npm - @proveanything/smartlinks-auth-ui - Versions diffs - 0.5.14 → 0.5.16 - Mend

@proveanything/smartlinks-auth-ui 0.5.14 → 0.5.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/components/SmartlinksAuthUI.d.ts.map +1 -1
package/dist/index.esm.js +62 -5
package/dist/index.esm.js.map +1 -1
package/dist/index.js +62 -5
package/dist/index.js.map +1 -1
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -13108,8 +13108,48 @@ const useAuth = () => {
 };
 // VERSION: Update this when making changes to help identify which version is running
-const AUTH_UI_VERSION = '46';
+const AUTH_UI_VERSION = '47';
 const LOG_PREFIX = `[SmartlinksAuthUI:v${AUTH_UI_VERSION}]`;
+const PERMANENT_WHATSAPP_EXCHANGE_ERROR_CODES = new Set([
+    'TOKEN_ALREADY_USED',
+    'SESSION_ALREADY_USED',
+    'WHATSAPP_SESSION_ALREADY_USED',
+    'INVALID_TOKEN',
+    'TOKEN_EXPIRED',
+    'INVALID_SESSION',
+    'SESSION_EXPIRED',
+    'SESSION_NOT_FOUND',
+]);
+const getExchangeErrorCode = (error) => {
+    if (!error || typeof error !== 'object')
+        return undefined;
+    const err = error;
+    return err.errorCode || err.details?.errorCode || err.details?.error || err.response?.data?.errorCode || err.response?.data?.error;
+};
+const getExchangeErrorStatus = (error) => {
+    if (!error || typeof error !== 'object')
+        return undefined;
+    const err = error;
+    return err.statusCode || err.status || err.response?.status;
+};
+const getExchangeErrorMessage = (error) => {
+    if (error instanceof Error)
+        return error.message || '';
+    if (!error || typeof error !== 'object')
+        return '';
+    const err = error;
+    return err.message || err.details?.message || err.response?.data?.message || '';
+};
+const isPermanentWhatsAppExchangeError = (error) => {
+    const errorCode = getExchangeErrorCode(error)?.toUpperCase();
+    if (errorCode && PERMANENT_WHATSAPP_EXCHANGE_ERROR_CODES.has(errorCode)) {
+        return true;
+    }
+    const status = getExchangeErrorStatus(error);
+    const message = getExchangeErrorMessage(error).toLowerCase();
+    const looksPermanentMessage = /(already used|already been used|session.*used|expired|invalid|not found|consumed)/i.test(message);
+    return looksPermanentMessage && [400, 401, 404, 409, 410].includes(status ?? -1);
+};
 // Normalize malformed query strings where a second '?' is used instead of '&'.
 // Some host platforms append "?mode=...&token=..." to a URL that already has a "?pageId=...",
 // resulting in "?pageId=xxx?mode=resetPassword&token=yyy". Convert any extra '?' to '&'
@@ -13132,7 +13172,10 @@ const appendWhatsAppResumeParams = (url, token) => {
         else {
             nextUrl.searchParams.delete('token');
         }
-        return nextUrl.toString();
+        const serializedUrl = nextUrl.toString();
+        return token === '{{token}}'
+            ? serializedUrl.replace(encodeURIComponent(token), token)
+            : serializedUrl;
     }
     catch {
         return url;
@@ -13202,7 +13245,7 @@ const interpolateReply = (input, vars) => {
         .replace(/\{\{\s*phoneNumber\s*\}\}/gi, vars.phoneNumber?.trim() || '')
         .replace(/\{\{\s*returnUrl\s*\}\}/gi, vars.returnUrl?.trim() || '')
         .replace(/\{\{\s*clientId\s*\}\}/gi, vars.clientId?.trim() || '')
-        .replace(/\{\{\s*token\s*\}\}/gi, vars.token?.trim() || '');
+        .replace(/\{\{\s*token\s*\}\}/gi, vars.token === undefined ? '{{token}}' : vars.token.trim());
 };
 const buildWhatsAppReply = (cfg, vars) => {
     if (!cfg)
@@ -14751,10 +14794,11 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
             // Resolve reply config: per-call prop wins, otherwise fall back to AuthKit default.
             const replyConfig = whatsappReply ?? config?.whatsappReply;
             const effectiveRedirectUrl = getRedirectUrl();
+            const resumableRedirectUrl = appendWhatsAppResumeParams(effectiveRedirectUrl, '{{token}}');
             const reply = buildWhatsAppReply(replyConfig, {
                 name: displayName,
                 clientName,
-                returnUrl: effectiveRedirectUrl,
+                returnUrl: resumableRedirectUrl,
                 clientId,
             });
             // Resolve outbound prefill message: per-call prop wins, then AuthKit default.
@@ -14764,7 +14808,7 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
             // formed session.user — no follow-up updateProfile call needed.
             const trimmedName = displayName?.trim() || undefined;
             const contactData = trimmedName ? { name: trimmedName } : undefined;
-            const result = await api.sendWhatsApp(effectiveRedirectUrl, undefined, reply, prefillMessage, contactData);
+            const result = await api.sendWhatsApp(resumableRedirectUrl, undefined, reply, prefillMessage, contactData);
             whatsappSendRef.current = {
                 token: result.token,
                 sessionKey: result.sessionKey,
@@ -14807,6 +14851,10 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
             try {
                 await updatePendingWhatsAppSession({ exchangeStartedAt: Date.now() });
                 const session = await api.exchangeWhatsAppSession(send.token, send.sessionKey);
+                const resultErrorMessage = getActionResultErrorMessage(session);
+                if (resultErrorMessage) {
+                    throw Object.assign(new Error(resultErrorMessage), session);
+                }
                 if (session?.token && session.user) {
                     await auth.login(session.token, session.user, session.accountData, true, getExpirationFromResponse(session));
                     if (!proxyMode) {
@@ -14819,6 +14867,15 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
                 }
             }
             catch (err) {
+                if (isPermanentWhatsAppExchangeError(err)) {
+                    log.warn('WhatsApp session exchange failed permanently; clearing stale pending session:', err);
+                    setAuthSuccess(false);
+                    setSuccessMessage(undefined);
+                    setError('This WhatsApp sign-in session has already been used or expired. Please start again.');
+                    setRestoredWhatsAppSend(null);
+                    await clearPendingWhatsAppSession();
+                    return true;
+                }
                 const latestPending = await loadPendingWhatsAppSession();
                 if (!latestPending) {
                     return true;