@proveanything/smartlinks-auth-ui 0.6.0 → 0.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api.d.ts +12 -1
- package/dist/api.d.ts.map +1 -1
- package/dist/components/SmartlinksAuthUI.d.ts.map +1 -1
- package/dist/index.esm.js +40 -5
- package/dist/index.esm.js.map +1 -1
- package/dist/index.js +40 -5
- package/dist/index.js.map +1 -1
- package/package.json +3 -3
package/dist/index.js
CHANGED
|
@@ -11502,6 +11502,17 @@ class AuthAPI {
|
|
|
11502
11502
|
throw error;
|
|
11503
11503
|
}
|
|
11504
11504
|
}
|
|
11505
|
+
/**
|
|
11506
|
+
* Complete a password reset OR accept an invite by setting the first password.
|
|
11507
|
+
*
|
|
11508
|
+
* The backend distinguishes the two flows via the token's `metadata.invitedBy`:
|
|
11509
|
+
* - Plain password reset → returns `{ success, message }` only.
|
|
11510
|
+
* - Invite acceptance under `verify-auto-login` → returns a full session
|
|
11511
|
+
* (`token`, `user`, `accountData`, and on native: refresh-token fields)
|
|
11512
|
+
* so the kit can log the user straight in without bouncing them to /login.
|
|
11513
|
+
*
|
|
11514
|
+
* See: SDK_AUTHKIT_REFRESH_TOKENS / "Invite Auto-Login" spec.
|
|
11515
|
+
*/
|
|
11505
11516
|
async completePasswordReset(token, newPassword) {
|
|
11506
11517
|
return smartlinks__namespace.authKit.completePasswordReset(this.clientId, token, newPassword);
|
|
11507
11518
|
}
|
|
@@ -14132,7 +14143,13 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
|
|
|
14132
14143
|
if (urlMode === 'verifyEmail') {
|
|
14133
14144
|
log.log('Verifying email with token:', token);
|
|
14134
14145
|
const response = await api.verifyEmailWithToken(token);
|
|
14135
|
-
log.log('Email verification response:', { hasToken: !!response
|
|
14146
|
+
log.log('Email verification response:', { hasToken: !!response?.token, hasUser: !!response?.user, emailVerificationMode: response?.emailVerificationMode, isNewUser: response?.isNewUser });
|
|
14147
|
+
// Detect resolved-error shapes (proxy mode serializes errors instead of throwing).
|
|
14148
|
+
// Common case: sign-up intent claim / verification token already consumed → route to login.
|
|
14149
|
+
const resolvedErrorMessage = getActionResultErrorMessage(response);
|
|
14150
|
+
if (resolvedErrorMessage || !response) {
|
|
14151
|
+
throw new Error(resolvedErrorMessage || 'This verification link has already been used or has expired.');
|
|
14152
|
+
}
|
|
14136
14153
|
// Get email verification mode from response or config
|
|
14137
14154
|
const verificationMode = response.emailVerificationMode || config?.emailVerification?.mode || 'verify-auto-login';
|
|
14138
14155
|
if ((verificationMode === 'verify-auto-login' || verificationMode === 'immediate') && response.token) {
|
|
@@ -14194,7 +14211,12 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
|
|
|
14194
14211
|
else if (urlMode === 'magicLink') {
|
|
14195
14212
|
log.log('Verifying magic link token:', token);
|
|
14196
14213
|
const response = await api.verifyMagicLink(token);
|
|
14197
|
-
log.log('Magic link verification response:', { hasToken: !!response
|
|
14214
|
+
log.log('Magic link verification response:', { hasToken: !!response?.token, hasUser: !!response?.user, isNewUser: response?.isNewUser });
|
|
14215
|
+
// Detect resolved-error shapes (proxy mode serializes errors instead of throwing).
|
|
14216
|
+
const resolvedMagicError = getActionResultErrorMessage(response);
|
|
14217
|
+
if (resolvedMagicError || !response) {
|
|
14218
|
+
throw new Error(resolvedMagicError || 'This magic link has already been used or has expired.');
|
|
14219
|
+
}
|
|
14198
14220
|
// Auto-login with magic link if token is provided
|
|
14199
14221
|
if (response.token) {
|
|
14200
14222
|
// Always await - auth.login now waits for parent ack automatically in iframe mode
|
|
@@ -15024,9 +15046,22 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
|
|
|
15024
15046
|
const effectiveRedirectUrl = getRedirectUrl();
|
|
15025
15047
|
try {
|
|
15026
15048
|
if (resetToken && confirmPassword) {
|
|
15027
|
-
// Complete password reset with token
|
|
15028
|
-
await api.completePasswordReset(resetToken, emailOrPassword);
|
|
15029
|
-
//
|
|
15049
|
+
// Complete password reset (or invite acceptance) with token
|
|
15050
|
+
const completeResponse = await api.completePasswordReset(resetToken, emailOrPassword);
|
|
15051
|
+
// Invite acceptance under verify-auto-login: backend returns a full session.
|
|
15052
|
+
// Adopt it directly — same pattern as verifyEmail / verifyMagicLink — and skip /login.
|
|
15053
|
+
if (completeResponse?.token && completeResponse.user) {
|
|
15054
|
+
log.log('complete-reset returned a session (invite auto-login), adopting it');
|
|
15055
|
+
await auth.login(completeResponse.token, completeResponse.user, completeResponse.accountData, true, getExpirationFromResponse(completeResponse), completeResponse.refreshToken, completeResponse.refreshTokenExpiresAt);
|
|
15056
|
+
setAuthSuccess(true);
|
|
15057
|
+
setSuccessMessage('Welcome! Your account is ready.');
|
|
15058
|
+
onAuthSuccess(completeResponse.token, completeResponse.user, completeResponse.accountData);
|
|
15059
|
+
setResetToken(undefined);
|
|
15060
|
+
setResetEmail(undefined);
|
|
15061
|
+
return;
|
|
15062
|
+
}
|
|
15063
|
+
// Plain password reset: no session returned. Try auto-login with the new password
|
|
15064
|
+
// if we have the email on hand.
|
|
15030
15065
|
if (resetEmail) {
|
|
15031
15066
|
try {
|
|
15032
15067
|
log.log('Auto-login after password reset for:', resetEmail);
|