@reauth-dev/sdk 0.1.0 → 0.2.0

package/dist/{chunk-JX2J36FS.mjs → chunk-DMNMTW2C.mjs}

@@ -1,6 +1,25 @@
+import {
+  DEFAULT_TIMEOUT_MS
+} from "./chunk-EY5LQCDG.mjs";
+
 // src/client.ts
+function assertHttpsUrl(url) {
+  let parsed;
+  try {
+    parsed = new URL(url);
+  } catch {
+    throw new Error("URL must use HTTPS");
+  }
+  if (parsed.protocol !== "https:") {
+    throw new Error("URL must use HTTPS");
+  }
+}
 function createReauthClient(config) {
   const { domain } = config;
+  if (config.timeout !== void 0 && (!Number.isFinite(config.timeout) || config.timeout <= 0)) {
+    throw new Error("timeout must be a positive finite number in milliseconds");
+  }
+  const timeoutMs = config.timeout ?? DEFAULT_TIMEOUT_MS;
   const baseUrl = `https://reauth.${domain}/api/public`;
   return {
     /**
@@ -19,35 +38,47 @@ function createReauthClient(config) {
      */
     async getSession() {
       const res = await fetch(`${baseUrl}/auth/session`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
+      if (!res.ok) {
+        throw new Error(`Failed to get session: ${res.status}`);
+      }
       return res.json();
     },
     /**
      * Refresh the access token using the refresh token.
      * Call this when getSession() returns valid: false but no error_code.
-     * @returns true if refresh succeeded, false otherwise
+     * @throws Error on failed refresh (401) or server error
      */
     async refresh() {
       const res = await fetch(`${baseUrl}/auth/refresh`, {
         method: "POST",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      return res.ok;
+      if (!res.ok) {
+        throw new Error(`Failed to refresh: ${res.status}`);
+      }
     },
     /**
      * Get an access token for Bearer authentication.
      * Use this when calling your own API that uses local token verification.
      *
-     * @returns TokenResponse with access token, or null if not authenticated
+     * @returns TokenResponse with access token, or null if not authenticated or network unreachable
+     * @throws Error on server errors (non-401 HTTP status codes) or request timeout
      *
      * @example
      * ```typescript
-     * const tokenResponse = await reauth.getToken();
-     * if (tokenResponse) {
-     *   fetch('/api/data', {
-     *     headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
-     *   });
+     * try {
+     *   const tokenResponse = await reauth.getToken();
+     *   if (tokenResponse) {
+     *     fetch('/api/data', {
+     *       headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
+     *     });
+     *   }
+     * } catch (err) {
+     *   // Server error or timeout — do not log the user out
      * }
      * ```
      */
@@ -55,7 +86,8 @@ function createReauthClient(config) {
       try {
         const res = await fetch(`${baseUrl}/auth/token`, {
           method: "GET",
-          credentials: "include"
+          credentials: "include",
+          signal: AbortSignal.timeout(timeoutMs)
         });
         if (!res.ok) {
           if (res.status === 401) return null;
@@ -67,29 +99,38 @@ function createReauthClient(config) {
           expiresIn: data.expires_in,
           tokenType: data.token_type
         };
-      } catch {
-        return null;
+      } catch (err) {
+        if (err instanceof TypeError) return null;
+        throw err;
       }
     },
     /**
      * Log out the user by clearing all session cookies.
+     * @throws Error on server error
      */
     async logout() {
-      await fetch(`${baseUrl}/auth/logout`, {
+      const res = await fetch(`${baseUrl}/auth/logout`, {
         method: "POST",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
+      if (!res.ok) {
+        throw new Error(`Failed to logout: ${res.status}`);
+      }
     },
     /**
      * Delete the user's own account (self-service).
-     * @returns true if deletion succeeded, false otherwise
+     * @throws Error on permission denied or server error
      */
     async deleteAccount() {
       const res = await fetch(`${baseUrl}/auth/account`, {
         method: "DELETE",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      return res.ok;
+      if (!res.ok) {
+        throw new Error(`Failed to delete account: ${res.status}`);
+      }
     },
     // ========================================================================
     // Billing Methods
@@ -97,12 +138,16 @@ function createReauthClient(config) {
     /**
      * Get available subscription plans for the domain.
      * Only returns public plans sorted by display order.
+     * @throws Error on server error
      */
     async getPlans() {
       const res = await fetch(`${baseUrl}/billing/plans`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      if (!res.ok) return [];
+      if (!res.ok) {
+        throw new Error(`Failed to get plans: ${res.status}`);
+      }
       const data = await res.json();
       return data.map(
         (p) => ({
@@ -115,8 +160,17 @@ function createReauthClient(config) {
           interval: p.interval,
           intervalCount: p.interval_count,
           trialDays: p.trial_days,
-          features: p.features,
-          displayOrder: p.display_order
+          features: p.features.map((f) => ({
+            code: f.code,
+            name: f.name,
+            featureType: f.feature_type,
+            numericValue: f.numeric_value,
+            unitLabel: f.unit_label
+          })),
+          displayOrder: p.display_order,
+          creditsAmount: p.credits_amount,
+          planType: p.plan_type,
+          contactUrl: p.contact_url
         })
       );
     },
@@ -125,8 +179,12 @@ function createReauthClient(config) {
      */
     async getSubscription() {
       const res = await fetch(`${baseUrl}/billing/subscription`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
+      if (!res.ok) {
+        throw new Error(`Failed to get subscription: ${res.status}`);
+      }
       const data = await res.json();
       return {
         id: data.id,
@@ -150,6 +208,7 @@ function createReauthClient(config) {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs),
         body: JSON.stringify({
           plan_code: planCode,
           success_url: successUrl,
@@ -178,6 +237,7 @@ function createReauthClient(config) {
         currentUrl,
         currentUrl
       );
+      assertHttpsUrl(checkoutUrl);
       window.location.href = checkoutUrl;
     },
     /**
@@ -192,6 +252,7 @@ function createReauthClient(config) {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs),
         body: JSON.stringify({
           return_url: returnUrl || window.location.href
         })
@@ -200,18 +261,22 @@ function createReauthClient(config) {
         throw new Error("Failed to open billing portal");
       }
       const data = await res.json();
+      assertHttpsUrl(data.portal_url);
       window.location.href = data.portal_url;
     },
     /**
      * Cancel the user's subscription at period end.
-     * @returns true if cancellation succeeded
+     * @throws Error on failure or server error
      */
     async cancelSubscription() {
       const res = await fetch(`${baseUrl}/billing/cancel`, {
         method: "POST",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      return res.ok;
+      if (!res.ok) {
+        throw new Error(`Failed to cancel subscription: ${res.status}`);
+      }
     },
     // ========================================================================
     // Balance Methods
@@ -222,13 +287,15 @@ function createReauthClient(config) {
      */
     async getBalance() {
       const res = await fetch(`${baseUrl}/balance`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
       if (!res.ok) {
         if (res.status === 401) throw new Error("Not authenticated");
         throw new Error(`Failed to get balance: ${res.status}`);
       }
-      return res.json();
+      const data = await res.json();
+      return { balance: data.balance };
     },
     /**
      * Get the current user's balance transaction history.
@@ -242,7 +309,7 @@ function createReauthClient(config) {
       const qs = params.toString();
       const res = await fetch(
         `${baseUrl}/balance/transactions${qs ? `?${qs}` : ""}`,
-        { credentials: "include" }
+        { credentials: "include", signal: AbortSignal.timeout(timeoutMs) }
       );
       if (!res.ok) {
         if (res.status === 401) throw new Error("Not authenticated");

package/dist/chunk-EY5LQCDG.mjs

@@ -0,0 +1,6 @@
+// src/types.ts
+var DEFAULT_TIMEOUT_MS = 1e4;
+
+export {
+  DEFAULT_TIMEOUT_MS
+};

package/dist/index.d.mts

@@ -1,5 +1,5 @@
-import { R as ReauthConfig, a as ReauthSession, T as TokenResponse, S as SubscriptionPlan, U as UserSubscription, C as CheckoutSession, b as TransactionsPaginationOptions, B as BalanceTransaction } from './types-D8oOYbeC.mjs';
-export { A as AuthResult, h as ChargeOptions, i as DepositOptions, D as DomainEndUserClaims, e as ReauthServerConfig, f as RequestLike, g as SubscriptionInfo, c as User, d as UserDetails } from './types-D8oOYbeC.mjs';
+import { R as ReauthConfig, a as ReauthSession, T as TokenResponse, S as SubscriptionPlan, U as UserSubscription, C as CheckoutSession, b as TransactionsPaginationOptions, B as BalanceTransaction } from './types-BqZzje-y.mjs';
+export { A as AuthResult, h as ChargeOptions, i as DepositOptions, D as DomainEndUserClaims, P as PlanFeature, e as ReauthServerConfig, f as RequestLike, g as SubscriptionInfo, c as User, d as UserDetails } from './types-BqZzje-y.mjs';
 
 /**
  * Create a reauth client for browser-side authentication.
@@ -32,38 +32,45 @@ declare function createReauthClient(config: ReauthConfig): {
     /**
      * Refresh the access token using the refresh token.
      * Call this when getSession() returns valid: false but no error_code.
-     * @returns true if refresh succeeded, false otherwise
+     * @throws Error on failed refresh (401) or server error
      */
-    refresh(): Promise<boolean>;
+    refresh(): Promise<void>;
     /**
      * Get an access token for Bearer authentication.
      * Use this when calling your own API that uses local token verification.
      *
-     * @returns TokenResponse with access token, or null if not authenticated
+     * @returns TokenResponse with access token, or null if not authenticated or network unreachable
+     * @throws Error on server errors (non-401 HTTP status codes) or request timeout
      *
      * @example
      * ```typescript
-     * const tokenResponse = await reauth.getToken();
-     * if (tokenResponse) {
-     *   fetch('/api/data', {
-     *     headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
-     *   });
+     * try {
+     *   const tokenResponse = await reauth.getToken();
+     *   if (tokenResponse) {
+     *     fetch('/api/data', {
+     *       headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
+     *     });
+     *   }
+     * } catch (err) {
+     *   // Server error or timeout — do not log the user out
      * }
      * ```
      */
     getToken(): Promise<TokenResponse | null>;
     /**
      * Log out the user by clearing all session cookies.
+     * @throws Error on server error
      */
     logout(): Promise<void>;
     /**
      * Delete the user's own account (self-service).
-     * @returns true if deletion succeeded, false otherwise
+     * @throws Error on permission denied or server error
      */
-    deleteAccount(): Promise<boolean>;
+    deleteAccount(): Promise<void>;
     /**
      * Get available subscription plans for the domain.
      * Only returns public plans sorted by display order.
+     * @throws Error on server error
      */
     getPlans(): Promise<SubscriptionPlan[]>;
     /**
@@ -91,9 +98,9 @@ declare function createReauthClient(config: ReauthConfig): {
     openBillingPortal(returnUrl?: string): Promise<void>;
     /**
      * Cancel the user's subscription at period end.
-     * @returns true if cancellation succeeded
+     * @throws Error on failure or server error
      */
-    cancelSubscription(): Promise<boolean>;
+    cancelSubscription(): Promise<void>;
     /**
      * Get the current user's balance.
      * @returns Object with the current balance
@@ -124,4 +131,4 @@ type ReauthError = {
 };
 declare function requiresOAuthRestart(error: ReauthError | null | undefined): boolean;
 
-export { BalanceTransaction, type ReauthClient, ReauthConfig, type ReauthError, ReauthErrorCode, ReauthSession, TokenResponse, TransactionsPaginationOptions, createReauthClient, requiresOAuthRestart };
+export { BalanceTransaction, type ReauthClient, ReauthConfig, type ReauthError, ReauthErrorCode, ReauthSession, SubscriptionPlan, TokenResponse, TransactionsPaginationOptions, createReauthClient, requiresOAuthRestart };

package/dist/index.d.ts

@@ -1,5 +1,5 @@
-import { R as ReauthConfig, a as ReauthSession, T as TokenResponse, S as SubscriptionPlan, U as UserSubscription, C as CheckoutSession, b as TransactionsPaginationOptions, B as BalanceTransaction } from './types-D8oOYbeC.js';
-export { A as AuthResult, h as ChargeOptions, i as DepositOptions, D as DomainEndUserClaims, e as ReauthServerConfig, f as RequestLike, g as SubscriptionInfo, c as User, d as UserDetails } from './types-D8oOYbeC.js';
+import { R as ReauthConfig, a as ReauthSession, T as TokenResponse, S as SubscriptionPlan, U as UserSubscription, C as CheckoutSession, b as TransactionsPaginationOptions, B as BalanceTransaction } from './types-BqZzje-y.js';
+export { A as AuthResult, h as ChargeOptions, i as DepositOptions, D as DomainEndUserClaims, P as PlanFeature, e as ReauthServerConfig, f as RequestLike, g as SubscriptionInfo, c as User, d as UserDetails } from './types-BqZzje-y.js';
 
 /**
  * Create a reauth client for browser-side authentication.
@@ -32,38 +32,45 @@ declare function createReauthClient(config: ReauthConfig): {
     /**
      * Refresh the access token using the refresh token.
      * Call this when getSession() returns valid: false but no error_code.
-     * @returns true if refresh succeeded, false otherwise
+     * @throws Error on failed refresh (401) or server error
      */
-    refresh(): Promise<boolean>;
+    refresh(): Promise<void>;
     /**
      * Get an access token for Bearer authentication.
      * Use this when calling your own API that uses local token verification.
      *
-     * @returns TokenResponse with access token, or null if not authenticated
+     * @returns TokenResponse with access token, or null if not authenticated or network unreachable
+     * @throws Error on server errors (non-401 HTTP status codes) or request timeout
      *
      * @example
      * ```typescript
-     * const tokenResponse = await reauth.getToken();
-     * if (tokenResponse) {
-     *   fetch('/api/data', {
-     *     headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
-     *   });
+     * try {
+     *   const tokenResponse = await reauth.getToken();
+     *   if (tokenResponse) {
+     *     fetch('/api/data', {
+     *       headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
+     *     });
+     *   }
+     * } catch (err) {
+     *   // Server error or timeout — do not log the user out
      * }
      * ```
      */
     getToken(): Promise<TokenResponse | null>;
     /**
      * Log out the user by clearing all session cookies.
+     * @throws Error on server error
      */
     logout(): Promise<void>;
     /**
      * Delete the user's own account (self-service).
-     * @returns true if deletion succeeded, false otherwise
+     * @throws Error on permission denied or server error
      */
-    deleteAccount(): Promise<boolean>;
+    deleteAccount(): Promise<void>;
     /**
      * Get available subscription plans for the domain.
      * Only returns public plans sorted by display order.
+     * @throws Error on server error
      */
     getPlans(): Promise<SubscriptionPlan[]>;
     /**
@@ -91,9 +98,9 @@ declare function createReauthClient(config: ReauthConfig): {
     openBillingPortal(returnUrl?: string): Promise<void>;
     /**
      * Cancel the user's subscription at period end.
-     * @returns true if cancellation succeeded
+     * @throws Error on failure or server error
      */
-    cancelSubscription(): Promise<boolean>;
+    cancelSubscription(): Promise<void>;
     /**
      * Get the current user's balance.
      * @returns Object with the current balance
@@ -124,4 +131,4 @@ type ReauthError = {
 };
 declare function requiresOAuthRestart(error: ReauthError | null | undefined): boolean;
 
-export { BalanceTransaction, type ReauthClient, ReauthConfig, type ReauthError, ReauthErrorCode, ReauthSession, TokenResponse, TransactionsPaginationOptions, createReauthClient, requiresOAuthRestart };
+export { BalanceTransaction, type ReauthClient, ReauthConfig, type ReauthError, ReauthErrorCode, ReauthSession, SubscriptionPlan, TokenResponse, TransactionsPaginationOptions, createReauthClient, requiresOAuthRestart };