npm - @oxyhq/core - Versions diffs - 3.4.16 → 3.4.18 - Mend

@oxyhq/core 3.4.16 → 3.4.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/dist/cjs/.tsbuildinfo +1 -1
package/dist/cjs/AuthManager.js +5 -0
package/dist/cjs/HttpService.js +4 -1
package/dist/cjs/mixins/OxyServices.auth.js +1 -1
package/dist/cjs/mixins/OxyServices.sso.js +2 -1
package/dist/cjs/mixins/OxyServices.user.js +1 -1
package/dist/cjs/utils/accountUtils.js +16 -11
package/dist/esm/.tsbuildinfo +1 -1
package/dist/esm/AuthManager.js +5 -0
package/dist/esm/HttpService.js +4 -1
package/dist/esm/mixins/OxyServices.auth.js +1 -1
package/dist/esm/mixins/OxyServices.sso.js +2 -1
package/dist/esm/mixins/OxyServices.user.js +1 -1
package/dist/esm/utils/accountUtils.js +16 -11
package/dist/types/.tsbuildinfo +1 -1
package/dist/types/mixins/OxyServices.user.d.ts +5 -8
package/dist/types/models/interfaces.d.ts +11 -12
package/dist/types/models/session.d.ts +2 -0
package/dist/types/utils/accountUtils.d.ts +10 -7
package/package.json +2 -2
package/src/AuthManager.ts +6 -1
package/src/HttpService.ts +4 -1
package/src/__tests__/httpServiceCsrf.test.ts +68 -0
package/src/mixins/OxyServices.auth.ts +1 -1
package/src/mixins/OxyServices.sso.ts +4 -1
package/src/mixins/OxyServices.user.ts +5 -4
package/src/models/interfaces.ts +11 -12
package/src/models/session.ts +3 -0
package/src/utils/__tests__/accountUtils.test.ts +3 -4
package/src/utils/accountUtils.ts +26 -15

package/dist/esm/AuthManager.js CHANGED Viewed

@@ -397,6 +397,7 @@ export class AuthManager {
                 user: {
                     id: session.user.id,
                     username: session.user.username,
+                    name: session.user.name,
                     avatar: session.user.avatar ?? null,
                 },
                 accessToken: session.accessToken,
@@ -628,6 +629,7 @@ export class AuthManager {
         return {
             id: account.user.id,
             username: account.user.username,
+            name: account.user.name,
             avatar: account.user.avatar ?? undefined,
         };
     }
@@ -672,6 +674,7 @@ export class AuthManager {
             this.currentUser = {
                 id: hydrated.id,
                 username: hydrated.username,
+                name: hydrated.name,
                 avatar: hydrated.avatar ?? undefined,
             };
             this.notifyListeners();
@@ -873,6 +876,7 @@ export class AuthManager {
             ? {
                 id: updated.user.id,
                 username: updated.user.username,
+                name: updated.user.name,
                 avatar: updated.user.avatar ?? undefined,
             }
             : null;
@@ -928,6 +932,7 @@ export class AuthManager {
                     ? {
                         id: next.user.id,
                         username: next.user.username,
+                        name: next.user.name,
                         avatar: next.user.avatar ?? undefined,
                     }
                     : null;

package/dist/esm/HttpService.js CHANGED Viewed

@@ -697,7 +697,10 @@ export class HttpService {
                 const refreshed = await this.refreshAccessToken('preflight');
                 if (refreshed)
                     return `Bearer ${refreshed}`;
-                // Refresh failed — don't use the expired token (would cause 401 loop)
+                if (decoded.exp > currentTime) {
+                    return `Bearer ${accessToken}`;
+                }
+                // Refresh failed — don't use an expired token (would cause 401 loop)
                 return null;
             }
             return `Bearer ${accessToken}`;

package/dist/esm/mixins/OxyServices.auth.js CHANGED Viewed

@@ -489,7 +489,7 @@ export function OxyServicesAuthMixin(Base) {
                     continue;
                 }
                 const userId = e.user.id ?? e.user._id;
-                if (!userId || !e.user.username) {
+                if (!userId || !e.user.username || !e.user.name?.displayName) {
                     continue;
                 }
                 if (typeof e.authuser !== 'number') {

package/dist/esm/mixins/OxyServices.sso.js CHANGED Viewed

@@ -111,12 +111,13 @@ export function OxyServicesSsoMixin(Base) {
                 throw this.handleError(new Error('SSO exchange returned no sessionId'));
             }
             const userId = payload.user?.id ?? payload.user?._id;
-            if (!userId || typeof payload.user?.username !== 'string') {
+            if (!userId || typeof payload.user?.username !== 'string' || typeof payload.user.name?.displayName !== 'string') {
                 throw this.handleError(new Error('SSO exchange returned an invalid user'));
             }
             const user = {
                 id: userId,
                 username: payload.user.username,
+                name: payload.user.name,
                 avatar: payload.user.avatar,
             };
             // Plant the access token exactly like exchangeIdTokenForSession does.

package/dist/esm/mixins/OxyServices.user.js CHANGED Viewed

@@ -24,7 +24,7 @@ export function OxyServicesUserMixin(Base) {
         }
         /**
          * Lightweight username lookup for login flows.
-         * Returns minimal public info: exists, color, avatar, displayName.
+         * Returns minimal public info: exists, color, avatar, name.displayName.
          * Faster than getProfileByUsername — no stats, no formatting.
          */
         async lookupUsername(username) {

package/dist/esm/utils/accountUtils.js CHANGED Viewed

@@ -17,12 +17,13 @@ export const formatPublicKeyHandle = (publicKey) => {
  * Resolve a friendly display name for a user.
  *
  * Order of preference:
- *  1. `displayName` from the API contract.
+ *  1. `name.displayName` from the API user contract.
  *  2. `name.full`, or composed `name.first name.last` for local unsaved shapes.
- *  3. `name` when stored as a plain string.
- *  4. `username`
- *  5. `Account 0x12345678…` (derived from publicKey, when present)
- *  6. Translated fallback (e.g. "Unnamed")
+ *  3. `name` when passed as a plain string by local non-DTO call sites.
+ *  4. pre-normalized account-row `displayName`.
+ *  5. `username`
+ *  6. `Account 0x12345678…` (derived from publicKey, when present)
+ *  7. Translated fallback (e.g. "Unnamed")
  *
  * The translation key `common.unnamed` is used for the final fallback. If the
  * caller does not pass a locale, the default English translation is used.
@@ -31,9 +32,10 @@ export const getAccountDisplayName = (user, locale) => {
     if (!user)
         return translate(locale, 'common.unnamed');
     const { name, displayName, username, publicKey } = user;
-    if (typeof displayName === 'string' && displayName.trim())
-        return displayName.trim();
     if (name && typeof name === 'object') {
+        if (typeof name.displayName === 'string' && name.displayName.trim()) {
+            return name.displayName.trim();
+        }
         if (typeof name.full === 'string' && name.full.trim())
             return name.full.trim();
         const first = typeof name.first === 'string' ? name.first.trim() : '';
@@ -45,6 +47,8 @@ export const getAccountDisplayName = (user, locale) => {
     else if (typeof name === 'string' && name.trim()) {
         return name.trim();
     }
+    if (typeof displayName === 'string' && displayName.trim())
+        return displayName.trim();
     if (typeof username === 'string' && username.trim())
         return username.trim();
     if (typeof publicKey === 'string' && publicKey.length > 0) {
@@ -96,18 +100,19 @@ export const createQuickAccount = (sessionId, userData, existingAccount, getFile
     const userId = userData.id || (typeof userData._id === 'string' ? userData._id : userData._id?.toString());
     // Preserve existing avatarUrl if avatar hasn't changed (prevents image reload)
     let avatarUrl;
-    if (existingAccount && existingAccount.avatar === userData.avatar && existingAccount.avatarUrl) {
+    const avatar = userData.avatar ?? undefined;
+    if (existingAccount && existingAccount.avatar === avatar && existingAccount.avatarUrl) {
         avatarUrl = existingAccount.avatarUrl;
     }
-    else if (userData.avatar && getFileDownloadUrl) {
-        avatarUrl = getFileDownloadUrl(userData.avatar, 'thumb');
+    else if (avatar && getFileDownloadUrl) {
+        avatarUrl = getFileDownloadUrl(avatar, 'thumb');
     }
     return {
         sessionId,
         userId,
         username: userData.username || '',
         displayName,
-        avatar: userData.avatar,
+        avatar,
         avatarUrl,
     };
 };