@proveanything/smartlinks-auth-ui 0.5.15 → 0.5.16

package/dist/index.js

@@ -13108,8 +13108,48 @@ const useAuth = () => {
 };
 
 // VERSION: Update this when making changes to help identify which version is running
-const AUTH_UI_VERSION = '46';
+const AUTH_UI_VERSION = '47';
 const LOG_PREFIX = `[SmartlinksAuthUI:v${AUTH_UI_VERSION}]`;
+const PERMANENT_WHATSAPP_EXCHANGE_ERROR_CODES = new Set([
+    'TOKEN_ALREADY_USED',
+    'SESSION_ALREADY_USED',
+    'WHATSAPP_SESSION_ALREADY_USED',
+    'INVALID_TOKEN',
+    'TOKEN_EXPIRED',
+    'INVALID_SESSION',
+    'SESSION_EXPIRED',
+    'SESSION_NOT_FOUND',
+]);
+const getExchangeErrorCode = (error) => {
+    if (!error || typeof error !== 'object')
+        return undefined;
+    const err = error;
+    return err.errorCode || err.details?.errorCode || err.details?.error || err.response?.data?.errorCode || err.response?.data?.error;
+};
+const getExchangeErrorStatus = (error) => {
+    if (!error || typeof error !== 'object')
+        return undefined;
+    const err = error;
+    return err.statusCode || err.status || err.response?.status;
+};
+const getExchangeErrorMessage = (error) => {
+    if (error instanceof Error)
+        return error.message || '';
+    if (!error || typeof error !== 'object')
+        return '';
+    const err = error;
+    return err.message || err.details?.message || err.response?.data?.message || '';
+};
+const isPermanentWhatsAppExchangeError = (error) => {
+    const errorCode = getExchangeErrorCode(error)?.toUpperCase();
+    if (errorCode && PERMANENT_WHATSAPP_EXCHANGE_ERROR_CODES.has(errorCode)) {
+        return true;
+    }
+    const status = getExchangeErrorStatus(error);
+    const message = getExchangeErrorMessage(error).toLowerCase();
+    const looksPermanentMessage = /(already used|already been used|session.*used|expired|invalid|not found|consumed)/i.test(message);
+    return looksPermanentMessage && [400, 401, 404, 409, 410].includes(status ?? -1);
+};
 // Normalize malformed query strings where a second '?' is used instead of '&'.
 // Some host platforms append "?mode=...&token=..." to a URL that already has a "?pageId=...",
 // resulting in "?pageId=xxx?mode=resetPassword&token=yyy". Convert any extra '?' to '&'
@@ -14811,6 +14851,10 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
             try {
                 await updatePendingWhatsAppSession({ exchangeStartedAt: Date.now() });
                 const session = await api.exchangeWhatsAppSession(send.token, send.sessionKey);
+                const resultErrorMessage = getActionResultErrorMessage(session);
+                if (resultErrorMessage) {
+                    throw Object.assign(new Error(resultErrorMessage), session);
+                }
                 if (session?.token && session.user) {
                     await auth.login(session.token, session.user, session.accountData, true, getExpirationFromResponse(session));
                     if (!proxyMode) {
@@ -14823,6 +14867,15 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
                 }
             }
             catch (err) {
+                if (isPermanentWhatsAppExchangeError(err)) {
+                    log.warn('WhatsApp session exchange failed permanently; clearing stale pending session:', err);
+                    setAuthSuccess(false);
+                    setSuccessMessage(undefined);
+                    setError('This WhatsApp sign-in session has already been used or expired. Please start again.');
+                    setRestoredWhatsAppSend(null);
+                    await clearPendingWhatsAppSession();
+                    return true;
+                }
                 const latestPending = await loadPendingWhatsAppSession();
                 if (!latestPending) {
                     return true;