@oxyhq/auth 2.0.5 → 2.0.6

package/dist/esm/hooks/mutations/index.js

@@ -8,3 +8,5 @@
 export { useUpdateProfile, useUploadAvatar, useUpdateAccountSettings, useUpdatePrivacySettings, useUploadFile, } from './useAccountMutations';
 // Service mutation hooks (sessions, devices)
 export { useSwitchSession, useLogoutSession, useLogoutAll, useUpdateDeviceName, useRemoveDevice, } from './useServicesMutations';
+// App-data KV store mutation hooks
+export { useSetAppData, useDeleteAppData } from './useAppData';

package/dist/esm/hooks/mutations/useAppData.js

@@ -0,0 +1,128 @@
+/**
+ * App-Data Mutation Hooks
+ *
+ * Write side of the per-user JSON KV store. Both `useSetAppData` and
+ * `useDeleteAppData` apply optimistic updates against the two query keys
+ * that observe this data (`appDataQueryKeys.value` and the surrounding
+ * `appDataQueryKeys.namespace`) and roll back on error.
+ *
+ * When the underlying request fails because the endpoint isn't reachable
+ * (404 / network), the mutation still surfaces the error — write attempts
+ * are user-initiated and the caller may want to retry or fall back to
+ * local persistence. Reads are silent about missing endpoints; writes are
+ * not.
+ */
+import { useMutation, useQueryClient } from '@tanstack/react-query';
+import { authenticatedApiCall } from '@oxyhq/core';
+import { useWebOxy } from '../../WebOxyProvider';
+import { appDataQueryKeys } from '../queries/appDataQueryKeys';
+/**
+ * Upsert a per-user JSON value. Returns the value the server confirmed it
+ * stored — typically identical to the input but consumers should prefer the
+ * returned value (the server is the source of truth).
+ *
+ * Applies optimistic updates against both the single-value query key and
+ * the surrounding namespace query key, then rolls back on error.
+ */
+export const useSetAppData = () => {
+    const { oxyServices, activeSessionId } = useWebOxy();
+    const queryClient = useQueryClient();
+    return useMutation({
+        mutationKey: ['appData', 'set'],
+        mutationFn: async ({ namespace, key, value }) => {
+            return authenticatedApiCall(oxyServices, activeSessionId, () => oxyServices.setAppData(namespace, key, value));
+        },
+        onMutate: async ({ namespace, key, value }) => {
+            const valueKey = appDataQueryKeys.value(namespace, key);
+            const namespaceKey = appDataQueryKeys.namespace(namespace);
+            await Promise.all([
+                queryClient.cancelQueries({ queryKey: valueKey }),
+                queryClient.cancelQueries({ queryKey: namespaceKey }),
+            ]);
+            const previousValue = queryClient.getQueryData(valueKey);
+            const previousNamespace = queryClient.getQueryData(namespaceKey);
+            queryClient.setQueryData(valueKey, value);
+            if (previousNamespace) {
+                queryClient.setQueryData(namespaceKey, {
+                    ...previousNamespace,
+                    [key]: value,
+                });
+            }
+            return { previousValue, previousNamespace };
+        },
+        onError: (_error, { namespace, key }, context) => {
+            if (!context)
+                return;
+            const valueKey = appDataQueryKeys.value(namespace, key);
+            const namespaceKey = appDataQueryKeys.namespace(namespace);
+            // Restore exactly the snapshots we captured in onMutate. Don't merge
+            // with whatever's currently in the cache — that could splice in writes
+            // from concurrent mutations and undo their state.
+            queryClient.setQueryData(valueKey, context.previousValue ?? null);
+            if (context.previousNamespace !== undefined) {
+                queryClient.setQueryData(namespaceKey, context.previousNamespace);
+            }
+        },
+        onSuccess: (data, { namespace, key }) => {
+            const valueKey = appDataQueryKeys.value(namespace, key);
+            const namespaceKey = appDataQueryKeys.namespace(namespace);
+            queryClient.setQueryData(valueKey, data);
+            const existingNamespace = queryClient.getQueryData(namespaceKey);
+            if (existingNamespace) {
+                queryClient.setQueryData(namespaceKey, {
+                    ...existingNamespace,
+                    [key]: data,
+                });
+            }
+        },
+    });
+};
+/**
+ * Delete a per-user JSON value. Optimistically removes the entry from the
+ * single-value cache and from the surrounding namespace map, then rolls back
+ * on error.
+ */
+export const useDeleteAppData = () => {
+    const { oxyServices, activeSessionId } = useWebOxy();
+    const queryClient = useQueryClient();
+    return useMutation({
+        mutationKey: ['appData', 'delete'],
+        mutationFn: async ({ namespace, key }) => {
+            await authenticatedApiCall(oxyServices, activeSessionId, () => oxyServices.deleteAppData(namespace, key));
+        },
+        onMutate: async ({ namespace, key }) => {
+            const valueKey = appDataQueryKeys.value(namespace, key);
+            const namespaceKey = appDataQueryKeys.namespace(namespace);
+            await Promise.all([
+                queryClient.cancelQueries({ queryKey: valueKey }),
+                queryClient.cancelQueries({ queryKey: namespaceKey }),
+            ]);
+            const previousValue = queryClient.getQueryData(valueKey);
+            const previousNamespace = queryClient.getQueryData(namespaceKey);
+            queryClient.setQueryData(valueKey, null);
+            if (previousNamespace && key in previousNamespace) {
+                const next = { ...previousNamespace };
+                delete next[key];
+                queryClient.setQueryData(namespaceKey, next);
+            }
+            return { previousValue, previousNamespace };
+        },
+        onError: (_error, { namespace, key }, context) => {
+            if (!context)
+                return;
+            const valueKey = appDataQueryKeys.value(namespace, key);
+            const namespaceKey = appDataQueryKeys.namespace(namespace);
+            queryClient.setQueryData(valueKey, context.previousValue ?? null);
+            if (context.previousNamespace !== undefined) {
+                queryClient.setQueryData(namespaceKey, context.previousNamespace);
+            }
+        },
+        onSuccess: (_data, { namespace, key }) => {
+            queryClient.setQueryData(appDataQueryKeys.value(namespace, key), null);
+            // Confirm the value is gone from the namespace cache too. If the
+            // optimistic update wasn't applied (e.g. cache was empty), this is a
+            // no-op; if it was, we already removed it in onMutate, so this is also
+            // a no-op. The work happens in onMutate — onSuccess is the commit point.
+        },
+    });
+};

package/dist/esm/hooks/queries/appDataQueryKeys.js

@@ -0,0 +1,42 @@
+/**
+ * Query keys + error utilities for `useAppData` hooks.
+ *
+ * Lives next to the hook file so consumers can import the keys directly
+ * when they need to imperatively invalidate a value (e.g. after a non-React
+ * write through `oxyServices.setAppData`).
+ */
+export const appDataQueryKeys = {
+    all: ['appData'],
+    namespaces: () => [...appDataQueryKeys.all, 'namespace'],
+    namespace: (namespace) => [...appDataQueryKeys.namespaces(), namespace],
+    values: () => [...appDataQueryKeys.all, 'value'],
+    value: (namespace, key) => [...appDataQueryKeys.values(), namespace, key],
+};
+/**
+ * True when `error` indicates the app-data endpoint isn't reachable — either
+ * because the API deployment doesn't have it yet (404) or there's a network
+ * failure with no response. We treat these as "no value stored" so consumers
+ * fall back to local persistence without surfacing a user-facing error.
+ *
+ * Anything else (401, 403, 500) propagates normally — those are real bugs
+ * the auth or retry pipeline needs to see.
+ */
+export function isMissingAppDataEndpointError(error) {
+    if (!error || typeof error !== 'object') {
+        return false;
+    }
+    const candidate = error;
+    const status = candidate.status ?? candidate.statusCode ?? candidate.response?.status;
+    // 404: endpoint not deployed on this API instance yet.
+    if (status === 404)
+        return true;
+    // Network errors: no response received at all. Common during local dev
+    // when the API server is down, or when offline.
+    if (candidate.code === 'NETWORK_ERROR')
+        return true;
+    const message = typeof candidate.message === 'string' ? candidate.message : '';
+    if (message.includes('Network Error') || message.includes('Failed to fetch')) {
+        return true;
+    }
+    return false;
+}

package/dist/esm/hooks/queries/index.js

@@ -12,3 +12,6 @@ export { useSessions, useSession, useDeviceSessions, useUserDevices, useSecurity
 export { useSecurityActivity, useRecentSecurityActivity, } from './useSecurityQueries';
 // Query keys and invalidation helpers (for advanced usage)
 export { queryKeys, invalidateAccountQueries, invalidateUserQueries, invalidateSessionQueries } from './queryKeys';
+// App-data KV store query hooks
+export { useAppData, useAppDataNamespace } from './useAppData';
+export { appDataQueryKeys, isMissingAppDataEndpointError } from './appDataQueryKeys';

package/dist/esm/hooks/queries/useAppData.js

@@ -0,0 +1,82 @@
+/**
+ * App-Data Query Hooks
+ *
+ * Read side of the `/users/me/app-data/...` per-user JSON KV store. Gated on
+ * `isAuthenticated` — when signed out the query stays `enabled: false` and
+ * `data` is `null`, so consumers can fall back to localStorage without ever
+ * issuing a doomed request.
+ *
+ * Errors from the network (404 because the endpoint isn't deployed yet,
+ * 401 because the session lapsed, etc.) are not user-facing here. Hooks
+ * return `data: null` on error so the calling component renders the
+ * "nothing yet" state and the consuming app can quietly fall back to local
+ * persistence. Mutations still propagate errors so write attempts surface
+ * a toast — only reads are silent.
+ */
+import { useQuery } from '@tanstack/react-query';
+import { authenticatedApiCall } from '@oxyhq/core';
+import { useWebOxy } from '../../WebOxyProvider';
+import { appDataQueryKeys, isMissingAppDataEndpointError } from './appDataQueryKeys';
+/**
+ * Read a single per-user JSON value.
+ *
+ * @param namespace - kebab/snake-case identifier (e.g. `"academy"`).
+ * @param key       - kebab/snake-case identifier (e.g. course slug).
+ * @param options   - optional `enabled`/`staleTime`/`gcTime` overrides.
+ *
+ * @returns A `useQuery` result with `data` of type `T | null`. The query
+ *   stays disabled when the user is signed out; when enabled but the server
+ *   has no stored value, `data` is `null`. Reads that fail because the
+ *   endpoint isn't reachable also resolve to `null` so the consumer can
+ *   fall back to local persistence.
+ */
+export const useAppData = (namespace, key, options) => {
+    const { oxyServices, activeSessionId, isAuthenticated } = useWebOxy();
+    return useQuery({
+        queryKey: appDataQueryKeys.value(namespace, key),
+        queryFn: async () => {
+            try {
+                return await authenticatedApiCall(oxyServices, activeSessionId, () => oxyServices.getAppData(namespace, key));
+            }
+            catch (error) {
+                // Endpoint not deployed yet, no network, etc. — return null so the
+                // consumer falls back to localStorage rather than rendering a broken
+                // UI state. Authentication errors still bubble up so the auth retry
+                // pipeline can surface them at the provider level.
+                if (isMissingAppDataEndpointError(error)) {
+                    return null;
+                }
+                throw error;
+            }
+        },
+        enabled: (options?.enabled !== false) && isAuthenticated,
+        staleTime: options?.staleTime ?? 60 * 1000,
+        gcTime: options?.gcTime ?? 30 * 60 * 1000,
+    });
+};
+/**
+ * Read every value in a namespace.
+ *
+ * @returns A `useQuery` result with `data` as a `Record<string, T>`. Empty
+ *   object when the namespace contains nothing (or when fetching failed).
+ */
+export const useAppDataNamespace = (namespace, options) => {
+    const { oxyServices, activeSessionId, isAuthenticated } = useWebOxy();
+    return useQuery({
+        queryKey: appDataQueryKeys.namespace(namespace),
+        queryFn: async () => {
+            try {
+                return await authenticatedApiCall(oxyServices, activeSessionId, () => oxyServices.listAppData(namespace));
+            }
+            catch (error) {
+                if (isMissingAppDataEndpointError(error)) {
+                    return {};
+                }
+                throw error;
+            }
+        },
+        enabled: (options?.enabled !== false) && isAuthenticated,
+        staleTime: options?.staleTime ?? 60 * 1000,
+        gcTime: options?.gcTime ?? 30 * 60 * 1000,
+    });
+};

package/dist/esm/index.js

@@ -30,9 +30,9 @@ export { useAssetStore, useAssets as useAssetsStore, useAsset, useUploadProgress
 export { useAccountStore, useAccounts, useAccountLoading, useAccountError, useAccountLoadingSession, } from './stores/accountStore';
 export { useFollowStore, } from './stores/followStore';
 // --- Query Hooks ---
-export { useUserProfile, useUserProfiles, useCurrentUser, useUserById, useUserByUsername, useUsersBySessions, usePrivacySettings, useSessions, useSession, useDeviceSessions, useUserDevices, useSecurityInfo, useSecurityActivity, useRecentSecurityActivity, } from './hooks/queries';
+export { useUserProfile, useUserProfiles, useCurrentUser, useUserById, useUserByUsername, useUsersBySessions, usePrivacySettings, useSessions, useSession, useDeviceSessions, useUserDevices, useSecurityInfo, useSecurityActivity, useRecentSecurityActivity, useAppData, useAppDataNamespace, appDataQueryKeys, isMissingAppDataEndpointError, } from './hooks/queries';
 // --- Mutation Hooks ---
-export { useUpdateProfile, useUploadAvatar, useUpdateAccountSettings, useUpdatePrivacySettings, useUploadFile, useSwitchSession, useLogoutSession, useLogoutAll, useUpdateDeviceName, useRemoveDevice, } from './hooks/mutations';
+export { useUpdateProfile, useUploadAvatar, useUpdateAccountSettings, useUpdatePrivacySettings, useUploadFile, useSwitchSession, useLogoutSession, useLogoutAll, useUpdateDeviceName, useRemoveDevice, useSetAppData, useDeleteAppData, } from './hooks/mutations';
 export { createProfileMutation, createGenericMutation, } from './hooks/mutations/mutationFactory';
 // --- Custom Hooks ---
 export { useWebSSO, isWebBrowser } from './hooks/useWebSSO';