@proveanything/smartlinks-auth-ui 0.6.0 → 0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api.d.ts +12 -1
- package/dist/api.d.ts.map +1 -1
- package/dist/components/SmartlinksAuthUI.d.ts.map +1 -1
- package/dist/index.esm.js +27 -3
- package/dist/index.esm.js.map +1 -1
- package/dist/index.js +27 -3
- package/dist/index.js.map +1 -1
- package/package.json +3 -3
package/dist/index.js
CHANGED
|
@@ -11502,6 +11502,17 @@ class AuthAPI {
|
|
|
11502
11502
|
throw error;
|
|
11503
11503
|
}
|
|
11504
11504
|
}
|
|
11505
|
+
/**
|
|
11506
|
+
* Complete a password reset OR accept an invite by setting the first password.
|
|
11507
|
+
*
|
|
11508
|
+
* The backend distinguishes the two flows via the token's `metadata.invitedBy`:
|
|
11509
|
+
* - Plain password reset → returns `{ success, message }` only.
|
|
11510
|
+
* - Invite acceptance under `verify-auto-login` → returns a full session
|
|
11511
|
+
* (`token`, `user`, `accountData`, and on native: refresh-token fields)
|
|
11512
|
+
* so the kit can log the user straight in without bouncing them to /login.
|
|
11513
|
+
*
|
|
11514
|
+
* See: SDK_AUTHKIT_REFRESH_TOKENS / "Invite Auto-Login" spec.
|
|
11515
|
+
*/
|
|
11505
11516
|
async completePasswordReset(token, newPassword) {
|
|
11506
11517
|
return smartlinks__namespace.authKit.completePasswordReset(this.clientId, token, newPassword);
|
|
11507
11518
|
}
|
|
@@ -15024,9 +15035,22 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
|
|
|
15024
15035
|
const effectiveRedirectUrl = getRedirectUrl();
|
|
15025
15036
|
try {
|
|
15026
15037
|
if (resetToken && confirmPassword) {
|
|
15027
|
-
// Complete password reset with token
|
|
15028
|
-
await api.completePasswordReset(resetToken, emailOrPassword);
|
|
15029
|
-
//
|
|
15038
|
+
// Complete password reset (or invite acceptance) with token
|
|
15039
|
+
const completeResponse = await api.completePasswordReset(resetToken, emailOrPassword);
|
|
15040
|
+
// Invite acceptance under verify-auto-login: backend returns a full session.
|
|
15041
|
+
// Adopt it directly — same pattern as verifyEmail / verifyMagicLink — and skip /login.
|
|
15042
|
+
if (completeResponse?.token && completeResponse.user) {
|
|
15043
|
+
log.log('complete-reset returned a session (invite auto-login), adopting it');
|
|
15044
|
+
await auth.login(completeResponse.token, completeResponse.user, completeResponse.accountData, true, getExpirationFromResponse(completeResponse), completeResponse.refreshToken, completeResponse.refreshTokenExpiresAt);
|
|
15045
|
+
setAuthSuccess(true);
|
|
15046
|
+
setSuccessMessage('Welcome! Your account is ready.');
|
|
15047
|
+
onAuthSuccess(completeResponse.token, completeResponse.user, completeResponse.accountData);
|
|
15048
|
+
setResetToken(undefined);
|
|
15049
|
+
setResetEmail(undefined);
|
|
15050
|
+
return;
|
|
15051
|
+
}
|
|
15052
|
+
// Plain password reset: no session returned. Try auto-login with the new password
|
|
15053
|
+
// if we have the email on hand.
|
|
15030
15054
|
if (resetEmail) {
|
|
15031
15055
|
try {
|
|
15032
15056
|
log.log('Auto-login after password reset for:', resetEmail);
|