@oxyhq/services 5.7.2 → 5.7.4

package/lib/typescript/ui/zero-config/provider.d.ts

@@ -0,0 +1,84 @@
+/**
+ * Zero-config OxyHQ Provider and Hook for React/React Native
+ *
+ * This provides a simplified, one-line setup for frontend authentication
+ * with automatic token management and API integration.
+ */
+import React, { ReactNode } from 'react';
+import { OxyServices } from '../../core';
+import { User } from '../../models/interfaces';
+export interface OxyZeroConfigState {
+    user: User | null;
+    isAuthenticated: boolean;
+    isLoading: boolean;
+    error: string | null;
+    login: (username: string, password: string) => Promise<User>;
+    logout: () => Promise<void>;
+    register: (username: string, email: string, password: string) => Promise<User>;
+    api: OxyServices;
+}
+export interface OxyZeroConfigProviderProps {
+    children: ReactNode;
+    /** Base URL of your Oxy API server (defaults to process.env.REACT_APP_OXY_API_URL or http://localhost:3001) */
+    apiUrl?: string;
+    /** Called when authentication state changes */
+    onAuthChange?: (user: User | null) => void;
+    /** Storage key prefix (default: 'oxy_zero') */
+    storagePrefix?: string;
+}
+/**
+ * Zero-config provider for OxyHQ Services
+ *
+ * @example
+ * ```tsx
+ * import { OxyZeroConfigProvider } from '@oxyhq/services/ui';
+ *
+ * function App() {
+ *   return (
+ *     <OxyZeroConfigProvider>
+ *       <MyApp />
+ *     </OxyZeroConfigProvider>
+ *   );
+ * }
+ * ```
+ */
+export declare const OxyZeroConfigProvider: React.FC<OxyZeroConfigProviderProps>;
+/**
+ * Zero-config hook for OxyHQ Services
+ *
+ * @example
+ * ```tsx
+ * function MyComponent() {
+ *   const { user, login, logout, isAuthenticated } = useOxyZeroConfig();
+ *
+ *   const handleLogin = () => {
+ *     login('username', 'password');
+ *   };
+ *
+ *   if (isAuthenticated) {
+ *     return <div>Welcome, {user?.username}!</div>;
+ *   }
+ *
+ *   return <button onClick={handleLogin}>Login</button>;
+ * }
+ * ```
+ */
+export declare const useOxyZeroConfig: () => OxyZeroConfigState;
+/**
+ * Hook for automatic API client with authentication
+ * This automatically includes the auth token in requests
+ *
+ * @example
+ * ```tsx
+ * function ProfileComponent() {
+ *   const api = useOxyApi();
+ *
+ *   const updateProfile = async (data) => {
+ *     const user = await api.updateProfile(data);
+ *     // Token is automatically included
+ *   };
+ * }
+ * ```
+ */
+export declare const useOxyApi: () => OxyServices;
+//# sourceMappingURL=provider.d.ts.map

package/lib/typescript/ui/zero-config/provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../../../src/ui/zero-config/provider.tsx"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,EAAkD,SAAS,EAAe,MAAM,OAAO,CAAC;AACtG,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACzC,OAAO,EAAE,IAAI,EAAiB,MAAM,yBAAyB,CAAC;AAE9D,MAAM,WAAW,kBAAkB;IAEjC,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAGrB,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7D,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAG/E,GAAG,EAAE,WAAW,CAAC;CAClB;AAID,MAAM,WAAW,0BAA0B;IACzC,QAAQ,EAAE,SAAS,CAAC;IACpB,+GAA+G;IAC/G,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,+CAA+C;IAC/C,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,KAAK,IAAI,CAAC;IAC3C,+CAA+C;IAC/C,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,qBAAqB,EAAE,KAAK,CAAC,EAAE,CAAC,0BAA0B,CA6MtE,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACH,eAAO,MAAM,gBAAgB,QAAO,kBAMnC,CAAC;AAEF;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,SAAS,QAAO,WAG5B,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@oxyhq/services",
-    "version": "5.7.2",
+    "version": "5.7.4",
     "description": "Reusable OxyHQ module to handle authentication, user management, karma system, device-based session management and more 🚀",
     "main": "lib/commonjs/index.js",
     "module": "lib/module/index.js",
@@ -23,6 +23,11 @@
             "require": "./lib/commonjs/ui/index.js",
             "types": "./lib/typescript/ui/index.d.ts"
         },
+        "./node": {
+            "import": "./lib/module/node/index.js",
+            "require": "./lib/commonjs/node/index.js",
+            "types": "./lib/typescript/node/index.d.ts"
+        },
         "./full": {
             "import": "./lib/module/index.js",
             "require": "./lib/commonjs/index.js",

package/src/core/index.ts

@@ -1381,24 +1381,6 @@ export class OxyServices {
           });
         }
         
-        // Validate JWT format before attempting to decode
-        if (!this.isValidJwtFormat(token)) {
-          const error = {
-            message: 'Invalid token format',
-            code: 'INVALID_TOKEN_FORMAT',
-            status: 401
-          };
-          
-          if (onError) {
-            return onError(error);
-          }
-          
-          return res.status(401).json({ 
-            message: 'Invalid token format',
-            code: 'INVALID_TOKEN_FORMAT'
-          });
-        }
-        
         // Create a temporary OxyServices instance with the token to validate it
         const tempOxyServices = new OxyServices({
           baseURL: this.client.defaults.baseURL || ''
@@ -1431,9 +1413,6 @@ export class OxyServices {
           const decoded = jwtDecode<JwtPayload>(token);
           userId = decoded.userId || decoded.id;
         } catch (decodeError) {
-          console.error('JWT decode error:', decodeError);
-          console.error('Token being decoded:', token.substring(0, 20) + '...');
-          
           const error = {
             message: 'Invalid token payload',
             code: 'INVALID_PAYLOAD',
@@ -1520,14 +1499,6 @@ export class OxyServices {
         };
       }
       
-      // Validate JWT format before attempting to decode
-      if (!this.isValidJwtFormat(token)) {
-        return {
-          valid: false,
-          error: 'Invalid token format'
-        };
-      }
-      
       // Create a temporary OxyServices instance with the token
       const tempOxyServices = new OxyServices({
         baseURL: this.client.defaults.baseURL || ''
@@ -1585,37 +1556,6 @@ export class OxyServices {
     }
   }
 
-  /**
-   * Validate JWT token format
-   * @param token - The token to validate
-   * @returns Boolean indicating if the token has valid JWT format
-   */
-  public isValidJwtFormat(token: string): boolean {
-    if (!token || typeof token !== 'string') {
-      return false;
-    }
-    
-    // JWT tokens should have 3 parts separated by dots
-    const parts = token.split('.');
-    if (parts.length !== 3) {
-      return false;
-    }
-    
-    // Each part should be a valid base64 string
-    try {
-      parts.forEach(part => {
-        if (!part || part.trim() === '') {
-          throw new Error('Empty part');
-        }
-        // Try to decode base64 (this will throw if invalid)
-        Buffer.from(part, 'base64');
-      });
-      return true;
-    } catch (error) {
-      return false;
-    }
-  }
-
   /**
    * Centralized error handling
    * @private

package/src/node/index.ts

@@ -1,7 +1,19 @@
 /**
- * OxyHQServices Node.js Entry Point
+ * Node.js-specific exports for OxyHQ Services
+ * 
+ * This module provides zero-config Express.js middleware and utilities
+ * for backend integration with OxyHQ Services.
  */
 
+// Export the zero-config middleware
+export {
+  createOxyAuth,
+  createOptionalOxyAuth,
+  createOxyExpressApp,
+  type OxyAuthConfig,
+  type AuthenticatedRequest
+} from './middleware';
+
 // ------------- Core Imports -------------
 import { OxyServices, OXY_CLOUD_URL } from '../core'; // Adjusted path
 import { createAuth } from './createAuth';
@@ -16,6 +28,10 @@ export { createAuth };
 // ------------- Model Exports -------------
 export { Models };  // Export all models as a namespace
 export * from '../models/interfaces'; // Export all models directly
+export * from '../models/secureSession';
+
+// Re-export utilities
+export { DeviceManager } from '../utils/deviceManager';
 
 // Default export for consistency or specific use cases if needed
 export default OxyServices;

package/src/node/middleware.ts

@@ -0,0 +1,234 @@
+/**
+ * Zero-config Express middleware for OxyHQ Services authentication
+ * 
+ * This provides a simple, one-line solution for adding authentication to Express apps.
+ * Simply import and use: app.use('/api', createOxyAuth())
+ */
+
+import { OxyServices } from '../core';
+import { ApiError } from '../models/interfaces';
+
+export interface OxyAuthConfig {
+  /** Base URL of your Oxy API server */
+  baseURL?: string;
+  /** Whether to load full user data (default: true) */
+  loadUser?: boolean;
+  /** Routes that don't require authentication */
+  publicPaths?: string[];
+  /** Custom error handler */
+  onError?: (error: ApiError, req: any, res: any) => void;
+}
+
+export interface AuthenticatedRequest {
+  user?: any;
+  userId?: string;
+  accessToken?: string;
+}
+
+/**
+ * Creates zero-config authentication middleware for Express.js
+ * 
+ * @example
+ * ```typescript
+ * import express from 'express';
+ * import { createOxyAuth } from '@oxyhq/services/node';
+ * 
+ * const app = express();
+ * 
+ * // Zero-config auth for all /api routes
+ * app.use('/api', createOxyAuth());
+ * 
+ * // Now all routes under /api automatically have req.user available
+ * app.get('/api/profile', (req, res) => {
+ *   res.json({ user: req.user }); // req.user is automatically available
+ * });
+ * ```
+ */
+export function createOxyAuth(config: OxyAuthConfig = {}) {
+  const {
+    baseURL = process.env.OXY_API_URL || 'http://localhost:3001',
+    loadUser = true,
+    publicPaths = [],
+    onError
+  } = config;
+
+  const oxy = new OxyServices({ baseURL });
+
+  return async (req: any, res: any, next: any) => {
+    // Check if this is a public path
+    const isPublicPath = publicPaths.some(path => 
+      req.path === path || req.path.startsWith(path + '/')
+    );
+
+    if (isPublicPath) {
+      return next();
+    }
+
+    try {
+      const authHeader = req.headers['authorization'];
+      const token = authHeader && authHeader.split(' ')[1]; // Bearer TOKEN
+
+      if (!token) {
+        const error: ApiError = {
+          message: 'Access token required',
+          code: 'MISSING_TOKEN',
+          status: 401
+        };
+
+        if (onError) {
+          return onError(error, req, res);
+        }
+
+        return res.status(401).json({
+          error: 'Access token required',
+          code: 'MISSING_TOKEN'
+        });
+      }
+
+      // Validate token using the OxyServices client
+      const authResult = await oxy.authenticateToken(token);
+
+      if (!authResult.valid) {
+        const error: ApiError = {
+          message: authResult.error || 'Invalid token',
+          code: 'INVALID_TOKEN',
+          status: 403
+        };
+
+        if (onError) {
+          return onError(error, req, res);
+        }
+
+        return res.status(403).json({
+          error: authResult.error || 'Invalid token',
+          code: 'INVALID_TOKEN'
+        });
+      }
+
+      // Attach user data to request
+      req.userId = authResult.userId;
+      req.accessToken = token;
+
+      if (loadUser && authResult.user) {
+        req.user = authResult.user;
+      } else {
+        req.user = { id: authResult.userId };
+      }
+
+      next();
+    } catch (error: any) {
+      const apiError: ApiError = {
+        message: error.message || 'Authentication failed',
+        code: error.code || 'AUTH_ERROR',
+        status: error.status || 500
+      };
+
+      if (onError) {
+        return onError(apiError, req, res);
+      }
+
+      res.status(apiError.status).json({
+        error: apiError.message,
+        code: apiError.code
+      });
+    }
+  };
+}
+
+/**
+ * Creates optional authentication middleware
+ * This middleware will attach user data if a valid token is present, but won't fail if missing
+ * 
+ * @example
+ * ```typescript
+ * import { createOptionalOxyAuth } from '@oxyhq/services/node';
+ * 
+ * app.use('/api', createOptionalOxyAuth());
+ * 
+ * app.get('/api/content', (req, res) => {
+ *   if (req.user) {
+ *     // User is authenticated, show personalized content
+ *     res.json({ content: 'personalized', user: req.user });
+ *   } else {
+ *     // Anonymous user, show public content
+ *     res.json({ content: 'public' });
+ *   }
+ * });
+ * ```
+ */
+export function createOptionalOxyAuth(config: OxyAuthConfig = {}) {
+  const {
+    baseURL = process.env.OXY_API_URL || 'http://localhost:3001',
+    loadUser = true
+  } = config;
+
+  const oxy = new OxyServices({ baseURL });
+
+  return async (req: any, res: any, next: any) => {
+    try {
+      const authHeader = req.headers['authorization'];
+      const token = authHeader && authHeader.split(' ')[1]; // Bearer TOKEN
+
+      if (!token) {
+        // No token provided, continue without authentication
+        return next();
+      }
+
+      // Validate token using the OxyServices client
+      const authResult = await oxy.authenticateToken(token);
+
+      if (authResult.valid) {
+        // Attach user data to request if token is valid
+        req.userId = authResult.userId;
+        req.accessToken = token;
+
+        if (loadUser && authResult.user) {
+          req.user = authResult.user;
+        } else {
+          req.user = { id: authResult.userId };
+        }
+      }
+
+      next();
+    } catch (error) {
+      // If there's an error, continue without authentication
+      // This makes the middleware truly optional
+      next();
+    }
+  };
+}
+
+/**
+ * Utility function to quickly set up a complete Express app with authentication
+ * 
+ * @example
+ * ```typescript
+ * import { createOxyExpressApp } from '@oxyhq/services/node';
+ * 
+ * const app = createOxyExpressApp();
+ * 
+ * // All routes automatically have authentication and req.user available
+ * app.get('/api/profile', (req, res) => {
+ *   res.json({ user: req.user });
+ * });
+ * 
+ * app.listen(3000);
+ * ```
+ */
+export function createOxyExpressApp(config: OxyAuthConfig & {
+  /** Express app configuration */
+  cors?: boolean;
+  /** JSON body parser limit */
+  jsonLimit?: string;
+  /** Additional middleware to apply */
+  middleware?: any[];
+} = {}) {
+  // This is a lightweight helper - users should import express themselves
+  // We'll provide the middleware setup instructions instead
+  
+  throw new Error('createOxyExpressApp is not implemented yet. Please use createOxyAuth() middleware with your existing Express app.');
+}
+
+// Re-export for convenience
+export { OxyServices } from '../core';
+export * from '../models/interfaces';

package/src/ui/context/OxyContext.tsx

@@ -138,18 +138,6 @@ export const OxyContextProvider: React.FC<OxyContextProviderProps> = ({
   // Add a new state to track token restoration
   const [tokenReady, setTokenReady] = React.useState(false);
 
-  // Add refs to prevent duplicate API calls
-  const initAuthRef = React.useRef(false);
-  const tokenRestoreRef = React.useRef(false);
-
-  // Development warning about React StrictMode
-  React.useEffect(() => {
-    if (__DEV__) {
-      console.log('🔍 OxyContext: React StrictMode may cause effects to run twice in development');
-      console.log('🔍 This is normal and helps detect side effects. Production builds will not have this behavior.');
-    }
-  }, []);
-
   // Storage keys (memoized to prevent infinite loops)
   const keys = useMemo(() => getSecureStorageKeys(storageKeyPrefix), [storageKeyPrefix]);
 
@@ -171,12 +159,8 @@ export const OxyContextProvider: React.FC<OxyContextProviderProps> = ({
   // Effect to initialize authentication state
   useEffect(() => {
     const initAuth = async () => {
-      if (!storage || initAuthRef.current) return;
-
-      // Prevent multiple simultaneous initializations
-      if (isLoading) return;
+      if (!storage) return;
 
-      initAuthRef.current = true;
       useAuthStore.setState({ isLoading: true });
       try {
         // Load stored sessions
@@ -270,16 +254,15 @@ export const OxyContextProvider: React.FC<OxyContextProviderProps> = ({
       }
     };
 
-    if (storage && !isLoading) {
+    if (storage) {
       initAuth();
     }
-  }, [storage, oxyServices, keys.sessions, keys.activeSessionId]); // Removed onAuthStateChange from deps
+  }, [storage, oxyServices, keys, onAuthStateChange]);
 
-  // Effect to restore token on app load or session switch - with proper guards
+  // Effect to restore token on app load or session switch
   useEffect(() => {
     const restoreToken = async () => {
-      if (activeSessionId && oxyServices && !tokenReady && !tokenRestoreRef.current) {
-        tokenRestoreRef.current = true;
+      if (activeSessionId && oxyServices) {
         try {
           await oxyServices.getTokenBySession(activeSessionId);
           setTokenReady(true);
@@ -288,16 +271,13 @@ export const OxyContextProvider: React.FC<OxyContextProviderProps> = ({
           await logout();
           setTokenReady(false);
         }
-      } else if (!activeSessionId && !tokenReady) {
+      } else {
         setTokenReady(true); // No session, so token is not needed
       }
     };
-
-    // Only run if we haven't already set tokenReady
-    if (!tokenReady) {
-      restoreToken();
-    }
-  }, [activeSessionId, oxyServices, tokenReady]); // Added tokenReady to prevent re-runs
+    restoreToken();
+    // Only run when activeSessionId or oxyServices changes
+  }, [activeSessionId, oxyServices]);
 
   // Remove invalid session
   const removeInvalidSession = useCallback(async (sessionId: string): Promise<void> => {

package/src/ui/hooks/useSessionSocket.ts

@@ -13,10 +13,9 @@ interface UseSessionSocketProps {
 
 export function useSessionSocket({ userId, activeSessionId, refreshSessions, logout, baseURL, onRemoteSignOut }: UseSessionSocketProps) {
   const socketRef = useRef<any>(null);
-  const connectedRef = useRef(false);
 
   useEffect(() => {
-    if (!userId || !baseURL || connectedRef.current) return;
+    if (!userId || !baseURL) return;
 
     if (!socketRef.current) {
       socketRef.current = io(baseURL, {
@@ -27,7 +26,6 @@ export function useSessionSocket({ userId, activeSessionId, refreshSessions, log
 
     socket.on('connect', () => {
       console.log('Socket connected:', socket.id);
-      connectedRef.current = true;
     });
 
     socket.emit('join', { userId: `user:${userId}` });
@@ -45,7 +43,6 @@ export function useSessionSocket({ userId, activeSessionId, refreshSessions, log
     });
 
     return () => {
-      connectedRef.current = false;
       socket.emit('leave', { userId: `user:${userId}` });
       socket.off('session_update');
     };

package/src/ui/index.ts

@@ -9,6 +9,9 @@ import isFrontend from './isFrontend';
 // Real UI exports
 let OxyProvider, OxySignInButton, OxyLogo, Avatar, FollowButton, OxyPayButton, FontLoader, setupFonts, OxyIcon, useOxy, useOxyAuth, useOxyUser, useOxyKarma, useOxyPayments, useOxyDevices, useOxyNotifications, useOxySocket, useOxyQR, useOxyIAP, OxyContextProvider, OxyContextState, OxyContextProviderProps, useFollow, ProfileScreen, OxyRouter, useAuthStore, fontFamilies, fontStyles, toast;
 
+// Zero-config exports
+let OxyZeroConfigProvider, useOxyZeroConfig, useOxyApi;
+
 if (isFrontend) {
   OxyProvider = require('./components/OxyProvider').default;
   OxySignInButton = require('./components/OxySignInButton').default;
@@ -30,6 +33,11 @@ if (isFrontend) {
   fontFamilies = require('./styles/fonts').fontFamilies;
   fontStyles = require('./styles/fonts').fontStyles;
   toast = require('../lib/sonner').toast;
+  
+  // Zero-config components
+  OxyZeroConfigProvider = require('./zero-config').OxyZeroConfigProvider;
+  useOxyZeroConfig = require('./zero-config').useOxyZeroConfig;
+  useOxyApi = require('./zero-config').useOxyApi;
 } else {
   // Backend: no-op fallbacks
   const noopComponent = () => null;
@@ -54,6 +62,11 @@ if (isFrontend) {
   fontFamilies = {};
   fontStyles = {};
   toast = () => {};
+  
+  // Zero-config no-ops
+  OxyZeroConfigProvider = noopComponent;
+  useOxyZeroConfig = noopHook;
+  useOxyApi = () => ({});
 }
 
 export {
@@ -76,7 +89,12 @@ export {
   useAuthStore,
   fontFamilies,
   fontStyles,
-  toast
+  toast,
+  
+  // Zero-config exports
+  OxyZeroConfigProvider,
+  useOxyZeroConfig,
+  useOxyApi
 };
 
 // Re-export core services for convenience in UI context

package/src/ui/zero-config/index.ts

@@ -0,0 +1,11 @@
+/**
+ * Zero-config exports for OxyHQ Services
+ */
+
+export {
+  OxyZeroConfigProvider,
+  useOxyZeroConfig,
+  useOxyApi,
+  type OxyZeroConfigState,
+  type OxyZeroConfigProviderProps
+} from './provider';