@oxyhq/services 5.7.5 → 5.8.2

package/lib/module/ui/context/OxyContext.js

@@ -1,6 +1,7 @@
 "use strict";
 
-import React, { createContext, useContext, useEffect, useCallback, useMemo } from 'react';
+import React, { createContext, useContext, useEffect, useCallback, useMemo, useRef } from 'react';
+import { OxyServices } from '../../core';
 import { DeviceManager } from '../../utils/deviceManager';
 import { useSessionSocket } from '../hooks/useSessionSocket';
 import { toast } from '../../lib/sonner';
@@ -58,17 +59,32 @@ const getStorage = async () => {
 
 // Storage keys for secure sessions
 const getSecureStorageKeys = (prefix = 'oxy_secure') => ({
-  sessions: `${prefix}_sessions`,
-  // Array of SecureClientSession objects
-  activeSessionId: `${prefix}_active_session_id` // ID of currently active session
+  activeSessionId: `${prefix}_active_session_id` // Only store the active session ID
 });
-export const OxyContextProvider = ({
+export const OxyProvider = ({
   children,
-  oxyServices,
+  oxyServices: providedOxyServices,
+  baseURL,
   storageKeyPrefix = 'oxy_secure',
   onAuthStateChange,
+  onError,
   bottomSheetRef
 }) => {
+  // Create oxyServices automatically if not provided
+  const oxyServicesRef = useRef(null);
+  if (!oxyServicesRef.current) {
+    if (providedOxyServices) {
+      oxyServicesRef.current = providedOxyServices;
+    } else if (baseURL) {
+      oxyServicesRef.current = new OxyServices({
+        baseURL
+      });
+    } else {
+      throw new Error('Either oxyServices or baseURL must be provided to OxyContextProvider');
+    }
+  }
+  const oxyServices = oxyServicesRef.current;
+
   // Zustand state
   const user = useAuthStore(state => state.user);
   const isAuthenticated = useAuthStore(state => state.isAuthenticated);
@@ -105,7 +121,7 @@ export const OxyContextProvider = ({
     initStorage();
   }, []);
 
-  // Effect to initialize authentication state
+  // Effect to initialize authentication state - only store session ID
   useEffect(() => {
     const initAuth = async () => {
       if (!storage) return;
@@ -113,79 +129,49 @@ export const OxyContextProvider = ({
         isLoading: true
       });
       try {
-        // Load stored sessions
-        const sessionsData = await storage.getItem(keys.sessions);
+        // Only load the active session ID from storage
         const storedActiveSessionId = await storage.getItem(keys.activeSessionId);
-        console.log('SecureAuth - sessionsData:', sessionsData);
         console.log('SecureAuth - activeSessionId:', storedActiveSessionId);
-        if (sessionsData) {
-          const parsedSessions = JSON.parse(sessionsData);
-
-          // Migrate old session format to include user info
-          const migratedSessions = [];
-          let shouldUpdateStorage = false;
-          for (const session of parsedSessions) {
-            if (!session.userId) {
-              // Session is missing user info, try to fetch it
-              try {
-                const sessionUser = await oxyServices.getUserBySession(session.sessionId);
-                migratedSessions.push({
-                  ...session,
-                  userId: sessionUser.id
-                });
-                shouldUpdateStorage = true;
-                console.log(`Migrated session ${session.sessionId} for user ${sessionUser.id}`);
-              } catch (error) {
-                // Session might be invalid, skip it
-                console.log(`Removing invalid session ${session.sessionId}:`, error);
-                shouldUpdateStorage = true;
+        if (storedActiveSessionId) {
+          // Validate the stored session with the backend
+          try {
+            const validation = await oxyServices.validateSession(storedActiveSessionId);
+            if (validation.valid) {
+              console.log('SecureAuth - session validated successfully');
+              setActiveSessionId(storedActiveSessionId);
+
+              // Get access token for API calls
+              await oxyServices.getTokenBySession(storedActiveSessionId);
+
+              // Load full user data from backend
+              const fullUser = await oxyServices.getUserBySession(storedActiveSessionId);
+              loginSuccess(fullUser);
+              setMinimalUser({
+                id: fullUser.id,
+                username: fullUser.username,
+                avatar: fullUser.avatar
+              });
+
+              // Load sessions from backend
+              const serverSessions = await oxyServices.getSessionsBySessionId(storedActiveSessionId);
+              const clientSessions = serverSessions.map(serverSession => ({
+                sessionId: serverSession.sessionId,
+                deviceId: serverSession.deviceId,
+                expiresAt: serverSession.expiresAt || new Date().toISOString(),
+                lastActive: serverSession.lastActive || new Date().toISOString(),
+                userId: serverSession.userId || fullUser.id
+              }));
+              setSessions(clientSessions);
+              if (onAuthStateChange) {
+                onAuthStateChange(fullUser);
               }
             } else {
-              // Session already has user info
-              migratedSessions.push(session);
-            }
-          }
-
-          // Update storage if we made changes
-          if (shouldUpdateStorage) {
-            await saveSessionsToStorage(migratedSessions);
-          }
-          setSessions(migratedSessions);
-          if (storedActiveSessionId && migratedSessions.length > 0) {
-            const activeSession = migratedSessions.find(s => s.sessionId === storedActiveSessionId);
-            if (activeSession) {
-              console.log('SecureAuth - activeSession found:', activeSession);
-
-              // Validate session
-              try {
-                const validation = await oxyServices.validateSession(activeSession.sessionId);
-                if (validation.valid) {
-                  console.log('SecureAuth - session validated successfully');
-                  setActiveSessionId(activeSession.sessionId);
-
-                  // Get access token for API calls
-                  await oxyServices.getTokenBySession(activeSession.sessionId);
-
-                  // Load full user data
-                  const fullUser = await oxyServices.getUserBySession(activeSession.sessionId);
-                  loginSuccess(fullUser);
-                  setMinimalUser({
-                    id: fullUser.id,
-                    username: fullUser.username,
-                    avatar: fullUser.avatar
-                  });
-                  if (onAuthStateChange) {
-                    onAuthStateChange(fullUser);
-                  }
-                } else {
-                  console.log('SecureAuth - session invalid, removing');
-                  await removeInvalidSession(activeSession.sessionId);
-                }
-              } catch (error) {
-                console.error('SecureAuth - session validation error:', error);
-                await removeInvalidSession(activeSession.sessionId);
-              }
+              console.log('SecureAuth - session invalid, clearing storage');
+              await clearAllStorage();
             }
+          } catch (error) {
+            console.error('SecureAuth - session validation error:', error);
+            await clearAllStorage();
           }
         }
       } catch (err) {
@@ -200,33 +186,13 @@ export const OxyContextProvider = ({
     if (storage) {
       initAuth();
     }
-  }, [storage, oxyServices, keys, onAuthStateChange]);
-
-  // Effect to restore token on app load or session switch
-  useEffect(() => {
-    const restoreToken = async () => {
-      if (activeSessionId && oxyServices) {
-        try {
-          await oxyServices.getTokenBySession(activeSessionId);
-          setTokenReady(true);
-        } catch (err) {
-          // If token restoration fails, force logout
-          await logout();
-          setTokenReady(false);
-        }
-      } else {
-        setTokenReady(true); // No session, so token is not needed
-      }
-    };
-    restoreToken();
-    // Only run when activeSessionId or oxyServices changes
-  }, [activeSessionId, oxyServices]);
+  }, [storage, oxyServices, keys, onAuthStateChange, loginSuccess, setMinimalUser]);
 
-  // Remove invalid session
+  // Remove invalid session - refresh sessions from backend
   const removeInvalidSession = useCallback(async sessionId => {
+    // Remove from local state
     const filteredSessions = sessions.filter(s => s.sessionId !== sessionId);
     setSessions(filteredSessions);
-    await saveSessionsToStorage(filteredSessions);
 
     // If there are other sessions, switch to the first one
     if (filteredSessions.length > 0) {
@@ -243,13 +209,7 @@ export const OxyContextProvider = ({
     }
   }, [sessions, storage, keys, onAuthStateChange, logoutStore]);
 
-  // Save sessions to storage
-  const saveSessionsToStorage = useCallback(async sessionsList => {
-    if (!storage) return;
-    await storage.setItem(keys.sessions, JSON.stringify(sessionsList));
-  }, [storage, keys.sessions]);
-
-  // Save active session ID to storage
+  // Save active session ID to storage (only session ID, no user data)
   const saveActiveSessionId = useCallback(async sessionId => {
     if (!storage) return;
     await storage.setItem(keys.activeSessionId, sessionId);
@@ -259,7 +219,6 @@ export const OxyContextProvider = ({
   const clearAllStorage = useCallback(async () => {
     if (!storage) return;
     try {
-      await storage.removeItem(keys.sessions);
       await storage.removeItem(keys.activeSessionId);
     } catch (err) {
       console.error('Clear secure storage error:', err);
@@ -301,8 +260,8 @@ export const OxyContextProvider = ({
     }
   }, [oxyServices, onAuthStateChange, loginSuccess, saveActiveSessionId]);
 
-  // Secure login method
-  const login = async (username, password, deviceName) => {
+  // Secure login method - only store session ID, retrieve data from backend
+  const login = useCallback(async (username, password, deviceName) => {
     if (!storage) throw new Error('Storage not initialized');
     useAuthStore.setState({
       isLoading: true,
@@ -318,49 +277,28 @@ export const OxyContextProvider = ({
       console.log('SecureAuth - Using device ID:', deviceInfo.deviceId);
       const response = await oxyServices.secureLogin(username, password, deviceName || deviceInfo.deviceName || DeviceManager.getDefaultDeviceName(), deviceFingerprint);
 
-      // Create client session object with user info for duplicate detection
-      const clientSession = {
-        sessionId: response.sessionId,
-        deviceId: response.deviceId,
-        expiresAt: response.expiresAt,
-        lastActive: new Date().toISOString(),
-        userId: response.user.id
-      };
-
-      // Check if this user already has a session (prevent duplicate accounts)
-      const existingUserSessionIndex = sessions.findIndex(s => s.userId === response.user.id);
-      let updatedSessions;
-      if (existingUserSessionIndex !== -1) {
-        // User already has a session - replace it with the new one (reused session scenario)
-        const existingSession = sessions[existingUserSessionIndex];
-        updatedSessions = [...sessions];
-        updatedSessions[existingUserSessionIndex] = clientSession;
-        console.log(`Reusing/updating existing session for user ${response.user.id}. Previous session: ${existingSession.sessionId}, New session: ${response.sessionId}`);
-
-        // If the replaced session was the active one, update active session
-        if (activeSessionId === existingSession.sessionId) {
-          setActiveSessionId(response.sessionId);
-          await saveActiveSessionId(response.sessionId);
-        }
-      } else {
-        // Add new session for new user
-        updatedSessions = [...sessions, clientSession];
-        console.log(`Added new session for user ${response.user.id} on device ${response.deviceId}`);
-      }
-      setSessions(updatedSessions);
-      await saveSessionsToStorage(updatedSessions);
-
-      // Set as active session
+      // Set as active session (only store session ID)
       setActiveSessionId(response.sessionId);
       await saveActiveSessionId(response.sessionId);
 
       // Get access token for API calls
       await oxyServices.getTokenBySession(response.sessionId);
 
-      // Load full user data
+      // Load full user data from backend
       const fullUser = await oxyServices.getUserBySession(response.sessionId);
       loginSuccess(fullUser);
       setMinimalUser(response.user);
+
+      // Load sessions from backend
+      const serverSessions = await oxyServices.getSessionsBySessionId(response.sessionId);
+      const clientSessions = serverSessions.map(serverSession => ({
+        sessionId: serverSession.sessionId,
+        deviceId: serverSession.deviceId,
+        expiresAt: serverSession.expiresAt || new Date().toISOString(),
+        lastActive: serverSession.lastActive || new Date().toISOString(),
+        userId: serverSession.userId || fullUser.id
+      }));
+      setSessions(clientSessions);
       if (onAuthStateChange) {
         onAuthStateChange(fullUser);
       }
@@ -373,19 +311,18 @@ export const OxyContextProvider = ({
         isLoading: false
       });
     }
-  };
+  }, [storage, oxyServices, saveActiveSessionId, loginSuccess, setMinimalUser, onAuthStateChange, loginFailure]);
 
   // Logout method
-  const logout = async targetSessionId => {
+  const logout = useCallback(async targetSessionId => {
     if (!activeSessionId) return;
     try {
       const sessionToLogout = targetSessionId || activeSessionId;
       await oxyServices.logoutSecureSession(activeSessionId, sessionToLogout);
 
-      // Remove session from local storage
+      // Remove session from local state
       const filteredSessions = sessions.filter(s => s.sessionId !== sessionToLogout);
       setSessions(filteredSessions);
-      await saveSessionsToStorage(filteredSessions);
 
       // If logging out active session
       if (sessionToLogout === activeSessionId) {
@@ -409,10 +346,10 @@ export const OxyContextProvider = ({
         error: 'Logout failed'
       });
     }
-  };
+  }, [activeSessionId, oxyServices, sessions, switchToSession, logoutStore, setMinimalUser, storage, keys.activeSessionId, onAuthStateChange]);
 
   // Logout all sessions
-  const logoutAll = async () => {
+  const logoutAll = useCallback(async () => {
     console.log('logoutAll called with activeSessionId:', activeSessionId);
     if (!activeSessionId) {
       console.error('No active session ID found, cannot logout all');
@@ -451,10 +388,30 @@ export const OxyContextProvider = ({
       });
       throw error;
     }
-  };
+  }, [activeSessionId, oxyServices, logoutStore, setMinimalUser, clearAllStorage, onAuthStateChange]);
+
+  // Effect to restore token on app load or session switch
+  useEffect(() => {
+    const restoreToken = async () => {
+      if (activeSessionId && oxyServices) {
+        try {
+          await oxyServices.getTokenBySession(activeSessionId);
+          setTokenReady(true);
+        } catch (err) {
+          // If token restoration fails, force logout
+          await logout();
+          setTokenReady(false);
+        }
+      } else {
+        setTokenReady(true); // No session, so token is not needed
+      }
+    };
+    restoreToken();
+    // Only run when activeSessionId or oxyServices changes
+  }, [activeSessionId, oxyServices, logout]);
 
   // Sign up method
-  const signUp = async (username, email, password) => {
+  const signUp = useCallback(async (username, email, password) => {
     if (!storage) throw new Error('Storage not initialized');
     useAuthStore.setState({
       isLoading: true,
@@ -477,41 +434,77 @@ export const OxyContextProvider = ({
         isLoading: false
       });
     }
-  };
+  }, [storage, oxyServices, login, loginFailure]);
 
   // Switch session method
-  const switchSession = async sessionId => {
+  const switchSession = useCallback(async sessionId => {
     await switchToSession(sessionId);
-  };
+  }, [switchToSession]);
 
   // Remove session method
-  const removeSession = async sessionId => {
+  const removeSession = useCallback(async sessionId => {
     await logout(sessionId);
-  };
+  }, [logout]);
 
   // Refresh sessions method
-  const refreshSessions = async () => {
-    if (!activeSessionId) return;
+  const refreshSessions = useCallback(async () => {
+    console.log('refreshSessions called with activeSessionId:', activeSessionId);
+    if (!activeSessionId) {
+      console.log('refreshSessions: No activeSessionId, returning');
+      return;
+    }
     try {
+      console.log('refreshSessions: Calling getSessionsBySessionId...');
       const serverSessions = await oxyServices.getSessionsBySessionId(activeSessionId);
+      console.log('refreshSessions: Server sessions received:', serverSessions);
 
       // Update local sessions with server data
       const updatedSessions = serverSessions.map(serverSession => ({
         sessionId: serverSession.sessionId,
         deviceId: serverSession.deviceId,
-        expiresAt: new Date().toISOString(),
-        // You might want to get this from server
-        lastActive: new Date().toISOString()
+        expiresAt: serverSession.expiresAt || new Date().toISOString(),
+        lastActive: serverSession.lastActive || new Date().toISOString(),
+        userId: serverSession.userId || user?.id
       }));
+      console.log('refreshSessions: Updated sessions:', updatedSessions);
       setSessions(updatedSessions);
-      await saveSessionsToStorage(updatedSessions);
+      console.log('refreshSessions: Sessions updated in state');
     } catch (error) {
       console.error('Refresh sessions error:', error);
+
+      // If the current session is invalid, try to find another valid session
+      if (sessions.length > 1) {
+        console.log('Current session invalid, trying to switch to another session...');
+        const otherSessions = sessions.filter(s => s.sessionId !== activeSessionId);
+        for (const session of otherSessions) {
+          try {
+            // Try to validate this session
+            await oxyServices.validateSession(session.sessionId);
+            console.log('Found valid session, switching to:', session.sessionId);
+            await switchToSession(session.sessionId);
+            return; // Successfully switched to another session
+          } catch (sessionError) {
+            console.log('Session validation failed for:', session.sessionId, sessionError);
+            continue; // Try next session
+          }
+        }
+      }
+
+      // If no valid sessions found, clear all sessions
+      console.log('No valid sessions found, clearing all sessions');
+      setSessions([]);
+      setActiveSessionId(null);
+      logoutStore();
+      setMinimalUser(null);
+      await clearAllStorage();
+      if (onAuthStateChange) {
+        onAuthStateChange(null);
+      }
     }
-  };
+  }, [activeSessionId, oxyServices, user?.id, sessions, switchToSession, logoutStore, setMinimalUser, clearAllStorage, onAuthStateChange]);
 
   // Device management methods
-  const getDeviceSessions = async () => {
+  const getDeviceSessions = useCallback(async () => {
     if (!activeSessionId) throw new Error('No active session');
     try {
       return await oxyServices.getDeviceSessions(activeSessionId);
@@ -519,8 +512,8 @@ export const OxyContextProvider = ({
       console.error('Get device sessions error:', error);
       throw error;
     }
-  };
-  const logoutAllDeviceSessions = async () => {
+  }, [activeSessionId, oxyServices]);
+  const logoutAllDeviceSessions = useCallback(async () => {
     if (!activeSessionId) throw new Error('No active session');
     try {
       await oxyServices.logoutAllDeviceSessions(activeSessionId);
@@ -538,8 +531,8 @@ export const OxyContextProvider = ({
       console.error('Logout all device sessions error:', error);
       throw error;
     }
-  };
-  const updateDeviceName = async deviceName => {
+  }, [activeSessionId, oxyServices, logoutStore, setMinimalUser, clearAllStorage, onAuthStateChange]);
+  const updateDeviceName = useCallback(async deviceName => {
     if (!activeSessionId) throw new Error('No active session');
     try {
       await oxyServices.updateDeviceName(activeSessionId, deviceName);
@@ -550,7 +543,7 @@ export const OxyContextProvider = ({
       console.error('Update device name error:', error);
       throw error;
     }
-  };
+  }, [activeSessionId, oxyServices]);
 
   // Bottom sheet control methods
   const showBottomSheet = useCallback(screenOrConfig => {
@@ -567,6 +560,7 @@ export const OxyContextProvider = ({
         bottomSheetRef.current.present();
       } else {
         console.warn('No expand or present method available on bottomSheetRef');
+        console.log('Available methods on bottomSheetRef.current:', Object.keys(bottomSheetRef.current));
       }
 
       // Then navigate to the specified screen if provided
@@ -586,6 +580,8 @@ export const OxyContextProvider = ({
       }
     } else {
       console.warn('bottomSheetRef is not available');
+      console.warn('To fix this, ensure you pass a bottomSheetRef to OxyProvider:');
+      console.warn('<OxyProvider baseURL="..." bottomSheetRef={yourBottomSheetRef}>');
     }
   }, [bottomSheetRef]);
   const hideBottomSheet = useCallback(() => {
@@ -600,16 +596,16 @@ export const OxyContextProvider = ({
     userId: user?.id,
     activeSessionId,
     refreshSessions,
-    logout: () => logout(),
+    logout,
     baseURL: oxyServices.getBaseURL(),
-    onRemoteSignOut: () => {
+    onRemoteSignOut: useCallback(() => {
       toast.info('You have been signed out remotely.');
       logout();
-    }
+    }, [logout])
   });
 
   // Context value
-  const contextValue = {
+  const contextValue = useMemo(() => ({
     user,
     minimalUser,
     sessions,
@@ -619,36 +615,19 @@ export const OxyContextProvider = ({
     error,
     login,
     logout,
-    logoutAll: async () => {
-      await logout();
-    },
-    signUp: async (username, email, password) => {
-      await signUp(username, email, password);
-      return user; // Return the latest user from Zustand
-    },
-    switchSession: async sessionId => {
-      await switchToSession(sessionId);
-    },
-    removeSession: async sessionId => {
-      await removeSession(sessionId);
-    },
-    refreshSessions: async () => {
-      await refreshSessions();
-    },
-    getDeviceSessions: async () => {
-      return await getDeviceSessions();
-    },
-    logoutAllDeviceSessions: async () => {
-      await logoutAllDeviceSessions();
-    },
-    updateDeviceName: async deviceName => {
-      await updateDeviceName(deviceName);
-    },
+    logoutAll,
+    signUp,
+    switchSession,
+    removeSession,
+    refreshSessions,
+    getDeviceSessions,
+    logoutAllDeviceSessions,
+    updateDeviceName,
     oxyServices,
     bottomSheetRef,
     showBottomSheet,
     hideBottomSheet
-  };
+  }), [user, minimalUser, sessions, activeSessionId, isAuthenticated, isLoading, error, login, logout, logoutAll, signUp, switchSession, removeSession, refreshSessions, getDeviceSessions, logoutAllDeviceSessions, updateDeviceName, oxyServices, bottomSheetRef, showBottomSheet, hideBottomSheet]);
 
   // Wrap children rendering to block until token is ready
   if (!tokenReady) {
@@ -662,6 +641,9 @@ export const OxyContextProvider = ({
   });
 };
 
+// Alias for backward compatibility
+export const OxyContextProvider = OxyProvider;
+
 // Hook to use the context
 export const useOxy = () => {
   const context = useContext(OxyContext);