@proveanything/smartlinks-auth-ui 0.5.13 → 0.5.15

package/dist/index.js

@@ -12775,6 +12775,9 @@ collectionId, enableContactSync, enableInteractionTracking, interactionAppId, in
                     await tokenStorage.saveAccountData(authAccountData);
                     await tokenStorage.saveAccountInfo(authAccountData, accountCacheTTL);
                 }
+                else {
+                    await tokenStorage.clearAccountData();
+                }
                 smartlinks__namespace.auth.verifyToken(authToken).catch(() => { });
             }
             // Always update memory state (but NOT isVerified yet - wait for parent ack in iframe mode)
@@ -13119,6 +13122,25 @@ const normalizeQueryString = (query) => {
 const buildSearchParams = (rawQuery) => {
     return new URLSearchParams(normalizeQueryString(rawQuery));
 };
+const appendWhatsAppResumeParams = (url, token) => {
+    try {
+        const nextUrl = new URL(url, window.location.origin);
+        nextUrl.searchParams.set('mode', 'whatsapp');
+        if (token) {
+            nextUrl.searchParams.set('token', token);
+        }
+        else {
+            nextUrl.searchParams.delete('token');
+        }
+        const serializedUrl = nextUrl.toString();
+        return token === '{{token}}'
+            ? serializedUrl.replace(encodeURIComponent(token), token)
+            : serializedUrl;
+    }
+    catch {
+        return url;
+    }
+};
 // Helper to check for URL auth params synchronously (runs during initialization)
 // This prevents the form from flashing before detecting deep-link flows
 const getInitialUrlAuthParams = () => {
@@ -13141,6 +13163,19 @@ const getExpirationFromResponse = (response) => {
         return Date.now() + response.expiresIn;
     return undefined; // Will use 7-day default in tokenStorage
 };
+const stripWhatsAppResumeParams = (url) => {
+    try {
+        const urlObj = new URL(url);
+        if (urlObj.searchParams.get('mode') === 'whatsapp') {
+            urlObj.searchParams.delete('mode');
+            urlObj.searchParams.delete('token');
+        }
+        return urlObj.toString();
+    }
+    catch {
+        return url;
+    }
+};
 const getActionResultErrorMessage = (result) => {
     if (!result || typeof result !== 'object')
         return null;
@@ -13170,7 +13205,7 @@ const interpolateReply = (input, vars) => {
         .replace(/\{\{\s*phoneNumber\s*\}\}/gi, vars.phoneNumber?.trim() || '')
         .replace(/\{\{\s*returnUrl\s*\}\}/gi, vars.returnUrl?.trim() || '')
         .replace(/\{\{\s*clientId\s*\}\}/gi, vars.clientId?.trim() || '')
-        .replace(/\{\{\s*token\s*\}\}/gi, vars.token?.trim() || '');
+        .replace(/\{\{\s*token\s*\}\}/gi, vars.token === undefined ? '{{token}}' : vars.token.trim());
 };
 const buildWhatsAppReply = (cfg, vars) => {
     if (!cfg)
@@ -13498,11 +13533,34 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
         // Get the full current URL including hash routes, strip query params
         return window.location.href.split('?')[0];
     };
+    const syncWhatsAppResumeUrl = (pending) => {
+        if (typeof window === 'undefined')
+            return;
+        try {
+            const currentUrl = new URL(window.location.href);
+            const isOnResumeUrl = currentUrl.searchParams.get('mode') === 'whatsapp';
+            if (!pending) {
+                if (!isOnResumeUrl)
+                    return;
+                const cleanUrl = stripWhatsAppResumeParams(currentUrl.toString());
+                window.history.replaceState({}, document.title, cleanUrl);
+                return;
+            }
+            const resumedUrl = appendWhatsAppResumeParams(pending.redirectUrl || currentUrl.toString(), pending.token);
+            if (currentUrl.toString() !== resumedUrl) {
+                window.history.replaceState({}, document.title, resumedUrl);
+            }
+        }
+        catch (err) {
+            log.warn('Failed to sync WhatsApp resume URL state:', err);
+        }
+    };
     const savePendingWhatsAppSession = async (session) => {
         if (proxyMode)
             return;
         const storage = await getStorage();
         await storage.setItem(WHATSAPP_PENDING_SESSION_KEY, session);
+        syncWhatsAppResumeUrl(session);
     };
     const loadPendingWhatsAppSession = async () => {
         if (proxyMode)
@@ -13515,6 +13573,7 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
             return;
         const storage = await getStorage();
         await storage.removeItem(WHATSAPP_PENDING_SESSION_KEY);
+        syncWhatsAppResumeUrl(null);
     };
     const updatePendingWhatsAppSession = async (updates) => {
         if (proxyMode)
@@ -13698,6 +13757,12 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
             // Google OAuth redirect callback
             handleGoogleAuthCodeCallback(authCode, state);
         }
+        else if (urlMode === 'whatsapp') {
+            if (!auth.user?.uid) {
+                setMode('whatsapp');
+            }
+            setUrlAuthProcessing(false);
+        }
         else if (urlMode && token) {
             handleURLBasedAuth(urlMode, token);
         }
@@ -14621,14 +14686,26 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
         let cancelled = false;
         const resumePendingWhatsAppSession = async () => {
             try {
+                const urlParams = buildSearchParams(window.location.search);
+                const resumeMode = urlParams.get('mode');
+                const resumeToken = urlParams.get('token');
                 const pending = await loadPendingWhatsAppSession();
-                if (!pending || cancelled)
+                if (!pending || cancelled) {
+                    if (resumeMode === 'whatsapp') {
+                        syncWhatsAppResumeUrl(null);
+                    }
                     return;
+                }
                 // Expire stale pending sessions after 30 minutes to avoid resurrecting old attempts.
                 if (Date.now() - pending.createdAt > 30 * 60 * 1000) {
                     await clearPendingWhatsAppSession();
                     return;
                 }
+                if (resumeMode === 'whatsapp' && resumeToken && resumeToken !== pending.token) {
+                    await clearPendingWhatsAppSession();
+                    return;
+                }
+                syncWhatsAppResumeUrl(pending);
                 whatsappSendRef.current = {
                     token: pending.token,
                     sessionKey: pending.sessionKey,
@@ -14651,7 +14728,7 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
                     }
                     return;
                 }
-                if (status.status === 'pending') {
+                if (resumeMode === 'whatsapp' || status.status === 'pending') {
                     setMode('whatsapp');
                 }
                 else if (status.status === 'failed' || status.status === 'expired' || status.status === 'unknown') {
@@ -14677,10 +14754,11 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
             // Resolve reply config: per-call prop wins, otherwise fall back to AuthKit default.
             const replyConfig = whatsappReply ?? config?.whatsappReply;
             const effectiveRedirectUrl = getRedirectUrl();
+            const resumableRedirectUrl = appendWhatsAppResumeParams(effectiveRedirectUrl, '{{token}}');
             const reply = buildWhatsAppReply(replyConfig, {
                 name: displayName,
                 clientName,
-                returnUrl: effectiveRedirectUrl,
+                returnUrl: resumableRedirectUrl,
                 clientId,
             });
             // Resolve outbound prefill message: per-call prop wins, then AuthKit default.
@@ -14690,7 +14768,7 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
             // formed session.user — no follow-up updateProfile call needed.
             const trimmedName = displayName?.trim() || undefined;
             const contactData = trimmedName ? { name: trimmedName } : undefined;
-            const result = await api.sendWhatsApp(effectiveRedirectUrl, undefined, reply, prefillMessage, contactData);
+            const result = await api.sendWhatsApp(resumableRedirectUrl, undefined, reply, prefillMessage, contactData);
             whatsappSendRef.current = {
                 token: result.token,
                 sessionKey: result.sessionKey,
@@ -14773,8 +14851,9 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
                             fontSize: '0.875rem'
                         }, children: initialUrlParams.mode === 'verifyEmail' ? 'Verifying your email...' :
                             initialUrlParams.mode === 'magicLink' ? 'Processing magic link...' :
-                                initialUrlParams.mode === 'resetPassword' ? 'Validating reset link...' :
-                                    'Processing...' })] }) }));
+                                initialUrlParams.mode === 'whatsapp' ? 'Resuming your WhatsApp sign-in...' :
+                                    initialUrlParams.mode === 'resetPassword' ? 'Validating reset link...' :
+                                        'Processing...' })] }) }));
     }
     if (configLoading) {
         return (jsxRuntime.jsx(AuthContainer, { theme: resolvedTheme, className: className, minimal: minimal || config?.branding?.minimal || false, children: jsxRuntime.jsx("div", { style: { textAlign: 'center', padding: '2rem' }, children: jsxRuntime.jsx("div", { className: "auth-spinner" }) }) }));