./queries/queryKeys");
 const debug = (0, core_2.createDebugLogger)('SessionSocket');
+/** localStorage key used by AuthManager for persisting access tokens. */
+const LS_ACCESS_TOKEN_KEY = 'oxy_access_token';
+/** Delay before retrying socket connection after an auth failure (ms). */
+const AUTH_RETRY_DELAY_MS = 2000;
+/** Maximum number of consecutive auth-failure retries. */
+const MAX_AUTH_RETRIES = 3;
+/**
+ * Read the access token from localStorage directly.
+ * Used as a fallback when the in-memory token is empty (e.g., during a
+ * cross-tab token refresh race).
+ */
+function readTokenFromStorage() {
+    if (typeof window === 'undefined')
+        return null;
+    try {
+        return window.localStorage.getItem(LS_ACCESS_TOKEN_KEY);
+    }
+    catch (err) {
+        console.warn('[oxy.session-socket] localStorage read failed:', err);
+        return null;
+    }
+}
+let _io = null;
+let _ioLoadAttempted = false;
+async function getSocketIO() {
+    if (_io)
+        return _io;
+    if (_ioLoadAttempted)
+        return null;
+    _ioLoadAttempted = true;
+    try {
+        const mod = (await Promise.resolve().then(() => __importStar(require('socket.io-client'))));
+        _io = mod.io ?? mod.default ?? null;
+        return _io;
+    }
+    catch (err) {
+        console.warn('[oxy.session-socket] socket.io-client import failed:', err);
+        debug.warn('socket.io-client is not installed. useSessionSocket will be disabled. Install it with: bun add socket.io-client');
+        return null;
+    }
+}
 function useSessionSocket(options) {
     const { user, activeSessionId, oxyServices, signOut, clearSessionState } = (0, WebOxyProvider_1.useWebOxy)();
     const queryClient = (0, react_query_1.useQueryClient)();
@@ -58,137 +128,202 @@ function useSessionSocket(options) {
             socketRef.current.disconnect();
             socketRef.current = null;
         }
-        // Connect with auth token; use callback so reconnections get a fresh token
-        socketRef.current = (0, socket_io_client_1.default)(baseURL, {
-            transports: ['websocket'],
-            auth: (cb) => {
-                const token = oxyServices.getAccessToken();
-                cb({ token: token ?? '' });
-            },
-        });
-        const socket = socketRef.current;
-        // Server auto-joins the user to `user:<userId>` room on connection
-        const handleConnect = () => {
-            debug.log('Socket connected:', socket.id);
-        };
-        const refreshSessions = () => {
-            (0, queryKeys_1.invalidateSessionQueries)(queryClientRef.current);
-            return Promise.resolve();
+        let cancelled = false;
+        let authRetryCount = 0;
+        let authRetryTimer = null;
+        /**
+         * Resolve the best available access token.
+         * Prefers the in-memory token from OxyServices; falls back to
+         * localStorage which may have been updated by another tab.
+         */
+        const resolveToken = () => {
+            return oxyServices.getAccessToken() || readTokenFromStorage();
         };
-        const handleSessionUpdate = async (data) => {
-            debug.log('Received session_update:', data);
-            const currentActiveSessionId = activeSessionIdRef.current;
-            const deviceId = currentDeviceIdRef.current;
-            // Handle different event types
-            if (data.type === 'session_removed') {
-                // Track removed session
-                if (data.sessionId && onSessionRemovedRef.current) {
-                    onSessionRemovedRef.current(data.sessionId);
-                }
-                // If the removed sessionId matches the current activeSessionId, immediately clear state
-                if (data.sessionId === currentActiveSessionId) {
-                    if (onRemoteSignOutRef.current) {
-                        onRemoteSignOutRef.current();
-                    }
-                    else {
-                        sonner_1.toast.info('You have been signed out remotely.');
-                    }
-                    try {
-                        await clearSessionStateRef.current();
-                    }
-                    catch (error) {
-                        if (__DEV__) {
-                            core_1.logger.error('Failed to clear session state after session_removed', error instanceof Error ? error : new Error(String(error)), { component: 'useSessionSocket' });
+        getSocketIO().then((ioFn) => {
+            if (cancelled || !ioFn)
+                return;
+            // Connect with auth token; use callback so reconnections get a fresh token.
+            // If no token is available at all, we skip the initial connect and let
+            // the storage listener or retry logic connect when a token appears.
+            const token = resolveToken();
+            const socket = ioFn(baseURL, {
+                transports: ['websocket'],
+                autoConnect: !!token, // don't auto-connect when there is no token
+                auth: (cb) => {
+                    const resolved = resolveToken();
+                    if (!resolved) {
+                        // No token available -- disconnect gracefully instead of sending
+                        // an empty string that the server will reject.
+                        debug.warn('No access token available for socket auth; disconnecting.');
+                        if (socketRef.current) {
+                            socketRef.current.disconnect();
                         }
+                        return;
                     }
+                    cb({ token: resolved });
+                },
+            });
+            socketRef.current = socket;
+            // Server auto-joins the user to `user:<userId>` room on connection
+            const handleConnect = () => {
+                debug.log('Socket connected:', socket.id);
+                // Successful connection resets the auth retry counter.
+                authRetryCount = 0;
+            };
+            /**
+             * Handle socket disconnection. When the disconnect reason indicates an
+             * auth failure (server rejected the token), schedule a short retry so
+             * that an in-progress token refresh can complete before the next attempt.
+             */
+            const handleDisconnect = (reason) => {
+                debug.log('Socket disconnected:', reason);
+                // "io server disconnect" = server forcibly closed the connection (auth failure).
+                // "transport error" can also happen when the auth callback aborted.
+                if ((reason === 'io server disconnect' || reason === 'transport error') &&
+                    authRetryCount < MAX_AUTH_RETRIES &&
+                    !cancelled) {
+                    authRetryCount++;
+                    debug.log(`Auth-related disconnect; scheduling retry ${authRetryCount}/${MAX_AUTH_RETRIES} in ${AUTH_RETRY_DELAY_MS}ms`);
+                    authRetryTimer = setTimeout(() => {
+                        if (cancelled)
+                            return;
+                        const retryToken = resolveToken();
+                        if (retryToken && socketRef.current) {
+                            debug.log('Retrying socket connection with refreshed token');
+                            socketRef.current.connect();
+                        }
+                    }, AUTH_RETRY_DELAY_MS);
+                }
+            };
+            const refreshSessions = () => {
+                (0, queryKeys_1.invalidateSessionQueries)(queryClientRef.current);
+                return Promise.resolve();
+            };
+            const triggerLocalSignOut = async (toastMessage, errorContext) => {
+                if (onRemoteSignOutRef.current) {
+                    onRemoteSignOutRef.current();
                 }
                 else {
-                    refreshSessions();
+                    sonner_1.toast.info(toastMessage);
                 }
-            }
-            else if (data.type === 'device_removed') {
-                // Track all removed sessions from this device
-                if (data.sessionIds && onSessionRemovedRef.current) {
-                    for (const sessionId of data.sessionIds) {
-                        onSessionRemovedRef.current(sessionId);
-                    }
+                // Clear local state since the server has already removed the session.
+                // Await so storage cleanup completes before any subsequent navigation.
+                try {
+                    await clearSessionStateRef.current();
                 }
-                // If the removed deviceId matches the current device, immediately clear state
-                if (data.deviceId && data.deviceId === deviceId) {
-                    if (onRemoteSignOutRef.current) {
-                        onRemoteSignOutRef.current();
-                    }
-                    else {
-                        sonner_1.toast.info('This device has been removed. You have been signed out.');
-                    }
-                    try {
-                        await clearSessionStateRef.current();
-                    }
-                    catch (error) {
-                        if (__DEV__) {
-                            core_1.logger.error('Failed to clear session state after device_removed', error instanceof Error ? error : new Error(String(error)), { component: 'useSessionSocket' });
-                        }
+                catch (error) {
+                    if (process.env.NODE_ENV !== 'production') {
+                        core_1.logger.error(`Failed to clear session state after ${errorContext}`, error instanceof Error ? error : new Error(String(error)), { component: 'useSessionSocket' });
                     }
                 }
-                else {
-                    refreshSessions();
-                }
-            }
-            else if (data.type === 'sessions_removed') {
-                // Track all removed sessions
-                if (data.sessionIds && onSessionRemovedRef.current) {
-                    for (const sessionId of data.sessionIds) {
-                        onSessionRemovedRef.current(sessionId);
+            };
+            const handleSessionUpdate = async (data) => {
+                debug.log('Received session_update:', data);
+                const currentActiveSessionId = activeSessionIdRef.current;
+                const deviceId = currentDeviceIdRef.current;
+                // Strict whitelist. Every event type that may sign the user out must
+                // appear in the switch. Anything unknown falls through to `default`,
+                // which only logs in dev. This guards against future server-side event
+                // additions (e.g. `session_created` after a successful sign-in)
+                // accidentally triggering sign-out via a fallback branch that compares
+                // `data.sessionId === currentActiveSessionId` — that branch would match
+                // the user's NEW session id and trigger an instant remote sign-out
+                // toast on every login.
+                switch (data.type) {
+                    case 'session_removed': {
+                        if (data.sessionId && onSessionRemovedRef.current) {
+                            onSessionRemovedRef.current(data.sessionId);
+                        }
+                        if (data.sessionId && data.sessionId === currentActiveSessionId) {
+                            await triggerLocalSignOut('You have been signed out remotely.', 'session_removed');
+                        }
+                        else {
+                            refreshSessions();
+                        }
+                        break;
                     }
-                }
-                // If the current activeSessionId is in the removed sessionIds list, immediately clear state
-                if (data.sessionIds && currentActiveSessionId && data.sessionIds.includes(currentActiveSessionId)) {
-                    if (onRemoteSignOutRef.current) {
-                        onRemoteSignOutRef.current();
+                    case 'device_removed': {
+                        if (data.sessionIds && onSessionRemovedRef.current) {
+                            for (const sessionId of data.sessionIds) {
+                                onSessionRemovedRef.current(sessionId);
+                            }
+                        }
+                        if (data.deviceId && deviceId && data.deviceId === deviceId) {
+                            await triggerLocalSignOut('This device has been removed. You have been signed out.', 'device_removed');
+                        }
+                        else {
+                            refreshSessions();
+                        }
+                        break;
                     }
-                    else {
-                        sonner_1.toast.info('You have been signed out remotely.');
+                    case 'sessions_removed': {
+                        if (data.sessionIds && onSessionRemovedRef.current) {
+                            for (const sessionId of data.sessionIds) {
+                                onSessionRemovedRef.current(sessionId);
+                            }
+                        }
+                        if (data.sessionIds &&
+                            currentActiveSessionId &&
+                            data.sessionIds.includes(currentActiveSessionId)) {
+                            await triggerLocalSignOut('You have been signed out remotely.', 'sessions_removed');
+                        }
+                        else {
+                            refreshSessions();
+                        }
+                        break;
                     }
-                    try {
-                        await clearSessionStateRef.current();
+                    case 'session_created':
+                    case 'session_update': {
+                        // Lifecycle event for the current user. Just resync the sessions
+                        // list — never sign out.
+                        refreshSessions();
+                        break;
                     }
-                    catch (error) {
-                        if (__DEV__) {
-                            core_1.logger.error('Failed to clear session state after sessions_removed', error instanceof Error ? error : new Error(String(error)), { component: 'useSessionSocket' });
+                    default: {
+                        if (process.env.NODE_ENV !== 'production') {
+                            core_1.logger.warn('Unknown session socket event type', {
+                                component: 'useSessionSocket',
+                                type: data.type,
+                            });
                         }
+                        break;
                     }
                 }
-                else {
-                    refreshSessions();
+            };
+            socket.on('connect', handleConnect);
+            socket.on('disconnect', handleDisconnect);
+            socket.on('session_update', handleSessionUpdate);
+            // Listen for cross-tab token updates via the Storage event.
+            // When another tab writes a fresh access token to localStorage,
+            // reconnect this tab's socket if it was disconnected.
+            const handleStorageEvent = (e) => {
+                if (e.key === LS_ACCESS_TOKEN_KEY && e.newValue && socketRef.current?.disconnected) {
+                    debug.log('Cross-tab token update detected; reconnecting socket');
+                    authRetryCount = 0; // reset retries since we got a fresh token
+                    socketRef.current.connect();
                 }
+            };
+            if (typeof window !== 'undefined') {
+                window.addEventListener('storage', handleStorageEvent);
+                // Store the handler so cleanup can remove it
+                socket.__oxyStorageHandler = handleStorageEvent;
             }
-            else {
-                // For other event types (e.g., session_created), refresh sessions
-                refreshSessions();
-                // If the current session was logged out (legacy behavior), handle it specially
-                if (data.sessionId === currentActiveSessionId) {
-                    if (onRemoteSignOutRef.current) {
-                        onRemoteSignOutRef.current();
-                    }
-                    else {
-                        sonner_1.toast.info('You have been signed out remotely.');
-                    }
-                    try {
-                        await clearSessionStateRef.current();
-                    }
-                    catch (error) {
-                        debug.error('Failed to clear session state after session_update:', error);
-                    }
+        });
+        return () => {
+            cancelled = true;
+            if (authRetryTimer) {
+                clearTimeout(authRetryTimer);
+            }
+            const currentSocket = socketRef.current;
+            if (currentSocket) {
+                // Remove cross-tab storage listener
+                const storageHandler = currentSocket.__oxyStorageHandler;
+                if (typeof window !== 'undefined' && storageHandler) {
+                    window.removeEventListener('storage', storageHandler);
                 }
+                currentSocket.disconnect();
+                socketRef.current = null;
             }
         };
-        socket.on('connect', handleConnect);
-        socket.on('session_update', handleSessionUpdate);
-        return () => {
-            socket.off('connect', handleConnect);
-            socket.off('session_update', handleSessionUpdate);
-            socket.disconnect();
-            socketRef.current = null;
-        };
     }, [userId, baseURL]); // Only depend on userId and baseURL - callbacks are in refs
 }

package/dist/cjs/index.js

@@ -24,8 +24,8 @@
  * ```
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isInvalidSessionError = exports.handleAuthError = exports.useFileFiltering = exports.useFollowerCounts = exports.useFollow = exports.setOxyFileUrlInstance = exports.useFileDownloadUrl = exports.setOxyAssetInstance = exports.useAssets = exports.useSessionSocket = exports.createGenericMutation = exports.createProfileMutation = exports.useRemoveDevice = exports.useUpdateDeviceName = exports.useLogoutAll = exports.useLogoutSession = exports.useSwitchSession = exports.useUploadFile = exports.useUpdatePrivacySettings = exports.useUpdateAccountSettings = exports.useUploadAvatar = exports.useUpdateProfile = exports.useRecentSecurityActivity = exports.useSecurityActivity = exports.useSecurityInfo = exports.useUserDevices = exports.useDeviceSessions = exports.useSession = exports.useSessions = exports.usePrivacySettings = exports.useUsersBySessions = exports.useUserByUsername = exports.useUserById = exports.useCurrentUser = exports.useUserProfiles = exports.useUserProfile = exports.useIsAssetLinked = exports.useAssetUsageCount = exports.useAssetsByEntity = exports.useAssetsByApp = exports.useAssetErrors = exports.useAssetLoading = exports.useUploadProgress = exports.useAsset = exports.useAssetsStore = exports.useAssetStore = exports.useAuthStore = exports.useAuth = exports.useWebOxy = exports.WebOxyProvider = void 0;
-exports.extractErrorMessage = exports.isTimeoutOrNetworkError = void 0;
+exports.useAssets = exports.useSessionSocket = exports.isWebBrowser = exports.useWebSSO = exports.createGenericMutation = exports.createProfileMutation = exports.useRemoveDevice = exports.useUpdateDeviceName = exports.useLogoutAll = exports.useLogoutSession = exports.useSwitchSession = exports.useUploadFile = exports.useUpdatePrivacySettings = exports.useUpdateAccountSettings = exports.useUploadAvatar = exports.useUpdateProfile = exports.useRecentSecurityActivity = exports.useSecurityActivity = exports.useSecurityInfo = exports.useUserDevices = exports.useDeviceSessions = exports.useSession = exports.useSessions = exports.usePrivacySettings = exports.useUsersBySessions = exports.useUserByUsername = exports.useUserById = exports.useCurrentUser = exports.useUserProfiles = exports.useUserProfile = exports.useFollowStore = exports.useAccountLoadingSession = exports.useAccountError = exports.useAccountLoading = exports.useAccounts = exports.useAccountStore = exports.useIsAssetLinked = exports.useAssetUsageCount = exports.useAssetsByEntity = exports.useAssetsByApp = exports.useAssetErrors = exports.useAssetLoading = exports.useUploadProgress = exports.useAsset = exports.useAssetsStore = exports.useAssetStore = exports.useAuthStore = exports.useAuth = exports.useWebOxy = exports.WebOxyProvider = void 0;
+exports.extractErrorMessage = exports.isTimeoutOrNetworkError = exports.isInvalidSessionError = exports.handleAuthError = exports.useFileFiltering = exports.useFollowerCounts = exports.useFollow = exports.useFileDownloadUrl = exports.setOxyAssetInstance = void 0;
 // --- Provider & Hooks ---
 var WebOxyProvider_1 = require("./WebOxyProvider");
 Object.defineProperty(exports, "WebOxyProvider", { enumerable: true, get: function () { return WebOxyProvider_1.WebOxyProvider; } });
@@ -45,6 +45,14 @@ Object.defineProperty(exports, "useAssetsByApp", { enumerable: true, get: functi
 Object.defineProperty(exports, "useAssetsByEntity", { enumerable: true, get: function () { return assetStore_1.useAssetsByEntity; } });
 Object.defineProperty(exports, "useAssetUsageCount", { enumerable: true, get: function () { return assetStore_1.useAssetUsageCount; } });
 Object.defineProperty(exports, "useIsAssetLinked", { enumerable: true, get: function () { return assetStore_1.useIsAssetLinked; } });
+var accountStore_1 = require("./stores/accountStore");
+Object.defineProperty(exports, "useAccountStore", { enumerable: true, get: function () { return accountStore_1.useAccountStore; } });
+Object.defineProperty(exports, "useAccounts", { enumerable: true, get: function () { return accountStore_1.useAccounts; } });
+Object.defineProperty(exports, "useAccountLoading", { enumerable: true, get: function () { return accountStore_1.useAccountLoading; } });
+Object.defineProperty(exports, "useAccountError", { enumerable: true, get: function () { return accountStore_1.useAccountError; } });
+Object.defineProperty(exports, "useAccountLoadingSession", { enumerable: true, get: function () { return accountStore_1.useAccountLoadingSession; } });
+var followStore_1 = require("./stores/followStore");
+Object.defineProperty(exports, "useFollowStore", { enumerable: true, get: function () { return followStore_1.useFollowStore; } });
 // --- Query Hooks ---
 var queries_1 = require("./hooks/queries");
 Object.defineProperty(exports, "useUserProfile", { enumerable: true, get: function () { return queries_1.useUserProfile; } });
@@ -77,6 +85,9 @@ var mutationFactory_1 = require("./hooks/mutations/mutationFactory");
 Object.defineProperty(exports, "createProfileMutation", { enumerable: true, get: function () { return mutationFactory_1.createProfileMutation; } });
 Object.defineProperty(exports, "createGenericMutation", { enumerable: true, get: function () { return mutationFactory_1.createGenericMutation; } });
 // --- Custom Hooks ---
+var useWebSSO_1 = require("./hooks/useWebSSO");
+Object.defineProperty(exports, "useWebSSO", { enumerable: true, get: function () { return useWebSSO_1.useWebSSO; } });
+Object.defineProperty(exports, "isWebBrowser", { enumerable: true, get: function () { return useWebSSO_1.isWebBrowser; } });
 var useSessionSocket_1 = require("./hooks/useSessionSocket");
 Object.defineProperty(exports, "useSessionSocket", { enumerable: true, get: function () { return useSessionSocket_1.useSessionSocket; } });
 var useAssets_1 = require("./hooks/useAssets");
@@ -84,7 +95,6 @@ Object.defineProperty(exports, "useAssets", { enumerable: true, get: function ()
 Object.defineProperty(exports, "setOxyAssetInstance", { enumerable: true, get: function () { return useAssets_1.setOxyAssetInstance; } });
 var useFileDownloadUrl_1 = require("./hooks/useFileDownloadUrl");
 Object.defineProperty(exports, "useFileDownloadUrl", { enumerable: true, get: function () { return useFileDownloadUrl_1.useFileDownloadUrl; } });
-Object.defineProperty(exports, "setOxyFileUrlInstance", { enumerable: true, get: function () { return useFileDownloadUrl_1.setOxyFileUrlInstance; } });
 var useFollow_1 = require("./hooks/useFollow");
 Object.defineProperty(exports, "useFollow", { enumerable: true, get: function () { return useFollow_1.useFollow; } });
 Object.defineProperty(exports, "useFollowerCounts", { enumerable: true, get: function () { return useFollow_1.useFollowerCounts; } });

package/dist/cjs/stores/accountStore.js

@@ -164,7 +164,7 @@ exports.useAccountStore = (0, zustand_1.create)((set, get) => ({
             }
             catch (error) {
                 const errorMessage = error instanceof Error ? error.message : 'Failed to load accounts';
-                if (__DEV__) {
+                if (process.env.NODE_ENV !== 'production') {
                     console.error('AccountStore: Failed to load accounts:', error);
                 }
                 set({ error: errorMessage });
@@ -175,7 +175,7 @@ exports.useAccountStore = (0, zustand_1.create)((set, get) => ({
         }
         catch (error) {
             const errorMessage = error instanceof Error ? error.message : 'Failed to load accounts';
-            if (__DEV__) {
+            if (process.env.NODE_ENV !== 'production') {
                 console.error('AccountStore: Failed to load accounts:', error);
             }
             set({ error: errorMessage, loading: false });

package/dist/cjs/utils/sessionHelpers.js

@@ -25,7 +25,9 @@ const mapSessionsToClient = (sessions, fallbackDeviceId, fallbackUserId) => {
 };
 exports.mapSessionsToClient = mapSessionsToClient;
 /**
- * Fetch device sessions with fallback to the legacy session endpoint when needed.
+ * Fetch device sessions, falling back to the per-user session endpoint
+ * if the device endpoint is unavailable (older API versions or disabled
+ * device-grouping feature flag).
  *
  * @param oxyServices - Oxy service instance
  * @param sessionId - Session identifier to fetch
@@ -37,7 +39,7 @@ const fetchSessionsWithFallback = async (oxyServices, sessionId, { fallbackDevic
         return (0, exports.mapSessionsToClient)(deviceSessions, fallbackDeviceId, fallbackUserId);
     }
     catch (error) {
-        if (__DEV__ && logger) {
+        if (process.env.NODE_ENV !== 'production' && logger) {
             logger('Failed to get device sessions, falling back to user sessions', error);
         }
         const userSessions = await oxyServices.getSessionsBySessionId(sessionId);