@pagamio/frontend-commons-lib 0.8.189 → 0.8.191

package/lib/api/client.js

@@ -11,6 +11,7 @@ export class ApiClient {
             defaultHeaders: {
                 'Content-Type': 'application/json',
             },
+            credentials: 'include',
             ...config,
         };
     }
@@ -214,7 +215,7 @@ export class ApiClient {
      * Makes the actual HTTP request.
      */
     async makeRequest(endpoint, method, config) {
-        const { params, timeout, skipAuth, skipRefresh, requestConfig, overrideDefaultHeaders, signal } = config;
+        const { params, timeout, skipAuth, skipRefresh, requestConfig, overrideDefaultHeaders, signal, overrideDefaultCredentials, } = config;
         const url = this.createUrl(endpoint, params);
         // Use provided signal, or create a new AbortController for this request
         let requestSignal;
@@ -227,7 +228,7 @@ export class ApiClient {
             this.activeControllers.add(controller);
             requestSignal = controller.signal;
         }
-        let finalConfig = this.buildRequestConfig(requestConfig, method, overrideDefaultHeaders, requestSignal);
+        let finalConfig = this.buildRequestConfig(requestConfig, method, overrideDefaultHeaders, overrideDefaultCredentials, requestSignal);
         finalConfig = await this.injectAuthHeader(finalConfig, skipAuth);
         finalConfig = await this.applyOnRequestHook(finalConfig);
         let response;
@@ -243,7 +244,7 @@ export class ApiClient {
         }
         return response;
     }
-    buildRequestConfig(requestConfig, method, overrideDefaultHeaders, signal) {
+    buildRequestConfig(requestConfig, method, overrideDefaultHeaders, overrideDefaultCredentials, signal) {
         return {
             ...requestConfig,
             method,
@@ -252,6 +253,7 @@ export class ApiClient {
                 ...requestConfig.headers,
             },
             signal,
+            credentials: requestConfig.credentials ?? overrideDefaultCredentials ?? this.config.credentials ?? 'same-origin',
         };
     }
     async injectAuthHeader(finalConfig, skipAuth) {

package/lib/api/context.d.ts

@@ -102,11 +102,12 @@ export declare function useApi<T extends CustomAuthConfig>(): ApiClient<T>;
  * });
  * ```
  */
-export declare function createApiClient<T extends CustomAuthConfig>({ baseURL, tokenManager, defaultHeaders, timeout, retries, }: {
+export declare function createApiClient<T extends CustomAuthConfig>({ baseURL, tokenManager, defaultHeaders, timeout, retries, credentials, }: {
     baseURL: string;
     tokenManager: TokenManager<T>;
     defaultHeaders?: HeadersInit;
     timeout?: number;
     retries?: number;
+    credentials?: RequestCredentials;
 }): ApiClient<T>;
 export {};

package/lib/api/context.js

@@ -94,12 +94,13 @@ export function useApi() {
  * });
  * ```
  */
-export function createApiClient({ baseURL, tokenManager, defaultHeaders = {}, timeout = 30000, retries = 1, }) {
+export function createApiClient({ baseURL, tokenManager, defaultHeaders = {}, timeout = 30000, retries = 1, credentials, }) {
     return new ApiClient({
         baseURL,
         tokenManager,
         defaultHeaders,
         timeout,
         retries,
+        credentials,
     });
 }

package/lib/api/types.d.ts

@@ -22,6 +22,7 @@ export interface ApiClientConfig<T extends CustomAuthConfig> {
     onResponse?: <T>(response: Response, data: T) => Promise<T> | T;
     onError?: (error: ApiError) => Promise<void> | void;
     onUnauthorized?: () => Promise<void> | void;
+    credentials?: RequestCredentials;
 }
 export interface RequestConfig extends RequestInit {
     params?: Record<string, string>;

package/lib/auth/types/auth.types.d.ts

@@ -231,4 +231,52 @@ export interface VasAppAuthConfig extends CustomAuthConfig {
         password: string;
     };
 }
+/**
+ * Authentication configuration for the Commerce application.
+ * Defines the structure of user information, token data, and login credentials
+ * specific to the Commerce app authentication flow.
+ *
+ * @example
+ * ```typescript
+ * const authService = createAuthService<CommerceAppAuthConfig>({
+ *   baseUrl: 'https://api.commerce.example.com',
+ *   endpoints: {
+ *     login: '/auth/login',
+ *     register: '/auth/register',
+ *   }
+ * });
+ * ```
+ */
+export interface CommerceAppAuthConfig extends CustomAuthConfig {
+    /** User information structure for Commerce app */
+    UserInfo: {
+        /** Unique identifier for the user */
+        id: string;
+        /** Username used for authentication */
+        userName: string;
+        /** Current onboarding step */
+        onboardingStep?: string | null;
+        /** Secondary user identifier */
+        userId: string;
+        /** User type (e.g., customer, merchant, admin) */
+        userType: string;
+        /** User type identifier */
+        userTypeId: string;
+    };
+    /** Token information structure */
+    TokenInfo: {
+        /** JWT or other authentication token */
+        token: string;
+        /** Token expiration time in seconds */
+        expiresIn: number;
+    };
+    /** Login credentials structure */
+    Credentials: {
+        /** Username or email for authentication */
+        username?: string;
+        email?: string;
+        /** User's password */
+        password: string;
+    };
+}
 export {};

package/lib/auth/utils/Transformers.d.ts

@@ -1,4 +1,4 @@
-import type { ApiResponseTransformer, AuthResponse, EventsAppAuthConfig, VasAppAuthConfig } from '../types';
+import type { ApiResponseTransformer, AuthResponse, CommerceAppAuthConfig, EventsAppAuthConfig, VasAppAuthConfig } from '../types';
 /**
  * Transforms authentication responses from the Events App API format into a standardized AuthResponse.
  * This transformer handles responses that include a single token and role-based user information.
@@ -115,6 +115,44 @@ export declare class VasAppResponseTransformer implements ApiResponseTransformer
      */
     transform(response: any, remember?: boolean): AuthResponse<VasAppAuthConfig>;
 }
+/**
+ * Transforms authentication responses from the Commerce App API format into a standardized AuthResponse.
+ * This transformer handles responses wrapped in a success/data structure.
+ *
+ * Expected API response format:
+ * ```typescript
+ * {
+ *   success: boolean;
+ *   data: {
+ *     user: {...};
+ *     accessToken: string;
+ *     refreshToken: string;
+ *   };
+ * }
+ * ```
+ *
+ * @implements {ApiResponseTransformer<CommerceAppAuthConfig>}
+ */
+export declare class CommerceAppResponseTransformer implements ApiResponseTransformer<CommerceAppAuthConfig> {
+    /**
+     * Checks if the given response matches the Commerce App API format.
+     * Verifies the presence of required fields specific to Commerce App responses.
+     *
+     * @param response - The raw API response to check
+     * @returns True if the response contains 'success' and 'data' fields with user and tokens
+     */
+    canHandle(response: any): boolean;
+    /**
+     * Transforms a Commerce App API response into the standardized AuthResponse format.
+     * Maps API-specific fields to the common auth response structure.
+     *
+     * @param response - The raw API response to transform
+     * @param remember - Whether to use extended token expiration
+     * @returns Standardized auth response with user and token information
+     * @throws Error if required fields are missing from the response
+     */
+    transform(response: any, remember?: boolean): AuthResponse<CommerceAppAuthConfig>;
+}
 /**
  * Factory class for creating and managing response transformers.
  * Implements the Factory pattern to dynamically select the appropriate transformer

package/lib/auth/utils/Transformers.js

@@ -211,6 +211,106 @@ export class VasAppResponseTransformer {
         };
     }
 }
+/**
+ * Transforms authentication responses from the Commerce App API format into a standardized AuthResponse.
+ * This transformer handles responses wrapped in a success/data structure.
+ *
+ * Expected API response format:
+ * ```typescript
+ * {
+ *   success: boolean;
+ *   data: {
+ *     user: {...};
+ *     accessToken: string;
+ *     refreshToken: string;
+ *   };
+ * }
+ * ```
+ *
+ * @implements {ApiResponseTransformer<CommerceAppAuthConfig>}
+ */
+export class CommerceAppResponseTransformer {
+    /**
+     * Checks if the given response matches the Commerce App API format.
+     * Verifies the presence of required fields specific to Commerce App responses.
+     *
+     * @param response - The raw API response to check
+     * @returns True if the response contains 'success' and 'data' fields with user and tokens
+     */
+    canHandle(response) {
+        return (response.hasOwnProperty('success') &&
+            response.hasOwnProperty('data') &&
+            response.data?.hasOwnProperty('user') &&
+            response.data?.hasOwnProperty('accessToken'));
+    }
+    /**
+     * Transforms a Commerce App API response into the standardized AuthResponse format.
+     * Maps API-specific fields to the common auth response structure.
+     *
+     * @param response - The raw API response to transform
+     * @param remember - Whether to use extended token expiration
+     * @returns Standardized auth response with user and token information
+     * @throws Error if required fields are missing from the response
+     */
+    transform(response, remember) {
+        const { data } = response;
+        // Decode access token to get expiration
+        let decodedAccessToken;
+        try {
+            decodedAccessToken = jwtDecode(data.accessToken);
+        }
+        catch (error) {
+            console.error('Error decoding JWT access token:', error);
+            throw new Error('Failed to decode JWT access token. Please check the token format.');
+        }
+        if (!decodedAccessToken.exp) {
+            throw new Error('Access token does not contain an expiry time (exp claim)');
+        }
+        // Calculate access token expiration in seconds from now
+        const currentTime = Math.floor(Date.now() / 1000);
+        const accessExpiresIn = decodedAccessToken.exp - currentTime;
+        if (accessExpiresIn <= 0) {
+            throw new Error('Access token has already expired');
+        }
+        // Decode refresh token to get expiration (if present)
+        let refreshExpiresIn;
+        if (data.refreshToken) {
+            try {
+                const decodedRefreshToken = jwtDecode(data.refreshToken);
+                if (decodedRefreshToken.exp) {
+                    refreshExpiresIn = decodedRefreshToken.exp - currentTime;
+                }
+            }
+            catch (error) {
+                console.error('Error decoding JWT refresh token:', error);
+                // Use fallback if refresh token can't be decoded
+                refreshExpiresIn = remember ? 30 * 24 * 60 * 60 : 7 * 24 * 60 * 60; // 30 days or 7 days
+            }
+        }
+        return {
+            user: {
+                id: data.user.id,
+                userName: data.user.userName,
+                onboardingStep: data.user.onboardingStep,
+                userId: data.user.id,
+                userType: data.user.userType || 'customer',
+                userTypeId: data.user.userTypeId || data.user.employeeId || data.user.id,
+            },
+            auth: {
+                accessToken: {
+                    token: data.accessToken,
+                    expiresIn: accessExpiresIn,
+                },
+                refreshToken: data.refreshToken && refreshExpiresIn
+                    ? {
+                        token: data.refreshToken,
+                        expiresIn: refreshExpiresIn,
+                    }
+                    : undefined,
+            },
+        };
+    }
+}
 /**
  * Factory class for creating and managing response transformers.
  * Implements the Factory pattern to dynamically select the appropriate transformer
@@ -232,6 +332,7 @@ export class ResponseTransformerFactory {
      * @static
      */
     static transformers = [
+        new CommerceAppResponseTransformer(),
         new EventsAppResponseTransformer(),
         new VasAppResponseTransformer(),
     ];

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@pagamio/frontend-commons-lib",
   "description": "Pagamio library for Frontend reusable components like the form engine and table container",
-  "version": "0.8.189",
+  "version": "0.8.191",
   "publishConfig": {
     "access": "public",
     "provenance": false