@oxyhq/services 5.5.7 → 5.5.9

package/lib/module/ui/context/OxyContext.js

@@ -1,14 +1,18 @@
 "use strict";
 
 import React, { createContext, useContext, useState, useEffect, useCallback, useMemo } from 'react';
-import { AuthManager } from '../../core/AuthManager';
+import { DeviceManager } from '../../utils/deviceManager';
 
-// Context interface with session management support
+// Define the context shape
 import { jsx as _jsx } from "react/jsx-runtime";
+// Create the context with default values
 const OxyContext = /*#__PURE__*/createContext(null);
 
-// Storage implementation
+// Props for the OxyContextProvider
 
+// Platform storage implementation
+
+// Web localStorage implementation
 class WebStorage {
   async getItem(key) {
     return localStorage.getItem(key);
@@ -23,10 +27,16 @@ class WebStorage {
     localStorage.clear();
   }
 }
+
+// React Native AsyncStorage implementation
 let AsyncStorage;
+
+// Determine the platform and set up storage
 const isReactNative = () => {
   return typeof navigator !== 'undefined' && navigator.product === 'ReactNative';
 };
+
+// Get appropriate storage for the platform
 const getStorage = async () => {
   if (isReactNative()) {
     if (!AsyncStorage) {
@@ -42,6 +52,13 @@ const getStorage = async () => {
   }
   return new WebStorage();
 };
+
+// Storage keys for secure sessions
+const getSecureStorageKeys = (prefix = 'oxy_secure') => ({
+  sessions: `${prefix}_sessions`,
+  // Array of SecureClientSession objects
+  activeSessionId: `${prefix}_active_session_id` // ID of currently active session
+});
 export const OxyContextProvider = ({
   children,
   oxyServices,
@@ -49,29 +66,18 @@ export const OxyContextProvider = ({
   onAuthStateChange,
   bottomSheetRef
 }) => {
+  // Authentication state
+  const [user, setUser] = useState(null);
+  const [minimalUser, setMinimalUser] = useState(null);
+  const [sessions, setSessions] = useState([]);
+  const [activeSessionId, setActiveSessionId] = useState(null);
+  const [isLoading, setIsLoading] = useState(true);
+  const [error, setError] = useState(null);
   const [storage, setStorage] = useState(null);
-  const [authState, setAuthState] = useState({
-    isAuthenticated: false,
-    accessToken: null,
-    user: null,
-    activeSessionId: null,
-    sessions: [],
-    isLoading: true,
-    error: null
-  });
+  const [appBaseURL, setAppBaseURL] = useState(oxyServices.getBaseURL());
 
-  // Create AuthManager instance
-  const authManager = useMemo(() => {
-    return new AuthManager({
-      oxyServices,
-      onStateChange: newState => {
-        setAuthState(newState);
-        if (onAuthStateChange) {
-          onAuthStateChange(newState.user);
-        }
-      }
-    });
-  }, [oxyServices, onAuthStateChange]);
+  // Storage keys (memoized to prevent infinite loops)
+  const keys = useMemo(() => getSecureStorageKeys(storageKeyPrefix), [storageKeyPrefix]);
 
   // Initialize storage
   useEffect(() => {
@@ -81,102 +87,449 @@ export const OxyContextProvider = ({
         setStorage(platformStorage);
       } catch (error) {
         console.error('Failed to initialize storage:', error);
-        setAuthState(prev => ({
-          ...prev,
-          error: 'Failed to initialize storage',
-          isLoading: false
-        }));
+        setError('Failed to initialize storage');
       }
     };
     initStorage();
   }, []);
 
-  // Initialize authentication
+  // Effect to initialize authentication state
   useEffect(() => {
     const initAuth = async () => {
       if (!storage) return;
+      setIsLoading(true);
       try {
-        const activeSessionId = await storage.getItem(`${storageKeyPrefix}_active_session_id`);
-        await authManager.initialize(activeSessionId);
-      } catch (error) {
-        console.error('Auth initialization failed:', error);
-        await storage.removeItem(`${storageKeyPrefix}_active_session_id`);
+        // Load stored sessions
+        const sessionsData = await storage.getItem(keys.sessions);
+        const storedActiveSessionId = await storage.getItem(keys.activeSessionId);
+        console.log('SecureAuth - sessionsData:', sessionsData);
+        console.log('SecureAuth - activeSessionId:', storedActiveSessionId);
+        if (sessionsData) {
+          const parsedSessions = JSON.parse(sessionsData);
+
+          // Migrate old session format to include user info
+          const migratedSessions = [];
+          let shouldUpdateStorage = false;
+          for (const session of parsedSessions) {
+            if (!session.userId || !session.username) {
+              // Session is missing user info, try to fetch it
+              try {
+                const sessionUser = await oxyServices.getUserBySession(session.sessionId);
+                migratedSessions.push({
+                  ...session,
+                  userId: sessionUser.id,
+                  username: sessionUser.username
+                });
+                shouldUpdateStorage = true;
+                console.log(`Migrated session ${session.sessionId} for user ${sessionUser.username}`);
+              } catch (error) {
+                // Session might be invalid, skip it
+                console.log(`Removing invalid session ${session.sessionId}:`, error);
+                shouldUpdateStorage = true;
+              }
+            } else {
+              // Session already has user info
+              migratedSessions.push(session);
+            }
+          }
+
+          // Update storage if we made changes
+          if (shouldUpdateStorage) {
+            await saveSessionsToStorage(migratedSessions);
+          }
+          setSessions(migratedSessions);
+          if (storedActiveSessionId && migratedSessions.length > 0) {
+            const activeSession = migratedSessions.find(s => s.sessionId === storedActiveSessionId);
+            if (activeSession) {
+              console.log('SecureAuth - activeSession found:', activeSession);
+
+              // Validate session
+              try {
+                const validation = await oxyServices.validateSession(activeSession.sessionId);
+                if (validation.valid) {
+                  console.log('SecureAuth - session validated successfully');
+                  setActiveSessionId(activeSession.sessionId);
+
+                  // Get access token for API calls
+                  await oxyServices.getTokenBySession(activeSession.sessionId);
+
+                  // Load full user data
+                  const fullUser = await oxyServices.getUserBySession(activeSession.sessionId);
+                  setUser(fullUser);
+                  setMinimalUser({
+                    id: fullUser.id,
+                    username: fullUser.username,
+                    avatar: fullUser.avatar
+                  });
+                  if (onAuthStateChange) {
+                    onAuthStateChange(fullUser);
+                  }
+                } else {
+                  console.log('SecureAuth - session invalid, removing');
+                  await removeInvalidSession(activeSession.sessionId);
+                }
+              } catch (error) {
+                console.error('SecureAuth - session validation error:', error);
+                await removeInvalidSession(activeSession.sessionId);
+              }
+            }
+          }
+        }
+      } catch (err) {
+        console.error('Secure auth initialization error:', err);
+        await clearAllStorage();
+      } finally {
+        setIsLoading(false);
       }
     };
     if (storage) {
       initAuth();
     }
-  }, [storage, authManager, storageKeyPrefix]);
+  }, [storage, oxyServices, keys, onAuthStateChange]);
 
-  // Auth methods that integrate with storage
-  const login = useCallback(async (username, password, deviceName) => {
-    await authManager.login(username, password, deviceName);
+  // Remove invalid session
+  const removeInvalidSession = useCallback(async sessionId => {
+    const filteredSessions = sessions.filter(s => s.sessionId !== sessionId);
+    setSessions(filteredSessions);
+    await saveSessionsToStorage(filteredSessions);
 
-    // Save session ID to storage
-    const sessionId = authManager.getActiveSessionId();
-    if (sessionId && storage) {
-      await storage.setItem(`${storageKeyPrefix}_active_session_id`, sessionId);
+    // If there are other sessions, switch to the first one
+    if (filteredSessions.length > 0) {
+      await switchToSession(filteredSessions[0].sessionId);
+    } else {
+      // No valid sessions left
+      setActiveSessionId(null);
+      setUser(null);
+      setMinimalUser(null);
+      await storage?.removeItem(keys.activeSessionId);
+      if (onAuthStateChange) {
+        onAuthStateChange(null);
+      }
     }
-    return authManager.getCurrentUser();
-  }, [authManager, storage, storageKeyPrefix]);
-  const logout = useCallback(async targetSessionId => {
-    await authManager.logout(targetSessionId);
+  }, [sessions, storage, keys, onAuthStateChange]);
+
+  // Save sessions to storage
+  const saveSessionsToStorage = useCallback(async sessionsList => {
+    if (!storage) return;
+    await storage.setItem(keys.sessions, JSON.stringify(sessionsList));
+  }, [storage, keys.sessions]);
 
-    // Clear from storage if logging out current session
-    if (!targetSessionId && storage) {
-      await storage.removeItem(`${storageKeyPrefix}_active_session_id`);
+  // Save active session ID to storage
+  const saveActiveSessionId = useCallback(async sessionId => {
+    if (!storage) return;
+    await storage.setItem(keys.activeSessionId, sessionId);
+  }, [storage, keys.activeSessionId]);
+
+  // Clear all storage
+  const clearAllStorage = useCallback(async () => {
+    if (!storage) return;
+    try {
+      await storage.removeItem(keys.sessions);
+      await storage.removeItem(keys.activeSessionId);
+    } catch (err) {
+      console.error('Clear secure storage error:', err);
     }
-  }, [authManager, storage, storageKeyPrefix]);
-  const refreshSessions = useCallback(async () => {
-    await authManager.refreshSessions();
-  }, [authManager]);
-  const switchSession = useCallback(async sessionId => {
-    await authManager.switchSession(sessionId);
+  }, [storage, keys]);
 
-    // Update storage with new active session
-    if (storage) {
-      await storage.setItem(`${storageKeyPrefix}_active_session_id`, sessionId);
+  // Switch to a different session
+  const switchToSession = useCallback(async sessionId => {
+    try {
+      setIsLoading(true);
+
+      // Get access token for this session
+      await oxyServices.getTokenBySession(sessionId);
+
+      // Load full user data
+      const fullUser = await oxyServices.getUserBySession(sessionId);
+      setActiveSessionId(sessionId);
+      setUser(fullUser);
+      setMinimalUser({
+        id: fullUser.id,
+        username: fullUser.username,
+        avatar: fullUser.avatar
+      });
+      await saveActiveSessionId(sessionId);
+      if (onAuthStateChange) {
+        onAuthStateChange(fullUser);
+      }
+    } catch (error) {
+      console.error('Switch session error:', error);
+      setError('Failed to switch session');
+    } finally {
+      setIsLoading(false);
     }
-  }, [authManager, storage, storageKeyPrefix]);
-  const removeSession = useCallback(async sessionId => {
-    await authManager.removeSession(sessionId);
-  }, [authManager]);
-  const logoutAll = useCallback(async () => {
-    await authManager.logoutAll();
+  }, [oxyServices, onAuthStateChange, saveActiveSessionId]);
 
-    // Clear from storage
-    if (storage) {
-      await storage.removeItem(`${storageKeyPrefix}_active_session_id`);
+  // Secure login method
+  const login = async (username, password, deviceName) => {
+    if (!storage) throw new Error('Storage not initialized');
+    setIsLoading(true);
+    setError(null);
+    try {
+      // Get device fingerprint for enhanced device identification
+      const deviceFingerprint = DeviceManager.getDeviceFingerprint();
+
+      // Get or generate persistent device info
+      const deviceInfo = await DeviceManager.getDeviceInfo();
+      console.log('SecureAuth - Using device fingerprint:', deviceFingerprint);
+      console.log('SecureAuth - Using device ID:', deviceInfo.deviceId);
+      const response = await oxyServices.secureLogin(username, password, deviceName || deviceInfo.deviceName || DeviceManager.getDefaultDeviceName(), deviceFingerprint);
+
+      // Create client session object with user info for duplicate detection
+      const clientSession = {
+        sessionId: response.sessionId,
+        deviceId: response.deviceId,
+        expiresAt: response.expiresAt,
+        lastActive: new Date().toISOString(),
+        userId: response.user.id,
+        username: response.user.username
+      };
+
+      // Check if this user already has a session (prevent duplicate accounts)
+      const existingUserSessionIndex = sessions.findIndex(s => s.userId === response.user.id || s.username === response.user.username);
+      let updatedSessions;
+      if (existingUserSessionIndex !== -1) {
+        // User already has a session - replace it with the new one (reused session scenario)
+        const existingSession = sessions[existingUserSessionIndex];
+        updatedSessions = [...sessions];
+        updatedSessions[existingUserSessionIndex] = clientSession;
+        console.log(`Reusing/updating existing session for user ${response.user.username}. Previous session: ${existingSession.sessionId}, New session: ${response.sessionId}`);
+
+        // If the replaced session was the active one, update active session
+        if (activeSessionId === existingSession.sessionId) {
+          setActiveSessionId(response.sessionId);
+          await saveActiveSessionId(response.sessionId);
+        }
+      } else {
+        // Add new session for new user
+        updatedSessions = [...sessions, clientSession];
+        console.log(`Added new session for user ${response.user.username} on device ${response.deviceId}`);
+      }
+      setSessions(updatedSessions);
+      await saveSessionsToStorage(updatedSessions);
+
+      // Set as active session
+      setActiveSessionId(response.sessionId);
+      await saveActiveSessionId(response.sessionId);
+
+      // Get access token for API calls
+      await oxyServices.getTokenBySession(response.sessionId);
+
+      // Load full user data
+      const fullUser = await oxyServices.getUserBySession(response.sessionId);
+      setUser(fullUser);
+      setMinimalUser(response.user);
+      if (onAuthStateChange) {
+        onAuthStateChange(fullUser);
+      }
+      return fullUser;
+    } catch (error) {
+      setError(error.message || 'Login failed');
+      throw error;
+    } finally {
+      setIsLoading(false);
+    }
+  };
+
+  // Logout method
+  const logout = async targetSessionId => {
+    if (!activeSessionId) return;
+    try {
+      const sessionToLogout = targetSessionId || activeSessionId;
+      await oxyServices.logoutSecureSession(activeSessionId, sessionToLogout);
+
+      // Remove session from local storage
+      const filteredSessions = sessions.filter(s => s.sessionId !== sessionToLogout);
+      setSessions(filteredSessions);
+      await saveSessionsToStorage(filteredSessions);
+
+      // If logging out active session
+      if (sessionToLogout === activeSessionId) {
+        if (filteredSessions.length > 0) {
+          // Switch to another session
+          await switchToSession(filteredSessions[0].sessionId);
+        } else {
+          // No sessions left
+          setActiveSessionId(null);
+          setUser(null);
+          setMinimalUser(null);
+          await storage?.removeItem(keys.activeSessionId);
+          if (onAuthStateChange) {
+            onAuthStateChange(null);
+          }
+        }
+      }
+    } catch (error) {
+      console.error('Logout error:', error);
+      setError('Logout failed');
+    }
+  };
+
+  // Logout all sessions
+  const logoutAll = async () => {
+    console.log('logoutAll called with activeSessionId:', activeSessionId);
+    if (!activeSessionId) {
+      console.error('No active session ID found, cannot logout all');
+      setError('No active session found');
+      throw new Error('No active session found');
+    }
+    if (!oxyServices) {
+      console.error('OxyServices not initialized');
+      setError('Service not available');
+      throw new Error('Service not available');
+    }
+    try {
+      console.log('Calling oxyServices.logoutAllSecureSessions with sessionId:', activeSessionId);
+      await oxyServices.logoutAllSecureSessions(activeSessionId);
+      console.log('logoutAllSecureSessions completed successfully');
+
+      // Clear all local data
+      setSessions([]);
+      setActiveSessionId(null);
+      setUser(null);
+      setMinimalUser(null);
+      await clearAllStorage();
+      console.log('Local storage cleared');
+      if (onAuthStateChange) {
+        onAuthStateChange(null);
+        console.log('Auth state change callback called');
+      }
+    } catch (error) {
+      console.error('Logout all error:', error);
+      setError(`Logout all failed: ${error instanceof Error ? error.message : 'Unknown error'}`);
+      throw error;
+    }
+  };
+
+  // Sign up method
+  const signUp = async (username, email, password) => {
+    if (!storage) throw new Error('Storage not initialized');
+    setIsLoading(true);
+    setError(null);
+    try {
+      // Create new account using the OxyServices signUp method
+      const response = await oxyServices.signUp(username, email, password);
+      console.log('SignUp successful:', response);
+
+      // Now log the user in securely to create a session
+      // This will handle the session creation and device registration
+      const user = await login(username, password);
+      return user;
+    } catch (error) {
+      setError(error.message || 'Sign up failed');
+      throw error;
+    } finally {
+      setIsLoading(false);
     }
-  }, [authManager, storage, storageKeyPrefix]);
-  const signUp = useCallback(async (username, email, password) => {
-    await authManager.signUp(username, email, password);
+  };
+
+  // Switch session method
+  const switchSession = async sessionId => {
+    await switchToSession(sessionId);
+  };
+
+  // Remove session method
+  const removeSession = async sessionId => {
+    await logout(sessionId);
+  };
 
-    // Save session ID to storage after auto-login
-    const sessionId = authManager.getActiveSessionId();
-    if (sessionId && storage) {
-      await storage.setItem(`${storageKeyPrefix}_active_session_id`, sessionId);
+  // Refresh sessions method
+  const refreshSessions = async () => {
+    if (!activeSessionId) return;
+    try {
+      const serverSessions = await oxyServices.getSessionsBySessionId(activeSessionId);
+
+      // Update local sessions with server data
+      const updatedSessions = serverSessions.map(serverSession => ({
+        sessionId: serverSession.sessionId,
+        deviceId: serverSession.deviceId,
+        expiresAt: new Date().toISOString(),
+        // You might want to get this from server
+        lastActive: new Date().toISOString()
+      }));
+      setSessions(updatedSessions);
+      await saveSessionsToStorage(updatedSessions);
+    } catch (error) {
+      console.error('Refresh sessions error:', error);
     }
-    return authManager.getCurrentUser();
-  }, [authManager, storage, storageKeyPrefix]);
+  };
+
+  // Device management methods
+  const getDeviceSessions = async () => {
+    if (!activeSessionId) throw new Error('No active session');
+    try {
+      return await oxyServices.getDeviceSessions(activeSessionId);
+    } catch (error) {
+      console.error('Get device sessions error:', error);
+      throw error;
+    }
+  };
+  const logoutAllDeviceSessions = async () => {
+    if (!activeSessionId) throw new Error('No active session');
+    try {
+      await oxyServices.logoutAllDeviceSessions(activeSessionId);
 
-  // Bottom sheet controls
+      // Clear all local sessions since we logged out from all devices
+      setSessions([]);
+      setActiveSessionId(null);
+      setUser(null);
+      setMinimalUser(null);
+      await clearAllStorage();
+      if (onAuthStateChange) {
+        onAuthStateChange(null);
+      }
+    } catch (error) {
+      console.error('Logout all device sessions error:', error);
+      throw error;
+    }
+  };
+  const updateDeviceName = async deviceName => {
+    if (!activeSessionId) throw new Error('No active session');
+    try {
+      await oxyServices.updateDeviceName(activeSessionId, deviceName);
+
+      // Update local device info
+      await DeviceManager.updateDeviceName(deviceName);
+    } catch (error) {
+      console.error('Update device name error:', error);
+      throw error;
+    }
+  };
+
+  // Bottom sheet control methods
   const showBottomSheet = useCallback(screenOrConfig => {
+    console.log('showBottomSheet called with:', screenOrConfig);
     if (bottomSheetRef?.current) {
+      console.log('bottomSheetRef is available');
+
+      // First, show the bottom sheet
       if (bottomSheetRef.current.expand) {
+        console.log('Expanding bottom sheet');
         bottomSheetRef.current.expand();
       } else if (bottomSheetRef.current.present) {
+        console.log('Presenting bottom sheet');
         bottomSheetRef.current.present();
+      } else {
+        console.warn('No expand or present method available on bottomSheetRef');
       }
+
+      // Then navigate to the specified screen if provided
       if (screenOrConfig) {
+        // Add a small delay to ensure the bottom sheet is opened first
         setTimeout(() => {
           if (typeof screenOrConfig === 'string') {
+            // Simple screen name
+            console.log('Navigating to screen:', screenOrConfig);
             bottomSheetRef.current?._navigateToScreen?.(screenOrConfig);
           } else {
+            // Screen with props
+            console.log('Navigating to screen with props:', screenOrConfig.screen, screenOrConfig.props);
             bottomSheetRef.current?._navigateToScreen?.(screenOrConfig.screen, screenOrConfig.props);
           }
         }, 100);
       }
+    } else {
+      console.warn('bottomSheetRef is not available');
     }
   }, [bottomSheetRef]);
   const hideBottomSheet = useCallback(() => {
@@ -184,22 +537,60 @@ export const OxyContextProvider = ({
       bottomSheetRef.current.dismiss?.();
     }
   }, [bottomSheetRef]);
+
+  // API URL configuration
+  const setApiUrl = useCallback(url => {
+    try {
+      // Validate URL
+      if (!url) {
+        throw new Error('Base URL cannot be empty');
+      }
+      // Only update the app-specific base URL, not the OxyServices base URL
+      // This ensures internal module calls to Oxy API remain unaffected
+      setAppBaseURL(url);
+    } catch (error) {
+      console.error('Failed to update API URL:', error);
+      setError(`Failed to update API URL: ${error instanceof Error ? error.message : 'Unknown error'}`);
+    }
+  }, []);
+
+  // Get current app base URL
+  const getAppBaseURL = useCallback(() => {
+    return appBaseURL;
+  }, [appBaseURL]);
+
+  // Compute comprehensive authentication status
+  // This is the single source of truth for authentication across the entire app
+  const isAuthenticated = useMemo(() => {
+    // User is authenticated if:
+    // 1. We have a full user object loaded, OR
+    // 2. We have an active session (token will be fetched on-demand)
+    // This covers both the loaded state and the loading-but-authenticated state
+    return !!user || !!activeSessionId;
+  }, [user, activeSessionId]);
+
+  // Context value
   const contextValue = {
-    isAuthenticated: authState.isAuthenticated,
-    user: authState.user,
-    isLoading: authState.isLoading,
-    error: authState.error,
-    sessions: authState.sessions,
-    activeSessionId: authState.activeSessionId,
+    user,
+    minimalUser,
+    sessions,
+    activeSessionId,
+    isAuthenticated,
+    isLoading,
+    error,
     login,
     logout,
+    logoutAll,
     signUp,
-    refreshSessions,
     switchSession,
     removeSession,
-    logoutAll,
+    refreshSessions,
+    getDeviceSessions,
+    logoutAllDeviceSessions,
+    updateDeviceName,
     oxyServices,
-    authManager,
+    setApiUrl,
+    getAppBaseURL,
     bottomSheetRef,
     showBottomSheet,
     hideBottomSheet
@@ -209,6 +600,8 @@ export const OxyContextProvider = ({
     children: children
   });
 };
+
+// Hook to use the context
 export const useOxy = () => {
   const context = useContext(OxyContext);
   if (!context) {