npm - @oxyhq/core - Versions diffs - 3.7.1 → 3.8.1 - Mend

@oxyhq/core 3.7.1 → 3.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/cjs/.tsbuildinfo +1 -1
package/dist/cjs/mixins/OxyServices.user.js +63 -0
package/dist/esm/.tsbuildinfo +1 -1
package/dist/esm/mixins/OxyServices.user.js +63 -0
package/dist/types/.tsbuildinfo +1 -1
package/dist/types/mixins/OxyServices.user.d.ts +41 -0
package/package.json +1 -1
package/src/mixins/OxyServices.user.ts +87 -0

package/dist/esm/mixins/OxyServices.user.js CHANGED Viewed

@@ -5,6 +5,11 @@ import { SignatureService } from '../crypto/signatureService.js';
 import { normalizeUserIdentity, normalizeUserIdentityOrNull } from '../utils/userIdentity.js';
 import { logger } from '../utils/loggerUtils.js';
 import { extractErrorStatus } from '../utils/errorUtils.js';
+/**
+ * Maximum number of ids sent per `POST /users/by-ids` request. Matches the
+ * server-side batch cap; larger inputs are split into multiple chunked calls.
+ */
+const USERS_BY_IDS_CHUNK_SIZE = 100;
 export function OxyServicesUserMixin(Base) {
     return class extends Base {
         constructor(...args) {
@@ -213,6 +218,64 @@ export function OxyServicesUserMixin(Base) {
                 throw this.handleError(error);
             }
         }
+        /**
+         * Fetch many users by id in one round-trip per chunk.
+         *
+         * Built for feed/hydration call sites that would otherwise issue one
+         * `getUserById` request per unique author (the classic M+1). Ids are
+         * deduplicated and validated (empty/blank ids dropped) before being split
+         * into chunks of {@link USERS_BY_IDS_CHUNK_SIZE} and POSTed to
+         * `/users/by-ids` as `{ ids }`. The server returns the matched users as a
+         * flat `User[]` (order is not guaranteed and the caller is expected to map
+         * by `id`); each is run through `normalizeUserIdentity`, matching
+         * `getUserById`.
+         *
+         * **Service-token auth (required).** `/users/by-ids` is a server-to-server
+         * bulk fetch of PUBLIC user data and is called via `makeServiceRequest`,
+         * which attaches `Authorization: Bearer <serviceToken>`. oxy-api's CSRF
+         * middleware skips bearer-authenticated requests, so the calling client
+         * MUST be service-configured (`configureServiceAuth(apiKey, apiSecret)`)
+         * before invoking this method; otherwise `getServiceToken()` throws because
+         * no credentials are available. (A plain user-session request fails here:
+         * server-to-server there is no cookie jar, so the auto-attached
+         * `X-CSRF-Token` has no matching cookie and oxy-api rejects the POST with
+         * 403 "CSRF token missing".)
+         *
+         * Resilience: chunks are independent. A failed chunk is logged and skipped
+         * — the method returns every user that resolved successfully rather than
+         * discarding the whole call on one chunk's failure. An empty/whitespace-only
+         * input resolves immediately with `[]` and performs no network call.
+         *
+         * Not cached at the SDK layer: the response is keyed on a multi-id POST body
+         * (low hit rate) and the backend maintains its own per-id Redis cache.
+         */
+        async getUsersByIds(ids) {
+            const uniqueIds = Array.from(new Set(ids.filter((id) => typeof id === 'string' && id.trim().length > 0)));
+            if (uniqueIds.length === 0) {
+                return [];
+            }
+            const chunks = [];
+            for (let i = 0; i < uniqueIds.length; i += USERS_BY_IDS_CHUNK_SIZE) {
+                chunks.push(uniqueIds.slice(i, i + USERS_BY_IDS_CHUNK_SIZE));
+            }
+            // Run chunks concurrently; a single chunk failure must not sink the rest.
+            const settled = await Promise.all(chunks.map(async (chunk) => {
+                try {
+                    const users = await this.makeServiceRequest('POST', '/users/by-ids', { ids: chunk });
+                    return Array.isArray(users) ? users.map((user) => normalizeUserIdentity(user)) : [];
+                }
+                catch (error) {
+                    logger.warn('getUsersByIds: chunk failed, continuing with remaining chunks', {
+                        method: 'getUsersByIds',
+                        chunkSize: chunk.length,
+                        status: extractErrorStatus(error),
+                        error: error instanceof Error ? error.message : String(error),
+                    });
+                    return [];
+                }
+            }));
+            return settled.flat();
+        }
         /**
          * Get current user
          */