@oxyhq/auth 2.0.4 → 2.0.6

package/dist/types/WebOxyProvider.d.ts

@@ -59,7 +59,7 @@ export interface WebOxyProviderProps {
  * }
  * ```
  */
-export declare function WebOxyProvider({ children, baseURL, authWebUrl, onAuthStateChange, onError, preferredAuthMethod, skipAutoCheck, }: WebOxyProviderProps): import("react/jsx-runtime").JSX.Element;
+export declare function WebOxyProvider({ children, baseURL, authWebUrl, onAuthStateChange, onError, preferredAuthMethod, skipAutoCheck, }: WebOxyProviderProps): import("react/jsx-runtime").JSX.Element | null;
 /**
  * Hook to access the full Web Oxy context.
  */

package/dist/types/hooks/mutations/index.d.ts

@@ -6,3 +6,4 @@
  */
 export { useUpdateProfile, useUploadAvatar, useUpdateAccountSettings, useUpdatePrivacySettings, useUploadFile, } from './useAccountMutations';
 export { useSwitchSession, useLogoutSession, useLogoutAll, useUpdateDeviceName, useRemoveDevice, } from './useServicesMutations';
+export { useSetAppData, useDeleteAppData } from './useAppData';

package/dist/types/hooks/mutations/useAccountMutations.d.ts

@@ -1,4 +1,4 @@
-import type { User } from '@oxyhq/core';
+import type { PrivacySettings, User } from '@oxyhq/core';
 /**
  * Update user profile with optimistic updates and offline queue support
  */
@@ -12,19 +12,163 @@ export declare const useUploadAvatar: () => import("@tanstack/react-query").UseM
     previousUser: User | undefined;
 }>;
 /**
- * Update account settings
+ * Variables accepted by the `useUpdateAccountSettings` mutation.
+ *
+ * `currentUser` is captured at dispatch time so the rebuilt user object the
+ * mutation returns is computed against a stable snapshot — NOT the cache
+ * value at the moment the API call settles. Reading from the cache inside
+ * `mutationFn` would race with sibling optimistic updates: a concurrent
+ * write could already have overwritten the cache by the time the privacy
+ * update returns, causing the rebuilt user to clobber the sibling's
+ * optimistic value.
  */
-export declare const useUpdateAccountSettings: () => import("@tanstack/react-query").UseMutationResult<any, Error, Record<string, any>, {
-    previousUser: User | undefined;
-}>;
+interface UpdateAccountSettingsVariables {
+    updates: Partial<PrivacySettings>;
+    currentUser: User;
+}
+/**
+ * Update account settings (privacy preferences).
+ *
+ * Privacy settings are not part of the `PUT /users/me` allow-list; the API
+ * would silently drop them. Route through `updatePrivacySettings` so the
+ * dedicated `PATCH /privacy/:id/privacy` endpoint performs a dot-path merge
+ * and returns the updated `privacySettings` object.
+ *
+ * The returned object exposes the standard mutation surface PLUS a
+ * convenience `mutate(updates)` / `mutateAsync(updates)` that snapshots
+ * the current user from `useWebOxy()` at dispatch time.
+ */
+export declare const useUpdateAccountSettings: () => {
+    mutate: (updates: Partial<PrivacySettings>) => void;
+    mutateAsync: (updates: Partial<PrivacySettings>) => Promise<User>;
+    data: undefined;
+    variables: undefined;
+    error: null;
+    isError: false;
+    isIdle: true;
+    isPending: false;
+    isSuccess: false;
+    status: "idle";
+    reset: () => void;
+    context: {
+        previousUser: User | undefined;
+    } | undefined;
+    failureCount: number;
+    failureReason: Error | null;
+    isPaused: boolean;
+    submittedAt: number;
+} | {
+    mutate: (updates: Partial<PrivacySettings>) => void;
+    mutateAsync: (updates: Partial<PrivacySettings>) => Promise<User>;
+    data: undefined;
+    variables: UpdateAccountSettingsVariables;
+    error: null;
+    isError: false;
+    isIdle: false;
+    isPending: true;
+    isSuccess: false;
+    status: "pending";
+    reset: () => void;
+    context: {
+        previousUser: User | undefined;
+    } | undefined;
+    failureCount: number;
+    failureReason: Error | null;
+    isPaused: boolean;
+    submittedAt: number;
+} | {
+    mutate: (updates: Partial<PrivacySettings>) => void;
+    mutateAsync: (updates: Partial<PrivacySettings>) => Promise<User>;
+    data: undefined;
+    error: Error;
+    variables: UpdateAccountSettingsVariables;
+    isError: true;
+    isIdle: false;
+    isPending: false;
+    isSuccess: false;
+    status: "error";
+    reset: () => void;
+    context: {
+        previousUser: User | undefined;
+    } | undefined;
+    failureCount: number;
+    failureReason: Error | null;
+    isPaused: boolean;
+    submittedAt: number;
+} | {
+    mutate: (updates: Partial<PrivacySettings>) => void;
+    mutateAsync: (updates: Partial<PrivacySettings>) => Promise<User>;
+    data: {
+        privacySettings: PrivacySettings;
+        id: string;
+        publicKey: string;
+        username: string;
+        email?: string;
+        avatar?: string;
+        color?: string;
+        name?: {
+            first?: string;
+            last?: string;
+            full?: string;
+            [key: string]: unknown;
+        };
+        bio?: string;
+        karma?: number;
+        location?: string;
+        website?: string;
+        createdAt?: string;
+        updatedAt?: string;
+        links?: Array<{
+            title?: string;
+            description?: string;
+            image?: string;
+            link: string;
+        }>;
+        _count?: {
+            followers?: number;
+            following?: number;
+        };
+        accountExpiresAfterInactivityDays?: number | null;
+        type?: "local" | "federated" | "agent" | "automated";
+        isFederated?: boolean;
+        isAgent?: boolean;
+        isAutomated?: boolean;
+        instance?: string;
+        federation?: {
+            actorUri?: string;
+            domain?: string;
+            actorId?: string;
+        };
+        automation?: {
+            ownerId?: string;
+        };
+        isManagedAccount?: boolean;
+        managedBy?: string;
+    };
+    error: null;
+    variables: UpdateAccountSettingsVariables;
+    isError: false;
+    isIdle: false;
+    isPending: false;
+    isSuccess: true;
+    status: "success";
+    reset: () => void;
+    context: {
+        previousUser: User | undefined;
+    } | undefined;
+    failureCount: number;
+    failureReason: Error | null;
+    isPaused: boolean;
+    submittedAt: number;
+};
 /**
  * Update privacy settings with optimistic updates and authentication handling
  */
-export declare const useUpdatePrivacySettings: () => import("@tanstack/react-query").UseMutationResult<Record<string, unknown>, Error, {
-    settings: Record<string, any>;
+export declare const useUpdatePrivacySettings: () => import("@tanstack/react-query").UseMutationResult<PrivacySettings, Error, {
+    settings: Partial<PrivacySettings>;
     userId?: string;
 }, {
-    previousPrivacySettings: unknown;
+    previousPrivacySettings: PrivacySettings | undefined;
     previousUser: User | undefined;
 } | undefined>;
 /** Uploaded file data structure from API */
@@ -57,7 +201,7 @@ interface UploadResult {
 export declare const useUploadFile: () => import("@tanstack/react-query").UseMutationResult<UploadResult, Error, {
     file: File;
     visibility?: "private" | "public" | "unlisted";
-    metadata?: Record<string, any>;
+    metadata?: Record<string, unknown>;
     onProgress?: (progress: number) => void;
 }, unknown>;
 export {};

package/dist/types/hooks/mutations/useAppData.d.ts

@@ -0,0 +1,47 @@
+/**
+ * App-Data Mutation Hooks
+ *
+ * Write side of the per-user JSON KV store. Both `useSetAppData` and
+ * `useDeleteAppData` apply optimistic updates against the two query keys
+ * that observe this data (`appDataQueryKeys.value` and the surrounding
+ * `appDataQueryKeys.namespace`) and roll back on error.
+ *
+ * When the underlying request fails because the endpoint isn't reachable
+ * (404 / network), the mutation still surfaces the error — write attempts
+ * are user-initiated and the caller may want to retry or fall back to
+ * local persistence. Reads are silent about missing endpoints; writes are
+ * not.
+ */
+interface SetAppDataVariables<T> {
+    namespace: string;
+    key: string;
+    value: T;
+}
+interface SetAppDataContext<T> {
+    previousValue: T | null | undefined;
+    previousNamespace: Record<string, T> | undefined;
+}
+/**
+ * Upsert a per-user JSON value. Returns the value the server confirmed it
+ * stored — typically identical to the input but consumers should prefer the
+ * returned value (the server is the source of truth).
+ *
+ * Applies optimistic updates against both the single-value query key and
+ * the surrounding namespace query key, then rolls back on error.
+ */
+export declare const useSetAppData: <T = unknown>() => import("@tanstack/react-query").UseMutationResult<T, Error, SetAppDataVariables<T>, SetAppDataContext<T>>;
+interface DeleteAppDataVariables {
+    namespace: string;
+    key: string;
+}
+interface DeleteAppDataContext<T> {
+    previousValue: T | null | undefined;
+    previousNamespace: Record<string, T> | undefined;
+}
+/**
+ * Delete a per-user JSON value. Optimistically removes the entry from the
+ * single-value cache and from the surrounding namespace map, then rolls back
+ * on error.
+ */
+export declare const useDeleteAppData: <T = unknown>() => import("@tanstack/react-query").UseMutationResult<void, Error, DeleteAppDataVariables, DeleteAppDataContext<T>>;
+export {};

package/dist/types/hooks/queries/appDataQueryKeys.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Query keys + error utilities for `useAppData` hooks.
+ *
+ * Lives next to the hook file so consumers can import the keys directly
+ * when they need to imperatively invalidate a value (e.g. after a non-React
+ * write through `oxyServices.setAppData`).
+ */
+export declare const appDataQueryKeys: {
+    readonly all: readonly ["appData"];
+    readonly namespaces: () => readonly ["appData", "namespace"];
+    readonly namespace: (namespace: string) => readonly ["appData", "namespace", string];
+    readonly values: () => readonly ["appData", "value"];
+    readonly value: (namespace: string, key: string) => readonly ["appData", "value", string, string];
+};
+/**
+ * True when `error` indicates the app-data endpoint isn't reachable — either
+ * because the API deployment doesn't have it yet (404) or there's a network
+ * failure with no response. We treat these as "no value stored" so consumers
+ * fall back to local persistence without surfacing a user-facing error.
+ *
+ * Anything else (401, 403, 500) propagates normally — those are real bugs
+ * the auth or retry pipeline needs to see.
+ */
+export declare function isMissingAppDataEndpointError(error: unknown): boolean;

package/dist/types/hooks/queries/index.d.ts

@@ -8,3 +8,5 @@ export { useUserProfile, useUserProfiles, useCurrentUser, useUserById, useUserBy
 export { useSessions, useSession, useDeviceSessions, useUserDevices, useSecurityInfo, } from './useServicesQueries';
 export { useSecurityActivity, useRecentSecurityActivity, } from './useSecurityQueries';
 export { queryKeys, invalidateAccountQueries, invalidateUserQueries, invalidateSessionQueries } from './queryKeys';
+export { useAppData, useAppDataNamespace } from './useAppData';
+export { appDataQueryKeys, isMissingAppDataEndpointError } from './appDataQueryKeys';

package/dist/types/hooks/queries/useAccountQueries.d.ts

@@ -1,42 +1,46 @@
+import type { User } from '@oxyhq/core';
 /**
  * Get user profile by session ID
  */
 export declare const useUserProfile: (sessionId: string | null, options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<any, Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<User>, Error>;
 /**
  * Get multiple user profiles by session IDs (batch query)
  */
 export declare const useUserProfiles: (sessionIds: string[], options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<any, Error>[];
+}) => import("@tanstack/react-query").UseQueryResult<User | null, Error>[];
 /**
  * Get current authenticated user
  */
 export declare const useCurrentUser: (options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<any, Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<User>, Error>;
 /**
  * Get user by ID
  */
 export declare const useUserById: (userId: string | null, options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<any, Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<User>, Error>;
 /**
  * Get user profile by username
  */
 export declare const useUserByUsername: (username: string | null, options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<any, Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<User>, Error>;
 /**
  * Batch get users by session IDs (optimized single API call)
  */
 export declare const useUsersBySessions: (sessionIds: string[], options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<any, Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<{
+    sessionId: string;
+    user: User | null;
+}[]>, Error>;
 /**
  * Get privacy settings for a user
  */
 export declare const usePrivacySettings: (userId?: string, options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<unknown, Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<import("@oxyhq/core").PrivacySettings>, Error>;

package/dist/types/hooks/queries/useAppData.d.ts

@@ -0,0 +1,46 @@
+/**
+ * App-Data Query Hooks
+ *
+ * Read side of the `/users/me/app-data/...` per-user JSON KV store. Gated on
+ * `isAuthenticated` — when signed out the query stays `enabled: false` and
+ * `data` is `null`, so consumers can fall back to localStorage without ever
+ * issuing a doomed request.
+ *
+ * Errors from the network (404 because the endpoint isn't deployed yet,
+ * 401 because the session lapsed, etc.) are not user-facing here. Hooks
+ * return `data: null` on error so the calling component renders the
+ * "nothing yet" state and the consuming app can quietly fall back to local
+ * persistence. Mutations still propagate errors so write attempts surface
+ * a toast — only reads are silent.
+ */
+import { type UseQueryResult } from '@tanstack/react-query';
+interface AppDataQueryOptions {
+    /** Disable the query without unmounting the component. */
+    enabled?: boolean;
+    /** Override the default 1-minute stale time. */
+    staleTime?: number;
+    /** Override the default 30-minute gc time. */
+    gcTime?: number;
+}
+/**
+ * Read a single per-user JSON value.
+ *
+ * @param namespace - kebab/snake-case identifier (e.g. `"academy"`).
+ * @param key       - kebab/snake-case identifier (e.g. course slug).
+ * @param options   - optional `enabled`/`staleTime`/`gcTime` overrides.
+ *
+ * @returns A `useQuery` result with `data` of type `T | null`. The query
+ *   stays disabled when the user is signed out; when enabled but the server
+ *   has no stored value, `data` is `null`. Reads that fail because the
+ *   endpoint isn't reachable also resolve to `null` so the consumer can
+ *   fall back to local persistence.
+ */
+export declare const useAppData: <T = unknown>(namespace: string, key: string, options?: AppDataQueryOptions) => UseQueryResult<T | null, Error>;
+/**
+ * Read every value in a namespace.
+ *
+ * @returns A `useQuery` result with `data` as a `Record<string, T>`. Empty
+ *   object when the namespace contains nothing (or when fetching failed).
+ */
+export declare const useAppDataNamespace: <T = unknown>(namespace: string, options?: AppDataQueryOptions) => UseQueryResult<Record<string, T>, Error>;
+export {};

package/dist/types/hooks/queries/useSecurityQueries.d.ts

@@ -7,8 +7,8 @@ export declare const useSecurityActivity: (options?: {
     offset?: number;
     eventType?: SecurityEventType;
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<any, Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<import("@oxyhq/core").SecurityActivityResponse>, Error>;
 /**
  * Get recent security activity (convenience hook)
  */
-export declare const useRecentSecurityActivity: (limit?: number) => import("@tanstack/react-query").UseQueryResult<SecurityActivity[], Error>;
+export declare const useRecentSecurityActivity: (limit?: number) => import("@tanstack/react-query").UseQueryResult<NoInfer<SecurityActivity[]>, Error>;

package/dist/types/hooks/queries/useServicesQueries.d.ts

@@ -4,28 +4,30 @@ import type { ClientSession } from '@oxyhq/core';
  */
 export declare const useSessions: (userId?: string, options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<ClientSession[], Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<ClientSession[]>, Error>;
 /**
  * Get specific session by ID
  */
 export declare const useSession: (sessionId: string | null, options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<ClientSession, Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<ClientSession>, Error>;
 /**
  * Get device sessions for the current active session
  */
 export declare const useDeviceSessions: (options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<any, Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<any[]>, Error>;
 /**
  * Get user devices
  */
 export declare const useUserDevices: (options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<unknown, Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<any[]>, Error>;
 /**
  * Get security information
  */
 export declare const useSecurityInfo: (options?: {
     enabled?: boolean;
-}) => import("@tanstack/react-query").UseQueryResult<any, Error>;
+}) => import("@tanstack/react-query").UseQueryResult<NoInfer<{
+    recoveryEmail: string | null;
+}>, Error>;

package/dist/types/hooks/queryClient.d.ts

@@ -1,18 +1,32 @@
-import { QueryClient } from '@tanstack/react-query';
-import type { StorageInterface } from '../utils/storageHelpers';
 /**
- * Custom persistence adapter for TanStack Query using our StorageInterface
+ * Web QueryClient with offline-first defaults + localStorage persistence.
+ *
+ * Mirrors the persistence behaviour in `@oxyhq/services/queryClient` so
+ * web auth apps (FedCM, popup, redirect flows) survive a page reload with
+ * cached identity + paused mutations intact.
+ *
+ * Persistence is opt-in via `attachQueryPersistence(...)` so SSR callers
+ * (Next.js getServerSideProps, Vite SSR, tests) can create a stateless
+ * client without touching `window`.
  */
+import { QueryClient } from '@tanstack/react-query';
+import { type PersistedClient } from '@tanstack/react-query-persist-client';
+import type { StorageInterface } from '../utils/storageHelpers';
 export declare const createPersistenceAdapter: (storage: StorageInterface) => {
-    persistClient: (client: any) => Promise<void>;
-    restoreClient: () => Promise<any>;
+    persistClient: (client: unknown) => Promise<void>;
+    restoreClient: () => Promise<unknown>;
     removeClient: () => Promise<void>;
 };
+export declare const createQueryClient: () => QueryClient;
+export interface AttachPersistenceResult {
+    restored: Promise<void>;
+    unsubscribe: () => void;
+}
 /**
- * Create a QueryClient with offline-first configuration
- */
-export declare const createQueryClient: (storage?: StorageInterface | null) => QueryClient;
-/**
- * Clear persisted query cache
+ * Wire `persistQueryClient` to browser `localStorage` (or a no-op when not
+ * in a browser). Returns the restore promise so consumers can `await` it
+ * before exposing the client to <Suspense> boundaries.
  */
+export declare const attachQueryPersistence: (queryClient: QueryClient) => AttachPersistenceResult;
 export declare const clearQueryCache: (storage: StorageInterface) => Promise<void>;
+export type { PersistedClient };

package/dist/types/hooks/useAssets.d.ts

@@ -24,7 +24,7 @@ export declare const useAssets: () => {
     getAsset: (assetId: string) => Promise<Asset>;
     deleteAsset: (assetId: string, force?: boolean) => Promise<void>;
     restore: (assetId: string) => Promise<void>;
-    getVariants: (assetId: string) => Promise<any>;
+    getVariants: (assetId: string) => Promise<import("@oxyhq/core").AssetVariant[]>;
     getAssetsByApp: (app: string) => Asset[];
     getAssetsByEntity: (app: string, entityType: string, entityId: string) => Asset[];
     getAssetUsageCount: (assetId: string) => number;

package/dist/types/hooks/useFileDownloadUrl.d.ts

@@ -1,5 +1,4 @@
-import { OxyServices } from '@oxyhq/core';
-export declare const setOxyFileUrlInstance: (instance: OxyServices) => void;
+import type { OxyServices } from '@oxyhq/core';
 export interface UseFileDownloadUrlOptions {
     variant?: string;
     expiresIn?: number;
@@ -12,10 +11,7 @@ export interface UseFileDownloadUrlResult {
 /**
  * Hook to resolve a file's download URL asynchronously.
  *
- * Prefers the provided `oxyServices` instance, falls back to the module-level
- * singleton set via `setOxyFileUrlInstance`.
- *
  * Uses `getFileDownloadUrlAsync` first, falling back to the synchronous
  * `getFileDownloadUrl` if the async call fails.
  */
-export declare const useFileDownloadUrl: (fileIdOrServices?: string | OxyServices | null, fileIdOrOptions?: string | UseFileDownloadUrlOptions | null, maybeOptions?: UseFileDownloadUrlOptions) => UseFileDownloadUrlResult;
+export declare const useFileDownloadUrl: (oxyServices: OxyServices | null | undefined, fileId: string | null | undefined, options?: UseFileDownloadUrlOptions) => UseFileDownloadUrlResult;

package/dist/types/index.d.ts

@@ -29,15 +29,15 @@ export { useAssetStore, useAssets as useAssetsStore, useAsset, useUploadProgress
 export { useAccountStore, useAccounts, useAccountLoading, useAccountError, useAccountLoadingSession, } from './stores/accountStore';
 export type { QuickAccount } from './stores/accountStore';
 export { useFollowStore, } from './stores/followStore';
-export { useUserProfile, useUserProfiles, useCurrentUser, useUserById, useUserByUsername, useUsersBySessions, usePrivacySettings, useSessions, useSession, useDeviceSessions, useUserDevices, useSecurityInfo, useSecurityActivity, useRecentSecurityActivity, } from './hooks/queries';
-export { useUpdateProfile, useUploadAvatar, useUpdateAccountSettings, useUpdatePrivacySettings, useUploadFile, useSwitchSession, useLogoutSession, useLogoutAll, useUpdateDeviceName, useRemoveDevice, } from './hooks/mutations';
+export { useUserProfile, useUserProfiles, useCurrentUser, useUserById, useUserByUsername, useUsersBySessions, usePrivacySettings, useSessions, useSession, useDeviceSessions, useUserDevices, useSecurityInfo, useSecurityActivity, useRecentSecurityActivity, useAppData, useAppDataNamespace, appDataQueryKeys, isMissingAppDataEndpointError, } from './hooks/queries';
+export { useUpdateProfile, useUploadAvatar, useUpdateAccountSettings, useUpdatePrivacySettings, useUploadFile, useSwitchSession, useLogoutSession, useLogoutAll, useUpdateDeviceName, useRemoveDevice, useSetAppData, useDeleteAppData, } from './hooks/mutations';
 export { createProfileMutation, createGenericMutation, } from './hooks/mutations/mutationFactory';
 export type { ProfileMutationConfig, GenericMutationConfig, } from './hooks/mutations/mutationFactory';
 export { useWebSSO, isWebBrowser } from './hooks/useWebSSO';
 export { useSessionSocket } from './hooks/useSessionSocket';
 export type { UseSessionSocketOptions } from './hooks/useSessionSocket';
 export { useAssets, setOxyAssetInstance } from './hooks/useAssets';
-export { useFileDownloadUrl, setOxyFileUrlInstance } from './hooks/useFileDownloadUrl';
+export { useFileDownloadUrl } from './hooks/useFileDownloadUrl';
 export { useFollow, useFollowerCounts } from './hooks/useFollow';
 export { useFileFiltering } from './hooks/useFileFiltering';
 export type { ViewMode, SortBy, SortOrder } from './hooks/useFileFiltering';

package/dist/types/utils/sessionHelpers.d.ts

@@ -45,7 +45,9 @@ export interface SessionValidationResult {
  */
 export declare const mapSessionsToClient: (sessions: DeviceSession[], fallbackDeviceId?: string, fallbackUserId?: string) => ClientSession[];
 /**
- * Fetch device sessions with fallback to the legacy session endpoint when needed.
+ * Fetch device sessions, falling back to the per-user session endpoint
+ * if the device endpoint is unavailable (older API versions or disabled
+ * device-grouping feature flag).
  *
  * @param oxyServices - Oxy service instance
  * @param sessionId - Session identifier to fetch

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@oxyhq/auth",
-  "version": "2.0.4",
+  "version": "2.0.6",
   "description": "OxyHQ Web Authentication SDK — headless auth with React hooks for Next.js, Vite, and web apps",
   "main": "dist/cjs/index.js",
   "module": "dist/esm/index.js",
@@ -50,10 +50,28 @@
     "build:types": "tsc -p tsconfig.types.json",
     "clean": "rm -rf dist",
     "typescript": "tsc --noEmit",
-    "lint": "biome lint --error-on-warnings ./src"
+    "lint": "biome lint --error-on-warnings ./src",
+    "test": "jest --passWithNoTests",
+    "release": "rm -rf dist && bun run build && release-it"
+  },
+  "release-it": {
+    "git": {
+      "tagName": "@oxyhq/auth@${version}",
+      "tagAnnotation": "Release @oxyhq/auth@${version}",
+      "commitMessage": "chore(auth-sdk): release @oxyhq/auth@${version}"
+    },
+    "github": {
+      "release": true,
+      "releaseName": "@oxyhq/auth@${version}"
+    },
+    "npm": {
+      "publish": true
+    }
   },
   "dependencies": {
-    "@tanstack/react-query": "^5.90.20",
+    "@tanstack/query-sync-storage-persister": "^5.100",
+    "@tanstack/react-query": "^5.100",
+    "@tanstack/react-query-persist-client": "^5.100",
     "sonner": "^2.0.4",
     "zustand": "^5.0.9"
   },
@@ -71,6 +89,7 @@
     "@biomejs/biome": "^1.9.4",
     "@types/react": "^19.2.0",
     "@types/node": "^20.19.9",
+    "release-it": "^19.0.6",
     "typescript": "^5.9.2"
   }
 }

package/src/WebOxyProvider.tsx

@@ -28,7 +28,7 @@ import type {
   ClientSession,
 } from '@oxyhq/core';
 import { QueryClientProvider } from '@tanstack/react-query';
-import { createQueryClient } from './hooks/queryClient';
+import { attachQueryPersistence, createQueryClient } from './hooks/queryClient';
 
 export interface WebAuthState {
   user: User | null;
@@ -101,6 +101,29 @@ export function WebOxyProvider({
   const [authManager] = useState(() => createAuthManager(oxyServices, { autoRefresh: true }));
   const [queryClient] = useState(() => createQueryClient());
 
+  // Block first render until the persisted localStorage cache has been
+  // restored — mirrors the RN OxyProvider pattern. Without this gate the
+  // first paint observes an empty cache and any consumer reading
+  // `getQueryData(...)` synchronously (or using `placeholderData: 'previous'`
+  // gating) misses the persisted blob.
+  //
+  // Persistence is attached inside the same effect so we can hold a
+  // reference to the `restored` promise and only flip `isRestoring` to
+  // false once it settles (success OR failure). Detach on unmount so HMR
+  // doesn't leak subscriptions.
+  const [isRestoring, setIsRestoring] = useState(true);
+  useEffect(() => {
+    let mounted = true;
+    const { restored, unsubscribe } = attachQueryPersistence(queryClient);
+    restored.finally(() => {
+      if (mounted) setIsRestoring(false);
+    });
+    return () => {
+      mounted = false;
+      unsubscribe();
+    };
+  }, [queryClient]);
+
   // Auth state
   const [user, setUser] = useState<User | null>(null);
   const [isLoading, setIsLoading] = useState(!skipAutoCheck);
@@ -334,6 +357,21 @@ export function WebOxyProvider({
     signOut, isFedCMSupported, switchSession, clearSessionState,
   ]);
 
+  // Mirror the RN OxyProvider pattern: don't expose the QueryClient (or
+  // mount children) until the persisted cache has been restored. On the
+  // web this prevents the first paint from observing an empty
+  // localStorage-backed cache, which would otherwise force every
+  // identity/session/auth query to refetch from the network even when a
+  // fresh blob was available on disk.
+  //
+  // The restored promise is wired with `.finally(...)` upstream, so this
+  // unblocks on both success and failure within typically <50ms (sync
+  // localStorage read + JSON.parse). A safety net is unnecessary: the
+  // restore promise always settles synchronously after one microtask.
+  if (isRestoring) {
+    return null;
+  }
+
   return (
     <QueryClientProvider client={queryClient}>
       <WebOxyContext.Provider value={contextValue}>

package/src/hooks/mutations/index.ts

@@ -23,3 +23,6 @@ export {
   useRemoveDevice,
 } from './useServicesMutations';
 
+// App-data KV store mutation hooks
+export { useSetAppData, useDeleteAppData } from './useAppData';
+