@proveanything/smartlinks-auth-ui 0.4.7 → 0.4.8

package/dist/index.esm.js

@@ -1,7 +1,7 @@
 import { jsx, jsxs, Fragment } from 'react/jsx-runtime';
 import React, { useEffect, useState, useMemo, useRef, useCallback, createContext, useContext } from 'react';
 import * as smartlinks from '@proveanything/smartlinks';
-import { iframe, SmartlinksApiError } from '@proveanything/smartlinks';
+import { SmartlinksApiError, iframe } from '@proveanything/smartlinks';
 import { post, getApiHeaders, isProxyEnabled } from '@proveanything/smartlinks/dist/http';
 
 const AuthContainer = ({ children, theme = 'light', className = '', config, minimal = false, }) => {
@@ -10759,7 +10759,8 @@ const PhoneInput = ({ value, onChange, disabled = false, }) => {
     return (jsx(PhoneInputComponent, { international: true, defaultCountry: defaultCountry, value: value, onChange: (value) => onChange(value || ''), disabled: disabled, className: "phone-input-wrapper" }));
 };
 
-const PhoneAuthForm = ({ onSubmit, onBack, loading, error, }) => {
+const PhoneAuthForm = ({ onSubmit, onBack, loading, error, collectName = false, }) => {
+    const [displayName, setDisplayName] = useState('');
     const [phoneNumber, setPhoneNumber] = useState('');
     const [verificationCode, setVerificationCode] = useState('');
     const [codeSent, setCodeSent] = useState(false);
@@ -10776,7 +10777,7 @@ const PhoneAuthForm = ({ onSubmit, onBack, loading, error, }) => {
     const handleSendCode = async (e) => {
         e.preventDefault();
         try {
-            await onSubmit(phoneNumber);
+            await onSubmit(phoneNumber, undefined, collectName ? displayName || undefined : undefined);
             // Only transition to code entry UI AFTER successful send
             setCodeSent(true);
             setResendCooldown(60); // 60 second cooldown
@@ -10803,7 +10804,7 @@ const PhoneAuthForm = ({ onSubmit, onBack, loading, error, }) => {
     };
     return (jsxs("form", { className: "auth-form", onSubmit: codeSent ? handleVerifyCode : handleSendCode, children: [jsxs("div", { className: "auth-form-header", children: [jsx("h2", { className: "auth-form-title", children: "Phone Authentication" }), jsx("p", { className: "auth-form-subtitle", children: codeSent
                             ? 'Enter the verification code sent to your phone.'
-                            : 'Enter your phone number to receive a verification code.' })] }), error && (jsxs("div", { className: "auth-error", role: "alert", children: [jsx("svg", { width: "16", height: "16", viewBox: "0 0 16 16", fill: "currentColor", children: jsx("path", { d: "M8 0C3.58 0 0 3.58 0 8s3.58 8 8 8 8-3.58 8-8-3.58-8-8-8zm1 13H7v-2h2v2zm0-3H7V4h2v6z" }) }), error] })), !codeSent ? (jsxs("div", { className: "auth-form-group", children: [jsx("label", { htmlFor: "phoneNumber", className: "auth-label", children: "Phone Number" }), jsx(PhoneInput, { value: phoneNumber, onChange: setPhoneNumber, disabled: loading })] })) : (jsxs(Fragment, { children: [jsxs("div", { className: "auth-form-group", children: [jsx("label", { htmlFor: "verificationCode", className: "auth-label", children: "Verification Code" }), jsx(OTPInput, { length: 6, value: verificationCode, onChange: setVerificationCode, disabled: loading })] }), jsx("div", { style: { marginTop: '0.5rem', textAlign: 'center' }, children: jsx("button", { type: "button", className: "auth-link", onClick: handleResendCode, disabled: loading || resendCooldown > 0, style: {
+                            : 'Enter your phone number to receive a verification code.' })] }), error && (jsxs("div", { className: "auth-error", role: "alert", children: [jsx("svg", { width: "16", height: "16", viewBox: "0 0 16 16", fill: "currentColor", children: jsx("path", { d: "M8 0C3.58 0 0 3.58 0 8s3.58 8 8 8 8-3.58 8-8-3.58-8-8-8zm1 13H7v-2h2v2zm0-3H7V4h2v6z" }) }), error] })), !codeSent ? (jsxs(Fragment, { children: [collectName && (jsxs("div", { className: "auth-form-group", children: [jsx("label", { htmlFor: "phoneName", className: "auth-label", children: "Name" }), jsx("input", { id: "phoneName", type: "text", value: displayName, onChange: (e) => setDisplayName(e.target.value), className: "auth-input", placeholder: "John Smith", disabled: loading, autoComplete: "name" })] })), jsxs("div", { className: "auth-form-group", children: [jsx("label", { htmlFor: "phoneNumber", className: "auth-label", children: "Phone Number" }), jsx(PhoneInput, { value: phoneNumber, onChange: setPhoneNumber, disabled: loading })] })] })) : (jsxs(Fragment, { children: [jsxs("div", { className: "auth-form-group", children: [jsx("label", { htmlFor: "verificationCode", className: "auth-label", children: "Verification Code" }), jsx(OTPInput, { length: 6, value: verificationCode, onChange: setVerificationCode, disabled: loading })] }), jsx("div", { style: { marginTop: '0.5rem', textAlign: 'center' }, children: jsx("button", { type: "button", className: "auth-link", onClick: handleResendCode, disabled: loading || resendCooldown > 0, style: {
                                 cursor: resendCooldown > 0 ? 'not-allowed' : 'pointer',
                                 opacity: resendCooldown > 0 ? 0.5 : 1,
                             }, children: resendCooldown > 0
@@ -10846,13 +10847,14 @@ const PasswordResetForm = ({ onSubmit, onBack, loading, error, success, successM
                             : "Enter your email address and we'll send you instructions to reset your password." })] }), (error || passwordError) && (jsxs("div", { className: "auth-error", role: "alert", children: [jsx("svg", { width: "16", height: "16", viewBox: "0 0 16 16", fill: "currentColor", children: jsx("path", { d: "M8 0C3.58 0 0 3.58 0 8s3.58 8 8 8 8-3.58 8-8-3.58-8-8-8zm1 13H7v-2h2v2zm0-3H7V4h2v6z" }) }), error || passwordError] })), token ? (jsxs(Fragment, { children: [resetEmail && (jsx("input", { type: "email", value: resetEmail, readOnly: true, autoComplete: "username", style: { position: 'absolute', opacity: 0, height: 0, width: 0, overflow: 'hidden', pointerEvents: 'none' }, tabIndex: -1, "aria-hidden": "true" })), jsxs("div", { className: "auth-form-group", children: [jsx("label", { htmlFor: "password", className: "auth-label", children: "New Password" }), jsx("input", { type: "password", id: "password", className: "auth-input", value: password, onChange: (e) => setPassword(e.target.value), required: true, disabled: loading, placeholder: "Enter new password", autoComplete: "new-password", minLength: 6 })] }), jsxs("div", { className: "auth-form-group", children: [jsx("label", { htmlFor: "confirmPassword", className: "auth-label", children: "Confirm Password" }), jsx("input", { type: "password", id: "confirmPassword", className: "auth-input", value: confirmPassword, onChange: (e) => setConfirmPassword(e.target.value), required: true, disabled: loading, placeholder: "Confirm new password", autoComplete: "new-password", minLength: 6 })] })] })) : (jsxs("div", { className: "auth-form-group", children: [jsx("label", { htmlFor: "email", className: "auth-label", children: "Email address" }), jsx("input", { type: "email", id: "email", className: "auth-input", value: email, onChange: (e) => setEmail(e.target.value), required: true, disabled: loading, placeholder: "you@example.com", autoComplete: "email" })] })), jsx("button", { type: "submit", className: "auth-button auth-button-primary", disabled: loading, children: loading ? (jsx("span", { className: "auth-spinner" })) : token ? ('Reset password') : ('Send reset instructions') }), jsx("div", { className: "auth-divider", children: jsx("button", { type: "button", className: "auth-link auth-link-bold", onClick: onBack, disabled: loading, children: "\u2190 Back to Sign in" }) })] }));
 };
 
-const MagicLinkForm = ({ onSubmit, onCancel, loading = false, error, }) => {
+const MagicLinkForm = ({ onSubmit, onCancel, loading = false, error, collectName = false, }) => {
     const [email, setEmail] = useState('');
+    const [displayName, setDisplayName] = useState('');
     const handleSubmit = async (e) => {
         e.preventDefault();
-        await onSubmit(email);
+        await onSubmit(email, collectName ? displayName || undefined : undefined);
     };
-    return (jsxs("form", { onSubmit: handleSubmit, className: "auth-form", children: [jsxs("div", { className: "auth-form-group", children: [jsx("label", { htmlFor: "magic-link-email", className: "auth-label", children: "Email Address" }), jsx("input", { id: "magic-link-email", type: "email", value: email, onChange: (e) => setEmail(e.target.value), className: "auth-input", placeholder: "you@example.com", required: true, disabled: loading })] }), error && (jsx("div", { className: "auth-error-message", children: error })), jsx("button", { type: "submit", className: "auth-button auth-button-primary", disabled: loading || !email, children: loading ? (jsxs(Fragment, { children: [jsx("span", { className: "auth-spinner" }), "Sending..."] })) : ('Send Magic Link') }), jsx("button", { type: "button", onClick: onCancel, className: "auth-button auth-button-secondary", disabled: loading, children: "Cancel" })] }));
+    return (jsxs("form", { onSubmit: handleSubmit, className: "auth-form", children: [collectName && (jsxs("div", { className: "auth-form-group", children: [jsx("label", { htmlFor: "magic-link-name", className: "auth-label", children: "Name" }), jsx("input", { id: "magic-link-name", type: "text", value: displayName, onChange: (e) => setDisplayName(e.target.value), className: "auth-input", placeholder: "John Smith", disabled: loading, autoComplete: "name" })] })), jsxs("div", { className: "auth-form-group", children: [jsx("label", { htmlFor: "magic-link-email", className: "auth-label", children: "Email Address" }), jsx("input", { id: "magic-link-email", type: "email", value: email, onChange: (e) => setEmail(e.target.value), className: "auth-input", placeholder: "you@example.com", required: true, disabled: loading })] }), error && (jsx("div", { className: "auth-error-message", children: error })), jsx("button", { type: "submit", className: "auth-button auth-button-primary", disabled: loading || !email, children: loading ? (jsxs(Fragment, { children: [jsx("span", { className: "auth-spinner" }), "Sending..."] })) : ('Send Magic Link') }), jsx("button", { type: "button", onClick: onCancel, className: "auth-button auth-button-secondary", disabled: loading, children: "Cancel" })] }));
 };
 
 /**
@@ -10889,6 +10891,254 @@ function createLoggerWrapper(logger) {
     };
 }
 
+/**
+ * Friendly error messages for common HTTP status codes.
+ */
+const STATUS_MESSAGES = {
+    400: 'Invalid request. Please check your input and try again.',
+    401: 'Invalid credentials. Please check your email and password.',
+    403: 'Access denied. You do not have permission to perform this action.',
+    404: 'Account not found. Please check your email or create a new account.',
+    409: 'This email is already registered.',
+    429: 'Too many attempts. Please wait a moment and try again.',
+};
+/**
+ * Context-specific error messages for different auth operations.
+ */
+const ERROR_CODE_MESSAGES = {
+    // 400 - Validation errors
+    'MISSING_FIELDS': 'Email and password are required.',
+    'MISSING_EMAIL': 'Email is required.',
+    'MISSING_PASSWORD': 'Password is required.',
+    'MISSING_TOKEN': 'Token is required.',
+    'MISSING_PHONE_NUMBER': 'Phone number is required.',
+    'MISSING_VERIFICATION_CODE': 'Phone number and verification code are required.',
+    'MISSING_REDIRECT_URL': 'Redirect URL is required.',
+    'MISSING_GOOGLE_TOKEN': 'Google token is required.',
+    'INVALID_CLIENT_ID': 'Invalid client configuration.',
+    'INVALID_REDIRECT_URL': 'Invalid redirect URL.',
+    'INVALID_PHONE_NUMBER': 'Invalid phone number. Please check the format and try again.',
+    'INVALID_GOOGLE_TOKEN': 'Invalid Google sign-in token.',
+    'PASSWORD_TOO_SHORT': 'Password must be at least 8 characters long.',
+    'PASSWORD_REQUIREMENTS_NOT_MET': 'New password must be at least 6 characters.',
+    'EMAIL_ALREADY_VERIFIED': 'Your email is already verified.',
+    'INVALID_CONFIRMATION': 'Please type DELETE to confirm account deletion.',
+    // 401 - Authentication errors
+    'INVALID_CREDENTIALS': 'Invalid email or password.',
+    'INCORRECT_PASSWORD': 'Current password is incorrect.',
+    'INVALID_VERIFICATION_CODE': 'Invalid or expired verification code. Please try again.',
+    'INVALID_TOKEN': 'This link has expired or is invalid. Please request a new one.',
+    'TOKEN_EXPIRED': 'This link has expired. Please request a new one.',
+    'TOKEN_ALREADY_USED': 'This link has already been used. Please request a new one.',
+    'UNAUTHORIZED': 'You must be logged in to perform this action.',
+    'GOOGLE_TOKEN_AUDIENCE_MISMATCH': 'Google sign-in failed. Token was not issued for this application.',
+    // 403 - Forbidden / verification required
+    'EMAIL_NOT_VERIFIED': 'Please verify your email before signing in.',
+    'ACCOUNT_LOCKED': 'Your account has been locked. Please verify your email to unlock.',
+    'EMAIL_VERIFICATION_EXPIRED': 'Your verification deadline has passed and your account is locked. Please contact support.',
+    // 404
+    'USER_NOT_FOUND': 'Account not found. Please check your email or create a new account.',
+    // 409 - Conflicts
+    'EMAIL_ALREADY_EXISTS': 'This email is already registered.',
+    'EMAIL_IN_USE': 'This email is already in use.',
+    // 429 - Rate limiting
+    'RATE_LIMIT_EXCEEDED': 'Too many requests. Please try again later.',
+    'TOO_MANY_MAGIC_LINKS': 'Too many magic link requests. Please try again later.',
+    'TOO_MANY_VERIFICATION_ATTEMPTS': 'Too many verification attempts. Please wait and try again.',
+    'MAX_VERIFICATION_ATTEMPTS': 'Maximum verification attempts reached. Please try again later.',
+    // 500 - Server errors
+    'LOGIN_FAILED': 'Login failed. Please try again later.',
+    'REGISTRATION_FAILED': 'Registration failed. Please try again later.',
+    'GOOGLE_AUTH_NOT_CONFIGURED': 'Google sign-in is not available for this application.',
+    'GOOGLE_AUTH_FAILED': 'Google sign-in failed. Please try again.',
+    'GOOGLE_USERINFO_FAILED': 'Failed to retrieve your Google account information. Please try again.',
+    'PHONE_VERIFICATION_FAILED': 'Phone verification failed. Please try again.',
+    'SEND_VERIFICATION_CODE_FAILED': 'Failed to send verification code. Please try again.',
+    'MAGIC_LINK_SEND_FAILED': 'Failed to send magic link. Please try again.',
+    'MAGIC_LINK_VERIFICATION_FAILED': 'Magic link verification failed. Please try again.',
+    'PASSWORD_RESET_FAILED': 'Failed to process password reset. Please try again.',
+    'PASSWORD_RESET_COMPLETE_FAILED': 'Failed to reset password. Please try again.',
+    'EMAIL_VERIFICATION_SEND_FAILED': 'Failed to send verification email. Please try again.',
+    'EMAIL_VERIFICATION_FAILED': 'Email verification failed. Please try again.',
+    // Account management 500s
+    'UPDATE_PROFILE_FAILED': 'Failed to update profile. Please try again.',
+    'CHANGE_PASSWORD_FAILED': 'Failed to change password. Please try again.',
+    'CHANGE_EMAIL_FAILED': 'Failed to change email. Please try again.',
+    'UPDATE_PHONE_FAILED': 'Failed to update phone number. Please try again.',
+    'DELETE_ACCOUNT_FAILED': 'Failed to delete account. Please try again.',
+    'CONFIG_FETCH_FAILED': 'Failed to load configuration. Please try again.',
+    'INTERNAL_ERROR': 'An unexpected error occurred. Please try again.',
+    // Legacy aliases (kept for backward compatibility)
+    'INVALID_CODE': 'Invalid verification code. Please check and try again.',
+    'CODE_EXPIRED': 'This code has expired. Please request a new one.',
+    'PHONE_NOT_SUPPORTED': 'This phone number is not supported. Please try a different number.',
+    'INVALID_PHONE': 'Invalid phone number. Please check the format and try again.',
+    'PASSWORD_TOO_WEAK': 'Password is too weak. Please use at least 8 characters with a mix of letters and numbers.',
+    'RATE_LIMITED': 'Too many attempts. Please wait a moment and try again.',
+};
+function isApiErrorLike(error) {
+    if (error instanceof SmartlinksApiError)
+        return true;
+    if (error && typeof error === 'object' && 'statusCode' in error && 'message' in error) {
+        const e = error;
+        return typeof e.statusCode === 'number' && typeof e.message === 'string';
+    }
+    return false;
+}
+/**
+ * Extracts a user-friendly error message from an error.
+ *
+ * Handles:
+ * - SmartlinksApiError (and duck-typed equivalents from proxy mode)
+ * - Standard Error: Uses message property
+ * - String: Passes through directly (for native bridge errors)
+ * - Unknown: Returns generic message
+ */
+function getFriendlyErrorMessage(error) {
+    // Handle SmartlinksApiError or duck-typed API errors (proxy mode)
+    if (isApiErrorLike(error)) {
+        // First, check for specific error code (most precise)
+        const errorCode = error.errorCode || error.details?.errorCode || error.details?.error;
+        // For rate-limit errors, prefer the backend's message as it includes specific wait times
+        if (errorCode === 'RATE_LIMIT_EXCEEDED' && error.message && error.message !== '[object Object]') {
+            return error.message;
+        }
+        if (errorCode && ERROR_CODE_MESSAGES[errorCode]) {
+            return ERROR_CODE_MESSAGES[errorCode];
+        }
+        // Then, check status code for general category messages
+        if (error.statusCode >= 500) {
+            return 'Server error. Please try again later.';
+        }
+        // For 429 status, prefer backend message (may include wait time)
+        if (error.statusCode === 429 && error.message && error.message !== '[object Object]') {
+            return error.message;
+        }
+        if (STATUS_MESSAGES[error.statusCode]) {
+            return STATUS_MESSAGES[error.statusCode];
+        }
+        // Fall back to the server's message (already human-readable from backend)
+        return error.message;
+    }
+    // Handle standard Error objects
+    if (error instanceof Error) {
+        // SDK bug workaround: SDK may do `throw new Error(responseBodyObject)` which produces
+        // message "[object Object]". Check for API error properties attached to the Error instance.
+        const errAny = error;
+        // Check if the Error has API error properties directly attached (e.g., error.statusCode, error.errorCode)
+        if (typeof errAny.statusCode === 'number' || errAny.errorCode || errAny.response) {
+            // Try to extract from attached properties
+            const apiLike = errAny.response || errAny;
+            if (isApiErrorLike(apiLike)) {
+                return getFriendlyErrorMessage(apiLike);
+            }
+        }
+        // Check if the Error has a `cause` with API error details (modern Error cause pattern)
+        if (errAny.cause && typeof errAny.cause === 'object') {
+            if (isApiErrorLike(errAny.cause)) {
+                return getFriendlyErrorMessage(errAny.cause);
+            }
+        }
+        // If the message is "[object Object]", the error was constructed from a plain object
+        // This is useless - return a generic message instead
+        if (error.message === '[object Object]') {
+            // Log the actual error for debugging
+            console.warn('[AuthKit] Error with [object Object] message. Raw error:', JSON.stringify(errAny, Object.getOwnPropertyNames(errAny)));
+            return 'An unexpected error occurred. Please try again.';
+        }
+        // Check if the message itself contains a known API error pattern
+        if (/already (registered|exists)/i.test(error.message)) {
+            return 'This email is already registered.';
+        }
+        return error.message;
+    }
+    // Handle plain strings (e.g., from native bridge callbacks)
+    if (typeof error === 'string') {
+        return error;
+    }
+    // Unknown error type
+    return 'An unexpected error occurred. Please try again.';
+}
+/**
+ * Checks if an error represents a conflict (409) - typically duplicate registration.
+ */
+function isConflictError(error) {
+    if (isApiErrorLike(error))
+        return error.statusCode === 409;
+    // Also check error message for keyword match (resilient fallback)
+    if (error instanceof Error && /already (registered|exists)/i.test(error.message))
+        return true;
+    return false;
+}
+/**
+ * Checks if an error represents invalid credentials (401).
+ */
+function isAuthError(error) {
+    if (error instanceof SmartlinksApiError)
+        return error.isAuthError();
+    if (isApiErrorLike(error))
+        return error.statusCode === 401 || error.statusCode === 403;
+    return false;
+}
+/**
+ * Checks if an error represents rate limiting (429).
+ */
+function isRateLimitError(error) {
+    if (error instanceof SmartlinksApiError)
+        return error.isRateLimited();
+    if (isApiErrorLike(error))
+        return error.statusCode === 429;
+    return false;
+}
+/**
+ * Checks if an error represents a server error (5xx).
+ */
+function isServerError(error) {
+    if (error instanceof SmartlinksApiError)
+        return error.isServerError();
+    if (isApiErrorLike(error))
+        return error.statusCode >= 500;
+    return false;
+}
+/**
+ * Gets the HTTP status code from an error, if available.
+ */
+function getErrorStatusCode(error) {
+    if (isApiErrorLike(error))
+        return error.statusCode;
+    return undefined;
+}
+/**
+ * Gets the server-specific error code from an error, if available.
+ */
+function getErrorCode(error) {
+    if (isApiErrorLike(error)) {
+        return error.errorCode || error.details?.errorCode || error.details?.error;
+    }
+    return undefined;
+}
+/**
+ * Error codes that indicate the user needs to verify their email.
+ */
+const EMAIL_VERIFICATION_ERROR_CODES = new Set([
+    'EMAIL_NOT_VERIFIED',
+    'ACCOUNT_LOCKED',
+    'EMAIL_VERIFICATION_EXPIRED',
+]);
+/**
+ * Checks if an error requires email verification action from the user.
+ */
+function requiresEmailVerification(error) {
+    const code = getErrorCode(error);
+    if (code && EMAIL_VERIFICATION_ERROR_CODES.has(code))
+        return true;
+    // Also check the flag from the response body
+    if (error && typeof error === 'object' && 'requiresEmailVerification' in error) {
+        return error.requiresEmailVerification === true;
+    }
+    return false;
+}
+
 /**
  * AuthAPI - Thin wrapper around Smartlinks SDK authKit namespace
  * All authentication operations now use the global Smartlinks SDK
@@ -11034,6 +11284,32 @@ class AuthAPI {
             };
         }
     }
+    /**
+     * Ensure an account exists for the given email (or phone).
+     * Calls register and silently handles 409 (account already exists).
+     * This enables passwordless flows (magic link, phone) to work for new users.
+     */
+    async ensureAccount(data) {
+        try {
+            // Generate a random password since passwordless users won't use it
+            const randomPassword = crypto.randomUUID?.() || Math.random().toString(36).slice(2) + Math.random().toString(36).slice(2);
+            await this.register({
+                email: data.email,
+                password: randomPassword,
+                displayName: data.displayName,
+            });
+            this.log.log('ensureAccount: new account created for', data.email || data.phoneNumber);
+        }
+        catch (err) {
+            // 409 = account already exists, which is fine
+            if (isConflictError(err)) {
+                this.log.log('ensureAccount: account already exists for', data.email || data.phoneNumber);
+                return;
+            }
+            // Re-throw any other error
+            throw err;
+        }
+    }
     async sendMagicLink(email, redirectUrl) {
         return smartlinks.authKit.sendMagicLink(this.clientId, {
             email,
@@ -12311,254 +12587,6 @@ const useAuth = () => {
     return context;
 };
 
-/**
- * Friendly error messages for common HTTP status codes.
- */
-const STATUS_MESSAGES = {
-    400: 'Invalid request. Please check your input and try again.',
-    401: 'Invalid credentials. Please check your email and password.',
-    403: 'Access denied. You do not have permission to perform this action.',
-    404: 'Account not found. Please check your email or create a new account.',
-    409: 'This email is already registered.',
-    429: 'Too many attempts. Please wait a moment and try again.',
-};
-/**
- * Context-specific error messages for different auth operations.
- */
-const ERROR_CODE_MESSAGES = {
-    // 400 - Validation errors
-    'MISSING_FIELDS': 'Email and password are required.',
-    'MISSING_EMAIL': 'Email is required.',
-    'MISSING_PASSWORD': 'Password is required.',
-    'MISSING_TOKEN': 'Token is required.',
-    'MISSING_PHONE_NUMBER': 'Phone number is required.',
-    'MISSING_VERIFICATION_CODE': 'Phone number and verification code are required.',
-    'MISSING_REDIRECT_URL': 'Redirect URL is required.',
-    'MISSING_GOOGLE_TOKEN': 'Google token is required.',
-    'INVALID_CLIENT_ID': 'Invalid client configuration.',
-    'INVALID_REDIRECT_URL': 'Invalid redirect URL.',
-    'INVALID_PHONE_NUMBER': 'Invalid phone number. Please check the format and try again.',
-    'INVALID_GOOGLE_TOKEN': 'Invalid Google sign-in token.',
-    'PASSWORD_TOO_SHORT': 'Password must be at least 8 characters long.',
-    'PASSWORD_REQUIREMENTS_NOT_MET': 'New password must be at least 6 characters.',
-    'EMAIL_ALREADY_VERIFIED': 'Your email is already verified.',
-    'INVALID_CONFIRMATION': 'Please type DELETE to confirm account deletion.',
-    // 401 - Authentication errors
-    'INVALID_CREDENTIALS': 'Invalid email or password.',
-    'INCORRECT_PASSWORD': 'Current password is incorrect.',
-    'INVALID_VERIFICATION_CODE': 'Invalid or expired verification code. Please try again.',
-    'INVALID_TOKEN': 'This link has expired or is invalid. Please request a new one.',
-    'TOKEN_EXPIRED': 'This link has expired. Please request a new one.',
-    'TOKEN_ALREADY_USED': 'This link has already been used. Please request a new one.',
-    'UNAUTHORIZED': 'You must be logged in to perform this action.',
-    'GOOGLE_TOKEN_AUDIENCE_MISMATCH': 'Google sign-in failed. Token was not issued for this application.',
-    // 403 - Forbidden / verification required
-    'EMAIL_NOT_VERIFIED': 'Please verify your email before signing in.',
-    'ACCOUNT_LOCKED': 'Your account has been locked. Please verify your email to unlock.',
-    'EMAIL_VERIFICATION_EXPIRED': 'Your verification deadline has passed and your account is locked. Please contact support.',
-    // 404
-    'USER_NOT_FOUND': 'Account not found. Please check your email or create a new account.',
-    // 409 - Conflicts
-    'EMAIL_ALREADY_EXISTS': 'This email is already registered.',
-    'EMAIL_IN_USE': 'This email is already in use.',
-    // 429 - Rate limiting
-    'RATE_LIMIT_EXCEEDED': 'Too many requests. Please try again later.',
-    'TOO_MANY_MAGIC_LINKS': 'Too many magic link requests. Please try again later.',
-    'TOO_MANY_VERIFICATION_ATTEMPTS': 'Too many verification attempts. Please wait and try again.',
-    'MAX_VERIFICATION_ATTEMPTS': 'Maximum verification attempts reached. Please try again later.',
-    // 500 - Server errors
-    'LOGIN_FAILED': 'Login failed. Please try again later.',
-    'REGISTRATION_FAILED': 'Registration failed. Please try again later.',
-    'GOOGLE_AUTH_NOT_CONFIGURED': 'Google sign-in is not available for this application.',
-    'GOOGLE_AUTH_FAILED': 'Google sign-in failed. Please try again.',
-    'GOOGLE_USERINFO_FAILED': 'Failed to retrieve your Google account information. Please try again.',
-    'PHONE_VERIFICATION_FAILED': 'Phone verification failed. Please try again.',
-    'SEND_VERIFICATION_CODE_FAILED': 'Failed to send verification code. Please try again.',
-    'MAGIC_LINK_SEND_FAILED': 'Failed to send magic link. Please try again.',
-    'MAGIC_LINK_VERIFICATION_FAILED': 'Magic link verification failed. Please try again.',
-    'PASSWORD_RESET_FAILED': 'Failed to process password reset. Please try again.',
-    'PASSWORD_RESET_COMPLETE_FAILED': 'Failed to reset password. Please try again.',
-    'EMAIL_VERIFICATION_SEND_FAILED': 'Failed to send verification email. Please try again.',
-    'EMAIL_VERIFICATION_FAILED': 'Email verification failed. Please try again.',
-    // Account management 500s
-    'UPDATE_PROFILE_FAILED': 'Failed to update profile. Please try again.',
-    'CHANGE_PASSWORD_FAILED': 'Failed to change password. Please try again.',
-    'CHANGE_EMAIL_FAILED': 'Failed to change email. Please try again.',
-    'UPDATE_PHONE_FAILED': 'Failed to update phone number. Please try again.',
-    'DELETE_ACCOUNT_FAILED': 'Failed to delete account. Please try again.',
-    'CONFIG_FETCH_FAILED': 'Failed to load configuration. Please try again.',
-    'INTERNAL_ERROR': 'An unexpected error occurred. Please try again.',
-    // Legacy aliases (kept for backward compatibility)
-    'INVALID_CODE': 'Invalid verification code. Please check and try again.',
-    'CODE_EXPIRED': 'This code has expired. Please request a new one.',
-    'PHONE_NOT_SUPPORTED': 'This phone number is not supported. Please try a different number.',
-    'INVALID_PHONE': 'Invalid phone number. Please check the format and try again.',
-    'PASSWORD_TOO_WEAK': 'Password is too weak. Please use at least 8 characters with a mix of letters and numbers.',
-    'RATE_LIMITED': 'Too many attempts. Please wait a moment and try again.',
-};
-function isApiErrorLike(error) {
-    if (error instanceof SmartlinksApiError)
-        return true;
-    if (error && typeof error === 'object' && 'statusCode' in error && 'message' in error) {
-        const e = error;
-        return typeof e.statusCode === 'number' && typeof e.message === 'string';
-    }
-    return false;
-}
-/**
- * Extracts a user-friendly error message from an error.
- *
- * Handles:
- * - SmartlinksApiError (and duck-typed equivalents from proxy mode)
- * - Standard Error: Uses message property
- * - String: Passes through directly (for native bridge errors)
- * - Unknown: Returns generic message
- */
-function getFriendlyErrorMessage(error) {
-    // Handle SmartlinksApiError or duck-typed API errors (proxy mode)
-    if (isApiErrorLike(error)) {
-        // First, check for specific error code (most precise)
-        const errorCode = error.errorCode || error.details?.errorCode || error.details?.error;
-        // For rate-limit errors, prefer the backend's message as it includes specific wait times
-        if (errorCode === 'RATE_LIMIT_EXCEEDED' && error.message && error.message !== '[object Object]') {
-            return error.message;
-        }
-        if (errorCode && ERROR_CODE_MESSAGES[errorCode]) {
-            return ERROR_CODE_MESSAGES[errorCode];
-        }
-        // Then, check status code for general category messages
-        if (error.statusCode >= 500) {
-            return 'Server error. Please try again later.';
-        }
-        // For 429 status, prefer backend message (may include wait time)
-        if (error.statusCode === 429 && error.message && error.message !== '[object Object]') {
-            return error.message;
-        }
-        if (STATUS_MESSAGES[error.statusCode]) {
-            return STATUS_MESSAGES[error.statusCode];
-        }
-        // Fall back to the server's message (already human-readable from backend)
-        return error.message;
-    }
-    // Handle standard Error objects
-    if (error instanceof Error) {
-        // SDK bug workaround: SDK may do `throw new Error(responseBodyObject)` which produces
-        // message "[object Object]". Check for API error properties attached to the Error instance.
-        const errAny = error;
-        // Check if the Error has API error properties directly attached (e.g., error.statusCode, error.errorCode)
-        if (typeof errAny.statusCode === 'number' || errAny.errorCode || errAny.response) {
-            // Try to extract from attached properties
-            const apiLike = errAny.response || errAny;
-            if (isApiErrorLike(apiLike)) {
-                return getFriendlyErrorMessage(apiLike);
-            }
-        }
-        // Check if the Error has a `cause` with API error details (modern Error cause pattern)
-        if (errAny.cause && typeof errAny.cause === 'object') {
-            if (isApiErrorLike(errAny.cause)) {
-                return getFriendlyErrorMessage(errAny.cause);
-            }
-        }
-        // If the message is "[object Object]", the error was constructed from a plain object
-        // This is useless - return a generic message instead
-        if (error.message === '[object Object]') {
-            // Log the actual error for debugging
-            console.warn('[AuthKit] Error with [object Object] message. Raw error:', JSON.stringify(errAny, Object.getOwnPropertyNames(errAny)));
-            return 'An unexpected error occurred. Please try again.';
-        }
-        // Check if the message itself contains a known API error pattern
-        if (/already (registered|exists)/i.test(error.message)) {
-            return 'This email is already registered.';
-        }
-        return error.message;
-    }
-    // Handle plain strings (e.g., from native bridge callbacks)
-    if (typeof error === 'string') {
-        return error;
-    }
-    // Unknown error type
-    return 'An unexpected error occurred. Please try again.';
-}
-/**
- * Checks if an error represents a conflict (409) - typically duplicate registration.
- */
-function isConflictError(error) {
-    if (isApiErrorLike(error))
-        return error.statusCode === 409;
-    // Also check error message for keyword match (resilient fallback)
-    if (error instanceof Error && /already (registered|exists)/i.test(error.message))
-        return true;
-    return false;
-}
-/**
- * Checks if an error represents invalid credentials (401).
- */
-function isAuthError(error) {
-    if (error instanceof SmartlinksApiError)
-        return error.isAuthError();
-    if (isApiErrorLike(error))
-        return error.statusCode === 401 || error.statusCode === 403;
-    return false;
-}
-/**
- * Checks if an error represents rate limiting (429).
- */
-function isRateLimitError(error) {
-    if (error instanceof SmartlinksApiError)
-        return error.isRateLimited();
-    if (isApiErrorLike(error))
-        return error.statusCode === 429;
-    return false;
-}
-/**
- * Checks if an error represents a server error (5xx).
- */
-function isServerError(error) {
-    if (error instanceof SmartlinksApiError)
-        return error.isServerError();
-    if (isApiErrorLike(error))
-        return error.statusCode >= 500;
-    return false;
-}
-/**
- * Gets the HTTP status code from an error, if available.
- */
-function getErrorStatusCode(error) {
-    if (isApiErrorLike(error))
-        return error.statusCode;
-    return undefined;
-}
-/**
- * Gets the server-specific error code from an error, if available.
- */
-function getErrorCode(error) {
-    if (isApiErrorLike(error)) {
-        return error.errorCode || error.details?.errorCode || error.details?.error;
-    }
-    return undefined;
-}
-/**
- * Error codes that indicate the user needs to verify their email.
- */
-const EMAIL_VERIFICATION_ERROR_CODES = new Set([
-    'EMAIL_NOT_VERIFIED',
-    'ACCOUNT_LOCKED',
-    'EMAIL_VERIFICATION_EXPIRED',
-]);
-/**
- * Checks if an error requires email verification action from the user.
- */
-function requiresEmailVerification(error) {
-    const code = getErrorCode(error);
-    if (code && EMAIL_VERIFICATION_ERROR_CODES.has(code))
-        return true;
-    // Also check the flag from the response body
-    if (error && typeof error === 'object' && 'requiresEmailVerification' in error) {
-        return error.requiresEmailVerification === true;
-    }
-    return false;
-}
-
 // VERSION: Update this when making changes to help identify which version is running
 const AUTH_UI_VERSION = '46';
 const LOG_PREFIX = `[SmartlinksAuthUI:v${AUTH_UI_VERSION}]`;
@@ -13852,11 +13880,13 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
             setLoading(false);
         }
     };
-    const handlePhoneAuth = async (phoneNumber, verificationCode) => {
+    const handlePhoneAuth = async (phoneNumber, verificationCode, displayName) => {
         setLoading(true);
         setError(undefined);
         try {
             if (!verificationCode) {
+                // Phone verify endpoint handles account creation on the backend side,
+                // so no need for ensureAccount here (register requires email which phone users may not have)
                 // Send verification code via Twilio Verify Service
                 await api.sendPhoneCode(phoneNumber);
                 // Twilio Verify Service tracks the verification by phone number
@@ -13975,10 +14005,12 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
             setLoading(false);
         }
     };
-    const handleMagicLink = async (email) => {
+    const handleMagicLink = async (email, displayName) => {
         setLoading(true);
         setError(undefined);
         try {
+            // Ensure account exists before sending magic link (creates if new, no-op if exists)
+            await api.ensureAccount({ email, displayName });
             await api.sendMagicLink(email, getRedirectUrl());
             setAuthSuccess(true);
             setSuccessMessage('Magic link sent! Check your email to log in.');
@@ -14025,7 +14057,7 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
                             ? 'hsl(var(--muted-foreground, 215 15% 45%))'
                             : (resolvedTheme === 'dark' ? '#94a3b8' : '#6B7280'),
                         fontSize: '0.875rem'
-                    }, children: successMessage })] })) : mode === 'magic-link' ? (jsx(MagicLinkForm, { onSubmit: handleMagicLink, onCancel: () => setMode('login'), loading: loading, error: error })) : mode === 'phone' ? (jsx(PhoneAuthForm, { onSubmit: handlePhoneAuth, onBack: () => setMode('login'), loading: loading, error: error })) : mode === 'reset-password' ? (jsx(PasswordResetForm, { onSubmit: handlePasswordReset, onBack: () => {
+                    }, children: successMessage })] })) : mode === 'magic-link' ? (jsx(MagicLinkForm, { onSubmit: handleMagicLink, onCancel: () => setMode('login'), loading: loading, error: error, collectName: config?.collectNameOnPasswordlessSignup })) : mode === 'phone' ? (jsx(PhoneAuthForm, { onSubmit: handlePhoneAuth, onBack: () => setMode('login'), loading: loading, error: error, collectName: config?.collectNameOnPasswordlessSignup })) : mode === 'reset-password' ? (jsx(PasswordResetForm, { onSubmit: handlePasswordReset, onBack: () => {
                 setMode('login');
                 setResetSuccess(false);
                 setResetToken(undefined); // Clear token when going back